First, Configure Proxy.
/ip proxy set enabled=yes set src-address=0.0.0.0 set port=8080 set parent-proxy=0.0.0.0 set parent-proxy-port=0 set cache-administrator="webmaster" set max-cache-size=none set cache-on-disk=no set max-client-connections=600 set max-server-connections=600 set max-fresh-time=3d set always-from-cache=no set cache-hit-dscp=4 set serialize-connections=noNow, Make it Transparent
/ip firewall nat add chain=dstnat protocol=tcp dst-port=80 action=dst-nat
to-addresses=<Your LAN IP for the Router> to-ports=8080Make sure that your proxy is NOT a Open Proxy
/ip firewall filter
add chain=input in-interface=<Your WAN Port> src-address=0.0.0.0/0\
protocol=tcp dst-port=8080 action=drop
Now for Blocking Websites
/ip proxy access add dst-host=www.mywebsite.com action=denyIt will block website http://www.mywebsite.com, We can always block the same for different networks by giving src-address. It will block for particular source address.
We can also stop downloading files like.mp3, .exe, .dat, .avi,…etc.
/ip proxy access add path=*.exe action=deny add path=*.mp3 action=deny add path=*.zip action=deny add path=*.rar action=deny.Try with this also
/ip proxy access add dst-host=:mail action=denyThis will block all the websites contain word “mail” in url.
Example: It will block www.hotmail.com, mail.yahoo.com, www.rediffmail.com
ENJOY BLOCKING…….
No comments:
Post a Comment