GeoBlocking for MikroTik
📝 How It Works
Our automated scripts manage IP address lists by country with auto-cleanup capabilities:
- Downloads country IP lists from our server daily
- Creates/updates address-lists (e.g.,
geo-block-ru,geo-block-cn) - Automatically removes old lists when you change the country configuration
- Firewall rules need to be added manually (one-time setup)
⚠️ Important: Country codes must be in lowercase using 2-letter ISO codes (e.g., "ru", "cn", "ir", "kp").
1. Installation
Paste these commands into your WinBox Terminal to download and install the automation scripts:
IPv4 Script:
/tool fetch url="https://lists.cycr.xyz/public/mikrotik/update_ipv4.txt" dst-path=v4.txt; :delay 2s; /system script add name="Update-Geo-IPv4" source=[/file get v4.txt contents]; /file remove v4.txt
IPv6 Script:
/tool fetch url="https://lists.cycr.xyz/public/mikrotik/update_ipv6.txt" dst-path=v6.txt; :delay 2s; /system script add name="Update-Geo-IPv6" source=[/file get v6.txt contents]; /file remove v6.txt
2. Configure Countries
Go to System → Scripts and edit both scripts to set which countries to block:
:local countries {"ru";"cn";"ir";"kp";"br";"vn"}
Replace with your desired country codes. Remember: lowercase only!
3. First Run (Manual)
Run the scripts manually to download and populate the address lists:
/system script run Update-Geo-IPv4
/system script run Update-Geo-IPv6
This will take a few minutes depending on the number of countries. You can monitor progress in Log.
4. Add Firewall Rules (One-Time Setup)
After the address lists are created, choose your blocking strategy:
⚡ Option A: RAW (Recommended)
Block incoming + outgoing | Maximum performance
🔒 Option B: Filter
Block incoming only | Allow outgoing
✅ Recommended: RAW firewall processes packets before routing, providing maximum performance and blocking traffic in both directions (incoming + outgoing).
IPv4 RAW Rules:
/ip firewall raw add chain=prerouting src-address-list=geo-block-ru action=drop comment=GeoBlock-ru place-before=0
/ip firewall raw add chain=prerouting src-address-list=geo-block-cn action=drop comment=GeoBlock-cn place-before=0
/ip firewall raw add chain=prerouting src-address-list=geo-block-ir action=drop comment=GeoBlock-ir place-before=0
/ip firewall raw add chain=prerouting src-address-list=geo-block-kp action=drop comment=GeoBlock-kp place-before=0
/ip firewall raw add chain=prerouting src-address-list=geo-block-br action=drop comment=GeoBlock-br place-before=0
/ip firewall raw add chain=prerouting src-address-list=geo-block-vn action=drop comment=GeoBlock-vn place-before=0
IPv6 RAW Rules:
/ipv6 firewall raw add chain=prerouting src-address-list=geo-block-ru action=drop comment=GeoBlock-ru place-before=0
/ipv6 firewall raw add chain=prerouting src-address-list=geo-block-cn action=drop comment=GeoBlock-cn place-before=0
/ipv6 firewall raw add chain=prerouting src-address-list=geo-block-ir action=drop comment=GeoBlock-ir place-before=0
/ipv6 firewall raw add chain=prerouting src-address-list=geo-block-kp action=drop comment=GeoBlock-kp place-before=0
/ipv6 firewall raw add chain=prerouting src-address-list=geo-block-br action=drop comment=GeoBlock-br place-before=0
/ipv6 firewall raw add chain=prerouting src-address-list=geo-block-vn action=drop comment=GeoBlock-vn place-before=0
How it works:
chain=prerouting- Processes packets before routing (catches both incoming and outgoing)src-address-list=geo-block-XX- Matches source IPs from the country listaction=drop- Silently drops packets (no ICMP response)place-before=0- Places rule at the top for maximum performance
ℹ️ Note: Filter rules block only incoming traffic. Outgoing connections to blocked countries will still work (useful if you need to access services in those countries).
IPv4 Filter Rules (Incoming Only):
/ip firewall filter add chain=input src-address-list=geo-block-ru action=drop comment=GeoBlock-ru place-before=0
/ip firewall filter add chain=input src-address-list=geo-block-cn action=drop comment=GeoBlock-cn place-before=0
/ip firewall filter add chain=input src-address-list=geo-block-ir action=drop comment=GeoBlock-ir place-before=0
/ip firewall filter add chain=input src-address-list=geo-block-kp action=drop comment=GeoBlock-kp place-before=0
/ip firewall filter add chain=input src-address-list=geo-block-br action=drop comment=GeoBlock-br place-before=0
/ip firewall filter add chain=input src-address-list=geo-block-vn action=drop comment=GeoBlock-vn place-before=0
/ip firewall filter add chain=forward src-address-list=geo-block-ru action=drop comment=GeoBlock-ru place-before=0
/ip firewall filter add chain=forward src-address-list=geo-block-cn action=drop comment=GeoBlock-cn place-before=0
/ip firewall filter add chain=forward src-address-list=geo-block-ir action=drop comment=GeoBlock-ir place-before=0
/ip firewall filter add chain=forward src-address-list=geo-block-kp action=drop comment=GeoBlock-kp place-before=0
/ip firewall filter add chain=forward src-address-list=geo-block-br action=drop comment=GeoBlock-br place-before=0
/ip firewall filter add chain=forward src-address-list=geo-block-vn action=drop comment=GeoBlock-vn place-before=0
IPv6 Filter Rules (Incoming Only):
/ipv6 firewall filter add chain=input src-address-list=geo-block-ru action=drop comment=GeoBlock-ru place-before=0
/ipv6 firewall filter add chain=input src-address-list=geo-block-cn action=drop comment=GeoBlock-cn place-before=0
/ipv6 firewall filter add chain=input src-address-list=geo-block-ir action=drop comment=GeoBlock-ir place-before=0
/ipv6 firewall filter add chain=input src-address-list=geo-block-kp action=drop comment=GeoBlock-kp place-before=0
/ipv6 firewall filter add chain=input src-address-list=geo-block-br action=drop comment=GeoBlock-br place-before=0
/ipv6 firewall filter add chain=input src-address-list=geo-block-vn action=drop comment=GeoBlock-vn place-before=0
/ipv6 firewall filter add chain=forward src-address-list=geo-block-ru action=drop comment=GeoBlock-ru place-before=0
/ipv6 firewall filter add chain=forward src-address-list=geo-block-cn action=drop comment=GeoBlock-cn place-before=0
/ipv6 firewall filter add chain=forward src-address-list=geo-block-ir action=drop comment=GeoBlock-ir place-before=0
/ipv6 firewall filter add chain=forward src-address-list=geo-block-kp action=drop comment=GeoBlock-kp place-before=0
/ipv6 firewall filter add chain=forward src-address-list=geo-block-br action=drop comment=GeoBlock-br place-before=0
/ipv6 firewall filter add chain=forward src-address-list=geo-block-vn action=drop comment=GeoBlock-vn place-before=0
How it works:
chain=input- Blocks traffic to the router itselfchain=forward- Blocks traffic passing through the routersrc-address-list=geo-block-XX- Matches source IPs from the country list- Outgoing traffic (router → blocked country) is not blocked
5. Scheduler Setup (Automation)
Configure daily automatic updates at 04:00 AM:
/system scheduler add name="Sched-IPv4" interval=1d start-time=04:00:00 on-event="Update-Geo-IPv4"
/system scheduler add name="Sched-IPv6" interval=1d start-time=04:15:00 on-event="Update-Geo-IPv6"
The scripts will automatically update the address lists every day. No need to touch the firewall rules again!
6. Managing Countries
To add a country:
- Edit the
countrieslist in both scripts (add the country code) - Run the scripts manually or wait for the scheduler
- Add the corresponding firewall rules manually (see step 4)
To remove a country:
- Remove the country code from the
countrieslist in both scripts - Run the scripts - the address lists will be automatically removed
- Manually remove the firewall rules for that country
Example: Remove China, add Poland
# 1. Edit scripts: change {"ru";"cn";"ir"} to {"ru";"pl";"ir"}
# 2. Run scripts to update lists
# 3. Remove rules for "cn":
# If using RAW:
/ip firewall raw remove [find comment=GeoBlock-cn]
/ipv6 firewall raw remove [find comment=GeoBlock-cn]
# If using Filter:
/ip firewall filter remove [find comment=GeoBlock-cn]
/ipv6 firewall filter remove [find comment=GeoBlock-cn]
# 4. Add rules for "pl":
# If using RAW:
/ip firewall raw add chain=prerouting src-address-list=geo-block-pl action=drop comment=GeoBlock-pl place-before=0
/ipv6 firewall raw add chain=prerouting src-address-list=geo-block-pl action=drop comment=GeoBlock-pl place-before=0
# If using Filter:
/ip firewall filter add chain=input src-address-list=geo-block-pl action=drop comment=GeoBlock-pl place-before=0
/ip firewall filter add chain=forward src-address-list=geo-block-pl action=drop comment=GeoBlock-pl place-before=0
/ipv6 firewall filter add chain=input src-address-list=geo-block-pl action=drop comment=GeoBlock-pl place-before=0
/ipv6 firewall filter add chain=forward src-address-list=geo-block-pl action=drop comment=GeoBlock-pl place-before=0
📊 Verification
Check if everything is working correctly:
Check Address Lists:
/ip firewall address-list print count-only where list~"geo-block"
/ipv6 firewall address-list print count-only where list~"geo-block"
Check Firewall Rules:
# If using RAW:
/ip firewall raw print where comment~"GeoBlock"
/ipv6 firewall raw print where comment~"GeoBlock"
# If using Filter:
/ip firewall filter print where comment~"GeoBlock"
/ipv6 firewall filter print where comment~"GeoBlock"
View specific country list:
/ip firewall address-list print where list=geo-block-ru
GeoBlocking dla MikroTik
📝 Jak to działa
Nasze automatyczne skrypty zarządzają listami adresów IP według krajów z automatycznym czyszczeniem:
- Codziennie pobiera listy IP krajów z naszego serwera
- Tworzy/aktualizuje address-lists (np.
geo-block-ru,geo-block-cn) - Automatycznie usuwa stare listy gdy zmienisz konfigurację krajów
- Reguły firewall trzeba dodać ręcznie (jednorazowa konfiguracja)
⚠️ Ważne: Kody krajów muszą być pisane małymi literami według standardu ISO (np. "ru", "cn", "ir", "kp").
1. Instalacja
Wklej poniższe komendy w Terminal WinBox aby pobrać i zainstalować skrypty automatyczne:
Skrypt IPv4:
/tool fetch url="https://lists.cycr.xyz/public/mikrotik/update_ipv4.txt" dst-path=v4.txt; :delay 2s; /system script add name="Update-Geo-IPv4" source=[/file get v4.txt contents]; /file remove v4.txt
Skrypt IPv6:
/tool fetch url="https://lists.cycr.xyz/public/mikrotik/update_ipv6.txt" dst-path=v6.txt; :delay 2s; /system script add name="Update-Geo-IPv6" source=[/file get v6.txt contents]; /file remove v6.txt
2. Konfiguracja krajów
Przejdź do System → Scripts i edytuj oba skrypty aby ustawić które kraje blokować:
:local countries {"ru";"cn";"ir";"kp";"br";"vn"}
Zamień na wybrane kody krajów. Pamiętaj: tylko małe litery!
3. Pierwsze uruchomienie (ręczne)
Uruchom skrypty ręcznie aby pobrać i wypełnić listy adresów:
/system script run Update-Geo-IPv4
/system script run Update-Geo-IPv6
Zajmie to kilka minut w zależności od liczby krajów. Postęp możesz monitorować w Log.
4. Dodaj reguły firewall (jednorazowa konfiguracja)
Po utworzeniu list adresów wybierz strategię blokowania:
⚡ Opcja A: RAW (Zalecane)
Blokuj przychodzące + wychodzące | Maksymalna wydajność
🔒 Opcja B: Filter
Blokuj tylko przychodzące | Zezwalaj na wychodzące
✅ Zalecane: Firewall RAW przetwarza pakiety przed routingiem, zapewniając maksymalną wydajność i blokując ruch w obu kierunkach (przychodzący + wychodzący).
Reguły IPv4 RAW:
/ip firewall raw add chain=prerouting src-address-list=geo-block-ru action=drop comment=GeoBlock-ru place-before=0
/ip firewall raw add chain=prerouting src-address-list=geo-block-cn action=drop comment=GeoBlock-cn place-before=0
/ip firewall raw add chain=prerouting src-address-list=geo-block-ir action=drop comment=GeoBlock-ir place-before=0
/ip firewall raw add chain=prerouting src-address-list=geo-block-kp action=drop comment=GeoBlock-kp place-before=0
/ip firewall raw add chain=prerouting src-address-list=geo-block-br action=drop comment=GeoBlock-br place-before=0
/ip firewall raw add chain=prerouting src-address-list=geo-block-vn action=drop comment=GeoBlock-vn place-before=0
Reguły IPv6 RAW:
/ipv6 firewall raw add chain=prerouting src-address-list=geo-block-ru action=drop comment=GeoBlock-ru place-before=0
/ipv6 firewall raw add chain=prerouting src-address-list=geo-block-cn action=drop comment=GeoBlock-cn place-before=0
/ipv6 firewall raw add chain=prerouting src-address-list=geo-block-ir action=drop comment=GeoBlock-ir place-before=0
/ipv6 firewall raw add chain=prerouting src-address-list=geo-block-kp action=drop comment=GeoBlock-kp place-before=0
/ipv6 firewall raw add chain=prerouting src-address-list=geo-block-br action=drop comment=GeoBlock-br place-before=0
/ipv6 firewall raw add chain=prerouting src-address-list=geo-block-vn action=drop comment=GeoBlock-vn place-before=0
Jak to działa:
chain=prerouting- Przetwarza pakiety przed routingiem (łapie ruch przychodzący i wychodzący)src-address-list=geo-block-XX- Dopasowuje źródłowe IP z listy krajuaction=drop- Cicho usuwa pakiety (bez odpowiedzi ICMP)place-before=0- Umieszcza regułę na górze dla maksymalnej wydajności
ℹ️ Uwaga: Reguły Filter blokują tylko ruch przychodzący. Połączenia wychodzące do zablokowanych krajów nadal będą działać (przydatne jeśli potrzebujesz dostępu do usług w tych krajach).
Reguły IPv4 Filter (tylko przychodzące):
/ip firewall filter add chain=input src-address-list=geo-block-ru action=drop comment=GeoBlock-ru place-before=0
/ip firewall filter add chain=input src-address-list=geo-block-cn action=drop comment=GeoBlock-cn place-before=0
/ip firewall filter add chain=input src-address-list=geo-block-ir action=drop comment=GeoBlock-ir place-before=0
/ip firewall filter add chain=input src-address-list=geo-block-kp action=drop comment=GeoBlock-kp place-before=0
/ip firewall filter add chain=input src-address-list=geo-block-br action=drop comment=GeoBlock-br place-before=0
/ip firewall filter add chain=input src-address-list=geo-block-vn action=drop comment=GeoBlock-vn place-before=0
/ip firewall filter add chain=forward src-address-list=geo-block-ru action=drop comment=GeoBlock-ru place-before=0
/ip firewall filter add chain=forward src-address-list=geo-block-cn action=drop comment=GeoBlock-cn place-before=0
/ip firewall filter add chain=forward src-address-list=geo-block-ir action=drop comment=GeoBlock-ir place-before=0
/ip firewall filter add chain=forward src-address-list=geo-block-kp action=drop comment=GeoBlock-kp place-before=0
/ip firewall filter add chain=forward src-address-list=geo-block-br action=drop comment=GeoBlock-br place-before=0
/ip firewall filter add chain=forward src-address-list=geo-block-vn action=drop comment=GeoBlock-vn place-before=0
Reguły IPv6 Filter (tylko przychodzące):
/ipv6 firewall filter add chain=input src-address-list=geo-block-ru action=drop comment=GeoBlock-ru place-before=0
/ipv6 firewall filter add chain=input src-address-list=geo-block-cn action=drop comment=GeoBlock-cn place-before=0
/ipv6 firewall filter add chain=input src-address-list=geo-block-ir action=drop comment=GeoBlock-ir place-before=0
/ipv6 firewall filter add chain=input src-address-list=geo-block-kp action=drop comment=GeoBlock-kp place-before=0
/ipv6 firewall filter add chain=input src-address-list=geo-block-br action=drop comment=GeoBlock-br place-before=0
/ipv6 firewall filter add chain=input src-address-list=geo-block-vn action=drop comment=GeoBlock-vn place-before=0
/ipv6 firewall filter add chain=forward src-address-list=geo-block-ru action=drop comment=GeoBlock-ru place-before=0
/ipv6 firewall filter add chain=forward src-address-list=geo-block-cn action=drop comment=GeoBlock-cn place-before=0
/ipv6 firewall filter add chain=forward src-address-list=geo-block-ir action=drop comment=GeoBlock-ir place-before=0
/ipv6 firewall filter add chain=forward src-address-list=geo-block-kp action=drop comment=GeoBlock-kp place-before=0
/ipv6 firewall filter add chain=forward src-address-list=geo-block-br action=drop comment=GeoBlock-br place-before=0
/ipv6 firewall filter add chain=forward src-address-list=geo-block-vn action=drop comment=GeoBlock-vn place-before=0
Jak to działa:
chain=input- Blokuje ruch do samego routerachain=forward- Blokuje ruch przechodzący przez routersrc-address-list=geo-block-XX- Dopasowuje źródłowe IP z listy kraju- Ruch wychodzący (router → zablokowany kraj) nie jest blokowany
5. Konfiguracja harmonogramu (automatyzacja)
Skonfiguruj codzienne automatyczne aktualizacje o 04:00:
/system scheduler add name="Sched-IPv4" interval=1d start-time=04:00:00 on-event="Update-Geo-IPv4"
/system scheduler add name="Sched-IPv6" interval=1d start-time=04:15:00 on-event="Update-Geo-IPv6"
Skrypty będą automatycznie aktualizować listy adresów codziennie. Nie musisz już dotykać reguł firewall!
6. Zarządzanie krajami
Aby dodać kraj:
- Edytuj listę
countriesw obu skryptach (dodaj kod kraju) - Uruchom skrypty ręcznie lub poczekaj na harmonogram
- Dodaj odpowiednie reguły firewall ręcznie (zobacz krok 4)
Aby usunąć kraj:
- Usuń kod kraju z listy
countriesw obu skryptach - Uruchom skrypty - listy adresów zostaną automatycznie usunięte
- Ręcznie usuń reguły firewall dla tego kraju
Przykład: Usuń Chiny, dodaj Polskę
# 1. Edytuj skrypty: zmień {"ru";"cn";"ir"} na {"ru";"pl";"ir"}
# 2. Uruchom skrypty aby zaktualizować listy
# 3. Usuń reguły dla "cn":
# Jeśli używasz RAW:
/ip firewall raw remove [find comment=GeoBlock-cn]
/ipv6 firewall raw remove [find comment=GeoBlock-cn]
# Jeśli używasz Filter:
/ip firewall filter remove [find comment=GeoBlock-cn]
/ipv6 firewall filter remove [find comment=GeoBlock-cn]
# 4. Dodaj reguły dla "pl":
# Jeśli używasz RAW:
/ip firewall raw add chain=prerouting src-address-list=geo-block-pl action=drop comment=GeoBlock-pl place-before=0
/ipv6 firewall raw add chain=prerouting src-address-list=geo-block-pl action=drop comment=GeoBlock-pl place-before=0
# Jeśli używasz Filter:
/ip firewall filter add chain=input src-address-list=geo-block-pl action=drop comment=GeoBlock-pl place-before=0
/ip firewall filter add chain=forward src-address-list=geo-block-pl action=drop comment=GeoBlock-pl place-before=0
/ipv6 firewall filter add chain=input src-address-list=geo-block-pl action=drop comment=GeoBlock-pl place-before=0
/ipv6 firewall filter add chain=forward src-address-list=geo-block-pl action=drop comment=GeoBlock-pl place-before=0
📊 Weryfikacja
Sprawdź czy wszystko działa poprawnie:
Sprawdź listy adresów:
/ip firewall address-list print count-only where list~"geo-block"
/ipv6 firewall address-list print count-only where list~"geo-block"
Sprawdź reguły firewall:
# Jeśli używasz RAW:
/ip firewall raw print where comment~"GeoBlock"
/ipv6 firewall raw print where comment~"GeoBlock"
# Jeśli używasz Filter:
/ip firewall filter print where comment~"GeoBlock"
/ipv6 firewall filter print where comment~"GeoBlock"
Zobacz konkretną listę kraju:
/ip firewall address-list print where list=geo-block-ru
RAW Access
📂 Public Repositories
Access raw data files and generated scripts directly for manual use or third-party tools.
Available Resources:
- Country Scripts (RSC): Individual MikroTik scripts per country (e.g.,
ru-ipv4.rsc,cn-ipv6.rsc) - Automation Scripts:
update_ipv4.txtandupdate_ipv6.txt - Raw Data (TXT): Plain text IP lists for custom integrations
🌍 Supported Countries
All countries use ISO 3166-1 alpha-2 codes (lowercase). Examples:
ru = Russia
cn = China
us = United States
de = Germany
pl = Poland
ir = Iran
kp = North Korea
br = Brazil
vn = Vietnam
ua = Ukraine
gb = United Kingdom
fr = France
...
Full list of 250+ countries available in the repository. Each country has both IPv4 and IPv6 lists.
Dostęp RAW
📂 Publiczne repozytoria
Dostęp do surowych plików danych i wygenerowanych skryptów bezpośrednio do użytku ręcznego lub narzędzi zewnętrznych.
Dostępne zasoby:
- Skrypty krajów (RSC): Pojedyncze skrypty MikroTik dla każdego kraju (np.
ru-ipv4.rsc,cn-ipv6.rsc) - Skrypty automatyczne:
update_ipv4.txtiupdate_ipv6.txt - Surowe dane (TXT): Listy IP w postaci tekstowej do własnych integracji
🌍 Wspierane kraje
Wszystkie kraje używają kodów ISO 3166-1 alpha-2 (małe litery). Przykłady:
ru = Rosja
cn = Chiny
us = Stany Zjednoczone
de = Niemcy
pl = Polska
ir = Iran
kp = Korea Północna
br = Brazylia
vn = Wietnam
ua = Ukraina
gb = Wielka Brytania
fr = Francja
...
Pełna lista ponad 250 krajów dostępna w repozytorium. Każdy kraj ma zarówno listy IPv4 jak i IPv6.
🔥 FireHOL Level 1 - MikroTik
📝 About
Known attackers and compromised hosts.
ℹ️ Coverage: ~4,500 IPv4 addresses | Updated daily at 02:00 AM
1. Installation
Download and install the update script:
/tool fetch url="https://lists.cycr.xyz/public/mikrotik-firehol/update_ipv4.txt" dst-path=firehol.txt; :delay 2s; /system script add name="Update-FireHOL-Level-1" source=[/file get firehol.txt contents]; /file remove firehol.txt
2. First Run
Execute the script manually:
/system script run Update-FireHOL-Level-1
Creates address list: firehol-l1
3. Add Firewall Rules
RAW (Recommended):
/ip firewall raw add chain=prerouting src-address-list=firehol-l1 action=drop comment=FireHOL-Level-1-Block place-before=0
Filter:
/ip firewall filter add chain=input src-address-list=firehol-l1 action=drop comment=FireHOL-Level-1-Block place-before=0
/ip firewall filter add chain=forward src-address-list=firehol-l1 action=drop comment=FireHOL-Level-1-Block place-before=0
4. Automatic Updates
/system scheduler add name="Sched-FireHOL-Level-1" interval=1d start-time=02:30:00 on-event="Update-FireHOL-Level-1"
🔥 FireHOL Level 1 - MikroTik
📝 O liście
Znani atakujący i skompromitowane hosty.
ℹ️ Pokrycie: ~4 500 adresów IPv4 | Aktualizowane codziennie o 02:00
1. Instalacja
Pobierz i zainstaluj skrypt aktualizacji:
/tool fetch url="https://lists.cycr.xyz/public/mikrotik-firehol/update_ipv4.txt" dst-path=firehol.txt; :delay 2s; /system script add name="Update-FireHOL-Level-1" source=[/file get firehol.txt contents]; /file remove firehol.txt
2. Pierwsze uruchomienie
Wykonaj skrypt ręcznie:
/system script run Update-FireHOL-Level-1
Tworzy listę adresów: firehol-l1
3. Dodaj reguły firewall
RAW (Zalecane):
/ip firewall raw add chain=prerouting src-address-list=firehol-l1 action=drop comment=FireHOL-Level-1-Block place-before=0
Filter:
/ip firewall filter add chain=input src-address-list=firehol-l1 action=drop comment=FireHOL-Level-1-Block place-before=0
/ip firewall filter add chain=forward src-address-list=firehol-l1 action=drop comment=FireHOL-Level-1-Block place-before=0
4. Automatyczne aktualizacje
/system scheduler add name="Sched-FireHOL-Level-1" interval=1d start-time=02:30:00 on-event="Update-FireHOL-Level-1"
🔥 FireHOL Level 1 - RAW Files
📝 About
Direct access to FireHOL Level 1 raw text files containing IP addresses.
ℹ️ Coverage: ~4,500 IPv4 | Updated daily at 02:00 AM
📂 Available Files
🔥 FireHOL Level 1 - Pliki RAW
📝 O plikach
Bezpośredni dostęp do surowych plików tekstowych FireHOL Level 1 zawierających adresy IP.
ℹ️ Pokrycie: ~4 500 adresów IPv4 | Aktualizowane codziennie o 02:00
📂 Dostępne pliki
❄️ GreenSnow - MikroTik
📝 About
SSH, RDP, and HTTP brute-force attackers.
ℹ️ Coverage: ~5,700 IPv4 addresses | Updated daily at 02:00 AM
1. Installation
Download and install the update script:
/tool fetch url="https://lists.cycr.xyz/public/mikrotik-greensnow/update_ipv4.txt" dst-path=greensnow.txt; :delay 2s; /system script add name="Update-GreenSnow" source=[/file get greensnow.txt contents]; /file remove greensnow.txt
2. First Run
Execute the script manually:
/system script run Update-GreenSnow
Creates address list: greensnow
3. Add Firewall Rules
RAW (Recommended):
/ip firewall raw add chain=prerouting src-address-list=greensnow action=drop comment=GreenSnow-Block place-before=0
Filter:
/ip firewall filter add chain=input src-address-list=greensnow action=drop comment=GreenSnow-Block place-before=0
/ip firewall filter add chain=forward src-address-list=greensnow action=drop comment=GreenSnow-Block place-before=0
4. Automatic Updates
/system scheduler add name="Sched-GreenSnow" interval=1d start-time=02:35:00 on-event="Update-GreenSnow"
❄️ GreenSnow - MikroTik
📝 O liście
Atakujący brute-force SSH, RDP i HTTP.
ℹ️ Pokrycie: ~5 700 adresów IPv4 | Aktualizowane codziennie o 02:00
1. Instalacja
Pobierz i zainstaluj skrypt aktualizacji:
/tool fetch url="https://lists.cycr.xyz/public/mikrotik-greensnow/update_ipv4.txt" dst-path=greensnow.txt; :delay 2s; /system script add name="Update-GreenSnow" source=[/file get greensnow.txt contents]; /file remove greensnow.txt
2. Pierwsze uruchomienie
Wykonaj skrypt ręcznie:
/system script run Update-GreenSnow
Tworzy listę adresów: greensnow
3. Dodaj reguły firewall
RAW (Zalecane):
/ip firewall raw add chain=prerouting src-address-list=greensnow action=drop comment=GreenSnow-Block place-before=0
Filter:
/ip firewall filter add chain=input src-address-list=greensnow action=drop comment=GreenSnow-Block place-before=0
/ip firewall filter add chain=forward src-address-list=greensnow action=drop comment=GreenSnow-Block place-before=0
4. Automatyczne aktualizacje
/system scheduler add name="Sched-GreenSnow" interval=1d start-time=02:35:00 on-event="Update-GreenSnow"
❄️ GreenSnow - RAW Files
📝 About
Direct access to GreenSnow raw text files containing IP addresses.
ℹ️ Coverage: ~5,700 IPv4 | Updated daily at 02:00 AM
📂 Available Files
❄️ GreenSnow - Pliki RAW
📝 O plikach
Bezpośredni dostęp do surowych plików tekstowych GreenSnow zawierających adresy IP.
ℹ️ Pokrycie: ~5 700 adresów IPv4 | Aktualizowane codziennie o 02:00
📂 Dostępne pliki
🔨 BruteForce Blocker - MikroTik
📝 About
SSH brute-force attackers.
ℹ️ Coverage: ~500 IPv4 addresses | Updated daily at 02:00 AM
1. Installation
Download and install the update script:
/tool fetch url="https://lists.cycr.xyz/public/mikrotik-bruteforce/update_ipv4.txt" dst-path=bruteforce.txt; :delay 2s; /system script add name="Update-BruteForce-Blocker" source=[/file get bruteforce.txt contents]; /file remove bruteforce.txt
2. First Run
Execute the script manually:
/system script run Update-BruteForce-Blocker
Creates address list: bruteforce
3. Add Firewall Rules
RAW (Recommended):
/ip firewall raw add chain=prerouting src-address-list=bruteforce action=drop comment=BruteForce-Blocker-Block place-before=0
Filter:
/ip firewall filter add chain=input src-address-list=bruteforce action=drop comment=BruteForce-Blocker-Block place-before=0
/ip firewall filter add chain=forward src-address-list=bruteforce action=drop comment=BruteForce-Blocker-Block place-before=0
4. Automatic Updates
/system scheduler add name="Sched-BruteForce-Blocker" interval=1d start-time=02:40:00 on-event="Update-BruteForce-Blocker"
🔨 BruteForce Blocker - MikroTik
📝 O liście
Atakujący brute-force SSH.
ℹ️ Pokrycie: ~500 adresów IPv4 | Aktualizowane codziennie o 02:00
1. Instalacja
Pobierz i zainstaluj skrypt aktualizacji:
/tool fetch url="https://lists.cycr.xyz/public/mikrotik-bruteforce/update_ipv4.txt" dst-path=bruteforce.txt; :delay 2s; /system script add name="Update-BruteForce-Blocker" source=[/file get bruteforce.txt contents]; /file remove bruteforce.txt
2. Pierwsze uruchomienie
Wykonaj skrypt ręcznie:
/system script run Update-BruteForce-Blocker
Tworzy listę adresów: bruteforce
3. Dodaj reguły firewall
RAW (Zalecane):
/ip firewall raw add chain=prerouting src-address-list=bruteforce action=drop comment=BruteForce-Blocker-Block place-before=0
Filter:
/ip firewall filter add chain=input src-address-list=bruteforce action=drop comment=BruteForce-Blocker-Block place-before=0
/ip firewall filter add chain=forward src-address-list=bruteforce action=drop comment=BruteForce-Blocker-Block place-before=0
4. Automatyczne aktualizacje
/system scheduler add name="Sched-BruteForce-Blocker" interval=1d start-time=02:40:00 on-event="Update-BruteForce-Blocker"
🔨 BruteForce Blocker - RAW Files
📝 About
Direct access to BruteForce Blocker raw text files containing IP addresses.
ℹ️ Coverage: ~500 IPv4 | Updated daily at 02:00 AM
📂 Available Files
🔨 BruteForce Blocker - Pliki RAW
📝 O plikach
Bezpośredni dostęp do surowych plików tekstowych BruteForce Blocker zawierających adresy IP.
ℹ️ Pokrycie: ~500 adresów IPv4 | Aktualizowane codziennie o 02:00
📂 Dostępne pliki
⚠️ Emerging Threats - MikroTik
📝 About
Compromised hosts and C&C servers.
ℹ️ Coverage: ~470 IPv4 addresses | Updated daily at 02:00 AM
1. Installation
Download and install the update script:
/tool fetch url="https://lists.cycr.xyz/public/mikrotik-emerging/update_ipv4.txt" dst-path=emerging.txt; :delay 2s; /system script add name="Update-Emerging-Threats" source=[/file get emerging.txt contents]; /file remove emerging.txt
2. First Run
Execute the script manually:
/system script run Update-Emerging-Threats
Creates address list: emerging
3. Add Firewall Rules
RAW (Recommended):
/ip firewall raw add chain=prerouting src-address-list=emerging action=drop comment=Emerging-Threats-Block place-before=0
Filter:
/ip firewall filter add chain=input src-address-list=emerging action=drop comment=Emerging-Threats-Block place-before=0
/ip firewall filter add chain=forward src-address-list=emerging action=drop comment=Emerging-Threats-Block place-before=0
4. Automatic Updates
/system scheduler add name="Sched-Emerging-Threats" interval=1d start-time=02:45:00 on-event="Update-Emerging-Threats"
⚠️ Emerging Threats - MikroTik
📝 O liście
Skompromitowane hosty i serwery C&C.
ℹ️ Pokrycie: ~470 adresów IPv4 | Aktualizowane codziennie o 02:00
1. Instalacja
Pobierz i zainstaluj skrypt aktualizacji:
/tool fetch url="https://lists.cycr.xyz/public/mikrotik-emerging/update_ipv4.txt" dst-path=emerging.txt; :delay 2s; /system script add name="Update-Emerging-Threats" source=[/file get emerging.txt contents]; /file remove emerging.txt
2. Pierwsze uruchomienie
Wykonaj skrypt ręcznie:
/system script run Update-Emerging-Threats
Tworzy listę adresów: emerging
3. Dodaj reguły firewall
RAW (Zalecane):
/ip firewall raw add chain=prerouting src-address-list=emerging action=drop comment=Emerging-Threats-Block place-before=0
Filter:
/ip firewall filter add chain=input src-address-list=emerging action=drop comment=Emerging-Threats-Block place-before=0
/ip firewall filter add chain=forward src-address-list=emerging action=drop comment=Emerging-Threats-Block place-before=0
4. Automatyczne aktualizacje
/system scheduler add name="Sched-Emerging-Threats" interval=1d start-time=02:45:00 on-event="Update-Emerging-Threats"
⚠️ Emerging Threats - RAW Files
📝 About
Direct access to Emerging Threats raw text files containing IP addresses.
ℹ️ Coverage: ~470 IPv4 | Updated daily at 02:00 AM
📂 Available Files
⚠️ Emerging Threats - Pliki RAW
📝 O plikach
Bezpośredni dostęp do surowych plików tekstowych Emerging Threats zawierających adresy IP.
ℹ️ Pokrycie: ~470 adresów IPv4 | Aktualizowane codziennie o 02:00
📂 Dostępne pliki
🛡️ Spamhaus DROP - MikroTik
📝 About
Botnet C&C servers and malware distribution.
ℹ️ Coverage: IPv4 & IPv6 addresses | Updated daily at 02:00 AM
1. Installation
Download and install the update script:
/tool fetch url="https://lists.cycr.xyz/public/mikrotik-spamhaus-drop/update_ipv4.txt" dst-path=spamhaus-drop.txt; :delay 2s; /system script add name="Update-Spamhaus-DROP" source=[/file get spamhaus-drop.txt contents]; /file remove spamhaus-drop.txt
2. First Run
Execute the script manually:
/system script run Update-Spamhaus-DROP
Creates address list: spamhaus-drop
3. Add Firewall Rules
RAW (Recommended):
/ip firewall raw add chain=prerouting src-address-list=spamhaus-drop action=drop comment=Spamhaus-DROP-Block place-before=0
Filter:
/ip firewall filter add chain=input src-address-list=spamhaus-drop action=drop comment=Spamhaus-DROP-Block place-before=0
/ip firewall filter add chain=forward src-address-list=spamhaus-drop action=drop comment=Spamhaus-DROP-Block place-before=0
4. Automatic Updates
/system scheduler add name="Sched-Spamhaus-DROP" interval=1d start-time=02:50:00 on-event="Update-Spamhaus-DROP"
🛡️ Spamhaus DROP - MikroTik
📝 O liście
Serwery C&C botnetów i dystrybucja malware.
ℹ️ Pokrycie: IPv4 i IPv6 | Aktualizowane codziennie o 02:00
1. Instalacja
Pobierz i zainstaluj skrypt aktualizacji:
/tool fetch url="https://lists.cycr.xyz/public/mikrotik-spamhaus-drop/update_ipv4.txt" dst-path=spamhaus-drop.txt; :delay 2s; /system script add name="Update-Spamhaus-DROP" source=[/file get spamhaus-drop.txt contents]; /file remove spamhaus-drop.txt
2. Pierwsze uruchomienie
Wykonaj skrypt ręcznie:
/system script run Update-Spamhaus-DROP
Tworzy listę adresów: spamhaus-drop
3. Dodaj reguły firewall
RAW (Zalecane):
/ip firewall raw add chain=prerouting src-address-list=spamhaus-drop action=drop comment=Spamhaus-DROP-Block place-before=0
Filter:
/ip firewall filter add chain=input src-address-list=spamhaus-drop action=drop comment=Spamhaus-DROP-Block place-before=0
/ip firewall filter add chain=forward src-address-list=spamhaus-drop action=drop comment=Spamhaus-DROP-Block place-before=0
4. Automatyczne aktualizacje
/system scheduler add name="Sched-Spamhaus-DROP" interval=1d start-time=02:50:00 on-event="Update-Spamhaus-DROP"
🛡️ Spamhaus DROP - RAW Files
📝 About
Direct access to Spamhaus DROP raw text files containing IP addresses.
ℹ️ Coverage: IPv4 & IPv6 | Updated daily at 02:00 AM
📂 Available Files
🛡️ Spamhaus DROP - Pliki RAW
📝 O plikach
Bezpośredni dostęp do surowych plików tekstowych Spamhaus DROP zawierających adresy IP.
ℹ️ Pokrycie: IPv4 i IPv6 | Aktualizowane codziennie o 02:00
📂 Dostępne pliki
🛡️ Spamhaus EDROP - MikroTik
📝 About
Extended DROP list coverage.
ℹ️ Coverage: IPv4 & IPv6 addresses | Updated daily at 02:00 AM
1. Installation
Download and install the update script:
/tool fetch url="https://lists.cycr.xyz/public/mikrotik-spamhaus-edrop/update_ipv4.txt" dst-path=spamhaus-edrop.txt; :delay 2s; /system script add name="Update-Spamhaus-EDROP" source=[/file get spamhaus-edrop.txt contents]; /file remove spamhaus-edrop.txt
2. First Run
Execute the script manually:
/system script run Update-Spamhaus-EDROP
Creates address list: spamhaus-edrop
3. Add Firewall Rules
RAW (Recommended):
/ip firewall raw add chain=prerouting src-address-list=spamhaus-edrop action=drop comment=Spamhaus-EDROP-Block place-before=0
Filter:
/ip firewall filter add chain=input src-address-list=spamhaus-edrop action=drop comment=Spamhaus-EDROP-Block place-before=0
/ip firewall filter add chain=forward src-address-list=spamhaus-edrop action=drop comment=Spamhaus-EDROP-Block place-before=0
4. Automatic Updates
/system scheduler add name="Sched-Spamhaus-EDROP" interval=1d start-time=02:52:00 on-event="Update-Spamhaus-EDROP"
🛡️ Spamhaus EDROP - MikroTik
📝 O liście
Rozszerzona lista DROP.
ℹ️ Pokrycie: IPv4 i IPv6 | Aktualizowane codziennie o 02:00
1. Instalacja
Pobierz i zainstaluj skrypt aktualizacji:
/tool fetch url="https://lists.cycr.xyz/public/mikrotik-spamhaus-edrop/update_ipv4.txt" dst-path=spamhaus-edrop.txt; :delay 2s; /system script add name="Update-Spamhaus-EDROP" source=[/file get spamhaus-edrop.txt contents]; /file remove spamhaus-edrop.txt
2. Pierwsze uruchomienie
Wykonaj skrypt ręcznie:
/system script run Update-Spamhaus-EDROP
Tworzy listę adresów: spamhaus-edrop
3. Dodaj reguły firewall
RAW (Zalecane):
/ip firewall raw add chain=prerouting src-address-list=spamhaus-edrop action=drop comment=Spamhaus-EDROP-Block place-before=0
Filter:
/ip firewall filter add chain=input src-address-list=spamhaus-edrop action=drop comment=Spamhaus-EDROP-Block place-before=0
/ip firewall filter add chain=forward src-address-list=spamhaus-edrop action=drop comment=Spamhaus-EDROP-Block place-before=0
4. Automatyczne aktualizacje
/system scheduler add name="Sched-Spamhaus-EDROP" interval=1d start-time=02:52:00 on-event="Update-Spamhaus-EDROP"
🛡️ Spamhaus EDROP - RAW Files
📝 About
Direct access to Spamhaus EDROP raw text files containing IP addresses.
ℹ️ Coverage: IPv4 & IPv6 | Updated daily at 02:00 AM
📂 Available Files
🛡️ Spamhaus EDROP - Pliki RAW
📝 O plikach
Bezpośredni dostęp do surowych plików tekstowych Spamhaus EDROP zawierających adresy IP.
ℹ️ Pokrycie: IPv4 i IPv6 | Aktualizowane codziennie o 02:00
📂 Dostępne pliki
🔐 Blocklist.de SSH - MikroTik
📝 About
SSH brute-force attackers.
ℹ️ Coverage: IPv4 & IPv6 addresses | Updated daily at 02:00 AM
1. Installation
Download and install the update script:
/tool fetch url="https://lists.cycr.xyz/public/mikrotik-blocklist-ssh/update_ipv4.txt" dst-path=blocklist-ssh.txt; :delay 2s; /system script add name="Update-Blocklist.de-SSH" source=[/file get blocklist-ssh.txt contents]; /file remove blocklist-ssh.txt
2. First Run
Execute the script manually:
/system script run Update-Blocklist.de-SSH
Creates address list: blocklist-ssh
3. Add Firewall Rules
RAW (Recommended):
/ip firewall raw add chain=prerouting src-address-list=blocklist-ssh action=drop comment=Blocklist.de-SSH-Block place-before=0
Filter:
/ip firewall filter add chain=input src-address-list=blocklist-ssh action=drop comment=Blocklist.de-SSH-Block place-before=0
/ip firewall filter add chain=forward src-address-list=blocklist-ssh action=drop comment=Blocklist.de-SSH-Block place-before=0
4. Automatic Updates
/system scheduler add name="Sched-Blocklist.de-SSH" interval=1d start-time=02:54:00 on-event="Update-Blocklist.de-SSH"
🔐 Blocklist.de SSH - MikroTik
📝 O liście
Atakujący brute-force SSH.
ℹ️ Pokrycie: IPv4 i IPv6 | Aktualizowane codziennie o 02:00
1. Instalacja
Pobierz i zainstaluj skrypt aktualizacji:
/tool fetch url="https://lists.cycr.xyz/public/mikrotik-blocklist-ssh/update_ipv4.txt" dst-path=blocklist-ssh.txt; :delay 2s; /system script add name="Update-Blocklist.de-SSH" source=[/file get blocklist-ssh.txt contents]; /file remove blocklist-ssh.txt
2. Pierwsze uruchomienie
Wykonaj skrypt ręcznie:
/system script run Update-Blocklist.de-SSH
Tworzy listę adresów: blocklist-ssh
3. Dodaj reguły firewall
RAW (Zalecane):
/ip firewall raw add chain=prerouting src-address-list=blocklist-ssh action=drop comment=Blocklist.de-SSH-Block place-before=0
Filter:
/ip firewall filter add chain=input src-address-list=blocklist-ssh action=drop comment=Blocklist.de-SSH-Block place-before=0
/ip firewall filter add chain=forward src-address-list=blocklist-ssh action=drop comment=Blocklist.de-SSH-Block place-before=0
4. Automatyczne aktualizacje
/system scheduler add name="Sched-Blocklist.de-SSH" interval=1d start-time=02:54:00 on-event="Update-Blocklist.de-SSH"
🔐 Blocklist.de SSH - RAW Files
📝 About
Direct access to Blocklist.de SSH raw text files containing IP addresses.
ℹ️ Coverage: IPv4 & IPv6 | Updated daily at 02:00 AM
📂 Available Files
🔐 Blocklist.de SSH - Pliki RAW
📝 O plikach
Bezpośredni dostęp do surowych plików tekstowych Blocklist.de SSH zawierających adresy IP.
ℹ️ Pokrycie: IPv4 i IPv6 | Aktualizowane codziennie o 02:00
📂 Dostępne pliki
📧 Blocklist.de Mail - MikroTik
📝 About
Mail server attackers.
ℹ️ Coverage: IPv4 & IPv6 addresses | Updated daily at 02:00 AM
1. Installation
Download and install the update script:
/tool fetch url="https://lists.cycr.xyz/public/mikrotik-blocklist-mail/update_ipv4.txt" dst-path=blocklist-mail.txt; :delay 2s; /system script add name="Update-Blocklist.de-Mail" source=[/file get blocklist-mail.txt contents]; /file remove blocklist-mail.txt
2. First Run
Execute the script manually:
/system script run Update-Blocklist.de-Mail
Creates address list: blocklist-mail
3. Add Firewall Rules
RAW (Recommended):
/ip firewall raw add chain=prerouting src-address-list=blocklist-mail action=drop comment=Blocklist.de-Mail-Block place-before=0
Filter:
/ip firewall filter add chain=input src-address-list=blocklist-mail action=drop comment=Blocklist.de-Mail-Block place-before=0
/ip firewall filter add chain=forward src-address-list=blocklist-mail action=drop comment=Blocklist.de-Mail-Block place-before=0
4. Automatic Updates
/system scheduler add name="Sched-Blocklist.de-Mail" interval=1d start-time=02:56:00 on-event="Update-Blocklist.de-Mail"
📧 Blocklist.de Mail - MikroTik
📝 O liście
Atakujący serwery pocztowe.
ℹ️ Pokrycie: IPv4 i IPv6 | Aktualizowane codziennie o 02:00
1. Instalacja
Pobierz i zainstaluj skrypt aktualizacji:
/tool fetch url="https://lists.cycr.xyz/public/mikrotik-blocklist-mail/update_ipv4.txt" dst-path=blocklist-mail.txt; :delay 2s; /system script add name="Update-Blocklist.de-Mail" source=[/file get blocklist-mail.txt contents]; /file remove blocklist-mail.txt
2. Pierwsze uruchomienie
Wykonaj skrypt ręcznie:
/system script run Update-Blocklist.de-Mail
Tworzy listę adresów: blocklist-mail
3. Dodaj reguły firewall
RAW (Zalecane):
/ip firewall raw add chain=prerouting src-address-list=blocklist-mail action=drop comment=Blocklist.de-Mail-Block place-before=0
Filter:
/ip firewall filter add chain=input src-address-list=blocklist-mail action=drop comment=Blocklist.de-Mail-Block place-before=0
/ip firewall filter add chain=forward src-address-list=blocklist-mail action=drop comment=Blocklist.de-Mail-Block place-before=0
4. Automatyczne aktualizacje
/system scheduler add name="Sched-Blocklist.de-Mail" interval=1d start-time=02:56:00 on-event="Update-Blocklist.de-Mail"
📧 Blocklist.de Mail - RAW Files
📝 About
Direct access to Blocklist.de Mail raw text files containing IP addresses.
ℹ️ Coverage: IPv4 & IPv6 | Updated daily at 02:00 AM
📂 Available Files
📧 Blocklist.de Mail - Pliki RAW
📝 O plikach
Bezpośredni dostęp do surowych plików tekstowych Blocklist.de Mail zawierających adresy IP.
ℹ️ Pokrycie: IPv4 i IPv6 | Aktualizowane codziennie o 02:00
📂 Dostępne pliki
🌐 Blocklist.de Apache - MikroTik
📝 About
Apache/web server attackers.
ℹ️ Coverage: IPv4 & IPv6 addresses | Updated daily at 02:00 AM
1. Installation
Download and install the update script:
/tool fetch url="https://lists.cycr.xyz/public/mikrotik-blocklist-apache/update_ipv4.txt" dst-path=blocklist-apache.txt; :delay 2s; /system script add name="Update-Blocklist.de-Apache" source=[/file get blocklist-apache.txt contents]; /file remove blocklist-apache.txt
2. First Run
Execute the script manually:
/system script run Update-Blocklist.de-Apache
Creates address list: blocklist-apache
3. Add Firewall Rules
RAW (Recommended):
/ip firewall raw add chain=prerouting src-address-list=blocklist-apache action=drop comment=Blocklist.de-Apache-Block place-before=0
Filter:
/ip firewall filter add chain=input src-address-list=blocklist-apache action=drop comment=Blocklist.de-Apache-Block place-before=0
/ip firewall filter add chain=forward src-address-list=blocklist-apache action=drop comment=Blocklist.de-Apache-Block place-before=0
4. Automatic Updates
/system scheduler add name="Sched-Blocklist.de-Apache" interval=1d start-time=02:58:00 on-event="Update-Blocklist.de-Apache"
🌐 Blocklist.de Apache - MikroTik
📝 O liście
Atakujący serwery Apache/WWW.
ℹ️ Pokrycie: IPv4 i IPv6 | Aktualizowane codziennie o 02:00
1. Instalacja
Pobierz i zainstaluj skrypt aktualizacji:
/tool fetch url="https://lists.cycr.xyz/public/mikrotik-blocklist-apache/update_ipv4.txt" dst-path=blocklist-apache.txt; :delay 2s; /system script add name="Update-Blocklist.de-Apache" source=[/file get blocklist-apache.txt contents]; /file remove blocklist-apache.txt
2. Pierwsze uruchomienie
Wykonaj skrypt ręcznie:
/system script run Update-Blocklist.de-Apache
Tworzy listę adresów: blocklist-apache
3. Dodaj reguły firewall
RAW (Zalecane):
/ip firewall raw add chain=prerouting src-address-list=blocklist-apache action=drop comment=Blocklist.de-Apache-Block place-before=0
Filter:
/ip firewall filter add chain=input src-address-list=blocklist-apache action=drop comment=Blocklist.de-Apache-Block place-before=0
/ip firewall filter add chain=forward src-address-list=blocklist-apache action=drop comment=Blocklist.de-Apache-Block place-before=0
4. Automatyczne aktualizacje
/system scheduler add name="Sched-Blocklist.de-Apache" interval=1d start-time=02:58:00 on-event="Update-Blocklist.de-Apache"
🌐 Blocklist.de Apache - RAW Files
📝 About
Direct access to Blocklist.de Apache raw text files containing IP addresses.
ℹ️ Coverage: IPv4 & IPv6 | Updated daily at 02:00 AM
📂 Available Files
🌐 Blocklist.de Apache - Pliki RAW
📝 O plikach
Bezpośredni dostęp do surowych plików tekstowych Blocklist.de Apache zawierających adresy IP.
ℹ️ Pokrycie: IPv4 i IPv6 | Aktualizowane codziennie o 02:00
📂 Dostępne pliki
💪 Blocklist.de StrongIPs - MikroTik
📝 About
Persistent attackers.
ℹ️ Coverage: IPv4 & IPv6 addresses | Updated daily at 02:00 AM
1. Installation
Download and install the update script:
/tool fetch url="https://lists.cycr.xyz/public/mikrotik-blocklist-strongips/update_ipv4.txt" dst-path=blocklist-strongips.txt; :delay 2s; /system script add name="Update-Blocklist.de-StrongIPs" source=[/file get blocklist-strongips.txt contents]; /file remove blocklist-strongips.txt
2. First Run
Execute the script manually:
/system script run Update-Blocklist.de-StrongIPs
Creates address list: blocklist-strong
3. Add Firewall Rules
RAW (Recommended):
/ip firewall raw add chain=prerouting src-address-list=blocklist-strong action=drop comment=Blocklist.de-StrongIPs-Block place-before=0
Filter:
/ip firewall filter add chain=input src-address-list=blocklist-strong action=drop comment=Blocklist.de-StrongIPs-Block place-before=0
/ip firewall filter add chain=forward src-address-list=blocklist-strong action=drop comment=Blocklist.de-StrongIPs-Block place-before=0
4. Automatic Updates
/system scheduler add name="Sched-Blocklist.de-StrongIPs" interval=1d start-time=03:00:00 on-event="Update-Blocklist.de-StrongIPs"
💪 Blocklist.de StrongIPs - MikroTik
📝 O liście
Uporni atakujący.
ℹ️ Pokrycie: IPv4 i IPv6 | Aktualizowane codziennie o 02:00
1. Instalacja
Pobierz i zainstaluj skrypt aktualizacji:
/tool fetch url="https://lists.cycr.xyz/public/mikrotik-blocklist-strongips/update_ipv4.txt" dst-path=blocklist-strongips.txt; :delay 2s; /system script add name="Update-Blocklist.de-StrongIPs" source=[/file get blocklist-strongips.txt contents]; /file remove blocklist-strongips.txt
2. Pierwsze uruchomienie
Wykonaj skrypt ręcznie:
/system script run Update-Blocklist.de-StrongIPs
Tworzy listę adresów: blocklist-strong
3. Dodaj reguły firewall
RAW (Zalecane):
/ip firewall raw add chain=prerouting src-address-list=blocklist-strong action=drop comment=Blocklist.de-StrongIPs-Block place-before=0
Filter:
/ip firewall filter add chain=input src-address-list=blocklist-strong action=drop comment=Blocklist.de-StrongIPs-Block place-before=0
/ip firewall filter add chain=forward src-address-list=blocklist-strong action=drop comment=Blocklist.de-StrongIPs-Block place-before=0
4. Automatyczne aktualizacje
/system scheduler add name="Sched-Blocklist.de-StrongIPs" interval=1d start-time=03:00:00 on-event="Update-Blocklist.de-StrongIPs"
💪 Blocklist.de StrongIPs - RAW Files
📝 About
Direct access to Blocklist.de StrongIPs raw text files containing IP addresses.
ℹ️ Coverage: IPv4 & IPv6 | Updated daily at 02:00 AM
📂 Available Files
💪 Blocklist.de StrongIPs - Pliki RAW
📝 O plikach
Bezpośredni dostęp do surowych plików tekstowych Blocklist.de StrongIPs zawierających adresy IP.
ℹ️ Pokrycie: IPv4 i IPv6 | Aktualizowane codziennie o 02:00
📂 Dostępne pliki
⚔️ CINS Army - MikroTik
📝 About
CINS Army threat intelligence.
ℹ️ Coverage: IPv4 & IPv6 addresses | Updated daily at 02:00 AM
1. Installation
Download and install the update script:
/tool fetch url="https://lists.cycr.xyz/public/mikrotik-cins-army/update_ipv4.txt" dst-path=cins-army.txt; :delay 2s; /system script add name="Update-CINS-Army" source=[/file get cins-army.txt contents]; /file remove cins-army.txt
2. First Run
Execute the script manually:
/system script run Update-CINS-Army
Creates address list: cins-army
3. Add Firewall Rules
RAW (Recommended):
/ip firewall raw add chain=prerouting src-address-list=cins-army action=drop comment=CINS-Army-Block place-before=0
Filter:
/ip firewall filter add chain=input src-address-list=cins-army action=drop comment=CINS-Army-Block place-before=0
/ip firewall filter add chain=forward src-address-list=cins-army action=drop comment=CINS-Army-Block place-before=0
4. Automatic Updates
/system scheduler add name="Sched-CINS-Army" interval=1d start-time=03:02:00 on-event="Update-CINS-Army"
⚔️ CINS Army - MikroTik
📝 O liście
Wywiad zagrożeń CINS Army.
ℹ️ Pokrycie: IPv4 i IPv6 | Aktualizowane codziennie o 02:00
1. Instalacja
Pobierz i zainstaluj skrypt aktualizacji:
/tool fetch url="https://lists.cycr.xyz/public/mikrotik-cins-army/update_ipv4.txt" dst-path=cins-army.txt; :delay 2s; /system script add name="Update-CINS-Army" source=[/file get cins-army.txt contents]; /file remove cins-army.txt
2. Pierwsze uruchomienie
Wykonaj skrypt ręcznie:
/system script run Update-CINS-Army
Tworzy listę adresów: cins-army
3. Dodaj reguły firewall
RAW (Zalecane):
/ip firewall raw add chain=prerouting src-address-list=cins-army action=drop comment=CINS-Army-Block place-before=0
Filter:
/ip firewall filter add chain=input src-address-list=cins-army action=drop comment=CINS-Army-Block place-before=0
/ip firewall filter add chain=forward src-address-list=cins-army action=drop comment=CINS-Army-Block place-before=0
4. Automatyczne aktualizacje
/system scheduler add name="Sched-CINS-Army" interval=1d start-time=03:02:00 on-event="Update-CINS-Army"
⚔️ CINS Army - RAW Files
📝 About
Direct access to CINS Army raw text files containing IP addresses.
ℹ️ Coverage: IPv4 & IPv6 | Updated daily at 02:00 AM
📂 Available Files
⚔️ CINS Army - Pliki RAW
📝 O plikach
Bezpośredni dostęp do surowych plików tekstowych CINS Army zawierających adresy IP.
ℹ️ Pokrycie: IPv4 i IPv6 | Aktualizowane codziennie o 02:00
📂 Dostępne pliki
🧅 Tor Exit Nodes - MikroTik
📝 About
Tor exit node IP addresses.
ℹ️ Coverage: IPv4 & IPv6 addresses | Updated daily at 02:00 AM
1. Installation
Download and install the update script:
/tool fetch url="https://lists.cycr.xyz/public/mikrotik-tor-exit/update_ipv4.txt" dst-path=tor-exit.txt; :delay 2s; /system script add name="Update-Tor-Exit-Nodes" source=[/file get tor-exit.txt contents]; /file remove tor-exit.txt
2. First Run
Execute the script manually:
/system script run Update-Tor-Exit-Nodes
Creates address list: tor-exit
3. Add Firewall Rules
RAW (Recommended):
/ip firewall raw add chain=prerouting src-address-list=tor-exit action=drop comment=Tor-Exit-Nodes-Block place-before=0
Filter:
/ip firewall filter add chain=input src-address-list=tor-exit action=drop comment=Tor-Exit-Nodes-Block place-before=0
/ip firewall filter add chain=forward src-address-list=tor-exit action=drop comment=Tor-Exit-Nodes-Block place-before=0
4. Automatic Updates
/system scheduler add name="Sched-Tor-Exit-Nodes" interval=1d start-time=03:04:00 on-event="Update-Tor-Exit-Nodes"
🧅 Tor Exit Nodes - MikroTik
📝 O liście
Adresy IP węzłów wyjściowych Tor.
ℹ️ Pokrycie: IPv4 i IPv6 | Aktualizowane codziennie o 02:00
1. Instalacja
Pobierz i zainstaluj skrypt aktualizacji:
/tool fetch url="https://lists.cycr.xyz/public/mikrotik-tor-exit/update_ipv4.txt" dst-path=tor-exit.txt; :delay 2s; /system script add name="Update-Tor-Exit-Nodes" source=[/file get tor-exit.txt contents]; /file remove tor-exit.txt
2. Pierwsze uruchomienie
Wykonaj skrypt ręcznie:
/system script run Update-Tor-Exit-Nodes
Tworzy listę adresów: tor-exit
3. Dodaj reguły firewall
RAW (Zalecane):
/ip firewall raw add chain=prerouting src-address-list=tor-exit action=drop comment=Tor-Exit-Nodes-Block place-before=0
Filter:
/ip firewall filter add chain=input src-address-list=tor-exit action=drop comment=Tor-Exit-Nodes-Block place-before=0
/ip firewall filter add chain=forward src-address-list=tor-exit action=drop comment=Tor-Exit-Nodes-Block place-before=0
4. Automatyczne aktualizacje
/system scheduler add name="Sched-Tor-Exit-Nodes" interval=1d start-time=03:04:00 on-event="Update-Tor-Exit-Nodes"
🧅 Tor Exit Nodes - RAW Files
📝 About
Direct access to Tor Exit Nodes raw text files containing IP addresses.
ℹ️ Coverage: IPv4 & IPv6 | Updated daily at 02:00 AM
📂 Available Files
🧅 Tor Exit Nodes - Pliki RAW
📝 O plikach
Bezpośredni dostęp do surowych plików tekstowych Tor Exit Nodes zawierających adresy IP.
ℹ️ Pokrycie: IPv4 i IPv6 | Aktualizowane codziennie o 02:00
📂 Dostępne pliki
🛡️ DShield - MikroTik
📝 About
DShield top attacking IPs.
ℹ️ Coverage: IPv4 & IPv6 addresses | Updated daily at 02:00 AM
1. Installation
Download and install the update script:
/tool fetch url="https://lists.cycr.xyz/public/mikrotik-dshield/update_ipv4.txt" dst-path=dshield.txt; :delay 2s; /system script add name="Update-DShield" source=[/file get dshield.txt contents]; /file remove dshield.txt
2. First Run
Execute the script manually:
/system script run Update-DShield
Creates address list: dshield
3. Add Firewall Rules
RAW (Recommended):
/ip firewall raw add chain=prerouting src-address-list=dshield action=drop comment=DShield-Block place-before=0
Filter:
/ip firewall filter add chain=input src-address-list=dshield action=drop comment=DShield-Block place-before=0
/ip firewall filter add chain=forward src-address-list=dshield action=drop comment=DShield-Block place-before=0
4. Automatic Updates
/system scheduler add name="Sched-DShield" interval=1d start-time=03:06:00 on-event="Update-DShield"
🛡️ DShield - MikroTik
📝 O liście
Najczęściej atakujące IP DShield.
ℹ️ Pokrycie: IPv4 i IPv6 | Aktualizowane codziennie o 02:00
1. Instalacja
Pobierz i zainstaluj skrypt aktualizacji:
/tool fetch url="https://lists.cycr.xyz/public/mikrotik-dshield/update_ipv4.txt" dst-path=dshield.txt; :delay 2s; /system script add name="Update-DShield" source=[/file get dshield.txt contents]; /file remove dshield.txt
2. Pierwsze uruchomienie
Wykonaj skrypt ręcznie:
/system script run Update-DShield
Tworzy listę adresów: dshield
3. Dodaj reguły firewall
RAW (Zalecane):
/ip firewall raw add chain=prerouting src-address-list=dshield action=drop comment=DShield-Block place-before=0
Filter:
/ip firewall filter add chain=input src-address-list=dshield action=drop comment=DShield-Block place-before=0
/ip firewall filter add chain=forward src-address-list=dshield action=drop comment=DShield-Block place-before=0
4. Automatyczne aktualizacje
/system scheduler add name="Sched-DShield" interval=1d start-time=03:06:00 on-event="Update-DShield"
🛡️ DShield - RAW Files
📝 About
Direct access to DShield raw text files containing IP addresses.
ℹ️ Coverage: IPv4 & IPv6 | Updated daily at 02:00 AM
📂 Available Files
🛡️ DShield - Pliki RAW
📝 O plikach
Bezpośredni dostęp do surowych plików tekstowych DShield zawierających adresy IP.
ℹ️ Pokrycie: IPv4 i IPv6 | Aktualizowane codziennie o 02:00