#This is the first time I have written a RouterOS script and what I'm trying to do is to isolate the IPs of three entries in my firewall ruleset, compare them to the [:resolve]'d value, and replace the value if it is different. I can't seem to get my output to only display the IP address present in the src-address field, though. Below is a sample of what I am attempting, and the output I'm getting. I have tried many variants of this, but this is the most promising attempt I've had.





[admin@RouterOS] > /ip firewall filter get [/ip firewall filter print where comment~".com"] src-address
Flags: X - disabled, I - invalid, D - dynamic
0 ;;; Allow yahoo.com connections to anything
chain=forward action=accept protocol=tcp src-address=72.30.2.43

1 ;;; Allow google.com connections to anything
chain=forward action=accept protocol=tcp src-address=74.125.95.147

2 ;;; Allow facebook.com connections.
chain=forward action=accept protocol=tcp src-address=69.63.189.16
no such item

I believe this is what you're looking for.

http://wiki.mikrotik.com/wiki/Use_host_ ... wall_rules

thank you. that was perfect! good thing someone has already done all of the hard work for me. this has really fueled my desire to delve into routeros scripting, though.

1littlewisp
who can copy from winbox text with color :S

Even if you can that doesn't mean you should. That makes it harder to read. Just always use the code tag.

1littlewisp
who can copy from winbox text with color :S

Yeah, I just used color tags. Sorry if it made it more difficult to read. I thought it would be helpful. I find it to be extremely helpful on the command line. syntax highlighting helps me determine what the different parts of my command/script are.