sukriborneo

Untitled

Nov 3rd, 2017
106
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. [admin@MikroTik] > /export
  2. # jul/30/2017 01:25:15 by RouterOS 6.41rc3
  3. # software id = B4SW-VDRD
  4. #
  5. # model = 951Ui-2HnD
  6. # serial number = 5581040CB71C
  7. /interface lte
  8. set [ find ] apn="" disabled=yes mac-address=58:2C:80:13:92:63 name=lte1
  9. /interface bridge
  10. add admin-mac=4C:5E:0C:E0:54:EE arp=proxy-arp auto-mac=no comment="created from master port" igmp-snooping=no mtu=1500 name=br1-lan \
  11. protocol-mode=none
  12. /interface ethernet
  13. set [ find default-name=ether1 ] name=eth1-wan
  14. set [ find default-name=ether2 ] name=eth2-lan
  15. set [ find default-name=ether3 ] name=eth3-lan
  16. set [ find default-name=ether4 ] name=eth4-lan
  17. set [ find default-name=ether5 ] name=eth5-lan
  18. /interface pppoe-client
  19. add add-default-route=yes disabled=no interface=eth1-wan name=tap1-wan password=xxx user=xxx
  20. /interface pptp-server
  21. add name=pptp-in1 user=vpn
  22. /interface wireless security-profiles
  23. add authentication-types=wpa-psk,wpa2-psk eap-methods="" management-protection=allowed mode=dynamic-keys name=wpa2-protect \
  24. supplicant-identity="" wpa-pre-shared-key=xxx wpa2-pre-shared-key=xxx
  25. /interface wireless
  26. set [ find default-name=wlan1 ] band=2ghz-b/g/n disabled=no frequency=auto mode=ap-bridge security-profile=wpa2-protect ssid=omgwtfbbq \
  27. wireless-protocol=802.11
  28. /interface wireless nstreme
  29. set wlan1 enable-polling=no
  30. /ip pool
  31. add name=dhcp-pc ranges=10.0.0.2-10.0.0.50
  32. /ip dhcp-server
  33. add address-pool=dhcp-pc disabled=no interface=br1-lan lease-time=8h name=dhcp-pc
  34. /interface bridge port
  35. add bridge=br1-lan interface=wlan1
  36. add bridge=br1-lan interface=eth2-lan
  37. add bridge=br1-lan interface=eth3-lan
  38. add bridge=br1-lan interface=eth4-lan
  39. add bridge=br1-lan interface=eth5-lan
  40. /interface pptp-server server
  41. set enabled=yes
  42. /ip address
  43. add address=10.0.0.1/24 interface=br1-lan network=10.0.0.0
  44. /ip dhcp-server lease
  45. add address=10.0.0.100 client-id=1:14:da:e9:df:e2:7a mac-address=14:DA:E9:DF:E2:7A server=dhcp-pc
  46. add address=10.0.0.99 client-id=1:0:26:2d:84:82:13 mac-address=00:26:2D:84:82:13 server=dhcp-pc
  47. /ip dhcp-server network
  48. add address=10.0.0.0/24 dns-server=10.0.0.1 gateway=10.0.0.1 netmask=24 ntp-server=10.0.0.1
  49. /ip dns
  50. set allow-remote-requests=yes servers=77.88.8.8
  51. /ip dns static
  52. add address=192.168.88.1 name=router.lan
  53. /ip firewall filter
  54. add action=accept chain=input dst-port=1723 protocol=tcp
  55. add action=accept chain=input protocol=gre
  56. add action=accept chain=input protocol=icmp
  57. add action=accept chain=input connection-state=new dst-port=80,8291,22 in-interface=br1-lan protocol=tcp src-address=10.0.0.0/24
  58. add action=accept chain=input connection-mark=allow_in connection-state=new dst-port=80 in-interface=tap1-wan protocol=tcp
  59. add action=accept chain=input connection-state=established,related
  60. add action=accept chain=input connection-state=new dst-port=53,123 in-interface=br1-lan protocol=udp src-address=10.0.0.0/24
  61. add action=accept chain=forward connection-state=established,new in-interface=br1-lan out-interface=tap1-wan src-address=10.0.0.0/24
  62. add action=accept chain=forward connection-state=established,related dst-address=10.0.0.0/24 in-interface=tap1-wan out-interface=\
  63. br1-lan
  64. add action=accept chain=output connection-state=!invalid
  65. add action=drop chain=input
  66. add action=drop chain=output
  67. add action=drop chain=forward
  68. /ip firewall mangle
  69. add action=mark-connection chain=prerouting connection-state=new dst-port=9999 in-interface=tap1-wan new-connection-mark=allow_in \
  70. passthrough=yes protocol=tcp
  71. /ip firewall nat
  72. add action=masquerade chain=srcnat out-interface=tap1-wan src-address=10.0.0.0/24
  73. add action=redirect chain=dstnat dst-port=9999 protocol=tcp to-ports=80
  74. /ip firewall service-port
  75. set sip disabled=yes
  76. /ip route
  77. add distance=1 dst-address=10.0.1.0/24 gateway=10.0.0.250
  78. /ip upnp
  79. set enabled=yes
  80. /ppp secret
  81. add local-address=10.0.0.1 name=vpn password=xxx remote-address=10.0.0.250 service=pptp
  82. /system clock
  83. set time-zone-autodetect=no time-zone-name=Europe/Astrakhan
  84. #error exporting /system routerboard mode-button
  85. [admin@MikroTik] >
Add Comment
Please, Sign In to add comment