Custom probe settings

From MikroTik Wiki
Jump to: navigation, search

http

The follow probe supplies the web server with appropriate headers, satisfying the requirements of apache's mod_security, otherwise tons of log entries are generated complaining about missing host header, user agent header, and invalid options. 

Name: http
Type: TCP
Port: 80

Send: HEAD / HTTP/1.0\r\nHost: networkmonitor.mydomain.com\r\nUser-Agent: The-Dude/2.2\r\nAccept: text/*\r\n\r\n
Receive: ^HTTP/1\\.

SSH

The default SSH probe gives the following log entries in /var/log/secure: 

Did not receive identification string from ::ffff:XXX.XXX.XXX.XXX

To clean this up, I changed the ssh probe to the following:

Thedude-probe-ssh.png 

Name: ssh
Type: TCP
Port: 22
Conncet Only: unchecked
First Receive, Then Send: Checked

Send: <greyed out>
Receive: ^SSH\\.*
Send: SSH-2.0-TheDude-Ping\r\n
Receive: 
Send: 
Receive:

Now the entry I get in the log file is: 

Connection closed by ::ffff:XXX.XXX.XXX.XXX

The connection is now "properly" closed by The Dude.

Retrieved from "https://wiki.mikrotik.com/index.php?title=Custom_probe_settings&oldid=9545"