Mikrotik firewall ddos

/ip firewall filter

add action=MEMO chain=forward comment="::::::::::::::::::::::::::::::::::::::::::::: Filter Hack DDos :::::::::::::::::::::::::::::::::::::::::::::"     disabled=yes

add action=return chain=detect-ddos comment="DDoS Exit  admin"     src-address-list=Mangle_Allow_Admin

add action=return chain=detect-ddos comment="DDoS Exit  Web " dst-port=80     protocol=tcp

add action=return chain=detect-ddos comment="DDoS Exit  Web " dst-port=443     protocol=tcp

add action=return chain=detect-ddos comment="DDoS Detection and Blocking"     dst-limit=32,32,src-and-dst-addresses/10s

add action=return chain=detect-ddos comment=    "DDoS Detection and Blocking :Allow Ping" protocol=icmp

add action=return chain=detect-ddos comment=    "DDoS Detection and Blocking :Allow local" out-interface=ether1_Wlan     src-address-list="List Local Address"

add action=return chain=detect-ddos comment=    "DDoS Detection and Blocking :Allow Moradmand" dst-port=1433     out-interface=ether1_Wlan protocol=tcp src-address=37.255.236.2

add action=return chain=detect-ddos comment=    "DDoS Detection and Blocking :Allow Tracert" dst-port=33434-33436     protocol=udp

add action=return chain=detect-ddos comment="DDoS Detection and Blocking"     src-address=192.168.1.0/24

add action=add-dst-to-address-list address-list=ddosed address-list-timeout=    none-dynamic chain=detect-ddos comment="DDoS Detection and Blocking"

add action=add-src-to-address-list address-list=ddoser address-list-timeout=    none-dynamic chain=detect-ddos comment="DDoS Detection and Blocking"

add action=drop chain=forward comment="DDoS Detection and Blocking"     connection-state=new dst-address-list=ddosed src-address-list=ddoser

add action=MEMO chain=forward comment="::::::::::::::::::::::::::::::::::::::::::::: Filter Hack DDos :::::::::::::::::::::::::::::::::::::::::::::" disabled=yes