Friends, how will be a script to automatically reset all NAT counters?
Thank you for your answers.
EL DONCITO.
Friend, define automatically ?
Manually it is: /ip/firewall/nat reset-counters-all
/ip firewall nat reset-counters-all
Add it to a scheduler if you like to reset it a certain time.
So the definition of automatically was time.
The solution is IP filter??? 
Reset all NAT counters at midnight:
/system scheduler
add interval=1d name=NAT_reset_counters policy=read,write start-date=mar/25/2022 start-time=23:59:59 \
on-event="/ip firewall nat reset-counters-all"
Reset NAT counters at midnight, ONLY when inside the comment is present RST (all uppercase) on any part of the comment:
/system scheduler
add interval=1d name=NAT_reset_counters_on_RST_comment policy=read,write start-date=mar/25/2022 start-time=23:59:59 \
on-event="/ip firewall nat reset-counters [find where comment~\"RST\"]"
Reset NAT counters at midnight, EXCEPT when inside the comment is present KP (all uppercase) on any part of the comment:
/system scheduler
add interval=1d name=NAT_reset_counters_on_not_KP_comment policy=read,write start-date=mar/25/2022 start-time=23:59:59 \
on-event="/ip firewall nat reset-counters [find where !(comment~\"KP\")]"
Hi @Rextended!
This option DOES work:
/ip firewall raw reset-counters [find where comment~"IPSec"]
This option does NOT work
/ip firewall raw reset-counters [find where src-address-list="BlacklistIPSEC"]
Why? only filter by comments?
Thx & BR.
What you obtain with:
:put [/ip firewall raw find where src-address-list="BlacklistIPSEC"]
one (or more) index number like *3f1,*84a"?
For me on v6 work.
I tested the following:
:put [/ip firewall raw find where src-address-list="BlacklistIPSEC"]
Result: *5
:put [/ip firewall raw reset-counters [/ip firewall raw find where src-address-list="BlacklistIPSEC"]]
Reset counters only from BlacklistIPSEC → OK.
Thanks!
