Hello
I'm writting to ask what I'm doing wrong because I tried everythink with layer 7 and I can make it work!!!
First of all I introduce the script of the page http://www.mikrotik.com/download/l7-protos.rsc to insert the layer 7 rule.
The I make this rule:
0 ,,,HTTP - Layer 7
chain=prerouting src-address=x.x.x.x action=mark-packet
layer7-protocol=http new-packet-mark=HTTP passthrough=no
1 ,,,HTTP - Layer 3
chain=prerouting src-address=x.x.x.x action=mark-connection
new-connection-mark=HTTP_CON dst-port=80 protocol=tcp passthrough=yes
2 chain=prerouting action=mark-packet new-packet-mark=HTTP
connection-mark=HTTP_CON passthrough=no
Well, when I open a browser and open same pages, the layer 7 not works and mark the packets only in the rule 2, and not in roule 0 that I want!!!
If I continuous training thinks and insert all other rules with layer 7, that navigation is mark in the layer with skypeout rule is mark!!! Strange, isn't it?
Someone can say me what I'm doing wrong?
Thank
Rafael Loré

Someone can help me PLEASE!!!!!!!!

Do you have HTTP settings in 'ip firewall layer7-protocol' ? (check that you have the latest version).
As well, make sure that you need to mark HTTP traffic with layer7, as regular firewall with tcp protocol and port number 80 should work fine.

Here is comment on regexp you use* from http://l7-filter.sourceforge.net/protocols :

# this intentionally catches the response from the server rather than
# the request so that other protocols which use http (like kazaa) can be
# caught based on specific http requests regardless of the ordering of
# filters... also matches posts

Dejan

* http/(0\.9|1\.0|1\.1) [1-5][0-9][0-9] [\x09-\x0d -~]*(connection:|content-type:|content-length:|date:)|post [\x09-\x0d -~]* http/[01]\.[019]