/ip firewall mangle
add action=accept chain=prerouting disabled=no dst-address=10.0.1.0/24 comment="Accept da WAN1"
add action=accept chain=prerouting disabled=no dst-address=10.0.2.0/24 comment="Accept da WAN2"
#Identify which WAN interface the traffic came in
add action=mark-connection chain=prerouting connection-mark=no-mark disabled=no in-interface=WAN1 new-connection-mark=WAN1 passthrough=yes
add action=mark-connection chain=prerouting connection-mark=no-mark disabled=no in-interface=WAN2 new-connection-mark=WAN2 passthrough=yes
#PCC
add action=mark-connection chain=prerouting connection-mark=no-mark disabled=no dst-address-type=!local in-interface=bridge new-connection-mark=WAN1 passthrough=yes per-connection-classifier=both-addresses:2/0 comment="PCC stream WAN1"
add action=mark-connection chain=prerouting connection-mark=no-mark disabled=no dst-address-type=!local in-interface=bridge new-connection-mark=WAN2 passthrough=yes per-connection-classifier=both-addresses:2/1 comment="PCC stream WAN2"
#Connection routing mark prerouting chain
add action=mark-routing chain=prerouting connection-mark=WAN1 disabled=no in-interface=bridge new-routing-mark=WAN1-mark passthrough=yes
add action=mark-routing chain=prerouting connection-mark=WAN2 disabled=no in-interface=bridge new-routing-mark=WAN2-mark passthrough=yes
#Connection routing mark output chain
add action=mark-routing chain=output connection-mark=WAN1 disabled=no new-routing-mark=WAN1-mark passthrough=yes
add action=mark-routing chain=output connection-mark=WAN2 disabled=no new-routing-mark=WAN2-mark passthrough=yes
Now I've added in the LAN a VoIP PBX to test it.
Obviously, the traffic to and from the VoIP (IP 192.168.1.100) don't have to be processed by PCC and the PBX had to be forced to use only one wan.
Which rule I can add to force VoIP PBX to use only one WAN?