Community discussions

MikroTik App
 
User avatar
vetusa2
Member Candidate
Member Candidate
Topic Author
Posts: 119
Joined: Sat Jun 18, 2011 8:24 pm

how to stream video using rstp protocol of vlc player?

Sat Aug 27, 2011 10:06 am

our network range is 10.0.0.0/24

every time i try to stream a video to all my network members throught ip 10.0.0.255 using vlc player's streaming option my pc gets blocked from internet access!

how to allow vlc player's rstp protocol to work without issues?
 
User avatar
janisk
MikroTik Support
MikroTik Support
Posts: 6263
Joined: Tue Feb 14, 2006 9:46 am
Location: Riga, Latvia

Re: how to stream video using rstp protocol of vlc player?

Mon Aug 29, 2011 11:14 am

it looks you are trying to multicast the stream. choose appropriate multicast group, install multicast packet, configure PIM on the router. if you have only switches, then just configure VLC properly and check if TTL value of the stream is OK (if you use graphical interface)

but for best results on how to stream you will see in VLC help/manual.
 
User avatar
vetusa2
Member Candidate
Member Candidate
Topic Author
Posts: 119
Joined: Sat Jun 18, 2011 8:24 pm

Re: how to stream video using rstp protocol of vlc player?

Fri Sep 02, 2011 11:47 am

i know how to use the vlc streaming options but the mikrotik server is not allowing the multicasting!
 
fewi
Forum Guru
Forum Guru
Posts: 7717
Joined: Tue Aug 11, 2009 3:19 am

Re: how to stream video using rstp protocol of vlc player?

Fri Sep 02, 2011 4:40 pm

Have you considered maybe posting the router configuration? It's kind of impossible guess at what could be causing the issue.

Here's a wild stab: "using vlc player's streaming option my pc gets blocked from internet access!" - you copied and pasted some "virus blocking" IP firewall filter rules from the wiki or forum without any understanding of what they actually mean, and now they add your PC to address lists and block traffic sourced by it because some rules trigger on broadcast traffic (traffic to 10.0.0.255 on 10.0.0.0/24 isn't multicast at all, that's a broadcast address).

Give a lot of details and maybe you'll get some help. Keeping everyone guessing is a waste of everyone's time, including yours.
 
User avatar
janisk
MikroTik Support
MikroTik Support
Posts: 6263
Joined: Tue Feb 14, 2006 9:46 am
Location: Riga, Latvia

Re: how to stream video using rstp protocol of vlc player?

Thu Sep 08, 2011 3:22 pm

and there is problem with VLC that if graphical interface is used to stream, TTL value is set to 1 instead of what you set up in the configuration. As result, stream reaches the router, where it is rightfully dropped, since TTL reaches 0. And if you had done any searching you should have seen this discussed in the forum.
 
User avatar
vetusa2
Member Candidate
Member Candidate
Topic Author
Posts: 119
Joined: Sat Jun 18, 2011 8:24 pm

Re: how to stream video using rstp protocol of vlc player?

Thu Sep 29, 2011 10:04 pm

i chose the broadcast solution

i allowed the igmp service from the firewall and the udp protocol too.

i went into igmp proxy and chose the nic card that is hooked to the pc with the satellite card as upstream with alternative subnet as 0.0.0.0/0,then i entered the second nic card connected to the server as querier in the igmp proxy list too.

at last i started streaming to ip 10.0.0.255

0 packets was received on all pcs on the network from the second card!

i looked in the firewall config ....i can see the igmp service port is counting packets but in the igmp proxy list nothing is happening!!!

am i missing something here?
 
User avatar
janisk
MikroTik Support
MikroTik Support
Posts: 6263
Joined: Tue Feb 14, 2006 9:46 am
Location: Riga, Latvia

Re: how to stream video using rstp protocol of vlc player?

Mon Oct 03, 2011 2:19 pm

you have to have customer with IGMP sending join request to join some network. Also, if i understood correctly, then you have to choose IGMP group from 224.0.0.0/4 as target address. then you can run VLC and join certain group.

Alternative networks should be used only if interface IP address differs from source address of the multicast stream.
 
User avatar
vetusa2
Member Candidate
Member Candidate
Topic Author
Posts: 119
Joined: Sat Jun 18, 2011 8:24 pm

Re: how to stream video using rstp protocol of vlc player?

Tue Oct 04, 2011 7:03 am

here is my configs

Image

/ip firewall address-list
add address=172.16.0.0/12 comment="" disabled=no list=illegal-addr
add address=192.168.0.0/16 comment="" disabled=no list=illegal-addr
add address=192.168.0.0/16 comment="" disabled=no list=illegal-addr
add address=172.16.0.0/12 comment="" disabled=no list=illegal-addr
add address=169.254.0.0/16 comment="" disabled=no list=illegal-addr
add address=223.0.0.0/8 comment="" disabled=no list=illegal-addr
add address=198.18.0.0/15 comment="" disabled=no list=illegal-addr
add address=192.0.2.0/24 comment="" disabled=no list=illegal-addr
add address=185.0.0.0/8 comment="" disabled=no list=illegal-addr
add address=180.0.0.0/6 comment="" disabled=no list=illegal-addr
add address=179.0.0.0/8 comment="" disabled=no list=illegal-addr
add address=176.0.0.0/7 comment="" disabled=no list=illegal-addr
add address=175.0.0.0/8 comment="" disabled=no list=illegal-addr
add address=104.0.0.0/6 comment="" disabled=no list=illegal-addr
add address=100.0.0.0/6 comment="" disabled=no list=illegal-addr
add address=49.0.0.0/8 comment="" disabled=no list=illegal-addr
add address=46.0.0.0/8 comment="" disabled=no list=illegal-addr
add address=42.0.0.0/8 comment="" disabled=no list=illegal-addr
add address=39.0.0.0/8 comment="" disabled=no list=illegal-addr
add address=36.0.0.0/7 comment="" disabled=no list=illegal-addr
add address=31.0.0.0/8 comment="" disabled=no list=illegal-addr
add address=27.0.0.0/8 comment="" disabled=no list=illegal-addr
add address=23.0.0.0/8 comment="" disabled=no list=illegal-addr
add address=14.0.0.0/8 comment="" disabled=no list=illegal-addr
add address=5.0.0.0/8 comment="" disabled=no list=illegal-addr
add address=2.0.0.0/8 comment="" disabled=no list=illegal-addr
add address=128.0.0.0/16 comment="" disabled=no list=illegal-addr
add address=192.168.2.0/24 comment="" disabled=no list=illegal-addr
add address=10.5.50.0/24 comment="" disabled=no list=illegal-addr
add address=72.233.96.254 comment="" disabled=no list=black_list
add address=41.0.0.0/8 comment="" disabled=no list=illegal-addr
add address=80.0.0.0/8 comment="" disabled=no list=illegal-addr
add address=62.0.0.0/8 comment="" disabled=no list=illegal-addr
add address=163.121.170.209 comment="" disabled=no list=illegal-addr
add address=50.16.0.0/14 comment="" disabled=no list=black_list
add address=184.72.0.0/15 comment="" disabled=no list=black_list
add address=89.178.0.0/15 comment="" disabled=no list=black_list
add address=94.198.224.0/21 comment="" disabled=no list=black_list
add address=91.148.128.0/18 comment="" disabled=no list=black_list
add address=67.215.64.0/19 comment="" disabled=no list=black_list
add address=209.51.128.0/19 comment="" disabled=no list=black_list
add address=62.0.0.0/8 comment="" disabled=no list=black_list
add address=41.0.0.0/8 comment="" disabled=no list=black_list
add address=169.254.0.0/16 comment="" disabled=no list=illegal-addr
add address=195.0.0.0/8 comment="" disabled=no list=black_list
add address=213.0.0.0/8 comment="" disabled=no list=illegal-addr
add address=208.94.0.0/22 comment="" disabled=no list=illegal-addr
add address=87.0.0.0/8 comment="" disabled=no list=black_list
add address=178.0.0.0/8 comment="" disabled=no list=black_list
add address=208.94.0.0/22 comment="" disabled=no list=black_list
add address=67.228.0.0/16 comment="" disabled=no list=illegal-addr
add address=67.228.0.0/16 comment="" disabled=no list=black_list
add address=64.62.128.0/17 comment="" disabled=no list=black_list
add address=64.62.128.0/17 comment="" disabled=no list=illegal-addr
add address=174.132.0.0/15 comment="" disabled=no list=black_list
add address=174.132.0.0/15 comment="" disabled=no list=illegal-addr
add address=87.0.0.0/8 comment="" disabled=no list=black_list
add address=87.0.0.0/8 comment="" disabled=no list=illegal-addr
add address=67.215.64.0/19 comment="" disabled=no list=black_list
add address=195.0.0.0/8 comment="" disabled=no list=black_list
add address=67.215.65.132 comment="" disabled=no list=black_list
add address=67.215.65.132 comment="" disabled=no list=black_list
add address=38.0.0.0/8 comment="" disabled=no list=black_list
add address=41.232.144.8 comment="" disabled=no list=black_list
add address=78.140.128.0/18 comment="" disabled=no list=black_list
add address=78.140.128.0/18 comment="" disabled=no list=illegal-addr
add address=74.0.0.0/8 comment="" disabled=no list=black_list
add address=74.0.0.0/8 comment="" disabled=no list=illegal-addr
add address=112.175.243.22 comment="" disabled=no list=black_list
add address=112.175.243.22 comment="" disabled=no list="port scanners"
add address=41.234.147.214 comment="" disabled=no list=black_list
add address=41.234.147.214 comment="" disabled=no list="port scanners"
add address=255.255.255.255 comment="" disabled=no list=illegal-addr
add address=255.255.255.255 comment="" disabled=no list=black_list
add address=255.255.255.255 comment="" disabled=no list="port scanners"
/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s \
tcp-close-wait-timeout=10s tcp-established-timeout=1d \
tcp-fin-wait-timeout=10s tcp-last-ack-timeout=10s \
tcp-syn-received-timeout=5s tcp-syn-sent-timeout=5s tcp-syncookie=yes \
tcp-time-wait-timeout=10s udp-stream-timeout=3m udp-timeout=10s
/ip firewall filter
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=no
add action=drop chain=forward comment="" disabled=no icmp-options=8:0 \
protocol=icmp
add action=drop chain=virus comment="Drop Messenger Worm" disabled=no \
dst-port=135-139 protocol=udp
add action=drop chain=virus comment="Drop Blaster Worm" disabled=no dst-port=\
445 protocol=udp
add action=drop chain=forward comment="Drop all P2P" disabled=no p2p=all-p2p
add action=drop chain=input comment="Drop invalid connections" \
connection-state=invalid disabled=no
add action=drop chain=input comment="limit total http connections to 100" \
connection-limit=100,0 disabled=no dst-port=80 protocol=tcp
add action=drop chain=input comment="suppress DoS attack from 1 IP" \
connection-limit=2,32 disabled=no protocol=tcp src-address-list=\
black_list
add action=add-src-to-address-list address-list=black_list \
address-list-timeout=1d chain=input comment="detect DoS attack 1 IP" \
connection-limit=10,24 disabled=no protocol=tcp
add action=jump chain=input comment="!!! Check for well-known viruses !!!" \
disabled=no jump-target=virus
add action=drop chain=input comment="" disabled=no dst-port=25 protocol=tcp
add action=drop chain=input comment="Telnet for demo purposes" disabled=no \
dst-port=23 protocol=tcp
add action=drop chain=forward comment="Drop invalid connections" \
connection-state=invalid disabled=no
add action=jump chain=forward comment="!!! Check for well-known viruses !!!" \
disabled=no jump-target=virus
add action=drop chain=virus comment="Drop Blaster Worm" disabled=no dst-port=\
445 protocol=tcp
add action=drop chain=virus comment="Drop Blaster Worm" disabled=no dst-port=\
445 protocol=udp
add action=drop chain=virus comment=________ disabled=no dst-port=593 \
protocol=tcp
add action=drop chain=virus comment=________ disabled=no dst-port=1024-1030 \
protocol=tcp
add action=drop chain=virus comment="Drop MyDoom" disabled=no dst-port=1080 \
protocol=tcp
add action=drop chain=virus comment=________ disabled=no dst-port=1214 \
protocol=tcp
add action=drop chain=virus comment="ndm requester" disabled=no dst-port=1363 \
protocol=tcp
add action=drop chain=virus comment="ndm server" disabled=no dst-port=1364 \
protocol=tcp
add action=drop chain=virus comment="screen cast" disabled=no dst-port=1368 \
protocol=tcp
add action=drop chain=virus comment=hromgrafx disabled=no dst-port=1373 \
protocol=tcp
add action=drop chain=virus comment=cichlid disabled=no dst-port=1377 \
protocol=tcp
add action=drop chain=virus comment=Worm disabled=no dst-port=1433-1434 \
protocol=tcp
add action=drop chain=virus comment="Bagle Virus" disabled=no dst-port=2745 \
protocol=tcp
add action=drop chain=virus comment="Drop Dumaru.Y" disabled=no dst-port=2283 \
protocol=tcp
add action=drop chain=virus comment="Drop Beagle" disabled=no dst-port=2535 \
protocol=tcp
add action=drop chain=virus comment="Drop Beagle.C-K" disabled=no dst-port=\
2745 protocol=tcp
add action=drop chain=virus comment="Drop MyDoom" disabled=no dst-port=\
3127-3128 protocol=tcp
add action=drop chain=virus comment="Drop Backdoor OptixPro" disabled=no \
dst-port=3410 protocol=tcp
add action=drop chain=virus comment=Worm disabled=no dst-port=4444 protocol=\
tcp
add action=drop chain=virus comment=Worm disabled=no dst-port=4444 protocol=\
udp
add action=drop chain=virus comment="Drop Sasser" disabled=no dst-port=5554 \
protocol=tcp
add action=drop chain=virus comment="Drop Beagle.B" disabled=no dst-port=8866 \
protocol=tcp
add action=drop chain=virus comment="Drop Dabber.A-B" disabled=no dst-port=\
9898 protocol=tcp
add action=drop chain=virus comment="Drop Dumaru.Y" disabled=no dst-port=\
10000 protocol=tcp
add action=drop chain=virus comment="Drop MyDoom.B" disabled=no dst-port=\
10080 protocol=tcp
add action=drop chain=virus comment="Drop NetBus" disabled=no dst-port=12345 \
protocol=tcp
add action=drop chain=virus comment="Drop Kuang2" disabled=no dst-port=17300 \
protocol=tcp
add action=drop chain=virus comment="Drop SubSeven" disabled=no dst-port=\
27374 protocol=tcp
add action=drop chain=virus comment="Drop PhatBot, Agobot, Gaobot" disabled=\
no dst-port=65506 protocol=tcp
add action=drop chain=virus comment=Worm disabled=no dst-port=4444 protocol=\
udp
add action=drop chain=virus comment="Drop Sasser" disabled=no dst-port=5554 \
protocol=tcp
add action=drop chain=virus comment="Drop Beagle.B" disabled=no dst-port=8866 \
protocol=tcp
add action=drop chain=virus comment="Drop Dabber.A-B" disabled=no dst-port=\
9898 protocol=tcp
add action=drop chain=virus comment="Drop Dumaru.Y" disabled=no dst-port=\
10000 protocol=tcp
add action=drop chain=virus comment="Drop MyDoom.B" disabled=no dst-port=\
10080 protocol=tcp
add action=drop chain=virus comment="Drop NetBus" disabled=no dst-port=12345 \
protocol=tcp
add action=drop chain=virus comment="Drop Kuang2" disabled=no dst-port=17300 \
protocol=tcp
add action=drop chain=virus comment="Drop SubSeven" disabled=no dst-port=\
27374 protocol=tcp
add action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w chain=input comment="Port scanners to list " \
disabled=no protocol=tcp psd=21,3s,3,1
add action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w chain=input comment="NMAP FIN Stealth scan\
\n" disabled=no protocol=tcp tcp-flags=fin,!syn,!rst,!psh,!ack,!urg
add action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w chain=input comment="" disabled=no protocol=tcp \
tcp-flags=fin,syn
add action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w chain=input comment="SYN/FIN scan" disabled=no \
protocol=tcp tcp-flags=fin,syn
add action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w chain=input comment="SYN/RST scan" disabled=no \
protocol=tcp tcp-flags=syn,rst
add action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w chain=input comment="FIN/PSH/URG scan" disabled=\
no protocol=tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack
add action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w chain=input comment="ALL/ALL scan" disabled=no \
protocol=tcp tcp-flags=fin,syn,rst,psh,ack,urg
add action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w chain=input comment="NMAP NULL scan" disabled=no \
protocol=tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg
add action=drop chain=input comment="dropping port scanners" disabled=no \
src-address-list="port scanners"
add action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w chain=forward comment="Port scanners to list " \
disabled=no protocol=tcp psd=21,3s,3,1
add action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w chain=forward comment="NMAP FIN Stealth scan\
\n" disabled=no protocol=tcp tcp-flags=fin,!syn,!rst,!psh,!ack,!urg
add action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w chain=forward comment="" disabled=no protocol=tcp \
tcp-flags=fin,syn
add action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w chain=forward comment="SYN/FIN scan" disabled=no \
protocol=tcp tcp-flags=fin,syn
add action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w chain=forward comment="SYN/RST scan" disabled=no \
protocol=tcp tcp-flags=syn,rst
add action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w chain=forward comment="FIN/PSH/URG scan" \
disabled=no protocol=tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack
add action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w chain=forward comment="ALL/ALL scan" disabled=no \
protocol=tcp tcp-flags=fin,syn,rst,psh,ack,urg
add action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w chain=forward comment="NMAP NULL scan" disabled=\
no protocol=tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg
add action=drop chain=forward comment="" disabled=no dst-port=135-139 \
protocol=tcp
add action=drop chain=forward comment=Worm.NetSky.Y@mm disabled=no dst-port=\
82 protocol=tcp
add action=drop chain=forward comment=W32.Korgo.A/B/C/D/E/F-1 disabled=no \
dst-port=113 protocol=tcp
add action=drop chain=forward comment=W33.Korgo.A/B/C/D/E/F-2 disabled=no \
dst-port=2041 protocol=tcp
add action=drop chain=forward comment=W32.Korgo.A/B/C/D/E/F-3 disabled=no \
dst-port=3067 protocol=tcp
add action=drop chain=forward comment=W32.Korgo.A/B/C/D/E/F-4 disabled=yes \
dst-port=6667 protocol=tcp
add action=drop chain=forward comment=W32.Korgo.A/B/C/D/E/F-5 disabled=no \
dst-port=445 protocol=tcp
add action=drop chain=forward comment=Backdoor.Nibu.B-1 disabled=no dst-port=\
1000-1001 protocol=tcp
add action=drop chain=forward comment=Backdoor.Nibu.B-2 disabled=no dst-port=\
2283 protocol=tcp
add action=drop chain=forward comment=Backdoor.IRC.Aladinz.R-1 disabled=no \
dst-port=3422 protocol=tcp
add action=drop chain=forward comment=Backdoor.IRC.Aladinz.R-2 disabled=no \
dst-port=43958 protocol=tcp
add action=drop chain=forward comment=W32.Dabber.A/B-1 disabled=no dst-port=\
5554 protocol=tcp
add action=drop chain=forward comment=W32.Dabber.A/B-2 disabled=no dst-port=\
8967 protocol=tcp
add action=drop chain=forward comment=Worm.NetSky.S/T/U@mm disabled=no \
dst-port=6789 protocol=tcp
add action=drop chain=forward comment=Back.Orifice.2000.Trojan-1 disabled=no \
dst-port=8787 protocol=tcp
add action=drop chain=forward comment=Back.Orifice.2000.Trojan-2 disabled=no \
dst-port=8879 protocol=tcp
add action=drop chain=forward comment=Back.Orifice.2000.Trojan-3 disabled=no \
dst-port=31666 protocol=tcp
add action=drop chain=forward comment=Back.Orifice.2000.Trojan-5 disabled=no \
dst-port=54320-54321 protocol=tcp
add action=drop chain=forward comment=Block.NetBus.Trojan-1 disabled=no \
dst-port=12345-12346 protocol=tcp
add action=drop chain=forward comment=Block.NetBus.Trojan-2 disabled=no \
dst-port=20034 protocol=tcp
add action=drop chain=forward comment=GirlFriend.Trojan-1 disabled=no \
dst-port=21554 protocol=tcp
add action=drop chain=forward comment=DeepThroat.Trojan-1 disabled=no \
dst-port=41 protocol=tcp
add action=drop chain=forward comment=DeepThroat.Trojan-2 disabled=no \
dst-port=3150 protocol=tcp
add action=drop chain=forward comment=DeepThroat.Trojan-3 disabled=no \
dst-port=999 protocol=tcp
add action=drop chain=forward comment=DeepThroat.Trojan-4 disabled=no \
dst-port=6670 protocol=tcp
add action=drop chain=forward comment=DeepThroat.Trojan-5 disabled=no \
dst-port=6771 protocol=tcp
add action=drop chain=forward comment=DeepThroat.Trojan-6 disabled=no \
dst-port=60000 protocol=tcp
add action=drop chain=forward comment=DeepThroat.Trojan-7 disabled=no \
dst-port=2140 protocol=tcp
add action=drop chain=forward comment=Portal.of.Doom.Trojan-1 disabled=no \
dst-port=10067 protocol=tcp
add action=drop chain=forward comment=Portal.of.Doom.Trojan-2 disabled=no \
dst-port=10167 protocol=tcp
add action=drop chain=forward comment=Portal.of.Doom.Trojan-3 disabled=no \
dst-port=3700 protocol=tcp
add action=drop chain=forward comment=Portal.of.Doom.Trojan-4 disabled=no \
dst-port=9872-9875 protocol=tcp
add action=drop chain=forward comment=Delta.Source.Trojan-1 disabled=no \
dst-port=6883 protocol=tcp
add action=drop chain=forward comment=Delta.Source.Trojan-2 disabled=no \
dst-port=26274 protocol=tcp
add action=drop chain=forward comment=Delta.Source.Trojan-3 disabled=no \
dst-port=4444 protocol=tcp
add action=drop chain=forward comment=Delta.Source.Trojan-4 disabled=no \
dst-port=47262 protocol=tcp
add action=drop chain=forward comment=Eclypse.Trojan-1 disabled=no dst-port=\
3791 protocol=tcp
add action=drop chain=forward comment=Eclypse.Trojan-2 disabled=no dst-port=\
3801 protocol=tcp
add action=drop chain=forward comment=Eclypse.Trojan-3 disabled=no dst-port=\
65390 protocol=tcp
add action=drop chain=forward comment=Y3K.RAT.Trojan-1 disabled=no dst-port=\
5880-5882 protocol=tcp
add action=drop chain=forward comment=Y3K.RAT.Trojan-2 disabled=no dst-port=\
5888-5889 protocol=tcp
add action=drop chain=forward comment=NetSphere.Trojan-1 disabled=no \
dst-port=30100-30103 protocol=tcp
add action=drop chain=forward comment=NetSphere.Trojan-2 disabled=no \
dst-port=30133 protocol=tcp
add action=drop chain=forward comment=NetMonitor.Trojan-1 disabled=no \
dst-port=7300-7301 protocol=tcp
add action=drop chain=forward comment=NetMonitor.Trojan-2 disabled=no \
dst-port=7306-7308 protocol=tcp
add action=drop chain=forward comment=FireHotcker.Trojan-1 disabled=no \
dst-port=79 protocol=tcp
add action=drop chain=forward comment=FireHotcker.Trojan-2 disabled=no \
dst-port=5031 protocol=tcp
add action=drop chain=forward comment=FireHotcker.Trojan-3 disabled=no \
dst-port=5321 protocol=tcp
add action=drop chain=forward comment=TheThing.Trojan-1 disabled=no dst-port=\
6400 protocol=tcp
add action=drop chain=forward comment=GateCrasher.Trojan-1 disabled=no \
dst-port=1047 protocol=tcp
add action=drop chain=forward comment=GateCrasher.Trojan-2 disabled=no \
dst-port=6969-6970 protocol=tcp
add action=drop chain=forward comment=SubSeven-1 disabled=no dst-port=2774 \
protocol=tcp
add action=drop chain=forward comment=SubSeven-2 disabled=no dst-port=27374 \
protocol=tcp
add action=drop chain=forward comment=SubSeven-3 disabled=no dst-port=1243 \
protocol=tcp
add action=drop chain=forward comment=SubSeven-4 disabled=no dst-port=1234 \
protocol=tcp
add action=drop chain=forward comment=SubSeven-5 disabled=no dst-port=\
6711-6713 protocol=tcp
add action=drop chain=forward comment=SubSeven-7 disabled=no dst-port=16959 \
protocol=tcp
add action=drop chain=forward comment=Moonpie.Trojan-1 disabled=no dst-port=\
25685-25686 protocol=tcp
add action=drop chain=forward comment=Moonpie.Trojan-2 disabled=no dst-port=\
25982 protocol=tcp
add action=drop chain=forward comment=NetSpy.Trojan-1 disabled=no dst-port=\
1024-1030 protocol=tcp
add action=drop chain=forward comment=NetSpy.Trojan-2 disabled=no dst-port=\
1033 protocol=tcp
add action=drop chain=forward comment=\
NetSpy.Trojan-3Back.Orifice.2000.Trojan-4 disabled=no dst-port=\
31337-31339 protocol=tcp
add action=drop chain=forward comment=Trojan disabled=no dst-port=8102 \
protocol=tcp
add action=drop chain=forward comment=Netspy3.0Trojan disabled=no dst-port=\
7306 protocol=tcp
add action=drop chain=forward comment=Trojan.BingHe disabled=no dst-port=7626 \
protocol=tcp
add action=drop chain=forward comment=WAY.Trojan disabled=no dst-port=8011 \
protocol=tcp
add action=drop chain=forward comment=Trojan.NianSeHoYian disabled=no \
dst-port=19191 protocol=tcp
add action=drop chain=forward comment=NetBull.Trojan disabled=no dst-port=\
23444-23445 protocol=tcp
add action=drop chain=forward comment=WinCrash.Trojan-1 disabled=no dst-port=\
2583 protocol=tcp
add action=drop chain=forward comment=WinCrash.Trojan-2 disabled=no dst-port=\
3024 protocol=tcp
add action=drop chain=forward comment=WinCrash.Trojan-3 disabled=no dst-port=\
4092 protocol=tcp
add action=drop chain=forward comment=WinCrash.Trojan-4 disabled=no dst-port=\
5714 protocol=tcp
add action=drop chain=forward comment=Doly1.0/1.35/1.5trojan-1 disabled=no \
dst-port=1010-1012 protocol=tcp
add action=drop chain=forward comment=Doly1.0/1.35/1.5trojan-2 disabled=no \
dst-port=1015 protocol=tcp
add action=drop chain=forward comment=TransScout.Trojan-2 disabled=no \
dst-port=9878 protocol=tcp
add action=drop chain=forward comment=Backdoor.YAI..Trojan-1 disabled=no \
dst-port=2773 protocol=tcp
add action=drop chain=forward comment=Backdoor.YAI.Trojan-2 disabled=no \
dst-port=7215 protocol=tcp
add action=drop chain=forward comment=Backdoor.YAI.Trojan-3 disabled=no \
dst-port=54283 protocol=tcp
add action=drop chain=forward comment=BackDoorTrojan-1 disabled=no dst-port=\
1003 protocol=tcp
add action=drop chain=forward comment=BackDoorTrojan-2 disabled=no dst-port=\
5598 protocol=tcp
add action=drop chain=forward comment=BackDoorTrojan-3 disabled=no dst-port=\
5698 protocol=tcp
add action=drop chain=forward comment=PrayerTrojan-1 disabled=no dst-port=\
2716 protocol=tcp
add action=drop chain=forward comment=PrayerTrojan-2 disabled=no dst-port=\
9999 protocol=tcp
add action=drop chain=forward comment=SchwindlerTrojan-1 disabled=no \
dst-port=21544 protocol=tcp
add action=drop chain=forward comment=SchwindlerTrojan-2 disabled=no \
dst-port=31554 protocol=tcp
add action=drop chain=forward comment=Shaft.DDoS.Trojan-1 disabled=no \
dst-port=18753 protocol=tcp
add action=drop chain=forward comment=Shaft.DDoS.Trojan-2 disabled=no \
dst-port=20432 protocol=tcp
add action=drop chain=forward comment=Devil.DDoS.Trojan disabled=no dst-port=\
65000 protocol=tcp
add action=drop chain=forward comment=LatinusTrojan-1 disabled=no dst-port=\
11831 protocol=tcp
add action=drop chain=forward comment=LatinusTrojan-2 disabled=no dst-port=\
29559 protocol=tcp
add action=drop chain=forward comment=Snid.X2Trojan-1 disabled=no dst-port=\
1784 protocol=tcp
add action=drop chain=forward comment=Snid.X2Trojan-2 disabled=no dst-port=\
3586 protocol=tcp
add action=drop chain=forward comment=Snid.X2Trojan-3 disabled=no dst-port=\
7609 protocol=tcp
add action=drop chain=forward comment=BionetTrojan-1 disabled=no dst-port=\
12348-12349 protocol=tcp
add action=drop chain=forward comment=BionetTrojan-2 disabled=no dst-port=\
12478 protocol=tcp
add action=drop chain=forward comment=BionetTrojan-3 disabled=no dst-port=\
57922 protocol=tcp
add action=drop chain=forward comment=Worm.Novarg.a.Mydoom.a.-1 disabled=no \
dst-port=3127-3198 protocol=tcp
add action=drop chain=forward comment=Worm.MsBlaster-1 disabled=no dst-port=\
4444 protocol=tcp
add action=drop chain=forward comment=Worm.BBeagle.a.Bagle.a. disabled=no \
dst-port=6777 protocol=tcp
add action=drop chain=forward comment=Worm.BBeagle.b disabled=no dst-port=\
8866 protocol=tcp
add action=drop chain=forward comment=Worm.BBeagle.c-g/j-l disabled=no \
dst-port=2745 protocol=tcp
add action=drop chain=forward comment=Worm.BBeagle.p/q/r/n disabled=no \
dst-port=2556 protocol=tcp
add action=drop chain=forward comment=Worm.BBEagle.m-2 disabled=no dst-port=\
20742 protocol=tcp
add action=drop chain=forward comment=Worm.BBeagle.s/t/u/v disabled=no \
dst-port=4751 protocol=tcp
add action=drop chain=forward comment=Worm.BBeagle.aa/ab/w/x-z-2 disabled=no \
dst-port=2535 protocol=tcp
add action=drop chain=forward comment=Worm.LovGate.r.RpcExploit disabled=no \
dst-port=5238 protocol=tcp
add action=drop chain=forward comment=Worm.Sasser.b/c/f disabled=no dst-port=\
5554 protocol=tcp
add action=drop chain=forward comment=Worm.Sasser.b/c/f disabled=no dst-port=\
9996 protocol=tcp
add action=drop chain=forward comment=Worm.Sasser.d disabled=no dst-port=9995 \
protocol=tcp
add action=drop chain=forward comment=Worm.Lovgate.a/b/c/d disabled=no \
dst-port=10168 protocol=tcp
add action=drop chain=forward comment=Worm.Lovgate.v.QQ disabled=no dst-port=\
20808 protocol=tcp
add action=drop chain=forward comment=Worm.Lovgate.f/g disabled=no dst-port=\
1092 protocol=tcp
add action=drop chain=forward comment=Worm.Lovgate.f/g disabled=no dst-port=\
20168 protocol=tcp
add action=drop chain=forward comment="" disabled=no dst-port=593 protocol=\
tcp
add action=drop chain=forward comment="" disabled=no dst-port=1214 protocol=\
tcp
add action=drop chain=forward comment=ndm.requester disabled=no dst-port=\
1363-1364 protocol=tcp
add action=drop chain=forward comment=screen.cast disabled=no dst-port=1368 \
protocol=tcp
add action=drop chain=forward comment=hromgrafx disabled=no dst-port=1373 \
protocol=tcp
add action=drop chain=forward comment=cichlid disabled=no dst-port=1377 \
protocol=tcp
add action=drop chain=forward comment=Backdoor.OptixPro disabled=no dst-port=\
3410 protocol=tcp
add action=drop chain=forward comment="" disabled=no dst-port=135-139 \
protocol=udp
add action=drop chain=forward comment=Back.Orifice.2000.Trojan-6 disabled=no \
dst-port=8787 protocol=udp
add action=drop chain=forward comment=Back.Orifice.2000.Trojan-7 disabled=no \
dst-port=8879 protocol=udp
add action=drop chain=forward comment=Back.Orifice.2000.Trojan-8 disabled=no \
dst-port=31666 protocol=udp
add action=drop chain=forward comment=Back.Orifice.2000.Trojan-9 disabled=no \
dst-port=31337-31338 protocol=udp
add action=drop chain=forward comment=Back.Orifice.2000.Trojan-10 disabled=no \
dst-port=54320-54321 protocol=udp
add action=drop chain=forward comment=Block.NetBus.Trojan-3 disabled=no \
dst-port=12345-12346 protocol=udp
add action=drop chain=forward comment=Block.NetBus.Trojan-4 disabled=no \
dst-port=20034 protocol=udp
add action=drop chain=forward comment=GirlFriend.Trojan-2 disabled=no \
dst-port=21554 protocol=udp
add action=drop chain=forward comment=DeepThroat.Trojan-8 disabled=no \
dst-port=41 protocol=udp
add action=drop chain=forward comment=DeepThroat.Trojan-9 disabled=no \
dst-port=3150 protocol=udp
add action=drop chain=forward comment=DeepThroat.Trojan-10 disabled=no \
dst-port=999 protocol=udp
add action=drop chain=forward comment=DeepThroat.Trojan-11 disabled=no \
dst-port=6670 protocol=udp
add action=drop chain=forward comment=DeepThroat.Trojan-12 disabled=no \
dst-port=6771 protocol=udp
add action=drop chain=forward comment=DeepThroat.Trojan-13 disabled=no \
dst-port=60000 protocol=udp
add action=drop chain=forward comment=Portal.of.Doom.Trojan-5 disabled=no \
dst-port=10067 protocol=udp
add action=drop chain=forward comment=Portal.of.Doom.Trojan-6 disabled=no \
dst-port=10167 protocol=udp
add action=drop chain=forward comment=Portal.of.Doom.Trojan-7 disabled=no \
dst-port=3700 protocol=udp
add action=drop chain=forward comment=Portal.of.Doom.Trojan-8 disabled=no \
dst-port=9872-9875 protocol=udp
add action=drop chain=forward comment=Delta.Source.Trojan-5 disabled=no \
dst-port=6883 protocol=udp
add action=drop chain=forward comment=Delta.Source.Trojan-6 disabled=no \
dst-port=26274 protocol=udp
add action=drop chain=forward comment=Delta.Source.Trojan-7 disabled=no \
dst-port=44444 protocol=udp
add action=drop chain=forward comment=Delta.Source.Trojan-8 disabled=no \
dst-port=47262 protocol=udp
add action=drop chain=forward comment=Eclypse.Trojan-1 disabled=no dst-port=\
3791 protocol=udp
add action=drop chain=forward comment=Eclypse.Trojan-2 disabled=no dst-port=\
3801 protocol=udp
add action=drop chain=forward comment=Eclypse.Trojan-3 disabled=no dst-port=\
5880-5882 protocol=udp
add action=drop chain=forward comment=Eclypse.Trojan-4 disabled=no dst-port=\
5888-5889 protocol=udp
add action=drop chain=forward comment=Trin00.DDoS.Trojan-1 disabled=no \
dst-port=34555 protocol=udp
add action=drop chain=forward comment=Trin00.DDoS.Trojan-2 disabled=no \
dst-port=35555 protocol=udp
add action=drop chain=forward comment=NetSpy.DK.Trojan-1 disabled=no \
dst-port=31338 protocol=udp
add action=drop chain=forward comment=Worm.MsBlaster-2 disabled=no dst-port=\
69 protocol=udp
add action=drop chain=forward comment=Worm.Sobig.f-2 disabled=no dst-port=\
995-999 protocol=udp
add action=drop chain=forward comment=Worm.Sobig.f-3 disabled=no dst-port=\
8998 protocol=udp
add action=drop chain=forward comment="LIMIT USER CONECTION TO 25" \
connection-limit=25,24 disabled=yes protocol=tcp src-address=10.0.0.0/24
add action=drop chain=output comment="" disabled=no src-address=127.0.0.1
add action=accept chain=input comment="" disabled=no dst-address=224.0.0.0/4 \
dst-port=1234 protocol=udp
add action=accept chain=input comment="" disabled=no protocol=igmp
add action=accept chain=forward comment="" disabled=no dst-address=\
224.0.0.0/4 dst-port=1234 protocol=udp
add action=drop chain=forward comment="" disabled=no src-address=127.0.0.1
add action=drop chain=input comment="" disabled=no src-address=127.0.0.1
add action=drop chain=virus comment=WinCrash disabled=no dst-port=3024 \
protocol=tcp
add action=drop chain=virus comment=Block.NetBus.Trojan-2 disabled=no \
dst-port=20034 protocol=tcp
add action=drop chain=forward comment="block bifrost" disabled=no dst-port=81 \
protocol=tcp
add action=drop chain=virus comment="" disabled=no dst-port=81 protocol=tcp
add action=drop chain=virus comment="block Poison Ivy" disabled=no dst-port=\
3460 protocol=tcp
add action=drop chain=forward comment="block poison ivy" disabled=no \
dst-port=3460 protocol=tcp
add action=drop chain=forward comment="poison ivy" disabled=no dst-port=8000 \
protocol=tcp
add action=drop chain=virus comment="Poison IVY" disabled=no dst-port=8000 \
protocol=tcp
/ip firewall nat
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes
add action=masquerade chain=srcnat comment="masquerade hotspot network" \
disabled=no src-address=10.0.0.0/24
add action=masquerade chain=srcnat comment="" disabled=no src-address=\
100.100.100.0/24
add action=masquerade chain=srcnat comment="" disabled=no src-address=\
192.168.100.0/24
/ip firewall service-port
set ftp disabled=yes ports=21
set tftp disabled=yes ports=69
set irc disabled=yes ports=6667
set h323 disabled=yes
set sip disabled=yes ports=5060,5061
set pptp disabled=yes
Last edited by vetusa2 on Tue Oct 04, 2011 7:43 am, edited 1 time in total.
 
User avatar
vetusa2
Member Candidate
Member Candidate
Topic Author
Posts: 119
Joined: Sat Jun 18, 2011 8:24 pm

Re: how to stream video using rstp protocol of vlc player?

Tue Oct 04, 2011 7:12 am

just to remind you guys

all i wanted is to be able to broadcast using ip 10.0.0.255 or to be able to multicast from ether2 to the entire network including wlan 1 and 2

i use dvbdream and vlc to stream from ip 10.0.0.1
 
User avatar
janisk
MikroTik Support
MikroTik Support
Posts: 6263
Joined: Tue Feb 14, 2006 9:46 am
Location: Riga, Latvia

Re: how to stream video using rstp protocol of vlc player?

Tue Oct 04, 2011 10:08 am

first of, remove alternative-subnets from igmp-proxy configuration

second, choose either IGMP-proxy or PIM, they both do the same task and cannot be present on the router.

please post clearly your /routing pim interface and /routing pim rp sections

if you have working configuration, check /routing pim joins section and MRIB
 
User avatar
vetusa2
Member Candidate
Member Candidate
Topic Author
Posts: 119
Joined: Sat Jun 18, 2011 8:24 pm

Re: how to stream video using rstp protocol of vlc player?

Tue Oct 04, 2011 1:34 pm

then i will go for the PIM option

but i have a question first

IGMP v1: RFC 1112

IGMP v2: RFC 2236

IGMP v3: RFC 3376

which is the best version to use with mikrotik servers to get the best QOS and best streaming speed?
 
User avatar
janisk
MikroTik Support
MikroTik Support
Posts: 6263
Joined: Tue Feb 14, 2006 9:46 am
Location: Riga, Latvia

Re: how to stream video using rstp protocol of vlc player?

Wed Oct 05, 2011 12:19 pm

streaming speed is not altered by what protocol you are using (only in complex network topologies you will benefit from using IGMPv3 over IGMPv2)

Who is online

Users browsing this forum: A9691 and 23 guests