Posted by jpluimers on 2017/08/28
Example:
/ip firewall filter export file=ip-firewall-filter.rsc
This exports the Filters parts of the IP Firewall into a file named ip-firewall-filter.rsc in the user-space root of the Mikrotik router file system that you can access through the Files menu entry in WinBox or by external access through FTP or SFTP (SSH File Transfer Protocol).
–jeroen
via: exporting firewall config – MikroTik RouterOS
Posted in Development, Internet, MikroTik, Power User, RouterOS, routers, Scripting, Software Development | Leave a Comment »
Posted by jpluimers on 2017/08/22
The Cloud Router Switches support three types of mirroring. Port based mirroring can be applied to any of switch-chip ports, VLAN based mirroring works for all specified VLANs regardless switch-chip ports and MAC based mirroring copies traffic sent or received from specific device reachable from the port configured in Unicast Forwarding Database.
Port Based Mirroring
The first configuration sets ether5 port as a mirror0 analyzer port for both ingress and egress mirroring, mirrored traffic will be sent to this port. Port based ingress and egress mirroring is enabled from ether6 port.
/interface ethernet switch set ingress-mirror0=ether5 egress-mirror0=ether5 /interface ethernet switch port set ether6 ingress-mirror-to=mirror0 egress-mirror-to=mirror0
Source: Manual:CRS examples – MikroTik Wiki [WayBack]
This allows you to torch traffic from a specific port despite that port being grouped to a master-port.
Via: Torch not working with CRS226-24G-2S+ – MikroTik RouterOS [WayBack]
But, when using Bridge, all ports share a single 1 gbps link to the CPU, so your layer 2 performance will suffer horribly.
If you need to see all the traffic from a single port when using Master/slave port configuration, use port mirroring.
–jeroen
Posted in Development, Internet, MikroTik, Power User, RouterOS, routers, Scripting, Software Development | Leave a Comment »
Posted by jpluimers on 2017/08/22
Found out about this a while ago:
MAC-Telnet – Open source MAC Telnet client and server for connecting to Microtik RouterOS routers and Posix machines via MAC address.
Source: haakonnessjoen/MAC-Telnet: Open source MAC Telnet client and server for connecting to Microtik RouterOS routers and Posix machines via MAC address. [Fork]
Background:
Earlier, I wrote about a Wireshark plugin for dissecting Mac-Telnet packets. Now I have created an open source application for connecting to a RouterOS router.
Source: RouterOS Mac-Telnet application for Linux users | Håkon Nessjøen [WayBack]
My previous post was about RouterOS Mac-Telnet application for Linux users where I talked about the MAC-Telnet client I created for Linux users.
Source: MAC-address based Telnet server in Linux | Håkon Nessjøen [WayBack]
–jeroen
Posted in C, Development, Internet, MikroTik, Power User, routers, Software Development | Leave a Comment »
Posted by jpluimers on 2017/08/14
Just in case you see UDP port 5678 in the firewall log of your MikroTik device: it’s usage of the MikroTik Neighbor Discovery Protocol (MNDP) [WayBack] protocol.
You can either block Neighbour Discovery [WayBack] in the firewall or turn it off on the MikroTik Services [WayBack] or inspect any of these protocols:
Posted in Hardware, Internet, MikroTik, Network-and-equipment, Power User, routers, WinBox | Leave a Comment »
Posted by jpluimers on 2017/07/27
Some links that were useful getting the SMS sending stuff to work.
The documentation is clear on what to do to send/receive SMS:
But it is unclear what USB hardware does work, so here are some links:
You can also do it the other way around:
–jeroen
Posted in Development, Internet, MikroTik, Power User, RouterOS, routers, Scripting, Software Development | Leave a Comment »
Posted by jpluimers on 2017/07/26
Though the Mikrotik people seem reluctant to make the font size in Winbox configurable, if you run it through WineBottler on OS X, you can scale the individual app. It’s not very pretty but makes it easier to use.
The trick is based on the Windows DPI font settings explained for instance at DPI Display Size Settings – Change – Windows 7 Help Forums and Large Fonts in Registry: Where Exactly? | PC Review but then in Wine.
For Windows, this is a system wide setting, but on a WineBottler application there is one “Windows environment” per application, so it’s application specific and should work for other applications than WinBox as well.
It makes it much easier to do script editing now.
Steps I performed:
Posted in Development, Hardware, Internet, MikroTik, Network-and-equipment, Power User, RouterOS, routers, Scripting, Software Development, WinBox | Leave a Comment »
Posted by jpluimers on 2017/07/19
I’ve not tracked down the cause yet, but these seem to be related:
I’ve “fixed” 4. by doing this as recommended at osx – Copy and Cut sometimes don’t work – Ask Different:
Posted in *nix, *nix-tools, Apple, atom editor, Hardware, iMac, Internet, Mac, Mac OS X / OS X / MacOS, MacBook, MacBook Retina, MacBook-Air, MacBook-Pro, MikroTik, Network-and-equipment, OS X 10.10 Yosemite, OS X 10.11 El Capitan, OS X 10.9 Mavericks, Power User, routers, Text Editors, tmux, WinBox | 4 Comments »
Posted by jpluimers on 2017/07/18
Earlier, I wrote “:for loops are a strange beast so I will elaborate on those in a separate post.” so now is the time to do that.
The :for loop documentation is very dense:
Command Syntax Description for :for <var> from=<int> to=<int> step=<int> do={ <commands> }execute commands over a given number of iterations
So a for loop has these elements:
Luckily, the old RouterOS 2.7 documentation on loops (which they’ve revamped after Router OS 2.7 removing many useful examples) has this:
:for – It has one unnamed argument, the name of the loop variable. from argument is the starting value for the loop counter, tovalue is the final value. This command counts loop variable up or down starting at from and ending with to, inclusive, and for each value it executes the do statement. It is possible to change the increment from the default 1 (or -1), by specifying the stepargument.
[admin@MikroTik] > :for i from=1 to=100 step=37 do={:put ($i . " - " . 1000/$i)} 1 - 1000 38 - 26 75 - 13 [admin@MikroTik] >
You might think that from= the start value, to= the finish value and the loop won’t execute when step= a positive value and from= larger than to=. Or that without a step= the loop will always iterate in ascending order.
Wrong! And wrong!
So it’s time for some…
Posted in Development, Internet, MikroTik, Power User, RouterOS, routers, Scripting, Software Development | Leave a Comment »
Posted by jpluimers on 2017/07/10
Don’t abuse: 3.6 GIG – Public-Mikrotik-Bandwidth-Test-Server – MikroTik RouterOS [WayBack]
Primary btest server (for short high speed bursts):
Posted in Hardware, Internet, MikroTik, Network-and-equipment, Power User, routers, WinBox | 6 Comments »
Posted by jpluimers on 2017/07/05
Thanks to ZeroByte answering at [Answered] Where are ip firewall address-list timeout values documented – MikroTik RouterOS [WayBack] which I edited a bit here:
I haven’t seen anything specific to the format of these time tokens, but the firewall add-to-address-list timeout is documented here:
http://wiki.mikrotik.com/wiki/Manual:IP … Properties…It seems to take the same format as any other similar duration-related input I’ve encountered:
- a raw number is interpreted as seconds
You can specify a number as another duration with tokens:
- s = seconds (default)
- m = minutes
- h = hours
- d = days
- w = weeks
A few aspects:
- Tokens can combine be in any order
- Whitespace is ignored
So these are all valid:
2s 2h 2w
1w2d3h4m5s
5s4m3h2d1w
- Days and weeks just get added together. If you specify 1w8d, this is the same as 2w1d
- The last value specified may be in h:m:s format or in h:m (omit seconds)
- Interestingly, if you mix and match, they just get added:
- “1d 2h 12:30” -> “1d 14:30:00”
- Values larger than 536870911 seconds are stored and tracked but when displayed show as 0sec.
(248 days, 13:13:55)- The maximum value is 4294967295 seconds (which is the maximum 32-bit value)
This decodes to: 7101w3d6h28m15s as the largest value….
(7101 weeks is ~136 years counting for leap years, by the way)
–jeroen
Posted in Development, Internet, MikroTik, Power User, RouterOS, routers, Scripting, Software Development | Leave a Comment »
The Wiert Corner - irregular stream of stuff 