Community discussions

MikroTik App
  4. RouterOS
  5. Beginner Basics

Block Websites and Torrents On Mikrotik 951Ui 2HnD

Locked
 
djeniuss
just joined
Topic Author
Posts: 3
Joined: Tue Feb 07, 2017 2:07 pm

Block Websites and Torrents On Mikrotik 951Ui 2HnD

Tue Feb 07, 2017 2:27 pm

I know this topic has been posted several times in the forum but it doesn't work for me. When i apply the rules either via terminal window or via Layer 7 regexp, no success. The websites i blocked still opens and torrent download are still going on. Please i need help. It's my first time of using Mikrotik Router.

Thanks
Top
 
erlinden
Forum Guru
Forum Guru
Posts: 2727
Joined: Wed Jun 12, 2013 1:59 pm
Location: Netherlands

Re: Block Websites and Torrents On Mikrotik 951Ui 2HnD

Tue Feb 07, 2017 6:03 pm

Can you please provide us with the settings you used?
Top
 
djeniuss
just joined
Topic Author
Posts: 3
Joined: Tue Feb 07, 2017 2:07 pm

Re: Block Websites and Torrents On Mikrotik 951Ui 2HnD

Wed Feb 08, 2017 1:00 pm

I pasted this in winbox under layer7 protocol - regexp

regexp:
^.*(get|GET).+(torrent|

thepiratebay|isohunt|entertane|demonoid|btjunkie|mininova|flixflux|

torrentz|vertor|h33t|btscene|bitunity|bittoxic|thunderbytes|

entertane|zoozle|vcdq|bitnova|bitsoup|meganova|fulldls|btbot|

flixflux|seedpeer|fenopy|gpirate|commonbits).*$


/ip firewall filter>
add chain=forward src-address=192.168.88.0/24 layer7-protocol=torrentsites action=drop comment=torrentsites
add chain=forward src-address=192.168.88.0/24 protocol=17 dst-port=53 layer7-protocol=torrentsites action=drop comment=dropDNS
add chain=forward src-address=192.168.88.0/24 content=torrent action=drop comment=keyword_drop
add chain=forward src-address=192.168.88.0/24 content=tracker action=drop comment=trackers_drop
add chain=forward src-address=192.168.88.0/24 content=getpeers action=drop comment=get_peers_drop
add chain=forward src-address=192.168.88.0/24 content=info_hash action=drop comment=info_hash_drop
add chain=forward src-address=192.168.88.0/24 content=announce_peers action=drop comment=announce_peers_drop
add chain=forward src-address=192.168.88.0/24 p2p=all-p2p action=drop comment=p2p_drop
Top
 
kikikakuku
just joined
Posts: 8
Joined: Fri Jul 01, 2016 11:49 am

Re: Block Websites and Torrents On Mikrotik 951Ui 2HnD

Thu Feb 09, 2017 8:20 pm

http://phallaccmt.blogspot.co.ke/2016/0 ... t-bit.html
http://phallaccmt.blogspot.co.ke/2016/0 ... nt_31.html
For websites use opendns
Top
 
MarkMaina
just joined
Posts: 2
Joined: Sun Feb 26, 2017 1:49 pm

Re: Block Websites and Torrents On Mikrotik 951Ui 2HnD

Sun Feb 26, 2017 1:56 pm

Any one with the correct way to block torrent downloads on my mikrotik?
Top
 
MarkMaina
just joined
Posts: 2
Joined: Sun Feb 26, 2017 1:49 pm

Re: Block Websites and Torrents On Mikrotik 951Ui 2HnD

Sun Feb 26, 2017 1:57 pm

I know this topic has been posted several times in the forum but it doesn't work for me. When i apply the rules either via terminal window or via Layer 7 regexp, no success. The websites i blocked still opens and torrent download are still going on. Please i need help. It's my first time of using Mikrotik Router.

Thanks

did you get the right way?\
Top
 
User avatar
blajah
Member Candidate
Member Candidate
Posts: 222
Joined: Fri Jun 12, 2015 8:58 pm
Location: Belgrade, Serbia
Contact:
Contact blajah

Re: Block Websites and Torrents On Mikrotik 951Ui 2HnD

Thu Mar 02, 2017 11:11 am

Regarding websites, have you tried to create access list and add url's then drop that access list ( ROS will resolve url's to IP's ) ? Its relative new feature in firewall.
Top
 
janus20
Member Candidate
Member Candidate
Posts: 108
Joined: Thu Nov 03, 2016 10:31 am
Location: Pitesti, Romania

Re: Block Websites and Torrents On Mikrotik 951Ui 2HnD

Fri Mar 03, 2017 10:48 pm

Hi,
Any one with the correct way to block torrent downloads on my mikrotik?
Here is a config that is working for me, tested on rb750gr3, rb3011UiAS, rb951g-2hnd. I can not remember from where i have implemented it, most likely from this forum or an outside link from a post.
It stops .torrent file download from browser as well as seeding or downloading inside torrent client (uTorrent, Vuze etc ).

1. define layer7 bit torrent regex table
Code: Select all
/ip firewall layer7-protocol
add comment="Block Bit Torrent - tabela regex" name=layer7-bittorrent-exp regexp=\
    "^(\\x13bittorrent protocol|azver\\x01\$|get /scrape\\\?info_hash=get /announce\\\?info_hash=|get /client/bitcomet/|GET /data\\\?fid=)|d1:ad2:id20:|\\x08'7P\\)[RP]"
2. add "ofender" ip to a list with timeout set to 5 minutes
Code: Select all
/ip firewall filter
add action=add-src-to-address-list address-list=Torrent-Conn address-list-timeout=5m chain=forward comment="Block torrent trafic" layer7-protocol=layer7-bittorrent-exp \
    log-prefix=torr-conn src-address={lan_network_range} src-address-list=!allow-bit
add action=add-src-to-address-list address-list=Torrent-Conn address-list-timeout=5m chain=forward comment="Block p2p" log-prefix=torr-conn p2p=all-p2p src-address={lan_network_range} \
    src-address-list=!allow-bit
where src-address={lan_network_range} is local lan network range ( Ex.: 192.168.0.0/24 )
You can see blocked ips running command:
/ip firewall address-list print
3. drop traffic for non-standard ports ( some of them ) for ips inside Torrent-Conn list ( see 2. )
Code: Select all
/ip firewall filter
add action=drop chain=forward dst-port=!0-1024,3389,5222,5800,5900,8291,14147,59905 protocol=tcp \
    src-address-list=Torrent-Conn
add action=drop chain=forward dst-port=!0-1024,3389,5222,5800,5900,8291,14147,59905 protocol=udp \
    src-address-list=Torrent-Conn
add action=drop chain=forward out-interface={local-lan-interface} content="\r\nContent-Type: application/x-bittorrent" protocol=tcp src-port=80 comment=".torrent \r\nContent-Type...."
where out-interface={local-lan-interface} might be: ether2 or bridge1. For example, if on rb951g-2hnd you have ether2(master) and wlan as ports inside a bridge, named bridge1, then out-interface is bridge1
4. mark torrent traffic packets
Code: Select all
/ip firewall mangle
add action=mark-packet chain=postrouting comment="p2p download" disabled=no layer7-protocol=layer7-bittorrent-exp new-packet-mark="p2p download" passthrough=no
5. drop torrent traffic
Code: Select all
/ip firewall filter
add action=drop chain=forward disabled=no p2p=all-p2p
add action=drop chain=forward in-interface={WAN_interface} comment="torrent dht out magnet" content=d1:ad2:ad20 disabled=no dst-port=1025-65535 packet-size=95-190 protocol=udp
add action=drop chain=forward in-interface={WAN_interface} comment=info_hash content=info_hash disabled=no dst-port=2170,80 protocol=tcp
add action=drop chain=forward out-interface={local-lan-interface} content="\r\nContent-Type: application/x-bittorrent" protocol=tcp src-port=80 comment=".torrent \r\nContent-Type...."
where in-interface={WAN_interface} is your WAN interface ( Ex.: ether1 or pppoe-out1 )
and
out-interface={local-lan-interface} might be: ether2 or bridge1. For example, if on rb951g-2hnd you have ether2(master) and wlan as ports inside a bridge, named bridge1, then out-interface is bridge1
P.S. MOST IMPORTANT: in order to make it work DISABLE fasttrack, if you had enabled it or has left enabled by default configuration! ( https://wiki.mikrotik.com/wiki/Manual:IP/Fasttrack )

Hope it helps.

kind regards,
Top
 
alejosalmon
just joined
Posts: 23
Joined: Sun May 31, 2015 3:02 pm

Re: Block Websites and Torrents On Mikrotik 951Ui 2HnD

Wed May 30, 2018 6:53 pm

Hello these rules are ok but how to prevent blocking games like dota 2,fornite,etc.My question is due to the ports which are not listed.Thanks
Top
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 22173
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:
Contact anav

Re: Block Websites and Torrents On Mikrotik 951Ui 2HnD

Wed May 30, 2018 7:36 pm

Hopefully 2frogs will chime in here, he can solve it using whitelists.
Top
Locked
  4. RouterOS
  5. Beginner Basics