Community discussions

MikroTik App
 
sohagfx
just joined
Topic Author
Posts: 1
Joined: Tue Aug 08, 2017 10:48 pm

Block Windows Update in Router Firewall (Mikrotik)

Sun Jun 27, 2021 12:22 pm

Connect to Mikrotik Router > IP > Firewall (or open TERMINAL)
THREE methods
ONE – Using RAW
SECOND – Using Firewall Filters
THIRD – Using REGEXP

RAW

/ip firewall raw
add action=drop chain=prerouting content=update.microsoft.com comment=”Blocking Windows Update”
add action=drop chain=prerouting content=download.microsoft.com
add action=drop chain=prerouting content=download.windowsupdate.com
add action=drop chain=prerouting content=windowsupdate.com
add action=drop chain=prerouting content=wustat.windows.com
add action=drop chain=prerouting content=ntservicepack.microsoft.com
add action=drop chain=prerouting content=stats.microsoft.com
add action=drop chain=prerouting content=wustat.windows.com
add action=drop chain=prerouting content=windowsupdate.microsoft.com

FILTERS

/ip firewall filter
add action=reject chain=forward comment=”block_WinUp” content=update.microsoft.com disabled=no reject-with=icmp-network-unreachable
add action=reject chain=forward comment=”block_WinUp” content=download.microsoft.com disabled=no reject-with=icmp-network-unreachable
add action=reject chain=forward comment=”block_WinUp” content=download.windowsupdate.com disabled=no reject-with=icmp-network-unreachable
add action=reject chain=forward comment=”block_WinUp” content=wustat.windows.com disabled=no reject-with=icmp-network-unreachable
add action=reject chain=forward comment=”block_WinUp” content=ntservicepack.microsoft.com disabled=no reject-with=icmp-network-unreachable
add action=reject chain=forward comment=”block_WinUp” content=stats.microsoft.com disabled=no reject-with=icmp-network-unreachable
add action=reject chain=forward comment=”block_WinUp” content=windowsupdate.com disabled=no reject-with=icmp-network-unreachable

REGEXP Layer 7

/ip firewall layer7-protocol
add name=”windows update ” regexp=”^.+(http://windowsupdate.microsoft.com|http://.windowsupdate.microsoft.\ com|https://.windowsupdate.microsoft.com|http://.update.microsoft.com|https://.update.microsoft.com|\
http://.windowsupdate.com|http://download.windowsupdate.com|http://download.microsoft.com|http://.dow\
nload.windowsupdate.com).*\$”

/ip firewall filter
add action=drop chain=forward comment=”windows update Drop” layer7-protocol=”windows update ” src-address=\
192.168.xxx.0/24
add action=drop chain=input dst-port=21-23 protocol=tcp

Who is online

Users browsing this forum: jookraw, robertkjonesjr, UkRainUa and 42 guests