Community discussions

Search found 252 matches

by sid5632
Fri Sep 21, 2018 3:20 am
Forum: Wireless Networking
Topic: Connect your MikroTik to regular WiFi, simply
Replies: 3
Views: 178

Re: Connect your MikroTik to regular WiFi, simply

You shouldn't have dhcp-client on wlan1 when wlan1 is a bridge port. This is a bit of a leftover from official guide. However, since wlan1 is in bridge, would it matter? It works either way... Yes it does matter and no it doesn't work. It complains about not creating on slave ports if you try it in...
by sid5632
Thu Sep 20, 2018 11:36 pm
Forum: Announcements
Topic: v6.43.1 [stable] and v6.43.2 [stable] is released!
Replies: 106
Views: 10309

Re: v6.43.1 [stable] and v6.43.2 [stable] is released!

At time of writing, these would seem to fit: Legacy: 5.26 Long-term/bugfix: 6.40.9 Stable: 6.42.7 Current: 6.43.2 Testing: 6.44beta9 Development: Who knows Winbox still seems to have the old 4 categories though (bugfix, current, testing, development) - but I've never seen anything in 'development' s...
by sid5632
Thu Sep 20, 2018 5:37 pm
Forum: Announcements
Topic: v6.43.1 [stable] and v6.43.2 [stable] is released!
Replies: 106
Views: 10309

Re: v6.43.1 [stable] and v6.43.2 [stable] is released!

Three "stable" releases in just over a week seems to be rather a contradiction in terms to me.
Perhaps "current" really was the correct name.
by sid5632
Thu Sep 20, 2018 5:30 pm
Forum: General
Topic: After upgrade firmware 6.40.5, Can't change admin's group to full
Replies: 6
Views: 335

Re: After upgrade firmware 6.40.5, Can't change admin's group to full

What's the point of being unpleasant? You're paranoid. It was a perfectly reasonable question for the reasons I stated. It wasn't "unpleasant". Why do you care? I don't. But I do see someone who is cruising around the forum looking for virtually irrelevant things to answer. I expect you're trying t...
by sid5632
Thu Sep 20, 2018 12:02 pm
Forum: Wireless Networking
Topic: Connect your MikroTik to regular WiFi, simply
Replies: 3
Views: 178

Re: Connect your MikroTik to regular WiFi, simply

You shouldn't have dhcp-client on wlan1 when wlan1 is a bridge port.
It's good to see that useless firewall NAT rule is disabled. So why include it?
by sid5632
Thu Sep 20, 2018 11:51 am
Forum: RouterBOARD hardware
Topic: Status LED's on CRS326-24G-2S+RM?
Replies: 3
Views: 189

Re: Status LED's on CRS326-24G-2S+RM?

On the CRS125-24G the port numbers light up. I expect the 326 is the same.
by sid5632
Thu Sep 20, 2018 11:44 am
Forum: The Dude
Topic: The Dude 6.40.8 - db failure: database disk image is malformed
Replies: 10
Views: 401

Re: The Dude 6.40.8 - db failure: database disk image is malformed

Have you got enough storage space for the database?
When this happens to me, it usually means I've forgotten to increase the disk space on the CHR VM.
by sid5632
Wed Sep 19, 2018 8:54 pm
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 224
Views: 24756

Re: Winbox vulnerability: please upgrade

I don't think he meant Mikrotik but the likes of Microsoft and their stupid forced updates.
It is indeed Micro$oft I meant.
by sid5632
Wed Sep 19, 2018 8:28 pm
Forum: General
Topic: After upgrade firmware 6.40.5, Can't change admin's group to full
Replies: 6
Views: 335

Re: After upgrade firmware 6.40.5, Can't change admin's group to full

What's the point in responding to this 7 month old post?
Especially as a lot of water how flowed under various RouterOS bridges since then.
by sid5632
Tue Sep 18, 2018 8:29 pm
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 224
Views: 24756

Re: Winbox vulnerability: please upgrade

Automatic upgrade should be the default
No, it should not.
and is quickly becoming best practice.
Only if you're using the Micro$oft definition of 'best', which really means worst.
Upgrading in a controlled manner is best practice, not when some bone-head elsewhere in the world dictates.
by sid5632
Tue Sep 18, 2018 8:08 pm
Forum: General
Topic: CHR x86 ethernet interfaces random names
Replies: 6
Views: 343

Re: CHR x86 ethernet interfaces random names

Running which version?
There's something about this in 6.44beta.
by sid5632
Mon Sep 17, 2018 12:32 pm
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 224
Views: 24756

Re: Winbox vulnerability: please upgrade

It isn't MikroTik's job to update your router for you, it is only their job to make you able to update it easily and quickly. Sorry to disagree but you'r wrong, It is MIKROTIK job to update our router's software No, it you who is WRONG. Now why don't you toddle off to Microsoft and get a copy of Wi...
by sid5632
Sun Sep 16, 2018 7:50 pm
Forum: The Dude
Topic: Dude 6.41.2 lost SNMP interfaces
Replies: 8
Views: 612

Re: Dude 6.41.2 lost SNMP interfaces

This is just a coincidence of stopping and restarting the server, which is what really fixes it.
Vacuuming the database has no effect in itself.
by sid5632
Sat Sep 15, 2018 7:56 pm
Forum: General
Topic: Router got hacked please help
Replies: 5
Views: 328

Re: Router got hacked please help

And fix the firewall.
by sid5632
Sat Sep 15, 2018 3:14 pm
Forum: General
Topic: MikroTik WISP Design – An overview of adding IPv6 to your WISP
Replies: 2
Views: 146

Re: MikroTik WISP Design – An overview of adding IPv6 to your WISP

You've written OPSF rather than OSPF in several places!
by sid5632
Thu Sep 13, 2018 2:20 pm
Forum: General
Topic: Winbox via wine on Ubuntu 18.04
Replies: 5
Views: 305

Re: Winbox via wine on Ubuntu 18.04

Discovering CHR via Winbox is very hit and miss. My CHR sometimes comes up if I refresh neighbours about 4 times and leave it for 5 mins. I wouldn't pin "all" of the blame on Winbox/WINE combo at this point.
See also viewtopic.php?f=15&t=130551
by sid5632
Wed Sep 12, 2018 1:37 am
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 224
Views: 24756

Re: Winbox vulnerability: please upgrade

Yeah, that configuration is not secure. Wide open to the internet and attackers. Yes. And this is fine. Everyone has his own vision of comfort and safety. You got hacked and started asking questions. Then when someone gives you a sensible answer and tells you where you went wrong, you disagree with...
by sid5632
Thu Sep 06, 2018 5:35 pm
Forum: General
Topic: Configuring firewall for use as NTP server
Replies: 2
Views: 146

Re: Configuring firewall for use as NTP server

Assuming a /24 subnet (why do people asking these sort of questions never state important stuff like this?): 1. Use of source and broadcast addresses of 192.168.1.0 is completely invalid 2. There is no forwarding going on as it's on the same subnet 3. Access from the LAN subnet to the router is open...
by sid5632
Thu Sep 06, 2018 4:49 pm
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 224
Views: 24756

Re: Winbox vulnerability: please upgrade

unless they have a time machine (and you guys don't, right?).
We are working on it.
Yeah, but when will it be released?
1985?
by sid5632
Thu Sep 06, 2018 4:44 pm
Forum: Scripting
Topic: Mikrotik synthesizer/piano programs
Replies: 12
Views: 778

Re: Mikrotik synthesizer/piano programs

SSH.DLL and LIBEAY32.DLL both depend on MSVCR120.DLL
ZLIB1.DLL depends on both VCRUNTIME140D.DLL and UCRTBASED.DLL

Fixing the .EXE doesn't fix the .DLLs
by sid5632
Thu Sep 06, 2018 4:28 pm
Forum: Beginner Basics
Topic: Block emails from IP to a domain
Replies: 4
Views: 180

Re: Block emails from IP to a domain

Block everything from his IP. Then he'll soon be an ex-customer and problem solved.
by sid5632
Wed Sep 05, 2018 9:31 pm
Forum: Beginner Basics
Topic: How to bridge 2 bridges ?
Replies: 8
Views: 499

Re: How to bridge 2 bridges ?

Don't create bridge2. Put everything on bridge1. The VLAN setup should be all you need to segregate traffic at L2.
Don't use VLAN filtering on the bridge. VLANs have to be done on the switch chips on the 2011.
If you want segregation at L3 then use firewall rules.
by sid5632
Tue Sep 04, 2018 3:06 am
Forum: General
Topic: Could anyone help me to configure Untagged VLAN with Trunk?
Replies: 14
Views: 670

Re: Could anyone help me to configure Untagged VLAN with Trunk?

Is that the output of "/export hide-sensitive" then?
No, it isn't.
Can you not read? Or do think you know better? In which case why are you asking for help?
by sid5632
Sun Sep 02, 2018 2:40 pm
Forum: Virtualization
Topic: /ip cloud on CHR [SOLVED]
Replies: 1
Views: 130

Re: /ip cloud on CHR [SOLVED]

This was reported here, but no action seems to have been taken:
IP->Cloud has disappeared from menu in WebFig and WinBox.
It's unclear if it's deliberate or not.
It works from the CLI, but you need a later release of 6.43rc - it's not in 6.42.7
by sid5632
Thu Aug 30, 2018 3:55 pm
Forum: Beginner Basics
Topic: RB3011UiAS Password was changed?
Replies: 10
Views: 345

Re: RB3011UiAS Password was changed?

Yes :(
No. Or "not necessarily" anyway.
by sid5632
Thu Aug 30, 2018 3:53 pm
Forum: Beginner Basics
Topic: RB3011UiAS Password was changed?
Replies: 10
Views: 345

Re: RB3011UiAS Password was changed?

Go on then, amuse us by specifying what RouterOS release you are running.
And then go and upgrade it to something secure. And set your firewall properly.

It's almost certainly the standard Winbox vulnerability which you can easily find on the forum.
by sid5632
Thu Aug 30, 2018 3:49 pm
Forum: Scripting
Topic: e-mail /export script not working since upgrade to 6.40.8
Replies: 4
Views: 158

Re: e-mail /export script not working since upgrade to 6.40.8

Is this change maybe reverted in a later version?
Apparently not. It's still the same on 6.43rc56

The best thing is not to use a comma in the file name in the first place. Use a '-' or a '_' character, or similar.
by sid5632
Thu Aug 30, 2018 3:38 pm
Forum: Scripting
Topic: e-mail /export script not working since upgrade to 6.40.8
Replies: 4
Views: 158

Re: e-mail /export script not working since upgrade to 6.40.8

Try:
file="\"Customer-Lastname,Firstname.rsc\""
on the "/tool e-mail" command.
by sid5632
Thu Aug 30, 2018 3:11 pm
Forum: General
Topic: New wave of Winbox vuln. attacks
Replies: 20
Views: 2513

Re: New wave of Winbox vuln. attacks

Should untracked also be removed as it appears not to be part of defconf as well?
No. Untracked is part of defconf. Read the comment!
by sid5632
Thu Aug 30, 2018 10:10 am
Forum: General
Topic: New wave of Winbox vuln. attacks
Replies: 20
Views: 2513

Re: New wave of Winbox vuln. attacks

Why have you got "new" in this:
add action=accept chain=input comment=\
    "defconf: accept established,related,untracked" connection-state=\
    established,related,new,untracked
It certainly wasn't put there by "defconf" so you must have done it. Take it out!
by sid5632
Sun Aug 05, 2018 3:06 pm
Forum: Scripting
Topic: RouterOS SNMP Get
Replies: 5
Views: 321

Re: RouterOS SNMP Get

This doesn't work... [admin@MikroTik] > :global x [admin@MikroTik] > env pr x=[:nothing] [admin@MikroTik] > :set x [/tool snmp-get address=192.168.0.1 oid=1.3.6.1.4.1.14988.1.1.11.1.1.4.3] OID TYPE VALUE 1.3.6.1.4.1.14988.1.1.11.1.1.4.3 octet-string 6.42.6 (stable) [admin@MikroTik] > env pr x=[]
by sid5632
Sun Aug 05, 2018 1:00 am
Forum: RouterBOARD hardware
Topic: Bricked RB750
Replies: 8
Views: 401

Re: Bricked RB750

I tried updating a 750 from 4.x and got as far as something like 5.08
Attempts to upgrade further to 6.3x just gave me a boot loop.
Netinstall worked for me and the thing is now happily on 6.42.x
by sid5632
Fri Aug 03, 2018 1:04 am
Forum: General
Topic: How to display full time in the winbox log
Replies: 14
Views: 576

Re: How to display full time in the winbox log

You're Warned.
How rude of you to threaten me. And who are you anyway?
by sid5632
Thu Aug 02, 2018 3:29 pm
Forum: General
Topic: Mikrotik in the news..bad news
Replies: 57
Views: 3299

Re: Mikrotik in the news..bad news

I'm not really sure what Mikrotik can do about the kit out there that still isn't patched. These routers probably haven't been logged into at all for years.
If hackers can login and change the config. then all anybody else needs to do is login and update the software. Job done. Simple.
by sid5632
Thu Aug 02, 2018 1:46 pm
Forum: General
Topic: How to display full time in the winbox log
Replies: 14
Views: 576

Re: How to display full time in the winbox log

For me it looks correctly. It may be that you have increased your system fonts.
Who cares?
The point is that it should work correctly regardless of the system font. And why isn't it resizeable, like everything else?
by sid5632
Thu Aug 02, 2018 12:40 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 107
Views: 5987

Re: Blacklist Filter (Development Topic)

Use \?

The script in post #9 was wrong.
by sid5632
Tue Jul 31, 2018 8:26 pm
Forum: General
Topic: join two subnets [SOLVED]
Replies: 10
Views: 499

Re: join two subnets [SOLVED]

Can't really be bothered to argue, but... mkx even put "see" in quotes, just like that, because he knew it was meaningless too, like me. The original poster has, of course, not bothered to reply, so who knows whether he's even read any of this thread after posting the meaningless drivel that was his...
by sid5632
Mon Jul 23, 2018 10:03 pm
Forum: Beginner Basics
Topic: Script to reduce Wi-Fi transmitter power on schedule/at night
Replies: 34
Views: 1393

Re: Script to reduce Wi-Fi transmitter power on schedule/at night

even setting a powervalue that is already selected, triggers a disconnect/reconnect. This is not nice....
This whole business is completely and utterly STUPID. STOP doing it. Then all the 'not nice' things go away as well.
by sid5632
Fri Jul 20, 2018 11:01 am
Forum: Forwarding Protocols
Topic: MPLS TE Bug?
Replies: 10
Views: 485

Re: MPLS TE Bug?

It looks like some mess with 32 bit variable.
Write to Mikrotik support.
by sid5632
Thu Jul 19, 2018 9:02 pm
Forum: Announcements
Topic: Winbox v3.16 released!
Replies: 63
Views: 9032

Re: Winbox v3.16 released!

I left a CHR with just the Dude Settings dialog open and closed Winbox.
When I re-opened it, it had the IP Settings dialog open instead.
This is perfectly repeatable across at least ROS 6.42.6 and 6.43rc44 so I conclude it's another Winbox problem.
Bizarre!
by sid5632
Thu Jul 19, 2018 11:38 am
Forum: General
Topic: Disable announcing NTP server in DHCP
Replies: 3
Views: 686

Re: Disable announcing NTP server in DHCP

This is like the DNS bug again, but in NTP.
You'd have thought they'd check both when fixing one, but it seems not.
by sid5632
Thu Jul 19, 2018 11:35 am
Forum: RouterBOARD hardware
Topic: Validate requirements for Mikrotik switch
Replies: 1
Views: 205

Re: Validate requirements for Mikrotik switch

CRS is primarily a switch, with a fairly weak CPU which means limited other capabilities i.e. routing, IPSEC etc.
It will work, but it depends how much performance you are expecting as to whether it will be adequate.
by sid5632
Tue Jul 17, 2018 3:02 am
Forum: General
Topic: SNTP Client GET returns nothing? [SOLVED]
Replies: 4
Views: 336

Re: SNTP Client GET returns nothing? [SOLVED]

What am I doing wrong?
:put [get enabled]
:put [get primary-ntp]
etc.
by sid5632
Mon Jul 16, 2018 12:25 am
Forum: Beginner Basics
Topic: Script to reduce Wi-Fi transmitter power on schedule/at night
Replies: 34
Views: 1393

Re: Script to reduce Wi-Fi transmitter power on schedule/at night

Most people go around all day with a phone in their pocket, right next to their gonads, and that doesn't seem to bother anyone.
Might be useful if it did, as there are far too many people in the world already.

You do wonder where folk get their bizarre ideas from sometimes...
by sid5632
Sat Jul 14, 2018 10:13 pm
Forum: Beginner Basics
Topic: Script to reduce Wi-Fi transmitter power on schedule/at night
Replies: 34
Views: 1393

Re: Script to reduce Wi-Fi transmitter power on schedule/at night

I want to reduce Wi-Fi transmitter power on schedule/at night because the router is located in a bed room.
What on earth for?
Does the 'excess' power keep someone awake or what?
Or maybe you think it causes cancer or something?
by sid5632
Fri Jul 13, 2018 2:36 am
Forum: General
Topic: join two subnets [SOLVED]
Replies: 10
Views: 499

Re: join two subnets [SOLVED]

What should I do to see the LAN host on LAN2 and LAN2 on the LAN? Thank you.
Define "see". It's meaningless.
by sid5632
Thu Jul 12, 2018 11:30 am
Forum: Announcements
Topic: Winbox v3.16 released!
Replies: 63
Views: 9032

Re: Winbox v3.16 released!

same... every one have this problem ?
Yep...
by sid5632
Mon Jul 09, 2018 7:20 pm
Forum: General
Topic: Privacy-oriented public blacklist?
Replies: 6
Views: 330

Re: Privacy-oriented public blacklist?

Wonder if that is IP>Cloud related then as the CHR doesn't have that functionality (yet). Interestingly, turning off all IP cloud stuff and rebooting just gives 1 packet instead of the 3 or 4 it was doing before (they're blocked in the Output chain). Turning the Update Time setting back on and doin...
by sid5632
Mon Jul 09, 2018 1:41 pm
Forum: General
Topic: Privacy-oriented public blacklist?
Replies: 6
Views: 330

Re: Privacy-oriented public blacklist?

I see outgoing UDP packets on port 15252 to 81.198.87.240 shortly after reboot on physical routers (e.g. 941 and 951).
This address maps to some telecom provider apparently in Riga.

Doesn't seem to do it on CHR.