Even though the firewall guards the router from the general public interface, you should still need to disable RouterOS services.The first rule accepts packets from previously recognized connections, assuming they are Protected to not overload the CPU. The next rule drops any packet that link tracking identifies as invalid. After that, we build com