Difference between revisions of "Mikrotik: Layer 7 Protocol L7P"

From OnnoWiki
Jump to navigation Jump to search
Line 1: Line 1:
  
 +
 +
 +
 +
==Mengaktifkan Regex==
  
 
  /ip firewall layer7-protocol add comment="test" regexp=.youtube  
 
  /ip firewall layer7-protocol add comment="test" regexp=.youtube  
Line 5: Line 9:
  
 
  /ip firewall filter add chain=forward layer7-protocol=test action=drop  
 
  /ip firewall filter add chain=forward layer7-protocol=test action=drop  
 +
 +
 +
==Contoh==
 +
 +
/ip firewall layer7-protocol
 +
add name=rdp regexp="rdpdr.*cliprdr.*rdpsnd"
 +
 +
/ip firewall filter
 +
# add few known protocols to reduce mem usage
 +
add action=accept chain=forward comment="" disabled=no port=80 protocol=tcp
 +
add action=accept chain=forward comment="" disabled=no port=443 protocol=tcp
 +
# add l7 matcher
 +
add action=accept chain=forward comment="" disabled=no layer7-protocol=\
 +
    rdp protocol=tc
 +
 +
==Contoh Regex==
 +
  
  
Line 10: Line 31:
 
==Referensi==
 
==Referensi==
  
 +
* https://wiki.mikrotik.com/wiki/Manual:IP/Firewall/L7
 
* https://mynote1933.blogspot.com/2018/05/3-cara-blokir-situs-di-mikrotik.html
 
* https://mynote1933.blogspot.com/2018/05/3-cara-blokir-situs-di-mikrotik.html
  

Revision as of 19:47, 22 April 2020



Mengaktifkan Regex

/ip firewall layer7-protocol add comment="test" regexp=.youtube 
/ip firewall layer7-protocol print

/ip firewall filter add chain=forward layer7-protocol=test action=drop


Contoh

/ip firewall layer7-protocol
add name=rdp regexp="rdpdr.*cliprdr.*rdpsnd"

/ip firewall filter
# add few known protocols to reduce mem usage
add action=accept chain=forward comment="" disabled=no port=80 protocol=tcp
add action=accept chain=forward comment="" disabled=no port=443 protocol=tcp
# add l7 matcher
add action=accept chain=forward comment="" disabled=no layer7-protocol=\
    rdp protocol=tc

Contoh Regex

Referensi

Pranala Menarik

Retrieved from "https://onnocenter.or.id/wiki/index.php?title=Mikrotik:_Layer_7_Protocol_L7P&oldid=61348"