this application can share 1 user hotspot for many device. how to block this application?
how to block this application
I know this is an old thread.. but I wonder that there are no further discussion about this yet..
I just got the same problem with this App..
thought I can simply reduce or change the TTL to ‘1’ so the packet couldn’t be passed through another router.. but magically it diddn’t work that way.. the connectify users are still running anyway..
anyone else tried?
First, this thread is in the wrong forum 
There’s no way to identify traffic from a connectify device. It’s like someone plugs in his own router - nobody would notice.
But you could create L7 matchers on DNS requests and look for these names:
updates.connectify.me
activate.connectify.me
d.connectify.me
d1.connectify.me
d2.connectify.me
d3.connectify.me
b.connectify.me
bc.connectify.me
news.connectify.me
data.connectify.me
Add the src-address to an address list and block forward traffic from these addresses.
Or redirect them to web proxy, deny all, and show a page that running connectify is violating your T&C.
-Chris
I don’t think that connectify uses another host in internet to be it’s gateway.. it works like the gateway it self since it uses the laptop’s wifi and turned it into an access point to share the internet connection..
so, blocking the addresses u wrote wouldn’t block the internet usage from users connected to laptop’s wifi..
cmiiw
Read my post again.
I haven’t said that it uses these addresses as gateways.
It contacts these addresses while starting up, either to check for updates, check a license or whatever.
And that’s how you can identify its usage.
And I didn’t say to block traffic TO the mentioned hosts but FROM local hosts looking up those, to anywhere.
That simple.
So, where’s the blocking part??
we definitely need to disallow this app from redistributing the internet to its clients..
Well, I assumed describing the technique would suffice…
It obviously doesn’t.
here’s how I would do it:
/ip firewall layer7-protocol
add name="connectify" regexp="(d|d1|d2|d3|b|bc|news|activate|updates|data).connectify.me"
/ip firewall filter
add action=add-src-to-address-list address-list=connectify-users address-list-timeout=8h chain=input dst-port=53 layer7-protocol=connectify protocol=udp src-address=<yourLANrange>
add action=add-src-to-address-list address-list=connectify-users address-list-timeout=8h chain=forward dst-port=53 layer7-protocol=connectify protocol=udp src-address=<yourLANrange>
add action=drop src-address-list=connectify-users chain=forward
The second rule in forward chain ensures you catch traffic also from clients not using your router as DNS server.
Instead of silently dropping traffic from those addresses you could redirect them to your local web proxy and return an error page as described in my other post.
Additionally, I would set the timeout of the address list entries to your dhcp server’s lease time so the system will clean up itself.
Good luck,
-Chris
well, now I see why u suggested to block forward packets from connectify’s src-addresses which is also will block the hotspot user who has this app installed and running…
appreciate your codes above and I believe it’ll work without even testing it… but, as for me it shouldn’t be an option to block my valid hotspot users.. only the users behind this app.. that’s why I tried to limit the TTL only to reach the end user connected directly…
thx anyway, Chris..
I totally understand what you say.
But the ‘valid user’ is already violating your t&c by using connectify and giving access to others…
Thank all of yours for wonderful comments,
Any one have idea how to block program “Baidu WiFi Hotspot”?