Hello,

For some filtering i need L7 filtering.. This filter should be triggerd on all webbrowser communication and i created the following L7 protocol: In combination with:
I would expect some log lines if i am browsing to a service where the traffic is forwarded by this RB.

What am i doing wrong?

Hello,

For some filtering i need L7 filtering.. This filter should be triggerd on all webbrowser communication and i created the following L7 protocol:

Code: Select all

/ip firewall layer7-protocol
add name=Webbrowser regexp="User-Agent: [Mm]ozilla"

In combination with:

Code: Select all

/ip firewall filter
add action=log chain=forward comment="Browser test" disabled=no dst-address=\
    192.168.10.10 layer7-protocol=Webbrowser log-prefix="Webbrowser (dest)"
add action=log chain=forward comment="Browser test" disabled=no \
    layer7-protocol=Webbrowser log-prefix="Webbrowser (source)" src-address=\
    192.168.10.10

I would expect some log lines if i am browsing to a service where the traffic is forwarded by this RB.

What am i doing wrong?

Do a wireshark cap and see if that expression is exactly coming through like that User-Agent: Mozilla and that it isn't perhaps slightly different.