Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # feb/13/2014 13:46:37 by RouterOS 6.9
- # software id = LGIN-V8YW
- #
- /interface bridge
- add l2mtu=1598 name="bridge1 - Bureau" protocol-mode=none
- /interface ethernet
- set [ find default-name=ether1 ] name="ether1 - Bureau 1-01"
- set [ find default-name=ether2 ] name="ether2 - Bureau 1-04"
- set [ find default-name=ether3 ] name="ether3 - Bureau 1-05"
- set [ find default-name=ether6 ] name="ether6 - Verixi"
- /interface wireless security-profiles
- set [ find default=yes ] supplicant-identity=MikroTik
- /ip firewall layer7-protocol
- add name="Block Facebook" regexp="^.+(facebook.com).*\$"
- add name="Block Youtube" regexp="^.+(youtube.com).*\$"
- add name="Block Google" regexp="^.+(google.com).*\$"
- /ip hotspot user profile
- set [ find default=yes ] idle-timeout=none keepalive-timeout=2m \
- mac-cookie-timeout=3d
- /ip pool
- add name="DHCP Lan" ranges=10.0.0.1-10.0.0.200
- /ip dhcp-server
- add add-arp=yes address-pool="DHCP Lan" disabled=no interface=\
- "bridge1 - Bureau" lease-time=1h name="DHCP Lan"
- /port
- set 0 name=serial0
- /queue type
- add kind=pcq name="10Mbit Down" pcq-classifier=dst-address \
- pcq-dst-address6-mask=64 pcq-rate=10M pcq-src-address6-mask=64
- add kind=pcq name="10Mbit Up" pcq-classifier=src-address \
- pcq-dst-address6-mask=64 pcq-rate=10M pcq-src-address6-mask=64
- /queue simple
- add name=Limiter queue="10Mbit Up/10Mbit Down" target="bridge1 - Bureau"
- /interface bridge port
- add bridge="bridge1 - Bureau" interface="ether1 - Bureau 1-01"
- add bridge="bridge1 - Bureau" interface="ether3 - Bureau 1-05"
- add bridge="bridge1 - Bureau" interface="ether2 - Bureau 1-04"
- /ip address
- add address=10.0.0.1/24 interface="bridge1 - Bureau" network=10.0.0.0
- /ip dhcp-client
- add default-route-distance=0 dhcp-options=hostname,clientid disabled=no \
- interface="ether6 - Verixi" use-peer-dns=no use-peer-ntp=no
- /ip dhcp-server lease
- add address=10.0.0.10 mac-address=00:0D:B9:20:A6:2E server="DHCP Lan"
- /ip dhcp-server network
- add address=10.0.0.0/24 dns-server=8.8.8.8,8.8.4.4 domain=astel.be gateway=\
- 10.0.0.1 netmask=24
- /ip dns
- set servers=8.8.8.8,8.8.4.4
- /ip firewall connection tracking
- set enabled=yes
- /ip firewall filter
- add action=drop chain=input comment="Drop DNS Flood" disabled=yes \
- in-interface="ether6 - Verixi" protocol=tcp
- add action=drop chain=input comment="Drop DNS Flood" disabled=yes \
- in-interface="ether6 - Verixi" protocol=udp
- add action=drop chain=forward comment="Drop Facebook" disabled=yes \
- layer7-protocol="Block Facebook" src-address=10.0.0.0/24
- add action=drop chain=forward comment="Drop Youtube" disabled=yes \
- layer7-protocol="Block Youtube" src-address=10.0.0.0/24
- add action=drop chain=forward comment="Drop Google" disabled=yes \
- layer7-protocol="Block Google" src-address=10.0.0.0/24
- /ip firewall nat
- add action=masquerade chain=srcnat comment="Masquerade Verixi" out-interface=\
- "ether6 - Verixi"
- add action=dst-nat chain=dstnat comment="Creative One" dst-port=5060-5070 \
- protocol=udp to-addresses=10.0.0.10 to-ports=5060-5070
- add action=dst-nat chain=dstnat comment="Creative One" dst-port=49152-53246 \
- protocol=udp to-addresses=10.0.0.10 to-ports=49152-53246
- add action=dst-nat chain=dstnat comment="Creative One" dst-port=5001 \
- protocol=udp to-addresses=10.0.0.10 to-ports=5001
- add action=dst-nat chain=dstnat comment="Creative One" dst-port=1194 \
- protocol=udp to-addresses=10.0.0.10 to-ports=1194
- add action=dst-nat chain=dstnat comment="Creative One" dst-port=2200 \
- protocol=tcp to-addresses=10.0.0.10 to-ports=2200
- /ip firewall service-port
- set sip ports=5060,5070
- /ip service
- set telnet disabled=yes
- set ftp disabled=yes
- set www port=8080
- set ssh disabled=yes
- set api disabled=yes
- set api-ssl disabled=yes
- /ip upnp
- set allow-disable-external-interface=no
- /lcd
- set backlight-timeout=never default-screen=informative-slideshow \
- read-only-mode=yes touch-screen=disabled
- /lcd interface
- set sfp1 interface=sfp1
- set "ether1 - Bureau 1-01" interface="ether1 - Bureau 1-01"
- set "ether2 - Bureau 1-04" interface="ether2 - Bureau 1-04"
- set "ether3 - Bureau 1-05" interface="ether3 - Bureau 1-05"
- set ether4 interface=ether4
- set ether5 interface=ether5
- set "ether6 - Verixi" interface="ether6 - Verixi"
- set ether7 interface=ether7
- set ether8 interface=ether8
- set ether9 interface=ether9
- set ether10 interface=ether10
- /lcd screen
- set 0 timeout=2s
- set 1 timeout=2s
- set 2 timeout=2s
- set 3 timeout=2s
- set 4 timeout=2s
- set 5 timeout=2s
- /system clock
- set time-zone-name=Europe/Brussels
- /system identity
- set name=Astel
- /system lcd
- set contrast=0 enabled=yes port=parallel type=24x4
- /system lcd page
- set time disabled=no display-time=2s
- set resources disabled=no display-time=2s
- set uptime disabled=no display-time=2s
- set packets disabled=no display-time=2s
- set bits disabled=no display-time=2s
- set version disabled=no display-time=2s
- set identity disabled=no display-time=2s
- set "bridge1 - Bureau" disabled=yes display-time=5s
- set bridge2 disabled=yes display-time=5s
- set sfp1 disabled=yes display-time=5s
- set "ether1 - Bureau 1-01" disabled=yes display-time=5s
- set "ether2 - Bureau 1-04" disabled=yes display-time=5s
- set "ether3 - Bureau 1-05" disabled=yes display-time=5s
- set ether4 disabled=yes display-time=5s
- set ether5 disabled=yes display-time=5s
- set "ether6 - Verixi" disabled=yes display-time=5s
- set ether7 disabled=yes display-time=5s
- set ether8 disabled=yes display-time=5s
- set ether9 disabled=yes display-time=5s
- set ether10 disabled=yes display-time=5s
- /system ntp client
- set enabled=yes primary-ntp=195.130.132.18 secondary-ntp=195.13.23.5
- /tool graphing interface
- add
- /tool graphing queue
- add
- /tool graphing resource
- add
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
