PFSense - Block websites for kids on their home network VLAN

I am using PFSense at home as well as a Unifi wireless access point.

I have a separate WiFi network with its own VLAN that my kids connect to with their laptops.

On PFSense I’m using pfBlockerNG to block bad sites for the entire network.

I want to be able to block certain websites just for their VLAN (youtube and a gaming site) during the week and then open them back up on the weekends. But I only want it to be blocked on their VLAN. I would still like to be able to use Youtube on the network my wife and I use during the week.

I asked on the PFSense forum about it, but I don’t understand how to do what their response told me.

I see where the documentation for PFSense talks about blocking websites, but as far as I can tell its just for blocking everything and not just one specific VLAN

https://docs.netgate.com/pfsense/en/latest/recipes/block-websites.html

Any pointers on how I can do this please?

Thank you for any help

Jason

You’ll need to dig a lot deeper, but you can install e2guardian and apply it to specific vlans. I don’t think you can have time schedules though. You may need to set up a computer to work as proxy where you can schedule a task to make it active or bypass.

Because pfblocker is a DNS blocker you have to configure your DNS settings to tell it to bypass or use dnsbl on the subnet you want.

Navigate to Services>DNS Resolver>General Settings and add the example below in the Custom Options section.

Example:

server:
    access-control-view: 192.168.2.3/32 bypass
    access-control-view: 192.168.2.0/24 dnsbl
    access-control-view: 192.168.1.0/24 dnsbl
view:
    name: "bypass"
    view-first: yes
view:
    name: "dnsbl"
    view-first: yes
server:include: /var/unbound/pfb_dnsbl.*conf

You could always use openDNS for the DNS for their VLAN only and then do the filtering through your openDNS account. That’s what I did when my kids were little and it worked quite well. It used to be free too. Maybe it still is.