API tools faq
paste
Guest User

Blah blah

a guest
Apr 22nd, 2025
46
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 18.95 KB | None | 0 0
raw download clone embed print report
  1.  
  2. # model = CCR1009-8G-1S
  3. /interface bridge
  4. add add-dhcp-option82=yes arp=proxy-arp comment=BRIDGE dhcp-snooping=yes \
  5. fast-forward=no name=bridge1
  6. /interface ethernet
  7. set [ find default-name=ether1 ] mac-address=E4:8D:8C:7F:BF:70 speed=100Mbps
  8. set [ find default-name=ether2 ] mac-address=E4:8D:8C:7F:BF:71 speed=100Mbps
  9. set [ find default-name=ether3 ] mac-address=E4:8D:8C:7F:BF:72 speed=100Mbps
  10. set [ find default-name=ether4 ] mac-address=E4:8D:8C:7F:BF:73 speed=100Mbps
  11. set [ find default-name=ether5 ] advertise=\
  12. 10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full mac-address=\
  13. E4:8D:8C:7F:BF:74 speed=100Mbps
  14. set [ find default-name=ether6 ] mac-address=E4:8D:8C:7F:BF:75 speed=100Mbps
  15. set [ find default-name=ether7 ] advertise=100M-full comment=WAN2 \
  16. mac-address=E4:8D:8C:7F:BF:76 speed=100Mbps
  17. set [ find default-name=ether8 ] advertise=\
  18. 10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full mac-address=\
  19. E4:8D:8C:7F:BF:77 speed=100Mbps
  20. set [ find default-name=sfp1 ] advertise="10M-half,10M-full,100M-half,100M-ful\
  21. l,1000M-half,1000M-full,2500M-full,5000M-full,10000M-full" \
  22. auto-negotiation=no comment=WAN1 mac-address=E4:8D:8C:7F:BF:6F
  23. /ip firewall layer7-protocol
  24. add name=HC regexp="^.+(youtube.com|instagram.com|facebook.com).*\$"
  25. /ip ipsec profile
  26. set [ find default=yes ] dh-group="ecp256,ecp384,ecp521,ec2n185,ec2n155,modp81\
  27. 92,modp6144,modp4096,modp3072,modp2048,modp1536,modp1024,modp768" \
  28. enc-algorithm=\
  29. aes-256,camellia-256,aes-192,camellia-192,aes-128,camellia-128,blowfish
  30. /ip ipsec proposal
  31. set [ find default=yes ] auth-algorithms=sha512,sha256,sha1 enc-algorithms="ae\
  32. s-256-cbc,aes-256-ctr,aes-256-gcm,camellia-256,aes-192-cbc,aes-192-ctr,aes\
  33. -192-gcm,camellia-192,aes-128-cbc,aes-128-ctr,aes-128-gcm,camellia-128"
  34. /ip pool
  35. add name=XXXXXX ranges=192.168.244.11-192.168.244.253
  36. add name=XXXXXX ranges=192.168.252.13-192.168.252.19
  37. add name=XXXXXX ranges=192.168.251.45-192.168.251.99
  38. add name=XXXXXX ranges=192.168.254.112-192.168.254.130
  39. add name=XXXXXX ranges=192.168.100.215-192.168.100.216
  40. add name=XXXXXX ranges=192.168.250.100-192.168.250.129
  41. /ip dhcp-server
  42. add address-pool="XXXXXX" disabled=no interface=bridge1 name=dhcp1 \
  43. parent-queue="XXXXXX"
  44. /snmp community
  45. set [ find default=yes ] addresses=192.168.100.211/32,192.168.100.213/32 \
  46. disabled=yes name=XXXXXX-snmp-community-little-things-come-true
  47. /system logging action
  48. set 3 remote=192.168.100.201 src-address=192.168.100.254
  49. /user group
  50. set read policy="local,reboot,read,test,winbox,password,sniff,!telnet,!ssh,!ft\
  51. p,!write,!policy,!web,!sensitive,!api,!romon,!dude,!tikapp"
  52. set write policy="local,ssh,reboot,read,write,test,winbox,password,sniff,sensi\
  53. tive,romon,tikapp,!telnet,!ftp,!policy,!web,!api,!dude"
  54. /caps-man manager
  55. set ca-certificate=auto certificate=auto
  56. /caps-man manager interface
  57. set [ find default=yes ] forbid=yes
  58. add disabled=no interface=bridge1
  59. /caps-man provisioning
  60. add action=create-dynamic-enabled master-configuration=XXXXXX
  61. /interface bridge port
  62. add bridge=bridge1 interface=ether2
  63. add bridge=bridge1 interface=ether3
  64. add bridge=bridge1 interface=ether4
  65. add bridge=bridge1 interface=ether5
  66. add bridge=bridge1 interface=ether8
  67. add bridge=bridge1 interface=ether6
  68. add bridge=bridge1 interface=ether1
  69. /interface bridge settings
  70. set use-ip-firewall=yes
  71. /ip neighbor discovery-settings
  72. set discover-interface-list=none protocol=""
  73. /ip settings
  74. set tcp-syncookies=yes
  75. /interface l2tp-server server
  76. set allow-fast-path=yes default-profile=default enabled=yes use-ipsec=\
  77. required
  78. /interface ovpn-server server
  79. set auth=sha1 certificate=server-certificate cipher=\
  80. blowfish128,aes128,aes192,aes256 default-profile=XXXXXX enabled=yes \
  81. require-client-certificate=yes
  82. /interface pptp-server server
  83. set default-profile=default
  84. /ip address
  85. add address=192.168.100.254/24 comment=XXXXXX interface=bridge1 network=\
  86. 192.168.100.0
  87. add address=XXXXXX/30 interface=ether7 network=XXXXXX
  88. add address=192.168.253.254/24 comment="XXXXXX" interface=\
  89. "XXXXXX" network=192.168.253.0
  90. add address=192.168.254.254/24 comment=XXXXXX interface=bridge1 network=\
  91. 192.168.254.0
  92. add address=XXXXXX/29 comment="XXXXXX XXXXXX XXXXXX" interface=sfp1 network=\
  93. XXXXXX
  94. add address=XXXXXX/30 interface=sfp1 network=XXXXXX
  95. add address=192.168.253.254/24 interface=XXXXXX" network=192.168.253.0
  96. add address=192.168.248.254/24 interface="XXXXXX" network=192.168.248.0
  97. add address=192.168.253.254/24 interface="XXXXXX" network=192.168.253.0
  98. add address=192.168.249.254/24 interface="XXXXXX" network=192.168.249.0
  99. add address=192.168.253.254/24 interface="XXXXXX" network=192.168.253.0
  100. add address=XXXXXX/29 interface=sfp1 network=XXXXXX
  101. add address=192.168.252.254/24 comment=XXXXXX interface=bridge1 network=\
  102. 192.168.252.0
  103. add address=XXXXXX/29 interface=sfp1 network=XXXXXX
  104. add address=192.168.251.254/24 comment="XXXXXX" interface=bridge1 \
  105. network=192.168.251.0
  106. add address=XXXXXX/29 interface=sfp1 network=XXXXXX
  107. add address=192.168.249.254/24 interface="XXXXXX" network=192.168.249.0
  108. add address=192.168.247.254/24 comment="XXXXXX" interface=\
  109. "Kosova 1.1" network=192.168.247.0
  110. add address=192.168.249.254/24 interface="XXXXXX" network=192.168.249.0
  111. add address=192.168.250.254/24 comment=XXXXXX interface=bridge1 \
  112. network=192.168.250.0
  113. add address=10.124.231.129/26 comment="XXXXXX" interface=ether6 \
  114. network=10.124.231.128
  115. add address=192.168.249.254/24 interface="XXXXXX" network=192.168.249.0
  116. add address=XXXXXX/29 comment="XXXXXX" interface=ether7 \
  117. network=XXXXXX
  118. add address=XXXXXX/29 interface=ether7 network=XXXXXX
  119. add address=192.168.244.254/24 comment=LAN-DHCP interface=bridge1 network=\
  120. 192.168.244.0
  121. add address=XXXXXX/29 interface=ether7 network=XXXXXX
  122. add address=XXXXXX/29 interface=ether7 network=XXXXXX
  123. add address=192.168.247.254/24 interface="XXXXXX 1.2" network=192.168.247.0
  124. add address=192.168.248.254/24 interface="XXXXXX 1.2" network=192.168.248.0
  125. add address=192.168.247.254/24 interface="XXXXXX 2.1" network=192.168.247.0
  126. add address=192.168.247.254/24 interface="XXXXXX 2.2" network=192.168.247.0
  127. add address=192.168.248.254/24 interface="XXXXXX 2.1" network=192.168.248.0
  128. add address=192.168.248.254/24 interface="XXXXXX 2.2" network=192.168.248.0
  129. add address=192.168.241.254/24 comment=XXXXXX interface=bridge1 \
  130. network=192.168.241.0
  131. /ip cloud
  132. set update-time=no
  133. /ip dhcp-relay
  134. add dhcp-server=192.168.100.200 disabled=no interface=bridge1 name=XXXXXX
  135. /ip dhcp-server network
  136. add address=192.168.100.0/24 dns-server=192.168.100.254,192.168.100.200 \
  137. domain=XXXXXXXXXXXX gateway=192.168.100.254
  138. add address=192.168.244.0/24 dns-server=192.168.100.200,1.1.1.3 domain=\
  139. XXXXXXXXXXXX gateway=192.168.244.254
  140. add address=192.168.250.0/24 dns-server=\
  141. 192.168.100.201,192.168.250.254,8.8.8.8 domain=XXXXXX gateway=\
  142. 192.168.250.254
  143. add address=192.168.251.0/24 dns-server=\
  144. 192.168.100.201,192.168.251.254,8.8.8.8 domain=XXXXXX gateway=\
  145. 192.168.251.254
  146. add address=192.168.252.0/24 dns-server=\
  147. 192.168.100.201,192.168.252.254,8.8.8.8 domain=XXXXXX gateway=\
  148. 192.168.252.254
  149. /ip dns
  150. set servers=1.1.1.3,192.168.100.200
  151. /ip dns static
  152. add address=192.168.100.201 name=XXXXXX
  153. add address=192.168.11.5 name=XXXXXX
  154. add address=192.168.252.207 name=XXXXXX
  155. add address=192.168.100.208 name=XXXXXX
  156. /ip firewall address-list
  157. add address=217.160.0.227 list=Website
  158. /ip firewall filter
  159. add action=drop chain=forward log=yes log-prefix="[XXXXXX]" \
  160. src-address=XXXXXX
  161. add action=accept chain=input comment=\
  162. "Accept Related or Established Connections" connection-state=\
  163. established,related
  164. add action=accept chain=input comment=XXXXXX disabled=yes src-address=\
  165. XXXXXX/20
  166. add action=drop chain=forward comment="XXXXXX" \
  167. add action=accept chain=input disabled=yes src-address=XXXXXX/23
  168. dst-address=192.168.100.200 src-address=192.168.244.200/31
  169. add action=drop chain=forward dst-address=192.168.244.200-192.168.100.201 \
  170. src-address=192.168.100.200
  171. add action=accept chain=forward dst-address=192.168.244.201 src-address=\
  172. 192.168.244.200
  173. add action=accept chain=forward dst-address=192.168.244.200 src-address=\
  174. 192.168.244.201
  175. add action=drop chain=forward dst-address=192.168.244.200/31 src-address=\
  176. 192.168.240.0/20
  177. add action=accept chain=forward comment="XXXXXXXXX" dst-address=\
  178. XXXXXXX dst-port=5060 log-prefix="XXXXXXX" \
  179. protocol=udp src-address=192.168.100.2
  180. add action=accept chain=forward dst-address=192.168.100.2 dst-port=5060 \
  181. log-prefix="XXXXXX" protocol=udp src-address=\
  182. XXXXXXX
  183. add action=drop chain=forward comment="XXXXXXX" dst-address=\
  184. 192.168.100.220 dst-port=8006,22 log=yes protocol=tcp src-address=\
  185. !192.168.100.213-192.168.100.216
  186. add action=accept chain=forward comment="XXXXXX" dst-address=\
  187. 192.168.100.200/31 dst-port=3389 log=yes log-prefix=\
  188. "[XXXXXXXX]" protocol=tcp src-address=\
  189. 192.168.100.153
  190. add action=drop chain=forward dst-address=192.168.100.200/31 dst-port=3389 \
  191. log=yes log-prefix="[XXXXXXX]" protocol=tcp \
  192. src-address=!192.168.100.213-192.168.100.216
  193. add action=accept chain=forward comment=\
  194. "XXXXXXX (Disable last rule if upgrading)" dst-address=\
  195. 192.168.100.202 dst-port=1514,1515,55000 protocol=tcp
  196. add action=accept chain=forward dst-address=192.168.100.202 dst-port=443,22 \
  197. protocol=tcp src-address=192.168.100.213-192.168.100.216
  198. add action=drop chain=forward dst-address=192.168.100.202 log-prefix=\
  199. "[XXXXXX"
  200. add action=accept chain=forward comment="XXXXXXXXX" \
  201. dst-address=192.168.240.0/20 port=7680,22551,22543,443,3389 protocol=tcp \
  202. src-address=192.168.240.0/20
  203. add action=accept chain=forward dst-address=192.168.240.0/20 port=22551,22543 \
  204. protocol=udp src-address=192.168.240.0/20
  205. add action=drop chain=forward dst-address=192.168.240.0/20 src-address=\
  206. 192.168.240.0/20
  207. add action=drop chain=forward comment="XXXXXXX" dst-address=\
  208. 192.168.100.204 dst-port=9090,9091 protocol=tcp src-address=\
  209. !192.168.100.213-192.168.100.214
  210. add action=drop chain=forward dst-address=192.168.100.204 dst-port=22 \
  211. protocol=tcp src-address=!192.168.100.213-192.168.100.214
  212. add action=accept chain=forward comment="XXXXXXXX" \
  213. dst-address=192.168.100.209 src-address=192.168.241.1-192.168.241.6
  214. add action=accept chain=forward dst-address=192.168.100.208/31 dst-port=22 \
  215. protocol=tcp src-address=192.168.100.213-192.168.100.216
  216. add action=drop chain=forward dst-address=192.168.100.209
  217. add action=accept chain=input comment="XXXXXXX" src-address=\
  218. .XXXXXXX
  219. add action=accept chain=forward src-address=XXXXXX
  220. add action=accept chain=input comment="XXXXXXX" src-address=\
  221. XXXXXXX
  222. add action=accept chain=forward src-addressXXXXXX
  223. add action=drop chain=input comment=\
  224. "Drop ICMP Broadcast to prevent ICMP Spoofing" dst-address-type=broadcast \
  225. protocol=icmp
  226. add action=drop chain=input comment="Drop Packets from Port Scanners" \
  227. src-address-list=portscan
  228. add action=jump chain=input jump-target=port-scan protocol=tcp
  229. add action=add-src-to-address-list address-list=portscan \
  230. address-list-timeout=4w chain=port-scan protocol=tcp psd=21,3s,3,1
  231. add action=add-src-to-address-list address-list=portscan \
  232. address-list-timeout=4w chain=port-scan protocol=tcp psd=23,3s,3,1
  233. add action=add-src-to-address-list address-list=portscan \
  234. address-list-timeout=4w chain=port-scan protocol=tcp psd=179,3s,3,1
  235. add action=add-src-to-address-list address-list=portscan \
  236. address-list-timeout=4w chain=port-scan protocol=tcp psd=5555,3s,3,1
  237. add action=return chain=port-scan
  238. add action=drop chain=input comment=DDOS connection-state=invalid
  239. add action=jump chain=forward connection-state=new jump-target=dedect-dodos
  240. add action=add-src-to-address-list address-list=block-doss \
  241. address-list-timeout=2w1d chain=input connection-limit=32,32 protocol=tcp
  242. add action=tarpit chain=input connection-limit=3,32 protocol=tcp \
  243. src-address-list=block-doss
  244. add action=drop chain=input comment="SSH Blacklist Enforcement" \
  245. src-address-list="Black List (SSH)"
  246. add action=jump chain=input jump-target="TSG SSH Chain"
  247. add action=add-src-to-address-list address-list="Black List (SSH)" \
  248. address-list-timeout=none-dynamic chain="TSG SSH Chain" connection-state=\
  249. new dst-port=22 protocol=tcp src-address-list="SSH Stage 3"
  250. add action=add-src-to-address-list address-list="SSH Stage 3" \
  251. address-list-timeout=none-dynamic chain="TSG SSH Chain" connection-state=\
  252. new dst-port=22 protocol=tcp src-address-list="SSH Stage 2"
  253. add action=add-src-to-address-list address-list="SSH Stage 2" \
  254. address-list-timeout=2w1d1m chain="TSG SSH Chain" connection-state=new \
  255. dst-port=22 protocol=tcp src-address-list="SSH Stage 1"
  256. add action=add-src-to-address-list address-list="SSH Stage 1" \
  257. address-list-timeout=2w1d1m chain="TSG SSH Chain" connection-state=new \
  258. dst-port=22 protocol=tcp
  259. add action=return chain="TSG SSH Chain"
  260. add action=drop chain=input comment="Telnet Blacklist Enforcement" \
  261. src-address-list="Black List (Telnet)"
  262. add action=jump chain=input jump-target="TSG Telnet Chain"
  263. add action=add-src-to-address-list address-list="Black List (Telnet)" \
  264. address-list-timeout=none-dynamic chain="TSG Telnet Chain" \
  265. connection-state=new dst-port=23 protocol=tcp src-address-list=\
  266. "Telnet Stage 3"
  267. add action=add-src-to-address-list address-list="Telnet Stage 3" \
  268. address-list-timeout=2w1d1m chain="TSG Telnet Chain" connection-state=new \
  269. dst-port=23 protocol=tcp src-address-list="Telnet Stage 2"
  270. add action=add-src-to-address-list address-list="Telnet Stage 2" \
  271. address-list-timeout=2w1d1m chain="TSG Telnet Chain" connection-state=new \
  272. dst-port=23 protocol=tcp src-address-list="Telnet Stage 1"
  273. add action=add-src-to-address-list address-list="Telnet Stage 1" \
  274. address-list-timeout=2w1d1m chain="TSG Telnet Chain" connection-state=new \
  275. dst-port=23 protocol=tcp
  276. add action=return chain="TSG Telnet Chain" connection-state=new
  277. /ip firewall mangle
  278. add action=mark-routing chain=prerouting comment="XXXXXXX" \
  279. disabled=yes new-routing-mark=FreePBX passthrough=yes src-address=\
  280. 192.168.100.2
  281. add action=mark-routing chain=prerouting comment="XXXXXXX" disabled=\
  282. yes new-routing-mark="251 Subnet" passthrough=yes src-address=\
  283. 192.168.251.0/24
  284. add action=mark-routing chain=prerouting comment="XXXXXXX" disabled=\
  285. yes new-routing-mark="252 Subnet" passthrough=yes src-address=\
  286. 192.168.252.0/24
  287. add action=mark-routing chain=prerouting new-routing-mark=XXXXXX passthrough=\
  288. yes src-address=192.168.100.213
  289. /ip firewall nat
  290. add action=dst-nat chain=dstnat comment="WireGuard Forwarding" dst-address=\
  291. XXXXXX dst-port=13231 log=yes protocol=udp to-addresses=\
  292. 192.168.100.153 to-ports=13231
  293. add action=dst-nat chain=dstnat comment="XXXXXX 500 XXXXXX" dst-port=500 \
  294. in-interface=sfp1 log=yes log-prefix="XXXXXX VPN Nat Rule" protocol=\
  295. udp src-address=XXXXXX to-addresses=192.168.251.100 to-ports=500
  296. add action=dst-nat chain=dstnat comment="XXXXXX 4500 XXXXXX" dst-port=4500 \
  297. in-interface=sfp1 log=yes log-prefix="XXXXXX VPN Nat Rule" protocol=\
  298. udp src-address=XXXXXX to-addresses=192.168.251.100 to-ports=4500
  299. add action=dst-nat chain=dstnat comment="XXXXXX XXXXXX" dst-port=500 \
  300. in-interface=ether7 log=yes log-prefix="XXXXXX VPN Nat Rule" protocol=\
  301. udp src-address=XXXXXX to-addresses=192.168.251.100 to-ports=500
  302. add action=dst-nat chain=dstnat comment="XXXXXX XXXXXX" dst-port=4500 \
  303. in-interface=ether7 log=yes log-prefix="XXXXXX VPN Nat Rule" protocol=\
  304. udp src-address=XXXXXX to-addresses=192.168.251.100 to-ports=4500
  305. add action=masquerade chain=srcnat comment=XXXXXX out-interface=sfp1 \
  306. src-address=!XXXXXXXX/29
  307. add action=masquerade chain=srcnat comment=XXXXXX out-interface=ether7
  308. /ip firewall service-port
  309. set ftp disabled=yes
  310. set tftp disabled=yes
  311. set irc disabled=yes
  312. set h323 disabled=yes
  313. set sip disabled=yes
  314. set pptp disabled=yes
  315. set udplite disabled=yes
  316. set dccp disabled=yes
  317. set sctp disabled=yes
  318. /ip proxy
  319. set src-address=192.168.101.222
  320. /ip route
  321. add check-gateway=ping comment=WAN1 distance=1 gateway=XXXXXXXX
  322. add check-gateway=ping comment=WAN2 distance=2 gateway=XXXXXXXX
  323. add distance=1 dst-address=192.168.0.0/24 gateway=192.168.100.153
  324. add distance=1 dst-address=192.168.11.0/24 gateway=192.168.251.100
  325. /ip service
  326. set telnet disabled=yes
  327. set ftp disabled=yes
  328. set www address=192.168.100.213/32 disabled=yes
  329. set ssh disabled=yes
  330. set api disabled=yes
  331. set winbox address=
  332. set api-ssl disabled=yes
  333. /ip smb
  334. set allow-guests=no
  335. /ip ssh
  336. set forwarding-enabled=remote strong-crypto=yes
  337. /ip traffic-flow
  338. set cache-entries=1k
  339. /ip traffic-flow target
  340. add dst-address=192.168.100.213 port=9999
  341.  
  342. /snmp
  343. set contact=XXXXX@XXXXXXXXXXX location=Lab trap-generators=interfaces \
  344. trap-interfaces=all trap-version=2
  345. /system clock
  346. set time-zone-name=Europe/XXXXX
  347. /system identity
  348. set name="XXXXXX Main Router"
  349. /system leds
  350. set 0 leds="" type=interface-speed
  351. add leds="" type=interface-activity
  352. add interface=sfp1 leds="" type=interface-activity
  353. add interface=ether7 leds="" type=interface-activity
  354. /system logging
  355. set 0 topics=firewall
  356. set 1 disabled=yes
  357. set 2 prefix="[Main Router Warning]" topics=warning,dhcp
  358. set 3 action=disk
  359. add prefix="[Main Router Interface Problem]" topics=interface
  360. add disabled=yes topics=ovpn,debug
  361. add disabled=yes topics=l2tp,ppp
  362. add disabled=yes topics=caps
  363. /system note
  364. set note="Unauthorized access to this device is prohibited."
  365. /system ntp client
  366. set enabled=yes server-dns-names=\
  367. 0.pool.ntp.org,1.pool.ntp.org,2.pool.ntp.org,3.pool.ntp.org
  368. /system scheduler
  369. add name=Reboot on-event="/system reboot" policy=reboot start-date=\
  370. jun/08/2024 start-time=05:00:00
  371. add interval=1w name="Automatic Backup" on-event=Backup policy=\
  372. ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
  373. start-date=aug/05/2024 start-time=09:30:00
  374. /system script
  375. add dont-require-permissions=no name=Backup owner=XXXXX policy=\
  376. ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=":\
  377. global date ([:pick [/system clock get date] 0 3] . [:pick [/system clock \
  378. get date] 4 6] . [:pick [/system clock get date] 7 11]);\r\
  379. \n:global time ([:pick [/system clock get time] 0 9]);\r\
  380. \n:local fileName ([/system identity get name].\"_\".\$date.\"_\".\$time.\
  381. \".rsc\")\r\
  382. \n:local rsc \$fileName\r\
  383. \n/export file=\$rsc;"
  384. /system watchdog
  385. set watchdog-timer=no
  386. /tool bandwidth-server
  387. set enabled=no
  388. /tool e-mail
  389. set address=XXXXXX from=XXXX@XXXXXXXXXXXX port=587 start-tls=\
  390. yes user=XXXX@XXXXXXXXXXXX
  391. /tool graphing
  392. set store-every=hour
  393. /tool graphing interface
  394. add allow-address=192.168.100.213/32
  395. /tool mac-server
  396. set allowed-interface-list=none
  397. /tool mac-server mac-winbox
  398. set allowed-interface-list=none
  399. /tool mac-server ping
  400. set enabled=no
  401.  
  402.  
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!