#This script will take the routes added via BGP peering from Spamhaus and add to fw address list "BotNetCCandDrop" so that inbound and outbound traffic can be blocked by fw RAW rules.
{
:local RawIP;
:local i;
:local exportcmds;
:local filename "BotNetAndDrop"
#Initialize file. Creates and clears file. Note that this put .txt on the end of the filename.
/file print file=$filename; 
delay 2s;
/file set "$filename.txt" contents="";
:set exportcmds ($exportcmds . "#Import script to add BoNetCCandDROP list to router\r\n /ip firewall address-list\r\n")
#/file set "$filename.txt" contents=$exportcmds;

#initilize output file
#
#/file set $filename contents=$exportcmds;
#:set exportcmds [/file get $filename contents];


#remove existing list
/ip firewall address-list remove [/ip firewall address-list find list="BotNetCCandDrop"];

:foreach i in=[/ip route find where bgp-as-path=65190 active ] do={
   :set $RawIP  [/ip route get $i dst-address];
#  :log info "adding IP $RawIP to BotNetCC list";
   /ip firewall address-list add address=[/ip route get $i dst-address]  list=BotNetCCandDrop timeout=1d;
   :set exportcmds ($exportcmds . "add address=$RawIP list=BotNetCCandDROP timeout=1d;\r\n");
#  :log info "add address=$RawIP list=BotNetCCandDROP timeout=1d;";
}
#:log info "filename=$filename.txt";
#:log info "file contents=$exportcmds";
/file set "$filename.txt" contents=$exportcmds;
}

/file print file=test;
:delay 2s;
/file set test.txt contents="/ip firewall address-list\n"; 
:foreach i in=[/ip firewall address-list find where list=test] do={:local contents [/file get test.txt contents]; :set contents ($contents . "add address=$[/ip firewall address-list get $i address] list=$[/ip firewall address-list get $i list] timeout=1d\n");/file set test.txt contents=$contents}