Hi,
does anyone how works activity? On one router I can see activities and on another I can not see any activity, How to allow to see actiity?
/ip kid-control
add fri=0s-1d mon=0s-1d name=any sat=0s-1d sun=0s-1d thu=0s-1d tue=0s-1d wed=0s-1d
In the kid control there is default name system -dummy I did not create this I have it on both routers.Hardware offload or fasttrack do not show any on kid control.
The second router is inside same network or is on another house?
# oct/30/2022 21:36:28 by RouterOS 7.6
# software id = D7SA-MDTW
#
# model = RBD53iG-5HacD2HnD
# serial number =
/disk
set usb1-part1 name=disk3
/interface bridge
add admin-mac=2C:C8 auto-mac=no comment=defconf name=bridge
/interface ethernet
set [ find default-name=ether1 ] mac-address=04:
set [ find default-name=ether5 ] poe-out=off
/interface wifiwave2
set [ find default-name=wifi1 ] channel.band=2ghz-n .width=20mhz \
configuration.mode=ap .ssid=MATRIX .tx-power=40 disabled=no mtu=1500 \
name=MATRIX security.authentication-types=wpa-psk,wpa2-psk .ft=yes \
.ft-over-ds=yes .group-encryption=tkip .management-protection=allowed
set [ find default-name=wifi2 ] channel.band=5ghz-ac .frequency="" \
.secondary-frequency="" .skip-dfs-channels=all .width=20/40/80mhz \
configuration.country=Czech .mode=ap .ssid=MATRIX disabled=no mtu=1500 \
name="MATRIX 5G" security.authentication-types=wpa-psk,wpa2-psk \
.encryption="" .ft=yes .ft-over-ds=yes .management-protection=allowed
/interface wireguard
add disabled=yes listen-port=22 mtu=1420 name=wireguard1
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface lte apn
set [ find default=yes ] ip-type=ipv4 use-network-apn=no
/interface wifiwave2 security
add authentication-types=wpa-psk,wpa2-psk ft=yes management-protection=\
allowed name=sec1
/ip kid-control
add fri=0s-1d mon=0s-1d name=any sat=0s-1d sun=0s-1d thu=0s-1d tue=0s-1d wed=\
0s-1d
/ip pool
add name=pool1 ranges=192.168.1.10-192.168.1.254
/ip dhcp-server
add address-pool=pool1 interface=bridge lease-time=4w2d23h59m name=defconf
/queue type
add cake-ack-filter=filter cake-diffserv=besteffort cake-nat=yes kind=cake \
name=CAKE
/queue simple
add bucket-size=0.001/0.001 limit-at=100M/22M max-limit=300M/22M name=Cake \
queue=CAKE/CAKE target=ether1 total-queue=CAKE
/routing bgp template
set default disabled=no output.network=bgp-networks
/routing ospf instance
add disabled=yes name=default-v2
/routing ospf area
add disabled=yes instance=default-v2 name=backbone-v2
/zerotier
set zt1 comment="ZeroTier Central controller - https://my.zerotier.com/" \
identity="" name=zt1 \
port=9993
/zerotier interface
add instance=zt1 name=zerotier1 network=35c192ce9bdf2969
/interface bridge port
add bridge=bridge comment=defconf ingress-filtering=no interface=ether3
add bridge=bridge comment=defconf ingress-filtering=no interface=ether4
add bridge=bridge comment=defconf ingress-filtering=no interface=ether5
add bridge=bridge ingress-filtering=no interface=ether2
add bridge=bridge interface="MATRIX 5G"
add bridge=bridge interface=MATRIX
add bridge=bridge interface=*10
add bridge=bridge interface=*11
/ip neighbor discovery-settings
set discover-interface-list=all lldp-med-net-policy-vlan=1
/ipv6 settings
set disable-ipv6=yes max-neighbor-entries=8192
/interface detect-internet
set detect-interface-list=all
/interface list member
add comment=defconf interface=bridge list=LAN
add comment=defconf interface=ether1 list=WAN
add interface=wireguard1 list=LAN
/interface ovpn-server server
set auth=sha1,md5
/interface wireguard peers
add allowed-address=
/ip address
add address=192.168.1.1/24 comment=defconf interface=bridge network=\
192.168.1.0
add address=10.255.255.2/30 interface=wireguard1 network=10.255.255.0
/ip dhcp-client
add default-route-distance=2 interface=ether1 use-peer-dns=no
/ip dhcp-server lease
add address=192.168.1.11 client-id=1:24:5e:be:48:ae:c4 comment=QNAP \
mac-address=24:5E:BE:48:AE:C4 server=defconf
add address=192.168.1.12 client-id=1:d4:b7:61:6c:95:bd comment=Kamera \
mac-address=D4:B7:61:6C:95:BD server=defconf
add address=192.168.1.19 client-id=1:4c:2:20:64:56:51 comment="Asi Verka" \
mac-address=4C:02:20:64:56:51 server=defconf
add address=192.168.1.20 client-id=1:3a:e1:f3:4c:3b:45 comment=iPhone \
mac-address=3A:E1:F3:4C:3B:45 server=defconf
add address=192.168.1.17 client-id=1:b0:e4:d5:b9:7c:cc mac-address=\
B0:E4:D5:B9:7C:CC server=defconf
add address=192.168.1.13 mac-address=54:48:E6:29:CE:FE server=defconf
add address=192.168.1.21 mac-address=54:48:E6:41:36:0A server=defconf
add address=192.168.1.15 client-id=1:6c:88:14:65:29:5c mac-address=\
6C:88:14:65:29:5C server=defconf
add address=192.168.1.22 client-id=1:64:bc:58:ec:82:59 comment="HR notebook" \
mac-address=64:BC:58:EC:82:59 server=defconf
add address=192.168.1.10 client-id=1:fc:3:9f:2:98:5e comment="Samsung TV" \
mac-address=FC:03:9F:02:98:5E server=defconf
add address=192.168.1.14 client-id=1:c8:e2:65:45:78:a6 mac-address=\
C8:E2:65:45:78:A6 server=defconf
add address=192.168.1.23 client-id=1:84:c5:a6:9c:21:bf mac-address=\
84:C5:A6:9C:21:BF server=defconf
add address=192.168.1.25 client-id=1:d4:86:60:32:6b:18 comment="LG TV" \
mac-address=D4:86:60:32:6B:18 server=defconf
add address=192.168.1.35 client-id=1:1c:69:7a:68:a5:4d mac-address=\
1C:69:7A:68:A5:4D server=defconf
add address=192.168.1.36 client-id=1:dc:a6:32:a1:d0:17 mac-address=\
DC:A6:32:A1:D0:17 server=defconf
add address=192.168.1.16 client-id=1:6e:ff:20:ee:7b:f0 comment=OnePlus9 \
mac-address=6E:FF:20:EE:7B:F0 server=defconf
add address=192.168.1.24 client-id=1:c2:dd:5d:f:9b:c6 comment=Verka \
mac-address=C2:DD:5D:0F:9B:C6 server=defconf
/ip dhcp-server network
add address=192.168.1.0/24 comment=defconf dns-server=8.8.8.8 gateway=\
192.168.1.1
/ip dns
set allow-remote-requests=yes servers=8.8.8.8,1.1.1.1
/ip dns static
add address=192.168.88.1 comment=defconf name=router.lan
/ip firewall filter
add action=jump chain=forward comment="jump to kid-control rules" \
jump-target=kid-control
add action=drop chain=forward comment="HWC-P120 Adamek" disabled=yes \
src-address=192.168.1.12
add action=accept chain=input dst-port=22 protocol=udp src-address=\
185.5.225.240 src-port=""
add action=accept chain=forward in-interface=zerotier1
add action=accept chain=input in-interface=zerotier1
add action=accept chain=input comment=\
"defconf: accept established,related,untracked" connection-state=\
established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=\
invalid
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=accept chain=input comment=\
"defconf: accept to local loopback (for CAPsMAN)" disabled=yes \
dst-address=127.0.0.1
add action=drop chain=input comment="defconf: drop all not coming from LAN" \
in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept in ipsec policy" \
ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" \
ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
connection-state=established,related disabled=yes hw-offload=yes
add action=accept chain=forward comment=\
"defconf: accept established,related, untracked" connection-state=\
established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" \
connection-state=invalid
add action=drop chain=forward comment=\
"defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
connection-state=new in-interface-list=WAN
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" \
ipsec-policy=out,none out-interface-list=WAN
/ip kid-control device
add mac-address=54:48:E6:29:CE:FE name=device1 user=*3
add mac-address=54:48:E6:41:36:0A name=device2 user=*4
/ip route
add disabled=no dst-address=10.1.168.0/24 gateway=wireguard1 routing-table=\
main suppress-hw-offload=no
/ip smb
set domain=workgroup
/ip smb shares
add directory=/disk1 name=share1
/ip upnp
set show-dummy-rule=no
/snmp
set enabled=yes
/system clock
set time-zone-name=Europe/Prague
/system identity
set name=TAPAC3
/system logging
add disabled=yes topics=wireguard
/tool graphing interface
add
/tool graphing resource
add
/tool mac-server
set allowed-interface-list=LAN
/tool mac-server mac-winbox
set allowed-interface-list=LAN
/tool netwatch
add disabled=no down-script=":log error \"Ping to 8.8.8.8 LOST\"" host=\
8.8.8.8 interval=1m timeout=100ms type=simple up-script=\
":log error \"Ping to 8.8.8.8 OK\""
/tool romon
set enabled=yes
Hello Rextended,All novels, no /export
add action=jump chain=forward comment="jump to kid-control rules" jump-target=kid-control
That should not matter... remember it is called "jump" but it actually is "call". When there are no rules in that chain the default is to return to the next statement.This firewall rule tells that it should jump to kid-control chain, but I do not see any rules with chain=kid-control