short answer is yes..... but keep in mind that Joshaven's script is designed to have the MT poll for the file at specified intervals. Setting up the interval too short can be more stressful on both the router & server hosting the file..... Setting up the interval to be long, will you will have to wait for the acl to kick in...
A better way to do this is via a private ebgp session, where you can inject the IP Address almost instantaneously, and as a bonus if you are doing ebgp with you ip transit provider you can also setup this to do blackhole communities. Regards. Faisal Imtiaz Snappy Internet & Telecom 7266 SW 48 Street Miami, FL 33155 Tel: 305 663 5518 x 232 Help-desk: (305)663-5518 Option 2 or Email: [email protected] > From: "That One Guy /sarcasm" <[email protected]> > To: [email protected] > Sent: Wednesday, September 7, 2016 11:59:37 PM > Subject: Re: [AFMUG] FREE Mikrotik Blacklist Service > Out of curiousity, > If I wanted to create global ACLs for my network for various purposes that are > managed from a single mikrotik on the network. Is there enough info on your > links to steal your code and modify it to do so? > basically I want a single location I add in the different ACL lists and it > automagically ends up on all our routers > On Thu, Aug 25, 2016 at 1:13 PM, Joshaven Mailing Lists < [email protected] > > > wrote: >> One of the major drawbacks of using dynamic ip lists is that they will be >> gone >> if you reboot. >> If you have a 3 to 7 day update schedule then you can go days without your >> blacklists which somewhat defeats the purpose. >> A solution for this would be to add an additional schedule that has a >> start-time=startup that downloads & runs all of the scripts. >> Sincerely, >> Joshaven Potter >> Google Hangouts: [email protected] >> Cell & SMS: 1-517-607-9370 >> [email protected] >>> On Aug 25, 2016, at 1:38 PM, Joshaven Mailing Lists < [email protected] > >>> wrote: >>> I didn’t want to add a timeout globally but just for you here it your >>> solution: >>> You can optionally provide the number of days, it will default to 7 >>> http://joshaven.com/listWithTimeout.php?list=openbl >>> http://joshaven.com/ listWithTimeout .php?list=spamhaus >>> http://joshaven.com/ listWithTimeout .php?list=dshield >>> http://joshaven.com/ listWithTimeout .php?list=malc0de >>> Here is an example of the list with with an alternative length of time: >>> http://joshaven.com/ listWithTimeout .php?list=dshield&days=14 >>> This will however create a goofy filename if you don’t specify the filename >>> so >>> alter your download scripts to be like: >>> /tool fetch url=" http://joshaven.com/listWithTimeout.php?list=openbl " >>> mode=http dst-path=openbl.rsc; >>> /tool fetch url=" http://joshaven.com/listWithTimeout.php?list=spamhaus " >>> mode=http dst-path=spamhaus.rsc; >>> /tool fetch url=" http://joshaven.com/listWithTimeout.php?list=dshield " >>> mode=http dst-path=dshield.rsc; >>> /tool fetch url=" http://joshaven.com/listWithTimeout.php?list=malc0de " >>> mode=http dst-path=malc0de.rsc; >>> <joshaven_10_70_99_1__JPFW__-_WinBox_v6_36_on_RB2011UAS-2HnD__mipsbe_.jpg> >>> Sincerely, >>> Joshaven Potter >>> Google Hangouts: [email protected] >>> Cell & SMS: 1-517-607-9370 >>> [email protected] >>>> On Aug 25, 2016, at 11:24 AM, Faisal Imtiaz < [email protected] > >>>> wrote: >>>> Is there anyway you can make the address lists in Mikrotik dynamic >>>>> with a ~7 day timeout? That way they are not included in backups etc. >>>>> Also, if decide to stop using them just delete the scripts and lists >>>>> will go away in 7 days. >>>> Huh ? not sure what you are asking and why ? >>>> The list/feature is supposed to be dynamic to begin with. >>>> You can run a daily update. >>>> If you want to stop the function, you can simply disable the firewall rule >>>> that >>>> is associated with this list >>>> getting a copy of the ip's via backup export is not a big deal.. >>>> ?? >>>> Faisal Imtiaz >>>> Snappy Internet & Telecom >>>> Help-desk: (305)663-5518 Option 2 or Email: [email protected] >>>> ----- Original Message ----- >>>>> From: "Matt" < [email protected] > >>>>> To: [email protected] >>>>> Sent: Thursday, August 25, 2016 10:14:26 AM >>>>> Subject: Re: [AFMUG] FREE Mikrotik Blacklist Service >>>>>> For years I've provided a FREE blacklist service for MikroTik users. I >>>>>> have >>>>>> recently upgraded my server environment for higher reliability and speed. >>>>>> If you are interested in a dynamic IP blacklist for your routers are are >>>>>> not >>>>>> already using my list then checkout my writeup: >>>>>> http://joshaven.com/resources/tricks/mikrotik-automatically-updated-address-list/ >>>>>> If you are already use my list than don't worry, your service just got >>>>>> faster >>>>>> and you don't need to do anything... unless you want to include the >>>>>> newly added >>>>>> list from malc0de. >>>>> Is there anyway you can make the address lists in Mikrotik dynamic >>>>> with a ~7 day timeout? That way they are not included in backups etc. >>>>> Also, if decide to stop using them just delete the scripts and lists >>>>> will go away in 7 days. > -- > If you only see yourself as part of the team but you don't see your team as > part > of yourself you have already failed as part of the team.
