Just add both scripts to your Mikrotik setup and put updateVPNList script on a schedule.
Created
April 16, 2018 18:15
-
-
Save norlin/04971ddc19191d3b3cd9b633574f6318 to your computer and use it in GitHub Desktop.
Scripts for Mikrotik to resolve a list of host names to the address list of IPv4
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| :global ListName | |
| :global Servers | |
| :global Done | |
| #has $Done been initialized? | |
| :if ([:typeof $Done] != "boolean") do={ | |
| :set Done true; | |
| } | |
| #make sure previous runs have finished | |
| while (!$Done) do={ | |
| :nothing; | |
| } | |
| #block any other runs | |
| :set Done false; | |
| #delete old address lists | |
| :foreach aListItem in=[/ip firewall address-list find list=$ListName] do={ | |
| /ip firewall address-list remove $aListItem; | |
| } | |
| :foreach aServer in=$Servers do={ | |
| #force the dns entries to be cached | |
| :do { | |
| :resolve $aServer; | |
| } on-error={ | |
| :log error "dns resolve failure [ ip - resolve ip ]" | |
| } | |
| :foreach dnsRecord in=[/ip dns cache all find where (name=$aServer)] do={ | |
| #if it's an A records add it directly | |
| :if ([/ip dns cache all get $dnsRecord type]="A") do={ | |
| :local newAddress [/ip dns cache all get $dnsRecord data]; | |
| :do { | |
| /ip firewall address-list add list=$ListName address=$newAddress comment=$aServer; | |
| } on-error={ | |
| :log error "error when adding ip to list: $newAddress" | |
| } | |
| } | |
| #if it's a CNAME follow it until we get A records | |
| :if ([/ip dns cache all get $dnsRecord type]="CNAME") do={ | |
| :local cname; | |
| :local nextCname | |
| :set cname [/ip dns cache all find where (name=$aServer && type="CNAME")]; | |
| :set nextCname [/ip dns cache all find where (name=[/ip dns cache all get $cname data] && type="CNAME")]; | |
| :while ($nextCname != "") do={ | |
| :set cname $nextCname; | |
| :set nextCname [/ip dns cache all find where (name=[/ip dns cache all get $cname data] && type="CNAME")]; | |
| } | |
| #add the a records we found | |
| :foreach aRecord in=[/ip dns cache all find where (name=[/ip dns cache all get $cname data] && type="A")] do={ | |
| :do { | |
| /ip firewall address-list add list=$ListName address=[/ip dns cache all get $aRecord data] comment=$aServer; | |
| } on-error={ | |
| :log error "error when adding ip to list: $newAddress" | |
| } | |
| } | |
| } | |
| } | |
| } | |
| #allow other scripts to call this | |
| :set Done true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| :global Servers { | |
| # Feel free to use your own unblock list ;) | |
| "telegra.ph"; | |
| "grani.ru"; | |
| "xhamster.com"; | |
| "kasparov.ru"; | |
| "lostfilm.tv"; | |
| "rutracker.org"; | |
| "lurkmore.to"; | |
| "dou.ua"; | |
| "youporn.com"; | |
| "pornolab.net"; | |
| "crimerussia.com"; | |
| "telegram.org"; | |
| "telegram.me"; | |
| "t.me"; | |
| } | |
| :global ListName VPN | |
| /system script run dnsLookup |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment