MiktoTik first steps through console
Commands split into hierarchical groups. Commands can be executed by going to the needed place in hierarchy (for example "ip" , then "route", then "print") or directly (just type "ip route print").
Prompt changes to show you current location inside hierarchy.
.. and / can be used to execute commands from other levels.
print command is used to show item names along with item numbers (interface print). Items are interfaces, ports etc. Item numbers are assigned on a per session basis, they will remain the same until you quit the console or until the next print command is executed.
set command is used to change properties of items using item number or name. Also one set command allows using of comma separated list of item numbers (like: interface set 0,1,3 mtu=1400)
Tab can be used to complete commands and command abbreviations are also allowed.
Commands common to nearly all levels of menu are:
- print / set / find / get / export / enable / disable / comment
- remove - removes item from the list
- add - same as set but adds new item with the specified number
- edit - associated with set command and used to edit values and properties containing large amount of text
- move - changes the order of items in list
The console has a built-in help, which can be accessed by typing ?. Help topic shown is about item on the left of ? sign.
You not need to save config. Config saved automatically when you click OK in winbox or press enter in terminal.
MikroTik has Winbox utility for administering but because of many reports of hacker attacks it is safer to use setup over SSH console - if using default firewall rules. Or if want to use Winbox - change default Winbox port and remove default user (before that add other user with admin privileges) and also allow Winbox access only from trusted IP addresses.
To enable or disable system port of MikroTIk:
> ip service
ip service> print
ip service> set 0,2,5 disable=yes #disables
ip service> set 3 disable=no #enables
To view firewall rules:
/ip firewall> filter print
Add address to the needed address-list:
Add address to the needed address-list:
/ip firewall address-list> add list=Needed_IP_list address=8.8.8.8
Remove IP from the list:
/ip firewall address-list> remove 20
Print IP addresses in a group:
/ip firewall address-list> print where list=Needed_IP_list
Remove IP from the list:
/ip firewall address-list> remove 20
Print IP addresses in a group:
/ip firewall address-list> print where list=Needed_IP_list
No comments:
Post a Comment