Blocking website in Bridge Mode

I have installed my router and create a bridge which has ether1 and ether2 (going to my laptop). I am doing this mainly to keep the laptop on the same subnet as the main router.
The cable coming to ether1 is from another another router that has DHCP enabled and is a fully working router.

I created a layer7 rule and used the following regex to block facebook and youtube ^.+(facebook.com|youtube).*$

Whenever I apply drop on this rule on the forward chain. I can still visit the facebook and youtube sites.

However, if I create a new subnet for ether one, the sites get blocked and the drop works.

Why is this happening?

Have you ticked Bridge > [Settings] Use IP Firewall ?

Traffic flowing through the bridge won’t pass through the firewall unless that’s enabled.

pukkita, that did the trick.

Thanks a lot, appreciate it !

We strongly suggest to avoid L7 rules where possible. You can use such rules instead:
/ip firewall address-list
add name=block address=www.youtube.com
add name=block address=www.facebook.com
/ip firewall filter
add chain=forward connection-state=new dst-address-list=block action=drop

Are there any other layer7 scripts (regexp) code for blocking
Skype ore other websites?
I mean like this one
/ip firewall layer7-protocol
add name=facebook regexp=“^..+\.(facebook.com|facebook.net|fbcdn.com|fbsbx.com|fbcdn.net|fb.com|tfbnw.net).*$”

Anyone, that can say what the layer7 code is for block skype?

That is probably changing every now an then… another approach would be importing an Address list with IPs from Skype (AS198015): 91.190.216.0/23 though that will prevent also from accessing Skype website, etc.