I posted this is General forum but think its more appropriate here:
I have this in my Down option:
log warning "VPN Connection is down.";
log warning "Running NoVpnReboot script.";
:beep length=1400ms frequency=900;
/system script run NoVpnReboot
Everything runs EXCEPT for the /system script run NoVpnReboot
The script does work when I run it from the terminal?
I’m running 6.42.1 RouterOS?
Any help really appreciated.
It might be something to do with this:
What’s new in 6.42 (2018-Apr-13 11:03):
netwatch - limit to read, write, test and reboot policies for Netwatch script execution;
I have just upgraded my router to v6.42.1 (due to the latest in a growing list of very troubling security flaws, thanks Mikrotik).
Netwatch was working fine until then. I find that I can still put an entry in a log file using Netwatch, but I cannot change a variable from a Netwatch script.
So I am guessing the issue is to do with permissions. I have no idea if these can be changed. I have not found a handle for it yet, if indeed this is the issue.
Perhaps someone else can enlighten us.
OK so in your particular issue, not being able to call a script, if you go to the script itself and uncheck all policy options with the exception of read, write, test and reboot, you should be able to call the script (it worked for me).
Assuming of course you script does not require other policy options to function correctly.
So my issue is still not resolved:
I am no longer able to change the value of a global variable from within Netwatch.
If I create a script to change the global variable, and call that from Netwatch, the global variable will not change unless the policy option “policy” is checked for the script.
I verified this by a manual run of the script.
Since Netwatch can now only call scripts that have (at most) policies “read”, “write”, “test” and “reboot” - the script will not call when I check the “policy” option, as is seemingly required in order to modify a global variable.
Intuitively I would have figured that the “write” option would be enough to allow us to change a global variable. However it is the “policy” option that appears to allow us to do this. Not sure if it has always been this way, or if it is a bug.
Anyhow it appears that the usefulness of Netwatch is somewhat limited moving forward.
I have the same issue with netwatch on v6.42.1 (current).
Not able to write global variables by netwatch up or down event and scripts will not be launched.
Thanks very much for he reply. I wound up putting my script in the down section. It’s not very large.
Is there a problem in doing that?
Yes you can put the entire scripts in the NetWatch Up/Down script windows.
However in my case - writing to a global variable - this ceased to work with the new software version no matter whether I put the function in the NetWatch script window, or I called a script with the function in it, as explained above.
So I guess it is just a matter of what you are doing in the script - as some script permissions (functions) seems to have been removed for NetWatch.
The time for a workaround and rewriting all other script is too high and I am using the scheduler instead netwatch. Don’t waiste time with netwatch!
Here the example for our case:
# check if server is up and run script
:global srvstat
:global srv
:if ([/ping $srv count=2 size=64] = 2) do={
:global srvstat "up"
} else={
:global srvstat "down"}
:if ($srvstat = "up") do={
:global lastsync
:if ($lastsync = "") do={
:global lastsync "60"}
:if ($lastsync > 59) do={
:global lastsync 0
# launch script here
} else={
:global lastsync ($lastsync + 5)}
} else={
:global lastsync "60"}
Hi.
Following your method I got to have netwatch to execute the up and down scripts. As test I just wrote a line in the log and I checked both the run counter and the log. So fine.
Then I put some more lines in the same test scripts, and tried to run the command trying to execute a command, like /tool e-mail, it doesn’t execute it and, moreover, doesn’t execute nothing else before or after the command. This even happens just executing the script from Winbox or terminal.
So, probably the command execution inside the script itself is the problem, not only netwatch !
Is something you have seen in your tests?..
My script is just pinging a host and if no response rebooting.
I’m in the same situation. Very dissapointing… I have a lot of email scripts that didn’t work neither.
I think this need a fix as soon as possible.
nothing to help yall with from me, but here is a relevant thread with more info on this same issue (i have alot of netwatch + script combos as well):
http://forum.mikrotik.com/t/netwatch-deprecated/119579/1
That worked for me - awesome..
I thought I was going mad - how could they break such simple functionality?
Here is an example of my solution
http://forum.mikrotik.com/t/netwatch-and-scripts/124863/4
If you are using RouterOS 6.43.x, then you can simply use dont-require-permissions=yes.
See: http://forum.mikrotik.com/t/netwatch-deprecated/119579/1