Hey there!
When I want to block specific website in firewall, it'll block every website except the one i want to.
Using Routerboard hAP lite with WinBox 3.17 and RouterBOARD 941-2nD 6.42.6.
Re: Cannot block specific website
Hi,
to block a certain a site such as www.facebook.com, apply the command below from the new terminal:
ip firewall filter
add chain=forward action=reject reject-with=tcp-reset\
protocol=tcp content="host:www.facebook.com"
you can also use google for more steps.
to block a certain a site such as www.facebook.com, apply the command below from the new terminal:
ip firewall filter
add chain=forward action=reject reject-with=tcp-reset\
protocol=tcp content="host:www.facebook.com"
you can also use google for more steps.
Re: Cannot block specific website
How are you trying to block it?
You could use the TLS matcher in firewall to block it.
You could use the TLS matcher in firewall to block it.
Re: Cannot block specific website
Another way would be to create an address list, add there the domains you want to block and then create a drop filter rule using that address list as the destination.
I believe this is the less resource hungry solution. No need to open any packet to check anything (TLS or otherwise), and you are actually blocking the IPs those domains resolve to instead of the domain which can be altered using the hosts file.
I believe this is the less resource hungry solution. No need to open any packet to check anything (TLS or otherwise), and you are actually blocking the IPs those domains resolve to instead of the domain which can be altered using the hosts file.
Re: Cannot block specific website
another way use OpenDNS
Re: Cannot block specific website
Expanding on previous comment. Use static DNS entry and force DNS requests to your MikroTik.