How to Mangle internet connections for PCQ but exempt LAN traffic

Hi, I have a Mikrotik in pseudo bridge mode, connected wirelessly to a non-RouterOS AP, with a virtual WLAN2 for wireless connections on this side of the bridge.

I use three Mangle prerouting chains for PCQ:

1. For TCP connections, mark the connection as “PCQ-connection” (passthrough=yes)
2. For UDP connections, mark the connection as “PCQ-connection” (passthrough=yes)
3. Mark all PCQ-connection packets with “PCQ-packet” (passthrough=no).
   From there, a simple PCQ acts on “PCQ-packet” marks with max limits to ensure QoS for my Internet connection.

The problem with this is that it also rate limits the traffic between devices on the LAN. I tried to work around this by adding another Mangle rule above all the others to mark connections with a Dst. Address in 192.168.1.0/24 as “LAN”, with passthrough=no. But for some reason the destination address filter doesn’t work, and it detects all connections, whether to the LAN or to the WAN.

Any suggestions? Thanks.

Can you set in the Mangle Rules for DST IP !LAN? If yes, then it should ignore packets for this destination in the marking process.

Thanks for the reply. Yes, I also tried !DST rules, but they also don’t appear to be working.

Then I’d recomend contacting support with an Supout.rif if not already done so.

Thanks, already did.

Can you export how exactly do your mangle rules which “don’t work” look like?