Community discussions

MikroTik App

Search found 4469 matches

  • 1
  • 2
  • 3
  • 4
  • 5
  • 15
by Amm0
Mon Oct 07, 2024 8:58 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1289
Views: 239543

Re: 📣 WinBox 4 is here 📣

I also had [yet] another idea / feature request : "Terminal" window should be dockable – similar to how a browser's "Inspect" window works (or VSCode, etc.). And since we lost "Windows" option on left to see the window list...my terminal windows keep getting lost behind...
by Amm0
Mon Oct 07, 2024 7:08 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1289
Views: 239543

Re: 📣 WinBox 4 is here 📣

IDK your OS... but why not exempt *.mikrotik.com in the network settings for the proxy?
by Amm0
Mon Oct 07, 2024 5:52 pm
Forum: Announcements
Topic: Newsletter #120 | September 2024
Replies: 56
Views: 9518

Re: Newsletter #120 | September 2024

That's one way of enforcing the spacing requirements for the SFPs.
by Amm0
Mon Oct 07, 2024 5:15 pm
Forum: General
Topic: Feature Request: Link "check-gateway" in routes to a netwatch item(s)
Replies: 11
Views: 2247

Re: Feature Request: Link "check-gateway" in routes to a netwatch item(s)

I was going to ask for a feature to be able to ping check in route to any arbitrary address instead of just the gateway, but Amm0's suggestion is even more flexible and would greatly simplify multi-wan setups. That was my original thought too. But realized, you want more than just some check-gatewa...
by Amm0
Sun Oct 06, 2024 7:40 pm
Forum: General
Topic: Export session .csv
Replies: 6
Views: 478

Re: Export session .csv

I'm still not sure why using "filename" as variable likely cause the issue. Good to hear, I ended up re-writing half your script so never know if works... . So you're new downloadMib / uploadMib will just round and lose the "after the decimal part", since RouterOS only plain inte...
by Amm0
Sat Oct 05, 2024 11:33 pm
Forum: Announcements
Topic: v7.17beta [testing] is released!
Replies: 324
Views: 29718

Re: v7.17beta [testing] is released!

multi-passphrase is not supported for the WPA3-PSK authentication type. WPA3 will never support PPSK as currently implemented. A simple Google query for WPA3 and PPSK will get you all sorts of information from a variety of networking resources. [...] PPSK gets me back to here, WPA3 and alternative ...
by Amm0
Sat Oct 05, 2024 11:20 pm
Forum: General
Topic: Export session .csv
Replies: 6
Views: 478

Re: Export session .csv

I'm resuming this discussion after a long time as the project had been put on hold. I was hoping the new [:serialize $array to=dsv delim=","] introduced in v7.16 would help. But it does not like the data from [/user-manager/session/print]. And I thought your issue was not using a [:tostr ...
by Amm0
Sat Oct 05, 2024 7:22 pm
Forum: Beginner Basics
Topic: Slow Throughput CHR virtual within Proxmox [SOLVED]
Replies: 10
Views: 4308

Re: Slow Throughput CHR virtual within Proxmox [SOLVED]

Some kind of warning/reminder would be appropriate.
Yup.

Even if the default config on CHR just had some config to add a "note" would help:
/system/note/set note="Using free license, speed limited to 1Mb/s"
by Amm0
Sat Oct 05, 2024 1:16 am
Forum: General
Topic: ROS Scripting question
Replies: 6
Views: 280

Re: ROS Scripting question

And because the array does not have keys (I hope that's the right term), the values in the array are referenced by their position using: $i-># as in: :local currentInterfaceName ($i->0) Correct? Yup. Let me provide a quick example that you can try... And show using "named" array elements ...
by Amm0
Fri Oct 04, 2024 10:57 pm
Forum: Announcements
Topic: v7.16 [stable] is released!
Replies: 298
Views: 44426

Re: v7.16 [stable] is released!

The A record is not "explicit". It also matches foobar.nas.home.arpa. True. But to @kenzo's point RouterOS is ill-suited to this. Along the "home.arap" A records, it's also very likely SRV and PTR ones too also with ".home.arpa" that escape too. So, theoretically, you ...
by Amm0
Fri Oct 04, 2024 10:19 pm
Forum: Announcements
Topic: v7.16 [stable] is released!
Replies: 298
Views: 44426

Re: v7.16 [stable] is released!

It seems to me that administrative control over DNS leakage is lacking on RouterOS. That jumped the shark since a client can just use DoH etc... Plus "content filtering" is rapidly moving target...and RouterOS development is not rapid. And they give you some tools, like regex/match-subdom...
by Amm0
Fri Oct 04, 2024 9:46 pm
Forum: Announcements
Topic: v7.17beta [testing] is released!
Replies: 324
Views: 29718

Re: v7.17beta [testing] is released!

what could be so f***ed up that you can't fix it from the fully working command line, but you can type "partition activate" command? Not theoretical - related to "downgrade" device mode 3rd party LTE modems breaking after a version upgrade While rare (and good work by LTE folks)...
by Amm0
Fri Oct 04, 2024 8:20 pm
Forum: Announcements
Topic: v7.17beta [testing] is released!
Replies: 324
Views: 29718

Re: v7.17beta [testing] is released!

- People who want to know what exactly will happen, and who have not yet read the previous posts. I try to answer them. Using CLI/scripting – say from defconf or netinstall script – how do you check if a particular "device-mode" is activate? All the usual CLI/scripting things cannot get t...
by Amm0
Fri Oct 04, 2024 4:49 pm
Forum: General
Topic: Device got hacked 1 min after connected to internet
Replies: 51
Views: 4176

Re: Device got hacked 1 min after connected to internet

Just some clarification, all devices with LTE and WiFI come with default password for at least a year, I think. I have to check for up to date info. I think the last remaining devices with no password are CCR series. and if y'all add eSIM support... you'd have to provision something in config for L...
by Amm0
Fri Oct 04, 2024 4:41 pm
Forum: General
Topic: Device got hacked 1 min after connected to internet
Replies: 51
Views: 4176

Re: Device got hacked 1 min after connected to internet

Sure, "interesting case" here, as @optio put... But solution is for @normis/team to update the netinstall and reset-configuration docs to clarify to REMOVE any potential internet source, including SIM cards. So, yes, "what if my SIM is stuck" - you hopefully find this thread. But...
by Amm0
Fri Oct 04, 2024 6:57 am
Forum: General
Topic: modify files inside mikrotik
Replies: 8
Views: 344

Re: modify files inside mikrotik

is it possible to modify a files which are uploaded into Files in mikrotik routers via cli? I need to change some link inside it. I can access edit it via file edit value-name=contents test.txt but how to change set it there through terminal /file set test.txt contents="Did you want to write s...
by Amm0
Fri Oct 04, 2024 4:53 am
Forum: General
Topic: Tools for graphs and reports
Replies: 2
Views: 203

Re: Tools for graphs and reports

I think your bigger problem is the newer wifi-qcom / wifi-qcom-ac wi-fi drivers (former is used on hAPax3) ... do not support SNMP data at present. Even if you wanted to use the Dude, it won't work for Wi-Fi stats. Same with Zabbix/etc/etc. You need some source data, and RouterOS does not send any f...
by Amm0
Thu Oct 03, 2024 11:37 pm
Forum: Scripting
Topic: Find and disable/enable users by part of their name
Replies: 6
Views: 322

Re: Find and disable/enable users by part of their name

/user disable [find where user~"abc123"] there is a different six-digit order of numbers, which is always different on all routers. @rextended is showing using a regular expression with the "~" instead of "=". That is critical here. I don't know what your trying to mat...
by Amm0
Thu Oct 03, 2024 11:06 pm
Forum: General
Topic: LTE Modem Firmware Upgrade - Has anyone got any troubleshooting tips?
Replies: 8
Views: 9831

Re: LTE Modem Firmware Upgrade - Has anyone got any troubleshooting tips?

The better question is why the standard upgrade process does not work... Mikrotik does document the LTE firmware upgrade here: https://help.mikrotik.com/docs/display/ROS/LTE#LTE-Modemfirmwareupgrade So some additional details would help. Likely trying the latest "stable" V7, if not already...
by Amm0
Thu Oct 03, 2024 10:47 pm
Forum: Announcements
Topic: v7.17beta [testing] is released!
Replies: 324
Views: 29718

Re: v7.17beta [testing] is released!

device-mode [...] send somebody to unplug it from power ONCE in it's lifetime [...] [...] you guys are adding both fixes and features in RouterOS 7 at a fast, steady pace (for which we are grateful). [...] Switching back to the previous partition gets us back to a known state (version + config) qui...
by Amm0
Thu Oct 03, 2024 9:38 pm
Forum: Beginner Basics
Topic: the irrationality of [find]
Replies: 18
Views: 653

Re: the irrationality of [find]

I totally agree. Everything should be handled consistently and users shouldn't have to know all the little exceptions that could lead to serious issues. At the very least, the documentation should have clear warnings about these risks. Basically anything that appears on the right-side "Actions...
by Amm0
Thu Oct 03, 2024 9:18 pm
Forum: General
Topic: Device got hacked 1 min after connected to internet
Replies: 51
Views: 4176

Re: Device got hacked 1 min after connected to internet

I think the FUD is a bit overblown. There is nothing to worry about a SIM being in a new unit with factory defaults. The default firewall will protect you and all LTE devices come with a firewall. And on newer AX things, there not a lot of reasons for netinstall, less so in starting from empty confi...
by Amm0
Thu Oct 03, 2024 8:03 pm
Forum: Scripting
Topic: ✂ Rextended Fragments of Snippets
Replies: 105
Views: 86718

Re: ✂ Rextended Fragments of Snippets

This is the 100th post in this thread! :D (The Amm0 's one... ;) ) Well, in honor of my 4,000th post (at time of writing), I decided to follow @ rextended's lead in consolidation. While back, I created a GitHub org called TIKOCI - https://github.com/tikoci - with that idea, but never got to the con...
by Amm0
Thu Oct 03, 2024 5:54 pm
Forum: Beginner Basics
Topic: the irrationality of [find]
Replies: 18
Views: 653

Re: the irrationality of [find]

Oh you should file a bug report. The "reset-counters" should handle the case there is a find & it's nothing.

Just because it's explainable, does mean it makes sense. :?
by Amm0
Thu Oct 03, 2024 1:46 am
Forum: Containers
Topic: Running Node Red on container, which one?
Replies: 10
Views: 1242

Re: Running Node Red on container, which one?

($var->"val") != "<> ~> => <!-- ### ++ -->" Sorry to hijack your thread - this was a duplicated post originally used to test forum's phpBB: [ font = 'JetBrains Mono' ]some->text[ / font ] worked (without spaces) In Chrome, with JetBrain Mono loaded, it does. Safari, no.
by Amm0
Thu Oct 03, 2024 1:45 am
Forum: Containers
Topic: Running Node Red on container, which one?
Replies: 10
Views: 1242

Re: Running Node Red on container, which one?

Good news. I didn't think it was very heavy-weight - but worth testing. FWIW, `top` inside the container may not be the best test, since, I think, memory includes all user available memory, excluding kernel. While the RouterOS values include both. But I'm not 100%... Your stop/start test, and math, ...
by Amm0
Wed Oct 02, 2024 9:42 pm
Forum: Announcements
Topic: v7.17beta [testing] is released!
Replies: 324
Views: 29718

Re: v7.17beta [testing] is released!

I have posted further updates to the manual, so all your Device mode questions should be answered in there . https://help.mikrotik.com/docs/display/ROS/Device-mode Similar question... under "bandwidth-test" ... it does not discuss /tool/speed-test. I guess it's not included if one believe...
by Amm0
Wed Oct 02, 2024 5:17 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1289
Views: 239543

Re: 📣 WinBox 4 is here 📣

- return ESC shortcut to close sub windows I like the ESC to close — but my issue is that is closes dialogs that are dirty (have changes, but no "apply"). ESC should not close a dialog if it causes data loss . Perhaps it could prompt to apply it before closing would work too. But right no...
by Amm0
Wed Oct 02, 2024 5:05 pm
Forum: General
Topic: ROS Scripting question
Replies: 6
Views: 280

Re: ROS Scripting question

The scripting, and the concepts behind it, are way beyond me, but I am curious what this script does? What problem does it solve? OP uses an array to define what config to later do wrt to interfaces. Mikrotik @dru has a video on arrays here: https://www.youtube.com/watch?v=eWCJw0uZ-lE To summarize,...
by Amm0
Wed Oct 02, 2024 11:40 am
Forum: Beginner Basics
Topic: the irrationality of [find]
Replies: 18
Views: 653

Re: the irrationality of [find]

So it is not a quirk of the find command in itsellf, but rather a "wrong implied default" of "all" in the command /ip hotspot user reset-counters? That's what I'm suggesting: it's the command's logic, not find's logic at issue. A zero-length list is NOT nil/[:nothing], so reset-...
by Amm0
Wed Oct 02, 2024 11:17 am
Forum: Beginner Basics
Topic: the irrationality of [find]
Replies: 18
Views: 653

Re: the irrationality of [find]

Now I get it. I ain't arguing this is great. But it's rational. /ip/hotspot/user/reset-counters has some trickier logic... here "numbers=" attribute is optional . And numbers= is actual name of attribute used by the unnamed arg used by [find name=a]. So "reset-counter" already as...
by Amm0
Wed Oct 02, 2024 10:44 am
Forum: General
Topic: Scheduler not executing my script
Replies: 4
Views: 751

Re: Scheduler not executing my script

It may be permissions (fetch specifically, see docs on /system/script). One tip in scheduler you can use just "on-event=ScheduleDynDNS" to run a script, without the /system/script/run part. Another approach is /ip/cloud – that avoid scripting. You can use CNAME at in your hosted DNS, to ke...
by Amm0
Wed Oct 02, 2024 9:55 am
Forum: Beginner Basics
Topic: the irrationality of [find]
Replies: 18
Views: 653

Re: the irrationality of [find]

No. [find] mean "all". It's a filter, so if you don't apply any filters like name="a" to match, the default is return all. Otherwise, the would be no way to express "find everything". You can test find by using it standalone: :put [/ip hotspot user find name=a] *29 :put...
by Amm0
Wed Oct 02, 2024 4:31 am
Forum: General
Topic: ROS Scripting question
Replies: 6
Views: 280

Re: ROS Scripting question

It's a list of lists, so index es are just the numbers, wrapped in (). So... ($interfaceConfigs->0->1) would be 52821 Notes: - Do not use ($interfaceConfig->"1") as that will not work in the case, plain numbers for a list. The ($array->"1") syntax - with quotes - is for map array...
by Amm0
Tue Oct 01, 2024 8:58 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11316

Re: Router OS 7 on UEFI

NOT a fully tested script, only the needed info and the commands I used manually. I can offer a self-service solution to building them.... FWIW, you/anyone to rebuild the image using any script with GitHub running it using "GitHub Actions". Basically, the steps to "Creating your own ...
by Amm0
Tue Oct 01, 2024 8:17 pm
Forum: Announcements
Topic: Newsletter #120 | September 2024
Replies: 56
Views: 9518

Re: Newsletter #120 | September 2024

Why no SFP+ port (or two)?
My guess: the additional heat from SFPs requires fan/more complex cooling. See CRS304 (plastic) vs CRS305 (metal).
(& reason alone for the nomenclature variance IMO)
by Amm0
Tue Oct 01, 2024 8:03 pm
Forum: Announcements
Topic: v7.17beta [testing] is released!
Replies: 324
Views: 29718

Re: v7.17beta [testing] is released!

So it seems that when you try to setup partitions while not having that device-mode option set, it just corrupts the device? That is even worse than being unable to switch partitions after upgrade... That be my take. I only went down the rabbit hole since the RB1100 had a physical serial port. Clea...
by Amm0
Tue Oct 01, 2024 7:37 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1289
Views: 239543

Re: 📣 WinBox 4 is here 📣

feature request - Support Apple Passwords/Keychain/Secure Enclave to store RouterOS username/passwords Since we now have a native app, it be nice if I could read/store the RouterOS creds with all my other passwords in the Keychain used by iOS/MacOS. To me, this is more secure, than some encrypted f...
by Amm0
Tue Oct 01, 2024 6:29 pm
Forum: Announcements
Topic: v7.17beta [testing] is released!
Replies: 324
Views: 29718

Re: v7.17beta [testing] is released!

@pe1chl, I kinda figured that, since you can see those options in /partition – I just played dumb, and followed winbox... it wanted asked to reboot, so I just said yes & wanted to see what happen. And, I confirmed it was running the matching firmware before doing this too. But after reboot, I co...
by Amm0
Tue Oct 01, 2024 6:03 pm
Forum: Announcements
Topic: v7.17beta [testing] is released!
Replies: 324
Views: 29718

Re: v7.17beta [testing] is released!

I sure hope there will be a clear explanation of what happens to existing devices that use those features, for all reasonable existing device-mode settings. On my test RB1100AHx4 with 7.17beta2, it showed partitioning menu (with device-mode showing "mode: advanced" and container=yes"...
by Amm0
Tue Oct 01, 2024 2:09 am
Forum: General
Topic: WebFig Skins no longer working
Replies: 6
Views: 1499

Re: WebFig Skins no longer working

From what I’ve seen, creating a skin through WebFig first, then using that folder for your uploads, seems to be the workaround. I've also run into similar problems where SCP alone didn’t cut it. That's the best advice: let webfig create it first. Especially if you have an older router, I'm not 100%...
by Amm0
Mon Sep 30, 2024 9:30 pm
Forum: Scripting
Topic: REST API schema for Postman & more
Replies: 8
Views: 7784

Re: REST API schema for Postman & more

Just registered to say thank you for sharing this! Thanks! I recently created a Postman "code generator" to convert a Postman Request JSON, into the right /tool/fetch. I'm still working on it & Postman needs to accept it. But the project would allow RouterOS /tool/fetch "code sni...
by Amm0
Mon Sep 30, 2024 3:32 pm
Forum: Containers
Topic: Running Node Red on container, which one?
Replies: 10
Views: 1242

Re: Running Node Red on container, which one?

BY the way I'm curious how you modified settings.json having only NR, on settings it doesn't seem possible. Maybe you used NR nodes to open and edit file? Regular Docker allows you do a -p 80:1880 to map port..,so the node-red image assumes that how to re-map ports. Now, some/most containers let yo...
by Amm0
Mon Sep 30, 2024 1:05 am
Forum: Beginner Basics
Topic: Scripting - changing interface paramters
Replies: 2
Views: 193

Re: Scripting - changing interface paramters

Question is: Can I modify the value of the remote-address of my IPIPv6 from the same script? First thought that PUTting /interface ipipv6 ipipv6-DGN remote-address=$AFTRname would work, but nay... I think you're missing a "set" in your command: /interface ipipv6 set ipipv6-DGN remote-addr...
by Amm0
Mon Sep 30, 2024 12:51 am
Forum: Containers
Topic: Running Node Red on container, which one?
Replies: 10
Views: 1242

Re: Running Node Red on container, which one?

In the other topic Amm0 wrote about https and certificates, I suppose they may be useful for the DNS purpose he focused to solve, is it correct? About NR interface is just necessary to work with http, it's fine. Correct, HTTPS was strictly needed in the "poor-man's" captive portal NodeRED...
by Amm0
Sun Sep 29, 2024 9:01 pm
Forum: Announcements
Topic: v7.16 [stable] is released!
Replies: 298
Views: 44426

Re: v7.16 [stable] is released!

If the DNS server run by RouterOS has two /ip/dns/static records (in that order): nas.home.arpa A 192.168.1.101 *.home.arpa$ NXDOMAIN Then, per my understanding of the docs, client’s request for nas.home.arpa is going to match [2]. Am i wrong? Yes, you're wrong. The regex entry matches instead. FWI...
by Amm0
Sun Sep 29, 2024 8:34 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11316

Re: Router OS 7 on UEFI

Basically I agree with @sindy: I would expect gentlemen in Riga to provide either "BIOS CHR" and "UEFI CHR" images or a "universal CHR" image off the shelf rather than offloading that task to volunteers. [...] so a UEFI boot in a hosting is not a niche case any more. Tw...
by Amm0
Sun Sep 29, 2024 7:32 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11316

Re: Router OS 7 on UEFI

Somehow, I would expect gentlemen in Riga to provide either "BIOS CHR" and "UEFI CHR" images or a "universal CHR" image off the shelf rather than offloading that task to volunteers. [...] Yeah that was my point to @jaclaz – Mikrotik should fix the UEFI & they'd kno...
by Amm0
Sun Sep 29, 2024 6:31 pm
Forum: Scripting
Topic: Add more logged detail to fetch?
Replies: 4
Views: 381

Re: Add more logged detail to fetch?

I have not studied @jonte's Splunk scripts, so bit blind on what they might capture. Fundamentally, the logging system has some limits - which @jonte/others have cataloged. The one trick logging does have is adding more/"duplicate" /system/logging/actions (and use them for different subset...
by Amm0
Sun Sep 29, 2024 3:28 am
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11316

Re: Router OS 7 on UEFI

@jaclaz, I wouldn't get too crazy. The 2-3 cases of AppleVZ, Vultr, and potentially "Gen2" Hyper-V. And I do kinda think it be better to use the official Mikrotik ones if at all possible & those do work on BIOS system. So the fact these are EUFI only is kinda a safety net. Plus, there ...
by Amm0
Sat Sep 28, 2024 11:23 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11316

Re: Router OS 7 on UEFI

Tried also with NVMe interface, I'm running also Debian arm64 with Apple Virtualization and it requires NVMe to avoid FS corruption, unfortunately for ROS boot same result. Well we tried. There not a lot options to tweak, and I'd image the issue with AppleVM + CHR + ARM64 isn't partitioning. Thanks!
by Amm0
Sat Sep 28, 2024 11:20 pm
Forum: Containers
Topic: New container project: "mikrotik.upgrade.server" / "mus"
Replies: 7
Views: 4520

Re: New container project: "mikrotik.upgrade.server" / "mus"

Fair enough, it on the Alpine mirror list (https://mirrors.alpinelinux.org). The docs use "dl-cdn.alpinelinux.org", so the complex DNS name caught me off guard. Now you violating the core Docker philosophy with openrc (i.e. one container, one thing) ;). But I'm not such a purist. Especiall...
by Amm0
Sat Sep 28, 2024 11:02 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11316

Re: Router OS 7 on UEFI

Since I have it running on Intel mac, on arm mac was just POC tryout. Yeah same boat, I have 2019 MacBook Pro with Intel i9. Since I do deal with [Intel] VMs enough, I didn't want to mess with Rosetta ;). The only thing else to try for UTM+Apple+ARM64 be checking the "Use NVMe"box – that ...
by Amm0
Sat Sep 28, 2024 10:50 pm
Forum: General
Topic: Trouble: Can't connect to ATL after update [SOLVED]
Replies: 45
Views: 1904

Re: Trouble: Can't connect to ATL after update [SOLVED]

And in this post, there are the CLI commands for upgrading LTE things:
viewtopic.php?t=199087&hilit=band+66#p1025119
by Amm0
Sat Sep 28, 2024 10:44 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11316

Re: Router OS 7 on UEFI

No luck, same issue as with my modifications on image. com.apple.Virtualization.VirtualMachine stuck on 400% cpu, it seems loop, no output on serial console or display. Remove the display – that does not work in UTM+Apple. It's serial only on X86, so imagine it's the same on ARM64. I think Apple us...
by Amm0
Sat Sep 28, 2024 10:33 pm
Forum: General
Topic: Trouble: Can't connect to ATL after update [SOLVED]
Replies: 45
Views: 1904

Re: Trouble: Can't connect to ATL after update [SOLVED]

Good news. Sorry if I sounded short, but 7.5 was just a bad idea. And totally get it was some Mikrotik that who somehow broke it, to require the roof + netinstall. And, clearly MT should remove that "7.5" reference (or update the page so highlight that someone re-confirmed it ;) ) to avoid...
by Amm0
Sat Sep 28, 2024 10:14 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11316

Re: Router OS 7 on UEFI

Test them both using Apple Virtualization (in UTM and Swift Playground), so they generally work. Tested on mac with arm64 or x86_64 arch? Since I'm running the CHR superstore, I built an ARM64 image with the FAT modification for 7.17beta2: https://github.com/tikoci/fat-chr/releases/tag/Build1108629...
by Amm0
Sat Sep 28, 2024 9:17 pm
Forum: General
Topic: Trouble: Can't connect to ATL after update [SOLVED]
Replies: 45
Views: 1904

Re: Trouble: Can't connect to ATL after update [SOLVED]

This has gotten silly. I don't know what to tell you. You should run latest LTE firmware, RouterBOOT and RouterOS to start and troubleshoot any issues from there. FWIW... now you've likely downgraded the RouterBOOT firmware to 7.5. And if there was somehow fix for netinstall in the firmware between ...
by Amm0
Sat Sep 28, 2024 9:03 pm
Forum: General
Topic: Trouble: Can't connect to ATL after update [SOLVED]
Replies: 45
Views: 1904

Re: Trouble: Can't connect to ATL after update [SOLVED]

Netinstall problems are rare. Well, other than not be able to run it because of OS security block DHCP/TFTP (aka windows), or doing the "reset button dance" incorrectly. More relevant than "factory-*" version, at least to netinstall, is current-firmware= in /system/routerboard. T...
by Amm0
Sat Sep 28, 2024 8:43 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11316

Re: Router OS 7 on UEFI

@jaclaz, you're the boss - 7.17.beta2 mangled using your gdisk magic made Vultr happy. And I rebuilt the 7.15.3 and 7.16 images to use/default to the @jaclaz variant on GitHub: 7.15.3 - https://github.com/tikoci/fat-chr/releases/tag/Build11085737402-jaclaz 7.16 - https://github.com/tikoci/fat-chr/r...
by Amm0
Sat Sep 28, 2024 7:58 pm
Forum: General
Topic: Trouble: Can't connect to ATL after update [SOLVED]
Replies: 45
Views: 1904

Re: Trouble: Can't connect to ATL after update [SOLVED]

I'd netinstall 7.16, and try that. Based on what? The manual is clear - 7.5. What is there to try? Well... a decade of knowing Mikrotik is not great at updating documentation. And, you have a pretty locked down router, so if you have security needs... there no security patches/hotfixes/etc in older...
by Amm0
Sat Sep 28, 2024 7:50 pm
Forum: Containers
Topic: New container project: "mikrotik.upgrade.server" / "mus"
Replies: 7
Views: 4520

Re: New container project: "mikrotik.upgrade.server" / "mus"

Nifty work. But is there a reason you're not using the Alpine CDN URLs? In Dockerfile, RUN echo 'https://ftp.halifax.rwth-aachen.de/alpine/v3.20/main/' >> /etc/apk/repositories \ && echo 'https://ftp.halifax.rwth-aachen.de/alpine/v3.20/community' >> /etc/apk/repositories \ && apk add...
by Amm0
Sat Sep 28, 2024 6:47 pm
Forum: General
Topic: Trouble: Can't connect to ATL after update [SOLVED]
Replies: 45
Views: 1904

Re: Trouble: Can't connect to ATL after update [SOLVED]

I'd netinstall 7.16, and try that. If there was some security patch, you'd be force to upgrade form 7.5 anyway & have these same troubles (except it could be potentially be back on roof) . If you troubleshoot 7.16 while it NOT on the pole, you'd be better set for future updates. And, importantly...
by Amm0
Sat Sep 28, 2024 6:21 pm
Forum: Announcements
Topic: v7.17beta [testing] is released!
Replies: 324
Views: 29718

Re: v7.17beta [testing] is released!

No need to have the vlan interfaces created on the ethernet interface, just one pppoe-server specifying all the vlan id where it could work and applied on the ethernet interface. What if I want that one specific vlan on a range operates on a different profile? What if I want that one specific vlan ...
by Amm0
Sat Sep 28, 2024 5:37 pm
Forum: RouterBOARD hardware
Topic: Running out of space on hAP ac2 [SOLVED]
Replies: 51
Views: 14504

Re: Running out of space on hAP ac2 [SOLVED]

Few notes here since this whole 16MB flash comes up in my world... - The only thing that truly cleans things is doing netinstall. And, if want to run wifi-qcom-ac, IMO, you should go through the trouble of netinstall. - The amount of free space even if clean can still vary because not everyone is go...
by Amm0
Sat Sep 28, 2024 4:52 am
Forum: The Dude
Topic: dude server
Replies: 5
Views: 478

Re: dude server

I think ChatGPT has already had too many drinks.

Let me know how well that works out for you. Dude's permissions follow Winbox permission, and that level of granularity isn't possible. If not, please let me know.
by Amm0
Sat Sep 28, 2024 4:34 am
Forum: Scripting
Topic: Add more logged detail to fetch?
Replies: 4
Views: 381

Re: Add more logged detail to fetch?

fetch is a log topic, so first thing you want to do is enable that in /system/logging! You may need to add !raw - as it can log too much! e.g. Here is 301 Redirect "hard failure" in 7.17 shown in logs: 2024-09-27 17:41:08 fetch,debug Download from https://wttr.in/@mikrotik.com?format=4 to ...
by Amm0
Sat Sep 28, 2024 2:53 am
Forum: The Dude
Topic: dude server
Replies: 5
Views: 478

Re: dude server

You should look at webfig, but I just tried to do this & the SVG with Dude map in webfig is NOT controllable by skins... But a skin can limit what a user would see to just all maps. It them seeing only one map that be a problem.
by Amm0
Sat Sep 28, 2024 2:42 am
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1289
Views: 239543

Re: 📣 WinBox 4 is here 📣

Must've just been a fluke one off, that severely angered me. Back to using Winbox4 beta... FWIW, if that's in some scheduled script, I'd add some "... print" before remove - just possibly prevent stale/in-flight config/realtime data from being used (i.e. kinda like F5 in winbox gets a ref...
by Amm0
Sat Sep 28, 2024 2:21 am
Forum: The Dude
Topic: dude server
Replies: 5
Views: 478

Re: dude server

Not in the Dude, basically there is database & user has either read/write or read. It's policy system is even worse the RouterOS... But... if it's just the maps or a map... One approach is to use webfig to show them . While webfig [unforentely] does not show very much from the dude, it would sho...
by Amm0
Sat Sep 28, 2024 1:25 am
Forum: General
Topic: Big Config Sanity Check..
Replies: 2
Views: 373

Re: Big Config Sanity Check..

Looks mostly right from a quick read. I'd make sure the VRRP in the same interface-list as the VLAN is, since traffic go in/out of VRRP directly (which might not be treated same as VLAN depending on specific FW rules). Now its queuing strategy could use some work IMO. But I'm not the expert & so...
by Amm0
Sat Sep 28, 2024 12:37 am
Forum: Announcements
Topic: v7.16 [stable] is released!
Replies: 298
Views: 44426

Re: v7.16 [stable] is released!

You can have a couple of .home.arpa records in the DNS and at the end a *.home.arpa$ record with NXDOMAIN. From the docs : [...] In case an entry does not conform with DNS naming standards I never tried that, but doesn't that mean all *.home.arpa recrods going to be effectively NXDOMAIN'd? Oh the a...
by Amm0
Fri Sep 27, 2024 9:54 pm
Forum: Announcements
Topic: v7.17beta [testing] is released!
Replies: 324
Views: 29718

Re: v7.17beta [testing] is released!

The width of the current terminal does affect how many columns it outputs.... sure it ain't that? Very sure Hmm, I couldn't repo in 7.17beta, RB1100AHx, WinBox4 terminal: routing/route/print where afi~"ip6" Flags: U - UNREACHABLE, A - ACTIVE; c - CONNECT, d - DHCP; H - HW-OFFLOADED; B - B...
by Amm0
Fri Sep 27, 2024 9:48 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11316

Re: Router OS 7 on UEFI

as soon as Sindy will be able to (hopefully) report success in the environment(s) he uses, the matter should be pseudo-solved. Sorry, it was neither soon nor 100% success. Both the pre-cooked images from @Amm0 I've tried, i.e. chr-7.16.uefi-fat.raw and chr-7.16.uefi-fat-kriszos.raw, [...] neither o...
by Amm0
Fri Sep 27, 2024 9:36 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11316

Re: Router OS 7 on UEFI

Ran the 3 image scripts (jaclaz, kriszos, no-gdisk) again with 7.17beta2. Same as 7.16, kriszos script fails in middle because of the "overlap", the other two work. @jaclaz's gdisk script gets to "The operation has completed successfully.". Apple requires only FAT, so all three w...
by Amm0
Fri Sep 27, 2024 8:59 pm
Forum: Announcements
Topic: v7.17beta [testing] is released!
Replies: 324
Views: 29718

Re: v7.17beta [testing] is released!

On the stats from 7.16 to 7.17beta2, there are +74 new commands and +803 new attributes (although the "group-by" gins up the numbers since that in a lot of places ;)) *) zerotier - upgraded to version 1.14.0; +1 +½ There are also newer options in ZeroTier too that are not exposed... yet? ...
by Amm0
Fri Sep 27, 2024 8:52 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1289
Views: 239543

Re: 📣 WinBox 4 is here 📣

subtle usability - show new package download like the winbox upgrade in top bar In the WinBox4 scheme, the new System>Packages dialog is actually more confusing IMO. Perhaps I'm dumb, but actually I keep hitting OK instead of hitting the action button. I get this follows the new scheme, but winbox3...
by Amm0
Fri Sep 27, 2024 8:40 pm
Forum: Announcements
Topic: v7.17beta [testing] is released!
Replies: 324
Views: 29718

Re: v7.17beta [testing] is released!

on 7.16 and above > routing/route/print where afi=l2vpn Flags: H - HW-OFFLOADED Columns: DST-ADDRESS, AFI DST-ADDRESS AFI before 7.16 > routing/route/print where afi=l2vpn Flags: U - UNREACHABLE, A - ACTIVE; b - BGP; H - HW-OFFLOADED; + - ECMP Columns: DST-ADDRESS, GATEWAY, AFI, DISTANCE, SCOPE, TA...
by Amm0
Fri Sep 27, 2024 8:30 pm
Forum: General
Topic: Trouble: Can't connect to ATL after update [SOLVED]
Replies: 45
Views: 1904

Re: Trouble: Can't connect to ATL after update [SOLVED]

As I said, I use only SSH to connect to any of the routers and all other methods were intentionally disabled for security reasons.
Gotcha. Well, then it's getting it off the roof/tower to reset it one way or another.

I'll note at some level, you can get too crazy locking these down...
by Amm0
Fri Sep 27, 2024 7:23 pm
Forum: Containers
Topic: Containers wont start on RB3011 UiAS Topic is solved
Replies: 29
Views: 1734

Re: Containers wont start on RB3011 UiAS Topic is solved

Okay, I have no idea now. Make sure to include the supout.rif in your support case, as that has logs/config for them.
by Amm0
Fri Sep 27, 2024 7:19 pm
Forum: Containers
Topic: Containers wont start on RB3011 UiAS Topic is solved
Replies: 29
Views: 1734

Re: Containers wont start on RB3011 UiAS Topic is solved

I just try this example and does't seem to work... i just use: "usb2-part1/debian/container1"

For some weird reason the alpine image works... :lol:
What partitioning is used on the usb2-part1? If it's FAT you'd want to keep the names shorter. And if FAT, maybe use an ext4 partition.
by Amm0
Fri Sep 27, 2024 7:14 pm
Forum: General
Topic: Trouble: Can't connect to ATL after update [SOLVED]
Replies: 45
Views: 1904

Re: Trouble: Can't connect to ATL after update [SOLVED]

That seems like good news — If you can get into the ATL via ssh and 192.168.188.1 - there is no need for going to mast. No, it's the opposite. Quoting myself: I can't ping anything (even the gateway), I can't SSH to the gateway. And you tried winbox to see if shows up as "Neighbor" with M...
by Amm0
Fri Sep 27, 2024 7:12 pm
Forum: Containers
Topic: Containers wont start on RB3011 UiAS Topic is solved
Replies: 29
Views: 1734

Re: Containers wont start on RB3011 UiAS Topic is solved

In simplier terms, root-dir= is the file name for the container image so it has to be unique. Despite having "-dir" in the name. No slash at start or end!
by Amm0
Fri Sep 27, 2024 7:08 pm
Forum: Containers
Topic: Containers wont start on RB3011 UiAS Topic is solved
Replies: 29
Views: 1734

Re: Containers wont start on RB3011 UiAS Topic is solved

I really would try in the form "root-dir=usb1-part1/some-new-name" from CLI

And make sure you're using the "mount point" shown in "/disk print" (which may not be usb1-part1 in my example).
by Amm0
Fri Sep 27, 2024 7:02 pm
Forum: Containers
Topic: Containers wont start on RB3011 UiAS Topic is solved
Replies: 29
Views: 1734

Re: Containers wont start on RB3011 UiAS Topic is solved

Hmm, if you don't have a preceding slash. Just make sure to pick a new name - I'm not sure what happens if you have had an image file already at the same name. Also keep in mind despite the name "root-dir=", it's actually the name of the container, not a directory to use. So if you keep pi...
by Amm0
Fri Sep 27, 2024 6:56 pm
Forum: Announcements
Topic: v7.17beta [testing] is released!
Replies: 324
Views: 29718

Re: v7.17beta [testing] is released!

After upgrade to 7.17beta2, my RB1100AHx4 test router upgraded no problem. However...a ROSE RAID "disk" did not mount. ROSE-not-working-v7.17beta2.png I rebooted and still did not mount. I removed the RAID "disk", and re-added it again, still did not work. I disabled/renabled the...
by Amm0
Fri Sep 27, 2024 6:13 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1289
Views: 239543

Re: 📣 WinBox 4 is here 📣

Good grief! Who memorizes ip's? Feature request - resolve DNS name in ALL fields that require an IP or IPv6 address There are a few place where WinBox3 does take a DNS and will resolve it to IP inside of winbox (i.e. where the CLI/APIs want an "ip"/"ipv6" type). Perhaps some con...
by Amm0
Fri Sep 27, 2024 6:04 pm
Forum: Containers
Topic: Containers wont start on RB3011 UiAS Topic is solved
Replies: 29
Views: 1734

Re: Containers wont start on RB3011 UiAS Topic is solved

Well, it annoying and wrong. But I suspect you just need to use "root-dir=usb1-part1/debian-root" — without a leading "/". The mounts don't care about a leading slash, but for some reason root-dir= in main container does. This, I think, is a historic artifact, but CLI never like ...
by Amm0
Fri Sep 27, 2024 5:58 pm
Forum: General
Topic: Trouble: Can't connect to ATL after update [SOLVED]
Replies: 45
Views: 1904

Re: Trouble: Can't connect to ATL after update [SOLVED]

Sorry I was finishing my thread since I like to keep the options together ;). Reading your response. That seems like good news — If you can get into the ATL via ssh and 192.168.188.1 - there is no need for going to mast. Next question be is the LTE connection working, since something there go wrong ...
by Amm0
Fri Sep 27, 2024 5:46 pm
Forum: General
Topic: Trouble: Can't connect to ATL after update [SOLVED]
Replies: 45
Views: 1904

Re: Trouble: Can't connect to ATL after update [SOLVED]

Anyway RouterOS has lots of options to do avoid a netinstall. Just to complete the thread... If you do get to needing a netinstall... you can run it as a container on the hAP. See https://hub.docker.com/r/ammo74/netinstall - this avoid all the setup required on Windows for netinstall Netinstall on ...
by Amm0
Fri Sep 27, 2024 5:29 pm
Forum: General
Topic: Trouble: Can't connect to ATL after update [SOLVED]
Replies: 45
Views: 1904

Re: Trouble: Can't connect to ATL after update [SOLVED]

Also, since I think you have a hAP... this won't help now... but if you enable RoMON & the hAP was on same network as ATL, then RoMON be able to get into ATL via the hAP. It does require using winbox, where you connect to romon on the hAP, and assuming romon was enabled on ATL, winbox then show ...
by Amm0
Fri Sep 27, 2024 5:23 pm
Forum: General
Topic: Trouble: Can't connect to ATL after update [SOLVED]
Replies: 45
Views: 1904

Re: Trouble: Can't connect to ATL after update [SOLVED]

I guess I'm confused. Are you not able to get in after upgrade? Or does it just not work for LTE after upgrade? To clarify my earlier answer: Or is anyone using remote/difficult-to-reach-physically devices doomed to such issues? As noted, the "winbox" client app using ethernet(layer2) so e...
by Amm0
Fri Sep 27, 2024 5:00 pm
Forum: Scripting
Topic: USB GPIO EXTENDER
Replies: 10
Views: 660

Re: USB GPIO EXTENDER

And in recent V7... this would be much easier with [:convert]'s byte-array and bit-array-msb/lsb but I know you got V6.
by Amm0
Fri Sep 27, 2024 4:58 pm
Forum: Scripting
Topic: USB GPIO EXTENDER
Replies: 10
Views: 660

Re: USB GPIO EXTENDER

Now I see where the "string with 10101" OR needs come up in from your other thread. FWIW, if you control what being sent...you can make your parsing on the RouterOS easier. The printf % stuff is pretty flexible, so you can do stuff like add a "0x" with leading zeros (%#010x) or j...
by Amm0
Fri Sep 27, 2024 4:36 pm
Forum: Scripting
Topic: logical "or" over number
Replies: 20
Views: 1600

Re: logical "or" over number

Without any concrete needs/use, are all useless.
See viewtopic.php?t=211251
by Amm0
Fri Sep 27, 2024 3:53 pm
Forum: Announcements
Topic: Newsletter #120 | September 2024
Replies: 56
Views: 9518

Re: Newsletter #120 | September 2024

Another newsletter, and still looking some new products in your nifty "half rack, half U" form form factor(RB5009/L009/...) – like a PoE switch or SFP-only RB5xxxx (to interconnect with other RB5009s in a rack). - CRS304 10G Ethernet switch (no modules needed!) That is a nifty device. But ...
by Amm0
Fri Sep 27, 2024 3:38 pm
Forum: General
Topic: Trouble: Can't connect to ATL after update [SOLVED]
Replies: 45
Views: 1904

Re: Trouble: Can't connect to ATL after update [SOLVED]

Are you using winbox? Assuming you have the defaults, you should be able to get in via its MAC, not IP, address in the WinBox app from the LAN side of the router. If you can get in, look at the Logs & do an :export at Terminal and paste those here if you'd like. If Winbox with MAC address does N...
by Amm0
Fri Sep 27, 2024 3:24 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1289
Views: 239543

Re: 📣 WinBox 4 is here 📣

Abandoning Winbox 4 [...] I issued a command to delete an address list, [...] Command: /ip firewall address-list remove [find list=z-blocklist_FireHOL_L1 dynamic=yes] This means that beta releases of Winbox should not be used to manage remote devices/systems. Hold on. If you enter a command into th...
by Amm0
Fri Sep 27, 2024 3:03 pm
Forum: Scripting
Topic: USB GPIO EXTENDER
Replies: 10
Views: 660

Re: USB GPIO EXTENDER

It has to be at the end of what returned to RouterOS from your device's serial. The "OK" mean command is done/finished to that what trigger at-chat to put the data from input= to the OK into the variable. sprintf(&UART0.TX, "A%d \r\nOK\r\n" , PA4.VALUE) should work... the lin...
by Amm0
Fri Sep 27, 2024 2:38 pm
Forum: Scripting
Topic: USB GPIO EXTENDER
Replies: 10
Views: 660

Re: USB GPIO EXTENDER

Please tell me, Amm0! Do you not know how the support for AT commands works? I mean, how should the device accessed by the ppp-out interface return the data so that it is "correctly" returned by the interface? I'll explain. There is a programmable version of the device that I described he...
by Amm0
Thu Sep 26, 2024 10:03 pm
Forum: Scripting
Topic: USB GPIO EXTENDER
Replies: 10
Views: 660

Re: USB GPIO EXTENDER

Unfortunately, the module does not support the AT exchange format, so we cannot receive data from the input lines of the module, but we can control the digital outputs by setting their state to "1" or "0". If you connect a relay block to them, you can control low-voltage or high...
by Amm0
Thu Sep 26, 2024 8:53 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1289
Views: 239543

Re: 📣 WinBox 4 is here 📣

That would help to create a versatile desktop file. On .desktop file topic for Debian/Ubuntu... some SVG version of the WinBox icon be nice (winbox.svg). That allow `/usr/share/icons/hicolor/scalable/apps` to be used and keep the icon "pretty". (and @eworm know if SVG icon help for Arch)
by Amm0
Thu Sep 26, 2024 8:14 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1289
Views: 239543

Re: 📣 WinBox 4 is here 📣

i have an issue with winbox 4vb8... i can not start winbox. I see it in the processes but the windows of winbox is not starting.. any hints/tipps?
OS / version give more clues... Did it work in previous beta before?
by Amm0
Thu Sep 26, 2024 7:58 pm
Forum: Containers
Topic: Containers wont start on RB3011 UiAS Topic is solved
Replies: 29
Views: 1734

Re: Containers wont start on RB3011 UiAS Topic is solved

It's the "docker build" vs "docker buildx". I'm not sure Mikrotik's Pi-Hole building instructions are right for recent RouterOS. Since GitHub will build Docker images for free for public projects... I just use their "GitHub Actions" to deal with the docker stuff. Works ...
by Amm0
Thu Sep 26, 2024 7:45 pm
Forum: Beginner Basics
Topic: HDHomeRun broadcast is blocked
Replies: 11
Views: 592

Re: HDHomeRun broadcast is blocked

I have a 20 year old one in a HDHomeRun box. I'm going to have to bring that out, these HDHomeRun come up every month in the forum. But that won't help, since I think it's the "firewall" in your diagram. i.e. your PDF shows a firewall & broadcast do not go through a firewall: HDHomeRun...
by Amm0
Thu Sep 26, 2024 7:28 pm
Forum: The Dude
Topic: Dude Client/Server communication security
Replies: 4
Views: 536

Re: Dude Client/Server communication security

FWIW, docs on winbox suggest: "WinBox uses AES128-CBC-SHA as an encryption algorithm (requires WinBox version 3.14 or above)." So hard to know... But IMO dude/winbox protocol should NEVER run over internet (outside a VPN). The dude/winbox/routeros login password should be encrypted... but ...
by Amm0
Thu Sep 26, 2024 7:20 pm
Forum: The Dude
Topic: Upgrading devices from Dude
Replies: 1
Views: 240

Re: Upgrading devices from Dude

If you do "Upgrade" it just downloads the packages AFAIK, so a reboot of the device is what's needed get the applied. If you use "Force Upgrade" that will cause it be applied. AFAIK, you do need all of the package, including any extra-packages in same folder (assuming your device...
by Amm0
Thu Sep 26, 2024 7:18 pm
Forum: The Dude
Topic: dude database is locked - dude file path on smb share using ROSE
Replies: 3
Views: 318

Re: dude database is locked - dude file path on smb share using ROSE

If you disable/re-enable the dude in winbox, does that fix it?

You can try to do a "/dude/vacuum-db" to see if that fixes it or gets an error.
by Amm0
Thu Sep 26, 2024 6:51 pm
Forum: Beginner Basics
Topic: HDHomeRun broadcast is blocked
Replies: 11
Views: 592

Re: HDHomeRun broadcast is blocked

Post your config. It really should work if on the same LAN subnet.

Is it possible that the cisco switch is blocking broadcast to/from Mikrotik? You'd need add a bridge filter rule to actually block broadcast on RouterOS side.

Are we talking SwOS or RouterOS?
by Amm0
Thu Sep 26, 2024 6:48 pm
Forum: Beginner Basics
Topic: HDHomeRun broadcast is blocked
Replies: 11
Views: 592

Re: HDHomeRun broadcast is blocked

Is the HDHomeRun on the same LAN as your client? If they are on same LAN (say 192.168.88.x), then possible the app that's connecting may need permissions on the local OS to allow it receive broadcasts. But no default on RouterOS would block broadcasts within the same LAN. If the HDHomeRun and client...
by Amm0
Thu Sep 26, 2024 6:40 pm
Forum: General
Topic: Home Lab VLAN/Routing Help
Replies: 6
Views: 515

Re: Home Lab VLAN/Routing Help

I guess I'm trying to say is all the routers should generally have the same routes... as the return packets need some path back to the source.
by Amm0
Thu Sep 26, 2024 6:28 pm
Forum: Containers
Topic: Containers wont start on RB3011 UiAS Topic is solved
Replies: 29
Views: 1734

Re: Containers wont start on RB3011 UiAS Topic is solved

If you use my example above (https://forum.mikrotik.com/viewtopic.php?t=211025#p1099369), without any custom build, does that work? It be good to determine if it's your image that's the issue, or if something is actually broken in /container. FWIW, I use GitHub to build containers for RouterOS since...
by Amm0
Thu Sep 26, 2024 6:13 pm
Forum: Scripting
Topic: logical "or" over number
Replies: 20
Views: 1600

Re: logical "or" over number

And we come back to the original problem... How did those bits get represented in a RouterOS string – those had to come from somewhere. So if it was already "\01\00" form, not a string with actual ascii... then everything is easier.
by Amm0
Thu Sep 26, 2024 6:02 pm
Forum: Scripting
Topic: logical "or" over number
Replies: 20
Views: 1600

Re: logical "or" over number

Also, there be another approach using ":convert to=byte-array"to get an array... but that get you the ASCII codes for 1 and 0 :put [:convert to=byte-array from=raw "10101010"] # 49;48;49;48;49;48;49;48 but since that's at least an array, and not a string, you can use a :foreach o...
by Amm0
Thu Sep 26, 2024 5:40 pm
Forum: Scripting
Topic: logical "or" over number
Replies: 20
Views: 1600

Re: logical "or" over number

Do not do the same error, is not a OR or XOR, the number is only one, is just INVERT or at least NOT (can not really be NOT since the base is unknow.....) I wrote it that way and named it wrong. :shock: As you point out, it hard to know what he's looking for. I was just trying to point out getting ...
by Amm0
Thu Sep 26, 2024 5:32 pm
Forum: Scripting
Topic: logical "or" over number
Replies: 20
Views: 1600

Re: logical "or" over number

@Amm0 It would be easier to know where that 01001 came from and why it needs to be transformed into 10110. But @Sertik suckers us in every time. I guess I view his questions a RouterOS version of LeetCode questions (i.e. theoretical CS problems). Anyway, for fun, here is my take: :global invBinaryS...
by Amm0
Thu Sep 26, 2024 4:47 pm
Forum: Containers
Topic: Containers wont start on RB3011 UiAS Topic is solved
Replies: 29
Views: 1734

Re: Containers wont start on RB3011 UiAS Topic is solved

Yeah, I was betting on VETH... but if you re-create it before and don't change it, then that's not VETH. So if you're using a custom build image, you want to make sure to "--sbom=false --provenance=false" to your build as the "attestations" have caused problems in past (and I'm n...
by Amm0
Thu Sep 26, 2024 4:29 pm
Forum: Scripting
Topic: logical "or" over number
Replies: 20
Views: 1600

Re: logical "or" over number

I get @Sertik like a clean simple generic solution. But... once you go beyond 7-bits, all conversions from binary to number need to know a lot more on how the binary is structured. If you really are starting with some LONGER string with binary 1/0's like "01000100101111010101010" — you hav...
by Amm0
Thu Sep 26, 2024 3:42 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1289
Views: 239543

Re: 📣 WinBox 4 is here 📣

Tend agree that ESC should close any dialog box if it's not be changed (but not Terminal). Now I suspect Mikrotik's internal debate mirror the ones here about what the keyboard shortcuts should be & why there aren't many in the beta's so far. CTRL+D closes the whole terminal window. Except CTRL+...
by Amm0
Thu Sep 26, 2024 3:26 pm
Forum: Beginner Basics
Topic: how to query by query words [SOLVED]
Replies: 7
Views: 1281

Re: how to query by query words [SOLVED]

Oh my god, i thought there could only be one line of operators. Thank you. If you have haven't used an old RPN-based HP calculator, you'd think Mikrotik was crazy for how this works. You can have multiple operators in one line, but you can ALSO have multiple "#operators" in the string arr...
by Amm0
Thu Sep 26, 2024 7:25 am
Forum: Beginner Basics
Topic: how to query by query words [SOLVED]
Replies: 7
Views: 1281

Re: how to query by query words [SOLVED]

You can have multiple "#operators" to resolve the stack as you go. { ".query": [ "chain=chain2", "chain=chain1", "#|", "action=netmap", "action=log", "#|&" "src-address=fd00:0:0:3::/64", "#&" ...
by Amm0
Thu Sep 26, 2024 6:08 am
Forum: The Dude
Topic: Dude version incompatibility
Replies: 1
Views: 326

Re: Dude version incompatibility

Installed TheDude 7.15.3 server (my Cube 60Pro ac building bridge is on that version currently) and enabled it. By accident, I installed version 7.16 of the client. It starts up, displays "Downloading Updates" and then immediately closes. Maybe an "Incompatible version" message ...
by Amm0
Thu Sep 26, 2024 5:50 am
Forum: Containers
Topic: Containers wont start on RB3011 UiAS Topic is solved
Replies: 29
Views: 1734

Re: Containers wont start on RB3011 UiAS Topic is solved

I just do another test. I install an alpine container that just pings 8.8.8.8. And i install it on the internal memory. Same result. Does it still not stay started? One note: it's absolutely critical the VETH is created before the container, once the image is first started those setting get persist...
by Amm0
Thu Sep 26, 2024 4:44 am
Forum: Announcements
Topic: Question to our users about controllers
Replies: 58
Views: 15815

Re: Question to our users about controllers

P.S: it seems nearly all of your wishes can already be accomplished by The Dude. It has groups and mass upgrade and runs on a router. So why not Dude until now? I'll add that Dude's mass upgrade still works , docs are here: https://wiki.mikrotik.com/wiki/Upgrading_RouterOS_with_Dude with an addendu...
by Amm0
Thu Sep 26, 2024 2:41 am
Forum: General
Topic: Home Lab VLAN/Routing Help
Replies: 6
Views: 515

Re: Home Lab VLAN/Routing Help

Yeah your default route look wrong. But it's unclear where the internet go out, so hard to say what to fix.... But the route where the internet goes out is what should the be the gateway= (likely on the 10.0.99.x), and the router with upstream internet needs a NAT masquerade rule too.
by Amm0
Wed Sep 25, 2024 8:33 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1289
Views: 239543

Re: 📣 WinBox 4 is here 📣

BUG? — drop-drop file(s) fails with error message about disk space (MacOS 15.0 / WinBox4 beta8) My test router has a raid1/ volume with 50GBs free, but the root does have limited space. Upload the WinBox4 button, works fine. But when I drag a file from finder to a disk or directory under raid1/...,...
by Amm0
Wed Sep 25, 2024 8:01 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1289
Views: 239543

Re: 📣 WinBox 4 is here 📣

It seems that winbox4 uses UTF-8 (finally), just like (probably) your web browser running webfig. Ah, but the WinBox4 Terminal is like weird transfer area at an airport ;) Take some UTF-8 stuff in an interface name/comment: UTF8inInterfaceWinBox4Window.png If one follows the UTF-8 is the "code...
by Amm0
Wed Sep 25, 2024 6:49 pm
Forum: General
Topic: Device got hacked 1 min after connected to internet
Replies: 51
Views: 4176

Re: Device got hacked 1 min after connected to internet

I think @optio is getting a bad wrap here. He was trying re-enforce the point that an attack can happen quickly. And LTE can surprise you since it can, sometimes, take no configuration to come up and work with a public IP. (Now... having public IP on LTE is not that common, and more typical CGNAT fr...
by Amm0
Wed Sep 25, 2024 4:10 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1289
Views: 239543

Re: 📣 WinBox 4 is here 📣

- Focus on the first input field when opening a subwindow form - Select all text when changing fields with Tab - Add submitting forms with Enter key It be nice if <tab> go through ALL the setting in a dialog box. Specifically <tab> should: - open the collapsed sections when <tab>'ing (if the editab...
by Amm0
Wed Sep 25, 2024 3:50 pm
Forum: Scripting
Topic: get variables from file [SOLVED]
Replies: 3
Views: 768

Re: get variables from file [SOLVED]

FWIW, if you can control the format of the file with variables... you may want to consider using JSON in the file...as that be one operation with the new deserialize: :global myconfig [:deserialize from=json [/file get $myjson contents]] But your original data have to be JSON: { "SCRIPT_VERSION...
by Amm0
Wed Sep 25, 2024 2:19 pm
Forum: Beginner Basics
Topic: how to query by query words [SOLVED]
Replies: 7
Views: 1281

Re: how to query by query words [SOLVED]

... and you asked a similar question here: viewtopic.php?t=198974#p1021503
by Amm0
Wed Sep 25, 2024 2:18 pm
Forum: Beginner Basics
Topic: how to query by query words [SOLVED]
Replies: 7
Views: 1281

Re: how to query by query words [SOLVED]

You have to use a POST method, and use the ".query" parameter to specify the filter to apply. But the syntax for .query is stack-based is a bit complex. There are some examples here; https://forum.mikrotik.com/viewtopic.php?t=204028&hilit=.query The other approach is to do a GET (or PO...
by Amm0
Wed Sep 25, 2024 4:43 am
Forum: The User Manager
Topic: SQL type of Usermanager
Replies: 9
Views: 5958

Re: SQL type of Usermanager

I have made progress, I'm reading and writing without any problem from my VB.net application to the sqldb database. The only problem I still got is that usermanager seem to refresh the database. I think there is to version of the database. One is save on ROM and one seem to be load in memory. I mak...
by Amm0
Wed Sep 25, 2024 3:43 am
Forum: General
Topic: RoS 7.16 RC4 mDNS
Replies: 34
Views: 3999

Re: RoS 7.16 RC4 mDNS

Well... that's true. But still need EoIP to add the multicast to WG – but you're right the EoIP can run over an existing WG tunnel (and skip the IPSec stuff that's built in to EoIP). * Both ends use EoIP over the Wireguard link (with no IPSEC). * End A connects it's EoIP port to the bridge/VLAN of ...
by Amm0
Wed Sep 25, 2024 12:01 am
Forum: General
Topic: RoS 7.16 RC4 mDNS
Replies: 34
Views: 3999

Re: RoS 7.16 RC4 mDNS

Do you think mDNS could work through a Wireguard tunnel? Yes you can but it doesn't use the new mDNS repeater function. See this topic. https://forum.mikrotik.com/viewtopic.php?t=194842 Well... that's true. But still need EoIP to add the multicast to WG – but you're right the EoIP can run over an e...
by Amm0
Tue Sep 24, 2024 11:57 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11316

Re: Router OS 7 on UEFI

Sorry, double post. I quickly re-factored my CHR builder. So there are now 7.16 images, using the three approaches: @jaclaz's latest (chr-7.15.3.uefi-fat-jaclaz.raw), @kriszos's original (chr-7.15.3.uefi-fat-kriszos.raw), and "no gdisk" (chr-7.15.3.uefi-fat-no-gdisk.raw), see: https://git...
by Amm0
Tue Sep 24, 2024 9:31 pm
Forum: General
Topic: Wishes for 7.17 beta
Replies: 11
Views: 759

Re: Wishes for 7.17 beta

Perhaps, a middle ground for a "minor release" is the addition of a new logging action to run a RouterOS script, and/or ability directly send a syslog message from scripting? This allow any mapping someone desired, filtering, etc. before it goes to a syslog server i.e. /system/logging/acti...
by Amm0
Tue Sep 24, 2024 8:37 pm
Forum: General
Topic: RoS 7.16 RC4 mDNS
Replies: 34
Views: 3999

Re: RoS 7.16 RC4 mDNS

I'll try with another VPN...
Well... the VPN does need to support multicast & that's the limiting factor to repeating mDNS. I don't think L2TP work with new mDNS proxy. So off top of my head, that be GRE+IPSec, EoIP+IPSec and ZeroTier - that should work with new mDNS repeater.
by Amm0
Tue Sep 24, 2024 8:30 pm
Forum: General
Topic: Fetch https POST or GET TimeOut
Replies: 2
Views: 273

Re: Fetch https POST or GET TimeOut

You can try not specifying "mode=https" as that's comes from URL in newer version. The more likely possibility is your web server REQUIRES some newer SSL version. I'm not sure what /tool/fetch negotiates but a packet sniffer* would help. * Pro Tip: you can use Mikrotik's TSZP support to &q...
by Amm0
Tue Sep 24, 2024 8:04 pm
Forum: Scripting
Topic: get variables from file [SOLVED]
Replies: 3
Views: 768

Re: get variables from file [SOLVED]

In 7.15+, you should be able to use the new [:deserialize from=dsv]. So for quick example... { :local kvtxt "SCRIPT_VERSION=1.2.1\r\nREQ_ID=01J8C5ZV2AY6V6HWEB6F4HQJW5\r\nREQ_IP=172.21.104.34\r\nREQ_FAMILY=1\r\nREQ_CREATED=2024-09-22 06:16:32" # now use :deserialize to get an RouterOS array...
by Amm0
Tue Sep 24, 2024 6:36 pm
Forum: General
Topic: RoS 7.16 RC4 mDNS
Replies: 34
Views: 3999

Re: RoS 7.16 RC4 mDNS

FWIW, in a quick google, tailscale does NOT offer a solution to mDNS over WG either: https://github.com/tailscale/tailscale/issues/1013
by Amm0
Tue Sep 24, 2024 6:28 pm
Forum: General
Topic: RoS 7.16 RC4 mDNS
Replies: 34
Views: 3999

Re: RoS 7.16 RC4 mDNS

Wireguard does not support multicast, and mDNS needs multicast... so not possible. The mDNS support in 7.16 is just an "mDNS repeater", so the resulting "repeated" multicast can not be forwarded over WG. And why I've long argued that /ip/dns should act as mDNS/DNS-SD "Discov...
by Amm0
Tue Sep 24, 2024 5:22 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11316

Re: Router OS 7 on UEFI

I did file a feature request for an "proper" EFI image for CHR, SUP-144667, earlier this year. I got usual non-comitals "Thank you for the suggestion, we will consider it". So if someone using Hyper-V or other VM platform that needs EFI image to work... I'd recommend filing a tic...
by Amm0
Tue Sep 24, 2024 3:50 pm
Forum: Scripting
Topic: ✂ Rextended Fragments of Snippets
Replies: 105
Views: 86718

Re: ✂ Rextended Fragments of Snippets

It is made with artificial intelligence, since at least in this case imagination is useful...
While it got the wine... but c'mon, dutch impressionist art. And two door handles, although you are a security conscience guy. Always something wrong with these LLMs ;).
by Amm0
Tue Sep 24, 2024 3:09 pm
Forum: The Dude
Topic: Dude Client/Server communication security
Replies: 4
Views: 536

Re: Dude Client/Server communication security

Dude uses the same winbox protocol to communicate between the windows client and dude server package. So it's as safe as winbox protocol, which docs suggest: DH-1984 for key exchange and modified and hardened RC4-drop3072 encryption to secure the session. There is no choice on Dude login for Secure ...
by Amm0
Tue Sep 24, 2024 6:03 am
Forum: General
Topic: Script failing after upgrade 175.3
Replies: 2
Views: 330

Re: Script failing after upgrade 175.3

:foreach I in=[/ip firewall address-list find list=port_scanners_list] do={ /tool e-mail send to=myemail@gmail.com subject="port_scanners_list" body=("IP added " . [/ip firewall address-list get $i address])}
by Amm0
Tue Sep 24, 2024 1:46 am
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1289
Views: 239543

Re: 📣 WinBox 4 is here 📣

I'm running beta 6 on MacOS13. [...] Error: "Could not connect. MacConnection syn timeout" Did you look in System Preferences under Security > Firewall? There are setting to that control "incoming connections", it has to allow it from "downloaded apps". See https://sup...
by Amm0
Mon Sep 23, 2024 7:30 pm
Forum: Announcements
Topic: MikroTik Devices Controller
Replies: 374
Views: 256582

Re: MikroTik Devices Controller

FWIW, Dude client still works on latest MacOS Sequoia + homebrew's wine@devel. Since the client will re-download itself for another version, that even work still (since I connected to v7.16rc4 Dude). Screenshot 2024-09-23 at 9.06.59 AM.png To @infabo, the Dude server package fits on a Chateau LTE12 ...
by Amm0
Mon Sep 23, 2024 5:39 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11316

Re: Router OS 7 on UEFI

EDIT: Confirmed , the first few sectors (the relevant ones, MBR, Efi Part and the two entries in EFI partition tables) are identical between the original chr-7.15.3.img image and the modified raw one chr-7.15.3.uefi-fat.raw, so the original gdisk script does nothing to it. We have been barking up t...
by Amm0
Mon Sep 23, 2024 3:53 am
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11316

Re: Router OS 7 on UEFI

The errors should prevent gdisk from writing the changes, thus the image before and after running the original gdisk script should remain unchanged. Well, you know, it works in UTM+Apple, but got errors with gdisk during build. I re-ran the build just now, and got what's below for @kriszos's script...
by Amm0
Mon Sep 23, 2024 12:38 am
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11316

Re: Router OS 7 on UEFI

@Ammo What Is strange from your report is that - in theory - the original script should not work at all on the 7.15.3 as gdisk should refuse to write the modifications due to the errors. I have no idea. As I said, at least for Apple Virtualization EFI, 7.15.3 works with @krisnos's script. Screensho...
by Amm0
Sun Sep 22, 2024 10:25 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11316

Re: Router OS 7 on UEFI

I have "fat-chr" builder at GitHub that uses @krisnos's script to support UTM's native Apple Virtualization support (which requires EFI). I replaced the script with @jaclaz's version, but that did not work. UTM does not really report errors - so not sure what's wrong - but it does NOT star...
by Amm0
Sun Sep 22, 2024 7:39 pm
Forum: General
Topic: ECMP recursive routes
Replies: 38
Views: 4895

Re: ECMP recursive routes

FWIW... I don't show recursive route in the example for the same reason as I don't use PCC: the config gets complex. And complexity is another way to get outages, which is what you're trying to avoid by having multiple WANs ;). So I perfer "netwatch script" to just disable routes for these...
by Amm0
Sun Sep 22, 2024 7:09 pm
Forum: General
Topic: ECMP recursive routes
Replies: 38
Views: 4895

Re: ECMP recursive routes

Back to post #34 , is ECMP effective with recursive routes and can recursive routes be used for load-balancing? Yes, as long as you want things split "equally" between the WANs. It's ONLY when you wanted to a split like 66% to WAN1 and 33% to WAN2) you CANNOT do per @mrz. The recursive ro...
by Amm0
Sat Sep 21, 2024 11:41 pm
Forum: General
Topic: :find vs. find
Replies: 3
Views: 507

Re: :find vs. find

As noted, it's really TWO different commands. But it generally get the right one since when you [find]... The reason is kinda dorky... the [] cause a new subprocess, but it take the "path" of the part of the "parent command" as the context of what's inside. So with something like...
by Amm0
Sat Sep 21, 2024 11:21 pm
Forum: Announcements
Topic: MikroTik Devices Controller
Replies: 374
Views: 256582

Re: MikroTik Devices Controller

Seen the screenshots of Dude and I was deeply frightened - I wasn't brave enough to install it. Basically I did not want to find out if it is Wine compatible. What's nice is you don't need the "scary" 32-bit X86 Dude client running all the time... the client just configures the "serv...
by Amm0
Sat Sep 21, 2024 11:19 pm
Forum: Announcements
Topic: MikroTik Devices Controller
Replies: 374
Views: 256582

Re: MikroTik Devices Controller

Seen the screenshots of Dude and I was deeply frightened - I wasn't brave enough to install it. Basically I did not want to find out if it is Wine compatible. What's nice is you don't need the "scary" 32-bit X86 Dude client running all the time... the client just configures the "serv...
by Amm0
Sat Sep 21, 2024 9:24 pm
Forum: Announcements
Topic: MikroTik Devices Controller
Replies: 374
Views: 256582

Re: MikroTik Devices Controller

One reason why people ask for or need a controller software: https://forum.mikrotik.com/viewtopic.php?t=211094 That would appear to be advertisement for "The Dude" IMO. ;) The problem in that post is using winbox to view dozens of logs from different routers. That is easily solvable by re...
by Amm0
Sat Sep 21, 2024 1:12 am
Forum: General
Topic: Add default router to another table (not main)
Replies: 3
Views: 508

Re: Add default router to another table (not main)

Actaully I can't also create a second SSTP server wit a static destination only, specified on another profile. How can I run SSTP server with different profiles?
Sure, just copy the existing profile used by SSTP (likely default-encyrption) and create a new one under PPP Profiles.
by Amm0
Sat Sep 21, 2024 1:10 am
Forum: General
Topic: Add default router to another table (not main)
Replies: 3
Views: 508

Re: Add default router to another table (not main)

Any route in a routing table has to exist ALSO in main. That is just the rules. You can however always the distance= on static routers or some "default-route-distance=" option on tunnels/DHCP-client/LTE/etc to control which is used. Using higher "distance=" means even if a defaul...
by Amm0
Sat Sep 21, 2024 1:06 am
Forum: General
Topic: srcnat stops working after running for a little while when SSTP reconnects
Replies: 3
Views: 515

Re: srcnat stops working after running for a little while

In the snippet, nothing jumps out. One easy thing you do is lower the keepalive on the SSTP connection, default is 1m before it reconnects, a lower timeout like 15s might be good (as perhaps you're not waiting long enough before rebooting since today it be at least 1 minute ;)). But often some subtl...
by Amm0
Fri Sep 20, 2024 7:16 pm
Forum: Containers
Topic: Container Support to MIPS Architeture
Replies: 26
Views: 16767

Re: Container Support to MIPS Architeture

Hello I'm instalied 7.16rc4 on RB493G and I cant found Metarouter and I tried enable container but after reboot it's not there. Please add support any virtualization for mips. Metarouter is only for V6, and disabled in V7.... And, containers ("Docker") are NOT supported on MIPS - only ARM...
by Amm0
Fri Sep 20, 2024 7:09 pm
Forum: RouterOS beta
Topic: Zerotier interfaces stops working after a PPPoE wan flap (7.2rc4-7.2rc7, maybe 7.2)
Replies: 9
Views: 4525

Re: Zerotier interfaces stops working after a PPPoE wan flap (7.2rc4-7.2rc7, maybe 7.2)

I'd make sure that ZeroTier instance ("zt1") is NOT listening on raw interface that PPPoE is using. ZT does a lot of probing to find path and punch holes, so it doing that on the "real" interface, not PPPoE on top, seems like a bad idea. And the default is "/zerotier/set zt1...
by Amm0
Fri Sep 20, 2024 7:02 pm
Forum: Containers
Topic: Containers wont start on RB3011 UiAS Topic is solved
Replies: 29
Views: 1734

Re: Containers wont start on RB3011 UiAS Topic is solved

Curious. If it gets to "stopped", then we know it got extracted and all the pre-req are there. Likely the cmd or entrypoint are wrong (i.e. it cannot find the path+process to start). It also could be the root-disk is going to flash or something with the disks. What container are you trying...
by Amm0
Fri Sep 20, 2024 6:52 pm
Forum: Announcements
Topic: v7.16rc [testing] is released!
Replies: 362
Views: 112566

Re: v7.16rc [testing] is released!

no, not when like for me my routerboard keeps rebooting itself and disturbing my work. They need to get the base OS stable. Is your router rebooting in v7.16rc? FWIW, generic complaints help no one - if you find something not working, write up the forum or support case if it's a bug (with a supout....
by Amm0
Fri Sep 20, 2024 6:00 pm
Forum: Containers
Topic: Installation of nginx proxy manager on 7.15 routers
Replies: 2
Views: 4589

Re: Installation of nginx proxy manager on 7.15 routers

I've been using Traefik for past year as RouterOS container and that works well for me. This thread (despite the title) covers both Traefik and NGNIX proxy manager: https://forum.mikrotik.com/viewtopic.php?t=195259&hilit=traefik Specific to NgnixProxyManager, see: Everything you need is in these...
by Amm0
Fri Sep 20, 2024 3:18 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11316

Re: Router OS 7 on UEFI

The issue here is not complicated, @kriszos explains it: Also partition that has efi files on it is formatted as ext2 so it is not in line with UEFI standard which require that EFI files are stored on FAT/16/32 partition. So it not really the "hybrid" MBR/GPT disk partitioning that's the i...
by Amm0
Thu Sep 19, 2024 11:16 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11316

Re: Router OS 7 on UEFI

FWIW, I packaged @kriszos into a GitHub project that run it run a GitHub Action, see here: https://github.com/tikoci/fat-chr With the GitHub re-packaged CHR disk image with UEFI support going to the "Releases" section on the project. For example, 7.15.3: https://github.com/tikoci/fat-chr/r...
by Amm0
Thu Sep 19, 2024 3:52 pm
Forum: Scripting
Topic: fetch failure: maximum connection count reached
Replies: 5
Views: 605

Re: fetch failure: maximum connection count reached

You could try the current "stable" version 7.15.3, although I'm not sure that help here...but perhaps. I'd look at your firewall configuration, specifically ensure something is not be blocked. Fetch is a "local process" in the Packet Flow Diagram, so firewall is not applied same ...
by Amm0
Thu Sep 19, 2024 3:26 pm
Forum: Announcements
Topic: Question to our users about controllers
Replies: 58
Views: 15815

Re: Question to our users about controllers

I like the hope... Do we not think that 3MB Winbox 3 vs 50MB Winbox4 = Controller already buit-in Winbox4 but dissabled ?? But... the size difference is because winbox3 uses Windows GDI, so the UI rendering comes from an existing Window's DLL that dynamically loaded and not "inside" of win...
by Amm0
Thu Sep 19, 2024 3:13 pm
Forum: Scripting
Topic: fetch failure: maximum connection count reached
Replies: 5
Views: 605

Re: fetch failure: maximum connection count reached

Yup, mode=https has to match the URL as @rextended points out. Although mode=https is not need since the URL is used to determine mode= protocol, so removing it may help too. You can store the result from fetch into a variable, and log that result for debugging if that not the only issue: :local fet...
by Amm0
Thu Sep 19, 2024 3:02 pm
Forum: General
Topic: The logic of Filter Rules
Replies: 4
Views: 581

Re: The logic of Filter Rules

True. Specifically, this chart:
Image
by Amm0
Thu Sep 19, 2024 7:37 am
Forum: Wireless Networking
Topic: iOS 18 Wi-Fi connectivity issue [SOLVED]
Replies: 71
Views: 4524

Re: iOS 18 Wi-Fi connectivity issue [SOLVED]

or if all else fails, roll back to iOS 17. Or... try wifi configuration using defaults (only country is required) - just to see if work with iOS 18. Specifically trying ft=no, since that seems an area that could be broken. Or, perhaps try the 7.16rc "testing" with your current configurati...
by Amm0
Thu Sep 19, 2024 7:24 am
Forum: Wireless Networking
Topic: CA band working intermittently on hAP ax lite LTE6
Replies: 7
Views: 522

Re: CA band working intermittently on hAP ax lite LTE6

CA can easily be "lost" due many conditions in the carriers network and tower... So it being "intermittent" is not surprising & and without 5G band your CA "possibilities" with R11e-LTE6 modems are limited. One thing uou can do is add a netwatch that pings using LTE...
by Amm0
Thu Sep 19, 2024 4:17 am
Forum: Announcements
Topic: Question to our users about controllers
Replies: 58
Views: 15815

Re: Question to our users about controllers

It is more about what you would actually use, what you actually need. High level: An update to The Dude server+client would be a great first step... Big Lebowski is right: “That rug really tied the room together.” Rational: All the underpinnings for a "controller" are already in the Dude ...
by Amm0
Thu Sep 19, 2024 1:21 am
Forum: Containers
Topic: Running Node Red on container, which one?
Replies: 10
Views: 1242

Re: Running Node Red on container, which one?

I wrote this up a while back in related post from you ;) See https://forum.mikrotik.com/viewtopic.php?t=195386&hilit=nodered#p996644 You can follow the Pi-Hole example, to enable containers - just use a different mount and envs & /container/add would use "remote-image=nodered/node-red&q...
by Amm0
Thu Sep 19, 2024 1:00 am
Forum: General
Topic: ECMP recursive routes
Replies: 38
Views: 4895

Re: ECMP recursive routes

Basically my suggestion is never use ECMP in the "main" routing table and you avoid a lot of unknowns here. that's why I requested an export or example, but I can wait for a more in-deep explanation I created simplified/partial example config to show using a routing table for ECMP below, a...
by Amm0
Thu Sep 19, 2024 12:16 am
Forum: Beginner Basics
Topic: Playing with VRFs - what am I doing wrong?
Replies: 21
Views: 1524

Re: Playing with VRFs - what am I doing wrong?

in his words making the Mikrotik a "kind of L2 router", but that I prefer to consider a "cleverly configured" switch. Either way if you wanted a "Layer2 Centric 'Router'"... there are plenty of tricks to be had in /interface/bridge/nat and /interface/bridge/filter if L...
by Amm0
Wed Sep 18, 2024 9:50 pm
Forum: General
Topic: May you recomend me an SSTP VPN service?
Replies: 9
Views: 892

Re: May you recomend me an SSTP VPN service?

Amm0 I would ask you if I understand good, Oracle's gives a free of cost cloud forever, where is possible somehow to run a CHR image? Have you done it? Is it working ok? Where the server is located? I haven't tried their cloud. And your locale may add more complication, dunno. But some folks in for...
by Amm0
Wed Sep 18, 2024 9:44 pm
Forum: General
Topic: MQTT to Home Assistant
Replies: 23
Views: 4357

Re: MQTT to Home Assistant

I don't think I will spend time on the Lora [...] There seems to be an existing Things Network integration for Home Assistant, so there is probably not a lot of value to add. If your KNOT is a LoRa-enabled one... I'll note there are a lot of fun LoRaWAN sensors available, for a lot weird things, th...
by Amm0
Wed Sep 18, 2024 9:21 pm
Forum: Beginner Basics
Topic: Playing with VRFs - what am I doing wrong?
Replies: 21
Views: 1524

Re: Playing with VRFs - what am I doing wrong?

If the LAN side is also on 192.168.1.x/24? :? While you can generally pick your own LAN side subnet to NOT conflict (further), and avoid these esoteric RouterOS questions... But let's assume LAN absolutely has to be 192.168.1.1 and two WANs have to be 192.168.1.1... AFAIK that too should be fine wi...
by Amm0
Wed Sep 18, 2024 7:18 pm
Forum: Beginner Basics
Topic: Playing with VRFs - what am I doing wrong?
Replies: 21
Views: 1524

Re: Playing with VRFs - what am I doing wrong?

Sure, there are use cases for VRFs. More just saying that having multiple same subnets are allowed without VRF. Now it means the default route 0.0.0.0/0 needs to be % qualified, so gateway=192.168.1.1 %etherX-toWAN-Y . Failover happens by using check-gateway=ping (or more complex netwatch/recursive ...
by Amm0
Wed Sep 18, 2024 6:27 pm
Forum: Beginner Basics
Topic: Playing with VRFs - what am I doing wrong?
Replies: 21
Views: 1524

Re: Playing with VRFs - what am I doing wrong?

experiments with VRFs to implement an automatic failover between 2 ISPs Maybe I'm missing something here... But what is the point of using VRF for ISP failover? — VRFs have nothing to do with "automatic failover". Failover works without VRFs, and so layering VRF on top of failover mechani...
by Amm0
Tue Sep 17, 2024 9:16 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1289
Views: 239543

Re: 📣 WinBox 4 is here 📣

UI suggestion - Ability to disable labels, like "CPU" or "Memory (Free/Used/Total)", in the "Resource panel" aka status bar. i.e. have some "icons only" option in settings for status/"resource panel". Currently, it often wraps the labels, which looks...
by Amm0
Tue Sep 17, 2024 8:18 am
Forum: Beginner Basics
Topic: Missing SNMP Entries On hAP ac^3 [SOLVED]
Replies: 2
Views: 593

Re: Missing SNMP Entries On hAP ac^3 [SOLVED]

Nope. See viewtopic.php?t=190932 - there is workaround to use bridge hosts there, maybe that be a workaround.
by Amm0
Mon Sep 16, 2024 11:39 pm
Forum: Beginner Basics
Topic: Problem with VLANs and Bridge
Replies: 18
Views: 1147

Re: Problem with VLANs and Bridge

The current full config be helpful to know what's going on at this point. It hard to follow all the changes/testing to know what is going on where. One tip is that /tool/torch can sometime help clarify what traffic is flowing where when dealing with the bridge. And how do you explain that ether8 whi...
by Amm0
Mon Sep 16, 2024 11:21 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1289
Views: 239543

Re: 📣 WinBox 4 is here 📣

It could be good also for branding, not only for whiners who don't fully appreciate your design choices. ;) Two birds with one stone. On the branding topic... - Some "white label" version of winbox4, without any logos, be nice at some point. The old winbox was pretty generic and did not h...
by Amm0
Mon Sep 16, 2024 10:52 pm
Forum: Announcements
Topic: v7.15.3 [stable] is released!
Replies: 655
Views: 256484

Re: v7.15.3 [stable] is released!

What else should I change? The topic, please. This one is not the right place for discussing this, create a new one. Very true. Just to close this out... since the permission have changed somewhat recently (but NOT in this release). Poster with fetch is using netwatch, which has restricted permissi...
by Amm0
Mon Sep 16, 2024 10:44 pm
Forum: Beginner Basics
Topic: Problem with VLANs and Bridge
Replies: 18
Views: 1147

Re: Problem with VLANs and Bridge

Quick thoughts: - When 7.16 comes out, the bridge will be automatically marked as tagged, by virtue of use of a pvid= on /interface/bridge/port and/or having a /interface/vlan that listens on VLAN-enabled bridge (or using MVRP). So the need to muck with /interface/bridge/vlans should be limited to o...
by Amm0
Mon Sep 16, 2024 7:25 pm
Forum: General
Topic: Cannot ping from console VETH interface in containers bridge
Replies: 4
Views: 472

Re: Cannot ping from console VETH interface in containers bridge

Hence I've assumed it was a bug. But I admit it could be a "half baked" 7.16 change that has somehow leaked to 7.15.3. Entirely possible. I created/use a netinstall container . I know this worked at some point in past with a VETH on a vlan-enabled=yes bridge. But stopped worked in ~7.15, ...
by Amm0
Mon Sep 16, 2024 6:13 pm
Forum: Wireless Networking
Topic: LoRa point-to-point
Replies: 2
Views: 573

Re: LoRa point-to-point

True. While not PtP... one option is to run your own LNS/etc service to relay between devices You can run something like https://www.chirpstack.io as a container to do this (on ARM/X86 things, but not the KNOT) so it's still be self-contained without the cloud.
by Amm0
Mon Sep 16, 2024 5:38 pm
Forum: General
Topic: May you recomend me an SSTP VPN service?
Replies: 9
Views: 892

Re: May you recomend me an SSTP VPN service?

Or you can use CHR on a remote/cloud VPS. Never tried it, but there was a recent thread about CHR on Oracle's "free forever" cloud:
viewtopic.php?t=188848
I'm sure there are hosting service for CHR too.
by Amm0
Mon Sep 16, 2024 5:29 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1289
Views: 239543

Re: 📣 WinBox 4 is here 📣

I got a crash report (look like null pointer) from MacOS (14.6.1 / X86), soon after coming out of sleep: Crashed Thread: 0 Dispatch queue: com.apple.main-thread Exception Type: EXC_BAD_ACCESS (SIGSEGV) Exception Codes: KERN_INVALID_ADDRESS at 0x0000000000000000 Exception Codes: 0x0000000000000001, 0...
by Amm0
Mon Sep 16, 2024 3:49 am
Forum: Scripting
Topic: Rest API port reset [SOLVED]
Replies: 8
Views: 8153

Re: Rest API port reset [SOLVED]

di I get it right, that it's possible to turn on / off PoE with the API by sending a POST or PUT to the switch? Well, POST and PATCH .... PUT is for creating NEW records like "add" at CLI... but ethernet ports always exist so you need "PATCH" which same as CLI "set". P...
by Amm0
Mon Sep 16, 2024 3:16 am
Forum: Wireless Networking
Topic: Ax3 WiFi ignores access list [SOLVED]
Replies: 6
Views: 702

Re: Ax3 WiFi ignores access list [SOLVED]

... really wierd...
Yup. FWIW, the docs on how this works are lacking . My guess it operates a "matcher"/selector, not like the firewall "filter"/etc - or at least that how I rationalize the logic here.
by Amm0
Mon Sep 16, 2024 1:22 am
Forum: Wireless Networking
Topic: Ax3 WiFi ignores access list [SOLVED]
Replies: 6
Views: 702

Re: Ax3 WiFi ignores access list [SOLVED]

The interface or SSID to which connections should be denied is not specified. It worked well this way on HAP ac2. But i tried to specify interfaces in each entry- still ignored. The key is you need one that to be matched, just accept without ANYTHING will get skipped - or at least that's what I've ...
by Amm0
Sat Sep 14, 2024 9:52 pm
Forum: Scripting
Topic: Baffled by global variable behavior in scripting
Replies: 1
Views: 368

Re: Baffled by global variable behavior in scripting

It's just odd. But this is the documented behavior for recent versions: policy - policy that grants user management rights. Should be used together with the write policy. Allows also to see global variables created by other users (requires also 'test' policy). (from https://help.mikrotik.com/docs/di...
by Amm0
Fri Sep 13, 2024 10:23 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1289
Views: 239543

Re: 📣 WinBox 4 is here 📣

And all Cyrillic comments are unreadable in WinBox 4 It seems that winbox4 uses UTF-8 (finally), just like (probably) your web browser running webfig. True. But PSA there is still only one config that store things... And config just stores the bytes as provided from whatever UI/CLI. So can enter Cy...
by Amm0
Fri Sep 13, 2024 5:22 pm
Forum: Scripting
Topic: Syntax highlighting and completions for Sublime Text
Replies: 44
Views: 87531

Re: Syntax highlighting and completions for Sublime Text

I'm looking to significantly improve the syntax definition for ST4 to provide context-aware completions and wonder if someone from the MikroTik team could reach out to me and provide a full list of commands w/ parameters. As I understand some packages are only available on certain hardware and I on...
by Amm0
Fri Sep 13, 2024 5:13 pm
Forum: Scripting
Topic: check netwatch with api
Replies: 2
Views: 1176

Re: check netwatch with api

And the 2nd example would need to use a POST, not a GET (which is curl's default HTTP method). In RouterOS REST API, the POST method mimics the native API. For curl you need a "-X POST" to use the more CLI commands like print: curl -k -u admin:password - X POST https://192.168.88.1:443/res...
by Amm0
Fri Sep 13, 2024 5:06 pm
Forum: Scripting
Topic: cUrl->tool fetch
Replies: 1
Views: 330

Re: cUrl->tool fetch

Good afternoon. I ask for help in adapting the script. curl -X 'POST' \ 'https://wappi.pro/api/sync/message/send?profile_id=a53331f5-8845' \ -H 'accept: application/json' \ -H 'Authorization: 5232ab589f823063605b0274d3d3031d83ea841' \ -H 'Content-Type: text/plain' \ -d '{ "recipient": &qu...
by Amm0
Fri Sep 13, 2024 4:51 pm
Forum: General
Topic: RouterOS CHR limits bandwidth to ~400Mbit....
Replies: 25
Views: 1389

Re: RouterOS CHR limits bandwidth to ~400Mbit....

Which again points at CHR itself rather than at virtualization platform.
Yup. I'd look at the CPU usage on the Proxmox host, if CPU is low there, but CHR is high... you should increase the CPU cores assigned to CHR. Or perhaps memory too.
by Amm0
Fri Sep 13, 2024 4:37 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1289
Views: 239543

Re: 📣 WinBox 4 is here 📣

Great work, very creative solution to "dropdown vs tabs". Yes, and that one will stay for now. As seen in the thread, it is a much more divisive topic, than main window Tabs Are you sure? I'm just not sure there are that many fan of the "webfig-like dialogs". While the minority, ...
by Amm0
Fri Sep 13, 2024 3:51 pm
Forum: Announcements
Topic: Newsletter #114 | September 2023
Replies: 80
Views: 18376

Re: Newsletter #114 | September 2023

Mikrotik typically* does list CA bands in the "Brochure" of LTE products. And 2 x B3 is consistent with those specs for FG621 modem (e.g. new R11eL-FG621-EA) : Screenshot 2024-09-13 at 5.45.36 AM.png * except on the modem itself, see https://mikrotik.com/product/r11el_fg621_ea#fndtn-downlo...
by Amm0
Fri Sep 13, 2024 3:15 am
Forum: Announcements
Topic: NEW FEATURE: Back to Home VPN
Replies: 353
Views: 330996

Re: NEW FEATURE: Back to Home VPN

i was trying with facebook messenger. teams , whatsapp and messenger - all working Well, the share link returns HTML that requires JavaScript. So if FB tries to "unfurl" (e.g. click the link, to summarize content for a message stream), the BTH link is only a redirect to the App Store with...
by Amm0
Fri Sep 13, 2024 12:10 am
Forum: Containers
Topic: Containers won't start after power loss
Replies: 8
Views: 7299

Re: Containers won't start after power loss

Yeah... And the "Start at boot" is kinda of "one-and-done" situation. If the disk ain't mounted, for any reason, container won't start. It's not just limited USB, but stuff like ROSE+NFS for containers you'll also see this sometimes (or at least I have, occasionally). A schedule ...
by Amm0
Thu Sep 12, 2024 11:50 pm
Forum: General
Topic: Plain rsync using rose package
Replies: 3
Views: 406

Re: Plain rsync using rose package

And there is no USB on the RB750G either. And, with only 1G RAM... using a ram-disk (that could be persist to SD) for rsync isn't likely going to work either. Found out that an sdcard it is not the best storage for what I need. Perhaps, but SD card do have different speed rating/classes. And... also...
by Amm0
Thu Sep 12, 2024 9:33 pm
Forum: General
Topic: ECMP recursive routes
Replies: 38
Views: 4895

Re: ECMP recursive routes

Well, learn something new. In OP example they are not the same, what is intended is to try to install forwarding path over ether1 twice and through ether2 once, leading to forwarding where ether1 is chosen twice as much as ether2. This is not going to work in v7, because, like I said previously, equ...
by Amm0
Thu Sep 12, 2024 4:24 pm
Forum: General
Topic: Plain rsync using rose package
Replies: 3
Views: 406

Re: Plain rsync using rose package

Rsync and SMB/NFS should work If you add ROSE package from the "extra-packages". And ROSE can access file an SD card for either "sharing" or plain rsync. SCP should work without ROSE since a native feature. Although SCP would use RouterOS credentials, not ROSE things. But... ther...
by Amm0
Thu Sep 12, 2024 3:51 am
Forum: Scripting
Topic: Scripting using /system telnet
Replies: 4
Views: 569

Re: Scripting using /system telnet

If the device support SSH, that could be an option (/system ssh-exec)... But there not same for telnet.
by Amm0
Wed Sep 11, 2024 10:43 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1289
Views: 239543

Re: 📣 WinBox 4 is here 📣

Not sure if anyone has mention, but with multiple winbox4 windows... they all appear as seperate icon in MacOS's launchbar. Normally multiple windows of an application, still only have one icon in the launchbar with the various window name showing in the context menu. The current "one icon per ...
by Amm0
Wed Sep 11, 2024 10:17 pm
Forum: General
Topic: Odd LTE issue
Replies: 13
Views: 919

Re: Odd LTE issue

In easy things to try... setting the mode to "IPv4" instead "auto" in the APN is worth a shot. Somehow there is an IPv6 DNS query that got responded in the sniff above... so I wonder what the mode setting is actually worth :D Yeah I saw the IPv6 in the torch ;) (that, and some L...
by Amm0
Wed Sep 11, 2024 9:35 pm
Forum: General
Topic: Odd LTE issue
Replies: 13
Views: 919

Re: Odd LTE issue

I guess tend to believe the modem is providing the funky IP address based on what's coming from the carrier... and RouterOS is just passing it along. Adding "lte" as log topic will shows how the LTE data session setup in the log, which I suspect might have some clues here. I'm not the expe...
by Amm0
Wed Sep 11, 2024 8:43 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1289
Views: 239543

Re: 📣 WinBox 4 is here 📣

The software engineer in me dreams of a more fully-featured script editing window with line numbers and maybe even syntax highlighting :) Or, perhaps just even mouse navigation support in the existing Terminal window... i.e. click/scroll in the terminal window when the CLI "edit" is shown...
by Amm0
Wed Sep 11, 2024 4:55 am
Forum: General
Topic: Suggestion to MikroTik - market verticals
Replies: 14
Views: 948

Re: Suggestion to MikroTik - market verticals

Tend to agree with @StubArea51 and others. But where I'd agree with OP is the area of "policy". It's often not granular/flexible enough to deal with some kinds of deployment (i.e. where you might have some "customer" account as well as the "admin" one). And while "...
by Amm0
Wed Sep 11, 2024 3:49 am
Forum: The Dude
Topic: Alert with the Dude
Replies: 1
Views: 559

Re: Alert with the Dude

There are notifications in Dude that function like alerts: https://wiki.mikrotik.com/wiki/Manual:The_Dude_v6/Notifications (it's a two-step process... once to setup the notification mechanism/parameters, and another to apply that notification type to probe/device). Three way to do this: - You can us...
by Amm0
Tue Sep 10, 2024 6:36 pm
Forum: General
Topic: Odd LTE issue
Replies: 13
Views: 919

Re: Odd LTE issue

Not to go back to basics here... but I notice "EE" as the carrier. Is the APN set correctly? AFAIK, EE uses some funky scheme to configure the APN. See https://forum.mikrotik.com/viewtopic.php?p=747903&hilit=eesecure#p747903 (and make sure "Use Network APN" is unchecked when ...
by Amm0
Tue Sep 10, 2024 8:11 am
Forum: Scripting
Topic: The start parameter of the :find function
Replies: 6
Views: 520

Re: The start parameter of the :find function

IMO it's really the docs could be clearer. The example shows a -1, so they give you the clue at least...clarity be better. In formal sense, the <start> is exclusive of itself, so it mean "search- after -this-index" or "start-after=-1:... and next number after -1 is 0, which is the sta...
by Amm0
Tue Sep 10, 2024 5:16 am
Forum: RouterBOARD hardware
Topic: LtAP mini external antenna ....querie !
Replies: 9
Views: 2813

Re: LtAP mini external antenna ....querie !

To come back to your discussion: The ltap mini needs 2 cable to the antenne for better performance ? Thamks J. Almost certainly* an external antenna would help. Mikrotik does sell the parts, see https://cdn.mikrotik.com/web-assets/product_files/guide_wapr_180135.pdf (while show wAP, LtAP mini have ...
by Amm0
Tue Sep 10, 2024 4:37 am
Forum: Scripting
Topic: /tool fetch vs. :tool fetch and /ping vs. :ping
Replies: 5
Views: 475

Re: /tool fetch vs. :tool fetch and /ping vs. :ping

It's style. Internally, they function the same (at the top level, that is). To test that, /console/inspect allow scripting access to the stuff like CLI completion... so you can see both : and / result in the same number of options (and using / instead of : work same too). :put [:len [/console/inspec...
by Amm0
Tue Sep 10, 2024 2:13 am
Forum: General
Topic: RouterOS CHR limits bandwidth to ~400Mbit....
Replies: 25
Views: 1389

Re: RouterOS CHR limits bandwidth to ~400Mbit....

Or just spin a CHR on the same prox host without any config just with BTest server, can't see a reason why it can take more than 2 minutes to do so True. But guess all path will still show half. I'll bet that CHR is using E1000 emulated network card, since AFAIK that's the default for a new VM. I h...
by Amm0
Tue Sep 10, 2024 1:49 am
Forum: General
Topic: RouterOS CHR limits bandwidth to ~400Mbit....
Replies: 25
Views: 1389

Re: RouterOS CHR limits bandwidth to ~400Mbit....

Unfortunately RouterOS does not allow me to run a speedtest and the proprietary "Bandwidth Test" is pretty annoying because I'd need another instance somewhere which for one I do not have and also does not give me same results as just the speedtest CLI test. Another forum member runs as p...
by Amm0
Tue Sep 10, 2024 1:28 am
Forum: General
Topic: CCR2004 as ZeroTier VPN concentrator
Replies: 5
Views: 485

Re: CCR2004 as ZeroTier VPN concentrator

I 100% agree with @larsa. Although have not specifically tried a CCR2004...but most of performance comes from the switch chip, not the CPU. And CPU is needed for ZT, or even WG AFAIK. As @larsa importantly notes RouterOS is both older version and lacks the full range of configuration options, that l...
by Amm0
Mon Sep 09, 2024 11:50 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1289
Views: 239543

Re: 📣 WinBox 4 is here 📣

A combo of windows that used to be tabs can now be seen at same time . Very powerful if used with workspaces. You need to get past the initial jarring effect of change first. Then all will become clearer. Going back to old ways is not the way forward. +1, agree. They just don't go far enough... sin...
by Amm0
Mon Sep 09, 2024 10:11 pm
Forum: Scripting
Topic: The start parameter of the :find function
Replies: 6
Views: 520

Re: The start parameter of the :find function

Is this designed to be like this? Yes. RouterOS uses 0-based indexes for variables/array/string, so -1 is before the first is logical. But... totally agree the docs are vague on find's parameters. Especially since params are different if "find" is an operator on a command (instead of a va...
by Amm0
Mon Sep 09, 2024 7:21 pm
Forum: General
Topic: www-ssl secure?
Replies: 5
Views: 527

Re: www-ssl secure?

@mkx my main point was the password storage is likely a better issue (assuming one is using "www-ssl" and not "www"). The example shows credentials stored inside the script, which I think is bad practice... For Linux .netrc is good suggestion. But I think OP is using Windows Powe...
by Amm0
Mon Sep 09, 2024 5:53 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1289
Views: 239543

Re: 📣 WinBox 4 is here 📣

Few more minor issues: - On first login screen, the "Neighbors" has checkboxes next to them but they do nothing. i.e. if one is checked, it does NOT become the "Connect to". And allows multiple ones to be selected, but again no actions other than a checkmark showing in UI. - In I...
by Amm0
Mon Sep 09, 2024 12:22 am
Forum: General
Topic: www-ssl secure?
Replies: 5
Views: 527

Re: www-ssl secure?

... it seems you're using www-ssl, so this shouldn't be an issue. Agree that best you can do. Password should be encrypted (at least to key size of certificate used for it) But I'd add it's important to consider the calling script has the username/password stored in it... so the script file should ...
by Amm0
Mon Sep 09, 2024 12:02 am
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1289
Views: 239543

Re: 📣 WinBox 4 is here 📣

I actually like the "single EXE" approach for winbox since in a lot of case that's often "less friction" than dealing with any package manager. So Mikrotik initial approach makes sense to me, especially for a management tool, in beta... That be said, I just also like some standar...
by Amm0
Sat Sep 07, 2024 9:10 pm
Forum: The Dude
Topic: Tracking and Visualizing Device Uptime and Downtime in MikroTik Dude
Replies: 2
Views: 1105

Re: Tracking and Visualizing Device Uptime and Downtime in MikroTik Dude

Not sure if we can generate reports in any way using Dude or via ROS API . You struck one of the biggest limitation in Dude. While the Dude excels at being able to track things, esp RouterOS devices since it can use the binary winbox protocol (which likely more efficient than SNMP). Getting data ou...
by Amm0
Sat Sep 07, 2024 8:13 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1289
Views: 239543

Re: 📣 WinBox 4 is here 📣

Along those lines... I'd add a request for "branding kit support", to say apply a custom logo (or remove any logo) inside winbox4 once logged into a router?
by Amm0
Sat Sep 07, 2024 8:09 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1289
Views: 239543

Re: 📣 WinBox 4 is here 📣

Suggestions: - make the state files (settings, addresses, workspaces) human-readable e.g. by using JSON or XML format instead of binary - make the location of workspace files configurable, including having files sent to the managed router itself (as a file in the flash) +1, especially "as a fi...
by Amm0
Sat Sep 07, 2024 7:55 pm
Forum: Beginner Basics
Topic: Add alternate route
Replies: 6
Views: 742

Re: Add alternate route

I just noticed router1 and router2 are the same room... https://i.ibb.co/QvtD7FP/Network-2.jpg But the same approach would work to keep pure Layer3 static routing, just without GRE between Router1 and Router2 Router1 /interface/gre add name=gre2 local-address=<local-wanip> remote-address=<router2-wa...
by Amm0
Sat Sep 07, 2024 6:52 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1289
Views: 239543

Re: 📣 WinBox 4 is here 📣

> Linux distribution users wish for better distribution methods (unclear, many say current way is OK!) [...] Having it on Flathub would definitely simplify things - you could even link the Qt libraries dynamically, to reduce update size but that's not as important. There are a lot of Linux distro m...
by Amm0
Sat Sep 07, 2024 6:11 am
Forum: Beginner Basics
Topic: Add alternate route
Replies: 6
Views: 742

Re: Add intermediate route

I have done the above, What i am asking is, can i add alternate route, so that if one of the two GRE Tunnel is down due to internet down because of ISP then i can reach 2nd router through 1st router from 3rd Router I have edited the image so people can understand my question easily It actually the ...
by Amm0
Sat Sep 07, 2024 4:54 am
Forum: Useful user articles
Topic: WinBox for MacOS ??
Replies: 48
Views: 21371

Re: WinBox for MacOS ??

In case anyone on this thread did not see the WinBox4 beta announcement...
📣 WinBox 4 is here 📣"

So there is now a native MacOS WinBox. Still no native MacOS netinstall-cli or btest.exe however...
by Amm0
Fri Sep 06, 2024 10:50 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1289
Views: 239543

Re: 📣 WinBox 4 is here 📣

Very minor. . But in LTE firmware upgrade/check sections, the error message appears at bottom. And, the "Starting" part is not cleared upon an error. Screenshot 2024-09-06 at 11.30.13 AM.png It seems the new style error/status just below the status (which I like), but the LTE does not fol...
by Amm0
Fri Sep 06, 2024 10:18 pm
Forum: General
Topic: tool fetch xml [SOLVED]
Replies: 6
Views: 699

Re: tool fetch xml [SOLVED]

Since `curl` defaults to GET, and that works... my guess is some escaping issue in the URL - as OP show just "<some command string>" ...while the URL itself shouldn't require any escaping as shown... depending what in the ?query params part, that may need escaping. So I'd try putting quote...
by Amm0
Fri Sep 06, 2024 8:24 pm
Forum: General
Topic: Convert script to create in terminal
Replies: 4
Views: 449

Re: Convert script to create in terminal

The escaping does get tricky.

You can also use "/system/script export where name=XXXX" to get the "escaped form" of any script (and then cut-and-paste that as needed).
by Amm0
Fri Sep 06, 2024 5:46 pm
Forum: General
Topic: Odd LTE issue
Replies: 13
Views: 919

Re: Odd LTE issue

From where, remotely, or via the LAN/Wi-Fi? By default, ether1 accepts internet via DHCP, so it is NOT a LAN port. Only ether2 will give you LAN address. If it's remote, well, it depends on your LTE carrier/plan. A lot of cell carriers don't allow incoming ports (CGNAT)... so if your trying to get t...
by Amm0
Fri Sep 06, 2024 4:39 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1289
Views: 239543

Re: 📣 WinBox 4 is here 📣

Noticed when connecting to a wAPRac running 7.14.3, from a MacOS 14.6.1 (X86), the ZeroTier icon appears same as Wireguard icon. Other systems seems to correctly show blue-styled ZT logo. This has happened on beta3 and beta4. Screenshot 2024-09-06 at 6.11.21 AM.png Also, in Beta4 resizing the window...
by Amm0
Fri Sep 06, 2024 3:03 am
Forum: General
Topic: VRRP on Hyper-V instance ROS 7.15.3 not working (MAC Spoofing enabled)
Replies: 11
Views: 1301

Re: VRRP on Hyper-V instance ROS 7.15.3 not working (MAC Spoofing enabled)

Answering own question: 1. Set bridge port passed-though off vswitch frame types to admit tagged-only 2. Set bridge frame types to admit all, set PVID to the desired VLAN for VRRP packets 3. In bridge/vlans add desired VLAN to list, add bridge as untagged, port as tagged Perhaps post at least some ...
by Amm0
Fri Sep 06, 2024 2:42 am
Forum: Announcements
Topic: Updated btest.exe available for download
Replies: 21
Views: 65393

Re: Updated btest.exe available for download

UDP figures are pretty wrong in this application. You may need to lower the 2 Local/Remote UDP Tx packet size... If MTU is not 1500 along the whole, it will fragment packets which gets you a slower test result for UDP. Now the better question is when there will be an updated "btest.exe" f...
by Amm0
Fri Sep 06, 2024 2:35 am
Forum: Beginner Basics
Topic: LTE DYNAMIC PUBBLIC ADDRESS
Replies: 4
Views: 499

Re: LTE DYNAMIC PUBBLIC ADDRESS

You'd need to enable DDNS in /ip/cloud on the LTE device, then use that DNS name (snXXXX.mynetname.net) in the Dude device configuration. In Dude device, there is setting to say use DNS for IP, instead of IP that needs to be also be set in addition to the DNS name.
by Amm0
Thu Sep 05, 2024 10:41 pm
Forum: General
Topic: DHCP is offered but not bound to Brother printers only [SOLVED]
Replies: 36
Views: 2244

Re: DHCP is offered but not bound to Brother printers only [SOLVED]

It might be worth it (or at least simple) to try 7.16rc, as there were DHCP fixes in the release notes.

Cannot say your problem is what's fixed, but if it does then it's a bug in 7.15.3. If not, then running the sniffer might help figure out what/if anything the printer is sending.
by Amm0
Thu Sep 05, 2024 9:17 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1289
Views: 239543

Re: 📣 WinBox 4 is here 📣

Just don't be too harsh on us yet, first, let's celebrate that it's finally the day! I'm sure it was an enormous effort to get it this good for a beta. It did come out great for an early beta! While, I've not been a fan of this multiyear effort, because it is the Dude that needs a refresh... Now, I...
by Amm0
Wed Sep 04, 2024 7:27 pm
Forum: General
Topic: new-mss VS. clamp-to-pmtu with v7
Replies: 10
Views: 1459

Re: new-mss VS. clamp-to-pmtu with v7

Thanks @Amm0, your responses are always so clear and full of great information! This article has a lot of good info WG recommendations from ProCustodibus, specifically on MSS clamping: https://www.procustodibus.com/blog/2022/12/wireguard-performance-tuning/#mss-clamping They recommend the follow &q...
by Amm0
Wed Sep 04, 2024 6:23 am
Forum: General
Topic: new-mss VS. clamp-to-pmtu with v7
Replies: 10
Views: 1459

Re: new-mss VS. clamp-to-pmtu with v7

This all assumes the WAN used by WG on BOTH sides is 1500 MTU. It "most of the time" is 1500, so WG's 1420 MTU is right. But... for example, some PPPoE deployments might uses 1492 as MTU - which mean WG should be lower by 8 bytes.... This then effects the "manual" way of specify ...
by Amm0
Tue Aug 27, 2024 11:36 pm
Forum: Wireless Networking
Topic: wAP R - LTE interface fails at PIN "searching" state - v6 and v7
Replies: 1
Views: 343

Re: wAP R - LTE interface fails at PIN "searching" state - v6 and v7

I'd make sure the RouterBOOT matches the version you're using, that's in /system/routerboard. AFAIK, netinstall does not upgrade the bootloader.
by Amm0
Tue Aug 27, 2024 6:04 am
Forum: Forwarding Protocols
Topic: IP Directed Broadcast In CISCO Equivalent In Mikrotik
Replies: 12
Views: 1990

Re: IP Directed Broadcast In CISCO Equivalent In Mikrotik

I'm not sure there is an "equivalent". While the Linux kernel has "bc_forwarding" sysctl that is the linux version of cisco's "ip directed-broadcast". But... RouterOS does not directly expose the sysctl, and I'd imagine it's disabled by default per RFC2644 inside Router...
  • 1
  • 2
  • 3
  • 4
  • 5
  • 15