Community discussions

MikroTik App

Search found 5816 matches

  • 1
  • 2
  • 3
  • 4
  • 5
  • 20
by rextended
Sat Sep 18, 2021 4:07 pm
Forum: General
Topic: Randomly resets and can't open some webpages
Replies: 6
Views: 170

Re: Randomly resets and can't open some webpages

/ip pool
add name=dhcp ranges=192.168.0.12-192.168.0.254
add name=vpn ranges=192.168.89.2-192.168.89.255
by rextended
Sat Sep 18, 2021 2:20 pm
Forum: Announcements
Topic: WinBox v3.31 released!
Replies: 20
Views: 2781

Re: WinBox v3.31 released!

after updating winbox the log does not work on one router
rb750gr3 ros 6.48.4
You have applied to the user profile the default skin from webfig...
by rextended
Sat Sep 18, 2021 4:00 am
Forum: RouterBOARD hardware
Topic: Another Hardware Idea..
Replies: 5
Views: 274

Re: Another Hardware Idea..

Is possible to install RouterOS x86_64 inside,
netinstall MkroSD with windows / linux and put inside the bay.

Probably also CHR because "probably" support also ESXi or similar...


I hope one day update that with also 5GHz,
Image
by rextended
Sat Sep 18, 2021 2:36 am
Forum: Scripting
Topic: How to get SNMP interface index in a script.
Replies: 6
Views: 1741

Re: How to get SNMP interface index in a script.

The script used as-is do error on ":local intName [get $i name]" because "get from where"? Rewrited Script: /interface :foreach item in=[find] do={ :local intName [get $item name] :local intOID ([print oid as-value where name=$intName]->0->"name") :local intIdx [:pick $...
by rextended
Fri Sep 17, 2021 3:50 pm
Forum: Beginner Basics
Topic: Real DMZ on second IP range
Replies: 15
Views: 660

Re: Real DMZ on second IP range

Someone needs a script for guessing???
:lol: :lol: :lol:
by rextended
Fri Sep 17, 2021 3:35 pm
Forum: General
Topic: Route ALL NTP traffic over a specific WAN [SOLVED]
Replies: 30
Views: 777

Re: Route ALL NTP traffic over a specific WAN [SOLVED]

Putting all togheter: Paste this on terminal ( after set the right gateway address ) /ip route add distance=1 gateway=<put-lte-gateway-IP-address-here> routing-mark=ntp /ip firewall raw add action=add-dst-to-address-list address-list=ntp_pool address-list-timeout=none-dynamic chain=prerouting dst-ad...
by rextended
Fri Sep 17, 2021 3:29 pm
Forum: General
Topic: Scheduler stops executing script
Replies: 22
Views: 985

Re: Scheduler stops executing script

No problem
by rextended
Fri Sep 17, 2021 3:24 pm
Forum: General
Topic: Scheduler stops executing script
Replies: 22
Views: 985

Re: Scheduler stops executing script

fetch can cause a infinite DELAY, not infinite loop, all is freezed, waiting fetch to finish, is not a cycle than can be autochecked if executed too much time and autoexit... Try my script, if fail we add asyncronous fetch execution Something like that, you can see my Snippets, on my signature the l...
by rextended
Fri Sep 17, 2021 3:19 pm
Forum: General
Topic: Route ALL NTP traffic over a specific WAN [SOLVED]
Replies: 30
Views: 777

Re: Route ALL NTP traffic over a specific WAN [SOLVED]

for obtain the list of all IPs used as NTP server

(NTP is one of the protocol than for be full compliant want also the src port 123)

added automation method
viewtopic.php?f=2&t=178602&p=880497#p880497
by rextended
Fri Sep 17, 2021 2:55 pm
Forum: General
Topic: Scheduler stops executing script
Replies: 22
Views: 985

Re: Scheduler stops executing script

Rewrited script, without change logic :log info "Start Sending Report" /ip firewall address-list :foreach tmpAddress in=[find where list="HONEYPOT"] do={ :local attackip [get $tmpAddress address] :log info "BEGIN $attackip Report to AbuseIPDB" :do { /tool fetch keep-res...
by rextended
Fri Sep 17, 2021 2:44 pm
Forum: General
Topic: Scheduler stops executing script
Replies: 22
Views: 985

Re: Scheduler stops executing script

Sometime "fetch" freeze for answer from remote site and lock the script (and the scheduler) on-error can not catch indefinite waiting.... also ":set $attackip value=" where is defined "attackip"? and :set must be used without the $ only 6 seconds between fetch notificat...
by rextended
Fri Sep 17, 2021 1:13 pm
Forum: General
Topic: Scheduler stops executing script
Replies: 22
Views: 985

Re: Scheduler stops executing script

@SiB, next time the scheduler start must check if previous is finished, if not warn user on some way. pseudocode scheduler set global varialble randomnameJhdsfg to "endscript" if the variable do not already exist check global variable randomnameJhdsfg if it is set to "endscript",...
by rextended
Fri Sep 17, 2021 12:55 pm
Forum: Announcements
Topic: WinBox v3.31 released!
Replies: 20
Views: 2781

Re: WinBox v3.31 released!

Already replied and is "Check For Updates" not upgrade
by rextended
Fri Sep 17, 2021 12:04 pm
Forum: Scripting
Topic: Script Error
Replies: 8
Views: 309

Re: Script Error

Di niente :lol:
by rextended
Fri Sep 17, 2021 11:55 am
Forum: General
Topic: Scheduler stops executing script
Replies: 22
Views: 985

Re: Scheduler stops executing script

@Stril I asked you to post the script here for further analysis,
but your assumption that the executed script is perfect and does not block the scheduler, makes me make this decision:

End of help from my side.
by rextended
Fri Sep 17, 2021 11:50 am
Forum: Scripting
Topic: ✂ Rextended Fragments of Snippets
Replies: 3
Views: 1549

Re: ✂ Rextended Fragments of Snippets

DHCPv6 option 39 fqdn2encdns FQDN to DNS encoding DNS encoder

viewtopic.php?f=1&t=178607&p=880429#p880424
by rextended
Fri Sep 17, 2021 11:48 am
Forum: RouterOS v7 BETA
Topic: Option39 DHCPv6 Client
Replies: 7
Views: 259

Re: Option39 DHCPv6 Client

Bugfix:

Wrong
0x010x03'www'0x12'thisismydomainname'0x03'net'0x00

Correct:
0x01''0x03'www'0x12'thisismydomainname'0x03'net'0x00

Script fixed
by rextended
Fri Sep 17, 2021 11:42 am
Forum: RouterOS v7 BETA
Topic: Option39 DHCPv6 Client
Replies: 7
Views: 259

Re: Option39 DHCPv6 Client

Yes, I hope you like my script....
by rextended
Fri Sep 17, 2021 11:32 am
Forum: RouterOS v7 BETA
Topic: Option39 DHCPv6 Client
Replies: 7
Views: 259

Re: Option39 DHCPv6 Client

search tag # rextended DHCPv6 option 39 fqdn2encdns FQDN to DNS encoding DNS encoder I just finished to write this to directly encode the string: :global tmpChar "\00" :global hexChars "0123456789ABCDEF" :global charsString "" :for x from=0 to=15 step=1 do={ :for y from...
by rextended
Fri Sep 17, 2021 11:30 am
Forum: RouterOS v7 BETA
Topic: Option39 DHCPv6 Client
Replies: 7
Views: 259

Re: Option39 DHCPv6 Client

9 or 15, is limited, this not change the point
The max length for label and domain is 63 characters
by rextended
Fri Sep 17, 2021 10:41 am
Forum: General
Topic: Scheduler stops executing script
Replies: 22
Views: 985

Re: Scheduler stops executing script

This is not diagnosticable, the scheduler is ok,
you must also post the script you try to run...
by rextended
Fri Sep 17, 2021 10:14 am
Forum: RouterOS v7 BETA
Topic: Option39 DHCPv6 Client
Replies: 7
Views: 259

Re: Option39 DHCPv6 Client

The script not work if the fqdn have one part with more than 9 characters, like www.thisismydomain.com because the length on encoded dns when is bigger than 9 must be converted to hexadecimal, not "0" + ":len" as string Why not simply: /ipv6 dhcp-client option add code=39 name=op...
by rextended
Fri Sep 17, 2021 2:08 am
Forum: Scripting
Topic: Return IP Octet Function
Replies: 14
Views: 5356

Re: Return IP Octet Function

search tag # rextended ip2array ip split octet Uhm... I forgot that script.... Actualized version, always return one array with: 0: IP passed as parameter 1: 1st octet 2: 2nd octet 3: 3rd octet 4: 4th octet :global ip2array do={ :local ip [:toip $1] :local array [:toarray ""] :if ([:typeof...
by rextended
Thu Sep 16, 2021 11:40 pm
Forum: General
Topic: Route ALL NTP traffic over a specific WAN [SOLVED]
Replies: 30
Views: 777

Re: Route ALL NTP traffic over a specific WAN [SOLVED]

Ok, now we waiting @ishanjain if this solution is good for him...
by rextended
Thu Sep 16, 2021 11:35 pm
Forum: Announcements
Topic: WinBox v3.31 released!
Replies: 20
Views: 2781

Re: WinBox v3.31 released!

Without open any device from "Tool / Check For Updates" ?
by rextended
Thu Sep 16, 2021 11:25 pm
Forum: General
Topic: Route ALL NTP traffic over a specific WAN [SOLVED]
Replies: 30
Views: 777

Re: Route ALL NTP traffic over a specific WAN [SOLVED]

Is possible to find updated list for facebook, twitter, etc here: Facebook and Instagram, 3 ASN https://bgp.he.net/AS32934#_prefixes https://bgp.he.net/AS54115#_prefixes https://bgp.he.net/AS63293#_prefixes Blocking Facebook also block part of WhatsApp, but WhatsApp have also his own pool. WhatsApp ...
by rextended
Thu Sep 16, 2021 11:20 pm
Forum: General
Topic: Route ALL NTP traffic over a specific WAN [SOLVED]
Replies: 30
Views: 777

Re: Route ALL NTP traffic over a specific WAN [SOLVED]

a mere route in routing table main is sufficient
Not...
Sorry, but my rules are structured on that way for change all gateway with one click, just on one position,
instead of open one-by-one single route to change each gateway for each IP...
by rextended
Thu Sep 16, 2021 11:14 pm
Forum: General
Topic: Route ALL NTP traffic over a specific WAN [SOLVED]
Replies: 30
Views: 777

Re: Route ALL NTP traffic over a specific WAN [SOLVED]

Are not required any rules or setting. simply: FACEBOOK /ip route rule add action=drop dst-address=102.132.112.0/24 add action=drop dst-address=102.132.113.0/24 add action=drop dst-address=102.132.114.0/24 add action=drop dst-address=102.132.115.0/24 add action=drop dst-address=102.132.116.0/24 add ...
by rextended
Thu Sep 16, 2021 11:05 pm
Forum: General
Topic: Route ALL NTP traffic over a specific WAN [SOLVED]
Replies: 30
Views: 777

Re: Route ALL NTP traffic over a specific WAN [SOLVED]

like this:
/ip route rule
add action=drop dst-address=157.240.210.0/24


Until the service do not use CDN that have same IP for multile services, block ASN IPs drop all.
by rextended
Thu Sep 16, 2021 11:02 pm
Forum: General
Topic: Route ALL NTP traffic over a specific WAN [SOLVED]
Replies: 30
Views: 777

Re: Route ALL NTP traffic over a specific WAN [SOLVED]

I use at my home the /ip route rule to drop all ASN like Facebook / WhatsApp, Twitter, Instagram and some Google parts like Doubleclick and googleadservices.com
(but do not say that to @msatter :lol: )
by rextended
Thu Sep 16, 2021 10:55 pm
Forum: General
Topic: Route ALL NTP traffic over a specific WAN [SOLVED]
Replies: 30
Views: 777

Re: Route ALL NTP traffic over a specific WAN [SOLVED]

also him have freetime :lol:
by rextended
Thu Sep 16, 2021 10:50 pm
Forum: General
Topic: Route ALL NTP traffic over a specific WAN [SOLVED]
Replies: 30
Views: 777

Re: Route ALL NTP traffic over a specific WAN [SOLVED]

The rule I wrote working also for RouterOS itself (if IP set on NTP client are put obviously on route rule dst-address) without change nothing. If the output is generated from RouterOS, still go at the end on routing. My rule are easy because nothing other count. Simply I want that IP reachable by a...
by rextended
Thu Sep 16, 2021 10:39 pm
Forum: General
Topic: Route ALL NTP traffic over a specific WAN [SOLVED]
Replies: 30
Views: 777

Re: Route ALL NTP traffic over a specific WAN [SOLVED]

The source IP that need the NTP info do not count, if the ISP on WAN1 block NTP,
the NTP servers defined on list (that are the dst-nation of the request started from PCs)
are forced to be reachable from lte-vlan gateway
by rextended
Thu Sep 16, 2021 10:32 pm
Forum: General
Topic: Route ALL NTP traffic over a specific WAN [SOLVED]
Replies: 30
Views: 777

Re: Route ALL NTP traffic over a specific WAN [SOLVED]

Modify that accordingly your needs and paste it on terminal. Legend: 3.3.3.3 / 6.6.6.6 / 7.7.7.7 NTP servers used from computers /ip route rule add dst-address=3.3.3.3/32 table=ntp add dst-address=6.6.6.6/32 table=ntp add dst-address=7.7.7.7/32 table=ntp /ip route add distance=1 gateway=<put-lte-gat...
by rextended
Thu Sep 16, 2021 10:22 pm
Forum: SwOS
Topic: Configuration needed to pass iSCSI? Windows says 'connection failed'
Replies: 16
Views: 677

Re: Configuration needed to pass iSCSI? Windows says 'connection failed'

I do not understand if you have understanded or not that you can not log iSCSI traffic passing through RouterBOARD,
but this is only for log iSCSI traffic on RouterOS installed on x86 (also x86_64) machine than phisically have iSCSI...
by rextended
Thu Sep 16, 2021 9:55 pm
Forum: Scripting
Topic: Script Error
Replies: 8
Views: 309

Re: Script Error

Remember on /system logging to save the warning/error logs on DISK file, or you lost that info on reboot (you can not send e-mail or sms if lte1 not work) ltestatus added for warn only one time when status change :global ltestatus :if ([:typeof $ltestatus] = "nothing") do={:set ltestatus &...
by rextended
Thu Sep 16, 2021 9:47 pm
Forum: Scripting
Topic: Script Error
Replies: 8
Views: 309

Re: Script Error

Missing lte interface cause previous script to fail... give me 10 minutes... this is wrong: /interface list print count-only where name= LTE at least /interface print count-only where type="lte" (or /interface print count-only where name="lte1") or /interface lte print count-only...
by rextended
Thu Sep 16, 2021 9:41 pm
Forum: Announcements
Topic: WinBox v3.31 released!
Replies: 20
Views: 2781

Re: WinBox v3.31 released!

Have you considered that it is a bug and needs to be fixed? I can not post on the forum what is really needed for such a long "paste" and I have to provide an example to replicate the bug. Whereas the first thing the script does is delete everything in the router, including the "file&...
by rextended
Thu Sep 16, 2021 7:45 pm
Forum: Scripting
Topic: Script Error
Replies: 8
Views: 309

Re: Script Error

Is not a "type", is a submenu / section, like on /interface wireless you find the dedicated section for... wireless /interface show all type of interfaces, usually the menu is less rich than the dedicated section for each type of interfaces. This script work on both way: disable and enable...
by rextended
Thu Sep 16, 2021 7:41 pm
Forum: General
Topic: Audit my input firewall
Replies: 38
Views: 1192

Re: Audit my input firewall

Really output rules are hard to see on some place...
Output are connection initiated from Router CPU (like resolve DNS name) and is hard to think something that Router generate for bad purpose...
by rextended
Thu Sep 16, 2021 7:26 pm
Forum: Announcements
Topic: WinBox v3.31 released!
Replies: 20
Views: 2781

Re: WinBox v3.31 released!

Ok, but if I write on topic opened from MikroTik staff, at least I expect someone read it. No need to send mail because the bug is well explained and reproducible. ********************** This is scream? >>> What's new in v3.31: You do not only remove "big font" (110%) of 3rd line but also ...
by rextended
Thu Sep 16, 2021 6:43 pm
Forum: General
Topic: Why firewall rules are so important...
Replies: 12
Views: 1115

Re: Why firewall rules are so important...

You apparently haven't tried Shodan. Yes, because I usually try to help than abuse... :) My opinion about showing or not (ignoring the fact that, exposed the version or not, on 2 seconds all hack method can be tested)... This question is really useless, like the debate about what color a van should...
by rextended
Thu Sep 16, 2021 6:11 pm
Forum: General
Topic: Why firewall rules are so important...
Replies: 12
Views: 1115

Re: Why firewall rules are so important...

@Joni... I WOULD NEVER THINK IT WAS SO EASY... :shock: :shock: :shock: :shock: :shock: :shock: :shock: Google will take care of them looking for you... Easy life for hacker... About display version or not : WHAT IS THE PROBLEM? Simply try all the hack, who stops you? I open just for joke one link: \...
by rextended
Thu Sep 16, 2021 6:00 pm
Forum: RouterOS v7 BETA
Topic: PLEASE MikroTik made NetInstall version for Docker....
Replies: 41
Views: 2037

Re: PLEASE MikroTik made NetInstall version for Docker....

Is like other dozen of requested feature: nothing.
Better do something active than waiting for nothing...
by rextended
Thu Sep 16, 2021 5:56 pm
Forum: SwOS
Topic: feature request - https for webui
Replies: 10
Views: 2272

Re: feature request - https for webui

@Paternot is not the OP, and the op do not have one CSS but one CRS317-1G-16S+RM
by rextended
Thu Sep 16, 2021 5:53 pm
Forum: Announcements
Topic: WinBox v3.31 released!
Replies: 20
Views: 2781

Re: WinBox v3.31 released!

from 3.28 changelog
*) fixed WinBox disconnect when large text was pasted into terminal window;
This bug introduced on 3.28 is still present:
viewtopic.php?f=21&t=175783#p862289

Reported also for 3.29 and 3.30 but nothing change.
by rextended
Wed Sep 15, 2021 11:59 pm
Forum: General
Topic: Audit my input firewall
Replies: 38
Views: 1192

Re: Audit my input firewall

Don't worry about Containers for Docker, I asked a colleague to study how it works :lol:
by rextended
Wed Sep 15, 2021 9:48 pm
Forum: General
Topic: Audit my input firewall
Replies: 38
Views: 1192

Re: Audit my input firewall

Yes, like capsman, are not required if you do not use that service.

Really I not see any hole on your config, only some redundant rules.

This is why you can say "for many years no problem"

I hope @anav find something, if I haven't seen it
by rextended
Wed Sep 15, 2021 9:42 pm
Forum: General
Topic: Audit my input firewall
Replies: 38
Views: 1192

Re: Audit my input firewall

L2TP.....
# those rules are for WAN or LAN?
this applies to the WAN
Yes, "I think is wanted behaviour" :)
by rextended
Wed Sep 15, 2021 9:40 pm
Forum: General
Topic: Audit my input firewall
Replies: 38
Views: 1192

Re: Audit my input firewall

About forward rules: # on top of forward chain I do not see this default rules add chain=forward action=accept ipsec-policy=in,ipsec comment="defconf: accept in ipsec policy" add chain=forward action=accept ipsec-policy=out,ipsec comment="defconf: accept out ipsec policy" # this ...
by rextended
Wed Sep 15, 2021 9:33 pm
Forum: General
Topic: Audit my input firewall
Replies: 38
Views: 1192

Re: Audit my input firewall

About input rules: # missing this, but if you not use capsman, no problem: add chain=input action=accept dst-address=127.0.0.1 comment="defconf: accept to local loopback (for CAPsMAN)" # those are useless, or are needed only if the Allowed-IP are not on interface that not are on LAN group:...
by rextended
Wed Sep 15, 2021 9:24 pm
Forum: General
Topic: Audit my input firewall
Replies: 38
Views: 1192

Re: Audit my input firewall

The !LAN is a VERY POWERFULL CHOICE!!!

Ah... POWERFULL... :lol: I need some grammar corrector on browser...
This is not Poker.... or not? :lol: :lol: :lol:
by rextended
Wed Sep 15, 2021 9:17 pm
Forum: General
Topic: Audit my input firewall
Replies: 38
Views: 1192

Re: Audit my input firewall

To make it more obvious why dont they have a default rule after this rule which states. add action= accept chain=input comment="defconf: allow all else coming from LAN" in-interface-list=LAN because the LAN traffic has already been matched by the previous rule. ALL LAN Traffic has already...
by rextended
Wed Sep 15, 2021 9:16 pm
Forum: General
Topic: Audit my input firewall
Replies: 38
Views: 1192

Re: Audit my input firewall

@anav 8)

Now can I have a docker containainer that automatically selects the right IP subnet mask please. :-)
but... i do not understand... really....
by rextended
Wed Sep 15, 2021 8:54 pm
Forum: General
Topic: Audit my input firewall
Replies: 38
Views: 1192

Re: Audit my input firewall

I also suggest @Greenfun2 to put the default rules on the same initial place, for example, if is invalid, can't be "established,related,untracked" Moving invalid drop before "established,related,untracked" you only slow traffic, no one type of advantage (except if 51% of your tra...
by rextended
Wed Sep 15, 2021 8:54 pm
Forum: General
Topic: Audit my input firewall
Replies: 38
Views: 1192

Re: Audit my input firewall

I hope you read after "On the OP "export": on previous topic
by rextended
Wed Sep 15, 2021 8:38 pm
Forum: General
Topic: Audit my input firewall
Replies: 38
Views: 1192

Re: Audit my input firewall

@johnson73 Someone please explain me where is the point on default configuration that permit DNS from WAN, or why on default configuration is needed to drop incoming DNS request from WAN on input chain... https://forum.mikrotik.com/viewtopic.php?f=13&t=175129&p=856824#p856824 /ip firewall f...
by rextended
Wed Sep 15, 2021 8:31 pm
Forum: RouterOS v7 BETA
Topic: fastpath support on x86 or CHR
Replies: 1
Views: 225

Re: fastpath support on x86 or CHR

https://wiki.mikrotik.com/wiki/Manual:Fast_Path

Fast path allows to forward packets without additional processing in the Linux kernel. It improves forwarding speeds significantly.

For fast path to work, interface support and specific configuration conditions are required.
by rextended
Wed Sep 15, 2021 7:39 pm
Forum: SwOS
Topic: feature request - https for webui
Replies: 10
Views: 2272

Re: feature request - https for webui

The switch support already SSH, HTTPS on RouterOS, simply use already included RouterOS instead of SwOS...
by rextended
Wed Sep 15, 2021 6:54 pm
Forum: General
Topic: 2 separate networks - no internet access
Replies: 6
Views: 336

Re: 2 separate networks - no internet access

Something makes me coin a new term: two-duplicate-posts-and-go user
by rextended
Wed Sep 15, 2021 6:42 pm
Forum: Scripting
Topic: remove pppoe user with matched realm.
Replies: 4
Views: 239

Re: remove pppoe user with matched realm.

Ok... well explained.... :lol:

/ppp active remove [find where name~"@admin.com"]
by rextended
Wed Sep 15, 2021 6:22 pm
Forum: General
Topic: Block internet traffic except some URLs
Replies: 14
Views: 531

Re: Block internet traffic except some URLs

Please don't make the language an obstacle to understanding, I'm not English. I understood both times what you wrote, but that doesn't change what I wrote: 1) No post within the topic was created by a support user, 2) It is useless because it considers the remote site as the source of a new connecti...
by rextended
Wed Sep 15, 2021 5:59 pm
Forum: Scripting
Topic: remove pppoe user with matched realm.
Replies: 4
Views: 239

Re: remove pppoe user with matched realm.

please explain better, what you mean for realm? @xxx.xx after the username?

the user must be disconnected or
removed from where? user-manager? internal ppp secret?

explain better
by rextended
Wed Sep 15, 2021 5:52 pm
Forum: General
Topic: Block internet traffic except some URLs
Replies: 14
Views: 531

Re: Block internet traffic except some URLs

Besides the petty squabbling, I dont see how the firewall rule would block https: (external) IP on blocked list or IP not on allowed list Can firewall rules see inside https URLs ?? @anav , if done correctly, it can block all traffic to the destination IP, it can block everything, https, ping, ftp,...
by rextended
Wed Sep 15, 2021 5:39 pm
Forum: General
Topic: Block internet traffic except some URLs
Replies: 14
Views: 531

Re: Block internet traffic except some URLs

How is it useless? I provided an alternate firewall rule that blocks all forwarded from a single IP that is not in the the address list. This would include any forwarded DNS requests. So folks just live to be arrogant and rude I suppose... Apparently, you first... @2frog , you are arrogant and you ...
by rextended
Wed Sep 15, 2021 5:27 pm
Forum: General
Topic: Block internet traffic except some URLs
Replies: 14
Views: 531

Re: Block internet traffic except some URLs

In the thread send by the Mikrotik Support https://forum.mikrotik.com/viewtopic.php?t=161562 the solved answer are "src-port" and "src-address-list"....¿why?...we don't know) Send by the Mikrotik Support??? I do not see anyone inside that topic from mikrotik support, and also th...
by rextended
Wed Sep 15, 2021 5:20 pm
Forum: Announcements
Topic: WinBox v3.30 released!
Replies: 59
Views: 6140

Re: WinBox v3.30 released!

Before post, read what already posted if some problem is already noticed, and the download link... read what already posted
by rextended
Wed Sep 15, 2021 3:54 pm
Forum: General
Topic: Block internet traffic except some URLs
Replies: 14
Views: 531

Re: Block internet traffic except some URLs

@2frogs is useless, as on OP: ... action=drop chain=forward ... protocol=tcp ... src-port=443 this do NOT BLOCK DNS instead the OP treath outocoming traffic like is incoming: /ip firewall filter ... drop ... forward ... src -address-list=!WebsPermitidas src -port=443 must be dst , destination addres...
by rextended
Wed Sep 15, 2021 1:19 pm
Forum: Scripting
Topic: channel-width and wireless-protocol from SNMP
Replies: 4
Views: 268

Re: channel-width and wireless-protocol from SNMP

At least you can read something like 5180/20/ac using: band=.1.3.6.1.4.1.14988.1.1.1.3.1.8. <wlan interface index> iso.org.dod.internet.private.enterprises.mikrotik.mikrotikExperimentalModule.mtXRouterOs.mtxrWireless.mtxrWlApTable.mtxrWlApEntry.mtxrWlApBand. <wlan interface index> You can get it by ...
by rextended
Wed Sep 15, 2021 1:05 pm
Forum: Scripting
Topic: channel-width and wireless-protocol from SNMP
Replies: 4
Views: 268

Re: channel-width and wireless-protocol from SNMP

The last .1 is the <wlan interface index> You can not read by SNMP what is not present here. /interface wireless print oid tx-rate=.1.3.6.1.4.1.14988.1.1.1.3.1.2.1 rx-rate=.1.3.6.1.4.1.14988.1.1.1.3.1.3.1 ssid=.1.3.6.1.4.1.14988.1.1.1.3.1.4.1 bssid=.1.3.6.1.4.1.14988.1.1.1.3.1.5.1 client-count=.1.3....
by rextended
Wed Sep 15, 2021 12:56 pm
Forum: Scripting
Topic: Sorted array of files [SOLVED]
Replies: 11
Views: 561

Re: Sorted array of files [SOLVED]

Ah, Ok, for coincidence the "7" is a part of serial number censored??? :lol:
by rextended
Wed Sep 15, 2021 12:51 pm
Forum: Scripting
Topic: Sorted array of files [SOLVED]
Replies: 11
Views: 561

Re: Sorted array of files [SOLVED]

I made this for you, just call $dobackup :global dobackup do={ /system clock :local strDate [get date]; :local strTime [get time] :local arrMonths {jan="01";feb="02";mar="03";apr="04";may="05";jun="06";jul="07";aug="08";...
by rextended
Wed Sep 15, 2021 12:42 pm
Forum: Scripting
Topic: Sorted array of files [SOLVED]
Replies: 11
Views: 561

Re: Sorted array of files [SOLVED]

Is MikroTik7 because you use it on 7.x version? You can use the function date2ymd also when you do the backup, if the function is shorter than your methods to obtain YYYY-MM-DD also on backup, if you want automatize name, you can also use $[/sys id get itentity] instead of hardcoded mikrotik7-test n...
by rextended
Wed Sep 15, 2021 12:33 pm
Forum: Scripting
Topic: Sorted array of files [SOLVED]
Replies: 11
Views: 561

Re: Sorted array of files [SOLVED]

Yes, but speaking about "files" the correct order for determine what is older is the date ;)
The backup can have any name.
by rextended
Wed Sep 15, 2021 11:25 am
Forum: Announcements
Topic: Mēris botnet information
Replies: 54
Views: 17776

Re: Mēris botnet information

If I wrote a malware, it would be the first thing I would do to take away the passwords stored in "Windows Vault" / WinBox / Dude / Firefox, Google, Edge passwords saved on the browser, e-mail passwords saved on thunderbird, outlook, etc.
by rextended
Wed Sep 15, 2021 10:29 am
Forum: Scripting
Topic: ✂ Rextended Fragments of Snippets
Replies: 3
Views: 1549

Re: ✂ Rextended Fragments of Snippets

wireless on off with mode button https://forum.mikrotik.com/viewtopic.php?f=7&t=115078&p=857648#p857648 create directory and subdirectory https://forum.mikrotik.com/viewtopic.php?f=9&t=151644&p=878316#p878368 mac ping results saved on variable https://forum.mikrotik.com/viewtopic.php...
by rextended
Wed Sep 15, 2021 10:25 am
Forum: General
Topic: Block internet traffic except some URLs
Replies: 14
Views: 531

Re: Block internet traffic except some URLs

Configure your internal network as hotspot, and use walled-garden
by rextended
Wed Sep 15, 2021 10:17 am
Forum: Scripting
Topic: Sorted array of files [SOLVED]
Replies: 11
Views: 561

Re: Sorted array of files [SOLVED]

Thanks, you let me discovery an hack to sort the array on just 2/3 lines of code :)
by rextended
Wed Sep 15, 2021 2:29 am
Forum: SwOS
Topic: Configuration needed to pass iSCSI? Windows says 'connection failed'
Replies: 16
Views: 677

Re: Configuration needed to pass iSCSI? Windows says 'connection failed'

Too complex,
I just notice this:

is wanted this .99.x without provide a gateway?
/ip dhcp-server network
add address=192.168.99.0/24 dns-server=192.168.99.1

paste this on terminal
/system logging
remove [find where topics=iscsi]
by rextended
Wed Sep 15, 2021 2:20 am
Forum: Scripting
Topic: Sorted array of files [SOLVED]
Replies: 11
Views: 561

Re: Sorted array of files [SOLVED]

search tag # rextended hack sort file by date date2ymd Based on my scripts: https://forum.mikrotik.com/viewtopic.php?f=9&t=75555#p876568 Step 1 [DONE] : convert all backup filenames and date to a 2D array and convert the date from mmm-DD-YYYY to YYYY-MM-DD: Step 2 [DONE] : sort the array by YYYY...
by rextended
Tue Sep 14, 2021 7:49 pm
Forum: General
Topic: DoH overrides DNS Static RegEx
Replies: 8
Views: 680

Re: DoH overrides DNS Static RegEx

The problem is the FWD itself...
If DoH is used, is a nonsense use unsigned FWD replies...

Is why on help page is clearly indicated...
by rextended
Tue Sep 14, 2021 7:40 pm
Forum: General
Topic: Need help creating a package
Replies: 2
Views: 320

Re: Need help creating a package

The forum is not a correct way to start and manage one new ISP.
Hire a consulent for that or do some courses.
by rextended
Tue Sep 14, 2021 7:39 pm
Forum: Beginner Basics
Topic: How do I create a package?
Replies: 2
Views: 236

Re: How do I create a package?

You start every day a new topic for the same?
viewtopic.php?f=2&t=178502

The forum is not a correct way to start and manage one new ISP.
Hire a consulent for that or do some courses.
by rextended
Tue Sep 14, 2021 4:20 pm
Forum: Wireless Networking
Topic: Motel internet infrastructure
Replies: 11
Views: 544

Re: Motel internet infrastructure

really I just say use one CCR (Cloud Core Router) just after ISP router (if replaces ISP router is better) and about the switch, is right, only CRS (Cloud Router Switch)...
But about the AP and the right number, must be see on place with tests.
by rextended
Tue Sep 14, 2021 3:41 pm
Forum: Wireless Networking
Topic: Motel internet infrastructure
Replies: 11
Views: 544

Re: Motel internet infrastructure

What you expect?
Someone than works free for you?

One-thing-over-all:
One AP for floor? Without physical test is impossible to say if are working "as expected"...
by rextended
Tue Sep 14, 2021 3:29 pm
Forum: General
Topic: Feature Request: Firewall Rules visual grouping
Replies: 3
Views: 301

Re: Feature Request: Firewall Rules visual grouping

But is already present, use filter...
Select what is the only chain you want see... done.
by rextended
Tue Sep 14, 2021 3:21 pm
Forum: Useful user articles
Topic: 📌 Configuration to block users that tries to access router on non open port(s)
Replies: 18
Views: 1244

Re: 📌 Configuration to block users that tries to access router on non open port(s)

Another user talk about GRE attack started from some days, also Mēris,
probably are that?
by rextended
Tue Sep 14, 2021 10:29 am
Forum: RouterOS v7 BETA
Topic: comment in export for broken reference
Replies: 2
Views: 199

Re: comment in export for broken reference

Is not a 7 prerogative, also on 6 the same: pri Flags: X - disabled, I - invalid, D - dynamic # ADDRESS NETWORK INTERFACE 0 I 6.6.6.6/24 6.6.6.0 *B export /ip address add address=6.6.6.6/24 network=6.6.6.0
by rextended
Tue Sep 14, 2021 10:21 am
Forum: RouterOS v7 BETA
Topic: PLEASE MikroTik made NetInstall version for Docker....
Replies: 41
Views: 2037

Re: PLEASE MikroTik made NetInstall version for Docker....

@mducharme
You're writing what I think
by rextended
Tue Sep 14, 2021 10:19 am
Forum: RouterOS v7 BETA
Topic: PLEASE MikroTik made NetInstall version for Docker....
Replies: 41
Views: 2037

Re: PLEASE MikroTik made NetInstall version for Docker....

The fast way to launch netinstall remotely is to make one EoIP tunnel between my office and the remote switch where the device must be netinstalled...
Slower? Ahhh.....
by rextended
Tue Sep 14, 2021 10:14 am
Forum: RouterOS v7 BETA
Topic: PLEASE MikroTik made NetInstall version for Docker....
Replies: 41
Views: 2037

Re: PLEASE MikroTik made NetInstall version for Docker....

Is logical that is not the only device present on-site...

Is obvious than the netinstall on a container is used to install another machine.

About power failure, is obvious that is it not a domestic case...
by rextended
Tue Sep 14, 2021 10:03 am
Forum: General
Topic: Constant Reboots
Replies: 3
Views: 319

Re: Constant Reboots

RouterOS version? (software)
RouterBOOT version? (BIOS)
by rextended
Tue Sep 14, 2021 9:58 am
Forum: RouterOS v7 BETA
Topic: PLEASE MikroTik made NetInstall version for Docker....
Replies: 41
Views: 2037

Re: PLEASE MikroTik made NetInstall version for Docker....

I have all device powered from 8P, 16P or 24P RouterBOARDs, on default I set all device /partitions set [find] fallback-to=etherboot # this is RouterOS default /sys routerboard settings set boot-device=nand-if-fail-then-ethernet But the point is not only to netinstall devices with problems, but neti...
by rextended
Tue Sep 14, 2021 9:52 am
Forum: RouterOS v7 BETA
Topic: PLEASE MikroTik made NetInstall version for Docker....
Replies: 41
Views: 2037

Re: PLEASE MikroTik made NetInstall version for Docker....

I think they wish to run the Linux netinstall binary in a docker container.
E-X-A-C-T-L-Y

NetInstall is more sicure than upgrade, and can clean all what must not be present, if something has happen on "remote" past...
by rextended
Tue Sep 14, 2021 1:44 am
Forum: Scripting
Topic: Feature Request: Please add on-up and on-down scripts events to all interfaces
Replies: 4
Views: 377

Re: Feature Request: Please add on-up and on-down scripts events to all interfaces

for example:

you ever try to ping a layer 2 link with netwatch?

or try to ping an internal devices than you not know the IP previously?
by rextended
Mon Sep 13, 2021 10:17 pm
Forum: General
Topic: Crticial: Mikrotik Not Log all Parameters Changes - Do you need How is Possible
Replies: 1
Views: 280

Re: Crticial: Mikrotik Not Log all Parameters Changes - Do you need How is Possible

Be patient and wait, on V7 is also reported what is changed, (I doubt is backported on 6.4x) on meantime use my method: every device export config to a sftp server each hour, a scheduler inside linux machine compare export saved as master with latest version, except first line (that contain date &am...
by rextended
Mon Sep 13, 2021 7:27 pm
Forum: Forwarding Protocols
Topic: RP Filter - Strict and Loose
Replies: 1
Views: 213

Re: RP Filter - Strict and Loose

The packet are blocked if, coming from WAN, have one of the internal IP, like is impossible to be real a packet coming from wan side with a source 192.168.10.22, if you have 192.168.10.0/24 used on internal LAN, and is blocked. Any other type of source IP are not blocked. (This is valid also on publ...
by rextended
Mon Sep 13, 2021 6:50 pm
Forum: Wireless Networking
Topic: Find specific SSID using Scan function [SOLVED]
Replies: 6
Views: 954

Re: Find specific SSID using Scan function [SOLVED]

Is not casual I say "No." on #2 post On 6.47.10, and up, you can save scan to file and read results for furter analisys, the as-value is added from 7.? { /interface wireless scan wlan1 duration=5 save-file=tempscan.txt :local filecontent [/file get [/file find where name="tempscan.txt...
by rextended
Mon Sep 13, 2021 6:48 pm
Forum: RouterOS v7 BETA
Topic: PLEASE MikroTik made NetInstall version for Docker....
Replies: 41
Views: 2037

Re: PLEASE MikroTik made NetInstall version for Docker....

I do not have any experience on Docker... sorry :)
by rextended
Mon Sep 13, 2021 5:20 pm
Forum: Announcements
Topic: WinBox v3.30 released!
Replies: 59
Views: 6140

Re: WinBox v3.30 released!

I have described on another topic how to schedule a auto-reload backup when starting critical procedures than inevitably disconnect winbox and safe mode clear all work done.
by rextended
Mon Sep 13, 2021 5:16 pm
Forum: Beginner Basics
Topic: Cannot SSH from LAN to outside devices - strange [SOLVED]
Replies: 8
Views: 427

Re: Cannot SSH from LAN to outside devices - strange [SOLVED]

Yes, more you think the connection is secure (and open to entire world),
more is probable the connection is hacked on 1st vulnerabilty finded and not revealed to the world...
by rextended
Mon Sep 13, 2021 3:11 pm
Forum: SwOS
Topic: Configuration needed to pass iSCSI? Windows says 'connection failed'
Replies: 16
Views: 677

Re: Configuration needed to pass iSCSI? Windows says 'connection failed'

I ask a moderator to move the topic, better than start new, not?
by rextended
Mon Sep 13, 2021 3:10 pm
Forum: SwOS
Topic: Configuration needed to pass iSCSI? Windows says 'connection failed'
Replies: 16
Views: 677

Re: Configuration needed to pass iSCSI? Windows says 'connection failed'

eheh... true... but every time the exports always have some surprises, like a script that sends e-mails with mail, password and server written inside...
by rextended
Mon Sep 13, 2021 3:06 pm
Forum: Beginner Basics
Topic: Cannot SSH from LAN to outside devices - strange [SOLVED]
Replies: 8
Views: 427

Re: Cannot SSH from LAN to outside devices - strange [SOLVED]

Do not leave SSH open to the whole world, specify the source address, or at least one address list of trusted source IPs,
or better use SSH after you are Wireguarded inside... :lol:
by rextended
Mon Sep 13, 2021 3:02 pm
Forum: SwOS
Topic: Configuration needed to pass iSCSI? Windows says 'connection failed'
Replies: 16
Views: 677

Re: Configuration needed to pass iSCSI? Windows says 'connection failed'

@mkx, I suggest you to add also:
NEVER POST ON FORUM until you have open the file and censored (not deleted) all sensible parts.

Because hide-sensitive do not hide all the sensitive data...
Public IP, e-mail, IPsec passwords, for example, are not removed...
by rextended
Mon Sep 13, 2021 2:58 pm
Forum: Beginner Basics
Topic: Cannot SSH from LAN to outside devices - strange [SOLVED]
Replies: 8
Views: 427

Re: Cannot SSH from LAN to outside devices - strange [SOLVED]

You destroy all outgoing traffic with this rule:
/ip firewall nat
add action=dst-nat chain=dstnat comment=SSH dst-port=22 protocol=tcp to-addresses=192.168.2.10 to-ports=22
Every SSH connection than transit on the router are redirected to 192.168.2.10
by rextended
Mon Sep 13, 2021 2:51 pm
Forum: SwOS
Topic: Configuration needed to pass iSCSI? Windows says 'connection failed'
Replies: 16
Views: 677

Re: Configuration needed to pass iSCSI? Windows says 'connection failed'

Is the same, you can not log iSCSI traffic on RouterOS log facility.
by rextended
Mon Sep 13, 2021 2:08 pm
Forum: SwOS
Topic: Configuration needed to pass iSCSI? Windows says 'connection failed'
Replies: 16
Views: 677

Re: Configuration needed to pass iSCSI? Windows says 'connection failed'

My SwOS is a CRS326 and I have enabled the iSCSI topic in System->Log, set to 'memory'. So far haven't seen any log come up in it though. SwOS do not have any firewall inside, or I'm wrong? ONE MOMENT... iscsi log INSIDE SwOS??? SwOS do not log any iSCSI traffic... The log facility is generic for a...
by rextended
Mon Sep 13, 2021 1:57 pm
Forum: Useful user articles
Topic: 📌 Configuration to block users that tries to access router on non open port(s)
Replies: 18
Views: 1244

Re: 📌 Configuration to block users that tries to access router on non open port(s)

Ah, the problem is on the "default" style Canvas, happen when a [ code ] block is near another block of any type, like [ b ] bold.

>fixed, thanks!<
by rextended
Mon Sep 13, 2021 1:46 pm
Forum: Useful user articles
Topic: 📌 Configuration to block users that tries to access router on non open port(s)
Replies: 18
Views: 1244

Re: 📌 Configuration to block users that tries to access router on non open port(s)

PS I can not use prerouting in standard firwall, only raw, and in raw, I can not use trapit.
Is why on raw I put "!tcp" :)
by rextended
Mon Sep 13, 2021 1:44 pm
Forum: Wireless Networking
Topic: Is there a way to force/encourage clients to use 5GHz if 2.5GHz gets crowded?
Replies: 10
Views: 548

Re: Is there a way to force/encourage clients to use 5GHz if 2.5GHz gets crowded?

Decrease TX power of 2,4GHz, and cross the fingers because all are depending on software used on smartphone.
by rextended
Mon Sep 13, 2021 1:38 pm
Forum: Useful user articles
Topic: 📌 Configuration to block users that tries to access router on non open port(s)
Replies: 18
Views: 1244

Re: 📌 Configuration to block users that tries to access router on non open port(s)

Also another suggestion can be, if you have some spare unused Public IP, use it as Honeypot. Every IP try to contact the Honeypot, is a scan o something wrong for sure... (also define a whitelist of own addresses) /ip firewall raw add action=add-src-to-address-list address-list=FW_BLOCK_HONEYPOT add...
by rextended
Mon Sep 13, 2021 1:23 pm
Forum: Useful user articles
Topic: 📌 Configuration to block users that tries to access router on non open port(s)
Replies: 18
Views: 1244

Re: 📌 Configuration to block users that tries to access router on non open port(s)

If I do not remember wrong, tarpit do not consume anything on local router, simply leave each tarpitted connection in waiting state on the remote router, consuming remote router resources... I suggest to other users that read this post, to never reply with "reject" when drop something, exc...
by rextended
Mon Sep 13, 2021 10:15 am
Forum: Announcements
Topic: Mēris botnet information
Replies: 54
Views: 17776

Re: Mēris botnet information

(I'm curious to know from now how many people will use the password "#My sUp3R(!) Secr37 P@ssword" :) )
by rextended
Sun Sep 12, 2021 9:25 pm
Forum: Announcements
Topic: Mēris botnet information
Replies: 54
Views: 17776

Re: Mēris botnet information

Nothing to add, is true, thanks.
by rextended
Sun Sep 12, 2021 6:23 pm
Forum: Announcements
Topic: Mēris botnet information
Replies: 54
Views: 17776

Re: Mēris botnet information

@mozerd, I invented "How to download only one piece of file at a time with /tool fetch and put it inside a variable" https://forum.mikrotik.com/viewtopic.php?f=9&t=177530 If I didn't, @msatter would have nothing to work with... I made the code available to everyone, but it's not really...
by rextended
Sun Sep 12, 2021 6:15 pm
Forum: Useful user articles
Topic: Hairpin NAT - the easy way
Replies: 28
Views: 8711

Re: Hairpin NAT - the easy way

1) I do not use hairpin nat and what I do is not any form of hairpin nat, and not have nothing to do about hairpin nat. 2) Is like I must rewrite again what already I wrote on this topic... https://forum.mikrotik.com/viewtopic.php?f=23&t=172380#p869441 https://forum.mikrotik.com/viewtopic.php?f=...
by rextended
Sun Sep 12, 2021 3:51 pm
Forum: Useful user articles
Topic: Hairpin NAT - the easy way
Replies: 28
Views: 8711

Re: Hairpin NAT - the easy way

I never say open the internal DNS to WAN side, simply force all LAN side to use RouterBOAD internal DNS.
by rextended
Sun Sep 12, 2021 4:32 am
Forum: The Dude
Topic: Dude images
Replies: 3
Views: 399

Re: Dude images

I do not know, use the default images present as models
by rextended
Sat Sep 11, 2021 11:56 pm
Forum: Announcements
Topic: Mēris botnet information
Replies: 54
Views: 17776

Re: Mēris botnet information

I know when the blacklists I use are updated, simly do not update at same time, nothing particularly difficult...

That's arguing semantics.
You're starting to write like a troll.
Have you just registered to disturb?
Nobody forces you to use published scripts.
by rextended
Sat Sep 11, 2021 11:51 pm
Forum: General
Topic: Backup
Replies: 2
Views: 294

Re: Backup

You already write it: it does not encrypt if the password is not set...

If anyone thinks it's encrypted, they think wrong.
by rextended
Sat Sep 11, 2021 11:49 pm
Forum: General
Topic: Renaming the comment in pppoe client simply the connection is closed
Replies: 3
Views: 305

Re: Renaming the comment in pppoe client simply the connection is closed

also on wireless...

if you change comments, SOME type of interface are disabled and re-enabled
by rextended
Sat Sep 11, 2021 11:47 pm
Forum: Scripting
Topic: Feature Request: Please add on-up and on-down scripts events to all interfaces
Replies: 4
Views: 377

Feature Request: Please add on-up and on-down scripts events to all interfaces

Please add on-up and on-down scripts events to all interfaces,
like
ether1
wlan1
lte1
etc.

Thanks.
by rextended
Sat Sep 11, 2021 11:45 pm
Forum: General
Topic: is connection-tracking full ?
Replies: 5
Views: 476

Re: is connection-tracking full ?

@Znevna
i do not notice that...

I hope the user upgrade at least to 6.47.10...
by rextended
Sat Sep 11, 2021 11:31 pm
Forum: Announcements
Topic: Mēris botnet information
Replies: 54
Views: 17776

Re: Mēris botnet information

I have invented that method, and is not a hack, is just how http protocol work... How to download only one piece of file at a time with /tool fetch and put it inside a variable https://forum.mikrotik.com/viewtopic.php?f=9&t=177530 "fetch" is already planned to be managed in the future ...
by rextended
Sat Sep 11, 2021 5:04 pm
Forum: General
Topic: ?? How to renew SIP registration / connection from PBX after WAN failover ??
Replies: 5
Views: 404

Re: ?? How to renew SIP registration / connection from PBX after WAN failover ??

This close all tracked connection to previous WAN on connection-tracking, because often SIP use only UDP and until the connection is tracked to old WAN IP, do not work. This is wrong: /ip firewall connection remove [find] This is correct because prevent errors for tracking already closed during run ...
by rextended
Sat Sep 11, 2021 3:49 pm
Forum: Useful user articles
Topic: Hairpin NAT - the easy way
Replies: 28
Views: 8711

Re: Hairpin NAT - the easy way

For FORCE all DNS passing trough the Router to be solved from the RouterBOARD internal DNS except (!) all the traffic already from/to Ruoterboard itself...
by rextended
Sat Sep 11, 2021 3:42 pm
Forum: General
Topic: Trigger Script when LTE receives IP address
Replies: 8
Views: 542

Re: Trigger Script when LTE receives IP address

The "easy" soluction is: MikroTik must add on-up and on-down on all interface (also ethernet, wlan, etc.)
by rextended
Sat Sep 11, 2021 3:30 pm
Forum: General
Topic: is connection-tracking full ?
Replies: 5
Views: 476

Re: is connection-tracking full ?

the timeout are reset each time a packet travel on connection

some timeout for me are excessive

set timeout like what is suggested here, but set TCP estabilished timeout to 1h instead of 1 day:
Image
https://blog.apnic.net/2021/06/24/how-t ... imization/
by rextended
Sat Sep 11, 2021 3:23 pm
Forum: General
Topic: ?? How to renew SIP registration / connection from PBX after WAN failover ??
Replies: 5
Views: 404

Re: ?? How to renew SIP registration / connection from PBX after WAN failover ??

Each time the WAN change, you must delete all expired connection tracking:
/ip fire conn
:foreach idc in=[find where timeout>60] do={
 remove [find where .id=$idc]
}
by rextended
Sat Sep 11, 2021 3:20 pm
Forum: RouterOS v7 BETA
Topic: PLEASE MikroTik made NetInstall version for Docker....
Replies: 41
Views: 2037

PLEASE MikroTik made NetInstall version for Docker....

PLEASE MikroTik made NetInstall version for Docker....
by rextended
Sat Sep 11, 2021 3:16 pm
Forum: The Dude
Topic: Dude images
Replies: 3
Views: 399

Re: Dude images

on winbox on dude/files directory create a folder "images" and then put the images on (disk1)/dude/files/images do not use dude/files/default because is deleted and renewed for each dude start for create the folders on winbox create the images/image.png structure on windows, then drag &...
by rextended
Sat Sep 11, 2021 3:11 pm
Forum: General
Topic: Hairpin Nat
Replies: 2
Views: 369

Re: Hairpin Nat

if the internal network is on your control, use on dhcp the router as DNS and put a static DNS that resolve mynames.dns to internal IP instead the external,
and you do not need the hairpin (and no NAT rules at all for this)
by rextended
Sat Sep 11, 2021 3:07 pm
Forum: General
Topic: How to find the origin of a Packet marks ? [SOLVED]
Replies: 6
Views: 535

Re: How to find the origin of a Packet marks ? [SOLVED]

if you use it on some rule, when you deselect the field mark, that value still on internal memory database.
if you do not find it on export, delete all mangle all re-import it from export
by rextended
Sat Sep 11, 2021 2:59 pm
Forum: Announcements
Topic: Mēris botnet information
Replies: 54
Views: 17776

Re: Mēris botnet information

Netinstall work also remotely...
If you have at least on control one device, you can netinstall remotely the others...
Obviously exceptions apply.
by rextended
Sat Sep 11, 2021 2:52 pm
Forum: Scripting
Topic: Address lists downloader (DShield, Spamhaus DROP/EDROP, etc)
Replies: 118
Views: 28722

Re: Address lists downloader (DShield, Spamhaus DROP/EDROP, etc)

I slow my version because I want also manage fetch errors (thanks for msatter for the idea of identify inside the type of list) (I never see a msatter thanks to me for the method for download a file only one piece at time) https://forum.mikrotik.com/viewtopic.php?f=2&t=178355&p=878643#p87864...
by rextended
Sat Sep 11, 2021 3:29 am
Forum: Scripting
Topic: Identity by [Part] IP-Address [SOLVED]
Replies: 8
Views: 855

Re: Identity by [Part] IP-Address [SOLVED]

Not so much :-P , you only forget to convert the interface from label to ID because get do not support the direct use of name

[find where interface=$interfaceName]

the rest is only preference on how I coding. :D
by rextended
Sat Sep 11, 2021 2:41 am
Forum: Scripting
Topic: concatenate values to create variable name
Replies: 1
Views: 232

Re: concatenate values to create variable name

search tag # rextended dynamic variables This: :global $wan1 1; :put ("wanSta" . $wan1); give two errors: first one because the $ on front of wan1 is forbiden when declaring a global or local variable (I use 6.47.10) second because the wan1 is undefined on second line for the reason writed...
by rextended
Sat Sep 11, 2021 2:29 am
Forum: Scripting
Topic: Identity by [Part] IP-Address [SOLVED]
Replies: 8
Views: 855

Re: Identity by [Part] IP-Address [SOLVED]

I kept it short and simple... I hope it helps ! :local InterfaceID "bridge1" :if ([/ip dhcp-client get $InterfaceID address] != nil) do={ } The script can not work. Fixed script: #----------------------------------------- :local interfaceName "ether1" :local prefix "MT-&quo...
by rextended
Sat Sep 11, 2021 2:20 am
Forum: Scripting
Topic: Identity by [Part] IP-Address [SOLVED]
Replies: 8
Views: 855

Re: Identity by [Part] IP-Address [SOLVED]

You can put on "dhcp-client / advanced / script" this, it also update the identity everytime you changed the assigned IP to that device: :if ($bound = 1) do={ :local part ($"lease-address" << 24) :local part [:pick $part 0 [:find $part "." -1]] /system identity set name...
by rextended
Sat Sep 11, 2021 12:30 am
Forum: Announcements
Topic: WinBox v3.30 released!
Replies: 59
Views: 6140

Re: WinBox v3.30 released!

Disabling all execpt one, I obtain muiltiple random selections...
(on IP Firewall NAT)
by rextended
Sat Sep 11, 2021 12:23 am
Forum: General
Topic: Trigger Script when LTE receives IP address
Replies: 8
Views: 542

Re: Trigger Script when LTE receives IP address

The DHCP client can run a script, see https://help.mikrotik.com/docs/display/ROS/DHCP#DHCP-DHCPClient Assuming than the user use a standard MikroTik device like SXT-R with R11e-LTE, the lte1 (on default configuration) do not need any DHCP client... If the user refer to other models not specified is...
by rextended
Sat Sep 11, 2021 12:21 am
Forum: General
Topic: Trigger Script when LTE receives IP address
Replies: 8
Views: 542

Re: Trigger Script when LTE receives IP address

Is not possible to add a script to lte1 interface like other ppp connections. You can check on scheduled script if the interface are obtained the IP or not: :if ([:len [/ip add find where interface=lte1]] > 0) do={ :put "IP obtained" } else={ :put "waiting for IP" }
by rextended
Fri Sep 10, 2021 11:41 pm
Forum: General
Topic: Reject the connection to a local machine from outside.
Replies: 28
Views: 1050

Re: Reject the connection to a local machine from outside.

Domodial... Paste this on terminal (use 1.1.1.1 is faster, 8.8.8.8 for failover; 1.1.1.1 is not valid for NTP; Your logging section have all disabled): /ip dns set servers=1.1.1.1,8.8.8.8 /system logging set [find] disabled=no /system ntp client set primary-ntp=51.68.44.27 secondary-ntp=162.159.200....
by rextended
Fri Sep 10, 2021 11:32 pm
Forum: General
Topic: Reject the connection to a local machine from outside.
Replies: 28
Views: 1050

Re: Reject the connection to a local machine from outside.

Domodial. I edited your last post as you used <<quote>> instead of <<code>> tag and therefore your config was 1 meter long on my screen. for a forum bug the [ code ] sections must be placed at least 3 new line away. I use "board style: Canvas" example no new line between (or 1 or 2 lines)...
by rextended
Fri Sep 10, 2021 11:29 pm
Forum: Announcements
Topic: Mēris botnet information
Replies: 54
Views: 17776

Re: Mēris botnet information

On GRE you can omit only the local source, but you must specify the remote address...
The source can be spoofed, but I hope no one extabilish GRE link on Internet without at least IPsec...
by rextended
Fri Sep 10, 2021 7:01 pm
Forum: Announcements
Topic: Mēris botnet information
Replies: 54
Views: 17776

Re: Mēris botnet information

The most entry point is the same username and password on all devices after 4 years...
by rextended
Fri Sep 10, 2021 6:30 pm
Forum: General
Topic: How is default config allowing Winbox access?
Replies: 8
Views: 610

Re: How is default config allowing Winbox access?

When you remove the interface from bridge (LAN group),
for be used as another LAN access,
you may also add ether on interface group LAN
or is correctly dropped al traffic because is not WAN and is not LAN.
by rextended
Fri Sep 10, 2021 4:12 pm
Forum: General
Topic: hEX en ports all slaves but en1 & 2, how to send to freedom? [SOLVED]
Replies: 10
Views: 599

Re: hEX en ports all slaves but en1 & 2, how to send to freedom? [SOLVED]

Reading #8
viewtopic.php?f=2&t=178366#p878949
is like he solved, but do not have signed the topic as solved???
by rextended
Fri Sep 10, 2021 3:39 pm
Forum: General
Topic: Do I need to contact support@mikrotik.com directly to get answers about the forum itself? [SOLVED]
Replies: 17
Views: 1157

Re: Do I need to contact support@mikrotik.com directly to get answers about the forum itself? [SOLVED]

I don't have a warning score displayed there. Is that good or not?
Clearly Good ;)
by rextended
Fri Sep 10, 2021 3:37 pm
Forum: General
Topic: Do I need to contact support@mikrotik.com directly to get answers about the forum itself? [SOLVED]
Replies: 17
Views: 1157

Re: Do I need to contact support@mikrotik.com directly to get answers about the forum itself? [SOLVED]

The moderator do not think that the reply of the 18 (not 30) open topics for the same identical thing do not deserve same reply? :lol: :lol: :lol:
viewtopic.php?f=2&t=178304#p877936
by rextended
Fri Sep 10, 2021 2:31 pm
Forum: Scripting
Topic: Add static Dns console
Replies: 3
Views: 446

Re: Add static Dns console

/ip dns set servers=([/ip dns get servers],1.1.1.1)
by rextended
Fri Sep 10, 2021 1:54 pm
Forum: General
Topic: Do I need to contact support@mikrotik.com directly to get answers about the forum itself? [SOLVED]
Replies: 17
Views: 1157

Re: Do I need to contact support@mikrotik.com directly to get answers about the forum itself? [SOLVED]

Please, can someone explain why I have yesterday warning level [2] and now "Your warning level: [3]"???
What's happen, please explain, I really do not understand...
by rextended
Fri Sep 10, 2021 10:05 am
Forum: Scripting
Topic: Multiple IF Statement match and action accordingly
Replies: 19
Views: 7672

Re: Multiple IF Statement match and action accordingly

i fix the structure for demonstrate the multiple if statement is doable, but I do not make the entire script working for your needs for fix also the rest (do not put a value on the var xstatus on first line, or everytime the value is "1"...) must used only find, if no result, do not do any...
by rextended
Fri Sep 10, 2021 9:57 am
Forum: RouterBOARD hardware
Topic: RB2011 powerjack issues
Replies: 5
Views: 490

Re: RB2011 powerjack issues

BartoszP, if the OP talk about a power jack , is absolutly wrong suppose that the device, than has the same RouterBOARD , is the model without power jack soldered... BartoszP as moderator, why you are so permalous and provocative? Instead, PLEASE, reply to this, you can: https://forum.mikrotik.com/v...
by rextended
Fri Sep 10, 2021 3:14 am
Forum: General
Topic: Filter Content in Firewall with DOT (.) in string [SOLVED]
Replies: 19
Views: 1051

Re: Filter Content in Firewall with DOT (.) in string [SOLVED]

RA is not 8, is th 8th bit set to 1
IS too late to explain better, but the 2 BYTEs are
10000000 10000101 = 80 85
by rextended
Fri Sep 10, 2021 3:00 am
Forum: Scripting
Topic: Multiple IF Statement match and action accordingly
Replies: 19
Views: 7672

Re: Multiple IF Statement match and action accordingly

I fix the script, notice the differencies... :global xstatus /ip dhcp-server lease :local macsearch [get [find where comment="XBOX - 30c Snowmass" and status=bound]] :if ([:len $macsearch] > 0) do={ :if ($xstatus = "missing") do={ :log info "XBOX found" :set xstatus &qu...
by rextended
Fri Sep 10, 2021 2:50 am
Forum: General
Topic: Filter Content in Firewall with DOT (.) in string [SOLVED]
Replies: 19
Views: 1051

Re: Filter Content in Firewall with DOT (.) in string [SOLVED]

please explain, i do not have understand what you want do.

0x8105 are two bytes, 0x81 and 0x05
the conversion is "\81\05", but if on the field on the packet is on reverse order is "\05\81"
by rextended
Fri Sep 10, 2021 2:00 am
Forum: General
Topic: How to get Ethernet port Uptime oid ?
Replies: 3
Views: 758

Re: How to get Ethernet port Uptime oid ?

The user is waiting your reply from 2019...
by rextended
Fri Sep 10, 2021 1:51 am
Forum: Scripting
Topic: Torch results to variable
Replies: 9
Views: 509

Re: Torch results to variable

yes, for log or for DROP is the same:

a firewall filter rule, on forward, src interface = ether1 protocol tcp, dst-port 22,8291
by rextended
Fri Sep 10, 2021 1:09 am
Forum: General
Topic: Load balance torrent traffic?
Replies: 7
Views: 392

Re: Load balance torrent traffic?

Oh, well... now give all the instruction and information that the OP ask, I go to bed, in Italy it is late, my help here is not needed, you are here.
by rextended
Fri Sep 10, 2021 1:03 am
Forum: General
Topic: Load balance torrent traffic?
Replies: 7
Views: 392

Re: Load balance torrent traffic?

You are not the user than open the topic. The second line he have is already natted... And if you say "You are completly wrong here", is mean than you use one line only for upload and the other only for uploiad, or you can download, only from one source at the time, at full speed, like the...
by rextended
Fri Sep 10, 2021 12:45 am
Forum: General
Topic: Load balance torrent traffic?
Replies: 7
Views: 392

Re: Load balance torrent traffic?

Is impossible to combine two ISP speed to download/upload with higer speed than the faster line. (Unless some technology on remote side intervenes) Is also impossible to use one line only for download and the other for upload. The communication between same remote service can happen only on same lin...
by rextended
Fri Sep 10, 2021 12:35 am
Forum: RouterBOARD hardware
Topic: RB2011 powerjack issues
Replies: 5
Views: 490

Re: RB2011 powerjack issues

What model as they have different power connectors placement. All the model have same RouterBOARD, change only the metal box and if is it present wifi or not. On all models the power jack is on the same identical position on the back. No one single devices of that series I have present that problem...
by rextended
Fri Sep 10, 2021 12:21 am
Forum: Wireless Networking
Topic: cAP ac takes a long time to enable wifi
Replies: 11
Views: 674

Re: cAP ac takes a long time to enable wifi

Yes, if have different times... :lol: :lol: :lol: >>>scheduler will be different for working days/weekends, that's why I did not do it as one liner understand, but I write that because are identical >>>and script could be done with less lines yes, and also writed with correct syntax... >>>but I also...
by rextended
Fri Sep 10, 2021 12:18 am
Forum: Scripting
Topic: Torch results to variable
Replies: 9
Views: 509

Re: Torch results to variable

Use a firewall rule that log the attempt....

Or better use firewall rules for prevent his attempt.
by rextended
Fri Sep 10, 2021 12:12 am
Forum: Wireless Networking
Topic: cAP ac takes a long time to enable wifi
Replies: 11
Views: 674

Re: cAP ac takes a long time to enable wifi

fixing the script: :global WlanOn do={ /interface wireless :if ([get $1 comment]="disabled") do={ :log info "Not enabled $1 admin disabled" } else={ :if ([get $1 disabled]) do={ :log info "Enabled $1" enable $1 } else={ :log info "Already enabled $1" } } } $Wl...
by rextended
Fri Sep 10, 2021 12:05 am
Forum: Wireless Networking
Topic: cAP ac takes a long time to enable wifi
Replies: 11
Views: 674

Re: cAP ac takes a long time to enable wifi

Ignoring the scheduler and script I don't like how they were written (one single scheduler repeat everyday, instead of a 7 identical schedulers repeated every week),

have you checked that the devices have synchronized time and date?
by rextended
Thu Sep 09, 2021 11:40 pm
Forum: General
Topic: Automatically filter a rogue public IP
Replies: 6
Views: 541

Re: Automatically filter a rogue public IP

If correctly done, your computer on near future is under control of someone, without you know it, because you can only block one IP after some try, but remote desktop for each try close connection after some failed login... every bot on botnet, each with different IP, can try to hack your remote des...
by rextended
Thu Sep 09, 2021 11:18 pm
Forum: Wireless Networking
Topic: cAP ac takes a long time to enable wifi
Replies: 11
Views: 674

Re: cAP ac takes a long time to enable wifi

what you put on scheduler???

script,info message="Switching wlan2 on"
by rextended
Thu Sep 09, 2021 10:40 pm
Forum: General
Topic: Filter Content in Firewall with DOT (.) in string [SOLVED]
Replies: 19
Views: 1051

Re: Filter Content in Firewall with DOT (.) in string [SOLVED]

You understand why now ;) but on winbox you can not insert special characters like the character "\08", but can be added on CLI On all regex field and on terminal, RouterOS support only \1F hexadecimal characters rapresentation, with hexadecimal letters uppercase and without the "x&qu...
by rextended
Thu Sep 09, 2021 10:20 pm
Forum: General
Topic: Do I need to contact support@mikrotik.com directly to get answers about the forum itself? [SOLVED]
Replies: 17
Views: 1157

Re: Do I need to contact support@mikrotik.com directly to get answers about the forum itself? [SOLVED]

No, also you have two,
BartoszP publish a screenshot with that data visible,
I ask more info and @andriys delete all (also the @BartoszP's post),
and now I ask for details.
by rextended
Thu Sep 09, 2021 10:09 pm
Forum: General
Topic: Do I need to contact support@mikrotik.com directly to get answers about the forum itself? [SOLVED]
Replies: 17
Views: 1157

Do I need to contact support@mikrotik.com directly to get answers about the forum itself? [SOLVED]

Do I need to contact support@mikrotik.com directly to get answers about the forum itself? Questions: 1) What is "warning level" 2) Why I have "Your warning level: [2]" 3) What it refers to? 4) When was I given "2"(?) warnings? 5) Where they were communicated to me? I ha...
by rextended
Thu Sep 09, 2021 9:09 pm
Forum: General
Topic: 200k Mikrotik devices involved in DDoS botnet
Replies: 10
Views: 1195

Re: 200k Mikrotik devices involved in DDoS botnet

Usuallu Socks open, and script on scheduler, some download files on flies or files undeletable, vpn, etc.
by rextended
Thu Sep 09, 2021 6:33 pm
Forum: Announcements
Topic: WinBox v3.30 released!
Replies: 59
Views: 6140

Re: WinBox v3.30 released!

Timezone of cloud server? +03:00
Your???
by rextended
Thu Sep 09, 2021 6:30 pm
Forum: General
Topic: 200k Mikrotik devices involved in DDoS botnet
Replies: 10
Views: 1195

Re: 200k Mikrotik devices involved in DDoS botnet

One simple thing: NAT

If one internal non-MikroTik device are infected, this appear coming from the Router....
How many % of the case are not involved at all the Router???
by rextended
Thu Sep 09, 2021 6:18 pm
Forum: Announcements
Topic: WinBox v3.30 released!
Replies: 59
Views: 6140

Re: WinBox v3.30 released!

from 3.28 changelog *) fixed WinBox disconnect when large text was pasted into terminal window; This bug introduced on 3.28 is still present : https://forum.mikrotik.com/viewtopic.php?f=21&t=175783#p862289 Thanks for swap back Close and Stop , but: is not better use one unique [Start | Stop] but...
by rextended
Thu Sep 09, 2021 6:12 pm
Forum: Scripting
Topic: How to retrieve error details inside the on-error clause
Replies: 2
Views: 1528

Re: How to retrieve error details inside the on-error clause

THE CORRECT WAY IS SANITIZE THE STRING FIRST... for example: :if ($theurlstring~"^(http|https|ftp|sftp|tftp)://") do={ # something } else={ # do nothing } then you can use this example to intercept fetch errors: https://forum.mikrotik.com/viewtopic.php?f=2&t=178355#p878634
by rextended
Thu Sep 09, 2021 6:06 pm
Forum: General
Topic: fetch capable of following redirects [SOLVED]
Replies: 10
Views: 597

Re: fetch capable of following redirects [SOLVED]

Do not worry about disk writes, on flash the write go already n ramdisk, not wearing at all,
about NAND, are years (from 2009) than I use user-manager on nand, and no problem,
and user-manager write continuosly on nand....
by rextended
Thu Sep 09, 2021 5:56 pm
Forum: General
Topic: fetch capable of following redirects [SOLVED]
Replies: 10
Views: 597

Re: fetch capable of following redirects [SOLVED]

search tag # rextended manage fetch errors I write one post a time, leave me the time!!!! :lol: :lol: :lol: Is not for suspance, I need some time to write and test.... This is the code: /file remove [find where name="testfetch.txt"] { :local jobid [:execute file=testfetch.txt script="...
by rextended
Thu Sep 09, 2021 5:36 pm
Forum: Scripting
Topic: Error handling?
Replies: 4
Views: 9339

Re: Error handling?

Start to coding correctly and you do not have problems: # wrong coding :do {/interface bridge add name=loopback; } on-error={:put "loopback exists"} # translating: create loopback, if you got an error because already exist, ignore it # on short: create it, hoping not already exist # right ...
by rextended
Thu Sep 09, 2021 5:30 pm
Forum: General
Topic: fetch capable of following redirects [SOLVED]
Replies: 10
Views: 597

Re: fetch capable of following redirects [SOLVED]

From what I see till now, 99% of sript programmers are not programmers. All must be programmed. Just the handle of external tools like fetch can justify the use of the "on-error" 1) How to retrieve error details inside the on-error clause: https://forum.mikrotik.com/viewtopic.php?t=160076 ...
by rextended
Thu Sep 09, 2021 5:22 pm
Forum: General
Topic: fetch capable of following redirects [SOLVED]
Replies: 10
Views: 597

Re: fetch capable of following redirects [SOLVED]

I'm able to catch the error.
by rextended
Thu Sep 09, 2021 5:19 pm
Forum: Announcements
Topic: MikroTik cloud is back online
Replies: 25
Views: 3714

Re: MikroTik cloud is back online

Don't you expect a bit of sarcasm?
First you even complain about the RFCs,
and then you discover that the problem is yours...

You gave me the assist... :)))
by rextended
Thu Sep 09, 2021 5:08 pm
Forum: Scripting
Topic: Address lists downloader (DShield, Spamhaus DROP/EDROP, etc)
Replies: 118
Views: 28722

Re: Address lists downloader (DShield, Spamhaus DROP/EDROP, etc)

Well done and nice idea... If you want, you can use those regex for determine what type of items the file containing: DNS, IP-Prefix or only IP search for valid DNS (([a-zA-Z0-9][a-zA-Z0-9-]{0,61}){0,1}[a-zA-Z]\\.){1,9}[a-zA-Z][a-zA-Z0-9-]{0,28}[a-zA-Z] IP-Prefix: IP with mandatory subnet mask ((25[...
by rextended
Thu Sep 09, 2021 12:26 pm
Forum: General
Topic: RB5009 IPSec Performance
Replies: 19
Views: 2178

Re: RB5009 IPSec Performance

Thanks @msatter

End of speculation.
by rextended
Thu Sep 09, 2021 12:21 pm
Forum: General
Topic: Winbox = blank, clear cache first everytime
Replies: 9
Views: 393

Re: Winbox = blank, clear cache first everytime

The topic is about WinBox, and is run inside a OS,
in your case Windows 10

Have you try with another device?
by rextended
Thu Sep 09, 2021 12:05 pm
Forum: Announcements
Topic: MikroTik cloud is back online
Replies: 25
Views: 3714

Re: MikroTik cloud is back online

This is what I get, is your DNS OK?
Yes, my DNS is out of order. I am sorry.
Oh, is non-RFC compliant?
by rextended
Thu Sep 09, 2021 12:01 pm
Forum: General
Topic: Winbox = blank, clear cache first everytime
Replies: 9
Views: 393

Re: Winbox = blank, clear cache first everytime

OS used? (I can read and WinBox is not run inside the RouterBOARD / VM)
by rextended
Thu Sep 09, 2021 11:44 am
Forum: General
Topic: Winbox = blank, clear cache first everytime
Replies: 9
Views: 393

Re: Winbox = blank, clear cache first everytime

OS used?
by rextended
Thu Sep 09, 2021 11:31 am
Forum: General
Topic: 2 ip adresses on one intarface (Winbox showing wrong) [SOLVED]
Replies: 5
Views: 350

Re: 2 ip adresses on one intarface (Winbox showing wrong) [SOLVED]

neighbor discovery can transmit only one ip, and is choiced the latest IP added to the interface
winbox can not know the other addresses, but as @mkx already write, you can use mac address,
but, if the IP is the same, why not add the ip directly to address book on winbox?
by rextended
Thu Sep 09, 2021 10:35 am
Forum: General
Topic: 2 ip adresses on one intarface (Winbox showing wrong) [SOLVED]
Replies: 5
Views: 350

Re: 2 ip adresses on one intarface (Winbox showing wrong) [SOLVED]

remove the .20 and use the 10 on dstnat...
by rextended
Thu Sep 09, 2021 1:26 am
Forum: General
Topic: Mikrotik and a firewall
Replies: 3
Views: 346

Re: Mikrotik and a firewall

Do not do any reported, use directly what is maded for do that on one place. if you want use winbox, disable all on /ip services except winbox, and set inside winbox service what is the IP, or muiltiple IP allowed to login if you want use webfig, is like the same, disable all on /ip services except ...
by rextended
Thu Sep 09, 2021 1:23 am
Forum: Announcements
Topic: Newsletter 101
Replies: 43
Views: 7648

Re: Newsletter 101

Like all the other hardware producer on the world...

On what world you live?
by rextended
Thu Sep 09, 2021 1:22 am
Forum: General
Topic: Something must be really wrong on my configuration. Needs real help here! [SOLVED]
Replies: 23
Views: 1141

Re: Something must be really wrong on my configuration. Needs real help here! [SOLVED]

Usually I do not drink when I drive or when I have electronic devices near to me...
by rextended
Thu Sep 09, 2021 1:12 am
Forum: Scripting
Topic: Super-Easy script to create dir
Replies: 11
Views: 1649

Re: Super-Easy script to create dir

If scripting support is full removed, no one problem coming out using the router as router and the switch as switch...

If is so disgusting, use another vendor with routers and switches full of scripting support.
by rextended
Thu Sep 09, 2021 1:08 am
Forum: Scripting
Topic: mkdir function for easy folder creation
Replies: 18
Views: 5263

Re: mkdir function for easy folder creation

You can use another vendor router can have full scripting support inside, what is the problem?
by rextended
Thu Sep 09, 2021 1:06 am
Forum: Announcements
Topic: v6.48.4 [stable] is released!
Replies: 71
Views: 14689

Re: v6.48.4 [stable] is released!

any of your customers will be unfortunate, if you do not take courses first, instead of asking in a forum ...
by rextended
Wed Sep 08, 2021 9:26 pm
Forum: Scripting
Topic: Super-Easy script to create dir
Replies: 11
Views: 1649

Re: Super-Easy script to create dir

I made a better script here, instead of using on-error, the tool fetch and the need to leave http(s) service acrive:
viewtopic.php?f=9&t=151644#p878368
by rextended
Wed Sep 08, 2021 9:18 pm
Forum: Beginner Basics
Topic: How to view client list? [SOLVED]
Replies: 2
Views: 335

Re: How to view client list? [SOLVED]

See inside the AP what is connected to the AP...
Or install CAPsMAN on hEX S if the AP are mikrotik.
by rextended
Wed Sep 08, 2021 8:50 pm
Forum: Scripting
Topic: mkdir function for easy folder creation
Replies: 18
Views: 5263

Re: mkdir function for easy folder creation

search tag # rextended create directory and subdirectory the function return an array for check on calling script if the path are created or not (and why not) if the result ($results->0) containing OK, on ($results->1) are present the name of folder/path created 35 lines and also with sanitizing inp...
by rextended
Wed Sep 08, 2021 7:44 pm
Forum: Scripting
Topic: mkdir function for easy folder creation
Replies: 18
Views: 5263

Re: mkdir function for easy folder creation

I'm writing the function on this moment...

please remove the quoted script from your previous post to do not making a mess,
thanks.
by rextended
Wed Sep 08, 2021 5:43 pm
Forum: Scripting
Topic: mkdir function for easy folder creation
Replies: 18
Views: 5263

Re: mkdir function for easy folder creation

I am some shocked. A script on 200+ lines is needed just to create a folder in RouterOS. This is really a shitty script, full of "on-error={}", do not count "flash", and other nonsense like creating firewall rules on filter, nat, mangle, raw, temporary user group, temporary user...
by rextended
Wed Sep 08, 2021 4:39 pm
Forum: RouterOS v7 BETA
Topic: My three rb750 routers with version 7.1, always restart automatically.why,please?
Replies: 5
Views: 521

Re: My three rb750 routers with version 7.1, always restart automatically.why,please?

Why you install unstable firmware on 3 devices, without wait if is stable on at least one?

Use netinstall for install back 6.47.10
by rextended
Wed Sep 08, 2021 4:32 pm
Forum: RouterOS v7 BETA
Topic: v7.1rc3 adds Docker (TM) compatible container support
Replies: 153
Views: 15977

Re: v7.1rc3 adds Docker (TM) compatible container support

on the same place: the download section on mikrotik website.
by rextended
Wed Sep 08, 2021 4:27 pm
Forum: Announcements
Topic: WinBox v3.29 released!
Replies: 114
Views: 11235

Re: WinBox v3.29 released!

Is stupidity also click on button without know what the button does...

If something must be doed, simply must be used one unique [Start | Stop] button like [Simple Mode | Advanced Mode] on Wireless interface...
by rextended
Wed Sep 08, 2021 3:51 pm
Forum: RouterOS v7 BETA
Topic: v7.1rc3 adds Docker (TM) compatible container support
Replies: 153
Views: 15977

Re: v7.1rc3 adds Docker (TM) compatible container support

Write yourself the Docker
by rextended
Wed Sep 08, 2021 3:25 pm
Forum: RouterOS v7 BETA
Topic: v7.1rc3 [development] is released!
Replies: 161
Views: 17993

Re: v7.1rc3 [development] is released!

Already writed, but if your timezone is negative, this is ISO time: ISO:8601 2021-09-08T10:29Z (GMT / UTC) ISO:8601 2021-09-08T13:29+03:00 (Riga, Latvia / EEST Eastern European Summer Time) ISO:8601 2021-09-08T15:59+05:30 (New Delhi, India / India) I just got 7.1 rc3 test images a couple of hours ag...
by rextended
Wed Sep 08, 2021 3:20 pm
Forum: RouterOS v7 BETA
Topic: v7.1rc3 adds Docker (TM) compatible container support
Replies: 153
Views: 15977

Re: v7.1rc3 adds Docker (TM) compatible container support

NO, PLEASE NO!

dumb user still exist...
Device "bricked" because the space is depleted (hAP ac)...
Image
viewtopic.php?f=2&t=178319
by rextended
Wed Sep 08, 2021 3:16 pm
Forum: RouterOS v7 BETA
Topic: v7.1rc3 adds Docker (TM) compatible container support
Replies: 153
Views: 15977

Re: v7.1rc3 adds Docker (TM) compatible container support

*) added Zerotier (TM) support for ARM and ARM64;
= download separate package zerotier because now this RouterOS support this

*) added support for running Docker (TM) containers;
= download separate package container because now this RouterOS support this
by rextended
Wed Sep 08, 2021 3:11 pm
Forum: General
Topic: Not able to reach my PBX public address
Replies: 5
Views: 351

Re: Not able to reach my PBX public address

But I don't know how flexible is the networking setup of the PBX.
Is why I suggest NAT... :lol:
by rextended
Wed Sep 08, 2021 2:55 pm
Forum: RouterOS v7 BETA
Topic: v7.1rc3 adds Docker (TM) compatible container support
Replies: 153
Views: 15977

Re: v7.1rc3 adds Docker (TM) compatible container support

At this point I must change my signature...
by rextended
Wed Sep 08, 2021 2:52 pm
Forum: Beginner Basics
Topic: nat to ip from pppoe-out
Replies: 3
Views: 287

Re: nat to ip from pppoe-out

because that server still go out from 1st wan and the remote device do not see the reply because coming from another IP
by rextended
Wed Sep 08, 2021 2:48 pm
Forum: RouterOS v7 BETA
Topic: v7.1rc3 adds Docker (TM) compatible container support
Replies: 153
Views: 15977

Re: v7.1rc3 adds Docker (TM) compatible container support

niche stuff.
Exactly (really not all, but the majority are useless for 99,9% of users...)
by rextended
Wed Sep 08, 2021 2:46 pm
Forum: RouterOS v7 BETA
Topic: mDNS repeater feature
Replies: 76
Views: 6556

Re: mDNS repeater feature

Please keep all Container related questions and feedback to the specific topic: viewtopic.php?f=1&t=178342&p=878204
by rextended
Wed Sep 08, 2021 2:37 pm
Forum: RouterOS v7 BETA
Topic: v7.1rc3 adds Docker (TM) compatible container support
Replies: 153
Views: 15977

Re: v7.1rc3 adds Docker (TM) compatible container support

In future versions there is support for making a total backup of routerboard than contain docker, or like user-manager separate .tar file?

and export the single Docker on .tar for put it on another RouterBOARD?
by rextended
Wed Sep 08, 2021 2:34 pm
Forum: RouterOS v7 BETA
Topic: v7.1rc3 [development] is released!
Replies: 161
Views: 17993

Re: v7.1rc3 [development] is released!

I just got 7.1 rc3 test images a couple of hours ago. Are they different from this?
Check if the build on system packages is the same to the latest (2021-Sep-08 13:29)
by rextended
Wed Sep 08, 2021 2:25 pm
Forum: RouterOS v7 BETA
Topic: v7.1rc3 [development] is released!
Replies: 161
Views: 17993

Re: v7.1rc3 [development] is released!

mDNS proxy...
asterisk PBX...
by rextended
Wed Sep 08, 2021 2:21 pm
Forum: RouterOS v7 BETA
Topic: v7.1rc3 [development] is released!
Replies: 161
Views: 17993

Re: v7.1rc3 [development] is released!

*) added support for running Docker (TM) containers;

Aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.............................................................
by rextended
Wed Sep 08, 2021 2:19 pm
Forum: Wireless Networking
Topic: cAP ac takes a long time to enable wifi
Replies: 11
Views: 674

Re: cAP ac takes a long time to enable wifi

new zealand ranges on 6.46.8, must checked the 6.48.4 what have inside. 5170-5250/a,an20,an40,ac20,ac40,ac80,ac160,ac80+80(23dBm)/indoor 5250-5330/a,an20,an40,ac20,ac40,ac80,ac160,ac80+80(27dBm)/dfs,passive first C5180 + e5200: channel-width=20/40mhz-Ce country="new zealand" frequency=5180...
by rextended
Wed Sep 08, 2021 1:48 pm
Forum: General
Topic: Not able to reach my PBX public address
Replies: 5
Views: 351

Re: Not able to reach my PBX public address

I can not full understand the detail, because are on your mind and I have not any device for remote mind reading... The faster soluction is to set the device on single mode LAN interface and put NATs rules on roouter to reach from outside the PBX, is also more secure than expose the PBX directly to ...
by rextended
Wed Sep 08, 2021 1:34 pm
Forum: General
Topic: When is 6.49 going to be released?
Replies: 16
Views: 999

Re: When is 6.49 going to be released?

When 7.1 go "stable"
by rextended
Wed Sep 08, 2021 1:28 pm
Forum: Wireless Networking
Topic: cAP ac takes a long time to enable wifi
Replies: 11
Views: 674

Re: cAP ac takes a long time to enable wifi

Next time you export, do not set verbose, or other, simply "/interface wireless export" and reduce to default the terminal windows size...
by rextended
Wed Sep 08, 2021 1:26 pm
Forum: General
Topic: winbox note change [SOLVED]
Replies: 1
Views: 204

Re: winbox note change [SOLVED]

If you not set manually the note, everytime the last is used...
by rextended
Wed Sep 08, 2021 1:23 pm
Forum: General
Topic: Not able to reach my PBX public address
Replies: 5
Views: 351

Re: Not able to reach my PBX public address

Very detailed post, is cleary indicated the RouterBOARD used, the RouterOS version, and the configuration of the device.
All this details are suffocating...
by rextended
Wed Sep 08, 2021 1:12 pm
Forum: General
Topic: Cpanel DNS update
Replies: 1
Views: 244

Re: Cpanel DNS update

Do not expect than I study how the API works, this is just a example to fix what you have wroted, but I can nnot check if you have wroted the right commands. /tool fetch url="https://wifialgarve.com:2087/json-api/setsiteip?domain=yourclient.wifialgarve.com&ip=newip" \ http-method=post ...
by rextended
Wed Sep 08, 2021 1:09 pm
Forum: Wireless Networking
Topic: Solving 20km wireless link issues
Replies: 148
Views: 124873

Re: Solving 20km wireless link issues

You just register to reply to a topic from 2009?
by rextended
Wed Sep 08, 2021 1:06 pm
Forum: General
Topic: Damaged wireless@ package: bad image(6) [SOLVED]
Replies: 6
Views: 1110

Re: Damaged wireless@ package: bad image(6) [SOLVED]

retry after delete all files contents.
If do not work, you "brick" the device and you must use netinstall
by rextended
Wed Sep 08, 2021 12:59 pm
Forum: General
Topic: Can Someone Explain this!!!!
Replies: 20
Views: 1279

Re: Can Someone Explain this!!!!

Now I have confirmation, it's not that I'm an asshole, it's that you don't give a damn about others. Don't waste people's time. I have already writed on post #2 (28 Jun 2021, 14:08) It is an image made by someone who wants answers without giving information. And my analysis turned out to be perfect ...
by rextended
Wed Sep 08, 2021 10:07 am
Forum: Scripting
Topic: Script to update Azure DNS
Replies: 1
Views: 252

Re: Script to update Azure DNS

On forum are dozen of examples about dyndns, no-ip and others.
All questions are already explained for the others.
What change between all methods is only the url...
  • 1
  • 2
  • 3
  • 4
  • 5
  • 20