2018-10-06 00:02:10 +02:00
# Mikrotik-Blacklist
2018-10-05 19:51:39 +02:00
This is a blocklist I use with on my Mikrotik router to block all connections from known spam/criminal/etc. networks.
2018-10-15 21:51:48 +02:00
Every couple days I pull lists from:
2018-10-06 00:20:09 +02:00
- Spamhaus (DROP & EDROP)
2018-10-05 23:54:37 +02:00
- dShield
2018-10-09 12:39:41 +02:00
- blacklist.de (all.txt)
2020-05-18 15:25:56 +02:00
- Feodo
2023-09-17 13:55:42 +02:00
- FireHOL
2018-10-05 23:54:37 +02:00
2020-07-06 00:00:07 +02:00
and reformat it to allow automatic import to MT routers. This is automated process so if you see errors in the final list open an issue please.
2018-10-05 23:46:59 +02:00
2023-04-13 16:35:50 +02:00
# READ THIS BEFORE GOING ANY FORWARD!
2023-04-23 00:00:15 +02:00
As of April 2023 blocklist has almost 5MB, installing this on a device with low disk space, such as HeX PoE, may (and almost certainly will) cause issues such as inability to save other settings if disk is full.
2023-04-15 00:34:55 +02:00
If you have a device with 16MB disk space I suggest you use a light version of the list, it's also being updated but without heavy pfSense sources.
2023-04-13 16:35:50 +02:00
2018-10-05 23:46:59 +02:00
## How to run this on MT
2020-12-07 10:20:46 +01:00
Run following to your MT device with not less that 7d schedule (sources are not updated more frequently anyway):
2018-10-05 23:54:37 +02:00
2023-04-15 00:34:55 +02:00
1. Download install.rsc or install-light.rsc file and upload it to your device
2. In the Mikrotik terminal run: `/import install.rsc` or `/import install-light.rsc`
3. Enjoy!
2018-10-05 23:54:37 +02:00
2018-10-05 23:59:17 +02:00
You'll also need firewall rule:
2021-03-13 12:04:56 +01:00
`/ip firewall filter add chain=input action=drop connection-state=new src-address-list=pwlgrzs-blacklist in-interface=IFNAME`
2018-10-06 11:32:26 +02:00
*Note: Replace IFNAME in-interface name with one you have configured*
2018-10-06 10:20:13 +02:00
2023-04-15 00:34:55 +02:00
I sometimes add updates and notes about the list [here ](https://pawelgrzes.pl/posts/Mikrotik-Blocking-unwanted-connections-with-external-IP-list/ ).
2020-07-06 00:00:07 +02:00
2023-04-15 00:34:55 +02:00
## Changelog:
2023-09-17 13:55:42 +02:00
- 17.09.2023
- pfSense sources removed due to permanent 404
- added FireHOL source for standard list
2023-04-15 00:34:55 +02:00
- 15.04.2023
- Added light version of the list (without heavy pfSense sources) for small disk devices
- Added light version installer
- Installers now remove themselves
- 12.04.2023
- added pfSense sources (abuse, badguys, block)
2023-04-16 00:00:12 +02:00
### TODO
- Add more sources.