can we explicitly point out that nearly SIXTY PERCENT of requests are blocked...and how completely preposterous that is?!? 60% of the requests made by hosts are "undesirable"...
apps are out of control, CoSo...
@opie
It's gotten worse since I dropped cable TV and went 100% streaming. Roku is especially persistent phoning home but my regex whacks it, which causes it to attempt more, and the cycle continues.
@opie
Other stuff is very persistent, though. Here's my top 10 blocked over the last 24.
this is about 5 days worth...peacock app is outta control (the #1 entry)
@opie
Yeah, that's about as bad as the Roku OS for me.
It's hard to know if these apps are really *that* chatty, or if they are freaking out because they can't reach the mothership so they make more connection attempts than they otherwise would if not blocked.
it's prob a little of both...in the case of peacock, I'm pretty sure all those requests are for ads...as when my peacock shows go to commercial, I don't actually see commercials...I see two minutes of "we'll be right back" with some very soothing music
the taplyitics thing, I'm pretty sure is trying to gain metrics on every tap in the app using it
@opie
Do you cache all traffic through your proxy, or is it fast enough to filter on the fly without slowing your traffic?
fast enough to filter on the fly at about 600Mbps...I have new proxy box waiting in the wings which should improve that...just need to find time to build and cutover to it...which is tough with all the sports on...since now my TV depends on the network being up...
@voltronic
I don't do DNS based filtering, all traffic in my network must go through a proxy in the DMZ -- for web traffic, the filtering is squid + ufdbGuard...I block some stupidity with static ACLs in squid, the rest is handed off to ufdbGuard with sblack, oisd, and coupla other lists
the stats I shared are what makes it to ufdbGuard