Skip to content
Oct 18 / Greg

Redirect Users To A Fake Speed Test Site

For some ISPs, speed test sites can be their best friend. It shows a user that he is reaching his potential speed. For others it’s a nightmare as it gives ammunition for users. While at MUM this year my lunch table was having a friendly discussion about just this. Some suggestions were offered on various things you can do to speed test sites. One person explained how a WISP was blocking every speed test site they could think of, just to keep users from accessing any solid material to complain with. I then suggested that I could make a fake speed test site and redirect all users to that. Everyone had a good laugh, but…I though it would be fun to do it for real, so here it is!

In a nutshell what happens is this:

  • The user tries to browse to a webpage that contains the word speedtest or bandwidth test in the url
  • The server IP gets added to an address list of known speed test servers.
  • Subsiquent access to these addresses hit a destination nat rule that will shoot them over to our webserver, which happens to be hosting our custom webpage.
  • You average user will believe it...hehehe

    The webpage is just simple HTML, nothing fancy. The speed test is really just an animated GIF file that plays once and proudly displays “Speed is Broadband” hehehehe.

    Broadband is best band

    If you hit the “run test again” button, it just refreshes the cached page and replays the GIF.

    The files can be downloaded here: Speedtest-HTML (2817 downloads)
    You need to run any webserver that will use this folder at the default page.

    Here’s the router code to make it happen

    Layer 7 match for an URL that contains speedtest or bandwidthtest.

    1
    2
    3
    
    /ip firewall layer7-protocol
    add comment="" name=speedtest-url regexp=\
        "^.*(get|GET).+/(speed|bandwidth).*test.*\$"

    Here’s the mangle rule to add the speed test IP to an address list.

    1
    2
    3
    4
    5
    
    /ip firewall mangle
    add action=add-dst-to-address-list address-list=speedtest-al \
        address-list-timeout=0s chain=prerouting comment=\
        "speedtest mark connection" disabled=no dst-port=80 \
        layer7-protocol=speedtest-url protocol=tcp

    Here’s the NAT statement to grab the traffic and send it to our webserver.
    Our webserver is 1.1.1.1 in this example.

    1
    2
    3
    
    /ip firewall nat
    add action=dst-nat chain=dstnat comment="" disabled=no dst-address-list=\
        speedtest-al to-addresses=1.1.1.1

    Let me close by saying I’m not advocating you lie to your users, I just did this as a proof of concept. If you had an actual internal speed test server, this might be just the sort of rule set you are looking for. The joke has now completed its journey…you can now throw the ring into the lava.

    6 Comments

    leave a comment
    1. J.J. Boyd / Nov 4 2010

      This is too fun! Thanks Greg for making the joke come to life 😉

    2. Greg / Nov 4 2010

      😉

    3. Otgooneo / Sep 8 2011

      Great!

    4. Otgooneo / Sep 8 2011

      Hello Greg, is there any way to fake speedtest.net, but not redirection? I want to add all addresses of SpeedTest.net hosts to queue exclusion list.

    5. Greg / Sep 8 2011

      @Otgooneo
      Sure. Build the address-list in the same way, only don’t add the nat rule. Instead packet mark that addressing and put it in its own queue.

    6. gee / May 23 2012

      this is great useit for my own testing and fault finding from our hisites. used many of your articals keep up the good work

    Leave a Comment

     

    *