Community discussions

MUM Europe 2020
Topic Author
Posts: 43
Joined: Thu Mar 15, 2012 2:09 am

/ip filter raw action=return

Fri May 17, 2019 11:02 pm

I would like to track sessions and use normal /ip firewall filter rules for src addresses in list1, list2, and list3, but for everything else I don't have any need to track connections. Can I accomplish this with?
/ip firewall raw
add action=return chain=prerouting src-address-list=list1
add action=return chain=prerouting src-address-list=list2
add action=return chain=prerouting src-address-list=list3
add action=notrack chain=prerouting
Seems to me that action=return should skip out of the raw rules and continue on to look through mangle/nat/filter, while action=accept would allow the packet right here and skip mangle/nat/filter because it's already accepted. Did I get that right?

Frequent Visitor
Frequent Visitor
Posts: 70
Joined: Tue Feb 26, 2019 12:49 pm

Re: /ip filter raw action=return

Fri May 17, 2019 11:57 pm

Use action=accept, it skips all other rules in Raw only.

Who is online

Users browsing this forum: AUsquirrel, godzillante, Google [Bot], Guntis, Jusufs and 60 guests