gfx wrote:
你把nat的dst...(恕刪)
後來今天早上上班到公司就先想辦法"亂弄"成可連線,下面這樣它就通囉
說實在問題也不知道出在哪都不太清楚,nat部份我都沒有調整
mangle改後
/ip firewall mangle
add action=mark-routing chain=prerouting comment=\
"\A4\BA\BA\F4\B3s\BDu\B0|\A4\BA\BA\F4\B8\F4\BC\D0\B0O" dst-address-list=\
poh-Net new-routing-mark=poh-make passthrough=no src-address-list=\
LAN-User
add action=mark-routing chain=prerouting dst-address-list=LAN-User \
new-routing-mark=poh-make passthrough=no protocol=icmp \
src-address-list=poh-Net
add action=mark-routing chain=prerouting comment=\
"\A4\BA\BA\F4\B3s\A5~\BA\F44G\BA\F4\A5d\BC\D0\B0O" dst-port=1-1024 \
new-routing-mark=lte4g-make passthrough=no protocol=tcp src-address-list=\
LAN-User
add action=mark-routing chain=prerouting dst-port=1-1024 new-routing-mark=\
lte4g-make passthrough=no protocol=udp src-address-list=LAN-User
add action=mark-connection chain=prerouting comment="\\AEa\\B8\\CCVPN\\B3s\\BDu" \
dst-address-list=home-vpn dst-port=1723 new-connection-mark=lte-comm \
passthrough=no protocol=tcp src-address-list=LAN-User
add action=mark-routing chain=prerouting connection-mark=lte-comm \
dst-address-list=home-vpn new-routing-mark=lte4g-make passthrough=no \
src-address-list=LAN-User
