The rules in the table raw of MikroTik RouterOS are not primarily used to block inputs, although it is technically possible to do so. Its main purpose is more specific and focuses on allowing or denying packet processing before they pass through trace connections, which can be useful to improve router performance in certain scenarios.

The raw table is used to configure rules that act at a very early stage of packet processing, before any other firewall rules in the tables. filter, nat: mangrove.

Uses

This means that the rules in the raw table can be used to:

• Bypass: Allow certain packets to bypass connection state processing, which can improve router performance by reducing the load on the CPU. This is especially useful for traffic that does not need to be inspected, such as trusted internal traffic or maintenance packets.
• Drop: Although not its primary use, rules in the raw table can be configured to discard packets before they are processed by connection tracing, which can be useful for blocking DDoS attacks or unwanted traffic efficiently.

The ability to handle packets at this early stage allows network administrators to optimize firewall performance, making packet processing more efficient by avoiding connection tracking for specific traffic that would otherwise consume CPU resources unnecessarily.

Botton line

Although the rules in the raw table can be used to block entries to the MikroTik, their primary and most valuable function is to optimize performance and traffic handling by allowing more granular control over how and when packets are processed by the router.