Kefirek Posted November 5, 2020 Share Posted November 5, 2020 On 10/14/2020 at 9:03 AM, Knomax said: These rules is for at least "basic" prioritization of your network....if you want to have full control in any traffic you can use a more complicated set up.(this is what i am using) I will explain... Control of this traffic: # give a high priority for PS4 or xbox # washing all traffic dscp to CS0 and then start to mark them # mark connections that go over 115 packets per second, not prioritized # unmarked UDP streams with small packets get CS6 # large udp streams like video call get AF41 # ICMP, to prioritize pings # DNS traffic both udp and tcp # NTP ##Browsing ######## ## medium priority for browsing #TCP SYN,ACK flows ################## #Make sure ACK,SYN packets get priority (to avoid upload speed limiting our download speed) #Small packet is probably interactive or flow control #Small packet connections: multi purpose (don't harm since not maxed out) # Streaming Media (videos/audios) ######################################## #Known video streams sites like netflix # some iptv provider's #known usrcdn like google # Background Traffic (Bulk/file transfer) ######################################### #bulk traffic ipset, like windows updates and steam updates/downloads These rules are running as a script when router boots and script set's up the firewall. #!/bin/bash -x IPT="iptables" ########## ######### ##ipset for streaming sites.they are being filled by dnsmasq ipset create streaming hash:ip ipset create usrcdn hash:ip ipset create bulk hash:ip ipset create latsens hash:ip ## add routing for veth0 this will handle all traffic #ip route add default dev veth0 table 100 #ip rule add iif $WANIF table 100 priority 100 $IPT -t mangle -N dscp_mark > /dev/null 2>&1 $IPT -t mangle -F dscp_mark ## check if POSTROUTING already exits then jumps to our tables if not, add them $IPT -t mangle -L POSTROUTING -n | grep dscp_mark || $IPT -t mangle -A POSTROUTING -j dscp_mark iptmark(){ $IPT -t mangle -A dscp_mark "$@" } #give a high priority for PS4 or xbox $IPT -t mangle -A PREROUTING -p udp -m conntrack --ctorigsrc 192.168.1.200 -m multiport ! --ports 80,443,8080 -j DSCP --set-dscp-class CS4 -m comment --comment "PS4" $IPT -t mangle -A PREROUTING -p tcp -m conntrack --ctorigsrc 192.168.1.200 -m multiport ! --ports 80,443,8080 -j DSCP --set-dscp-class CS4 -m comment --comment "PS4" #for PS4 or xbox etc, change the ip according to your ip setting. ## start by washing the dscp to CS0 iptmark -j DSCP --set-dscp 0 iptmark -p udp -m conntrack --ctorigsrc 192.168.1.250 -j DSCP --set-dscp-class CS1 -m comment --comment "tablet udp Low" iptmark -p tcp -m conntrack --ctorigsrc 192.168.1.250 -j DSCP --set-dscp-class CS1 -m comment --comment "tablet tcp Low" #A robust 2 rules to detect realtime traffic # mark connections that go over 115 packets per second, not prioritized iptmark -p udp -m hashlimit --hashlimit-name udp_high_prio --hashlimit-above 115/sec --hashlimit-burst 50 --hashlimit-mode srcip,srcport,dstip,dstport -j CONNMARK --set-mark 0x55 -m comment --comment "connmark for udp" # unmarked UDP streams with small packets get CS6 iptmark -p udp -m connmark ! --mark 0x55 -m multiport ! --ports 22,25,53,67,68,123,143,161,162,514,5353,80,443,8080,60001 -m connbytes --connbytes 0:940 --connbytes-dir both --connbytes-mode avgpkt -j DSCP --set-dscp-class CS6 -m comment --comment "small udp connection gets CS6" #large udp streams like video call get AF41 iptmark -p udp -m connmark ! --mark 0x55 -m multiport ! --ports 22,25,53,67,68,123,143,161,162,514,5353,80,443,8080,60001 -m connbytes --connbytes 940:1500 --connbytes-dir both --connbytes-mode avgpkt -j DSCP --set-dscp-class AF41 -m comment --comment "large udp connection gets AF41" ######################################## # Latency Sensitive (gaming/voip) ######################################## ##ICMP, to prioritize pings iptmark -p icmp -j DSCP --set-dscp-class CS5 -m comment --comment "ICMP-pings" #DNS traffic both udp and tcp iptmark -p udp -m multiport --port 53,5353,8888 -j DSCP --set-dscp-class CS5 -m comment --comment "DNS udp" iptmark -p tcp -m multiport --port 53,5353,8888 -j DSCP --set-dscp-class CS5 -m comment --comment "DNS tcp" #NTP iptmark -p udp -m multiport --port 123 -j DSCP --set-dscp-class CS6 -m comment --comment "NTP udp" #High priority ipset, i use for pubgM #iptmark ! -p tcp -m set --match-set latsens src,dst -j DSCP --set-dscp-class CS6 -m comment --comment "latency sensitive ipset" ## set dscp tag for Latency Sensitive (latsens) ipset,udp #iptmark -p tcp -m set --match-set latsens src,dst -j DSCP --set-dscp-class CS5 -m comment --comment "latency sensitive ipset" ## set dscp tag for Latency Sensitive (latsens) ipset ######## ##Browsing ######## ## medium priority for browsing iptmark -p tcp -m multiport --ports 80,443,8080 -j DSCP --set-dscp-class CS3 -m comment --comment "Browsing at CS3" ################## #TCP SYN,ACK flows ################## #Make sure ACK,SYN packets get priority (to avoid upload speed limiting our download speed) iptmark -p tcp --tcp-flags ALL ACK -m length --length :128 -j DSCP --set-dscp-class CS3 iptmark -p tcp --tcp-flags ALL SYN -m length --length :666 -j DSCP --set-dscp-class CS3 #Small packet is probably interactive or flow control iptmark -m dscp ! --dscp 24 -m dscp ! --dscp 18 -m dscp ! --dscp 34 -m dscp ! --dscp 40 -m dscp ! --dscp 48 -m length --length 0:500 -j DSCP --set-dscp-class CS3 #Small packet connections: multi purpose (don't harm since not maxed out) iptmark -m dscp ! --dscp 24 -m dscp ! --dscp 18 -m dscp ! --dscp 34 -m dscp ! --dscp 40 -m dscp ! --dscp 48 -m connbytes --connbytes 0:250 --connbytes-dir both --connbytes-mode avgpkt -j DSCP --set-dscp-class CS3 ######################################## # Streaming Media (videos/audios) ######################################## #Known video streams sites like netflix iptmark -m set --match-set streaming src,dst -j DSCP --set-dscp-class AF41 -m comment --comment "video audio stream ipset" # some iptv provider's use this port iptmark -p tcp -m multiport --ports 1935,9982 -j DSCP --set-dscp-class AF41 -m comment --comment "some iptv streaming service" #known usrcdn like google or akamai iptmark -m set --match-set usrcdn src,dst -j DSCP --set-dscp-class AF21 -m comment --comment "usrcdn ipset" ######################################### # Background Traffic (Bulk/file transfer) ######################################### #bulk traffic ipset, like windows udates and steam updates/downloads iptmark -p tcp -m set --match-set bulk src,dst -j DSCP --set-dscp-class CS1 -m comment --comment "bulk traffic ipset" iptmark -p udp -m set --match-set bulk src,dst -j DSCP --set-dscp-class CS1 -m comment --comment "bulk traffic ipset" iptmark -p tcp -m connbytes --connbytes 350000: --connbytes-dir both --connbytes-mode bytes -m dscp --dscp-class CS0 -j DSCP --set-dscp-class CS1 -m comment --comment "Downgrade CS0 to CS1 for bulk tcp traffic" iptmark -p tcp -m connbytes --connbytes 350000: --connbytes-dir both --connbytes-mode bytes -m dscp --dscp-class CS3 -j DSCP --set-dscp-class CS1 -m comment --comment "Downgrade CS3 to CS1 for bulk tcp traffic" iptmark -p udp -m multiport --port 60001 -j DSCP --set-dscp-class CS1 -m comment --comment "bulk torrent port UDP" #tcpdump rule, copy and paste this rule into terminal, this rule is used to capture realtime traffic, you can change ip to what you like #tcpdump -i br-lan host 192.168.1.126 and udp and portrange 1-65535 and !port 53 and ! port 80 and ! port 443 -vv -X -w /root/cap-name.pcap Then i add in dnsmasq configuration file these parameters ... ##video/audio streams # Youtube is also isolated by my isp ipset=/googlevideo.com/*.googlevideo.com/streaming # NetFlix ipset=/nflxvideo.net/streaming # AmazonVideo ipset=/s3.ll.dash.row.aiv-cdn.net/d25xi40x97liuc.cloudfront.net/aiv-delivery.net/streaming # Facebook ipset=/fbcdn.net/streaming # Twitch ipset=/ttvnw.net/streaming # VeVo ipset=/vevo.com/streaming # Spotify ipset=/audio-fa.scdn.cot/streaming # Deezer ipset=/deezer.com/streaming # SoundCloud ipset=/sndcdn.com/streaming # last.fm ipset=/last.fm/streaming #reddit videos ipset=/v.redd.it/streaming #twitch.tv ipset=/ttvnw.net/streaming ##i have isolated speed for those cdn's ipset=/googletagmanager.com/googleusercontent.com/*.googleusercontent.com/google.com/fbcdn.net/*.fbcdn.net/akamaihd.net/*.akamaihd.net/whatsapp.net/*.whatsapp.net/whatsapp.com/*.whatsapp.com/www-cdn.whatsapp.net/googleapis.com/*.googleapis.com/ucy.ac.cy/1e100.net/hwcdn.net/usrcdn ## Bulk downloads #qq download ipset=/download.qq.com/bulk # Steam Download ipset=/steamcontent.com/bulk # PSN Download ipset=/gs2.ww.prod.dl.playstation.net/bulk # DropBox ipset=/dropbox.com/dropboxstatic.com/dropbox-dns.com/log.getdropbox.com/bulk # Google Drive ipset=/drive.google.com/drive-thirdparty.googleusercontent.com/bulk # Google Docs ipset=/docs.google.com/docs.googleusercontent.com/bulk # PlayStore Download ipset=/gvt1.com/bulk # WhatsApp Files ipset=/mmg-fna.whatsapp.net/bulk # Youtube Upload ipset=/upload.youtube.com/upload.video.google.com/bulk # WindowsUpdate ipset=/windowsupdate.com/update.microsoft.com/bulk So when you see a video in Netflix etc. it falls in streaming ipset (ipset=/nflxvideo.net/streaming) by dnsmasq..and this traffic matching this rule... iptmark -m set --match-set streaming src,dst -j DSCP --set-dscp-class AF41 -m comment --comment "video audio stream ipset" It falls in video tin because i mark it as AF41 and according to tc-cake(8) — Linux manual page AF41 is "video" tin. Also you must use diffserv4. 😉 Hi Knomax, I wanted to make sure how I can make that particular script up and running? I know I should change IP numbers to match mine. But how to get that script running every time my router boots on? I will really appreciate your help. I am struggling with lags in COD MW and wanted to have better experience. My router firmware is Openwrt ofc Link to comment Share on other sites More sharing options...
johnnytran Posted November 6, 2020 Share Posted November 6, 2020 In openwrt it's under network > firewall > custom rules. You would just paste it all in there. It's a lo to look at for me i'm not sure what to change and i have no idea what dnsmasq or diffserv4 is so I haven't tested the above rules yet Link to comment Share on other sites More sharing options...
Knomax Posted November 7, 2020 Share Posted November 7, 2020 On 11/5/2020 at 3:45 AM, Kefirek said: Hi Knomax, I wanted to make sure how I can make that particular script up and running? I know I should change IP numbers to match mine. But how to get that script running every time my router boots on? I will really appreciate your help. I am struggling with lags in COD MW and wanted to have better experience. My router firmware is Openwrt ofc First of all ..create a text file and name it DSCP.sh.......then copy all the code in it........move the file in openwrt /root/ folder......make it executable .....then in openwrt GUI...."System-->>Startup".......write this ... /root/DSCP.sh Reboot router...check in firewall if you see the ip table rules. Link to comment Share on other sites More sharing options...
Knomax Posted November 7, 2020 Share Posted November 7, 2020 22 hours ago, johnnytran said: In openwrt it's under network > firewall > custom rules. You would just paste it all in there. It's a lo to look at for me i'm not sure what to change and i have no idea what dnsmasq or diffserv4 is so I haven't tested the above rules yet Many rles filled by dnsmasq. Link to comment Share on other sites More sharing options...
tehwayne Posted April 28, 2021 Share Posted April 28, 2021 On 11/7/2020 at 5:13 AM, Knomax said: First of all ..create a text file and name it DSCP.sh.......then copy all the code in it........move the file in openwrt /root/ folder......make it executable .....then in openwrt GUI...."System-->>Startup".......write this ... /root/DSCP.sh Reboot router...check in firewall if you see the ip table rules. how do i find these sections could u show me Link to comment Share on other sites More sharing options...
Knomax Posted April 28, 2021 Share Posted April 28, 2021 7 hours ago, tehwayne said: how do i find these sections could u show me If your needs is first of all for gaming and everything else second then try this....it is far better for gamers. Router custom QoS script: SimpleHFSCgamerscript.sh What script can do. Original post when i started it in Openwrt forum. If you have any problems to configure tell me. Script requires minimum knowledge on how to access your router via ssh connection...copying files to router...some cli commands. It has instruction in github and packages required to install in Openwrt. 😉 Link to comment Share on other sites More sharing options...
tehwayne Posted April 28, 2021 Share Posted April 28, 2021 so download the script how do i copy it over please Link to comment Share on other sites More sharing options...
tehwayne Posted April 28, 2021 Share Posted April 28, 2021 31 minutes ago, tehwayne said: so download the script how do i copy it over please 38 minutes ago, Knomax said: If your needs is first of all for gaming and everything else second then try this....it is far better for gamers. Router custom QoS script: SimpleHFSCgamerscript.sh What script can do. Original post when i started it in Openwrt forum. If you have any problems to configure tell me. Script requires minimum knowledge on how to access your router via ssh connection...copying files to router...some cli commands. It has instruction in github and packages required to install in Openwrt. 😉 Link to comment Share on other sites More sharing options...
tehwayne Posted April 28, 2021 Share Posted April 28, 2021 what next Link to comment Share on other sites More sharing options...
tehwayne Posted April 28, 2021 Share Posted April 28, 2021 41 minutes ago, Knomax said: If your needs is first of all for gaming and everything else second then try this....it is far better for gamers. Router custom QoS script: SimpleHFSCgamerscript.sh What script can do. Original post when i started it in Openwrt forum. If you have any problems to configure tell me. Script requires minimum knowledge on how to access your router via ssh connection...copying files to router...some cli commands. It has instruction in github and packages required to install in Openwrt. 😉i copied it into the root file Link to comment Share on other sites More sharing options...
tehwayne Posted April 28, 2021 Share Posted April 28, 2021 I got it set up and it WORKS!!!!!!! Thank you Link to comment Share on other sites More sharing options...
Xatocoslada Posted June 23, 2021 Share Posted June 23, 2021 On 10/14/2020 at 9:03 AM, Knomax said: These rules is for at least "basic" prioritization of your network....if you want to have full control in any traffic you can use a more complicated set up.(this is what i am using) I will explain... Control of this traffic: # give a high priority for PS4 or xbox # washing all traffic dscp to CS0 and then start to mark them # mark connections that go over 115 packets per second, not prioritized # unmarked UDP streams with small packets get CS6 # large udp streams like video call get AF41 # ICMP, to prioritize pings # DNS traffic both udp and tcp # NTP ##Browsing ######## ## medium priority for browsing #TCP SYN,ACK flows ################## #Make sure ACK,SYN packets get priority (to avoid upload speed limiting our download speed) #Small packet is probably interactive or flow control #Small packet connections: multi purpose (don't harm since not maxed out) # Streaming Media (videos/audios) ######################################## #Known video streams sites like netflix # some iptv provider's #known usrcdn like google # Background Traffic (Bulk/file transfer) ######################################### #bulk traffic ipset, like windows updates and steam updates/downloads These rules are running as a script when router boots and script set's up the firewall. #!/bin/bash -x IPT="iptables" ########## ######### ##ipset for streaming sites.they are being filled by dnsmasq ipset create streaming hash:ip ipset create usrcdn hash:ip ipset create bulk hash:ip ipset create latsens hash:ip ## add routing for veth0 this will handle all traffic #ip route add default dev veth0 table 100 #ip rule add iif $WANIF table 100 priority 100 $IPT -t mangle -N dscp_mark > /dev/null 2>&1 $IPT -t mangle -F dscp_mark ## check if POSTROUTING already exits then jumps to our tables if not, add them $IPT -t mangle -L POSTROUTING -n | grep dscp_mark || $IPT -t mangle -A POSTROUTING -j dscp_mark iptmark(){ $IPT -t mangle -A dscp_mark "$@" } #give a high priority for PS4 or xbox $IPT -t mangle -A PREROUTING -p udp -m conntrack --ctorigsrc 192.168.1.200 -m multiport ! --ports 80,443,8080 -j DSCP --set-dscp-class CS4 -m comment --comment "PS4" $IPT -t mangle -A PREROUTING -p tcp -m conntrack --ctorigsrc 192.168.1.200 -m multiport ! --ports 80,443,8080 -j DSCP --set-dscp-class CS4 -m comment --comment "PS4" #for PS4 or xbox etc, change the ip according to your ip setting. ## start by washing the dscp to CS0 iptmark -j DSCP --set-dscp 0 iptmark -p udp -m conntrack --ctorigsrc 192.168.1.250 -j DSCP --set-dscp-class CS1 -m comment --comment "tablet udp Low" iptmark -p tcp -m conntrack --ctorigsrc 192.168.1.250 -j DSCP --set-dscp-class CS1 -m comment --comment "tablet tcp Low" #A robust 2 rules to detect realtime traffic # mark connections that go over 115 packets per second, not prioritized iptmark -p udp -m hashlimit --hashlimit-name udp_high_prio --hashlimit-above 115/sec --hashlimit-burst 50 --hashlimit-mode srcip,srcport,dstip,dstport -j CONNMARK --set-mark 0x55 -m comment --comment "connmark for udp" # unmarked UDP streams with small packets get CS6 iptmark -p udp -m connmark ! --mark 0x55 -m multiport ! --ports 22,25,53,67,68,123,143,161,162,514,5353,80,443,8080,60001 -m connbytes --connbytes 0:940 --connbytes-dir both --connbytes-mode avgpkt -j DSCP --set-dscp-class CS6 -m comment --comment "small udp connection gets CS6" #large udp streams like video call get AF41 iptmark -p udp -m connmark ! --mark 0x55 -m multiport ! --ports 22,25,53,67,68,123,143,161,162,514,5353,80,443,8080,60001 -m connbytes --connbytes 940:1500 --connbytes-dir both --connbytes-mode avgpkt -j DSCP --set-dscp-class AF41 -m comment --comment "large udp connection gets AF41" ######################################## # Latency Sensitive (gaming/voip) ######################################## ##ICMP, to prioritize pings iptmark -p icmp -j DSCP --set-dscp-class CS5 -m comment --comment "ICMP-pings" #DNS traffic both udp and tcp iptmark -p udp -m multiport --port 53,5353,8888 -j DSCP --set-dscp-class CS5 -m comment --comment "DNS udp" iptmark -p tcp -m multiport --port 53,5353,8888 -j DSCP --set-dscp-class CS5 -m comment --comment "DNS tcp" #NTP iptmark -p udp -m multiport --port 123 -j DSCP --set-dscp-class CS6 -m comment --comment "NTP udp" #High priority ipset, i use for pubgM #iptmark ! -p tcp -m set --match-set latsens src,dst -j DSCP --set-dscp-class CS6 -m comment --comment "latency sensitive ipset" ## set dscp tag for Latency Sensitive (latsens) ipset,udp #iptmark -p tcp -m set --match-set latsens src,dst -j DSCP --set-dscp-class CS5 -m comment --comment "latency sensitive ipset" ## set dscp tag for Latency Sensitive (latsens) ipset ######## ##Browsing ######## ## medium priority for browsing iptmark -p tcp -m multiport --ports 80,443,8080 -j DSCP --set-dscp-class CS3 -m comment --comment "Browsing at CS3" ################## #TCP SYN,ACK flows ################## #Make sure ACK,SYN packets get priority (to avoid upload speed limiting our download speed) iptmark -p tcp --tcp-flags ALL ACK -m length --length :128 -j DSCP --set-dscp-class CS3 iptmark -p tcp --tcp-flags ALL SYN -m length --length :666 -j DSCP --set-dscp-class CS3 #Small packet is probably interactive or flow control iptmark -m dscp ! --dscp 24 -m dscp ! --dscp 18 -m dscp ! --dscp 34 -m dscp ! --dscp 40 -m dscp ! --dscp 48 -m length --length 0:500 -j DSCP --set-dscp-class CS3 #Small packet connections: multi purpose (don't harm since not maxed out) iptmark -m dscp ! --dscp 24 -m dscp ! --dscp 18 -m dscp ! --dscp 34 -m dscp ! --dscp 40 -m dscp ! --dscp 48 -m connbytes --connbytes 0:250 --connbytes-dir both --connbytes-mode avgpkt -j DSCP --set-dscp-class CS3 ######################################## # Streaming Media (videos/audios) ######################################## #Known video streams sites like netflix iptmark -m set --match-set streaming src,dst -j DSCP --set-dscp-class AF41 -m comment --comment "video audio stream ipset" # some iptv provider's use this port iptmark -p tcp -m multiport --ports 1935,9982 -j DSCP --set-dscp-class AF41 -m comment --comment "some iptv streaming service" #known usrcdn like google or akamai iptmark -m set --match-set usrcdn src,dst -j DSCP --set-dscp-class AF21 -m comment --comment "usrcdn ipset" ######################################### # Background Traffic (Bulk/file transfer) ######################################### #bulk traffic ipset, like windows udates and steam updates/downloads iptmark -p tcp -m set --match-set bulk src,dst -j DSCP --set-dscp-class CS1 -m comment --comment "bulk traffic ipset" iptmark -p udp -m set --match-set bulk src,dst -j DSCP --set-dscp-class CS1 -m comment --comment "bulk traffic ipset" iptmark -p tcp -m connbytes --connbytes 350000: --connbytes-dir both --connbytes-mode bytes -m dscp --dscp-class CS0 -j DSCP --set-dscp-class CS1 -m comment --comment "Downgrade CS0 to CS1 for bulk tcp traffic" iptmark -p tcp -m connbytes --connbytes 350000: --connbytes-dir both --connbytes-mode bytes -m dscp --dscp-class CS3 -j DSCP --set-dscp-class CS1 -m comment --comment "Downgrade CS3 to CS1 for bulk tcp traffic" iptmark -p udp -m multiport --port 60001 -j DSCP --set-dscp-class CS1 -m comment --comment "bulk torrent port UDP" #tcpdump rule, copy and paste this rule into terminal, this rule is used to capture realtime traffic, you can change ip to what you like #tcpdump -i br-lan host 192.168.1.126 and udp and portrange 1-65535 and !port 53 and ! port 80 and ! port 443 -vv -X -w /root/cap-name.pcap Then i add in dnsmasq configuration file these parameters ... ##video/audio streams # Youtube is also isolated by my isp ipset=/googlevideo.com/*.googlevideo.com/streaming # NetFlix ipset=/nflxvideo.net/streaming # AmazonVideo ipset=/s3.ll.dash.row.aiv-cdn.net/d25xi40x97liuc.cloudfront.net/aiv-delivery.net/streaming # Facebook ipset=/fbcdn.net/streaming # Twitch ipset=/ttvnw.net/streaming # VeVo ipset=/vevo.com/streaming # Spotify ipset=/audio-fa.scdn.cot/streaming # Deezer ipset=/deezer.com/streaming # SoundCloud ipset=/sndcdn.com/streaming # last.fm ipset=/last.fm/streaming #reddit videos ipset=/v.redd.it/streaming #twitch.tv ipset=/ttvnw.net/streaming ##i have isolated speed for those cdn's ipset=/googletagmanager.com/googleusercontent.com/*.googleusercontent.com/google.com/fbcdn.net/*.fbcdn.net/akamaihd.net/*.akamaihd.net/whatsapp.net/*.whatsapp.net/whatsapp.com/*.whatsapp.com/www-cdn.whatsapp.net/googleapis.com/*.googleapis.com/ucy.ac.cy/1e100.net/hwcdn.net/usrcdn ## Bulk downloads #qq download ipset=/download.qq.com/bulk # Steam Download ipset=/steamcontent.com/bulk # PSN Download ipset=/gs2.ww.prod.dl.playstation.net/bulk # DropBox ipset=/dropbox.com/dropboxstatic.com/dropbox-dns.com/log.getdropbox.com/bulk # Google Drive ipset=/drive.google.com/drive-thirdparty.googleusercontent.com/bulk # Google Docs ipset=/docs.google.com/docs.googleusercontent.com/bulk # PlayStore Download ipset=/gvt1.com/bulk # WhatsApp Files ipset=/mmg-fna.whatsapp.net/bulk # Youtube Upload ipset=/upload.youtube.com/upload.video.google.com/bulk # WindowsUpdate ipset=/windowsupdate.com/update.microsoft.com/bulk So when you see a video in Netflix etc. it falls in streaming ipset (ipset=/nflxvideo.net/streaming) by dnsmasq..and this traffic matching this rule... iptmark -m set --match-set streaming src,dst -j DSCP --set-dscp-class AF41 -m comment --comment "video audio stream ipset" It falls in video tin because i mark it as AF41 and according to tc-cake(8) — Linux manual page AF41 is "video" tin. Also you must use diffserv4. 😉 help me configure? Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.