Restriction of certain websites by name.

In the future, using the website, you agree to the rules of using Cookies. Read more. I agree

Restriction of certain websites by name.

Open New Terminal. Then insert our rule. Do not forget to set it higher in list.

You can also manually create the rule with [+] button.

/ip firewall filter add act=drop chain=forward cont="Host:"
prot=tcp src-address= in-int=LAN1

That’s all. website will no longer open. Thus, you block only outgoing requests. Router do not need to filter incoming packets from this website anymore, because there won’t be any incoming packets anymore. Outgoing traffic is typically 10-20 times smaller than the incoming. Also it only filters outgoing TCP requests. Besides outgoing GET-requests only take up to 200-500 bytes. They are placed in one package. Since load on rule content is small.

Also websites containing line Host: will not be blocked and will pass GET-requests containing line.

src-address - set the computer's IP.

content = "Host:" - blocked website

If you want to block access to the website for all the computers, remove this line src-address.

If you want to block only specific computers - you can create record with an IP blocked computers in address-list tab. Call these notes block-website for example.

Specify this address list in the recording Src.Address List.
Src-address – delete this