Hi Karl, My expectation is that the rules will match no traffic at all, because 'connection state' is never blank, unless (perhaps) if connection tracking is disabled - I would need to run some experiments to determine what is the actual case with connection tracking disabled :-} BUT, if that is not the actual result, I will be hardly surprised since it is not uncommon for 'unexpected' functionality like that to change behaviour from version to version ;) What *is* the result you observed, and what would you expect to see? Cheers! Mike.
-----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Karl Auer Sent: Thursday, 7 May 2020 2:50 PM To: MikroTik Public <public@talk.mikrotik.com.au> Subject: [MT-AU Public] empty connection-state value in filter rule?
In a filter list, I have several rules that have
connection-state=""
in them.
For example:
chain=ssh action=accept connection-state="" \ protocol=tcp dst-port=22 \ log-prefix=""
What do people think would be the behaviour?
Regards, K.
-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~ Karl Auer (kauer@nullarbor.com.au) work +61 2 64957435 http://www.nullarbor.com.au mobile +61 428 957160
GPG fingerprint: CF68 0C56 EEE4 CC19 28D4 03B3 BCE0 E800 E31F 7254 Old fingerprint: 887A DA07 4DCC EE76 B413 27D4 C638 4189 6CF0 D556
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au