API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Dec 7th, 2019
102
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 2.50 KB | None | 0 0
raw download clone embed print report
  1. [admin@MikroTik] > interface bridge export
  2. # dec/08/2019 00:58:27 by RouterOS 6.45.1
  3. # software id = 7LRH-FRKN
  4. #
  5. # model = RBcAPL-2nD
  6. # serial number = BB220BF8088A
  7. /interface bridge
  8. add name=Wlan
  9. add admin-mac=C4:AD:34:1C:14:43 auto-mac=no comment=defconf name=bridge
  10. /interface bridge port
  11. add bridge=bridge comment=defconf interface=ether1
  12. add bridge=Wlan comment=defconf interface=wlan1
  13.  
  14.  
  15. [admin@TeremuReki] > ip firewall export
  16. # dec/08/2019 00:59:42 by RouterOS 6.46
  17. # software id = 0R6B-73PL
  18. #
  19. # model = RB2011UiAS-2HnD
  20. # serial number = B9070A1E368D
  21. /ip firewall filter
  22. add action=passthrough chain=unused-hs-chain comment="place hotspot rules here" disabled=yes
  23. add action=drop chain=forward dst-address=10.0.0.1 out-interface=bridge_hs protocol=!udp
  24. add action=passthrough chain=unused-hs-chain comment="place hotspot rules here" disabled=yes
  25. add action=accept chain=input comment="defconf: accept established,related,untracked" connection-state=established,related,untracked
  26. add action=drop chain=input comment="defconf: drop invalid" connection-state=invalid
  27. add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
  28. add action=accept chain=forward comment="defconf: accept in ipsec policy" ipsec-policy=in,ipsec
  29. add action=accept chain=forward comment="defconf: accept out ipsec policy" ipsec-policy=out,ipsec
  30. add action=fasttrack-connection chain=forward comment="defconf: fasttrack" connection-state=established,related disabled=yes
  31. add action=accept chain=forward comment="defconf: accept established,related, untracked" connection-state=established,related,untracked
  32. add action=drop chain=forward comment="defconf: drop invalid" connection-state=invalid
  33. add action=drop chain=forward comment="defconf:  drop all from WAN not DSTNATed" connection-nat-state=!dstnat connection-state=new in-interface-list=WAN
  34. add action=accept chain=input disabled=yes dst-port=8291 protocol=tcp src-port=""
  35. /ip firewall mangle
  36. add action=log chain=prerouting disabled=yes dst-address=0.0.0.0 dst-port=58290 log-prefix=dnat protocol=tcp
  37. /ip firewall nat
  38. add action=passthrough chain=unused-hs-chain comment="place hotspot rules here" disabled=yes
  39. add action=masquerade chain=srcnat comment="defconf: masquerade" ipsec-policy=out,none
  40. add action=passthrough chain=unused-hs-chain comment="place hotspot rules here" disabled=yes
  41. add action=masquerade chain=srcnat comment="defconf: masquerade" ipsec-policy=out,none
  42. add action=dst-nat chain=dstnat disabled=yes dst-port=58290 protocol=tcp to-ports=8921
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!