Hello.
I’m triying to collect the addressess of some services (e.g. facebook) into an address list. I added rule in /ip/firewall/mangle as follows:
/ip/firewall/mangle add chain=forward content=“.facebook.com” action=add-dst-to-address-list address-list=“Facebook” address-list-timeout=4m log
It produces the following log output:
forward: in:ether4_WAN out:bridge, connection-state:established,snat src-mac [edited], proto UDP, 31.13.93.26:443->192.168.88.21:35964, NAT 31.13.93.26:443->(148.205.177.136:35964->192.168.88.21:35964), len 1257
And client IP address (i.e. local LAN address) is added to the address list. If I change “action=add-dst-to-address-list” to “action=add-src-to-address-list” destination address (i.e. a facebook address) is added to the list.
I understand add-dst-to-address-list referes to the destination address of the package (an external address, facebook on my example) but maybe I’m missunderstanding the way mangle works.
I’m running RouterOS v7.19.1 on a hAP ax³ router.
Is this the right behavoir or is it that “add-dst-to-address-list” and “add-src-to-address-list” are swapped out?
Best regards.
V.