Windows updates can be massive bandwidth hogs.
To block Windows updates using Pfsense you need to install Squid Proxy Server (run this in transparent mode), then install SquidGuard. Please ensure that SquidGuard is installed after Squid Proxy Server.
Once installed go to:
Services -> Squid Guard Proxy Filter -> Target Categories
!["windows-1"]("http://wiredin.co.za/academy/wp-content/uploads/2016/10/Windows-1.png")
Click Add and give the rule a name
Paste the following in the domains list:
windowsupdate.microsoft.com update.microsoft.com windowsupdate.com download.windowsupdate.com download.microsoft.com wustat.windows.com ntservicepack.microsoft.com ws.microsoft.com
!["windows-2"]("http://wiredin.co.za/academy/wp-content/uploads/2016/10/Windows-2.png")
Click Save
- Note that the the domains have to separated by a single space and not a new line. This could of course also be achieved using regex, but I was too lazy to write the regex for this ? Please feel free to post the regex if you feel so inclined ?
Next, go to the Common ACL tab and click on the “+” next to Target Rules List.
Select access deny for the target category you just created and click Save
!["windows-3"]("http://wiredin.co.za/academy/wp-content/uploads/2016/10/Windows-3.png")
Next, go to the General settings tab and under General options click the Apply button
!["windows-4"]("http://wiredin.co.za/academy/wp-content/uploads/2016/10/Windows-4.png")