Throttling website traffic on a Routerboard

There are occasions when one might wish to throttle, or otherwise monitor, traffic going to a specific website using a Routerboard. Perhaps you want to dissuade someone from accessing a website like the Daily Mail, you could do this by throttling the traffic down to dial-up speeds for example. Or perhaps you would just like to graph the amount of traffic going to a particular domain, all this is possible with a Routerboard. Doing it with IP is very simple and I won’t cover it here, but if you’d like to know how to do it to a specific domain where you don’t know the IP then keep reading.

MTU, baby jumbo frames, and FTTC

I recently found myself tinkering with my router settings in an effort to make my broadband work. There was, in hindsight, a good chance that the problem was my ISP and nothing that I had done, but that didn’t stop me from tinkering just in case.

Whilst messing with the settings I found myself looking at the MTU settings for my WAN and PPPoE connection and wondering why they had to be so small compared to the local LAN interfaces. So I tweaked some more! And I broke it entirely, however I tweaked some more and enabled something called baby jumbo frames.

So long Wordpress, hello HTML

The website has had a facelift! And not just a cosmetic one either, the entire core of the website has been replaced, with old fashioned static HTML, and some fancy CSS. I decided that Wordpress had to go, it’s time was up.

Web filtering on Mikrotik / Routerboard

If you are using a Routerboard and have children then there is a good chance that you would like to implement some sort of filtering on your internet connection to protect them from some of the darker elements of the internet. Luckily due to the power and versatility of RouterOS you are able to do this very simply and elegantly.

In this guide I’m going to talk through how to accomplish several different things necessary to achieve good quality, almost teenager proof, filtering. By the end of it you’ll have done the following:

  • Setup a DNS server on the router to handle DNS queries from your LAN.
  • Configured the router to use Norton ConnectSafe DNS (a free filtered DNS service) for DNS queries.
  • Added a destination NAT rule to prevent anyone using alternative DNS servers to work around DNS level filtering.
  • Learnt how to block specific websites using a Layer7 protocol and firewall filter. Useful for websites such as Tumblr which aren’t blocked by Norton but are good candidates for blocking due to large amounts of adult material.
  • Optionally hidden the Norton ConnectSafe block page if you don’t want users to see that the page was blocked.

Getting started with PGP on OS X

If reading the news over the past few weeks has told us anything, it’s that the government will seize any opportunity to have a crack at reading your personal communications. David Cameron has decided that the likes of Whats App, Snapchat, and Facebook Messenger are a threat the very fabric of society due to their encrypted nature; he feels that in order for the country to be safe the security services need to be able to read everything. The old adage about not worrying if you have nothing to hide comes to mind.

I am going to talk you through how to protect probably one of the most widely used forms of digital communication, email. To do this we’re going to setup PGP, or to be precise, GPGTools, the open source equivalent for Mac.