Mikrotik : Sécurisation

/ip firewall address-list add list=Blacklist comment="Liste des IP bloquées."

/ip firewall raw add action=drop chain=prerouting comment="Blacklist" src-address-list="Blacklist"
/ip firewall raw add action=drop chain=prerouting comment="Blacklist" dst-address-list="Blacklist"

/ip firewall filter add chain=input action=drop comment="Drop new connections from Blacklist" connection-state=new src-address-list=Blacklist
/ip firewall filter add chain=forward action=drop comment="Drop new connections from Blacklist" src-address-list=Blacklist

/ip firewall filter add chain=output action=drop comment="Drop new connections from Blacklist" connection-state=new dst-address-list=Blacklist
/ip firewall filter add chain=forward action=drop comment="Drop new connections from Blacklist" dst-address-list=Blacklist


/ip firewall filter add action=add-src-to-address-list address-list=Blacklist address-list-timeout=10h chain=input protocol=tcp connection-state=new dst-port=110,161,443,445,3128,3306,3333,3389,7547,8291,8080-8082  comment="Blocage Scan de ports" 
/ip firewall raw add chain=output content="invalid user name or password" action=add-dst-to-address-list address-list=Blacklist address-list-timeout=1h10m comment="Blocage Bruteforce"