Community discussions

Search found 91 matches

by mves
Sat Aug 22, 2015 6:54 pm
Forum: General
Topic: Routing help needed
Replies: 2
Views: 375

Re: Routing help needed

No, I want to make interface (let's say 192.168.100.0/24) to go through backup link, not main link. Not failover but 3, 4 interfaces to go through default route, and the 2 of them to go through backup link. It is OSPF based routing with default internet link on the adjacent router and backup interne...
by mves
Fri Aug 21, 2015 10:10 pm
Forum: General
Topic: Routing help needed
Replies: 2
Views: 375

Routing help needed

Hi, I am trying to set one interface internet connection to go through backup link but without success. Default link have 1 hop to the internet node and backup link have 3 hops. OSPF set up routes. I am trying to add manual route for one interface to go through backup link. Any suggestions how to so...
by mves
Wed Apr 22, 2015 11:49 pm
Forum: Scripting
Topic: Help on a script needed
Replies: 7
Views: 758

Re: Help on a script needed

Yes, upgrade will probably be on the way. Only RB450G routers are with ROS 5 but they should be fine with ROS 6... hopefully. And yes, e-mail was send... every 30 seconds :lol: But script is doing just fine, only error is that you can't add comment on dynamic address on ROS 5. It seams that it would...
by mves
Wed Apr 22, 2015 10:01 pm
Forum: Scripting
Topic: Help on a script needed
Replies: 7
Views: 758

Re: Help on a script needed

Scheduler part on 30 sec check :foreach i in=[/ip firewall address-list print as-value where list=TEST and comment!="SENT"] do={ /tool e-mail send to="email@email.com" subject=("WARNING") body=("HOST WARNING:\r\n". ($i->"address")); /ip firewall address-list set ($i->".id") comment="SENT"; } Firewal...
by mves
Tue Apr 21, 2015 11:31 pm
Forum: Scripting
Topic: Help on a script needed
Replies: 7
Views: 758

Re: Help on a script needed

Actually... timeout on address list entry should suffice with comment SENT... since if address doesn't trigger a rule again, it will end up only as a warning. On the other hand... 2nd list could do a trick with timeout of let's say 5 minutes during a day and 30 minutes for a night time for sent emai...
by mves
Tue Apr 21, 2015 10:59 pm
Forum: Scripting
Topic: Help on a script needed
Replies: 7
Views: 758

Re: Help on a script needed

O yes, this seams much easier that solution that I shoot out... but I will make only few changes... Sent comment needs to be on a signal file. Timeout on address list entry is 00:01:30 so it's kind of useless to place it there. Next phase would be to remove signal file as the entry from address list...
by mves
Tue Apr 21, 2015 9:16 pm
Forum: Scripting
Topic: Help on a script needed
Replies: 7
Views: 758

Help on a script needed

Hi, I have some kind of a problem where I can't find a solution. I tried on many other ways but still can't understand what is wrong. What I am trying to do is to mark some addresses from firewall and send them to address list. From there, this script should collect them and send email of findings. ...
by mves
Fri Apr 04, 2014 11:27 pm
Forum: Scripting
Topic: Creating text file help
Replies: 3
Views: 1010

Re: Creating text file help

Now, this works perfectly :D
by mves
Fri Apr 04, 2014 8:13 pm
Forum: Scripting
Topic: Creating text file help
Replies: 3
Views: 1010

Re: Creating text file help

I managed to assemble script but i still having some bit troubles. I actually need to get status inside file and there i got a bit trouble. I can't edit file. I can't actually find right file... this is a test script. Error is in locating created file. :foreach i in=[/ip firewall filter find] do={ :...
by mves
Wed Apr 02, 2014 5:47 pm
Forum: Scripting
Topic: Creating text file help
Replies: 3
Views: 1010

Creating text file help

Hello I need a bit help with script. I need a script that will run through firewall and picking entries with comments that contains # in it and creating text file with name that goes [ENTRY COMMENT - IP - OFF/ON]. Off/on means status of entry, disabled=no or disabled=yes. Any help or direction on th...
by mves
Mon Feb 17, 2014 5:57 pm
Forum: The Dude
Topic: rx/tx function help
Replies: 3
Views: 1831

Re: rx/tx function help

Managed to solve a problem but the needed values are not shown in graphic. It's showing tx/rx of interface even if that values are removed from appearance and replaced by this ones. Any way to enforce graphic display of these values in link view? In: [round(rate(diff32(oid("1.3.6.1.2.1.2.2.1.16.37")...
by mves
Mon Feb 17, 2014 2:24 pm
Forum: The Dude
Topic: rx/tx function help
Replies: 3
Views: 1831

Re: rx/tx function help

No, you misunderstood me. I already have that. Problem is that on the other side is Cisco router. [Interface.InBitRate] and [Interface.OutBitRate] showing values but I need their difference. Let's say in is 300 mbps and out is 250 mbps and I need to show their difference of 50 mbps. And I can't find...
by mves
Sat Feb 15, 2014 6:27 pm
Forum: The Dude
Topic: rx/tx function help
Replies: 3
Views: 1831

rx/tx function help

Hi

Is there any way to achieve to show ([Interface.InBitRate]-[Interface.OutBitRate]) on link or to make function to achieve this?
I can't find needed oids on snmpwalk to do it that way.

Thanks
by mves
Mon Jun 17, 2013 11:42 am
Forum: General
Topic: how block connection of p2p?
Replies: 291
Views: 154198

Re: how block connection of p2p?

Why to use it on core router? You do not have users attached on core router, right? If you do, match those rules only to go on interfaces with users. Otherwise, use it only on routers with users and only on interfaces with users, not on links and not on global bandwidth. You will cut cpu usage in th...
by mves
Thu Jan 10, 2013 11:06 am
Forum: The Dude
Topic: Label customization help needed
Replies: 6
Views: 1680

Re: Label customization help needed

Hello you can create a probe that check snmp value of interface speed. I do it already to check autonegation speed between two routers. On a RB1200, for example i check the interface 1: SNMP OID 1.3.6.1.2.1.2.2.1.2.1 VALUE is ether1 SNMP OID: 1.3.6.1.2.1.2.2.1.5.1 VALUE is 1000000000 (1000000000 IS...
by mves
Wed Jan 09, 2013 1:12 pm
Forum: The Dude
Topic: Label customization help needed
Replies: 6
Views: 1680

Re: Label customization help needed

This is extra complicated since links are handled differently than devices. Gsandul wrote a probe that could complain if a link went above a certain speed but each link probe had to be manually coded. You could easily use his example to make what you are looking for just use search and you will fin...
by mves
Fri Dec 21, 2012 3:20 pm
Forum: The Dude
Topic: Label customization help needed
Replies: 6
Views: 1680

Re: Label customization help needed

Anyone? :(
by mves
Tue Dec 18, 2012 11:41 am
Forum: The Dude
Topic: Label customization help needed
Replies: 6
Views: 1680

Label customization help needed

Is it possible to add if statement in a label of link to monitor for example interface speed or signal strength and if it goes below threshold to play sound?
For example: if interface.speed < 100 mbit turn label color to red and play sound?

Thanks in advance
by mves
Fri Nov 16, 2012 8:07 pm
Forum: The Dude
Topic: Dude and windows7
Replies: 9
Views: 8883

Re: Dude and windows7

Caci99, there are 2 things you have to do... first one, turn off UAC. Next, go into a control panel => administrative tools => services. Find secondary logon, stop service and set it to disabled. Second one solves a trouble with a need to use different administrative rights. Only problem I had is a ...
by mves
Thu Nov 15, 2012 3:45 pm
Forum: The Dude
Topic: Probe Thread
Replies: 324
Views: 226313

Re: Probe Thread

Hi guys. I need help with a dude probe. I need to make a probe that will check interface speeds on interfaces. For example if interface speed changes from 100 mbit/s or 1 gbit/s to 10 mbit/s. So if that criteria is met, probe is down. Note that some of the interfaces are not in function. Thanks in a...
by mves
Sun Jun 24, 2012 3:08 pm
Forum: Scripting
Topic: DHCP script help
Replies: 2
Views: 749

Re: DHCP script help

Yes, that do a trick.
Thank You
by mves
Sat Jun 23, 2012 6:30 pm
Forum: Scripting
Topic: DHCP script help
Replies: 2
Views: 749

DHCP script help

Hi, I need to purge dynamic dhcp entries but not to touch static entries. I've tried to detect dynamic flag but failed to do so. :foreach i in=[/ip dhcp-server lease find flags="dynamic"] do={ /ip dhcp-server lease remove $i; } Anyone have an idea how to do this? Any help would be appreciated. ROS i...
by mves
Fri Dec 16, 2011 3:52 pm
Forum: General
Topic: Groove A-5Hn SNMP problem in dude
Replies: 1
Views: 659

Re: Groove A-5Hn SNMP problem in dude

I've found a partial solution for this... Now it's showing SSID and signal. I've input this in a label under appearance on a dude layout ant now it's showing SSID, Signal, Rx, Tx. Yet, I couldn't found anything for a channel. [oid("iso.org.dod.internet.private.enterprises.mikrotik.mikrotikExperiment...
by mves
Thu Dec 15, 2011 12:40 pm
Forum: General
Topic: how block connection of p2p?
Replies: 291
Views: 154198

Re: how block connection of p2p?

Try my set of rules. It's pure firewall port blocking without any other needed setting. Downside is, you have to add allowed set of ports for certain applications. Add my set of rules on disable and turn them on one by one. Use torch to find out what ports are used for applications they are using an...
by mves
Wed Dec 14, 2011 1:42 pm
Forum: General
Topic: how block connection of p2p?
Replies: 291
Views: 154198

Re: how block connection of p2p?

@otgooneo L7 is a bit outdated, thanks to the CCDKP's observation. All P2P L7 rules are now fitted into single one. /ip firewall layer7-protocol add name=BITTORRENT regexp="^(\\x13bittorrent protocol|azver\\x01\$|get /scrap\ e\\\?info_hash=|get /announce\\\?info_hash=|get /client/bitcomet/|GET /dat\...
by mves
Tue Nov 29, 2011 2:38 am
Forum: General
Topic: Groove A-5Hn SNMP problem in dude
Replies: 1
Views: 659

Groove A-5Hn SNMP problem in dude

Hi... I have a small inconvenience with Groove A-5Hn links in Dude monitoring. Dude is not reading SNMP as it should. It won't pool [snmp_wireless_link_info()] . Is it a bug or maybe Groove have different way of pooling this? I've tried routeros and snmp setting in a dude and still nothing, it's not...
by mves
Tue Nov 22, 2011 8:14 pm
Forum: Scripting
Topic: Script help - if check?
Replies: 6
Views: 3684

Re: Script help - if check?

:local i [/interface ethernet get value-name=speed number=ether2 ]; :if (i="XXX") do={"everything you want"}; XXX can be: 1Gbps, 100Mbps, 10Mbps. Must put them in "". So, I had to put value that I need need to check into a local variable. That was a problem. Thank you a lot... I will try 8) PS... K...
by mves
Tue Nov 22, 2011 8:07 pm
Forum: Scripting
Topic: Script help - if check?
Replies: 6
Views: 3684

Re: Script help - if check?

I've manage script to work... after each run, it's moving to next NAT setting. {:local i [/ip firewall nat get value-name=disabled number=[find comment="1"]]; : if (i=false) do={[/system script run "enable-2"] } else={ {:local i [/ip firewall nat get value-name=disabled number=[find comment="2"]]; :...
by mves
Tue Nov 22, 2011 4:37 pm
Forum: Scripting
Topic: Script help - if check?
Replies: 6
Views: 3684

Re: Script help - if check?

I will try to make it work. I'll post results :)
But for case 1, i didn't meant for traffic, I meant interface connection status like 1Gbit, 100mbit, 10mbit :(

Thanks
by mves
Tue Nov 22, 2011 4:11 am
Forum: Scripting
Topic: Script help - if check?
Replies: 6
Views: 3684

Script help - if check?

Hi guys I need a bit command help for 2 cases... 1) I need to check interface speed in a script but can't find a proper function. I need to check interface speed. - example: if interface speed=10 mbit => execute script 2) How to check if the firewall rules with certain comments are active with else ...
by mves
Wed Oct 26, 2011 6:04 pm
Forum: General
Topic: how block connection of p2p?
Replies: 291
Views: 154198

Re: how block connection of p2p?

@engineertote Try my approach. So far, it's still working with a quite good blocking ratio. No mangle rules and no DNS filtering. Downside is, you'll have to allow online game ports. /ip firewall layer7-protocol add name=BITTORRENT regexp="^(\\x13bittorrent protocol|azver\\x01\$|get /scrap\ e\\\?inf...
by mves
Wed Oct 12, 2011 2:30 pm
Forum: Scripting
Topic: Backup over SSH or telnet ?
Replies: 24
Views: 14190

Re: Backup over SSH or telnet ?

ROS 5.7 and still the same error...
by mves
Wed Oct 12, 2011 2:17 pm
Forum: General
Topic: how block connection of p2p?
Replies: 291
Views: 154198

Re: how block connection of p2p?

Yes, it looks very promising. Router on my link is upgraded to 5.7 so testing is started on myself and unadjusted torrent client. Perhaps allow skype through L7 before dropping udp. /ip firewall layer7-protocol add name=Skype regexp="^..\\x02............." /ip firewall filter add action=accept chain...
by mves
Tue Oct 11, 2011 10:04 pm
Forum: General
Topic: how block connection of p2p?
Replies: 291
Views: 154198

Re: how block connection of p2p?

In 5.7 they finally added the ability to use connection-limit to track UDP streams. I am still doing some testing, but initially it looks promising. add action=drop chain=forward connection-limit=16,32 disabled=no dst-port=!53 protocol=tcp This limits each IP to 16 non-DNS UDP streams. 16 should be...
by mves
Mon Sep 12, 2011 5:25 pm
Forum: Scripting
Topic: Backup over SSH or telnet ?
Replies: 24
Views: 14190

Re: Backup over SSH or telnet ?

for second part (after &&) you can use any other file transfer available, download it using FTP, or using SFTP or even TFTP. you can try to look up somehting like winscp, and see if that has some CLI capabilty to work w/o interface Commands fewi gave would work on any Linux or *BSD machine (Mac OS ...
by mves
Mon Sep 12, 2011 2:08 pm
Forum: Scripting
Topic: Backup over SSH or telnet ?
Replies: 24
Views: 14190

Re: Backup over SSH or telnet ?

Hmmm, first command is usable... Second command, I don't know how to convert it for plink. I'm using a plink.exe for that but I have no idea how to make it download configuration or at least, I don't know what command is used to download backup file. Creation of backup file would be like plink.exe -...
by mves
Mon Sep 12, 2011 3:53 am
Forum: Scripting
Topic: Backup over SSH or telnet ?
Replies: 24
Views: 14190

Backup over SSH or telnet ?

Hi !
Is it possible to do a backup configuration and download backup to a hard-drive over SSH or telnet command?

Thanks
by mves
Wed Aug 10, 2011 3:44 pm
Forum: Scripting
Topic: External batch command?
Replies: 2
Views: 546

Re: External batch command?

Thx... I'll try expect... but can you give me a script example for that?

ip address
username
password
command
+ confirmation if possible
by mves
Wed Aug 10, 2011 1:34 pm
Forum: Scripting
Topic: External batch command?
Replies: 2
Views: 546

External batch command?

Hi

Is there any program that can log into mikrotik over telnet and pass a command on it?
I've tried telnet scripting tool but it's loose itself after imputing password. So is there any other solution to pass a command to mikrotik externally?

Thx
by mves
Thu Jul 07, 2011 1:19 am
Forum: General
Topic: how block connection of p2p?
Replies: 291
Views: 154198

Re: how block connection of p2p?

Oh... I've striped everything else and left entries only for P2P catcher... I thought it can be useful for someone. I'm using PCQ on queue tree and I'm using that only on myself so it's working fine on my home computers. I'm connected to the link through ubiquti Airgrid M5-HP in a router mode with d...
by mves
Thu Jul 07, 2011 12:05 am
Forum: General
Topic: how block connection of p2p?
Replies: 291
Views: 154198

Re: how block connection of p2p?

Yes... thanks for that one :) And for queue tree for P2P catch I used this because I could not manage this to work otherwise... So, it's working on me... don't ask how and why :D I've striped everything but P2P. If you guys find some other less stupid way THAT WORK to capture this, please let me kno...
by mves
Wed Jul 06, 2011 11:38 pm
Forum: General
Topic: how block connection of p2p?
Replies: 291
Views: 154198

Re: how block connection of p2p?

Hi guys... I'm back :) CCDKP, I replaced that rule and so far it's possibly brought some change. At least, less false positive hits and I've seen much less hits on ports 6881-6999 so I guess you are on a right track but I tested it for a short period of time. However, it looks like a correct change....
by mves
Tue May 24, 2011 11:49 am
Forum: General
Topic: QOS setup help
Replies: 3
Views: 673

Re: QOS setup help

Thx... I'll try :)
Sorry for a late reply :(
by mves
Fri May 13, 2011 2:38 am
Forum: General
Topic: QOS setup help
Replies: 3
Views: 673

QOS setup help

Hi everyone... I'm having difficulties to properly mark connections. What am I doing wrong since this works only for upload and it should work only for download :? I need to fix limit download per address (without simple queues!) but this seams to work only for upload. Anyone can point me to the rig...
by mves
Fri Apr 29, 2011 7:44 pm
Forum: General
Topic: OMG !! Combating DNS flood - botnets, infection, and spam ?
Replies: 11
Views: 9064

Re: OMG !! Combating DNS flood - botnets, infection, and spa

Microsoft Malicious Software Removal Tool cleaned an infected wininit.exe for me once. How about that hmm ? :) WITHOUT THE NEED TO REBOOT Niceee... and how about svchost.exe, rundll32.exe, services.exe or maybe winlogon.exe or explorer.exe? :lol: Safest way for your network and for your customer is...
by mves
Fri Apr 29, 2011 7:18 pm
Forum: General
Topic: OMG !! Combating DNS flood - botnets, infection, and spam ?
Replies: 11
Views: 9064

Re: OMG !! Combating DNS flood - botnets, infection, and spa

You can't know... and usually this stuff can be removed only by reinstalling windows and in extreme cases you have to do a low level format of all hard drives. Microsoft Malicious Software Removal Tool usually crash windows because it delete infected files instead of fixing them. Well, at least, tha...
by mves
Fri Apr 29, 2011 5:31 pm
Forum: General
Topic: OMG !! Combating DNS flood - botnets, infection, and spam ?
Replies: 11
Views: 9064

Re: OMG !! Combating DNS flood - botnets, infection, and spa

O, but it does catching them. At least, not directly. This botnets usually using different DNS server than your default so I killed everything that's not going through designated DNS. I found couple of users with this issue and this thing successfully removed invalid DNS attempts and also removed th...
by mves
Fri Apr 29, 2011 5:06 pm
Forum: General
Topic: Backup over e-mail help?
Replies: 13
Views: 1936

Re: Backup over e-mail help?

:delay 10s
Well... try to add this at the end of the script.
by mves
Fri Apr 29, 2011 12:40 am
Forum: General
Topic: OMG !! Combating DNS flood - botnets, infection, and spam ?
Replies: 11
Views: 9064

Re: OMG !! Combating DNS flood - botnets, infection, and spa

Hello. There is an infection of some sort that makes too much DNS requests for random domains: It might just be a user starting up their Google Chrome web browser. If so, nothing to worry about: http://isc.sans.edu/diary.html?storyid=10312 O yes? That could really be true but that actually does not...
by mves
Thu Apr 28, 2011 5:54 pm
Forum: General
Topic: OMG !! Combating DNS flood - botnets, infection, and spam ?
Replies: 11
Views: 9064

Re: OMG !! Combating DNS flood - botnets, infection, and spa

Hi... I'm testing this and so far it's doing fine. It kicked out flooding with N entries from cache and also listing origin of this flood and IP destination. /ip firewall nat add action=add-src-to-address-list address-list=DNS address-list-timeout=1d chain=dstnat comment=\ "DNS Flood - Test" disable...
by mves
Tue Apr 26, 2011 8:36 pm
Forum: General
Topic: System rebooted because of kernel failure on RB750G ???
Replies: 1
Views: 811

System rebooted because of kernel failure on RB750G ???

system error critical: System rebooted because of kernel failure system error critical: System rebooted without proper shutdown, probably power outage It's happening on RB750G with 4.10 ROS. All 5 ports are in use. Last one was replaced because of the same issue. It's just stop responding and then ...
by mves
Sun Apr 17, 2011 4:21 pm
Forum: General
Topic: Backup over e-mail help?
Replies: 13
Views: 1936

Re: Backup over e-mail help?

put all parameters in quotes. The backup file name is probably causing issues on the send email line, quote them and see if that helps. also, the policy refers to the permissions on the script, check all those boxes to allow it access on the scheduler/script. Good thinking... it worked. I placed [ ...
by mves
Fri Apr 15, 2011 3:26 pm
Forum: General
Topic: Backup over e-mail help?
Replies: 13
Views: 1936

Re: Backup over e-mail help?

No luck :( When i tried to input script it said input does not match any value of policy api part is not available in 4.17. Without it, it's ok but it have error when run, invalid FROM address. hmmm... guess I'll have to upgrade on ROS 5.1 or to downgrade to 3.30 if I want to make this work that way...
by mves
Thu Apr 14, 2011 11:52 pm
Forum: General
Topic: Backup over e-mail help?
Replies: 13
Views: 1936

Re: Backup over e-mail help?

Does anyone knows how to make this work?
by mves
Thu Apr 14, 2011 12:41 pm
Forum: General
Topic: Backup over e-mail help?
Replies: 13
Views: 1936

Re: Backup over e-mail help?

Yes... I tried with tls= yes and I also get all the same. And tls should be on by default as I remember correct?
This looks like some kind of bug in ROS 4 since it works in 3.
by mves
Thu Apr 14, 2011 2:15 am
Forum: General
Topic: Backup over e-mail help?
Replies: 13
Views: 1936

Re: Backup over e-mail help?

:log info "backup beginning now" :local Date ([:pick [/system clock get date] 7 11] . "-" \ . [:pick [/system clock get date] 0 3] . "-" \ . [:pick [/system clock get date] 4 6]) :global backupfile ([/system identity get name] . "-" . $Date ) /system backup save name=$backupfile :log info "backup p...
by mves
Wed Apr 13, 2011 10:07 pm
Forum: General
Topic: Backup over e-mail help?
Replies: 13
Views: 1936

Backup over e-mail help?

Hi add name=backup policy=ftp,reboot,read,write,policy,test,winbox,password,sniff source=":log info \"backup beginning now\"\r\ \n:global backupfile ([/system identity get name] . \"-\" . [/system clock get time])\r\ \n/system backup save name=\$backupfile\r\ \n:log info \"backup pausing for 15s\"\r...
by mves
Fri Mar 25, 2011 4:22 pm
Forum: General
Topic: how block connection of p2p?
Replies: 291
Views: 154198

Re: how block connection of p2p?

I have not found a good working UDP L7 for that yet. :(
If anyone can find it please do post that info :)

So far, my set of rules still works. Even version without DNS entries.
by mves
Mon Mar 07, 2011 10:36 pm
Forum: General
Topic: how block connection of p2p?
Replies: 291
Views: 154198

Re: how block connection of p2p?

/ip firewall nat add action=dst-nat chain=dstnat comment="Capture DNS" disabled=no dst-address=!<ROUTER LAN IP> dst-port=53 protocol=tcp src-address-list=!whitelist to-addresses=<ROUTER LAN IP> add action=dst-nat chain=dstnat comment="Capture DNS" disabled=no dst-address=!<ROUTER LAN IP> dst-port=5...
by mves
Sun Mar 06, 2011 10:50 pm
Forum: General
Topic: how block connection of p2p?
Replies: 291
Views: 154198

Re: how block connection of p2p?

Ok, I'll try those things and say if helped me...
Where u implemented those config? I see u'r from Serbia, so it's skola, igraona, ili nesto slicno?
Hvala!
Wireless internet 8)
by mves
Sat Mar 05, 2011 3:44 pm
Forum: General
Topic: how block connection of p2p?
Replies: 291
Views: 154198

Re: how block connection of p2p?

Hi HowYesNo... Don't worry, you'll soon figure the most things out. I've also spent lots of time figuring out what's wrong with dns entries since on some routers that killed internet completely. So, if internet works, it's most likely that you did it right. Also, I had to go without them on most of ...
by mves
Tue Mar 01, 2011 9:31 pm
Forum: General
Topic: SIP Attack?
Replies: 12
Views: 4712

Re: SIP Attack?

Thank you all for help... Added udp 5060-5061 port block on existing virus chain and there are packet drop. There are no more sip listings and skype works. So far, so good :) But, it's not functional solution. Is there any known way to make something similar detectable for udp connections? Maybe a s...
by mves
Tue Mar 01, 2011 11:31 am
Forum: General
Topic: SIP Attack?
Replies: 12
Views: 4712

Re: SIP Attack?

With VOIP I mean skype and msn. I hope we didn't misunderstood. There are no dedicated servers for VOIP or anything similar on a network if you mean that. So, If ports 5060 and 5061 gets locked, that won't affect skype or msn and simple port blocking would do a trick? :) @Wesley There are no dynamic...
by mves
Mon Feb 28, 2011 1:09 pm
Forum: General
Topic: SIP Attack?
Replies: 12
Views: 4712

Re: SIP Attack?

Yes, it's a public ip range on main routers and this is coming from outside. But, if I block 5060 and 5061 ports, how will it affect VOIP?
by mves
Sun Feb 27, 2011 10:19 pm
Forum: General
Topic: SIP Attack?
Replies: 12
Views: 4712

SIP Attack?

This situation is happening quite often and I really have no idea how dangerous it can be. Anyone knows what is it, how to detect it and how to fight against it?

Image
by mves
Thu Feb 17, 2011 2:54 pm
Forum: General
Topic: how block connection of p2p?
Replies: 291
Views: 154198

Re: how block connection of p2p?

Well, I've been busy on trying to run dns entries like that last time an failed so I came up on this (with a little help however) and another script that flushing cache every hour. I figure it out now how it's work :D :foreach i in [/ip dns static find] do={ /ip dns static disable $i } Also, that DN...
by mves
Wed Feb 16, 2011 3:04 am
Forum: Scripting
Topic: Script help please
Replies: 2
Views: 517

Re: Script help please

Thx a lot... that works :)
by mves
Wed Feb 16, 2011 1:59 am
Forum: Scripting
Topic: Script help please
Replies: 2
Views: 517

Script help please

I tried to run script with source /ip dns static enable 0 /ip dns static enable 1 But, it did not turn on lines. Yet, those commands work fine in a terminal window. Same thing with a disable. /ip dns cache flush /ip dns static disable 0 /ip dns static disable 1 On this one, cache get flushed but lin...
by mves
Tue Feb 15, 2011 5:08 pm
Forum: General
Topic: how block connection of p2p?
Replies: 291
Views: 154198

Re: how block connection of p2p?

The NAT code redirects all TCP and UDP traffic destined for port 53 (DNS) to the local router. This prevents users from simply setting a static DNS and bypassing your DNS control. Hmmm... let's see if I'm getting this right. On my network there are 4 DNS entries used. 2 internal most commonly used ...
by mves
Mon Feb 14, 2011 3:49 pm
Forum: General
Topic: how block connection of p2p?
Replies: 291
Views: 154198

Re: how block connection of p2p?

Hi... @CCDKP Can you use a p2p block on a QoS stage and get traffic get dropped by PCQ setting on let's say source port classification? So let's say, everything that uses more that 10 connections per source port in a current queue? So, will it work that way? Also, /ip firewall nat add action=dst-nat...
by mves
Thu Feb 10, 2011 3:55 am
Forum: General
Topic: how block connection of p2p?
Replies: 291
Views: 154198

Re: how block connection of p2p?

sorry for asking such a stupid question but how to put all of this commands together ? should i type all of this ?! SSH and TELNET does not support PASTE function as far as i know. Not? I used once a command promt and telnet from windows xp to connect to the router where I accidentally killed winbo...
by mves
Sat Feb 05, 2011 11:57 pm
Forum: General
Topic: how block connection of p2p?
Replies: 291
Views: 154198

Re: how block connection of p2p?

Of course that it's easy for us... not for average user 8) So in that case, why does music, software and games manufacturers placing copy protection on their disks when it can be overridden? Quite easily however, but that protection can stop novice and most of the average folks which actually makes ...
by mves
Sat Feb 05, 2011 11:20 pm
Forum: General
Topic: how block connection of p2p?
Replies: 291
Views: 154198

Re: how block connection of p2p?

I'm not worry about a smart guys... they are smart enough to use a p2p and stay low to avoid detection. But as all of you know, every torrent client leaves behind a nice trace in used ports and constant upload so you'll get caught eventually. And considering dual ISP, you would had to place that usb...
by mves
Sat Feb 05, 2011 5:34 pm
Forum: General
Topic: how block connection of p2p?
Replies: 291
Views: 154198

Re: how block connection of p2p?

happy to fight windmills :D
So far... windmills are loosing. This don Quijote won this battle. Windmills get heavy defeat so I guess it will take some time for them to get recovered. War however is not over, but this battle is 8)
by mves
Sat Feb 05, 2011 3:38 pm
Forum: General
Topic: how block connection of p2p?
Replies: 291
Views: 154198

Re: how block connection of p2p?

Here's my full p2p blocking rules. This ones are striped from RB433 last point router. If it's not last point, you'll have to add interface on blocking segments to cut CPU usage and let the next router in a line take care of it's own set of users. There are 2 interfaces on this one (one set is strip...
by mves
Sat Feb 05, 2011 12:55 pm
Forum: General
Topic: how block connection of p2p?
Replies: 291
Views: 154198

Re: how block connection of p2p?

Thanks mves ... nice advice. But did you try in wirelles part (2.4 ghz) to change to some fixed slower rate ? It may be helpfull . Unfortunately I havenot so loaded node to test by myself. To cut down download speed on torrent usage? That's even worst than just simply block them. It could do for a ...
by mves
Sat Feb 05, 2011 1:56 am
Forum: General
Topic: how block connection of p2p?
Replies: 291
Views: 154198

Re: how block connection of p2p?

Main routers (RB800, RB433AH, x86) are connected in triangle and input links are from two different ISP's. When one link is down, everything is switched to another. Same with routers. But from that 3, links spread to another routers. Links between are 5 ghz. There are also option for users to use 2....
by mves
Fri Feb 04, 2011 11:22 pm
Forum: General
Topic: how block connection of p2p?
Replies: 291
Views: 154198

Re: how block connection of p2p?

@bax You misunderstood my question... I asked on what queue will end up unregistered traffic like encrypted p2p? This qos you end up is excellent for 5 Ghz wi-fi however. But for 2.4 Ghz, well, even 90% p2p reduction over a day is enough. My version works good enough to block 9 out of 10 p2p users a...
by mves
Fri Feb 04, 2011 7:38 pm
Forum: General
Topic: how block connection of p2p?
Replies: 291
Views: 154198

Re: how block connection of p2p?

@bax Nice... I'll update my traffic rules for p2p protocols since I see new stuff here. But also, what will happen if someone turn on torrent encryption and use a https tracker? Where would that priority end up? Also, can you do a little update on that codes? \ on the end of each line is a bit confu...
by mves
Fri Jan 28, 2011 3:50 am
Forum: General
Topic: pptp ppp attack!
Replies: 3
Views: 2993

Re: pptp ppp attack!

Yes... colleague is using it often. I turned it off for now... thx.
So, is there a way to protect it from further brute force attacks? Problem is that it was from a multiple ip addresses.
by mves
Fri Jan 28, 2011 2:17 am
Forum: General
Topic: pptp ppp attack!
Replies: 3
Views: 2993

pptp ppp attack!

Hi! I've got multiple log in attempts over pptp from multiple IP adrresses. It goes one after another every few seconds... pptp info TCP connection established from xx.xx.xx.xx pptp ppp info <pptp-0> waiting for call pptp ppp info <pptp-0>terminating ...- cntrl message too big pptp ppp info <pptp-0>...
by mves
Wed Jan 26, 2011 8:03 pm
Forum: General
Topic: how block connection of p2p?
Replies: 291
Views: 154198

Re: how block connection of p2p?

http://www.tiktube.com/index.php?video=247 http://mum.mikrotik.com/presentations/US09/megis_qos.pdf So, in my case, priority 1 should have online gaming (cod, cs, wow...) and voip, http and https priority 2, download priority 4 and the rest (p2p) priority 8 ? And, in case that p2p be allowed during...
by mves
Wed Jan 26, 2011 7:02 pm
Forum: General
Topic: how block connection of p2p?
Replies: 291
Views: 154198

Re: how block connection of p2p?

http://www.tiktube.com/index.php?video=247 http://mum.mikrotik.com/presentations/US09/megis_qos.pdf So, in my case, priority 1 should have online gaming (cod, cs, wow...) and voip, http and https priority 2, download priority 4 and the rest (p2p) priority 8 ? And, in case that p2p be allowed during...
by mves
Wed Jan 26, 2011 3:15 pm
Forum: General
Topic: how block connection of p2p?
Replies: 291
Views: 154198

Re: how block connection of p2p?

Hi... TKITFrank, well, I might try that on a test zone... Can you give me a winbox guidance how to set that script correctly? :) But last time that setup did some trouble however. @normis... we don't talk here about 2 or 3 users. It's a wide spread network. But, please tell me your idea and how to s...
by mves
Tue Jan 25, 2011 6:59 pm
Forum: General
Topic: how block connection of p2p?
Replies: 291
Views: 154198

Re: how block connection of p2p?

Be careful in blocking services as the new Net Neutrality bill was released in December which states we are not allowed to block services and have to allow a reasonable speed.. I disagree with it totally but not all torrent and peer-to-peer is illegal. As far as I know, Germany for example banned p...
by mves
Tue Jan 25, 2011 8:15 am
Forum: General
Topic: how block connection of p2p?
Replies: 291
Views: 154198

Re: how block connection of p2p?

Hi... One router was constantly locking while that was active and another had tendencies to block everything while that was on so it's decided to get that entries out and to find another solution. Was that because of that, no one want's to try that again. Plus torrents are allowed to be used from mi...
by mves
Sun Jan 23, 2011 7:43 pm
Forum: General
Topic: how block connection of p2p?
Replies: 291
Views: 154198

Re: how block connection of p2p?

Hi :)
I've been a bit busy lately. That's not what I need or can apply... I'm trying to do a little changes so it's in a testing faze and preliminary results are promising. So far, so good :)
by mves
Mon Jan 17, 2011 4:54 pm
Forum: General
Topic: how block connection of p2p?
Replies: 291
Views: 154198

Re: how block connection of p2p?

Hi, I have tried with utorrent 2.2 using the 2 first top100 torrent on thepiratebay.org but it is still blocked. Have you done all the dns blocking and L7 blocking? No, DNS is a problem since it is allowed for customers to use other DNS and torrent sites must not be blocked at all so... no DNS valu...
by mves
Sat Jan 15, 2011 1:26 am
Forum: General
Topic: how block connection of p2p?
Replies: 291
Views: 154198

Re: how block connection of p2p?

I will check on Monday. Have you seen traffic not being blocked? Yes... so I combined a rules with port blocking. Catch is that I had to modify a bit of that since torrent sites must not be blocked and torrent usage is time limited to night and I really have no idea wth have I changed :) Plus, I ha...
by mves
Tue Jan 11, 2011 9:38 pm
Forum: General
Topic: how block connection of p2p?
Replies: 291
Views: 154198

Re: how block connection of p2p?

Hi,

Just tired the new version and it is still blocked phuuuu :)

Well... can you do a little update on this? :)
by mves
Tue Jan 11, 2011 8:23 pm
Forum: General
Topic: how block connection of p2p?
Replies: 291
Views: 154198

Re: how block connection of p2p?

Can someone make an update of blocking rules? L7 filter /ip firewall layer7-protocol add comment="" name=BITTORRENT regexp="^(\\x13bittorrent protocol|azver\\x01\$|get /scrape\\\?info_hash=get /announce\\\?info_hash=|get /client/bitcomet/|GET /data\\\?fid=)|d1:ad2:id20:|\\x08'7P\\)[RP]" I guess that...