I try to backup my mikrotik configuration (*.backup and *.rsc) everyday with telnet script (with perl) i’ve made myself. But i can’t get in to the mikrotik because it’s halt on the “press ENTER to continue” for the SOHO license. 
can anyone help me? any suggestion? 
Use a script that runs daily that emails it to you. I think there is an example in the manual.
Sam
thanks for the advice, but that’s what i do to avoid that problem. The problem is if I email the backup configuration, my mailbox will full and i have to delete the old ones 
I’ve made some script to check the size (if the size is still the same, that script won’t send me any email) but still it can’t give the result i expect because if there is a PPPoE user connected then the size is changed
Did anyone in this forum know how to bypass the “press ENTER to continue” or how to send the “ENTER” via perl telnet script???
Your mailbox must be very limited : )
So why not archive it after you receive the e-mails?
If you managed to write a perl script to telnet into the router surely you must know how to send “enter”. Hint: look around the lower end of your ASCII chart.
Why not use an ftp script?
hey
i have an issue when some of my clients start tweaking there routers. i have a few that under protest i gave them access to there router. now on 1 hand they have a right since they own it. and they want to manage it.
but having issues when they screw it up and want me to fix it . which is fine. but as an example 1 was test a firewall rule and left or moved the drop all rule to the top. and since this router now is only accessible by null modem . he needs to bring it in to fix this.
ok my question is there a way to use watch dog and a script that would reset the router then add a 1 rule to accept all , just so we could correct a issue .
or is there a script to lets say .
when doing testing i can enable a rule that when watch dog fails to remote ping ip 67.2.x.2 then the script would add a rule to let or accept all traffic.
Randy
Consider the following implications;
If said server is offline, all clients will have no security.
If server becomes unavailable due to firewall blocking pings the script will add a rule making the server available, what do you do then? remove the rule?
Perhaps you should write a script that you run or import whenever server becomes unavailable for a given time of minutes that removes and reinstalls the firewall rules?
That way you wouldnt have to do much to repair the damages the users perform.
I would never let a customer administrate his or her own units. I would rather give them their own IP’s/Subnet on which i would perform only source address filtering.
I could help you with such and similar scripts but it wouldnt be free ( Contact me via: lists@wm-access.no ).
Here is a simple perl module I wrote recently, using ssh and Expect, to deal with a similar problem. You can easily swap out ‘ssh’ with ‘telnet’ if you want. I wrote this originally to make it easier for me to administer multiple RouterOS boxes (say, have a script that logs in to every box and update the admin password). It is very primitive and has not been thoroughly tested yet, so far I know it works on recent Linux/BSD platforms with bash 2.0 and perl 5.
I also have them in .rpm and .deb packages, if anyone is interested, I can post them here.
You can just copy-n-paste the following code and save as RouterOS.pm, and call it in your perl script.
Sorry about the messy-looking comments, they are robodoc-style comments required for my work (it actually turns into pretty good looking HTML files by robodoc).
I welcome any feedback, I know this module is far from being perfect (especially in the regular expression department)…
#****c* Mikrotik/RouterOS
# NAME
# RouterOS
#
# DESCRIPTOIN
# This is an object oriented perl module that provides us easier
# access to the greenbox's RouterOS interface via SSH/Expect.
#
# NOTES
# To avoid paging issues, all print commands should have the option
# "without-paging" enabled (if available) so all the information is
# printed to screen in one shot, requiring no interaction from the
# user to press the space bar to see the next page.
#
# EXAMPLE
# Below is an example on how to use this module to establish an SSH
# connection to a RouterOS box, run a command on it, and get the
# results back as a long string:
#
# <code>
# use RouterOS;
# my $connection = RouterOS->new(
# HOST=>'192.168.0.1',
# USER=>'admin',
# PASSWD=>'secretpasswd'
# );
# my $command = '/ip hostspot active print without-paging'
# my $result = $connection->exec($command);
# </code>
#
# TODO
# - Syslog
#
# AUTHOR
# Josh Kuo
#
#***
package RouterOS;
use Expect;
$VERSION = '2.8.28'; # version of RouterOS supported
$TIMEOUT = '5'; # SSH timeout
# + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
# Constructor
# + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
#****m* RouterOS/new
# NAME
# new
#
# DESCRIPTOIN
# This is the constructor for the RouterOS perl class. It reads in
# the arguments given to the constructor, and initializes the
# attributes of this object, and then attempts to connect to the
# remote RouterOS host via SSH. If the connection failed, the
# object creation is aborted.
#
# AUTHOR
# Josh Kuo
#
# SOURCE
sub new {
my $class = shift;
my $self = {
HOST =>undef,
USER =>undef,
PASSWD=>undef,
SSH =>undef
};
bless $self, $class;
$self->initialize(@_);
return $self if ($self->{SSH});
# if the SSH connection wasn't established, exit with error
die "Cannot connect to " . $self->{HOST} . "\n";
}
#***
# + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
# Destructor
# + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
#****im* RouterOS/DESTROY
# NAME
# DESTROY
#
# DESCRIPTION
# This method is called whenever perl cleans up the un-used object
# automatically. It should NEVER be called manually.
#
# INPUTS
# None.
#
# RETURN VALUE
# None.
#
# OUTPUT
# None.
#
# SIDE EFFECT
# If there is an active SSH session with the RouterOS host, as part
# of the object destruction, this method will attempt to close that
# SSH connection by logging out of the RouterOS host.
#
# AUTHOR
# Josh Kuo
#
# SOURCE
sub DESTROY {
my $self = shift; my $ssh = $self->{SSH};
if ($ssh) {
print $ssh "/quit\r";
}
}
#***
# + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
# Methods
# + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
#****m* RouterOS/exec
# NAME
# exec
#
# DESCRIPTION
# Sends a command to be executed on the remote RouterOS host.
#
# NOTES
# After we submit a command, we get back an array that looks like
# this in Expect:
# [0] = 1
# [1] = undef
# [2] = $regex
# [3] = $result
# Where $regex is the regular expression we have specified that we are
# loooking for in the result, and $result is the actual string
# returned by running the command on the remote host. So what we do
# here is return [3], the raw string returned by running the command.
#
# Since Expect by default has 'echo' turned on, the command we
# submitted will be echoed back to us, and we will also get the shell
# prompt text as our last line. Below is an example of running the
# command '/ip firewall rule input print without-paging' on a RouterOS
# machine:
#
# <RESULT>
# /ip firewall rule input print without-paging
# Flags: X - disabled, I - invalid, D - dynamic
# 0 ;;; account traffic from hotspot clients to hotspot servlet
# in-interface=Priority_Point dst-address=:80 protocol=tcp action=jump
# jump-target=hotspot
#
# 1 ;;; accept external requests for ssh
# in-interface=External dst-address=:22 protocol=tcp action=accept
#
# 2 ;;; accept request for hotspot ssl servlet
# dst-address=:443 protocol=tcp action=accept
#
# 3 ;;; accept request for hotspot ssl servlet
# dst-address=:80 protocol=tcp action=accept
#
# 4 ;;; accept requests for local DHCP server
# dst-address=:67 protocol=udp action=accept
#
# 5 ;;; limit access for unauthorized hotspot clients
# in-interface=Priority_Point action=jump jump-target=hotspot-temp
#
# [admin@PNETWORKS_000]
# </RESULT>
#
# INPUTS
# (REQ) The command string to be executed on the remote host.
#
# RETURN VALUE
# The output from running the command (if any) as an array of strings.
#
# OUTPUT
# None.
#
# AUTHOR
# Josh Kuo
#
# SOURCE
sub exec {
my $self = shift;
my $cmd = shift;
my $ssh = $self->{SSH};
$ssh->send("$cmd\r");
my @results = $ssh->expect($TIMEOUT, '-re', "> ");
unless (@results) {
die "Error submitting command.\n";
}
return @results[3];
}
#***
#****m* RouterOS/host
# NAME
# host
#
# DESCRIPTOIN
# This is the accessor method for the attribute HOST. It acts as both
# the SET and GET methods.
#
# EXAMPLE
# Using it as a GET method:
# $host = $obj->host();
#
# Using it as a SET method:
# $obj->host('128.64.162.35');
#
# INPUTS
# (OPT) RouterOS host to connect to
#
# RETURN VALUE
# The value of the HOST attribute.
#
# OUTPUT
# None.
#
# AUTHOR
# Josh Kuo
#
# SOURCE
sub host {
my $self = shift;
if (@_) {
$self->{HOST} = shift;
}
return $self->{HOST};
}
#***
#****im* RouterOS/initialize
# NAME
# initialize
#
# DESCRIPTION
# This method takes the arguments passed to the constructor and sets
# the object's attributes accordingly. It does this by chopping the
# arguments array into pairs, and stuff them into a hash table; then
# it checks each key to see if it has a value, if it does, then it
# assigns that value to the object itself.
#
# INPUTS
# (REQ) Array passed to the constructor
#
# RETURN VALUE
# None.
#
# OUTPUT
# None.
#
# SIDE EFFECT
# Sets the object's attributes 'HOST', 'USER', and 'PASSWD' base on
# the values given.
#
# AUTHOR
# Josh Kuo
#
# SOURCE
sub initialize {
my $self = shift;
# loop through the rest of the arguments and chop them into pairs,
# and stuff them into the hash table for easy lookup later
my $size = @_; my %hash;
for ($counter=0;$counter<$size;$counter+=2) {
%hash->{@_[$counter]} = @_[$counter+1];
}
my $host = %hash->{HOST};
if ($host) { $self->{HOST} = $host }
my $user = %hash->{USER};
if ($user) { $self->{USER} = $user }
my $passwd = %hash->{PASSWD};
if ($passwd) { $self->{PASSWD} = $passwd }
# Create a new Expect object to connect to this host
my $ssh = new Expect();
# This tells Expect NOT to send the results to STDOUT
$ssh->log_stdout(0);
# This will log the STDOUT output to a file instead
#$ssh->log_file("/tmp/expect.tmp", "w");
# We need to fool RouterOS into thinking that our terminal type
# is xterm before making the connection
$ssh->spawn("export TERM=xterm && ssh -l $user $host");
unless ($ssh->expect($TIMEOUT, '-re', "password:")) {
die "Did not receive password prompt.";
}
print $ssh "$passwd\r";
unless ($ssh->expect($TIMEOUT, '-re', "> ")) {
die "Password submission failed, did not receive login prompt.";
}
if ( $ssh ) { $self->{SSH} = $ssh }
else { die "Could not establish SSH connection to $host." };
}
#***
#****m* RouterOS/user
# NAME
# user
#
# DESCRIPTOIN
# This is the accessor method for the attribute USER. It acts as both
# the SET and GET methods.
#
# EXAMPLE
# Using it as a GET method:
# $user = $obj->user();
#
# Using it as a SET method:
# $obj->user('admin');
#
# INPUTS
# (OPT) RouterOS user name
#
# RETURN VALUE
# The value of the USER attribute.
#
# OUTPUT
# None.
#
# AUTHOR
# Josh Kuo
#
# SOURCE
sub user {
my $self = shift;
if (@_) {
$self->{USER} = shift;
}
return $self->{USER};
}
#***
#****m* RouterOS/passwd
# NAME
# passwd
#
# DESCRIPTION
# This is the accessor method for the attribute PASSWD. It acts as
# both the SET and GET methods.
#
# EXAMPLE
# Using it as a GET method:
# $passwd = $obj->passwd();
#
# Using it as a SET method:
# $obj->passwd('secret passwd');
#
# INPUTS
# (OPT) RouterOS password
#
# RETURN VALUE
# The value of the PASSWD attribute.
#
# OUTPUT
# None.
#
# TODO
# We may want to restrict the usage of this method in the future to a
# SET only method, so no one can gain access to the password this way.
#
# AUTHOR
# Josh Kuo
#
# SOURCE
sub passwd {
my $self = shift;
if (@_) {
$self->{PASSWD} = shift;
}
return $self->{PASSWD};
}
#***
1;
My customers paid an installation fee and I own the network and can do with it what I want. This way I can turn thier CPE into a CPE/Hotspot if I see the need.
Something to think about.
joshkuo,
Your script is awesome. It’s allowed us to automate large portions of our network. Thanks a lot.
i trie to use this perl script but not return any data ..
you can help me ?
Hello
I have made (copied and modified) the following script to call the RouterOS pm:
#!/usr/bin/perl
use RouterOS;
my $connection = RouterOS->new(
HOST=>'123.123.123.123',
USER=>'admin',
PASSWD=>'password'
);
my $command = '/queue simple set test total-limit-at=512k max-limit=512k/512k'
my $result = $connection->exec($command);
I receive the following error from the script:
syntax error at ./routerupdate.pl line 10, near "my "
Execution of ./routerupdate.pl aborted due to compilation errors.
Please show me where I have made a mistake?
Me again, i found the problem, left out a “;” at the end of line 9
But nor receive the following error:
Password submission failed, did not receive login prompt. at /usr/lib/perl5/RouterOS.pm line 314.
I think you’re referring to line 8.
Try and do a manual SSH connection first. You will probably find the host key has not been added yet.
Hello Eugene
Yes, I figured that the key was prevending me from logging in, used putty to log in and noticed it wanted to first accept the key, then went to the server and logged in via cmd and accepted the key. Now when I log in via cmd it works as expected and i log in successfully.
While running this script I see on the MT log that a ssh connection is made, but still receive this error:
Password submission failed, did not receive login prompt. at /usr/lib/perl5/RouterOS.pm line 314.
I have tried so many other scripts and goodies but nothing seems to work. If you can help me get this working it will be an early xmas pressie for me 