Нужна помощь в настройке Mikrotik Router OS v5.24

Раздел для тех, кто начинает знакомиться с MikroTik
Правила форума
Как правильно оформить вопрос.
Прежде чем начать настройку роутера, представьте, как это работает. Попробуйте почитать статьи об устройстве интернет-сетей. Убедитесь, что всё, что Вы задумали выполнимо вообще и на данном оборудовании в частности.
Не нужно изначально строить Наполеоновских планов. Попробуйте настроить простейшую конфигурацию, а усложнения добавлять в случае успеха постепенно.
Пожалуйста, не игнорируйте правила русского языка. Отсутствие знаков препинания и неграмотность автора топика для многих гуру достаточный повод проигнорировать топик вообще.

1. Назовите технологию подключения (динамический DHCP, L2TP, PPTP или что-то иное)
2. Изучите темку "Действия до настройки роутера".
viewtopic.php?f=15&t=2083
3. Настройте согласно выбранного Вами мануала
4. Дочитайте мануал до конца и без пропусков, в 70% случаев люди просто не до конца читают статью и пропускают важные моменты.
5. Если не получается, в Winbox открываем терминал и вбиваем там /export hide-sensitive. Результат в топик под кат, интимные подробности типа личных IP изменить на другие, пароль забить звездочками.
6. Нарисуйте Вашу сеть, рисунок (схему) сюда. На словах может быть одно, в действительности другое.
ahnenerbe
Сообщения: 0
Зарегистрирован: 03 янв 2017, 12:32

Dragon_Knight писал(а):podarok66, Я завидую Вашей выдержке.

TS: Какие именно ошибки в консоле, далее ошибки в логах, если есть.
Если решитесь обновятся, то вот инструкция: viewtopic.php?f=15&t=6065&p=39909#p39909 Будьте внимательны при скачивание пакета под именно вашу архитектуру.
Как заметил podarok66, нужен бекап текущих настроек, а так-же минимальные знания работы с роутером, хотя-бы для того, что-бы раскатить бекап, в случае неудачной настройки, что-бы не остаться без интернета.

При желании и возможности подключения роутера к сети имеющий выход в интернет не через этот роутер, то я могу Вам лично всё настроить через TeamViewer.


с бекапами у меня все в норме) до вашего спвета у меня уже были бекапы в 5и экземплярах) в 5-и раных местах :ps_ih: так что я осознаю что делаю :ps_ih:
ошибки такие
[admin@MikroTik] >
echo: system,error,critical login failure for user ubnt from xxx.xxx.xxx.xxx via telnet
[admin@MikroTik] >
[admin@MikroTik] >
echo: system,error,critical login failure for user root from xxx.xxx.xxx.xxx via telnet
[admin@MikroTik] >
echo: system,error,critical login failure for user admin from xxx.xxx.xxx.xxx via telnet
где xxx.xxx.xxx.xxx очень похожие на мой внешний статичний айпи основного интерфейса, ошибки все время добовляются.

Сам микротик не настраивал, настраивали до меня, сейчас пытаюсь вникать в это по-тихоньку. Если как-то можно, помогите) или скажите в какую сторону копать)))
заранее благодарен


vqd
Модератор
Сообщения: 3605
Зарегистрирован: 26 сен 2013, 14:20
Откуда: НСК
Контактная информация:

/ip service set telnet disabled=yes

И будет Вам счастье


Есть интересная задача и бюджет? http://mikrotik.site
ahnenerbe
Сообщения: 0
Зарегистрирован: 03 янв 2017, 12:32

кстати в логах те же самые ошибки, бесконечно...


gmx
Модератор
Сообщения: 3290
Зарегистрирован: 01 окт 2012, 14:48

Да это не ошибка. К вашему роутеру подбирают пароль.


ahnenerbe
Сообщения: 0
Зарегистрирован: 03 янв 2017, 12:32

а что это собственно? пытаются взломать? там под разными логинамы попытки входа.
попытка взлома? бтутфорс?


vqd
Модератор
Сообщения: 3605
Зарегистрирован: 26 сен 2013, 14:20
Откуда: НСК
Контактная информация:

Ну так логи они для того и придуманы что бы их читали и думали, там все написано


Есть интересная задача и бюджет? http://mikrotik.site
ahnenerbe
Сообщения: 0
Зарегистрирован: 03 янв 2017, 12:32

результат export-а

Код: Выделить всё

[admin@MikroTik] > export
# jan/10/2017 11:38:14 by RouterOS 5.24
# software id = W5EY-LHT9
#
/interface ethernet
set 0 arp=enabled auto-negotiation=yes cable-settings=default comment=LOCAL disable-running-check=yes disabled=no \
    full-duplex=yes l2mtu=16383 mac-address=00:1F:D0:26:4D:48 mtu=1500 name=ether1 speed=100Mbps
set 1 arp=enabled auto-negotiation=yes cable-settings=default comment=Ucom disable-running-check=yes disabled=no \
    full-duplex=yes l2mtu=16383 mac-address=00:1F:D0:26:4D:38 mtu=1500 name=ether2 speed=100Mbps
set 2 arp=enabled auto-negotiation=yes cable-settings=default comment=Rostelekom disable-running-check=yes disabled=no \
    full-duplex=yes mac-address=80:1F:02:38:82:84 mtu=1500 name=ether3 speed=100Mbps
/interface wireless security-profiles
set [ find default=yes ] authentication-types="" eap-methods=passthrough group-ciphers=aes-ccm group-key-update=5m \
    interim-update=0s management-protection=disabled management-protection-key="" mode=none name=default \
    radius-eap-accounting=no radius-mac-accounting=no radius-mac-authentication=no radius-mac-caching=disabled \
    radius-mac-format=XX:XX:XX:XX:XX:XX radius-mac-mode=as-username static-algo-0=none static-algo-1=none static-algo-2=none \
    static-algo-3=none static-key-0="" static-key-1="" static-key-2="" static-key-3="" static-sta-private-algo=none \
    static-sta-private-key="" static-transmit-key=key-0 supplicant-identity=MikroTik tls-certificate=none tls-mode=\
    no-certificates unicast-ciphers=aes-ccm wpa-pre-shared-key="" wpa2-pre-shared-key=""
/ip firewall layer7-protocol
add name="blocked websites" regexp="^.+(bongacams.com|xvideos.com|pornhub.com|porn|youjizz.com|xhamster.com|xnxx.com|txxx.com\
    |porno|sex|redtube|alohatube.com|cliti.com|tnaflix.xom|xvideos.com|dinotube|ixxx.com|brazzers|bangbros|.xxx|porno).*\$"
/ip hotspot profile
set [ find default=yes ] dns-name="" hotspot-address=0.0.0.0 html-directory=hotspot http-cookie-lifetime=3d http-proxy=\
    0.0.0.0:0 login-by=cookie,http-chap name=default rate-limit="" smtp-server=0.0.0.0 split-user-domain=no use-radius=no
/ip hotspot user profile
set [ find default=yes ] idle-timeout=none keepalive-timeout=2m name=default shared-users=1 status-autorefresh=1m \
    transparent-proxy=no
/ip ipsec proposal
set [ find default=yes ] auth-algorithms=sha1 disabled=no enc-algorithms=3des lifetime=30m name=default pfs-group=modp1024
/ip pool
add name=dhcp_pool1 ranges=20.20.20.100-20.20.20.254
/ip dhcp-server
add address-pool=dhcp_pool1 authoritative=after-2sec-delay bootp-support=static disabled=no interface=ether1 lease-time=3d \
    name=dhcp1
/port
set 0 baud-rate=9600 data-bits=8 flow-control=none name=serial0 parity=none stop-bits=1
/ppp profile
set 0 change-tcp-mss=yes name=default only-one=default remote-ipv6-prefix-pool=none use-compression=default use-encryption=\
    default use-ipv6=yes use-mpls=default use-vj-compression=default
set 1 change-tcp-mss=yes name=default-encryption only-one=default remote-ipv6-prefix-pool=none use-compression=default \
    use-encryption=yes use-ipv6=yes use-mpls=default use-vj-compression=default
/queue type
set 0 kind=pfifo name=default pfifo-limit=50
set 1 kind=pfifo name=ethernet-default pfifo-limit=50
set 2 kind=sfq name=wireless-default sfq-allot=1514 sfq-perturb=5
set 3 kind=red name=synchronous-default red-avg-packet=1000 red-burst=20 red-limit=60 red-max-threshold=50 \
    red-min-threshold=10
set 4 kind=sfq name=hotspot-default sfq-allot=1514 sfq-perturb=5
set 5 kind=none name=only-hardware-queue
set 6 kind=mq-pfifo mq-pfifo-limit=50 name=multi-queue-ethernet-default
set 7 kind=pfifo name=default-small pfifo-limit=10
/queue simple
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    5M/5M name=CS1-1 packet-marks="" parent=none priority=1 queue=default-small/default-small target-addresses=\
    20.20.20.11/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-1 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.11/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-2 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.12/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/10M name=Cyber1-3 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.13/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/10M name=Cyber1-4 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.14/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-5 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.15/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/5M name=CS1-3 packet-marks="" parent=none priority=1 queue=default-small/default-small target-addresses=\
    20.20.20.13/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/5M name=CS1-2 packet-marks="" parent=none priority=1 queue=default-small/default-small target-addresses=\
    20.20.20.12/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/5M name=CS1-4 packet-marks="" parent=none priority=1 queue=default-small/default-small target-addresses=\
    20.20.20.14/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/5M name=CS1-5 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    20.20.20.15/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/5M name=CS1-6 packet-marks="" parent=none priority=1 queue=default-small/default-small target-addresses=\
    20.20.20.16/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/5M name=CS1-7 packet-marks="" parent=none priority=1 queue=default-small/default-small target-addresses=\
    20.20.20.17/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/5M name=CS1-17 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    20.20.20.27/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/5M name=CS1-8 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    20.20.20.18/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/5M name=CS1-9 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    20.20.20.19/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/15M name=CS1-10 packet-marks="" parent=none priority=1 queue=default-small/default-small target-addresses=\
    20.20.20.20/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/5M name=CS1-11 packet-marks="" parent=none priority=1 queue=default-small/default-small target-addresses=\
    20.20.20.21/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/5M name=CS1-12 packet-marks="" parent=none priority=1 queue=default-small/default-small target-addresses=\
    20.20.20.22/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/5M name=CS1-13 packet-marks="" parent=none priority=1 queue=default-small/default-small target-addresses=\
    20.20.20.23/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/5M name=CS1-14 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    20.20.20.24/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/5M name=CS1-15 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    20.20.20.25/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/5M name=CS1-16 packet-marks="" parent=none priority=1 queue=default-small/default-small target-addresses=\
    20.20.20.26/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/5M name=CS1-18 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    20.20.20.28/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/5M name=CS1-19 packet-marks="" parent=none priority=1 queue=default-small/default-small target-addresses=\
    20.20.20.29/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    5M/5M name=CS1-21 packet-marks="" parent=none priority=1 queue=default-small/default-small target-addresses=\
    20.20.20.31/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    5M/10M name=CS1-22 packet-marks="" parent=none priority=1 queue=default-small/default-small target-addresses=\
    20.20.20.32/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/5M name=CS1-20 packet-marks="" parent=none priority=1 queue=default/default target-addresses=20.20.20.30/32 \
    total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/5M name=CS1-23 packet-marks="" parent=none priority=2 queue=default-small/default-small target-addresses=\
    20.20.20.33/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/3M name=CS1-24 packet-marks="" parent=none priority=2 queue=default-small/default-small target-addresses=\
    20.20.20.34/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/3M name=CS1-25 packet-marks="" parent=none priority=2 queue=default-small/default-small target-addresses=\
    20.20.20.35/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/3M name=CS1-26 packet-marks="" parent=none priority=2 queue=default-small/default-small target-addresses=\
    20.20.20.36/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    5M/5M name=CS1-27 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.37/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/5M name=CS1-28 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.38/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/5M name=CS1-29 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.39/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/5M name=CS1-30 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.40/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    6M/5M name=CS1-31 packet-marks="" parent=none priority=2 queue=default-small/default-small target-addresses=\
    20.20.20.41/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    6M/5M name=CS1-32 packet-marks="" parent=none priority=2 queue=default-small/default-small target-addresses=\
    20.20.20.42/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/5M name=CS1-33 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.43/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/3M name=CS1-34 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.44/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    5M/3M name=CS1-35 packet-marks="" parent=none priority=1 queue=default-small/default-small target-addresses=\
    20.20.20.45/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/3M name=CS1-36 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.46/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/3M name=CS1-37 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.47/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/3M name=CS1-38 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.48/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/3M name=CS1-39 packet-marks="" parent=none priority=1 queue=default-small/default-small target-addresses=\
    20.20.20.49/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    5M/3M name=CS1-40 packet-marks="" parent=none priority=1 queue=default-small/default-small target-addresses=\
    20.20.20.50/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/4M name=CS1-43 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.53/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/4M name=CS1-44 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.54/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/4M name=CS1-45 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.57/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/3M name=CS1-46 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.56/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/3M name=CS2-1 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.101/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/3M name=CS2-2 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.102/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/3M name=CS2-3 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.103/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/3M name=CS2-6 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.106/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/5M name=CS2-7 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.107/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/5M name=CS2-8 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.108/32 time=9h-23h,sun,mon,tue,wed,thu,fri,sat total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/3M name=CS2-9 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.59/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/5M name=CS2-10 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.60/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/5M name=CS2-11 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.61/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/3M name=CS1-42 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.52/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/4M name=CS1-41 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.51/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/3M name=CS2-12 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.62/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/5M name=CS2-13 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.63/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/5M name=CS2-14 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.64/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/5M name=CS2-15 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.65/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/5M name=CS2-16 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.66/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/5M name=CS2-17 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.67/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/3M name=CS2-18 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.68/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/3M name=CS2-19 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.69/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/3M name=CS2-20 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.70/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    5M/5M name=CS2-21 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.71/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/3M name=CS2-22 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.72/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/5M name=CS2-23 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.73/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/3M name=CS2-24 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.74/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/3M name=CS2-25 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.75/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/3M name=CS2-26 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.76/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/5M name=CS2-27 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.77/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/10M name=CS2-28 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.78/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/10M name=CS2-29 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.79/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    5M/3M name=CS2-30 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.80/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/4M name=queue2 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    20.20.20.150/32 time=0s-23h59m59s,sun,mon,tue,wed,thu,fri,sat total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/3M name=CS2-31 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.81/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    5M/5M name=CS2-32 packet-marks="" parent=none priority=1 queue=default-small/default-small target-addresses=\
    20.20.20.82/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    19M/15M name=MY packet-marks="" parent=none priority=1 queue=default/default target-addresses=20.20.20.10/32 \
    total-queue=default
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    4M/5M name=queue1 packet-marks="" parent=none priority=1 queue=default-small/default-small target-addresses=\
    20.20.20.6/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=yes interface=all limit-at=0/0 max-limit=\
    1k/1k name="admin verev1" packet-marks="" parent=none priority=1 queue=default-small/default-small target-addresses=\
    20.20.20.150/32 time=11h-16h,mon,tue,wed,thu,fri,sat total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    1k/1k name=kuxnia packet-marks="" parent=none priority=1 queue=default-small/default-small target-addresses=\
    20.20.20.91/32 time=1m-23h59m,sun,mon,tue,wed,thu,fri,sat total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=yes interface=all limit-at=0/0 max-limit=\
    1k/1k name="admin verev2" packet-marks="" parent=none priority=1 queue=default-small/default-small target-addresses=\
    20.20.20.150/32 time=20h-23h59m,mon,tue,wed,thu,fri,sat total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=yes interface=all limit-at=0/0 max-limit=\
    1k/1k name="admin nerqev1" packet-marks="" parent=none priority=1 queue=default-small/default-small target-addresses=\
    20.20.20.151/32 time=10h-19h,mon,tue,wed,thu,fri,sat total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=yes interface=all limit-at=0/0 max-limit=\
    1k/1k name="admin nerqev2" packet-marks="" parent=none priority=1 queue=default-small/default-small target-addresses=\
    20.20.20.151/32 time=20h-23h59m,sun,mon,tue,wed,thu,fri,sat total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/15M name=ARSEN packet-marks="" parent=none priority=3 queue=default/default target-addresses=20.20.20.155/32 \
    total-queue=default
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-6 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.16/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-7 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.17/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-8 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.18/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-9 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.19/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-10 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.20/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-11 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.21/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-12 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.22/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-13 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.23/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-14 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.24/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-15 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.25/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-16 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.26/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-17 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.27/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-18 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.28/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-19 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.29/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-20 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.30/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-21 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.31/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-22 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.32/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-23 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.33/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-24 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.34/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-25 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.35/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-26 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.36/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-27 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.37/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-28 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.38/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-29 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.39/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-30 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.40/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-31 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.41/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-32 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.42/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-33 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.43/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-34 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.44/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-35 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.45/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-36 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.46/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-37 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.47/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-38 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.48/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-39 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.49/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-40 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.50/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-41 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.51/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-42 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.52/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-43 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.53/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-44 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.54/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-45 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.55/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    8M/5M name=Cyber1-46 packet-marks="" parent=none priority=3 queue=default-small/default-small target-addresses=\
    192.168.0.56/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    3M/6M name=queue3 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=\
    20.20.20.151/32 time=0s-23h59m59s,sun,mon,tue,wed,thu,fri,sat total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=0/0 \
    name=queue8 packet-marks="" parent=none priority=8 queue=default-small/default-small target-addresses=20.20.20.108/32 \
    time=23h-9h,sun,mon,tue,wed,thu,fri,sat total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=\
    10M/10M name=website packet-marks="" parent=none priority=1 queue=default-small/default-small target-addresses=\
    20.20.20.250/32 total-queue=default-small
/routing bgp instance
set default as=65530 client-to-client-reflection=yes disabled=no ignore-as-path-len=no name=default out-filter="" \
    redistribute-connected=no redistribute-ospf=no redistribute-other-bgp=no redistribute-rip=no redistribute-static=no \
    router-id=0.0.0.0 routing-table=""
/routing ospf instance
set [ find default=yes ] disabled=no distribute-default=never in-filter=ospf-in metric-bgp=auto metric-connected=20 \
    metric-default=1 metric-other-ospf=auto metric-rip=20 metric-static=20 name=default out-filter=ospf-out \
    redistribute-bgp=no redistribute-connected=no redistribute-other-ospf=no redistribute-rip=no redistribute-static=no \
    router-id=0.0.0.0
/routing ospf area
set [ find default=yes ] area-id=0.0.0.0 disabled=no instance=default name=backbone type=default
/routing ospf-v3 instance
set [ find default=yes ] disabled=no distribute-default=never metric-bgp=auto metric-connected=20 metric-default=1 \
    metric-other-ospf=auto metric-rip=20 metric-static=20 name=default redistribute-bgp=no redistribute-connected=no \
    redistribute-other-ospf=no redistribute-rip=no redistribute-static=no router-id=0.0.0.0
/routing ospf-v3 area
set [ find default=yes ] area-id=0.0.0.0 disabled=no instance=default name=backbone type=default
/snmp community
set [ find default=yes ] addresses=0.0.0.0/0 authentication-password="" authentication-protocol=MD5 encryption-password="" \
    encryption-protocol=DES name=public read-access=yes security=none write-access=no
/system logging action
set 0 memory-lines=100 memory-stop-on-full=no name=memory target=memory
set 1 disk-file-count=2 disk-file-name=log disk-lines-per-file=100 disk-stop-on-full=no name=disk target=disk
set 2 name=echo remember=yes target=echo
set 3 bsd-syslog=no name=remote remote=:: remote-port=514 src-address=0.0.0.0 syslog-facility=daemon syslog-severity=auto \
    target=remote
/tool user-manager customer
add backup-allowed=yes disabled=no login=admin password="" paypal-accept-pending=no paypal-allowed=no \
    paypal-secure-response=no permissions=owner signup-allowed=no time-zone=-00:00
/user group
set read name=read policy=local,telnet,ssh,reboot,read,test,winbox,password,web,sniff,sensitive,api,!ftp,!write,!policy \
    skin=default
set write name=write policy=local,telnet,ssh,reboot,read,write,test,winbox,password,web,sniff,sensitive,api,!ftp,!policy \
    skin=default
set full name=full policy=local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,password,web,sniff,sensitive,api skin=\
    default
/interface bridge settings
set use-ip-firewall=no use-ip-firewall-for-pppoe=no use-ip-firewall-for-vlan=no
/interface l2tp-server server
set authentication=pap,chap,mschap1,mschap2 default-profile=default-encryption enabled=no keepalive-timeout=30 max-mru=1460 \
    max-mtu=1460 mrru=disabled
/interface ovpn-server server
set auth=sha1,md5 certificate=none cipher=blowfish128,aes128 default-profile=default enabled=no keepalive-timeout=60 \
    mac-address=FE:21:3F:00:00:8A max-mtu=1500 mode=ip netmask=24 port=1194 require-client-certificate=no
/interface pptp-server server
set authentication=mschap1,mschap2 default-profile=default-encryption enabled=no keepalive-timeout=30 max-mru=1460 max-mtu=\
    1460 mrru=disabled
/interface sstp-server server
set authentication=pap,chap,mschap1,mschap2 certificate=none default-profile=default enabled=no keepalive-timeout=60 \
    max-mru=1500 max-mtu=1500 mrru=disabled port=443 verify-client-certificate=no
/interface wireless align
set active-mode=yes audio-max=-20 audio-min=-100 audio-monitor=00:00:00:00:00:00 filter-mac=00:00:00:00:00:00 frame-size=300 \
    frames-per-second=25 receive-all=no ssid-all=no
/interface wireless sniffer
set channel-time=200ms file-limit=10 file-name="" memory-limit=10 multiple-channels=no only-headers=no receive-errors=no \
    streaming-enabled=no streaming-max-rate=0 streaming-server=0.0.0.0
/interface wireless snooper
set channel-time=200ms multiple-channels=yes receive-errors=no
/ip accounting
set account-local-traffic=no enabled=no threshold=256
/ip accounting web-access
set accessible-via-web=no address=0.0.0.0/0
/ip address
add address=20.20.20.1/24 disabled=no interface=ether1 network=20.20.20.0
add address=212.34.228.65/29 disabled=no interface=ether1 network=212.34.228.64
add address=212.34.233.6/29 disabled=no interface=ether2 network=212.34.233.0
add address=192.168.0.1/24 disabled=no interface=ether1 network=192.168.0.0
add address=192.168.1.10/24 disabled=no interface=ether3 network=192.168.1.0
/ip arp
add address=20.20.20.10 disabled=no interface=ether1 mac-address=90:2B:34:50:8F:44
/ip dhcp-server config
set store-leases-disk=5m
/ip dhcp-server lease
add address=20.20.20.202 client-id=1:0:1d:7d:b:11:36 disabled=no mac-address=00:1D:7D:0B:11:36 server=dhcp1
add address=20.20.20.31 client-id=1:0:1d:7d:a:c2:86 disabled=no mac-address=00:1D:7D:0A:C2:86 server=dhcp1
add address=20.20.20.70 client-id=1:0:1d:7d:b:10:db disabled=no mac-address=00:1D:7D:0B:10:DB server=dhcp1
add address=20.20.20.27 always-broadcast=yes client-id=1:0:1d:7d:b:11:38 disabled=no mac-address=00:1D:7D:0B:11:38 server=\
    dhcp1
add address=20.20.20.24 client-id=1:0:1f:d0:22:65:26 disabled=no mac-address=00:1F:D0:22:65:26 server=dhcp1
add address=20.20.20.40 always-broadcast=yes client-id=1:0:24:1d:dd:fb:97 disabled=no mac-address=00:24:1D:DD:FB:97 server=\
    dhcp1
add address=20.20.20.64 client-id=1:0:1d:7d:c:48:e disabled=no mac-address=00:1D:7D:0C:48:0E server=dhcp1
add address=20.20.20.57 client-id=1:0:24:1d:dd:f6:e2 disabled=no mac-address=00:24:1D:DD:F6:E2 server=dhcp1
add address=20.20.20.107 client-id=1:0:d9:d1:db:9a:3a disabled=no mac-address=00:D9:D1:DB:9A:3A server=dhcp1
/ip dhcp-server network
add address=20.20.20.0/24 dhcp-option="" dns-server=8.8.8.8 gateway=20.20.20.1 ntp-server="" wins-server=""
/ip dns
set allow-remote-requests=yes cache-max-ttl=1w cache-size=2048KiB max-udp-packet-size=4096 servers=92.43.137.1,8.8.8.8
/ip dns static
add address=20.20.20.9 disabled=no name=www.EasyGaming.am ttl=1d
add address=20.20.20.2 disabled=no name=www.bar.am ttl=1d
add address=20.20.20.9 disabled=no name=EasyGaming.am ttl=1d
add address=20.20.20.10 disabled=no name=212.34.228.68 ttl=1d
/ip firewall address-list
add address=20.20.20.11-20.20.20.30 disabled=no list="down hall1"
add address=20.20.20.59-20.20.20.82 disabled=no list="up hall2"
add address=20.20.20.51-20.20.20.56 disabled=no list="down internet"
add address=20.20.20.101-20.20.20.103 disabled=no list="up hall1"
add address=20.20.20.106-20.20.20.108 disabled=no list=uphall1_2
/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s tcp-close-wait-timeout=10s \
    tcp-established-timeout=1d tcp-fin-wait-timeout=10s tcp-last-ack-timeout=10s tcp-syn-received-timeout=5s \
    tcp-syn-sent-timeout=5s tcp-syncookie=no tcp-time-wait-timeout=10s udp-stream-timeout=3m udp-timeout=10s
/ip firewall filter
add action=drop chain=forward disabled=yes layer7-protocol="blocked websites" src-address-list="down internet"
add action=drop chain=forward disabled=yes layer7-protocol="blocked websites" src-address-list="down hall1"
add action=drop chain=forward disabled=yes layer7-protocol="blocked websites" src-address-list="up hall1"
add action=drop chain=forward disabled=yes layer7-protocol="blocked websites" src-address-list="up hall2"
add action=drop chain=forward disabled=yes layer7-protocol="blocked websites" src-address-list=uphall1_2
add action=drop chain=forward disabled=yes layer7-protocol="blocked websites" src-address=20.20.20.10
add action=reject chain=output disabled=no dst-address=8.8.4.4 out-interface=ether3 reject-with=icmp-host-unreachable \
    src-address=20.20.20.0/24
/ip firewall mangle
add action=mark-routing chain=prerouting disabled=yes new-routing-mark=cs21ros passthrough=yes src-address=20.20.20.31
/ip firewall nat
add action=masquerade chain=srcnat disabled=no out-interface=ether2
add action=masquerade chain=srcnat disabled=no out-interface=ether3
add action=src-nat chain=srcnat comment=DVR disabled=no dst-address=20.20.20.254 src-address=20.20.20.0/24 to-addresses=\
    xxx.xxx.xxx.70
add action=src-nat chain=srcnat comment="Xcho 12komp" disabled=no dst-address=20.20.20.15 src-address=20.20.20.0/24 \
    to-addresses=xxx.xxx.xxx.71
add action=dst-nat chain=dstnat comment=DVR disabled=no dst-address=xxx.xxx.xxx.70 to-addresses=20.20.20.254
add action=dst-nat chain=dstnat comment="Xcho 12 komp" disabled=no dst-address=xxx.xxx.xxx.71 to-addresses=20.20.20.15
add action=src-nat chain=srcnat comment=easygaming disabled=no dst-address=20.20.20.9 src-address=20.20.20.0/24 \
    to-addresses=212.34.228.68
add action=dst-nat chain=dstnat comment=easygaming disabled=no dst-address=xxx.xxx.xxx.68 to-addresses=20.20.20.9
add action=src-nat chain=srcnat comment=BAR disabled=no dst-address=20.20.20.2 src-address=20.20.20.0/24 to-addresses=\
    xxx.xxx.xxx.66
add action=dst-nat chain=dstnat comment=BAR disabled=no dst-address=xxx.xxx.xxx.66 to-addresses=20.20.20.2
add action=src-nat chain=srcnat comment=Cyberstars.am disabled=no dst-address=20.20.20.250 src-address=20.20.20.0/24 \
    to-addresses=xxx.xxx.xxx.69
add action=dst-nat chain=dstnat comment=Cyberstars.am disabled=no dst-address=xxx.xxx.xxx.69 to-addresses=20.20.20.250
/ip firewall service-port
set ftp disabled=no ports=21
set tftp disabled=no ports=69
set irc disabled=no ports=6667
set h323 disabled=no
set sip disabled=no ports=5060,5061 sip-direct-media=yes
set pptp disabled=no
/ip hotspot service-port
set ftp disabled=no ports=21
/ip neighbor discovery
set ether1 disabled=no
set ether2 disabled=no
set ether3 disabled=no
/ip proxy
set always-from-cache=no cache-administrator=webmaster cache-hit-dscp=4 cache-on-disk=no enabled=no max-cache-size=unlimited \
    max-client-connections=600 max-fresh-time=3d max-server-connections=600 parent-proxy=0.0.0.0 parent-proxy-port=0 port=\
    8080 serialize-connections=no src-address=0.0.0.0
/ip route
add disabled=yes distance=1 dst-address=0.0.0.0/0 gateway=ether3 routing-mark=cs21ros scope=30 target-scope=10
add check-gateway=ping comment=Ucom disabled=no distance=1 dst-address=0.0.0.0/0 gateway=xxx.xxx.xxx.5 scope=30 target-scope=\
    10
add check-gateway=ping comment=Rostelekom disabled=yes distance=2 dst-address=0.0.0.0/0 gateway=192.168.1.1 scope=30 \
    target-scope=10
add check-gateway=ping disabled=no distance=1 dst-address=8.8.4.4/32 gateway=xxx.xxx.xxx.5 scope=30 target-scope=10
/ip service
set telnet address="" disabled=yes port=23
set ftp address="" disabled=no port=21
set www address="" disabled=no port=80
set ssh address="" disabled=no port=22
set www-ssl address="" certificate=none disabled=yes port=443
set api address="" disabled=no port=8728
set winbox address="" disabled=no port=8291
/ip smb
set allow-guests=yes comment=MikrotikSMB domain=MSHOME enabled=no interfaces=all
/ip smb shares
set [ find default=yes ] comment="default share" directory=/pub disabled=no max-sessions=10 name=pub
/ip smb users
set [ find default=yes ] disabled=no name=guest password="" read-only=yes
/ip socks
set connection-idle-timeout=2m enabled=no max-connections=200 port=1080
/ip traffic-flow
set active-flow-timeout=30m cache-entries=4k enabled=no inactive-flow-timeout=15s interfaces=all
/ip upnp
set allow-disable-external-interface=yes enabled=no show-dummy-rule=yes
/ipv6 nd
set [ find default=yes ] advertise-dns=no advertise-mac-address=yes disabled=no hop-limit=unspecified interface=all \
    managed-address-configuration=no mtu=unspecified other-configuration=no ra-delay=3s ra-interval=3m20s-10m ra-lifetime=\
    30m reachable-time=unspecified retransmit-interval=unspecified
/ipv6 nd prefix default
set autonomous=yes preferred-lifetime=1w valid-lifetime=4w2d
/mpls
set dynamic-label-range=16-1048575 propagate-ttl=yes
/mpls interface
set [ find default=yes ] disabled=no interface=all mpls-mtu=1508
/mpls ldp
set distribute-for-default-route=no enabled=no hop-limit=255 loop-detect=no lsr-id=0.0.0.0 path-vector-limit=255 \
    transport-address=0.0.0.0 use-explicit-null=no
/port firmware
set directory=firmware ignore-directip-modem=no
/ppp aaa
set accounting=yes interim-update=0s use-radius=no
/queue interface
set ether1 queue=ethernet-default
set ether2 queue=ethernet-default
set ether3 queue=ethernet-default
/radius incoming
set accept=no port=3799
/routing bfd interface
set [ find default=yes ] disabled=no interface=all interval=0.2s min-rx=0.2s multiplier=5
/routing igmp-proxy
set query-interval=2m5s query-response-interval=10s quick-leave=no
/routing mme
set bidirectional-timeout=2 gateway-class=none gateway-keepalive=1m gateway-selection=no-gateway origination-interval=5s \
    preferred-gateway=0.0.0.0 timeout=1m ttl=50
/routing pim
set switch-to-spt=yes switch-to-spt-bytes=0 switch-to-spt-interval=1m40s
/routing rip
set distribute-default=never garbage-timer=2m metric-bgp=1 metric-connected=1 metric-default=1 metric-ospf=1 metric-static=1 \
    redistribute-bgp=no redistribute-connected=no redistribute-ospf=no redistribute-static=no routing-table=main \
    timeout-timer=3m update-timer=30s
/routing ripng
set distribute-default=never garbage-timer=2m metric-bgp=1 metric-connected=1 metric-default=1 metric-ospf=1 metric-static=1 \
    redistribute-bgp=no redistribute-connected=no redistribute-ospf=no redistribute-static=no timeout-timer=3m update-timer=\
    30s
/snmp
set contact="" enabled=no engine-id="" location="" trap-generators="" trap-target="" trap-version=1
/system clock
set time-zone-name=manual
/system clock manual
set dst-delta=+00:00 dst-end="jan/01/1970 00:00:00" dst-start="jan/01/1970 00:00:00" time-zone=+00:00
/system console
set [ find port=serial0 ] channel=0 disabled=no port=serial0 term=vt102
set [ find vcno=1 ] channel=0 disabled=no term=linux
set [ find vcno=2 ] channel=0 disabled=no term=linux
set [ find vcno=3 ] channel=0 disabled=no term=linux
set [ find vcno=4 ] channel=0 disabled=no term=linux
set [ find vcno=5 ] channel=0 disabled=no term=linux
set [ find vcno=6 ] channel=0 disabled=no term=linux
set [ find vcno=7 ] channel=0 disabled=no term=linux
set [ find vcno=8 ] channel=0 disabled=no term=linux
/system console screen
set blank-interval=10min line-count=25
/system gps
set channel=0 enabled=no set-system-time=no
/system hardware
set multi-cpu=yes
/system health
set state-after-reboot=enabled
/system identity
set name=MikroTik
/system lcd
set contrast=0 enabled=no port=parallel type=24x4
/system lcd page
set time disabled=yes display-time=5s
set resources disabled=yes display-time=5s
set uptime disabled=yes display-time=5s
set packets disabled=yes display-time=5s
set bits disabled=yes display-time=5s
set version disabled=yes display-time=5s
set identity disabled=yes display-time=5s
set ether3 disabled=yes display-time=5s
set ether2 disabled=yes display-time=5s
set ether1 disabled=yes display-time=5s
/system logging
set 0 action=memory disabled=no prefix="" topics=info
set 1 action=memory disabled=no prefix="" topics=error
set 2 action=memory disabled=no prefix="" topics=warning
set 3 action=echo disabled=no prefix="" topics=critical
/system note
set note="" show-at-login=yes
/system ntp client
set enabled=no mode=unicast primary-ntp=0.0.0.0 secondary-ntp=0.0.0.0
/system ntp server
set broadcast=no broadcast-addresses="" enabled=no manycast=yes multicast=no
/system resource irq
set 0 cpu=auto
set 1 cpu=auto
set 2 cpu=auto
set 3 cpu=auto
set 4 cpu=auto
set 5 cpu=auto
set 6 cpu=auto
set 7 cpu=auto
set 8 cpu=auto
set 9 cpu=auto
set 10 cpu=auto
set 11 cpu=auto
/system resource irq rps
set ether1 disabled=no
set ether2 disabled=no
set ether3 disabled=no
/system upgrade mirror
set check-interval=1d enabled=no primary-server=0.0.0.0 secondary-server=0.0.0.0 user=""
/system watchdog
set auto-send-supout=no automatic-supout=yes no-ping-delay=5m watch-address=none watchdog-timer=yes
/tool bandwidth-server
set allocate-udp-ports-from=2000 authenticate=yes enabled=yes max-sessions=100
/tool e-mail
set address=0.0.0.0 from=<> password="" port=25 starttls=no user=""
/tool graphing
set page-refresh=300 store-every=5min
/tool mac-server
set [ find default=yes ] disabled=no interface=all
/tool mac-server mac-winbox
set [ find default=yes ] disabled=no interface=all
/tool mac-server ping
set enabled=yes
/tool netwatch
add disabled=no down-script=\
    "/ip route set [find comment=\"Ucom\"] disabled=yes\r\
    \n/ip route set [find comment=\"Rostelekom\"] disabled=no" host=8.8.4.4 interval=10s timeout=1s up-script=\
    "/ip route set [find comment=\"Ucom\"] disabled=no\r\
    \n/ip route set [find comment=\"Rostelekom\"] disabled=yes"
/tool sms
set allowed-number="" channel=0 keep-max-sms=0 receive-enabled=no secret=""
/tool sniffer
set file-limit=1000KiB file-n
    filter-port="" filter-str
    no streaming-server=0.0.0
/tool traffic-generator
set latency-distribution-scal
/user aaa
set accounting=yes default-gr
[admin@MikroTik] >


DmNuts
Сообщения: 120
Зарегистрирован: 18 май 2016, 18:33
Откуда: Иркутск

Код: Выделить всё

/ip route add disabled=yes distance=1 dst-address=0.0.0.0/0 gateway=ether3 routing-mark=cs21ros scope=30 target-scope=10

Замените ether3 на 192.168.1.1, broadcast интерфейс нежелательно указывать в качестве шлюза.
Или можно перевести модем в режим моста, тогда на Микротике будет pppoe клиент, ppp интерфейс может быть шлюзом, заодно избавитесь от двойного NAT'a (тут я предположил, что Ростелеком приходит через PON терминал).


ahnenerbe
Сообщения: 0
Зарегистрирован: 03 янв 2017, 12:32

заменил, все равно не работает.


ahnenerbe
Сообщения: 0
Зарегистрирован: 03 янв 2017, 12:32

Нашел проблему.
Проблема возникала из за фейловера при помощи netwatch, так как при такой настройке netwatch автоматически деактивирует 2ой (резервный) канал и включает его только тогда когда падает первый канал.
теперь нужно настроить фейловер по-другому. есть готовые скрипты для этого?


Ответить