Hi all,
We use the MT as our firewall, and a nat rule that sends all 80/443 traffic on an external IP to a NGINX load balancer on our internal network.
This works well.

BUT - what I want to look at is adding a failover rule, maybe with a script?, If the internal Load Balancer, lets say x.x.1.2 goes down, then the firewall rule will automatically reroute traffic to x.x.1.3.
I could set up a monitor machine that pings the LB updates the rule on the MT, or the MT just always LB's that traffic to both LB's?

How would you do this?

There is a project on Github that worked on this concept (link below) and there are a number of examples of config synch scripts out there.

https://github.com/svlsResearch/ha-mikrotik

Netwatch to enable/disable nat rules

Netwatch to enable/disable nat rules

Netwatch only monitoring icmp.
Not monitoring TCP ports 80 or 443 either services http or https. (like F5 or A10 balancers)

Thanks guys, I'll look at the gibhub project, and am looking at the API and putting a service in the middle that monitors bot hand alters the rules accordingly.

Maybe using /tool fetch script be able to perform application monitoring http / https.

I never did, it's something to develop.

Yes you can do a scheduled script (regularly started or started at boot and then using a loop) to do much better
monitoring than netwatch can do. Not only can you use /tool fetch (use the on-error construct) but also you
could do ping and set some threshold, which netwatch cannot do!
(when using netwatch, every missed ping is considered a failure so when you have a small packet loss there will
be a lot of unnecessary alerting and switching to failover)

hi I need help how I can use firewall on mikrotik to block an application named (netshare). I use hotspot so people use this app to share free internet to others. you can find it on google play and how it work. I see that this app use port 8282 and it give the client a diffrent ip which is 192.168.49.1/24
and I find in netshare setting the proxy port is
1024-65563
so, please help me to block it. I used a diffrent ways but I coud not stop this application

hi I need help how I can use firewall on mikrotik to block an application named (netshare). I use hotspot so people use this app to share free internet to others. you can find it on google play and how it work. I see that this app use port 8282 and it give the client a diffrent ip which is 192.168.49.1/24
and I find in netshare setting the proxy port is
1024-65563
so, please help me to block it. I used a diffrent ways but I coud not stop this application

Please do not hijack a post about a completely different issue with your issue that is not related. Open a new forum post for your issue so it can be handled properly, otherwise you will have people trying to solve two different issues in the same thread and it will cause confusion.