API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Dec 10th, 2020
94
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 36.50 KB | None | 0 0
raw download clone embed print report
  1. # dec/12/2020 17:22:25 by RouterOS 6.39.2
  2. #
  3. /caps-man channel
  4. add band=2ghz-onlyn control-channel-width=20mhz frequency=2412 name=channel1 \
  5. tx-power=20
  6. add band=2ghz-onlyn control-channel-width=20mhz frequency=2437 name=channel6 \
  7. tx-power=20
  8. add band=2ghz-onlyn control-channel-width=20mhz frequency=2462 name=channel11 \
  9. tx-power=20
  10. add band=2ghz-onlyn control-channel-width=20mhz frequency=2417 name=channel2 \
  11. tx-power=20
  12. add band=2ghz-onlyn control-channel-width=20mhz frequency=2432 name=channel5 \
  13. tx-power=20
  14. /interface bridge
  15. add name=bridgeDublin
  16. add name=bridgeTehnicalWifi
  17. add name=bridgeVIP
  18. add arp=proxy-arp name=bridgeVPN
  19. add name=bridge_DOM.RU
  20. /interface ethernet
  21. set [ find default-name=ether1 ] comment=Local loop-protect=on speed=1Gbps
  22. set [ find default-name=ether3 ] disabled=yes
  23. set [ find default-name=ether4 ] disabled=yes
  24. set [ find default-name=ether5 ] disabled=yes
  25. set [ find default-name=ether6 ] comment=\
  26. "ISP 1 Primary Rostelekom
  27. set [ find default-name=ether7 ] comment=DOM.RU
  28. set [ find default-name=ether8 ] comment="ISP2 Reserve Dom.ru " loop-protect=\
  29. on
  30. set [ find default-name=ether9 ] disabled=yes
  31. set [ find default-name=ether10 ] disabled=yes
  32. set [ find default-name=sfp1 ] disabled=yes loop-protect=on
  33. /interface pppoe-client
  34. add comment="ISP 2 DOM.RU" disabled=no interface=ether8 name=pppoe-out1 \
  35. password=******* use-peer-dns=yes user=*****
  36. /ip neighbor discovery
  37. set ether1 discover=no
  38. set ether3 discover=no
  39. set ether4 discover=no
  40. set ether5 discover=no
  41. set ether6 discover=no
  42. set ether7 discover=no
  43. set ether8 discover=no
  44. set ether9 discover=no
  45. set ether10 discover=no
  46. set sfp1 discover=no
  47. set pppoe-out1 discover=no
  48. /interface vlan
  49. add comment="Network device management MGMT" interface=ether1 loop-protect=on \
  50. name=ManagementVlan2 vlan-id=2
  51. add comment="Network of Servers" interface=ether1 loop-protect=on name=\
  52. "Network of ServersVlan3" vlan-id=3
  53. add comment=Personal interface=ether1 loop-protect=on name=Teh.PersonalVlan9 \
  54. vlan-id=9
  55. add comment=UnlimitedSpeed interface=ether1 loop-protect=on name=\
  56. UnlimitedSpeedVlan7 vlan-id=7
  57. add comment="Video network" interface=ether1 loop-protect=on name=VideoVlan4 \
  58. vlan-id=4
  59. add comment="Voice Ip" interface=ether1 name=VoiceVlan8 vlan-id=8
  60. add comment=Dom.RU interface=ether7 name=vlan_Dom.Ru vlan-id=3603
  61. /caps-man datapath
  62. add bridge=bridge_DOM.RU comment="Config Stage4" name=datapath2Stage4 \
  63. vlan-id=3603
  64. add bridge=bridge_DOM.RU comment="Config Stage3" name=datapath3Stage3 \
  65. vlan-id=3603
  66. add bridge=bridge_DOM.RU comment="Config Stage2" name=datapath4Stage2 \
  67. vlan-id=3603
  68. add bridge=bridgeTehnicalWifi client-to-client-forwarding=no name=\
  69. datapath1Stage1 vlan-id=9
  70. add bridge=bridgeVIP client-to-client-forwarding=yes comment=VIP name=\
  71. datapath5 vlan-id=7
  72. /caps-man configuration
  73. add channel=channel1 country=russia2 datapath=datapath4Stage2 mode=ap name=\
  74. cfg1_Stage2 rx-chains=0,1,2 ssid=HotelRING tx-chains=0,1,2
  75. add channel=channel6 country=russia2 datapath=datapath4Stage2 mode=ap name=\
  76. cfg6_Stage2 rx-chains=0,1,2 ssid=HotelRING tx-chains=0,1,2
  77. add channel=channel11 country=russia2 datapath=datapath4Stage2 mode=ap name=\
  78. cfg11_Stage2 rx-chains=0,1,2 ssid=HotelRING tx-chains=0,1,2
  79. add channel=channel1 country=russia2 datapath=datapath3Stage3 mode=ap name=\
  80. cfg1Stage3 rx-chains=0,1,2 ssid=HotelRING tx-chains=0,1,2
  81. add channel=channel6 country=russia2 datapath=datapath3Stage3 mode=ap name=\
  82. cfg6Stage3 rx-chains=0,1,2 ssid=HotelRING tx-chains=0,1,2
  83. add channel=channel11 country=russia2 datapath=datapath3Stage3 mode=ap name=\
  84. cfg11Stage3 rx-chains=0,1,2 ssid=HotelRING tx-chains=0,1,2
  85. add channel=channel2 country=russia2 datapath=datapath3Stage3 mode=ap name=\
  86. cfg2Stage3 rx-chains=0,1,2 ssid=HotelRING tx-chains=0,1,2
  87. add channel=channel5 country=russia2 datapath=datapath2Stage4 mode=ap name=\
  88. cfg5Stage4 rx-chains=0,1,2 ssid=HotelRING tx-chains=0,1,2
  89. add channel=channel1 country=russia2 datapath=datapath2Stage4 mode=ap name=\
  90. cfg1Stage4 rx-chains=0,1,2 ssid=HotelRING tx-chains=0,1,2
  91. add channel=channel11 country=russia2 datapath=datapath2Stage4 mode=ap name=\
  92. cfg11_Stage4 rx-chains=0,1,2 ssid=HotelRING tx-chains=0,1,2
  93. add channel=channel1 country=russia2 datapath=datapath4Stage2 mode=ap name=\
  94. cfg1Stage0 rx-chains=0,1,2 ssid=HotelRING tx-chains=0,1,2
  95. add channel=channel1 country=russia2 datapath=datapath4Stage2 mode=ap name=\
  96. cfg1Stage2DublinBar rx-chains=0,1,2 ssid=HotelRING tx-chains=0,1,2
  97. add channel=channel11 country=russia2 datapath=datapath4Stage2 mode=ap name=\
  98. cfg11Stage0 rx-chains=0,1,2 ssid=HotelRING tx-chains=0,1,2
  99. add channel=channel6 country=russia2 datapath=datapath4Stage2 mode=ap name=\
  100. cfg6Stage1 rx-chains=0,1,2 ssid=HotelRING tx-chains=0,1,2
  101. /caps-man interface
  102. add comment=Hostel configuration=cfg1Stage2DublinBar disabled=no l2mtu=1600 \
  103. mac-address=B8:69:F4:2E:6E:F1 master-interface=none name=MikroTik_Hostel \
  104. radio-mac=B8:69:F4:2E:6E:F1
  105. add comment=Letka configuration=cfg6_Stage2 disabled=no l2mtu=1600 \
  106. mac-address=CC:2D:E0:A7:3E:F2 master-interface=none name=MikroTik_Letka \
  107. radio-mac=CC:2D:E0:A7:3E:F2
  108. add comment="Stage 0_Prachka" configuration=cfg11Stage0 disabled=no l2mtu=\
  109. 1600 mac-address=64:D1:54:F3:E6:FE master-interface=none name=\
  110. MikroTik_Stage0_Prachka radio-mac=64:D1:54:F3:E6:FE
  111. add comment="Stage 0_Sauna \B91" configuration=cfg1Stage0 disabled=no l2mtu=\
  112. 1600 mac-address=CC:2D:E0:01:15:25 master-interface=none name=\
  113. "MikroTik_Stage0_Sauna\B91" radio-mac=CC:2D:E0:01:15:25
  114. add comment="Stage 0_Sauna \B93" configuration=cfg11Stage0 disabled=yes \
  115. l2mtu=1600 mac-address=CC:2D:E0:02:51:74 master-interface=none name=\
  116. "MikroTik_Stage0_Sauna\B93" radio-mac=CC:2D:E0:02:51:74
  117. add comment="Stage 1" configuration=cfg1_Stage2 disabled=no l2mtu=1600 \
  118. mac-address=CC:2D:E0:19:D2:93 master-interface=none name=\
  119. "MikroTik_Stage1\B9101" radio-mac=CC:2D:E0:19:D2:93
  120. add configuration=cfg1_Stage2 disabled=no l2mtu=1600 mac-address=\
  121. CC:2D:E0:EF:A1:F1 master-interface=none name="MikroTik_Stage1\B9107" \
  122. radio-mac=CC:2D:E0:EF:A1:F1
  123. add comment="Stage 2" configuration=cfg6_Stage2 disabled=no l2mtu=1600 \
  124. mac-address=74:4D:28:98:C7:EF master-interface=none name=\
  125. "MikroTik_Stage2\B9201" radio-mac=74:4D:28:98:C7:EF
  126. add configuration=cfg11_Stage2 disabled=no l2mtu=1600 mac-address=\
  127. 64:D1:54:26:FA:47 master-interface=none name="MikroTik_Stage2\B9205" \
  128. radio-mac=64:D1:54:26:FA:47
  129. add configuration=cfg6_Stage2 disabled=no l2mtu=1600 mac-address=\
  130. 64:D1:54:14:4B:83 master-interface=none name="MikroTik_Stage2\B9209" \
  131. radio-mac=64:D1:54:14:4B:83
  132. add configuration=cfg11_Stage2 disabled=no l2mtu=1600 mac-address=\
  133. 64:D1:54:25:29:DD master-interface=none name="MikroTik_Stage2\B9215" \
  134. radio-mac=64:D1:54:25:29:DD
  135. add comment="Stage 3" configuration=cfg1Stage3 disabled=no l2mtu=1600 \
  136. mac-address=CC:2D:E0:BE:0A:0F master-interface=none name=\
  137. "MikroTik_Stage3\B9301" radio-mac=CC:2D:E0:BE:0A:0F
  138. add configuration=cfg6Stage3 disabled=no l2mtu=1600 mac-address=\
  139. 64:D1:54:25:29:8F master-interface=none name="MikroTik_Stage3\B9305" \
  140. radio-mac=64:D1:54:25:29:8F
  141. add configuration=cfg11Stage3 disabled=no l2mtu=1600 mac-address=\
  142. 64:D1:54:44:C0:CF master-interface=none name="MikroTik_Stage3\B9309" \
  143. radio-mac=64:D1:54:44:C0:CF
  144. add configuration=cfg1Stage3 disabled=no l2mtu=1600 mac-address=\
  145. CC:2D:E0:0A:6A:EC master-interface=none name="MikroTik_Stage3\B9312" \
  146. radio-mac=CC:2D:E0:0A:6A:EC
  147. add configuration=cfg1Stage3 disabled=no l2mtu=1600 mac-address=\
  148. 64:D1:54:44:C0:AB master-interface=none name="MikroTik_Stage3\B9315" \
  149. radio-mac=64:D1:54:44:C0:AB
  150. add comment="Stage 4" configuration=cfg11_Stage4 disabled=no l2mtu=1600 \
  151. mac-address=CC:2D:E0:BE:73:6F master-interface=none name=\
  152. "MikroTik_Stage4\B9401" radio-mac=CC:2D:E0:BE:73:6F
  153. add configuration=cfg1Stage4 disabled=no l2mtu=1600 mac-address=\
  154. 64:D1:54:46:D1:0B master-interface=none name="MikroTik_Stage4\B9405" \
  155. radio-mac=64:D1:54:46:D1:0B
  156. add configuration=cfg5Stage4 disabled=no l2mtu=1600 mac-address=\
  157. 64:D1:54:49:BF:83 master-interface=none name="MikroTik_Stage4\B9409" \
  158. radio-mac=64:D1:54:49:BF:83
  159. add configuration=cfg11_Stage4 disabled=no l2mtu=1600 mac-address=\
  160. 64:D1:54:EC:19:FF master-interface=none name="MikroTik_Stage4\B9415" \
  161. radio-mac=64:D1:54:EC:19:FF
  162. /ip neighbor discovery
  163. set MikroTik_Hostel discover=no
  164. set MikroTik_Stage0_Prachka discover=no
  165. set "MikroTik_Stage0_Sauna\B91" discover=no
  166. set "MikroTik_Stage0_Sauna\B93" discover=no
  167. set "MikroTik_Stage1\B9101" discover=no
  168. set "MikroTik_Stage2\B9205" discover=no
  169. set "MikroTik_Stage2\B9209" discover=no
  170. set "MikroTik_Stage2\B9215" discover=no
  171. set "MikroTik_Stage3\B9301" discover=no
  172. set "MikroTik_Stage3\B9305" discover=no
  173. set "MikroTik_Stage3\B9309" discover=no
  174. set "MikroTik_Stage3\B9312" discover=no
  175. set "MikroTik_Stage3\B9315" discover=no
  176. set "MikroTik_Stage4\B9401" discover=no
  177. set "MikroTik_Stage4\B9405" discover=no
  178. set "MikroTik_Stage4\B9409" discover=no
  179. set "MikroTik_Stage4\B9415" discover=no
  180. set UnlimitedSpeedVlan7 discover=no
  181. set VideoVlan4 discover=no
  182. /caps-man security
  183. add authentication-types=wpa2-psk encryption=aes-ccm group-encryption=aes-ccm \
  184. name=security1 passphrase=*****
  185. add authentication-types=wpa2-psk encryption=aes-ccm group-encryption=aes-ccm \
  186. name=securityVIP passphrase=****
  187. add authentication-types=wpa2-psk encryption=aes-ccm group-encryption=aes-ccm \
  188. name=securityTehnicalWifi passphrase=*******
  189. /caps-man configuration
  190. add channel=channel6 country=russia2 datapath=datapath5 mode=ap name=\
  191. cfg6_315VIP rx-chains=0,1,2 security=securityVIP ssid=VIP tx-chains=0,1,2
  192. add channel=channel6 country=russia2 datapath=datapath5 mode=ap name=\
  193. cfg1Stage2DublinBar_VIP rx-chains=0,1,2 security=securityVIP ssid=VIP \
  194. tx-chains=0,1,2
  195. add channel=channel1 country=russia2 datapath=datapath5 mode=ap name=\
  196. cfg1LetkaVIP rx-chains=0,1,2 security=securityVIP ssid=VIP tx-chains=\
  197. 0,1,2
  198. add channel=channel11 country=russia2 datapath=datapath1Stage1 mode=ap name=\
  199. cfg11Stage3_TehnicalWI-FI rx-chains=0,1,2 security=securityTehnicalWifi \
  200. ssid=TehnicalWifi tx-chains=0,1,2
  201. add channel=channel5 country=russia2 datapath=datapath1Stage1 mode=ap name=\
  202. cfg4Stage4_Tehnical_Wifi rx-chains=0,1,2 security=securityTehnicalWifi \
  203. ssid=TehnicalWifi tx-chains=0,1,2
  204. /caps-man interface
  205. add configuration=cfg1LetkaVIP disabled=no l2mtu=1600 mac-address=\
  206. CC:2D:E0:A7:3E:F2 master-interface=MikroTik_Letka name=\
  207. "MikroTIK LetkaVIP" radio-mac=CC:2D:E0:A7:3E:F2
  208. add configuration=cfg4Stage4_Tehnical_Wifi disabled=no l2mtu=1600 \
  209. mac-address=64:D1:54:49:BF:83 master-interface="MikroTik_Stage4\B9409" \
  210. name="MikroTikStage4\B9409_TehnicalWifi" radio-mac=64:D1:54:49:BF:83
  211. add configuration=cfg11Stage3_TehnicalWI-FI disabled=no l2mtu=1600 \
  212. mac-address=64:D1:54:44:C0:CF master-interface="MikroTik_Stage3\B9309" \
  213. name=MikroTik_Stage3N309Tehnikal_Wifi radio-mac=64:D1:54:44:C0:CF
  214. add configuration=cfg6_315VIP disabled=no l2mtu=1600 mac-address=\
  215. 64:D1:54:44:C0:AB master-interface="MikroTik_Stage3\B9315" name=\
  216. MikroTik_Stage3N315_VIP radio-mac=64:D1:54:44:C0:AB
  217. /interface wireless security-profiles
  218. set [ find default=yes ] supplicant-identity=MikroTik
  219. /ip firewall layer7-protocol
  220. add name=Block regexp="^.+(youtube.com|ok.ru|vk.com).*\$"
  221. /ip hotspot user profile
  222. set [ find default=yes ] keepalive-timeout=2h shared-users=unlimited \
  223. status-autorefresh=1d
  224. /ip ipsec proposal
  225. set [ find default=yes ] auth-algorithms=sha1,md5 enc-algorithms=\
  226. aes-128-cbc,3des
  227. /ip pool
  228. add name=PoolVlan2 ranges=172.16.1.40-172.16.1.254
  229. add name=PoolVlan3 ranges=172.16.3.30-172.16.3.254
  230. add name=PoolVlan9 ranges=172.16.9.30-172.16.9.254
  231. add name=PoolVlan7 ranges=172.16.7.30-172.16.7.254
  232. add name=PoolVlan4 ranges=172.16.4.30-172.16.4.254
  233. add name=dhcp_pool12 ranges=172.16.8.30-172.16.8.254
  234. add name=dhcp_pool14 ranges=172.16.5.30-172.16.5.254
  235. /ip dhcp-server
  236. add address-pool=PoolVlan2 disabled=no interface=ManagementVlan2 lease-time=\
  237. 1d name=ServerdhcpVlan2
  238. add address-pool=PoolVlan3 disabled=no interface="Network of ServersVlan3" \
  239. lease-time=1d name=ServerdhcpVlan3
  240. # DHCP server can not run on slave interface!
  241. add address-pool=PoolVlan9 disabled=no interface=Teh.PersonalVlan9 \
  242. lease-time=1d name=ServerdhcpVlan9
  243. add address-pool=PoolVlan7 disabled=no interface=bridgeVIP lease-time=1d \
  244. name=ServerdhcpVlan7
  245. add address-pool=PoolVlan4 disabled=no interface=VideoVlan4 lease-time=1d \
  246. name=ServerdhcpVlan4
  247. add address-pool=dhcp_pool12 disabled=no interface=VoiceVlan8 lease-time=\
  248. 1d10m name=dhcp1
  249. add address-pool=dhcp_pool14 disabled=no interface=bridgeVPN lease-time=1d10m \
  250. name=dhcp2
  251. /ppp profile
  252. add dns-server=172.16.9.1 local-address=172.16.9.1 name=MyVPN remote-address=\
  253. PoolVlan9 wins-server=8.8.8.8
  254. /queue tree
  255. add comment="\C3\EB\EE\E1\E0\EB\FC\ED\E0\FF \EE\F7\E5\F0\E5\E4\FC In" \
  256. max-limit=95M name=in parent=global
  257. add comment="\C3\EB\EE\E1\E0\EB\FC\ED\E0\FF \EE\F7\E5\F0\E5\E4\FC out" \
  258. max-limit=95M name=out parent=global
  259. /queue type
  260. add kind=pcq name=pcq-upload-7M pcq-classifier=src-address \
  261. pcq-dst-address6-mask=64 pcq-rate=7M pcq-src-address6-mask=64
  262. add kind=pcq name=sip pcq-classifier=\
  263. src-address,dst-address,src-port,dst-port pcq-dst-address6-mask=64 \
  264. pcq-rate=100k pcq-src-address6-mask=64
  265. add kind=pcq name=rdp pcq-classifier=dst-address pcq-dst-address6-mask=64 \
  266. pcq-rate=1M pcq-src-address6-mask=64
  267. /queue tree
  268. add comment="\C2\F5\EE\E4 \F2\F0\E0\F4\E8\EA WEB \F7\E5\F0\E5\E7 \E8\ED\F2\E5\
  269. \F0\F4\E5\E9\F1 Wan" max-limit=95M name=Web packet-mark=Web_in parent=in \
  270. priority=5 queue=pcq-download-default
  271. add comment="\C8\F1\F5\EE\E4 \F2\F0\E0\F4\E8\EA WEB \F7\E5\F0\E5\E7 \E8\ED\F2\
  272. \E5\F0\F4\E5\E9\F1 Wan" max-limit=95M name=Web_out packet-mark=Web_out \
  273. parent=out priority=5 queue=pcq-upload-default
  274. add comment="\D2\F0\E0\F4\E8\EA \E8\E7 VPN \EA\E0\ED\E0\EB" max-limit=20M \
  275. name=VPN_in packet-mark=PPTP_in,gre_in parent=in priority=3 queue=\
  276. pcq-download-default
  277. add comment="\D2\F0\E0\F4\E8\EA \E2 VPN \EA\E0\ED\E0\EB" max-limit=20M name=\
  278. VPN_out packet-mark=PPTP_out,gre_out parent=out priority=3 queue=\
  279. pcq-upload-default
  280. add comment="IP \D2\E5\EB\E5\F4\EE\ED\E8\FF \E2\F5\EE\E4 \F2\F0\E0\F4\E8\EA" \
  281. max-limit=5M name=Sip_in packet-mark=SIP_in parent=in priority=1 queue=\
  282. sip
  283. add comment=\
  284. "IP \D2\E5\EB\E5\F4\EE\ED\E8\FF \E8\F1\F5\EE\E4 \F2\F0\E0\F4\E8\EA" \
  285. max-limit=5M name=SIP_out packet-mark=SIP_out parent=out priority=1 \
  286. queue=sip
  287. add comment="\CF\F0\EE\F7\E8\E9 \F2\F0\E0\F4\E8\EA" max-limit=4M name=all_in \
  288. packet-mark=all_in parent=in queue=pcq-download-default
  289. add comment="\CF\F0\EE\F7\E8\E9 \F2\F0\E0\F4\E8\EA" max-limit=4M name=all_out \
  290. packet-mark=all_out parent=out queue=pcq-download-default
  291. add max-limit=20M name=VPN_web_in packet-mark=VPN_web_in parent=VPN_in \
  292. priority=5 queue=pcq-download-default
  293. add max-limit=20M name=VPN_Web_out packet-mark=VPN_Web_out parent=VPN_out \
  294. priority=5 queue=pcq-upload-default
  295. add max-limit=2M name=VPN_Sip_in packet-mark=VPN_Sip_in parent=VPN_in \
  296. priority=1 queue=sip
  297. add max-limit=2M name=VPN_Sip_out packet-mark=VPN_Sip_out parent=VPN_out \
  298. priority=1 queue=sip
  299. add max-limit=20M name=VPN_RDP_in packet-mark=VPN_RDP_in parent=VPN_in \
  300. priority=5 queue=rdp
  301. add max-limit=20M name=VPN_RDP_out packet-mark=VPN_RDP_out parent=VPN_out \
  302. priority=5 queue=rdp
  303. add max-limit=10M name=VPN_all_in packet-mark=VPN_all_in parent=VPN_in queue=\
  304. pcq-download-default
  305. add max-limit=10M name=VPN_all_out packet-mark=VPN_all_out parent=VPN_out \
  306. queue=pcq-upload-default
  307. /caps-man manager
  308. set enabled=yes
  309. /caps-man provisioning
  310. add action=create-dynamic-enabled hw-supported-modes=gn master-configuration=\
  311. cfg6_Stage2 radio-mac=64:D1:54:14:4B:7E
  312. add action=create-dynamic-enabled hw-supported-modes=gn master-configuration=\
  313. cfg11_Stage2 radio-mac=64:D1:54:25:29:D8 slave-configurations=\
  314. cfg1Stage2DublinBar_VIP
  315. add action=create-dynamic-enabled hw-supported-modes=gn master-configuration=\
  316. cfg11Stage3 radio-mac=64:D1:54:25:29:8A
  317. add action=create-dynamic-enabled hw-supported-modes=gn master-configuration=\
  318. cfg6Stage3 radio-mac=64:D1:54:44:C0:A6 slave-configurations=cfg6_315VIP
  319. add action=create-dynamic-enabled hw-supported-modes=gn master-configuration=\
  320. cfg2Stage3 radio-mac=64:D1:54:44:C0:CA slave-configurations=\
  321. cfg11Stage3_TehnicalWI-FI
  322. add action=create-dynamic-enabled hw-supported-modes=gn master-configuration=\
  323. cfg5Stage4 radio-mac=64:D1:54:49:BF:7E slave-configurations=\
  324. cfg4Stage4_Tehnical_Wifi
  325. add action=create-dynamic-enabled hw-supported-modes=gn master-configuration=\
  326. cfg1Stage4 radio-mac=64:D1:54:46:D1:06
  327. add action=create-dynamic-enabled hw-supported-modes=gn master-configuration=\
  328. cfg11_Stage4 radio-mac=64:D1:54:EC:19:FA
  329. add action=create-dynamic-enabled hw-supported-modes=gn master-configuration=\
  330. cfg11_Stage2 radio-mac=64:D1:54:26:FA:42
  331. add action=create-dynamic-enabled hw-supported-modes=gn master-configuration=\
  332. cfg1Stage0 radio-mac=64:D1:54:F3:E6:F9
  333. add action=create-dynamic-enabled hw-supported-modes=gn master-configuration=\
  334. cfg1Stage2DublinBar radio-mac=CC:2D:E0:12:2C:2E
  335. add action=create-dynamic-enabled hw-supported-modes=gn master-configuration=\
  336. cfg1Stage0 radio-mac=CC:2D:E0:01:15:20
  337. add action=create-dynamic-enabled hw-supported-modes=gn master-configuration=\
  338. cfg11Stage0 radio-mac=CC:2D:E0:02:51:6F
  339. add action=create-dynamic-enabled hw-supported-modes=gn master-configuration=\
  340. cfg11_Stage4 radio-mac=CC:2D:E0:BE:73:6A
  341. add action=create-dynamic-enabled hw-supported-modes=gn master-configuration=\
  342. cfg1Stage3 radio-mac=CC:2D:E0:0A:6A:EC
  343. add action=create-dynamic-enabled hw-supported-modes=gn master-configuration=\
  344. cfg1Stage2DublinBar radio-mac=B8:69:F4:2E:6E:F1
  345. add action=create-dynamic-enabled hw-supported-modes=gn master-configuration=\
  346. cfg1Stage3 radio-mac=CC:2D:E0:BE:0A:0A
  347. add action=create-dynamic-enabled hw-supported-modes=gn master-configuration=\
  348. cfg1_Stage2 radio-mac=CC:2D:E0:19:D2:8E
  349. add action=create-dynamic-enabled hw-supported-modes=gn master-configuration=\
  350. cfg6_Stage2 radio-mac=CC:2D:E0:A7:3E:ED slave-configurations=cfg1LetkaVIP
  351. add action=create-dynamic-enabled master-configuration=cfg1_Stage2 radio-mac=\
  352. CC:2D:E0:EF:A1:EC
  353. add action=create-dynamic-enabled hw-supported-modes=gn master-configuration=\
  354. cfg6_Stage2 radio-mac=74:4D:28:98:C7:EA
  355. /interface bridge port
  356. add bridge=bridgeVIP interface=UnlimitedSpeedVlan7
  357. add bridge=bridgeVPN interface=ether2
  358. add bridge=bridge_DOM.RU interface=ether1
  359. add bridge=bridge_DOM.RU interface=vlan_Dom.Ru
  360. add bridge=bridgeTehnicalWifi interface=Teh.PersonalVlan9
  361. /interface l2tp-server server
  362. set authentication=mschap2 enabled=yes ipsec-secret=************ use-ipsec=yes
  363. /interface pptp-server server
  364. set default-profile=MyVPN enabled=yes
  365. /ip address
  366. add address=172.16.1.1/24 comment="Network device management MGMT" interface=\
  367. ManagementVlan2 network=172.16.1.0
  368. add address=172.16.3.1/24 comment="Servers network" interface=\
  369. "Network of ServersVlan3" network=172.16.3.0
  370. add address=172.16.4.1/24 comment="Network video" interface=VideoVlan4 \
  371. network=172.16.4.0
  372. add address=172.16.7.1/24 comment="Unlimited speed" interface=bridgeVIP \
  373. network=172.16.7.0
  374. add address=172.16.9.1/24 comment=Personal interface=bridgeTehnicalWifi \
  375. network=172.16.9.0
  376. add address=************/24 comment="ISP 1 Rostelekom " \
  377. interface=ether6 network=85.172.120.0
  378. add address=172.16.8.1/24 comment=Voice interface=VoiceVlan8 network=\
  379. 172.16.8.0
  380. add address=172.16.5.1/24 comment=VPN interface=bridgeVPN network=172.16.5.0
  381. /ip dhcp-client
  382. add dhcp-options=hostname,clientid disabled=no interface=ether6
  383. /ip dhcp-server alert
  384. add disabled=no interface=ManagementVlan2
  385. /ip dhcp-server lease
  386. add address=172.16.9.33 always-broadcast=yes client-id=1:0:25:ab:1a:6:6c \
  387. mac-address=00:25:AB:1A:06:6C server=ServerdhcpVlan9
  388. add address=172.16.10.161 always-broadcast=yes client-id=1:0:6d:52:15:13:a3 \
  389. mac-address=00:6D:52:15:13:A3
  390. add address=172.16.9.51 always-broadcast=yes client-id=1:0:1b:67:15:8f:bd \
  391. mac-address=00:1B:67:15:8F:BD server=ServerdhcpVlan9
  392. add address=172.16.20.135 client-id=1:0:6d:52:15:13:a3 mac-address=\
  393. 00:6D:52:15:13:A3
  394. add address=172.16.9.45 always-broadcast=yes client-id=1:e0:b9:4d:e4:45:cc \
  395. mac-address=E0:B9:4D:E4:45:CC server=ServerdhcpVlan9
  396. add address=172.16.9.50 client-id=1:90:2b:34:cf:94:af mac-address=\
  397. 90:2B:34:CF:94:AF server=ServerdhcpVlan9
  398. add address=172.16.9.42 client-id=1:0:b0:6c:1b:88:af mac-address=\
  399. 00:B0:6C:1B:88:AF server=ServerdhcpVlan9
  400. add address=172.16.9.43 always-broadcast=yes client-id=1:8:ea:40:88:7e:c2 \
  401. mac-address=08:EA:40:88:7E:C2 server=ServerdhcpVlan9
  402. add address=172.16.9.32 client-id=1:44:19:b6:92:9:1b mac-address=\
  403. 44:19:B6:92:09:1B server=ServerdhcpVlan9
  404. add address=172.16.9.57 always-broadcast=yes client-id=1:0:95:69:d6:60:6a \
  405. mac-address=00:95:69:D6:60:6A server=ServerdhcpVlan9
  406. add address=172.16.9.35 always-broadcast=yes client-id=1:0:b0:6c:1b:5e:3e \
  407. mac-address=00:B0:6C:1B:5E:3E server=ServerdhcpVlan9
  408. add address=172.16.9.41 always-broadcast=yes client-id=1:8:ea:40:fb:c9:93 \
  409. mac-address=08:EA:40:FB:C9:93 server=ServerdhcpVlan9
  410. add address=172.16.9.34 client-id=1:0:e0:b4:6:f:7 mac-address=\
  411. 00:E0:B4:06:0F:07 server=ServerdhcpVlan9
  412. add address=172.16.9.49 client-id=1:54:c4:15:96:d:1a mac-address=\
  413. 54:C4:15:96:0D:1A server=ServerdhcpVlan9
  414. add address=172.16.9.52 always-broadcast=yes client-id=1:ec:3d:fd:80:63:ff \
  415. mac-address=EC:3D:FD:80:63:FF server=ServerdhcpVlan9
  416. add address=172.16.9.44 client-id=1:b4:a3:82:aa:38:f mac-address=\
  417. B4:A3:82:AA:38:0F server=ServerdhcpVlan9
  418. add address=172.16.9.67 client-id=1:44:19:b6:92:8:9a mac-address=\
  419. 44:19:B6:92:08:9A server=ServerdhcpVlan9
  420. add address=172.16.9.30 client-id=1:bc:1c:81:87:d3:73 mac-address=\
  421. BC:1C:81:87:D3:73 server=ServerdhcpVlan9
  422. add address=172.16.40.131 client-id=1:48:98:ca:46:e8:5c mac-address=\
  423. 48:98:CA:46:E8:5C
  424. add address=172.16.30.75 client-id=1:bc:1c:81:87:d3:73 mac-address=\
  425. BC:1C:81:87:D3:73
  426. add address=172.16.1.31 client-id=1:0:27:7:0:f1:c2 mac-address=\
  427. 00:27:07:00:F1:C2 server=ServerdhcpVlan2
  428. add address=172.16.9.106 client-id=1:4:e:3c:68:af:7a mac-address=\
  429. 04:0E:3C:68:AF:7A server=ServerdhcpVlan9
  430. /ip dhcp-server network
  431. add address=172.16.1.0/24 dns-server=172.16.1.1,8.8.8.8 gateway=172.16.1.1
  432. add address=172.16.3.0/24 dns-server=172.16.3.1,8.8.8.8 gateway=172.16.3.1
  433. add address=172.16.4.0/24 dns-server=172.16.4.1,8.8.8.8 gateway=172.16.4.1
  434. add address=172.16.5.0/24 dns-server=172.16.5.1,8.8.8.8 gateway=172.16.5.1
  435. add address=172.16.6.0/24 dns-server=172.16.6.1,8.8.8.8 gateway=172.16.6.1
  436. add address=172.16.7.0/24 dns-server=172.16.7.1,8.8.8.8 gateway=172.16.7.1
  437. add address=172.16.8.0/24 dns-server=172.16.8.1,8.8.8.8 gateway=172.16.8.1
  438. add address=172.16.9.0/24 dns-server=172.16.9.1,8.8.8.8 gateway=172.16.9.1
  439. add address=172.16.10.0/24 dns-server=172.16.10.1,8.8.8.8 gateway=172.16.10.1
  440. add address=172.16.20.0/24 dns-server=172.16.20.1,8.8.8.8 gateway=172.16.20.1
  441. add address=172.16.30.0/24 dns-server=172.16.30.1,8.8.8.8 gateway=172.16.30.1
  442. add address=172.16.40.0/24 dns-server=172.16.40.1,8.8.8.8 gateway=172.16.40.1
  443. /ip dns
  444. set allow-remote-requests=yes servers=8.8.8.8
  445. /ip firewall address-list
  446. add address=************ list=Winbox
  447. add address=************ list=Winbox
  448. add address=************ list=Winbox
  449. add address=************ list=Winbox
  450. add address=************ list=Winbox_White
  451. add address=************ list=Winbox_White
  452. add address=************ list=Winbox_White
  453. add address=************ list=Winbox_White
  454. add address=172.16.9.159 list=Social_Net_White
  455. add address=172.16.9.134 list=Social_Net_White
  456. add address=************ list=VOIP
  457. /ip firewall filter
  458. add action=drop chain=input disabled=yes src-address=************
  459. add action=accept chain=forward comment="VOIP RTP" disabled=yes dst-port=\
  460. 10000-20000 protocol=udp
  461. add action=accept chain=forward disabled=yes dst-port=10000-20000 protocol=\
  462. tcp
  463. add action=accept chain=forward disabled=yes dst-port=5060-5065 protocol=udp
  464. add action=accept chain=input comment=PPP dst-port=1701 protocol=udp
  465. add action=accept chain=input dst-port=1723 protocol=udp
  466. add action=accept chain=forward disabled=yes dst-port=4000 protocol=tcp
  467. add action=drop chain=input comment="drop PPTP brute forcers" disabled=yes \
  468. dst-port=1723 protocol=tcp src-address-list=PPTP_blacklist
  469. add action=add-src-to-address-list address-list=PPTP_blacklist \
  470. address-list-timeout=1w3d chain=input connection-state=new disabled=yes \
  471. dst-port=1723 protocol=tcp src-address-list=PPTP_stage3
  472. add action=add-src-to-address-list address-list=PPTP_stage3 \
  473. address-list-timeout=1m chain=input connection-state=new disabled=yes \
  474. dst-port=1723 protocol=tcp src-address-list=PPTP_stage2
  475. add action=add-src-to-address-list address-list=PPTP_stage2 \
  476. address-list-timeout=1m chain=input connection-state=new disabled=yes \
  477. dst-port=1723 protocol=tcp src-address-list=PPTP_stage1
  478. add action=add-src-to-address-list address-list=PPTP_stage1 \
  479. address-list-timeout=1m chain=input connection-state=new disabled=yes \
  480. dst-port=1723 protocol=tcp
  481. add action=reject chain=forward comment="drop PPTP brute downstream" \
  482. disabled=yes dst-port=1723 protocol=tcp reject-with=\
  483. icmp-network-unreachable src-address-list=PPTP_blacklist
  484. add action=reject chain=input comment="drop Winbox brute forcers" dst-port=\
  485. 8291 protocol=tcp reject-with=icmp-network-unreachable src-address-list=\
  486. Winbox_blacklist
  487. add action=add-src-to-address-list address-list=Winbox_blacklist \
  488. address-list-timeout=0s chain=input connection-state=new dst-port=8291 \
  489. protocol=tcp src-address-list=Winbox_stage1
  490. add action=add-src-to-address-list address-list=Winbox_stage1 \
  491. address-list-timeout=1m chain=input connection-state=new dst-port=8291 \
  492. protocol=tcp src-address-list=!Winbox_White
  493. add action=drop chain=forward comment="Printers Reseption hp laserJet 428" \
  494. src-address=172.16.9.225
  495. add action=accept chain=input protocol=gre
  496. add action=reject chain=forward comment="Block List Social network" disabled=\
  497. yes layer7-protocol=Block log=yes log-prefix=Social_net protocol=tcp \
  498. reject-with=tcp-reset src-address=172.16.9.0/24 src-address-list=\
  499. !Social_Net_White
  500. add action=passthrough chain=unused-hs-chain comment=\
  501. "place hotspot rules here"
  502. add action=drop chain=input comment="DNS ROSTELEKOM" dst-port=53 \
  503. in-interface=ether6 protocol=udp
  504. add action=drop chain=input comment="DNS DOM.RU" dst-port=53 in-interface=\
  505. pppoe-out1 protocol=udp
  506. add action=drop chain=output comment="GOOGLE PING DENY 8.8.4.4" dst-address=\
  507. 8.8.4.4 out-interface=pppoe-out1
  508. add action=accept chain=input comment=Estabilished/Related connection-state=\
  509. established,related
  510. add action=accept chain=forward connection-state=established,related
  511. add action=drop chain=forward comment=Invalid connection-state=invalid
  512. add action=drop chain=input connection-state=invalid in-interface=ether6
  513. add action=accept chain=forward comment=IpSec dst-port=500 protocol=udp
  514. add action=accept chain=forward dst-port=4500 protocol=udp
  515. add action=accept chain=input comment="Allow IPSec-esp" protocol=ipsec-esp
  516. add action=accept chain=input comment="Allow IPSec-ah" protocol=ipsec-ah
  517. add action=accept chain=input comment=WinBox dst-port=8291 in-interface=\
  518. ether6 protocol=tcp src-address-list=Winbox
  519. add action=accept chain=input comment="Allow ping" protocol=icmp
  520. add action=accept chain=forward comment=Video dst-port=34567 protocol=tcp
  521. add action=accept chain=forward dst-port=90 protocol=tcp
  522. add action=accept chain=forward comment="IIS Server" dst-port=80 protocol=tcp
  523. add action=accept chain=input comment=Iwinbox dst-port=8728 in-interface=\
  524. ether6 protocol=tcp
  525. add action=accept chain=input comment="Allow UDP" protocol=udp
  526. /ip firewall mangle
  527. add action=mark-connection chain=input comment=PPTP dst-port=1723 \
  528. new-connection-mark=PPTP_in passthrough=no protocol=tcp
  529. add action=mark-packet chain=prerouting connection-mark=PPTP_in \
  530. new-packet-mark=PPTP_out passthrough=no
  531. add action=mark-connection chain=output new-connection-mark=PPTP_out \
  532. passthrough=no protocol=tcp src-port=1723
  533. add action=mark-packet chain=postrouting connection-mark=PPTP_out \
  534. new-packet-mark=PPTP_in passthrough=no
  535. add action=mark-connection chain=input comment=GRE new-connection-mark=gre_in \
  536. passthrough=no protocol=gre
  537. add action=mark-connection chain=output new-connection-mark=gre_out \
  538. passthrough=no protocol=gre
  539. add action=mark-packet chain=prerouting connection-mark=gre_in \
  540. new-packet-mark=gre_out passthrough=no
  541. add action=mark-packet chain=postrouting connection-mark=gre_out \
  542. new-packet-mark=gre_in passthrough=no
  543. add action=mark-connection chain=prerouting comment=WEB dst-port=80,443,8080 \
  544. new-connection-mark=WEB passthrough=no protocol=tcp
  545. add action=mark-packet chain=forward connection-mark=WEB new-packet-mark=\
  546. VPN_web_in out-interface=all-ppp passthrough=no
  547. add action=mark-packet chain=forward connection-mark=WEB in-interface=all-ppp \
  548. new-packet-mark=VPN_Web_out passthrough=no
  549. add action=mark-packet chain=forward connection-mark=WEB in-interface=ether6 \
  550. new-packet-mark=Web_in passthrough=no
  551. add action=mark-packet chain=forward connection-mark=WEB new-packet-mark=\
  552. Web_out out-interface=ether6 passthrough=no
  553. add action=mark-connection chain=prerouting comment=RDP dst-port=3389 \
  554. new-connection-mark=RDP passthrough=no protocol=tcp
  555. add action=mark-packet chain=forward connection-mark=RDP new-packet-mark=\
  556. VPN_RDP_in out-interface=all-ppp passthrough=no
  557. add action=mark-packet chain=forward connection-mark=RDP in-interface=all-ppp \
  558. new-packet-mark=VPN_RDP_out passthrough=no
  559. add action=mark-connection chain=prerouting comment=SIP dst-port=\
  560. 5060,20000-22000 new-connection-mark=SIP passthrough=no protocol=udp
  561. add action=mark-packet chain=forward connection-mark=SIP in-interface=all-ppp \
  562. new-packet-mark=VPN_Sip_out passthrough=no
  563. add action=mark-packet chain=forward connection-mark=SIP new-packet-mark=\
  564. VPN_Sip_in out-interface=all-ppp passthrough=no
  565. add action=mark-packet chain=forward connection-mark=SIP in-interface=ether6 \
  566. new-packet-mark=SIP_in passthrough=no
  567. add action=mark-packet chain=forward connection-mark=SIP new-packet-mark=\
  568. SIP_out out-interface=ether6 passthrough=no
  569. add action=mark-packet chain=forward comment=all in-interface=all-ppp \
  570. new-packet-mark=VPN_all_out passthrough=no
  571. add action=mark-packet chain=forward new-packet-mark=VPN_all_in \
  572. out-interface=all-ppp passthrough=no
  573. # in/out-interface matcher not possible when interface (ether1) is slave - use master instead (bridge_DOM.RU)
  574. add action=mark-packet chain=forward in-interface=ether1 new-packet-mark=\
  575. all_in passthrough=no
  576. # in/out-interface matcher not possible when interface (ether1) is slave - use master instead (bridge_DOM.RU)
  577. add action=mark-packet chain=forward new-packet-mark=all_out out-interface=\
  578. ether1 passthrough=no
  579. /ip firewall nat
  580. add action=dst-nat chain=dstnat comment="NomachineNX \C8\E2\E0\ED" dst-port=\
  581. 1050 protocol=tcp to-addresses=172.16.9.210 to-ports=1050
  582. add action=dst-nat chain=dstnat comment=NextCloud dst-port=92 protocol=tcp \
  583. to-addresses=172.16.9.212 to-ports=92
  584. add action=dst-nat chain=dstnat comment="NextCloud SSH" dst-port=93 protocol=\
  585. tcp to-addresses=172.16.9.211 to-ports=443
  586. add action=dst-nat chain=dstnat comment=Radmin disabled=yes dst-port=4899 \
  587. protocol=tcp to-addresses=172.16.3.16 to-ports=4899
  588. add action=dst-nat chain=dstnat comment=Lift dst-port=46000 in-interface=\
  589. ether6 protocol=tcp src-address-list=Lift to-addresses=172.16.1.31 \
  590. to-ports=46000
  591. add action=dst-nat chain=dstnat dst-port=46001 in-interface=ether6 protocol=\
  592. udp src-address-list=Lift to-addresses=172.16.1.31 to-ports=46001
  593. add action=passthrough chain=unused-hs-chain comment=\
  594. "place hotspot rules here" disabled=yes
  595. add action=dst-nat chain=dstnat comment=ZABBIX dst-port=2255 in-interface=\
  596. ether6 protocol=tcp to-addresses=172.16.3.9 to-ports=80
  597. add action=dst-nat chain=dstnat comment="ZABBIX SSH" disabled=yes dst-port=\
  598. 2222 in-interface=ether6 protocol=tcp to-addresses=172.16.3.9 to-ports=22
  599. add action=dst-nat chain=dstnat comment="Debian backup SSH" disabled=yes \
  600. dst-port=2233 in-interface=ether6 protocol=tcp to-addresses=172.16.3.17 \
  601. to-ports=22
  602. add action=accept chain=srcnat comment="IPSec VPN Erevan" dst-address=\
  603. 192.168.1.0/24 src-address=172.16.9.0/24
  604. add action=accept chain=srcnat comment="IPSec VPN \C0\E4\EB\E5\F0" \
  605. dst-address=172.18.1.0/24 src-address=172.16.3.0/24
  606. add action=accept chain=srcnat comment="IPSec VPN BASE VOLGOGRAD" \
  607. dst-address=10.8.0.0/24 src-address=172.16.3.0/24
  608. add action=accept chain=srcnat dst-address=10.8.0.0/24 src-address=\
  609. 172.16.9.0/24
  610. add action=dst-nat chain=dstnat comment="Apache Server" dst-port=82 \
  611. in-interface=ether6 protocol=tcp to-addresses=172.16.3.6 to-ports=81
  612. add action=dst-nat chain=dstnat comment="EDS Server" dst-port=80 \
  613. in-interface=ether6 protocol=tcp to-addresses=172.16.3.17 to-ports=80
  614. add action=dst-nat chain=dstnat dst-port=96 in-interface=ether6 protocol=tcp \
  615. to-addresses=172.16.4.4 to-ports=34567
  616. add action=dst-nat chain=dstnat dst-port=90 in-interface=ether6 protocol=tcp \
  617. to-addresses=172.16.4.3 to-ports=90
  618. add action=masquerade chain=srcnat comment="Nat rostelekom" out-interface=\
  619. ether6
  620. add action=masquerade chain=srcnat comment="Nat Dom.ru" out-interface=\
  621. pppoe-out1
  622. /ip firewall service-port
  623. set sip disabled=yes
  624. /ip hotspot user
  625. add name=admin
  626. /ip ipsec peer
  627. add address=************/32 comment="Tayshetskiy 10" enc-algorithm=3des \
  628. exchange-mode=main-l2tp generate-policy=port-override hash-algorithm=md5 \
  629. passive=yes secret=HXXB4-XR9QR
  630. add address=194.114.128.135/32 comment=ADLER dh-group=modp1536 passive=yes \
  631. secret=HXXB4-XR9QR
  632. /ip ipsec policy
  633. add dst-address=10.8.0.0/24 sa-dst-address=************ sa-src-address=\
  634. ************ src-address=172.16.3.0/24 tunnel=yes
  635. add comment=Adler dst-address=172.18.1.0/24 sa-dst-address=************ \
  636. sa-src-address=************ src-address=172.16.3.0/24 tunnel=yes
  637. add comment="Tayshetskiy 10" dst-address=10.8.0.0/24 sa-dst-address=\
  638. ************ sa-src-address=************ src-address=172.16.9.0/24 \
  639. tunnel=yes
  640. /ip route
  641. add comment=ISP1 distance=3 gateway=************
  642. add comment=ISP2 disabled=yes distance=2 gateway=pppoe-out1
  643. add comment=GOOGLE distance=1 dst-address=8.8.4.4/32 gateway=************
  644. add disabled=yes distance=1 dst-address=172.16.10.0/24 gateway=172.16.60.2
  645. add distance=1 dst-address=192.168.0.0/24 gateway=*F00134
  646. add comment="Route Erevan" distance=1 dst-address=192.168.1.0/24 gateway=\
  647. 172.16.32.2 pref-src=172.16.9.1
  648.  
  649. /ip service
  650. set telnet disabled=yes
  651. set ftp disabled=yes
  652. set www disabled=yes port=99
  653. set ssh disabled=yes
  654. set api address=************/32 disabled=yes
  655. set winbox address="172.16.9.0/24,172.16.3.0/24,************/32,************\
  656. 2/32,************/32"
  657. set api-ssl disabled=yes
  658.  
  659. /snmp
  660. set enabled=yes
  661. /system clock
  662. set time-zone-autodetect=no time-zone-name=Europe/Volgograd
  663. /system clock manual
  664. set time-zone=+03:00
  665. /system ntp client
  666. set enabled=yes primary-ntp=88.147.254.232 secondary-ntp=91.226.136.155 \
  667. server-dns-names=ntp1.stratum2.ru
  668. /system scheduler
  669. add disabled=yes interval=1w3d name=Reboot on-event=" /system reboot" policy=\
  670. ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
  671. start-date=oct/17/2017 start-time=03:00:00
  672. add interval=5d name=BackupRouterHotelRING on-event=\
  673. "/system script run ScriptBackup" policy=\
  674. ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
  675. start-date=nov/02/2017 start-time=23:00:24
  676.  
  677. /system watchdog
  678. set automatic-supout=no no-ping-delay=1h watchdog-timer=no
  679. /tool bandwidth-server
  680. set authenticate=no
  681. /tool netwatch
  682. add down-script="/ip route enable [find comment=\"ISP2\"]" host=8.8.4.4 \
  683. interval=30s up-script="/ip route disable [find comment=\"ISP2\"]"
  684.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!