MikroTik FastNetMon plug-in
Connects to a MikroTik router and adds or removes a blackhole rule for an attack by IP address.
The actions can be modified such as adding a firewall rule.
This script uses the MikroTik PHP API. More information about this can be found at the following URLs:
You must have a user with API access on the router
Install php to your server:
sudo apt-get install php-cli php
- Configure the router in the
$cfg[ ip_mikrotik ] = "192.168.10.1"; // MikroTik Router IP $cfg[ api_user ] = "api"; // username $cfg[ api_pass ] = "api123"; // password
- Change the
notify_about_attack.shwith the new to run the PHP script
This is the first buggy version, you are welcome to add more features.
Set executable bit
sudo chmod +x /etc/fastnetmon/scripts/notify_about_attack.sh
For FastNetMon Advanced, please disable details:
sudo fcli set main notify_script_pass_details disable sudo fcli commit
v1.0 - 4 Jul 16 - Initial version
Author: Maximiliano Dobladez firstname.lastname@example.org