Hello,
I configured in my Router this rule for open the port 80 TCP to my web server.
/ip firewall nat
add action=dst-nat chain=dstnat dst-port=80 in-interface=pppoe-out1 protocol=tcp to-addresses=192.168.1.230
I receibed a lot DDOS attacks to my web server from a 50 indentifiqued public ips. I will block this ips in the firewall using addresses list.
I bloqued using this rules.
/ip firewall
/ip firewall filter add chain=input src-address-list=blacklist action=drop
/ip firewall filter add chain=forward src-address-list=blacklist action=drop
Are these rules correct or better use output option?