@dadoremix hvala ti !
Kopirao sam sljedece linije s mojim nazivom konekcije pppoe.
Neznam sto znace ostale linije pa ih nisam kopirao, ako ti nije problem mi malo pojasniti.
Ovako izgleda kod mene sada:
Code:
/ip firewall filter
add action=drop chain=input comment="drop port 21 s neta" dst-port=21 \
in-interface=pppoe protocol=tcp
add action=drop chain=input comment="drop ssh brute forcers" dst-port=22 \
protocol=tcp src-address-list=ssh_blacklist
add action=add-src-to-address-list address-list=ssh_blacklist \
address-list-timeout=1w3d chain=input connection-state=new dst-port=22 \
protocol=tcp src-address-list=ssh_stage3
add action=add-src-to-address-list address-list=ssh_stage3 \
address-list-timeout=1m chain=input connection-state=new dst-port=22 \
protocol=tcp src-address-list=ssh_stage2
add action=add-src-to-address-list address-list=ssh_stage2 \
address-list-timeout=1m chain=input connection-state=new dst-port=22 \
protocol=tcp src-address-list=ssh_stage1
add action=add-src-to-address-list address-list=ssh_stage1 \
address-list-timeout=1m chain=input connection-state=new dst-port=22 \
protocol=tcp
add action=drop chain=input dst-port=22 protocol=tcp
add action=drop chain=input comment="drop 23 s neta" dst-port=23 \
in-interface=pppoe protocol=tcp
add action=drop chain=input comment="drop httpa s neta" dst-port=80 \
in-interface=pppoe protocol=tcp
add action=drop chain=input comment="drop dns-a tcp s neta" dst-port=53 \
in-interface=pppoe protocol=tcp
add action=drop chain=input comment="drop dns-a udp s neta" dst-port=53 \
in-interface=pppoe protocol=udp