There are two approaches used......
(1) Identify the traffic prior to fastrack.
add action=accept chain=forward connection-state=established,related,untracked in-interface=vlan101 out-interface=vlan102
add action=accept chain=forward connection-state=established,related,untracked in-interface=vlan102 out-interface=vlan101
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
connection-state=established,related hw-offload=yes
add action=accept chain=forward connection-state=established,related,untracked
2. Use NO-MARK as the identifier for traffic not involved in mangling.
As you have done. I have never done it with packet-marks, ( only connection-marks) but I imagine its also effective.
(1) Identify the traffic prior to fastrack.
add action=accept chain=forward connection-state=established,related,untracked in-interface=vlan101 out-interface=vlan102
add action=accept chain=forward connection-state=established,related,untracked in-interface=vlan102 out-interface=vlan101
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
connection-state=established,related hw-offload=yes
add action=accept chain=forward connection-state=established,related,untracked
2. Use NO-MARK as the identifier for traffic not involved in mangling.
As you have done. I have never done it with packet-marks, ( only connection-marks) but I imagine its also effective.
Statistics: Posted by anav — Sun Mar 10, 2024 1:55 am