Basta abrir o terminal no mikrotik e colar as regras:

 

/ip firewall filter add chain=input protocol=tcp connection-limit=400,32 action=add-src-to-address-list address-list=blocked-addr address-list-timeout=1d comment="SYN Flood protect"
/ip firewall filter add chain=input protocol=tcp src-address-list=blocked-addr connection-limit=3,32 action=tarpit comment="SYN Flood protect"
/ip firewall filter add chain=forward protocol=tcp tcp-flags=syn connection-state=new action=jump jump-target=SYN-Protect comment="SYN Flood protect" disabled=yes
/ip firewall filter add chain=SYN-Protect protocol=tcp tcp-flags=syn limit=400,5 connection-state=new action=accept comment="SYN Flood protect" disabled=no
/ip firewall filter add chain=SYN-Protect protocol=tcp tcp-flags=syn connection-state=new action=drop comment="SYN Flood protect" disabled=no
/ip settings set tcp-syncookies=yes


/ip firewall filter
add chain=forward connection-state=new action=jump jump-target=detect-ddos comment="DDoS protect"
/ip firewall filter
add chain=detect-ddos dst-limit=32,32,src-and-dst-addresses/10s action=return comment="DDoS protect"
add chain=detect-ddos src-address=192.168.0.1 action=return comment="DDoS protect"
/ip firewall filter
add chain=detect-ddos action=add-dst-to-address-list address-list=ddosed address-list-timeout=10m comment="DDoS protect"
add chain=detect-ddos action=add-src-to-address-list address-list=ddoser address-list-timeout=10m comment="DDoS protect"
/ip firewall filter
add chain=forward connection-state=new src-address-list=ddoser dst-address-list=ddosed action=drop comment="DDoS protect"

 

Caso tenha dificuldades em copiar, baixe o script em formato txt abaixo