Mikrotik: Blocking unwanted connections with external IP list
When setting a public facing web proxy I noticed quite a big number of connections coming from the East (mostly Russia, China, Koreas, Ukraine) scanning my resources. I could either start collecting these addresses, what would be a long process and would not help much as it would take ages to build a decent list or pull a premade list of known offenders and add them to my Mikrotik firewall.
RouterOS makes that easy, it can download external files, it can block whole subnets, what else would I need?
If you found this post before my GitHub repo, it’s here.
To make it work, you need to have 2 scripts added (one pulling list, one replacing it), 2 schedules to run these scripts and a firewall rule.
- Download install.rsc or install-light.rsc file from the repo and upload it to your device
- In the Mikrotik terminal run:
/import install.rsc
or/import install-light.rsc
depending what list you need. - Enjoy!
You can also import install.rsc file, it will do all of above for you. Get it from the github, upload to MT and run /import file-name=install.rsc
in terminal. You still need to manually add firewall rule.
January 2020 edit: This list is now automatically updating every week.
April 2023 edit: List has been fixed, I have also added additional sources and a lightweight list.