# ZTE ZXDSL 831ii block a website



## zetrotrack000

Hi
I have ZTE ZXDSL 831II router. I want to block some websites (like facebook etc). I researched and found that it can be done from IP Filtering section under Firewall but I am not able to block any of the website as I am not fully able to understand the options there: Inbound Traffic, Outbound Traffic, Source IP Address, Destination IP Address
I think for Protocol I have to mention TCP (or ALL) and for port I have to give 80.
I have tried a lot but not able to achieve my goal, can anyone help to solve my problem?
PS: You can also see the attached images!
Regards


----------



## Vipernitrox

Simple answer: no, can't be done.

To be more specific. Every server has a different ip. And facebook doesn't run on one server. So you'd have to figure out which ip's are from facebook and block them all. The same goes for all other "big" websites. The smaller ones which run on a single server you can block easily.

You want to block inbound traffic. With the source adress being the server/website. And destination being the client pc you want to block the website from.

Also, your printscreens are pretty much unreadable. But that's what i make of it.


----------



## zetrotrack000

Thanks for such a quick reply 
I want to block facebook. I ping facebook 10-12 times and noted that it is using following ips;


		Code:
	

69.171.229.11
69.171.242.11
66.220.149.11
66.220.158.11

The idea I get from your answer is that I have give all four of these ips to source ip address but the destination pc is using dhcp so i does not have fixed ip, so how can i do that?
You can also check the screenshots here; 
http://i39.tinypic.com/211mjyq.png
http://i42.tinypic.com/nojc7a.png
http://i44.tinypic.com/1rx7jb.png

Regards


----------



## Vipernitrox

That's basically it yes. And those 4 ip adresses still won't be all of them. A wild guess would be that they have more then 100 internet facing servers with all different ip's.  For the dhcp. You should be able to create a static dhcp lease based on the computers mac address. Or simply give the computer a static ip address outside the dhcp range.


----------



## zetrotrack000

It is not possible to visit every PC and give it a static ip address. Is it possible to give lan's mac address or lan's address (192.168.1.1) as destination ip address or is there any other way to block from router's configuration?
Regards


----------



## Vipernitrox

Setting router lan adress won't work. You can also probably set a range of ip adresses on your internal network. And you could try to set a dhcp lease like i said in my last post.


----------

