Yeah, it was this thread and there was similarly useless rule as is (seems to be) here. It’s useless because if you want to handle only connections to router, you want to mark routing for responses and it happens in output chain (prerouting would be used for forwarded port to internal server). Otherwise there’s nothing wrong with prerouting, it’s the same as it always was.
What changed is handling of packets with routing marks. Previously in v6 and initially also in v7, there was:
-
Hardcoded exception for local destinations (addresses on router). Even if there was routing table with only single default route (meaning that everything should be sent to that gateway), if destination was router’s own address, it didn’t happen. Recent v7 changed this and routing marks have maximum priority. So even if destination is local, routing mark says that it should use that other routing table => it has only one default route => packet is sent to that gateway, i.e. back to internet. It’s what happens here.
-
Routing rules could override routing marks. Not anymore. So e.g. my favourite rule that forced destinations on local subnet to use only main routing table, regardless of routing mark, no longer works:
/ip route rule
add action=lookup-only-in-table dst-address=192.168.0.0/16 table=main
Instead, you must make sure to not assign routing marks to those packets. Which is doable, but can be a bit annoying, because this was simpler.