How do I block ports, and websites
I have a 750 rb
Ether 1 = isp
ether 2 = lan 192.168.1.0/24
standard gateway 192.168.0.1
settings
ip address print detail
Flags: X - disabled, I - invalid, D - dynamic
0 D address=192.168.0.3/24 network=192.168.0.0 interface=ether1
actual-interface=ether1
1 address=192.168.1.10/24 network=192.168.1.0 interface=ether2
actual-interface=ether2
[admin@MikroTik] > ip route print detail
Flags: X - disabled, A - active, D - dynamic,
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
0 ADS dst-address=0.0.0.0/0 gateway=192.168.0.1
gateway-status=192.168.0.1 reachable ether1 distance=0 scope=30
target-scope=10 vrf-interface=ether1
1 ADC dst-address=192.168.0.0/24 pref-src=192.168.0.3 gateway=ether1
gateway-status=ether1 reachable distance=0 scope=10
2 ADC dst-address=192.168.1.0/24 pref-src=192.168.1.10 gateway=ether2
gateway-status=ether2 reachable distance=0 scope=10
[admin@MikroTik] > interface print
Flags: D - dynamic, X - disabled, R - running, S - slave
# NAME TYPE MTU L2MTU MAX-L2MTU
0 R ether1 ether 1500 1526
1 R ether2 ether 1500 1524 1524
2 ether3 ether 1500 1524 1524
3 ether4 ether 1500 1524 1524
4 ether5 ether 1500 1524 1524
[admin@MikroTik] > ip firewall export
# jan/02/1970 06:40:54 by RouterOS 5.5
# software id = 5BDA-Q24F
#
/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s \
tcp-close-wait-timeout=10s tcp-established-timeout=1d tcp-fin-wait-timeout=\
10s tcp-last-ack-timeout=10s tcp-syn-received-timeout=5s \
tcp-syn-sent-timeout=5s tcp-syncookie=no tcp-time-wait-timeout=10s \
udp-stream-timeout=3m udp-timeout=10s
/ip firewall nat
add action=masquerade chain=srcnat disabled=no out-interface=ether1
/ip firewall service-port
set ftp disabled=no ports=21
set tftp disabled=no ports=69
set irc disabled=no ports=6667
set h323 disabled=no
set sip disabled=no ports=5060,5061
set pptp disabled=no
[admin@MikroTik] >