Sat Apr 24, 2021 9:52 pm
@changeip, too many things work different than you expect.
The ip firewall only deals with IP packets, so the protocol matches on the payload protocols of IP, such as UDP, TCP, GRE...
MNDP is an application using UDP and port 5678, but RouterOS sends MNDP packes in such a way that they bypass the IP firewall.
LLDP and CDP do not use IP as transport, so only bridge filter rules can match them using mac-protocol=lldp and dst-mac-address=01:00:0C:CC:CC:CC, respectively. But also here, RouterOS sends these frames directly from the interfaces, so bridge filter cannot prevent them from being sent.