This rule should not have in-interface-list=WAN (but it’s not breaking port forwarding thanks to another further rule):
/ip firewall filter
add action=accept chain=forward comment="defconf: accept established,related, untracked" connection-state=established,related,untracked in-interface-list=WAN
Actually, there’s nothing I can see that would break port forwarding. You can try this to see more details about what’s going on. Use your ssh port, it will have least of unwanted traffic, since it’s non-standard.