1.事前DHCP綁IP及MAC要做好
2.停用webproxy
3.先允許--->再禁止(先允許學校網域被瀏覽)
/ip firewall filter
add chain=forward comment=\
"--允許學校網域被瀏覽--" dst-address=\
10.1.7.0/24 src-address=192.168.88.0/24
4.查詢補救教學評量網的ip
https://exam.tcte.edu.tw/tbt_html/
利用nslookup反查IP位置 210.60.249.245
5.將學生機共30台加入,只要不是補救教學網站就drop dst-address=!210.60.249.245 就disable
/ip firewall filter
add action=drop chain=forward comment="學生機-C01" disabled=yes \
dst-address=!210.60.249.245 src-address=192.168.88.1
add action=drop chain=forward comment="學生機-C02" disabled=yes \
dst-address=!210.60.249.245 src-address=192.168.88.2
add action=drop chain=forward comment="學生機-C03" disabled=yes \
dst-address=!210.60.249.245 src-address=192.168.88.3
add action=drop chain=forward comment="學生機-C04" disabled=yes \
dst-address=!210.60.249.245 src-address=192.168.88.4
add action=drop chain=forward comment="學生機-C05" disabled=yes \
dst-address=!210.60.249.245 src-address=192.168.88.5
add action=drop chain=forward comment="學生機-C06" disabled=yes \
dst-address=!210.60.249.245 src-address=192.168.88.6
add action=drop chain=forward comment="學生機-C07" disabled=yes \
dst-address=!210.60.249.245 src-address=192.168.88.7
add action=drop chain=forward comment="學生機-C08" disabled=yes \
dst-address=!210.60.249.245 src-address=192.168.88.8
add action=drop chain=forward comment="學生機-C09" disabled=yes \
dst-address=!210.60.249.245 src-address=192.168.88.9
add action=drop chain=forward comment="學生機-C10" disabled=yes \
dst-address=!210.60.249.245 src-address=192.168.88.10
6.設定重開機後回到原來狀態
沒有留言:
張貼留言
注意:只有此網誌的成員可以留言。