sukriborneo

mikrotik block video

Nov 3rd, 2017
88
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. ip firewall address-list
  2. add address=208.117.224.0/24 disabled=no list=Youtube
  3. add address=208.117.225.0/24 disabled=no list=Youtube
  4. add address=208.117.228.0/24 disabled=no list=Youtube
  5. add address=208.117.229.0/24 disabled=no list=Youtube
  6. add address=208.117.232.0/24 disabled=no list=Youtube
  7. add address=208.117.233.0/24 disabled=no list=Youtube
  8. add address=208.117.234.0/24 disabled=no list=Youtube
  9. add address=208.117.238.0/24 disabled=no list=Youtube
  10. add address=208.65.152.0/24 disabled=no list=Youtube
  11. add address=208.65.153.0/24 disabled=no list=Youtube
  12. add address=208.65.154.0/24 disabled=no list=Youtube
  13. add address=64.15.112.0/20 disabled=no list=Youtube
  14. add address=208.117.236.0/24 disabled=no list=Youtube
  15. add address=74.125.0.0/16 disabled=no list=Youtube
  16. add address=72.14.221.0/24 disabled=no list=Youtube
  17. add address=74.125.208.0/24 disabled=no list=Youtube
  18.  
  19. /ip firewall filter
  20. add action=drop chain=forward comment="deny youtube" disabled=no \
  21. dst-address-list=Youtube
  22.  
  23. works
  24.  
  25. #--------------------------------------
  26. /ip firewall layer7-protocol
  27. add name=VIDEO regexp=video
  28. add name=AUDIO regexp=audio
  29.  
  30. #-----------------------------
  31.  
  32. /ip firewall mangle
  33. add action=mark-connection chain=prerouting disabled=no layer7-protocol=AUDIO \
  34. new-connection-mark=yutup passthrough=yes
  35. add action=mark-connection chain=prerouting disabled=no layer7-protocol=VIDEO \
  36. new-connection-mark=yutup passthrough=yes
  37. add action=mark-packet chain=forward connection-mark=yutup disabled=no \
  38. new-packet-mark=youtube passthrough=no
  39.  
  40.  
  41. #-------------------------------
  42. #mikrotik 5
  43. /queue tree
  44. add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
  45. max-limit=0 name=YOUTUBE packet-mark=youtube parent=global-out priority=5 \
  46. queue=default
  47.  
  48. #mikrotik 6
  49. /queue tree
  50. add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
  51. max-limit=0 name=YOUTUBE packet-mark=youtube parent=global priority=5 \
  52. queue=default
  53.  
  54.  
  55.  
  56.  
  57.  
  58. -------------------------------------------------------------
  59. -----------------------------------------------------------
  60. ---------------------------------------------------------
  61.  
  62.  
  63.  
  64.  
  65. Let's try with the following (firewall and proxy):
  66. [code]
  67.  
  68. /ip firewall layer7-protocol
  69. add name=httpvideo regexp="http/(0\\.9|1\\.0|1\\.1)[\\x09-\\x0d ][1-5][0-9][0-9][\\x09-\\x0d -~]*(content-type: video)"
  70.  
  71.  
  72. /ip firewall filter
  73. add action=drop chain=forward comment="Drop httpvideo traffic, from L7" disabled=no layer7-protocol=httpvideo
  74.  
  75.  
  76.  
  77. /ip proxy access
  78. add action=deny comment=Video disabled=no dst-host=*.youtube.com
  79. add action=deny disabled=no path=:video
  80. add action=deny disabled=no path=:Video
  81.  
  82.  
  83. [/code]
  84. --------------
  85. http://rbgeek.wordpress.com/2012/09/12/how-to-block-video-streaming-with-squid/
  86.  
  87.  
  88. ----------------------------------
  89. -----------------------------------
  90. -----------------------------------
  91. How to Block Websites with Mikrotik proxy
  92. This example will explain you “How to Block Web Sites” & “How to Stop Downloading”. I have use Web-Proxy test Package.
  93.  
  94. First, Configure Proxy.
  95.  
  96. /ip proxy
  97. enabled: yes
  98. src-address: 0.0.0.0
  99. port: 8080
  100. parent-proxy: 0.0.0.0:0
  101. cache-drive: system
  102. cache-administrator: "ASHISH PATEL"
  103. max-disk-cache-size: none
  104. max-ram-cache-size: none
  105. cache-only-on-disk: no
  106. maximal-client-connections: 1000
  107. maximal-server-connections: 1000
  108. max-object-size: 512KiB
  109. max-fresh-time: 3d
  110.  
  111. Now, Make it Transparent
  112.  
  113. /ip firewall nat
  114. chain=dstnat protocol=tcp dst-port=80
  115. action=redirect to-ports=8080
  116.  
  117. Make sure that your proxy is NOT a Open Proxy
  118.  
  119. /ip firewall filter
  120. chain=input in=interface= src-address=0.0.0.0/0
  121. protocol=tcp dst-port=8080 action=drop
  122.  
  123. Now for Blocking Websites
  124.  
  125. /ip proxy access
  126. dst-host=www.aaa07.com action=deny
  127.  
  128. it will block website http://www.aaa07.com, we can always block the same for different networks by giving src-address. it will block for particular source address.
  129.  
  130. we can also stop downloading files like .mp3, .mp4.....,etc
  131.  
  132. /ip proxy access
  133. path=*.mp3 action=deny
  134. path=*.mp4 action=deny
  135.  
  136. try with this also
  137.  
  138. /ip proxy access
  139. dst-host=:mail action=deny
  140.  
  141. this will block all the websites contain word "mail" in url.
  142.  
  143. Example: it will block www.hotmail.com, mail.yahoo.com,.....
  144.  
  145. or
Add Comment
Please, Sign In to add comment