Address List doesn't work if network address is specified

ALDev · November 14, 2011, 9:18pm

Hello,

while trying to add addresses to an address list i faced the following issue:
1- create an address list
2- Name: test_addr_list
3- address: 192.168.1.0/24

4- add a mangle rule to add addresses to the list

NO addresses will be added to the list!!!

change the address in step 3 to some ip address, for example: 192.168.1.2 and things will start working normally, ip addresses will be added to the list by the mangle rule

i have RB450G v5.8 latest firmware.

is this a bug???

another point:
webfig: entering an address/mask converts the address to network address (as documented)
winbox: entering an address/mask gives an error message

cieplik206 · November 14, 2011, 10:02pm

Working on my 5.8 Router

mmmigoro · November 14, 2011, 11:20pm

Address list works perfectly in CIDR notation.
I’m currently using cidr in add lists on v3.30, 5.6, 5.7, 5.8. Perhaps there is something wrong elsewhere (firewall rules maybe).

ALDev · November 16, 2011, 8:12pm

Thank you cieplik206 and mmmigoro for replying

i have done a fresh installation of 5.7 with default configuration. the same issue as above exists. after some testing i found that if the mask is set to 32 things work:
192.168.1.0/32
but if its set to 24 as above it doesn’t work.

Did it work for you with: address mask set to 24???

1- loaded default configuration
2- added and address list: 192.168.88.0/24
3- added a mangle rule to add src address to the list, i tested all chains
4- no addresses will be added to the list

5- changed address to: 192.168.88.0/32
things worked

lambert · November 17, 2011, 12:24am

Perhaps the addresses the mangle rule would have added are already on the list since each is one of the 256 IP addresses referenced by the 192.168.88.0/24 entry?

To experimentally verify, try using 192.168.88.0/25 and see if your mangle rule adds hosts in the 128-255 range.

ALDev · November 17, 2011, 6:56am

Thank you lambert for your reply.

In fact the list is empty except for the network address added when the list was created. the reason i loaded the default configuration was to avoid any errors done by me.

yogii · November 17, 2011, 11:17am

it is work for me.

address list also work for address/mask, why it doesn’t work depends on your configuration.
please post your configure here!

sadeghrafie · November 17, 2011, 11:49am

Hi,
It works :

lambert · November 17, 2011, 5:08pm

Thank you, sadeghrafie.

That shows, very nicely, that the mangle rule adds entries for ips not covered by the /24.

Did you try any traffic from hosts which are covered by the /24?

sadeghrafie · November 17, 2011, 5:25pm

Yes I try it. It doesn’t add the addresses which covered with the /xx subnet. But the point is when ever I disable that address list (/xx ), the single IP address will add to address list.

It means the mangle rule check active address lists and see whether the certain IP address is in the list or not then add that IP.

Chupaka · November 20, 2011, 10:50am

well, behaviour is correct: if new address is already covered by address-list, then it won’t be added

but I can’t understand, why do you need to add dynamic addresses to the list you already filled-in manually %)