why mangle rure doesn't process traffic?
Posted: Mon Nov 14, 2011 9:17 pm
Hello
I suspect that mangle in RouterOS version 5.8 have some features I don't
know about, could you please help me?
I have the following addresses assigned to my interfaces at RB1200:
0 213.xx.xxx.xxx/28 213.xx.xxx.xxx ether1
1 83.xx.xxx.xxx/29 83.xx.xxx.xxx ether2
2 10.8.4.254/24 10.8.4.0 ether9
two public addresses and one private. One of the public interfaces
(ether1) is preferred default route while the other (ether2) is
activated in case when primary one is unavailable, however I need some
traffic to be NATed directly through second interface.
NATed host address is 10.8.4.36.
I did:
/ip firewall mangle print
0 chain=prerouting action=mark-routing new-routing-mark=viaIDSL
passthrough=no src-address=10.8.4.36 routing-mark=viaIDSL
but:
ip firewall mangle print stats
Flags: X - disabled, I - invalid, D - dynamic
# CHAIN
ACTION BYTES PACKETS
0 prerouting
mark-routing 0 0
it looks like mangle rule do not match any package, even if traffic for
10.8.4.36 is routed correctly (of course without other rules in nat and
routing tables)
Could you please suggest what is wrong in my assumptions?
thank you in advance
Ser@fin
I suspect that mangle in RouterOS version 5.8 have some features I don't
know about, could you please help me?
I have the following addresses assigned to my interfaces at RB1200:
0 213.xx.xxx.xxx/28 213.xx.xxx.xxx ether1
1 83.xx.xxx.xxx/29 83.xx.xxx.xxx ether2
2 10.8.4.254/24 10.8.4.0 ether9
two public addresses and one private. One of the public interfaces
(ether1) is preferred default route while the other (ether2) is
activated in case when primary one is unavailable, however I need some
traffic to be NATed directly through second interface.
NATed host address is 10.8.4.36.
I did:
/ip firewall mangle print
0 chain=prerouting action=mark-routing new-routing-mark=viaIDSL
passthrough=no src-address=10.8.4.36 routing-mark=viaIDSL
but:
ip firewall mangle print stats
Flags: X - disabled, I - invalid, D - dynamic
# CHAIN
ACTION BYTES PACKETS
0 prerouting
mark-routing 0 0
it looks like mangle rule do not match any package, even if traffic for
10.8.4.36 is routed correctly (of course without other rules in nat and
routing tables)
Could you please suggest what is wrong in my assumptions?
thank you in advance
Ser@fin