Add a VLAN to each ethernet interface in Mikrotik

by Jim Bouse 24. October 2019 07:46

I needed to add a VLAN to each interface on a large number of Mikrotik switches.  This is the script I worked up:

/interface bridge add name=Management disabled=no; 
:foreach i in=[/interface ethernet find] do={ 
  :local ifname [/interface get $i default-name]; 
  /interface vlan add interface=$i vlan-id=100 name=($ifname.".0100") disabled=no; 
  /interface bridge port add bridge=Management interface=($ifname.".0100") disabled=no; 


Mikrotik | WISP


Advanced config on remote UBNT AP with WGET

by Jim Bouse 9. October 2018 15:16

I had an issue today that was a bit of a challenge.  We installed 3 new access points but forgot to login to them beforehand and setup their VLANs and credentials.

  1. My solution was: export a .cfg from an existing access point
  2. SSH from router at the tower to the AP on
  3. Add DNS resolution to AP
  4. WGET the working config to the AP.
  5. Apply changes
  6. Reboot.
After doing that, the AP came up on the correct VLAN and pulled a management IP from the management VLAN.
echo "nameserver" > /etc/resolv.conf
cd /tmp/
wget http://server/dir/cfg.txt
cp ap.txt system.cfg
cfgmtd -f /tmp/system.cfg -w



Packet capture from airMax device

by Jim Bouse 26. January 2018 13:20

plink.exe -ssh -pw ubnt ubnt@ "tcpdump -ni ath0 -s 0 -w - not port 22" | "C:\Program Files\Wireshark\Wireshark.exe" -k -i -

Reference: https://community.ubnt.com/t5/airOS-Software-Configuration/FEATURE-REQUEST-Packet-sniffer-Tools/m-p/1733948/highlight/true#M45359



Mikrotik Nightly Usage E-mail Script

by Jim Bouse 7. December 2017 08:12

One of my buddies asked for a script that would e-mail him the usage from his Mikrotik users.

I whipped this up to help him take care of it.

It assumes that you have simple queues for each user.

# Nightly E-mail Usage - Jim Bouse - Brazos WiFi - 2017-12-7

:local identity [/system identity get name];
:local email "asdf@asdf.com";
:local subject "Usage Report - $identity";
:local body "";

:put "Starting E-mail Usage Script";

:foreach queue in=[/queue simple find] do={
  :local bytes [/queue simple get $queue bytes];
  :local target [/queue simple get $queue target];
  :local name [/queue simple get $queue name];
  :local ul [:pick $bytes 0 [:find $bytes "/"]];
  :local dl [:pick $bytes ([:find $bytes "/"]+1) [:len $bytes] ];

  # Divide bytes by 1000 to get kB
  :set ul ($ul/1000);
  :set dl ($dl/1000);

  # Divide kB by 1000 to get MB
  :set ul ($ul/1000);
  :set dl ($dl/1000);

  :local line "$target - $name - $dl/$ul\n";
  :set body "$line$body";

  /queue simple reset-counters $queue;
:put "Sending e-mail";
/tool e-mail send to=$email subject=$subject body=$body;
:put "Sent e-mail";


Edit this text file to include your e-mail instead of asdf@asdf.com.  Then paste the whole TXT file contents into a terminal window for your Mikrotik.  It will create the script and set it to send daily at 11:50PM.

Nightly E-mail Usage.txt (1.46 kb)




Stop SMS messages showing up in your Android device e-mail

by Jim Bouse 14. November 2017 19:30

I recently reset my Samsung S7 Active to solve a bug. After the reset, my SMS messages were being added to my e-mail account inbox. 


To fix it, I did these steps:

Go to Settings -> Applications -> tap the 3 dots in the upper right -> App Permissions -> tap SMS -> turn off E-mail. 


I hope this helps some folks.



Create Lots of VLANs on a Mikrotik Port

by Jim Bouse 29. May 2017 11:53

We have been switching to the UBNT EP-S16 on our towers instead of running cables down to the router at the bottom.  To segment things, you need to use VLANs.

This code snippet will create 16 VLANs on Port 3 of a Mikrotik with VLAN IDs of 1001-1016.

:for x from=1001 to=1016 do={/interface vlan add interface=ether3 vlan-id="$x" name="ether3.$x"}


Mikrotik | WISP


Query data in AirControl2 database

by Jim Bouse 17. April 2016 12:37

In Beta 19 release of AirControl2, Ubiquiti migraded to posgres database for storage.  Much of it is stored in JSON format inside a table row but it is queryable.

To begin you'll need to get to the postgres prompt:

/opt/Ubiquiti/AirControl2/pgsql/bin/psql -U ubnt -d ac2

Then, you can query things out of the nodes table with this:

select nodeid, data->'element'->>'status' as status, data->'element'->>'ip' as ip, data->'element'->>'hostname' as hostname, data->'element'->>'mac' as mac from ac2.nodes where data #>> '{element, status}' = '2' order by data->'element'->>'ip';




Zabbix template for Tycon TPDIN-Monitor-WEB

by Jim Bouse 10. September 2014 16:53

I use the Tycon web monitor to watch my batteries at the tower sites for my WISP.  I also use Zabbix for my monitoring.

Attached is the XML template that I worked up.

If anyone has suggestions/changes, let me know.

zbx_template_TYCON_TPDIN-Monitor-WEB.xml (34.64 kb)



Mikrotik Workplace VPN Logging

by Jim Bouse 8. September 2014 10:41

I recently had a customer of my WISP ask if we could give her a way to log when her employees are working remotely.  She doesn't have a huge infrastructure with sophisticated logging abilities.  She felt that her employees were claiming to work when they really weren't even logged in.


This is a two part script.  One part runs on the Mikrotik, the other as a PHP script running on their server in the office.

Part 1(a) "create a script called 'vpn-log' on the Mikrotik":

:local urlRoot "";

:foreach i in=[/interface find where type="pptp-in"] do={ 
  :local pptpName [/interface get $i name];
  :local userName [:pick $pptpName ([:find $pptpName "-"]+1) [:find $pptpName ">"]];
  set urlRoot ($urlRoot.$userName.",");
/tool fetch url="$urlRoot" keep-result=no

Part 1(b) "create the schedule":

/system scheduler add interval=1m name="Run vpn-log" on-event="/system script run vpn-log" \
    ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api \

Part 2 "create the PHP file":


$string_data = file_get_contents("current_users_DONT_DELETE.txt");
$currentUsers = unserialize($string_data);

$userArr = explode(",", $_GET['users']);
file_put_contents("current_users_DONT_DELETE.txt", serialize($userArr));

foreach ($currentUsers as $currentUser) {
	if ($currentUser !== "") {
		if (!file_exists($currentUser)) {
			mkdir($currentUser, 0777, true);
		if (!in_array($currentUser, $userArr)) {
			file_put_contents($currentUser."/".date("Y-m-d").".txt", $currentUser . " - Log Out ".date('h:i A')."\r\n", FILE_APPEND);
			echo $currentUser . " - Log Out ".date('h:i A')."<BR>";

foreach ($userArr as $user) {
	if ($user !== "") {
		if (!file_exists($user)) {
			mkdir($user, 0777, true);
		if (!in_array($user, $currentUsers)) {
			file_put_contents($user."/".date("Y-m-d").".txt", $user . " - Log In ".date('h:i A')."\r\n", FILE_APPEND);
			echo $user . " - Log In ".date('h:i A')."\n";

Note: This only shows when people log in/out of the VPN.  It has no way to know if they actually worked.  Additionally the PHP script needs write access to the directory it is in.


Mikrotik | PHP | WISP


Make UBNT device use a single polarity.

by Jim Bouse 16. December 2013 11:36

FYI in /tmp/system.cfg (configuration file):

radio.1.txchainmask=[bit mask]
radio.1.rxchainmask=[bit mask]

Where bit mask means which chain/chains to enable:

1(0bit) - chain0

2(1bit) - chain1

4(2bit) - chain2

So you can make combinations like 1 and 4 = 5, means chain0 and chain2 enabled. And so on.

NOTE: Chains are HW specif, not all have all chains or the same chains.

I guess my sample will help to make live easier and avoid custom scripts to be installed.


Lifted from: http://community.ubnt.com/t5/Installation-Troubleshooting/iwpriv-to-make-2x2-devices-work-like-1x1/m-p/657119/highlight/true#M57052


Ubiquiti | WISP

Powered by BlogEngine.NET
Original Design by Laptop Geek, Adapted by onesoft