a script to save an IP-List

markus_maximus · Tue Jun 12, 2007 8:51 am

I set up some rules that add IP's to an address list. whats the easiest way to save the accumulated IP addresses in the list to a file?

skillful · Tue Jun 12, 2007 11:03 am

/ip address export file=ipaddress

This will make a file called ipaddress.rsc and place it in /file. Just drag and drop it into your system.

markus_maximus · Wed Jun 13, 2007 5:51 am

Thank you, but thats not what I had in mind. What you posted only saves the rules. say for example I set up a firewall filter rule that added IP's to an address-list like this:

chain=forward protocol=tcp dst-port=80 content=Forwarded-For:             
     connection-limit=5,32 packet-size=1-400 action=add-src-to-address-list    
     address-list=Proxy address-list-timeout=8h

Now after that rule has added IP's to the list named 'Proxy' for traffic that met the criteria, I'd like to be able to save that list to a file that I can use on my desktop. Currently the best I can do is a console dump of: ip firewall address-list> print. That works, I was just wondering If there was a better way where I could only save the specific list.

changeip · Wed Jun 13, 2007 8:41 am

/ip firewall address-list export file=myaddresses.rsc

markus_maximus · Wed Jun 13, 2007 1:08 pm

once again, that will only save the address-list rules and not the actual lists that have been populated dynamically.

If i run that command you provided, I get(only a partial list):

# jun/13/2007 05:58:18 by RouterOS 2.9.42
# software id = P73F-RXT
#
/ ip firewall address-list
add list=Safe-List address=192.168.0.0/24 comment="" disabled=no
add list=Safe-List address=192.168.99.0/24 comment="" disabled=no
add list=Safe-List address=68.87.64.146 comment="" disabled=no
add list=Safe-List address=68.87.75.194 comment="" disabled=no
...

So that will not show any ip addresses that are added to the list dynamically by other rules.
ip firewall address-list> print actually shows all ips in all lists (static and dynamic) so for now I can be happy with a console dump.

jmlalley · Thu Jun 14, 2007 6:17 am

I also am unable to export a dynamic address list and would appreciate help

Joe

jmlalley · Thu Jun 14, 2007 2:39 pm

/ip firewall address-list pr list=my_dynamic_address_list file=exported_list

will export the dynamic list called my_dynamic_address_list to a file called exported_list.txt which can then be retrieved via FTP from the box.

markus_maximus · Thu Jun 14, 2007 7:41 pm

Thank you! thats what I was looking for.

Chupaka · Mon Feb 11, 2008 1:23 am

/ip firewall address-list pr list=my_dynamic_address_list file=exported_list

this do not work more in v3 =(
there's no 'list=' argument

what is the syntax of 'print where'?

mrz · Mon Feb 11, 2008 11:29 am

/ip firewall address-list print where list="myList"

Chupaka · Mon Feb 11, 2008 3:17 pm

/ip firewall address-list print where list="myList"

yesssss!

[admin@MikroTik] > ip firewall address-list print where list="blablabla"
Flags: X - disabled, D - dynamic 
 #   LIST       ADDRESS                        
 0   ban        192.168.10.32                  
 1   ban        192.168.12.9                   
 2   ban        192.168.20.101                 
 3   ban        192.168.16.19                  
 4   ban        192.168.19.13                  
 5   unban      192.168.0.1                    
 6   unban      192.168.0.5                    
 7   unban      192.168.0.8                    
 8   unban      192.168.0.9                    
 9   unban      192.168.0.10                   
10   unban      192.168.0.11

version 3.2 =(

mrz · Mon Feb 11, 2008 4:06 pm

put space after list="blablabla" and then hit enter. This is known bug and Mikrotik promised to fix this in one of upcoming releases.

markus_maximus · Wed Jun 17, 2009 5:16 am

OK this will save the address list,tcp-syn-flood , to a file named ddos.txt:

/ip firewall address-list print file=ddos where list="tcp-syn-flood"

Now does anyone know how i could populate an address list in the router from a .txt file I saved this way?

mrz · Wed Jun 17, 2009 8:33 am

You can parse file to get data you need,
here you can find simple example on how it can be done
http://wiki.mikrotik.com/wiki/Scripting ... pp_secrets

spire2z · Thu Jan 05, 2012 11:03 pm

Would it be possible in above example as an additional step to read this file by ftp from another mikrotik router and then add the addresses to it's dynamic list?

meetec · Sat Nov 01, 2014 10:36 am

I would add just one more thing ...

 /ip firewall address-list print file=filename where list="BLABLA"

Chupaka · Sat Nov 01, 2014 1:47 pm

I would add just one more thing ...
Code: Select all
 /ip firewall address-list print file=filename where list="BLABLA"

hm... what's the change compared to, for example, this post?

Drizzt · Thu Feb 19, 2015 12:40 am

Scrip to read the txt file and import it back into a dynamic list.

if ( [/file get [/file find name=dynamic.txt] size] > 0 ) do={
	:global content [/file get [/file find name=dynamic.txt] contents] ;
	:global contentLen [ :len $content ] ;

	:global lineEnd 0;
	:global line "";
	:global lastEnd 0;
	:global addrip "";
	:global list "";
	:global timeout "";
	:global end 0;
	
	:do {
		:set lineEnd [:find $content "\n" $lastEnd ] ;
		:set line [:pick $content $lastEnd $lineEnd] ;
		:set lastEnd ( $lineEnd + 1 ) ;
		:if ( [:pick $line 0 1] != "#" and [:pick $line 0 1] != "F" and [:pick $line 0 2] != " #" and [:len $line ] > 40) do={
			:set end [:find $line " " 27] ;
			:set addrip [:pick $line 27 $end] ;
			:set end [:find $line " " 5] ;
			:set list [:pick $line 5 $end] ;
			:set end [:find $line " " 59] ;
			:set timeout [:pick $line 59 $end] ;
			:put "IP: $addrip, list: $list, timeout: $timeout"
			/ip firewall address-list add address=$addrip list=$list timeout=$timeout comment="imported"
		}
	} while ($lineEnd < $contentLen)
}

Sabat · Thu Mar 02, 2017 1:47 pm

I would add just one more thing ...
Code: Select all
 /ip firewall address-list print file=filename where list="BLABLA"

how can I use it with neighbour list?

Chupaka · Thu Mar 02, 2017 2:21 pm

how can I use it with neighbour list?

/ip neighbor print file=filename

a script to save an IP-List

a script to save an IP-List

Re: a script to save an IP-List

Re: a script to save an IP-List

Re: a script to save an IP-List

Re: a script to save an IP-List

Re: a script to save a dynamic IP-List

Re: How to save a dynamic IP-List

Re: a script to save an IP-List

Re: How to save a dynamic IP-List

Re: a script to save an IP-List

Re: a script to save an IP-List

Re: a script to save an IP-List

Re: a script to save an IP-List

Re: a script to save an IP-List

Re: a script to save an IP-List

Re: a script to save an IP-List

Re: a script to save an IP-List

Re: a script to save an IP-List

Re: a script to save an IP-List

Re: a script to save an IP-List

Who is online