Increase blocking functionality

4 Posts
4 Users
9 Reactions
588 Views
-1
Topic starter

When I use an app or surf the web, I would like to see, which servers in the internet are contacted to receive information. E.g. if I go to focus.de in the web, the log should show focus.de but then also all the domains, servers, etc, it contacts. E.g. graph.facebook.com, demdex, xxx.doubleclick.google.kingkong.net, google-analytics.com, google-tagmanager.com etc. I would then be able to choose the entry and say I want to allow it (whitelisting) or I want to block it and then on which domain level. Meaning: google.com, or tagmanager.google.com or xxx.tagmanager.google.com. This way I can allow go to mail.google.com but all others are blocked. The functionally of Little Snitch on MacOS is the example I would like.

In little Snitch you can also choose which application is allowed.

So in little snitch you start word and a window opens and asks: Allow this app to connect to this server on this port. Then I can say: Once, for this sessions, forever. This app or all Apps.

So I could go to adobe.com port 80 with the Webbrowser but block adobe.com port 80 for Rapidweaver. Or allow port 443 but not 80. And so on. 

 

is this sufficient? Since eblocker is its own device I believe it is difficult to block traffic until someone clicked ok. It would mean some App of eblocker on my device, which I believe Apple would not allow. So for me it would be fine, if I could jump every evening to eblocker, see all apps, all urls, all ports and then decide which I would want to be blocked in the future or which I would want to whitelist. Or view what eblocker does when I install a new app and then immediately block the connection. Yes, the first connect would go through but nothing later. AdGuard is on iPhone is a good example how this works. This way, my list grows and I can block what I want to be blocked. I am very very restrictive what I allow. I do it in Little Snitch and Adgurad Pro. And I do much more than what AdGuard Pro e.g. offers. Although they do a really good job, I believe.

3 Answers
3

@gregor We've designed eBlocker with the "general user" in mind and tried to balance between great protection and usage comfort - so most services still work as expected without much config or deeper tech knowledge. My 80 years old mum is using eBlocker and she's delighted!

I fear what you are looking for is a firewall for the hard core tech geeks - like pfsense.

Pfsense users are not our audience so far and personally I'd rather like to help everyone with an easy to use solution that helps blocking the bad guys out of the box - rather than reinventing pfsense to address a few more geeks.

But hey, eBlocker is a community project and if there are contributors who want to implement the features you proposed: just move forward!

0

Oh....thank @random.
I did not know this article yet

-1

Good day and thank you for your contribution @Benne 🙂

You are right that the Eblocker should be easy to use for most of us.

The Eblocker is already a fine device and I am very enthusiastic.

But with most hard or software solutions there is an advanced mode.

This is what I would like to see with the Eblocker too !

Many of the above functions are already implemented which makes the Eblocker very attractive to me.

I hope I am not offending anyone with this post.

Unfortunately I can't program and have rudimentary knowledge in Basic from the C64 time in the middle of the 80ies.

My knowledge in network technology I describe also times as extended since I am since 1994 with Windows and Linux on the way.

Since a few days I have a NAS in my system (Synology DS220j DiskStation).

I want to share certain content on my storage with others. I can generate from the Synology Https links to a file.

For this, Synology provides me with a Https certificate which I have to renew every three months.

This means that if I create a dynamic link and then test it for functionality, it works fine.

Eblocker monitoring for the internal IP of Synology is disabled.

When eblocker is turned on for this device, the dynamic links no longer work.

So I started the manual HTTPS diagnostics for the Synology and the machine I am working with and watched the traffic.

The diagnostics on the Synology did not record a single connection and so I can't enable or disable anything.

Does anyone have another idea what to do about this ?

Maybe I have overlooked something ?

I would be very grateful for an advanced solution.

I hope that I can solve this problem with the update 2.7 and the firewall?!

Something must be blocking the NAS.

Thanks for reading my post and have a nice rest of the week.

--

Andreas 

Random 02/06/2021 8:10 pm

@andreashamburg Just disable eBlocker for your NAS. See here: https://eblocker.org/docs/information-on-radios-loudspeakers-printers-nas/

eBlocker‘s Personal Device Firewall is not a generic firewall but will allow to analyze and block outbound DNS requests. No more, no less. 

THX!

 

Answer

Nach oben scrollen