Чистим интернет от назойливой рекламы (AD Blocker для MikroTik)

 https://stopad.cgood.ru/

## StopAD - Script for blocking advertisements, based on your defined hosts files ## For changing any parameters, please, use this link: https://stopad.cgood.ru/ ## ## @github <https://github.com/tarampampam/mikrotik-hosts-parser> ## @version 4.4.0 ## ## Setup this Policy for script: [X] Read [X] Write [X] Policy [X] Test :local hostScriptUrl "https://stopad.cgood.ru/script/source?format=routeros&version=4.4.0&redirect_to=127.0.0.1&limit=5000&sources_urls=https%3A%2F%2Fcdn.jsdelivr.net%2Fgh%2Ftarampampam%2Fmikrotik-hosts-parser%40master%2F.hosts%2Fbasic.txt,https%3A%2F%2Fadaway.org%2Fhosts.txt,https%3A%2F%2Fwww.malwaredomainlist.com%2Fhostslist%2Fhosts.txt,https%3A%2F%2Fpgl.yoyo.org%2Fadservers%2Fserverlist.php%3Fhostformat%3Dhosts%26showintro%3D0%26mimetype%3Dplaintext&excluded_hosts=localhost,localhost.localdomain,broadcasthost,local,ip6-localhost,ip6-loopback,ip6-localnet,ip6-mcastprefix,ip6-allnodes,ip6-allrouters,ip6-allhosts"; :local scriptName "stop_ad.script"; :local backupFileName "before_stopad"; :local logPrefix "[StopAD]"; do { /tool fetch check-certificate=no mode=https url=$hostScriptUrl dst-path=("./".$scriptName); :delay 3s; :if ([:len [/file find name=$scriptName]] > 0) do={ /system backup save name=$backupFileName; :delay 1s; :if ([:len [/file find name=($backupFileName.".backup")]] > 0) do={ /ip dns static remove [/ip dns static find comment=ADBlock]; /import file-name=$scriptName; /file remove $scriptName; :log info "$logPrefix AD block script imported, backup file (\"$backupFileName.backup\") created"; } else={ :log warning "$logPrefix Backup file not created, importing AD block script stopped"; } } else={ :log warning "$logPrefix AD block script not downloaded, script stopped"; } } on-error={ :log warning "$logPrefix AD block script download FAILED"; };

Как мне всё это дело прикрутить к моему MikroTik-у? Более чем просто — необходимо добавить (System → Scripts → Add New) указанный выше скрипт, а так же добавить задание в планировщик (System → Scheduler → Add New) для его периодического запуска. Если если вы задали имя скрипта AutoADBlock, то в планировщике в поле On Event укажите: /system script run AutoADBlock. Права доступа: [X] Read [X] Write [X] Policy [X] Test.

Отблагодарить можно через форму справа "Donate" ... )

To reward you via the form on the right "Donate" ... )

:)

Как зайти по внешнему IP-адресу из локальной сети для MikroTik

https://lantorg.com/article/kak-zajti-po-vneshnemu-ip-adresu-iz-lokalnoj-seti-dlya-mikrotik

Отблагодарить можно через форму справа "Donate" ... )

To reward you via the form on the right "Donate" ... )

:)

Создание домашней сети на базе устройств MikroTik

 /ip firewall filter

add action=accept chain=forward comment="1.1. Forward and Input Established and Related connections" connection-state=established,related
add action=drop chain=forward connection-state=invalid
add action=drop chain=forward connection-nat-state=!dstnat connection-state=new in-interface-list=Internet
add action=accept chain=input connection-state=established,related
add action=drop chain=input connection-state=invalid
add action=add-src-to-address-list address-list=ddos-blacklist address-list-timeout=1d chain=input comment="1.2. DDoS Protect - Connection Limit" connection-limit=100,32 in-interface-list=Internet protocol=tcp
add action=tarpit chain=input connection-limit=3,32 protocol=tcp src-address-list=ddos-blacklist
add action=jump chain=forward comment="1.3. DDoS Protect - SYN Flood" connection-state=new jump-target=SYN-Protect protocol=tcp tcp-flags=syn
add action=jump chain=input connection-state=new in-interface-list=Internet jump-target=SYN-Protect protocol=tcp tcp-flags=syn
add action=return chain=SYN-Protect connection-state=new limit=200,5:packet protocol=tcp tcp-flags=syn
add action=drop chain=SYN-Protect connection-state=new protocol=tcp tcp-flags=syn
add action=drop chain=input comment="1.4. Protected - Ports Scanners" src-address-list="Port Scanners"
add action=add-src-to-address-list address-list="Port Scanners" address-list-timeout=none-dynamic chain=input in-interface-list=Internet protocol=tcp psd=21,3s,3,1
add action=drop chain=input comment="1.5. Protected - WinBox Access" src-address-list="Black List Winbox"
add action=add-src-to-address-list address-list="Black List Winbox" address-list-timeout=none-dynamic chain=input connection-state=new dst-port=8291 in-interface-list=Internet log=yes log-prefix="BLACK WINBOX" protocol=tcp src-address-list="Winbox Stage 3"
add action=add-src-to-address-list address-list="Winbox Stage 3" address-list-timeout=1m chain=input connection-state=new dst-port=8291 in-interface-list=Internet protocol=tcp src-address-list="Winbox Stage 2"
add action=add-src-to-address-list address-list="Winbox Stage 2" address-list-timeout=1m chain=input connection-state=new dst-port=8291 in-interface-list=Internet protocol=tcp src-address-list="Winbox Stage 1"
add action=add-src-to-address-list address-list="Winbox Stage 1" address-list-timeout=1m chain=input connection-state=new dst-port=8291 in-interface-list=Internet protocol=tcp
add action=accept chain=input dst-port=8291 in-interface-list=Internet protocol=tcp
add action=drop chain=input comment="1.6. Protected - OpenVPN Connections" src-address-list="Black List OpenVPN"
add action=add-src-to-address-list address-list="Black List OpenVPN" address-list-timeout=none-dynamic chain=input connection-state=new dst-port=1194 in-interface-list=Internet log=yes log-prefix="BLACK OVPN" protocol=tcp src-address-list="OpenVPN Stage 3"
add action=add-src-to-address-list address-list="OpenVPN Stage 3" address-list-timeout=1m chain=input connection-state=new dst-port=1194 in-interface-list=Internet protocol=tcp src-address-list="OpenVPN Stage 2"
add action=add-src-to-address-list address-list="OpenVPN Stage 2" address-list-timeout=1m chain=input connection-state=new dst-port=1194 in-interface-list=Internet protocol=tcp src-address-list="OpenVPN Stage 1"
add action=add-src-to-address-list address-list="OpenVPN Stage 1" address-list-timeout=1m chain=input connection-state=new dst-port=1194 in-interface-list=Internet protocol=tcp
add action=accept chain=input dst-port=1194 in-interface-list=Internet protocol=tcp
add action=accept chain=input comment="1.7. Access OpenVPN Tunnel Data" in-interface-list=VPN
add action=accept chain=input comment="1.8. Access Normal Ping" in-interface-list=Internet limit=50/5s,2:packet protocol=icmp
add action=drop chain=input comment="1.9. Drop All Other" in-interface-list=Internet

Отблагодарить можно через форму справа "Donate" ... )

To reward you via the form on the right "Donate" ... )

:)