Answer the question
In order to leave comments, you need to log in
How to block everything on Mikrotik but leave access to certain sites / domains?
The bottom line is, you need to block the ENTIRE Internet (http, https) for a certain subnet, but leave access only to certain sites and domains.
I tried this:
chain=forward action=accept protocol=tcp src-address=192.168.1.0/24 content=ya.ru log=no log-prefix=""
chain=forward action=reject reject-with=tcp-reset protocol= tcp src-address=192.168.1.0/24 dst-port=80 log=no log-prefix=""
These rules don't work. Everything is blocked, it is impossible to go to ya.ru.
I tried the same through Layer7, it still doesn't work.
The Internet says that you need to try through a proxy, but https will still pass.
In which direction do you need to dig or what do you need to read?
Answer the question
In order to leave comments, you need to log in
The easiest way is to filter all the same by ip-addresses. Make a list of ip-addresses or subnets where allowed sites are located and block packets on port 80 that are not sent to these addresses.
for now, I’m spinning the following idea in my head: mikrotik + openwrt via MetaROUTERs , we put 3proxy on openwrt itself , it has support for HTTP, HTTPS , SOCKS, POP3, SMTP protocols ;, and let traffic through it :)
this is just an idea in my head :)
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question