PCC

RouterOS General
1

hey evry body

i have 2 wan and i work on pcc

just i wanna let specific website to be downloaded from specific wan

and if i can make that on extention it will be so nice

thanx

2

Specific site by IP: make a rule in mangle prerouting that sets the right routing mark for the WAN you want to use based on the destination IP address, set passthrough to no, and move the rule to the top of the ruleset. Can’t go by extension, that is impossible. You need to decide on the first packet of the connection, the extension isn’t known until the fourth packet at the earliest.

3

thanx alot


i trie but i cant make the rule

plz help me and write the mangle rule

thanx

4

Since what the rule exactly looks like depends on your PCC configuration you’ll have to post your PCC configuration first.

5

ok

\

ADDRESS NETWORK BROADCAST INTERFACE

0 192.168.4.100/24 192.168.4.0 192.168.4.255 wlan2
1 192.168.3.100/24 192.168.3.0 192.168.3.255 wlan1
2 10.0.0.1/24 10.0.0.0 10.0.0.255 Local


0 chain=input action=mark-connection new-connection-mark=wlan1_conn
passthrough=yes in-interface=wlan1

1 chain=input action=mark-connection new-connection-mark=wlan2_conn
passthrough=yes in-interface=wlan2

2 chain=output action=mark-routing new-routing-mark=wlan1 passthrough=yes
connection-mark=wlan1_conn

3 chain=output action=mark-routing new-routing-mark=wlan2 passthrough=yes
connection-mark=wlan2_conn

4 ;;; 1
chain=prerouting action=mark-connection new-connection-mark=wlan1_conn
passthrough=yes dst-address-type=!local in-interface=Local
per-connection-classifier=both-addresses-and-ports:3/0

5 ;;; 1
chain=prerouting action=mark-connection new-connection-mark=wlan1_conn
passthrough=yes dst-address-type=!local in-interface=Local
per-connection-classifier=both-addresses-and-ports:3/1

6 ;;; 1
chain=prerouting action=mark-connection new-connection-mark=wlan2_conn
passthrough=yes dst-address-type=!local in-interface=Local
per-connection-classifier=both-addresses-and-ports:3/2

1 chain=input action=mark-connection new-connection-mark=wlan2_conn
passthrough=yes in-interface=wlan2

2 chain=output action=mark-routing new-routing-mark=wlan1 passthrough=yes
connection-mark=wlan1_conn

3 chain=output action=mark-routing new-routing-mark=wlan2 passthrough=yes
connection-mark=wlan2_conn

4 ;;; 1
chain=prerouting action=mark-connection new-connection-mark=wlan1_conn
passthrough=yes dst-address-type=!local in-interface=Local
per-connection-classifier=both-addresses-and-ports:3/0

5 ;;; 1
chain=prerouting action=mark-connection new-connection-mark=wlan1_conn
passthrough=yes dst-address-type=!local in-interface=Local
per-connection-classifier=both-addresses-and-ports:3/1

6 ;;; 1
chain=prerouting action=mark-connection new-connection-mark=wlan2_conn
passthrough=yes dst-address-type=!local in-interface=Local
per-connection-classifier=both-addresses-and-ports:3/2

10 chain=prerouting action=mark-routing new-routing-mark=wlan1
passthrough=yes in-interface=Local connection-mark=wlan1_conn

11 chain=prerouting action=mark-routing new-routing-mark=wlan2
passthrough=yes in-interface=Local connection-mark=wlan2_conn


\

  • blackhole, U - unreachable, P - prohibit

DST-ADDRESS PREF-SRC G GATEWAY DISTANCE IN..

0 A S 0.0.0.0/0 r 192.168.4.1 1 wlan 1 A S 0.0.0.0/0 r 192.168.3.1 1 wl..
2 A S 0.0.0.0/0 r 192.168.3.1 1 wl..
3 S 0.0.0.0/0 r 192.168.4.1 2 wl..
4 ADC 10.0.0.0/24 10.0.0.1 0 Local 5 ADC 192.168.3.0/24 192.168.3.100 0 wl..
6 ADC 192.168.4.0/24 192.168.4.100

6

To send all traffic to 1.1.1.1 via wlan1:

/ip firewall mangle
add chain=prerouting dst-address=1.1.1.1 action=mark-routing new-routing-mark=wlan1 passthrough=no

And move that to the top of the rules.

7

thanx alot it works

but small thing

every site hase dynamic ip

how can get all IP s for any site ???

8

You cannot refer to DNS names in firewall rules.