API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Apr 23rd, 2014
250
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 14.36 KB | None | 0 0
raw download clone embed print report
  1. # apr/23/2014 15:13:35 by RouterOS 6.12
  2. # software id = G3F6-173I
  3. #
  4. /interface ethernet
  5. set [ find default-name=ether1 ] mac-address=D4:CA:6D:4A:BF:9A name=\
  6. "ether01 - Intern1" speed=1Gbps
  7. set [ find default-name=ether2 ] mac-address=D4:CA:6D:4A:BF:9B name=\
  8. "ether02 - Intern2" speed=1Gbps
  9. set [ find default-name=ether3 ] mac-address=D4:CA:6D:4A:BF:9C name=\
  10. "ether03 - WiFi" speed=1Gbps
  11. set [ find default-name=ether4 ] mac-address=D4:CA:6D:4A:BF:9D name=\
  12. "ether04 - Raspi01" speed=1Gbps
  13. set [ find default-name=ether5 ] mac-address=D4:CA:6D:4A:BF:9E name=\
  14. "ether05 - Raspi02" speed=1Gbps
  15. set [ find default-name=ether6 ] mac-address=D4:CA:6D:4A:BF:9F name=ether06 \
  16. speed=1Gbps
  17. set [ find default-name=ether7 ] mac-address=D4:CA:6D:4A:BF:A0 name=ether07 \
  18. speed=1Gbps
  19. set [ find default-name=ether8 ] mac-address=D4:CA:6D:4A:BF:A1 name=\
  20. "ether08 - Ripe Probe" speed=1Gbps
  21. set [ find default-name=ether9 ] mac-address=D4:CA:6D:4A:BF:A2 name=\
  22. "ether09 - Modem" speed=1Gbps
  23. set [ find default-name=ether10 ] mac-address=D4:CA:6D:4A:BF:A3 name=\
  24. "ether10 - Openweb" speed=1Gbps
  25. set [ find default-name=sfp1 ] name="sfp01 - Cross"
  26. /interface vlan
  27. add interface="ether03 - WiFi" l2mtu=1594 name="VLAN - Wifi Private" \
  28. use-service-tag=yes vlan-id=101
  29. add interface="ether03 - WiFi" l2mtu=1594 name="VLAN - Wifi Public" \
  30. use-service-tag=yes vlan-id=102
  31. add interface="ether03 - WiFi" l2mtu=1594 name="VLAN - Wifi Trusted" \
  32. use-service-tag=yes vlan-id=103
  33. /interface bonding
  34. add arp-ip-targets=10.0.0.2 link-monitoring=arp name="bonding OpenWEB Intern" \
  35. slaves="ether01 - Intern1,ether02 - Intern2"
  36. add arp-ip-targets=10.200.0.253 link-monitoring=arp name=\
  37. "bonding OpenWEB Raspi" slaves="ether04 - Raspi01,ether05 - Raspi02"
  38. /ip neighbor discovery
  39. set "VLAN - Wifi Private" discover=no
  40. set "VLAN - Wifi Public" discover=no
  41. set "VLAN - Wifi Trusted" discover=no
  42. /interface wireless security-profiles
  43. set [ find default=yes ] supplicant-identity=openweb.gw.be.it2go.eu
  44. /ip firewall layer7-protocol
  45. add name=FB/YT regexp="^.+(facebook.com|youtube).*\$"
  46. /ip hotspot user profile
  47. set [ find default=yes ] idle-timeout=none keepalive-timeout=2m \
  48. mac-cookie-timeout=3d
  49. /ip ipsec proposal
  50. set [ find default=yes ] enc-algorithms=3des
  51. /ip pool
  52. add name="DHCP Lan" ranges=10.0.0.101-10.0.0.254
  53. add name="DHCP Wifi Private" ranges=10.101.0.101-10.101.0.254
  54. add name="DHCP Wifi Public" ranges=10.102.0.101-10.102.0.254
  55. add name="DHCP Wifi Trusted" ranges=10.103.0.101-10.103.0.254
  56. add name="DHCP Raspberry" ranges=10.200.0.1-10.200.0.100
  57. /ip dhcp-server
  58. add add-arp=yes address-pool="DHCP Lan" disabled=no interface=\
  59. "bonding OpenWEB Intern" lease-time=1h name=Lan
  60. add add-arp=yes address-pool="DHCP Wifi Private" disabled=no interface=\
  61. "VLAN - Wifi Private" lease-time=1h name="Wifi Private"
  62. add add-arp=yes address-pool="DHCP Wifi Public" disabled=no interface=\
  63. "VLAN - Wifi Public" lease-time=1h name="Wifi Public"
  64. add add-arp=yes address-pool="DHCP Wifi Trusted" disabled=no interface=\
  65. "VLAN - Wifi Trusted" lease-time=1h name="Wifi Trusted"
  66. add add-arp=yes address-pool="DHCP Raspberry" disabled=no interface=\
  67. "bonding OpenWEB Raspi" lease-time=15m name=Raspberry
  68. /port
  69. set 0 name=serial0
  70. /interface pppoe-client
  71. add ac-name="" add-default-route=yes allow=pap,chap,mschap1,mschap2 \
  72. default-route-distance=1 dial-on-demand=no disabled=no interface=\
  73. "ether10 - Openweb" keepalive-timeout=60 max-mru=1480 max-mtu=1480 mrru=\
  74. disabled name="PPPoE - Openweb" password=xxxxx profile=default \
  75. service-name="" use-peer-dns=no user=xxxxx
  76. /ip neighbor discovery
  77. set "PPPoE - Openweb" discover=no
  78. /routing ospf instance
  79. set [ find default=yes ] distribute-default=if-installed-as-type-1 \
  80. redistribute-connected=as-type-1 router-id=192.168.5.252
  81. /system logging action
  82. set 0 memory-lines=100
  83. set 1 disk-lines-per-file=100
  84. /interface bridge settings
  85. set use-ip-firewall=yes use-ip-firewall-for-vlan=yes
  86. /ip address
  87. add address=10.0.0.1/24 comment=LAN interface="bonding OpenWEB Intern" \
  88. network=10.0.0.0
  89. add address=10.101.0.1/24 comment="WiFi Private" interface=\
  90. "VLAN - Wifi Private" network=10.101.0.0
  91. add address=10.102.0.1/24 comment="WiFi Trusted" interface=\
  92. "VLAN - Wifi Public" network=10.102.0.0
  93. add address=10.103.0.1/24 comment="WiFi Public" interface=\
  94. "VLAN - Wifi Trusted" network=10.103.0.0
  95. add address=192.168.5.252/24 comment="Crosslink EDPnet" interface=\
  96. "sfp01 - Cross" network=192.168.5.0
  97. add address=10.200.0.254/24 comment=Raspberry interface=\
  98. "bonding OpenWEB Raspi" network=10.200.0.0
  99. /ip dhcp-client
  100. add add-default-route=no dhcp-options=hostname,clientid disabled=no \
  101. interface="ether09 - Modem" use-peer-dns=no use-peer-ntp=no
  102. /ip dhcp-server lease
  103. add address=10.0.0.53 client-id=1:0:18:a:21:64:d7 mac-address=\
  104. 00:18:0A:21:64:D7 server=Lan
  105. add address=10.0.0.51 client-id=1:0:18:a:21:4b:ea mac-address=\
  106. 00:18:0A:21:4B:EA server=Lan
  107. add address=10.0.0.61 client-id=1:0:15:6d:ad:c7:e6 mac-address=\
  108. 00:15:6D:AD:C7:E6 server=Lan
  109. add address=10.0.0.11 client-id=1:0:1d:7e:d0:55:7f mac-address=\
  110. 00:1D:7E:D0:55:7F server=Lan
  111. add address=10.0.0.101 client-id=1:0:24:21:10:fd:1 mac-address=\
  112. 00:24:21:10:FD:01 server=Lan
  113. add address=10.0.0.102 client-id=1:0:24:21:10:fd:2 mac-address=\
  114. 00:24:21:10:FD:02 server=Lan
  115. add address=10.0.0.71 client-id=1:0:22:75:6b:9a:57 mac-address=\
  116. 00:22:75:6B:9A:57 server=Lan
  117. add address=10.101.0.112 client-id=1:68:94:23:49:17:97 mac-address=\
  118. 68:94:23:49:17:97 server="Wifi Private"
  119. add address=10.0.0.21 always-broadcast=yes client-id=1:0:c:42:fc:8:20 \
  120. mac-address=00:0C:42:FC:08:20 server=Lan
  121. add address=10.101.0.120 client-id=1:70:11:24:14:a4:e8 mac-address=\
  122. 70:11:24:14:A4:E8 server="Wifi Private"
  123. add address=10.0.0.18 always-broadcast=yes mac-address=7C:2F:80:59:E7:43 \
  124. server=Lan
  125. add address=10.0.0.103 client-id=1:a4:5d:36:35:b4:2e mac-address=\
  126. A4:5D:36:35:B4:2E server=Lan
  127. add address=10.200.0.1 mac-address=B8:27:EB:D1:F9:3E server=Raspberry
  128. add address=10.200.0.2 mac-address=B8:27:EB:BB:E5:55 server=Raspberry
  129. add address=10.200.0.3 mac-address=B8:27:EB:1B:9C:C1 server=Raspberry
  130. add address=10.200.0.4 mac-address=B8:27:EB:AF:78:7E server=Raspberry
  131. add address=10.200.0.250 client-id=1:0:50:b6:56:a4:fb mac-address=\
  132. 00:50:B6:56:A4:FB server=Raspberry
  133. add address=10.200.0.5 mac-address=B8:27:EB:13:55:49 server=Raspberry
  134. add address=10.200.0.6 mac-address=B8:27:EB:38:0E:08 server=Raspberry
  135. add address=10.200.0.7 mac-address=B8:27:EB:07:21:7E server=Raspberry
  136. add address=10.200.0.8 mac-address=B8:27:EB:C9:96:1E server=Raspberry
  137. add address=10.200.0.9 always-broadcast=yes mac-address=B8:27:EB:21:A8:12 \
  138. server=Raspberry
  139. add address=10.0.0.2 always-broadcast=yes client-id=1:d4:ca:6d:f9:14:75 \
  140. mac-address=D4:CA:6D:F9:14:75 server=Lan
  141. add address=10.200.0.253 always-broadcast=yes client-id=1:d4:ca:6d:f9:14:73 \
  142. mac-address=D4:CA:6D:F9:14:73 server=Raspberry
  143. /ip dhcp-server network
  144. add address=10.0.0.0/24 dns-server=8.8.8.8,8.8.4.4 domain=it2go.eu gateway=\
  145. 10.0.0.1 netmask=24 ntp-server=193.190.198.43
  146. add address=10.101.0.0/24 dns-server=8.8.8.8,8.8.4.4 domain=it2go.eu gateway=\
  147. 10.101.0.1 netmask=24 ntp-server=193.190.198.43
  148. add address=10.102.0.0/24 dns-server=8.8.8.8,8.8.4.4 domain=it2go.eu gateway=\
  149. 10.102.0.1 netmask=24 ntp-server=193.190.198.43
  150. add address=10.103.0.0/24 dns-server=8.8.8.8,8.8.4.4 domain=it2go.eu gateway=\
  151. 10.103.0.1 netmask=24 ntp-server=193.190.198.43
  152. add address=10.200.0.0/24 dns-server=8.8.8.8,8.8.4.4 domain=it2go.eu gateway=\
  153. 10.200.0.254
  154. /ip dns
  155. set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4
  156. /ip firewall connection tracking
  157. set enabled=yes
  158. /ip firewall filter
  159. add action=drop chain=input dst-port=53 in-interface="PPPoE - Openweb" \
  160. protocol=udp
  161. add action=drop chain=input dst-port=53 in-interface="PPPoE - Openweb" \
  162. protocol=tcp
  163. /ip firewall nat
  164. add action=masquerade chain=srcnat comment="PPPoE NAT" out-interface=\
  165. "PPPoE - Openweb"
  166. add action=dst-nat chain=dstnat comment="SiHotspot admin access" dst-port=\
  167. 8222 protocol=tcp to-addresses=10.0.0.21 to-ports=8222
  168. add action=dst-nat chain=dstnat comment=Routerboard dst-port=10280 protocol=\
  169. tcp to-addresses=10.0.0.124 to-ports=80
  170. add action=dst-nat chain=dstnat comment=UBNT dst-port=10443 protocol=tcp \
  171. to-addresses=10.0.0.119 to-ports=443
  172. add action=dst-nat chain=dstnat comment=UBNT dst-port=10380 protocol=tcp \
  173. to-addresses=10.0.0.119 to-ports=80
  174. add action=dst-nat chain=dstnat comment="SiHotspot SNMP" dst-port=8161 \
  175. protocol=udp to-addresses=10.0.0.21 to-ports=161
  176. add action=dst-nat chain=dstnat comment="NAT Voip ATA" dst-port=10080 \
  177. protocol=tcp to-addresses=10.0.0.11 to-ports=80
  178. add action=dst-nat chain=dstnat comment="RTP forward Gigaset" dst-port=\
  179. 10000-10049 protocol=udp to-addresses=10.0.0.18 to-ports=10000-10049
  180. add action=dst-nat chain=dstnat comment="RTP forward ATA" dst-port=\
  181. 10050-10099 protocol=udp to-addresses=10.0.0.11 to-ports=10050-10099
  182. add action=dst-nat chain=dstnat comment=NAS01 dst-port=5000 protocol=tcp \
  183. to-addresses=10.0.0.110 to-ports=5000
  184. add action=dst-nat chain=dstnat comment=Printer01 dst-port=5080 protocol=tcp \
  185. to-addresses=10.0.0.103 to-ports=80
  186. add action=dst-nat chain=dstnat comment="Raspberry01 HTTP" dst-port=8001 \
  187. protocol=tcp to-addresses=10.200.0.1 to-ports=80
  188. add action=dst-nat chain=dstnat comment="Raspberry01 SSH" dst-port=2201 \
  189. protocol=tcp to-addresses=10.200.0.1 to-ports=22
  190. add action=dst-nat chain=dstnat comment="Raspberry02 HTTP" dst-port=8002 \
  191. protocol=tcp to-addresses=10.200.0.2 to-ports=80
  192. add action=dst-nat chain=dstnat comment="Raspberry02 SSH" dst-port=2202 \
  193. protocol=tcp to-addresses=10.200.0.2 to-ports=22
  194. add action=dst-nat chain=dstnat comment=Cam dst-port=8000 protocol=tcp \
  195. to-addresses=10.0.0.106 to-ports=88
  196. /ip firewall service-port
  197. set sip ports=5060,5070
  198. /ip proxy
  199. set parent-proxy=0.0.0.0
  200. /ip route
  201. add distance=1 gateway="PPPoE - Openweb"
  202. add distance=110 dst-address=85.234.198.205/32 gateway=192.168.5.251
  203. /ip service
  204. set telnet disabled=yes port=1223
  205. set ftp disabled=yes
  206. set www port=8080
  207. set ssh disabled=yes port=8022
  208. set api disabled=yes
  209. set api-ssl disabled=yes
  210. /ip upnp
  211. set enabled=yes
  212. /ip upnp interfaces
  213. add interface="ether10 - Openweb" type=internal
  214. add interface="PPPoE - Openweb" type=external
  215. add interface="ether01 - Intern1" type=external
  216. /ipv6 address
  217. add address=2001:470:1f14:8e1::2 disabled=yes
  218. add address=2001:470:1f15:8e1::1 disabled=yes
  219. add address=2001:470:1f15:8e1:101::1 disabled=yes interface=\
  220. "VLAN - Wifi Private"
  221. add address=2001:470:1f15:8e1:102::1 disabled=yes interface=\
  222. "VLAN - Wifi Public"
  223. add address=2001:470:1f15:8e1:103::1 disabled=yes interface=\
  224. "VLAN - Wifi Trusted"
  225. /ipv6 route
  226. add disabled=yes distance=1 dst-address=2000::/3 gateway=2001:470:1f14:8e1::1
  227. add disabled=yes distance=1 dst-address=2000::/3 gateway=2001:470:1f14:8e1::1
  228. /lcd
  229. set backlight-timeout=15m default-screen=informative-slideshow \
  230. read-only-mode=yes
  231. /lcd interface
  232. set "ether01 - Intern1" interface="ether01 - Intern1"
  233. set "ether02 - Intern2" interface="ether02 - Intern2"
  234. set "ether03 - WiFi" interface="ether03 - WiFi"
  235. set "ether04 - Raspi01" interface="ether04 - Raspi01"
  236. set "ether05 - Raspi02" interface="ether05 - Raspi02"
  237. set ether06 interface=ether06
  238. set ether07 interface=ether07
  239. set "ether08 - Ripe Probe" interface="ether08 - Ripe Probe"
  240. set "ether09 - Modem" interface="ether09 - Modem"
  241. set "ether10 - Openweb" interface="ether10 - Openweb"
  242. set "sfp01 - Cross" interface="sfp01 - Cross"
  243. /lcd screen
  244. set 0 timeout=3s
  245. set 1 timeout=3s
  246. set 2 timeout=3s
  247. set 3 timeout=3s
  248. set 4 timeout=3s
  249. set 5 timeout=3s
  250. /routing ospf interface
  251. add interface="sfp01 - Cross" network-type=broadcast
  252. /routing ospf network
  253. add area=backbone network=192.168.5.0/24
  254. /system clock
  255. set time-zone-name=Europe/Brussels
  256. /system identity
  257. set name="OpenWEB Router"
  258. /system lcd
  259. set contrast=0 enabled=no port=parallel type=24x4
  260. /system lcd page
  261. set time disabled=no display-time=3s
  262. set resources disabled=no display-time=3s
  263. set uptime disabled=no display-time=3s
  264. set packets disabled=no display-time=3s
  265. set bits disabled=no display-time=3s
  266. set version disabled=no display-time=3s
  267. set identity disabled=no display-time=3s
  268. set "sfp01 - Cross" disabled=yes display-time=5s
  269. set "ether01 - Intern1" disabled=yes display-time=5s
  270. set "ether02 - Intern2" disabled=yes display-time=5s
  271. set "ether03 - WiFi" disabled=yes display-time=5s
  272. set "ether04 - Raspi01" disabled=yes display-time=5s
  273. set "ether05 - Raspi02" disabled=yes display-time=5s
  274. set ether06 disabled=yes display-time=5s
  275. set ether07 disabled=yes display-time=5s
  276. set "ether08 - Ripe Probe" disabled=yes display-time=5s
  277. set "ether09 - Modem" disabled=yes display-time=5s
  278. set "PPPoE - Openweb" disabled=yes display-time=5s
  279. set "ether10 - Openweb" disabled=no display-time=3s
  280. set "bonding OpenWEB Raspi" disabled=yes display-time=5s
  281. set "bonding OpenWEB Intern" disabled=yes display-time=5s
  282. set "VLAN - Wifi Public" disabled=yes display-time=5s
  283. set "VLAN - Wifi Private" disabled=yes display-time=5s
  284. set "VLAN - Wifi Trusted" disabled=yes display-time=5s
  285. /system leds
  286. add interface="sfp01 - Cross" leds="" type=interface-status
  287. /system ntp client
  288. set enabled=yes primary-ntp=85.234.197.2 secondary-ntp=193.190.198.10
  289. /system scheduler
  290. add interval=1d name=schedule1 on-event=e-mail-backup policy=\
  291. ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api \
  292. start-date=feb/24/2013 start-time=00:00:00
  293. /system script
  294. add name=e-mail-backup policy=\
  295. ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api \
  296. source="export file=export;\r\
  297. \n/system backup save name=email;\
  298. \n\r\
  299. \n/tool e-mail send to=\"info@it2go.eu\" subject=([/system identity get na\
  300. me].\" backup MikroTikBackup\") file=email.backup;\r\
  301. \n/tool e-mail send to=\"info@it2go.eu\" subject=([/system identity get na\
  302. me].\" export MikroTikBackup\") file=export.rsc;\r\
  303. \n\
  304. \n:log info \"Backup e-mail sent.\";"
  305. /tool e-mail
  306. set address=185.18.148.148 from=<mikrotik@it2go.eu> last-status=failed port=\
  307. 587
  308. /tool graphing interface
  309. add
  310. /tool graphing resource
  311. add
  312. /tool sniffer
  313. set filter-stream=yes
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!