Community discussions

 
User avatar
GeekPatrolMiller
newbie
Topic Author
Posts: 44
Joined: Sun Dec 07, 2008 3:47 pm
Location: Dallas, TX, USA
Contact:

Block All Traffic Except ...

Sun Dec 07, 2008 4:05 pm

This router is being used to lock down a public computer and to only allow access to a small hand full of sites.

I have this working through firewall rules and address list allowing but I have one site which seems to have a single front end IP address and a bunch of dynamic IP addresses it has its site pulling from. These addresses seem to change from day to day and appear from very different networks. It is almost like the ISP is just randomly rotating the IP Addresses daily. I am having to log on to the device and review the drop logs and can easily find where the main site was accessed and the additional IP addresses that were dropped. I add these in to my allow list and it is all good for another 24-48 hours.

As you can imagine, I have roughly 25 IP addresses in the allow list for the past 30 days with no end in sight. I have contacted the company and they do not know or will not tell me all of the IP addresses to provide access to so I am stuck. I would love it if I could make this work through the MT device itself as I have 20 of these sites to build for and growing, if I can make it work.

Is there a way to dynamically listen for the single common IP or URL and then allow any addresses that get requested for say, the next minute? I am just hoping someone has had this issue before and can assist.

Thanks,
-greg
 
User avatar
jwcn
Forum Guru
Forum Guru
Posts: 1501
Joined: Sun Aug 27, 2006 6:49 am
Location: Maryland, USA
Contact:

Re: Block All Traffic Except ...

Sun Dec 07, 2008 5:16 pm

You can use web proxy to do exactly this.
 
User avatar
GeekPatrolMiller
newbie
Topic Author
Posts: 44
Joined: Sun Dec 07, 2008 3:47 pm
Location: Dallas, TX, USA
Contact:

Re: Block All Traffic Except ...

Mon Dec 08, 2008 3:47 am

Can you suggest any good walk-through on this. I have been away from the office all day today and had been reading and exploring the web-proxy on a test router.

The articles I am finding are of a previous version of OS. I have 3.17 loaded on both my production and test boxes.

Thanks,
-greg
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 24267
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Re: Block All Traffic Except ...

Mon Dec 08, 2008 9:20 am

the version doesn't matter that much, the basics are the same. just force all your customers to use the proxy (transparent proxy, they won't know they are being proxied). then make entries in the "access list". first make entries for allowed domains, then make a drop rule at the end, to deny others.

so read this:
http://www.mikrotik.com/testdocs/ros/3.0/pnp/proxy.php

about transparent mode and access list
No answer to your question? How to write posts
 
Dmaan
just joined
Posts: 8
Joined: Mon Mar 30, 2009 3:23 pm

Re: Block All Traffic Except ...

Tue Mar 31, 2009 4:31 pm

the version doesn't matter that much, the basics are the same. just force all your customers to use the proxy (transparent proxy, they won't know they are being proxied). then make entries in the "access list". first make entries for allowed domains, then make a drop rule at the end, to deny others.

so read this:
http://www.mikrotik.com/testdocs/ros/3.0/pnp/proxy.php

about transparent mode and access list

Incase I dont want to use proxy then there is any other way.

please help
 
User avatar
taglio
Frequent Visitor
Frequent Visitor
Posts: 97
Joined: Wed Nov 12, 2008 4:55 pm
Location: 34T, Barcelona, Spain

Re: Block All Traffic Except ...

Tue Mar 31, 2009 5:20 pm

There's a way that produce some false positive.

You can use the "content" option in the firewall rule.

Imagine that the url of the site is: www.mikrotik.com.

You can authorize traffic to this site with this simple rule:
/ip firewall filter
add action=accept chain=forward comment="" content=mikrotik.com dst-port=80 disabled=no
.mhavoc world

Who is online

Users browsing this forum: No registered users and 37 guests