What are you having trouble with?
I can see input chains and Mangle/prerouting chains etc all working on my Mesh. Create a rule but only "log" first, see if you are matching correctly, for yours, I would create the following on your Mesh Portal device:
ros code
/ip firewall mangle
add action=log chain=prerouting log-prefix=dhcp protocol=udp src-port=67
add action=log chain=prerouting log-prefix=dhcp protocol=udp dst-port=68
Open the log, renew a dynamic IP, see the packets in the log.
Then, you just change the "action=log" part to "action=drop" and no more DHCP on the mesh.. or anything.
Tested, DHCP requests appear in logs with this running.
I use something very similar to ensure DHCP request packets are tagged as high-priority and are not queued as harshly as other stuff.. even at high utilization, dhcp still works flawlessly.
ros code
/ip firewall mangle
add action=mark-connection chain=prerouting comment="DHCP Request" dst-port=68 \
new-connection-mark=dhcp protocol=udp
add action=mark-connection chain=prerouting comment="DHCP Response" \
new-connection-mark=dhcp protocol=udp src-port=67
add action=mark-packet chain=prerouting comment="High: DHCP" connection-mark=\
dhcp new-packet-mark=high-priority passthrough=no
Then in the queue, simply setup a higher priority for the "high-priority" packets.
ros code
/queue tree
add name=queue1 parent=global queue=default
add name="Prioritize Stuff" packet-mark=high-priority parent=queue1 priority=1
add limit-at=128k max-limit=512k name=crappy-diem packet-mark=no-mark parent=queue1 priority=8