I'm trying to block youtube.com during business hours using squid, however since this is a transparent proxy people are able to bypass it by using https://....... (port 443).
I want to use iptables to block port 443 but only to youtube.com servers, as other port 443 functionality is required for other tasks.
I've tried a lot of different combinations, including:
blocking Youtube's ip's is almost impossible as they change each time a do an nslookup.
iptables -A INPUT -p tcp --dport 443 -m string --string "youtube.com" algo bm -j REJECT
Does anybody know how this can be done?