def block_ip(address, comment='auto-blocked', chain='input'):
# Add address list entry
api('/ip/firewall/address-list/add',
'list': 'attackers',
'address': address,
'timeout': '1h',
'comment': comment
)
# Add drop rule (if not exists)
rules = api('/ip/firewall/filter/print', '?chain': chain, '?dst-port': '22', '?protocol': 'tcp')
# ... optional rule creation
import librouteros
import time
conn = librouteros.connect(
host='192.168.88.1', username='api_user', password='pass'
)
while True:
monitor = conn.path('interface', 'monitor-traffic').call(
'print', 'interface': 'ether1', 'once': ''
)
for data in monitor:
rx = data.get('rx-bits-per-second', 0) / 1_000_000
tx = data.get('tx-bits-per-second', 0) / 1_000_000
print(f"RX: rx:.2f Mbps, TX: tx:.2f Mbps")
time.sleep(2)
mikrotik api examples
# Disable an interface
api('/interface/set',
'.id': 'ether2',
'disabled': 'yes'
)
registrations = api.path('interface', 'wireless', 'registration-table')
for client in registrations:
print(f"MAC: client['mac-address'], Signal: client['signal-strength'] dBm, TX Rate: client['tx-rate']")
resources = connection.path('system', 'resource').get()
print(f"CPU Load: resources['cpu-load']%")
print(f"Uptime: resources['uptime']")
# Find the interface
interfaces = api.path('interface')
for interface in interfaces:
if interface['name'] == 'ether2':
# Disable it
interfaces.update(interface['.id'], disabled='yes')
# Later, enable it
# interfaces.update(interface['.id'], disabled='no')