Bookmark and Share

Author Topic: How to block Websites on a schedule (limit Facebook time) on D-Link DIR-655  (Read 36442 times)

0 Members and 1 Guest are viewing this topic.

Offline raymond_4ever

  • PcWinTech Jr. Member
  • Join Date: Feb 2012
  • Posts: 2
  • Karma: 0
Hi everyone,

I'm new to this forum and stumbled upon it in my search to find a way to implement a router-based Facebook limitation (schedule) for my teens. I had considered PC-based software but then thought it would be a hassle managing this on the family kitchen PC, kids' homework laptop and iPod Touch. I figured a simpler and centralized approach would be to limit Facebook time at the router. Not so easy. The D-Link DIR-655 allows you to block specified Websites or Web access entirely (edit the Access Policy, Schedules and Website Filtering). I had configured my Website Filter page to always deny access to sites like omegle.com and chatroulette.com (please reply with any other nasty sites I should add to that list). I was going to add facebook.com to that list of blocked sites but then thought, wait a minute, I don't want Facebook blocked all the time. I don't mind if my teens use Facebook at the kitchen PC until about dinner time, but then I want the router to block Facebook for the rest of the weeknight so they will have dinner, socialize with fleshy humans and complete their homework etc. Essentially, what I wanted was a router rule of "only allow Facebook until 5:30 pm on weeknights." But the D-Link DIR-655 doesn't elegantly implement this kind of fine-tuned scheduled access to certain Web site names. On the Website Filter page, you can only allow or deny access to named sites like facebook.com; you cannot set a schedule here for any of these sites. I thought, hmmm....I don't want to add facebook.com to the deny list because I want my kids to get an acceptable dose of Facebook time and then at a preset time, get blocked and forced off it for the remainder of the evening. And I don't want to add facebook.com to the deny list and then manually disable/toggle the Website Filter list daily because that toggling would allow them to visit facebook but also omegle and chatroulette! ARGGG!

Is what I wanted even possible or would I need to buy a more sophisticated router with these scheduling features?

Well I muddled around the D-Link configuration screens for a while and eventually figured out a solution. You can limit time spent on Facebook (using a specified schedule) without having to name facebook.com on your deny list. The trick is to find out what IP addresses Facebook servers use (you can Google, ping or nslookup) and add them to the Advanced Port Filters rules page.

To start, here is my Website Filter page:


I created a new schedule called Facebookuntil530; the schedule runs from 5:30 pm to 4:00 pm the next day:


In Access Control, I selected Add Policy to create a new policy. I called this policy Facebookuntil530 and set the schedule to be the Facebookuntil530 schedule I just created in the previous step.


I then chose the computers I wanted this policy to apply to (by IP, MAC address or all computers (Other Machines)). On the next screen, I selected Block Some Access and Apply Advanced Port Filters:


Finally, I Googled 'Facebook IP addresses' and found this list of Facebook IP ranges and copied these IP ranges into this page and clicked Save:

In a command prompt, you could also ping facebook.com or nslookup facebook.com to identify Facebook's responding IP addresses.

This policy therefore prohibits traffic from Facebook during the schedule 5:30 pm to 4:00 pm the next day on the computers you specified.

Hope this helps.

PcWinTech.com Forums


Offline Shane

  • Top Geek, err uh Dog.
  • PcWinTech Administrator
  • PcWinTech Guru
  • *******
  • Join Date: Jul 2008
  • Posts: 16,846
  • Location: USA
  • Karma: 523
  • "Knowledge should be shared not hidden."
Did it end up working the way you wanted it?

If so I will sticky this thread for others :-)

Shane
(My weekends belong to my wife and kids, I will try my best to answer all posts daily during the work week)

(About Shane)
Site Owner, Top Admin, Lead Programmer, Wife & 5 kids, Needs a lot more coffee.

When people ask "Why fix what isn't broken?" I reply "To make it better."
"Only a life lived for others is a life worthwhile"
Honor & Respect is all that matters.

Owner & Programmer of: www.pcwintech.com & www.tweaking.com

Offline raymond_4ever

  • PcWinTech Jr. Member
  • Join Date: Feb 2012
  • Posts: 2
  • Karma: 0
Did it end up working the way you wanted it?

If so I will sticky this thread for others :-)

Shane

Yes, the policy is working exactly as expected. The wife loves it!

Sorry if my original post was a bit rambling. The idea I was trying to convey was my frustration at D-Link's inflexible all-or-nothing blacklist approach.  My workaround - adding port filtering rules - is somewhat tedious to initially configure as it requires determining and manually typing in ranges of Facebook's IP addresses (and hoping they don't change), but it does work. 

So if in the future, there are more sites I wish to limit to a defined schedule rather than always block, such as Youtube, this is my approach.


Offline Shane

  • Top Geek, err uh Dog.
  • PcWinTech Administrator
  • PcWinTech Guru
  • *******
  • Join Date: Jul 2008
  • Posts: 16,846
  • Location: USA
  • Karma: 523
  • "Knowledge should be shared not hidden."
Stickied :-)

Shane
(My weekends belong to my wife and kids, I will try my best to answer all posts daily during the work week)

(About Shane)
Site Owner, Top Admin, Lead Programmer, Wife & 5 kids, Needs a lot more coffee.

When people ask "Why fix what isn't broken?" I reply "To make it better."
"Only a life lived for others is a life worthwhile"
Honor & Respect is all that matters.

Owner & Programmer of: www.pcwintech.com & www.tweaking.com

Offline bdobyns

  • PcWinTech Jr. Member
  • Join Date: Apr 2014
  • Posts: 1
  • Karma: 0
Seems that I am late to the party but nonetheless I am attempting to use my router to do the same thing.

I have had no luck following the steps without going to step 5.

I did find a site to locate the IP's (http://tejji.com/ip/url-to-ip-address.aspx?domain=ask.fm) but I am lost with all of the numbers that are being asked for in the start and end columns.  Hopefully this forum is still active!!!

Thanks in advance.

PcWinTech.com Forums