hi
y have a MT as a traffic shapper and i have traffic priorization.

i try to use layer7 to mark msn-filetransfer packets but it doesn't work... y transfer files and counter mangle rule counter doen't change

i search the net to find what ports are used and i find different port ranges everywhere...

does someone succeed in doing this???

thanks and sorry for poor english

Try to run wireshark before sending a file in order to capture all the packets when the transfer will begin. Then find something common in all transfers that identify them and make rules using that.

For example, using wireshark I have found how to block the msn advertisements. There are transfered via an XML file. So I blocked this file. I have created that for 2.9.32 version.

6891 - 6900 (used for filetransfer), If you detect that are used other ports, it is that assurance that using alternative messengers as Gaim, Pidgin, amsn, etc. Microsoft respects these ports for the transference. .

saludos rastafari

6891 - 6900 (used for filetransfer), If you detect that are used other ports, it is that assurance that using alternative messengers as Gaim, Pidgin, amsn, etc. Microsoft respects these ports for the transference. .

saludos rastafari

take a look at this page http://support.microsoft.com/kb/927847
it says:

File Transfer TCP 443, 1863 TCP/UDP 1025 - 65535

jajaja 1025-65535 they are joking, aren't they???

i have transfer files via WLM to another WLM and I saw ports like TCP 4844

i think the best way is to use layer7 but the string suggested in the layer7 proyect site doesn't work for me

thanks

pd:gracias por el saludo rastafari

1863 TCP, is primarily used for chat messages
443 TCP, is used for the transfer of the XML file that carries the contact file(backup), extra tabs, advertisement url's
UDP Ports, should be used for video and talk

I do not think that they use UDP for file transfer, it is ridiculous!

........

I do not think that they use UDP for file transfer, it is ridiculous!

i agree w/u

I searched in some old work for MSN, and I had found that also uses 7001 port. I do not know why it does.

Also 131.107.111.0/24 and 131.107.112.0/21 are being used to send Application Usage Feedback, so block them.

did you try this with L7?
http://l7-filter.sourceforge.net/layer7 ... ansfer.pat

did you try this with L7?
http://l7-filter.sourceforge.net/layer7 ... ansfer.pat

hi normis.
i'm currently using that and 0 bytes counted in a couple of days... strange

^(ver [ -~]*msnftp\x0d\x0aver msnftp\x0d\x0ausr|method msnmsgr:)

do i have to put that whole string in the Regexp field??? or without the initial "^(" and the ending ")" ???

RouterOS Version? Maybe problem is in hex values representation with \x0d\x0a etc.

RouterOS Version? Maybe problem is in hex values representation with \x0d\x0a etc.

i'm using RouterOS 3.20

thanks