Community discussions

Search found 1039 matches

  • 1
  • 2
  • 3
  • 4
  • 5
  • 21
by Jotne
Wed Jun 19, 2019 7:28 pm
Forum: Scripting
Topic: Work with file txt
Replies: 3
Views: 142

Re: Work with file txt

Script should do? Can you post an example line of what you see int the log that you need? Here is an example of DHCP request with debug enabled: dhcp,debug,packet MikroTik: DHCP-vlan20-Guest received request with id 3566786364 from 0.0.0.0 dhcp,debug,packet MikroTik: secs = 3 dhcp,debug,packet Mikro...
by Jotne
Wed Jun 19, 2019 5:43 pm
Forum: Scripting
Topic: Work with file txt
Replies: 3
Views: 142

Re: Work with file txt

Here you find the script that converts dynamic DHCP to static automatically. https://forum.mikrotik.com/viewtopic.php?t=147251 Instead of writing it to a file, I send it out as syslog to Splunk. This way I can analyze what it going on and when later. Look at my signature for logging Mikrotik using S...
by Jotne
Wed Jun 19, 2019 12:52 pm
Forum: Scripting
Topic: Select rule exact match by fields
Replies: 2
Views: 102

Re: Select rule exact match by fields

It not clear what you request is.

Commands gives you what you ask for, så what do you need as an output, from what input?
by Jotne
Tue Jun 18, 2019 11:19 pm
Forum: Scripting
Topic: Hotspot user start time
Replies: 1
Views: 76

Re: Hotspot user start time

Can you post the output of
/ip hotspot user print detail
Just to see how its listed there.
by Jotne
Tue Jun 18, 2019 9:46 pm
Forum: Scripting
Topic: Script to add IP of failed IPSEC login to block list
Replies: 28
Views: 1071

Re: Script to add IP of failed IPSEC login to block list

Hi, why not see IP added block Ipsec list? Not sure what you asking? Am I right in thinking your script is designed to catch this type of negotiation failed vs somebody trying to VPN with no secret or credentials? Script was made up from a simple test, not trough testing all possibility. It may be ...
by Jotne
Tue Jun 18, 2019 3:04 pm
Forum: Scripting
Topic: Script to add IP of failed IPSEC login to block list
Replies: 28
Views: 1071

Re: Script to add IP of failed IPSEC login to block list

7d does not work, max 24h, since field is just hour.

Did you try then end of line $?
:local loglist [:toarray [/log find message~"negotiation failed.\$"]]
by Jotne
Tue Jun 18, 2019 3:00 pm
Forum: Beginner Basics
Topic: single IP constantly trying to log to my Mikrotik
Replies: 33
Views: 1195

Re: single IP constantly trying to log to my Mikrotik

Or just use [image] tag ( [image=WIDTH(%)]URL[/image] ), that allows scaling images so it isnt displayed in the whole screen, like this: Dont post URL. My thread (Splunk for MT) stoped working since one person posted URL to a photo that was later removed and any who visited the thread was asked to ...
by Jotne
Tue Jun 18, 2019 2:47 pm
Forum: General
Topic: hap lite classic "mode" button?
Replies: 18
Views: 4588

Re: hap lite classic "mode" button?

That explain some. Having this in gui would help. Bu still button does not do anything on my hap lite. [admin@MikroTik] > /system script print Flags: I - invalid 0 name="test-script" owner="admin" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon dont-require-permissions=no run...
by Jotne
Tue Jun 18, 2019 1:20 pm
Forum: Beginner Basics
Topic: single IP constantly trying to log to my Mikrotik
Replies: 33
Views: 1195

Re: single IP constantly trying to log to my Mikrotik

Som feedback to you vecernik87.
Always post image on the forum, not a link. I have had several problems when original site of photo goes away and we loose the original.
So use Attachments :)

Here is your feedback photo.
feedback.png
by Jotne
Tue Jun 18, 2019 1:07 pm
Forum: Scripting
Topic: Perform an action after X times link loss
Replies: 1
Views: 69

Re: Perform an action after X times link loss

How does the log looks like when it goes down?

You can then search every 5 min for the message in the log.
Increment a counter every time.
Then do some action after 5 times.

But this is the treatment of the symptoms and not of the cause, why should a reboot help?
by Jotne
Sun Jun 16, 2019 11:40 pm
Forum: Scripting
Topic: Scripting - FIND with Wildcard
Replies: 9
Views: 7666

Re: Scripting - FIND with Wildcard

ros code

:foreach i in [/interface ethernet find comment=~"^BP:.*\$"] do={
 :put "test"
}
PS script does not work with both ~ and =

So it should be:
:foreach i in [/interface ethernet find comment~"^BP:.*\$"] do={
 :put "test"
}
by Jotne
Sun Jun 16, 2019 9:11 pm
Forum: Scripting
Topic: Script to add IP of failed IPSEC login to block list
Replies: 28
Views: 1071

Re: Script to add IP of failed IPSEC login to block list

I see now what is going on. There are more then one type of negotiation failed. Message with time out does not contain IP, so there are nothing to add to access list. This should only get line with IP. Search for both negotiation failed and src_ip [ :local loglist [:toarray [/log find (message~"nego...
by Jotne
Sun Jun 16, 2019 4:05 pm
Forum: Scripting
Topic: Script to add IP of failed IPSEC login to block list
Replies: 28
Views: 1071

Re: Script to add IP of failed IPSEC login to block list

IP does come from the message. So if there are no IP, no IP will be shown. I do see only IP, so it may be som wrong with your IPSec setup. What do you get from this? (it show the message from the log as well) [ :local loglist [:toarray [/log find message~"negotiation failed"]] :foreach i in=$loglist...
by Jotne
Sun Jun 16, 2019 12:43 pm
Forum: General
Topic: hap lite classic "mode" button?
Replies: 18
Views: 4588

Re: hap lite classic "mode" button?

PS I can not get the mode button to work on hAP Lite. OS = 6.44.3 RB941-2nd Tested various script and also this: /system script add name=test-script source={:log info message=("1234567890");} /system routerboard mode-button set on-event=test-script /system routerboard mode-button set enabled=yes Mod...
by Jotne
Sun Jun 16, 2019 12:33 pm
Forum: Scripting
Topic: Quick help for short code line
Replies: 10
Views: 469

Re: Quick help for short code line

This script does work fin on my hap lite :if ([/interface get wlan1 disabled ]=false && [/interface wireless registration-table print as-value count-only]=0) do={ :log info message="No more clients, shutting down interface" /interface wireless disable wlan1} Schedule it to run every 5m and it should...
by Jotne
Sun Jun 16, 2019 12:30 pm
Forum: General
Topic: hap lite classic "mode" button?
Replies: 18
Views: 4588

Re: hap lite classic "mode" button?

Can you help me with the same script but for disable/enable only one of the wireless interfaces? ex. wlan2
This should do:
:if ([/interface get  wlan2 disabled ]=false) do={
	/interface wireless disable wlan2} else={
	/interface wireless enable wlan2}
by Jotne
Sun Jun 16, 2019 11:50 am
Forum: Scripting
Topic: Script to add IP of failed IPSEC login to block list
Replies: 28
Views: 1071

Re: Script to add IP of failed IPSEC login to block list

you are getting the line id, they looks like this: *lb60;*lb61;*lb62" so that is correct. You should read trough the script manual and try to learn scripts. Start with these pages: https://wiki.mikrotik.com/wiki/Manual:Scripting https://wiki.mikrotik.com/wiki/Scripts https://wiki.mikrotik.com/wiki/M...
by Jotne
Sun Jun 16, 2019 3:29 am
Forum: Scripting
Topic: Script to add IP of failed IPSEC login to block list
Replies: 28
Views: 1071

Re: Script to add IP of failed IPSEC login to block list

You get nothing since find does not fin anything. Try this, should get all message with a in it. [ :local list [:toarray [/log find message~"a"]] :put "ID-List" :put $list :put "" :put "Log lines" :foreach i in=$list do={ :put [/log print as-value where .id=$i]} ] To test ting out, try a command wit...
by Jotne
Sat Jun 15, 2019 9:02 pm
Forum: Scripting
Topic: Script to add IP of failed IPSEC login to block list
Replies: 28
Views: 1071

Re: Script to add IP of failed IPSEC login to block list

Not sure whats goes wrong. But the code is correct. It represent ID number of the lines that represent what it finds. This is the way all script works in MT, Try this and see the ID with the log lines. [ :local list [:toarray [/log find time>([/system clock get time] - 24h) message~"negotiation fail...
by Jotne
Sat Jun 15, 2019 12:44 am
Forum: Scripting
Topic: Script to duplicate speeds in queue list
Replies: 7
Views: 275

Re: Script to duplicate speeds in queue list

Then you need two script

One run at 10:00 p.m. and another at 06:00 a.m.
:foreach i in=[/queue simple find] do={
/queue simple set $i max-limit= "512000/3076000";
}
:foreach i in=[/queue simple find] do={
/queue simple set $i max-limit= "256000/3076000";
}
by Jotne
Fri Jun 14, 2019 11:30 pm
Forum: Scripting
Topic: Script to duplicate speeds in queue list
Replies: 7
Views: 275

Re: Script to duplicate speeds in queue list

For all queues?
Do all queues have same max-limit?
by Jotne
Fri Jun 14, 2019 10:41 pm
Forum: Scripting
Topic: Script to duplicate speeds in queue list
Replies: 7
Views: 275

Re: Script to duplicate speeds in queue list

You are using the if wrong.

Try this:
:foreach i in=[/queue simple find] do={
:if ([/queue simple get $i max-limit] ="256000/2048000"] ) do={
/queue simple set $i max-limit= "512000/3076000";
}
}
This will teste every queue if the max-limit are "256000/2048000", and if so, do:
by Jotne
Fri Jun 14, 2019 9:32 pm
Forum: Beginner Basics
Topic: single IP constantly trying to log to my Mikrotik
Replies: 33
Views: 1195

Re: single IP constantly trying to log to my Mikrotik

/ip firewall raw add action=drop src-address=141.98.80.115
Does not work. You need to tell what chain to use. example.
/ip firewall raw add action=drop src-address=141.98.80.115 chain=input
by Jotne
Fri Jun 14, 2019 5:16 pm
Forum: Scripting
Topic: Script to disable interface
Replies: 2
Views: 144

Re: Script to disable interface

Command should be some like this:
/interface ethernet disable ether1
/interface ethernet enable ether1
/interface ethernet disable {name of interface}
by Jotne
Fri Jun 14, 2019 5:11 pm
Forum: Scripting
Topic: Script to add IP of failed IPSEC login to block list
Replies: 28
Views: 1071

Re: Script to add IP of failed IPSEC login to block list

Try to run the script from cli Output is to cli not to log in this version. Also changed to last 24h [ # Find all "negotiation failed" error last 5 min :local loglist [:toarray [/log find time>([/system clock get time] - 24h) message~"negotiation failed"]] # for all error do :foreach i in=$loglist d...
by Jotne
Fri Jun 14, 2019 3:46 pm
Forum: Scripting
Topic: Script to add IP of failed IPSEC login to block list
Replies: 28
Views: 1071

Re: Script to add IP of failed IPSEC login to block list

First part can not be copy/pasted directly to cli. You ned from Web or Winbox, create a script, then copy/past the first part to the script. Here is a version you can copy/past from cli (much harder do read and understand) /system script add dont-require-permissions=no name=Find_IPSEC_negotian_faile...
by Jotne
Fri Jun 14, 2019 3:22 pm
Forum: Scripting
Topic: Help to simplify address log script
Replies: 0
Views: 81

Help to simplify address log script

I have a script to get all address list with number of dynamic and static entries like this: (comments added to be able to understand it :) ) [ # Sett arryays to empty string to declare them # This holds unique name of lists :local array [ :toarray "" ] # Used to count dynamic address list :local ad...
by Jotne
Fri Jun 14, 2019 12:46 am
Forum: Announcements
Topic: v6.45beta [testing] is released!
Replies: 287
Views: 57543

Re: v6.45beta [testing] is released!

If you can see this system info in the cli, you can easily send it out to a monitor system using script and Syslog. I have stopped using SNMP, since for every new unit I setup, I have to tell the system that there are a nye Router/Switch, or have a program that scan a net. Scanning net does not work...
by Jotne
Thu Jun 13, 2019 1:54 pm
Forum: Useful user articles
Topic: Using Splunk to analyse MikroTik logs 2.6 (Graphing everything) Topic is solved
Replies: 152
Views: 42382

Re: Using Splunk to analyse MikroTik logs 2.6 (Graphing everything) Topic is solved

Updated section 2f) Script updated to collect and show how many dynamic/static address lists entry there are. Eks output script,info MikroTik: script=address_lists list=rdp_stage2 dynamic=24 static=0 script,info MikroTik: script=address_lists list=rdp_stage1 dynamic=28 static=0 script,info MikroTik:...
by Jotne
Wed Jun 12, 2019 6:18 pm
Forum: Scripting
Topic: find in log "assigned" or "deassigned" IP by dhcp
Replies: 7
Views: 328

Re: find in log "assigned" or "deassigned" IP by dhcp

Post line you try to run.
by Jotne
Wed Jun 12, 2019 6:17 pm
Forum: Scripting
Topic: Script to disable Wlan when no user are logged on
Replies: 3
Views: 199

Re: Script to disable Wlan when no user are logged on

assigned the mode button to switch wlan on or off, and now I would like the router to disable wlan when all users have disconnected from wlan.
Can you post this script?
by Jotne
Wed Jun 12, 2019 6:02 pm
Forum: Scripting
Topic: Enlist hotspot user profiles
Replies: 4
Views: 259

Re: Enlist hotspot user profiles

You did miss where [ :local list [/ip hotspot user profile find where name~"^[dD]"] :local nameList; :foreach u in=$list do={ :set nameList ($nameList, [/ip hotspot user profile get $u name]) } :put $nameList ] PS you can not use regex (?i) to search with case sensitive off. MT if your read this, pl...
by Jotne
Mon Jun 10, 2019 5:49 pm
Forum: Useful user articles
Topic: Using Splunk to analyse MikroTik logs 2.6 (Graphing everything) Topic is solved
Replies: 152
Views: 42382

Re: Using Splunk to analyse MikroTik logs 2.6 (Graphing everything) Topic is solved

Updated section 2c regarding Log prefix . NB Do not use more than 20 charters, or else it start to clip other part of the log firewall,info MikroTik: 123456789012345678901234567890 : in:ether1-Wan ... firewall,info MikroTik: 1234567890123456789012345 forwa: in:ether1-Wan ... firewall,info MikroTik: ...
by Jotne
Mon Jun 10, 2019 2:56 pm
Forum: Beginner Basics
Topic: Block IP adress trying to access RDP
Replies: 10
Views: 531

Re: Block IP adress trying to access RDP

I do use a different port than 3389. Then I have a bruteforce access list some alike above. 3 RDP session in the same 5 min, send it to black list. After that I have a generic block list. If some tries any non open port, block for 24 hour. Last I have a port knocking that will add my IP to a white l...
by Jotne
Mon Jun 10, 2019 2:16 pm
Forum: General
Topic: Looking for a simple Firewall filter rules for giving the internet access to the known MAC addresses [SOLVED]
Replies: 7
Views: 317

Re: Looking for a simple Firewall filter rules for giving the internet access to the known MAC addresses [SOLVED]

in that case, he'll have to guess/sniff the authentication username and password instead, but unlike the MAC address, these can be changed for the legal users if they leak. If I am not wrong, the 802.1x communication goes encrypted so to see username and password should be hard. This can even be co...
by Jotne
Mon Jun 10, 2019 2:10 pm
Forum: Scripting
Topic: how to get .id via python
Replies: 5
Views: 253

Re: how to get .id via python

print gives names, find gives id.

In cli you can get id with this command
/ip firewall address-list find
The see the id
:put [/ip firewall address-list find]
by Jotne
Mon Jun 10, 2019 11:37 am
Forum: General
Topic: Traffic monitor with Telegram report
Replies: 11
Views: 3174

Re: Traffic monitor with Telegram report

@ploquets

You can remove the ; at the end of all script lines.
Its not needed anymore. Only when having more than one command at the same line.
by Jotne
Mon Jun 10, 2019 11:02 am
Forum: Scripting
Topic: Enlist hotspot user profiles
Replies: 4
Views: 259

Re: Enlist hotspot user profiles

This will get all user starting with m or M inn to array list :local list [:toarray [/ip hotspot user find where (name~"^m" || name~"^M")]] To see if it get correct user try this: :put [/ip hotspot user print where (name~"^m" || name~"^M")] To test it out the code, copy and past this to cli [ :local...
by Jotne
Mon Jun 10, 2019 10:26 am
Forum: Scripting
Topic: Script to add IP of failed IPSEC login to block list
Replies: 28
Views: 1071

Script to add IP of failed IPSEC login to block list

When a user tries IPSEC, but does not have correct credential, a message like this will be logged "negotiation failed" This script take the IP from this attempt and add it to a block list to prevent multiple login attempt. (Blocked out) script name: Find_IPSEC_negotian_failed # Created Jotne 2019 v1...
by Jotne
Mon Jun 10, 2019 9:58 am
Forum: General
Topic: Looking for a simple Firewall filter rules for giving the internet access to the known MAC addresses [SOLVED]
Replies: 7
Views: 317

Re: Looking for a simple Firewall filter rules for giving the internet access to the known MAC addresses [SOLVED]

Here is the script I do use on my DHCP server (DHCP Lease script) It converts all DHCP lease to static lease and log a message. # Created Jotne 2019 v1.2 # # This script converts all DHCP release to static automatically # It should run on all routerOS version # Test if this is a Bound session and th...
by Jotne
Mon Jun 10, 2019 9:21 am
Forum: General
Topic: Burning the image of the routerboard to a flash disk from Linux
Replies: 2
Views: 285

Re: Burning the image of the routerboard to a flash disk from Linux

RouterOS does not support USB stick boot. Why? should not be to hard to implement. Maybe v7 solves this. Would be handy to install from an USB stick. I do not have CD/DVD drive around. Easy2Boot does NOT support RouterOS See List1d http://www.easy2boot.com/add-payload-files/list-of-tested-payload-fi...
by Jotne
Sun Jun 09, 2019 12:29 am
Forum: General
Topic: Some wrong with the forum or my post?
Replies: 3
Views: 256

Re: Some wrong with the forum or my post?

Ok, thanks.

This is why links to photo should be disabled, only allow uploaded photos.
by Jotne
Sat Jun 08, 2019 11:02 pm
Forum: General
Topic: Some wrong with the forum or my post?
Replies: 3
Views: 256

Some wrong with the forum or my post?

I have a long post here at the forum explaining Splunk with Mikroti. https://forum.mikrotik.com/viewtopic.php?f=23&t=137338 When I click it now, I am asked to log inn to h**ps://subirimagen.me Anyone else who sees this? What is it? I have not change anything on my post and there should not be extern...
by Jotne
Fri Jun 07, 2019 7:46 pm
Forum: Beginner Basics
Topic: DHCP reservation in or out of Pool/Scope?
Replies: 7
Views: 347

Re: DHCP reservation in or out of Pool/Scope?

On most sites I run internal DNS (on separate small server) ... so when I set static DHCP lease, I also add (by hand) that device to DNS system.
This you can do on the MT Router itself. No need for an external server.
by Jotne
Fri Jun 07, 2019 7:39 pm
Forum: Scripting
Topic: find in log "assigned" or "deassigned" IP by dhcp
Replies: 7
Views: 328

Re: find in log "assigned" or "deassigned" IP by dhcp

Using find prints the line id that can be used in other part of the script.

Try to replace find with print to get the line.
by Jotne
Fri Jun 07, 2019 7:37 pm
Forum: Scripting
Topic: Need help for running a script
Replies: 3
Views: 178

Re: Need help for running a script

Can you post the script?
by Jotne
Fri Jun 07, 2019 8:05 am
Forum: Beginner Basics
Topic: DHCP reservation in or out of Pool/Scope?
Replies: 7
Views: 347

Re: DHCP reservation in or out of Pool/Scope?

Its not clear what you want.

I convert all DHCP for my small net to static IP, then add DNS names for them. This way all units get the same IP all time and with a understandable name.
by Jotne
Thu Jun 06, 2019 10:38 pm
Forum: Scripting
Topic: find in log "assigned" or "deassigned" IP by dhcp
Replies: 7
Views: 328

Re: find in log "assigned" or "deassigned" IP by dhcp

From Telnet/SSH Cli, tupe :put and then what do. Eks print all log line that contains lo :put [ :toarray [ /log find where message~"lo"] Your OR work, but you can remove some parentheses. :local currentBuf [ :toarray [ /log find where (topics~"info" || topics~"dhcp" || message~"assigned" || message~...
  • 1
  • 2
  • 3
  • 4
  • 5
  • 21