Hi!
I have a problem in Winbox: in the Address List drop list box is showing an address list which doesn’t exists. I have triple checked every rule in the firewall/nat/mangle tabs and that address list isn’t used anywhere. I have even done a full export of the router configuration and there is no trace of that address list… Why is Winbox showing it?
Thanks!
Some possibilities come to mind. Some crazy bridge, made accidentaly after a litre of vodka. Or someone connected cable from WAN somewhere in LAN. Draw your network.
Is it the address list “winbox”? I noticed mine has those entries (even tho I use the api) without any firewall rules,
Hi!
No, it’s an old address list that I was using in some firewall rules… but now I have changed them and created another address list.
Thanks!
When you had the old rule that added that list, did you set the “address-list-timeout” parameter? If not, the entry will be in the address list forever. Well, unless you manually remove it. 
How should I remove the address list manually? The only way I know is to remove all IP’s from it and if it isn’t in use anymore it disappears automatically…
Replace X with line number of each entry you wish to remove:
/ip firewall address-list
print
remove X
And… What should I do if that address-list doesn’t show up with /ip firewall address-list print ???
That’s the problem I’m having 
Wow! That is odd. What version of the OS and Winbox are you using? I don’t use Winbox, but those that do will probably need that to help you.
If all else fails, generate a supout file and email it to support (at) mikrotik.com with a short explanation of the problem.
If ANY rule ANYWHERE points to this list, it will show in the drop-down whether it exists or not.
And to find it it’s probably easiest to save a “/export” and search for the address list name in a text editor. Something is referring to it somewhere.
Where does Winbox search for this list besides “/ip firewall address-list”? I am writing an API version and wish to maintain compatibility.
From the behavior I’m pretty sure it just parses the entire configuration for all references to address lists. So you’d have to look at every section that has configuration that can refer to address lists, get them all and compile your own list of lists.
I think that behavior is due to how dynamic address lists are now supported. For example, you can have a Hotspot user profile set up in a way that it adds the IP address of the client to an address list at login, and removes it at logout. Firewall, NAT and mangle rules should be able to select that address list name from a drop down, so it should show up - but if no client is logged in, the address list may have no members and may not show in “/ip firewall address-lists”. Dynamic address lists can also be populated by at least RADIUS, PPPoE and DHCP servers, there may be more.
So much for compatibility. I’m not doing that.
Its not a bug or a problem. Every router I have out there has a drop with source-address-list=portscanners. But only sites that actually have been port-scanned have an address-list called port-scanners. When I go to choose another address list for a new rule, portscanners shows up because it is referenced in the config.
Thanks, roadracer96. I never thought it was a bug after your response. Then fewi backed it up. I can use a textbox rather than a drop-down. It’s a Blackberry phone app. Not supposed to be complex, just portable!
I have done an export and there is no trace of those “ghost” address lists… so I don’t know why WinBox is showing them up.
In that light, I recommend creating a supout.rif file and email to support as I mentioned above. If you would please post their response here also. I am interested for my own selfish reasons.
i think winbox caches those results. close winbox, remove your winbox cache files, and then try again.
just read the topic…
well, you can do the following test:
MT Staff, is there some way to completely unset the value?