Couple options I'd really like to see in winbox:
- Ability to "add" new rules while your in the firewall/nat rule boxes. So that you can add, instead of apply. By adding, it would add a second rule or third rule, etc. This way, if we want to add 100 rules, we don't have to keep closing the box and clicking on the + sign to add a new rule. This would save us a lot of time if we're adding lots of rules to limit a lot of ports in a similar fasion, but changing ports or other parameters (comments, etc), without having to close and add a new setting each time.
- Ability to "ADMIN LOCK" certain settings, especially under wireless or firewall settings. This way, we can lock down settings so that they can't be changed "accidently". Under an admin section in the menu, there could be a lock/unlock, that allows the admin to lock/unlock those settings (possibly by also adding another password, so other admin's can't break something important, but they can still change "unlocked" settings).
- Ability to LOCK interface configurations. This way, if we swap out an ethernet card with a new MAC address, or a radio with a new MAC address, we can lock those settings and restore those settings to the new radio or ethernet card. We've had issues where we removed the wireless-legacy package, then re-added the regular wireless package, only to find that ALL of our wireless settings were gone and had to be re-setup again. We've also swapped out an occational bad CM9 and it would be nice if all of the wireless, hotspot and firewall rules could be pointed quickly to the new device, without having to go into each and every sub-menu to re-configure those settings. I suspect SAFE mode might be like this, but I've not seen any documentation on SAFE mode, I only ran into it when I typed something wrong on the terminal.
- Ability to proxy winbox sessions through a remote mikrotik box. This way, if we have dozens of AP's on 10.x.x.x networks and want to access those MT boxes on private IP's, from the Internet, we can proxy through the core router (MT). Maybe just a simple proxy could be setup to pass connections through another winbox host on a different port? Maybe this could be done with firewall rules, but it might be nice to have it setup for dynamic proxy (so we use only one inbound port, but can access any winbox device on the inside of the network and even could do a scan of MT boxes through a winbox proxy).
Judd