Filter rules like this:
Code: Select all
0 ;;; Accept winbox
chain=input action=accept protocol=tcp src-address-list=local port=8291 log=no log-prefix=""
1 ;;; Accept www
chain=input action=accept protocol=tcp src-address-list=local port=80 log=no log-prefix=""
2 ;;; Accept SSL
chain=input action=accept protocol=tcp src-address-list=local port=443 log=no log-prefix=""
3 ;;; Accept SSH
chain=input action=accept protocol=tcp src-address-list=local port=22 log=no log-prefix=""
4 ;;; Drop all
chain=input action=drop log=no log-prefix=""
Code: Select all
0 ;;; Accept winbox, www, SSL, SSH
chain=input action=accept protocol=tcp src-address-list=local port=8291,80,443,22 log=no log-prefix=""
1 ;;; Drop all
chain=input action=drop log=no log-prefix=""