Using fasttrack is reportedly safe to do (and is enabled by default in ROS versions released for last few years). Just make sure you’re running recent versions of ROS (either latest stable, 6.43 at this time, or latest long-term, 6.42 at this time).
With the options used in your action=fasttrack-connection … namely connection-state=established,related you’re instructing firewall to still evaluate all the rest of firewall rules for new connections. And all connections are new at the beginning, because this is the state of connection tracking engine in your RB (and only vaguely relates to the apparent IP connection state).
BTW, the second rule you’ve added (the same as action=fasttrack-connection but with action=accept) completely overlaps two of your previous rules:
I am very new to networking(mikrotik), I don’t really understand what I am doing. mostly copy and paste from the internet and this forum.
Could you please edit my firewall rules or maybe suggest better ones.
If you do, then make sure this rule comes near the top of list (3rd place would be fine).
This step is optional, it doesn’t change anything with regard to functionality, it only makes firewall filter list a tiny bit more readable (and shorter).
The rest of setup works, but it’s not according to the best practice (as used by majority users on this forum). We can go through it if you want to learn about RouterOS … if not, then it’s not worth the trouble.
Let me ask a question, do you know the purpose of all the rules you added and how they work.
In other words, unless you do you should stick with the default rules and then add one by one ensuring you know what each one does and how they may interact.
It seems that you have copied a bunch of rules from somewhere and added them to the config.
Also they are not in any order which makes it more suspect.
Almost all firewall rules you added either don’t make much sense [1] or don’t perform as you expected [2]. Either way you’re not enhancing security (much) and you probably should revert to default firewall rules. Those internet guides you’ve been following are not relevant with ROS versions since about 6.0 as since quite a few years ago it includes very decent default firewall rule set.
[1] your second and third fast-track rule accelerate DNS to fast-track explicitly while normal rule (the first one together with implicit accept all not dropped allowing outbound connections) would do the same after 2 or 3 packets exchanged (and most DNS requests don’t need much more than that to complete). In addition it opens your router to become public DNS recursive resolver which is considered as poor configuration practice.
[2] if you follow the default philosophy of using interface lists (and keep membership current), then most rules created on chain=input after rule
add action=drop chain=input comment="defconf: drop all not coming from LAN" in-interface-list=!LAN
will just mess with connections originating from your LAN as the quoted rule takes care about most unwanted connections from evil internet already.
I’ll repeat: recent routeros versions come with very decent firewall rules and unless one knows what he’s doing it’s not wise to change them.