Community discussions

MikroTik App
  4. RouterOS
  5. Beginner Basics

Web Site Filter & Web proxy Enable

Locked
 
User avatar
nawshad
Trainer
Trainer
Topic Author
Posts: 104
Joined: Wed Jul 23, 2008 2:19 pm
Location: Dhaka Bangladesh
Contact:
Contact nawshad

Web Site Filter & Web proxy Enable

Thu Oct 03, 2013 10:01 pm

Web proxy Enable and website block Using MikroTik Router OS:

PART 1 [WEB PROXY ENABLE]
Login in to Router using WinBox
On Main Menu click on IP ==> web Proxy
Click on Enable box to active web proxy

To make your MikroTik web proxy transparent (or force all http 80 port request pass through web proxy) follow bellow steps:
On main menu click on IP==> Firewall Click on Tab ==>NAT
Click on + sign a New Nat Rule window will appear set
Chain: dstnat

Dst. Address: [!] 192.168.10.1 {192.168.10.0/24 is your local IP address [it is important to put ! before IP address box]}

Protocol: 6 (tcp)
Dst. Port: 80
Click on next TAB ==> Action
Select Action: Redirect
Type to Port: 8080
[Now all http 80 port requests will redirect to web proxy port 8080]

It is very important to drop 8080 port on your wan interface chain=input. Otherwise globally your mikrotik will be open proxy server.
Last edited by nawshad on Fri Mar 28, 2014 7:31 pm, edited 4 times in total.
Top
 
User avatar
nawshad
Trainer
Trainer
Topic Author
Posts: 104
Joined: Wed Jul 23, 2008 2:19 pm
Location: Dhaka Bangladesh
Contact:
Contact nawshad

Re: Web Site Filter & Web proxy Enable

Thu Oct 03, 2013 10:05 pm

Web proxy Enable and website block Using MikroTik Router OS:

PART 1 [WEB PROXY ENABLE]

On Main Menu click on IP ==> web Proxy
Click on Enable box to active web proxy

To make your MikroTik web proxy transparent (or force all http 80 request pass through web proxy) follow bellow steps:
On main menu click on IP==> Firewall Click on Tab ==>NAT
Click on + a New Nat Rule window will appear set
Chain: dstnat
Dst. Address: [!] 192.168.10.1 [it is important to put ! before IP address box]
Protocol: 6 (tcp)
Dst. Port: 80
Click on next TAB ==> Action
Select Action: Redirect
Type to Port: 8080
[Now all http 80 port requests will redirect to web proxy port 8080]

It is very important to drop 8080 port on your wan interface chain=input. Otherwise globally your mikrotik will be open proxy server.

PART 2 [WEB SITE BLOCK USING MIKROTIK ROUTER]

We going to block website http://www.dirtysite.com
On Main Menu click on IP==> web proxy==> click on Access button on right side of Web Proxy Settings window
Now you will get new window appear name “Web Proxy Access”
Click on + button Click on Dst. Host : type http://www.dirtysite.com
Set Action: deny click on OK button
Now your LAN user can’t access http://www.dirtysite.com
You may add more site as you needed one by one.

Note: Above configuration filter only for http 80 port, web sites which use https or 443 port need to drop by using layer 7 firewall.

if this configuration helps you then give me one karma, click on + sign left side of this window bellow my name : Nawshad
Last edited by nawshad on Fri Mar 28, 2014 7:59 pm, edited 1 time in total.
Top
 
Crys
just joined
Posts: 3
Joined: Thu Mar 13, 2014 7:53 am
Location: Lalitpur, Nepal

Re: Web Site Filter & Web proxy Enable

Thu Mar 13, 2014 8:01 am

I tried to block HTTPS for facebook, youtube with port 443. But it block google.com also in mikrotik 450g routerboard.

how to open google.com after blocking port 443 or any other simple ways to block https://www.facbook.com, https://www.youtube.com. I tried all ways you posted in this forum. But it didn't work.

Krishna Kr. Raut
rautkrishna.2012@gmail.com
Top
 
User avatar
nawshad
Trainer
Trainer
Topic Author
Posts: 104
Joined: Wed Jul 23, 2008 2:19 pm
Location: Dhaka Bangladesh
Contact:
Contact nawshad

Re: Web Site Filter & Web proxy Enable

Fri Mar 28, 2014 7:33 pm

I tried to block HTTPS for facebook, youtube with port 443. But it block google.com also in mikrotik 450g routerboard.

how to open google.com after blocking port 443 or any other simple ways to block https://www.facbook.com, https://www.youtube.com. I tried all ways you posted in this forum. But it didn't work.

Krishna Kr. Raut
rautkrishna.2012@gmail.com
Top
 
User avatar
nawshad
Trainer
Trainer
Topic Author
Posts: 104
Joined: Wed Jul 23, 2008 2:19 pm
Location: Dhaka Bangladesh
Contact:
Contact nawshad

Re: Web Site Filter & Web proxy Enable

Fri Mar 28, 2014 7:47 pm

I tried to block HTTPS for facebook, youtube with port 443. But it block google.com also in mikrotik 450g routerboard.

how to open google.com after blocking port 443 or any other simple ways to block https://www.facbook.com, https://www.youtube.com. I tried all ways you posted in this forum. But it didn't work.

Krishna Kr. Raut
rautkrishna.2012@gmail.com

don't drop 443 port, it will drop some important website also.

use layer 7 filter to drop particular https website. all MikroTik router support Layer7 Filtering.
Top
Locked
  4. RouterOS
  5. Beginner Basics