Hello,
Good day Team,
I want to filter the WhatsApp and TikTok traffic in Mikrotik and route it over a Specific WAN/VPN because WhatsApp and TikTok are blocked somewhere.
How can I capture this traffic? (In Firewall Mangle content or RAW content) Which one is most effective? Or please help me with the most efficient way.
Regards
Probably neither you need an expensive router add then pay for subscription services to handle DPI etc…
BS. -.-
you could try to “catch” all corresponding domains of e.g. whatcrap in an address-list and then do whatever you like in NAT or MANGLE…
(same for tiktok but i do not further want to even ping that website…)
e.g. code for my quick test to lock whatsapp access (which worked)
DNS
/ip dns static
add address-list=whatsapp_IPs disabled=no forward-to=1.0.0.2 match-subdomain=yes name=whatsapp.net ttl=1d type=FWD
add address-list=whatsapp_IPs disabled=no forward-to=1.0.0.2 match-subdomain=yes name=whatsapp.com ttl=1d type=FWD
FW
/ip firewall filter
add action=drop chain=forward comment=whatsapp disabled=yes dst-address-list=whatsapp_IPs
/ip dns static
add address-list=whatsapp_IPs disabled=no forward-to=1.0.0.2 match-subdomain=yes name=whatsapp.net ttl=1d type=FWD
add address-list=whatsapp_IPs disabled=no forward-to=1.0.0.2 match-subdomain=yes name=whatsapp.com ttl=1d type=FWD
Can you please explain what the purpose of forward-to
I’m using DNS: 8.8.8.8 and 1.1.1.1
Shall I need to change forward-to=1.0.0.2 to 8.8.8.8, etc.??
Thanks
Sorry sippan, what is BS is false hope and promises.
If you are unable to inspect encrypted traffic, then do pray tell what effing magic do you use…
how do you corelate encrypted traffic in this?
the question was routing-related, wasn’t it?
to have an upstream dns you can resolve to and every resolved match (ever answered query) then will be put in the defined address-list
with that address list you can create mangle rules to steer/route traffic