/ip firewall filteradd action=accept chain=input connection-state=established,

1. /ip firewall filter
2. add action=accept chain=input connection-state=established,related
3. add action=accept chain=forward connection-state=established,related
4. add action=accept chain=input protocol=icmp
5. add action=accept chain=forward protocol=icmp
6. add action=accept chain=input dst-port=1723 in-interface-list=internetS protocol=tcp
7. add action=drop chain=forward comment=Drop-Black-lists in-interface-list=internetS src-address-list=\
8. drop
9. add action=drop chain=forward in-interface-list=internetS log=yes log-prefix=drop-blacklist \
10. src-address-list=Sip-Scan
11. add action=drop chain=forward in-interface-list=internetS log=yes log-prefix=drop-blacklist \
12. src-address-list=ALL-Drop
13. add action=add-src-to-address-list address-list=drop address-list-timeout=none-static chain=input \
14. dst-port=5061-5075 in-interface-list=internetS protocol=udp
15. add action=add-src-to-address-list address-list=drop address-list-timeout=none-dynamic chain=input \
16. dst-port=21-23,80,443 in-interface-list=internetS protocol=tcp
17. add action=add-src-to-address-list address-list=drop address-list-timeout=none-static chain=input \
18. dst-port=4569,5038 in-interface-list=internetS protocol=udp
19. add action=drop chain=input comment=Invalid-drop connection-state=invalid
20. add action=drop chain=forward connection-state=invalid
21. add action=accept chain=forward in-interface-list=!internetS out-interface-list=internetS
22. add action=drop chain=forward comment=Forrvard-Internet connection-nat-state=!srcnat,dstnat \
23. in-interface-list=internetS
24. add action=drop chain=input comment=Full-DROP in-interface-list=internetS
25. add action=drop chain=forward in-interface-list=internetS