title post .... .... .... .... body title post .... .... .... ....
you can does by layer 7 protocol with regex.
http://l7-filter.sourceforge.net/layer7-protocols/protocols/vnc.pat
o by dst-port.
first add layer 7 regex for vnc
/ip firewall layer7-protocol
add name=vnc regexp="^rfb 00[1-9]\.00[0-9]\x0a$"and then add a filter rule
ip firewall filter
add action=drop chain=forward disabled=no layer7-protocol=vnc