Community discussions

Search found 1284 matches

by IntrusDave
Sat Sep 14, 2019 6:52 pm
Forum: General
Topic: RouterOS v7.0beta1 (ARM)
Replies: 167
Views: 28464

Re: RouterOS v7.0beta1 (ARM)

Why are people asking for ext4 on mikrotik devices when they should be asking for f2fs?
by IntrusDave
Sat Sep 14, 2019 6:36 pm
Forum: RouterOS v7 BETA
Topic: RB4011iGS+5HacQ2HnD-IN: 5 GHz "initializing"
Replies: 1
Views: 677

Re: RB4011iGS+5HacQ2HnD-IN: 5 GHz "initializing"

Same basic issue here. But I get a little further. I have "AP Running" but no devices can see the 5GHz network
by IntrusDave
Tue Aug 13, 2019 4:15 am
Forum: Wireless Networking
Topic: Google Home devices with MikroTik AC hardware
Replies: 3
Views: 443

Google Home devices with MikroTik AC hardware

Hey guys, I'm working on a problem with the Google smart home gear. I have a client that has Google Home's and Chromecasts in every room. They are having an issue where anytime the AP gets rebooted, the Google devices will not reconnect on their own. The user is forced to power cycle each device. I ...
by IntrusDave
Tue Aug 13, 2019 3:55 am
Forum: General
Topic: 6.46b28 Wireless Access List bug
Replies: 1
Views: 368

6.46b28 Wireless Access List bug

When adding devices to the access list "Signal Strength Range" is limited to -1;120, where it should be -120;120.
by IntrusDave
Thu Jun 13, 2019 9:00 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

Sorry, but I feel no need to disclose my stats and financial needs for a service that is free. I can tell that you 4 servers, 120 honeypots, a CDN, storage and the bandwidth needed for all of it is quite a lot. I wont be open sourcing the code either. it's 100% written by my with no use of any open ...
by IntrusDave
Tue May 28, 2019 8:25 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

Dude, really? My lively-hood is going down the drain, and you pop up to help push the knife in. Nice.
by IntrusDave
Tue May 28, 2019 5:43 am
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

I regret to inform you all that I have shut down the servers. With over 35,000 routers hitting the server every few hours, and only 10 supporters (totally $50/month), the expenses are not even remotely being covered. I'm putting out almost $500/month now just in bandwidth costs. I'm moving the code ...
by IntrusDave
Tue May 21, 2019 6:36 am
Forum: Wireless Networking
Topic: 160Mhz AC wireless?
Replies: 1
Views: 481

160Mhz AC wireless?

Hey guys, I finally got around to ordering an RB4011 with wifi. It's an international version, being used in a controlled environment. The building is 100% isolated from all outside RF. I've spent the better part of today trying to get the damn thing to use 160Mhz channel width. The 5Ghz radio is se...
by IntrusDave
Fri Apr 26, 2019 12:23 am
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

Just an update... I'm still here, and I have hair again. :) Well, I have hair for a few weeks at least.

I'm still working on the IPv6 version of the list. My home ISP has finally managed to provide a stable v6 connection, so I'll be able to start testing.
by IntrusDave
Fri Apr 26, 2019 12:15 am
Forum: Scripting
Topic: Basic DSCP to Priority Mapping
Replies: 0
Views: 218

Basic DSCP to Priority Mapping

Now that my ISP has finally enabled IPv6, I've gone back and redone my mangles/queues so that IPv4 and IPv6 both work correctly with DSCP. Here is my config for that. The only things anyone should need to change is the WAN interface name and the WAN upload speed. For coax ISP's, they normally give y...
by IntrusDave
Tue Apr 16, 2019 5:21 am
Forum: Scripting
Topic: Simplified DSCP/QoS Setup Script
Replies: 13
Views: 3109

Re: Simplified DSCP/QoS Setup Script

that should work just fine, but place it before the Priority 8 line.
by IntrusDave
Wed Apr 03, 2019 1:11 am
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

Humans can be truly awfull but using you undergoing your treatment to steal from you then there are no words to describe my feelings about that. I am sorry to read that you are ill and that the outcome is uncertain. I wish all the strength to overcome this horrible time in your life. Thank you. No ...
by IntrusDave
Wed Apr 03, 2019 1:10 am
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

It can be paid by Patreon?
Yes, somewhere up above, there is a Patreon link, as well as PayPal links.
by IntrusDave
Tue Apr 02, 2019 6:05 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

Good Morning and happy April. A few updates for you this morning. Server is running stable with no issues other than the random LetsEncrypt cert error. Once the list's income manages to cover it's costs, I'll be switching to Digicert for ssl certs. I've begun work on adding IPv6 to the service, it's...
by IntrusDave
Fri Mar 01, 2019 3:16 am
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

The ReportStatus is 100% optional. It's mostly for stats and being able to ty and tailor the lists to the bulk of the routers. Surprisingly, their are far more CloudCore routers running the blacklist now than the smaller units. I wanted to thank those of you whom have reached out with support. Every...
by IntrusDave
Fri Feb 15, 2019 12:59 am
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

Humans are truly awful.
While at my treatment yesterday, I dozed off. (I'm there for 6 hours every 3 days)
While sleeping, someone stole my backpack with my 6 month old notebook.

I'll still be doing some coding at home, but it's hard to sit at my desktop. I'll keep you all posted.
by IntrusDave
Tue Feb 12, 2019 3:21 am
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

Hey everyone. I'm sorry for being out of touch. Here is an update. So, life has been pretty rough over the last 12-14 months. I've lost most of my clients, the new government tax code is killing me, and server costs keep going up. On the personal side, I've been dealing some some pretty serious heal...
by IntrusDave
Tue Jan 01, 2019 10:36 am
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

Hey guys, sorry for the radio silence, it’s been a pretty tough year but I’m trying to survive it. I’ve been trying to get the automated registration process done but have ran into a few pretty nasty issues that I didn’t foresee. I’m going to put it on hold and process things manually until I can ge...
by IntrusDave
Thu Nov 08, 2018 7:27 pm
Forum: General
Topic: netmap between subnets
Replies: 0
Views: 277

netmap between subnets

Hey guys I need some help. I'm trying to make a printer appear on two subnets, but I'm not sure it can be done. Here is what I have and want... I have a printer at 192.168.0.2 on the LAN. I have a VLAN of 10.0.0.0/24. I want to know if I can make the IP of 10.0.0.2 get forwarded/translated/whatever ...
by IntrusDave
Tue Nov 06, 2018 10:12 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

Their are no dumb questions! I will for sure have a UI for you to manage your routers. My goal is to have the UI finished by mid December. Though I just missed a pretty big deadline, so I may end up having to hire another developer to work on the front end while I continue on the back end. The UI is...
by IntrusDave
Mon Nov 05, 2018 10:03 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

Tech Note: 6.44beta20 causes some issues, make sure you update to the current beta, if you are running the betas.
by IntrusDave
Mon Nov 05, 2018 9:51 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

If you want to support him, please support him in his topics. If you would like to be involved in the me-vs-him debate, please at least do a little background research on the history. My project has been the subject of "IP Theft" several times, and I do my best to keep my server side tech hidden now...
by IntrusDave
Sun Nov 04, 2018 10:01 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

How to make a payment from Poland?
https://www.patreon.com/IntrusTechnologies

You can go to this Patreon page to sign up.
by IntrusDave
Sun Nov 04, 2018 9:07 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

The new script will not require any modification, as the server will select the list based on your router's serial number and IP address. As for yearly payments - At this time, I am going to keep it monthly. I don't want to accept a payment for a year of service before I know the service will be ab...
by IntrusDave
Sun Nov 04, 2018 7:49 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

My goal is January first.
by IntrusDave
Sun Nov 04, 2018 6:07 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

squidblacklist.org is not included, as it is a pay service. The IP's they have on the free lists are pretty much duplicates of my list 2. OK, now I'll be clear here ;-) Thanks. Will test how much RAM a RB2011 needed. Only with priority 2 or priority 1 + drop.malicious.rsc PS: SBL Malicious IP Black...
by IntrusDave
Sun Nov 04, 2018 6:05 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

What are everyone's thoughts on using Patreon for the subscription service? I've started setting up a page here: https://www.patreon.com/IntrusTechnologies Once I have everything linked, the existing scripts will stop working and I will post the current scripts on the Patreon page. The new script w...
by IntrusDave
Sun Nov 04, 2018 5:53 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

It's hard to give accurate numbers, but it looks like the List 1 uses about 768k, List 2 uses 3M, and List 3 uses 54M to load and 50M once the load is done. The other two load too fast on my RB110AHx4 to see the memory load update. What do you think about this service?: https://forum.mikrotik.com/v...
by IntrusDave
Sun Nov 04, 2018 9:20 am
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

It's hard to give accurate numbers, but it looks like the List 1 uses about 768k, List 2 uses 3M, and List 3 uses 54M to load and 50M once the load is done. The other two load too fast on my RB110AHx4 to see the memory load update.
by IntrusDave
Sat Nov 03, 2018 8:56 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

What are everyone's thoughts on using Patreon for the subscription service? I've started setting up a page here: https://www.patreon.com/IntrusTechnologies Once I have everything linked, the existing scripts will stop working and I will post the current scripts on the Patreon page. The new script wi...
by IntrusDave
Sat Nov 03, 2018 8:17 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

No problem, and I'm sorry about the downtime. I've changed the policy on my servers so that Google can not longer preempt mine to make room for higher paying customers. Not happy that it's adding another $50/month onto my bill, but I can't have them dropping me because someone bigger wants my cpu or...
by IntrusDave
Sat Nov 03, 2018 8:10 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

I bought a new network "level 3" honeypots online. These are my first located in "hostile" countries. Bringing the current Level 3 list to over 189,000 entries.
by IntrusDave
Sat Nov 03, 2018 7:07 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

@Dave
Do you have IP blacklists from squidblacklist.org in priority 1 or 2?
squidblacklist.org is not included, as it is a pay service. The IP's they have on the free lists are pretty much duplicates of my list 2.
by IntrusDave
Sat Nov 03, 2018 5:47 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

The server is hosted on the google cloud platform. It appears that Google has oversold the zone that my servers are in, and my servers have been taking offline to allow others to run. I'll be moving the server to a different zone ASAP.
by IntrusDave
Fri Oct 19, 2018 10:52 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

The pay service will begin on the 1st of the year
by IntrusDave
Fri Oct 19, 2018 9:40 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

I’m not sure I understand the question
by IntrusDave
Fri Oct 19, 2018 5:02 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

If using DNS is a requirement for you, I suggest you look elsewhere for the service. I have no plans to use DNS for this service. It's not a viable distribution method. DNS is not able to send a response of 200,000+ IP addresses. BGP is also not going to happen, as it require a large amount of labor...
by IntrusDave
Tue Sep 18, 2018 6:33 pm
Forum: General
Topic: NTFS support
Replies: 34
Views: 5503

Re: NTFS support

I vote +1 for making all SOHO features a separate package. I consider SOHO features, stuff like: Quick Set SMB Kid Control Detect Internet Default Firewall UPnP I would even go as far to include 'Cloud' in that list, but many will disagree with me on that one. IMHO there is no need for those in an ...
by IntrusDave
Mon Sep 10, 2018 11:00 pm
Forum: General
Topic: Feature Request: Separate Packages
Replies: 2
Views: 459

Re: Feature Request: Separate Packages

web and socks proxies get exploited by rogue IT guys to get around company filters. Web proxy is just about useless now, as https can not be proxied. Disabled by default is nice and all, but medical centers that deal with high profile patients have policies that prevent using hardware with certain f...
by IntrusDave
Mon Sep 10, 2018 8:31 pm
Forum: General
Topic: Feature Request: Separate Packages
Replies: 2
Views: 459

Feature Request: Separate Packages

I'd like to request that the all of the "home user" features be moved into separate packages.
- Web Proxy / Socks
- upnp / smb

All 4 of those functions have recently causes me issues with using Mikrotik routers in a hospital.
by IntrusDave
Mon Sep 10, 2018 8:24 pm
Forum: General
Topic: NTFS support
Replies: 34
Views: 5503

Re: NTFS support

I vote NO NTFS, and I also vote to remove SMB, or at least make it a package that I can remove.
Better yet, move all of the "home user" features into a separate package so that us enterprise customers don't have to have that type of stuff in our routers.
by IntrusDave
Mon Sep 10, 2018 8:21 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

I'm in a holding pattern while my lawyer researches the EU "GDPR" laws. It's looking like I will not be able to use 3rd party honeypots, as the GDPR requires companies to allow users to delete any data collected from there. That means that anyone with a honeypot running on their router will be able ...
by IntrusDave
Mon Sep 10, 2018 8:16 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

ip Cloud terminal-only when running CHR
by IntrusDave
Mon Sep 03, 2018 5:14 am
Forum: General
Topic: --algo kmp --hex-string
Replies: 13
Views: 904

Re: --algo kmp --hex-string

you can start with Level 7 filters here: https://wiki.mikrotik.com/wiki/Manual:IP/Firewall/L7
or simple content filters here: https://wiki.mikrotik.com/wiki/Manual:I ... all/Filter
Neither are going to work with SSL.
by IntrusDave
Tue Aug 28, 2018 5:43 am
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

i haven't gotten far enough on the honeypot side. I've started from scratch on the RouterOS script. I'll post it once it's stable enough to test.
by IntrusDave
Mon Aug 27, 2018 2:23 am
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

But I get error in the log: Blacklist Authorization failed Which is the active and good script? IP Cloud is used for identification now. Once the service is live, the serial number from IP cloud will be used for authorization. The script gets the serial number from the IP cloud, submits it via the ...
by IntrusDave
Mon Aug 27, 2018 2:15 am
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

Drop or redirect? Which one is better on firewall?
Personally, I use a RAW Drop rule.
by IntrusDave
Mon Aug 27, 2018 2:14 am
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

Unfortunately, I don't have IPv6 yet. The system is designed for it, but I have no routers in IPv6 networks that I can test with. My home internet supports it, but it's so unstable, I don't bother with it. OK! Thanks!!! And domain blacklist? I don't find domain blacklisting very effective. Most bot...
by IntrusDave
Sun Aug 26, 2018 6:53 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

Unfortunately, I don't have IPv6 yet. The system is designed for it, but I have no routers in IPv6 networks that I can test with. My home internet supports it, but it's so unstable, I don't bother with it.
by IntrusDave
Sun Aug 26, 2018 12:28 am
Forum: Wireless Networking
Topic: How critical is grounding with LHG 60G
Replies: 4
Views: 765

Re: How critical is grounding with LHG 60G

Oh, and of course there is always the proverbial risk of lightning strike.
by IntrusDave
Sun Aug 26, 2018 12:27 am
Forum: Wireless Networking
Topic: How critical is grounding with LHG 60G
Replies: 4
Views: 765

Re: How critical is grounding with LHG 60G

Any time you have electronics outdoors, you should be grounding them. In this case, wind blowing through the grid can cause a static charge to build up, discharging though the ethernet can kill the LGH as well as the switch it's connected to. In addition, it can also hurt someone. I've never witness...
by IntrusDave
Thu Aug 23, 2018 5:25 pm
Forum: General
Topic: Convert .json Office 365 IP range to address list
Replies: 3
Views: 667

Re: Convert .json Office 365 IP range to address list

After a quick glance, I would say that you can do this with awk/gawk in a bash script, or if you wanted to get fancy in php. I was actually looking at this same json to be used for whitelisting office365 in my Blacklist service. I need to earn some money today so I'll be our doing uber & lyft for a ...
by IntrusDave
Wed Aug 22, 2018 5:11 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

ANd yes, you need the RC for the CHR to get IP Cloud. Given that the development is in "beta" it shouldn't be run on production devices (although I do..), the requirement for IP CLoud isn't going away. As for x86... Well, I have one of those too, but it's being moved to CHR to get pasted the x86 lim...
by IntrusDave
Wed Aug 22, 2018 5:09 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

Unfortunately, requiring IP Cloud to be enabled is the only way that I have found to try and reducing the amount of piracy and unauthorized redistribution. As at least two of the people in this thread have already shown, they feel my work should be done for free and that they (and the rest of the in...
by IntrusDave
Sun Aug 19, 2018 10:32 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

I've implemented some of the new security functions. You will need to update the download script. Cloud DDNS is *REQUIRED*. Which means you need the latest CHR with Cloud support. /ip cloud set ddns-enabled=yes Here is the new script. :local destPath "disk1/filterImport.rsc"; :local priority "2"; :l...
by IntrusDave
Sun Aug 19, 2018 8:02 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

As you can tell, I've slowed down on development. Out of the 100+ people who filled out the notification form, more than 60% says they will not pay for this type of service. Only about 15 say they will pay a commercial product. So, I'm going to take my time with it and try earning some income in oth...
by IntrusDave
Sat Aug 18, 2018 5:08 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

sorry about that, reboot the server and forgot to start a service.
I don't have anything auto-starting yet.
by IntrusDave
Thu Aug 16, 2018 12:31 am
Forum: Announcements
Topic: v6.43rc [release candidate] is released!
Replies: 557
Views: 111552

Re: v6.43rc [release candidate] is released!

*) console - added "dont-require-permissions" parameter for scripts;
How does this one work? Any specific commands that it works with?
by IntrusDave
Sun Aug 12, 2018 9:56 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

Yes, I've blocked most of the IP's that are trying to leach the lists. Still working on an auth system that is reliable. I think it's going to have to be based on the the Cloud DNS.. [/ip cloud set ddns-enable=yes] is going to be required, unless MikroTik gives me a way to authenticate better than t...
by IntrusDave
Wed Aug 08, 2018 4:59 pm
Forum: General
Topic: Please add the ability to choose Proposal
Replies: 11
Views: 1312

Re: Please add the ability to choose Proposal

I still do not see any real benefit of your request. It literally takes 2 seconds to change proposal value for your policies to a different one. /ip ipsec proposal add name=newproposal copy-from=default /ip ipsec policy set [find proposal=default] proposal=newproposal I was just posting this exact ...
by IntrusDave
Wed Aug 08, 2018 1:34 am
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

It's limited for now, hoping to have a very basic auth system in place by tomorrow morning. My server logs show at least 2 people trying VERY hard to figure out how to trick the server to sending the list to a wget/curl client. Sorry, but the blaintant abuse won't be tolerated. I'll post a simple Go...
by IntrusDave
Wed Aug 08, 2018 1:24 am
Forum: General
Topic: Hap AC2 RAM [SOLVED]
Replies: 13
Views: 1293

Re: Hap AC2 RAM [SOLVED]

My point was that many boards do this. Example - the RB450Gx4 reports 994M instead of 1GB. The RB3011 reports 1GB. Both have the same family of IPQ ARM Processor.
Yes, the ac2 did have a bug reporting memory, I do not believe that the 233 vs 256 is representative of that bug.
by IntrusDave
Wed Aug 08, 2018 1:01 am
Forum: General
Topic: Hap AC2 RAM [SOLVED]
Replies: 13
Views: 1293

Re: Hap AC2 RAM [SOLVED]

I think you missed the topic. :)

This is more about 256M boards reporting 233M. This is not new to the hAP as2, it happens quite a bit, even more on the CCR's.
by IntrusDave
Wed Aug 08, 2018 12:04 am
Forum: General
Topic: Hap AC2 RAM [SOLVED]
Replies: 13
Views: 1293

Re: Hap AC2 RAM [SOLVED]

I would absolutely love it and it would be a massive help if one of you could paste this code to a new script and run it once. I don't have any units myself that unreport RAM, but I know it's pretty common. So getting a dump of the hardware stats will help me sort out which models do it and which Ro...
by IntrusDave
Tue Aug 07, 2018 7:42 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

Oh BTW guys, my Honeypots alone are reporting over 37,000 ACTIVE botnet IP's for the last 12 hours.
Those IP's will NOT be included in the free list.
by IntrusDave
Tue Aug 07, 2018 7:25 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

Has anyone here worked with tr069 at all? I've never played with it and I'm curious if it offers anything useful to this project.
by IntrusDave
Tue Aug 07, 2018 7:11 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

I will not use it. Or maybe I will, but before I will implement another script that extracts IPs from the file and apply them one by one. Now THAT is funny. I can picture you looking through a list of 150,000 IP address every 24 hours. That's the WHOLE point of this, to have near-realtime protectio...
by IntrusDave
Tue Aug 07, 2018 7:09 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

Due to people like this guy ^^^ the beta list will be limited to the "free" list of about 1800 IP's.
I do not want my 150,000 IP's collected by my honeypots being used for other people's services.
by IntrusDave
Tue Aug 07, 2018 7:05 pm
Forum: General
Topic: Blokeo de linkedin y permitir pasar solo a una ip
Replies: 2
Views: 358

Re: Blokeo de linkedin y permitir pasar solo a una ip

Your simplest choice will be to create an address-list of all of the known IP addresses for LinkedIn. Next, Static Map the DHCP for each of the PC's that you to allow access, and have them added to a seperate list. Next, create a Block rule for the linkedIn address-list, and exclude the permitted li...
by IntrusDave
Tue Aug 07, 2018 7:02 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

on the flip side, if anyone is in Southern California (Rancho Cucamonga / Ontario / Pomona / San Bernardino) you are hit me up and I'd love to grab coffee and chat.
by IntrusDave
Tue Aug 07, 2018 7:00 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

I do understand the concern, but after 3 years, I'm tired of explaining myself. I do what I do because I love the internet and I want it to be a safer place. My company is based on this principle. I understand that you guys don't know me personally, and you have to trust me. But do know that once th...
by IntrusDave
Tue Aug 07, 2018 6:21 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

You are 100% welcome to not use it. If you don't have anything to add to the topic, or any input on the development process, please find another topic to post in.

If you followed the previous versions thread, you would see that this has been covered in no less than 5 posts.
by IntrusDave
Tue Aug 07, 2018 5:32 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

Hi Dave,

In first list first address is 255.255.255.255 . Is that right?

Thanks,
Geo
Yes. Once the system is complete, you will be able to whitelist if needed. I filter 255.255.255.255 because I'm on a cable network and I see a crap-load of broadcast trash.
by IntrusDave
Tue Aug 07, 2018 5:28 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

Running on my home router. Do you really want it reporting every minute?
The reporting and monitoring service is reported every minute. The client side can change that, depending on that type of response time they want.
by IntrusDave
Tue Aug 07, 2018 8:03 am
Forum: General
Topic: Warning BotNet Attacks! Noticing These IP's! Suggest blocking them!
Replies: 2
Views: 762

Re: Warning BotNet Attacks! Noticing These IP's! Suggest blocking them!

Just an FYI - my blacklist service has been locking those IP's for a few months now.
You can check out the development topic here: viewtopic.php?f=9&t=136666

The botnets attacking MikroTik routers is in the smaller Priority 1 list
by IntrusDave
Tue Aug 07, 2018 7:51 am
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

If anyone wants to help out more, I need more routers to report some stats to the server. This is part of the health monitoring and alerting system. If you paste the code into a terminal window, it will setup the script and start reporting. /system scheduler add interval=1m name=reportStatus on-even...
by IntrusDave
Tue Aug 07, 2018 7:48 am
Forum: Scripting
Topic: Hardware Stats (Development)
Replies: 0
Views: 305

Hardware Stats (Development)

Hey guys, I'm trying to build a hardware stats/monitoring system that will allow users to register their routers and get an email/SMS when something needs to be looked at. I'm trying to get all of the various fields that the routers report. Here is a sample from my person home router: board-name=RB1...
by IntrusDave
Mon Aug 06, 2018 5:26 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

currently, the priorities are pretty basic. #1 is a short list of about 2000, consisting of just the most common botnet attacks. If I end up offering a free tier, this will be it. #2 is a longer list of 30,000 to 40,000 IP's and subnets that includes #1, also adds most of the more common crap out th...
by IntrusDave
Sat Aug 04, 2018 11:20 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

Here is a form to fill out if you want to be notified when the new service goes live:

https://goo.gl/forms/UQMYqKJ54E0iV35l2
by IntrusDave
Sat Aug 04, 2018 11:18 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

Here is a form to fill out for those that want to be notified


https://goo.gl/forms/UQMYqKJ54E0iV35l2
by IntrusDave
Sat Aug 04, 2018 10:59 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

please prompt how to change a timeout of blacklist lifetime. for example for 7 days The lists are set for a max timeout of 24 hours. This is required so that false positives are not blocked for too long. The system is designed to be update every 1~6 hours. Once the system goes public, each user wil...
by IntrusDave
Sat Aug 04, 2018 8:27 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

Script is no longer functioning, no updates since last night.
It's running right now.
As stated above, it's still very pre-alpha, so I can't promise that it stays running while I'm making large code changes.
by IntrusDave
Sat Aug 04, 2018 8:26 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

Dave, Have you considered using external to your network honeypots as source of offending IPs? I use as the first frontier such RAW drop rules and all the time there are some IPs on the list of attackers. I'm not quite sure I follow what you are saying. I'm always open to more sources. The new syst...
by IntrusDave
Fri Aug 03, 2018 8:28 am
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

Thanks! Check out the development topic. I posted an early pre-alpha script to try and start stress testing the database.
by IntrusDave
Thu Aug 02, 2018 9:51 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

Servers shouldn’t be an issue, I’ve moved my physical servers to google cloud and will be running on google’s CDN
by IntrusDave
Thu Aug 02, 2018 6:20 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

Use \?

The script in post #9 was wrong.
The script is not wrong, it's intended to be a script, NOT command line.
by IntrusDave
Thu Aug 02, 2018 10:38 am
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

[admin@CHR-O] > /tool fetch mode=https dst-path=/disk1/filters.rsc url="https://bl .mikrotikfilters.com/fetch.phppriority=3"; status: failed failure: closing connection: <404 Not Found> 35.236.78.203:443 (4) [admin@CHR-O] > /tool fetch mode=https dst-path=/disk1/filters.rsc url="https://bl .mikroti...
by IntrusDave
Thu Aug 02, 2018 9:29 am
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

fixed. having issues with mysql terminating
by IntrusDave
Thu Aug 02, 2018 8:27 am
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

So, I *JUST* started coding this week, so this is really rough.. like pre-alpha. This is going to take some time.. I can code in python, php, perl, and C. but just because I can, doesn't mean I enjoy it. I really hate coding, it's boring and frustrating. Anyway.. I have the database being populated ...
by IntrusDave
Wed Jul 25, 2018 11:49 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

This topic is for discussion of the development for the replacement blacklist service that I build a few years ago.
Please limit posts to that topic, as your dns filtering does not help with the development at all.
by IntrusDave
Wed Jul 25, 2018 8:38 pm
Forum: General
Topic: Mikrotik Routers Compromised......please READ [SOLVED]
Replies: 8
Views: 1645

Re: Mikrotik Routers Compromised......please READ [SOLVED]

I'm really shocked by the number of admins that NEVER update firmware!
by IntrusDave
Wed Jul 11, 2018 7:41 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Re: Blacklist Filter (Development Topic)

I do plan on continuing to use DNS for versioning. Ultimate goal will be to have the client send the last update date and time, then request the just the changes from that point.

The effect on the client side would be that the client determines it's own update schedule.
by IntrusDave
Wed Jul 11, 2018 3:15 am
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

New topic for development of the new service

viewtopic.php?f=9&t=136666
by IntrusDave
Wed Jul 11, 2018 3:15 am
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 24294

Blacklist Filter (Development Topic)

Hey guys, I wanted to have this a little more open of a discussion, so I made a new thread. So I'm starting to plan out the new system and I'm going SQL based. The old system used a boat load of regex, awk, grep, etc. It was pretty dirty, but it worked. The lists generated were stored in a flat file...
by IntrusDave
Mon Jul 09, 2018 2:53 am
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

Not really an update, just information. I'm still trying to figure out what to do with my life. At 43, I started not liking what I was doing for work. I've tried a few different things, including running a large non-profit for a while. Now I'm closing in on 45 and I still don't know. Fact is, I'm be...
by IntrusDave
Tue Jun 26, 2018 11:45 pm
Forum: General
Topic: Hacked again. Changed username and password
Replies: 8
Views: 18203

Re: Hacked again. Changed username and password

Have you thought about the obvious? Maybe it's being hacked from the inside?
An angry employee trying to cause havoc seems like the logical answer.
by IntrusDave
Mon Jun 11, 2018 7:42 am
Forum: General
Topic: More than 254 IPs needed! What options do I have?
Replies: 16
Views: 1166

Re: More than 254 IPs needed! What options do I have?

some devices won't work correctly when you mix subnet classes. Mixing Classes isn't a good idea.
by IntrusDave
Mon Jun 11, 2018 3:03 am
Forum: General
Topic: More than 254 IPs needed! What options do I have?
Replies: 16
Views: 1166

Re: More than 254 IPs needed! What options do I have?

Just right off, a few things... 1) I don't think a RB951G is suitable for this. I would start with an RB3011 at the least, maybe an RB1100AHx4 2) Needing more than 254 IP's means you need a Class B or Class A subnet. I do not recommend simply changing the netmask, as many devices aren't going to tol...
by IntrusDave
Tue May 08, 2018 7:55 pm
Forum: Beginner Basics
Topic: LCD on CCR1009 without touchscreen
Replies: 12
Views: 1290

Re: LCD on CCR1009 without touchscreen

Buy a used RB2011 from ebay. IIRC it's a surface mount connection, so you are going to need surface mount desoldering and soldering tools. Good chance you are going to need the screen, the cable, the socket, and likely the interface chip from the diner RB2011.
by IntrusDave
Tue May 08, 2018 4:12 am
Forum: Beginner Basics
Topic: LCD on CCR1009 without touchscreen
Replies: 12
Views: 1290

Re: LCD on CCR1009 without touchscreen

that is not supported. The Internal LCD's are connected to the CPU, not USB or serial.
by IntrusDave
Sun May 06, 2018 7:18 pm
Forum: General
Topic: DNS problem
Replies: 1
Views: 336

Re: DNS problem

{86% | NotieMcNotebook} ~ @djoyce ~/> dig gwrtdp.tclclouds.com ; <<>> DiG 9.10.6 <<>> gwrtdp.tclclouds.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17895 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;gwrt...
by IntrusDave
Thu May 03, 2018 10:23 pm
Forum: General
Topic: Nice Processor for the next CCR generation :-)
Replies: 9
Views: 2111

Re: Nice Processor for the next CCR generation :-)

The tech docs stats 30W TDP with clock rates up to 2.2GHz, and doesn't require a fan.

https://www.nxp.com/docs/en/supporting- ... ticore.pdf
by IntrusDave
Thu May 03, 2018 9:15 pm
Forum: General
Topic: Winbox starts not so easy on wine [SOLVED]
Replies: 7
Views: 741

Re: Winbox starts not so easy on wine

Wine isn't exactly a little app, it takes some resources to start up. Is 5 seconds of high CPU load really causing a problem? I could understand if it hits 100% while in use, but just 5 seconds on startup doesn't seem like anything to worry about. My notebook (Mac) is quad-core, and I get all 4 core...
by IntrusDave
Thu May 03, 2018 9:09 pm
Forum: General
Topic: Nice Processor for the next CCR generation :-)
Replies: 9
Views: 2111

Re: Nice Processor for the next CCR generation :-)

I have the most confusing erection right now... I want this processor is a box... like NOW. Features summary: - Sixteen 32-bit / 64-bit ARM v8 A72 CPUs - Cache Coherent Interconnect Fabric (CCN508 aka “Eliot”) - Two 64-bit 3.2GT/s DDR4 SDRAM memory controllers with ECC. - Data path acceleration arch...
by IntrusDave
Sat Apr 28, 2018 6:43 am
Forum: General
Topic: 6.43rc5 bricked RB1100AHx4
Replies: 16
Views: 2392

Re: 6.43rc5 bricked RB1100AHx4

Not sure what happened.. But something with the repartitioning in the latest rc.
by IntrusDave
Sat Apr 28, 2018 3:06 am
Forum: General
Topic: 6.43rc5 bricked RB1100AHx4
Replies: 16
Views: 2392

Re: 6.43rc5 bricked RB1100AHx4

After about 6 hours, I finally got the Routerboot menu. I'm not sure why I was never prompted (press any-key...) before. I ended up getting a stopwatch and power strip. I was powering the router and timing how long to press the reset. It ended up needed to be pressed for no less than 15 minutes. (wh...
by IntrusDave
Fri Apr 27, 2018 6:59 am
Forum: General
Topic: 6.43rc5 bricked RB1100AHx4
Replies: 16
Views: 2392

Re: 6.43rc5 bricked RB1100AHx4

Tried that.. They said it's past their coverage and to contact Mikrotik.
by IntrusDave
Fri Apr 27, 2018 5:39 am
Forum: General
Topic: 6.43rc5 bricked RB1100AHx4
Replies: 16
Views: 2392

Re: 6.43rc5 bricked RB1100AHx4

tried that. seems to just pause the process, never starts netboot
by IntrusDave
Fri Apr 27, 2018 3:41 am
Forum: General
Topic: 6.43rc5 bricked RB1100AHx4
Replies: 16
Views: 2392

Re: 6.43rc5 bricked RB1100AHx4

No backup loader.. The router had just rebooted after partitioning, so the backup was still blank.
Also, you can see in the console log, it tried booting from partition 1 and 0.
by IntrusDave
Fri Apr 27, 2018 3:20 am
Forum: General
Topic: 6.43rc5 bricked RB1100AHx4
Replies: 16
Views: 2392

Re: 6.43rc5 bricked RB1100AHx4

Here is the console output Annapurna Labs stage 2: stage2_eth3_ram_loader v1.65.1 Executing next! Annapurna Labs stage 2: stage2.5_loader v1.65.1 SPD I2C Address:00000050 Executing next! ----------------------------------------------------- Stage 3 version: 1.65.1 Commit ID: e88c9c4 CVOS commit ID: ...
by IntrusDave
Fri Apr 27, 2018 3:06 am
Forum: General
Topic: 6.43rc5 bricked RB1100AHx4
Replies: 16
Views: 2392

6.43rc5 bricked RB1100AHx4

My testing unit (RB1100AHx4) was bricked today with RouterOS 6.43rc5. I used WinBox to repartition for 2 partitions (primary and backup) The router went into a reboot loop with no way to stop it. Netinstall will not work, as the console shows that system reboots before the interfaces are initialized...
by IntrusDave
Tue Apr 24, 2018 7:22 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

I'd like some input on what this is worth to people in $USD.
My thought was $5/month for 5 devices, $10/month for 15 devices.
by IntrusDave
Sun Apr 22, 2018 11:39 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

One feature for a paid version I would like to implement is a management portal. * Manage your subscription options (Number of devices permitted to use your sub / payment method) * Manage your device serial numbers associated with your subscription * Manage a whitelist of IPs/Subnets that you need e...
by IntrusDave
Sun Apr 22, 2018 11:33 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

So, I've thought about this a lot. I was quite surprised by the support generated. So I think I will restart the service as a paid service to pay for the server and backspace. In total, the servers currently cost me about $1750 a month, but I'm downsizing everything and going to try and get it down ...
by IntrusDave
Sun Mar 25, 2018 11:57 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

Thank you Dave. Could you be so kind and shere your valuable technology? Could you publish all scripts? Unfortunately no. The server side (contrary to what a few hear think) isn't just a "script" it's a network of over 300 honeypots and some very advanced AI code to analyze threats. That system is ...
by IntrusDave
Sun Mar 25, 2018 2:00 am
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

I would be fine with keeping the service alive. Having a 48u rack for such a piss easy and small script is a bit outrageous. I think you're the delusional one. I"m sure you used that rack for way more than this script. I'm simply saying you can keep the script stuff online for way cheaper if you wa...
by IntrusDave
Sat Mar 24, 2018 7:40 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

bw is cheap i can get a server for 8 bucks a month with 12TB of bw. i feel its more than cost as to why you're stopping it. Need any help? If you think $8/month is the cost of a real server, a real firewall, real rack space, real bandwidth, real maintenance, real electricity... Then you are either ...
by IntrusDave
Sat Mar 24, 2018 5:32 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

It's been a nice run. Almost 3 years, and over 2200 active users. But I am shutting down the this service. With the new US tax laws and this new US "sex trafficking law" (which isn't really about sex trafficking) I simply can't afford to keep the service running. Bandwidth and rack space is just to...
by IntrusDave
Sun Feb 11, 2018 9:41 pm
Forum: General
Topic: Multi subnet wan help
Replies: 3
Views: 272

Re: Multi subnet wan help

OKay, after hour of me going mad, it's now working. Turned out the ISP routed the new subnet to the wrong switch port. When I needed more rack space, I was moved to an empty rack. When I asked for the new subnet, they routed it to the switch port in the old rack instead of the new rack. All good now...
by IntrusDave
Sat Feb 10, 2018 10:59 pm
Forum: General
Topic: Multi subnet wan help
Replies: 3
Views: 272

Multi subnet wan help

Hey guys, so as some of you already know, I've started moving out of the IT world. I have taken control of a large nonprofit. Anyway - I need routing help. I have my existing Intrus Technologies subnet (172.102.241.56/29) and I've been given a second subnet for my new company. (172.102.241.8/29) The...
by IntrusDave
Sat Feb 03, 2018 4:51 am
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

Make sure you blDataPath does not start with a /
i.e. it should read "disk1/blTemp.rsc" NOT "/disk1/blTemp.rsc"
by IntrusDave
Wed Jan 17, 2018 8:23 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

I had actually started looking into moving the service to a distributed cloud to prevent this, but It looks like I may be shutting down my business and taking over running a nonprofit.
by IntrusDave
Wed Jan 17, 2018 7:20 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

Very sorry about that guys. I had to upgrade some server hardware, so I migrated the VM's to a different server. The new server didn't import the DNS vm. The old server if back online now and the VM's returned to their home. All should be good now.
by IntrusDave
Fri Dec 29, 2017 7:59 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

As I’m on vacation, I’ll keep it short. The IP you listed has been serving a malformed PDF with a known Microsoft Edge exploit.
by IntrusDave
Wed Dec 27, 2017 1:14 am
Forum: Scripting
Topic: in scripting - add filter and set it's order
Replies: 3
Views: 351

Re: in scripting - add filter and set it's order

I think it’s in the wiki under filter command line.
by IntrusDave
Tue Dec 26, 2017 11:56 pm
Forum: Scripting
Topic: in scripting - add filter and set it's order
Replies: 3
Views: 351

Re: in scripting - add filter and set it's order

place-before=7
by IntrusDave
Thu Dec 21, 2017 10:56 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

This blacklist is blocking, among other things, Github. It has been for a while. It's a great idea, but clearly is not curated or monitored. I would recommend not using it. Welcome to the board. Not sure why your first post would be to trash someone's work instead of asking a question about it, but...
by IntrusDave
Thu Nov 23, 2017 8:40 pm
Forum: Beginner Basics
Topic: Need help on prioritizing bandwith with game port
Replies: 6
Views: 3306

Re: Need help on prioritizing bandwith with game port

You will most likely not have to do anything. Pretty much every game for the last 10 years sets the DSCP bits on packets, so the router will prioritize based of what the game developers feel is needed.
by IntrusDave
Thu Nov 23, 2017 3:04 am
Forum: Beginner Basics
Topic: Need help on prioritizing bandwith with game port
Replies: 6
Views: 3306

Re: Need help on prioritizing bandwith with game port

The script is intended to be run as a script, not command line. Copy/Paste the script into a new script and run it from there.
by IntrusDave
Thu Nov 09, 2017 6:41 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

Dave, which list do we get?
That's your choice. Select the list that fits your needs, and set it in the config file.
by IntrusDave
Thu Nov 09, 2017 6:40 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

For you and other posters here its obvious, but not for my mother....
It's not really intended for your mother. :)
Intended for network admins that don't really need help or explanation.
by IntrusDave
Thu Nov 09, 2017 3:30 am
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

The scripts are for maintaining an address list that is intended to help filter out as much of the bad crap on the internet as possible. This includes spam, viruses, hackers, etc. the script contacts my servers and pulls the latest list of known bad IPs and subnets. The list comes in three sizes. Th...
by IntrusDave
Wed Oct 11, 2017 7:07 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

The source isn't open. It's a collection of 140 routers and servers running as honeypots.
You can exclude addresses by creating a whitelist address-list, and a rule to accept those addresses before the blacklist drop rules.

I don't feel that donations are needed, but thank you for the offer.
by IntrusDave
Tue Sep 12, 2017 6:41 am
Forum: General
Topic: HOWTO: Dual WAN PCC with Dynamic IP
Replies: 32
Views: 4337

Re: HOWTO: Dual WAN PCC with Dynamic IP

You will need to set a static route using the WAN you would like the ping to go though.
by IntrusDave
Thu Sep 07, 2017 6:42 pm
Forum: RouterBOARD hardware
Topic: Mikrotik CCR1072 new with 4Gb of ram less [SOLVED]
Replies: 12
Views: 2187

Re: Mikrotik CCR1072 new with 4Gb of ram less [SOLVED]

Actually - You should be returning this to the seller and have them advance replace the unit.
by IntrusDave
Thu Sep 07, 2017 6:42 pm
Forum: RouterBOARD hardware
Topic: Mikrotik CCR1072 new with 4Gb of ram less [SOLVED]
Replies: 12
Views: 2187

Re: Mikrotik CCR1072 new with 4Gb of ram less [SOLVED]

Yes, you are correct. The 1072's have soldered on ECC ram. You will need to RMA the unit.
Send a supout.rif to support@mikrotik.com to start the process.
by IntrusDave
Thu Sep 07, 2017 5:46 pm
Forum: Beginner Basics
Topic: Cable modem with dual WAN ports
Replies: 6
Views: 1538

Re: Cable modem with dual WAN ports

Interesting. My 8200 does not have any bonding options at all. Creating a bond is simple, but please keep in mind that the bond is done in software and not hardware slow the MIPS routers are going to have high CPU load. Simpley remove two interfaces from any bridge or master port. Create a new bond ...
by IntrusDave
Thu Sep 07, 2017 5:05 pm
Forum: RouterBOARD hardware
Topic: Mikrotik CCR1072 new with 4Gb of ram less [SOLVED]
Replies: 12
Views: 2187

Re: Mikrotik CCR1072 new with 4Gb of ram less [SOLVED]

Really? Please post a pic.
Every CCR1072 I’ve worked with has two DIMMs
by IntrusDave
Thu Sep 07, 2017 5:21 am
Forum: Beginner Basics
Topic: Cable modem with dual WAN ports
Replies: 6
Views: 1538

Re: Cable modem with dual WAN ports

That's a very big and complicated question. But you may be looking for a LOT of work, with no gain. First, the modems referenced do not support any type of bonding. At best you will simply be able to get two public IP addresses - and that is only if your ISP allows it. Next, even if you get two publ...
by IntrusDave
Thu Sep 07, 2017 5:06 am
Forum: RouterBOARD hardware
Topic: Mikrotik CCR1072 new with 4Gb of ram less [SOLVED]
Replies: 12
Views: 2187

Re: Mikrotik CCR1072 new with 4Gb of ram less [SOLVED]

Have you tried any troubleshooting yourself while you wait? Maybe try reseating the memory, or try swapping the memory with the good unit to verify bad memory vs bad cpu? Have you tried swapping the memory with known good memory? Most Sys Admins would keep known good memory on hand for just these si...
by IntrusDave
Tue Sep 05, 2017 7:32 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

have you tried remove the scripts and schedules and reinstalling?
There is not much I can do to help, as I have no access to your router.
by IntrusDave
Tue Sep 05, 2017 7:21 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

At this time the script is IPv4 only. The servers are able to deal with IPv6, but the client script is not.
by IntrusDave
Sat Aug 26, 2017 7:18 am
Forum: General
Topic: Anyone else having this VPN issue?
Replies: 17
Views: 1756

Re: Anyone else having this VPN issue?

Still nothing. As of 6.41rc16, my standard IpSec and my IKEv2 tunnels still die every 2~3 days. My only solution was power cycling the sites every night at the same time. I use DLI Web Power Switches to automatically power cycle them at 3am every day. It's the only way I can guarantee that the VPNs ...
by IntrusDave
Tue Aug 22, 2017 8:47 pm
Forum: Scripting
Topic: DHCP Server disable script
Replies: 3
Views: 762

Re: DHCP Server disable script

enable IP fireless on the bridge, then block ports 67-68 on the forward chain.
by IntrusDave
Sun Aug 20, 2017 7:25 pm
Forum: RouterBOARD hardware
Topic: RB3011 stuck at boot!
Replies: 3
Views: 975

Re: RB3011 stuck at boot!

Did you try entering the RouterBOOT menu and format the drive?
It's a little concerning because /var/run is normally tmpfs (ram based)
by IntrusDave
Thu Aug 17, 2017 8:36 pm
Forum: Scripting
Topic: A script to calculate Average CPU Load
Replies: 19
Views: 12291

Re: A script to calculate Average CPU Load

This is the Observer effect as known in physics. Just running a script to monitor the load will increase the load and therefore make the results invalid. The more complicated the script, the higher the load, and the weaker the cpu, the higher the load. A better way to do this would be a use fetch an...
by IntrusDave
Wed Aug 16, 2017 9:23 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

This is expected. Because the address list is dynamic, the timeout is constantly changing. This causes WinBox to reload the entire address list output every second. I'll see if I can find a fix, but I don't think there is much you can do about it, other than not leaving the Address List tab open.
by IntrusDave
Wed Aug 16, 2017 3:36 am
Forum: General
Topic: Fiber to the Desktop anyone?
Replies: 4
Views: 667

Re: Fiber to the Desktop anyone?

I don't know - my Virtual Desktops use about 2 to 5mbps for RDP. Maybe 10mbps if they are doing video playback too.
I have a few that do UHD 4k video editing, but they use Thunderbolt 3 DAS.
by IntrusDave
Wed Aug 16, 2017 3:30 am
Forum: General
Topic: REST API v7 Make Our Day ! +1 it Please
Replies: 17
Views: 5947

Re: REST API v7 Make Our Day ! +1 it Please

what does REST API offer the the current doesn't?

The current API takes 3~5 minutes to setup and is very simple to use.
by IntrusDave
Wed Aug 16, 2017 3:25 am
Forum: General
Topic: DHCPv6 client persistency
Replies: 6
Views: 1003

Re: DHCPv6 client persistency

I can confirm that this happens on 6.41rc11
by IntrusDave
Wed Aug 16, 2017 3:21 am
Forum: General
Topic: Fiber to the Desktop anyone?
Replies: 4
Views: 667

Re: Fiber to the Desktop anyone?

I think 5 or 10G copper would be more realistic.
Unless you are in a VERY controlled environment, fiber is going to get damaged.
by IntrusDave
Thu Aug 10, 2017 6:21 am
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

Is it an option to change script to download file to USB drive and use external flash drive instead of internal NAND?
Yes, the path is set in the config file.
by IntrusDave
Wed Aug 09, 2017 5:48 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

THE solution is to output only raw ip addresses' list. But this solution collides with the length of variables in routeros. :( Thanks for your efforts. Unfortunately, it's only a solution if it's possible. The amount of 4kb files needed to be downloaded and processes would cause so much wear on the...
by IntrusDave
Wed Aug 09, 2017 5:40 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

That would truly be bad. My solution is to isolate the server that generates the scripts from the rest. The generation server is not accessible from the internet. For me to access it, I must connect to my firewall via VPN, then SSH to the database server, then ssh to the blacklist server. The second...
by IntrusDave
Mon Aug 07, 2017 6:15 am
Forum: RouterBOARD hardware
Topic: RB1100AHx4 Ethernet Speed
Replies: 13
Views: 1858

Re: RB1100AHx4 Ethernet Speed

Very interesting. You should do a supout.rif and email it to support@mikrotik.com. I think you may have found a bug.
by IntrusDave
Sun Aug 06, 2017 8:43 pm
Forum: RouterBOARD hardware
Topic: RB1100AHx4 Ethernet Speed
Replies: 13
Views: 1858

Re: RB1100AHx4 Ethernet Speed

I've found that forcing rates is almost always a bad idea, and should only be a used to lower the rate, never raise. If you are not getting a 1G link, there is a reason for it. Something is wrong. Step 1 would be to use a network cable tester. (not the cheap kind that just lights up) Usual causes ar...
by IntrusDave
Sun Aug 06, 2017 8:27 pm
Forum: Beginner Basics
Topic: RB2011UAS-2HnD - ethernet ports 6 to 10 stopped working
Replies: 1
Views: 292

Re: RB2011UAS-2HnD - ethernet ports 6 to 10 stopped working

Power cycle... Try another power supply...
If that fails, you can make a backup and save it on a USB stick. Then reset the device and do a clean netinstall. If a clean install doesn't work, then the switch chip has failed.
by IntrusDave
Fri Aug 04, 2017 9:12 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

Either your firewall is blocking DNS to my server, or your IP is blocked by the list already. What is your public IP? 181.225.100.117 190.253.66.37 Your ISP /AS262186 is UCEPROTECT-Level3 listed for hosting a total of 462 abusers. Your ISP COLOMBIA TELECOMUNICACIONES S.A. ESP/AS3816 is UCEPROTECT-L...
by IntrusDave
Wed Aug 02, 2017 6:38 pm
Forum: General
Topic: Cannot connect to CCR1016-12G after failed upgrade [SOLVED with Wine/Linux]
Replies: 16
Views: 2314

Re: Cannot connect to CCR1016-12G after failed upgrade

Yes, that is what I do.

Unfortunately, no linux for NetInstall. I use WinBox on the Mac (I prefer Mac for my system). But I have never gotten NetInstall to run correctly under Wine.
by IntrusDave
Wed Aug 02, 2017 6:37 am
Forum: Beginner Basics
Topic: What can a mikrotik
Replies: 13
Views: 1471

Re: What can a mikrotik

I would recommend looking at the RB1100AHx4 or CCR1009 over the smaller units. It sounds like uptime and reliability will be more important than the low cost of the the hEX. The dual power supplies and more powerful CPU's will end up providing you better stability with the dual power supplies and mo...
by IntrusDave
Wed Aug 02, 2017 3:57 am
Forum: Beginner Basics
Topic: What can a mikrotik
Replies: 13
Views: 1471

Re: What can a mikrotik

Router is not firewall . Try a UTM firewall.
Correction: It IS a firewall. It is NOT a UTM firewall.
by IntrusDave
Wed Aug 02, 2017 3:52 am
Forum: General
Topic: Cannot connect to CCR1016-12G after failed upgrade [SOLVED with Wine/Linux]
Replies: 16
Views: 2314

Re: Cannot connect to CCR1016-12G after failed upgrade

when static, I've always used 192.168.88.1 as the gateway

Windows 7 should be okay, but make sure you run as Administrator. NetInstall will need to bind to port 67 and 68, which require running ad admin.
by IntrusDave
Tue Aug 01, 2017 9:55 pm
Forum: General
Topic: Cannot connect to CCR1016-12G after failed upgrade [SOLVED with Wine/Linux]
Replies: 16
Views: 2314

Re: Cannot connect to CCR1016-12G after failed upgrade

I would set the notebook to 192.168.88.2, router at 192.168.88.1.
If you can, run Windows XP - not in a virtual machine. Disable any software firewall.
by IntrusDave
Mon Jul 31, 2017 5:43 am
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

Due to a bug in RouterOS, versions below 6.36 are now blocked on the server side. It appears they they are not able to compare the local blacklist serial with the server side serial. This is causing the 6.35 and earlier routers to update constantly. So, to save the NAND as well as bandwidth, I've ch...
by IntrusDave
Mon Jul 31, 2017 4:55 am
Forum: General
Topic: Cannot connect to CCR1016-12G after failed upgrade [SOLVED with Wine/Linux]
Replies: 16
Views: 2314

Re: Cannot connect to CCR1016-12G after failed upgrade

It it works, the storage will be cleared. it should then default to NetInstall. I've found it's best to have a Windows 7 notebook with no firewall enabled to run NetInstall.
by IntrusDave
Mon Jul 31, 2017 1:44 am
Forum: General
Topic: How to only open .ir sites ?
Replies: 3
Views: 567

Re: How to only open .ir sites ?

How about using the built in DNS and put in a regex that resolves 127.0.0.1 for everything but the .ir TLD?
by IntrusDave
Sun Jul 30, 2017 8:04 pm
Forum: General
Topic: Cannot connect to CCR1016-12G after failed upgrade [SOLVED with Wine/Linux]
Replies: 16
Views: 2314

Re: Cannot connect to CCR1016-12G after failed upgrade

Wow, that sounds like a pretty bad situation.
You've done the basics that I would have recommended...

Next would be holding the reset button for 300 seconds and thus forcing the router to format itself. Hopefully the RouterBOOT is still running and able to do that.
by IntrusDave
Sat Jul 29, 2017 9:33 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

Yes. If you notice in your log, it is telling you that the script is out of date. The server inserts an alarm into the script when your local script version is out of sync with the server. You can run the code in the first post to keep your script up to date with the latest big fixes.
by IntrusDave
Sat Jul 29, 2017 6:38 am
Forum: General
Topic: [Need Help] FCS Error
Replies: 1
Views: 724

Re: [Need Help] FCS Error

FCS errors are caused by bad cables, bad cable installation, or a failing port. Check the cable and the device at the other end.
by IntrusDave
Fri Jul 28, 2017 5:17 pm
Forum: Wireless Networking
Topic: Does RBMetal9HPn Works with 802.11ah??
Replies: 15
Views: 1466

Re: Does RBMetal9HPn Works with 802.11ah??

Wireless standards 802.11b/g/n
by IntrusDave
Fri Jul 28, 2017 6:35 am
Forum: Scripting
Topic: DHCP Server disable script
Replies: 3
Views: 762

Re: DHCP Server disable script

Why not just block DHCP from passing through the SXT?
by IntrusDave
Fri Jul 28, 2017 6:32 am
Forum: Wireless Networking
Topic: Does RBMetal9HPn Works with 802.11ah??
Replies: 15
Views: 1466

Re: Does RBMetal9HPn Works with 802.11ah??

Does RBMetal9HPn Works with 802.11ah?
Or Why not?
No, that device an an 802.11b/g/n 2.4GHz device. 802.11ah is 900Mhz.
They are not compatible.
by IntrusDave
Thu Jul 27, 2017 10:27 pm
Forum: Beginner Basics
Topic: Internet fall
Replies: 5
Views: 588

Re: Internet fall

use the router's built in DNS server, point it at OpenDNS and then block the LAN from using outside servers. I
by IntrusDave
Thu Jul 27, 2017 8:05 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

I've updated to 2.0.5. This update moves the server to tcp port 6501 and udp port 6502. These ports are excluded from being blocked by the list on my end, and should allow users on "bad" subnets to pull the list.

make sure to give positive rating if you are using and like this service
by IntrusDave
Thu Jul 27, 2017 7:26 pm
Forum: Beginner Basics
Topic: NAT on CCR1016 Not working
Replies: 5
Views: 514

Re: NAT on CCR1016 Not working

can you post the export for the firewall?

/ip firewall export compact
by IntrusDave
Thu Jul 27, 2017 3:34 am
Forum: Beginner Basics
Topic: ARM 3011
Replies: 5
Views: 650

Re: ARM 3011

Understandable. Let me know what you are offering it for, I can always use a spare.
by IntrusDave
Thu Jul 27, 2017 12:49 am
Forum: Beginner Basics
Topic: NAT on CCR1016 Not working
Replies: 5
Views: 514

Re: NAT on CCR1016 Not working

It's hard to say without seeing the config.
But did you open the ports in the firewall too?
by IntrusDave
Wed Jul 26, 2017 10:27 pm
Forum: Beginner Basics
Topic: ARM 3011
Replies: 5
Views: 650

Re: ARM 3011

The most weird it that version 6.33.3 is written for ARM device and after rebooting it for downgrade I see the following message in the log screen: "system, error omitting package routeros-arm.6.33.3 min RouterOS version is 6.35.3. That's correct. 6.35.3 was the first RouterOS version that supporte...
by IntrusDave
Wed Jul 26, 2017 10:23 pm
Forum: Beginner Basics
Topic: ARM 3011
Replies: 5
Views: 650

Re: ARM 3011

MikroTik never stated that user manager was available for the ARM units.
by IntrusDave
Wed Jul 26, 2017 10:20 pm
Forum: General
Topic: Issues with Speedtest.net
Replies: 6
Views: 1325

Re: Issues with Speedtest.net

Shouldn't this topic be in the Ookla forums?
by IntrusDave
Wed Jul 26, 2017 10:01 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

The DNS address is "mikrotikfilters.com" port 6502. The IP changes, based on current load - so if you add it to an address-list, just put the domain name and let it resolve. The port shouldn't be blocked, unless you are doing level 7 DNS filtering. you can post the last 3 octets of your IP, and stil...
by IntrusDave
Tue Jul 25, 2017 6:57 am
Forum: Beginner Basics
Topic: Can't WebFig logon to new router 6.38.1
Replies: 7
Views: 4565

Re: Can't WebFig logon to new router 6.38.1

Happy to hear you are up and running.
by IntrusDave
Tue Jul 25, 2017 2:45 am
Forum: RouterBOARD hardware
Topic: RB1100AHx4 vs CCR series for core/distribution?
Replies: 10
Views: 4234

Re: RB1100AHx4 vs CCR series for core/distribution?

The CCR routers have MUCH higher throughput than the RB1100AHx4. The CCR's are intended for core routing, with multiple networks attached. The RB1100AHx4 is geared more towards a larger business network. You can check out the block diagrams for each to see the design differences. On the CCR's, each ...
by IntrusDave
Tue Jul 25, 2017 2:31 am
Forum: General
Topic: [SOLVED] RB1100AHx2 - questions about the block diagram
Replies: 8
Views: 1137

Re: RB1100AHx2 - questions about the block diagram

I missed that. Thank you.

That brings the entry cost down to $425usd for all-wire-speed ports.
by IntrusDave
Tue Jul 25, 2017 2:17 am
Forum: Virtualization
Topic: How to enable MetaRouter on RB750Gr3
Replies: 7
Views: 2597

Re: How to enable MetaRouter on RB750Gr3

Why would you rate me negatively for that??
by IntrusDave
Tue Jul 25, 2017 1:36 am
Forum: General
Topic: [SOLVED] RB1100AHx2 - questions about the block diagram
Replies: 8
Views: 1137

Re: RB1100AHx2 - questions about the block diagram

Even the latest RB1100AHx4 may not be just right.. Each switch group (1~5, 6~10, 11~13) each only have a 2.5G link. To get full wire-speed, you would need 2GBps per port. The CCR1009, the first 5 ports are in a switch group. The CCR1016, each port has a dedicated wire-speed connection to the CPU. Bu...
by IntrusDave
Mon Jul 24, 2017 11:49 pm
Forum: Beginner Basics
Topic: Can't WebFig logon to new router 6.38.1
Replies: 7
Views: 4565

Re: Can't WebFig logon to new router 6.38.1

No, new from Amazon (FWIW) Tried Winbox (it looks for pwd also) Will try Etherboot. Thank you sir. Very odd. The default password is blank, so asking for a password means that someone has used it before. In all honesty, with all the bad crap happening lately, I would contact Amazon and tell them it...
by IntrusDave
Mon Jul 24, 2017 11:29 pm
Forum: Beginner Basics
Topic: Can't WebFig logon to new router 6.38.1
Replies: 7
Views: 4565

Re: Can't WebFig logon to new router 6.38.1

Have you tried WinBox yet? It's possible that Webfig isn't allowing login without a password. OR Did you buy the router used or from a non-authorized dealer? I've seen several RouterBoards that have been hacked with backdoors installed coming from 3rd parties. I've also seen them used with a clear c...
by IntrusDave
Mon Jul 24, 2017 11:21 pm
Forum: Virtualization
Topic: How to enable MetaRouter on RB750Gr3
Replies: 7
Views: 2597

Re: How to enable MetaRouter on RB750Gr3

Oh man, I didn't catch that one. Thanks for point it out.
by IntrusDave
Mon Jul 24, 2017 11:05 pm
Forum: Virtualization
Topic: How to enable MetaRouter on RB750Gr3
Replies: 7
Views: 2597

Re: How to enable MetaRouter on RB750Gr3

Currently Metarouters are only available on single core routers.
I believe that MikroTik stated somewhere that they hope to bring the feature to RouterOS 7.
by IntrusDave
Mon Jul 24, 2017 10:56 pm
Forum: General
Topic: [SOLVED] RB1100AHx2 - questions about the block diagram
Replies: 8
Views: 1137

Re: RB1100AHx2 - questions about the block diagram

I found this on the CPU. It does show the 3x 1Gbps links in the processor, as well os the PCIe links. It looks to me that ports 12 and 13 would likely each have a dedicated PCIe x1 link. Assuming that the processor only supports PCIe v1.0 or v1.1, then the links would only support about 250Mbps (125...
by IntrusDave
Mon Jul 24, 2017 10:35 pm
Forum: Wireless Networking
Topic: Devices speed
Replies: 5
Views: 593

Re: Devices speed

Hi, I try to understand the difference AC wifi device. I want to recommend to my clients the device for there needs. Some client ask me what is the maximum speed for wifi. They look to other vendor and they see 1200Mb/s, 900MB/s or 450Mb/s. With that I don't tell anything just I see one mikrotik pr...
by IntrusDave
Mon Jul 24, 2017 10:00 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

Either your firewall is blocking DNS to my server, or your IP is blocked by the list already.

What is your public IP?
by IntrusDave
Mon Jul 24, 2017 5:57 pm
Forum: General
Topic: how to install on mini sata x86?
Replies: 7
Views: 881

Re: how to install on mini sata x86?

Glad to head you got it worked out.
by IntrusDave
Sun Jul 23, 2017 9:00 pm
Forum: RouterBOARD hardware
Topic: RB750Gr3 (hEX r3) protected routerboot trouble
Replies: 10
Views: 5124

Re: RB750Gr3 (hEX r3) protected routerboot trouble

use the failsafe.

Remove the power.
Press and hold the reset.
Apply power.
Hold the reset for 300 seconds.
Once the router is reformatted, you will need to NetInstall the current routerOS to boot again.
by IntrusDave
Sun Jul 23, 2017 7:45 pm
Forum: General
Topic: reset method
Replies: 6
Views: 623

Re: reset method

Sorry, forgot the answer. You will need to disconnect pins 1 and 2 to cut the power to the unit. can you explain more You want me to explain how to disconnect and reconnect two wires? I'm sorry, please don't take this as rude, but if you do not understand that, you should be be trying to do this.
by IntrusDave
Sun Jul 23, 2017 7:43 pm
Forum: General
Topic: Computers in LAN can't see each other (can't even ping from winbox) but has internet access
Replies: 2
Views: 1050

Re: Computers in LAN can't see each other (can't even ping from winbox) but has internet access

We will need to see your Bridge, Filter, and NAT config at the minimum to understand what is going on. From the sounds of it, you are filtering on the bridge or have separate subnets and not routing between them. For LAN devices not to be able to ping each other, then they either are not on the same...
by IntrusDave
Sun Jul 23, 2017 7:38 pm
Forum: Scripting
Topic: How do I run a custom binary?
Replies: 19
Views: 2948

Re: How do I run a custom binary?

Hey guys, make sure you don't respond with an answer that he doesn't like. Honest and respectful answers get you rated negative by this noob.
by IntrusDave
Sun Jul 23, 2017 7:34 pm
Forum: General
Topic: reset method
Replies: 6
Views: 623

Re: reset method

Sorry, forgot the answer.

You will need to disconnect pins 1 and 2 to cut the power to the unit.
by IntrusDave
Sun Jul 23, 2017 7:33 pm
Forum: General
Topic: reset method
Replies: 6
Views: 623

Re: reset method

https://en.wikipedia.org/wiki/Power_ove ... et#Pinouts

I still think just power cycling the power supplying the power would be much simpler.
by IntrusDave
Sun Jul 23, 2017 1:02 am
Forum: Scripting
Topic: How do I run a custom binary?
Replies: 19
Views: 2948

Re: How do I run a custom binary?

Allowing 3rd party binaries to run on a router/firewall is a massive security hole that could/would be used as an exploit and backdoor. I could not imagine any situation that I would ever trust a router that will run an arbitrary executable. Maybe a little linksys or something, but this isn't going ...
by IntrusDave
Sat Jul 22, 2017 9:32 pm
Forum: General
Topic: AVX2 and AVX-512
Replies: 1
Views: 551

Re: AVX2 and AVX-512

No, not at this time. (maybe in ros 7)
by IntrusDave
Sat Jul 22, 2017 9:27 pm
Forum: Scripting
Topic: How do I run a custom binary?
Replies: 19
Views: 2948

Re: How do I run a custom binary?

RouterOS is a closed platform. You can not run a 3rd party binary.
by IntrusDave
Sat Jul 22, 2017 9:26 pm
Forum: SwOS
Topic: Error indication by LEDs
Replies: 1
Views: 411

Re: Error indication by LEDs

Port speed / activity..
by IntrusDave
Sat Jul 22, 2017 9:13 pm
Forum: General
Topic: Backup Issue.
Replies: 4
Views: 578

Re: Backup Issue.

Look into an external solution.

I use a UNIX server - The server makes an SSH connection, creates a backup, downloads the backup, then places it into an SVN repository. That way I can roll back to any config needed.
by IntrusDave
Sat Jul 22, 2017 9:06 pm
Forum: General
Topic: how to install on mini sata x86?
Replies: 7
Views: 881

Re: how to install on mini sata x86?

RouterOS will only install on a SATA based device. the m.2 interface on most boards support both mSATA and PCIe. Make sure the drive is SATA based and not NVMe based. The NVMe (PCIe) require a much newer Linux kernel (something in 4.x range) while RouterOS is current still running a 2.x kernel.
by IntrusDave
Sat Jul 22, 2017 3:32 am
Forum: General
Topic: CRS
Replies: 1
Views: 337

Re: CRS

Log into it and use Quick Set.
by IntrusDave
Fri Jul 21, 2017 6:48 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

for those interested, the DNS now holds the list sizes. { :local list1 [ :resolve server=mikrotikfilters.com server-port=6502 domain-name=127.0.0.4 ]; :local list2 [ :resolve server=mikrotikfilters.com server-port=6502 domain-name=127.0.0.5 ]; :local list3 [ :resolve server=mikrotikfilters.com serve...
by IntrusDave
Fri Jul 21, 2017 6:29 pm
Forum: Beginner Basics
Topic: How do I fix this?
Replies: 4
Views: 566

Re: How do I fix this?

Maybe wrong interface names?
by IntrusDave
Fri Jul 21, 2017 6:09 pm
Forum: General
Topic: Overlapping Subnets on same router
Replies: 4
Views: 586

Re: Overlapping Subnets on same router

You are going to have far more problems trying to get this working than is you simply use unique subnets for each site. While reverse NAT is possible, you will find that it is not practical and very complicated to manage.
by IntrusDave
Fri Jul 21, 2017 5:57 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

I've updated the server side to prevent units with 64M or less from pulling list 3. It's simply too big and causes the units to panic with an out of memory error. I watched one unit download the list and reboot more than 30 times last night, until I forced it to grab list two on the server side.
by IntrusDave
Fri Jul 21, 2017 5:55 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

The previous version has been disabled because of abuse. Please remove all the blacklist scripts, and run the installer from the first post.
It provides you with a much more stable and flexible platform. Once installed, read over the .conf file and make changes to suit your needs.
by IntrusDave
Fri Jul 21, 2017 7:11 am
Forum: General
Topic: Access to service after logon
Replies: 12
Views: 826

Re: Access to service after logon

can you manually add a dynamic entry and see what happens?
/ip firewall address-list add address=1.1.1.1 list=zzTest timeout=00:00:15
by IntrusDave
Fri Jul 21, 2017 6:44 am
Forum: General
Topic: Access to service after logon
Replies: 12
Views: 826

Re: Access to service after logon

This is great, and I love port knocking... except the current RouterOS broke the timeout for address-list items. Right now, when they expire, they just sit their at 00:00:00 and are never removed. What version does that? I use Port Knocks quite a bit and had not seen that I was able to get in when ...
by IntrusDave
Fri Jul 21, 2017 2:15 am
Forum: General
Topic: Access to service after logon
Replies: 12
Views: 826

Re: Access to service after logon

I do not. I run Mac :)
But I will look into it. I haven't yet because of the timeout issue.
by IntrusDave
Fri Jul 21, 2017 2:10 am
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

The script is called once an hour, however that only means that you will make a single DNS lookup to see if the filters have changed. If there is no change, then no update is downloaded. If the DNS returns a newer serial number than the current installed list, then the new list is downloaded. The li...
by IntrusDave
Fri Jul 21, 2017 2:04 am
Forum: General
Topic: Access to service after logon
Replies: 12
Views: 826

Re: Access to service after logon

I think you should consider using port knocking for what you want.

This is great, and I love port knocking... except the current RouterOS broke the timeout for address-list items.
Right now, when they expire, they just sit their at 00:00:00 and are never removed.
by IntrusDave
Fri Jul 21, 2017 12:52 am
Forum: General
Topic: Is hEX (RB750Gr3) can handle 2 x 100M WANs?
Replies: 9
Views: 1751

Re: Is hEX (RB750Gr3) can handle 2 x 100M WANs?

I have no issue with getting 100mbps. That the line speed of my fastest IPSec partner.
by IntrusDave
Thu Jul 20, 2017 11:42 pm
Forum: RouterBOARD hardware
Topic: Lte not working on 922UAGS-5HPacD
Replies: 7
Views: 1042

Re: Lte not working on 922UAGS-5HPacD

Make sure you buy the correct model for your carrier. Most LTE modems come in 2 varieties, WCDMA & GMS.
by IntrusDave
Thu Jul 20, 2017 11:37 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

I go away for a week and everything has changed. :shock: @IntrusDave, thank you again for all your work on this blacklist. Unfortunately for me, the automated scripting is now too intrusive and is itself a serious security risk, so I'm out. If in the future you resume publishing a blacklist of addr...
by IntrusDave
Thu Jul 20, 2017 10:13 pm
Forum: Scripting
Topic: tx-bytes rx-bytes have spaces and are unusable. Please help (edited and added more info)
Replies: 4
Views: 792

Re: tx-bytes rx-bytes have spaces and are unusable. Please help (edited and added more info)

I use this code to fix it. The Global creates a reusable function, then use the "$removeSpace t=" to call the function :global removeSpace do={ :local temp; :for i from=0 to=([:len $t] - 1) do={ :local char [:pick $t $i]; :if ($char = " ") do={ :set $char ""; } :set temp ($temp . $char); } :return $...
by IntrusDave
Thu Jul 20, 2017 10:00 pm
Forum: RouterBOARD hardware
Topic: Lte not working on 922UAGS-5HPacD
Replies: 7
Views: 1042

Re: Lte not working on 922UAGS-5HPacD

The RB922UAGS-5HPacD does not come with an LTE modem installed. The SIM in on the system board, but you must install the modem into the Mini PCIe socket.
by IntrusDave
Thu Jul 20, 2017 7:22 pm
Forum: General
Topic: Access to service after logon
Replies: 12
Views: 826

Re: Access to service after logon

This isn't something supported by MikroTik. A good solution would be setting up a VPN service and requiring a VPN connection first.
by IntrusDave
Thu Jul 20, 2017 7:04 pm
Forum: RouterBOARD hardware
Topic: Lte not working on 922UAGS-5HPacD
Replies: 7
Views: 1042

Re: Lte not working on 922UAGS-5HPacD

Likely an incompatible modem, or a modem that only supports PPP. What type of make and model did you use?
by IntrusDave
Thu Jul 20, 2017 7:01 pm
Forum: General
Topic: RB260GSP with QRT5ac on a 12V Batterie, QRT reboots every few minutes
Replies: 5
Views: 1169

Re: RB260GSP with QRT5ac on a 12V Batterie, QRT reboots every few minutes

I agree, 12V is likely your issue. Can you wire the batteries in series and switch to 24V?
by IntrusDave
Thu Jul 20, 2017 6:56 pm
Forum: Virtualization
Topic: CHR initial time wrong
Replies: 12
Views: 1538

Re: CHR initial time wrong

No need to be rude. Clearly he doesn't understand, which is easily explained by his post count (that was his 1st post). Anyway - The CHR doesn't have any of the VM tools installed, so it is unable to communicate directly with the host to get the date and time. Unfortunately, you only real choice is ...
by IntrusDave
Thu Jul 20, 2017 6:47 pm
Forum: General
Topic: how to install on mini sata x86?
Replies: 7
Views: 881

Re: how to install on mini sata x86?

netinstall is for MikroTik devices only. It will not work on x86.

RouterOS for x86 will only install on the first BIOS supported drive detected. You will need to disconnect all drives, except the drive you want it installed on. And that drive must be a BIOS bootable device.
by IntrusDave
Thu Jul 20, 2017 6:43 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

Thank you for the script, but I have to say that, as least in my limited testing, I stumbled upon too many blocked gmail servers. I couldn't even send an email from my gmail account to my corporate address. The worst part is that gmail somehow didn't even alert me that the message did not go throug...
by IntrusDave
Thu Jul 20, 2017 6:40 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

Morning, tnx for explaining the script rights issue, to bad we are struggling with that, for now it works here. @Dave I noticed the script got updated to 2.0.3 in the past 12 hours, it would be nice to see some kind of changelog if possible ? Keep up the good work ! Eddie release notes are in the f...
by IntrusDave
Thu Jul 20, 2017 6:40 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

Hi all i'm running in my ccr-1009-8G-1S-1S+ log is show notthing but Script List show this messeage https://goo.gl/yYE2do https://goo.gl/yYE2do messeage is " LOG 【;(eval (eval /putmessage=$t) (eval /log warningmessage=$t))】 urlEncode【;(eval (eval /localname=$temp) (eval /forcounter=$i;do=;(eval (ev...
by IntrusDave
Wed Jul 19, 2017 8:47 pm
Forum: General
Topic: Is hEX (RB750Gr3) can handle 2 x 100M WANs?
Replies: 9
Views: 1751

Re: Is hEX (RB750Gr3) can handle 2 x 100M WANs?

I've been running a Rb3011 with two 300mbps WANs and 24 IPsec tunnels for almost a year with no issues. The CPU is quire powerful. I have recently replaced it with a RB1100AHx4, but only because I wanted the internal storage.
by IntrusDave
Wed Jul 19, 2017 7:31 pm
Forum: General
Topic: Slack not working when using eoip tunnel
Replies: 1
Views: 541

Re: Slack not working when using eoip tunnel

Check your MTU. EoIP has a smaller MTU, and without adjusting for it, https often fails.
by IntrusDave
Wed Jul 19, 2017 7:27 pm
Forum: General
Topic: Is hEX (RB750Gr3) can handle 2 x 100M WANs?
Replies: 9
Views: 1751

Re: Is hEX (RB750Gr3) can handle 2 x 100M WANs?

The hEX should be able, but if you can, I would go with a RB3011.
by IntrusDave
Wed Jul 19, 2017 7:25 pm
Forum: Scripting
Topic: Scrip permission error
Replies: 3
Views: 1742

Re: Scrip permission error

Give the script full permissions. Also, make sure it's owned by a user with full access.
by IntrusDave
Wed Jul 19, 2017 6:51 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

No worries, I have no intention of including rules beyond the basic examples provided in the initial posts.
by IntrusDave
Wed Jul 19, 2017 4:36 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

Hi Dave, First of all thanks for an amazing job and all effort you're putting into this. It's working just fantastic on my hAP-ac router. A small idea to consider: how about extending firewall filter rules with autoblock functionality for intruders trying to get to a router or network? A dynamic li...
by IntrusDave
Wed Jul 19, 2017 4:33 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

Unfortunately, taking away the permissions ends with empty scripts. Taking away ANY of them causes issues - I do not know why. You *SHOULD NOT* need "password" or "sensitive", but removing them causes the failure.
by IntrusDave
Wed Jul 19, 2017 2:11 am
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

Just pushed out 2.0.2.2 :)
new auto-script-update script is included. It pulls the current version from the server and updates if needed.
by IntrusDave
Wed Jul 19, 2017 12:58 am
Forum: General
Topic: Anyone else having this VPN issue?
Replies: 17
Views: 1756

Re: Anyone else having this VPN issue?

My issues are all Mikrotik to Mikrotik. My Mikrotik to Cisco IPsec VPNs never seem to fail.
by IntrusDave
Wed Jul 19, 2017 12:54 am
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

Just released 2.0.2 with minor bug fixes. Run the auto-update/install script to update.
by IntrusDave
Tue Jul 18, 2017 7:18 pm
Forum: General
Topic: Anyone else having this VPN issue?
Replies: 17
Views: 1756

Re: Anyone else having this VPN issue?

No idea at all. And I am unable to force it to happen, so I can't even submit a support request.
by IntrusDave
Tue Jul 18, 2017 7:12 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

Check for the Scheduler and Script Policies. Make sure that all of the boxes are marked.
by IntrusDave
Tue Jul 18, 2017 2:16 am
Forum: General
Topic: Router Max Connections?
Replies: 7
Views: 1754

Re: Router Max Connections?

The CRS is a switch (Cloud Router Switch) with routing ability. The RB2011 has the same CPU. I would recommend that you invest in a router more suited for what you are doing. The RB3011, RB1100AHx4, and CCR1009 will all do nicely for that. To be honest, all of the MMIPS based units are great boxes f...
by IntrusDave
Tue Jul 18, 2017 2:11 am
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

So two things... Some users are simply blocked at my firewall, and now two users have been added to the list itself. I don't see this as "poisoning" as they are the ones that were actively trying to find security holes. (They have been trying SQL injections) Given that they are active attacks, I see...
by IntrusDave
Mon Jul 17, 2017 6:24 am
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

You should be getting the same logging both ways. If not, check the schedule policy and the script policy and make sure all of the boxes are checked.
by IntrusDave
Mon Jul 17, 2017 6:18 am
Forum: General
Topic: Anyone else having this VPN issue?
Replies: 17
Views: 1756

Re: Anyone else having this VPN issue?

I have the same issue. It has gotten to the point that I have a script on every router to kill the IPSec connections and flush the SA's, at the same time on both ends.
by IntrusDave
Mon Jul 17, 2017 2:46 am
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 103981

Re: Blacklist Filter update script

I've shut down the old service (pre 2.0 script). I found that several users were leaching the large list and rebranding it as their own. They were also trying to probe the server side for exploits. Again, I offer my list as a free service to the MikroTik community. If people continue to abuse it, I ...
by IntrusDave
Mon Jul 17, 2017 12:21 am
Forum: General
Topic: rest with out reset button
Replies: 4
Views: 636

Re: rest with out reset button

?

if the router is powered by PoE, then you can cycle the PoE port's power.