API tools faq
paste
Advertisement
Guest User

hotspotcfg

a guest
Jun 8th, 2023
62
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 14.89 KB | None | 0 0
raw download clone embed print report
  1. # 2023-06-08 12:18:12 by RouterOS 7.10rc4
  2. # software id =
  3. #
  4. # model =
  5. # serial number =
  6. /interface bridge add name=bridge_hotspot
  7. /interface bridge add ingress-filtering=no name=bridge_lan vlan-filtering=yes
  8. /interface ethernet set [ find default-name=ether2 ] disabled=yes name=ether2_fried
  9. /interface ethernet set [ find default-name=ether3 ] disabled=yes name=ether3_fried
  10. /interface wireless set [ find default-name=wlan2 ] adaptive-noise-immunity=ap-and-client-mode band=2ghz-g/n country="south africa" disabled=no disconnect-timeout=12s frequency=2412 frequency-mode=manual-txpower hw-retries=15 installation=outdoor mode=ap-bridge name=wlan1_5ghz ssid=myhotspot tx-power=30 tx-power-mode=all-rates-fixed wps-mode=disabled
  11. /interface wireless set [ find default-name=wlan1 ] country="south africa" mode=ap-bridge name=wlan2_2ghz ssid=myhotspot tx-power=7 tx-power-mode=all-rates-fixed
  12. /interface wireguard add disabled=yes listen-port=24089 mtu=1400 name=wg-cloudfare-warp private-key="censored"
  13. /interface vlan add interface=bridge_lan name=vlan13_hotspot vlan-id=13
  14. /interface list add name=wan
  15. /interface list add name=lan
  16. /interface wireless security-profiles set [ find default=yes ] supplicant-identity=MikroTik
  17. /ip pool add name=hotspot_landing ranges=100.124.0.100-100.124.0.199
  18. /ip pool add name=hotspot_trial ranges=100.124.1.100-100.124.1.199
  19. /ip pool add name=hotspot_paid ranges=100.124.2.100-100.124.2.199
  20. /ip pool add name=hotspot_pool ranges=100.124.0.100-100.124.3.199
  21. /ip dhcp-server add address-pool=hotspot_landing interface=bridge_hotspot lease-time=3d name=dhcp_hotspot_landing
  22. /ip hotspot user profile set [ find default=yes ] address-pool=hotspot_landing name=hotspot_landing
  23. /ip hotspot user profile add address-pool=hotspot_trial name=hotspot_trial rate-limit=2M/4M
  24. /ip hotspot user profile add address-pool=hotspot_paid name=hotspot_paid_4Mx2M rate-limit=2M/4M
  25. /ip hotspot user profile add address-pool=hotspot_paid name=hotspot_paid_2Mx1M rate-limit=1M/2M
  26. /ip hotspot user profile add address-pool=hotspot_paid name=hotspot_paid_10Mx10M rate-limit=10M/10M
  27. /ip hotspot profile add dns-name=portal.myhotspot.co.za hotspot-address=100.124.0.1 login-by=cookie,http-chap,trial name=hsprof1 trial-uptime-limit=15m trial-user-profile=hotspot_trial
  28. /ip hotspot add address-pool=hotspot_pool disabled=no interface=bridge_hotspot name=hotspot1 profile=hsprof1
  29. /port set 0 name=serial0
  30. /queue simple add max-limit=384k/512k name=hotspot_landing queue=pcq-upload-default/pcq-download-default target=100.124.0.0/24
  31. /routing table add disabled=no fib name=to_warp
  32. /routing table add disabled=no fib name=to_vlan13
  33. /interface bridge port add bridge=bridge_hotspot interface=wlan1_5ghz
  34. /interface bridge port add bridge=bridge_hotspot interface=wlan2_2ghz
  35. /interface bridge port add bridge=bridge_lan interface=ether1
  36. /interface bridge port add bridge=bridge_hotspot interface=vlan13_hotspot
  37. /ip firewall connection tracking set udp-timeout=20s
  38. /interface bridge vlan add bridge=bridge_lan tagged=bridge_lan,ether1 vlan-ids=13
  39. /interface list member add interface=ether1 list=lan
  40. /interface list member add interface=wg-cloudfare-warp list=wan
  41. /interface list member add interface=vlan13_hotspot list=wan
  42. /interface wireguard peers add allowed-address=172.16.0.1/32,0.0.0.0/0 disabled=yes endpoint-address=162.159.192.1 endpoint-port=2408 interface=wg-cloudfare-warp public-key="bmXOC+F1FxEMF9dyiK2H5/1SUtzH0JuVo51h2wPfgyo="
  43. /ip address add address=100.124.0.1/22 comment=hotspot_landing interface=bridge_hotspot network=100.124.0.0
  44. /ip address add address=172.16.0.2 interface=wg-cloudfare-warp network=172.16.0.2
  45. /ip address add address=192.168.113.2/24 interface=bridge_lan network=192.168.113.0
  46. /ip address add address=100.124.2.1/24 comment=hotspot_paid disabled=yes interface=bridge_hotspot network=100.124.2.0
  47. /ip address add address=100.124.1.1/24 comment=hotspot_trial disabled=yes interface=bridge_hotspot network=100.124.1.0
  48. /ip dhcp-client add add-default-route=no interface=bridge_lan
  49. /ip dhcp-server network add address=100.124.0.0/22 comment="hotspot network" dns-server=100.124.0.1 gateway=100.124.0.1 ntp-server=100.124.0.1
  50. /ip dns set allow-remote-requests=yes servers=1.1.1.1,8.8.8.8,9.9.9.9 use-doh-server=https://1.1.1.1/dns-query verify-doh-cert=yes
  51. /ip dns static add address=100.124.1.1 disabled=yes name=portal.myhotspot.co.za ttl=5m
  52. /ip dns static add address=100.124.2.1 disabled=yes name=portal.myhotspot.co.za ttl=5m
  53. /ip dns static add disabled=yes forward-to=portal.myhotspot.co.za regexp="^*.1.1.124.100.in-addr.arpa\$" type=FWD
  54. /ip dns static add disabled=yes forward-to=portal.myhotspot.co.za regexp="^*.1.0.124.100.in-addr.arpa\$" type=FWD
  55. /ip dns static add disabled=yes forward-to=portal.myhotspot.co.za regexp="^*.1.2.124.100.in-addr.arpa\$" type=FWD
  56. /ip dns static add address=172.17.0.5 name=speedtest.myhotspot.co.za ttl=1m
  57. /ip firewall filter add action=drop chain=input comment="block tplink router (test for ping watchdog)" disabled=yes src-address=192.168.10.33
  58. /ip firewall filter add action=accept chain=forward comment="Vodacom VoWiFi" disabled=yes dst-address=41.1.162.233 dst-port=4500,500 out-interface=bridge_lan protocol=udp src-address=192.168.100.0/24
  59. /ip firewall filter add action=accept chain=forward comment="Vodacom VoWiFi" disabled=yes dst-address=41.1.162.233 dst-port=143 out-interface=bridge_lan protocol=tcp src-address=192.168.100.0/24
  60. /ip firewall filter add action=accept chain=forward comment="Other VoWiFi" disabled=yes dst-port=4500,500 log=yes out-interface=bridge_lan protocol=udp src-address=192.168.100.0/24
  61. /ip firewall filter add action=accept chain=forward comment="Other VoWiFi" disabled=yes dst-port=143 log=yes out-interface=bridge_lan protocol=tcp src-address=192.168.100.0/24
  62. /ip firewall filter add action=accept chain=forward comment="Vodacom VoWiFi" disabled=yes dst-address=192.168.100.0/24 in-interface=bridge_lan protocol=udp src-address=41.1.162.233 src-port=4500,500
  63. /ip firewall filter add action=accept chain=forward comment="Vodacom VoWiFi" disabled=yes dst-address=192.168.100.0/24 in-interface=bridge_lan protocol=tcp src-address=41.1.162.233 src-port=143
  64. /ip firewall filter add action=accept chain=forward comment="Other VoWiFi" disabled=yes dst-address=192.168.100.0/24 in-interface=bridge_lan protocol=udp src-port=4500,500
  65. /ip firewall filter add action=accept chain=forward comment="Other VoWiFi" disabled=yes dst-address=192.168.100.0/24 in-interface=bridge_lan protocol=tcp src-port=143
  66. /ip firewall filter add action=accept chain=forward comment="block hotspot" dst-address=172.17.0.5 src-address=100.124.0.0/16
  67. /ip firewall filter add action=drop chain=forward comment="block hotspot" dst-address=192.168.0.0/16 src-address=100.124.0.0/16
  68. /ip firewall filter add action=drop chain=forward comment="block hotspot" dst-address=172.16.0.0/12 src-address=100.124.0.0/16
  69. /ip firewall filter add action=drop chain=forward comment="block hotspot" dst-address=10.0.0.0/8 src-address=100.124.0.0/16
  70. /ip firewall filter add action=passthrough chain=unused-hs-chain comment="place hotspot rules here" disabled=yes
  71. /ip firewall mangle add action=mark-routing chain=prerouting comment="hotspot through warp" disabled=yes dst-address=!100.124.0.0/22 new-routing-mark=to_warp passthrough=yes src-address=100.124.0.0/22
  72. /ip firewall mangle add action=mark-routing chain=prerouting comment="hotspot through warp" disabled=yes dst-address=!192.168.100.0/24 new-routing-mark=to_vlan13 passthrough=yes src-address=192.168.100.0/24
  73. /ip firewall mangle add action=passthrough chain=prerouting comment="hotspot through warp" disabled=yes dst-address=41.1.162.233
  74. /ip firewall mangle add action=passthrough chain=prerouting comment="hotspot through warp" disabled=yes src-address=41.1.162.233
  75. /ip firewall nat add action=masquerade chain=srcnat disabled=yes out-interface=wg-cloudfare-warp
  76. /ip firewall nat add action=masquerade chain=srcnat disabled=yes out-interface-list=wan
  77. /ip firewall nat add action=dst-nat chain=dstnat disabled=yes dst-address=100.124.2.1 dst-address-type=local protocol=tcp to-addresses=100.124.0.1 to-ports=64874
  78. /ip firewall nat add action=dst-nat chain=dstnat disabled=yes dst-address=100.124.1.1 dst-address-type=local protocol=tcp to-addresses=100.124.0.1 to-ports=64874
  79. /ip firewall nat add action=passthrough chain=unused-hs-chain comment="place hotspot rules here" disabled=yes
  80. /ip firewall nat add action=masquerade chain=srcnat comment="masquerade hotspot network" src-address=100.124.0.0/24
  81. /ip firewall nat add action=masquerade chain=srcnat comment="masquerade hotspot trial network" src-address=100.124.1.0/24
  82. /ip firewall nat add action=masquerade chain=srcnat comment="masquerade hotspot paid network" src-address=100.124.2.0/24
  83. /ip hotspot user add name=admin password=mypassword profile=hotspot_paid_10Mx10M
  84. /ip hotspot walled-garden add comment="place hotspot rules here" disabled=yes
  85. /ip hotspot walled-garden add comment=opentime disabled=yes dst-host=*
  86. /ip hotspot walled-garden add comment="google (hotspot check)" disabled=yes dst-host=google.com
  87. /ip hotspot walled-garden add comment=test disabled=yes dst-host=*google*
  88. /ip hotspot walled-garden add action=deny comment="google (hotspot check)" disabled=yes dst-host=www.google.com
  89. /ip hotspot walled-garden add comment=google dst-host=*google.com
  90. /ip hotspot walled-garden add comment="google (hotspot check)" disabled=yes dst-host=www.google.com
  91. /ip hotspot walled-garden add comment=google dst-host=*google.co.za
  92. /ip hotspot walled-garden add comment="google api (needed by whatsapp)" dst-host=*.googleapis.com
  93. /ip hotspot walled-garden add comment="google connectivity check (needed by whatsapp)" dst-host=connectivitycheck.gstatic.com
  94. /ip hotspot walled-garden add comment="google clients (needed by whatsapp)" dst-host=clients*.google.com
  95. /ip hotspot walled-garden add comment="google play" dst-host=*.gvt2.com
  96. /ip hotspot walled-garden add comment="google play" dst-host=*.gvt1.com
  97. /ip hotspot walled-garden add comment="google play" dst-host=ghs.googlehosted.com
  98. /ip hotspot walled-garden add comment="google android" dst-host=time.android.com
  99. /ip hotspot walled-garden add comment=youtube dst-host=youtube.com
  100. /ip hotspot walled-garden add comment=youtube dst-host=*.youtube.com
  101. /ip hotspot walled-garden add comment=youtube dst-host=youtube-ui.l.google.com
  102. /ip hotspot walled-garden add comment=youtube dst-host=ytimg.com
  103. /ip hotspot walled-garden add comment=youtube dst-host=*.ytimg.com
  104. /ip hotspot walled-garden add comment=youtube dst-host=*.googlevideo.com
  105. /ip hotspot walled-garden add comment="whatsapp test" dst-host=mobile-gtalk.l.google.com
  106. /ip hotspot walled-garden add comment="whatsapp test" dst-host=*talk*.google.com
  107. /ip hotspot walled-garden add comment="whatsapp test" dst-host=*.cloudfront.net
  108. /ip hotspot walled-garden add comment=whatsapp dst-host=*.whatsapp.net
  109. /ip hotspot walled-garden add comment=whatsapp dst-host=*.whatsapp.com
  110. /ip hotspot walled-garden add comment=whatsapp dst-host=*wa.me
  111. /ip hotspot walled-garden add comment=facebook dst-host=graph.facebook.com
  112. /ip hotspot walled-garden add comment=facebook dst-host=star.c10r.facebook.com
  113. /ip hotspot walled-garden add comment=facebook dst-host=*.facebook.com
  114. /ip hotspot walled-garden add comment=facebook dst-host=*.facebook.net
  115. /ip hotspot walled-garden add comment=facebook dst-host=*.fbcdn.net
  116. /ip hotspot walled-garden add comment=instagram dst-host=*.instagram.com
  117. /ip hotspot walled-garden add comment=instagram dst-host=*.cdninstagram.com
  118. /ip hotspot walled-garden add comment=twitter dst-host=*twitter.com
  119. /ip hotspot walled-garden add comment=twitter dst-host=*twimg.com
  120. /ip hotspot walled-garden add comment=twitter dst-host=t.co
  121. /ip hotspot walled-garden add comment=twitter dst-host=*.t.co
  122. /ip hotspot walled-garden add comment=twitter dst-host=*video.twitter.map.fastly.net
  123. /ip hotspot walled-garden add comment=twitter dst-host=*twimg.twitter.map.fastly.net
  124. /ip hotspot walled-garden add comment=twitter dst-host=*.edgecastcdn.net
  125. /ip hotspot walled-garden add comment=twitter dst-host=*.edgecastdns.net
  126. /ip hotspot walled-garden add comment=twitter dst-host=*.ecdns.net
  127. /ip hotspot walled-garden add comment=eskomsepush dst-host=esp.info
  128. /ip hotspot walled-garden add comment=eskomsepush dst-host=*.esp.info
  129. /ip hotspot walled-garden add comment=truecaller dst-host=*.truecaller.com
  130. /ip hotspot walled-garden add comment=vowifi dst-host=*.3gppnetwork.org
  131. /ip hotspot walled-garden add comment=vodacom dst-host=*vodacom*
  132. /ip hotspot walled-garden add comment=telkom dst-host=*telkom*
  133. /ip hotspot walled-garden add comment=mtn dst-host=*mtn*
  134. /ip hotspot walled-garden add comment=cellc dst-host=*cellc*
  135. /ip hotspot walled-garden add comment=myhotspot disabled=yes dst-host=*.myhotspot.co.za
  136. /ip hotspot walled-garden ip add action=accept comment=vowifi disabled=no !dst-address !dst-address-list dst-port=4500 protocol=udp !src-address !src-address-list
  137. /ip hotspot walled-garden ip add action=accept comment=vowifi disabled=no !dst-address !dst-address-list dst-port=500 protocol=udp !src-address !src-address-list
  138. /ip hotspot walled-garden ip add action=accept comment=vowifi disabled=no !dst-address !dst-address-list dst-port=143 protocol=tcp !src-address !src-address-list
  139. /ip hotspot walled-garden ip add action=accept comment=ntp disabled=no !dst-address !dst-address-list dst-port=123 protocol=udp !src-address !src-address-list
  140. /ip hotspot walled-garden ip add action=accept comment=librespeed disabled=no dst-address=172.17.0.5 !dst-address-list !dst-port !protocol !src-address !src-address-list
  141. /ip route add comment=to_warp disabled=no distance=1 dst-address=0.0.0.0/0 gateway=wg-cloudfare-warp pref-src="" routing-table=to_warp scope=30 suppress-hw-offload=no target-scope=10
  142. /ip route add disabled=no distance=1 dst-address=1.1.1.1/32 gateway=wg-cloudfare-warp pref-src="" routing-table=main scope=30 suppress-hw-offload=no target-scope=10
  143. /ip route add comment=to_warp disabled=yes distance=1 dst-address=192.168.100.0/24 gateway=bridge_hotspot pref-src="" routing-table=to_warp scope=30 suppress-hw-offload=no target-scope=10
  144. /ip route add comment=to_vlan13 disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.113.1 pref-src="" routing-table=to_vlan13 scope=30 suppress-hw-offload=no target-scope=10
  145. /ip route add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.113.1 pref-src="" routing-table=main scope=30 suppress-hw-offload=no target-scope=10
  146. /routing rule add action=lookup disabled=yes src-address=192.168.100.0/24 table=to_warp
  147. /system clock set time-zone-name=Africa/Johannesburg
  148. /system identity set name=myhotspot_jhb1
  149. /system note set show-at-login=no
  150. /system package update set channel=development
  151. /system routerboard settings set auto-upgrade=yes enter-setup-on=delete-key
  152. /tool graphing set store-every=24hours
  153. /tool graphing interface add allow-address=192.168.10.0/24
  154. /tool graphing queue add allow-address=192.168.10.0/24
  155. /tool graphing resource add allow-address=192.168.10.0/24
  156. /tool romon set enabled=yes secrets=censored
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!