We use Ubiquiti's CRM for billing in our company.

We needed to access the database to extract a bit of information not included in the API.

I figured out how to do this.

HERE IS A PDF Access UCRM Database.pdf (87.15 kb)

Let me start with:

THIS IS A VERY DANGEROUS THING TO DO.  DO NOT DO THIS UNLESS YOU ARE COMPLETELY COMFORTABLE WITH DATABASE ACCESS AND POSSIBLY LOSING YOUR DATA!

Now that the warning is out of the way, here we go.

1. Install Apache2: sudo apt install apache2 <-- this will throw an error.  We will fix this in the next 2 steps
2. Change Apache2 port number in: sudo nano /etc/apache2/ports.conf
3. Start Apache2: sudo service apache2 start
4. Install the public key for the pgAdmin4 repository (if not done previously): sudo curl https://www.pgadmin.org/static/packages_pgadmin_org.pub | sudo apt-key add
5. Create the repository configuration file: sudo sh -c 'echo "deb https://ftp.postgresql.org/pub/pgadmin/pgadmin4/apt/$(lsb_release -cs) pgadmin4 main" > /etc/apt/sources.list.d/pgadmin4.list && apt update'
6. Install pgAdmin4: sudo apt install pgadmin4-web 
7. Configure the webserver: sudo /usr/pgadmin4/bin/setup-web.sh
8. Add IP address restriction to pgAdmin4 directory for an extra layer of security
1. sudo nano /etc/apache2/conf-enabled/pgadmin4.conf
2. Change "Require all granted" to "Require ip your.office.ip.here"
9. Restart Apache2: sudo service apache2 restart
10. Get UCRM postgres DB IP and password:
1. container=`sudo docker ps | grep postgres | awk '{print $1;}'`; sudo docker inspect "$container" | grep '"IPAddress": "172\|UCRM_POSTGRES_PASSWORD'
2. sudo docker ps
3. sudo docker inspect ID xxxxx  <---- WHERE xxxxx is the ID of the docker referencing postgres
4. Look towards top for UCRM DB password
5. Look towards bottom for docker IP
11. Open web browser to: http://ucrm.ip.address.here:customPort/pgadmin4
12. Create new "Server"
1. Give it a name: "UCRM"
2. On the Connection tab:
1. Hostname: The IP from Step 10.3
2. Username: ucrm
3. Password: The password from Step 10.2
4. Save Password: yes.
13. If all goes correctly, you should have direct DB access to the database

14. DO NOT SCREW UP YOUR DATABASE!  I WARNED YOU!

15. Have fun.

I needed to add a VLAN to each interface on a large number of Mikrotik switches.  This is the script I worked up:

/interface bridge add name=Management disabled=no; 
:foreach i in=[/interface ethernet find] do={ 
  :local ifname [/interface get $i default-name]; 
  /interface vlan add interface=$i vlan-id=100 name=($ifname.".0100") disabled=no; 
  /interface bridge port add bridge=Management interface=($ifname.".0100") disabled=no; 
}

I had an issue today that was a bit of a challenge.  We installed 3 new access points but forgot to login to them beforehand and setup their VLANs and credentials.

1. My solution was: export a .cfg from an existing access point
2. SSH from router at the tower to the AP on 192.168.1.20
3. Add DNS resolution to AP
4. WGET the working config to the AP.
5. Apply changes
6. Reboot.

echo "nameserver 8.8.8.8" > /etc/resolv.conf
cd /tmp/
wget http://server/dir/cfg.txt
cp ap.txt system.cfg
cfgmtd -f /tmp/system.cfg -w
reboot

plink.exe -ssh -pw ubnt ubnt@192.168.0.30 "tcpdump -ni ath0 -s 0 -w - not port 22" | "C:\Program Files\Wireshark\Wireshark.exe" -k -i -

Reference: https://community.ubnt.com/t5/airOS-Software-Configuration/FEATURE-REQUEST-Packet-sniffer-Tools/m-p/1733948/highlight/true#M45359

One of my buddies asked for a script that would e-mail him the usage from his Mikrotik users.

I whipped this up to help him take care of it.

It assumes that you have simple queues for each user.

#
# Nightly E-mail Usage - Jim Bouse - Brazos WiFi - 2017-12-7
#


:local identity [/system identity get name];
:local email "asdf@asdf.com";
:local subject "Usage Report - $identity";
:local body "";

:put "Starting E-mail Usage Script";

:foreach queue in=[/queue simple find] do={
  :local bytes [/queue simple get $queue bytes];
  :local target [/queue simple get $queue target];
  :local name [/queue simple get $queue name];
  :local ul [:pick $bytes 0 [:find $bytes "/"]];
  :local dl [:pick $bytes ([:find $bytes "/"]+1) [:len $bytes] ];

  # Divide bytes by 1000 to get kB
  :set ul ($ul/1000);
  :set dl ($dl/1000);

  # Divide kB by 1000 to get MB
  :set ul ($ul/1000);
  :set dl ($dl/1000);

  :local line "$target - $name - $dl/$ul\n";
  :set body "$line$body";

  /queue simple reset-counters $queue;
}
:put "Sending e-mail";
/tool e-mail send to=$email subject=$subject body=$body;
:put "Sent e-mail";

Edit this text file to include your e-mail instead of asdf@asdf.com.  Then paste the whole TXT file contents into a terminal window for your Mikrotik.  It will create the script and set it to send daily at 11:50PM.

Nightly E-mail Usage.txt (1.46 kb)

I recently reset my Samsung S7 Active to solve a bug. After the reset, my SMS messages were being added to my e-mail account inbox. 

To fix it, I did these steps:

Go to Settings -> Applications -> tap the 3 dots in the upper right -> App Permissions -> tap SMS -> turn off E-mail. 

I hope this helps some folks.

We have been switching to the UBNT EP-S16 on our towers instead of running cables down to the router at the bottom.  To segment things, you need to use VLANs.

This code snippet will create 16 VLANs on Port 3 of a Mikrotik with VLAN IDs of 1001-1016.

:for x from=1001 to=1016 do={/interface vlan add interface=ether3 vlan-id="$x" name="ether3.$x"}

In Beta 19 release of AirControl2, Ubiquiti migraded to posgres database for storage.  Much of it is stored in JSON format inside a table row but it is queryable.

To begin you'll need to get to the postgres prompt:

/opt/Ubiquiti/AirControl2/pgsql/bin/psql -U ubnt -d ac2

Then, you can query things out of the nodes table with this:

select nodeid, data->'element'->>'status' as status, data->'element'->>'ip' as ip, data->'element'->>'hostname' as hostname, data->'element'->>'mac' as mac from ac2.nodes where data #>> '{element, status}' = '2' order by data->'element'->>'ip';

Reference:
http://community.ubnt.com/t5/airControl-2-Beta/AC2-Beta-19-Database-Cleanup-Pruning/m-p/1499315/highlight/true#M10692
http://community.ubnt.com/t5/airControl-2-Beta/Export-AC-data/m-p/1533354#U1533354 

I use the Tycon web monitor to watch my batteries at the tower sites for my WISP.  I also use Zabbix for my monitoring.

Attached is the XML template that I worked up.

If anyone has suggestions/changes, let me know.

zbx_template_TYCON_TPDIN-Monitor-WEB.xml (34.64 kb)

I recently had a customer of my WISP ask if we could give her a way to log when her employees are working remotely.  She doesn't have a huge infrastructure with sophisticated logging abilities.  She felt that her employees were claiming to work when they really weren't even logged in.

This is a two part script.  One part runs on the Mikrotik, the other as a PHP script running on their server in the office.

Part 1(a) "create a script called 'vpn-log' on the Mikrotik":

:local urlRoot "http://192.168.99.22:82/?users=";

:foreach i in=[/interface find where type="pptp-in"] do={ 
  :local pptpName [/interface get $i name];
  :local userName [:pick $pptpName ([:find $pptpName "-"]+1) [:find $pptpName ">"]];
  set urlRoot ($urlRoot.$userName.",");
}
/tool fetch url="$urlRoot" keep-result=no

Part 1(b) "create the schedule":

/system scheduler add interval=1m name="Run vpn-log" on-event="/system script run vpn-log" \
    policy=\
    ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api \
    start-time=startup

<?php
date_default_timezone_set('America/Chicago');

$string_data = file_get_contents("current_users_DONT_DELETE.txt");
$currentUsers = unserialize($string_data);

$userArr = explode(",", $_GET['users']);
file_put_contents("current_users_DONT_DELETE.txt", serialize($userArr));

foreach ($currentUsers as $currentUser) {
	if ($currentUser !== "") {
		if (!file_exists($currentUser)) {
			mkdir($currentUser, 0777, true);
		}
		if (!in_array($currentUser, $userArr)) {
			file_put_contents($currentUser."/".date("Y-m-d").".txt", $currentUser . " - Log Out ".date('h:i A')."\r\n", FILE_APPEND);
			echo $currentUser . " - Log Out ".date('h:i A')."<BR>";
		}
	}
}

foreach ($userArr as $user) {
	if ($user !== "") {
		if (!file_exists($user)) {
			mkdir($user, 0777, true);
		}
		if (!in_array($user, $currentUsers)) {
			file_put_contents($user."/".date("Y-m-d").".txt", $user . " - Log In ".date('h:i A')."\r\n", FILE_APPEND);
			echo $user . " - Log In ".date('h:i A')."\n";
		}
	}
}
?>