Am Fri, 18 Oct 2013 18:02:55 -0500 (CDT) schrieb Eric Johnson <eri...@mathlab.gruver.net>:
> On Sat, 19 Oct 2013, Stefan Wollny wrote: > > > Hi there, > > > > having a personal dislike of Facebook (and the MeeToo-systems alike) > > for their impertinent sniffing for private data I tried on my > > laptop to block facebook.com via hosts-file. Interestingly this > > failed: Calling "http://www.facebook.com" always resulted in a > > lookup for "httpS://www.facebook.com" and the respective site > > showed up in the browser (tried firefox and xombrero). > > > > ... > > > > Curious if there is a particular (Open)BSD solution or simply how > > you 'guys and gals' would do it. > > > > Thank you for sharing your thoughts. > > One possibilty off the top of my head would be to log all DNS > requests to syslog and then use syslogc to get a live running stream > of DNS requests from a syslog memory buffer. Then whenever you see a > DNS request for anything to do with facebook, add the ip address of > the requestor to a pf table and block their web browsing. After > about three to five minutes, remove the ip address from the table. > > If every time they try to access facebook, their web browser quits > working for a few minutes they might get the message. > > Eric > Hi Eric, sounds pretty nifty to me - this is s.th. I might use at another site next year. But for my home-network probably a little oversized (though a good learning exercise :-) ). Anyway: Thank you for sharing! Regards, STEFAN Mit freundlichen Grüßen, STEFAN WOLLNY Regulatory Reporting Consultancy Tel.: +49 (0) 177 655 7875 Fax.: +49 (0) 3212 655 7875 Mail: ste...@wollny.de GnuPG-Key ID: 0x9C26F1D0