[admin@MikroTik] > ip firewall filter printFlags: X - disabled, I - invalid, D

1. [admin@MikroTik] > ip firewall filter print
2. Flags: X - disabled, I - invalid, D - dynamic
3. 0 D ;;; special dummy rule to show fasttrack counters
4. chain=forward action=passthrough
5.  
6. 1 ;;; defconf: accept established,related, untracked
7. chain=forward action=accept connection-state=established,related,untracked
8.  
9. 2 ;;; XZ
10. chain=forward action=accept log=no log-prefix=""
11.  
12. 3 ;;; defconf: accept established,related,untracked
13. chain=input action=accept connection-state=established,related,untracked
14.  
15. 4 ;;; defconf: drop invalid
16. chain=input action=drop connection-state=invalid dst-address=11.11.11.11 log=no log-prefix=""
17.  
18. 5 ;;; defconf: accept ICMP
19. chain=input action=accept protocol=icmp
20.  
21. 6 ;;; defconf: accept to local loopback (for CAPsMAN)
22. chain=input action=accept dst-address=127.0.0.1
23.  
24. 7 ;;; defconf: drop all not coming from LAN
25. chain=input action=drop dst-address=11.11.11.11 in-interface-list=!LAN log=no log-prefix=""
26.  
27. 8 ;;; defconf: accept in ipsec policy
28. chain=forward action=accept ipsec-policy=in,ipsec
29.  
30. 9 ;;; defconf: accept out ipsec policy
31. chain=forward action=accept ipsec-policy=out,ipsec