# model: RBD52G-5HacD2HnD # serial-number: D7160D421424 # firmware-type: ipq4000L # current-firmware: 6.47.8 # installed-version: 6.49.10 # Flags: U - undoable, R - redoable, F - floating-undo # ACTION BY POLICY # U device removed admin write # U device removed admin write # U device removed admin write # U user mentes added admin write # policy # U user group backup added admin write # policy # U address removed admin write # U device changed admin write # U bridge port added admin write # U device changed admin write # U filter rule moved admin write # U filter rule added admin write # U filter rule changed admin write # U device added admin write # U item added admin write # U route added admin write # U route changed admin write # U item changed admin write # U cloud settings changed admin write # U cloud settings changed admin write # U item added admin write # U item changed admin write # U route changed admin write # U route added admin write # U cloud settings changed admin write # U device changed admin write # U device changed admin write # U address added admin write # U bridge port added admin write # U bridge port added admin write # U device added admin write # U item changed admin write # U item changed admin write # U device added admin write # U device added admin write # U device changed admin write # U device changed admin write # U device changed admin write # U device changed admin write # U device changed admin write # U device changed admin write # # software id = AY3N-BLWD # # model = RBD52G-5HacD2HnD # serial number = D7160D421424 /interface bridge add name=bridge-l2tp add name=bridge-vlan2521 add name=bridge-vlan2550 add name=bridge-vlan2562 add name=bridge-vlan2563 add name=bridge-vlan2572 protocol-mode=none add fast-forward=no name=user-bridge /interface ethernet set [ find default-name=ether1 ] comment="UPLINK INVITEL" speed=100Mbps set [ find default-name=ether2 ] comment="VIZTORONY IRANY" l2mtu=1640 mtu=1600 speed=100Mbps set [ find default-name=ether3 ] comment="USEREK SWITCH" speed=100Mbps set [ find default-name=ether4 ] comment="USER AG" speed=100Mbps set [ find default-name=ether5 ] comment="URES PORT" speed=100Mbps /interface pppoe-client add disabled=no interface=ether1 keepalive-timeout=60 max-mru=1480 max-mtu=1480 mrru=1600 name=pppoe-out1 password=Mg577899 user=r-scom /interface wireless set [ find default-name=wlan1 ] ssid=MikroTik station-roaming=enabled set [ find default-name=wlan2 ] ssid=MikroTik station-roaming=enabled /interface eoip add mac-address=02:2C:F9:32:06:69 mtu=1600 name=eoip-budapest remote-address=86.109.64.70 tunnel-id=5 /interface vlan add interface=ether2 name=vlan-gw-papa-userek vlan-id=166 add interface=bridge-l2tp mtu=1600 name=vlan2521-Bpfele vlan-id=2521 add interface=ether2 mtu=1600 name=vlan2521-viztoronyfele vlan-id=2521 add interface=bridge-l2tp mtu=1600 name=vlan2550-Bpfele vlan-id=2550 add interface=ether2 mtu=1600 name=vlan2550-viztoronyfele vlan-id=2550 add interface=bridge-l2tp mtu=1600 name=vlan2562-Bpfele vlan-id=2562 add interface=ether2 mtu=1600 name=vlan2562-viztoronyfele vlan-id=2562 add interface=bridge-l2tp mtu=1600 name=vlan2563-Bpfele vlan-id=2563 add interface=ether2 mtu=1600 name=vlan2563-viztoronyfele vlan-id=2563 add interface=bridge-l2tp mtu=1620 name=vlan2572-bpfele vlan-id=2572 add interface=ether2 mtu=1600 name=vlan2572-viztoronyfele vlan-id=2572 /interface list add name=discover /interface wireless security-profiles set [ find default=yes ] supplicant-identity=MikroTik /ppp profile add bridge=bridge-l2tp name=l2tp /interface l2tp-client add allow-fast-path=yes connect-to=86.109.64.254 disabled=no mrru=1600 name=budapest-l2tp password=UvEgJaNi99 profile=default user=papa add allow-fast-path=yes connect-to=86.109.64.70 mrru=1600 name=l2tp-sw-budapest password=hjUIH82oihji3 profile=l2tp user=papa /routing ospf instance set [ find default=yes ] redistribute-connected=as-type-1 /snmp community set [ find default=yes ] addresses=10.0.0.2/32,86.109.64.0/27 /system logging action set 3 remote=86.109.64.16 /user group set full policy="local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,password,web,sniff,sensitive,api,romon,dude,tikapp" add name=backup policy="ssh,read,sensitive,!local,!telnet,!ftp,!reboot,!write,!policy,!test,!winbox,!password,!web,!sniff,!api,!romon,!dude,!tikapp" #error exporting /interface bridge calea /interface bridge port add bridge=user-bridge interface=ether3 add bridge=user-bridge interface=ether4 add bridge=user-bridge interface=vlan-gw-papa-userek add bridge=bridge-vlan2562 interface=vlan2562-Bpfele add bridge=bridge-vlan2562 interface=vlan2562-viztoronyfele add bridge=bridge-vlan2563 interface=vlan2563-Bpfele add bridge=bridge-vlan2563 interface=vlan2563-viztoronyfele add bridge=bridge-vlan2521 interface=vlan2521-Bpfele add bridge=bridge-vlan2521 interface=vlan2521-viztoronyfele add bridge=bridge-vlan2550 interface=vlan2550-Bpfele add bridge=bridge-vlan2550 interface=vlan2550-viztoronyfele add interface=*1A add interface=*1B add bridge=bridge-vlan2572 interface=vlan2572-bpfele add bridge=bridge-vlan2572 interface=vlan2572-viztoronyfele add bridge=bridge-l2tp interface=eoip-budapest /ip neighbor discovery-settings set discover-interface-list=discover /interface list member add interface=wlan1 list=discover add interface=wlan2 list=discover add interface=vlan-gw-papa-userek list=discover add interface=ether1 list=discover add interface=ether2 list=discover add interface=ether3 list=discover add interface=ether4 list=discover add interface=ether5 list=discover add interface=budapest-l2tp list=discover add interface=user-bridge list=discover /ip address add address=10.89.0.1/24 interface=ether2 network=10.89.0.0 /ip cloud set ddns-enabled=yes ddns-update-interval=1m /ip dns set servers=86.109.64.5,193.194.159.224 /ip dns static add address=192.168.88.1 name=router.lan #error exporting /ip firewall calea /ip firewall filter add action=accept chain=input comment="L2TP fw-budapestbe" src-address=86.109.64.254 add action=accept chain=input comment="L2TP fw-budapestbe" disabled=yes src-address=86.109.64.82 add action=accept chain=input comment="==== Estabilished csomagok engedelyezese" connection-state=established add action=accept chain=input comment="==== Related csomagok engedelyezese" connection-state=related add action=accept chain=input comment="==== UDP engedelyezese" protocol=udp add action=accept chain=input protocol=gre add action=accept chain=input protocol=ospf add action=drop chain=input comment="==== Invalid csomagok eldobalasa" connection-state=invalid add action=accept chain=input comment="==== Ping engedelyezese" protocol=icmp add action=accept chain=input dst-port=21-23 protocol=tcp src-address=10.0.0.0/8 add action=accept chain=input dst-port=21-23 protocol=tcp src-address=86.109.64.0/19 add action=drop chain=input dst-port=21-23 protocol=tcp add action=accept chain=input comment="bandwidth test" dst-port=2000 protocol=tcp add action=accept chain=input comment="==== HTTP engedelyezese" dst-port=80 protocol=tcp add action=accept chain=input comment="==== Winbox engedelyezese" dst-port=8291 protocol=tcp add action=accept chain=input comment="==== Sajat IP-k engedelyezese" src-address=86.109.64.0/19 add action=accept chain=input comment="==== Sajat IP-k engedelyezese" dst-limit=0,5,dst-address/1m40s src-address=10.0.0.0/8 add action=log chain=input comment="==== Minden mas logolasa" log-prefix=drop add action=drop chain=input comment="==== Minden mas eldobalasa" add action=fasttrack-connection chain=forward connection-state=established,related add action=accept chain=forward connection-state=established,related /ip route add check-gateway=ping distance=1 dst-address=86.109.64.254/32 gateway=pppoe-out1 add comment="Mikrotik IP Cloud" distance=1 dst-address=159.148.147.0/24 gateway=pppoe-out1 add comment="Mikrotik IP Cloud" distance=1 dst-address=159.148.172.0/24 gateway=pppoe-out1 /ip service set www address=86.109.64.0/27 set api address=86.109.64.0/27 set api-ssl address=86.109.64.0/27 /ip ssh set allow-none-crypto=yes forwarding-enabled=remote /routing filter add action=discard chain=ospf-out prefix=10.0.0.1 prefix-length=32 add action=discard chain=ospf-out prefix=159.148.147.0/24 prefix-length=24 add action=discard chain=ospf-out prefix=159.148.172.0/24 prefix-length=24 add action=discard chain=ospf-out prefix=86.109.64.254 prefix-length=32 /routing ospf network add area=backbone network=10.99.8.3/32 add area=backbone network=10.89.0.0/24 /snmp set contact=magic@magicnet.hu enabled=yes location=Papa /system clock set time-zone-name=Europe/Budapest /system identity set name=papa.magicnet.hu /system logging add action=remote topics=info add action=remote topics=critical add action=remote topics=error add action=remote topics=warning add disabled=yes topics=ospf add disabled=yes topics=l2tp /system ntp client set enabled=yes primary-ntp=86.109.64.5 /system package update set channel=testing /system resource irq rps set ether1 disabled=no set ether2 disabled=no set ether3 disabled=no set ether4 disabled=no set ether5 disabled=no /system routerboard settings set cpu-frequency=896MHz /system scheduler add interval=6d name=mentes on-event=mentes policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon start-date=oct/24/2018 start-time=07:16:00 /system script add dont-require-permissions=no name=mentes owner=admin policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source="/export file=export\r\n/tool e-mail send from=\"backup@rlan.hu\" to=\"backup@rlan.hu\" subject=([/system identity get name] . \" export\") file=export.rsc\r\n/system backup save name=backup\r\n/tool e-mail send from=\"backup@rlan.hu\" to=\"backup@rlan.hu\" subject=([/system identity get name] . \" Backup\") file=backup.backup\r\n" /tool e-mail set address=86.109.64.10 from=papa@magicnet.hu /tool graphing interface add /tool graphing queue add /tool graphing resource add /tool sniffer set file-limit=3000KiB file-name=x filter-interface=vlan2572-viztoronyfele