1. 服务器/VPS/主机用户Telegram电报群: https://t.me/openos
    黑群晖 Synology Telegram电报群: https://t.me/nasfan
    排除公告

阻擋存在Firehol level1清單中的惡意 IP

本帖由 kenneth2021-08-07 发布。版面名称:MikroTik RouterOS

  1. kenneth

    kenneth Member

    注册:
    2017-07-29
    帖子:
    36
    1. 增加[下載Firehol level1清單腳本]的腳本 (有好心人每天固定將清單轉換成 RouterOS 的腳本
    /system script add name="DownloadFirehol" source={ /tool fetch url="https://amin-it-consulting.com/firehol/firehol.rsc" mode=https; }

    2. 增加[刪除 RouterOS 上,舊的IP清單]的腳本
    /system script add name="ReplaceFirehol" source={/file :global firehol [/file get firehol.rsc contents]; :if (firehol != "") do={/ip firewall address-list remove [find where comment="firehol"] /import file-name=firehol.rsc;}}

    3. 增加排程執行腳本
    /system scheduler add comment="Download Firehol list" interval=1d name="DownloadFireholList" on-event=DownloadFirehol start-date=jan/01/1970 start-time=00:00:00
    /system scheduler add comment="Apply Firehol list" interval=1d name="InstallFireholList" on-event=ReplaceFirehol start-date=jan/01/1970 start-time=00:05:00

    4. 立即執行排程
    /system script run DownloadFirehol
    /system script run ReplaceFirehol

    原文: Mikrotik Firewall - A RouterOs script to block a dynamic list of malicious IPs from Firehol_level1 - Firetik (amin-it-consulting.com)