Community discussions

MikroTik App
 
105547111
Member Candidate
Member Candidate
Topic Author
Posts: 135
Joined: Fri Jun 22, 2012 9:46 pm

6.30rc17 on CCR1016 multiple special dummy rules

Fri Jun 12, 2015 5:38 am

Okay seems now I have 3 example rules and growing :(

So how can you remove duplicates - all I get is unable to remove inbuilt rule. That's fine but 3 of them?

Flags: X - disabled, I - invalid, D - dynamic
0 D ;;; special dummy rule to show fasttrack counters
chain=prerouting

1 D ;;; special dummy rule to show fasttrack counters
chain=forward

2 D ;;; special dummy rule to show fasttrack counters
chain=postrouting



Only affects CCR, I have many MT 951Gs and two CRS switches

Ticket # 2015061266000075
 
User avatar
macgaiver
Forum Guru
Forum Guru
Posts: 1764
Joined: Wed May 18, 2005 5:57 pm
Location: Sol III, Sol system, Sector 001, Alpha Quadrant

Re: 6.30rc17 on CCR1016 multiple special dummy rules

Fri Jun 12, 2015 9:54 am

You can fasttrack only forward traffic, there are 4 places in firewall where you work with forward traffic
a) filter forward
b) mangle prerouting
c) mangle forward
d) mangle postrouting

In each of this places you need to inform the user that fasttrack is enabled and some traffic will not be accessible for his setup.
And it is all the same for all arhitectures, i'm looking right now on the same rules on mipsbe
 
105547111
Member Candidate
Member Candidate
Topic Author
Posts: 135
Joined: Fri Jun 22, 2012 9:46 pm

Re: 6.30rc17 on CCR1016 multiple special dummy rules

Fri Jun 12, 2015 9:50 pm

Yes I understand about fasttrack - but in this case No that's not correct, in 6.30 they have added this embedded rule it just shows fastrack 'possibility' and its not editable, removable, disable, etc.

Its a bug only for CCR as its not checking to see the rules already there its just adding another rather than checking its there before adding another. Not even the comment can be edited.

The rules physically embedded in the firmware.

Its a bad bug as I just upgraded to rc19 and it hosed the CCR. I had to ethernet boot it and recover.

It was complaining in the console over serial that the entire OS is read only

No doubt by the ever increasing read only example rule..

I'll await for this to be mentioned as fixed in the RC changelog
 
jarda
Forum Guru
Forum Guru
Posts: 7756
Joined: Mon Oct 22, 2012 4:46 pm

Re: 6.30rc17 on CCR1016 multiple special dummy rules

Sat Jul 11, 2015 1:52 pm

Yes I understand about fasttrack - but in this case No that's not correct, in 6.30 they have added this embedded rule it just shows fastrack 'possibility' and its not editable, removable, disable, etc.

Its a bug only for CCR as its not checking to see the rules already there its just adding another rather than checking its there before adding another. Not even the comment can be edited.

The rules physically embedded in the firmware.

Its a bad bug as I just upgraded to rc19 and it hosed the CCR. I had to ethernet boot it and recover.

It was complaining in the console over serial that the entire OS is read only

No doubt by the ever increasing read only example rule..

I'll await for this to be mentioned as fixed in the RC changelog
Vote against dummy rules in firewall: http://forum.mikrotik.com/viewtopic.php?f=1&t=98471

Who is online

Users browsing this forum: Bing [Bot], CGGXANNX and 75 guests