locktime

Open full view…

Help! I need to make a guide to block all CDN traffic.

rikku33
Thu, 21 Apr 2022 22:58:50 GMT

Hello. Well, my problem is very hard, I suppose. Fist things first: I run Win 7 64 bits. Antivirus programs are Win Defender and Malwarebytes. Firewall programs are Win Firewall and Netlimiter 4. My internet connection is done with USB Tethering with Galaxy S5 running Android 9. Short description: My current state of Firewall settings in Netlimter 4 make my Windows freeze everything but the mouse if I start in Normal Mode. In Safe mode this doesn't happen. Deactivating Netlimiter Service makes the freezes gone. The Last time before this I had to Shut Off my PC, because everything was frozen and the mouse was very lagging. What the heck did I block? Long Description: Normally I use Google Chrome for an online game. Everything else should be surfed with Firefox. Now my traffic contingent of my tariff is gone. That's where it starts. Please excuse my english, I'm from Germany. I suppose that opening something like google.com will need to ask the DNS Server (I use 1.1.1.1) for the IP, call the site by IP and done. But reality must have changed by far. --- I checked wikipedia for the meaning of CDN Services. I began to understand, why my browsers are talking unstoppable with the internet while I don't surf, but nevertheless I cannot tolerate that. Why sould my browsers ask where they could find google before I want it? Possibly supporting all those CDN Services and internet providers making money by traffic and I get nothing? If the world thinks that CDN must be done - well: it may tell the routes to 1.1.1.1 and let my CPU out of the process. I want to download a specific file with chrome and don't want to offer a single bit to firefox until that is done. Failing that means that I cannot play the online game. It seems that freezing firefox with sysinternals process explorer is the only way to do that because closing firefox is not an option. But that won't help because svchost.exe acts the same. And I don't want so suspenz 10 exes for one program every time. Before that I programmed a page in javascript where I just input something like 142.250.0.0 and press a button to get the whole list of IPs to paste into my hosts file. By the time there are now millions of lines in it. Looking in Netlimiter, all the browsers (and also svchost.exe) do not care about theese blocks. Googeling for that problem leads to a site where the answerer complains about the poster having a compomised system. Conclusion: Of of them must be lying. So I repeated blocking all that stuff in Netlimiter. I also blocked all loopback traffic and 127.0.0.1 as target address. To make that more effective (because it does not seem to work) I also set a limit to 1B and Quota to 1B. I know, Quota is useless in this setup but it proves that the blocks do not work, if "the user" is not the one that wants to connect. One other big problem is: When I block enough things It can happen that it finally works and the browsers traffic shuts up. Well done? NO. Despite not blocking 1.1.1.1, I cannot ping anything (useful to get IPs to unblock) and svchost.exe cannot see the internet. When this happens, all programs will take svchost.exe's "no internet" (seen in windows taskbar) for real. Windows diagnosis will then tell me that my network card (the smartphone) has no valid I configuration. There is also system.exe that always wants port 137 connections which I suppose are for local filesharing? What shall I do with those 2 exes? Any idea why the browsers calling 1.1.1.1:53 (in red color) doesn't give them internet? Well, once upon a time I had 2 internet connections and tried to split the programs by firewall. As you may know this does not work for the same reason: svchost.exe chooses only ONE and will whisper the secret "there is internet" to ALL programs. To avoid beeing told about IPv6 addresses which I cannot read and wouldn't hnow what they are I deactivated IPv6 in Network card. That's where the "no valid ip configuration"-problem begun. Now I don't know what IPs/Ports are needed to make "the internet beeing there" without causing any traffic. The blocked IPs all belong to CDN companies. Maybe some "local area" IPs are there to, but how could 224.0.0.252 and 239.255.255.255 be local??? Well, I unblocked them but that didn't help. Normally I should habe 192.168.?.42, but I don't know if that changes using USB Tethering. I think to remenber that in Vista it does but in Win7 it does not. Is it even possible to connect without IPv6 via USB Tethering? The last thing I did was to disable firewall but kept limiter on. Immediately after that, the mouse and the whole computer began to lag. I didn't connect to the internet again until now. I would like to send you a screenshot so you get an idea but it seems like something doesn't want me to do that as windows would crash if I start the netlimiter service. EDIT: I manages to turn Limiter off, but please help so I can turn it back on. --- So, to summarize that: How can I get fully rid of CDN traffic? What must not be blocked to make the browsers recognize the internet? What ports of what programms must remain open to make mouseclicks and windows work? (I must be kidding to ask that, but you read my post...) What's the official way to check if Netlimiter definitely cannot be circumvented by hooking on lets say svchost.exe? (I'm not sure If it is circumvented or if it just logs the traffic as if.) --- Well, I hope you can enlighten me. By the way, my last sentence (hooking on...) could lead to a solution, but I still need to know the small parts of making the internet visible and to make the "network card" have an IP. I did read the guide from "what is a connection" to using qouta. The next page did not load because of DNS data timed out or something. Maybe I missed an important part of not blocking DHCP? In the meantime I will write a documentation of all my windows services in Excel, hopefully finding a way to make them all show up in services.msc and split them to seperate processes so netlimiter can tell which svchost.exe it talks about. Yes, I found that idea in the guide. --- Before posting an answer, please: 1. Make sure you are not affiliated with ISPs or CDN Networking companies or antivirus software companies. I would not trust you. 2. Understand that 64kbits are all I have and CDN Networking will not find "a better route" for such a slow connection. It will just slow it down. 3. Realize that I know that this is all about money. I just bought some extra traffic. But Netlimiter was made for the purpose avoiding that. 4. Believe that the online game does run well with 64kbits until it gets updated once per 1-2 weeks. When that happens I have to download some big files manually to have them cached (yes, with chrome that works, with firefox (i use quantum) it does not). One of theese files is 3 MB and I get only 1,2 kbits, so there must definitely be something interrupting that has to be blocked. 5. Consider this as example of trying to block CDN traffic. I hope it will lead into a full guide. Or is there already one for that which google didn't find?