Community discussions

Search found 101 matches

by luqasz
Sun Jul 26, 2015 2:47 pm
Forum: General
Topic: Central Deployment using Infrastructure-as-a-Code?
Replies: 11
Views: 5938

Re: Central Deployment using Infrastructure-as-a-Code?

Hi

I have written a separate program to configura mikrotik devices via API. I have posted it on forum.
by luqasz
Thu Jul 23, 2015 12:53 am
Forum: Scripting
Topic: mikrotik configuration manager
Replies: 0
Views: 675

mikrotik configuration manager

Hi I have been wroking on a program to remotely configure mikrotik devices via API. You can only configure one device per program execution. Please read the documentation before using. Example usage cases: add system users change system users passwords set system ntp client Example usage: ./mcm.py -...
by luqasz
Tue Sep 30, 2014 5:50 pm
Forum: General
Topic: IP route get. How to lookup gateway knowing dst address ?
Replies: 0
Views: 584

IP route get. How to lookup gateway knowing dst address ?

Hi How to do an equivalent ip r g 1.1.1.1 on mikrotik ? On linux it gives route that matches given ip address. Consider following example. You have 2 routers connected to each other with ether1. On R2 you have 1.1.1.1/30 on ether2. You are logged on R1 and want to know what is the route for 1.1.1.1 ...
by luqasz
Tue Jun 10, 2014 11:29 am
Forum: General
Topic: RADIUS rate refresh after DHCPREQUEST
Replies: 3
Views: 683

Re: RADIUS rate refresh after DHCPREQUEST

Please correct me if i am wrong.
Session timeout is equivalent to lease-time. right ? According to dhcp rfc client must send DHCPREQUEST every half of lease time. if a router is on 24/7 it will never expire its session. Assuming ofcourse that nothing will break between clients router and DHCP server.
by luqasz
Tue Jun 10, 2014 1:11 am
Forum: General
Topic: RADIUS rate refresh after DHCPREQUEST
Replies: 3
Views: 683

RADIUS rate refresh after DHCPREQUEST

Hi I have noticed that mikrotik's DHCP does not ask RADIUS every time DHCPREQUEST is sent. Consider following scenario: Client has a router witch is on 24/7. Some day he wants higher rates. Now you have to restart his router for changes to take effect. Is there any way to configure DHCP to always se...
by luqasz
Sun May 25, 2014 11:04 pm
Forum: General
Topic: Known issues and bugs - a list
Replies: 283
Views: 110905

Re: Known issues and bugs - a list

Issue: Wrongly calculated and selected routes. Description: http://forum.mikrotik.com/viewtopic.php?f=2&t=84461 Version affected: Tested on 6.12. I would not be suprised if all 6.x are affected. How to reproduce: http://forum.mikrotik.com/viewtopic.php?f=2&t=84461 Support TicketID: 2014042866000685
by luqasz
Fri May 09, 2014 12:52 am
Forum: General
Topic: api diffie hellman negotiation
Replies: 2
Views: 606

Re: api diffie hellman negotiation

Thx a lot. That was verry helpfull.
by luqasz
Thu May 08, 2014 10:21 pm
Forum: General
Topic: api diffie hellman negotiation
Replies: 2
Views: 606

api diffie hellman negotiation

Hi

I want to implement diffie-hellman negotiation in my python api library. I do not know how to do it. I know that chupaka implemented it in delphi but i do not know this language. Can anyone help ? I know how this mechanism works but explanation on wiki is rather enigmatic.
by luqasz
Thu May 08, 2014 12:38 am
Forum: General
Topic: python3 API implementation
Replies: 1
Views: 507

Re: python3 API implementation

Hi I am working on api query wrapper. It is placed in separate branch on github . I would verry much appreciate any feedback you give. Current proof of concept is: Iterator implementation for row in api.query('/interface').where( row.type == 'bridge' ): do stuff Executing querry and assigning result...
by luqasz
Mon Apr 28, 2014 8:29 pm
Forum: General
Topic: badly selected OSPF route. ignored cost
Replies: 2
Views: 3233

Re: badly selected OSPF route. ignored cost

Hi, Edit: It looks like a multiarea OSPF problem. It seems to be described in RFC5185 as describe in ths post: http://forum.mikrotik.com/viewtopic.php?f=14&t=84113&hilit=ospf Regards, I do not think so. Problem described in link is a different one. R2 knows about 2 paths. intra and inter area. R2 d...
by luqasz
Mon Apr 28, 2014 3:18 pm
Forum: General
Topic: badly selected OSPF route. ignored cost
Replies: 2
Views: 3233

badly selected OSPF route. ignored cost

hi i have made a lab with diagram as in ospf.png . R1 /routing ospf instance set [ find default=yes ] disabled=no distribute-default=if-installed-as-type-1 !domain-id \ !domain-tag in-filter=ospf-in metric-bgp=auto metric-connected=20 metric-default=1 \ metric-other-ospf=auto metric-rip=20 metric-st...
by luqasz
Sat Apr 26, 2014 2:20 am
Forum: Beginner Basics
Topic: mac-telnet from Linux Box
Replies: 10
Views: 10603

Re: mac-telnet from Linux Box

https://github.com/haakonnessjoen/MAC-Telnet

under debian and ubuntu just:
apt-get install mactelnet-client
by luqasz
Sat Mar 08, 2014 12:24 am
Forum: General
Topic: python3 API implementation
Replies: 1
Views: 507

python3 API implementation

Hi I am finishing my Python3 API implementation. Project is hosted on github . This is in a developement branch. Feature requests and feedback is welcome. Planned features: * querry wrapper * tag support * asynchronous command runs (possibly via callbacks) I aim to use this library to write MCM (mik...
by luqasz
Sun Feb 23, 2014 11:17 pm
Forum: General
Topic: new openvpn. maybe this time ...
Replies: 0
Views: 390

new openvpn. maybe this time ...

hi

In 2013 openvpn releases a newer version of openvpn. That claim to do a lot of bug fixex and code cleanups.
https://community.openvpn.net/openvpn/w ... nOpenvpn23

Maybe this time mikrotik programmers will not try to commit suicide implementing full featured openvpn.
by luqasz
Wed Feb 19, 2014 8:50 pm
Forum: General
Topic: Feature requests
Replies: 1159
Views: 207357

loopback interface access.

simply show loopback interface in interface lists.
then you will be able to add addresses to it and not make a dirty empty bridge hack.
by luqasz
Wed Feb 19, 2014 8:26 pm
Forum: General
Topic: Feature requests
Replies: 1159
Views: 207357

/file mv,cp,mkdir

/file mv,cp,mkdir

it is in my opinion self explanatory....
by luqasz
Wed Feb 19, 2014 8:19 pm
Forum: General
Topic: Feature requests
Replies: 1159
Views: 207357

case insensitive mac address formats acceptance

if you want to find a mac address on a bridge host table you have to write it case sensitive. how about accepting it in case insensitive ?
This may be for some people a cosmetic feature but still noce one.
by luqasz
Wed Feb 19, 2014 8:17 pm
Forum: General
Topic: Feature requests
Replies: 1159
Views: 207357

physically disable port

if you set an ethernet/sfp interface as disabled link is still up. how about phisically (elecrically) disable it as well. just like a decent switch does
by luqasz
Wed Feb 19, 2014 8:15 pm
Forum: General
Topic: ip neighbour expiration ?
Replies: 0
Views: 341

ip neighbour expiration ?

hi

once host have been discovered it can stay there for a long time. even if it is down. does this protocoll have some timeout ?
i have a feeling that this list may grow endlessly
by luqasz
Wed Feb 19, 2014 8:12 pm
Forum: General
Topic: Feature requests
Replies: 1159
Views: 207357

disable BFD interfaces

/routing bfd interface> disable 0
failure: cannot disable 'all' interface config
remove all interface as a default configuration. you just do not use it always.
by luqasz
Wed Feb 19, 2014 8:10 pm
Forum: General
Topic: Feature requests
Replies: 1159
Views: 207357

general purpouse prefix lists

prefix lists for bgp, ospf etc. not only rip. once done you can store prefixes in some separate place making filters refer to them and resulting in more clear configuration
by luqasz
Wed Feb 19, 2014 7:55 pm
Forum: General
Topic: Feature requests
Replies: 1159
Views: 207357

connection lists. split ports in separate columns

/ip firewall connection 25 tcp 212.77.100.128:80 91.xxx.xxx.xxx:52378 established 2h47m39s issuing below command: print where src-address=212.77.100.128 will not print src addres becouse you have to write it with port. what if you do not know the port or you are just not interested in it ? under wi...
by luqasz
Wed Feb 19, 2014 7:49 pm
Forum: General
Topic: Feature requests
Replies: 1159
Views: 207357

secure store local users passwords

it is verry simple to crack local user password once you have access to binnary backup for example. Store them in sha or blowfish. If you do this they can be exportable via /export. Also please note that importing them would be a really nice feature. as a side note please read this and THIS . please...
by luqasz
Wed Feb 19, 2014 7:46 pm
Forum: General
Topic: Feature requests
Replies: 1159
Views: 207357

kerberos

kerberos support for ssh logging.
i may be bombarded her to use radius with user-manager. problem is that radius is not as secure as kerberos. if you want to have same password for winbox and ssh you have to store and send passwords in plain-text !!!

don't you think that is a security hole ?
by luqasz
Wed Feb 19, 2014 7:43 pm
Forum: General
Topic: Feature requests
Replies: 1159
Views: 207357

Re: Feature requests

ssh-rsa encoding for ssh client

this is an exact error message on cisco switch when i try to log in with ssh client on ros 6.10
SSH2 0: hostkey algo not supported: client ssh-dss, server ssh-rsa
by luqasz
Wed Feb 19, 2014 7:33 pm
Forum: General
Topic: Feature requests
Replies: 1159
Views: 207357

Re: Feature requests

why this wiki pade have been removed ?
by luqasz
Fri Feb 07, 2014 11:29 pm
Forum: General
Topic: bgp filters. prefixes in filters and bgp prepend
Replies: 6
Views: 1336

Re: bgp filters. prefixes in filters and bgp prepend

you mean, it's the solution?
yes
what chain is used in BGP Peer?
bgp-provider-in (the same as specified in peer configuration)
by luqasz
Fri Feb 07, 2014 5:29 pm
Forum: General
Topic: bgp filters. prefixes in filters and bgp prepend
Replies: 6
Views: 1336

Re: bgp filters. prefixes in filters and bgp prepend

add action=jump chain=bgp-provider-in jump-target=PROVIDER-PREFIX set-bgp-prepend=6 add action=discard chain=bgp-provider-in add action=accept chain=PROVIDER-PREFIX prefix=x.x.x.x add action=accept chain=PROVIDER-PREFIX prefix=x.x.x.x add action=return chain=PROVIDER-PREFIX this will result in sett...
by luqasz
Fri Feb 07, 2014 12:30 pm
Forum: General
Topic: bgp filters. prefixes in filters and bgp prepend
Replies: 6
Views: 1336

Re: bgp filters. prefixes in filters and bgp prepend

it is applied to every rule in jump-target chain. confirmed.

i wan to store peers prefixes in one chain. thus i will not have to update every peers chain if a prefix changes.
by luqasz
Wed Feb 05, 2014 11:57 am
Forum: General
Topic: check bgp prepends advertisments
Replies: 0
Views: 351

check bgp prepends advertisments

hi since routing bgp advertisments print <peer> does not print as-paths for prefixes that are distributted by me. http://wiki.mikrotik.com/wiki/Manual:BGP_HowTo_%26_FAQ#Question:_How_to_seen_routes_advertised_to.2C_and_routes_received_from_a_particular_peer.3F how to check if my routing filters actu...
by luqasz
Wed Feb 05, 2014 11:27 am
Forum: General
Topic: bgp filters. prefixes in filters and bgp prepend
Replies: 6
Views: 1336

bgp filters. prefixes in filters and bgp prepend

hi i have multiple bgp peers. i want to place every peers prefixes in their own chains. for example i have 2 peers A and B i want to place peers A an B prefixes in chains chain-A and chain-B. my prefixes in chain-Y. every "prefix" chain will have return action at the end. if i place: action=jump jum...
by luqasz
Thu Jan 16, 2014 11:49 am
Forum: General
Topic: api queries. complex queries. please explain
Replies: 15
Views: 11830

Re: api queries. complex queries. please explain

Very simple question I want to disconnect a user from ppp active so I send /ppp/active/remove ?name=value it returns done but that user specified in the value is not disconnected. any input? http://wiki.mikrotik.com/wiki/API#Queries Api queries are not supported in commands other than print/getall....
by luqasz
Fri Dec 20, 2013 11:49 am
Forum: Beginner Basics
Topic: Mounting Mikrotik samba shares under Linux
Replies: 12
Views: 5722

Re: Mounting Mikrotik samba shares under Linux

in RouterOS 6.8 we will have SMB 2.0 and a completely new implementation, so better to test that. If you wish to see the pre-release, email support
you mean smb 2.0 protocol version ?
i will send email to support. where shall i post my issues/observations with pre-release ?
by luqasz
Fri Dec 20, 2013 12:21 am
Forum: Beginner Basics
Topic: Mounting Mikrotik samba shares under Linux
Replies: 12
Views: 5722

Re: Mounting Mikrotik samba shares under Linux

hi i am unable to mount a share via mount.cifs under ubuntu 12.04 output from dmesg [ 6994.728621] CIFS VFS: NTLMSSP requires Unicode support [ 6994.728631] CIFS VFS: Send error in SessSetup = -38 [ 6994.728820] CIFS VFS: cifs_mount failed w/return code = -38 output from mount command sudo mount.cif...
by luqasz
Mon Sep 30, 2013 12:15 pm
Forum: Virtualization
Topic: metarouter 12.09 "Attitude Adjustment" patch
Replies: 2
Views: 3119

Re: metarouter 12.09 "Attitude Adjustment" patch

anybody should be able to update it.
so you suggest that I (and almost 7 bilion people on planet) have enough skills to do it ? not knowing C.
by luqasz
Sun Sep 29, 2013 8:14 pm
Forum: Virtualization
Topic: metarouter 12.09 "Attitude Adjustment" patch
Replies: 2
Views: 3119

metarouter 12.09 "Attitude Adjustment" patch

hi

can mikrotik update patch for stable release of openwrt ?
lots of people want to use latest stable openwrt. patch on mikrotik wiki is 2 years old
by luqasz
Sat Sep 14, 2013 12:41 am
Forum: General
Topic: reinstall routeros. will loose license ?
Replies: 2
Views: 586

Re: reinstall routeros. will loose license ?

if u use same HDD u will not
but why reinstall?
thx for info.

i have made a really stupid mistake. i have added a "system reboot" at the end of a script with is executed just after startup :P
by luqasz
Fri Sep 13, 2013 10:27 pm
Forum: General
Topic: update pdf docs regarding 2011UAS. no rear port description
Replies: 2
Views: 554

Re: update pdf docs regarding 2011UAS. no rear port descript

Cisco cable will work
thx for info
by luqasz
Fri Sep 13, 2013 10:02 pm
Forum: General
Topic: reinstall routeros. will loose license ?
Replies: 2
Views: 586

reinstall routeros. will loose license ?

hi

i need to reinstall routeros on a x86 PC. if i check that i do not want the configuration will i loose the license key ?
by luqasz
Fri Sep 13, 2013 8:34 pm
Forum: General
Topic: update pdf docs regarding 2011UAS. no rear port description
Replies: 2
Views: 554

update pdf docs regarding 2011UAS. no rear port description

hi i have noticed that these docs: http://i.mt.lv/routerboard/files/RB2011UAS.pdf http://i.mt.lv/routerboard/files/rb2011U-qg-130822142451.pdf also please note that in this doc http://i.mt.lv/routerboard/files/RB2011UAS_2HnD.pdf you can see a serial rj45 port but absolutellyno description what cable...
by luqasz
Wed Jul 31, 2013 5:55 pm
Forum: General
Topic: [SOLVED] unify api true/yes, false/no
Replies: 2
Views: 886

Re: unify api true/yes, false/no

ok thx for reply. it seems that yes/no is always accepted while true/false not.
i will then map yes/true to boolean True and no/false to boolean no/false.
by luqasz
Wed Jul 31, 2013 12:45 pm
Forum: General
Topic: [SOLVED] unify api true/yes, false/no
Replies: 2
Views: 886

[SOLVED] unify api true/yes, false/no

hi i am writing my impleentation of api in python and i have encountered a problem with sending yes/true, no/false. all examples belowa are for version 6.1 take for example: <<< /ip/address/print <<< EOS >>> !re >>> =.id=*1 >>> =address=x.x.x.x/x >>> =network=x.x.x.x >>> =interface=bridge1 >>> =actu...
by luqasz
Tue Jul 30, 2013 2:26 pm
Forum: General
Topic: what =catgory=NUMBER codes mean in API ?
Replies: 2
Views: 560

Re: what =catgory=NUMBER codes mean in API ?

what does
=category=0
mean
by luqasz
Tue Jul 30, 2013 12:49 am
Forum: General
Topic: what =catgory=NUMBER codes mean in API ?
Replies: 2
Views: 560

what =catgory=NUMBER codes mean in API ?

hi i have been wondering what do those =category=NUMBER mean in API. !trap (5) =category=2 =message=interrupted <<< /ip/apress/print <<< EOS >>> !trap >>> =category=0 >>> =message=no such command or directory (apress) >>> EOS >>> !trap >>> =message=no such command prefix >>> EOS >>> !done >>> EOS I ...
by luqasz
Wed Jul 24, 2013 9:50 am
Forum: General
Topic: mikrotik configuration manager
Replies: 4
Views: 1284

Re: mikrotik configuration manager

hi

i am rewritingg my routeros api implementation (python).
i host my code on github. this is the branch where i rewrite my code.

i need code reviews and some design pattern help.
by luqasz
Tue Jun 04, 2013 8:51 pm
Forum: General
Topic: Feature requests
Replies: 1159
Views: 207357

Re: Feature requests

when an entry appears in /ip dhcp-server lease you could then launch a script passing internal *id as parameter and do some actions based on it. add custom firewall rule etc. i know this is a "BIG" feature request, but imagine the possibilities. there's some undocumented feature :) /ip dhcp-server ...
by luqasz
Tue Jun 04, 2013 2:05 am
Forum: General
Topic: Feature requests
Replies: 1159
Views: 207357

Re: Feature requests

changing of firewall default policy
by luqasz
Tue Jun 04, 2013 1:23 am
Forum: General
Topic: Feature requests
Replies: 1159
Views: 207357

Re: Feature requests

"trigger" events.
example:
when an entry appears in /ip dhcp-server lease you could then launch a script passing internal *id as parameter and do some actions based on it.
add custom firewall rule etc.
i know this is a "BIG" feature request, but imagine the possibilities.
by luqasz
Tue Jun 04, 2013 1:13 am
Forum: General
Topic: Feature requests
Replies: 1159
Views: 207357

Re: Feature requests

source address selection with /tool fetch
by luqasz
Tue Jun 04, 2013 1:07 am
Forum: General
Topic: Feature requests
Replies: 1159
Views: 207357

Re: Feature requests

considder this example. you monitor some interface. that interface is no longer present on the routeros. mrtg image url is then invalid. error 404 should be putbut instead you get an image with text "ERROR: invalid id" i considder this a bug. when using wget you will not be able to distinguish error...
by luqasz
Tue Jun 04, 2013 1:01 am
Forum: General
Topic: Feature requests
Replies: 1159
Views: 207357

Re: Feature requests

swap mrtg with rrd
it will be possible to specify different time ranges when viewing history
also posiibility todownload rrd files for some other possibilities.
by luqasz
Tue Jun 04, 2013 12:57 am
Forum: General
Topic: Feature requests
Replies: 1159
Views: 207357

Re: Feature requests

loopback interface address assignment. [admin@Mikrotik] > ping 127.0.0.1 count=2 HOST SIZE TTL TIME STATUS 127.0.0.1 56 64 6ms 127.0.0.1 56 64 5ms sent=2 received=2 packet-loss=0% min-rtt=5ms avg-rtt=5ms max-rtt=6ms HOST SIZE TTL TIME STATUS you can ping it but can not add more addresses. only solut...
by luqasz
Sun Jun 02, 2013 11:26 pm
Forum: General
Topic: wiki pages update
Replies: 1
Views: 354

wiki pages update

hi.

can we (forum users) update wiki pages ?
i have some api examples that i think some people will find usefull. shall i post those updates here ?
by luqasz
Thu May 02, 2013 3:53 pm
Forum: General
Topic: api queries. complex queries. please explain
Replies: 15
Views: 11830

Re: api queries. complex queries. please explain

Also, side note: ".proplist" is an attribute word, not a query word. It could (if you let it...) go into the same place where users would normally specify arguments (e.g. "detail", "stats", etc.). i don't want to distinguish normal print and print with querry. in a sense of different methods. query...
by luqasz
Thu May 02, 2013 11:38 am
Forum: General
Topic: api queries. complex queries. please explain
Replies: 15
Views: 11830

Re: api queries. complex queries. please explain

thx for reply my goal is to write some wrapper for queries so when someone will use my api implementation (in python3) he/she will not have to learn query syntax. for example: query('/interface').where(query.type == 'ethernet').returning(query.id) this will show all ethernet interfaces with =.propli...
by luqasz
Wed May 01, 2013 7:36 pm
Forum: General
Topic: Feature requests
Replies: 1159
Views: 207357

Re: Feature requests

kerberos ssh login

this would be a really secure and nice alternative to radius.
by luqasz
Wed May 01, 2013 7:34 pm
Forum: General
Topic: mikrotik configuration manager
Replies: 4
Views: 1284

Re: mikrotik configuration manager

sory for that.

currently i am rerwiting mcm and routeros api implementation. i hope i will finish it soon.
consider this topic as closed.
by luqasz
Wed May 01, 2013 7:07 pm
Forum: General
Topic: api queries. complex queries. please explain
Replies: 15
Views: 11830

Re: api queries. complex queries. please explain

thx for your reply. it did answer some questions.

/interface/print
?type=wlan
?#!
?type=bridge
?#!
?#&
is equivalent to
/interface/print
?type=wlan
?type=bridge
?#|!
ok got that.

above is the same as:
(!a && !b) == !(a || b)
but how to write this:
!(a && b) == (!a || !b)
by luqasz
Wed May 01, 2013 4:14 am
Forum: General
Topic: api queries. complex queries. please explain
Replies: 15
Views: 11830

api queries. complex queries. please explain

hi i would like to use queries more frequently. problem is that i do not understand all that is written on wiki . considder following examples: i have a routerboard with 5 ethernet interfaces, 1 wlan, 1 bridge print all interfaces that are not type=wlan and type=bridge /interface/print =.proplist=ty...
by luqasz
Mon Apr 08, 2013 8:45 pm
Forum: General
Topic: 0x7FFFFFFFFF and API
Replies: 0
Views: 413

0x7FFFFFFFFF and API

hi in API docs you write that maximal lengts is up to 0x7FFFFFFFFF. up to including or not ? in short. length must be: < 0x7FFFFFFFFF <= 0x7FFFFFFFFF ? according to table: len >= 0x10000000 5 0xF0 and len as four bytes i understand that i always write 0xF0 as first byte and "len as four bytes" i can...
by luqasz
Sat Sep 29, 2012 12:23 am
Forum: General
Topic: mikrotik configuration manager
Replies: 4
Views: 1284

mikrotik configuration manager

hi for some time i have been working on program that will ease up my work. i wanted something that will change some part of mikrotik configuration on multiple devices without doing it manually. i have made "mikrotik configuration manager". this software is free, open source licensed under gnu gpl v3...
by luqasz
Thu Aug 09, 2012 5:43 pm
Forum: General
Topic: '/tool fetch' unusable via api
Replies: 0
Views: 1551

'/tool fetch' unusable via api

hi. i want to use fetch via api. problem is that trough api running fetch repeats its status on and on forever until it gets terminated by '/cancel'. it makes things difficult. it requires someone (like me) to implement totally different method to use '/tool fetch' in mikrotik via api. it is not com...
by luqasz
Mon Dec 19, 2011 10:03 pm
Forum: General
Topic: freeradius login users. cleartext passwords
Replies: 7
Views: 5889

Re: freeradius login users. cleartext passwords

i have found that when logging via ssh/telnet mikrotik sends password in clear text. when logging via winbox/mac-telnet/bw-test mikrotik sens password in chap-password format. it is now obvious why radius fails to "transform" chap password into sha-password. i am asking why it is different in winbox...
by luqasz
Mon Dec 19, 2011 5:21 pm
Forum: General
Topic: freeradius login users. cleartext passwords
Replies: 7
Views: 5889

freeradius login users. cleartext passwords

hi i have noticed that if i have password stored in database in md5 or sha user can not use/authenticate using: * bandwidth test * winbox * mac-telnet things taht only work are: * telnet * ssh * ftp if i have password in clear text format all above works freeradius -X returns: without clear text log...
by luqasz
Thu Dec 08, 2011 7:07 pm
Forum: General
Topic: insecure method to store passwords.
Replies: 5
Views: 1060

Re: insecure method to store passwords.

and ? any official statement ?
by luqasz
Fri Jul 15, 2011 12:00 pm
Forum: Scripting
Topic: how to get file contents via api
Replies: 2
Views: 1003

Re: how to get file contents via api

thx for reply
by luqasz
Fri Jul 08, 2011 3:31 pm
Forum: Scripting
Topic: how to get file contents via api
Replies: 2
Views: 1003

how to get file contents via api

hi

i was wondering if it is possible to get file contents via api. for example to get contents of rsc files.
by luqasz
Mon Jun 20, 2011 4:31 pm
Forum: Scripting
Topic: get uplink interface
Replies: 3
Views: 835

Re: get uplink interface

ok thx for reply. my fault. thought it was a bug
by luqasz
Mon Jun 20, 2011 4:02 pm
Forum: Scripting
Topic: get uplink interface
Replies: 3
Views: 835

Re: get uplink interface

found something that works much faster. { :local gw [/ip route get [find where dst-address=0.0.0.0/0] gateway]; :local mac [/ip arp get [find address=$gw] mac-address ]; :put [/interface bridge host get [find mac-address=$mac] on-interface ]; } and something really interesting: :put [:typeof [/ip ro...
by luqasz
Fri Jun 17, 2011 12:50 pm
Forum: Scripting
Topic: get uplink interface
Replies: 3
Views: 835

get uplink interface

hi i want to get an uplink interface based on ip address of default route on bridged mikrotik. i have solved this by doing: :put [/interface bridge host get [find where mac-address=[/ip arp get [find where address=172.16.244.33] mac-address]] on-interface] problems: slower when more entries in bridg...
by luqasz
Tue May 17, 2011 9:32 pm
Forum: General
Topic: [solved] freeradius + aaa + assign users to groups
Replies: 9
Views: 8857

Re: freeradius + aaa + assign users to groups

OMG it is so SICK. i have found that in debian not all dictionaries are included in directory /usr/share/freeradius/dictionary file (witch holds $INCLUDE lines per vendor dictionary)
i was missing $INCLUDE dictionary.mikrotik line


any way thx for your quick response. much apicieated. :D
by luqasz
Tue May 17, 2011 9:18 pm
Forum: General
Topic: [solved] freeradius + aaa + assign users to groups
Replies: 9
Views: 8857

Re: freeradius + aaa + assign users to groups

# NAME VERSION SCHEDULED 0 system 4.10 1 dhcp 4.10 2 hotspot 4.10 3 calea 4.10 4 gps 4.10 5 advanced-tools 4.10 6 mpls 4.10 7 ipv6 4.10 8 multicast 4.10 9 routerboard 4.10 10 ups 4.10 11 security 4.10 12 ntp 4.10 13 user-manager 4.10 14 routing 4.10 15 ppp 4.10 16 wireless 4.10 ii freeradius 2.1.10...
by luqasz
Tue May 17, 2011 9:05 pm
Forum: General
Topic: [solved] freeradius + aaa + assign users to groups
Replies: 9
Views: 8857

Re: freeradius + aaa + assign users to groups

[sql] expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radreply WHERE username = 'ukasz' ORDER BY id rlm_sql_mysql: query: SELECT id, username, attribute, value, op FROM radreply WHERE u...
by luqasz
Tue May 17, 2011 8:52 pm
Forum: General
Topic: [solved] freeradius + aaa + assign users to groups
Replies: 9
Views: 8857

Re: freeradius + aaa + assign users to groups

thx for info but: - freeradius says that Mikrotik-Group is no longer used (confusing) - in witch table should i input this value (radreply, radgroupcheck, radgroupreply) and how it should look like (operator)? maybe you could post me some debug infor from mikrotik user manager and mikrotik device th...
by luqasz
Tue May 17, 2011 8:15 pm
Forum: General
Topic: [solved] freeradius + aaa + assign users to groups
Replies: 9
Views: 8857

[solved] freeradius + aaa + assign users to groups

hi i have installed freeradius and set up mikrotik to use accounts in radius to login via telnet ssh. default group is read. i can not find any info how to set up radius to assign some users to group full. i am using freeradius + postgres backend. have any 1 tried it ? radreply table (i have tried c...
by luqasz
Tue May 10, 2011 3:22 pm
Forum: General
Topic: packages dependencies
Replies: 2
Views: 359

Re: packages dependencies

thx for reply i can not edit http://wiki.mikrotik.com/wiki/Manual:System/Packages can you please post on wiki: Dependencies All packages require same version as system package and system package itself. Packages are independent. Dude package does not depend on any package and on any version. For exa...
by luqasz
Tue May 10, 2011 2:18 pm
Forum: General
Topic: packages dependencies
Replies: 2
Views: 359

packages dependencies

hi i am writing a cfengine like program for routeros to massively configure ros devices via api. i would like to manage package sets in ros devices but i don't know their dependencies. can i have some documentation on this ? what packages depend on witch one and version relations etc. i will documen...
by luqasz
Wed May 04, 2011 3:20 pm
Forum: General
Topic: SOLVED vlan + DES-3226S + linux
Replies: 6
Views: 949

SOLVED vlan + DES-3226S + linux

ok my problem was that same interface that was on bridge was used in vlan.

ether3 was bridged with eoip. i wanted to add vlan to ether3 and when i removed ether3 from bridge vlan worked
by luqasz
Mon May 02, 2011 5:03 pm
Forum: General
Topic: SOLVED vlan + DES-3226S + linux
Replies: 6
Views: 949

Re: vlan + DES-3226S + linux

the main difference between linux and mikrotik is: - linux's interface can be both tagged and untagged same time no this is VERRY WRONG - mikrotik's interface CANNOT be both tagged and untagged same time (by my experience) by sample: linux interface eth0 (untagged to ANY VLAN - depends on switch po...
by luqasz
Thu Apr 28, 2011 8:58 am
Forum: General
Topic: SOLVED vlan + DES-3226S + linux
Replies: 6
Views: 949

Re: vlan + DES-3226S + linux

i have only 1 cable that leads to the roof witch is preetty much inaccesable.
by luqasz
Fri Apr 22, 2011 8:33 pm
Forum: General
Topic: SOLVED vlan + DES-3226S + linux
Replies: 6
Views: 949

SOLVED vlan + DES-3226S + linux

hi i have a routerboard 433ah connected fo switch and a pc with debian on board with is connected to a switch 433ah ether 3 <->(port 11) sw (port8)<-> debian i want to pass a vlan tag-id 300 from routerboard to debian. then bridge vlan on rb with wifi card. name="test" mtu=1500 l2mtu=1518 mac-addres...
by luqasz
Mon Feb 07, 2011 2:22 pm
Forum: General
Topic: where can i find old routeros firmware pre 3.30
Replies: 1
Views: 433

where can i find old routeros firmware pre 3.30

hi

where can i find old pre 3.30 routeros images ?
by luqasz
Thu Feb 03, 2011 3:32 pm
Forum: The Dude
Topic: feature request
Replies: 0
Views: 416

feature request

hi will you implement import of hosts feature ? we are using nagios (verry old version) and currently we can not click one by one 1000k and growing number of hosts. import would be verry nice and as well as some templates for importded hosts. weather it is a mikrotik device (default password) or pc ...
by luqasz
Mon Jan 31, 2011 2:12 pm
Forum: General
Topic: ssh kerberos suport
Replies: 0
Views: 632

ssh kerberos suport

hi

can you implement ssh + kerberos based logins feature ? this will be a nice alternative for user manager
by luqasz
Thu Jan 27, 2011 9:51 pm
Forum: Beginner Basics
Topic: remote logging with rsyslog
Replies: 2
Views: 9471

Re: remote logging with rsyslog

i might know what is your problem. this is my whole rsyslog.conf # /etc/rsyslog.conf Configuration file for rsyslog v3. # # For more information see # /usr/share/doc/rsyslog-doc/html/rsyslog_conf.html ################# #### MODULES #### ################# $ModLoad imuxsock # provides support for loca...
by luqasz
Thu Jan 27, 2011 10:02 am
Forum: General
Topic: is this a bug in logging ?
Replies: 2
Views: 639

Re: is this a bug in logging ?

ok then it is impossible (and not only this) to log failed logins with prefix --ACCOUNT-- and rest of system messages as --SYSTEM-- only. problem is that i would have to know EVERY log message that mikrotik can send to filter it properly either in mikrotik or rsyslog. having add action=remote disabl...
by luqasz
Wed Jan 26, 2011 3:20 pm
Forum: General
Topic: is this a bug in logging ?
Replies: 2
Views: 639

is this a bug in logging ?

hi i want to log couple of thing into a remote host via rsyslog. problem is that: 13:59:24 wireless,info --WIRELESS--: 00:0B:6B:2C:35:7C@wlan4: connected, wants WDS 13:59:26 system,info,account --ACCOUNT--: user admin logged in from 10.194.3.56 via ssh 13:59:26 system,info,account --SYSTEM--: user a...
by luqasz
Wed Jan 26, 2011 9:42 am
Forum: Beginner Basics
Topic: remote logging with rsyslog
Replies: 2
Views: 9471

remote logging with rsyslog

hi for some time i have been strugling with remote loging in syslog. i have made it to a level that i can sort messages in rsyslog to separate files. problem is with failed logins. this is my /system logging export /system logging action set memory memory-lines=300 memory-stop-on-full=no name=memory...
by luqasz
Thu Dec 16, 2010 8:46 pm
Forum: General
Topic: Feature requests
Replies: 1159
Views: 207357

Re: Feature requests

new policy in /user group. special policy to log in via api called api, now it can be blocked via winbox policy only. please separate those two. any chance for this ? we have almost 1000k mikrotiks and counting in network and we woul love to use one password for entire countru to log in via api. gi...
by luqasz
Tue Dec 07, 2010 1:09 pm
Forum: General
Topic: Feature requests
Replies: 1159
Views: 207357

Re: Feature requests

new policy in /user group.
special policy to log in via api called api, now it can be blocked via winbox policy only.
please separate those two.
by luqasz
Mon Dec 06, 2010 12:59 pm
Forum: General
Topic: Feature requests
Replies: 1159
Views: 207357

Re: Feature requests

many users write some scripts (many of them are not version compatibile) to backup and export configuration maybe some feature like /tool backup to write backup and rsc file and send it via ftp, tftp, scp to a remote host. verry important feature would be to write files to memory and not internal s...
by luqasz
Tue Nov 30, 2010 9:51 am
Forum: Scripting
Topic: PHP API bug - read() fails on large replies - this fix OK?
Replies: 22
Views: 6557

Re: PHP API bug - read() fails on large replies - this fix O

NAB can you enable your read function to supress this:
 php-cgi -q mt.php

5
37
0
5
0
5
0
5
0
5
0
when not in debug mode ?
by luqasz
Mon Nov 22, 2010 5:09 pm
Forum: General
Topic: Feature requests
Replies: 1159
Views: 207357

Re: Feature requests

many users write some scripts (many of them are not version compatibile) to backup and export configuration maybe some feature like /tool backup to write backup and rsc file and send it via ftp, tftp, scp to a remote host. verry important feature would be to write files to memory and not internal st...
by luqasz
Mon Nov 22, 2010 4:53 pm
Forum: General
Topic: Feature requests
Replies: 1159
Views: 207357

Re: Feature requests (DNS names input instead of IP address)

Hi, Please add feature that will allow me to add DNS name instead of exact IP address. I need this to connect 2 or more MKT routers (PPTP connection) if they are connected to internet thru ADSL and theirs IP addresses are dynamic. I hope that you understand what I am saying and that we can expect t...
by luqasz
Thu Sep 09, 2010 8:07 pm
Forum: The Dude
Topic: upgrade routeroos firmware on 500 routerboards
Replies: 8
Views: 2252

Re: upgrade routeroos firmware on 500 routerboards

ok but can i edit backup.xml somehow to import those mikrotiks ?
by luqasz
Thu Sep 09, 2010 1:09 pm
Forum: The Dude
Topic: upgrade routeroos firmware on 500 routerboards
Replies: 8
Views: 2252

Re: upgrade routeroos firmware on 500 routerboards

ok program is ok. i have tried exporting configuration and modyfying <Device> and <NetworkMapElement>. no success. i have 500 mikrotiks to add into dude and ther is no way i can do it automaticly. i have added 400 device sections and changed <sys-id> that matches <item-id> in <NetworkMapElement> no ...
by luqasz
Wed Sep 08, 2010 4:54 pm
Forum: The Dude
Topic: upgrade routeroos firmware on 500 routerboards
Replies: 8
Views: 2252

Re: upgrade routeroos firmware on 500 routerboards

thx for reply. i will take a look into dude. i wonder how i will import 500 routerboards into dude. if only by hand then it is waste of time

do i need to install dude package into mikrotiks befor upgrading ?
by luqasz
Wed Sep 08, 2010 3:25 pm
Forum: The Dude
Topic: upgrade routeroos firmware on 500 routerboards
Replies: 8
Views: 2252

upgrade routeroos firmware on 500 routerboards

hi

i have various versions of routeros on routerboards (different kinds of and i have about 500 of them active in network). is it possible to upgrade them all to 4.11 ? versions vary from 2.9 to 4.2
by luqasz
Tue Oct 21, 2008 4:23 pm
Forum: Wireless Networking
Topic: new soft issues
Replies: 2
Views: 924

new soft issues

Hi I was glad to use 2.9.27 os version becouse it was stable and i knew what to expect after executing some commands. It is stable and nstreme-dual works great on it. In 3.x os version i can't expect that and be sure about stability and performance of ndtreme-dual. In fact nstreme-dual works horribl...
by luqasz
Sun Aug 19, 2007 1:03 pm
Forum: Wireless Networking
Topic: please help me understand wireles modes
Replies: 1
Views: 937

please help me understand wireles modes

hi i want to learn mirotik router os, but i can not understand several modes in wlan networking. what is, what for and how to use: station, station wds, wds-slave, ap-bridge and bridge considder this situation: i want one mt to work as an transparent bridge and other one to get ip address fron dhcp ...