I noticed that even if I disable forwarding from port A to port B under the “Forward” tab, an ACL rule that redirects traffic from port A to port B still works.
Is this intended behavior? Basically ACL rules take precedence over Forward rules?
What exactly do you mean by “ACL rule”?
Just ACL. By “rule” I meant the action I set to redirect ports with a match.
Under Forward, I disabled port1 to port3 forward.
Under ACL, I created an entry that redirect port1 packets to port3, and it works.
… And where do you configure that ACL?
Under SWOS’s ACL tab. See pic.
My bad, didn’t notice that it’s posted under swos…
I don’t use swos myself, so won’t be of much help.
The documentation https://wiki.mikrotik.com/wiki/SwOS/CSS106 doesn’t mention any order or flow diagram (@Mikrotik that’s a must! It’s available for ROS).
The doc does mention what Access Control List is/provides:
Ingress ACL tables
Up to 32 ACL rules (limited by SwOS)
Classification based on ports, L2, L3, L4 protocol header fields
ACL actions include filtering, forwarding and modifying of the protocol header fields
So it could be that ACL is taking precedence over forwarding config