Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- /system identity set name=gw
- /system clock set time-zone-name=Europe/Moscow
- /system ntp client set enabled=yes primary-ntp=194.190.168.1 secondary-ntp=93.180.6.3
- /system routerboard settings set init-delay=1s silent-boot=yes
- /system logging action set 1 disk-file-name=/disk1/log
- /system logging
- set 0 action=disk
- set 1 action=disk
- set 2 action=disk
- /system watchdog set automatic-supout=no
- /interface ethernet
- set [ find default-name=ether2 ] l2mtu=1600 name=lan-1
- set [ find default-name=ether3 ] l2mtu=1600 master-port=lan-1 name=lan-2
- set [ find default-name=ether4 ] l2mtu=1600 master-port=lan-1 name=lan-3
- set [ find default-name=ether5 ] l2mtu=1600 master-port=lan-1 name=lan-4
- set [ find default-name=ether1 ] l2mtu=1600 name=wan
- /interface pppoe-client
- add add-default-route=yes disabled=no interface=wan keepalive-timeout=disabled \
- max-mru=1492 max-mtu=1492 name=pppoe password=<PASSWORD> user=<LOGIN>
- /interface wireless security-profiles
- set [ find default=yes ] supplicant-identity=MikroTik
- add authentication-types=wpa2-psk eap-methods="" mode=dynamic-keys name=profile1 \
- supplicant-identity="" wpa2-pre-shared-key=<PASSWORD>
- /interface wireless
- set [ find default-name=wlan1 ] adaptive-noise-immunity=ap-and-client-mode \
- band=2ghz-b/g/n country=russia2 disabled=no distance=indoors frequency=2447 \
- frequency-mode=regulatory-domain guard-interval=long hw-protection-mode=rts-cts \
- mode=ap-bridge name=wlan security-profile=profile1 ssid=Open-Sky wireless-protocol=802.11 \
- wmm-support=enabled wps-mode=disabled
- /interface wireless nstreme set wlan enable-polling=no
- /interface bridge add arp=reply-only mtu=1500 name=bridge-lan
- /interface bridge port
- add bridge=bridge-lan interface=wlan
- add bridge=bridge-lan interface=lan-1
- /ip address add address=172.16.0.1/24 interface=bridge-lan network=172.16.0.0
- /ip dns set servers=8.8.8.8,8.8.4.4
- /ip pool add name=lan-ip-pool ranges=172.16.0.2-172.16.0.254
- /ip dhcp-server add add-arp=yes address-pool=lan-ip-pool disabled=no interface=bridge-lan lease-time=12h name=dhcp1
- /ip dhcp-server network add address=172.16.0.0/24 dns-server=8.8.8.8,8.8.4.4 gateway=172.16.0.1 netmask=24
- /ip dhcp-client add dhcp-options=hostname,clientid disabled=no interface=wan use-peer-dns=no use-peer-ntp=no
- /ip cloud set ddns-enabled=yes update-time=no
- /ip firewall filter
- add action=drop chain=input connection-state=invalid
- add action=drop chain=forward connection-state=invalid
- add action=accept chain=input connection-state=established,related in-interface=pppoe
- add action=drop chain=input in-interface=pppoe
- add action=fasttrack-connection chain=forward connection-state=established,related
- add action=accept chain=forward connection-state=established,related in-interface=pppoe
- add action=drop chain=forward in-interface=pppoe
- add action=accept chain=input connection-state=established,related in-interface=wan
- add action=drop chain=input in-interface=wan
- add action=accept chain=forward connection-state=established,related in-interface=wan
- add action=drop chain=forward in-interface=wan
- /ip firewall nat
- add action=masquerade chain=srcnat out-interface=wan
- add action=masquerade chain=srcnat out-interface=pppoe
- /ip neighbor discovery
- :foreach i in=[find] do={set $i discover=no}
- /ip firewall service-port
- :foreach i in=[find] do={set $i disabled=yes}
- /ip service
- set telnet disabled=yes
- set ftp disabled=yes
- set www disabled=yes
- set ssh disabled=yes
- set api disabled=yes
- set winbox address=172.16.0.0/24
- set api-ssl disabled=yes
- /ip upnp set enabled=yes
- /ip upnp interfaces
- add type=external interface=pppoe
- add type=internal interface=bridge-lan
- /tool mac-server set [ find default=yes ] disabled=yes
- /tool mac-server ping set enabled=no
- /tool mac-server mac-winbox set [ find default=yes ] disabled=yes
- /tool bandwidth-server set enabled=no
- /user
- add name=cerberus group=full password=<PASSWORD>
- set 0 disabled=yes
- :beep frequency=1000 length=250ms
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement