I am tring use L7 to block MSN in my network, BUT i need exceptions, i made exactly described in the HOW-TO at http://wiki.mikrotik.com/wiki/Drop_IM_Using_L7 it work!!! BUT it BLOCK entire IM to entire network, the i try this :
And continues blocking all hosts including the hosts listed on address-list..../ip firewall address-list
add address=10.10.10.30 comment="" disabled=no list=Permit-MSN
add address=10.10.10.32 comment="" disabled=no list=Permit-MSN
add address=10.10.10.33 comment="" disabled=no list=Permit-MSN
add address=10.10.10.34 comment="" disabled=no list=Permit-MSN
add address=10.10.10.35 comment="" disabled=no list=Permit-MSN
add address=10.10.10.173 comment="" disabled=no list=Permit-MSN
/ip firewall filter
add action=drop chain=forward comment= "*********** Block MSN ***********" disabled=no layer7-protocol=MSN src-address-list=!Permit-MSN
:( WHY??? any ideas???BR
Mauricio