Community discussions

MikroTik App

Search found 120 matches

by tplecko
Sun Oct 24, 2021 11:50 am
Forum: General
Topic: v6.49 wrong input firewall rule order execution
Replies: 2
Views: 584

Re: v6.49 wrong input firewall rule order execution

Thanks.
Works now.

I didn't expect that this would have to be explicitly set.
by tplecko
Sun Oct 24, 2021 12:19 am
Forum: General
Topic: v6.49 wrong input firewall rule order execution
Replies: 2
Views: 584

v6.49 wrong input firewall rule order execution

When having rules: add action=accept chain=input comment="Allow A.B.C.D" log=yes src-address=A.B.C.D add action=drop chain=input comment="Drop all" disabled=yes in-interface=internet router cannot resolve DNS (located at the A.B.C.D address): resolve domain-name="fqdn" ...
by tplecko
Wed Oct 13, 2021 11:45 am
Forum: RouterBOARD hardware
Topic: Randomly unavailable RB4011iGS+
Replies: 4
Views: 2090

Re: Randomly unavailable RB4011iGS+

Please see attached.

Thank you
by tplecko
Wed Oct 13, 2021 8:43 am
Forum: RouterBOARD hardware
Topic: Randomly unavailable RB4011iGS+
Replies: 4
Views: 2090

Re: Randomly unavailable RB4011iGS+

How often is the Router unresponsive? Yesterday, on two occasions. Power-Supply How is your device powered,DC jack or via PoE-IN? Original DC PSU that came with the device. I would export your RouterOS Lizenz and Config and reinstall aka. Netinstall the Router. Hm, I didn't try this. I figured that...
by tplecko
Tue Oct 12, 2021 1:28 pm
Forum: RouterBOARD hardware
Topic: Randomly unavailable RB4011iGS+
Replies: 4
Views: 2090

Randomly unavailable RB4011iGS+

Our office has one RB4011iGS+ device which becomes unresponsive at random times. During those times, CPU usage jumps to 10% - normally it is below 3% (approximation from graph image). No abnormal logs are visible (device is pushing all logs to a local syslog server) Only thing that helps is hard res...
by tplecko
Thu Jul 16, 2020 12:54 pm
Forum: General
Topic: Yet another RADIUS / NPS problem
Replies: 0
Views: 690

Yet another RADIUS / NPS problem

Hello everyone. No other RADIUS/NPS related posts helped, so I'm asking with my specific details I'm trying to allow AD users to connect to L2TP/IPSec (PSK) I have a MS server 2019 with AD. NPS service is located on DC. Testing the NPS with ntradping shows that the server is listening and responding...
by tplecko
Mon Dec 23, 2019 10:39 am
Forum: SwOS
Topic: Can SwOS be upgraded to RouterOS
Replies: 6
Views: 6878

Re: Can SwOS be upgraded to RouterOS

Fortunately, this wasn't a deal breaker for me.
by tplecko
Thu Jan 24, 2019 2:42 pm
Forum: SwOS
Topic: Can SwOS be upgraded to RouterOS
Replies: 6
Views: 6878

Re: Can SwOS be upgraded to RouterOS

that's what i get for not reading about the product before buying.
Thanks
by tplecko
Thu Jan 24, 2019 9:17 am
Forum: SwOS
Topic: Can SwOS be upgraded to RouterOS
Replies: 6
Views: 6878

Can SwOS be upgraded to RouterOS

I have a CSS326-24G, and one extra RouterOS license.
Can it be upgraded to RouterOS (and how)?
Will this void any warranty?
And most importantly, is there any recommendations against the upgrade?

Thanks
by tplecko
Sat Mar 12, 2016 11:47 pm
Forum: General
Topic: Feature Request: Run Script On PPPoE connect
Replies: 6
Views: 5325

Re: Feature Request: Run Script On PPPoE connect

I was hoping not to use a software on another machine..
by tplecko
Thu Mar 10, 2016 11:38 am
Forum: General
Topic: Feature Request: Run Script On PPPoE connect
Replies: 6
Views: 5325

Re: Feature Request: Run Script On PPPoE connect

Exceuse me, i can see how you would think that this would help. Let me elaborate: I would like to run a script (exactly as you stated) on-up and on-down, but when my PPPoE out connects or gets disconnected. I have a GSM modem and would like to send myself a SMS when the link drops, and a SMS with th...
by tplecko
Thu Mar 10, 2016 11:29 am
Forum: General
Topic: Feature Request: Add/remove static DNS record on DHCP lease bound/unbound
Replies: 4
Views: 2912

Re: Feature Request: Add/remove static DNS record on DHCP lease bound/unbound

As i said: When i run that line from the terminal and replace the variables with the specific values , i get the host name i expect. When the script runs - and i use the variables, the following happens: I can LOG the IP and MAC as expected - configming that the variables have correct values, but th...
by tplecko
Wed Mar 09, 2016 4:40 pm
Forum: General
Topic: Feature Request: Add/remove static DNS record on DHCP lease bound/unbound
Replies: 4
Views: 2912

Re: Feature Request: Add/remove static DNS record on DHCP lease bound/unbound

Tryed that, but I'm stuck at getting the hostname to match with the IP. the script eather runs too fast, or I am missing something. :if ($leaseBound = "1") do={ :local DhcpHostName "$[/ip dhcp-server lease get [find where active-mac-address=$leaseActMAC && active-address=$leas...
by tplecko
Wed Mar 09, 2016 4:01 pm
Forum: General
Topic: Feature Request: Run Script On PPPoE connect
Replies: 6
Views: 5325

Feature Request: Run Script On PPPoE connect

As the subject states...
by tplecko
Thu Sep 18, 2014 3:45 pm
Forum: General
Topic: RouterOS Upgrade fails because of the firewall
Replies: 0
Views: 687

RouterOS Upgrade fails because of the firewall

Mikrotik fails to upgrade. It resolves the URL but hangs on 'finding out latest version'
The process workf when all firewall rules are disabled.
What ports, protocols and ip addesses does it use?


thanks
by tplecko
Mon Jun 02, 2014 12:22 pm
Forum: Wireless Networking
Topic: Can't connect to single Virtual AP
Replies: 7
Views: 3316

Re: Can't connect to single Virtual AP

I have no explanation. Today, when i arrived here, my mobile phone has connected to the network in question.
I have changed the MAC addresses on all APs anyway.

Thanks for the suggestions, all!


Regards
by tplecko
Sat May 31, 2014 2:14 pm
Forum: Wireless Networking
Topic: Can't connect to single Virtual AP
Replies: 7
Views: 3316

Re: Can't connect to single Virtual AP

I don't have that luxury in this instance.
by tplecko
Fri May 30, 2014 10:15 am
Forum: Wireless Networking
Topic: Can't connect to single Virtual AP
Replies: 7
Views: 3316

Can't connect to single Virtual AP

I have RB 951-2n and have set up wireless as follows: ----wlan1 |---wlan2 |---wlan3 |---wlan4 each wlan has its own security profile (all clones from the same profile but with different passwords) i have 4 vlans and 4 bridges: bridge1 has members vlan1 and wlan1 bridge2 has members vlan2 and wlan2 b...
by tplecko
Thu May 29, 2014 2:01 pm
Forum: Scripting
Topic: Running a command (script) on firewall rule.
Replies: 3
Views: 2315

Running a command (script) on firewall rule.

I have several computers that go to standby after a short time. On local LAN, if someone tries to access the pcs, they wake and are accessible. However RDP is not capable of doing so, so I would like to use /tool wol when a new connection is being established on a specific port so the computer wakes...
by tplecko
Fri Sep 27, 2013 2:37 pm
Forum: General
Topic: http host header
Replies: 7
Views: 2163

Re: http host header

Thanks everybody for trying to help.
Apparently the error was my fast typing in combination of no thinking.
I created my virtual hosts as 127.0.0.1:80, so they worked locally and from the outside.

Now works fine when using *:80



Regards
by tplecko
Tue Sep 24, 2013 4:48 pm
Forum: General
Topic: http host header
Replies: 7
Views: 2163

Re: http host header

I don't get it... This should work as is...
by tplecko
Tue Sep 24, 2013 4:30 pm
Forum: General
Topic: http host header
Replies: 7
Views: 2163

Re: http host header

Yes
I have added '127.0.0.1 my.domain.com' to hosts file and virtual host works propperly
on another pc in the network, i have added '10.0.0.180 my.domain.com' to hosts file and virtual host works propperly

that's why i don't know what to do (and that's why i believe the problem is in the forwarding)
by tplecko
Tue Sep 24, 2013 4:16 pm
Forum: General
Topic: http host header
Replies: 7
Views: 2163

Re: http host header

First: best program ever - i was not aware that this exists.

Second: The host is what is to be expected

so... no luck for now.
by tplecko
Tue Sep 24, 2013 3:04 pm
Forum: General
Topic: http host header
Replies: 7
Views: 2163

http host header

From my perspective, this is a mikrotik problem. I have a wamp server with several virtual hosts. All of them work file when i test from within the network (i have created corresponding entries in the hosts file) however, when i try to access the site from outside (i use a simple single port dst-nat...
by tplecko
Tue Jan 29, 2013 7:11 pm
Forum: Scripting
Topic: Retrive and commit a script via API
Replies: 2
Views: 1375

Re: Retrive and commit a script via API

I asked before i teted because i know that there were some limitations before. I Have made a windows service that at midnight, every day connects to Mikrotik routers (specifyed in a XML file) and creates a backup of the configuration and then downloads that configuration. Now what i want to do is an...
by tplecko
Tue Jan 29, 2013 3:45 pm
Forum: Scripting
Topic: Retrive and commit a script via API
Replies: 2
Views: 1375

Retrive and commit a script via API

Is it possible to retrive a complete script via api? And then to save the script into the router (when it's modifyed)


thanks
by tplecko
Mon Jan 28, 2013 10:30 pm
Forum: General
Topic: Routing (NAT-ing?) PPTP clients to secondary internal router
Replies: 1
Views: 817

Routing (NAT-ing?) PPTP clients to secondary internal router

I have a problem as follows: router 'PHION' is out of my control and i cant modify its configuration. Its IP is 10.238.90.3 and it was the networks gateway (and all trafic was routed through its VPN and then to the internet). It is allso the only way to access the exchange server. i then added the r...
by tplecko
Wed Oct 31, 2012 10:30 am
Forum: Scripting
Topic: unclear about why this happens
Replies: 1
Views: 921

Re: unclear about why this happens

Anyone? I changed the script to: :local RemoteIP [ :resolve "my.dynamichostname.com" ] :for i from=( [:len $RemoteIP] - 1) to=0 do={ :if ( [:pick $RemoteIP $i] = "/") do={ :local RemoteIP [:pick $RemoteIP 0 $i] } } :local LocalIP [ :resolve "my.otherdynamichostname.com"...
by tplecko
Mon Oct 29, 2012 3:54 pm
Forum: Scripting
Topic: unclear about why this happens
Replies: 1
Views: 921

unclear about why this happens

This is part of the script :local RemoteIP [ :resolve "my.dynamichostname.com" ] :for i from=( [:len $RemoteIP] - 1) to=0 do={ :if ( [:pick $RemoteIP $i] = "/") do={ :local RemoteIP [:pick $RemoteIP 0 $i] } } :put $adslip :for i from=( [:len $adslip] - 1) to=0 do={ :if ( [ :pick ...
by tplecko
Sat Feb 11, 2012 11:42 am
Forum: General
Topic: X86 - very bad router performance after some time
Replies: 3
Views: 1477

X86 - very bad router performance after some time

After some time, i can no longer login to my router with winbox. Then after some time, i can no longer login to ssh. Durring the period i actually can login to ssh, i can't reboot the router - it just says: [admin@BL-LUCKO] > sys rebo Reboot, yes? [y/N]: y system will reboot shortly error - contact ...
by tplecko
Mon Oct 17, 2011 4:05 pm
Forum: Scripting
Topic: Reverse lookup IPs in script when DHCP and DNS are not on MT
Replies: 1
Views: 1307

Reverse lookup IPs in script when DHCP and DNS are not on MT

Hello all I have a network with DHCP and DNS server on a Windows 2003 server. On my MT box, i have a queue tree and each day at midnight, my script makes a list of IP's with data transfer information and sends it via e-mail. I need to resolve the hostname for each IP. Is there a way to do this? Thanks
by tplecko
Mon Jul 04, 2011 12:09 pm
Forum: General
Topic: Multiple gateways, multiple LANs and VPN
Replies: 8
Views: 4336

Re: Multiple gateways, multiple LANs and VPN

Sorry, read like an ass. :? Is user that need acces to Lan3 from Lan1 or Lan2? The user is somewhere out there. He is connecting to IP from ISP2 NAT: add action=masquerade chain=srcnat comment="Na internet" disabled=no out-interface=ISP1 add action=masquerade chain=srcnat comment="Na...
by tplecko
Sat Jul 02, 2011 11:32 am
Forum: General
Topic: Multiple gateways, multiple LANs and VPN
Replies: 8
Views: 4336

Re: Multiple gateways, multiple LANs and VPN

/ip firewall mangle add action=mark-routing chain=prerouting comment="TV+: Routing Mark" disabled=no new-routing-mark=TV+ passthrough=yes src-address=10.0.1.0/24 PPP Profiles: add change-tcp-mss=default local-address=10.0.0.1 name=Servis-Enc only-one=default remote-address=pool-Servis use...
by tplecko
Sat Jul 02, 2011 9:47 am
Forum: General
Topic: Multiple gateways, multiple LANs and VPN
Replies: 8
Views: 4336

Re: Multiple gateways, multiple LANs and VPN

all Lans can access the internet. Here is what i have: LAN 10.0.0.1/24 LAN 10.0.1.1/24 LAN 10.3.72.1/24 NAT: add action=masquerade chain=srcnat comment="Na internet" disabled=no out-interface=ISP1 add action=masquerade chain=srcnat comment="Na internet" disabled=no out-interface=...
by tplecko
Wed Jun 29, 2011 6:47 pm
Forum: General
Topic: Multiple gateways, multiple LANs and VPN
Replies: 8
Views: 4336

Multiple gateways, multiple LANs and VPN

I have a MT router with two ISPs and three LANs. LAN1 has internet access through ISP1 via default route LAN2 has internet access through ISP2 via route that checks for routing mark for LAN2 LAN3 has internet access through ISP2 via route that checks for routing mark for LAN3 I have multiple VPNs (P...
by tplecko
Sat Apr 30, 2011 12:57 pm
Forum: General
Topic: Give non-admins the right to turn on/off VPN users
Replies: 0
Views: 724

Give non-admins the right to turn on/off VPN users

If anyone is interested, this program allows you to give someone else the ability to enable and disable ppp/secrets... http://www.giganet.hr/index.php/besplatan-software/giganet-vpn-enabler (page is croatian but the program is extreamly simple - and free to use) Note that router password is not stor...
by tplecko
Wed Apr 27, 2011 3:37 pm
Forum: Scripting
Topic: why do i get an error here?
Replies: 13
Views: 2736

Re: why do i get an error here?

If anyone is interested: Queue tree is quite simple. For sorting purposes, names of items are IP addresses ending with 3 digit number (meaning 192.168.1.1 rule has name 192.168.1.001) This results in 3 for-loops since i check the name of queue items (i have an idea to fix this but am lazy to do it) ...
by tplecko
Wed Apr 27, 2011 2:39 pm
Forum: Scripting
Topic: why do i get an error here?
Replies: 13
Views: 2736

Re: why do i get an error here?

As i submited the post, i realized just that!
But i have just upgraded my ubuntu to 11.04 and crossover stopped working so testing this will wait until i fix my current problem!

Thanks for helping!
by tplecko
Wed Apr 27, 2011 2:26 pm
Forum: Scripting
Topic: why do i get an error here?
Replies: 13
Views: 2736

Re: why do i get an error here?

Regarding tplecko problem:
Does entries with addresses "192.168.1.1-192.168.1.9" exist in dhcp lease menu?
Not all IP addresses will exist. 1-5 are static, 6-9 are dynamic. currently 1,2,5,7,8 and 9 exist (but in dhcp lease list, i can see 1,2 and 5 as busy and with no hostname)
by tplecko
Wed Apr 27, 2011 2:08 pm
Forum: Scripting
Topic: why do i get an error here?
Replies: 13
Views: 2736

Re: why do i get an error here?

Here is the code: :global traf; :global megsu "0"; :global megsd "0"; :global resulter ""; :local logmsg; :local hname ""; /queue tree :for i from=1 to=9 do={ :set logmsg ""; :set megsd "0"; :set megsu "0"; :if ([/ip dhcp-server l...
by tplecko
Wed Apr 27, 2011 12:28 pm
Forum: Scripting
Topic: why do i get an error here?
Replies: 13
Views: 2736

Re: why do i get an error here?

tryed it before ... :set hname [/ip dhcp-server lease get [find address="192.168.1.$i"] host-name] ; interrupted no such item so i changed it to: :if ([/ip dhcp-server lease get [find address="192.168.1.$i"] host-name] = nil) do={ :set hname "none" } else={ :set hname [...
by tplecko
Wed Apr 27, 2011 12:07 pm
Forum: Scripting
Topic: why do i get an error here?
Replies: 13
Views: 2736

Re: why do i get an error here?

Same error
The line:
:set hname [ip dhcp-server lease get [ find address="192.168.1.$i" ] host-name ] ;

Error:
bad command name ip (line 13 column 25)



(cursor location indicator in the script editor would be very useful right about now :shock: )

BTW. version 5.1
by tplecko
Wed Apr 27, 2011 11:40 am
Forum: Scripting
Topic: why do i get an error here?
Replies: 13
Views: 2736

why do i get an error here?

:set hostname $[ip dhcp-server lease get [find address="192.168.1.$i"] host-name ];
I get an error here (red bold)

The script works if i remove the line completely (so there are no other errors and looping works fine. I just wanted to add hostnames in the report


Thanks
by tplecko
Tue Jan 25, 2011 12:46 pm
Forum: Scripting
Topic: Error sending e-mail <subj>: error connecting to server
Replies: 3
Views: 3016

Re: Error sending e-mail <subj>: error connecting to server

I am using 5.0rc7.
Thanks
by tplecko
Tue Jan 25, 2011 11:56 am
Forum: Scripting
Topic: Error sending e-mail <subj>: error connecting to server
Replies: 3
Views: 3016

Error sending e-mail <subj>: error connecting to server

I have several scripts that use the same code to send e-mail. Some work fine, and some report the error in subject of this thread. Does anyone have any idea why? From script that successfully sends an e-mail: /tool e-mail send body="$wlist" subject="Wireless/Hotspot" to="hid...
by tplecko
Thu Oct 28, 2010 4:13 pm
Forum: General
Topic: mikrotik - mikrotik => IPsec-SA expired
Replies: 0
Views: 1428

mikrotik - mikrotik => IPsec-SA expired

error in log on router 1(as soon as i try to ping router 2 - packet rejected) initiate new phase 2 negotiation none message must be encrypted none message must be encrypted none message must be encrypted 127.16.1.56 give up to get ipsec-sa due to time up to wait. ipsec-sa exipred: esp/tunnel 172.16....
by tplecko
Thu Oct 28, 2010 9:38 am
Forum: Scripting
Topic: Problem geting IP address (doesn't look like a script error)
Replies: 9
Views: 3090

Re: Problem geting IP address (doesn't look like a script er

All IPs are public and in the same range.

I use both src nat and dst nat here, because different services are hosted on different IP's.
But regular internet access is on the first IP in range and that's the one i would like to get back
by tplecko
Wed Oct 27, 2010 8:23 pm
Forum: General
Topic: L2TP IPsec not working (no reported errors)
Replies: 0
Views: 924

L2TP IPsec not working (no reported errors)

Why is this not working? Router 1 Setup: LAN IP 10.10.19.224 /ppp secret add caller-id="" comment="" disabled=no limit-bytes-in=0 limit-bytes-out=0 local-address=172.16.1.74 name=usr1 password=pwd1 profile=default remote-address=172.16.1.73 routes="" service=l2tp /ip ip...
by tplecko
Tue Oct 12, 2010 11:54 am
Forum: Scripting
Topic: Problem geting IP address (doesn't look like a script error)
Replies: 9
Views: 3090

Re: Problem geting IP address (doesn't look like a script er

Yeah the logging get's truncated if there's more output that the line can hold. Also, how do you determine what the "primary ip" is? You got me there... I guess the first one would be primary or the one wich is masqueraded?... Wich address is selected when the rule is this: chain=srcnat a...
by tplecko
Tue Oct 12, 2010 11:48 am
Forum: Scripting
Topic: Fetching a php file
Replies: 9
Views: 4770

Re: Fetching a php file

If I use a browser, I get a 404 error Not Found The requested URL /something.hr/mt/update.php was not found on this server. Apache/2.2.3 (Red Hat) Server at http://www.some.com Port 80 ADD: If you can, please put a simple index.html file in the /avatars directory with the tp-avatar.png. I can get y...
by tplecko
Mon Oct 11, 2010 1:34 pm
Forum: Scripting
Topic: Fetching a php file
Replies: 9
Views: 4770

Re: Fetching a php file

Wich version of ROS?

I now copypasted the code you wrote and the same thing. hangs and duration just goes on and on...
by tplecko
Mon Oct 11, 2010 11:45 am
Forum: Scripting
Topic: Fetching a php file
Replies: 9
Views: 4770

Re: Fetching a php file

Same thing happens
(in console it no longe prints commands, but from script, the same)
by tplecko
Mon Oct 11, 2010 11:37 am
Forum: Scripting
Topic: Fetching a php file
Replies: 9
Views: 4770

Re: Fetching a php file

It used to work but i accidentaly deleted the script 8-( If i enter the URL in a browser, i get exactly what i need. when i break the download (after waiting for a long time) i get the error 'no such item' could you try fetching this: /tool fetch address="www.giganet.hr" src-path="/av...
by tplecko
Mon Oct 11, 2010 11:21 am
Forum: Scripting
Topic: Problem geting IP address (doesn't look like a script error)
Replies: 9
Views: 3090

Re: Problem geting IP address (doesn't look like a script er

This: :global ifs [/ip address find interface="WAN"] :local ifips "" :foreach ifip in=$ifs do={ :if ( $ifips = "" ) do={:set ifips "$[/ip address get $ifip address]"} else {:set ifips "$ifips \n$[/ip address get $ifip address]"} } :log info ($ifips) ...
by tplecko
Mon Oct 11, 2010 10:59 am
Forum: Scripting
Topic: Problem geting IP address (doesn't look like a script error)
Replies: 9
Views: 3090

Re: Problem geting IP address (doesn't look like a script er

Stupid stupid stupid! I didn't even consider that i have 14 IPs on that interface (on both routers) Can you tell me then if there is a way to get the primary IP? In order to have a working NAT on all IPs, i have entered them like this: 10.0.0.1/28 10.0.0.2 10.0.0.3 10.0.0.4 10.0.0.5 ... ... Only the...
by tplecko
Sat Oct 09, 2010 6:23 pm
Forum: Scripting
Topic: Fetching a php file
Replies: 9
Views: 4770

Fetching a php file

Is there any reason why any of this would result in endless waiting (status changes to 'downloading' and then it just counts time) tool fetch url="http://www.some.com/something.hr/mt/update.php?u=1&p=b9fedbb1b5952500c58208097c808db1&d=7&i=0.0.0.0&s=x86&v=ver&t=yyyy-mm-dd...
by tplecko
Sat Oct 09, 2010 4:13 pm
Forum: Scripting
Topic: Problem geting IP address (doesn't look like a script error)
Replies: 9
Views: 3090

Problem geting IP address (doesn't look like a script error)

This works on routerboard :global ifip [ /ip address get [/ip address find interface=WAN ] address ] but not on x86 system on a pc (and on one Soekris board with the x86 version installed on it) it drops out with error: interrupted invalid internal item number Works fine on routerboard. The interfac...
by tplecko
Tue Jul 20, 2010 9:15 pm
Forum: Scripting
Topic: Neighbour Viewer (how to write my own?)
Replies: 3
Views: 1748

Re: Neighbour Viewer (how to write my own?)

Noted...


thanks!
by tplecko
Thu Jul 15, 2010 6:50 pm
Forum: Scripting
Topic: Neighbour Viewer (how to write my own?)
Replies: 3
Views: 1748

Neighbour Viewer (how to write my own?)

I need to implement detection tool (like Neighbour Viewer) in my application. Can it be done? and how? The idea is that the application (among other things) detects all routers on the segment so i can select the router to connect to, or add an ip address to connected interface if there is none. Rega...
by tplecko
Thu Jul 15, 2010 1:59 pm
Forum: General
Topic: Restricted user in winbox
Replies: 1
Views: 759

Restricted user in winbox

Is there a way to restrict an user so he has only the right to reboot the router and to restore the configuration from file (but not the right to upload the configuration)?
by tplecko
Fri May 28, 2010 7:05 pm
Forum: Scripting
Topic: Script to fight spam
Replies: 6
Views: 3760

Re: Script to fight spam

I know that i'm not realy answering your question, but, did you try to force your mail server to check the senders IP against a SPF record on the domains DNS server? Many servers can check SPF or CallerID (both basicly the same thing) and if records no not match the senders IP, mark them as spam. If...
by tplecko
Wed Oct 28, 2009 9:24 pm
Forum: General
Topic: v4.2 released
Replies: 33
Views: 12480

Re: v4.2 released

Just upgraded my 411u to 4.2.
On first reboot, it beeped 16 times (normally just 3 beeps)
second reboot was the same
third reboot was normal (3 beeps)
fourth reboot was 16 beeps again...

it appears to work ok. but should i be woried?

(it has 2 R52-350 cards pluged in...)
by tplecko
Wed Oct 14, 2009 5:23 pm
Forum: General
Topic: Invalid USB port after powerloss on 443U
Replies: 18
Views: 6486

Re: Invalid USB port after powerloss on 443U

I belive that ClarkKent would help you in this case.
it's here 8-)
by tplecko
Wed Oct 14, 2009 5:22 pm
Forum: General
Topic: Invalid USB port after powerloss on 443U
Replies: 18
Views: 6486

Re: Invalid USB port after powerloss on 443U

Great Stuff Thanks, Cloe Sullivan is extremely grateful! Although she agrees on the PM comment... I might have some questions about the scripts, as it is some hard-core stuff you're doing. For instance, where do I change my APN name, username and Password? You have multiple APN setups, and I see gl...
by tplecko
Tue Sep 22, 2009 1:42 pm
Forum: General
Topic: Forwarding data from serial port to specific IP and port
Replies: 8
Views: 2120

Re: Forwarding data from serial port to specific IP and port

use /port remote-access and add a new entry with type = RAW and tell it what port to listen on. you can then use netcat or other utility to talk directly to the serial port over ethernet. Sam I am allready able to comunicate with my serial-only device that is connected to my routerboard. What i nee...
by tplecko
Tue Sep 22, 2009 1:36 pm
Forum: General
Topic: Invalid USB port after powerloss on 443U
Replies: 18
Views: 6486

Re: Invalid USB port after powerloss on 443U

If only i could send you a private message....

I belive that ClarkKent would help you in this case.


Please tell me if it works for you.


Regards
by tplecko
Tue Sep 15, 2009 9:57 pm
Forum: General
Topic: Forwarding data from serial port to specific IP and port
Replies: 8
Views: 2120

Re: Forwarding data from serial port to specific IP and port

anyone?

is there a way to forward data from serial port to an ip address and port?
by tplecko
Mon Sep 14, 2009 8:51 pm
Forum: General
Topic: Forwarding data from serial port to specific IP and port
Replies: 8
Views: 2120

Re: Forwarding data from serial port to specific IP and port

That's what i would do, but there is a dumb router for internet access which has no VPN capabilityes.
If i had MT there, i would have no questions. I am forced to adapt to the situation.
by tplecko
Mon Sep 14, 2009 6:44 pm
Forum: General
Topic: Invalid USB port after powerloss on 443U
Replies: 18
Views: 6486

Re: Invalid USB port after powerloss on 443U

Apparently, .backup extension is not allowed, so just rename the file to .backup. I left all the scripts. Find the script ScrSettings, enter there your change ip account if you use it, please, change 'to' address to something yours (i am to lazy to change it, and i just realized that it's still mine...
by tplecko
Mon Sep 14, 2009 6:28 pm
Forum: General
Topic: Forwarding data from serial port to specific IP and port
Replies: 8
Views: 2120

Re: Forwarding data from serial port to specific IP and port

http://forum.mikrotik.com/viewtopic.php?p=167239#p167239 ?.. No.... the other way around... Now i have a problem that some ISP's block traffic (one way) to mobile devices, so from my server i can't connect to some routerboards with hsdpa , bud those same routers can connect to that server. So, out ...
by tplecko
Mon Sep 14, 2009 8:56 am
Forum: General
Topic: Forwarding data from serial port to specific IP and port
Replies: 8
Views: 2120

Re: Forwarding data from serial port to specific IP and port

I don't have the device here so here is just a thought (and i'll test later)
if i create a ppp-client named ppp-serial0 (with no user data) on my serial0 port and create a dst nat rule that translates all data with incoming port ppp-serial0 to ip 10.0.0.50?

could this work?



thanks
by tplecko
Mon Sep 14, 2009 8:46 am
Forum: General
Topic: Forwarding data from serial port to specific IP and port
Replies: 8
Views: 2120

Forwarding data from serial port to specific IP and port

Good morning everybody. Is it possible, using RouterOS to do the following. I have a device on the serial port. The device just outputs data to serial port. I usualy used a serial to ip module (from TIBBO). That module connected to an ip address and port and just forwarded that serial data to that i...
by tplecko
Sun Sep 13, 2009 7:29 pm
Forum: General
Topic: Invalid USB port after powerloss on 443U
Replies: 18
Views: 6486

Re: Invalid USB port after powerloss on 443U

Have put that particular configuration to live testing.
Just bougth 6 more (Routerboards and modems) and will setup them tomorrow.
If everything works fine (at first attempt), i will backup the configuration and post it here so you can analyze what i did.
by tplecko
Wed Sep 02, 2009 2:27 pm
Forum: General
Topic: Invalid USB port after powerloss on 443U
Replies: 18
Views: 6486

Re: Invalid USB port after powerloss on 443U

I managed to make Ericsson F3507g work http://wiki.mikrotik.com/wiki/Supported_Hardware#.27.27.273G_cards.27.27.27 it needed minor tweaks - described on the link But mikrotik cant read anything from the modem - you must connect via serial terminal and query the modem by at commands. so i will not bo...
by tplecko
Tue Sep 01, 2009 8:42 pm
Forum: General
Topic: Invalid USB port after powerloss on 443U
Replies: 18
Views: 6486

Re: Invalid USB port after powerloss on 443U

Now when i need it, i can't replicate the problem.... for no apperant reason. All this would not suprize me but i made it work on the first attempt and now this. Have just tryed a reset-configuration and start all over again and now it stops on initializing modem... Still can't replicate the problem...
by tplecko
Tue Sep 01, 2009 7:57 pm
Forum: General
Topic: Invalid USB port after powerloss on 443U
Replies: 18
Views: 6486

Re: Invalid USB port after powerloss on 443U

It rebooted when i used non original power supply so that could be it... but my bigger problem is with USB ports.... is that a bug in RouterOS or bug on this particular board model or bug in my board? Support guy saw that there is one enabled PPP interface which uses one active USB port and said tha...
by tplecko
Tue Sep 01, 2009 4:35 pm
Forum: General
Topic: Invalid USB port after powerloss on 443U
Replies: 18
Views: 6486

Invalid USB port after powerloss on 443U

USB HUAWEI hsdpa stick is in use. After powerloss, USB port has 'invalid' state, a new usb port appears (USB2) and a new PPP client connection. new PPP connection uses USB2 port and is disabled. when i configure the new connection and simulate another powerloss, the same thing happens. Another USB p...
by tplecko
Sat Aug 15, 2009 6:36 pm
Forum: General
Topic: Bug report (USB not present after power loss)
Replies: 1
Views: 982

Bug report (USB not present after power loss)

When I connect HUAWEI E169 USB HSDPA modem to RB 411U, on first boot, i can't see the modem. when i reboot the router, USB port appears and ppp interface appears. when tryed, the connection to internet works properly. When power loss is simulated, and RB boots up, the usb port is there but RouterOS ...
by tplecko
Sat Aug 15, 2009 6:25 pm
Forum: General
Topic: forward IP to Serial
Replies: 6
Views: 2651

Re: forward IP to Serial

i am using this feature all the time now, it's EXCELLENT. Mikrotik - thank you for adding this.
Works like a charm!

Found a bug though (unrelated to serial port remote access)
by tplecko
Fri Aug 14, 2009 5:05 pm
Forum: General
Topic: forward IP to Serial
Replies: 6
Views: 2651

Re: forward IP to Serial

Thanks.
I found a wiki describing remote-access. will report back here with details
by tplecko
Fri Aug 14, 2009 4:44 pm
Forum: General
Topic: Forward ethernet to serial port
Replies: 2
Views: 1069

Re: Forward ethernet to serial port

My browser crashed while submitting and i didn't see my post so i tryed again.
moderator please delete this thread.
by tplecko
Thu Aug 13, 2009 6:54 pm
Forum: General
Topic: forward IP to Serial
Replies: 6
Views: 2651

Re: forward IP to Serial

You can setup a user account on mikrotik and assign it to a special-login on the serial port - then when you SSH into the box using that userid it will automatically patch you over to that serial port. I think it's somewhat undocumented. List of console commands under "/special-login": sp...
by tplecko
Thu Aug 13, 2009 6:26 pm
Forum: General
Topic: Forward ethernet to serial port
Replies: 2
Views: 1069

Forward ethernet to serial port

I have an access controll device that comunicates with PC via serial port. (The software can comunicate with IP as well as serial but all our devices are serial) This particular device is on the remote location. If I connect my access controll device to serial port on my routerboard, can i forward c...
by tplecko
Thu Aug 13, 2009 12:33 pm
Forum: General
Topic: forward IP to Serial
Replies: 6
Views: 2651

forward IP to Serial

I have an access controll device that comunicates with PC via serial port. (The software can comunicate with IP as well as serial but all our devices are serial) This particular device is on the remote location. If I connect my access controll device to serial port on my routerboard, can i forward c...
by tplecko
Thu May 28, 2009 4:21 pm
Forum: General
Topic: OpenDNS setup!
Replies: 23
Views: 5028

Re: OpenDNS setup!

there are very simple ways how to get a free, legal license. Also, RouterOS is something you use in networks, not at home for your own pleasure. I can't see how a company can't afford 45$ for a router. And it saves you time and money that you spend looking for help. I would not agree with that stat...
by tplecko
Fri Feb 20, 2009 11:46 pm
Forum: General
Topic: ISDN dial-on-demand not working
Replies: 1
Views: 775

Re: ISDN dial-on-demand not working

Nobody?!?
by tplecko
Tue Feb 17, 2009 1:23 pm
Forum: General
Topic: ISDN dial-on-demand not working
Replies: 1
Views: 775

ISDN dial-on-demand not working

Hello I have a router (3.20) with ISDN interface if ISDN is nailed up, everything works fine but the bill is not (1500$) When dial-on-demand is set to 'yes', nothing happens. the interface will not dial automaticly. is there something i don't know and that needs to be done for this to work? thanks !
by tplecko
Tue Jun 17, 2008 12:22 pm
Forum: General
Topic: caching youtube
Replies: 11
Views: 10491

Re: caching youtube

Thanks.

I'll reply here if i ever find a way to do this elegantly...
by tplecko
Tue Jun 17, 2008 11:13 am
Forum: General
Topic: caching youtube
Replies: 11
Views: 10491

Re: caching youtube

swf is the object that loads the video but it is done inside java script. I don't see how i could block this. The only way is to block path /watch* but then the whole page doesn't load. It's a stupid request and it is requests like this why i quit. Block a page but it must look like it is very slow ...
by tplecko
Tue Jun 17, 2008 10:40 am
Forum: General
Topic: caching youtube
Replies: 11
Views: 10491

Re: caching youtube

You do have a point here. But i have a strange boss. (lucky me i only work here till the end of the month so i can dedicate my self to my own company)

He thinks that if the video part is denyed but the site still opens, noone will figure out that something is being blocked :shock: :shock:
by tplecko
Mon Jun 16, 2008 10:52 pm
Forum: Scripting
Topic: value of range expects range of ip addresses
Replies: 2
Views: 4206

Re: value of range expects range of ip addresses

OMG! v3.10!!!



thanks!
by tplecko
Mon Jun 16, 2008 10:50 pm
Forum: General
Topic: caching youtube
Replies: 11
Views: 10491

Re: caching youtube

i managed to block most of the ads and youtube-type sites are next on the list.
if i use host and path?
so that denying flash happens only on youtube?
by tplecko
Mon Jun 16, 2008 2:39 pm
Forum: Scripting
Topic: value of range expects range of ip addresses
Replies: 2
Views: 4206

value of range expects range of ip addresses

does anyone know why does this result in an error?

:for x from=1 to=2 do={ /ip firewall mangle add chain=postrouting dst-address=(10.0.0. . $x
) action=mark-packet new-packet-mark=( D0_ . $x ) passthrough=no }



interrupted
value of range expects range of ip addresses


v3.10


thanks
by tplecko
Mon Jun 16, 2008 1:44 pm
Forum: General
Topic: caching youtube
Replies: 11
Views: 10491

Re: caching youtube

how about blocking youtube video only (not the whole site)?
let's say, only watching the flash video would be prohibited
by tplecko
Mon Jun 16, 2008 12:56 pm
Forum: Scripting
Topic: opening a site and entering username and password
Replies: 1
Views: 1457

opening a site and entering username and password

Is there a way and how to open an url and enter user name and password using scripts? url like https://www.something.com/upd?something=somethingelse the url asks for username and password (login dialog pops out (no login thru php)) and it would be good if the script could enter username and password...
by tplecko
Fri Jun 13, 2008 3:42 pm
Forum: General
Topic: using web-proxy to block web-based proxy
Replies: 12
Views: 3216

Re: using web-proxy to block web-based proxy

make an account on opendns, configure some filters there, then force all users to use your opendns server with a DST-NAT rule :) Will give it a try. but the IP range is quite big and IP addresses are mostly users. We currently have 16 MBPS link. If opendns can handle this speed, it is one solution ...
by tplecko
Fri Jun 13, 2008 3:11 pm
Forum: General
Topic: using web-proxy to block web-based proxy
Replies: 12
Views: 3216

Re: using web-proxy to block web-based proxy

make an account on opendns, configure some filters there, then force all users to use your opendns server with a DST-NAT rule :) Will give it a try. but the IP range is quite big and IP addresses are mostly users. We currently have 16 MBPS link. If opendns can handle this speed, it is one solution ...
by tplecko
Fri Jun 13, 2008 3:04 pm
Forum: General
Topic: using web-proxy to block web-based proxy
Replies: 12
Views: 3216

Re: using web-proxy to block web-based proxy

I'm not sure we're on the same page here. Can you give me an example of what you're saying? add action=redirect chain=dstnat comment="" disabled=yes dst-port=80 in-interface=LAN protocol=tcp src-address=10.0.1.1-10.0.3.254 to-ports=8080 i tryed adding to-address=10.0.0.2 and when i press ...
by tplecko
Fri Jun 13, 2008 2:30 pm
Forum: General
Topic: using web-proxy to block web-based proxy
Replies: 12
Views: 3216

Re: using web-proxy to block web-based proxy

tryed using to-address in rule and received no errors but the saved rule has only to-ports field. to-address field is missing.
by tplecko
Fri Jun 13, 2008 2:01 pm
Forum: General
Topic: More ways to earn free licenses!
Replies: 162
Views: 85351

Re: More ways to earn free licenses!

Thanks.

This was my first wiki entry (any wiki) ever.
by tplecko
Fri Jun 13, 2008 1:58 pm
Forum: General
Topic: using web-proxy to block web-based proxy
Replies: 12
Views: 3216

Re: using web-proxy to block web-based proxy

But how ho i tell mikrotik to redirect to another IP?

winbox allows me to redirect only to a specific port. Is winbox missing something or is it done slightly different?

I only have this one router in a production environment so i can't test...
by tplecko
Fri Jun 13, 2008 10:50 am
Forum: General
Topic: using web-proxy to block web-based proxy
Replies: 12
Views: 3216

Re: using web-proxy to block web-based proxy

It sounds great, but I didn't find any explanation how it links with MT?

Can you please clarify?
by tplecko
Fri Jun 13, 2008 10:28 am
Forum: General
Topic: More ways to earn free licenses!
Replies: 162
Views: 85351

Re: More ways to earn free licenses!

Here is something from me.

http://wiki.mikrotik.com/wiki/Sending_y ... IP_address

So I can give something back to the community... 8-)
by tplecko
Fri Jun 13, 2008 9:28 am
Forum: General
Topic: using web-proxy to block web-based proxy
Replies: 12
Views: 3216

Re: using web-proxy to block web-based proxy

The problem is that there is so many of them and some have names that don't appear bad and some that change their domain name regulary.

It is hard to keep track of them all...

it would be so nice if there was a service such as spamhaus but with web-based proxy domain names...
by tplecko
Thu Jun 12, 2008 4:58 pm
Forum: General
Topic: using web-proxy to block web-based proxy
Replies: 12
Views: 3216

using web-proxy to block web-based proxy

Hello


We have been using Mikrotik's web-proxy to prevent employees from visiting some internet sites.
The problem are web-based proxyes souch as http://www.3stupidfucks.net/
Is there a way to block souch sites with a simple rule?



thakns
by tplecko
Thu Dec 13, 2007 10:02 am
Forum: Scripting
Topic: Automated blocking of IP addresses
Replies: 12
Views: 26139

Re: Automated blocking of IP addresses

I think that it is less likely that someone will guess my username and password at first... And forgive me, i forgot to say that i must be able to access the router over the internet. I am connected thru DSL so i can't create a rule to give me access based on the IP address. If i was on a static ip,...
by tplecko
Wed Dec 12, 2007 10:19 am
Forum: Scripting
Topic: Automated blocking of IP addresses
Replies: 12
Views: 26139

Re: Automated blocking of IP addresses

Access-lists can only be used with wireless interfaces... My router has no wireless interfaces. Public interface, DMZ interface and LAN interface (all wires) On WAN i have static IP addresses and my log's are full of failed login attempts from the same IP address for hours.... I can't block remote a...
by tplecko
Mon Dec 10, 2007 4:02 pm
Forum: Scripting
Topic: Automated blocking of IP addresses
Replies: 12
Views: 26139

Automated blocking of IP addresses

In my logs I have lots of entrys like (50 messages not shown) dec/10/2007 16:05:09 system,error,critical login failure for user username from 222.112.170.217 via ssh dec/10/2007 16:05:12 system,error,critical login failure for user username from 222.112.170.217 via ssh dec/10/2007 16:05:16 system,er...
by tplecko
Wed Aug 22, 2007 11:59 pm
Forum: General
Topic: /nat firewall filter
Replies: 3
Views: 986

Re: /nat firewall filter

mangle has checkbox that tell's MT to check packet against next rule...
filter does not... action can be passthrough... but then i can't accept or drop packet...
by tplecko
Wed Aug 22, 2007 5:05 pm
Forum: General
Topic: /nat firewall filter
Replies: 3
Views: 986

/nat firewall filter

does MT stop checking filter rules when it finds first rule that matches the packet? or, does it check the packet against all rules?
here is what i want

if time is between 0800 and 1600 then
go to next filter rule (and all other filter rules)
else
drop packet


thanks
by tplecko
Tue Jul 24, 2007 9:36 am
Forum: General
Topic: Multiple IP addresses on one interface problem
Replies: 2
Views: 1020

Re: Multiple IP addresses on one interface problem

That is actually very logical solution.... thanks
by tplecko
Mon Jul 23, 2007 1:12 pm
Forum: General
Topic: Multiple IP addresses on one interface problem
Replies: 2
Views: 1020

Multiple IP addresses on one interface problem

I have ISP's CISCO router here. Connected to it is my MT 2.9.39. CISCO's IP (at my side) is 213.202.97.1/28 connection is interface to interface (no switches) and I have multiple ip addresses on MT's interface 213.202.97.2/28 213.202.97.3/28 213.202.97.4/28 213.202.97.5/28 ... 213.202.97.12/28 213.2...
by tplecko
Mon Jun 11, 2007 2:19 pm
Forum: General
Topic: web-proxy
Replies: 2
Views: 1449

web-proxy

I have two questions. I use MT web-proxy to deny access to specific sites. while http is working just fine, https does not. The problem is that most of the web servers (including my company's) will accept https connections by default which then bypasses my proxy and users can then visit the forbidde...
by tplecko
Mon Jun 11, 2007 12:36 pm
Forum: General
Topic: Forward HTTPS & FTP to Web-Proxy
Replies: 13
Views: 5913

Re: Forward HTTPS & FTP to Web-Proxy

What if you only want to deny sites?

We use MT WEB-PROXY only for filtering web content. The problem is that most of the web servers (including my company's) will accept https connections by default wich then bypasses my proxy and the user can visit the forbidden site anyway...

Can this be done?