Created
October 18, 2016 19:57
-
-
Save jpluimers/3e4e0c854dad83c169442a33d8bd25e9 to your computer and use it in GitHub Desktop.
Install SquidBlacklist Malicious IP scripts as sort of described at http://blog.squidblacklist.org/?p=297
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Script which will download the SquidBlacklistMalicious list as a text file | |
/system script add name="Download_SquidBlacklistMalicious" source={ | |
/tool fetch url="http://www.squidblacklist.org/downloads/drop.malicious.rsc" mode=http; | |
:log info "Downloaded drop.malicious.rsc from squidblacklist.org"; | |
} | |
# Script which will Remove old SquidBlacklistMalicious list and add new one | |
/system script add name="Replace_SquidBlacklistMalicious" source={ | |
/system logging disable 0 | |
/ip firewall address-list remove [find where comment="SquidBlacklistMalicious"] | |
/import file-name=drop.malicious.rsc; | |
/system logging enable 0 | |
:log info "Removed old SquidBlacklistMalicious records and imported new list"; | |
} | |
# Schedule the download and application of the SquidBlacklistMalicious list | |
/system scheduler add comment="Download SquidBlacklistMalicious list" interval=3d \ | |
name="DownloadSquidBlacklistMaliciousList" on-event=Download_SquidBlacklistMalicious \ | |
start-date=jan/01/1970 start-time=04:26:52 | |
/system scheduler add comment="Apply SquidBlacklistMalicious List" interval=3d \ | |
name="InstallSquidBlacklistMaliciousList" on-event=Replace_SquidBlacklistMalicious \ | |
start-date=jan/01/1970 start-time=04:31:52 | |
# Install the firewall rules of the SquidBlacklistMalicious list | |
/ip firewall filter add chain=input src-address-list=drop.dshield action=drop log=yes log-prefix=drop.dshield | |
/ip firewall filter add chain=input src-address-list=drop.spamhaus1 action=drop log=yes log-prefix=drop.spamhaus1 | |
/ip firewall filter add chain=input src-address-list=drop.spamhaus2 action=drop log=yes log-prefix=drop.spamhaus2 | |
/ip firewall filter add chain=input dst-address-list=drop.dshield action=drop log=yes log-prefix=drop.dshield | |
/ip firewall filter add chain=input dst-address-list=drop.spamhaus1 action=drop log=yes log-prefix=drop.spamhaus1 | |
/ip firewall filter add chain=input dst-address-list=drop.spamhaus2 action=drop log=yes log-prefix=drop.spamhaus2 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment