Code: Select all
chain=forward action=mark-connection new-connection-mark=dns_cmark passthrough=yes protocol=udp dst-port=53 log=no log-prefix=""
chain=forward action=mark-packet new-packet-mark=dns-pmark passthrough=no connection-mark=dns_cmark log=no log-prefix=""
1. Is there any way to determine the DNS connection other than through the dst port?
2. Is it correct to put my rules into the forward chain or do I need to put them into prerouting?
3. My rules do not mark responses from DNS servers
I will be very grateful for your advice.
PS. RouterBOARD 952Ui-5ac2nD RouterOS 6.49.13