Hello I am using a MikroTik Router and I tried to do it with firewall but it blocks the whole internet to the client and when i put a filter rule for allowing one website for him its not working here is my rules:
For blocking whole webistes: ip—>firewall—> chain=forward–> Src.Address= 192.168.2.33—> Action=drop
For allowing one website
chain=forward–>src.address=192.168.2.33—>Layer7protocol=valuefrom layer7proto acction=allow
Please help me.
HI,
you can try this way:
*Create access list containing 2 website URL’s you want to allow.
ip firewall address-list
add address=xyz.com list=client_allowed
add address=zyx.com list=client_allowed
ip firewall filter
add action=accept chain=forward comment="" src-address=192.168.2.33 dst-address-list=client_allowed
add action=reject chain=forward comment="" src-address=192.168.2.33
If you do not have rule which will allow established and related connections before these rules, maybe it will not work. In that case create additional rule:
add action=accept chain=forward comment="" connection-state=established,related src-address=192.168.2.33
and put it above these 2 rules. You can use this rule as 1st in your whole forward chain ( if you do not have it), but just remove src-add in that case.