Community discussions

MikroTik App

Search found 1316 matches

by eworm
Tue Mar 12, 2024 2:17 pm
Forum: Announcements
Topic: v7.14.1 [stable] is released!
Replies: 419
Views: 69265

Re: v7.14.1 [stable] is released!

A decimal with suffix "m" is handled as time automatically, as long as you skip the quotes. And two minutes should be fine, that is the interval last-handshake is updated. Yes, your code works as expected, I did not answer precisely. What I wanted to say is that you do not even need to ent...
by eworm
Tue Mar 12, 2024 2:07 pm
Forum: Announcements
Topic: v7.14.1 [stable] is released!
Replies: 419
Views: 69265

Re: v7.14.1 [stable] is released!

This may cause a short interruption in packet flow... Perhaps add something like "last-handshake>2m"?
by eworm
Sat Mar 09, 2024 8:46 am
Forum: Announcements
Topic: v7.15beta [testing] is released!
Replies: 282
Views: 44054

Re: v7.15beta [testing] is released!

The scripting part crashes in 7.15beta6 several times a day:
script;error script error: error - contact MikroTik support and send a supout file (10)
Did not yet open an issue, will have to do that later today.
by eworm
Tue Mar 05, 2024 6:15 pm
Forum: Announcements
Topic: v7.15beta [testing] is released!
Replies: 282
Views: 44054

Re: v7.15beta [testing] is released!

Oh... This one is kind of a nightmare! 😳
I have decided to solve the scripting issues on my side. So did a massive rework, and I think I am mostly fine for now. 👍
by eworm
Mon Mar 04, 2024 2:00 pm
Forum: Announcements
Topic: v7.15beta [testing] is released!
Replies: 282
Views: 44054

Re: v7.15beta [testing] is released!

Any chance we will have :exit really, really soon to fix this? Otherwise I will have a lot of work to do, implementing other (and probably a lot more complicated) workarounds to my scripts. Or repurpose :quit for early termination when used in /system/script That causes a ssh session to terminate w...
by eworm
Mon Mar 04, 2024 1:31 pm
Forum: Announcements
Topic: v7.15beta [testing] is released!
Replies: 282
Views: 44054

Re: v7.15beta [testing] is released!

Oh... This one is kind of a nightmare! 😳 RouterOS scripting is missing some control structures, one of these being :exit (or what ever it may be named...) to exit a scripts early, successfully. As this is missing I have a lot of script misusing :error for that purpose, which worked to date. Now Rout...
by eworm
Thu Feb 29, 2024 2:41 pm
Forum: General
Topic: RouterOS Feature request: NTP client Time
Replies: 1
Views: 221

Re: RouterOS Feature request: NTP client Time

Time and date are available in:
/system/clock/
by eworm
Sun Feb 25, 2024 11:05 am
Forum: Announcements
Topic: v7.14rc [testing] is released!
Replies: 176
Views: 46684

Re: v7.14rc [testing] is released!

I think you have to set both, with comma in between.
by eworm
Thu Feb 22, 2024 11:02 am
Forum: Announcements
Topic: v7.14rc [testing] is released!
Replies: 176
Views: 46684

Re: v7.14rc [testing] is released!

Thank you for the feedback but how is a normal user supposed to do this downgrade ? It's only possible via support, I believe ? I think you are confused with stuff from another manufacturer here. It has never been a problem to downgrade on MikroTik, only you cannot downgrade below the version that ...
by eworm
Thu Feb 22, 2024 8:57 am
Forum: Announcements
Topic: v7.14rc [testing] is released!
Replies: 176
Views: 46684

Re: v7.14rc [testing] is released!

You can do a usual "upgrade", that results in a downgrade as 05 has been pulled from servers and 04 is latest.
by eworm
Wed Feb 21, 2024 10:05 pm
Forum: Beginner Basics
Topic: Virtual SIM in Mikrotik
Replies: 6
Views: 796

Re: Virtual SIM in Mikrotik

Oh, that looks quite interesting... But to download a profile to that card I have to place it in a smartphone first or is there a way to use it without a smartphone?
by eworm
Mon Feb 19, 2024 8:54 am
Forum: Beginner Basics
Topic: Virtual SIM in Mikrotik
Replies: 6
Views: 796

Re: Virtual SIM in Mikrotik

Not yet, but there are hints about future devices that support eSIM.

Note this is not virtual, but still a chip soldered on the board or available in SOC.
by eworm
Wed Feb 14, 2024 5:04 pm
Forum: RouterBOARD hardware
Topic: hAP ax lite LTE - issues after modem FW upgrade to 16121.1034.00.01.01.05
Replies: 46
Views: 3584

Re: hAP ax lite LTE - issues after modem FW upgrade to 16121.1034.00.01.01.05

I think I am suffering this as well... Will see if I manage to downgrade.
by eworm
Sun Feb 11, 2024 11:36 am
Forum: Announcements
Topic: Newsletter #116 | January 2024
Replies: 90
Views: 28427

Re: Newsletter #116 | January 2024

Even hAP ax² matches the requirements with 4 core 64 bit CPU and 1 GB RAM...
by eworm
Fri Feb 02, 2024 8:34 pm
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 510
Views: 147957

Re: v7.14beta [testing] is released!

Beta and production do not go hand in hand. Do not complain!
by eworm
Wed Jan 31, 2024 1:16 pm
Forum: Announcements
Topic: Newsletter #116 | January 2024
Replies: 90
Views: 28427

Re: Newsletter #116 | January 2024

Probably best idea is to buy Chateau 5G ax instead...
by eworm
Wed Jan 31, 2024 9:24 am
Forum: General
Topic: Integrating email verification tools : seeking advice ?
Replies: 1
Views: 232

Re: Integrating email verification tools : seeking advice ?

Why do you think this is related to Mikrotik? I do not get the point here.
by eworm
Tue Jan 30, 2024 9:59 pm
Forum: General
Topic: Feature Request: webfig dark theme
Replies: 7
Views: 600

Re: Feature Request: webfig dark theme

Dark Reader is available for all major browser... I use it with Firefox.
by eworm
Sat Jan 27, 2024 1:09 pm
Forum: RouterBOARD hardware
Topic: New hAP ax lite LTE
Replies: 199
Views: 25251

Re: New hAP ax lite LTE

Oh, it is blue? Pretty sure I have not seen it on then.
by eworm
Fri Jan 26, 2024 10:36 pm
Forum: RouterBOARD hardware
Topic: New hAP ax lite LTE
Replies: 199
Views: 25251

Re: New hAP ax lite LTE

I have... /system leds settings set all-leds-off=never So that should not turn my LEDs off. Also the user led is ok and lights when it is supposed to. However when user led is turned off (intentionally) I can not tell if the device is powered or not. Even after plugging the power cable I have not se...
by eworm
Fri Jan 26, 2024 5:45 pm
Forum: RouterBOARD hardware
Topic: New hAP ax lite LTE
Replies: 199
Views: 25251

Re: New hAP ax lite LTE

Received mine, and I am quite happy for now.

One thing that worries me... The power LED does not light. Is there any way I broke it with configuration? I did a reset without default for a clean start...
by eworm
Thu Jan 25, 2024 1:09 pm
Forum: Announcements
Topic: v7.13.5 [stable] is released!
Replies: 909
Views: 253355

Re: v7.13.3 [stable] is released!

I think the DNS service crashes happened in combination with an active hotspot. That was what I was suffering.
by eworm
Thu Jan 25, 2024 12:06 am
Forum: General
Topic: IP Hotspot DNS Redirect on V7
Replies: 5
Views: 599

Re: IP Hotspot DNS Redirect on V7

You missed the point. It does not matter what position the rule has if it is the correct chain. It is important for you to have chain=pre-hotspot (note the prefix "pre-" in chain name) - just look for the rule that jumps into that chain!
by eworm
Wed Jan 24, 2024 7:52 pm
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 510
Views: 147957

Re: v7.14beta [testing] is released!

Discarding a record early is not a problem. Just keeping it longer than TTL is.
by eworm
Wed Jan 24, 2024 7:46 pm
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 510
Views: 147957

Re: v7.14beta [testing] is released!

I had the same thought on the cache... Older items should be discarded, to have newer ones in cache.
by eworm
Tue Jan 23, 2024 10:17 am
Forum: General
Topic: IP Hotspot DNS Redirect on V7
Replies: 5
Views: 599

Re: IP Hotspot DNS Redirect on V7

You can do the same in table filter, use chain=pre-hs-input there.
by eworm
Tue Jan 23, 2024 10:16 am
Forum: General
Topic: IP Hotspot DNS Redirect on V7
Replies: 5
Views: 599

Re: IP Hotspot DNS Redirect on V7

There are specific chains that are jumped into before default rules match. You can put your rules there, no need for a script. (Currently typing from smartphone, so no guarantee for correctness...) Modify this for your needs: /ip/firewall/nat/add action=redirect chain=pre-hotspot dst-port=53 protoco...
by eworm
Thu Jan 18, 2024 5:23 pm
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 510
Views: 147957

Re: v7.14beta [testing] is released!

I wrote "auto-routing (BGP/OSPF/RIP/IS-IS)". Nobody is using that on their home NAT router
I am. Therefore your statement is false.
Me too. 😁
by eworm
Tue Jan 16, 2024 12:30 pm
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 510
Views: 147957

Re: v7.14beta [testing] is released!

Thought about doing a reset, then updating and restoring the configuration. Well... Instead of doing the reset the device just crashes now. 😳
by eworm
Tue Jan 16, 2024 12:01 pm
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 510
Views: 147957

Re: v7.14beta [testing] is released!

Yes, please! In the past I've been fine with the bundle, but it does become a problem now. My " road-runner " hAP ac² with RouterOS 7.14beta6 and wifi-qcom-ac package is at several KB to zero free storage size. It bricks on reboot, ignores and forgets settings, fails to upgrade... 10:46:37...
by eworm
Wed Jan 10, 2024 8:16 am
Forum: Announcements
Topic: v7.13.5 [stable] is released!
Replies: 909
Views: 253355

Re: v7.13.1 [stable] is released!

Possibly a bad idea on devices with limited storage... I prefer to have the certificates around that I need.
by eworm
Tue Jan 09, 2024 11:54 pm
Forum: Announcements
Topic: v7.13.5 [stable] is released!
Replies: 909
Views: 253355

Re: v7.13.1 [stable] is released!

Looks like cloudflare just changed their certificate, and they got it from a different issuer. Possibly that is the problem?
by eworm
Tue Jan 09, 2024 10:43 am
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 510
Views: 147957

Re: v7.14beta [testing] is released!

Actually alpha and beta are built side by side, you can not tell which one is newer just by looking at the version number. The beta release are pushed to testing channel, alpha releases are for internal testing or are given to specific people for testing.
by eworm
Tue Jan 09, 2024 10:18 am
Forum: Announcements
Topic: v7.13.5 [stable] is released!
Replies: 909
Views: 253355

Re: v7.13.1 [stable] is released!

fetch is a command/executable/utility and not a service. So still more confusion. 😅
Oh, I confused this with...
*) fetch - fixed DNS resolving when domain has only AAAA entries (introduced in v7.13);
So the services must have suffered something different. Anyway... Possibly related.
by eworm
Tue Jan 09, 2024 7:36 am
Forum: Announcements
Topic: v7.13.5 [stable] is released!
Replies: 909
Views: 253355

Re: v7.13.1 [stable] is released!

That's another sample. Nobody understands (without being affected directly by the bug) what this fix for internal service name resolution is all about.
Services like fetch could not resolve and use ipv6(-only) addresses. That is fixed now.
by eworm
Sat Dec 30, 2023 2:24 pm
Forum: Announcements
Topic: v7.13.5 [stable] is released!
Replies: 909
Views: 253355

Re: v7.13 [stable] is released!

As already pointed out... This has been in changelog. There are other characters, that are handled the same, like dollar sign. And I think the changelog is incomplete, IIRC the same goes for scheduler names, and possibly more.
by eworm
Sat Dec 30, 2023 12:56 am
Forum: General
Topic: Reverse SSH port tuneling
Replies: 5
Views: 791

Re: Reverse SSH port tuneling

You need to enable forwarding on Mikrotik device:
/ip/ssh/set forwarding-enabled=[both|local|no|remote];
Wondering if that could be solved easier... What do you want to achieve?
by eworm
Sat Dec 23, 2023 10:59 pm
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 510
Views: 147957

Re: v7.14beta [testing] is released!

Exactly what I did. 😜
by eworm
Fri Dec 22, 2023 11:48 am
Forum: Announcements
Topic: v7.13.5 [stable] is released!
Replies: 909
Views: 253355

Re: v7.13 [stable] is released!

If I call up the IP check from DeDyn, for example, I get this error:
Yes, this is a problem where fetch fails with ipv6-only addresses. Reported as SUP-134908. Received any answer and support as aware, but no solution, yet.
by eworm
Tue Dec 19, 2023 10:32 pm
Forum: Announcements
Topic: v7.13.5 [stable] is released!
Replies: 909
Views: 253355

Re: v7.13 [stable] is released!

Is there a guide on making both CAPSMANs work at the same time on the same MikroTik device?
I have not tried it myself, but I think there have been user reports that you need a dedicated CA for each CAPsMAN to make them co-exist. Is that true for you?
by eworm
Tue Dec 19, 2023 4:49 pm
Forum: Announcements
Topic: v7.13.5 [stable] is released!
Replies: 909
Views: 253355

Re: v7.13 [stable] is released!

No problem here with sending to Telegram... And also every other use of fetch is fine.
by eworm
Sat Dec 09, 2023 1:13 pm
Forum: Announcements
Topic: v7.13rc [testing] is released!
Replies: 178
Views: 49154

Re: v7.13rc [testing] is released!

No problem with wireguard here, working well without issues.

Wondering if you have issues with the roaming functionality... Do you have any suspicious or unexpected addresses in actual-endpoint-address?
by eworm
Fri Dec 08, 2023 10:14 am
Forum: Announcements
Topic: v7.13rc [testing] is released!
Replies: 178
Views: 49154

Re: v7.13rc [testing] is released!

That's my understanding of the issue, yes. But as we do not have the crossfig script code we can not verify... But adding one note here... My wifi interface do not have default names, I renamed all of them. Perhaps that's a problem? [eworm@MikroTik] > /interface/wifi/print proplist=name,default-name...
by eworm
Fri Dec 08, 2023 9:46 am
Forum: Announcements
Topic: v7.13rc [testing] is released!
Replies: 178
Views: 49154

Re: v7.13rc [testing] is released!

The "error while running customized default configuration script" did not occur on next reboot... So not opening an issue for now.
by eworm
Thu Dec 07, 2023 2:29 pm
Forum: Announcements
Topic: v7.13rc [testing] is released!
Replies: 178
Views: 49154

Re: v7.13rc [testing] is released!

What previous RouterOS version where you running, @eworm?
RouterOS 7.13rc2, without errors.
by eworm
Thu Dec 07, 2023 2:11 pm
Forum: Announcements
Topic: v7.13rc [testing] is released!
Replies: 178
Views: 49154

Re: v7.13rc [testing] is released!

What's new in 7.13rc3 (2023-Dec-06 17:16): On hAP ac² with wifi-qcom-ac I have: 2023-12-07 13:02:57 system,error,critical error while running customized default configuration script: no such item 2023-12-07 13:02:57 system,error,critical 2023-12-07 13:03:33 system,error,critical error while running...
by eworm
Wed Dec 06, 2023 6:58 pm
Forum: Scripting
Topic: Send a unicode symbol to Telegram from an array list
Replies: 4
Views: 1861

Re: Send a unicode symbol to Telegram from an array list

Instead of stealing just one function you could use all of them as expected... 🤪 So if you install my scripts and configure Telegram as expected this gives exactly what you want: $SendTelegram ([ $SymbolForNotification "calendar,memo" ] . "Telegram Test") "Message...";
by eworm
Wed Dec 06, 2023 1:11 pm
Forum: Announcements
Topic: NEW FEATURE: Back to Home VPN
Replies: 292
Views: 220193

Re: NEW FEATURE: Back to Home VPN

Oh, ok... I misread then.
by eworm
Wed Dec 06, 2023 11:24 am
Forum: Announcements
Topic: NEW FEATURE: Back to Home VPN
Replies: 292
Views: 220193

Re: NEW FEATURE: Back to Home VPN

I think Android has a "security feature" to make play store traffic bypass VPN connections. Possibly that's the issue.

IIRC the wireguard app can force all traffic through its tunnels anyway.
by eworm
Tue Dec 05, 2023 9:03 am
Forum: Announcements
Topic: v7.12.1 [stable] is released!
Replies: 252
Views: 90726

Re: v7.12.1 [stable] is released!

Note that host key and public key authentication are different things. To switch the former to ed25519 use:
/ip/ssh/set host-key-type=ed25519;
by eworm
Mon Dec 04, 2023 7:07 pm
Forum: Announcements
Topic: v7.13rc [testing] is released!
Replies: 178
Views: 49154

Re: v7.13rc [testing] is released!

Possibly an address clash? You habe 10.255.2.0/24 for interface and allowed-ips inside the tunnel.
by eworm
Wed Nov 29, 2023 12:12 pm
Forum: Announcements
Topic: v7.13beta [testing] is released!
Replies: 467
Views: 87040

Re: v7.13beta [testing] is released!

What is that site? http://x1.c.lencr.org/
It doesn't work for me too. Try other sites maybe ;)
Have a look at Let's Encrypt R3 intermediate certificate... The url is its crl endpoint.
by eworm
Mon Nov 27, 2023 10:59 am
Forum: Announcements
Topic: v7.13beta [testing] is released!
Replies: 467
Views: 87040

Re: v7.13beta [testing] is released!

Wait what? wAP ac is mipsbe with AR9300, but the wifi-qcom-package works on it?
That's pretty cool!
There are two versions of wAP ac - MIPSBE and ARM. The ARM version works with new drivers, the MIPSBE version does not.
by eworm
Wed Nov 22, 2023 7:57 pm
Forum: Announcements
Topic: v7.13beta [testing] is released!
Replies: 467
Views: 87040

Re: v7.13beta [testing] is released!

oh, and one more thing. please give the same treatment to /tool/fetch currently it won't fall back to IPv6 if ipv4 is not available. i don't care if we don't get the full blown "happy eyeballs" algorithm - the routers i've seen til this day did not have eyes anyway - but if fetch would ha...
by eworm
Wed Nov 22, 2023 1:55 am
Forum: Announcements
Topic: v7.13beta [testing] is released!
Replies: 467
Views: 87040

Re: v7.13beta [testing] is released!

Also some properties support unsetting/resetting with exclamation mark, like this:
/interface/bridge/port/set !internal-path-cost !path-cost [ find ];
by eworm
Tue Nov 21, 2023 11:35 pm
Forum: Scripting
Topic: Send log via e-mail
Replies: 10
Views: 8874

Re: Send log via e-mail

I can recommend to use my script for this:
https://git.eworm.de/cgit/routeros-scri ... forward.md
by eworm
Mon Nov 20, 2023 10:36 pm
Forum: Scripting
Topic: Calculate number of seconds in last-handshake
Replies: 4
Views: 1228

Re: Calculate number of seconds in last-handshake

  • What is the type of the value that is printed as 2023-11-20 ?
  • What is the type of the value that is printed as 2023-11-19 20:00:00 ?
I think these are just strings...

You can check with:
[admin@mikrotik] > :put [ :typeof [ /system/clock get date ] ]
str
by eworm
Mon Nov 20, 2023 10:34 pm
Forum: Scripting
Topic: Calculate number of seconds in last-handshake
Replies: 4
Views: 1228

Re: Calculate number of seconds in last-handshake

The last-handshake property is of type "time", and you can just compare that with other times. [admin@mikrotik] > :put (2s < 5m) true [admin@mikrotik] > :put (2d < 5m) false You can use just that to find your stale peers: /interface/wireguard/peers/print where last-handshake>5m Note there ...
by eworm
Mon Nov 20, 2023 9:40 pm
Forum: Announcements
Topic: v7.13beta [testing] is released!
Replies: 467
Views: 87040

Re: v7.13beta [testing] is released!

With the introduction of the :serialize and :deserialize commands, a world of possibilities opens up for the consumption of the Rest API, however the size of a string variable limits this. Example: https://stat.ripe.net/data /looking-glass/data.json?resource=140.78.0.0/16 cannot be processed due to...
by eworm
Thu Nov 16, 2023 4:16 pm
Forum: Announcements
Topic: v7.13beta [testing] is released!
Replies: 467
Views: 87040

Re: v7.13beta [testing] is released!

Check storage space ... right before shutdown. If storage is full (or close to full), then this might be the reason for problems.
Well, free storage is limited... Obviously. 😝 But I am pretty sure it was not near zero.
by eworm
Thu Nov 16, 2023 4:07 pm
Forum: Announcements
Topic: v7.13beta [testing] is released!
Replies: 467
Views: 87040

Re: v7.13beta [testing] is released!

[...] Did a netinstall with 7.13beta2 to restore it. It worked well all day. This morning exactly the same... 🤨 Anybody else seen this? Did another netinstall earlier today, that did not help. Did a configuration reset, then restored from configuration export (not backup). Up and running for now......
by eworm
Thu Nov 16, 2023 9:55 am
Forum: Announcements
Topic: v7.13beta [testing] is released!
Replies: 467
Views: 87040

Re: v7.13beta [testing] is released!

Supout and support, I would say...
The problem is that I can not access the device, so no support outfile file...
by eworm
Thu Nov 16, 2023 9:45 am
Forum: Announcements
Topic: v7.13beta [testing] is released!
Replies: 467
Views: 87040

Re: v7.13beta [testing] is released!

Something is really fishy here... Installed version 7.13beta1 on my hAP ac² on Tuesday with routeros and wifi-qcom-ac , configured wifi from scratch as needed. The device did not start up the next morning, just had a layer 2 link on ethernet every few minutes for some seconds only. No wifi, no vpn, ...
by eworm
Thu Nov 16, 2023 9:04 am
Forum: Announcements
Topic: v7.13beta [testing] is released!
Replies: 467
Views: 87040

Re: v7.13beta [testing] is released!

Numerical columns for stats output used to be aligned to the right. That is no longer true... Is this change intentional? Makes it even harder to read the output.

Compare this command with 7.12 and 7.13beta2...
/interface/print stats
by eworm
Fri Nov 10, 2023 6:54 pm
Forum: General
Topic: OS 7 -long term
Replies: 17
Views: 1700

Re: OS 7 -long term

my memory says it was 6.45.7.
No, it was not. That was a stable release and never made it into long-term.
by eworm
Fri Nov 10, 2023 4:58 pm
Forum: General
Topic: OS 7 -long term
Replies: 17
Views: 1700

Re: OS 7 -long term

that's not true. first long-term is always an exsting version. but then it can get small updates for CVE issues You are wrong. Let's have a look... v6.48.4 [stable] on Mon Aug 23, 2021 v6.49 [stable] on Thu Oct 07, 2021 v6.48.5 [long-term] on Fri Oct 08, 2021 It has always been like that, perhaps w...
by eworm
Fri Nov 10, 2023 4:25 pm
Forum: General
Topic: OS 7 -long term
Replies: 17
Views: 1700

Re: OS 7 -long term

let's say 7.12 is super stable and has zero bugs. after 3 months if it still is PERFECT. we may rename it to long-term
That used to be different with 6.x... A version from stable never made it to long-term, instead we had new build with even more cherry-picked fixes.
by eworm
Fri Nov 10, 2023 3:58 pm
Forum: General
Topic: OS 7 -long term
Replies: 17
Views: 1700

Re: OS 7 -long term

You could build 7.11.3 and push that to long-term. 😜
by eworm
Fri Nov 10, 2023 2:37 pm
Forum: General
Topic: How has been your experience with DoH?
Replies: 16
Views: 2471

Re: How has been your experience with DoH?

I use DoH and I am mostly happy. Still want to send a notice here: Things should improve a lot when DoH is used with HTTP/3 (also named DNS-over-QUIC). In this case transport is not via TCP but UDP, ruling out some potential issues. Please implement... 😜
by eworm
Fri Nov 10, 2023 2:18 pm
Forum: Announcements
Topic: v7.12.1 [stable] is released!
Replies: 252
Views: 90726

Re: v7.12 [stable] is released!

I have crazy behavior on LtAP mini... The lte interface vanished after some seconds. I've wanted to open an issue, thus enabled debug output for lte. It does no longer happen since then... The interface is available and running. A case of race condition caused by command timing perhaps? Edit... Oh, ...
by eworm
Fri Nov 10, 2023 11:17 am
Forum: Announcements
Topic: v7.12.1 [stable] is released!
Replies: 252
Views: 90726

Re: v7.12 [stable] is released!

and now re enable together with the download option too:

/certificate settings
set crl-download=yes crl-use=yes
How about extending the property verify-doh-cert with a new value yes-without-crl, just like fetch command with its property check-certificate?
by eworm
Wed Nov 08, 2023 1:35 pm
Forum: Announcements
Topic: v7.12rc is released!
Replies: 225
Views: 90112

Re: v7.12rc is released!

... unless they continue with small fixes. 😜
by eworm
Tue Nov 07, 2023 1:35 pm
Forum: General
Topic: Feature requests
Replies: 1740
Views: 624922

Re: Feature requests

I've ask support to modify ssh public keys ( /user/ssh-keys ) to expose a read-only property with the key's fingerprint ( SUP-132909 ). Actually public key authentication works quite well, but there is no way to verify that a key is the one you expect it to be. Imagine you import a certificate "...
by eworm
Tue Oct 31, 2023 5:54 pm
Forum: Scripting
Topic: Remove Static DNS entries
Replies: 3
Views: 1512

Re: Remove Static DNS entries

Try with quotes...
by eworm
Tue Oct 31, 2023 4:03 pm
Forum: General
Topic: Question regarding TLS/SSL server certificates [SOLVED]
Replies: 2
Views: 726

Re: Question regarding TLS/SSL server certificates [SOLVED]

Have a look at the certificate details! It should have the domain mentioned in "subject alternative names".
by eworm
Tue Oct 31, 2023 11:33 am
Forum: Announcements
Topic: v7.12rc is released!
Replies: 225
Views: 90112

Re: v7.12rc is released!

Not quite true... Also running the combination with Wireguard and OSPF on 7.12rc4 already.

To date I could not find any serve issues with recent rc releases. Really happy and waiting for final release. 😜
by eworm
Tue Oct 31, 2023 11:05 am
Forum: Announcements
Topic: v7.12rc is released!
Replies: 225
Views: 90112

Re: v7.12rc is released!

Wireguard and OSPF works just fine for me, currently on 7.12rc2.
by eworm
Tue Oct 31, 2023 9:50 am
Forum: Announcements
Topic: v7.12rc is released!
Replies: 225
Views: 90112

Re: v7.12rc is released!

I think I am affected with netwatch when monitoring https (type=https-get). I did complain about one core going to 100% in SUP-106133. Crossing fingers it is fixed now...
by eworm
Mon Oct 23, 2023 4:16 pm
Forum: Announcements
Topic: v7.12rc is released!
Replies: 225
Views: 90112

Re: v7.12rc is released!

You can run netinstall in a network namespace... Makes it easy and reliable. This is the wrapper I use:
https://aur.archlinux.org/cgit/aur.git/ ... netinstall

Most important are the calls from ip at the end. Feel free to modify for your needs.
by eworm
Sun Oct 08, 2023 12:29 am
Forum: General
Topic: Netwatch and schedule
Replies: 7
Views: 1454

Re: Netwatch and schedule

The change is now merged into the main branch, so you can remove the comment from script:
/system/script/set comment="" netwatch-notify;
(Sounds like this is a big win for you, especially after I made the change for you. So please consider keeping my motivation up...)
by eworm
Thu Oct 05, 2023 11:35 pm
Forum: Scripting
Topic: ROS 7.x - Get address not working [SOLVED]
Replies: 4
Views: 2090

Re: ROS 7.x - Get address not working [SOLVED]

If you want to handle active addresses only add "disabled=no" to your filter:
:global ddnsip [ /ip/address/get ([ /ip/address/find where interface="ether1" disabled=no ]->0) address ];
It is all about your code! 😜
by eworm
Thu Oct 05, 2023 1:41 am
Forum: Scripting
Topic: ROS 7.x - Get address not working [SOLVED]
Replies: 4
Views: 2090

Re: ROS 7.x - Get address not working [SOLVED]

Just a guess... Possibly you have several ip addresses on that interface now?

Try that for the first address:
:global ddnsip [ /ip/address/get ([ /ip/address/find where interface="ether1" ]->0) address ];
... or add more properties to your filter.
by eworm
Thu Oct 05, 2023 1:37 am
Forum: Scripting
Topic: Compare RouterOS version in script
Replies: 9
Views: 3010

Re: Compare RouterOS version in script

Glad I could help, you are welcome.

If you find this useful have a look at all my RouterOS Scripts...
by eworm
Fri Sep 29, 2023 3:21 pm
Forum: General
Topic: Netwatch and schedule
Replies: 7
Views: 1454

Re: Netwatch and schedule

Let's give it a try... This is required to install the script from next branch: /system/script/set comment="url-suffix=?h=next" netwatch-notify; $ScriptInstallUpdate; See the commit message for details on how to use the new setting: https://git.eworm.de/cgit/routeros-scripts/commit/?id=eef...
by eworm
Fri Sep 29, 2023 3:01 pm
Forum: General
Topic: Netwatch and schedule
Replies: 7
Views: 1454

Re: Netwatch and schedule

Currently this is not possible, no... You can give different notification settings for every script, but not for different configuration entities consumed by one scripts.

Though I see the use here... Perhaps I should extend that. 🤔
by eworm
Tue Sep 26, 2023 5:50 pm
Forum: Announcements
Topic: v7.12beta [testing] is released!
Replies: 263
Views: 122498

Re: v7.12beta [testing] is released!

I think CVE-2023-30799 is unrelated, as stated in the linked blog post:
This issue is fixed in all RouterOS releases available on our download page (v7.7 and v6.49.7 and newer).
by eworm
Tue Sep 26, 2023 4:21 pm
Forum: Announcements
Topic: v7.12beta [testing] is released!
Replies: 263
Views: 122498

Re: v7.12beta [testing] is released!

Ah,
/tool/fetch
is granted by test policy. Will have to check for sensitive data...
by eworm
Tue Sep 26, 2023 4:14 pm
Forum: Announcements
Topic: v7.12beta [testing] is released!
Replies: 263
Views: 122498

Re: v7.12beta [testing] is released!

*) console - restrict permissions to "read,write,reboot,ftp,romon,test" for scripts executed by DHCP, Hotspot, PPP and Traffic-Monitor services; Oh! 😳 So I can not access sensitive data, use /tool/fetch , and more? I guess that will break some of my scripts. 😢 Is there a way to opt-out an...
by eworm
Tue Sep 26, 2023 12:57 pm
Forum: Announcements
Topic: NEW FEATURE: Back to Home VPN
Replies: 292
Views: 220193

Re: NEW FEATURE: Back to Home VPN

If you have these requirements you should think about using a Mikrotik device with LTE modem. You can set up routing to your needs there.
by eworm
Tue Sep 19, 2023 1:15 am
Forum: General
Topic: Netwatch and schedule
Replies: 7
Views: 1454

Re: Netwatch and schedule

You can use my script, it does what you want, and a lot more:
Notify on host up and down
by eworm
Mon Sep 18, 2023 4:50 pm
Forum: RouterBOARD hardware
Topic: New hAP ax lite LTE
Replies: 199
Views: 25251

Re: New hAP ax lite LTE

Oh, I misread... 🫣
Then it's possibly a mix of both. 😜
by eworm
Mon Sep 18, 2023 4:37 pm
Forum: RouterBOARD hardware
Topic: New hAP ax lite LTE
Replies: 199
Views: 25251

Re: New hAP ax lite LTE

All of this is wrong... It is not about reserved RAM or something like that. In fact the memory is 256.000.000 Bytes. Divide that by 1M (with base 2, so 2072576) you have 244MB.
by eworm
Mon Sep 04, 2023 11:04 am
Forum: Announcements
Topic: v7.11.2 [stable] is released!
Replies: 348
Views: 160670

Re: v7.11.2 [stable] are released!

I do not see why 7.11.2 is not mention in the title. "and more" what is that. As it is now, its hard to see what is the latest release while visiting the forum. Please add 7.11.2 to the title of the tread. Perhaps something like " v7.11.2 and older 7.11.x [stable] are released! "...
by eworm
Sun Aug 27, 2023 5:05 pm
Forum: Announcements
Topic: v7.12beta [testing] is released!
Replies: 263
Views: 122498

Re: v7.12beta [testing] is released!

Edit: OK, managed to do it via an access list, setting a simple rule for the particular MAC address. But then - I miss the context menu action "Copy to access list", while at the registration table tab. A way to do it via ACL works in 7.11(wifiwave2) and worked in 6.x. The registration ta...
by eworm
Thu Aug 24, 2023 9:11 pm
Forum: RouterBOARD hardware
Topic: New hAP ax lite LTE
Replies: 199
Views: 25251

Re: New hAP ax lite LTE

I'm curious, everyone, what did you set mode button https://git.eworm.de/cgit/routeros-scripts/about/doc/mode-button.md and user led to? https://git.eworm.de/cgit/routeros-scripts/about/doc/ospf-to-leds.md (Device connects to a vpn, and ospf is inside this vpn. So ospf is the best indication for fu...
by eworm
Thu Aug 24, 2023 4:37 pm
Forum: Announcements
Topic: v7.12beta [testing] is released!
Replies: 263
Views: 122498

Re: v7.12beta [testing] is released!

The new release shouldn't be 7.12beta2?
Probably did not pass internal quality testing...
by eworm
Wed Aug 23, 2023 10:58 am
Forum: Announcements
Topic: v7.11.2 [stable] is released!
Replies: 348
Views: 160670

Re: v7.11 [stable] is released!

The CAPsMAN issue has been fixed in RouterOS 7.12alpha108... Let's hope we will see this in releases soon.
by eworm
Tue Aug 22, 2023 5:50 pm
Forum: RouterBOARD hardware
Topic: New hAP ax lite LTE
Replies: 199
Views: 25251

Re: New hAP ax lite LTE

Power drain on wAP ac LTE is at 4W after shutdown.
by eworm
Tue Aug 22, 2023 5:46 pm
Forum: RouterBOARD hardware
Topic: New hAP ax lite LTE
Replies: 199
Views: 25251

Re: New hAP ax lite LTE

IDLE (LTE connection up, wireless enabled but no clients, no wired devices) Input voltage: 5.08V Current draw: 0.478A Power draw: 2,428W Just connected my wAP ac LTE with R11e-LTE (CAT4) to my usb meter, it is connected to a usb-c power bank via PD adapter set to 16V. Input voltage: 16.33V Current ...
by eworm
Sun Aug 20, 2023 11:28 pm
Forum: Scripting
Topic: Netwatch script to report downtime?
Replies: 3
Views: 2323

Re: Netwatch script to report downtime?

Have a look at my scripts, it can do that - and a lot more:
https://git.eworm.de/cgit/routeros-scri ... -notify.md
by eworm
Thu Aug 17, 2023 8:30 pm
Forum: Announcements
Topic: v7.12beta [testing] is released!
Replies: 263
Views: 122498

Re: v7.12beta [testing] is released!

I think no. It is related to dynamic interfaces.
by eworm
Thu Aug 17, 2023 1:02 pm
Forum: General
Topic: Feature Request: Ed25519 SSH keys
Replies: 57
Views: 19782

Re: Feature Request: Ed25519 SSH keys

Available now in 7.12beta1! 🥳
by eworm
Thu Aug 17, 2023 12:38 pm
Forum: Announcements
Topic: v7.11.2 [stable] is released!
Replies: 348
Views: 160670

Re: v7.11 [stable] is released!

I am in contact with support regarding issues with capsman. Looks like this is not caused by capsman itself, but handling of dynamic interfaces in bridge.
Currently running 7.12alpha74 on a CHR, works without issue for now. Holding thumbs...
by eworm
Wed Aug 16, 2023 10:05 am
Forum: Announcements
Topic: v7.11.2 [stable] is released!
Replies: 348
Views: 160670

Re: v7.11 [stable] is released!

I have CCR1009-7G-1C-1S+ go crazy with console crashes, script errors (action timed out) and more. Sadly even generating a support output file fails... Opened issue SUP-125133. Generating an export results in this before console crashes, just again: #error exporting "/caps-man/channel" (t...
by eworm
Tue Aug 15, 2023 5:02 pm
Forum: Announcements
Topic: v7.11.2 [stable] is released!
Replies: 348
Views: 160670

Re: v7.11 [stable] is released!

I have CCR1009-7G-1C-1S+ go crazy with console crashes, script errors (action timed out) and more. Sadly even generating a support output file fails...
Opened issue SUP-125133.
by eworm
Mon Aug 14, 2023 12:43 pm
Forum: Announcements
Topic: v7.11rc is released!
Replies: 195
Views: 47937

Re: v7.11rc is released!

I would put in another fact... Probably Mikrotik needs to scale up the infrastructure before this can be released for anybody to be used in a stable release.
by eworm
Tue Aug 08, 2023 3:46 pm
Forum: Announcements
Topic: v7.11rc is released!
Replies: 195
Views: 47937

Re: v7.11rc is released!

You cannot change comments on dynamic entries, anywhere.
That's not correct. I am pretty sure you can set a comment for dynamic DHCP leases.
https://git.eworm.de/cgit/routeros-scri ... comment.md

I have not tried anywhere else, though.
by eworm
Sat Aug 05, 2023 2:52 pm
Forum: RouterBOARD hardware
Topic: New hAP ax lite LTE
Replies: 199
Views: 25251

Re: New hAP ax lite LTE

But it is also a perfect fit for administrator's travel toy. So POE definitely missing here for the use case.

Let's hope we will see similar devices in future.
by eworm
Mon Jul 31, 2023 10:22 pm
Forum: RouterBOARD hardware
Topic: New hAP ax lite LTE
Replies: 199
Views: 25251

Re: New hAP ax lite LTE

Ah, it needs just 5V... Well, could work then. If anybody tries different power sources... Let us know!

I use POE a lot, as I have a lot of POE networks around. Very handy to have a device that is happy with just a single cable. I need an extra power source just very seldom.
by eworm
Mon Jul 31, 2023 7:31 pm
Forum: Announcements
Topic: NEW FEATURE: Back to Home VPN
Replies: 292
Views: 220193

Re: NEW FEATURE: Back to Home VPN

Is it possible to open source/release the server side of the BTH relay? I'd love the ability to roll my own relay - which would remove the traffic from going through Mikrotik's server (would save Mikrotik cost as well) Why? Instead of a relay you could just run a Wireguard server with public IP add...
by eworm
Sun Jul 30, 2023 9:48 pm
Forum: RouterBOARD hardware
Topic: New hAP ax lite LTE
Replies: 199
Views: 25251

Re: New hAP ax lite LTE

Would be a really nice device with POE support. Sad it does not have that... 😒

Regarding USB-C power... I think this is missing support for PD (power delivery) protocol. So no idea if a power bank or other USB-C power source would work.
by eworm
Wed Jul 26, 2023 1:23 pm
Forum: Announcements
Topic: v7.10, 7.10.1 and more [stable] are released!
Replies: 369
Views: 128296

Re: v7.10, 7.10.1 and more [stable] are released!

What's new in 7.10 (2023-Jun-15 08:17): *) tile - fixed support for microSD card; Anyone else verify this was actually fixed? Having some real problems on a CCR1009-8G-1S-1S+ with v7.10.2 getting a 32GB SD card to be recognized. I tried wiping it in a separate PC and still no luck. Just want to see...
by eworm
Thu Jul 06, 2023 10:37 pm
Forum: General
Topic: Feature request: make DNS FWD works with DoH
Replies: 1
Views: 331

Re: Feature request: make DNS FWD works with DoH

Yes, please!

Though this has been suggested a lot of times... I lost hope. 😢
by eworm
Thu Jun 22, 2023 4:01 pm
Forum: Announcements
Topic: v7.10, 7.10.1 and more [stable] are released!
Replies: 369
Views: 128296

Re: v7.10 [stable] is released!

The issue remains if the allowed-address set on the router is an ipv6 /64.
These networks do not overlap, no? If they do the behavior is expected.
by eworm
Thu Jun 22, 2023 10:13 am
Forum: Announcements
Topic: v7.10, 7.10.1 and more [stable] are released!
Replies: 369
Views: 128296

Re: v7.10 [stable] is released!

I think with "time format according to ISO standard" they refer to ISO 8601, which is fine.

However the year should not be stripped. I guess that is not intended and possibly a left-over from old code.
by eworm
Wed Jun 21, 2023 8:06 pm
Forum: Announcements
Topic: v7.10, 7.10.1 and more [stable] are released!
Replies: 369
Views: 128296

Re: v7.10 [stable] is released!

I do not think this is expected... Can we have the year in logs, please? (Time only for the current day is ok, but just part of the date is a no-go.) [admin@jupiter] > /log/print [...] 06-20 09:04:34 ssh,info publickey accepted for user: admin [...] By the way... Why do the lines start with a space?
by eworm
Tue Jun 13, 2023 12:58 pm
Forum: Announcements
Topic: WinBox v3.38 released!
Replies: 50
Views: 46808

Re: WinBox v3.38 released!

But seriously... Winbox should handle that properly. Every text editor (perhaps except MS Notepad... 🤪) can handle both, DOS (\r\n) and Unix (\n) line endings. Winbox should handle both without issue as well. That would make my life a bit easier... The line endings topic causes problem for people th...
by eworm
Tue Jun 13, 2023 12:25 pm
Forum: Announcements
Topic: WinBox v3.38 released!
Replies: 50
Views: 46808

Re: WinBox v3.38 released!

Funny fact is that it behaves different on Linux with wine... 😝
by eworm
Tue May 30, 2023 10:00 am
Forum: Announcements
Topic: v7.10rc is released!
Replies: 183
Views: 52200

Re: v7.10rc is released!

I am still suffering an issue with loaded cpu cores with netwatch. Mikrotik could not reproduce, so I set up a test case.
The device is now wasting my energy and heating my cabinet. Can anybody have a look at SUP-106133, then login in and take the measures?
by eworm
Thu May 18, 2023 9:04 pm
Forum: General
Topic: Any info about this ? ZDI-23-710 CVE-2023-32154
Replies: 48
Views: 7750

Re: Any info about this ? ZDI-23-710 CVE-2023-32154

I guess Mikrotik has its own implementation and is not effected.
Oh, my fault... 😳 I just read "radvd" and did not follow the links. 🙃

Well, we will see... Let's hope we will have results in the coming days.
by eworm
Thu May 18, 2023 7:40 pm
Forum: General
Topic: Any info about this ? ZDI-23-710 CVE-2023-32154
Replies: 48
Views: 7750

Re: Any info about this ? ZDI-23-710 CVE-2023-32154

I guess Mikrotik has its own implementation and is not effected.
by eworm
Mon May 15, 2023 9:48 pm
Forum: Scripting
Topic: Compare RouterOS version in script
Replies: 9
Views: 3010

Re: Compare RouterOS version in script

Your scripts are some overwhelming :)
Can you point me where to find the CharacterReplace part? Without need to install everything.
https://git.eworm.de/cgit/routeros-scri ... a260b#n155
by eworm
Mon May 15, 2023 3:56 pm
Forum: Scripting
Topic: Compare RouterOS version in script
Replies: 9
Views: 3010

Re: Compare RouterOS version in script

I have a function that converts the version to a numerical value: https://git.eworm.de/cgit/routeros-scripts/tree/global-functions.rsc?id=9069f71ee6168a651fd42f90b7aea309fefa260b#n1269 [admin@MikroTik] > :put [ $VersionToNum 7.9 ] 118095616 [admin@MikroTik] > :put [ $VersionToNum 7.10beta5 ] 1181201...
by eworm
Mon May 15, 2023 9:50 am
Forum: General
Topic: Netwatch Error [SOLVED]
Replies: 1
Views: 457

Re: Netwatch Error [SOLVED]

I guess the tests fail because replies take too long to travel back. If this is fine in your case increase the values for thr-rtt-*...
https://help.mikrotik.com/docs/display/ ... obeoptions
by eworm
Fri May 12, 2023 10:17 am
Forum: Announcements
Topic: FORUM MAINTENANCE: Password reset will be needed
Replies: 162
Views: 43839

Re: FORUM MAINTENANCE: Password reset will be needed

I've never missed the notifications, at least not a lot. Use " Your posts " (in burger menu) to find replies to your posts... There's one thing that annoys me, though: Usually you can click the icon left of the thread to jump into the thread and to the first unread post. This does not work...
by eworm
Thu May 11, 2023 10:30 pm
Forum: General
Topic: ⚠️WARNING: RouterOS v7.10+ will break all scripts based on [/system clock get date] or other date(s)
Replies: 63
Views: 12791

Re: ⚠️WARNING: RouterOS v7.10+ will break all scripts based on [/system clock get date] or other date(s)

BTW, another place to adopt: [admin@MikroTik] > :put [ /system/resource/get build-time ] May/09/2023 10:38:53 That is probably just as string as distributed in the package, not the result of a function that is running on the device itself... Sure. But I think it should change nevertheless. I guess ...
by eworm
Thu May 11, 2023 4:46 pm
Forum: General
Topic: ⚠️WARNING: RouterOS v7.10+ will break all scripts based on [/system clock get date] or other date(s)
Replies: 63
Views: 12791

Re: ⚠️WARNING: RouterOS v7.10+ will break all scripts based on [/system clock get date] or other date(s)

Just updated some scripts with the autodetect:
Also adopted the change for my scripts already... This now works with old and new format. I am fine to keep it that way. 👍😁

BTW, another place to adopt:
[admin@MikroTik] > :put [ /system/resource/get build-time ]
May/09/2023 10:38:53
by eworm
Thu May 11, 2023 2:29 pm
Forum: Announcements
Topic: FORUM MAINTENANCE: Password reset will be needed
Replies: 162
Views: 43839

Re: FORUM MAINTENANCE: Password reset will be needed

Is there a dark theme hidden somewhere for this forum settings ? ...if not, why not ?! Hurts my eyes just to visit the forum ;-(
Search for "Dark Reader" and install it in your browser...
by eworm
Wed May 10, 2023 2:37 pm
Forum: Announcements
Topic: v7.10beta [testing] is released!
Replies: 249
Views: 51118

Re: v7.10beta [testing] is released!

*) console - changed time format according to ISO standard;
Oh... 😳 While I welcome this in general... I guess it will break a lot of existing scripts. So watch out...
by eworm
Wed May 10, 2023 1:22 pm
Forum: RouterOS beta
Topic: Static DNS FWD entries using DoH not working [SOLVED]
Replies: 18
Views: 9387

Re: Static DNS FWD entries using DoH not working [SOLVED]

I do not get your argumentation, rextended. What we want is split horizon for DNS, with DoH from upstream. This is not a problem if the delegated name server is in local (trusted) network or available via VPN. So why deny this configuration? RouterOS is about flexibility. A lot of things can be conf...
by eworm
Tue May 02, 2023 12:43 pm
Forum: Announcements
Topic: v7.9rc is released!
Replies: 253
Views: 75031

Re: v7.9rc is released!

On 7.9rc5 the IPv4 firewall address list does not resolve local static addresses, therefore those can not be referenced for filter rules for example. Works for me... [admin@MikroTik] /ip/firewall/address-list> print where list="test" Flags: D - DYNAMIC Columns: LIST, ADDRESS, CREATION-TIM...
by eworm
Fri Apr 28, 2023 11:26 am
Forum: General
Topic: RouterOS 7.1.5. "long-term": dead end?
Replies: 74
Views: 10031

Re: RouterOS 7.1.5. "long-term": dead end?

A lot of people try not to install " .0 " (or even " .1 ") releases in production. That is exactly what long-term releases were: stabilized point releases, that are supposed not to break installations with newly introduced features. Handing that decision to the customer brings so...
by eworm
Thu Apr 27, 2023 9:28 am
Forum: General
Topic: IP routing question
Replies: 6
Views: 764

Re: IP routing question

With lots of sites you should consider using a protocol for dynamic routing, like OSPF. That way your routers will learn the routes automatically from each other, no more forgotten or borked configuration.
by eworm
Wed Apr 26, 2023 9:27 am
Forum: Scripting
Topic: SFTP upload via scripting only supports HMAC-MD5 and HMAC-SHA1
Replies: 1
Views: 1467

Re: SFTP upload via scripting only supports HMAC-MD5 and HMAC-SHA1

The setting is for both I think, client and server.

My server is running latest OpenSSH and I think I did not have to downgrade security. Will have to check for details...
by eworm
Tue Apr 25, 2023 6:20 pm
Forum: RouterBOARD hardware
Topic: CCR 1009 and SD card
Replies: 14
Views: 14414

Re: CCR 1009 and SD card

I received a message from support: Our bug tracker reports, that your issue has been fixed. This means that in the upcoming days, we plan to release a RouterOS update with this fix. Make sure to upgrade to the next release when it comes out soon. To be sure this specific fix is included, read the ch...
by eworm
Wed Apr 19, 2023 2:26 pm
Forum: General
Topic: "Routing Table" Parameter for IPv6 Routes Not in Effect (v7.5) [SOLVED]
Replies: 17
Views: 3582

Re: "Routing Table" Parameter for IPv6 Routes Not in Effect (v7.5) [SOLVED]

Great, so have fun! 😊

Wondering why this is required for IPv6 though, but IPv4 works without.
by eworm
Wed Apr 19, 2023 10:56 am
Forum: General
Topic: "Routing Table" Parameter for IPv6 Routes Not in Effect (v7.5) [SOLVED]
Replies: 17
Views: 3582

Re: "Routing Table" Parameter for IPv6 Routes Not in Effect (v7.5) [SOLVED]

Ok, let me test to verify... root@io ~ # curl -6 https://eworm.de/ip/ 2003:cf:2f25:4200:3b07:7ea4:e853:5924 That is an address from from provider's prefix. Now we want to route via another gateway: [admin@jupiter] > /ipv6/firewall/address-list/add address=eworm.de list=via-vpn [admin@jupiter] > /ipv...
by eworm
Wed Apr 19, 2023 9:46 am
Forum: General
Topic: DOH high priority than regular dns
Replies: 4
Views: 627

Re: DOH high priority than regular dns

No.
by eworm
Tue Apr 18, 2023 7:34 pm
Forum: General
Topic: "Routing Table" Parameter for IPv6 Routes Not in Effect (v7.5) [SOLVED]
Replies: 17
Views: 3582

Re: "Routing Table" Parameter for IPv6 Routes Not in Effect (v7.5) [SOLVED]

A very similar setup works for me on IPv6... Are the rules hit, so do the counters increase?

I guess there are more rules. Any chance your give your complete firewall ruleset? Chance are that they interact in a way you do not expect.
by eworm
Mon Apr 17, 2023 9:10 am
Forum: General
Topic: DOH high priority than regular dns
Replies: 4
Views: 627

Re: DOH high priority than regular dns

Which is fine that way.
Really annoying is the fact that FWD entries for specific forwarding are ineffective as soon as DoH is enabled. Any chance to change that?
by eworm
Mon Apr 17, 2023 2:05 am
Forum: General
Topic: ❓ How to setup Wireguard VPN between Ubuntu and Mikrotik [SOLVED]
Replies: 4
Views: 3351

Re: ❓ How to setup Wireguard VPN between Ubuntu and Mikrotik [SOLVED]

I guess the ssh packets reach the Ubuntu box, but that sends the replys via wireguard. So the replys do not reach the remote box. Just find a way with correct routing... Via wireguard, or add a specific route, or policy routing, or whatever. Hard to tell without more details on your remote. But this...
by eworm
Mon Apr 17, 2023 12:37 am
Forum: General
Topic: ❓ How to setup Wireguard VPN between Ubuntu and Mikrotik [SOLVED]
Replies: 4
Views: 3351

Re: How to setup Wireguard VPN between Ubuntu and Mikrotik [SOLVED]

Your definition of allowed-addresses is wrong. The device having the default route set to the wireguard interface needs allowed-addresses set to 0.0.0.0/0.
by eworm
Sun Apr 16, 2023 6:13 pm
Forum: Announcements
Topic: v7.9rc is released!
Replies: 253
Views: 75031

Re: v7.9rc is released!

I guess this is due to line endings. Try to end all commands with a semicolon to avoid this. (Yes, some people here are against ending commands with semicolon... But there are good reasons to use them.) As an alternative you can make sure to save the file with Windows line endings (not just line bre...
by eworm
Sat Apr 15, 2023 10:32 am
Forum: RouterOS beta
Topic: Static DNS FWD entries using DoH not working [SOLVED]
Replies: 18
Views: 9387

Re: Static DNS FWD entries using DoH not working [SOLVED]

It has been that way since DoH and FWD (one of them was just one release ahead iirc) were introduced. I noticed this a lot of times in release threads and other topics. Not sure I had an issue about it. Nothing has changed since then.
by eworm
Wed Apr 12, 2023 12:12 am
Forum: Announcements
Topic: v7.8 [stable] is released!
Replies: 425
Views: 137473

Re: v7.8 [stable] is released!

This command just adds a kind of template, no? It needs to be signed to become a real certificate. I bet that will have the correct dates.
You should read the documentation about certificates.

To compare with 6.49.7 to show a difference does not help here. Some changes are by intention.
by eworm
Sun Apr 09, 2023 2:46 pm
Forum: Announcements
Topic: v7.9rc is released!
Replies: 253
Views: 75031

Re: v7.9rc is released!

Oh, I have a mAP lite that I thought is dying... Perhaps it is not. 🤔
by eworm
Thu Apr 06, 2023 5:37 pm
Forum: General
Topic: Feature Request: Ed25519 SSH keys
Replies: 57
Views: 19782

Re: Feature Request: Ed25519 SSH keys

This is still just host key support, not public key authentication.
by eworm
Mon Apr 03, 2023 8:35 pm
Forum: Announcements
Topic: v7.9rc is released!
Replies: 253
Views: 75031

Re: v7.9rc is released!

Non. Currently ed25519 keys for public key authentication are not supported.
by eworm
Fri Mar 24, 2023 1:02 pm
Forum: Announcements
Topic: v7.9beta [testing] is released!
Replies: 118
Views: 25329

Re: v7.9beta [testing] is released!

As I wrote above... This is not (yet) about public key authentication. You now have the choice to use RSA or ed25519 host keys. You can see what host key type is used in the heading of randomart Image.
by eworm
Fri Mar 24, 2023 10:55 am
Forum: Announcements
Topic: v7.9beta [testing] is released!
Replies: 118
Views: 25329

Re: v7.9beta [testing] is released!

This does not work for me... Still uses RSA host key, even after regenerating key(s).
Oh, it is a setting in /ip/ssh/... Why not support both at the same time? Just let the client decide.
by eworm
Fri Mar 24, 2023 10:54 am
Forum: Announcements
Topic: v7.9beta [testing] is released!
Replies: 118
Views: 25329

Re: v7.9beta [testing] is released!

*) ssh - added Ed25519 host key support;
This does not work for me... Still uses RSA host key, even after regenerating key(s).

And public key authentication with ed25519 keys will come later?
by eworm
Mon Mar 20, 2023 10:52 am
Forum: Announcements
Topic: MikroTik Devices Controller
Replies: 332
Views: 233032

Re: MikroTik Devices Controller

If it is the devices controller this could explain why version 7.9beta takes that long to be prepared.
by eworm
Fri Mar 17, 2023 12:39 am
Forum: Announcements
Topic: IP Cloud
Replies: 79
Views: 159567

Re: IP Cloud

I've had some issues with cloud backup lately. Did Mikrotik add some kind of rate limiting, for example to mitigate brute force or denial of service attacks? In general the idea is not bad, but it becomes a problem if several devices behind one public address fail.
by eworm
Thu Mar 16, 2023 9:18 am
Forum: General
Topic: SSH-Session to Cisco not possible (ROS v7.8) - no matching key algorithm
Replies: 5
Views: 674

Re: SSH-Session to Cisco not possible (ROS v7.8) - no matching key algorithm

You want the network traffic to originate from the Mikrotik device (from Cisco device's point of view), but you do this from your workstation, no? You can use ssh jump host functionality for this. Search for these keywords for details. The call would look something like this: ssh -J admin@mikrotik -...
by eworm
Thu Mar 09, 2023 5:20 pm
Forum: General
Topic: Netwatch icmp incoherent status [SOLVED]
Replies: 2
Views: 749

Re: Netwatch icmp incoherent status [SOLVED]

Perhaps because the last check is too long ago? Why is your check interval more than two hours?
by eworm
Wed Mar 08, 2023 10:13 pm
Forum: General
Topic: Feature Request: Ed25519 SSH keys
Replies: 57
Views: 19782

Re: Feature Request: Ed25519 SSH keys

Perhaps in 7.9beta? *holding thumbs*
by eworm
Wed Mar 08, 2023 7:14 pm
Forum: Announcements
Topic: v7.8 [stable] is released!
Replies: 425
Views: 137473

Re: v7.8 [stable] is released!

Make sure your certificates do not use legacy and now unsupported ciphers.
by eworm
Thu Feb 09, 2023 4:08 pm
Forum: Scripting
Topic: find behaves in wierd ways if you pass it something like `domain="$domain"`
Replies: 12
Views: 1640

Re: find behaves in wierd ways if you pass it something like `domain="$domain"`

This is a known problem, though the exact explanation is not known. I asked Mikrotik support and they replied (in Ticket#2019010222000454): This is how scripting works in RouterOS and we will not fix it. I have started to use variable names in camel case. So instead of domain=$domain use domain=$Dom...
by eworm
Thu Feb 09, 2023 3:49 pm
Forum: General
Topic: Wireguard annoying route problem
Replies: 11
Views: 1198

Re: Wireguard annoying route problem

The problem is your central router having 192.168.10.0/24 in allowed addresses. It will map that to just one peer.

Oh, probably having 0.0.0.0/0 there causes the same problem. You should read about how allowed addresses works.
by eworm
Wed Feb 08, 2023 8:02 pm
Forum: Announcements
Topic: v7.7 [stable] is released!
Replies: 357
Views: 112142

Re: v7.7 [stable] is released!

It's still possible that what ever caches fill up. But it looks a lot more healthy now.
by eworm
Tue Feb 07, 2023 6:11 pm
Forum: Scripting
Topic: Foreach Invaild item Number problem
Replies: 2
Views: 943

Re: Foreach Invaild item Number problem

This one breaks:
:if ([:len [get [find ...] address]] > 0) do={ ...
You can get the address only from a single entry. But you do not want the address, you want the number of matching entries - so drop the get:
:if ([:len [find ...] ] > 0) do={ ...
by eworm
Tue Feb 07, 2023 12:02 am
Forum: Announcements
Topic: v7.8beta [testing] is released!
Replies: 307
Views: 72215

Re: v7.8beta [testing] is released!

It would be the same as the $(command) construct in e.g. bash. It is handy in a lot of cases! What I still do not understand is how it would be design to have [command] return a value for use in a variable assignment, but AT THE SAME TIME still output to the terminal! Output redirection (into a fil...
by eworm
Mon Feb 06, 2023 9:26 am
Forum: Scripting
Topic: Monitor Multiple hosts - TELEGRAM ALERTS
Replies: 2
Views: 1443

Re: Monitor Multiple hosts - TELEGRAM ALERTS

You may want to have a look at Notify on host up and down, which does what you want and a lot more.
by eworm
Fri Feb 03, 2023 9:10 pm
Forum: General
Topic: Certificate Key Import not possible on v7.7
Replies: 18
Views: 6420

Re: Certificate Key Import not possible on v7.7

That's good news. Looks like I found a case where it is failing for me as well... Any chance we will see this in something like version 7.7.2?
by eworm
Fri Feb 03, 2023 8:00 pm
Forum: Announcements
Topic: v7.8beta [testing] is released!
Replies: 307
Views: 72215

Re: v7.8beta [testing] is released!

Would be easy to handle that with a remount in the background...
by eworm
Wed Feb 01, 2023 3:55 pm
Forum: Announcements
Topic: v7.8beta [testing] is released!
Replies: 307
Views: 72215

Re: v7.8beta [testing] is released!

That is the distribution point for Let's Encrypt R3 certificate revocation list.

Open your browser, point it to a website secured by Let's encrypt and see the certificate details...
by eworm
Tue Jan 31, 2023 6:25 pm
Forum: Announcements
Topic: Newsletter 108
Replies: 84
Views: 46229

Re: Newsletter 108

... and POE output / throughput on another port. That is what I miss with current hAP ax². I hope for an upgraded mAP ax for this...
There is hAP ax lite (L41G-2axD) now with IPQ-5010 (dual core ARM64). That could be a good match for mAP ax as well...
by eworm
Mon Jan 30, 2023 12:28 pm
Forum: Announcements
Topic: v7.8beta [testing] is released!
Replies: 307
Views: 72215

Re: v7.8beta [testing] is released!

Cli /routing/route
Gui ip -> Routes
This is not the same! There is
/ip/route/
and
/routing/route/
!
by eworm
Wed Jan 25, 2023 3:46 pm
Forum: Scripting
Topic: More about arrays
Replies: 10
Views: 2515

Re: More about arrays

BTW, easiest way to create an empty array:
:local array1 ({});
So no need for :toarray.
by eworm
Wed Jan 25, 2023 7:26 am
Forum: Announcements
Topic: v7.7 [stable] is released!
Replies: 357
Views: 112142

Re: v7.7 [stable] is released!

This happens if you install the wifiwafe2 package.
by eworm
Tue Jan 24, 2023 12:57 pm
Forum: General
Topic: PoE auto on between CRS328 and cAP ac
Replies: 9
Views: 1561

Re: PoE auto on between CRS328 and cAP ac

I had a similar thing with my CRS328-24P... Connected poe device that received power, unplugged, plugged again - no power. I had to power cycle the port: /interface/ethernet/poe/power-cycle ether7; After that it worked again, exactly once. Support suggested to RMA, but the device is still in operati...
by eworm
Sun Jan 22, 2023 3:54 pm
Forum: Announcements
Topic: v7.8beta [testing] is released!
Replies: 307
Views: 72215

Re: v7.8beta [testing] is released!

Note that a ramdisk does not immediately occupy the space allocated to it. That happens only when it is filled with files. Yes, I know that. That's why I am not really happy with the change. I want to place backup files and exports on tmpfs, generated from scripts. Well, looks like using a third of...
by eworm
Sun Jan 22, 2023 2:27 pm
Forum: Announcements
Topic: v7.8beta [testing] is released!
Replies: 307
Views: 72215

Re: v7.8beta [testing] is released!

*) disk - limit maximum TMPFS size;
What is this limit? And is there a way to create a tmpfs with a sane default? Giving no size just fails now...
[admin@MikroTik] > /disk/add type=tmpfs 
failure: too much memory requested for tmpfs/ramdisk
by eworm
Sat Jan 21, 2023 5:13 pm
Forum: Announcements
Topic: v7.7 [stable] is released!
Replies: 357
Views: 112142

Re: v7.7 [stable] is released!

Possibly DoH and/or certificates are involved?
by eworm
Thu Jan 19, 2023 5:46 pm
Forum: Announcements
Topic: v7.7 [stable] is released!
Replies: 357
Views: 112142

Re: v7.7 [stable] is released!

Same here, wireguard works just fine.

My guess is that you have one or more wrong ranges in peer's allowed-ips setting.
by eworm
Thu Jan 19, 2023 9:12 am
Forum: Announcements
Topic: v7.7 [stable] is released!
Replies: 357
Views: 112142

Re: v7.7 [stable] is released!

I finally figured this one out.. I created a regex that matches my internal record and created an AAAA record that points to 2001::
That is a valid global unicast address. I guess a request is routed through the internet now just to find out that the host does not exist.
by eworm
Thu Jan 19, 2023 9:07 am
Forum: Announcements
Topic: v7.7 [stable] is released!
Replies: 357
Views: 112142

Re: v7.7 [stable] is released!

Can anyone explain this?
Probably handling upgrades from RouterOS 6.40 and before? That is where a master port did exist.
by eworm
Wed Jan 18, 2023 7:36 pm
Forum: General
Topic: Upgrading Rooterboot factory software
Replies: 17
Views: 3759

Re: Upgrading Rooterboot factory software

That is the version your device was shipped with (as installed in factory). You can not change it.
by eworm
Tue Jan 17, 2023 12:17 pm
Forum: General
Topic: Certificate Key Import not possible on v7.7
Replies: 18
Views: 6420

Re: Certificate Key Import not possible on v7.7

Works for me... So this is not a general problem with RouterOS 7.7. Can you give more detail on your certificate?
by eworm
Fri Jan 13, 2023 7:14 pm
Forum: General
Topic: send_pubkey_test: no mutual signature algorithm [SOLVED]
Replies: 17
Views: 12763

Re: send_pubkey_test: no mutual signature algorithm [SOLVED]

As @eworm mentioned on another thread, from router OS 7.7 the ed25519 keys are supported, from the changelog:

That is not true. I did not write that.

To date only ed25519 key exchange is supported. Let's hope we will see support for host keys and public key authentication soon.
by eworm
Fri Jan 13, 2023 1:00 am
Forum: General
Topic: hAP AC2 cannot use IP CLOUD DDNS
Replies: 15
Views: 1607

Re: hAP AC2 cannot use IP CLOUD DDNS

That is crazy... Wondering why the device was banned. Once I had a device where cloud backup did not work (did not try ddns, though). Contacted the support and they fixed it. It was a device I received at MUM Germany 2016... Possibly it was not in the databases as it did not go the usual distributio...
by eworm
Thu Jan 12, 2023 5:55 pm
Forum: Announcements
Topic: v7.7 [stable] is released!
Replies: 357
Views: 112142

Re: v7.7 [stable] is released!

ok.. so how do You import ED25519 SSH keys ?
You can not. This is about ed25519 key exchange. Let's hope host keys and public key authentication will follow...
by eworm
Mon Jan 09, 2023 2:52 pm
Forum: Scripting
Topic: Send SMS from different router
Replies: 90
Views: 8793

Re: Send SMS from different router

You need some escaped quoting here...
by eworm
Fri Jan 06, 2023 5:49 pm
Forum: General
Topic: Ideas for ultimate road warrior solution
Replies: 4
Views: 826

Re: Ideas for ultimate road warrior solution

Yes! The wAP ac LTE Kit seems like the perfect device for the job, thank you for the tip!
I use it for the same purpose. 😊 The perfect device for the job, go for it!
by eworm
Fri Jan 06, 2023 4:45 pm
Forum: General
Topic: Cloud backup no working
Replies: 5
Views: 805

Re: Cloud backup no working

Yes, I am suffering this as well...
Would be nice to make this service more reliable. A backup that is inaccessible is of no value.
by eworm
Thu Jan 05, 2023 10:24 pm
Forum: Scripting
Topic: Script works from CLI but not from system scripts V7 [SOLVED]
Replies: 4
Views: 1356

Re: Script works from CLI but not from system scripts V7 [SOLVED]

You need to declare the variable first:
:global bps;
/interface monitor-traffic ether2 once do={
:set bps $"rx-bits-per-second" }
:put $bps
by eworm
Sat Dec 31, 2022 4:13 pm
Forum: Scripting
Topic: Forward all messages to telegram
Replies: 3
Views: 1461

Re: Forward all messages to telegram

Yes, but it brings some extra features... And you are free to use all the other scripts, which use the same configuration and functions.
by eworm
Wed Dec 28, 2022 11:04 am
Forum: Scripting
Topic: Forward all messages to telegram
Replies: 3
Views: 1461

Re: Forward all messages to telegram

You may want to check my script Forward log messages via notification . It does a lot of what you want, including the power up notification (by forwarding "router rebooted without proper shutdown...") Also have a look at all available scripts , for example I have some enhanced scripts for ...
by eworm
Thu Dec 22, 2022 10:39 pm
Forum: General
Topic: Feature requests
Replies: 1740
Views: 624922

Re: Feature requests

Would love the ability to specify a DoH server but also FWD entries to specific DNS servers. Currently, enabling DoH disables all FWD entries.
Me too... But all comments here in forum are ignored by Mikrotik. 😢
by eworm
Thu Dec 15, 2022 6:08 pm
Forum: Announcements
Topic: v7.7rc is released!
Replies: 259
Views: 88433

Re: v7.7rc is released!

IPv6 works for me, including ULA, nat, mangle and simple queue. I do use the interface in queue's target, though.

What's your exact rule set and configuration? Is this specific to RouterOS 7.7?
by eworm
Tue Dec 13, 2022 11:16 pm
Forum: Announcements
Topic: v7.7rc is released!
Replies: 259
Views: 88433

Re: v7.7rc is released!

Just try yourself... ;)
I did. As said... Can not reproduce.

Does this happen from Winbox only? Working via ssh here...
by eworm
Tue Dec 13, 2022 7:28 pm
Forum: Announcements
Topic: v7.7rc is released!
Replies: 259
Views: 88433

Re: v7.7rc is released!

Hmm, wondering why I have not seen the issue with global variables disappearing... 🤔
I do a lot of scripting, also on mipsbe devices.
by eworm
Mon Dec 12, 2022 5:30 pm
Forum: Announcements
Topic: v7.7rc is released!
Replies: 259
Views: 88433

Re: v7.7rc is released!

I did find that if it's a large file from say /tool/fetch, seems you have to set "tmp-max-size" to control the max file size as I got on "out of space" error when I tried a 700M file without it. But it was willing to fill memory with the file, winbox let you download it, and whe...
by eworm
Mon Dec 12, 2022 1:16 pm
Forum: Announcements
Topic: v7.7rc is released!
Replies: 259
Views: 88433

Re: v7.7rc is released!

*) disk - added support for manual RAM file system (TMPFS) creation (CLI only); Great news! But this means we will not see the default behavior to change on devices that did not use a RAM file system till now? So to have consistent behavior (and paths in scripts) on all devices I create a disk of t...
by eworm
Mon Dec 12, 2022 12:32 pm
Forum: General
Topic: ECDSA keys for SSH
Replies: 5
Views: 3040

Re: ECDSA keys for SSH

One of the 7.7beta versions introduced support for ed25519 key exchange.

As of now neither ed25519 host keys nor ed25519 public key authentication is supported. I hope we will see this soon...
by eworm
Sun Dec 11, 2022 7:42 pm
Forum: Announcements
Topic: Newsletter 108
Replies: 84
Views: 46229

Re: Newsletter 108

Yes, will exist, probably announced soon.
by eworm
Wed Dec 07, 2022 3:44 pm
Forum: Announcements
Topic: v7.7beta [testing] is released!
Replies: 322
Views: 122507

Re: v7.7beta [testing] is released!

Maybe it could be combined with a new feature to have RAMdisk on ALL devices with sufficient RAM (not only those with insufficient flash) and a compatible
and predictable way to store persistent and nonpersistent files?
Yes, please! 👍😁
by eworm
Wed Nov 30, 2022 1:28 pm
Forum: Scripting
Topic: Error when trying to clear firewall connections
Replies: 13
Views: 3326

Re: Error when trying to clear firewall connections

Sure, there can be timing issues with a lot of connections in the table. But if just want to drop some SIP connections (that was the use case for original poster I think) this could still work as expected with the correct filtering: /ip/firewall/connection/remove [ find where protocol=udp dst-addres...
by eworm
Tue Nov 29, 2022 5:51 pm
Forum: Scripting
Topic: Error when trying to clear firewall connections
Replies: 13
Views: 3326

Re: Error when trying to clear firewall connections

Why do you try to do this in a loop? This should work just fine:
/ip/firewall/connection/remove [ find ];
by eworm
Fri Nov 25, 2022 11:42 am
Forum: Announcements
Topic: v7.7beta [testing] is released!
Replies: 322
Views: 122507

Re: v7.7beta [testing] is released!

*) dns - do not query upstream DNS servers for matched regex records; *) dns - fixed changing of "forward-to" parameter for FWD entries; *) dns - fixed handling of CNAME entry pointing to another FWD entry; Now that this is being worked on... Any chance to make FWD entries work with enabl...
by eworm
Thu Nov 24, 2022 9:53 pm
Forum: Announcements
Topic: v7.7beta [testing] is released!
Replies: 322
Views: 122507

Re: v7.7beta [testing] is released!

*) netwatch - added support for "https-get" type (CLI only);
Thanks a lot for this one, much appreciated! Looks like this brings new options "certificate" and "check-certificate"... What exactly does the former do?

Will have to play with this.
by eworm
Thu Nov 24, 2022 9:48 pm
Forum: Announcements
Topic: v7.7beta [testing] is released!
Replies: 322
Views: 122507

Re: v7.7beta [testing] is released!

*) ssh - added support for Ed25519 key exchange;
But this is key exchange only, which uses curve25519-sha256 now. Is this still work in progress, so we will see support for ed25519 host keys and ed25519 public key authentication later?
by eworm
Mon Nov 21, 2022 6:23 pm
Forum: Scripting
Topic: Automating DoH
Replies: 6
Views: 2587

Re: Automating DoH

This should do the job for perfectly secure dns via Cloudflare:
/tool/fetch https://cacerts.digicert.com/DigiCertGlobalRootCA.crt.pem;
/certificate import file=DigiCertGlobalRootCA.crt.pem passphrase="";
/ip/dns/set use-doh-server="https://1.1.1.1/dns-query" verify-doh-cert=yes;
by eworm
Mon Nov 21, 2022 6:19 pm
Forum: Scripting
Topic: Automating DoH
Replies: 6
Views: 2587

Re: Automating DoH

You can use the query url with ip address (" https://1.1.1.1/dns-query " ) and enable certificate verification. As the ip address is stored as alternative subject name inside the certificated this works. No static dns required, but you need to import the correct CA certificate (which is &q...
by eworm
Mon Nov 21, 2022 6:12 pm
Forum: Scripting
Topic: Check certificate "valid days" and send email if lover than Xdays [SOLVED]
Replies: 4
Views: 1374

Re: Check certificate "valid days" and send email if lover than Xdays [SOLVED]

You may be interested in my script to Renew certificates and notify on expiration. It does what you need, and a lot more.
by eworm
Mon Nov 21, 2022 1:38 pm
Forum: RouterBOARD hardware
Topic: hAP ac3 to hAP ax3
Replies: 3
Views: 2247

Re: hAP ac3 to hAP ax3

This is a bit more complicated for the wireless part. The new device has ax hardware, thus requires the wifiwave2 package. And that uses different configuration.

So no, even copy and paste from export does not work.
by eworm
Fri Nov 18, 2022 4:32 pm
Forum: RouterBOARD hardware
Topic: req: wAP AC w/ PoE passthrough
Replies: 6
Views: 3332

Re: req: wAP AC w/ PoE passthrough

Me too! I would like to put wAP ac and LHG LTE on a small mast with just one ethernet cable for power supply.

(Wondering why the new version does not have that, as the cAP ac does.)
by eworm
Sun Nov 13, 2022 4:59 pm
Forum: General
Topic: Is it possible to implment different script with different mode button holding time ?
Replies: 6
Views: 922

Re: Is it possible to implment different script with different mode button holding time ?

Feel free to take the script ans strip it down to not use any of my global functions... Should be more or less easy with this one.
by eworm
Thu Nov 10, 2022 8:20 am
Forum: Announcements
Topic: Newsletter 108
Replies: 84
Views: 46229

Re: Newsletter 108

... and POE output / throughput on another port. That is what I miss with current hAP ax². I hope for an upgraded mAP ax for this...
by eworm
Wed Nov 09, 2022 7:31 pm
Forum: General
Topic: Is it possible to implment different script with different mode button holding time ?
Replies: 6
Views: 922

Re: Is it possible to implment different script with different mode button holding time ?

Read the page from top to bottom please...

You need to do the base installation, then install the script with the commands given. The script does not work on its own as it has dependencies on functions.
by eworm
Tue Nov 08, 2022 2:48 pm
Forum: Announcements
Topic: v7.7beta [testing] is released!
Replies: 322
Views: 122507

Re: v7.7beta [testing] is released!

All the mips devices have limited processing power, does not make any sense there. But would be nice to have the package for TILE in future...
by eworm
Thu Oct 20, 2022 11:53 pm
Forum: General
Topic: Formal supply chain update?
Replies: 9
Views: 881

Re: Formal supply chain update?

Oh! Ordered one on 2021/11/03... Let's hope it will arrive soon.
by eworm
Thu Oct 20, 2022 9:10 am
Forum: Announcements
Topic: v7.6 [stable] is released!
Replies: 279
Views: 141855

Re: v7.6 [stable] is released!

I noticed that in active-peers menu the id is now prefixed with "CN=" and I had to adopt that change in some scripts.
Possibly this causes more issues with specific configurations? Do you have key IDs in your configuration?
by eworm
Wed Oct 19, 2022 8:43 am
Forum: Announcements
Topic: v7.6 [stable] is released!
Replies: 279
Views: 141855

Re: v7.6 [stable] is released!

moutazsalem, nice example of how every change breaks someone's workflow :)
https://m.xkcd.com/1172/

😝
by eworm
Wed Oct 19, 2022 12:33 am
Forum: Announcements
Topic: v7.6 [stable] is released!
Replies: 279
Views: 141855

Re: v7.6 [stable] is released!

I've seen the DHCP option set issue with RouterOS 7.5 already... So this is not new.
by eworm
Wed Oct 05, 2022 7:20 pm
Forum: Scripting
Topic: invalid internal item number [SOLVED]
Replies: 13
Views: 4798

Re: invalid internal item number [SOLVED]

Two (possible) issues:
  • You are missing an equal sign...
  • Your interface may have no or more than one address...
by eworm
Mon Oct 03, 2022 9:53 pm
Forum: Announcements
Topic: Newsletter 108
Replies: 84
Views: 46229

Re: Newsletter 108

I guess we will see a cAP ax when CAPsMAN is ready for ax...
by eworm
Wed Sep 28, 2022 11:05 am
Forum: General
Topic: Feature requests
Replies: 1740
Views: 624922

Re: Feature requests

I would like to see the functionality to create checksums as well. But please do not limit this to file, but support it via parameter: :put [ :sha256 input="foo bar" ]; :put [ :sha256 input=[ /file/get content your-file name ] ]; That way you can also strip the timestamp from export files ...
by eworm
Mon Sep 19, 2022 4:36 pm
Forum: Announcements
Topic: v7.5 [stable] is released!
Replies: 219
Views: 68371

Re: v7.5 [stable] is released!

Is this version (7.5) already fixed ping issue (Cannot ping to everywhere after run for a while)?
Yes.
by eworm
Mon Sep 12, 2022 6:12 pm
Forum: Announcements
Topic: v7.5 [stable] is released!
Replies: 219
Views: 68371

Re: v7.5 [stable] is released!

/export show-sensitive
by eworm
Wed Aug 31, 2022 3:08 pm
Forum: Announcements
Topic: v7.5 [stable] is released!
Replies: 219
Views: 68371

Re: v7.5 [stable] is released!

It looks ugly to have a white rectangle on a grey gradient...
by eworm
Sat Aug 27, 2022 10:15 pm
Forum: Announcements
Topic: Re: v7.4.1 [stable] is released!
Replies: 99
Views: 31672

Re: v7.4.1 [stable] is released!

Well, after all this is a switch, you should not shout too loud if the routing performance changes.
by eworm
Sat Aug 27, 2022 7:28 pm
Forum: Announcements
Topic: Re: v7.4.1 [stable] is released!
Replies: 99
Views: 31672

Re: 7.41 Breas CRS328-24P-RS+

Running CRS328-24P-RS+ and I noticed when I upgraded to 7.4.1 my troughput on my 500 MB Internet would not go over 300 MB and my CPU % on the appliance was maxed out durring the speed test. [...]
Possibly this is because the device is limited to just one CPU core now?
by eworm
Tue Aug 23, 2022 8:30 pm
Forum: Announcements
Topic: Re: v7.4.1 [stable] is released!
Replies: 99
Views: 31672

Re: v7.4.1 [stable] is released!

Even better: Do not allow the date before actual release build date. That also fixes factory reset and the like.
by eworm
Wed Aug 17, 2022 1:20 am
Forum: Scripting
Topic: Telegram bot message when internet is down.
Replies: 6
Views: 3234

Re: Telegram bot message when internet is down.

The message looks like this when coming from queue...
Screenshot_2022-08-17_00-17-41.png
This one was sent by Forward log messages via notification.
by eworm
Wed Aug 17, 2022 1:08 am
Forum: Scripting
Topic: Telegram bot message when internet is down.
Replies: 6
Views: 3234

Re: Telegram bot message when internet is down.

I have a script/module to Send notifications via Telegram. If notification can not be sent it is queued and sent later. Is that what you want?
by eworm
Fri Aug 12, 2022 5:23 pm
Forum: Announcements
Topic: Re: v7.4.1 [stable] is released!
Replies: 99
Views: 31672

Re: v7.4.1 [stable] is released!

I think you can not. However you can create a non-dynamic queue with higher priority (placed above). Queues are handled from top to bottom.
by eworm
Thu Aug 11, 2022 11:24 pm
Forum: General
Topic: What syslog server to use?
Replies: 6
Views: 1974

Re: What syslog server to use?

This is an easy way to push logs to systemd's journal:
https://github.com/eworm-de/udp514-journal

(Well, this is Linux only... But perhaps anybody else stumbles on this and finds it useful.)
by eworm
Thu Aug 11, 2022 5:43 pm
Forum: General
Topic: remote logging to systemd journal
Replies: 1
Views: 1381

Re: remote logging to systemd journal

The linked repository has a README that should contain all information needed. What template are you referring?
by eworm
Wed Aug 10, 2022 4:15 pm
Forum: Announcements
Topic: v7.5beta [testing] is released!
Replies: 138
Views: 45601

Re: v7.5beta [testing] is released!

I hope we will see this fix in a stable release soon.
by eworm
Wed Aug 10, 2022 3:26 pm
Forum: General
Topic: [ROS 7 Bug?] MikroTik cannot ping to any devices until reboot.
Replies: 6
Views: 887

Re: [ROS 7 Bug?] MikroTik cannot ping to any devices until reboot.

This should be fixed with 7.5beta8, which includes this change:
*) ping - improved service stability;
by eworm
Wed Aug 10, 2022 3:26 pm
Forum: General
Topic: ping suddenly stopped working
Replies: 9
Views: 2866

Re: ping suddenly stopped working

This should be fixed with 7.5beta8, which includes this change:
*) ping - improved service stability;
by eworm
Sat Aug 06, 2022 5:53 pm
Forum: Announcements
Topic: v7.5beta [testing] is released!
Replies: 138
Views: 45601

Re: v7.5beta [testing] is released!

No, it must not. If you want a newline, use this:
/system/scheduler/add interval=10s name=test on-event="/system/script/run test\r\n" policy=test
Should work...
by eworm
Wed Aug 03, 2022 8:51 pm
Forum: RouterBOARD hardware
Topic: hAP ax² dual band Wi-Fi 6 (802.11ax)
Replies: 287
Views: 66224

Re: hAP ax² dual band Wi-Fi 6 (802.11ax)

Oh, just noticed this is passive POE only. Too bad... I would have to continue using an adapter.

Still hoping for a more powerful mAP... 😊
by eworm
Wed Aug 03, 2022 7:07 pm
Forum: RouterBOARD hardware
Topic: hAP ax² dual band Wi-Fi 6 (802.11ax)
Replies: 287
Views: 66224

Re: hAP ax² dual band Wi-Fi 6 (802.11ax)

Is it possible to use this device with legacy drivers in a CAPsMAN installation?
by eworm
Tue Jul 26, 2022 10:21 pm
Forum: General
Topic: Feature requests
Replies: 1740
Views: 624922

Re: Feature requests

I would like to see this in RouterOS, yes!

(And when implementing this... Please also allow FWD type DNS entries to work with DoH enabled. 😊)
by eworm
Tue Jul 26, 2022 9:49 pm
Forum: Announcements
Topic: v7.4 [stable] is released!
Replies: 226
Views: 54637

Re: v7.4 [stable] is released!

when do you plan to do BGP on SMPIS?
🤣 Never I guess.
by eworm
Mon Jul 25, 2022 1:40 pm
Forum: Announcements
Topic: v7.4 [stable] is released!
Replies: 226
Views: 54637

Re: v7.4 [stable] is released!

No, I do not think so.
We will probably see the fix in 7.5beta first.
by eworm
Fri Jul 22, 2022 1:59 pm
Forum: Announcements
Topic: v7.4 [stable] is released!
Replies: 226
Views: 54637

Re: v7.4 [stable] is released!

It is an issue with CCR (TILE) at least.
by eworm
Fri Jul 22, 2022 11:56 am
Forum: Announcements
Topic: v7.4 [stable] is released!
Replies: 226
Views: 54637

Re: v7.4 [stable] is released!

The SD card not working is a known issue... I have an open ticket on this for a long time.
by eworm
Fri Jul 22, 2022 11:30 am
Forum: General
Topic: RouterOS 7.1.5. "long-term": dead end?
Replies: 74
Views: 10031

Re: RouterOS 7.1.5. "long-term": dead end?

So why not collect some really important fixes from 7.4 and push a 7.3.2 release in long-term? That is what used to happen in V6 times.
by eworm
Fri Jul 22, 2022 12:39 am
Forum: General
Topic: send current IP via mail / mail sending script [SOLVED]
Replies: 15
Views: 1858

Re: send current IP via mail / mail sending script [SOLVED]

Also having several ip addresses on that interface makes the script fail...
by eworm
Thu Jul 21, 2022 7:22 pm
Forum: General
Topic: RouterOS 7.1.5. "long-term": dead end?
Replies: 74
Views: 10031

Re: RouterOS 7.1.5. "long-term": dead end?

Don't know what you are talking about.
This thread is about long-term branch and I expressed my displeasure that there will be no 7.3.2 release for long-term.
by eworm
Thu Jul 21, 2022 7:07 pm
Forum: General
Topic: RouterOS 7.1.5. "long-term": dead end?
Replies: 74
Views: 10031

Re: RouterOS 7.1.5. "long-term": dead end?

In general I think this is a bad decision. I have a number of production devices, that run RouterOS 7.x already. I did test the functionality and was happy with it. However not receiving updates at the moment is bad news. Those who install RouterOS 7.x should be aware, that some features are missing...
by eworm
Thu Jul 21, 2022 3:19 pm
Forum: General
Topic: RouterOS 7.1.5. "long-term": dead end?
Replies: 74
Views: 10031

Re: RouterOS 7.1.5. "long-term": dead end?

Well, that url still gives version 7.1.5 for long-term:
https://upgrade.mikrotik.com/routeros/LATEST.7fix

Thought this is the url that RouterOS uses to check... Looks like it is not.
Does anybody know the correct url?