MikroTik

sioux

I know that there was a simpler way to achieve this.
Thank you!!

sioux

Hello I have problem with importing large numer of web proxy access rules. My import file looks like this /ip proxy access add dst-host=0-168.com action=deny /ip proxy access add dst-host=0-29.com action=deny /ip proxy access add dst-host=0-2u.com action=deny /ip proxy access add dst-host=0-days.net...

sioux

the problem was that routerOS doesn't send timestep of event in clear text format like 2007 Aug 13 or something like this. root@ubuntu-http:~# tcpdump udp and dst port 514 -xX -n tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet)...

sioux

digging internet depper i found that it is rather SPLUNK "problem"
SPLUNK at default isn't recognizing MT syslog timesteps well
if I find a solution I'll post it here

sioux

ok ... can someone could check if I made it right? please [admin@MikroTik] queue tree> print Flags: X - disabled, I - invalid 0 name="1:" parent=local packet-mark="" limit-at=100000 queue=default priority=1 max-limit=100000 burst-limit=0 burst-threshold=0 burst-time=0s 1 name=&qu...

sioux

Hi I have succesfuly setup a server (ubuntu 6.10se) with slunk (http://www.splunk.com) Everything works great besides one thing. Event timesteps are wronk. In splunk logs I can see events with tommorows date for example. I'm remotely logging wireless,info events (connected, disconnected, disconnecte...

sioux

Hi
thx you all for advice. I know that i need to mark packet, I also read all wiki treads but most of them basis on simple queue!
i want to setup a queue tree .. and ALL I want to know how to put above tc rules (besides DEFAULT param) into MT queue engine. that's all!

sioux

hi! is it really that hard?

anybody?

sioux

hi I try to understand well QoS in RouterOS and I have one question. I'm accustom to use tc from a command so please tell me HOW to properly implement this scenerio: tc qdisc add dev eth0 root handle 1: htb default 12 tc class add dev eth0 parent 1: classid 1:1 htb rate 100kbps ceil 100kbps tc class...

sioux

hi

how to do something similar to: ssh user@mt_device "command" (command eg. "int print")
using telnet ??

sioux

and that is correct becouse mangle is traveled first

THX

sioux

hi all

how to dnat every nth (or random) connection to remote http server TO to my http server?
to do it I need to catch syn (another words state NEW) packet but in NAT section there is not such an option.

sioux

Use routing-test package as well.

Sam

Why ??

sioux

hi i've commited a policy routing like described in wiki http://wiki.mikrotik.com/wiki/Policy_Routing_in_RouterOS_2.9.x every thing looks working good BUT :) i CANT log in to router via second line let say i have configuration like this wan1 (default gateway) 192.168.10.10 wan2 (http pop3 etc) 192.1...

sioux

but how to read them to being logged to MT ?? not remotely

sioux

BIG 10x !!!

sioux

as far as i know it's not possible. Anyway, why would you need that?

i want to crete script that process text file with output of /int wire reg print and which return some values which i can't get via snmp about user connection ... then i want to graph it with cacti

sioux

Hi is it possible to force print command to print output in one line ?? Im doing something like this ssh -i key -l user host_ip "/int wire reg print" and I get output with new line chars 0 ;;; XXX interface=sektor_2 mac-address=00:4F:62:0C:87:BE ap=no wds=no rx-rate=11Mbps tx-rate=11Mbps p...

sioux

Hi how to read this properties (eg. bytes-in, bytes-out ...) being logged on MT router [sioux@host] > /interface [sioux@host] interface> print oid Flags: X - disabled, D - dynamic, R - running 0 R name=.1.3.6.1.2.1.2.2.1.2.1 mtu=.1.3.6.1.2.1.2.2.1.4.1 mac-address=.1.3.6.1.2.1.2.2.1.6.1 admin-status=...

sioux

and what about registering my ROS?

sioux

I tried to install the 3beta on vmware yesterday but I had no success. Boot from network using netinstall didn't worked due to some unknown problems in my local setup probably (arp problem reported by virtual station). So i installed 2.9.x from boot CD (I found no ISO image for 3 beta) and then tri...

sioux

Hi

I dont know why, I have problem with registering (demo key - level 1) RouterOS 3.0 beta 7 which I installed on vmware
When I enter key generated via www interface (I set Device type: x86 system) I get an error

Can someone confirm this ?

sioux

on my another rb532a board 2.9.41 fw2.7 wher configuration is clear (/system reset-configuration) and a configure basic params like /int wire set wlan1 band=2.4ghz-b mode=ap-bridge disabled=no 0 R name="wlan1" mtu=1500 mac-address=00:0C:42:15:24:C2 arp=enabled disable-running-check=no inte...

sioux

Hi all I don't know why when I put /interface wireless monitor sektor_2 there is no: overall-tx-ccq current-ack-timeout current-distance all I see: status: running-ap band: 2.4ghz-b frequency: 2462MHz noise-floor: -100dBm registered-clients: 9 authenticated-clients: 9 nstreme: no current-tx-powers: ...

sioux

Hi I agry with airstream It would by also really cool to have an option to choose which column to show That becouse web user manager interface is useless when user manager is used as a radius mac server. Users are shown as mac addresses and rest information are zeros instead of for example IP;MAC;Fi...

sioux

Hi

Is it possible to change a time (to higher ~10min) betwin reconnets do remote server if authorization fails? or any how simulate this scenerio with script or something?

sioux

hi

I've just commited a test

cable length - 152m
cable category - 5e

results can be viewed here http://slawomirsikora.blogspot.com/2007 ... rb532.html

sioux

so it looks like i need to send it to support! thx for confirming my words.

sioux

ermm, what he is saying is that the input chain is not filtering input. Plain and simple. I will see if I can test this on our test box today to see if its truly bypassing the firewall (which sounds fishy to me). that's right ps - can you please post your input chain? /ip firewall filter export fro...

sioux

DHCP client is contacting router and data is passing trough chain=input, DHCP server[router] replies to client and data is passing trough chain=output. Make sure you have used correct rule to block access to router, just curious how do you get back access to the router, f'ilter add chain=input acti...

sioux

blocking in /ip firewall doesnt work .. in example above I block ALL all traffic which goes to INPUT chain .. and even after doing it I was still able to recive IP from DHCP server

sioux

Hi all I am wondering why when I set a DHCP server on a specific port, then block all incoming traffic with ip firewall filter add chain=input action=drop I am still able to recive an Ip address from DHCP server first I think that there is an invisible rule which accepts that traffic .. but when I a...

sioux

you HAVE TO add protocol, or the port setting won't take effect, and will block google altogether

so you are saying that my rule

add chain=forward dst-port=80 adtion=drop

is actually

add chan=forward action=drop

??

sioux

hi all suppose that i have clear router configuration and pinging for example google.com from host which is behind router I get this: Badanie google.com [72.14.207.99] z użyciem 32 bajtów danych: Odpowiedź z 72.14.207.99: bajtów=32 czas=161ms TTL=242 Odpowiedź z 72.14.207.99: bajtów=32 czas=142ms TT...

sioux

when I limiting connections number I do it onlu for ports >1024 of course there is always someone who will try to download an iso image wift 100 or more simultaneous connections but is rare. and of course it's good that default value for tcp-established-timeout is 1day not like in other linux distri...

sioux

thx! it works

but i don't know when i try to do this by HyperTerminal i says: invalide value, and when i put this by putty it's ok

anyway. THX

sioux

Hi
command
[admin@MikroTik] > int bridge filter add src-mac-address=11:22:33:44:55:66 action=drop
gives me this
invalid value for argument src-mac-address

then I think: I must setup a bridge interface.
but it says the same

tested on 2.9.34, 2.9.38

sioux

hi is it possible to configure two units RB112 + 2x CM9 like this: b=band m=mode rb112(1) rb112(2) 2.4GHz ~~ [(b=2.4GHz,m=ap-bridge)wlan1-brigde-wlan2(b=5GHz,m=bridge)] ~~ 5GHz ~~ [(b=5Ghz,m=bridge)wlan1] Simply ... I have 5GHz backbone and I want to connet to this backbone and redistribute it at 2....

sioux

i know that another mikrotik unit would by the best solutions but i'm looking for a cheapper device.

hmm. sorry but .. what is wrong with my english?

I think CA-804[in WDS] forwards as well.

maybe i'm wrong but ap-bridge mode and wds stuff exclude each other.

sioux

nothing. i don't understand you question.

i'm looking for good AP client to connent to my AP which is Mikrotik running on rb112 + 2xCM9
i want to add few PC behind one AP client unit.
i know that another mikrotik unit would by the best solutions but i'm looking for a cheapper device.

sioux

Can anyone recommend me a good APC which forward mac addresses and work well with mikrotik?
I've mostly rb112 units with CM9 WISTRON cards.

sioux

now every thing is ok. after next reboot it starts drawing normaly.

sioux

sooo. this is not a BUG right ?

sioux

two blue lines at "Daily" Graph (5 Minute Average)

on every other unit there is only one

sioux

i have noticed that on one of my rb112 units interface graphs look strange see your self http://www.from.okay.pl/sioux/stats.htm [xxx@4_sektor_2] > /tool graphing interface print Flags: X - disabled # INTERFACE ALLOW-ADDRESS STORE-ON-DISK 0 sektor_2 0.0.0.0/0 yes [xxx@4_sektor_2] > /int print Flags:...

sioux

hi all i have something like that: bridged ether1 and wlan1 and in /queue interface set ethernet-default queue type for ether1, wireless-default for wlan1 and default for bridge how will queuing behave with above configuration. did SFQ in wireless-default and above configuration will work properly??...

sioux

hi all in documentatios is written that setting max-limit=0/0 means not limitation so can I add a queue like that: Flags: X - disabled, I - invalid, D - dynamic 0 name="user1" dst-address=A.B.C.D/32 interface=wireless parent=none direction=both priority=8 queue=default-small/default-small ...

Search found 47 matches

Re: How to import large numer of access rules to web proxy?

How to import large numer of access rules to web proxy?

Re: MT remote logging with SPLUNK

Re: MT remote logging with SPLUNK

Re: QoS with RouterOS

MT remote logging with SPLUNK

Re: QoS with RouterOS

Re: QoS with RouterOS

QoS with RouterOS

ssh / telnet

Re: dnat and nth, random .. what ever

dnat and nth, random .. what ever

Re: policy routing - logging in problem

policy routing - logging in problem

print output in one line

how to read this properties ...

Re: RouterOS 3.0 beta 7 on vmware

RouterOS 3.0 beta 7 on vmware

no current-ack-timeout, overall-tx-ccq ... on my R52

PPTP and client reconnect time

filter DHCP requests

why is that ? about firewall

what am I doing wrong (src-mac-addr in bridge filter) a bug?

is it possible to code this schema

AP Client

strange graphs

queue type and bridge configuration

queue simple