Very efficient mana on lanmart.ru: http://www.lanmart.ru/blogs/mikrotik-rb2011l-in_kommutator_ili_router/
You have a more specific setting.
I recommend setting up from scratch (i.e., resetting the configuration) and via winbox (downloaded from a router or Mikrotik website), when choosing a router in winbox, click on the MAC address, not on the IP.
First make a bridge on 1-5eth, after dhcp server, be careful about DNS addresses, because Mikrotik itself should act as a DNS server for your DHCP clients. After that, configure 10eth under pppoe (here I misunderstood whether Mikrotik will be a client or should it forward DHCP clients to the PPPoE server through itself?). Next, check whether the Internet is wound up and proceed with further configuration.
About 2 providers it is written on Habré -http://habrahabr.ru/post/186284/ and in Mikrotik mana - http://wiki.mikrotik.com/wiki/PCC#Application_Example_-_Load_Balancing .
How to block social networks can be found here - http://wiki.mikrotik.com/wiki/How_To_Block_Facebook
VPN server: http://mikrotik.biz.ua/full_doc/45/
Well, SMS: http://wiki.mikrotik. com/wiki/Manual:Tools/Sms

WiKi is here . But it’s better to pay a professional, it’s not right to train in production.

in general, your configuration is standard and there are manuals for all tasks on the Internet.
But as noted here, if you first encountered Mikrotik, then understanding its logic and setting everything up correctly the first time will not be an easy task, so it’s better to invite someone who sees it not for the first time)
To set it up, it’s not necessary for a specialist to see and feel the piece of iron with his hands) therefore the city doesn't matter.
ps And what for you connect a lokalka to five ports?
in essence of your question: you need to raise the server and release to the Internet only the subnet (192.168.2.0/24) of the server (192.168. 1.1). (addresses for example)

The most interesting thing will be with cutting off social networks.
A more or less working solution is OpenDNS, but you will have to think about how to combine it with a backup channel.
Above they gave a link to SMS, this will only work if a 3g modem is plugged in.
Normally, this is solved by sending letters from Mikrotik to the aggregator's account address like sms.ru, and he is already sending SMS.
Reserving a channel without scripts, using standard tools, is done like this: https://vk.com/note174339_12645245
Problems are only with sip registrations, but they can be blocked with a script, if you really need it.