/ip firewall connection remove broken in 3.0 rc10-14, & v3.1

RouterOS General
1

I just upgraded from 2.9.45 to 3.0 rc10 this past weekend, totally cleared out my ruleset, so i could start fresh.

I’m noting a problem trying to remove established (or any listed) connection from the connection tracking, both thru the GUI and thru the CLI:


51 SA tcp 192.168.200.8:1754 x.x.x.x:1863 none 23h26m13s
52 SA tcp 192.168.200.8:3794 x.x.x.x:22 56 23h26m13s
53 SA tcp 192.168.200.8:2851 x.x.x.x:993 none 23h21m44s

[dsdee@sentry] /ip firewall connection> remove 49
action timed out - try again, if error continues contact MikroTik support and se
nd a supout file (13)
[dsdee@sentry] /ip firewall connection>

Has anyone else noted this problem??

Thanks,
David

2

[bump]

Can someone else try to remove a connection from the active connection table and verify that the router does indeed not respond/time out for the command?? I can’t be the only one experiencing this problem…

3

3.0rc10

It didn’t time out for me, but took up to 1 minute to come back to the terminal. I also don’t know for sure that it even removed it.

remove [find assured=no]

Sam

4

I tried that on my home router RB532A RouterOS v3.0rc10, ~500 connections in list.

Terminal hanged for ~30secs and connection was not removed.

5

Good deal, then it isn’t just me.

Just to verify that it’s not a “quantity of connections in the list” issue, I only have 75 or so, and it is still behaving as described above.

6

We’re experiencing policy routing problems on 3rc10 which I am suspecting may be related…

7

Hello;

I’ve now upgraded to rc14 and am still having this problem.

[dsdee@sentry] > /ip firewall connection remove [ find connection-mark = “web_conn” ]
action timed out - try again, if error continues contact MikroTik support and send a supout file (13)
[dsdee@sentry] >

I don’t think it got fixed…

Additionally, within Winbox, clicking on a line in the Firewall/Connections list and then clicking “-” to remove it, doesn’t seem to remove it, either.

8

Hi,

Same router as in my previous post - 532A, this time with latest RouterOS v3.1: same problem.

9

Same here. I’ve upgraded to 3.1 on my RB532, and the

/ip firewall connection remove ###

on the console hangs til I hit ^C, or until it times out.

Also, the GUI “-” button on the Firewall/Connections page will most-times NOT remove the item selected, although intermittently, it will.

10

Same thing happens to me with RB133C and ROS 3.1…

And if i try to delete many connections the router freeze and stop work until reboot via -power supply unplug-…

11

Has anybody else logged this with support @ mikrotik?

12

I have not.

I had only logged it here, since I was under the impression this was the place to raise issues with beta versions, and this issue has been present since I first migrated over to the 3.0 Release Candidates.

13

v3.2

Seems to be working. :slight_smile:

14

Yep, seems to be working well! Thanks!

15

I confirm that, also for me, with 3.2 all works fine.

16

Sorry to bring this issue back, but seems it isn’t working for me on 3.7, RB600AP

17

In 3.7 on a RB150 (MiniRouter) this does work. Don’t have an RB600 at hand to test, though.

18

It’s working on a RB500, too, on v3.7

Just to see if it is the same problem, or not, can you provide details on your “it doesn’t work” ?? What are you doing, and what are you seeing?

19

If I try to manually remove a connection from /ip firewall connection, it would not.
This hapens in Winbox and CLI too. The message is:

Couldn’t remove connection x.x.x.x:yyy-x.x.x.x:yyy> - action failed (6)

20

That’s different from what I was originally seeing, I think, where it would hang, and then finally come back

I have seen what you show, but I have seen it (recently) when it is a repeated packet stream trying to keep the connection alive, such as a SIP/RTP connection, where as soon as you would kill it, it would be coming back anyways. Or something similar to that.