У меня есть 4 connection mark:
1)torrent
2)other
3)отсутствие марки
4)111-когда-то была такая марка, и теперь я её вижу в при выборе марки в winbox, но при экспорте конфига её нигде не видно.
Судя по логике счётчик пакетов\байт на последнем правиле с действие passtrought(см правила в конце списка) не может быть отличным от нуля если на правилах выше счётчик на нуле. (и да если вы вспомните по марку 111, я добавлял правило с фильтром по 111 ничего не поменялось) А по факту как раз счётчик последнего правила растёт, а первых нет. Как будто существуют пакеты с другими connection mark.
Я где-то накосячил или нарвался на баг?
/ip firewall mangle
Код: Выделить всё
add action=mark-connection chain=prerouting comment=\
"Torrent connection input TCP" connection-state=new dst-address=\
109.95.219.210 dst-port=6881-7000,50002,50009 in-interface-list=Internet \
new-connection-mark=torrent passthrough=yes protocol=tcp src-address=\
!192.168.0.0/16
add action=mark-connection chain=prerouting comment=\
"Torrent connection input UDP" connection-state=new dst-address=\
109.95.219.210 dst-port=6881-7000,50002,50009 in-interface-list=Internet \
new-connection-mark=torrent passthrough=yes protocol=udp src-address=\
!192.168.0.0/16
add action=mark-connection chain=prerouting comment=\
"Torrent connection out TCP" connection-state=new dst-address=\
!192.168.66.0/24 in-interface=LAN-bridge new-connection-mark=torrent \
passthrough=yes protocol=tcp src-address=192.168.66.0/24 src-port=\
6881-7000,50002,50009
add action=mark-connection chain=prerouting comment=\
"Torrent connection out UDP" connection-state=new dst-address=\
!192.168.66.0/24 in-interface=LAN-bridge new-connection-mark=torrent \
passthrough=yes protocol=udp src-address=192.168.66.0/24 src-port=\
6881-7000,50002,50009
add action=mark-routing chain=prerouting comment=\
"Torrent routing by connection mark" connection-mark=torrent \
new-routing-mark=torrent passthrough=no
add action=mark-connection chain=prerouting comment="other connection" \
connection-mark=no-mark connection-state=new in-interface-list=Internet \
new-connection-mark=other passthrough=no
add action=mark-packet chain=input comment="wan input" in-interface=\
WAN-ether1 new-packet-mark="other in" passthrough=no
add action=mark-connection chain=forward comment="other connection" \
connection-mark=no-mark connection-state=new new-connection-mark=other \
out-interface-list=Internet passthrough=yes
add action=mark-packet chain=forward comment="torrent out" connection-mark=\
torrent new-packet-mark="torrent out" out-interface=WAN-ether1 \
passthrough=no
add action=mark-packet chain=forward comment="torrent in" connection-mark=\
torrent in-interface=WAN-ether1 new-packet-mark="torrent in" passthrough=\
no
add action=mark-packet chain=forward comment="other in out" connection-mark=\
other in-interface-list=Internet new-packet-mark="other in out" \
out-interface-list=Internet passthrough=no
add action=mark-packet chain=forward comment="other in" connection-mark=other \
in-interface-list=Internet new-packet-mark="other in" passthrough=no
add action=mark-packet chain=forward comment="other out" connection-mark=\
other new-packet-mark="other out" out-interface-list=Internet \
passthrough=no
add action=mark-packet chain=forward comment=\
"other out no connection mark check" new-packet-mark="other out" \
out-interface=WAN-ether1 passthrough=no
add action=passthrough chain=forward comment="connection mark no-mark" \
connection-mark=no-mark log=yes log-prefix="mangle forward 222"
add action=passthrough chain=forward comment="connection mark-other" \
connection-mark=other log=yes log-prefix="mangle forward 222"
add action=passthrough chain=forward comment="connection mark-torrent" \
connection-mark=torrent log=yes log-prefix="mangle forward 222"
add action=passthrough chain=forward comment="connection mark-undefined" log=\
yes log-prefix="mangle forward connection mark undefined"
add action=mark-packet chain=output comment="wan output" new-packet-mark=\
"other out" out-interface=WAN-ether1 passthrough=no