My browser knows that has enabled HSTS, so it makes an HTTPS connection (if it had never visited before, it might attempt an HTTP connection first, but that’s getting more and more unlikely these days).My browser will do a DNS lookup of (and possibly.Sorry if you were hoping for an analysis of key presses.) (For people who like drilling down to absurd amounts of detail, I’m only thinking about networking. What happens to make cat videos come up on my screen? If you know what happens when you browse to a website, then you can better understand different ways of identifying traffic going to them, and how you can block that traffic.
What Happens When You Browse to ?īefore I give any answers away, a little bit of thinking is in order. I have IPv6 at home, so The Solution will need to apply to IPv6 as well.Īnd, the vast majority of my video traffic is HTTPS, so The Solution mustn’t be thwarted by encryption. It would be nice if The Solution can be brought home so I can kick kids off video sites, but still let them do homework hosted on other domains. The ones my kids gravitate towards: YouTube, Netflix, and iView. I want my Mikrotik to block access to a small number of video websites.
Update : I’ve added an effectiveness section to each technique I’ve described here, based on my experience over the last few months. However, my kids (and adults, if we’re honest with ourselves) love watching YouTube videos.īut they have no sense of how much data these can consume, and there’s no such thing as unlimited (or even “unlimited” but-not-really-unlimited) mobile data in Australia. That will give us Internet access for laptops and a desktop. My family is going on holiday shortly, and I’ll be taking a Mikrotik router with an Android phone and 4G Internet connection. ip firewall nat add action=masquerade chain=srcnat connection-mark=domain.How to stop people accessing YouTube (and other sites). ip firewall nat add action=dst-nat chain=dstnat connection-mark=-forward to-addresses=10.0.0.1 ip firewall mangle add chain=prerouting dst-address=192.168.0.1 layer7-protocol= action=mark-connection new-connection-mark=-forward protocol=udp dst-port=53 ip firewall mangle add chain=prerouting dst-address=192.168.0.1 layer7-protocol= action=mark-connection new-connection-mark=-forward protocol=tcp dst-port=53 ip firewall layer7-protocol add name= regexp=
10.0.0.1: dns server that serve queries for.: domain that need conditional dns forwarding.192.168.0.1: LAN IP of Mikrotik, configured as DNS server for local clients.The following layer 7 rule and nat will forward dns request for specific dns domain to specified dns server Mikrotik doesn’t have an official way to configure conditional DNS.
0 kommentar(er)
