I would actually use one bridge and two vlans and then queue the single vlan.
as for the ruleset would do this... accept the vlan traffic prior to fastrack rule......
Thus the fastrack rule will not be reached or seen and thus NOT executed for queued traffic but will work fine for the other vlan traffic.
add action=accept chain=forward connection-state=established,related,untracked dst-address=vlansubnet
add action=accept chain=forward connection-state=established,related,untracked src-address=vlansubnet
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
connection-state=established,related hw-offload=yes
add action=accept chain=forward comment=\
"defconf: accept established,related, untracked" connection-state=\
established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" \
connection-state=invalid
as for the ruleset would do this... accept the vlan traffic prior to fastrack rule......
Thus the fastrack rule will not be reached or seen and thus NOT executed for queued traffic but will work fine for the other vlan traffic.
add action=accept chain=forward connection-state=established,related,untracked dst-address=vlansubnet
add action=accept chain=forward connection-state=established,related,untracked src-address=vlansubnet
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
connection-state=established,related hw-offload=yes
add action=accept chain=forward comment=\
"defconf: accept established,related, untracked" connection-state=\
established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" \
connection-state=invalid
Statistics: Posted by Mesquite — Mon Feb 19, 2024 8:14 pm