I have reviewed most of the forum posts with keywords that are similar but can’t see if this question has been asked and answered yet.
I would like to use:
https://mikrotikconfig.com/firewall/
To build a list of “good guys”, then drop anyone that’s not a good guy for anything “input” or “forward” chain related.
I saw a post that shows dropping “bad guys” here:
http://forum.mikrotik.com/t/blocking-ips-by-region/114895/8
What is the proper and most efficient way of doing this?
My current filter rules:
/ip firewall filter
add action=drop chain=input connection-state=invalid
add action=accept chain=input src-address-list=MyLAN
add action=accept chain=input connection-state=established
add action=drop chain=input
add action=accept chain=forward connection-state=established,related,untracked
add action=drop chain=forward connection-state=invalid
add action=accept chain=forward src-address-list=MyLAN
add action=accept chain=forward connection-nat-state=dstnat
add action=drop chain=forward
Consequences?
I realize that I may have to temporarily disable this rule to permit the router to download updates.