Help setting up a queue for inbound traffic from Youtube
omatase last edited by
OK I've spent like 3 hours trying to get this to work but no matter what I seem to do I can't get any firewall rules to match traffic from youtube.
I'm trying to get youtube inbound traffic coming through into a youtube queue so that I can limit the amount of download bandwidth youtube videos are taking up.
I've included the current version of my config right now as image attachments. I have tried a lot of different things but none so far have been successful.
Appreciate your help everyone!
![Queue Config.JPG](/public/imported_attachments/1/Queue Config.JPG)
![Queue Config.JPG_thumb](/public/imported_attachments/1/Queue Config.JPG_thumb)
![Rule Config.jpg](/public/imported_attachments/1/Rule Config.jpg)
![Rule Config.jpg_thumb](/public/imported_attachments/1/Rule Config.jpg_thumb)
![Alias Config.JPG](/public/imported_attachments/1/Alias Config.JPG)
![Alias Config.JPG_thumb](/public/imported_attachments/1/Alias Config.JPG_thumb)
OK. Here goes:
First, I think you're going down a rabbit hole trying to maintain a list of IP addresses for a particular web site but if you must. I hope you actually catch youtube video traffic and not just traffic with the web interface….
You need to catch the traffic at the point of state creation. This point is not IN on WAN with a source from youtube. That's the return traffic of an outgoing connection for which the queues have already been set.
Try creating a floating rule that looks like this:
Destination: alias youtube
I'm new to this but I think that'll do it for you.
My point about the rabbit hole is this: I just looked at the source for a random youtube video. The actual video file is not retrieved from youtube.com, but from googlevideo.com. And not just from host googlevideo.com, but from host "r19–-sn-nwj7kner.googlevideo.com"
denizv last edited by
Yotube is acquired by google. You need all google service ip's to block, allow or prioritize these services.
As far as i know, these services can use ip's from different ip ranges. Therefore it is very hard if not impossible to sort out one specific service.
These are all ip ranges i can find for google services
CardinS2U last edited by
thank you for the list .its a wonderful list of ips.
fsSnowboard last edited by
denizv last edited by
Like i said,I suspect there is no absolute ip cidr for a specific service but you can furher distinguish a service (like mail.google.com) by defining an alias for it too and creating a new rule before the "google" rule.
As for today gmail uses 18.104.22.168/16 if anyone interested in checking that in following weeks or months.