Scribd
Upload
3K views11 pages

How To Block Facebook in Mikrotik Using L7 Protocols (Layer 7) - Lazy Geek - )

The document describes how to block Facebook access on a local network using Mikrotik router's Layer 7 protocols. It involves two parts: first, blocking Facebook for all users; second, allowing access for a specific host while blocking others. For the first part, a regular expression is created to match Facebook and a filter rule blocks it. For the second part, a rule allows the specific host IP while the default rule still blocks Facebook for other IPs. The method is tested and shown to work for blocking both HTTP and HTTPS Facebook access.

Uploaded by

oscar_198810
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
3K views11 pages

How To Block Facebook in Mikrotik Using L7 Protocols (Layer 7) - Lazy Geek - )

The document describes how to block Facebook access on a local network using Mikrotik router's Layer 7 protocols. It involves two parts: first, blocking Facebook for all users; second, allowing access for a specific host while blocking others. For the first part, a regular expression is created to match Facebook and a filter rule blocks it. For the second part, a rule allows the specific host IP while the default rule still blocks Facebook for other IPs. The method is tested and shown to work for blocking both HTTP and HTTPS Facebook access.

Uploaded by

oscar_198810
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 11

16/07/13

How to block facebook in Mikrotik using L7 Protocols (Layer 7) | Lazy Geek -:)

Lazy Geek -:)

How to block facebook in Mikrotik using L7 Protocols (Layer 7)


In Some Scenarios , We May need to Block Facebook Social Website or some others In this tutorial, I will show you, how to achieve this goal using L7 (Layer7).

This tutorial consists of two parts: 1- Block facebook website for everyone on local network. 2- Allow facebook for specific host(s) and block for others on local network.

1- Block facebook website for everyone on local network.


First we check that Facebook is currently working on our local network or not?

rbgeek.wordpress.com/2012/05/29/how-to-block-facebook-in-mikrotik-using-l7-protocols-layer-7/

1/11

16/07/13

How to block facebook in Mikrotik using L7 Protocols (Layer 7) | Lazy Geek -:)

Check the IP address of our client?

We need to create new Regexp rule at Layer7 Protocols, in order to block the facebook for our local network. To achieve this goal, please follow these steps:

rbgeek.wordpress.com/2012/05/29/how-to-block-facebook-in-mikrotik-using-l7-protocols-layer-7/

2/11

16/07/13

How to block facebook in Mikrotik using L7 Protocols (Layer 7) | Lazy Geek -:)

^ . + ( f a c e b o o k . c o m ) . * $

Now, we need to create Filter Rule, using these steps:

rbgeek.wordpress.com/2012/05/29/how-to-block-facebook-in-mikrotik-using-l7-protocols-layer-7/

3/11

16/07/13

How to block facebook in Mikrotik using L7 Protocols (Layer 7) | Lazy Geek -:)

Now test the rule, that we just created:

rbgeek.wordpress.com/2012/05/29/how-to-block-facebook-in-mikrotik-using-l7-protocols-layer-7/

4/11

16/07/13
Try also on 2nd client (172.16.10.199/24):

How to block facebook in Mikrotik using L7 Protocols (Layer 7) | Lazy Geek -:)

Check that it only block facebook or other websites also?

rbgeek.wordpress.com/2012/05/29/how-to-block-facebook-in-mikrotik-using-l7-protocols-layer-7/

5/11

16/07/13

How to block facebook in Mikrotik using L7 Protocols (Layer 7) | Lazy Geek -:)

Oh yes, our rule is working perfectly

2- Allow facebook for specific host(s) and block for others on local network.
Now, we want to allow facebook for 2nd client (172.16.10.199/24) but still want to block it for other host(s).

To accomplish this goal, we need to create a second Filter rule, to do this, please follow these steps:

rbgeek.wordpress.com/2012/05/29/how-to-block-facebook-in-mikrotik-using-l7-protocols-layer-7/

6/11

16/07/13

How to block facebook in Mikrotik using L7 Protocols (Layer 7) | Lazy Geek -:)

Move this rule at the top:

rbgeek.wordpress.com/2012/05/29/how-to-block-facebook-in-mikrotik-using-l7-protocols-layer-7/

7/11

16/07/13

How to block facebook in Mikrotik using L7 Protocols (Layer 7) | Lazy Geek -:)

Test this rule on 2nd client (172.16.10.199/24):

Verify the rule on Mikrotik:

rbgeek.wordpress.com/2012/05/29/how-to-block-facebook-in-mikrotik-using-l7-protocols-layer-7/

8/11

16/07/13

How to block facebook in Mikrotik using L7 Protocols (Layer 7) | Lazy Geek -:)

Verify that, facebook is still blocked for other host(s) on the local network:

Verify the rule(s) on Mikrotik:

rbgeek.wordpress.com/2012/05/29/how-to-block-facebook-in-mikrotik-using-l7-protocols-layer-7/

9/11

16/07/13
Drop packets rate are incremented!

How to block facebook in Mikrotik using L7 Protocols (Layer 7) | Lazy Geek -:)

We can do the same for youtube or any other website! Hope this will help you! Please Remember me in your prayers! Enjoy Name (required)

Email (required)

Website

Comment (required)

Submit

Rate this: Share this: Like this: Twitter

2 Votes Facebook 5 LinkedIn 2 Print More

Like
One blogger likes this.

Mikrotik, Networking

block facebook in Mikrotik, facebook, L7 Protocols, Layer 7, mikrotik, mikrotik router

How to hard reset the Linksys Router!

OSPF routing between Ubuntu and CentOS using Quagga

10 Responses to How to block facebook in Mikrotik using L7 Protocols (Layer 7)


Vincenzo November 16, 2012 at 12:21 pm Good job. As easy as shoot a fish in a barrell. Can I link you to http://mymcsft.wordpress.com ? Bye Reply

mohamed February 24, 2013 at 11:32 am excllent

rbgeek.wordpress.com/2012/05/29/how-to-block-facebook-in-mikrotik-using-l7-protocols-layer-7/

10/11

16/07/13
Reply

How to block facebook in Mikrotik using L7 Protocols (Layer 7) | Lazy Geek -:)

Frank DZANGUE March 6, 2013 at 8:57 pm excellent but connection on facebook using https protocol is still working Reply Arbab March 6, 2013 at 11:26 pm I tried for both http and https and it worked for me very well Reply Frank DZANGUE March 7, 2013 at 4:12 am What is working Arbab? Be clearly

Andres Alvarado June 26, 2013 at 1:13 am No my friend its level 7 its application protocol Reply

Arbab March 7, 2013 at 5:38 am Mean, I was able to stop even https://facebook.com session using the same setting Reply Semih March 13, 2013 at 8:33 pm sorry but it is working only with http protocol. if you try it over mozilla it is coming with https idea ? Reply

( how will we resolve that problem ??? do you have an

Hengky June 13, 2013 at 8:49 am Yeah I also cant block https://facebook when using Mozilla Firefox, even after applying those L7 rule. Reply

Phillip June 28, 2013 at 1:18 pm This method works well for me both http & https. but when users already have cache on their browser to blocking website, they still can access the same. Are their anyway to solve this? Reply

Blog at WordPress.com. The zBench Theme.

Top

rbgeek.wordpress.com/2012/05/29/how-to-block-facebook-in-mikrotik-using-l7-protocols-layer-7/

11/11

You might also like