Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - alt21

Pages: [1]
1
Guides / ChangeIP Script
« on: March 19, 2012, 12:30:56 am »
I have modified ChangeIP's Dynamic DNS script a bit, this script does a couple of things differently to the stock ChangeIP script.

This script assumes you have two or three ppp interfaces on your RouterBOARD (ppp-local, ppp-international and / or ppp-3g - for people using the new RB751 with a 3G USB Stick and an unrestricted APN)

First it checks if ppp-local is connected, if it is it will update ChangeIP with ppp-local's IP,
if not it checks if ppp-international is connected, if it is it will update ChangeIP with ppp-international's IP,
if not if checks if ppp-3g exists, if it does exist it checks if ppp-3g is connected, if it is it will update ChangeIP with ppp-3g's IP,
if not it will log an error "None of your interfaces are currently Dialled Out",
if ppp-3g doesn't exist it will log an error "DDNS: $ddnsinterface3g Interface doesn't exist and PPPoE Interfaces are Disconnected!"

I will still make this prettier at some point for now it seems to work though.

Code: [Select]

# Define User Variables
:global ddnsuser <USERNAME>
:global ddnspass <PASSWORD>
:global ddnshost <HOST>
:global ddnsinterface ppp-local
:global ddnsinterfacelcl ppp-local
:global ddnsinterfaceint ppp-international
:global ddnsinterface3g ppp-3g

# Detect Active Interface
/interface pppoe-client monitor $ddnsinterfacelcl once do={
  :if ($status != "connected") do={
    /interface pppoe-client monitor $ddnsinterfaceint once do={
      :if ($status = "connected") do={
        :global ddnsinterface $ddnsinterfaceint
      } else={
        :if ([/interface find name=$ddnsinterface3g] = "") do={
          :log error "DDNS: $ddnsinterface3g Interface doesn't exist and PPPoE Interfaces are Disconnected!";
          :error;
        } else={
          /interface pppoe-client monitor $ddnsinterface3g once do={
            :if ($status = "connected") do={
              :global ddnsinterface $ddnsinterface3g
            } else={
              :log error "DDNS: None of your interfaces are currently Dialled Out!";
              :error;
            }
          }
        }
      }
    }
  }
}

# Define Global Variables
:global ddnssystem ("mt-" . [/system package get [/system package find name=system] version] )
:global ddnsip [ /ip address get [/ip address find interface=$ddnsinterface] address ]
:global ddnslastip

:if ([:len [/interface find name=$ddnsinterface]] = 0 ) do={ :log info "DDNS: No interface named $ddnsinterface, please check configuration." }
:if ([ :typeof $ddnslastip ] = "nothing" ) do={ :global ddnslastip 0.0.0.0/0 }
:if ([ :typeof $ddnsip ] = "nothing" ) do={
  :log info ("DDNS: No ip address present on " . $ddnsinterface . ", please check.")
  } else={
    :if ($ddnsip != $ddnslastip) do={
      :log info "DDNS: Sending UPDATE!"
      :log info [ :put [/tool dns-update name=$ddnshost address=[:pick $ddnsip 0 [:find $ddnsip "/"] ] key-name=$ddnsuser key=$ddnspass ] ]
      :global ddnslastip $ddnsip
    } else={
      :log info "DDNS: No changes necessary."
    }
  }

# END OF SCRIPT

2
Tips and Tricks / Antec Kuhler H20 620
« on: October 17, 2011, 01:58:30 pm »
I installed an Antec Kuhler 620 in my PC and here is some of the results I got from playing with the FAN configuration.

Original Antec FAN in pull configuration - When connected to Kuhler pump power header the fan speed fluctuates so your noise level isn't always the same. When connected to 12v the fan speed is in the region of 2000 RPM generating a huge amount of air noise.

Zalman ZM-F3 FDB in pull configuration - When connected to 12v the fan spins at a constant 1500 RPM so the noise level is always the same and not much louder than my other fans, temp wise its 1 degree higher than the stock Antec fan when connected to the pump header.

Zalman ZM-F3 FDB in push / pull configuration - I connected both fans to 12v thus running at a constant 1500 RPM and my CPU temp dropped by 4 degrees odd (I will have to test this again as I can't find my notes to give the exact temp drop)

I then also tried to rather suck air from the outside into the case as I have 2x 140mm fans in the top of my case, this configuration did initially drop my CPU temp but in return pushed my System temp up by 10 degrees which also pushed my CPU temp up again by 6 degrees so sucking air from the outside is a huge NO.

With my current setup with a 27 degree room temp my System temp is sitting at 41 degrees and CPU temp at 40 degrees after 1.5h of Prime95 at stock clock settings, at idle the system temp drops to 40 degrees and CPU temp drops to 30 degrees.

My current setup
CoolerMaster CM 690 II Advanced Chassis
CoolerMaster Real Power M850 Power Supply
Gigabyte GA-890FXA-UD5 Motherboard
AMD Phenom II X6 1090T Processor
Antec Kuhler 620 Liquid Cooler (2x Zalman ZM-F3 FDB in Push / Pull - Exhaust)
12GB Corsair XMS3 DDR3-1600 Memory (2x 4GB, 2x 2GB Modules)
4x Seagate Barracuda 500GB SATA III Hard Drives (RAID0)
2x Seagate Barracuda 1000GB SATA II Hard Drives (RAID0)
Club3D HD6970 2GB Graphics Card
2x Coolermaster R4-L4S-10AB-GP 140mm Fans (Top - Exhaust)
1x Coolermaster R4-L4S-10AB-GP 140mm Fan (Front - Intake)
1x CoolerMaster Turbine Master MACH 1.2 120mm Fan (Side Panel - Intake)
1x Zalman ZM-F3 FDB 120mm Fan (Front - Untake)
1x Zalman ZM-OP1 80mm Slim Fan (Side Panel Behind CPU - Intake)

3
Not sure how much love / hate I will get for this post as anyone using local news server with only one set of connections will love this where anyone using local news servers using a similar solution to this might just hate me for sharing this.

What you want to do first on your RouterBOARD or ROS PC / Virtual Machine is duplicate the account you use to download on from the local news servers so you can get more IP's, the servers limit the amount of connections you can have per IP so say 3 connections per IP if we can have 3 IP's we get 9 connections. Name the new connections something that would be easy to manage so ppp-news1, ppp-news2, ppp-news3, ....

Create a routing-mark to mark traffic so we can route it over each of our new PPPoE connections. (I have added 3 here but you can add as many as you want just change 10003 to 10004, 10005, ...... and routing-news3 to routing-news4, routing-news5, ......

Code: [Select]
/ip firewall mangle
add action=mark-routing chain=prerouting disabled=no dst-port=10001 new-routing-mark=routing-news1 passthrough=no protocol=tcp
add action=mark-routing chain=prerouting disabled=no dst-port=10002 new-routing-mark=routing-news2 passthrough=no protocol=tcp
add action=mark-routing chain=prerouting disabled=no dst-port=10003 new-routing-mark=routing-news2 passthrough=no protocol=tcp

Create a Destination NAT rule so we can forward traffic to the correct external host. Again I have added commands for 3 connections so you can change the dst-port=10003 to 10004, 10005, ..... You would also have to change <NEWS-SERVER-IP> to reflect the server you are want to connect to (news.myisp.co.za) and the <NEWS-SERVER-PORT> to that servers port (119, 443, ....)

Code: [Select]
/ip firewall nat
add action=dst-nat chain=dstnat disabled=no dst-port=10001 protocol=tcp to-addresses=<NEWS-SERVER-IP> to-ports=<NEWS-SERVER-PORT>
add action=dst-nat chain=dstnat disabled=no dst-port=10002 protocol=tcp to-addresses=<NEWS-SERVER-IP> to-ports=<NEWS-SERVER-PORT>
add action=dst-nat chain=dstnat disabled=no dst-port=10003 protocol=tcp to-addresses=<NEWS-SERVER-IP> to-ports=<NEWS-SERVER-PORT>

The last step is to create routes to route our marked packets over the correct PPPoE connection.

Code: [Select]
/ip route
add disabled=no distance=2 dst-address=0.0.0.0/0 gateway=ppp-news1 routing-mark=routing-news1
add disabled=no distance=2 dst-address=0.0.0.0/0 gateway=ppp-news2 routing-mark=routing-news2
add disabled=no distance=2 dst-address=0.0.0.0/0 gateway=ppp-news3 routing-mark=routing-news3

On your usenet client you would now create a server for each of these PPPoE connections you have dialed, using the ROS device as your server IP and the port 10001, 10002, 10003, ..... as the port for that server.

4
General Discussion / Guru's
« on: October 14, 2011, 11:44:40 am »
If you feel you specialise in a particular field let us know so we can keep track of who does what.

We can also make you a moderator for the section of the site that you specialise in.

5
Tips and Tricks / Chassis Fans
« on: October 10, 2011, 11:10:11 am »
So I've spent a bit of time over the last week trying to get my PC's less noisy, the noise being generated by air being moved isn't as much of an issue (unless the fans are running at 2000 RPM as that does make a bit of noise) but more the little clucks, scrapes and grinds that comes from my PC's every second or so.

So this is what I have found :)

Thermalright TY-140 (140mm) - This is a really stupid fan as its 140mm but has 120mm holes, I was not able to get it to work in my CM 690 II Advanced Chassis as it won't fit in a 120mm fan spot on rear exhaust or front intake and can't mount two of them next to each other on the top either as the 120mm holes are too close to each other. The fan is also not as quiet as I thought it would be, there was a very noticeable grinding sound coming from the bearings if you listen up close.

Zalman ZM-F3 FDB (120mm) - So far this fan seems to work well as a rear exhaust fan, its moving more air than the stock Cooler Master 120mm that came with the Chassis and also has no noticeable bearing noise. The one issue I did have with this fan though is as an intake fan where you would have a grill / slotted surface in front of the fan it makes a lot of air noise.

Cooler Master Turbine Master MACH 1.8 (120mm) - With this fan running at 1800 RPM which would be its stock speed it makes a lot of air noise, bringing it down to 1300 RPM it isn't too loud and still moves a lot of air. Mounted as a side intake fan it doesn't generate more air noise which I assume is because of the fans unique design. It might be a better option to get the MACH 1.2 which runs at 1200 RPM if connected directly to 12v

6
Guides / Tech Guru's Account Switcher
« on: October 03, 2011, 09:46:27 pm »
Modified version of the first script I did, the original script ping'd 196.25.1.1 which worked ok if you don't use the routing mark version of my traffic splitting script, this script checks to see if the ppp-local account is connected or not, if ppp-local is disconnected it will change the logon details on the local account to the next account in the list.

The reason I made this script is because I have several clients using local only accounts but I keep having to manually change accounts half way through the month causing some downtime and also leaving some of the accounts capped and others hardly used. With this script I will be able to use one account till it’s capped and then switch to the next (this will however not always work 100% as some accounts will get switched incorrectly)

This script is also not tested properly as yet so there could be some issues other than mentioned above and would also require a bit of editing as I use it with 7 local only accounts where someone else might not have that many or even have more.

Code: [Select]
/system script
add name=AccSwitcher policy=ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api source="# Account Usernames\r\
    \n:global usr1 <ISP USERNAME>\r\
    \n:global usr2 <ISP USERNAME>\r\
    \n:global usr3 <ISP USERNAME>\r\
    \n:global usr4 <ISP USERNAME>\r\
    \n:global usr5 <ISP USERNAME>\r\
    \n:global usr6 <ISP USERNAME>\r\
    \n:global usr7 <ISP USERNAME>\r\
    \n\r\
    \n# Account Passwords\r\
    \n:global psw1 <ISP PASSWORD>\r\
    \n:global psw2 <ISP PASSWORD>\r\
    \n:global psw3 <ISP PASSWORD>\r\
    \n:global psw4 <ISP PASSWORD>\r\
    \n:global psw5 <ISP PASSWORD>\r\
    \n:global psw6 <ISP PASSWORD>\r\
    \n:global psw7 <ISP PASSWORD>\r\
    \n\r\
    \n# Create Blank Variables\r\
    \n:global acc1\r\
    \n:global acc2\r\
    \n:global acc3\r\
    \n:global acc4\r\
    \n:global acc5\r\
    \n:global acc6\r\
    \n\r\
    \n/interface pppoe-client monitor ppp-local once do={\r\
    \n:if (\$status != \"connected\") do={\r\
    \n:if (\$acc1 !=\"used\") do={\r\
    \n/interface pppoe-client set [find name=ppp-local] user=\$usr1 password=\$psw1\r\
    \n:global acc1 \"used\"\r\
    \n} else={\r\
    \n:if (\$acc2 !=\"used\") do={\r\
    \n/interface pppoe-client set [find name=ppp-local] user=\$usr2 password=\$psw2\r\
    \n:global acc2 \"used\"\r\
    \n} else={\r\
    \n:if (\$acc3 !=\"used\") do={\r\
    \n/interface pppoe-client set [find name=ppp-local] user=\$usr3 password=\$psw3\r\
    \n:global acc3 \"used\"\r\
    \n} else={\r\
    \n:if (\$acc4 !=\"used\") do={\r\
    \n/interface pppoe-client set [find name=ppp-local] user=\$usr4 password=\$psw4\r\
    \n:global acc4 \"used\"\r\
    \n} else={\r\
    \n:if (\$acc5 !=\"used\") do={\r\
    \n/interface pppoe-client set [find name=ppp-local] user=\$usr5 password=\$psw5\r\
    \n:global acc5 \"used\"\r\
    \n} else={\r\
    \n:if (\$acc6 !=\"used\") do={\r\
    \n/interface pppoe-client set [find name=ppp-local] user=\$usr6 password=\$psw6\r\
    \n:global acc6 \"used\"\r\
    \n} else={\r\
    \n/interface pppoe-client set [find name=ppp-local] user=\$usr7 password=\$psw7\r\
    \n:global acc1 \"notused\"\r\
    \n:global acc2 \"notused\"\r\
    \n:global acc3 \"notused\"\r\
    \n:global acc4 \"notused\"\r\
    \n:global acc5 \"notused\"\r\
    \n:global acc6 \"notused\"\r\
    \n}}}}}}}}\r\
    \n"
/system scheduler
add disabled=no interval=1m name="Account Switcher - 1min" on-event="/system script run AccSwitcher\r\
    \n" policy=reboot,read,write,test start-date=jan/01/1970 start-time=05:00:00

7
General Discussion / MOVED: MySQL
« on: September 30, 2011, 02:32:47 am »

8
Guides / Tech Guru's P2P Blocker
« on: September 28, 2011, 12:01:17 am »
Version to use with Traffic Splitter Setup (Script Only - I will still do a guide for this)

Ok so what this does is add a simple queue that limits all outgoing P2P (It only does Gnutella and Torrents) traffic to 64kb and incoming P2P traffic gets dropped.

The layer7 filter won't however detect secure packets so what this script does is as soon as it detects any P2P traffic from an internal IP its adds that IP to an "internal" address list for 5 min and then all traffic from that IP's gets "shaped", external (public) IP's get added to an "external" address list for 5 min which gets dropped completely.

This script still needs some work but in its current form it should work as intended.

Code: [Select]
/ip firewall layer7-protocol
add name=gnutella regexp="^(gnd[\01\02]\?.\?.\?\01|gnutella connect/[012]\\.[0-9]\r\
    \n|get /uri-res/n2r\\\?urn:sha1:|get /.*user-agent: (gtk-gnutella|bearshare|mactella|gnucleus|gnotella|limewire|imesh)|get /.*content-type: application/x-gnutella-packets|giv [0-9]*:[0-9a-f]*/|queue [0-9a-f]* [1-9][0-9]\?[0-9]\?\
    \\.[1-9][0-9]\?[0-9]\?\\.[1-9][0-9]\?[0-9]\?\\.[1-9][0-9]\?[0-9]\?:[1-9][0-9]\?[0-9]\?[0-9]\?|gnutella.*content-type: application/x-gnutella|...................\?lime)"
add name=bittorrent regexp="^(\13bittorrent protocol|azver\01\$|get /scrape\\\?info_hash=)|d1:ad2:id20:|\08'7P\\)[RP]"
add name=tor regexp=TOR1.*<identity>

/ip firewall mangle
add action=add-src-to-address-list address-list=list-abuser-internal address-list-timeout=5m chain=chain-abuser comment="P2P Limiter - LAN" disabled=no src-address=10.0.0.0/24
add action=add-src-to-address-list address-list=list-abuser-external address-list-timeout=5m chain=chain-abuser comment="P2P Limiter - PPPoE" disabled=no dst-address-list=list-p2p-ppp-ips
add action=jump chain=prerouting comment="p2p - bittorrent" disabled=no jump-target=chain-abuser p2p=bit-torrent
add action=jump chain=prerouting disabled=no jump-target=chain-abuser layer7-protocol=bittorrent
add action=jump chain=prerouting comment="p2p - gnutella" disabled=no jump-target=chain-abuser p2p=gnutella
add action=jump chain=prerouting disabled=no jump-target=chain-abuser layer7-protocol=gnutella
add action=mark-packet chain=prerouting comment="Mark Packets of Abusers" disabled=no dst-port=!80,443 new-packet-mark=packet-abuser passthrough=no protocol=tcp src-address-list=list-abuser-internal

/ip firewall filter
add action=drop chain=input comment="P2P Limiter - Block Incoming Traffic" disabled=no src-address-list=list-abuser-external

/queue simple
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no dst-address=0.0.0.0/0 interface=all limit-at=0/0 max-limit=64k/64k name=queue-abuser packet-marks=packet-abuser parent=none priority=8 queue=default-small/default-small total-queue=default-small

/system script
add name="P2P Limiter - PPPoE IP Updater" policy=ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="# Create Blank Variables\r\
    \n:global \"p2p-ppp-ip-int\"\r\
    \n:global \"p2p-ppp-ip-lcl\"\r\
    \n\r\
    \n# Set New Variables\r\
    \n:global \"p2p-ppp-ip-int-new\" [/ip address get [/ip address find interface=\"ppp-international\" ] address ]\r\
    \n:global \"p2p-ppp-ip-lcl-new\" [/ip address get [/ip address find interface=\"ppp-local\" ] address ]\r\
    \n\r\
    \n# Update International Interface IP\r\
    \n:if (\$\"p2p-ppp-ip-int\" != \$\"p2p-ppp-ip-int-new\") do={\r\
    \n/ip firewall address-list remove [find comment=\"p2p-ppp-ip-int\"]\r\
    \n:global \"p2p-ppp-ip-int\" \$\"p2p-ppp-ip-int-new\"\r\
    \n/ip firewall address-list add list=list-p2p-ppp-ips comment=\"p2p-ppp-ip-int\" address=\$\"p2p-ppp-ip-int\"\r\
    \n}\r\
    \n\r\
    \n# Update Local Interface IP\r\
    \n:if (\$\"p2p-ppp-ip-lcl\" != \$\"p2p-ppp-ip-lcl-new\") do={\r\
    \n/ip firewall address-list remove [find comment=\"p2p-ppp-ip-lcl\"]\r\
    \n:global \"p2p-ppp-ip-lcl\" \$\"p2p-ppp-ip-lcl-new\"\r\
    \n/ip firewall address-list add list=list-p2p-ppp-ips comment=\"p2p-ppp-ip-lcl\" address=\$\"p2p-ppp-ip-lcl\"\r\
    \n}\r\
    \n"

/system scheduler
add disabled=no interval=5m name="P2P Limiter - PPPoE IP Updater" on-event="/system script run \"P2P Limiter - PPPoE IP Updater\"\r\
    \n" policy=reboot,read,write,test start-date=jan/01/1970 start-time=00:00:00

Thanks to:
Daffy for providing me with the original script which I modified for a small office environment

9
Guides / Tech Guru's Traffic Splitter
« on: September 25, 2011, 04:53:34 pm »
Step by Step Guide for new RouterBOARD Installation

Download Splitter.rsc before continuing. This script assumes you have your ADSL Router connected to ether1 and your network is connected to ether2. The default IP for the Router would be 192.168.88.1 and the DHCP Range is 192.168.88.10 - 192.168.88.250

Step 1
Open Winbox and scan for connected devices. Find your device in the list and click on the MAC Address.


The default username is admin with no password, click connect once you have entered the username.


Step 2
The first time you connect to your RouterBOARD it will give you an option to remove the current configuration, click remove so we can start with a completely blank Router.


Optional Step if "Remove Configuration" window did not appear
If you did not receive the option to remove the default configuration open a New Terminal Window, type "system reset-configuration" (or just type sys <tab> reset <tab> to autocomplete the command) and press enter. The unit will reboot after the reset, once the unit has rebooted go back to Step 2


Step 3
Open the Files Window then drag and drop the Splitter.rsc file from your PC.


Step 4
Open a New Terminal Window and type import Splitter.rsc (or im <tab> S <tab> to autocomplete the command)


Step 5
Open Interfaces, open ppp-international, Dial Out and enter your international accounts username and password. Once done do the same for ppp-local using your local accounts username and password.


Step 6
The route script will run every day at 5am to get new local routes, you can force the first run by clicking on System, Scrips, Splitter and Run Script. Check the RouterBOARD log for any errors.



Thanks to:
http://locality.co.za/ for the local IP ranges
Vlad for creating this site and the code to change the IP Ranges into usable ROS commands

Pages: [1]