Community discussions

MikroTik App
  4. RouterOS
  5. General

dst-address-list negation do not work in firewall rule

Post Reply
 
cypa
newbie
Topic Author
Posts: 27
Joined: Mon Apr 01, 2013 11:20 am

dst-address-list negation do not work in firewall rule

Fri Apr 12, 2024 8:28 am

this do not work
Code: Select all
15          chain=prerouting action=route route-dst=8.122.28.111 src-address=10.118.3.2 in-interface=br-lan 
[user@center] <SAFE> /ip firewall mangle set 15 dst-address-list=!local_subnets

how do I negate an address list?
I see only option to add accept rule like
Code: Select all
action=accept dst-address-list=local_subnets
before my rule
Top
 
User avatar
vingjfg
Member
Member
Posts: 343
Joined: Fri Oct 20, 2023 1:45 pm

Re: dst-address-list negation do not work in firewall rule

Fri Apr 12, 2024 11:35 am

That should be the way. Just to be sure, the address-list exists, correct?

Can you provide the error message? And the version of ROS?
Top
 
cypa
newbie
Topic Author
Posts: 27
Joined: Mon Apr 01, 2013 11:20 am

Re: dst-address-list negation do not work in firewall rule

Fri Apr 12, 2024 4:15 pm

yes, it does exist indeed

ROS 6.49.10 long-term latest
Top
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 12030
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:
Contact rextended

Re: dst-address-list negation do not work in firewall rule

Fri Apr 12, 2024 6:10 pm

1) on doubt, use winbox,
2) if traffic is on bridge fasted from something, the firewall do not see the traffic.
Top
Post Reply

Who is online

Users browsing this forum: Bing [Bot] and 27 guests
  4. RouterOS
  5. General