API tools faq
paste
Advertisement
Amakesh

Untitled

Amakesh
Jul 27th, 2020 (edited)
1,471
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 8.16 KB | None | 0 0
raw download clone embed print report
  1. # jul/27/2020 12:44:22 by RouterOS 6.44.5
  2. # software id = 6TID-ZMFN
  3. #
  4. # model = CRS109-8G-1S-2HnD
  5.  
  6. /interface bridge
  7. add admin-mac=CC:2D:E0:99:EF:0A auto-mac=no comment=defconf name=bridge
  8. add name=bridge2
  9. /interface list
  10. add comment=defconf name=WAN
  11. add comment=defconf name=LAN
  12.    
  13. /interface wireless
  14. set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-XX disabled=no distance=indoors frequency=auto installation=indoor mode=ap-bridge security-profile=profile1 ssid=\
  15.     MikroTik-99EF12 wireless-protocol=802.11
  16. /ip pool
  17. add name=default-dhcp ranges=192.168.88.10-192.168.88.254
  18. add name=pool2 ranges=192.168.77.10-192.168.77.254
  19. /ip dhcp-server
  20. add address-pool=default-dhcp disabled=no interface=bridge name=defconf
  21. add address-pool=pool2 disabled=no interface=bridge2 name=server2
  22. /port
  23. set 1 name=usb2
  24. set 2 name=usb3
  25. /interface ppp-client
  26. add add-default-route=no apn=internet.cp comment=P dial-on-demand=no disabled=no info-channel=1 name=ppp-out1 port=usb2 use-peer-dns=no
  27. add add-default-route=no apn=internet comment="PLAY K" dial-on-demand=no disabled=no info-channel=1 name=ppp-out2 port=usb3 use-peer-dns=no
  28. /system logging action
  29. add name=PPP target=memory
  30. add name=Bridge target=memory
  31. add name=Firewall target=memory
  32. add name=Interface target=memory
  33. add name=Packet target=memory
  34. add name=Route target=memory
  35. add name=IPSec target=memory
  36. add name=Error target=memory
  37. add name=Warning target=memory
  38. add name=System target=memory
  39. add name=DHCP target=memory
  40. add name=Info target=memory
  41. add name=Debug target=memory
  42. add name=Wireless target=memory
  43. add name=DNS target=memory
  44. /interface bridge port
  45. add bridge=bridge comment=defconf interface=ether2
  46. add bridge=bridge comment=defconf interface=ether3
  47. add bridge=bridge comment=defconf interface=ether4
  48. add bridge=bridge2 comment=defconf interface=ether5
  49. add bridge=bridge2 comment=defconf interface=ether6
  50. add bridge=bridge2 comment=defconf interface=ether7
  51. add bridge=bridge comment=defconf interface=ether8
  52. add bridge=bridge comment=defconf interface=sfp1
  53. add bridge=bridge comment=defconf interface=wlan1
  54. /interface bridge settings
  55. set use-ip-firewall=yes use-ip-firewall-for-vlan=yes
  56. /ip neighbor discovery-settings
  57. set discover-interface-list=LAN
  58. /interface ethernet switch vlan
  59. add disabled=yes ports=ether5,ether6,ether7,switch1-cpu vlan-id=4092
  60. add ports=ether2,ether3,ether4,switch1-cpu vlan-id=4090
  61. /interface list member
  62. add comment=defconf interface=bridge list=LAN
  63. add comment=defconf interface=ether1 list=WAN
  64. /ip address
  65. add address=192.168.88.1/24 comment=defconf interface=bridge network=192.168.88.0
  66. add address=192.168.77.1/24 interface=bridge2 network=192.168.77.0
  67. /ip dhcp-client
  68. add comment=defconf dhcp-options=hostname,clientid disabled=no interface=ether1
  69. /ip dhcp-server network
  70. add address=192.168.77.0/24 dns-server=8.8.8.8,8.8.4.4 gateway=192.168.77.1
  71. add address=192.168.88.0/24 comment=defconf dns-server=8.8.8.8,8.8.4.4 gateway=192.168.88.1
  72. /ip dns
  73. set servers=8.8.8.8,8.8.4.4
  74. /ip dns static
  75. add address=192.168.88.1 name=router.lan
  76. /ip firewall address-list
  77. add address=192.168.88.10-192.168.88.254 list=Local_P
  78. add address=192.168.77.10-192.168.77.254 list=Local_PLAY_K
  79. /ip firewall filter
  80. add action=accept chain=input comment="defconf: accept established,related,untracked" connection-state=established,related,untracked
  81. add action=drop chain=input comment="defconf: drop invalid" connection-state=invalid
  82. add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
  83. add action=drop chain=input comment="defconf: drop all not coming from LAN" in-interface-list=!LAN
  84. add action=accept chain=forward comment="defconf: accept in ipsec policy" ipsec-policy=in,ipsec
  85. add action=accept chain=forward comment="defconf: accept out ipsec policy" ipsec-policy=out,ipsec
  86. add action=fasttrack-connection chain=forward comment="defconf: fasttrack" connection-state=established,related
  87. add action=accept chain=forward comment="defconf: accept established,related, untracked" connection-state=established,related,untracked
  88. add action=drop chain=forward comment="defconf: drop invalid" connection-state=invalid
  89. add action=drop chain=forward comment="defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat connection-state=new in-interface-list=WAN
  90. add action=add-dst-to-address-list address-list=Local_PLAY_Keris address-list-timeout=none-dynamic chain=input connection-mark=conn-ppp-out2 log=yes
  91. /ip firewall mangle
  92. add action=mark-connection chain=prerouting connection-mark=no-mark new-connection-mark=conn-ppp-out1 passthrough=yes per-connection-classifier=both-addresses-and-ports:2/0
  93. add action=mark-connection chain=prerouting connection-mark=no-mark new-connection-mark=conn-ppp-out2 passthrough=yes per-connection-classifier=both-addresses-and-ports:2/1
  94. add action=mark-routing chain=prerouting connection-mark=conn-ppp-out2 dst-address-list=!Local_PLAY_K new-routing-mark=routing-ppp-out2 passthrough=yes
  95. add action=mark-packet chain=prerouting dst-address-list=!Local_PLAY_Keris new-packet-mark=Packet_PPP2 passthrough=yes routing-mark=routing-ppp-out2
  96. add action=mark-routing chain=prerouting connection-mark=conn-ppp-out1 dst-address-list=!Local_P new-routing-mark=routing-ppp-out1 passthrough=yes
  97. add action=mark-packet chain=prerouting dst-address-list=!Local_POLSAT log=yes new-packet-mark=Packet-PPP1 passthrough=yes routing-mark=routing-ppp-out1
  98. /ip firewall nat
  99. add action=masquerade chain=srcnat comment="defconf: masquerade" ipsec-policy=out,none log=yes log-prefix=NAT_PPP1 out-interface=ppp-out1
  100. add action=masquerade chain=srcnat log=yes log-prefix=NAT_PPP2 out-interface=ppp-out2
  101. add action=dst-nat chain=dstnat dst-port=24100 in-interface=ppp-out1 log=yes log-prefix=DST-NAT protocol=tcp to-addresses=192.168.88.10-192.168.88.254 to-ports=24131
  102. add action=dst-nat chain=dstnat dst-port=24100 in-interface=ppp-out1 log=yes log-prefix=DST-NAT protocol=udp to-addresses=192.168.88.10-192.168.88.254 to-ports=24131
  103. add action=dst-nat chain=dstnat dst-port=24300 in-interface=ppp-out1 log=yes log-prefix=DST-NAT protocol=tcp to-addresses=192.168.88.10-192.168.88.254 to-ports=24331
  104. add action=dst-nat chain=dstnat dst-port=24300 in-interface=ppp-out1 log=yes log-prefix=DST-NAT protocol=udp to-addresses=192.168.88.10-192.168.88.254 to-ports=24331
  105. add action=dst-nat chain=dstnat dst-port=24500 in-interface=ppp-out1 log=yes log-prefix=DST-NAT protocol=tcp to-addresses=192.168.88.10-192.168.88.254 to-ports=24507
  106. add action=dst-nat chain=dstnat dst-port=24500 in-interface=ppp-out1 log=yes log-prefix=DST-NAT protocol=udp to-addresses=192.168.88.10-192.168.88.254 to-ports=24507
  107. add action=dst-nat chain=dstnat disabled=yes dst-port=433 in-interface=ppp-out1 log=yes log-prefix=DST-NAT protocol=tcp to-addresses=192.168.88.10-192.168.88.254 to-ports=0
  108. /ip route
  109. add distance=2 gateway=ppp-out2 routing-mark=routing-ppp-out2
  110. add distance=2 dst-address=192.168.77.0/24 gateway=bridge2 pref-src=192.168.77.1 routing-mark=routing-ppp-out2 scope=10
  111. add distance=1 gateway=ppp-out1 routing-mark=routing-ppp-out1
  112. add distance=1 dst-address=192.168.88.0/24 gateway=bridge pref-src=192.168.88.1 routing-mark=routing-ppp-out1 scope=10
  113. /ip service
  114. set telnet disabled=yes
  115. /lcd interface pages
  116. set 0 interfaces=wlan1
  117. /system clock
  118. set time-zone-name=Europe/Warsaw
  119. /system logging
  120. set 1 action=Error prefix=ERROR
  121. set 3 prefix=CRITICAL
  122. add action=PPP prefix=PPP topics=ppp
  123. add action=Bridge prefix=BRIDGE topics=bridge
  124. add action=Firewall prefix=FWL topics=firewall
  125. add action=Route prefix=ROUTE topics=route
  126. add action=Packet prefix=PACK topics=packet
  127. add action=Interface prefix=INTERFACE topics=interface
  128. add action=IPSec prefix=IPSEC topics=ipsec
  129. add action=Info prefix=Info topics=info
  130. add action=DHCP prefix=DHCP topics=dhcp
  131. add action=Debug prefix=Debug topics=debug
  132. add action=System prefix=SYS topics=system
  133. add action=Warning prefix=WARN topics=warning
  134. add prefix=WIFI topics=wireless
  135. add action=DNS prefix=DNS topics=dns
  136. /system ntp client
  137. set enabled=yes primary-ntp=194.146.251.100 secondary-ntp=194.146.251.101
  138. /tool bandwidth-server
  139. set enabled=no
  140. /tool mac-server
  141. set allowed-interface-list=LAN
  142. /tool mac-server mac-winbox
  143. set allowed-interface-list=LAN
  144.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!