WIKIABOUT

FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

Most popular tags

rut955 rut240 rut950 rutx11 rms vpn to openvpn wifi not sms trb140 firmware connection - ipsec on rutx12 rutx09 modbus
We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.

RUT240 - firewall

0 votes
478 views 2 comments
by anonymous
Hello,

I would like to ask about firewall - iptables rules for RUT240. I need filter layer 7 or match domain host in domain name format. I use the RUT240 router with mobile connection. I have problem with windows update. The computer downloads many kb data. I analyze the traffic and I figured that it is traffic from microsoft sites.

I would like to create firewall rules to deny microsoft updates. I know that it is possible to do it in two ways. Through iptables module for layer 7 or module string. The modules are not in current firmware. Is it possible to create block of microsoft sites in any other way?

Thanks

2 Answers

0 votes
by anonymous
Hi, it's better to use the Web Filter package to block websites. https://wiki.teltonika-networks.com/view/RUT240_Web_Filter#Site_Blocking

Or Proxy Based Content Blocker - information can be found at the same link.

Through iptables, you can block by ip, and microsoft sites have many different ip addresses for load balancing and redundancy. Accordingly, blocking one ip will not do anything. And also if you block one ip, other sites or services associated with it may stop working.

Best regards.
by anonymous 
Hello, 

thank you, but it's not working. In the current the many website with https protocol, but the filter with asterisk can be filter on proxy and only in http protocol. It was better if the firmware have a layer 7 filter, but it hasn't it. I found many website as is possible filtered windows update on microtik firewall. 

There are 3 ways:
- RAW filter on firewall
- firewall filter through content
- L7 filter on firewall with regex url
0 votes
by anonymous 
Hello, 

thank you, but it's not working. In the current the many website with https protocol, but the filter with asterisk can be filter on proxy and only in http protocol. It was better if the firmware have a layer 7 filter, but it hasn't it. I found many website as is possible filtered windows update on microtik firewall. 

There are 3 ways:
- RAW filter on firewall
- firewall filter through content
- L7 filter on firewall with regex url
by anonymous

Hi.
You can filter your traffic at the DNS query level.
For example, using SSH commands or in the CLI menu from WebUI:
 

For Blacklist
uci add_list dhcp.@dnsmasq[0].server="/example.com/"
uci add_list dhcp.@dnsmasq[0].server="/example.net/"
uci commit dhcp
/etc/init.d/dnsmasq restart

For Whitelist
uci add_list dhcp.@dnsmasq[0].server="/example.com/#"
uci add_list dhcp.@dnsmasq[0].server="/example.net /#"
uci commit dhcp
/etc/init.d/dnsmasq restart
 

You can cancel the filter with the following command

uci del_list dhcp.@dnsmasq[0].server="/site.com/"

Best regards.