API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Oct 10th, 2017
151
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.17 KB | None | 0 0
raw download clone embed print report
  1. /interface bridge
  2. add fast-forward=no name=bridge-local
  3. /interface wireless
  4. set [ find default-name=wlan1 ] ssid=MikroTik
  5. /interface ethernet
  6. set [ find default-name=ether1 ] comment="WAN Stat.ip"
  7. set [ find default-name=ether4 ] master-port=ether3
  8. /interface pppoe-client
  9. add add-default-route=yes comment="WAN MTS" disabled=no interface=ether2 keepalive-timeout=60 name=MTS password=xxxxxxx user=yyyyyyyyy
  10. /ip neighbor discovery
  11. set MTS discover=no
  12. /interface list
  13. add name=WAN-List
  14. /interface wireless security-profiles
  15. set [ find default=yes ] supplicant-identity=MikroTik
  16. /interface bridge port
  17. add bridge=bridge-local interface=ether3
  18. /interface list member
  19. add interface=MTS list=WAN-List
  20. /ip address
  21. add address=192.168.10.1/24 interface=bridge-local network=192.168.10.0
  22. add address=192.168.1.13/24 interface=ether1 network=192.168.1.0
  23. /ip dns
  24. set allow-remote-requests=yes servers=8.8.8.8
  25. /ip firewall filter
  26. add action=accept chain=input connection-state=established,related
  27. add action=drop chain=input connection-state=invalid
  28. add action=accept chain=input dst-port=53 in-interface-list=!WAN-List protocol=udp
  29. add action=accept chain=input protocol=icmp
  30. add action=accept chain=input dst-port=8291 protocol=tcp
  31. add action=drop chain=input in-interface=!bridge-local
  32. add action=accept chain=forward connection-state=established,related
  33. add action=drop chain=forward connection-state=invalid
  34. add action=drop chain=forward connection-nat-state=!dstnat in-interface-list=WAN-List
  35. /ip firewall mangle
  36. add action=mark-routing chain=prerouting in-interface=bridge-local new-routing-mark=1c passthrough=yes src-address=192.168.10.200
  37. /ip firewall nat
  38. add action=src-nat chain=srcnat out-interface=MTS to-addresses=1.2.3.4 (WAN MTS)
  39. add action=masquerade chain=srcnat out-interface=ether1 to-addresses=192.168.1.1
  40. /ip route
  41. add distance=1 gateway=ether1 routing-mark=1c
  42. /ip route rule
  43. add dst-address=0.0.0.0/0 interface=ether1 src-address=192.168.10.200/32 table=1c
  44. /ip service
  45. set telnet disabled=yes
  46. set ftp disabled=yes
  47. set www disabled=yes
  48. /system clock
  49. set time-zone-name=Europe/Moscow
  50. /tool mac-server
  51. set [ find default=yes ] disabled=yes
  52. add interface=bridge-local
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!