Hi there,

I'm wondering if there's a way to specify a generic rule that matches an IP address on a directly connected interfaces subnet?

ie: something like:- which would match any IP address in the above 10.52.5.0/24 or 10.62.255.24/29 networks?

Would make for a few easier, and more generic configs?

Thanks.

Hi there,

I'm wondering if there's a way to specify a generic rule that matches an IP address on a directly connected interfaces subnet?

ie: something like:-

Code: Select all

 > /ip address print
Flags: X - disabled, I - invalid, D - dynamic 
 #   ADDRESS            NETWORK         INTERFACE                                
 0   10.62.5.1/24       10.62.5.0       ether1                                   
 1   10.62.255.30/29    10.62.255.24    ether2                                   

/ip firewall filter add src-address-type=local-subnet

which would match any IP address in the above 10.52.5.0/24 or 10.62.255.24/29 networks?

Would make for a few easier, and more generic configs?

Thanks.

I don't believe this is available but I could see several scenarios for me where it would be useful. Right now, I usually create an address list for local subnets and have my filter rules reference that list.