A little extension on one of these, WinBox sort on any field by clicking the header. Somewhat standard Windows operation.

WinBox for Linux.

Need a better way to clone CPEs. If I am building 15 CPEs today, I would like to be able to plug it in, push a configuration to it and have it ready to deploy. Even better would be to have the IP address auto increment as it loads. Going farther, read the configuration parameters out of a MySQL database, build the configuration and push it to the RB.

Pete Davis wrote:
I like those, and would like to probably implement them myself. Here are some of my ideas/wishlist.

I would like to see the script equivalent of DenyHosts. [see http://denyhosts.sourceforge.net] whereas if password authentication fails (telnet, ssh, ftp) from the same outside IP 5 (or so) times in a row, that IP gets dynamically added to the "blacklist" address list, and all data to/from is denied for 12 hrs (or so). My logs are usually full of failed ssh/ftp logins from (virusinfected?) zombie PCs trying brute force dictionary login attempts. Permanently blacklisting them seems like a waste of resources/disk space.

If I could get notified of any IP who sends smtp (TCP/25) traffic to more than 5 different destinations/hr(min?) that could be a good script. Some of my business clients host their own email server, so that's okay, but most clients only need to send to my SMTP server. Automatically blocking port25 for certain users who violate this (due to a virus) would be good also. I guess this is similar to your #1 and #2 ideas.

A script I think would be neat, but don't have the time to implement it now, if a 2-radio routerboard/wrap/whatever could be mounted in the van with an omni antenna on the roof (or bumper) connected to the "client" radio, and automatically associate to the nearest non-secure (or secure if it has "our client" WEP key) AP (with a SSID other than "THENODIALVAN"), then nat/rebroadcast on a weaker AP (with a duckie antenna), with the SSID of "THENODIALVAN" then it would be kind of the "ultimate" war driving vehicle. Another script to VPN tunnel into the office on demand so the techs could get/file paperwork from their laptops. Wire in a Lingo/Vonage/whatever VOIP phone, and cell phone bills to/from the technicians could drop considerably. Please don't respond to this one telling me how the cops are gonna take away my freedoms for connecting to an insecure home wireless network. I know its wrong to "steal" bandwidth, and I don't want a new 100 response opinion fest. Please keep your "is too/is not" to yourself. I know that this idea is ethically questionable. Another reason why I won't be implementing it any time soon.

Winbox feature wishlist:
I would like to be able to sort my DHCP leases by the comment field.

I would also, for that matter, be able to sort my DHCP leases by the IP address (like I could in 2.8). I like the 2.9 capability of assigning a dhcp lease to a specific pool, but then sorting by IP address now just seems to randomize the order.

If I could sort by IP address, then have all of my bridge leases (172.16.x.x) together, all of my customer leases (64.123.x.x) together, that would be awesome. If I could sort by comment, then finding "smith, bob" then finding "smith, bob - bridge" to see if either/both have an active lease would be MUCH easier, and make life much better for my staff.

Pete Davis

Butch Evans wrote:
I'd like to throw this out for the weekend. I want to gather some ideas for IMPLEMENTATIONS you'd like to see with existing RouterOS technology. I have a few that I can think of off the top of my head that I will try to get documented (some possibly for free - to be posted on my website). For example:

1. Automated virus detection - this application would need to be able to detect virus like activity (whatever that means) and automatically cause the offender - if they are on-net - to be disconnected except for the ability to visit http://housecall.antivirus.com and test to see if they have removed the virus(es) before allowing full access again.

2. Automatically build a list of valid SMTP servers based on servers that have been used to check email (I've done this one several times). This will prevent those viruses and spam trojans from getting your IP blacklisted if you NAT.

3. Queue mechanism that implements an automated fair access policy (similar to what some of the satellite companies do) - I have done something SIMILAR to this, but implementing this properly will take a bit more work.

OK...So I've got you started...now step forth with your ideas (either implemented already or just a "wish-list") and let's come up with some really cool stuff! While we're at it, you can let me know what you think of the above ideas...are they worth the effort?

Scott Reed
Wireless Networking
Network Design, Installation and Administration

WISPA Wireless List: wireless@wispa.org


Archives: http://lists.wispa.org/pipermail/wireless/

Reply via email to