Thanks!
here’s my firewall i’m not sure where in part i made a mistake. How do i prevent it? its consuming bandwidth
/ip firewall filter
add action=fasttrack-connection chain=forward comment="fasttrack LAN" \
in-interface-list=LAN log-prefix=FT out-interface-list=LAN
add action=drop chain=forward comment="Drop invalid packets" \
connection-state=invalid in-interface=ether1
add action=accept chain=forward comment=\
"Allow established connections on Internet" connection-state=\
established,related in-interface=ether1 log-prefix=LAN
add action=accept chain=forward comment=\
"Allow established connections on LAN" connection-state=\
established,related in-interface-list=LAN out-interface-list=LAN
add action=drop chain=input comment="Drop invalid packets" connection-state=\
invalid in-interface=ether1 log=yes log-prefix=INVALID_PACKETS
add action=add-src-to-address-list address-list=UNKNOWN_IPS \
address-list-timeout=1d chain=input comment="Add to list ACK requests" \
connection-state=new in-interface=ether1 log=yes log-prefix=\
ADD_UNKNOWN_IPS protocol=tcp tcp-flags=!syn
add action=drop chain=input comment="Block UNKNOWN_IPs" in-interface=ether1 \
log=yes log-prefix=DROP_UNKNOWN_IPs src-address-list=UNKNOWN_IPS
add action=accept chain=input comment="Allow OpenVPN" dst-port=1194 \
in-interface=ether1 log-prefix=openvpn protocol=tcp src-address-list=\
!UNKNOWN_IPS
add action=accept chain=input comment="allow PPP devices" in-interface=\
all-ppp
add action=accept chain=input comment="Allow all outbound" connection-state=\
established,related in-interface=ether1 log-prefix=OUTBOUND-REPLY
add action=drop chain=input comment="drop all router request" in-interface=\
ether1 log-prefix=DROP_PACKETS