Hi,
I'm trying to mark SIP packets, but I keep getting caught in the marking of third-party connections. I think that Mikrotik marks by port in "reply dst.address". What am I doing wrong?
mangle "reply dst.address"
You do not have the required permissions to view the files attached to this post.
Re: mangle "reply dst.address"
The port 10000-20000 are not on exclusive use for VoIP.
Mark your VoIP provider IPs, not generic ports.
Mark your VoIP provider IPs, not generic ports.
Re: mangle "reply dst.address"
Thanks for the answer.
I know about this. Several years ago, I already set up the “Mangle Rules” and monitored the traffic; nothing unnecessary was included in the rules. I think it was ROS 6+. But now I couldn’t understand why I see packets that shouldn’t be there, for example packets where a host with a port in the 10000-2000 range accesses the DNS (53 UDP).
For example: In Torch I see Src.Port UDP:22345, Dst.Port:UDP:53. This falls into the rule shown above. Because "Reply Dst.Port" belongs to the range 10000-2000.
I observe this behavior not only with VoIP providers, but also with connections via VPN. (IPIP+IPSec).
There is only one solution, indicate addresses?
I know about this. Several years ago, I already set up the “Mangle Rules” and monitored the traffic; nothing unnecessary was included in the rules. I think it was ROS 6+. But now I couldn’t understand why I see packets that shouldn’t be there, for example packets where a host with a port in the 10000-2000 range accesses the DNS (53 UDP).
For example: In Torch I see Src.Port UDP:22345, Dst.Port:UDP:53. This falls into the rule shown above. Because "Reply Dst.Port" belongs to the range 10000-2000.
I observe this behavior not only with VoIP providers, but also with connections via VPN. (IPIP+IPSec).
There is only one solution, indicate addresses?
Who is online
Users browsing this forum: Bing [Bot] and 29 guests