Working Rule:
/ip firewall layer7-protocol
add name="BlockAll Website" regexp="^.+(.).*\$"
add name="Only access" regexp="^.+(facebook.com|google.com).*\$"
/ip firewall filter
add action=drop chain=forward comment="blocking rule" disabled=no layer7-protocol="BlockAll Website" src-address-list=BlockedGroup
add chain=forward comment="For BlockedGroup" disabled=no layer7-protocol="Only access" src-address-list=BlockedGroup
##############################################################################
my this rule working very nice. but problem its being block skype and other massenger. i want to continue this rule but want to give access skype and other massenger. i tried with this rule
/ip firewall filter
add chain=forward comment="port access" dst-port=80,443 protocol=tcp src-address-list=BlockedGroup
but this one making open all website and port.
/ip firewall layer7-protocol
add name="BlockAll Website" regexp="^.+(.).*\$"
add name="Only access" regexp="^.+(facebook.com|google.com).*\$"
/ip firewall filter
add action=drop chain=forward comment="blocking rule" disabled=no layer7-protocol="BlockAll Website" src-address-list=BlockedGroup
add chain=forward comment="For BlockedGroup" disabled=no layer7-protocol="Only access" src-address-list=BlockedGroup
##############################################################################
my this rule working very nice. but problem its being block skype and other massenger. i want to continue this rule but want to give access skype and other massenger. i tried with this rule
/ip firewall filter
add chain=forward comment="port access" dst-port=80,443 protocol=tcp src-address-list=BlockedGroup
but this one making open all website and port.
