I request to Forum Admins to prohibit posting of ChatGPT scripts on the forum, without specify the source.

Why? Just today two users post help request on script maded by ChatGPT without specify that those script are generated by ChatGPT.

I'm happy to help, but what I can't stand is wasting my time, like the other forum users.

I think that if everyone here helps others for free, at least they don't want to be made fun of...

Wasting time correcting a script that SEEMS valid
(but it is clear that it was then written by ChatGPT that when it doesn't know something... it invents the instructions...)
is disrespecting anyone who tries to help.

I agree. While ChatGPT is a neat tool in the toolbox, there are some things it just has no knowledge of and is a tad too confident of a liar about. for example, its great at writing Go code, but it cant write Google App Script code that does anything correct. I think it would be dangerous to leave scripts posted without the notation of the source as it would muddy up the search results coming in.

Another problem is when someone searches something on Google or on the Forum, false GPT results are provided as results,
and maybe they come first because for the search algorithm they SEEM more relevant, creating even more problems...

Unfortunately it will take some time before the general public learns to Never Ever trust ChatGPT to provide correct facts since it’s just a dumb language model without any real intelligence that only imitates your native language. Thus, before posting anything that is originated from ChatGPT you have to verify all the facts yourself.

The media is to blame for this misconception because the simplest pattern matching is called AI nowadays.

I call BS on this request.
Every tom dick and harry comes here with some stewpid config they got from youtube, dont see anybody banning that...

Just kidding, yes CONCUR, but I prefer, getting paid airfare ( just reduce Normands salary appropriately) to the location of the perp and issue me with a tazer. Thus one can verbally advise the criminal and then provide some encouragement/support!!!

Haha, me too!!

Every tom dick and harry comes here with some stewpid config they got from youtube

Incredibly those of ChatGPT are more subtle, so subtle that ... they make you regret those of Youtube ...



I didn't think I'd ever write this...

I'd be really curious to know what those three who voted NO think.

Lets be honest, I already think you are half cyborg with those scripting skills of yours..............

Well, before doing the WISP I worked for years as a programmer, so the thinking of a programmer comes naturally to me.
I just had to adapt to the RouterOS language and create what isn't there...
I started programming when I was a child with Assembler and CPM/86 with MSDOS 3.0 and "debug"...
Even if now I don't remember anything about Assembler anymore...

@rextended, don't worry the robot aren't going to put you out of work. Imagine the goal is prevent prevent MORE work in figuring out where some cut-and-paste ChatGPT/etc script is wrong. Full support here – already a good idea to state the source of material anyway.

StackExchange/etc have a similar policy actually:

https://meta.stackoverflow.com/question ... -is-banned

I started programming when I was a child with Assembler and CPM/86 with MSDOS 3.0 and "debug"...

"With Assembler and CPM/86" ... very impressive my Italian Friend ... your RouterOS code is very nice ... but you need to make it very fast not only NICE ...

Mozerd, Italians learn at a very early stage to make love, unlike the high stressed North American quickie......... it spills over into work habits.

"Did you put your name into the Goblet of Fire, Harry?" he asked calmly.
"Did you eat the chocolate cake, pony?" he asked calmly.
Pony answered with full mouth "No"
A thick brown liquid started dripping from a corner of pony's mouth.
"No I didn't!" pony started crying.

This rule would be useless. If it is known that we don't like ChatGPT, people will not admit their scripts are from there. There is no proof and it will lead only to selective punishment based on assumptions.

Some hint: completly invented instructions, like /tool fetch charset=UTF-8, 2**32 (mean 2 * 2 * 2..... 32 times...), /file save name=test.txt (save what???) etc.

Mistakes are one thing, it can happen to me too...
the sensationally invented parts are one thing...
they're so wrong, they seem real... a continuous April Fool's

don't worry the robot aren't going to put you out of work

The problem isn't the robots, it's the stupid humans who feel relieved to learn and criticize…
To give everything as good just because a machine (with conditioned morals) says so.

You need a script to check ur email more frequently LOL.

You need a script to check ur email more frequently LOL.

Sorry, now I check

Some words from the forum admins?

Ahahaha!!!!

Admins: Any reply? Thanks.

Even long before chatgpt, there were scripts with invented commands and syntax that never existed in RouterOS.

I understand, but it's rarer and it has to be done on purpose...
Isn't it possible to prevent the forum from becoming a source of completely useless scripts which then damn those who find them,
thinking they were written by someone, instead of specifying that they are ChatGPT "Author's False"?

Even long before chatgpt, there were scripts with invented commands and syntax that never existed in RouterOS.

All I know is ChatGPT can get in line with rest of us with it's own exponent (**) and unicode (charset=) feature requests here...
viewtopic.php?p=907267

Lots of invented commands there

Can be automated by adding additional tag for scripts in forum messages eg. [script][/script] which interprets code and forbids submit if syntax fails.

interprets code and forbids submit if syntax fails.

Imagine if they start doing such a thing on the forum. There is no module on phpbb that does this, and why would they bother to fix the problems created by others.

Just don't accept scripts from ChatGPT.

The search is hard enough, then mixing in completely useless results makes the scripting part of the forum completely useless.

That horse is out of the barn.
No way to get it back in.

Unlike some thinking AI is going to make humans obsolete, the contrary is demonstrated here in this specific context.
Rex, you're not out of a job yet

Rex, you're not out of a job yet

My concern is the opposite,
I'll stop fixing other people's scripts, if I have to start fixing ChatGPT's scripts too.
Sooner or later I notice it when I check them. I feel cheated and it's all a waste of time, just when I opened the petition it happened 2 times...
In doubt of wasting my time, if the generated ChatGPT scrpts are not banned, I don't help anyone with its supposed own scripts.

Then imagine the frustration of a user who needs something, searches the forum (or on google & similar) and gets more results,
he has to start seeing which ones work and which ones are invented to look real...

But you can detect those false scripts

Chatgpt can not because it doesn't know better (or its scripts would be perfect)

Instead of correcting them, just leave a comment that's its automated rubbish. Done.

Just don't accept scripts from ChatGPT.

Someone can just say - I wrote it, but I'm not experienced in writing ROS scripts, maybe there can be errors
With interpreter you can at least ensure that there will be no syntax errors, still there can be device specific parameter errors in script, like interface names, etc.. but at least it's easier to troubleshoot such script with provided ROS configuration.
As you said, this kind of automated check will never gonna happen on this forum, but banning (or whatever punishment can be) such users that are abusing this rule, if implemented, is part of interpretation of script reader(s) and it's still a waste of time for them, maybe ratio of posting such scripts will be lower I guess.

@rextended: I understand your frustration. But you're still missing any way how it could work. You can prohibit it, maybe in rules that nobody reads anyway. And people will still post it, either because they won't know about it, it they will know and not admit it. And you can ban them after, but first someone must recognize it, but who? That would need someone like you. And even if the person is then banned, it won't have any effect on newcomers.

@sob In addition to that, It would be very unwise to ban people just because they broke a rule, which they didn't know about. Unlike usuall "don't use the N-word", this rule is not something expected by a common sense. Also good point mentioning it would need moderator (or more effort from existing moderators) to enforce the rule. Let me just remind that Rextended had moderation privileges for a while and as Normis said back then, "with a great power comes great responsibility". I believe the power was stronger than sense of responsibility and the privileges were taken away..

@rextended: I understand that feeling and I will pass an advice given to me by an unnamed member of this forum: Chill down. You don't have to answer everything.
To explain, I too had an obsession to answer as much as possible. It felt good, so I know very well why you are doing it. In my case it gave me feeling of superiority, because every answer was a proof that I am smarter than others. For me, it was like a drug. I am not joking, I didn't even realised that I became addicted to it. And as with every drug, whenever I was prevented to use it, I wasn't happy about that. This led to unnecessary toxicity and me slowly getting turning to the dark side until this hero of mine stepped in. Think about it yourself - doesn't it sound familiar?

Toxicity won't make this forum a welcoming place and polite people will be afraid to ask questions. In the end, all remaning questions will be from ignorant people and its not the type of questions which you want to answer. Maybe trying to help less will help the forum more?

@rextended email

Let me just remind that Rextended had moderation privileges for a while and as Normis said back then, "with a great power comes great responsibility".
I believe the power was stronger than sense of responsibility and the privileges were taken away..

No, the problem is another...
I couldn't write freely because often someone wrote "but you are a moderator" or they expected who knows what because I was a moderator...
I helped clean up all the spam on the pre-2023 forum posts, but that's it...
In fact, it often annoys me that since I appear as a "forum guru" they expect them to know everything about RouterOS, but in all I've used it and I know 30%...

Forums having ranks/titles based on number of posts is common knowledge, everyone learns it eventually. I remember how once someone took info from some forum about military and argued that it MUST be true, because it was written by General and they know their stuff.

And Sob is very sad because he still hasn't shown me enough to get the MTUNA certification, although I must admit, hes pretty damn close, especially with post #19 viewtopic.php?t=194143#p988573, but alas fell a few steps backwards when not providing answers or support on connection tracking tcp loose vs strict and invalid rules........ Lost his voice, or is the lion in the play "the wizard of Czechia".

30% hahahaha, try 0.3% and I still get guru.

Oh and Sob, do you know why this rule should not be removed from the input chain, apparently its priceless........
add action=accept chain=input comment="defconf: accept to local loopback (for CAPsMAN)" dst-address=127.0.0.1

I will make it easy for you.................. in a non-wifi setup.

I think I saw it in some threads that WG supposedly connects to localhost. I didn't examine it myself yet, but I don't see any good reason why it would do it (I'm not saying it's not possible).

And you're probably significantly further than 0.3%. How much, that's hard to guess. I wouldn't be sure about myself either. We need some true guru to create at least thousand questions quiz covering whole RouterOS, then we would see.

About 127.0.0.1, just log & read...

About TCP loose: if you use NAT, keep connection-tracking strict, if you do not use any form of NAT, you can leave it loose.

Brief description, not precise, just rapid concept:

If is allowed, on reboot (yes, reboot, all connection is destroyed, why try to rebuild that table if all the tracking is lost...)
... on reboot the device on incoming packet from WAN, regardless is the packet is DDoS or old connection not closed for the reboot of the router,
try to create again one connection-tracking entries for the packet (and the destination??? is random???.... can be any of your internal IPs....)

If is not allowed, on reboot only new connection from LAN to WAN (and from WAN on NATted ports) can create new estabilished (and related) connection.
Any previous connections or DDoS is treated as invalid, without recreate connection tracking with near random destinations....

Obviously if NAT is not involved at all, because only public IPs are used, the allowed loose permit more faster traffic recovery.

Well more on topic.... But at risk of banishment...

I asked ChatGPT the slight restated question:

TRIGGER WARNING: The following material comes directly from https://chat.openai.com/chat website, e.g. ChatGPT.
DISCLAIMER: The poster is takes no responsibility for it's accuracy, fitness for any purpose, and offers only for only comedic purposes.

On a Mikrotik RouterOS v7 router, outside of Wi-Fi, can this firewall config line
'/ip firewall filter add action=accept chain=input comment="defconf: accept to local loopback (for CAPsMAN)" dst-address=127.0.0.1'
be safely removed?

The firewall configuration line you provided is allowing incoming traffic from the loopback interface (127.0.0.1) and is specifically related to CAPsMAN, which is a MikroTik RouterOS feature that allows centralized management of access points.

If you are not using CAPsMAN on your MikroTik router, then it is safe to remove this firewall rule. However, if you are using CAPsMAN, removing this rule could result in CAPsMAN not being able to communicate with the router properly.

Therefore, before removing this rule, it is recommended to verify if CAPsMAN is being used on your router or not. If CAPsMAN is being used, it is advisable to leave this firewall rule intact. If CAPsMAN is not being used, then you can safely remove this firewall rule.

In fact, something is missing...
1) The reply ignore Wireguard, for example.
2) It omits that it is needed for the CAPs-MAN if it is in the router itself, not if there is a CAPs-MAN located in another network device.
3) Omits that CAPs-MAN uses 127.0.0.1 (localhost) exclusively only if one or more managed wireless interfaces are on the router itself, not on other network devices.

So, ignoring other functions like Wireguard, the rule can be removed safely even if there is CAPs-MAN installed in the device itself,
if it has no wireless interfaces, or it has them but they are not managed by the local CAPs-MAN.

so the rule is only for capsman and wireguard.................... To my knowledge this rule has nothing to do with wireguard. Trying for the fiction literary prize in Italy??

Again: add rule to log all about localhost, and read the log...
Will you believe the logs or not?

No I believe that wireguard has nothing to do with 127.001.
Why:
1- There is nothing in wireguard literature that describes this as a requirement and
2- Sob never mentioned it so it cant be true.
3-plus you have been drinking french instead of italian wine again........ it always impairs your judgement

What do you think I will see if i was to log that............... not sure what you mean, if I dont have the rule how can I log it and why would I log it when wireguard is working fine..........

2- Sob never mentioned it so it cant be true.

Never mentioned???...

I think I saw it in some threads that WG supposedly connects to localhost. I didn't examine it myself yet, but I don't see any good reason why it would do it (I'm not saying it's not possible).

viewtopic.php?p=988872#p988851

Again: add rule to log all about localhost, and read the log...
Will you believe the logs or not?

Or just look at the rule hit count even in winbox/CLI... A 0 is generally a good indicator if a rule needs review...

indeed, and the logs give you an idea of what it is

viewtopic.php?t=182006

viewtopic.php?p=943790#p943790

One simple example:
RADIUS server and user-manager on the same machine (same for The Dude & Co.).
Must be used 127.0.0.1, because is more secure and spoofing resistant,
and if you change for some reason the other IPs of the machine, you do not need to change also the RADIUS and user-manager configuration....

log code

lolcalhost output: in:(unknown 0) out:(unknown 1), proto UDP, 127.0.0.1:35240->127.0.0.1:1812, len 172

**********************

End of transmission for today. Good Night.

Not amused. Here is the scoop in the last week, it appears that the information I have been providing is wrong,
be it use of invalid rule in forward chain or advise to ensure strict connections tracking for TCP and now apparently wrong information on how to setup wireguard.
Clearly I should not be providing advice............ read between the leaves.

Before you do something drastic, although I don't think harakiri is the thing in Canada, the thing with WG and localhost is just something that I think I saw mentioned in some thread, but I find it weird and it's entirely possible that I'm mistaken. So be calm, everything is probably mostly fine.

Edit: It was in Wireguard udp on 127.0.0.1 - what is the purpose?, there is WG involved, but it's not clear what happens, could be some mistake or bug, it's hard to tell.

As far as I seem to remember, it was something wireguard would self-test to prove encryption and generate temp keys,
but it's been a while and I haven't done any testing on v7 which I don't use.

I think the localhost rule is just to support QuickSet's "mesh" profile that came in with the Audience, but now in the QuickSet for more devices. MT's localhost trick with CAPsMAN+Audience means QuickSet don't have to touch with the firewall (and it doesn't). And since, from Mikrotik POV, you want the "generic firewall" to support all the QuickSet modes, since that's in docs/ "quick start guide", you see it.

But I'm fairly certain it's needed only because the CAPsMAN "server" isn't an interface itself, just a service that listens on interface. Don't use WG enough to know, but I know it isn't needed for ZeroTier. WG is an actual interface, lives in kernel and gets IP from it's config – to WG there file handles that need some numbers changed based on config, localhost has would have no meaning.

I seem to recall on one of my earlier experiments with capsman even there it is not needed.
Only when you are implementing capsman on a device also acting as cap AND you have a drop-all rule (which you should have).

Only when you are implementing capsman on a device also acting as cap AND you have a drop-all rule (which you should have).

Yup, it only in that specific case. But MT's default config and docs have to have that case... Why it's in a lot of configs.

More to say, I bet log on that rule and/or fw hit count show 0 on @anav router. Or most people's for that matter. If WG needed, it be obvious I think.

Better question why is loopback hidden interface but this firewall rule for it is not? Unhide all or do not hide partially. This rule can be dynamically added as hidden rule if some of ROS features are set up that needs loopback.

Loopback is default present on almost every network device.
Nothing hidden about it.

Better question why is loopback hidden interface but this firewall rule for it is not? Unhide all or do not hide partially.

Well it is a valid IP at layer3. But all layer3 should go through firewall, and it does. Thus need to allow wi-fi interface (in the esoteric local CAPsMAN case) to get to router, just like a vlan would.

But same logic applies to REST, you can use localhost there too to refer to the local router, for layer 3.

This rule can be dynamically added as hidden rule if some of ROS features are set up that needs loopback.

ChatGPT is smarter that QuickSet. QuickSet could do a lot of things. It has syntax down better, but it too just guesses at common interface names and stuff much like some script (at least in my observations). But they're not guesses if you control the default configuration. Seems Mikrotik took the least amount of code approach, at expense of foisting an unnecessary firewall rule in 95+% of cases.

Loopback is default present on almost every network device.
Nothing hidden about it.

Still it is not listed and you cannot select it in interface selection for some setting/rule.

It doesn't have an interface. It's a kernel object, that happens to have an IP of 127.0.0.1 inside the TCP/IP stack. Layer3 only thing.

* But there are few things that cause the interface to have (unknown) etc. ZeroTeir's VL1 tunnels being one. There should be someway to identify them as some interface, logically, in the firewall.

** and in fact, enabling logging on a fw rule will show interface as (unknown)...

Back to the roots.

I request to Forum Admins to prohibit posting of ChatGPT scripts on the forum, without specify the source.
Why? Just today two users post help request on script maded by ChatGPT without specify that those script are generated by ChatGPT.
I'm happy to help, but what I can't stand is wasting my time, like the other forum users.
...

How do you want to persaude users not to do that as most of them tends to do what they want to do as "they can"?
If simple "Post reply" instead of "Quote" (as this button is "closer") is beyond the skills so how do you want to prohibit usage of Copy+Paste of the "AI hard work"?
No written rules will help if someone wants to not obey them and then complain about moderation.

It doesn't have an interface. It's a kernel object, that happens to have an IP of 127.0.0.1 inside the TCP/IP stack. Layer3 only thing.

* But there are few things that cause the interface to have (unknown) etc. ZeroTeir's VL1 tunnels being one. There should be someway to identify them as some interface, logically, in the firewall.

** and in fact, enabling logging on a fw rule will show interface as (unknown)...

That's exactly my point, can be logical interface (readonly, forbidden disable) that have IP 127.0.0.1 which then can be chosen in some cases in interface selector or for logging purpose as you mentioned.

Minor detail: it's an address used for loopback traffic.
It's not an interface at all. So why make it a logic interface ?

Minor detail: it's an address used for loopback traffic.
It's not an interface at all. So why make it a logic interface ?

Convenience, as is shown in ifconfig/ipconfig.

Note: not sure how off-topic posting would be viewed by now multiple moderators. In a "PETITION" for rule changes. To the point how is someone enforce these rules? @optio, @holvoetn, nor I started the "sub-thread" here... In fact the moderator & OP did & I sounded more dismissive in re-reading my post...should have I said nothing?

That's is exactly my point, can be logical interface that have IP 127.0.0.1 which then be chosen in some cases in interface selector or for logging purpose as you mentioned.

@optio, sorry weird way of saying I agreed. As I said, the interface-less thing happens with ZeroTier's VL1 too, in that case it ain't localhost in the logs, it the tunnel addresses.

Minor detail: it's an address used for loopback traffic.
It's not an interface at all. So why make it a logic interface ?

They actually don't let you select "none" as the interface in the firewall, which seems like missing option. And if they did have it... there is owning process that can be the "interface" to firewall/conntracd – since both ZL1 and odd-ball "local CAPsMAN config" case are both classified as "unknown" – but they are actually different things, that you may want to to treat differently in the firewall...

Note: not sure how off-topic posting would be viewed by now multiple moderators. In a "PETITION" for rule changes. To the point how is someone enforce these rules? @optio, @holvoetn, nor I started the "sub-thread" here... In fact the moderator & OP did & I sounded more dismissive in re-reading my post...should have I said nothing?

Indeed, this is going way OT.
No need to discuss more about it here.

But don't you realize? This is a Forum, not a Chat, and it is normal that everything leads to discussion on technical topics...
We only go OT on the release thread, because here from what I've read so far
everyone agrees on the uselessness of ChatGPT in producing something that isn't fake.
There remains only the problem of how to educate users not to fill the forum with quotas fake scripts.

Among other things, I still have to apologize to BartoszP because until I did it too I didn't understand what it meant to moderate a herd of Users...

Been there, done that for quite some years.
And it can be VERY time-consuming ... much respect for those trying to keep things tidy from behind the scenes here.

But don't you realize? This is a Forum, not a Chat, and it is normal that everything leads to discussion on technical topics...
We only go OT on the release thread...

I guess there will be better attention on topics like this: viewtopic.php?t=194267 if was posted in release thread instead creating new one

Back on topic, as developer I completely agree that ChatGPT source codes are in most cases complete bs.

...
Among other things, I still have to apologize to BartoszP because until I did it too I didn't understand what it meant to moderate a herd of Users...

Been there, done that for quite some years.
And it can be VERY time-consuming ... much respect for those trying to keep things tidy from behind the scenes here.

Time to print it in bold, frame it and hang on a wall as a moderation trophy Thank you.

But on the other hand I see that that topic drifts to the question:
"Do we, as the humankind, need to think ourselves or do we want to rely on AI to do the job despite the quality of the answers?"

Thinking wider:
"Do we need education as we can ask search engines/AI for an answer?"

Tough question. Non obvious answers ...

Look, life teaches, one bomb is enough, and nothing work anymore...
People forget how to do things without electricity and without supermarkets and starve...

Artificial intelligence must help us find the key to the problem, not add more key holes...

It's just another tool like many before. It can be used or misused. Now it's new, so everyone is scared/excited/whatever. But we'll manage.

ChatGPT strike again:
viewtopic.php?t=194448

//**//
I finally understood...

They are creating "a machine" to replace one of the most hated jobs in the world: a politician...

On the other hand, he speaks well, promises well, it seems that his speeches contain something ... but in the end he doesn't do s–t ...
THE SAME...
//**//

Other shit:
viewtopic.php?t=194664

More is coming.

Run a ChatGPT-like AI on Your Laptop Using LLaMA and Alpaca.

Hmm, isn't @anav a LLaMA?

Please don't make a fuss about something so irrelevant. ChatGPT can't make ROS scripts and nobody will post them.

At no Italian be posting any...

(saw in the news they were process of banning ChatGPT in Italy)

Temporary ban until OpenAI provides answers on where European data is being stored.
European privacy rules.

Google and Microsoft etc also had to comply to these rules.