All pastes #2121485 Raw Edit

Miscellany

public text v1 · immutable
#2121485 ·published 2012-02-25 10:15 UTC
rendered paste body
/ip hotspot profile
set [ find default=yes ] dns-name="" hotspot-address=0.0.0.0 html-directory=hotspot http-cookie-lifetime=3d http-proxy=0.0.0.0:0 login-by=cookie,http-chap name=default \
    rate-limit="" smtp-server=0.0.0.0 split-user-domain=no use-radius=no
/ip hotspot user profile
set [ find default=yes ] idle-timeout=none keepalive-timeout=2m name=default shared-users=1 status-autorefresh=1m transparent-proxy=no
/ip ipsec proposal
set [ find default=yes ] auth-algorithms=sha1 disabled=no enc-algorithms=3des lifetime=30m name=default pfs-group=modp1024
/ip pool
add name=default-dhcp ranges=192.168.88.10-192.168.88.254
/ip dhcp-server
add address-pool=default-dhcp authoritative=after-2sec-delay bootp-support=static disabled=no interface=bridge-local lease-time=3d name=default
/ip accounting
set account-local-traffic=no enabled=no threshold=256
/ip accounting web-access
set accessible-via-web=no address=0.0.0.0/0
/ip address
add address=192.168.88.1/24 comment="default configuration" disabled=no interface=bridge-local network=192.168.88.0
/ip dhcp-client
add add-default-route=yes comment="default configuration" default-route-distance=1 disabled=no interface=ether1-CABLE use-peer-dns=yes use-peer-ntp=yes
add add-default-route=yes default-route-distance=0 disabled=no interface=ether5-DSL use-peer-dns=yes use-peer-ntp=yes
/ip dhcp-server config
set store-leases-disk=5m
/ip dhcp-server network
add address=192.168.88.0/24 comment="default configuration" dhcp-option="" dns-server=192.168.88.1 gateway=192.168.88.1 ntp-server="" wins-server=""
/ip dns
set allow-remote-requests=yes cache-max-ttl=1w cache-size=2048KiB max-udp-packet-size=4096 servers=8.8.8.8
/ip dns static
add address=192.168.88.1 disabled=no name=router ttl=1d
/ip firewall address-list
add address=85.24.138.81 disabled=no list=usenet
add address=216.168.3.30 disabled=no list=usenet
/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s tcp-close-wait-timeout=10s tcp-established-timeout=1d tcp-fin-wait-timeout=10s tcp-last-ack-timeout=\
    10s tcp-syn-received-timeout=5s tcp-syn-sent-timeout=5s tcp-syncookie=no tcp-time-wait-timeout=10s udp-stream-timeout=3m udp-timeout=10s
/ip firewall filter
add action=accept chain=input comment="default configuration" disabled=no protocol=icmp
add action=accept chain=input comment="default configuration" connection-state=established disabled=no
add action=accept chain=input comment="default configuration" connection-state=related disabled=no
add action=drop chain=input comment="default configuration" disabled=no in-interface=ether1-CABLE
/ip firewall mangle
add action=mark-packet chain=prerouting disabled=no new-packet-mark=your-mark passthrough=yes
add action=accept chain=prerouting disabled=no dst-address=192.168.1.0/24 in-interface=bridge-local
add action=accept chain=prerouting disabled=no dst-address=122.106.160.0/20 in-interface=bridge-local
add action=accept chain=prerouting connection-mark=no-mark disabled=no in-interface=ether1-CABLE
add action=accept chain=prerouting connection-mark=no-mark disabled=no in-interface=ether5-DSL
add action=mark-routing chain=output connection-mark=CABLE_conn disabled=no new-routing-mark=to_cable passthrough=yes
add action=mark-routing chain=output connection-mark=DSL_conn disabled=no new-routing-mark=to_dsl passthrough=yes
add action=mark-routing chain=prerouting disabled=no new-routing-mark=to_dsl passthrough=yes src-address-list=usenet
/ip firewall nat
add action=masquerade chain=srcnat comment="default configuration" disabled=no out-interface=ether5-DSL
add action=masquerade chain=srcnat disabled=no out-interface=ether1-CABLE
/ip firewall service-port
set ftp disabled=no ports=21
set tftp disabled=no ports=69
set irc disabled=no ports=6667
set h323 disabled=no
set sip disabled=no ports=5060,5061 sip-direct-media=yes
set pptp disabled=no
/ip hotspot service-port
set ftp disabled=no ports=21
/ip neighbor discovery
set ether1-CABLE disabled=yes
set ether2-master-local disabled=no
set ether3-slave-local disabled=no
set ether4-slave-local disabled=no
set ether5-DSL disabled=no
set wlan1 disabled=yes
set bridge-local disabled=no
/ip proxy
set always-from-cache=no cache-administrator=webmaster cache-hit-dscp=4 cache-on-disk=no enabled=no max-cache-size=none max-client-connections=600 max-fresh-time=3d \
    max-server-connections=600 parent-proxy=0.0.0.0 parent-proxy-port=0 port=8080 serialize-connections=no src-address=0.0.0.0
/ip route
add disabled=yes distance=1 dst-address=0.0.0.0/32 gateway=192.168.88.1 routing-mark=your-mark scope=30 target-scope=10
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=ether1-CABLE routing-mark=to_cable scope=30 target-scope=10
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=ether5-DSL routing-mark=to_dsl scope=30 target-scope=10
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=ether5-DSL scope=30 target-scope=10
add disabled=no distance=2 dst-address=0.0.0.0/0 gateway=ether1-CABLE scope=30 target-scope=10
/ip service
set telnet address="" disabled=no port=23
set ftp address="" disabled=no port=21
set www address="" disabled=no port=80
set ssh address="" disabled=no port=22
set www-ssl address="" certificate=none disabled=yes port=443
set api address="" disabled=yes port=8728
set winbox address="" disabled=no port=8291
/ip smb
set allow-guests=yes comment=MikrotikSMB domain=MSHOME enabled=no interfaces=all
/ip smb shares
set [ find default=yes ] comment="default share" directory=/pub disabled=no max-sessions=10 name=pub
/ip smb users
set [ find default=yes ] disabled=no name=guest password="" read-only=yes
/ip socks
set connection-idle-timeout=2m enabled=no max-connections=200 port=1080
/ip traffic-flow
set active-flow-timeout=30m cache-entries=4k enabled=no inactive-flow-timeout=15s interfaces=all
/ip upnp
set allow-disable-external-interface=yes enabled=no show-dummy-rule=yes