Dear all,
I’ve a RouterOS v4.2 and I want to block client to use messenger.
I’ve blocked port 1863(tcp), 7001(udp) and 1893 (tcp&udp) in filter rules under forward chain.
I’ve read in some webpages and I’ve seen with packet sniffer that Messenger use also 80 and 443 ports.
with block rules enabled the clients still be connected to it.
There is a solution? Someone can help me?
thanks!
I would suggest using layer 7 if didn’t succeed using port dropping.
Dear Caci99,
thanks for your reply.
I’ve thought to use Layer7 but I don’t know how to understand if the connection is to a Messenger server.
Do you know the domain name (e.g. hotmail.com) used?
thanks.
hello..
I found this solution not the best one but somehow effective
/ip firewall filter add chain=forward action=drop src-address-list=30sec
/ip firewall filter add chain=chain=forward action=add-src-to-address-list protocol=tcp address-list=30sec address-list-timeout=30s dst-port=1863
This is the thing…i’ve worked with layer 7 but seems that it doesn’t recognize the traffic for the MSN regexp…so with this rules what you are doing is to add dinamically to users who try to connect to msn to a list, and block them for 30 seconds…that list is going to be blocked for all services…not just for msn..because if msn finds that port 1863 is closed it will just look for another port…so 30 seconds is more than enough to cut the msn connection but as I say…all the other services will be gone too for 30 sec
Thanks andrescamino! it’s working…