Firewall Filterrule ros-v3beta9

Hi,

I experienced a problem with firewall-filter rules and ros-v3beta9.

when this rule is added nothing happens:

/ip firewall filter add chain=forward protocol=tcp p2p=all-p2p tcp-flags=syn connection-limit=11,32 action=drop

this rule should drop all p2p-connections >10 but byte and packet counter is already zero. there are many connections classified as p2p (more than 10 per ip) but nothing happens.

connection tracking is enabled, I even tried changing the chain to output and input with the same result.

Is this a bug in beta9?

best regards
chris

I’m having the same problem in Beta8, i’ll create a firewall rule to drop all traffic from a certain IP, and it does nothing.

I’ve changed the rule to

 0   chain=forward protocol=tcp p2p=all-p2p connection-limit=11,32 action=drop

but it doesn’t work too, then I did a system-reboot, after that the rule drops connections like it should.