16/07/13 How to block facebook in Mikrotik using L7 Protocols (Layer 7) | Lazy Geek -:)

rbgeek.wordpress.com/2012/05/29/how-to-block-facebook-in-mikrotik-using-l7-protocols-layer-7/ 1/11

Lazy Geek -:)

How to block facebook in Mikrotik using L7 Protocols (Layer 7)

In Some Scenarios , We May need to Block Facebook Social Website or some others …In this tutorial, I will show you, how to achieve this goal using L7 (Layer7).

This tutorial consists of two parts:

1- Block facebook website for everyone on local network.

2- Allow facebook for specific host(s) and block for others on local network.

1- Block facebook website for everyone on local network.

First we check that Facebook is currently working on our local network or not?

16/07/13 How to block facebook in Mikrotik using L7 Protocols (Layer 7) | Lazy Geek -:)

rbgeek.wordpress.com/2012/05/29/how-to-block-facebook-in-mikrotik-using-l7-protocols-layer-7/ 2/11

Check the IP address of our client?

We need to create new Regexp rule at Layer7 Protocols, in order to block the facebook for our local network.

To achieve this goal, please follow these steps:

16/07/13 How to block facebook in Mikrotik using L7 Protocols (Layer 7) | Lazy Geek -:)

rbgeek.wordpress.com/2012/05/29/how-to-block-facebook-in-mikrotik-using-l7-protocols-layer-7/ 3/11

.̂+(facebook.com).*$

Now, we need to create Filter Rule, using these steps:

16/07/13 How to block facebook in Mikrotik using L7 Protocols (Layer 7) | Lazy Geek -:)

rbgeek.wordpress.com/2012/05/29/how-to-block-facebook-in-mikrotik-using-l7-protocols-layer-7/ 4/11

Now test the rule, that we just created:

16/07/13 How to block facebook in Mikrotik using L7 Protocols (Layer 7) | Lazy Geek -:)

rbgeek.wordpress.com/2012/05/29/how-to-block-facebook-in-mikrotik-using-l7-protocols-layer-7/ 5/11

Try also on 2nd client (172.16.10.199/24):

Check that it only block facebook or other websites also?

16/07/13 How to block facebook in Mikrotik using L7 Protocols (Layer 7) | Lazy Geek -:)

rbgeek.wordpress.com/2012/05/29/how-to-block-facebook-in-mikrotik-using-l7-protocols-layer-7/ 6/11

Oh yes, our rule is working perfectly

2- Allow facebook for specific host(s) and block for others on local network.

Now, we want to allow facebook for 2nd client (172.16.10.199/24) but still want to block it for other host(s).

To accomplish this goal, we need to create a second Filter rule, to do this, please follow these steps:

16/07/13 How to block facebook in Mikrotik using L7 Protocols (Layer 7) | Lazy Geek -:)

rbgeek.wordpress.com/2012/05/29/how-to-block-facebook-in-mikrotik-using-l7-protocols-layer-7/ 7/11

Move this rule at the top:

16/07/13 How to block facebook in Mikrotik using L7 Protocols (Layer 7) | Lazy Geek -:)

rbgeek.wordpress.com/2012/05/29/how-to-block-facebook-in-mikrotik-using-l7-protocols-layer-7/ 8/11

Test this rule on 2nd client (172.16.10.199/24):

Verify the rule on Mikrotik:

16/07/13 How to block facebook in Mikrotik using L7 Protocols (Layer 7) | Lazy Geek -:)

rbgeek.wordpress.com/2012/05/29/how-to-block-facebook-in-mikrotik-using-l7-protocols-layer-7/ 9/11

Verify that, facebook is still blocked for other host(s) on the local network:

Verify the rule(s) on Mikrotik:

16/07/13 How to block facebook in Mikrotik using L7 Protocols (Layer 7) | Lazy Geek -:)

rbgeek.wordpress.com/2012/05/29/how-to-block-facebook-in-mikrotik-using-l7-protocols-layer-7/ 10/11

Rate this: 2 Votes

Share this:

Like this:

One blogger likes this.

Like

← How to hard reset the Linksys Router! OSPF routing between Ubuntu and CentOS using Quagga →

10 Responses to How to block facebook in Mikrotik using L7 Protocols (Layer 7)

Vincenzo November 16, 2012 at 12:21 pm

Good job. As easy as shoot a fish in a barrell. Can I link you to http://mymcsft.wordpress.com ?

Bye

Reply

mohamed February 24, 2013 at 11:32 am

excllent

Drop packets rate are incremented!

We can do the same for youtube or any other website!

Hope this will help you!

Please Remember me in your prayers!

Enjoy

Name (required)

Email (required)

Website

Comment (required)

Submit »

Mikrotik, Networking block facebook in Mikrotik, facebook, L7 Protocols, Layer 7, mikrotik, mikrotik router

Twitter Facebook 5 LinkedIn 2 Print More

16/07/13 How to block facebook in Mikrotik using L7 Protocols (Layer 7) | Lazy Geek -:)

rbgeek.wordpress.com/2012/05/29/how-to-block-facebook-in-mikrotik-using-l7-protocols-layer-7/ 11/11

Reply

Frank DZANGUE March 6, 2013 at 8:57 pm

excellent but connection on facebook using https protocol is still working

Reply

Arbab March 6, 2013 at 11:26 pm

I tried for both http and https and it worked for me very well

Reply

Frank DZANGUE March 7, 2013 at 4:12 am

What is working Arbab? Be clearly

Andres Alvarado June 26, 2013 at 1:13 am

No my friend its level 7 its application protocol

Reply

Arbab March 7, 2013 at 5:38 am

Mean, I was able to stop even https://facebook.com session using the same setting

Reply

Semih March 13, 2013 at 8:33 pm

sorry but it is working only with http protocol. if you try it over mozilla it is coming with https ( how will we resolve that problem ??? do you have an

idea ?

Reply

Hengky June 13, 2013 at 8:49 am

Yeah I also can’t block https://facebook when using Mozilla Firefox, even after applying those L7 rule.

Reply

Phillip June 28, 2013 at 1:18 pm

This method works well for me both http & https. but when users already have cache on their browser to blocking website, they still can access the same.

Are their anyway to solve this?

Reply

↑ TopBlog at WordPress.com. The zBench Theme.