Mikrotik: Layer 7 Protocol L7P: Difference between revisions
From OnnoCenterWiki
Jump to navigationJump to search
Onnowpurbo (talk | contribs) No edit summary |
Onnowpurbo (talk | contribs) No edit summary |
||
| Line 1: | Line 1: | ||
==Mengaktifkan Regex== | |||
/ip firewall layer7-protocol add comment="test" regexp=.youtube | /ip firewall layer7-protocol add comment="test" regexp=.youtube | ||
| Line 5: | Line 9: | ||
/ip firewall filter add chain=forward layer7-protocol=test action=drop | /ip firewall filter add chain=forward layer7-protocol=test action=drop | ||
==Contoh== | |||
/ip firewall layer7-protocol | |||
add name=rdp regexp="rdpdr.*cliprdr.*rdpsnd" | |||
/ip firewall filter | |||
# add few known protocols to reduce mem usage | |||
add action=accept chain=forward comment="" disabled=no port=80 protocol=tcp | |||
add action=accept chain=forward comment="" disabled=no port=443 protocol=tcp | |||
# add l7 matcher | |||
add action=accept chain=forward comment="" disabled=no layer7-protocol=\ | |||
rdp protocol=tc | |||
==Contoh Regex== | |||
| Line 10: | Line 31: | ||
==Referensi== | ==Referensi== | ||
* https://wiki.mikrotik.com/wiki/Manual:IP/Firewall/L7 | |||
* https://mynote1933.blogspot.com/2018/05/3-cara-blokir-situs-di-mikrotik.html | * https://mynote1933.blogspot.com/2018/05/3-cara-blokir-situs-di-mikrotik.html | ||
Revision as of 12:47, 22 April 2020
Mengaktifkan Regex
/ip firewall layer7-protocol add comment="test" regexp=.youtube /ip firewall layer7-protocol print
/ip firewall filter add chain=forward layer7-protocol=test action=drop
Contoh
/ip firewall layer7-protocol add name=rdp regexp="rdpdr.*cliprdr.*rdpsnd"
/ip firewall filter
# add few known protocols to reduce mem usage
add action=accept chain=forward comment="" disabled=no port=80 protocol=tcp
add action=accept chain=forward comment="" disabled=no port=443 protocol=tcp
# add l7 matcher
add action=accept chain=forward comment="" disabled=no layer7-protocol=\
rdp protocol=tc
Contoh Regex
Referensi
- https://wiki.mikrotik.com/wiki/Manual:IP/Firewall/L7
- https://mynote1933.blogspot.com/2018/05/3-cara-blokir-situs-di-mikrotik.html
