Scribd
Upload
93 views

Drop Mikrotik Website Access

The document provides instructions for configuring firewall filters in Mikrotik to block specific websites and content. It describes rules to drop access to the Mikrotik website, block content like Facebook, YouTube and Twitter using individual rules, and use regular expressions to block multiple sites with one rule. It also provides an example of using layer 7 protocols and packet marking to rate limit traffic to sites like YouTube.

Uploaded by

behtchay
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
93 views

Drop Mikrotik Website Access

The document provides instructions for configuring firewall filters in Mikrotik to block specific websites and content. It describes rules to drop access to the Mikrotik website, block content like Facebook, YouTube and Twitter using individual rules, and use regular expressions to block multiple sites with one rule. It also provides an example of using layer 7 protocols and packet marking to rate limit traffic to sites like YouTube.

Uploaded by

behtchay
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 1

Firewall Filter

Drop Mikrotik Website Access

/ip firewall filter


add action=drop chain=forward comment="Block Mikrotik" dst-address=159.148.147.196

Block users from accessing websites using content option

One rule per content you want to block. So if you want to block, for example, Facebook, Youtube, and
Twitter, you have to create rule for each content.

/ip firewall filter add chain=forward src-address=192.168.20.0/24 protocol=tcp dst-port=80


content="mikrotik" action=drop comment="Block Mikrotik HTTP"

/ip firewall filter add chain=forward src-address=192.168.20.0/24 protocol=tcp dst-port=443


content="mikrotik" action=drop comment="Block Mikrotik HTTPS"

Simple Blocking using Layer 7 Protocols

Under the Regex field, put the following: ^.+(mikrotik.com|mt.lv).*$


. You can add more sites by typing in the Domain, and separating them with the pipe "|" symbol.

@ IP Firewall Filter Rules


Create Rule chain=forward with layer 7 then action=drop

@ IP Firewall Mangle

Example:

/ip firewall layer7-protocol


add name=youtube regexp=youtube|googlevideo

/ip firewall mangle


add action=mark-connection chain=forward in-interface=ether1 \
layer7-protocol=youtube new-connection-mark=youtubecon passthrough=yes
add action=mark-packet chain=forward connection-mark=youtubecon \
new-packet-mark=youtubepack passthrough=yes

/queue simple
add max-limit=2M/2M name=queue1 packet-marks=youtubepack target=""

You might also like