Page 1 of 1
Can't launch script from Netwatch
Posted: Mon Apr 23, 2018 8:57 pm
by kidjake28
I posted this is General forum but think its more appropriate here:
I have this in my Down option:
log warning "VPN Connection is down.";
log warning "Running NoVpnReboot script.";
:beep length=1400ms frequency=900;
/system script run NoVpnReboot
Everything runs EXCEPT for the /system script run NoVpnReboot
The script does work when I run it from the terminal?
I'm running 6.42.1 RouterOS?
Any help really appreciated.
Re: Can't launch script from Netwatch
Posted: Tue Apr 24, 2018 3:40 am
by eehan
It might be something to do with this:
What's new in 6.42 (2018-Apr-13 11:03):
netwatch - limit to read, write, test and reboot policies for Netwatch script execution;
I have just upgraded my router to v6.42.1 (due to the latest in a growing list of very troubling security flaws, thanks Mikrotik).
Netwatch was working fine until then. I find that I can still put an entry in a log file using Netwatch, but I cannot change a variable from a Netwatch script.
So I am guessing the issue is to do with permissions. I have no idea if these can be changed. I have not found a handle for it yet, if indeed this is the issue.
Perhaps someone else can enlighten us.
Re: Can't launch script from Netwatch
Posted: Tue Apr 24, 2018 3:54 am
by eehan
OK so in your particular issue, not being able to call a script, if you go to the script itself and uncheck all policy options with the exception of read, write, test and reboot, you should be able to call the script (it worked for me).
Assuming of course you script does not require other policy options to function correctly.
Re: Can't launch script from Netwatch
Posted: Tue Apr 24, 2018 4:11 am
by eehan
So my issue is still not resolved:
I am no longer able to change the value of a global variable from within Netwatch.
If I create a script to change the global variable, and call that from Netwatch, the global variable will not change unless the policy option "policy" is checked for the script.
I verified this by a manual run of the script.
Since Netwatch can now only call scripts that have (at most) policies "read", "write", "test" and "reboot" - the script will not call when I check the "policy" option, as is seemingly required in order to modify a global variable.
Intuitively I would have figured that the "write" option would be enough to allow us to change a global variable. However it is the "policy" option that appears to allow us to do this. Not sure if it has always been this way, or if it is a bug.
Anyhow it appears that the usefulness of Netwatch is somewhat limited moving forward.
Re: Can't launch script from Netwatch
Posted: Tue Apr 24, 2018 12:51 pm
by heydude
I have the same issue with netwatch on v6.42.1 (current).
Not able to write global variables by netwatch up or down event and scripts will not be launched.
Re: Can't launch script from Netwatch
Posted: Tue Apr 24, 2018 2:39 pm
by kidjake28
Thanks very much for he reply. I wound up putting my script in the down section. It's not very large.
Is there a problem in doing that?
Re: Can't launch script from Netwatch
Posted: Tue Apr 24, 2018 2:54 pm
by eehan
Yes you can put the entire scripts in the NetWatch Up/Down script windows.
However in my case - writing to a global variable - this ceased to work with the new software version no matter whether I put the function in the NetWatch script window, or I called a script with the function in it, as explained above.
So I guess it is just a matter of what you are doing in the script - as some script permissions (functions) seems to have been removed for NetWatch.
Re: Can't launch script from Netwatch
Posted: Tue Apr 24, 2018 4:03 pm
by heydude
The time for a workaround and rewriting all other script is too high and I am using the scheduler instead netwatch. Don't waiste time with netwatch!
Here the example for our case:
# check if server is up and run script
:global srvstat
:global srv
:if ([/ping $srv count=2 size=64] = 2) do={
:global srvstat "up"
} else={
:global srvstat "down"}
:if ($srvstat = "up") do={
:global lastsync
:if ($lastsync = "") do={
:global lastsync "60"}
:if ($lastsync > 59) do={
:global lastsync 0
# launch script here
} else={
:global lastsync ($lastsync + 5)}
} else={
:global lastsync "60"}
Re: Can't launch script from Netwatch
Posted: Thu May 03, 2018 8:39 pm
by mikrobot
So my issue is still not resolved:
I am no longer able to change the value of a global variable from within Netwatch.
If I create a script to change the global variable, and call that from Netwatch, the global variable will not change unless the policy option "policy" is checked for the script.
I verified this by a manual run of the script.
Since Netwatch can now only call scripts that have (at most) policies "read", "write", "test" and "reboot" - the script will not call when I check the "policy" option, as is seemingly required in order to modify a global variable.
Intuitively I would have figured that the "write" option would be enough to allow us to change a global variable. However it is the "policy" option that appears to allow us to do this. Not sure if it has always been this way, or if it is a bug.
Anyhow it appears that the usefulness of Netwatch is somewhat limited moving forward.
Hi.
Following your method I got to have netwatch to execute the up and down scripts. As test I just wrote a line in the log and I checked both the run counter and the log. So fine.
Then I put some more lines in the same test scripts, and tried to run the command trying to execute a command, like /tool e-mail, it doesn't execute it and, moreover, doesn't execute nothing else before or after the command. This even happens just executing the script from Winbox or terminal.
So, probably the command execution inside the script itself is the problem, not only netwatch !
Is something you have seen in your tests?..
Re: Can't launch script from Netwatch
Posted: Fri May 04, 2018 12:48 am
by kidjake28
My script is just pinging a host and if no response rebooting.
Yes you can put the entire scripts in the NetWatch Up/Down script windows.
However in my case - writing to a global variable - this ceased to work with the new software version no matter whether I put the function in the NetWatch script window, or I called a script with the function in it, as explained above.
So I guess it is just a matter of what you are doing in the script - as some script permissions (functions) seems to have been removed for NetWatch.
Re: Can't launch script from Netwatch
Posted: Mon Jul 23, 2018 10:48 pm
by d3m0
I'm in the same situation. Very dissapointing.... I have a lot of email scripts that didn't work neither.
I think this need a fix as soon as possible.
Re: Can't launch script from Netwatch
Posted: Sun Jul 29, 2018 6:15 am
by jo2jo
nothing to help yall with from me, but here is a relevant thread with more info on this same issue (i have alot of netwatch + script combos as well):
viewtopic.php?f=2&t=134538
Re: Can't launch script from Netwatch
Posted: Tue Aug 21, 2018 8:36 am
by wiltshra
OK so in your particular issue, not being able to call a script, if you go to the script itself and uncheck all policy options with the exception of read, write, test and reboot, you should be able to call the script (it worked for me).
Assuming of course you script does not require other policy options to function correctly.
That worked for me - awesome..
I thought I was going mad - how could they break such simple functionality?
Re: Can't launch script from Netwatch
Posted: Wed Nov 07, 2018 2:14 pm
by NikolayM
Re: Can't launch script from Netwatch
Posted: Wed Apr 03, 2019 10:44 am
by Deantwo
If you are using RouterOS 6.43.x, then you can simply use
dont-require-permissions=yes.
See:
viewtopic.php?f=2&t=134538#p720232