Is “RETURN” always the default at the end of a chain that has been jumped to?
I normally put “return” at the end, because the docs say that “passthru” is the default. However, “return” seems to be the case when I forget to include it.
IF it is the default, then when should it actually be used?? IF it is not the default all the time, then when is it, and when isn’t it the default? (Talking about chains that have been jumped to, of course).
Thanks.
at the end of custom chain packet if not accepted or dropped will be returned (as per action=return) to chain it originated. so, at the end of custom chain it is up to user to put return rule or not.
you can use return to return to main chain before reaching the end of the custom chain.
docs say passthrough,because you can imagine that jump rule to custom chain as a scope of rules that would be other way set up there. so after chain ends, packets are passed through the next rule after jump rule
also note, that after reaching end of default chain packet will be accepted the same if there where rule with action=accept.
that way routeros firewall defaults to drop everything that is bad and accept everything else hence it is easily changed by setting accept rules and as a last rule set action=drop rule