Signal.org Mangle And Queue - Mikrotik Script RouterOS

Signal.org Mangle And Queue - Mikrotik Script
The Signal application does not have a special port because what I know is that the port still uses secure TCP 443 and a random port for UDP, so we can simply mark it to the domain hosts * .signal.org and * .whispersystems.org For packet marking the Signal application can use tls-host or content or addlist or layer7

/ip firewall 
address-list add address=172.16.0.0/12 list=IP-LAN
address-list add address=192.168.0.0/16 list=IP-LAN
address-list add address=10.0.0.0/8 list=IP-LAN

/ip firewall filter 
add action=add-dst-to-address-list address-list=Signal address-list-timeout=1d chain=forward dst-address-list=!IP-LAN protocol=tcp tls-host=*.signal.org
add action=add-dst-to-address-list address-list=Signal address-list-timeout=1d chain=forward dst-address-list=!IP-LAN protocol=tcp tls-host=*.whispersystems.org

/ip firewall mangle 
add action=mark-connection chain=prerouting dst-address-list=Signal new-connection-mark=conn-Signal passthrough=yes src-address-list=IP-LAN
add action=mark-packet chain=prerouting connection-mark=conn-Signal new-packet-mark=Signal-pkt passthrough=no src-address-list=IP-LAN
action=mark-packet chain=postrouting connection-mark=conn-Signal dst-address-list=IP-LAN new-packet-mark=Signal-pkt passthrough=no

/queue simple 
add name="Signal" packet-marks=Signal-pkt queue=default/default target=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12 total-queue=default
<- Back To Home