Statistics: Posted by Nullcaller — Fri Mar 29, 2024 1:19 am
/interface bridgeadd comment=defconf name=bridge vlan-filtering=yes/interface bridge portadd bridge=bridge comment=defconf interface=ether2add bridge=bridge comment=defconf interface=ether3add bridge=bridge comment=defconf interface=ether4add bridge=bridge comment=defconf interface=ether5/interface bridge vlanadd bridge=bridge tagged=bridge,ether2,ether3 vlan-ids=10
Statistics: Posted by fibracapi — Fri Mar 29, 2024 1:00 am
Statistics: Posted by fibracapi — Fri Mar 29, 2024 12:58 am
Statistics: Posted by f008600 — Fri Mar 29, 2024 12:56 am
Statistics: Posted by LeoNaXe — Fri Mar 29, 2024 12:55 am
That's a generic problem for a LOT of brands and highly depends on the quality of the used USB device.
Same with bluetooth.
It all operates in the same 2 - 2.5 GHz-range, you see.
No way a firmware upgrade can fix that. That's a physical problem.
Statistics: Posted by Nullcaller — Fri Mar 29, 2024 12:49 am
Statistics: Posted by jaclaz — Fri Mar 29, 2024 12:21 am
Statistics: Posted by Nullcaller — Fri Mar 29, 2024 12:19 am
Statistics: Posted by emunt6 — Fri Mar 29, 2024 12:18 am
Statistics: Posted by sebus46 — Fri Mar 29, 2024 12:12 am
Statistics: Posted by jaclaz — Fri Mar 29, 2024 12:03 am
{/ip firewall address-list:local update do={ :put "Starting import of address-list: $listname" :if ($nolog = null) do={:log warning "Starting import of address-list: $listname"} :local displayed true :local maxretry 3 :local retrywaitingtime 120s :local retryflag true :for retry from=1 to=$maxretry step=1 do={ :if (retryflag) do={ :set $retryflag false; :set $sounter 0 :if (retry > 1) do={ :put "Source file changed. Retring after a $retrywaitingtime wait..." :if ($nolog = null) do={:log warning "Source file changed. Retring after a $retrywaitingtime wait..."} :delay $retrywaitingtime } :local fetchResult [/tool fetch url=$url keep-result=no as-value] :local filesize ($fetchResult->"total") :local downsize ($fetchResult->"downloaded") :if ($filesize = 0 && $downsize > 0) do={ :set $filesize $downsize} :local start 0 :local maxsize 64000; # reqeusted chunk size :local end ($maxsize - 1);# because start is zero the maxsize has to be reduced by one :local partnumber ($filesize / ($maxsize / 1024)); # how many chunk are maxsize :local remainder ($filesize % ($maxsize / 1024)); # the last partly chunk :if ($remainder > 0) do={ :set $partnumber ($partnumber + 1) }; # total number of chunks :if ($heirule != null) do={:put "Using as extra filtering: $heirule"} else={:set $heirule "."} # remove the current list completely if "erase" is not present (default setting) :if ($noerase = null) do={ :if ($timeout = null) do={:set $timeout 00:00:00; :do {:foreach i in=[/ip firewall address-list find list=$listname] do={/ip firewall address-list set list=("backup".$listname) $i }} on-error={} } else={ :do {:foreach i in=[/ip firewall address-list find list=$listname dynamic] do={/ip firewall address-list set list=("backup".$listname) $i }} on-error={} }; :put ("Conditional deleting all".$dynamic." entries in address-list: $listname") :if ($nolog = null) do={:log warning ("Conditional deleting all".$dynamic." entries in address-list: $listname")} } else={:put "Entries not conditional deleted in address-list: $listname"}; # ENDIF ERASE :for x from=1 to=$partnumber step=1 do={ # get filesize to be compared to the orignal one and if changed then retry :local comparesize ([/tool fetch url=$url keep-result=no as-value]->"total") :if ($comparesize = 0 && $downsize > 0) do={ :set $comparesize $downsize} # fetching the chunks from the webserver when the size of the source file has not changed # empty array when the source file changed. No processing is done till the next complete retry :if ($comparesize = $filesize) do={:set $data ([:tool fetch url=$url http-header-field="Range: bytes=$start-$end" output=user as-value]->"data")} else={:set $data [:toarray ""]; :set $retryflag true} #:if ($ownposix = null) do={ # determining the used delimiter in the list, when not provided in the config # this only run once and so the impact on the import time is low :local ipv4Posix "^[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}" :local ipv4rangePosix "^[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}/[0-9]{1,2}" :local domainPosix "^.+\\.[a-z.]{2,7}" :local sdata $data; # removes any lines at the top of the file that could interfere with finding the correct posix. Setting remarksign is needed :while ([:pick $sdata 0 1] = $remarksign) do={ :set $sdata [:pick $sdata ([:find $sdata "\n"]+1) [:len $sdata]] } :while ([:len $sdata]!=0 && $delimiter = null) do={ # The check on length of $sdata is for if no delimiter is found. :local sline [:pick $sdata 0 [:find $sdata "\n"]]; :local slen [:len $sline]; # set posix depending of type of data used in the list :if ($sline ~ $ipv4Posix) do={:set $posix $ipv4Posix; :set $iden "List identified as a IPv4 list"} :if ($sline ~ $ipv4rangePosix)do={:set $posix $ipv4rangePosix; :set $iden "List identified as a IPv4 with ranges list"} :if ($sline ~ $domainPosix) do={:set $posix $domainPosix; :set $iden "List identified as a domain list"} :if ($sline ~ $posix) do={:put $iden} :if ($sline ~ $posix) do={ # only explore the line if there is a match at the start of the line. :do {:if ([:pick $sline 0 ($slen-$send)] ~ ($posix."\$") || $send > $slen) do={ :set $delimiter [:pick $sline ($slen-$send) ($slen-($send-1))]; :set $result true} else={:set $send ($send+1)} :if ($result) do={ :set $extra [:pick $sline ($slen-$send) ($slen-($send-1))] :if ( $extra = " " ) do={ :set $delimiter [:pick $sline ($slen-$send) ($slen-($send-2))] } :if ( $extra = " " ) do={ :set $delimiter [:pick $sline ($slen-$send) ($slen-($send-3))] } :if ( $extra = " " ) do={ :set $delimiter [:pick $sline ($slen-$send) ($slen-($send-4))] } }; # EndIf result } while (!$result); # EndDoWhile }; #IF sline posix:set $sdata [:pick $sdata ([:find $sdata "\n"]+1) [:len $sdata]]; # cut off the already searched lines:if ($delimiter != null) do={:local sdata [:toarray ""]} ; #Clearing sdata array ending the WhileDo loop }; #WHILE END $sdata :local sdata [:toarray ""] :if ([:len $delimiter] = 0) do={ :set $delimiter "\n"; :set $delimiterShow "New Line" } else={ :set $delimiterShow $delimiter }; # when empty use NewLine 20220529 #} else={:put "User defind Posix: $ownposix"; :set $posix $ownposix } ; # ENDIF ownposix = null :if ($delimiter != null && $displayed ) do={:set $displayed false; :put "Using config provided delimiter: \"$delimiterShow\""} :if ($posix = null) do={:set $posix "."}; # Use a match all posix if nothing is defined or found :if (!retryflag) do={:put "Reading Part: $x $start - $end"} :if ($timeout = null) do={:local timeout 00:00:00}; # if no timeout is defined make it a static entry. # Only remove the first line only if you are not at the start of list :while ( [:pick $data 0 1] = $remarksign) do={ :set $data [:pick $data ([:find $data "\n"]+1) [:len $data]] }; # removes the invalid line (Spamhaus) :if ($start > 0) do={:set $data [:pick $data ([:find $data "\n"]+1) [:len $data]]} :while ([:len $data]!=0) do={ :local line [:pick $data 0 [:find $data "\n"]]; # create only once and checked twice as local variable :if ( $line ~ $posix && $line~heirule) do={ :do {add list=$listname address=[:pick $data 0 [:find $data $delimiter]] comment=$comment timeout=$timeout; :set $counter ($counter + 1)} on-error={}; # on error avoids any panics }; # if IP address && extra filter if present :set $data [:pick $data ([:find $data "\n"]+1) [:len $data]]; # removes the just added IP from the data array # Cut of the end of the chunks by removing the last lines...very dirty but it works :if ([:len $data] < 256) do={:set $data [:toarray ""]} }; # while :set $start (($start-512) + $maxsize); # shifts the subquential start back by 512 :set $end (($end-512) + $maxsize); # shift the subquential ends back by 512 to keep the }; # if retryflag }; #do for x }; # for retry :if ($counter < 1) do={:set $resultline "Import was NOT successfull! Check if the list $listname is still being maintained."} else={:set $resultline "Completed reading $counter items into address-list $listname." } :put $resultline :if ($nolog = null) do={:log warning $resultline } :if ($counter > 0) do={:do {/ip firewall address-list remove [find where list=("backup".$listname)]} on-error={} } else={ :do {:foreach i in=[/ip firewall address-list find list=("backup".$listname)] do={/ip firewall address-list set list=$listname $i }} on-error={} :put "Restoring backup list: $listname" :if ($nolog = null) do={:log warning "Restoring backup list: $listname"} }; # if counter restore on failure and remove on success}; # do$update url=https://www.spamhaus.org/drop/drop.txt listname=spamhaus remarksign=";" timeout=1d nolog=1$update url=https://lists.blocklist.de/lists/all.txt listname=blockDE timeout=1d nolog=1}# To be used configline settings:# url= https://name.of.the.list# listname=name of address-list# Optinal settings# timeout=the time the entry should be active. If omited then static entries are created.# comment=puts this comment on every line in the choosen address-list (default: no comment)# heirule=this will select on a word on each line if to import or not (default: no heirule)# noerase=any value, then the current list is not erased (default: erase)# ownPosix=allow to enter a onw regEX posix to be used (not ative at this moment)# nolog= any value, then don't write to the log (default: writing to log)
Statistics: Posted by MTNick — Thu Mar 28, 2024 11:56 pm
Statistics: Posted by emunt6 — Thu Mar 28, 2024 11:23 pm
Statistics: Posted by anav — Thu Mar 28, 2024 11:23 pm
Statistics: Posted by jaclaz — Thu Mar 28, 2024 11:09 pm
Statistics: Posted by LeoNaXe — Thu Mar 28, 2024 10:53 pm
Statistics: Posted by eddieb — Thu Mar 28, 2024 10:45 pm
Statistics: Posted by rogerioqueiroz — Thu Mar 28, 2024 10:43 pm
/ip addressadd address=10.0.X.1/24 network=10.0.X.0 interface="wireguard_interface"/interface wireguard peeradd allowed-address=10.0.X.2/32 ...
Statistics: Posted by TheCat12 — Thu Mar 28, 2024 10:38 pm
Statistics: Posted by anav — Thu Mar 28, 2024 10:25 pm
Statistics: Posted by 0xAA55 — Thu Mar 28, 2024 10:06 pm
Statistics: Posted by infabo — Thu Mar 28, 2024 9:59 pm
Statistics: Posted by TheCat12 — Thu Mar 28, 2024 9:54 pm
Statistics: Posted by holvoetn — Thu Mar 28, 2024 9:54 pm
Statistics: Posted by apitsos — Thu Mar 28, 2024 9:53 pm
Statistics: Posted by Michiganbroadband — Thu Mar 28, 2024 9:44 pm
Statistics: Posted by anav — Thu Mar 28, 2024 9:43 pm
Statistics: Posted by Michiganbroadband — Thu Mar 28, 2024 9:42 pm
NATFlags: X - disabled, I - invalid; D - dynamic
0 D ;;; special dummy rule to show fasttrack counters
chain=forward action=passthrough
1 ;;; accept established,related,untracked
chain=input action=accept connection-state=established,related,untracked
2 ;;; drop invalid
chain=input action=drop connection-state=invalid
3 ;;; accept ICMP
chain=input action=accept protocol=icmp
4 ;;; accept to local loopback (for CAPsMAN)
chain=input action=accept dst-address=127.0.0.1
5 ;;; drop all not coming from LAN
chain=input action=drop in-interface-list=!LAN
6 ;;; accept in ipsec policy
chain=forward action=accept ipsec-policy=in,ipsec
7 ;;; accept out ipsec policy
chain=forward action=accept ipsec-policy=out,ipsec
8 ;;; fasttrack
chain=forward action=fasttrack-connection hw-offload=yes connection-state=established,related
9 ;;; accept established, related, untracked
chain=forward action=accept connection-state=established,related,untracked
10 ;;; drop invalid
chain=forward action=drop connection-state=invalid
11 ;;; drop all from WAN not DSTNATed
chain=forward action=drop connection-state=new connection-nat-state=!dstnat in-interface-list=WAN
MangleFlags: X - disabled, I - invalid; D - dynamic
0 I ;;;
chain=srcnat action=masquerade src-address-list=LAN out-interface=pppoe-out1 log=no log-prefix=""
1 ;;; masquerade
chain=srcnat action=masquerade out-interface-list=WAN ipsec-policy=out,none
Do you have a hint for me where to look for the issue? Maybe you even have a possible solution?Flags: X - disabled, I - invalid; D - dynamic
0 D ;;; special dummy rule to show fasttrack counters
chain=prerouting action=passthrough
1 D ;;; special dummy rule to show fasttrack counters
chain=forward action=passthrough
2 D ;;; special dummy rule to show fasttrack counters
chain=postrouting action=passthrough
3 I ;;;
chain=forward action=change-mss new-mss=1452 passthrough=yes tcp-flags=syn protocol=tcp out-interface=pppoe-out1 tcp-mss=1453-65535 log=no log-prefix=""
Statistics: Posted by svh79 — Thu Mar 28, 2024 9:38 pm
Statistics: Posted by mkx — Thu Mar 28, 2024 9:26 pm
Statistics: Posted by Michiganbroadband — Thu Mar 28, 2024 9:23 pm
Statistics: Posted by bpwl — Thu Mar 28, 2024 9:22 pm
Wireguard server: HV+h7mvZc/vS4kGxcYQMZvBk3WxhJ/zXslz/J40UqSM=: Sending handshake initiation to peer (37.221.211.44:13320)Wireguard server: HV+h7mvZc/vS4kGxcYQMZvBk3WxhJ/zXslz/J40UqSM=: Handshake for peer did not complete after 5 seconds, retrying (try 4)
And so on indefinitely even though I disconnected from the phone. Is there any way to limit this?Statistics: Posted by Bolendox — Thu Mar 28, 2024 9:17 pm
Statistics: Posted by cmmike — Thu Mar 28, 2024 9:15 pm
Statistics: Posted by holvoetn — Thu Mar 28, 2024 9:11 pm
Statistics: Posted by patrikg — Thu Mar 28, 2024 9:08 pm
# model = RB750r2/interface bridgeadd auto-mac=no comment=defconf name=bridge vlan-filtering=yes/interface pppoe-clientadd add-default-route=yes disabled=no interface=ether1 name=pppoe-out1 use-peer-dns=yes user=miuserpppoe/interface bridge vlanadd bridge=bridge tagged=bridge,ether2,ether3 vlan-ids=10/interface listadd comment=defconf name=WANadd comment=defconf name=LAN/ip hotspot profileset [ find default=yes ] html-directory=hotspot/ip pooladd name=default-dhcp ranges=192.168.88.10-192.168.88.254add name=dhcp_pool1 ranges=192.168.10.2-192.168.10.254/ip dhcp-serveradd address-pool=default-dhcp interface=bridge name=defconfadd address-pool=dhcp_pool1 interface=vlan10-HOME name=dhcp1/interface bridge portadd bridge=bridge comment=defconf interface=ether2add bridge=bridge comment=defconf interface=ether3add bridge=bridge comment=defconf interface=ether4add bridge=bridge comment=defconf interface=ether5/ip neighbor discovery-settingsset discover-interface-list=LAN/interface bridge vlanadd bridge=bridge tagged=ether3 vlan-ids=10/interface list memberadd comment=defconf interface=bridge list=LANadd comment=defconf interface=pppoe-out1 list=WAN/ip addressadd address=192.168.88.1/24 comment=defconf interface=bridge network=192.168.88.0add address=192.168.10.1/24 interface=vlan10-HOME network=192.168.10.0/ip dhcp-clientadd comment=defconf interface=ether1/ip dhcp-server networkadd address=192.168.10.0/24 dns-server=1.1.1.1 gateway=192.168.10.1add address=192.168.88.0/24 comment=defconf dns-server=192.168.88.1 gateway=192.168.88.1# model = L41G-2axD/interface bridgeadd name=bridge1 vlan-filtering=yes/interface wifiset [ find default-name=wifi1 ] channel.band=2ghz-ax .width=20/40mhz configuration.country=Spain .mode=ap .ssid=VLAN10-HOME disabled=no name=VLAN10-HOME/interface bridge portadd bridge=bridge1 interface=ether1add bridge=bridge1 interface=ether2add bridge=bridge1 interface=ether3add bridge=bridge1 interface=ether4add bridge=bridge1 interface=VLAN10-HOME pvid=10/interface bridge vlanadd bridge=bridge1 tagged=ether1 vlan-ids=10/ip dhcp-clientadd interface=bridge1/system noteset show-at-login=no/system routerboard settingsset auto-upgrade=yes
Is there something I'm missing with the new driver?Statistics: Posted by fibracapi — Thu Mar 28, 2024 9:04 pm
Statistics: Posted by TheCat12 — Thu Mar 28, 2024 8:59 pm
[hendry@red] > /system/logging/printFlags: * - DEFAULTColumns: TOPICS, ACTION# TOPICS ACTION0 * info remote1 * error remote2 * warning remote3 * critical echo[hendry@red] > /system/logging/action/printFlags: * - default 0 * name="memory" target=memory memory-lines=1000 memory-stop-on-full=no 1 * name="disk" target=disk disk-file-name="log" disk-lines-per-file=1000 disk-file-count=2 disk-stop-on-full=no 2 * name="echo" target=echo remember=yes 3 * name="remote" target=remote remote=X.X.X.X remote-port=9000 src-address=0.0.0.0 bsd-syslog=yes syslog-time-format=bsd-syslog syslog-facility=daemon syslog-severity=auto
Statistics: Posted by hendry — Thu Mar 28, 2024 8:58 pm
Statistics: Posted by Michiganbroadband — Thu Mar 28, 2024 8:57 pm
[admin@MikroTik] > /system license print system-id: vWS********** level: p1 limited-upgrades: no next-renewal-at: 2024-04-27 20:59:59 deadline-at: 2024-05-27 20:59:59[admin@MikroTik] > /system license renew account: some.user@domain.compassword: ********** level: p1 status: doneHowever, nothing seems to have changed... ????????[admin@MikroTik] > /system license print system-id: vWS********** level: p1 limited-upgrades: no next-renewal-at: 2024-04-27 20:59:59 deadline-at: 2024-05-27 20:59:59
Statistics: Posted by donmunyak — Thu Mar 28, 2024 8:54 pm
Statistics: Posted by Michiganbroadband — Thu Mar 28, 2024 8:52 pm
> sys package update check-for-updates channel: stable installed-version: 7.14.2 latest-version: 7.14.1 status: New version is available
Statistics: Posted by sawa — Thu Mar 28, 2024 8:47 pm
Statistics: Posted by cmmike — Thu Mar 28, 2024 8:40 pm
Statistics: Posted by Michiganbroadband — Thu Mar 28, 2024 8:35 pm
Statistics: Posted by Michiganbroadband — Thu Mar 28, 2024 8:34 pm
Statistics: Posted by Nullcaller — Thu Mar 28, 2024 8:15 pm
# 2024-03-28 13:59:17 by RouterOS 7.11.2# software id = Q6JG-Q80C## model = L009UiGS-2HaxD# serial number = HF3095E6YNJ/interface bridgeadd admin-mac=78:9A:18:60:1C:5A auto-mac=no comment=defconf name="bridge[LAN]"/interface ethernetset [ find default-name=ether1 ] name="ether1[WAN]"/interface wifiwave2set [ find default-name=wifi1 ] channel.band=2ghz-ax .skip-dfs-channels=10min-cac .width=20/40mhz configuration.country=\ "United States" .mode=ap .ssid="wifi" disabled=no security.authentication-types=wpa2-psk,wpa3-psk/interface listadd comment=defconf name=WANadd comment=defconf name=LAN/ip pooladd name=default-dhcp ranges=192.168.88.10-192.168.88.254/ip dhcp-serveradd address-pool=default-dhcp interface="bridge[LAN]" lease-time=8h name=defconf/portset 0 name=serial0/interface bridge portadd bridge="bridge[LAN]" comment=defconf interface=ether2add bridge="bridge[LAN]" comment=defconf interface=ether3add bridge="bridge[LAN]" comment=defconf interface=ether4add bridge="bridge[LAN]" comment=defconf interface=ether5add bridge="bridge[LAN]" comment=defconf interface=ether6add bridge="bridge[LAN]" comment=defconf interface=ether7add bridge="bridge[LAN]" comment=defconf interface=ether8add bridge="bridge[LAN]" comment=defconf interface=sfp1add bridge="bridge[LAN]" comment=defconf interface=wifi1/ip neighbor discovery-settingsset discover-interface-list=LAN/interface list memberadd comment=defconf interface="bridge[LAN]" list=LANadd comment=defconf interface="ether1[WAN]" list=WAN/ip addressadd address=192.168.88.1/24 comment=defconf interface="bridge[LAN]" network=192.168.88.0/ip dhcp-clientadd comment=defconf interface="ether1[WAN]"/ip dhcp-server leaseadd address=192.168.88.2 client-id=1:7c:10:c9:3c:b7:c6 mac-address=7C:10:C9:3C:B7:C6add address=192.168.88.3 client-id=1:7c:10:c9:45:a2:7f mac-address=7C:10:C9:45:A2:7F/ip dhcp-server networkadd address=192.168.88.0/24 comment=defconf dns-server=192.168.88.1 gateway=192.168.88.1/ip dnsset allow-remote-requests=yes servers=192.168.88.1/ip dns staticadd address=192.168.88.1 comment=defconf name=router.lan/ip firewall filteradd action=accept chain=input comment="defconf: accept established,related,untracked" connection-state=\ established,related,untrackedadd action=drop chain=input comment="defconf: drop invalid" connection-state=invalidadd action=accept chain=input comment="defconf: accept ICMP" protocol=icmpadd action=accept chain=input comment="defconf: accept to local loopback (for CAPsMAN)" dst-address=127.0.0.1add action=drop chain=input comment="defconf: drop all not coming from LAN" in-interface-list=!LAN log-prefix=\ Firewall::Drop::WANadd action=accept chain=forward comment="defconf: accept in ipsec policy" ipsec-policy=in,ipsecadd action=accept chain=forward comment="defconf: accept out ipsec policy" ipsec-policy=out,ipsecadd action=fasttrack-connection chain=forward comment="defconf: fasttrack" connection-state=established,related hw-offload=\ yesadd action=accept chain=forward comment="defconf: accept established,related, untracked" connection-state=\ established,related,untrackedadd action=drop chain=forward comment="defconf: drop invalid" connection-state=invalidadd action=drop chain=forward comment="defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \ connection-state=new in-interface-list=WAN/ip firewall natadd action=masquerade chain=srcnat comment="defconf: masquerade" ipsec-policy=out,none out-interface-list=WANadd action=masquerade chain=srcnat dst-address=192.168.88.0/24 src-address=192.168.88.0/24add action=dst-nat chain=dstnat dst-port=3000 in-interface="ether1[WAN]" log=yes log-prefix=Firewall::Accept::GOGS protocol=\ tcp to-addresses=192.168.88.3 to-ports=3000add action=dst-nat chain=dstnat dst-port=8096 in-interface="ether1[WAN]" log=yes log-prefix=Firewall::Accept::Jellyfin \ protocol=tcp to-addresses=192.168.88.3 to-ports=8096add action=dst-nat chain=dstnat dst-port=42069 in-interface="ether1[WAN]" log=yes log-prefix=Firewall::Accept::SSH protocol=\ tcp to-addresses=192.168.88.3 to-ports=42069/ip serviceset telnet disabled=yesset ftp disabled=yesset www disabled=yesset api disabled=yesset api-ssl disabled=yes/ipv6 firewall address-listadd address=::/128 comment="defconf: unspecified address" list=bad_ipv6add address=::1/128 comment="defconf: lo" list=bad_ipv6add address=fec0::/10 comment="defconf: site-local" list=bad_ipv6add address=::ffff:0.0.0.0/96 comment="defconf: ipv4-mapped" list=bad_ipv6add address=::/96 comment="defconf: ipv4 compat" list=bad_ipv6add address=100::/64 comment="defconf: discard only " list=bad_ipv6add address=2001:db8::/32 comment="defconf: documentation" list=bad_ipv6add address=2001:10::/28 comment="defconf: ORCHID" list=bad_ipv6add address=3ffe::/16 comment="defconf: 6bone" list=bad_ipv6/ipv6 firewall filteradd action=accept chain=input comment="defconf: accept established,related,untracked" connection-state=\ established,related,untrackedadd action=drop chain=input comment="defconf: drop invalid" connection-state=invalidadd action=accept chain=input comment="defconf: accept ICMPv6" protocol=icmpv6add action=accept chain=input comment="defconf: accept UDP traceroute" port=33434-33534 protocol=udpadd action=accept chain=input comment="defconf: accept DHCPv6-Client prefix delegation." dst-port=546 protocol=udp \ src-address=fe80::/10add action=accept chain=input comment="defconf: accept IKE" dst-port=500,4500 protocol=udpadd action=accept chain=input comment="defconf: accept ipsec AH" protocol=ipsec-ahadd action=accept chain=input comment="defconf: accept ipsec ESP" protocol=ipsec-espadd action=accept chain=input comment="defconf: accept all that matches ipsec policy" ipsec-policy=in,ipsecadd action=drop chain=input comment="defconf: drop everything else not coming from LAN" in-interface-list=!LANadd action=accept chain=forward comment="defconf: accept established,related,untracked" connection-state=\ established,related,untrackedadd action=drop chain=forward comment="defconf: drop invalid" connection-state=invalidadd action=drop chain=forward comment="defconf: drop packets with bad src ipv6" src-address-list=bad_ipv6add action=drop chain=forward comment="defconf: drop packets with bad dst ipv6" dst-address-list=bad_ipv6add action=drop chain=forward comment="defconf: rfc4890 drop hop-limit=1" hop-limit=equal:1 protocol=icmpv6add action=accept chain=forward comment="defconf: accept ICMPv6" protocol=icmpv6add action=accept chain=forward comment="defconf: accept HIP" protocol=139add action=accept chain=forward comment="defconf: accept IKE" dst-port=500,4500 protocol=udpadd action=accept chain=forward comment="defconf: accept ipsec AH" protocol=ipsec-ahadd action=accept chain=forward comment="defconf: accept ipsec ESP" protocol=ipsec-espadd action=accept chain=forward comment="defconf: accept all that matches ipsec policy" ipsec-policy=in,ipsecadd action=drop chain=forward comment="defconf: drop everything else not coming from LAN" in-interface-list=!LAN/system clockset time-zone-name=America/New_York/system noteset show-at-login=no/system routerboard settingsset enter-setup-on=delete-key/tool mac-serverset allowed-interface-list=LAN/tool mac-server mac-winboxset allowed-interface-list=LAN
Statistics: Posted by 0xAA55 — Thu Mar 28, 2024 8:12 pm
Statistics: Posted by mkx — Thu Mar 28, 2024 8:02 pm
/interface/wifi/security/set sec1 ft-over-ds=no ft-preserve-vlanid=no ft=no
Statistics: Posted by sinisa — Thu Mar 28, 2024 7:58 pm
Statistics: Posted by matbcvo — Thu Mar 28, 2024 7:44 pm
Statistics: Posted by petardo — Thu Mar 28, 2024 7:42 pm
Statistics: Posted by patrikg — Thu Mar 28, 2024 7:26 pm
Statistics: Posted by iustin — Thu Mar 28, 2024 7:25 pm
Statistics: Posted by mkx — Thu Mar 28, 2024 7:23 pm
Statistics: Posted by anav — Thu Mar 28, 2024 7:17 pm
Statistics: Posted by mkx — Thu Mar 28, 2024 7:14 pm
Statistics: Posted by Michiganbroadband — Thu Mar 28, 2024 7:11 pm
Statistics: Posted by Michiganbroadband — Thu Mar 28, 2024 7:08 pm
Statistics: Posted by mkx — Thu Mar 28, 2024 7:07 pm
Statistics: Posted by Michiganbroadband — Thu Mar 28, 2024 7:04 pm
Statistics: Posted by petardo — Thu Mar 28, 2024 6:55 pm
Statistics: Posted by ganymede — Thu Mar 28, 2024 6:51 pm
Statistics: Posted by rarlup — Thu Mar 28, 2024 6:49 pm
Statistics: Posted by menyarito — Thu Mar 28, 2024 6:41 pm
# 2024-03-28 17:10:04 by RouterOS 7.14.2# software id = 0P78-XXXX## model = RB3011UiAS# serial number = xxx/interface bridgeadd admin-mac=E4:8D:8C:0A:41:B0 auto-mac=no comment=defconf name=bridge/interface pppoe-clientadd add-default-route=yes disabled=no interface=ether1 name=pppoe-out1 use-peer-dns=yes user=xxxxx@t-online.de/interface listadd comment=defconf name=WANadd comment=defconf name=LAN/interface wireless security-profilesset [ find default=yes ] supplicant-identity=MikroTik/ip pooladd name=dhcp ranges=10.21.21.90-10.21.21.199/ip dhcp-serveradd address-pool=dhcp interface=bridge lease-time=10m name=defconf/portset 0 name=serial0/zerotierset zt1 comment="ZeroTier Central controller - https://my.zerotier.com/" disabled=yes disabled=yes name=zt1 port=9993/interface bridge portadd bridge=bridge comment=defconf interface=ether2add bridge=bridge comment=defconf interface=ether3add bridge=bridge comment=defconf interface=ether4add bridge=bridge comment=defconf interface=ether5add bridge=bridge comment=defconf interface=ether6add bridge=bridge comment=defconf interface=ether7add bridge=bridge comment=defconf interface=ether8add bridge=bridge comment=defconf interface=ether9add bridge=bridge comment=defconf interface=ether10add bridge=bridge comment=defconf interface=sfp1/ip firewall connection trackingset udp-timeout=10s/ip neighbor discovery-settingsset discover-interface-list=LAN/interface list memberadd comment=defconf interface=bridge list=LANadd comment=defconf interface=ether1 list=WANadd interface=pppoe-out1 list=WAN/ip addressadd address=10.21.21.254/24 comment=defconf interface=bridge network=10.21.21.0/ip dhcp-clientadd comment=defconf disabled=yes interface=ether1/ip dhcp-server networkadd address=10.21.21.0/24 comment=defconf dns-server=10.21.21.254 gateway=10.21.21.254 netmask=24/ip dnsset allow-remote-requests=yes/ip dns staticadd address=10.21.21.254 comment=defconf name=router.lan/ip firewall filteradd action=accept chain=input comment="defconf: accept established,related,untracked" connection-state=established,related,untrackedadd action=drop chain=input comment="defconf: drop invalid" connection-state=invalidadd action=accept chain=input comment="defconf: accept ICMP" protocol=icmpadd action=accept chain=input comment="defconf: accept to local loopback (for CAPsMAN)" dst-address=127.0.0.1add action=drop chain=input comment="defconf: drop all not coming from LAN" in-interface-list=!LANadd action=accept chain=forward comment="defconf: accept in ipsec policy" ipsec-policy=in,ipsecadd action=accept chain=forward comment="defconf: accept out ipsec policy" ipsec-policy=out,ipsecadd action=fasttrack-connection chain=forward comment="defconf: fasttrack" connection-state=established,related hw-offload=yesadd action=accept chain=forward comment="defconf: accept established,related, untracked" connection-state=established,related,untrackedadd action=drop chain=forward comment="defconf: drop invalid" connection-state=invalidadd action=drop chain=forward comment="defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat connection-state=new in-interface-list=WAN/ip firewall natadd action=masquerade chain=srcnat comment="defconf: masquerade" ipsec-policy=out,none out-interface-list=WANadd action=dst-nat chain=dstnat comment=submission dst-port=587 in-interface-list=WAN protocol=tcp to-addresses=10.21.21.244 to-ports=587add action=dst-nat chain=dstnat comment=smtp dst-port=25 in-interface-list=WAN protocol=tcp to-addresses=10.21.21.244 to-ports=25add action=dst-nat chain=dstnat comment=imaps dst-port=993 in-interface-list=WAN protocol=tcp to-addresses=10.21.21.244 to-ports=993add action=masquerade chain=srcnat comment="hairpin : mikrotik youtube" dst-address=10.21.21.244 log=yes log-prefix=HAIRPIN: out-interface=bridge protocol=tcp src-address=10.21.21.0/24/ipv6 firewall address-listadd address=::1/128 comment="defconf: lo" list=bad_ipv6add address=fec0::/10 comment="defconf: site-local" list=bad_ipv6add address=::ffff:0.0.0.0/96 comment="defconf: ipv4-mapped" list=bad_ipv6add address=::/96 comment="defconf: ipv4 compat" list=bad_ipv6add address=100::/64 comment="defconf: discard only " list=bad_ipv6add address=2001:db8::/32 comment="defconf: documentation" list=bad_ipv6add address=2001:10::/28 comment="defconf: ORCHID" list=bad_ipv6add address=3ffe::/16 comment="defconf: 6bone" list=bad_ipv6/ipv6 firewall filteradd action=accept chain=input comment="defconf: accept established,related,untracked" connection-state=established,related,untrackedadd action=drop chain=input comment="defconf: drop invalid" connection-state=invalidadd action=accept chain=input comment="defconf: accept ICMPv6" protocol=icmpv6add action=accept chain=input comment="defconf: accept UDP traceroute" dst-port=33434-33534 protocol=udpadd action=accept chain=input comment="defconf: accept DHCPv6-Client prefix delegation." dst-port=546 protocol=udp src-address=fe80::/10add action=accept chain=input comment="defconf: accept IKE" dst-port=500,4500 protocol=udpadd action=accept chain=input comment="defconf: accept ipsec AH" protocol=ipsec-ahadd action=accept chain=input comment="defconf: accept ipsec ESP" protocol=ipsec-espadd action=accept chain=input comment="defconf: accept all that matches ipsec policy" ipsec-policy=in,ipsecadd action=drop chain=input comment="defconf: drop everything else not coming from LAN" in-interface-list=!LANadd action=accept chain=forward comment="defconf: accept established,related,untracked" connection-state=established,related,untrackedadd action=drop chain=forward comment="defconf: drop invalid" connection-state=invalidadd action=drop chain=forward comment="defconf: drop packets with bad src ipv6" src-address-list=bad_ipv6add action=drop chain=forward comment="defconf: drop packets with bad dst ipv6" dst-address-list=bad_ipv6add action=drop chain=forward comment="defconf: rfc4890 drop hop-limit=1" hop-limit=equal:1 protocol=icmpv6add action=accept chain=forward comment="defconf: accept ICMPv6" protocol=icmpv6add action=accept chain=forward comment="defconf: accept HIP" protocol=139add action=accept chain=forward comment="defconf: accept IKE" dst-port=500,4500 protocol=udpadd action=accept chain=forward comment="defconf: accept ipsec AH" protocol=ipsec-ahadd action=accept chain=forward comment="defconf: accept ipsec ESP" protocol=ipsec-espadd action=accept chain=forward comment="defconf: accept all that matches ipsec policy" ipsec-policy=in,ipsecadd action=drop chain=forward comment="defconf: drop everything else not coming from LAN" in-interface-list=!LAN/system clockset time-zone-name=Europe/Berlin/system identityset name=RB3011/system noteset show-at-login=no/system package updateset channel=testing/system routerboard settingsset auto-upgrade=yes silent-boot=yes/tool mac-serverset allowed-interface-list=LAN/tool mac-server mac-winboxset allowed-interface-list=LAN
Statistics: Posted by tesme33 — Thu Mar 28, 2024 6:21 pm
Statistics: Posted by Michiganbroadband — Thu Mar 28, 2024 6:01 pm
Statistics: Posted by infabo — Thu Mar 28, 2024 5:54 pm
/ip/firewall/filter/add in-interface=management action=accept place-before=1
/ip/firewall/filter/add action=accept chain=input comment="Allow to management" in-interface=ether15
Statistics: Posted by jordanp123 — Thu Mar 28, 2024 5:52 pm
Statistics: Posted by Michiganbroadband — Thu Mar 28, 2024 5:50 pm
Columns: NAME, VERSION, BUILD-TIME, SIZE# NAME VERSION BUILD-TIME SIZE 0 routeros 7.15beta8 2024-03-21 07:12:27 12.2MiB
Columns: NAME, VERSION, BUILD-TIME, SIZE# NAME VERSION BUILD-TIME SIZE 0 wifi-qcom-ac 7.15beta8 2024-03-21 07:12:27 2920.1KiB1 routeros 7.15beta8 2024-03-21 07:12:27 11.5MiB
/interface wifi export
# 2024-03-28 16:37:39 by RouterOS 7.15beta8# software id = GI7S-LL99## model = RB5009UPr+S+# serial number = HFF***/interface wifiadd configuration.mode=ap name="Bedroom - Wireless Backhaul 5GHz" radio-mac=18:FD:...add configuration.mode=ap name="Living Room - Wireless Backhaul 5GHz" radio-mac=18:FD:.../interface wifi channeladd band=2ghz-n disabled=no frequency=2300-7300 name="Network 2GHz" width=20mhzadd band=5ghz-ac disabled=no frequency=2300-7300 name="Network 5GHz" width=20/40mhz-Ce/interface wifi datapathadd bridge=bridge_lan disabled=no name="WiFi Path"/interface wifi securityadd authentication-types=wpa2-psk,wpa3-psk disabled=no group-encryption=ccmp name="Network Security"/interface wifi configurationadd channel="Network 2GHz" country=Spain datapath="WiFi Path" disabled=no name="Network 2GHz" security=\ "Network Security" ssid=Network2add channel="Network 5GHz" country=Spain datapath="WiFi Path" disabled=no name="Network 5GHz" security=\ "Network Security" ssid=Network5/interface wifiadd configuration="Network 2GHz" configuration.mode=ap disabled=no name="Bedroom - 2GHz" radio-mac=\ 18:FD:...add configuration="Network 5GHz" configuration.mode=ap disabled=no name="Bedroom - 5GHz" radio-mac=\ 18:FD:...add configuration="Network 2GHz" configuration.mode=ap disabled=no name="Living Room - 2GHz" radio-mac=\ 18:FD:...add configuration="Network 5GHz" configuration.mode=ap disabled=no name="Living Room - 5GHz" radio-mac=\ 18:FD:.../interface wifi capsmanset ca-certificate=auto certificate=auto enabled=yes interfaces=bridge_lan package-path="" \ require-peer-certificate=no upgrade-policy=none
/interface wifi export
# 2024-03-28 16:41:27 by RouterOS 7.15beta8# software id = BVUP-2TEH## model = RBD25G-5HPacQD2HPnD# serial number = HCZ***/interface wifi# managed by CAPsMAN# mode: AP, SSID: Network2, channel: 2427/nset [ find default-name=wifi1 ] configuration.manager=capsman datapath=capdp \ disabled=no# managed by CAPsMANset [ find default-name=wifi2 ] configuration.manager=capsman datapath=capdp# managed by CAPsMAN# mode: AP, SSID: Network5, channel: 5660/ac/Ceset [ find default-name=wifi3 ] configuration.manager=capsman datapath=capdp \ disabled=no/interface wifi capset discovery-interfaces=bridgeLocal enabled=yes slaves-datapath=capdp/interface wifi datapathadd bridge=bridgeLocal comment=defconf disabled=no name=capdp
Statistics: Posted by synchro — Thu Mar 28, 2024 5:43 pm
Hey! I did connected this modem to my RBM33G via USB port
To be fair, i have to make it clear that I don’t own the CAT18 LHGG but the CAT6 so i could use some upgrade here.
It seems odd that the T99W175 wouldn’t work as the DW5821e is listed on the supported modems and it’s very similar to the one I am talking about.
I don’t mind about the 2 more antennas it needs to work, it’s an easy modification for me.
However if you’re 100% sure this modem doesn’t support the usb protocol I won’t event try it. I’ve seen some sellers listing it as supported by MBIM via USB. So I don’t know what to believe anymore.
Statistics: Posted by xristostsilis — Thu Mar 28, 2024 5:41 pm
Statistics: Posted by anav — Thu Mar 28, 2024 5:40 pm
Statistics: Posted by thomassocz — Thu Mar 28, 2024 5:34 pm
Statistics: Posted by gigabyte091 — Thu Mar 28, 2024 5:29 pm
Statistics: Posted by spookymulder84 — Thu Mar 28, 2024 5:28 pm
Statistics: Posted by loloski — Thu Mar 28, 2024 5:24 pm
#notfixed - it's getting ridiculous..
Statistics: Posted by Archous — Thu Mar 28, 2024 5:08 pm
# 2024-03-28 15:45:29 by RouterOS 7.14.1# model = RB5009UG+S+/interface bridgeadd admin-mac=78:9A:18:C3:18:7F auto-mac=no name=bridge1 vlan-filtering=yes/interface wifiadd name=cap-wifi1 radio-mac=78:9A:18:CE:19:FFadd name=cap-wifi2 radio-mac=78:9A:18:CE:1A:00/interface vlanadd interface=bridge1 name=vlan10 vlan-id=10add interface=bridge1 name=vlan20 vlan-id=20add interface=bridge1 name=vlan30 vlan-id=30add interface=bridge1 name=vlan40 vlan-id=40/interface listadd name=LANadd name=WAN/ip pooladd name=pool10 ranges=10.50.10.200-10.50.10.210add name=pool20 ranges=10.50.20.100-10.50.20.200add name=pool30 ranges=10.50.30.100-10.50.30.200add name=pool40 ranges=10.50.40.100-10.50.40.200/ip dhcp-serveradd address-pool=pool10 interface=vlan10 name=server10add address-pool=pool20 interface=vlan20 name=server20add address-pool=pool30 interface=vlan30 name=server30add address-pool=pool40 interface=vlan40 name=server40/interface bridge portadd bridge=bridge1 frame-types=admit-only-vlan-tagged interface=ether3add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=ether4add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=ether5add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=ether6add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=ether7add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=ether8/ipv6 settingsset disable-ipv6=yes/interface bridge vlanadd bridge=bridge1 tagged=bridge1,ether3,ether4,ether5,ether6,ether7,ether8 \ vlan-ids=10add bridge=bridge1 tagged=bridge1,ether3,ether4,ether5,ether6,ether7,ether8 \ vlan-ids=20add bridge=bridge1 tagged=bridge1,ether3,ether4,ether5,ether6,ether7,ether8 \ vlan-ids=30add bridge=bridge1 tagged=bridge1,ether3,ether4,ether5,ether6,ether7,ether8 \ vlan-ids=40/interface list memberadd interface=ether1 list=WANadd interface=vlan10 list=LANadd interface=vlan20 list=LANadd interface=vlan30 list=LANadd interface=vlan40 list=LAN/interface wifi capsmanset enabled=yes interfaces=vlan10 package-path="" require-peer-certificate=no \ upgrade-policy=none/ip addressadd address=10.50.10.1/24 interface=vlan10 network=10.50.10.0add address=10.50.20.1/24 interface=vlan20 network=10.50.20.0add address=10.50.30.1/24 interface=vlan30 network=10.50.30.0add address=10.50.40.1/24 interface=vlan40 network=10.50.40.0/ip dhcp-clientadd interface=ether1 use-peer-dns=no use-peer-ntp=no/ip dhcp-server networkadd address=10.50.10.0/24 dns-server=1.1.1.1 gateway=10.50.10.1 ntp-server=\ 10.50.10.1add address=10.50.20.0/24 dns-server=1.1.1.1 gateway=10.50.20.1 ntp-server=\ 10.50.20.1add address=10.50.30.0/24 dns-server=1.1.1.1 gateway=10.50.30.1 ntp-server=\ 10.50.30.1add address=10.50.40.0/24 dns-server=1.1.1.1 gateway=10.50.40.1 ntp-server=\ 10.50.40.1/ip dnsset servers=1.1.1.1/ip firewall filteradd action=accept chain=inputadd action=accept chain=forward/ip firewall natadd action=masquerade chain=srcnat out-interface-list=WAN/system clockset time-zone-name=Europe/Prague/system identityset name=router/system noteset show-at-login=no/system ntp clientset enabled=yes/system ntp serverset enabled=yes/system ntp client serversadd address=cz.pool.ntp.org/tool romonset enabled=yes
# 2024-03-28 15:45:52 by RouterOS 7.14.1# model = cAPGi-5HaxD2HaxD/interface bridgeadd admin-mac=78:9A:18:CE:19:FD auto-mac=no name=bridge1 vlan-filtering=yes/interface wifi# managed by CAPsMANset [ find default-name=wifi1 ] configuration.manager=capsman .mode=ap \ datapath.bridge=bridge1 disabled=no# managed by CAPsMANset [ find default-name=wifi2 ] configuration.manager=capsman .mode=ap \ datapath.bridge=bridge1 disabled=no/interface vlanadd interface=bridge1 name=vlan10 vlan-id=10/interface bridge portadd bridge=bridge1 frame-types=admit-only-vlan-tagged interface=ether1add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged \ interface=ether2 pvid=10/interface bridge vlanadd bridge=bridge1 tagged=bridge1,ether1 untagged=ether2 vlan-ids=10add bridge=bridge1 tagged=bridge1,ether1 vlan-ids=20add bridge=bridge1 tagged=bridge1,ether1 vlan-ids=30add bridge=bridge1 tagged=bridge1,ether1 vlan-ids=40/interface wifi capset certificate=request discovery-interfaces=vlan10 enabled=yes/ip addressadd address=10.50.10.51/24 interface=vlan10 network=10.50.10.0/ip dnsset servers=1.1.1.1/ip firewall filteradd action=accept chain=inputadd action=accept chain=forward/ip routeadd disabled=no dst-address=0.0.0.0/0 gateway=10.50.10.1 routing-table=main \ suppress-hw-offload=no/system clockset time-zone-name=Europe/Prague/system identityset name=cAP-ax-1/system noteset show-at-login=no/system ntp clientset enabled=yes/system ntp client serversadd address=cz.pool.ntp.org/tool romonset enabled=yes
Statistics: Posted by neki — Thu Mar 28, 2024 5:07 pm
/ip/firewall/filter/add in-interface=management action=accept place-before=1
/ip/firewall/filter/add action=accept chain=input comment="Allow to management" in-interface=ether15
Statistics: Posted by Archous — Thu Mar 28, 2024 5:06 pm
Third times the charm? Or is it? :|What's new in 7.14.2 (2024-Mar-27 09:48):
*) defconf - do not override default DHCP server lease time;
*) defconf - fixed 5ghz-ax channel width for L11, L22 devices;
*) ethernet - fixed interface disable for CRS326-4C+20G+2Q;
*) ethernet - improved port speed downshift functionality for CRS326-4C+20G+2Q;
*) leds - fixed LEDs for L22 device;
*) lte - fixed firmware upgrade not found issue for Chateau LTE12 (introduced in v7.14.1);
*) ssh - require "policy" user policy when adding public key;
*) timezone - updated timezone information from "tzdata2024a" release;
*) traffic-flow - improved system stability;
*) vrf - fixed VRF interfaces being moved to main table after reboot (introduced in v7.14);
*) wifi-qcom - added configuration.distance setting to enable operation over multi-kilometer distances (CLI only);
[jmoore@arch-homerville-pop-487-holly-oob-r1] > /tool/sniffer/quick interface=ether15 port=22Columns: INTERFACE, TIME, NUM, DIR, SRC-MAC, DST-MAC, SRC-ADDRESS, DST-ADDRESS, PROTOCOL, SIZE, CPUINTERFACE TIME NUM DIR SRC-MAC DST-MAC SRC-ADDRESS DST-ADDRESS PROTOCOL SIZE CPUether15 3.8 1 <- 00:0C:29:29:D7:66 DC:2C:6E:8A:96:E5 172.16.30.254:35375 172.16.30.199:22 (ssh) ip:tcp 66 1ether15 4.791 2 <- 00:0C:29:29:D7:66 DC:2C:6E:8A:96:E5 172.16.30.254:35375 172.16.30.199:22 (ssh) ip:tcp 66 1ether15 6.799 3 <- 00:0C:29:29:D7:66 DC:2C:6E:8A:96:E5 172.16.30.254:35375 172.16.30.199:22 (ssh) ip:tcp 66 1[jmoore@arch-homerville-pop-487-holly-oob-r1] > /ip/service/printFlags: X - DISABLED, I - INVALIDColumns: NAME, PORT, CERTIFICATE, VRF# NAME PORT CERTIFICATE VRF0 X telnet 23 management1 X ftp 212 www 80 management3 ssh 22 management4 X www-ssl 443 none main5 X api 8728 main6 X winbox 8291 main7 X api-ssl 8729 none main[jmoore@arch-homerville-pop-487-holly-oob-r1] > /ip/vrf/printFlags: X - disabled; * - builtin 0 name="management" interfaces=ether15,wireguard1 1 * name="main" interfaces=all[jmoore@arch-homerville-pop-487-holly-oob-r1] > /ip/firewall/filter/printFlags: X - disabled, I - invalid; D - dynamic 0 ;;; Allow VPN chain=input action=accept in-interface=wireguard1 log=no log-prefix="" 1 ;;; Allow VPN chain=forward action=accept in-interface=wireguard1 log=no log-prefix="" 2 ;;; Allow BGP chain=input action=accept protocol=tcp dst-port=179 log=no log-prefix="" 3 ;;; Allow Established/Related chain=input action=accept connection-state=established,related,untracked log=no log-prefix="" 4 ;;; Allow Wireguard chain=input action=accept protocol=udp in-interface-list=WAN dst-port=13231 5 ;;; Allow ICMP to WANs chain=input action=accept protocol=icmp log=no log-prefix="" 6 ;;; Allow to management chain=input action=accept in-interface=ether15 log=no log-prefix="" 7 chain=input action=drop[jmoore@arch-homerville-pop-487-holly-oob-r1] > /system/routerboard/print routerboard: yes model: CCR2004-16G-2S+ serial-number: HBJ07H8VK5V firmware-type: al64 factory-firmware: 7.0.4 current-firmware: 7.14.2 upgrade-firmware: 7.14.2[jmoore@arch-homerville-pop-487-holly-oob-r1] >
Statistics: Posted by Archous — Thu Mar 28, 2024 4:59 pm