Block Sites User Keywords Use Dns Cache - MikroTik Script RouterOS

Make sure to only use Mikrotik DNS:

/ip firewall nat
add action=redirect chain=dstnat comment=DNS dst-port=53 protocol=tcp to-ports=53
add action=redirect chain=dstnat dst-port=53 protocol=udp to-ports=53
There are 2 blocking options:

1.Block it by dropping it in Filter rules

/ip firewall filter
add chain=forward dst-address-list=BLOCK_SITE action=drop

2. Block by redirecting IP and Port

/ip firewall nat
add action=dst-nat chain=dstnat comment="BLOCK WEBSITE" dst-address-list=
BLOCK_SITE dst-port=80,81,8181,443 protocol=tcp to-addresses=36.86.63.185 to-ports=80

Notes:
1. Do not immediately install the scripts, learn first, especially for keywords, you should first change the keywords according to your needs.
2. By default the website that I block I point to internet postifi with ip 36.86.63.185 you can direct it to another IP.
3. Please enter it in the proxy schedule or via a free script and it's better if the running time is not too fast, I personally set it only in 10 minutes
4. This script eats up a little of resources so sorry for the plastic RB (the old one), you should set the running timing a little longer.


# Find all entry on dns cache
:foreach iDNS in=[/ip dns cache all find where (name~"poker" || name~"porn" || name~"cheat" || name~"bokep" || name~"ngentot" || name~"qq.com" || name~"qq.net" || name~"qq.org" || name~"roulette" || name~"sbobet" || name~"casino" || name~"xvideos") && (type="A") ] do={
# find and filtering keyword and only find record for type A
# for keyword just add keyword || name~"KEYWORD") before && (type="A")
##########################################################################
:local tmpDNSsite [/ip dns cache get $iDNS name] ;
:local tmpDNSip [/ip dns cache get $iDNS address];
:local nameList "BLOCK_SITE";
# save to local cache by string
##########################################################################
delay delay-time=10ms
# wait for 10ms
##########################################################################
:if ( [/ip firewall address-list find where address=$tmpDNSip] = "") do={ 
# chek for no more duplicate site on cache
##########################################################################
:log warning ("Added site to block on dns: $tmpDNSsite : $tmpDNSip");
# show info on warning log
########################################################################## 
/ip firewall address-list add address=$tmpDNSip list=$nameList comment=$tmpDNSsite;
# add site to add list entry.
##########################################################################
}
}
# End Script 
##########################################################################