hey all,
anyone got suggestions for how to set a flow with more than one mark?
my current challenge is that I am marking some users with “hs-auth” to bypass the hotspot, however I would also like to mark them in some way to provide bandwidth shaping (for example, PCQ which would require a different flow-mark).
any suggestions?
thanks.
I have the same problem… how to remark-flow a packet with hotspot service? when i add a rule in mangle to remark-flow a packet with destination port 110 to after speed up this with a queue tree, i lost totally the pop3 connection… i try doing a mark-connection before but a problem persist…
Any suggestion?
Thanks and regards
I almost had it before I made my first post, I didn’t realize I was missing just one thing!
You can add firewall rules to allow multiple flows to bypass the hotspot.
Create a rule in the “hotspot-temp” chain to return if the flow is marked with a certain name (look at the return if authorized example). Make sure this rule is above the reject (reject unauthorized clients) rule.
Create an “accept” rule in the destination nat table if the flow contains the mark. Make sure this is after any custom rules you have but before the redirect (redirect unauthorized clients) rule.
After creating those 2 custom rules you can create a mangle rule to mark the flow as desired and it will by pass the hotspot redirects automatically.
-Rob