Hello,
In nftables or iptables language, what could be the equivalent of Mikrotik’s connection-mark=no-mark ?
Semantic: “if an un- marked packet is received in interface ISP_1, then add mark it with 17 mark”
/ip firewall mangle
MT implementation
addchain=input connection-mark=no-mark in-interface=ISP_1 action=mark-connection new-connection-mark=17
nftables implementation
add rule ip mangle input iifname “ens3.932” meta FOOBAR meta mark set 17
What shall I replace FOOBAR with to get something strictly equivalent of MT implementation ?
In other words, what is default mark in Linux ? Is it 0 ? Is it 1 ? Something else ?
Cheers
PS: Please, apologize if this is a bit Off-Topic but, given the high number of factor that may influence my lab testing, help from experienced readers would be be of great value.