[H-GEN] squid and facebook
Troy Piggins
troy at piggo.com
Tue Sep 20 23:32:49 EDT 2011
* Russell Stuart wrote :
>
> On Wed, 2011-09-21 at 08:32 +1000, Troy Piggins wrote:
> > The only things I can think of are that this FF addon somehow falls
> > back to some port other than 80 if it doesn't get through on that,
> > or, even though the browser URL is displaying the above the content
> > is actually coming from somewhere else? Checking the sarg logs
> > I see FB's content server domain fbcdn.net and have blocked that
> > too but no joy.
> >
> > Any ideas? I could block all outgoing ports other than the few
> > servers, but in the past I've found that's painful.
>
> The first step is to figure out how it is getting through. That should
> be difficult. The squid logs will tell you if it is going via port 80.
> A tool like wireshark or iptraf will make it obvious if it is going
> through a some other port.
>
> My guess is it's using SSL, and you will have to block accesses to
> facebook.com:443, and possibly CONNECT's to facekbook.com as well.
Thanks Russell,
Will have a look at it tonight. Could be 443.
--
Troy Piggins
More information about the General
mailing list