Hello,
I’m trying to track a connection with the following command:
/ip firewall connection print from=[find dst-address="SERVER_IP:80"]
This is the destination address and destination port 80, but I know the source address but not the port. Is it possible to allow any port?, something like:
/ip firewall connection print from=[find src-address="CLIENT_IP:*"]
Thanks,
/ip firewall connection print where src-address~"1.2.3.4"
/ip firewall connection print where dst-address~"1.2.3.4:80"
Thanks rextended
ip firewall connection print where src-address~"IP"
This is regex, so if you search for 1.1.1.1 it will also hit 11.1.1.1 and 21.1.1.1 +++
/ip firewall connection print where src-address~"1.2.3.4"
Will find 1.2.3.4 as well as 11.2.3.4
CAN happen, but nevermind..
In case:
/ip firewall connection print where src-address~"^1\\.2\\.3\\.4(:*|\$)"
/ip firewall connection print where dst-address~"^1\\.2\\.3\\.4:80\$"
Did you try this?
For me, I do get red ***, to that is not accepted.
Using ^ works fine
Using $ at end of line give hit for all lines , like .
So some is not following regex standard.
you right,
using on CLI must have double \ and $
I correct my post because must be used only on CLI “/ip firewall connection print”
Ahh, thanks, learned some today as well 
CLI have double interpretation for \ (start of special char) and $ (name of the variables on memory)
for write \ as not special char, but passed as \ must be special char of.. special char: \
Simply $ if you want write $ literally
Remember: is RegExp using POSIX standard without metadata (Character classes) like [:digit:] (stay for [0-9] ) or \d (again is equal to [0-9] ) from other languages
https://en.wikibooks.org/wiki/Regular_Expressions/POSIX_Basic_Regular_Expressions