Page 1 of 1
How Can I Show A Custom Message When Blocking Sites Using FireWall?
Posted: Sun Nov 13, 2016 5:13 pm
by SysAdminRafi
I am completely new in Mikrotik. I just want to ask nearly 5 questions. As you might feel annoyed so here I want to ask 2 questions. Hope you guys will help me to figure out these..
- I configured Proxy on Mikrotik. I can redirect HTTP websites through the proxy. I can block websites through Proxy too. But the problem is I can't block HTTPs websites like Facebook, Youtube etc. I know HTTPs might not be blocked by proxies. But I saw some articles over internet where I see some guys are saying it can be done through Mangle rules. I copied and pasted their rules. No one worked! So can anyone really give me any suggestion regarding this issue?
- Is there any way to show custom message like "Sorry you can't browse websites in office network" for firewall rules?
Thanks for your replies...
Re: How Can I Show A Custom Message When Blocking Sites Using FireWall?
Posted: Sun Nov 13, 2016 6:28 pm
by R1CH
This can only be done if you install root CAs onto each device to allow SSL MITM. I don't think Mikrotik has support for SSL MITM (for good reasons).
Re: How Can I Show A Custom Message When Blocking Sites Using FireWall?
Posted: Mon Nov 14, 2016 7:13 am
by SysAdminRafi
Ok then can anyone tell me what is the way to block HTTPs websites and downloading .mp3 files from these sites? I guess it can be done through L7. What is the regex in this case?
Re: How Can I Show A Custom Message When Blocking Sites Using FireWall?
Posted: Mon Nov 14, 2016 10:37 am
by janus20
Hi,
To block download of .mp3 files from any browser you could do:
/ip firewall filter
add action=drop chain=forward comment="block .mp3 download" content=.mp3 log=yes log-prefix=block-dwd-mp3
Regarding blocking HTTPS sites like youtube, facebook...
1. first create a rule on layer7 protocol which contains websites you want to block:
/ip firewall layer7-protocol
add name="block fb-youtube" regexp="^.+(facebook.com|youtube).*\$"
2. create a rule in filter chain to deny traffic to layer7 "list"
/ip firewall filter
add action=drop chain=forward comment="deny fb or youtube sites alike" layer7-protocol="block fb-youtube" log=yes log-prefix=deny-layer7-list
Hope it helps.
kind regards,
Re: How Can I Show A Custom Message When Blocking Sites Using FireWall?
Posted: Wed Nov 16, 2016 7:42 am
by SysAdminRafi
Hey Jesus, many thanks for your valuable reply. However can you please tell me how can I block all websites using L7? I guess I have to change only the regex for this issue. So what should be the regex for blocking all websites?
Well just curious to know what is this log - "log=yes log-prefix=deny-layer7-list".
Many thanks again..
Re: How Can I Show A Custom Message When Blocking Sites Using FireWall?
Posted: Thu Jun 13, 2024 6:56 pm
by globalmedia
Is it possible to identify in the logs what site was blocked?
Re: How Can I Show A Custom Message When Blocking Sites Using FireWall?
Posted: Fri Jun 14, 2024 8:56 am
by rplant
Hi,
You can try using sni
search for tls-host in the following
https://help.mikrotik.com/docs/display/ ... nd+Actions
Unfortunately, sni inspection is becoming unavailable with the advent of TLS 1.3, so is working less and less well.