The examination of the condition should be improved. The bound variable contains a string value ("0" or "1").

RB5009UPr+S+
Sign extension problem from righ shift, the lower 32bit is zero. As far as I know, this gives a result of -1.

I have developments on the subject. I would not recommend the content filter as a solution for collecting dns names because it causes significant cpu usage, and you cannot filter encrypted traffic with it (such as TLS). I would use the address list option if part of the fqdn is known and must be mat...

I apologize for not paying attention to the thread before I got sick, I had some thoughts. I'm glad that we made progress in solving the problem and that I was able to help a little. I think it's a good idea to use the two lists together, it bridges the time between copying and stabilizes the route....

It would be nice if they added the timeout option in the DNS Static menu to the address list. I had no better idea than a scheduled script that runs every 1 minute and copies from that address list to another one that I named with the _fixed suffix, I use that list in the firewall. Add this to the s...

I'm running out of ideas. I could run a dns cache flush in every minute from a scheduled script but it would even be better to just disable the cache completely. The cache cannot be turned off, static entries are made in the cache itself. The time of negative cache TTL comes from the SOA record, mi...

It turned out to me that your negatively cached record "PENZTAR-PC.VISZNET" were capitalized all the way through. I had a problem with the uppercase domain components. I don't think regexp matches because I didn't see the forwarding of resolve requests coming to the my bind9 DNS server. Tr...

If the forwarder resolves the name, then it returns the address and its own TTL. E.g. it should not be equal to the TTL of the FWD record, because it has its own TTL. My domain is forwarded to a bind9 nameserver. $TTL 86400 @ IN SOA ns0 hostmaster ( 202201269 ; serial 604800 ; refresh (1 week) 8640...

AFAIK the ending dot is local thing, it doesn't go into DNS packets. If you want to make sure that regexp matches only TLD and not something in the middle of hostname, end it with $. And I don't think that FWD record's TTL should affect anything. It's not real record, only instruction for resolver ...

I think when I switched from ros6 to ros7, the forward DNS didn't work for me.
Try edit FWD regex appeding "\.?$" for matching ending dot in the query, looks like
regexp=".*\.visznet\.?$" type=FWD forward-to=192.168.5.254 ttl=1d

RB4011iGS+ 7.1.3->7.1.5 Update seamless. CCR1009-7G-1C-1S+ 7.1.3->7.1.5 Config crash. First interface renamed, Wireguard config lost, firewall filter input good but nat table lost. PPP secrets half lost, PPPoe client config lost, IPSEC config lost, Router ID for OSPF lost, dhcp server setup good but...

Ahh.. It must have be lan communication the l2...
I knew in mikrotik router OS Ipsec determines which packets should or should not be tunneled after a sort of packet-switched policy match.
One question, needs adding policy matching for reply packet accept?

Thanks sindy and nagyizs for analyzing and try my faulting tip. I will a second try. The two ipaddress (192.168.19.254, 192.168.14.254) and IP endpoints of the tunnel sit on a vlan 99 tagged interface named BASE_VLAN so you are practically trying to transfer a L2 vlan through the L3 tunnel. Which se...

My idea is active connection tracking. Conntrack not see original packets addresses on router output chain (eg. ping echo request source, destination), only encoded IPSEC ESP addresses. Packets twice run on over prerouting chain, on first replied encrypted ESP data , on second phase decrypted reply ...

tamagochi - Do you mean that e-mail settings were corrupted? I do not see how this would be possible by this upgrade. If you downgrade router back, then setting re-appears? Please test if when you downgrade device, set TO parameter, upgrade back and the setting is gone again; No, e-mail settings are...

Email test is done, but sending e-mail from /tools/logging sender e-mail address is empty. Log showing: 21:16:03 e-mail,error Error sending e-mail <l2tp,ppp,info,account xxxxxxx logged out, 142 57839 5 : invalid TO address ------ Piece from e-mail server log: Feb 26 21:16:03 mail-xxxx postfix/submis...