Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [toor@MT2011] > /export hide-sensitive
- # nov/01/2018 00:09:23 by RouterOS 6.42.3
- # software id = A70U-5HVL
- #
- # model = 2011UAS-2HnD
- # serial number = 419E021B4F83
- /interface bridge
- add comment="Eth2 - Eth5 + WLAN1 // (LAN)" fast-forward=no name=br1
- /interface ethernet
- set [ find default-name=ether1 ] comment="(WAN)" loop-protect=on
- set [ find default-name=ether2 ] comment="Filip PC" loop-protect=on
- set [ find default-name=ether3 ] comment="Iva PC"
- set [ find default-name=ether6 ] disabled=yes
- set [ find default-name=ether7 ] disabled=yes
- set [ find default-name=ether8 ] disabled=yes
- set [ find default-name=ether9 ] disabled=yes
- set [ find default-name=ether10 ] comment="Service Port"
- set [ find default-name=sfp1 ] disabled=yes
- /interface list
- add name=WAN
- add name=LAN
- /interface wireless security-profiles
- set [ find default=yes ] supplicant-identity=MikroTik
- add authentication-types=wpa-psk,wpa2-psk eap-methods="" group-key-update=1h management-protection=allowed mode=\
- dynamic-keys name=sushiKey supplicant-identity=""
- add authentication-types=wpa-psk eap-methods="" management-protection=allowed mode=dynamic-keys name=testProfile \
- supplicant-identity=""
- /interface wireless
- set [ find default-name=wlan1 ] antenna-gain=20 band=2ghz-g/n bridge-mode=disabled comment=WiFi country=\
- "czech republic" disabled=no disconnect-timeout=10s distance=indoors frequency=2472 frequency-mode=\
- regulatory-domain keepalive-frames=disabled mode=ap-bridge security-profile=sushiKey ssid=SUSHI \
- wireless-protocol=802.11 wps-mode=disabled
- /interface wireless manual-tx-power-table
- set wlan1 comment=WiFi
- /interface wireless nstreme
- set wlan1 comment=WiFi
- /ip hotspot profile
- add hotspot-address=10.5.50.1 name=hsprof1
- /ip pool
- add name=pool2 ranges=10.0.81.1-10.0.81.254
- /ip hotspot
- add address-pool=pool2 interface=wlan1 name=hotspot1 profile=hsprof1
- /ip pool
- add name=pool1 next-pool=pool2 ranges=10.0.80.5-10.0.80.100
- /ip dhcp-server
- add address-pool=pool1 disabled=no interface=br1 lease-time=1h name=dhcpServer
- /interface bridge port
- add bridge=br1 interface=ether3
- add bridge=br1 interface=ether4
- add bridge=br1 interface=ether5
- add bridge=br1 interface=ether2
- add bridge=br1 interface=wlan1
- /interface bridge vlan
- add bridge=br1 vlan-ids=10
- add vlan-ids=10
- /interface detect-internet
- set detect-interface-list=all
- /interface list member
- add interface=ether1 list=WAN
- add interface=br1 list=LAN
- /ip address
- add address=10.0.80.1/24 comment="BRIDGE IP" interface=br1 network=10.0.80.0
- /ip dhcp-client
- add comment="INTERNET < (UPC) > RB2011" dhcp-options=hostname,clientid disabled=no interface=ether1 use-peer-dns=no
- /ip dhcp-server lease
- add address=10.0.80.100 client-id=1:d4:3d:7e:e3:e2:c8 comment="Filip PC (LAN)" lease-time=1d mac-address=\
- D4:3D:7E:E3:E2:C8 server=dhcpServer
- add address=10.0.80.98 client-id=1:e4:d5:3d:3c:48:5a comment="Iva PC (WLAN)" lease-time=1d mac-address=\
- E4:D5:3D:3C:48:5A server=dhcpServer
- add address=10.0.80.97 comment="Yeelight - living room" lease-time=1d mac-address=78:11:DC:AA:49:1C server=\
- dhcpServer
- add address=10.0.80.96 comment="Yeelight - bedroom" lease-time=1d mac-address=78:11:DC:DD:02:98 server=dhcpServer
- add address=10.0.80.99 client-id=1:4:b1:67:ad:2d:91 comment="Filip phone (WAN)" lease-time=1d mac-address=\
- 04:B1:67:AD:2D:91 server=dhcpServer
- add address=10.0.80.94 client-id=1:64:db:43:da:cc:a4 comment="Iva phone" mac-address=64:DB:43:DA:CC:A4 server=\
- dhcpServer
- add address=10.0.80.93 comment=Tablet mac-address=48:A2:2D:97:57:37 server=dhcpServer
- add address=10.0.80.89 always-broadcast=yes client-id=1:dc:e:a1:68:31:9d comment="Iva PC (LAN)" mac-address=\
- DC:0E:A1:68:31:9D server=dhcpServer
- /ip dhcp-server network
- add address=10.0.80.0/24 dns-server=10.0.80.1 gateway=10.0.80.1
- /ip dns
- set allow-remote-requests=yes servers=208.67.222.222,208.67.220.220
- /ip firewall filter
- add action=fasttrack-connection chain=forward connection-state=established,related
- add action=accept chain=forward connection-state=established,related
- add action=drop chain=input comment=SSH dst-port=22 in-interface=ether1 protocol=tcp
- add action=drop chain=input comment=HTTP dst-port=80 in-interface=ether1 protocol=tcp
- add action=drop chain=input comment="DNS (TCP)" dst-port=53 in-interface=ether1 protocol=tcp
- add action=drop chain=input comment="DNS (UDP)" dst-port=53 in-interface=ether1 protocol=udp
- /ip firewall nat
- add action=masquerade chain=srcnat src-address=10.0.80.0/24
- /ip hotspot user
- add disabled=yes name=admin
- /ip service
- set telnet disabled=yes
- set ftp disabled=yes
- set www disabled=yes
- set ssh disabled=yes
- set api disabled=yes
- set winbox address=10.0.80.0/24 port=8280
- set api-ssl disabled=yes
- /lcd
- set enabled=no touch-screen=disabled
- /lcd interface pages
- set 0 interfaces=wlan1
- /system clock
- set time-zone-name=Europe/Prague
- /system identity
- set name=MT2011
- /system ntp client
- set enabled=yes primary-ntp=195.113.144.201 secondary-ntp=195.113.144.238
- /system routerboard settings
- set silent-boot=no
- /system script
- add comment="if 8.8.8.8 is down > REBOOT" name=NetWatch-8.8.8.8 owner=toor policy=\
- ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=":if ([/ping 8.8.8.8 interval=5 count=60\
- ] =0) do={\r\
- \nlog info \"my ping watchdog is down\" ; /system reboot\r\
- \n}"
- add comment="if 77.75.77.39 is down > REBOOT" name=NetWatch-:77.75.77.39 owner=toor policy=\
- ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=":if ([/ping 77.75.77.39 interval=5 coun\
- t=60] =0) do={\r\
- \nlog info \"my ping watchdog is down\" ; /system reboot\r\
- \n}"
- /tool graphing interface
- add allow-address=10.0.80.0/24 interface=br1
- add allow-address=10.0.80.0/24
- /tool graphing resource
- add allow-address=10.0.80.0/24
- /tool netwatch
- add comment="Checking 8.8.8.8" down-script="/system script run NetWatch-8.8.8.8" host=8.8.8.8
- add comment="Checking 77.75.77.39" down-script="/system script run NetWatch-77.75.77.39" host=77.75.77.39
- [toor@MT2011] >
- [toor@MT2011] >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement