via winbox i found no way how to move any rule.
via cli it shall work with the 'move' command, but the move command doesn't do anything within the same chain:
Code: Select all
[admin@m] /routing/filter/rule> print
Flags: X - disabled, I - inactive
0 ;;; source-adress for all generated traffic
chain=ospf_in rule="set pref-src 192.168.1.1;"
1 chain=ospf_out rule="if (dst in 192.168.0.0/16) {\r\n accept;\r\n}"
2 chain=ospf_out rule="if (protocol connected) {\r\n accept;\r\n}"
3 chain=ospf_out rule="reject;"
4 chain=ospf_in rule="reject;"
5 chain=ospf_in rule="accept;"
[admin@m] /routing/filter/rule> move 1 2
[admin@m] /routing/filter/rule> print
Flags: X - disabled, I - inactive
0 ;;; source-adress for all generated traffic
chain=ospf_in rule="set pref-src 192.168.1.1;"
1 chain=ospf_out rule="if (dst in 192.168.0.0/16) {\r\n accept;\r\n}"
2 chain=ospf_out rule="if (protocol connected) {\r\n accept;\r\n}"
3 chain=ospf_out rule="reject;"
4 chain=ospf_in rule="reject;"
5 chain=ospf_in rule="accept;"
[admin@m] /routing/filter/rule>
this makes the whole new routing filters absolutely unusable for my point of view, when you have real life setups with tons of complex filtering.
somebody any idea how this could work?