« Mikrotik : Intégrer des blacklists » : différence entre les versions

De www.yakakliker.org
(Page créée avec « <syntaxhighlight lang="bash"> /system script add name="Download_dshield" source={ /tool fetch url="http://blacklist.comasys.loc/dshield.rsc" mode=http; :log info "Downloaded dshield.rsc from http://blacklist.comasys.loc"; } /system script add name="Replace_dshield" source={ /ip firewall address-list remove [find where comment="DShield"] /import file-name=dshield.rsc; :log info "Removed old dshield records and imported new list"; } /system scheduler add comment=... »)
 
Aucun résumé des modifications
Ligne 114 : Ligne 114 :
=== Liens ===
=== Liens ===
http://joshaven.com/resources/tricks/mikrotik-automatically-updated-address-list/
http://joshaven.com/resources/tricks/mikrotik-automatically-updated-address-list/
https://iplists.firehol.org/


[[Catégorie:Mikrotik]]
[[Catégorie:Mikrotik]]
[[Catégorie:Reseau]]
[[Catégorie:Reseau]]
[[Catégorie:Blacklist]]
[[Catégorie:Blacklist]]

Version du 19 mars 2024 à 14:22

/system script add name="Download_dshield" source={
/tool fetch url="http://blacklist.comasys.loc/dshield.rsc" mode=http;
:log info "Downloaded dshield.rsc from http://blacklist.comasys.loc";
}

/system script add name="Replace_dshield" source={
/ip firewall address-list remove [find where comment="DShield"]
/import file-name=dshield.rsc;
:log info "Removed old dshield records and imported new list";
}

/system scheduler add comment="Download dshield list" interval=1d name="DownloadDShieldList" on-event=Download_dshield start-date=jan/01/1970 start-time=00:19:05
/system scheduler add comment="Apply dshield List" interval=1d name="InstallDShieldList" on-event=Replace_dshield start-date=jan/01/1970 start-time=00:24:05


/ip firewall raw add action=drop chain=prerouting comment="Blacklist Dshield" log=yes src-address-list=dshield
/ip firewall filter add chain=input action=drop comment="Drop new connections from dshield" connection-state=new src-address-list=dshield in-interface=ether1
/ip firewall filter add chain=forward action=drop comment="Drop new connections from dshield" src-address-list=dshield in-interface=ether1


/system script add name="Downloadciarmy" source={
/tool fetch url="http://blacklist.comasys.loc/ciarmy.rsc" mode=http;
:log info "Downloaded Blacklist ciarmy.rsc from http://blacklist.comasys.loc";
}


/system script add name="Replaceciarmy" source={
/ip firewall address-list remove [find where comment="ciarmy"]
/import file-name=ciarmy.rsc;
:log info "Removed old ciarmy records and imported new list";
}


/system scheduler add comment="Download ciarmy list" interval=1d name="DownloadciarmyList" on-event=Downloadciarmy start-date=jan/01/1970 start-time=04:30:04
/system scheduler add comment="Apply ciarmy List" interval=1d name="InstallciarmyList" on-event=Replaceciarmy start-date=jan/01/1970 start-time=04:35:04


/ip firewall raw add action=drop chain=prerouting comment="Blacklist ciarmy" log=yes src-address-list="ciarmy"
/ip firewall filter add chain=input action=drop comment="Drop new connections from ciarmy" connection-state=new src-address-list=ciarmy in-interface=ether1
/ip firewall filter add chain=forward action=drop comment="Drop new connections from ciarmy" src-address-list=ciarmy in-interface=ether1




/system script add name="Downloadmyipms" source={
/tool fetch url="http://blacklist.comasys.loc/myipms.rsc" mode=http;
:log info "Downloaded Blacklist myipms.rsc from http://blacklist.comasys.loc";
}

/system script add name="Replacemyipms" source={
/ip firewall address-list remove [find where comment="myipms"]
/import file-name=myipms.rsc;
:log info "Removed old myipms records and imported new list";
}


/system scheduler add comment="Download myipms list" interval=1d name="DownloadmyipmsList" on-event=Downloadmyipms start-date=jan/01/1970 start-time=02:01:04
/system scheduler add comment="Apply myipms List" interval=1d name="InstallmyipmsList" on-event=Replacemyipms start-date=jan/01/1970 start-time=02:01:04


/ip firewall raw add action=drop chain=prerouting comment="Blacklist myip.ms" log=yes src-address-list=myipms
/ip firewall filter add chain=input action=drop comment="Drop new connections from myipms" connection-state=new src-address-list=myipms in-interface=ether1
/ip firewall filter add chain=forward action=drop comment="Drop new connections from myipms" src-address-list=myipms in-interface=ether1


/system script add name="Downloadcybercrime" source={
/tool fetch url="http://blacklist.comasys.loc/cybercrime2.rsc" mode=http;
:log info "Downloaded cybercrime2.rsc from http://blacklist.comasys.loc";
}

/system script add name="Replacecybercrime" source={
/ip firewall address-list remove [find where comment="cybercrime2"]
/import file-name=cybercrime2.rsc;
:log info "Removed old cybercrime records and imported new list";
}

/system scheduler add comment="Download cybercrime list" interval=1d name="Downloadcybercrime2" on-event=Downloadcybercrime start-date=jan/01/1970 start-time=05:10:04
/system scheduler add comment="Apply cybercrime List" interval=1d name="Installcybercrime2" on-event=Replacecybercrime start-date=jan/01/1970 start-time=05:15:04



/ip firewall raw add action=drop chain=prerouting comment="Blacklist cybercrime" log=yes src-address-list=cybercrime2
/ip firewall filter add chain=input action=drop comment="Drop new connections from cybercrime2" connection-state=new src-address-list=cybercrime2 in-interface=ether1
/ip firewall filter add chain=forward action=drop comment="Drop new connections from cybercrime2" src-address-list=cybercrime2 in-interface=ether1



/system script add name="Downloadblocklist" source={
/tool fetch url="http://blacklist.comasys.loc/blocklist.rsc" mode=http;
:log info "Downloaded Blacklist blocklist.rsc from http://blacklist.comasys.loc";
}


/system script add name="Replaceblocklist" source={
/ip firewall address-list remove [find where comment="blocklist"]
/import file-name=blocklist.rsc;
:log info "Removed old blocklist records and imported new list";
}


/system scheduler add comment="Download blocklist list" interval=1d name="DownloadblocklistList" on-event=Downloadblocklist start-date=jan/01/1970 start-time=02:21:04
/system scheduler add comment="Apply blocklist List" interval=1d name="InstallblocklistList" on-event=Replaceblocklist start-date=jan/01/1970 start-time=02:26:04


/ip firewall raw add action=drop chain=prerouting comment="Blacklist blocklist.de" log=yes src-address-list=blocklist
/ip firewall filter add chain=input action=drop comment="Drop new connections from blocklist" connection-state=new src-address-list=blocklist in-interface=ether1
/ip firewall filter add chain=forward action=drop comment="Drop new connections from blocklist" src-address-list=blocklist in-interface=ether1

Liens

http://joshaven.com/resources/tricks/mikrotik-automatically-updated-address-list/

https://iplists.firehol.org/