Hi.
I have a bruteforce blacklist in my device but I want to exclude 1 IP address, is that possible?
I Like to exclude 1 (or more IP address to be put on the blacklist address-list)

/ip firewall filtter
add chain=input protocol=tcp dst-port=22 src-address-list=ssh_blacklist action=drop \
comment="drop ssh brute forcers" disabled=no

add chain=input protocol=tcp dst-port=22 connection-state=new \
src-address-list=ssh_stage3 action=add-src-to-address-list address-list=ssh_blacklist \
address-list-timeout=10d comment="" disabled=no

add chain=input protocol=tcp dst-port=22 connection-state=new \
src-address-list=ssh_stage2 action=add-src-to-address-list address-list=ssh_stage3 \
address-list-timeout=1m comment="" disabled=no

add chain=input protocol=tcp dst-port=22 connection-state=new src-address-list=ssh_stage1 \
action=add-src-to-address-list address-list=ssh_stage2 address-list-timeout=1m comment="" disabled=no

add chain=input protocol=tcp dst-port=22 connection-state=new action=add-src-to-address-list \
address-list=ssh_stage1 address-list-timeout=1m comment="" disabled=no

I know but I want to be able to access from anywhere and that is not possible if you use whitelist.

I know but I want to be able to access from anywhere and that is not possible if you use whitelist.

Actually, Port Knocking allows for this.
https://wiki.mikrotik.com/wiki/Port_Knocking

But, the short answer is to add an accept for an Source IP before your brute force. Or edit brute force to include !Source IP.

For SSH I do the following.

1. Port Knocking
2. Use another port than 22
3. If some one tries a none open port on my system, the get blocked on all port for 24 hour..

PS I do not have SSH to my Router, but to a server. From that I can SSH to the Router.
The server is logged in many ways so I sees whats going on.