Sniffing traffic on Mikrotik routers

Mikrotik routers are great hardware. With one you can mirror traffic that go thru on so you will be able to sniff trafic as you would being directly connected between target and router (or behind one)

This way you can run tool like wireshak on your computer (the ip you put as streaming-server) and look thru it.

Remamber that mirrored traffic will be transported as TZSP (udp port 37008)


Mikrotik – Send email with information about clients connecting to WiFi network

Mikrotik devices give a lot of configuration options to play with, and this post is one of those configuration which automatically register information about login/logouts in wifi network, and at daily basis send them to custom email address.

Let assume you have already configure email capability in mikrotik system.

Next we want to set topic of information we want to store to file (ex. wifi.log):

Next lets create script that will be backuping log file, send it to your email account, delete backup to free up some space and delete user that will do those things to not make it a easy target:


Don’t forget to setup scheduler that will run our script on daily basis:



Mikrotik and Squid = Transparent Proxy

In business networks there is a big usage of  transparent proxy also home networks can use it also.

Thanks to that kind of server we can monitoring a lot of meta data and value information from client network and also prevent a lot of virus infections.

Lets assume that our server ( have Ubuntu or Debian operation system installed on it and the lan network is

On server there is also software firewall (iptables) which we will use to forward connection using commands below:

Next, on Mikrotik router we will add firewall rules to forward chosen clients (via list SQUID_CLIENTS) to server with squid proxy:

This way we finished configuration of proxy server which will capture web traffic and don’t need to be configure on client side.