Community discussions

Search found 136 matches

by pokeman
Mon Feb 20, 2012 8:51 am
Forum: General
Topic: v5.13 released
Replies: 64
Views: 8054

Re: v5.13 released

Hi All,

After upgrading my router given kernel panic , already opened Ticket#2012021566000466,no response from last 5 days :(
by pokeman
Sat Dec 31, 2011 7:42 pm
Forum: General
Topic: v5.11 released
Replies: 173
Views: 43790

Re: v5.11 released

5-11 reboot after 12 hours, See the performance difference between 4.17 with 5.11
by pokeman
Fri Dec 30, 2011 9:54 pm
Forum: General
Topic: v5.11 released
Replies: 173
Views: 43790

Re: v5.11 released

Un-stable version 5-11. We are facing issue with Mikrotik with PPTP tunnels. We have core-2-duo machine but they could not handle more than 800 pptp tunnels, even we replaced xeon machine 8 core processor. finally We requested MT support to help us. As per their recomendedation we upgrade 5-11 to co...
by pokeman
Wed Aug 19, 2009 12:04 pm
Forum: General
Topic: Queue Questions + remove limit for specfied domains
Replies: 0
Views: 404

Queue Questions + remove limit for specfied domains

Gday We are running 3.28 i have question related with queue with no limit for FTP domains i am using queue tree for this its not working for me anyone have idea for this My domain ip 208.67.229.0/24 here is configuration /ip firewall address-list add address=10.0.0.0/24 list=client1 /ip firewall add...
by pokeman
Fri Jun 19, 2009 8:35 am
Forum: General
Topic: blocking patten matching
Replies: 3
Views: 634

Re: blocking patten matching

This data grep from packet sniffer . the destination is 72.20.5.98 and packet UDP
by pokeman
Thu Jun 18, 2009 8:57 pm
Forum: General
Topic: blocking patten matching
Replies: 3
Views: 634

blocking patten matching

Hi there should i block this from L7 patten matching ? using MT 3.23 4500 0404 4cbe 0000 8011 15f2 7514 11af E... L.......u... 4814 0562 042d 5000 03f0 d9b2 ddc0 5710 H..b.-P.......W. a940 d870 079f 37cf 66fd 962d c55d f48c .@.p..7.f..-.].. 24bb 53ea 831a b14a e179 11a8 40d8 7007 $.S....J.y..@.p. 9e...
by pokeman
Thu Jun 11, 2009 12:48 pm
Forum: General
Topic: Help with external Squid Proxy with Ubuntu
Replies: 8
Views: 4855

Re: Help with external Squid Proxy with Ubuntu

I realize to setup Ubuntu + Squid but I can not limit speed for clients as I do in Mikrotik web proxy. I mean when clients get staf from Internet they to get in with their real speed, e.g. 512 but when to get staff from Squid (cache content) to get with other speed e.g. 1 M. In this case I tried to...
by pokeman
Mon May 18, 2009 1:20 pm
Forum: Scripting
Topic: Logging Question ?
Replies: 3
Views: 640

Re: Logging Question ?

Thanks normis for your response

i am using 3.x any way to save logs on daily basis like MT backup.
by pokeman
Mon May 18, 2009 7:48 am
Forum: Scripting
Topic: Logging Question ?
Replies: 3
Views: 640

Re: Logging Question ?

any expert here !
by pokeman
Fri May 15, 2009 2:40 pm
Forum: Scripting
Topic: Logging Question ?
Replies: 3
Views: 640

Logging Question ?

Hi There

can any one tell me what is that mean when user log-out from pppoe session

May 13 21:46:45 172.16.0.1 pppoe,ppp,info,account account: john logged out, 2033 1270902 4283787 7668 7267
by pokeman
Tue Apr 21, 2009 12:01 pm
Forum: General
Topic: (ASK) Mikrotik Bridge as Internal Proxy (Un-Solved Mystery)
Replies: 26
Views: 3588

Re: (ASK URGENT) Mikrotik Bridge as Internal Proxy

Intresting
i am not test in MT . i used Linux+squid instead of MT and its work for me. The problem was same as you facing in MT. Add the ip addresses and gateway on bridge interface. the ip range must be your client using. e.g 192.168.1.254/24 gw 192.168.1.1 .
by pokeman
Thu Apr 16, 2009 6:34 pm
Forum: General
Topic: [Help] Non Shaping the local web server linked to the public
Replies: 7
Views: 952

Re: [Help] Non Shaping the local web server linked to the public

i am not MT expert anyway try to use this

chain=prerouting action=mark-packet new-packet-mark=Web passthrough=no dst-address=172.16.15.15
name="web" parent=global-out packet-mark=WEB limit-at=0 queue=default priority=8 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
by pokeman
Fri Apr 03, 2009 4:15 pm
Forum: General
Topic: External Squid Box Logs
Replies: 5
Views: 1146

External Squid Box Logs

Hello
The following network as much similar with my network http://forum.mikrotik.com/download/file.php?id=1766
.My requirements to save logging information of my clients. In current senario only mikrotik interface ip will show in external squid box. Using x3.17

Thanks in advance
by pokeman
Fri Apr 03, 2009 1:47 pm
Forum: Scripting
Topic: Script to identify conficker (virus infected) users
Replies: 43
Views: 17938

Re: Script to identify conficker (virus infected) users

Hi omega-00


I found in logs many domain are not listed in dailyconficker list . after googing i found this url may be this will be help-out you

http://iv.cs.uni-bonn.de/wg/cs/applicat ... conficker/
by pokeman
Wed Apr 01, 2009 12:53 pm
Forum: Scripting
Topic: 1st script with too many error !
Replies: 4
Views: 782

Re: 1st script with too many error !

Thanks its working :)
by pokeman
Wed Apr 01, 2009 11:30 am
Forum: Scripting
Topic: 1st script with too many error !
Replies: 4
Views: 782

Re: 1st script with too many error !

I can't even understand what you wanted to do with that script.

The Perpose of this script grep windowsupdate host ips from dns cache and add to firewall address-list
by pokeman
Wed Apr 01, 2009 10:25 am
Forum: Scripting
Topic: 1st script with too many error !
Replies: 4
Views: 782

1st script with too many error !

Hi there i am trying to grep windows update ips from dns cache. can anyone help me out ! :foreach i in= /ip firewall address-list remove [/ip firewall address-list find list=windowsupdate][/ip dns cache find] do={n;log find [/ip dns cache get $i name] "windowsupdate"} > 0) do={info (windowsupdate:[ ...
by pokeman
Tue Mar 31, 2009 4:04 pm
Forum: Scripting
Topic: Script to identify conficker (virus infected) users
Replies: 43
Views: 17938

Re: Script to identify conficker (virus infected) users

oh bugger. Just found out that the :resolve command failing causes a script to halt in 3.X Hey Man , is that means it won't work on 3.x !!? and what about 2.x something else , should i make a firewall filter rule to block any connection to these sites ? i have a deep bad feeling about this mess , M...
by pokeman
Tue Mar 31, 2009 3:54 pm
Forum: Scripting
Topic: Script to identify conficker (virus infected) users
Replies: 43
Views: 17938

Re: Script to identify conficker (virus infected) users

If it gets the failure message it means the :resolve has failed and stops the script from continuing (the bug mentioned in my second post) If you're using opendns servers (208.67.222.222 208.67.220.220) as your dns servers this should not happen as any invalid requests will instead be returned an o...
by pokeman
Tue Mar 31, 2009 12:39 am
Forum: Scripting
Topic: Script to identify conficker (virus infected) users
Replies: 43
Views: 17938

Re: Script to identify conficker (virus infected) users

Hi There

did you found any removal tool for this worm ?
by pokeman
Mon Mar 30, 2009 4:20 pm
Forum: Scripting
Topic: Script to identify conficker (virus infected) users
Replies: 43
Views: 17938

Re: Script to identify conficker (virus infected) users

Thanks Mate Now its working but i think something wrong. The script add duplicate ips . its fine or something missing in script . Dude can you do one more thing can you make simple this script. i have also linux box and make script to fatch and export list to the file with crontab just confuse with ...
by pokeman
Mon Mar 30, 2009 1:19 pm
Forum: Scripting
Topic: Script to identify conficker (virus infected) users
Replies: 43
Views: 17938

Re: Script to identify conficker (virus infected) users

mm strange ! anyway i just tweak with this script with my linux box downloaded files on linux box then retrive to local machine. files are http://192.168.0.1/conficker/www.epicwinrar.com/conficker/ after this get sucess but 20% the script now given this error /system script run daily-conficker-list ...
by pokeman
Mon Mar 30, 2009 11:41 am
Forum: Scripting
Topic: Script to identify conficker (virus infected) users
Replies: 43
Views: 17938

Re: Script to identify conficker (virus infected) users

yeah but the previous post I did was incorrect.. when you ran /system run script XXXXX it didn't run the script at all.. because my syntax was wrong. you need to run /system script run XXXXXX it was my message to you that had an error, I've also tried the script on one of my 3.17 boxes and it works...
by pokeman
Mon Mar 30, 2009 10:32 am
Forum: Scripting
Topic: Script to identify conficker (virus infected) users
Replies: 43
Views: 17938

Re: Script to identify conficker (virus infected) users

arggh sorry, typo /system script run daily-conficker-list is what you want to do. something wrong in script when i run given error. see my last post the worm has been activated on my lan users here is my squid access log. 1238397620.731 0 192.168.0.5 TCP_DENIED/400 1481 NONE NONE:// - NONE/- text/h...
by pokeman
Mon Mar 30, 2009 9:28 am
Forum: Scripting
Topic: Script to identify conficker (virus infected) users
Replies: 43
Views: 17938

Re: Script to identify conficker (virus infected) users

Thanks for your prompt response. actully i have over 2500 user. most of the user are infacted with this virus.

here is terminal output

[admin@MikroTik] > /system run script daily-conficker-list
bad command name run (line 1 column 9)
[admin@MikroTik] >
conf.JPG
by pokeman
Sun Mar 29, 2009 4:11 pm
Forum: General
Topic: blocking windows sharing but how to allow ?
Replies: 2
Views: 552

Re: blocking windows sharing but how to allow ?

dig.JPG
currently my client download data from Ms-portal. local downloading are restricted with 64k . how can i exclude from limit
by pokeman
Sun Mar 29, 2009 2:47 pm
Forum: General
Topic: blocking windows sharing but how to allow ?
Replies: 2
Views: 552

blocking windows sharing but how to allow ?

Hi there I am using Wireless setup x3.17 RouterOS on network the user connect pppoe session. i created a rule in dhcp /32 "address=192.168.0.0/24 gateway=192.168.0.253 netmask=32 " for user blocking sharing now my user getting mask 255.255.255.255 . My Microsoft portal server on 192.168.0.4. perviou...
by pokeman
Sun Mar 29, 2009 12:29 pm
Forum: Scripting
Topic: Change ip
Replies: 1
Views: 502

Change ip

Script not working for me :( chupka you are the expert for scripting

/system scheduler add name=ip interval=24h on-event={
/ip address remove [find address=111.222.333.444/32];
/ip address add address=111.222.333.555/32 interface=wan ;
}
by pokeman
Sun Mar 29, 2009 12:19 pm
Forum: Scripting
Topic: Script to identify conficker (virus infected) users
Replies: 43
Views: 17938

Re: Script to identify conficker (virus infected) users

got error when i post the script on terminal window
conf.JPG
by pokeman
Sun Mar 29, 2009 12:02 pm
Forum: Scripting
Topic: Script to identify conficker (virus infected) users
Replies: 43
Views: 17938

Re: Script to identify conficker (virus infected) users

Yes, as noted in my post above, I only found out after finishing the scrip that the mikrotik :resolve command is currently broken, any failed resolution simple forces the script to quit, hence using opendns is the only way I see to get it to complete at this time.. too bad we've got no other soluti...
by pokeman
Sat Mar 28, 2009 9:42 am
Forum: Scripting
Topic: Script to identify conficker (virus infected) users
Replies: 43
Views: 17938

Re: Script to identify conficker (virus infected) users

Hi there i use this script in x3.17 its not working for me i just modified the script to check they resolve the ips . i created the file name conf.txt and put the all domain which listed on site. i used opendns for nameserver :local content [/file get [/file find name="conf.txt"] contents] ; :local ...
by pokeman
Sun Jan 11, 2009 4:11 pm
Forum: Scripting
Topic: Youtube limit queue
Replies: 4
Views: 2718

Re: Youtube limit queue

can anyone find out the error

youtube.JPG
by pokeman
Mon Dec 29, 2008 12:42 pm
Forum: General
Topic: X86 clock issue
Replies: 12
Views: 1933

Re: X86 clock issue

can you guide me how to setup NTP and sync with system time
by pokeman
Sat Dec 27, 2008 9:59 pm
Forum: General
Topic: how to kick ppp user from CLI
Replies: 1
Views: 522

how to kick ppp user from CLI

Hi There

how to kick ppp user from CLI any one guide me i am trying with this its not working any idea ? e.g user=abcd
/ppp active remove [find user=abcd]
by pokeman
Sat Dec 27, 2008 7:11 am
Forum: General
Topic: ftp attack
Replies: 2
Views: 787

ftp attack

Hi there

here is my log
system,error,critical login failure for user Open from 212.100.64.11 via ftp

ftp server are already disable but still i found the error

how to block host and port from wan interface
by pokeman
Fri Dec 26, 2008 11:13 am
Forum: General
Topic: How to redirect to external proxy
Replies: 30
Views: 37657

Re: How to redirect to external proxy

send me your msn addresses latter on we will do a remote session

I tried this but does not worked.
by pokeman
Thu Dec 25, 2008 9:47 pm
Forum: Scripting
Topic: script not working 3.17
Replies: 1
Views: 471

script not working 3.17

script not working any one please correct
:for i from=2 to=254 do={/queue simple add target-address=(192.168.0 . $i /32 ) max-limit=20000/64000}
by pokeman
Thu Dec 25, 2008 7:42 pm
Forum: General
Topic: How to redirect to external proxy
Replies: 30
Views: 37657

Re: How to redirect to external proxy

try out this with policy routing setup you linux external server with transparent proxy with NAT and mark 80 traffic and redirect to the linux gateway /ip firewall mangle add chain=prerouting protocol=tcp dst-port=80 action=mark-routing new-routing-mark=HTTP passthrough=yes comment="" disabled=no /i...
by pokeman
Thu Dec 25, 2008 9:29 am
Forum: General
Topic: X86 clock issue
Replies: 12
Views: 1933

Re: X86 clock issue

HI There

i have issue system clock they reset every day 00:00 and the time was default Jan/11/2004
by pokeman
Tue Dec 23, 2008 8:00 pm
Forum: Scripting
Topic: Netwatch with some modification required
Replies: 9
Views: 1131

Re: Netwatch with some modification required

SurferTim waiting for script !
by pokeman
Mon Dec 22, 2008 10:45 am
Forum: Scripting
Topic: Netwatch with some modification required
Replies: 9
Views: 1131

Re: Netwatch with some modification required

you are right !
by pokeman
Mon Dec 22, 2008 8:48 am
Forum: Scripting
Topic: Netwatch with some modification required
Replies: 9
Views: 1131

Re: Netwatch with some modification required

thanks for your response actually some of our client using DDC Mirc chat due to some issue the admin block the ip addresses. e.g host addresses irc.eunet.net now i need if the ping not answer with the following host my ip public ip change then trying to ping again. 2nd time again ping to host again ...
by pokeman
Sun Dec 21, 2008 1:21 pm
Forum: General
Topic: how to block voip using L7
Replies: 1
Views: 873

how to block voip using L7

Hi there

can i block voip applicaiton using L7. sip now using random port we cannot block by port :(
by pokeman
Sun Dec 21, 2008 1:04 pm
Forum: Scripting
Topic: Netwatch with some modification required
Replies: 9
Views: 1131

Re: Netwatch with some modification required

hi there

waiting for solution
Chupaka ! normis ! scripting master !!
by pokeman
Fri Dec 19, 2008 1:26 pm
Forum: Scripting
Topic: Netwatch with some modification required
Replies: 9
Views: 1131

Netwatch with some modification required

Hi There i need script to change interface ip if the destination ping timeout we have 4 public ip e.g 10.0.0.2, 10.0.0.3, 10.0.0.4 and single gateway 10.0.0.1 According to check every ip one by one :local i 0; {:do {:set i ($i + 1)} while (($i < 5) && ([/ping 72.14.207.104 interval=3 count=1]=1)}; :...
by pokeman
Wed Dec 17, 2008 12:40 pm
Forum: General
Topic: Rate limit of PPPoE
Replies: 12
Views: 2854

Re: Rate limit of PPPoE

simple queue based on single ip can we manage based on network /24 /23 . please give me some examples
by pokeman
Tue Dec 16, 2008 12:39 pm
Forum: General
Topic: Rate limit of PPPoE
Replies: 12
Views: 2854

Re: Rate limit of PPPoE

any other way to manage bandwidth instead of PCQ
increase it upto 7000-10000 at least and see whether drops conlinue
by pokeman
Tue Dec 16, 2008 12:14 pm
Forum: General
Topic: Rate limit of PPPoE
Replies: 12
Views: 2854

Re: Rate limit of PPPoE

around 350 to 500 session currently set 'pcq-total-limit=2000
if you have many concurrent users, increase 'pcq-total-limit=' value
by pokeman
Tue Dec 16, 2008 11:51 am
Forum: General
Topic: Rate limit of PPPoE
Replies: 12
Views: 2854

Re: Rate limit of PPPoE

normis can you give me idea about this ? using MT 3.17 i have same issue with this when i was creating user queue with dynamic its working perfectly but when i change to static entry with pcq is getting packet drop on client . lots of dynamic queue takes system usage thats why we need to set static ...