API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Oct 4th, 2017
129
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.90 KB | None | 0 0
raw download clone embed print report
  1. /system identity set name=gw
  2. /system clock set time-zone-name=Europe/Moscow
  3. /system ntp client set enabled=yes primary-ntp=194.190.168.1 secondary-ntp=93.180.6.3
  4. /system routerboard settings set init-delay=1s silent-boot=yes
  5. /system logging action set 1 disk-file-name=/disk1/log
  6. /system logging
  7. set 0 action=disk
  8. set 1 action=disk
  9. set 2 action=disk
  10. /system watchdog set automatic-supout=no
  11. /interface ethernet
  12. set [ find default-name=ether2 ] l2mtu=1600 name=lan-1
  13. set [ find default-name=ether3 ] l2mtu=1600 master-port=lan-1 name=lan-2
  14. set [ find default-name=ether4 ] l2mtu=1600 master-port=lan-1 name=lan-3
  15. set [ find default-name=ether5 ] l2mtu=1600 master-port=lan-1 name=lan-4
  16. set [ find default-name=ether1 ] l2mtu=1600 name=wan
  17. /interface pppoe-client
  18. add add-default-route=yes disabled=no interface=wan keepalive-timeout=disabled \
  19. max-mru=1492 max-mtu=1492 name=pppoe password=<PASSWORD> user=<LOGIN>
  20. /interface wireless security-profiles
  21. set [ find default=yes ] supplicant-identity=MikroTik
  22. add authentication-types=wpa2-psk eap-methods="" mode=dynamic-keys name=profile1 \
  23. supplicant-identity="" wpa2-pre-shared-key=<PASSWORD>
  24. /interface wireless
  25. set [ find default-name=wlan1 ] adaptive-noise-immunity=ap-and-client-mode \
  26. band=2ghz-b/g/n country=russia2 disabled=no distance=indoors frequency=2447 \
  27. frequency-mode=regulatory-domain guard-interval=long hw-protection-mode=rts-cts \
  28. mode=ap-bridge name=wlan security-profile=profile1 ssid=Open-Sky wireless-protocol=802.11 \
  29. wmm-support=enabled wps-mode=disabled
  30. /interface wireless nstreme set wlan enable-polling=no
  31. /interface bridge add arp=reply-only mtu=1500 name=bridge-lan
  32. /interface bridge port
  33. add bridge=bridge-lan interface=wlan
  34. add bridge=bridge-lan interface=lan-1
  35. /ip address add address=172.16.0.1/24 interface=bridge-lan network=172.16.0.0
  36. /ip dns set servers=8.8.8.8,8.8.4.4
  37. /ip pool add name=lan-ip-pool ranges=172.16.0.2-172.16.0.254
  38. /ip dhcp-server add add-arp=yes address-pool=lan-ip-pool disabled=no interface=bridge-lan lease-time=12h name=dhcp1
  39. /ip dhcp-server network add address=172.16.0.0/24 dns-server=8.8.8.8,8.8.4.4 gateway=172.16.0.1 netmask=24
  40. /ip dhcp-client add dhcp-options=hostname,clientid disabled=no interface=wan use-peer-dns=no use-peer-ntp=no
  41. /ip cloud set ddns-enabled=yes update-time=no
  42. /ip firewall filter
  43. add action=drop chain=input connection-state=invalid
  44. add action=drop chain=forward connection-state=invalid
  45. add action=accept chain=input connection-state=established,related in-interface=pppoe
  46. add action=drop chain=input in-interface=pppoe
  47. add action=fasttrack-connection chain=forward connection-state=established,related
  48. add action=accept chain=forward connection-state=established,related in-interface=pppoe
  49. add action=drop chain=forward in-interface=pppoe
  50. add action=accept chain=input connection-state=established,related in-interface=wan
  51. add action=drop chain=input in-interface=wan
  52. add action=accept chain=forward connection-state=established,related in-interface=wan
  53. add action=drop chain=forward in-interface=wan
  54. /ip firewall nat
  55. add action=masquerade chain=srcnat out-interface=wan
  56. add action=masquerade chain=srcnat out-interface=pppoe
  57. /ip neighbor discovery
  58. :foreach i in=[find] do={set $i discover=no}
  59. /ip firewall service-port
  60. :foreach i in=[find] do={set $i disabled=yes}
  61. /ip service
  62. set telnet disabled=yes
  63. set ftp disabled=yes
  64. set www disabled=yes
  65. set ssh disabled=yes
  66. set api disabled=yes
  67. set winbox address=172.16.0.0/24
  68. set api-ssl disabled=yes
  69. /ip upnp set enabled=yes
  70. /ip upnp interfaces
  71. add type=external interface=pppoe
  72. add type=internal interface=bridge-lan
  73. /tool mac-server set [ find default=yes ] disabled=yes
  74. /tool mac-server ping set enabled=no
  75. /tool mac-server mac-winbox set [ find default=yes ] disabled=yes
  76. /tool bandwidth-server set enabled=no
  77. /user
  78. add name=cerberus group=full password=<PASSWORD>
  79. set 0 disabled=yes
  80. :beep frequency=1000 length=250ms
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!