I am using RouterOS 4.x. Currently, i do mangle most of the connection at forward chain. Undefined connection will be captured by no-mark by default. But i still see some connection have wild connection without marking as below attachment file. Why?
a lot of UDP connection are undefined
You do not have the required permissions to view the files attached to this post.
Re: a lot of UDP connection are undefined
"no-mark" means that connection do not have any mark that is why connection mark field is empty
Re: a lot of UDP connection are undefined
It is also possible to select no-mark at queue-tree. if i shape the packet with no-mark, will it work?
Re: a lot of UDP connection are undefined
All of the connections are unreplied (U). Since unreplied means connection was not established - connection mark will not apply. Not to worry however, all those connections are not passing any traffic. And if they do, (somehow conntrack missed it) you should be able to stop them with a filter to drop packets of invalid connections.
Re: a lot of UDP connection are undefined
also, those connections in the middle are directed to broadcast addresses, so you should mark (drop?) them in 'input' chain
Who is online
Users browsing this forum: dazzaling69, jwrs and 126 guests