Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- /ip firewall layer7-protocol
- add name=site.ru regexp=.site.ru
- add name=www.site.ru regexp="(www|mail).site.ru"
- /ip firewall mangle
- add action=mark-connection chain=prerouting dst-address=192.168.3.1 dst-port=53 layer7-protocol=site.ru new-connection-mark=site.ru-www passthrough=no protocol=tcp
- add action=mark-connection chain=prerouting connection-mark=no-mark dst-address=192.168.3.1 dst-port=53 layer7-protocol=site.ru new-connection-mark=site.ru-fwd passthrough=yes protocol=tcp
- add action=mark-connection chain=prerouting dst-address=192.168.3.1 dst-port=53 layer7-protocol=www.site.ru new-connection-mark=site.ru-www passthrough=no protocol=udp
- add action=mark-connection chain=prerouting connection-mark=no-mark dst-address=192.168.3.1 dst-port=53 layer7-protocol=site.ru new-connection-mark=site.ru-fwd passthrough=yes protocol=udp
- /ip firewall nat
- add action=dst-nat chain=dstnat connection-mark=site.ru-fwd to-addresses=10.10.0.5
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
