Squid proxy
we are using squid proxy filtering like accessing facebook from 12:00 - 13:00. Our users does not logged out and can still use facebook even after 13:00. How will I refresh their browser automatically so that they can stop accessing facebook after the time?
I am using RHEL4 |
till 12:00 is it blocking facebook?
|
squid proxy
from 12:00 - 13:00 only is allowed for accessing facebook
|
facebook uses https connection so if user will type https://facebook.com or https://fb.com can bypass your server anytime because in general squid does not understand https. like when user will google something restricted, squid does not understand it until will not open link and if the link is not https than squid is making action. If you only use iptables as your firewall you can make a cron job with script to add list of facebook servers and block any type of connection with tcp or udp ports. list is not small but I think this is best solution because just anytime type https://facebook.com you can bypass server. with this script you can obtain ip addresses of facebook servers.
whois -h whois.radb.net -- '-i origin AS32934' | grep ^route | grep -v route6 | cut -d" " -f7 > /fb_ip_list this method is working. If anyone has idea better i will shear it with great pleasure good luck ;) |
All times are GMT -5. The time now is 01:45 AM. |