not going to work, dst-address-list is the end users, not servers, the block facebook works 100%, but me trying to use the exact method to block the other site, does not work at all, and that goes for other random website as wellI think you need to declare freeusers as src-address-list. Also make sure that both rules are on top of the Filter Rule list.
nope, its not doing jack, I can still access thepiratebay.se and thepiratebay.sxYou're right - I am still missing lots of theory. I left both src-address and dst-address empty and I am unable to open http://thepiratebay.se/ on the whole network. Do a similar test without the address-list and see what it does? I defined regex similar as you did.
add action=drop chain=forward comment="BLOCK FACEBOOK" layer7-protocol=piratebay
add action=drop chain=forward comment="BLOCK FACEBOOK" layer7-protocol=facebook
hmmm the same here, #0 and #1 on top of my list, dammm..are you using v6.3 ?the same:
add name=facebook regexp="^.+(facebook).*\$"
add name=piratebay regexp="^.+(thepiratebay).*\$"
the filter rules are #0 and #1 on top of my list. I can see both Bytes and Packets counters increase whenever I click on the piratebay link or enter the url into the browser. It may not work immediately after enabling the rule, but it does after restarting the browser. Apologies that I was of no help to you.
haha ok, I thought u were using a old stable version, I always have problems when I'm using hotspots with loadbalancing or routing mark for dedicated gateway for certain subnet, its a big screwup and if I disable my hotspot, everything works fine6.4 development test version. I doubt if makes a difference.
I am planning to experiment with transparent proxy over the weekend. I think it is a more reliable way to block websites than layer7.
the domain is *.thepiratebay.* So I assume if I block that in layer 7 on the appropriate way, then it will be bye bye for that website, because it worked on facebook, so to me it doesn't make any sense why it cant block other sites on this method but I can block facebook on layer 7, but I'll sniff laterwhy do you assume that this text "thepiratebay" shows up in any of the packets? you must use packet sniffer and check how to block it. L7 is not a keyword blocking system