No, this is not a bug. Why do you think so?

I see no reason for each topic to write a rule. If for example I have two remote syslog servers.

Rules: topics=info,error,critical,system,event,warning,script,wireless,dhcp,ipsec prefix="" action=remote A message has to contain all topics to match. That's an impossible combination, even info and error are exclusive to each other. Try this: /system logging add action=remote topics=inf...

When I test with telnet. Connecting to the syslog port (514). the server answers me. even makes an entry in the event log. And also on tcpdump the incoming traffic is visible

You need to add into firewall on "output" chain an ACCEPT for traffic to your IP of syslog server ... Thank. But the OUTPUT table. This refers to outgoing traffic from the server. In this case, syslog. In Syslog server empty firewall and default policy is ACCEPT From Mikrotik to LAN defau...

Good day! There is a small network. One broadcast domain without vlan. There is a log collector. but Mikrotik intensely refuses to send him. There is no firewall on the collector Actions: /system logging action print name="rsyslog" target=remote remote=192.168.50.5 remote-port=514 src-addr...

Good afternoon. Interested in the following question: Install RouterOS without netinstall. The problem is that after accessing TFTP, it searches for vmlinuz, and repacking does not give anything

Winbox is not suitable for me, I am a Linux user, and wine is not very fond of. So why don't you use ssh to access routers? mactelnet has one single function which ssh doesn't: connectivity over MAC, which comes handy when IP setup gets south. But hopefully that's not very often and I (being a linu...

Thanks for the link. BUT it was these sources that I installed. Winbox is not suitable for me, I am a Linux user, and wine is not very fond of.

Good afternoon! Faced a problem. installed mactelnet-client. I see routers and switches. But I can’t connect. For winbox, everything works. But the console is not. I tried both for Ubuntu and CentOS and install from source

I understand. But can you do without an intermediary?

Good day! There is a problem in the absence of passing variables to winbox. I registered the following in the registry Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\winbox] "URL Protocol"="" @="URL: winbox Protocol" "BrowserFlags"=dword:00000008 &quo...

Bounding ether1,ether2 - > ESW1 ether3,ether4 -> ESW2 /interface bonding print Flags: X - disabled, R - running 0 R name="bond0" mtu=1500 mac-address=0C:D5:71:14:98:00 arp=enabled arp-timeout=auto slaves=ether1,ether2 mode=802.3ad primary=none link-monitoring=mii arp-interval=100ms arp-ip-...

Good evening, Colleagues! There is such a scheme Two switches are included in the router like bounding(802ad). United in the bridge. In bridge 4 vlans
and working perfect. But if I add ether(on router) to bridge PC don't work. Paid I added.

Create group in address list and move customers(who not pay) to this group. In firewall do "redirect" to you web-server with message "Pay for services" .

Problem solved. The switch was bought. Connected with a bonding interface and created a trunk.

Connection is up? Or look on forward chain. from L2tp network to lan network

masquerade is a special case of src-nat. you can bind two addresses to the external interface. in one to make the Internet for users and for the second to make nat 1: 1

If you really need to release directly Mysql. I would recommend the use of certificates, and write a script. Who will look into the events. And with a large number of authorizations, send a mikrotik to the block list. Ideal: to exclude direct access and use VPN. p.s. : If you need hardcore. Install ...

Good afternoon! Prompt. How to create two trunks on a router with the same vlans ?
RouterOS

How you are configuring firewall and openvpn? In you rules use ipsec?

Hi! I'm use fail2ban and script. Script add in mikrotik bloked address list. for which to open the database server to the world ?

Good evening! For my Internet provider, I use the following configuration: /routing igmp-proxy set quick-leave=yes /routing igmp-proxy interface add alternative-subnets=0.0.0.0/0 (<-if you don't know subnets for upstream) interface=WAN upstream=yes add interface=LAN PS: Sorry, my language skills not...

https exist, you can not inspect https traffic without hack all devices connected on the local network..

transparent certificate replacement

Do you use a web-proxy on mikrotik or a third-party server?