This time I will share Mikrotik Wiki Tutorial about How to block Facebook using L7 (Layer 7) Protocol Mikrotik.

What is Layer 7 Protocol?

Layer7 Protocol is a method to search for a pattern in ICMP / TCP / UDP streams, or any other term regex pattern.

How Layer 7 Protocol Work?

How it works is matching L7 (mathcer) 10 packages the first connection or first 2KB connections 2KB and look for pattern in accordance with the data available. If the pattern is not found in the available data, the matcher does not check further. And would be considered as unknown connections. You have to consider that a lot of connection will significantly increase memory usage on your router. To avoid that, add regular firewall matchers (pattern) to reduce the amount of data that is sent to the layer-7 filters.Layer7 matcher must see both directions of traffic (incoming and outgoing). To meet this requirement l7 rule must be set in the Forward chain. If the rule in the chain of input / prerouting then the same rules should be set also in the output chain / postrouting, if not then the data may be considered incomplete so the pattern / pattern to be false / fit.

 

Tutorial How to block Facebook using L7 (Layer 7) Protocol Mikrotik

So the scenario that we will use is as shown below:

This tutorial has two parts:

1. Block facebook website for all those who connect to the local network.
First, we first check the Facebook site can be opened or not.
Check the IP address of the client is not allowed to access Facebook
Next, go to Mikrotik Winbox, go to IP -> Firewall -> Layer 7 Protocols. Create new regexp rule to block Facebook.
The step as in the image below:
Give the name of the facebook rule, enter the following regexp script:

^.+(facebook.com).*$

Next, create a new Firewall Rule:
Chain: forward
Src Address: the network address of the client (172.16.10.0/24)
Go to the Advanced tab, the Layer 7 Protocol select “facebook”
Go to the Action tab, select Action drop.
Let’s find out it works or not. Open the Facebook website. The connection will be timed out.
Is this rule block another website beside Facebook? Let’s find out. Open the google website.

mikrotikwiki

About the Author

Leave a Reply

Your email address will not be published. Required fields are marked *

*
*
*

3 + 9 =