Community discussions

MikroTik App

Search found 5847 matches

  • 1
  • 2
  • 3
  • 4
  • 5
  • 20
by rextended
Tue Sep 21, 2021 10:13 pm
Forum: Virtualization
Topic: CHR Total Memory
Replies: 4
Views: 654

Re: CHR Total Memory

On download page are present 4 version of CHR OVA... Is nice than the OP have not specified what version have used for test... If you want 128MB of virtual memory, set the total memory to 132MB On VMware you can set the memory with 4MB step, but on that MikroTik Linux Kernel (3.x) the memory must be...
by rextended
Tue Sep 21, 2021 10:04 pm
Forum: General
Topic: Tiktok Live Problems
Replies: 24
Views: 1317

Re: Tiktok Live Problems

This reply, and also prevous post of this user... SPAM BOT...
by rextended
Tue Sep 21, 2021 9:59 pm
Forum: General
Topic: someone hack my routrs - can someone help?
Replies: 17
Views: 3154

Re: someone hack my routrs - can someone help?

The Italian Mafia... Pay who can make disaster for do not make disaster....
by rextended
Tue Sep 21, 2021 9:16 pm
Forum: General
Topic: Anonymous user tried to log in
Replies: 4
Views: 165

Re: Anonymous user tried to log in

It is a product that is sold only in Yemen,
also the "QuestionPro for Dummies" guide, but he hasn't read it yet ...

Image
by rextended
Tue Sep 21, 2021 7:26 pm
Forum: General
Topic: Route date/timestamps
Replies: 1
Views: 56

Re: Route date/timestamps

you can not have more detail than
/ip route print detail terse
by rextended
Tue Sep 21, 2021 7:15 pm
Forum: Scripting
Topic: Remove Nat Sessions on a specific event
Replies: 16
Views: 1840

Re: Remove Nat Sessions on a specific event



...NO COMMENT...
Like you have never done that... ^^' :D
Oh... how long, last time you were writing and driving at the same time... Did you just get out of the hospital? :lol: :lol: :lol:
by rextended
Tue Sep 21, 2021 6:36 pm
Forum: General
Topic: How to determine the real (actual) MTU of the L2TP+IPsec tunnel?
Replies: 12
Views: 295

Re: How to determine the real (actual) MTU of the L2TP+IPsec tunnel?

From @ZeroByte post_id 542346 This is because the packet is below the inner MTU, thus it is neither discarded nor dropped. The resulting encrypted tunnel packet may exceed the physical interface's MTU, and since the IPSec session is technically not the inner traffic, it is eligible for fragmentation...
by rextended
Tue Sep 21, 2021 6:35 pm
Forum: General
Topic: How to determine the real (actual) MTU of the L2TP+IPsec tunnel?
Replies: 12
Views: 295

Re: How to determine the real (actual) MTU of the L2TP+IPsec tunnel?

rextender
Noob, don't mess up my threads with your bullshit. First, learn how mturoute works.
really rude and with little memory, you don't even remember that you already asked
by rextended
Tue Sep 21, 2021 4:28 pm
Forum: General
Topic: Magic troubles button "Reset all counters" from MikroTik
Replies: 8
Views: 486

Re: Magic troubles button "Reset all counters" from MikroTik

home: power outages = UPS, no more worries.
Business: power outages = better UPS no more worries.
Business: Longer term power outages = better UPS + generator
Long term Business: avoid to have all on unique place, and have backup data lines and servers... :lol:
by rextended
Tue Sep 21, 2021 4:24 pm
Forum: General
Topic: Magic troubles button "Reset all counters" from MikroTik
Replies: 8
Views: 486

Re: Magic troubles button "Reset all counters" from MikroTik

User Manager problem is database corruption all the time,
From 2007 till now, no one user-manager on production corrupted (and all under UPS)...
Ah... and if you do not know, you can backup, on other machine, the database...
by rextended
Tue Sep 21, 2021 2:43 pm
Forum: General
Topic: How to determine the real (actual) MTU of the L2TP+IPsec tunnel?
Replies: 12
Views: 295

Re: How to determine the real (actual) MTU of the L2TP+IPsec tunnel?

L2TP add 40Bytes to the standard 1500 and MTU must be reduced to 1460 to avoid fragmentation, but adding also IPsec add more Bytes to the packet, and depend by what encryption method are used, but for be sure, 60Bytes and the final MTU of 1400 can be a reasonable value to set. But obviously anything...
by rextended
Tue Sep 21, 2021 2:29 pm
Forum: General
Topic: How to determine the real (actual) MTU of the L2TP+IPsec tunnel?
Replies: 12
Views: 295

Re: How to determine the real (actual) MTU of the L2TP+IPsec tunnel?

Another valid program I use on Windows is this, work for both IPv4 and IPv6 addresses
https://www.iea-software.com/products/mtupath/
by rextended
Tue Sep 21, 2021 2:24 pm
Forum: General
Topic: How to determine the real (actual) MTU of the L2TP+IPsec tunnel?
Replies: 12
Views: 295

Re: How to determine the real (actual) MTU of the L2TP+IPsec tunnel?

rextender
Noob, don't mess up my threads with your bullshit. First, learn how mturoute works.
From the question you ask, I think you are the first who does not know how it works,
and then you are a great rude, no doubt, just the vulgar answers that express how much you do not understand anything.
by rextended
Tue Sep 21, 2021 2:12 pm
Forum: General
Topic: How to determine the real (actual) MTU of the L2TP+IPsec tunnel?
Replies: 12
Views: 295

Re: How to determine the real (actual) MTU of the L2TP+IPsec tunnel?

just use ping with the non-fragment flag set and the size 1500, then decrease the size by one until the ping passes
by rextended
Tue Sep 21, 2021 1:58 pm
Forum: Scripting
Topic: The Routerboards Test Results
Replies: 2
Views: 104

Re: The Routerboards Test Results

Why you post this on scripting section?

Already exist one topic about how the routerboard are tested, search it.
by rextended
Tue Sep 21, 2021 10:37 am
Forum: General
Topic: Mikrotik Rack-mounted Devices Visio Stencils
Replies: 47
Views: 47606

Re: Mikrotik Rack-mounted Devices Visio Stencils

The user has disappeared and the github isn't updated from 2 years...
I hope he is alive...
by rextended
Tue Sep 21, 2021 10:33 am
Forum: RouterOS v7 BETA
Topic: Feature Request: Logging Action to run a script
Replies: 1
Views: 115

Re: Feature Request: Logging Action to run a script

ahh I love when they suggest ways to block the router even more in the event of a DDoS attack... and even if it is misconfigured...
by rextended
Tue Sep 21, 2021 10:27 am
Forum: General
Topic: resetall counters [SOLVED]
Replies: 1
Views: 80

Re: resetall counters [SOLVED]

You have the same problems of other uninstructed managers: You do not use a necessary RADIUS server, instead you use the poor hotspot / users database, that are used only when 2-3 users are pressent. It will be a good step for administrators who control the hotspot network to use, for example, the u...
by rextended
Tue Sep 21, 2021 10:23 am
Forum: General
Topic: Magic troubles button "Reset all counters" from MikroTik
Replies: 8
Views: 486

Re: Magic troubles button "Reset all counters" from MikroTik

The problem is not the button, (or the position of the button) the problem is the use:
use user-manager or other RADIUS service, and this can't happen.

Use the hotspot / users only if the users are really a few...
by rextended
Tue Sep 21, 2021 10:19 am
Forum: General
Topic: Problem with delivery / looking for alternative [SOLVED]
Replies: 9
Views: 300

Re: Problem with delivery / looking for alternative [SOLVED]

My advice: do not use only "one" PoE switch, but distribute the load over several points, and not in the same "room".
by rextended
Mon Sep 20, 2021 8:50 pm
Forum: Scripting
Topic: Fetch json
Replies: 6
Views: 213

Re: Fetch json

I know that the command in terminal should produce output. You do not have understand, do not use output=something for now... The Router what IP have? Is in the same lan? have more than one ip? get the ip from dhcp server on the DSL router or have fixed IP? the DSL router reply only to device that ...
by rextended
Mon Sep 20, 2021 8:38 pm
Forum: Scripting
Topic: Packet loss Script to GRE Tunnels
Replies: 1
Views: 82

Re: Packet loss Script to GRE Tunnels

Not tested, only fixed syntax and logic errors # VARIABLES :local interface <interface-name> :local interface2 <interface2-name> :local totalpings 25 :local ipdest [/interface pptp-client get $interface connect-to] # IF GRE TUNNEL 2 IS WORKING - RUN SCRIPT :if ([/interface pptp-client get $interface...
by rextended
Mon Sep 20, 2021 8:27 pm
Forum: Scripting
Topic: Fetch json
Replies: 6
Views: 213

Re: Fetch json

But you must be authenticated on browser to read that file??? Is strange the router leak something without access... and try the command without "output...." etc. Simply this: /tool fetch url="http://192.168.0.1/data/Status.json" When this work on routeros you can proceed with th...
by rextended
Mon Sep 20, 2021 6:38 pm
Forum: RouterOS v7 BETA
Topic: v7.1rc4 [development] is released!
Replies: 85
Views: 5159

Re: v7.1rc4 [development] is released!

export not work

routing-mark=*4000 instead of mytable
/routing table
add disabled=no name=mytable

/ip firewall nat
add action=log chain=srcnat routing-mark=*4000
by rextended
Mon Sep 20, 2021 6:28 pm
Forum: Scripting
Topic: 7.1rc3, set $variable or set variable in system/script
Replies: 7
Views: 214

Re: 7.1rc3, set $variable or set variable in system/script

No problem, but in my post I also put in the explanations :-P About @eworm soluction: is pretty the same: I check if is it a number, because MUST be a number, if is it I add one, else I set to 1 the variable instead @eworm check if is "nothing", and if is it set to 1 the variable, else add...
by rextended
Mon Sep 20, 2021 6:19 pm
Forum: Scripting
Topic: 7.1rc3, set $variable or set variable in system/script
Replies: 7
Views: 214

Re: 7.1rc3, set $variable or set variable in system/script

Ok, little "tutorial" 1) please proper indent, and use the : and / everityme! :if ([:len [/system/script/environment/find where name=WAN1DownCounter]] = 0) do={ :global WAN1DownCounter 1 } else={ :set WAN1DownCounter ([/system/script/environment/get WAN1DownCounter value] + 1) } 2) the rig...
by rextended
Mon Sep 20, 2021 6:05 pm
Forum: Scripting
Topic: 7.1rc3, set $variable or set variable in system/script
Replies: 7
Views: 214

Re: 7.1rc3, set $variable or set variable in system/script

@rextended Please help :)
Ohhh... call me on topic where already I have wroted :)

NOw I read and reply to your post
by rextended
Mon Sep 20, 2021 5:49 pm
Forum: Scripting
Topic: Changed scripting coding between V6 and v7
Replies: 2
Views: 177

Re: Changed scripting coding between V6 and v7

What changes between 6.47.10 and 7.1rc4: On 6.x we can define "routing-mark" at any point where it can be set, as well as NAT. On 7.1rc4 first of all the routing table must be defined before it can be used on other sections, such as NAT. Synthesis # 6.47.10 :put [:len [/ip firewall nat fin...
by rextended
Mon Sep 20, 2021 1:36 pm
Forum: General
Topic: HELP! Mikrotik router is accessible from outside
Replies: 4
Views: 186

Re: HELP! Mikrotik router is accessible from outside

You have tested the public IP inside your LAN, or you have used another connection to test it?
by rextended
Mon Sep 20, 2021 10:28 am
Forum: Scripting
Topic: Script fails
Replies: 1
Views: 97

Re: Script fails

If SSEbb interface exist, and have at least one IP: { :local password "thesecretkey1234" :local subdomain "@" :local domainn "mydomain.com" /ip address :local arrayofID [find where interface="SSEbb"] :local firstID [:pick $arrayofID 0] :local fulladdr [get $fi...
by rextended
Mon Sep 20, 2021 10:11 am
Forum: Wireless Networking
Topic: Band steering - "priority" to 5Ghz
Replies: 10
Views: 336

Re: Band steering - "priority" to 5Ghz

If you have already read all other topic, why open anoter one?

Except what you already have read, there is not a solution (for now, until mikrotik does something)
by rextended
Sat Sep 18, 2021 4:07 pm
Forum: General
Topic: Randomly resets and can't open some webpages
Replies: 6
Views: 253

Re: Randomly resets and can't open some webpages

/ip pool
add name=dhcp ranges=192.168.0.12-192.168.0.254
add name=vpn ranges=192.168.89.2-192.168.89.255
by rextended
Sat Sep 18, 2021 2:20 pm
Forum: Announcements
Topic: WinBox v3.31 released!
Replies: 22
Views: 3637

Re: WinBox v3.31 released!

after updating winbox the log does not work on one router
rb750gr3 ros 6.48.4
You have applied to the user profile the default skin from webfig...
by rextended
Sat Sep 18, 2021 4:00 am
Forum: RouterBOARD hardware
Topic: Another Hardware Idea..
Replies: 5
Views: 341

Re: Another Hardware Idea..

Is possible to install RouterOS x86_64 inside,
netinstall MkroSD with windows / linux and put inside the bay.

Probably also CHR because "probably" support also ESXi or similar...


I hope one day update that with also 5GHz,
Image
by rextended
Sat Sep 18, 2021 2:36 am
Forum: Scripting
Topic: How to get SNMP interface index in a script.
Replies: 6
Views: 1818

Re: How to get SNMP interface index in a script.

The script used as-is do error on ":local intName [get $i name]" because "get from where"? Rewrited Script: /interface :foreach item in=[find] do={ :local intName [get $item name] :local intOID ([print oid as-value where name=$intName]->0->"name") :local intIdx [:pick $...
by rextended
Fri Sep 17, 2021 3:50 pm
Forum: Beginner Basics
Topic: Real DMZ on second IP range
Replies: 15
Views: 741

Re: Real DMZ on second IP range

Someone needs a script for guessing???
:lol: :lol: :lol:
by rextended
Fri Sep 17, 2021 3:35 pm
Forum: General
Topic: Route ALL NTP traffic over a specific WAN [SOLVED]
Replies: 30
Views: 904

Re: Route ALL NTP traffic over a specific WAN [SOLVED]

Putting all togheter: Paste this on terminal ( after set the right gateway address ) /ip route add distance=1 gateway=<put-lte-gateway-IP-address-here> routing-mark=ntp /ip firewall raw add action=add-dst-to-address-list address-list=ntp_pool address-list-timeout=none-dynamic chain=prerouting dst-ad...
by rextended
Fri Sep 17, 2021 3:29 pm
Forum: General
Topic: Scheduler stops executing script
Replies: 22
Views: 1066

Re: Scheduler stops executing script

No problem
by rextended
Fri Sep 17, 2021 3:24 pm
Forum: General
Topic: Scheduler stops executing script
Replies: 22
Views: 1066

Re: Scheduler stops executing script

fetch can cause a infinite DELAY, not infinite loop, all is freezed, waiting fetch to finish, is not a cycle than can be autochecked if executed too much time and autoexit... Try my script, if fail we add asyncronous fetch execution Something like that, you can see my Snippets, on my signature the l...
by rextended
Fri Sep 17, 2021 3:19 pm
Forum: General
Topic: Route ALL NTP traffic over a specific WAN [SOLVED]
Replies: 30
Views: 904

Re: Route ALL NTP traffic over a specific WAN [SOLVED]

for obtain the list of all IPs used as NTP server

(NTP is one of the protocol than for be full compliant want also the src port 123)

added automation method
viewtopic.php?f=2&t=178602&p=880497#p880497
by rextended
Fri Sep 17, 2021 2:55 pm
Forum: General
Topic: Scheduler stops executing script
Replies: 22
Views: 1066

Re: Scheduler stops executing script

Rewrited script, without change logic :log info "Start Sending Report" /ip firewall address-list :foreach tmpAddress in=[find where list="HONEYPOT"] do={ :local attackip [get $tmpAddress address] :log info "BEGIN $attackip Report to AbuseIPDB" :do { /tool fetch keep-res...
by rextended
Fri Sep 17, 2021 2:44 pm
Forum: General
Topic: Scheduler stops executing script
Replies: 22
Views: 1066

Re: Scheduler stops executing script

Sometime "fetch" freeze for answer from remote site and lock the script (and the scheduler) on-error can not catch indefinite waiting.... also ":set $attackip value=" where is defined "attackip"? and :set must be used without the $ only 6 seconds between fetch notificat...
by rextended
Fri Sep 17, 2021 1:13 pm
Forum: General
Topic: Scheduler stops executing script
Replies: 22
Views: 1066

Re: Scheduler stops executing script

@SiB, next time the scheduler start must check if previous is finished, if not warn user on some way. pseudocode scheduler set global varialble randomnameJhdsfg to "endscript" if the variable do not already exist check global variable randomnameJhdsfg if it is set to "endscript",...
by rextended
Fri Sep 17, 2021 12:55 pm
Forum: Announcements
Topic: WinBox v3.31 released!
Replies: 22
Views: 3637

Re: WinBox v3.31 released!

Already replied and is "Check For Updates" not upgrade
by rextended
Fri Sep 17, 2021 12:04 pm
Forum: Scripting
Topic: Script Error
Replies: 8
Views: 384

Re: Script Error

Di niente :lol:
by rextended
Fri Sep 17, 2021 11:55 am
Forum: General
Topic: Scheduler stops executing script
Replies: 22
Views: 1066

Re: Scheduler stops executing script

@Stril I asked you to post the script here for further analysis,
but your assumption that the executed script is perfect and does not block the scheduler, makes me make this decision:

End of help from my side.
by rextended
Fri Sep 17, 2021 11:50 am
Forum: Scripting
Topic: ✂ Rextended Fragments of Snippets
Replies: 3
Views: 1654

Re: ✂ Rextended Fragments of Snippets

DHCPv6 option 39 fqdn2encdns FQDN to DNS encoding DNS encoder

viewtopic.php?f=1&t=178607&p=880429#p880424
by rextended
Fri Sep 17, 2021 11:48 am
Forum: RouterOS v7 BETA
Topic: Option39 DHCPv6 Client [SOLVED]
Replies: 8
Views: 389

Re: Option39 DHCPv6 Client [SOLVED]

Bugfix:

Wrong
0x010x03'www'0x12'thisismydomainname'0x03'net'0x00

Correct:
0x01''0x03'www'0x12'thisismydomainname'0x03'net'0x00

Script fixed
by rextended
Fri Sep 17, 2021 11:42 am
Forum: RouterOS v7 BETA
Topic: Option39 DHCPv6 Client [SOLVED]
Replies: 8
Views: 389

Re: Option39 DHCPv6 Client [SOLVED]

Yes, I hope you like my script....
by rextended
Fri Sep 17, 2021 11:32 am
Forum: RouterOS v7 BETA
Topic: Option39 DHCPv6 Client [SOLVED]
Replies: 8
Views: 389

Re: Option39 DHCPv6 Client [SOLVED]

search tag # rextended DHCPv6 option 39 fqdn2encdns FQDN to DNS encoding DNS encoder I just finished to write this to directly encode the string: :global tmpChar "\00" :global hexChars "0123456789ABCDEF" :global charsString "" :for x from=0 to=15 step=1 do={ :for y from...
by rextended
Fri Sep 17, 2021 11:30 am
Forum: RouterOS v7 BETA
Topic: Option39 DHCPv6 Client [SOLVED]
Replies: 8
Views: 389

Re: Option39 DHCPv6 Client [SOLVED]

9 or 15, is limited, this not change the point
The max length for label and domain is 63 characters
by rextended
Fri Sep 17, 2021 10:41 am
Forum: General
Topic: Scheduler stops executing script
Replies: 22
Views: 1066

Re: Scheduler stops executing script

This is not diagnosticable, the scheduler is ok,
you must also post the script you try to run...
by rextended
Fri Sep 17, 2021 10:14 am
Forum: RouterOS v7 BETA
Topic: Option39 DHCPv6 Client [SOLVED]
Replies: 8
Views: 389

Re: Option39 DHCPv6 Client [SOLVED]

The script not work if the fqdn have one part with more than 9 characters, like www.thisismydomain.com because the length on encoded dns when is bigger than 9 must be converted to hexadecimal, not "0" + ":len" as string Why not simply: /ipv6 dhcp-client option add code=39 name=op...
by rextended
Fri Sep 17, 2021 2:08 am
Forum: Scripting
Topic: Return IP Octet Function
Replies: 14
Views: 5405

Re: Return IP Octet Function

search tag # rextended ip2array ip split octet Uhm... I forgot that script.... Actualized version, always return one array with: 0: IP passed as parameter 1: 1st octet 2: 2nd octet 3: 3rd octet 4: 4th octet :global ip2array do={ :local ip [:toip $1] :local array [:toarray ""] :if ([:typeof...
by rextended
Thu Sep 16, 2021 11:40 pm
Forum: General
Topic: Route ALL NTP traffic over a specific WAN [SOLVED]
Replies: 30
Views: 904

Re: Route ALL NTP traffic over a specific WAN [SOLVED]

Ok, now we waiting @ishanjain if this solution is good for him...
by rextended
Thu Sep 16, 2021 11:35 pm
Forum: Announcements
Topic: WinBox v3.31 released!
Replies: 22
Views: 3637

Re: WinBox v3.31 released!

Without open any device from "Tool / Check For Updates" ?
by rextended
Thu Sep 16, 2021 11:25 pm
Forum: General
Topic: Route ALL NTP traffic over a specific WAN [SOLVED]
Replies: 30
Views: 904

Re: Route ALL NTP traffic over a specific WAN [SOLVED]

Is possible to find updated list for facebook, twitter, etc here: Facebook and Instagram, 3 ASN https://bgp.he.net/AS32934#_prefixes https://bgp.he.net/AS54115#_prefixes https://bgp.he.net/AS63293#_prefixes Blocking Facebook also block part of WhatsApp, but WhatsApp have also his own pool. WhatsApp ...
by rextended
Thu Sep 16, 2021 11:20 pm
Forum: General
Topic: Route ALL NTP traffic over a specific WAN [SOLVED]
Replies: 30
Views: 904

Re: Route ALL NTP traffic over a specific WAN [SOLVED]

a mere route in routing table main is sufficient
Not...
Sorry, but my rules are structured on that way for change all gateway with one click, just on one position,
instead of open one-by-one single route to change each gateway for each IP...
by rextended
Thu Sep 16, 2021 11:14 pm
Forum: General
Topic: Route ALL NTP traffic over a specific WAN [SOLVED]
Replies: 30
Views: 904

Re: Route ALL NTP traffic over a specific WAN [SOLVED]

Are not required any rules or setting. simply: FACEBOOK /ip route rule add action=drop dst-address=102.132.112.0/24 add action=drop dst-address=102.132.113.0/24 add action=drop dst-address=102.132.114.0/24 add action=drop dst-address=102.132.115.0/24 add action=drop dst-address=102.132.116.0/24 add ...
by rextended
Thu Sep 16, 2021 11:05 pm
Forum: General
Topic: Route ALL NTP traffic over a specific WAN [SOLVED]
Replies: 30
Views: 904

Re: Route ALL NTP traffic over a specific WAN [SOLVED]

like this:
/ip route rule
add action=drop dst-address=157.240.210.0/24


Until the service do not use CDN that have same IP for multile services, block ASN IPs drop all.
by rextended
Thu Sep 16, 2021 11:02 pm
Forum: General
Topic: Route ALL NTP traffic over a specific WAN [SOLVED]
Replies: 30
Views: 904

Re: Route ALL NTP traffic over a specific WAN [SOLVED]

I use at my home the /ip route rule to drop all ASN like Facebook / WhatsApp, Twitter, Instagram and some Google parts like Doubleclick and googleadservices.com
(but do not say that to @msatter :lol: )
by rextended
Thu Sep 16, 2021 10:55 pm
Forum: General
Topic: Route ALL NTP traffic over a specific WAN [SOLVED]
Replies: 30
Views: 904

Re: Route ALL NTP traffic over a specific WAN [SOLVED]

also him have freetime :lol:
by rextended
Thu Sep 16, 2021 10:50 pm
Forum: General
Topic: Route ALL NTP traffic over a specific WAN [SOLVED]
Replies: 30
Views: 904

Re: Route ALL NTP traffic over a specific WAN [SOLVED]

The rule I wrote working also for RouterOS itself (if IP set on NTP client are put obviously on route rule dst-address) without change nothing. If the output is generated from RouterOS, still go at the end on routing. My rule are easy because nothing other count. Simply I want that IP reachable by a...
by rextended
Thu Sep 16, 2021 10:39 pm
Forum: General
Topic: Route ALL NTP traffic over a specific WAN [SOLVED]
Replies: 30
Views: 904

Re: Route ALL NTP traffic over a specific WAN [SOLVED]

The source IP that need the NTP info do not count, if the ISP on WAN1 block NTP,
the NTP servers defined on list (that are the dst-nation of the request started from PCs)
are forced to be reachable from lte-vlan gateway
by rextended
Thu Sep 16, 2021 10:32 pm
Forum: General
Topic: Route ALL NTP traffic over a specific WAN [SOLVED]
Replies: 30
Views: 904

Re: Route ALL NTP traffic over a specific WAN [SOLVED]

Modify that accordingly your needs and paste it on terminal. Legend: 3.3.3.3 / 6.6.6.6 / 7.7.7.7 NTP servers used from computers /ip route rule add dst-address=3.3.3.3/32 table=ntp add dst-address=6.6.6.6/32 table=ntp add dst-address=7.7.7.7/32 table=ntp /ip route add distance=1 gateway=<put-lte-gat...
by rextended
Thu Sep 16, 2021 10:22 pm
Forum: SwOS
Topic: Configuration needed to pass iSCSI? Windows says 'connection failed'
Replies: 16
Views: 737

Re: Configuration needed to pass iSCSI? Windows says 'connection failed'

I do not understand if you have understanded or not that you can not log iSCSI traffic passing through RouterBOARD,
but this is only for log iSCSI traffic on RouterOS installed on x86 (also x86_64) machine than phisically have iSCSI...
by rextended
Thu Sep 16, 2021 9:55 pm
Forum: Scripting
Topic: Script Error
Replies: 8
Views: 384

Re: Script Error

Remember on /system logging to save the warning/error logs on DISK file, or you lost that info on reboot (you can not send e-mail or sms if lte1 not work) ltestatus added for warn only one time when status change :global ltestatus :if ([:typeof $ltestatus] = "nothing") do={:set ltestatus &...
by rextended
Thu Sep 16, 2021 9:47 pm
Forum: Scripting
Topic: Script Error
Replies: 8
Views: 384

Re: Script Error

Missing lte interface cause previous script to fail... give me 10 minutes... this is wrong: /interface list print count-only where name= LTE at least /interface print count-only where type="lte" (or /interface print count-only where name="lte1") or /interface lte print count-only...
by rextended
Thu Sep 16, 2021 9:41 pm
Forum: Announcements
Topic: WinBox v3.31 released!
Replies: 22
Views: 3637

Re: WinBox v3.31 released!

Have you considered that it is a bug and needs to be fixed? I can not post on the forum what is really needed for such a long "paste" and I have to provide an example to replicate the bug. Whereas the first thing the script does is delete everything in the router, including the "file&...
by rextended
Thu Sep 16, 2021 7:45 pm
Forum: Scripting
Topic: Script Error
Replies: 8
Views: 384

Re: Script Error

Is not a "type", is a submenu / section, like on /interface wireless you find the dedicated section for... wireless /interface show all type of interfaces, usually the menu is less rich than the dedicated section for each type of interfaces. This script work on both way: disable and enable...
by rextended
Thu Sep 16, 2021 7:41 pm
Forum: General
Topic: Audit my input firewall
Replies: 38
Views: 1294

Re: Audit my input firewall

Really output rules are hard to see on some place...
Output are connection initiated from Router CPU (like resolve DNS name) and is hard to think something that Router generate for bad purpose...
by rextended
Thu Sep 16, 2021 7:26 pm
Forum: Announcements
Topic: WinBox v3.31 released!
Replies: 22
Views: 3637

Re: WinBox v3.31 released!

Ok, but if I write on topic opened from MikroTik staff, at least I expect someone read it. No need to send mail because the bug is well explained and reproducible. ********************** This is scream? >>> What's new in v3.31: You do not only remove "big font" (110%) of 3rd line but also ...
by rextended
Thu Sep 16, 2021 6:43 pm
Forum: General
Topic: Why firewall rules are so important...
Replies: 12
Views: 1186

Re: Why firewall rules are so important...

You apparently haven't tried Shodan. Yes, because I usually try to help than abuse... :) My opinion about showing or not (ignoring the fact that, exposed the version or not, on 2 seconds all hack method can be tested)... This question is really useless, like the debate about what color a van should...
by rextended
Thu Sep 16, 2021 6:11 pm
Forum: General
Topic: Why firewall rules are so important...
Replies: 12
Views: 1186

Re: Why firewall rules are so important...

@Joni... I WOULD NEVER THINK IT WAS SO EASY... :shock: :shock: :shock: :shock: :shock: :shock: :shock: Google will take care of them looking for you... Easy life for hacker... About display version or not : WHAT IS THE PROBLEM? Simply try all the hack, who stops you? I open just for joke one link: \...
by rextended
Thu Sep 16, 2021 6:00 pm
Forum: RouterOS v7 BETA
Topic: PLEASE MikroTik made NetInstall version for Docker....
Replies: 41
Views: 2158

Re: PLEASE MikroTik made NetInstall version for Docker....

Is like other dozen of requested feature: nothing.
Better do something active than waiting for nothing...
by rextended
Thu Sep 16, 2021 5:56 pm
Forum: SwOS
Topic: feature request - https for webui
Replies: 11
Views: 2393

Re: feature request - https for webui

@Paternot is not the OP, and the op do not have one CSS but one CRS317-1G-16S+RM
by rextended
Thu Sep 16, 2021 5:53 pm
Forum: Announcements
Topic: WinBox v3.31 released!
Replies: 22
Views: 3637

Re: WinBox v3.31 released!

from 3.28 changelog
*) fixed WinBox disconnect when large text was pasted into terminal window;
This bug introduced on 3.28 is still present:
viewtopic.php?f=21&t=175783#p862289

Reported also for 3.29 and 3.30 but nothing change.
by rextended
Wed Sep 15, 2021 11:59 pm
Forum: General
Topic: Audit my input firewall
Replies: 38
Views: 1294

Re: Audit my input firewall

Don't worry about Containers for Docker, I asked a colleague to study how it works :lol:
by rextended
Wed Sep 15, 2021 9:48 pm
Forum: General
Topic: Audit my input firewall
Replies: 38
Views: 1294

Re: Audit my input firewall

Yes, like capsman, are not required if you do not use that service.

Really I not see any hole on your config, only some redundant rules.

This is why you can say "for many years no problem"

I hope @anav find something, if I haven't seen it
by rextended
Wed Sep 15, 2021 9:42 pm
Forum: General
Topic: Audit my input firewall
Replies: 38
Views: 1294

Re: Audit my input firewall

L2TP.....
# those rules are for WAN or LAN?
this applies to the WAN
Yes, "I think is wanted behaviour" :)
by rextended
Wed Sep 15, 2021 9:40 pm
Forum: General
Topic: Audit my input firewall
Replies: 38
Views: 1294

Re: Audit my input firewall

About forward rules: # on top of forward chain I do not see this default rules add chain=forward action=accept ipsec-policy=in,ipsec comment="defconf: accept in ipsec policy" add chain=forward action=accept ipsec-policy=out,ipsec comment="defconf: accept out ipsec policy" # this ...
by rextended
Wed Sep 15, 2021 9:33 pm
Forum: General
Topic: Audit my input firewall
Replies: 38
Views: 1294

Re: Audit my input firewall

About input rules: # missing this, but if you not use capsman, no problem: add chain=input action=accept dst-address=127.0.0.1 comment="defconf: accept to local loopback (for CAPsMAN)" # those are useless, or are needed only if the Allowed-IP are not on interface that not are on LAN group:...
by rextended
Wed Sep 15, 2021 9:24 pm
Forum: General
Topic: Audit my input firewall
Replies: 38
Views: 1294

Re: Audit my input firewall

The !LAN is a VERY POWERFULL CHOICE!!!

Ah... POWERFULL... :lol: I need some grammar corrector on browser...
This is not Poker.... or not? :lol: :lol: :lol:
by rextended
Wed Sep 15, 2021 9:17 pm
Forum: General
Topic: Audit my input firewall
Replies: 38
Views: 1294

Re: Audit my input firewall

To make it more obvious why dont they have a default rule after this rule which states. add action= accept chain=input comment="defconf: allow all else coming from LAN" in-interface-list=LAN because the LAN traffic has already been matched by the previous rule. ALL LAN Traffic has already...
by rextended
Wed Sep 15, 2021 9:16 pm
Forum: General
Topic: Audit my input firewall
Replies: 38
Views: 1294

Re: Audit my input firewall

@anav 8)

Now can I have a docker containainer that automatically selects the right IP subnet mask please. :-)
but... i do not understand... really....
by rextended
Wed Sep 15, 2021 8:54 pm
Forum: General
Topic: Audit my input firewall
Replies: 38
Views: 1294

Re: Audit my input firewall

I also suggest @Greenfun2 to put the default rules on the same initial place, for example, if is invalid, can't be "established,related,untracked" Moving invalid drop before "established,related,untracked" you only slow traffic, no one type of advantage (except if 51% of your tra...
by rextended
Wed Sep 15, 2021 8:54 pm
Forum: General
Topic: Audit my input firewall
Replies: 38
Views: 1294

Re: Audit my input firewall

I hope you read after "On the OP "export": on previous topic
by rextended
Wed Sep 15, 2021 8:38 pm
Forum: General
Topic: Audit my input firewall
Replies: 38
Views: 1294

Re: Audit my input firewall

@johnson73 Someone please explain me where is the point on default configuration that permit DNS from WAN, or why on default configuration is needed to drop incoming DNS request from WAN on input chain... https://forum.mikrotik.com/viewtopic.php?f=13&t=175129&p=856824#p856824 /ip firewall f...
by rextended
Wed Sep 15, 2021 8:31 pm
Forum: RouterOS v7 BETA
Topic: fastpath support on x86 or CHR
Replies: 1
Views: 266

Re: fastpath support on x86 or CHR

https://wiki.mikrotik.com/wiki/Manual:Fast_Path

Fast path allows to forward packets without additional processing in the Linux kernel. It improves forwarding speeds significantly.

For fast path to work, interface support and specific configuration conditions are required.
by rextended
Wed Sep 15, 2021 7:39 pm
Forum: SwOS
Topic: feature request - https for webui
Replies: 11
Views: 2393

Re: feature request - https for webui

The switch support already SSH, HTTPS on RouterOS, simply use already included RouterOS instead of SwOS...
by rextended
Wed Sep 15, 2021 6:54 pm
Forum: General
Topic: 2 separate networks - no internet access
Replies: 6
Views: 388

Re: 2 separate networks - no internet access

Something makes me coin a new term: two-duplicate-posts-and-go user
by rextended
Wed Sep 15, 2021 6:42 pm
Forum: Scripting
Topic: remove pppoe user with matched realm.
Replies: 4
Views: 282

Re: remove pppoe user with matched realm.

Ok... well explained.... :lol:

/ppp active remove [find where name~"@admin.com"]
by rextended
Wed Sep 15, 2021 6:22 pm
Forum: General
Topic: Block internet traffic except some URLs
Replies: 14
Views: 589

Re: Block internet traffic except some URLs

Please don't make the language an obstacle to understanding, I'm not English. I understood both times what you wrote, but that doesn't change what I wrote: 1) No post within the topic was created by a support user, 2) It is useless because it considers the remote site as the source of a new connecti...
by rextended
Wed Sep 15, 2021 5:59 pm
Forum: Scripting
Topic: remove pppoe user with matched realm.
Replies: 4
Views: 282

Re: remove pppoe user with matched realm.

please explain better, what you mean for realm? @xxx.xx after the username?

the user must be disconnected or
removed from where? user-manager? internal ppp secret?

explain better
by rextended
Wed Sep 15, 2021 5:52 pm
Forum: General
Topic: Block internet traffic except some URLs
Replies: 14
Views: 589

Re: Block internet traffic except some URLs

Besides the petty squabbling, I dont see how the firewall rule would block https: (external) IP on blocked list or IP not on allowed list Can firewall rules see inside https URLs ?? @anav , if done correctly, it can block all traffic to the destination IP, it can block everything, https, ping, ftp,...
by rextended
Wed Sep 15, 2021 5:39 pm
Forum: General
Topic: Block internet traffic except some URLs
Replies: 14
Views: 589

Re: Block internet traffic except some URLs

How is it useless? I provided an alternate firewall rule that blocks all forwarded from a single IP that is not in the the address list. This would include any forwarded DNS requests. So folks just live to be arrogant and rude I suppose... Apparently, you first... @2frog , you are arrogant and you ...
by rextended
Wed Sep 15, 2021 5:27 pm
Forum: General
Topic: Block internet traffic except some URLs
Replies: 14
Views: 589

Re: Block internet traffic except some URLs

In the thread send by the Mikrotik Support https://forum.mikrotik.com/viewtopic.php?t=161562 the solved answer are "src-port" and "src-address-list"....¿why?...we don't know) Send by the Mikrotik Support??? I do not see anyone inside that topic from mikrotik support, and also th...
by rextended
Wed Sep 15, 2021 5:20 pm
Forum: Announcements
Topic: WinBox v3.30 released!
Replies: 59
Views: 6253

Re: WinBox v3.30 released!

Before post, read what already posted if some problem is already noticed, and the download link... read what already posted
by rextended
Wed Sep 15, 2021 3:54 pm
Forum: General
Topic: Block internet traffic except some URLs
Replies: 14
Views: 589

Re: Block internet traffic except some URLs

@2frogs is useless, as on OP: ... action=drop chain=forward ... protocol=tcp ... src-port=443 this do NOT BLOCK DNS instead the OP treath outocoming traffic like is incoming: /ip firewall filter ... drop ... forward ... src -address-list=!WebsPermitidas src -port=443 must be dst , destination addres...
by rextended
Wed Sep 15, 2021 1:19 pm
Forum: Scripting
Topic: channel-width and wireless-protocol from SNMP
Replies: 4
Views: 297

Re: channel-width and wireless-protocol from SNMP

At least you can read something like 5180/20/ac using: band=.1.3.6.1.4.1.14988.1.1.1.3.1.8. <wlan interface index> iso.org.dod.internet.private.enterprises.mikrotik.mikrotikExperimentalModule.mtXRouterOs.mtxrWireless.mtxrWlApTable.mtxrWlApEntry.mtxrWlApBand. <wlan interface index> You can get it by ...
by rextended
Wed Sep 15, 2021 1:05 pm
Forum: Scripting
Topic: channel-width and wireless-protocol from SNMP
Replies: 4
Views: 297

Re: channel-width and wireless-protocol from SNMP

The last .1 is the <wlan interface index> You can not read by SNMP what is not present here. /interface wireless print oid tx-rate=.1.3.6.1.4.1.14988.1.1.1.3.1.2.1 rx-rate=.1.3.6.1.4.1.14988.1.1.1.3.1.3.1 ssid=.1.3.6.1.4.1.14988.1.1.1.3.1.4.1 bssid=.1.3.6.1.4.1.14988.1.1.1.3.1.5.1 client-count=.1.3....
by rextended
Wed Sep 15, 2021 12:56 pm
Forum: Scripting
Topic: Sorted array of files [SOLVED]
Replies: 11
Views: 595

Re: Sorted array of files [SOLVED]

Ah, Ok, for coincidence the "7" is a part of serial number censored??? :lol:
by rextended
Wed Sep 15, 2021 12:51 pm
Forum: Scripting
Topic: Sorted array of files [SOLVED]
Replies: 11
Views: 595

Re: Sorted array of files [SOLVED]

I made this for you, just call $dobackup :global dobackup do={ /system clock :local strDate [get date]; :local strTime [get time] :local arrMonths {jan="01";feb="02";mar="03";apr="04";may="05";jun="06";jul="07";aug="08";...
by rextended
Wed Sep 15, 2021 12:42 pm
Forum: Scripting
Topic: Sorted array of files [SOLVED]
Replies: 11
Views: 595

Re: Sorted array of files [SOLVED]

Is MikroTik7 because you use it on 7.x version? You can use the function date2ymd also when you do the backup, if the function is shorter than your methods to obtain YYYY-MM-DD also on backup, if you want automatize name, you can also use $[/sys id get itentity] instead of hardcoded mikrotik7-test n...
by rextended
Wed Sep 15, 2021 12:33 pm
Forum: Scripting
Topic: Sorted array of files [SOLVED]
Replies: 11
Views: 595

Re: Sorted array of files [SOLVED]

Yes, but speaking about "files" the correct order for determine what is older is the date ;)
The backup can have any name.
by rextended
Wed Sep 15, 2021 11:25 am
Forum: Announcements
Topic: Mēris botnet information
Replies: 54
Views: 18897

Re: Mēris botnet information

If I wrote a malware, it would be the first thing I would do to take away the passwords stored in "Windows Vault" / WinBox / Dude / Firefox, Google, Edge passwords saved on the browser, e-mail passwords saved on thunderbird, outlook, etc.
by rextended
Wed Sep 15, 2021 10:29 am
Forum: Scripting
Topic: ✂ Rextended Fragments of Snippets
Replies: 3
Views: 1654

Re: ✂ Rextended Fragments of Snippets

wireless on off with mode button https://forum.mikrotik.com/viewtopic.php?f=7&t=115078&p=857648#p857648 create directory and subdirectory https://forum.mikrotik.com/viewtopic.php?f=9&t=151644&p=878316#p878368 mac ping results saved on variable https://forum.mikrotik.com/viewtopic.php...
by rextended
Wed Sep 15, 2021 10:25 am
Forum: General
Topic: Block internet traffic except some URLs
Replies: 14
Views: 589

Re: Block internet traffic except some URLs

Configure your internal network as hotspot, and use walled-garden
by rextended
Wed Sep 15, 2021 10:17 am
Forum: Scripting
Topic: Sorted array of files [SOLVED]
Replies: 11
Views: 595

Re: Sorted array of files [SOLVED]

Thanks, you let me discovery an hack to sort the array on just 2/3 lines of code :)
by rextended
Wed Sep 15, 2021 2:29 am
Forum: SwOS
Topic: Configuration needed to pass iSCSI? Windows says 'connection failed'
Replies: 16
Views: 737

Re: Configuration needed to pass iSCSI? Windows says 'connection failed'

Too complex,
I just notice this:

is wanted this .99.x without provide a gateway?
/ip dhcp-server network
add address=192.168.99.0/24 dns-server=192.168.99.1

paste this on terminal
/system logging
remove [find where topics=iscsi]
by rextended
Wed Sep 15, 2021 2:20 am
Forum: Scripting
Topic: Sorted array of files [SOLVED]
Replies: 11
Views: 595

Re: Sorted array of files [SOLVED]

search tag # rextended hack sort file by date date2ymd Based on my scripts: https://forum.mikrotik.com/viewtopic.php?f=9&t=75555#p876568 Step 1 [DONE] : convert all backup filenames and date to a 2D array and convert the date from mmm-DD-YYYY to YYYY-MM-DD: Step 2 [DONE] : sort the array by YYYY...
by rextended
Tue Sep 14, 2021 7:49 pm
Forum: General
Topic: DoH overrides DNS Static RegEx
Replies: 8
Views: 780

Re: DoH overrides DNS Static RegEx

The problem is the FWD itself...
If DoH is used, is a nonsense use unsigned FWD replies...

Is why on help page is clearly indicated...
by rextended
Tue Sep 14, 2021 7:40 pm
Forum: General
Topic: Need help creating a package
Replies: 2
Views: 339

Re: Need help creating a package

The forum is not a correct way to start and manage one new ISP.
Hire a consulent for that or do some courses.
by rextended
Tue Sep 14, 2021 7:39 pm
Forum: Beginner Basics
Topic: How do I create a package?
Replies: 2
Views: 265

Re: How do I create a package?

You start every day a new topic for the same?
viewtopic.php?f=2&t=178502

The forum is not a correct way to start and manage one new ISP.
Hire a consulent for that or do some courses.
by rextended
Tue Sep 14, 2021 4:20 pm
Forum: Wireless Networking
Topic: Motel internet infrastructure
Replies: 12
Views: 674

Re: Motel internet infrastructure

really I just say use one CCR (Cloud Core Router) just after ISP router (if replaces ISP router is better) and about the switch, is right, only CRS (Cloud Router Switch)...
But about the AP and the right number, must be see on place with tests.
by rextended
Tue Sep 14, 2021 3:41 pm
Forum: Wireless Networking
Topic: Motel internet infrastructure
Replies: 12
Views: 674

Re: Motel internet infrastructure

What you expect?
Someone than works free for you?

One-thing-over-all:
One AP for floor? Without physical test is impossible to say if are working "as expected"...
by rextended
Tue Sep 14, 2021 3:29 pm
Forum: General
Topic: Feature Request: Firewall Rules visual grouping
Replies: 3
Views: 331

Re: Feature Request: Firewall Rules visual grouping

But is already present, use filter...
Select what is the only chain you want see... done.
by rextended
Tue Sep 14, 2021 3:21 pm
Forum: Useful user articles
Topic: 📌 Configuration to block users that tries to access router on non open port(s)
Replies: 18
Views: 1470

Re: 📌 Configuration to block users that tries to access router on non open port(s)

Another user talk about GRE attack started from some days, also Mēris,
probably are that?
by rextended
Tue Sep 14, 2021 10:29 am
Forum: RouterOS v7 BETA
Topic: comment in export for broken reference
Replies: 2
Views: 216

Re: comment in export for broken reference

Is not a 7 prerogative, also on 6 the same: pri Flags: X - disabled, I - invalid, D - dynamic # ADDRESS NETWORK INTERFACE 0 I 6.6.6.6/24 6.6.6.0 *B export /ip address add address=6.6.6.6/24 network=6.6.6.0
by rextended
Tue Sep 14, 2021 10:21 am
Forum: RouterOS v7 BETA
Topic: PLEASE MikroTik made NetInstall version for Docker....
Replies: 41
Views: 2158

Re: PLEASE MikroTik made NetInstall version for Docker....

@mducharme
You're writing what I think
by rextended
Tue Sep 14, 2021 10:19 am
Forum: RouterOS v7 BETA
Topic: PLEASE MikroTik made NetInstall version for Docker....
Replies: 41
Views: 2158

Re: PLEASE MikroTik made NetInstall version for Docker....

The fast way to launch netinstall remotely is to make one EoIP tunnel between my office and the remote switch where the device must be netinstalled...
Slower? Ahhh.....
by rextended
Tue Sep 14, 2021 10:14 am
Forum: RouterOS v7 BETA
Topic: PLEASE MikroTik made NetInstall version for Docker....
Replies: 41
Views: 2158

Re: PLEASE MikroTik made NetInstall version for Docker....

Is logical that is not the only device present on-site...

Is obvious than the netinstall on a container is used to install another machine.

About power failure, is obvious that is it not a domestic case...
by rextended
Tue Sep 14, 2021 10:03 am
Forum: General
Topic: Constant Reboots
Replies: 3
Views: 342

Re: Constant Reboots

RouterOS version? (software)
RouterBOOT version? (BIOS)
by rextended
Tue Sep 14, 2021 9:58 am
Forum: RouterOS v7 BETA
Topic: PLEASE MikroTik made NetInstall version for Docker....
Replies: 41
Views: 2158

Re: PLEASE MikroTik made NetInstall version for Docker....

I have all device powered from 8P, 16P or 24P RouterBOARDs, on default I set all device /partitions set [find] fallback-to=etherboot # this is RouterOS default /sys routerboard settings set boot-device=nand-if-fail-then-ethernet But the point is not only to netinstall devices with problems, but neti...
by rextended
Tue Sep 14, 2021 9:52 am
Forum: RouterOS v7 BETA
Topic: PLEASE MikroTik made NetInstall version for Docker....
Replies: 41
Views: 2158

Re: PLEASE MikroTik made NetInstall version for Docker....

I think they wish to run the Linux netinstall binary in a docker container.
E-X-A-C-T-L-Y

NetInstall is more sicure than upgrade, and can clean all what must not be present, if something has happen on "remote" past...
by rextended
Tue Sep 14, 2021 1:44 am
Forum: Scripting
Topic: Feature Request: Please add on-up and on-down scripts events to all interfaces
Replies: 4
Views: 401

Re: Feature Request: Please add on-up and on-down scripts events to all interfaces

for example:

you ever try to ping a layer 2 link with netwatch?

or try to ping an internal devices than you not know the IP previously?
by rextended
Mon Sep 13, 2021 10:17 pm
Forum: General
Topic: Crticial: Mikrotik Not Log all Parameters Changes - Do you need How is Possible
Replies: 1
Views: 296

Re: Crticial: Mikrotik Not Log all Parameters Changes - Do you need How is Possible

Be patient and wait, on V7 is also reported what is changed, (I doubt is backported on 6.4x) on meantime use my method: every device export config to a sftp server each hour, a scheduler inside linux machine compare export saved as master with latest version, except first line (that contain date &am...
by rextended
Mon Sep 13, 2021 7:27 pm
Forum: Forwarding Protocols
Topic: RP Filter - Strict and Loose
Replies: 1
Views: 236

Re: RP Filter - Strict and Loose

The packet are blocked if, coming from WAN, have one of the internal IP, like is impossible to be real a packet coming from wan side with a source 192.168.10.22, if you have 192.168.10.0/24 used on internal LAN, and is blocked. Any other type of source IP are not blocked. (This is valid also on publ...
by rextended
Mon Sep 13, 2021 6:50 pm
Forum: Wireless Networking
Topic: Find specific SSID using Scan function [SOLVED]
Replies: 6
Views: 987

Re: Find specific SSID using Scan function [SOLVED]

Is not casual I say "No." on #2 post On 6.47.10, and up, you can save scan to file and read results for furter analisys, the as-value is added from 7.? { /interface wireless scan wlan1 duration=5 save-file=tempscan.txt :local filecontent [/file get [/file find where name="tempscan.txt...
by rextended
Mon Sep 13, 2021 6:48 pm
Forum: RouterOS v7 BETA
Topic: PLEASE MikroTik made NetInstall version for Docker....
Replies: 41
Views: 2158

Re: PLEASE MikroTik made NetInstall version for Docker....

I do not have any experience on Docker... sorry :)
by rextended
Mon Sep 13, 2021 5:20 pm
Forum: Announcements
Topic: WinBox v3.30 released!
Replies: 59
Views: 6253

Re: WinBox v3.30 released!

I have described on another topic how to schedule a auto-reload backup when starting critical procedures than inevitably disconnect winbox and safe mode clear all work done.
by rextended
Mon Sep 13, 2021 5:16 pm
Forum: Beginner Basics
Topic: Cannot SSH from LAN to outside devices - strange [SOLVED]
Replies: 8
Views: 467

Re: Cannot SSH from LAN to outside devices - strange [SOLVED]

Yes, more you think the connection is secure (and open to entire world),
more is probable the connection is hacked on 1st vulnerabilty finded and not revealed to the world...
by rextended
Mon Sep 13, 2021 3:11 pm
Forum: SwOS
Topic: Configuration needed to pass iSCSI? Windows says 'connection failed'
Replies: 16
Views: 737

Re: Configuration needed to pass iSCSI? Windows says 'connection failed'

I ask a moderator to move the topic, better than start new, not?
by rextended
Mon Sep 13, 2021 3:10 pm
Forum: SwOS
Topic: Configuration needed to pass iSCSI? Windows says 'connection failed'
Replies: 16
Views: 737

Re: Configuration needed to pass iSCSI? Windows says 'connection failed'

eheh... true... but every time the exports always have some surprises, like a script that sends e-mails with mail, password and server written inside...
by rextended
Mon Sep 13, 2021 3:06 pm
Forum: Beginner Basics
Topic: Cannot SSH from LAN to outside devices - strange [SOLVED]
Replies: 8
Views: 467

Re: Cannot SSH from LAN to outside devices - strange [SOLVED]

Do not leave SSH open to the whole world, specify the source address, or at least one address list of trusted source IPs,
or better use SSH after you are Wireguarded inside... :lol:
by rextended
Mon Sep 13, 2021 3:02 pm
Forum: SwOS
Topic: Configuration needed to pass iSCSI? Windows says 'connection failed'
Replies: 16
Views: 737

Re: Configuration needed to pass iSCSI? Windows says 'connection failed'

@mkx, I suggest you to add also:
NEVER POST ON FORUM until you have open the file and censored (not deleted) all sensible parts.

Because hide-sensitive do not hide all the sensitive data...
Public IP, e-mail, IPsec passwords, for example, are not removed...
by rextended
Mon Sep 13, 2021 2:58 pm
Forum: Beginner Basics
Topic: Cannot SSH from LAN to outside devices - strange [SOLVED]
Replies: 8
Views: 467

Re: Cannot SSH from LAN to outside devices - strange [SOLVED]

You destroy all outgoing traffic with this rule:
/ip firewall nat
add action=dst-nat chain=dstnat comment=SSH dst-port=22 protocol=tcp to-addresses=192.168.2.10 to-ports=22
Every SSH connection than transit on the router are redirected to 192.168.2.10
by rextended
Mon Sep 13, 2021 2:51 pm
Forum: SwOS
Topic: Configuration needed to pass iSCSI? Windows says 'connection failed'
Replies: 16
Views: 737

Re: Configuration needed to pass iSCSI? Windows says 'connection failed'

Is the same, you can not log iSCSI traffic on RouterOS log facility.
by rextended
Mon Sep 13, 2021 2:08 pm
Forum: SwOS
Topic: Configuration needed to pass iSCSI? Windows says 'connection failed'
Replies: 16
Views: 737

Re: Configuration needed to pass iSCSI? Windows says 'connection failed'

My SwOS is a CRS326 and I have enabled the iSCSI topic in System->Log, set to 'memory'. So far haven't seen any log come up in it though. SwOS do not have any firewall inside, or I'm wrong? ONE MOMENT... iscsi log INSIDE SwOS??? SwOS do not log any iSCSI traffic... The log facility is generic for a...
by rextended
Mon Sep 13, 2021 1:57 pm
Forum: Useful user articles
Topic: 📌 Configuration to block users that tries to access router on non open port(s)
Replies: 18
Views: 1470

Re: 📌 Configuration to block users that tries to access router on non open port(s)

Ah, the problem is on the "default" style Canvas, happen when a [ code ] block is near another block of any type, like [ b ] bold.

>fixed, thanks!<
by rextended
Mon Sep 13, 2021 1:46 pm
Forum: Useful user articles
Topic: 📌 Configuration to block users that tries to access router on non open port(s)
Replies: 18
Views: 1470

Re: 📌 Configuration to block users that tries to access router on non open port(s)

PS I can not use prerouting in standard firwall, only raw, and in raw, I can not use trapit.
Is why on raw I put "!tcp" :)
by rextended
Mon Sep 13, 2021 1:44 pm
Forum: Wireless Networking
Topic: Is there a way to force/encourage clients to use 5GHz if 2.5GHz gets crowded?
Replies: 10
Views: 573

Re: Is there a way to force/encourage clients to use 5GHz if 2.5GHz gets crowded?

Decrease TX power of 2,4GHz, and cross the fingers because all are depending on software used on smartphone.
by rextended
Mon Sep 13, 2021 1:38 pm
Forum: Useful user articles
Topic: 📌 Configuration to block users that tries to access router on non open port(s)
Replies: 18
Views: 1470

Re: 📌 Configuration to block users that tries to access router on non open port(s)

Also another suggestion can be, if you have some spare unused Public IP, use it as Honeypot. Every IP try to contact the Honeypot, is a scan o something wrong for sure... (also define a whitelist of own addresses) /ip firewall raw add action=add-src-to-address-list address-list=FW_BLOCK_HONEYPOT add...
by rextended
Mon Sep 13, 2021 1:23 pm
Forum: Useful user articles
Topic: 📌 Configuration to block users that tries to access router on non open port(s)
Replies: 18
Views: 1470

Re: 📌 Configuration to block users that tries to access router on non open port(s)

If I do not remember wrong, tarpit do not consume anything on local router, simply leave each tarpitted connection in waiting state on the remote router, consuming remote router resources... I suggest to other users that read this post, to never reply with "reject" when drop something, exc...
by rextended
Mon Sep 13, 2021 10:15 am
Forum: Announcements
Topic: Mēris botnet information
Replies: 54
Views: 18897

Re: Mēris botnet information

(I'm curious to know from now how many people will use the password "#My sUp3R(!) Secr37 P@ssword" :) )
by rextended
Sun Sep 12, 2021 9:25 pm
Forum: Announcements
Topic: Mēris botnet information
Replies: 54
Views: 18897

Re: Mēris botnet information

Nothing to add, is true, thanks.
by rextended
Sun Sep 12, 2021 6:23 pm
Forum: Announcements
Topic: Mēris botnet information
Replies: 54
Views: 18897

Re: Mēris botnet information

@mozerd, I invented "How to download only one piece of file at a time with /tool fetch and put it inside a variable" https://forum.mikrotik.com/viewtopic.php?f=9&t=177530 If I didn't, @msatter would have nothing to work with... I made the code available to everyone, but it's not really...
by rextended
Sun Sep 12, 2021 6:15 pm
Forum: Useful user articles
Topic: Hairpin NAT - the easy way
Replies: 28
Views: 8900

Re: Hairpin NAT - the easy way

1) I do not use hairpin nat and what I do is not any form of hairpin nat, and not have nothing to do about hairpin nat. 2) Is like I must rewrite again what already I wrote on this topic... https://forum.mikrotik.com/viewtopic.php?f=23&t=172380#p869441 https://forum.mikrotik.com/viewtopic.php?f=...
by rextended
Sun Sep 12, 2021 3:51 pm
Forum: Useful user articles
Topic: Hairpin NAT - the easy way
Replies: 28
Views: 8900

Re: Hairpin NAT - the easy way

I never say open the internal DNS to WAN side, simply force all LAN side to use RouterBOAD internal DNS.
by rextended
Sun Sep 12, 2021 4:32 am
Forum: The Dude
Topic: Dude images
Replies: 3
Views: 442

Re: Dude images

I do not know, use the default images present as models
by rextended
Sat Sep 11, 2021 11:56 pm
Forum: Announcements
Topic: Mēris botnet information
Replies: 54
Views: 18897

Re: Mēris botnet information

I know when the blacklists I use are updated, simly do not update at same time, nothing particularly difficult...

That's arguing semantics.
You're starting to write like a troll.
Have you just registered to disturb?
Nobody forces you to use published scripts.
by rextended
Sat Sep 11, 2021 11:51 pm
Forum: General
Topic: Backup
Replies: 2
Views: 316

Re: Backup

You already write it: it does not encrypt if the password is not set...

If anyone thinks it's encrypted, they think wrong.
by rextended
Sat Sep 11, 2021 11:49 pm
Forum: General
Topic: Renaming the comment in pppoe client simply the connection is closed
Replies: 3
Views: 324

Re: Renaming the comment in pppoe client simply the connection is closed

also on wireless...

if you change comments, SOME type of interface are disabled and re-enabled
by rextended
Sat Sep 11, 2021 11:47 pm
Forum: Scripting
Topic: Feature Request: Please add on-up and on-down scripts events to all interfaces
Replies: 4
Views: 401

Feature Request: Please add on-up and on-down scripts events to all interfaces

Please add on-up and on-down scripts events to all interfaces,
like
ether1
wlan1
lte1
etc.

Thanks.
by rextended
Sat Sep 11, 2021 11:45 pm
Forum: General
Topic: is connection-tracking full ?
Replies: 5
Views: 491

Re: is connection-tracking full ?

@Znevna
i do not notice that...

I hope the user upgrade at least to 6.47.10...
by rextended
Sat Sep 11, 2021 11:31 pm
Forum: Announcements
Topic: Mēris botnet information
Replies: 54
Views: 18897

Re: Mēris botnet information

I have invented that method, and is not a hack, is just how http protocol work... How to download only one piece of file at a time with /tool fetch and put it inside a variable https://forum.mikrotik.com/viewtopic.php?f=9&t=177530 "fetch" is already planned to be managed in the future ...
by rextended
Sat Sep 11, 2021 5:04 pm
Forum: General
Topic: ?? How to renew SIP registration / connection from PBX after WAN failover ??
Replies: 5
Views: 418

Re: ?? How to renew SIP registration / connection from PBX after WAN failover ??

This close all tracked connection to previous WAN on connection-tracking, because often SIP use only UDP and until the connection is tracked to old WAN IP, do not work. This is wrong: /ip firewall connection remove [find] This is correct because prevent errors for tracking already closed during run ...
by rextended
Sat Sep 11, 2021 3:49 pm
Forum: Useful user articles
Topic: Hairpin NAT - the easy way
Replies: 28
Views: 8900

Re: Hairpin NAT - the easy way

For FORCE all DNS passing trough the Router to be solved from the RouterBOARD internal DNS except (!) all the traffic already from/to Ruoterboard itself...
by rextended
Sat Sep 11, 2021 3:42 pm
Forum: General
Topic: Trigger Script when LTE receives IP address
Replies: 8
Views: 558

Re: Trigger Script when LTE receives IP address

The "easy" soluction is: MikroTik must add on-up and on-down on all interface (also ethernet, wlan, etc.)
by rextended
Sat Sep 11, 2021 3:30 pm
Forum: General
Topic: is connection-tracking full ?
Replies: 5
Views: 491

Re: is connection-tracking full ?

the timeout are reset each time a packet travel on connection

some timeout for me are excessive

set timeout like what is suggested here, but set TCP estabilished timeout to 1h instead of 1 day:
Image
https://blog.apnic.net/2021/06/24/how-t ... imization/
by rextended
Sat Sep 11, 2021 3:23 pm
Forum: General
Topic: ?? How to renew SIP registration / connection from PBX after WAN failover ??
Replies: 5
Views: 418

Re: ?? How to renew SIP registration / connection from PBX after WAN failover ??

Each time the WAN change, you must delete all expired connection tracking:
/ip fire conn
:foreach idc in=[find where timeout>60] do={
 remove [find where .id=$idc]
}
by rextended
Sat Sep 11, 2021 3:20 pm
Forum: RouterOS v7 BETA
Topic: PLEASE MikroTik made NetInstall version for Docker....
Replies: 41
Views: 2158

PLEASE MikroTik made NetInstall version for Docker....

PLEASE MikroTik made NetInstall version for Docker....
by rextended
Sat Sep 11, 2021 3:16 pm
Forum: The Dude
Topic: Dude images
Replies: 3
Views: 442

Re: Dude images

on winbox on dude/files directory create a folder "images" and then put the images on (disk1)/dude/files/images do not use dude/files/default because is deleted and renewed for each dude start for create the folders on winbox create the images/image.png structure on windows, then drag &...
by rextended
Sat Sep 11, 2021 3:11 pm
Forum: General
Topic: Hairpin Nat
Replies: 2
Views: 392

Re: Hairpin Nat

if the internal network is on your control, use on dhcp the router as DNS and put a static DNS that resolve mynames.dns to internal IP instead the external,
and you do not need the hairpin (and no NAT rules at all for this)
by rextended
Sat Sep 11, 2021 3:07 pm
Forum: General
Topic: How to find the origin of a Packet marks ? [SOLVED]
Replies: 6
Views: 557

Re: How to find the origin of a Packet marks ? [SOLVED]

if you use it on some rule, when you deselect the field mark, that value still on internal memory database.
if you do not find it on export, delete all mangle all re-import it from export
by rextended
Sat Sep 11, 2021 2:59 pm
Forum: Announcements
Topic: Mēris botnet information
Replies: 54
Views: 18897

Re: Mēris botnet information

Netinstall work also remotely...
If you have at least on control one device, you can netinstall remotely the others...
Obviously exceptions apply.
by rextended
Sat Sep 11, 2021 2:52 pm
Forum: Scripting
Topic: Address lists downloader (DShield, Spamhaus DROP/EDROP, etc)
Replies: 118
Views: 28823

Re: Address lists downloader (DShield, Spamhaus DROP/EDROP, etc)

I slow my version because I want also manage fetch errors (thanks for msatter for the idea of identify inside the type of list) (I never see a msatter thanks to me for the method for download a file only one piece at time) https://forum.mikrotik.com/viewtopic.php?f=2&t=178355&p=878643#p87864...
by rextended
Sat Sep 11, 2021 3:29 am
Forum: Scripting
Topic: Identity by [Part] IP-Address [SOLVED]
Replies: 8
Views: 880

Re: Identity by [Part] IP-Address [SOLVED]

Not so much :-P , you only forget to convert the interface from label to ID because get do not support the direct use of name

[find where interface=$interfaceName]

the rest is only preference on how I coding. :D
by rextended
Sat Sep 11, 2021 2:41 am
Forum: Scripting
Topic: concatenate values to create variable name
Replies: 1
Views: 262

Re: concatenate values to create variable name

search tag # rextended dynamic variables This: :global $wan1 1; :put ("wanSta" . $wan1); give two errors: first one because the $ on front of wan1 is forbiden when declaring a global or local variable (I use 6.47.10) second because the wan1 is undefined on second line for the reason writed...
by rextended
Sat Sep 11, 2021 2:29 am
Forum: Scripting
Topic: Identity by [Part] IP-Address [SOLVED]
Replies: 8
Views: 880

Re: Identity by [Part] IP-Address [SOLVED]

I kept it short and simple... I hope it helps ! :local InterfaceID "bridge1" :if ([/ip dhcp-client get $InterfaceID address] != nil) do={ } The script can not work. Fixed script: #----------------------------------------- :local interfaceName "ether1" :local prefix "MT-&quo...
by rextended
Sat Sep 11, 2021 2:20 am
Forum: Scripting
Topic: Identity by [Part] IP-Address [SOLVED]
Replies: 8
Views: 880

Re: Identity by [Part] IP-Address [SOLVED]

You can put on "dhcp-client / advanced / script" this, it also update the identity everytime you changed the assigned IP to that device: :if ($bound = 1) do={ :local part ($"lease-address" << 24) :local part [:pick $part 0 [:find $part "." -1]] /system identity set name...
by rextended
Sat Sep 11, 2021 12:30 am
Forum: Announcements
Topic: WinBox v3.30 released!
Replies: 59
Views: 6253

Re: WinBox v3.30 released!

Disabling all execpt one, I obtain muiltiple random selections...
(on IP Firewall NAT)
by rextended
Sat Sep 11, 2021 12:23 am
Forum: General
Topic: Trigger Script when LTE receives IP address
Replies: 8
Views: 558

Re: Trigger Script when LTE receives IP address

The DHCP client can run a script, see https://help.mikrotik.com/docs/display/ROS/DHCP#DHCP-DHCPClient Assuming than the user use a standard MikroTik device like SXT-R with R11e-LTE, the lte1 (on default configuration) do not need any DHCP client... If the user refer to other models not specified is...
by rextended
Sat Sep 11, 2021 12:21 am
Forum: General
Topic: Trigger Script when LTE receives IP address
Replies: 8
Views: 558

Re: Trigger Script when LTE receives IP address

Is not possible to add a script to lte1 interface like other ppp connections. You can check on scheduled script if the interface are obtained the IP or not: :if ([:len [/ip add find where interface=lte1]] > 0) do={ :put "IP obtained" } else={ :put "waiting for IP" }
by rextended
Fri Sep 10, 2021 11:41 pm
Forum: General
Topic: Reject the connection to a local machine from outside.
Replies: 28
Views: 1067

Re: Reject the connection to a local machine from outside.

Domodial... Paste this on terminal (use 1.1.1.1 is faster, 8.8.8.8 for failover; 1.1.1.1 is not valid for NTP; Your logging section have all disabled): /ip dns set servers=1.1.1.1,8.8.8.8 /system logging set [find] disabled=no /system ntp client set primary-ntp=51.68.44.27 secondary-ntp=162.159.200....
by rextended
Fri Sep 10, 2021 11:32 pm
Forum: General
Topic: Reject the connection to a local machine from outside.
Replies: 28
Views: 1067

Re: Reject the connection to a local machine from outside.

Domodial. I edited your last post as you used <<quote>> instead of <<code>> tag and therefore your config was 1 meter long on my screen. for a forum bug the [ code ] sections must be placed at least 3 new line away. I use "board style: Canvas" example no new line between (or 1 or 2 lines)...
by rextended
Fri Sep 10, 2021 11:29 pm
Forum: Announcements
Topic: Mēris botnet information
Replies: 54
Views: 18897

Re: Mēris botnet information

On GRE you can omit only the local source, but you must specify the remote address...
The source can be spoofed, but I hope no one extabilish GRE link on Internet without at least IPsec...
by rextended
Fri Sep 10, 2021 7:01 pm
Forum: Announcements
Topic: Mēris botnet information
Replies: 54
Views: 18897

Re: Mēris botnet information

The most entry point is the same username and password on all devices after 4 years...
by rextended
Fri Sep 10, 2021 6:30 pm
Forum: General
Topic: How is default config allowing Winbox access?
Replies: 8
Views: 633

Re: How is default config allowing Winbox access?

When you remove the interface from bridge (LAN group),
for be used as another LAN access,
you may also add ether on interface group LAN
or is correctly dropped al traffic because is not WAN and is not LAN.
by rextended
Fri Sep 10, 2021 4:12 pm
Forum: General
Topic: hEX en ports all slaves but en1 & 2, how to send to freedom? [SOLVED]
Replies: 10
Views: 613

Re: hEX en ports all slaves but en1 & 2, how to send to freedom? [SOLVED]

Reading #8
viewtopic.php?f=2&t=178366#p878949
is like he solved, but do not have signed the topic as solved???
by rextended
Fri Sep 10, 2021 3:39 pm
Forum: General
Topic: Do I need to contact support@mikrotik.com directly to get answers about the forum itself? [SOLVED]
Replies: 17
Views: 1217

Re: Do I need to contact support@mikrotik.com directly to get answers about the forum itself? [SOLVED]

I don't have a warning score displayed there. Is that good or not?
Clearly Good ;)
by rextended
Fri Sep 10, 2021 3:37 pm
Forum: General
Topic: Do I need to contact support@mikrotik.com directly to get answers about the forum itself? [SOLVED]
Replies: 17
Views: 1217

Re: Do I need to contact support@mikrotik.com directly to get answers about the forum itself? [SOLVED]

The moderator do not think that the reply of the 18 (not 30) open topics for the same identical thing do not deserve same reply? :lol: :lol: :lol:
viewtopic.php?f=2&t=178304#p877936
by rextended
Fri Sep 10, 2021 2:31 pm
Forum: Scripting
Topic: Add static Dns console
Replies: 3
Views: 466

Re: Add static Dns console

/ip dns set servers=([/ip dns get servers],1.1.1.1)
by rextended
Fri Sep 10, 2021 1:54 pm
Forum: General
Topic: Do I need to contact support@mikrotik.com directly to get answers about the forum itself? [SOLVED]
Replies: 17
Views: 1217

Re: Do I need to contact support@mikrotik.com directly to get answers about the forum itself? [SOLVED]

Please, can someone explain why I have yesterday warning level [2] and now "Your warning level: [3]"???
What's happen, please explain, I really do not understand...
by rextended
Fri Sep 10, 2021 10:05 am
Forum: Scripting
Topic: Multiple IF Statement match and action accordingly
Replies: 19
Views: 7706

Re: Multiple IF Statement match and action accordingly

i fix the structure for demonstrate the multiple if statement is doable, but I do not make the entire script working for your needs for fix also the rest (do not put a value on the var xstatus on first line, or everytime the value is "1"...) must used only find, if no result, do not do any...
by rextended
Fri Sep 10, 2021 9:57 am
Forum: RouterBOARD hardware
Topic: RB2011 powerjack issues
Replies: 5
Views: 530

Re: RB2011 powerjack issues

BartoszP, if the OP talk about a power jack , is absolutly wrong suppose that the device, than has the same RouterBOARD , is the model without power jack soldered... BartoszP as moderator, why you are so permalous and provocative? Instead, PLEASE, reply to this, you can: https://forum.mikrotik.com/v...
by rextended
Fri Sep 10, 2021 3:14 am
Forum: General
Topic: Filter Content in Firewall with DOT (.) in string [SOLVED]
Replies: 19
Views: 1059

Re: Filter Content in Firewall with DOT (.) in string [SOLVED]

RA is not 8, is th 8th bit set to 1
IS too late to explain better, but the 2 BYTEs are
10000000 10000101 = 80 85
by rextended
Fri Sep 10, 2021 3:00 am
Forum: Scripting
Topic: Multiple IF Statement match and action accordingly
Replies: 19
Views: 7706

Re: Multiple IF Statement match and action accordingly

I fix the script, notice the differencies... :global xstatus /ip dhcp-server lease :local macsearch [get [find where comment="XBOX - 30c Snowmass" and status=bound]] :if ([:len $macsearch] > 0) do={ :if ($xstatus = "missing") do={ :log info "XBOX found" :set xstatus &qu...
by rextended
Fri Sep 10, 2021 2:50 am
Forum: General
Topic: Filter Content in Firewall with DOT (.) in string [SOLVED]
Replies: 19
Views: 1059

Re: Filter Content in Firewall with DOT (.) in string [SOLVED]

please explain, i do not have understand what you want do.

0x8105 are two bytes, 0x81 and 0x05
the conversion is "\81\05", but if on the field on the packet is on reverse order is "\05\81"
by rextended
Fri Sep 10, 2021 2:00 am
Forum: General
Topic: How to get Ethernet port Uptime oid ?
Replies: 3
Views: 761

Re: How to get Ethernet port Uptime oid ?

The user is waiting your reply from 2019...
by rextended
Fri Sep 10, 2021 1:51 am
Forum: Scripting
Topic: Torch results to variable
Replies: 9
Views: 529

Re: Torch results to variable

yes, for log or for DROP is the same:

a firewall filter rule, on forward, src interface = ether1 protocol tcp, dst-port 22,8291
by rextended
Fri Sep 10, 2021 1:09 am
Forum: General
Topic: Load balance torrent traffic?
Replies: 7
Views: 395

Re: Load balance torrent traffic?

Oh, well... now give all the instruction and information that the OP ask, I go to bed, in Italy it is late, my help here is not needed, you are here.
by rextended
Fri Sep 10, 2021 1:03 am
Forum: General
Topic: Load balance torrent traffic?
Replies: 7
Views: 395

Re: Load balance torrent traffic?

You are not the user than open the topic. The second line he have is already natted... And if you say "You are completly wrong here", is mean than you use one line only for upload and the other only for uploiad, or you can download, only from one source at the time, at full speed, like the...
by rextended
Fri Sep 10, 2021 12:45 am
Forum: General
Topic: Load balance torrent traffic?
Replies: 7
Views: 395

Re: Load balance torrent traffic?

Is impossible to combine two ISP speed to download/upload with higer speed than the faster line. (Unless some technology on remote side intervenes) Is also impossible to use one line only for download and the other for upload. The communication between same remote service can happen only on same lin...
by rextended
Fri Sep 10, 2021 12:35 am
Forum: RouterBOARD hardware
Topic: RB2011 powerjack issues
Replies: 5
Views: 530

Re: RB2011 powerjack issues

What model as they have different power connectors placement. All the model have same RouterBOARD, change only the metal box and if is it present wifi or not. On all models the power jack is on the same identical position on the back. No one single devices of that series I have present that problem...
by rextended
Fri Sep 10, 2021 12:21 am
Forum: Wireless Networking
Topic: cAP ac takes a long time to enable wifi
Replies: 11
Views: 695

Re: cAP ac takes a long time to enable wifi

Yes, if have different times... :lol: :lol: :lol: >>>scheduler will be different for working days/weekends, that's why I did not do it as one liner understand, but I write that because are identical >>>and script could be done with less lines yes, and also writed with correct syntax... >>>but I also...
by rextended
Fri Sep 10, 2021 12:18 am
Forum: Scripting
Topic: Torch results to variable
Replies: 9
Views: 529

Re: Torch results to variable

Use a firewall rule that log the attempt....

Or better use firewall rules for prevent his attempt.
by rextended
Fri Sep 10, 2021 12:12 am
Forum: Wireless Networking
Topic: cAP ac takes a long time to enable wifi
Replies: 11
Views: 695

Re: cAP ac takes a long time to enable wifi

fixing the script: :global WlanOn do={ /interface wireless :if ([get $1 comment]="disabled") do={ :log info "Not enabled $1 admin disabled" } else={ :if ([get $1 disabled]) do={ :log info "Enabled $1" enable $1 } else={ :log info "Already enabled $1" } } } $Wl...
by rextended
Fri Sep 10, 2021 12:05 am
Forum: Wireless Networking
Topic: cAP ac takes a long time to enable wifi
Replies: 11
Views: 695

Re: cAP ac takes a long time to enable wifi

Ignoring the scheduler and script I don't like how they were written (one single scheduler repeat everyday, instead of a 7 identical schedulers repeated every week),

have you checked that the devices have synchronized time and date?
by rextended
Thu Sep 09, 2021 11:40 pm
Forum: General
Topic: Automatically filter a rogue public IP
Replies: 6
Views: 553

Re: Automatically filter a rogue public IP

If correctly done, your computer on near future is under control of someone, without you know it, because you can only block one IP after some try, but remote desktop for each try close connection after some failed login... every bot on botnet, each with different IP, can try to hack your remote des...
by rextended
Thu Sep 09, 2021 11:18 pm
Forum: Wireless Networking
Topic: cAP ac takes a long time to enable wifi
Replies: 11
Views: 695

Re: cAP ac takes a long time to enable wifi

what you put on scheduler???

script,info message="Switching wlan2 on"
by rextended
Thu Sep 09, 2021 10:40 pm
Forum: General
Topic: Filter Content in Firewall with DOT (.) in string [SOLVED]
Replies: 19
Views: 1059

Re: Filter Content in Firewall with DOT (.) in string [SOLVED]

You understand why now ;) but on winbox you can not insert special characters like the character "\08", but can be added on CLI On all regex field and on terminal, RouterOS support only \1F hexadecimal characters rapresentation, with hexadecimal letters uppercase and without the "x&qu...
by rextended
Thu Sep 09, 2021 10:20 pm
Forum: General
Topic: Do I need to contact support@mikrotik.com directly to get answers about the forum itself? [SOLVED]
Replies: 17
Views: 1217

Re: Do I need to contact support@mikrotik.com directly to get answers about the forum itself? [SOLVED]

No, also you have two,
BartoszP publish a screenshot with that data visible,
I ask more info and @andriys delete all (also the @BartoszP's post),
and now I ask for details.
by rextended
Thu Sep 09, 2021 10:09 pm
Forum: General
Topic: Do I need to contact support@mikrotik.com directly to get answers about the forum itself? [SOLVED]
Replies: 17
Views: 1217

Do I need to contact support@mikrotik.com directly to get answers about the forum itself? [SOLVED]

Do I need to contact support@mikrotik.com directly to get answers about the forum itself? Questions: 1) What is "warning level" 2) Why I have "Your warning level: [2]" 3) What it refers to? 4) When was I given "2"(?) warnings? 5) Where they were communicated to me? I ha...
by rextended
Thu Sep 09, 2021 9:09 pm
Forum: General
Topic: 200k Mikrotik devices involved in DDoS botnet
Replies: 10
Views: 1215

Re: 200k Mikrotik devices involved in DDoS botnet

Usuallu Socks open, and script on scheduler, some download files on flies or files undeletable, vpn, etc.
by rextended
Thu Sep 09, 2021 6:33 pm
Forum: Announcements
Topic: WinBox v3.30 released!
Replies: 59
Views: 6253

Re: WinBox v3.30 released!

Timezone of cloud server? +03:00
Your???
by rextended
Thu Sep 09, 2021 6:30 pm
Forum: General
Topic: 200k Mikrotik devices involved in DDoS botnet
Replies: 10
Views: 1215

Re: 200k Mikrotik devices involved in DDoS botnet

One simple thing: NAT

If one internal non-MikroTik device are infected, this appear coming from the Router....
How many % of the case are not involved at all the Router???
by rextended
Thu Sep 09, 2021 6:18 pm
Forum: Announcements
Topic: WinBox v3.30 released!
Replies: 59
Views: 6253

Re: WinBox v3.30 released!

from 3.28 changelog *) fixed WinBox disconnect when large text was pasted into terminal window; This bug introduced on 3.28 is still present : https://forum.mikrotik.com/viewtopic.php?f=21&t=175783#p862289 Thanks for swap back Close and Stop , but: is not better use one unique [Start | Stop] but...
by rextended
Thu Sep 09, 2021 6:12 pm
Forum: Scripting
Topic: How to retrieve error details inside the on-error clause
Replies: 2
Views: 1541

Re: How to retrieve error details inside the on-error clause

THE CORRECT WAY IS SANITIZE THE STRING FIRST... for example: :if ($theurlstring~"^(http|https|ftp|sftp|tftp)://") do={ # something } else={ # do nothing } then you can use this example to intercept fetch errors: https://forum.mikrotik.com/viewtopic.php?f=2&t=178355#p878634
by rextended
Thu Sep 09, 2021 6:06 pm
Forum: General
Topic: fetch capable of following redirects [SOLVED]
Replies: 10
Views: 609

Re: fetch capable of following redirects [SOLVED]

Do not worry about disk writes, on flash the write go already n ramdisk, not wearing at all,
about NAND, are years (from 2009) than I use user-manager on nand, and no problem,
and user-manager write continuosly on nand....
by rextended
Thu Sep 09, 2021 5:56 pm
Forum: General
Topic: fetch capable of following redirects [SOLVED]
Replies: 10
Views: 609

Re: fetch capable of following redirects [SOLVED]

search tag # rextended manage fetch errors I write one post a time, leave me the time!!!! :lol: :lol: :lol: Is not for suspance, I need some time to write and test.... This is the code: /file remove [find where name="testfetch.txt"] { :local jobid [:execute file=testfetch.txt script="...
by rextended
Thu Sep 09, 2021 5:36 pm
Forum: Scripting
Topic: Error handling?
Replies: 4
Views: 9363

Re: Error handling?

Start to coding correctly and you do not have problems: # wrong coding :do {/interface bridge add name=loopback; } on-error={:put "loopback exists"} # translating: create loopback, if you got an error because already exist, ignore it # on short: create it, hoping not already exist # right ...
by rextended
Thu Sep 09, 2021 5:30 pm
Forum: General
Topic: fetch capable of following redirects [SOLVED]
Replies: 10
Views: 609

Re: fetch capable of following redirects [SOLVED]

From what I see till now, 99% of sript programmers are not programmers. All must be programmed. Just the handle of external tools like fetch can justify the use of the "on-error" 1) How to retrieve error details inside the on-error clause: https://forum.mikrotik.com/viewtopic.php?t=160076 ...
by rextended
Thu Sep 09, 2021 5:22 pm
Forum: General
Topic: fetch capable of following redirects [SOLVED]
Replies: 10
Views: 609

Re: fetch capable of following redirects [SOLVED]

I'm able to catch the error.
by rextended
Thu Sep 09, 2021 5:19 pm
Forum: Announcements
Topic: MikroTik cloud is back online
Replies: 25
Views: 3762

Re: MikroTik cloud is back online

Don't you expect a bit of sarcasm?
First you even complain about the RFCs,
and then you discover that the problem is yours...

You gave me the assist... :)))
by rextended
Thu Sep 09, 2021 5:08 pm
Forum: Scripting
Topic: Address lists downloader (DShield, Spamhaus DROP/EDROP, etc)
Replies: 118
Views: 28823

Re: Address lists downloader (DShield, Spamhaus DROP/EDROP, etc)

Well done and nice idea... If you want, you can use those regex for determine what type of items the file containing: DNS, IP-Prefix or only IP search for valid DNS (([a-zA-Z0-9][a-zA-Z0-9-]{0,61}){0,1}[a-zA-Z]\\.){1,9}[a-zA-Z][a-zA-Z0-9-]{0,28}[a-zA-Z] IP-Prefix: IP with mandatory subnet mask ((25[...
by rextended
Thu Sep 09, 2021 12:26 pm
Forum: General
Topic: RB5009 IPSec Performance
Replies: 19
Views: 2215

Re: RB5009 IPSec Performance

Thanks @msatter

End of speculation.
by rextended
Thu Sep 09, 2021 12:21 pm
Forum: General
Topic: Winbox = blank, clear cache first everytime
Replies: 9
Views: 397

Re: Winbox = blank, clear cache first everytime

The topic is about WinBox, and is run inside a OS,
in your case Windows 10

Have you try with another device?
by rextended
Thu Sep 09, 2021 12:05 pm
Forum: Announcements
Topic: MikroTik cloud is back online
Replies: 25
Views: 3762

Re: MikroTik cloud is back online

This is what I get, is your DNS OK?
Yes, my DNS is out of order. I am sorry.
Oh, is non-RFC compliant?
by rextended
Thu Sep 09, 2021 12:01 pm
Forum: General
Topic: Winbox = blank, clear cache first everytime
Replies: 9
Views: 397

Re: Winbox = blank, clear cache first everytime

OS used? (I can read and WinBox is not run inside the RouterBOARD / VM)
by rextended
Thu Sep 09, 2021 11:44 am
Forum: General
Topic: Winbox = blank, clear cache first everytime
Replies: 9
Views: 397

Re: Winbox = blank, clear cache first everytime

OS used?
by rextended
Thu Sep 09, 2021 11:31 am
Forum: General
Topic: 2 ip adresses on one intarface (Winbox showing wrong) [SOLVED]
Replies: 5
Views: 355

Re: 2 ip adresses on one intarface (Winbox showing wrong) [SOLVED]

neighbor discovery can transmit only one ip, and is choiced the latest IP added to the interface
winbox can not know the other addresses, but as @mkx already write, you can use mac address,
but, if the IP is the same, why not add the ip directly to address book on winbox?
by rextended
Thu Sep 09, 2021 10:35 am
Forum: General
Topic: 2 ip adresses on one intarface (Winbox showing wrong) [SOLVED]
Replies: 5
Views: 355

Re: 2 ip adresses on one intarface (Winbox showing wrong) [SOLVED]

remove the .20 and use the 10 on dstnat...
by rextended
Thu Sep 09, 2021 1:26 am
Forum: General
Topic: Mikrotik and a firewall
Replies: 3
Views: 350

Re: Mikrotik and a firewall

Do not do any reported, use directly what is maded for do that on one place. if you want use winbox, disable all on /ip services except winbox, and set inside winbox service what is the IP, or muiltiple IP allowed to login if you want use webfig, is like the same, disable all on /ip services except ...
by rextended
Thu Sep 09, 2021 1:23 am
Forum: Announcements
Topic: Newsletter 101
Replies: 43
Views: 7699

Re: Newsletter 101

Like all the other hardware producer on the world...

On what world you live?
by rextended
Thu Sep 09, 2021 1:22 am
Forum: General
Topic: Something must be really wrong on my configuration. Needs real help here! [SOLVED]
Replies: 23
Views: 1163

Re: Something must be really wrong on my configuration. Needs real help here! [SOLVED]

Usually I do not drink when I drive or when I have electronic devices near to me...
by rextended
Thu Sep 09, 2021 1:12 am
Forum: Scripting
Topic: Super-Easy script to create dir
Replies: 11
Views: 1683

Re: Super-Easy script to create dir

If scripting support is full removed, no one problem coming out using the router as router and the switch as switch...

If is so disgusting, use another vendor with routers and switches full of scripting support.
by rextended
Thu Sep 09, 2021 1:08 am
Forum: Scripting
Topic: mkdir function for easy folder creation
Replies: 18
Views: 5285

Re: mkdir function for easy folder creation

You can use another vendor router can have full scripting support inside, what is the problem?
by rextended
Thu Sep 09, 2021 1:06 am
Forum: Announcements
Topic: v6.48.4 [stable] is released!
Replies: 71
Views: 15188

Re: v6.48.4 [stable] is released!

any of your customers will be unfortunate, if you do not take courses first, instead of asking in a forum ...
by rextended
Wed Sep 08, 2021 9:26 pm
Forum: Scripting
Topic: Super-Easy script to create dir
Replies: 11
Views: 1683

Re: Super-Easy script to create dir

I made a better script here, instead of using on-error, the tool fetch and the need to leave http(s) service acrive:
viewtopic.php?f=9&t=151644#p878368
by rextended
Wed Sep 08, 2021 9:18 pm
Forum: Beginner Basics
Topic: How to view client list? [SOLVED]
Replies: 2
Views: 353

Re: How to view client list? [SOLVED]

See inside the AP what is connected to the AP...
Or install CAPsMAN on hEX S if the AP are mikrotik.
  • 1
  • 2
  • 3
  • 4
  • 5
  • 20