Mikrotik Malicious Spam IP Blacklist – Firewall Auto Update Script

We have published a malicious ip blacklist for free! Combined dshield and spamhaus malicious blacklists formatted for Mikrotik RouterOS .rsc import script to firewall address list, updated daily and formatted by our servers for easy import and download into your Mikrotik Router.


It can be downloaded directly here. Or follow the instructions below to setup firewall rules and schedule automatic daily updates on any Mikrotik Router.



To automatically download, update, and apply the combind Dshield, Spamhaus ip blacklists on your Mikrotik Router:
First: Log into Winbox.


Open a terminal and add the following firewall rules

ip firewall raw add chain=prerouting dst-address-list="sbl malc0de" action=drop comment="sbl malc0de"
ip firewall raw add chain=prerouting dst-address-list="sbl dshield" action=drop comment="sbl dshield"
ip firewall raw add chain=prerouting dst-address-list="sbl spamhaus" action=drop comment="sbl spamhaus"
ip firewall raw add chain=prerouting dst-address-list="sbl blocklist.de" action=drop comment="sbl blocklist.de"

Now we need to schedule the automated update: Go to system scheduler and create a new task.

/tool fetch address=www.squidblacklist.org host=www.squidblacklist.org mode=http src-path=/downloads/drop.malicious.rsc

Now we schedule the import task: Go to system scheduler and create a new task.

:log warning "Disabling system Logging";
import drop.malicious.rsc
/system logging enable 0

Block registration spam bot using jquery html

THIS SCRIPT DISABLE SUBMIT BUTTON IF THE HIDDEN FORM TEXT AREA IS AUTO FILLED BY BOT

<script src='http://code.jquery.com/jquery-1.7.1.min.js'></script>
<input type="text" id="message" style="display:none;">
                <input class="button" name="adduser" type="submit" id="adduser" value="{NUSRREGNM17}">

<SCRIPT>
$(document).ready(function(){
    $('#adduser').attr('disabled',false);
    
    $('#message').keyup(function(){
        if($(this).val().length !=0){
            $('#adduser').attr('disabled', true);
        }
        else
        {
            $('#adduser').attr('disabled', false);        
        }
    })
});
</script>

Mikrotik squid tproxy forward rules

/ip route
add disabled=yes distance=1 gateway=115.117.79.130 routing-mark=tproxied

/ip firewall mangle
add chain=prerouting disabled=yes port=80 protocol=tcp src-mac-address=00:22:4D:A7:BC:60
add action=mark-routing chain=prerouting disabled=yes dst-address-list=cache-addr dst-port=80 new-routing-mark=tproxied protocol=tcp src-address=!115.117.81.2 src-address-list=redirect-addr
add action=mark-routing chain=prerouting disabled=yes dst-address=!115.117.81.2 dst-address-list=redirect-addr new-routing-mark=tproxied protocol=tcp src-address-list=cache-addr src-port=80
add action=mark-routing chain=prerouting disabled=yes dst-address-list=cache-addr dst-port=80 new-routing-mark=tproxied protocol=tcp src-address=172.16.0.0/23
add action=mark-routing chain=prerouting disabled=yes dst-address-list=!non-cache new-routing-mark=tproxied protocol=tcp src-address-list=cache-addr src-mac-address=!00:22:4D:A7:BC:60 src-port=80

How to mount an external HDD on linux

sudo fdisk -l
sudo mkdir /media/Skliros_Diskos
sudo mount -t ntfs-3g /dev/sdb1 /media/Skliros_Diskos

Mikrotik VPN Script PPTP & L2TP

# The following creates a PPTP and L2TP VPN server on the MikroTik:
# !!! YOU MUST UPDATE DNS IN /PPP PROFILE TO THE CUSTOMERS ISP DNS IP ADDRESS !!!
 
/ip pool
add name=VPN_Pool_192 ranges=192.168.131.50-192.168.131.150
 
/ppp profile
add change-tcp-mss=yes dns-server=68.94.156.1,68.94.157.1 local-address=\
    192.168.131.254 name=VPN-Encrypt remote-address=VPN_Pool_192 \
    use-encryption=yes
 
/ppp profile
add change-tcp-mss=yes dns-server=192.168.131.253,10.0.0.12 local-address=\
    192.168.131.254 name=Guido-Encrypt remote-address=VPN_Pool_192 \
    use-encryption=yes
 
/interface l2tp-server server
set default-profile=VPN-Encrypt enabled=yes
 
/interface pptp-server server
set authentication=pap,chap,mschap1,mschap2 default-profile=VPN-Encrypt \
    enabled=yes
 
 
# The following creates a user on the VPN Server MikroTik:
 
/ppp secret
add name=aravpnadmin password=YsD9fKN3fVZP profile=VPN-Encrypt

Block torrents with mikrotik

Block torrents with mikrotik

/ip firewall layer7-protocol
add comment="Block Bit Torrent" name=layer7-bittorrent-exp regexp="^(\\x13bitt\
    orrent protocol|azver\\x01\$|get /scrape\\\?info_hash=get /announce\\\?inf\
    o_hash=|get /client/bitcomet/|GET /data\\\?fid=)|d1:ad2:id20:|\\x08'7P\\)[\
    RP]"
 
/ip firewall filter
add action=add-src-to-address-list address-list=Torrent-Conn \
    address-list-timeout=2m chain=forward layer7-protocol=\
    layer7-bittorrent-exp src-address=192.168.10.0/24 src-address-list=\
    !allow-bit
add action=add-src-to-address-list address-list=Torrent-Conn \
    address-list-timeout=2m chain=forward p2p=all-p2p src-address=\
    192.168.10.0/24 src-address-list=!allow-bit
 
/ip firewall filter
add action=drop chain=forward dst-port=!0-1024,8291,5900,5800,3389,14147,5222,59905 protocol=tcp \
    src-address-list=Torrent-Conn
add action=drop chain=forward dst-port=!0-1024,8291,5900,5800,3389,14147,5222,59905 protocol=udp \
    src-address-list=Torrent-Conn

Linux / UNIX: Delete a file

To remove a file or directory in Linux, FreeBSD, Solaris or Unix-like operating systems use the rm command.

To remove all files & subdirectories from a directory (MS-DOS deltree like command), enter:

rm -rf mydir