Community discussions

MikroTik App

Search found 29 matches

by halimzhz
Sat Oct 26, 2019 10:45 pm
Forum: Beginner Basics
Topic: How to Forward the IP
Replies: 3
Views: 979

How to Forward the IP

Dear All, I'm very sorry and i'm a newbie, i dont know is this will call it Failover ? My question is let say one of my public IP behind the Mikrotik router are down and what i need is when people try to access the IP, the Mikrotik will forward the connection to specific live IP. May i know how can ...
by halimzhz
Tue Sep 17, 2019 11:28 pm
Forum: Beginner Basics
Topic: How to make SMB Share folder on USB
Replies: 1
Views: 703

Re: How to make SMB Share folder on USB

Hi,

I'm sorry, now i found at viewtopic.php?t=69175

TQ
by halimzhz
Tue Sep 17, 2019 11:14 pm
Forum: Beginner Basics
Topic: How to make SMB Share folder on USB
Replies: 1
Views: 703

How to make SMB Share folder on USB

Dear All,

Is it possible if i make SMB share folder on my USB drive instead of Mikrotik files storage ? Currently i have my usb on my CCR and label as 'usb', but i dont know how can i make a folder and share on SMB

Please help me. Thank you so much
by halimzhz
Sun Jul 21, 2019 8:49 pm
Forum: Beginner Basics
Topic: Layer 7 to Block Spammer
Replies: 0
Views: 589

Layer 7 to Block Spammer

Dear All,

Please guide me how can i block multiple syntax with Layer 7 rules, for example i need to block spammer:

With any email username and domain like *@*.icu
With multiple email address like SaveYourLife*@*

I always receive that kind of email and i need to block it.

Please help. TQ
by halimzhz
Fri Dec 21, 2018 1:52 pm
Forum: General
Topic: Two Mikrotik Disconnected
Replies: 0
Views: 345

Two Mikrotik Disconnected

Dear All, I have a problem with RouterOS, for 2 weeks its been test with diagram below and no problem: Internet --> Cisco Switch --> RouterOS (Bridge) --> 1 Server But when i migrate to: Internet --> Cisco Switch --> RouterOS (Bridge) --> CCR1016 (Bridge) -> Cisco Switch --> 20 Server I have problem...
by halimzhz
Fri Sep 21, 2018 3:37 am
Forum: General
Topic: Suricata IDS/IPS integration with Mikrotik (now with OSSEC)
Replies: 205
Views: 137194

Re: Suricata IDS/IPS integration with Mikrotik (now with OSSEC)

Dear Tomfisk I would like to ask you a favor, for your information my fast.log a look a bit different, let me show you: 09/21/2018-08:08:15.059030 [wDrop] [**] [1:207:1] Suricata Rules [**] [Classification: (null)] [Priority: 1] {TCP} xxx.xxx.xxx.xxx:36610 -> nnn.nnn.nnn.nnn:993 For your information...
by halimzhz
Thu Sep 20, 2018 11:53 pm
Forum: Beginner Basics
Topic: Downgrade Possiblities
Replies: 1
Views: 532

Downgrade Possiblities

Dear All,

Due to unexpected reason, i have to downgrade my device Mikrotik CCR1012 to CCR1009, so is it possible if i simply restore from the backup file belong to CCR1012 to CCR1009 ?

Please advice. Thank you so much
by halimzhz
Wed Sep 19, 2018 5:51 pm
Forum: General
Topic: Suricata IDS/IPS integration with Mikrotik (now with OSSEC)
Replies: 205
Views: 137194

Re: Suricata IDS/IPS integration with Mikrotik (now with OSSEC)

Dear Tomfisk, I have another idea but before that i feel so sorry because my bad english, but i will try to explain what i'm thinking about, i dont know is this possible or not, let say when the script start, the script will look first or grab from Mikrotik the list of banned ip and keep on script m...
by halimzhz
Tue Sep 18, 2018 6:06 pm
Forum: General
Topic: Suricata IDS/IPS integration with Mikrotik (now with OSSEC)
Replies: 205
Views: 137194

Re: Suricata IDS/IPS integration with Mikrotik (now with OSSEC)

Dear Tomfisk, Thank you so much to reply me, for your information the concept of forward packet to suricata is so nice and suricata will filter the packet with some rules, but that seem fine when you have a very minimal suricata rules, but when u filter the suricata with tons of rules for example u ...
by halimzhz
Tue Sep 18, 2018 4:17 pm
Forum: General
Topic: Suricata IDS/IPS integration with Mikrotik (now with OSSEC)
Replies: 205
Views: 137194

Re: Suricata IDS/IPS integration with Mikrotik (now with OSSEC)

Hi,

What i understand the packet sniffer capturing from Mikrotik are the packet before the firewall rules, so is it possible to get any packet only after get thru the firewall rules ?

Please advice, TQ
by halimzhz
Mon Sep 17, 2018 1:48 am
Forum: General
Topic: Suricata IDS/IPS integration with Mikrotik (now with OSSEC)
Replies: 205
Views: 137194

Re: Suricata IDS/IPS integration with Mikrotik (now with OSSEC)

Dear Tomfisk,

Thank you so much to answer my question, actually i have so many question to ask, any possiblity if i can direct with you on Whatsapp or Skype ? Or can you enable your private message on this forum ?

Please help. Thank you so much
by halimzhz
Sun Sep 16, 2018 1:50 pm
Forum: Beginner Basics
Topic: How Packet Sniffer Works
Replies: 6
Views: 676

Re: How Packet Sniffer Works

Dear Sir,

That great, but how to capture after the firewall process, anything can be done from terminal command line ?

TQ
by halimzhz
Sun Sep 16, 2018 1:56 am
Forum: Beginner Basics
Topic: How Packet Sniffer Works
Replies: 6
Views: 676

Re: How Packet Sniffer Works

Hi, Actually i'm running Mikrotik Packet Sniffer to my Suricata and the problem i keep receiving same packet from same ip eventhough the ip has been blocked on Mikrotik firewall, so that make Suricata are so busy and too much delay to send trigger back to Mikrotik, any advice please ? Thank you so m...
by halimzhz
Sun Sep 16, 2018 1:38 am
Forum: Beginner Basics
Topic: How Packet Sniffer Works
Replies: 6
Views: 676

Re: How Packet Sniffer Works

Hi,

Thank you for the answer, but is it possible to capture the packet after the Mikrotik firewall rules ?

Thank you
by halimzhz
Sat Sep 15, 2018 10:39 pm
Forum: Beginner Basics
Topic: How Packet Sniffer Works
Replies: 6
Views: 676

How Packet Sniffer Works

Dear all,

I'm sorry and i'm a newbie on firewall, please correct me if i'm wrong, what i understand the Packet Sniffer option on Mikrotik is any streaming before get thru the firewall rules, is possible to collect the streaming after the firewall rules ?

Please help. TQ
by halimzhz
Sat Sep 15, 2018 7:00 pm
Forum: General
Topic: Suricata IDS/IPS integration with Mikrotik (now with OSSEC)
Replies: 205
Views: 137194

Re: Suricata IDS/IPS integration with Mikrotik (now with OSSEC)

Dear All, I have few question about this script: 1- I would like to know this script is running on background or i have to run with cron ? 2- Is it any output log for any activity sending to Mikrotik? Currently i'm running with logstash + python for filtering fast.log and its very slow and too much ...
by halimzhz
Mon Jul 02, 2018 8:03 pm
Forum: General
Topic: Packet sniffer stopped
Replies: 2
Views: 578

Re: Packet sniffer stopped

Dear All,

Any advice for this problem, no one answer about this since last year, i have no choice to make the packet sniffer turn it off and turn it back nightly

TQ
by halimzhz
Sat Oct 28, 2017 7:58 am
Forum: General
Topic: Packet sniffer stopped
Replies: 2
Views: 578

Re: Packet sniffer stopped

Dear All,

I'm facing the samething and my current version is 6.39.2

Please advice. TQ
by halimzhz
Sun Sep 17, 2017 1:11 pm
Forum: Beginner Basics
Topic: Remove Comment with Wildcard
Replies: 2
Views: 626

Re: Remove Comment with Wildcard

Dear morituruz,

Thank you so much, its work.
by halimzhz
Sat Sep 16, 2017 1:38 pm
Forum: Beginner Basics
Topic: Remove Comment with Wildcard
Replies: 2
Views: 626

Remove Comment with Wildcard

Dear All,

I try to remove the address list using this:

/ip firewall address-list remove [find where comment="Test Group *"] because i have multiple number of group on comment, but no luck, can someone show me how can i remove with wildcard ?

Please help, TQ so much
by halimzhz
Sun Sep 10, 2017 3:39 pm
Forum: Beginner Basics
Topic: Block Email with Layer7
Replies: 2
Views: 758

Block Email with Layer7

Dear all, I'm facing problem with multiple spam mail for example 545353456@qq.com, the number 545353456 is always change but the domain qq.com are remain, so how can i block for that kind of email ? I cant block based on domain name because some of email is a valid email, what i need to block if sta...
by halimzhz
Mon Aug 21, 2017 11:06 pm
Forum: Beginner Basics
Topic: Who Spike My Network?
Replies: 0
Views: 358

Who Spike My Network?

Dear All,

I realize by using 'Torch' i can detect on real time what kind of protocol, src, and destination especially when i need to detect which IP are currently spike my network, but how can i trace let say the spike happen few hours ago? Any script can record that activity ?

Please help. TQ
by halimzhz
Wed Jul 26, 2017 7:15 am
Forum: General
Topic: Kill Process on Torch
Replies: 1
Views: 1026

Kill Process on Torch

Hi,

I would like to have an option to kill the download/access process while on Torch, or any better idea ?

Thank you
by halimzhz
Tue Jul 25, 2017 10:29 pm
Forum: General
Topic: Limit Downloading
Replies: 2
Views: 1038

Re: Limit Downloading

Hi All,

Found it:

add action=drop chain=forward comment="Download Limit 2GB" connection-bytes=2147483648-0 disabled=no protocol=tcp

TQ
by halimzhz
Tue Jul 25, 2017 4:59 pm
Forum: General
Topic: Limit Downloading
Replies: 2
Views: 1038

Limit Downloading

Dear All

Few months ago i experienced to download 5GB backup file via ftp and http from other hosting company and i'm so suprise the downloading is only stop at 1GB file size, so may i know how can i impelement that on Mikrotik ?

Please help and Thank you so much
by halimzhz
Mon Jul 17, 2017 4:31 pm
Forum: Beginner Basics
Topic: ICMP Issue
Replies: 5
Views: 712

Re: ICMP Issue

Dear pe1chl and pukkita,

Thank you so much for reply, yes i need to block ping but what i did now is block icmp, can you explain on how can i block only ping ?

Thank you so much
by halimzhz
Mon Jul 17, 2017 12:23 pm
Forum: Beginner Basics
Topic: ICMP Issue
Replies: 5
Views: 712

ICMP Issue

Dear All, ;;; Accept ICMP From Singapore chain=forward action=accept protocol=icmp src-address-list=SG log=no log-prefix="" ;;; Block ICMP Out Of Singapore chain=forward action=drop protocol=icmp log=no log-prefix="" With above rule i can block anybody out of Singapore to ping my network but allow a...
by halimzhz
Wed Jun 28, 2017 11:43 pm
Forum: General
Topic: How to Block port 25
Replies: 2
Views: 2092

Re: How to Block port 25

Hi,

May i know how can i block multiple port but i would like to whitelist some countries to access the port

Please help. TQ
by halimzhz
Fri Jun 09, 2017 2:48 am
Forum: General
Topic: Enquiry About Cloud Core router for QOS
Replies: 0
Views: 310

Enquiry About Cloud Core router for QOS

Dear All, For your information i plan to buy CCR1016-12G, we are web hosting company and i need to know is it cater to my requirement, for your information i have 2 internet connection and each connection is about 30Mbit bandwidth, each connection having their own 1 C Class IP, my connection is dire...