Friday 13 September 2013

Marking Whatsapp traffic.

Here is a list of IPs that is used for whatsapp. I am not sure if these are even up to date. I sniffed my packets coming from my phone and identified my server and added it to the list. Remember these are added in ip firewall address-list

add address=50.22.210.151 list=WhatsApp
add address=50.22.210.136 list=WhatsApp
add address=50.22.210.145 list=WhatsApp
add address=184.173.136.88 list=WhatsApp
add address=184.173.136.69 list=WhatsApp
add address=184.173.136.76 list=WhatsApp
add address=184.173.136.72 list=WhatsApp
add address=50.22.210.149 list=WhatsApp
add address=50.22.213.141 list=WhatsApp
add address=50.22.227.220 list=WhatsApp
add address=50.22.210.137 list=WhatsApp
add address=184.173.136.80 list=WhatsApp
add address=184.173.136.84 list=WhatsApp
add address=50.23.142.169 list=WhatsApp
add address=184.173.136.82 list=WhatsApp
add address=208.43.96.5 list=WhatsApp
add address=50.22.210.142 list=WhatsApp
add address=184.173.136.83 list=WhatsApp
add address=184.173.136.75 list=WhatsApp
add address=184.173.136.74 list=WhatsApp
add address=184.173.136.77 list=WhatsApp
add address=184.173.136.71 list=WhatsApp
add address=184.173.136.66 list=WhatsApp
add address=50.23.142.173 list=WhatsApp
add address=50.22.210.141 list=WhatsApp
add address=50.22.210.148 list=WhatsApp
add address=50.22.210.155 list=WhatsApp
add address=50.22.210.143 list=WhatsApp
add address=184.173.136.94 list=WhatsApp
add address=184.173.136.91 list=WhatsApp
add address=50.22.210.153 list=WhatsApp
add address=184.172.19.79 list=WhatsApp
add address=50.23.142.174 list=WhatsApp
add address=50.22.227.227 list=WhatsApp
add address=184.173.136.64 list=WhatsApp
add address=184.173.136.67 list=WhatsApp
add address=50.22.213.140 list=WhatsApp
add address=50.22.210.150 list=WhatsApp
add address=50.22.210.146 list=WhatsApp
add address=184.173.136.89 list=WhatsApp
add address=50.22.210.144 list=WhatsApp
add address=50.22.227.224 list=WhatsApp
add address=184.173.136.81 list=WhatsApp
add address=50.22.210.147 list=WhatsApp
add address=208.43.244.170 list=WhatsApp
add address=50.23.142.170 list=WhatsApp
add address=50.23.142.175 list=WhatsApp
add address=50.23.142.176 list=WhatsApp
add address=184.173.136.87 list=WhatsApp
add address=184.173.136.68 list=WhatsApp
add address=184.172.19.64 list=WhatsApp
add address=50.22.210.133 list=WhatsApp
add address=184.172.19.89 list=WhatsApp
add address=50.22.227.225 list=WhatsApp
add address=50.22.210.134 list=WhatsApp
add address=184.173.136.70 list=WhatsApp
add address=208.43.96.6 list=WhatsApp
add address=50.22.203.212 list=WhatsApp
add address=50.23.142.191 list=WhatsApp
add address=50.23.142.163 list=WhatsApp
add address=50.22.210.131 list=WhatsApp
add address=208.43.96.4 list=WhatsApp
add address=184.173.136.86 list=WhatsApp
add address=50.22.210.135 list=WhatsApp
add address=50.22.213.143 list=WhatsApp
add address=50.22.235.126 list=WhatsApp
add address=184.173.136.90 list=WhatsApp
add address=184.173.136.95 list=WhatsApp
add address=184.173.136.85 list=WhatsApp
add address=50.22.235.127 list=WhatsApp
add address=50.22.210.128 list=WhatsApp
add address=50.23.142.161 list=WhatsApp
add address=208.43.244.171 list=WhatsApp
add address=208.43.96.7 list=WhatsApp
add address=184.172.19.69 list=WhatsApp
add address=50.22.235.124 list=WhatsApp
add address=208.43.244.172 list=WhatsApp
add address=184.173.136.79 list=WhatsApp
add address=50.22.210.129 list=WhatsApp
add address=184.173.136.65 list=WhatsApp
add address=50.22.235.125 list=WhatsApp
add address=50.22.198.205 list=WhatsApp
add address=50.23.142.160 list=WhatsApp
add address=208.43.244.174 list=WhatsApp
add address=184.172.19.92 list=WhatsApp
add address=50.22.213.142 list=WhatsApp
add address=184.172.19.71 list=WhatsApp
add address=208.43.244.175 list=WhatsApp
add address=208.43.244.169 list=WhatsApp
add address=50.22.210.159 list=WhatsApp
add address=184.172.19.81 list=WhatsApp
add address=50.22.227.226 list=WhatsApp
add address=50.23.142.162 list=WhatsApp
add address=50.23.142.181 list=WhatsApp
add address=184.172.19.66 list=WhatsApp
add address=50.22.210.158 list=WhatsApp
add address=184.172.19.94 list=WhatsApp
add address=184.172.19.95 list=WhatsApp
add address=50.23.142.182 list=WhatsApp
add address=50.22.210.132 list=WhatsApp
add address=184.172.19.70 list=WhatsApp
add address=50.22.227.222 list=WhatsApp
add address=208.43.244.168 list=WhatsApp
add address=184.172.19.86 list=WhatsApp
add address=184.172.19.65 list=WhatsApp
add address=50.22.210.138 list=WhatsApp
add address=50.23.142.190 list=WhatsApp
add address=50.22.210.152 list=WhatsApp
add address=50.23.142.168 list=WhatsApp
add address=50.22.210.130 list=WhatsApp
add address=50.22.210.154 list=WhatsApp
add address=50.23.142.177 list=WhatsApp
add address=184.172.19.84 list=WhatsApp
add address=50.23.142.180 list=WhatsApp
add address=50.22.231.41 list=WhatsApp

Ofcourse the normal procedure mark the in you prerouting the connections going to the address list above.

Mark packets according to connections :) and presto.

Wednesday 11 September 2013

Identify Counter-strike Source + GO traffic in mangle

Hi everyone
There are three steps in identifying this traffic.
First of we look for TSource in packets. This is always sent to the server when connection and take note of the IP.

First step is to create the layer7 Protocol
The layer7 Protocol is as easy as creating one that says TSource












No mark the server's IP with the layer7 protocol
add action=add-dst-to-address-list address-list="CSS Servers" \
    address-list-timeout=1h chain=prerouting comment="CSS Connection IP" \
    in-interface=Your_in_interface layer7-protocol="CS GO" protocol=udp

Next up mark all connections going to those IPs
add action=mark-connection chain=prerouting comment="Mark CSS Con from IP" \
    connection-mark=no-mark dst-address-list="CSS Servers" in-interface=wlan1 \
    new-connection-mark="CSS Con" protocol=udp

And finally mark the packets on both directions. This allows you to have different queues for upload and download.

add action=mark-packet chain=forward comment="CSS Packet Mark DL" \
    connection-mark="CSS Con" new-packet-mark=Gaming_Packets_DL \
    out-interface=Your_in_interface
add action=mark-packet chain=forward comment="CSS Packet Mark UP" \
    connection-mark="CSS Con" new-packet-mark="Gaming Packets_UP1" \
    out-interface=Your_out_interface passthrough=no

For Your_out_interface I used all PPP :)

Then lastly add them to your queues :) enjoy!


Thursday 29 August 2013

Introduction

Good day internet you exciting thing you with so much information to give. Do you mind if I add some more information ? no ... ? great well here is what I have learned from you.

Good day. I am Micholl and I will be adding my information what I have learned regarding Mikrotik routers to the internet. So where did it all start ?

First Mikrotik product I owned was a RB433. The first one I bought in 2008 for our city's WUG (Wireless user group). This allowed me to connect to my any users for chatting and file sharing but I had no idea how it worked or what was what on the board. I was not fascinated much in the inner working of the network at that time but as soon as we started with courses at university (CCNA) my mind stuck on networking. I enjoyed the CCNA course a lot but due to lack of knowledge I ignored the mikrotik router. I started helping out with the WUG and started learning basic routing and how wireless works. The CCNA course fueled my passion for networks.

My next step was setting up a LAN setup between me and my friend, and after several days of studying how I would go about this, several posts about MPLS popped up. I was confused and looked at the configs the people posted and still didn't understand the concept . But hey the configs worked and we had a working LAN connection between the two of us. Later I added a another friend but due to my lack of knowledge I had the bridge port as disabled. Confused and alone I didn't know what to do haha. So the basic idea was to make one a EOIP tunnel and the other one the the MPLS tunnel. It worked :! . I later found out how a MPLS/VPLS tunnel works and presto a much better solution.

But that is how we learn. Step by step. making a fault learning from it and moving on.

So this year (2013) I started working for a telecoms company in South Africa and got my second ADSL line. This lead me to research PCQ from mikrotik to "bond" my two ADSL lines and this led me to where I am today. Exploring and learning. This is what this blog is about. I hope I will help someone somewhere to enhance their internet connection and share it among multiple people. I have enough bandwidth but love how it balances the traffic between the clients and services. Quite amazing actually. Enjoy my blog and I really do hope it helps you in some way. Whenever I learn something new I will update it here.