Page 1 of 1
Block Certain Sites
Posted: Mon Jan 11, 2016 11:40 pm
by 501ari5
Hello,
Does anyone know how to block certain sites like TPB, KickMyAss, etc. so that users would not be able to access them when they are on VPN?
Hope to get replies soon.
Thanks! Much appreciated!
Regards,
Andy
Re: Block Certain Sites
Posted: Thu Jan 21, 2016 7:27 am
by thisjun
Re: Block Certain Sites
Posted: Sun Feb 07, 2016 7:15 pm
by 501ari5
Hi!
Thanks for your reply. Although the "Access Lists" could be a great implementation to block specific IP segments, the domains are not blocked. Do you know any approaches to block those domains so they would be inaccessible?
Just tried editing /etc/hosts to redirect those sites back to 127.0.0.1, and had the /etc/resolv.conf to contain "nameserver 127.0.0.1" at the top of the document, but the above did not seem to be working as those sites were still accessible.
Server Configurations:
1. SoftEther VPN via Local Bridge with the help of “dnsmasq”.
2. "/etc/hosts" contains sites to block and they are not reachable when "ping (domain.com)" is executed due to the redirection of hostnames for them to 127.0.0.1.
3. "nslookup (domain.com) 127.0.0.1" fails to comply with the "/etc/hosts" by revealing the real IP addresses of those sites which should be blocked.
4. "/etc/host.conf" contains the following below:
order hosts,bind
multi on
5. "/etc/nsswitch.conf" contains the following below:
hosts: files dns
Any ideas on how to block those sites effectively?
Hope to get your reply soon.
Thanks! Much appreciated!
Regards,
Andy
Re: Block Certain Sites
Posted: Mon Feb 08, 2016 3:30 pm
by PaulC
I think it would be better to ensure your VPN users use a specific proxy in their browsers, etc and then put them through a content scanner or similar to then restrict where they can/can't go.
Something like
http://quintolabs.com or
http://www1.k9webprotection.com
Rgds
paul