N
N
NK2019-06-21 11:41:42
Mikrotik
NK, 2019-06-21 11:41:42

It is necessary to make sure that people who click on the address, say vk.com, get to another link or to ****.local or by ip. How to implement it?

It is necessary to make sure that people who click on the address, say vk.com, get to another link or to ****.local or by ip. How to implement it?

Answer the question

In order to leave comments, you need to log in

2 answer(s)
D
Diman89, 2019-06-21
@Diman89

Intercept DNS from users, wrap the right addresses on the right pages

V
Vladimir Zhurkin, 2019-06-22
@icCE

You have several tasks here.
1) you need to intercept DNS requests, this is at the 7th level of the OSI model
2) you need to issue a different DNS response.
Within mikrotik, to put it mildly, this is not very convenient to do, you can do it on other dns servers
dnsmasq, unbound (although it’s not very convenient there either) or bind, where you can send all requests through the construction view.
An example of dns interception and sending to another dns

/ip firewall layer7-protocol add name=mycompany.ru regexp=mycompany.ru
/ip firewall mangle add chain=prerouting dst-address=172.16.100.1 layer7-protocol=mycompany.ru action=mark-connection new-connection-mark= mycompany.ru-forward protocol=tcp dst-port=53
/ip firewall mangle add chain=prerouting dst-address=172.16.100.1 layer7-protocol=mycompany.ru action=mark-connection new-connection-mark=mycompany.ru- forward protocol=udp dst-port=53
/ip firewall nat add action=dst-nat chain=dstnat connection-mark=mycompany.ru-forward to-addresses=10.100.100.2
/ip firewall nat add action=masquerade chain=srcnat connection -mark=mycompany.ru-forward

You can leave the tick, but there will be more trouble, as it seems to me.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question