![http://www.itlearnweb.com/2020/01/block-https-sites-facbook-youtube.html](https://i.ytimg.com/vi/NEBjePEWqcc/maxresdefault.jpg)
● Since Most of the Internet now uses HTTPS, it has become much harder to filter specific WWW content.
● For this reason, RouterOS 6.41 introduces a new firewall option that allows you to block HTTPS websites (TLS traffic).
● Based on the TLS SNI extension, called “TLSHost”. The new parameter supports GLOB-style patterns.
/ip firewall filter
add chain=forward dst-port=443 protocol=tcp tls-host=*.facebook.com action=reject
add chain=forward dst-port=443 protocol=tcp tls-host=*.youtube.com action=reject