I know this sound fairly basic question but I would like to know your best approach to match youtube streaming packets and then assign DSCP tags through iptable.
Also how can I use ipset in dnsmasq.cofg if I have IP address available?
# Youtube is also isolated by my isp
ipset=/googlevideo.com/*.googlevideo.com/streaming
This doesn't match youtube streaming packets.
If you have already the ipset:
config rule
option src 'lan'
option name 'dscp test'
list proto 'tcp'
option dest 'wan'
option ipset 'youtube4 dest'
option target 'DSCP'
option set_dscp 'EF'
option family 'ipv4'
Then the same for ipv6, if you have it.
Beware also of QUIC (udp) if you limit the rule to tcp.
That's a valid point.
I will get on PC & let you know. Thank you. Also I don't have ipset for youtube. Any idea how to acquire it for the sites (ex. YouTube) I tried nslookup for reverse dns but doesn't seem enough
You'd have to create it yourself. There are some examples on how to create and use ipsets.
It didn't work. Not showing any firewall error but DSCP showing up CS0.
Ipset name is: 'streaming', and traffic is udp not tcp
shouldn't be option src 'lan' => option dest 'wan'
& option dest 'wan' => option dest 'lan' ?
is this correct?
config rule
option src 'wan'
option name 'dscp test'
list proto 'udp'
option dest 'lan'
option ipset 'streaming'
option target 'DSCP'
option set_dscp 'AF41'
option family 'ipv4'
doubt that's the case... if you test it with firewall reload... you would likely see something along the lines of...
#Warning: Section @rule[16] (dscptest) refers to unknown ipset 'streaming'
if you refer to the wiki documentation;
https://openwrt.org/docs/guide-user/firewall/fw3_configurations/fw3_config_ipset
it indicates that you'll likely need a corresponding 'ipset' section to make fw3 'aware' of the ipset for some reason...
i.e.;
config ipset
option name 'streaming'
option match 'src_net'
option storage 'hash'
option enabled '1'
watch your directionality here... I get the feeling it's not quite what you'll really want...