Hi
I want to mark http video streams with firewall mangle rules. I can mark youtube videos with Layer 7 rule below.
/ip firewall layer7-protocol add name=streaming regexp=videoplayback|video
But this doesn’t work some web sites like below.
https://www.cnet.com/how-to/videos/
https://video.eurosport.co.uk/football/transfers/2018-2019/euro-papers-luka-modric-and-toni-kroos-plot-escape-as-crisis-at-real-madrid-deepens_vid1149872/video.shtml
How can I mark this video streams.
Hi
The sites you’ve referred to are over ssl: you won’t be able to see theirs content.
You mentioned that youtube “works”, but as it also over ssl i would be surprised if it did.
The way to mark video streams is to look for connection rates and bytes. You’ll flag a big file download too, but that is probably okay. Thus something like this:
/ip firewall mangle
add action=mark-connection chain=prerouting connection-bytes=500000-0 connection-mark=HTTP connection-rate=200k-100M new-connection-mark=HTTP_BIG passthrough=yes protocol=tcp
You can read more about this technique in my signature on QoS. Someday, I’ll make it easier to read.
one way to match a https site is to read the SNI afaik. you can use tls-host. there were few examples in the forum as well.