Can an address-list reference another address-list?
example:
lan = 1.1.1.1/24
lan = 2.2.2.2/24
lan = 3.3.3.3/24
allowed = lan
Should this work? Winbox lets me enter the address-list, but a FW rule that drops (or accepts) access from address-list “allowed” doesn’t seem to work.
Not sure but as long as the list entries are valid ones, and they all have the same list name, i would hazard a quess that it would be a good rule.
My guess (as qualified as @anav’s) is that it wouldn’t work. The reason is in performance (and complexity). It seems that using address lists in firewall is quite resource friendly as RB can construct kind of address mattrix out of address list members. If address lists could be multi-layered (one list member of another one), it would either have to recursively parse lists for every packet to inspect (very ineffective) or recursively parse lists evedy time any of list membership gets changed (complex).
Go with MKX, my credits should say Faux Guru, I post a lot, but I would say on the scale of things I know didly squat.