Hi!
If my firewall is empty (no rules at all) then all traffic is allowed (should I call it accepted in terms of firewall?) the router.
If I create a rule to drop invalid connections why I need a rule to accept established,related?
I mean these rules, which are present in most "basic Mikrotik setup" guides
/ip firewall filter add action=accept chain=forward connection-state=established,related
/ip firewall filter add action=drop chain=forward connection-state=invalid
If I'll make a last-in-the-list rule to drop everything then I don't need drop invalid rule since invalid connections will be dropped anyway. If I don't have drop everything rule at all, then I don't need accept established,related since they are allowed anyway like any other traffic. Am I missing a point of all of that or don't understand how firewall is working but think that I understand?