Skip to content
/ BlackIPforFirewall Public

🔒 BlackIPforFirewall is a 🤖 script for Mikrotik Router OS that updates a list of IPs with bad reputation in the firewall list. 🛡️ Protect your network from malware, spam, and other unwanted activities! The IPs are regularly updated for maximum protection. 🚀 Fast & easy 2 install, BlackIPforFirewall is your ally in the fight for network security

License

MIT license
19 stars 4 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

trskrbz/BlackIPforFirewall

BranchesTags

Repository files navigation

BlackIPforFirewall

🔒 BlackIPforFirewall is a project that contains a script for Mikrotik RouterOS, which automatically updates the firewall address list with IP addresses that have a bad reputation. The list of unwanted IP addresses is formed from various sites and projects, such as:

IP addresses of CDN providers are excluded from the list, including Akamai, Amazon, Arvancloud, Azure, Bing, Bunny CDN, Cloudflare, Cloudfront, DDoS Guard, Digitalocean, Fastly, Google, all Github services, G-core, Yandex Cloud, Yandex Full IP, Imperva, Incapsula, Leaseweb, MaxCDN, NGenix, Oracle, Qrator, StackPath, StormWall, Sucuri, TcpShield, and X4B. The list is optimized by combining several IP addresses into one record. In the future, bash scripts will be added to add addresses to nftables and iptables.

🎯 The goal of the BlackIPforFirewall project is to provide protection for your network against IP addresses that may be associated with malware, spam, or other unwanted activity. The list of such IP addresses is regularly updated to ensure maximum protection effectiveness.

An additional script, blackip.rsc, creates a drop rule in the firewall raw, creates a separate script in the system scripts section called blackip, and a scheduler for automatic updates. The script is recommended for initial installation and only needs to be executed once.

Usage (for first-time installation only)

To use the script, execute the following commands in the RouterOS terminal:

tool fetch url="https://raw.githubusercontent.com/trskrbz/BlackIPforFirewall/main/blackip.rsc" mode=https

import blackip.rsc

You can view the separate script in the file blackip_onlyscript.txt

Note by ip file

full-ip.txt a complete list of IP addresses (without combining entries)

dash-merged-ip.txt a list with IP addresses combined using a dash (about 17% smaller than full-ip.txt)

Contributions

If you find any issues with the project or want to contribute, please create an issue or pull request in the GitHub repository.

License

BlackIPforFirewall is distributed under the MIT license. For more information, see the LICENSE file.

We hope that BlackIPforFirewall will be useful for you and help ensure the security of your network.

About

🔒 BlackIPforFirewall is a 🤖 script for Mikrotik Router OS that updates a list of IPs with bad reputation in the firewall list. 🛡️ Protect your network from malware, spam, and other unwanted activities! The IPs are regularly updated for maximum protection. 🚀 Fast & easy 2 install, BlackIPforFirewall is your ally in the fight for network security

Topics

mikrotik firewall blocklist ipv4 bruteforce network-automation network-security ip-blacklist droplist ip-blocklist

Resources

Readme

License

MIT license
Activity

Stars

19 stars

Watchers

2 watching

Forks

4 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages