Hi i add this line into my squid.conf file:
In blacklist_domains file i add this:
But yet i cannot able to block https://www.facebook.com. Can any one help me?

The first step would be to have Squid proxy HTTPS traffic.

From the configuration it looks like Squid is only proxying for HTTP traffic.

Thanks for your reply. Can you please tell me how can i configure squid so that it can block both https and http trafic for facebook. I add this :

But yet it not working for https://www.facebook.com

I will give you these tips:

1) You can't proxy SSL traffic transparently as you currently do with HTTP.
2) You may need to terminate the SSL connection to the remote server at Squid, and have an entirely different SSL connection from the browser to Squid for the filter to work. This I'm unsure about.

Resources:

http://wiki.squid-cache.org/Features/HTTPS
http://wiki.squid-cache.org/Features/SslBump
https://calomel.org/squid.html

This should get you started. If you get stuck post back. If you're lucky someone with more commitment may implement a configuration for you.

You could just add
to your hosts file after all the other entries.

I tried in many way and post many times. But some person tell me that it is impossible to block https://www.facebook.com. So i need help to actually how can i do this? And in where of my configuration i need to change so that it block https://www.facebook.com

And 127.0.0.1 www.facebook.com is not applicable here because i had a proxy server and 20-30 people are connected to it. "127.0.0.1 www.facebook.com" is only block at host PC. Anyway thanks for your reply. But it not work anymore

That would need to be added to all the client machines on the network, as the OP isn't currently using Squid for HTTPS.

It's is not possible because no one give you the access of their PC. And even if they did, after some period of time when i am not in there they easily delete the entry and get full access. please if you do not know the proper solution please do not post something that looks very funny.

facebook can be blocked I have done it many times but not using squid.

Yeah sorry about that. I thought the OP may be just learning squid on his own PC and while my answer wasn't much help it would work if my assumption was correct. However without knowing his network setup it is difficult, for me, to give any advice so I will watch and learn.

No need to apologise. I made the assumption there was a number of client computers and a proxy server, I guess I was lucky.

tanin007, I have linked to several resources including a tutorial to get you started. I'm not going to regurgitate that information. It would be a waste of my time, and some specifics may get left out.

Reading http://www.comfsm.fm/computing/squid/FAQ-1.html#ss1.12 and http://www.ietf.org/rfc/rfc2817.txt I would make the assumption that it isn't necessary to terminate the SSL connection at Squid in order to implement blocking Facebook. Following the previously linked to tutorial should be sufficient.

Hi! I had the same problem recently which made me starting working on a project named BAN FACEBOOK SSL. I've created a page which generates a bash script. It grabs the classes of Facebook.com and created the iptables OUTPUT rules on the fly for you. Once you run it on the gateway (if that's linux based) it should work. I know that it can be done with FORWARD or PREROUTING and stuff, but you have to specify the interfaces and so on. So, this was the simplest way to do it . I will publish soon a bash script which grabs the classes of Facebook.com and applies the iptables rules straight away, created back-up of the initial firewall and so on. Use it with case: www.bfssl.tk (this is my project and don't forget to read the disclaimer).

If there's anyone having ideas or wants to contribute, please contact me.

Cheers,
Alex

1 members found this post helpful.