Blokir Website dengan Keyword tertentu menggunakan DNS chace di Mikrotik



Helo jumpa lagi, kali ini saya akan membagikan tutorial Blokir Website dengan Keyword tertentu menggunakan DNS chace di Mikrotik, ya dari judulnya saja kita pasti sudah tahu maksud dan tujuannya, yaitu memblokir situs terlarang ketika user menggunakan kata kunci atau keyword tertentu. 

Baca juga: review produk mikrotik rb941 2nd hap lite

jadi user kita tidak bisa membuaka website tersebut berdasarkan kata kunci yang dia masukkan, oke ikuti saja script mikrotik nya dibawah

/ip firewall nat
add action=redirect chain=dstnat comment=DNS dst-port=53 protocol=tcp to-ports=53
add action=redirect chain=dstnat dst-port=53 protocol=udp to-ports=53
Disini ada dua opsi blokir:

1.Block it by dropping it in Filter rules

/ip firewall filter
add chain=forward dst-address-list=BLOCK_SITE action=drop

2. Block by redirecting IP and Port

/ip firewall nat
add action=dst-nat chain=dstnat comment="BLOCK WEBSITE" dst-address-list=
BLOCK_SITE dst-port=80,81,8181,443 protocol=tcp to-addresses=36.86.63.185 to-ports=80

Notes:
1. Jangan langsung masukkan scriptnya begitu saja, pelajari dulu maksud scriptnya
2. secara standar website akan blok I point to internet postif with ip 36.86.63.185 you can direct it to ip lainnya.
3. Silahkan masukkan juga di setingan proxy anda


##########################################################################
# By BuanaNET Secure
# fb.com/buananet.pangkalanbun
# Url Blocked From DNS Static
##########################################################################
# Find all entry on dns cache
:foreach iDNS in=[/ip dns cache all find where (name~"poker" || name~"porn" || name~"cheat" || name~"bokep" || name~"ngentot" || name~"qq.com" || name~"qq.net" || name~"qq.org" || name~"roulette" || name~"sbobet" || name~"casino" || name~"xvideos") && (type="A") ] do={
# find and filtering keyword and only find record for type A
# for keyword just add keyword || name~"KEYWORD") before && (type="A")
##########################################################################
:local tmpDNSsite [/ip dns cache get $iDNS name] ;
:local tmpDNSip [/ip dns cache get $iDNS address];
:local nameList "BLOCK_SITE";
# save to local cache by string
##########################################################################
delay delay-time=10ms
# wait for 10ms
##########################################################################
:if ( [/ip firewall address-list find where address=$tmpDNSip] = "") do={ 
# chek for no more duplicate site on cache
##########################################################################
:log warning ("Added site to block on dns: $tmpDNSsite : $tmpDNSip");
# show info on warning log
########################################################################## 
/ip firewall address-list add address=$tmpDNSip list=$nameList comment=$tmpDNSsite;
# add site to add list entry.
##########################################################################
}
}
# End Script 
##########################################################################