Manual:IP/Firewall/L7: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| Line 11: | Line 11: | ||
RouterOS will look for these strings in all connections passing the firewall rule where you use this. As this is resource intensive, make sure to filter out all good traffic before it hits this rule. | RouterOS will look for these strings in all connections passing the firewall rule where you use this. As this is resource intensive, make sure to filter out all good traffic before it hits this rule. | ||
You can download a script with a list of common programs [http://www.mikrotik.com/download/l7-protos.rsc here] (only for RouterOS v3 | You can download a script with a list of common programs [http://www.mikrotik.com/download/l7-protos.rsc here] (only for RouterOS v3), just run Import command with this file. All Pattern libraries can be found on the [http://l7-filter.sourceforge.net/protocols layer7 project page] and on the [http://protocolinfo.org/wiki/Main_Page protocol wiki]. | ||
[[Category:Firewall]] | [[Category:Firewall]] | ||
Revision as of 10:42, 19 March 2009
layer7-protocol is a method of looking for patterns in connections.
First, add Regexp strings to the protocols menu, to define strings you will be looking for.
/ip firewall layer7-protocol add=
Then, use the defined protocols in firewall:
/ip firewall filter add layer7-protocol=
RouterOS will look for these strings in all connections passing the firewall rule where you use this. As this is resource intensive, make sure to filter out all good traffic before it hits this rule.
You can download a script with a list of common programs here (only for RouterOS v3), just run Import command with this file. All Pattern libraries can be found on the layer7 project page and on the protocol wiki.