# 禁止135-139
/ ip firewall filter
add chain=forward protocol=tcp dst-port=135-139 action=drop comment=”135-139″
# 绑定所有MAC
:foreach aaa in=[/ip arp find dynamic=yes ] do=[/ip arp add copy-from=$aaa]
# 自动删除close状态的连接
/ system scheduler
add name=”del_close” on-event=”/ip firewall connection remove \[/ip \
firewall connection find tcp-state=close\]” start-date=jan/01/1970 \
start-time=00:00:00 interval=1m comment=”" disabled=no
# 禁PING
/ ip firewall filter
add chain=output protocol=icmp action=drop comment=”No Ping”