Hello MikroTik Community,
I am trying to automate blocking bad IPs on my hEX E50UG (Level 4 license) using a scheduler script. My script fetches the Emerging Threats blocklist from the internet and updates the firewall address list.
Here’s my script (simplified for clarity):
# Remove old bad IPs
/ip firewall address-list remove [find list=bad_ips]
# Fetch Emerging Threats blocklist into memory
:local fetched [/tool fetch url="https://rules.emergingthreats.net/fwrules/emerging-Block-IPs.txt" mode=http as-value output=user]
:local content ($fetched->"data")
:local lines [:toarray $content]
# Add IPs to firewall
:foreach ip in=$lines do={
:if ([:typeof $ip] = "str" && [:pick $ip 0 1] != "#" && $ip != "") do={
/ip firewall address-list add list=bad_ips address=$ip
}
}
When I try to run this script manually or via the scheduler, I get the following error:
failure: not allowed by device-mode
Observations:
- I’ve tried
output=user(fetch into memory) to avoid file writes, but it still fails.
My questions:
-
Is this a known restriction on hEX E50UG device mode?
-
Is there a recommended workaround to automate fetching and updating IP blocklists via scheduler on E50UG?
-
Can this limitation be bypassed without external servers, or is it a security restriction by design?
Thank you in advance for any guidance!