API tools faq
paste
Guest User

Untitled

a guest
Feb 6th, 2020
129
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.78 KB | None | 0 0
raw download clone embed print report
  1. # feb/06/2020 23:16:28 by RouterOS 6.45.1
  2. # software id = JRHG-SFGA
  3. #
  4. # model = 951-2n
  5. # serial number = 47780251EDA7
  6. /interface bridge
  7. add admin-mac=D4:CA:6D:1F:D2:C3 auto-mac=no comment=defconf name=bridge
  8. add name=bridge1
  9. /interface wireless
  10. set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-XX \
  11. disabled=no distance=indoors frequency=auto installation=indoor mode=\
  12. ap-bridge ssid=Sp1er wireless-protocol=802.11
  13. add disabled=no keepalive-frames=disabled mac-address=02:00:00:AA:00:00 \
  14. master-interface=wlan1 multicast-buffering=disabled name=wlan2 ssid=\
  15. vpnspb wds-cost-range=0 wds-default-bridge=bridge wds-default-cost=0 \
  16. wps-mode=disabled
  17. /interface ethernet
  18. set [ find default-name=ether1 ] mac-address=D4:CA:6D:1F:D2:C3
  19. /interface pptp-client
  20. add connect-to=vpn1.ru disabled=no name=pptp-ps4 password=***** \
  21. user=sp1er
  22. /interface list
  23. add comment=defconf name=WAN
  24. add comment=defconf name=LAN
  25. /interface wireless security-profiles
  26. set [ find default=yes ] authentication-types=wpa-psk,wpa2-psk mode=\
  27. dynamic-keys supplicant-identity=MikroTik wpa-pre-shared-key=****** \
  28. wpa2-pre-shared-key=******
  29. /ip pool
  30. add name=dhcp ranges=192.168.88.10-192.168.88.254
  31. add name=pool1 ranges=192.168.78.10-192.168.78.254
  32. /ip dhcp-server
  33. add address-pool=dhcp disabled=no interface=bridge name=defconf
  34. add address-pool=pool1 disabled=no interface=wlan2 name=server1
  35. /interface bridge port
  36. add bridge=bridge comment=defconf interface=ether2
  37. add bridge=bridge comment=defconf interface=ether3
  38. add bridge=bridge comment=defconf interface=ether4
  39. add bridge=bridge comment=defconf interface=ether5
  40. add bridge=bridge comment=defconf interface=wlan1
  41. /ip neighbor discovery-settings
  42. set discover-interface-list=LAN
  43. /interface list member
  44. add comment=defconf interface=bridge list=LAN
  45. add comment=defconf interface=ether1 list=WAN
  46. add interface=pptp-ps4 list=LAN
  47. /ip address
  48. add address=192.168.88.1/24 comment=defconf interface=ether2 network=\
  49. 192.168.88.0
  50. add address=192.168.78.1/24 interface=wlan2 network=192.168.78.0
  51. /ip dhcp-client
  52. add comment=defconf dhcp-options=hostname,clientid disabled=no interface=\
  53. ether1
  54. /ip dhcp-server network
  55. add address=192.168.78.0/24 gateway=192.168.78.1
  56. add address=192.168.88.0/24 comment=defconf gateway=192.168.88.1
  57. /ip dns
  58. set allow-remote-requests=yes
  59. /ip dns static
  60. add address=192.168.88.1 comment=defconf name=router.lan
  61. /ip firewall address-list
  62. add address=192.168.78.1-192.168.78.254 list=wlan2
  63. /ip firewall filter
  64. add action=accept chain=input comment=\
  65. "defconf: accept established,related,untracked" connection-state=\
  66. established,related,untracked
  67. add action=drop chain=input comment="defconf: drop invalid" connection-state=\
  68. invalid
  69. add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
  70. add action=accept chain=forward in-interface=wlan2 out-interface=pptp-ps4 \
  71. src-address=192.168.78.0/24
  72. add action=accept chain=input comment=\
  73. "defconf: accept to local loopback (for CAPsMAN)" dst-address=127.0.0.1
  74. add action=drop chain=input comment="defconf: drop all not coming from LAN" \
  75. in-interface-list=!LAN
  76. add action=accept chain=forward comment="defconf: accept in ipsec policy" \
  77. ipsec-policy=in,ipsec
  78. add action=accept chain=forward comment="defconf: accept out ipsec policy" \
  79. ipsec-policy=out,ipsec
  80. add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
  81. connection-state=established,related
  82. add action=accept chain=forward comment=\
  83. "defconf: accept established,related, untracked" connection-state=\
  84. established,related,untracked
  85. add action=drop chain=forward comment="defconf: drop invalid" \
  86. connection-state=invalid
  87. add action=drop chain=forward comment=\
  88. "defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
  89. connection-state=new in-interface-list=WAN
  90. /ip firewall mangle
  91. add action=mark-routing chain=prerouting comment=pptpspb new-routing-mark=\
  92. wlan2 passthrough=no src-address=192.168.78.0/24 src-address-list=wlan2
  93. /ip firewall nat
  94. add action=masquerade chain=srcnat comment="defconf: masquerade" \
  95. ipsec-policy=out,none out-interface-list=WAN
  96. add action=masquerade chain=srcnat out-interface=pptp-ps4 src-address=\
  97. 192.168.78.0/24
  98. add action=masquerade chain=srcnat out-interface=pptp-ps4 src-address=\
  99. 192.168.88.0/24
  100. /ip route
  101. add distance=1 gateway=pptp-ps4 routing-mark=wlan2
  102. /ip route rule
  103. add interface=pptp-ps4 routing-mark=wlan2 src-address=192.168.78.0/24 table=\
  104. wlan2
  105. add dst-address=192.168.78.0/24 interface=wlan2 routing-mark=wlan2 table=\
  106. wlan2
  107. /system clock
  108. set time-zone-name=Europe/Moscow
  109. /tool mac-server
  110. set allowed-interface-list=LAN
  111. /tool mac-server mac-winbox
  112. set allowed-interface-list=LAN
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!