hi
i have 2 range of ip
172.17.5.0/24 and 192.17.6.0/28
i want to mangle these, can you please say me in source address with which character , i can separate them form together?
thanks
-
Use address-list, if you need one mangle rule for both subnets.
Add both networks to /ip firewall address-list, set one mangle rule with src-address-list. -
Create two mangle rules with the same mark-connection/mark-packet.
i know
but i wanted to know in source address i separate them with comma, or dash or …?
You can use only range there,
ip firewall mangle add src-address=
SrcAddress ::= [!]Range
Range ::= A.B.C.D[-A.B.C.D |0..32 |/A.B.C.D ] (IP address range)
To use one mangle rule for both networks, use address-list.
can you type the sample for me with my ip addresses that i said in top, and the way that i should type in GUI?
also i think press ! beside ranges
thanks
/ip firewall address-list
add list=whatever address=172.17.5.0/24
add list=whatever address=192.17.6.0/28
/ip firewall mangle
add chain=prerouting action=accept src-address-list=whatever
Paste that into the terminal window of the GUI and then inspect the things the commands created in the GUI to figure out how to create others like them via the GUI.
hi, thanks alot, good way.
can you please say me in one mangle rule, how can i put more than 1 protocol, for example, both gre and ipsec and tcp?
thanks
You can’t. You will need one rule per protocol. Just copy a previous rule then change the protocol type and you’ll be fine.