Good evening, I’m a little confused by the number of active connections in /ip firewall connection. The Winbox shows me a value, and the terminal shows me a different value. What is the correct? And the locally generated connections from the router to the internal network? They appear in this list of connections? Attached an image to be more understanding. Sorry the image size and the bad English 
. Thanks
Gabriel Siena
According to the uptime of the router in the top right corner, there’s about 3 minutes between those pictures.
Once a connection is closed, the router drops it from the connection tracking table. If you open up the terminal over the GUI view so you can still view the GUI count at the bottom and run the command in the terminal window, the two should agree (though it may still be a little bit off because the GUI updates every couple of seconds, and the terminal generates the count at that very moment). You’re most likely seeing a difference simply because you’re looking at different times.
Annex another image at the same time interval. My biggest doubt is that other number “out of 8592” highlighted in red. In fact I have 2075 or 8592 connections? That alone is confusing me.
Thanks
Gabriel Siena
you have 8000, but RouterOS will not display all due to performance issues. This would take too much resources, and this window is only an overview, not a complete list
Thanks Normis, now I understand the operation of Mikrotik connection tracking!
Normis, what about
/ip fi co pr file=xxx
?.. I thought, it prints all connections… in fact, it outpots only 2049 connections… can we have a complete list of connections?..
or, for example, if you use filter to see only connection of one user, you cannot see all his connections because they’re not in list shown by conntrack (MMMM items out of NNNNN)