I would like to track sessions and use normal /ip firewall filter rules for src addresses in list1, list2, and list3, but for everything else I don’t have any need to track connections. Can I accomplish this with?
/ip firewall raw
add action=return chain=prerouting src-address-list=list1
add action=return chain=prerouting src-address-list=list2
add action=return chain=prerouting src-address-list=list3
add action=notrack chain=prerouting
Seems to me that action=return should skip out of the raw rules and continue on to look through mangle/nat/filter, while action=accept would allow the packet right here and skip mangle/nat/filter because it’s already accepted. Did I get that right?
schu