Community discussions

MikroTik App
  4. RouterOS
  5. Beginner Basics

Blocking stuff [Help needed]

Locked
 
Lebzul
Member Candidate
Member Candidate
Topic Author
Posts: 110
Joined: Wed Feb 21, 2018 12:54 am

Blocking stuff [Help needed]

Wed Apr 24, 2019 8:33 pm

Hi there,

I was trying and testing without success to block the webpage from my modem to a certain range of IPs except my devices.
Is that possible without L7 o marking?
Regards
Top
 
alejandro29
just joined
Posts: 8
Joined: Tue Apr 16, 2019 5:09 am

Re: Blocking stuff [Help needed]

Wed Apr 24, 2019 11:12 pm

You can create and account and use OpenDNS Home version for blocking specific or a group of web pages with the same purpose, such as group of web pages labeled as Video Sharing, News, Porn, etc.

I prefer this solution than making a bunch of L7 rules, because in my experience it makes the subnet conection slower to the internet.

You can exempt machines from getting blocked by making a NAT rule that redirects the machines you want (one rule for range of IPs, or several rules for each MAC) to a commonly use dns like 8.8.8.8 (google free DNS) and at the end place the rule that redirects the machines you like to block to the OpenDNS (208.67.222.222) .
Top
 
Lebzul
Member Candidate
Member Candidate
Topic Author
Posts: 110
Joined: Wed Feb 21, 2018 12:54 am

Re: Blocking stuff [Help needed]

Thu Apr 25, 2019 3:51 am

You can create and account and use OpenDNS Home version for blocking specific or a group of web pages with the same purpose, such as group of web pages labeled as Video Sharing, News, Porn, etc.

I prefer this solution than making a bunch of L7 rules, because in my experience it makes the subnet conection slower to the internet.

You can exempt machines from getting blocked by making a NAT rule that redirects the machines you want (one rule for range of IPs, or several rules for each MAC) to a commonly use dns like 8.8.8.8 (google free DNS) and at the end place the rule that redirects the machines you like to block to the OpenDNS (208.67.222.222) .
It's a good start. I do use DNS cache and web proxy so, how can I merge them in conjunction with OpenDNS through the Mk?
Top
 
Lebzul
Member Candidate
Member Candidate
Topic Author
Posts: 110
Joined: Wed Feb 21, 2018 12:54 am

Re: Blocking stuff [Help needed]

Sun Apr 28, 2019 2:40 am

Any other suggestions?
Top
 
td32
Member Candidate
Member Candidate
Posts: 112
Joined: Fri Nov 18, 2016 5:55 am

Re: Blocking stuff [Help needed]

Sun Apr 28, 2019 7:45 am

well you can block access to port 80 to the modem ip from all ips in your subnet and add an allow rule over the drop one only for the ips you want to access it
Top
 
Lebzul
Member Candidate
Member Candidate
Topic Author
Posts: 110
Joined: Wed Feb 21, 2018 12:54 am

Re: Blocking stuff [Help needed]

Mon Apr 29, 2019 2:24 pm

well you can block access to port 80 to the modem ip from all ips in your subnet and add an allow rule over the drop one only for the ips you want to access it
Thanks for the insight. Could you please give me an example based on the web (192.168.100.1)?
Top
Locked

Who is online

Users browsing this forum: No registered users and 10 guests
  4. RouterOS
  5. Beginner Basics