May i ask for feature request for Dynamic assigned IP’s to allow comment support.. or where one can trigger comments too within firewall rules.
I think it would seem helpful aswell when one applies [find comment =“”] for events like netwatch as example..
I see more and more where [find] is a useful feature even in events of mass rollout of configuration.
Another option would be to have more integrated wizards to help plan configurations above the normal quick config.
I always seem to break my network with improper firewall placement perhaps there may be some more advanced preventions options in that.
Thank you for your hard work and the supporting trainers and staff.
Other enquiry would be to add security steps to basic configurations in advanced options wizard expansions
like
Port Scanner protections…
Brute Force Protections (limit) connections,
Port Knocking
For Basic setup could one not also add dual WAN by option.
With the intoduction of BacktoHome - would it be possible to add 2MFA.
Personally when behind a NATTED ISP it only seems to work while on ISP Router wifi connection WAN…
Since v7 could setup also not add a new user in total since it Highly Recommended as default user on first login.
Option to adjust default preconfigure with own namings and comments.
In addition to compatiable routers/switches enable option like Zerotier.
Since i saw the basic function of telegram it would nice to have a dedicated feature set enable for it under Tools.
For scripts - Is there a posibility to have option for preloaded scripts - of common scripts used.
Like Backup config + Logs, then option to email / telegram files.
Option on DHCP to notify admin of new lease issued.
Logging attempt notification by email or telegram.
I personally have re-wiped my router so many times - router zerotier now failing to connect and not sure what the problem
+1 - you have a lot of good suggestions that I’d agree with.
If you’re configuring routers professionally, they do have the branding kit, so if you want to update the default configuration you can use that to do it. If you want to keep QuickSet working, you need to start with the existing default configuration. As long as you add things, and NEVER rename or change any of the things QuickSet modifies, you can keep that working for an end-user.
I mention QuickSet since that is suppose to be the “wizard approach”. But it’s buggy and inconsistent (and very error prone if you change comments or names like “defconf” which are critical to how QuickSet works). So my thought is a lot of what you suggest be focus on making QuickSet work better. It actually has a nifty “profile” feature that could be better mapped to real use cases than current random QuickSet profiles.
It is a bit frustrating since we now have the same UI in so many forms (native Mac/Linux winbox4, and in 7.17 a new webfig that looks like winbox4). All well styled and great it’s consistent. But 0% attention has be paid to making anything easier - like your “wizard” suggests above. While I like the native WinBox4, the needs listed here are more important than avoid wine on Mac/Linux to end up with same interface. A native app does not make configuration easier.
New thinking of security would be greater ACL features..
Another thought of feature set would be with port knocking using ACL… therefore when port knocking one authenticate port knocking credentials.
Or even allow Certificate on set ports.. so would be like ability to add IP->Services but with ACL
Address list would be nice to have ports also listed therefore one can use “Addess list” in firewall export to make it more secure when exporting it..
Would be great to be able to make a listing for ports access too as a listing like address list.
Therefore when exporting firewalls it keeps private info secret…
Like one can do with Public ip in address list.
Not sure if address list can be written to file… Like when logging login attempts from rogue IP’s. so one can review data even if router rebooted.
Or one can use feature to load file for address list ect.
