pwlgrzs.Mikrotik-Blacklist/README.md

# Mikrotik-Blacklist
This is a blocklist I use with on my Mikrotik router to block all connections from known spam/criminal/etc. networks.

Every couple days I pull lists from:
- Spamhaus (DROP & EDROP)
- dShield  
- blacklist.de (all.txt)
- Feodo
- FireHOL

and reformat it to allow automatic import to MT routers. This is automated process so if you see errors in the final list open an issue please.

# READ THIS BEFORE GOING ANY FORWARD!

As of April 2023 blocklist has almost 5MB, installing this on a device with low disk space, such as HeX PoE, may (and almost certainly will) cause issues such as inability to save other settings if disk is full.  
If you have a device with 16MB disk space I suggest you use a light version of the list, it's also being updated but without heavy sources.

## How to run this on MT
Run following to your MT device with not less that 7d schedule (sources are not updated more frequently anyway):  

1. Download install.rsc or install-light.rsc file and upload it to your device
2. In the Mikrotik terminal run: `/import install.rsc` or `/import install-light.rsc`
3. Enjoy!

You'll also need firewall rule:  
`/ip firewall raw add chain=prerouting action=drop in-interface-list=WAN log=no log-prefix="" src-address-list=pwlgrzs-blacklist`  
*Note: Replace WAN in in-interface-list with one you have configured*

I sometimes add updates and notes about the list [here](https://pawelgrzes.pl/posts/Mikrotik-Blocking-unwanted-connections-with-external-IP-list/).

## Changelog:
 - 25.01.2023
   - rewritten blacklist script due to potential issue with filesize.
 - 17.09.2023
   - added danger.rulez.sk bruteforceblocker as source
   - added Tor exit nodes list
 - 17.09.2023
   - pfSense sources removed due to permanent 404
   - added FireHOL abusers source for standard list
 - 15.04.2023
   - Added light version of the list (without heavy pfSense sources) for small disk devices
   - Added light version installer
   - Installers now remove themselves
 - 12.04.2023
   - added pfSense sources (abuse, badguys, block)

### TODO
 - Add more sources.
Update README.md 2018-10-06 00:02:10 +02:00			`# Mikrotik-Blacklist`
Update README.md 2018-10-05 19:51:39 +02:00			`This is a blocklist I use with on my Mikrotik router to block all connections from known spam/criminal/etc. networks.`

Update to the list 2018-10-15 21:51:48 +02:00			`Every couple days I pull lists from:`
Update README.md 2018-10-06 00:20:09 +02:00			`- Spamhaus (DROP & EDROP)`
Update README.md 2018-10-05 23:54:37 +02:00			`- dShield`
Update README.md 2018-10-09 12:39:41 +02:00			`- blacklist.de (all.txt)`
Update README.md 2020-05-18 15:25:56 +02:00			`- Feodo`
Update to the list 2023-09-17 13:55:42 +02:00			`- FireHOL`
Update README.md 2018-10-05 23:54:37 +02:00
Update to the list 2020-07-06 00:00:07 +02:00			`and reformat it to allow automatic import to MT routers. This is automated process so if you see errors in the final list open an issue please.`
Update README.md 2018-10-05 23:46:59 +02:00
Update to the list 2023-04-13 16:35:50 +02:00			`# READ THIS BEFORE GOING ANY FORWARD!`

Update to the list 2023-04-23 00:00:15 +02:00			`As of April 2023 blocklist has almost 5MB, installing this on a device with low disk space, such as HeX PoE, may (and almost certainly will) cause issues such as inability to save other settings if disk is full.`
Update to the list 2023-09-24 00:00:13 +02:00			`If you have a device with 16MB disk space I suggest you use a light version of the list, it's also being updated but without heavy sources.`
Update to the list 2023-04-13 16:35:50 +02:00
Update README.md 2018-10-05 23:46:59 +02:00			`## How to run this on MT`
Update to the list 2020-12-07 10:20:46 +01:00			`Run following to your MT device with not less that 7d schedule (sources are not updated more frequently anyway):`
Update README.md 2018-10-05 23:54:37 +02:00
Update to the list 2023-04-15 00:34:55 +02:00			`1. Download install.rsc or install-light.rsc file and upload it to your device`
			2. In the Mikrotik terminal run: `/import install.rsc` or `/import install-light.rsc`
			`3. Enjoy!`
Update README.md 2018-10-05 23:54:37 +02:00
Update README.md 2018-10-05 23:59:17 +02:00			`You'll also need firewall rule:`
Update to the light list 2025-02-10 17:40:22 +01:00			`/ip firewall raw add chain=prerouting action=drop in-interface-list=WAN log=no log-prefix="" src-address-list=pwlgrzs-blacklist`
			`Note: Replace WAN in in-interface-list with one you have configured`
Update README.md 2018-10-06 10:20:13 +02:00
Update to the list 2023-04-15 00:34:55 +02:00			`I sometimes add updates and notes about the list [here](https://pawelgrzes.pl/posts/Mikrotik-Blocking-unwanted-connections-with-external-IP-list/).`
Update to the list 2020-07-06 00:00:07 +02:00
Update to the list 2023-04-15 00:34:55 +02:00			`## Changelog:`
Update to the light list 2025-01-25 17:38:34 +01:00			`- 25.01.2023`
			`- rewritten blacklist script due to potential issue with filesize.`
Update to the list 2023-09-17 19:24:06 +02:00			`- 17.09.2023`
			`- added danger.rulez.sk bruteforceblocker as source`
			`- added Tor exit nodes list`
Update to the list 2023-09-17 13:55:42 +02:00			`- 17.09.2023`
			`- pfSense sources removed due to permanent 404`
Update to the list 2023-09-17 19:24:06 +02:00			`- added FireHOL abusers source for standard list`
Update to the list 2023-04-15 00:34:55 +02:00			`- 15.04.2023`
			`- Added light version of the list (without heavy pfSense sources) for small disk devices`
			`- Added light version installer`
			`- Installers now remove themselves`
			`- 12.04.2023`
			`- added pfSense sources (abuse, badguys, block)`
Update to the list 2023-04-16 00:00:12 +02:00
			`### TODO`
			`- Add more sources.`