Thursday, September 3, 2020

Mikrotik Layer 7 Regexp facebook

Facebook access is restricted in almost every corporate network. Only those who need it, get access, while others have no access to it. Usually, if we apply the restriction using the firewall of mikrotik router, then the users will be blocked from the web access of facebook, but they will get access with facebook apps.

To block facebook apps we need to take the help of mikrotik's "layer-7 protocol" feature. There some kind  of "RegExp Code" is written. Later,  restrictions are applied using those code. One screenshot is given below. 


The regexp code for blocking "Facebook" apps is given below: -


^.+(www.facebook.com|facebook.com|login.facebook.com|www.login.facebook.com|fbcdn.net|www.fbcdn.net|fbcdn.com|www.fbcdn.com|static.ak.fbcdn.net|static.ak.connect.facebook.com|connect.facebook.net|www.connect.facebook.net|apps.facebook.com|m.facebook.com|fbsbx.com).*$


How to block "Facebook" apps using layer-7 protocol is discussed step by step below.

First we will go to the layer-7 protocol from the firewall.


Now we will give a name for “Layer-7 protocol”, then we will write the regexp code and then "apply" and then "OK".


Now we will create a filter rule from the firewall and will go to the “Advanced” tab.


Now we will select the rule we created in “Layer 7 Protocol”. 


Then we will select “Drop” from “Action”.


Finally we will click on "apply" and then click on "OK". From now on facebook web access will be blocked as well as access through apps will be blocked.

If you have multiple firewall rules or access rules configured then please make sure you have placed this rule in the right sequence. If you are not sure about that, then place this rule at the top of all of your firewall rules. Just drag it on the up way and drop it at the first position and make sure the rule sequence number is "0". Just like below.


Thank you

1 comment: