HI,
I need to put entries into log if the mac addres start to send data (on any of ethernet port - side in).
I’m doing this with that command:
/interface bridge filter
add action=log chain=forward
dst-mac-address=01:02:03:04:05:06/FF:FF:FF:FF:FF:FF
in-interface=ether3
If I want to monitor all athernet ports I need to make couple of rules on a bridge filter.
Is there any alias of all ethernet port, something like: “…in-interface=ether*..”
br
Piotr Polok
If you want the rule to fire on ALL interfaces, just leave off the in-interface option entirely. If it’s not specified then the in-interface won’t matter. If you want to match ALL BUT ONE interface use a negation: in-interface=!ether1 means “matches if the in-interface is not ether1”. If you want to exclude two or more interfaces you need to list each interface explicitly in one rule each, there is no wildcard matching.
HI,
Thank you for the replay.
I need to monitor only all ethernet ports and not “AP,bridges,WDS”
So, there is no option to do it in one rule…?
br
Piotr Polok
As far as I know the bridge filter is only applied to interfaces that are listed in “/interface bridge port”. If that lists interfaces that you don’t to filter on you will have to enumerate interfaces in one rule each, as there are no wildcards.
OK, thak you 