Dear all,
If I add an IP address through a firewall filter such as:
/ip firewall filter add in-interface=afrihost action=add-src-to-address-list chain=input address-list=Dynamic_Scan address-list-timeout=2d comment="Add IP to the Dynamic_Scan list on interface afrihost" disabled=no
Then the behaviour is that if the same IP address is added instead of “failing” it just amends the “timeout”.
However if I add an IP address to the list via a script with the following:
:do {
/ip firewall address-list add address=$ipTempAddress1 comment="Dynamically Added for Dynamic_Scan" disabled=no list=Dynamic_Scan timeout=48:00:00
} on-error={ :put "Error adding address"};
Then the behaviour is that if the IP address is not yet in the list it will be added as expected, however, if the IP address was found to be within the list the result will be an output of “Error adding address”, without even updating the “timeout”.
Shouldn’t the behaviour be the same?
Dawie
