API tools faq
paste
Advertisement
MT_

RB2011

MT_
Oct 31st, 2018
150
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.03 KB | None | 0 0
raw download clone embed print report
  1. [toor@MT2011] > /export hide-sensitive
  2. # nov/01/2018 00:09:23 by RouterOS 6.42.3
  3. # software id = A70U-5HVL
  4. #
  5. # model = 2011UAS-2HnD
  6. # serial number = 419E021B4F83
  7. /interface bridge
  8. add comment="Eth2 - Eth5 + WLAN1 // (LAN)" fast-forward=no name=br1
  9. /interface ethernet
  10. set [ find default-name=ether1 ] comment="(WAN)" loop-protect=on
  11. set [ find default-name=ether2 ] comment="Filip PC" loop-protect=on
  12. set [ find default-name=ether3 ] comment="Iva PC"
  13. set [ find default-name=ether6 ] disabled=yes
  14. set [ find default-name=ether7 ] disabled=yes
  15. set [ find default-name=ether8 ] disabled=yes
  16. set [ find default-name=ether9 ] disabled=yes
  17. set [ find default-name=ether10 ] comment="Service Port"
  18. set [ find default-name=sfp1 ] disabled=yes
  19. /interface list
  20. add name=WAN
  21. add name=LAN
  22. /interface wireless security-profiles
  23. set [ find default=yes ] supplicant-identity=MikroTik
  24. add authentication-types=wpa-psk,wpa2-psk eap-methods="" group-key-update=1h management-protection=allowed mode=\
  25. dynamic-keys name=sushiKey supplicant-identity=""
  26. add authentication-types=wpa-psk eap-methods="" management-protection=allowed mode=dynamic-keys name=testProfile \
  27. supplicant-identity=""
  28. /interface wireless
  29. set [ find default-name=wlan1 ] antenna-gain=20 band=2ghz-g/n bridge-mode=disabled comment=WiFi country=\
  30. "czech republic" disabled=no disconnect-timeout=10s distance=indoors frequency=2472 frequency-mode=\
  31. regulatory-domain keepalive-frames=disabled mode=ap-bridge security-profile=sushiKey ssid=SUSHI \
  32. wireless-protocol=802.11 wps-mode=disabled
  33. /interface wireless manual-tx-power-table
  34. set wlan1 comment=WiFi
  35. /interface wireless nstreme
  36. set wlan1 comment=WiFi
  37. /ip hotspot profile
  38. add hotspot-address=10.5.50.1 name=hsprof1
  39. /ip pool
  40. add name=pool2 ranges=10.0.81.1-10.0.81.254
  41. /ip hotspot
  42. add address-pool=pool2 interface=wlan1 name=hotspot1 profile=hsprof1
  43. /ip pool
  44. add name=pool1 next-pool=pool2 ranges=10.0.80.5-10.0.80.100
  45. /ip dhcp-server
  46. add address-pool=pool1 disabled=no interface=br1 lease-time=1h name=dhcpServer
  47. /interface bridge port
  48. add bridge=br1 interface=ether3
  49. add bridge=br1 interface=ether4
  50. add bridge=br1 interface=ether5
  51. add bridge=br1 interface=ether2
  52. add bridge=br1 interface=wlan1
  53. /interface bridge vlan
  54. add bridge=br1 vlan-ids=10
  55. add vlan-ids=10
  56. /interface detect-internet
  57. set detect-interface-list=all
  58. /interface list member
  59. add interface=ether1 list=WAN
  60. add interface=br1 list=LAN
  61. /ip address
  62. add address=10.0.80.1/24 comment="BRIDGE IP" interface=br1 network=10.0.80.0
  63. /ip dhcp-client
  64. add comment="INTERNET < (UPC) > RB2011" dhcp-options=hostname,clientid disabled=no interface=ether1 use-peer-dns=no
  65. /ip dhcp-server lease
  66. add address=10.0.80.100 client-id=1:d4:3d:7e:e3:e2:c8 comment="Filip PC (LAN)" lease-time=1d mac-address=\
  67. D4:3D:7E:E3:E2:C8 server=dhcpServer
  68. add address=10.0.80.98 client-id=1:e4:d5:3d:3c:48:5a comment="Iva PC (WLAN)" lease-time=1d mac-address=\
  69. E4:D5:3D:3C:48:5A server=dhcpServer
  70. add address=10.0.80.97 comment="Yeelight - living room" lease-time=1d mac-address=78:11:DC:AA:49:1C server=\
  71. dhcpServer
  72. add address=10.0.80.96 comment="Yeelight - bedroom" lease-time=1d mac-address=78:11:DC:DD:02:98 server=dhcpServer
  73. add address=10.0.80.99 client-id=1:4:b1:67:ad:2d:91 comment="Filip phone (WAN)" lease-time=1d mac-address=\
  74. 04:B1:67:AD:2D:91 server=dhcpServer
  75. add address=10.0.80.94 client-id=1:64:db:43:da:cc:a4 comment="Iva phone" mac-address=64:DB:43:DA:CC:A4 server=\
  76. dhcpServer
  77. add address=10.0.80.93 comment=Tablet mac-address=48:A2:2D:97:57:37 server=dhcpServer
  78. add address=10.0.80.89 always-broadcast=yes client-id=1:dc:e:a1:68:31:9d comment="Iva PC (LAN)" mac-address=\
  79. DC:0E:A1:68:31:9D server=dhcpServer
  80. /ip dhcp-server network
  81. add address=10.0.80.0/24 dns-server=10.0.80.1 gateway=10.0.80.1
  82. /ip dns
  83. set allow-remote-requests=yes servers=208.67.222.222,208.67.220.220
  84. /ip firewall filter
  85. add action=fasttrack-connection chain=forward connection-state=established,related
  86. add action=accept chain=forward connection-state=established,related
  87. add action=drop chain=input comment=SSH dst-port=22 in-interface=ether1 protocol=tcp
  88. add action=drop chain=input comment=HTTP dst-port=80 in-interface=ether1 protocol=tcp
  89. add action=drop chain=input comment="DNS (TCP)" dst-port=53 in-interface=ether1 protocol=tcp
  90. add action=drop chain=input comment="DNS (UDP)" dst-port=53 in-interface=ether1 protocol=udp
  91. /ip firewall nat
  92. add action=masquerade chain=srcnat src-address=10.0.80.0/24
  93. /ip hotspot user
  94. add disabled=yes name=admin
  95. /ip service
  96. set telnet disabled=yes
  97. set ftp disabled=yes
  98. set www disabled=yes
  99. set ssh disabled=yes
  100. set api disabled=yes
  101. set winbox address=10.0.80.0/24 port=8280
  102. set api-ssl disabled=yes
  103. /lcd
  104. set enabled=no touch-screen=disabled
  105. /lcd interface pages
  106. set 0 interfaces=wlan1
  107. /system clock
  108. set time-zone-name=Europe/Prague
  109. /system identity
  110. set name=MT2011
  111. /system ntp client
  112. set enabled=yes primary-ntp=195.113.144.201 secondary-ntp=195.113.144.238
  113. /system routerboard settings
  114. set silent-boot=no
  115. /system script
  116. add comment="if 8.8.8.8 is down > REBOOT" name=NetWatch-8.8.8.8 owner=toor policy=\
  117. ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=":if ([/ping 8.8.8.8 interval=5 count=60\
  118. ] =0) do={\r\
  119. \nlog info \"my ping watchdog is down\" ; /system reboot\r\
  120. \n}"
  121. add comment="if 77.75.77.39 is down > REBOOT" name=NetWatch-:77.75.77.39 owner=toor policy=\
  122. ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=":if ([/ping 77.75.77.39 interval=5 coun\
  123. t=60] =0) do={\r\
  124. \nlog info \"my ping watchdog is down\" ; /system reboot\r\
  125. \n}"
  126. /tool graphing interface
  127. add allow-address=10.0.80.0/24 interface=br1
  128. add allow-address=10.0.80.0/24
  129. /tool graphing resource
  130. add allow-address=10.0.80.0/24
  131. /tool netwatch
  132. add comment="Checking 8.8.8.8" down-script="/system script run NetWatch-8.8.8.8" host=8.8.8.8
  133. add comment="Checking 77.75.77.39" down-script="/system script run NetWatch-77.75.77.39" host=77.75.77.39
  134. [toor@MT2011] >
  135. [toor@MT2011] >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!