Конфигурация Билайн+IpTV hap lite - hap ac2

Выкладываем здесь готовые конфигурации под определенные типовые задачи
Ответить
valeriy.cheprasov
Сообщения: 13
Зарегистрирован: 11 янв 2020, 16:25

16 янв 2020, 17:45

Подходит для hap lite - hap ac2 (Установить пакет multicast перед заливкой) Изменить пароль на wifi

Код: Выделить всё

/interface bridge
add comment=Most igmp-snooping=yes name=bridge1
/interface ethernet
set [ find default-name=ether1 ] advertise=\
    10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full comment=\
    Internet name=ether1-beeline rx-flow-control=auto speed=1Gbps \
    tx-flow-control=auto
set [ find default-name=ether2 ] advertise=\
    10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full comment=LAN \
    rx-flow-control=auto speed=1Gbps tx-flow-control=auto
set [ find default-name=ether3 ] advertise=\
    10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
set [ find default-name=ether4 ] advertise=\
    10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
set [ find default-name=ether5 ] advertise=\
    10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
/interface wireless
set [ find default-name=wlan1 ] antenna-gain=0 band=2ghz-b/g/n channel-width=\
    20/40mhz-Ce country=russia disabled=no frequency=auto frequency-mode=\
    manual-txpower mode=ap-bridge ssid=Mars2.4Hz
set [ find default-name=wlan2 ] antenna-gain=0 band=5ghz-onlyac \
    channel-width=20/40/80mhz-eeCe country=russia disabled=no frequency=auto \
    frequency-mode=manual-txpower mode=ap-bridge ssid=Mars5Hz tx-power=15 \
    tx-power-mode=all-rates-fixed wmm-support=enabled
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa2-psk eap-methods="" \
    group-key-update=1h mode=dynamic-keys supplicant-identity=MikroTik \
    wpa-pre-shared-key=12345678 wpa2-pre-shared-key=12345678
add authentication-types=wpa2-psk eap-methods="" group-key-update=1h \
    management-protection=allowed mode=dynamic-keys name=profile1 \
    supplicant-identity="" wpa2-pre-shared-key=12345678
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/ip pool
add name=dhcp_pool0 ranges=192.168.1.2-192.168.1.254
/ip dhcp-server
add address-pool=dhcp_pool0 disabled=no interface=bridge1 lease-time=23h59m \
    name=dhcp1
/interface bridge port
add bridge=bridge1 interface=ether2
add bridge=bridge1 interface=ether3
add bridge=bridge1 interface=ether4
add bridge=bridge1 interface=wlan1
add bridge=bridge1 interface=wlan2
add bridge=bridge1 interface=ether5
/ip address
add address=192.168.1.1/24 interface=bridge1 network=192.168.1.0
/ip dhcp-client
add disabled=no interface=ether1-beeline
/ip dhcp-server lease
add address=192.168.1.239 client-id=1:7c:fa:df:4:41:e0 mac-address=\
    7C:FA:DF:04:41:E0 server=dhcp1
/ip dhcp-server network
add address=192.168.1.0/24 gateway=192.168.1.1
/ip dns
set servers=8.8.8.8
/ip firewall filter
add action=accept chain=input comment="\CF\F0\E0\E2\E8\EB\E0" in-interface=\
    bridge1
add action=accept chain=input comment="\F1\E2\FF\E7\E0\ED\ED\FB\E5 \E2\F5\EE\
    \E4\FF\F9\E8\E5 \F1\EE\E5\E4\E8\ED\E5\ED\E8\FF" connection-state=\
    established,related
add action=accept chain=input comment=IpTV in-interface=ether1-beeline \
    protocol=igmp
add action=accept chain=forward in-interface=ether1-beeline protocol=udp
add action=accept chain=forward in-interface=ether1-beeline protocol=igmp
add action=drop chain=input comment="\E1\EB\EE\EA\E8\F0\EE\E2\E0\F2\FC \E2\F1\
    \E5 \E2\F5\EE\E4\FF\F9\E8\E5 WAN " in-interface=ether1-beeline
add action=fasttrack-connection chain=forward comment=Fasttrack \
    connection-state=established,related
add action=accept chain=forward connection-state=established,related
add action=drop chain=forward comment="DROP INVALID" connection-state=invalid
add action=drop chain=forward comment="DROP WAN---LAN" in-interface=\
    ether1-beeline out-interface=bridge1
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1-beeline
add action=masquerade chain=srcnat out-interface=bridge1
/ip route
add distance=1 dst-address=10.191.16.0/24 gateway=100.80.0.1
add distance=1 dst-address=78.107.0.0/16 gateway=100.80.0.1
add distance=1 dst-address=83.102.0.0/16 gateway=100.80.0.1
add distance=1 dst-address=85.21.0.0/16 gateway=100.80.0.1
add distance=1 dst-address=85.21.192.0/24 gateway=100.80.0.1
add distance=1 dst-address=194.67.0.0/16 gateway=100.80.0.1
add distance=1 dst-address=195.14.0.0/16 gateway=100.80.0.1
add distance=1 dst-address=212.44.0.0/16 gateway=100.80.0.1
add distance=1 dst-address=213.234.192.0/24 gateway=100.80.0.1
add distance=1 dst-address=217.118.0.0/16 gateway=100.80.0.1
add distance=1 dst-address=233.33.210.0/24 gateway=100.80.0.1
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/routing igmp-proxy
set query-interval=30s query-response-interval=20s
/routing igmp-proxy interface
add alternative-subnets=0.0.0.0/0 interface=ether1-beeline upstream=yes
add interface=bridge1
/system clock
set time-zone-autodetect=no time-zone-name=Europe/Moscow


Ответить