Hi everyone!
Who knows whether it’s possible (with SNMP?) to poll a Mikrotik unit and find the total number of connections (/ip firewall connections ) this way?
It isn’t possible.
I see 2 ways
- a script on the mikrotik, it send an email each time you want this data
- from a remote server execute a script with telnet and retreive the info
#2 sounds good! That I should be able to do from the same server that would have done the SNMP-fetch anyway… 
Do you have an example of such a script for me/us? 
A simple expect script may look like this:
#!/usr/bin/expect
#Information gathering script for RouterOS
# this will timeout the script if something go wrong
set timeout 20
# set these variables for your network
set router "1.1.1.2"
set logn "admin"
set passwd ""
set rta_prompt ".* >"
# Setting loglevel 0 to avoid spamming from router
log_user 0
# Spawning quiet telnet session
eval spawn -noecho telnet "$router"
# Authentication stuff
expect "Login:" {send "$logn\r"}
expect "Password:" {send "$passwd\r"}
# Retrieve and print info about connections
expect "$rta_prompt" {
send "/ip firewall connection print\r"
}
expect "$rta_prompt" {
set aa $expect_out(buffer);
send_user "\n-------------------------------\n";
send_user $aa;
send_user "\n-------------------------------\n";
}
sleep 2
send "\r"
Note that you must have TCL and Expect installed in order to get this script work. And I guess this should be *nix machine:)
I tried the script on my *nux machine, and it doesn’t seem to generate any output, or so it seems…?
Do you have expect and tcl installed? telnet enabled on router?
this code works perfectly for me! good job Eugene!
Yup, expect 5.37.1 & tcl 8.4.6 are present. Commenting out the log_user parameter does give the right(?) output, with
-- [Q quit|D dump|down]
on the bottom line.
He, he:) you have too much connections in your table. Do not comment out log_user parameter. Add without-paging argument to /ip firewall connection print command instead.
Eugene
That gives more!
-------------------------------
123:80 tcp time-wait 1m41s
152 A 192.168.24.140:58533 199.181.132.206:80 tcp time-wait 1m23s
153 A 192.168.24.140:58531 199.181.132.207:80 tcp time-wait 1m23s
154 A 192.168.24.140:58536 199.181.132.207:80 tcp time-wait 1m23s
155 A 192.168.24.140:47582 204.74.101.1:53 udp 2m47s
156 A 192.168.24.140:55077 204.152.184.184:6277 tcp established 4d23h54m2s
157 A 192.168.24.140:58496 206.16.0.222:80 tcp time-wait 19s
158 A 192.168.24.140:58518 206.16.0.222:80 tcp time-wait 1m23s
159 A 192.168.24.140:58576 207.171.166.48:80 tcp time-wait 1m44s
160 A 192.168.24.140:58577 207.171.166.48:80 tcp time-wait 1m44s
161 A 192.168.24.140:58578 207.171.166.48:80 tcp time-wait 1m48s
162 192.168.24.140:47582 207.171.169.7:53 udp 13s
163 A 192.168.24.140:56123 212.97.129.35:6277 tcp established 4d23h59m57s
164 A 192.168.24.140:58575 213.84.23.119:80 tcp fin-wait 1m42s
165 U 192.168.24.140:58517 213.220.100.3:80 tcp syn-sent 1m55s
166 A 192.168.24.140:58520 213.220.100.3:80 tcp time-wait 1m58s
167 192.168.24.140:47582 216.200.69.14:53 udp 24s
168 A 192.168.24.140:47582 216.239.120.69:53 udp 2m11s
169 A 195.225.3.19:64413 213.151.155.141:6277 tcp established 4d40m19s
170 A 204.152.184.184:58374 213.151.152.215:6277 tcp established 4d23h59m57s
171 A 204.152.184.184:56980 213.151.155.141:6277 tcp established 4d41m48s
172 A 212.4.33.214:13095 213.151.155.141:80 tcp established 2d23h57m59s
173 A 213.151.152.215:1499 205.188.8.136:5190 tcp established 4d23h59m39s
174 A 213.151.152.215:1492 205.188.11.184:5190 tcp established 4d23h59m7s
175 A 213.151.152.215:1483 207.46.107.167:1863 tcp established 4d23h59m40s
176 A 213.151.152.215:1488 207.46.107.169:1863 tcp established 4d23h59m39s
177 A 213.151.152.215:1496 216.155.193.184:5050 tcp established 4d23h59m6s
178 A 213.151.152.215:1480 217.13.3.82:1723 tcp established 4d5h42m3s
179 A 213.151.152.215 217.13.3.82 gre 4d23h59m59s
180 213.151.153.79:1026 213.151.152.215:137 udp 2s
181 A 213.151.155.141:1319 205.188.8.138:5190 tcp established 4d21m18s
182 A 213.151.155.141:1321 205.188.11.184:5190 tcp established 4d21m18s
183 A 213.151.155.141:1240 207.46.106.71:1863 tcp established 4d21m18s
184 A 213.151.155.141:1241 207.46.107.62:1863 tcp established 4d21m18s
185 A 213.151.155.141:1248 208.245.212.67:5222 tcp established 4d21m18s
186 A 213.151.155.141:1213 216.155.193.178:5050 tcp established 4d21m22s
187 A 213.151.155.141:1479 217.13.2.82:1723 tcp established 4d19m53s
188 A 213.151.155.141 217.13.3.82 gre 4d21m30s
[evert@MEULIE] >
-------------------------------
But what I actually need is just the # of connections, as a single number…
Revised version of the script to use with ssh. The script assumes you have no password for the account specified. Uncomment authentication line if you actually have a password.
Paging issues are fixed too
#!/usr/bin/expect
#Information gathering script for RouterOS v1.2
# this will timeout the script if something go wrong
set timeout 20
# set these variables for your network
set router "1.1.1.2"
set logn "admin"
set passwd ""
set rta_prompt ".* >"
# Setting loglevel 0 to avoid spamming from router
log_user 0
# Spawning quiet ssh session
eval spawn -noecho ssh -l "$logn" "$router"
# Authentication stuff
#expect ".*password:" {send "$passwd\r"}
#set maximum buffer length (there are too many connections sometimes)
match_max 50000
# Retrieve and print info about connections
expect "$rta_prompt" {
send "/ip firewall connection print without-paging\r"
}
expect "$rta_prompt" {
set aa $expect_out(buffer);
send_user "\n-------------------------------\n";
send_user $aa;
send_user "\n-------------------------------\n";
}
sleep 2
send "\r"
I expected this
$ wc -l < myscript
Maybe this way?
(myscript is the name of expect script)
EDIT:
Or isuue the /ip firewall connection print command with count-only argument.
This would count the number of lines of the myscript file… 
Hmm, after that change I get no output at all from the script… weird…
Sorry, my mistake. The correct should be:
$ ./myscript | wc -l
And working count-only snippet:
# Retrieve and print info about connections
expect "$rta_prompt" {
send "/ip firewall connection print count-only\r"
}
expect -re "\[0-9]+" {
set aa $expect_out(0,string);
send_user "$aa\n";
}
sleep 1
send "\r"
Yes!
As you can see here, that works perfectly!
I’m impressed;) Can you share MRTG configuration to use script output for the benefit of others? :))
Sure:
Target[conncount]: `/usr/local/bin/connection_poll`
Options[conncount]: gauge,growright,nopercent,noo
Title[conncount]: Connection count
MaxBytes[conncount]: 1000
PageTop[conncount]: <H1>Connection count</H1>
LegendO[conncount]: Connections
LegendI[conncount]: Connections
YLegend[conncount]: connections
ShortLegend[conncount]: connections
It’s as simple as that…
Hmm, I’m trying to turn it into a SSH-enabled script, but there seems to be something not quite right with my version:
#!/usr/bin/expect
#Information gathering script for RouterOS
# this will timeout the script if something go wrong
set timeout 20
# set these variables for your network
set router "1.2.3.4"
set logn "mrtg"
set passwd "blah"
set rta_prompt ".* >"
# Setting loglevel 0 to avoid spamming from router
log_user 0
# Spawning quiet telnet session
eval spawn -noecho ssh "$logn@$router"
# Authentication stuff
expect "Password:" {send "$passwd\r"}
# Retrieve and print info about connections
expect "$rta_prompt" {
send "/ip firewall connection print count-only\r"
}
expect -re "\[0-9]+" {
set aa $expect_out(0,string);
send_user "$aa\n0\n";
}
sleep 1
send "\r"
This script takes 40 seconds to finish, and always returns 192 as value… 