Hi, I want to block websites like twitter, facebook, youtube and casino games except for couple users. I'm using Linksys router as edge, but he doesn't allow to block more than 8 websites and in no more than 5 computers. So I now want to buy Mikrotik router and can I implement this in the firewall? Also, my network is with Active Directory Domain, how can I block not addresses, but hostnames? Or use DHCP reservation for 2-3 days for example? Thank you.

On MikroTik, is possible make over DHCP server Static Leases and generate specific address list for the diferents purpose rules of blocked or authoritative access sites. The ideal is make the address list of the menor group. Is very fictional and flexible.
Your AD over this configuration is working any problems but I recommend make all configuration over the MikroTik only is more easy.

Hi, I want to block websites like twitter, facebook, youtube and casino games except for couple users. I'm using Linksys router as edge, but he doesn't allow to block more than 8 websites and in no more than 5 computers.....

I am interested how do you classify pages as e.g. casino games despite the type of router?
Mikrotik offers L7 filters to watch for domain names but in the era of https its going to be unusable. Even if you manage to overcome this problem then the question still is valid: how to decide if page is offering casino games?

It is always surprising how many posts here are about "I want to block" or even "I need to block", but unfortunately the internet does not lend itself well to "blocking".
There are usually many ways to go around such blocks, and it will depend on your audience how easy it is for them.
Even when you can successfully block some domain names, it will either accomplish absolutely nothing or it will be a hell of a job to maintain that list.

It is better to concede that blocking is not realistic, and unwanted access to sites has to be managed in a different way.

OK, DHCP is setup on domain controller with 8 days leases, so it's kinda static. I'll reconfigure it to make it static. So, I tried yesterday to block youtube with address list, but it didn't work. Main reason are addresses which uses youtube. I've somehow blocked also google. Where I can see list of IP addresses which uses facebook, youtube? I saw whois.arin.net, but for youtube there's not full list. Can I use AS number for blocking? Thank you.

It is very difficult because Youtube is a Google company and they have no incentive to neatly separate the addresses used by one service from those used by another.
You can try using an address list with a domain name, e.g. "youtube.com", but it will fail to work completely because there are many other domain names that
you can also use to access youtube, e.g. youtu.be

As I have stated numerous times on the forum, it is very easy to formulate a "requirement" such as you have, but today on the internet it is very difficult to accomplish it.
I recommend you to consider alternative ways of achieving what you want, like telling your users what they are supposed to do and not to do, and what corrective measures
will be taken when these rules are violated (depending on de context).

You could also consider to use a DNS service with classification, e.g. OpenDNS, but it is a bit tricky to enable it "except for couple users".

And if all else fails maybe setup a PC with web filtering software like untangle

Whatever software you use, remember that results obtained in the past are no indication of success today or tomorrow.
The web is quickly transforming into encrypted-only (everthing https) and solutions that depend on content inspection are becoming a thing of the past.
Solutions that depend on man-in-the-middle decrypt/encrypt will only work in a completely managed (company) environment where you can install root certificates, and they are heavily frowned upon by security experts.
They also are under pressure because additional certificate validation like done by Google Chrome will fail and indicate the connection as insecure (which indeed it is).