Mikrotik RouterOS Malicious IP Blacklist – Firewall Import Script – Gratis

Squidblacklist

Squidblacklist.org , serving intelligent network administrators hi quality blacklists for effective, targeted inline web filtering Since 2012.

You may also like...

8 Responses

  1. Stephan says:

    Hi Squidblacklist
    The filer rules is no correct, I belief it must look like this.

    /ip firewall filter add chain=input src-address-list=drop.dshield action=drop log=yes comment=”drop.dshield”
    /ip firewall filter add chain=input src-address-list=drop.spamhaus1 action=drop log=yes comment=”drop.spamhaus1″
    /ip firewall filter add chain=input src-address-list=drop.spamhaus2 action=drop log=yes comment=”drop.spamhaus2″

    Bigfoot

  2. [* Shield plugin marked this comment as “trash”. Reason: Failed GASP Bot Filter Test (comment token failure) *]
    For recent RouterOS version syntax for creating rules is:
    /ip firewall filter add chain=input src-address-list=drop.dshield action=drop log=yes log-prefix=drop.dshield
    /ip firewall filter add chain=input src-address-list=drop.spamhaus1 action=drop log=yes log-prefix=drop.spamhaus1
    /ip firewall filter add chain=input src-address-list=drop.spamhaus2 action=drop log=yes log-prefix=drop.spamhaus2

    • We have updated our list format since this was posted, thank you.

      • Ron Burgundy says:

        So which method is correct or better? At the top of this article, the firewall rules use “chain=prerouting dst-address-list= ” but the commenter Robert Verdam says it should be “chain=input src-address-list= “

        • Thats for you to decide how best to configure your firewall rules on your router isnt it?

          • Ron Burgundy says:

            Wow, that’s rude. I am genuinely asking for help, not trolling at all.

            Many such as myself who are well versed in networking concepts still find the obscure concepts of Mikrotik router configuration to be somewhat mysterious.
            I would like to know the difference between the two methods I mentioned, such as which method might have the lesser performance impact, or which method might work better in other ways.

  3. Michael Spurlock says:

    [* Shield plugin marked this comment as “trash”. Reason: Failed GASP Bot Filter Test (comment token failure) *]
    Hi guys! Thanks so much for this! Just a quick note: The text under the second Schedule is incorrect and should be the same as the text in the photo for the related schedule rather than a copy of the first schedule. Here is the text it should be for your convenience:

    :log warning “Disabling system logging”;
    import drop.malicious.rsc
    /system logging enable 0

Leave a Reply

Your email address will not be published. Required fields are marked *

*