Simple Mikrotik Flow / Wiki / Home

Home

Authors:

Attachments

int0.png (7939 bytes)

int1.png (12440 bytes)

int2.png (32094 bytes)

lan0.png (15903 bytes)

lan1.png (35556 bytes)

lan2.png (49029 bytes)

lan3.png (124907 bytes)

logs.png (46361 bytes)

Install

Install minimal Debian with SSH. Post install:

apt-get install aptitude mc zip nginx rsyslog-mysql php7.0-mysql mysql-server php7.0-mcrypt php7.0-fpm php7.0-mbstring net-tools subversion-tools whois
cd /var/www
svn export http://svn.code.sf.net/p/simple-mikrotik-flow/code/trunk/ ./
chmod +x ./cron_gr_last_day.sh
cp ./example_config.ini ./config.ini

MySQL

Add user:

CREATE USER 'rsyslog'@'localhost' IDENTIFIED VIA mysql_native_password USING 'rsyslogpass';
GRANT USAGE ON *.* TO 'rsyslog'@'localhost' REQUIRE NONE WITH MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0;
CREATE DATABASE IF NOT EXISTS `rsyslog`;
GRANT ALL PRIVILEGES ON `rsyslog`.* TO 'rsyslog'@'localhost';
FLUSH PRIVILEGES;

Load init script from: rsyslog.sql

Nginx

File /etc/nginx/sites-enabled/default:

server {
        listen 80 default_server;
        listen [::]:80 default_server;

        root /var/www/html;
        index index.php;
        server_name _;

        location / {
                try_files $uri $uri/ =404;
        }

        location ~ \.php$ {
                include snippets/fastcgi-php.conf;
                fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
        }
}

Restart Nginx:

/etc/init.d/nginx restart

Configure file: /var/www/config.ini

RSyslog

File /etc/rsyslog.conf:

module(load="imudp")
#input(type="imudp" port="514")

File /etc/rsyslog.d/mysql.conf:

ruleset(name="rsRemoteUDP") {
*.* action(type="ommysql"
        server="localhost"
        db="rsyslog"
        uid="rsyslog"
        pwd="rsyslogpass"
        )
}

input(
        type="imudp"
        port="514"
        ruleset="rsRemoteUDP"
)

Restart RSyslog:

/etc/init.d/rsyslog restart

Mikrotik

Example firewall rules

/ip firewall filter
add action=log chain=forward dst-address=!192.168.0.0/16 out-interface=eth1 protocol=tcp src-address=192.168.0.0/16
add action=log chain=forward dst-address=192.168.0.0/16 in-interface=eth1 protocol=tcp src-address=!192.168.0.0/16
add action=log chain=forward dst-address=!192.168.0.0/16 out-interface=eth1 protocol=udp src-address=192.168.0.0/16
add action=log chain=forward dst-address=192.168.0.0/16 in-interface=eth1 protocol=udp src-address=!192.168.0.0/16

Example log actions:

/system logging action
set 3 remote=192.168.1.2 #IP RSyslog
/system logging
add action=remote topics=firewall
add action=remote topics=dns

Crontab

Add to crontab:

1 1 * * * root /var/www/cron_gr_last_day.sh start
59 * * * * root php /var/www/mikrotik_interface_get.php >> /var/www/mikrotik_interface_get.log

Simple Mikrotik Flow Wiki

Simple Mikrotik Flow