Mikrotik RouterOS Malicious IP Blacklist – Firewall Import Script

We have published a malicious ip blacklist for free! Combined dshield and spamhaus malicious blacklists formatted for Mikrotik RouterOS .rsc import script to firewall address list, updated daily and formatted by our servers for easy import and download into your Mikrotik Router.

Enter the following into your task scheduler in winbox or via routeros terminal session.

/tool fetch address=www.squidblacklist.org host=www.squidblacklist.org mode=http src-path=/downloads/drop.malicious.rsc
:delay 10
import drop.malicious.rsc

Like shown in the above image

Please note that on our test unit, we actually added a second scheduled rule for the entry ‘ import drop.malicious.rsc’ that runs approx 1 minute after the download script runs, we did that in order to make it work on an RBmAP2 unit, and this may work best for you as well.   We have ours here in the office updating every three hours.

Also for the novice to intermediate RouterOS administrator, its important for you to understand that you will also need to add NAT rules to drop the traffic in order to actually have these entries blocked, which is easily done by simply adding chain=dst action=drop entries for the three address lists that this script will add.