API tools faq
paste
Advertisement
forsquirel

export-09.03.21a

forsquirel
Sep 3rd, 2021 (edited)
132
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.79 KB | None | 0 0
raw download clone embed print report
  1. # sep/03/2021 18:48:11 by RouterOS 6.48.3
  2. # software id = D34D-B33F
  3. #
  4. # model = RB760iGS
  5. # serial number = 8675309Jeny
  6. /interface bridge
  7. add admin-mac=:::::: auto-mac=no ingress-filtering=yes name=bridge \
  8. vlan-filtering=yes
  9. /interface ethernet
  10. set [ find default-name=ether5 ] loop-protect=on poe-out=off
  11. set [ find default-name=sfp1 ] disabled=yes
  12. /interface vlan
  13. add interface=bridge name=vlan_cameras vlan-id=30
  14. add interface=bridge name=vlan_guest vlan-id=10
  15. add interface=bridge name=vlan_lan vlan-id=11
  16. /interface list
  17. add comment=defconf name=WAN
  18. add comment=defconf name=LAN
  19. /interface wireless security-profiles
  20. set [ find default=yes ] supplicant-identity=MikroTik
  21. /ip dhcp-server option
  22. add code=6 name=HollyDNS value="'192.168.1.13''192.168.1.14''192.168.1.1'"
  23. add code=6 name=EverlyDNS value="'192.168.1.14''192.168.1.13''192.168.1.1'"
  24. add code=6 name=LocalDNS value="'192.168.1.1'"
  25. add code=42 name="NTP Server" value="'192.168.1.16'"
  26. /ip kid-control
  27. add fri=6h-23h59m mon=6h-21h name=Kiddo sat=6h-23h thu=6h-21h tue=6h-21h \
  28. wed=6h-21h
  29. /ip pool
  30. add name=pool_lan ranges=192.168.1.2-192.168.1.125
  31. add name=pool_guest ranges=192.168.10.2-192.168.10.14
  32. add name=pool_cameras ranges=192.168.30.2-192.168.30.15
  33. /ip dhcp-server
  34. add address-pool=pool_lan disabled=no interface=bridge name=dhcp_local
  35. add address-pool=pool_guest disabled=no interface=vlan_guest name=dhcp_guest
  36. add address-pool=pool_cameras disabled=no interface=vlan_cameras name=\
  37. dhcp_cameras
  38. /interface bridge port
  39. add bridge=bridge interface=ether2
  40. add bridge=bridge interface=ether3 pvid=11
  41. add bridge=bridge interface=ether4
  42. add bridge=bridge ingress-filtering=yes interface=ether5
  43. add bridge=bridge disabled=yes interface=sfp1
  44. /ip neighbor discovery-settings
  45. set discover-interface-list=LAN
  46. /interface bridge vlan
  47. add bridge=bridge tagged=ether5,bridge vlan-ids=10
  48. add bridge=bridge tagged=ether5,bridge vlan-ids=30
  49. add bridge=bridge tagged=ether5,bridge vlan-ids=11
  50. /interface list member
  51. add interface=bridge list=LAN
  52. add interface=ether1 list=WAN
  53. /ip address
  54. add address=192.168.10.1/25 interface=vlan_guest network=192.168.10.0
  55. add address=192.168.30.1/28 interface=vlan_cameras network=192.168.30.0
  56. add address=192.168.1.1/25 interface=bridge network=192.168.1.0
  57. /ip dhcp-client
  58. add disabled=no interface=ether1
  59. /ip dhcp-server network
  60. add address=192.168.1.0/25 dhcp-option=HollyDNS dns-server=\
  61. 192.168.1.13,192.168.1.14,192.168.1.15 gateway=192.168.1.1 netmask=25
  62. add address=192.168.10.0/28 dns-server=192.168.1.13,192.168.1.14 gateway=\
  63. 192.168.10.1 netmask=28
  64. add address=192.168.30.0/28 gateway=192.168.30.1
  65. /ip dns
  66. set allow-remote-requests=yes
  67. /ip dns static
  68. add address=192.168.1.1 name=router.lan
  69. /ip firewall filter
  70. add action=accept chain=input comment=\
  71. "defconf: accept established,related,untracked" connection-state=\
  72. established,related,untracked
  73. add action=accept chain=input comment="Allow Vlan" disabled=yes in-interface=\
  74. vlan_lan
  75. add action=drop chain=input comment="defconf: drop invalid" connection-state=\
  76. invalid
  77. add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
  78. add action=accept chain=input comment=\
  79. "defconf: accept to local loopback (for CAPsMAN)" dst-address=127.0.0.1
  80. add action=drop chain=input comment="defconf: drop all not coming from LAN" \
  81. in-interface-list=!LAN
  82. add action=accept chain=forward comment="defconf: accept in ipsec policy" \
  83. ipsec-policy=in,ipsec
  84. add action=accept chain=forward comment="defconf: accept out ipsec policy" \
  85. ipsec-policy=out,ipsec
  86. add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
  87. connection-state=established,related
  88. add action=accept chain=forward comment=\
  89. "defconf: accept established,related, untracked" connection-state=\
  90. established,related,untracked
  91. add action=drop chain=forward comment="defconf: drop invalid" \
  92. connection-state=invalid
  93. add action=drop chain=forward comment=\
  94. "defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
  95. connection-state=new in-interface-list=WAN
  96. /ip firewall nat
  97. add action=masquerade chain=srcnat comment=defcon ipsec-policy=out,none \
  98. out-interface-list=WAN
  99. /ip kid-control device
  100. add mac-address=C0:8C:71:A7:70:D1 name=Jubilee user=Kiddo
  101. add mac-address=24:4B:FE:8E:6A:2C name="Dunkin Desktop" user=Kiddo
  102. add mac-address=58:B1:0F:BE:CD:24 name=Dunkin-Tablet user=Kiddo
  103. add mac-address=B8:A1:75:DF:34:A9 name="Dunkin Roku" user=Kiddo
  104. add mac-address=DC:FB:48:ED:7C:81 name="Dunkin Chromebook" user=Kiddo
  105. /system clock
  106. set time-zone-name=
  107. /system identity
  108. set name=router
  109. /system ntp client
  110. set enabled=yes primary-ntp=192.168.1.16
  111. /tool mac-server
  112. set allowed-interface-list=LAN
  113. /tool mac-server mac-winbox
  114. set allowed-interface-list=LAN
  115.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!