hey guys
what can i do if i just want to give access to only web browsing to some users ? and maybe just some others apps like messenger, youtube, facebook etc
but really basic
Re: block most ports in the firewall ?
my problem is i got a lot of traffic in the connections, i dunno much more how to settings things, i tried to look on different threads and mikrotik tutorials
and some machine are passing over the simple queue setting max limit, even with parent in simple queue, some user got nothing listed and are downloading at 20 Mbps, i can see it on the interface and into the wireless stats of the wifi about their received and sent packets
i really need some help hrhrhr , i got around 20 users on it and when 3 or 4 peoples are doing this things, others users got nothing from the bandwith,
and some machine are passing over the simple queue setting max limit, even with parent in simple queue, some user got nothing listed and are downloading at 20 Mbps, i can see it on the interface and into the wireless stats of the wifi about their received and sent packets
i really need some help hrhrhr , i got around 20 users on it and when 3 or 4 peoples are doing this things, others users got nothing from the bandwith,
Re: block most ports in the firewall ?
hey 
i try with firewall filter rules / drop forward /alltheip/ 17 udp dst port + src port 1025-65535
is it a good idea ??
plus i changed the simple queue with simple queue and multiple target, i made a bunch of groups under one parent
i think +25 simple queue was too much to handle, but most of it still isnt in the details inside simple queue
i try with firewall filter rules / drop forward /alltheip/ 17 udp dst port + src port 1025-65535
is it a good idea ??
plus i changed the simple queue with simple queue and multiple target, i made a bunch of groups under one parent
i think +25 simple queue was too much to handle, but most of it still isnt in the details inside simple queue
Re: block most ports in the firewall ?
btw i reset the mikrotik box and got some kind of update when i was setuping in automatic bridge
changed and deleted some stuffs and used this to start
https://wiki.mikrotik.com/wiki/TransparentTrafficShaper
now look better but some peoples are using app from their phones who s making the phone like a repeater and those stuffs were passing over the limit
changed and deleted some stuffs and used this to start
https://wiki.mikrotik.com/wiki/TransparentTrafficShaper
now look better but some peoples are using app from their phones who s making the phone like a repeater and those stuffs were passing over the limit
Re: block most ports in the firewall ?
you don't have to block all ports. do it in the other way. allow one port, then block everything. you will not have to specify the port numbers
for example
ip firewall filter add chain=forward protocol=tcp port=80 action=accept
ip firewall filter add chain=forward action=drop
first rule accepts something specific
second rule drops everything else. this is just an example, do not copy it. adjust to your needs.
for example
ip firewall filter add chain=forward protocol=tcp port=80 action=accept
ip firewall filter add chain=forward action=drop
first rule accepts something specific
second rule drops everything else. this is just an example, do not copy it. adjust to your needs.
Re: block most ports in the firewall ?
i understand what was the problem, a group of peoples were using ipv6 to pass over all the rules, rules were only for ipv4
now i drop all ipv6 and everything is under rules
now i drop all ipv6 and everything is under rules
Re: block most ports in the firewall ?
You Block All Accept Port 80 (browsing HTTP) 443 (HTTPS) and you can specify which website that are accepted and which is not by dropping them use also web proxy MT will Help you redirecting and blocking