Versions Compared

Old Version 18

changes.mady.by.user Normunds R.

Saved on

compared with

New Version 19

changes.mady.by.user Normunds R.

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
languageros
[admin@MikroTik] > ip hotspot/add interface=ether1 
[admin@MikroTik] > ip hotspot/print 
Flags: X, S - HTTPS
Columns: NAME, INTERFACE, PROFILE, IDLE-TIMEOUT
#   NAME      INTERFACE  PROFILE  IDLE-TIMEOUT
;;; inactivated, not allowed by device-mode
0 X hotspot1  ether1     default  5m

Flagged notice

The Flag is another important "option". Along with the device-mode feature, ROS has implemented code that analyzes RouterOS now can analyse the whole configuration at system startup, to determine if there are any signs of unauthorized access to your router. If suspicious configurations are detected, the flagged flag is set at device-mode (and the corresponding configuration is disabled) parameter is changed to "yes":

Code Block
languageros
[admin@MikroTik] > system/device-mode/print 
     mode: enterprise
  flagged: yes
  sniffer: no
  hotspot: no

If the system has this flagged notice status, then the current configuration works, but it is not possible to perform a series of actions. If the action is restricted

bandwidth-test, traffic-generator, sniffer, as well as configuration actions that enable or create new configuration entries (it will still be possible to disable or delete) for the following programs: system scheduler, SOCKS proxy, pptp, l2tp, ipsec, proxy, smb.

When performing the aforementioned actions while the router is "flagged", you will receive an error message when doing so:

Code Block
languageros
[admin@MikroTik] > /tool sniffer/quick 
failure: configuration flagged, check all router configuration for unauthorized changes and update device-mode
[admin@MikroTik] > /int l2tp-client/add connect-to=1.1.1.1 user=user
failure: configuration flagged, check all router configuration for unauthorized changes and update device-mode

To remove the flagged notice, you must perform the command "/system/device-mode/update flagged=noThe following interactive actions will not be possible on the flagged device: bandwidth-test, traffic-generator, sniffer, as well as configuration actions that enable or create new configuration entries (it will still be possible to disable or delete) for the following contacts: scheduler, socks, pptp, l2tp, ipsec, proxy, smb."