📄️ 🔒 Enforce DNS to Google
Force all clients on your network to use Google's DNS (8.8.8.8) regardless of their configured DNS settings. This guide covers three enforcement methods: router DNS settings, DHCP server assignment, and firewall NAT redirection. Useful for ensuring consistent DNS resolution, blocking custom DNS configurations, or enforcing corporate DNS policies.
📄️ 🔒 Block Mobile Legends
Block Mobile Legends traffic using Layer7 patterns, IP ranges, and port filtering. This guide provides a practical, repeatable approach for MikroTik networks where gaming traffic needs to be restricted or scheduled.
📄️ 🚫 Block Tethering
Prevent clients from sharing your router's internet connection with other devices (tethering) by manipulating the TTL (Time To Live) value of outgoing packets. When a device tethers, packets pass through multiple hops—by setting TTL to 1, packets die after leaving your network, blocking tethered devices while allowing direct clients to work normally. This is a common ISP technique to enforce fair usage policies.
📄️ 🔓 Port Forwarding
Port forwarding (Destination NAT) redirects incoming traffic from the internet to internal servers or devices, enabling external access to services like web servers, remote desktop, security cameras, and gaming servers while maintaining network security through controlled access.
📄️ 🛰️ Starlink Anti Stow
Set up advanced firewall rules to manage Starlink connectivity and control traffic between local networks and Starlink devices. This guide demonstrates how to create address lists (for easy rule management) and apply firewall filters to reject or drop specific traffic patterns. Useful for isolating Starlink equipment, preventing unauthorized access, or managing bandwidth to satellite devices.
📄️ 📺 Protect ChromeCast
Prevent guests on your hotspot network from discovering and controlling ChromeCast devices (and other mDNS/UPnP devices) on your local LAN. ChromeCast uses ports 8008 (HTTP), 8009 (proprietary), and 8443 (HTTPS) for communication. By blocking these ports between hotspot and LAN subnets, you isolate your personal devices while still allowing hotspot clients internet access. Useful for guest WiFi networks, shared offices, or multi-tenant environments.
📄️ 🔒 Security Hardening
This guide explains how to harden your MikroTik router against scanning, reconnaissance, and unauthorized access attempts. It covers blocking common discovery protocols, management ports, and vulnerable services to prevent your router from being fingerprinted or exploited.