Russian Users MikroTik | Форум пользователей MikroTik

[admin@vasek] > export
# may/04/2014 12:03:11 by RouterOS 6.12
# software id = PBD0-A2YH
#
/interface bridge
add l2mtu=2290 name=gosti_vasin
add admin-mac=D4:CA:6D:19:2A:2F auto-mac=no l2mtu=1598 name=vasin_net
/interface wireless
set [ find default-name=wlan1 ] adaptive-noise-immunity=ap-and-client-mode band=2ghz-b/g/n country=russia disabled=no distance=indoors l2mtu=2290 mode=ap-bridge name=WiFi_Vasiny periodic-calibration=enabled rate-set=configured ssid=WiFi_Vasiny \
tx-power-mode=all-rates-fixed wireless-protocol=802.11 wmm-support=enabled
/interface ethernet
set [ find default-name=ether2 ] name=ether2-master-local
set [ find default-name=ether3 ] master-port=ether2-master-local name=ether3-slave-local
set [ find default-name=ether4 ] master-port=ether2-master-local name=ether4-s-slave-local
set [ find default-name=ether5 ] master-port=ether2-master-local name=ether5-slave-local
set [ find default-name=ether1 ] name=wan
/interface wireless nstreme
set WiFi_Vasiny enable-polling=no
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa-psk,wpa2-psk eap-methods="" group-ciphers=tkip,aes-ccm management-protection-key=13029241 mode=dynamic-keys supplicant-identity=MikroTik unicast-ciphers=tkip,aes-ccm wpa-pre-shared-key=13029241 \
wpa2-pre-shared-key=13029241
add authentication-types=wpa2-psk eap-methods="" mode=dynamic-keys name=gosti_kosti supplicant-identity="" wpa2-pre-shared-key=gosti_kosti
add authentication-types=wpa-psk,wpa2-psk eap-methods="" mode=dynamic-keys name=gosti wpa-pre-shared-key=gosti_kosti wpa2-pre-shared-key=gosti_kosti
/interface wireless
add default-forwarding=no disabled=no l2mtu=2290 mac-address=D6:CA:6D:19:2A:33 master-interface=WiFi_Vasiny max-station-count=2000 name=gosti security-profile=gosti ssid=gosti_kosti wmm-support=enabled
/ip hotspot user profile
set [ find default=yes ] idle-timeout=none keepalive-timeout=2m mac-cookie-timeout=3d
/ip pool
add name=dhcp ranges=192.168.1.1-192.168.1.100
add name=dhcp_pool2 ranges=192.168.2.2-192.168.2.254
add name=dhcp_pool3 ranges=192.168.2.2-192.168.2.254
/ip dhcp-server
add address-pool=dhcp disabled=no interface=vasin_net name=default
add address-pool=dhcp_pool2 authoritative=yes bootp-support=dynamic disabled=no interface=gosti name=dhcp1
/interface bridge filter
add action=drop chain=forward disabled=yes in-interface=gosti
add chain=forward disabled=yes dst-mac-address=00:00:00:00:00:00/00:00:00:00:00:00 in-interface=gosti out-interface=wan
/interface bridge port
add bridge=vasin_net interface=ether2-master-local
add bridge=vasin_net interface=WiFi_Vasiny
add bridge=gosti_vasin interface=gosti
/interface wireless access-list
add comment=NATA mac-address=00:13:E8:8B:E6:1D
/ip address
add address=192.168.1.200/24 interface=ether2-master-local network=192.168.1.0
add address=192.168.30.39/24 interface=wan network=192.168.30.0
add address=192.168.1.1/24 disabled=yes interface=ether2-master-local network=192.168.1.0
add address=192.168.1.0/24 interface=ether2-master-local network=192.168.1.0
add address=192.168.2.0/24 disabled=yes interface=gosti network=192.168.2.0
/ip dhcp-server config
set store-leases-disk=immediately
/ip dhcp-server network
add address=192.168.1.0/24 dns-server=192.168.1.200 domain=VASINY gateway=192.168.1.200 netmask=24
add address=192.168.2.0/24 dns-server=192.168.1.200,95.167.167.96 domain=GOSTI_VASINY gateway=192.168.2.1
/ip dns
set allow-remote-requests=yes servers=95.167.167.95,95.167.167.96
/ip dns static
add address=192.168.1.200 name=vasek
/ip firewall address-list
add address=192.168.1.0/24 list=inet
add address=192.168.2.0/24 list=gosti
/ip firewall filter
add chain=forward comment="Allow established connection" connection-state=established
add chain=forward comment="Allow related connections" connection-state=related
add chain=forward comment="Alow acess to inet for gosti" in-interface=vasin_net out-interface=wan src-address-list=inet
add chain=forward comment="Alow acess to inet" in-interface=gosti out-interface=wan src-address-list=gosti
add chain=forward comment="Allow UDP" protocol=udp
add chain=forward p2p=all-p2p port=40611 protocol=udp src-address-list=inet
add action=drop chain=forward comment="Drop invalid connection packets" connection-state=invalid
add action=drop chain=forward comment="All other drop"
add action=drop chain=forward comment="all other drop" in-interface=wan
add action=drop chain=forward comment="drop from gosti to local" dst-address-list=inet src-address-list=gosti
/ip firewall nat
add action=masquerade chain=srcnat out-interface=wan src-address-list=inet to-addresses=0.0.0.0
add action=masquerade chain=srcnat comment=gosti out-interface=wan src-address-list=gosti to-addresses=0.0.0.0
/ip firewall service-port
set ftp disabled=yes
set tftp disabled=yes
set irc disabled=yes
set h323 disabled=yes
set sip disabled=yes
set pptp disabled=yes
/ip route
add comment=multik distance=1 gateway=192.168.30.1
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/ip upnp
set allow-disable-external-interface=no
/system clock manual
set time-zone=+04:00
/system identity
set name=vasek
/system leds
set 0 interface=WiFi_Vasiny
/system ntp client
set enabled=yes mode=unicast primary-ntp=193.1.193.157
/system routerboard settings
set cpu-frequency=700MHz
[admin@vasek] >