Page 1 of 1

Mangle traffic from ethernet port in a bridge dedicated to WIFI AP

Posted: Wed Jul 31, 2019 10:52 am
by Technetium
I have connected the WiFi access point to one ethernet port (ether5) that is in the lan bridge "Bridge".
I want mark all connections from the AP (on ether5) to route all to a specified WAN.
/ip firewall mangle
add action=accept chain=prerouting comment="Accept da WAN1" dst-address=\
    10.1.1.0/24
add action=accept chain=prerouting comment="Accept da WAN2" dst-address=\
    10.2.2.0/24
	
	
add action=mark-connection chain=prerouting connection-mark=no-mark \
    in-interface=WAN1 new-connection-mark=WAN1 passthrough=yes
add action=mark-connection chain=prerouting connection-mark=no-mark \
    in-interface=WAN2 new-connection-mark=WAN2 passthrough=yes

add action=mark-routing chain=prerouting connection-mark=WAN1 in-interface=\
    bridge new-routing-mark=WAN1-mark passthrough=yes
add action=mark-routing chain=prerouting connection-mark=WAN2 in-interface=\
    bridge new-routing-mark=WAN2-mark passthrough=yes

add action=mark-connection chain=forward in-interface=WAN1 new-connection-mark=WAN1
add action=mark-connection chain=forward in-interface=WAN2 new-connection-mark=WAN2

when i add
add action=mark-connection chain=prerouting connection-mark=no-mark \
    in-interface=ether9 new-connection-mark=WAN1 passthrough=yes
Mangle color the rule in red and give the message "use master-port bridge instead"

How can i have the ethernet AP in the LAN and mark all connections coming through this interface with WAN1?