Community discussions

 
planetcaravan
Member Candidate
Member Candidate
Topic Author
Posts: 265
Joined: Tue Aug 25, 2009 5:33 pm

Delete all firewall address-list with one command

Fri Jun 21, 2019 12:50 pm

Hi there,

Is there any possibility to delete with only one command ALL address lists present into the firewall?
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 1309
Joined: Sat Dec 24, 2016 11:17 am
Location: jo.overland at gmail.com

Re: Delete all firewall address-list with one command

Fri Jun 21, 2019 1:13 pm

Do mean connections?

Did you see this post, posted yesterday?

viewtopic.php?f=9&t=149473
 
How to use Splunk to monitor your MikroTik Router

MikroTik->Splunk
 
 
planetcaravan
Member Candidate
Member Candidate
Topic Author
Posts: 265
Joined: Tue Aug 25, 2009 5:33 pm

Re: Delete all firewall address-list with one command

Fri Jun 21, 2019 1:41 pm

Do mean connections?
not connections, but all address list entry
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 1309
Joined: Sat Dec 24, 2016 11:17 am
Location: jo.overland at gmail.com

Re: Delete all firewall address-list with one command

Fri Jun 21, 2019 1:58 pm

This should do and its close to the command in the other post I did posted.
/ip firewall address-list remove [find]
Take care, this deletes all entries from all lists.

To delete one list, do this:
/ip firewall address-list remove [find where list=your_list]
 
How to use Splunk to monitor your MikroTik Router

MikroTik->Splunk
 
 
planetcaravan
Member Candidate
Member Candidate
Topic Author
Posts: 265
Joined: Tue Aug 25, 2009 5:33 pm

Re: Delete all firewall address-list with one command

Sat Jun 22, 2019 5:00 pm

Hello and thanks for your answer.

I tried both your command
Last test I did:
/ip firewall address-list remove [find where list="TEST-IP"]


Many times I got this error:
no such item (4)

I've noticed that using this command not ALL IPs of that address-list were deleted.
Each time I repeat the same command, new IPs were deleted.
Is it my fault?
I'm using 6.42.11 version
 
planetcaravan
Member Candidate
Member Candidate
Topic Author
Posts: 265
Joined: Tue Aug 25, 2009 5:33 pm

Re: Delete all firewall address-list with one command

Thu Nov 07, 2019 1:28 pm

Still having this probelm even with 6.44.6
no such item (4)
 
msatter
Forum Guru
Forum Guru
Posts: 1281
Joined: Tue Feb 18, 2014 12:56 am
Location: Netherlands / Nīderlande

Re: Delete all firewall address-list with one command

Thu Nov 07, 2019 1:34 pm

:do { /ip firewall address-list remove [find where list="TEST-IP"] } on-error={}

This will ignore the no such item.

I hope that you are using a more recent release of RouterOS and don't forget to make backups from your configuration.
Two RB760iGS (hEX S) in series. One does PPPoE and both do IKEv2.
Running:
RouterOS 6.46Beta59 / Winbox 3.20 / MikroTik APP 1.3.7
Having an Android device, use https://github.com/M66B/NetGuard/releases (no root required)
 
planetcaravan
Member Candidate
Member Candidate
Topic Author
Posts: 265
Joined: Tue Aug 25, 2009 5:33 pm

Re: Delete all firewall address-list with one command

Thu Nov 07, 2019 1:42 pm

Thanks for your kind answer

This code is still not deleting all address lists
:do { /ip firewall address-list remove [find] } on-error={}
Most of the entries remains after entering the command
 
msatter
Forum Guru
Forum Guru
Posts: 1281
Joined: Tue Feb 18, 2014 12:56 am
Location: Netherlands / Nīderlande

Re: Delete all firewall address-list with one command

Thu Nov 07, 2019 2:09 pm

I can't try it but you can.
/ip firewall address-list remove
Two RB760iGS (hEX S) in series. One does PPPoE and both do IKEv2.
Running:
RouterOS 6.46Beta59 / Winbox 3.20 / MikroTik APP 1.3.7
Having an Android device, use https://github.com/M66B/NetGuard/releases (no root required)
 
planetcaravan
Member Candidate
Member Candidate
Topic Author
Posts: 265
Joined: Tue Aug 25, 2009 5:33 pm

Re: Delete all firewall address-list with one command

Thu Nov 07, 2019 2:12 pm

Thanks again but it is asking number
[admin@ROUTER] > /ip firewall address-list remove
numbers: 
 
User avatar
tomaskir
Trainer
Trainer
Posts: 1120
Joined: Sat Sep 24, 2011 2:32 pm
Location: Slovakia

Re: Delete all firewall address-list with one command

Thu Nov 07, 2019 2:12 pm

The issue is command scope.
If you run the command under "/" (command root scope) find will run there.
You either need to specify scope, or enter the "/ip firewall address-list" scope.
/ip firewall address-list remove [/ip firewall address-list find list=list_name] 
Or
/ip firewall address-list
remove [find list=list_name] 
Unimus - configuration management, automation and backup solution
Mass Config Push, network-wide RouterOS upgrades, and more!
 
msatter
Forum Guru
Forum Guru
Posts: 1281
Joined: Tue Feb 18, 2014 12:56 am
Location: Netherlands / Nīderlande

Re: Delete all firewall address-list with one command

Thu Nov 07, 2019 2:26 pm

As lines in script?:
/ip firewall address-list
do: { remove [find]  } on-error={}
Two RB760iGS (hEX S) in series. One does PPPoE and both do IKEv2.
Running:
RouterOS 6.46Beta59 / Winbox 3.20 / MikroTik APP 1.3.7
Having an Android device, use https://github.com/M66B/NetGuard/releases (no root required)
 
User avatar
tomaskir
Trainer
Trainer
Posts: 1120
Joined: Sat Sep 24, 2011 2:32 pm
Location: Slovakia

Re: Delete all firewall address-list with one command

Thu Nov 07, 2019 2:40 pm

You don't need to do error handling on address list removal.
If you want to remove ALL entries rather than just entries from a single list, simply do:
/ip firewall address-list remove [/ip firewall address-list find] 
or
/ip firewall address-list
remove [find] 
Unimus - configuration management, automation and backup solution
Mass Config Push, network-wide RouterOS upgrades, and more!
 
planetcaravan
Member Candidate
Member Candidate
Topic Author
Posts: 265
Joined: Tue Aug 25, 2009 5:33 pm

Re: Delete all firewall address-list with one command

Thu Nov 07, 2019 3:04 pm

Last command seems work better but some entries are not deleted.
I did a video: https://gfycat.com/bravewealthygermanpinscher
 
User avatar
tomaskir
Trainer
Trainer
Posts: 1120
Joined: Sat Sep 24, 2011 2:32 pm
Location: Slovakia

Re: Delete all firewall address-list with one command  [SOLVED]

Thu Nov 07, 2019 4:41 pm

Last command seems work better but some entries are not deleted.
I did a video: https://gfycat.com/bravewealthygermanpinscher

This is because you have some dns-based entried in your list.
These create dynamic address-list entries that normally can't be deleted.

Here is a command that takes that into account:
/ip firewall address-list
remove [find dynamic=no]

Dynamic entries are automatically deleted when their "parent" dns-based entry is deleted.
That should sort it out for you.
Unimus - configuration management, automation and backup solution
Mass Config Push, network-wide RouterOS upgrades, and more!
 
planetcaravan
Member Candidate
Member Candidate
Topic Author
Posts: 265
Joined: Tue Aug 25, 2009 5:33 pm

Re: Delete all firewall address-list with one command

Thu Nov 07, 2019 5:53 pm

IT WORKS!

I've used this command on a single line
/ip firewall address-list remove [find dynamic=no]
It delete ALL 1200 address list (even dynamic) without any error.

Thanks!!
 
User avatar
tomaskir
Trainer
Trainer
Posts: 1120
Joined: Sat Sep 24, 2011 2:32 pm
Location: Slovakia

Re: Delete all firewall address-list with one command

Thu Nov 07, 2019 6:40 pm

For a single line you need to use

/ip firewall address-list remove [/ip firewall address-list find dynamic=no] 

Otherwise this will not work if you execute it from root context "/".
Unimus - configuration management, automation and backup solution
Mass Config Push, network-wide RouterOS upgrades, and more!
 
planetcaravan
Member Candidate
Member Candidate
Topic Author
Posts: 265
Joined: Tue Aug 25, 2009 5:33 pm

Re: Delete all firewall address-list with one command

Thu Nov 07, 2019 6:43 pm

I've used
/ip firewall address-list remove [find dynamic=no]
from / context and it worked good.

Who is online

Users browsing this forum: No registered users and 16 guests