Answer the question
In order to leave comments, you need to log in
O
O
Oleg2021-01-18 10:00:47
Oleg, 2021-01-18 10:00:47
Why do packets go in one case, and not in the second?
Hello.
/ip firewall mangle
add action=mark-connection chain=prerouting new-connection-mark=Test-conn \
passthrough=yes
add action=mark-routing chain=prerouting connection-mark=Test-conn \
new-routing-mark=to-gre passthrough=yes src-address=192.168.100.0/24/ip firewall mangle
add action=mark-connection chain=prerouting new-connection-mark=Test-conn \
passthrough=yes src-address=192.168.100.0/24
add action=mark-routing chain=prerouting connection-mark=Test-conn \
new-routing-mark=to-gre passthrough=yesThe second option, with the src-address in the connection mark, does not allow traffic. It is not available on clients.
But as soon as you transfer the address to the route marking, everything starts working.
Isn't that oil?
1 answer(s)
@VDT2
A
Andrey Barbolin, 2021-01-18 @VDT2
https://wiki.mikrotik.com/wiki/Manual:IP/Firewall/...
Fortunately if connection tracking is enabled, we can use connection marks to optimize our setup.
Similar questions
F
E
N
E
L
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question