Following the instructions for building your first firewall at https://help.mikrotik.com/docs/display/ ... t+Firewall, I ran the configuration commands for firewall rules in a terminal within Winbox. This was in Safe Mode. These additional rules do not appear in the list at IP / Firewall / FilterRules in Winbox. I toggled SafeMode off and on with no change in the list of rules.
Can't find a reference to this case on the Wiki. What am I missing?

Which rules exactly ? Everything on that page ?

Save yourself grief and use this instead...... viewtopic.php?t=180838

Use of safe mode is a very good idea, unlick safe mode to save the changes you have made thus far, then turn it back on.
Always wait a few seconds, if a change you make causes the router to burp it will come back to the last changes you made that you saved by turning safe mode off and on.

Which rules exactly ? Everything on that page ?

Not quite. Didn't install rules to limit admin access, but did the others.

Save yourself grief and use this instead...... viewtopic.php?t=180838

Thank you for the link. Have worked through it and compared to my rules. Modified them in places via winbox. RoS 6.49.1 shows "tarpit" under Action menu. Is this the same as blackhole mentioned by anav in the firewall discussion?
anav clarified something I missed up to this point: both Input and Forward chains need "drop all" rules at their ends.
Question: in the list of filter rules, does it matter if the different chains are intermixed? That is, does the filter function for Input ignore "Forward" rules?
Thanks.

Question: in the list of filter rules, does it matter if the different chains are intermixed? That is, does the filter function for Input ignore "Forward" rules?

It doesn't matter if rules for different chains are intermixed. When firewall determines proper chain for packet to enter, only rules for that chain are evaluated.
However, it is mighty useful if rules are grouped per chain, debugging (following rules) is much easier this way.

Question: in the list of filter rules, does it matter if the different chains are intermixed? That is, does the filter function for Input ignore "Forward" rules?

It doesn't matter if rules for different chains are intermixed. When firewall determines proper chain for packet to enter, only rules for that chain are evaluated.
However, it is mighty useful if rules are grouped per chain, debugging (following rules) is much easier this way.

When I grouped the chains by sorting on the Chain column in Winbox it seems I cannot re-order rules by dragging them up or down; can drag only when sorted by rule number (first column). Can still edit a rule when sorted into chains, so it may be useful to sort depending on what needs doing. Is that right?