how to block website

oo0026 · March 12, 2009, 10:53pm

hi every body

i have RB 433AH
i wont to know how to block websites

thank you inadvance

QpoX · March 12, 2009, 11:26pm

You can block an URL by using the Proxyserver in RouterOS…
Or just block the IP’s of a website by using the firewall filter in RouterOS, and just drop trafic to that IP.

sanjeev · March 13, 2009, 6:15am

create addresslist of sites that you want to block.
now add dst-nat where dst-addresslist is the addresslist of the block sites and and in action choose dst-nat in, to address put 127.0.0.1

;;; dstnat unwanted sites
chain=dstnat action=dst-nat to-addresses=127.0.0.1 
dst-address-list=restricted sites

or you can also do that using the firewall filter in RouterOS as mentioned by QpoX
or you can also do via webproxy
hth

oo0026 · March 16, 2009, 10:31am

thank you for your replay friends
but i wont the proxy blocking
but could you kindly show me the steps with photo

Best Regards

taglio · March 16, 2009, 10:48am

[toor@extreme] /ip proxy access> export

mar/16/2009 11:44:07 by RouterOS 3.20

software id = 4H1M-LTT

/ip proxy access
add action=deny comment="" disabled=no dst-host=porn
add action=deny comment="" disabled=no dst-host=sex
add action=deny comment="" disabled=no dst-host=xxx
add action=deny comment="" disabled=no path=porn
add action=deny comment="" disabled=no dst-host=!badoo path=sex
add action=deny comment="" disabled=no path=xxx
[toor@extreme] /ip proxy access>

http://www.mikrotik.com/testdocs/ros/3.0/pnp/proxy_content.php#.4 --> here you have explanetion of the sintax.

Remember that you have to do setup of the webproxy. [and trasparent mode if you want]

dunga · November 8, 2011, 6:37pm

After blocking the porn, sex sites in web proxy as indicated, i want a situation where anyone dat visits the forbidden site or blocked sites, it will display a custom message to the person.

ERROR: Forbidden

While trying to retrieve the URL http://www.google.com/search?q=xxx&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a:

Access Denied.

Instead of displaying above, it will display like, please dont try such sits here, they will not open

fewi · November 8, 2011, 6:40pm

http://wiki.mikrotik.com/wiki/Manual:IP/Proxy#Access_List

redirect-to (string; Default: ) In case access is denied by this rule, the user shall be redirected to the URL specified here

dunga · November 10, 2011, 8:35am

Thanks fewi for your response,
are u saying that if i just put this string “please dont try such sites here, they will not open. Thanks” in the redirect-to , it will display it as I put it there.

I need at least a best option to achieve this. Fewi, You can pm at obinna4god@yahoo.com so that I can ask you some other things are relate to MT.

Thanks

fewi · November 10, 2011, 12:04pm

No. As the manual clearly states you put a URL there. A URL is the kind of thing you would type into your browser address bar.

So the steps are:

Procure web server
Make website that displays whatever you want it to
Figure out URL to get to that website you created
Drop URL into proxy configuration

dunga · November 10, 2011, 12:21pm

Thanks,
As sson as i get it will try to implement it

nmthaker · November 13, 2011, 2:09pm

Hi,

I want to block the Porn Sites and other Ports then 80 only for hotspot users, can any one suggest how it is possible?? The same user id and password sholuld require to work when they connect with PPPoE Dialer and allow all website also, suggest how can we impliment the same

Nishit

fewi · November 13, 2011, 2:12pm

Blocking lots of sites via the proxy is unfeasible.

Use OpenDNS for DNS, and set up the account to not permit adult sites.

Then destination NAT all Hotspot DNS traffic to OpenDNS, and let PPPoE users use ‘full view’ DNS servers so they have access to everything.

nmthaker · November 13, 2011, 2:28pm

Hi,

I created my open dns account and done require configuration, can you suggest how can i configure on Mikoritk.