:global ssid;#| Wireless Configuration:#| mode: ap-bridge;#| band

1. :global ssid;
2. #| Wireless Configuration:
3. #| mode: ap-bridge;
4. #| band: 2ghz-b/g/n;
5. #| ht-chains: two;
6. #| ht-extension: 20/40mhz-ht-above;
7. #|
8. #| WAN (gateway) Configuration:
9. #| gateway: ether1 (renamed with extension '-gateway');
10. #| firewall: enabled;
11. #| NAT: enabled;
12. #| DHCP Client: enabled;
13. #|
14. #| LAN Configuration:
15. #| LAN Port: bridge-local;
16. #| switch group: ether6 (master), ether7, ether8, ether9, ether10
17. #| (renamed with extensions '-master-local' and '-slave-local')
18. #| LAN IP: 192.168.88.1;
19. #| DHCP Server: enabled;
20.  
21. :global action;
22.  
23. #-------------------------------------------------------------------------------
24. # Apply configuration.
25. # these commands are executed after installation or configuration reset
26. #-------------------------------------------------------------------------------
27. :if ($action = "apply") do={
28. # wait for interfaces
29. :while ([/interface ethernet find] = "") do={ :delay 1s; };
30.  
31. :local count 0;
32. :while ([/interface wireless find] = "") do={
33. :set count ($count +1);
34. :if ($count = 60) do={
35. :log warning "DefConf: Unable to find wireless interface";
36. /ip address add address=192.168.88.1/24 interface=ether1;
37. /quit
38. }
39. :delay 1s;
40. };
41. /interface wireless set wlan1 mode=ap-bridge band=2ghz-b/g/n ht-txchains=0,1 ht-rxchains=0,1 \
42. disabled=no wireless-protocol=any distance=indoors
43. :local wlanMac [/interface wireless get wlan1 mac-address];
44. :set ssid "MikroTik-$[:pick $wlanMac 9 11]$[:pick $wlanMac 12 14]$[:pick $wlanMac 15 17]"
45. /interface wireless set wlan1 ssid=$ssid
46. /interface wireless set wlan1 channel-width=20/40mhz-ht-above ;
47. /interface set ether1 name="ether1-gateway";
48. /ip dhcp-client add interface=ether1-gateway disabled=no comment="default configuration";
49. /interface {
50. set ether6 name=ether6-master-local;
51. set ether7 name=ether7-slave-local;
52. set ether8 name=ether8-slave-local;
53. set ether9 name=ether9-slave-local;
54. set ether10 name=ether10-slave-local;
55. }
56. /interface ethernet {
57. set ether7-slave-local master-port=ether6-master-local;
58. set ether8-slave-local master-port=ether6-master-local;
59. set ether9-slave-local master-port=ether6-master-local;
60. set ether10-slave-local master-port=ether6-master-local;
61. }
62.  
63. /interface bridge
64. add name=bridge-local disabled=no auto-mac=no protocol-mode=rstp;
65. :local bMACIsSet 0;
66. :foreach k in=[/interface find] do={
67. :local tmpPortName [/interface get $k name];
68. :if (!($tmpPortName~"bridge" || $tmpPortName~"ether1"|| $tmpPortName~"slave")) do={
69. :if ($bMACIsSet = 0) do={
70. :if ([/interface get $k type] = "ether") do={
71. /interface bridge set "bridge-local" admin-mac=[/interface ethernet get $tmpPortName mac-address];
72. :set bMACIsSet 1;
73. }
74. }
75. /interface bridge port
76. add bridge=bridge-local interface=$tmpPortName;
77. }
78. }
79. /ip address add address=192.168.88.1/24 interface=bridge-local comment="default configuration";
80. /ip pool add name="default-dhcp" ranges=192.168.88.10-192.168.88.254;
81. /ip dhcp-server
82. add name=default address-pool="default-dhcp" interface=bridge-local lease-time=10m disabled=no;
83. /ip dhcp-server network
84. add address=192.168.88.0/24 gateway=192.168.88.1 dns-server=192.168.88.1 comment="default configuration";
85. /ip dns {
86. set allow-remote-requests=yes
87. static add name=router address=192.168.88.1
88. }
89.  
90. /ip firewall nat add chain=srcnat out-interface=ether1-gateway action=masquerade comment="default configuration"
91. /ip firewall {
92. filter add chain=input action=accept protocol=icmp comment="default configuration"
93. filter add chain=input action=accept connection-state=established comment="default configuration"
94. filter add chain=input action=accept connection-state=related comment="default configuration"
95. filter add chain=input action=drop in-interface=ether1-gateway comment="default configuration"
96. filter add chain=forward action=accept connection-state=established comment="default configuration"
97. filter add chain=forward action=accept connection-state=related comment="default configuration"
98. filter add chain=forward action=drop connection-state=invalid comment="default configuration"
99. }
100. /tool mac-server disable [find];
101. /tool mac-server mac-winbox disable [find];
102. :foreach k in=[/interface find] do={
103. :local tmpName [/interface get $k name];
104. :if (!($tmpName~"ether1-gateway")) do={
105. /tool mac-server add interface=$tmpName disabled=no;
106. /tool mac-server mac-winbox add interface=$tmpName disabled=no;
107. }
108. }
109. /ip neighbor discovery set [find name="ether1-gateway"] discover=no
110. }
111.  
112. #-------------------------------------------------------------------------------
113. # Revert configuration.
114. # these commands are executed if user requests to remove default configuration
115. #-------------------------------------------------------------------------------
116. :if ($action = "revert") do={
117. # remove wan port protection
118. /ip firewall {
119. :local o [nat find comment="default configuration"]
120. :if ([:len $o] != 0) do={ nat remove $o }
121. :local o [filter find comment="default configuration"]
122. :if ([:len $o] != 0) do={ filter remove $o }
123. }
124. /tool mac-server remove [find interface!=all]
125. /tool mac-server set [find] disabled=no
126. /tool mac-server mac-winbox remove [find interface!=all]
127. /tool mac-server mac-winbox set [find] disabled=no
128. # reset wan ports;
129. /ip neighbor discovery set [find name="ether1-gateway"] discover=yes
130. /interface set "ether1-gateway" name=ether1;
131. :local o [/ip dhcp-server network find comment="default configuration"]
132. :if ([:len $o] != 0) do={ /ip dhcp-server network remove $o }
133. :local o [/ip dhcp-server find name="default" address-pool="default-dhcp" interface="bridge-local" !disabled]
134. :if ([:len $o] != 0) do={ /ip dhcp-server remove $o }
135. /ip pool {
136. :local o [find name="default-dhcp" ranges=192.168.88.10-192.168.88.254]
137. :if ([:len $o] != 0) do={ remove $o }
138. }
139. :local o [/ip dhcp-client find comment="default configuration"]
140. :if ([:len $o] != 0) do={ /ip dhcp-client remove $o }
141. /ip dns {
142. set allow-remote-requests=no
143. :local o [static find name=router address=192.168.88.1]
144. :if ([:len $o] != 0) do={ static remove $o }
145. }
146. /ip address {
147. :local o [find comment="default configuration"]
148. :if ([:len $o] != 0) do={ remove $o }
149. }
150. # remove switch
151. /interface set ether6-master-local name=ether6;
152. /interface ethernet set ether7-slave-local master-port=none;
153. /interface set ether7-slave-local name=ether7;
154. /interface ethernet set ether8-slave-local master-port=none;
155. /interface set ether8-slave-local name=ether8;
156. /interface ethernet set ether9-slave-local master-port=none;
157. /interface set ether9-slave-local name=ether9;
158. /interface ethernet set ether10-slave-local master-port=none;
159. /interface set ether10-slave-local name=ether10;
160. /interface bridge port remove [find bridge="bridge-local"]
161. /interface bridge remove [find name="bridge-local"]
162. /interface set [find name~"wlan1"] name=wlan1
163. /interface wireless reset-configuration wlan1
164. }