Page 1 of 1

Bug in "for" loop and firewall commands.

Posted: Thu Feb 26, 2015 2:30 am
by Farhadgh
Hello Mikrotik. please fix this. I think this is a bug. in loops, packet-mark=!"something$i" doesn't work and I need to do it by hand. sometimes for large numbers (100 or 200).
sample code:
for i from=0 to=100 do={ip firewall mangle add chain=forward dst-address=10.10.10.0/24 action=mark-packet new-packet-mark="ThisIssueBothersMe$iTestIt";ip firewall mangle add chain=forward packet-mark=!"ThisIssueBothersMe$iTestIt" action=accept}


I didn't test it on other places. so there may be a larger bug that this issue is part of that.

Re: Bug in "for" loop and firewall commands.

Posted: Thu Feb 26, 2015 11:03 am
by andriys
for i from=0 to=100 do={ip firewall mangle add chain=forward dst-address=10.10.10.0/24 action=mark-packet new-packet-mark="ThisIssueBothersMe$iTestIt";ip firewall mangle add chain=forward packet-mark=!"ThisIssueBothersMe$iTestIt" action=accept}
This is not a bug, this is a mistake in your code. In your example you're referring to a non-existent variable $iTestIt. If you need to insert a value of some variable in the middle of some word, try doing it like this:
new-packet-mark="ThisIssueBothersMe$(i)TestIt"

Re: Bug in "for" loop and firewall commands.

Posted: Thu Feb 26, 2015 11:12 am
by rextended
Or better, from my point of view:
new-packet-mark=("ThisIssueBothersMe".$i."TestIt")
packet-mark=!("ThisIssueBothersMe".$i."TestIt")

Re: Bug in "for" loop and firewall commands.

Posted: Thu Feb 26, 2015 5:09 pm
by Farhadgh
Thanks for your editions, but non of these two approaches work. Main issue is that packet mark isn't created yet and mikrotik doesn't now that yet. these were not soloution to this problem. you can test it. It would be great if mikrotik could run this command.

Re: Bug in "for" loop and firewall commands.

Posted: Thu Feb 26, 2015 5:28 pm
by Farhadgh
You can consider for example, this simpler situation.
for i from=0 to=100 do={ip firewall mangle add chain=forward dst-address=10.10.10.0/24 action=mark-packet new-packet-mark=$i;ip firewall mangle add chain=forward packet-mark=!$i action=accept}
Even if we create all packet marks first, by this command:
for i from=0 to=100 do={ip firewall mangle add chain=forward dst-address=10.10.10.0/24 action=mark-packet new-packet-mark=$i}
and then do the rest, with created packet marks, still this error exists!
for i from=0 to=100 do={ip firewall mangle add chain=forward packet-mark=!$i action=accept}
and of course, it's not a problem for having or not having "". trust me or test it.

Re: Bug in "for" loop and firewall commands.

Posted: Thu Feb 26, 2015 7:46 pm
by andriys
Just tried your example commands on my test router running 6.27. Everything work just fine, provided parameters are quoted correctly. Here's what worked for me:
for i from=0 to=10 do={/ip firewall mangle add chain=forward dst-address=10.10.10.0/24 action=mark-packet new-packet-mark="$i"; /ip firewall mangle add chain=forward packet-mark="!$i" action=accept}