API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Apr 6th, 2021
281
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.29 KB | None | 0 0
raw download clone embed print report
  1. [admin@MikroTik] > /export
  2. # apr/06/2021 12:31:50 by RouterOS 6.48.1
  3. # software id = Z8JH-JXJP
  4. #
  5. # model = RB760iGS
  6. # serial number = E1F10D00B988
  7. /interface ethernet
  8. set [ find default-name=ether1 ] name=LAN
  9. set [ find default-name=ether2 ] disabled=yes name=WAN1
  10. set [ find default-name=ether3 ] name=WAN2
  11. /interface wireless security-profiles
  12. set [ find default=yes ] supplicant-identity=MikroTik
  13. /ip firewall layer7-protocol
  14. add name=Twitch regexp="^.+(twitch.tv).*\$"
  15. add name=Youtube regexp="^.+(youtube.com).*\$"
  16. /ip pool
  17. add name=DHCP ranges=192.168.188.99-192.168.188.199
  18. /ip dhcp-server
  19. add address-pool=DHCP disabled=no interface=LAN lease-time=59m name=dhcp1
  20. /ip neighbor discovery-settings
  21. set discover-interface-list=all
  22. /ip address
  23. add address=192.168.178.2/24 interface=WAN1 network=192.168.178.0
  24. add address=192.168.10.2/24 interface=WAN2 network=192.168.10.0
  25. add address=192.168.188.254/24 interface=LAN network=192.168.188.0
  26. /ip arp
  27. add address=192.168.188.110 interface=LAN mac-address=EC:C4:0D:BD:EE:FA
  28. add address=192.168.188.80 interface=LAN mac-address=70:EE:50:5E:7F:E6
  29. add address=192.168.188.10 comment=MacMini interface=LAN mac-address=60:F8:1D:BD:A2:2A
  30. /ip dhcp-client
  31. add dhcp-options=clientid,clientid interface=LAN
  32. add dhcp-options=clientid,clientid interface=LAN use-peer-dns=no
  33. /ip dhcp-server lease
  34. add address=192.168.188.110 client-id=Nintendo mac-address=EC:C4:0D:BD:EE:FA server=dhcp1
  35. add address=192.168.188.102 client-id=1:14:3f:a6:26:4a:36 comment="TV SONY" mac-address=14:3F:A6:26:4A:36 server=dhcp1
  36. add address=192.168.188.199 client-id=1:30:e1:71:91:57:4a comment=HP mac-address=30:E1:71:91:57:4A server=dhcp1
  37. add address=192.168.188.138 client-id=1:0:23:24:3b:9b:2d comment="Pc remoto Mary" mac-address=00:23:24:3B:9B:2D server=\
  38. dhcp1
  39. /ip dhcp-server network
  40. add address=192.168.188.0/24 dns-server=8.8.8.8,1.1.1.1 gateway=192.168.188.254
  41. /ip dns
  42. set servers=8.8.8.8,1.1.1.1/ip firewall filter
  43. add action=drop chain=forward comment="Blocco Twitch a tempo" layer7-protocol=Twitch log=yes port=80,443 protocol=tcp \
  44. src-address=192.168.188.10 time=0s-18h30m,sun,mon,tue,wed,thu,fri,sat
  45. # inactive time
  46. add action=drop chain=forward comment="Blocco youtube" layer7-protocol=Youtube port=80,443 protocol=tcp time=\
  47. 22h30m-23h59m,sun,mon,tue,wed,thu,fri,sat
  48. # inactive time
  49. add action=drop chain=input comment="Blocco Nintendo" src-address=192.168.188.110 time=\
  50. 13h-14h,sun,mon,tue,wed,thu,fri,sat
  51. add action=drop chain=input comment="Blocco TV" disabled=yes src-address=192.168.188.102 time=\
  52. 22h30m-23h59m,sun,mon,tue,wed,thu,fri,sat
  53. add action=drop chain=input comment="Blocco TV mattina" src-address=192.168.188.102 time=0s-13h,sun,mon,tue,wed,thu
  54. # inactive time
  55. add action=drop chain=input comment="Blocco TV Sera" src-address=192.168.188.102 time=22h30m-23h59m,sun,mon,tue,wed,thu
  56. add action=drop chain=input comment="Blocco sky mattina" src-address=192.168.188.130 time=0s-13h,sun,mon,tue,wed,thu
  57. # inactive time
  58. add action=drop chain=input comment="Blocco sky Sera" src-address=192.168.188.130 time=\
  59. 22h30m-23h59m,sun,mon,tue,wed,thu
  60. /ip firewall mangle
  61. add action=mark-connection chain=output connection-mark=no-mark connection-state=new new-connection-mark=wan1_traffic \
  62. out-interface=WAN1 passthrough=yes
  63. add action=mark-connection chain=output connection-mark=no-mark connection-state=new new-connection-mark=wan2_traffic \
  64. out-interface=WAN2 passthrough=yes
  65. add action=mark-routing chain=output connection-mark=wan1_traffic new-routing-mark=vs_wan1 out-interface=WAN1 \
  66. passthrough=yes
  67. add action=mark-routing chain=output connection-mark=wan2_traffic new-routing-mark=vs_wan2 out-interface=WAN2 \
  68. passthrough=yes
  69. /ip firewall nat
  70. add action=masquerade chain=srcnat out-interface=WAN1
  71. add action=masquerade chain=srcnat out-interface=WAN2
  72. /ip route
  73. add check-gateway=ping distance=1 gateway=8.8.8.8 routing-mark=vs_wan1
  74. add check-gateway=ping distance=1 gateway=1.1.1.1 routing-mark=vs_wan1
  75. add check-gateway=ping distance=1 gateway=1.1.1.1 routing-mark=vs_wan2
  76. add check-gateway=ping distance=1 gateway=8.8.8.8 routing-mark=vs_wan2
  77. add check-gateway=ping distance=1 gateway=192.168.178.1
  78. add distance=2 gateway=192.168.10.1
  79. add distance=1 dst-address=8.8.8.8/32 gateway=192.168.178.1 scope=10
  80. add distance=1 dst-address=8.8.8.8/32 gateway=192.168.10.1 scope=10
  81. /system clock
  82. set time-zone-name=Europe/Rome
  83. /system ntp client
  84. set enabled=yes primary-ntp=51.38.27.129 secondary-ntp=194.0.5.123
  85. /system ntp server
  86. set broadcast=yes enabled=yes/system scheduler
  87. add interval=10s name=schedule1 on-event="#set variables\r\
  88. \n :local pingcount 10\r\
  89. \n :local ipA 192.168.1178.2\r\
  90. \n :local GatewayA 192.168.178.1\r\
  91. \n :global state no\r\
  92. \n \r\
  93. \n #ping gateways with src\r\
  94. \n :local pingresultA [/ping 8.8.8.8 src-address=\$ipA count=\$pingcount]\r\
  95. \n \r\
  96. \n #if link_A is UP then:\r\
  97. \n :if (\$pingresultA=\$pingcount) do={\r\
  98. \n ip route set [/ip route find dst-address=0.0.0.0/0] gateway=192.168.178.1}" policy=\
  99. ftp,reboot,read,write,policy,test,password,sniff,sensitive start-date=jan/02/1970 start-time=00:00:01
  100. /system script
  101. add dont-require-permissions=yes name=ISP1_Down owner=admin policy=\
  102. ftp,reboot,read,write,policy,test,password,sniff,sensitive source=\
  103. "ip route set [/ip route find dst-address=0.0.0.0/0] gateway=192.168.10.1"
  104. add dont-require-permissions=yes name=ISP1_UP owner=admin policy=\
  105. ftp,reboot,read,write,policy,test,password,sniff,sensitive source="#set variables\r\
  106. \n :local pingcount 10\r\
  107. \n :local ipA 192.168.178.2\r\
  108. \n :local GatewayA 192.168.178.1\r\
  109. \n :global state no\r\
  110. \n \r\
  111. \n #ping gateways with src\r\
  112. \n :local pingresultA [/ping 8.8.8.8 src-address=\$ipA count=\$pingcount]\r\
  113. \n \r\
  114. \n #if link_A is UP then:\r\
  115. \n :if (\$pingresultA=\$pingcount) do={\r\
  116. \n ip route set [/ip route find dst-address=0.0.0.0/0] gateway=192.168.178.1}"
  117. /tool netwatch
  118. add down-script="p route disable [find dst-address=0.0.0.0/0 gateway=192.168.178.1]\r\
  119. \n:log error \"ISP_1 is down!\"\r\
  120. \n/ip firewall connection remove [find]" host=8.8.8.8 interval=10s up-script=\
  121. "p route enable [find dst-address=0.0.0.0/0 gateway=10.168.178.1]\r\
  122. \n:log error \"ISP_1 is up!\""
  123.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!