Hello! Please help me with problem.
I wrote a firewall rule to block the ip-address, which comes from more than 100 connections per second.
Router used DNS server 8.8.8.8 and 8.8.4.4. On the connection of them, these rules should not apply. Here are the rules themselves:

ip firewall filter print

1 X chain=input action=reject reject-with=icmp-network-unreachable protocol=udp src-address-list=ddos-blocked-addr in-interface=ether1
log=yes log-prefix="ddos"
2 X ;;; Block over 100 incoming connection per ip
chain=input action=add-src-to-address-list protocol=udp src-address=!8.8.8.8 address-list=ddos-blocked-addr address-list-timeout=1d
in-interface=ether1 connection-limit=100,32 log=yes log-prefix="block_ddos"
3 X ;;; Block over 100 incoming connection per ip
chain=input action=add-src-to-address-list protocol=udp src-address=!8.8.4.4 address-list=ddos-blocked-addr address-list-timeout=1d
in-interface=ether1 connection-limit=100,32 log=yes log-prefix="block_ddos"

After enable this rules addresses 8.8.8.8 and 8.8.4.4 are in the list of blocked - ddos-blocked-addr.
What am i doing wrong? Thanks in advance for your help.