Script Mikrotik

Habilitar FastTrack

/ip firewall filter

add chain=forward action=fasttrack-connection connection-state=established,related \

comment="fasttrack established/related"

add chain=forward action=accept connection-state=established,related \

comment="accept established/related"

Failover

## Reglas de enrutamiento

# Regla para enrutar el 4.2.2.1 por un gateway especifico, en este ejemplo el

189.73.1.1

#--------------------------------------------------------------------------------------------

/ip route

add distance=1 dst-address=4.2.2.1/32 gateway=189.73.1.1 scope=10

add distance=2 dst-address=4.2.2.1/32 blackhole scope=10

# Regla para enrutar el 4.2.2.2 por un gateway especifico, en este ejemplo el

200.76.2.1

add distance=1 dst-address=4.2.2.2/32 gateway=200.76.2.1 scope=10

add distance=2 dst-address=4.2.2.2/32 blackhole scope=10

# Reglas de Ruta por defecto con Failover

add check-gateway=ping distance=1 dst-address=0.0.0.0/0 gateway=4.2.2.1 targetscope=11

add check-gateway=ping distance=2 dst-address=0.0.0.0/0 gateway=4.2.2.2 targetscope=11

# Ultimas reglas... por si hay una "falsa caida", para que te mantengas con

Internet

add check-gateway=ping distance=3 dst-address=0.0.0.0/0 gateway=189.73.1.1

add check-gateway=ping distance=4 dst-address=0.0.0.0/0 gateway=200.76.2.1

## Reglas para monitoreo

/tool netwatch

add host=4.2.2.1 interval=30s \

down-script=":log error \"Internet 1 - DOWN\"" \

up-script=":log warning \"Internet 1 - UP\""

add host=4.2.2.2 interval=30s \

down-script=":log error \"Internet 2 - DOWN\"" \

up-script=":log warning \"Internet 2 - UP\""

Impedir que compartan

/ip firewall mangleadd action=change-ttl chain=postrouting comment="Bloqueo_Bluetooth" \

dst-address=192.168.5.1/24 new-ttl=set:1

Bloqueo de Redes Sociales

##Parametros globales

:global OutInterface "ether1"
## Muestra mensaje de confirmacion
:global Msg "Reglas de Contenido Correctamente aplicadas"
##Bloqueo Redes Sociales
/ip firewall layer7-protocol
add name=Bloqueos regexp="^.*(facebook.com|twitter.com|instagram.com|hi5.com|t\
    agged.com|snapchat.com|match.com|pinterest.com|badoo.com|Instagram.com).*\
    \$"
##Bloqueo Youtube, youtube movil
add name=Youtube_Adicional regexp="^.+(youtube.com|www.youtube.com|m.youtube.c\
    om|ytimg.com|s.ytimg.com|ytimg.l.google.com|googlevideo.com|youtu.be).*\$"

/ip firewall filter
add action=drop chain=forward comment="Bloqueos General" layer7-protocol=\
    Bloqueos out-interface=$OutInterface place-before=1
add action=drop chain=forward comment="Bloqueo Youtube - Streaming" \
    layer7-protocol=Youtube_Adicional out-interface=$OutInterface place-before=2
##Imprime El mensaje en el log
:log info $Msg

-------------------------------------------------------------------------------

https://github.com/jsalonl/Mikrotik-Scripts/tree/master

https://github.com/jsalonl/Mikrotik-Scripts/blob/master/Bloqueo_Sociales.rsc

MikroTik Scripting Book

https://github.com/wifinigel/MikrotikScripting

https://www.mikrotikscripting.com/downloads/

https://www.mikrotikscripting.com/downloads/mikrotik_scripting.zip

https://github.com/misterkrittin/Scripts-MikroTik/tree/main
https://kupdf.net/download/scripting-mikrotik_5afa6f42e2b6f5b941210db4_pdf
https://kak.kornev-online.net/FILES/KAK%20-%20Mikrotik%20Manual%20Scripting%20RouterOS.pdf

https://ros-scripts.vercel.app/
https://www.shellhacks.com/mikrotik-script-create-run-schedule-example/

Exportar e importar configuracion

export compact file=configuracion.rsc

import configuracion.rsc

Script backup diario

/system script add name=BackupConfig source="/system backup save name=nightly" /system scheduler add name=DailyBackup interval=1d on-event=BackupConfig

Fuente: https://afterware.es/?s=mikrotik

Monitorea la perdida de paquetes

:local ipPing ("8.8.8.8")

:local pingip

:set pingip [/ping $ipPing count=10]

:if ($pingip = 1) do={

:log info ("90% lost")

/interface ethernet disable ether2

} else={

/interface ethernet enable ether2

}

domingo, 24 de mayo de 2026