Untuk settingan lainnya tidak saya bahas karena pasti puanjang banget, saya hanya pada intinya saja, monggo langsung aja ...
1. Buat rule jump target :
/ip firewall filter
add chain=input src-address=0.0.0.0/0 dst-address=0.0.0.0/0 action=jump jump-target=blocked
add chain=forward src-address=0.0.0.0/0 dst-address=0.0.0.0/0 action=jump jump-target=blocked
add chain=output src-address=0.0.0.0/0 dst-address=0.0.0.0/0 action=jump jump-target=blocked
2. Buat daftar IP yang di ijinkan akses di IP-Firewall-Adress list
/ip firewall address-list
add address=192.168.1.1 comment="" disabled=no list=klien
add address=192.168.1.2 comment="" disabled=no list=klien
add address=192.168.1.3 comment="" disabled=no list=klien
add address=192.168.1.4 comment="" disabled=no list=klien
add address=192.168.1.5 comment="" disabled=no list=klien
dan seterusnya sampai di masukin semua IP klien yang terdaftar
3. Buat rule di IP-Firewall-Filter untuk mengijinkan IP yang sudah terdaftar
/ip firewall filter
add chain=blocked protocol=udp src-address-list=klien action=accept
add chain=blocked src-address=0.0.0.0/0 dst-address=0.0.0.0/0 src-address-list=klien action=accept
add chain=blocked src-address=0.0.0.0/0 dst-address=0.0.0.0/0 dst-address-list=klien action=accept
4. Buat rule untuk Blok IP selain IP klien yang sudah terdaftar
/ip firewall filter
add chain=blocked src-address=0.0.0.0/0 dst-address=0.0.0.0/0 src-address-list=!klien action=add-src-to-address-list address-list=src-not-whitelist address-list-timeout=1d
add chain=forward src-address=0.0.0.0/0 dst-address=0.0.0.0/0 src-address-list=!klien action=drop
add chain=forward src-address=0.0.0.0/0 dst-address=0.0.0.0/0 dst-address-list=!klien action=drop
Selesai deh....
