- PUBLIC METHODS
- ACCESSORS
- SEMI-PUBLIC METHODS
- ABOUT
- BUGS
MikroTik is a Latvian manufacturer that develops routers and software used throughout the world. RouterOS is its Linux-based operating system. The vulnerability, a MikroTik RouterOS SMB buffer overflow flaw, allows a remote attacker with access to the service to gain code execution on the system.
MikroTik::API - Client to MikroTik RouterOS API
Version 2.0.1
CAUTION: Dependencies change with version 2.0.0. MikroTik::API now relies on Moo instead of Moose. Please be sure, dependencies are met before upgrading.
new( %config )
$api->connect()
Connect happens on construction if you provide host address
$api->login()
Connect happens on construction if you provide host address, username and password
$api->logout()
$api->cmd( $command, %attributes )
$api->query( $command, %attributes, %conditions )
$api->get_by_key( $command, $keycolumn )
$api->get_host(), $api->set_host( $hostname )
$api->get_port(), $api->set_port( $portnumber )
$api->get_username(), $api->set_username( $username )
$api->get_password(), $api->set_password( $password )
$api->get_use_ssl(), $api->set_use_ssl( $zero_or_one )
$api->get_ssl_verify(), $api->set_ssl_verify( $zero_or_one )
$api->get_new_auth_method(), $api->set_new_auth_method( $zero_or_one )
DEPRECATED: does not have any effect any longer. Login looks up wether new method is possible and falls back to old method. This parameter will be removed in future. Auth method changed in RouterOS v6.43+ (https://wiki.mikrotik.com/wiki/Manual:API#Initial_login) and reduces login by one call but sends password in plaintext.
$api->get_autoconnect(), $api->set_autoconnect( $zero_or_one )
$api->get_socket(), $api->set_socket( $io_socket )
If you need to use an existing socket for the API connection.
$api->get_debug(), $api->set_debug( $int )
$api->get_timeout(), $api->set_timeout( $seconds )
Abort connect after $seconds of no reply from MikroTik. This _will not_ affect lost connections. Use probe_before_talk for this.
$api->get_probe_before_talk(), $api->set_probe_before_talk( $seconds )
Use this attribute to enable a test command with timeout to ensure that the connection is still alive before sending the actual command. This is very useful for long lasting connections that may get disconnected while idling. A broken connection will not be recognized otherwise, because the socket still exists and the command will last forever. The advantage over a common timeout for all commands is that long lasting commands are still possible. Set this to 0 if you use many consequent commands and reenable it after completion.
$api->get_reconnect_after_failed_probe(), $api->set_reconnect_after_failed_probe( $zero_or_one )
If connection is recognized as broken then either reconnect or die otherwise.
can be useful for advanced users, but too complex for daily use
$api->talk( @sentence )
$api->raw_talk( @sentence )
Contributors
Object-Orientated Rebuild of prior contributions, based on:
- initial release from cheesegrits in MikroTik forum: http://forum.mikrotik.com/viewtopic.php?p=108530#p108530
- added
timeout parameter
and fixes by elcamlost: https://github.com/elcamlost/mikrotik-perl-api/commit/10e5da1fd0ccb4a249ed3047c1d22c97251f666e - SSL support by akschu: https://github.com/akschu/MikroTikPerl/commit/9b689a7d7511a1639ffa2118c8e549b5cec1290d
- upgrade to v2.0.0 by Steffen Winkler
Design decisions
- Use of Moo for OO
- higher compilation time of Moo based lib negligible because of slow I/O operations
- Change from Moose to Moo with version 2.0.0 because of XS dependencies of Moose
Martin Gojowsky,
martin at gojowsky.de
Please report any bugs or feature requests to
bug-mikrotik-api at rt.cpan.org
, or through the web interface at http://rt.cpan.org/NoAuth/ReportBug.html?Queue=MikroTik-API. I will be notified, and then you'll automatically be notified of progress on your bug as I make changes.Known issues
- Quite high compile time because of using Moo. Use of a persistent running framework recommended.
- Add a parameter talk_timeout as an alternative for probe_before_talk that enables an actual timeout for each command.
You can find documentation for this module with the perldoc command.
You can also look for information at:
- RT: CPAN's request tracker (report bugs here)
- AnnoCPAN: Annotated CPAN documentation
- CPAN Ratings
- Search CPAN
Copyright 2015 Martin Gojowsky.
This program is distributed under the MIT (X11) License: http://www.opensource.org/licenses/mit-license.php
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the 'Software'), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
To install MikroTik::API, simply copy and paste either of the commands in to your terminal
For more information on module installation please visit the detailed CPAN module installation guide.
The Basic Set of Commands Mikrotik RouterOS
For those who are just learning to use Mikrotik must still confused with the command (command line) used in Mikrotik RouterOS. Though many basic commands Mikrotik important and must be known so that you can use Mikrotik RouterOS well. Actually, the basic commands MikroTik RouterOS is not much different from the basic commands in Linux in general. Because of this proxy is actually an outgrowth of the Debian Linux kernel.
Mikrotik RouterOS same command shell with Linux, such as saving the order, please use the TAB key on the keyboard long command, no longer need to be typed, simply type at the beginning of the command is called, will be automatically Shell will display itself commands respect. Eg IP ADDRESS command in Mikrotik RouterOS. Quite simply typing in IP ADD space to press the TAB key, the shell will automatically recognize and translate it as a command IP ADDRESS.
Here’s a basic Mikrotik RouterOS commands commonly used
1. The command to shutdown and restart the computer, type:
[Admin @ MikroTik]> system shutdown (to shutdown the computer)
[Admin @ MikroTik]> system reboot (To restart the computer)
[Admin @ MikroTik]> System reset (For configurations that have been made previously). And keep in mind that the order – the order must be carried out in the admin directory.
[Admin @ MikroTik]> system shutdown (to shutdown the computer)
[Admin @ MikroTik]> system reboot (To restart the computer)
[Admin @ MikroTik]> System reset (For configurations that have been made previously). And keep in mind that the order – the order must be carried out in the admin directory.
2. The command to change the machine name Mikrotik, type:
[Admin @ MikroTik]> / system identity
[Admin @ MikroTik]> system identity> set name = Proxy
To view the configuration, type “print” or “pr”
[admin @ MikroTik] system indentity> pr name: “proxy”
Then the console changes to [admin @ proxy]
[Admin @ MikroTik]> / system identity
[Admin @ MikroTik]> system identity> set name = Proxy
To view the configuration, type “print” or “pr”
[admin @ MikroTik] system indentity> pr name: “proxy”
Then the console changes to [admin @ proxy]
3. The command to change the password MikroTik machine, type
[Admin @ proxy]> / password
[Admin @ proxy] password> old password (if you have not previously set a password then enter empty)
[Admin @ proxy] password> New password: …… (type a new password)
[Admin @ proxy] password> Retype new password: …… .. (insert again password Again)
[Admin @ proxy]> / password
[Admin @ proxy] password> old password (if you have not previously set a password then enter empty)
[Admin @ proxy] password> New password: …… (type a new password)
[Admin @ proxy] password> Retype new password: …… .. (insert again password Again)
As an example :
If the old password and new password 123456789 empty, then the command is as follows:
[Admin @ proxy]> / password
[Admin @ proxy] password> old password
[Admin @ proxy] password> new password 123456789
[Admin @ proxy] password> Retype new password 123456789
If the old password and new password 123456789 empty, then the command is as follows:
[Admin @ proxy]> / password
[Admin @ proxy] password> old password
[Admin @ proxy] password> new password 123456789
[Admin @ proxy] password> Retype new password 123456789
4.The command to view conditions in Mikrotik Router interface:
[Admin @ MikroTik]> interface print
Flags: X – disabled, D – dynamic, R – running
# NAME TYPE RX-TX-RATE RATE MTU
0 R ether1 ether 0 0 1500
1 R ether2 ether 0 0 1500
[Admin @ MikroTik]>
If there is an X interface (disabled) after the number (0.1), then check again
ethernet card again, should R (running).
a. Renaming interface
[Admin @ MikroTik]> interface (enter)
b. To rename Interface ether1 be Public
[Admin @ MikroTik]> interface print
Flags: X – disabled, D – dynamic, R – running
# NAME TYPE RX-TX-RATE RATE MTU
0 R ether1 ether 0 0 1500
1 R ether2 ether 0 0 1500
[Admin @ MikroTik]>
If there is an X interface (disabled) after the number (0.1), then check again
ethernet card again, should R (running).
a. Renaming interface
[Admin @ MikroTik]> interface (enter)
b. To rename Interface ether1 be Public
[Admin @ MikroTik] interface> set 0 name = Public
c. Like wise for ether2, suppose the name was changed to Local, then
[Admin @ MikroTik] interface> sets one name = Local
d. or simply from the position of the root directory, a symbol “/”, without the quotes
[Admin @ MikroTik]> / interface set 0 name = Public
e. Please check that your name has been changed interface.
[Admin @ MikroTik]> / interface print
Flags: X – disabled, D – dynamic, R – running
# NAME TYPE RX-TX-RATE RATE MTU
Local R ether 0 0 0 1500
1 R Public ether 0 0 1500
c. Like wise for ether2, suppose the name was changed to Local, then
[Admin @ MikroTik] interface> sets one name = Local
d. or simply from the position of the root directory, a symbol “/”, without the quotes
[Admin @ MikroTik]> / interface set 0 name = Public
e. Please check that your name has been changed interface.
[Admin @ MikroTik]> / interface print
Flags: X – disabled, D – dynamic, R – running
# NAME TYPE RX-TX-RATE RATE MTU
Local R ether 0 0 0 1500
1 R Public ether 0 0 1500
5. Command to see the package software Mikrotik RouterOS:
[Admin @ proxy]> / system package
[Admin @ proxy] system package> <type in print or pr>
With the above command will appear software package is in Mikrotik Os Example:
[Admin @ Mikrotik system package print detail file=Flags: X – disabled
[Admin @ proxy]> / system package
[Admin @ proxy] system package> <type in print or pr>
With the above command will appear software package is in Mikrotik Os Example:
[Admin @ Mikrotik system package print detail file=Flags: X – disabled
0 name=”routeros-mipsbe” version=”6.40.8″ build-time=apr/23/2018 11:34:28 scheduled=””
1 name=”system” version=”6.40.8″ build-time=apr/23/2018 11:34:28 scheduled=”” bundle=routeros-mipsbe
2 X name=”ipv6″ version=”6.40.8″ build-time=apr/23/2018 11:34:28 scheduled=”” bundle=routeros-mipsbe
3 name=”wireless” version=”6.40.8″ build-time=apr/23/2018 11:34:28 scheduled=”” bundle=routeros-mipsbe
4 name=”hotspot” version=”6.40.8″ build-time=apr/23/2018 11:34:28 scheduled=”” bundle=routeros-mipsbe
5 name=”dhcp” version=”6.40.8″ build-time=apr/23/2018 11:34:28 scheduled=”” bundle=routeros-mipsbe
6 name=”mpls” version=”6.40.8″ build-time=apr/23/2018 11:34:28 scheduled=”” bundle=routeros-mipsbe
7 name=”routing” version=”6.40.8″ build-time=apr/23/2018 11:34:28 scheduled=”” bundle=routeros-mipsbe
8 name=”ppp” version=”6.40.8″ build-time=apr/23/2018 11:34:28 scheduled=”” bundle=routeros-mipsbe
9 name=”security” version=”6.40.8″ build-time=apr/23/2018 11:34:28 scheduled=”” bundle=routeros-mipsbe
10 name=”advanced-tools” version=”6.40.8″ build-time=apr/23/2018 11:34:28 scheduled=”” bundle=routeros-mipsbe
6.Command to upgrade the router software package
[Admin @ Mikrotik] system upgrade>
To upgrade chosen packages:
Download 0,1,2,3,4,5,6,7,8,9,10,11,12,13,14
To upgrade chosen packages:
Download 0,1,2,3,4,5,6,7,8,9,10,11,12,13,14
7. The command to enable existing software packages in Mikrotik RouterOS
[Admin @ MikroTik] system page>
Enable <typing the desired packages>
example:
[Admin @ proxy] system package> enable dhcp
example:
[Admin @ proxy] system package> enable dhcp
8.The command to change the name on a machine ethernet Mikrotik OS:
[Admin @ proxy]> / interface
[Admin @ proxy] interface> ethernet set etherl name = public
Or by using the command
[Admin @ proxy] interface> set <typing number attached ethernet>
name = <name of the new ethernet>
For example:
[Admin @ proxy] interface> name = public set 0
[Admin @ proxy] interface> sets one name = lan
Or
[Admin @ proxy] interface>
set 0 name = public; sets one name = lan
[Admin @ proxy]> / interface
[Admin @ proxy] interface> ethernet set etherl name = public
Or by using the command
[Admin @ proxy] interface> set <typing number attached ethernet>
name = <name of the new ethernet>
For example:
[Admin @ proxy] interface> name = public set 0
[Admin @ proxy] interface> sets one name = lan
Or
[Admin @ proxy] interface>
set 0 name = public; sets one name = lan
9.The order setting the IP address on the machine Mikrotik RouterOS:
[Admin @ proxy]> ip address
[Admin @ proxy] ip address>
Add interface = <interface name> IPAddress =
(Type the IP address / subnet mask interface)
example:
If the name of the interface “lan” and the IP address of the desired: 192.168.01 and subnet mask: 255.255.255.0, then the command as follows
[Admin @ proxy]> / ip address
[Admin @ proxy] ip address>
Add interface = lan address = 192.168.0.1/24
[Admin @ proxy]> ip address
[Admin @ proxy] ip address>
Add interface = <interface name> IPAddress =
(Type the IP address / subnet mask interface)
example:
If the name of the interface “lan” and the IP address of the desired: 192.168.01 and subnet mask: 255.255.255.0, then the command as follows
[Admin @ proxy]> / ip address
[Admin @ proxy] ip address>
Add interface = lan address = 192.168.0.1/24
10.The order setting primary and Secondary DNS IP:
[Admin @ proxy] ./ ip dns
[Admin @ proxy] ip dns>
Set-dns name> = <Ip dns from ISP>
[Admin @ proxy] ./ ip dns
[Admin @ proxy] ip dns>
Set-dns name> = <Ip dns from ISP>
example:
If the primary ISP’s DNS IP: 8.8.8.8 and secondary:
8.8.4.4, then the command is as follows:
[Admin @ proxy] ./ ip dns
[Admin @ proxy] ip dns>
Set primary-dns =8.8.8.8
[Admin @ proxy] ip dns>
Set secondary-dns = 8.8.4.4
If the primary ISP’s DNS IP: 8.8.8.8 and secondary:
8.8.4.4, then the command is as follows:
[Admin @ proxy] ./ ip dns
[Admin @ proxy] ip dns>
Set primary-dns =8.8.8.8
[Admin @ proxy] ip dns>
Set secondary-dns = 8.8.4.4
11.Orders Gateway IP settings on the machine MikroTik OS
[Admin @ proxy]> / ip route
[Admin @ proxy] ip route> add gateway = <ip gatway
Examples of ISP gateway IP: 202.134.1.1, then the command:
[Admin @ proxy]> / ip route
[Admin @ proxy] ip route>
add gateway = 202.134.1.1
[Admin @ proxy]> / ip route
[Admin @ proxy] ip route> add gateway = <ip gatway
Examples of ISP gateway IP: 202.134.1.1, then the command:
[Admin @ proxy]> / ip route
[Admin @ proxy] ip route>
add gateway = 202.134.1.1
12. Command Network address Translate (NAT) on the machine Mikrotik RouterOS
[Admin @ proxy]> / ip firewall nat
[Admin @ proxy] ip firewall nat>
add chain = srcnat out-interface = <etherface connected
with WAN> scr-address =
<Network-id interface connected to LAN / subnet mask interface
LAN> action = masqurade
[Admin @ proxy]> / ip firewall nat
[Admin @ proxy] ip firewall nat>
add chain = srcnat out-interface = <etherface connected
with WAN> scr-address =
<Network-id interface connected to LAN / subnet mask interface
LAN> action = masqurade
example:
if the LAN interface network-id: “192.168.0.0” and the subnet
Mask: “255.255.255.0”. for Mikrotik RouterOS machine interfaces that connect to the network
WAN: “pubilc”, then the command as follows:
[Admin @ proxy]> / ip firewall nat
[Admin @ proxy [ip firewall nat>
Add chain = srcnat out-interface = public
Scr-address = 192.168.0.0 / 24 action = masquerade
if the LAN interface network-id: “192.168.0.0” and the subnet
Mask: “255.255.255.0”. for Mikrotik RouterOS machine interfaces that connect to the network
WAN: “pubilc”, then the command as follows:
[Admin @ proxy]> / ip firewall nat
[Admin @ proxy [ip firewall nat>
Add chain = srcnat out-interface = public
Scr-address = 192.168.0.0 / 24 action = masquerade