Router
/ip firewall filter add action=drop chain=forward dst-address-list=TikTok src-address=10.0.0.0/24 /ip firewall mangle add action=add-dst-to-address-list address-list=TikTok address-list-timeout=4w2d chain=prerouting content=.tiktok.com src-address=10.0.0.0/24 add action=add-dst-to-address-list address-list=TikTok address-list-timeout=4w2d chain=prerouting content=.tiktokv.com src-address=10.0.0.0/24 add action=add-dst-to-address-list address-list=TikTok address-list-timeout=4w2d chain=prerouting content=.tiktokcdn.com src-address=10.0.0.0/24 add action=add-dst-to-address-list address-list=TikTok address-list-timeout=4w2d chain=prerouting content=.byteoversea.com src-address=10.0.0.0/24 add action=add-dst-to-address-list address-list=TikTok address-list-timeout=4w2d chain=prerouting content=.ibyteimg.com src-address=10.0.0.0/24 add action=add-dst-to-address-list address-list=TikTok address-list-timeout=4w2d […]
If you have a user that can only log into a PPP (L2TP, PPTP etc) session on a Mikrotik during a certain time period, you can create scripts that run on a schedule to enable the user at the desired time and disable the user when their work day ends. […]
If you ever have the need to only allow PPP connection(s) (L2TP, PPTP etc) for a certain time period, you can use the below in a script or add directly to a schedule to terminate a PPP user that has an active connection. Replace user.name with the actual name /ppp […]
Unplug your device from the power Press and hold the reset button and apply the power When LED starts flashing, release the button
OverviewRouterOS provides SSH client that supports SSHv2 logins to SSH servers reachable from the router. RequirementsFor this command to be available router has to have system and security packages installed. SSH/system ssh [remote-ip]In this case the username thats provided to the remote host is the one that is logged into […]
The below can be used to add a local user to a Mikrotik using a script or at the CLI /user add name=setusername password=setpassword group=write Just change “setusername” to the desired name and “setpassword” to the desired password (be warned this is in plain text and care needs to be […]
The below can be used in a schedule or script to control rules, just change “enable” to “disable” to disable the rule and “BlockKids” is the comment so change to suit your needs. /ip firewall filter enable [find comment=”BlockKids”];
This script will export the config from your mikrotik router and email it to your email address. The scheduled time between exports and email sending can be decided by you. The exported file will take the name of your system identity ending in the extension .rsc /export file="$[/system identity get […]
In a terminal windows or via ssh, enter the below line ip firewall export file=firewallrules then find a file called “firewallrules.rsc” in your files folder.
/ip firewall filter add chain=forward dst-address=”remoterange” src-address=”localrange” place-before=0 /ip firewall filter add chain=forward dst-address=”localrange” src-address=”remoterange” place-before=0
How to set the NTP client on a Mikrotik router using the Terminal /system ntp client set enabled=yes primary-ntp=###.###.###.### secondary-ntp=###.###.###.### Change the ### for IP address’s Once done use the below to check if the settings has been applied /system ntp client print Below are two IP addresess for NTP […]
The below example shows a simple port forward that is forwarding TCP, Port 32400 (Plex) to the internal address 192.168.88.250 (Plex Media Server) This string is entered into the console. /ip firewall nat add action=dst-nat chain=dstnat disabled=no dst-port=32400 in-interface=ether1-gateway protocol=tcp to-addresses=192.168.88.250 to-ports=32400