Category Archives: Mikrotik RouterOS

Installing RouterOS on WatchGuard Firebox x1250e – With Hardware Mods!

When I set out to find a budget 1u rack mounted Firewall to install RouterOS on, I discovered the WatchGuard Firebox. I have zero experience using Watchguard products, but I discovered there is quite a following for this hardware platform and discussion on pfSense related websites, blogs and forums discussing various methods of modifying these Firebox units, including manipulating the bios, adding vga outputs, keyboard inputs, and hard disks, I figured this looks like fun, so what the heck. I ordered a Watchguard Firebox x1250e off ebay for around $100. The good news is that you wont need to haggle with any of that nonsense the pfSense crowd has to deal with, in order to get this working.

I googled around a bit to find out as much as I could about the procedures and if anybody else had any success at doing what I was about to attempt. I could find very little related to Mikrotik RouterOS being installed on WatchGuard Firebox units. Besides a few posts from a decade ago on Mikrotiks forums about a few guys who got it to work back in the day, there was nothing. Which is precisely why I am writing this article, so that the next person whos googling, will find this article and know, that the answer is YES, you can do it, and YES its very easy.


The unit arrived with a bad power supply, which I had to order a replacement for, but once I had the replacement power supply installed, I quickly got the unit up and began testing it. I wasnt able to login to the web interface due to some custom configuration the previous owner had done, not even after performing a factory reset of it, following the procedures on Watchguards website for factory reset, the damn thing still had somebodies configuration loading, presumably from a configuration somewhere on the cf card.

So, I simply loaded up Mikrotik’s Netinstall software from within Windows and installed RouterOS directly to the stock 512mb CF Card that shipped with the Firebox x1250e.

I placed the CF card which now had RouterOS on it, back into the Firebox x1250, turning it on, and I waited a bit, the unit seemed to not be doing anything, I began to become concerned, but then I observed the hard disk LED indicator light on the front of the Firebox x1250e unit was pegged solid, but it would flicker occasionally, indicating to me that the magic was happening.

I decided to remain patient, and leave it alone, and Im glad that I did. After waiting about 10 minutes in total, and hearing a system beep at the end of each boot up, I concluded that it took about 2-4 reboots for RouterOS to configure itself before it was finished installing and setting up. ( It boots REALLY fast after completing the install as a matter of fact.)

RouterOS x86 finally installed on my unmodified Watchguard Firebox x1250e. I then proceeded to install the optional LCD software package which can be downloaded from RouterOS.com And after tinkering around a bit, I discovered there is a selection of different LCD types from within the LCD Package menu, the vitek-vc2025-2 was the option that worked for the x1250e unit that I had. It just worked, like a charm. Good job Mikrotik!

Next, I purchased an x86 Level 4 RouterOS license from Roc-Noc and I am extremely happy with the outcome. And just a heads up to new customers, you will need to wait a while for RocNoc to email you your license, but dont worry, they will, and if you are impatient like me, just email them, a rep will send you your license relatively quickly.

Next, I proceeded to setup firewall rules and schedule the automatic DNS Ads and Malicious blacklist updates from Squidblacklist.org. I have also decided to order a replacedment LCD to upgrade the ugly yellow display.

DNS filtering with Firebox x1250e & Mikrotik RouterOS:

DNS Blacklisting is a snap with blacklists from Squidblacklist.org
DNS Blacklisting is a snap with blacklists from Squidblacklist.org

As you can see in the image above, I have easily imported three DNS blacklists from Squidblacklist.org so that I can filter some unwanted content. I selected three categories, Ads, Malicious, and “CP”. Over 107,643 domain names are now blacklisted in our DNS server and will not resolve.

The impact of this many entries is that we now have consumed approx 600mb of system memory, and minimal hd or cpu usage. DNS Response times are as fast as they can be, and the system performance is rock solid. I have scheduled daily updates for these blacklists as well, using system scheduler.

Booting the Router is considerably longer, due primarily to the poor io bandwidth of the CF card while the OS loads up the DNS server with thousands of static entries. Once it is up and running however, its done. After the RouterOS boots completely, there is a 5 minute additional waiting period of heavy cpu usage befoe the DNS server will begin responding to DNS Queries. I recommend installing a mini PCI-e SSD, the same type found in laptops. This would most certainly alleviate the issue with the CF card read/write IO.


April 3 2017: Upgrades arrive.

Memory And Cpu Upgrades For Fireboxx1250e

Ok so the above mentioned parts are here. I was eager to update the blog post, however, I still have to wait until after midnight after everybody goes to sleep before I interrupt service to pull the unit out of the rack and get the Firebox x1250e upgraded. Otherwise I will never hear the endless complaints about the outtage.

2x 1GB DDR2 6400
x1250e Memory Upgrade – 2x 1GB DDR2 6400

Installing the memory should be a snap, I suspect the unit may support larger modules, I will test a single 2gb module I happen to have here in the lab during the procedure, if it works, I will order a second matching stick and get the unit maxed at 4GB. But the documentation says the unit only supports a maximum of 1gb per slot, which I doubt is accurate. Theres only one way to find out. (Ill edit this section of the article after I find out.)

Update: Maximum Memory Determined.
I have tested two 2GB sticks of DDR2 PC-6400 in the Firebox x1250e, and I have concluded that the maximum installable memory in the Firebox model x1250e to be 2GB. Which is a bit annoying because the unit does post up with a single 2GB stick in either slot, but when I tried to place both sticks in at the same time, the unit simply wouldnt post at all. So I decided to reinstall both 1GB sticks and Im actually satisfied with that, for my own use as a gateway, Im not even consuming half of that yet.

Firebox x1250e CPU Upgrade - Pentium M 780 SL7VB
Firebox x1250e CPU Upgrade – Pentium M 780 SL7VB

It seemed like it took forever to get the cpu from Shenzhen China. But its here, a Pentium M 780 2.26ghz/2M/533. No speed demon by todays standards, but its certainly twice as much cpu power as the 1.3ghz Celeron that shipped with the unit and will effectively max the cpu out. There is no faster cpu made for this hardware architecture without getting into some insane overclocking voodoo.


Upgrading the Firebox x1250e CPU:
Firebox x1250e CPU Jumpers
Firebox x1250e CPU Jumpers

There are some jumpers on the motherboard which must be switched. It is clearly indicated on the motherboard which dip switches must be flipped for a Dothan or a Banias core cpu. Now the Celeron that shipped with the unit is a Banias core, and the Pentium M 780 is a Dothan core. So, I set the switches appropriately as indicted on the diagram and booted up, eagerly anticipating 2.2ghz.

Cpu isnt running at full speed.
Cpu isnt running at full speed.

Problems with the Pentium M 780
RouterOS reports that the Pentium M 780 cpu is running at 1700mhz, when it should be at running at its rated speed of 2.26ghz. So I scratched my head, and I thought for a moment and got to work. I shut down the unit and began playing around with the dip switches to see if I could get it to post up at the right speeds with some sort of magical, undocumented combination of dip switch settins, like we old timers used to do back in the socket 7 era with Pentium and K6 chips.

After exhausting every possible combination of dip switch settings, I determined that I could not, and after a dozen frustrating reboots, exhausting every possible combination of different dip settings, and waiting each time. I finally just set it as directed on the motherboard diagram for a Dothan core, put it back in the rack and fired it up. This Firebox x1250e was apparently going to run at 1700mhz whether I liked it or not.

I can only assume one of two possibilities. This motherboard may not support the 533fsb of the Pentium M 780 and the guy who discussed using a 533fsb cpu upgrade in this unit on the pfsense forum was full of crap. It is entirely possible that the BIOS needs to be updated because it simply doesnt have the microcodes for this cpu, and it just doesnt know what to do with it. The Pentium M 780 has a 17x multiplier, and that would explain why its running at 1700mhz(Quad Rate DDR 4x 100mhz x 17 Multiplier = 1700mhz).

Upgrading the BIOS on this mainboard isnt going to be as simple as it would be it it were a desktop motherboard. So I am going to abandon the Pentium M 780 and insteadm, Im going to order another cpu, one with a 400mhz fsb. The new cpu should be cheap and easy to find. The fastest 400mhz bus Pentium M made, according to this chart on wikipedia, is a Pentium M 765 (SL7UZ or SL7V3) 2.1GHz/2MB/400. And I just purchased the Pentium M 760, which was a mistake because it too is a 533mhz part. I have ordered a third cpu, a Pentium M 755 which is indeed, a 2.0ghz/2mb/400mhz part, which should arrive next week some time, Ill update the blog as soon as I have it installed.

CF Card IO Performance
The IO bandwidth of the CF card that ships with the Firebox x1250e is rather limiting, which isnt much of an issue if you are just using it as a router, until you begin working with large blacklists or other large data files, so one might imagine that the Firebox x1250e could perform quite a bit smoother using an SSD rather than a CF Card.

x1250e has a 4x pci-e slot
x1250e has a 4x pci-e slot

Fortunately, there appears to be a normal looking 4x pci-e slot near the CF Card slot, within which, we should be able to have an SSD installed.I have no doubt that the system would be more snappy, reliable, faster to boot, and especially our specific deployment, the x1250e would load blacklists considerably faster with an SSD installed.

In 2017 I imagine it should be relatively easy to locate, obtain, and install a ribbon extension for the Pci-e slot, and add a small SSD for next to nothing, with relative ease and a little creative placement of the hardware, I look forward to performing this modification in the future and will update this blog post as soon as I have some related content.

Audio Anomaly:
This is a bit trivial, but noteworthy none the less, an amusing script that produces a ‘Star Wars Imperial March’ jingle from the system speaker doesnt sound like it should on an actual Mikrotik Routerboard. It does play. But it doesnt sound quite right at all.

LCD has Arrived:

Firebox-x1250e-LCD-mod
A New Firebox x1250e LCD Upgrade

Ok so the replacement ‘5V 20×2 Character LCD Module’ has arrived.

Just got done soldering in the replacement LCD and I wasnt sure what to expect, but after a few seconds, as you can see it went well.


And a dark shot showing the glorious end product safely running in production under lock and key.

To be continued….

Want to filter unwanted websites with a WatchGuard Firebox or a RouterOS Device?


Subscribe and download all of our blacklists.

Flat rate subscription. For full access to all of our works, select a membership option & subscribe today.



Select Payment Option



  • You will be issued a username and password.
  • You will be granted access to our member area.
  • 5 Year Membership Option now available.
  • For lifetime membership options click here.clipart
  • Contact us if you would like a pre order invoice.

Disclaimer: All sales are final, we do not issue refunds. Cancel your subscription anytime.


Problems & Solutions with Mikrotik RouterOS DNS Domain Blacklists.

Article by Benjamin E. Nichols http://www.squidblacklist.org
Introduction.

As a publisher of domain blacklist data, I thought it would be appropriate the share some recent challenges and resultant experiences with Mikrotik RouterOS DNS Domain name blacklists, especially considering that we charge a service fee for access to these blacklists. But first, we would like to thank Mikrotik for their fine products and timely support and we hope to continue to co-operate in the future. The following article describes recent issues, historical problems, and current fixes, patches and workarounds for categorized domain blacklisting utilizing the static dns entry features of RouterOS.

Recently we had some issues with these lists that was directly related to four individual problems all of which have been resolved.

1. Painfully Slow Import of Large Domain Blacklists ( Resolved )

Importing large domain blacklists has been an excruciatingly, absurdly slow process for many years, even with the most expensive high end Mikrotik RouterOS devices, which I believe the general consensus would be that, if one were to pay a premium, one would anticipate premium performance.

This issue has been recently resolved by Mikrotik with a new patch for RouterOS included in the latest release candidate as of October 2016. This was a very overdue fix and a welcomed change that will undoubtedly bring us closer to making domain based web filtering using standalone Mikrotik RouterOS devices that much closer to be practical for most people. We suggest you test the latest release candidate for yourself. The fix has been included in 6.38rc15 (Release candidate) available from http://www.mikrotik.com/download.

2. Recent Changes to RouterOS Static DNS ( Resolved )

Another issue that we faced with static dns entries in particular, is that with a recent change in RouterOS, a change that was made some time towards the end of summer 2016. They seemed to have changed the way that Static DNS entries are handled by the OS, forcing us to change our format in order to retain operability. Which actually, ended up being a very good thing that forced us to make dramatic improvements to our static dns format, a change which, in and of itself is something that was admittedly also long overdue. And the new format is perfectly suited for RouterOS Static DNS Entries. And we owe a debt of gratitude to the generous folks over at Mikrotik’s forums for helping us resolve those issues in a timely manner.

3. The 60 character limitation: ( Resolved )

Then we found out after consultation with Mikrotik via ticket submission and email discussions with their support staff, that RouterOS has a 60 character limitation that prevents domain names beyond a certain complexity to be loaded. This prompted us to open a support ticket, which began the dialogue. We were getting the following message when loading blacklists “error regex too compex”.

Also note the misspelling of the word complex, "compex".
Also note the misspelling of the word complex, “compex”.
( The spelling of complex has been fixed after our discussion with support staff. ) We decided an easy work around for this was to simply remove all domain names with more than 60 characters, and while we dont like throwing away domain data, after careful analysis of the data removed, most of these domains were junk so its not too big of an issue, and its a fix which seemed to work to address the problem. ( Mikrotik has informed us they do not plan to fix this any time soon as the work involved doing so is prohibitive at this time . )

4. Static DNS Blacklist – Script Failure at “Error duplicate entry detected” ( RESOLVED )

Now, this is where we hit a roadblock with Mikrotik Static DNS Entries. You see, loading an individual static dns blacklist from Squidblacklist.org into a RouterOS device works just fine, given that you must have adequate resources, memory, storage and cpu power. ( see our compatibility chart )

The problem however is with the fact that the way RouterOS handles duplicate entries, causing the import process to abort. Allow me to elaborate. The reason why this is an unacceptable end is that some domains will inevitably exist in multiple blacklists and/or blacklist categories, for example, a pornography website may also be malicious, and therefore the domain name will be present in both the adult, and the malicious blacklists. A network administrator may decide to load both of these two blacklists, which should work, however, it wont. We have no way of predicting which combination of blacklists somebody would opt to load so we cannot create some code to willy nilly remove domains on th fly..

Further Expounding. A solution is required to address the problem of loading multiple blacklists with overlapping domain entries.

Here is the solution.

We add on-error={} to the end of the line, this seems to be a great workaround and has eliminated the issue.

dsdfsdsdf

As a result of publishing this article and the work we have done here, our ADS blacklist for blocking ads using Mikrotik RouterOS Static DNS will now be free for everybody to download and use to show our appreciation for contributions.

It can be downloaded at the following url. http://www.squidblacklist.org/downloads/tik-dns-ads.rsc

A huge thank you to the developers, and to the volunteers who spent countless hours resolving issues, and creating a better future.

Thank you to Jonas Carlsson of remote24.se for contacting us with scripting support on the resolution of issue #4

Thank you for your time, and we hope that making this information public will help somebody out there.

Respectfully,

Benjamin E. Nichols
http://www.squidblacklist.org


If you like what we are doing here and want to support our efforts, please consider subscribing to download all of our blacklists.

Flat rate subscription. For full access to all of our works, select a membership option & subscribe today.



Select Payment Option



  • You will be issued a username and password.
  • You will be granted access to our member area.
  • 5 Year Membership Option now available.
  • For lifetime membership options click here.clipart
  • Contact us if you would like a pre order invoice.

Disclaimer: All sales are final, we do not issue refunds. Cancel your subscription anytime.


New Blacklist: A List of Terrorist & Extremist Domains.

We have been working to compile the initial release of a new blacklist, which we have now released in the members area of Squidblacklist.org. Available for immediate download, our new and unique “Terrorism and Extremism” Domain Blacklist. Available now for all current and new subscribers. As is always, we have formatted this blacklist for use with multiple platforms.

DNS Zone format, RouterOS DNS and Web Proxy *RSC import script, Squid Proxy Native ACL format, as well as plain text Dansguardian/SquidGuard Compatible format for use with all other web filtering platforms and applications.

Subscribe today and find out why so many have switched. Shouldnt you be using a higher class blacklist?

We are committed to continually evolve the technology we are using on the backend to produce ever increasingly better publications, We are proud to consistently bring ever more refined and simply the highest quality blacklists available.


Subscribe Now For Zone Access.

Flat rate subscription. For full access to all of our works, select a membership option & subscribe today.



Select Payment Option



  • You will be issued a username and password.
  • You will be granted access to our member area.
  • 5 Year Membership Option now available.
  • For lifetime membership options click here.clipart
  • Contact us if you would like a pre order invoice.

Disclaimer: All sales are final, we do not issue refunds. Cancel your subscription anytime.


Update: RouterOS and Large Static DNS Blacklists

We would like to extend a huge debt of gratitude for Mikrotik’s rapid and appropriate response to the issues we recently had related to a new updated version of RouterOS and changes that were made to the way the OS handles static DNS entries.

We were a bit surprised when we were forced to make changes to the format, and in doing so, had discovered that RouterOS needed some optimizations, which Mikrotik software engineers were happy to work with us, and roll out an update to RouterOS that optimizes the import speed of large blacklists on Mikrotik RouterOS.

They also were generous and advised us on how to appropriately eliminate an issue we were having with our dns blacklist format. I would like to thank the members of the Mikrotik public forum for help getting the regex format corrected.

Thank you all!


If you like what we are doing here and want to support our efforts, please consider subscribing to download all of our blacklists.

Flat rate subscription. For full access to all of our works, select a membership option & subscribe today.



Select Payment Option



  • You will be issued a username and password.
  • You will be granted access to our member area.
  • 5 Year Membership Option now available.
  • For lifetime membership options click here.clipart
  • Contact us if you would like a pre order invoice.

Disclaimer: All sales are final, we do not issue refunds. Cancel your subscription anytime.


Updates and Changes to Mikrotik RouterOS Blacklists

There have been some changes in the latest version of Mikrotik RouterOS, which meant we really had no choice but to make some minor changes, otherwise the old format simply would fail to work when you tried to load them into a current version of Mikrotik RouterOS ( version v6.37 or newer ).

It seems Mikrotik decided, for whatever reason, to change the way static dns entries are handled.

RouterOS DNS Static Entry Change - Side by Side Comparison
RouterOS DNS Static Entry Change – Side by Side Comparison

As you can see in the image above , the changes were significant enough to force us to make the changes, if you are havin any issues loading our blacklists then you should update to the latest version of RouterOS as soon as possible.

We also decided that it would be best to add a single line to the headers included in each blacklist, to remove old entries befoe loading the new ones. Of course any knowledgeable admin would know to do this, but we felt is was something that should already be included in the blacklists for your convenience.

NEW FORMAT:

# TiK-DNS-Ads: Blacklist compiled by SquidBlacklist.org 10-01-2016. -MADE IN USA-
:log info "tik dns ads blacklist script import started"
:local redirectIP "127.0.0.1"
/ip dns static remove [find comment="sbl ads"]
/ip dns static
add regexp="^(.*\\.)\?004\\.frnl\\.de\$" address="$redirectIP" comment="sbl ads"
add regexp="^(.*\\.)\?01s\\.net\$" address="$redirectIP" comment="sbl ads"
add regexp="^(.*\\.)\?01viral\\.com\$" address="$redirectIP" comment="sbl ads"
add regexp="^(.*\\.)\?0427d7\\.se\$" address="$redirectIP" comment="sbl ads"
add regexp="^(.*\\.)\?0702\\.de\$" address="$redirectIP" comment="sbl ads"
add regexp="^(.*\\.)\?0ca\\.net\$" address="$redirectIP" comment="sbl ads"

I hope this will help to clarify for those of you who are scratching your heads about the sudden changes.

Thank you for your support.

Signed,

Benjamin E. Nichols
http://www.squidblacklist.org


Blacklisting has Evolved. Subscribe Now!

Flat rate subscription. Select a membership option & subscribe.



Select Payment Option



  • You will be issued a username and password.
  • You will be granted access to our member area.
  • 5 Year Membership Option now available.
  • For lifetime membership options click here.clipart
  • Contact us if you would like a pre order invoice.

Disclaimer: All sales are final, we do not issue refunds. Cancel your subscription anytime.


Music website/domain blacklist for content filtering published.

We have had a video, and an image blacklist for a while now, so it only seemed right to include a music blacklist. This became clear as it was requested by one of our current members who is responsible for content filtering at an educational facility.

The new Music domain blacklist for web filtering purposes has been added to our existing line up and is available in the ‘all’ archive as well as standalone download, just as you would expect any other blacklist that we offer, this blacklist is also available in multiple formats for broad compatibility with most content filters and url filtering platforms and applications.

Enhance your web filtering strategy with enhanced blacklists and subscribe today.


Blacklisting has Evolved. Subscribe Now!

Flat rate subscription. Select a membership option & subscribe.



Select Payment Option



  • You will be issued a username and password.
  • You will be granted access to our member area.
  • 5 Year Membership Option now available.
  • For lifetime membership options click here.clipart
  • Contact us if you would like a pre order invoice.

Disclaimer: All sales are final, we do not issue refunds. Cancel your subscription anytime.


Updating Blacklists For RouterOS From Squidblacklist.org

Content filtering using domain name blacklists on Mikrotik RouterOS devices.

To automatically download or update your blacklists from Squidblacklist.org onto your RouterOS devices, there are several methods, but the most straightforward is going to likely be using winbox and the system scheduler.

To update your blacklists we can use the following example to fetch tik-ads.rsc:


/tool fetch address=www.squidblacklist.org host=www.squidblacklist.org mode=http src-path=/downloads/squidblacklists/tik/dns/tik-dns-ads.rsc user=some-username password=some-password

Scheduled Automatic Blacklist Download.
Scheduled Automatic Blacklist Download.

Now that we have scheduled a task to download the blacklists, we need to also add a task to actually import the blacklists. Its a good idea to schedule this to run a few minutes later.

Scheduled RouterOS Blacklist Import
Scheduled RouterOS Blacklist Import

:log warning "Disabling system Logging";
import tik-dns-ads.rsc
/system logging enable 0


Also see our other RouterOS related materials. Mikrotik RouterOS Malicious IP Blacklist – Firewall Import Script – Gratis
Mikrotik RouterOS Blacklist Validation Testing & Compatibility Chart Update Posted.
Mikrotik RouterOS Blacklists


Get a username and password – Subscribe now.

Flat rate subscription. Select a membership option & subscribe.



Select Payment Option



  • You will be issued a username and password.
  • You will be granted access to our member area.
  • 5 Year Membership Option now available.
  • For lifetime membership options click here.clipart
  • Contact us if you would like a pre order invoice.

Disclaimer: All sales are final, we do not issue refunds. Cancel your subscription anytime.


Mikrotik RouterOS Malicious IP Blacklist – Firewall Import Script – Gratis

Happy New Year! @Mikrotik @RouterOS fans!

logo_new800

We have published a malicious ip blacklist for free! Combined dshield and spamhaus malicious blacklists formatted for Mikrotik RouterOS .rsc import script to firewall address list, updated daily and formatted by our servers for easy import and download into your Mikrotik Router.

It can be downloaded directly here. Or follow the instructions below to setup firewall rules and schedule automatic daily updates on any Mikrotik Router.


To automatically download, update, and apply the combind Dshield, Spamhaus ip blacklists on your Mikrotik Router:

First: Log into Winbox.

Open a terminal and add the following three firewall rules

/ip firewall filter add chain=input src-address-list=drop.dshield action=drop log=drop.dshield
/ip firewall filter add chain=input src-address-list=drop.spamhaus1 action=drop log=drop.spamhaus1
/ip firewall filter add chain=input src-address-list=drop.spamhaus2 action=drop log=drop.spamhaus2


Now we need to schedule the automated update: Go to system scheduler and create a new task.

Update spamhaus dshield routeros blacklists.
/tool fetch address=www.squidblacklist.org host=www.squidblacklist.org mode=http src-path=/downloads/drop.malicious.rsc


Now we schedule the import task: Go to system scheduler and create a new task.
 /tool fetch address=www.squidblacklist.org host=www.squidblacklist.org mode=http src-path=/downloads/drop.malicious.rsc
/tool fetch address=www.squidblacklist.org host=www.squidblacklist.org mode=http src-path=/downloads/drop.malicious.rsc


Support Our Efforts – Subscribe Today.

Flat rate subscription. Select a membership option & subscribe.



Select Payment Option



  • You will be issued a username and password.
  • You will be granted access to our member area.
  • 5 Year Membership Option now available.
  • For lifetime membership options click here.clipart
  • Contact us if you would like a pre order invoice.

Disclaimer: All sales are final, we do not issue refunds. Cancel your subscription anytime.


Domain Whitelist For Content Filtering Published

Our domain whitelist for content filtering purposes is now available for public access.

 

This whitelist does not contain any torrent or porn sites and should provide a good baseline  whitelist for general audiences.

 

It can be downloaded here.


Subscribe Today – Paypal or Credit Card Accepted.

Flat rate subscription. Select a membership option & subscribe.



Select Payment Option



  • You will be issued a username and password.
  • You will be granted access to our member area.
  • 5 Year Membership Option now vvailable.
  • For lifetime membership options click here.clipart
  • Contact us if you would like a pre order invoice.

Disclaimer: All sales are final, we do not issue refunds. Cancel your subscription anytime.

Mikrotik RouterOS Blacklist Validation Testing & Compatibility Chart Update Posted.

logo_new800

CCR1036-12G-4S & Porn Blacklist
CCR1036-12G-4S & Porn Blacklist

We have retooled our backend logic which has had a dramatic impact on the size and contents of our blacklists, just another reason for us to retest the RouterBoards we have available to see which blacklists are able to run on them and which ones cannot.  We posted the results of our findings in the following chart.

Mikrotik 951G-2HnD
Mikrotik 951G-2HnD

We also added two new routers to the chart, the map2n and 951G-2HnD.  Which we recently received for testing. We have prepared a compatibility chart for your review.

Mikrotik RBmAP2n
Mikrotik RBmAP2

 

 

Mikrotik compatible conversions of our blacklists are available to all subscribers in .rsc import script formats for both Mikrotik Web Proxy Access Blacklist and Mikrotik DNS Access Blacklist. Subscribe Now.

Test it for yourself! Download this sample Mikrotik Web Proxy blacklist tik-ads.rsc


Subscribe Today – Paypal or Credit Card Accepted.

Flat rate subscription. Select a membership option & subscribe.



Select Payment Option



  • You will be issued a username and password.
  • You will be granted access to our member area.
  • 5 Year Membership Option now vvailable.
  • For lifetime membership options click here.clipart
  • Contact us if you would like a pre order invoice.

Disclaimer: All sales are final, we do not issue refunds. Cancel your subscription anytime.