I want to show you something nice that you can do with MikroTik. Say that you want to block many websites for your users. Instead of writing many filter rules (for each web server address, 1 filter rule), you can classify all the web servers IP addresses in an address list and apply the filter rule to that address list. So, an address list is a place where you can classify many IP addresses and apply a rule against them.
For now, I will disable the rules that I have created to block access to my website, so my website can be accessed again:
Now I want to block access to my company website as well to another http website which is http://example.com – I am allowed to use only 1 filter rule to block both websites.
I know the IP of my website web server, let’s check the IP of example.com server:
[mepr-show rules=”319″ unauth=”message”]
In a summary, here are the 2 IPs that I should block:
I will classify those 2 addresses in an address list that I will call it: Block http
I have added the first IP to the address list. Let’s add the 2nd one:
Excellent!!!! Both IPs are not under the same address list.
I will apply now 1 filter rule again this address list to block access to those 2 websites. Let’s do it:
As you can see, I made 1 rule saying that any traffic traversing the router and going to the internet with a destination to any of those 2 addresses that I have put in the address list, then action it to drop them.
Let’s check if I can open maict-consult.com:
It is not opening.
What about http://example.com? Let’s check:
Also not ????
While if I open any other website, then I see it will work:
Here I have opened my 2nd website where I sell my online courses (https://mynetworktraining.com) and it is working without any problem.