Полный набор команд для защиты от вирусов, блокировки портов и многого другого 2.9

Зайди в новый терминал в Winbox, затем введи `ip firewall filter`.  Далее вставь все эти строки. Так ты обеспечишь безопасность на 95% и избежишь загруженности канала у твоих клиентов.

```
add chain=forward dst-port=445 protocol=tcp action=drop comment="Drop Blaster Worm."
add chain=forward dst-port=445 protocol=udp action=drop comment="Drop Blaster Worm."
add chain=forward dst-port=593 protocol=tcp action=drop comment=".........."
add chain=forward dst-port=1024-1030 protocol=tcp action=drop comment=".........."
add chain=forward dst-port=1080 protocol=tcp action=drop comment="Drop MyDoom"
add chain=forward dst-port=1214 protocol=tcp action=drop comment=".........."
add chain=forward dst-port=1363 protocol=tcp action=drop comment="ndm requester"
add chain=forward dst-port=1364 protocol=tcp action=drop comment="ndm server"
add chain=forward dst-port=1368 protocol=tcp action=drop comment="screen cast"
add chain=forward dst-port=1373 protocol=tcp action=drop comment="hromgrafx"
add chain=forward dst-port=1377 protocol=tcp action=drop comment="cichlid"
add chain=forward dst-port=1433-1434 protocol=tcp action=drop comment="Worm"
add chain=forward dst-port=2745 protocol=tcp action=drop comment="Bagle Virus"
add chain=forward dst-port=2283 protocol=tcp action=drop comment="Drop Dumaru.Y"
add chain=forward dst-port=2535 protocol=tcp action=drop comment="Drop Beagle"
add chain=forward dst-port=3127-3128 protocol=tcp action=drop comment="Drop MyDoom"
add chain=forward dst-port=3410 protocol=tcp action=drop comment="Drop Backdoor OptixPro"
add chain=forward dst-port=4444 protocol=tcp action=drop comment="Worm"
add chain=forward dst-port=4444 protocol=udp action=drop comment="Worm"
add chain=forward dst-port=5554 protocol=tcp action=drop comment="Drop Sasser"
add chain=forward dst-port=8866 protocol=tcp action=drop comment="Drop Beagle.B"
add chain=forward dst-port=10000 protocol=tcp action=drop comment="Drop Dumaru.Y"
add chain=forward dst-port=10080 protocol=tcp action=drop comment="Drop MyDoom.B"
add chain=forward dst-port=12345 protocol=tcp action=drop comment="Drop NetBus"
add chain=forward dst-port=17300 protocol=tcp action=drop comment="Drop Kuang2"
add chain=forward dst-port=27374 protocol=tcp action=drop comment="Drop SubSeven"
add chain=forward dst-port=65506 protocol=tcp action=drop comment="Drop PhatBot, Agobot, Gaobot"

add chain=input connection-state=invalid action=drop
comment="Drop invalid connections"
add chain=input connection-state=established
comment="Allow established connections"
add chain=input connection-state=related
comment="Allow related connections"
add chain=input protocol=udp comment="Allow UDP"
add chain=input protocol=icmp comment="Allow ICMP Ping"
src-address=10.5.50.0/24
comment="Allow access from our local network. Edit this!"
add chain=input src-address=10.5.50.0/24 protocol=tcp dst-port=8080
comment="This is web proxy service for our customers. Edit this!"
add chain=input protocol=tcp dst-port=8001
add chain=input action=drop log=yes
comment="Log and drop everything else"

add chain=forward dst-port=135-139 protocol=tcp action=drop comment="Drop Blaster Worm."
add chain=forward dst-port=135-139 protocol=udp action=drop comment="Drop Messenger Worm."
add chain=input dst-port=445 protocol=tcp action=drop comment="Drop Blaster Worm."
add chain=input dst-port=445 protocol=udp action=drop comment="Drop Blaster Worm."
add chain=input dst-port=593 protocol=tcp action=drop comment=".........."
add chain=input dst-port=1024-1030 protocol=tcp action=drop comment=".........."
add chain=input dst-port=1080 protocol=tcp action=drop comment="Drop MyDoom"
add chain=input dst-port=1214 protocol=tcp action=drop comment=".........."
add chain=input dst-port=1363 protocol=tcp action=drop comment="ndm requester"
add chain=input dst-port=1364 protocol=tcp action=drop comment="ndm server"
add chain=input dst-port=1368 protocol=tcp action=drop comment="screen cast"
add chain=input dst-port=1373 protocol=tcp action=drop comment="hromgrafx"
add chain=input dst-port=1377 protocol=tcp action=drop comment="cichlid"
add chain=input dst-port=1433-1434 protocol=tcp action=drop comment="Worm"
add chain=input dst-port=2745 protocol=tcp action=drop comment="Bagle Virus"
add chain=input dst-port=2283 protocol=tcp action=drop comment="Drop Dumaru.Y"
add chain=input dst-port=2535 protocol=tcp action=drop comment="Drop Beagle"
add chain=input dst-port=3127-3128 protocol=tcp action=drop comment="Drop MyDoom"
add chain=input dst-port=3410 protocol=tcp action=drop comment="Drop Backdoor OptixPro"
add chain=input dst-port=4444 protocol=tcp action=drop comment="Worm"
add chain=input dst-port=4444 protocol=udp action=drop comment="Worm"
add chain=input dst-port=5554 protocol=tcp action=drop comment="Drop Sasser"
add chain=input dst-port=8866 protocol=tcp action=drop comment="Drop Beagle.B"
add chain=input dst-port=10000 protocol=tcp action=drop comment="Drop Dumaru.Y"
add chain=input dst-port=10080 protocol=tcp action=drop comment="Drop MyDoom.B"
add chain=input dst-port=12345 protocol=tcp action=drop comment="Drop NetBus"
add chain=input dst-port=17300 protocol=tcp action=drop comment="Drop Kuang2"
add chain=input dst-port=27374 protocol=tcp action=drop comment="Drop SubSeven"
add chain=input dst-port=65506 protocol=tcp action=drop comment="Drop PhatBot, Agobot, Gaobot"
```