Answer the question
In order to leave comments, you need to log in
N
N
NK2019-06-21 11:41:42
NK, 2019-06-21 11:41:42
It is necessary to make sure that people who click on the address, say vk.com, get to another link or to ****.local or by ip. How to implement it?
It is necessary to make sure that people who click on the address, say vk.com, get to another link or to ****.local or by ip. How to implement it?
2 answer(s)
@icCE
You can leave the tick, but there will be more trouble, as it seems to me.
V
Vladimir Zhurkin, 2019-06-22 @icCE
You have several tasks here.
1) you need to intercept DNS requests, this is at the 7th level of the OSI model
2) you need to issue a different DNS response.
Within mikrotik, to put it mildly, this is not very convenient to do, you can do it on other dns servers
dnsmasq, unbound (although it’s not very convenient there either) or bind, where you can send all requests through the construction view.
An example of dns interception and sending to another dns
/ip firewall layer7-protocol add name=mycompany.ru regexp=mycompany.ru
/ip firewall mangle add chain=prerouting dst-address=172.16.100.1 layer7-protocol=mycompany.ru action=mark-connection new-connection-mark= mycompany.ru-forward protocol=tcp dst-port=53
/ip firewall mangle add chain=prerouting dst-address=172.16.100.1 layer7-protocol=mycompany.ru action=mark-connection new-connection-mark=mycompany.ru- forward protocol=udp dst-port=53
/ip firewall nat add action=dst-nat chain=dstnat connection-mark=mycompany.ru-forward to-addresses=10.100.100.2
/ip firewall nat add action=masquerade chain=srcnat connection -mark=mycompany.ru-forward
You can leave the tick, but there will be more trouble, as it seems to me.
Similar questions
A
L
T
TosterQuestion2021-02-05 15:15:37
How to access a Mikrotik router with a gray IP via the Internet?
3Reply
D
R
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question