I was looking for a simple and effective way to block websites and I really like this simple soultion.
The problem is, you can block facebook with this modification:
0.0.0.1 facebook.com
0.0.0.1 www.facebook.com
but users can still access facebook by going to fr-fr.facebook.com or other prefix+website combinations.
My question is, is there any way to include all possible prefixes? Virtually speaking, some patterns like *.facebook.com
This can be done by configuring your firewall to block traffic in/out.
The network ranges in use by Facebook, which is your example turns out to be four subnets ( I've used whois to get them , there are many other methods ..)
31.13.64.0/18
66.220.144.0/20
69.171.224.0/19
69.63.176.0/20
You can filter out those addresses by using UFW OR iptables so if you have UFW installed run :
sudo ufw reject out to 31.13.64.0/18
sudo ufw reject out to 66.220.144.0/20
sudo ufw reject out to 69.171.224.0/19
sudo ufw reject out to 69.63.176.0/20
Else you can install it with sudo apt-get install ufw or just use directly iptables by running those commands with root access:
iptables -A OUTPUT -d 31.13.64.0/18 -j REJECT
iptables -A OUTPUT -d 66.220.144.0/20 -j REJECT
iptables -A OUTPUT -d 69.171.224.0/19 -j REJECT
iptables -A OUTPUT -d 69.63.176.0/20 -j REJECT
