Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Tested on mikrotik RouterOs v. 5.26
- /ip firewall filter
- add action=drop chain=forward comment="Drop anonymox" disabled=no \
- dst-address-list=anonymox protocol=tcp
- add action=drop chain=forward disabled=no dst-address-list=anonymox protocol=\
- udp
- /system scheduler
- add disabled=no interval=11m name=anonymox on-event=anonymox policy=\
- ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api \
- start-time=startup
- /system script
- add name=anonymox policy=\
- ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api \
- source=":foreach i in=[/ip dns cache find] do={\r\
- \n:local bNew \"true\";\r\
- \n:local cacheName [/ip dns cache all get \$i name] ;\r\
- \n# :put \$cacheName;\r\
- \n\r\
- \n:if ([:find \$cacheName \"anony\"] != 0) do={\r\
- \n\r\
- \n:local tmpAddress [/ip dns cache get \$i address] ;\r\
- \n# :put \$tmpAddress;\r\
- \n\r\
- \n# if address list is empty do not check\r\
- \n:if ( [/ip firewall address-list find ] = \"\") do={\r\
- \n:log info (\"added entry: \$[/ip dns cache get \$i name] IP \$tmpAddress\
- \");\r\
- \n/ip firewall address-list add address=\$tmpAddress list=anonymox comment\
- =\$cacheName;\r\
- \n} else={\r\
- \n:foreach j in=[/ip firewall address-list find ] do={\r\
- \n:if ( [/ip firewall address-list get \$j address] = \$tmpAddress ) do={\
- \r\
- \n:set bNew \"false\";\r\
- \n}\r\
- \n}\r\
- \n:if ( \$bNew = \"true\" ) do={\r\
- \n:log info (\"added entry: \$[/ip dns cache get \$i name] IP \$tmpAddress\
- \");\r\
- \n/ip firewall address-list add address=\$tmpAddress list=anonymox comment\
- =\$cacheName;\r\
- \n}\r\
- \n}\r\
- \n}\r\
- \n}\r\
- \n}"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement