RouterOS Mac-Telnet application for Linux users

Earlier, I wrote about a Wireshark plugin for dissecting Mac-Telnet packets. Now I have created an open source application for connecting to a RouterOS router via its MAC address from Linux without having to install Wine. At the time of writing the project is still in “alpha” stage. But it is fully functional. Though it will probably be rewritten soon. I feel that the second time you write the same application, it tends to be more robust and thought through.. The first time is more of a proof of concept, and I let myself do a lot of short-cuts, just to be able to see it working.

The source code can be found at github. Just find the “download source” link at the top of the page.

To compile it, simply untar it, and compile it with “make” .
Because it needs to alter the frame headers, it uses RAW sockets, which means that you will need root access to use this tool.

To find the MAC address of connected routers, try the included tool mndp. It might take up to 2 minutes to find all routers, since it is a passive tool that waits for the routers to broadcast their info on the network:

# ./mndp
Searching for MikroTik routers... Abort with CTRL+C.
  0:c:42:43:58:a5 HMG

HMG is my name of the found router, set in the Identity section of the router.

Here are some mac-telnet usage information:

# ./mactelnet --help
Usage: ./mactelnet <ifname> <MAC> <username> [password]
  ifname    Network interface that the RouterOS resides on. (ex: eth0)
  MAC       MAC-Address of the RouterOS device. Use mndp to discover them.
  username  Your username.
  password  Your password.

Tip: Log out using CTRL+D on your keyboard.

Usage example:

# sudo ./mactelnet eth0 0:c:42:43:58:a5 admin mysecretpass
Connecting to 0:c:42:43:58:a5...done
  MMM      MMM       KKK                          TTTTTTTTTTT      KKK
  MMMM    MMMM       KKK                          TTTTTTTTTTT      KKK
  MikroTik RouterOS 4.0 (c) 1999-2009
[admin@HMG] >

Omni Flux sent me a patch that speeds up the MNDP discovery time by sending out a MNDP request before waiting for replies. Thanks!

He also informed me that his tests showed that you could send all the mac-telnet traffic to- and from- the broadcast address. This means that you would not need socket_raw (read: root privileges) capabillities to be able to send data to the router.

So the latest version of mactelnet, now also as a binary .deb package below, can be used without root privileges, unless you don’t want all data from your session to be broadcasted on your local network. You can optionally use the “old” method, where it uses the destination routers mac address as destination instead of broadcast.

Heres the latest “stable”: v0.1 version
Source tarball
Ubuntu/Debian binary package

Last commits on MAC-Telnet at GitHub

Posted October 1st, 2010 in C, mikrotik, routeros.


  1. Mac Telnet Utility for Debian/Ubuntu « blog @ bluebliss:

    […] You can read more and download the source here. […]

  2. Dean:

    Very nice. Just tried it. Will be very useful in my line of work with configuring various Mikrotik hardware.


  3. zixo:

    hi. good job man.

  4. Pavel:

    Thank you for your work – result is realy handy.

  5. guest:

    when you make mac-server

  6. hussain:

    Great job man, but i m getting an error while compiling the package ! here it is :

    [root@netview11 – /haakonnessjoen-MACTelnet-Debian-Packaging-be79190 # make all install
    cc -Wall -o macping macping.c interfaces.o protocol.o
    protocol.o: In function `parse_mndp’:
    protocol.c:(.text+0x8a6): undefined reference to `le32toh’
    collect2: ld returned 1 exit status
    make: *** [macping] Error 1
    i was able to install the first release that didn’t contain mcping. every other release i get this issue.
    please help me. Thanks in advance.

  7. hussain:

    hi again, sorry but i m getting another issue, using mndp from the first release i can find the mikrotik mac address but when trying to connect to it it says time out,

    [root@netview11 – / # mndp
    Searching for MikroTik routers… Abort with CTRL+C.
    d4:ca:6d:20:4e:34 Mikrotik
    [root@netview11 – / # mactelnet eth1 d4:ca:6d:20:4e:34
    Login: admin
    Connecting to d4:ca:6d:20:4e:34…Connection timed out
    Again thank you .

  8. hussain:

    hi sorry for another post but my issue fixed using -n parameter ,Thanks. :D

  9. Håkon Nessjøen:

    I have already done it. You can install it in debian/ubuntu by typing “sudo apt-get install mactelnet-server”, or download the source from my github page.

  10. Håkon Nessjøen:

    They should be in glibc on your linux. Are you sure you have installed all development-essential headers on your linux distribution?
    Look at your glibc’s endian.h file for the definitions of le32toh.

  11. Håkon Nessjøen:

    It might also be a bug that has been fixed in later versions, that prevented you to use it without -n. :)

  12. Robert Grønning:

    I’ve had very good use of this tool, it saved me from having to climb ladders during Winter when the routers crapped out because of a license issue.

    I’m eternally grateful for this tool you made!

    We are no longer using the MikroTik boards and their antennas, so I’m wondering if you’d be interested in this equipment for free as a token of my appreciation. I do understand if you don’t as this is not new technology.

    * A splash-proof enclosure with RB433 + 2x R52 interfaces + PSU
    * Three P2P antennas with built-in RB411 cards, POE-splits and PSUs
    * Two 180° antennas
    * Probably a few more interfaces and MikroTik boards

    If this is interesting to you I’ll post it to you.

    Vennleg helsing Robert Grønning, IT Ansvarleg ved UWC Red Cross Nordic i Flekke, Sogn og Fjordane

  13. Ivo Sarak:

    I have an issue with that tool and Fedora 18: it seems that device naming is an issue. My LAN device is named as p4p1, but mac-telnet nor mndp are able to hear nothing. The mndp is silent, but mac-telnet is openly complaining:

    [root@l2ppar haakonnessjoen-MAC-Telnet-ed9ad77]# ./mactelnet p4p1 d4:ca:6d:2c:73:6a admin
    Searching for ‘p4p1’…not found
    [root@l2ppar haakonnessjoen-MAC-Telnet-ed9ad77]# ifconfig
    eth1: flags=4163 mtu 1500
    inet netmask broadcast
    inet6 fe80::aed:b9ff:fee1:2f57 prefixlen 64 scopeid 0x20
    ether 08:ed:b9:e1:2f:57 txqueuelen 1000 (Ethernet)
    RX packets 36656 bytes 50537991 (48.1 MiB)
    RX errors 0 dropped 0 overruns 0 frame 2826
    TX packets 23064 bytes 2249930 (2.1 MiB)
    TX errors 3 dropped 0 overruns 0 carrier 0 collisions 0
    device interrupt 17

    lo: flags=73 mtu 16436
    inet netmask
    inet6 ::1 prefixlen 128 scopeid 0x10
    loop txqueuelen 0 (Local Loopback)
    RX packets 24 bytes 2492 (2.4 KiB)
    RX errors 0 dropped 0 overruns 0 frame 0
    TX packets 24 bytes 2492 (2.4 KiB)
    TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

    p4p1: flags=4163 mtu 1500
    inet netmask broadcast
    inet6 fe80::3e97:eff:fe3f:e8d3 prefixlen 64 scopeid 0x20
    ether 3c:97:0e:3f:e8:d3 txqueuelen 1000 (Ethernet)
    RX packets 36 bytes 4127 (4.0 KiB)
    RX errors 0 dropped 7 overruns 0 frame 0
    TX packets 17 bytes 3207 (3.1 KiB)
    TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

    [root@l2ppar haakonnessjoen-MAC-Telnet-ed9ad77]#

    At the same time the Wireshark is seeing packets on device p4p1.

    Note: Install instructions are a bit wrong as well – “tar zxvf haakonness*.tar.gz” should be “tar zxvf master”

  14. Håkon Nessjøen:


    I think you are using an old syntax of the mactelnet command. If you look at the latest README for mactelnet, the syntax no longer needs the interface name of your machine.

    So instead of:
    mactelnet p4p1 d4:ca:6d:2c:73:6a admin

    mactelnet d4:ca:6d:2c:73:6a -u admin

  15. Ivo Sarak:

    Thanks, for the mac-telnet I am now able to login into a MikroTik RB112 device I have for the testing, but mndp still does not see any announcements. What to do about it?

  16. Ivo Sarak:

    A little addition – the mndp seems to be able to see the device, but only if it is in the same subnet as itself. Is it intentional? How to let it see every MNDP packet traveling down the wire?

  17. dilnix:

    Please, make the RPM package for RH/Fedora based systems

  18. Dave:

    Hi Håkon, congratulations, Great Job !
    Unfortunately, this application didn’t work is my environment.
    I realized that MNDP sends broadcast messages to udp port 5678, however routers don’t forward Broadcasts by default and, for many reasons we don’t want it. In my Local networks it’s fine

    Anyway, This would be useful if the search was accomplished by the specific range of IP addresses and not via broadcast

  19. Håkon Nessjøen:

    Hi Dave,

    I am sorry to hear that it did not work in your environment. But I am afraid you misunderstood the whole concept of “mndp” and “mac-telnet”. It is meant for local network use only. Both mndp and mactelnet is centered about doing communication over the local network without relying on you being on the same subnet. But you are required to be on the same physical network. That is, not being behind a router as you say. That is by design.

  20. Daren:

    Hi Håkon,
    You made a really good job!
    I have a question relative to its usage through expect or through non tty.
    In expect i didn’t succeed in expecting the prompt (” > “) to send my commands
    In non-tty usage (through PHP) the authentication fails because of the lack of height/width, i had to modify mactelnet.c to force
    plen += add_control_packet(&data, MT_CPTYPE_TERM_WIDTH, &width, 2);
    plen += add_control_packet(&data, MT_CPTYPE_TERM_HEIGHT, &height, 2);
    with static values, but even with that, i’m unable to interact through mactelnet.

    If you have any idea please let me know…

    Thank you!

  21. Ales:

    Hi Håkon,
    I ve already compiled your mactelnet to my openwrt router from The problem is in /etc/mactelnet.users. I cannot use this file because I want to use radius login and everybody can see root password (all the passwords) in that file. I need to compare password directly with /etc/passwd (shadow). I changed DUSERFILE from mactelnet.users to shadow in Makefile, but now I must type all the string. Could you help me? Thanks.

  22. dilnix:

    Hi Håkon.
    All my working life i’m using Linux Fedora. And MACtelnet always worked good in this system for me.
    But now (on newest version – Fedora 20) I can’t login even after mndp found my device. See following quote:
    … [root@admin ~]# mactelnet -l
    … Searching for MikroTik routers… Abort with CTRL+C.

    … MAC-Address Identity (platform version hardware) uptime
    … d4:ca:6d:d7:49:7e Marketingsolutions (MikroTik 6.13 RB951Ui-2HnD) up 0 days 10 hours U5SX-6Q31
    … ^C
    … [root@admin ~]# mactelnet d4:ca:6d:d7:49:7e -u admin
    … Password:
    … Connecting to d4:ca:6d:d7:49:7e…Connection failed.

    In my firewall UDP port 20561 is opened. SeLinux system I turned off while trying to login. All time during test I been logged in to my RB951Ui-2HnD by Winbox started in Wine.
    Can you suggest me, how to find the problem and fix it???

  23. Dorijan:

    Great work! Did anyone tried compiling this for android? It would be very helpful…

  24. Klaus:

    Hi, is there a way to make the application armhf compatible? I would need it on a Raspberry PI.

  25. Klaus:

    Nevermind, my mistake!

  26. Håkon Nessjøen:

    Hi dilnix, you could try using the -n parameter. And update to the latest version of mactelnet from github.

  27. Håkon Nessjøen:

    If you are running raspbian on your raspberry pi, you can run:
    apt-get install mactelnet-client mactelnet-server

  28. Håkon Nessjøen:

    Hi Ales,

    I am afraid this is not possible, because of how the authentication system of the protocol works. Both sides needs to know the password in plaintext in order to generate the correct md5sum and compare it.

  29. Håkon Nessjøen:

    Hi Daren,

    Thanks for the info. I will investigate this when I have some spare time.

  30. Tools MAC Telnet client and server linux Mikrotik | Wiki Info Techno:

    […] ke Router Mikrotik Via MAC Address tanpa menggunakan Winbox.exe Ini Tipsnya: Download Tools nya RouterOS Mac-Telnet application for Linux users atau […]

  31. Henry L:

    Hi, Is there a way to make the tool work in CentOS ?

    Thanks , I really appreciate it.

  32. Håkon Nessjøen:

    Yes, you should be able to compile it without problems using the instructions on .

    If it does not compile, you need to install automake, autoconf, libtool and gcc compiler. Search for the packages using your package manager.

  33. Telnet через Ethernet для Linux? Flip Linux:

    […] RouterOS Mac-Telnet application for Linux users […]

  34. Telnet sobre Ethernet para Linux? Linux Funder:

    […] RouterOS Mac-Telnet application for Linux users […]

Leave a response: