Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Install SquidBlacklist Malicious IP scripts as sort of described at http://blog.squidblacklist.org/?p=297
# Script which will download the SquidBlacklistMalicious list as a text file
/system script add name="Download_SquidBlacklistMalicious" source={
/tool fetch url="http://www.squidblacklist.org/downloads/drop.malicious.rsc" mode=http;
:log info "Downloaded drop.malicious.rsc from squidblacklist.org";
}
# Script which will Remove old SquidBlacklistMalicious list and add new one
/system script add name="Replace_SquidBlacklistMalicious" source={
/system logging disable 0
/ip firewall address-list remove [find where comment="SquidBlacklistMalicious"]
/import file-name=drop.malicious.rsc;
/system logging enable 0
:log info "Removed old SquidBlacklistMalicious records and imported new list";
}
# Schedule the download and application of the SquidBlacklistMalicious list
/system scheduler add comment="Download SquidBlacklistMalicious list" interval=3d \
name="DownloadSquidBlacklistMaliciousList" on-event=Download_SquidBlacklistMalicious \
start-date=jan/01/1970 start-time=04:26:52
/system scheduler add comment="Apply SquidBlacklistMalicious List" interval=3d \
name="InstallSquidBlacklistMaliciousList" on-event=Replace_SquidBlacklistMalicious \
start-date=jan/01/1970 start-time=04:31:52
# Install the firewall rules of the SquidBlacklistMalicious list
/ip firewall filter add chain=input src-address-list=drop.dshield action=drop log=yes log-prefix=drop.dshield
/ip firewall filter add chain=input src-address-list=drop.spamhaus1 action=drop log=yes log-prefix=drop.spamhaus1
/ip firewall filter add chain=input src-address-list=drop.spamhaus2 action=drop log=yes log-prefix=drop.spamhaus2
/ip firewall filter add chain=input dst-address-list=drop.dshield action=drop log=yes log-prefix=drop.dshield
/ip firewall filter add chain=input dst-address-list=drop.spamhaus1 action=drop log=yes log-prefix=drop.spamhaus1
/ip firewall filter add chain=input dst-address-list=drop.spamhaus2 action=drop log=yes log-prefix=drop.spamhaus2
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.