TCP per connection failover

Hi!
I have a fast, but not very good ISP, some web sites not opens with syn_sent. I have a VPN connection, thru wich theese websites work fine. It would be nice to add each (fail to connect) IP-address automaticly to address list to apply the routing mark on next connection to this IP. How this can be done with RouterOS?

1. forward to IP xxx (tcp 80/443)
2. Tcp connection failed (no responce from xxx)
3. Add xxx to “thru VPN” Address list.
   “re-trying to forward failed tcp connectrions to other gateway”.
   May be possible to match in filter or mangle syn_sent but not establised tcp connections?
   Can anybody help? Thanks.

I suppose it’s possible with scripting

Not very graceful, but working solution:

/ip firewall filter
 add action=add-dst-to-address-list address-list=tcp1 address-list-timeout=5s chain=forward  dst-port=443,80 out-interface=wan1 protocol=tcp tcp-flags=syn
 add action=add-dst-to-address-list address-list=tcp2 address-list-timeout=1s chain=forward  dst-port=443,80 out-interface=wan1 protocol=tcp tcp-flags=syn
 add action=add-src-to-address-list address-list=tcp2 address-list-timeout=10s chain=forward in-interface=wan1 protocol=tcp src-port=443,80 tcp-flags=syn
/ip firewall mangle
 add action=mark-routing chain=prerouting dst-address-list=tcp1 new-packet-mark=tcp1 passthrough=yes protocol=tcp
 add action=add-dst-to-address-list address-list=vpn address-list-timeout=12h chain=prerouting dst-address-list=!tcp2 packet-mark=tcp1

• Adding new connections IP for 5s (may be longer) in tcp1 and for 1s in tcp2;
• Add any respond host in tcp2 for 10s (must be loger then tcp1);
• In the mangle add any host from tcp1, but not existent in tcp2 (not respond) to vpn list.
  After that I can apply routing-mark to ip from vpn list.
  Can anybody do it better? )