Play with wireguard interface and ipv6 policy routing. It doesn't work :( but the post isn't about that.
At ~ 12:00 I have create some ipv7 firewall rules based on this post https://help.mikrotik.com/docs/display/ ... t+Firewall
After 8 hours I was back to this task and counters are looking very strange on example rule 13 was created 2-5 minutes ago.
Detail statistic on this interface also wild
Code: Select all
[admin@MikroTik-router] /ipv6/firewall/filter> print stats
Columns: CHAIN, ACTION, BYTES, PACKETS
# CHAIN ACTION BYTES PACKETS
;;; count IPv6
0 forward passthrough 1 295 928 031 878 238 191 17 171 285 716 295
1 forward accept 17 205 638 991 906 1 152 922 630 156 714 263
2 input accept 1 726 577 111 732 17 344 234 910 411 297 468
;;; local network
3 forward accept 1 152 924 442 364 477 890 1 881 195 684 536
;;; accept ICMPv6
4 input accept 206 159 078 074 180 388 643 641
;;; NEW from LAN to internet
5 forward accept 1 778 138 917 176 1 152 924 390 824 910 225
;;; icmpv6
6 forward accept 1 152 922 483 859 716 288 1 152 922 046 041 164 877
;;; accept DHCPv6-Client prefix delegation.
7 input accept 17 188 467 957 332 1 152 922 552 578 867 783
;;; accept ICMPv6
8 input accept 1 152 922 226 161 352 772 1 152 939 174 102 306 728
;;; defconf: accept UDP traceroute
9 input accept 1 152 923 772 349 579 680 1 152 922 251 931 156 544
;;; established,related
10 forward accept 2 206 258 509 920 576 742 463 509 378 454
;;; allow allowed addresses
11 input accept 1 152 923 841 069 186 602 1 296 475 821 493 453 914
;;; allow established and related
12 input accept 2 305 844 203 483 038 108 1 152 921 882 563 969 088
13 forward reject 576 474 101 079 044 477 1 152 935 218 437 426 800
;;; invalid
14 forward drop 18 446 744 056 529 766 044 8 672 093 119 926 904 408
15 forward drop 18 446 744 058 046 474 775 1 152 935 016 579 795 273
16 input drop 2 305 844 572 850 398 192 1 152 923 952 738 206 142
17 input drop 1 295 911 041 883 963 532 2 305 844 160 264 929 724