Out of curiousity, If I wanted to create global ACLs for my network for various purposes that are managed from a single mikrotik on the network. Is there enough info on your links to steal your code and modify it to do so?
basically I want a single location I add in the different ACL lists and it automagically ends up on all our routers On Thu, Aug 25, 2016 at 1:13 PM, Joshaven Mailing Lists <[email protected] > wrote: > One of the major drawbacks of using dynamic ip lists is that they will be > gone if you reboot. > > If you have a 3 to 7 day update schedule then you can go days without your > blacklists which somewhat defeats the purpose. > > A solution for this would be to add an additional schedule that has a > start-time=startup that downloads & runs all of the scripts. > > > Sincerely, > Joshaven Potter > Google Hangouts: [email protected] > Cell & SMS: 1-517-607-9370 > [email protected] > > > > On Aug 25, 2016, at 1:38 PM, Joshaven Mailing Lists <[email protected]> > wrote: > > I didn’t want to add a timeout globally but just for you here it your > solution: > > You can optionally provide the number of days, it will default to 7 > > http://joshaven.com/listWithTimeout.php?list=openbl > http://joshaven.com/ <http://joshaven.com/listWithTimeout?list=spamhaus> > listWithTimeout <http://joshaven.com/with_timeout.php?list=openbl> > .php?list=spamhaus > http://joshaven.com/ > <http://joshaven.com/listWithTimeout.php?list=dshield> > <http://joshaven.com/listWithTimeout?list=spamhaus>listWithTimeout > <http://joshaven.com/with_timeout.php?list=openbl>.php?list=dshield > http://joshaven.com/ > <http://joshaven.com/listWithTimeout.php?list=malc0de> > <http://joshaven.com/listWithTimeout?list=spamhaus>listWithTimeout > <http://joshaven.com/with_timeout.php?list=openbl>.php?list=malc0de > > Here is an example of the list with with an alternative length of time: > http://joshaven.com/ > <http://joshaven.com/with_timeout.php?list=malc0de&days=14> > <http://joshaven.com/listWithTimeout?list=spamhaus>listWithTimeout > <http://joshaven.com/with_timeout.php?list=openbl> > .php?list=dshield&days=14 > > This will however create a goofy filename if you don’t specify the > filename so alter your download scripts to be like: > > /tool fetch url="http://joshaven.com/listWithTimeout.php?list=openbl"; > mode=http dst-path=openbl.rsc; > > /tool fetch url="http://joshaven.com/listWithTimeout.php?list=spamhaus"; > mode=http dst-path=spamhaus.rsc; > > /tool fetch url="http://joshaven.com/listWithTimeout.php?list=dshield"; > mode=http dst-path=dshield.rsc; > > /tool fetch url="http://joshaven.com/listWithTimeout.php?list=malc0de"; > mode=http dst-path=malc0de.rsc; > > <joshaven_10_70_99_1__JPFW__-_WinBox_v6_36_on_RB2011UAS-2HnD__mipsbe_.jpg> > > > > > > > Sincerely, > Joshaven Potter > Google Hangouts: [email protected] > Cell & SMS: 1-517-607-9370 > [email protected] > > > > On Aug 25, 2016, at 11:24 AM, Faisal Imtiaz <[email protected]> > wrote: > > Is there anyway you can make the address lists in Mikrotik dynamic > > with a ~7 day timeout? That way they are not included in backups etc. > Also, if decide to stop using them just delete the scripts and lists > will go away in 7 days. > > > > Huh ? not sure what you are asking and why ? > > The list/feature is supposed to be dynamic to begin with. > You can run a daily update. > If you want to stop the function, you can simply disable the firewall rule > that is associated with this list > getting a copy of the ip's via backup export is not a big deal.. > > ?? > > > Faisal Imtiaz > Snappy Internet & Telecom > > > Help-desk: (305)663-5518 Option 2 or Email: [email protected] > <[email protected]> > > ----- Original Message ----- > > From: "Matt" <[email protected]> > To: [email protected] > Sent: Thursday, August 25, 2016 10:14:26 AM > Subject: Re: [AFMUG] FREE Mikrotik Blacklist Service > > > For years I've provided a FREE blacklist service for MikroTik users. I have > recently upgraded my server environment for higher reliability and speed. > If you are interested in a dynamic IP blacklist for your routers are are > not > already using my list then checkout my writeup: > > http://joshaven.com/resources/tricks/mikrotik-automatically- > updated-address-list/ > > If you are already use my list than don't worry, your service just got > faster > and you don't need to do anything... unless you want to include the newly > added > list from malc0de. > > > Is there anyway you can make the address lists in Mikrotik dynamic > with a ~7 day timeout? That way they are not included in backups etc. > Also, if decide to stop using them just delete the scripts and lists > will go away in 7 days. > > > > -- If you only see yourself as part of the team but you don't see your team as part of yourself you have already failed as part of the team.
