Community discussions

MikroTik App
 
kidjake28
just joined
Topic Author
Posts: 20
Joined: Tue Oct 31, 2017 6:30 pm

Can't launch script from Netwatch

Mon Apr 23, 2018 8:57 pm

I posted this is General forum but think its more appropriate here:

I have this in my Down option:
log warning "VPN Connection is down.";
log warning "Running NoVpnReboot script.";
:beep length=1400ms frequency=900;
/system script run NoVpnReboot
Everything runs EXCEPT for the /system script run NoVpnReboot
The script does work when I run it from the terminal?


I'm running 6.42.1 RouterOS?

Any help really appreciated.
 
eehan
just joined
Posts: 10
Joined: Fri Aug 18, 2006 2:45 am

Re: Can't launch script from Netwatch

Tue Apr 24, 2018 3:40 am

It might be something to do with this:

What's new in 6.42 (2018-Apr-13 11:03):
netwatch - limit to read, write, test and reboot policies for Netwatch script execution;

I have just upgraded my router to v6.42.1 (due to the latest in a growing list of very troubling security flaws, thanks Mikrotik).
Netwatch was working fine until then. I find that I can still put an entry in a log file using Netwatch, but I cannot change a variable from a Netwatch script.

So I am guessing the issue is to do with permissions. I have no idea if these can be changed. I have not found a handle for it yet, if indeed this is the issue.

Perhaps someone else can enlighten us.
Last edited by eehan on Tue Apr 24, 2018 5:48 am, edited 1 time in total.
 
eehan
just joined
Posts: 10
Joined: Fri Aug 18, 2006 2:45 am

Re: Can't launch script from Netwatch

Tue Apr 24, 2018 3:54 am

OK so in your particular issue, not being able to call a script, if you go to the script itself and uncheck all policy options with the exception of read, write, test and reboot, you should be able to call the script (it worked for me).

Assuming of course you script does not require other policy options to function correctly.
 
eehan
just joined
Posts: 10
Joined: Fri Aug 18, 2006 2:45 am

Re: Can't launch script from Netwatch

Tue Apr 24, 2018 4:11 am

So my issue is still not resolved:

I am no longer able to change the value of a global variable from within Netwatch.

If I create a script to change the global variable, and call that from Netwatch, the global variable will not change unless the policy option "policy" is checked for the script.
I verified this by a manual run of the script.

Since Netwatch can now only call scripts that have (at most) policies "read", "write", "test" and "reboot" - the script will not call when I check the "policy" option, as is seemingly required in order to modify a global variable.

Intuitively I would have figured that the "write" option would be enough to allow us to change a global variable. However it is the "policy" option that appears to allow us to do this. Not sure if it has always been this way, or if it is a bug.

Anyhow it appears that the usefulness of Netwatch is somewhat limited moving forward.
 
heydude
newbie
Posts: 26
Joined: Wed Dec 02, 2015 4:53 pm
Location: CH

Re: Can't launch script from Netwatch

Tue Apr 24, 2018 12:51 pm

I have the same issue with netwatch on v6.42.1 (current).

Not able to write global variables by netwatch up or down event and scripts will not be launched.
 
kidjake28
just joined
Topic Author
Posts: 20
Joined: Tue Oct 31, 2017 6:30 pm

Re: Can't launch script from Netwatch

Tue Apr 24, 2018 2:39 pm

Thanks very much for he reply. I wound up putting my script in the down section. It's not very large.

Is there a problem in doing that?
 
eehan
just joined
Posts: 10
Joined: Fri Aug 18, 2006 2:45 am

Re: Can't launch script from Netwatch

Tue Apr 24, 2018 2:54 pm

Yes you can put the entire scripts in the NetWatch Up/Down script windows.

However in my case - writing to a global variable - this ceased to work with the new software version no matter whether I put the function in the NetWatch script window, or I called a script with the function in it, as explained above.

So I guess it is just a matter of what you are doing in the script - as some script permissions (functions) seems to have been removed for NetWatch.
 
heydude
newbie
Posts: 26
Joined: Wed Dec 02, 2015 4:53 pm
Location: CH

Re: Can't launch script from Netwatch

Tue Apr 24, 2018 4:03 pm

The time for a workaround and rewriting all other script is too high and I am using the scheduler instead netwatch. Don't waiste time with netwatch!

Here the example for our case:
# check if server is up and run script
:global srvstat
:global srv
:if ([/ping $srv count=2 size=64] = 2) do={
		:global srvstat "up"
	} else={
		:global srvstat "down"}
:if ($srvstat = "up") do={
	:global lastsync
	:if ($lastsync = "") do={
		:global lastsync "60"}
	:if ($lastsync > 59) do={
			:global lastsync 0
			# launch script here
		} else={
			:global lastsync ($lastsync + 5)}
	} else={
		:global lastsync "60"}
Last edited by heydude on Tue Jul 24, 2018 8:34 am, edited 1 time in total.
 
mikrobot
just joined
Posts: 4
Joined: Wed Oct 19, 2016 12:36 pm

Re: Can't launch script from Netwatch

Thu May 03, 2018 8:39 pm

So my issue is still not resolved:

I am no longer able to change the value of a global variable from within Netwatch.

If I create a script to change the global variable, and call that from Netwatch, the global variable will not change unless the policy option "policy" is checked for the script.
I verified this by a manual run of the script.

Since Netwatch can now only call scripts that have (at most) policies "read", "write", "test" and "reboot" - the script will not call when I check the "policy" option, as is seemingly required in order to modify a global variable.

Intuitively I would have figured that the "write" option would be enough to allow us to change a global variable. However it is the "policy" option that appears to allow us to do this. Not sure if it has always been this way, or if it is a bug.

Anyhow it appears that the usefulness of Netwatch is somewhat limited moving forward.
Hi.
Following your method I got to have netwatch to execute the up and down scripts. As test I just wrote a line in the log and I checked both the run counter and the log. So fine.
Then I put some more lines in the same test scripts, and tried to run the command trying to execute a command, like /tool e-mail, it doesn't execute it and, moreover, doesn't execute nothing else before or after the command. This even happens just executing the script from Winbox or terminal.
So, probably the command execution inside the script itself is the problem, not only netwatch !
Is something you have seen in your tests?..
 
kidjake28
just joined
Topic Author
Posts: 20
Joined: Tue Oct 31, 2017 6:30 pm

Re: Can't launch script from Netwatch

Fri May 04, 2018 12:48 am

My script is just pinging a host and if no response rebooting.


Yes you can put the entire scripts in the NetWatch Up/Down script windows.

However in my case - writing to a global variable - this ceased to work with the new software version no matter whether I put the function in the NetWatch script window, or I called a script with the function in it, as explained above.

So I guess it is just a matter of what you are doing in the script - as some script permissions (functions) seems to have been removed for NetWatch.
 
d3m0
newbie
Posts: 34
Joined: Mon May 31, 2010 10:21 am

Re: Can't launch script from Netwatch

Mon Jul 23, 2018 10:48 pm

I'm in the same situation. Very dissapointing.... I have a lot of email scripts that didn't work neither.

I think this need a fix as soon as possible.
 
jo2jo
Forum Guru
Forum Guru
Posts: 1003
Joined: Fri May 26, 2006 1:25 am

Re: Can't launch script from Netwatch

Sun Jul 29, 2018 6:15 am

nothing to help yall with from me, but here is a relevant thread with more info on this same issue (i have alot of netwatch + script combos as well):
viewtopic.php?f=2&t=134538
 
wiltshra
newbie
Posts: 32
Joined: Mon Jul 23, 2012 5:51 am
Contact:

Re: Can't launch script from Netwatch

Tue Aug 21, 2018 8:36 am

OK so in your particular issue, not being able to call a script, if you go to the script itself and uncheck all policy options with the exception of read, write, test and reboot, you should be able to call the script (it worked for me).

Assuming of course you script does not require other policy options to function correctly.
That worked for me - awesome..
I thought I was going mad - how could they break such simple functionality?
 
NikolayM
just joined
Posts: 5
Joined: Wed Oct 03, 2018 10:30 am

Re: Can't launch script from Netwatch

Wed Nov 07, 2018 2:14 pm

Here is an example of my solution
viewtopic.php?f=2&t=141225&p=696692#p696692
 
User avatar
Deantwo
Member
Member
Posts: 331
Joined: Tue Sep 30, 2014 4:07 pm

Re: Can't launch script from Netwatch

Wed Apr 03, 2019 10:44 am

If you are using RouterOS 6.43.x, then you can simply use dont-require-permissions=yes.
See: viewtopic.php?f=2&t=134538#p720232

Who is online

Users browsing this forum: No registered users and 22 guests