Block websites with Firewall Layer 7 pada Mikrotik

Starting from a desire (needs) to block certain sites at school, seperti facebook, youtube, and other social networking finally start my browsing and googling. After a few steps try these steps seem fairly effective.

Consider the steps as they are posted on the blog http://danahita.web.id following.

First thing to dlikakukan is to make the rule on the Firewall Lv 7. IP > Firewall > Layer 7 Protocols. Create a new filter with the name Block FB (Or up to you) Regexp give nya :

 

^. (facebook.com).*$

 

Blind to Youtube new filter with name BLOCK YOUTUB (Or up to you) and Regexpnya :

 

^. (youtube.com).*$

 

When finished it will look like the following picture :

Setting rule Firewall Lv 7

 

Setelah setting firewall Lv 7 Selanjutanya create new filter rules.

Menuju Filter Rules Tab

 

Add new filter with mengkil mark +

Pada Tab General pilih chain Forward, then the contents of the src. Address that will be on the block. In this case I will block the ip address 172.16.162.0/24. If you want to block all IP adi in your Mikrotik, Do not setting the src.address.

 

Next move to the Advanced tab, then choose Layer 7 Protocol that has been previously made. Such as the following gamba :

 

Blok FB

and the latter moved to the Action tab and select Drop. As follows.

Drop Action

 

 

Then OK, or you can also give Comment Filter Rules for this to be easily remembered. Youtube to block https same way as above ,you have to create a new filter only on Layer 7 Protocol select the filters that have been made previously to block youtube. As shown below :

Blok Youtube

 

After all the settings are trying to access facebook through the browser, then all users that are in the range ip 172.16.162.0/24 can not access FB.

 

But if you want only a few computers that can access FB or Youtube, you just simply create a new Filter Rules again , but we have to know the computer's IP that will be allowed access to FB. For example I would give it access to a computer with an IP 172.16.162.130 . Maka Filter rules nya :

 

FB gives access to IP 172.16.162.139

 

Then select the Advanced Tab Layer 7 protocol (Choose as you wish, What can access FB or Youtube) In this case I would allow the client to access FB.

Giving access Facebook

 

And the last on Action tab select Accept.

Action Accept

 

Then the client can access FB. If you want to give access to youtube you just need to make the filter again and choose Layer 7 Protocolnya.

Pin It

Leave a Reply

Your email address will not be published. Required fields are marked *