API tools faq
paste
Advertisement
d3v1lg0

rb941-2nd patch firewall

d3v1lg0
Feb 13th, 2017
217
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.01 KB | None | 0 0
raw download clone embed print report
  1. # feb/13/2017 15:33:06 by RouterOS 6.34.2
  2. # software id = BIRW-796G
  3. #
  4. /interface bridge
  5. add admin-mac=6C:3B:6B:68:94:BD auto-mac=no comment=defconf name=bridge
  6. /interface wireless
  7. set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-Ce disabled=no distance=indoors frequency=auto mode=ap-bridge ssid="COFFEE KING" \
  8. wireless-protocol=802.11
  9. /interface ethernet
  10. set [ find default-name=ether2 ] name=ether2-master
  11. set [ find default-name=ether3 ] master-port=ether2-master
  12. set [ find default-name=ether4 ] master-port=ether2-master
  13. /ip neighbor discovery
  14. set ether1 discover=no
  15. set bridge comment=defconf
  16. /interface wireless security-profiles
  17. set [ find default=yes ] authentication-types=wpa-psk,wpa2-psk eap-methods="" mode=dynamic-keys wpa-pre-shared-key=*962963* wpa2-pre-shared-key=*962963*
  18. /ip pool
  19. add name=dhcp ranges=192.168.5.10-192.168.5.50
  20. /ip dhcp-server
  21. add address-pool=dhcp disabled=no interface=bridge name=defconf
  22. /queue simple
  23. add max-limit=4M/20M name=GLOBAL target=192.168.5.0/24
  24. add limit-at=100k/500k max-limit=3M/18M name=queue1 parent=GLOBAL priority=3/3 target=192.168.5.10/32
  25. add limit-at=100k/500k max-limit=3M/18M name=queue2 parent=GLOBAL priority=3/3 target=192.168.5.11/32
  26. add limit-at=100k/500k max-limit=3M/18M name=queue3 parent=GLOBAL priority=3/3 target=192.168.5.12/32
  27. add limit-at=100k/500k max-limit=3M/18M name=queue4 parent=GLOBAL priority=3/3 target=192.168.5.13/32
  28. add limit-at=100k/500k max-limit=3M/18M name=queue5 parent=GLOBAL priority=3/3 target=192.168.5.14/32
  29. add limit-at=100k/500k max-limit=3M/18M name=queue6 parent=GLOBAL priority=3/3 target=192.168.5.15/32
  30. add limit-at=100k/500k max-limit=3M/18M name=queue7 parent=GLOBAL priority=3/3 target=192.168.5.16/32
  31. add limit-at=100k/500k max-limit=3M/18M name=queue8 parent=GLOBAL priority=3/3 target=192.168.5.17/32
  32. add limit-at=100k/500k max-limit=3M/18M name=queue9 parent=GLOBAL priority=3/3 target=192.168.5.18/32
  33. add limit-at=100k/500k max-limit=3M/18M name=queue10 parent=GLOBAL priority=3/3 target=192.168.5.19/32
  34. add limit-at=100k/500k max-limit=3M/18M name=queue11 parent=GLOBAL priority=3/3 target=192.168.5.20/32
  35. add limit-at=100k/500k max-limit=3M/18M name=queue12 parent=GLOBAL priority=3/3 target=192.168.5.21/32
  36. add limit-at=100k/500k max-limit=3M/18M name=queue13 parent=GLOBAL priority=3/3 target=192.168.5.22/32
  37. add limit-at=100k/500k max-limit=3M/18M name=queue14 parent=GLOBAL priority=3/3 target=192.168.5.23/32
  38. add limit-at=100k/500k max-limit=3M/18M name=queue15 parent=GLOBAL priority=3/3 target=192.168.5.24/32
  39. add limit-at=100k/500k max-limit=3M/18M name=queue16 parent=GLOBAL priority=3/3 target=192.168.5.25/32
  40. add limit-at=100k/500k max-limit=3M/18M name=queue17 parent=GLOBAL priority=3/3 target=192.168.5.26/32
  41. add limit-at=100k/500k max-limit=3M/18M name=queue18 parent=GLOBAL priority=3/3 target=192.168.5.27/32
  42. add limit-at=100k/500k max-limit=3M/18M name=queue19 parent=GLOBAL priority=3/3 target=192.168.5.28/32
  43. add limit-at=100k/500k max-limit=3M/18M name=queue20 parent=GLOBAL priority=3/3 target=192.168.5.29/32
  44. add limit-at=100k/500k max-limit=3M/18M name=queue21 parent=GLOBAL priority=3/3 target=192.168.5.30/32
  45. add limit-at=100k/500k max-limit=3M/18M name=queue22 parent=GLOBAL priority=3/3 target=192.168.5.31/32
  46. add limit-at=100k/500k max-limit=3M/18M name=queue23 parent=GLOBAL priority=3/3 target=192.168.5.32/32
  47. add limit-at=100k/500k max-limit=3M/18M name=queue24 parent=GLOBAL priority=3/3 target=192.168.5.33/32
  48. add limit-at=100k/500k max-limit=3M/18M name=queue25 parent=GLOBAL priority=3/3 target=192.168.5.34/32
  49. add limit-at=100k/500k max-limit=3M/18M name=queue26 parent=GLOBAL priority=3/3 target=192.168.5.35/32
  50. add limit-at=100k/500k max-limit=3M/18M name=queue27 parent=GLOBAL priority=3/3 target=192.168.5.36/32
  51. add limit-at=100k/500k max-limit=3M/18M name=queue28 parent=GLOBAL priority=3/3 target=192.168.5.37/32
  52. add limit-at=100k/500k max-limit=3M/18M name=queue29 parent=GLOBAL priority=3/3 target=192.168.5.38/32
  53. add limit-at=100k/500k max-limit=3M/18M name=queue30 parent=GLOBAL priority=3/3 target=192.168.5.39/32
  54. add limit-at=100k/500k max-limit=3M/18M name=queue31 parent=GLOBAL priority=3/3 target=192.168.5.40/32
  55. add limit-at=100k/500k max-limit=3M/18M name=queue32 parent=GLOBAL priority=3/3 target=192.168.5.41/32
  56. add limit-at=100k/500k max-limit=3M/18M name=queue33 parent=GLOBAL priority=3/3 target=192.168.5.42/32
  57. add limit-at=100k/500k max-limit=3M/18M name=queue34 parent=GLOBAL priority=3/3 target=192.168.5.44/32
  58. add limit-at=100k/500k max-limit=3M/18M name=queue35 parent=GLOBAL priority=3/3 target=192.168.5.45/32
  59. add limit-at=100k/500k max-limit=3M/18M name=queue36 parent=GLOBAL priority=3/3 target=192.168.5.46/32
  60. add limit-at=100k/500k max-limit=3M/18M name=queue37 parent=GLOBAL priority=3/3 target=192.168.5.47/32
  61. add limit-at=100k/500k max-limit=3M/18M name=queue38 parent=GLOBAL priority=3/3 target=192.168.5.48/32
  62. add limit-at=100k/500k max-limit=3M/18M name=queue39 parent=GLOBAL priority=3/3 target=192.168.5.49/32
  63. add limit-at=100k/500k max-limit=3M/18M name=queue40 parent=GLOBAL priority=3/3 target=192.168.5.50/32
  64. /queue tree
  65. add disabled=yes max-limit=20M name=SOURCE parent=global queue=ethernet-default
  66. add disabled=yes limit-at=400k max-limit=2M name=user1 parent=SOURCE priority=3 queue=default
  67. /user group
  68. add name=webfig policy=web,!local,!telnet,!ssh,!ftp,!reboot,!read,!write,!policy,!test,!winbox,!password,!sniff,!sensitive,!api
  69. /interface bridge port
  70. add bridge=bridge comment=defconf interface=ether2-master
  71. add bridge=bridge comment=defconf interface=wlan1
  72. /ip address
  73. add address=192.168.5.1/24 comment=defconf interface=ether2-master network=192.168.5.0
  74. /ip dhcp-client
  75. add comment=defconf dhcp-options=hostname,clientid disabled=no interface=ether1
  76. /ip dhcp-server network
  77. add address=192.168.5.0/24 comment=defconf gateway=192.168.5.1
  78. /ip dns
  79. set allow-remote-requests=yes
  80. /ip dns static
  81. add address=192.168.5.1 name=kapuas-sekadau
  82. /ip firewall filter
  83. add chain=input comment="defconf: accept ICMP" protocol=icmp
  84. add chain=input comment="defconf: accept established,related" connection-state=established,related
  85. add action=drop chain=input comment="defconf: drop all from WAN" in-interface=ether1
  86. add action=fasttrack-connection chain=forward comment="defconf: fasttrack" connection-state=established,related
  87. add chain=forward comment="defconf: accept established,related" connection-state=established,related
  88. add action=drop chain=forward comment="defconf: drop invalid" connection-state=invalid
  89. add action=drop chain=forward comment="defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat connection-state=new in-interface=ether1
  90. /ip firewall nat
  91. add action=masquerade chain=srcnat comment="defconf: masquerade" out-interface=ether1
  92. /system clock
  93. set time-zone-name=Asia/Jakarta
  94. /system routerboard settings
  95. set cpu-frequency=650MHz protected-routerboot=disabled
  96. /tool mac-server
  97. set [ find default=yes ] disabled=yes
  98. add interface=bridge
  99. /tool mac-server mac-winbox
  100. set [ find default=yes ] disabled=yes
  101. add interface=bridge
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!