That is 100% not true There are tons of nice projects hosted on .io domains. Javascript frameworks, hacking communities and many nice things unrelated to games.Nobody uses io domains for anything other than games.
/ip dns static
add address=127.0.0.1 regexp=".*\\.io\$"
add address=::1 regexp=".*\\.io\$"
Nobody in network where this MT is Only sister of my gf want to play .io. Her father told me to block this, thats allThat is 100% not true There are tons of nice projects hosted on .io domains. Javascript frameworks, hacking communities and many nice things unrelated to games.Nobody uses io domains for anything other than games.
Thanks you, I will try this later.You can add a regexp dns entry to redirect all .io domains to localhost (or any invalid ip address as you like):Code: Select all/ip dns static add address=127.0.0.1 regexp=".*\\.io\$"
/ip firewall layer7-protocol
add comment=name=\
dns_io regexp="^.\?.\?.\?.\?[\\x01\\x02].\?.\?.\?.\?.\?.\?[\\x01-\?][a-z0\
-9_][\\x01-\?a-z_]*[\\x02-\\x06](io)[\\x01-\\x10\\x1c][\\x\
01\\x03\\x04\\xFF]"
/ip firewall filter
add action=reject chain=output \
dst-port=53 layer7-protocol=dns_io protocol=udp reject-with=\
icmp-admin-prohibited
add action=reject chain=forward \
dst-port=53 layer7-protocol=dns_io protocol=udp reject-with=\
icmp-admin-prohibited
To make this works even better, make a rule that redirect all DNS to your server, so it will not help if user changes their DNS.Code: Select all/ip dns static add address=127.0.0.1 regexp=".*\\.io\$" add address=::1 regexp=".*\\.io\$"
/ip firewall nat add chain=dstnat action=redirect to-ports=53 protocol=udp dst-port=53
At least tell the people in that family that they should not be surprised when other websites suddenly do not work anymore due to your solution. And that they can contact you again to solve it.@normisNobody in network where this MT is Only sister of my gf want to play .io. Her father told me to block this, thats allThat is 100% not true There are tons of nice projects hosted on .io domains. Javascript frameworks, hacking communities and many nice things unrelated to games.Nobody uses io domains for anything other than games.
Fixed. Thanks.However, your script is syntactically incorrect and results in a full reject on both chains due to missing line continuation marks. Please review or remove to prevent other user's from simply copying and pasting malfunctioning code.
I know that, its only temporary solutions, for 1-2 days. It's a Jail for younger kidAt least tell the people in that family that they should not be surprised when other websites suddenly do not work anymore due to your solution. And that they can contact you again to solve it.@normisNobody in network where this MT is Only sister of my gf want to play .io. Her father told me to block this, thats allThat is 100% not true There are tons of nice projects hosted on .io domains. Javascript frameworks, hacking communities and many nice things unrelated to games.Nobody uses io domains for anything other than games.
Remember when you visit a website like forum.mikrotik.com you enter that URL in the top bar but the website itself can use many other components from other sites that you do not see. There can be .io domain names in there, and you will block them, so the site misses part of its components.
But of course it was the same on your Asus router. Doing such blocks looks nice at first sight but it will cause problems, and you have to be lucky to not notice them.