mikrotik-cloudflare-iplist
mikrotik-cloudflare-iplist copied to clipboard
Generate Mikrotik Address Lists for Cloudflare's IP ranges
Mikrotik Cloudflare IP Address List
Generate Mikrotik Address Lists for Cloudflare's IP ranges.
Once created, these address lists can be used to filter Web traffic on your Mikrotik Router to only come from Cloudflare's proxied IPs. Available lists for IPv4 and IPv6 Addresses.
Cloudflare does not change these IPs often but my automation will run frequently to generate the lists: cloudflare-ips-v4.rsc
and cloudflare-ips-v6.rsc
.
Always use caution and backup your Mikrotik configurations!
Usage
Simpliest Way
- Download install.rsc and/or install-v6.rsc and upload them to your Mikrotik Router
- Run
/import file-name=install.rsc
and/or/import file-name=install-v6.rsc
from the Mikrotik terminal -
d3-cloudflare-download
andd3-cloudflare-replace
will now be added to your Scripts -
d3-cf-dl
andd3-cf-rp
will be added to the Scheduler - By default, the download script will run everyday at 00:05:00 and the replace script at 00:10:00. Adjust the frequency and time as needed
Manual Way
- Manually create the download script
:log info "Download Cloudflare IP list"; /tool fetch url="https://raw.githubusercontent.com/Davie3/mikrotik-cloudflare-iplist/main/cloudflare-ips-v4.rsc" mode=https dst-path=cloudflare-ips-v4.rsc;
- Manually create the replace script
:log info "Remove current Cloudflare IPs"; /ip firewall address-list remove [find where list="cloudflare-ips"]; :log info "Import newest Cloudflare IPs"; /import file-name=cloudflare-ips-v4.rsc;
- Schedule a job for both scripts making sure the download script runs a few minutes before the replace script