Anyone knows how to block DDOS attack from the internet or LAN? What is the Firewall rule for that?

Depends how they are doing the attack.

http://forum.mikrotik.com//viewtopic.php?f=2&t=16586&p=78262&hilit=ddos#p78262
Have not needed to try it. Also try this: http://forum.mikrotik.com//search.php

For DDoS mitigation and ddos protected hosting i recommend GigabitDC. They even offer free migration.

/ip firewall filter
add action=add-src-to-address-list address-list=black_list
address-list-timeout=1d chain=input comment=“Add ddos to adress list”
connection-limit=10,32 disabled=no protocol=tcp
add action=log chain=input comment=“Log ddos” connection-limit=3,32 disabled=
no log-prefix=“FILTER, DDOS DROPPED:” protocol=tcp src-address-list=
black_list
add action=tarpit chain=input comment=“Tarpit ddos” connection-limit=3,32
disabled=no protocol=tcp src-address-list=black_list

[toor@extreme] /ip firewall connection tracking> export

mar/13/2009 17:42:47 by RouterOS 3.20

software id = 4H1M-LTT

/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s
tcp-close-wait-timeout=10s tcp-established-timeout=1d
tcp-fin-wait-timeout=10s tcp-last-ack-timeout=10s
tcp-syn-received-timeout=5s tcp-syn-sent-timeout=5s tcp-syncookie=yes
tcp-time-wait-timeout=10s udp-stream-timeout=3m udp-timeout=10s
[toor@extreme] /ip firewall connection tracking>