how do i get the system active user in system/user/active user
:do {/ppp secret
:foreach ix in=[find where (comment=“12345”)] do={
:local date [/system clock get date]
:local time [/system clock get time]
:local sNAME [get $ix name];
:local sPASS [get $ix password];
:local sUSER [get active user name=winbox]; <<<<<<<<<<<<<------not working) please help
Not sure what you try. What is the final goal? Why do you need to get users password in a script?
/ppp secret
This is where all user for remote connection (VPN) are stored.
name=winbox
This sounds like and admin user and should not be found here: /ppp secret
winbox is a bad username both as vpn and admin and should be avoided.
And if you have a VPN user with name winbox, your are trying to find active user under /ppp sercret where the profile are stored.
Active VPN user are found under /ppp active
So it should be some like this:
:local sUSER [/ppp active find where name=winbox]
PS this gives the internal ID number for user with name winbox, not sure if that is what you looking for.
:foreach ix in=[/ppp secret find where (comment="12345")] do={
:local date [/system clock get date]
:local time [/system clock get time]
:local sNAME [/ppp secret get $ix name]
:local sPASS [/ppp secretget $ix password]
:local sUSER [/ppp active find where name=winbox]
}
Some tips.
Use code tags </> around scripts like I have done above.
No need to use semicolon ; at end of lines, only between commands on same line. You have a mix with and without.
sorry for my bad english.
i need only to get active user whose (admin user) login in winbox
:do {/ppp secret
:foreach ix in=[find where (comment=“12345”)] do={
:local date [/system clock get date]
:local time [/system clock get time]
:local sNAME [get $ix name]
:local sPASS [get $ix password]
:local sUSER [/system active user get name] <<<<<<<<<<<<<------not working) please help
If You want to know what users are logged on the Mikrotik router, then the ppp menu isn’t the right place.
You will find this info in:
/user active print
hi sir
i didnt use it for ppp user but i use it for email
example
:do {/ppp secret
:foreach ix in=[find where (comment=“12345”)] do={
:local date [/system clock get date]
:local time [/system clock get time]
:local sNAME [get $ix name]
:local sPASS [get $ix password]
:local sUSER [/system active user get name] <<<<<<<<<<<<<------not working) please help
in email
we recieve your payment this $date at $time
Subscriber: $sNAME
your pass is $sPASS
and the user who assist you is lucifer $sUSER
We are saying that you mix thing. User logging inn to the router using web/winbox/telnet/ssh, has nothing to do with /ppp secret.
To get all user logged inn to router, do:
{
:foreach UsersID in=[/user active find] do={
:local User [/user active get $UsersID]
# change line below to email
:put $User
}
}
Or even better, look at my Splunk project in my signature. It will give you all user logged inn to the router if if for admin or if its VPN user in a nice graphic program + much more.
one more sir
my script is not working
this is how it works
if i remove the ppp active name “agro” in ppp interface, also delete comment “agro” in firewall address list
heres my script
:do {/ppp secret
:local LIST “RC”;
:foreach ix in=[find] do={
:local sNAME [get $ix name];
:if ([/ppp active find where name=$sNAME]!=“”)
do={/ip firewall address-list
remove numbers=[find where comment=$sNAME && list=$LIST];
remove list=$LIST address=$IPadd comment=$sNAME;
} on-error={:log error message=(“move address of " . $sNAME . " to address-list failed”)}
}
}
} on-error={:log error message=“script failed…”}
So you have a unique firewall filter for every user?
Why would you have that?
When do the filter rule get created?
As I wrote before, no need for semicolon at end of line…
And use code tags around the code. Its a button like this </> above the post when edit/write it.
You also have an extra } that break the script. This was easy to see when using tab and quote tags like this:
:do {
/ppp secret
:local LIST "RC"
:foreach ix in=[find] do={
:local sNAME [get $ix name]
:if ([/ppp active find where name=$sNAME]!="") do={
/ip firewall address-list
remove numbers=[find where comment=$sNAME && list=$LIST]
remove list=$LIST address=$IPadd comment=$sNAME
} on-error={
:log error message=("move address of " . $sNAME . " to address-list failed")
}
}
} on-error={
:log error message="script failed..."
}
sorry sir.
yes sir i have comment name in every ip address in firewall address list
but how to remove the comment name in firewall address list if user is disconnected in ppp interface
i need to automatically remove the comment name in firewall address-list if ppp user in interface is disconnected
How do the name get there in the first place?
in comment in ppp interface sir
thats what i need if i delete the argo in ppp interface i want automatically delete the argo in firewall address-list also
How did 100.100.100.209 end up in your address list? Just because he did connect to you using ppp?
Since its not dynamic D, then someone or a script did add this.
Another thing 100.100.100.209 is part of the public internet, and should not be used internally.
Give the whole story. Are you using pppoe for the users? Why delete access list if user is active?
Give a detailed description of what you are doing and what the goal is from A-Z
Is this a new system? Did it stop working? Are you trying to add new functions? etc
You can declare an address list (or interface list) at the secrets file. This way each new connection will be put in that list. Easier than controlling it by hand.
EDIT: It is not the “secrets” in the PPP section: it’s “profiles”. THERE you can set an address list or interface list.
sorry for my english
this is my script but its not working. i need a script if user argo disconnect it also automatically remove argo in ip -firewall address list. please help my script
/ip firewall address-list remove [find where comment=$user && name=RC]
i use it but the problem is all name in firewall address-list were remove
This does not work since in Winbox an entry is called name, but from terminal its called list
So:
/ip firewall address-list remove [find where comment=$user && list=RC]
If you from terminal type this:
/ip firewall address-list print detail where comment="argo"
You will see the name of all fields, some like this:
Flags: X - disabled, D - dynamic
0 ;;; argo
list=RC address=5.5.5.5 creation-time=may/04/2020 08:08:02
There you see you need to use list=RC and not name=RC
But you dit NOT respond to my question. With all information the has been solved much more quickly.
Give the whole story. Are you using pppoe for the users? Why delete access list if user is active?
Give a detailed description of what you are doing and what the goal is from A-Z
Is this a new system? Did it stop working? Are you trying to add new functions? etc
When do the access list entry get created?
thank you sir jotney it solve the problem