Wed Jan 27, 2010 7:46 am
Never tried this before, but this works. My laptop has been trying to connect for 5 minutes now and wont.
/ip firewall mangle
add action=mark-connection chain=prerouting comment="" content="Nebo Group" disabled=no new-connection-mark=hssconn passthrough=yes
add action=mark-packet chain=prerouting comment="" connection-mark=hssconn disabled=no new-packet-mark=hsspack passthrough=yes
/ip firewall filter
add action=drop chain=forward comment="" disabled=no packet-mark=hsspack
It seems that every one of the sites has a certificate by Nebo Group. Might be able to do it better with l7, but Id have to look into it more. You could probably make the content more specific, but I dont have time.