Hello,
is it possible to set the current wan-IP as source address (or source address list entry) in a firewall rule?
noone? 
You can set the current WAN ip address as source address in any firewall rule. It will be hardcoded so if your IP address changes on a regular or semi-regular basis, you would have to change it in every single firewall rule.
You could get around this issue by using an address-list as the source, as per your suggestion. That way, you’d only have to change the address in the address list.
You could write a script that checks the WAN IP and updates any rules or address lists if it changes. If your WAN address (almost) never changes, I’d say it’s not worth the work.
You could write a script that checks the WAN IP and updates any rules or address lists if it changes. If your WAN address (almost) never changes, I’d say it’s not worth the work.
Ok thanks. I thought there is any variable like $WAN I could use and which always points to the current WAN IP.
Did anyone wrote such a script before? 
Where do I find a documentation about the script language of ROS?
It is not that simple, because there is no “the current WAN IP”, there can be more than one WAN and the router does not really know which interface is your WAN other than by convention (and you can configure the router differently).
When you do not want to hardwire your WAN IP into rules, it is often possible to bind rules to an interface rather than an IP, and leave the local address unspecified.
Most documentation can be found in the WiKi: http://wiki.mikrotik.com/wiki/Main_Page
ok, thx. 