# aug/23/2018 09:42:50 by RouterOS 6.39.2# software id = ***********-DQS3#

1. # aug/23/2018 09:42:50 by RouterOS 6.39.2
2. # software id = ***********-DQS3
3. #
4. /caps-man channel
5. add band=2ghz-b/g/n control-channel-width=20mhz frequency=2412 name=channel1 \
6. tx-power=20
7. add band=2ghz-b/g/n control-channel-width=20mhz frequency=2437 name=channel6 \
8. tx-power=20
9. add band=2ghz-b/g/n control-channel-width=20mhz frequency=2462 name=channel11 \
10. tx-power=20
11. add band=2ghz-b/g/n control-channel-width=20mhz frequency=2417 name=channel2 \
12. tx-power=20
13. add band=2ghz-b/g/n control-channel-width=20mhz frequency=2432 name=channel5 \
14. tx-power=20
15. /interface bridge
16. add name=BridgeStage2
17. add name=BridgeStage3
18. add name=BridgeStage4
19. /interface ethernet
20. set [ find default-name=ether1 ] comment=Local loop-protect=on speed=1Gbps
21. set [ find default-name=ether2 ] disabled=yes
22. set [ find default-name=ether3 ] disabled=yes
23. set [ find default-name=ether4 ] disabled=yes
24. set [ find default-name=ether5 ] disabled=yes
25. set [ find default-name=ether6 ] comment=\
26. "ISP 1 Primary Rostelekom *********** "
27. set [ find default-name=ether7 ] disabled=yes
28. set [ find default-name=ether8 ] comment="ISP2 Reserve Dom.ru " loop-protect=\
29. on
30. set [ find default-name=ether9 ] disabled=yes
31. set [ find default-name=ether10 ] disabled=yes
32. set [ find default-name=sfp1 ] disabled=yes loop-protect=on
33. /interface pppoe-client
34. add comment="ISP 2 DOM.RU" disabled=no interface=ether8 name=pppoe-out1 \
35. password=*********** use-peer-dns=yes ***********
36. /ip neighbor discovery
37. set ether1 discover=no
38. set ether3 discover=no
39. set ether4 discover=no
40. set ether5 discover=no
41. set ether6 discover=no
42. set ether7 discover=no
43. set ether8 discover=no
44. set ether9 discover=no
45. set ether10 discover=no
46. set sfp1 discover=no
47. set BridgeStage2 discover=no
48. set BridgeStage3 discover=no
49. set BridgeStage4 discover=no
50. set pppoe-out1 discover=no
51. /interface vlan
52. add comment="Network device management " interface=ether1 loop-protect=on \
53. name=ManagementVlan2 vlan-id=2
54. add comment="Network of Servers" interface=ether1 loop-protect=on name=\
55. "Network of ServersVlan3" vlan-id=3
56. add comment=Stage1 interface=ether1 loop-protect=on name=Stage1Vlan10 \
57. vlan-id=10
58. add comment=Stage2 interface=ether1 loop-protect=on name=Stage2Vlan20 \
59. vlan-id=20
60. add comment=Stage3 interface=ether1 loop-protect=on name=Stage3Vlan30 \
61. vlan-id=30
62. add comment=Stage4 interface=ether1 loop-protect=on name=Stage4Vlan40 \
63. vlan-id=40
64. add comment=Personal interface=ether1 loop-protect=on name=Teh.PersonalVlan9 \
65. vlan-id=9
66. add comment=UnlimitedSpeed interface=ether1 loop-protect=on name=\
67. UnlimitedSpeedVlan7 vlan-id=7
68. add comment="Video network" interface=ether1 loop-protect=on name=VideoVlan4 \
69. vlan-id=4
70. /caps-man datapath
71. add bridge=BridgeStage4 comment="Config Stage4" local-forwarding=no name=\
72. datapath2Stage4 vlan-id=40
73. add bridge=BridgeStage3 comment="Config Stage3" local-forwarding=no name=\
74. datapath3Stage3 vlan-id=30
75. add bridge=BridgeStage2 comment="Config Stage2" local-forwarding=no name=\
76. datapath4Stage2 vlan-id=20
77. /ip neighbor discovery
78. set Stage1Vlan10 discover=no
79. set Stage2Vlan20 discover=no
80. set Stage3Vlan30 discover=no
81. set Stage4Vlan40 discover=no
82. set UnlimitedSpeedVlan7 discover=no
83. set VideoVlan4 discover=no
84. /caps-man security
85. add authentication-types=wpa2-psk encryption=aes-ccm group-encryption=aes-ccm \
86. name=security1 passphrase=***********2016
87. /caps-man configuration
88. add channel=channel1 datapath=datapath4Stage2 mode=ap name=cfg1_Stage2 \
89. rx-chains=0,1,2 security=security1 ssid=*********** tx-chains=0,1,2
90. add channel=channel6 datapath=datapath4Stage2 mode=ap name=cfg6_Stage2 \
91. rx-chains=0,1,2 security=security1 ssid=*********** tx-chains=0,1,2
92. add channel=channel11 datapath=datapath4Stage2 mode=ap name=cfg11_Stage2 \
93. rx-chains=0,1,2 security=security1 ssid=*********** tx-chains=0,1,2
94. add channel=channel1 datapath=datapath3Stage3 mode=ap name=cfg1Stage3 \
95. rx-chains=0,1,2 security=security1 ssid=*********** tx-chains=0,1,2
96. add channel=channel6 datapath=datapath3Stage3 mode=ap name=cfg6Stage3 \
97. rx-chains=0,1,2 security=security1 ssid=*********** tx-chains=0,1,2
98. add channel=channel11 datapath=datapath3Stage3 mode=ap name=cfg11Stage3 \
99. rx-chains=0,1,2 security=security1 ssid=*********** tx-chains=0,1,2
100. add channel=channel2 datapath=datapath3Stage3 mode=ap name=cfg2Stage3 \
101. rx-chains=0,1,2 security=security1 ssid=*********** tx-chains=0,1,2
102. add channel=channel5 datapath=datapath2Stage4 mode=ap name=cfg5Stage4 \
103. rx-chains=0,1,2 security=security1 ssid=*********** tx-chains=0,1,2
104. add channel=channel1 datapath=datapath2Stage4 mode=ap name=cfg1Stage4 \
105. rx-chains=0,1,2 security=security1 ssid=*********** tx-chains=0,1,2
106. add channel=channel11 datapath=datapath2Stage4 mode=ap name=cfg11_Stage4 \
107. rx-chains=0,1,2 security=security1 ssid=*********** tx-chains=0,1,2
108. add channel=channel1 datapath=datapath4Stage2 mode=ap name=cfg1Stage0 \
109. rx-chains=0,1,2 security=security1 ssid=*********** tx-chains=0,1,2
110. add channel=channel1 datapath=datapath4Stage2 mode=ap name=\
111. cfg1Stage2DublinBar rx-chains=0,1,2 security=security1 ssid=*********** \
112. tx-chains=0,1,2
113. add channel=channel11 datapath=datapath4Stage2 mode=ap name=\
114. "cfg11Stage0Sauna\B93" rx-chains=0,1,2 security=security1 ssid=*********** \
115. tx-chains=0,1,2
116. add channel=channel6 datapath=datapath4Stage2 mode=ap name=cfg6Stage1 \
117. rx-chains=0,1,2 security=security1 ssid=*********** tx-chains=0,1,2
118. /caps-man interface
119. add comment="Stage 0_Prachka" configuration=cfg1Stage0 disabled=no l2mtu=1600 \
120. mac-address=64:D1:54:F3:E6:FE master-interface=none name=\
121. MikroTik_Stage0_Prachka radio-mac=64:D1:54:F3:E6:FE
122. add comment="Stage 0_Sauna \B91" configuration=cfg1Stage0 disabled=no l2mtu=\
123. 1600 mac-address=CC:2D:E0:01:15:25 master-interface=none name=\
124. "MikroTik_Stage0_Sauna\B91" radio-mac=CC:2D:E0:01:15:25
125. add comment="Stage 0_Sauna \B93" configuration="cfg11Stage0Sauna\B93" \
126. disabled=no l2mtu=1600 mac-address=CC:2D:E0:02:51:74 master-interface=\
127. none name="MikroTik_Stage0_Sauna\B93" radio-mac=CC:2D:E0:02:51:74
128. add comment="Restoraunt London" configuration=cfg6Stage1 disabled=no l2mtu=\
129. 1600 mac-address=CC:2D:E0:BE:73:6F master-interface=none name=\
130. MikroTik_Stage1_London radio-mac=CC:2D:E0:BE:73:6F
131. add comment="Restoraunt DublinBar" configuration=cfg1_Stage2 disabled=no \
132. l2mtu=1600 mac-address=CC:2D:E0:12:2C:33 master-interface=none name=\
133. MikroTik_Stage2_Dublin_Bar radio-mac=CC:2D:E0:12:2C:33
134. add comment="Stage 2" configuration=cfg11_Stage2 disabled=no l2mtu=1600 \
135. mac-address=64:D1:54:26:FA:47 master-interface=none name=\
136. "MikroTik_Stage2\B9205" radio-mac=64:D1:54:26:FA:47
137. add configuration=cfg1_Stage2 disabled=no l2mtu=1600 mac-address=\
138. 64:D1:54:14:4B:83 master-interface=none name="MikroTik_Stage2\B9209" \
139. radio-mac=64:D1:54:14:4B:83
140. add configuration=cfg6_Stage2 disabled=no l2mtu=1600 mac-address=\
141. 64:D1:54:25:29:DD master-interface=none name="MikroTik_Stage2\B9215" \
142. radio-mac=64:D1:54:25:29:DD
143. add comment="Stage 3" configuration=cfg6Stage3 disabled=no l2mtu=1600 \
144. mac-address=64:D1:54:25:29:8F master-interface=none name=\
145. "MikroTik_Stage3\B9305" radio-mac=64:D1:54:25:29:8F
146. add configuration=cfg11Stage3 disabled=no l2mtu=1600 mac-address=\
147. 64:D1:54:44:C0:CF master-interface=none name="MikroTik_Stage3\B9309" \
148. radio-mac=64:D1:54:44:C0:CF
149. add configuration=cfg1Stage3 disabled=no l2mtu=1600 mac-address=\
150. CC:2D:E0:0A:6A:EC master-interface=none name="MikroTik_Stage3\B9312" \
151. radio-mac=CC:2D:E0:0A:6A:EC
152. add configuration=cfg2Stage3 disabled=no l2mtu=1600 mac-address=\
153. 64:D1:54:44:C0:AB master-interface=none name="MikroTik_Stage3\B9315" \
154. radio-mac=64:D1:54:44:C0:AB
155. add comment="Stage 4" configuration=cfg5Stage4 disabled=no l2mtu=1600 \
156. mac-address=64:D1:54:46:D1:0B master-interface=none name=\
157. "MikroTik_Stage4\B9405" radio-mac=64:D1:54:46:D1:0B
158. add configuration=cfg1Stage4 disabled=no l2mtu=1600 mac-address=\
159. 64:D1:54:49:BF:83 master-interface=none name="MikroTik_Stage4\B9409" \
160. radio-mac=64:D1:54:49:BF:83
161. add configuration=cfg11_Stage4 disabled=no l2mtu=1600 mac-address=\
162. 64:D1:54:EC:19:FF master-interface=none name="MikroTik_Stage4\B9415" \
163. radio-mac=64:D1:54:EC:19:FF
164. /ip neighbor discovery
165. set MikroTik_Stage0_Prachka discover=no
166. set "MikroTik_Stage0_Sauna\B91" discover=no
167. set "MikroTik_Stage0_Sauna\B93" discover=no
168. set MikroTik_Stage1_London discover=no
169. set MikroTik_Stage2_Dublin_Bar discover=no
170. set "MikroTik_Stage2\B9205" discover=no
171. set "MikroTik_Stage2\B9209" discover=no
172. set "MikroTik_Stage2\B9215" discover=no
173. set "MikroTik_Stage3\B9305" discover=no
174. set "MikroTik_Stage3\B9309" discover=no
175. set "MikroTik_Stage3\B9312" discover=no
176. set "MikroTik_Stage3\B9315" discover=no
177. set "MikroTik_Stage4\B9405" discover=no
178. set "MikroTik_Stage4\B9409" discover=no
179. set "MikroTik_Stage4\B9415" discover=no
180. /interface wireless security-profiles
181. set [ find default=yes ] supplicant-identity=MikroTik
182. /ip firewall layer7-protocol
183. add name="Social Network" regexp="\"^.+(vk.com|vkontakte|odnoklassniki|odnokla\
184. sniki|fall-in-\\\r\
185. \nlove|loveplanet|my.mail.ru).*\\\$\""
186. /ip hotspot profile
187. add hotspot-address=172.16.5.1 login-by=http-chap,trial name=*********** \
188. trial-uptime-limit=0s trial-uptime-reset=1m
189. /ip hotspot
190. add disabled=no interface=ether2 name=hotspot1 profile=***********
191. /ip hotspot user profile
192. set [ find default=yes ] keepalive-timeout=2h shared-users=unlimited \
193. status-autorefresh=1d
194. /ip ipsec proposal
195. set [ find default=yes ] enc-algorithms=aes-128-cbc,3des pfs-group=none
196. /ip pool
197. add name=PoolVlan2 ranges=172.16.1.30-172.16.1.254
198. add name=PoolVlan3 ranges=172.16.3.30-172.16.3.254
199. add name=PoolVlan10 ranges=172.16.10.30-172.16.10.254
200. add name=PoolVlan20 ranges=172.16.20.30-172.16.20.254
201. add name=PoolVlan30 ranges=172.16.30.30-172.16.30.254
202. add name=PoolVlan40 ranges=172.16.40.30-172.16.40.254
203. add name=PoolVlan9 ranges=172.16.9.30-172.16.9.254
204. add name=PoolVlan7 ranges=172.16.7.30-172.16.7.254
205. add name=PoolVlan4 ranges=172.16.4.30-172.16.4.254
206. add name=dhcp_pool10 ranges=172.16.5.30-172.16.5.254
207. /ip dhcp-server
208. add address-pool=PoolVlan2 disabled=no interface=ManagementVlan2 lease-time=\
209. 1d name=ServerdhcpVlan2
210. add address-pool=PoolVlan3 disabled=no interface="Network of ServersVlan3" \
211. lease-time=1d name=ServerdhcpVlan3
212. add address-pool=PoolVlan10 disabled=no interface=Stage1Vlan10 lease-time=1d \
213. name=ServerdhcpVlan10
214. add address-pool=PoolVlan20 disabled=no interface=BridgeStage2 lease-time=1d \
215. name=ServerdhcpVlan20
216. add address-pool=PoolVlan30 disabled=no interface=BridgeStage3 lease-time=1d \
217. name=ServerdhcpVlan30
218. add address-pool=PoolVlan40 disabled=no interface=BridgeStage4 lease-time=1d \
219. name=ServerdhcpVlan40
220. add address-pool=PoolVlan9 disabled=no interface=Teh.PersonalVlan9 \
221. lease-time=1d name=ServerdhcpVlan9
222. add address-pool=PoolVlan7 disabled=no interface=UnlimitedSpeedVlan7 \
223. lease-time=1d name=ServerdhcpVlan7
224. add address-pool=PoolVlan4 disabled=no interface=VideoVlan4 lease-time=1d \
225. name=ServerdhcpVlan4
226. /queue simple
227. add max-limit=3M/3M name=CompEkaterina target=172.16.9.38/32
228. add max-limit=3M/3M name=CompDizainer target=172.16.9.34/32
229. add max-limit=5M/5M name=FItnessReseption target=172.16.9.33/32
230. /queue tree
231. add disabled=yes max-limit=25M name=in parent=global
232. add disabled=yes max-limit=25M name=out parent=global
233. add disabled=yes max-limit=1M name=Web_in packet-mark=WEB_in parent=in \
234. priority=5
235. add disabled=yes max-limit=1M name=WEB_out packet-mark=WEB_out parent=out \
236. priority=5
237. /queue type
238. add kind=pcq name=" pcq-download-7M" pcq-classifier=dst-address \
239. pcq-dst-address6-mask=64 pcq-rate=7M pcq-src-address6-mask=64
240. add kind=pcq name=pcq-upload-7M pcq-classifier=src-address \
241. pcq-dst-address6-mask=64 pcq-rate=7M pcq-src-address6-mask=64
242. add kind=pcq name=SIP pcq-classifier=\
243. src-address,dst-address,src-port,dst-port pcq-dst-address6-mask=64 \
244. pcq-rate=100k pcq-src-address6-mask=64
245. /queue simple
246. add comment="Limit speed 7M/bit Stage 1" max-limit=50M/50M name=\
247. Stage1_queue-limit-7M_Vlan10 queue="pcq-upload-7M/ pcq-download-7M" \
248. target=Stage1Vlan10
249. add comment="Limit speed 7 M/bit Stage 2" max-limit=50M/50M name=\
250. Stage2_queue-limit-7M_Vlan20 queue="pcq-upload-7M/ pcq-download-7M" \
251. target=BridgeStage2
252. add comment="Limit speed 7 M/bit Stage 3" max-limit=50M/50M name=\
253. Stage3_queue-limit-7M_Vlan30 queue="pcq-upload-7M/ pcq-download-7M" \
254. target=BridgeStage3
255. add comment="Limit speed 7 M/bit Stage 4" max-limit=50M/50M name=\
256. Stage4_queue-limit-7M_Vlan40 queue="pcq-upload-7M/ pcq-download-7M" \
257. target=BridgeStage4
258. /queue tree
259. add disabled=yes max-limit=10M name=VPN_in packet-mark=PPTP_in,GRE_in parent=\
260. in priority=3 queue=pcq-download-default
261. add disabled=yes max-limit=10M name=VPN_out packet-mark=PPTP_out,GRE_out \
262. parent=out priority=3 queue=pcq-upload-default
263. add disabled=yes max-limit=2M name=SIP_in packet-mark=SIP_in parent=in \
264. priority=1 queue=SIP
265. add disabled=yes max-limit=2M name=SIP_out packet-mark=SIP_OUT parent=out \
266. priority=1 queue=SIP
267. add disabled=yes max-limit=2M name=VPN_SIP_in packet-mark=SIP_VPN_in parent=\
268. VPN_in priority=1 queue=SIP
269. add disabled=yes max-limit=2M name=VPN_SIP_out packet-mark=SIP_VPN_OUT \
270. parent=VPN_out priority=1 queue=SIP
271. add disabled=yes max-limit=10M name=VPN_WEB_in packet-mark=VPN_WEB_in parent=\
272. VPN_in priority=5 queue=pcq-download-default
273. add disabled=yes max-limit=10M name=VPN_WEB_out packet-mark=VPN_WEB_out \
274. parent=VPN_out priority=5 queue=pcq-download-default
275. /caps-man manager
276. set enabled=yes
277. /caps-man provisioning
278. add action=create-dynamic-enabled hw-supported-modes=gn master-configuration=\
279. cfg6_Stage2 radio-mac=64:D1:54:14:4B:7E
280. add action=create-dynamic-enabled hw-supported-modes=gn master-configuration=\
281. cfg11_Stage2 radio-mac=64:D1:54:25:29:D8
282. add action=create-dynamic-enabled hw-supported-modes=gn master-configuration=\
283. cfg11Stage3 radio-mac=64:D1:54:25:29:8A
284. add action=create-dynamic-enabled hw-supported-modes=gn master-configuration=\
285. cfg6Stage3 radio-mac=64:D1:54:44:C0:A6
286. add action=create-dynamic-enabled hw-supported-modes=gn master-configuration=\
287. cfg2Stage3 radio-mac=64:D1:54:44:C0:CA
288. add action=create-dynamic-enabled hw-supported-modes=gn master-configuration=\
289. cfg5Stage4 radio-mac=64:D1:54:49:BF:7E
290. add action=create-dynamic-enabled hw-supported-modes=gn master-configuration=\
291. cfg1Stage4 radio-mac=64:D1:54:46:D1:06
292. add action=create-dynamic-enabled hw-supported-modes=gn master-configuration=\
293. cfg11_Stage4 radio-mac=64:D1:54:EC:19:FA
294. add action=create-dynamic-enabled hw-supported-modes=gn master-configuration=\
295. cfg11_Stage2 radio-mac=64:D1:54:26:FA:42
296. add action=create-dynamic-enabled hw-supported-modes=gn master-configuration=\
297. cfg1Stage0 radio-mac=64:D1:54:F3:E6:F9
298. add action=create-dynamic-enabled hw-supported-modes=gn master-configuration=\
299. cfg1Stage2DublinBar radio-mac=CC:2D:E0:12:2C:2E
300. add action=create-dynamic-enabled hw-supported-modes=gn master-configuration=\
301. cfg1Stage0 radio-mac=CC:2D:E0:01:15:20
302. add action=create-dynamic-enabled hw-supported-modes=gn master-configuration=\
303. "cfg11Stage0Sauna\B93" radio-mac=CC:2D:E0:02:51:6F
304. add action=create-dynamic-enabled hw-supported-modes=gn master-configuration=\
305. cfg1_Stage2 radio-mac=CC:2D:E0:BE:73:6A
306. add action=create-dynamic-enabled hw-supported-modes=gn master-configuration=\
307. cfg1Stage3 radio-mac=CC:2D:E0:0A:6A:EC
308. /interface bridge port
309. add bridge=BridgeStage4 interface=Stage4Vlan40
310. add bridge=BridgeStage3 interface=Stage3Vlan30
311. add bridge=BridgeStage2 interface=Stage2Vlan20
312. /interface pptp-server server
313. set enabled=yes
314. /ip address
315. add address=172.16.1.1/24 comment="Network device management " interface=\
316. ManagementVlan2 network=172.16.1.0
317. add address=172.16.3.1/24 comment="Servers network" interface=\
318. "Network of ServersVlan3" network=172.16.3.0
319. add address=172.16.4.1/24 comment="Network video" interface=VideoVlan4 \
320. network=172.16.4.0
321. add address=172.16.7.1/24 comment="Unlimited speed" interface=\
322. UnlimitedSpeedVlan7 network=172.16.7.0
323. add address=172.16.9.1/24 comment=Personal interface=Teh.PersonalVlan9 \
324. network=172.16.9.0
325. add address=172.16.10.1/24 comment="Stage 1" interface=Stage1Vlan10 network=\
326. 172.16.10.0
327. add address=172.16.20.1/24 comment="Stage 2" interface=BridgeStage2 network=\
328. 172.16.20.0
329. add address=172.16.30.1/24 comment="Stage 3" interface=BridgeStage3 network=\
330. 172.16.30.0
331. add address=172.16.40.1/24 comment="Stage 4" interface=BridgeStage4 network=\
332. 172.16.40.0
333. add address=***********/24 comment="ISP 1 Rostelekom *********** " \
334. interface=ether6 network=85.172.120.0
335. /ip dhcp-client
336. add dhcp-options=hostname,clientid disabled=no interface=ether6
337. /ip dhcp-server alert
338. add disabled=no interface=ManagementVlan2
339. /ip dhcp-server lease
340. add address=172.16.9.33 always-broadcast=yes client-id=1:0:25:ab:1a:6:6c \
341. mac-address=00:25:AB:1A:06:6C server=ServerdhcpVlan9
342. add address=172.16.10.161 always-broadcast=yes client-id=1:0:6d:52:15:13:a3 \
343. mac-address=00:6D:52:15:13:A3 server=ServerdhcpVlan10
344. add address=172.16.9.51 always-broadcast=yes client-id=1:0:1b:67:15:8f:bd \
345. mac-address=00:1B:67:15:8F:BD server=ServerdhcpVlan9
346. add address=172.16.20.135 client-id=1:0:6d:52:15:13:a3 mac-address=\
347. 00:6D:52:15:13:A3 server=ServerdhcpVlan20
348. add address=172.16.9.50 client-id=1:90:2b:34:cf:94:af mac-address=\
349. 90:2B:34:CF:94:AF server=ServerdhcpVlan9
350. /ip dhcp-server network
351. add address=172.16.1.0/24 dns-server=172.16.1.1,8.8.8.8 gateway=172.16.1.1
352. add address=172.16.3.0/24 dns-server=172.16.3.1,8.8.8.8 gateway=172.16.3.1
353. add address=172.16.4.0/24 dns-server=172.16.4.1,8.8.8.8 gateway=172.16.4.1
354. add address=172.16.5.0/24 dns-server=172.16.5.1 gateway=172.16.5.1
355. add address=172.16.6.0/24 dns-server=172.16.6.1,8.8.8.8 gateway=172.16.6.1
356. add address=172.16.7.0/24 dns-server=172.16.7.1,8.8.8.8 gateway=172.16.7.1
357. add address=172.16.9.0/24 dns-server=172.16.9.1,8.8.8.8 gateway=172.16.9.1
358. add address=172.16.10.0/24 dns-server=172.16.10.1,8.8.8.8 gateway=172.16.10.1
359. add address=172.16.20.0/24 dns-server=172.16.20.1,8.8.8.8 gateway=172.16.20.1
360. add address=172.16.30.0/24 dns-server=172.16.30.1,8.8.8.8 gateway=172.16.30.1
361. add address=172.16.40.0/24 dns-server=172.16.40.1,8.8.8.8 gateway=172.16.40.1
362. /ip dns
363. set allow-remote-requests=yes servers=172.16.5.1,8.8.8.8
364. /ip firewall filter
365. add action=passthrough chain=unused-hs-chain comment=\
366. "place hotspot rules here" disabled=yes
367. add action=drop chain=input comment="DNS ROSTELEKOM" dst-port=53 \
368. in-interface=ether6 protocol=udp
369. add action=drop chain=input comment="DNS DOM.RU" dst-port=53 in-interface=\
370. pppoe-out1 protocol=udp
371. add action=drop chain=output comment="GOOGLE PING DENY 8.8.4.4" dst-address=\
372. 8.8.4.4 out-interface=pppoe-out1
373. add action=accept chain=input comment=Estabilished/Related connection-state=\
374. established,related
375. add action=accept chain=forward connection-state=established,related
376. add action=drop chain=forward comment=Invalid connection-state=invalid
377. add action=drop chain=input connection-state=invalid in-interface=ether6
378. add action=accept chain=forward comment=IpSec dst-port=500 protocol=udp
379. add action=accept chain=forward dst-port=4500 protocol=udp
380. add action=accept chain=input comment="Allow IPSec-esp" protocol=ipsec-esp
381. add action=accept chain=input comment="Allow IPSec-ah" protocol=ipsec-ah
382. add action=accept chain=input comment=WinBox dst-port=8291 in-interface=\
383. ether6 protocol=tcp
384. add action=accept chain=input comment="Allow ping" protocol=icmp
385. add action=accept chain=forward comment=Video dst-port=34567 protocol=tcp
386. add action=accept chain=forward dst-port=90 protocol=tcp
387. add action=accept chain=forward comment="IIS Server" dst-port=80 protocol=tcp
388. add action=accept chain=input comment=Iwinbox dst-port=8728 in-interface=\
389. ether6 protocol=tcp
390. add action=accept chain=input comment="Allow UDP" protocol=udp
391. /ip firewall mangle
392. add action=mark-connection chain=input comment=PPTP disabled=yes dst-port=\
393. 1723 new-connection-mark=PPTP_in passthrough=no protocol=tcp
394. add action=mark-packet chain=prerouting connection-mark=PPTP_in disabled=yes \
395. new-packet-mark=PPTP_out passthrough=no
396. add action=mark-connection chain=output disabled=yes new-connection-mark=\
397. PPTP_out passthrough=no protocol=tcp src-port=1723
398. add action=mark-packet chain=postrouting connection-mark=PPTP_out disabled=\
399. yes new-packet-mark=PPTP_in passthrough=no
400. add action=mark-connection chain=input comment=GRE disabled=yes \
401. new-connection-mark=GRE_in passthrough=no protocol=gre
402. add action=mark-packet chain=prerouting connection-mark=GRE_in disabled=yes \
403. new-packet-mark=GRE_out passthrough=no
404. add action=mark-connection chain=output disabled=yes new-connection-mark=\
405. GRE_out passthrough=no protocol=gre
406. add action=mark-packet chain=postrouting connection-mark=GRE_out disabled=yes \
407. new-packet-mark=GRE_in passthrough=no
408. add action=mark-connection chain=prerouting comment=WEB disabled=yes \
409. dst-port=80,443,8080 new-connection-mark=Web passthrough=no protocol=tcp
410. add action=mark-packet chain=forward connection-mark=Web disabled=yes \
411. new-packet-mark=VPN_WEB_in out-interface=all-ppp passthrough=no
412. add action=mark-packet chain=forward connection-mark=Web disabled=yes \
413. in-interface=all-ppp new-packet-mark=VPN_WEB_out passthrough=no
414. add action=mark-packet chain=forward connection-mark=Web disabled=yes \
415. in-interface=ether6 new-packet-mark=WEB_in passthrough=no
416. add action=mark-packet chain=forward connection-mark=Web disabled=yes \
417. new-packet-mark=WEB_out out-interface=ether6 passthrough=no
418. add action=mark-packet chain=forward comment=ALL disabled=yes \
419. new-packet-mark=VPN_ALL_in out-interface=all-ppp passthrough=no
420. add action=mark-packet chain=forward disabled=yes in-interface=all-ppp \
421. new-packet-mark=VPN_ALL_out passthrough=no
422. add action=mark-packet chain=forward disabled=yes in-interface=ether6 \
423. new-packet-mark=ALL_in passthrough=yes
424. add action=mark-packet chain=forward disabled=yes new-packet-mark=ALL_out \
425. out-interface=ether6 passthrough=yes
426. add action=mark-connection chain=prerouting comment=SIP disabled=yes \
427. dst-port=5060,36600-39999 new-connection-mark=sip passthrough=no \
428. protocol=udp
429. add action=mark-packet chain=forward connection-mark=sip disabled=yes \
430. new-packet-mark=SIP_VPN_in out-interface=all-ppp passthrough=no
431. add action=mark-packet chain=forward connection-mark=sip disabled=yes \
432. in-interface=all-ppp new-packet-mark=SIP_VPN_OUT passthrough=no
433. add action=mark-packet chain=forward connection-mark=sip disabled=yes \
434. in-interface=ether6 new-packet-mark=SIP_in passthrough=no
435. add action=mark-packet chain=forward connection-mark=sip disabled=yes \
436. new-packet-mark=SIP_OUT out-interface=ether6 passthrough=no
437. /ip firewall nat
438. add action=passthrough chain=unused-hs-chain comment=\
439. "place hotspot rules here" disabled=yes
440. add action=dst-nat chain=dstnat comment=ZABBIX dst-port=2255 in-interface=\
441. ether6 protocol=tcp to-addresses=172.16.3.9 to-ports=80
442. add action=dst-nat chain=dstnat comment="ZABBIX SSH" dst-port=2222 \
443. in-interface=ether6 protocol=tcp to-addresses=172.16.3.9 to-ports=22
444. add action=dst-nat chain=dstnat comment="Debian backup SSH" dst-port=2233 \
445. in-interface=ether6 protocol=tcp to-addresses=172.16.3.8 to-ports=22
446. add action=accept chain=srcnat comment=Adler disabled=yes dst-address=\
447. 172.18.1.0/24 src-address=172.16.1.0/24
448. add action=accept chain=srcnat comment=Moscow dst-address=100.65.224.0/24 \
449. src-address=172.16.3.0/24
450. add action=accept chain=srcnat comment=EREVAN dst-address=192.168.1.0/24 \
451. src-address=172.16.1.0/24
452. add action=accept chain=srcnat dst-address=192.168.1.0/24 src-address=\
453. 172.16.3.0/24
454. add action=accept chain=srcnat comment="BASE VOLGOGRAD" dst-address=\
455. 10.8.0.0/24 src-address=172.16.3.0/24
456. add action=dst-nat chain=dstnat comment="Terminal Server" dst-address-list="" \
457. dst-port=6988 protocol=tcp to-addresses=172.16.3.16 to-ports=3389
458. add action=dst-nat chain=dstnat comment="Apache Server" dst-port=80 \
459. in-interface=ether6 protocol=tcp to-addresses=172.16.3.6 to-ports=80
460. add action=dst-nat chain=dstnat comment="Video nat" dst-port=88 in-interface=\
461. ether6 protocol=tcp to-addresses=172.16.4.2 to-ports=34567
462. add action=dst-nat chain=dstnat dst-port=95 in-interface=ether6 protocol=tcp \
463. to-addresses=172.16.4.6 to-ports=34567
464. add action=dst-nat chain=dstnat dst-port=96 in-interface=ether6 protocol=tcp \
465. to-addresses=172.16.4.8 to-ports=34567
466. add action=dst-nat chain=dstnat dst-port=90 in-interface=ether6 protocol=tcp \
467. to-addresses=172.16.4.3 to-ports=90
468. add action=masquerade chain=srcnat comment="Nat rostelekom" out-interface=\
469. ether6
470. add action=masquerade chain=srcnat comment="Nat Dom.ru" out-interface=\
471. pppoe-out1
472. add action=masquerade chain=srcnat comment="masquerade hotspot network" \
473. src-address=172.16.5.0/24
474. /ip hotspot user
475. add name=admin
476. /ip ipsec peer
477. add address=213.234.25.92/32 dh-group=modp1536 exchange-mode=main-l2tp \
478. generate-policy=port-override passive=yes secret=***********
479. add address=93.94.221.180/32 dh-group=modp1536 exchange-mode=main-l2tp \
480. generate-policy=port-override passive=yes secret=***********
481. add address=194.114.128.135/32 dh-group=modp1536 disabled=yes secret=\
482. ***********
483. add address=178.236.241.126/32 dh-group=modp1536 disabled=yes secret=\
484. ***********
485. /ip ipsec policy
486. add disabled=yes dst-address=100.65.224.0/24 sa-dst-address=178.236.241.126 \
487. sa-src-address=*********** src-address=172.16.3.0/24 tunnel=yes
488. add dst-address=10.8.0.0/24 sa-dst-address=213.234.25.92 sa-src-address=\
489. *********** src-address=172.16.3.0/24 tunnel=yes
490. /ip route
491. add comment=ISP1 distance=3 gateway=85.172.120.101
492. add comment=ISP2 disabled=yes distance=2 gateway=pppoe-out1
493. add comment=GOOGLE distance=1 dst-address=8.8.4.4/32 gateway=85.172.120.101
494. /ip route rule
495. add action=unreachable dst-address=172.16.30.0/24 src-address=172.16.40.0/24
496. add action=unreachable dst-address=172.16.20.0/24 src-address=172.16.40.0/24
497. add action=unreachable dst-address=172.16.10.0/24 src-address=172.16.40.0/24
498. add action=unreachable dst-address=172.16.9.0/24 src-address=172.16.40.0/24
499. add action=unreachable dst-address=172.16.7.0/24 src-address=172.16.40.0/24
500. add action=unreachable dst-address=172.16.5.0/24 src-address=172.16.40.0/24
501. add action=unreachable dst-address=172.16.4.0/24 src-address=172.16.40.0/24
502. add action=unreachable dst-address=172.16.3.0/24 src-address=172.16.40.0/24
503. add action=unreachable dst-address=172.16.2.0/24 src-address=172.16.40.0/24
504. add action=unreachable dst-address=172.16.1.0/24 src-address=172.16.40.0/24
505. add action=unreachable dst-address=172.16.40.0/24 src-address=172.16.30.0/24
506. add action=unreachable dst-address=172.16.20.0/24 src-address=172.16.30.0/24
507. add action=unreachable dst-address=172.16.10.0/24 src-address=172.16.30.0/24
508. add action=unreachable dst-address=172.16.9.0/24 src-address=172.16.30.0/24
509. add action=unreachable dst-address=172.16.7.0/24 src-address=172.16.30.0/24
510. add action=unreachable dst-address=172.16.5.0/24 src-address=172.16.30.0/24
511. add action=unreachable dst-address=172.16.4.0/24 src-address=172.16.30.0/24
512. add action=unreachable dst-address=172.16.3.0/24 src-address=172.16.30.0/24
513. add action=unreachable dst-address=172.16.2.0/24 src-address=172.16.30.0/24
514. add action=unreachable dst-address=172.16.1.0/24 src-address=172.16.30.0/24
515. add action=unreachable dst-address=172.16.40.0/24 src-address=172.16.20.0/24
516. add action=unreachable dst-address=172.16.30.0/24 src-address=172.16.20.0/24
517. add action=unreachable dst-address=172.16.10.0/24 src-address=172.16.20.0/24
518. add action=unreachable dst-address=172.16.9.0/24 src-address=172.16.20.0/24
519. add action=unreachable dst-address=172.16.7.0/24 src-address=172.16.20.0/24
520. add action=unreachable dst-address=172.16.5.0/24 src-address=172.16.20.0/24
521. add action=unreachable dst-address=172.16.4.0/24 src-address=172.16.20.0/24
522. add action=unreachable dst-address=172.16.3.0/24 src-address=172.16.20.0/24
523. add action=unreachable dst-address=172.16.2.0/24 src-address=172.16.20.0/24
524. add action=unreachable dst-address=172.16.1.0/24 src-address=172.16.20.0/24
525. add action=unreachable dst-address=172.16.40.0/24 src-address=172.16.10.0/24
526. add action=unreachable dst-address=172.16.30.0/24 src-address=172.16.10.0/24
527. add action=unreachable dst-address=172.16.20.0/24 src-address=172.16.10.0/24
528. add action=unreachable dst-address=172.16.9.0/24 src-address=172.16.10.0/24
529. add action=unreachable dst-address=172.16.7.0/24 src-address=172.16.10.0/24
530. add action=unreachable dst-address=172.16.5.0/24 src-address=172.16.10.0/24
531. add action=unreachable dst-address=172.16.4.0/24 src-address=172.16.10.0/24
532. add action=unreachable dst-address=172.16.3.0/24 src-address=172.16.10.0/24
533. add action=unreachable dst-address=172.16.2.0/24 src-address=172.16.10.0/24
534. add action=unreachable dst-address=172.16.1.0/24 src-address=172.16.10.0/24
535. add action=unreachable dst-address=172.16.40.0/24 src-address=172.16.9.0/24
536. add action=unreachable dst-address=172.16.30.0/24 src-address=172.16.9.0/24
537. add action=unreachable dst-address=172.16.20.0/24 src-address=172.16.9.0/24
538. add action=unreachable dst-address=172.16.10.0/24 src-address=172.16.9.0/24
539. add action=unreachable dst-address=172.16.7.0/24 src-address=172.16.9.0/24
540. add action=unreachable dst-address=172.16.5.0/24 src-address=172.16.9.0/24
541. add action=unreachable dst-address=172.16.40.0/24 src-address=172.16.7.0/24
542. add action=unreachable dst-address=172.16.30.0/24 src-address=172.16.7.0/24
543. add action=unreachable dst-address=172.16.20.0/24 src-address=172.16.7.0/24
544. add action=unreachable dst-address=172.16.10.0/24 src-address=172.16.7.0/24
545. add action=unreachable dst-address=172.16.9.0/24 src-address=172.16.7.0/24
546. add action=unreachable dst-address=172.16.5.0/24 src-address=172.16.7.0/24
547. add action=unreachable dst-address=172.16.4.0/24 src-address=172.16.7.0/24
548. add action=unreachable dst-address=172.16.3.0/24 src-address=172.16.7.0/24
549. add action=unreachable dst-address=172.16.2.0/24 src-address=172.16.7.0/24
550. add action=unreachable dst-address=172.16.1.0/24 src-address=172.16.7.0/24
551. add action=unreachable dst-address=172.16.40.0/24 src-address=172.16.5.0/24
552. add action=unreachable dst-address=172.16.30.0/24 src-address=172.16.5.0/24
553. add action=unreachable dst-address=172.16.20.0/24 src-address=172.16.5.0/24
554. add action=unreachable dst-address=172.16.10.0/24 src-address=172.16.5.0/24
555. add action=unreachable dst-address=172.16.9.0/24 src-address=172.16.5.0/24
556. add action=unreachable dst-address=172.16.7.0/24 src-address=172.16.5.0/24
557. add action=unreachable dst-address=172.16.4.0/24 src-address=172.16.5.0/24
558. add action=unreachable dst-address=172.16.3.0/24 src-address=172.16.5.0/24
559. add action=unreachable dst-address=172.16.2.0/24 src-address=172.16.5.0/24
560. add action=unreachable dst-address=172.16.1.0/24 src-address=172.16.5.0/24
561. add action=unreachable dst-address=172.16.40.0/24 src-address=172.16.4.0/24
562. add action=unreachable dst-address=172.16.30.0/24 src-address=172.16.4.0/24
563. add action=unreachable dst-address=172.16.20.0/24 src-address=172.16.4.0/24
564. add action=unreachable dst-address=172.16.10.0/24 src-address=172.16.4.0/24
565. add action=unreachable dst-address=172.16.7.0/24 src-address=172.16.4.0/24
566. add action=unreachable dst-address=172.16.5.0/24 src-address=172.16.4.0/24
567. add action=unreachable disabled=yes dst-address=172.16.3.0/24 src-address=\
568. 172.16.4.0/24
569. add action=unreachable disabled=yes dst-address=172.16.1.0/24 src-address=\
570. 172.16.4.0/24
571. add action=unreachable dst-address=172.16.40.0/24 src-address=172.16.3.0/24
572. add action=unreachable dst-address=172.16.30.0/24 src-address=172.16.3.0/24
573. add action=unreachable dst-address=172.16.20.0/24 src-address=172.16.3.0/24
574. add action=unreachable dst-address=172.16.10.0/24 src-address=172.16.3.0/24
575. add action=unreachable dst-address=172.16.40.0/24 src-address=172.16.1.0/24
576. add action=unreachable dst-address=172.16.30.0/24 src-address=172.16.1.0/24
577. add action=unreachable dst-address=172.16.20.0/24 src-address=172.16.1.0/24
578. add action=unreachable dst-address=172.16.10.0/24 src-address=172.16.1.0/24
579. add action=unreachable dst-address=172.16.7.0/24 src-address=172.16.1.0/24
580. add action=unreachable disabled=yes dst-address=172.16.4.0/24 src-address=\
581. 172.16.1.0/24
582. add action=unreachable dst-address=172.16.5.0/24 src-address=172.16.1.0/24
583. /ip service
584. set telnet disabled=yes
585. set ftp disabled=yes
586. set www disabled=yes port=99
587. set ssh disabled=yes
588. set api disabled=yes
589. set winbox address=\
590. 172.16.9.0/24,172.16.3.0/24,213.234.25.92/32,178.236.242.126/32
591. set api-ssl disabled=yes
592. /ppp secret
593. add local-address=172.16.9.1 name=*********** password=*********** remote-address=\
594. 172.16.9.29 service=pptp
595. add disabled=yes local-address=172.16.9.1 name=*********** password=*********** \
596. remote-address=172.16.9.28 service=pptp
597. add disabled=yes local-address=172.16.9.1 name=*********** password=*********** \
598. remote-address=172.16.9.26 service=pptp
599. /snmp
600. set enabled=yes
601. /system clock
602. set time-zone-name=Europe/Volgograd
603. /system clock manual
604. set time-zone=+03:00
605. /system identity
606. set name="MikroTik ***********"
607. /system ntp client
608. set enabled=yes primary-ntp=88.147.254.232 secondary-ntp=91.226.136.155 \
609. server-dns-names=ntp1.stratum2.ru
610. /system scheduler
611. add interval=1w3d name=Reboot on-event=" /system reboot" policy=\
612. ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
613. start-date=oct/17/2017 start-time=03:00:00
614. add interval=5d name=BackupRouter*********** on-event=\
615. "/system script run ScriptBackup" policy=\
616. ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
617. start-date=nov/02/2017 start-time=23:00:24
618. /system script
619. add name=ScriptBackup owner=*********** policy=\
620. ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source="{\
621. \r\
622. \n:log info \"Starting Backup Script...\";\r\
623. \n:local sysname [/system identity get name];\r\
624. \n:local sysver [/system package get system version];\r\
625. \n:log info \"Flushing DNS cache...\";\r\
626. \n/ip dns cache flush;\r\
627. \n:delay 2;\r\
628. \n:log info \"Deleting last Backups...\";\r\
629. \n:foreach i in=[/file find] do={:if ([:typeof [:find [/file get \$i name]\
630. \_\\\r\
631. \n\"\$sysname-backup-\"]]!=\"nil\") do={/file remove \$i}};\r\
632. \n:delay 2;\r\
633. \n:local smtpserv [:resolve \"smtp.yandex.ru\"];\r\
634. \n:local Eaccount \"[email protected]\";\r\
635. \n:local pass \"***********\";\r\
636. \n:local backupfile (\"\$sysname-backup-\" . \\\r\
637. \n[:pick [/system clock get date] 7 11] . [:pick [/system \\\r\
638. \nclock get date] 0 3] . [:pick [/system clock get date] 4 6] . \".backup\
639. \");\r\
640. \n:log info \"Creating new Full Backup file...\";\r\
641. \n/system backup save name=\$backupfile;\r\
642. \n:delay 2;\r\
643. \n:log info \"Sending Full Backup file via E-mail...\";\r\
644. \n/tool e-mail send from=\"<\$Eaccount>\" to=\$Eaccount server=\$smtpserv \
645. \\\r\
646. \nport=587 user=\$Eaccount password=\$pass start-tls=yes file=\$backupfile\
647. \_\\\r\
648. \nsubject=(\"\$sysname Full Backup (\" . [/system clock get date] . \")\")\
649. \_\\\r\
650. \nbody=(\"\$sysname full Backup file see in attachment.\\nRouterOS version\
651. : \\\r\
652. \n\$sysver\\nTime and Date stamp: \" . [/system clock get time] . \" \" . \
653. \\\r\
654. \n[/system clock get date]);\r\
655. \n:delay 5;\r\
656. \n:local exportfile (\"\$sysname-backup-\" . \\\r\
657. \n[:pick [/system clock get date] 7 11] . [:pick [/system \\\r\
658. \nclock get date] 0 3] . [:pick [/system clock get date] 4 6] . \".rsc\");\
659. \r\
660. \n:log info \"Creating new Setup Script file...\";\r\
661. \n/export verbose file=\$exportfile;\r\
662. \n:delay 2;\r\
663. \n:log info \"Sending Setup Script file via E-mail...\";\r\
664. \n/tool e-mail send from=\"<\$Eaccount>\" to=\$Eaccount server=\$smtpserv \
665. \\\r\
666. \nport=587 user=\$Eaccount password=\$pass start-tls=yes file=\$exportfile\
667. \_\\\r\
668. \nsubject=(\"\$sysname Setup Script Backup (\" . [/system clock get date] \
669. . \\\r\
670. \n\")\") body=(\"\$sysname Setup Script file see in attachment.\\nRouterOS\
671. \_\\\r\
672. \nversion: \$sysver\\nTime and Date stamp: \" . [/system clock get time] .\
673. \_\" \\\r\
674. \n\" . [/system clock get date]);\r\
675. \n:delay 5;\r\
676. \n:log info \"All System Backups emailed successfully.\\nBackuping complet\
677. ed.\";\r\
678. \n}\r\
679. \n"
680. add name=Enable_sms owner=*********** policy=\
681. ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=\
682. "/tool sms set receive-enabled=yes\r\
683. \n"
684. add name=Reboot owner=*********** policy=\
685. ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source="/\
686. tool sms send usb3 channel=3 \"+7***********\" message=\"Rebooting Mikrotik\
687. ...\"; \r\
688. \n:delay 5s; \r\
689. \n/system reboot"
690. add name=Reboot_interfaces3 owner=*********** policy=\
691. ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=":\
692. log warning (\"Rebooting interfaces\");\r\
693. \n /tool sms send usb3 channel=3 \"+7***********\" message=\"Rebooting inte\
694. rfaces3...\"; \r\
695. \n/interface ethernet set ether3 disabled=yes; :delay 15s; \r\
696. \n/interface ethernet set ether3 disabled=no;"
697. add name=Reboot_interfaces4 owner=*********** policy=\
698. ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=":\
699. log warning (\"Rebooting interfaces4\"); /tool sms send usb3 channel=3 \"+\
700. 7***********\" message=\"Rebooting interfaces4...\"; /interface ethernet se\
701. t ether4 disabled=yes; :delay 15s; \r\
702. \n/interface ethernet set ether4 disabled=no"
703. add name=Down_interfaces3 owner=*********** policy=\
704. ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=":\
705. log warning (\"Down interfaces3\");\r\
706. \n /tool sms send usb3 channel=3 \"+7***********\" message=\"Down interface\
707. s3...\"; \r\
708. \n/interface ethernet set ether3 disabled=yes"
709. add name=UP_interfaces3 owner=*********** policy=\
710. ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=":\
711. log warning (\"UP interfaces3\");\r\
712. \n/tool sms send usb3 channel=3 \"+7***********\" message=\"UP interfaces3.\
713. ..\"; \r\
714. \n/interface ethernet set ether3 disabled=no"
715. /tool bandwidth-server
716. set authenticate=no
717. /tool e-mail
718. set [email protected] password=*********** start-tls=yes user=\
719. [email protected]
720. /tool netwatch
721. add down-script="/ip route enable [find comment=\"ISP2\"]\r\
722. \n/tool e-mail send server=smtp.yandex.ru port=25 user=ZabbixServer***********@ya\
723. ndex.ru password=*********** [email protected] from=\"MikroTIK3011RI\
724. NG<ZabbixServer***********@yandex.ru>\" \\\r\
725. \nsubject=\"MikroTIK3011***********: \$[/system clock get date], \$[/system clock\
726. \_get time]\" \\\r\
727. \nbody=\"\CF\E5\F0\E5\EA\EB\FE\F7\E5\ED\E8\E5 \ED\E0 \EE\F1\ED\EE\E2\ED\EE\
728. \E9 \EA\E0\ED\E0\EB\\n\C4\E0\F2\E0: \$[/system clock get date]\\nA\C2\F0\
729. \E5\EC\FF: \$[/system clock get time]\";" host=8.8.4.4 up-script="/ip rout\
730. e disable [find comment=\"ISP2\"]\r\
731. \n/tool e-mail send server=smtp.yandex.ru port=25 user=ZabbixServer***********@ya\
732. ndex.ru password=*********** [email protected] from=\"MikroTIK3011RI\
733. NG<ZabbixServer***********@yandex.ru>\" \\\r\
734. \nsubject=\"MikroTIK3011***********: \$[/system clock get date], \$[/system clock\
735. \_get time]\" \\\r\
736. \nbody=\"\CF\E5\F0\E5\EA\EB\FE\F7\E5\ED\E8\E5 \ED\E0 \F0\E5\E7\E5\F0\E2\ED\
737. \FB\E9 \EA\E0\ED\E0\EB\\n\C4\E0\F2\E0: \$[/system clock get date]\\nA\C2\
738. \F0\E5\EC\FF: \$[/system clock get time]\";"