Problem marking packets and connections...

camera1762 · February 25, 2010, 7:13pm

Hello all, I have an RB600 fully populated with a mix of XR2s and R52Hs (wlan1 through wlan4).

Additionally I have a bridged configuration between wlans and ether1. My Proxy/Firewall server that grants access to the internet connects to ether1.

Ok, I just have some issues trying to mark p2p packets and p2p connections coming from/to the wlan interfaces (CPEs eventually).

Is the firewall fully active when using the RB in a bridged configuration? If so, What could be wrong? because when I complement the p2p type of traffic (check the NOT checkbox), packets begin to be accounted in the marking rule…

Any help will be appreciated.

Best regards.

Lonecrow · February 26, 2010, 3:00pm

Gotta check “passthrough” on the first rule to allow it to continue to the next p2p rule.

camera1762 · February 26, 2010, 3:29pm

Oh!, it is checked by the way. The Marking rules are set up as follows:

Packet Marking Rule
Chain: Prerouting
P2P: all_p2p
Action: mark packet
New packet mark: p2p
Pasthrough: checked

Connection Marking Rule
Chain: Prerouting
P2P: all_p2p
Action: mark connection
New Connection Type: p2p_connection
Pasthrough: checked

Regards.