need help....

temujin · January 26, 2017, 7:49am

i want to block facebook for some users on my network. I’m sorting those users by mac address and putting to new address list by firewall ‘add src to address list’ rule. And i’m using Layer7 protocol for blocking facebook.
;;; mactoip
chain=forward action=add-src-to-address-list address-list=Star
address-list-timeout=0s src-mac-address=00:50:56:93:06:D4 log=no
log-prefix=“”

chain=forward action=add-src-to-address-list address-list=Star
address-list-timeout=0s src-mac-address=00:50:56:93:0E:AD log=no
log-prefix=“”
chain=forward action=add-src-to-address-list address-list=Star
address-list-timeout=0s src-mac-address=00:50:56:93:1E:A8 log=no
log-prefix=“”
chain=forward action=drop layer7-protocol=Facebook src-address-list=Star
log=no log-prefix=“”

But this rules are not working. So that i need help ASAP. plz.

Jotne · January 26, 2017, 8:58am

Please change title from “need help” to some more informative.

raymondr15 · January 26, 2017, 10:23am

temujin:

i want to block facebook for some users on my network. I’m sorting those users by mac address and putting to new address list by firewall ‘add src to address list’ rule. And i’m using Layer7 protocol for blocking facebook.
;;; mactoip
chain=forward action=add-src-to-address-list address-list=Star
address-list-timeout=0s src-mac-address=00:50:56:93:06:D4 log=no
log-prefix=“”

chain=forward action=add-src-to-address-list address-list=Star
address-list-timeout=0s src-mac-address=00:50:56:93:0E:AD log=no
log-prefix=“”
chain=forward action=add-src-to-address-list address-list=Star
address-list-timeout=0s src-mac-address=00:50:56:93:1E:A8 log=no
log-prefix=“”
chain=forward action=drop layer7-protocol=Facebook src-address-list=Star
log=no log-prefix=“”

But this rules are not working. So that i need help ASAP. plz.

Use address-lists with facebook.com and then apply filters, don’t use layer7.

temujin · January 27, 2017, 2:52am

raymondr15:

temujin:

i want to block facebook for some users on my network. I’m sorting those users by mac address and putting to new address list by firewall ‘add src to address list’ rule. And i’m using Layer7 protocol for blocking facebook.
;;; mactoip
chain=forward action=add-src-to-address-list address-list=Star
address-list-timeout=0s src-mac-address=00:50:56:93:06:D4 log=no
log-prefix=“”

chain=forward action=add-src-to-address-list address-list=Star
address-list-timeout=0s src-mac-address=00:50:56:93:0E:AD log=no
log-prefix=“”
chain=forward action=add-src-to-address-list address-list=Star
address-list-timeout=0s src-mac-address=00:50:56:93:1E:A8 log=no
log-prefix=“”
chain=forward action=drop layer7-protocol=Facebook src-address-list=Star
log=no log-prefix=“”

But this rules are not working. So that i need help ASAP. plz.

Use address-lists with facebook.com and then apply filters, don’t use layer7.

Thank you, it’s working by address-lists with facebook.com.

raymondr15 · January 27, 2017, 2:13pm

temujin:

raymondr15:

temujin:

i want to block facebook for some users on my network. I’m sorting those users by mac address and putting to new address list by firewall ‘add src to address list’ rule. And i’m using Layer7 protocol for blocking facebook.
;;; mactoip
chain=forward action=add-src-to-address-list address-list=Star
address-list-timeout=0s src-mac-address=00:50:56:93:06:D4 log=no
log-prefix=“”

chain=forward action=add-src-to-address-list address-list=Star
address-list-timeout=0s src-mac-address=00:50:56:93:0E:AD log=no
log-prefix=“”
chain=forward action=add-src-to-address-list address-list=Star
address-list-timeout=0s src-mac-address=00:50:56:93:1E:A8 log=no
log-prefix=“”
chain=forward action=drop layer7-protocol=Facebook src-address-list=Star
log=no log-prefix=“”

But this rules are not working. So that i need help ASAP. plz.

Use address-lists with facebook.com and then apply filters, don’t use layer7.

Thank you, it’s working by address-lists with facebook.com.

No problem