...
The address list records can also be updated dynamically via the action=add-src-to-address-list or action=add-dst-to-address-list items found in NAT, Mangle, and Filter facilities.
Firewall rules with action add-src-to-address-listor add-dst-to-address-list work in passthrough mode, which means that the matched packets will be passed to the next firewall rules.
...
| Property | Description |
|---|---|
| address (DNS Name | IP address/netmask | IP-IP; Default: ) | A single IP address or range of IPs to add to the address list or DNS name. You can input for example, '192.168.0.0-192.168.1.255' and it will auto modify the typed entry to 192.168.0.0/23 on saving. |
| dynamic (yes, no) | Allows creating data entry with dynamic form. |
| list (string; Default: ) | Name for the address list of the added IP address. |
| timeout (time; Default: ) | Time after address will be removed from the address list. If the timeout is not specified, the address will be stored in the address list permanently. |
| creation-time (time; Default: ) | Time The time when the entry was created. |
...
The following example creates a dynamic address list of people that who are connecting to port 23 (telnet) on the router and drops all further traffic from them for 5 minutes. Additionally, the address list will also contain one static address list entry of 192.0.34.166/32 (www.example.com):
...