Hello.
I implemented this solution to block traffic between my subnets (I have 6 of them) using addresses lists, and it works. However, when I try to make an exception rule to allow traffic between a subnet and a specific IP on another subnet, and I put this rule higher in the firewall filters list, it does not work. Thoughts?
/ip firewall filter
add action=accept chain=forward comment="allow serverx from subnet3" dst-address=10.6.0.151 src-address=10.8.0.0/23
add action=drop chain=forward comment="subnets insulation" dst-address-list=Subnets src-address-list=Subnets
/ip firewall address-list
add address=10.5.0.0/24 list=Subnets
add address=10.6.0.0/24 list=Subnets
add address=10.8.0.0/23 list=Subnets