In fact, I was working to block HTTPS Facebook in Pfsense Firewall. Facebook works on HTTPS and there are some tutorials that help you to install “Squid3” Development Package on pfSense to configure pfSense for blocking some of websites but I found issues with it and it wasn’t worthy for my work environment along with “blocking Facebook with pfSense”. I have tried many of tutorials to block Facebook on pfSense box and some of them works but these also blocks some other HTTPS services. Finally, I block Facebook on pfSense with Facebook IP Addresses. I know, it might be quite funny or awkward but it’s the solution that leaves no stone to your efforts and users cannot access it with IP Address, HTTP or HTTPS or with other Facebook TLDs. Let’s get started;
Block HTTPS Facebook In pfSense Firewall
- Firstly, You need to find OriginAS or AS number of Facebook IP registration.
- In fact, I found Facebook AS numbers “AS32934” and “AS32934” on this https://www.facebook.com/peering/ URL.
- Then, I used below command on my internet connected Linux Terminal to get all Facebook IP Addresses.
whois -h whois.radb.net '!gAS32934'
- Now, access your pfSense and create new Alias with any distinguished name like “FacebookBlock”;
- Further, you can find two type of Alias.
- Network(s) – do mention all IPs that you get from above command;
- URL – do create a text file containing all IP Addresses and upload to some Web Server and give that path in pfSense.
- Then, Go to Firewall.
- Click on Rules
- Click on LAN to create a new Rule.
- Create and Move on Top (where you like to block for all users) to all Rules.
- Select – Block/Reject all
- In the section “Instead IP Address” , Simple put FacebookBlock, previously created in Alias.
- Save and Save Changes
Of course, you can check it now and you have successfully block Facebook for all applicable users in your network.