Block Facebook with Mikrotik of Certain Computer

Facebook is a social networking site for the current favorites. This makes everyone almost always open the site every time they connect to the internet. This becomes a problem when the access to this site or concentration interfere with the performance of work or study in school.

Blocking methods using web-proxy on Mikrotik has a weakness, all connected computers can not access the blocked sites. So there is no sorting computer.

Another method is to use a script to block websites. However, the same drawbacks occur. With these two methods was successfully blocked, however some websites (such as cpanel forums and other websites that contain content Facebook) participate blocked. Having tried applying the rule block access to Facebook with layer7, results are in line with expectations. Successfully blocked access to Facebook, but do not take affect another website.

Well, beberpa times after googling and I found also an effective way lebh. The measures obtained from the site The following is more effective to block facebook, but allow only certain computers can access it.

1. Login to your Mikrotik Winbox.

2. Add Exception. Exception added if there is one computer's IP personnel should still be access to Facebook after the experiment is done.

  • IP >> FIREWALL >> Address List
  • Click the + (Add)

3. Adding the rule up in the list of Layer 7 (L7)

  • IP > FIREWALL > Layer7 Protocols
  • Click the + (Add), add as in the picture below. Then click OK

4. Setting Mangle. Mangle access to the grouping function to to be included to rule illegal-url-connection.

  • IP > FIREWALL > Mangle
  • Add mangle the first, klik button + (Add)
  • In the General menu > Chain: pilih Forward
  • In the Advanced menu > Layer7 Protocol: pilih www.face (appropriate that we fill in layer7)
  • On the Action menu > pilih mark connection, kemudian new mark connection isikan: mark-ilegal-connection. Details as shown below:

  • If it is, Clicks Apply
  • Add mangle a second to click the + (Add)
  • Pada General > Chain: pilih forward. Connection mark: pilih mark-ilegal-connection
  • On the Action menu: select the packet mark, fill with new packet mark: facebook-packet. Details as shown below:

  • The result of this step is setting up Mangle:

5. Setting Filter Rule to make incoming packet filtering rules.

  • Please add the filter rule, click the + (Add).
  • In the General menu > Chain : pilih forward, Packet Mark: pilih facebook-packet (according to the contents of the new packet mark in mangle)
  • On the Action menu > Action: select jump, jump target boxed : ilegal url. Details are as in the picture below:

  • Please add a filter rule to drop, click the + (Add)
  • In the General menu > Chain: select illegal-url
  • In the Advanced menu > dan source destination address list centang tanda seru dan Pilih exception (marked that it is not subject to the exception list drop action)
  • On the Action menu > Action: pilih drop. The details are as shown below:

  • The result of this step is setting up:

6. Done, good luck

Pin It

Leave a Reply

Your email address will not be published. Required fields are marked *