Community discussions

MikroTik App
 
Konrad
just joined
Topic Author
Posts: 18
Joined: Wed Feb 01, 2017 10:01 pm

[Event]Execute command on src IP Address connecting

Sun Aug 14, 2022 12:28 pm

Hello,
I wish to know if is there a way to execute a command when a new IP address appears on ip/firewall/connection?
So each new IP will appear I need to check this Ip via sending a request URL to my service and based on the response I wish to add it to black list or not.
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 3279
Joined: Sat Dec 24, 2016 11:17 am
Location: Magrathean

Re: [Event]Execute command on src IP Address connecting

Sun Aug 14, 2022 10:01 pm

So you will like for every new inside IP to see what it is and then accept it or not?
Its possible to do using the connection but not easy. You need to store all IP in a matrix and then test all IP and see if some is new. This then have to be scheduled and run for example every 5 min.

What you can do it to convert all DHCP to static IP (set up a big enough scope, and you can remove IP not used in one year). Then for every new IP requesting DHCP send an email, or what I have done for some, setup PushBullet and get message on the phone immediately when new DHCP are request.
 
Konrad
just joined
Topic Author
Posts: 18
Joined: Wed Feb 01, 2017 10:01 pm

Re: [Event]Execute command on src IP Address connecting

Tue Aug 16, 2022 2:59 am

I mean the external IP - incoming connection to the WAN port.
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 3279
Joined: Sat Dec 24, 2016 11:17 am
Location: Magrathean

Re: [Event]Execute command on src IP Address connecting

Tue Aug 16, 2022 8:54 am

Then I do not understand what you want. There are 10000+ new IP accessing your public IP every day.
Or do you like to know when your public IP change? Why?
 
Konrad
just joined
Topic Author
Posts: 18
Joined: Wed Feb 01, 2017 10:01 pm

Re: [Event]Execute command on src IP Address connecting

Tue Aug 16, 2022 6:09 pm

I would like to check which country the client trying to reach the server. So I will use my own service to detect the country connected from and add this IP to the blacklist.
So the flow of detection will be looks like this: if MT gets the new connection, and send public IP to the service then the service will return info that should be blocked or not. But I see only one problem, the blacklist should be checked first before the service request.
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 3279
Joined: Sat Dec 24, 2016 11:17 am
Location: Magrathean

Re: [Event]Execute command on src IP Address connecting

Tue Aug 16, 2022 8:17 pm

Then block the country you do not like with access lists. You can get the from here:
https://mikrotikconfig.com/firewall/
 
Konrad
just joined
Topic Author
Posts: 18
Joined: Wed Feb 01, 2017 10:01 pm

Re: [Event]Execute command on src IP Address connecting

Sat Aug 20, 2022 9:33 pm

How often the list is updated?
 
Konrad
just joined
Topic Author
Posts: 18
Joined: Wed Feb 01, 2017 10:01 pm

Re: [Event]Execute command on src IP Address connecting

Sat Aug 20, 2022 10:16 pm

Yeah is out of date: 94.19.103.74, but not only this list is out of date, GeoLite2 is too... :(
So I need to create a service for it.
 
User avatar
jvanhambelgium
Forum Veteran
Forum Veteran
Posts: 985
Joined: Thu Jul 14, 2016 9:29 pm
Location: Belgium

Re: [Event]Execute command on src IP Address connecting

Sat Aug 20, 2022 11:30 pm

IP2location.com LITE no alternative ? (updated 1x / month which is not that bad)
 
Konrad
just joined
Topic Author
Posts: 18
Joined: Wed Feb 01, 2017 10:01 pm

Re: [Event]Execute command on src IP Address connecting

Thu Aug 25, 2022 6:33 pm

Ok, I need to execute the script from MT on the new connection income on WAN, how to catch it?

Who is online

Users browsing this forum: JDF, patrikg, rextended and 28 guests