How to Block Any Website Address/URL With MikroTik Filter Rule

How to Block Any Website Address/URL With MikroTik Filter Rule.

Block Website With MikroTik. You can use a MikroTik to block website addresses so that they cannot be accessed by Internet users on the network. A network admin must know this method in order to secure all users from unwanted web pages. Or just block certain web addresses, such as Facebook, YouTube, or other things that children do not deserve to access it. MikroTik is a powerful tool for managing networks today, so you don't have to bother doing anything else. The way it works is very simple. Basically, MikroTik will disconnect when the blocked page is accessed by the client on the network. you only make a few settings on the MikroTik Firewall.
How MikroTik Firewall Blocks URL on the networks? The Mikrotik Firewall block the website address using filter rule. There are two-parts of Mikrotik rule. 
  • Conditional part. 
    • In this section will take various conditional properties, such as Source Address, Protocol type, Chain value, Source Port, Destination Address, Layer7 Protocol value, Destination Port, etc. to match conditions.
  • Action.
    • It will take only drop action to block any website.
MikroTik firewall will drop the Internet connections if a filter rule matched. So, all the client connected to the network cannot access and open the web address. 

How to Block Facebook or Youtube Website Via MikroTik?

This is just an example, you can apply to other website addresses other than those mentioned above. See the following steps carefully.

First Step. Creating Layer 7 Protocol From Firewall.

Before you create a Filter Rule, you need to create Layer7 Protocol with Regex because this Layer7 Protocol will be used by Filter Rule to match any keyword in URL. Now, see the following step to create Layer7 Protocol with Regex.
  1. Open the Winbox to remote MikroTik and Login with your Login credential.
    Winbox Login
    Winbox Login
  2. Then Go to IP menu > Firewall and then click on Layer7 Protocols.
    IP Firewall Mikrotik
    IP Firewall Mikrotik
  3. Now, Click on Plus Sign (+) to create a new Layer7 Protocol with Regex. This will open a new firewall layer 7 protocol.
  4. Now, put a meaningful name such as Youtube in a Name input box.
  5. Now put  www.youtube.com or ^.+(youtube.com).*$ Regex in Regexp text area input field if you want to block Facebook. If you are interested to know Perl Regex,
  6. Then, Now click Apply and OK

Second Step. Creating Filter Rule to Block the Website.

  1. Now click on Filter Rules tab under Firewall Window.
  2. Then click on Plus Sign  (+) to create a new Filter Rule. 
  3. It will open the Firewall Rule window. 
  4. In General tab, choose forward from Chain drop-down menu. 
    tab general firewall filter rule
    tab general firewall filter rule
  5. We are keeping untouched both Src. Address and Dst. Address because we want to block all client.
  6. If you want to block for a specific user, put their IP address in Src. Address input box 
  7. If you want to block for an IP block, put that IP block in the Src. Address input box. 
  8. Now, click on the Protocol drop-down menu and choose 6 (TCP) 
  9. Then. Put port 80,443 in Port input box. (Value should be comma separated).
  10. Click on Advanced tab and then choose the Layer7 Protocol that you created before from Layer7 Protocol drop-down menu. 
    tab advanced filter rule
    tab advanced filter rule
  11. Then, click on the Action tab and choose drop from the Action drop-down menu. Click Apply and OK
    action tab drop
    action tab drop
Video Guide.

0 Response to "How to Block Any Website Address/URL With MikroTik Filter Rule"

Post a Comment

Iklan Atas Artikel

Iklan Tengah Artikel 1

Iklan Tengah Artikel 2

Iklan Bawah Artikel