How to block an URL using domain filter

Started by Glenn

Glenn

How to block an URL using domain filter   02 June 2016, 21:34

I was trying to block www.youtube.com and www.facebook.com using the domain filter but it seems it doesn't work because i still get an access to the said sites. I'm using the trial version and running bridge mode. What could be the cause of it? My config was ipv4 based, both incoming and outgoing traffic enable, interface is on my wan nic and the destination is the domain which i mentioned in the above. At first it is blocking the sites and after several minutes, it can suddenly access it. By looking at the graph it seems traffic from the sites do not pass through my policy though i can stream videos continuously. Can you expound more on how to block url's?

My lan ip network is 192.168.1.1 /24
SoftPerfect Support forum - Andrew avatar image

Re: How to block an URL using domain filter   02 June 2016, 21:42

Regarding filtering traffic by domain name, this is how it works:
  1. There are no domain names in a regular TCP/IP connection, only a source and destination IP addresses.
  2. In order to be able to map IP addresses to domain names, BM dissects any received DNS responses and builds a table [IP address->Domain].
  3. By doing so, BM is able to reverse a source or destination IP address to a domain name when matching a rule.

This generally works well, yet there is a couple of issues:
  • A web-site may have a large number of IP addresses, usually round-robin served by a DNS server.
  • Computers can cache DNS resolution results and not request new ones.

This means, if a computer obtained an IP address for youtube.com before BM was started or it somehow avoided making a DNS lookup pass BM, the software would not know what domain name this IP address resolves to. So it occasionally possible for domain name blocking not to work, but the longer it's been running, the more reliable it will be (because client DNS caches will expire while BM builds a database of IP-to-domain mappings).

In addition, the actual videos on youtube.com are streamed from googlevideo.com, so I'd recommend to list that as well in your rule. By the way, don't add the www part, just specify the domain name.

Sometimes you can find a solution faster if you try the forum search, have a look at the knowledge base, or check the software user manual to see if your question has already been answered.

Our forum rules are simple:

  • Be polite.
  • Do not spam.
  • Write in English. If possible, check your spelling and grammar.

Author:

Subject

A brief and informative title for your message, approximately 4–8 words:

     

Spam prevention: please enter the following code in the input field below.

 **     **  ********   **        ********  ********  
 ***   ***  **     **  **        **    **  **     ** 
 **** ****  **     **  **            **    **     ** 
 ** *** **  **     **  **           **     **     ** 
 **     **  **     **  **          **      **     ** 
 **     **  **     **  **          **      **     ** 
 **     **  ********   ********    **      ********  

Message: