Community discussions

 
akschu
newbie
Topic Author
Posts: 37
Joined: Thu Mar 15, 2012 2:09 am

/ip filter raw action=return

Fri May 17, 2019 11:02 pm

I would like to track sessions and use normal /ip firewall filter rules for src addresses in list1, list2, and list3, but for everything else I don't have any need to track connections. Can I accomplish this with?
/ip firewall raw
add action=return chain=prerouting src-address-list=list1
add action=return chain=prerouting src-address-list=list2
add action=return chain=prerouting src-address-list=list3
add action=notrack chain=prerouting
Seems to me that action=return should skip out of the raw rules and continue on to look through mangle/nat/filter, while action=accept would allow the packet right here and skip mangle/nat/filter because it's already accepted. Did I get that right?

schu
 
McSee
newbie
Posts: 34
Joined: Tue Feb 26, 2019 12:49 pm

Re: /ip filter raw action=return

Fri May 17, 2019 11:57 pm

Use action=accept, it skips all other rules in Raw only.

Who is online

Users browsing this forum: No registered users and 78 guests