How to Blacklist Filters on MikroTik RouterOS?

To prevent your users from accessing blacklist IP addresses, you need to create the following firewall rules. Thus, we protect our users from unnecessary sites.

In order to use any of the following lists you will want to add a rule to your input or forward chains like the following:





“Spamhaus Don’t Route Or Peer List (DROP)”

The DROP list will not include any IP address space under the control of any legitimate network – even if being used by “the spammers from hell”. DROP will only include netblocks allocated directly by an established Regional Internet Registry (RIR) or National Internet Registry (NIR) such as ARIN, RIPE, AFRINIC, APNIC, LACNIC or KRNIC or direct RIR allocations.”


“This list summarizes the top 20 attacking class C (/24) subnets over the last three days. The number of ‘attacks’ indicates the number of targets reporting scans from this subnet.”


“The files below will be updated daily with domains that have been identified distributing malware during the past 30 days”

I hope it has been a useful article.