Skip to content

Instantly share code, notes, and snippets.

@Nullcaller

Nullcaller/facebook-cdn-vpn

Last active September 1, 2024 01:26
Show Gist options
  • Save Nullcaller/ec00480aa8ef9cf20d0f8835eff52896 to your computer and use it in GitHub Desktop.
Save Nullcaller/ec00480aa8ef9cf20d0f8835eff52896 to your computer and use it in GitHub Desktop.
Download ZIP
A RouterOS v7.8-compatible script for automatic generation of an address list containing all Facebook CDN addresses required for maintaining a normal connection from the DNS cache entries. Designed for decent stability and low CPU usage spikes. This is a combination of scripts by @jgrossiord and @ZloyXEP with some additions.
Raw
facebook-cdn-vpn
:delay delay-time=#REPLACE_THIS_WITH_SOME_ARBITRARY_RESULT_OF_HITTING_YOUR_NUMPAD_WITH_A_FIST#ms;
:foreach i in=[/ip dns cache find] do={
# Turn this on while turning off other delays for ease of manual use. Don't forget to reenable later.
# :delay delay-time=5ms;
:delay delay-time=50ms;
:local cacheName [/ip dns cache all get $i name];
:local cacheType [/ip dns cache all get $i type];
:if (($cacheType="A" or $cacheType="CNAME") and (($cacheName~"^([0-9A-Za-z\\-]*\\.)*facebook(\\.[0-9A-Za-z\\-]*)*\\.?\$") or ($cacheName~"^([0-9A-Za-z\\-]*\\.)*fbcdn(\\.[0-9A-Za-z\\-]*)*\\.?\$") or ($cacheName~"^([0-9A-Za-z\\-]*\\.)*fbstatic(\\.[0-9A-Za-z\\-]*)*\\.?\$") or ($cacheName~"^([0-9A-Za-z\\-]*\\.)*fbexternal(\\.[0-9A-Za-z\\-]*)*\\.?\$"))) do={
# IP-based rule
:if ($cacheType="A") do={
:local cacheData [/ip dns cache all get $i data];
:local record [/ip firewall address-list find where (address=$cacheData) and (list=vpn_loopback_sites_dynamic)];
# One day I just randomly found 0.0.0.0 in the list. I'm not sure how it got there, so I introduced this safety measure.
:if (($cacheData~"^0\\.") or ($cacheData~"^10\\.") or ($cacheData~"^127\\.") or ($cacheData~"^192\\.168\\.")) do={
:put ("script tried putting $cacheData into the address list, was prevented");
} else={
:if ($record="") do={
:put ("add: $cacheName $cacheType $cacheData");
/ip firewall address-list add address=$cacheData comment=$cacheName timeout=14d list=vpn_loopback_sites_dynamic
} else={
:put ("renew: $cacheName $cacheType $cacheData");
/ip firewall address-list set $record timeout=14d;
}
}
}
# Domain-based rule
:if ($cacheType="A") do={
:local record [/ip firewall address-list find where (address=$cacheName) and (list=vpn_loopback_sites_dynamic)];
:if ($record="") do={
:put ("add: $cacheName $cacheType");
/ip firewall address-list add address=$cacheName timeout=14d list=vpn_loopback_sites_dynamic
} else={
:put ("renew: $cacheName $cacheType");
/ip firewall address-list set $record timeout=14d;
}
}
:if ($cacheType="CNAME") do={
:local cacheData [/ip dns cache all get $i data];
:local record [/ip firewall address-list find where (address=$cacheData) and (list=vpn_loopback_sites_dynamic)];
:if ($record="") do={
:put ("add: $cacheName $cacheType $cacheData");
/ip firewall address-list add address=$cacheData comment=$cacheName timeout=14d list=vpn_loopback_sites_dynamic
} else={
:put ("renew: $cacheName $cacheType $cacheData");
/ip firewall address-list set $record timeout=14d;
}
:local record [/ip firewall address-list find where (address=$cacheName) and (list=vpn_loopback_sites_dynamic)];
:if ($record="") do={
:put ("add: $cacheName $cacheType");
/ip firewall address-list add address=$cacheName timeout=14d list=vpn_loopback_sites_dynamic
} else={
:put ("renew: $cacheName $cacheType");
/ip firewall address-list set $record timeout=14d;
}
}
}
}
@klugev303
Copy link

I may or may not make a similar script for YouTube myself in the future, though.

I'm afraid I won't figure it out myself(
I ask for help, in the current situation of YouTube blocking, I'm looking for the best solution to this problem through Mikrotik, Thanks in advance, I'll be waiting impatiently!!!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment