Good evening,

I have a small question and I apologize in advance if this is something already asked. i just got my first MikroTik router (I'm all excited about it).
This is my question, I want to use mangle to create an address list, I have about 7 VLANS and I want all traffic no matter which VLAN is coming from to contribute to the address list of the site i'm trying to block. Can I use 0.0.0.0/24(assuming 0.0.0.0/24 means any network) to accomplish this or do I need to create a copy of the firewall rule for each VLAN?

Thanks in advance

V/r

Toni

What makes you think you can block an address on the internet?
HTTPS (just worked my way around your firewall rule )

What makes you think you can't? If it's IP address, it's very easy to block. Hostnames, that's another matter, that can get tricky, but you still have some chance to succeed.

As for the question, 0.0.0.0/0 means any address, but you don't really need such condition, because it will match anything, so you can omit it. Creating firewall rules is like playing with Lego, you get different pieces that you can put together, some make sense, some don't. Here you have set of condition and actions, and you can create whatever you want. Rules are processed from top to bottom and first matching one is used. There are usually different ways how to achieve same goal, you can block something and allow the rest, or allow something and block the rest, create various exceptions, ...

Thanks,

I verified that 0.0.0.0/24 can do the trick, but it will consume resources that can be used somewhere else.


V/r


Toni