I would be interested to see such functionality in the address lists.
Code: Select all
/ip firewall address-list add list=hosts address=192.168.0.0/16 wildcard=255.255.10-20.255
Code: Select all
/ip firewall address-list add list=hosts address=192.168.0.0/16 wildcard=255.255.0.10
Code: Select all
/ip firewall address-list add list=hosts address=192.168.0.0/16 wildcard=255.255.255.10,15,20,30-35
Code: Select all
/ip firewall address-list add list=GOOGLE address=AS15169
Code: Select all
[admin@MT-AP-KIRILL-ROOM] /ip firewall address-list> pr
Flags: X - disabled, D - dynamic
# LIST ADDRESS CREATION-TIME TIMEOUT
0 GOOGLE AS15169 apr/06/2019 01:07:35
1 D ;;; AS15169
GOOGLE 103.21.184.0/22 apr/06/2019 01:27:57
2 D ;;; AS15169
GOOGLE 103.227.68.0/22 apr/06/2019 01:27:57
3 D ;;; AS15169
GOOGLE 103.240.192.0/22 apr/06/2019 01:27:57
.......
Code: Select all
/ip firewall address-list add list=mysite.com address=*.mysite.com
I know that you cannot get a list of sub domains, but if the router is a DNS server, it can find all such domains that are in the cache.