MikroTik

Hi,

I want to exclude an ipaddress from some of my firewall rules but I am not sure how to do this.

Thanks Mark

there are many ways. One of them is:
You can do it simply in winbox by check box by one click
ip->firewall->general ->add
in src address or dst addres (that depends on rule you are about to use) click on small box located on the left of address field, then appears exclamation mark (!) in there. This does mean that rule will work only with ip addressess whose do not satisfy that condition, in this specific case for example you want bypass the rule for a specific IP address lets say 10.0.0.1, then you should have that address in rule and exclamation mark before it in the box. That does mean IF IT IS NOT 10.0.0.1 THEN DO THE RULE. In case 10.0.0.1 rule is bypassed.
Hope that helps
Patrik

or just add a rule on the top of chain, with address=<your_address> and action = accept

i have a similar problem

i have a firewall working with a WEB PROXY working at the same time. All traffic directed to port 6565. The IP Pool is 192.168.1.150-192.168.1.250

i also have a VPN where the IP pool is 10.10.1.1-10.10.1.20

now i just want to exclude all VPN users from the firewall and webproxy and allow them full access.

i just cannot figure out how to achieve this.

just add a rule on the top of chain, with address=<your_address> and action = accept

both in Filter and NAT

thanx !!!

actually adding the rule in the NAT table only worked...

the same rule in Firewall table does not make any difference...

sorry for the very late reply.