Remove all firewall settings before import

Paradox · December 16, 2021, 3:08pm

Hi,
I want to sync my firewall settings from one VRRP router to another. Therefore I’m exporting the rules with

/ip firewall export file=firewallrules

. But before import on the second router I have to wipe out all firewall settings. How could I do this?

sid5632 · December 16, 2021, 8:05pm

/ip firewall filter remove [find]
/ip firewall nat remove [find]
/ip firewall raw remove [find]
/ip firewall mangle remove [find]
/ip firewall address-list remove [find]
/ip firewall layer7-protocol remove [find]
/ip firewall connection remove [find]

Paradox · December 17, 2021, 7:06am

Thanks! But sorry, I’ve fogot to mention that I’ve already tried this one:

/ip firewall filter remove [find]

But it gives the error

failure: cannot remove builtin

and does not remove any rules.

I guess this is because of rule 0, which is a builtin rule for fasttrack.

karlisi · December 17, 2021, 9:36am

This should work

/ip firewall filter remove [find dynamic=no]

Paradox · December 17, 2021, 10:35am

Thanks, that one works!

gotsprings · December 24, 2021, 12:24pm

I use find comment = “defcon” on new routers.

Will have to try that dynamic no at some point on a running router.

Thing is… I import my new rules THEN delete the old ones.