Virtual Architects Support Wiki

User Tools

Site Tools

You are here: start » networking » router » mikrotik_blocklist
Trace:
networking:router:mikrotik_blocklist

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
networking:router:mikrotik_blocklist [2019/08/26 11:36]
gcooper 		networking:router:mikrotik_blocklist [2024/02/24 14:44] (current)
gcooper
Line 1: Line 1:
 ====== Mikrotik Block Lists ====== ====== Mikrotik Block Lists ======
 +
 +FIXME **New Method**: https://forum.mikrotik.com/viewtopic.php?f=9&t=152632&p=758435
 +
 +**Another way to block ads**: https://stopad.hook.sh/
 +
 +**Block by Country**: https://mikrotikconfig.com/firewall/
  
 ===== Sources ===== ===== Sources =====
Line 23: Line 29:
   * The **DShield list** is small, but up to date.   * The **DShield list** is small, but up to date.
   * The **Spamhaus list** is also fairly small and up to date.   * The **Spamhaus list** is also fairly small and up to date.
-  * The **BDE list** is quite long and may cause the router's web interface to misbehave.  The size of the list can be adjusted by changing the number for 'time' A better choice for a low end router might be the ''last hour'' list rather than the ''last day'' list (86400 seconds).+  * The **BDE All list** is quite long and will cause the router'**web** interface (not Winbox) to misbehave when viewing lists. 
 +  The **BDE list** is made up of the most recent attackers and the size of the list can be adjusted by changing the number for 'time' (max is about 18 hours).  A better choice for a low end router might be the ''last hour'' list rather than the ''last four hours'' list (14400 seconds).
     * https://api.blocklist.de/getlast.php?time=3600     * https://api.blocklist.de/getlast.php?time=3600
   * The **VoIPBL list** is also quite long (over 12,000 entries) and will cause the router's web interface to misbehave even more.  **If implementing this list, use Winbox to access the Address List page**.   * The **VoIPBL list** is also quite long (over 12,000 entries) and will cause the router's web interface to misbehave even more.  **If implementing this list, use Winbox to access the Address List page**.
Line 34: Line 41:
 === blocklists4mt.sh === === blocklists4mt.sh ===
  
-:!: We use a **dynamic address-list a 7-day timeout** in an attempt at eliminating cruft and minimizing flash (NAND) writes.+:!: We use a **dynamic address-list with a 7-day timeout** in an attempt at eliminating cruft and minimizing flash (NAND) writes.
  
-:!: We use a very crude mechanism to **limit the size of the combined list**.  You can **carefully** adjust the number of characters considered in sorting using the ''uniq -w'' argument in the last line.  This can also eliminate errors running the script due to duplicate or overlapping entries.+:!: We use a very crude mechanism to **limit the size of the combined list**.  You can **carefully** adjust the number of characters considered in sorting using the ''uniq -w 36'' argument in the last line.  This can also eliminate errors running the script due to duplicate or overlapping entries.
  
 <file> <file>
Line 45: Line 52:
 echo "# Generated by blocklists4mt.sh on $now" > $saveTo/dshield.rsc echo "# Generated by blocklists4mt.sh on $now" > $saveTo/dshield.rsc
 echo "/ip firewall address-list" >> $saveTo/dshield.rsc echo "/ip firewall address-list" >> $saveTo/dshield.rsc
-wget -q -O - http://feeds.dshield.org/block.txt | awk --posix '/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.0\t/ { print "add list=blocklist address=" $1 "/24 timeout=7d comment=DShield";}' >> $saveTo/dshield.rsc+wget -q -O - https://feeds.dshield.org/block.txt | awk --posix '/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.0\t/ { print "add list=blocklist address=" $1 "/24 timeout=7d comment=DShield";}' >> $saveTo/dshield.rsc
  
 echo "# Generated by blocklists4mt.sh on $now" > $saveTo/spamhaus.rsc echo "# Generated by blocklists4mt.sh on $now" > $saveTo/spamhaus.rsc
 echo "/ip firewall address-list" >> $saveTo/spamhaus.rsc echo "/ip firewall address-list" >> $saveTo/spamhaus.rsc
-wget -q -O - http://www.spamhaus.org/drop/drop.lasso | awk --posix '/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\// { print "add list=blocklist address=" $1 " timeout=7d comment=SpamHaus";}' >> $saveTo/spamhaus.rsc+wget -q -O - https://www.spamhaus.org/drop/drop.lasso | awk --posix '/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\// { print "add list=blocklist address=" $1 " timeout=7d comment=SpamHaus";}' >> $saveTo/spamhaus.rsc
 wget -q -O - http://www.spamhaus.org/drop/edrop.lasso | awk --posix '/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\// { print "add list=blocklist address=" $1 " timeout=7d comment=SpamHaus";}' >> $saveTo/spamhaus.rsc wget -q -O - http://www.spamhaus.org/drop/edrop.lasso | awk --posix '/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\// { print "add list=blocklist address=" $1 " timeout=7d comment=SpamHaus";}' >> $saveTo/spamhaus.rsc
  
 echo "# Generated by blocklists4mt.sh on $now" > $saveTo/bde.rsc echo "# Generated by blocklists4mt.sh on $now" > $saveTo/bde.rsc
 echo "/ip firewall address-list" >> $saveTo/bde.rsc echo "/ip firewall address-list" >> $saveTo/bde.rsc
-wget -q -O - https://api.blocklist.de/getlast.php?time=86400 | awk --posix '/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/ { print "add list=blocklist address=" $1 " timeout=7d comment=BDE";}' >> $saveTo/bde.rsc+wget -q -O - https://api.blocklist.de/getlast.php?time=14400 | awk --posix '/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/ { print "add list=blocklist address=" $1 " timeout=7d comment=BDE";}' >> $saveTo/bde.rsc
  
 echo "# Generated by blocklists4mt.sh on $now" > $saveTo/voipbl.rsc echo "# Generated by blocklists4mt.sh on $now" > $saveTo/voipbl.rsc
 echo "/ip firewall address-list" >> $saveTo/voipbl.rsc echo "/ip firewall address-list" >> $saveTo/voipbl.rsc
-wget -q -O - http://www.voipbl.org/update/ | awk --posix '/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/ { print "add list=blocklist address=" $1 " timeout=7d comment=VoIPBL";}' >> $saveTo/voipbl.rsc+wget -q -O - https://voipbl.org/update/ | awk --posix '/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/ { print "add list=blocklist address=" $1 " timeout=7d comment=VoIPBL";}' >> $saveTo/voipbl.rsc 
 + 
 +# dshield, bde, spamhaus and voipbl lists 
 + 
 +#echo "# Generated by blocklists4mt.sh on $now" > $saveTo/combined.rsc 
 +#echo "# This is a combined blocklist created from unique entries in the" >> $saveTo/combined.rsc 
 +#echo "# DShield, SpamHaus, BDE and VoIPBL blocklists." >> $saveTo/combined.rsc 
 +#echo "/ip firewall address-list" >> $saveTo/combined.rsc 
 +#cat $saveTo/dshield.rsc $saveTo/bde.rsc $saveTo/spamhaus.rsc $saveTo/voipbl.rsc |sort |grep -v '^$\|^\s*\#|^\/' |uniq -w 38 >> $saveTo/combined.rsc 
 + 
 +# dshield, bde and spamhaus lists 
 + 
 +#echo "# Generated by blocklists4mt.sh on $now" > $saveTo/combined.rsc 
 +#echo "# This is a combined blocklist created from unique entries in the" >> $saveTo/combined.rsc 
 +#echo "# DShield, SpamHaus and BDE blocklists." >> $saveTo/combined.rsc 
 +#echo "/ip firewall address-list" >> $saveTo/combined.rsc 
 +#cat $saveTo/dshield.rsc $saveTo/bde.rsc $saveTo/spamhaus.rsc |sort |grep -v '^$\|^\s*\#|^\/' |uniq -w 39 >> $saveTo/combined.rsc 
 + 
 +# dshield, voipbl and spamhaus lists
  
 echo "# Generated by blocklists4mt.sh on $now" > $saveTo/combined.rsc echo "# Generated by blocklists4mt.sh on $now" > $saveTo/combined.rsc
 echo "# This is a combined blocklist created from unique entries in the" >> $saveTo/combined.rsc echo "# This is a combined blocklist created from unique entries in the" >> $saveTo/combined.rsc
-echo "# DShield, SpamHaus, BDE and VoIPBL blocklists." >> $saveTo/combined.rsc+echo "# DShield, SpamHaus and VoIPBL blocklists." >> $saveTo/combined.rsc
 echo "/ip firewall address-list" >> $saveTo/combined.rsc echo "/ip firewall address-list" >> $saveTo/combined.rsc
-cat $saveTo/dshield.rsc $saveTo/bde.rsc $saveTo/spamhaus.rsc $saveTo/voipbl.rsc |sort |grep -v '^$\|^\s*\#|^\/' |uniq >> $saveTo/combined.rsc +cat $saveTo/dshield.rsc $saveTo/voipbl.rsc $saveTo/spamhaus.rsc |sort |grep -v '^$\|^\s*\#|^\/' |uniq -w 36 >> $saveTo/combined.rsc
-</file>+
  
-==== Run the Script Daily ====+# dshield and spamhaus lists
  
-Here is one way to configure ''cron'' to run the script every day+#echo "# Generated by blocklists4mt.sh on $now" > $saveTo/combined.rsc 
- +#echo "# This is a combined blocklist created from unique entries in the" >> $saveTo/combined.rsc 
-<file> +#echo "# DShield and SpamHaus blocklists." >> $saveTo/combined.rsc 
-chown root.root blocklists4mt.sh +#echo "/ip firewall address-list" >> $saveTo/combined.rsc 
-chmod +x blocklists4mt.sh +#cat $saveTo/dshield.rsc $saveTo/spamhaus.rsc |sort |grep -v '^$\|^\s*\#|^\/' |uniq -w 39 >> $saveTo/combined.rsc
-cp -a blocklists4mt.sh /etc/cron.daily/+
 </file> </file>
  
networking/router/mikrotik_blocklist.1566841008.txt.gz · Last modified: 2019/08/26 11:36 by gcooper

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki