We have rewritten our Mikrotik RouterOS malicious ip address list import script for Mikrotik RouterOS ip firewall. Now included is blocklist.de and malc0de. Along with dshield and spamhaus drop and edrop blacklists. If you have been using our malicious blacklist you will need to update your firewall rules to reflect the changes.
We update every 30 minutes, and therefore we recommend that you set your scheduler for 30 minute update intervals when updating this blacklist to ensure the most recent data is loaded in your routers.
Suggested IP Firewall Rules An example.
ip firewall raw add chain=prerouting dst-address-list="sbl dshield" action=drop comment="sbl dshield"
ip firewall raw add chain=prerouting dst-address-list="sbl spamhaus" action=drop comment="sbl spamhaus"
ip firewall raw add chain=prerouting dst-address-list="sbl blocklist.de" action=drop comment="sbl blocklist.de"
Please examine the blacklists and note that we arent adding any firewall rules with our blacklists, instead, we have simply formatted them so that all they do is import the address lists, which respects your freedom to choose how you should best apply these lists in your own firewall.
Credit to the professionals and original authors of the source blacklists, whom we should thank for their personal time and effort making this data available. They have made these data feeds available to the public free of charge, and therefore, so shall we.
A note for anybody who was using this blacklist before June 6 2017:
We also changed the names of the existing address lists to make things less cluttered. So you will need to make the change entries listed above to continue using the blacklist effectivly. As a courtesy we have included a few lines to remove the old address lists, which we will leave for the next week while your systems pull the new updates.
Thank you and we hope you enjoy the improved malicious ip blacklists for Mikrotik Routeros firewall.
Update: Malc0de REMOVED due to high fp and lack of concern from the publisher.