Aplikasi Signal tidak punya port khusus karena yang saya ketahui portnya tetap menggunakan secure TCP 443 dan port random untuk UDP, jadi kita cukup marking ke domain host *.signal.org dan *.whispersystems.org Untuk marking packet aplikasi Signal bisa menggunakan tls-host atau content atau addlist atau layer7
Saya share aja marking paket dengan tls-host lengkap dengan mangle dan queue
/ip firewall address-list add address=192.168.0.0/16 list=IP-LAN
[code] /ip firewall address-list add address=172.16.0.0/12 list=IP-LAN /ip firewall address-list add address=10.0.0.0/8 list=IP-LAN /ip firewall filter add action=add-dst-to-address-list address-list=Signal address-list-timeout=1d chain=forward dst-address-list=!IP-LAN protocol=tcp tls-host=*.signal.org /ip firewall filter add action=add-dst-to-address-list address-list=Signal address-list-timeout=1d chain=forward dst-address-list=!IP-LAN protocol=tcp tls-host=*.whispersystems.org /ip firewall mangle add action=mark-connection chain=prerouting dst-address-list=Signal new-connection-mark=conn-Signal passthrough=yes src-address-list=IP-LAN /ip firewall mangle add action=mark-packet chain=prerouting connection-mark=conn-Signal new-packet-mark=Signal-pkt passthrough=no src-address-list=IP-LAN /ip firewall mangle add action=mark-packet chain=postrouting connection-mark=conn-Signal dst-address-list=IP-LAN new-packet-mark=Signal-pkt passthrough=no /queue simple add name="Signal" packet-marks=Signal-pkt queue=default/default target=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12 total-queue=default
BERI KOMENTAR
Maaf untuk sementara waktu komentar di blog ini di nonaftifkan.