Hello to every Friend.
I want to block facebook & twitter application from my hotspot, but i want the web facebook page.
I have put in the walled garden this addresses: facebook.com, facebook.net *.faceboook.com, *.facebook.net.
The action is allow.
If a user connect to wi-fi, without hotspot connection, and opens facebook application, works fine…
I want to open faceboook via hotspot browser, but not via application.
What can i do for this??
Any helping welcomed!
Hello!
Any news about that?
I think you’re pretty screwed because the app is just a fancy custom web browser (using https under the hood) so you can’t easily tell the difference between the app client and a standard browser client. You could inspect the layer 7 data for clues - certainly the app is going to have quirks that you could pick up on, but unfortunately for you, facebook forces SSL now, which secures the connection from the prying eyes of middleboxes (like hotspot).
The only way I can think of would be to use the web proxy feature and use wpad / DHCP option 252 to tell clients to auto-configure the proxy settings. You are able to break into https connections when the browser is using your proxy explicitly.
Perhaps the app won’t be smart enough to use the proxy settings…
But this is a lot of work to go through just to block the app and allow the browser, especially when modern platforms automatically detect that they’re on a hotspot and just open the browser immediately…