An example and it contains the assumption that the IP address is labeled address but it data in real:
:foreach i in=[/ip dns cache all find where name~"tiktok" && static=no] do={
:local tmpIP [/ip dns cache get $i data]
if ([:len [/ip firewall address-list find where address=$tmpIP list=tiktok-hosts]]=0) do {
/ip firewall address-list add address=$tmpIP list=tiktok-hosts
:log info "added entry: $tmpIP"
}
}
http://forum.mikrotik.com/t/script-for-adding-dns-entries-to-an-address-list-fails/138932/1
Yours with data instead of address and matching is now correctly name~“(facebook|youtube)”, to try:
:foreach i in=[/ip dns cache find name~"(facebook|youtube)" ] do={
:local tmpAddress [/ip dns cache get $i data];
:local cacheName [/ip dns cache get $i name] ;
delay delay-time=10ms
:if ( [/ip firewall address-list find where address=$tmpAddress] = "") do={
:log info ("added entry: $cacheName $tmpAddress");
/ip firewall address-list add address=$tmpAddress list=restricted comment=$cacheName;
}}
I assume that something changed since we can use also other types of DNS entries since a few versions.