Community discussions

Search found 139 matches

by Znuff
Sun Jun 17, 2018 4:59 pm
Forum: Announcements
Topic: VPNfilter official statement
Replies: 191
Views: 76371

Re: VPNfilter official statement

The recent large security redesigns flowed from the April 0-day. Normis even explicitly stated it, so you are discussing nothing new: Advisory: Vulnerability exploiting the Winbox port [SOLVED] I wasn't even aware of the 0-day exploit from APRIL. I only received the e-mail from MARCH stating that a...
by Znuff
Sun Jun 17, 2018 12:30 am
Forum: Announcements
Topic: VPNfilter official statement
Replies: 191
Views: 76371

Re: VPNfilter official statement

Security advisory emails were sent to all users that are in our database. The only e-mail I received was on 31st of March, with: It has come to our attention that a rogue botnet is currently scanning random public IP addresses to find open Winbox (8291) and WWW (80) ports, to exploit a vulnerabilit...
by Znuff
Fri Aug 21, 2015 12:39 am
Forum: General
Topic: RB750 - High latency on LAN
Replies: 3
Views: 1354

Re: RB750 - High latency on LAN

It's not an "ip conflict". CPU Usage is low (10-15% tops). I ping from router to lan and lan to router, same results. Like I said, this happens on 2 of the same boards (RB750), but in completely different setups (one is at home, one is at one of my clients). I am very much aware of what is behind th...
by Znuff
Thu Aug 20, 2015 1:46 pm
Forum: General
Topic: RB750 - High latency on LAN
Replies: 3
Views: 1354

RB750 - High latency on LAN

Is anyone seeing this issue? I have 2 x RB750 (legacy stuff) running either 6.29-6.31+ that show the same problem: after 1 or 2 hours, local latency is incredibly variable, anything from 10ms to 100ms. I've tried resetting the board to defaults. I've downgraded from 6.31 to 6.29 but the problem stil...
by Znuff
Wed Aug 12, 2015 4:21 pm
Forum: General
Topic: [Feature request] Client Band Select
Replies: 1
Views: 1596

Re: [Feature request] Client Band Select

I second this.

In high-density settings, "band steering" (ie: moving clients that connect to 2Ghz radios, but support 5Ghz, to the 5Ghz radio) is a godsend.

It's a shame that 3 years after this request was done, there is still no sign of such a feature in RouterOS.
by Znuff
Mon Apr 27, 2015 2:20 pm
Forum: General
Topic: Facebook Wifi
Replies: 38
Views: 16249

Re: Facebook Wifi

*bump* again

I'm sure that if Netgear and D-Link can do it, you guys can do it, too.
by Znuff
Sat Mar 21, 2015 6:52 pm
Forum: Announcements
Topic: hAP lite
Replies: 389
Views: 163317

Re: hAP lite

Would anyone be able to test the maximum amount of WiFi clients that this device can support? In real-life tests we concluded that 951 can handle at least 50 users connected simultaneously and still deliver ~30Mbps. I'm interested in this model as a device for hotel-wide WiFi setups, as a replacemen...
by Znuff
Mon Mar 09, 2015 10:34 am
Forum: General
Topic: Whatsapp Blockage
Replies: 8
Views: 1952

Re: Whatsapp Blockage

You will need to block c.whatsapp.net This is currently resolving to these IPs: # dig c.whatsapp.net ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6_6.1 <<>> c.whatsapp.net ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47757 ;; flags: qr rd ra; QUERY: 1, AN...
by Znuff
Sun Mar 08, 2015 8:32 pm
Forum: General
Topic: Would you be interested in...?
Replies: 8
Views: 1724

Re: Would you be interested in...?

No link, software is not "ready" for anyone else yet :)
by Znuff
Sun Mar 08, 2015 4:01 pm
Forum: General
Topic: VLANs & DHCP - help needed
Replies: 7
Views: 1213

Re: VLANs & DHCP - help needed

As VLANS are independent L2 domains there is no reason not to assign them same address ranges.
Yeah, there are.

It's a stupid thing to do. Just use different classes.

I don't understand why you would use 100-120 for vlan2 and 200-220 for vlan3 when they aren't even on the same subnet or vlan.
by Znuff
Sun Mar 08, 2015 3:47 pm
Forum: General
Topic: Would you be interested in...?
Replies: 8
Views: 1724

Re: Would you be interested in...?

My scenario assumes the following: - All your customer leases are on a single machine (we have a main gateway/server). - You are not using a transparent proxy (I am using this to redirect the clients to the "block" page) - Your clients are using fixed IPs (but assigned through DHCP) -- The webinterf...
by Znuff
Sun Mar 08, 2015 3:41 pm
Forum: General
Topic: Would you be interested in...?
Replies: 8
Views: 1724

Would you be interested in...?

I made a simple client administration interface for networks which use dhcp. Here are some pics of it in action: Full Client List: http://i.imgur.com/1noyZka.png Filtering works by typing anything in the search field (can it be mac address, name, ip, dhcp-server name etc.) http://i.imgur.com/Ssiap57...
by Znuff
Sun Dec 21, 2014 6:04 pm
Forum: Scripting
Topic: Help Needed - Performance Issues - How can I improve this?
Replies: 8
Views: 1592

Re: Help Needed - Performance Issues - How can I improve thi

Throws an error at line 6 :while ($i < [:len $aliases]) { -- nevermind, fixed that, there was a missing do={} But there's still an issue at :set server [:pick $aliases $i] ...right, because that has to be either a local or a global variable, not "set". Still not exactly working. Script runs, does no...
by Znuff
Sun Dec 21, 2014 1:25 am
Forum: Scripting
Topic: Help Needed - Performance Issues - How can I improve this?
Replies: 8
Views: 1592

Re: Help Needed - Performance Issues - How can I improve thi

Correct me if I'm wrong, but your last example wouldn't actually work properly for my usage, as I'm trying to get *everything* that contains "youtube" and "googlevideo" etc., as youtube has dozens of CDN hosts and I really have no idea how to get them all other than searching for everything with tho...
by Znuff
Sat Dec 20, 2014 7:52 pm
Forum: Scripting
Topic: Help Needed - Performance Issues - How can I improve this?
Replies: 8
Views: 1592

Help Needed - Performance Issues - How can I improve this?

So for a while now I have been using this script: :global FindList do={ :local myListName $list :local myTimeout "1:00:00" /ip dns cache all { :foreach j in=[find where (name~$server)] do={ :do { :local myName [get $j name] :local myType [get $j type] :local myData [get $j data] #:local myTime [get ...
by Znuff
Sun Sep 28, 2014 5:14 am
Forum: General
Topic: Cloud IP Address reports wrong
Replies: 2
Views: 986

Re: Cloud IP Address reports wrong

Having the same issue

Image
by Znuff
Tue Sep 16, 2014 2:55 am
Forum: General
Topic: 'address-list' support for web-proxy package
Replies: 1
Views: 16568

'address-list' support for web-proxy package

Could we get support for address-list's in web-proxy?

Thanks.
by Znuff
Sun Apr 07, 2013 12:21 am
Forum: General
Topic: Integrating Facebook Connect with Hotspot Login / Authent ..
Replies: 132
Views: 274222

Re: Integrating Facebook Connect with Hotspot Login / Authen

What's your progress on this? Are you using the Connect method (with the JavaScript SDK)? Or simply asking for a Like (without an App confirmation)? I'm interested in doing something like this, too, and I was just looking into Facebook's API. If you're using the App method - where are you hosting it...
by Znuff
Mon Feb 08, 2010 5:20 pm
Forum: General
Topic: Why do I have unmarked packets / connections?
Replies: 3
Views: 666

Re: Why do I have unmarked packets / connections?

I know what I'm doing - but *WHY* don't they match anything?
by Znuff
Thu Feb 04, 2010 4:11 am
Forum: General
Topic: Why do I have unmarked packets / connections?
Replies: 3
Views: 666

Why do I have unmarked packets / connections?

I have the following setup: /ip firewall mangle add action=mark-connection chain=prerouting comment="Mark Everything" disabled=no new-connection-mark=everything passthrough=yes add action=mark-connection chain=prerouting comment="n-zone -> extern" connection-mark=everything disabled=no dst-address-l...
by Znuff
Sun Jan 24, 2010 9:21 pm
Forum: General
Topic: RB750 OpenVPN thoroughput problem
Replies: 15
Views: 9092

Re: RB750 OpenVPN thoroughput problem

I had a similar problem using PPTP on a RB750.

Wasn't able to push out more than 13k/s either.

Unfortunatelly I don't have access to a RB750 anymore to test further.
by Znuff
Tue Dec 29, 2009 5:42 pm
Forum: General
Topic: MNDP trough layer3?
Replies: 2
Views: 448

Re: MNDP trough layer3?

Yeah, but there's no way to get EoIP on Windows, right?

So, basically, if I don't want the whole 192.168.100.0/24 to be able to view 192.168.1.0/24, I'll need a RouterOS box just for my laptop, right?
by Znuff
Tue Dec 29, 2009 1:27 am
Forum: General
Topic: MNDP trough layer3?
Replies: 2
Views: 448

MNDP trough layer3?

Image

Hi there,

I have the setup above - how exactly can I view the network behind my server with the WinBox scanning feature? I tried L2TP but it seems it doesn't work.
by Znuff
Fri May 29, 2009 12:20 am
Forum: General
Topic: public ip not working while running web proxy
Replies: 5
Views: 679

Re: public ip not working while running web proxy

They work. But not all websites show your real IP address. Some are designed badly and don't check all the HTTP fields corectly.
by Znuff
Thu May 28, 2009 1:14 am
Forum: General
Topic: Looking for solution to redirect DNS's server
Replies: 11
Views: 5696

Re: Looking for solution to redirect DNS's server

Look up DHCP next time. It will save you the trouble of reconfiguring users computer manually.
by Znuff
Thu May 28, 2009 1:10 am
Forum: General
Topic: log and monitor
Replies: 4
Views: 725

Re: log and monitor

Solution 1: Proxylizer
Solution 2: Proxy logs sent to a remote logging machine that eventually stores the data in a database.

In either case, you won't be able to monitor SSL (https) connections. Also, your users should be informed about this. It's a privacy concern.
by Znuff
Thu May 28, 2009 1:06 am
Forum: General
Topic: how can i show to all my customers when internet is down?
Replies: 30
Views: 4132

Re: how can i show to all my customers when internet is down?

Get a secondary web server. Easiest solution by far.
by Znuff
Wed May 27, 2009 8:44 pm
Forum: General
Topic: Howto exclude data transfer counting from internal servers ?
Replies: 2
Views: 752

Re: Howto exclude data transfer counting from internal servers ?

Mangle rules are the solution, but it's not an easy concept :-)
by Znuff
Wed May 27, 2009 8:38 pm
Forum: General
Topic: public ip not working while running web proxy
Replies: 5
Views: 679

Re: public ip not working while running web proxy

Enable "Transparent" proxy.

ofcourse your "public ip" won't work, the requests are handled by the PROXY MACHINE, wich is your gateway or whatever.

See here: http://www.ioerror.us/ip/headers
by Znuff
Wed May 27, 2009 8:35 pm
Forum: General
Topic: NAT DOESN'T WORK
Replies: 3
Views: 1674

Re: NAT DOESN'T WORK

Turn on Connection Tracking.
by Znuff
Wed May 27, 2009 8:33 pm
Forum: General
Topic: Rapid Share Premium
Replies: 1
Views: 528

Re: Rapid Share Premium

Try turning off "Default Forward".
by Znuff
Wed May 27, 2009 8:29 pm
Forum: General
Topic: how can i show to all my customers when internet is down?
Replies: 30
Views: 4132

Re: how can i show to all my customers when internet is down?

Wouldn't it be easier for you guys to stop shoving that hotspot in our face and just create a simple configurable webserver for RouterOS? Doesn't need to run anything special. No Server Side scripting, no nothing. Just to serve static files. Would be usefull to be able to add more than one on differ...
by Znuff
Wed May 27, 2009 8:16 pm
Forum: General
Topic: cacti: Mikrotik RouterOS Statistics (Update 11/19/2013)
Replies: 85
Views: 57993

Re: cacti: Mikrotik RouterOS Statistics (Update 01/18/2008)

Is anyone actually receiving the correct info for the MEM/DSK graphs?

I get weird values.
by Znuff
Fri Jan 23, 2009 3:22 am
Forum: General
Topic: WinBox and "show columns" feature
Replies: 34
Views: 12985

Re: WinBox and "show columns" feature

This issue's been here for ages. I even made a ticket about it and got assured that it will get fixed. Guess what? It didn't. I've specifically told you guys that if you log out for more than aproximatelly one hour, you lose your session. You lose selected collumns and such. If you log out and log b...
by Znuff
Tue May 20, 2008 2:43 pm
Forum: General
Topic: station pseudobridge in 3.x
Replies: 6
Views: 8514

station pseudobridge in 3.x

This doesn't freakin' work. We spent 5 hours trying to figure out WHY our "internet" didn't work on a remote station because our first wireless p2p bridge was using station pseudobridge. And guess what? We just added WDS and the damn thing worked. How exactly is station pseudobridge supposed to be w...
by Znuff
Thu Mar 20, 2008 12:28 pm
Forum: General
Topic: New proxy
Replies: 16
Views: 1918

Re: New proxy

Can we have old squid back in 3.x?

Thanks.
by Znuff
Thu Mar 20, 2008 10:31 am
Forum: General
Topic: New proxy
Replies: 16
Views: 1918

Re: New proxy

There:
webproxy-3.4.png
by Znuff
Wed Mar 19, 2008 11:03 am
Forum: General
Topic: New proxy
Replies: 16
Views: 1918

Re: New proxy

We've already been trough this with support.

The Mikrotik webproxy is slow. Very slow compared to squid.

Even upgraded to 3.4 today and it was STILL slow. Under 2.9.x, the webproxy-test was slow _AND_ buggy.

No issues with the old webproxy. Any chance to have that back in 3.x?
by Znuff
Thu Feb 28, 2008 4:56 am
Forum: General
Topic: how to block my client that not pay?
Replies: 17
Views: 4257

Re: how to block my client that not pay?

1st of all, stop using AlTeRNatiVE CApS ThiNGiE. It's really annoying. Pay some respect please.


2nd of all, have a look under Firewall -> Address List (/ip firewall address-list in the console).
by Znuff
Thu Feb 28, 2008 4:54 am
Forum: General
Topic: FATAL ERROR: no harddrives / refused to install ROS 3.3
Replies: 1
Views: 861

Re: FATAL ERROR: no harddrives / refused to install ROS 3.3

You most likely got a JMICRON IDE controller, wich is very faulty under linux. If I remember corectly, the onboard ethernet is an intel e1000, thus it requires the newest drivers. If Mikrotik is not using the latest linux kernel, it won't work. You could also have a realtek gigabit controller that n...
by Znuff
Fri Feb 15, 2008 7:27 pm
Forum: General
Topic: v3.3 released
Replies: 19
Views: 2392

Re: v3.3 released

Are you guys just going to release major versions one after each other untill you reach 3.9 and then going to start with minor versions? 3.9.x?

It certainly seems so.
by Znuff
Fri Feb 15, 2008 7:23 pm
Forum: General
Topic: Mikrotik v3.0 with core 2 duo processor
Replies: 30
Views: 9678

Re: Mikrotik v3.0 with core 2 duo processor

3000 clients behind NAT?

Are you buying IPs for $10/a piece? Or what?

Jesus.
by Znuff
Thu Jan 31, 2008 4:33 am
Forum: RouterBOARD hardware
Topic: Routerboard RB1000 and RB604 announced
Replies: 26
Views: 7114

Re: Routerboard RB1000 and RB604 announced

yes, there are 64Gb: http://gadgets.fosfor.se/64-gb-compact-flash-from-samsung/ and 48Gb: http://www.engadget.com/tag/48gb/ tip: you don't need so much cache, because most of the web objects today are not cachable, everything is dynamic and built on php + javascript. you can only cache images and s...
by Znuff
Wed Jan 30, 2008 1:55 am
Forum: General
Topic: Need help with spammers/viruses
Replies: 14
Views: 9479

Re: Need help with spammers/viruses

I took a similar approach (block port 25 outgoing) so users can still use SMTPS (over ssl) on different ports, but I've created an address list, so I exclude everyone who requests smtp acces by adding them to that IP list. /ip firewall filter chain=forward action=reject reject-with=icmp-network-unre...
by Znuff
Fri Jan 25, 2008 2:09 pm
Forum: General
Topic: [2.9.50] webproxy-test going *POOF* when it fills up the hdd
Replies: 14
Views: 2019

Re: [2.9.50] webproxy-test going *POOF* when it fills up the hdd

Also, you should look about increasing the MAXIMUM CLIENT and MAXIMUM SERVER connections, as 1000 is quite... low :-/
by Znuff
Thu Jan 24, 2008 10:02 pm
Forum: General
Topic: 2.9 future
Replies: 6
Views: 900

Re: 2.9 future

2.9 is considered legacy
by Znuff
Thu Jan 24, 2008 1:50 am
Forum: General
Topic: P2P limiting, or Not? Possible strategy
Replies: 8
Views: 1488

Re: P2P limiting, or Not? Possible strategy

As a customer I'm paying for bandwidth. Why restrict me using the bandwidth I'M PAYING for?
by Znuff
Wed Jan 23, 2008 10:36 pm
Forum: General
Topic: P2P limiting, or Not? Possible strategy
Replies: 8
Views: 1488

Re: P2P limiting, or Not? Possible strategy

I'd sue an ISP if they'd block peer2peer.

And anyway... there are always tunnels and traffic encryption to go pass your filters... so why bother?
by Znuff
Wed Jan 23, 2008 10:22 pm
Forum: General
Topic: [2.9.50] webproxy-test going *POOF* when it fills up the hdd
Replies: 14
Views: 2019

Re: [2.9.50] webproxy-test going *POOF* when it fills up the hdd

Do I have to mispell and talk bad english to get an official answer around here? :-/
by Znuff
Tue Jan 22, 2008 7:25 pm
Forum: General
Topic: [2.9.50] webproxy-test going *POOF* when it fills up the hdd
Replies: 14
Views: 2019

Re: [2.9.50] webproxy-test going *POOF* when it fills up the hdd

I noticed that after the proxy crashed the first time, I can't stop it anymore! I tried unticking the "Enable" checkbox, and hit Apply... but nothing happens. Even tried disabling it from command line! But the darn thing doesn't want to stop. [Znuff@gateway.n-Zone.ro] > /ip proxy [Znuff@gateway.n-Zo...
by Znuff
Tue Jan 22, 2008 5:49 pm
Forum: General
Topic: [2.9.50] webproxy-test going *POOF* when it fills up the hdd
Replies: 14
Views: 2019

Re: [2.9.50] webproxy-test going *POOF* when it fills up the hdd

I'm not going to upgrade my box to v3 yet. [Znuff@gateway.n-Zone.ro] ip proxy> print enabled: yes src-address: 86.107.189.1 port: 3129 parent-proxy: 0.0.0.0:0 cache-drive: system cache-administrator: "" max-disk-cache-size: 51877000KiB max-ram-cache-size: 287034KiB cache-only-on-disk: no maximal-cli...
by Znuff
Tue Jan 22, 2008 12:19 pm
Forum: General
Topic: [2.9.50] webproxy-test going *POOF* when it fills up the hdd
Replies: 14
Views: 2019

Re: [2.9.50] webproxy-test going *POOF* when it fills up the hdd

I can't believe nobody else has seen this before...

Nobody filled up their webproxy-test?
by Znuff
Mon Jan 21, 2008 8:53 pm
Forum: General
Topic: RouterOS 3.0
Replies: 70
Views: 12979

Re: RouterOS 3.0

We ship PoweRouters with dual-core P4s and so far had no issues that I know of with using multi-cpu .
There's no such thing as dual-core pentium 4. It's Pentium D.

Yes, I emphaze semantics.
by Znuff
Mon Jan 21, 2008 6:17 pm
Forum: General
Topic: RouterOS 3.0
Replies: 70
Views: 12979

Re: RouterOS 3.0

Could someone supply some links where the "multi-core issues" are described on linux?

I'm having a hard time finding any info. And curiously I see linux boxes running with 2 to 8 cores without problems. I say... *what* issues?
by Znuff
Mon Jan 21, 2008 5:02 pm
Forum: General
Topic: [2.9.50] webproxy-test going *POOF* when it fills up the hdd
Replies: 14
Views: 2019

[2.9.50] webproxy-test going *POOF* when it fills up the hdd

Hello, I'm curious if anyone else has the same issue. The webproxy-test package works great in 2.9.50, I can see it's being more efficient that the old squid (package webproxy), but I seem to be having the same issue again and again. When the hdd fils up, the proxy goes *POOF*, it crashes, doesn't w...
by Znuff
Thu Jan 17, 2008 1:01 pm
Forum: General
Topic: Any chance for a pci-e 4 port gigabit LAN? when?
Replies: 6
Views: 881

Re: Any chance for a pci-e 4 port gigabit LAN? when?

Actually we need 8 gigabit ports.
by Znuff
Thu Nov 08, 2007 3:38 pm
Forum: General
Topic: hamachi server
Replies: 20
Views: 6719

Re: hamachi server

Hamachi is a proprietary client and server application. You can't setup a server... DOH. And even if you could: how the hell would you make the client application to connect to your own server? Hamachi uses the address range 5.0.0.0/8 wich is reserved address space especially for this kind of applic...
by Znuff
Sun Oct 21, 2007 7:19 am
Forum: General
Topic: [webproxy-test bug] <base href="http://url/" /> gets trimmed
Replies: 6
Views: 878

Re: [webproxy-test bug] <base href="http://url/" /> gets trimmed

This is confirmed under version 3.00 RC7 too.
by Znuff
Thu Oct 18, 2007 8:01 pm
Forum: General
Topic: [webproxy-test bug] <base href="http://url/" /> gets trimmed
Replies: 6
Views: 878

Re: [webproxy-test bug] <base href="http://url/" /> gets trimmed

Can't try to use RC6 on that particular box. It's our main gateway and I don't want to risk breaking internet access for all our customer. I'll try and see on another box.
by Znuff
Tue Oct 16, 2007 1:36 am
Forum: General
Topic: [webproxy-test bug] <base href="http://url/" /> gets trimmed
Replies: 6
Views: 878

Re: [webproxy-test bug] <base href="http://url/" /> gets trimmed

Is this thing actually getting noticed?
by Znuff
Tue Oct 16, 2007 1:29 am
Forum: General
Topic: Second and subsequent PPPoE connections fail
Replies: 11
Views: 1716

Re: Second and subsequent PPPoE connections fail

The PPPoE _server_ supports up to 200 clients.

Turn on debug for ppp and see what you get.
by Znuff
Tue Oct 16, 2007 1:26 am
Forum: General
Topic: change the port that the MT email TOOL uses
Replies: 8
Views: 1044

Re: change the port that the MT email TOOL uses

Erm... Port 25 is the standard email port. There's no reason to change that... Instead MT RouterOS should support SMTPS for ISPs that block that port.
by Znuff
Wed Oct 03, 2007 2:47 pm
Forum: General
Topic: [webproxy-test bug] <base href="http://url/" /> gets trimmed
Replies: 6
Views: 878

Re: [webproxy-test bug] <base href="http://url/" /> gets trimmed

So where do I post a bug, seeming that here nobody notices the bug posts?
by Znuff
Wed Oct 03, 2007 6:31 am
Forum: General
Topic: can webproxy-test "talk" to a linux squid?
Replies: 1
Views: 461

can webproxy-test "talk" to a linux squid?

Can the MikrotikHttpProxy use a Squid running on Linux as a parent proxy or do I have to use the old webproxy package based on squid for RouterOS?
by Znuff
Tue Oct 02, 2007 8:16 pm
Forum: General
Topic: [webproxy-test bug] <base href="http://url/" /> gets trimmed
Replies: 6
Views: 878

[webproxy-test bug] <base href="http://url/" /> gets trimmed

Hello. I'm using webproxy-test under 2.9.45 and I have a small issue with a website and probably with others. Try visiting http://www.upc.ro when the webproxy-test is enabled and set as transparent proxy. Nothing loads up. Not the images, not the javascript, not the css and links don't work. Upon di...
by Znuff
Mon Sep 24, 2007 11:27 pm
Forum: Wireless Networking
Topic: Bridge betwen RB133 and RB133c
Replies: 21
Views: 4528

Re: Bridge betwen RB133 and RB133c

is that nstreme2? 'cose I find it hard to believe if even routed without turbo...

and I usually get x86's if I need good speed and space is not a problem.
by Znuff
Sat Sep 22, 2007 12:14 am
Forum: Beginner Basics
Topic: Utorrent
Replies: 8
Views: 2613

Re: Utorrent

or just enable UPnP
by Znuff
Wed Sep 19, 2007 6:17 am
Forum: General
Topic: Need Bridging Help. Simple task won't work
Replies: 2
Views: 413

Re: Need Bridging Help. Simple task won't work

What kind of internet connections are those? Cable Modems by any chance?
by Znuff
Wed Sep 19, 2007 6:15 am
Forum: General
Topic: msn audio not working behind NON-NATting setup
Replies: 10
Views: 1191

Re: msn audio not working behind NON-NATting setup

if you plan on using that kind of restrictive firewall then just drop the public ip space, there's no reason for it if you don't accept NEW connections.

My 2 cents.
by Znuff
Wed Sep 19, 2007 6:11 am
Forum: Wireless Networking
Topic: Typical Range
Replies: 2
Views: 578

Re: Typical Range

just set them as 1db or something similar
by Znuff
Wed Sep 19, 2007 6:02 am
Forum: Wireless Networking
Topic: CPE-Antenna alignment via customer / Application available?
Replies: 149
Views: 32961

Re: CPE-Antenna alignment via customer / Application available?

Me too pretty please.

znuffy@gmail.com

Gmail doesn't accept .exe's, or zipped .exe's, so you should mail it as a rar or something :-)

Thanks
by Znuff
Wed Sep 19, 2007 5:56 am
Forum: Wireless Networking
Topic: Maximizing throughput help
Replies: 10
Views: 1494

Re: Maximizing throughput help

oh, I didn't notice that, my bad :-)
by Znuff
Wed Sep 19, 2007 5:43 am
Forum: General
Topic: Using station pseudo-bridge???
Replies: 10
Views: 4287

Re: Using station pseudo-bridge???

I would very much like to know how this works too... I could't make it work when I tested. Tried the same way as jd6strings:

RB133 { ether+wlan (mode=ap-bridge) bridged } -->> RB133c { ether+wlan (mode=station pseudo-bridge) bridged }
by Znuff
Wed Sep 19, 2007 5:40 am
Forum: General
Topic: Mikrotik Router Os for 64 bit processor
Replies: 7
Views: 5530

Re: Mikrotik Router Os for 64 bit processor

You could probably run a router on a 16bit cpu :P

you don't need big float operations on a router to actually need 64bit.
by Znuff
Wed Sep 19, 2007 5:39 am
Forum: General
Topic: Layer7 in firewall - 3.0rc5
Replies: 26
Views: 7834

Re: Layer7 in firewall - 3.0rc5

Waaaaaaaaaaait, but how was the p2p filtering done previous to layer7? in 2.9.x?
by Znuff
Sun Sep 16, 2007 5:35 pm
Forum: General
Topic: ping latency high
Replies: 6
Views: 1028

Re: ping latency high

Yes, that's how queues work. Under any system. When you reach maximum bandwidth, that's the only way something is going to slow you down.

Packets will be slowed down and queued. That's how latency appears ;)
by Znuff
Sun Sep 16, 2007 5:32 pm
Forum: General
Topic: bandwidth ratio
Replies: 14
Views: 2668

Re: bandwidth ratio

With simple queues that would be easy:

add a simple queue for 1024kb

then, add 4 other queues for 1024 with the first one set as a parent!

Ofcourse, the smart way would be to use queue trees so they each get equal bandwidth
by Znuff
Sun Sep 16, 2007 5:24 pm
Forum: General
Topic: DNS cache size and timeouts - v3
Replies: 5
Views: 5439

Re: DNS cache size and timeouts - v3

1st of all I have more than 200 computers. 2nd a max-timeout shouldn't be user configurable - that's why we have an option to specify the TTL, refresh, retry etc. values for our domains. When I'm talking about DNS changes, I'm reffering to websites that move for a reason or another. DNS is a very dy...
by Znuff
Sun Sep 16, 2007 5:16 pm
Forum: General
Topic: Mikrotik Router Os for 64 bit processor
Replies: 7
Views: 5530

Re: Mikrotik Router Os for 64 bit processor

Mikrotik is not 64bit.

If your CPU supports x86 instructions too, it should work.
by Znuff
Sun Sep 16, 2007 5:13 pm
Forum: Wireless Networking
Topic: Maximizing throughput help
Replies: 10
Views: 1494

Re: Maximizing throughput help

You shouldn't even get 14Mbps if you locked to 24Mbps.
by Znuff
Sun Sep 16, 2007 3:50 am
Forum: General
Topic: Queue's make small latency?
Replies: 6
Views: 824

Re: Queue's make small latency?

Is this 2.9 or 3.0?
by Znuff
Sun Sep 16, 2007 3:26 am
Forum: General
Topic: Winbox robustness
Replies: 8
Views: 2382

Re: Winbox robustness

I'd seconnd that reconnect stuff.

It could just ask me if I want to reconnect after it gets a disconnect. Would save the trouble of starting winbox again, even after a reboot.
by Znuff
Sun Sep 16, 2007 3:19 am
Forum: General
Topic: encrypted nstream2
Replies: 22
Views: 3432

Re: encrypted nstream2

A government agency would just run fiber and not wireless, they have the resources. Also, any kind of encryption will add protocol overhead and will slow down the link considerably.
by Znuff
Sun Sep 16, 2007 2:54 am
Forum: General
Topic: DNS cache size and timeouts - v3
Replies: 5
Views: 5439

Re: DNS cache size and timeouts - v3

Having THAT BIG DNS caches is stupid. Why? Because the world keeps changing. Websites update their DNS every day.

10MB is MORE than enough, considering that 256Kb of DNS cache can hold more than 1000 entries. I've never seen my DNS cache max out at 10MB, even for a month of uptime.
by Znuff
Sun Sep 16, 2007 2:40 am
Forum: General
Topic: RB 133c default level 3 licence - possible AP mode
Replies: 14
Views: 4765

Re: RB 133c default level 3 licence - possible AP mode

rb133c has less memory than rb133... I wouldn't recommend you use it as an Access Point
by Znuff
Sun Sep 16, 2007 2:35 am
Forum: General
Topic: Queue's make small latency?
Replies: 6
Views: 824

Re: Queue's make small latency?

Are you sure you're not maxing out the queue?
by Znuff
Sun Sep 16, 2007 2:28 am
Forum: Wireless Networking
Topic: Maximizing throughput help
Replies: 10
Views: 1494

Re: Maximizing throughput help

You're doing something wrong. You can't get that much if you locked to 24Mbps.
by Znuff
Sun Sep 16, 2007 2:23 am
Forum: Wireless Networking
Topic: Routed Networks, not bridging interface
Replies: 9
Views: 1482

Re: Routed Networks, not bridging interface

I'm guessing you want to do something like this: [ gateway 192.168.1.1 for network 192.168.1.0/24 ] | v [ BOX1, set as an Access Point, 192.168.1.2] | v [ BOX2, set as an AP Client, 192.168.1.3 on the wlan, gateway for 192.168.99.0/24, 192.168.99.1 on the ether interface ] Just add a default route, ...
by Znuff
Sun Sep 16, 2007 1:50 am
Forum: Wireless Networking
Topic: Radius server, PPPoE etc
Replies: 8
Views: 1434

Re: Radius server, PPPoE etc

User Manager can do all that, and I'd guess it's even easier. I'm not sure what you mean by Captive Portal.
by Znuff
Sun Sep 16, 2007 1:48 am
Forum: Wireless Networking
Topic: ADSL
Replies: 1
Views: 441

Re: ADSL

Hello. 1st of all, this is the wrong category for this question. A more appropiate place for this would have been the General Networking section, but maybe someone will move it. Anyway, the short answer is YES, you can do that. I just recommend you use simple queues or other type of queue to limit t...
by Znuff
Sun Sep 16, 2007 1:44 am
Forum: Wireless Networking
Topic: Bridge betwen RB133 and RB133c
Replies: 21
Views: 4528

Re: Bridge betwen RB133 and RB133c

Hello again, and sorry for the double post. We tested with RouterOS v3rc4 tonight and here are the results: UDP - from Computer to Computer (same setup with WDS + Bridge): 57Mbps one way, with the bandwidth test. TCP - from Computer to Computer (same setup, wds + bridge): 37Mbps one way, using FTP. ...
by Znuff
Sun Sep 16, 2007 1:37 am
Forum: General
Topic: Block range of ip stored on text file
Replies: 5
Views: 1176

Re: Block range of ip stored on text file

if you have access to a linux box, it's easy, here's a bash script that does what I mentioned above and creating the .rsc script to import them in RouterOS: #!/bin/bash #Replace file.ips with the name of the file with your original range ips ORGFILE="file.ips" #empty the files :-) echo > file.tmp ec...
by Znuff
Sat Sep 15, 2007 10:26 pm
Forum: General
Topic: 2 pipes to internet (Eth1 and Eth2) - can only go in one
Replies: 2
Views: 644

Re: 2 pipes to internet (Eth1 and Eth2) - can only go in one

Post your routes table.
by Znuff
Sat Sep 15, 2007 10:07 pm
Forum: General
Topic: P2P Filter
Replies: 4
Views: 872

Re: P2P Filter

Encrypted p2p traffic is impossible to detect.
by Znuff
Sat Sep 15, 2007 10:00 pm
Forum: General
Topic: Block range of ip stored on text file
Replies: 5
Views: 1176

Re: Block range of ip stored on text file

You should create an Adress List with the contents of that file, but they have to be entered in CIDR notation. So: 62.13.192.0-62.13.223.255 becomes 62.13.192.0/19 62.26.210.0-62.26.210.63 becomes 62.26.210.0/26 and so on Then you just create a firewall rule to deny connections to and from that src/...
by Znuff
Sat Sep 15, 2007 8:45 pm
Forum: General
Topic: Bridge
Replies: 5
Views: 828

Re: Bridge

by Znuff
Sat Sep 15, 2007 8:43 pm
Forum: General
Topic: Queue's make small latency?
Replies: 6
Views: 824

Re: Queue's make small latency?

What CPU do you have there? Is it a RouterBoard?
by Znuff
Sat Sep 15, 2007 8:40 pm
Forum: General
Topic: ping latency high
Replies: 6
Views: 1028

Re: ping latency high

Are you using Queues?

Is the client maxing out his bandwidth? Because that's the way queues work. Once client hits his maximum bandwidth, his latency will increase.
by Znuff
Sat Sep 15, 2007 8:37 pm
Forum: General
Topic: 2 internet connections
Replies: 8
Views: 1431

Re: 2 internet connections

Is this too complex? :-)
by Znuff
Sat Sep 15, 2007 8:36 pm
Forum: Wireless Networking
Topic: Bridge betwen RB133 and RB133c
Replies: 21
Views: 4528

Re: Bridge betwen RB133 and RB133c

Then let's hope we get v3 asap :-)
by Znuff
Fri Sep 14, 2007 11:13 pm
Forum: Wireless Networking
Topic: Bridge betwen RB133 and RB133c
Replies: 21
Views: 4528

Re: Bridge betwen RB133 and RB133c

Our setup was like: RB133 {bridged ether2 & wlan2} {wlan2 mode = bridge, wds dynamic} | | v RB133c {bridged ether1 & wlan1 } {wlan1 mode = station wds} (We followed this tutorial: http://wiki.mikrotik.com/wiki/Transparently_Bridge_two_Networks as it seems that you CAN'T bridge an ap client - anyone ...
by Znuff
Wed Sep 12, 2007 1:30 am
Forum: General
Topic: Need seamless roaming for barcode readers ...
Replies: 8
Views: 1220

Re: Need seamless roaming for barcode readers ...

Any clue where could I buy that kind of cable? Or some prices please?

Looks really interesting.
by Znuff
Wed Sep 12, 2007 1:21 am
Forum: General
Topic: two mk
Replies: 3
Views: 490

Re: two mk

what do you mean by mount?
by Znuff
Wed Sep 12, 2007 1:18 am
Forum: General
Topic: web proxy redirect *.mgp *.zip *.exe to another proxy server
Replies: 12
Views: 1863

Re: web proxy redirect *.mgp *.zip *.exe to another proxy server

RedHat 9 is seriously outdated and insecure and has reached End of Life for ages. Squid packages might be insecure and exploitable. You can use debian or even ubuntu-server, and that actually works on a low-end computer like 233Mhz with 128MB of ram or something similar. Please stop instructing user...
by Znuff
Wed Sep 12, 2007 1:06 am
Forum: General
Topic: log error
Replies: 1
Views: 303

Re: log error

post the full message
by Znuff
Wed Sep 12, 2007 1:02 am
Forum: General
Topic: How to Limit Connection to 1 Host Only
Replies: 8
Views: 1596

Re: How to Limit Connection to 1 Host Only

Simple answer: you can't.

And you shouldn't. What if the user has more computers at home? Many people have a laptop and a desktop @ home and their using a router so they can use them both at the same time. I'd stay away from an ISP like that.

Just a friendly advice.
by Znuff
Wed Sep 12, 2007 12:59 am
Forum: General
Topic: Serial Proxy using SOCKS, normis?
Replies: 2
Views: 470

Re: Serial Proxy using SOCKS, normis?

Nope. It can be done under linux, but it's a bit complicated.
by Znuff
Wed Sep 12, 2007 12:57 am
Forum: The User Manager
Topic: User Manager Feature request - sticky please?
Replies: 193
Views: 53758

Re: User Manager Feature request - sticky please?

voip4life: depends, I'd like to see the names of my customers, not their MAC address... as I can't ask the customer "oh, so you're 00:0F:F3:3D:whatever ?"
by Znuff
Mon Sep 10, 2007 7:19 pm
Forum: General
Topic: MSN LIVE MESSENGER BLOCK
Replies: 5
Views: 1545

Re: MSN LIVE MESSENGER BLOCK

No, you won't be able to block MSN Live Messenger. Whatever port you block, it will try to a different one untill it connects.
by Znuff
Mon Sep 10, 2007 7:17 pm
Forum: General
Topic: web proxy redirect *.mgp *.zip *.exe to another proxy server
Replies: 12
Views: 1863

Re: web proxy redirect *.mgp *.zip *.exe to another proxy server

Yes, but not with Red Hat, unless you're willing to pay $1000 or whatever for an enterprise license. Use Ubuntu Server + Squid.
by Znuff
Mon Sep 10, 2007 12:55 am
Forum: General
Topic: Why can't my clients talk to the mail server??
Replies: 26
Views: 1931

Re: Why can't my clients talk to the mail server??

Who's doing the routing between 172.16.0.X and 10.0.15.XXX/16?
by Znuff
Mon Sep 10, 2007 12:49 am
Forum: General
Topic: web proxy redirect *.mgp *.zip *.exe to another proxy server
Replies: 12
Views: 1863

Re: web proxy redirect *.mgp *.zip *.exe to another proxy server

I don't think Squid or any other proxy will comunicate properly with Win2003's ISA. Your best chance is to use Linux with Squid or RouterOS.
by Znuff
Mon Sep 10, 2007 12:29 am
Forum: General
Topic: 2 internet connections
Replies: 8
Views: 1431

Re: 2 internet connections

Sorry for the double post, but it's easier for me this way :-) Currently we don't have the 2nd connection set-up, and the customers are all using our main connection. We want 192.168.9.0/24 and 192.168.11.0/24 to be NAT-ed under the 2nd connection. (The ones in the diagram marked with NAT and PPPoE)...
by Znuff
Sun Sep 09, 2007 11:48 pm
Forum: General
Topic: 2 internet connections
Replies: 8
Views: 1431

Re: 2 internet connections

Hello,

This is our network diagram. I'll post our complex config in a new post.

Image
by Znuff
Sat Sep 08, 2007 3:46 am
Forum: The User Manager
Topic: User Manager Feature request - sticky please?
Replies: 193
Views: 53758

Re: User Manager Feature request - sticky please?

Hi. I would also like to have First / Last name in the User List, or at least make the fields searchable . I'm planning to switch all clients to DHCP-Radius-UserManager, but I need to be able to search them by those private fields, including LOCATION. Please have it in version 3.0, at least. :-) Oh,...
by Znuff
Fri Mar 09, 2007 9:39 am
Forum: General
Topic: Will MT support nforce3/4/5 integrated NIC?
Replies: 9
Views: 3509

There are lots of different NIC Chipsets in those NF3/NF4 Mainboards. Could you be more specific?
by Znuff
Thu Mar 08, 2007 9:40 pm
Forum: General
Topic: Blocking public address or range
Replies: 1
Views: 535

well, input/output only reffers to packages to wich the destination/source is teh router itself (mt), you probably want to add those rules in the FORWARD chain.
by Znuff
Thu Mar 08, 2007 9:35 pm
Forum: General
Topic: How to block Second (Unknown) DHCP server on network
Replies: 9
Views: 5536

Remove the 2seconds delay, there's no need for that.
by Znuff
Thu Mar 08, 2007 9:09 pm
Forum: General
Topic: [Fixed pls Close] Problems with Overseas/Local Traffic setup
Replies: 0
Views: 530

[Fixed pls Close] Problems with Overseas/Local Traffic setup

Hello, I've implemented the Local/Overseas traffic on two of our networks, each network has a MT as a gateway, using this setup: --- My ISP ---> [ MT - TCT ] --- Network|---> [ MT - NZN ] ---> Customers-NZN |---> [ MT - IT3 ] ---> Customers-IT3 |---> Customers-TCT My problem is mainly the way traffi...
by Znuff
Thu Mar 08, 2007 2:34 am
Forum: General
Topic: How to block Second (Unknown) DHCP server on network
Replies: 9
Views: 5536

First of all you should set up your DHCP server as Authorative, most ADSL routers with dhcp obey that flag.
by Znuff
Wed Mar 07, 2007 11:07 pm
Forum: General
Topic: Extending the Local/Overseas Setup
Replies: 0
Views: 613

Extending the Local/Overseas Setup

Hello, I'm trying to extend the Different Limits for Overseas/Local Traffic into something like "Local/Metro/Extern", in wich Local means the local network(s), direct peering or such, Metro is for my ISP's Network and Extern is for the rest of the connections. My setup consist of 3 MT's, one main ga...
by Znuff
Wed Mar 07, 2007 10:40 pm
Forum: General
Topic: Blocking non-authed PPPoE clients from the network?
Replies: 7
Views: 1728

transparent proxy works ok, there's no issue with that :-)
by Znuff
Wed Mar 07, 2007 10:36 pm
Forum: General
Topic: Transperent Proxy
Replies: 7
Views: 1476

then don't block those websites

if you're an ISP that's probably against the law
by Znuff
Sat Feb 24, 2007 7:39 am
Forum: General
Topic: Blocking non-authed PPPoE clients from the network?
Replies: 7
Views: 1728

Will queues still work?

I'm using this setup:
http://wiki.mikrotik.com/wiki/How_to_ap ... as_traffic

and I'd not sure if this will work after I switch my clients to PPPoE, and also, will transparent proxy work?
by Znuff
Sat Feb 24, 2007 5:13 am
Forum: General
Topic: 2 or more IP classes...
Replies: 1
Views: 556

2 or more IP classes...

Hi. My network has grown larger and larger and I had the need for a second /24 IP class but because they don't share the broadcasts, 2 clients from 2 different classes communicate trough the Mikrotik router. Can I do something about it? Is it possible to make them "communicate" without passing troug...
by Znuff
Sat Feb 24, 2007 4:56 am
Forum: General
Topic: Blocking non-authed PPPoE clients from the network?
Replies: 7
Views: 1728

Blocking non-authed PPPoE clients from the network?

I'm thinking of switching the whole network to use PPPoE, but one thing is not clear to me: how do I stop the clients from just configuring their network address manually and accesing the internet? I'm kind of new to PPPoE
by Znuff
Thu Oct 05, 2006 5:21 pm
Forum: General
Topic: Tell non-paying customers to pay the bill, without hotspot
Replies: 18
Views: 6512

dainen: I'm looking for a solution that I can just enable/disable one rule whenever I want to block a customer :-) I'm not the full-time admin of that network, the person who manages is not that technical and I want to keep it simple... Eventually to make a script that enables/disables that rule :-)
by Znuff
Thu Oct 05, 2006 5:21 pm
Forum: General
Topic: Tell non-paying customers to pay the bill, without hotspot
Replies: 18
Views: 6512

dainen: I'm looking for a solution that I can just enable/disable one rule whenever I want to block a customer :-) I'm not the full-time admin of that network, the person who manages is not that technical and I want to keep it simple.
by Znuff
Wed Oct 04, 2006 1:08 pm
Forum: General
Topic: Tell non-paying customers to pay the bill, without hotspot
Replies: 18
Views: 6512

I don't want to block only TCP, that's the issue. I want to block everything. If I block only TCP they could, for instance, play games over the net =/

I'll try the mac auth. in hotspot this weekend when I get back into town. Is arp=reply-only still needed if I use hotspot?
by Znuff
Tue Oct 03, 2006 8:36 pm
Forum: General
Topic: Tell non-paying customers to pay the bill, without hotspot
Replies: 18
Views: 6512

Sorry but I don't understand your english... You lost me on the subnet parts =/ Could you please explain more detailed? I'm willing to try this MAC Authentification on the hotspot if you explain me in depth :-) Also I want to specify that I have 2 public ip classes, a /26 and a /25 (and I'll probabl...
by Znuff
Tue Oct 03, 2006 5:08 pm
Forum: General
Topic: Tell non-paying customers to pay the bill, without hotspot
Replies: 18
Views: 6512

Well, I don't want to use authentification, as it's not such a big network (max 200 users). Can't I just redirect all traffic to another http server?
I've tried that in numerous ways, but it seems I'm missing something.
by Znuff
Tue Oct 03, 2006 1:47 am
Forum: General
Topic: Tell non-paying customers to pay the bill, without hotspot
Replies: 18
Views: 6512

Tell non-paying customers to pay the bill, without hotspot

Currently I'm telling my customers to pay the bill with the hotspot trick described in the wiki http://wiki.mikrotik.com/wiki/How_to_Block_Customer. Problem is that I'm also using arp=reply-only, and I still want to use it. When you enable the hotspot, it bypasses all clients, so if a client just ch...
by Znuff
Mon Oct 02, 2006 8:06 pm
Forum: General
Topic: Internet provider blocked my router
Replies: 17
Views: 5242

Try connecting your computer directly to your ISP. See if it works. If it doesn't then your provider blocked your entire connection.

If it does, verify your mac address. They have no way in finding out that you have a MT router.
by Znuff
Mon Oct 02, 2006 6:44 am
Forum: Wireless Networking
Topic: MAC ADDRESS FILTERING
Replies: 13
Views: 1865

I'm paying $200 for 10Mbit, fiber... your price is unbelievable!
by Znuff
Mon Oct 02, 2006 4:11 am
Forum: General
Topic: Restriction by MAC
Replies: 4
Views: 2847

I tried using DHCP leases. I added every client, bla, bla... I set arp to reply-only and clients are still able to access the internet and ping the local mikrotik server... How's that? =/ I've got enabled the following "tricks": http://wiki.mikrotik.com/wiki/How_to_Block_Customer http://wiki.mikroti...
by Znuff
Wed Sep 27, 2006 7:16 pm
Forum: General
Topic: Restriction by MAC
Replies: 4
Views: 2847

well, first I tried to block everything in forward that is not marked with "allowed". but if I mark packages that way, bandwidth limiting doesn't work anymore, because it overrides the previously "local" / "external" traffic marks. I can't use the ARP table because I use dhcp with dynamic leases (cu...
by Znuff
Wed Sep 27, 2006 5:37 am
Forum: General
Topic: Restriction by MAC
Replies: 4
Views: 2847

Restriction by MAC

Hello. I know this thing has been posted, but I feel like I've got a special situation: I need to create a "WhiteList" for people that are allowed to acces the internet on the MT. I'm only using it as a LAN station, so no Wireless involved. I've been trying numerous solutions... I can't mark the pac...
by Znuff
Wed Sep 27, 2006 3:06 am
Forum: Scripting
Topic: how to put text scripts for firewall rule [Blok list]??
Replies: 13
Views: 5604

this is so freakin' frustratring... I borked my configuration... I reset everything and now scripts won't work AGAIN X(

there's doesn't say anywhere in the manual that the script has to have the extension .rsc and when you /import you have to omit the extension...
by Znuff
Tue Sep 26, 2006 11:53 pm
Forum: Scripting
Topic: how to put text scripts for firewall rule [Blok list]??
Replies: 13
Views: 5604

nvm, figured out