Community discussions

MikroTik App

Search found 732 matches

by dssmiktik
Tue Apr 26, 2016 5:54 am
Forum: Scripting
Topic: Cant read file large then 4085 bytes
Replies: 17
Views: 8135

Re: Cant read file large then 4085 bytes

Hey, this means I can't parse files??? No other ways to read by chunks? I want to parse http://txt.proxyspy.net/proxy.txt Unfortunately not if the contents is > 4kb. You could setup an external service to transform the data into a RouterOS string via local variable. This would allow you to consume ...
by dssmiktik
Sat Apr 16, 2016 6:47 am
Forum: Scripting
Topic: Cant read file large then 4085 bytes
Replies: 17
Views: 8135

Re: Cant read file large then 4085 bytes

I believe it may have something to do with the buffering mechanism being used to fetch / stream data. At one point, I thought this limitation applied to comments as well, but I think that is no longer the case. Regardless, it would be nice to at least see some streaming API, even if we an only buffe...
by dssmiktik
Wed Dec 04, 2013 7:32 am
Forum: Beginner Basics
Topic: automatic Shutdown script
Replies: 9
Views: 15142

Re: automatic Shutdown script

If you're running on a PC, one option is to use the Wake On LAN facility offerred by most networking cards.

RouterBOARD may support this feature as well (though I have not confirmed this).
by dssmiktik
Mon Jan 28, 2013 12:20 am
Forum: General
Topic: Feature request: Parameters for scripts
Replies: 2
Views: 2005

Re: Feature request: Parameters for scripts

While this does not completely fit your requirements, it does provide a means for local-scoped arguments in RouterOS scripts, simulating function-like capability.

http://forum.mikrotik.com/viewtopic.php ... 47#p190847
by dssmiktik
Sun Dec 18, 2011 7:51 am
Forum: General
Topic: Clear user command history
Replies: 13
Views: 19805

Re: Clear user command history

I think it would be fairly trivial to do, maybe:
echo > /path/to/history/file
by dssmiktik
Thu Jul 28, 2011 1:18 am
Forum: General
Topic: Password recovery routerboard 750
Replies: 5
Views: 9460

Re: Password recovery routerboard 750

I don't think so. To create a backup, you need to login to the router, and have access to the console to issue commands.
by dssmiktik
Thu Jul 28, 2011 1:15 am
Forum: General
Topic: feature request : GRE tunnel
Replies: 56
Views: 33422

Re: feature request : GRE tunnel

I believe the keepalive is only to send some traffic over the tunnel, not to detect running state. EoIP is still stateless in that it will always show running state, even if no traffic is sent across the tunnel.
by dssmiktik
Wed Jul 27, 2011 3:57 am
Forum: General
Topic: Get access to login/status page of hotspot's user from WAN
Replies: 5
Views: 1940

Re: Get access to login/status page of hotspot's user from W

However, you may be able to use the API to hookup a web page to display stats. The server providing such page could be made accessible via the WAN.
by dssmiktik
Mon Jul 25, 2011 2:00 am
Forum: Scripting
Topic: API: set `contents` of file
Replies: 12
Views: 4177

Re: API: set `contents` of file

dominikh,

There is no mv or rename file ability on RouterOS.
by dssmiktik
Wed Jul 20, 2011 9:18 pm
Forum: Scripting
Topic: API: set `contents` of file
Replies: 12
Views: 4177

Re: API: set `contents` of file

I don't want my files to be txt... ;-)
Now, you're asking for too much ;) Linux powered devices can't rename files :)
by dssmiktik
Wed Jul 20, 2011 8:46 pm
Forum: General
Topic: Regular expression for DNS Query
Replies: 5
Views: 2792

Re: Regular expression for DNS Query

When you enable DNS caching in RouterOS, it will cache all queries made through the DNS protocol (port 53). However, you can search this cache if you need information from it:
/ip dns cache all find
by dssmiktik
Fri Jul 15, 2011 1:46 am
Forum: Beginner Basics
Topic: Scheduling two scripts
Replies: 4
Views: 1487

Re: Scheduling two scripts

Just check the run-count of a single scheduled script

<add scheduled script to run at 5:00 every day>
Script:
:if ([/system scheduler get <scheduler name> run-count] > 5) do={
   /quit
}

<rest of script to run>..
by dssmiktik
Sun Jul 10, 2011 4:40 am
Forum: General
Topic: Backup and Restore Certificates
Replies: 21
Views: 18078

Re: Backup and Restore Certificates

acaruso, Your private key is bound somehow to either the OS instance, or the hardware it's installed on. Basically, this means, you cannot decrypt the certificate as it in inaccessible outside RouterOS. In short, you cannot restore full certificate data across multiple devices, or multiple RouterOS ...
by dssmiktik
Sun Jul 10, 2011 4:06 am
Forum: Scripting
Topic: how to stop a scheduled script after x times?
Replies: 33
Views: 12012

Re: how to stop a scheduled script after x times?

Something like this might work: :local cnt [/system scheduler get [/system scheduler find name=<scheduler-name>] run-count] :if(cnt>x) do={ /quit } <Rest of script here> This means, as the router is running, the script will not run more that X times. However, when the router is rebooted, the schedul...
by dssmiktik
Sun Jul 03, 2011 2:46 am
Forum: Beginner Basics
Topic: Usermanager Database, ....
Replies: 7
Views: 2132

Re: Usermanager Database, ....

MasterofDisaster,
As previously mentioned, I have not tried it myself, but I may be able to provide some pointers to head you in the right direction.

What exactly have you tried so far?
by dssmiktik
Sun Jul 03, 2011 2:38 am
Forum: Scripting
Topic: DEC to HEX script
Replies: 11
Views: 4937

Re: DEC to HEX script

otgooneo, Replace ':global' with ':local' This will mean variables are only local to that instance of the running script, and will not conflict when running 2 or more of the same script simultaneously. EDIT: Also, a good practice is to only define the variable once (ex. only 1 ':local' per variable)...
by dssmiktik
Sat Jul 02, 2011 9:02 am
Forum: General
Topic: What web server integrates RouterOS?.
Replies: 4
Views: 1284

Re: What web server integrates RouterOS?.

Webfig and webbox are services that run internally on RouterOS, and are only accessible via the HTTP(S) protocol.

As for hotspot, check the Wiki for modifying the hotspot pages, etc... at: http://wiki.mikrotik.com
by dssmiktik
Sat Jul 02, 2011 8:59 am
Forum: Beginner Basics
Topic: Usermanager Database, ....
Replies: 7
Views: 2132

Re: Usermanager Database, ....

Not with RouterOS tools, however it may be possible using and sqllite file reader/modifier, then merging the table(s).

NOTE: I have not tried this, and cannot confirm this works.
by dssmiktik
Mon May 30, 2011 11:03 pm
Forum: General
Topic: Feature request: Notepad/ToDolist/Router comments
Replies: 12
Views: 3144

Re: Feature request: Notepad/ToDolist/Router comments

Maybe like the demo license has that popup window just after login to winbox about the 24hr license, something similar for system note to be displayed?
by dssmiktik
Mon May 30, 2011 9:57 pm
Forum: Scripting
Topic: How to write a script for multiple routeros versions
Replies: 2
Views: 1402

Re: How to write a script for multiple routeros versions

mrz,
I think there's a bigger issue here as well. It would be nice to keep backward compatibility when adding new functionality/properties. (This would help me tremendously).
by dssmiktik
Mon May 30, 2011 9:49 pm
Forum: Beginner Basics
Topic: Mikrotik EoIP
Replies: 2
Views: 1904

Re: Mikrotik EoIP

EoIP is Mikrotik only. You can use GRE tunnel.
Happy to hear the GRE part, I know it's in v5, I just want to say again how much I appreciate finally having this feature.
by dssmiktik
Mon May 30, 2011 9:44 pm
Forum: Scripting
Topic: Add user with login.html
Replies: 3
Views: 2016

Re: Add user with login.html

How would you secure this? If the login page (or any page handed to the client's browser) is allowed to create logins on the router hotspot, what prevents 1000 users from sending random user names to the router? Also, if a user changes their MAC address, then they are treated as a new user, again al...
by dssmiktik
Mon May 30, 2011 9:36 pm
Forum: General
Topic: Integrating Facebook Connect with Hotspot Login / Authent ..
Replies: 132
Views: 653146

Re: Integrating Facebook Connect with Hotspot Login / Authen

I could see this working really well for public hotspots since most users already have an account (facebook, gmail, yahoo, etc...)
by dssmiktik
Sun May 29, 2011 2:04 am
Forum: Beginner Basics
Topic: FLOODING IS KILLING PLEASE HELP...
Replies: 12
Views: 6285

Re: FLOODING IS KILLING PLEASE HELP...

you can try like : 1. put firewall filter rule to block port p2p (torrent like) 2. put queque limit for allp2p (there is p2p in advanced) and make it for download 1k and also upload 1k 3. by activate web-proxy or proxy in mikrotik and deny all *torrent* , *bittorrent*, *tracker* (in access) all thi...
by dssmiktik
Thu May 26, 2011 1:15 pm
Forum: General
Topic: v5.3 released
Replies: 76
Views: 15800

Re: v5.3 released

I'm seeing the same firefox v4.0.1 problem in ROS v5.3

Popups are trying to be open every 1/2 sec.
by dssmiktik
Fri May 20, 2011 10:34 am
Forum: The Dude
Topic: Dude for Linux
Replies: 49
Views: 44575

Re: Dude for Linux

Dude doesn't run on top of RouterOS. It's exclusively a windows program. You are talking about the Dude agent NPK package. This is where the misunderstanding came from Right, so that makes sense. However, I think the general discussion was about running the Dude agent on linux, kind of like 'server...
by dssmiktik
Wed May 18, 2011 9:39 pm
Forum: Scripting
Topic: ChangeIP and Mikrotik 5.0
Replies: 22
Views: 11629

Re: ChangeIP and Mikrotik 5.0

Yep - I threw that in there because it breaks the script because its a bad command : ) If there is another way to exit I would love to know it.
:error ("Not a valid command");
by dssmiktik
Wed May 18, 2011 9:34 pm
Forum: The Dude
Topic: Dude for Linux
Replies: 49
Views: 44575

Re: Dude for Linux

remember GRE debate for a few years? That only made people more angry because we weren't getting 'real' responses from support, but rather getting answers making us users feel like it's our fault, or that we shouldn't be using such a standard protocol in networking equipment. GRE is natively suppor...
by dssmiktik
Mon May 16, 2011 9:46 am
Forum: The Dude
Topic: Dude for Linux
Replies: 49
Views: 44575

Re: Dude for Linux

+1 for Linux Dude ! it ROS not a port of linux? I'm not seeing why it would be that difficult I'm sick of my Dude server getting hacked and would love to run it on Linux not virus feeding windows 1. routeros has nothing to do with dude, they are not related 2. why is your dude getting hacked and ho...
by dssmiktik
Mon May 16, 2011 9:28 am
Forum: General
Topic: v5.2 released
Replies: 161
Views: 44342

Re: v5.2 released

It can start simple, nothing too complex, just a way for 'trusted' users to submit/modify features / bugs / fixes, maybe this forum could be used as a starting point for vetting the users' allowed to 'post' data to the bugtracker. Then maybe read-only access for general users. All I would like to se...
by dssmiktik
Mon May 16, 2011 12:05 am
Forum: The User Manager
Topic: How to make it so users CANT change passwords in UM
Replies: 4
Views: 2101

Re: How to make it so users CANT change passwords in UM

you can create a firewall rule in the input chain that drops port 80 TCP packets from the customer network
Then the user could not view their statistics, right?
by dssmiktik
Mon May 16, 2011 12:01 am
Forum: Scripting
Topic: ChangeIP and Mikrotik 5.0
Replies: 22
Views: 11629

Re: ChangeIP and Mikrotik 5.0

changeip, I don't believe :break is a valid command. It was documented in the v2 (maybe v3) documentation but never quite worked right.

When trying to use break, I get this error:
bad command name break
by dssmiktik
Sun May 15, 2011 11:50 pm
Forum: Scripting
Topic: A script to calculate Average CPU Load
Replies: 19
Views: 18907

Re: A script to calculate Average CPU Load

$avgcpuload >= 100
I should hope CPU (or average value) would never be higher than 100! :lol:
by dssmiktik
Sun May 15, 2011 11:39 pm
Forum: General
Topic: v5.2 released
Replies: 161
Views: 44342

Re: v5.2 released

It is too often that people post angry messages like "when is this going to be fixed" because they assumed somebody reported this somewhere, but actually all of them are just waiting, and nothing is posted to the forum or to support. I am simply encouraging everyone to make those supout.r...
by dssmiktik
Sat May 07, 2011 11:14 pm
Forum: RouterBOARD hardware
Topic: RB1100 backup restore problem.
Replies: 3
Views: 2059

Re: RB1100 backup restore problem.

Egate, Just curious, what are the models of the two devices (RB1 and RB2)? EDIT: RB1100, I didn't catch that the first time reading. And to make sure I understand correctly, this is your findings: RB1.backup (good) RB2.export (good) restore: RB1.backup -> RB1 (no hotspot settings) restore: RB1.backu...
by dssmiktik
Sat May 07, 2011 8:39 pm
Forum: General
Topic: Mikrotik restore missing NAT rules
Replies: 6
Views: 2382

Re: Mikrotik restore missing NAT rules

DrLove73, When you rebooted the router, did you have any settings missing? I'm wondering if it's either a problem with the restore, or a problem with the created backup file itself. The backup file is supposed to be literally the same settings the router uses directly for configuration. I've had som...
by dssmiktik
Fri May 06, 2011 9:31 am
Forum: General
Topic: Mikrotik restore missing NAT rules
Replies: 6
Views: 2382

Re: Mikrotik restore missing NAT rules

We have been running RouterOS 3.20 on a PC for so time and yesterday was compelled to restore after a "freak" crash that saw the majority of the NAT rules disappearing and the router rebooting. Before the crash I was editing a NAT rule and soon after applying the changes the router timed ...
by dssmiktik
Fri Apr 29, 2011 8:42 am
Forum: General
Topic: v5.2 released
Replies: 161
Views: 44342

Re: v5.2 released

this is why you can use keys to authenticate from routeros client and it will work in same manner as paswordless key authentication from any other ssh client. you have to add key to '/user ssh-keys private' private key on local router and '/user ssh-keys' to add public key and off you go. Thanks :)...
by dssmiktik
Wed Apr 27, 2011 9:27 pm
Forum: General
Topic: v5.2 released
Replies: 161
Views: 44342

Re: v5.2 released

File -> Download does not appear to work on v5.2 Webfig.
by dssmiktik
Wed Apr 27, 2011 9:19 pm
Forum: General
Topic: v5.2 released
Replies: 161
Views: 44342

Re: v5.2 released

Mikrotik, Thanks for the SSH command capability, I've been wanting this for awhile now. However, like most things in RouterOS, I would like to see the ability to capture the commands output to fully use this feature. Example: :local resource [/system ssh address=<router> command="/system resour...
by dssmiktik
Fri Apr 22, 2011 3:17 am
Forum: General
Topic: v.5.1 release
Replies: 29
Views: 9048

Re: v.5.1 release

while testing 5.2 for release some more problems where found, so we are working on those and thus release of 5.2 is delayed.
Thank you for the update :) I would like to wait for upgrade v5.2 when it is fully ready, working, and stable.
by dssmiktik
Thu Apr 14, 2011 10:10 pm
Forum: Virtualization
Topic: Ask? I can let RouterOs run as a guest on a Xen 3.xx
Replies: 8
Views: 4197

Re: Ask? I can let RouterOs run as a guest on a Xen 3.xx

This is also true with KVM.

If you need a CPU that supports hardware virtualization, why not use KVM as suggested with v4 / v5? Both Xen and KVM require hardware virt. support.

Not sure about the stability of KVM in RouterOS, as I don't use it myself.
by dssmiktik
Thu Apr 14, 2011 10:03 pm
Forum: General
Topic: v.5.1 release
Replies: 29
Views: 9048

Re: v.5.1 release

Webfig broke in v5.1 5.2 should be released to fix this bug.

Mikrotik, what changed in v5.1 webfig that broke it? Is there anywhere we might log this to let users know not to use v5.1?
by dssmiktik
Wed Apr 13, 2011 7:42 am
Forum: General
Topic: cant login to webfig.. just shows loading
Replies: 18
Views: 9878

Re: cant login to webfig.. just shows loading

Please test this before you release "stable" software Mikrotik. No excuse. I've been trying very hard to get you guys to notice that we users really want stable/reliable systems. Again, we pay for your software. Step up the Quality Assurance/Testing guys, really. I will continue to try unt...
by dssmiktik
Wed Apr 13, 2011 7:25 am
Forum: General
Topic: RouterOS 5.1 is out!
Replies: 93
Views: 22006

Re: RouterOS 5.1 is out!

As reported, I also cannot access webfig in v5.1 on x86.
by dssmiktik
Tue Mar 01, 2011 1:34 am
Forum: Scripting
Topic: FTP File transfer from Mikrotik to non Mikrotik FTP Server
Replies: 7
Views: 31023

Re: FTP File transfer from Mikrotik to non Mikrotik FTP Serv

I guess you could also use fetch in GET mode to trigger a remote php script to ftp files from the router. I haven't tested this, but if you run php on the back-end, it should be able to ftp into the router. Ex. /tool fetch address=a.b.c.d src-path="/mikchanged.php?action=pullgraphs" dst-pa...
by dssmiktik
Thu Feb 24, 2011 10:14 pm
Forum: General
Topic: OpenVPN, Windows and the auth-user-pass <file> option
Replies: 6
Views: 8988

Re: OpenVPN, Windows and the auth-user-pass <file> option

If I'm understanding correctly, the client could always use auth-user-pass , but it's the server which verifies it use a script or plugin or straight file (1st line = user, 2nd line = pass). OliverPuff, Do you mean for RouterOS, or another linux binary? If it's for RouterOS, can it use the scripting...
by dssmiktik
Thu Feb 24, 2011 4:26 am
Forum: General
Topic: OpenVPN, Windows and the auth-user-pass <file> option
Replies: 6
Views: 8988

Re: OpenVPN, Windows and the auth-user-pass <file> option

I don't believe one exists. It would be nice though to be able to have this functionality. It's kind of nice to have.
by dssmiktik
Thu Feb 24, 2011 3:05 am
Forum: General
Topic: Extract graphs from backup
Replies: 14
Views: 7222

Re: Extract graphs from backup

Actually, I would like to have gzip command exposed to RouterOS. This way I could compress the .backup files to same a lot of space in case router doesn't have so much drive space. The compression is really really good, as most of the backup is the same data. Something I've noticed with Mikrotik: On...
by dssmiktik
Wed Feb 23, 2011 3:34 am
Forum: General
Topic: Extract graphs from backup
Replies: 14
Views: 7222

Re: Extract graphs from backup

Does anyone know how i could email a directory in the mikrotik>files? I am looking at emailing the folder graph to my email daily? AFAIK, you can only send 1 file attachment through email on RouterOS, and there is no way to convert the folder/files to a zip, or single file. To send a single graph i...
by dssmiktik
Mon Feb 21, 2011 11:03 pm
Forum: General
Topic: Extract graphs from backup
Replies: 14
Views: 7222

Re: Extract graphs from backup

It looks like there's some hard-coded address and port specified in the interface section. Here is an updated version. Let me know if this works for you, and if so, I will update the Wiki with any needed updates. # Backup graphing data :local graphaddress "127.0.0.1" :local graphport 80 :l...
by dssmiktik
Sat Feb 19, 2011 12:23 am
Forum: General
Topic: Extract graphs from backup
Replies: 14
Views: 7222

Re: Extract graphs from backup

What error message do you get when running it from the terminal? /system script run <script name> Also what version of RouterOS are you using? Basically, that script just pulls the graph images for reference. It can be good if you experience network problems where using external applications may not...
by dssmiktik
Thu Feb 17, 2011 10:45 am
Forum: Beginner Basics
Topic: Networkfilesystem e.g.
Replies: 1
Views: 790

Re: Networkfilesystem e.g.

NFS (Network File System) is currently not supported on RouterOS.
by dssmiktik
Wed Feb 16, 2011 7:27 pm
Forum: General
Topic: Feature suggestion: scripts embedded in radius responses
Replies: 2
Views: 1488

Re: Feature suggestion: scripts embedded in radius responses

If I remember correctly, the radius debug log will contain out all attributes (even if RouterOS doesn't honor all of them). So essentially, you could parse the log (through a script), then run an :execute [(code from log entry)] Just wanted to point out another way to accomplish this task in the mea...
by dssmiktik
Sun Feb 13, 2011 10:28 am
Forum: General
Topic: firewall vulnerability?
Replies: 10
Views: 2701

Re: firewall vulnerability?

fewi, I agree too, default deny is always a good idea. Also, just a note about the connection-state=invalid action=drop , it makes sense (as it is) higher in the chain so every firewall rule isn't check against an invalid packet. Order of firewall rules can have a significant performance impact. It...
by dssmiktik
Sat Feb 12, 2011 5:26 am
Forum: Scripting
Topic: API commands - edit file, remove file
Replies: 4
Views: 3179

Re: API commands - edit file, remove file

Where can I find specific documentation mentioning numbers= when used with /file?
by dssmiktik
Fri Feb 11, 2011 1:09 pm
Forum: Scripting
Topic: Hotspot local server side script
Replies: 1
Views: 1085

Re: Hotspot local server side script

It's not possible with RouterOS. The only server-side processing is threw variables in hotspot servlet pages. Otherwise, it just sends text to the web browser and that's about it.
by dssmiktik
Fri Feb 11, 2011 4:20 am
Forum: General
Topic: firewall vulnerability?
Replies: 10
Views: 2701

Re: firewall vulnerability?

fewi, I agree too, default deny is always a good idea.

Also, just a note about the
connection-state=invalid action=drop
, it makes sense (as it is) higher in the chain so every firewall rule isn't check against an invalid packet. Order of firewall rules can have a significant performance impact.
by dssmiktik
Thu Feb 10, 2011 11:28 am
Forum: General
Topic: E-mail notifications about new RouterOS versions don't work
Replies: 5
Views: 1452

Re: E-mail notifications about new RouterOS versions don't w

Same here. I don't get new release updates, or newsletters.
by dssmiktik
Wed Feb 09, 2011 1:47 am
Forum: General
Topic: RouterOS v5rc8
Replies: 110
Views: 28192

Re: RouterOS v5rc8

Hopefully v5.0 (stable) will have all bugs fixed and no more features. I think a lot of kinks left. I recall a post where I mentioned the release name beta vs. rc vs. stable. It seems I might have been right ;) This may not be a "rc" release, but still at the "beta" stage. Also, ...
by dssmiktik
Sat Feb 05, 2011 2:28 pm
Forum: General
Topic: Kudos to Mikrotik
Replies: 1
Views: 982

Re: Kudos to Mikrotik

I agree too. Mikrotik overall is pretty well designed.
by dssmiktik
Mon Jan 31, 2011 9:53 am
Forum: The User Manager
Topic: Transferring database
Replies: 12
Views: 4213

Re: Transferring database

I am switching from UM v5RC4 to PPP Secrets until MT has a solid UM. I am done testing it and learning it.
I'm waiting as well, I'm still using the "old" version v4. I'm hoping the learning curve for the v5 UM isn't too much when it becomes usable.
by dssmiktik
Mon Jan 31, 2011 9:41 am
Forum: General
Topic: PPTP VPN "iffy"
Replies: 10
Views: 4251

Re: PPTP VPN "iffy"

I'm running v4.13, with PPTP tunnel to Windows 7 client. After about 1 min if activity the PPTP connection will have completely lost any activity. If a client connects, and within 1min, I start a ping, no problems, connection will work fine until idle time reaches 1min again, then all activity is lo...
by dssmiktik
Wed Jan 19, 2011 11:43 pm
Forum: General
Topic: Clear user command history
Replies: 13
Views: 19805

Re: Clear user command history

Maybe an added feature (requiring the full user permission) ?:
[/system console reset-command-history]
by dssmiktik
Wed Jan 19, 2011 11:37 pm
Forum: Beginner Basics
Topic: What do Red Highlights mean (in Winbox)
Replies: 5
Views: 9336

Re: What do Red Highlights mean (in Winbox)

It's up to you to double-check the relationship between entries that renders them invalid. It's too bad this info isn't available. Mikrotik is obviously doing this in the background (to detect invalid state/relationship). Maybe something like [/menu <...> get <*item> invalid-description] Something ...
by dssmiktik
Tue Jan 11, 2011 9:42 pm
Forum: General
Topic: Hotspot Variables - [SOLVED]
Replies: 78
Views: 27223

Re: Hotspot Variables

It's even simpler then that. Basically the hotspot will do the work for you. It will display login.html if the user is not logged in, and display rstatus.html (or status.html) if the user is logged in, automatically when requesting the router. More info here: http://wiki.mikrotik.com/wiki/Manual:Cus...
by dssmiktik
Tue Jan 11, 2011 9:30 pm
Forum: General
Topic: Need help blocking bittorent, limewire, etc..
Replies: 2
Views: 1833

Re: Need help blocking bittorent, limewire, etc..

http://forum.mikrotik.com/viewtopic.php ... nt#p205463

You question has been asked many times on this forum, and many discussions talked about. Search is a great way to find more information (and not duplicate posts).
by dssmiktik
Tue Jan 11, 2011 1:12 am
Forum: General
Topic: Backup and Restore Certificates
Replies: 21
Views: 18078

Re: Backup and Restore Certificates

When you have many routers in your network and you try to minimize incident response time as a consequence of a hardware failure, having to manually retype router configuration is not an acceptable manteinance procedure.
Agreed, maybe I should whip something up ;-)
by dssmiktik
Mon Jan 10, 2011 3:23 pm
Forum: General
Topic: Backup and Restore Certificates
Replies: 21
Views: 18078

Re: Backup and Restore Certificates

Thanks for your answer, but my question was another: Why an export done from / fails when it is imported ( it hangs forever ) ? Again, the Mikrotik Wiki is a good resource, it covers this as well: http://wiki.mikrotik.com/wiki/Manual:Configuration_Management#Importing_Configuration Note that it is ...
by dssmiktik
Sun Jan 09, 2011 2:10 pm
Forum: General
Topic: GPU accelerated router ?
Replies: 4
Views: 2413

Re: GPU accelerated router ?

I believe it too. GPUs have an insane amount of power, dedicated power on a very small form-factor.

Maybe some more testing with that software you could come up with some benchmarks and compare with RouterOS?
by dssmiktik
Fri Jan 07, 2011 8:38 am
Forum: General
Topic: Backup and Restore Certificates
Replies: 21
Views: 18078

Re: Backup and Restore Certificates

The only case in which decryption works after a restore is when the backup was done in exactly the same hardware ( as far as I could test ) Does anyone know why ? Thanks for any help. Yes, you are correct. The Mikrotik Wiki has some information about this: http://wiki.mikrotik.com/wiki/Manual:Confi...
by dssmiktik
Thu Jan 06, 2011 12:21 am
Forum: General
Topic: OVPN client in ROS 4.11 fails with OpenVPN server 2.1.2
Replies: 12
Views: 4340

Re: OVPN client in ROS 4.11 fails with OpenVPN server 2.1.2

Yeah i saw that, but if Mikrotik have to provide a new Ros on each (minor) ovpn version then the problem is not really fixed :) I tend to disagree. Basically, the changelog states that it fixes issues with a specific OpenVPN version. If OpenVPN updates to a new release, how is Mikrotik to "mag...
by dssmiktik
Wed Jan 05, 2011 11:09 am
Forum: General
Topic: OVPN client in ROS 4.11 fails with OpenVPN server 2.1.2
Replies: 12
Views: 4340

Re: OVPN client in ROS 4.11 fails with OpenVPN server 2.1.2

It is weird that problem still persist on 5.0rc5 since it should have been fixed in rc4 : What's new in 5.0rc4 (2010-Nov-22 16:58): [...] *) ovpn - make ovpn client work with OpenVPN v2.1.3; [...] It should work with v2.1.3, but as siugh mentioned: I've the same problem with ROS 5.0rc5 and 3.30. Op...
by dssmiktik
Sun Jan 02, 2011 10:44 am
Forum: Scripting
Topic: random command
Replies: 2
Views: 1142

Re: random command

No, direct random command does not exist, however, you could try messing with memory, hard disk space, cpu load, interface speed/packets, etc... to get a kindof-sortof random number. I saw something in the Wiki about if for passwords awhile ago, it may be worth checking there as well. Hope this help...
by dssmiktik
Fri Dec 31, 2010 1:07 pm
Forum: General
Topic: FORUM SECURITY request
Replies: 8
Views: 2616

Re: FORUM SECURITY request

I also have been wanting this for awhile now too. SSL is the way to go for login/password forms at least.
by dssmiktik
Fri Dec 31, 2010 12:28 pm
Forum: Beginner Basics
Topic: Show internal DNS on DHCP Clients
Replies: 5
Views: 2026

Re: Show internal DNS on DHCP Clients

Mikrotik is more of a "do it yourself" when configuring. They do have a pretty good Wiki at http://wiki.mikrotik.com
by dssmiktik
Fri Dec 24, 2010 1:15 pm
Forum: General
Topic: Thank You / Merry Christmas
Replies: 3
Views: 1161

Re: Thank You / Merry Christmas

Happy holidays, and may this year be a new generation of quality assured Mikrotik products.
by dssmiktik
Wed Dec 22, 2010 9:43 pm
Forum: General
Topic: IP packing not possible with GRE Tunnels (5.0 RC5)
Replies: 9
Views: 3346

Re: IP packing not possible with GRE Tunnels (5.0 RC5)

FIPTech, Thanks for the info. I figured it was supported, but may have been buggy. Also, by crashing I mean this EoIP tunnel was not my main internet, it was a tunnel across the internet, and I was connected through the LAN port to the router. The router locked up to where I couldn't connect anymore...
by dssmiktik
Wed Dec 22, 2010 1:35 pm
Forum: General
Topic: IP packing not possible with GRE Tunnels (5.0 RC5)
Replies: 9
Views: 3346

Re: IP packing not possible with GRE Tunnels (5.0 RC5)

about packing crashing on EoiP - what version did you use? and what results exactly you had? Unfortunately, it was awhile ago when I tried it. I believe it was later v3.x or early v4.x. Basically, when I enabled IP->Packer on an EoIP interface, the router would lock up, and I lost internet until a ...
by dssmiktik
Tue Dec 21, 2010 11:08 am
Forum: General
Topic: IP packing not possible with GRE Tunnels (5.0 RC5)
Replies: 9
Views: 3346

Re: IP packing not possible with GRE Tunnels (5.0 RC5)

I found this as well using EoIP, ip packing crashes. I believe it is only possible using ethernet interfaces.
by dssmiktik
Tue Dec 21, 2010 11:07 am
Forum: General
Topic: Feature requests
Replies: 1739
Views: 624667

Re: Latency measurement via script

When troubleshooting latency problems I would like to be able to output traceroute to a variable. If capturing of traceroute output was possible, script could record path and source of congestion as it happens. In addition return value of ping should be expanded as well to include more information,...
by dssmiktik
Sat Dec 18, 2010 11:08 pm
Forum: Scripting
Topic: add to a new list if appear in another list 20 times
Replies: 7
Views: 1908

Re: add to a new list if appear in another list 20 times

Ahh, I understand, so you want IPs from a dynamic 30sec list to be added a 24hour dynamic list. I haven't use nth much, but I've seen a request for the ability to add a dynamic list entry to address list (I believe it's on the feature requests wiki page). Otherwise, using firewall (as you mentioned)...
by dssmiktik
Fri Dec 17, 2010 12:08 am
Forum: Scripting
Topic: add to a new list if appear in another list 20 times
Replies: 7
Views: 1908

Re: add to a new list if appear in another list 20 times

A script should do the trick: :local srclist "30_sec_list" :local countthreshold 7 # Internal processing .... :local iparr "" :local addr :local count /ip firewall address-list { :foreach l in=[find list=($srclist)] do={ :set addr [get $l address] # unique IP :if ([:len [:find [:...
by dssmiktik
Thu Dec 16, 2010 7:11 am
Forum: General
Topic: Suggestions
Replies: 10
Views: 3872

Re: Suggestions

It could be simple too: As mentioned, resolve once only during config time, then, a global command could be issued via scheduler, something like: /ip firewall filter resolve-rules [find] or <id> . This would then be up to the user of RouterOS to decide the resolution retries, etc... This would provi...
by dssmiktik
Wed Dec 15, 2010 11:01 am
Forum: Beginner Basics
Topic: automatic Shutdown script
Replies: 9
Views: 15142

Re: automatic Shutdown script

invalid value for argument start time
Play with the options until you have your desired config. The basic idea is that you can shutdown via scheduler if desired using the
on-event="/system shutdown"
property (as fewi mentioned).
by dssmiktik
Wed Dec 15, 2010 8:48 am
Forum: General
Topic: OpenVPN - UDP?
Replies: 59
Views: 33019

Re: OpenVPN - UDP?

OpenVPN's UDP support is one of the main reasons people use OpenVPN (among others), and is enabled by default on almost every installation.

Keep push'n....
by dssmiktik
Wed Dec 15, 2010 8:22 am
Forum: General
Topic: Released 4.15
Replies: 47
Views: 7770

Re: Released 4.15

This isn't the first build thats been an emergency show stopper of a bug with RB's, How does something like this get past QA? I feel sorry for whoever the user was that found this and had his config wipped, It took 60 hours post-release to release this information to the rest of us Mikrotik, I thou...
by dssmiktik
Wed Dec 08, 2010 11:11 pm
Forum: Virtualization
Topic: Hyper-V integration components
Replies: 127
Views: 76697

Re: Hyper-V integration components

As I said before, Mikrotik is not targeting the VM world heavily. They make RouterBoards with RouterOS as a single operating system. However, Mikrotik is not so proprietary like other vendors, so you can still integrate using protocols like SNMP, NetFlow, etc... etc... Mikrotik's Dude can even monit...
by dssmiktik
Wed Dec 08, 2010 10:58 pm
Forum: General
Topic: Feature requests
Replies: 1739
Views: 624667

Re: Feature requests

dynamically added address-list entries have timeout set by firewall rule. static entries does not have that parameter. I realize that, but I still want to see the time remaining (and possibly the original total time, if its easy to do) for the dynamic entries. The static entries can just have blank...
by dssmiktik
Wed Dec 08, 2010 9:22 am
Forum: Beginner Basics
Topic: I NEED CODE TO TERMINATE WEB PAGE WHEN LOG OFF
Replies: 2
Views: 983

Re: I NEED CODE TO TERMINATE WEB PAGE WHEN LOG OFF

If you are the gateway, and access to services and internet go through your gateway, it won't matter what the user does on the client side, because you would control their access to services.
by dssmiktik
Wed Dec 08, 2010 9:15 am
Forum: Virtualization
Topic: Hyper-V integration components
Replies: 127
Views: 76697

Re: Hyper-V integration components

Just so sum up as I understand it: 1) Xen and Hyper-V can both use fully emulated hardware (meaning the guest OS is not aware it's inside a virtual machine), only if you have support for hardware virtualization (AMD-V or Intel VT). Virtualbox and VMware do the same thing, but do not require hardware...
by dssmiktik
Thu Nov 25, 2010 10:15 pm
Forum: Scripting
Topic: Script editor runs 100% cpu
Replies: 8
Views: 2631

Re: Script editor runs 100% cpu

The remote syslogd is looking for the prefix for storing wireless and system logs to different logfiles. If I use "info" it matches for the wrong logfile, because ROS use the prefix "router_system" from topic "info". From a script, you can only to specified topics, but...
by dssmiktik
Wed Nov 24, 2010 8:37 am
Forum: Beginner Basics
Topic: How to blocking access to scheduler for specific group?
Replies: 1
Views: 1005

Re: How to blocking access to scheduler for specific group?

No. Read/write means read/write configuration across entire RouterOS.
by dssmiktik
Wed Nov 24, 2010 8:33 am
Forum: Scripting
Topic: Script editor runs 100% cpu
Replies: 8
Views: 2631

Re: Script editor runs 100% cpu

You can log to info, debug, and error using:
:log info "Message"
:log debug "Message"
:log error "Message"
As for your code, I don't see a reason why it wouldn't work, it should.
by dssmiktik
Sun Nov 21, 2010 10:45 am
Forum: General
Topic: Advertisment for Hotspot and not using the browser
Replies: 10
Views: 2938

Re: Advertisment for Hotspot and not using the browser

Does email body accept all html codes (url , picture,...etc )?
Yes it does, it accepts any text you want to put in, in raw form. Pictures might have to be encoded with base64 encoding (I haven't done extensive testing of base64 however).
by dssmiktik
Sun Nov 21, 2010 2:36 am
Forum: General
Topic: Advertisment for Hotspot and not using the browser
Replies: 10
Views: 2938

Re: Advertisment for Hotspot and not using the browser

Is there a way to change the font size in email body? Or use other languages such as Arabic? 1) As for font size, you'd probably want to insert HTML into your body message. 2) As for other languages, I've only worked in English, so I can't say for sure. I don't believe Mikrotik supports Unicode, on...
by dssmiktik
Sat Nov 20, 2010 3:59 am
Forum: General
Topic: Advertisment for Hotspot and not using the browser
Replies: 10
Views: 2938

Re: Advertisment for Hotspot and not using the browser

If a user has not paid, you could set their profile to "NoPay", for example. As for a script, something like this: :local Email :local Name :local Profile /ip hotspot user { :foreach u in=[find] do={ :set Email [get $u email] :set Name [get $u name] :set Profile [get $u profile] # If user ...
by dssmiktik
Fri Nov 19, 2010 11:08 pm
Forum: Scripting
Topic: Script editor runs 100% cpu
Replies: 8
Views: 2631

Re: Script editor runs 100% cpu

1) How long was the line?
2) Try creating a new script with source=<line>, and run it; does it work?

The total length of a script or execute command is 63k (64512 characters).
by dssmiktik
Fri Nov 19, 2010 7:54 am
Forum: General
Topic: Advertisment for Hotspot and not using the browser
Replies: 10
Views: 2938

Re: Advertisment for Hotspot and not using the browser

Email? RouterOS can send email via user specified SMTP server.
by dssmiktik
Fri Nov 19, 2010 12:34 am
Forum: General
Topic: Webpage based router status page?
Replies: 7
Views: 2712

Re: Webpage based router status page?

If you already have a network management system, you could integrate Mikrotik into your existing solution using SNMP, or SSH/Telnet, or even a custom API commands.

The Dude, which is made by Mikrotik is also a good option and includes a web interface.
by dssmiktik
Fri Nov 19, 2010 12:24 am
Forum: Beginner Basics
Topic: Logging
Replies: 4
Views: 1474

Re: Logging

2) -- I don't think such a manual exists. It's dependent on each program RouterOS users to generate it's own log output.
by dssmiktik
Thu Nov 18, 2010 9:56 am
Forum: Beginner Basics
Topic: Email Log Setting
Replies: 41
Views: 9929

Re: Email Log Setting

Can anyone please help and post configuration that worked. I cannot get this to work for me. Did you read any above posts? I mentioned a fix with /tool e-mail send. As for /system logging <...> action=email, this does not work if TLS is required. To make this work, one workaround would be to set up...
by dssmiktik
Thu Nov 18, 2010 9:50 am
Forum: Wireless Networking
Topic: Auto Login from server side
Replies: 5
Views: 1271

Re: Auto Login from server side

I have an issue where i need to have a customer automatically log in upon server reset for example.
If you use bypass, you won't be able to shape traffic, account for bandwidth, provision, etc...

Just a thought :-)
by dssmiktik
Thu Nov 18, 2010 9:27 am
Forum: General
Topic: Radius, passing parameters to Hotspot Login script
Replies: 5
Views: 2134

Re: Radius, passing parameters to Hotspot Login script

No I haven't. Personally, I haven't felt it was a pressing issue. While a good feature, I think Mikrotik needs to focus on stabilizing some core functions first :)
by dssmiktik
Thu Nov 18, 2010 9:17 am
Forum: Beginner Basics
Topic: Email Log Setting
Replies: 41
Views: 9929

Re: Email Log Setting

And Gmail just moved to https by default too (although this is a good thing). Hope Mikrotik will fix this: I suggested two fixes in the email I sent to Mikrotik support: 1) A global tls= setting in /tool e-mail that will be applied by default to any emails sent from Mikrotik 2) A specific tls= setti...
by dssmiktik
Wed Nov 17, 2010 8:03 pm
Forum: Beginner Basics
Topic: test email not working with gmail
Replies: 41
Views: 34762

Re: test email not working with gmail

It should work, just follow these steps: 1) Configure gmail to use https mode: Settings -> General -> Browser connection: Always use https 2) Configure RouterOS email settings: /tool e-mail set from=example@gmail.com password=<password> server=74.125.127.109:587 username=example@gmail.com 3) When se...
by dssmiktik
Wed Nov 17, 2010 7:55 pm
Forum: General
Topic: Block winbox/neigbour scan from computers not in admin list.
Replies: 3
Views: 4144

Re: Block winbox/neigbour scan from computers not in admin l

You could create tunnels between your routing devices, and turn on MNDP for only those tunnels. Or create a VPN connection on the admin computers you wish to receive MNDP (this may be a bit over-doing it though). As fewi mentioned though, you can't block a single host within the same broadcast domai...
by dssmiktik
Wed Nov 17, 2010 7:36 pm
Forum: Beginner Basics
Topic: Email Log Setting
Replies: 41
Views: 9929

Re: Email Log Setting

In Gmail, you also have to set https mode. Settings -> General -> Browser connection: Always use https Also, here are my settings for email in Mikrotik: /tool e-mail set from=example@gmail.com password=<password> server=74.125.127.109:587 username=example@gmail.com In my experience, the from= and us...
by dssmiktik
Wed Nov 17, 2010 7:26 pm
Forum: Wireless Networking
Topic: Auto Login from server side
Replies: 5
Views: 1271

Re: Auto Login from server side

If you're talking about Hotspot login, then MAC authentication should do the trick.
For more info, check out Mikrotik Wiki
by dssmiktik
Wed Nov 17, 2010 7:07 pm
Forum: General
Topic: Radius, passing parameters to Hotspot Login script
Replies: 5
Views: 2134

Re: Radius, passing parameters to Hotspot Login script

However, you could create a radius log and parse it, storing it's contents into variables, then script could evaluate those variables. How can I archive this? can you give me an example of "create a radius log and parse it, storing it's contents into variables"? Unfortunately, I am still ...
by dssmiktik
Tue Nov 16, 2010 10:55 pm
Forum: General
Topic: Howto Auto-Login for 750G V4.11
Replies: 5
Views: 2456

Re: Howto Auto-Login for 750G V4.11

maybe you can tell me, what i have to change via winbox?
Here is some very good info (definitely worth a read):
http://wiki.mikrotik.com/wiki/Manual:IP/Hotspot
by dssmiktik
Tue Nov 16, 2010 10:50 pm
Forum: Scripting
Topic: Own program in RouterOS
Replies: 11
Views: 5115

Re: Own program in RouterOS

Also, on x86 you could run KVM with OpenWrt (but I know you mentioned RBxxx).
by dssmiktik
Tue Nov 16, 2010 10:48 pm
Forum: General
Topic: Radius, passing parameters to Hotspot Login script
Replies: 5
Views: 2134

Re: Radius, passing parameters to Hotspot Login script

No, not directly. Hotspot scripts do not support arguments.

However, you could create a radius log and parse it, storing it's contents into variables, then script could evaluate those variables.
by dssmiktik
Tue Nov 16, 2010 10:40 pm
Forum: General
Topic: FreeRadius and Port-Limit=1 not working
Replies: 7
Views: 5040

Re: FreeRadius and Port-Limit=1 not working

YazzY, I'm just curious: Could you enable radius logging and see if you see Port-Limit in the logging? /system logging action add name=radius target=memory /system logging add topics=radius action=radius I'm wondering how I could implement a radius log parser on Mikrotik to parse this data (if it sh...
by dssmiktik
Sun Nov 14, 2010 10:15 pm
Forum: Scripting
Topic: script to backup usermanager data everyday
Replies: 23
Views: 13802

Re: script to backup usermanager data everyday

Sorry for bringing up an almost 2 year old thread but I feel this is relevant to the subject...... Is there a way to have an external server independant to the Usermanager back up the database remotely instead of having it just on the UserManager just incase the Usermanager's data is lost due to a ...
by dssmiktik
Sat Nov 13, 2010 6:28 pm
Forum: Beginner Basics
Topic: How can I give IP address to clients radius+routerOS dhcpd
Replies: 4
Views: 1489

Re: How can I give IP address to clients radius+routerOS dh

Also, from what I understand, if Framed-Pool is used, the pool must exist on each router itself (thus can't be managed completely by RADIUS).
by dssmiktik
Sat Nov 13, 2010 6:11 pm
Forum: The Dude
Topic: NEW NETWORK MAP
Replies: 3
Views: 2056

Re: NEW NETWORK MAP

AND IN CASE ANYONE NOTICED, WE ARE ALL YELLING! (please don't yell in all capital letters).
by dssmiktik
Sat Nov 13, 2010 6:08 pm
Forum: Scripting
Topic: Hotspot system with Radius
Replies: 4
Views: 2615

Re: Hotspot system with Radius

I found some information here: http://wiki.mikrotik.com/wiki/Manual:Customizing_Hotspot Sending: login.html - login page shown to a user to ask for username and password. This page may take the following parameters: ... * radius<id> - send the attribute identified with <id> in text string form to th...
by dssmiktik
Fri Nov 12, 2010 8:44 am
Forum: Beginner Basics
Topic: Script
Replies: 3
Views: 1480

Re: Script

sleimanr,
Please update the topic of this post. It's not very descriptive. Also, question makes no sense. Please be more specific.

Also, it's worth reading the Wiki for more information:
http://wiki.mikrotik.com/wiki/Manual:Scripting
by dssmiktik
Thu Nov 11, 2010 8:20 pm
Forum: General
Topic: Synchronising security settings between 2 ROS 4.11
Replies: 2
Views: 1103

Re: Synchronising security settings between 2 ROS 4.11

Use centralized RADIUS server for authentication.
Or.... User Manager (a Mikrotik solution) mrz, I'm surprised you didn't mention that.
by dssmiktik
Thu Nov 11, 2010 8:15 pm
Forum: Scripting
Topic: Port Forwarding with DHCP client WAN
Replies: 15
Views: 8341

Re: Port Forwarding with DHCP client WAN

is there possibility to forward all ports?
Exclude protocol= and dst-port= from the the command to forward all ports.
by dssmiktik
Wed Nov 10, 2010 2:19 am
Forum: Wireless Networking
Topic: VLAN Assignation per user using RADIUS
Replies: 15
Views: 6183

Re: VLAN Assignation per user using RADIUS

It's described here http://rpc.one.pl/index.php/lista-artykulow/34-openwrt/82-dynamiclvlan-w-openwrt-z-wykorzystaniem-hostapd It's in Polish, but it's not too hard to get the point from the config files. Translated in English: http://translate.google.com/translate?hl=en&ie=UTF-8&sl=auto&...
by dssmiktik
Wed Nov 10, 2010 12:39 am
Forum: Wireless Networking
Topic: VLAN Assignation per user using RADIUS
Replies: 15
Views: 6183

Re: VLAN Assignation per user using RADIUS

If you turn on radius debug logging, does that attribute show up in the logs? If it does, a workaround would be to write a script to monitor the radius log, watching for that attribute. Then you could take any action you wanted based on the entry in the log. It is a bit of a hack, but may get you go...
by dssmiktik
Wed Nov 10, 2010 12:29 am
Forum: General
Topic: change proxy error page, personality
Replies: 2
Views: 2018

Re: change proxy error page, personality

The proxy error page is located in: webproxy/error.html. I'm using v4.11 and it appears to still be working (I can customize the page and it will display if any error is given from web proxy).

If this file does not exist, run this command:
/ip proxy reset-html
by dssmiktik
Tue Nov 09, 2010 11:35 am
Forum: Beginner Basics
Topic: Absolute noob
Replies: 7
Views: 1847

Re: Absolute noob

I don't mean to be harsh, but I would suggest changing the topic title (and from now on be more specific in the topic title).
by dssmiktik
Tue Nov 09, 2010 10:58 am
Forum: General
Topic: How to Block Facebook?
Replies: 7
Views: 3888

Re: How to Block Facebook?

Personally, I would use the built-in web proxy, but this is just my preference.

That being said, you could also use a DNS static entry for all *.facebook.com and redirect to your router IP, or 127.0.0.1. The Mikrotik Wiki has a good entry on this topic.

Hope this helps,
by dssmiktik
Sun Nov 07, 2010 7:38 pm
Forum: Scripting
Topic: scheduler and script creating file..
Replies: 19
Views: 14159

Re: scheduler and script creating file..

I tested this on v4.13 x86, and it worked, test.txt file created successfully. { /system scheduler add comment="" disabled=no interval=15s name=schedule1 on-event=script1 \ policy=reboot,read,write,policy,test,password,sniff,sensitive start-time=\ startup /system script add name=script1 po...
by dssmiktik
Sat Nov 06, 2010 3:32 am
Forum: General
Topic: RouterOS v4.13 Released
Replies: 86
Views: 18476

Re: RouterOS v4.13 Released

While no configuration of source code may have changed between v4.12 and v4.13 in the wireless package, there are definitely changes to the md5 and sha1 checksums of files related to wireless inside RouterOS. It may be, that the build system changed "something" while building the new versi...
by dssmiktik
Thu Nov 04, 2010 11:14 pm
Forum: General
Topic: New version ROS naming and changelog proposal
Replies: 4
Views: 1291

Re: New version ROS naming and changelog proposal

This has been discussed before. Mikrotik is not going to do it. Please don't waste your time. Btw, I do agree with your point, I'm just pointing out that these ideas seem to go nowhere here. MT will never change its way's unless its users speak out, Normis has stated that so many people want NV2 in...
by dssmiktik
Thu Nov 04, 2010 9:43 pm
Forum: General
Topic: New version ROS naming and changelog proposal
Replies: 4
Views: 1291

Re: New version ROS naming and changelog proposal

This has been discussed before. Mikrotik is not going to do it. Please don't waste your time.

Btw, I do agree with your point, I'm just pointing out that these ideas seem to go nowhere here.
by dssmiktik
Thu Nov 04, 2010 9:34 pm
Forum: General
Topic: 4.6 - API session user not removed from active user list ...
Replies: 16
Views: 6911

Re: 4.6 - API session user not removed from active user list

This is when the "cannot get challenge" comes into play. It seems when the API creates enough active users the board will start refusing any more connection attempts. Turning debug on in the API returns this string. The two seem to be linked in this way from my tests. Not really. The core...
by dssmiktik
Thu Nov 04, 2010 8:53 pm
Forum: RouterBOARD hardware
Topic: Reviving a remote hanged up routerboard
Replies: 7
Views: 2640

Re: Reviving a remote hanged up routerboard

Also, concerning the logging, you could set it to also log to disk. This way you can easily pull the file straight off the router to inspect it once you get it up and running again.
by dssmiktik
Tue Nov 02, 2010 8:59 pm
Forum: General
Topic: Ping in script problem
Replies: 55
Views: 17613

Re: Ping in script problem

Me three!
by dssmiktik
Sun Oct 31, 2010 9:50 pm
Forum: General
Topic: RouterOS v5 RC3
Replies: 39
Views: 11345

Re: RouterOS v5 RC3

On my Linux server I can't execute command like this anymore: ssh user@remote_mt '/export file=backup' I use passwordless login. This worked on 3.x and 4.x. In the same time, command like this is still working fine: ssh user@remote_mt '/file print' So, there seem to be some problem with new SSH dae...
by dssmiktik
Thu Oct 28, 2010 9:49 pm
Forum: General
Topic: Ping in script problem
Replies: 55
Views: 17613

Re: Ping in script problem

I emailed support about this as well. It is not a new feature, it is an existing feature that got broke.

Broken features are more urgent then anything else in my opinion. If a feature breaks, wait to release until all existing features still work as intended.
by dssmiktik
Thu Oct 28, 2010 5:57 am
Forum: General
Topic: Feature requests
Replies: 1739
Views: 624667

Re: Feature requests

I don't think this particular post is meant to be a discussion on feature requests particular, but a notice of where people may find the place to go and submit requests (aka. the Wiki page).
by dssmiktik
Tue Oct 26, 2010 6:48 am
Forum: Scripting
Topic: Accessing Radius response in login script
Replies: 2
Views: 1172

Re: Accessing Radius response in login script

I suppose you could parse the log of RouterOS. If you have version >= v3.23, you could use regular expressions to make parsing much easier.

Edit: This is, if you're talking about the on-login script property of the hotspot profile.
by dssmiktik
Tue Oct 26, 2010 6:37 am
Forum: General
Topic: Winbox shows an address list that doesn't exists
Replies: 41
Views: 12969

Re: Winbox shows an address list that doesn't exists

A couple things to note: I've seen this issue if ANY firewall rule IS/WAS set at one point and time with that address-list. Basically, each rule "remembers" some of it's previous settings (i think related to undo feature). If you remove ALL rules that EVER had that address list, then the l...
by dssmiktik
Tue Oct 26, 2010 6:19 am
Forum: Beginner Basics
Topic: Winbox on Linux?
Replies: 47
Views: 167848

Re: Winbox on Linux?

I've had this issue before, but it was on Ubuntu 7.04 I think. I forget where it was, but I think it's a file association. Try open with... and set to open with wine. It was a long time ago, so this may not be relevant for you.
by dssmiktik
Tue Oct 19, 2010 12:54 am
Forum: Beginner Basics
Topic: Change VRRP priority via cli
Replies: 4
Views: 1308

Re: Change VRRP priority via cli

I'm using v4.11 x86. It seems to be working good here.
/interface vrrp set 0 priority=<1 - 255>
Even across reboots it seems to stick.
by dssmiktik
Tue Oct 19, 2010 12:45 am
Forum: Scripting
Topic: API login/logout
Replies: 38
Views: 12206

Re: API login/logout

As mentioned, this is a bug. I don't think there's anything that will fix it other then Mikrotik fixing it in v5. I think v4 will not be fixed.
Also see here for more information: http://forum.mikrotik.com/viewtopic.php?f=9&t=37075
by dssmiktik
Tue Oct 19, 2010 12:27 am
Forum: General
Topic: NAT64 and DNS64
Replies: 101
Views: 48645

Re: NAT64 and DNS64

For software requests, here is the current wiki page:
http://wiki.mikrotik.com/wiki/MikroTik_ ... e_Requests
by dssmiktik
Tue Oct 19, 2010 12:12 am
Forum: General
Topic: "accept" action in mangle? Wrong manual info?
Replies: 9
Views: 2489

Re: "accept" action in mangle? Wrong manual info?

A couple things first:
what RouterOS version?
what rule(s) are having issue?
post
/ip firewall mangle export
so we may verify and test if needed
by dssmiktik
Tue Oct 19, 2010 12:03 am
Forum: General
Topic: SSH problems on 5.0rc1
Replies: 6
Views: 3030

Re: SSH problems on 5.0rc1

janisk,
I saw that in the changelog. I think this feature is a good feature for security, as it prevents brute-forcing a password if you use ssh-key for a user account.

Nice work :-)
by dssmiktik
Mon Oct 18, 2010 7:54 am
Forum: General
Topic: New to RouterOS... Need help...
Replies: 13
Views: 3217

Re: New to RouterOS... Need help...

eplejuz,
Also, please try to pick a more specific topic.
New to RouterOS... Need help...
doesn't explain a whole lot.

Something like:
Change default address of 192.168.88.1
would have been more appropriate.
by dssmiktik
Sun Oct 17, 2010 11:39 pm
Forum: General
Topic: problems with RADIUS and pppoe
Replies: 5
Views: 1660

Re: ooooops a big problem for me need an immediate solution

dormador,
When you choose a topic, please choose something more descriptive. I just don't like clicking into the topics having no idea what they're about, when people say they need immediate solution.

update: topic has been changed
by dssmiktik
Sun Oct 17, 2010 10:26 pm
Forum: General
Topic: Important Pleasee Help!!!
Replies: 2
Views: 806

Re: Important Pleasee Help!!!

Mayssam961,

Please try to be more considerate and respectful. DO NOT post with topic "Important Pleasee Help!!!"
No one knows what this means.
by dssmiktik
Sun Oct 17, 2010 7:59 am
Forum: General
Topic: Too many bugs
Replies: 40
Views: 7751

Re: Too many bugs

I think this is a very good discussion topic and needs more attention. I think emailing support@mikrotik.com could also gain some traction.
by dssmiktik
Sun Oct 17, 2010 1:16 am
Forum: General
Topic: Too many bugs
Replies: 40
Views: 7751

Re: Too many bugs

Mikrotik is in a very odd position. On one hand, they have a lot GPL code which is proven stable. On the other hand, if they need to modify any of that code for their platform, they will have to release their changes. I think the solution is to re-write most code to be 100% Mikrotik code, which is a...
by dssmiktik
Sun Oct 17, 2010 12:56 am
Forum: General
Topic: 6to4 tunnel on a dynamic endpoint
Replies: 6
Views: 5011

Re: 6to4 tunnel on a dynamic endpoint

Also, there is a pending feature request here: http://wiki.mikrotik.com/wiki/MikroTik_RouterOS/v4/Feature_Requests#Not_yet_implemented * Add support for dynamic AYIYA tunnels ( http://www.sixxs.net/tools/ayiya/) - AICCU (http://www.sixxs.net/tools/aiccu/). so one can use free ipv6 tunnels from sixxs...
by dssmiktik
Sat Oct 16, 2010 4:21 am
Forum: General
Topic: Blocking torrent servers
Replies: 1
Views: 924

Re: Blocking torrent servers

This has been asked many many times on the forums.

You might do a search and see what you can find.

Just a word of advice :)
by dssmiktik
Sat Oct 16, 2010 4:12 am
Forum: General
Topic: Too many bugs
Replies: 40
Views: 7751

Re: Too many bugs

I've asked many times. OpenVPN is not going away. I think it's thriving actually, yet Mikrotik seems to think it's fading. Many people use it and my people like it a lot. To use OpenVPN, I'll have to use other devices and Mikrotik will be out of the loop for the OpenVPN tunnels (very unfortunate). I...
by dssmiktik
Sat Oct 16, 2010 1:08 am
Forum: Beginner Basics
Topic: Blocking the use of other DNS Servers than the one in RB
Replies: 25
Views: 17422

Re: Blocking the use of other DNS Servers than the one in RB

I have my dns packet size on routeros set to 4096 (of course this is only udp), but i've never got any tcp over port 53 connections. i think maybe an external dns server would use tcp, but it doesn't seem like routeros dns alone will. I was using bind for awhile, but have restructured recently and h...
by dssmiktik
Fri Oct 15, 2010 10:22 pm
Forum: Beginner Basics
Topic: Blocking the use of other DNS Servers than the one in RB
Replies: 25
Views: 17422

Re: Blocking the use of other DNS Servers than the one in RB

DNS also uses TCP for replies over 512 bytes. The server truncates to that number an sets the TC flag, causing the client to use TCP to query a second time. With DNSSEC that is getting somewhat more common (NXDOMAIN with DNSSEC is over 512 bytes always).
I learn something new every day :)
by dssmiktik
Fri Oct 15, 2010 10:26 am
Forum: General
Topic: Feature Request : arp inspection by arpon on mikrotik
Replies: 17
Views: 6664

Re: Feature Request : arp inspection by arpon on mikrotik

Wow, I haven't checked that for awhile. I agree it should be a "rolling list" similar to the release format. Just keep adding requests, and Mikrotik keep releasing. This process should work pretty good, but so far it's failing for some reason when new versions are released.
by dssmiktik
Fri Oct 15, 2010 5:10 am
Forum: Beginner Basics
Topic: Blocking the use of other DNS Servers than the one in RB
Replies: 25
Views: 17422

Re: Blocking the use of other DNS Servers than the one in RB

The dst-address-type=!local should be in there. It basically does not capture traffic if it's already destined for the router itself. So if my router's IP is 192.168.88.1, and the client uses that IP as the DNS server, you wouldn't want the nat rule executed as it would get natted and consume unnece...
by dssmiktik
Thu Oct 14, 2010 9:44 pm
Forum: Beginner Basics
Topic: Blocking the use of other DNS Servers than the one in RB
Replies: 25
Views: 17422

Re: Blocking the use of other DNS Servers than the one in RB

And its possible for me to ping addresses that are blocked in my RB /ip dns static add address=127.0.0.1 comment="" disabled=no name=.*thepiratebay.org ttl=1d But wouldend it be possible to make the rule so that its not possible from the intenal site LAN to connect to External DNS Servers...
by dssmiktik
Wed Oct 13, 2010 10:43 pm
Forum: Beginner Basics
Topic: Blocking the use of other DNS Servers than the one in RB
Replies: 25
Views: 17422

Re: Blocking the use of other DNS Servers than the one in RB

Now I only need to get solved my last problem for force the users to use the RB as the DNS server so that they are now able to use any other DNS server like Open DNS ore things like that. See my post above about dst-nat / redirect. I use it currently, and it seems to work well. I think this is what...
by dssmiktik
Wed Oct 13, 2010 8:17 am
Forum: Beginner Basics
Topic: system backup function & hotspot login-servlet pages
Replies: 7
Views: 2722

Re: system backup function & hotspot login-servlet pages

If I may ask: if you're using unix servers, why do you need a windows ftp client?
by dssmiktik
Wed Oct 13, 2010 4:22 am
Forum: Beginner Basics
Topic: system backup function & hotspot login-servlet pages
Replies: 7
Views: 2722

Re: system backup function & hotspot login-servlet pages

I forgot about wget for windows. I use it Linux all time time. It's awesome.
by dssmiktik
Wed Oct 13, 2010 1:10 am
Forum: Beginner Basics
Topic: system backup function & hotspot login-servlet pages
Replies: 7
Views: 2722

Re: system backup function & hotspot login-servlet pages

You could use any FTP client (including the one built-in to windows) as well as any secure copy client (ex. Putty - pscp), WinSCP, among others.

Add: /system backup and /export ONLY backup configuration, not files accessible on the router.
by dssmiktik
Wed Oct 13, 2010 1:04 am
Forum: General
Topic: Feature Request : arp inspection by arpon on mikrotik
Replies: 17
Views: 6664

Re: Feature Request : arp inspection by arpon on mikrotik

As far as ArpWatch goes, you can throw together a nice script to do this task. It may take some work, but it can be done (with email notifications, firewall blockage, hotspot redirection, the whole thing).
by dssmiktik
Wed Oct 13, 2010 12:59 am
Forum: General
Topic: Manual for /file
Replies: 4
Views: 1405

Re: Manual for /file

This should be put into the Wiki with all the other information about RouterOS. Consistency is the key here.

I would email support@mikrotik.com with this issue. They should be able to add it.
by dssmiktik
Tue Oct 12, 2010 11:51 pm
Forum: Beginner Basics
Topic: Blocking the use of other DNS Servers than the one in RB
Replies: 25
Views: 17422

Re: Blocking the use of other DNS Servers than the one in RB

To resolve any DNS name with 'torrent' in it's name to say 127.0.0.1, you could do something like this: /ip dns add address=127.0.0.1 comment="" disabled=no name=.*torrent Basically, it uses regular expressions to match the DNS request. Here's the Wiki entry about DNS static records: http:...
by dssmiktik
Tue Oct 12, 2010 9:03 pm
Forum: Beginner Basics
Topic: Blocking the use of other DNS Servers than the one in RB
Replies: 25
Views: 17422

Re: Blocking the use of other DNS Servers than the one in RB

One way to block those connections could be to use a static dns entry to resolve to a false IP. The dstnat rule I posted above still applies, you still would need that. You could use regular expressions in static dns entries to redirect *.utorrent.com to IP: 127.0.0.1 for example. This would prevent...
by dssmiktik
Tue Oct 12, 2010 8:46 pm
Forum: Scripting
Topic: Problem geting IP address (doesn't look like a script error)
Replies: 9
Views: 2863

Re: Problem geting IP address (doesn't look like a script er

Wich address is selected when the rule is this: chain=srcnat action=masquerade out-interface=WAN? I think it cycles through an interface's IPs per packet that hits that nat rule. Where are all your IPs on the WANt interface from? How do you want to identify the "primary ip" of the WAN int...
by dssmiktik
Tue Oct 12, 2010 8:37 pm
Forum: General
Topic: fetch error: maximal connection count reached
Replies: 12
Views: 7097

Re: fetch error: maximal connection count reached

Glad it's working for you :-)
by dssmiktik
Tue Oct 12, 2010 8:36 pm
Forum: Scripting
Topic: PHP API connection
Replies: 32
Views: 15802

Re: PHP API connection

I think work is going into v5.x I don't believe this problem will be fixed in v4.x IMO
by dssmiktik
Tue Oct 12, 2010 1:10 am
Forum: General
Topic: BUG: Bridge filtering in 5.0RC1 is broken?
Replies: 9
Views: 4176

Re: BUG: Bridge filtering in 5.0RC1 is broken?

I don't mean to argue, but it's really not about the word "beta" or "rc". It's the meaning behind it. beta usually means more bugs to work out (or at least more testing time). rc usually means code is just about ready for stable release in the next few versions. More testing, nev...
by dssmiktik
Mon Oct 11, 2010 10:01 pm
Forum: General
Topic: Walled Garden and SSL sites intermittent problem
Replies: 60
Views: 44501

Re: Walled Garden and SSL sites intermittent problem

just a note, you can use <> tags to post exact code and phpbb won't mess with it. now back to the topic...
by dssmiktik
Mon Oct 11, 2010 9:54 pm
Forum: Scripting
Topic: Problem geting IP address (doesn't look like a script error)
Replies: 9
Views: 2863

Re: Problem geting IP address (doesn't look like a script er

Yeah the logging get's truncated if there's more output that the line can hold. Try this for cleaner logging output: :global ifs [/ip address find interface="WAN"] :local ifips "" :foreach ifip in=$ifs do={ :if ( $ifips = "" ) do={:set ifips "$[/ip address get $ifi...
by dssmiktik
Mon Oct 11, 2010 9:57 am
Forum: General
Topic: Ping in script problem
Replies: 55
Views: 17613

Re: Ping in script problem

I emailed support and this was their response:
Right now we are working on more serious bugfixes. We will fix ping as soon as possible.
v5.0RC1 = v5.0beta7 IMO
by dssmiktik
Mon Oct 11, 2010 9:45 am
Forum: Beginner Basics
Topic: proxying specific time
Replies: 2
Views: 760

Re: proxying specific time

Original post here: http://forum.mikrotik.com/viewtopic.php?f=13&t=45723

Admins: mark this post for deletion.
by dssmiktik
Mon Oct 11, 2010 9:10 am
Forum: Beginner Basics
Topic: proxying specific time
Replies: 4
Views: 1451

Re: proxying specific time

You could create two scripts, one to disable, and one to enable. /system script add name="EnableWebProxy" source="/ip proxy set enabled=yes" /system script add name="DisableWebProxy" source="/ip proxy set enabled=no" Then you could schedule these scripts to ru...
by dssmiktik
Mon Oct 11, 2010 6:08 am
Forum: Scripting
Topic: Port 80?
Replies: 3
Views: 1244

Re: Port 80?

also the Dude could monitor this as well (although it may be a heavier solution then you want).
by dssmiktik
Mon Oct 11, 2010 5:59 am
Forum: General
Topic: fetch error: maximal connection count reached
Replies: 12
Views: 7097

Re: fetch error: maximal connection count reached

I think there's a limit (maybe around 4 - 6 or so) of fetch instances that can run simultaneously.

Are the scripts ending, or do you see a many of the same scripts in /system script job print? I've seen some cases where fetch can take a long time if no data is being returned by the server.
by dssmiktik
Mon Oct 11, 2010 5:44 am
Forum: Beginner Basics
Topic: proxying specific time
Replies: 4
Views: 1451

Re: proxying specific time

You could use a NAT rule to redirect to proxy at specific times. In your case, you could try something like this: /ip firewall nat add chain=dstnat protocol=tcp dst-port=80 time=08:00:00-17:00:00,fri,mon,sat,sun,thu,tue,wed action=accept /ip firewall nat add chain=dstnat protocol=tcp dst-port=80 act...
by dssmiktik
Mon Oct 11, 2010 1:53 am
Forum: General
Topic: Walled Garden and SSL sites intermittent problem
Replies: 60
Views: 44501

Re: Walled Garden and SSL sites intermittent problem

On third thought... I was looking into the walled-garden, and it looks like it's NOT part of the hotspot process itself, but rather just a set of firewall rules (filter and nat).

Does this seem correct?

@SurferTim,
Yuup, your script looks like it'll work good.
by dssmiktik
Mon Oct 11, 2010 12:36 am
Forum: General
Topic: Walled Garden and SSL sites intermittent problem
Replies: 60
Views: 44501

Re: Walled Garden and SSL sites intermittent problem

I wrote a script a few weeks ago that basically searches the DNS cache and adds an address list including all matched items. It could probably be extended to the hotspot walled garden entries as well. I'll do some tests and see what I can come up with. The script is on the Wiki here: http://wiki.mik...
by dssmiktik
Mon Oct 11, 2010 12:19 am
Forum: General
Topic: remote logging - is there an option to buffer?
Replies: 5
Views: 1548

Re: remote logging - is there an option to buffer?

I think the closest solution would be to duplicate the log buffer (one for disk, and one for remote). This way, at least you have a copy of the log on the router. Then you could pull that file from the router once the outage is resolved. Also, this gives you the chance to merge it (if possible) with...
by dssmiktik
Sun Oct 10, 2010 9:01 pm
Forum: General
Topic: Ping in script problem
Replies: 55
Views: 17613

Re: Ping in script problem

Sorry, I missed the part about only running it via winbox (not terminal). I'm getting very weird results as well. When I run via terminal, the terminal output and log both show correct values. When I run via winbox, the log shows an empty entry, completely blank. Also, when I run :execute "/sys...
by dssmiktik
Sun Oct 10, 2010 5:30 pm
Forum: General
Topic: Ping in script problem
Replies: 55
Views: 17613

Re: Ping in script problem

In v5.0rc1 it seems to work fine for me, both in terminal and scripts. It may be that it accepts properties more like other commands (ex. /ping address=x.x.x.x ....) This worked for me: # Should output 5 :local p [/ping address=127.0.0.1 count=5 interval 1s] :put $p Output: 5 # Should output 0 :loca...
by dssmiktik
Sun Oct 10, 2010 11:06 am
Forum: Scripting
Topic: Script Star
Replies: 8
Views: 3083

Re: Script Star

To start a script on the 15th of the month, try this: /system scheduler add name="<name>" start-date=oct/15/2010 start-time=00:00:00 on-event="<script name>" This will run once, on the 15th of October 2010. To run the script every 15th of every month, you could create schedule to...
by dssmiktik
Sun Oct 10, 2010 5:51 am
Forum: Beginner Basics
Topic: OpenDNS, strange behavior...
Replies: 6
Views: 1962

Re: OpenDNS, strange behavior...

Glad I could help :)
by dssmiktik
Sat Oct 09, 2010 10:58 pm
Forum: Scripting
Topic: Problem geting IP address (doesn't look like a script error)
Replies: 9
Views: 2863

Re: Problem geting IP address (doesn't look like a script er

It looks like what's happening is [/ip address find interface=WAN] isn't returning any data. Try this: :global ifips [/ip address find interface="WAN"] :local ipaddr :foreach ifip in=$ifips do={ :set ipaddr [/ip address get $ifip address] } This way it works if you have one or many IP addr...
by dssmiktik
Sat Oct 09, 2010 10:47 pm
Forum: Beginner Basics
Topic: Blocking the use of other DNS Servers than the one in RB
Replies: 25
Views: 17422

Re: Blocking the use of other DNS Servers than the one in RB

Specifically DNS related: To force a client to use your DNS server no matter what they configure on their computer, you could create a nat rule like this:
/ip firewall nat add protocol=udp dst-port=53 dst-address-type=!local action=redirect to-ports=53
by dssmiktik
Sat Oct 09, 2010 10:41 pm
Forum: Scripting
Topic: Fetching a php file
Replies: 9
Views: 4491

Re: Fetching a php file

I've seen cases where if the return data is empty /tool fetch would hang and continue "downloading" for a long time. Just ensure (maybe through a packet capture), that data is in fact being returned from the server. To read the data returned by the server, set dst-path=<somefile>. If the r...
by dssmiktik
Sat Oct 09, 2010 10:31 pm
Forum: General
Topic: Why do we come here ?
Replies: 10
Views: 2409

Re: Why do we come here ?

Hahaha
by dssmiktik
Sat Oct 09, 2010 6:42 am
Forum: General
Topic: SSH problems on 5.0rc1
Replies: 6
Views: 3030

Re: SSH problems on 5.0rc1

check if you have set ssh-key for that account. If you are using ssh-key you cannot login using password anymore. That is as intended with RouterOS 5
I just wanted say, nice feature addition. :-)
by dssmiktik
Sat Oct 09, 2010 6:34 am
Forum: General
Topic: Why do we come here ?
Replies: 10
Views: 2409

Re: Why do we come here ?

I would like to chat in person with people on here as well. It would be cool to meet some of my own kind in person :)

Next MUM in USA I'll see if I've got the $$.
by dssmiktik
Sat Oct 09, 2010 6:12 am
Forum: Beginner Basics
Topic: OpenDNS, strange behavior...
Replies: 6
Views: 1962

Re: OpenDNS, strange behavior...

The scheduler basically just runs scripts at a certain interval. To insure the dns entries are consistent with dhcp leases, I would schedule it for any interval (say 5mins). If you reboot, this script still gets run every 5 mins so you should be ok there. First thing, add the script to RouterOS: Sys...
by dssmiktik
Fri Oct 08, 2010 1:09 pm
Forum: Scripting
Topic: PHP API connection
Replies: 32
Views: 15802

Re: PHP API connection

janisk,
Thank you for the update. :-) I look forward to v5
by dssmiktik
Fri Oct 08, 2010 9:24 am
Forum: Beginner Basics
Topic: OpenDNS, strange behavior...
Replies: 6
Views: 1962

Re: OpenDNS, strange behavior...

This is the default for OpenDNS.

However, there is a solution: add dhcp leases to static dns in the router:
http://wiki.mikrotik.com/wiki/Setting_s ... DHCP_lease
by dssmiktik
Fri Oct 08, 2010 4:30 am
Forum: Scripting
Topic: Is it possible to have a catch of command execution?
Replies: 4
Views: 1601

Re: Is it possible to have a catch of command execution?

Here's a workaround that I've found for general execution: :global RetCode; :execute (":global RetCode;" . \ "/ip firewall address-list add <cmd...>;" . \ ":set RetCode 1;") :local wait 5; :set RetCode 0; :while ($RetCode = 0 && $wait > 0) do={ :set wait ($wait ...
by dssmiktik
Fri Oct 08, 2010 4:03 am
Forum: General
Topic: BUG: Bridge filtering in 5.0RC1 is broken?
Replies: 9
Views: 4176

Re: BUG: Bridge filtering in 5.0RC1 is broken?

If Mikrotik had a serious test suite for Router OS, they would not have been released such unusable crap software. They need to write a serious test suite or they will be slower and slower at programming and debugging as soon as complexity will rise with IPv6 and Ethernet Provider new protocols. Ed...
by dssmiktik
Fri Oct 08, 2010 3:37 am
Forum: Scripting
Topic: PHP API connection
Replies: 32
Views: 15802

Re: PHP API connection

v4.11 x86 is also not disconnecting correctly. Also, I use NAT and there are no connections to API (8728) on the router.

I will continue to use SSH/Telnet, it's very solid.
by dssmiktik
Thu Oct 07, 2010 6:58 pm
Forum: General
Topic: Mikrotik crashing randomly, reboot, restore failure
Replies: 9
Views: 4677

Re: Mikrotik crashing randomly, reboot, restore failure

Nope, no PCQ, no simple queues, no queue trees.
by dssmiktik
Thu Oct 07, 2010 10:43 am
Forum: General
Topic: Mikrotik crashing randomly, reboot, restore failure
Replies: 9
Views: 4677

Re: Mikrotik crashing randomly, reboot, restore failure

The thing is, I only had one interface using MNDP. I disabled that single interface and rebooted. It worked ok for about 5 reboots, but returned to randomly failing after that. I don't know if it's a problem with MNDP alone, I think there may be many potential causes to this problem. I'm still waiti...
by dssmiktik
Thu Oct 07, 2010 3:04 am
Forum: General
Topic: Mikrotik crashing randomly, reboot, restore failure
Replies: 9
Views: 4677

Re: Mikrotik crashing randomly, reboot, restore failure

This is really odd. After disabling MNDP on all interfaces it stopped happening for awhile. I then did a bunch of reboots and it was working great for about 5 reboots. Then after the 6 time it came up, PPP was completely gone. I've got it up for now (and I'm scared to reboot!) The files are there, t...
by dssmiktik
Wed Oct 06, 2010 11:25 pm
Forum: General
Topic: Mikrotik crashing randomly, reboot, restore failure
Replies: 9
Views: 4677

Re: Mikrotik crashing randomly, reboot, restore failure

is MNDP enabled ? try to disable >ip neighbor discovery on all interfaces and report back . MNDP is only enabled on a one bridge interface. The PPP (l2tp and pptp) interfaces are not part of this bridge though. The only interfaces that are in this bridge are EoIP. What's weird is that it seems rand...
by dssmiktik
Wed Oct 06, 2010 9:28 pm
Forum: General
Topic: Mikrotik crashing randomly, reboot, restore failure
Replies: 9
Views: 4677

Re: Mikrotik crashing randomly, reboot, restore failure

Upgraded to v4.11 and problem still remains. Randomly when rebooting, I get the above error. Randomly after reboot PPP settings show up or not.

I've contacted support with this issue. I will post response when I hear back.
by dssmiktik
Tue Oct 05, 2010 7:49 am
Forum: Scripting
Topic: Functions in CMD Scripts
Replies: 23
Views: 40426

Re: Functions in CMD Scripts

markmcn & bluestar,

Let me know if you're still interested in the MD5 script, or how I may provide assistance.

Best regards,
by dssmiktik
Tue Oct 05, 2010 5:22 am
Forum: Beginner Basics
Topic: hotspot public address assignment
Replies: 18
Views: 3598

Re: hotspot public address assignment

Sorry, but I don't use hotspot on a bridge. I tried it once and it didn't seem to work right (could have been me though). I've only used hotspot on physical interfaces.
by dssmiktik
Tue Oct 05, 2010 5:18 am
Forum: General
Topic: OVPN client in ROS 4.11 fails with OpenVPN server 2.1.2
Replies: 12
Views: 4340

Re: OVPN client in ROS 4.11 fails with OpenVPN server 2.1.2

First, I would check the changelog of openvpn server between 2.1.0 -> 2.1.2. Also, in RouterOS, try to turn on debug logging (not sure the exact logging, but debug should work). Then compare the changelog with RouterOS debug messages and check where it's failing, or what might be causing the problem...
by dssmiktik
Mon Oct 04, 2010 9:03 pm
Forum: Beginner Basics
Topic: hotspot public address assignment
Replies: 18
Views: 3598

Re: hotspot public address assignment

1. How do I get download/upload rate limited for each client if I set them on IP bindings? It will work adding them after that as simple queues? To limit rate for hotspot clients, use /ip hotspot profile set <profile> rate-limit= IP bindings -> bypass is only used for clients who do not get handled...
by dssmiktik
Mon Oct 04, 2010 8:49 pm
Forum: General
Topic: Backup restore
Replies: 10
Views: 10759

Re: Backup restore

sri, When you export a configuration, the output is generated as if you typed the commands at the terminal. In your exported config, there may be dependencies (like IP -> Pool used in DHCP, or interface names used in Firewall) that have to be met before the export can successfully complete. So, for ...
by dssmiktik
Mon Oct 04, 2010 7:01 am
Forum: General
Topic: Feature Request: support multi dynamic address list
Replies: 14
Views: 6056

Re: Feature Request: support multi dynamic address list

Definitely a handy feature to have.
by dssmiktik
Mon Oct 04, 2010 6:58 am
Forum: Beginner Basics
Topic: hotspot public address assignment
Replies: 18
Views: 3598

Re: hotspot public address assignment

Add an entry for client1 and client2 in Hotspot -> IP Bindings and set type=bypassed.
by dssmiktik
Sun Oct 03, 2010 6:07 am
Forum: General
Topic: DNS Failure
Replies: 6
Views: 2665

Re: DNS Failure

This may be a long-shot: 1) Disable DNS requests: /ip dns set allow-remote-requests=no 2) Flush cache: /ip dns cache flush 3) Reboot 4) Flush cache again: /ip dns cache flush 5) DNS requests should be disabled. Enable: /ip dns set allow-remote-requests=yes I haven't experienced this problem, so I ca...
by dssmiktik
Sun Oct 03, 2010 3:31 am
Forum: Scripting
Topic: whats wrong with script?
Replies: 4
Views: 1284

Re: whats wrong with script?

I would guess your server isn't terminating the connection. If the script stays running for a long time, it means /tool fetch isn't done executing yet.

I've also seen cases where if no data was returned by the server, /tool fetch will just sit there, looping for a long time (possibly forever).
by dssmiktik
Sun Oct 03, 2010 3:21 am
Forum: General
Topic: DNS server with excelen web interdace
Replies: 1
Views: 937

Re: DNS server with excelen web interdace

I've used Webmin on linux in the past, and it seemed to work pretty good.

Webmin:
http://www.webmin.com/

Webmin BIND DNS Server documentation:
http://doxfer.webmin.com/Webmin/BINDDNSServer

However, this isn't so much Mikrotik related.
by dssmiktik
Sun Oct 03, 2010 2:56 am
Forum: Beginner Basics
Topic: hotspot public address assignment
Replies: 18
Views: 3598

Re: hotspot public address assignment

fewi, we both posted at the same time!
by dssmiktik
Sun Oct 03, 2010 2:55 am
Forum: Beginner Basics
Topic: hotspot public address assignment
Replies: 18
Views: 3598

Re: hotspot public address assignment

If you are using DHCP, Address Pool to 'none' for the hotspot server. This will prevent the hotspot from dealing with any IP's, and only DHCP will get access to give the client an IP.
by dssmiktik
Fri Oct 01, 2010 7:25 pm
Forum: General
Topic: Backup restore
Replies: 10
Views: 10759

Re: Backup restore

Don't use backup and restore. Use import and export instead. On the source computer /export file=mysetup.rsc on the destination computer /import mysetup.rsc REMEMBER TO EDIT mysetup.rsc AFTER doing the import command. DELETE al MACs and all lines with default configurations or with different interf...
by dssmiktik
Fri Oct 01, 2010 6:58 pm
Forum: SwOS
Topic: SwOS version 1.2 released!
Replies: 41
Views: 21707

Re: SwOS version 1.2 released!

Although I don't have this problem directly, I will throw in my thoughts (for what it's worth): RouterOS has a CLI with ways to access it, and a built-in scripting language to configure things. This has helped in standardizing configuration, and in some cases to create "templates" for mult...
by dssmiktik
Fri Oct 01, 2010 6:32 pm
Forum: General
Topic: Roadmap for IPv6?
Replies: 98
Views: 30627

Re: Roadmap for IPv6?

Is ipv6 routing mark available for netfilter/iptables? If so, Mikrotik only has to include that version, there's no real work that needs to be done other then testing to make sure it works. If not, I suggest trying to encourage the netfilter core team to implement this, and once they do, notify Mikr...
by dssmiktik
Fri Oct 01, 2010 6:22 pm
Forum: General
Topic: RouterOS v5 RC1
Replies: 82
Views: 25574

Re: RouterOS v5 RC1

If filter and mangle rules are failing, this surely is not RC1 code. I know this doesn't help much in resolving any problems, but I just wanted to voice my opinion. Mikrotik, please stablize v5 before final release. I'm starting to get depressed again. v5 (4 previous versions), should be about time ...
by dssmiktik
Fri Oct 01, 2010 7:49 am
Forum: General
Topic: Feature Request: support multi dynamic address list
Replies: 14
Views: 6056

Re: Feature Request: support multi dynamic address list

You can achieve this pretty easily with a mangle rule: Address from RADIUS -> address list: RadiusList Then in mangle, you could say: /ip firewall mangle add src-address-list=RadiusList action=add-src-to-address-list address-list=List2 address-list-timeout=15m Just a workaround for now if it helps.
by dssmiktik
Thu Sep 30, 2010 8:56 am
Forum: General
Topic: Mikrotik crashing randomly, reboot, restore failure
Replies: 9
Views: 4677

Re: Mikrotik crashing randomly, reboot, restore failure

I just had this exact problem. I upgraded from v4.8 to v4.9. 1) Copy all package files to router 2) Reboot 3) Upgrade to v4.9 successful, but /interface l2tp-server and /interface pptp-server completely empty. 4) When I try to reboot, it hangs for a bit and says: Rebooting... Stopping services... fa...
by dssmiktik
Sun Sep 26, 2010 9:22 pm
Forum: General
Topic: API problem in 4.8
Replies: 9
Views: 2979

Re: API problem in 4.8

Now I'm having problems getting .id property from /ip/route/print command. I've tried =detail=, =stats=, =bytes=, and =packets= but I can't get .id property from /ip/route/print using API. I also found that /ip/dns has changed. Is there a help or changelog file somewhere detailing what has changed ...
by dssmiktik
Wed Sep 22, 2010 4:28 am
Forum: Scripting
Topic: Sending GPS data to a TCP server
Replies: 13
Views: 8643

Re: Sending GPS data to a TCP server

Another option could be to use include GPS data in an HTTP GET request. /tool fetch host=<server> src-path="/path/to/page.cgi?gpsp1=<val1>&gpsp2=<val2> ... Then, on the server you could setup a server-side language (say php, python, etc...) to parse the received data. This method relies on ...
by dssmiktik
Wed Sep 22, 2010 4:09 am
Forum: General
Topic: Router OS on Non-Mikrotik Platform Challenge
Replies: 2
Views: 3645

Re: Router OS on Non-Mikrotik Platform Challenge

I kind of agree. I believe RouterOS has far more potential (and has some catchup to do as well). I think Mikrotik should not invest time into specific hardware, but concentrate purely on the OS side of things. Let hardware vendors create hardware (general hardware or whatever) and port RouterOS to a...
by dssmiktik
Wed Sep 22, 2010 3:52 am
Forum: General
Topic: RouterOS v5 RC1
Replies: 82
Views: 25574

Re: RouterOS v5 RC1

Is there going to be the long-awaited Lua scripting support in v5.x? rc1 is getting pretty close to final stable release.

I've been waiting very patiently (and disappointed when it was dropped from v4)

Regards,
by dssmiktik
Sun Sep 19, 2010 9:03 pm
Forum: Scripting
Topic: Scripting
Replies: 4
Views: 1484

Re: Scripting

Try this: /tool fetch mode=http host=<server> src-path=("/path/to/page?router=" . [/system identity get name] . "&var1=" . $var1 . "&var2=" . $var2 . "&var3=" . $var3 ....") It uses HTTP GET not POST, so server will have to handle it as a get ...
by dssmiktik
Sun Sep 19, 2010 3:49 am
Forum: General
Topic: Access some domains through a special (other) gateway
Replies: 5
Views: 1582

Re: Access some domains through a special (other) gateway

you could use L7 to add the destination address to an address list, then use the address list to route packets.
If you know the exact domain name (ex. update.microsoft.com) you could use a DNS / IP lookup script to create address lists based on domain.
by dssmiktik
Wed Sep 15, 2010 9:21 am
Forum: Beginner Basics
Topic: how to change Mac Address
Replies: 18
Views: 254284

Re: how to change Mac Address

/interface wireless reset-configuration <wireless interface>
It resets the whole wireless interface config (including MAC address)
by dssmiktik
Wed Sep 15, 2010 9:16 am
Forum: General
Topic: RDP
Replies: 9
Views: 2241

Re: RDP

Try to add those filter rules (just the permit ones) and check for traffic hits. It will tell you at least what the router is seeing and help troubleshoot it from a packet perspective.
by dssmiktik
Wed Sep 15, 2010 9:12 am
Forum: General
Topic: Feature Request: "Config Test" option with timeout in ROS
Replies: 4
Views: 4145

Re: Feature Request: "Config Test" option with timeout in RO

Can safe-mode be scripted?

If so, you could do something like this:
backup config with timestamp
safe-mode enabled
import config script
run tests (maybe also a script)
if tests all pass ok, disable safe-mode writing changes
backup config with timestamp
by dssmiktik
Wed Sep 15, 2010 9:08 am
Forum: Beginner Basics
Topic: excemted in firewalls
Replies: 6
Views: 1399

Re: excemted in firewalls

Above the rules you already have, put /ip firewall filter add chain=prerouting in-interface=ether3 action=accept add chain=forward out-interface=ether3 action=accept It should be: /ip firewall filter add chain=forward in-interface=ether3 action=accept add chain=forward out-interface=ether3 action=a...
by dssmiktik
Wed Sep 15, 2010 8:52 am
Forum: General
Topic: Block IP after X login failures
Replies: 6
Views: 26476

Re: Block IP after X login failures

No, not natively supported.

You could, however, parse the log for failed login attempts, disabling accounts (or block IP) once a threshold is reached.
This should get you started: Log Parser - Event Trigger Script
by dssmiktik
Tue Sep 14, 2010 6:59 am
Forum: General
Topic: Any way to make all hotspot pages SSL.
Replies: 11
Views: 4020

Re: Any way to make all hotspot pages SSL.

Here is some documentation describing more on customizing hotspot servlet pages (also applies to v4.x):
Customizing HotSpot: HTTP Servlet Pages

Hope this helps.
by dssmiktik
Mon Sep 13, 2010 8:00 am
Forum: Scripting
Topic: address-list script timeout
Replies: 30
Views: 15559

Re: address-list script timeout

ekkas, Looks good. I actually use a similar script. Here is the script I use: :local hostnames "www.google.com, www.mikrotik.com, routerboard.com" # Internal processing... :local Script "Hostname-To-AddressList" :local hostip :local oldip :local dnssearch :local addrlistsearch :f...
by dssmiktik
Sun Sep 12, 2010 9:10 pm
Forum: Scripting
Topic: Script Star
Replies: 8
Views: 3083

Re: Script Star

Neho, Hello, my query is this, I need a script to start scheduling a stereo jack all 15 such days, if not all months have 30 days. if anyone has any idea will be grateful. You have to understand this question is a bit odd. This forum is for Mikrotik RouterOS, which is a routing platform. Your questi...
by dssmiktik
Sun Sep 12, 2010 4:18 am
Forum: Scripting
Topic: Script Star
Replies: 8
Views: 3083

Re: Script Star

"just joined" status from 2006? is this normal?

EDIT: the above is an incorrect observation
by dssmiktik
Sun Sep 12, 2010 4:08 am
Forum: Scripting
Topic: inserting crlf into text file
Replies: 6
Views: 2447

Re: inserting crlf into text file

Technically: CR = \r LF = \n CRLF = \r\n Windows formats documents using CRLF, whereas unix/linux mostly only use LF. Mikrotik console also uses CRLF to format output. Ex. :put "test1\ntest2" test1 test2 :put "test1\rtest2" test2 :put "test1\r\ntest2" test1 test2 Hope t...
by dssmiktik
Thu Sep 09, 2010 7:49 am
Forum: General
Topic: mikrotikhas been stucked
Replies: 3
Views: 1146

Re: mikrotikhas been stucked

Refer to this thread (more complete):
http://forum.mikrotik.com/viewtopic.php?f=2&t=39863
by dssmiktik
Mon Sep 06, 2010 8:19 pm
Forum: General
Topic: PHP based PPP user panel
Replies: 4
Views: 1958

Re: PHP based PPP user panel

p.s. nice work, but API ruleZ anyway =) Except when this happens (the .id is a very crucial part of queries): *) api - fixed '/ip/route/print', was not showing '.id' values; I've only used API a few times, honestly though, I found SSH'ing methods to be very reliable (command-line interface rarely c...
by dssmiktik
Mon Sep 06, 2010 8:12 pm
Forum: Scripting
Topic: script to reconfig on SSID
Replies: 2
Views: 1806

Re: script to reconfig on SSID

Something like this may work: :if ([/interface wireless get <interface> ssid] = "AAAA" do={ # Do action if SSID is AAAA } :if ([/interface wireless get <interface> ssid] = "BBBB" do={ # Do action if SSID is BBBB } ... To detect changes in ssid: :global PrevSSID :local ssid :set s...
by dssmiktik
Mon Sep 06, 2010 7:53 pm
Forum: Scripting
Topic: Error in Script with SSH
Replies: 3
Views: 1533

Re: Error in Script with SSH

Just to add to psamsig's approach (no variables required):

Tested and working code:
ssh <user>@<router> '/interface {:foreach i in=[find type="pptp-in"] do={:put [get $i name]}}'
by dssmiktik
Mon Sep 06, 2010 7:28 pm
Forum: The Dude
Topic: Dude for Linux
Replies: 49
Views: 44575

Re: Dude for Linux

Normis, The Dude server runs on RouterOS (in my case x86), and it runs good. How is it running (wine emulation, native linux port, etc...)? Since Mikrotik RouterOS doesn't use X11, and is 100% command-line, I'm curious as to how the Dude server is running "in the background". Thanks again ...
by dssmiktik
Thu Sep 02, 2010 12:40 am
Forum: General
Topic: feature request: dynamic DHCP
Replies: 2
Views: 1578

Re: feature request: dynamic DHCP

I too had the same question. Basically, this can't be done natively in RouterOS, but you could make a workaround (pretty messy though). The solution I came up with was to parse the dhcp log entries and the filename based on specific data retrieved. First, you could have a "catch-all" filen...
by dssmiktik
Mon Aug 09, 2010 8:02 pm
Forum: The User Manager
Topic: Sending e-mail to hotspot users manually; How to?
Replies: 6
Views: 3184

Re: Sending e-mail to hotspot users manually; How to?

The Wiki has some documentation on User Manager v4 test: http://wiki.mikrotik.com/wiki/User_Manager , however it doesn't look completed yet. It should get you started though. Also, at the console if you type: /tool user-manager then press the <TAB> key, you'll get a list of sub-menus and properties ...
by dssmiktik
Mon Aug 09, 2010 4:15 am
Forum: Beginner Basics
Topic: script for certain profile
Replies: 8
Views: 2216

Re: script for certain profile

namo, I was referring to the same thing you inquired about. Basically you're looking for a certain "group" of users to redirect to a specific page based on some criteria, correct? I know Javascript thing was a bit out there, although it might work, but I've never tried it so I thought I'd ...
by dssmiktik
Sun Aug 08, 2010 5:38 am
Forum: Beginner Basics
Topic: script for certain profile
Replies: 8
Views: 2216

Re: script for certain profile

Maybe Javascript for alogin.html? Then you could use it to do a page redirect, and possibly query RouterOS values through API using Javascript (if it exists) to redirect based on a query. I haven't tested this myself, just a thought. Another thought is you could use this to do session handling as we...
by dssmiktik
Wed Aug 04, 2010 7:19 am
Forum: Forwarding Protocols
Topic: Can RouterOS Forward Broadcast to 255.255.255.255
Replies: 1
Views: 2016

Re: Can RouterOS Forward Broadcast to 255.255.255.255

Kindof. I don't think you can directly, but you could set a static ARP entry, then use NAT to forward to that IP:

Ex.
static arp: 192.168.1.254 = FF:FF:FF:FF:FF:FF
then dst-nat your specific packets to 192.168.1.254 and they will get broadcast out the interface above ARP entry is in.
by dssmiktik
Wed Aug 04, 2010 6:57 am
Forum: Beginner Basics
Topic: byte out sum in hotspot
Replies: 15
Views: 3246

Re: byte out sum in hotspot

And if you really need decimal calculations, check out this math script I wrote a while back:
It actually allows you to calculate with decimals, and/or output decimals.

http://wiki.mikrotik.com/wiki/Calculate ... al_numbers
by dssmiktik
Mon Aug 02, 2010 9:51 pm
Forum: Scripting
Topic: Functions in CMD Scripts
Replies: 23
Views: 40426

Re: Functions in CMD Scripts

Also, feel free to e-mail me with any questions at: dscomputer_2000[at]hotmail[dot]com
by dssmiktik
Mon Aug 02, 2010 9:30 pm
Forum: Scripting
Topic: Help in a script
Replies: 2
Views: 900

Re: Help in a script

fewi,
I like it :) Learn something new every day
by dssmiktik
Mon Aug 02, 2010 5:18 am
Forum: Beginner Basics
Topic: byte out sum in hotspot
Replies: 15
Views: 3246

Re: byte out sum in hotspot

If you're pasting it into the terminal:
type
{
then paste the code
after the pasted code type
}
hit enter

To run a script:
In Winbox, click System -> Scripts -> +
paste the code
click ok
in terminal type:
/system script run <script name>
Hope this helps :)