arysandi/gist:8b505bddd9e925828458785fe96cf9b7

## gistfile1.txt
ganti “SUMBER INTERNET” dengan nama interface sumber internet di mikrotik *
/ip firewall filter
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=accept chain=input comment="defconf: accept ICMP" dst-port=8291 protocol=tcp
add action=accept chain=input comment="defconf: accept ICMP" dst-port=8291 protocol=udp
add action=accept chain=input comment="defconf: accept established,related" connection-state=established,related
add action=drop chain=input comment="defconf: drop all from WAN" in-interface="SUMBER INTERNET"
add action=accept chain=forward comment="defconf: accept established,related" connection-state=established,related
add action=drop chain=forward comment="defconf: drop invalid" connection-state=invalid
add action=drop chain=forward comment="defconf:  drop all from WAN not DSTNATed" connection-nat-state=!dstnat connection-state=new in-interface="SUMBER INTERNET"
	ganti “SUMBER INTERNET” dengan nama interface sumber internet di mikrotik *
	/ip firewall filter
	add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
	add action=accept chain=input comment="defconf: accept ICMP" dst-port=8291 protocol=tcp
	add action=accept chain=input comment="defconf: accept ICMP" dst-port=8291 protocol=udp
	add action=accept chain=input comment="defconf: accept established,related" connection-state=established,related
	add action=drop chain=input comment="defconf: drop all from WAN" in-interface="SUMBER INTERNET"
	add action=accept chain=forward comment="defconf: accept established,related" connection-state=established,related
	add action=drop chain=forward comment="defconf: drop invalid" connection-state=invalid
	add action=drop chain=forward comment="defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat connection-state=new in-interface="SUMBER INTERNET"