marking incoming connection

Hi,

i have 2 exit to the internet, pppoe on my ether1 and public static ip on ether2. defult route is via ppoe (ether1) and static ip which is on eth2 i am using for remote connections to LAN from the internet. when i am connecting to my static public ip, returning trafic is going through default route and that is a problem. what I need is that all traffic which came via ethe2 is returning via ether2. is there any easy solution how to fix that, marking inbound connections on ehter2 and for that marking connections create policy routing to go outsida via ether2??

if someone can put the config i`ll be very thankful…

Using mangle:

Mark connections that are incoiming on ether2

then

Mark routing to packets that belongs to that connecton that are comming from your local interface

create a new routing mark in /ip routes/


i.e.

/ip route add destination=0.0.0.0/0 gateway=your GW of eth2 routing-mark=mark1
/ip firewall mangle add chain=prerouting in-interface=eth2 action=mark-connection new-connection-mark=in_eth2
/ip firewall mangle add chain=forward in-interface=LOCAL connection-mark=in_eth2 action=mark-routing new-routing-mark=mark1

And all packets that belongs to connections initiated from eth2 will go back using eth2 interface

i tried but i get an error:

/ip firewall mangle add chain=prerouting in-interface=ether2 action=mark-connection new-connection-mark=in_eth2
/ip firewall mangle add chain=forward in-interface=LOCAL connection-mark=in_eth2 action=mark-routing new-routing-mark=mark1
failure: routing-mark allowed only in output and prerouting chains

p.s. i used my real local interface instead “LOCAL”