2018-10-06 00:02:10 +02:00
# Mikrotik-Blacklist
2018-10-05 19:51:39 +02:00
This is a blocklist I use with on my Mikrotik router to block all connections from known spam/criminal/etc. networks.
2018-10-15 21:51:48 +02:00
Every couple days I pull lists from:
2018-10-06 00:20:09 +02:00
- Spamhaus (DROP & EDROP)
2018-10-05 23:54:37 +02:00
- dShield
2018-10-09 12:39:41 +02:00
- blacklist.de (all.txt)
2020-05-18 15:25:56 +02:00
- Feodo
2023-04-12 22:05:46 +02:00
- pfSense lists
2018-10-05 23:54:37 +02:00
2020-07-06 00:00:07 +02:00
and reformat it to allow automatic import to MT routers. This is automated process so if you see errors in the final list open an issue please.
2018-10-05 23:46:59 +02:00
2023-04-13 16:35:50 +02:00
# READ THIS BEFORE GOING ANY FORWARD!
As of April 2023 blocklist has almost 5MB, installing this on a device with low disk space, such as HeX PoE, may (and almost certainly will) cause issues such as inability to save other settings if disk is full. You have been warned.
2018-10-05 23:46:59 +02:00
## How to run this on MT
2020-12-07 10:20:46 +01:00
Run following to your MT device with not less that 7d schedule (sources are not updated more frequently anyway):
2018-10-05 23:54:37 +02:00
Download script:
2021-03-13 12:04:56 +01:00
`/tool fetch url="https://raw.githubusercontent.com/pwlgrzs/Mikrotik-Blacklist/master/blacklist.rsc" mode=https`
2018-10-05 23:54:37 +02:00
Install script:
2021-03-13 12:04:56 +01:00
`/ip firewall address-list remove [find where list="pwlgrzs-blacklist"]; /import file-name=blacklist.rsc`
2018-10-05 23:54:37 +02:00
2018-10-05 23:59:17 +02:00
You'll also need firewall rule:
2021-03-13 12:04:56 +01:00
`/ip firewall filter add chain=input action=drop connection-state=new src-address-list=pwlgrzs-blacklist in-interface=IFNAME`
2018-10-06 11:32:26 +02:00
*Note: Replace IFNAME in-interface name with one you have configured*
2018-10-06 10:20:13 +02:00
2023-04-13 14:06:02 +02:00
Check out more detailed instructions [here ](https://pawelgrzes.pl/posts/Mikrotik-Blocking-unwanted-connections-with-external-IP-list/ ).
2018-10-06 11:43:04 +02:00
You can also import install.rsc file, it will do all of above for you.
2020-09-14 09:57:12 +02:00
Upload to MT and run `/import file-name=install.rsc` in terminal. You still need to manually add firewall rule.
2020-07-06 00:00:07 +02:00
2018-10-05 23:54:37 +02:00
## TODO
- Add more sources.