...
Any action done in GUI or any command executed from the CLI is recorded in /system history
. You can undo or redo any action by running undo or redo commands from the CLI or by clicking on Undo, and Redo buttons from the GUI.
A simple example to demonstrate the addition of the firewall rule and how to undo and redo the action:
Code Block | ||||
---|---|---|---|---|
| ||||
[admin@v7_ccr_bgp] /ip/firewall/filter> add chain=forward action=drop [admin@v7_ccr_bgp] /ip/firewall/filter> print Flags: X - disabled, I - invalid; D - dynamic 0 X chain=input action=drop protocol=icmp src-address=10.155.101.1 log=no log-prefix="" 1 chain=forward action=drop [admin@v7_ccr_bgp] /ip/firewall/filter> /system/history/print Flags: U - undoable, R - redoable, F - floating-undo Columns: ACTION, BY, POLICy ACTION BY POLIC F filter rule added admin write U --- write [admin@v7_ccr_bgp] /ip/firewall/filter> |
We have added a firewall rule and in /system history
we can see all what that is being done.
Let's undo everything:
...
Sometimes it happens that the router's configuration is changed in a way that will make the router inaccessible (except the local console). Usually, this is done by accident, but there is no way to undo the last change when the connection to the router is already cut. Safe mode can be used to minimize such risk.
...
All configuration changes that are made (also from other login sessions), while the router is in safe mode, are automatically undone if the safe mode session terminates abnormally. You can see all such changes that will be automatically undone and tagged with an F flag in the system history:
[admin@MikroTik] ip route> [Safe Mode taken] [admin@MikroTik] ip route<SAFE> add [admin@MikroTik] ip route<SAFE> /system history print Flags: U - undoable, R - redoable, F - floating-undo ACTION BY POLICY F route added admin write
Now, if the telnet connection, WinBox terminal (if the safe mode was enabled on WinBox terminal window), or WinBox connection is cut, then after a while (TCP timeout is 9 minutes) all changes that were made while in safe mode will be undone. Exiting session by Ctrl-D also undoes all safe mode changes, while /quit does not.
...
If too many changes are made while in safe mode, and there's no room in history to hold them all (currently history keeps up to 100 most recent actions), then the session is automatically put out of the safe mode, and no changes are automatically undone. Thus, it is best to change the configuration in small steps, while in safe mode. Pressing Ctrl-X twice is an easy way to empty the safe mode action list.
...
An export command can be executed from each individual menu (resulting in configuration export only from this specific menu and all its sub-menus) or from the root menu for complete config export.
Following The following command parameters are accepted:
...
For example export configuration from /ip address
menu and save it to a file:
Code Block | ||||
---|---|---|---|---|
| ||||
[admin@MikroTik] > /ip address print Flags: X - disabled, I - invalid, D - dynamic # ADDRESS NETWORK BROADCAST INTERFACE 0 10.1.0.172/24 10.1.0.0 10.1.0.255 bridge1 1 10.5.1.1/24 10.5.1.0 10.5.1.255 ether1 [admin@MikroTik] > /ip address export file=address [admin@MikroTik] > /file print # NAME TYPE SIZE CREATION-TIME 0 address.rsc script 315 dec/23/2003 13:21:48 [admin@MikroTik] > |
By default export command writes only user-edited configuration, RouterOS defaults are omitted.
For example, the IPSec default policy will not be exported, and if we change one property then only our change will be exported:
...
Notice the * flag, it indicates that the entry is system default and cannot be removed manually.
...
Import command allows to specify the following parameters:
Property | Description |
---|---|
from-line | Start executing the script from the specified line number |
file-name | Name of the script (.rsc) file to be executed. |
verbose | Reads each line from the file and executes individually, allowing to debug syntax or other errors more easily. |
...
It is also possible to automatically execute scripts after uploading to the router with FTP or SFTP. The script file must be named with the extension *.auto.rsc. Once the commands in the file are executed, a new *.auto.log file is created which contains import success or failure information.
...
This command clears all configuration of the router and sets it to the factory defaults including the login name and password ('admin' with an empty password). For more details on the default configuration see the list.
After the configuration reset command is executed router will reboot and load the default configuration.
...
Tip |
---|
The backup file of the existing configuration is stored before reset. That way you can easily restore any previous configuration if the reset is done by mistake. |
...
Warning |
---|
If the router has been installed using Netinstall and had a script specified as the initial configuration, the reset command executes this script after purging the configuration. To stop it from doing so, you will have to reinstall the router. |
It is possible to override the default reset behavior with the parameters below:
Property | Description |
---|---|
keep-users | Do not remove existing users from the configuration |
no-defaults | Do not load the default configuration, just clear the configuration |
skip-backup | Skip automatic backup file generation before reset |
run-after-reset | Run specified .rsc file after reset. That way you can load your custom configuration. |
...