i have a text file contain a list of domains
i want to import the domains to address-list firewall
please help me to write this script.
thanx.
Re: i need a script fr import the text file
just add the needed command infront of the domains in your text file.
for example if your list contains such items:
then use some text editor to change it into this:
then save this file as name.rsc and it will be ready for importing with the import command
for example if your list contains such items:
Code: Select all
1.1.1.1
2.2.2.2
3.3.3.3
4.4.4.4
Code: Select all
/ip firewall address-list add list=drop_traffic 1.1.1.1
/ip firewall address-list add list=drop_traffic 2.2.2.2
/ip firewall address-list add list=drop_traffic 3.3.3.3
/ip firewall address-list add list=drop_traffic 4.4.4.4
Code: Select all
/import name.rscRe: i need a script fr import the text file
thanx alot
but a problem
the host same:
vzshuq.com
abc.cpm
irna.ir
not same:
1.1.1.1
2.2.2.2
3.3.3.3
4.4.4.4
but a problem
the host same:
vzshuq.com
abc.cpm
irna.ir
not same:
1.1.1.1
2.2.2.2
3.3.3.3
4.4.4.4
Re: i need a script fr import the text file
Firewall address-list can only store IPs.
Include ':resolve' for each domain listed in file:
Ex.
Edit:
Possibly a better approach (greatly reduces file size and offers more flexibility):
Include ':resolve' for each domain listed in file:
Ex.
Code: Select all
/ip firewall address-list {
add list=drop_traffic address=[:resolve vzshuq.com]
add list=drop_traffic address=[:resolve abc.cpm]
add list=drop_traffic address=[:resolve irna.ir]
}
Possibly a better approach (greatly reduces file size and offers more flexibility):
Code: Select all
:local domains {"vzshuq.com";
"abc.cpm";
"irna.ir";}
/ip firewall address-list {
:foreach d in=[:toarray $domains] do={
add list=drop_traffic address=[:resolve [:tostr $d]]
}
}
Re: i need a script fr import the text file
dont forget that if the :resolve fails the entire script will abort ... hopefully this will be improved in newer RouterOS versions (if it hasnt already? not in any release notes)
Re: i need a script fr import the text file
To solve this problem, here is my solution:dont forget that if the :resolve fails the entire script will abort ... hopefully this will be improved in newer RouterOS versions (if it hasnt already? not in any release notes)
Code: Select all
:local domains {"vzshuq.com";
"abc.cpm";
"irna.ir";}
:foreach d in=[:toarray $domains] do={
:execute ("/ip firewall address-list add list=drop_traffic address=[:resolve " . [:tostr $d] . "]")
}
Re: i need a script fr import the text file
thanks again
"vzshuq.com"
"abc.cpm"
"irna.ir"
"..."
this domain names are in the file with name domains.txt
domain names are Thousands.
"vzshuq.com"
"abc.cpm"
"irna.ir"
"..."
this domain names are in the file with name domains.txt
domain names are Thousands.
Re: i need a script fr import the text file
I think what you really need to use is http proxy. Converting names to ip will not be reliable when sites are load balancing, multiple sites behind one IP etc.
Re: i need a script fr import the text file
reza.mnp,
What are you trying to accomplish with the address-list?
If you're trying to block web (http) traffic, a web-proxy would be the way to go as rmichael mentioned.
If any other purpose, create a parser that reads the file domains.txt and places "<domain>"; around it.
Ex.
Then open the file and add :local domains { to the beginning, and } to the ending.
What are you trying to accomplish with the address-list?
If you're trying to block web (http) traffic, a web-proxy would be the way to go as rmichael mentioned.
If any other purpose, create a parser that reads the file domains.txt and places "<domain>"; around it.
Ex.
Code: Select all
Unmodified file:
domain1.tld
domain2.tld
domain3.tld
Edited file:
"domain1.tld";
"domain2.tld";
"domain3.tld";
Re: i need a script fr import the text file
i have a file with name domains.txt
this file contains a list of domain names.
i want to create a script can add the ip adders of host name into address list.
and then detect the lan hosts that visit the domains list.
this file contains a list of domain names.
i want to create a script can add the ip adders of host name into address list.
and then detect the lan hosts that visit the domains list.
Re: i need a script fr import the text file
1. address list CAN'T contain domain names
2. you must use Proxy and Proxy Access List
2. you must use Proxy and Proxy Access List
Re: i need a script fr import the text file
Normis, he mentions thousands of entries - can routerboard handle it?1. address list CAN'T contain domain names
2. you must use Proxy and Proxy Access List
Re: i need a script fr import the text file
yes, we have a customer who uses thousands of adult sites in the proxy access list and doesn't complain. for this reason, opendns would be a much easier solution, as maintaining such large lists would be a pain
Re: i need a script fr import the text file
A couple of months back there was somebody trying to add a very large HOSTS file into the proxy. When I tested it on a 750G it nearly ran out of memory and crashed hard, it took a very long time to finish running the script that removed all the entries again.
Edit: http://forum.mikrotik.com/viewtopic.php?f=2&t=38540 here is the thread - looks like rmichael was trying it out, too.
Edit: http://forum.mikrotik.com/viewtopic.php?f=2&t=38540 here is the thread - looks like rmichael was trying it out, too.
Re: i need a script fr import the text file
http://www.epicwinrar.com/conficker/domains.txt
this file size: 3.53 mb - 2100 page of domain name
http://wiki.mikrotik.com/wiki/Conficker-Virus-Blocking
this page for detect infected host with conficker virus
#download current days domain list
/tool fetch address=www.epicwinrar.com host=www.epicwinrar.com mode=http src-path="conficker/$month-$day-$year.txt"
:log info "Download Complete"
i want replace "conficker/$month-$day-$year.txt" with "conficker/domains.txt"
thanx alot
this file size: 3.53 mb - 2100 page of domain name
http://wiki.mikrotik.com/wiki/Conficker-Virus-Blocking
this page for detect infected host with conficker virus
#download current days domain list
/tool fetch address=www.epicwinrar.com host=www.epicwinrar.com mode=http src-path="conficker/$month-$day-$year.txt"
:log info "Download Complete"
i want replace "conficker/$month-$day-$year.txt" with "conficker/domains.txt"
thanx alot
Re: i need a script fr import the text file
And what problem are you having doing that? Replace the src-path argument as you described.
Re: i need a script fr import the text file
Code: Select all
:local date [/system clock get date]
#download current days domain list
/tool fetch address=www.epicwinrar.com host=www.epicwinrar.com mode=http src-path="conficker/domains.txt"
:log info "Download Complete"
:delay 2
#check to ensure todays file exists before deleting yesterdays list
:log info "Begining Address List Modification"
:if ( [/file get [/file find name="domains.txt"] size] > 0 ) do={
:local content [/file get [/file find name="domains.txt"] contents] ;
:local contentLen [ :len $content ] ;
:local lineEnd 0;
:local line "";
:local lastEnd 0;
:do {
:set lineEnd [:find $content "\n" $lastEnd ] ;
:set line [:pick $content $lastEnd $lineEnd] ;
:set lastEnd ( $lineEnd + 1 ) ;
#resolve each new line and add to the address list daily-conficker. updated to list domain as comment
:if ( [:pick $line 0 1] != "\n" ) do={
:local entry [:pick $line 0 ($lineEnd ) ]
:if ( [:len $entry ] > 0 ) do={
:local listip [:resolve "$entry"]
:if ($listip != "failure" ) do={
:if ((/ip firewall address-list find list=daily-conficker address=$listip) = "") do={
/ip firewall address-list add list=daily-conficker address=$listip comment=$entry
:log info "$listip"
} else={:log info "duplicate IP $entry"}
}
}
}
} while ($lineEnd < $contentLen)
}
:log info "Address List Modification Complete"Code: Select all
system script run daily-conficker-list
status: finished
Re: i need a script fr import the text file
Like I said, you cannot read in files that are over 4096 bytes in size. That file is over 3 megs.
Re: i need a script fr import the text file
I suspect that large client using ROS proxy with thousands of ACL entries, that Normis mentions, is using a PC with much more power and memory.
Edit: http://forum.mikrotik.com/viewtopic.php?f=2&t=38540 here is the thread - looks like rmichael was trying it out, too.
Re: i need a script fr import the text file
reza.mnp, don't do it via script, scripts can't take so much data. use EXPORT file to IMPORT, like I wrote above