RuamMiT เขียน:ขอรบกวนการ Block Facebook แบบ L7 ด้วยครับ
/ip firewall filter
add action=drop chain=forward comment="Block Facebook" dst-address=\
74.119.76.0/22
add action=drop chain=forward comment="Block Facebook" dst-address=\
173.252.64.0/18
add action=drop chain=forward comment="Block Facebook" dst-address=\
204.15.20.0/22
add action=drop chain=forward comment="Block Facebook" dst-address=\
66.220.144.0/20
add action=drop chain=forward comment="Block Facebook" dst-address=\
69.171.224.0/19
/ip firewall layer7-protocol
add name="Deny worktime" regexp="^(.*)(facebook)(.*)\$"
/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s \
tcp-close-wait-timeout=10s tcp-established-timeout=1d tcp-fin-wait-timeout=\
10s tcp-last-ack-timeout=10s tcp-syn-received-timeout=5s \
tcp-syn-sent-timeout=5s tcp-syncookie=no tcp-time-wait-timeout=10s \
udp-stream-timeout=3m udp-timeout=10s
/ip firewall filter
add action=accept chain=forward disabled=no layer7-protocol="Deny worktime" \
src-address=192.168.5.1-192.168.5.49
add action=drop chain=forward disabled=yes layer7-protocol="Deny worktime" \
src-address=192.168.5.0/24 time=8h-12h,mon,tue,wed,thu,fri
add action=drop chain=forward disabled=yes layer7-protocol="Deny worktime" \
src-address=192.168.5.0/24 time=13h-17h,mon,tue,wed,thu,fri
add action=drop chain=forward disabled=no dst-port=443 layer7-protocol=\
"Deny worktime" protocol=tcp src-address=0.0.0.0/0 src-port=""
add action=drop chain=forward disabled=no dst-port=80 layer7-protocol=\
"Deny worktime" protocol=tcp src-address=0.0.0.0/0 src-port=""
ย้อนกลับไปยัง วิธีการติดตั้งและปรับแต่งอุปกรณ์ Mikrotik
กำลังดูบอร์ดนี้: ไม่มีสมาชิกใหม่ และ บุคคลทั่วไป 6 ท่าน