Below I will share tutorial to block Facebook using Mikrotik Mikrotik L7 Protocol (Layer 7). Layer7 protocol is a method to search for patterns in the ICMP / TCP / UDP streams, or any other term regex pattern.
How it works is matching L7 (mathcer) 10 package first connection or connections 2KB first and look for patterns / pattern data corresponding to available. If this pattern is not found in the available data, no further checking matcher. And would be considered unknown connections. You have to consider that many connections will significantly increase memory usage on your router or PC RB. To avoid that add the regular firewall matchers (pattern) to reduce the amount of data that is sent to the layer-7 filters.
Layer7 matcher must see both directions of traffic (incoming and outgoing). To meet this requirement l7 rule must be set in the Forward chain. If a rule in the chain of input / prerouting then the same rules should be set also in the output chain / postrouting, if not then the data may be considered incomplete so the pattern / pattern to be false / fit.
Okay already know it on Layer 7 Protocol? We wrote it up. So the scenario that we will use is as shown below:
Okay already know it on Layer 7 Protocol? We wrote it up. So the scenario that we will use is as shown below:
This tutorial has two parts:
1. The Block facebook website for all those who connect to the local network.
First, we first check the Facebook site can be opened or not.
Check the IP address that the client should not open Facebook
Next, go to the Mikrotik Winbox, go to IP -> Firewall -> Layer 7 Protocols. Create new RegExp rule to block Facebook.
His step as shown below:
His step as shown below:
Give the name of the facebook rule, enter the following script regexp:
^.+(facebook.com).*$
Next, create a new Firewall Rule:
Chain: forward
Src Address: the network address of the client (172.16.10.0/24)
Chain: forward
Src Address: the network address of the client (172.16.10.0/24)
Login Advanced tab, select the Layer 7 Protocol "facebook"
Login Action tab, select Action drop.
Now try setting the test was successful or not.
Also check what these settings ngeblok sites besides facebook
Okay can, setings running smoothly gan :)
2. Creating facebook can only be opened by several users only.
Further Okay yes, this time we try to open one client connection can let go on facebook for a second client (172.16.10.199/24) but still block access to facebook for other clients.
Create filter rule keduadengan Src Address specific to its clients IP address instead of the address is 172.16.10.199 network (network address).
Do not forget his Action select accept.
Do not forget his Action select accept.
Pindah rule yang baru dibuat tadi ke paling atas ya.
Coba tes setingan ini pada client kedua (172.16.10.199/24):
Details on his rule there and the data packet passing.
Check also the other clients on the same network can be accessed whether or not facebook.
Take a look at his rule
Packets drop rate is rising it. This means that the settings we managed to block Facebook using Mikrotik Layer 7 Protocol.
We can also do the same thing to block youtube site, etc.. Please you try and apply themselves.
May be useful :)
We can also do the same thing to block youtube site, etc.. Please you try and apply themselves.
May be useful :)
0 komentar:
Posting Komentar