├── .github └── FUNDING.yml ├── README.md ├── blacklist-light.rsc ├── blacklist.rsc ├── install-light.rsc └── install.rsc /.github/FUNDING.yml: -------------------------------------------------------------------------------- 1 | ko_fi: pblvsk # Replace with a single Ko-fi username -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Mikrotik-Blacklist 2 | This is a blocklist I use with on my Mikrotik router to block all connections from known spam/criminal/etc. networks. 3 | 4 | # Project announcement 5 | 6 | Good day people, because of personal stuff going on I cannot support this project further, it's already been going "on its own" or a while. I am leaving this as is (meaning the script will be pushing changes until it's not). 7 | I suggest moving to more actively developed lists. 8 | 9 | Sorry and thank you! 10 | 11 | ----------------------- 12 | 13 | Every couple days I pull lists from: 14 | - Spamhaus (DROP & EDROP) 15 | - dShield 16 | - blacklist.de (all.txt) 17 | - Feodo 18 | - FireHOL 19 | 20 | and reformat it to allow automatic import to MT routers. This is automated process so if you see errors in the final list open an issue please. 21 | 22 | # READ THIS BEFORE GOING ANY FORWARD! 23 | 24 | As of April 2023 blocklist has almost 5MB, installing this on a device with low disk space, such as HeX PoE, may (and almost certainly will) cause issues such as inability to save other settings if disk is full. 25 | If you have a device with 16MB disk space I suggest you use a light version of the list, it's also being updated but without heavy sources. 26 | 27 | ## How to run this on MT 28 | Run following to your MT device with not less that 7d schedule (sources are not updated more frequently anyway): 29 | 30 | 1. Download install.rsc or install-light.rsc file and upload it to your device 31 | 2. In the Mikrotik terminal run: `/import install.rsc` or `/import install-light.rsc` 32 | 3. Enjoy! 33 | 34 | You'll also need firewall rule: 35 | `/ip firewall raw add chain=prerouting action=drop in-interface-list=WAN log=no log-prefix="" src-address-list=pwlgrzs-blacklist` 36 | *Note: Replace WAN in in-interface-list with one you have configured* 37 | 38 | I sometimes add updates and notes about the list [here](https://pawelgrzes.pl/posts/Mikrotik-Blocking-unwanted-connections-with-external-IP-list/). 39 | 40 | ## Changelog: 41 | - 25.01.2023 42 | - rewritten blacklist script due to potential issue with filesize. 43 | - 17.09.2023 44 | - added danger.rulez.sk bruteforceblocker as source 45 | - added Tor exit nodes list 46 | - 17.09.2023 47 | - pfSense sources removed due to permanent 404 48 | - added FireHOL abusers source for standard list 49 | - 15.04.2023 50 | - Added light version of the list (without heavy pfSense sources) for small disk devices 51 | - Added light version installer 52 | - Installers now remove themselves 53 | - 12.04.2023 54 | - added pfSense sources (abuse, badguys, block) 55 | 56 | ### TODO 57 | - Add more sources. 58 | 59 | -------------------------------------------------------------------------------- /install-light.rsc: -------------------------------------------------------------------------------- 1 | /system script 2 | add name="pwlgrzs-blacklist-dl" source={/tool fetch url="https://raw.githubusercontent.com/pwlgrzs/Mikrotik-Blacklist/master/blacklist-light.rsc" mode=https} 3 | add name="pwlgrzs-blacklist-replace" source {/ip firewall address-list remove [find where list="pwlgrzs-blacklist"]; /import file-name=blacklist-light.rsc; /file remove blacklist-light.rsc} 4 | /system scheduler 5 | add interval=7d name="dl-mt-blacklist" start-date=Jan/01/2000 start-time=00:05:00 on-event=pwlgrzs-blacklist-dl 6 | add interval=7d name="ins-mt-blacklist" start-date=Jan/01/2000 start-time=00:10:00 on-event=pwlgrzs-blacklist-replace 7 | /file remove install-light.rsc -------------------------------------------------------------------------------- /install.rsc: -------------------------------------------------------------------------------- 1 | /system script 2 | add name="pwlgrzs-blacklist-dl" source={/tool fetch url="https://raw.githubusercontent.com/pwlgrzs/Mikrotik-Blacklist/master/blacklist.rsc" mode=https} 3 | add name="pwlgrzs-blacklist-replace" source {/ip firewall address-list remove [find where list="pwlgrzs-blacklist"]; /import file-name=blacklist.rsc; /file remove blacklist.rsc} 4 | /system scheduler 5 | add interval=7d name="dl-mt-blacklist" start-date=Jan/01/2000 start-time=00:05:00 on-event=pwlgrzs-blacklist-dl 6 | add interval=7d name="ins-mt-blacklist" start-date=Jan/01/2000 start-time=00:10:00 on-event=pwlgrzs-blacklist-replace 7 | /file remove install.rsc --------------------------------------------------------------------------------