diff --git a/netfilter-helper/interface-to-ipset.go b/netfilter-helper/interface-to-ipset.go
index aafc187..d14badb 100644
--- a/netfilter-helper/interface-to-ipset.go
+++ b/netfilter-helper/interface-to-ipset.go
@@ -75,6 +75,11 @@ func (r *IfaceToIPSet) PutIPTable(table string) error {
 				return fmt.Errorf("failed to create rule: %w", err)
 			}
 
+			err = r.IPTables.AppendUnique("mangle", preroutingChainName, "-m", "set", "--match-set", r.IPSetName, "dst", "-j", "CONNMARK", "--save-mark")
+			if err != nil {
+				return fmt.Errorf("failed to create rule: %w", err)
+			}
+
 			err = r.IPTables.AppendUnique("mangle", "PREROUTING", "-j", preroutingChainName)
 			if err != nil {
 				return fmt.Errorf("failed to append rule to PREROUTING: %w", err)