Block DST IP and redirect to URL or local html file

Hello,

i want to block some webseites like facebook, youtube and such. To archive this, i redirect all dns request containing a keyword in the content to the mikrotik router. A scheduled script looks for keywords in the DNS cache and adds A record IP’s to an address list. This address list is used to block restricted sites for speciffic networks / users.

This works fine and can also block https connections sinze DNS requests are not encrypted (as far as i know )


But instad of just dropping the packets (and just let the browser to time out) it would be nice to also redirect the user to an error page. Maybe on the router itself, sinze hotspot is active.

Unfortunately i don’t realy get the proxy to to what i want

So, anybody can help me setting this up? It should redirect only prohibited (http and https) connections to an URL.

Instead of dropping the packets in the firewall filter rule, you should redirect them to the proxy first, same technique you’re using to capture DNS requests.

Default proxy port is 8080 AFAIK, check it on ip> Web Proxy

If an URL you want to redirect to is fqdn/path:

On the Web Proxy > Access button, you set rules !dst-host=fqdn Action=deny, Redirect to=fqdn/path

if hotspot is active you should be able to use an url belonging to it as the URL to be redirected.