I have RB CCR10-16-12G and heX Lite. Both with the same setup (pppoe server, wan, lan, etc...)
When i use:
/ip firewall mangle
add action=add-src-to-address-list address-list=FACEBOOK-MANGLE-ADDRLIST address-list-timeout=none-dynamic chain=forward in-interface=ether1-wan layer7-protocol=facebook
add action=add-src-to-address-list address-list=YOUTUBE-MANGLE-ADDRLIST address-list-timeout=none-dynamic chain=forward in-interface=ether1-wan layer7-protocol=youtube
There is no leak in the address list of internet ip addresses. But, when i use:
/ip firewall mangle
add action=mark-connection chain=prerouting dst-address=public_ip in-interface=ether1-wan layer7-protocol=facebook new-connection-mark=FACEBOOK-CONN passthrough=yes
add action=add-src-to-address-list address-list=FACEBOOK-MANGLE-ADDRLIST address-list-timeout=none-dynamic chain=prerouting connection-mark=FACEBOOK-CONN disabled=yes
add action=mark-connection chain=prerouting disabled=yes in-interface=ether1-wan layer7-protocol=youtube new-connection-mark=YOUTUBE-CONN passthrough=yes
add action=add-src-to-address-list address-list=YOUTUBE-MANGLE-ADDrLIST address-list-timeout=none-dynamic chain=prerouting connection-mark=YOUTUBE-CONN disabled=yes
I have leak of internal ips to the address list created on RB1016 but not on RB750 r2
Any ideas?
Thanks.