Previously, I had a successful setting on the RB750, but I re-implemented it on the RB1100ahx4, this whitelist rule didn't work
/ip firewall filter
add action=accept chain=forward src-address-list=all_allow
add action=drop chain=forward src-address-list=!all_allow comment=Sosmed layer7-protocol=Block
add action=drop chain=forward src-address-list=!all_allow layer7-protocol=Youtube
add action=drop chain=forward src-address-list=!all_allow layer7-protocol=Torrent
add action=drop chain=forward src-address-list=!all_allow comment=IG dst-address-list=Instagram
add action=drop chain=forward src-address-list=!all_allow comment=Tiktok content=tiktokv.com
add action=drop chain=forward src-address-list=!all_allow protocol=tcp tls-host=*.tiktokcdn.com
add action=drop chain=forward src-address-list=!all_allow comment=IG content=instagram.com
add action=drop chain=forward src-address-list=!all_allow content=.instagram.
add action=drop chain=forward src-address-list=!all_allow protocol=tcp tls-host=instagram.com
add action=drop chain=forward src-address-list=!all_allow protocol=tcp tls-host=*.instagram.*