# feb/23/2013 17:38:03 by RouterOS 5.16 # software id = 337M-Y9YK # /interface bridge add admin-mac=00:00:00:00:00:00 ageing-time=5m arp=proxy-arp auto-mac=yes \ disabled=no forward-delay=15s l2mtu=1596 max-message-age=20s mtu=1500 \ name=bridgePC priority=0x8000 protocol-mode=none transmit-hold-count=6 add admin-mac=00:00:00:00:00:00 ageing-time=5m arp=enabled auto-mac=yes \ disabled=no forward-delay=15s l2mtu=1596 max-message-age=20s mtu=1500 \ name=bridgeTV priority=0x8000 protocol-mode=none transmit-hold-count=6 /interface ethernet set 0 arp=enabled auto-negotiation=yes cable-settings=default \ disable-running-check=yes disabled=no full-duplex=yes l2mtu=1600 \ mac-address=00:0D:B9:1F:66:90 mtu=1500 name=ether1_LAN speed=100Mbps set 1 arp=enabled auto-negotiation=yes cable-settings=default \ disable-running-check=yes disabled=no full-duplex=yes l2mtu=1600 \ mac-address=00:0D:B9:1F:66:91 mtu=1500 name=ether2_WAN speed=100Mbps /interface vlan add arp=enabled disabled=no interface=ether1_LAN l2mtu=1596 mtu=1500 name=\ vlan200 use-service-tag=no vlan-id=200 add arp=enabled disabled=no interface=ether1_LAN l2mtu=1596 mtu=1500 name=\ vlan201 use-service-tag=no vlan-id=201 /interface wireless security-profiles set [ find default=yes ] authentication-types="" eap-methods=passthrough \ group-ciphers="" group-key-update=5m interim-update=0s \ management-protection=disabled management-protection-key="" mode=none \ name=default radius-eap-accounting=no radius-mac-accounting=no \ radius-mac-authentication=no radius-mac-caching=disabled \ radius-mac-format=XX:XX:XX:XX:XX:XX radius-mac-mode=as-username \ static-algo-0=none static-algo-1=none static-algo-2=none static-algo-3=\ none static-key-0="" static-key-1="" static-key-2="" static-key-3="" \ static-sta-private-algo=none static-sta-private-key="" \ static-transmit-key=key-0 supplicant-identity=MikroTik tls-certificate=\ none tls-mode=no-certificates unicast-ciphers="" wpa-pre-shared-key="" \ wpa2-pre-shared-key="" add authentication-types=wpa2-psk eap-methods=passthrough group-ciphers=\ aes-ccm group-key-update=10m interim-update=0s management-protection=\ disabled management-protection-key="" mode=dynamic-keys name=klic \ radius-eap-accounting=no radius-mac-accounting=no \ radius-mac-authentication=no radius-mac-caching=disabled \ radius-mac-format=XX:XX:XX:XX:XX:XX radius-mac-mode=as-username \ static-algo-0=none static-algo-1=none static-algo-2=none static-algo-3=\ none static-key-0="" static-key-1="" static-key-2="" static-key-3="" \ static-sta-private-algo=none static-sta-private-key="" \ static-transmit-key=key-0 supplicant-identity="" tls-certificate=none \ tls-mode=no-certificates unicast-ciphers=aes-ccm wpa-pre-shared-key="" \ wpa2-pre-shared-key=63531115783030303030303030 /interface wireless set 0 adaptive-noise-immunity=ap-and-client-mode allow-sharedkey=no \ antenna-gain=0 area="" arp=enabled band=2ghz-b/g/n basic-rates-a/g=\ 6Mbps,9Mbps,12Mbps,18Mbps,24Mbps,36Mbps,48Mbps,54Mbps basic-rates-b=\ 1Mbps,2Mbps,5.5Mbps,11Mbps bridge-mode=enabled channel-width=\ 20/40mhz-ht-above compression=no country="czech republic" \ default-ap-tx-limit=0 default-authentication=yes default-client-tx-limit=\ 0 default-forwarding=yes dfs-mode=none disable-running-check=no disabled=\ no disconnect-timeout=3s distance=indoors frame-lifetime=0 frequency=2412 \ frequency-mode=regulatory-domain frequency-offset=0 hide-ssid=no \ ht-ampdu-priorities=0,1 ht-amsdu-limit=8192 ht-amsdu-threshold=8192 \ ht-basic-mcs=mcs-0 ht-guard-interval=any ht-rxchains=0,1 \ ht-supported-mcs="mcs-0,mcs-1,mcs-2,mcs-3,mcs-4,mcs-5,mcs-6,mcs-7,mcs-8,mc\ s-9,mcs-10,mcs-11,mcs-12,mcs-13,mcs-14,mcs-15,mcs-16,mcs-17,mcs-18,mcs-19,\ mcs-20,mcs-21,mcs-22,mcs-23" ht-txchains=0,1 hw-fragmentation-threshold=\ disabled hw-protection-mode=none hw-protection-threshold=0 hw-retries=7 \ l2mtu=2290 mac-address=00:80:48:75:43:74 max-station-count=2007 mode=\ ap-bridge mtu=1500 multicast-helper=default name=wlan1 \ noise-floor-threshold=default nv2-cell-radius=30 nv2-noise-floor-offset=\ default nv2-preshared-key="" nv2-qos=default nv2-queue-count=2 \ nv2-security=disabled on-fail-retry-time=100ms periodic-calibration=\ default periodic-calibration-interval=60 preamble-mode=both \ proprietary-extensions=post-2.9.25 radio-name=008048754374 \ rate-selection=legacy rate-set=default scan-list=default \ security-profile=klic ssid=ICQ228656487 station-bridge-clone-mac=\ 00:00:00:00:00:00 supported-rates-a/g=\ 6Mbps,9Mbps,12Mbps,18Mbps,24Mbps,36Mbps,48Mbps,54Mbps supported-rates-b=\ 1Mbps,2Mbps,5.5Mbps,11Mbps tdma-period-size=2 tx-power-mode=default \ update-stats-interval=disabled wds-cost-range=50-150 wds-default-bridge=\ none wds-default-cost=100 wds-ignore-ssid=no wds-mode=disabled \ wireless-protocol=802.11 wmm-support=enabled set 2 adaptive-noise-immunity=ap-and-client-mode allow-sharedkey=no \ antenna-gain=0 antenna-mode=ant-a area="" arp=enabled band=2ghz-onlyg \ basic-rates-a/g=6Mbps basic-rates-b=1Mbps bridge-mode=enabled burst-time=\ disabled channel-width=20mhz compression=no country="czech republic" \ default-ap-tx-limit=0 default-authentication=yes default-client-tx-limit=\ 0 default-forwarding=yes dfs-mode=none disable-running-check=no disabled=\ no disconnect-timeout=3s distance=indoors frame-lifetime=0 frequency=2437 \ frequency-mode=regulatory-domain frequency-offset=0 hide-ssid=no \ hw-fragmentation-threshold=disabled hw-protection-mode=none \ hw-protection-threshold=0 hw-retries=7 l2mtu=2290 mac-address=\ 00:0B:6B:D8:EF:AF max-station-count=2007 mode=ap-bridge mtu=1500 \ multicast-helper=default name=wlan2 noise-floor-threshold=default \ nv2-cell-radius=30 nv2-noise-floor-offset=default nv2-preshared-key="" \ nv2-qos=default nv2-queue-count=2 nv2-security=disabled \ on-fail-retry-time=100ms periodic-calibration=default \ periodic-calibration-interval=60 preamble-mode=both \ proprietary-extensions=post-2.9.25 radio-name=000B6BD8EFAF \ rate-selection=advanced rate-set=default scan-list=default \ security-profile=default ssid=DLNA_FILM station-bridge-clone-mac=\ 00:00:00:00:00:00 supported-rates-a/g=\ 6Mbps,9Mbps,12Mbps,18Mbps,24Mbps,36Mbps,48Mbps,54Mbps supported-rates-b=\ 1Mbps,2Mbps,5.5Mbps,11Mbps tdma-period-size=2 tx-power-mode=default \ update-stats-interval=disabled wds-cost-range=50-150 wds-default-bridge=\ none wds-default-cost=100 wds-ignore-ssid=no wds-mode=disabled \ wireless-protocol=802.11 wmm-support=disabled /interface wireless manual-tx-power-table set wlan1 manual-tx-powers="1Mbps:17,2Mbps:17,5.5Mbps:17,11Mbps:17,6Mbps:17,9M\ bps:17,12Mbps:17,18Mbps:17,24Mbps:17,36Mbps:17,48Mbps:17,54Mbps:17,HT20-0:\ 17,HT20-1:17,HT20-2:17,HT20-3:17,HT20-4:17,HT20-5:17,HT20-6:17,HT20-7:17,H\ T40-0:17,HT40-1:17,HT40-2:17,HT40-3:17,HT40-4:17,HT40-5:17,HT40-6:17,HT40-\ 7:17" set wlan2 manual-tx-powers="1Mbps:17,2Mbps:17,5.5Mbps:17,11Mbps:17,6Mbps:17,9M\ bps:17,12Mbps:17,18Mbps:17,24Mbps:17,36Mbps:17,48Mbps:17,54Mbps:17,HT20-0:\ 17,HT20-1:17,HT20-2:17,HT20-3:17,HT20-4:17,HT20-5:17,HT20-6:17,HT20-7:17,H\ T40-0:17,HT40-1:17,HT40-2:17,HT40-3:17,HT40-4:17,HT40-5:17,HT40-6:17,HT40-\ 7:17" /interface wireless nstreme set wlan1 disable-csma=no enable-nstreme=no enable-polling=no framer-limit=\ 3200 framer-policy=none set wlan2 disable-csma=no enable-nstreme=no enable-polling=yes framer-limit=\ 3200 framer-policy=none /interface wireless add area="" arp=enabled bridge-mode=enabled default-ap-tx-limit=0 \ default-authentication=yes default-client-tx-limit=0 default-forwarding=\ yes disable-running-check=no disabled=no hide-ssid=no l2mtu=2290 \ mac-address=96:0C:6D:8A:79:9F master-interface=wlan2 max-station-count=\ 2007 mtu=1500 multicast-helper=default name=Hotspot \ proprietary-extensions=post-2.9.25 security-profile=default ssid=Hotspot \ update-stats-interval=disabled wds-cost-range=0 wds-default-bridge=none \ wds-default-cost=0 wds-ignore-ssid=no wds-mode=disabled wmm-support=\ disabled /ip hotspot profile set [ find default=yes ] dns-name="" hotspot-address=0.0.0.0 html-directory=\ hotspot http-cookie-lifetime=3d http-proxy=0.0.0.0:0 login-by=\ cookie,http-chap name=default rate-limit="" smtp-server=0.0.0.0 \ split-user-domain=no use-radius=no /ip hotspot user profile set [ find default=yes ] idle-timeout=none keepalive-timeout=2m name=default \ rate-limit=1000000 shared-users=4 status-autorefresh=1m \ transparent-proxy=no add idle-timeout=none keepalive-timeout=2m name=neomezene shared-users=4 \ status-autorefresh=1m transparent-proxy=no /ip hotspot profile add dns-name="" hotspot-address=10.33.10.1 html-directory=hotspot \ http-cookie-lifetime=1h http-proxy=0.0.0.0:0 login-by=\ cookie,http-chap,trial name=hsprof1 rate-limit="" smtp-server=0.0.0.0 \ split-user-domain=no trial-uptime=1h/12h trial-user-profile=default \ use-radius=no /ip ipsec proposal set [ find default=yes ] auth-algorithms=sha1 disabled=no enc-algorithms=3des \ lifetime=30m name=default pfs-group=modp1024 /ip pool add name=pool_PC ranges=192.168.0.2-192.168.0.22 add name=pool_hotspot ranges=10.33.10.2-10.33.10.22 add name=pool_TV ranges=192.168.88.2-192.168.88.253 /ip dhcp-server add address-pool=pool_PC authoritative=after-2sec-delay bootp-support=static \ disabled=no interface=bridgePC lease-time=12h name=dhcp1 add address-pool=pool_hotspot authoritative=after-2sec-delay bootp-support=\ static disabled=no interface=Hotspot lease-time=30m name=dhcp2 add address-pool=pool_TV authoritative=after-2sec-delay bootp-support=static \ disabled=no interface=bridgeTV lease-time=12h name=dhcp3 /ip hotspot add address-pool=pool_hotspot addresses-per-mac=2 disabled=no idle-timeout=5m \ interface=Hotspot keepalive-timeout=none name=hotspot1 profile=hsprof1 /port set 0 baud-rate=38400 data-bits=8 flow-control=none name=serial0 parity=none \ stop-bits=1 set 1 baud-rate=9600 data-bits=8 flow-control=none name=serial1 parity=none \ stop-bits=1 set 2 baud-rate=9600 data-bits=8 flow-control=none name=usb3 parity=none \ stop-bits=1 /ppp profile set 0 change-tcp-mss=yes name=default only-one=default use-compression=\ default use-encryption=default use-mpls=default use-vj-compression=\ default add change-tcp-mss=default local-address=192.168.0.1 name=profile1 only-one=\ default remote-address=pool_PC use-compression=default use-encryption=\ default use-mpls=default use-vj-compression=default set 2 change-tcp-mss=yes name=default-encryption only-one=default \ use-compression=default use-encryption=yes use-mpls=default \ use-vj-compression=default /interface ppp-client add add-default-route=yes allow=chap data-channel=0 dial-command=ATDT \ dial-on-demand=no disabled=yes info-channel=1 keepalive-timeout=30 \ max-mru=1500 max-mtu=1500 modem-init="" mrru=disabled name=ppp-out1 \ null-modem=no password=ufon phone=#777 pin="" port=usb3 profile=\ default-encryption use-peer-dns=yes user=ufon /queue type set 0 kind=pfifo name=default pfifo-limit=50 set 1 kind=pfifo name=ethernet-default pfifo-limit=50 set 2 kind=sfq name=wireless-default sfq-allot=1514 sfq-perturb=5 set 3 kind=red name=synchronous-default red-avg-packet=1000 red-burst=20 \ red-limit=60 red-max-threshold=50 red-min-threshold=10 set 4 kind=sfq name=hotspot-default sfq-allot=1514 sfq-perturb=5 set 5 kind=none name=only-hardware-queue set 6 kind=mq-pfifo mq-pfifo-limit=50 name=multi-queue-ethernet-default set 7 kind=pfifo name=default-small pfifo-limit=10 /routing bgp instance set default as=65530 client-to-client-reflection=yes disabled=no \ ignore-as-path-len=no name=default out-filter="" redistribute-connected=\ no redistribute-ospf=no redistribute-other-bgp=no redistribute-rip=no \ redistribute-static=no router-id=0.0.0.0 routing-table="" /routing ospf instance set [ find default=yes ] disabled=no distribute-default=never in-filter=\ ospf-in metric-bgp=auto metric-connected=20 metric-default=1 \ metric-other-ospf=auto metric-rip=20 metric-static=20 name=default \ out-filter=ospf-out redistribute-bgp=no redistribute-connected=no \ redistribute-other-ospf=no redistribute-rip=no redistribute-static=no \ router-id=0.0.0.0 /routing ospf area set [ find default=yes ] area-id=0.0.0.0 disabled=no instance=default name=\ backbone type=default /snmp community set [ find default=yes ] address=0.0.0.0/0 authentication-password="" \ authentication-protocol=MD5 encryption-password="" encryption-protocol=\ DES name=public read-access=yes security=none write-access=no /system logging action set 0 memory-lines=100 memory-stop-on-full=no name=memory target=memory set 1 memory-lines=100 memory-stop-on-full=no name=disk target=memory set 2 name=echo remember=no target=echo set 3 bsd-syslog=no name=remote remote-port=514 src-address=0.0.0.0 \ syslog-facility=daemon syslog-severity=auto target=remote /user group set read name=read policy="local,telnet,ssh,reboot,read,test,winbox,password,w\ eb,sniff,sensitive,api,!ftp,!write,!policy" skin=default set write name=write policy="local,telnet,ssh,reboot,read,write,test,winbox,pa\ ssword,web,sniff,sensitive,api,!ftp,!policy" skin=default set full name=full policy="local,telnet,ssh,ftp,reboot,read,write,policy,test,\ winbox,password,web,sniff,sensitive,api" skin=default /interface bridge port add bridge=bridgePC disabled=no edge=auto external-fdb=auto horizon=none \ interface=vlan200 path-cost=10 point-to-point=auto priority=0x80 add bridge=bridgePC disabled=no edge=auto external-fdb=auto horizon=none \ interface=wlan1 path-cost=10 point-to-point=auto priority=0x80 add bridge=bridgeTV disabled=no edge=auto external-fdb=auto horizon=none \ interface=vlan201 path-cost=10 point-to-point=auto priority=0x80 /interface bridge settings set use-ip-firewall=no use-ip-firewall-for-pppoe=no use-ip-firewall-for-vlan=\ no /interface l2tp-server server set authentication=pap,chap,mschap1,mschap2 default-profile=\ default-encryption enabled=no max-mru=1460 max-mtu=1460 mrru=disabled /interface ovpn-server server set auth=sha1,md5 certificate=none cipher=blowfish128,aes128 default-profile=\ default enabled=no keepalive-timeout=60 mac-address=FE:63:35:01:EB:00 \ max-mtu=1500 mode=ip netmask=24 port=1194 require-client-certificate=no /interface pptp-server server set authentication=mschap2 default-profile=default-encryption enabled=yes \ keepalive-timeout=30 max-mru=1460 max-mtu=1460 mrru=disabled /interface sstp-server server set authentication=pap,chap,mschap1,mschap2 certificate=none default-profile=\ default enabled=no keepalive-timeout=60 max-mru=1500 max-mtu=1500 mrru=\ disabled port=443 verify-client-certificate=no /interface wireless align set active-mode=yes audio-max=-20 audio-min=-100 audio-monitor=\ 00:00:00:00:00:00 filter-mac=00:00:00:00:00:00 frame-size=300 \ frames-per-second=25 receive-all=no ssid-all=no /interface wireless sniffer set channel-time=200ms file-limit=10 file-name="" memory-limit=10 \ multiple-channels=no only-headers=no receive-errors=no streaming-enabled=\ no streaming-max-rate=0 streaming-server=0.0.0.0 /interface wireless snooper set channel-time=200ms multiple-channels=yes receive-errors=no /ip accounting set account-local-traffic=no enabled=no threshold=256 /ip accounting web-access set accessible-via-web=no address=0.0.0.0/0 /ip address add address=10.33.10.1/24 disabled=no interface=Hotspot network=10.33.10.0 add address=192.168.0.1/24 disabled=no interface=bridgePC network=192.168.0.0 add address=192.168.88.1/24 disabled=no interface=bridgeTV network=\ 192.168.88.0 add address=10.192.251.2/28 disabled=no interface=ether2_WAN network=\ 10.192.251.0 /ip dhcp-server config set store-leases-disk=never /ip dhcp-server lease add address=192.168.88.252 client-id=1:8c:c8:cd:52:1f:13 comment="TV Samsung" \ disabled=no mac-address=8C:C8:CD:52:1F:13 server=dhcp3 add address=192.168.88.250 comment="TV Sharp L740" disabled=no mac-address=\ 78:1C:5A:39:7B:87 server=dhcp3 add address=192.168.88.251 client-id=1:48:44:f7:79:cd:10 comment=\ "Samsung E-5500" disabled=no mac-address=48:44:F7:79:CD:10 server=dhcp3 add address=192.168.0.14 disabled=no mac-address=64:70:02:1C:AB:4B server=\ dhcp1 add address=192.168.0.254 client-id=1:88:75:56:7:e3:5e comment=VoIP disabled=\ no mac-address=88:75:56:07:E3:5E server=dhcp1 add address=192.168.0.253 comment="Serial converter" disabled=no mac-address=\ 00:01:95:05:3B:C8 server=dhcp1 /ip dhcp-server network add address=10.33.10.0/24 comment="hotspot network" dhcp-option="" \ dns-server=8.8.8.8,8.8.4.4 gateway=10.33.10.1 ntp-server="" wins-server=\ "" add address=192.168.0.0/24 dhcp-option="" dns-server=\ 217.31.204.130,193.29.206.206 gateway=192.168.0.1 ntp-server="" \ wins-server="" add address=192.168.88.0/24 dhcp-option="" dns-server=8.8.8.8,8.8.4.4 \ gateway=192.168.88.1 ntp-server="" wins-server="" /ip dns set allow-remote-requests=yes cache-max-ttl=1w cache-size=2048KiB \ max-udp-packet-size=512 servers=78.136.128.4,78.136.128.12 /ip firewall connection tracking set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s \ tcp-close-wait-timeout=10s tcp-established-timeout=1d \ tcp-fin-wait-timeout=10s tcp-last-ack-timeout=10s \ tcp-syn-received-timeout=5s tcp-syn-sent-timeout=5s tcp-syncookie=no \ tcp-time-wait-timeout=10s udp-stream-timeout=3m udp-timeout=10s /ip firewall filter add action=passthrough chain=unused-hs-chain comment=\ "place hotspot rules here" disabled=yes add action=drop chain=forward comment=\ "Zakazani komunikace mezi domaci siti a hotspotem" disabled=no \ dst-address=192.168.0.0/24 src-address=10.33.10.0/24 add action=drop chain=forward disabled=no dst-address=192.168.88.0/24 \ src-address=10.33.10.0/24 add action=drop chain=forward content=www.microsoft.com disabled=yes /ip firewall nat add action=passthrough chain=unused-hs-chain comment=\ "place hotspot rules here" disabled=yes to-addresses=0.0.0.0 add action=dst-nat chain=dstnat comment="RDP na domaci pocitac" disabled=no \ in-interface=ether2_WAN port=3389 protocol=tcp to-addresses=192.168.0.101 \ to-ports=3389 add action=dst-nat chain=dstnat comment="WakeUP pro domaci pocitac" disabled=\ no dst-port=9 protocol=udp to-addresses=192.168.0.101 to-ports=9 add action=masquerade chain=srcnat comment="Hlavni maskarada" disabled=no \ out-interface=ether2_WAN add action=dst-nat chain=dstnat disabled=yes dst-port=443 protocol=tcp \ to-addresses=192.168.0.25 to-ports=443 add action=dst-nat chain=dstnat disabled=yes dst-port=23 protocol=tcp \ to-addresses=192.168.0.25 to-ports=23 add action=redirect chain=dstnat disabled=yes dst-port=80 protocol=tcp \ to-addresses=0.0.0.0 to-ports=80 /ip firewall service-port set ftp disabled=no ports=21 set tftp disabled=no ports=69 set irc disabled=no ports=6667 set h323 disabled=no set sip disabled=no ports=5060,5061 sip-direct-media=yes set pptp disabled=no /ip hotspot service-port set ftp disabled=no ports=21 /ip hotspot user add disabled=no name=Vasek password=Vasek profile=neomezene /ip neighbor discovery set ether1_LAN disabled=no set ether2_WAN disabled=no set wlan1 disabled=yes set bridgePC disabled=no set bridgeTV disabled=no set vlan200 disabled=yes set vlan201 disabled=yes set Hotspot disabled=yes set wlan2 disabled=yes set ppp-out1 disabled=yes /ip proxy set always-from-cache=no cache-administrator=webmaster cache-hit-dscp=4 \ cache-on-disk=no enabled=no max-cache-size=none max-client-connections=\ 600 max-fresh-time=3d max-server-connections=600 parent-proxy=0.0.0.0 \ parent-proxy-port=0 port=8080 serialize-connections=no src-address=\ 0.0.0.0 /ip route add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=10.192.251.1 scope=\ 30 target-scope=10 /ip service set telnet address=0.0.0.0/0 disabled=yes port=23 set ftp address=0.0.0.0/0 disabled=yes port=21 set www address=192.168.0.0/24 disabled=yes port=80 set ssh address="" disabled=no port=22 set www-ssl address=0.0.0.0/0 certificate=none disabled=yes port=443 set api address=0.0.0.0/0 disabled=yes port=8728 set winbox address="" disabled=no port=8291 /ip smb set allow-guests=yes comment=MikrotikSMB domain=plocha enabled=yes \ interfaces=bridgePC /ip smb shares set [ find default=yes ] comment="default share" directory=/usb2/pub \ disabled=no max-sessions=10 name=pub /ip smb users set [ find default=yes ] disabled=no name=guest password="" read-only=yes /ip socks set connection-idle-timeout=2m enabled=no max-connections=200 port=1080 /ip tftp add allow=yes allow-rollover=no disabled=yes ip-addresses=192.168.0.100 \ read-only=yes real-filename=u-boot.bin req-filename=u-boot.bin add allow=yes allow-rollover=no disabled=yes ip-addresses=192.168.0.100 \ read-only=yes real-filename=u-boot.bin req-filename=u-boot.bin /ip traffic-flow set active-flow-timeout=30m cache-entries=4k enabled=no \ inactive-flow-timeout=15s interfaces=all /ip upnp set allow-disable-external-interface=yes enabled=no show-dummy-rule=yes /mpls set dynamic-label-range=16-1048575 propagate-ttl=yes /mpls interface set [ find default=yes ] disabled=no interface=all mpls-mtu=1508 add disabled=no interface=all mpls-mtu=1508 add disabled=no interface=all mpls-mtu=1508 /mpls ldp set distribute-for-default-route=no enabled=no hop-limit=255 loop-detect=no \ lsr-id=0.0.0.0 path-vector-limit=255 transport-address=0.0.0.0 \ use-explicit-null=no /port firmware set directory=firmware /ppp aaa set accounting=yes interim-update=0s use-radius=no /ppp secret add caller-id="" disabled=no limit-bytes-in=0 limit-bytes-out=0 name=macha \ password=heslo profile=profile1 routes="" service=pptp /queue interface set ether1_LAN queue=ethernet-default set ether2_WAN queue=ethernet-default set wlan1 queue=wireless-default set Hotspot queue=wireless-default set wlan2 queue=wireless-default /radius incoming set accept=no port=3799 /routing bfd interface set [ find default=yes ] disabled=no interface=all interval=0.2s min-rx=0.2s \ multiplier=5 /routing igmp-proxy set query-interval=2m5s query-response-interval=10s quick-leave=no /routing mme set bidirectional-timeout=2 gateway-class=none gateway-keepalive=1m \ gateway-selection=no-gateway origination-interval=5s preferred-gateway=\ 0.0.0.0 timeout=1m ttl=50 /routing pim set switch-to-spt=yes switch-to-spt-bytes=0 switch-to-spt-interval=1m40s /routing rip set distribute-default=never garbage-timer=2m metric-bgp=1 metric-connected=1 \ metric-default=1 metric-ospf=1 metric-static=1 redistribute-bgp=no \ redistribute-connected=no redistribute-ospf=no redistribute-static=no \ routing-table=main timeout-timer=3m update-timer=30s /snmp set contact="" enabled=no engine-id="" location="" trap-generators="" \ trap-target="" trap-version=1 /system clock set time-zone-name=Europe/Prague /system clock manual set dst-delta=+00:00 dst-end="jan/01/1970 00:00:00" dst-start=\ "jan/01/1970 00:00:00" time-zone=+00:00 /system console set [ find port=serial0 ] disabled=yes port=serial0 term=vt102 set [ find vcno=1 ] disabled=no term=linux set [ find vcno=2 ] disabled=no term=linux set [ find vcno=3 ] disabled=no term=linux set [ find vcno=4 ] disabled=no term=linux set [ find vcno=5 ] disabled=no term=linux set [ find vcno=6 ] disabled=no term=linux set [ find vcno=7 ] disabled=no term=linux set [ find vcno=8 ] disabled=no term=linux /system console screen set blank-interval=10min line-count=25 /system hardware set multi-cpu=no /system health set state-after-reboot=enabled /system identity set name=MikroTik /system logging set 0 action=memory disabled=yes prefix="" topics=info set 1 action=memory disabled=yes prefix="" topics=error set 2 action=memory disabled=yes prefix="" topics=warning set 3 action=echo disabled=yes prefix="" topics=critical /system note set note="" show-at-login=yes /system ntp client set enabled=yes mode=unicast primary-ntp=217.31.205.226 secondary-ntp=0.0.0.0 /system ntp server set broadcast=no broadcast-addresses="" enabled=no manycast=yes multicast=no /system resource irq set 0 cpu=auto set 1 cpu=auto set 2 cpu=auto set 3 cpu=auto set 4 cpu=auto set 5 cpu=auto set 6 cpu=auto /system scheduler add disabled=no interval=0s name=DDNS on-event="/ system script run DDNS" \ policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api \ start-time=startup add disabled=yes interval=1d name=shutdown on-event=autoshutdown policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api \ start-date=jan/01/1970 start-time=00:55:00 /system script add name=DDNS policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api \ source=":delay 300s\r\ \n:global ddnsuser \"mac0112\"\r\ \n:global ddnspass \"password32\"\r\ \n:global ddnshost \"macha.dyndns.pro\"\r\ \n:global ddnsinterface \"ether2_WAN\"\r\ \n\r\ \n:global ddnssystem (\"mt-\" . [/system package get [/system package find\ \_name=system] version] )\r\ \n:global ddnsip [ /ip address get [/ip address find interface=\$ddnsinter\ face] address ]\r\ \n:global ddnslastip\r\ \n\r\ \n:if ([:len [/interface find name=\$ddnsinterface]] = 0 ) do={ :log info \ \"DDNS: No interface named \$ddnsinterface, please check configuration.\" \ }\r\ \n\r\ \n:if ([ :typeof \$ddnslastip ] = \"nothing\" ) do={ :global ddnslastip 0.\ 0.0.0/0 }\r\ \n\r\ \n:if ([ :typeof \$ddnsip ] = \"nothing\" ) do={\r\ \n\r\ \n:log info (\"DDNS: No ip address present on \" . \$ddnsinterface . \", p\ lease check.\")\r\ \n\r\ \n} else={\r\ \n\r\ \n :if (\$ddnsip != \$ddnslastip) do={\r\ \n\r\ \n :log info \"DDNS: Sending UPDATE!\"\r\ \n :log info [ :put [/tool dns-update name=\$ddnshost address=[:pick \$\ ddnsip 0 [:find \$ddnsip \"/\"] ] key-name=\$ddnsuser key=\$ddnspass ] ]\r\ \n :global ddnslastip \$ddnsip\r\ \n\r\ \n } else={ \r\ \n\r\ \n :log info \"DDNS: No changes necessary.\"\r\ \n\r\ \n }\r\ \n\r\ \n}\r\ \n# a pro jistotu si jeste poslu pevnou adresu na email\r\ \n/tool e-mail send to=info@macha.info subject= [/ip address get [/ip addr\ ess find interface=\$ddnsinterface] address ] body=\"soucasna adresa macha\ .dyndns.pro\"\r\ \n\r\ \n# END OF SCRIPT" add name=autoshutdown policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api \ source="system shutdown" add name=copy policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api \ source="/tool fetch url=http://acsystems.dyndns.org/support/seznam%20uprav\ .txt dst-path=usb1" add name=WAN_send policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api \ source=":global ddnsinterface \"ether2_WAN\"\r\ \n/tool e-mail send to=info@macha.info subject= [/ip address get [/ip addr\ ess find interface=\$ddnsinterface] address ] body=\"soucasna adresa\"" /system upgrade mirror set check-interval=1d enabled=no primary-server=0.0.0.0 secondary-server=\ 0.0.0.0 user="" /system watchdog set auto-send-supout=no automatic-supout=yes no-ping-delay=5m watch-address=\ none watchdog-timer=no /tool bandwidth-server set allocate-udp-ports-from=2000 authenticate=yes enabled=yes max-sessions=\ 100 /tool e-mail set address=213.46.255.15 from= password="" port=25 user=\ "" /tool graphing set page-refresh=300 store-every=5min /tool graphing interface add allow-address=0.0.0.0/0 disabled=no interface=all store-on-disk=yes add allow-address=0.0.0.0/0 disabled=no interface=all store-on-disk=yes add allow-address=0.0.0.0/0 disabled=no interface=all store-on-disk=yes add allow-address=0.0.0.0/0 disabled=no interface=all store-on-disk=yes add allow-address=0.0.0.0/0 disabled=no interface=all store-on-disk=yes add allow-address=0.0.0.0/0 disabled=no interface=all store-on-disk=yes add allow-address=0.0.0.0/0 disabled=no interface=all store-on-disk=yes add allow-address=0.0.0.0/0 disabled=no interface=all store-on-disk=yes /tool mac-server set [ find default=yes ] disabled=no interface=all /tool mac-server mac-winbox set [ find default=yes ] disabled=no interface=all /tool mac-server ping set enabled=yes /tool netwatch add disabled=yes down-script="tool e-mail send to info@macha.info subject \"Ro\ uter v Klecanech je vypnuty\"\r\ \n" host=193.84.186.108 interval=1m timeout=10s up-script="tool e-mail sen\ d to info@macha.info subject \"Router v Klecanech je zapnuty\"" add disabled=yes down-script="tool e-mail send to info@macha.info subject \"Ro\ uter v Malve je vypnuty\"\r\ \n" host=88.100.25.156 interval=1m timeout=10s up-script="tool e-mail send\ \_to info@macha.info subject \"Router v Malve je zapnuty\"" add disabled=yes down-script="tool e-mail send to info@macha.info subject \"GW\ \_88.103.200.43 nedostupna\"\r\ \n" host=88.103.200.43 interval=1m timeout=1s up-script="tool e-mail send \ to info@macha.info subject \"GW 88.103.200.43 je funkcni\"\r\ \n" /tool sms set allowed-number="" channel=0 keep-max-sms=0 receive-enabled=no secret="" /tool sniffer set file-limit=1000KiB file-name="" filter-ip-address="" filter-ip-protocol=\ "" filter-mac-address="" filter-mac-protocol="" filter-port="" \ filter-stream=yes interface=all memory-limit=100KiB memory-scroll=yes \ only-headers=no streaming-enabled=no streaming-server=0.0.0.0 /tool traffic-generator set latency-distribution-scale=10 test-id=0 /user aaa set accounting=yes default-group=read exclude-groups="" interim-update=0s \ use-radius=no