MikroTik

Community discussions
https://forum.mikrotik.com/

help to solve issue in script " dns to address lists scripts "

https://forum.mikrotik.com/viewtopic.php?t=165548

Page 1 of 1

help to solve issue in script " dns to address lists scripts "

Posted: Sat Aug 29, 2020 5:35 am
by anassar26
hi all
i am using this script to collect YouTube & Facebook IP addresses in DNS cache ( for block or separate route )
but it is not working and get result "input does not match any value of value-name"
please help me to solve issue

i print dns cash to find Facebook and YouTube in cach and get result below but when i run script get "input does not match any value of value-name" :
[admin@MikroTik] /ip dns cache> print
Flags: S - static
# NAME TYPE DATA TTL
4 S www.youtube.com A 216.239.38.120 1d
10 www.facebook.com CNAME star.c10r.facebook.com 44m31s
11 graph.facebook.com CNAME api.facebook.com 44m31s

# Script :
:foreach i in=[/ip dns cache all find where (name~"facebook" || name~"youtube") && (type="A") ] do={
:local tmpAddress [/ip dns cache get $i address];
delay delay-time=10ms
#prevent script from using all cpu time
:if ( [/ip firewall address-list find where address=$tmpAddress] = "") do={
:local cacheName [/ip dns cache get $i name] ;
:log info ("added entry: $cacheName $tmpAddress");
/ip firewall address-list add address=$tmpAddress list=restricted comment=$cacheName;
}}

Re: help to solve issue in script " dns to address lists scripts "

Posted: Sun Aug 30, 2020 4:14 pm
by anassar26
any help please

Re: help to solve issue in script " dns to address lists scripts "

Posted: Sun Aug 30, 2020 5:25 pm
by msatter
Try this:
Code: Select all
:foreach i in=[/ip dns cache find name~("facebook"|"youtube") type="A"]

Re: help to solve issue in script " dns to address lists scripts "

Posted: Sun Aug 30, 2020 9:51 pm
by anassar26
Try this:
Code: Select all
:foreach i in=[/ip dns cache find name~("facebook"|"youtube") type="A"]
first many thanks
i try script after your modification but i got no result in address list
please help to get correct result "create list in address list for youtube and facebook" :
Code: Select all
:foreach i in=[/ip dns cache find name~("facebook"|"youtube") ] do={
:local tmpAddress [/ip dns cache get $i address];
:local cacheName [/ip dns cache get $i name] ;
delay delay-time=10ms
:if ( [/ip firewall address-list find where address=$tmpAddress] = "") do={         
:log info ("added entry: $cacheName  $tmpAddress");
/ip firewall address-list add address=$tmpAddress list=restricted comment=$cacheName;
}}
[/quote]

Re: help to solve issue in script " dns to address lists scripts "

Posted: Mon Aug 31, 2020 10:52 am
by msatter
An example and it contains the assumption that the IP address is labeled address but it data in real:
Code: Select all
:foreach i in=[/ip dns cache all find where name~"tiktok" && static=no] do={
	:local tmpIP [/ip dns cache get $i data]
	if ([:len [/ip firewall address-list find where address=$tmpIP list=tiktok-hosts]]=0) do {
		/ip firewall address-list add address=$tmpIP list=tiktok-hosts
		:log info "added entry: $tmpIP"
	}
}
viewtopic.php?f=9&t=160442&p=788842&hil ... he#p788879

Yours with data instead of address and matching is now correctly name~"(facebook|youtube)", to try:
Code: Select all
:foreach i in=[/ip dns cache find name~"(facebook|youtube)" ] do={
:local tmpAddress [/ip dns cache get $i data];
:local cacheName [/ip dns cache get $i name] ;
delay delay-time=10ms
:if ( [/ip firewall address-list find where address=$tmpAddress] = "") do={         
:log info ("added entry: $cacheName  $tmpAddress");
/ip firewall address-list add address=$tmpAddress list=restricted comment=$cacheName;
}}
I assume that something changed since we can use also other types of DNS entries since a few versions.

Re: help to solve issue in script " dns to address lists scripts "  [SOLVED]

Posted: Tue Sep 01, 2020 10:49 pm
by msatter
I assume it is working now?

Re: help to solve issue in script " dns to address lists scripts "

Posted: Wed Sep 02, 2020 7:41 am
by anassar26
I assume it is working now?
Its working awesome
Thanks 👍😊

Re: help to solve issue in script " dns to address lists scripts "

Posted: Fri Sep 11, 2020 10:37 pm
by Wangz
Tried this script and it crumbles my cpu lol. Is this normal?

Edit: I'm using Hap Ac2. Getting 30% cpu usage spike just by running a single script.

Re: help to solve issue in script " dns to address lists scripts "

Posted: Mon Sep 14, 2020 10:40 am
by msatter
You can optimize it a bit if you leave out the check and logging and then I can compress the write to one line:
Code: Select all
:foreach i in=[/ip dns cache find name~"(facebook|youtube)" ] do={
:do {/ip firewall address-list add address=[/ip dns cache get $i data] list=restricted comment=[/ip dns cache get $i name]} on-error={};
}
NOT TESTED! So please confirm if this is better.

Re: help to solve issue in script " dns to address lists scripts "

Posted: Mon Dec 28, 2020 5:42 pm
by elico
I tried the script from the wiki at:
https://wiki.mikrotik.com/wiki/Manual:S ... c_websites

But it just didn't ran..
So I came up with:
Code: Select all
:foreach i in=[/ip dns cache find name~"(youtube-ui.l.google.com|youtube.com|googlevideo.com)\$" && $type ~ "^(A|CNAME)\$" ] do={
    :local tmpAddress [/ip dns cache get $i data];
    :local cacheName [/ip dns cache get $i name] ;
    delay delay-time=10ms
    
    :if ( [/ip firewall address-list find where address=$tmpAddress list=YOUTUBE_DOMAINS ] = "") do={         
        :log info ("added entry: $cacheName  $tmpAddress");
        /ip firewall address-list add address=$tmpAddress list=YOUTUBE_DOMAINS comment=$cacheName;
    }
}
And it works pretty nice.
My basic difference was the "$" which will only match for suffix and not the whole domain.
* Updated for Address type A and CNAME

Re: help to solve issue in script " dns to address lists scripts "

Posted: Wed Oct 13, 2021 9:21 am
by anassar26
You can optimize it a bit if you leave out the check and logging and then I can compress the write to one line:
Code: Select all
:foreach i in=[/ip dns cache find name~"(facebook|youtube)" ] do={
:do {/ip firewall address-list add address=[/ip dns cache get $i data] list=restricted comment=[/ip dns cache get $i name]} on-error={};
}
NOT TESTED! So please confirm if this is better.
Best , Nice Job

Re: help to solve issue in script " dns to address lists scripts "

Posted: Wed Oct 13, 2021 1:02 pm
by msatter
Thank, it took a while I noticed. ;-)
All times are UTC+03:00
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/