Mangle Rules [Solved]

RouterOS General
1

If I mangle a packet in prerouting and do an action=accept will this particular packet go through the forward and the postrouting chans?

hope I’m clear in my explanation.

I’ll post more details if needed

2

Yes. Look at the packet flow diagram. The packet goes through mangle many times.

3

So if I accept the packet in prerouting for it to exit the chain I’d assume I have to accept it as well in the forward chain, right?


I’m only using prerouting and forward chains so I do not need to input any rules into the postrouting chain

4

default action is accept, if you do not do anything else, there, you can entirely skip that rule.

for example if you set rule that adds new packet mark to packet, and set passthrough, and no other rule is following that one, packet will be accepted.

5

new packet flow diagram
http://wiki.mikrotik.com/wiki/Packet_Flow

6

I know that if the packet is marked and there are no other rules hitting that packet, then the packet will be accepted.

What I need is for the packet to exit the prerouting/forward chain as soon as it hits a particuar rule. So if I do (in prerouting) tcp, dst 3724, action=accept the packet will leave the chain immediately and not pass through other rules in the prerouting chain, thus minimizing the delay while the packet traverses the whole chain.

My prerouting chain is quite complex and I have a particular service which I need to minimize the packet delay by as much as I can. So I want to match that packet in mangle and exit the chain immediately. I would use change TOS but i think that in the end it would be easier this way.

Edit----
For Clarity I’m using a 2.9.50 Router OS

7

Packet Flow diagram for version 3.x can be found here.

http://wiki.mikrotik.com/wiki/Packet_Flow

8

Pls do read the thread before posting.

I know how the packet flow of the MT works.

All I’m asking is, if its is possible to let a packet immediately out of the chain once it has been actioned upon. As I’ve said my prerouting chain is complex and I want a particular packet to be to jump all other subsequent rules once its been actioned.

9

If your packet hits an accept, it’s done processing the rules in that chain. If that chain is prerouting, then the rules for forwarding and postrouting will also be executed later for the same packet. Accepting the packet in one chain doesn’t stop it from running through subsequent chains. Is that the answer you’re looking for?

10

Yes it is.

Then I’ll have to accept the packets in the forward chain in my case, so the packet exit the chain immediately.


Thanks