Difference between revisions of "Mikrotik: Layer 7 Protocol L7P"
Jump to navigation
Jump to search
Onnowpurbo (talk | contribs) (→Contoh) |
Onnowpurbo (talk | contribs) |
||
Line 5: | Line 5: | ||
==Mengaktifkan Regex== | ==Mengaktifkan Regex== | ||
− | /ip firewall layer7-protocol add | + | /ip firewall layer7-protocol add regexp=.togel name=togel |
+ | /ip firewall layer7-protocol add regexp=.porn name=porn | ||
/ip firewall layer7-protocol print | /ip firewall layer7-protocol print | ||
− | /ip firewall filter add chain=forward layer7-protocol= | + | /ip firewall filter add chain=forward layer7-protocol=porn action=drop |
− | + | /ip firewall filter add chain=forward layer7-protocol=togel action=drop | |
==Contoh== | ==Contoh== |
Revision as of 10:48, 3 October 2020
Mengaktifkan Regex
/ip firewall layer7-protocol add regexp=.togel name=togel /ip firewall layer7-protocol add regexp=.porn name=porn /ip firewall layer7-protocol print
/ip firewall filter add chain=forward layer7-protocol=porn action=drop /ip firewall filter add chain=forward layer7-protocol=togel action=drop
Contoh
/ip firewall layer7-protocol add name=rdp regexp="rdpdr.*cliprdr.*rdpsnd"
/ip firewall filter # add few known protocols to reduce mem usage add action=accept chain=forward comment="" disabled=no port=80 protocol=tcp add action=accept chain=forward comment="" disabled=no port=443 protocol=tcp # add l7 matcher add action=accept chain=forward comment="" disabled=no layer7-protocol=\ rdp protocol=tcp
Contoh Telnet Matcher
/ip firewall layer7-protocol add comment="" name=telnet regexp="^\\xff[\\xfb-\\xfe].\\xff[\\xfb-\\xfe].\\xff[\\xfb-\\xfe]"
/ip firewall filter add action=accept chain=input comment="" disabled=no layer7-protocol=telnet \ protocol=tcp add action=passthrough chain=output comment="" disabled=no layer7-protocol=telnet \ protocol=tcp
Contoh Youtube Matcher
/ip firewall layer7-protocol add name=youtube regexp="(GET \\/videoplayback\\\?|GET \\/crossdomain\\.xml)"
Contoh Regex
Referensi
- https://wiki.mikrotik.com/wiki/Manual:IP/Firewall/L7
- https://mynote1933.blogspot.com/2018/05/3-cara-blokir-situs-di-mikrotik.html