Community discussions

MUM Europe 2020
 
bigguns
Member Candidate
Member Candidate
Topic Author
Posts: 238
Joined: Thu Apr 01, 2010 9:03 am

Blocking WoW (world of war craft) Not working - plus others.

Mon Jun 14, 2010 1:11 pm

Hi there,
I've been asked by one of customers - to completely block world of war craft the game. I've tried various rules to do this, but the game seem to be still getting access. I have a feeling this is the do with the another related issue, whereby I wasn't able to completely block a computer's access. - Post: http://forum.mikrotik.com/viewtopic.php?f=13&t=42463

Is there a L7 (or something) rule I can use to block world of war craft on a specific IP address or across the whole network?

Thank you.
 
SurferTim
Forum Guru
Forum Guru
Posts: 4637
Joined: Mon Jan 07, 2008 10:31 pm
Location: Miramar Beach, Florida

Re: Blocking WoW (world of war craft) Not working - plus oth

Mon Jun 14, 2010 2:30 pm

Have you tried blocking the main communication port for WoW? TCP port 3724

/ip ffirewall filter
add chain=forward action=drop protocol=tcp dst-port=3724 src-address=xx.xx.xx.xx

xx.xx.xx.xx is the ip of the computer on which you wish to stop WoW.
 
User avatar
macgaiver
Forum Guru
Forum Guru
Posts: 1723
Joined: Wed May 18, 2005 5:57 pm
Location: Sol III, Sol system, Sector 001, Alpha Quadrant

Re: Blocking WoW (world of war craft) Not working - plus oth

Mon Jun 14, 2010 2:39 pm

Blizzard Entertainment own specific address ranges - so find them out and block all communication to them. I know that cause i'm prioritizing it over all other traffic - making sure that all packets get though my QoS no matter what.

Why do you need to block such a nice game? If children play too much - just stop paying for it :)
With great knowledge comes great responsibility, because of ability to recognize id... incompetent people much faster.
 
SurferTim
Forum Guru
Forum Guru
Posts: 4637
Joined: Mon Jan 07, 2008 10:31 pm
Location: Miramar Beach, Florida

Re: Blocking WoW (world of war craft) Not working - plus oth

Mon Jun 14, 2010 2:43 pm

Not all "children" are children. Some are employees that should be doing their work instead of playing a video game! :(
 
User avatar
macgaiver
Forum Guru
Forum Guru
Posts: 1723
Joined: Wed May 18, 2005 5:57 pm
Location: Sol III, Sol system, Sector 001, Alpha Quadrant

Re: Blocking WoW (world of war craft) Not working - plus oth

Mon Jun 14, 2010 2:47 pm

Sorry, but then it is more management problem, not network filter problem. As soon as you will restrict this game - they will move to other.

You need to fight it at the root of the problem.
With great knowledge comes great responsibility, because of ability to recognize id... incompetent people much faster.
 
bigguns
Member Candidate
Member Candidate
Topic Author
Posts: 238
Joined: Thu Apr 01, 2010 9:03 am

Re: Blocking WoW (world of war craft) Not working - plus oth

Mon Jun 14, 2010 3:55 pm

Hi Thanks for your inputs guys; I don't really need to ask why this customer wants to ban the game as it not my place to ask.
I've got the rules on the unit but the pass through is still occuring for some reason; I really can't figure out why my firewall isn't blocking these rules I've made.

I think its time to send a support file to Mk.

When I get back I'll post my rules up and see if anyone can see anything I'm missing.
 
SurferTim
Forum Guru
Forum Guru
Posts: 4637
Joined: Mon Jan 07, 2008 10:31 pm
Location: Miramar Beach, Florida

Re: Blocking WoW (world of war craft) Not working - plus oth

Mon Jun 14, 2010 5:04 pm

Do a Google search for "world of warcraft port". Posts on the WoW user forum verifies without TCP port 3724 open, the game will not work. TCP 3724 for the game data, UDP 3724 for the voice. Did you try the rule above for blocking port 3724? In case it was not obvious, use the src-address for your local computer/network, and dst-port=3724. The src-port will probably not be 3724.

As a test, you might want to try this:
/ip firewall filter
add chain=forward action=add-src-to-address-list dst-port=3724 protocol=tcp address-list=WoW

Move this rule to the top. Then use WoW. See if anything ends up in the WoW list here
/ip firewall address-list

ADD: Do you have any entries in "/ip firewall mangle"?
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8320
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: Blocking WoW (world of war craft) Not working - plus oth

Mon Jun 14, 2010 8:05 pm

Russian-speaking forum: https://forum.mikrotik.by/. Welcome!

For every complex problem, there is a solution that is simple, neat, and wrong.

MikroTik. Your life. Your routing.
 
bigguns
Member Candidate
Member Candidate
Topic Author
Posts: 238
Joined: Thu Apr 01, 2010 9:03 am

Re: Blocking WoW (world of war craft) Not working - plus oth

Mon Jun 14, 2010 9:02 pm

Thank you for your help guys - I'm running the test to see if the simple firewall rule is picking up the ports. Failing that Chupaka useful resource of l7 extract will be put in place!

Karma to all.
 
bigguns
Member Candidate
Member Candidate
Topic Author
Posts: 238
Joined: Thu Apr 01, 2010 9:03 am

Re: Blocking WoW (world of war craft) Not working - plus oth

Mon Jun 14, 2010 11:21 pm

Do a Google search for "world of warcraft port". Posts on the WoW user forum verifies without TCP port 3724 open, the game will not work. TCP 3724 for the game data, UDP 3724 for the voice. Did you try the rule above for blocking port 3724? In case it was not obvious, use the src-address for your local computer/network, and dst-port=3724. The src-port will probably not be 3724.

As a test, you might want to try this:
/ip firewall filter
add chain=forward action=add-src-to-address-list dst-port=3724 protocol=tcp address-list=WoW

Move this rule to the top. Then use WoW. See if anything ends up in the WoW list here
/ip firewall address-list

ADD: Do you have any entries in "/ip firewall mangle"?
Ok so good news the firewall is detecting this string and marking correctly. Based on this what rule would you use to drop it - because the one I've made isn't dropping the connection.

And yes I'm using a mangle rule on the LANs
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8320
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: Blocking WoW (world of war craft) Not working - plus oth

Tue Jun 15, 2010 12:00 am

it's adding it to address list (action=add-src-to-address-list)
change it to 'action=reject reject-with=tcp-reset' or something
Russian-speaking forum: https://forum.mikrotik.by/. Welcome!

For every complex problem, there is a solution that is simple, neat, and wrong.

MikroTik. Your life. Your routing.
 
bigguns
Member Candidate
Member Candidate
Topic Author
Posts: 238
Joined: Thu Apr 01, 2010 9:03 am

Re: Blocking WoW (world of war craft) Not working - plus oth

Tue Jun 15, 2010 12:05 am

Hmm, ok I was using the reject rule - I guess that is where I was going wrong.

Thanks for your help (again!)
 
Muqatil
Trainer
Trainer
Posts: 574
Joined: Mon Mar 03, 2008 1:03 pm
Location: London - UK
Contact:

Re: Blocking WoW (world of war craft) Not working - plus oth

Tue Jun 15, 2010 12:45 am

If you are trying to block Official WoW you can block by address list from this list http://www.wowwiki.com/EU_English_realms_info - http://www.wowwiki.com/US_realm_list_by_datacenter )
Renato Bernardi

skype: medtech5

Who is online

Users browsing this forum: No registered users and 123 guests