alexshpilkin · June 15, 2023 21:46
diff --git a/README b/README
 Download the RKN list from https://github.com/zapret-info/z-i, massage it into
 a Mikrotik script that manages a firewall address list, and put it up on a web
 server.  Note well that the list is gigantic---more than 80,000 entries as of
 2018-04-28---so be sure to check if your router can handle it in advance (for
 example, hAP Lite, with its measly 32M of memory, can’t).

 On the router side, do something like

    /tool fetch url="https://sheaf.site/rkn.rsc" dst-path=rkn.rsc
    :import rkn.src

 (although executing some guy’s scripts on your router is silly, you really
 should host your own).
diff --git a/update-rkn b/update-rkn
 #!/bin/bash -e
 set -o pipefail

 curl -sS 'https://raw.githubusercontent.com/zapret-info/z-i/master/dump.csv' \
 | iconv -f cp1251 \
 | sed -re 's/^([^;]*);.*$/\1/' -e 's/ \| /\n/g' \
 | sort -u \
 | { echo '/ip firewall address-list';
    echo 'remove numbers=[find list=rkn]';
    sed -rne 's/^([0-9]+\.){3}[0-9]+(\/[0-9]+)?$/add list=rkn address=&/p'; } \
 >/tmp/rkn.rsc
 mv /tmp/rkn.rsc rkn.rsc
diff --git a/update-rkn.service b/update-rkn.service
 [Unit]
 Description=Update RKN list
 Wants=network-online.target

 [Service]
 Type=oneshot
 ExecStart=/usr/local/bin/update-rkn
 User=root
 WorkingDirectory=/srv/http/sheaf.site
diff --git a/update-rkn.timer b/update-rkn.timer
 [Unit]
 Description=Update RKN list daily

 [Timer]
 OnCalendar=daily
 Persistent=true

 [Install]
 WantedBy=timers.target
	Download the RKN list from https://github.com/zapret-info/z-i, massage it into
	a Mikrotik script that manages a firewall address list, and put it up on a web
	server. Note well that the list is gigantic---more than 80,000 entries as of
	2018-04-28---so be sure to check if your router can handle it in advance (for
	example, hAP Lite, with its measly 32M of memory, can’t).

	On the router side, do something like

	/tool fetch url="https://sheaf.site/rkn.rsc" dst-path=rkn.rsc
	:import rkn.src

	(although executing some guy’s scripts on your router is silly, you really
	should host your own).
	#!/bin/bash -e
	set -o pipefail

	curl -sS 'https://raw.githubusercontent.com/zapret-info/z-i/master/dump.csv' \
	\| iconv -f cp1251 \
	\| sed -re 's/^([^;]);.$/\1/' -e 's/ \\| /\n/g' \
	\| sort -u \
	\| { echo '/ip firewall address-list';
	echo 'remove numbers=[find list=rkn]';
	sed -rne 's/^([0-9]+\.){3}[0-9]+(\/[0-9]+)?$/add list=rkn address=&/p'; } \
	>/tmp/rkn.rsc
	mv /tmp/rkn.rsc rkn.rsc
	[Unit]
	Description=Update RKN list
	Wants=network-online.target

	[Service]
	Type=oneshot
	ExecStart=/usr/local/bin/update-rkn
	User=root
	WorkingDirectory=/srv/http/sheaf.site
	[Unit]
	Description=Update RKN list daily

	[Timer]
	OnCalendar=daily
	Persistent=true

	[Install]
	WantedBy=timers.target