Community discussions

MUM Europe 2020

Search found 54 matches

by Squidblacklist
Mon May 15, 2017 1:47 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 113474

Re: Blacklist Filter update script

it's very possible to do that, but I would need to see what the impact on the routers would be. I'm not a big fan of the built-in DNS as it is and I'm not sure how well it would hold up with several thousand hostnames added to it. Actually, Im glad to inform you today that the current release has a...
by Squidblacklist
Mon May 15, 2017 10:58 am
Forum: General
Topic: Routeros Firewall Tor node Blacklists
Replies: 0
Views: 771

Routeros Firewall Tor node Blacklists

With all of the recent malicious attacks and ransomware it may be a good time to block tor traffic and defend your networks. Here ya go, I just decided to whip up a free blacklist in case anybody might find this useful, im just gunna leave it right here. http://www.squidblacklist.org/downloads/sbl-t...
by Squidblacklist
Thu Mar 23, 2017 6:21 am
Forum: General
Topic: Watchguard Firebox hardware and RouterOS?
Replies: 16
Views: 5858

Re: Watchguard Firebox hardware and RouterOS?

I know this is a 10 year old thread, but I found it while googling, and I want to leave a few crumbs for the next person looking into this so. I just installed RouterOS on a WatchGuard Firebox x1250e and wrote a blog entry about it. It was easy, all I had to do was install to a cf card inside an old...
by Squidblacklist
Fri Nov 18, 2016 12:25 pm
Forum: Scripting
Topic: Spamhaus + Dshield + Malc0de + OpenBL Malicious Ip Blacklists!
Replies: 15
Views: 9746

Re: Spamhaus + Dshield + Malc0de + OpenBL Malicious Ip Blacklists!

Hi Squidblacklist The filer rules is no correct, I belief it must look like this. /ip firewall filter add chain=input src-address-list=drop.dshield action=drop log=yes comment="drop.dshield" /ip firewall filter add chain=input src-address-list=drop.spamhaus1 action=drop log=yes comment="drop.spamha...
by Squidblacklist
Sat Oct 22, 2016 7:41 am
Forum: General
Topic: [Feature][DNS] Allow 0.0.0.0 as address for DNS records
Replies: 6
Views: 2593

Re: [Feature][DNS] Allow 0.0.0.0 as address for DNS records

Hmm, while that is definitely noteworthy, it is indeed trivial. Here is something that may be helpful, We are simply using loopback 127.0.0.1 with an option for our users to customize it with the following script header. # TiK-DNS-Ads: Blacklist compiled by SquidBlacklist.org 10-21-2016. :log info "...
by Squidblacklist
Sat Oct 22, 2016 7:30 am
Forum: General
Topic: Problems & Solutions with Mikrotik RouterOS DNS Domain Blacklists
Replies: 0
Views: 1848

Problems & Solutions with Mikrotik RouterOS DNS Domain Blacklists

Problems & Solutions with Mikrotik RouterOS DNS Domain Blacklists. Original Article by Benjamin E. Nichols of Squidblacklist.org http://blog.squidblacklist.org/?p=912 As a publisher of domain blacklist data, I thought it would be appropriate the share some recent challenged and resultant experience...
by Squidblacklist
Mon Oct 17, 2016 8:24 am
Forum: General
Topic: Patch Request: skip duplicate entry error and continue processing.
Replies: 1
Views: 891

Patch Request: skip duplicate entry error and continue processing.

As a blacklist provider it would be a pain in the butt to continue to provide blacklists consistantly if Mikrotik halts loading a static dns blacklist during import on "script error, duplicate entry exists" I would please ask for you to modify the system to not halt, but rather, continue processing ...
by Squidblacklist
Mon Oct 17, 2016 7:48 am
Forum: General
Topic: Problems: Changes to Static DNS causing serious issues.
Replies: 19
Views: 3420

Re: Problems: Changes to Static DNS causing serious issues.

Ok, I have to take a moment and give Mikrotik credit, where it is due. they actually resonded quite impressively with a speed enhancement for RouterOS, this has been a problem for a long time with large blacklist importing on RouterOS, so this was such a welcomed, and long overdue fix that so many p...
by Squidblacklist
Fri Oct 07, 2016 6:09 am
Forum: General
Topic: Problems: Changes to Static DNS causing serious issues.
Replies: 19
Views: 3420

Re: Problems: Changes to Static DNS causing serious issues.

This is the bullshit response I got from Mikrotik support, they didnt investigate, My regex is not overly complex, and it would only lead to "infinate loops" if there were a bug present in RouterOS. This is a serious issue, we represent many entities who wish to use these blacklists, and if Mikrotik...
by Squidblacklist
Wed Oct 05, 2016 5:39 am
Forum: General
Topic: Static DNS Bug(s) or Regex Format Issue?
Replies: 1
Views: 799

Re: Static DNS Bug(s) or Regex Format Issue?

SHAMLESS BUMP - HELLO MIKROTIK!!! HELP PLEASE
by Squidblacklist
Tue Oct 04, 2016 8:34 am
Forum: Wireless Networking
Topic: Mikrotik WISPs: Where?
Replies: 96
Views: 51762

Re: Mikrotik WISPs: Where?

Oklahoma's Largest Wireless ISP http://www.atlinkwifi.com is using a nearly 99% pure Mikrotik Network. Well over 6000 CPE last time I checked, but dont quote me on that:P
by Squidblacklist
Tue Oct 04, 2016 7:01 am
Forum: General
Topic: Problems: Changes to Static DNS causing serious issues.
Replies: 19
Views: 3420

Re: Problems: Changes to Static DNS causing serious issues.

If you want something fixed, you need to contact support . Describe what's the problem and hope for the best. Try to be as clear as possible, so all details, but not too long, you don't want them getting lost in it. And be patient. ;) Yup I went ahead and opened a support ticket, we shall see, hope...
by Squidblacklist
Tue Oct 04, 2016 12:44 am
Forum: General
Topic: Static DNS Bug(s) or Regex Format Issue?
Replies: 1
Views: 799

Static DNS Bug(s) or Regex Format Issue?

[admin@MikroTik1] /ip dns static> add regexp="^(.*\\.)\?.ads-siteelb-g56fz8b4d9hz-801723328\\.us-east-1\\.elb\\.amazonaws\\.com\$" address="127.0.0.1" comment="sbl ads" failure: regular expression too compex [admin@MikroTik1] /ip dns static> What the heck? Is there a problem with my regex? Do I nee...
by Squidblacklist
Sun Oct 02, 2016 9:46 pm
Forum: General
Topic: Problems: Changes to Static DNS causing serious issues.
Replies: 19
Views: 3420

Re: Problems: Changes to Static DNS causing serious issues.

This problem with long regexp looks like an artificial limit in some sanity check. Usually you wouldn't need anything this long. Escaping dots does not change anything, even when you enter all basic character like letters or numbers, it takes maximum of 63. By bug I meant the main problem, the extr...
by Squidblacklist
Sun Oct 02, 2016 4:45 am
Forum: General
Topic: 802.11ac spectral scan
Replies: 158
Views: 34255

Re: 802.11ac spectral scan

With 80mhz we need a spectrum analyzer. When can we have this feature. Its hard to find the best channel if we cant look. I use spectral scan all the time. Its so important. LOL yeah but you know as well as I do, as soon as your competitor changes channels your gunna be right back out there on a se...
by Squidblacklist
Sat Oct 01, 2016 8:56 pm
Forum: General
Topic: Problems: Changes to Static DNS causing serious issues.
Replies: 19
Views: 3420

Re: Problems: Changes to Static DNS causing serious issues.

# TiK-DNS-Ads: Blacklist compiled by SquidBlacklist.org 10-01-2016. -MADE IN USA- # Blacklists by Squidblacklist.org are licensed under a Creative Commons Attribution-NoDerivatives 4.0 International License. :log info "tik dns ads blacklist script import started" TADA Now it is as it should be. Tha...
by Squidblacklist
Sat Oct 01, 2016 8:22 pm
Forum: General
Topic: Problems: Changes to Static DNS causing serious issues.
Replies: 19
Views: 3420

Re: Problems: Changes to Static DNS causing serious issues.

Ah a forward slash before every dot, now thats a lot easier to script.

You have solved my problem, I can script that up in no time.

Thank you!
by Squidblacklist
Sat Oct 01, 2016 8:58 am
Forum: General
Topic: Feature Request - Log Action for Static DNS Entries.
Replies: 1
Views: 647

Feature Request - Log Action for Static DNS Entries.

For those of us who desire to pursue web filtering using with static DNS entries, it would be great to see an option for log action for all Static DNS entries so we can see logs when somebody is trying to break the rules or visit unwanted websites. Same thing for web proxy access rules, it would be ...
by Squidblacklist
Sat Oct 01, 2016 4:50 am
Forum: Scripting
Topic: Spamhaus + Dshield + Malc0de + OpenBL Malicious Ip Blacklists!
Replies: 15
Views: 9746

Re: Spamhaus + Dshield Malicious Ip Blacklist For RouterOS Now Availalable GRATIS!

I've been offering this for a while, with a few advantages. . Hey Dave, I know you are big into this stuff, so I wanted to give you the heads up on these other blacklists now available for RouterOS thanks to Josh Aven. http://joshaven.com/malc0de.rsc http://joshaven.com/openbl.rsc He has taken the ...
by Squidblacklist
Sat Oct 01, 2016 4:22 am
Forum: Scripting
Topic: Spamhaus + Dshield + Malc0de + OpenBL Malicious Ip Blacklists!
Replies: 15
Views: 9746

Re: Spamhaus + Dshield Malicious Ip Blacklist For RouterOS Now Availalable GRATIS!

Hi Squidblacklist
Can you please add the filter rules that you are using.

Bigfoot
Sure. I have updated the original post with more detailed instructions as well as two more free blacklists.
by Squidblacklist
Sat Oct 01, 2016 4:19 am
Forum: Scripting
Topic: Spamhaus + Dshield + Malc0de + OpenBL Malicious Ip Blacklists!
Replies: 15
Views: 9746

Re: Spamhaus + Dshield Malicious Ip Blacklist For RouterOS Now Availalable GRATIS!

is this work ?

Sure does, I have been using it for over a year on my units without issue, updating every 3 hours.
by Squidblacklist
Sat Oct 01, 2016 3:23 am
Forum: General
Topic: Problems: Changes to Static DNS causing serious issues.
Replies: 19
Views: 3420

Re: Problems: Changes to Static DNS causing serious issues.

This problem with long regexp looks like an artificial limit in some sanity check. Usually you wouldn't need anything this long. Escaping dots does not change anything, even when you enter all basic character like letters or numbers, it takes maximum of 63. By bug I meant the main problem, the extr...
by Squidblacklist
Sat Oct 01, 2016 12:34 am
Forum: General
Topic: Problems: Changes to Static DNS causing serious issues.
Replies: 19
Views: 3420

Re: Problems: Changes to Static DNS causing serious issues.

But it does not really influence the handling in RouterOS, there's definitely some bug. Btw, your current script dies here at this line: add regexp=".\\*.ads-siteelb-g56fz8b4d9hz-801723328.us-east-1.elb.amazonaws.com" address="127.0.0.1" comment="sbl ads" with "failure: regular expression too compe...
by Squidblacklist
Sat Oct 01, 2016 12:26 am
Forum: General
Topic: Problems: Changes to Static DNS causing serious issues.
Replies: 19
Views: 3420

Re: Problems: Changes to Static DNS causing serious issues.

Alright, scripts setup and working the way we want. However. The problem remains, grrrr. Failure at or around line 901: add regexp=".\\\\*.ads-sexy-site.com" address="127.0.0.1" comment="sbl ads" add regexp=".\\\\*.ads-sg.com" address="127.0.0.1" comment="sbl ads" add regexp=".\\\\*.ads.shizmoo.com"...
by Squidblacklist
Fri Sep 30, 2016 9:48 pm
Forum: General
Topic: How to block Microsoft via static DNS entry
Replies: 16
Views: 3361

Re: How to block Microsoft via static DNS entry

I think you are both wrong, In current ROS .\\*.somewebsite.net is what works to block the top domain as well the subdomains.somewebsite.net. So the solution you claim to work, does not work, or at least, no longer works. I know, I tested it in RoS v6.37 and no dice using your examples. I thought It...
by Squidblacklist
Fri Sep 30, 2016 9:30 pm
Forum: General
Topic: Problems: Changes to Static DNS causing serious issues.
Replies: 19
Views: 3420

Re: Problems: Changes to Static DNS causing serious issues.

You are correct, Ok so today, I woke up and somehow a router magically succeeded in importing the whole list, that I had scheduled ot run over night, so thats encouraging. But then I began to read your messages, and again, after testing I verified what you said to be true, and so I made some changes...
by Squidblacklist
Fri Sep 30, 2016 7:49 am
Forum: General
Topic: Problems: Changes to Static DNS causing serious issues.
Replies: 19
Views: 3420

Problems: Changes to Static DNS causing serious issues.

We provide domain name based blacklists, formatted for use with Mikrotik RouterOS Web Proxy access list, and for RoS DNS Static Entry List. Recently our subscribers began complaining that our dns blacklists were no longer importing with the latest version of router OS. We had to change name= to rege...
by Squidblacklist
Mon May 23, 2016 4:28 am
Forum: Beginner Basics
Topic: How to block adult sites?
Replies: 26
Views: 47635

Re: How to block adult sites?

Web proxy access list, porn domain blacklist.

http://www.squidblacklist.org/downloads ... orn.tar.gz
by Squidblacklist
Wed May 04, 2016 2:14 am
Forum: Scripting
Topic: Spamhaus + Dshield + Malc0de + OpenBL Malicious Ip Blacklists!
Replies: 15
Views: 9746

Re: Spamhaus + Dshield Malicious Ip Blacklist For RouterOS Now Availalable GRATIS!

Thank you for providing this. However, the script is currently (as of 2/6/16) exiting to an error after the spamhaus1 import update. It appears to be missing the following: :log info "drop.spamhaus2 script import started" :foreach subnet in [/ip firewall address-list find list=drop.spamhaus2] do={ ...
by Squidblacklist
Wed May 04, 2016 2:01 am
Forum: Scripting
Topic: Spamhaus + Dshield + Malc0de + OpenBL Malicious Ip Blacklists!
Replies: 15
Views: 9746

Re: Spamhaus + Dshield Malicious Ip Blacklist For RouterOS Now Availalable GRATIS!

I've been offering this for a while, with a few advantages. http://forum.mikrotik.com/viewtopic.php?f=9&t=98804 I use Dynamic address lists. This keeps the IP's in memory and dramatically reduces the number of flash writes. The script tells the server the some basics about the router, and the serve...
by Squidblacklist
Wed May 04, 2016 1:45 am
Forum: Scripting
Topic: Spamhaus + Dshield + Malc0de + OpenBL Malicious Ip Blacklists!
Replies: 15
Views: 9746

Re: Spamhaus + Dshield Malicious Ip Blacklist For RouterOS Now Availalable GRATIS!

Thank you for providing this. However, the script is currently (as of 2/6/16) exiting to an error after the spamhaus1 import update. It appears to be missing the following: :log info "drop.spamhaus2 script import started" :foreach subnet in [/ip firewall address-list find list=drop.spamhaus2] do={ ...
by Squidblacklist
Wed Feb 24, 2016 9:07 am
Forum: Beginner Basics
Topic: Shaping by way of User Groups (Whitelist/Blacklist)
Replies: 1
Views: 733

Re: Shaping by way of User Groups (Whitelist/Blacklist)

Our domain whitelist is now available to the public. It is for general production use, it contains no adult or piracy related sites, it is suitable for most networks.

It can be downloaded gratis at the following url.

http://www.squidblacklist.org/downloads/whitelist.txt
by Squidblacklist
Wed Jan 20, 2016 4:21 am
Forum: Scripting
Topic: Spamhaus + Dshield + Malc0de + OpenBL Malicious Ip Blacklists!
Replies: 15
Views: 9746

Spamhaus + Dshield + Malc0de + OpenBL Malicious Ip Blacklists!

For some this is nothing new, but for others it might prove to be quite a valued resource, so we decided to make it available gratis for the public as a way of giving back and saying thank you to all those who have supported us, besides, we cant really charge for it, it isnt our work! Spamhaus and D...
by Squidblacklist
Mon Aug 24, 2015 12:26 am
Forum: General
Topic: Domain Blacklists For Mikrotik RouterOS Web Proxy
Replies: 7
Views: 4347

Re: Domain Blacklists For Mikrotik RouterOS Web Proxy

BTW, I don´t know how this squidlist works, but I suppose that is just a really big IP addresses list that I can use on a Mikrotik CCR. I will not use any proxy. We have two formats available for Mikrotik RouterOS. One for Web Proxy and one for DNS. Both publications are in *.rsc import script form...
by Squidblacklist
Mon Aug 24, 2015 12:19 am
Forum: Scripting
Topic: Web Filtering with RouterOS Web Proxy Blacklists - Squidblacklist.org
Replies: 0
Views: 4830

Web Filtering with RouterOS Web Proxy Blacklists - Squidblacklist.org

Squidblacklist.org is proud to announce that we are the worlds first commercial provider of blacklists tailored specifically for Mikrotik RouterOS web proxy , and DNS server , for the purpose of content filtering by domain name. Similar solutions from commercial providers can be very expensive, now,...
by Squidblacklist
Fri Sep 20, 2013 6:03 am
Forum: General
Topic: Domain Blacklists For Mikrotik RouterOS Web Proxy
Replies: 7
Views: 4347

Domain Blacklists For Mikrotik RouterOS Web Proxy

We are pleased to announce that Squidblacklist.org is the worlds first commercial supplier of domain blacklists
for Mikrotik RouterOS Web Proxy.

See press release for more information..'

http://www.squidblacklist.org/press_rel ... ilter.html
by Squidblacklist
Fri Sep 20, 2013 6:02 am
Forum: Scripting
Topic: Public interest in blacklist service w/ MikroTik script?
Replies: 6
Views: 9825

Re: Public interest in blacklist service w/ MikroTik script?

We are pleased to announce that Squidblacklist.org is the worlds first commercial supplier of domain blacklists
for Mikrotik RouterOS Web Proxy

See press release for more information.

http://www.squidblacklist.org/press_rel ... ilter.html
by Squidblacklist
Sun Jul 07, 2013 2:18 pm
Forum: RouterBOARD hardware
Topic: RB750GL Crappy Bandwidth 10mbps w bwtest. on GB Link
Replies: 7
Views: 2262

Re: RB750GL Crappy Bandwidth 10mbps w bwtest. on GB Link

I would agree with you totally, but in my case, Im only getting about 32% cpu usage during testing with tcp send/recieve
by Squidblacklist
Tue Jul 02, 2013 8:17 pm
Forum: RouterBOARD hardware
Topic: RB750GL Crappy Bandwidth 10mbps w bwtest. on GB Link
Replies: 7
Views: 2262

Re: RB750GL Crappy Bandwidth 10mbps w bwtest. on GB Link

Ok guys I think that just sounds crazy and I have never heard that before.
by Squidblacklist
Tue Jul 02, 2013 6:28 pm
Forum: RouterBOARD hardware
Topic: RB750GL Crappy Bandwidth 10mbps w bwtest. on GB Link
Replies: 7
Views: 2262

Re: RB750GL Crappy Bandwidth 10mbps w bwtest. on GB Link

You should not use the TCP test on a Routerboard. If you want to test TCP performance: use 2 PC's with IPERF.

Are you kidding me?
by Squidblacklist
Tue Jul 02, 2013 7:06 am
Forum: RouterBOARD hardware
Topic: RB750GL Crappy Bandwidth 10mbps w bwtest. on GB Link
Replies: 7
Views: 2262

RB750GL Crappy Bandwidth 10mbps w bwtest. on GB Link

Can someone explain to me why Im only able to send 10mbps (ok 13mbps whatever) over a direct local gigabit link using bwtest to an RB750GL??? Thats not gigabit speeds thats 10/100 speed. Also I can only recieve at 50mbps. Heres a screenshot. Keep in mind, my pc is connected directly to the unit and ...
by Squidblacklist
Mon Jul 01, 2013 12:13 pm
Forum: RouterBOARD hardware
Topic: RB750GL rebooting every 2 hours, what gives?
Replies: 4
Views: 1276

Re: RB750GL rebooting every 2 hours, what gives?

UPDATE: Confirmed, I have had zero issues with rebooting since making those changes I mentioned in my previous reply. Hope someone else finds this thread useful. I do find it strange that this issue does not affect my old RB532a, yet does affect the newer product. But they are totally different devi...
by Squidblacklist
Sun Jun 30, 2013 8:59 am
Forum: RouterBOARD hardware
Topic: RB750GL rebooting every 2 hours, what gives?
Replies: 4
Views: 1276

Re: RB750GL rebooting every 2 hours, what gives?

Ok I believe I have resolved my RB750GL rebooting issue. I was using the onboard Mikrotik Web Proxy and the default settings I believe were to 128k max cache object size which I believe was resulting in excessive read/writes to flash/ram So I reduced the max object size to 8kb and the router hasnt r...
by Squidblacklist
Sun Jun 30, 2013 7:52 am
Forum: Wireless Networking
Topic: EoIP Bridge overloads CPU and Bandwidth
Replies: 6
Views: 3715

Re: EoIP Bridge overloads CPU and Bandwidth

I figured out the issue with my unit, Im using the mikrotik web proxy to redirect to my upstream proxy, apparently 128k default max object size is too large and causes excessive flash reads/writes I reduced Mac Cache Object Size to 8k and the RB750GL unit hasnt rebooted once since. Which is just fin...
by Squidblacklist
Sat Jun 29, 2013 5:05 pm
Forum: Wireless Networking
Topic: EoIP Bridge overloads CPU and Bandwidth
Replies: 6
Views: 3715

Re: EoIP Bridge overloads CPU and Bandwidth

I also have an RB750GL that cpu overloads, unit becomes unresponsive and reboots from watchdog timer every hour, Im about ready to smash it with a hammer.
by Squidblacklist
Sat Jun 29, 2013 1:14 am
Forum: The Dude
Topic: How to keep The Dude probes from returning?
Replies: 2
Views: 1562

Re: How to keep The Dude probes from returning?

poppycock, the probes still return.
by Squidblacklist
Thu Jun 27, 2013 7:02 pm
Forum: General
Topic: Newly Created Users, the User accounts do not work, why?
Replies: 4
Views: 868

Re: Newly Created Users, the User accounts do not work, why?

Good advice, but I just discovered, I believe I had a failing dc power adapter, Things are working good now.
by Squidblacklist
Thu Jun 27, 2013 6:47 pm
Forum: RouterBOARD hardware
Topic: RB750GL rebooting every 2 hours, what gives?
Replies: 4
Views: 1276

Re: RB750GL rebooting every 2 hours, what gives?

Well, I actually found the problem. It was apparently a bad dc power adapter that shipped with the unit. In all fairness to Mikrotik, I got this "like new" off ebay. After putting a replacement dc power supply of 12v 1000ma in, the unit ran all night and is still currently up. I know its a bit early...
by Squidblacklist
Thu Jun 27, 2013 7:02 am
Forum: General
Topic: Newly Created Users, the User accounts do not work, why?
Replies: 4
Views: 868

Re: Newly Created Users, the User accounts do not work, why?

Why do you want me to print screen? Ive been using mikrotiks for years, I know how to create users.

I think this is a defective unit.
by Squidblacklist
Wed Jun 26, 2013 11:31 am
Forum: General
Topic: Newly Created Users, the User accounts do not work, why?
Replies: 4
Views: 868

Newly Created Users, the User accounts do not work, why?

I have a new RB750GL and when I create user accounts in winbox, they do not work

I cant ssh in, I cant winbox in, I cant ftp in using those user accounts.

Ive tried, full, read, etc etc, nothing works.

What gives?

(btw, the admin account works, and I can change passw and login just fine with it)
by Squidblacklist
Wed Jun 26, 2013 11:29 am
Forum: The Dude
Topic: How to keep The Dude probes from returning?
Replies: 2
Views: 1562

How to keep The Dude probes from returning?

I would like to run the dude, but I wont. And here is why I wont. I remove the probes from The Dude to keep all of my servers logs from being flooded with nonsense like ssh auth attempts and http requests, and very the next day, BAM! the fricking probes are right back again and flooding my server lo...
by Squidblacklist
Wed Jun 26, 2013 11:09 am
Forum: RouterBOARD hardware
Topic: RB750GL rebooting every 2 hours, what gives?
Replies: 4
Views: 1276

RB750GL rebooting every 2 hours, what gives?

Yes I have had an RB532a for years that has been rock solid running as an access point. So I recently purchased an RB750GL as my core router for my home network. Im running the stock config with RoS 6.1 and it reboots at least every two hours, sometimes every hour, its really aggravating. Anyone kno...