Mikrotik RouterOS IP Address List – Malicious Blacklist Updated.

Squidblacklist

Squidblacklist.org , serving intelligent network administrators hi quality blacklists for effective, targeted inline web filtering Since 2012.

You may also like...

12 Responses

  1. John Smith says:

    Terrific !!!
    Thanks a lot for your business!

    Urlblacklist.com has no respect for their customers, at least you actually respond to support requests.

  2. Squidly says:

    Why are you blocking traffic *to* these addresses rather than *from* them?

    • We arent adding any firewall rules with our blacklists, all they do is import the address lists, which gives you the freedom to decide for yourself how you apply these lists in your firewall.

      Thank you for your interest. I must also point out that blocking inbound traffic behind nat, isnt really helping all that much, when you consider that egress exfiltration of your data to malicious hosts may actually be the bigger threat. And I would additionally posit that blocking inbound and outbound traffic to these malicious hosts would be preferred. But again, how you configure your firewall rules is your business.

      • Squidly says:

        I know the scripts are not adding rules; I was referring to your blog post’s “Suggested IP Firewall Rules” which block outbound traffic rather than inbound traffic.

  3. Deantwo says:

    The line “/ip firewall address-list” (for example the 9th line) is unnecessary, because the “/do { … }” start out from root and you already have full path defined anyway.

    • That is untrue,, when you actually run the script without that line, you will find out that without it, the import process breaks, and thus it is necessary, its also trivial and not worth complaining about as there are no known problems resulting from that line being in place.

  4. kometch says:

    This is very good filter information.
    I will use it.

    I have one request.
    Would not it be possible to set the timeout on a day etc?
    Because it is NAND friendly as it does not need to write list information to NAND by setting it to Dynamic.

    Best regards.

    • You can set the time interval to whatever you like, its your router.

      • Kevin says:

        How how often the list refreshes the download, but during the import process, to have it not write it to flash memory.

        The time interval is set during the import, part of your script, right now the first entry is:

        /do {ip firewall address-list add list=”sbl blocklist.de” address=1.160.131.66} on-error={}

        It would become:

        /do {ip firewall address-list add list=”sbl blocklist.de” address=1.160.131.66 timeout=1d} on-error={}

        Regardless, I really appreciate the script, just found this site today, much better than any blacklist I have found so far.

        I agree with the other comment though, your ‘Suggested IP Firewall Rules’ should be source based, not destination

        Regardless, thank you very much.

  5. K. Redzuan says:

    I agree on Kevin, if address-list has timeout, not only it will save NAND, it also friendly to those Mikrotik 16MB models. According to wiki Mikrotik ” If the timeout parameter is not specified, then the address will be saved to the list permanently to the disk”.
    At 32k of address-lists, it will cause 0% free storage (based on my experience on my hap ac2)

  6. It is done gentlemen, thanks!

Leave a Reply

Your email address will not be published. Required fields are marked *

*