Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi all,
Vanilla are planning an update to the site on April 24th (next Wednesday). It is a major PHP8 update which is expected to boost performance across the site. The site will be down from 7pm and it is expected to take about an hour to complete. We appreciate your patience during the update.
Thanks all.

The Mikrotik RouterOS config, tips and tricks thread

Options
2456712

Comments

  • Options
    #32
    PogMoThoin
    Closed Accounts Posts: 13,874 ✭✭✭✭PogMoThoin


    I'm getting amazing wireless performance with the latest release candidate firmwares (v6.0rc11). I can now sustain 100Mbit SMB transfer over wireless, samba isn't the most efficient protocol therefore the limit here is most likely the hard drive speed. Make sure you have channel width set to 20/40 HT above and under advanced set your distance to indoors.

    speed2_zps3a7df711.gif

    speed_zps4900f393.gif


  • Options
    #33
    witnessmenow
    Registered Users Posts: 7,001 ✭✭✭witnessmenow


    So currently 3G is my only option for internet at the moment (Not what I envisioned when I bought this Mikrotik!) but in fairness its doing a pretty bang up job. Speeds are actually pretty decent and my biggest issue with 3g at the moment is the 20gb download cap. I have written a script to get the mikrotik to check the balance on the stick and email me the result

    Its specifically for Meteor, but if your provide provides a service where you can text for a balance you can easily change it.

    Will try make it a bit more clever over time (maybe parse out value and stop traffic when limit is hit) but this is what I have so far

    Note: Make sure you have email and SMS set up first.
    #Script for checking 3G Balance#
#This Script will:#
# - Remove all SMSs from inbox #
# - Send SMS to check Balance #
# - Email Contents of SMS #

:log info "Script for Checking 3G Balance has started";

#----------------#
#Values#
#----------------#

#Meteors BroadBand to Go Check balance Via text command is text "MMB balance" to 50104#
:local SMSNumber "50104";
:local SMSCommand "MMB balance";

#Email#
:local EmailAddr "YOUREMAIL@gmail.com";
:local EmailSubject;

:set EmailSubject "3G Balance at $[/system clock get time]";

#----------------#
#Remove All SMSs from inbox#
#This ensures that only the status SMS gets emailed to you#
#----------------#

:log info "Deleting All current SMSs from Inbox";

# Looping to Delete all existing SMS #
:foreach i in=[/tool sms inbox find] do={

# Remove SMS from Inbox #
/tool sms inbox remove $i;

delay 2;
}
:log info "Finished Deleting SMSs";

#----------------#
#Send SMS to Check Balance#
#----------------#

:log info "Sending SMS to Check Balance";

# Set Receive Enabled, in case it was cleared by a router reboot #
/tool sms set receive-enabled=yes;

delay 2;

#Send SMS to check Credit - NOTE: Change Port (usb1) and channel as required#
/tool sms send usb1 $SMSNumber channel=3 message="$SMSCommand";

:log info "SMS for checking Balance Sent. Now waiting 10 seconds for reponse";
delay 10;

#----------------#
#Sending SMS response on Via Email#
#----------------#

:local smsMessage;
:local smsTimeStamp;
:local emailContent;


:log info "Checking Inbox for Balance SMS";

# loop through all the messages in the inbox #
:foreach i in=[/tool sms inbox find] do={

:set smsTimeStamp [/tool sms inbox get $i timestamp];
:set smsMessage [/tool sms inbox get $i message];

#Build Email Body#
:set emailContent "Response from balance check, recieved at $smsTimeStamp:\n\n$smsMessage";


:log info "Sending Email containing: $emailContent";
#Send Email#
/tool e-mail send tls=yes subject="$EmailSubject" to=$EmailAddr body="$emailContent";

delay 10;

}

:log info "Script for Checking 3G Balance has finished";

    Anyone know if I can use regular expression on the SMS response to extract the actual limit? It comes in a nice east to extract format:

    You have 19.36 GB of your monthly allowance remaining. This months allowance will be available until 04-04-13

    in something like PHP I would use the following regex to extract it:

    /([0-9]{1,2}\.{1}[0-9]{1,2}) GB/


  • Options
    #34
    lotas
    Registered Users Posts: 925 ✭✭✭lotas


    Morning all.

    Just realized that there is a tweak to be made to @pogmothoin's post. I have 2 WAN connections, and if an SSH connections comes from one, i forward it to a particular server (using the NAT section). if its from WAN2, it goes to a different machine... this causes some interesting problems with the following block of code:
    add action=add-src-to-address-list address-list=trying_to_login address-list-timeout=1d chain=input comment="list IP's who try remote login" disabled=no dst-port=20-23 protocol=tcp
add action=drop chain=input comment="drop ssh brute forcers" disabled=no dst-port=22 protocol=tcp src-address-list=ssh_blacklist
add action=add-src-to-address-list address-list=ssh_blacklist address-list-timeout=1w3d chain=input connection-state=new disabled=no dst-port=22 protocol=tcp src-address-list=ssh_stage3
add action=add-src-to-address-list address-list=ssh_stage3 address-list-timeout=1h chain=input connection-state=new disabled=no dst-port=22 protocol=tcp src-address-list=ssh_stage2
add action=add-src-to-address-list address-list=ssh_stage2 address-list-timeout=1h chain=input connection-state=new disabled=no dst-port=22 protocol=tcp src-address-list=ssh_stage1
add action=add-src-to-address-list address-list=ssh_stage1 address-list-timeout=1h chain=input connection-state=new disabled=no dst-port=22 protocol=tcp
add action=accept chain=input comment="allow ssh" disabled=no dst-port=22 protocol=tcp

    because the chain is set to input, it ignores it. I noticed this morning that a lot of SSH requests where hitting both my servers, and not getting blocked by the firewall. the solution? set the chain to forward. so far so good!


  • Options
    #35
    witnessmenow
    Registered Users Posts: 7,001 ✭✭✭witnessmenow


    There is a bug in my above script, it doesnt delete the SMSs.

    If receive is not enabled it will not delete the SMSs. Updated below:
    witnessmenow wrote: »
    #Script for checking 3G Balance#
#This Script will:#
# - Remove all SMSs from inbox #
# - Send SMS to check Balance #
# - Email Contents of SMS #

:log info "Script for Checking 3G Balance has started";

#----------------#
#Values#
#----------------#

#Meteors BroadBand to Go Check balance Via text command is text "MMB balance" to 50104#
:local SMSNumber "50104";
:local SMSCommand "MMB balance";

#Email#
:local EmailAddr "YOUREMAIL@gmail.com";
:local EmailSubject;

:set EmailSubject "3G Balance at $[/system clock get time]";

#----------------#
#Remove All SMSs from inbox#
#This ensures that only the status SMS gets emailed to you#
#----------------#

:log info "Deleting All current SMSs from Inbox";

# Set Receive Enabled, in case it was cleared by a router reboot #
/tool sms set receive-enabled=yes;

# Looping to Delete all existing SMS #
:foreach i in=[/tool sms inbox find] do={

# Remove SMS from Inbox #
/tool sms inbox remove $i;

delay 2;
}
:log info "Finished Deleting SMSs";

#----------------#
#Send SMS to Check Balance#
#----------------#

:log info "Sending SMS to Check Balance";

delay 2;

#Send SMS to check Credit - NOTE: Change Port (usb1) and channel as required#
/tool sms send usb1 $SMSNumber channel=3 message="$SMSCommand";

:log info "SMS for checking Balance Sent. Now waiting 10 seconds for reponse";
delay 10;

#----------------#
#Sending SMS response on Via Email#
#----------------#

:local smsMessage;
:local smsTimeStamp;
:local emailContent;


:log info "Checking Inbox for Balance SMS";

# loop through all the messages in the inbox #
:foreach i in=[/tool sms inbox find] do={

:set smsTimeStamp [/tool sms inbox get $i timestamp];
:set smsMessage [/tool sms inbox get $i message];

#Build Email Body#
:set emailContent "Response from balance check, recieved at $smsTimeStamp:\n\n$smsMessage";


:log info "Sending Email containing: $emailContent";
#Send Email#
/tool e-mail send tls=yes subject="$EmailSubject" to=$EmailAddr body="$emailContent";

delay 10;

}

:log info "Script for Checking 3G Balance has finished";


  • Options
    #36
    Xantia
    Registered Users Posts: 682 ✭✭✭Xantia


    witnessmenow wrote: »
    I set up an old 3g modem I had lying about on the 751G this morning. I was using a meteor branded E173 Huawei modem

    Check is your device supported

    When I eventually did get it set up I actually didnt do too much, but it didnt stop it taking me the entire morning!

    If anyone has any questions about feel free to give me a shout.

    Hi,
    Would you have any info on this setup?
    I am hoping to use it soon, I have a compatible USB 3G
    Thanks


  • Advertisement
  • Options
    #37
    witnessmenow
    Registered Users Posts: 7,001 ✭✭✭witnessmenow


    Xantia wrote: »
    Hi,
    Would you have any info on this setup?
    I am hoping to use it soon, I have a compatible USB 3G
    Thanks

    I will try help out later when Im at home and have access to winbox

    Is it a Huawei modem?


    I'm having some issues myself! I bought a new dongle of meteor (one that had a external antenna port) and it seemed to be working fine. But last night and this morning the mikrotik got left in a weird state where no connections were set up. Rebooting the mikrotik brought everything back, but I cant imagine its a coincidence that this happened after installing the new dongle. Will investigate later, hopefully it can be resolved!


  • Options
    #38
    Xantia
    Registered Users Posts: 682 ✭✭✭Xantia


    Thanks for coming back to me.

    No Rush on this.

    I hope to setup a 3G and then a WiFi in the car - I know, I know, but it would be handy for me on the road.

    (In my day it was - I am sitting on the wheel arch back here, nowadays it's I cant get 3G)

    So Mikrotik with a 3G USB Stick with an external antenna, WiFi with external antenna(s)


  • Options
    #39
    witnessmenow
    Registered Users Posts: 7,001 ✭✭✭witnessmenow


    There is probably cheaper lower powered solutions for doing that though. A Mi-Fi Dongle would probably suit best. Something like this It probably has limited range, but surely covers a car :)

    EDIT: Actually how far from the car do you want to be? Didnt notice you were talking about adding external wireless antennas too

    Sorry I didnt get back to you will def over the next couple of days!


  • Options
    #40
    VenomIreland
    Registered Users Posts: 2,928 ✭✭✭VenomIreland


    I'm looking at getting one of these, both as a replacement for my current router (DIR-655, not strong enough output to cover the house and we can't wire everything unfortunately), but which one is the most recent model that would be suitable for a home? I'd appreciate a GUI interface for inital setup, but if it's all CLI then that's okay too.


  • Options
    #41
    Xantia
    Registered Users Posts: 682 ✭✭✭Xantia


    I think that this is the latest Home one with a faster 600MHz processor
    I have the previous one RB751G-2HnD and it works fine
    but there is a bit of a learning curve to them


  • Advertisement
  • Options
    #42
    VenomIreland
    Registered Users Posts: 2,928 ✭✭✭VenomIreland


    Xantia wrote: »
    I think that this is the latest Home one with a faster 600MHz processor
    I have the previous one RB751G-2HnD and it works fine
    but there is a bit of a learning curve to them

    Thanks, they are actually much cheaper than I expected them to be.


  • Options
    #43
    Xantia
    Registered Users Posts: 682 ✭✭✭Xantia


    There is a GUI (Winbox) or you can web to the default address 192.168.88.1 as well.
    The one I have does cover the whole house but that might be because it's in the middle of the house and I have not specified a country which gives the higher WiFi power output.
    The RB951G-2HnD is 2.4Ghz WiFi - others are available if you prefer the 5 Gig WiFi


  • Options
    #44
    VenomIreland
    Registered Users Posts: 2,928 ✭✭✭VenomIreland


    Xantia wrote: »
    There is a GUI (Winbox) or you can web to the default address 192.168.88.1 as well.
    The one I have does cover the whole house but that might be because it's in the middle of the house and I have not specified a country which gives the higher WiFi power output.
    The RB951G-2HnD is 2.4Ghz WiFi - others are available if you prefer the 5 Gig WiFi
    I'm not sure if I have anything that is 5GHz, the media server and the PCs are all connected via Cat5e, so I don't really need it for the important things, the wifi is just for the devices that can't realistically be wired (e.g. phones).

    I'll probably place an order soon, it should be fun learning to configure it.


  • Options
    #45
    privilegue
    Registered Users Posts: 71 ✭✭privilegue


    Hi all - i found this thread while researching an issue I am having with my current setup and the things I would like to do. So here goes nothing :)

    I have the following setup::

    1) OpenVPN Server running on Linux on 10.8.0.0 (WAN1)
    2) RouterOS RouterBoard 2011IN connecting to that server (WAN2)

    my config on routerOS is working fine and I can see the routerOS device connected on the OVPN Server active clients list with an IP of 10.8.0.3

    so that vpn part works. Now what I would like to do is, set everything up so that when I login to that VPN network with my laptop lets say, i am then able to connect to the routerOS config interface using any of the available services (ssh - sftp - www - winbox)... But so far it seems I am out of luck.

    If anyone could help I would appreciate this. Thanks.


  • Options
    #46
    lotas
    Registered Users Posts: 925 ✭✭✭lotas


    you will need to set your firewall to allow devices from the 10.8.0.0/24 network to be able to connect to your WinBox, http, etc. I dont have access to my mikrotik at the moment, but i think you are looking for something like:

    /ip firewall filder
    add action=accept chain=input comment="allow winbox" disabled=no dst-port=8291 protocol=tcp src-address=10.8.0.0/24

    Good luck!


  • Options
    #47
    privilegue
    Registered Users Posts: 71 ✭✭privilegue


    lotas wrote: »
    you will need to set your firewall to allow devices from the 10.8.0.0/24 network to be able to connect to your WinBox, http, etc. I dont have access to my mikrotik at the moment, but i think you are looking for something like:

    /ip firewall filder
    add action=accept chain=input comment="allow winbox" disabled=no dst-port=8291 protocol=tcp src-address=10.8.0.0/24

    Good luck!

    Thanks man, i did that but that didnt work unfortunately. I have been fighting with this issue for 2 days now and still no solution. I have tun0 traffic allowed on OVPN Server as well as Filter FORWARD has ports 80 / 8921 accept in forward.

    From the ovpn-server (ssh in) i can ping any client including the routeros board. I can even ssh into that from the ovpn-server but not from my windows client. Its really weird...

    SERVER 10.8.0.1
    RouterOS 10.8.0.2
    WIN 10.8.0.3

    i can access the server from WIN just fine (http / ssh whatever configured) using the VPN connection, no problems there. I can not access the routerOS, even with empty iptables.

    So my config would look like this: (example)
    -- Debian eth0:192.168.1.220 tun0:10.8.0.1
    --- can access all other clients on network
    --- has INPUT filter but accepts all traffic from internal networks and from tun0

    -- RouterOS ether1:192.168.1.175 ovpn-client:10.8.0.2
    --- can ping and reach server fine x.0.1
    --- can ping and reach WIN machine fine (http setup for testing)

    -- WIN eth0:outside ovpn:10.8.0.3
    --- can access all services on server 10.8.0.1
    --- cant access / ping anything on routerOS

    So i am thinking -- (since i kinda suck at fwalls) -- do i need to accept on INPUT chain of server ports for the routerOS unit? i dont think so since FORWARD would deal with traffic going through the server.

    I am getting bald here, so any help is appreciated :)


  • Options
    #48
    privilegue
    Registered Users Posts: 71 ✭✭privilegue


    After a couple more tests and runthroughs here is the solution:::

    ON the config of your OVPN server you have to add the following to your server.conf

    push "route <IPofOVPNNETWORK> <SUBNET>"

    this fixed it all.


  • Options
    #49
    lotas
    Registered Users Posts: 925 ✭✭✭lotas


    ahhh, so its not a RouterBoard issue, but OpenVPN issue... cool!


  • Options
    #50
    privilegue
    Registered Users Posts: 71 ✭✭privilegue


    lotas wrote: »
    ahhh, so its not a RouterBoard issue, but OpenVPN issue... cool!

    indeed and i was real puzzled by the fact that router received SYN but no ACK could be transmitted... if OpenWRT is being used then you dont have this issue at all :)


  • Options
    #51
    Xantia
    Registered Users Posts: 682 ✭✭✭Xantia


    RouterOS v6.2 released today.
    Seems to work OK


  • Advertisement
  • Options
    #52
    Tails142
    Registered Users Posts: 2,103 ✭✭✭Tails142


    Got my mikrotik set up there yesterday at last - had problems finding a 3g dongle that would work with it, here's my saga incase it helps anyone out.

    I was using a ZTE MF80 - mifi hotspot, thought it might connect over usb originally but the micro usb port is just for power. OK no probs.

    Had an old Huawei K3765 lying around, couldnt get that to work, it was locked to vodafone, tried a few apps to get it unlocked, wasnt willing to spend any money on paid apps, and I wanted a 21.6mbps dongle so I moved on from that. In hindsight I probably should've stuck with it a bit longer.

    Bought a Huawei E3131 Hi-Link off meteor, I had read about disabling the Hi-Link to show the serial ports believing that this meant it would work with the RouterBoard... WRONG... after a couple days of troubleshooting and not being able to find definite confirmation of the E3131 working with a routerboard despite lots of people pointing out you can disable the Hi-Link to expose the serial ports I gave up, to anyone reading this considering a E3131 as far I can ascertain, its not compatible.

    Next stop was a Huawei E353, devastated me because I had an E353 already and sold it on ebay for next to nothing because I previously thought I would never need it. Bought an unlocked one on eBay, waited for it to arrive in anticipation, disaster, FAULTY modem! For some reason it cant read the sim card, any sim card, looks like the unlock code has been enterred wrong too many times, cant reset the counter without a sim... it can't read any sim... already got a refund through paypal and still trying to get an address out of the seller to return it to him, don't think he's interested.

    Down but not out, bought another E353 this time off an amazon market place seller, arrived yesterday, and here I am writing a boards post over it connected through my Mikrotik =D Perseverance

    Have everything set up as before, 4 IP Cameras, TV, Wii, Linux box - was just too much pressure for the ZTE MF80 which would occassionally crash/overheat when you added in a laptop, tablet and two phones on top. Plus the signal was very weak at either end of the house... no problems now!

    Can't get the hairpin nat working to view the cameras from inside the LAN using the dyndns address but... not a major issue and one I can come back to another day.

    Also, the meteor remaining balance script looks nice but after a bit of troubleshooting I've realised that my modem can't send SMS while it is being used as the PPP connection because the port is already in use? Is there a way to overcome that, should I use a different port? It's registering 4... had a quick try but didnt get an instant result with any of the the other ports. Anyway, also not a major issue because the meteor web account details are not too bad unlike the O2 site which takes about 15 minutes to load, only slight exaggeration.

    Ok now, time to relax and enjoy the bank holiday =D


  • Options
    #53
    privilegue
    Registered Users Posts: 71 ✭✭privilegue


    Good stuff and good job on making that work! ;) Just in case anyone wonders. Most RBs come with an unsoldered Serial port near the AC power connection, just solder that up and you can actually change the firmware - just got OpenWRT working on a RB2011L-IN - While routerOS is already very low level, there is certain things that you wont be able to do or you are limited by your license level.

    The hardware I have found to be very reliable and stable - out of so far 100 setup units only 1 has failed with a faulty AC adapter port (bad broken off solder joint). Their hardware specs are certainly over the top!


  • Options
    #54
    Sniipe
    Registered Users Posts: 2,932 ✭✭✭Sniipe


    Ah you have me convinced... I'll buy this one: http://www.ebay.de/itm/Mikrotik-Routerboard-RB951Ui-2HnD-5xPORT-LAN-ROUTER-RB-951Ui-2HnD-/161104945917?pt=DE_Computing_Drahtlose_Router&hash=item25829a62fd

    I wonder is the "Ui" any different... €60 is very reasonable.


  • Options
    #55
    VenomIreland
    Registered Users Posts: 2,928 ✭✭✭VenomIreland


    My DIR-655 has pretty much died, so now it's become a necessity to get a new router, should I get one of these or spend more and get an ASUS RTN66U or whatever it's called, my concern is wireless performance, how do they compare? Also, my ISP uses PPPOE, is that easy enough set up in RouterOS?


  • Options
    #56
    Sniipe
    Registered Users Posts: 2,932 ✭✭✭Sniipe


    VenomIreland wrote: »
    My DIR-655 has pretty much died, so now it's become a necessity to get a new router, should I get one of these or spend more and get an ASUS RTN66U or whatever it's called, my concern is wireless performance, how do they compare? Also, my ISP uses PPPOE, is that easy enough set up in RouterOS?

    You are the exact same as me - my DIR-655 isn't working properly and I was about to buy the ASUS RTN66U (as per this thread). However I just bought this mikrotik router.


  • Options
    #57
    gouche
    Registered Users Posts: 416 ✭✭gouche


    VenomIreland wrote: »
    My DIR-655 has pretty much died, so now it's become a necessity to get a new router, should I get one of these or spend more and get an ASUS RTN66U or whatever it's called, my concern is wireless performance, how do they compare? Also, my ISP uses PPPOE, is that easy enough set up in RouterOS?

    Wireless performance is great. Comes with a 1W radio - that's 1000mW!
    Option to add an external antenna as will if you want.

    I have Vodafone DSL. Using an old Netopia as a Bridge the RB dials up the PPPoE connection and does everything else. Relatively straightforward, the hardest part is probably setting the DSL router in bridge mode.


  • Options
    #58
    VenomIreland
    Registered Users Posts: 2,928 ✭✭✭VenomIreland


    gouche wrote: »
    Wireless performance is great. Comes with a 1W radio - that's 1000mW!
    Option to add an external antenna as will if you want.

    I have Vodafone DSL. Using an old Netopia as a Bridge the RB dials up the PPPoE connection and does everything else. Relatively straightforward, the hardest part is probably setting the DSL router in bridge mode.

    After reading some guides it seems to be pretty straightforward. I think I'll order one when I have the money, running off a spare router from a friend atm.


  • Options
    #59
    Sniipe
    Registered Users Posts: 2,932 ✭✭✭Sniipe


    I just got my Mikrotik router. I'm using webfig v5.25.

    I've got the pppoe cable connected to my UPC router. I can get to the config page on 192.168.88.1 however I've no internet access.

    I can see on the page that my Quick set is as "AP" (other options are CPE, Home AP, PTP Bridge)
    I can also see that my address acquisition is DHCP however I have no WAN address.
    Also my DHCP server is unchecked - I imagine once I get internet I will want this selected.

    Any hints on what I'm missing, I thought UPC didn't have PPPOE.


  • Options
    #60
    gouche
    Registered Users Posts: 416 ✭✭gouche


    Sniipe wrote: »
    I just got my Mikrotik router. I'm using webfig v5.25.

    I've got the pppoe cable connected to my UPC router. I can get to the config page on 192.168.88.1 however I've no internet access.

    I can see on the page that my Quick set is as "AP" (other options are CPE, Home AP, PTP Bridge)
    I can also see that my address acquisition is DHCP however I have no WAN address.
    Also my DHCP server is unchecked - I imagine once I get internet I will want this selected.

    Any hints on what I'm missing, I thought UPC didn't have PPPOE.

    First, you need to set your UPC router to Bridge mode.
    There should be an option for this in the router settings somewhere.
    Basically, you're disabling DHCP and Wireless and the router is just acting as a bridge between the UPC connection and the MikroTik. It doesn't dial in with PPPoE login details or anything like that - that's all done on the MikroTik.

    Then, on your MikroTik, you need to create a PPPoE client with the login details for your connection.

    You'll then need to configure your DHCP and firewall.

    Here's a link to the MikroTik wiki for doing this.

    I think UPC do use PPPoE but I'm open to correction!

    If they use DHCP there's a section in that wiki for that also.

    EDIT:
    Just one other thing, you might find it easier to use Winbox for configuration.
    I find it easier to use than Webfig.
    You can download from www.mikrotik.com.


  • Advertisement
  • Options
    #61
    smee again
    Closed Accounts Posts: 552 ✭✭✭smee again


    First of all, get the latest 6.4 RouterOS on it, available here: http://www.mikrotik.com/download

    Much easier than that, you'd be as well get the Winbox utility, it's much more powerful than the web login but makes some things much easier (you can always use both). When you login on Winbox go to system->packages and check for updates, it should give you the option to install 6.4 and reboot.

    Then after reboot you need to update the firmware, go to system->routerboard and click update. Then go to system and select reboot.

    What make UPC modem do you have, you're going to need to search Boards for info regarding setting it in bridge mode, there have been posts and guide here before


Advertisement