1.Ireally dont understand regex in walled garden.
2.How it knows to allow some https if https url is encrypted? on dst host?
I won’t claim to understand it, but certificate is not encrypted so common name/alt name can be read from it.
You’re right, but mikrotik uses the DNS cache and frees everything going to a particular IP regardless of the requested hostname.
I’m facing problem with this here, my provider has a google cache.
The google cache is a unique server a single IP that responds to all requests to google. I wanted to release only the google api, but everything from google was released.
Please someone help me to disable this, using a regular expression to release the https connection using the SNI extension would be a lot more useful to me.