Community discussions

 
GeekNerd
newbie
Topic Author
Posts: 44
Joined: Tue Nov 10, 2015 9:37 pm

Firewall rules web filter

Fri Nov 13, 2015 3:31 pm

hi all
good day

as we installed new mikrotik routerboard 1100, in our company to secure DHCP server accoring to MAC address, this is ok and no problem with that.

we need to limit our users internet access by firewall filter rules for two groups

1- access only several websites 5 or 7 websites
2- access only outlook ports

any help please because as we make the rules and it not working!!
 
User avatar
pukkita
Trainer
Trainer
Posts: 2984
Joined: Wed Dec 04, 2013 11:09 am
Location: Spain

Re: Firewall rules web filter

Fri Nov 13, 2015 11:10 pm

Hint: use address lists...
Simplicity is the Ultimate Sophistication - Da Vinci
Getting the most out of this forum
 
GeekNerd
newbie
Topic Author
Posts: 44
Joined: Tue Nov 10, 2015 9:37 pm

Re: Firewall rules web filter

Sat Nov 14, 2015 7:12 am

Hint: use address lists...

Can you explain please?
 
User avatar
chechito
Forum Guru
Forum Guru
Posts: 1743
Joined: Sun Aug 24, 2014 3:14 am
Location: Bogota Colombia
Contact:

Re: Firewall rules web filter

Sat Nov 14, 2015 8:20 am

 
GeekNerd
newbie
Topic Author
Posts: 44
Joined: Tue Nov 10, 2015 9:37 pm

Re: Firewall rules web filter

Sat Nov 14, 2015 3:03 pm


These group users according to IP address

We need to group users accoring to MAC address
 
User avatar
chechito
Forum Guru
Forum Guru
Posts: 1743
Joined: Sun Aug 24, 2014 3:14 am
Location: Bogota Colombia
Contact:

Re: Firewall rules web filter

Sat Nov 14, 2015 3:18 pm


These group users according to IP address

We need to group users according to MAC address
fix ip addresses to mac using dhcp or arp static entries

then use that fixed ip in address lists
 
GeekNerd
newbie
Topic Author
Posts: 44
Joined: Tue Nov 10, 2015 9:37 pm

Re: Firewall rules web filter

Sun Nov 15, 2015 11:26 am

block website by web proxy or firewall filter rules???
 
GeekNerd
newbie
Topic Author
Posts: 44
Joined: Tue Nov 10, 2015 9:37 pm

Re: Firewall rules web filter

Sun Nov 15, 2015 12:02 pm



then use that fixed ip in address lists

with firewall rules or web proxy??
 
User avatar
pukkita
Trainer
Trainer
Posts: 2984
Joined: Wed Dec 04, 2013 11:09 am
Location: Spain

Re: Firewall rules web filter

Sun Nov 15, 2015 2:51 pm

Or force all DNS queries to go to your DNS, then create static entries with wildcards so that those websites resolve to 127.0.0.1 or to a local page explaining its forbidden...
Simplicity is the Ultimate Sophistication - Da Vinci
Getting the most out of this forum
 
GeekNerd
newbie
Topic Author
Posts: 44
Joined: Tue Nov 10, 2015 9:37 pm

Re: Firewall rules web filter

Mon Nov 16, 2015 12:10 am

Or force all DNS queries to go to your DNS, then create static entries with wildcards so that those websites resolve to 127.0.0.1 or to a local page explaining its forbidden...
Hi
Sorry for keep asking but i dont have a big experience with mikrotik


I tried to block all websites by firewall rule according to user MAC address .. it worked

But

When try to allow one website for the same user and keep blocking all other website with the above rule .. failed

Even i put the allow rule first and the drop rule second !!




It is really recommended to block all websites and allow several websites by rules .. because if we will block evey website by a single rule that is impossible.


And please let me know if that is possible with the web proxy .. deny all websites and redirect the request to a specific Url and allow several websites only?


Your support with examples is highly recommended

Who is online

Users browsing this forum: No registered users and 27 guests