Adding fwmark so that all ports are SNATted

[cmspam]

If you just do the setup according to your current instructions, there is a missing piece.
Although it may vary depending on MAP-E provider, in the case of JPNE (v6Plus) 240 ports are available for usage.

However, with your instructions, only the first set of ports will be used. In the case of JPNE/v6plus, this is only 15 ports. Therefore, once the ports are used up, it will be impossible to make connections because it doesn't SNAT to the other sets of ports.

This is the reason that sites like https://www.nichiban.co.jp/ which open a lot of sessions and use a lot of ports will have issues.

The Japanese community has worked around this by implementing iptables /nftables rules which mark round-robin, a fwmark between 0xa and 0x18 in the prerouting table, then implement in the map.sh script a mark checking and routing using the corresponding port set. I have personally noticed it makes a big difference and solves the above-mentioned issues.

I think it would be good to add information and instructions to this, if this is to be the English resource for using OpenWRT with Japanese Map-E.

I can provide the following map.sh file and firewall.user file which are compatible with fw4, and fix the issues with both not SNAT-ing to all the ports, and also fix ping on fw4. It works well with JPNE / v6plus, but I haven't an opportunity to use it with other Map-E providers, which may have different port count, in which case the firewall.user script would need modifications.

It would also be necessary to run the firewall.user file which requires the addition of the following to /etc/config/firewall

config include
option path '/etc/firewall.user'
option fw4_compatible '1'

map.sh.txt
firewall.user.txt

[fakemanhk]

Correct, I looked carefully to firewall rules and checked traffic counter and I observed that only 1st set of 16 ports were used.