Guest User

Untitled

a guest
Aug 23rd, 2019
214
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. [busadmin@mayak01_freewifi] > export
  2. # aug/16/2019 10:22:39 by RouterOS 6.43.4
  3. # software id = REMU-NLIH
  4. #
  5. # model = RouterBOARD 941-2nD
  6. # serial number = 8B0E08C682B7
  7. /interface bridge
  8. add arp=reply-only comment=MGMT fast-forward=no name=bridge-vlan250-mgmt
  9. add comment=freewifi fast-forward=no name=bridge-vlan519-freewifi
  10. add arp=disabled name=cap
  11. add name=lan
  12. /interface wireless
  13. set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-Ce disabled=no distance=indoors frequency=auto \
  14. mode=ap-bridge ssid=_FreeWiFi wireless-protocol=802.11
  15. /interface ethernet
  16. set [ find default-name=ether1 ] advertise=10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full mac-address=\
  17. CC:2D:E0:5F:04:9F
  18. set [ find default-name=ether2 ] advertise=10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full mac-address=\
  19. CC:2D:E0:5F:04:A0
  20. set [ find default-name=ether3 ] advertise=10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full mac-address=\
  21. CC:2D:E0:5F:04:A1
  22. set [ find default-name=ether4 ] advertise=10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full mac-address=\
  23. CC:2D:E0:5F:04:A2
  24. /interface l2tp-client
  25. add allow=mschap2 connect-to=185.46.198.156 disabled=no mrru=1600 name=vpn01 password=2tn2i2WnVA user=fw095
  26. /interface eoip
  27. add arp=disabled local-address=10.100.25.95 mac-address=FE:2D:8E:FD:6F:2C name=eoip-cap remote-address=10.100.24.1 \
  28. tunnel-id=95
  29. /interface vlan
  30. add interface=ether1 name=vlan1 vlan-id=250
  31. add interface=cap name=vlan2 vlan-id=519
  32. /interface list
  33. add comment=defconf name=WAN
  34. add comment=defconf name=LAN
  35. add exclude=dynamic name=discover
  36. add name=mactel
  37. add name=mac-winbox
  38. /interface wireless security-profiles
  39. set [ find default=yes ] supplicant-identity=MikroTik
  40. /snmp community
  41. set [ find default=yes ] addresses=10.100.24.1/32
  42. /interface bridge port
  43. add bridge=cap interface=wlan1
  44. add bridge=cap interface=eoip-cap
  45. add bridge=lan hw=no interface=ether1
  46. add bridge=lan hw=no interface=ether3
  47. /ip neighbor discovery-settings
  48. set discover-interface-list=discover
  49. /interface list member
  50. add comment=defconf list=LAN
  51. add comment=defconf interface=ether1 list=WAN
  52. add interface=wlan1 list=discover
  53. add interface=ether2 list=discover
  54. add interface=ether3 list=discover
  55. add interface=ether4 list=discover
  56. add interface=cap list=discover
  57. add interface=vpn01 list=discover
  58. add interface=eoip-cap list=discover
  59. add interface=lan list=discover
  60. add list=mactel
  61. add list=mac-winbox
  62. /ip address
  63. add address=10.0.25.95/21 interface=ether2 network=10.0.24.0
  64. /ip dhcp-client
  65. add dhcp-options=hostname,clientid disabled=no interface=lan use-peer-dns=no use-peer-ntp=no
  66. /ip dns
  67. set servers=8.8.8.8,8.8.4.4
  68. /ip firewall filter
  69. add action=accept chain=forward comment="defconf: accept established,related, untracked" connection-state=\
  70. established,related,untracked
  71. add action=drop chain=forward comment="defconf: drop invalid" connection-state=invalid
  72. add action=drop chain=forward comment="defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
  73. connection-state=new in-interface-list=WAN
  74. add chain=input in-interface=all-ppp
  75. add chain=input connection-state=established,related
  76. add action=drop chain=input connection-state=invalid
  77. add chain=input protocol=icmp
  78. add chain=input dst-port=22 protocol=tcp src-address=91.240.25.0/24
  79. add chain=input dst-port=22 protocol=tcp src-address=185.46.196.0/22
  80. add chain=input dst-port=22 protocol=tcp src-address=10.0.7.0/24
  81. add chain=input dst-port=22 protocol=tcp src-address=10.7.0.0/16
  82. add chain=input dst-port=22 protocol=tcp src-address=10.0.24.0/21
  83. add action=drop chain=input
  84. /ip service
  85. set telnet disabled=yes
  86. set ftp disabled=yes
  87. set www disabled=yes
  88. set winbox disabled=yes
  89. set api-ssl disabled=yes
  90. /snmp
  91. set contact=admin enabled=yes location=l
  92. /system clock
  93. set time-zone-name=Asia/Yekaterinburg
  94. /system identity
  95. set name=mayak01_freewifi
  96. /system ntp client
  97. set enabled=yes server-dns-names=0.pool.ntp.org
  98. /system routerboard settings
  99. set silent-boot=no
  100. /tool mac-server
  101. set allowed-interface-list=mactel
  102. /tool mac-server mac-winbox
  103. set allowed-interface-list=mac-winbox
RAW Paste Data