aziraphale
commented
4 years ago Hey, thanks - I didn't know that option existed :)
It looks like that feature was only added in RouterOS v6.47, released as "stable" in June 2020 (as per MikroTik's Changelogs page, as well as this 2020-06-04 change to the MikroTik wiki's Manual:IP/DNS page), which is why I hadn't seen that before.
I personally use the "long-term" release channel unless there's a major change in "stable" that I particularly want, as the "stable" channel has a history of being a little less stable than I'd like! :) Therefore I'm still using v6.45.
But yes, I agree, returning NXDOMAIN is probably a better idea for anyone running RouterOS v6.47+ 👍
I don't know how long it'll be before a lot of/most people are using 6.47+, but there could be two versions of the script - one using NXDOMAIN and one using TCP reset - or a single script with an option of which to use, similar to your script. However I've not been using this script for many years, and I really don't have much free time to work on this right now :(
Hi, I like your improvement from blocking domains from
127.0.0.1to240.0.0.0+ TCP reset, but have you considered usingNXDOMAINfor blocking domains? I think that's even better, I've made a small script do this. Your thoughts?