Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- /interface ethernet
- set [ find default-name=ether1 ] name=ether1-wan1
- set [ find default-name=ether2 ] name=ether2-wan2
- set [ find default-name=ether3 ] name=ether3-lan2
- set [ find default-name=ether4 ] name=ether4-lan2
- set [ find default-name=ether5 ] name=ether5-lan1
- /interface bridge
- add name=bridge-wan
- add name=bridge-lan1
- add name=bridge-lan2
- /interface bridge port
- add bridge=bridge-wan ingress-filtering=yes interface=ether1-wan1
- add bridge=bridge-wan ingress-filtering=yes interface=ether2-wan2
- add bridge=bridge-lan1 ingress-filtering=yes interface=ether5-lan1
- add bridge=bridge-lan1 ingress-filtering=yes interface=wifi2.4
- add bridge=bridge-lan1 ingress-filtering=yes interface=wifi5.0
- add bridge=bridge-lan2 ingress-filtering=yes interface=ether3-lan2
- add bridge=bridge-lan2 ingress-filtering=yes interface=ether4-lan2
- /ip dhcp-client
- add disabled=no interface=bridge-wan
- /ip dhcp-server
- add address-pool=dhcp_pool1 disabled=no interface=bridge-lan1 lease-time=24h name=dhcp-lan1
- add address-pool=dhcp_pool0 disabled=no interface=bridge-lan2 lease-time=24h name=dhcp-lan2
- /ip pool
- add name=dhcp_pool1 ranges=192.168.100.2-192.168.100.254
- add name=dhcp_pool0 ranges=192.168.200.2-192.168.200.254
- /ip address
- add address=192.168.100.1/24 interface=bridge-lan1 network=192.168.100.0
- add address=192.168.200.1/24 interface=bridge-lan2 network=192.168.200.0
- /ip dhcp-server network
- add address=192.168.100.0/24 dns-server=192.168.100.1,192.168.5.1 domain=lan1.local gateway=192.168.100.1 netmask=24
- add address=192.168.200.0/24 dns-server=192.168.200.1,192.168.5.1 domain=lan2.local gateway=192.168.200.1 netmask=24
- /ip firewall nat
- add action=masquerade chain=srcnat
- add action=dst-nat chain=dstnat dst-address=192.168.5.2 dst-port=25565 in-interface=bridge-wan protocol=tcp to-addresses=192.168.200.2 to-ports=25565
- add action=dst-nat chain=dstnat dst-address=192.168.5.2 dst-port=80 protocol=tcp to-addresses=192.168.200.2 to-ports=80
- add action=dst-nat chain=dstnat dst-address=192.168.5.2 dst-port=443 protocol=udp to-addresses=192.168.200.2 to-ports=443
- add action=dst-nat chain=dstnat dst-address=192.168.5.2 dst-port=443 protocol=tcp to-addresses=192.168.200.2 to-ports=443
- /ip service
- set telnet disabled=yes
- set ftp disabled=yes
- set www disabled=yes
- set ssh disabled=yes
- set api disabled=yes
- set api-ssl disabled=yes
- Excluded:
- /interface list
- /interface lte apn
- /interface wireless security-profiles
- /interface list member
- /interface ovpn-server server
- /queue type
- /ip cloud
- /ip dns
- /ip firewall address-list
- /ip firewall filter (all rules deactivated)
- /system clock
- /system leds
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement