[H-GEN] squid and facebook

Troy Piggins troy at piggo.com
Tue Sep 20 23:32:49 EDT 2011


* Russell Stuart wrote :
> 
> On Wed, 2011-09-21 at 08:32 +1000, Troy Piggins wrote: 
> > The only things I can think of are that this FF addon somehow falls
> > back to some port other than 80 if it doesn't get through on that,
> > or, even though the browser URL is displaying the above the content
> > is actually coming from somewhere else?  Checking the sarg logs
> > I see FB's content server domain fbcdn.net and have blocked that
> > too but no joy.
> > 
> > Any ideas?  I could block all outgoing ports other than the few
> > servers, but in the past I've found that's painful.
> 
> The first step is to figure out how it is getting through.  That should
> be difficult.  The squid logs will tell you if it is going via port 80.
> A tool like wireshark or iptraf will make it obvious if it is going
> through a some other port.
> 
> My guess is it's using SSL, and you will have to block accesses to
> facebook.com:443, and possibly CONNECT's to facekbook.com as well.

Thanks Russell,

Will have a look at it tonight.  Could be 443.

-- 
Troy Piggins



More information about the General mailing list