MikroTik

Community discussions
https://forum.mikrotik.com/

Block Facebook & Youtube on Certain Ips - and it works

https://forum.mikrotik.com/viewtopic.php?t=80094

Page 1 of 1

Block Facebook & Youtube on Certain Ips - and it works

Posted: Thu Dec 19, 2013 5:22 pm
by akram
i'm sharing how i did block on facebook and youtube
here is how

1-add in firewall Layer7
ip firewall layer7-protocol add name=Blockface&youtube regexp=^.+(facebook.com|youtube).*$

2-add in address list the allow list
ip firewall address-list add address=192.168.1.5 list=allow_face_youtube

3-add in address list the Block list
ip firewall address-list add address=192.168.1.112 list=block_face_youtube

4-mark packet in mangle for allow list
ip firewall mangle add chain=forward src-address-list=allow_face_youtube action=mark-packet new-packet-mark=allow_fb_youtube_mark passthrough=no

5-mark packet in mangel for block list
ip firewall mangle add chain=forward src-address-list=block_face_youtube action=mark-packet new-packet-mark=block_fb_youtube_mark passthrough=no

6-firewall drop in port 80
ip firewall filter add chain=forward protocol=tcp port=80 packet-mark=mark-packet new-packet-mark=block_fb_youtube_mark action=drop


7-firewall drop in port 443
ip firewall filter add chain=forward protocol=tcp port=443 packet-mark=mark-packet new-packet-mark=block_fb_youtube_mark action=drop

and it works perfect for me

Re: Block Facebook & Youtube on Certain Ips - and it works

Posted: Fri Dec 27, 2013 4:57 am
by c0d3rSh3ll
thank for the regexp, it work ¡¡

Re: Block Facebook & Youtube on Certain Ips - and it works

Posted: Wed Jan 15, 2014 2:46 pm
by dally1336
this doesnt work, it keeps telling me commands 1,6 and 7 are wrong

Re: Block Facebook & Youtube on Certain Ips - and it works

Posted: Thu Jan 23, 2014 3:33 pm
by normis
be aware that pasting these rules will not work. this regext must be pasted in winbox, console will not understand it. just make the l7 rule in winbox with this regex:

ros code

^.+(facebook.com|youtube).*$

Re: Block Facebook & Youtube on Certain Ips - and it works

Posted: Thu Jan 23, 2014 3:38 pm
by mrz
To add these regexps in console they need to be quoted and all special characters need to be escaped.

For example to add regexp aaa$

you ned to write:
/ip firewall regex add name=example regexp="aa\$"


List of escape characters are listed here
http://wiki.mikrotik.com/wiki/Manual:Sc ... _Sequences

Re: Block Facebook & Youtube on Certain Ips - and it works

Posted: Fri Jan 24, 2014 6:01 pm
by mahnet
I guess there r some errors in line 6 & 7

1. port type not mentioned

2. error in command

6-firewall drop in port 80
ip firewall filter add chain=forward protocol=tcp port=80 packet-mark=mark-packet new-packet-mark=block_fb_youtube_mark action=drop

7-firewall drop in port 443
ip firewall filter add chain=forward protocol=tcp port=443 packet-mark=mark-packet new-packet-mark=block_fb_youtube_mark action=drop

skipping this blocks each site for me
All times are UTC+02:00
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/