How to configure FlashStart DNS filtering on Mikrotik devices

important access the mikrotik via winbox or web connect to the control panel (via ssh, web or winbox) please note in this guide we have used winbox to configure the device 1 1 create the script first you need to create a new script then proceed as follows » » go to \[system] and then click on \[scripts] » » in the window that opens, click on the + symbol under scripts » » choose a name to give the script, for example, flashstartscript » » leave the default policies active » » in the source field paste the following instruction replace the words user and pass as follows » » user registration email/username » » pass registration password, received by email to the address specified during registration important if the password contains special characters such as $ or ", you must enter the \ symbol before each of these characters for example, suppose you have the password password123$$, this must be written as follows password123\\$$ this change is necessary otherwise the mikrotik would see those symbols as commands and not as simple characters » » click \[ ok ] to save the changes image caption creation of script image alt text creating script from system menu 2 2 schedule the script at this point it is necessary to create a scheduler so that it automatically executes the script created earlier then proceed as follows » » go to \[ system ] and click on \[ scheduler ] » » in the window that opens, click on the + symbol under the scheduler heading » » choose a name to give the scheduler, for example flashstartscheduler » » choose the 'script execution time interval, for example 5 minutes please note the format must be hh\ mm\ ss , so in our case it will be 00 05 00 » » in the on event field enter the name of the previously created script in our example therefore it will be flashstartscript 3 3 dns loud filter configuration set the following dns, either using a dhcp server or manually, on the various devices inside the network » » primary dns 185 236 104 104 » » secondary dns 185 236 105 105 alternatively, it is possible to change the dns used by the mikrotik so that the ip itself is used as the only dns on the devices internal to the network to do this proceed as follows » » go to \[ ip ] and click on \[ dns ] » » in the window that opens, respectively, enter the following ips in the servers field » » primary dns 185 236 104 104 » » secondary dns 185 236 105 105 » » click on the \[ ok ] button to save important if there is an address, within the dynamic dns field on dns settings, it means that the mikrotik also takes dns from the dhcp of another device on the network (usually the router) to avoid this proceed as follows » » open the \[ ip ] menu and then click on \[ dhcp client ] » » double click on the entry for the active dhcp client to open the respective properties » » remove the check mark from the use peer dns item » » click \[ ok ] to save 4 4 optional deny dns changes by users you can create some firewall rules with the purpose of automatically redirecting all dns traffic (port 53) to our servers this way you will not need to change the dns on the devices inside the network to do this open the \[ ip ] menu and click on the \[ firewall ] button then click on the \[ nat ] tab and then on the \[ add new ] button, to create a new rule lient fill in the various fields as follows » » enabled check the box to enable the rule » » chain select dstnat from the drop down menu » » protocol choose udp » » dst port enter 53 » » in interface choose the internal network interface to be filtered by default it is called bridge1 » » action select dst nat » » to address \ enter the address 185 236 104 104 » » to port \ enter the port number chosen previously, default is 53 please note if a port other than 53 was registered on the cloud panel, enter that port » » click \[ ok ] to save finally create another rule, the same as the previous one, except the protocol field must be tcp instead of udp related articles how to run scripts on multi wan scenarios on mikrotik docid 6hn28zuhuvlqotocdcvu how to configure flashstart dns filtering on mikrotik devices docid\ b1y3xh9gptj4vufdb02qv other ways to ask » » how to configure filter on mikrotik devices » » configuring the filter on mikrotik devices how to perform it