Garbage collect old routes and duplicate routes

RouterOS Scripting
11

You just killed “policy routing” idea :slight_smile: https://help.mikrotik.com/docs/spaces/ROS/pages/59965508/Policy+Routing

Policy routing > is the method to steer traffic matching certain criteria to a certain gateway. …
RouterOS gives you two options to choose from:
firewall mangle > - it gives more control over the criteria to be used to steer traffic, for example, per connection or per packet balancing, etc. For more info on how to use mangle marking > see Firewall Marking examples> …

The problem IMHO is that mangling is in the Firewall menu even if it provides mostly nonfirewall services but that place suggest that mangle is firewall thing. For me the most firewall-like actions are the green ones.

  • change-dscp - change the Differentiated Services Code Point (DSCP) field value specified by the new-dscp parameter
  • change-mss - change the Maximum Segment Size field value of the packet to a value specified by the new-mss parameter
  • change-ttl - change the Time to Live field value of the packet to a value specified by the new-ttl parameter
  • clear-df - clear ‘Do Not Fragment’ Flag
  • fasttrack-connection - shows fasttrack counters, useful for statistics
  • mark-connection - place a mark specified by the new-connection-mark parameter on the entire connection that matches the rule
  • mark-packet - place a mark specified by the new-packet-mark parameter on a packet that matches the rule
  • mark-routing - place a mark specified by the new-routing-mark parameter on a packet. This kind of mark is used for policy routing purposes only. Do not apply any other routing marks besides “main” for the packets processed by FastTrack, since FastTrack can only work in the main routing table.
    route - forces packets to a specific gateway IP by ignoring normal routing decisions (prerouting chain only)
  • set-priority - set priority specified by the new-priority parameter on the packets sent out through a link that is capable of transporting priority (VLAN or WMM-enabled wireless interface). Read more
  • sniff-pc - send a packet to a remote RouterOS CALEA server.
  • sniff-tzsp - send a packet to a remote TZSP compatible system (such as Wireshark). Set remote target with sniff-target and sniff-target-port parameters (Wireshark recommends port 37008)
  • strip-ipv4-options - strip IPv4 option fields from IP header, the action does not actually remove IPv4 options but rather replaces all option octets with NOP, further matcher with ipv4-options=any will still match the packet.