QOS Rules by Domain Wildcard

Discussion in 'Tomato Firmware' started by xhaloz, Nov 3, 2018.

  1. xhaloz

    xhaloz Network Newbie Member

    So I know we can set QOS by a subnet wildcard such as DST IP = 192.168.0.0/16. However I want to QOS some backups to googles server which is fra15s16-in-f10.1e100.net (172.217.22.42). I have 4 connections to this site and the IP addresses ALWAYS change. The only consistent thing is 1e100.net. Now on the GUI you cannot use a wildcard such as *.1e100.net but I went into the CLI and stored a value with

    qos_orules=0<<myworkingrules<<<*.1e100.net<-1<a<<0<<<<2<test>0 which did not work.

    And yes I did a NVRAM commit. I actually see the rule set in the GUI but it doesn't apply.

    Has anyone successfully got this working?
     
  2. cloneman

    cloneman Addicted to LI Member

    I had looked into creating a script that uses ipset to store a list of ip address for this purpose, but I was not successful due to overwhelming ignorance on the subject.
     
  3. Techie007

    Techie007 Serious Server Member

    Your best bet might be to use a custom L7 filter. The domain name is transmitted in cleartext near the beginning of all HTTP and HTTPS traffic. For example, put the following code in your router's Administration -> Scripts -> Init section:

    Code:
    echo "windowsupdate" > /etc/l7-extra/windowsupdate.pat
    echo "(Microsoft-Delivery-Optimization/|.mp.microsoft.com)" >> /etc/l7-extra/windowsupdate.pat
    This will create an L7 filter that detects Windows Update traffic, which primarily happens on domains ending with ".mp.microsoft.com" or contains the "Microsoft-Delivery-Optimization" agent string.

    Code:
    echo "youtube-2015" > /etc/l7-extra/youtube-2015.pat
    echo "(stream.com|video.com)" >> /etc/l7-extra/youtube-2015.pat
    This will create an L7 filter that detects video streams from several video sharing sites, including YouTube (video content downloads from "******.googlevideo.com") and LiveStream (video streams from ******.livestream.com").

    The pipe symbol is interpreted as an OR, and the strings are interpreted as if with wildcards on either side (e.g. "stream.com|video.com" matches *stream.com* or *video.com*). You can eliminate the pipe if you only have one criteria to match. You can use the above examples to create your own filters. You can also use a tool like SmartSniff on the originating PC to try to identify unique strings that can be used to detect the traffic you're trying to isolate.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice