Page 1 of 4

Feature requests

Posted: Tue Oct 19, 2010 3:24 pm
by normis
Some features have already been requested before, to better manage this, you can register on the Wiki and cast your vote there:

http://wiki.mikrotik.com/wiki/MikroTik_ ... e_Requests

Of course, in addition, it would be great if you also posted a message here, explaining why you need that particular feature. And as usual - search before you post, maybe a topic exists already.

Re: Feature requests

Posted: Tue Oct 19, 2010 10:54 pm
by adrianatkins
Features ? ROS got more than enough already for the Class it is in.

Re: Feature requests

Posted: Wed Oct 20, 2010 11:39 am
by omidkosari
http://forum.mikrotik.com/viewtopic.php?f=2&t=43809 feature request for feature request itself :D

Re: Feature requests

Posted: Thu Oct 21, 2010 10:34 pm
by adrianatkins
A super cool thing would be for the Mikrotik to detect what it's lacking, based on how much fannying around the admin user is doing (and how often) and automatically send that info to MT so they can automatically include a new feature to do whatever the admin was doing all that time.

Auto feature request basically.

Re: Feature requests

Posted: Thu Oct 21, 2010 11:21 pm
by Beccara
so your asking for A.I? Dont you have something better to do than troll a router manufactures forum?

Re: Feature requests

Posted: Fri Oct 22, 2010 10:51 pm
by dolphinik1
Replace racoon with openswan. With racoon ipsec on mikrotik are poooooooor.

Re: Feature requests

Posted: Fri Oct 22, 2010 11:28 pm
by adrianatkins
something better to do than troll a router manufactures forum?
Is there anything better ?

Maybe i need to get out more.

Re: Feature requests

Posted: Fri Oct 22, 2010 11:37 pm
by fewi
Replace racoon with openswan. With racoon ipsec on mikrotik are poooooooor.
I'm not sure it's the implementation. Some algorithms seem to perform poorly, though. Look at this: http://forum.mikrotik.com/viewtopic.php ... 78#p228478

Re: Feature requests

Posted: Sun Oct 24, 2010 1:06 am
by nz_monkey
After DHCPv6 and finishing the other ipv6 features Mikrotik need to give IPSEC on their platform some serious love. Virtual Tunnel Interface PLEASE!!! We need this for meshed IPSEC tunnels with OSPF, it allows a true "shortest path" to the site the traffic is destined for, which is quite important for VoIP.
As an added bonus, it makes IPSEC much simpler as you do not need to have policies to encrypt the traffic, just create a route via the VTI and bingo the policy is automatically created.

This is the 3rd most popular feature request on http://wiki.mikrotik.com/wiki/MikroTik_ ... e_Requests with 12 votes.


Also, as I have suggested before on the forums and via email to support (Ticket#2010072966000194), replacing VRRP with true High Availability (config sync, session failover) would be fantastic.

Re: Feature requests

Posted: Mon Oct 25, 2010 1:59 pm
by void
Normis,

Does this mean that Mikrotik will commit to implement the most x requested features or do we just filll in that page for fun ?

Re: Feature requests

Posted: Mon Oct 25, 2010 2:00 pm
by normis
no, the list does not influence our priorities, just gives us ideas about what people want to see.

Re: Feature requests

Posted: Mon Oct 25, 2010 11:23 pm
by Solaris
Hmm, isn't this method quite hard to read ? what do you think of this : http://feedback.unity3d.com/forums/15792-unity , user can discuss the importance of such request, admin/mod can add status(under review, completed) of the feature, i think it just easy for mikrotik to use this as doesn't need to cross references each discussion into 1 which will be big 1 thread, just quite hard to track imho,
user also locked at 10 points max for each account, and max 3 points vote for each feature request, sure it's easy to create clone account but i think it's possible to prevent this by verified customer before registration with specific mikrotik key or other verification method, just my opinion, regards.

The service provider for this feature is : http://uservoice.com

Re: Feature requests

Posted: Tue Oct 26, 2010 3:29 am
by Beccara
Heh, Next you'll want a bug tracker like almost every other vendor out there has where we can submit bugs and have other users confirm it and have MT update us on it!

Re: Feature requests

Posted: Tue Oct 26, 2010 12:04 pm
by Trezona
Hello,

Would it be possible to reset the counters individually in the Interface list?

The only way i can do this at the moment is to reboot the mikrotik device...

Thanks.

Re: Feature requests

Posted: Tue Oct 26, 2010 8:23 pm
by xxiii
Here is what I just created under existing features:

Add configuration options to ping-watchdog to specify how many pings should be performed and how far apart before triggering a reboot. This can help avoid false positives when another node along the route reboots and doesn't get routing back up in time to satisfy the ping watchdog, and will let people taylor the ping watchdog to their needs (reboot immediately if things look broke, or, wait a little while and see if things work out).
-- xxiii 17:04, 26 October 2010 (UTC)

We have a lot of routers in remote locations, and use the ping watchdog to reboot them as a last resort in case we can't mac-telnet to them from a neighbor or whatever, or a human can't get to them in a reasonable time to figure out whats wrong, but we would prefer to be able to specify that they wait 10 or 15 minutes before rebooting themselves, or at least 4 minutes, so an upstream router can finish rebooting before triggering a cascade of reboots, or a reroute can occur whose detection and implementation didn't quite occur fast enough for the current ping watchdog.

The current settings let you delay when the watchdog starts, but give you no control once its running.

We'd like something like:
wait 5 minutes.
send a burst of 3 pings, 2 seconds apart, if all lost, wait 5 minutes.
send another burst of 3 pings, if all lost, wait 5 minutes,
send another burst of 3 pings, if all lost, reboot.
Any successful ping response restarts from the beginning. (or perhaps if at least 2 of the 3 are successful or something like that).

Re: Feature requests

Posted: Wed Oct 27, 2010 10:12 am
by oeyre
Just added this to the wiki...

I would like to see some more options when dealing with ordered lists. Particularly when new rules pop up at the bottom of a firewall config which is several hundred items, it is extremely time consuming to position them where they need to be.

Would be good if there could be additional options (and hotkeys) for items in ordered lists such as: send to top, send to bottom, up one, down one, up page & down page

Re: Feature requests

Posted: Wed Oct 27, 2010 10:52 am
by oeyre
I have also put in a request to throttle MAC addresses making excessive PPPoE connection attempts to prevent the router or RADIUS server from being overloaded.

Re: Feature requests

Posted: Wed Oct 27, 2010 10:54 am
by omidkosari
Just added this to the wiki...

I would like to see some more options when dealing with ordered lists. Particularly when new rules pop up at the bottom of a firewall config which is several hundred items, it is extremely time consuming to position them where they need to be.

Would be good if there could be additional options (and hotkeys) for items in ordered lists such as: send to top, send to bottom, up one, down one, up page & down page
http://forum.mikrotik.com/viewtopic.php?f=2&t=43809
I think it is time to start official mikrotik idea bank like http://brainstorm.ubuntu.com/ or http://ideabank.opendns.com/ . most of community driven projects have something to say your idea and vote .
The software is free , opensource , secure and simple to install and use at this address http://www.ideatorrent.org/ which used by Ubuntu.
And the old way to edit the wiki is not good way

Re: Feature requests

Posted: Wed Oct 27, 2010 6:29 pm
by Solaris
Heh, Next you'll want a bug tracker like almost every other vendor out there has where we can submit bugs and have other users confirm it and have MT update us on it!
I am just saying :D , look back at this thread couple months from now on, it will filled with many post from many different kind of feature request, example post 11-20 discussing about feature request A, post 21-35 discussing about Feature request D, in the post 36 a new user starting again discussing about feature request A, won't be a mess? hard to track which user talk which topic, sure won't be problem for 1-5 point of feature request, what if the feature request growing into 30+ :shock: , could be 1 giant huge thread with 1000 post on it, imagine you haven't visit mikrotik forum for couple months and spending time to thread 1000 post :lol: , search would be useful but it's not helpful for non-narrative jumping feature request discussion, imho it just not efficient.

Or another solution would be make a sticky thread in this forum with links into specific feature request dicussion, i mean for each feature request it has it's own thread but the thread will have a special tag like "[Feature-Request]Topic/Thread Name", so in that thread it would have many links to the thread, and in the wiki of course mentioned about this indexing thread. The downside of this solution is atleast mikrotik forum moderator need spend time to edit the indexing thread and manage(merge,move,delete) the new user thread about feature request, while the uservoice or other service alike is all automatic, it's a offshore hosting, separated from forum user database, the downside just user need to re-register on that uservoice.

No i don't want that bugzilla like bug indexing, it just too complicated for me and so far mikrotik just works excellence in my simple setup but i don't know about other expert/senior user who might need this. Easiest solution for tracking bug would like i've said above, special tagging or sub-forum , the downside still the same, need extra work from mod to manage new thread by lazy people who lazy to search.

Re: Feature requests

Posted: Thu Oct 28, 2010 5:57 am
by dssmiktik
I don't think this particular post is meant to be a discussion on feature requests particular, but a notice of where people may find the place to go and submit requests (aka. the Wiki page).

Re: Feature requests

Posted: Fri Oct 29, 2010 8:08 am
by oeyre
Added another request: logging of interface status changes.

Rough example: 29 Oct 2010 16:02 +10:00 Interface ether1 changed from no link to connected 100/full (auto)

This is extremely useful in other managed switches so that you can see if a particular device is losing physical connection or changing speed/duplex for no good reason.

Re: Feature requests

Posted: Fri Oct 29, 2010 8:11 am
by normis
Added another request: logging of interface status changes.

Rough example: 29 Oct 2010 16:02 +10:00 Interface ether1 changed from no link to connected 100/full (auto)

This is extremely useful in other managed switches so that you can see if a particular device is losing physical connection or changing speed/duplex for no good reason.
We already have that in RC2

Re: Feature requests

Posted: Fri Oct 29, 2010 8:13 am
by oeyre
Added another request: logging of interface status changes.

Rough example: 29 Oct 2010 16:02 +10:00 Interface ether1 changed from no link to connected 100/full (auto)

This is extremely useful in other managed switches so that you can see if a particular device is losing physical connection or changing speed/duplex for no good reason.
We already have that in RC2
Good stuff!

Apologies for the duplicate, but did not see this anywhere in the changelog.

Re: Feature requests

Posted: Fri Oct 29, 2010 1:10 pm
by mattx86
I posted about it in the 5.0rc2 thread, but, it seems its simple in what it logs (up/down status without speed and duplex).

Edit: Actually, would I have to make logging more verbose, perhaps, in order to get speed/duplex logged?

Re: Feature requests

Posted: Fri Oct 29, 2010 1:17 pm
by normis
in what cases does your link speed change without unplugging the cable? is it really so often that you need special log entry?

Re: Feature requests

Posted: Fri Oct 29, 2010 1:28 pm
by mattx86
Er, not without unplugging. I mean when I unplug the cable and plug it back in.

On 5.0rc2 on RB532 (mipsle), this is all I get by default (no speed+duplex info logged; only down/up status):
/log print
...
10:12:18 interface,info ether3 link down
10:12:22 interface,info ether3 link up
If there is a way to get it to show the speed and duplex, I'm not sure how to do it at the moment.

Re: Feature requests

Posted: Fri Oct 29, 2010 2:19 pm
by Chupaka
yep, it would be nice... like on managed switches:
2010-10-27 22:25:28 INFO(6) Port 3 link up, 1000Mbps FULL duplex
2010-10-27 22:25:01 INFO(6) Port 3 link down

Re: Feature requests

Posted: Fri Oct 29, 2010 4:39 pm
by oeyre
in what cases does your link speed change without unplugging the cable? is it really so often that you need special log entry?
Not often, but handy to know when customer is calling you asking about bad link performance :)

If you've already gone to the trouble of putting in logging of up/down status: whats the harm in also putting in speed, duplex and auto/manual negotiation also?

Re: Feature requests

Posted: Sat Oct 30, 2010 5:34 pm
by n21roadie
My request is for a "Auto Roll back" option for upgrades?

(1) full backup is stored on the router,
(2) after uploading upgrade you reboot but...
(3) if for whatever reason the new upgrade caused loss of connectivity or you may have forgotten to change a setting before you clicked reboot ...
(4) having a default 5min countdown to restore on reboot,the router will automatically restore the original configuration back,
(5) if no loss of connectivity you can stop the countdown to restore original OS,
(6) the roll back file remains stored on the router, this for fast restore if say after a few days the upgrade has created new issues?

What i am suggesting is similiar to video adapters when you change display setting it automatically restores back after 15seconds if "use" new setting are not clicked,
If you cannot access the router to stop the countdown then wait 5mins and your router will auto roll back to the original OS before upgrade and connectivity should be restored?

Re: Feature requests

Posted: Sun Oct 31, 2010 4:28 am
by gustkiller
mpls ecmp support ( forward using two or more destinations even using mpls)
bgp support ldp

Re: Feature requests

Posted: Sun Oct 31, 2010 6:12 am
by ejansson
Win box

Drop down box for last 10 (or more) IP addresses visited

Re: Feature requests

Posted: Sun Oct 31, 2010 1:31 pm
by dubak
Ability to use more options of the VPN server (like those normally speficied in the .conf file of the OpenVPN server when running on Linux)
For me presonally the following option would be really nice:

push "redirect-gateway"

It has been discussed here:
http://forum.mikrotik.com/viewtopic.php?f=2&t=46110

Re: Feature requests

Posted: Mon Nov 01, 2010 7:48 pm
by CommanddeR
I would like to set the timeout for pppoe-client connection, which sometimes takes longer to connect. If it is possible to set a time delay that is used to connect each time after a disconnect.

http://forum.mikrotik.com/viewtopic.php?f=13&t=46312

pppoe client connection by winxp
Image

pppoe-client can not connect by RouterOS.
Image

pppoe-client disconnect modem before RouterOS will receive packet

Re: Feature requests

Posted: Mon Nov 01, 2010 8:08 pm
by xxiii
in what cases does your link speed change without unplugging the cable? is it really so often that you need special log entry?
Not often, but handy to know when customer is calling you asking about bad link performance :)
We have some sites that are very noisy RF environments, and they occasionally screw up ethernet links. We've tried various remedies, which I won't go into here, as this isn't the appropriate thread for it, but it would be handy to have logging of the speed/duplex for us as well.

Re: Feature requests

Posted: Tue Nov 02, 2010 9:31 am
by EMOziko
It will be good if RouterOS will have integrated brute force protection and filter.

Re: Feature requests

Posted: Tue Nov 02, 2010 9:32 am
by normis
It will be good if RouterOS will have integrated brute force protection and filter.
It does

http://wiki.mikrotik.com/wiki/Bruteforc ... prevention

Re: Feature requests

Posted: Tue Nov 02, 2010 2:09 pm
by kozmai
I would be nice that in /ip service I could set more ip address or one addres-list

Re: Feature requests

Posted: Tue Nov 02, 2010 2:16 pm
by normis
I would be nice that in /ip service I could set more ip address or one addres-list
use firewall in that case

Re: Feature requests

Posted: Wed Nov 03, 2010 4:06 am
by mattx86
I sorted the feature requests by number of votes: http://wiki.mikrotik.com/wiki/MikroTik_ ... e_Requests

Re: Feature requests

Posted: Wed Nov 03, 2010 8:20 am
by normis
I sorted the feature requests by number of votes: http://wiki.mikrotik.com/wiki/MikroTik_ ... e_Requests
thanks, much clearer now.

Re: Feature requests

Posted: Wed Nov 03, 2010 5:16 pm
by mattx86
thanks, much clearer now.
No problem. I should mention that some new ideas and votes came in since I posted, and that I've re-sorted the list based on number of votes.

So if you're wondering where your idea or vote went, you can search the page with your browser's find function, or check the page history when logged into the wiki: near the top, you'll see four tabs: Page, Edit, History, and Watch; click on "History." (Of course, you can always get notified of changes by checking out the "Watch" tab.)

Re: Feature requests

Posted: Thu Nov 04, 2010 1:28 am
by mihaimikrotik
Finally a feature request, something I need and RouterOS is lacking: rate limit by destination (without any connection being involved in this) so that I can do a clean pipe in case of ddos.

Thank you for taking it into consideration!

Re: Feature requests

Posted: Thu Nov 04, 2010 1:58 am
by markit
hmm it`s a small feature

it would be very nice to be a able to rename a file, on the cli (and in scripts)

eg.:
/file set [/file find name="xyz.txt"] name="sata1/xyz.txt"
currently this is only possible remotely via ftp,.
and even winbox (drag & drop) can move between folders,..
and imho a cli should have more features than a gui 8)

but to make a small feature-request biger,..
imho the whole /file section could need some improvments

e.g. its not possible to use the add command for anything useful
/file add contents="test"
error - contact MikroTik support and send a supout file (3)
same happens with copy-from,.. (in "all" RouterOS versions)

i know i can create files with e.g. print file="newfile" but why have an add command, if it can not create anything?

Markus

p.s. it`s not the first time someone wants this:

http://forum.mikrotik.com/viewtopic.php ... le#p117320

Re: Feature requests

Posted: Thu Nov 04, 2010 11:30 am
by Copper
Add coretemp kernel module for x86 ROS.

Re: Feature requests

Posted: Fri Nov 05, 2010 10:23 pm
by adrianatkins
Temperature sensing depends on there being a temperature sensor on the Board.

If the board has not got one, you can't magically make one in software.

Re: Feature requests

Posted: Sat Nov 06, 2010 12:00 am
by Copper
Temperature sensing depends on there being a temperature sensor on the Board.

If the board has not got one, you can't magically make one in software.
Linux kernel driver coretemp permits reading temperature sensor embedded inside Intel CPU
without sensors on a motherboard.

Re: Feature requests

Posted: Sat Nov 06, 2010 12:09 am
by adrianatkins
If the sensor exists, and it is an Intel chip, then it should be available as data.

I have a pile of about 70 AMD Geode based ALIX boards here in a box (Intel Compatible).

Is there a temperature sensor in those as well ?

Re: Feature requests

Posted: Sat Nov 06, 2010 12:35 am
by Copper
adrianatkins, i want to control the temperature of processors Intel Quad/i5/i7, but not on AMD Geode.

Re: Feature requests

Posted: Sat Nov 06, 2010 10:13 pm
by adrianatkins
Both CPUs would use the same MikroTik x86 firmware - as would some others, as they are x86 architecture.

The problem would be more than just making a driver work on your specific CPU chip.
They would have to make/get a driver that would work on all x86 CPUs.

Re: Feature requests

Posted: Sat Nov 06, 2010 11:14 pm
by Copper
They would have to make/get a driver that would work on all x86 CPUs.
:)
It does not happen. Other equipment requires different drivers.
Hundreds of drivers are part of the system, but when you start the system only those loading that match your hardware.

Re: Feature requests

Posted: Tue Nov 09, 2010 11:30 am
by omidkosari
feature request : Umetered Content for PPPoE . 'Unmetered Content' services aren't counted against your monthly download inclusion . added to feature request page . just vote for it

Re: Feature requests

Posted: Wed Nov 10, 2010 1:46 am
by oeyre
feature request : Umetered Content for PPPoE . 'Unmetered Content' services aren't counted against your monthly download inclusion . added to feature request page . just vote for it
Not sure what your setup is, but have you considered checking whether your billing system supports NetFlow?

Re: Feature requests

Posted: Wed Nov 10, 2010 9:49 am
by omidkosari
feature request : Umetered Content for PPPoE . 'Unmetered Content' services aren't counted against your monthly download inclusion . added to feature request page . just vote for it
Not sure what your setup is, but have you considered checking whether your billing system supports NetFlow?
No . it is radius .

Re: Feature requests

Posted: Thu Nov 11, 2010 6:40 pm
by DannyZ
How about something like Ubicom Stream Engine?

Re: Feature requests

Posted: Sun Nov 14, 2010 10:21 pm
by adrianatkins
I suppose a Magic Pixie chooses which driver.

Re: Feature requests (DNS names input instead of IP address)

Posted: Tue Nov 16, 2010 1:39 pm
by spaxton
Hi,

Please add feature that will allow me to add DNS name instead of exact IP address. I need this to connect 2 or more MKT routers (PPTP connection) if they are connected to internet thru ADSL and theirs IP addresses are dynamic. I hope that you understand what I am saying and that we can expect this feature in new ROS.

bye,

;-)

Re: Feature requests

Posted: Tue Nov 16, 2010 3:35 pm
by sergejs
spaxton, we are aware of such feature. Currently you need to use something like this,
http://wiki.mikrotik.com/wiki/Manual:Sc ... _host-name

Re: Feature requests

Posted: Sat Nov 20, 2010 8:21 pm
by Docteh
I'd like to be able to get a list of streams within a PCQ to make sure I don't have things set up backwards

Re: Feature requests (DNS names input instead of IP address)

Posted: Mon Nov 22, 2010 4:53 pm
by luqasz
Hi,

Please add feature that will allow me to add DNS name instead of exact IP address. I need this to connect 2 or more MKT routers (PPTP connection) if they are connected to internet thru ADSL and theirs IP addresses are dynamic. I hope that you understand what I am saying and that we can expect this feature in new ROS.

bye,

;-)
i think that this should be global. anywhere you specify a dns name it should be resolved.

Re: Feature requests

Posted: Mon Nov 22, 2010 5:09 pm
by luqasz
many users write some scripts (many of them are not version compatibile) to backup and export configuration

maybe some feature like /tool backup to write backup and rsc file and send it via ftp, tftp, scp to a remote host. verry important feature would be to write files to memory and not internal storage. if you will do it verry often then your mikrotik will break.

this would resolve all problems with backups. no script incompatibility etc.

second feature request is to enable sending files via ftp, tftp. something like fetch but working in the other way.

Re: Feature requests (DNS names input instead of IP address)

Posted: Tue Nov 23, 2010 4:22 am
by roadracer96
i think that this should be global. anywhere you specify a dns name it should be resolved.
I wouldnt go that far, but anything service based, like PPTP/SSTP/Ovpn/IPSEC connections (In particular the last 3, that is part of how a certificate is supposed to work.. DERR!!!). RADIUS, syslog, etc.

Not firewall rules. That is pointless.

Re: Feature requests

Posted: Wed Nov 24, 2010 8:46 pm
by TheProgrammer
it will be great if this future are available
[*]from CACHE CONTENTES i can select one or more files and delete it from cache or download it to my PC
[*] increase performance by ad by default or as option that cache come with speed of lan because if it take profile speed or Queues speed will no point from it
[*] The most Important thing and this is will be the most great thing to MikroTik Server it can protect Server from NetCut Attacker and hide MAC in any scan in network because any one can scan and get MAC an ip and change his MAC and IP to login without any problem

this very bad problem in MikroTik Must Fixed as soon as possible because every body know it now and most of customer use it and make me lose so much

Re: Feature requests

Posted: Thu Nov 25, 2010 1:43 am
by oeyre
Another one: on bridge ports (or entire bridge), limit the number of MAC addresses that may be learned to prevent one user from flooding the bridge table.

Re: Feature requests

Posted: Thu Nov 25, 2010 5:22 pm
by Chupaka
[*] The most Important thing and this is will be the most great thing to MikroTik Server it can protect Server from NetCut Attacker and hide MAC in any scan in network because any one can scan and get MAC an ip and change his MAC and IP to login without any problem
impossible. should be solved either on managed access switches, or using authentication like PPPoE

Re: Feature requests

Posted: Wed Dec 01, 2010 9:36 am
by mangust
1. backup_filename=Identity-date.
2. Possibility to reverse interface speed graphics - I mean make Upload=Downlad, and Download=Upload for specific interface.

Re: Feature requests

Posted: Wed Dec 01, 2010 9:44 pm
by rodolfo
I will have a "DEFAULT HORIZON" in a bridge.
this could be useful to avoid traffic from clients (i.e. dhcp) in an access point, when this clients are in dynamic wds mode and become to a default bridge.

Re: Feature requests

Posted: Mon Dec 06, 2010 12:59 pm
by luqasz
many users write some scripts (many of them are not version compatibile) to backup and export configuration

maybe some feature like /tool backup to write backup and rsc file and send it via ftp, tftp, scp to a remote host. verry important feature would be to write files to memory and not internal storage. if you will do it verry often then your mikrotik will break.

this would resolve all problems with backups. no script incompatibility etc.

second feature request is to enable sending files via ftp, tftp. something like fetch but working in the other way.
i think that enabling feature in system auto-backup to senr rsc and/or backup files via tftp or ftp to a specyfied host. encrypted ftp sessions would be even better.

Re: Feature requests

Posted: Mon Dec 06, 2010 9:32 pm
by Chupaka
1. backup_filename=Identity-date.
isn't it exactly like that now?..
2. Possibility to reverse interface speed graphics - I mean make Upload=Downlad, and Download=Upload for specific interface.
interface do not have neither download nor upload. it has received and sent packets. why do you need that madness?..

Re: Feature requests

Posted: Mon Dec 06, 2010 11:36 pm
by mangust
1. backup_filename=Identity-date.
isn't it exactly like that now?..
Nope . For now Identity=Mikrotik.
If somebody don't have special command or script to make backup (like me :) ) and use drag&drop to download backup , then it's always need to rename backup localy (on PC).
2. Possibility to reverse interface speed graphics - I mean make Upload=Downlad, and Download=Upload for specific interface.
....
interface do not have neither download nor upload. it has received and sent packets. why do you need that madness?..
My point of view is very simple ...
Historically on all monitoring system most people use Green for download and Blue color for Upload or ... as you say for RX and TX.
However there are lot of routers there for one "WAN" interface there are a lot of LANs interfaces (like example VLANS). One more thing – basically most Internet traffic is “Download ” so picture with traffic looks very nicely – blue line on green background . Sometimes customers who are connected by Vlans interfaces wanna see a bandwidth graph. For now I should provide them picture with blue line and some “small” green background on the bottom of the graph … In this case I always should to say them that : “blue is download (because it’s download for customer ) and green is upload”…
So I think that It's could be very flexible to have opportunity to reverse graphics... and I think it's could not be very difficult to add such functionality.

Re: Feature requests

Posted: Tue Dec 07, 2010 1:00 am
by roadracer96
1. backup_filename=Identity-date.
isn't it exactly like that now?..
2. Possibility to reverse interface speed graphics - I mean make Upload=Downlad, and Download=Upload for specific interface.
interface do not have neither download nor upload. it has received and sent packets. why do you need that madness?..

I know where he is going with it.. In simple queues, it is kind of confusing when you are putting in a queue for a wan connection, your perception of upload and download is different. It thinks upload is RX when upload is really TX. It makes sense if you think of it logically, as data being uploaded to the router, but when you take an intermediate tech and put them in front of it, chances are good they will setup a queue backwards. ;)

Re: Feature requests

Posted: Tue Dec 07, 2010 1:09 pm
by luqasz
new policy in /user group.
special policy to log in via api called api, now it can be blocked via winbox policy only.
please separate those two.

Re: Feature requests

Posted: Tue Dec 07, 2010 9:23 pm
by xxiii
Added to existing features:

Add timeout field to firewall address list entries so one can see how much time is remaining before an entry expires.

Re: Feature requests

Posted: Wed Dec 08, 2010 1:27 pm
by janisk
dynamically added address-list entries have timeout set by firewall rule. static entries does not have that parameter.

Re: Feature requests

Posted: Wed Dec 08, 2010 2:48 pm
by Athan
Just a "/log clear" command. I'm surprised such a basic feature is still missing.

Re: Feature requests

Posted: Wed Dec 08, 2010 2:49 pm
by normis
Just a "/log clear" command. I'm surprised such a basic feature is still missing.
so that somebody can take your password (keylog it, whatever) change rules, and then clear the log? not much of a log then, is it?

Re: Feature requests

Posted: Wed Dec 08, 2010 3:10 pm
by Athan
Just a "/log clear" command. I'm surprised such a basic feature is still missing.
so that somebody can take your password (keylog it, whatever) change rules, and then clear the log? not much of a log then, is it?
What stops him to do this now by using memory-lines? For God shake normis, it's just a shortcut command. :?

Re: Feature requests

Posted: Wed Dec 08, 2010 3:15 pm
by normis
well you said yourself, you can already do it with one command :)

Re: Feature requests

Posted: Wed Dec 08, 2010 3:32 pm
by Athan
well you said yourself, you can already do it with one command :)
I know that normis, though it's not one command but two. What I suggested was a simple "/log clear" shortcut command implemented in exactly the right path where it belongs; that's all.
If it is so hard for MT developers to implement this you can simply ignore my suggestion. No need for "bad guys" stories.

Re: Feature requests

Posted: Wed Dec 08, 2010 9:10 pm
by xxiii
dynamically added address-list entries have timeout set by firewall rule. static entries does not have that parameter.
I realize that, but I still want to see the time remaining (and possibly the original total time, if its easy to do) for the dynamic entries. The static entries can just have blank, or N/A or infinite or something like that; or it could be a read-only field that shows up in pr stat or winbox when its appropriate, but can't be set at all.

It might be nice on occasion to be able to add a dynamic entry manually as well.

Also, a "remove all dynamic" button might be handy (while I'm brainstorming). I haven't had to do that very often, but when I have, and its a huge address list, I just reboot the router currently.

Re: Feature requests

Posted: Wed Dec 08, 2010 10:58 pm
by dssmiktik
dynamically added address-list entries have timeout set by firewall rule. static entries does not have that parameter.
I realize that, but I still want to see the time remaining (and possibly the original total time, if its easy to do) for the dynamic entries. The static entries can just have blank, or N/A or infinite or something like that; or it could be a read-only field that shows up in pr stat or winbox when its appropriate, but can't be set at all.

It might be nice on occasion to be able to add a dynamic entry manually as well.

Also, a "remove all dynamic" button might be handy (while I'm brainstorming). I haven't had to do that very often, but when I have, and its a huge address list, I just reboot the router currently.
I agree. For whatever reason, I seem to remember a time-left property of an address-list entry (I just can't remember where / what version I saw it in, or I could be mistaken). Simple: /ip firewall address-list get <id> time-left = (empty or time interval).

As for removing all dynamic entries, you can achieve this with a simple script (so an extra feature may not be necessary).

Re: Feature requests

Posted: Thu Dec 09, 2010 12:09 pm
by TKITFrank
IPSec Improvements I would like to see in final RouterOS 5.0

Most wanted =)
1; SHA-256, SHA-512
2; PFS Group 14,15,16
3; Winbox support for twofish and camellia ciphers.

Optional
1; Twofish-256 (The most secure publicly available cipher?)
2; IPv6 (it's coming so better to be ready ;) )

Re: Feature requests

Posted: Mon Dec 13, 2010 10:07 pm
by mangust
Is there way to change max conntrack number in /proc/net/ip_conntrack in feature releases?
BTW. What is the max conntrack number for 4.x and for 5.x?

Re: Feature requests

Posted: Thu Dec 16, 2010 8:46 pm
by luqasz
new policy in /user group.
special policy to log in via api called api, now it can be blocked via winbox policy only.
please separate those two.
any chance for this ?
we have almost 1000k mikrotiks and counting in network and we woul love to use one password for entire countru to log in via api. giving such a privilage to winbox also would lead to a leak of admin password for all mikrotiks in all country.

i think that this is an understandable feature request

Re: Feature requests

Posted: Fri Dec 17, 2010 9:35 am
by janisk
max conntrack number depends on free resources on the router, more RAM more entries available.

We are looking into addition of new policy. That will be added in 5.0rc6

Re: Feature requests

Posted: Fri Dec 17, 2010 6:57 pm
by mangust
max conntrack number depends on free resources on the router, more RAM more entries available.
Looks like it limited ... Because x86 with 2G RAM, and RB1100 with 512 Mb RAM has the same Value - 524288.

May be a good idea to have a way (like example: from console only) to increase it.
The value of 524288 may be not enough for high load routers with of 250-300 Mbit/s of traffic.

Re: Feature requests

Posted: Sun Dec 19, 2010 2:50 am
by bangom
When adding bridge into /ip dhcp-server alerts: except "valid-servers mac" also option to specify valid in bridge port (uplink port where dhcp offers are ok to arrive).

Re: Feature requests

Posted: Mon Dec 20, 2010 9:10 am
by complete2006
AP-Sync to remove self disturbing at tower location or (much better) FDD
Frequency-Hopping
Fully developed MPLS with the missing feature

And for the Hardware

SFP-Slots

Re: Feature requests

Posted: Mon Dec 20, 2010 10:01 am
by chadd
One of the biggest annoyances I have had with MT since I have been using it is that you have to reconfigure your wireless settings if you need to swap out a bad wireless card, even if it is an exact replacement. I have used other equipment in the past that ties wireless settings to the slot rather than the actual mac of the card, similar to what you guys do with the Ethernet ports. I know it would be possible for someone to replace the wireless card with a card with different capabilities and possible hose the configuration anyway but if it is the same chipset as the previous card it would make assembling and configuring new clients so much easier and less time consuming.

Thanks,
Chadd

Re: Feature requests

Posted: Mon Dec 20, 2010 1:26 pm
by janisk
in this case use /interface wireless export file=<file name>

and get all the settings associated with wireless, edit all the unnecessary stuff out, save file on router. When new module is installed just import the script and your settings are back in the way it is intended, not some weird - if this than that, if chip same but power amplifier is only for other frequency, your configuration is screwed.

As it is now, you know for sure, that when you enter new card, you have to set up settings that are interface specific.

edit:
about number of conntrack entries - there might be different reasons for this, for example, one of machines ipv6 is disabled on the other enabled. And i would like to see you exceed this 500K+ limitation in conntrack. Also, when table fills up, timeouts are reduced, as result it gets empty faster.

Re: Feature requests

Posted: Mon Dec 20, 2010 6:24 pm
by bangom
feature request: implement certificate revocation lists (CRL) in OpenVPN server.

explanation: when client certificate used for OVPN connection is compromised/revoked by CA, mikrotik OVPN server has no option to block it (except to change username/password in /ppp secrets).

Re: Feature requests

Posted: Mon Dec 20, 2010 7:41 pm
by roadracer96
feature request: implement certificate revocation lists (CRL) in OpenVPN server.

explanation: when client certificate used for OVPN connection is compromised/revoked by CA, mikrotik OVPN server has no option to block it (except to change username/password in /ppp secrets).

THIS. Except for everything that uses certificates. SSTP, IPSEC, Ovpn.

Latency measurement via script

Posted: Tue Dec 21, 2010 6:08 am
by rmichael
When troubleshooting latency problems I would like to be able to output traceroute to a variable. If capturing of traceroute output was possible, script could record path and source of congestion as it happens.

In addition return value of ping should be expanded as well to include more information, like latency. Sometimes, a test ping would return no packet loss but high latency renders the link unacceptable. Monitoring latency via script would also open the possibility of measuring approx. jitter.

thank you.

Re: Latency measurement via script

Posted: Tue Dec 21, 2010 11:07 am
by dssmiktik
When troubleshooting latency problems I would like to be able to output traceroute to a variable. If capturing of traceroute output was possible, script could record path and source of congestion as it happens.

In addition return value of ping should be expanded as well to include more information, like latency. Sometimes, a test ping would return no packet loss but high latency renders the link unacceptable. Monitoring latency via script would also open the possibility of measuring approx. jitter.

thank you.
To expand, maybe array format (like [find] returns) would probably work good, of course this would mean re-writing current scripts that use the ping command's current output (only successful ping count).

Re: Latency measurement via script

Posted: Tue Dec 21, 2010 6:31 pm
by rmichael
To expand, maybe array format (like [find] returns) would probably work good, of course this would mean re-writing current scripts that use the ping command's current output (only successful ping count).

EDIT: MT could add another command switch to return latency/hops values in array format.

Re: Feature requests

Posted: Wed Dec 22, 2010 4:20 am
by bangom
Update memtest in new 5.0 mikrotik to current version (4.10?). Mikrotik 5.0rc6 has old memtest v3.4 so when testing mem on new boards (supermicro X7SPE-HF-D525) there are memory errors. But memory is ok with new version of memtest...

Also, am I wrong, but there is no cpu-test (stress test) on new mikrotik 5.0?

Re: Feature requests

Posted: Sun Jan 23, 2011 10:11 pm
by seviljskibrijac
Firewall rules dealing with multiple interface selection for input and output with OR and AND switches between interfaces.

example:

wan1
wan2
eth3-pppoeser
+<pppoe1>
+<pppoe2>
+<pppoe3>
+<pppoe...>

it would be nice to create rules like this:
1)
chain=input input-interfaces=(wan1 && wan2) src-address=1.1.1.1 drop
2)
chain=prerouting input-interfaces=!(wan1 OR wan2) action=mark
3)
upnp enable interface=!(static intefaces ....) type=internal

thank you

Re: Feature requests

Posted: Wed Jan 26, 2011 12:00 am
by alexspils
Please add src/dst address list support to torch. It can be useful to see what is going to oversea traffic for example.

Re: Feature requests

Posted: Thu Feb 10, 2011 6:27 pm
by rmichael
Please add src/dst address list support to torch. It can be useful to see what is going to oversea traffic for example.
I like your idea. Speaking of torch, please add a connection/packet mark filters.

Re: Feature requests

Posted: Thu Feb 17, 2011 8:14 am
by oeyre
I'd like to see Ethernet OAM capabilities, not only for link performance but its a good box to check when selling "carrier/metro Ethernet" to customers.

I've added this to the wiki.

Re: Feature requests

Posted: Mon Mar 07, 2011 11:02 am
by oeyre
Added 2 more to the wiki:
  • For interfaces, output the comment of each interface to SNMP as ifAlias from IF-MIB
  • Add option for IP Pool that tries to give out a different address every time vs the current behaviour of trying to give out the same address every time

Re: Feature requests

Posted: Tue Mar 08, 2011 4:00 am
by krakenant
A couple of things that I would like to see:

Have dst-MAC added as an available option. Currently SRC-MAC is an option but not DST-MAC address. Thus we cannot create a rule to log any traffic to or from a MAC address on a network that does DHCP. If the users address were to change, we have to reconfigure the rules.

A way to tie the absolute SRC Address and Port, the NAPTed SRC Address and Port, and the DST Address and Port together for RIAA requests. Current the logging only shows the original SRC Address and Port from the users request and the DST Address and Port from the Users request. When we get complaints, they have the header information of the NAPTed packet and the time. We need something to tie this back to a user and to do that, we need the all six data items, Original SRCIP/Port, the new SRCIP/Port of the NATed packet, and the DSTIP/Port.

Re: Feature requests

Posted: Wed Mar 09, 2011 4:31 pm
by Chupaka
Have dst-MAC added as an available option. Currently SRC-MAC is an option but not DST-MAC address
you do have this option. in Bridge Filter. it's not possible in IP Firewall, because at that moment DST MAC is unknown (also, output interface can be PPP)
A way to tie the absolute SRC Address and Port, the NAPTed SRC Address and Port, and the DST Address and Port together for RIAA requests. Current the logging only shows the original SRC Address and Port from the users request and the DST Address and Port from the Users request. When we get complaints, they have the header information of the NAPTed packet and the time. We need something to tie this back to a user and to do that, we need the all six data items, Original SRCIP/Port, the new SRCIP/Port of the NATed packet, and the DSTIP/Port.
yep, it would be nice to have that info, for example, in NetFlow v9 output... just a dream...

Re: Feature requests

Posted: Thu Mar 10, 2011 12:27 am
by mohammed0592
hello
please add reset counter(download and upload) for online users (this feature already exists in users) but I need in in active connection in ppoe and hotspot

because I developed php script this script can calculate traffic users from 8:00 am to 11:00 pm, some users stay connected for long time i need to reset counter for active session at 6:50 using php and API mikrotik but i can't.

Re: Feature requests

Posted: Mon Mar 28, 2011 5:18 am
by paoloaga
It would be nice unix tar or zip support on files, so it is possible to transfer (via FTP / SFTP / drag'n'drop / whatever) a single file and then check integrity and extract the contents inside the router, through CLI.

It would be useful (as an example) for remote firmware upgrades. It happened to me a few times to have partial .npk uploaded files that caused to lose the remote router because of missing features (ppp) or need of a complete netinstall.

Re: Feature requests

Posted: Mon Mar 28, 2011 1:45 pm
by lavv17
Please add timeout info to output of
ip firewall address-list print detail
for dynamic entries.

Re: Feature requests

Posted: Sun Apr 03, 2011 2:47 pm
by n21roadie
I would like to suggest as a addition to the present "Manual" link in winbox which when opened you have to browse to the section you require infromation on, is to have a help field on the item opened, for example when interface wireless is opened then help should point direct to information on interface wireless,

Re: Feature requests

Posted: Fri Apr 15, 2011 4:06 pm
by smatsak
feature request: implement certificate revocation lists (CRL) in OpenVPN server.

explanation: when client certificate used for OVPN connection is compromised/revoked by CA, mikrotik OVPN server has no option to block it (except to change username/password in /ppp secrets).

THIS. Except for everything that uses certificates. SSTP, IPSEC, Ovpn.
Hi guys,
What does it mean "Except for everything that uses certificates"?
I really need to use CRL on STTP server.
I want to know: who should be killed to get it?
:)
I hope to get it (CRL on SSTP server) in the very near future.

Re: Feature requests

Posted: Fri Apr 15, 2011 8:05 pm
by voxframe
I have a simple "Feature" request...

Test ROS more thoroughly before actually making it a release!

5.1 should not exist outside of BETA yet, what a disaster.

I know everything has a life cycle, and that there must be bugs before things become stable. But this is beyond normal.

If it's marked BETA then people know that they get what they asked for, but when it's released as stable there should not be bugs much beyond very obscure things or spelling errors. Not where half of the boards crash when you update them.

Re: Feature requests

Posted: Sun Apr 17, 2011 12:56 am
by sinisa
I have asked this on MUM in Budapest:

I would like to see something like triggers when an interface state changes, so router can run a script (like ip-up/ip-down on "real" Linuxes).

That way router would not have to schedule script to check every minute if something has changed, especially if that change really happens only once in a week, and waste precious CPU time (not a real issue on x86, but can become problem on RBs).

Re: Feature requests

Posted: Sat Apr 23, 2011 8:10 pm
by xezen
adding something like cacti to ROS would be nice to have

Re: Feature requests

Posted: Sat Apr 23, 2011 9:28 pm
by morzex
- Some options for DNS server:
realy need:
1. "Don't cache negative" - to cache only positive answers.
2. "Use all servers" - to send all queries to all available servers. The reply from the server which (positive!) answers first will be returned to the original requestor. This boosts resolving for small networks.
would be nice:
3. "Disable cache"
4. "Minimum TTL" - replace TTL if it lower this setting.
5. "Maximum TTL" - replace TTL if it higher this setting.
4. "Rules" - Custom servers (or no-forward) and cache options for custon domains or IP-lists.

- Change metrics of default routes of PPP clients like DHCP clients.
- Set routing marks to default routes of PPP and DHCP clients in client options.

Re: Feature requests

Posted: Mon Apr 25, 2011 9:44 am
by lavv17
Currently ROS sets irq smp_affinity to a single core, thus the interrupts of a single ethernet card with one irq do not get distributed over the cores. It would be nice if the command "system resource irq set ... cpu=0,1,2,3" worked and set the affinity mask to multiple cores.

It is reported that with NAPI such interrupt distribution does not cause packet reordering.

Re: Feature requests

Posted: Tue Apr 26, 2011 9:33 pm
by Lupin
When we can have a MTR Tool like this?

http://winmtr.net/

:)

Re: Feature requests

Posted: Wed Apr 27, 2011 8:36 pm
by xezen
can you add second password to usermen

so there is a password for pppoe,pptp,winbox etc connections

and a password for web interface login

Re: Feature requests

Posted: Thu Apr 28, 2011 7:54 am
by normis
can you add second password to usermen

so there is a password for pppoe,pptp,winbox etc connections

and a password for web interface login
basically you need a new permission option in groups, so that you can make RouterOS users who can access userman, and who can't

Re: Feature requests

Posted: Fri Apr 29, 2011 8:01 am
by petro25
Very much I want to see in the following version grathing for radio

1) Noise level
2) Signal level
3) Speed of connection
4) Quality of tx of rx

Re: Feature requests

Posted: Fri Apr 29, 2011 10:55 am
by siprox
i want from torch i can right click and then select the address on torch running and then make mangle or address list from firewall directly. i think this is make admnistrator easy to check traffic and manage it, hope this is possible..

Re: Feature requests

Posted: Mon May 02, 2011 11:16 am
by xezen
can you add second password to usermen

so there is a password for pppoe,pptp,winbox etc connections

and a password for web interface login
basically you need a new permission option in groups, so that you can make RouterOS users who can access userman, and who can't
what i was saying is that when users change that password the pppoe cassword also changes i want a password for users profile and anothe password to reset pppoe password

Re: Feature requests

Posted: Mon May 02, 2011 11:18 am
by normis
but the user is the same, if you need separate settings, you need separate accounts. that's why it's a centralized database of users, so you only have to change one thing.

UPnP Dst. Address

Posted: Thu May 05, 2011 4:09 pm
by dadaniel
I have multiple IPs on my external interface. I need to set the Dst. Address of the dst-nat made by UPnP, but I have not found a way to do this.

Thank you!

Re: Feature requests

Posted: Fri May 06, 2011 8:42 pm
by morzex
The web proxy is wery slow - it does not "Keep Alive" connections. For example "ping" at speedtest.net - time to load small data grows up to 240 ms!

Re: Feature requests

Posted: Fri May 06, 2011 9:09 pm
by enk
Provide Bug tracking system. Provide complete release notes with detailed information about linux kernels used and packages. Provide complete information about security vulns in RoS. Provide bug description for each confirmed bug (versions affected, fixed versions, workarounds)

Re: Feature requests

Posted: Mon May 09, 2011 2:26 pm
by normis
Provide Bug tracking system. Provide complete release notes with detailed information about linux kernels used and packages. Provide complete information about security vulns in RoS. Provide bug description for each confirmed bug (versions affected, fixed versions, workarounds)
looks like you are not following this forum so much. request was discussed before, and will not happen anytime soon for many reasons.

Re: Feature requests

Posted: Thu May 12, 2011 11:42 am
by enk
Provide Bug tracking system. Provide complete release notes with detailed information about linux kernels used and packages. Provide complete information about security vulns in RoS. Provide bug description for each confirmed bug (versions affected, fixed versions, workarounds)
looks like you are not following this forum so much. request was discussed before, and will not happen anytime soon for many reasons.
Yeah. I know, but I think that it is not bad once again to remind about this issue. Maybe you will have pity on us and give us the solution, I know that it is hard, but it is absolutely needed.

Re: Feature requests

Posted: Thu May 12, 2011 9:19 pm
by chadd
Provide Bug tracking system. Provide complete release notes with detailed information about linux kernels used and packages. Provide complete information about security vulns in RoS. Provide bug description for each confirmed bug (versions affected, fixed versions, workarounds)
looks like you are not following this forum so much. request was discussed before, and will not happen anytime soon for many reasons.
You should at a minimum provide a list of known issues with a release to keep someone from installing an update and breaking things. Say like when upgrading to 5.0 from 4.16 could disable your wireless package. I know you don't always know when something is release what the bugs are but once you find out it should be listed some place.

Chadd

Re: Feature requests

Posted: Fri May 13, 2011 9:24 am
by enk
Provide Bug tracking system. Provide complete release notes with detailed information about linux kernels used and packages. Provide complete information about security vulns in RoS. Provide bug description for each confirmed bug (versions affected, fixed versions, workarounds)
looks like you are not following this forum so much. request was discussed before, and will not happen anytime soon for many reasons.
You should at a minimum provide a list of known issues with a release to keep someone from installing an update and breaking things. Say like when upgrading to 5.0 from 4.16 could disable your wireless package. I know you don't always know when something is release what the bugs are but once you find out it should be listed some place.

Chadd
Or for example when you upgrading from 4.17 to 5.2 - mac address settings on wireless interfaces changes to the BIA, although it was configured manually.

Re: Feature requests

Posted: Tue May 17, 2011 6:40 pm
by newkirk
Minor addition to graphs html pages: Include any comments in the page for a particular port's traffic graphs.

Interface <ether07> Statistics

* Last update: Tue May 17 11:28:08 2011

Right there between those two lines would be fantastic.

I don't know about others, but I use the comment field for ethernet ports to identify the destinations out that port, IE name of network segment, servers, fiber, etc. But the graphs pages show only 'ether07' etc.

j

Re: Feature requests

Posted: Fri May 20, 2011 4:27 pm
by THG
MAC address list. :)

Re: Feature requests

Posted: Sat May 21, 2011 3:47 pm
by mramos
On Winbox, when you decide to show or hide specific columns once, left this way from now on, at least at the used PC/notebook.

Example: wireless reg table, I don't use WDS, don't want to see MACs, but I want room to keep distance, TDMA TX&TX size, CCQ, etc within the visible window without scrolling it horizontally.

The same apply to simple queues, want to keep TX & RX speed etc but by default there's name, target address, rx max lim, tx max lim ... and under circumstances I want to keep rx av rate, tx av rate ...

Some sessions later, this "setup" is missing and is necessary to select the wanted rows again.

Regards;

Re: Feature requests

Posted: Sun May 22, 2011 2:19 pm
by Chupaka
"Load Previous Session" and "Exit" button on the left side (NOT 'Close (X)' the window, don't ask me why) should help...

Re: Feature requests

Posted: Sun May 22, 2011 2:38 pm
by mramos
"Load Previous Session" and "Exit" button on the left side (NOT 'Close (X)' the window, don't ask me why) should help...
Hi

Winbox loader is by default load previous sessios marked. The previous sessions windows really load again the next session, sometimes keeping those selected rows, sometimes not. Right now I tried (x) at the topmost right corner and still keeping the selected rows btw.

How long? :D Just kidding, I always use the exit button at least to be sure not to left some "active user" waiting to ROS time it out.

Another example: the same netbook I'm using now at home. Setup certain rows to show up ... shut it down ... go to the field with it, climb a tower ... and restart winbox from wb loader. Wireless reg table still there but with the default rows.

Anyway, I'll check.

BTW, any thoughts abt those tablets x android 2.1 or 2.2 X webfig? Or a future android winbox version?

Regards;

Re: Feature requests

Posted: Sun May 22, 2011 4:36 pm
by WirelessRudy
From v3.xx on I already asked several times MT if it wasn't possible to have the default start settings of winbox windows edited by user.
After every reboot (upgrade, power cycle, power cut) all preset settings of user is reset every time again.

Like Ramos said, many default settings in several windows (colums, info that is shown) is nothing I have any interest in, other settings that imho are more important are not default set so you have to set these each time again.

Also formats of windows sizes, culumn wideness etc, should be more free as now.

Now I know some might come back with: "I found this program..", or; "with this tool you can do it better" etc. but that is not what I want.
Winbox is a good tool and could be made so much ergonomic with just a little bit more freedom in its settings.
If it than also could be made so that settings are saved at local PC or laptop that would be even better!
I work with 3 PC's side by side (6 monitors in total!) but the last session of a certain routerboard that is closed on no matter which PC predicts what next time is shown when it is opened again.

Example:
One PC (my office server) shows (it is running anyway from first in the morning until I go to bed...) my main Gateway with all single queues of clients and the interfaces to my two bandwith supplier and to my network together with some info from other programs. This way I can with a blink of an eye see how busy the network is, if the both suppliers are ´up´ and what traffic they get, which clients are using most traffic etc.

Now if I need to add, change or delete customer or change any other setting of this router I open a winbox session on an other PC (My network ´work´ PC with 3 monitors, really handy workspace!).
Now first I have to clear all windows I don't need and open new onces to work with. After work done I have to close this session before I close my server session.
Now, regurlarly I work until deep in the night so when I than fall of my chair I shut everything down to go to sleep.
Next morning when I first start my server I found that last night its session wasn't the last to close so my whole setting is fucked up. I have to set it all again like I want (opening proper windows, open the right columns, set the right window and column sizes etc. etc.). Very inconveniant, special since the keyboard of this server is hanging on its side on the wall to make room for other stuff...
If this server now always could open with the same settings this would make my life so much easier!
I´ll bet Ramos, and probably many others have many more examples like this as I have!

So MT, please do something about this!
"Load Previous Session" and "Exit" button on the left side (NOT 'Close (X)' the window, don't ask me why) should help...
I use both, but to be honest never noticed any differences between them. "X" leaves as many settings in place as "exit" and vice versa.

Re: Feature requests

Posted: Mon May 23, 2011 3:42 pm
by n21roadie
Could we have a section in the board index especially for WISP's, at present there is no specific area in the board index i am aware of ?

Re: Feature requests

Posted: Mon May 23, 2011 3:45 pm
by normis
most of you here are WISPs, who else uses wireless routers :) ?

Re: Feature requests

Posted: Tue May 24, 2011 7:27 am
by newkirk
BTW, any thoughts abt those tablets x android 2.1 or 2.2 X webfig? Or a future android winbox version?;
An Android variant of Winbox would be great, but I wouldn't expect Mikrotik to dedicate the time and effort it would require, that's just not reasonable at this time. If Android tablets continue to proliferate it might become reasonable, but ATM I'm sure it's too much of a 'niche market' for them to devote efforts that could be better spent on RouterOS itself.

I can log into webfig just fine with my android 2.2 device, but every 5-10 seconds it pops up a 'router disconnected' message and I have to login again. Multiple browsers, connecting over wifi, not cell data service. (default browser, Opera, and Firefox) I was watching the Interfaces list and could see it updating packet/byte counts, so it was continuing to communicate up until the message popped up.

And on that note, a feature request: PLEASE PLEASE get rid of the 'D' button in Webfig interfaces that disables the interface... Just offer Disable/Enable in per-interface view, and get confirmation before disabling. Trying to touch-scroll the list I accidentally disabled an interface with the expected catastrophic results. (the router is 40 miles from here, it's 11pm, 1000+ clients affected, etc) There's no need IMHO (even without tonight's mishap ;)) to have an interface disable link embedded in every line of the interfaces list, and I can think of at least one good reason NOT to... :shock:

j

PS - can we get SSL webfig plz? The only way I'm comfortable with using it right now is through a VPN connection, which isn't always possible.

Re: Feature requests

Posted: Tue May 24, 2011 8:49 am
by normis
PS - can we get SSL webfig plz? The only way I'm comfortable with using it right now is through a VPN connection, which isn't always possible.
we already do have SSL webfig ...

Re: Feature requests

Posted: Tue May 24, 2011 12:46 pm
by mangust
/ip dns allow-remote-requests=yes ...
It would be just great to have opportunity make dns accessible only on specific interface.
I understand that it's possible to restrict by firewall , however ...

Re: Feature requests

Posted: Tue May 24, 2011 12:52 pm
by normis
you already answered it, you must use firewall. why make the same configuration in two places?

Re: Feature requests

Posted: Fri May 27, 2011 8:15 am
by pedja
you already answered it, you must use firewall. why make the same configuration in two places?
Because, for each service it is LOGICAL to have an option what interfaces (or even IP's) to run it on. It is not job for firewall to block it.

But as we all know, logic, user friendliness and usability ar enot strong sides of Mikrotik.

Re: Feature requests

Posted: Fri May 27, 2011 9:55 am
by Athan
Because, for each service it is LOGICAL to have an option what interfaces (or even IP's) to run it on. It is not job for firewall to block it.
But as we all know, logic, user friendliness and usability ar enot strong sides of Mikrotik.
Well said! :wink:

Re: Feature requests

Posted: Fri May 27, 2011 9:58 am
by normis
I don't think it's logical at all. Or user friendly!

RouterOS users expect that all access rules are managed by the firewall. Why run to 10 different places to turn on/off some service access when you can do it all in one place, with easy overview of all rules and their priorities.

Re: Feature requests

Posted: Fri May 27, 2011 10:12 am
by Chupaka
for each service it is LOGICAL to have an option what interfaces (or even IP's) to run it on. It is not job for firewall to block it.

But as we all know, logic, user friendliness and usability ar enot strong sides of Mikrotik.
is Cisco logical?.. how can one allow management connections to some IP addresses of router and forbid ones to another addresses (users' default gateways, for example)?..

Re: Feature requests

Posted: Fri May 27, 2011 2:00 pm
by enk
cisco is far far away from MT. It is not good things to compare...

Re: Feature requests

Posted: Fri May 27, 2011 2:49 pm
by Chupaka
I mean, either cisco router allows binding services to specific interface/address and is far away, or it doesn't, and it's not logical, not user-friendly and not usable

Re: Feature requests

Posted: Fri May 27, 2011 4:20 pm
by enk
I mean, either cisco router allows binding services to specific interface/address and is far away, or it doesn't, and it's not logical, not user-friendly and not usable
For RoS it is not logical to binding services to specific interface/address (although sometimes it use this method - pppoe server, hotspot etc.) , but for IOS it is because of the architecture and used practice for plain old packet filtering assignment behavior to interface.

Re: Feature requests

Posted: Sun May 29, 2011 9:26 am
by pedja
I don't think it's logical at all. Or user friendly!
Well, I said: logic, user friendliness and usability are not strong sides of Mikrotik. :)

I must say, Mikrotik is the first platform where, when one sets service, he/she has no options to set interface/ip bindings for it.

Re: Feature requests

Posted: Mon May 30, 2011 4:55 am
by ahmedramze
Can add this ?
http://forum.mikrotik.com/viewtopic.php?f=9&t=11532

Signal can reached with out need to login like Graph.

for easy to align etc.

and please I'm still dreaming on below :lol: :lol: :lol:
graph.gif

Re: Feature requests

Posted: Mon May 30, 2011 4:57 am
by ahmedramze
Let give it name Mikrotik Status page.
test.gif

Re: Feature requests

Posted: Mon May 30, 2011 5:39 am
by ahmedramze
Setup Wizard.

on first startup for new users on mikrotik to make it ease and simple.

A-DHCP must be enabled on ether1 with address 192.168.88.1/24.
B- on welcome screen (( First time login ))

1-Configure and select WAN interface ( IP type static DHCP PPPOE, IP Route, DNS ,time zone,NTP client etc).
2-Configure and select LANs ineterfaces with two option (( DHCP or HOTSPOT))
3-Masquerade LAN network ( yes or no )
4-Save and reboot.

I know most of these are enabled and its easy to access for us but for new users its good to make a simple clicks to configure most of important thinks.

and for Point A its must be added on V6.0 , users unable to download winbox or webconfig with limited network connection or windows 7 security center block mac access for winbox at most time.

and lets remeber we not talk about expert network user or ITs , Who have adsl at home he can buy mikrotik router and with 5 click on NEXT NEXT NEXT NEXT SAVE he will made his local network. this option on most public SOHO routers like D-Link , Linksys etc.

and for router board , I'm looking for New RB750GAPN Giga Ethernet with Access point with N tech with 2 internal antenna for home use. I'm use 433 with wireless and small antenna with black router board box.

Thanks.

Re: Feature requests

Posted: Wed Jun 15, 2011 9:00 pm
by mehrzud

Re: Feature requests

Posted: Thu Jun 16, 2011 1:12 am
by Ibersystems
Folders/groups in the startup window of winbox. With hundreds of diferent customers and many RBs in each customer, I need to group them to easy find the correct RBs.

It will be very good to let us make a tree with folders to keep our winbox saved entrys easy to find.

Re: Feature requests

Posted: Thu Jun 16, 2011 1:14 am
by Ibersystems
Editable winbox options/menu like in webfig

Re: Feature requests

Posted: Sun Jun 19, 2011 12:13 am
by scold
Hi,
listed in the Cisco NAC and VMPS service protocols?

B.r.:
Istvan Hidegkuti

Re: Feature requests

Posted: Mon Jun 20, 2011 12:40 pm
by janisk
Folders/groups in the startup window of winbox. With hundreds of diferent customers and many RBs in each customer, I need to group them to easy find the correct RBs.

It will be very good to let us make a tree with folders to keep our winbox saved entrys easy to find.
For ease of use and functionality i would suggest to use TheDude for this - just remove probes, so no additional load anywhere, just network device map, where you can create device groups and operate with them (upgrade devices, for example). And if required, you can monitor your key routers in the network.

Re: Feature requests

Posted: Mon Jun 20, 2011 1:06 pm
by Ibersystems
Folders/groups in the startup window of winbox. With hundreds of diferent customers and many RBs in each customer, I need to group them to easy find the correct RBs.

It will be very good to let us make a tree with folders to keep our winbox saved entrys easy to find.
For ease of use and functionality i would suggest to use TheDude for this - just remove probes, so no additional load anywhere, just network device map, where you can create device groups and operate with them (upgrade devices, for example). And if required, you can monitor your key routers in the network.
It's easyer directly in winbox : / It's not easy to do?

Re: Feature requests

Posted: Thu Jun 23, 2011 3:13 am
by oeyre
What are the odds of seeing a Cisco compatible implementation of DMVPN?

Re: Feature requests

Posted: Mon Aug 01, 2011 1:36 pm
by n21roadie
Wireless connect list protocol option to select "NV2 Nsteame 802.11" combined and not at present seperate?

In the connect list, each wireless protocol is separate (802.11 or NV2 or Nstreme or Any ) and no option for combination, I have found with my network, CPE's wireless connectivity issues when using "Any" protocol but work OK when selected "NV2 Nstreme 802.11" combination and would like to have carried that configuration forward to Ptp station connect list.

Re: Feature requests

Posted: Tue Aug 02, 2011 3:19 am
by RogerWilco
It would be nice to have the drivers so the MiniPCIe drive could be used for a small SSD for extra storage or cache space.

Re: Feature requests

Posted: Tue Aug 02, 2011 11:37 am
by sergejs
It would be nice to have the drivers so the MiniPCIe drive could be used for a small SSD for extra storage or cache space.
There is no plan for it and I do not see any strong reason to run SSD on MiniPCIe.

Re: Feature requests

Posted: Wed Aug 03, 2011 2:33 am
by RogerWilco
There is no plan for it and I do not see any strong reason to run SSD on MiniPCIe.
Because the 411U board only has one USB port and I'm using it for a 3G modem.
My ISP won't allow any device to be used that isn't issued by them so the MiniPCIe port for me is 100% useless. Extra storage would be nice to use for a cache and without buying another board and changing my setup, I can't do this.

Re: Feature requests

Posted: Wed Aug 03, 2011 3:17 am
by w0lt
It would be handy to have "auto-mtu discovery" .... 8)

Re: Feature requests

Posted: Fri Sep 30, 2011 4:39 pm
by ok2slc
feature request: implement certificate revocation lists (CRL) in OpenVPN server.

explanation: when client certificate used for OVPN connection is compromised/revoked by CA, mikrotik OVPN server has no option to block it (except to change username/password in /ppp secrets).
+1 :)

Re: Feature requests

Posted: Sat Oct 01, 2011 7:45 am
by rpingar
Pleas add MLPPP on PPPoE Server side!!!!

thanks
Ros

Re: Feature requests

Posted: Mon Oct 03, 2011 1:49 pm
by vemax78
Accept FQDN into connect-to OpenVPN client.
The field accept only ipaddress and it is very limited.

Re: Feature requests

Posted: Mon Oct 10, 2011 10:44 pm
by shap2001
UDP support for OpenVpn, It's very useful

Re: Feature requests

Posted: Tue Oct 11, 2011 8:23 pm
by omega-00
Implementation of TRILL (Transparent Interconnection of Lots of Links) as a future alternative to RSTP.

TRILL allows usage of multiple links simultaneously removing the biggest restriction in RSTP which is waste of bandwidth due to offline links.

http://tools.ietf.org/wg/trill/
http://en.wikipedia.org/wiki/TRILL_(computing)

Detailed explanation of advantages of TRILL over STP/RSTP - http://bradhedlund.com/2010/05/07/setti ... for-trill/

Re: Feature requests

Posted: Tue Oct 11, 2011 8:35 pm
by fewi
Implementation of TRILL (Transparent Interconnection of Lots of Links) as a future alternative to RSTP.

TRILL allows usage of multiple links simultaneously removing the biggest restriction in RSTP which is waste of bandwidth due to offline links.

http://tools.ietf.org/wg/trill/
http://en.wikipedia.org/wiki/TRILL_(computing)

Detailed explanation of advantages of TRILL over STP/RSTP - http://bradhedlund.com/2010/05/07/setti ... for-trill/
A challenger appears: http://en.wikipedia.org/wiki/IEEE_802.1aq
http://www.nanog.org/meetings/nanog50/p ... oisman.pdf

Supporting both would be great.

Re: Feature requests

Posted: Sun Oct 16, 2011 4:50 pm
by Lakis
Change Tx Power TAB on wlan interface
-auto detect max radio power
and put slider
slide.JPG

Re: Feature requests

Posted: Mon Oct 17, 2011 1:24 pm
by normis
-auto detect max radio power
this is default behavior if you set "default"

Re: Feature requests

Posted: Sun Nov 20, 2011 1:15 am
by SviMik
Feature request: DHCP-client option
I wondering, why there is no such trivial thing?

In %another_router_brand% I can put any custom options to DHCP client. For example, if I need to set dhcp-requested-address (option number 50), I can:
dhcp client txoptions add intf=ipKmInet option=dhcp-requested-address value=(addr)x.x.x.x
But there is no way to do this with mikrotik :(

I found similar question here: http://forum.mikrotik.com/viewtopic.php?f=2&t=46855
(option 60 (Vendor class identifier) in this case)
And the answer was: it is not possible.

So, if there is
/ip dhcp-server option
would be nice to have also
/ip dhcp-client option

Re: Feature requests

Posted: Sun Nov 20, 2011 1:17 pm
by WirelessRudy
Feature request: DHCP-client option
I wondering, why there is no such trivial thing?

In %another_router_brand% I can put any custom options to DHCP client. For example, if I need to set dhcp-requested-address (option number 50), I can:
dhcp client txoptions add intf=ipKmInet option=dhcp-requested-address value=(addr)x.x.x.x
But there is no way to do this with mikrotik :(

I found similar question here: http://forum.mikrotik.com/viewtopic.php?f=2&t=46855
(option 60 (Vendor class identifier) in this case)
And the answer was: it is not possible.

So, if there is
/ip dhcp-server option
would be nice to have also
/ip dhcp-client option
Out of interest and to gain some understanding: What is it you want?
"Vendor class identifier", what is that meaning? I found the article that describes the dhcp options but its all acadabra to me. Can you explain in plain wordings what option 60 does and what you are trying to obtain here?

Re: Feature requests

Posted: Sun Nov 20, 2011 1:45 pm
by SviMik
Again misunderstanding.
In another router (Thomson TG784 in my example) I can add any custom option with custom value, and this fields will be transmitted with DHCP request.
So, here I need same function to add any options I want.
There are *many* options in DHCP protocol (255, as I understand). The option number is just a number 1-255, and option value - is just a few possible formats (IP address, string, byte, etc.)
And anything DHCP client have to do is to append all custom options to DHCP request (it does not need to know what each option means actually).

Image

Re: Feature requests

Posted: Mon Nov 21, 2011 10:28 am
by normis
no, the question was, "why" do you need to do that? what is the result?

Re: Feature requests

Posted: Mon Nov 21, 2011 11:30 am
by SviMik
no, the question was, "why" do you need to do that? what is the result?
I'm just trying to tell, that there may be many reasons to do that (for example, I have no idea why somebody need option #60, but I can tell why I need option #50).

My story is long and not interesting. But if you wish... (sorry for my bad english)
My ISP does not give static IP addresses. But I don't want to change my IP. The solution is simple: in DHCP protocol the client can (and most DHCP clients do) tell preferred IP (usually this is previous IP, which client remember). And, if this IP is valid (exists in DHCP server pool) and not used by somebody else, then DHCP server can give requested IP address (or can ignore this option, depending on server implementation and configuration). This works with my ISP: I can take back my IP even if it changes. But to do that, I need to modify option #50 (dhcp-requested-address).

My problem may look silly... But, this is what I can do with another router (and also can with linux and even windows), and can't with mikrotik. :(
Yes, I know this is wrong way (the better was to get static IP from my ISP, but he does not provide such service).
Yes, I know that sometime I loose my IP anyway, but my task is only to minimize number of changes if I can.

Re: Feature requests

Posted: Fri Mar 09, 2012 4:09 am
by Silencept
Not silly at all , without option 60 i dont get a DHCP offer from my ISP , thought Mikrotik was the solution for my problem and it seems that i've go to go elsewhere ...
Im sure there are other ISP's that require other options beside 50 and 60 so the possibility of using them would be a good for mikrotik and for the people who buy mikrotik and i'm sure it wouldn't be to hard to implement. After all it doesn't require that much modification to the actual client.

Re: Feature requests

Posted: Fri Mar 09, 2012 5:11 pm
by mjjochen
I know it has been asked for before, but want to add my vote to be able to use /tool fetch over https. So SSL savvy fetch please!

I cringe sending my login info for my dynamic dns unencrypted (but that is all I have). My provider does not use dns-update, so must go over http with fetch.

Re: Feature requests

Posted: Thu Mar 15, 2012 6:50 am
by gsloop
1) HTTPS fetch
2) fping support
3) PPTP classless routing fix for Windows clients

Re: Feature requests

Posted: Thu Mar 15, 2012 12:01 pm
by Chupaka
3) PPTP classless routing fix for Windows clients
?..

Re: Feature requests

Posted: Thu Mar 15, 2012 1:22 pm
by lavv17
integrate udpxy. Very useful for IPTV over WiFi for home users.

Re: Feature requests

Posted: Fri Mar 16, 2012 8:51 pm
by piyokos
add option to ppp profile to call one script when client connects (post ip assignment) and another script when client disconnects, and pass all relevant information to script like username, service, caller id, assigned remote ipv4 address, assigned remote ipv6 address, uptime, total tx/rx bytes.

intention being so accounting/abuse tracking can be conducted without dealing with radius, also opens the door for many other things, like scripting smart firewall rules for vpn/pppoe users.

Re: Feature requests

Posted: Fri Mar 16, 2012 10:30 pm
by markom
It would be great to have possibility to send SNMP commands from MT to some network devices. My problem is that I would like to send command to APC to turn off outlet X and bring power again after Y seconds on some events.

Edit:

And of course Adaptec raid controller driver or (&) Intel raid controller support. We are using this for greater demands customers http://www.supermicro.com/products/chas ... 2L-200.cfm

There is space for 2 SAS HDD mobo have Intel and Adaptec controller integrated ad would be great if we have redundancy of 2 hdd in router

Re: Feature requests - torch

Posted: Fri Mar 16, 2012 11:18 pm
by rmichael
Add new filter "connection mark X" to the Torch to be able to track the performance of the PCQ/Queue Tree

Re: Feature requests

Posted: Sun Mar 18, 2012 5:25 pm
by mihaimikrotik
I also have an "internal" feature request: better granularity for multi-cpu/core x86 systems.

In systems running multiple full bgp feed peers the table will grow quite big. 3 bgp full-feed peers with one ibgp peer with redistribution will grow the table to +1M routes.

I do not know how ROS works internally but I can tell you this: if I have firewall, qos and BGP active, that's trouble every time we get high packet rate (+100kpps), every time the firewall will do something, or every time there will be some dynamically added routes to the main table. The router will just go into resource starvation.

For example: if we disconnect and reconnect 2 peers, one core will go up to 100%, mostly everything else will lock up, winbox will disconnect and sometimes all the peers will disconnect.

I find this a very serious issue and it should be resolved by adding the possibility to specify which ROS process would go to which processor/processing core. For example we could specify that bgp instance default would go to cpu 0 and the firewall would be processed on on cpu 1 instead of automatically using the same cpu for everything the router does software and putting that in 100% which will sometimes break things.

EDIT: and oh yes, support for +2 GB of RAM.

Re: Feature requests

Posted: Mon Mar 19, 2012 10:12 am
by Chupaka
add option to ppp profile to call one script when client connects (post ip assignment) and another script when client disconnects
even more: not only 'on connect' and 'on disconnect', but 'before connect' so that it would be possible to set, for example, server address from the list of servers (RR DNS, etc.)

Re: Feature requests

Posted: Mon Mar 26, 2012 3:24 pm
by GREG3f
In Winbox, add two options to right click when clicking on a wireless client in the registration table to allow (1) Bandwidth Test and (2) Launch Winbox to open client in addition to existing mactelnet, torch etc.

Re: Feature requests

Posted: Sun Apr 01, 2012 6:49 pm
by sanya
integrate udpxy. Very useful for IPTV over WiFi for home users.
It would be really nice to have this feature integrated. Just a few words why it's really needed:

There are a couple of RB hardware models oriented for home use. And a lot of home users (at least here in Ukraine) have IPTV from their ISP and prefer working over wireless. However transmitting multicast over WiFi is always a bad idea because multicast over WiFi transmits without acknolege and therefore uses the lowest possible rate to assure packets delivery. Yes, it's possible to increase base rate for multicast, however the more we increase rate, the more packets we lose. That's why you will never get fast rate for multicast over WiFi. At the same time proxying multicast to TCP can offer maximum rate with no packet loss.

Honestly, lack of udpxy functionality in RouterOS is the only thing why I can't suggest RouterBoard hardware for a lot of home users. I mean, each user who has IPTV from his ISP. Here in Kiev, those are at least 30% of home users.

Re: Feature requests

Posted: Mon Apr 02, 2012 4:18 pm
by vik1988
Hi,

Don't know how to add feature request in Wiki so adding here

Winbox Plugin inside Winbox :- Is it possible to add a winbox features inside ROS like Telnet/Mac-telnet/SSH. Many times we need to access other routers inside ROS which are not reachable directly from PC. So it would be nice if we can open other ROS on GUI, inside from the RouterOS.... :)

Re: Feature requests

Posted: Tue Apr 03, 2012 8:19 pm
by gled
Added request for MLPPP client support on PPTP on the wiki, hope that someone will take a look at it !

Re: Feature requests

Posted: Tue Apr 03, 2012 9:46 pm
by lwq
I don't think it's logical at all. Or user friendly!

RouterOS users expect that all access rules are managed by the firewall. Why run to 10 different places to turn on/off some service access when you can do it all in one place, with easy overview of all rules and their priorities.
Oukey, so why are on different places made oportunity to allow access only from specified IPs ? /ip services /user and so on for example ? 8)

Re: Feature requests

Posted: Tue Apr 03, 2012 10:01 pm
by lwq
I have so feature reqs ... I think useful for a lots of users 8)
  • - read out of serial port, in script, not in terminal only
    - 1-wire bus support
    - script debug posibility (error report e.g. like PHP)
    - export/import winbox list to useful format like CSV, not address-book format only
    - quality and complete MIB file for SNMP read/write
    - posibility to make/read/change files directly in Winbox (like F3/F4 in midnight cmdr)
    - option to run script at scheduler not only upon specified time but also upon specified event like system power on, wireless running-check on/off, uplink signal under/over, ethernet on/off, ...
The most needed feature is read out from serial port and to run script upon even.

What you think about ? 8)

Re: Feature requests

Posted: Mon Apr 09, 2012 11:47 am
by titius
Is it possibile to implement simple web browser?

It is useful if you have lots of generic client CPEs with bridged interface and need to set those CPEs with fresh settings. usually they have some 192.168.xx addresses. And we have to make eoip tunnels to do access those cpes.

With web broser all you have to do is add another Ip on interface and then easily access CPEs.

Re: Feature requests

Posted: Tue Apr 10, 2012 8:30 pm
by herschel
EoUDP - Ethernet Over UDP, similar to EoIP, but carries data over UDP. One end is 'server', one end is 'client'. Server port can be set to user's choice, client port determined by OS/NAT. Has adjustable ping to maintain end-to-end connectivity. Simple and high performance ethernet tunneling for scenarios where one end cannot use Layer2 protocols (EoIP, IPIP, etc) for whatever reason.

Re: Feature requests

Posted: Wed Apr 11, 2012 12:20 am
by sashavl
DNSCrypt - new OpenDNS feature, we now have to use client for mac or windows, it installs proxy on local comp which makes encrypted dns requests for you, i think it would be easy to implement this in routeros beacuse it already has dns server, some of the modded router firmwares already has it

tnx for your support

Re: Feature requests

Posted: Wed Apr 11, 2012 8:39 am
by herschel
Create network interface over USB with Apple iPhone. Open source iPhone tethering driver for Linux has been available for some time now (ipheth) and I think it is now part of the kernel...

Re: Feature requests

Posted: Tue Apr 17, 2012 6:26 pm
by omidkosari
Unmetered content for ppp server specially in pppoe server . a featue which a router allows not to count some addresses in radius accounting .
for example we want pppoe users don't pay for opening www.mikrotik.com

Re: Feature requests

Posted: Tue Apr 17, 2012 6:32 pm
by Chupaka
Unmetered content for ppp server specially in pppoe server . a featue which a router allows not to count some addresses in radius accounting .
for example we want pppoe users don't pay for opening http://www.mikrotik.com
+1, extremely actual :) I'd even upgrade my v3.28 pptp concentrator to v5 or even v6 :)

Re: Feature requests

Posted: Sat Apr 21, 2012 3:15 am
by Karas
Hi

Would it be possible to have a 'Port List'

Sort of like the Address Lists just with ports

I do ALOT of Mangle and port forwarding both for Myself and client and always comment exactly what each port is for to save myself time/confusion later on.

It would make things alot easier (for me at least) if I could handle them via one page, as I do with my Address Lists.

Re: Feature requests

Posted: Sun May 06, 2012 10:25 pm
by ropebih
integrate udpxy. Very useful for IPTV over WiFi for home users.
It would be great, one "like" for udpxy. :D

Re: Feature requests

Posted: Mon May 07, 2012 12:43 pm
by Chupaka
well, now (v6, AFAIR) ROS can send mutlicast paskets as unicast frames, so udpxy is not actual just for wifi

Re: Feature requests

Posted: Mon May 07, 2012 3:24 pm
by pateutz
Hi team,

i don't know if this request has been made but it will be possible this "parent proxy that need user and password for authentication?".

I saw this topic and seams that has end into 2008:

http://forum.mikrotik.com/viewtopic.php?f=2&t=23490

Best Regards,

Daniel

Re: Feature requests

Posted: Fri May 11, 2012 11:48 am
by lavv17
well, now (v6, AFAIR) ROS can send mutlicast paskets as unicast frames, so udpxy is not actual just for wifi
If I understand correctly, multicast-helper works only for point-to-point radio links. Udpxy can help if there is a standard home WiFi network with multiple client devices.

Re: Feature requests

Posted: Sat May 12, 2012 12:54 am
by mcrose
Granular control over OSPF metrics of redistributed routes. c/f http://forum.mikrotik.com/viewtopic.php?f=14&t=57641

Re: Feature requests

Posted: Sun May 13, 2012 3:26 am
by neko
Registering for the wiki and voting seems like something disabled right now (there's only Log In, no create account, or signup link at the login page) so I'm just going to post the features I would really really like here;

[*] Automatic mapping of DHCP client hostnames into the DNS server, such that if my system jumps in and says it's "dave", I can resolve "dave" and "dave.mydomain.com" immediately saving having to create static entries for every box on the network. In a hardware/software development environment where we do a lot of system testing and integration (usually remote console over SSH or file transfers) it's a pain to look for IP addresses when we know the hostname the system will give out, and a royal pain to add a static entry to every system we want to run and test, both in DNS and DHCP to lock it down for testing. Removal of the entry on DHCP release also means we would immediately know (no resolution) if the system got turned off (actually very useful for VMs, too, since we do a lot of development inside VMWare on our desktop systems, to produce software for the target hardware). This actually happens automatically on much crappier "router" software such as present on most home modems, or DD-WRT or Tomato, which makes it all the more painful not to have (since nearly everyone in the office gets the feature at home for free)

[*] Wizards for setting up various VPN types, especially things like servers for IPSec "Road Warrior" configurations which are nefarious and difficult to get right when the settings are spread across many, many sections of the configuration tree (/ip ipsec, /interface *-server, /ppp)

[*] Already in the Wiki but I'll vote for it here; certificate generation on the router :)

[*] Web Proxy: ability to rewrite web addresses to match other web addresses (therefore, for instance, if I go to ftp.*.debian.org over HTTP, it rewrites it to use our proxy or points it at some fast local mirror, or even redirects the ftp.uk.debian.org mirror to the ftp.us.debian.org mirror, without playing with DNS (essentially because if we all end up going to a different mirrored site, we get the same files cached multiple times)

[*] Web Proxy: pass through caching to some other system for certain domains, or paths, such that the router will use the "parent proxy" for that task and just act as a gobetween. You might have guessed we fetch a lot of Linux distribution packages in the office, but we can't set every client to use a local mirror (since they're shipped to customers and need the public repo addresses.. no preset proxies or "office internal" data can be applied to these systems)

[*] Web Proxy: don't commit to SD card so much! On our RB1100AH we can see the effects of the Linux caches being flushed to SD card doing transfers which should be at ~gigabit speeds from memory to the client, basically run up to a few megabytes and then the speed drops to SD card speed (and then goes up and then goes down again). This is especially evident on sites like SpeedTest.net which transfer files over HTTP via Flash to do bandwidth testing - 400mbit/s to 3mbit/s to 40mbit/s to 1gbit/s to 10mbit/s and then a steady rate which is far, far below the actual connection speed for the final stretch. Our connection is much faster than our SD card which we would have hoped would just be used for backing store of files fetched every couple days and therefore not soaking up RAM, but it seems to pull from it rather a large amount. It also, weirdly, alters the ping values (I guess Flash can't send an ICMP packet so it's guessing over an HTTP connection) from ~10ms to 200ms and also SEEMS to do the same for a real ICMP ping via PingTest.net (which is Java and are real ICMP..) when enabled as a transparent proxy via srcnat. Since we can't know the server SpeedTest.net will use at any one time, we can't override it (nor can we "bypass" the proxy in any way anyway, only "accept" or "deny" proxying)

[*] Probably my favorite: DHCP option support that doesn't get set in EVERY DHCP packet going out. We should be able to add options for every static lease entry that do not affect others, for example if I am provisioning many types of IP Phones or other similar systems, some support option 66 and require a full firmware path, others just the location of the directory and will seek their correct firmware path. The only alternative right now is to create a special new DHCP server and lease pool for each set, right? This annoys me because I'm looking at 30 pools to configure, 27 of them containing only a single lease. Every other DHCP server I've used lets me customize options per lease or per MAC address and not per-pool.

[*] Ability to backup and restore config to/from a TFTP server as many IP phones (and Cisco routers..) do.

Re: Feature requests

Posted: Sun May 13, 2012 1:46 pm
by docmarius
I would really love to have a AYIYA tunnel client in RouterOS (something like AICCU).

Jeroen Massar from SixXS, the maintainer of AICCU, is really a nice person and would probably be willing to provide full support for implementing such thing.

Re: Feature requests

Posted: Tue May 15, 2012 1:13 pm
by MimiFleX
Enable the TEE iptable target to allow ROS to become a network probe, and to mirror any kind of IP traffic to an analyser.

From iptables man page :
   TEE
       The  TEE  target  will  clone  a packet and redirect this clone to another machine on the local network segment. In
       other words, the nexthop must be the target, or you will have to configure the nexthop to forward it further if  so
       desired.

       --gateway ipaddr
              Send  the cloned packet to the host reachable at the given IP address.  Use of 0.0.0.0 (for IPv4 packets) or
              :: (IPv6) is invalid.

       To forward all incoming traffic on eth0 to an Network Layer logging box:

       -t mangle -A PREROUTING -i eth0 -j TEE --gateway 2001:db8::1
Edit: and please don't reply me (as the support did) this feature is already implemented using switch mirror feature. Tee let one to use very complex filters as for every mangle rule based on conntrack, address lists, and so on... And moreover switch mirror is only available on few hardware.

Re: Feature requests

Posted: Wed May 23, 2012 12:05 pm
by JanezFord
feature request: implement certificate revocation lists (CRL) in OpenVPN server.

explanation: when client certificate used for OVPN connection is compromised/revoked by CA, mikrotik OVPN server has no option to block it (except to change username/password in /ppp secrets).
+1 :)
+1

+ UDP, LZO, push route, optional (not mandatory) user/pass

Re: Feature requests

Posted: Sun Jun 10, 2012 3:15 pm
by docmarius
Playing around with some scripts for dyndns i have an idea...

Since all tool fetches create temporary files which are used once, wouldn't it make sense to have a temp folder or something in files which links to a RAM file system, so the flash memory doesn't get tortured with multiple writes?

Something like a temp or tmp folder in the file structure (which looses its content on restart but this is no issue with temporary files).
AFAIK the Linux kernel has all provisions for that.

Re: Feature requests

Posted: Sun Jun 10, 2012 5:20 pm
by mahnet
think many would have thought of a CMOS battery in routerboards.

Re: Feature requests

Posted: Sun Jul 22, 2012 12:33 pm
by tamilmaran
provide sms gateway support for send sms ,in sms tool option

Re: Feature requests

Posted: Sun Jul 22, 2012 1:11 pm
by WirelessRudy
SXT with two or three Ethernet ports.
If possible PoE input delivered by two (or the 3) ports.

With present high wireless connection rates one antenna could easily serve two or three families/houses with internet.
One (or two) extra Eth. ports would keep the unit cheap while serving two (or three) neighbors. This would make MT a preferred solution for duo or triple house connection.

If than all ports can be PoE input where one is master and the others are slave this would give redundant system where it is not depending on power of one house only....

Such unit would finally give some advance on competition... something we need desperately.

Re: Feature requests

Posted: Sun Jul 22, 2012 3:26 pm
by rodolfo
in winbox show inline comments by default
and in interfaces>eoip show tunnel-id by default

Re: Feature requests

Posted: Sun Jul 22, 2012 4:14 pm
by WirelessRudy
In winbox; add a notepad for general notiticions related to that routerboard. The usual "comment" fields are for specific use, general comment (like "This rb is housed in staircase") would be very handy.

Re: Feature requests

Posted: Mon Jul 23, 2012 5:57 pm
by honzam
in winbox show inline comments by default
+1 and show CPU usage and Uptime by default

Re: Feature requests

Posted: Mon Jul 23, 2012 11:56 pm
by taduikis
Having a per device notepad would be awesome. I have alot of devices configured in a manner that would be difficult to understand without separate explanation. The general device notebook would help alot. It would also be helpful to write down initial signal strenghts to cpe's, etc..

BTW, I've heard new winbox is under developement. I really hope they listen to all our suggestions while developing it.

Re: Feature requests

Posted: Tue Jul 24, 2012 12:57 am
by WirelessRudy
Having a per device notepad would be awesome. I have alot of devices configured in a manner that would be difficult to understand without separate explanation. The general device notebook would help alot. It would also be helpful to write down initial signal strenghts to cpe's, etc..

BTW, I've heard new winbox is under developement. I really hope they listen to all our suggestions while developing it.
This option is mentioned in the past before. I am afraid it got snowed under a bit since the development of the web based UI.
But I, and with me lots of others, still prefer winbox but I got the feeling the developments in winbox were a bit on a side track.

So you say they are working on a new winbox? That would be nice if they than also will read all the old gestures made by many on the improvements winbox could use to make it a very handy, yet simple, tool to use.

The 'device general notepad' would be a great pre since like you said a lot of device depending notes could be made which helps a lot if a unit after months of seamless undisturbed working suddenly give problems and you completely forgot that this special unit had some specialties in its install or config. Would not be the first time I erased a strange looking setting only to find out later this specific unit had a means for it!!

Re: Feature requests

Posted: Tue Jul 24, 2012 1:42 am
by taduikis
Well, normis recently gave out that they are working on a new winbox, so I assume they are making non-plugin based program which I hope will have quite alot of improvements and it's a perfect opportunity to listen to community suggestions and feature requests, me think.

And honestly, I have used webfig less times that I have fingers on single hand. It's a good thing, no doubt, but I don't imagine RouterOS without winbox control. The Dude integration, mac level comm, simple and easy to use..winbox is a vital part of ROS.

Re: Feature requests

Posted: Tue Jul 24, 2012 5:01 am
by nz_monkey
What's new in 6.0beta5
*) ipsec - add support for Virtual Tunnel Interfaces;
It's a wish, and has been for many, many years. Maybe if I keep suggesting it, Mikrotik might eventually add it !

It's one of the most wanted features on the Wiki feature requests page.

Re: Feature requests

Posted: Tue Jul 24, 2012 9:00 am
by erebusodora
If possible, include the option to LAN or LAN chat server for better communication with customers. Or it can be circulated notes of the type IM. To add the ability to upload files on a MAC-TELNET

Re: Feature requests

Posted: Tue Jul 24, 2012 8:35 pm
by ttaiw
if possible, I need feature Cisco ezvpn client support.

Re: Feature requests

Posted: Thu Jul 26, 2012 12:04 pm
by honzam
It would be good see in log Radio Name and last signal strenght

Re: Feature requests

Posted: Mon Jul 30, 2012 12:03 pm
by CyberT
Hi Guys

I would like to suggest an "notes" menu item in router os that displays when u log into winbox/telnet reason would be very close to "comments" on links and so forth, we have a multitude of admins in our network, and it would be nice to have an function like

1) "last 5 changes to device/setting"
2) Notes, aka "link x disabled, link is dropping, needs to be checked, or contact numbers for High Site under notes or whatever really, you can do all this in comments, but its hard.

I know there is "welcome message" but its hard to edit and so forth.

like a place to store "facts" like "$date - Link x tx/rx strength at ccq on freq.

will give anyone the ability to quickly and easily say that an link has deteriorated without even knowing anything about the HS/link

Re: Feature requests

Posted: Mon Jul 30, 2012 12:19 pm
by zloty
notes a brilliant idea

Re: Feature requests

Posted: Mon Jul 30, 2012 5:50 pm
by linek1980
great idea. In conjunction with webfig have great potential

Re: Feature requests

Posted: Mon Jul 30, 2012 11:15 pm
by proggams2
a good feature is the ability to scan by a remote site cpe
(for example we can set scan into this channel or this range and when the scan is done, it should save the list of scanned ap's)
because if we click on scan on any station it will drop the link.

Re: Feature requests

Posted: Tue Jul 31, 2012 1:09 am
by taduikis
You can scan for about 5-6seconds via terminal. Or you can use a script to scan for as long as you want and put the results into a text file.

As for notepad, count me in too.

Re: Feature requests

Posted: Tue Jul 31, 2012 1:39 am
by WirelessRudy
You can scan for about 5-6seconds via terminal. Or you can use a script to scan for as long as you want and put the results into a text file.

As for notepad, count me in too.
We don't want to write scripts. We want usability without the need to write scripts in an ever changing script language. Everytime when I upgrade my ROS I am worried the few scripts I made did survive...

The Scan option with output is been asked for many times and promised some times, but still not there. Many other vendor devices have this just as an available tool that even works remotely over the wireless link. Just click on 'scan' or similar and after 20 secs or so the output is printed in a window.
I understand that this might break a winbox session but let the boys of MT than make an underlying script that in case of a scan command the disconnect timer is set to 25 secs... so the winbox session just stays alive.

I hate it when the user has to develop scripts to make something to work. That should come from the manufacturer. We are not all script kiddies, probably most of us are not. Most of us just want a good product that can stand the comparison or do better than the competition....

Re: Feature requests

Posted: Tue Jul 31, 2012 8:28 am
by taduikis
This reminded me of yet another feature worth mentioning. I'd like to have an ability to export scan results to a file (from winbox mostly). I'm collecting site surveys during client installs recently. This sometimes gives useful information about channel usage in that area. Screenshooting is very inconvenient.
Mikrotik, please go and write 'export wireless scan results to a file' on your added feature list for next release.. It's a must have and I'm sure very easy to implement.

Re: Feature requests

Posted: Tue Jul 31, 2012 10:27 am
by WirelessRudy
This reminded me of yet another feature worth mentioning. I'd like to have an ability to export scan results to a file (from winbox mostly). I'm collecting site surveys during client installs recently. This sometimes gives useful information about channel usage in that area. Screenshooting is very inconvenient.
Mikrotik, please go and write 'export wireless scan results to a file' on your added feature list for next release.. It's a must have and I'm sure very easy to implement.
I think this remote 'scan' and print to screen/file function is one of the highest valued reature requests. I know MT said once they are working on it but probably that is going to be ROSv.6.
What means yet again to get something like that you have to upgrade which than gives new. other problems again.....

Re: Feature requests

Posted: Wed Aug 01, 2012 9:27 am
by Ivoshiee
As much I've seen the ROS documentation the scripting is static by nature. That will make it relatively easy to implement (run time) script compiling. That way scripts will run more like native applications and will not consume insane amount of CPU time for doing almost nothing. Also, those compiled scripts can be cached (in memory) for even greater system speed.

Re: Feature requests

Posted: Wed Aug 01, 2012 4:11 pm
by dada
1) allow changes of WIFI settings without restarting the card - i.e. without losing the connection whenever possible (changing max TX power level, etc). Maybe even detect that the new settings) of ssid, channel etc) is the same as old one so the connection restart is not needed too.
2) ATPC - i.e. automatic TX signal power adjusting for AP and client stations.

Re: Feature requests

Posted: Thu Aug 02, 2012 12:34 am
by viperbmw69
Please add the ability to peer with bgp neighbors within a VRF (Not MPBGP) basically in the ipv4 address-family vrf XXX.

Re: Feature requests

Posted: Thu Aug 02, 2012 2:59 pm
by nz_monkey
Please add the ability to peer with bgp neighbors within a VRF (Not MPBGP) basically in the ipv4 address-family vrf XXX.
This functionality already exists, it is CLI only though. You need to configure the "Routing Instance" against a "routing table", which is Mikrotik's pseudo-VRF system. Any peering sessions associated with this BGP instance will now occur within the "vrf"

Re: Feature requests

Posted: Mon Aug 06, 2012 9:43 pm
by hassibi
Hi
Please add fault tolerance feature with keeping connections.
and a solution for aggregate internet links from different ISPs.

Re: Feature requests

Posted: Tue Aug 21, 2012 11:33 am
by bawolek
It will be usefull if in Web Proxy access can I use parameter
"src-address list" and "dst-address list" to new rules :)

Feature requests

Posted: Fri Sep 07, 2012 7:15 pm
by NoXy
My suggestions for ROS6:
- dhcp options per lease (also by radius)

RB wishes:
- 751UPG-2HnD - with POE output
- hardware button to trigger audible antenna align mode (speaker) - It would be nice to have a user button on every RB product, which role could be set in ROS
- 2011LS-INP - with POE output
- Metal for 2.4Ghz (HP)

Re: Feature requests

Posted: Fri Sep 07, 2012 7:30 pm
by ohara
- Metal for 2.4Ghz (HP)
It is on it's way, please see: http://www.mikrotik.com/download/share/du12.pdf

+1 for power output!

Re: Feature requests

Posted: Sun Sep 09, 2012 3:23 am
by Chupaka
- dhcp options per lease
just create a dedicated entry under Networks for the address of your lease
(also by radius)
huh... "[Ticket#2008092966000257] Receive Options for DHCP Server from RADIUS" - the last answer was almost three years ago:
Currently we are very busy in other projects, but this feature is on our todo list.

Re: Feature requests

Posted: Thu Sep 13, 2012 2:34 pm
by unrandomsam
Proper udev or hotplug support (So you can create things to happen on certain events - e.g a link going down or coming up etc).
(Running scripts every x mins is an awful idea.)
udp support for openvpn.
proper ipsec support. (Terribly out of date compared to *BSD or Openswan / Strongswan).
WINS support for the smb server. (Don't get why it wouldn't be done when the smb support was added). Even just a simple enable / disable would be fine.
Openvswitch support. (Xen and the combination of mikrotik bridging or trying to use the hardware switch is disaster - Xen itself has poor support for routed vm's).
Support for mobile ipv6.
Enable a tunnel broker or 6to4 when the wan ip is dynamic.

Re: Feature requests

Posted: Fri Sep 14, 2012 9:22 pm
by Rockyboa
+1 for better IPSec support.

Would like to get mode-config push pull for road warrior

http://forum.mikrotik.com/viewtopic.php?f=2&t=45516

Re: Feature requests

Posted: Fri Nov 16, 2012 9:49 am
by zalexp
It would be handy to set pcc values in percent (or probability) too. something like per-connection-classifier=both-address:30%.
The same for child queues in tree: limit-at=30% max-limit=100%

Re: Feature requests

Posted: Fri Nov 16, 2012 10:29 am
by otgooneo
in winbox show inline comments by default
and in interfaces>eoip show tunnel-id by default
+1 like. Also /interface vlan show vlan-id by default at winbox.

Re: Feature requests

Posted: Fri Nov 16, 2012 12:27 pm
by 1001001
Request:

implement tar in order to e.g. copy a archive (via ssh) to a client connected to an ovpn server untar it on the client. Needed in case of full portalpage overhaul.

The implemente fetch function is just not flexible enough for tasks like the above mentioned.
Imagine a portal pages consisting of html pages and subfolders with html pages, no way anybody would want to replace every file in that structure one by one.

Re: Feature requests

Posted: Fri Nov 16, 2012 1:07 pm
by Chupaka
Request:

implement tar in order to e.g. copy a archive (via ssh) to a client connected to an ovpn server untar it on the client. Needed in case of full portalpage overhaul.

The implemente fetch function is just not flexible enough for tasks like the above mentioned.
Imagine a portal pages consisting of html pages and subfolders with html pages, no way anybody would want to replace every file in that structure one by one.
you'd better use scp, I think - it's more secure than fetching

Re: Feature requests

Posted: Fri Nov 16, 2012 1:13 pm
by 1001001
Request:

implement tar in order to e.g. copy a archive (via ssh) to a client connected to an ovpn server untar it on the client. Needed in case of full portalpage overhaul.

The implemente fetch function is just not flexible enough for tasks like the above mentioned.
Imagine a portal pages consisting of html pages and subfolders with html pages, no way anybody would want to replace every file in that structure one by one.
you'd better use scp, I think - it's more secure than fetching
Thats a problem when dealing with MT devices connected to a vpn server. Anyways fetch is fine as long as the is a way to uncompress e.g. tar files.

Re: Feature requests

Posted: Sat Nov 17, 2012 4:01 am
by mahnet
RB 750UP good enough for the SOHO but something similar for the enterprise also. Like say RB2000 series or atleast 4 POE enabled ports on the RB1100AH or CCR. We need to remotely cut power supply at times. Disabling the said POE ports should do the job.

Re: Feature requests

Posted: Sat Nov 17, 2012 8:06 pm
by saaremaa
I propose to discuss the possibility of implementing user authorization in Winbox, using SSL-certificate. Our company uses a lot of RouterBoard and we need a more flexible management of passwords on all RouterBoard.

Re: Feature requests

Posted: Sun Nov 18, 2012 10:36 am
by dada
I propose to discuss the possibility of implementing user authorization in Winbox, using SSL-certificate. Our company uses a lot of RouterBoard and we need a more flexible management of passwords on all RouterBoard.
Note: maybe you can use this - you can run a winbox with a command line parameter (IP, name, password) so it is very easy to run winbox from browser (for example) and then it connect without asking for user credentials etc.
The SSL certificate based login could be a dangerous thing IMHO. it could be a problem to secure the certificate. In the case the certificate is stollen you have to change it on all boxes...

Re: Feature requests

Posted: Sun Nov 18, 2012 1:17 pm
by Chupaka
Our company uses a lot of RouterBoard and we need a more flexible management of passwords on all RouterBoard.
use RADIUS?..

Re: Feature requests

Posted: Sun Nov 18, 2012 2:13 pm
by saaremaa
Our company uses a lot of RouterBoard and we need a more flexible management of passwords on all RouterBoard.
use RADIUS?..
Yes, we use Radius, but only for PPP authentication. You talk about this point → Radius Server settings: Service = Login?

Re: Feature requests

Posted: Sun Nov 18, 2012 7:02 pm
by ropeba
I think that mikrotik should base their attention on the correction of current bugs instead of adding new options. It's a waste of time that you develop a product that is semi useful.. First fix the bugs and then continue with the development, only then you will have the opportunity to stay in the market. Way you are doing it now is taking you down slowly.

Re: Feature requests

Posted: Mon Nov 19, 2012 1:22 pm
by Chupaka
Yes, we use Radius, but only for PPP authentication. You talk about this point → Radius Server settings: Service = Login?
yes, plus "System -> Users -> AAA -> Use RADIUS"

Re: Feature requests

Posted: Mon Nov 19, 2012 7:01 pm
by rezamoghadam
Hi !

I have Two Basic Request , But Is Very Useful .

1. Please Make Authentication For Socks , Authentication Based on Username & Password , Mac , ...

2. Please Set Limit Byte IN & Out in PPP Secret Based on Traffic Usage and User After Finished His Traffic , Can Not Connect Again , Same as Hotspot Users .
" Currently User After Finished His Traffic Limitation Get Disconnect and Then Can Also Connect Again "

3. Make a Full Update , Complete , Simple Wiki and Manual !

Thanks !

Re: Feature requests

Posted: Wed Nov 21, 2012 10:57 pm
by nicuro
Add an option to /tool fetch to save output to a variable

Re: Feature requests

Posted: Sat Nov 24, 2012 10:15 am
by Moogman
Hi,

we would need for our customers the following:

1. DyndnsClient with a customizable updateserver (cause we run our very own dyndns server).
This is cause all of our customers did have an ADSL2+ connection with a dynamic IP,

2. IPsec with dynamic IP´s for both, the initiator and the responder. This is very important for us.
It should also be possible to define the ID type (not only FQDN, what about IPv4) and this should be settable for both sides
like on other routher (Lancom, cisco, bintec, draytec, ...)....
It should look like this:
Own ID Type
Own ID:
Responder ID Type:
Responder ID:

The networksettup looks lik this:

Customer Side (Dynamic ip ADS2+):
Its a custom router with open SWAN, and a dynamic IP but with a resolvable DNS name.

Home office (Dynamic ip ADS2+):
here we want to place the mikrotik router.


The router on the customers side can only does the following:
IPSEC PSK (MAIN MODE):
Ph1:
3DES / SHA1 / DH 2
Lifetime 3600

Ph2:
3DES /MD5
Lifetime 1200

Nat-T is used.
The router sends as ID-Type: FQDN with its own DYNDNS name.
And expects on the other side ID-Type FQDN with DYNDNS.

But i have not found a possibility to enter both ID´s in the RouterOS.

Can anybody help me?

Re: Feature requests

Posted: Wed Nov 28, 2012 7:17 am
by laneovcc
aria2 aria2~

Re: Feature requests

Posted: Wed Nov 28, 2012 6:16 pm
by wbeld
Many interesting suggestions here. I'm wishing for a walled garden configuration that allows an entire web site to be accessed. Seems to be too narrow, now. How about wild card support in the URL field?

Re: Feature requests

Posted: Thu Nov 29, 2012 12:34 am
by omega-00
Many interesting suggestions here. I'm wishing for a walled garden configuration that allows an entire web site to be accessed. Seems to be too narrow, now. How about wild card support in the URL field?
The walled garden options support regular expressions so there's nothing stopping you from doing this already.

Eg: (this is taken from the usermanager setup page but gives multiple examples of direct domain, and wildcard matching)

ros code

/ip hotspot walled-garden add dst-host=":^www\\.paypal\\.com\$" dst-port=443 action=allow 
/ip hotspot walled-garden add dst-host=":^content\\.paypalobjects\\.com\$" dst-port=443 action=allow 
/ip hotspot walled-garden add dst-host=*.akamaiedge.net action=allow
/ip hotspot walled-garden add dst-host=paypal.112.2O7.net

Re: Feature requests

Posted: Wed May 01, 2013 7:36 pm
by luqasz
kerberos ssh login

this would be a really secure and nice alternative to radius.

Re: Feature requests

Posted: Wed May 08, 2013 9:15 am
by ege
Xtables-Addons with GeoIP for Firewall

Re: Feature requests

Posted: Tue May 21, 2013 8:32 am
by erebusodora
Is there a possibility to add a option or separate to PPPoE conections like a Hotspot cookies. For Tracking ,statistics
tics , MAC adress, uptime total, etc. ...........clients.

Re: Feature requests

Posted: Mon May 27, 2013 8:08 pm
by EMOziko
1) Enterprise authorisation in wireless (802.11, nstreme, nv2) like EAP-TTLS, PEAP. We cant deploy mikrotik as client stations without that things.

2) Mass management software for routerOS devices (like ubnt aircontrol).

Re: Feature requests

Posted: Sun Jun 02, 2013 7:52 pm
by lprot
Please add to WiFi ACL ability to enforce 20MHz mode when 20MHz/40MHz Above/Below is on in WiFi settings.

Re: Feature requests

Posted: Sun Jun 02, 2013 7:54 pm
by HaPe
Hi,
What do you think about ability to change predefinied speed limits in SQ? Yes, we can enter eg. 4096k there, but it will be great to add option to change default entries.
Default are 64k, 128k...2M.

Re: Feature requests

Posted: Mon Jun 03, 2013 9:56 am
by Sunsun
Please, add feature, that allows easy use special dns for subnets like in dnsmasq!
More specific domains take precendence over less specific domains, so: --server=/google.com/1.2.3.4 --server=/www.google.com/2.3.4.5 will send queries for *.google.com to 1.2.3.4, except *www.google.com, which will go to 2.3.4.5

Re: Feature requests

Posted: Mon Jun 03, 2013 10:42 am
by THG
Add a feature to the dhcp server that makes it possible to change the default gateway for static leases.

Re: Feature requests

Posted: Mon Jun 03, 2013 5:47 pm
by Chupaka
Add a feature to the dhcp server that makes it possible to change the default gateway for static leases.
you need to set static IP address for that lease and add /32 network for that address with necessary gateway

Re: Feature requests

Posted: Mon Jun 03, 2013 10:18 pm
by THG
Add a feature to the dhcp server that makes it possible to change the default gateway for static leases.
you need to set static IP address for that lease and add /32 network for that address with necessary gateway
Okay, I saw that it is indeed possible to add another gateway in RouterOS version 6. Too bad that I can't upgrade right now until a few other issues has been resolved in the latest release.

Re: Feature requests

Posted: Tue Jun 04, 2013 12:57 am
by luqasz
loopback interface address assignment.
[admin@Mikrotik] > ping 127.0.0.1 count=2
HOST                                     SIZE TTL TIME  STATUS                                                                                                         
127.0.0.1                                  56  64 6ms  
127.0.0.1                                  56  64 5ms  
    sent=2 received=2 packet-loss=0% min-rtt=5ms avg-rtt=5ms max-rtt=6ms 
HOST                                     SIZE TTL TIME  STATUS            
you can ping it but can not add more addresses. only solution is to add a dummy bridge interface.

Re: Feature requests

Posted: Tue Jun 04, 2013 1:01 am
by luqasz
swap mrtg with rrd
it will be possible to specify different time ranges when viewing history
also posiibility todownload rrd files for some other possibilities.

Re: Feature requests

Posted: Tue Jun 04, 2013 1:07 am
by luqasz
considder this example. you monitor some interface. that interface is no longer present on the routeros. mrtg image url is then invalid.
error 404 should be putbut instead you get an image with text "ERROR: invalid id"
i considder this a bug. when using wget you will not be able to distinguish errors fro actual images.

Re: Feature requests

Posted: Tue Jun 04, 2013 1:13 am
by luqasz
source address selection with /tool fetch

Re: Feature requests

Posted: Tue Jun 04, 2013 1:23 am
by luqasz
"trigger" events.
example:
when an entry appears in /ip dhcp-server lease you could then launch a script passing internal *id as parameter and do some actions based on it.
add custom firewall rule etc.
i know this is a "BIG" feature request, but imagine the possibilities.

Re: Feature requests

Posted: Tue Jun 04, 2013 2:05 am
by luqasz
changing of firewall default policy

Re: Feature requests

Posted: Tue Jun 04, 2013 7:02 pm
by Chupaka
when an entry appears in /ip dhcp-server lease you could then launch a script passing internal *id as parameter and do some actions based on it.
add custom firewall rule etc.
i know this is a "BIG" feature request, but imagine the possibilities.
there's some undocumented feature :)
/ip dhcp-server set 0 lease-script=

Re: Feature requests

Posted: Tue Jun 04, 2013 8:51 pm
by luqasz
when an entry appears in /ip dhcp-server lease you could then launch a script passing internal *id as parameter and do some actions based on it.
add custom firewall rule etc.
i know this is a "BIG" feature request, but imagine the possibilities.
there's some undocumented feature :)
/ip dhcp-server set 0 lease-script=
1 why is it undocumented ?
2 you did not understand me clearly. i meant triggers not only in dhcp. in interfaces,ip addresses etc.

Re: Feature requests

Posted: Tue Jun 04, 2013 11:08 pm
by HaPe
when an entry appears in /ip dhcp-server lease you could then launch a script passing internal *id as parameter and do some actions based on it.
add custom firewall rule etc.
i know this is a "BIG" feature request, but imagine the possibilities.
there's some undocumented feature :)
/ip dhcp-server set 0 lease-script=
Wiki includes info about that. I wrote on the board about variables for lease-script, before it was published on wiki.
-
Feature requests:
  • switch function in scripts
  • running scripts with parameters(running with :global isn't sufficient)
PS Have you also have a proble with SQ in ros6? After reboot, ros lost stats for queues and for interfaces.

Re: Feature requests

Posted: Tue Dec 03, 2013 8:26 pm
by sashavl
I have basic request, but it can be very useful.

From time to time i wish i can hide "disabled" interfaces in winbox "Interface list" menu. I think this can be useful when working with new CCR switches and even 2011 RB's.

Thank you.

Re: Feature requests

Posted: Wed Dec 04, 2013 5:49 pm
by AndreaWGR
Hi, an other basic request:
I work for an ISP, we have to manage a very high number of mikrotik devices.
We have been using winbox.exe but in our situation looking for the correct device is becoming really frustrating...

Add a "search button" on winbox applicaton could help us..

Thank you!

Re: Feature requests

Posted: Wed Dec 04, 2013 5:52 pm
by AndreaWGR
Hi, an other basic request:
I work for an ISP, we have to manage a very high number of mikrotik devices.
We have been using winbox.exe but in our situation looking for the correct device is becoming really frustrating...

Add a "search button" on winbox applicaton could help us..

Thank you!

Re: Feature requests

Posted: Wed Dec 04, 2013 6:20 pm
by armandfumal
Xtables-Addons with GeoIP for Firewall
+1

Re: Feature requests

Posted: Thu Dec 05, 2013 7:39 am
by ste
Hi, an other basic request:
I work for an ISP, we have to manage a very high number of mikrotik devices.
We have been using winbox.exe but in our situation looking for the correct device is becoming really frustrating...

Add a "search button" on winbox applicaton could help us..

Thank you!
We use TheDude to manage MT Devices. Makes things much easier than using winbox alone.

Re: Feature requests

Posted: Thu Dec 05, 2013 11:15 am
by Chupaka
From time to time i wish i can hide "disabled" interfaces in winbox "Interface list" menu. I think this can be useful when working with new CCR switches and even 2011 RB's.
use 'Filter' button, 'Enabled' -> 'is' -> 'yes' :)

Re: Feature requests

Posted: Thu Dec 05, 2013 9:30 pm
by 23q
use 'Filter' button, 'Enabled' -> 'is' -> 'yes' :)
if you close the window, not saved\если закрыть окно -не сохраняется

Re: Feature requests

Posted: Sun Dec 08, 2013 10:41 pm
by FernandoSuperGG
Native support for Dynamic DNS updates?
Any decent router have support for it...

Re: Feature requests

Posted: Sun Dec 08, 2013 11:26 pm
by efaden
Does MT support Multiple DHCP Scopes and Multiple IP's on the LAN interface?
Or at least an on lease script call out for the dhcp client

Sent from my SCH-I545 using Tapatalk

Re: Feature requests

Posted: Mon Dec 09, 2013 2:10 am
by samsung172
Remove the new feture having scanlist listed as separate rows. If not, make a drag window button to make it possible to read all settings on a device have a lot of channels in scanlist. I use this as standard, and the wlan menu in 6.x just is wired

ros code

:global ifslink 5180,5750,5770,5790,5810,5830,5850,5870,5890
:global ifs5ghz 5390,5410,5430,5450,5470,5490,5510,5530,5550,5570,5590,5610,5630,5650,5670,5690,5180,5750,5770,5790,5810,5830,5850,5870,5890
:global ifs2ghz 2409,2429,2414,2434,2419,2439,2424,2444,2449,2469,2454,2474,2459,2479,2464,2484
(example have even more channels) But how do i configure this device in winbox? :)

Re: Feature requests

Posted: Mon Dec 09, 2013 1:36 pm
by janisk
please check how this works and then start to abuse it:
http://wiki.mikrotik.com/wiki/Manual:Wi ... d_Channels

here you can define channels list, and then use this as the value for channel list.

so create entries in '/interface wireless channel' with the same list set. In wireless configuration in scan-list set this up as list, or if you require as separate names if you do not want to use whole list.

Re: AW: Feature requests

Posted: Mon Dec 09, 2013 2:09 pm
by ste
Channel List does not respect local regulations. There is no way to limit power.

Re: Feature requests

Posted: Sat Jan 04, 2014 1:29 am
by FernandoSuperGG
I can't understand why all decent routers I have met in my life can update DDNS/No-IP hosts and with MikroTik I need to rely on scripting to do this.

Re: Feature requests

Posted: Mon Jan 06, 2014 4:02 pm
by andriys
I can't understand why all decent routers I have met in my life
You mean SOHO routers? RouterOS is in no way a SOHO software, even despite the fact that quite a few of Mikrotik routers are targeting SOHO market.

And, by the way, what Dyn DNS protocol do you want Mikrotik guys to implement?
I doubt you're referring to RFC2136, and HTTP-based protocols used by dyndns.com and similar services are
a) in no way standardized,
b) proprietary by their nature,
c) easily scriptable.

And what's wrong with the script approach after all?

Re: Feature requests

Posted: Thu Jan 09, 2014 11:48 am
by Djlobster
Good day,I have mikrotik rb750gl with the OpenVPN server and the telephone Galaxy Note 3 with OpenVPN Client (https://play.google.com/store/apps/deta ... eb.openvpn)
't associate these 2 devices on the VPN so I was told that in Mikrotik old libraries Opensll --- I have firmware V6.7 -- I was told that this firmware Openssl 0.9.8 --it's 2005,and today already have Openssl 1.0.1, --- and Android does not understand the old libraries of Openssl ))) please tell me what should I do??? and why in the new firmware de add new Openssl library ? thanks in advance!

Re: Feature requests

Posted: Fri Jan 31, 2014 6:57 pm
by 23q

Re: Feature requests

Posted: Mon Feb 03, 2014 8:48 pm
by JanezFord
UPS package should be refreshed with more options ... event reporting (mail) would be nice and also possibility to share ups status with other routerboards (and linux boxes running for example apcupsd) over the network so all units could be safely shutdown in case of ups battery exhaustion. After power restoration WOL commands could be issued and so on ...

JF

Re: Feature requests

Posted: Mon Feb 03, 2014 8:54 pm
by saaremaa

Re: Feature requests

Posted: Tue Feb 04, 2014 3:49 am
by otgooneo
MT please please. We need more queue options in PPP profile. For example we need different values in max-limit and limit-at. When using Radius for AAA, now dynamic simple queues create with same value at limit-at. It restricts us to do some QoS and it fights off RouterOS`s powerful, intelligent queue features.

Re: Feature requests

Posted: Wed Feb 05, 2014 12:57 pm
by rajo
Please add bidirectional PIM support

It would be great if MikroTik would support bidirectional PIM, as we deploy for our 2-way radio over IP networks. As is, when sending multicast traffic back to the original sender (i.e. the receiver is also a sender) we get RouterOS complaining that it has no RP for the reverse path.

This is one issue that might drive us towards Cisco; however, I would prefer not going with a Cisco solution because power can be an issue at some remote mountain top sites where a small MikroTik router would otherwise be better suited.

Re: Feature requests

Posted: Tue Feb 11, 2014 4:25 pm
by lavv17
MT please please. We need more queue options in PPP profile. For example we need different values in max-limit and limit-at. When using Radius for AAA, now dynamic simple queues create with same value at limit-at. It restricts us to do some QoS and it fights off RouterOS`s powerful, intelligent queue features.
I uphold this. I also need in ppp profile an option to specify default packet-marks for simple queue.

Re: Feature requests

Posted: Mon Feb 17, 2014 9:43 pm
by nickjail
UPS package should be refreshed with more options ... event reporting (mail) would be nice and also possibility to share ups status with other routerboards (and linux boxes running for example apcupsd) over the network so all units could be safely shutdown in case of ups battery exhaustion. After power restoration WOL commands could be issued and so on ...

JF
+1

Re: Feature requests

Posted: Wed Feb 19, 2014 3:58 pm
by johjoh
If possible, in the future release of ROS would be great if there are the ability to turn off all leds on all RouterBoard.
I have a RB2011UiAS-2HnD-IN and seem Christmas, by night there is a lot of brightness!

Thank you

Re: Feature requests

Posted: Wed Feb 19, 2014 7:33 pm
by luqasz
why this wiki pade have been removed ?