Re: Умоляю, помогите советом
Добавлено: 25 май 2013, 04:07
Как переписать ручками самому системную конфигурацию? т.е. файл default-configuration ?
А вот что мы имеем:
[admin@MikroTik] /system> default-configuration print
script: :global ssid;
#| Wireless Configuration:
#| security-key: ХХХХХХХХХ;
#| mode: ap-bridge;
#| band: 2ghz-b/g/n;
#| frequency: 2412;
#| ht-chains: two;
#| ht-extension: 20/40mhz-ht-above;
#|
#| WAN (gateway) Configuration:
#| gateway: ether1 (renamed with extension '-gateway');
#| firewall: enabled;
#| NAT: enabled;
#| DHCP Client: enabled;
#|
#| LAN Configuration:
#| LAN Port: bridge-local;
#| switch group: ether2 (master), ether3, ether4, ether5
#| (renamed with extensions '-master-local' and '-slave-local')
#| LAN IP: 192.168.88.1;
#| DHCP Server: enabled;
:global action;
:local dhcpEnabled 0;
:local wirelessEnabled 0;
#check for wireless and dhcp packages
:if ([:len [/system package find name="dhcp" !disabled]] != 0) do={
:set dhcpEnabled 1;
}
:if ([:len [/system package find name="wireless" !disabled]] != 0) do={
:set wirelessEnabled 1;
}
#-------------------------------------------------------------------------------
# Apply configuration.
# these commands are executed after installation or configuration reset
#-------------------------------------------------------------------------------
:if ($action = "apply") do={
# wait for interfaces
:while ([/interface ethernet find] = "") do={ :delay 1s; };
:if ( $wirelessEnabled = 1) do={
:local count 0;
:while ([/interface wireless find] = "") do={
:set count ($count +1);
:if ($count = 60) do={
:log warning "DefConf: Unable to find wireless interface";
/ip address add address=192.168.88.1/24 interface=ether1;
/quit
}
:delay 1s;
};
/interface wireless set wlan1 mode=ap-bridge band=2ghz-b/g/n frequency=2412 ht-txchains=0,1 ht-rxchains=0,1 \
disabled=no wireless-protocol=any distance=indoors
:local wlanMac [/interface wireless get wlan1 mac-address];
:set ssid "MikroTik-$[:pick $wlanMac 9 11]$[:pick $wlanMac 12 14]$[:pick $wlanMac 15 17]"
/interface wireless set wlan1 ssid=$ssid
/interface wireless security-profiles set default wpa-pre-shared-key=418402599A2F wpa2-pre-shared-key=418402599A2F mode=dynamic-keys authe
ntication->
/interface wireless set wlan1 channel-width=20/40mhz-ht-above ;
|D dum}
|D dum/interface set ether1 name="ether1-gateway";
|D dum:if ( $dhcpEnabled = 1) do={
|D dump|right|/ip dhcp-client add interface=ether1-gateway disabled=no comment="default configuration";
|D dum}
|D dum/interface {
|D dump|right|set ether2 name=ether2-master-local;
|D dump|right|set ether3 name=ether3-slave-local;
|D dump|right|set ether4 name=ether4-slave-local;
|D dump|right|set ether5 name=ether5-slave-local;
|D dum}
|D dum/interface ethernet {
|D dump|right|set ether3-slave-local master-port=ether2-master-local;
|D dump|right|set ether4-slave-local master-port=ether2-master-local;
|D dump|right|set ether5-slave-local master-port=ether2-master-local;
|D dum}
|D dum/interface bridge
|D dump|right|add name=bridge-local disabled=no auto-mac=no protocol-mode=rstp;
|D dum:local bMACIsSet 0;
|D dum:foreach k in=[/interface find] do={
|D dump|right|:local tmpPortName [/interface get $k name];
|D dump|right|:if (!($tmpPortName~"bridge" || $tmpPortName~"ether1"|| $tmpPortName~"slave")) do={
|D dump|right|up|down]:if ($bMACIsSet = 0) do={
|D dump|right|up|down] :if ([/interface get $k type] = "ether") do={
|D dump|right|up|down] /interface bridge set "bridge-local" admin-mac=[/interface ethernet get $tmpPortName mac-address];
|D dump|right|up|down] :set bMACIsSet 1;
|D dump|right|up|down] }
|D dump|right|up|down]}
|D dump|right|up|down]/interface bridge port
|D dump|right|up|down] add bridge=bridge-local interface=$tmpPortName;
|D dump|right|}
|D dum}
|D dum/ip address add address=192.168.88.1/24 interface=bridge-local comment="default configuration";
|D dum:if ($dhcpEnabled = 1) do={
|D dump|right|/ip pool add name="default-dhcp" ranges=192.168.88.10-192.168.88.254;
|D dump|right|/ip dhcp-server
|D dump|right|up|down]add name=default address-pool="default-dhcp" interface=bridge-local disabled=no;
|D dump|right|/ip dhcp-server network
|D dump|right|up|down]add address=192.168.88.0/24 gateway=192.168.88.1 dns-server=192.168.88.1 comment="default configuration";
|D dum}
|D dum/ip firewall nat add chain=srcnat out-interface=ether1-gateway action=masquerade comment="default configuration"
|D dum/ip firewall {
|D dump|right|filter add chain=input action=accept protocol=icmp comment="default configuration"
|D dump|right|filter add chain=input action=accept connection-state=established comment="default configuration"
|D dump|right|filter add chain=input action=accept connection-state=related comment="default configuration"
|D dump|right|filter add chain=input action=drop in-interface=ether1-gateway comment="default configuration"
filter add chain=forward action=accept connection-state=established comment="default configuration"
filter add chain=forward action=accept connection-state=related comment="default configuration"
filter add chain=forward action=drop connection-state=invalid comment="default configuration"
|D dum}
|D dum/tool mac-server disable [find];
|D dum/tool mac-server mac-winbox disable [find];
|D dum:foreach k in=[/interface find] do={
|D dump|right|:local tmpName [/interface get $k name];
|D dump|right|:if (!($tmpName~"ether1")) do={
|D dump|right|up|down]/tool mac-server add interface=$tmpName disabled=no;
|D dump|up|down] /tool mac-server mac-winbox add interface=$tmpName disabled=no;
|D dump|up|dow}
|D dum}
|D dum/ip neighbor discovery set [find name="ether1-gateway"] discover=no
|D dum/ip dns {
|D dump|up|dowset allow-remote-requests=yes
|D dump|up|dowstatic add name=router address=192.168.88.1
|D dum}
}
#-------------------------------------------------------------------------------
# Revert configuration.
# these commands are executed if user requests to remove default configuration
#-------------------------------------------------------------------------------
:if ($action = "revert") do={
# remove wan port protection
|D dum/ip firewall {
|D dump|up|dow:local o [nat find comment="default configuration"]
|D dump|up|dow:if ([:len $o] != 0) do={ nat remove $o }
|D dump|up|dow:local o [filter find comment="default configuration"]
|D dump|up|dow:if ([:len $o] != 0) do={ filter remove $o }
|D dum}
|D dum/tool mac-server remove [find interface!=all]
|D dum/tool mac-server set [find] disabled=no
|D dum/tool mac-server mac-winbox remove [find interface!=all]
|D dum/tool mac-server mac-winbox set [find] disabled=no
# reset wan ports;
|D dum/ip neighbor discovery set [find name="ether1-gateway"] discover=yes
|D dum/interface set "ether1-gateway" name=ether1;
|D dum:if ($dhcpEnabled = 1) do={
|D dump|up|dow:local o [/ip dhcp-server network find comment="default configuration"]
|D dump|up|dow:if ([:len $o] != 0) do={ /ip dhcp-server network remove $o }
|D dump|up|dow:local o [/ip dhcp-server find name="default" address-pool="default-dhcp" interface="bridge-local" !disabled]
|D dump|up|dow:if ([:len $o] != 0) do={ /ip dhcp-server remove $o }
|D dump|up|dow/ip pool {
|D dump|up|down] :local o [find name="default-dhcp" ranges=192.168.88.10-192.168.88.254]
|D dump|up|down] :if ([:len $o] != 0) do={ remove $o }
|D dump|up|dow}
|D dump|up|dow:local o [/ip dhcp-client find comment="default configuration"]
|D dump|up|dow:if ([:len $o] != 0) do={ /ip dhcp-client remove $o }
|D dum}
|D dum/ip dns {
|D dump|up|dowset allow-remote-requests=no
|D dump|up|dow:local o [static find name=router address=192.168.88.1]
|D dump|up|dow:if ([:len $o] != 0) do={ static remove $o }
|D dum}
|D dum/ip address {
|D dump|up|dow:local o [find comment="default configuration"]
|D dump|up|dow:if ([:len $o] != 0) do={ remove $o }
|D dum}
# remove switch
|D dum/interface set ether2-master-local name=ether2;
|D dum/interface ethernet set ether3-slave-local master-port=none;
|D dum/interface set ether3-slave-local name=ether3;
|D dum/interface ethernet set ether4-slave-local master-port=none;
|D dum/interface set ether4-slave-local name=ether4;
|D dum/interface ethernet set ether5-slave-local master-port=none;
|D dum/interface set ether5-slave-local name=ether5;
|D dum/interface bridge port remove [find bridge="bridge-local"]
|D dum/interface bridge remove [find name="bridge-local"]
|D dum:if ($wirelessEnabled = 1) do={
|D dump|up|dow/interface set [find name~"wlan1"] name=wlan1
|D dump|up|dow/interface wireless reset-configuration wlan1
|D dum}
}
А вот что мы имеем:
[admin@MikroTik] /system> default-configuration print
script: :global ssid;
#| Wireless Configuration:
#| security-key: ХХХХХХХХХ;
#| mode: ap-bridge;
#| band: 2ghz-b/g/n;
#| frequency: 2412;
#| ht-chains: two;
#| ht-extension: 20/40mhz-ht-above;
#|
#| WAN (gateway) Configuration:
#| gateway: ether1 (renamed with extension '-gateway');
#| firewall: enabled;
#| NAT: enabled;
#| DHCP Client: enabled;
#|
#| LAN Configuration:
#| LAN Port: bridge-local;
#| switch group: ether2 (master), ether3, ether4, ether5
#| (renamed with extensions '-master-local' and '-slave-local')
#| LAN IP: 192.168.88.1;
#| DHCP Server: enabled;
:global action;
:local dhcpEnabled 0;
:local wirelessEnabled 0;
#check for wireless and dhcp packages
:if ([:len [/system package find name="dhcp" !disabled]] != 0) do={
:set dhcpEnabled 1;
}
:if ([:len [/system package find name="wireless" !disabled]] != 0) do={
:set wirelessEnabled 1;
}
#-------------------------------------------------------------------------------
# Apply configuration.
# these commands are executed after installation or configuration reset
#-------------------------------------------------------------------------------
:if ($action = "apply") do={
# wait for interfaces
:while ([/interface ethernet find] = "") do={ :delay 1s; };
:if ( $wirelessEnabled = 1) do={
:local count 0;
:while ([/interface wireless find] = "") do={
:set count ($count +1);
:if ($count = 60) do={
:log warning "DefConf: Unable to find wireless interface";
/ip address add address=192.168.88.1/24 interface=ether1;
/quit
}
:delay 1s;
};
/interface wireless set wlan1 mode=ap-bridge band=2ghz-b/g/n frequency=2412 ht-txchains=0,1 ht-rxchains=0,1 \
disabled=no wireless-protocol=any distance=indoors
:local wlanMac [/interface wireless get wlan1 mac-address];
:set ssid "MikroTik-$[:pick $wlanMac 9 11]$[:pick $wlanMac 12 14]$[:pick $wlanMac 15 17]"
/interface wireless set wlan1 ssid=$ssid
/interface wireless security-profiles set default wpa-pre-shared-key=418402599A2F wpa2-pre-shared-key=418402599A2F mode=dynamic-keys authe
ntication->
/interface wireless set wlan1 channel-width=20/40mhz-ht-above ;
|D dum}
|D dum/interface set ether1 name="ether1-gateway";
|D dum:if ( $dhcpEnabled = 1) do={
|D dump|right|/ip dhcp-client add interface=ether1-gateway disabled=no comment="default configuration";
|D dum}
|D dum/interface {
|D dump|right|set ether2 name=ether2-master-local;
|D dump|right|set ether3 name=ether3-slave-local;
|D dump|right|set ether4 name=ether4-slave-local;
|D dump|right|set ether5 name=ether5-slave-local;
|D dum}
|D dum/interface ethernet {
|D dump|right|set ether3-slave-local master-port=ether2-master-local;
|D dump|right|set ether4-slave-local master-port=ether2-master-local;
|D dump|right|set ether5-slave-local master-port=ether2-master-local;
|D dum}
|D dum/interface bridge
|D dump|right|add name=bridge-local disabled=no auto-mac=no protocol-mode=rstp;
|D dum:local bMACIsSet 0;
|D dum:foreach k in=[/interface find] do={
|D dump|right|:local tmpPortName [/interface get $k name];
|D dump|right|:if (!($tmpPortName~"bridge" || $tmpPortName~"ether1"|| $tmpPortName~"slave")) do={
|D dump|right|up|down]:if ($bMACIsSet = 0) do={
|D dump|right|up|down] :if ([/interface get $k type] = "ether") do={
|D dump|right|up|down] /interface bridge set "bridge-local" admin-mac=[/interface ethernet get $tmpPortName mac-address];
|D dump|right|up|down] :set bMACIsSet 1;
|D dump|right|up|down] }
|D dump|right|up|down]}
|D dump|right|up|down]/interface bridge port
|D dump|right|up|down] add bridge=bridge-local interface=$tmpPortName;
|D dump|right|}
|D dum}
|D dum/ip address add address=192.168.88.1/24 interface=bridge-local comment="default configuration";
|D dum:if ($dhcpEnabled = 1) do={
|D dump|right|/ip pool add name="default-dhcp" ranges=192.168.88.10-192.168.88.254;
|D dump|right|/ip dhcp-server
|D dump|right|up|down]add name=default address-pool="default-dhcp" interface=bridge-local disabled=no;
|D dump|right|/ip dhcp-server network
|D dump|right|up|down]add address=192.168.88.0/24 gateway=192.168.88.1 dns-server=192.168.88.1 comment="default configuration";
|D dum}
|D dum/ip firewall nat add chain=srcnat out-interface=ether1-gateway action=masquerade comment="default configuration"
|D dum/ip firewall {
|D dump|right|filter add chain=input action=accept protocol=icmp comment="default configuration"
|D dump|right|filter add chain=input action=accept connection-state=established comment="default configuration"
|D dump|right|filter add chain=input action=accept connection-state=related comment="default configuration"
|D dump|right|filter add chain=input action=drop in-interface=ether1-gateway comment="default configuration"
filter add chain=forward action=accept connection-state=established comment="default configuration"
filter add chain=forward action=accept connection-state=related comment="default configuration"
filter add chain=forward action=drop connection-state=invalid comment="default configuration"
|D dum}
|D dum/tool mac-server disable [find];
|D dum/tool mac-server mac-winbox disable [find];
|D dum:foreach k in=[/interface find] do={
|D dump|right|:local tmpName [/interface get $k name];
|D dump|right|:if (!($tmpName~"ether1")) do={
|D dump|right|up|down]/tool mac-server add interface=$tmpName disabled=no;
|D dump|up|down] /tool mac-server mac-winbox add interface=$tmpName disabled=no;
|D dump|up|dow}
|D dum}
|D dum/ip neighbor discovery set [find name="ether1-gateway"] discover=no
|D dum/ip dns {
|D dump|up|dowset allow-remote-requests=yes
|D dump|up|dowstatic add name=router address=192.168.88.1
|D dum}
}
#-------------------------------------------------------------------------------
# Revert configuration.
# these commands are executed if user requests to remove default configuration
#-------------------------------------------------------------------------------
:if ($action = "revert") do={
# remove wan port protection
|D dum/ip firewall {
|D dump|up|dow:local o [nat find comment="default configuration"]
|D dump|up|dow:if ([:len $o] != 0) do={ nat remove $o }
|D dump|up|dow:local o [filter find comment="default configuration"]
|D dump|up|dow:if ([:len $o] != 0) do={ filter remove $o }
|D dum}
|D dum/tool mac-server remove [find interface!=all]
|D dum/tool mac-server set [find] disabled=no
|D dum/tool mac-server mac-winbox remove [find interface!=all]
|D dum/tool mac-server mac-winbox set [find] disabled=no
# reset wan ports;
|D dum/ip neighbor discovery set [find name="ether1-gateway"] discover=yes
|D dum/interface set "ether1-gateway" name=ether1;
|D dum:if ($dhcpEnabled = 1) do={
|D dump|up|dow:local o [/ip dhcp-server network find comment="default configuration"]
|D dump|up|dow:if ([:len $o] != 0) do={ /ip dhcp-server network remove $o }
|D dump|up|dow:local o [/ip dhcp-server find name="default" address-pool="default-dhcp" interface="bridge-local" !disabled]
|D dump|up|dow:if ([:len $o] != 0) do={ /ip dhcp-server remove $o }
|D dump|up|dow/ip pool {
|D dump|up|down] :local o [find name="default-dhcp" ranges=192.168.88.10-192.168.88.254]
|D dump|up|down] :if ([:len $o] != 0) do={ remove $o }
|D dump|up|dow}
|D dump|up|dow:local o [/ip dhcp-client find comment="default configuration"]
|D dump|up|dow:if ([:len $o] != 0) do={ /ip dhcp-client remove $o }
|D dum}
|D dum/ip dns {
|D dump|up|dowset allow-remote-requests=no
|D dump|up|dow:local o [static find name=router address=192.168.88.1]
|D dump|up|dow:if ([:len $o] != 0) do={ static remove $o }
|D dum}
|D dum/ip address {
|D dump|up|dow:local o [find comment="default configuration"]
|D dump|up|dow:if ([:len $o] != 0) do={ remove $o }
|D dum}
# remove switch
|D dum/interface set ether2-master-local name=ether2;
|D dum/interface ethernet set ether3-slave-local master-port=none;
|D dum/interface set ether3-slave-local name=ether3;
|D dum/interface ethernet set ether4-slave-local master-port=none;
|D dum/interface set ether4-slave-local name=ether4;
|D dum/interface ethernet set ether5-slave-local master-port=none;
|D dum/interface set ether5-slave-local name=ether5;
|D dum/interface bridge port remove [find bridge="bridge-local"]
|D dum/interface bridge remove [find name="bridge-local"]
|D dum:if ($wirelessEnabled = 1) do={
|D dump|up|dow/interface set [find name~"wlan1"] name=wlan1
|D dump|up|dow/interface wireless reset-configuration wlan1
|D dum}
}