Community discussions

MikroTik App
  4. RouterOS
  5. Beginner Basics

Allow Limit Sites to Selected Ips

Locked
 
speedzonenetwork
Member Candidate
Member Candidate
Topic Author
Posts: 110
Joined: Mon Aug 03, 2009 8:14 pm

Allow Limit Sites to Selected Ips

Wed Aug 19, 2009 3:11 pm

How Can I Allow Limited Sites To Selected Ips.

Like I Want to Allow Just Google.com to LAN Users 192.168.5.6-192.168.5.10
Top
 
fewi
Forum Guru
Forum Guru
Posts: 7717
Joined: Tue Aug 11, 2009 3:19 am

Re: Allow Limit Sites to Selected Ips

Wed Aug 19, 2009 11:33 pm

Create two address lists, one populated with the local hosts that have their traffic limited, one with the IPs those hosts are allowed to pass traffic to. Then drop all traffic from the first address list not targeted at the second.

This example:
Code: Select all
[admin@testbox] > /ip firewall address-list add list=limited-machines-local address=192.168.5.6
[admin@testbox] > /ip firewall address-list add list=limited-machines-local address=192.168.5.7
[admin@testbox] > /ip firewall address-list add list=limited-machines-allowed-targets address=10.1.0.1
[admin@testbox] > /ip firewall filter add chain=forward action=drop src-address-list=limited-machines-local dst-address-list=!limited-machines-allowed-targets
would drop all traffic from 192.168.5.6 and 192.168.5.7 to any destination other than 10.1.0.1.

It's cheaper and easier to filter by IP destinations than to use layer 7 inspections.

HTH,
Felix
Top
 
speedzonenetwork
Member Candidate
Member Candidate
Topic Author
Posts: 110
Joined: Mon Aug 03, 2009 8:14 pm

Re: Allow Limit Sites to Selected Ips

Thu Aug 20, 2009 12:45 pm

May i have these tips in Winbox Interface.
Top
Locked

Who is online

Users browsing this forum: Bing [Bot], unhuzpt and 96 guests
  4. RouterOS
  5. Beginner Basics