Hallo Guys
I am looking for a firewall filter rule to identify and accept traffic that was Initiated by the actual router.
Example, if the router sends out a email I don’t want to specifically allow input and output for smtp traffic but rather just identify that the router is sending a email and then simply allow it.
Example, if the actual router dials a vpn connection I don’t want to specifically allow this but if the router initiated the connection it should be allowed.
Thanks’ in advance 
That’s output chain. Use other rule conditions according to your needs.
So this is what I did if anyone is interested:
add action=passthrough chain=forward comment="-------------------------------------------------- router initiated traffic " disabled=yes
add chain=“input - x” comment=“accept - new traffic” connection-state=new disabled=yes
add chain=“input - x” comment=“accept - related traffic” connection-state=related
add chain=“input - x” comment="accept - established traffic " connection-state=established
add action=passthrough chain=forward comment=--------------- disabled=yes
add chain=“output - x” comment=“accept - new traffic” connection-state=new
add chain=“output - x” comment=“accept - related traffic” connection-state=related
add chain=“output - x” comment="accept - established traffic " connection-state=established