RouterBoard MikroTik
De Linuxmemo.
(Différences entre les versions)
		
		
|  (→IP) |  (→IP) | ||
| Ligne 80 : | Ligne 80 : | ||
|   ssh -- SSH settings |   ssh -- SSH settings | ||
|   tftp -- TFTP |   tftp -- TFTP | ||
| - |   '''traffic-flow''' -- Traffic-Flow is a system that provides statistic information about packets which pass through | + |   *'''traffic-flow''' -- Traffic-Flow is a system that provides statistic information about packets which pass through | 
|   the router to extern NTop program (for example).   |   the router to extern NTop program (for example).   | ||
|   As Traffic-Flow is compatible with Cisco NetFlow, it can be used with various utilities which are designed for Cisco's NetFlow.   |   As Traffic-Flow is compatible with Cisco NetFlow, it can be used with various utilities which are designed for Cisco's NetFlow.   | ||
Version du 21 novembre 2016 à 23:51
| Sommaire | 
Manuel
http://wiki.mikrotik.com/wiki/Manual:TOC
certificate -- Certificate management disk -- list all attached storage devices (non disponible pour RS450 car aucun usb/sd slot) driver -- Driver management (non disponible pour RS450 car tous les drivers sont déjà chargés) file -- Local router file storage. interface -- Interface configuration ip -- IP options ipv6 -- log -- System logs metarouter -- virtualisation de routeurs (non disponible pour RS450) mpls -- partitions -- (non pertinent pour RS450 car 1 seule partition est disponible) port -- Serial ports queue -- Bandwidth management radius -- Radius client settings routing -- snmp -- SNMP settings system -- tool -- Diagnostics tools user --
Commands and Scripting
http://wiki.mikrotik.com/wiki/Manual:Scripting
System
backup -- Makes a full system backup check-installation -- Check installed packages clock -- Print/change system date and time console -- Connection over serial port default-configuration -- health -- Router health history -- Command history identity -- System identity leds -- license -- Licensing information logging -- Global logging configuration note -- Login note ntp -- package -- Software packages reboot -- Restart the router reset-configuration -- resource -- System resources routerboard -- Routerboard options scheduler -- Schedule scripts to be run at times script -- Scripting management serial-terminal -- Serial Terminal shutdown -- Shut the router down ssh -- SSH client sup-output -- Create support output file telnet -- Run Telnet upgrade -- Router upgrading watchdog -- Watchdog
IP
*accounting -- Traffic accounting address -- Address management arp -- ARP entries management cloud -- ddns dhcp-client -- DHCP client settings dhcp-relay -- DHCP relay settings dhcp-server -- DHCP server settings dns -- DNS settings - This is a simple DNS cache with local items (provide fake DNS information to your network clients). firewall -- Firewall management hotspot -- HotSpot servers management ipsec -- IP security neighbor -- Neighbors packing -- Packet packing settings pool -- IP address pool proxy -- performs proxying of HTTP and HTTP-proxy (for FTP and HTTP protocols) requests. route -- Route management service -- IP services settings -- IP Settings allows to configure several IP related kernel parameters. smb -- socks -- SOCKS version 4 proxy ssh -- SSH settings tftp -- TFTP *traffic-flow -- Traffic-Flow is a system that provides statistic information about packets which pass through the router to extern NTop program (for example). As Traffic-Flow is compatible with Cisco NetFlow, it can be used with various utilities which are designed for Cisco's NetFlow. upnp -- Universal Plug and Play
Tools
bandwidth-server -- Bandwidth tester service bandwidth-test -- Run bandwidth test to remote router dns-update -- Dynamic DNS update e-mail -- fetch -- flood-ping -- Send a lot of ICMP Echo packets and wait for response graphing -- System resource and traffic graphing ip-scan -- mac-scan -- Scan for MAC addresses mac-server -- MAC Telnet Server mac-telnet -- MAC Telnet Client netwatch -- Network watching tool ping-speed -- The ICMP bandwidth test profile -- shows CPU usage for each process running in RouterOS. *romon -- sms -- sniffer -- Packet sniffering torch -- Realtime traffic monitor traceroute -- Trace route to host traffic-generator -- traffic-monitor -- The traffic monitor tool wol --
how to generate SSL certificate and enable HTTPS
https://blog.a2o.si/2015/08/11/mikrotik-how-to-generate-ssl-certificate-and-enable-https/
1. Create CA certificate first: /certificate add name=my-rtr-ca common-name=my-rtr-ca key-usage=key-cert-sign,crl-sign 2. Sign the CA certificate: /certificate sign my-rtr-ca 3. Now create a regular certificate for HTTPS access: /certificate add name=my-rtr common-name=my-rtr 4. Sign it with CA from steps 1&2: /certificate sign ca=my-rtr-ca my-rtr OPTIONAL: Mark it as trusted (I did not need to do this, but internets beg to differ:): /certificate set trusted=yes my-rtr-ca /certificate set trusted=yes my-rtr 5. And finally, assign the new certificate to HTTPS service: /ip service set www-ssl certificate=my-rtr
Astuces
- lister les utilisateurs actuellement logger sur le RouterBoard
/user active print
- Afficher la valeur d'un item (exemple "enabled")
:put [/ip accounting get enabled]; ou dans le contexte /ip accounting :put [get enabled]; false
- Avoir une idée de quels "hosts" sont les plus consommateurs de bande passante (via accounting)
1) activation de l'accounting /ip accounting set account-local-traffic=yes enabled=yes /ip accounting web-access set accessible-via-web=yes address=192.168.0.0/24 2) réaliser un "snapshot" /ip accounting snapshot take 3) visualiser le "snapshot" réalisé /ip accounting snapshot print 4) désactivation /ip accounting set account-local-traffic=no enabled=no
la page "web-access" est disponible a cette url (attention uniquement en http et pas https) http://IPduRouteur/accounting/ip.cgi
- informations sur le routeur
/system routerboard print /system routerboard settings print /system license print /system resource monitor #charge cpu en temps réel /system resource print #toutes les ressources uptime, hdd, memory... /tool profile # shows CPU usage for each process running in RouterOS.
- faire une résolution DNS
:put [:resolve "www.google.fr"];
- faire un ping
:ping 192.168.0.1
