Re: Matching streaming services

Linux Netfilter discussions
 help / color / mirror / Atom feed

From: pauloric@contatogs.com.br
To: netfilter <netfilter@vger.kernel.org>
Subject: Re: Matching streaming services
Date: Wed, 6 Jan 2021 17:24:25 -0200 (BRST)	[thread overview]
Message-ID: <170611234.121.1609961065787.JavaMail.zimbra@contatogs.com.br> (raw)
In-Reply-To: <7ea6241b-57f6-2204-a6a0-c245f1fe7521@thelounge.net>



----- Mensagem original -----
De: "Reindl Harald" <h.reindl@thelounge.net>
Para: david@hajes.org, "netfilter" <netfilter@vger.kernel.org>
Enviadas: Quarta-feira, 6 de janeiro de 2021 16:15:18
Assunto: Re: Matching streaming services

Am 06.01.21 um 19:44 schrieb david@hajes.org:
> On Mikrotik routers there is possibility of burst rate setting that 
> determines whether it is simple web surfing or continuos data stream.

and how do you imagine distinct between a large download which can 
finished one hour later and nobody cares or streaming?

and whenever you manage it - it's something that need to be fixed and 
changed ASAP sou will have a moving target

> I think it is possible also in iptables and may be also in 
> nftables...unsure, whether you need some additional modules or not.
> 
> 
> On 06/01/2021 19:05, Nikolai Lusan wrote:
>> Hi,
>>
>> I have been looking for a way to differentiate traffic from streaming
>> services (Netflix, Amazon Prime, <insert_locally_available_service>)
>> from other https traffic, with not much luck. The goal is to add rules
>> to nftables and tc to ensure quality while allowing the rest of the
>> link to function normally.
>>
>> I tried using tcpdump to see if there was something in the packets that
>> I could use, but they look like any other bit of https traffic.
>>
>> Does anyone have a method for determining which http/https traffic is
>> streaming video, and which is not?


Humm well as https is a application you could use squid + bump + delay pools (MITM), but it is out of nftables...

next prev parent reply	other threads:[~2021-01-06 19:24 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-01-06 18:05 Matching streaming services Nikolai Lusan
2021-01-06 18:18 ` Reindl Harald
2021-01-06 19:37   ` Nikolai Lusan
2021-01-07  0:37     ` Reindl Harald
2021-01-06 18:44 ` david
2021-01-06 19:15   ` Reindl Harald
2021-01-06 19:24     ` pauloric [this message]
2021-01-06 19:29     ` david
2021-01-06 20:05 ` Eliezer Croitoru

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=170611234.121.1609961065787.JavaMail.zimbra@contatogs.com.br \
    --to=pauloric@contatogs.com.br \
    --cc=netfilter@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox