Delete all firewall address-list with one command

planetcaravan · June 21, 2019, 9:50am

Hi there,

Is there any possibility to delete with only one command ALL address lists present into the firewall?

Jotne · June 21, 2019, 10:13am

Do mean connections?

Did you see this post, posted yesterday?

http://forum.mikrotik.com/t/script-to-clear-all-firewall-connections/131000/1

planetcaravan · June 21, 2019, 10:41am

not connections, but all address list entry

Jotne · June 21, 2019, 10:58am

This should do and its close to the command in the other post I did posted.

/ip firewall address-list remove [find]

Take care, this deletes all entries from all lists.

To delete one list, do this:

/ip firewall address-list remove [find where list=your_list]

planetcaravan · June 22, 2019, 2:00pm

Hello and thanks for your answer.

I tried both your command
Last test I did:

/ip firewall address-list remove [find where list="TEST-IP"]

Many times I got this error:
no such item (4)

I’ve noticed that using this command not ALL IPs of that address-list were deleted.
Each time I repeat the same command, new IPs were deleted.
Is it my fault?
I’m using 6.42.11 version

planetcaravan · November 7, 2019, 11:28am

Still having this probelm even with 6.44.6

no such item (4)

msatter · November 7, 2019, 11:34am

:do { /ip firewall address-list remove [find where list="TEST-IP"] } on-error={}

This will ignore the no such item.

I hope that you are using a more recent release of RouterOS and don’t forget to make backups from your configuration.

planetcaravan · November 7, 2019, 11:42am

Thanks for your kind answer

This code is still not deleting all address lists

:do { /ip firewall address-list remove [find] } on-error={}

Most of the entries remains after entering the command

msatter · November 7, 2019, 12:09pm

I can’t try it but you can.

/ip firewall address-list remove

planetcaravan · November 7, 2019, 12:12pm

Thanks again but it is asking number

[admin@ROUTER] > /ip firewall address-list remove
numbers:

tomaskir · November 7, 2019, 12:12pm

The issue is command scope.
If you run the command under “/” (command root scope) find will run there.
You either need to specify scope, or enter the “/ip firewall address-list” scope.

/ip firewall address-list remove [/ip firewall address-list find list=list_name]

Or

/ip firewall address-list
remove [find list=list_name]

msatter · November 7, 2019, 12:26pm

As lines in script?:

/ip firewall address-list
do: { remove [find]  } on-error={}

tomaskir · November 7, 2019, 12:40pm

You don’t need to do error handling on address list removal.
If you want to remove ALL entries rather than just entries from a single list, simply do:

/ip firewall address-list remove [/ip firewall address-list find]

or

/ip firewall address-list
remove [find]

planetcaravan · November 7, 2019, 1:04pm

Last command seems work better but some entries are not deleted.
I did a video: https://gfycat.com/bravewealthygermanpinscher

tomaskir · November 7, 2019, 2:41pm

This is because you have some dns-based entried in your list.
These create dynamic address-list entries that normally can’t be deleted.

Here is a command that takes that into account:

/ip firewall address-list
remove [find dynamic=no]

Dynamic entries are automatically deleted when their “parent” dns-based entry is deleted.
That should sort it out for you.

planetcaravan · November 7, 2019, 3:53pm

IT WORKS!

I’ve used this command on a single line

/ip firewall address-list remove [find dynamic=no]

It delete ALL 1200 address list (even dynamic) without any error.

Thanks!!

tomaskir · November 7, 2019, 4:40pm

For a single line you need to use

/ip firewall address-list remove [/ip firewall address-list find dynamic=no]

Otherwise this will not work if you execute it from root context “/”.

planetcaravan · November 7, 2019, 4:43pm

I’ve used

/ip firewall address-list remove [find dynamic=no]

from / context and it worked good.