marvin/mikrotik_ddos_TCP.rsc

## mikrotik_ddos_TCP.rsc
/ip firewall filter
add action=reject chain=forward comment="DROP DDOS-TCP ACCESS LIST" log-prefix=BLACKLIST reject-with=icmp-port-unreachable src-address-list=DDOSER-UDP
add action=add-src-to-address-list address-list=DDOSER-TCP address-list-timeout=1w chain=forward connection-limit=50,32 dst-address-list=MISAXNET protocol=tcp
add action=add-src-to-address-list address-list=DDOSER-TCP address-list-timeout=1h chain=forward dst-address-list=MISAXNET dst-limit=50,32,src-and-dst-addresses/1h \
    protocol=tcp dst-port=587
	/ip firewall filter
	add action=reject chain=forward comment="DROP DDOS-TCP ACCESS LIST" log-prefix=BLACKLIST reject-with=icmp-port-unreachable src-address-list=DDOSER-UDP
	add action=add-src-to-address-list address-list=DDOSER-TCP address-list-timeout=1w chain=forward connection-limit=50,32 dst-address-list=MISAXNET protocol=tcp
	add action=add-src-to-address-list address-list=DDOSER-TCP address-list-timeout=1h chain=forward dst-address-list=MISAXNET dst-limit=50,32,src-and-dst-addresses/1h \
	protocol=tcp dst-port=587