Joined: Fri Jun 05, 2009 10:52 pm

Marking traffic 80 and others

Tue Feb 12, 2008 1:10 pm

Hello MT

with reference to the link ... e_Gateways i am making some marking tarffic with different gateways i am using squid proxy another machine here is my conf

this configuration is correct all traffic out from ether2 except 80 port ?

ether 1 LAN
ether 2 WAN
ether 3 WAN

/ip firewall mangle print
chain=prerouting in-interface=ether1 protocol=tcp dst-port=80 action=mark-connection new-connection-mark=WEB-CONN passthrough=yes
chain=prerouting in-interface=ether1 connection-mark=WEB-CONN action=mark-routing new-routing-mark=WEB-ROUTE passthrough=no
chain=prerouting in-interface=ether1 action=mark-connection new-connection-mark=OTHER-CONN passthrough=yes
chain=prerouting in-interface=ether1 connection-mark=OTHER-CONN action=mark-routing new-routing-mark=OTHER-ROUTE passthrough=no

/ip firewall nat print
chain=srcnat connection-mark=WEB-CONN action=src-nat to-addresses= to-ports=0-65535
chain=srcnat connection-mark=OTHER-CONN action=src-nat to-addresses= to-ports=0-65535

/ip route print

/ip route print
0 ADC ether3
1 ADC ether1
2 ADC ether2
3 S r ether3 mark=WEB-ROUTE
4 S r ether2 mark=OTHER-ROUTE
5 s r ether2 default

