Automatically Updated VoIP Blacklist(volunteer needed!)
[i=s] 本帖最後由 Qnewbie 於 2016-11-5 06:15 編輯 [/i]The VoIP Blacklist is maintained by voipbl.org. Voipbl.org provides a configuration to block ip addresses in the blacklist with fai2ban.
For mikrotik user, we might use this blacklist according to
[url]http://joshaven.com/resources/tricks/mikrotik-automatically-updated-address-list/.[/url]
1. Bash script to create VoipBL.rsc, some volunteers(I mean 電腦超人:lol ) could run it frequently with cron and provide VoipBL.rsc for download?[code]#!/bin/sh
####
# Orig.: http://joshaven.com/resources/tricks/mikrotik-automatically-updated-address-list/
####
saveTo=/var/www
now=$(date);
echo "# Generated by Qnewbie on $now" > $saveTo/VoipBL.rsc
echo "/ip firewall address-list" >> $saveTo/VoipBL.rsc
wget -q -O - http://www.voipbl.org/update | awk ' $1 != "#" { print "add list=blacklist address=" $1 " comment=VoipBL";}' >> $saveTo/VoipBL.rsc
[/code]2. It is not applicable as VoipBL.rsc is not available in telecom-cafe.
Mikrotik daily update script:[code]# Script which will download the VoIPBL list as a text file
/system script add name="DownloadVoIPBL" source={
/tool fetch url="http://www.telecom-cafe.com/VoipBL.rsc" mode=http;
:log info "Downloaded VoipBL.rsc from telecom-cafe.com";
}
# Script which will Remove old VoIPBL records and add new one
/system script add name="ReplaceVoIPBL" source={
/ip firewall address-list remove [find where comment="VoIPBL"]
/import file-name=VoipBL.rsc;
:log info "Removed old VoIPBL records and imported new list";
}
# Schedule the download and application of the VoIPBL list
/system scheduler add comment="Download VoIPBL list" \
interval=1d name="DownloadVoIPBL_List" on-event=DownloadVoIPBL \
start-date=jan/01/1970 start-time=16:38:48
/system scheduler add comment="Apply VoIPBL List" \
interval=1d name="InstallVoIPBL_List" on-event=ReplaceVoIPBL \
start-date=jan/01/1970 start-time=16:43:48[/code]Possible problem:
The address list might be too looooooong... Hopefully someone might merge addresses with larger subnet.
頁:
[1]