Hi All,
I’m having some dramas with Mangle. I have two internet connections and I want to mark all HTTP traffic with a routing mark.
Doing it like this works -
2 chain=prerouting action=mark-routing new-routing-mark=to_internode passthrough=yes
protocol=tcp dst-address=0.0.0.0/0 dst-port=80
However, trying to do it like this (which should be more CPU efficient?) stops all HTTP traffic from working at all.
8 chain=prerouting action=mark-connection new-connection-mark=http_conn passthrough=yes
protocol=tcp dst-address=0.0.0.0/0 dst-port=80
9 X chain=prerouting action=mark-routing new-routing-mark=to_internode passthrough=yes
connection-mark=http_conn
Its the final rule that causes all HTTP traffic to stop working. Does anyone have any ideas what I’m doing wrong?
Cheers,
Hooper
That looks like it should work to me. My guess is that the issue is in the routing table. Can you post the touting table?
Sure!
0 A S dst-address=0.0.0.0/0 gateway=pppoe-internode
gateway-status=pppoe-internode reachable check-gateway=ping distance=1
scope=30 target-scope=10 routing-mark=to_internode
1 A S dst-address=0.0.0.0/0 gateway=pppoe-iinet
gateway-status=pppoe-iinet reachable check-gateway=ping distance=1
scope=30 target-scope=10 routing-mark=to_iinet
2 A S dst-address=0.0.0.0/0 gateway=pppoe-iinet
gateway-status=pppoe-iinet reachable check-gateway=ping distance=2
scope=30 target-scope=10
3 S dst-address=0.0.0.0/0 gateway=pppoe-internode
gateway-status=pppoe-internode reachable check-gateway=ping distance=3
scope=30 target-scope=10
4 ADC dst-address=XX.XX.XX.XX/32 pref-src=XX.XX.XX.XX
gateway=pppoe-internode gateway-status=pppoe-internode reachable
distance=0 scope=10
5 ADC dst-address=192.168.8.0/24 pref-src=192.168.8.1 gateway=bridge-local
gateway-status=bridge-local reachable distance=0 scope=10
6 ADC dst-address=XX.XX.XX.XX/32 pref-src=XX.XX.XX.XX gateway=pppoe-iinet
gateway-status=pppoe-iinet reachable distance=0 scope=10