Yes but why when reverting to ISP's router, everything works normal.
Here is my whole conf
/interface ethernet
set [ find default-name=ether1 ] name=ether1-WAN1
set [ find default-name=ether2 ] name=ether2-WAN2
set [ find default-name=ether3 ] disabled=yes
set [ find default-name=ether4 ] disabled=yes
/interface pppoe-client
add disabled=no interface=ether1-WAN1 name=pppoe-CYTA1 password=***** user=\
*******
add disabled=no interface=ether2-WAN2 name=pppoe-CYTA2 password=***** user=\
*******
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip firewall layer7-protocol
add name=edonkey regexp="^[\C5\D4\E3-\E5].\?.\?.\?.\?([\01\02\05\14\15\16\18\
\19\1A\1B\1C !234568@ABCFGHIJKLMNOPQRSTUVWX[`\81\82\90\91\93\96\97\98\99\
\9A\9B\9C\9E\A0\A1\A2\A3\A4]|Y................\?[ -~]|\96....\$)"
add name=goboogy regexp="<peerplat>|^get /getfilebyhash\\.cgi\\\?|^get /queue_\
register\\.cgi\\\?|^get /getupdowninfo\\.cgi\\\?"
add name=soribada regexp="^GETMP3\r\
\nFilename|^\01.\?.\?.\?(Q:\\+|Q2:)|^\10[\14-\16]\10[\15-\17].\?.\?.\?.\?\
\$"
add name=rdp regexp=rdpdr.*cliprdr.*rdpsnd
add name=gnutella regexp="^(gnd[\01\02]\?.\?.\?\01|gnutella connect/[012]\\.[0\
-9]\r\
\n|get /uri-res/n2r\\\?urn:sha1:|get /.*user-agent: (gtk-gnutella|bearshar\
e|mactella|gnucleus|gnotella|limewire|imesh)|get /.*content-type: applicat\
ion/x-gnutella-packets|giv [0-9]*:[0-9a-f]*/|queue [0-9a-f]* [1-9][0-9]\?[\
0-9]\?\\.[1-9][0-9]\?[0-9]\?\\.[1-9][0-9]\?[0-9]\?\\.[1-9][0-9]\?[0-9]\?:[\
1-9][0-9]\?[0-9]\?[0-9]\?|gnutella.*content-type: application/x-gnutella|.\
..................\?lime)"
add name=cvs regexp="^BEGIN (AUTH|VERIFICATION|GSSAPI) REQUEST\
\n"
add name=nbns regexp="\01\10\01|\\)\10\01\01|0\10\01"
add name=shoutcast regexp=\
"icy [1-5][0-9][0-9] [\t-\r -~]*(content-type:audio|icy-)"
add name=dns regexp="^.\?.\?.\?.\?[\01\02].\?.\?.\?.\?.\?.\?[\01-\?][a-z0-9][\
\01-\?a-z]*[\02-\06][a-z][a-z][fglmoprstuvz]\?[aeop]\?(um)\?[\01-\10\1C][\
\01\03\04\FF]"
add name=quake-halflife regexp="^\FF\FF\FF\FFget(info|challenge)"
add name=poco regexp="^\80\94\
\n\01....\1F\9E"
add name=ciscovpn regexp="^\01\F4\01\F4"
add name=x11 regexp="^[lb].\?\0B"
add name=xboxlive regexp="^X\80........\F3|^\06XN"
add name=applejuice regexp="^ajprot\r\
\n"
add name=zmaap regexp="^\1B\D7;H[\01\02]\01\?\01"
add name=live365 regexp=membername.*session.*player
add name=rlogin regexp="^[a-z][a-z0-9][a-z0-9]+/[1-9][0-9]\?[0-9]\?[0-9]\?00"
add name=http regexp="http/(0\\.9|1\\.0|1\\.1) [1-5][0-9][0-9] [\t-\r -~]*(con\
nection:|content-type:|content-length:|date:)|post [\t-\r -~]* http/[01]\\\
.[019]"
add name=sip regexp=\
"^(invite|register|cancel) sip[\t-\r -~]*sip/[0-2]\\.[0-9]"
add name=pop3 regexp="^(\\+ok |-err )"
add name=smb regexp="\FFsmb[r%]"
add name=quake1 regexp="^\80\0C\01quake\03"
add name=lpd regexp="^(\01[!-~]+|\02[!-~]+\
\n.[\01\02\03][\01-\
\n -~]*|[\03\04][!-~]+[\t-\r]+[a-z][\t-\r -~]*|\05[!-~]+[\t-\r]+([a-z][!-~\
]*[\t-\r]+[1-9][0-9]\?[0-9]\?|root[\t-\r]+[!-~]+).*)\
\n\$"
add name=mute regexp="^(Public|AES)Key: [0-9a-f]*\
\nEnd(Public|AES)Key\
\n\$"
add name=ssh regexp="^ssh-[12]\\.[0-9]"
add name=jabber regexp=\
"<stream:stream[\t-\r ][ -~]*[\t-\r ]xmlns=['\"]jabber"
add name=bittorrent regexp="^(\13bittorrent protocol|azver\01\$|get /scrape\\\
\?info_hash=)|d1:ad2:id20:|\08'7P\\)[RP]"
add name=ncp regexp="^(dmdt.*\01.*(\"\"|\11\11|uu)|tncp.*33)"
add name=tls regexp="^(.\?.\?\16\03.*\16\03|.\?.\?\01\03\01\?.*\0B)"
add name=directconnect regexp="^(\\\$mynick |\\\$lock |\\\$key )"
add name=netbios regexp="\81.\?.\?.[A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-\
P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A\
-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][\
A-P][A-P]"
add name=tftp regexp="^(\01|\02)[ -~]*(netascii|octet|mail)"
add name=subspace regexp="^\01....\11\10........\01\$"
add name=hotline regexp="^....................TRTPHOTL\01\02"
add name=doom3 regexp="^\FF\FFchallenge"
add name=ftp regexp="^220[\t-\r -~]*ftp"
add name=kugoo regexp="^1..\8E"
add name=tsp regexp="^[\01-\13\16-\$]\01.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?[ -~]+"
add name=battlefield1942 regexp="^\01\11\10\\|\F8\02\10@\06"
add name=ssdp regexp="^notify[\t-\r ]\\*[\t-\r ]http/1\\.1[\t-\r -~]*ssdp:(ali\
ve|byebye)|^m-search[\t-\r ]\\*[\t-\r ]http/1\\.1[\t-\r -~]*ssdp:discover"
add name=imap regexp="^(\\* ok|a[0-9]+ noop)"
add name=ares regexp="^\03[]Z].\?.\?\05\$"
add name=fasttrack regexp="^get (/.download/[ -~]*|/.supernode[ -~]|/.status[ \
-~]|/.network[ -~]*|/.files|/.hash=[0-9a-f]*/[ -~]*) http/1.1|user-agent: \
kazaa|x-kazaa(-username|-network|-ip|-supernodeip|-xferid|-xferuid|tag)|^g\
ive [0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]\?[0-9]\?[0-9]\?"
add name=qq regexp="^.\?\02.+\03\$"
add name=100bao regexp="^\01\01\05\
\n"
add name=aim regexp=\
"^(\\*[\01\02].*\03\0B|\\*\01.\?.\?.\?.\?\01)|flapon|toc_signon.*0x"
add name=unknown regexp=.
add name=msn-filetransfer regexp=\
"^(ver [ -~]*msnftp\r\
\nver msnftp\r\
\nusr|method msnmsgr:)"
add name=yahoo regexp="^(ymsg|ypns|yhoo).\?.\?.\?.\?.\?.\?.\?[lwt].*\C0\80"
add name=validcertssl regexp="^(.\?.\?\16\03.*\16\03|.\?.\?\01\03\01\?.*\0B).*\
(thawte|equifax secure|rsa data security, inc|verisign, inc|gte cybertrust\
\_root|entrust\\.net limited)"
add name=ntp regexp="^([\13\1B#\D3\DB\E3]|[\14\1C\$].......\?.\?.\?.\?.\?.\?.\
\?.\?.\?[\C6-\FF])"
add name=gnucleuslan regexp=\
"gnuclear connect/[\t-\r -~]*user-agent: gnucleus [\t-\r -~]*lan:"
add name=vnc regexp="^rfb 00[1-9]\\.00[0-9]\
\n\$"
add name=bgp regexp=\
"^\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF..\?\01[\03\04]"
add name=tesla regexp="\03\9A\89\"111\\.00 Beta |\E2<i\1E\1C\E9"
add name=openft regexp="x-openftalias: [-)(0-9a-z ~.]"
add name=h323 regexp=\
"^\03..\?\08...\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?\05"
add name=finger regexp=\
"^[a-z][a-z0-9\\-_]+|login: [\t-\r -~]* name: [\t-\r -~]* Directory:"
add name=ident regexp="^[1-9][0-9]\?[0-9]\?[0-9]\?[0-9]\?[\t-\r]*,[\t-\r]*[1-9\
][0-9]\?[0-9]\?[0-9]\?[0-9]\?(\r\
\n|[\r\
\n])\?\$"
add name=gkrellm regexp="^gkrellm [23].[0-9].[0-9]\
\n\$"
add name=hddtemp regexp=\
"^\\|/dev/[a-z][a-z][a-z]\\|[0-9a-z]*\\|[0-9][0-9]\\|[cfk]\\|"
add name=socks regexp="\05[\01-\08]*\05[\01-\08]\?.*\05[\01-\03][\01\03].*\05[\
\01-\08]\?[\01\03]"
add name=biff regexp="^[a-z][a-z0-9]+@[1-9][0-9]+\$"
add name=dhcp regexp="^[\01\02][\01- ]\06.*c\82sc"
add name=smtp regexp="^220[\t-\r -~]* (e\?smtp|simple mail)"
add name=ipp regexp=ipp://
add name=msnmessenger regexp="ver [0-9]+ msnp[1-9][0-9]\? [\t-\r -~]*cvr0\r\
\n\$|usr 1 [!-~]+ [0-9. ]+\r\
\n\$|ans 1 [!-~]+ [0-9. ]+\r\
\n\$"
add name=irc regexp="^(nick[\t-\r -~]*user[\t-\r -~]*:|user[\t-\r -~]*:[\02-\r\
\_-~]*nick[\t-\r -~]*\r\
\n)"
add name=gopher regexp="^[\t-\r]*[1-9,+tgi][\t-\r -~]*\t[\t-\r -~]*\t[a-z0-9.]\
*\\.[a-z][a-z].\?.\?\t[1-9]"
add name=telnet regexp="^\FF[\FB-\FE].\FF[\FB-\FE].\FF[\FB-\FE]"
add name=snmp regexp="^\02\01\04.+([\A0-\A3]\02[\01-\04].\?.\?.\?.\?\02\01.\?\
\02\01.\?0|\A4\06.+@\04.\?.\?.\?.\?\02\01.\?\02\01.\?C)"
add name=nntp regexp=\
"^(20[01][\t-\r -~]*AUTHINFO USER|20[01][\t-\r -~]*news)"
add name=aimwebcontent regexp=user-agent:aim/
add name=rtsp regexp="rtsp/1.0 200 ok"
add name=skypeout regexp="^(\01.\?.\?.\?.\?.\?.\?.\?.\?\01|\02.\?.\?.\?.\?.\?.\
\?.\?.\?\02|\03.\?.\?.\?.\?.\?.\?.\?.\?\03|\04.\?.\?.\?.\?.\?.\?.\?.\?\04|\
\05.\?.\?.\?.\?.\?.\?.\?.\?\05|\06.\?.\?.\?.\?.\?.\?.\?.\?\06|\07.\?.\?.\?\
.\?.\?.\?.\?.\?\07|\08.\?.\?.\?.\?.\?.\?.\?.\?\08|\t.\?.\?.\?.\?.\?.\?.\?.\
\?\t|\
\n.\?.\?.\?.\?.\?.\?.\?.\?\
\n|\0B.\?.\?.\?.\?.\?.\?.\?.\?\0B|\0C.\?.\?.\?.\?.\?.\?.\?.\?\0C|\r.\?.\?.\
\?.\?.\?.\?.\?.\?\r|\0E.\?.\?.\?.\?.\?.\?.\?.\?\0E|\0F.\?.\?.\?.\?.\?.\?.\
\?.\?\0F|\10.\?.\?.\?.\?.\?.\?.\?.\?\10|\11.\?.\?.\?.\?.\?.\?.\?.\?\11|\12\
.\?.\?.\?.\?.\?.\?.\?.\?\12|\13.\?.\?.\?.\?.\?.\?.\?.\?\13|\14.\?.\?.\?.\?\
.\?.\?.\?.\?\14|\15.\?.\?.\?.\?.\?.\?.\?.\?\15|\16.\?.\?.\?.\?.\?.\?.\?.\?\
\16|\17.\?.\?.\?.\?.\?.\?.\?.\?\17|\18.\?.\?.\?.\?.\?.\?.\?.\?\18|\19.\?.\
\?.\?.\?.\?.\?.\?.\?\19|\1A.\?.\?.\?.\?.\?.\?.\?.\?\1A|\1B.\?.\?.\?.\?.\?.\
\?.\?.\?\1B|\1C.\?.\?.\?.\?.\?.\?.\?.\?\1C|\1D.\?.\?.\?.\?.\?.\?.\?.\?\1D|\
\1E.\?.\?.\?.\?.\?.\?.\?.\?\1E|\1F.\?.\?.\?.\?.\?.\?.\?.\?\1F| .\?.\?.\?.\
\?.\?.\?.\?.\? |!.\?.\?.\?.\?.\?.\?.\?.\?!|\".\?.\?.\?.\?.\?.\?.\?.\?\"|#.\
\?.\?.\?.\?.\?.\?.\?.\?#|\\\$.\?.\?.\?.\?.\?.\?.\?.\?\\\$|%.\?.\?.\?.\?.\?\
.\?.\?.\?%|&.\?.\?.\?.\?.\?.\?.\?.\?&|'.\?.\?.\?.\?.\?.\?.\?.\?'|\\(.\?.\?\
.\?.\?.\?.\?.\?.\?\\(|\\).\?.\?.\?.\?.\?.\?.\?.\?\\)|\\*.\?.\?.\?.\?.\?.\?\
.\?.\?\\*|\\+.\?.\?.\?.\?.\?.\?.\?.\?\\+|,.\?.\?.\?.\?.\?.\?.\?.\?,|-.\?.\
\?.\?.\?.\?.\?.\?.\?-|\\..\?.\?.\?.\?.\?.\?.\?.\?\\.|/.\?.\?.\?.\?.\?.\?.\
\?.\?/|0.\?.\?.\?.\?.\?.\?.\?.\?0|1.\?.\?.\?.\?.\?.\?.\?.\?1|2.\?.\?.\?.\?\
.\?.\?.\?.\?2|3.\?.\?.\?.\?.\?.\?.\?.\?3|4.\?.\?.\?.\?.\?.\?.\?.\?4|5.\?.\
\?.\?.\?.\?.\?.\?.\?5|6.\?.\?.\?.\?.\?.\?.\?.\?6|7.\?.\?.\?.\?.\?.\?.\?.\?\
7|8.\?.\?.\?.\?.\?.\?.\?.\?8|9.\?.\?.\?.\?.\?.\?.\?.\?9|:.\?.\?.\?.\?.\?.\
\?.\?.\?:|;.\?.\?.\?.\?.\?.\?.\?.\?;|<.\?.\?.\?.\?.\?.\?.\?.\?<|=.\?.\?.\?\
.\?.\?.\?.\?.\?=|>.\?.\?.\?.\?.\?.\?.\?.\?>|\\\?.\?.\?.\?.\?.\?.\?.\?.\?\\\
\?|@.\?.\?.\?.\?.\?.\?.\?.\?@|A.\?.\?.\?.\?.\?.\?.\?.\?A|B.\?.\?.\?.\?.\?.\
\?.\?.\?B|C.\?.\?.\?.\?.\?.\?.\?.\?C|D.\?.\?.\?.\?.\?.\?.\?.\?D|E.\?.\?.\?\
.\?.\?.\?.\?.\?E|F.\?.\?.\?.\?.\?.\?.\?.\?F|G.\?.\?.\?.\?.\?.\?.\?.\?G|H.\
\?.\?.\?.\?.\?.\?.\?.\?H|I.\?.\?.\?.\?.\?.\?.\?.\?I|J.\?.\?.\?.\?.\?.\?.\?\
.\?J|K.\?.\?.\?.\?.\?.\?.\?.\?K|L.\?.\?.\?.\?.\?.\?.\?.\?L|M.\?.\?.\?.\?.\
\?.\?.\?.\?M|N.\?.\?.\?.\?.\?.\?.\?.\?N|O.\?.\?.\?.\?.\?.\?.\?.\?O|P.\?.\?\
.\?.\?.\?.\?.\?.\?P|Q.\?.\?.\?.\?.\?.\?.\?.\?Q|R.\?.\?.\?.\?.\?.\?.\?.\?R|\
S.\?.\?.\?.\?.\?.\?.\?.\?S|T.\?.\?.\?.\?.\?.\?.\?.\?T|U.\?.\?.\?.\?.\?.\?.\
\?.\?U|V.\?.\?.\?.\?.\?.\?.\?.\?V|W.\?.\?.\?.\?.\?.\?.\?.\?W|X.\?.\?.\?.\?\
.\?.\?.\?.\?X|Y.\?.\?.\?.\?.\?.\?.\?.\?Y|Z.\?.\?.\?.\?.\?.\?.\?.\?Z|\\[.\?\
.\?.\?.\?.\?.\?.\?.\?\\[|\\].\?.\?.\?.\?.\?.\?.\?.\?\\]|\\].\?.\?.\?.\?.\?\
.\?.\?.\?\\]|\\^.\?.\?.\?.\?.\?.\?.\?.\?\\^|_.\?.\?.\?.\?.\?.\?.\?.\?_|`.\
\?.\?.\?.\?.\?.\?.\?.\?`|a.\?.\?.\?.\?.\?.\?.\?.\?a|b.\?.\?.\?.\?.\?.\?.\?\
.\?b|c.\?.\?.\?.\?.\?.\?.\?.\?c|d.\?.\?.\?.\?.\?.\?.\?.\?d|e.\?.\?.\?.\?.\
\?.\?.\?.\?e|f.\?.\?.\?.\?.\?.\?.\?.\?f|g.\?.\?.\?.\?.\?.\?.\?.\?g|h.\?.\?\
.\?.\?.\?.\?.\?.\?h|i.\?.\?.\?.\?.\?.\?.\?.\?i|j.\?.\?.\?.\?.\?.\?.\?.\?j|\
k.\?.\?.\?.\?.\?.\?.\?.\?k|l.\?.\?.\?.\?.\?.\?.\?.\?l|m.\?.\?.\?.\?.\?.\?.\
\?.\?m|n.\?.\?.\?.\?.\?.\?.\?.\?n|o.\?.\?.\?.\?.\?.\?.\?.\?o|p.\?.\?.\?.\?\
.\?.\?.\?.\?p|q.\?.\?.\?.\?.\?.\?.\?.\?q|r.\?.\?.\?.\?.\?.\?.\?.\?r|s.\?.\
\?.\?.\?.\?.\?.\?.\?s|t.\?.\?.\?.\?.\?.\?.\?.\?t|u.\?.\?.\?.\?.\?.\?.\?.\?\
u|v.\?.\?.\?.\?.\?.\?.\?.\?v|w.\?.\?.\?.\?.\?.\?.\?.\?w|x.\?.\?.\?.\?.\?.\
\?.\?.\?x|y.\?.\?.\?.\?.\?.\?.\?.\?y|z.\?.\?.\?.\?.\?.\?.\?.\?z|\\{.\?.\?.\
\?.\?.\?.\?.\?.\?\\{|\\|.\?.\?.\?.\?.\?.\?.\?.\?\\||\\}.\?.\?.\?.\?.\?.\?.\
\?.\?\\}|~.\?.\?.\?.\?.\?.\?.\?.\?~|\7F.\?.\?.\?.\?.\?.\?.\?.\?\7F|\80.\?.\
\?.\?.\?.\?.\?.\?.\?\80|\81.\?.\?.\?.\?.\?.\?.\?.\?\81|\82.\?.\?.\?.\?.\?.\
\?.\?.\?\82|\83.\?.\?.\?.\?.\?.\?.\?.\?\83|\84.\?.\?.\?.\?.\?.\?.\?.\?\84|\
\85.\?.\?.\?.\?.\?.\?.\?.\?\85|\86.\?.\?.\?.\?.\?.\?.\?.\?\86|\87.\?.\?.\?\
.\?.\?.\?.\?.\?\87|\88.\?.\?.\?.\?.\?.\?.\?.\?\88|\89.\?.\?.\?.\?.\?.\?.\?\
.\?\89|\8A.\?.\?.\?.\?.\?.\?.\?.\?\8A|\8B.\?.\?.\?.\?.\?.\?.\?.\?\8B|\8C.\
\?.\?.\?.\?.\?.\?.\?.\?\8C|\8D.\?.\?.\?.\?.\?.\?.\?.\?\8D|\8E.\?.\?.\?.\?.\
\?.\?.\?.\?\8E|\8F.\?.\?.\?.\?.\?.\?.\?.\?\8F|\90.\?.\?.\?.\?.\?.\?.\?.\?\
\90|\91.\?.\?.\?.\?.\?.\?.\?.\?\91|\92.\?.\?.\?.\?.\?.\?.\?.\?\92|\93.\?.\
\?.\?.\?.\?.\?.\?.\?\93|\94.\?.\?.\?.\?.\?.\?.\?.\?\94|\95.\?.\?.\?.\?.\?.\
\?.\?.\?\95|\96.\?.\?.\?.\?.\?.\?.\?.\?\96|\97.\?.\?.\?.\?.\?.\?.\?.\?\97|\
\98.\?.\?.\?.\?.\?.\?.\?.\?\98|\99.\?.\?.\?.\?.\?.\?.\?.\?\99|\9A.\?.\?.\?\
.\?.\?.\?.\?.\?\9A|\9B.\?.\?.\?.\?.\?.\?.\?.\?\9B|\9C.\?.\?.\?.\?.\?.\?.\?\
.\?\9C|\9D.\?.\?.\?.\?.\?.\?.\?.\?\9D|\9E.\?.\?.\?.\?.\?.\?.\?.\?\9E|\9F.\
\?.\?.\?.\?.\?.\?.\?.\?\9F|\A0.\?.\?.\?.\?.\?.\?.\?.\?\A0|\A1.\?.\?.\?.\?.\
\?.\?.\?.\?\A1|\A2.\?.\?.\?.\?.\?.\?.\?.\?\A2|\A3.\?.\?.\?.\?.\?.\?.\?.\?\
\A3|\A4.\?.\?.\?.\?.\?.\?.\?.\?\A4|\A5.\?.\?.\?.\?.\?.\?.\?.\?\A5|\A6.\?.\
\?.\?.\?.\?.\?.\?.\?\A6|\A7.\?.\?.\?.\?.\?.\?.\?.\?\A7|\A8.\?.\?.\?.\?.\?.\
\?.\?.\?\A8|\A9.\?.\?.\?.\?.\?.\?.\?.\?\A9|\AA.\?.\?.\?.\?.\?.\?.\?.\?\AA|\
\AB.\?.\?.\?.\?.\?.\?.\?.\?\AB|\AC.\?.\?.\?.\?.\?.\?.\?.\?\AC|\AD.\?.\?.\?\
.\?.\?.\?.\?.\?\AD|\AE.\?.\?.\?.\?.\?.\?.\?.\?\AE|\AF.\?.\?.\?.\?.\?.\?.\?\
.\?\AF|\B0.\?.\?.\?.\?.\?.\?.\?.\?\B0|\B1.\?.\?.\?.\?.\?.\?.\?.\?\B1|\B2.\
\?.\?.\?.\?.\?.\?.\?.\?\B2|\B3.\?.\?.\?.\?.\?.\?.\?.\?\B3|\B4.\?.\?.\?.\?.\
\?.\?.\?.\?\B4|\B5.\?.\?.\?.\?.\?.\?.\?.\?\B5|\B6.\?.\?.\?.\?.\?.\?.\?.\?\
\B6|\B7.\?.\?.\?.\?.\?.\?.\?.\?\B7|\B8.\?.\?.\?.\?.\?.\?.\?.\?\B8|\B9.\?.\
\?.\?.\?.\?.\?.\?.\?\B9|\BA.\?.\?.\?.\?.\?.\?.\?.\?\BA|\BB.\?.\?.\?.\?.\?.\
\?.\?.\?\BB|\BC.\?.\?.\?.\?.\?.\?.\?.\?\BC|\BD.\?.\?.\?.\?.\?.\?.\?.\?\BD|\
\BE.\?.\?.\?.\?.\?.\?.\?.\?\BE|\BF.\?.\?.\?.\?.\?.\?.\?.\?\BF|\C0.\?.\?.\?\
.\?.\?.\?.\?.\?\C0|\C1.\?.\?.\?.\?.\?.\?.\?.\?\C1|\C2.\?.\?.\?.\?.\?.\?.\?\
.\?\C2|\C3.\?.\?.\?.\?.\?.\?.\?.\?\C3|\C4.\?.\?.\?.\?.\?.\?.\?.\?\C4|\C5.\
\?.\?.\?.\?.\?.\?.\?.\?\C5|\C6.\?.\?.\?.\?.\?.\?.\?.\?\C6|\C7.\?.\?.\?.\?.\
\?.\?.\?.\?\C7|\C8.\?.\?.\?.\?.\?.\?.\?.\?\C8|\C9.\?.\?.\?.\?.\?.\?.\?.\?\
\C9|\CA.\?.\?.\?.\?.\?.\?.\?.\?\CA|\CB.\?.\?.\?.\?.\?.\?.\?.\?\CB|\CC.\?.\
\?.\?.\?.\?.\?.\?.\?\CC|\CD.\?.\?.\?.\?.\?.\?.\?.\?\CD|\CE.\?.\?.\?.\?.\?.\
\?.\?.\?\CE|\CF.\?.\?.\?.\?.\?.\?.\?.\?\CF|\D0.\?.\?.\?.\?.\?.\?.\?.\?\D0|\
\D1.\?.\?.\?.\?.\?.\?.\?.\?\D1|\D2.\?.\?.\?.\?.\?.\?.\?.\?\D2|\D3.\?.\?.\?\
.\?.\?.\?.\?.\?\D3|\D4.\?.\?.\?.\?.\?.\?.\?.\?\D4|\D5.\?.\?.\?.\?.\?.\?.\?\
.\?\D5|\D6.\?.\?.\?.\?.\?.\?.\?.\?\D6|\D7.\?.\?.\?.\?.\?.\?.\?.\?\D7|\D8.\
\?.\?.\?.\?.\?.\?.\?.\?\D8|\D9.\?.\?.\?.\?.\?.\?.\?.\?\D9|\DA.\?.\?.\?.\?.\
\?.\?.\?.\?\DA|\DB.\?.\?.\?.\?.\?.\?.\?.\?\DB|\DC.\?.\?.\?.\?.\?.\?.\?.\?\
\DC|\DD.\?.\?.\?.\?.\?.\?.\?.\?\DD|\DE.\?.\?.\?.\?.\?.\?.\?.\?\DE|\DF.\?.\
\?.\?.\?.\?.\?.\?.\?\DF|\E0.\?.\?.\?.\?.\?.\?.\?.\?\E0|\E1.\?.\?.\?.\?.\?.\
\?.\?.\?\E1|\E2.\?.\?.\?.\?.\?.\?.\?.\?\E2|\E3.\?.\?.\?.\?.\?.\?.\?.\?\E3|\
\E4.\?.\?.\?.\?.\?.\?.\?.\?\E4|\E5.\?.\?.\?.\?.\?.\?.\?.\?\E5|\E6.\?.\?.\?\
.\?.\?.\?.\?.\?\E6|\E7.\?.\?.\?.\?.\?.\?.\?.\?\E7|\E8.\?.\?.\?.\?.\?.\?.\?\
.\?\E8|\E9.\?.\?.\?.\?.\?.\?.\?.\?\E9|\EA.\?.\?.\?.\?.\?.\?.\?.\?\EA|\EB.\
\?.\?.\?.\?.\?.\?.\?.\?\EB|\EC.\?.\?.\?.\?.\?.\?.\?.\?\EC|\ED.\?.\?.\?.\?.\
\?.\?.\?.\?\ED|\EE.\?.\?.\?.\?.\?.\?.\?.\?\EE|\EF.\?.\?.\?.\?.\?.\?.\?.\?\
\EF|\F0.\?.\?.\?.\?.\?.\?.\?.\?\F0|\F1.\?.\?.\?.\?.\?.\?.\?.\?\F1|\F2.\?.\
\?.\?.\?.\?.\?.\?.\?\F2|\F3.\?.\?.\?.\?.\?.\?.\?.\?\F3|\F4.\?.\?.\?.\?.\?.\
\?.\?.\?\F4|\F5.\?.\?.\?.\?.\?.\?.\?.\?\F5|\F6.\?.\?.\?.\?.\?.\?.\?.\?\F6|\
\F7.\?.\?.\?.\?.\?.\?.\?.\?\F7|\F8.\?.\?.\?.\?.\?.\?.\?.\?\F8|\F9.\?.\?.\?\
.\?.\?.\?.\?.\?\F9|\FA.\?.\?.\?.\?.\?.\?.\?.\?\FA|\FB.\?.\?.\?.\?.\?.\?.\?\
.\?\FB|\FC.\?.\?.\?.\?.\?.\?.\?.\?\FC|\FD.\?.\?.\?.\?.\?.\?.\?.\?\FD|\FE.\
\?.\?.\?.\?.\?.\?.\?.\?\FE|\FF.\?.\?.\?.\?.\?.\?.\?.\?\FF)"
add name=skypetoskype regexp="^..\02............."
add name=counterstrike-source regexp="^\FF\FF\FF\FF.*cstrikeCounter-Strike"
add name=halflife2-deathmatch regexp="^\FF\FF\FF\FF.*hl2mpDeathmatch"
add name=freenet regexp="^\01[\08\t][\03\04]"
add name=battlefield2 regexp="^(\11 \01...\?\11|\FE\FD.\?.\?.\?.\?.\?.\?(\14\
\01\06|\FF\FF\FF))|[]\01].\?battlefield2"
add name=napster regexp="^(.[\02\06][!-~]+ [!-~]+ [0-9][0-9]\?[0-9]\?[0-9]\?[0\
-9]\? \"[\t-\r -~]+\" ([0-9]|10)|1(send|get)[!-~]+ \"[\t-\r -~]+\")"
add name=soulseek regexp="^(\05..\?|.\01.[ -~]+\01F..\?.\?.\?.\?.\?.\?.\?)\$"
add name=xunlei regexp="^[()]...\?.\?.\?(reg|get|query)"
add name=ssl regexp="^(.\?.\?\16\03.*\16\03|.\?.\?\01\03\01\?.*\0B)"
add name=citrix regexp="2&\85\92X"
add name=whois regexp="^[ !-~]+\r\
\n\$"
add name=dayofdefeat-source regexp="^\FF\FF\FF\FF.*dodDay of Defeat"
add name=teamspeak regexp="^\F4\BE\03.*teamspeak"
add name=worldofwarcraft regexp="^\06\EC\01"
add name=ventrilo regexp="^..\?v\\\$\CF"
add name=http-rtsp regexp="^(get[\t-\r -~]* Accept: application/x-rtsp-tunnell\
ed|http/(0\\.9|1\\.0|1\\.1) [1-5][0-9][0-9] [\t-\r -~]*a=control:rtsp://)"
add name=thecircle regexp=\
"^t\03ni.\?[\01-\06]\?t[\01-\05]s[\
\n\0B](glob|who are you\$|query data)"
add name=uucp regexp="^\10here="
add name=pcanywhere regexp="^(nq|st)\$"
add name=subversion regexp="^\\( success \\( 1 2 \\("
add name=imesh regexp="^(post[\t-\r -~]*<PasswordHash>........................\
........</PasswordHash><ClientVer>|4\80\?\r\?\FC\FF\04|get[\t-\r -~]*Host:\
\_imsh\\.download-prod\\.musicnet\\.com|\02(\01|\02)\83.\?.\?.\?.\?.\?.\?.\
\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?\02(\01|\
\02)\83)"
add name=cimd regexp="\02[0-4][0-9]:[0-9]+.*\03\$"
add name=mohaa regexp="^\FF\FF\FF\FFgetstatus\
\n"
add name=stun regexp="^[\01\02]................\?\$"
add name=tor regexp=TOR1.*<identity>
add name=radmin regexp="^\01\01(\08\08|\1B\1B)\$"
add name=unset regexp=.
add name=chikka regexp="^CTPv1.[123] Kamusta.*\r\
\n\$"
add name=replaytv-ivs regexp="^(get /ivs-IVSGetFileChunk|http/(0\\.9|1\\.0|1\\\
.1) [1-5][0-9][0-9] [\t-\r -~]*#####REPLAY_CHUNK_START#####)"
add name=armagetron regexp=YCLC_E|CYEL
add name=streaming regexp=videoplayback|video
add name=DENIED regexp="^.+(facebook.com|youporn.com).*\$"
add name=streaming-audio regexp=audioplayback|audio
add name=download regexp="^.*get.+\\.(exe|rar|iso|zip|7zip|flv|mkv|avi|mp4|3gp\
|rmvb|mp3|img|dat|mov|wmv|wma|ogg|ipa|apk).*\$"
add name=torrentsites regexp="^.*(get|GET).+(torrent|thepiratebay|isohunt|ente\
rtane|demonoid|btjunkie|mininova|flixflux|torrentz|vertor|h33t|btscene|bit\
unity|bittoxic|thunderbytes|entertane|zoozle|vcdq|bitnova|bitsoup|meganova\
|fulldls|btbot|flixflux|seedpeer|fenopy|gpirate|commonbits).*\$"
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/ip pool
add name=dhcp_pool0 ranges=192.168.0.2-192.168.0.254
/ip dhcp-server
add address-pool=dhcp_pool0 disabled=no interface=ether5 lease-time=8h name=\
dhcp1
/queue simple
add disabled=yes max-limit=0/4M name="Limit Youtube" packet-marks=streaming \
target=192.168.0.0/24
/system logging action
set 3 remote=127.0.0.1
/interface pptp-server server
set enabled=yes
/ip address
add address=192.168.0.1/24 interface=ether5 network=192.168.0.0
/ip cloud
set ddns-enabled=yes
/ip dhcp-server network
add address=192.168.0.0/24 dns-server=208.67.222.123,208.67.220.123 gateway=\
192.168.0.1
/ip dns
set allow-remote-requests=yes servers=208.67.222.123,208.67.220.123
/ip firewall address-list
add address=192.168.0.2-192.168.0.254 list=CLIENT
add address=178.59.0.0/17 list=CYTA
/ip firewall filter
add action=accept chain=input comment="Accept established connections" \
connection-state=established
add action=accept chain=input comment="Accept related connections" \
connection-state=related
add chain=input comment="Accept all connections from local network" \
in-interface=ether5
add action=drop chain=input comment="Drop invalid connections" \
connection-state=invalid
add action=drop chain=forward comment="Drop invalid connections" \
connection-state=invalid
add action=drop chain=input comment=\
"Drop all packets which are not destined to routes IP address" \
dst-address-type=!local
add action=drop chain=input comment=\
"Drop all packets which does not have unicast source IP address" \
src-address-type=!unicast
add action=drop chain=input comment="Block Incoming DNS" dst-port=53 \
in-interface=pppoe-CYTA1 protocol=udp
add action=drop chain=input dst-port=53 in-interface=pppoe-CYTA1 protocol=tcp
add action=drop chain=input dst-port=53 in-interface=pppoe-CYTA2 protocol=udp
add action=drop chain=input dst-port=53 in-interface=pppoe-CYTA2 protocol=tcp
add action=accept chain=forward comment="Allow internal DNS" dst-address=\
192.168.0.1 dst-port=53 protocol=tcp src-address-list=CLIENT
add action=accept chain=forward dst-address=192.168.0.1 dst-port=53 protocol=\
udp src-address-list=CLIENT
add action=drop chain=input comment="Drop IP Services ports" disabled=yes \
dst-port=81,80,22,21,23,8728,8729,8080 in-interface=pppoe-CYTA1 protocol=\
tcp
add action=drop chain=input comment="Drop IP Services ports" disabled=yes \
dst-port=81,80,22,21,23,8728,8729,8080 in-interface=pppoe-CYTA2 protocol=\
tcp
add action=accept chain=input comment="Allow Winbox From WAN" dst-port=8291 \
protocol=tcp
add action=accept chain=input comment="Allow ICMP" protocol=icmp
add action=accept chain=forward comment="Accept Forward on Server" \
dst-address=192.168.0.201 dst-port=80 protocol=tcp
add action=accept chain=forward dst-address=192.168.0.201 dst-port=80 \
protocol=udp
add action=accept chain=input comment="Allow PPTP" connection-state=new \
disabled=yes dst-port=1723 protocol=tcp
add action=accept chain=input comment="Allow GRE" connection-state=new \
disabled=yes protocol=gre
add action=add-src-to-address-list address-list=Port_Scanner \
address-list-timeout=1w chain=input comment="Port Scanner Detect" \
protocol=tcp psd=21,3s,3,1
add action=drop chain=input comment="Drop to port scan list" \
src-address-list=Port_Scanner
add action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w chain=input comment="NMAP FIN Stealth scan" \
protocol=tcp tcp-flags=fin,!syn,!rst,!psh,!ack,!urg
add action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w chain=input comment="SYN/FIN scan" protocol=tcp \
tcp-flags=fin,syn
add action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w chain=input comment="SYN/RST scan" protocol=tcp \
tcp-flags=syn,rst
add action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w chain=input comment="FIN/PSH/URG scan" protocol=\
tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack
add action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w chain=input comment="NMAP NULL scan" protocol=tcp \
tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg
add action=drop chain=input comment="drop ftp brute forcers" dst-port=21 \
protocol=tcp src-address-list=ftp_blacklist
add action=accept chain=output content="530 Login incorrect" dst-limit=\
1/1m,9,dst-address/1m protocol=tcp
add action=add-dst-to-address-list address-list=ftp_blacklist \
address-list-timeout=3h chain=output content="530 Login incorrect" \
protocol=tcp
add action=add-src-to-address-list address-list=ssh_blacklist \
address-list-timeout=3d chain=input connection-state=new dst-port=22 \
protocol=tcp src-address-list=ssh_stage3
add action=add-src-to-address-list address-list=ssh_stage3 \
address-list-timeout=1m chain=input connection-state=new dst-port=22 \
protocol=tcp src-address-list=ssh_stage2
add action=add-src-to-address-list address-list=ssh_stage2 \
address-list-timeout=1m chain=input connection-state=new dst-port=22 \
protocol=tcp src-address-list=ssh_stage1
add action=add-src-to-address-list address-list=ssh_stage1 \
address-list-timeout=1m chain=input connection-state=new dst-port=22 \
protocol=tcp
add action=drop chain=forward comment="drop ssh brute downstream" dst-port=22 \
protocol=tcp src-address-list=ssh_blacklist
add action=drop chain=forward dst-port=445 protocol=tcp src-address-list=\
Worm-Infected-p445
add action=drop chain=forward dst-port=445 protocol=tcp src-address-list=\
Worm-Infected-p445
add action=log chain=input comment="Log everything else" log-prefix=\
"DROP INPUT"
add action=drop chain=input comment="Drop everything else"
/ip firewall mangle
add action=accept chain=prerouting dst-address=192.168.0.0/24
add action=accept chain=prerouting in-interface=pppoe-CYTA1
add action=accept chain=prerouting in-interface=pppoe-CYTA2
add action=mark-connection chain=prerouting dst-address-type=!local \
new-connection-mark=wan1_conn passthrough=yes per-connection-classifier=\
both-addresses-and-ports:2/0 src-address=192.168.0.0/24
add action=mark-connection chain=prerouting dst-address-type=!local \
new-connection-mark=wan2_conn passthrough=yes per-connection-classifier=\
both-addresses-and-ports:2/1 src-address=192.168.0.0/24
add action=mark-routing chain=prerouting connection-mark=wan1_conn \
new-routing-mark=to_wan1 passthrough=yes src-address=192.168.0.0/24
add action=mark-routing chain=prerouting connection-mark=wan2_conn \
new-routing-mark=to_wan2 passthrough=yes src-address=192.168.0.0/24
add action=mark-routing chain=prerouting comment="Mark HTTPS" dst-port=443 \
new-routing-mark=HTTPS passthrough=no protocol=tcp
add action=mark-packet chain=prerouting comment="Mark Packet Streaming" \
disabled=yes layer7-protocol=streaming new-packet-mark=streaming \
passthrough=no src-address-list=CLIENT
/ip firewall nat
add action=masquerade chain=srcnat out-interface=pppoe-CYTA1
add action=masquerade chain=srcnat out-interface=pppoe-CYTA2
add action=masquerade chain=srcnat comment="masquerade local network" \
out-interface=ether5 src-address=192.168.0.0/24
/ip firewall service-port
set ftp disabled=yes
set tftp disabled=yes
set irc disabled=yes
set h323 disabled=yes
set sip disabled=yes
set udplite disabled=yes
set dccp disabled=yes
set sctp disabled=yes
/ip route
add check-gateway=ping distance=1 gateway=pppoe-CYTA1 routing-mark=to_wan1
add check-gateway=ping distance=1 gateway=pppoe-CYTA2 routing-mark=to_wan2
add check-gateway=arp distance=7 gateway=pppoe-CYTA1 routing-mark=HTTPS
add check-gateway=arp distance=8 gateway=pppoe-CYTA2 routing-mark=HTTPS
add check-gateway=ping distance=1 gateway=pppoe-CYTA1
add check-gateway=ping distance=2 gateway=pppoe-CYTA2
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes port=81
set ssh disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/ppp profile
add address-list=ADMIN bridge= change-tcp-mss=yes dns-server=8.8.8.8 \
local-address=192.168.0.1 name=pptp-in remote-address=dhcp_pool0 \
use-encryption=yes
/system clock
set time-zone-autodetect=no time-zone-name=Europe/Athens
/system identity
set name="RB ******"
/system ntp client
set enabled=yes primary-ntp=128.138.141.172 secondary-ntp=194.177.210.54
/system routerboard settings
set silent-boot=no