Answer the question
In order to leave comments, you need to log in
E
E
etosparta2014-01-23 12:49:45
etosparta, 2014-01-23 12:49:45
Mikrotik RB750. How to block all sites except for the one you need?
Good time of the day!
There is a Mikrotik RB750. It is necessary to completely block users from accessing the Internet (websites, Skype, mail agents, torrents) EXCEPT for the Corporate website. He must work. Those. total blocking of the Internet, the user is allowed to have access to the company's website and nowhere else.
Knowledge is still initial on setting up such a router, I'm trying to figure it out!
Thanks in advance to everyone for the replies!
3 answer(s)
@Diman89
If for all users - make address-lists and specify src-address-list instead of src-address, if there is no IP-MAC binding - you can specify src-mac-address
@kodi
D
Diman89, 2014-01-23 @Diman89
ip firewall add chain=forward dst-address=!< IP нужного ресурса> src-address=<IP ограничиваемого юзера> action=dropIf for all users - make address-lists and specify src-address-list instead of src-address, if there is no IP-MAC binding - you can specify src-mac-address
K
kodi, 2014-01-23 @kodi
@etosparta Is the site outside or inside? The most banal and simplest solution is to allow only one site ip-address (+ tcp, port 80) to go to the firewall, if there are sites on the same ip (when using virtual web hosting), then it will be difficult for the user to calculate them. you can also set the content='host: domain_corporate_site.ru' parameter, then only the desired site will be available.
The second option is a proxy, but it is redundant for your case, IMHO.
Similar questions
M
M
Y
D
X
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question