API tools faq
paste
Advertisement
Guest User

Mikrotik

a guest
Jul 11th, 2016
157
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 14.58 KB | None | 0 0
raw download clone embed print report
  1. # jul/11/2016 10:13:27 by RouterOS 6.34.6
  2. # software id = UPA0-2NBC
  3. #
  4. /interface ethernet
  5. set [ find default-name=ether1 ] comment="Wan ISP1"
  6. set [ find default-name=ether2 ] comment=Local
  7. /ip neighbor discovery
  8. set ether1 comment="Wan ISP1" discover=no
  9. set ether2 comment=Local
  10. /interface vlan
  11. add comment="\D3\EF\F0\E0\E2\EB\E5\ED\E8\E5 \F3\F1\F2\F0\EE\E9\F1\F2\E2\E0\EC\
  12. \E8 \E2 \F1\E5\F2\E8 (\EA\EE\EC\EC\F3\F2\E0\F2\EE\F0\FB)" interface=\
  13. ether2 name=ManagementVlan2 vlan-id=2
  14. add comment="\D0\E5\F1\F2\EE\F0\E0\ED Dublin" interface=ether2 name=\
  15. RestoranDublinVlan5 vlan-id=5
  16. add comment="\D0\E5\F1\F2\EE\F0\E0\ED London" interface=ether2 name=\
  17. RestoranLondonVlan6 vlan-id=6
  18. add comment="\D1\E5\F2\FC \E4\EB\FF \F1\E5\F0\E2\E5\F0\EE\E2" interface=\
  19. ether2 name=ServersVlan3 vlan-id=3
  20. add comment="\DD\F2\E0\E6 1" interface=ether2 name=Stage1Vlan10 vlan-id=10
  21. add comment="\DD\F2\E0\E6 2" interface=ether2 name=Stage2Vlan20 vlan-id=20
  22. add comment="\DD\F2\E0\E6 3" interface=ether2 name=Stage3Vlan30 vlan-id=30
  23. add comment="\DD\F2\E0\E6 4 " interface=ether2 name=Stage4Vlan40 vlan-id=40
  24. add comment="\CF\E5\F0\F1\EE\ED\E0\EB \E3\EE\F1\F2\E8\ED\E8\F6\FB" interface=\
  25. ether2 name=Teh.PersonalVlan9 vlan-id=9
  26. add comment="\CD\E5 \EE\E3\F0\E0\ED\E8\F7\E5\ED\ED\E0\FF \F1\E5\F2\FC \E4\EB\
  27. \FF \F0\F3\EA-\E2\E0" interface=ether2 name=UnlimitedSpeedVlan7 vlan-id=7
  28. add comment=\
  29. "\D1\E5\F2\FC \E4\EB\FF \E2\E8\E4\E5\EE\ED\E0\E1\EB\FE\E4\E5\ED\E8\FF" \
  30. interface=ether2 name=VideoVlan4 vlan-id=4
  31. /ip neighbor discovery
  32. set ManagementVlan2 comment="\D3\EF\F0\E0\E2\EB\E5\ED\E8\E5 \F3\F1\F2\F0\EE\E9\
  33. \F1\F2\E2\E0\EC\E8 \E2 \F1\E5\F2\E8 (\EA\EE\EC\EC\F3\F2\E0\F2\EE\F0\FB)"
  34. set RestoranDublinVlan5 comment="\D0\E5\F1\F2\EE\F0\E0\ED Dublin" discover=no
  35. set RestoranLondonVlan6 comment="\D0\E5\F1\F2\EE\F0\E0\ED London" discover=no
  36. set ServersVlan3 comment="\D1\E5\F2\FC \E4\EB\FF \F1\E5\F0\E2\E5\F0\EE\E2"
  37. set Stage1Vlan10 comment="\DD\F2\E0\E6 1" discover=no
  38. set Stage2Vlan20 comment="\DD\F2\E0\E6 2" discover=no
  39. set Stage3Vlan30 comment="\DD\F2\E0\E6 3" discover=no
  40. set Stage4Vlan40 comment="\DD\F2\E0\E6 4 " discover=no
  41. set Teh.PersonalVlan9 comment=\
  42. "\CF\E5\F0\F1\EE\ED\E0\EB \E3\EE\F1\F2\E8\ED\E8\F6\FB"
  43. set UnlimitedSpeedVlan7 comment="\CD\E5 \EE\E3\F0\E0\ED\E8\F7\E5\ED\ED\E0\FF \
  44. \F1\E5\F2\FC \E4\EB\FF \F0\F3\EA-\E2\E0" discover=no
  45. set VideoVlan4 comment=\
  46. "\D1\E5\F2\FC \E4\EB\FF \E2\E8\E4\E5\EE\ED\E0\E1\EB\FE\E4\E5\ED\E8\FF" \
  47. discover=no
  48. /ip pool
  49. add name=poolVlan3 ranges=172.16.3.30-172.16.3.254
  50. add name=poolVlan9 ranges=172.16.9.30-172.16.9.254
  51. add name=poolVlan10 ranges=172.16.10.30-172.16.10.254
  52. add name=poolVan20 ranges=172.16.20.30-172.16.20.254
  53. add name=poolVlan30 ranges=172.16.30.30-172.16.30.254
  54. add name=poolVlan40 ranges=172.16.40.30-172.16.40.254
  55. add name=poolVlan2 ranges=172.16.1.30-172.16.1.254
  56. add name=poolVlan4 ranges=172.16.4.30-172.16.4.254
  57. add name=poolVlan5 ranges=172.16.5.30-172.16.5.254
  58. add name=poolVlan6 ranges=172.16.6.30-172.16.6.254
  59. add name=poolVlan7 ranges=172.16.7.30-172.16.7.254
  60. /ip dhcp-server
  61. add add-arp=yes address-pool=poolVlan2 authoritative=yes disabled=no \
  62. interface=ManagementVlan2 name=ServerdhcpVlan2
  63. add add-arp=yes address-pool=poolVlan3 authoritative=yes disabled=no \
  64. interface=ServersVlan3 name=ServerdhcpVlan3
  65. add add-arp=yes address-pool=poolVlan9 authoritative=yes disabled=no \
  66. interface=Teh.PersonalVlan9 name=ServerdhcpVlan9
  67. add add-arp=yes address-pool=poolVlan10 authoritative=yes disabled=no \
  68. interface=Stage1Vlan10 name=ServerdhcpVlan10
  69. add add-arp=yes address-pool=poolVlan40 authoritative=yes disabled=no \
  70. interface=Stage4Vlan40 name=ServerdhcpVlan40
  71. add add-arp=yes address-pool=poolVlan30 authoritative=yes disabled=no \
  72. interface=Stage3Vlan30 name=ServerdhcpVlan30
  73. add add-arp=yes address-pool=poolVan20 authoritative=yes disabled=no \
  74. interface=Stage2Vlan20 name=ServerdhcpVlan20
  75. add add-arp=yes address-pool=poolVlan4 authoritative=yes disabled=no \
  76. interface=VideoVlan4 name=ServerdhcpVlan4
  77. add add-arp=yes address-pool=poolVlan5 authoritative=yes disabled=no \
  78. interface=RestoranDublinVlan5 name=ServerdhcpVlan5
  79. add add-arp=yes address-pool=poolVlan6 authoritative=yes disabled=no \
  80. interface=RestoranLondonVlan6 name=ServerdhcpVlan6
  81. add add-arp=yes address-pool=poolVlan7 authoritative=yes disabled=no \
  82. interface=UnlimitedSpeedVlan7 name=ServerdhcpVlan7
  83. /queue simple
  84. add burst-threshold=512k/512k burst-time=30s/30s comment="\CE\E3\F0\E0\ED\E8\
  85. \F7\E5\ED\E8\E5 \F1\EA\EE\F0\EE\F1\F2\E8 \ED\E0 512 Kbit/s \FD\F2\E0\E6 1" \
  86. max-limit=512k/512k name="UpLoad\\downloadVlan10" target=Stage1Vlan10
  87. add burst-threshold=512k/512k burst-time=30s/30s comment="\CE\E3\F0\E0\ED\E8\
  88. \F7\E5\ED\E8\E5 \F1\EA\EE\F0\EE\F1\F2\E8 \ED\E0 512 Kbit/s \FD\F2\E0\E6 2" \
  89. max-limit=512k/512k name="UpLoad\\downloadVlan20" target=Stage2Vlan20
  90. add burst-threshold=512k/512k burst-time=30s/30s comment="\CE\E3\F0\E0\ED\E8\
  91. \F7\E5\ED\E8\E5 \F1\EA\EE\F0\EE\F1\F2\E8 \ED\E0 512 Kbit/s \FD\F2\E0\E6 3" \
  92. max-limit=512k/512k name="UpLoad\\downloadVlan30" target=Stage3Vlan30
  93. add burst-threshold=512k/512k burst-time=30s/30s comment="\CE\E3\F0\E0\ED\E8\
  94. \F7\E5\ED\E8\E5 \F1\EA\EE\F0\EE\F1\F2\E8 \ED\E0 512 Kbit/s \FD\F2\E0\E6 4" \
  95. max-limit=512k/512k name="UpLoad\\downloadVlan40" target=Stage4Vlan40
  96. add burst-threshold=512k/512k burst-time=30s/30s comment="\CE\E3\F0\E0\ED\E8\
  97. \F7\E5\ED\E8\E5 \F1\EA\EE\F0\EE\F1\F2\E8 \ED\E0 512 Kbit/s \F1\E5\F2\FC \
  98. \EF\E5\F0\F1\EE\ED\E0\EB\E0" max-limit=512k/512k name=\
  99. "UpLoad\\downloadVlan9" target=Teh.PersonalVlan9
  100. add burst-threshold=512k/512k burst-time=30s/30s comment="\CE\E3\F0\E0\ED\E8\
  101. \F7\E5\ED\E8\E5 \F1\EA\EE\F0\EE\F1\F2\E8 \ED\E0 512 Kbit/s \F0\E5\F1\F2\EE\
  102. \F0\E0\ED Dublin" max-limit=512k/512k name="Upload\\downloadVlan5" \
  103. target=RestoranDublinVlan5
  104. add burst-threshold=512k/512k burst-time=30s/30s comment="\CE\E3\F0\E0\ED\E8\
  105. \F7\E5\ED\E8\E5 \F1\EA\EE\F0\EE\F1\F2\E8 \ED\E0 512 Kbit/s \F0\E5\F1\F2\EE\
  106. \F0\E0\ED London" max-limit=512k/512k name="UpLoad\\downloadVlan6" \
  107. target=RestoranLondonVlan6
  108. /tool user-manager customer
  109. set admin access=\
  110. own-routers,own-users,own-profiles,own-limits,config-payment-gw
  111. /interface pptp-server server
  112. set enabled=yes
  113. /ip address
  114. add address=172.16.1.1/24 comment="\D1\E5\F2\FC \F3\EF\F0\E0\E2\EB\E5\ED\E8\FF\
  115. \_\F3\F1\F2\F0\EE\E9\F1\F2\E2\E0\EC\E8" interface=ManagementVlan2 \
  116. network=172.16.1.0
  117. add address=172.16.9.1/24 comment="\D1\E5\F2\FC \E4\EB\FF \EF\E5\F0\F1\EE\ED\
  118. \E0\EB\E0 \E3\EE\F1\F2\E8\ED\E8\F6\FB" interface=Teh.PersonalVlan9 \
  119. network=172.16.9.0
  120. add address=172.16.10.1/24 comment="\DD\F2\E0\E6 1" interface=Stage1Vlan10 \
  121. network=172.16.10.0
  122. add address=172.16.20.1/24 comment="\DD\F2\E0\E6 2" interface=Stage2Vlan20 \
  123. network=172.16.20.0
  124. add address=172.16.30.1/24 comment="\DD\F2\E0\E6 3" interface=Stage3Vlan30 \
  125. network=172.16.30.0
  126. add address=172.16.40.1/24 comment="\DD\F2\E0\E6 4" interface=Stage4Vlan40 \
  127. network=172.16.40.0
  128. add address=172.16.3.1/24 comment=\
  129. "\D1\E5\F2\FC \E4\EB\FF \F1\E5\F0\E2\E5\F0\EE\E2" interface=ServersVlan3 \
  130. network=172.16.3.0
  131. add address=172.16.4.1/24 comment=\
  132. "\D1\E5\F2\FC \E2\E8\E4\E5\EE\ED\E0\E1\EB\FE\E4\E5\ED\E8\FF" interface=\
  133. VideoVlan4 network=172.16.4.0
  134. add address=172.16.5.1/24 comment="\D0\E5\F1\F2\EE\F0\E0\ED Dublin" \
  135. interface=RestoranDublinVlan5 network=172.16.5.0
  136. add address=172.16.6.1/24 comment="\D0\E5\F1\F2\EE\F0\E0\ED London" \
  137. interface=RestoranLondonVlan6 network=172.16.6.0
  138. add address=172.16.7.1/24 comment="\D1\E5\F2\FC \F1 \ED\E5\EE\E3\F0\E0\ED\E8\
  139. \F7\E5\ED\ED\EE\E9 \F1\EA\EE\F0\EE\F1\F2\FC\FE \E4\EB\FF \F0\F3\EA-\E2\E0" \
  140. interface=UnlimitedSpeedVlan7 network=172.16.7.0
  141. /ip dhcp-client
  142. add default-route-distance=0 dhcp-options=hostname,clientid disabled=no \
  143. interface=ether1
  144. /ip dhcp-server network
  145. add address=172.16.1.0/24 dns-server=172.16.1.1 gateway=172.16.1.1
  146. add address=172.16.3.0/24 dns-server=172.16.3.1 gateway=172.16.3.1
  147. add address=172.16.4.0/24 dns-server=172.16.4.1 gateway=172.16.4.1
  148. add address=172.16.5.0/24 dns-server=172.16.5.1 gateway=172.16.5.1
  149. add address=172.16.6.0/24 dns-server=172.16.6.1 gateway=172.16.6.1
  150. add address=172.16.7.0/24 dns-server=172.16.7.1 gateway=172.16.7.1
  151. add address=172.16.9.0/24 dns-server=172.16.9.1 gateway=172.16.9.1
  152. add address=172.16.10.0/24 dns-server=172.16.10.1 gateway=172.16.10.1
  153. add address=172.16.20.0/24 dns-server=172.16.20.1 gateway=172.16.20.1
  154. add address=172.16.30.0/24 dns-server=172.16.30.1 gateway=172.16.30.1
  155. add address=172.16.40.0/24 dns-server=172.16.40.1 gateway=172.16.40.1
  156. /ip dns
  157. set allow-remote-requests=yes servers=100.100.100.100
  158. /ip firewall filter
  159. add chain=input comment="\D3\E4\E0\EB\E5\ED\ED\FB\E9 \E4\EE\F1\F2\F3\EF \E2 \
  160. \F0\EE\F3\F2\E5\F0 Mikrotik WinBox" dst-port=8291 protocol=tcp
  161. add chain=input comment="PPTP VPN \E4\EE\F1\F2\F3\EF \EA \F1\E5\F2\E8" \
  162. dst-port=1723 protocol=tcp
  163. add chain=input comment=GRE protocol=gre
  164. add action=drop chain=forward dst-address=172.16.10.0/24 src-address=\
  165. 172.16.3.0/24
  166. add action=drop chain=forward dst-address=172.16.3.0/24 src-address=\
  167. 172.16.10.0/24
  168. /ip firewall nat
  169. add action=masquerade chain=srcnat comment=\
  170. "Nat \E2\FB\F5\EE\E4 \E2 \E8\ED\F2\E5\F0\ED\E5\F2" out-interface=ether1
  171. add action=netmap chain=dstnat comment=\
  172. "Nat \D1\E5\F0\E2\E5\F0 \D2\E5\F0\EC\E8\ED\E0\EB\EE\E2" dst-port=3389 \
  173. in-interface=ether1 protocol=tcp to-addresses=172.16.3.2 to-ports=3389
  174. add action=redirect chain=dstnat comment=\
  175. "\D3\E4\E0\EB\E5\ED\ED\FB\E9 \E4\EE\F1\F2\F3\EF \EA Mikrotik \EF\EE web" \
  176. dst-port=25 in-interface=ether1 protocol=tcp to-ports=80
  177. /ip service
  178. set telnet disabled=yes
  179. set ftp disabled=yes
  180. set www address=178.236.242.166/32,172.16.9.0/24,213.234.25.92/32
  181. set ssh port=24
  182. set api disabled=yes
  183. set winbox address=178.236.242.166/32,172.16.9.0/24,213.234.25.92/32
  184. set api-ssl disabled=yes
  185. /ppp secret
  186. add comment="\C0\E4\EC\E8\ED\E8\F1\F2\F0\E0\F2\EE\F0 \F1\E5\F2\E8" \
  187. local-address=172.16.9.1 name=Wizart password=HXXB4-XR9QR remote-address=\
  188. 172.16.9.3 service=pptp
  189. /system clock
  190. set time-zone-autodetect=no time-zone-name=Europe/Moscow
  191. /system lcd
  192. set contrast=0 enabled=no port=parallel type=24x4
  193. /system lcd page
  194. set time disabled=yes display-time=5s
  195. set resources disabled=yes display-time=5s
  196. set uptime disabled=yes display-time=5s
  197. set packets disabled=yes display-time=5s
  198. set bits disabled=yes display-time=5s
  199. set version disabled=yes display-time=5s
  200. set identity disabled=yes display-time=5s
  201. set VideoVlan4 disabled=yes display-time=5s
  202. set UnlimitedSpeedVlan7 disabled=yes display-time=5s
  203. set Teh.PersonalVlan9 disabled=yes display-time=5s
  204. set Stage4Vlan40 disabled=yes display-time=5s
  205. set ether1 disabled=yes display-time=5s
  206. set ether2 disabled=yes display-time=5s
  207. set Stage3Vlan30 disabled=yes display-time=5s
  208. set Stage2Vlan20 disabled=yes display-time=5s
  209. set Stage1Vlan10 disabled=yes display-time=5s
  210. set ServersVlan3 disabled=yes display-time=5s
  211. set RestoranLondonVlan6 disabled=yes display-time=5s
  212. set RestoranDublinVlan5 disabled=yes display-time=5s
  213. set ManagementVlan2 disabled=yes display-time=5s
  214. /system ntp client
  215. set enabled=yes primary-ntp=88.147.254.232 secondary-ntp=88.147.254.235
  216. /system scheduler
  217. add interval=10m name=Send_beckup_to_email on-event=\
  218. "/system script run backup_to_mail" policy=\
  219. ftp,reboot,read,write,policy,test,password,sniff,sensitive start-date=\
  220. jul/10/2016 start-time=21:42:45
  221. /system script
  222. add comment="\C1\FD\EA\E0\EF \ED\E0\F1\F2\F0\EE\E5\EA \F0\EE\F3\F2\E5\F0\E0" \
  223. name=Backup_to_mail owner=admin policy=\
  224. ftp,reboot,read,write,policy,test,password,sniff,sensitive source="{\r\
  225. \n:log info \"Starting Backup Script...\";\r\
  226. \n:local sysname [/system identity get name];\r\
  227. \n:local sysver [/system package get system version];\r\
  228. \n:log info \"Flushing DNS cache...\";\r\
  229. \n/ip dns cache flush;\r\
  230. \n:delay 2;\r\
  231. \n:log info \"Deleting last Backups...\";\r\
  232. \n:foreach i in=[/file find] do={:if ([:typeof [:find [/file get \$i name]\
  233. \_\\\r\
  234. \n\"\$sysname-backup-\"]]!=\"nil\") do={/file remove \$i}};\r\
  235. \n:delay 2;\r\
  236. \n:local smtpserv [:resolve \"smtp.gmail.com\"];\r\
  237. \n:local Eaccount \"igor.krivintsov@gmail.com\";\r\
  238. \n:local pass \"Gfhjkm1978\";\r\
  239. \n:local backupfile (\"\$sysname-backup-\" . \\\r\
  240. \n[:pick [/system clock get date] 7 11] . [:pick [/system \\\r\
  241. \nclock get date] 0 3] . [:pick [/system clock get date] 4 6] . \".backup\
  242. \");\r\
  243. \n:log info \"Creating new Full Backup file...\";\r\
  244. \n/system backup save name=\$backupfile;\r\
  245. \n:delay 2;\r\
  246. \n:log info \"Sending Full Backup file via E-mail...\";\r\
  247. \n/tool e-mail send from=\"<\$Eaccount>\" to=\$Eaccount server=\$smtpserv \
  248. \\\r\
  249. \nport=587 user=\$Eaccount password=\$pass start-tls=yes file=\$backupfile\
  250. \_\\\r\
  251. \nsubject=(\"\$sysname Full Backup (\" . [/system clock get date] . \")\")\
  252. \_\\\r\
  253. \nbody=(\"\$sysname full Backup file see in attachment.\\nRouterOS version\
  254. : \\\r\
  255. \n\$sysver\\nTime and Date stamp: \" . [/system clock get time] . \" \" . \
  256. \\\r\
  257. \n[/system clock get date]);\r\
  258. \n:delay 5;\r\
  259. \n:local exportfile (\"\$sysname-backup-\" . \\\r\
  260. \n[:pick [/system clock get date] 7 11] . [:pick [/system \\\r\
  261. \nclock get date] 0 3] . [:pick [/system clock get date] 4 6] . \".rsc\");\
  262. \r\
  263. \n:log info \"Creating new Setup Script file...\";\r\
  264. \n/export verbose file=\$exportfile;\r\
  265. \n:delay 2;\r\
  266. \n:log info \"Sending Setup Script file via E-mail...\";\r\
  267. \n/tool e-mail send from=\"<\$Eaccount>\" to=\$Eaccount server=\$smtpserv \
  268. \\\r\
  269. \nport=587 user=\$Eaccount password=\$pass start-tls=yes file=\$exportfile\
  270. \_\\\r\
  271. \nsubject=(\"\$sysname Setup Script Backup (\" . [/system clock get date] \
  272. . \\\r\
  273. \n\")\") body=(\"\$sysname Setup Script file see in attachment.\\nRouterOS\
  274. \_\\\r\
  275. \nversion: \$sysver\\nTime and Date stamp: \" . [/system clock get time] .\
  276. \_\" \\\r\
  277. \n\" . [/system clock get date]);\r\
  278. \n:delay 5;\r\
  279. \n:log info \"All System Backups emailed successfully.\\nBackuping complet\
  280. ed.\";\r\
  281. \n}"
  282. /tool mac-server
  283. set [ find default=yes ] disabled=yes
  284. add interface=ServersVlan3
  285. add interface=Teh.PersonalVlan9
  286. /tool mac-server mac-winbox
  287. add interface=Teh.PersonalVlan9
  288. add interface=ServersVlan3
  289. /tool user-manager database
  290. set db-path=user-manager
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!