Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Missed one in b6ddc5968e7a3393bb6e9b0c0ccf96379efc62b4...
|
|
|
|
|
|
|
|
|
|
... if the path starts with "tmpfs/". This helps to mitigate flash wear.
|
|
|
|
|
|
|
|
|
|
... to specify that the preceding character should be displayed with emoji
presentation.
https://unicode-table.com/en/FE0F/
|
|
... and use it in $GetMacVendor.
|
|
... which was introduced in RouterOS 7.7beta8.
|
|
|
|
|
|
|
|
|
|
... to make sure the checks are not re-run every second.
|
|
|
|
... but with all characters from alphabet with $GetRandom20CharAlNum.
|
|
... but with all characters from alphabet with $GetRandom20CharAlNum.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
If this script runs from terminal this will not change... 😜
So cache the result.
Co-authored-by: Michael Gisbers <michael@gisbers.de>
|
|
Co-authored-by: Christian Hesse <mail@eworm.de>
|
|
This will now log all messages before notification, and every two hours
(or scheduler interval * 120) after.
|
|
These are generated with my 'RouterOS-Scripts Notification Generator':
https://eworm.de/ros/notification/
|
|
---- ✂️ ----
📨 SMS Forwarding from 7277
Received this message by MikroTik from 7277:
On oct/17/2022 13:44:10 GMT -0 type class-0:
Welcome to our network!
---- ✂️ ----
|
|
---- ✂️ ----
❌ Netwatch Notify: example.com down
The host 'example.com' (93.184.216.34) is down since oct/19/2022 16:27:03.
---- ✂️ ----
✅ Netwatch Notify: example.com up
The host 'example.com' (93.184.216.34) is up since oct/19/2022 17:03:00.
It was down for 6 checks since oct/19/2022 16:27:03.
---- ✂️ ----
|
|
---- ✂️ ----
⚠️ Log Forwarding
The log on MikroTik contains these 3 messages after 6d23:55:18 uptime.
● 13:24:02 script;error backup-cloud: Failed uploading backup for MikroTik to cloud!
● 13:24:17 system;info;account user admin logged in from 192.168.88.177 via ssh
● 13:24:57 system;info;account user admin logged out from 192.168.88.177 via ssh
---- ✂️ ----
|
|
---- ✂️ ----
📅 daily PSK Guest-Wifi
This is the daily PSK on MikroTik:
SSID: Guest-Wifi
PSK: S3cr3tStr1ng
Date: oct/18/2022
A client device specific rule must not exist!
🔗 https://www.eworm.de/cgi-bin/cqrlogo-wifi.cgi?scale=8&level=1&ssid=Guest-Wifi&pass=S3cr3tStr1ng
---- ✂️ ----
|
|
---- ✂️ ----
📱 48:F1:7F:D0:E5:4E connected to Wifi
A device with unknown MAC address connected to Wifi on MikroTik.
Controller: MikroTik
Interface: wl5-wifi
SSID: Wifi
MAC: 48:F1:7F:D0:E5:4E
Vendor: Intel Corporate
Hostname: host-523c8e0e
Address: 192.168.20.254
DNS name: host-523c8e0e.dhcp.MikroTik.example.com
Date: oct/20/2022 09:21:56
---- ✂️ ----
|
|
---- ✂️ ----
✨ RouterOS update
A new RouterOS version 7.6 is available for MikroTik.
Hostname: MikroTik
Board name: CHR
Architecture: x86_64
RouterOS:
Channel: stable
Installed: 7.5
Available: 7.6
RouterOS-Scripts:
Version: 85
🔗 https://mikrotik.com/download/changelogs/stable-release-tree
---- ✂️ ----
|
|
---- ✂️ ----
✨ LTE firmware upgrade
A new firmware version R11e-LTE6_V033 is available for LTE interface lte on MikroTik.
Interface: MikroTik R11e-LTE6
Installed: R11e-LTE6_V027
Available: R11e-LTE6_V033
---- ✂️ ----
|
|
---- ✂️ ----
⚡📉 Health warning: voltage
The voltage on MikroTik jumped more than 10%.
old value: 16.2V
new value: 12.4V
---- ✂️ ----
🔥 Health warning: temperature
The temperature on MikroTik is above threshold: 51°C
---- ✂️ ----
✅ Health recovery: temperature
The temperature on MikroTik dropped below threshold: 47°C
---- ✂️ ----
❌ Health warning: psu1-state
The power supply unit 'psu1-state' on MikroTik failed!
---- ✂️ ----
✅ Health recovery: psu1-state
The power supply unit 'psu1-state' on MikroTik recovered!
---- ✂️ ----
|
|
---- ✂️ ----
🔏 Certificate renewed
A certificate on MikroTik has been renewed.
Name: example.com
CommonName: example.com
Private key: available
Fingerprint: cc54cdd01fcd7698ecb71213874be776906eb33d26cd57754d168632f14c4c8b
Issuer: R3
Validity: sep/08/2022 03:50:56 to dec/07/2022 03:50:55
Expires in: 8w 3d 12:03:30
---- ✂️ ----
|
|
---- ✂️ ----
💾⬆️ Backup & Config upload
Backup and config export upload for MikroTik.
Hostname: MikroTik
Board name: CHR
Architecture: x86_64
RouterOS:
Channel: stable
Installed: 7.6
RouterOS-Scripts:
Version: 85
Backup file: MikroTik_example_com.backup
Config file: MikroTik_example_com.rsc
---- ✂️ ----
|
|
---- ✂️ ----
💾☁️ Cloud backup
Uploaded backup for MikroTik to cloud.
Hostname: MikroTik
Board name: CHR
Architecture: x86_64
RouterOS:
Channel: stable
Installed: 7.6
RouterOS-Scripts:
Version: 85
Name: cloud-20221020-092419
Size: 370767 B (362 KiB)
Download key: LLDBfPcWXxmSetWilqeJX5V
---- ✂️ ----
|
|
---- ✂️ ----
📌 News and configuration changes
The configuration version on MikroTik increased to 85, current configuration may need modification. Please review and update global-config-overlay, then re-run global-config.
Changes:
● Support for e-mail notifications moved to a module. It is installed automatically if required.
● Dropped 'netwatch-syslog', filtering in firewall is advised.
---- ✂️ ----
|
|
|
|
|
|
|
|
Oops... 😳
This sneaked in with initial commit 862417b8d32f6eef1c05ba9137fe2a7f14436987
("add 'ipsec-to-dns'").
|
|
The prefix "CN=" is now added in RouterOS 7.6... Let's match with and
without the prefix in comment.
|
|
This broke in commit 6f772e92a616acb15bdef8ab7b7bfdb9d002bfeb
("netwatch-notify: rename array element") where not only the array
element but also the option was renamed.
|
|
Why hammer on another service? The tunnelbroker response contains the
address we need. So send the update every time, and use that
information.
|
|
This is a good condidate:
https://showipv6.de/
We can drop the cloud code, which seems to be unreliable in somd
situations.
|
|
|
|
Looks like fetch command has a timing issue with the tunnelbroker
endpoint... We have to try several times to work around this.
Consider the update failed on third error.
|
|
|
|
|
|
... if requested, but keep output and logs.
|
|
|
|
This is no longer used as 'netwatch-syslog' is gone.
|
|
This was undocumented and scripts did never catch up with general
quality expectations, for example global-config and global functions
were not used.
If you need the code get it from git history. 😜
|
|
To filter in firewall you should use something like this:
/ip/firewall/filter/add action=reject chain=output out-interface-list=WAN port=514 protocol=udp reject-with=icmp-admin-prohibited;
/ip/firewall/filter/add action=reject chain=forward out-interface-list=WAN port=514 protocol=udp reject-with=icmp-admin-prohibited;
|
|
|
|
|
|
|
|
|
|
This should relax the error message a bit as it is not triggered
on first failure.
|
|
https://en.wikipedia.org/wiki/MAC_address#Universal_vs._local_(U/L_bit)
|
|
|
|
|
|
|
|
Flushing the mail queue with resolver issues can flood the log with
messages like:
e-mail;error Error sending e-mail <=?utf-8?Q?[MikroTik] =F0=9F=92=BE=E2=98=81 Cloud backup?=>: DNS resolve failed
Try to avoid this...
|
|
|
|
This broke with:
* doc/netwatch-dns: giving hostname in comment is not required
9853943a365639f675fba0bb9c1d64b7edfd00d7
|
|
So let's check for the correct one, and drop the other.
|
|
|
|
|
|
Monitoring a VPN (or similar) may be tricky: This used to send notifications
if the physical connection recovered, but the VPN and/or its routing did not
yet. Let's work around and send notification only if the parent is up
for at least three checks.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
... and also update all version numbers to match current release.
|
|
|
|
Some devices (with bad temperature sensort?) still product a flood of
notifications... Try to avoid that.
|
|
|
|
|
|
This is available in RouterOS 7.x...
Signed-off-by: Christian Hesse <mail@eworm.de>
|
|
This is available in RouterOS 7.x...
Signed-off-by: Christian Hesse <mail@eworm.de>
|