summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--doc/guix.texi29
-rw-r--r--gnu/services/networking.scm37
2 files changed, 65 insertions, 1 deletions
diff --git a/doc/guix.texi b/doc/guix.texi
index ac2aad643c..583bdbf621 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -3610,6 +3610,35 @@ root.
The other options should be self-descriptive.
@end deffn
+@defvr {Scheme Variable} %facebook-host-aliases
+This variable contains a string for use in @file{/etc/hosts}
+(@pxref{Host Names,,, libc, The GNU C Library Reference Manual}). Each
+line contains a entry that maps a known server name of the Facebook
+on-line service---e.g., @code{www.facebook.com}---to the local
+host---@code{127.0.0.1} or its IPv6 equivalent, @code{::1}.
+
+This variable is typically used in the @code{hosts-file} field of an
+@code{operating-system} declaration (@pxref{Using the Configuration
+System}):
+
+@example
+(use-modules (gnu) (guix))
+
+(operating-system
+ (host-name "mymachine")
+ ;; ...
+ (hosts-file
+ ;; Create a /etc/hosts file with aliases for "localhost"
+ ;; and "mymachine", as well as for Facebook servers.
+ (text-file "hosts"
+ (string-append (local-host-aliases host-name)
+ %facebook-host-aliases))))
+@end example
+
+This mechanism can prevent programs running locally, such as Web
+browsers, from accessing Facebook.
+@end defvr
+
@node X Window
@subsubsection X Window
diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm
index 44e3c303de..8e682b9cfa 100644
--- a/gnu/services/networking.scm
+++ b/gnu/services/networking.scm
@@ -25,7 +25,8 @@
#:use-module (gnu packages messaging)
#:use-module (guix gexp)
#:use-module (guix monads)
- #:export (static-networking-service
+ #:export (%facebook-host-aliases
+ static-networking-service
dhcp-client-service
tor-service
bitlbee-service))
@@ -36,6 +37,40 @@
;;;
;;; Code:
+(define %facebook-host-aliases
+ ;; This is the list of known Facebook hosts to be added to /etc/hosts if you
+ ;; are to block it.
+ "\
+# Block Facebook IPv4.
+127.0.0.1 www.facebook.com
+127.0.0.1 facebook.com
+127.0.0.1 login.facebook.com
+127.0.0.1 www.login.facebook.com
+127.0.0.1 fbcdn.net
+127.0.0.1 www.fbcdn.net
+127.0.0.1 fbcdn.com
+127.0.0.1 www.fbcdn.com
+127.0.0.1 static.ak.fbcdn.net
+127.0.0.1 static.ak.connect.facebook.com
+127.0.0.1 connect.facebook.net
+127.0.0.1 www.connect.facebook.net
+127.0.0.1 apps.facebook.com
+
+# Block Facebook IPv6.
+fe80::1%lo0 facebook.com
+fe80::1%lo0 login.facebook.com
+fe80::1%lo0 www.login.facebook.com
+fe80::1%lo0 fbcdn.net
+fe80::1%lo0 www.fbcdn.net
+fe80::1%lo0 fbcdn.com
+fe80::1%lo0 www.fbcdn.com
+fe80::1%lo0 static.ak.fbcdn.net
+fe80::1%lo0 static.ak.connect.facebook.com
+fe80::1%lo0 connect.facebook.net
+fe80::1%lo0 www.connect.facebook.net
+fe80::1%lo0 apps.facebook.com\n")
+
+
(define* (static-networking-service interface ip
#:key
gateway