What am I supposed to do with CODE?
Command Line scares a lot of people. It shouldn’t. Most instructions for MikroTik are posted online in a format similar to this:
/ip dns set allow-remote-requests=yes cache-max-ttl=1w cache-size=2048KiB \ max-udp-packet-size=512 servers=184.108.40.206,220.127.116.11 /ip dns static add address=192.168.0.1 disabled=no name=router ttl=1d add address=192.168.0.190 disabled=no name=vortexbox ttl=1d
What you’re seeing there is an Export from a Terminal session with a MikroTik router. Simply put, you could copy and paste this into your own Terminal window and it would enter those settings into your router. We’ll go into more detail about that later.
For now, let’s just look at the first section of code.
/ip dns set allow-remote-requests=yes cache-max-ttl=1w cache-size=2048KiB \ max-udp-packet-size=512 servers=18.104.22.168,22.214.171.124
Looks scary, no? Well we’re not going to get into what this means here, but I want to show you what it corresponds to in WinBox. Here is the equivalent of that scary code in WinBox:
That’s it. (It’s important to note that I did not manually enter ANY of this. It’s all default settings that came in the router, plus the DNS servers that my ISP uses. I didn’t have to enter that line of code anywhere, and I didn’t even have to enter anything in WinBox. That happens a lot with MikroTik. There are quite a few sections where things “just work” out of the box. What’s powerful is that you can change pretty much anything you need to should the need arise.)
See the Static button on the right? That’s the second section of code from above.
/ip dns static add address=192.168.0.1 disabled=no name=router ttl=1d add address=192.168.0.190 disabled=no name=vortexbox ttl=1d
Let’s see what this looks like in WinBox:
Looks pretty simple now, right? In the pic above, I clicked the + to show what it looks like if you wanted to add a new static DNS entry. Let’s say I wanted to add an entry for ‘control4′ at 192.168.0.150 for some reason. I would type control4 in the Name box and 192.168.0.150 in the Address box and hit OK. That’s it.
How would I do that in Terminal? First I would navigate to /ip dns static. Guess how I got to the static DNS page in the WinBox pic above? I clicked on IP, then DNS, then Static. See a pattern? Most, not all, of WinBox matches up to the command line structure. To get to your Firewall filter in WinBox, you click on IP, then Firewall, then Filter Rules. To get to your Firewall filter in Terminal, you go to /ip firewall filter. Make sense?
So how would I have added that ‘control4′ static DNS entry in Terminal?
/ip dns static add address=192.168.0.150 disabled=no name=control4 ttl=1d
Easy, right? Hopefully this shows you the relationship between the code you see pasted all over the forums and what you see when you’re looking in WinBox.
How do I get to Terminal?
The easiest way is from within WinBox. Near the bottom left of the menu, there is a New Terminal button. Click it and you will open up a Terminal session inside WinBox. You’ll be greeted with something reminiscent of the old C:\ prompt.
Other ways are through SSH and Telnet. The end result is identical to using New Terminal inside of WinBox, but it’s up to you what you want to use. Info on SSH and Telnet is available elsewhere…
While in Terminal, there are a few very useful tips that will help you get around.
First off is the colored text. As you’re typing, the words you enter will be colored according to if they are a valid entry, and invalid entry, or a command.
Second is the Tab button. Hitting Tab without typing anything first will get you a list of valid commands. Look at the image above where the first blue text appears. I hit Tab there and it showed me a list of commands. As you can see “ip” was one of them. I typed “ip” and hit enter. See how the prompt changed from > to /ip>. Then again I hit Tab. Rinse and repeat.
Third is auto-complete. Start typing a word and if there is only one option for a valid command, then you can hit Tab and it will fill in the rest for you. If you look at the above pic at the /ip> prompt, I could have typed the letter “f” and hit Tab and it would have typed out “firewall” for me.
If I would have typed “d” or even “dhcp” and hit Tab it would have only autocompleted up to “dhcp-“ because it has no way of knowing if you meant dhcp-client, dhcp-relay, or dhcp-server. Also the text of “dhcp-” would have been red because until you added “client“, “relay“, or “server“, just “dhcp-” is an invalid command.