Useful scripts

I will try to get all the useful links to threads to look at when some script is needed, that is not yet in wiki or is in wiki, just to get them not buried under loads other posts.

Check time of the post, to make some link to RouterOS version these where created for.

thank you janisk. It also useful to mention the RouterOS version that the script work with because sometimes I found old scripts for v2.9 and they don’t work with v4.14

in that case take CLI script editor (inside RouterOS) and edit script in there. Most of the syntax changes can be caught using that. F5 to refresh highlighting.

all version have this editor?
where it’s located?

thanks.

all RouterOS have this.

in CLI - /system script edit <script-name> source

Hi guys
Why the scrip does not work?!
set[/ip route find dst 0.0.0.0] gateway 10.0.0.1
this command mentioned in wiki.mikrotik:
http://wiki.mikrotik.com/wiki/Manual:Tools/Netwatch
after enter the command, notting happen and the default route doesn’t change.
I want to write a script to change the default route gateway.

I don’t know where to post this but this is by far the best place to post it. Basically what the script does is that it will check for dynamic leases on my dhcp server, take their mac addresses and check it against firewall filter. If it’s not there it will add it and drop everything that’s coming from those mac addresses. I’m using this to prevent users from using my internet bandwidth without prior permission and they just happen to know my wireless key from a colleague.

The script below is tested to work on 2.9.x:

:foreach i in=[/ip dhcp-server lease find dynamic=yes] do={
   :set dynamicMAC [/ip dhcp-server lease get $i mac-address];
   :set dynamicHOST [/ip dhcp-server lease get $i host-name];
   :set macfound [/ip firewall filter find src-mac-address=$dynamicMAC];

    :if ($macfound != "") do={
        :log info ($dynamicMAC. " already filtered")
    } else= {
        /ip firewall filter add chain=forward src-mac-address=$dynamicMAC action=drop comment=($dynamicHOST . " - " . $dynamicMAC . " Unregistered device")
        :log info ("Added " . $dynamicMAC. " to firewall filter")
    }
}

The code below is tested to work on 5.19:

:foreach i in=[/ip dhcp-server lease find dynamic] do={
   :local dynamicMAC [/ip dhcp-server lease get $i mac-address];
   :local dynamicHOST [/ip dhcp-server lease get $i host-name];
   :local macfound [/ip firewall filter find src-mac-address=$dynamicMAC];

    :if ($macfound != "") do={
        :log info ($dynamicMAC. " already filtered")
    } else= {
        /ip firewall filter add chain=forward src-mac-address=$dynamicMAC action=drop comment=($dynamicHOST . " - " . $dynamicMAC . " Unregistered device")
        :log info ("Added " . $dynamicMAC. " to firewall filter")
    }
}

Good luck!

Hallo,
i made this simple script in order to backup daily the router settings and usermanager database, using sd-card as buffer in order to reduce router nand’s use.
It is especially useful when yuo plan to enlarge usermanager database until gigabyte size, making backup into router’s nand not more possible.
I’ll write also another script to “rebuild” database and logs every week, to reduce backup’s size.
This script will erase always the same two files, in order to have always the last good version in ftp.

#automated System
:log info message=System_Export_started;
:local exportname ([/system identity get name].“.rsc”);
:local UMname ([/system identity get name].“.umb”);
export compact file=micro-sd/exportSy.rsc;
/tool user-manager database save name=micro-sd/backupUM.umb;
:log info message=System_Export_finished;

Upload the System Backup to External FTP;

/tool fetch address=192.168.1.1 port=21 src-path=micro-sd/exportSy.rsc upload=yes
user=FTPuser mode=ftp password=“FTPpassword” dst-path=$exportname;
/tool fetch address=192.168.1.1 port=21 src-path=micro-sd/backupUM.umb upload=yes
user=FTPuser mode=ftp password=“FTPpassword” dst-path=$UMname;
/file remove micro-sd/backupUM.umb;
/file remove micro-sd/exportSy.rsc;
:log info message=System_Export_uploaded;

where you have to put your ftp server address instead of “192.168.1.1” and your FTP user and password.
I take inspiration from this post: http://forum.mikrotik.com/t/backup-to-external-ftp-useful-script/47659/1 and I hope it will be useful for someone. :smiley:
It works with RouterOS 6.2 .

thank you janisk for good info. your post is very helpful for me.

I open another thread for my script:

Check locked PPPOE, PPTP, L2TP, SSTP, OVPN, and PPP connections

http://forum.mikrotik.com/t/check-locked-pppoe-pptp-l2tp-sstp-ovpn-ppp-connections/75396/1

I open another thread for my script:

How to really block invalid TCP and UDP packet

http://forum.mikrotik.com/t/for-isp-how-to-really-block-invalid-icmp-tcp-udp-packets-and-others-ver-2021/75627/1

Here’s one I just wrote to centrally push new (beta) firmwares to our CAPsMAN managed Wireless system in a batch:
/system script
add name=pushupdate policy=ftp,read,write,policy,test,winbox,password,sniff,sensitive,api source="
:foreach i in=[/ip firewall address-list find list=accesspoints] do={
[/tool fetch address=[/ip firewall address-list get $i address] mode=ftp user=login password=password src-path=updates/wireless-fp-6.13rc7-mipsbe.npk dst-path=wireless-fp-6.13rc7-mipsbe.npk upload=yes];
[/tool fetch address=[/ip firewall address-list get $i address] mode=ftp user=login password=password src-path=updates/routeros-mipsbe-6.13rc7.npk dst-path=routeros-mipsbe-6.13rc7.npk upload=yes];
[/tool fetch address=[/ip firewall address-list get $i address] mode=ftp user=login password=password src-path=updates/reboot.rsc dst-path=reboot.auto.rsc upload=yes];
}I have all the Access Points in the address list “accesspoints”.
The filenames are hard coded on purpose to keep an eye on the versions.

The reboot.rsc script looks like this:
:file remove reboot.auto.rsc
:log warning “Firmware upgrade initiated”
:delay 1s
:system reboot…(Warnings and errors are logged to disk, everything else to memory only, this is why I issue a warning).

In case anything goes wrong, I have a downgrade script with 6.12 in place as well.
The reboot script then invokes /system package downgrade instead of reboot.

Maybe this is helpful for someone.

Cheers
-Chris

Where and how set you a list with registered users?


Add manually the devices on DHCP leases…

Script to download a current address-list to blacklist known botnets, spammers, scammers and C&C servers.
http://forum.mikrotik.com/t/blacklist-filter-update-script/89817/1

Script to send notifications to multiple email addresses for multiple BGP Peers if their status is not ‘established’
http://forum.mikrotik.com/t/email-me-if-bgp-session-status-in-not-established/58669/15

have Just added a Script for Hotspot Data Limit

http://forum.mikrotik.com/t/hotspot-data-limits/90475/1

Sets Data Limit On Login - no scripted monitoring required - and disconnects once data is used

Beware that this won’t work if your script is above 4Kb ! (See this post ).
So it only works for small script… :imp:

Looking to edit my Voltage report script I have been using, currently it is set to send email of report daily at 11pm, I am trying to change to 8am but I have been getting negative hour results such as -1 -2 -3 etc. I made two changes and am going to see what happens tomorrow but if you know of simple way to fix please let me know- below is the script I been using from the site (2 scripts). I am not script smart but am trying to figure some of this out, just would like reports at 8am rather than 11pm

I changed a line below from 23 - $x to 08 + $x in hopes to get positive numbers

:global highvolt
:global lowvolt
:global hivolttime
:global lovolttime
:global starttime
:global vh
:local tvolt
:local thisbox [/system identity get name]
:local thisdate [/system clock get date]
:local thishour
:local emessage “Daily voltage report for $thisbox on $thisdate\n\n”
:if ([:len $vh] > 0) do={
:for x from=0 to=([:len $vh]-1) step=1 do={
:set tvolt [:tostr [:pick $vh $x]]
:set thishour [:tostr (08 + $x)]
:while ([:len $thishour] < 2) do={:set thishour (“0” . $thishour)}
:set emessage ($emessage . $thishour . ":00 = " . [:pick $tvolt 0 2] . “.” . [:pick $tvolt 2 3] . “\n”)
}
:set emessage ($emessage . "\nSince voltmonitor started on " . $starttime . “\n”)
:set tvolt [:tostr $highvolt]
:set emessage ($emessage . "Maximum = " . [:pick $tvolt 0 2] . “.” . [:pick $tvolt 2 3] . "v at " . $hivolttime . “\n”)
:set tvolt [:tostr $lowvolt]
:set emessage ($emessage . "Minimum = " . [:pick $tvolt 0 2] . “.” . [:pick $tvolt 2 3] . "v at " . $lovolttime . “\n”)

set email address in next line

/tool e-mail send to=“myemail” subject=“$thisbox Voltage Report” body=$emessage}

remark out the next line for testing to avoid resetting the voltage array

:set vh


##########################################################################
Volt monitor script-

I changed the line below for when to run the report script from thishour 23 to thishour 08

#set lowvoltalarm to desired alarm voltage in tenths of a volt. 118 = 11.8v # the +015 is for volt offset of real volts
:global lowvoltalarm 225
:global highvolt
:global lowvolt
:global starttime
:global hivolttime
:global lovolttime
:global vh
:local thisbox [/system identity get name]
:global voltage ([/system health get voltage] + 015)
:local thistime [/system clock get time]
:local thisdate [/system clock get date]
:local thishour [:pick $thistime 0 2]
:local emessage ($thisbox . " voltage is " . [:pick $voltage 0 2] . “.” . [:pick $voltage 2 3])
:if ([:len $lowvolt] < 1) do={:set lowvolt 999; :set highvolt 0}
:if ($voltage <= $lowvoltalarm) do={/tool e-mail send to=“mycelltext” subject=“$thisbox low voltage” body=$emessage}
:if ($voltage <= $lowvoltalarm) do={/tool e-mail send to=“hiscelltext” subject=“$thisbox low voltage” body=$emessage}
:if ($voltage > $highvolt) do={:set highvolt $voltage; :set hivolttime ($thistime . " " . $thisdate)}
:if ($voltage < $lowvolt) do={:set lowvolt $voltage; :set lovolttime ($thistime . " " . $thisdate)}
:if ([:len $vh] > 0) do={:set vh ([:toarray $voltage] + $vh)} else={:set vh [:toarray $voltage]}
:if ([:len $starttime] < 1) do={:set starttime ($thistime . " " . $thisdate)}
:if ($thishour = “08”) do={:execute voltreport}

Hello jfrawley,

Did you get your voltage monitoring script to work on 6.33.5?
I also have a similar votage monitoring script to yours, i have it working great on 6.29,
but i cannot get it to work on any version higher than 6.30…

Here is my script:

#set lowvoltalarm to desired alarm voltage in tenths of a volt. 125 = 12.5v
:global lowvoltalarm 200
:global highvoltalarm 280
:global highvolt
:global lowvolt
:global starttime
:global hivolttime
:global lovolttime
:global vh
:local thisbox [/system identity get name]
:global voltage [/system health get voltage]
:local thistime [/system clock get time]
:local thisdate [/system clock get date]
:local thishour [:pick $thistime 0 2]
:local emessage ($thisbox . " voltage is: " . [:pick $voltage 0 2] . “.” . [:pick $voltage 2 3])
:if ([:len $lowvolt] < 1) do={:set lowvolt 999; :set highvolt 0}

set your email address in the next line

:if ($voltage <= $lowvoltalarm) do={/tool e-mail send to=“test@test.com” subject=“$thisbox Voltage Statistics” body=$emessage}
:if ($voltage >= $highvoltalarm) do={/tool e-mail send to=“test@test.com” subject=“$thisbox Voltage Statistics” body=$emessage}
:if ($voltage > $highvolt) do={:set highvolt $voltage; :set hivolttime ($thistime . " " . $thisdate)}
:if ($voltage < $lowvolt) do={:set lowvolt $voltage; :set lovolttime ($thistime . " " . $thisdate)}
:if ([:len $vh] > 0) do={:set vh ([:toarray $voltage] + $vh)} else={:set vh [:toarray $voltage]}
:if ([:len $starttime] < 1) do={:set starttime ($thistime . " " . $thisdate)}
:if ($thishour = “23”) do={:execute voltreport}

I run this every 30 minutes.

Could somone one please tell me why this now does not work on all versions higher than 6.30?

Thanks.