Kau bisa bersembunyi dari kesalahanmu, tapi tidak dari penyesalanmu. Kau bisa bermain dengan dramamu, tapi tidak dengan karmamu.

  • About

    Seorang Teknisi Jaringan yang pernah berkecimpung di Internet Service Provider (ISP) dan akhirnya memutuskan diri untuk menjadi freelancer yang berdomisili di Solo, Surakarta Hadiningrat.

  • Services

    Melayani jasa pasang Internet berbasis Wireless maupun Fiber Optic, Jasa Pasang Tower/Pipa, Pointing Wireless, Setting Router, CCTV, Hotspot, Proxy, Web Server, Network Managed dan Monitoring

  • Contact

    Berbagai saran, kritikan, keluhan dan masukan akan sangat berarti bagi saya. Anda dapat menghubungi/whatsapp saya di nomor:08564-212-8686 atau melalui BBM:2128686

    Sunday, April 5, 2020

    Update Script Mikrotik

    Posted by .::[ RahoX ]::. 12:14 PM No comments
    OK, kali ini saya akan share script mentah untuk update ip list yang nantinya bikin script lagi buat dijalanin di mikrotik.

    #!/bin/bash
wget -O all.txt https://lists.blocklist.de/lists/all.txt
sleep 2
rm -rf blocked.rsc
touch blocked.rsc
DATE=$(date '+%d/%m/%Y %H:%M:%S')
LINE=$(wc -l all.txt | awk '{print $1}')
echo -e "# Generated at $DATE ... $LINE lines\n# Sumber: https://lists.blocklist.de/lists/all.txt\n# Silahkan bisa ditambahkan di router masing-masing\n# Supported by: https://yam.net.id\n\n# Add scheduler\n:if ([:len [/system scheduler find name=\"autoupdate\"]]=0) do={\n/system scheduler add name=autoupdate on-event=\"/tool fetch url=http://103.146.184.12/dump/blocked.rsc;:delay 1;/import blocked.rsc\" interval=\"2d 00:00:00\" start-time=04:00:00}\n\n# Start blocking now\n:if ([:len [/ip fi fi find comment=BLOCKED]]=0) do={\n/ip fi fi add chain=input src-address-list=BLOCKED protocol=udp dst-port=!80,443 action=drop comment=BLOCKED\n/ip fi fi add chain=input src-address-list=BLOCKED protocol=tcp dst-port=!80,443 action=reject reject-with=icmp-network-unreachable comment=BLOCKED\n/ip fi fi add chain=forward src-address-list=BLOCKED protocol=tcp dst-port=!80,443 action=reject reject-with=icmp-network-unreachable comment=BLOCKED\n/ip fi fi add chain=forward src-address-list=BLOCKED protocol=udp dst-port=!80,443 action=drop comment=BLOCKED}\n\n# Clearing address-list\n/ip firewall address-list\nadd list=BLOCKED address=1.2.3.4\nremove [find list=BLOCKED]\n# Kasih jeda\n:delay 2\n" > blocked.rsc
cat all.txt | grep "[0-9][0-9]*\.[0-9][0-9]*\.[0-9][0-9]*\.[0-9][0-9]$" | awk '{print "/ip firewall address-list add list=BLOCKED address="$1 }' >> blocked.rsc

    

    

    

    
reference :
    

    
https://deadc0de.re/articles/unbound-blocking-ads.html
    

    

    
Download the list you're interested to block (for example ads+malwares+social networks)
    

    

    $ wget https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/social/hosts

    

    

    
Entries in the host file are in the form 0.0.0.0 <domain> and unbound needs something like this:
    

    

    local-zone: "<domain>" redirect
local-data: "<domain> A 0.0.0.0"

    

    

    
Following awk command will transform the list into something that unbound understands:
    

    

    $ cat hosts | grep '^0\.0\.0\.0' | awk '{print "local-zone: \""$2"\" redirect\nlocal-data: \""$2" A 0.0.0.0\""}' > ads.conf 
    

    
Finally copy the resulting file to pfsense (or to your DNS resolver running unbound).

    

    


    



    

    

    

    

    , , 
    

    

    

    

    


    

    


    
0
comments:
        

    

    

    

    

    

    

    


    Post a Comment
    

    

    






    

    


    

    

        
    
      


    

    

    

    
Subscribe to:
Post Comments (Atom)

    

    

    

    

    

    

    


    

    

    


    

    

    

    ABOUT ME
    

    

    

    

    BLOG ROLL
    

    

    

    

    FOLLOWERS