IPCOP with URLFilter and preventing user to access facebook

Sl33py

Well-Known Member
Joined
Mar 11, 2009
Messages
262
Reaction score
0
Location
East London
I have setup IPCOP with Advance proxy and URL Filter on my one network. I am blocking the users from Facebook as they spend hours on it and used a lot of bandwidth. My usage dropped from 5GB to 2 GB by preventing them from accessing Facebook, YouTube and downloading files bigger than 5MB.

I have discovered though that there are quite a few websites on the internet that will allow the user to browse the banned site with their website. I have selected to block the proxy category but it does not help. I don’t know if they have caught onto this and I don’t want to go through all the proxy logs to check what sites have been visited. Any ideas?
 
I believe there is a plugin to update rulesets. The wittle wabbits will find ways around a simple block, but with a ruleset+subscription system you can have your rule and another rule which is updated for known proxy/annonimizers which the wabbits love. Otherwise, fear works well too -- carry a stun-gun and "enlighten" the wabbits (i.e a good LART) or hand out a few warning letters, etc.
 
I believe there is a plugin to update rulesets. The wittle wabbits will find ways around a simple block, but with a ruleset+subscription system you can have your rule and another rule which is updated for known proxy/annonimizers which the wabbits love. Otherwise, fear works well too -- carry a stun-gun and "enlighten" the wabbits (i.e a good LART) or hand out a few warning letters, etc.
 
we went through a similar phase, in the end you are always playing catchup as there will always be ways around these things...and when you prevent it 100% you find some clever clogs running a ssh tunnel and so forth.

what i did was to utilise the time based filters in url filter, basically, allowing them access to facebook during lunch. this is a happy medium for us. this discourages them form using alternate methods as they know thye just have to wait till lunchtime to get their fix.

also, make it clear company policy that people who circumvent filters on purpose get the sack/written warning etc. be clear on this.

What we also did. Worked quite well.

I would suggest you go with this option.

EDIT : My setup was Smoothwall with half-open security policy. I was quite strict about what can go out.
 
Last edited:
We prefer using Untangle: Also free.

After initial setup it's as easy as set and forget. We've been running it for close to 2 years ;)
 
Top
Sign up to the MyBroadband newsletter
X