Community discussions

MikroTik App

Search found 4454 matches

  • 1
  • 2
  • 3
  • 4
  • 5
  • 15
by Amm0
Fri Oct 04, 2024 6:57 am
Forum: General
Topic: modify files inside mikrotik
Replies: 8
Views: 266

Re: modify files inside mikrotik

is it possible to modify a files which are uploaded into Files in mikrotik routers via cli? I need to change some link inside it. I can access edit it via file edit value-name=contents test.txt but how to change set it there through terminal /file set test.txt contents="Did you want to write s...
by Amm0
Fri Oct 04, 2024 4:53 am
Forum: General
Topic: Tools for graphs and reports
Replies: 2
Views: 150

Re: Tools for graphs and reports

I think your bigger problem is the newer wifi-qcom / wifi-qcom-ac wi-fi drivers (former is used on hAPax3) ... do not support SNMP data at present. Even if you wanted to use the Dude, it won't work for Wi-Fi stats. Same with Zabbix/etc/etc. You need some source data, and RouterOS does not send any f...
by Amm0
Thu Oct 03, 2024 11:37 pm
Forum: Scripting
Topic: Find and disable/enable users by part of their name
Replies: 5
Views: 203

Re: Find and disable/enable users by part of their name

/user disable [find where user~"abc123"] there is a different six-digit order of numbers, which is always different on all routers. @rextended is showing using a regular expression with the "~" instead of "=". That is critical here. I don't know what your trying to mat...
by Amm0
Thu Oct 03, 2024 11:06 pm
Forum: General
Topic: LTE Modem Firmware Upgrade - Has anyone got any troubleshooting tips?
Replies: 7
Views: 9700

Re: LTE Modem Firmware Upgrade - Has anyone got any troubleshooting tips?

The better question is why the standard upgrade process does not work... Mikrotik does document the LTE firmware upgrade here: https://help.mikrotik.com/docs/display/ROS/LTE#LTE-Modemfirmwareupgrade So some additional details would help. Likely trying the latest "stable" V7, if not already...
by Amm0
Thu Oct 03, 2024 10:47 pm
Forum: Announcements
Topic: v7.17beta [testing] is released!
Replies: 252
Views: 21235

Re: v7.17beta [testing] is released!

device-mode [...] send somebody to unplug it from power ONCE in it's lifetime [...] [...] you guys are adding both fixes and features in RouterOS 7 at a fast, steady pace (for which we are grateful). [...] Switching back to the previous partition gets us back to a known state (version + config) qui...
by Amm0
Thu Oct 03, 2024 9:38 pm
Forum: Beginner Basics
Topic: the irrationality of [find]
Replies: 18
Views: 564

Re: the irrationality of [find]

I totally agree. Everything should be handled consistently and users shouldn't have to know all the little exceptions that could lead to serious issues. At the very least, the documentation should have clear warnings about these risks. Basically anything that appears on the right-side "Actions...
by Amm0
Thu Oct 03, 2024 9:18 pm
Forum: General
Topic: Device got hacked 1 min after connected to internet
Replies: 43
Views: 3268

Re: Device got hacked 1 min after connected to internet

I think the FUD is a bit overblown. There is nothing to worry about a SIM being in a new unit with factory defaults. The default firewall will protect you and all LTE devices come with a firewall. And on newer AX things, there not a lot of reasons for netinstall, less so in starting from empty confi...
by Amm0
Thu Oct 03, 2024 8:03 pm
Forum: Scripting
Topic: ✂ Rextended Fragments of Snippets
Replies: 105
Views: 86143

Re: ✂ Rextended Fragments of Snippets

This is the 100th post in this thread! :D (The Amm0 's one... ;) ) Well, in honor of my 4,000th post (at time of writing), I decided to follow @ rextended's lead in consolidation. While back, I created a GitHub org called TIKOCI - https://github.com/tikoci - with that idea, but never got to the con...
by Amm0
Thu Oct 03, 2024 5:54 pm
Forum: Beginner Basics
Topic: the irrationality of [find]
Replies: 18
Views: 564

Re: the irrationality of [find]

Oh you should file a bug report. The "reset-counters" should handle the case there is a find & it's nothing.

Just because it's explainable, does mean it makes sense. :?
by Amm0
Thu Oct 03, 2024 1:46 am
Forum: Containers
Topic: Running Node Red on container, which one?
Replies: 10
Views: 1023

Re: Running Node Red on container, which one?

[deleted]
by Amm0
Thu Oct 03, 2024 1:45 am
Forum: Containers
Topic: Running Node Red on container, which one?
Replies: 10
Views: 1023

Re: Running Node Red on container, which one?

Good news. I didn't think it was very heavy-weight - but worth testing. FWIW, `top` inside the container may not be the best test, since, I think, memory includes all user available memory, excluding kernel. While the RouterOS values include both. But I'm not 100%... Your stop/start test, and math, ...
by Amm0
Wed Oct 02, 2024 9:42 pm
Forum: Announcements
Topic: v7.17beta [testing] is released!
Replies: 252
Views: 21235

Re: v7.17beta [testing] is released!

I have posted further updates to the manual, so all your Device mode questions should be answered in there . https://help.mikrotik.com/docs/display/ROS/Device-mode Similar question... under "bandwidth-test" ... it does not discuss /tool/speed-test. I guess it's not included if one believe...
by Amm0
Wed Oct 02, 2024 5:17 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1270
Views: 231147

Re: 📣 WinBox 4 is here 📣

- return ESC shortcut to close sub windows I like the ESC to close — but my issue is that is closes dialogs that are dirty (have changes, but no "apply"). ESC should not close a dialog if it causes data loss . Perhaps it could prompt to apply it before closing would work too. But right no...
by Amm0
Wed Oct 02, 2024 5:05 pm
Forum: General
Topic: ROS Scripting question
Replies: 4
Views: 150

Re: ROS Scripting question

The scripting, and the concepts behind it, are way beyond me, but I am curious what this script does? What problem does it solve? OP uses an array to define what config to later do wrt to interfaces. Mikrotik @dru has a video on arrays here: https://www.youtube.com/watch?v=eWCJw0uZ-lE To summarize,...
by Amm0
Wed Oct 02, 2024 11:40 am
Forum: Beginner Basics
Topic: the irrationality of [find]
Replies: 18
Views: 564

Re: the irrationality of [find]

So it is not a quirk of the find command in itsellf, but rather a "wrong implied default" of "all" in the command /ip hotspot user reset-counters? That's what I'm suggesting: it's the command's logic, not find's logic at issue. A zero-length list is NOT nil/[:nothing], so reset-...
by Amm0
Wed Oct 02, 2024 11:17 am
Forum: Beginner Basics
Topic: the irrationality of [find]
Replies: 18
Views: 564

Re: the irrationality of [find]

Now I get it. I ain't arguing this is great. But it's rational. /ip/hotspot/user/reset-counters has some trickier logic... here "numbers=" attribute is optional . And numbers= is actual name of attribute used by the unnamed arg used by [find name=a]. So "reset-counter" already as...
by Amm0
Wed Oct 02, 2024 10:44 am
Forum: General
Topic: Scheduler not executing my script
Replies: 4
Views: 527

Re: Scheduler not executing my script

It may be permissions (fetch specifically, see docs on /system/script). One tip in scheduler you can use just "on-event=ScheduleDynDNS" to run a script, without the /system/script/run part. Another approach is /ip/cloud – that avoid scripting. You can use CNAME at in your hosted DNS, to ke...
by Amm0
Wed Oct 02, 2024 9:55 am
Forum: Beginner Basics
Topic: the irrationality of [find]
Replies: 18
Views: 564

Re: the irrationality of [find]

No. [find] mean "all". It's a filter, so if you don't apply any filters like name="a" to match, the default is return all. Otherwise, the would be no way to express "find everything". You can test find by using it standalone: :put [/ip hotspot user find name=a] *29 :put...
by Amm0
Wed Oct 02, 2024 4:31 am
Forum: General
Topic: ROS Scripting question
Replies: 4
Views: 150

Re: ROS Scripting question

It's a list of lists, so index es are just the numbers, wrapped in (). So... ($interfaceConfigs->0->1) would be 52821 Notes: - Do not use ($interfaceConfig->"1") as that will not work in the case, plain numbers for a list. The ($array->"1") syntax - with quotes - is for map array...
by Amm0
Tue Oct 01, 2024 8:58 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11094

Re: Router OS 7 on UEFI

NOT a fully tested script, only the needed info and the commands I used manually. I can offer a self-service solution to building them.... FWIW, you/anyone to rebuild the image using any script with GitHub running it using "GitHub Actions". Basically, the steps to "Creating your own ...
by Amm0
Tue Oct 01, 2024 8:17 pm
Forum: Announcements
Topic: Newsletter #120 | September 2024
Replies: 54
Views: 7446

Re: Newsletter #120 | September 2024

Why no SFP+ port (or two)?
My guess: the additional heat from SFPs requires fan/more complex cooling. See CRS304 (plastic) vs CRS305 (metal).
(& reason alone for the nomenclature variance IMO)
by Amm0
Tue Oct 01, 2024 8:03 pm
Forum: Announcements
Topic: v7.17beta [testing] is released!
Replies: 252
Views: 21235

Re: v7.17beta [testing] is released!

So it seems that when you try to setup partitions while not having that device-mode option set, it just corrupts the device? That is even worse than being unable to switch partitions after upgrade... That be my take. I only went down the rabbit hole since the RB1100 had a physical serial port. Clea...
by Amm0
Tue Oct 01, 2024 7:37 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1270
Views: 231147

Re: 📣 WinBox 4 is here 📣

feature request - Support Apple Passwords/Keychain/Secure Enclave to store RouterOS username/passwords Since we now have a native app, it be nice if I could read/store the RouterOS creds with all my other passwords in the Keychain used by iOS/MacOS. To me, this is more secure, than some encrypted f...
by Amm0
Tue Oct 01, 2024 6:29 pm
Forum: Announcements
Topic: v7.17beta [testing] is released!
Replies: 252
Views: 21235

Re: v7.17beta [testing] is released!

@pe1chl, I kinda figured that, since you can see those options in /partition – I just played dumb, and followed winbox... it wanted asked to reboot, so I just said yes & wanted to see what happen. And, I confirmed it was running the matching firmware before doing this too. But after reboot, I co...
by Amm0
Tue Oct 01, 2024 6:03 pm
Forum: Announcements
Topic: v7.17beta [testing] is released!
Replies: 252
Views: 21235

Re: v7.17beta [testing] is released!

I sure hope there will be a clear explanation of what happens to existing devices that use those features, for all reasonable existing device-mode settings. On my test RB1100AHx4 with 7.17beta2, it showed partitioning menu (with device-mode showing "mode: advanced" and container=yes"...
by Amm0
Tue Oct 01, 2024 2:09 am
Forum: General
Topic: WebFig Skins no longer working
Replies: 6
Views: 1446

Re: WebFig Skins no longer working

From what I’ve seen, creating a skin through WebFig first, then using that folder for your uploads, seems to be the workaround. I've also run into similar problems where SCP alone didn’t cut it. That's the best advice: let webfig create it first. Especially if you have an older router, I'm not 100%...
by Amm0
Mon Sep 30, 2024 9:30 pm
Forum: Scripting
Topic: REST API schema for Postman & more
Replies: 8
Views: 7668

Re: REST API schema for Postman & more

Just registered to say thank you for sharing this! Thanks! I recently created a Postman "code generator" to convert a Postman Request JSON, into the right /tool/fetch. I'm still working on it & Postman needs to accept it. But the project would allow RouterOS /tool/fetch "code sni...
by Amm0
Mon Sep 30, 2024 3:32 pm
Forum: Containers
Topic: Running Node Red on container, which one?
Replies: 10
Views: 1023

Re: Running Node Red on container, which one?

BY the way I'm curious how you modified settings.json having only NR, on settings it doesn't seem possible. Maybe you used NR nodes to open and edit file? Regular Docker allows you do a -p 80:1880 to map port..,so the node-red image assumes that how to re-map ports. Now, some/most containers let yo...
by Amm0
Mon Sep 30, 2024 1:05 am
Forum: Beginner Basics
Topic: Scripting - changing interface paramters
Replies: 2
Views: 161

Re: Scripting - changing interface paramters

Question is: Can I modify the value of the remote-address of my IPIPv6 from the same script? First thought that PUTting /interface ipipv6 ipipv6-DGN remote-address=$AFTRname would work, but nay... I think you're missing a "set" in your command: /interface ipipv6 set ipipv6-DGN remote-addr...
by Amm0
Mon Sep 30, 2024 12:51 am
Forum: Containers
Topic: Running Node Red on container, which one?
Replies: 10
Views: 1023

Re: Running Node Red on container, which one?

In the other topic Amm0 wrote about https and certificates, I suppose they may be useful for the DNS purpose he focused to solve, is it correct? About NR interface is just necessary to work with http, it's fine. Correct, HTTPS was strictly needed in the "poor-man's" captive portal NodeRED...
by Amm0
Sun Sep 29, 2024 9:01 pm
Forum: Announcements
Topic: v7.16 [stable] is released!
Replies: 289
Views: 39071

Re: v7.16 [stable] is released!

If the DNS server run by RouterOS has two /ip/dns/static records (in that order): nas.home.arpa A 192.168.1.101 *.home.arpa$ NXDOMAIN Then, per my understanding of the docs, client’s request for nas.home.arpa is going to match [2]. Am i wrong? Yes, you're wrong. The regex entry matches instead. FWI...
by Amm0
Sun Sep 29, 2024 8:34 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11094

Re: Router OS 7 on UEFI

Basically I agree with @sindy: I would expect gentlemen in Riga to provide either "BIOS CHR" and "UEFI CHR" images or a "universal CHR" image off the shelf rather than offloading that task to volunteers. [...] so a UEFI boot in a hosting is not a niche case any more. Tw...
by Amm0
Sun Sep 29, 2024 7:32 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11094

Re: Router OS 7 on UEFI

Somehow, I would expect gentlemen in Riga to provide either "BIOS CHR" and "UEFI CHR" images or a "universal CHR" image off the shelf rather than offloading that task to volunteers. [...] Yeah that was my point to @jaclaz – Mikrotik should fix the UEFI & they'd kno...
by Amm0
Sun Sep 29, 2024 6:31 pm
Forum: Scripting
Topic: Add more logged detail to fetch?
Replies: 4
Views: 325

Re: Add more logged detail to fetch?

I have not studied @jonte's Splunk scripts, so bit blind on what they might capture. Fundamentally, the logging system has some limits - which @jonte/others have cataloged. The one trick logging does have is adding more/"duplicate" /system/logging/actions (and use them for different subset...
by Amm0
Sun Sep 29, 2024 3:28 am
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11094

Re: Router OS 7 on UEFI

@jaclaz, I wouldn't get too crazy. The 2-3 cases of AppleVZ, Vultr, and potentially "Gen2" Hyper-V. And I do kinda think it be better to use the official Mikrotik ones if at all possible & those do work on BIOS system. So the fact these are EUFI only is kinda a safety net. Plus, there ...
by Amm0
Sat Sep 28, 2024 11:23 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11094

Re: Router OS 7 on UEFI

Tried also with NVMe interface, I'm running also Debian arm64 with Apple Virtualization and it requires NVMe to avoid FS corruption, unfortunately for ROS boot same result. Well we tried. There not a lot options to tweak, and I'd image the issue with AppleVM + CHR + ARM64 isn't partitioning. Thanks!
by Amm0
Sat Sep 28, 2024 11:20 pm
Forum: Containers
Topic: New container project: "mikrotik.upgrade.server" / "mus"
Replies: 7
Views: 4430

Re: New container project: "mikrotik.upgrade.server" / "mus"

Fair enough, it on the Alpine mirror list (https://mirrors.alpinelinux.org). The docs use "dl-cdn.alpinelinux.org", so the complex DNS name caught me off guard. Now you violating the core Docker philosophy with openrc (i.e. one container, one thing) ;). But I'm not such a purist. Especiall...
by Amm0
Sat Sep 28, 2024 11:02 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11094

Re: Router OS 7 on UEFI

Since I have it running on Intel mac, on arm mac was just POC tryout. Yeah same boat, I have 2019 MacBook Pro with Intel i9. Since I do deal with [Intel] VMs enough, I didn't want to mess with Rosetta ;). The only thing else to try for UTM+Apple+ARM64 be checking the "Use NVMe"box – that ...
by Amm0
Sat Sep 28, 2024 10:50 pm
Forum: General
Topic: Trouble: Can't connect to ATL after update [SOLVED]
Replies: 45
Views: 1762

Re: Trouble: Can't connect to ATL after update [SOLVED]

And in this post, there are the CLI commands for upgrading LTE things:
viewtopic.php?t=199087&hilit=band+66#p1025119
by Amm0
Sat Sep 28, 2024 10:44 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11094

Re: Router OS 7 on UEFI

No luck, same issue as with my modifications on image. com.apple.Virtualization.VirtualMachine stuck on 400% cpu, it seems loop, no output on serial console or display. Remove the display – that does not work in UTM+Apple. It's serial only on X86, so imagine it's the same on ARM64. I think Apple us...
by Amm0
Sat Sep 28, 2024 10:33 pm
Forum: General
Topic: Trouble: Can't connect to ATL after update [SOLVED]
Replies: 45
Views: 1762

Re: Trouble: Can't connect to ATL after update [SOLVED]

Good news. Sorry if I sounded short, but 7.5 was just a bad idea. And totally get it was some Mikrotik that who somehow broke it, to require the roof + netinstall. And, clearly MT should remove that "7.5" reference (or update the page so highlight that someone re-confirmed it ;) ) to avoid...
by Amm0
Sat Sep 28, 2024 10:14 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11094

Re: Router OS 7 on UEFI

Test them both using Apple Virtualization (in UTM and Swift Playground), so they generally work. Tested on mac with arm64 or x86_64 arch? Since I'm running the CHR superstore, I built an ARM64 image with the FAT modification for 7.17beta2: https://github.com/tikoci/fat-chr/releases/tag/Build1108629...
by Amm0
Sat Sep 28, 2024 9:17 pm
Forum: General
Topic: Trouble: Can't connect to ATL after update [SOLVED]
Replies: 45
Views: 1762

Re: Trouble: Can't connect to ATL after update [SOLVED]

This has gotten silly. I don't know what to tell you. You should run latest LTE firmware, RouterBOOT and RouterOS to start and troubleshoot any issues from there. FWIW... now you've likely downgraded the RouterBOOT firmware to 7.5. And if there was somehow fix for netinstall in the firmware between ...
by Amm0
Sat Sep 28, 2024 9:03 pm
Forum: General
Topic: Trouble: Can't connect to ATL after update [SOLVED]
Replies: 45
Views: 1762

Re: Trouble: Can't connect to ATL after update [SOLVED]

Netinstall problems are rare. Well, other than not be able to run it because of OS security block DHCP/TFTP (aka windows), or doing the "reset button dance" incorrectly. More relevant than "factory-*" version, at least to netinstall, is current-firmware= in /system/routerboard. T...
by Amm0
Sat Sep 28, 2024 8:43 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11094

Re: Router OS 7 on UEFI

@jaclaz, you're the boss - 7.17.beta2 mangled using your gdisk magic made Vultr happy. And I rebuilt the 7.15.3 and 7.16 images to use/default to the @jaclaz variant on GitHub: 7.15.3 - https://github.com/tikoci/fat-chr/releases/tag/Build11085737402-jaclaz 7.16 - https://github.com/tikoci/fat-chr/r...
by Amm0
Sat Sep 28, 2024 7:58 pm
Forum: General
Topic: Trouble: Can't connect to ATL after update [SOLVED]
Replies: 45
Views: 1762

Re: Trouble: Can't connect to ATL after update [SOLVED]

I'd netinstall 7.16, and try that. Based on what? The manual is clear - 7.5. What is there to try? Well... a decade of knowing Mikrotik is not great at updating documentation. And, you have a pretty locked down router, so if you have security needs... there no security patches/hotfixes/etc in older...
by Amm0
Sat Sep 28, 2024 7:50 pm
Forum: Containers
Topic: New container project: "mikrotik.upgrade.server" / "mus"
Replies: 7
Views: 4430

Re: New container project: "mikrotik.upgrade.server" / "mus"

Nifty work. But is there a reason you're not using the Alpine CDN URLs? In Dockerfile, RUN echo 'https://ftp.halifax.rwth-aachen.de/alpine/v3.20/main/' >> /etc/apk/repositories \ && echo 'https://ftp.halifax.rwth-aachen.de/alpine/v3.20/community' >> /etc/apk/repositories \ && apk add...
by Amm0
Sat Sep 28, 2024 6:47 pm
Forum: General
Topic: Trouble: Can't connect to ATL after update [SOLVED]
Replies: 45
Views: 1762

Re: Trouble: Can't connect to ATL after update [SOLVED]

I'd netinstall 7.16, and try that. If there was some security patch, you'd be force to upgrade form 7.5 anyway & have these same troubles (except it could be potentially be back on roof) . If you troubleshoot 7.16 while it NOT on the pole, you'd be better set for future updates. And, importantly...
by Amm0
Sat Sep 28, 2024 6:21 pm
Forum: Announcements
Topic: v7.17beta [testing] is released!
Replies: 252
Views: 21235

Re: v7.17beta [testing] is released!

No need to have the vlan interfaces created on the ethernet interface, just one pppoe-server specifying all the vlan id where it could work and applied on the ethernet interface. What if I want that one specific vlan on a range operates on a different profile? What if I want that one specific vlan ...
by Amm0
Sat Sep 28, 2024 5:37 pm
Forum: RouterBOARD hardware
Topic: Running out of space on hAP ac2 [SOLVED]
Replies: 51
Views: 14317

Re: Running out of space on hAP ac2 [SOLVED]

Few notes here since this whole 16MB flash comes up in my world... - The only thing that truly cleans things is doing netinstall. And, if want to run wifi-qcom-ac, IMO, you should go through the trouble of netinstall. - The amount of free space even if clean can still vary because not everyone is go...
by Amm0
Sat Sep 28, 2024 4:52 am
Forum: The Dude
Topic: dude server
Replies: 5
Views: 400

Re: dude server

I think ChatGPT has already had too many drinks.

Let me know how well that works out for you. Dude's permissions follow Winbox permission, and that level of granularity isn't possible. If not, please let me know.
by Amm0
Sat Sep 28, 2024 4:34 am
Forum: Scripting
Topic: Add more logged detail to fetch?
Replies: 4
Views: 325

Re: Add more logged detail to fetch?

fetch is a log topic, so first thing you want to do is enable that in /system/logging! You may need to add !raw - as it can log too much! e.g. Here is 301 Redirect "hard failure" in 7.17 shown in logs: 2024-09-27 17:41:08 fetch,debug Download from https://wttr.in/@mikrotik.com?format=4 to ...
by Amm0
Sat Sep 28, 2024 2:53 am
Forum: The Dude
Topic: dude server
Replies: 5
Views: 400

Re: dude server

You should look at webfig, but I just tried to do this & the SVG with Dude map in webfig is NOT controllable by skins... But a skin can limit what a user would see to just all maps. It them seeing only one map that be a problem.
by Amm0
Sat Sep 28, 2024 2:42 am
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1270
Views: 231147

Re: 📣 WinBox 4 is here 📣

Must've just been a fluke one off, that severely angered me. Back to using Winbox4 beta... FWIW, if that's in some scheduled script, I'd add some "... print" before remove - just possibly prevent stale/in-flight config/realtime data from being used (i.e. kinda like F5 in winbox gets a ref...
by Amm0
Sat Sep 28, 2024 2:21 am
Forum: The Dude
Topic: dude server
Replies: 5
Views: 400

Re: dude server

Not in the Dude, basically there is database & user has either read/write or read. It's policy system is even worse the RouterOS... But... if it's just the maps or a map... One approach is to use webfig to show them . While webfig [unforentely] does not show very much from the dude, it would sho...
by Amm0
Sat Sep 28, 2024 1:25 am
Forum: General
Topic: Big Config Sanity Check..
Replies: 2
Views: 325

Re: Big Config Sanity Check..

Looks mostly right from a quick read. I'd make sure the VRRP in the same interface-list as the VLAN is, since traffic go in/out of VRRP directly (which might not be treated same as VLAN depending on specific FW rules). Now its queuing strategy could use some work IMO. But I'm not the expert & so...
by Amm0
Sat Sep 28, 2024 12:37 am
Forum: Announcements
Topic: v7.16 [stable] is released!
Replies: 289
Views: 39071

Re: v7.16 [stable] is released!

You can have a couple of .home.arpa records in the DNS and at the end a *.home.arpa$ record with NXDOMAIN. From the docs : [...] In case an entry does not conform with DNS naming standards I never tried that, but doesn't that mean all *.home.arpa recrods going to be effectively NXDOMAIN'd? Oh the a...
by Amm0
Fri Sep 27, 2024 9:54 pm
Forum: Announcements
Topic: v7.17beta [testing] is released!
Replies: 252
Views: 21235

Re: v7.17beta [testing] is released!

The width of the current terminal does affect how many columns it outputs.... sure it ain't that? Very sure Hmm, I couldn't repo in 7.17beta, RB1100AHx, WinBox4 terminal: routing/route/print where afi~"ip6" Flags: U - UNREACHABLE, A - ACTIVE; c - CONNECT, d - DHCP; H - HW-OFFLOADED; B - B...
by Amm0
Fri Sep 27, 2024 9:48 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11094

Re: Router OS 7 on UEFI

as soon as Sindy will be able to (hopefully) report success in the environment(s) he uses, the matter should be pseudo-solved. Sorry, it was neither soon nor 100% success. Both the pre-cooked images from @Amm0 I've tried, i.e. chr-7.16.uefi-fat.raw and chr-7.16.uefi-fat-kriszos.raw, [...] neither o...
by Amm0
Fri Sep 27, 2024 9:36 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11094

Re: Router OS 7 on UEFI

Ran the 3 image scripts (jaclaz, kriszos, no-gdisk) again with 7.17beta2. Same as 7.16, kriszos script fails in middle because of the "overlap", the other two work. @jaclaz's gdisk script gets to "The operation has completed successfully.". Apple requires only FAT, so all three w...
by Amm0
Fri Sep 27, 2024 8:59 pm
Forum: Announcements
Topic: v7.17beta [testing] is released!
Replies: 252
Views: 21235

Re: v7.17beta [testing] is released!

On the stats from 7.16 to 7.17beta2, there are +74 new commands and +803 new attributes (although the "group-by" gins up the numbers since that in a lot of places ;)) *) zerotier - upgraded to version 1.14.0; +1 +½ There are also newer options in ZeroTier too that are not exposed... yet? ...
by Amm0
Fri Sep 27, 2024 8:52 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1270
Views: 231147

Re: 📣 WinBox 4 is here 📣

subtle usability - show new package download like the winbox upgrade in top bar In the WinBox4 scheme, the new System>Packages dialog is actually more confusing IMO. Perhaps I'm dumb, but actually I keep hitting OK instead of hitting the action button. I get this follows the new scheme, but winbox3...
by Amm0
Fri Sep 27, 2024 8:40 pm
Forum: Announcements
Topic: v7.17beta [testing] is released!
Replies: 252
Views: 21235

Re: v7.17beta [testing] is released!

on 7.16 and above > routing/route/print where afi=l2vpn Flags: H - HW-OFFLOADED Columns: DST-ADDRESS, AFI DST-ADDRESS AFI before 7.16 > routing/route/print where afi=l2vpn Flags: U - UNREACHABLE, A - ACTIVE; b - BGP; H - HW-OFFLOADED; + - ECMP Columns: DST-ADDRESS, GATEWAY, AFI, DISTANCE, SCOPE, TA...
by Amm0
Fri Sep 27, 2024 8:30 pm
Forum: General
Topic: Trouble: Can't connect to ATL after update [SOLVED]
Replies: 45
Views: 1762

Re: Trouble: Can't connect to ATL after update [SOLVED]

As I said, I use only SSH to connect to any of the routers and all other methods were intentionally disabled for security reasons.
Gotcha. Well, then it's getting it off the roof/tower to reset it one way or another.

I'll note at some level, you can get too crazy locking these down...
by Amm0
Fri Sep 27, 2024 7:23 pm
Forum: Containers
Topic: Containers wont start on RB3011 UiAS Topic is solved
Replies: 29
Views: 1602

Re: Containers wont start on RB3011 UiAS Topic is solved

Okay, I have no idea now. Make sure to include the supout.rif in your support case, as that has logs/config for them.
by Amm0
Fri Sep 27, 2024 7:19 pm
Forum: Containers
Topic: Containers wont start on RB3011 UiAS Topic is solved
Replies: 29
Views: 1602

Re: Containers wont start on RB3011 UiAS Topic is solved

I just try this example and does't seem to work... i just use: "usb2-part1/debian/container1"

For some weird reason the alpine image works... :lol:
What partitioning is used on the usb2-part1? If it's FAT you'd want to keep the names shorter. And if FAT, maybe use an ext4 partition.
by Amm0
Fri Sep 27, 2024 7:14 pm
Forum: General
Topic: Trouble: Can't connect to ATL after update [SOLVED]
Replies: 45
Views: 1762

Re: Trouble: Can't connect to ATL after update [SOLVED]

That seems like good news — If you can get into the ATL via ssh and 192.168.188.1 - there is no need for going to mast. No, it's the opposite. Quoting myself: I can't ping anything (even the gateway), I can't SSH to the gateway. And you tried winbox to see if shows up as "Neighbor" with M...
by Amm0
Fri Sep 27, 2024 7:12 pm
Forum: Containers
Topic: Containers wont start on RB3011 UiAS Topic is solved
Replies: 29
Views: 1602

Re: Containers wont start on RB3011 UiAS Topic is solved

In simplier terms, root-dir= is the file name for the container image so it has to be unique. Despite having "-dir" in the name. No slash at start or end!
by Amm0
Fri Sep 27, 2024 7:08 pm
Forum: Containers
Topic: Containers wont start on RB3011 UiAS Topic is solved
Replies: 29
Views: 1602

Re: Containers wont start on RB3011 UiAS Topic is solved

I really would try in the form "root-dir=usb1-part1/some-new-name" from CLI

And make sure you're using the "mount point" shown in "/disk print" (which may not be usb1-part1 in my example).
by Amm0
Fri Sep 27, 2024 7:02 pm
Forum: Containers
Topic: Containers wont start on RB3011 UiAS Topic is solved
Replies: 29
Views: 1602

Re: Containers wont start on RB3011 UiAS Topic is solved

Hmm, if you don't have a preceding slash. Just make sure to pick a new name - I'm not sure what happens if you have had an image file already at the same name. Also keep in mind despite the name "root-dir=", it's actually the name of the container, not a directory to use. So if you keep pi...
by Amm0
Fri Sep 27, 2024 6:56 pm
Forum: Announcements
Topic: v7.17beta [testing] is released!
Replies: 252
Views: 21235

Re: v7.17beta [testing] is released!

After upgrade to 7.17beta2, my RB1100AHx4 test router upgraded no problem. However...a ROSE RAID "disk" did not mount. ROSE-not-working-v7.17beta2.png I rebooted and still did not mount. I removed the RAID "disk", and re-added it again, still did not work. I disabled/renabled the...
by Amm0
Fri Sep 27, 2024 6:13 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1270
Views: 231147

Re: 📣 WinBox 4 is here 📣

Good grief! Who memorizes ip's? Feature request - resolve DNS name in ALL fields that require an IP or IPv6 address There are a few place where WinBox3 does take a DNS and will resolve it to IP inside of winbox (i.e. where the CLI/APIs want an "ip"/"ipv6" type). Perhaps some con...
by Amm0
Fri Sep 27, 2024 6:04 pm
Forum: Containers
Topic: Containers wont start on RB3011 UiAS Topic is solved
Replies: 29
Views: 1602

Re: Containers wont start on RB3011 UiAS Topic is solved

Well, it annoying and wrong. But I suspect you just need to use "root-dir=usb1-part1/debian-root" — without a leading "/". The mounts don't care about a leading slash, but for some reason root-dir= in main container does. This, I think, is a historic artifact, but CLI never like ...
by Amm0
Fri Sep 27, 2024 5:58 pm
Forum: General
Topic: Trouble: Can't connect to ATL after update [SOLVED]
Replies: 45
Views: 1762

Re: Trouble: Can't connect to ATL after update [SOLVED]

Sorry I was finishing my thread since I like to keep the options together ;). Reading your response. That seems like good news — If you can get into the ATL via ssh and 192.168.188.1 - there is no need for going to mast. Next question be is the LTE connection working, since something there go wrong ...
by Amm0
Fri Sep 27, 2024 5:46 pm
Forum: General
Topic: Trouble: Can't connect to ATL after update [SOLVED]
Replies: 45
Views: 1762

Re: Trouble: Can't connect to ATL after update [SOLVED]

Anyway RouterOS has lots of options to do avoid a netinstall. Just to complete the thread... If you do get to needing a netinstall... you can run it as a container on the hAP. See https://hub.docker.com/r/ammo74/netinstall - this avoid all the setup required on Windows for netinstall Netinstall on ...
by Amm0
Fri Sep 27, 2024 5:29 pm
Forum: General
Topic: Trouble: Can't connect to ATL after update [SOLVED]
Replies: 45
Views: 1762

Re: Trouble: Can't connect to ATL after update [SOLVED]

Also, since I think you have a hAP... this won't help now... but if you enable RoMON & the hAP was on same network as ATL, then RoMON be able to get into ATL via the hAP. It does require using winbox, where you connect to romon on the hAP, and assuming romon was enabled on ATL, winbox then show ...
by Amm0
Fri Sep 27, 2024 5:23 pm
Forum: General
Topic: Trouble: Can't connect to ATL after update [SOLVED]
Replies: 45
Views: 1762

Re: Trouble: Can't connect to ATL after update [SOLVED]

I guess I'm confused. Are you not able to get in after upgrade? Or does it just not work for LTE after upgrade? To clarify my earlier answer: Or is anyone using remote/difficult-to-reach-physically devices doomed to such issues? As noted, the "winbox" client app using ethernet(layer2) so e...
by Amm0
Fri Sep 27, 2024 5:00 pm
Forum: Scripting
Topic: USB GPIO EXTENDER
Replies: 10
Views: 546

Re: USB GPIO EXTENDER

And in recent V7... this would be much easier with [:convert]'s byte-array and bit-array-msb/lsb but I know you got V6.
by Amm0
Fri Sep 27, 2024 4:58 pm
Forum: Scripting
Topic: USB GPIO EXTENDER
Replies: 10
Views: 546

Re: USB GPIO EXTENDER

Now I see where the "string with 10101" OR needs come up in from your other thread. FWIW, if you control what being sent...you can make your parsing on the RouterOS easier. The printf % stuff is pretty flexible, so you can do stuff like add a "0x" with leading zeros (%#010x) or j...
by Amm0
Fri Sep 27, 2024 4:36 pm
Forum: Scripting
Topic: logical "or" over number
Replies: 20
Views: 1384

Re: logical "or" over number

Without any concrete needs/use, are all useless.
See viewtopic.php?t=211251
by Amm0
Fri Sep 27, 2024 3:53 pm
Forum: Announcements
Topic: Newsletter #120 | September 2024
Replies: 54
Views: 7446

Re: Newsletter #120 | September 2024

Another newsletter, and still looking some new products in your nifty "half rack, half U" form form factor(RB5009/L009/...) – like a PoE switch or SFP-only RB5xxxx (to interconnect with other RB5009s in a rack). - CRS304 10G Ethernet switch (no modules needed!) That is a nifty device. But ...
by Amm0
Fri Sep 27, 2024 3:38 pm
Forum: General
Topic: Trouble: Can't connect to ATL after update [SOLVED]
Replies: 45
Views: 1762

Re: Trouble: Can't connect to ATL after update [SOLVED]

Are you using winbox? Assuming you have the defaults, you should be able to get in via its MAC, not IP, address in the WinBox app from the LAN side of the router. If you can get in, look at the Logs & do an :export at Terminal and paste those here if you'd like. If Winbox with MAC address does N...
by Amm0
Fri Sep 27, 2024 3:24 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1270
Views: 231147

Re: 📣 WinBox 4 is here 📣

Abandoning Winbox 4 [...] I issued a command to delete an address list, [...] Command: /ip firewall address-list remove [find list=z-blocklist_FireHOL_L1 dynamic=yes] This means that beta releases of Winbox should not be used to manage remote devices/systems. Hold on. If you enter a command into th...
by Amm0
Fri Sep 27, 2024 3:03 pm
Forum: Scripting
Topic: USB GPIO EXTENDER
Replies: 10
Views: 546

Re: USB GPIO EXTENDER

It has to be at the end of what returned to RouterOS from your device's serial. The "OK" mean command is done/finished to that what trigger at-chat to put the data from input= to the OK into the variable. sprintf(&UART0.TX, "A%d \r\nOK\r\n" , PA4.VALUE) should work... the lin...
by Amm0
Fri Sep 27, 2024 2:38 pm
Forum: Scripting
Topic: USB GPIO EXTENDER
Replies: 10
Views: 546

Re: USB GPIO EXTENDER

Please tell me, Amm0! Do you not know how the support for AT commands works? I mean, how should the device accessed by the ppp-out interface return the data so that it is "correctly" returned by the interface? I'll explain. There is a programmable version of the device that I described he...
by Amm0
Thu Sep 26, 2024 10:03 pm
Forum: Scripting
Topic: USB GPIO EXTENDER
Replies: 10
Views: 546

Re: USB GPIO EXTENDER

Unfortunately, the module does not support the AT exchange format, so we cannot receive data from the input lines of the module, but we can control the digital outputs by setting their state to "1" or "0". If you connect a relay block to them, you can control low-voltage or high...
by Amm0
Thu Sep 26, 2024 8:53 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1270
Views: 231147

Re: 📣 WinBox 4 is here 📣

That would help to create a versatile desktop file. On .desktop file topic for Debian/Ubuntu... some SVG version of the WinBox icon be nice (winbox.svg). That allow `/usr/share/icons/hicolor/scalable/apps` to be used and keep the icon "pretty". (and @eworm know if SVG icon help for Arch)
by Amm0
Thu Sep 26, 2024 8:14 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1270
Views: 231147

Re: 📣 WinBox 4 is here 📣

i have an issue with winbox 4vb8... i can not start winbox. I see it in the processes but the windows of winbox is not starting.. any hints/tipps?
OS / version give more clues... Did it work in previous beta before?
by Amm0
Thu Sep 26, 2024 7:58 pm
Forum: Containers
Topic: Containers wont start on RB3011 UiAS Topic is solved
Replies: 29
Views: 1602

Re: Containers wont start on RB3011 UiAS Topic is solved

It's the "docker build" vs "docker buildx". I'm not sure Mikrotik's Pi-Hole building instructions are right for recent RouterOS. Since GitHub will build Docker images for free for public projects... I just use their "GitHub Actions" to deal with the docker stuff. Works ...
by Amm0
Thu Sep 26, 2024 7:45 pm
Forum: Beginner Basics
Topic: HDHomeRun broadcast is blocked
Replies: 11
Views: 556

Re: HDHomeRun broadcast is blocked

I have a 20 year old one in a HDHomeRun box. I'm going to have to bring that out, these HDHomeRun come up every month in the forum. But that won't help, since I think it's the "firewall" in your diagram. i.e. your PDF shows a firewall & broadcast do not go through a firewall: HDHomeRun...
by Amm0
Thu Sep 26, 2024 7:28 pm
Forum: The Dude
Topic: Dude Client/Server communication security
Replies: 4
Views: 496

Re: Dude Client/Server communication security

FWIW, docs on winbox suggest: "WinBox uses AES128-CBC-SHA as an encryption algorithm (requires WinBox version 3.14 or above)." So hard to know... But IMO dude/winbox protocol should NEVER run over internet (outside a VPN). The dude/winbox/routeros login password should be encrypted... but ...
by Amm0
Thu Sep 26, 2024 7:20 pm
Forum: The Dude
Topic: Upgrading devices from Dude
Replies: 1
Views: 204

Re: Upgrading devices from Dude

If you do "Upgrade" it just downloads the packages AFAIK, so a reboot of the device is what's needed get the applied. If you use "Force Upgrade" that will cause it be applied. AFAIK, you do need all of the package, including any extra-packages in same folder (assuming your device...
by Amm0
Thu Sep 26, 2024 7:18 pm
Forum: The Dude
Topic: dude database is locked - dude file path on smb share using ROSE
Replies: 3
Views: 274

Re: dude database is locked - dude file path on smb share using ROSE

If you disable/re-enable the dude in winbox, does that fix it?

You can try to do a "/dude/vacuum-db" to see if that fixes it or gets an error.
by Amm0
Thu Sep 26, 2024 6:51 pm
Forum: Beginner Basics
Topic: HDHomeRun broadcast is blocked
Replies: 11
Views: 556

Re: HDHomeRun broadcast is blocked

Post your config. It really should work if on the same LAN subnet.

Is it possible that the cisco switch is blocking broadcast to/from Mikrotik? You'd need add a bridge filter rule to actually block broadcast on RouterOS side.

Are we talking SwOS or RouterOS?
by Amm0
Thu Sep 26, 2024 6:48 pm
Forum: Beginner Basics
Topic: HDHomeRun broadcast is blocked
Replies: 11
Views: 556

Re: HDHomeRun broadcast is blocked

Is the HDHomeRun on the same LAN as your client? If they are on same LAN (say 192.168.88.x), then possible the app that's connecting may need permissions on the local OS to allow it receive broadcasts. But no default on RouterOS would block broadcasts within the same LAN. If the HDHomeRun and client...
by Amm0
Thu Sep 26, 2024 6:40 pm
Forum: General
Topic: Home Lab VLAN/Routing Help
Replies: 6
Views: 469

Re: Home Lab VLAN/Routing Help

I guess I'm trying to say is all the routers should generally have the same routes... as the return packets need some path back to the source.
by Amm0
Thu Sep 26, 2024 6:28 pm
Forum: Containers
Topic: Containers wont start on RB3011 UiAS Topic is solved
Replies: 29
Views: 1602

Re: Containers wont start on RB3011 UiAS Topic is solved

If you use my example above (https://forum.mikrotik.com/viewtopic.php?t=211025#p1099369), without any custom build, does that work? It be good to determine if it's your image that's the issue, or if something is actually broken in /container. FWIW, I use GitHub to build containers for RouterOS since...
by Amm0
Thu Sep 26, 2024 6:13 pm
Forum: Scripting
Topic: logical "or" over number
Replies: 20
Views: 1384

Re: logical "or" over number

And we come back to the original problem... How did those bits get represented in a RouterOS string – those had to come from somewhere. So if it was already "\01\00" form, not a string with actual ascii... then everything is easier.
by Amm0
Thu Sep 26, 2024 6:02 pm
Forum: Scripting
Topic: logical "or" over number
Replies: 20
Views: 1384

Re: logical "or" over number

Also, there be another approach using ":convert to=byte-array"to get an array... but that get you the ASCII codes for 1 and 0 :put [:convert to=byte-array from=raw "10101010"] # 49;48;49;48;49;48;49;48 but since that's at least an array, and not a string, you can use a :foreach o...
by Amm0
Thu Sep 26, 2024 5:40 pm
Forum: Scripting
Topic: logical "or" over number
Replies: 20
Views: 1384

Re: logical "or" over number

Do not do the same error, is not a OR or XOR, the number is only one, is just INVERT or at least NOT (can not really be NOT since the base is unknow.....) I wrote it that way and named it wrong. :shock: As you point out, it hard to know what he's looking for. I was just trying to point out getting ...
by Amm0
Thu Sep 26, 2024 5:32 pm
Forum: Scripting
Topic: logical "or" over number
Replies: 20
Views: 1384

Re: logical "or" over number

@Amm0 It would be easier to know where that 01001 came from and why it needs to be transformed into 10110. But @Sertik suckers us in every time. I guess I view his questions a RouterOS version of LeetCode questions (i.e. theoretical CS problems). Anyway, for fun, here is my take: :global invBinaryS...
by Amm0
Thu Sep 26, 2024 4:47 pm
Forum: Containers
Topic: Containers wont start on RB3011 UiAS Topic is solved
Replies: 29
Views: 1602

Re: Containers wont start on RB3011 UiAS Topic is solved

Yeah, I was betting on VETH... but if you re-create it before and don't change it, then that's not VETH. So if you're using a custom build image, you want to make sure to "--sbom=false --provenance=false" to your build as the "attestations" have caused problems in past (and I'm n...
by Amm0
Thu Sep 26, 2024 4:29 pm
Forum: Scripting
Topic: logical "or" over number
Replies: 20
Views: 1384

Re: logical "or" over number

I get @Sertik like a clean simple generic solution. But... once you go beyond 7-bits, all conversions from binary to number need to know a lot more on how the binary is structured. If you really are starting with some LONGER string with binary 1/0's like "01000100101111010101010" — you hav...
by Amm0
Thu Sep 26, 2024 3:42 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1270
Views: 231147

Re: 📣 WinBox 4 is here 📣

Tend agree that ESC should close any dialog box if it's not be changed (but not Terminal). Now I suspect Mikrotik's internal debate mirror the ones here about what the keyboard shortcuts should be & why there aren't many in the beta's so far. CTRL+D closes the whole terminal window. Except CTRL+...
by Amm0
Thu Sep 26, 2024 3:26 pm
Forum: Beginner Basics
Topic: how to query by query words [SOLVED]
Replies: 7
Views: 1059

Re: how to query by query words [SOLVED]

Oh my god, i thought there could only be one line of operators. Thank you. If you have haven't used an old RPN-based HP calculator, you'd think Mikrotik was crazy for how this works. You can have multiple operators in one line, but you can ALSO have multiple "#operators" in the string arr...
by Amm0
Thu Sep 26, 2024 7:25 am
Forum: Beginner Basics
Topic: how to query by query words [SOLVED]
Replies: 7
Views: 1059

Re: how to query by query words [SOLVED]

You can have multiple "#operators" to resolve the stack as you go. { ".query": [ "chain=chain2", "chain=chain1", "#|", "action=netmap", "action=log", "#|&" "src-address=fd00:0:0:3::/64", "#&" ...
by Amm0
Thu Sep 26, 2024 6:08 am
Forum: The Dude
Topic: Dude version incompatibility
Replies: 1
Views: 227

Re: Dude version incompatibility

Installed TheDude 7.15.3 server (my Cube 60Pro ac building bridge is on that version currently) and enabled it. By accident, I installed version 7.16 of the client. It starts up, displays "Downloading Updates" and then immediately closes. Maybe an "Incompatible version" message ...
by Amm0
Thu Sep 26, 2024 5:50 am
Forum: Containers
Topic: Containers wont start on RB3011 UiAS Topic is solved
Replies: 29
Views: 1602

Re: Containers wont start on RB3011 UiAS Topic is solved

I just do another test. I install an alpine container that just pings 8.8.8.8. And i install it on the internal memory. Same result. Does it still not stay started? One note: it's absolutely critical the VETH is created before the container, once the image is first started those setting get persist...
by Amm0
Thu Sep 26, 2024 4:44 am
Forum: Announcements
Topic: Question to our users about controllers
Replies: 58
Views: 14035

Re: Question to our users about controllers

P.S: it seems nearly all of your wishes can already be accomplished by The Dude. It has groups and mass upgrade and runs on a router. So why not Dude until now? I'll add that Dude's mass upgrade still works , docs are here: https://wiki.mikrotik.com/wiki/Upgrading_RouterOS_with_Dude with an addendu...
by Amm0
Thu Sep 26, 2024 2:41 am
Forum: General
Topic: Home Lab VLAN/Routing Help
Replies: 6
Views: 469

Re: Home Lab VLAN/Routing Help

Yeah your default route look wrong. But it's unclear where the internet go out, so hard to say what to fix.... But the route where the internet goes out is what should the be the gateway= (likely on the 10.0.99.x), and the router with upstream internet needs a NAT masquerade rule too.
by Amm0
Wed Sep 25, 2024 8:33 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1270
Views: 231147

Re: 📣 WinBox 4 is here 📣

BUG? — drop-drop file(s) fails with error message about disk space (MacOS 15.0 / WinBox4 beta8) My test router has a raid1/ volume with 50GBs free, but the root does have limited space. Upload the WinBox4 button, works fine. But when I drag a file from finder to a disk or directory under raid1/...,...
by Amm0
Wed Sep 25, 2024 8:01 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1270
Views: 231147

Re: 📣 WinBox 4 is here 📣

It seems that winbox4 uses UTF-8 (finally), just like (probably) your web browser running webfig. Ah, but the WinBox4 Terminal is like weird transfer area at an airport ;) Take some UTF-8 stuff in an interface name/comment: UTF8inInterfaceWinBox4Window.png If one follows the UTF-8 is the "code...
by Amm0
Wed Sep 25, 2024 6:49 pm
Forum: General
Topic: Device got hacked 1 min after connected to internet
Replies: 43
Views: 3268

Re: Device got hacked 1 min after connected to internet

I think @optio is getting a bad wrap here. He was trying re-enforce the point that an attack can happen quickly. And LTE can surprise you since it can, sometimes, take no configuration to come up and work with a public IP. (Now... having public IP on LTE is not that common, and more typical CGNAT fr...
by Amm0
Wed Sep 25, 2024 4:10 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1270
Views: 231147

Re: 📣 WinBox 4 is here 📣

- Focus on the first input field when opening a subwindow form - Select all text when changing fields with Tab - Add submitting forms with Enter key It be nice if <tab> go through ALL the setting in a dialog box. Specifically <tab> should: - open the collapsed sections when <tab>'ing (if the editab...
by Amm0
Wed Sep 25, 2024 3:50 pm
Forum: Scripting
Topic: get variables from file [SOLVED]
Replies: 3
Views: 637

Re: get variables from file [SOLVED]

FWIW, if you can control the format of the file with variables... you may want to consider using JSON in the file...as that be one operation with the new deserialize: :global myconfig [:deserialize from=json [/file get $myjson contents]] But your original data have to be JSON: { "SCRIPT_VERSION...
by Amm0
Wed Sep 25, 2024 2:19 pm
Forum: Beginner Basics
Topic: how to query by query words [SOLVED]
Replies: 7
Views: 1059

Re: how to query by query words [SOLVED]

... and you asked a similar question here: viewtopic.php?t=198974#p1021503
by Amm0
Wed Sep 25, 2024 2:18 pm
Forum: Beginner Basics
Topic: how to query by query words [SOLVED]
Replies: 7
Views: 1059

Re: how to query by query words [SOLVED]

You have to use a POST method, and use the ".query" parameter to specify the filter to apply. But the syntax for .query is stack-based is a bit complex. There are some examples here; https://forum.mikrotik.com/viewtopic.php?t=204028&hilit=.query The other approach is to do a GET (or PO...
by Amm0
Wed Sep 25, 2024 4:43 am
Forum: The User Manager
Topic: SQL type of Usermanager
Replies: 9
Views: 5901

Re: SQL type of Usermanager

I have made progress, I'm reading and writing without any problem from my VB.net application to the sqldb database. The only problem I still got is that usermanager seem to refresh the database. I think there is to version of the database. One is save on ROM and one seem to be load in memory. I mak...
by Amm0
Wed Sep 25, 2024 3:43 am
Forum: General
Topic: RoS 7.16 RC4 mDNS
Replies: 34
Views: 3780

Re: RoS 7.16 RC4 mDNS

Well... that's true. But still need EoIP to add the multicast to WG – but you're right the EoIP can run over an existing WG tunnel (and skip the IPSec stuff that's built in to EoIP). * Both ends use EoIP over the Wireguard link (with no IPSEC). * End A connects it's EoIP port to the bridge/VLAN of ...
by Amm0
Wed Sep 25, 2024 12:01 am
Forum: General
Topic: RoS 7.16 RC4 mDNS
Replies: 34
Views: 3780

Re: RoS 7.16 RC4 mDNS

Do you think mDNS could work through a Wireguard tunnel? Yes you can but it doesn't use the new mDNS repeater function. See this topic. https://forum.mikrotik.com/viewtopic.php?t=194842 Well... that's true. But still need EoIP to add the multicast to WG – but you're right the EoIP can run over an e...
by Amm0
Tue Sep 24, 2024 11:57 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11094

Re: Router OS 7 on UEFI

Sorry, double post. I quickly re-factored my CHR builder. So there are now 7.16 images, using the three approaches: @jaclaz's latest (chr-7.15.3.uefi-fat-jaclaz.raw), @kriszos's original (chr-7.15.3.uefi-fat-kriszos.raw), and "no gdisk" (chr-7.15.3.uefi-fat-no-gdisk.raw), see: https://git...
by Amm0
Tue Sep 24, 2024 9:31 pm
Forum: General
Topic: Wishes for 7.17 beta
Replies: 11
Views: 727

Re: Wishes for 7.17 beta

Perhaps, a middle ground for a "minor release" is the addition of a new logging action to run a RouterOS script, and/or ability directly send a syslog message from scripting? This allow any mapping someone desired, filtering, etc. before it goes to a syslog server i.e. /system/logging/acti...
by Amm0
Tue Sep 24, 2024 8:37 pm
Forum: General
Topic: RoS 7.16 RC4 mDNS
Replies: 34
Views: 3780

Re: RoS 7.16 RC4 mDNS

I'll try with another VPN...
Well... the VPN does need to support multicast & that's the limiting factor to repeating mDNS. I don't think L2TP work with new mDNS proxy. So off top of my head, that be GRE+IPSec, EoIP+IPSec and ZeroTier - that should work with new mDNS repeater.
by Amm0
Tue Sep 24, 2024 8:30 pm
Forum: General
Topic: Fetch https POST or GET TimeOut
Replies: 2
Views: 243

Re: Fetch https POST or GET TimeOut

You can try not specifying "mode=https" as that's comes from URL in newer version. The more likely possibility is your web server REQUIRES some newer SSL version. I'm not sure what /tool/fetch negotiates but a packet sniffer* would help. * Pro Tip: you can use Mikrotik's TSZP support to &q...
by Amm0
Tue Sep 24, 2024 8:04 pm
Forum: Scripting
Topic: get variables from file [SOLVED]
Replies: 3
Views: 637

Re: get variables from file [SOLVED]

In 7.15+, you should be able to use the new [:deserialize from=dsv]. So for quick example... { :local kvtxt "SCRIPT_VERSION=1.2.1\r\nREQ_ID=01J8C5ZV2AY6V6HWEB6F4HQJW5\r\nREQ_IP=172.21.104.34\r\nREQ_FAMILY=1\r\nREQ_CREATED=2024-09-22 06:16:32" # now use :deserialize to get an RouterOS array...
by Amm0
Tue Sep 24, 2024 6:36 pm
Forum: General
Topic: RoS 7.16 RC4 mDNS
Replies: 34
Views: 3780

Re: RoS 7.16 RC4 mDNS

FWIW, in a quick google, tailscale does NOT offer a solution to mDNS over WG either: https://github.com/tailscale/tailscale/issues/1013
by Amm0
Tue Sep 24, 2024 6:28 pm
Forum: General
Topic: RoS 7.16 RC4 mDNS
Replies: 34
Views: 3780

Re: RoS 7.16 RC4 mDNS

Wireguard does not support multicast, and mDNS needs multicast... so not possible. The mDNS support in 7.16 is just an "mDNS repeater", so the resulting "repeated" multicast can not be forwarded over WG. And why I've long argued that /ip/dns should act as mDNS/DNS-SD "Discov...
by Amm0
Tue Sep 24, 2024 5:22 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11094

Re: Router OS 7 on UEFI

I did file a feature request for an "proper" EFI image for CHR, SUP-144667, earlier this year. I got usual non-comitals "Thank you for the suggestion, we will consider it". So if someone using Hyper-V or other VM platform that needs EFI image to work... I'd recommend filing a tic...
by Amm0
Tue Sep 24, 2024 3:50 pm
Forum: Scripting
Topic: ✂ Rextended Fragments of Snippets
Replies: 105
Views: 86143

Re: ✂ Rextended Fragments of Snippets

It is made with artificial intelligence, since at least in this case imagination is useful...
While it got the wine... but c'mon, dutch impressionist art. And two door handles, although you are a security conscience guy. Always something wrong with these LLMs ;).
by Amm0
Tue Sep 24, 2024 3:09 pm
Forum: The Dude
Topic: Dude Client/Server communication security
Replies: 4
Views: 496

Re: Dude Client/Server communication security

Dude uses the same winbox protocol to communicate between the windows client and dude server package. So it's as safe as winbox protocol, which docs suggest: DH-1984 for key exchange and modified and hardened RC4-drop3072 encryption to secure the session. There is no choice on Dude login for Secure ...
by Amm0
Tue Sep 24, 2024 6:03 am
Forum: General
Topic: Script failing after upgrade 175.3
Replies: 2
Views: 304

Re: Script failing after upgrade 175.3

:foreach I in=[/ip firewall address-list find list=port_scanners_list] do={ /tool e-mail send to=myemail@gmail.com subject="port_scanners_list" body=("IP added " . [/ip firewall address-list get $i address])}
by Amm0
Tue Sep 24, 2024 1:46 am
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1270
Views: 231147

Re: 📣 WinBox 4 is here 📣

I'm running beta 6 on MacOS13. [...] Error: "Could not connect. MacConnection syn timeout" Did you look in System Preferences under Security > Firewall? There are setting to that control "incoming connections", it has to allow it from "downloaded apps". See https://sup...
by Amm0
Mon Sep 23, 2024 7:30 pm
Forum: Announcements
Topic: MikroTik Devices Controller
Replies: 374
Views: 256322

Re: MikroTik Devices Controller

FWIW, Dude client still works on latest MacOS Sequoia + homebrew's wine@devel. Since the client will re-download itself for another version, that even work still (since I connected to v7.16rc4 Dude). Screenshot 2024-09-23 at 9.06.59 AM.png To @infabo, the Dude server package fits on a Chateau LTE12 ...
by Amm0
Mon Sep 23, 2024 5:39 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11094

Re: Router OS 7 on UEFI

EDIT: Confirmed , the first few sectors (the relevant ones, MBR, Efi Part and the two entries in EFI partition tables) are identical between the original chr-7.15.3.img image and the modified raw one chr-7.15.3.uefi-fat.raw, so the original gdisk script does nothing to it. We have been barking up t...
by Amm0
Mon Sep 23, 2024 3:53 am
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11094

Re: Router OS 7 on UEFI

The errors should prevent gdisk from writing the changes, thus the image before and after running the original gdisk script should remain unchanged. Well, you know, it works in UTM+Apple, but got errors with gdisk during build. I re-ran the build just now, and got what's below for @kriszos's script...
by Amm0
Mon Sep 23, 2024 12:38 am
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11094

Re: Router OS 7 on UEFI

@Ammo What Is strange from your report is that - in theory - the original script should not work at all on the 7.15.3 as gdisk should refuse to write the modifications due to the errors. I have no idea. As I said, at least for Apple Virtualization EFI, 7.15.3 works with @krisnos's script. Screensho...
by Amm0
Sun Sep 22, 2024 10:25 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11094

Re: Router OS 7 on UEFI

I have "fat-chr" builder at GitHub that uses @krisnos's script to support UTM's native Apple Virtualization support (which requires EFI). I replaced the script with @jaclaz's version, but that did not work. UTM does not really report errors - so not sure what's wrong - but it does NOT star...
by Amm0
Sun Sep 22, 2024 7:39 pm
Forum: General
Topic: ECMP recursive routes
Replies: 38
Views: 4707

Re: ECMP recursive routes

FWIW... I don't show recursive route in the example for the same reason as I don't use PCC: the config gets complex. And complexity is another way to get outages, which is what you're trying to avoid by having multiple WANs ;). So I perfer "netwatch script" to just disable routes for these...
by Amm0
Sun Sep 22, 2024 7:09 pm
Forum: General
Topic: ECMP recursive routes
Replies: 38
Views: 4707

Re: ECMP recursive routes

Back to post #34 , is ECMP effective with recursive routes and can recursive routes be used for load-balancing? Yes, as long as you want things split "equally" between the WANs. It's ONLY when you wanted to a split like 66% to WAN1 and 33% to WAN2) you CANNOT do per @mrz. The recursive ro...
by Amm0
Sat Sep 21, 2024 11:41 pm
Forum: General
Topic: :find vs. find
Replies: 3
Views: 475

Re: :find vs. find

As noted, it's really TWO different commands. But it generally get the right one since when you [find]... The reason is kinda dorky... the [] cause a new subprocess, but it take the "path" of the part of the "parent command" as the context of what's inside. So with something like...
by Amm0
Sat Sep 21, 2024 11:21 pm
Forum: Announcements
Topic: MikroTik Devices Controller
Replies: 374
Views: 256322

Re: MikroTik Devices Controller

Seen the screenshots of Dude and I was deeply frightened - I wasn't brave enough to install it. Basically I did not want to find out if it is Wine compatible. What's nice is you don't need the "scary" 32-bit X86 Dude client running all the time... the client just configures the "serv...
by Amm0
Sat Sep 21, 2024 11:19 pm
Forum: Announcements
Topic: MikroTik Devices Controller
Replies: 374
Views: 256322

Re: MikroTik Devices Controller

Seen the screenshots of Dude and I was deeply frightened - I wasn't brave enough to install it. Basically I did not want to find out if it is Wine compatible. What's nice is you don't need the "scary" 32-bit X86 Dude client running all the time... the client just configures the "serv...
by Amm0
Sat Sep 21, 2024 9:24 pm
Forum: Announcements
Topic: MikroTik Devices Controller
Replies: 374
Views: 256322

Re: MikroTik Devices Controller

One reason why people ask for or need a controller software: https://forum.mikrotik.com/viewtopic.php?t=211094 That would appear to be advertisement for "The Dude" IMO. ;) The problem in that post is using winbox to view dozens of logs from different routers. That is easily solvable by re...
by Amm0
Sat Sep 21, 2024 1:12 am
Forum: General
Topic: Add default router to another table (not main)
Replies: 3
Views: 443

Re: Add default router to another table (not main)

Actaully I can't also create a second SSTP server wit a static destination only, specified on another profile. How can I run SSTP server with different profiles?
Sure, just copy the existing profile used by SSTP (likely default-encyrption) and create a new one under PPP Profiles.
by Amm0
Sat Sep 21, 2024 1:10 am
Forum: General
Topic: Add default router to another table (not main)
Replies: 3
Views: 443

Re: Add default router to another table (not main)

Any route in a routing table has to exist ALSO in main. That is just the rules. You can however always the distance= on static routers or some "default-route-distance=" option on tunnels/DHCP-client/LTE/etc to control which is used. Using higher "distance=" means even if a defaul...
by Amm0
Sat Sep 21, 2024 1:06 am
Forum: General
Topic: srcnat stops working after running for a little while when SSTP reconnects
Replies: 3
Views: 482

Re: srcnat stops working after running for a little while

In the snippet, nothing jumps out. One easy thing you do is lower the keepalive on the SSTP connection, default is 1m before it reconnects, a lower timeout like 15s might be good (as perhaps you're not waiting long enough before rebooting since today it be at least 1 minute ;)). But often some subtl...
by Amm0
Fri Sep 20, 2024 7:16 pm
Forum: Containers
Topic: Container Support to MIPS Architeture
Replies: 26
Views: 16623

Re: Container Support to MIPS Architeture

Hello I'm instalied 7.16rc4 on RB493G and I cant found Metarouter and I tried enable container but after reboot it's not there. Please add support any virtualization for mips. Metarouter is only for V6, and disabled in V7.... And, containers ("Docker") are NOT supported on MIPS - only ARM...
by Amm0
Fri Sep 20, 2024 7:09 pm
Forum: RouterOS beta
Topic: Zerotier interfaces stops working after a PPPoE wan flap (7.2rc4-7.2rc7, maybe 7.2)
Replies: 9
Views: 4442

Re: Zerotier interfaces stops working after a PPPoE wan flap (7.2rc4-7.2rc7, maybe 7.2)

I'd make sure that ZeroTier instance ("zt1") is NOT listening on raw interface that PPPoE is using. ZT does a lot of probing to find path and punch holes, so it doing that on the "real" interface, not PPPoE on top, seems like a bad idea. And the default is "/zerotier/set zt1...
by Amm0
Fri Sep 20, 2024 7:02 pm
Forum: Containers
Topic: Containers wont start on RB3011 UiAS Topic is solved
Replies: 29
Views: 1602

Re: Containers wont start on RB3011 UiAS Topic is solved

Curious. If it gets to "stopped", then we know it got extracted and all the pre-req are there. Likely the cmd or entrypoint are wrong (i.e. it cannot find the path+process to start). It also could be the root-disk is going to flash or something with the disks. What container are you trying...
by Amm0
Fri Sep 20, 2024 6:52 pm
Forum: Announcements
Topic: v7.16rc [testing] is released!
Replies: 362
Views: 112158

Re: v7.16rc [testing] is released!

no, not when like for me my routerboard keeps rebooting itself and disturbing my work. They need to get the base OS stable. Is your router rebooting in v7.16rc? FWIW, generic complaints help no one - if you find something not working, write up the forum or support case if it's a bug (with a supout....
by Amm0
Fri Sep 20, 2024 6:00 pm
Forum: Containers
Topic: Installation of nginx proxy manager on 7.15 routers
Replies: 2
Views: 4531

Re: Installation of nginx proxy manager on 7.15 routers

I've been using Traefik for past year as RouterOS container and that works well for me. This thread (despite the title) covers both Traefik and NGNIX proxy manager: https://forum.mikrotik.com/viewtopic.php?t=195259&hilit=traefik Specific to NgnixProxyManager, see: Everything you need is in these...
by Amm0
Fri Sep 20, 2024 3:18 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11094

Re: Router OS 7 on UEFI

The issue here is not complicated, @kriszos explains it: Also partition that has efi files on it is formatted as ext2 so it is not in line with UEFI standard which require that EFI files are stored on FAT/16/32 partition. So it not really the "hybrid" MBR/GPT disk partitioning that's the i...
by Amm0
Thu Sep 19, 2024 11:16 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11094

Re: Router OS 7 on UEFI

FWIW, I packaged @kriszos into a GitHub project that run it run a GitHub Action, see here: https://github.com/tikoci/fat-chr With the GitHub re-packaged CHR disk image with UEFI support going to the "Releases" section on the project. For example, 7.15.3: https://github.com/tikoci/fat-chr/r...
by Amm0
Thu Sep 19, 2024 3:52 pm
Forum: Scripting
Topic: fetch failure: maximum connection count reached
Replies: 5
Views: 559

Re: fetch failure: maximum connection count reached

You could try the current "stable" version 7.15.3, although I'm not sure that help here...but perhaps. I'd look at your firewall configuration, specifically ensure something is not be blocked. Fetch is a "local process" in the Packet Flow Diagram, so firewall is not applied same ...
by Amm0
Thu Sep 19, 2024 3:26 pm
Forum: Announcements
Topic: Question to our users about controllers
Replies: 58
Views: 14035

Re: Question to our users about controllers

I like the hope... Do we not think that 3MB Winbox 3 vs 50MB Winbox4 = Controller already buit-in Winbox4 but dissabled ?? But... the size difference is because winbox3 uses Windows GDI, so the UI rendering comes from an existing Window's DLL that dynamically loaded and not "inside" of win...
by Amm0
Thu Sep 19, 2024 3:13 pm
Forum: Scripting
Topic: fetch failure: maximum connection count reached
Replies: 5
Views: 559

Re: fetch failure: maximum connection count reached

Yup, mode=https has to match the URL as @rextended points out. Although mode=https is not need since the URL is used to determine mode= protocol, so removing it may help too. You can store the result from fetch into a variable, and log that result for debugging if that not the only issue: :local fet...
by Amm0
Thu Sep 19, 2024 3:02 pm
Forum: General
Topic: The logic of Filter Rules
Replies: 4
Views: 514

Re: The logic of Filter Rules

True. Specifically, this chart:
Image
by Amm0
Thu Sep 19, 2024 7:37 am
Forum: Wireless Networking
Topic: iOS 18 Wi-Fi connectivity issue [SOLVED]
Replies: 71
Views: 4292

Re: iOS 18 Wi-Fi connectivity issue [SOLVED]

or if all else fails, roll back to iOS 17. Or... try wifi configuration using defaults (only country is required) - just to see if work with iOS 18. Specifically trying ft=no, since that seems an area that could be broken. Or, perhaps try the 7.16rc "testing" with your current configurati...
by Amm0
Thu Sep 19, 2024 7:24 am
Forum: Wireless Networking
Topic: CA band working intermittently on hAP ax lite LTE6
Replies: 7
Views: 449

Re: CA band working intermittently on hAP ax lite LTE6

CA can easily be "lost" due many conditions in the carriers network and tower... So it being "intermittent" is not surprising & and without 5G band your CA "possibilities" with R11e-LTE6 modems are limited. One thing uou can do is add a netwatch that pings using LTE...
by Amm0
Thu Sep 19, 2024 4:17 am
Forum: Announcements
Topic: Question to our users about controllers
Replies: 58
Views: 14035

Re: Question to our users about controllers

It is more about what you would actually use, what you actually need. High level: An update to The Dude server+client would be a great first step... Big Lebowski is right: “That rug really tied the room together.” Rational: All the underpinnings for a "controller" are already in the Dude ...
by Amm0
Thu Sep 19, 2024 1:21 am
Forum: Containers
Topic: Running Node Red on container, which one?
Replies: 10
Views: 1023

Re: Running Node Red on container, which one?

I wrote this up a while back in related post from you ;) See https://forum.mikrotik.com/viewtopic.php?t=195386&hilit=nodered#p996644 You can follow the Pi-Hole example, to enable containers - just use a different mount and envs & /container/add would use "remote-image=nodered/node-red&q...
by Amm0
Thu Sep 19, 2024 1:00 am
Forum: General
Topic: ECMP recursive routes
Replies: 38
Views: 4707

Re: ECMP recursive routes

Basically my suggestion is never use ECMP in the "main" routing table and you avoid a lot of unknowns here. that's why I requested an export or example, but I can wait for a more in-deep explanation I created simplified/partial example config to show using a routing table for ECMP below, a...
by Amm0
Thu Sep 19, 2024 12:16 am
Forum: Beginner Basics
Topic: Playing with VRFs - what am I doing wrong?
Replies: 21
Views: 1433

Re: Playing with VRFs - what am I doing wrong?

in his words making the Mikrotik a "kind of L2 router", but that I prefer to consider a "cleverly configured" switch. Either way if you wanted a "Layer2 Centric 'Router'"... there are plenty of tricks to be had in /interface/bridge/nat and /interface/bridge/filter if L...
by Amm0
Wed Sep 18, 2024 9:50 pm
Forum: General
Topic: May you recomend me an SSTP VPN service?
Replies: 9
Views: 853

Re: May you recomend me an SSTP VPN service?

Amm0 I would ask you if I understand good, Oracle's gives a free of cost cloud forever, where is possible somehow to run a CHR image? Have you done it? Is it working ok? Where the server is located? I haven't tried their cloud. And your locale may add more complication, dunno. But some folks in for...
by Amm0
Wed Sep 18, 2024 9:44 pm
Forum: General
Topic: MQTT to Home Assistant
Replies: 23
Views: 4218

Re: MQTT to Home Assistant

I don't think I will spend time on the Lora [...] There seems to be an existing Things Network integration for Home Assistant, so there is probably not a lot of value to add. If your KNOT is a LoRa-enabled one... I'll note there are a lot of fun LoRaWAN sensors available, for a lot weird things, th...
by Amm0
Wed Sep 18, 2024 9:21 pm
Forum: Beginner Basics
Topic: Playing with VRFs - what am I doing wrong?
Replies: 21
Views: 1433

Re: Playing with VRFs - what am I doing wrong?

If the LAN side is also on 192.168.1.x/24? :? While you can generally pick your own LAN side subnet to NOT conflict (further), and avoid these esoteric RouterOS questions... But let's assume LAN absolutely has to be 192.168.1.1 and two WANs have to be 192.168.1.1... AFAIK that too should be fine wi...
by Amm0
Wed Sep 18, 2024 7:18 pm
Forum: Beginner Basics
Topic: Playing with VRFs - what am I doing wrong?
Replies: 21
Views: 1433

Re: Playing with VRFs - what am I doing wrong?

Sure, there are use cases for VRFs. More just saying that having multiple same subnets are allowed without VRF. Now it means the default route 0.0.0.0/0 needs to be % qualified, so gateway=192.168.1.1 %etherX-toWAN-Y . Failover happens by using check-gateway=ping (or more complex netwatch/recursive ...
by Amm0
Wed Sep 18, 2024 6:27 pm
Forum: Beginner Basics
Topic: Playing with VRFs - what am I doing wrong?
Replies: 21
Views: 1433

Re: Playing with VRFs - what am I doing wrong?

experiments with VRFs to implement an automatic failover between 2 ISPs Maybe I'm missing something here... But what is the point of using VRF for ISP failover? — VRFs have nothing to do with "automatic failover". Failover works without VRFs, and so layering VRF on top of failover mechani...
by Amm0
Tue Sep 17, 2024 9:16 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1270
Views: 231147

Re: 📣 WinBox 4 is here 📣

UI suggestion - Ability to disable labels, like "CPU" or "Memory (Free/Used/Total)", in the "Resource panel" aka status bar. i.e. have some "icons only" option in settings for status/"resource panel". Currently, it often wraps the labels, which looks...
by Amm0
Tue Sep 17, 2024 8:18 am
Forum: Beginner Basics
Topic: Missing SNMP Entries On hAP ac^3 [SOLVED]
Replies: 2
Views: 513

Re: Missing SNMP Entries On hAP ac^3 [SOLVED]

Nope. See viewtopic.php?t=190932 - there is workaround to use bridge hosts there, maybe that be a workaround.
by Amm0
Mon Sep 16, 2024 11:39 pm
Forum: Beginner Basics
Topic: Problem with VLANs and Bridge
Replies: 18
Views: 1089

Re: Problem with VLANs and Bridge

The current full config be helpful to know what's going on at this point. It hard to follow all the changes/testing to know what is going on where. One tip is that /tool/torch can sometime help clarify what traffic is flowing where when dealing with the bridge. And how do you explain that ether8 whi...
by Amm0
Mon Sep 16, 2024 11:21 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1270
Views: 231147

Re: 📣 WinBox 4 is here 📣

It could be good also for branding, not only for whiners who don't fully appreciate your design choices. ;) Two birds with one stone. On the branding topic... - Some "white label" version of winbox4, without any logos, be nice at some point. The old winbox was pretty generic and did not h...
by Amm0
Mon Sep 16, 2024 10:52 pm
Forum: Announcements
Topic: v7.15.3 [stable] is released!
Replies: 655
Views: 256054

Re: v7.15.3 [stable] is released!

What else should I change? The topic, please. This one is not the right place for discussing this, create a new one. Very true. Just to close this out... since the permission have changed somewhat recently (but NOT in this release). Poster with fetch is using netwatch, which has restricted permissi...
by Amm0
Mon Sep 16, 2024 10:44 pm
Forum: Beginner Basics
Topic: Problem with VLANs and Bridge
Replies: 18
Views: 1089

Re: Problem with VLANs and Bridge

Quick thoughts: - When 7.16 comes out, the bridge will be automatically marked as tagged, by virtue of use of a pvid= on /interface/bridge/port and/or having a /interface/vlan that listens on VLAN-enabled bridge (or using MVRP). So the need to muck with /interface/bridge/vlans should be limited to o...
by Amm0
Mon Sep 16, 2024 7:25 pm
Forum: General
Topic: Cannot ping from console VETH interface in containers bridge
Replies: 4
Views: 441

Re: Cannot ping from console VETH interface in containers bridge

Hence I've assumed it was a bug. But I admit it could be a "half baked" 7.16 change that has somehow leaked to 7.15.3. Entirely possible. I created/use a netinstall container . I know this worked at some point in past with a VETH on a vlan-enabled=yes bridge. But stopped worked in ~7.15, ...
by Amm0
Mon Sep 16, 2024 6:13 pm
Forum: Wireless Networking
Topic: LoRa point-to-point
Replies: 2
Views: 543

Re: LoRa point-to-point

True. While not PtP... one option is to run your own LNS/etc service to relay between devices You can run something like https://www.chirpstack.io as a container to do this (on ARM/X86 things, but not the KNOT) so it's still be self-contained without the cloud.
by Amm0
Mon Sep 16, 2024 5:38 pm
Forum: General
Topic: May you recomend me an SSTP VPN service?
Replies: 9
Views: 853

Re: May you recomend me an SSTP VPN service?

Or you can use CHR on a remote/cloud VPS. Never tried it, but there was a recent thread about CHR on Oracle's "free forever" cloud:
viewtopic.php?t=188848
I'm sure there are hosting service for CHR too.
by Amm0
Mon Sep 16, 2024 5:29 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1270
Views: 231147

Re: 📣 WinBox 4 is here 📣

I got a crash report (look like null pointer) from MacOS (14.6.1 / X86), soon after coming out of sleep: Crashed Thread: 0 Dispatch queue: com.apple.main-thread Exception Type: EXC_BAD_ACCESS (SIGSEGV) Exception Codes: KERN_INVALID_ADDRESS at 0x0000000000000000 Exception Codes: 0x0000000000000001, 0...
by Amm0
Mon Sep 16, 2024 3:49 am
Forum: Scripting
Topic: Rest API port reset [SOLVED]
Replies: 8
Views: 8066

Re: Rest API port reset [SOLVED]

di I get it right, that it's possible to turn on / off PoE with the API by sending a POST or PUT to the switch? Well, POST and PATCH .... PUT is for creating NEW records like "add" at CLI... but ethernet ports always exist so you need "PATCH" which same as CLI "set". P...
by Amm0
Mon Sep 16, 2024 3:16 am
Forum: Wireless Networking
Topic: Ax3 WiFi ignores access list [SOLVED]
Replies: 6
Views: 654

Re: Ax3 WiFi ignores access list [SOLVED]

... really wierd...
Yup. FWIW, the docs on how this works are lacking . My guess it operates a "matcher"/selector, not like the firewall "filter"/etc - or at least that how I rationalize the logic here.
by Amm0
Mon Sep 16, 2024 1:22 am
Forum: Wireless Networking
Topic: Ax3 WiFi ignores access list [SOLVED]
Replies: 6
Views: 654

Re: Ax3 WiFi ignores access list [SOLVED]

The interface or SSID to which connections should be denied is not specified. It worked well this way on HAP ac2. But i tried to specify interfaces in each entry- still ignored. The key is you need one that to be matched, just accept without ANYTHING will get skipped - or at least that's what I've ...
by Amm0
Sat Sep 14, 2024 9:52 pm
Forum: Scripting
Topic: Baffled by global variable behavior in scripting
Replies: 1
Views: 340

Re: Baffled by global variable behavior in scripting

It's just odd. But this is the documented behavior for recent versions: policy - policy that grants user management rights. Should be used together with the write policy. Allows also to see global variables created by other users (requires also 'test' policy). (from https://help.mikrotik.com/docs/di...
by Amm0
Fri Sep 13, 2024 10:23 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1270
Views: 231147

Re: 📣 WinBox 4 is here 📣

And all Cyrillic comments are unreadable in WinBox 4 It seems that winbox4 uses UTF-8 (finally), just like (probably) your web browser running webfig. True. But PSA there is still only one config that store things... And config just stores the bytes as provided from whatever UI/CLI. So can enter Cy...
by Amm0
Fri Sep 13, 2024 5:22 pm
Forum: Scripting
Topic: Syntax highlighting and completions for Sublime Text
Replies: 44
Views: 87266

Re: Syntax highlighting and completions for Sublime Text

I'm looking to significantly improve the syntax definition for ST4 to provide context-aware completions and wonder if someone from the MikroTik team could reach out to me and provide a full list of commands w/ parameters. As I understand some packages are only available on certain hardware and I on...
by Amm0
Fri Sep 13, 2024 5:13 pm
Forum: Scripting
Topic: check netwatch with api
Replies: 2
Views: 1136

Re: check netwatch with api

And the 2nd example would need to use a POST, not a GET (which is curl's default HTTP method). In RouterOS REST API, the POST method mimics the native API. For curl you need a "-X POST" to use the more CLI commands like print: curl -k -u admin:password - X POST https://192.168.88.1:443/res...
by Amm0
Fri Sep 13, 2024 5:06 pm
Forum: Scripting
Topic: cUrl->tool fetch
Replies: 1
Views: 280

Re: cUrl->tool fetch

Good afternoon. I ask for help in adapting the script. curl -X 'POST' \ 'https://wappi.pro/api/sync/message/send?profile_id=a53331f5-8845' \ -H 'accept: application/json' \ -H 'Authorization: 5232ab589f823063605b0274d3d3031d83ea841' \ -H 'Content-Type: text/plain' \ -d '{ "recipient": &qu...
by Amm0
Fri Sep 13, 2024 4:51 pm
Forum: General
Topic: RouterOS CHR limits bandwidth to ~400Mbit....
Replies: 25
Views: 1318

Re: RouterOS CHR limits bandwidth to ~400Mbit....

Which again points at CHR itself rather than at virtualization platform.
Yup. I'd look at the CPU usage on the Proxmox host, if CPU is low there, but CHR is high... you should increase the CPU cores assigned to CHR. Or perhaps memory too.
by Amm0
Fri Sep 13, 2024 4:37 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1270
Views: 231147

Re: 📣 WinBox 4 is here 📣

Great work, very creative solution to "dropdown vs tabs". Yes, and that one will stay for now. As seen in the thread, it is a much more divisive topic, than main window Tabs Are you sure? I'm just not sure there are that many fan of the "webfig-like dialogs". While the minority, ...
by Amm0
Fri Sep 13, 2024 3:51 pm
Forum: Announcements
Topic: Newsletter #114 | September 2023
Replies: 80
Views: 18323

Re: Newsletter #114 | September 2023

Mikrotik typically* does list CA bands in the "Brochure" of LTE products. And 2 x B3 is consistent with those specs for FG621 modem (e.g. new R11eL-FG621-EA) : Screenshot 2024-09-13 at 5.45.36 AM.png * except on the modem itself, see https://mikrotik.com/product/r11el_fg621_ea#fndtn-downlo...
by Amm0
Fri Sep 13, 2024 3:15 am
Forum: Announcements
Topic: NEW FEATURE: Back to Home VPN
Replies: 353
Views: 329057

Re: NEW FEATURE: Back to Home VPN

i was trying with facebook messenger. teams , whatsapp and messenger - all working Well, the share link returns HTML that requires JavaScript. So if FB tries to "unfurl" (e.g. click the link, to summarize content for a message stream), the BTH link is only a redirect to the App Store with...
by Amm0
Fri Sep 13, 2024 12:10 am
Forum: Containers
Topic: Containers won't start after power loss
Replies: 8
Views: 7240

Re: Containers won't start after power loss

Yeah... And the "Start at boot" is kinda of "one-and-done" situation. If the disk ain't mounted, for any reason, container won't start. It's not just limited USB, but stuff like ROSE+NFS for containers you'll also see this sometimes (or at least I have, occasionally). A schedule ...
by Amm0
Thu Sep 12, 2024 11:50 pm
Forum: General
Topic: Plain rsync using rose package
Replies: 3
Views: 370

Re: Plain rsync using rose package

And there is no USB on the RB750G either. And, with only 1G RAM... using a ram-disk (that could be persist to SD) for rsync isn't likely going to work either. Found out that an sdcard it is not the best storage for what I need. Perhaps, but SD card do have different speed rating/classes. And... also...
by Amm0
Thu Sep 12, 2024 9:33 pm
Forum: General
Topic: ECMP recursive routes
Replies: 38
Views: 4707

Re: ECMP recursive routes

Well, learn something new. In OP example they are not the same, what is intended is to try to install forwarding path over ether1 twice and through ether2 once, leading to forwarding where ether1 is chosen twice as much as ether2. This is not going to work in v7, because, like I said previously, equ...
by Amm0
Thu Sep 12, 2024 4:24 pm
Forum: General
Topic: Plain rsync using rose package
Replies: 3
Views: 370

Re: Plain rsync using rose package

Rsync and SMB/NFS should work If you add ROSE package from the "extra-packages". And ROSE can access file an SD card for either "sharing" or plain rsync. SCP should work without ROSE since a native feature. Although SCP would use RouterOS credentials, not ROSE things. But... ther...
by Amm0
Thu Sep 12, 2024 3:51 am
Forum: Scripting
Topic: Scripting using /system telnet
Replies: 4
Views: 536

Re: Scripting using /system telnet

If the device support SSH, that could be an option (/system ssh-exec)... But there not same for telnet.
by Amm0
Wed Sep 11, 2024 10:43 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1270
Views: 231147

Re: 📣 WinBox 4 is here 📣

Not sure if anyone has mention, but with multiple winbox4 windows... they all appear as seperate icon in MacOS's launchbar. Normally multiple windows of an application, still only have one icon in the launchbar with the various window name showing in the context menu. The current "one icon per ...
by Amm0
Wed Sep 11, 2024 10:17 pm
Forum: General
Topic: Odd LTE issue
Replies: 13
Views: 854

Re: Odd LTE issue

In easy things to try... setting the mode to "IPv4" instead "auto" in the APN is worth a shot. Somehow there is an IPv6 DNS query that got responded in the sniff above... so I wonder what the mode setting is actually worth :D Yeah I saw the IPv6 in the torch ;) (that, and some L...
by Amm0
Wed Sep 11, 2024 9:35 pm
Forum: General
Topic: Odd LTE issue
Replies: 13
Views: 854

Re: Odd LTE issue

I guess tend to believe the modem is providing the funky IP address based on what's coming from the carrier... and RouterOS is just passing it along. Adding "lte" as log topic will shows how the LTE data session setup in the log, which I suspect might have some clues here. I'm not the expe...
by Amm0
Wed Sep 11, 2024 8:43 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1270
Views: 231147

Re: 📣 WinBox 4 is here 📣

The software engineer in me dreams of a more fully-featured script editing window with line numbers and maybe even syntax highlighting :) Or, perhaps just even mouse navigation support in the existing Terminal window... i.e. click/scroll in the terminal window when the CLI "edit" is shown...
by Amm0
Wed Sep 11, 2024 4:55 am
Forum: General
Topic: Suggestion to MikroTik - market verticals
Replies: 14
Views: 919

Re: Suggestion to MikroTik - market verticals

Tend to agree with @StubArea51 and others. But where I'd agree with OP is the area of "policy". It's often not granular/flexible enough to deal with some kinds of deployment (i.e. where you might have some "customer" account as well as the "admin" one). And while "...
by Amm0
Wed Sep 11, 2024 3:49 am
Forum: The Dude
Topic: Alert with the Dude
Replies: 1
Views: 523

Re: Alert with the Dude

There are notifications in Dude that function like alerts: https://wiki.mikrotik.com/wiki/Manual:The_Dude_v6/Notifications (it's a two-step process... once to setup the notification mechanism/parameters, and another to apply that notification type to probe/device). Three way to do this: - You can us...
by Amm0
Tue Sep 10, 2024 6:36 pm
Forum: General
Topic: Odd LTE issue
Replies: 13
Views: 854

Re: Odd LTE issue

Not to go back to basics here... but I notice "EE" as the carrier. Is the APN set correctly? AFAIK, EE uses some funky scheme to configure the APN. See https://forum.mikrotik.com/viewtopic.php?p=747903&hilit=eesecure#p747903 (and make sure "Use Network APN" is unchecked when ...
by Amm0
Tue Sep 10, 2024 8:11 am
Forum: Scripting
Topic: The start parameter of the :find function
Replies: 6
Views: 495

Re: The start parameter of the :find function

IMO it's really the docs could be clearer. The example shows a -1, so they give you the clue at least...clarity be better. In formal sense, the <start> is exclusive of itself, so it mean "search- after -this-index" or "start-after=-1:... and next number after -1 is 0, which is the sta...
by Amm0
Tue Sep 10, 2024 5:16 am
Forum: RouterBOARD hardware
Topic: LtAP mini external antenna ....querie !
Replies: 9
Views: 2773

Re: LtAP mini external antenna ....querie !

To come back to your discussion: The ltap mini needs 2 cable to the antenne for better performance ? Thamks J. Almost certainly* an external antenna would help. Mikrotik does sell the parts, see https://cdn.mikrotik.com/web-assets/product_files/guide_wapr_180135.pdf (while show wAP, LtAP mini have ...
by Amm0
Tue Sep 10, 2024 4:37 am
Forum: Scripting
Topic: /tool fetch vs. :tool fetch and /ping vs. :ping
Replies: 5
Views: 431

Re: /tool fetch vs. :tool fetch and /ping vs. :ping

It's style. Internally, they function the same (at the top level, that is). To test that, /console/inspect allow scripting access to the stuff like CLI completion... so you can see both : and / result in the same number of options (and using / instead of : work same too). :put [:len [/console/inspec...
by Amm0
Tue Sep 10, 2024 2:13 am
Forum: General
Topic: RouterOS CHR limits bandwidth to ~400Mbit....
Replies: 25
Views: 1318

Re: RouterOS CHR limits bandwidth to ~400Mbit....

Or just spin a CHR on the same prox host without any config just with BTest server, can't see a reason why it can take more than 2 minutes to do so True. But guess all path will still show half. I'll bet that CHR is using E1000 emulated network card, since AFAIK that's the default for a new VM. I h...
by Amm0
Tue Sep 10, 2024 1:49 am
Forum: General
Topic: RouterOS CHR limits bandwidth to ~400Mbit....
Replies: 25
Views: 1318

Re: RouterOS CHR limits bandwidth to ~400Mbit....

Unfortunately RouterOS does not allow me to run a speedtest and the proprietary "Bandwidth Test" is pretty annoying because I'd need another instance somewhere which for one I do not have and also does not give me same results as just the speedtest CLI test. Another forum member runs as p...
by Amm0
Tue Sep 10, 2024 1:28 am
Forum: General
Topic: CCR2004 as ZeroTier VPN concentrator
Replies: 5
Views: 454

Re: CCR2004 as ZeroTier VPN concentrator

I 100% agree with @larsa. Although have not specifically tried a CCR2004...but most of performance comes from the switch chip, not the CPU. And CPU is needed for ZT, or even WG AFAIK. As @larsa importantly notes RouterOS is both older version and lacks the full range of configuration options, that l...
by Amm0
Mon Sep 09, 2024 11:50 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1270
Views: 231147

Re: 📣 WinBox 4 is here 📣

A combo of windows that used to be tabs can now be seen at same time . Very powerful if used with workspaces. You need to get past the initial jarring effect of change first. Then all will become clearer. Going back to old ways is not the way forward. +1, agree. They just don't go far enough... sin...
by Amm0
Mon Sep 09, 2024 10:11 pm
Forum: Scripting
Topic: The start parameter of the :find function
Replies: 6
Views: 495

Re: The start parameter of the :find function

Is this designed to be like this? Yes. RouterOS uses 0-based indexes for variables/array/string, so -1 is before the first is logical. But... totally agree the docs are vague on find's parameters. Especially since params are different if "find" is an operator on a command (instead of a va...
by Amm0
Mon Sep 09, 2024 7:21 pm
Forum: General
Topic: www-ssl secure?
Replies: 5
Views: 490

Re: www-ssl secure?

@mkx my main point was the password storage is likely a better issue (assuming one is using "www-ssl" and not "www"). The example shows credentials stored inside the script, which I think is bad practice... For Linux .netrc is good suggestion. But I think OP is using Windows Powe...
by Amm0
Mon Sep 09, 2024 5:53 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1270
Views: 231147

Re: 📣 WinBox 4 is here 📣

Few more minor issues: - On first login screen, the "Neighbors" has checkboxes next to them but they do nothing. i.e. if one is checked, it does NOT become the "Connect to". And allows multiple ones to be selected, but again no actions other than a checkmark showing in UI. - In I...
by Amm0
Mon Sep 09, 2024 12:22 am
Forum: General
Topic: www-ssl secure?
Replies: 5
Views: 490

Re: www-ssl secure?

... it seems you're using www-ssl, so this shouldn't be an issue. Agree that best you can do. Password should be encrypted (at least to key size of certificate used for it) But I'd add it's important to consider the calling script has the username/password stored in it... so the script file should ...
by Amm0
Mon Sep 09, 2024 12:02 am
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1270
Views: 231147

Re: 📣 WinBox 4 is here 📣

I actually like the "single EXE" approach for winbox since in a lot of case that's often "less friction" than dealing with any package manager. So Mikrotik initial approach makes sense to me, especially for a management tool, in beta... That be said, I just also like some standar...
by Amm0
Sat Sep 07, 2024 9:10 pm
Forum: The Dude
Topic: Tracking and Visualizing Device Uptime and Downtime in MikroTik Dude
Replies: 2
Views: 1079

Re: Tracking and Visualizing Device Uptime and Downtime in MikroTik Dude

Not sure if we can generate reports in any way using Dude or via ROS API . You struck one of the biggest limitation in Dude. While the Dude excels at being able to track things, esp RouterOS devices since it can use the binary winbox protocol (which likely more efficient than SNMP). Getting data ou...
by Amm0
Sat Sep 07, 2024 8:13 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1270
Views: 231147

Re: 📣 WinBox 4 is here 📣

Along those lines... I'd add a request for "branding kit support", to say apply a custom logo (or remove any logo) inside winbox4 once logged into a router?
by Amm0
Sat Sep 07, 2024 8:09 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1270
Views: 231147

Re: 📣 WinBox 4 is here 📣

Suggestions: - make the state files (settings, addresses, workspaces) human-readable e.g. by using JSON or XML format instead of binary - make the location of workspace files configurable, including having files sent to the managed router itself (as a file in the flash) +1, especially "as a fi...
by Amm0
Sat Sep 07, 2024 7:55 pm
Forum: Beginner Basics
Topic: Add alternate route
Replies: 6
Views: 703

Re: Add alternate route

I just noticed router1 and router2 are the same room... https://i.ibb.co/QvtD7FP/Network-2.jpg But the same approach would work to keep pure Layer3 static routing, just without GRE between Router1 and Router2 Router1 /interface/gre add name=gre2 local-address=<local-wanip> remote-address=<router2-wa...
by Amm0
Sat Sep 07, 2024 6:52 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1270
Views: 231147

Re: 📣 WinBox 4 is here 📣

> Linux distribution users wish for better distribution methods (unclear, many say current way is OK!) [...] Having it on Flathub would definitely simplify things - you could even link the Qt libraries dynamically, to reduce update size but that's not as important. There are a lot of Linux distro m...
by Amm0
Sat Sep 07, 2024 6:11 am
Forum: Beginner Basics
Topic: Add alternate route
Replies: 6
Views: 703

Re: Add intermediate route

I have done the above, What i am asking is, can i add alternate route, so that if one of the two GRE Tunnel is down due to internet down because of ISP then i can reach 2nd router through 1st router from 3rd Router I have edited the image so people can understand my question easily It actually the ...
by Amm0
Sat Sep 07, 2024 4:54 am
Forum: Useful user articles
Topic: WinBox for MacOS ??
Replies: 48
Views: 21316

Re: WinBox for MacOS ??

In case anyone on this thread did not see the WinBox4 beta announcement...
📣 WinBox 4 is here 📣"

So there is now a native MacOS WinBox. Still no native MacOS netinstall-cli or btest.exe however...
by Amm0
Fri Sep 06, 2024 10:50 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1270
Views: 231147

Re: 📣 WinBox 4 is here 📣

Very minor. . But in LTE firmware upgrade/check sections, the error message appears at bottom. And, the "Starting" part is not cleared upon an error. Screenshot 2024-09-06 at 11.30.13 AM.png It seems the new style error/status just below the status (which I like), but the LTE does not fol...
by Amm0
Fri Sep 06, 2024 10:18 pm
Forum: General
Topic: tool fetch xml [SOLVED]
Replies: 6
Views: 633

Re: tool fetch xml [SOLVED]

Since `curl` defaults to GET, and that works... my guess is some escaping issue in the URL - as OP show just "<some command string>" ...while the URL itself shouldn't require any escaping as shown... depending what in the ?query params part, that may need escaping. So I'd try putting quote...
by Amm0
Fri Sep 06, 2024 8:24 pm
Forum: General
Topic: Convert script to create in terminal
Replies: 4
Views: 422

Re: Convert script to create in terminal

The escaping does get tricky.

You can also use "/system/script export where name=XXXX" to get the "escaped form" of any script (and then cut-and-paste that as needed).
by Amm0
Fri Sep 06, 2024 5:46 pm
Forum: General
Topic: Odd LTE issue
Replies: 13
Views: 854

Re: Odd LTE issue

From where, remotely, or via the LAN/Wi-Fi? By default, ether1 accepts internet via DHCP, so it is NOT a LAN port. Only ether2 will give you LAN address. If it's remote, well, it depends on your LTE carrier/plan. A lot of cell carriers don't allow incoming ports (CGNAT)... so if your trying to get t...
by Amm0
Fri Sep 06, 2024 4:39 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1270
Views: 231147

Re: 📣 WinBox 4 is here 📣

Noticed when connecting to a wAPRac running 7.14.3, from a MacOS 14.6.1 (X86), the ZeroTier icon appears same as Wireguard icon. Other systems seems to correctly show blue-styled ZT logo. This has happened on beta3 and beta4. Screenshot 2024-09-06 at 6.11.21 AM.png Also, in Beta4 resizing the window...
by Amm0
Fri Sep 06, 2024 3:03 am
Forum: General
Topic: VRRP on Hyper-V instance ROS 7.15.3 not working (MAC Spoofing enabled)
Replies: 11
Views: 1274

Re: VRRP on Hyper-V instance ROS 7.15.3 not working (MAC Spoofing enabled)

Answering own question: 1. Set bridge port passed-though off vswitch frame types to admit tagged-only 2. Set bridge frame types to admit all, set PVID to the desired VLAN for VRRP packets 3. In bridge/vlans add desired VLAN to list, add bridge as untagged, port as tagged Perhaps post at least some ...
by Amm0
Fri Sep 06, 2024 2:42 am
Forum: Announcements
Topic: Updated btest.exe available for download
Replies: 21
Views: 65178

Re: Updated btest.exe available for download

UDP figures are pretty wrong in this application. You may need to lower the 2 Local/Remote UDP Tx packet size... If MTU is not 1500 along the whole, it will fragment packets which gets you a slower test result for UDP. Now the better question is when there will be an updated "btest.exe" f...
by Amm0
Fri Sep 06, 2024 2:35 am
Forum: Beginner Basics
Topic: LTE DYNAMIC PUBBLIC ADDRESS
Replies: 4
Views: 473

Re: LTE DYNAMIC PUBBLIC ADDRESS

You'd need to enable DDNS in /ip/cloud on the LTE device, then use that DNS name (snXXXX.mynetname.net) in the Dude device configuration. In Dude device, there is setting to say use DNS for IP, instead of IP that needs to be also be set in addition to the DNS name.
by Amm0
Thu Sep 05, 2024 10:41 pm
Forum: General
Topic: DHCP is offered but not bound to Brother printers only [SOLVED]
Replies: 36
Views: 2169

Re: DHCP is offered but not bound to Brother printers only [SOLVED]

It might be worth it (or at least simple) to try 7.16rc, as there were DHCP fixes in the release notes.

Cannot say your problem is what's fixed, but if it does then it's a bug in 7.15.3. If not, then running the sniffer might help figure out what/if anything the printer is sending.
by Amm0
Thu Sep 05, 2024 9:17 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1270
Views: 231147

Re: 📣 WinBox 4 is here 📣

Just don't be too harsh on us yet, first, let's celebrate that it's finally the day! I'm sure it was an enormous effort to get it this good for a beta. It did come out great for an early beta! While, I've not been a fan of this multiyear effort, because it is the Dude that needs a refresh... Now, I...
by Amm0
Wed Sep 04, 2024 7:27 pm
Forum: General
Topic: new-mss VS. clamp-to-pmtu with v7
Replies: 10
Views: 1376

Re: new-mss VS. clamp-to-pmtu with v7

Thanks @Amm0, your responses are always so clear and full of great information! This article has a lot of good info WG recommendations from ProCustodibus, specifically on MSS clamping: https://www.procustodibus.com/blog/2022/12/wireguard-performance-tuning/#mss-clamping They recommend the follow &q...
by Amm0
Wed Sep 04, 2024 6:23 am
Forum: General
Topic: new-mss VS. clamp-to-pmtu with v7
Replies: 10
Views: 1376

Re: new-mss VS. clamp-to-pmtu with v7

This all assumes the WAN used by WG on BOTH sides is 1500 MTU. It "most of the time" is 1500, so WG's 1420 MTU is right. But... for example, some PPPoE deployments might uses 1492 as MTU - which mean WG should be lower by 8 bytes.... This then effects the "manual" way of specify ...
by Amm0
Tue Aug 27, 2024 11:36 pm
Forum: Wireless Networking
Topic: wAP R - LTE interface fails at PIN "searching" state - v6 and v7
Replies: 1
Views: 327

Re: wAP R - LTE interface fails at PIN "searching" state - v6 and v7

I'd make sure the RouterBOOT matches the version you're using, that's in /system/routerboard. AFAIK, netinstall does not upgrade the bootloader.
by Amm0
Tue Aug 27, 2024 6:04 am
Forum: Forwarding Protocols
Topic: IP Directed Broadcast In CISCO Equivalent In Mikrotik
Replies: 12
Views: 1939

Re: IP Directed Broadcast In CISCO Equivalent In Mikrotik

I'm not sure there is an "equivalent". While the Linux kernel has "bc_forwarding" sysctl that is the linux version of cisco's "ip directed-broadcast". But... RouterOS does not directly expose the sysctl, and I'd imagine it's disabled by default per RFC2644 inside Router...
by Amm0
Thu Aug 22, 2024 8:22 pm
Forum: Beginner Basics
Topic: LTE Passthrough & UDR
Replies: 2
Views: 821

Re: LTE Passthrough & UDR

I think on most Ubiquity stuff it might be easier to do it reverse. e.g. use vlan10 as the passthrough interface & leaving the untagged ether1 + dhcp-client AFIAK, UBNT stuff uses hybrid ports by default with untagged being management. And, I think, it might be easier to configure the WAN from a...
by Amm0
Thu Aug 22, 2024 5:37 pm
Forum: General
Topic: Feature request : Multipath TCP (MPTCP) support
Replies: 14
Views: 10108

Re: Feature request : Multipath TCP (MPTCP) support

@Larsa what folks are talking about is using MPTCP for "multi-wan" support. So the way I view the request is that MPTCP can be used a tunnel interface between two RouterOS using multiple/different paths. e.g. you had Mikrotik with two LTE modems, that connected to CHR at some VPS, with MPT...
by Amm0
Thu Aug 22, 2024 4:15 pm
Forum: General
Topic: new-mss VS. clamp-to-pmtu with v7
Replies: 10
Views: 1376

Re: new-mss VS. clamp-to-pmtu with v7

@mrz can correct me... But "clamp-to-pmtu" on a local interface should get you the RourerOS interface's MTU less TCP's 40 bytes. So for WG with 1420 MTU, setting new-mss to "clamp-to-pmtu", should result in a 1380. So explicitly setting new-mss=1380 should be same as new-mss=clam...
by Amm0
Wed Aug 21, 2024 7:40 pm
Forum: Useful user articles
Topic: mDNS between VLANs with just bridge filters - Look Mum, no containers!
Replies: 79
Views: 24581

Re: mDNS between VLANs with just bridge filters - Look Mum, no containers!

mDNS and SSDP are working good but HDHomeRun isn't working, i also try mdns repeater from beta, but if i disable this method nothing works in mDNS Thanks I don't have a HDHomerun but it looks like it broadcasts as opposed to multicasts on UDP:65001. IP broadcasts are NOT same as multicast. And HDHo...
by Amm0
Tue Aug 20, 2024 8:22 am
Forum: General
Topic: Occasional FIN or RST packet showing up on WAN from my private subnets
Replies: 9
Views: 846

Re: Occasional FIN or RST packet showing up on WAN from my private subnets

Hard to know what the cause of the escape. One thing you can try is to drop invalid connections on OUTPUT. /ip/firewall/filter/add chain=output connection-state=invalid action=drop log=yes out-interface-list=WAN While the default firewall drops invalid on input if something goes awry during the TCP ...
by Amm0
Mon Aug 19, 2024 6:31 pm
Forum: Virtualization
Topic: BTH vpn
Replies: 3
Views: 583

Re: BTH vpn

If one side has a public IP, you can use normal WG. If you need to hole-punching proxy of BTH (i.e. both sides have some non-public/CGNAT-like WAN addresses), you use the BTH client config shown from /ip/cloud to create manually create a peer on remote router using the details from BTH client config...
by Amm0
Mon Aug 19, 2024 6:16 pm
Forum: General
Topic: Wireguard in 2nd WAN [SOLVED]
Replies: 34
Views: 3107

Re: Wireguard in 2nd WAN [SOLVED]

NAT trick is cleaver. But because there’s a bug in ROS, Peer B sends the "hello back" from a different address than the one it received the first "hello" from, which confuses Peer A. [...] To make it work, you have to use some workarounds to ensure that the "hello back"...
by Amm0
Fri Aug 16, 2024 7:07 pm
Forum: General
Topic: VRRP - NewBie
Replies: 9
Views: 1055

Re: VRRP - NewBie

If you had some monitoring, you can see if there is some meaningful effect on memory from increasing the ARP cache - but I suspect not. In thinking about this... Perhaps the double ARPs are due to the /ip/dhcp-server. i.e. the DHCP servers for your VLANs are listening on the VLAN interfaces, so one ...
by Amm0
Thu Aug 15, 2024 10:55 pm
Forum: Wireless Networking
Topic: Missing wAP ax successor to wAP ac, what are outdoor AX WiFi alternatives?
Replies: 35
Views: 3592

Re: Missing wAP ax successor to wAP ac, what are outdoor AX WiFi alternatives?

wAP ax will be a very small device and is coming very very soon (question of days or weeks)
with an M.2 (or miniPCIe) slot (aka the ax version of wAPacR)?
by Amm0
Thu Aug 15, 2024 6:30 pm
Forum: RouterBOARD hardware
Topic: NetMetal ax / L23-UGSR — initial feedback from specs
Replies: 38
Views: 5754

Re: NetMetal ax / L23-UGSR — initial feedback from specs

FWIW the Sierra MC7455 allow you set the USB speed to USB 2.0 speeds, via AT command. Yep I was going to try this, the strange thing is that my netmetal goes into constant reboot loop when the MC7455 is installed, not being able to initialize the modem is ok, but reboot.... Well you have to send th...
by Amm0
Thu Aug 15, 2024 4:54 pm
Forum: General
Topic: SNMP Sending Wrong
Replies: 2
Views: 508

Re: SNMP Sending Wrong

The ifIndex should in an integer and description is a string – that part is right. What's confusing is that an interface SNMP ifIndex is the ".id" field in the config – NOT the "port number". You can see this if you use: /interface/print oid show-ids ... *B2 name=.1.3.6.1.2.1.2.2...
by Amm0
Thu Aug 15, 2024 1:08 am
Forum: RouterBOARD hardware
Topic: NetMetal ax / L23-UGSR — initial feedback from specs
Replies: 38
Views: 5754

Re: NetMetal ax / L23-UGSR — initial feedback from specs

I have MC7455 which doesn't work with NetMetal AX (i didn't try to "isolate" USB3.0 pins, but I'm sure it will work that way), but it's working without issue with RB33G/LtAP :) Standards, right? :-D FWIW the Sierra MC7455 allow you set the USB speed to USB 2.0 speeds, via AT command. See ...
by Amm0
Tue Aug 13, 2024 8:49 pm
Forum: General
Topic: ECMP recursive routes
Replies: 38
Views: 4707

Re: ECMP recursive routes

Going back to the OP's original config... I'm not sure what ECMP to the same gateway is trying to do. If the goal trying to use recursive route with ECMP to create a "OR" on the canary address (e.g. keep WAN active if EITHER of the canary address are up), the config is not going to do that...
by Amm0
Tue Aug 13, 2024 5:51 pm
Forum: Beginner Basics
Topic: Reach LAN from Zerotier with own controller
Replies: 9
Views: 722

Re: Reach LAN from Zerotier with own controller

Well, the /zerotier/controller is marked as "I" INVALID, so that a first level problem here. You have /zerotier/controller/print detail Flags: X - disabled, I - inactive 0 I disabled=no instance=zt1 name="ZTCP1" network="914..." private=yes broadcast=yes mtu=2800 multic...
by Amm0
Sun Aug 11, 2024 8:16 pm
Forum: General
Topic: ECMP recursive routes
Replies: 38
Views: 4707

Re: ECMP recursive routes

I do not dare to speculate as for CPU cycles spent per packet with and without ECMP using the same WAN. Agreed. JustIn the pantheon of worries, ECMP's CPU usage would not be the top of that list. To be honest, it's the using DNS servers as the canary address be my bigger worry. Unless the servers a...
  • 1
  • 2
  • 3
  • 4
  • 5
  • 15