Community discussions

MikroTik App

Search found 24 matches

by Charlie Whiskey
Sat Mar 11, 2006 4:26 am
Forum: General
Topic: The definition of "passthrough"?
Replies: 1
Views: 829

The definition of "passthrough"?

I'm getting conflicting information here. On one hand the manual seems to indicate that the "passthrough" tickbox is equivalent to disabling the rule, but then some of the examples suggest that the rule would be evaluated, but instead of stopping after this rule RouterOS would keep going on to the o...
by Charlie Whiskey
Fri Jan 20, 2006 8:29 am
Forum: General
Topic: Suggestion: More versatile address lists
Replies: 3
Views: 2332

But in Winbox, how would you add, say, 1.2.3.4/32 and 5.6.7.8/32 to the same list?
by Charlie Whiskey
Thu Jan 19, 2006 3:27 pm
Forum: General
Topic: Suggestion: More versatile address lists
Replies: 3
Views: 2332

Suggestion: More versatile address lists

I hope in a future version the address lists will allow manually entered arbitrary non-sequential addresses. That would make them so much more useful.
by Charlie Whiskey
Thu Jan 19, 2006 2:53 pm
Forum: General
Topic: Help with Mangle for QOS
Replies: 11
Views: 3984

The manual says:

"passthrough - ignore this rule and go on to the next one. Acts the same way as a disabled rule, except for ability to count packets"
by Charlie Whiskey
Thu Jan 19, 2006 8:00 am
Forum: General
Topic: Still stuck on FTP
Replies: 1
Views: 982

Still stuck on FTP

First problem: How should I set the firewall filtering rules for an FTP server? I'm assuming I need three sets of rules: 1) Allow traffic to port 21 and any return traffic with connection state of established. 2) Allow any incoming traffic with connection type of "ftp" plus any return traffic with ...
by Charlie Whiskey
Wed Jan 18, 2006 9:01 am
Forum: General
Topic: Custom filtering chain and NAT tables
Replies: 2
Views: 1113

somebody please?
by Charlie Whiskey
Wed Jan 18, 2006 8:54 am
Forum: General
Topic: Netwatch vs check-gateway
Replies: 1
Views: 974

Anybody?
by Charlie Whiskey
Fri Jan 13, 2006 9:34 am
Forum: General
Topic: Syn flood protection - what's the best approach?
Replies: 1
Views: 1210

Syn flood protection - what's the best approach?

Would RouterOS match a packet to the rule "tcp-flags=syn" if some other flags are set as well? Is using this rule an effective proof against syn floods? If so then is there a guide out there for figuring out how to set the optimum limit?
by Charlie Whiskey
Fri Jan 13, 2006 8:08 am
Forum: General
Topic: Netwatch vs check-gateway
Replies: 1
Views: 974

Netwatch vs check-gateway

Does netwatch perform the same function as check-gateway in /ip route? Only difference between netwatch can execute some user defined scripts?
by Charlie Whiskey
Fri Jan 13, 2006 4:40 am
Forum: General
Topic: Custom filtering chain and NAT tables
Replies: 2
Views: 1113

Custom filtering chain and NAT tables

My network uses both DNAT and SNAT. If the FORWARD chain directs traffic to individual custom filtering chains for each of my router's interfaces, what happens when these custom chains "accept" a packet? I mean, is RouterOS smart enough to direct them to the POSTROUTING chain to have SNAT performed ...
by Charlie Whiskey
Thu Jan 12, 2006 7:25 pm
Forum: General
Topic: FTP & firewall
Replies: 5
Views: 1335

Anybody?
by Charlie Whiskey
Tue Jan 10, 2006 2:25 pm
Forum: General
Topic: Is it worth Using MKT as a firewall
Replies: 7
Views: 1973

Wouldn't even simply forwarding traffic slow down the router a lot, let alone analysing on spot? People have mentioned using an old hub sitting on the line connecting the router to the outside world and plugging the NIDS box into the hub instead, and using a listen-only sniffing cable too!
by Charlie Whiskey
Tue Jan 10, 2006 9:18 am
Forum: General
Topic: More than one packet/connection/routing mark per packet?
Replies: 2
Views: 1263

More than one packet/connection/routing mark per packet?

If I have two rules both adding a (say) packet mark to the same packet, would the second over-write the first or would the packet happily carry both marks?
by Charlie Whiskey
Tue Jan 10, 2006 7:38 am
Forum: General
Topic: FTP & firewall
Replies: 5
Views: 1335

FTP & firewall

I know FTP requires two different connections, but I'm confused by the difference between "connection state: related" and "connection type: ftp" in Winbox. What are their differences? Would I need to set up both to enable FTP connections through the router?
by Charlie Whiskey
Wed Jan 04, 2006 3:27 am
Forum: General
Topic: A firewall question (UDP and connection state / tracking)
Replies: 1
Views: 1386

A firewall question (UDP and connection state / tracking)

I'm still a firewall scripting beginner so please bear with me. I have the following requirements: 1) Allow the router to request NTP synchronisation with an external time source. 2) Allow computers on the LAN segment to request NTP synchronisation with this router. 3) Drop all other synchronisation...
by Charlie Whiskey
Mon Dec 19, 2005 8:22 am
Forum: General
Topic: Question on NAT and routing mark
Replies: 4
Views: 1646

jhydzik, if you have a new problem please start a new thread. cmit, thanks for the answer. My routing mark comment was there because I've two ADSL lines going out of the office but yes, I looked back at it and it really had nothing to do with my problem. Regarding your answer, would you say the foll...
by Charlie Whiskey
Fri Dec 16, 2005 7:10 am
Forum: General
Topic: Question on NAT and routing mark
Replies: 4
Views: 1646

Question on NAT and routing mark

I've posted this question on the scripting forum a few days ago but that place seems to have such a low amount of traffic I might as well try it here also. Referring to the last example on this manual page, http://www.mikrotik.com/docs/ros/2.9/ip/route , I only need to write a masquerade (SNAT) and ...
by Charlie Whiskey
Wed Dec 14, 2005 3:23 pm
Forum: General
Topic: Connecting to a DSL modem in bridge mode
Replies: 9
Views: 1926

Yea, the blink command only works if there is a cable plugged into the port, and you need another network device on the other end too to complete the circuit.
by Charlie Whiskey
Wed Dec 14, 2005 12:41 pm
Forum: Scripting
Topic: Question on NAT and routing mark
Replies: 1
Views: 1184

Question on NAT and routing mark

Referring to the last example on this manual page, http://www.mikrotik.com/docs/ros/2.9/ip/route , I only need to write a masquerade (SNAT) and a routing mark rule to get a computer with a private IP behind the router connected to the outside. How come I don't need a matching pair of rules to cater ...
by Charlie Whiskey
Thu Dec 08, 2005 3:20 pm
Forum: RouterBOARD hardware
Topic: How to trigger the activity LED on the RB532?
Replies: 7
Views: 2979

These commands only blink the user defined LEDs, NOT the nine activity LEDs on the ethernet ports.
by Charlie Whiskey
Thu Dec 08, 2005 1:36 pm
Forum: RouterBOARD hardware
Topic: How to trigger the activity LED on the RB532?
Replies: 7
Views: 2979

How to trigger the activity LED on the RB532?

I remember there was a command that lights up the activity LED on the specified port and I can't find any mention of it anywhere in the manual. Does anybody remember what it is?
by Charlie Whiskey
Thu Dec 08, 2005 1:33 pm
Forum: General
Topic: Connecting to a DSL modem in bridge mode
Replies: 9
Views: 1926

I finally found out what was wrong, I simple had the cable plugged into the wrong socket! :oops:

I remember there was a command that lights up the activity LED on the specified port but I can't find any mention of it in the manual. Does anybody know what that command is?
by Charlie Whiskey
Tue Dec 06, 2005 4:31 pm
Forum: General
Topic: Connecting to a DSL modem in bridge mode
Replies: 9
Views: 1926

Connecting to a DSL modem in bridge mode

I've spent days doing experiments but couldn't get it working. I've an old Dlink DSL500 modem that I've been trying to set up as a bridge for a RB534 router and it never worked, but it worked if I connect a Win 2000 machine direct to the modem. I've ran out of ideas to try. Can someone please give m...
by Charlie Whiskey
Wed Nov 16, 2005 8:45 am
Forum: Scripting
Topic: Script newbie needs help
Replies: 2
Views: 1298

Script newbie needs help

 2 name="testscript" owner="admin"
   policy=ftp,reboot,read,write,policy,test,winbox,password run-count=0
   source=
     /system
     check-config
Can anyone tell me why this script doesn't work? By the way I haven't noticed any feed back for scripting errors, is there any?