Downloads


Downloads for MikroTik Routers


Security Related


Script_Icon Block Russian Federation by IP Address  – This is a prefix list of all of the subnets allocated to the Russian Federation and will drop all traffic to and from those subnets via the Layer 3 Firewall (IP -> Firewall -> Filter). This is a very large script that will only work on routers with sufficient CPU and memory resources.

Script_Icon MikroTik DNS Attack Prevention Rev 3.0 – This script will help ward off unwanted users and DDoS type attacks when using MikroTik’s DNS Proxy. This script is also useful for closing open DNS resolvers.

MikroTik DNS Attack Prevention Rev 4.0 (Firewall Filter) – Provides protection for the the router’s DNS proxy and the LAN DNS traffic that is not using the router as a proxy.

Script_Icon RWF MikroTik Firewall 4.0 (Free Version) – Read the instructions included in the text file CAREFULLY before applying this firewall to your router.

Script_Icon RFC MikroTik Firewall 5.0 (Free Version) – Read the instructions included in the text file CAREFULLY before applying this firewall to your router.

 RFC MikroTik Firewall 6.0 for IPv4 (Free Version) – Make sure you test this on a non production router first so that you can see how all of the pieces work together before you go live with it. You will need to set the Interface List ports and scrutinize the address lists.

 RFC MikroTik Firewall 6.1 for IPv4 (Free Version) – This update fixes several syntax errors and moves as many rules to the RAW section as it makes sense to do. A few problematic rules have been omitted.

 RFC MikroTik Firewall 6.1 for IPv4 – Lite Edition (Free Version) – In the Lite Edition, the scripts and address lists that are CPU intensive have been omitted so that this can be used on less powerful routers.

Script_Icon RWF – Basic Failover with Netwatch –  This is a script to be added to a router which has two Internet connections coming in as DHCP. This will provided fail-over redundancy. It can be easily modified to handle a static IP scenario or a mixed environment.

Script_Icon Virus_Chain_Only – Virus Script used in class. (Not a complete firewall)

RFC ICMP Protection Chain–  Not a complete firewall

RFC Port Scan Protection Chain– Not a complete firewall

RFC Login Brute Force Protection Chain– Not a complete firewall

RFC Protect ROS Services– Not a complete firewall

RFC Unusual Protocols Chain– Not a complete firewall

RFC BOGON Chain – Not a complete firewall. This contains the filter rules and the address list.

Script_Icon RFC_BOGON_Short_List – Address List Only


QoS Related


Script_Icon RWF Traffic Prioities Rev 3.1 – This script will change how your router prioritizes traffic based on the DSCP values of 0-7 (7 being the highest priority). Some of the rules affect the “priority” without changing the DSCP value. You will likely want to customize this to your needs. This script will also affect WMM and HT AMPDU priorities.

Script_Icon RFC-Traffic-Prioities-Rev-4.0 – This script will change how your router prioritizes traffic based on the DSCP values of 0-7 (7 being the highest priority). Some of the rules affect the “priority” without changing the DSCP value. You will likely want to customize this to your needs. This script will also affect WMM and HT AMPDU priorities.

Script_Icon MikroTik Simple Queue for VOIP – This script is applicable in SOHO environments where VOIP needs to have bandwidth carved out of the total to keep the call quality high. All other LAN traffic is handled with a PCQ so that other devices on the network share the bandwidth equally.

Script_Icon RFC Video Streaming Services – Address list only for QoS applications

Script_Icon Convert L2 QoS to L3 QoS Rev 1.0 – Converts the QoS value from the L2 header of a frame to the L3 ToS/ DSCP value in the packet

Script_Icon Convert L3 QoS to L2 QoS Rev 1.0 – Converts the QoS value from the L3 ToS/ DSCP value in the packet to the L2 header of a frame

Script_Icon RFC Identify Apple Updates – This script identifies Apple update servers so that they can be rate limited, paused, or blocked. The final action is not built out.

Script_Icon RFC Identify Microsoft Updates – This script identifies Microsoft update servers so that they can be rate limited, paused, or blocked. The final action is not built out.


Notifications & Tools


Script_Icon MikroTik Bad Block Detection – Detects bad blocks on the router and send an email to the network administrator. I recommend running this script on all of your routers!

Script_Icon MikroTik Ethernet Error Detection – Detects 21 different problems with Ethernet links that will likely indicate a problem. This script is large (about 700+ lines) so you will need to copy and paste in smaller sections. I stopped at 13 Ethernet ports. If you have less, just remove the unneeded sections. If you have more, than you will need to do so coping and pasting 😉 The connection speed is set to 100Mbps by default. If you are using something different you will want to run a replace command in a text editor.

Script_Icon Send Logs Via e-mail – This is a script to receive logs from your router on a daily basis. The interval of updates can easily be adjusted in the System Scheduler.

Script_Icon MikroTik DHCP Alerts Script – This script will detect Rouge DHCP servers and alert the network administrator.

Script_Icon MikroTik Auto Upgrade Script – This is a script that can be applied to all other MikroTik devices on your network. Once a day, they will check some given router on your network and if there is a new package loaded in the files directory of that router, then it will download it and install it automatically.


Other Downloads


Cheatsheet_Icon Routing Cheet Sheet – Subnet Cheat Sheet

Routing_worksheet_Icon Routing Worksheet – Worksheet to help teach static routing

BGP Cheet Sheet – Cheat Sheet for BGP Metrics

MikroTik RouterOS v7 Commonly Used Filters – Helpful refrences for working with the routing filters.

 Decimal to Binary Conversion Worksheet – Worksheet used in some of my classes

 DHCP Options – List of DHCP options with the most commonly used highlighted

MikroTik Wireless Cheetsheet

Packet Flow Diagram – Best packet flow diagram to date (ROS 6.x)

IPSEC_Worksheet_Icon IPSEC Worksheet – Worksheet for building IPSEC tunnels with MikroTik

Recursive Routing Worksheet  – Worksheet that I use in some of my classes to help teach Recursive Routing

 ISP Gross Revenue – Chart showing the gross revenue an ISP can expect based on the number of customers

  ROSv6 – OSPFv2 Cheat Sheet – Cheets sheet that has all of the pertinent OSPF info for ROS 6.x and eariler.

  Packet Capture Checklist – This checklist is composed of packet captures that can easily be created using only Mikrotik routers. If you can build each one of these network structures and perform a successful packet capture then you will find yourself ahead of 97% of your peers. I highly recommend turning this into a game and competing with your co-workers. You’ll be amazed by how fast your team grows from these exercises.

  Multicast Address Space – The overall allocation of multicast address space

  Multicast Address Space – Local Network Control Block


Packet Captures (In .zip file)


Layer 2

 MAC_Telent

Wireshark_icon MAC_Winbox

Wireshark_icon ARP Packets

CDP Packets

MNDP Pakets

DHCP_Packets

MikroTik_PPPoE

MikroTik_VLAN

MikroTik_VLAN_QnQ

Layer 3

Wireshark_icon Packet_Capture_OSPF_Broadcast_Association

Wireshark_icon Packet_Capture_OSPF_NBMA_Association

Wireshark_icon Packet_Capture_OSPF_PTMP_Association

Wireshark_icon Packet_Capture_OSPF_PTP_Association

Wireshark_icon BGP

Wireshark_icon ICMP_Net_Unreachable

Wireshark_icon ICMP_Admin_Prohibited

Wireshark_icon ICMP_Host_Unreachable

Wireshark_icon ICMP_TTL_Exceeded

Wireshark_icon ICMP_Timeout

Wireshark_icon Bandwidth Test-UDP

Wireshark_icon Bandwidth TestUDP – Random

Wireshark_icon Bandwidth Test-TCP

Wireshark_icon Bandwidth TestTCP – Random

Wireshark_icon Flood Ping

Wireshark_icon Ping_Speed

MikroTik_Telnet

MikroTik_SSH

MikroTik_FTP

DNS Packets

ESP Packets

NTP Packets

NTP Packets 1

MikroTik_EOIP_No_Encryption

MikroTik_EOIP_With_IPSEC

MikroTik_GRE_No_Encryption

MikroTik_GRE_With_IPSEC

MikroTik_IPIP_No_Encryption

MikroTik_IPIP_With_IPSEC

MikroTik_PPTP_MSCHAP2

MikroTik_L2TP_Without_IPSEC1

MikroTik_L2TP_With_IPSEC

MikroTik_SSTP_Without_Certificate

MikroTik_SSTP_With_Certificate

MikroTik_SSTP_With_Certificate_And_PFS

MikroTik_OVPN_With_Default_Settings

MikroTik_OVPN_With_BCP


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

4 thoughts on “Downloads