Согластно пункту 5 и 6, соответственно
[admin@MikroTik Master] > export
# jan/28/2019 20:39:53 by RouterOS 6.34.2
# software id = ****-****
#
/interface bridge
add admin-mac=6C:3B:6B:24:90:60 auto-mac=no comment=defconf name=bridge
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-Ce \
disabled=no frequency=auto mode=bridge name="wlan 2MHz" nv2-cell-radius=10 \
nv2-preshared-key="\F1\F4\E5\F3\EA\E7\F8\E4\E4\F4\EA" nv2-security=enabled \
ssid="MOCT 2MHz" wds-default-bridge=bridge wds-mode=dynamic wireless-protocol=\
nv2
set [ find default-name=wlan2 ] band=5ghz-a/n/ac channel-width=20/40/80mhz-Ceee \
disabled=no frequency=5745 frequency-mode=superchannel keepalive-frames=\
disabled mode=bridge multicast-helper=full name="wlan 5GHz" nv2-cell-radius=10 \
nv2-preshared-key=******** nv2-security=enabled ssid="MOCT 5GHz" tx-power=\
20 tx-power-mode=all-rates-fixed wds-default-bridge=bridge wds-mode=dynamic \
wireless-protocol=nv2 wmm-support=enabled
/interface ethernet
set [ find default-name=ether1 ] name=ethernet
/ip neighbor discovery
set "wlan 5GHz" discover=no
set bridge comment=defconf
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa2-psk eap-methods="" mode=\
dynamic-keys supplicant-identity=MikroTik wpa-pre-shared-key=caterpillar \
wpa2-pre-shared-key=caterpillar
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/ip pool
add name=default-dhcp ranges=192.168.88.10-192.168.88.254
/ip dhcp-server
add address-pool=default-dhcp disabled=no interface=bridge name=defconf
/queue type
set 1 pfifo-limit=500
set 2 kind=pfifo pfifo-limit=500
/interface bridge filter
add action=drop chain=input dst-port=68 in-interface="wlan 2MHz" ip-protocol=udp \
mac-protocol=ip
/interface bridge port
add bridge=bridge comment=defconf interface=ethernet
add bridge=bridge comment=defconf interface="wlan 2MHz"
add bridge=bridge interface="wlan 5GHz"
/ip address
add address=192.168.1.150/24 interface=ethernet network=192.168.1.0
add address=192.168.1.150/24 interface="wlan 5GHz" network=192.168.1.0
/ip dhcp-client
add comment=defconf dhcp-options=hostname,clientid disabled=no interface=\
"wlan 5GHz"
add dhcp-options=hostname,clientid interface=bridge
/ip dhcp-server network
add address=192.168.88.0/24 comment=defconf gateway=192.168.88.1
/ip dns
set allow-remote-requests=yes
/ip dns static
add address=192.168.1.150 name=router
/ip firewall filter
add chain=input comment="defconf: accept ICMP" protocol=icmp
add chain=input comment="defconf: accept establieshed,related" connection-state=\
established,related
# in/out-interface matcher not possible when interface (wlan 5GHz) is slave - use mas
er instead (bridge)
add action=drop chain=input comment="defconf: drop all from WAN" in-interface=\
"wlan 5GHz"
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
connection-state=established,related
add chain=forward comment="defconf: accept established,related" connection-state=\
established,related
add action=drop chain=forward comment="defconf: drop invalid" connection-state=\
invalid
# in/out-interface matcher not possible when interface (wlan 5GHz) is slave - use mas
er instead (bridge)
add action=drop chain=forward comment="defconf: drop all from WAN not DSTNATed" \
connection-nat-state=!dstnat connection-state=new in-interface="wlan 5GHz"
/ip firewall nat
# in/out-interface matcher not possible when interface (wlan 5GHz) is slave - use mas
er instead (bridge)
add action=masquerade chain=srcnat comment="defconf: masquerade" out-interface=\
"wlan 5GHz"
/ip route
add distance=1 gateway=192.168.1.1
/system clock
set time-zone-name=Europe/Moscow
/system identity
set name="MikroTik Master"
/system leds
set 0 interface="wlan 2MHz"
/system package update
set channel=bugfix
/system routerboard settings
set cpu-frequency=650MHz protected-routerboot=disabled
/tool mac-server
set [ find default=yes ] disabled=yes
add interface=bridge
/tool mac-server mac-winbox
set [ find default=yes ] disabled=yes
add interface=bridge
/tool traffic-monitor
add interface="wlan 5GHz" name="Traffic MOCT" threshold=0 trigger=always
[admin@MikroTik Master] >