info
https://www.reddit.com/r/mikrotik/comments/3jf830/selfupdating_adblocker_script/
https://blocklister.gefoo.org/
組合技
最重要是紅色 get block lister .
/system script
add name=script1 owner=admin policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon sourc
\_firewall filter\r\
\nadd action=drop chain=input comment=\"\\A2b\\A2c\\A2d\\A2e\\A2f\\A2g
1 \\A2h\\A2g\\A2f\\A2e\\A2d\\A2c\\A2b\" disabled=no dst-port=21,22,23,
rotocol=tcp src-address-list=login_error_ip\r\
\nadd action=add-src-to-address-list address-list=login_error_ip addre
t-timeout=1d chain=input comment=\"\\A2b\\A2c\\A2d\\A2e\\A2f\\A2g\\A2h
2h\\A2g\\A2f\\A2e\\A2d\\A2c\\A2b\" connection-state=new disabled=no ds
=21,22,23,8291 protocol=tcp \\\r\
\n src-address-list=ros_service_login5\r\
\nadd action=add-src-to-address-list address-list=ros_service_login5 a
-list-timeout=1d30s chain=input comment=\"\\A2b\\A2c\\A2d\\A2e\\A2f\\A
h 3 \\A2h\\A2g\\A2f\\A2e\\A2d\\A2c\\A2b\" connection-state=new disable
st-port=21,22,23,8291 \\\r\
\n protocol=tcp src-address-list=ros_service_login4\r\
\nadd action=add-src-to-address-list address-list=ros_service_login4 a
-list-timeout=30s chain=input comment=\"\\A2b\\A2c\\A2d\\A2e\\A2f\\A2g
4 \\A2h\\A2g\\A2f\\A2e\\A2d\\A2c\\A2b\" connection-state=new disabled=
-port=21,22,23,8291 protocol=\\\r\
\n tcp src-address-list=ros_service_login3\r\
\nadd action=add-src-to-address-list address-list=ros_service_login3 a
-list-timeout=30s chain=input comment=\"\\A2b\\A2c\\A2d\\A2e\\A2f\\A2g
5 \\A2h\\A2g\\A2f\\A2e\\A2d\\A2c\\A2b\" connection-state=new disabled=
-port=21,22,23,8291 protocol=\\\r\
\n tcp src-address-list=ros_service_login2\r\
\nadd action=add-src-to-address-list address-list=ros_service_login2 a
-list-timeout=30s chain=input comment=\"\\A2b\\A2c\\A2d\\A2e\\A2f\\A2g
6 \\A2h\\A2g\\A2f\\A2e\\A2d\\A2c\\A2b\" connection-state=new disabled=
-port=21,22,23,8291 protocol=\\\r\
\n tcp src-address-list=ros_service_login1\r\
\nadd action=add-src-to-address-list address-list=ros_service_login1 a
-list-timeout=30s chain=input comment=\"\\A2b\\A2c\\A2d\\A2e\\A2f\\A2g
7 \\A2h\\A2g\\A2f\\A2e\\A2d\\A2c\\A2b\" connection-state=new disabled=
-port=21,22,23,8291 protocol=\\\r\
\n tcp src-address-list=!Lan_ip\r\
\n\r\
\n/ip firewall address-list\r\
\nadd address=172.16.0.0/12 disabled=no list=Lan_ip\r\
\nadd address=192.168.0.0/16 disabled=no list=Lan_ip\r\
\nadd address=10.0.0.0/8 disabled=no list=Lan_ip"
add name=Blocklister_download_Ads owner=admin policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon sourc
ol fetch url=\"https://blocklister.gefoo.org/ads\" dst-path=\"ads.rsc\
ort file-name=\"ads.rsc\";
另一個
增加時間 自動更新
/system scheduler
add comment=Download_Ads_List interval=1w name=Blocklister_download_Ads \
on-event=Blocklister_download_Ads policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
start-date=jan/01/1970 start-time=02:42:00
必須配合
ip
Filter Roules
設定 使用 AD-BLOCK 只有抓下來 沒有用 就是沒用
add action=reject chain=forward comment="Ad-block list drop" connection-state=\
new dst-address-list=ads_list in-interface=bridge log=yes protocol=tcp \
reject-with=tcp-reset
add info
20180412
https://paul.is-a-geek.org/2018/02/dns-based-adblock-using-mikrotik-routeros/
-------------
20180518
blocklister 網站已經無法抓 ads 所以上述都失效
目前做法
抓
https://paul.is-a-geek.org/wp-content/uploads/2018/02/mikrotik_adblock.zip
解出檔案
mikrotik_adblock.rsc
使用 到 Files 將mikrotik_adblock.rsc 傳上去
開New Terminal ( 也許重開機 會自己跑,但我在這是直接套 run )
file
/import file-name=ads.rsc
套用後,在Firewall > address lists 會看到一大串
已經加入
套入使用
# add firewall rule once
/ip firewall filter add chain=forward in-interface=bridge1 connection-state=new protocol=tcp dst-address-list=ads_list action=reject reject-with=tcp-reset comment="Ad-block list drop"
並將條例加到前面
即可
維護
自己使用Ultra Edit 加入 再匯入 只能這樣了
不然就看誰要開網站
發表文章
沒有留言:
張貼留言