firewall

1️⃣ REGLAS BASE – FILTER (INPUT)

/ip firewall filter
add action=accept chain=input comment="Permitir Access Winbox" dst-port=8291 protocol=tcp
add action=accept chain=input comment="1 Deja entrar SOLO lo que ya existe" connection-state=established,related
add action=drop chain=input comment="2 Cierra servicios peligrosos" dst-port=21,22,23,8292,8080,3128 protocol=tcp
add action=drop chain=input dst-port=53 in-interface=WAN protocol=udp
add action=drop chain=input comment="3 Block all"