Well, Here is the best way (I mean the BEST) way to do it. Do not block facebook completely, but rather create schedules when you allow people to access it. For me, I suggest the following sched: 0000 - 0800 (Timeafterwork) 1300 - 1359 (TimeLunch) 1630 - 2300 (TimeafterHours) Install squid on the pfSense box and define time ACLs as well as dstdomain ACLs and time the two together. The destdomain ACLs can include all other sites I refer to TimeWastageSites (office time of course) :-) You have to put in place provisions for the head honcho and his/her henchpeople to be allowed access all the time though! You use ARP based ACL for that. Besides that, you can also use the squid as web cache and control streaming - which consumes much bandwidth. That's how I've done it in the few sites where I run pfSense. Just my 2 cents. On 8 July 2013 15:10, Chege <compulinekenya@gmail.com> wrote:
Hii All, Anyone who has successfully blocked Facebook with above ..including https://
Rgds
Chege
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 "I can't hear you -- I'm using the scrambler."