Как завернуть весь трафик Youtube в VPN

[iAHTOH]

Спасибо за списки Ютьюба. Вроде все работает.
Я еще вот таким образом воткнул туда трекеры нужные мне затолкал таким образом:

Код: Выделить всё

/ip firewall address-list
add address=rutracker.org list=to-wg comment=trackers
add address=anilibria.tv list=to-wg comment=trackers
add address=bitru.org list=to-wg comment=trackers
add address=kinozal.tv list=to-wg comment=trackers
add address=nntt.org list=to-wg comment=trackers
add address=pornolab.net list=to-wg comment=trackers
add address=rutor.info list=to-wg comment=trackers
add address=rutracker.ru list=to-wg comment=trackers
add address=seedoff.zannn.top list=to-wg comment=trackers
add address=nnmclub.to list=to-wg comment=trackers
add address=booktracker.org list=to-wg comment=trackers
add address=selezen.club list=to-wg comment=trackers
add address=bt.t-ru.org list=to-wg comment=trackers
add address=nnm-club.info list=to-wg comment=trackers

Это наверное неправильно? Резолвятся они с гугловых ДНС которые есть в списке Ютьюб. А вот почему так неправильно делать?

ЗЫ: И да все это гоняю через VPS от 62yun.ru .Там есть IP США за 159 руб и Нидерланды за 200. У последних пинг получше, хотя по скорости вроде одинаковые. Труба вроде работает на 4К, но иногда затыкается (по вечерам). Хотя говорят что вроде как 250 мегабит гарантированно. Ну... хрен с ними.
США можно взять потестить на 3 дня. С Нидерландами так не получится. Там после покупки сутки IP ждать нужно.
Сервис предлагает всего 3 вида ОС. Это можно обойти. К примеру я поставил OpenWRT у них есть имайдж EFI, а вот у RouterOS такого не нашел и потому подменить установленные ОС просто не получилось. Затыкается на моменте загрузке и все. Хотя оч хотелось туда RouterOS воткнуть. Он как то привычние. Если кому надо могу инструкцию скинуть как заменить на OpenWRT. Тупо копировать-вставить. За 3 минуты поднять можно.

[nikerossxp]

Спасибо тем, кто составил списки!

В моём случае заработало частично - у мобилки на вифи сразу взлетело, а на кабеле был connection reset.
Судя по тестам, вылечилось включением Firewall в настройках Bridge.

Получилось заворачивать трафик чисто указанных хостов.

Пока продолжаю наблюдение.



Кстати, на резервный вариант, вполне можно и без Mangle заворачивать, просто прописать хотсы в таблице маршрутизации и указать шлюзом свой впн.

[pipitos]

Если кому-то несложно ткнуть носом в подробную инструкцию как обойти ограничения твиттера, ютуба, инсты и фейсбука - был бы очень признателен. Очень давно не расчехлял микротик свой, думаю, пора, а куда начинать копать пока не понимаю.

Привет. Все заключается в том что бы промаркировтаь сети гугла или рессурса который недоступен, создать таблицу маршрутизации и при маркировки пакета присвоить имя этой таблицы. Ну и иметь уже готовый туннель до какой то vds.

Этап 0. Настроить туннель пока что самый быстрый на микроте это wireguard. Возможно его будут блочить но у армов есть возможность запилить докер ну и .... vless + reality ну и что угодно в докере.
Этап 1. Создать таблицу

Код: Выделить всё

 /routing table
add disabled=no fib name=xoxo

Этап 2. Создание листа со списком сетей к которым нужно отправлять трафик. Адреса сетей я писал ранее.

Код: Выделить всё

/ip/firewall/address-list

Этап 3. Маркировка трафика. Тут на этапе когда трафик попадает в цепочку прероутинга мы маркируем трафик который идет к нужному нам списку сетей. В эксшенах мы маркируем этот трафик и по сути он перемещается в таблицу которую мы создали. Тут у меня указан источник к примеру.

Код: Выделить всё

/ip firewall mangle
add action=mark-routing chain=prerouting dst-address-list=YouTube new-routing-mark=xoxo passthrough=yes src-address=192.168.1.5

Этап 4. Создание в созданной таблице маршрутизации дефолтного маршрута в интерфейс шлюза wireguard.

Код: Выделить всё

 add disabled=no dst-address=0.0.0.0/0 gateway=wireguard1 routing-table=xoxo suppress-hw-offload=no

Этап 4. Если у вас трафик не маршрутизируется в вашу лок сеть а он у вас скорей всего не маршрутизируется то нужно НАТ правило создать иначе до вас не дойдет нечего.

Код: Выделить всё

add action=masquerade chain=srcnat out-interface=wireguard1

Этап 5. Профит. Трафик ходит до нужного вам адреса через шлюз vds.

Вся проблема тут это определиться и вычленить подсети нужных вам назначений
update те у кого не работает что то при смене настроек то не забывайте в конекшен трекере сбрасывать соединения.

[nisnfox]

Добрый день, помогите разобраться.
Сделал два варианта wg впн, полный и выборочный по листу.
Если врубаю полный, то все устройства, включая мобильные, сидящие на вайфае, очень шустро проигрывают видео на ютубе.
Если же включаю выборочный, то все подключенное проводом продолжает крутить ютуб прекрасно, а вот устройства сидящие на вайфае (прежде всего смартфоны и планшет, на ноуте полегче) начинают тупить в районе 30 секунд, прежде чем начать проигрывать видео. На ноуте задержка секунд пять и дальше проигрывание идет без проблем. На смартах и планшете видео подтупливают, раз секунд в 20-30 начинается подкачка видео.

 

MMM MMM III KKK KKK RRRRRR OOO OOO TTT III KKK KKK
MMM MMM III KKK KKK RRR RRR OOOOOO TTT III KKK KKK

MikroTik RouterOS 7.15.3 (c) 1999-2024 https://www.mikrotik.com/

Press F1 for help

[nightsnowfox@FoxDude] > /export hide-sensitive
# 2024-08-13 09:45:12 by RouterOS 7.15.3
# software id = PU54-CBK1
#
# model = RB1100Dx4
# serial number = 793207B71960
/caps-man channel
add band=2ghz-g/n control-channel-width=20mhz extension-channel=XX frequency=2412,2437,2462 name=2GHz reselect-interval=1h \
tx-power=14
add band=5ghz-n/ac control-channel-width=20mhz extension-channel=XXXX name=5GHz reselect-interval=1h skip-dfs-channels=yes \
tx-power=20
/interface bridge
add fast-forward=no name=br1-lan port-cost-mode=short
add name=docker
/interface ethernet
set [ find default-name=ether1 ] comment=Internet name=eth1-wan
set [ find default-name=ether2 ] name=eth2-lan
set [ find default-name=ether3 ] comment="TV Room" name=eth3-lan
set [ find default-name=ether4 ] name=eth4-lan
set [ find default-name=ether5 ] comment=Playstation name=eth5-lan
set [ find default-name=ether6 ] comment=Soundbar name=eth6-lan
set [ find default-name=ether7 ] name=eth7-lan
set [ find default-name=ether8 ] name=eth8-lan
set [ find default-name=ether9 ] name=eth9-lan
set [ find default-name=ether10 ] name=eth10-lan
set [ find default-name=ether11 ] name=eth11-lan
set [ find default-name=ether12 ] comment=Synology name=eth12-lan
set [ find default-name=ether13 ] comment="PoE Switch" name=eth13-lan
/interface pppoe-client
add add-default-route=yes default-route-distance=0 disabled=no interface=eth1-wan name=ppoe-wan use-peer-dns=yes user=osnegov
/interface veth
add address=10.0.0.2/24 gateway=10.0.0.1 gateway6="" name=veth1-adguard
/interface wireguard
add listen-port=53269 mtu=1420 name=wireguard1
/caps-man datapath
add bridge=br1-lan client-to-client-forwarding=yes local-forwarding=yes name=home
/caps-man security
add authentication-types=wpa2-psk encryption=aes-ccm group-encryption=aes-ccm group-key-update=40m name=home
/caps-man configuration
add channel=2GHz country=russia4 datapath=home distance=indoors guard-interval=long hw-protection-mode=rts-cts installation=\
indoor keepalive-frames=enabled max-sta-count=30 mode=ap multicast-helper=full name=home2GHz rx-chains=0,1,2,3 security=\
home ssid=FoxWAPaC tx-chains=0,1,2,3
add channel=5GHz country=russia3 datapath=home distance=indoors guard-interval=long hw-protection-mode=rts-cts installation=\
indoor keepalive-frames=enabled max-sta-count=20 mode=ap multicast-helper=full name=home5GHz rx-chains=0,1,2,3 security=\
home ssid=FoxWAPaC tx-chains=0,1,2,3
/caps-man interface
add configuration=home2GHz disabled=no l2mtu=1600 mac-address=64:D1:54:56:20:4F master-interface=none name=\
"2GHz-FoxWAPaC Black-1" radio-mac=64:D1:54:56:20:4F radio-name=64D15456204F
add configuration=home2GHz disabled=no l2mtu=1600 mac-address=64:D1:54:91:F9:8C master-interface=none name=\
"2GHz-FoxWAPaC White-1" radio-mac=64:D1:54:91:F9:8C radio-name=64D15491F98C
add configuration=home5GHz disabled=no l2mtu=1600 mac-address=64:D1:54:56:20:4E master-interface=none name=\
"5GHz-FoxWAPaC Black-1" radio-mac=64:D1:54:56:20:4E radio-name=64D15456204E
add configuration=home5GHz disabled=no l2mtu=1600 mac-address=64:D1:54:91:F9:8B master-interface=none name=\
"5GHz-FoxWAPaC White-1" radio-mac=64:D1:54:91:F9:8B radio-name=64D15491F98B
/container mounts
add dst=/opt/adguardhome/conf name=adguard-conf src=/sata1-part1/docker/adguard/conf
add dst=/opt/adguardhome/work name=adguard-work src=/sata1-part1/docker/adguard/work
add dst=/etc/pihole name=etc_pihole src=/sata1-part1/docker/etc
add dst=/etc/dnsmasq.d name=dnsmasq_pihole src=/sata1-part1/docker/etc-dnsmasq.d
/disk
set sata1 media-interface=none media-sharing=no
add media-interface=none media-sharing=no parent=sata1 partition-number=1 partition-offset=512 partition-size="64 023 256 576" \
type=partition
/interface list
add exclude=dynamic name=discover
add name=mactel
add name=mac-winbox
/interface lte apn
set [ find default=yes ] ip-type=ipv4 use-network-apn=no
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/iot lora servers
add address=eu.mikrotik.thethings.industries name=TTN-EU protocol=UDP
add address=us.mikrotik.thethings.industries name=TTN-US protocol=UDP
add address=eu1.cloud.thethings.industries name="TTS Cloud (eu1)" protocol=UDP
add address=nam1.cloud.thethings.industries name="TTS Cloud (nam1)" protocol=UDP
add address=au1.cloud.thethings.industries name="TTS Cloud (au1)" protocol=UDP
add address=eu1.cloud.thethings.network name="TTN V3 (eu1)" protocol=UDP
add address=nam1.cloud.thethings.network name="TTN V3 (nam1)" protocol=UDP
add address=au1.cloud.thethings.network name="TTN V3 (au1)" protocol=UDP
/ip pool
add name=dhcp ranges=192.168.10.100-192.168.10.200
/ip dhcp-server
add address-pool=dhcp authoritative=after-2sec-delay interface=br1-lan lease-time=8h name=dhcp
/ip smb users
set [ find default=yes ] disabled=yes
/port
set 0 name=serial0
set 1 name=serial1
/routing bgp template
set default disabled=no output.network=bgp-networks
/routing ospf instance
add disabled=no name=default-v2
add disabled=no name=default-v3 version=3
/routing ospf area
add disabled=yes instance=default-v2 name=backbone-v2
add disabled=yes instance=default-v3 name=backbone-v3
/routing table
add disabled=no fib name=vpn
add disabled=no fib name=vpnfull
/snmp community
set [ find default=yes ] addresses=192.168.10.0/24
/zerotier
set zt1 comment="ZeroTier Central controller - https://my.zerotier.com/" disabled=yes disabled=yes name=zt1 port=9993
/caps-man access-list
add action=reject allow-signal-out-of-range=10s disabled=no interface="2GHz-FoxWAPaC Black-1" mac-address=58:2D:34:00:8E:5C \
ssid-regexp=""
add action=accept allow-signal-out-of-range=10s disabled=no signal-range=-70..120 ssid-regexp=""
add action=reject allow-signal-out-of-range=10s disabled=no signal-range=-120..-71 ssid-regexp=""
add action=reject allow-signal-out-of-range=10s disabled=no interface="2GHz-FoxWAPaC White-1" mac-address=50:5A:65:5F:75:4B \
ssid-regexp=""
add action=reject allow-signal-out-of-range=10s disabled=no interface="2GHz-FoxWAPaC Black-1" mac-address=50:5A:65:5F:75:4B \
ssid-regexp=""
add action=accept allow-signal-out-of-range=10s disabled=no interface="5GHz-FoxWAPaC Black-1" mac-address=0C:9A:3C:1A:CF:B1 \
ssid-regexp=""
add action=reject allow-signal-out-of-range=10s disabled=no interface="5GHz-FoxWAPaC White-1" mac-address=B8:87:6E:99:09:5E \
ssid-regexp=""
add action=accept allow-signal-out-of-range=10s disabled=no interface="2GHz-FoxWAPaC White-1" mac-address=B8:87:6E:99:09:5E \
ssid-regexp=""
add action=accept allow-signal-out-of-range=10s disabled=no interface="5GHz-FoxWAPaC White-1" mac-address=CA:BC:99:57:C5:FD \
ssid-regexp=""
add action=reject allow-signal-out-of-range=10s disabled=no interface="2GHz-FoxWAPaC White-1" mac-address=CA:BC:99:57:C5:FD \
ssid-regexp=""
/caps-man manager
set enabled=yes
/caps-man manager interface
set [ find default=yes ] forbid=yes
add disabled=no interface=br1-lan
/caps-man provisioning
add action=create-enabled hw-supported-modes=gn master-configuration=home2GHz name-format=prefix-identity name-prefix=2GHz
add action=create-enabled hw-supported-modes=ac,an master-configuration=home5GHz name-format=prefix-identity name-prefix=5GHz
/container config
set registry-url=https://registry-1.docker.io tmpdir=sata1-part1/pull
/container envs
add key=TZ name=pihole_env value=Europe/Prague
add key=WEBPASSWORD name=pihole_env value=Osnegov413818
add key=DNSMASQ_USER name=pihole_env value=root
/interface bridge port
add bridge=br1-lan hw=no ingress-filtering=no interface=eth2-lan internal-path-cost=10 path-cost=10
add bridge=br1-lan hw=no ingress-filtering=no interface=eth3-lan internal-path-cost=10 path-cost=10
add bridge=br1-lan hw=no ingress-filtering=no interface=eth4-lan internal-path-cost=10 path-cost=10
add bridge=br1-lan hw=no ingress-filtering=no interface=eth5-lan internal-path-cost=10 path-cost=10
add bridge=br1-lan hw=no ingress-filtering=no interface=eth6-lan internal-path-cost=10 path-cost=10
add bridge=br1-lan hw=no ingress-filtering=no interface=eth7-lan internal-path-cost=10 path-cost=10
add bridge=br1-lan hw=no ingress-filtering=no interface=eth8-lan internal-path-cost=10 path-cost=10
add bridge=br1-lan hw=no ingress-filtering=no interface=eth9-lan internal-path-cost=10 path-cost=10
add bridge=br1-lan hw=no ingress-filtering=no interface=eth10-lan internal-path-cost=10 path-cost=10
add bridge=br1-lan hw=no ingress-filtering=no interface=eth12-lan internal-path-cost=10 path-cost=10
add bridge=br1-lan hw=no ingress-filtering=no interface=eth11-lan internal-path-cost=10 path-cost=10
add bridge=br1-lan hw=no ingress-filtering=no interface=eth13-lan internal-path-cost=10 path-cost=10
add bridge=docker disabled=yes interface=veth1-adguard
/ip firewall connection tracking
set udp-timeout=10s
/ip neighbor discovery-settings
set discover-interface-list=discover
/ip settings
set max-neighbor-entries=8192
/ipv6 settings
set max-neighbor-entries=8192
/interface list member
add interface=br1-lan list=discover
add interface=ppoe-wan list=discover
add interface=br1-lan list=mactel
add interface=br1-lan list=mac-winbox
/interface ovpn-server server
set auth=sha1,md5
/interface wireguard peers
add allowed-address=0.0.0.0/0,::/0 endpoint-address=xxx.xxx.xxx.xx endpoint-port=53269 interface=wireguard1 name=peer1 \
preshared-key="+dLzxBlIEZbktF9mEaTCejw57gzrjG0gRoJMuxbLIrc=" public-key="vxxyVes6jffCJRkIK89Yx1aYx1bd3tOWRpqbWg6C8DU="
/ip address
add address=192.168.10.1/24 interface=br1-lan network=192.168.10.0
add address=10.0.0.1/24 interface=docker network=10.0.0.0
add address=10.66.66.5 interface=wireguard1 network=10.66.66.0
/ip cloud
set ddns-update-interval=10m
/ip dhcp-client
add add-default-route=special-classless default-route-distance=2 disabled=yes interface=eth1-wan
/ip dhcp-server lease
add address=192.168.10.100 client-id=1:0:11:32:5d:29:eb comment=NAS mac-address=00:11:32:5D:29:EB server=dhcp
add address=192.168.10.110 always-broadcast=yes client-id=1:a4:14:37:52:ee:95 comment="IP-Camera Hikvision" mac-address=\
A4:14:37:52:EE:95 server=dhcp
add address=192.168.10.108 comment=Picooc mac-address=60:01:94:4B:54:6C server=dhcp
add address=192.168.10.112 client-id=1:60:f1:89:bf:17:a2 comment=Daikin mac-address=60:F1:89:BF:17:A2 server=dhcp
add address=192.168.10.107 client-id=1:70:26:5:32:df:67 comment="TV Kitchen" mac-address=70:26:05:32:DF:67 server=dhcp
add address=192.168.10.102 client-id=1:18:56:80:6f:6:62 comment=FoxLenovo mac-address=18:56:80:6F:06:62 server=dhcp
add address=192.168.10.116 client-id=ff:bf:d7:eb:d0:0:1:0:1:1f:fb:6:59:cc:98:8b:a6:7f:e4 comment="Soundbar Sony HT-ZF9" \
mac-address=E0:37:BF:D7:EB:D0 server=dhcp
add address=192.168.10.124 client-id=1:50:d4:f7:1a:4f:22 comment="Switch UPS" mac-address=50:D4:F7:1A:4F:22 server=dhcp
add address=192.168.10.111 client-id=1:1c:4d:66:44:7b:47 comment="Amazon Kindle Oasis" mac-address=1C:4D:66:44:7B:47 server=\
dhcp
add address=192.168.10.101 client-id=1:f8:ff:c2:58:75:41 comment=MacBook mac-address=F8:FF:C2:58:75:41 server=dhcp
add address=192.168.10.115 client-id=1:cc:98:8b:bd:d2:3d comment="TV Room" mac-address=CC:98:8B:BD:D2:3D server=dhcp
add address=192.168.10.103 client-id=1:78:c8:81:b7:47:ee comment="Playstation 5" mac-address=78:C8:81:B7:47:EE server=dhcp
add address=192.168.10.114 client-id=1:50:5a:65:5f:75:4b comment="Steam Deck" mac-address=50:5A:65:5F:75:4B server=dhcp
add address=192.168.10.120 client-id=1:c:9a:3c:1a:cf:b1 comment="Yandex Station Max" mac-address=0C:9A:3C:1A:CF:B1 server=dhcp
add address=192.168.10.117 client-id=ff:6e:99:9:5e:0:1:0:1:2c:7c:e:8b:b8:87:6e:99:9:5e comment="Yandex Mini Black" \
mac-address=B8:87:6E:99:09:5E server=dhcp
add address=192.168.10.119 client-id=ff:6e:9c:e7:ae:0:1:0:1:2c:7c:3:53:b8:87:6e:9c:e7:ae comment="Yandex Mini Grey" \
mac-address=B8:87:6E:9C:E7:AE server=dhcp
add address=192.168.10.104 client-id=1:c4:cb:76:18:4f:7a comment=XBOX mac-address=C4:CB:76:18:4F:7A server=dhcp
add address=192.168.10.121 client-id=1e0:2c:37:b8:5a comment="Pixel 5" mac-address=DE:E0:2C:37:B8:5A server=dhcp
add address=192.168.10.122 client-id=1:36:d7:18:db:54:b2 comment="Samsung S23 Ultra" mac-address=36:D7:18:DB:54:B2 server=dhcp
add address=192.168.10.106 client-id=1:ca:bc:99:57:c5:fd comment="Android TV Kitchen" mac-address=CA:BC:99:57:C5:FD server=\
dhcp
add address=192.168.10.109 client-id=1:80:91:33:47:ad:9f comment="IP-Camera EZVIZ" mac-address=80:91:33:47:AD:9F server=dhcp
add address=192.168.10.113 client-id=1:66:eb:37:36:19:8d comment="Galaxy Tab S7" mac-address=66:EB:37:36:19:8D server=dhcp
add address=192.168.10.105 client-id=1:8052:42:54:84 comment="XGIMI Horizon" mac-address=80:0B:52:42:54:84 server=dhcp
add address=192.168.10.199 client-id=1:64:d1:54:56:20:4d comment=WiFi mac-address=64:D1:54:56:20:4D server=dhcp
add address=192.168.10.200 client-id=1:64:d1:54:91:f9:8a mac-address=64:D1:54:91:F9:8A server=dhcp
add address=192.168.10.151 client-id=1:2:ff:8b:55:6:64 comment="VM Home Assistant" mac-address=02:FF:8B:55:06:64 server=dhcp
add address=192.168.10.152 client-id=ff:11:62:73:f7:0:1:0:1:2d:84:bc:6a:bc:24:11:62:73:f7 comment="VM Uptime Kuma" \
mac-address=BC:24:11:62:73:F7 server=dhcp
add address=192.168.10.153 client-id=ff:11:39:49:4:0:1:0:1:2d:84:bdbc:24:11:39:49:4 comment="VM Adguard Home" mac-address=\
BC:24:11:39:49:04 server=dhcp
add address=192.168.10.154 client-id=ff:11:8c:2c:c6:0:1:0:1:2d:84:c6:3c:bc:24:11:8c:2c:c6 comment="VM Casa OS" mac-address=\
BC:24:11:8C:2C:C6 server=dhcp
add address=192.168.10.155 client-id=ff:ca:53:9:5a:0:2:0:011:54:58:cb:b8:dc:b9:ce:41 comment="VM Ubuntu" mac-address=\
02:DA:A1:CE:3A:0C server=dhcp
add address=192.168.10.156 client-id=ff:11:d2:77:8f:0:1:0:1:2d:85:81:29:bc:24:11:d2:77:8f comment="VM Trilium" mac-address=\
BC:24:11:D2:77:8F server=dhcp
add address=192.168.10.157 client-id=ff:11:55:ad:a4:0:1:0:1:2d:85:97:3b:bc:24:11:55:ad:a4 comment="VM Tautulli" mac-address=\
BC:24:11:55:AD:A4 server=dhcp
add address=192.168.10.160 client-id=1:bc:24:11:71:9e:71 comment="VM Windows 11" mac-address=BC:24:11:71:9E:71 server=dhcp
add address=192.168.10.161 client-id=1:bc:24:11:da:92:6c comment="VM Kubuntu" mac-address=BC:24:11:DA:92:6C server=dhcp
add address=192.168.10.118 client-id=ff:4f:d1:52:1c:0:1:0:1:c7:92:bc:84:3c5f:d1:52:1c comment="Yandex Station Midi" \
mac-address=3C:0B:4F:D1:52:1C server=dhcp
add address=192.168.10.125 client-id=1:70:c9:32:1e:e8:78 comment="Dreame Vacuum" mac-address=70:C9:32:1E:E8:78 server=dhcp
add address=192.168.10.162 client-id=ff:ca:53:9:5a:0:2:0:011:5d:db:e6:c89e:94:61 comment="VM Ubuntu Server" \
mac-address=BC:24:11:AF:EB:51 server=dhcp
add address=192.168.10.163 client-id=ff:11:cf:f4:73:0:1:0:1:2e:8:29:7e:bc:24:11:cf:f4:73 comment="VM Plex" mac-address=\
BC:24:11:CF:F4:73 server=dhcp
/ip dhcp-server network
add address=192.168.10.0/24 dns-server=8.8.8.8,8.8.4.4 gateway=192.168.10.1 netmask=24 ntp-server=192.168.10.1
/ip dns
set allow-remote-requests=yes servers=8.8.4.4
/ip dns static
add address=164.90.228.248 name=xsts.auth.xboxlive.com
add disabled=yes forward-to=9.9.9.9 regexp=".*\\.themoviedb\\.org\$" type=FWD
/ip firewall address-list
add address=192.168.10.0/24 comment="VPN Full" list=vpnfull
add address=142.250.184.0/24 comment=Youtube list=vpn
add address=107.0.0.0/8 comment=Youtube list=vpn
add address=142.250.185.0/24 comment=Youtube list=vpn
add address=3.0.0.0/8 comment=Youtube list=vpn
add address=216.58.212.0/24 comment=Youtube list=vpn
add address=93.158.134.0/24 comment=Youtube list=vpn
add address=74.125.71.0/24 comment=Youtube list=vpn
add address=216.58.206.0/24 comment=Youtube list=vpn
add address=142.250.186.0/24 comment=Youtube list=vpn
add address=42.192.32.0/24 comment=Youtube list=vpn
add address=74.125.206.0/24 comment=Youtube list=vpn
add address=173.194.0.0/16 comment=Youtube list=vpn
add address=172.217.0.0/16 comment=Youtube list=vpn
add address=142.250.0.0/16 comment=Youtube list=vpn
add address=74.125.0.0/16 comment=Youtube list=vpn
add address=216.58.0.0/16 comment=Youtube list=vpn
add address=74.0.0.0/8 comment=Youtube list=vpn
add address=3.76.0.0/16 comment=Youtube list=vpn
add address=3.78.0.0/16 comment=Youtube list=vpn
add address=216.239.0.0/16 comment=Youtube list=vpn
add address=64.233.0.0/16 comment=Youtube list=vpn
add address=8.222.0.0/16 comment=Youtube list=vpn
add address=107.155.0.0/16 comment=Youtube list=vpn
add address=35.207.0.0/16 comment=Youtube list=vpn
add address=3.66.0.0/16 comment=Youtube list=vpn
add address=18.140.0.0/16 comment=Youtube list=vpn
add address=23.2.0.0/16 comment=Youtube list=vpn
add address=99.81.0.0/16 comment=Youtube list=vpn
add address=54.0.0.0/16 comment=Youtube list=vpn
add address=77.241.0.0/16 comment=Youtube list=vpn
add address=108.177.0.0/16 comment=Youtube list=vpn
add address=184.86.0.0/16 comment=Youtube list=vpn
add address=52.0.0.0/16 comment=Youtube list=vpn
add address=63.35.0.0/16 comment=Youtube list=vpn
add address=101.34.0.0/16 comment=Youtube list=vpn
add address=34.252.0.0/16 comment=Youtube list=vpn
add address=45.57.0.0/16 comment=Youtube list=vpn
add address=169.254.0.0/16 comment=Youtube list=vpn
add address=34.0.0.0/16 comment=Youtube list=vpn
add address=184.0.0.0/16 comment=Youtube list=vpn
add address=87.0.0.0/16 comment=Youtube list=vpn
add address=213.59.0.0/16 comment=Youtube list=vpn
add address=157.240.247.174 comment=instagram list=vpn
add address=46.53.178.107 comment=instagram list=vpn
add address=179.60.195.174 comment=instagram list=vpn
add address=157.240.205.174 comment=instagram list=vpn
add address=31.13.24.0/21 comment=instagram list=vpn
add address=31.13.64.0/18 comment=instagram list=vpn
add address=45.64.40.0/22 comment=instagram list=vpn
add address=66.220.144.0/20 comment=instagram list=vpn
add address=69.63.176.0/20 comment=instagram list=vpn
add address=69.171.224.0/19 comment=instagram list=vpn
add address=74.119.76.0/22 comment=instagram list=vpn
add address=103.4.96.0/22 comment=instagram list=vpn
add address=129.134.0.0/16 comment=instagram list=vpn
add address=157.240.0.0/16 comment=instagram list=vpn
add address=173.252.64.0/18 comment=instagram list=vpn
add address=179.60.192.0/22 comment=instagram list=vpn
add address=185.60.216.0/22 comment=instagram list=vpn
add address=204.15.20.0/22 comment=instagram list=vpn
add address=157.240.200.63 comment=instagram list=vpn
add address=185.60.219.63 comment=instagram list=vpn
add address=129.134.31.12 comment=instagram list=vpn
add address=66.81.203.132 comment=instagram list=vpn
add address=185.89.218.12 comment=instagram list=vpn
add address=31.13.66.63 comment=instagram list=vpn
add address=84.15.65.162 comment=instagram list=vpn
add address=68.66.224.28 comment=instagram list=vpn
add address=157.240.253.63 comment=instagram list=vpn
add address=83.174.11.224 comment=instagram list=vpn
add address=157.240.9.52 comment=instagram list=vpn
add address=157.240.252.174 comment=instagram list=vpn
add address=157.240.195.63 comment=instagram list=vpn
add address=31.13.71.52 comment=instagram list=vpn
add address=57.144.110.192 comment=instagram list=vpn
add address=157.240.252.17 comment=instagram list=vpn
add address=84.15.66.97 comment=instagram list=vpn
add address=217.168.6.33 comment=instagram list=vpn
add address=31.13.83.52 comment=instagram list=vpn
add address=157.240.241.63 comment=instagram list=vpn
add address=129.134.30.12 comment=instagram list=vpn
add address=185.89.219.12 comment=instagram list=vpn
add address=157.240.252.10 comment=instagram list=vpn
add address=157.240.201.63 comment=instagram list=vpn
add address=66.81.203.197 comment=instagram list=vpn
add address=179.60.195.52 comment=instagram list=vpn
add address=66.81.203.7 comment=instagram list=vpn
add address=216.40.34.41 comment=instagram list=vpn
add address=157.240.202.63 comment=instagram list=vpn
add address=157.240.229.63 comment=instagram list=vpn
add address=157.240.252.63 comment=instagram list=vpn
add address=31.13.72.53 comment=instagram list=vpn
add address=124.108.16.224 comment=instagram list=vpn
add address=157.240.205.63 comment=instagram list=vpn
add address=92.46.37.96 comment=instagram list=vpn
add address=157.240.247.63 comment=instagram list=vpn
add address=157.240.234.63 comment=instagram list=vpn
add address=157.240.235.63 comment=instagram list=vpn
add address=87.245.208.97 comment=instagram list=vpn
add address=216.58.192.0/19 comment=instagram list=vpn
add address=209.85.128.0/17 comment=instagram list=vpn
add address=198.105.240.0/20 comment=instagram list=vpn
add address=142.250.0.0/15 comment=instagram list=vpn
add address=108.177.0.0/17 comment=instagram list=vpn
add address=87.245.197.140 comment=instagram list=vpn
add address=64.233.160.0/19 comment=instagram list=vpn
add address=157.240.0.1 comment=instagram list=vpn
add address=157.240.238.63 comment=instagram list=vpn
add address=157.240.238.174 comment=instagram list=vpn
add address=157.240.0.63 comment=instagram list=vpn
add address=157.240.224.63 comment=instagram list=vpn
add address=157.240.224.174 comment=instagram list=vpn
add address=157.240.251.36 comment=instagram list=vpn
add address=157.240.253.12 comment=instagram list=vpn
add address=157.240.253.35 comment=instagram list=vpn
add address=157.240.238.13 comment=instagram list=vpn
add address=157.240.238.56 comment=instagram list=vpn
add address=157.240.238.175 comment=instagram list=vpn
add address=57.144.112.141 comment=instagram list=vpn
add address=157.240.251.60 comment=instagram list=vpn
add address=157.240.251.128 comment=instagram list=vpn
add address=157.240.238.5 comment=instagram list=vpn
add address=157.240.253.13 comment=instagram list=vpn
add address=157.240.253.5 comment=instagram list=vpn
add address=157.240.238.2 comment=instagram list=vpn
add address=157.240.238.37 comment=instagram list=vpn
add address=157.240.251.5 comment=instagram list=vpn
add address=157.240.251.34 comment=instagram list=vpn
add address=57.144.112.1 comment=instagram list=vpn
add address=157.240.238.54 comment=instagram list=vpn
add address=129.134.26.123 comment=instagram list=vpn
add address=157.240.252.3 comment=instagram list=vpn
add address=31.13.84.4 comment=instagram list=vpn
add address=157.240.224.12 comment=instagram list=vpn
add address=157.240.238.4 comment=instagram list=vpn
add address=157.240.0.13 comment=instagram list=vpn
add address=3.33.139.32 comment=instagram list=vpn
add address=157.240.0.35 comment=instagram list=vpn
add address=157.240.238.14 comment=instagram list=vpn
add address=157.240.238.60 comment=instagram list=vpn
add address=57.144.112.145 comment=instagram list=vpn
add address=157.240.251.35 comment=instagram list=vpn
add address=157.240.0.21 comment=instagram list=vpn
add address=157.240.251.18 comment=facebook list=vpn
add address=157.240.251.9 comment=facebook list=vpn
add address=157.240.238.35 comment=facebook list=vpn
add address=157.240.253.175 comment=facebook list=vpn
add address=129.134.28.123 comment=facebook list=vpn
add address=157.240.238.18 comment=facebook list=vpn
add address=157.240.251.63 comment=facebook list=vpn
add address=157.240.251.6 comment=facebook list=vpn
add address=57.144.110.1 comment=facebook list=vpn
add address=157.240.251.11 comment=facebook list=vpn
add address=157.240.253.57 comment=facebook list=vpn
add address=157.240.253.1 comment=facebook list=vpn
add address=157.240.253.34 comment=facebook list=vpn
add address=docker.io comment=docker list=vpn
add address=hub.docker.com comment=docker list=vpn
add address=registry-1.docker.io comment=docker list=vpn
add address=auth.docker.io comment=docker list=vpn
add address=cdn.auth0.com comment=docker list=vpn
add address=login.docker.com comment=docker list=vpn
add address=docker-pinata-support.s3.amazonaws.com comment=docker list=vpn
add address=api.dso.docker.com comment=docker list=vpn
add address=13.107.213.53 comment=openai.com list=vpn
add address=13.107.246.53 comment=openai.com list=vpn
add address=52.152.96.252 comment=openai.com. list=vpn
add address=216.52.0.0/16 comment=linkedin list=vpn
add address=144.2.0.0/16 comment=linkedin list=vpn
add address=108.174.0.0/16 comment=linkedin list=vpn
add address=199.101.161.0/24 comment=linkedin list=vpn
add address=188.114.98.224 comment=chatgpt list=vpn
add address=18.66.147.35 comment=chatgpt list=vpn
add address=104.18.7.192 comment=chatgpt list=vpn
add address=188.114.99.238 comment=chatgpt list=vpn
add address=104.18.27.221 comment=chatgpt list=vpn
add address=104.18.30.2 comment=chatgpt list=vpn
add address=104.18.41.241 comment=chatgpt list=vpn
add address=188.114.98.238 comment=chatgpt list=vpn
add address=188.114.99.235 comment=chatgpt list=vpn
add address=188.114.98.235 comment=chatgpt list=vpn
add address=104.18.26.221 comment=chatgpt list=vpn
add address=104.18.33.45 comment=chatgpt list=vpn
add address=18.66.147.69 comment=chatgpt list=vpn
add address=104.18.7.87 comment=chatgpt list=vpn
add address=104.18.17.170 comment=chatgpt list=vpn
add address=104.18.7.201 comment=chatgpt list=vpn
add address=184.105.99.79 comment=chatgpt list=vpn
add address=18.66.147.112 comment=chatgpt list=vpn
add address=172.64.146.15 comment=chatgpt list=vpn
add address=142.250.186.115 comment=chatgpt list=vpn
add address=104.18.6.192 comment=chatgpt list=vpn
add address=104.18.6.87 comment=chatgpt list=vpn
add address=23.35.228.138 comment=chatgpt list=vpn
add address=18.66.147.17 comment=chatgpt list=vpn
add address=104.18.8.73 comment=chatgpt list=vpn
add address=13.107.246.60 comment=chatgpt list=vpn
add address=20.118.40.5 comment=chatgpt list=vpn
add address=104.18.9.73 comment=chatgpt list=vpn
add address=104.18.16.170 comment=chatgpt list=vpn
add address=172.64.154.211 comment=chatgpt list=vpn
add address=104.18.31.2 comment=chatgpt list=vpn
add address=104.18.6.201 comment=chatgpt list=vpn
add address=188.114.98.233 list=vpn
add address=104.18.0.79 list=vpn
add address=104.18.1.79 list=vpn
add address=151.115.45.47 comment=meduza list=vpn
add address=151.115.46.187 comment=meduza list=vpn
add address=151.115.57.108 comment=meduza list=vpn
add address=88.212.240.172 comment=meduza list=vpn
add address=88.212.244.68 comment=meduza list=vpn
add address=91.227.34.40 comment=meduza list=vpn
add address=178.128.244.212 comment=rutracker list=vpn
add address=188.114.96.1 comment=rutracker list=vpn
add address=188.114.97.1 comment=rutracker list=vpn
add address=5.61.58.186 comment=rutracker list=vpn
add address=37.1.206.121 comment=rutracker list=vpn
add address=37.1.207.109 comment=rutracker list=vpn
add address=179.43.157.78 comment=rutracker list=vpn
add address=104.31.70.174 comment=rutracker list=vpn
add address=104.31.71.174 comment=rutracker list=vpn
add address=185.197.74.209 comment=rutracker list=vpn
add address=62.210.125.160 comment=rutracker list=vpn
add address=37.1.216.106 comment=rutracker list=vpn
add address=199.59.243.225 comment=rutracker list=vpn
add address=195.82.146.214 comment=rutracker list=vpn
add address=72.52.4.119 comment=rutracker list=vpn
add address=13.248.213.45 comment=rutracker list=vpn
add address=76.223.67.189 comment=rutracker list=vpn
add address=104.28.22.52 comment=rutracker list=vpn
add address=104.28.23.52 comment=rutracker list=vpn
add address=45.33.2.79 comment=rutracker list=vpn
add address=45.33.18.44 comment=rutracker list=vpn
add address=45.33.20.235 comment=rutracker list=vpn
add address=45.33.23.183 comment=rutracker list=vpn
add address=45.33.30.197 comment=rutracker list=vpn
add address=45.56.79.23 comment=rutracker list=vpn
add address=45.79.19.196 comment=rutracker list=vpn
add address=72.14.178.174 comment=rutracker list=vpn
add address=72.14.185.43 comment=rutracker list=vpn
add address=96.126.123.244 comment=rutracker list=vpn
add address=173.255.194.134 comment=rutracker list=vpn
add address=198.58.118.167 comment=rutracker list=vpn
add address=208.91.197.46 comment=rutracker list=vpn
add address=103.224.212.217 comment=rutracker list=vpn
add address=198.54.117.212 comment=rutracker list=vpn
add address=138.201.205.204 comment=rutracker list=vpn
add address=209.99.40.220 comment=rutracker list=vpn
add address=104.28.10.131 comment=rutracker list=vpn
add address=104.28.11.131 comment=rutracker list=vpn
add address=95.85.63.192 comment=rutracker list=vpn
add address=178.62.255.161 comment=rutracker list=vpn
add address=104.27.150.81 comment=rutracker list=vpn
add address=104.27.151.81 comment=rutracker list=vpn
add address=104.21.72.173 comment=rutracker list=vpn
add address=172.67.187.38 comment=rutracker list=vpn
add address=104.21.32.39 comment=rutracker list=vpn
add address=172.67.182.196 comment=rutracker list=vpn
add address=5.255.94.71 comment=riperam list=vpn
add address=5.255.94.70 comment=riperam list=vpn
add address=51.89.248.16 comment=riperam list=vpn
add address=92.119.113.92 comment=pornolab list=vpn
add address=45.147.197.66 comment=pornolab list=vpn
add address=185.110.92.40 comment=pornolab list=vpn
add address=185.110.92.41 comment=pornolab list=vpn
add address=163.172.74.46 comment=meduza list=vpn
add address=151.115.46.250 comment=meduza list=vpn
add address=151.115.47.200 comment=meduza list=vpn
add address=104.21.7.164 comment=rutracker.net list=vpn
add address=172.67.136.246 comment=rutracker.net list=vpn
add address=188.114.96.2 comment=kinozal.tv list=vpn
add address=188.114.97.2 comment=kinozal.tv list=vpn
add address=195.82.146.121 comment=rutracker-tacker list=vpn
add address=172.67.212.135 comment=rutracker.net list=vpn
add address=104.21.83.43 comment=ru-tracker.net list=vpn
add address=meduza.io comment=meduza list=vpn
add address=188.114.99.224 comment=meduza list=vpn
add address=51.75.145.21 comment=holod list=vpn
add address=51.77.52.241 comment=holod list=vpn
add address=95.141.32.28 comment=holod list=vpn
add address=95.217.91.92 comment=holod list=vpn
add address=95.217.118.44 comment=holod list=vpn
add address=145.239.2.180 comment=holod list=vpn
add address=51.15.27.51 comment=holod list=vpn
add address=65.109.52.31 comment=holod list=vpn
add address=holod.media list=vpn
add address=209.237.204.128 comment=twitter list=vpn
add address=3.64.163.50 comment=twitter list=vpn
add address=104.244.42.2 comment=twitter list=vpn
add address=209.237.197.128 comment=twitter list=vpn
add address=188.40.44.177 comment=twitter list=vpn
add address=34.254.1.203 comment=twitter list=vpn
add address=108.186.36.25 comment=twitter list=vpn
add address=69.195.160.128 comment=twitter list=vpn
add address=69.195.176.128 comment=twitter list=vpn
add address=23.1.99.237 comment=twitter list=vpn
add address=93.184.220.70 comment=twitter list=vpn
add address=34.251.129.198 comment=twitter list=vpn
add address=209.237.196.128 comment=twitter list=vpn
add address=172.67.70.184 comment=twitter list=vpn
add address=104.26.0.84 comment=twitter list=vpn
add address=104.244.42.84 comment=twitter list=vpn
add address=151.101.0.159 comment=twitter list=vpn
add address=209.237.192.128 comment=twitter list=vpn
add address=104.26.1.84 comment=twitter list=vpn
add address=199.232.188.159 comment=twitter list=vpn
add address=3.248.100.228 comment=twitter list=vpn
add address=104.244.45.3 comment=twitter list=vpn
add address=104.244.42.193 comment=twitter list=vpn
add address=104.244.42.129 comment=twitter list=vpn
add address=69.195.177.128 comment=twitter list=vpn
add address=151.101.64.159 comment=twitter list=vpn
add address=209.237.194.128 comment=twitter list=vpn
add address=104.26.5.149 comment=twitter list=vpn
add address=104.244.42.196 comment=twitter list=vpn
add address=104.244.42.194 comment=twitter list=vpn
add address=23.1.106.237 comment=twitter list=vpn
add address=185.199.110.153 comment=twitter list=vpn
add address=209.237.199.128 comment=twitter list=vpn
add address=69.195.180.128 comment=twitter list=vpn
add address=151.101.192.159 comment=twitter list=vpn
add address=209.237.203.128 comment=twitter list=vpn
add address=209.237.193.128 comment=twitter list=vpn
add address=69.195.182.128 comment=twitter list=vpn
add address=104.244.42.67 comment=twitter list=vpn
add address=52.30.155.196 comment=twitter list=vpn
add address=52.214.101.56 comment=twitter list=vpn
add address=69.195.165.128 comment=twitter list=vpn
add address=104.244.42.148 comment=twitter list=vpn
add address=104.244.42.195 comment=twitter list=vpn
add address=104.244.42.66 comment=twitter list=vpn
add address=104.244.42.1 comment=twitter list=vpn
add address=185.199.111.153 comment=twitter list=vpn
add address=69.195.187.128 comment=twitter list=vpn
add address=104.244.42.130 comment=twitter list=vpn
add address=104.244.42.3 comment=twitter list=vpn
add address=185.199.108.153 comment=twitter list=vpn
add address=104.244.42.4 comment=twitter list=vpn
add address=69.195.168.128 comment=twitter list=vpn
add address=209.237.200.128 comment=twitter list=vpn
add address=209.237.201.128 comment=twitter list=vpn
add address=104.244.42.68 comment=twitter list=vpn
add address=69.195.186.128 comment=twitter list=vpn
add address=34.243.204.245 comment=twitter list=vpn
add address=152.199.21.141 comment=twitter list=vpn
add address=93.184.221.165 comment=twitter list=vpn
add address=192.229.233.25 comment=twitter list=vpn
add address=172.67.74.16 comment=twitter list=vpn
add address=209.237.195.128 comment=twitter list=vpn
add address=69.195.181.128 comment=twitter list=vpn
add address=69.195.163.128 comment=twitter list=vpn
add address=104.244.42.72 comment=twitter list=vpn
add address=69.195.185.128 comment=twitter list=vpn
add address=34.242.228.15 comment=twitter list=vpn
add address=104.26.4.149 comment=twitter list=vpn
add address=69.195.162.128 comment=twitter list=vpn
add address=69.195.178.128 comment=twitter list=vpn
add address=151.101.128.159 comment=twitter list=vpn
add address=104.244.42.131 comment=twitter list=vpn
add address=69.195.184.128 comment=twitter list=vpn
add address=69.195.183.128 comment=twitter list=vpn
add address=69.195.171.128 comment=twitter list=vpn
add address=213.230.209.101 comment=twitter list=vpn
add address=69.195.174.128 comment=twitter list=vpn
add address=146.75.120.158 comment=twitter list=vpn
add address=104.244.42.65 comment=twitter list=vpn
add address=69.195.166.128 comment=twitter list=vpn
add address=185.199.109.153 comment=twitter list=vpn
add address=104.244.42.212 comment=twitter list=vpn
add address=95.173.103.16 comment=twitter list=vpn
add address=104.244.42.132 comment=twitter list=vpn
add address=69.195.179.128 comment=twitter list=vpn
add address=104.244.43.131 comment=twitter list=vpn
add address=69.195.169.128 comment=twitter list=vpn
add address=209.237.198.128 comment=twitter list=vpn
add address=69.195.175.128 comment=twitter list=vpn
add address=151.101.36.158 comment=twitter list=vpn
add address=104.244.42.20 comment=twitter list=vpn
add address=8.25.196.0/23 comment=twitter list=vpn
add address=8.25.194.0/23 comment=twitter list=vpn
add address=69.195.0.0/16 comment=twitter list=vpn
add address=64.63.0.0/16 comment=twitter list=vpn
add address=209.237.0.0/16 comment=twitter list=vpn
add address=202.160.0.0/16 comment=twitter list=vpn
add address=192.48.0.0/16 comment=twitter list=vpn
add address=192.133.0.0/16 comment=twitter list=vpn
add address=104.244.0.0/16 comment=twitter list=vpn
add address=152.192.0.0/13 comment=twitter-img list=vpn
add address=152.192.21.0/24 comment=twitter list=vpn
add address=104.244.40.0/21 comment=twitter list=vpn
add address=152.176.0.0/12 comment=twitter list=vpn
add address=23.0.0.0/12 comment=twitter list=vpn
add address=192.229.128.0/17 comment=twitter list=vpn
add address=146.75.0.0/16 comment=twitter list=vpn
add address=93.184.220.0/22 comment=twitter list=vpn
add address=199.232.0.0/16 comment=twitter list=vpn
add address=69.195.160.0/24 comment=twitter list=vpn
add address=69.195.162.0/24 comment=twitter list=vpn
add address=69.195.163.0/24 comment=twitter list=vpn
add address=69.195.164.0/24 comment=twitter list=vpn
add address=69.195.165.0/24 comment=twitter list=vpn
add address=69.195.166.0/24 comment=twitter list=vpn
add address=69.195.168.0/24 comment=twitter list=vpn
add address=69.195.169.0/24 comment=twitter list=vpn
add address=69.195.171.0/24 comment=twitter list=vpn
add address=69.195.172.0/24 comment=twitter list=vpn
add address=69.195.173.0/24 comment=twitter list=vpn
add address=69.195.175.0/24 comment=twitter list=vpn
add address=69.195.176.0/24 comment=twitter list=vpn
add address=69.195.177.0/24 comment=twitter list=vpn
add address=69.195.178.0/24 comment=twitter list=vpn
add address=69.195.179.0/24 comment=twitter list=vpn
add address=69.195.180.0/24 comment=twitter list=vpn
add address=69.195.181.0/24 comment=twitter list=vpn
add address=69.195.182.0/24 comment=twitter list=vpn
add address=69.195.184.0/24 comment=twitter list=vpn
add address=69.195.185.0/24 comment=twitter list=vpn
add address=69.195.186.0/24 comment=twitter list=vpn
add address=69.195.187.0/24 comment=twitter list=vpn
add address=69.195.188.0/24 comment=twitter list=vpn
add address=69.195.189.0/24 comment=twitter list=vpn
add address=69.195.190.0/24 comment=twitter list=vpn
add address=69.195.191.0/24 comment=twitter list=vpn
add address=104.244.40.0/24 comment=twitter list=vpn
add address=104.244.41.0/24 comment=twitter list=vpn
add address=104.244.42.0/24 comment=twitter list=vpn
add address=104.244.43.0/24 comment=twitter list=vpn
add address=104.244.44.0/24 comment=twitter list=vpn
add address=104.244.45.0/24 comment=twitter list=vpn
add address=104.244.46.0/24 comment=twitter list=vpn
add address=104.244.47.0/24 comment=twitter list=vpn
add address=185.45.5.0/24 comment=twitter list=vpn
add address=185.45.6.0/23 comment=twitter list=vpn
add address=192.133.76.0/22 comment=twitter list=vpn
add address=192.133.76.0/23 comment=twitter list=vpn
add address=199.16.156.0/22 comment=twitter list=vpn
add address=199.16.156.0/23 comment=twitter list=vpn
add address=199.59.148.0/22 comment=twitter list=vpn
add address=199.96.56.0/23 comment=twitter list=vpn
add address=199.96.56.0/24 comment=twitter list=vpn
add address=199.96.57.0/24 comment=twitter list=vpn
add address=199.96.58.0/23 comment=twitter list=vpn
add address=199.96.60.0/23 comment=twitter list=vpn
add address=199.96.60.0/24 comment=twitter list=vpn
add address=199.96.61.0/24 comment=twitter list=vpn
add address=199.96.62.0/23 comment=twitter list=vpn
add address=202.160.128.0/24 comment=twitter list=vpn
add address=202.160.129.0/24 comment=twitter list=vpn
add address=202.160.130.0/24 comment=twitter list=vpn
add address=202.160.131.0/24 comment=twitter list=vpn
add address=209.237.192.0/24 comment=twitter list=vpn
add address=209.237.193.0/24 comment=twitter list=vpn
add address=209.237.194.0/24 comment=twitter list=vpn
add address=209.237.195.0/24 comment=twitter list=vpn
add address=209.237.196.0/24 comment=twitter list=vpn
add address=209.237.197.0/24 comment=twitter list=vpn
add address=209.237.198.0/24 comment=twitter list=vpn
add address=209.237.199.0/24 comment=twitter list=vpn
add address=209.237.200.0/24 comment=twitter list=vpn
add address=209.237.201.0/24 comment=twitter list=vpn
add address=209.237.204.0/24 comment=twitter list=vpn
add address=209.237.205.0/24 comment=twitter list=vpn
add address=209.237.206.0/24 comment=twitter list=vpn
add address=209.237.207.0/24 comment=twitter list=vpn
add address=209.237.208.0/24 comment=twitter list=vpn
add address=209.237.209.0/24 comment=twitter list=vpn
add address=209.237.210.0/24 comment=twitter list=vpn
add address=209.237.211.0/24 comment=twitter list=vpn
add address=209.237.212.0/24 comment=twitter list=vpn
add address=209.237.213.0/24 comment=twitter list=vpn
add address=209.237.214.0/24 comment=twitter list=vpn
add address=209.237.215.0/24 comment=twitter list=vpn
add address=209.237.216.0/24 comment=twitter list=vpn
add address=209.237.217.0/24 comment=twitter list=vpn
add address=209.237.218.0/24 comment=twitter list=vpn
add address=209.237.219.0/24 comment=twitter list=vpn
add address=209.237.220.0/24 comment=twitter list=vpn
add address=209.237.221.0/24 comment=twitter list=vpn
add address=209.237.222.0/24 comment=twitter list=vpn
add address=209.237.223.0/24 comment=twitter list=vpn
add address=8.8.4.0/24 comment=Youtube list=vpn
add address=8.8.8.0/24 comment=Youtube list=vpn
add address=8.34.208.0/20 comment=Youtube list=vpn
add address=8.35.192.0/20 comment=Youtube list=vpn
add address=23.236.48.0/20 comment=Youtube list=vpn
add address=23.251.128.0/19 comment=Youtube list=vpn
add address=34.0.0.0/10 comment=Youtube list=vpn
add address=35.184.0.0/13 comment=Youtube list=vpn
add address=35.192.0.0/14 comment=Youtube list=vpn
add address=35.196.0.0/15 comment=Youtube list=vpn
add address=35.198.0.0/16 comment=Youtube list=vpn
add address=35.199.0.0/17 comment=Youtube list=vpn
add address=35.199.128.0/18 comment=Youtube list=vpn
add address=35.200.0.0/13 comment=Youtube list=vpn
add address=35.208.0.0/12 comment=Youtube list=vpn
add address=64.18.0.0/20 comment=Youtube list=vpn
add address=66.102.0.0/20 comment=Youtube list=vpn
add address=66.249.64.0/19 comment=Youtube list=vpn
add address=70.32.128.0/19 comment=Youtube list=vpn
add address=72.14.192.0/18 comment=Youtube list=vpn
add address=74.114.24.0/21 comment=Youtube list=vpn
add address=104.132.0.0/23 comment=Youtube list=vpn
add address=104.133.0.0/23 comment=Youtube list=vpn
add address=104.134.0.0/15 comment=Youtube list=vpn
add address=104.156.64.0/18 comment=Youtube list=vpn
add address=104.237.160.0/19 comment=Youtube list=vpn
add address=108.59.80.0/20 comment=Youtube list=vpn
add address=108.170.192.0/18 comment=Youtube list=vpn
add address=108.176.0.0/15 comment=Youtube list=vpn
add address=130.211.0.0/16 comment=Youtube list=vpn
add address=136.112.0.0/12 comment=Youtube list=vpn
add address=146.148.0.0/17 comment=Youtube list=vpn
add address=162.216.148.0/22 comment=Youtube list=vpn
add address=162.222.176.0/21 comment=Youtube list=vpn
add address=172.110.32.0/21 comment=Youtube list=vpn
add address=172.253.0.0/16 comment=Youtube list=vpn
add address=173.255.112.0/20 comment=Youtube list=vpn
add address=192.158.28.0/22 comment=Youtube list=vpn
add address=192.178.0.0/15 comment=Youtube list=vpn
add address=193.186.4.0/24 comment=Youtube list=vpn
add address=199.36.154.0/23 comment=Youtube list=vpn
add address=199.36.156.0/24 comment=Youtube list=vpn
add address=199.192.112.0/22 comment=Youtube list=vpn
add address=199.223.232.0/21 comment=Youtube list=vpn
add address=207.223.160.0/20 comment=Youtube list=vpn
add address=208.65.152.0/22 comment=Youtube list=vpn
add address=208.68.108.0/22 comment=Youtube list=vpn
add address=208.81.188.0/22 comment=Youtube list=vpn
add address=208.117.224.0/19 comment=Youtube list=vpn
add address=216.239.32.0/19 comment=Youtube list=vpn
add address=216.239.36.0/24 comment=Youtube list=vpn
add address=216.239.38.0/23 comment=Youtube list=vpn
add address=216.239.40.0/22 comment=Youtube list=vpn
add address=34.64.0.0/10 comment=Youtube list=vpn
add address=34.128.0.0/10 comment=Youtube list=vpn
add address=142.251.141.46 comment=Youtube list=vpn
add address=212.188.34.209 comment=Youtube list=vpn
add address=172.217.169.138 comment=Youtube list=vpn
add address=142.250.187.106 comment=Youtube list=vpn
add address=142.250.186.33 comment=Youtube list=vpn
add address=172.217.17.238 comment=Youtube list=vpn
add address=172.217.20.78 comment=Youtube list=vpn
add address=142.250.185.238 comment=Youtube list=vpn
add address=74.125.156.170 comment=Youtube list=vpn
add address=185.38.0.76 comment=Youtube list=vpn
add address=212.188.34.207 comment=Youtube list=vpn
add address=108.177.14.138 comment=Youtube list=vpn
add address=142.251.40.139 comment=Youtube list=vpn
add address=142.251.40.102 comment=Youtube list=vpn
add address=108.177.14.113 comment=Youtube list=vpn
add address=142.251.40.138 comment=Youtube list=vpn
add address=142.250.74.78 comment=Youtube list=vpn
add address=142.251.141.145 comment=Youtube list=vpn
add address=142.250.74.110 comment=Youtube list=vpn
add address=142.251.40.103 comment=Youtube list=vpn
add address=142.250.74.46 comment=Youtube list=vpn
add address=108.177.97.78 comment=Youtube list=vpn
add address=142.250.74.14 comment=Youtube list=vpn
add address=34.2.0.0/16 comment=Youtube list=vpn
add address=34.3.0.0/23 comment=Youtube list=vpn
add address=34.3.3.0/24 comment=Youtube list=vpn
add address=34.3.4.0/24 comment=Youtube list=vpn
add address=34.3.8.0/21 comment=Youtube list=vpn
add address=34.3.16.0/20 comment=Youtube list=vpn
add address=34.3.32.0/19 comment=Youtube list=vpn
add address=34.3.64.0/18 comment=Youtube list=vpn
add address=34.4.0.0/14 comment=Youtube list=vpn
add address=34.8.0.0/13 comment=Youtube list=vpn
add address=34.16.0.0/12 comment=Youtube list=vpn
add address=34.32.0.0/11 comment=Youtube list=vpn
add address=35.224.0.0/12 comment=Youtube list=vpn
add address=35.240.0.0/13 comment=Youtube list=vpn
add address=57.140.192.0/18 comment=Youtube list=vpn
add address=64.15.112.0/20 comment=Youtube list=vpn
add address=66.22.228.0/23 comment=Youtube list=vpn
add address=104.154.0.0/15 comment=Youtube list=vpn
add address=104.196.0.0/14 comment=Youtube list=vpn
add address=107.167.160.0/19 comment=Youtube list=vpn
add address=107.178.192.0/18 comment=Youtube list=vpn
add address=136.22.160.0/20 comment=Youtube list=vpn
add address=136.22.176.0/21 comment=Youtube list=vpn
add address=136.22.184.0/23 comment=Youtube list=vpn
add address=136.22.186.0/24 comment=Youtube list=vpn
add address=152.65.208.0/22 comment=Youtube list=vpn
add address=152.65.214.0/23 comment=Youtube list=vpn
add address=152.65.218.0/23 comment=Youtube list=vpn
add address=152.65.222.0/23 comment=Youtube list=vpn
add address=152.65.224.0/19 comment=Youtube list=vpn
add address=162.120.128.0/17 comment=Youtube list=vpn
add address=216.73.80.0/20 comment=Youtube list=vpn
add address=108.156.0.0/15 comment=Youtube list=vpn
add address=44.0.0.0/8 comment=Youtube list=vpn
add address=13.224.0.0/12 comment=Youtube list=vpn
add address=18.66.0.0/16 comment=Youtube list=vpn
add address=3.126.0.0/16 comment=Youtube list=vpn
add address=3.164.0.0/16 comment=Youtube list=vpn
add address=3.220.0.0/16 comment=Youtube list=vpn
add address=3.251.0.0/16 comment=Youtube list=vpn
add address=3.77.0.0/16 comment=Youtube list=vpn
add address=34.208.0.0/13 comment=Youtube list=vpn
add address=34.240.0.0/13 comment=Youtube list=vpn
add address=35.160.0.0/13 comment=Youtube list=vpn
add address=35.80.0.0/13 comment=Youtube list=vpn
add address=44.192.0.0/10 comment=Youtube list=vpn
add address=44.224.0.0/12 comment=Youtube list=vpn
add address=46.137.0.0/16 comment=Youtube list=vpn
add address=52.12.0.0/15 comment=Youtube list=vpn
add address=52.16.0.0/14 comment=Youtube list=vpn
add address=52.208.0.0/13 comment=Youtube list=vpn
add address=52.30.0.0/16 comment=Youtube list=vpn
add address=52.31.0.0/16 comment=Youtube list=vpn
add address=52.36.0.0/14 comment=Youtube list=vpn
add address=52.40.0.0/14 comment=Youtube list=vpn
add address=52.58.0.0/15 comment=Youtube list=vpn
add address=54.154.0.0/16 comment=Youtube list=vpn
add address=54.186.0.0/15 comment=Youtube list=vpn
add address=54.228.0.0/15 comment=Youtube list=vpn
add address=54.246.0.0/16 comment=Youtube list=vpn
add address=54.74.0.0/16 comment=Youtube list=vpn
add address=54.76.0.0/15 comment=Youtube list=vpn
add address=194.190.76.0/23 comment=Youtube list=vpn
add address=194.90.196.0/23 comment=Youtube list=vpn
add address=212.143.192.0/19 comment=Youtube list=vpn
add address=194.90.0.0/16 comment=Youtube list=vpn
add address=46.134.192.0/18 comment=Youtube list=vpn
add address=255.255.255.255 comment=Youtube list=vpn
add address=104.16.0.0/12 comment=Youtube list=vpn
add address=104.17.0.0/20 comment=Youtube list=vpn
add address=172.64.0.0/13 comment=Youtube list=vpn
add address=188.114.96.0/20 comment=Youtube list=vpn
add address=80.67.32.0/19 comment=Youtube list=vpn
add address=185.199.108.0/22 comment=Youtube list=vpn
add address=224.0.0.0/4 comment=Youtube list=vpn
add address=239.0.0.0/8 comment=Youtube list=vpn
add address=51.89.0.0/16 comment=Youtube list=vpn
add address=178.154.128.0/17 comment=Youtube list=vpn
add address=213.180.192.0/18 comment=Youtube list=vpn
add address=5.255.248.0/21 comment=Youtube list=vpn
add address=87.250.224.0/19 comment=Youtube list=vpn
add address=192.168.2.8 comment=TVs list=vpn
add address=129.226.0.0/16 comment=youtube list=vpn
add address=144.76.0.0/16 comment=youtube list=vpn
add address=149.112.112.0/24 comment=youtube list=vpn
add address=185.159.158.0/23 comment=youtube list=vpn
add address=199.59.240.0/22 comment=youtube list=vpn
add address=23.32.0.0/11 comment=youtube list=vpn
add address=43.152.0.0/16 comment=youtube list=vpn
add address=5.61.48.0/20 comment=youtube list=vpn
add address=8.218.0.0/15 comment=youtube list=vpn
add address=91.211.248.0/22 comment=youtube list=vpn
add address=95.100.0.0/14 comment=youtube list=vpn
add address=35.186.232.0/24 comment=youtube list=vpn
add address=74.125.8.0/24 comment=youtube list=vpn
add address=74.125.100.0/24 comment=youtube list=vpn
add address=74.125.131.0/24 comment=youtube list=vpn
add address=74.125.205.0/24 comment=youtube list=vpn
add address=64.233.161.0/24 comment=youtube list=vpn
add address=64.233.162.0/24 comment=youtube list=vpn
add address=64.233.163.0/24 comment=youtube list=vpn
add address=64.233.164.0/24 comment=youtube list=vpn
add address=64.233.165.0/24 comment=youtube list=vpn
add address=108.177.14.0/24 comment=youtube list=vpn
add address=142.250.150.0/24 comment=youtube list=vpn
add address=142.251.1.0/24 comment=youtube list=vpn
add address=172.217.133.0/24 comment=youtube list=vpn
add address=173.194.222.0/24 comment=youtube list=vpn
add address=173.194.221.0/24 comment=youtube list=vpn
add address=173.194.220.0/24 comment=youtube list=vpn
add address=209.85.233.0/24 comment=youtube list=vpn
add address=209.85.226.0/24 comment=youtube list=vpn
/ip firewall filter
add action=accept chain=input comment="Accept Ping " protocol=icmp
add action=accept chain=forward protocol=icmp
add action=accept chain=input comment="Accept Established / Related Input" connection-state=established,related
add action=accept chain=input comment="Allow Management Input - 192.168.10.0/24" src-address=192.168.10.0/24
add action=drop chain=input comment="Drop Input" log=yes log-prefix="Input Drop"
add action=fasttrack-connection chain=forward comment="Accept & FastTrack Established / Related Forward" connection-state=\
established,related disabled=yes hw-offload=yes
add action=accept chain=forward connection-state=established,related
add action=accept chain=forward comment="Allow forward traffic LAN >> WAN" out-interface=ppoe-wan src-address=192.168.10.0/24
add action=accept chain=forward comment="Port Forwarding" dst-port=32400 in-interface=ppoe-wan protocol=tcp
add action=accept chain=forward dst-port=8123 in-interface=ppoe-wan protocol=tcp
add action=accept chain=forward dst-port=16881 in-interface=ppoe-wan protocol=tcp
add action=accept chain=forward dst-port=1194 in-interface=ppoe-wan protocol=udp
add action=accept chain=forward comment=VPN connection-state=established,new in-interface=br1-lan out-interface=wireguard1 \
src-address=192.168.10.0/24
add action=accept chain=forward connection-state=established,related in-interface=wireguard1 out-interface=br1-lan
add action=drop chain=forward comment="Drop Forward"
/ip firewall mangle
add action=change-mss chain=forward disabled=yes new-mss=clamp-to-pmtu out-interface=wireguard1 passthrough=yes protocol=tcp \
tcp-flags=syn
add action=mark-routing chain=prerouting comment=VPN dst-address-list=vpn new-routing-mark=vpn passthrough=yes
add action=mark-routing chain=prerouting comment=VPNFULL disabled=yes new-routing-mark=vpnfull passthrough=no \
src-address-list=vpnfull
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ppoe-wan
add action=dst-nat chain=dstnat comment=PLEX dst-port=32400 in-interface=ppoe-wan protocol=tcp to-addresses=192.168.10.100
add action=dst-nat chain=dstnat comment="Home Assistant" dst-port=8123 in-interface=ppoe-wan protocol=tcp to-addresses=\
192.168.10.151
add action=dst-nat chain=dstnat comment=Torrents dst-port=16881 in-interface=ppoe-wan protocol=tcp to-addresses=192.168.10.100
add action=dst-nat chain=dstnat comment=OVPN dst-port=1194 in-interface=ppoe-wan protocol=udp to-addresses=192.168.10.100
add action=masquerade chain=srcnat comment=WireGuard out-interface=wireguard1
/ip route
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=wireguard1 routing-table=vpn scope=30 suppress-hw-offload=no \
target-scope=10
/ip service
set telnet address=192.168.10.0/24 disabled=yes
set ftp disabled=yes
set www address=192.168.10.0/24 disabled=yes port=9999
set ssh address=192.168.10.0/24 disabled=yes port=2222
set api address=192.168.10.0/24
set api-ssl disabled=yes
/ip smb shares
set [ find default=yes ] directory=/pub
/ip ssh
set allow-none-crypto=yes forwarding-enabled=remote
/ip upnp
set enabled=yes
/ip upnp interfaces
add interface=br1-lan type=internal
add interface=eth1-wan type=external
/ipv6 nd
set [ find default=yes ] advertise-dns=no
/routing bfd configuration
add disabled=no interfaces=all min-rx=200ms min-tx=200ms multiplier=5
/snmp
set contact=nightsnowfox@gmail.com enabled=yes location=Home trap-version=2
/system clock
set time-zone-name=Europe/Moscow
/system gps
set set-system-time=no
/system identity
set name=FoxDude
/system note
set show-at-login=no
/system ntp client
set enabled=yes
/system ntp server
set enabled=yes manycast=yes
/system ntp client servers
add address=91.218.87.254
add address=91.218.87.251
/tool graphing interface
add allow-address=192.168.10.0/24
/tool graphing queue
add allow-address=192.168.10.0/24
/tool graphing resource
add allow-address=192.168.10.0/24
/tool mac-server
set allowed-interface-list=mactel
/tool mac-server mac-winbox
set allowed-interface-list=mac-winbox

к роутеру (выше) подцеплены две вайфайные точки, объединенные в капсман

 

MikroTik RouterOS 7.15.3 (c) 1999-2024 https://www.mikrotik.com/
# 2024-08-13 11:42:52 by RouterOS 7.15.3
# software id = EHR1-DXDU
#
# model = RBwAPG-5HacT2HnD
# serial number = 7DF40795EF17
/interface bridge
add name=bridgeCAPB
/interface wireless
# managed by CAPsMAN
# channel: 2412/20-Ce/gn(12dBm), SSID: FoxWAPaC, local forwarding
set [ find default-name=wlan1 ] disabled=no ssid=MikroTik
# managed by CAPsMAN
# channel: 5180/20-Ceee/ac/P(18dBm), SSID: FoxWAPaC, local forwarding
set [ find default-name=wlan2 ] disabled=no ssid=MikroTik
/interface list
add name=WAN
add name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/interface bridge port
add bridge=bridgeCAPB interface=wlan1
add bridge=bridgeCAPB interface=ether1
add bridge=bridgeCAPB interface=wlan2
/interface list member
add interface=ether1 list=WAN
add interface=wlan2 list=LAN
add interface=wlan1 list=LAN
/interface wireless cap
#
set bridge=bridgeCAPB discovery-interfaces=ether1 enabled=yes interfaces=wlan2,wlan1
/ip dhcp-client
add interface=bridgeCAPB
/ip hotspot profile
set [ find default=yes ] html-directory=hotspot
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh disabled=yes
set api disabled=yes
set winbox address=192.168.10.0/24
set api-ssl disabled=yes
/system clock
set time-zone-name=Europe/Moscow
/system identity
set name="FoxWAPaC Black"
/system note
set show-at-login=no
/system ntp client
set enabled=yes
/system ntp client servers
add address=91.218.87.254
add address=91.218.87.251

[Sires]

Спасибо тем, кто составил списки!

В моём случае заработало частично - у мобилки на вифи сразу взлетело, а на кабеле был connection reset.
Судя по тестам, вылечилось включением Firewall в настройках Bridge.

Получилось заворачивать трафик чисто указанных хостов.

Пока продолжаю наблюдение.



Кстати, на резервный вариант, вполне можно и без Mangle заворачивать, просто прописать хотсы в таблице маршрутизации и указать шлюзом свой впн.

У меня такая же проблема - на wifi работает, а на кабеле - нет.
Можете чуть подробнее написать, какие настройки в бридже изменяли, что кабель заработал?
Заранее благодарю.

[anklav24]

У меня заработал ютуб на версии 7.15.

Предполагаю что уже у вас есть работающая маршрутизация address list в vpn

Код: Выделить всё

# Настроить DNS микротика на 8.8.8.8 и 8.8.4.4

# Спрятать DNS запросы в тунель
add address=8.8.4.0/24 comment=YouTube list=to-wg
add address=8.8.8.0/24 comment=YouTube list=to-wg

ip/dns/static/add address-list=to-wg match-subdomain=yes name=googlevideo.com type=FWD 
ip/dns/static/add address-list=to-wg match-subdomain=yes name=youtube.com type=FWD                  

ip/dns/static/add address-list=to-wg match-subdomain=yes name=x.com type=FWD          
ip/dns/static/add address-list=to-wg match-subdomain=yes name=twitter.com type=FWD  
ip/dns/static/add address-list=to-wg match-subdomain=yes name=twimg.com type=FWD

ip/dns/static/add address-list=to-wg match-subdomain=yes name=chatgpt.com type=FWD            
ip/dns/static/add address-list=to-wg match-subdomain=yes name=openai.com type=FWD        
ip/dns/static/add address-list=to-wg match-subdomain=yes name=copilot.microsoft.com type=FWD           
ip/dns/static/add address-list=to-wg match-subdomain=yes name=bing.com type=FWD                      
ip/dns/static/add address-list=to-wg match-subdomain=yes name=openai.com type=FWD 

ip/dns/static/add address-list=to-wg match-subdomain=yes name=instagram.com type=FWD        
ip/dns/static/add address-list=to-wg match-subdomain=yes name=cdninstagram.com type=FWD          
ip/dns/static/add address-list=to-wg match-subdomain=yes name=facebook.com type=FWD
ip/dns/static/add address-list=to-wg match-subdomain=yes name=fbcdn.net type=FWD
ip/dns/static/add address-list=to-wg match-subdomain=yes name=linkedin.com type=FWD

[pipitos]

У меня заработал ютуб на версии 7.15.

Предполагаю что уже у вас есть работающая маршрутизация address list в vpn

Код: Выделить всё

# Настроить DNS микротика на 8.8.8.8 и 8.8.4.4

# Спрятать DNS запросы в тунель
add address=8.8.4.0/24 comment=YouTube list=to-wg
add address=8.8.8.0/24 comment=YouTube list=to-wg

ip/dns/static/add address-list=to-wg match-subdomain=yes name=googlevideo.com type=FWD 
ip/dns/static/add address-list=to-wg match-subdomain=yes name=youtube.com type=FWD                  

ip/dns/static/add address-list=to-wg match-subdomain=yes name=x.com type=FWD          
ip/dns/static/add address-list=to-wg match-subdomain=yes name=twitter.com type=FWD  
ip/dns/static/add address-list=to-wg match-subdomain=yes name=twimg.com type=FWD

ip/dns/static/add address-list=to-wg match-subdomain=yes name=chatgpt.com type=FWD            
ip/dns/static/add address-list=to-wg match-subdomain=yes name=openai.com type=FWD        
ip/dns/static/add address-list=to-wg match-subdomain=yes name=copilot.microsoft.com type=FWD           
ip/dns/static/add address-list=to-wg match-subdomain=yes name=bing.com type=FWD                      
ip/dns/static/add address-list=to-wg match-subdomain=yes name=openai.com type=FWD 

ip/dns/static/add address-list=to-wg match-subdomain=yes name=instagram.com type=FWD        
ip/dns/static/add address-list=to-wg match-subdomain=yes name=cdninstagram.com type=FWD          
ip/dns/static/add address-list=to-wg match-subdomain=yes name=facebook.com type=FWD
ip/dns/static/add address-list=to-wg match-subdomain=yes name=fbcdn.net type=FWD
ip/dns/static/add address-list=to-wg match-subdomain=yes name=linkedin.com type=FWD

add address=8.8.4.0/24 comment=YouTube list=to-wg
add address=8.8.8.0/24 comment=YouTube list=to-wg

это плохая затея. если тунель ляжет то вы будете испытывать трудности с открытием сайтов. Нужно в ватчдоге скриптами костылить. Или использовать DOH

[anklav24]

add address=8.8.4.0/24 comment=YouTube list=to-wg
add address=8.8.8.0/24 comment=YouTube list=to-wg
это плохая затея. если тунель ляжет то вы будете испытывать трудности с открытием сайтов. Нужно в ватчдоге скриптами костылить. Или использовать DOH

Да это понимаю, но DOH так и не получилось настроить, не нашел как заставить работать сертификаты. Не подскажете как?

[pipitos]

add address=8.8.4.0/24 comment=YouTube list=to-wg
add address=8.8.8.0/24 comment=YouTube list=to-wg
это плохая затея. если тунель ляжет то вы будете испытывать трудности с открытием сайтов. Нужно в ватчдоге скриптами костылить. Или использовать DOH

Да это понимаю, но DOH так и не получилось настроить, не нашел как заставить работать сертификаты. Не подскажете как?

Код: Выделить всё

/tool fetch url=https://curl.se/ca/cacert.pem
/certificate import file-name=cacert.pem passphrase=""
/ip dns static add address=8.8.8.8 name=dns.google
/ip dns static add address=8.8.4.4 name=dns.google
/ip dns set use-doh-server=https://dns.google/dns-query verify-doh-cert=yes

Если это не будет работать с проверкой сертификатов то вот:

Код: Выделить всё

/tool fetch url=https://cacerts.digicert.com/DigiCertGlobalRootCA.crt.pem
/certificate import file-name=DigiCertGlobalRootCA.crt.pem passphrase=""
/ip dns set use-doh-server=https://1.1.1.1/dns-query verify-doh-cert=yes
/ip dns set servers=""

[anklav24]

add address=8.8.4.0/24 comment=YouTube list=to-wg
add address=8.8.8.0/24 comment=YouTube list=to-wg
это плохая затея. если тунель ляжет то вы будете испытывать трудности с открытием сайтов. Нужно в ватчдоге скриптами костылить. Или использовать DOH

Да это понимаю, но DOH так и не получилось настроить, не нашел как заставить работать сертификаты. Не подскажете как?

Код: Выделить всё

/tool fetch url=https://curl.se/ca/cacert.pem
/certificate import file-name=cacert.pem passphrase=""
/ip dns static add address=8.8.8.8 name=dns.google
/ip dns static add address=8.8.4.4 name=dns.google
/ip dns set use-doh-server=https://dns.google/dns-query verify-doh-cert=yes

Если это не будет работать с проверкой сертификатов то вот:

Код: Выделить всё

/tool fetch url=https://cacerts.digicert.com/DigiCertGlobalRootCA.crt.pem
/certificate import file-name=DigiCertGlobalRootCA.crt.pem passphrase=""
/ip dns set use-doh-server=https://1.1.1.1/dns-query verify-doh-cert=yes
/ip dns set servers=""

DoH вроде заработал, но с DoH не работают FWD записи.

Currently, DoH is not compatible with FWD-type static entries, in order to utilize FWD entries, DoH must not be configured.