API tools faq
paste
Advertisement
albspirit86

mikrotik block video

albspirit86
Oct 2nd, 2014
1,262
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.30 KB | None | 0 0
raw download clone embed print report
  1. ip firewall address-list
  2. add address=208.117.224.0/24 disabled=no list=Youtube
  3. add address=208.117.225.0/24 disabled=no list=Youtube
  4. add address=208.117.228.0/24 disabled=no list=Youtube
  5. add address=208.117.229.0/24 disabled=no list=Youtube
  6. add address=208.117.232.0/24 disabled=no list=Youtube
  7. add address=208.117.233.0/24 disabled=no list=Youtube
  8. add address=208.117.234.0/24 disabled=no list=Youtube
  9. add address=208.117.238.0/24 disabled=no list=Youtube
  10. add address=208.65.152.0/24 disabled=no list=Youtube
  11. add address=208.65.153.0/24 disabled=no list=Youtube
  12. add address=208.65.154.0/24 disabled=no list=Youtube
  13. add address=64.15.112.0/20 disabled=no list=Youtube
  14. add address=208.117.236.0/24 disabled=no list=Youtube
  15. add address=74.125.0.0/16 disabled=no list=Youtube
  16. add address=72.14.221.0/24 disabled=no list=Youtube
  17. add address=74.125.208.0/24 disabled=no list=Youtube
  18.  
  19. /ip firewall filter
  20. add action=drop chain=forward comment="deny youtube" disabled=no \
  21. dst-address-list=Youtube
  22.  
  23. works
  24.  
  25. #--------------------------------------
  26. /ip firewall layer7-protocol
  27. add name=VIDEO regexp=video
  28. add name=AUDIO regexp=audio
  29.  
  30. #-----------------------------
  31.  
  32. /ip firewall mangle
  33. add action=mark-connection chain=prerouting disabled=no layer7-protocol=AUDIO \
  34. new-connection-mark=yutup passthrough=yes
  35. add action=mark-connection chain=prerouting disabled=no layer7-protocol=VIDEO \
  36. new-connection-mark=yutup passthrough=yes
  37. add action=mark-packet chain=forward connection-mark=yutup disabled=no \
  38. new-packet-mark=youtube passthrough=no
  39.  
  40.  
  41. #-------------------------------
  42. #mikrotik 5
  43. /queue tree
  44. add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
  45. max-limit=0 name=YOUTUBE packet-mark=youtube parent=global-out priority=5 \
  46. queue=default
  47.  
  48. #mikrotik 6
  49. /queue tree
  50. add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
  51. max-limit=0 name=YOUTUBE packet-mark=youtube parent=global priority=5 \
  52. queue=default
  53.  
  54.  
  55.  
  56.  
  57.  
  58. -------------------------------------------------------------
  59. -----------------------------------------------------------
  60. ---------------------------------------------------------
  61.  
  62.  
  63.  
  64.  
  65. Let's try with the following (firewall and proxy):
  66. [code]
  67.  
  68. /ip firewall layer7-protocol
  69. add name=httpvideo regexp="http/(0\\.9|1\\.0|1\\.1)[\\x09-\\x0d ][1-5][0-9][0-9][\\x09-\\x0d -~]*(content-type: video)"
  70.  
  71.  
  72. /ip firewall filter
  73. add action=drop chain=forward comment="Drop httpvideo traffic, from L7" disabled=no layer7-protocol=httpvideo
  74.  
  75.  
  76.  
  77. /ip proxy access
  78. add action=deny comment=Video disabled=no dst-host=*.youtube.com
  79. add action=deny disabled=no path=:video
  80. add action=deny disabled=no path=:Video
  81.  
  82.  
  83. [/code]
  84. --------------
  85. http://rbgeek.wordpress.com/2012/09/12/how-to-block-video-streaming-with-squid/
  86.  
  87.  
  88. ----------------------------------
  89. -----------------------------------
  90. -----------------------------------
  91. How to Block Websites with Mikrotik proxy
  92. This example will explain you “How to Block Web Sites” & “How to Stop Downloading”. I have use Web-Proxy test Package.
  93.  
  94. First, Configure Proxy.
  95.  
  96. /ip proxy
  97. enabled: yes
  98. src-address: 0.0.0.0
  99. port: 8080
  100. parent-proxy: 0.0.0.0:0
  101. cache-drive: system
  102. cache-administrator: "ASHISH PATEL"
  103. max-disk-cache-size: none
  104. max-ram-cache-size: none
  105. cache-only-on-disk: no
  106. maximal-client-connections: 1000
  107. maximal-server-connections: 1000
  108. max-object-size: 512KiB
  109. max-fresh-time: 3d
  110.  
  111. Now, Make it Transparent
  112.  
  113. /ip firewall nat
  114. chain=dstnat protocol=tcp dst-port=80
  115. action=redirect to-ports=8080
  116.  
  117. Make sure that your proxy is NOT a Open Proxy
  118.  
  119. /ip firewall filter
  120. chain=input in=interface= src-address=0.0.0.0/0
  121. protocol=tcp dst-port=8080 action=drop
  122.  
  123. Now for Blocking Websites
  124.  
  125. /ip proxy access
  126. dst-host=www.aaa07.com action=deny
  127.  
  128. it will block website http://www.aaa07.com, we can always block the same for different networks by giving src-address. it will block for particular source address.
  129.  
  130. we can also stop downloading files like .mp3, .mp4.....,etc
  131.  
  132. /ip proxy access
  133. path=*.mp3 action=deny
  134. path=*.mp4 action=deny
  135.  
  136. try with this also
  137.  
  138. /ip proxy access
  139. dst-host=:mail action=deny
  140.  
  141. this will block all the websites contain word "mail" in url.
  142.  
  143. Example: it will block www.hotmail.com, mail.yahoo.com,.....
  144.  
  145. or
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!