Apply mangle to all known traffic is what I'm currently doing and it works quite good, but avery day ports need to be opened to allow newer applications (vpns, custom applications, voip, ...).
Actually I do mangle as follows:
## known traffic-->mark connection(known)-->mark packet(known)-->mark routing(known)
##unknown traffic-->mark connection(!=known)-->mark packet (unknown)
all unknown traffic goes through default gateway and is shaped with a simple queue.
I would like to apply a new mark routing to unknown traffic, in order to route it to a router different from default gateway:
##unknown traffic-->mark connection(!=known)-->mark packet (unknown)-->mark routing (unknown)
Despite the fact that new mark routing rule works (it is matched), this configuration doesn't work: traffic seems not be accepted into simple queue..