Consider the following firewall rule:
add action=jump chain=forward connection-limit=190,32
connection-state=new jump-target=connflood protocol=udp
time=5h-23h59m59s,sun,mon,tue,wed,thu,fri,sat
If the time is as shown, the rule comes up red in Winbox, indicating something is wrong with it.
If I change the time to “1h-23h59m59s” then the rule comes up black (happy).
I cannot see why the router thinks there is something wrong with the first version.
This is in v6.6.
rule will be red because it is currently not the time, that you specified. red means that this rule is currently not working. when the time will be as you specified, rule will start working, and will not be red.
Ha ha! That is certainly unexpected! I am used to the red meaning that something is wrong. Well, that also explains why I have never seen that rule red before today. I’m happy to learn that I don’t have a problem. Thanks for the explanation!
hi,
can you pls explain the time parameter:
if set the time to 2h-23h59m59s, then what does this means assuming action=drop.
correct me if i am wrong – thus these mean, it will 2hrs of dropping my packet, starting 12MN until 2AM?
Pls explain the time parameter as from my sample settings:
/ip firewall filter add chain=forward action=drop time=“22h-23h59m59s,mon,tue,wed,thu,fri,sat,sun” src-mac-address=98:FF:D0:33:85:5A
forwarding of packets will be dropped between 10PM-12MN, then will again allowed by the time reaches pass 12MN.
No, the opposite. Traffic will be dropped only between 02:00 and 23:59:59. Between midnight and 2 AM, traffic will be allowed (and the rule will show up red in Winbox).
Yes, you have it right this time.