If you want to block any website only on certain devices The devices manually assigned IP addresses outside the DHCP pool will be able to access the website. The rule will thus block the website on all devices which are dynamically or manually assigned IP addresses in the range 192.168.88.10-192.168.88.254. The MikroTik terminal command for adding the above rule is as follows: /ip firewall filter add chain=forward src-address="192.168.88.10-192.168.88.254" protocol=tcp content="facebook" action=reject reject-with=icmp-host-unreachable comment="Block Facebook" In order to block the website only for a certain IP range, say the DHCP pool range, we specify the IP range in the Src Address field in the General tab while adding the Block Website rule, as seen in the image below: The rule will thus block the website on all devices connected on the 192.168.88.0/24 network. The MikroTik terminal command for adding the above rule is as follows: /ip firewall filter add chain=forward src-address="192.168.88.0/24" protocol=tcp content="facebook" action=reject reject-with=icmp-host-unreachable comment="Block Facebook" Address field in the General tab while adding the Block Website rule, as seen in the image below: In order to block the website across only one network from among multiple networks created on MikroTik, we specify the network on which the website is to be blocked in the Src. If you want to block any website only on one particular network If there are multiple local networks created on the MikroTik router, the above rule created will block the website across all networks. This step is very important as filte rules work in top to bottom order and you need to make sure the rules are set accordingly. ĭrag this rule above the other essential firewall filter rules. The firewall rule as seen in the images above will be added instantly.
Copy and paste the above command in the terminal window and hit enter.
The MikroTik terminal command for adding the above rule is as follows: /ip firewall filter add chain=forward protocol=tcp content="facebook" action=reject reject-with=icmp-host-unreachable comment="Block Facebook" In the Action tab, Select Action as reject, then Select Reject With as icmp host unreachable.Ĭlick on Comment to add a label “Block Facebook” to the rule. In the Advanced tab, Enter ‘facebook’ in the content field Step 2: In the General tab, Select chain as forward, Select protocol as tcp.In order to block a website for e.g “Facebook” through a MikroTik, the steps are as follows:.
This method will try to match packets that contain the specified string in the URL, and then accordingly take an action on these packets as per what action is selected. This filter can be found in the ‘Advanced’ tab while adding new firewall filter rules.
In this method of “Web Filtering”, specific websites can be blocked on MikroTik using the Content Filter Rules. How to block websites through filter rules in Mikrotik
0 kommentar(er)
