0  D chain=forward action=change-mss new-mss=1440 passthrough=yes tcp-flags=syn 
      protocol=tcp out-interface=all-ppp tcp-mss=1441-65535 log=no 
      log-prefix="" 

 1  D chain=forward action=change-mss new-mss=1420 passthrough=yes tcp-flags=syn 
      protocol=tcp in-interface=all-ppp tcp-mss=1421-65535 log=no log-prefix="" 

 2    chain=prerouting action=accept src-address-list=LAN dst-address-list=LAN 
      log=no log-prefix="" 

 3    chain=forward action=mark-connection new-connection-mark=ISP1_conn 
      passthrough=no in-interface=pppoe-out1 EL connection-mark=no-mark log=no 
      log-prefix="" 

 4    chain=forward action=mark-connection new-connection-mark=ISP2_conn 
      passthrough=no in-interface=pppoe-out2 EL connection-mark=no-mark log=no 
      log-prefix="" 

 5    chain=forward action=mark-connection new-connection-mark=ISP3_conn 
      passthrough=no in-interface=pppoe-out3 Or connection-mark=no-mark log=no 
      log-prefix="" 

 6    chain=forward action=mark-connection new-connection-mark=ISP4_conn 
      passthrough=no in-interface=pppoe-out4 Or connection-mark=no-mark log=no 
      log-prefix="" 

 7    chain=prerouting action=mark-connection new-connection-mark=ISP1_conn 
      passthrough=yes in-interface=pppoe-out1 EL connection-mark=no-mark log=no 
      log-prefix="" 

 8    chain=prerouting action=mark-connection new-connection-mark=ISP2_conn 
      passthrough=yes in-interface=pppoe-out2 EL connection-mark=no-mark log=no 
      log-prefix="" 

 9    chain=prerouting action=mark-connection new-connection-mark=ISP3_conn 
      passthrough=yes in-interface=pppoe-out3 Or connection-mark=no-mark log=no 
      log-prefix="" 

10    chain=prerouting action=mark-connection new-connection-mark=ISP4_conn 
      passthrough=yes in-interface=pppoe-out4 Or connection-mark=no-mark log=no 
      log-prefix="" 

11    chain=prerouting action=jump jump-target=policy_routing 
      in-interface=LAN ether10 connection-mark=no-mark log=no log-prefix="" 

12    chain=prerouting action=mark-routing new-routing-mark=ISP1_traffic 
      passthrough=yes src-address-list=LAN connection-mark=ISP1_conn log=no 
      log-prefix="" 

13    chain=prerouting action=mark-routing new-routing-mark=ISP2_traffic 
      passthrough=yes src-address-list=LAN connection-mark=ISP2_conn log=no 
      log-prefix="" 

14    chain=prerouting action=mark-routing new-routing-mark=ISP3_traffic 
      passthrough=yes src-address-list=LAN connection-mark=ISP3_conn log=no 
      log-prefix="" 

15    chain=prerouting action=mark-routing new-routing-mark=ISP4_traffic 
      passthrough=yes src-address-list=LAN connection-mark=ISP4_conn log=no 
      log-prefix="" 

16    chain=output action=mark-routing new-routing-mark=ISP1_traffic 
      passthrough=yes connection-mark=ISP1_conn log=no log-prefix="" 

17    chain=output action=mark-routing new-routing-mark=ISP2_traffic 
      passthrough=yes connection-mark=ISP2_conn log=no log-prefix="" 

18    chain=output action=mark-routing new-routing-mark=ISP3_traffic 
      passthrough=yes connection-mark=ISP3_conn log=no log-prefix="" 

19    chain=output action=mark-routing new-routing-mark=ISP4_traffic 
      passthrough=yes connection-mark=ISP4_conn log=no log-prefix="" 

20    chain=policy_routing action=mark-connection new-connection-mark=ISP1_conn 
      passthrough=yes dst-address-type=!local 
      per-connection-classifier=both-addresses:4/0 log=no log-prefix="" 

21    chain=policy_routing action=mark-connection new-connection-mark=ISP2_conn 
      passthrough=yes dst-address-type=!local 
      per-connection-classifier=both-addresses:4/1 log=no log-prefix="" 

22    chain=policy_routing action=mark-connection new-connection-mark=ISP3_conn 
      passthrough=yes dst-address-type=!local 
      per-connection-classifier=both-addresses:4/2 log=no log-prefix="" 

23    chain=policy_routing action=mark-connection new-connection-mark=ISP4_conn 
      passthrough=yes dst-address-type=!local 
      per-connection-classifier=both-addresses:4/3 log=no log-prefix=""

 0    chain=srcnat action=masquerade out-interface=pppoe-out1 EL log=no 
      log-prefix="" 

 1    chain=srcnat action=masquerade out-interface=pppoe-out2 EL log=no 
      log-prefix="" 

 2    chain=srcnat action=masquerade out-interface=pppoe-out3 Or log=no 
      log-prefix="" 

 3    chain=srcnat action=masquerade out-interface=pppoe-out4 Or log=no 
      log-prefix="" 

 #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
 0 A S  0.0.0.0/0                          pppoe-out1 EL             1
 1 A S  0.0.0.0/0                          pppoe-out2 EL             1
 2 A S  0.0.0.0/0                          pppoe-out3 Or             1
 3 A S  0.0.0.0/0                          pppoe-out4 Or             1
 4 A S  0.0.0.0/0                          pppoe-out1 EL             7
 5   S  0.0.0.0/0                          pppoe-out2 EL             8
 6   S  0.0.0.0/0                          pppoe-out3 Or             9
 7   S  0.0.0.0/0                          pppoe-out4 Or            10
 8 ADS  0.0.0.0/0                          10.10.10.1                0
 9  DS  0.0.0.0/0                          10.10.10.1                0
10  DS  0.0.0.0/0                          10.10.10.1                0
11  DS  0.0.0.0/0                          10.10.10.1                0
12   S  0.0.0.0/0                          pppoe-out1 EL             2
13   S  0.0.0.0/0                          pppoe-out2 EL             3
14   S  0.0.0.0/0                          pppoe-out3 Or             4
15   S  0.0.0.0/0                          pppoe-out4 Or             5
16 ADC  10.10.10.1/32      10.204.19.243   pppoe-out3 Or             0
                                           pppoe-out2 EL     
                                           pppoe-out4 Or  

/ip route
add check-gateway=arp distance=1 gateway=pppoe-out1 routing-mark=ISP1_traffic
add check-gateway=arp distance=1 gateway=pppoe-out2 routing-mark=ISP2_traffic
add check-gateway=arp distance=1 gateway=pppoe-out3 routing-mark=ISP3_traffic
add check-gateway=arp distance=1 gateway=pppoe-out4 routing-mark=ISP4_traffic
add check-gateway=arp distance=2 gateway=pppoe-out1
add check-gateway=arp distance=3 gateway=pppoe-out2
add check-gateway=arp distance=4 gateway=pppoe-out3
add check-gateway=arp distance=5 gateway=pppoe-out4

/ip firewall mangle
add chain=prerouting dst-address-list=LAN src-address-list=LAN

/ip firewall mangle
add action=mark-connection chain=forward connection-mark=no-mark \ in-interface=pppoe-out1 new-connection-mark=ISP1_conn passthrough=no
add action=mark-connection chain=forward connection-mark=no-mark \ in-interface=pppoe-out2 new-connection-mark=ISP2_conn passthrough=no
add action=mark-connection chain=forward connection-mark=no-mark \ in-interface=pppoe-out3 new-connection-mark=ISP3_conn passthrough=no
add action=mark-connection chain=forward connection-mark=no-mark \ in-interface=pppoe-out4 new-connection-mark=ISP4_conn passthrough=no

/ip firewall mangle
add action=mark-connection chain=prerouting connection-mark=no-mark \ in-interface=pppoe-out1 new-connection-mark=ISP1_conn
add action=mark-connection chain=prerouting connection-mark=no-mark \ in-interface=pppoe-out2 new-connection-mark=ISP2_conn
add action=mark-connection chain=prerouting connection-mark=no-mark \ in-interface=pppoe-out3 new-connection-mark=ISP3_conn
add action=mark-connection chain=prerouting connection-mark=no-mark \ in-interface=pppoe-out4 new-connection-mark=ISP4_conn

/ip firewall mangle
add action=jump chain=prerouting connection-mark=no-mark in-interface=LAN \ jump-target=policy_routing

/ip firewall mangle
add action=mark-routing chain=prerouting connection-mark=ISP1_conn \ new-routing-mark=ISP1_traffic src-address-list=LAN
add action=mark-routing chain=prerouting connection-mark=ISP2_conn \ new-routing-mark=ISP2_traffic src-address-list=LAN
add action=mark-routing chain=prerouting connection-mark=ISP3_conn \ new-routing-mark=ISP3_traffic src-address-list=LAN
add action=mark-routing chain=prerouting connection-mark=ISP4_conn \ new-routing-mark=ISP4_traffic src-address-list=LAN

/ip firewall mangle
add action=mark-routing chain=output connection-mark=ISP1_conn \ new-routing-mark=ISP1_traffic
add action=mark-routing chain=output connection-mark=ISP2_conn \ new-routing-mark=ISP2_traffic
add action=mark-routing chain=output connection-mark=ISP3_conn \ new-routing-mark=ISP3_traffic
add action=mark-routing chain=output connection-mark=ISP4_conn \ new-routing-mark=ISP4_traffic

/ip firewall mangle
add action=mark-connection chain=policy_routing dst-address-type= !local \ new-connection-mark=ISP1_conn per-connection-classifier=\ both-addresses:4/0
add action=mark-connection chain=policy_routing dst-address-type= !local \ new-connection-mark=ISP2_conn per-connection-classifier=\ both-addresses:4/1
add action=mark-connection chain=policy_routing dst-address-type= !local \ new-connection-mark=ISP3_conn per-connection-classifier=\ both-addresses:4/2
add action=mark-connection chain=policy_routing dst-address-type= !local \ new-connection-mark=ISP4_conn per-connection-classifier=\ both-addresses:4/3

/ip route
add check-gateway=arp distance=1 gateway=pppoe-out1 routing-mark=ISP1_traffic
add check-gateway=arp distance=1 gateway=pppoe-out2 routing-mark=ISP2_traffic
add check-gateway=arp distance=1 gateway=pppoe-out3 routing-mark=ISP3_traffic
add check-gateway=arp distance=1 gateway=pppoe-out4 routing-mark=ISP4_traffic
add check-gateway=arp distance=2 gateway=pppoe-out1
add check-gateway=arp distance=3 gateway=pppoe-out2
add check-gateway=arp distance=4 gateway=pppoe-out3
add check-gateway=arp distance=5 gateway=pppoe-out4

/ip route
add check-gateway=arp disabled=no distance=7 dst-address=0.0.0.0/0 gateway=\ pppoe-out1 routing-mark=HTTPS scope=30 target-scope=10
add check-gateway=arp disabled=no distance=8 dst-address=0.0.0.0/0 gateway=\ pppoe-out2 routing-mark=HTTPS scope=30 target-scope=10
add check-gateway=arp disabled=no distance=9 dst-address=0.0.0.0/0 gateway=\ pppoe-out3 routing-mark=HTTPS scope=30 target-scope=10
add check-gateway=arp disabled=no distance=10 dst-address=0.0.0.0/0 gateway=\ pppoe-out4 routing-mark=HTTPS scope=30 target-scope=10

/ip firewall nat
add action=dst-nat chain=dstnat comment=\ "Port Forward tcp80 to Mail Server 192.168.1.10" dst-port=80 \ in-interface=!LAN protocol=tcp to-addresses=192.168.1.10 to-ports=80
add action=dst-nat chain=dstnat comment=\ "Port Forward tcp443 to Mail Server 192.168.1.10" dst-port=443 \ in-interface=!LAN protocol=tcp to-addresses=192.168.1.10 to-ports=443

/ip firewall mangle
add action=mark-routing chain=prerouting disabled=no dst-port=443 \ new-routing-mark=HTTPS passthrough=no protocol=tcp

  ValuesToHash ::= both-addresses|both-ports|dst-address-and-port|
  src-address|src-port|both-addresses-and-ports|dst-address|dst-port|src-address-and-port