Hello,
Does anyone know how to block certain sites like TPB, KickMyAss, etc. so that users would not be able to access them when they are on VPN?
Hope to get replies soon.
Thanks! Much appreciated!
Regards,
Andy
Block Certain Sites
-
thisjun
- Posts: 2458
- Joined: Mon Feb 24, 2014 11:03 am
Re: Block Certain Sites
Please use access list function.
https://www.softether.org/4-docs/1-manu ... ccess_List
https://www.softether.org/4-docs/1-manu ... ccess_List
-
501ari5
- Posts: 12
- Joined: Wed Jun 24, 2015 10:04 pm
Re: Block Certain Sites
Hi!
Thanks for your reply. Although the "Access Lists" could be a great implementation to block specific IP segments, the domains are not blocked. Do you know any approaches to block those domains so they would be inaccessible?
Just tried editing /etc/hosts to redirect those sites back to 127.0.0.1, and had the /etc/resolv.conf to contain "nameserver 127.0.0.1" at the top of the document, but the above did not seem to be working as those sites were still accessible.
Server Configurations:
1. SoftEther VPN via Local Bridge with the help of “dnsmasq”.
2. "/etc/hosts" contains sites to block and they are not reachable when "ping (domain.com)" is executed due to the redirection of hostnames for them to 127.0.0.1.
3. "nslookup (domain.com) 127.0.0.1" fails to comply with the "/etc/hosts" by revealing the real IP addresses of those sites which should be blocked.
4. "/etc/host.conf" contains the following below:
order hosts,bind
multi on
5. "/etc/nsswitch.conf" contains the following below:
hosts: files dns
Any ideas on how to block those sites effectively?
Hope to get your reply soon.
Thanks! Much appreciated!
Regards,
Andy
Thanks for your reply. Although the "Access Lists" could be a great implementation to block specific IP segments, the domains are not blocked. Do you know any approaches to block those domains so they would be inaccessible?
Just tried editing /etc/hosts to redirect those sites back to 127.0.0.1, and had the /etc/resolv.conf to contain "nameserver 127.0.0.1" at the top of the document, but the above did not seem to be working as those sites were still accessible.
Server Configurations:
1. SoftEther VPN via Local Bridge with the help of “dnsmasq”.
2. "/etc/hosts" contains sites to block and they are not reachable when "ping (domain.com)" is executed due to the redirection of hostnames for them to 127.0.0.1.
3. "nslookup (domain.com) 127.0.0.1" fails to comply with the "/etc/hosts" by revealing the real IP addresses of those sites which should be blocked.
4. "/etc/host.conf" contains the following below:
order hosts,bind
multi on
5. "/etc/nsswitch.conf" contains the following below:
hosts: files dns
Any ideas on how to block those sites effectively?
Hope to get your reply soon.
Thanks! Much appreciated!
Regards,
Andy
-
PaulC
- Posts: 26
- Joined: Mon Nov 02, 2015 12:18 am
Re: Block Certain Sites
I think it would be better to ensure your VPN users use a specific proxy in their browsers, etc and then put them through a content scanner or similar to then restrict where they can/can't go.
Something like http://quintolabs.com or http://www1.k9webprotection.com
Rgds
paul
Something like http://quintolabs.com or http://www1.k9webprotection.com
Rgds
paul