Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # apr/23/2014 15:13:35 by RouterOS 6.12
- # software id = G3F6-173I
- #
- /interface ethernet
- set [ find default-name=ether1 ] mac-address=D4:CA:6D:4A:BF:9A name=\
- "ether01 - Intern1" speed=1Gbps
- set [ find default-name=ether2 ] mac-address=D4:CA:6D:4A:BF:9B name=\
- "ether02 - Intern2" speed=1Gbps
- set [ find default-name=ether3 ] mac-address=D4:CA:6D:4A:BF:9C name=\
- "ether03 - WiFi" speed=1Gbps
- set [ find default-name=ether4 ] mac-address=D4:CA:6D:4A:BF:9D name=\
- "ether04 - Raspi01" speed=1Gbps
- set [ find default-name=ether5 ] mac-address=D4:CA:6D:4A:BF:9E name=\
- "ether05 - Raspi02" speed=1Gbps
- set [ find default-name=ether6 ] mac-address=D4:CA:6D:4A:BF:9F name=ether06 \
- speed=1Gbps
- set [ find default-name=ether7 ] mac-address=D4:CA:6D:4A:BF:A0 name=ether07 \
- speed=1Gbps
- set [ find default-name=ether8 ] mac-address=D4:CA:6D:4A:BF:A1 name=\
- "ether08 - Ripe Probe" speed=1Gbps
- set [ find default-name=ether9 ] mac-address=D4:CA:6D:4A:BF:A2 name=\
- "ether09 - Modem" speed=1Gbps
- set [ find default-name=ether10 ] mac-address=D4:CA:6D:4A:BF:A3 name=\
- "ether10 - Openweb" speed=1Gbps
- set [ find default-name=sfp1 ] name="sfp01 - Cross"
- /interface vlan
- add interface="ether03 - WiFi" l2mtu=1594 name="VLAN - Wifi Private" \
- use-service-tag=yes vlan-id=101
- add interface="ether03 - WiFi" l2mtu=1594 name="VLAN - Wifi Public" \
- use-service-tag=yes vlan-id=102
- add interface="ether03 - WiFi" l2mtu=1594 name="VLAN - Wifi Trusted" \
- use-service-tag=yes vlan-id=103
- /interface bonding
- add arp-ip-targets=10.0.0.2 link-monitoring=arp name="bonding OpenWEB Intern" \
- slaves="ether01 - Intern1,ether02 - Intern2"
- add arp-ip-targets=10.200.0.253 link-monitoring=arp name=\
- "bonding OpenWEB Raspi" slaves="ether04 - Raspi01,ether05 - Raspi02"
- /ip neighbor discovery
- set "VLAN - Wifi Private" discover=no
- set "VLAN - Wifi Public" discover=no
- set "VLAN - Wifi Trusted" discover=no
- /interface wireless security-profiles
- set [ find default=yes ] supplicant-identity=openweb.gw.be.it2go.eu
- /ip firewall layer7-protocol
- add name=FB/YT regexp="^.+(facebook.com|youtube).*\$"
- /ip hotspot user profile
- set [ find default=yes ] idle-timeout=none keepalive-timeout=2m \
- mac-cookie-timeout=3d
- /ip ipsec proposal
- set [ find default=yes ] enc-algorithms=3des
- /ip pool
- add name="DHCP Lan" ranges=10.0.0.101-10.0.0.254
- add name="DHCP Wifi Private" ranges=10.101.0.101-10.101.0.254
- add name="DHCP Wifi Public" ranges=10.102.0.101-10.102.0.254
- add name="DHCP Wifi Trusted" ranges=10.103.0.101-10.103.0.254
- add name="DHCP Raspberry" ranges=10.200.0.1-10.200.0.100
- /ip dhcp-server
- add add-arp=yes address-pool="DHCP Lan" disabled=no interface=\
- "bonding OpenWEB Intern" lease-time=1h name=Lan
- add add-arp=yes address-pool="DHCP Wifi Private" disabled=no interface=\
- "VLAN - Wifi Private" lease-time=1h name="Wifi Private"
- add add-arp=yes address-pool="DHCP Wifi Public" disabled=no interface=\
- "VLAN - Wifi Public" lease-time=1h name="Wifi Public"
- add add-arp=yes address-pool="DHCP Wifi Trusted" disabled=no interface=\
- "VLAN - Wifi Trusted" lease-time=1h name="Wifi Trusted"
- add add-arp=yes address-pool="DHCP Raspberry" disabled=no interface=\
- "bonding OpenWEB Raspi" lease-time=15m name=Raspberry
- /port
- set 0 name=serial0
- /interface pppoe-client
- add ac-name="" add-default-route=yes allow=pap,chap,mschap1,mschap2 \
- default-route-distance=1 dial-on-demand=no disabled=no interface=\
- "ether10 - Openweb" keepalive-timeout=60 max-mru=1480 max-mtu=1480 mrru=\
- disabled name="PPPoE - Openweb" password=xxxxx profile=default \
- service-name="" use-peer-dns=no user=xxxxx
- /ip neighbor discovery
- set "PPPoE - Openweb" discover=no
- /routing ospf instance
- set [ find default=yes ] distribute-default=if-installed-as-type-1 \
- redistribute-connected=as-type-1 router-id=192.168.5.252
- /system logging action
- set 0 memory-lines=100
- set 1 disk-lines-per-file=100
- /interface bridge settings
- set use-ip-firewall=yes use-ip-firewall-for-vlan=yes
- /ip address
- add address=10.0.0.1/24 comment=LAN interface="bonding OpenWEB Intern" \
- network=10.0.0.0
- add address=10.101.0.1/24 comment="WiFi Private" interface=\
- "VLAN - Wifi Private" network=10.101.0.0
- add address=10.102.0.1/24 comment="WiFi Trusted" interface=\
- "VLAN - Wifi Public" network=10.102.0.0
- add address=10.103.0.1/24 comment="WiFi Public" interface=\
- "VLAN - Wifi Trusted" network=10.103.0.0
- add address=192.168.5.252/24 comment="Crosslink EDPnet" interface=\
- "sfp01 - Cross" network=192.168.5.0
- add address=10.200.0.254/24 comment=Raspberry interface=\
- "bonding OpenWEB Raspi" network=10.200.0.0
- /ip dhcp-client
- add add-default-route=no dhcp-options=hostname,clientid disabled=no \
- interface="ether09 - Modem" use-peer-dns=no use-peer-ntp=no
- /ip dhcp-server lease
- add address=10.0.0.53 client-id=1:0:18:a:21:64:d7 mac-address=\
- 00:18:0A:21:64:D7 server=Lan
- add address=10.0.0.51 client-id=1:0:18:a:21:4b:ea mac-address=\
- 00:18:0A:21:4B:EA server=Lan
- add address=10.0.0.61 client-id=1:0:15:6d:ad:c7:e6 mac-address=\
- 00:15:6D:AD:C7:E6 server=Lan
- add address=10.0.0.11 client-id=1:0:1d:7e:d0:55:7f mac-address=\
- 00:1D:7E:D0:55:7F server=Lan
- add address=10.0.0.101 client-id=1:0:24:21:10:fd:1 mac-address=\
- 00:24:21:10:FD:01 server=Lan
- add address=10.0.0.102 client-id=1:0:24:21:10:fd:2 mac-address=\
- 00:24:21:10:FD:02 server=Lan
- add address=10.0.0.71 client-id=1:0:22:75:6b:9a:57 mac-address=\
- 00:22:75:6B:9A:57 server=Lan
- add address=10.101.0.112 client-id=1:68:94:23:49:17:97 mac-address=\
- 68:94:23:49:17:97 server="Wifi Private"
- add address=10.0.0.21 always-broadcast=yes client-id=1:0:c:42:fc:8:20 \
- mac-address=00:0C:42:FC:08:20 server=Lan
- add address=10.101.0.120 client-id=1:70:11:24:14:a4:e8 mac-address=\
- 70:11:24:14:A4:E8 server="Wifi Private"
- add address=10.0.0.18 always-broadcast=yes mac-address=7C:2F:80:59:E7:43 \
- server=Lan
- add address=10.0.0.103 client-id=1:a4:5d:36:35:b4:2e mac-address=\
- A4:5D:36:35:B4:2E server=Lan
- add address=10.200.0.1 mac-address=B8:27:EB:D1:F9:3E server=Raspberry
- add address=10.200.0.2 mac-address=B8:27:EB:BB:E5:55 server=Raspberry
- add address=10.200.0.3 mac-address=B8:27:EB:1B:9C:C1 server=Raspberry
- add address=10.200.0.4 mac-address=B8:27:EB:AF:78:7E server=Raspberry
- add address=10.200.0.250 client-id=1:0:50:b6:56:a4:fb mac-address=\
- 00:50:B6:56:A4:FB server=Raspberry
- add address=10.200.0.5 mac-address=B8:27:EB:13:55:49 server=Raspberry
- add address=10.200.0.6 mac-address=B8:27:EB:38:0E:08 server=Raspberry
- add address=10.200.0.7 mac-address=B8:27:EB:07:21:7E server=Raspberry
- add address=10.200.0.8 mac-address=B8:27:EB:C9:96:1E server=Raspberry
- add address=10.200.0.9 always-broadcast=yes mac-address=B8:27:EB:21:A8:12 \
- server=Raspberry
- add address=10.0.0.2 always-broadcast=yes client-id=1:d4:ca:6d:f9:14:75 \
- mac-address=D4:CA:6D:F9:14:75 server=Lan
- add address=10.200.0.253 always-broadcast=yes client-id=1:d4:ca:6d:f9:14:73 \
- mac-address=D4:CA:6D:F9:14:73 server=Raspberry
- /ip dhcp-server network
- add address=10.0.0.0/24 dns-server=8.8.8.8,8.8.4.4 domain=it2go.eu gateway=\
- 10.0.0.1 netmask=24 ntp-server=193.190.198.43
- add address=10.101.0.0/24 dns-server=8.8.8.8,8.8.4.4 domain=it2go.eu gateway=\
- 10.101.0.1 netmask=24 ntp-server=193.190.198.43
- add address=10.102.0.0/24 dns-server=8.8.8.8,8.8.4.4 domain=it2go.eu gateway=\
- 10.102.0.1 netmask=24 ntp-server=193.190.198.43
- add address=10.103.0.0/24 dns-server=8.8.8.8,8.8.4.4 domain=it2go.eu gateway=\
- 10.103.0.1 netmask=24 ntp-server=193.190.198.43
- add address=10.200.0.0/24 dns-server=8.8.8.8,8.8.4.4 domain=it2go.eu gateway=\
- 10.200.0.254
- /ip dns
- set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4
- /ip firewall connection tracking
- set enabled=yes
- /ip firewall filter
- add action=drop chain=input dst-port=53 in-interface="PPPoE - Openweb" \
- protocol=udp
- add action=drop chain=input dst-port=53 in-interface="PPPoE - Openweb" \
- protocol=tcp
- /ip firewall nat
- add action=masquerade chain=srcnat comment="PPPoE NAT" out-interface=\
- "PPPoE - Openweb"
- add action=dst-nat chain=dstnat comment="SiHotspot admin access" dst-port=\
- 8222 protocol=tcp to-addresses=10.0.0.21 to-ports=8222
- add action=dst-nat chain=dstnat comment=Routerboard dst-port=10280 protocol=\
- tcp to-addresses=10.0.0.124 to-ports=80
- add action=dst-nat chain=dstnat comment=UBNT dst-port=10443 protocol=tcp \
- to-addresses=10.0.0.119 to-ports=443
- add action=dst-nat chain=dstnat comment=UBNT dst-port=10380 protocol=tcp \
- to-addresses=10.0.0.119 to-ports=80
- add action=dst-nat chain=dstnat comment="SiHotspot SNMP" dst-port=8161 \
- protocol=udp to-addresses=10.0.0.21 to-ports=161
- add action=dst-nat chain=dstnat comment="NAT Voip ATA" dst-port=10080 \
- protocol=tcp to-addresses=10.0.0.11 to-ports=80
- add action=dst-nat chain=dstnat comment="RTP forward Gigaset" dst-port=\
- 10000-10049 protocol=udp to-addresses=10.0.0.18 to-ports=10000-10049
- add action=dst-nat chain=dstnat comment="RTP forward ATA" dst-port=\
- 10050-10099 protocol=udp to-addresses=10.0.0.11 to-ports=10050-10099
- add action=dst-nat chain=dstnat comment=NAS01 dst-port=5000 protocol=tcp \
- to-addresses=10.0.0.110 to-ports=5000
- add action=dst-nat chain=dstnat comment=Printer01 dst-port=5080 protocol=tcp \
- to-addresses=10.0.0.103 to-ports=80
- add action=dst-nat chain=dstnat comment="Raspberry01 HTTP" dst-port=8001 \
- protocol=tcp to-addresses=10.200.0.1 to-ports=80
- add action=dst-nat chain=dstnat comment="Raspberry01 SSH" dst-port=2201 \
- protocol=tcp to-addresses=10.200.0.1 to-ports=22
- add action=dst-nat chain=dstnat comment="Raspberry02 HTTP" dst-port=8002 \
- protocol=tcp to-addresses=10.200.0.2 to-ports=80
- add action=dst-nat chain=dstnat comment="Raspberry02 SSH" dst-port=2202 \
- protocol=tcp to-addresses=10.200.0.2 to-ports=22
- add action=dst-nat chain=dstnat comment=Cam dst-port=8000 protocol=tcp \
- to-addresses=10.0.0.106 to-ports=88
- /ip firewall service-port
- set sip ports=5060,5070
- /ip proxy
- set parent-proxy=0.0.0.0
- /ip route
- add distance=1 gateway="PPPoE - Openweb"
- add distance=110 dst-address=85.234.198.205/32 gateway=192.168.5.251
- /ip service
- set telnet disabled=yes port=1223
- set ftp disabled=yes
- set www port=8080
- set ssh disabled=yes port=8022
- set api disabled=yes
- set api-ssl disabled=yes
- /ip upnp
- set enabled=yes
- /ip upnp interfaces
- add interface="ether10 - Openweb" type=internal
- add interface="PPPoE - Openweb" type=external
- add interface="ether01 - Intern1" type=external
- /ipv6 address
- add address=2001:470:1f14:8e1::2 disabled=yes
- add address=2001:470:1f15:8e1::1 disabled=yes
- add address=2001:470:1f15:8e1:101::1 disabled=yes interface=\
- "VLAN - Wifi Private"
- add address=2001:470:1f15:8e1:102::1 disabled=yes interface=\
- "VLAN - Wifi Public"
- add address=2001:470:1f15:8e1:103::1 disabled=yes interface=\
- "VLAN - Wifi Trusted"
- /ipv6 route
- add disabled=yes distance=1 dst-address=2000::/3 gateway=2001:470:1f14:8e1::1
- add disabled=yes distance=1 dst-address=2000::/3 gateway=2001:470:1f14:8e1::1
- /lcd
- set backlight-timeout=15m default-screen=informative-slideshow \
- read-only-mode=yes
- /lcd interface
- set "ether01 - Intern1" interface="ether01 - Intern1"
- set "ether02 - Intern2" interface="ether02 - Intern2"
- set "ether03 - WiFi" interface="ether03 - WiFi"
- set "ether04 - Raspi01" interface="ether04 - Raspi01"
- set "ether05 - Raspi02" interface="ether05 - Raspi02"
- set ether06 interface=ether06
- set ether07 interface=ether07
- set "ether08 - Ripe Probe" interface="ether08 - Ripe Probe"
- set "ether09 - Modem" interface="ether09 - Modem"
- set "ether10 - Openweb" interface="ether10 - Openweb"
- set "sfp01 - Cross" interface="sfp01 - Cross"
- /lcd screen
- set 0 timeout=3s
- set 1 timeout=3s
- set 2 timeout=3s
- set 3 timeout=3s
- set 4 timeout=3s
- set 5 timeout=3s
- /routing ospf interface
- add interface="sfp01 - Cross" network-type=broadcast
- /routing ospf network
- add area=backbone network=192.168.5.0/24
- /system clock
- set time-zone-name=Europe/Brussels
- /system identity
- set name="OpenWEB Router"
- /system lcd
- set contrast=0 enabled=no port=parallel type=24x4
- /system lcd page
- set time disabled=no display-time=3s
- set resources disabled=no display-time=3s
- set uptime disabled=no display-time=3s
- set packets disabled=no display-time=3s
- set bits disabled=no display-time=3s
- set version disabled=no display-time=3s
- set identity disabled=no display-time=3s
- set "sfp01 - Cross" disabled=yes display-time=5s
- set "ether01 - Intern1" disabled=yes display-time=5s
- set "ether02 - Intern2" disabled=yes display-time=5s
- set "ether03 - WiFi" disabled=yes display-time=5s
- set "ether04 - Raspi01" disabled=yes display-time=5s
- set "ether05 - Raspi02" disabled=yes display-time=5s
- set ether06 disabled=yes display-time=5s
- set ether07 disabled=yes display-time=5s
- set "ether08 - Ripe Probe" disabled=yes display-time=5s
- set "ether09 - Modem" disabled=yes display-time=5s
- set "PPPoE - Openweb" disabled=yes display-time=5s
- set "ether10 - Openweb" disabled=no display-time=3s
- set "bonding OpenWEB Raspi" disabled=yes display-time=5s
- set "bonding OpenWEB Intern" disabled=yes display-time=5s
- set "VLAN - Wifi Public" disabled=yes display-time=5s
- set "VLAN - Wifi Private" disabled=yes display-time=5s
- set "VLAN - Wifi Trusted" disabled=yes display-time=5s
- /system leds
- add interface="sfp01 - Cross" leds="" type=interface-status
- /system ntp client
- set enabled=yes primary-ntp=85.234.197.2 secondary-ntp=193.190.198.10
- /system scheduler
- add interval=1d name=schedule1 on-event=e-mail-backup policy=\
- ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api \
- start-date=feb/24/2013 start-time=00:00:00
- /system script
- add name=e-mail-backup policy=\
- ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api \
- source="export file=export;\r\
- \n/system backup save name=email;\
- \n\r\
- \n/tool e-mail send to=\"info@it2go.eu\" subject=([/system identity get na\
- me].\" backup MikroTikBackup\") file=email.backup;\r\
- \n/tool e-mail send to=\"info@it2go.eu\" subject=([/system identity get na\
- me].\" export MikroTikBackup\") file=export.rsc;\r\
- \n\
- \n:log info \"Backup e-mail sent.\";"
- /tool e-mail
- set address=185.18.148.148 from=<mikrotik@it2go.eu> last-status=failed port=\
- 587
- /tool graphing interface
- add
- /tool graphing resource
- add
- /tool sniffer
- set filter-stream=yes
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement