API tools faq
paste
Advertisement
extreen

Untitled

extreen
Jan 21st, 2020
178
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 12.72 KB | None | 0 0
raw download clone embed print report
  1. # jan/22/2020 12:33:14 by RouterOS 6.46.1
  2. # software id = 1YMY-GLP1
  3. #
  4. # model = 951Ui-2HnD
  5. # serial number = 43CE0283BA9E
  6. /interface bridge
  7. add arp=reply-only name=LAN
  8. /interface ethernet
  9. set [ find default-name=ether1 ] comment=RTK
  10. set [ find default-name=ether2 ] comment=NTK
  11. set [ find default-name=ether3 ] comment=MGK
  12. /interface wireless
  13. set [ find default-name=wlan1 ] ssid=MikroTik
  14. /interface wireless security-profiles
  15. set [ find default=yes ] supplicant-identity=MikroTik
  16. /ip pool
  17. add name=pool0 ranges=10.10.0.2-10.10.0.254
  18. add name=pool1 ranges=10.10.1.2-10.10.1.254
  19. add name=pool3 ranges=10.10.3.2-10.10.3.254
  20. /ip dhcp-server
  21. add add-arp=yes address-pool=pool3 disabled=no interface=LAN name=dhcp
  22. /queue simple
  23. add max-limit=3M/3M name="block 10.10.0.0/24" target=10.10.0.0/24
  24. add max-limit=2M/2M name="block 10.10.1.0/24" target=10.10.1.0/24
  25. add max-limit=1M/1M name="block 10.10.3.0/24" target=10.10.3.0/24
  26. /interface bridge port
  27. add bridge=LAN interface=wlan1
  28. add bridge=LAN interface=ether4
  29. add bridge=LAN interface=ether5
  30. /ip address
  31. add address=1.1.1.1 interface=ether1 network=1.1.1.5
  32. add address=2.2.2.2 interface=ether2 network=2.2.2.5
  33. add address=192.168.88.35 interface=ether3 network=192.168.88.1
  34. add address=10.10.0.1/24 interface=LAN network=10.10.0.0
  35. add address=10.10.1.1/24 interface=LAN network=10.10.1.0
  36. add address=10.10.3.1/24 interface=LAN network=10.10.3.0
  37. /ip dhcp-server lease
  38. add address=10.10.1.250 mac-address=70:85:C2:FF:4C:8E server=dhcp
  39. /ip dhcp-server network
  40. add address=10.10.0.0/24 dns-server=10.10.0.1 gateway=10.10.0.1 ntp-server=\
  41. 10.10.0.1
  42. add address=10.10.1.0/24 dns-server=10.10.1.1 gateway=10.10.1.1 ntp-server=\
  43. 10.10.1.1
  44. add address=10.10.3.0/24 dns-server=10.10.3.1 gateway=10.10.3.1 next-server=\
  45. 10.10.3.5 ntp-server=10.10.3.1
  46. /ip dns
  47. set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4,10.10.0.11
  48. /ip firewall address-list
  49. add address=10.10.3.250 disabled=yes list=RZV
  50. add address=10.10.0.0/24 list=0_0
  51. add address=10.10.1.0/24 list=1_0
  52. add address=10.10.3.0/24 list=3_0
  53. /ip firewall mangle
  54. add action=mark-connection chain=prerouting comment=ISP1 in-interface=ether1 \
  55. new-connection-mark=From-ISP1 passthrough=yes
  56. add action=mark-routing chain=prerouting connection-mark=From-ISP1 \
  57. new-routing-mark=to-ISP1 passthrough=yes
  58. add action=mark-routing chain=output connection-mark=From-ISP1 \
  59. new-routing-mark=to-ISP1 passthrough=yes
  60. add action=mark-routing chain=output new-routing-mark=to-ISP1 passthrough=yes \
  61. src-address=1.1.1.1
  62. add action=mark-connection chain=prerouting comment=ISP2 in-interface=ether2 \
  63. new-connection-mark=From-ISP2 passthrough=yes
  64. add action=mark-routing chain=prerouting connection-mark=From-ISP2 \
  65. new-routing-mark=to-ISP2 passthrough=yes
  66. add action=mark-routing chain=output connection-mark=From-ISP2 \
  67. new-routing-mark=to-ISP2 passthrough=yes
  68. add action=mark-routing chain=output new-routing-mark=to-ISP2 passthrough=yes \
  69. src-address=2.2.2.2
  70. add action=mark-connection chain=prerouting comment=ISP3 in-interface=ether3 \
  71. new-connection-mark=From-ISP3 passthrough=yes
  72. add action=mark-routing chain=prerouting connection-mark=From-ISP3 \
  73. new-routing-mark=to-ISP3 passthrough=yes
  74. add action=mark-routing chain=output connection-mark=From-ISP3 \
  75. new-routing-mark=to-ISP3 passthrough=yes
  76. add action=mark-routing chain=output new-routing-mark=to-ISP3 passthrough=yes \
  77. src-address=192.168.88.1
  78. add action=mark-routing chain=prerouting comment=LAN_0_ISP1 disabled=yes \
  79. new-routing-mark=ISP1 passthrough=no src-address-list=0_0
  80. add action=mark-routing chain=prerouting comment=LAN_1_ISP1 disabled=yes \
  81. new-routing-mark=ISP1 passthrough=no src-address-list=1_0
  82. add action=mark-routing chain=prerouting comment=LAN_3_ISP1 disabled=yes \
  83. new-routing-mark=ISP1 passthrough=no src-address-list=3_0
  84. add action=mark-routing chain=prerouting comment=LAN_0_ISP2 new-routing-mark=\
  85. ISP2 passthrough=no src-address-list=0_0
  86. add action=mark-routing chain=prerouting comment=LAN_1_ISP2 new-routing-mark=\
  87. ISP2 passthrough=no src-address-list=1_0
  88. add action=mark-routing chain=prerouting comment=LAN_3_ISP2 disabled=yes \
  89. new-routing-mark=ISP2 passthrough=no src-address-list=3_0
  90. add action=mark-routing chain=prerouting comment=LAN_3_ISP3 log-prefix=ISP3_ \
  91. new-routing-mark=ISP3 passthrough=no src-address-list=3_0
  92. add action=mark-routing chain=prerouting comment=RZV disabled=yes \
  93. new-routing-mark=ISP3 passthrough=no src-address-list=RZV
  94. /ip firewall nat
  95. add action=masquerade chain=srcnat out-interface=ether1
  96. add action=masquerade chain=srcnat out-interface=ether2
  97. add action=masquerade chain=srcnat out-interface=ether3
  98. /ip route
  99. add distance=1 gateway=1.1.1.5 routing-mark=ISP1
  100. add distance=1 gateway=2.2.2.5 routing-mark=ISP2
  101. add distance=1 gateway=192.168.88.1 routing-mark=ISP3
  102. add comment=WAN1 distance=1 gateway=1.1.1.5
  103. add comment=WAN2 distance=2 gateway=2.2.2.5
  104. add comment=WAN3 distance=3 gateway=192.168.88.1
  105. /ip route rule
  106. add src-address=1.1.1.1/32 table=ISP1
  107. add src-address=2.2.2.2/32 table=ISP2
  108. add src-address=192.168.88.35/32 table=ISP3
  109. add dst-address=10.10.0.0/24 table=main
  110. add dst-address=10.10.1.0/24 table=main
  111. add dst-address=10.10.3.0/24 table=main
  112. add routing-mark=to-ISP1 table=ISP1
  113. add routing-mark=to-ISP2 table=ISP2
  114. add routing-mark=to-ISP3 table=ISP3
  115. /system clock
  116. set time-zone-name=Asia/Novosibirsk
  117. /system ntp client
  118. set enabled=yes primary-ntp=78.36.11.161 secondary-ntp=78.36.11.161
  119. /system ntp server
  120. set enabled=yes multicast=yes
  121. /system script
  122. add dont-require-permissions=no name=check_isp owner=admin policy=\
  123. ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source="#\
  124. ISP1\r\
  125. \n:global RTK ether3\r\
  126. \n#ISP2\r\
  127. \n:global NTK ether2\r\
  128. \n#ISP3\r\
  129. \n:global MGK ether1\r\
  130. \n\r\
  131. \n:local PingCount 1\r\
  132. \n\r\
  133. \n:local PingTargets {77.88.8.8; 8.8.8.8}\r\
  134. \n:local host\r\
  135. \n\r\
  136. \n:local RTKInetOk false\r\
  137. \n:local NTKInetOk false\r\
  138. \n:local MGKInetOk false\r\
  139. \n:local RTKPings 0\r\
  140. \n:local NTKPings 0\r\
  141. \n:local MGKPings 0\r\
  142. \n\r\
  143. \nforeach host in=\$PingTargets do={\r\
  144. \n:local res [/ping \$host count=\$PingCount interface=\$RTK]\r\
  145. \n:set RTKPings (\$RTKPings + \$res)\r\
  146. \n:local res [/ping \$host count=\$PingCount interface=\$NTK]\r\
  147. \n:set NTKPings (\$NTKPings + \$res)\r\
  148. \n:local res [/ping \$host count=\$PingCount interface=\$MGK]\r\
  149. \n:set MGKPings (\$MGKPings + \$res)\r\
  150. \n:delay 1\r\
  151. \n}\r\
  152. \n\r\
  153. \n:set RTKInetOk (\$RTKPings >= 1)\r\
  154. \n:set NTKInetOk (\$NTKPings >= 1)\r\
  155. \n:set MGKInetOk (\$MGKPings >= 1)\r\
  156. \n\r\
  157. \n:put \"RTKInetOk=\$RTKInetOk\"\r\
  158. \n:put \"NTKInetOk=\$NTKInetOk\"\r\
  159. \n:put \"MGKInetOk=\$MGKInetOk\"\r\
  160. \n\r\
  161. \nif (\$RTKInetOk && \$NTKInetOk && \$MGKInetOk) do={\r\
  162. \n/ip firewall mangle disable [find comment=\"LAN_0_ISP1\"]\r\
  163. \n/ip firewall mangle disable [find comment=\"LAN_3_ISP1\"]\r\
  164. \n/ip firewall mangle disable [find comment=\"LAN_1_ISP2\"]\r\
  165. \n/ip firewall mangle disable [find comment=\"LAN_3_ISP2\"]\r\
  166. \n/ip firewall mangle disable [find comment=\"RZV\"]\r\
  167. \n/ip firewall mangle enable [find comment=\"LAN_1_ISP1\"]\r\
  168. \n/ip firewall mangle enable [find comment=\"LAN_0_ISP2\"]\r\
  169. \n/ip firewall mangle enable [find comment=\"LAN_3_ISP3\"]\r\
  170. \n/ip firewall connection remove [find ]\r\
  171. \n:put \"switched to ISP1+ISP2+ISP3\"\r\
  172. \n/log info \"switched to ISP1+ISP2+ISP3\"\r\
  173. \n}\r\
  174. \n\r\
  175. \nif (!\$RTKInetOk && \$NTKInetOk && \$MGKInetOk) do={\r\
  176. \n/ip firewall mangle disable [find comment=\"LAN_0_ISP1\"]\r\
  177. \n/ip firewall mangle disable [find comment=\"LAN_1_ISP1\"]\r\
  178. \n/ip firewall mangle disable [find comment=\"LAN_3_ISP1\"]\r\
  179. \n/ip firewall mangle disable [find comment=\"LAN_3_ISP2\"]\r\
  180. \n/ip firewall mangle disable [find comment=\"RZV\"]\r\
  181. \n/ip firewall mangle enable [find comment=\"LAN_0_ISP2\"]\r\
  182. \n/ip firewall mangle enable [find comment=\"LAN_1_ISP2\"]\r\
  183. \n/ip firewall mangle enable [find comment=\"LAN_3_ISP3\"]\r\
  184. \n/ip firewall connection remove [find ]\r\
  185. \n:put \"switched to ISP2+ISP3\"\r\
  186. \n/log info \"switched to ISP2+ISP3\"\r\
  187. \n}\r\
  188. \n\r\
  189. \nif (\$RTKInetOk && !\$NTKInetOk && \$MGKInetOk) do={\r\
  190. \n/ip firewall mangle disable [find comment=\"LAN_3_ISP1\"]\r\
  191. \n/ip firewall mangle disable [find comment=\"LAN_0_ISP2\"]\r\
  192. \n/ip firewall mangle disable [find comment=\"LAN_1_ISP2\"]\r\
  193. \n/ip firewall mangle disable [find comment=\"LAN_3_ISP2\"]\r\
  194. \n/ip firewall mangle disable [find comment=\"RZV\"]\r\
  195. \n/ip firewall mangle enable [find comment=\"LAN_0_ISP1\"]\r\
  196. \n/ip firewall mangle enable [find comment=\"LAN_1_ISP1\"]\r\
  197. \n/ip firewall mangle enable [find comment=\"LAN_3_ISP3\"]\r\
  198. \n/ip firewall connection remove [find ]\r\
  199. \n:put \"switched to ISP1+ISP3\"\r\
  200. \n/log info \"switched to ISP1+ISP3\"\r\
  201. \n}\r\
  202. \n\r\
  203. \nif (\$RTKInetOk && \$NTKInetOk && !\$MGKInetOk) do={\r\
  204. \n/ip firewall mangle disable [find comment=\"LAN_0_ISP1\"]\r\
  205. \n/ip firewall mangle disable [find comment=\"LAN_3_ISP1\"]\r\
  206. \n/ip firewall mangle disable [find comment=\"LAN_1_ISP2\"]\r\
  207. \n/ip firewall mangle disable [find comment=\"LAN_3_ISP3\"]\r\
  208. \n/ip firewall mangle disable [find comment=\"RZV\"]\r\
  209. \n/ip firewall mangle enable [find comment=\"LAN_1_ISP1\"]\r\
  210. \n/ip firewall mangle enable [find comment=\"LAN_0_ISP2\"]\r\
  211. \n/ip firewall mangle enable [find comment=\"LAN_3_ISP2\"]\r\
  212. \n/ip firewall connection remove [find ]\r\
  213. \n:put \"switched to ISP1+ISP2\"\r\
  214. \n/log info \"switched to ISP1+ISP2\"\r\
  215. \n}\r\
  216. \n\r\
  217. \nif (!\$RTKInetOk && \$NTKInetOk && !\$MGKInetOk) do={\r\
  218. \n/ip firewall mangle disable [find comment=\"LAN_0_ISP1\"]\r\
  219. \n/ip firewall mangle disable [find comment=\"LAN_1_ISP1\"]\r\
  220. \n/ip firewall mangle disable [find comment=\"LAN_3_ISP1\"]\r\
  221. \n/ip firewall mangle disable [find comment=\"LAN_3_ISP3\"]\r\
  222. \n/ip firewall mangle disable [find comment=\"RZV\"]\r\
  223. \n/ip firewall mangle enable [find comment=\"LAN_0_ISP2\"]\r\
  224. \n/ip firewall mangle enable [find comment=\"LAN_1_ISP2\"]\r\
  225. \n/ip firewall mangle enable [find comment=\"LAN_3_ISP2\"]\r\
  226. \n/ip firewall connection remove [find ]\r\
  227. \n:put \"switched to ISP2\"\r\
  228. \n/log info \"switched to ISP2\"\r\
  229. \n}\r\
  230. \n\r\
  231. \nif (\$RTKInetOk && !\$NTKInetOk && !\$MGKInetOk) do={\r\
  232. \n/ip firewall mangle disable [find comment=\"LAN_0_ISP2\"]\r\
  233. \n/ip firewall mangle disable [find comment=\"LAN_1_ISP2\"]\r\
  234. \n/ip firewall mangle disable [find comment=\"LAN_3_ISP2\"]\r\
  235. \n/ip firewall mangle disable [find comment=\"LAN_3_ISP3\"]\r\
  236. \n/ip firewall mangle disable [find comment=\"RZV\"]\r\
  237. \n/ip firewall mangle enable [find comment=\"LAN_0_ISP1\"]\r\
  238. \n/ip firewall mangle enable [find comment=\"LAN_1_ISP1\"]\r\
  239. \n/ip firewall mangle enable [find comment=\"LAN_3_ISP1\"]\r\
  240. \n/ip firewall connection remove [find ]\r\
  241. \n:put \"switched to ISP1\"\r\
  242. \n/log info \"switched to ISP1\"\r\
  243. \n}\r\
  244. \n\r\
  245. \nif (!\$RTKInetOk && !\$NTKInetOk && \$MGKInetOk) do={\r\
  246. \n/ip firewall mangle disable [find comment=\"LAN_0_ISP1\"]\r\
  247. \n/ip firewall mangle disable [find comment=\"LAN_1_ISP1\"]\r\
  248. \n/ip firewall mangle disable [find comment=\"LAN_3_ISP1\"]\r\
  249. \n/ip firewall mangle disable [find comment=\"LAN_0_ISP2\"]\r\
  250. \n/ip firewall mangle disable [find comment=\"LAN_1_ISP2\"]\r\
  251. \n/ip firewall mangle disable [find comment=\"LAN_3_ISP2\"]\r\
  252. \n/ip firewall mangle disable [find comment=\"LAN_3_ISP3\"]\r\
  253. \n/ip firewall mangle enable [find comment=\"RZV\"]\r\
  254. \n/ip firewall connection remove [find ]\r\
  255. \n:put \"switched to ISP3\"\r\
  256. \n/log info \"switched to ISP3\"\r\
  257. \n}\r\
  258. \n\r\
  259. \nif (!\$RTKInetOk && !\$NTKInetOk && !\$MGKInetOk) do={\r\
  260. \n/ip firewall mangle disable [find comment=\"LAN_0_ISP1\"]\r\
  261. \n/ip firewall mangle disable [find comment=\"LAN_3_ISP1\"]\r\
  262. \n/ip firewall mangle disable [find comment=\"LAN_1_ISP2\"]\r\
  263. \n/ip firewall mangle disable [find comment=\"LAN_3_ISP2\"]\r\
  264. \n/ip firewall mangle disable [find comment=\"RZV\"]\r\
  265. \n/ip firewall mangle enable [find comment=\"LAN_1_ISP1\"]\r\
  266. \n/ip firewall mangle enable [find comment=\"LAN_0_ISP2\"]\r\
  267. \n/ip firewall mangle enable [find comment=\"LAN_3_ISP3\"]\r\
  268. \n/ip firewall connection remove [find ]\r\
  269. \n:put \"switched to No Internet\"\r\
  270. \n/log info \"switched to No Internet\"\r\
  271. \n}\r\
  272. \n"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!