# installed-version: 6.49.11 # Flags: U - undoable, R - redoable, F - floating-undo # ACTION BY POLICY # R address added oleksiit write # U nat rule changed oleksiit write # U nat rule changed oleksiit write # U nat rule moved oleksiit write # U nat rule added oleksiit write # U nat rule changed oleksiit write # U nat rule added oleksiit write # U nat rule changed oleksiit write # U nat rule changed oleksiit write # U address list entry added oleksiit write # U address list entry added oleksiit write # U address list entry added oleksiit write # U nat rule changed oleksiit write # U nat rule moved oleksiit write # U nat rule added oleksiit write # U filter rule changed oleksiit write # U queue changed abills_elliot write # U queue changed abills_elliot write # U queue changed abills_elliot write # U queue changed abills_elliot write # U queue changed abills_elliot write # U queue changed abills_elliot write # U queue changed abills_elliot write # U queue changed abills_elliot write # U queue changed abills_elliot write # U queue changed abills_elliot write # U queue changed abills_elliot write # U queue changed abills_elliot write # U queue changed abills_elliot write # U queue changed abills_elliot write # U queue changed abills_elliot write # U queue changed abills_elliot write # U queue changed abills_elliot write # U queue changed abills_elliot write # U queue changed abills_elliot write # U queue changed abills_elliot write # U queue changed abills_elliot write # U queue changed abills_elliot write # U queue changed abills_elliot write # U queue changed abills_elliot write # U queue changed abills_elliot write # U queue changed abills_elliot write # U queue changed abills_elliot write # U queue changed abills_elliot write # U queue changed abills_elliot write # U queue changed abills_elliot write # U queue changed abills_elliot write # U queue changed abills_elliot write # U queue changed abills_elliot write # U queue changed abills_elliot write # U queue changed abills_elliot write # U queue changed abills_elliot write # U queue changed abills_elliot write # U queue changed abills_elliot write # U queue changed abills_elliot write # U queue changed abills_elliot write # U queue added abills_elliot write # U queue added abills_elliot write # U queue type added abills_elliot write # U queue type added abills_elliot write # U mangle rule added abills_elliot write # U mangle rule added abills_elliot write # U queue added abills_elliot write # U queue added abills_elliot write # U queue type added abills_elliot write # U queue type added abills_elliot write # U mangle rule added abills_elliot write # U mangle rule added abills_elliot write # U queue added abills_elliot write # U queue added abills_elliot write # U queue type added abills_elliot write # U queue type added abills_elliot write # U mangle rule added abills_elliot write # U mangle rule added abills_elliot write # U queue added abills_elliot write # U queue added abills_elliot write # U queue type added abills_elliot write # U queue type added abills_elliot write # U mangle rule added abills_elliot write # U mangle rule added abills_elliot write # U queue added abills_elliot write # U queue added abills_elliot write # U queue type added abills_elliot write # U queue type added abills_elliot write # U mangle rule added abills_elliot write # U mangle rule added abills_elliot write # U queue added abills_elliot write # U queue added abills_elliot write # U queue type added abills_elliot write # U queue type added abills_elliot write # U mangle rule added abills_elliot write # U mangle rule added abills_elliot write # U queue added abills_elliot write # U queue added abills_elliot write # U queue type added abills_elliot write # U queue type added abills_elliot write # U mangle rule added abills_elliot write # U mangle rule added abills_elliot write # U queue added abills_elliot write # U queue added abills_elliot write # # software id = VWXV-6T7G # # # /interface bridge add name=null /interface ethernet set [ find default-name=ether1 ] advertise=10M-half,10M-full,100M-half,100M-full,1000M-full mac-address=00:10:18:AA:46:C8 speed=1Gbps set [ find default-name=ether2 ] advertise=10M-half,10M-full,100M-half,100M-full,1000M-full mac-address=00:10:18:AA:46:CA speed=1Gbps /interface list add name=WAN add name=LAN /interface wireless security-profiles set [ find default=yes ] supplicant-identity=MikroTik /ip dhcp-server add authoritative=after-2sec-delay disabled=no interface=ether2 name=dhcp1 use-radius=yes /queue type add kind=pcq name=TP_1409_out_global_speed pcq-classifier=src-address pcq-rate=102400k add kind=pcq name=TP_1409_in_global_speed pcq-classifier=dst-address pcq-rate=102400k add kind=pcq name=TP_1451_out_global_speed pcq-classifier=src-address pcq-rate=102400k add kind=pcq name=TP_1451_in_global_speed pcq-classifier=dst-address pcq-rate=209920k add kind=pcq name=TP_1452_out_global_speed pcq-classifier=src-address pcq-rate=153600k add kind=pcq name=TP_1452_in_global_speed pcq-classifier=dst-address pcq-rate=312320k add kind=pcq name=TP_1454_out_global_speed pcq-classifier=src-address pcq-rate=20480k add kind=pcq name=TP_1454_in_global_speed pcq-classifier=dst-address pcq-rate=51200k add kind=pcq name=TP_1455_out_global_speed pcq-classifier=src-address pcq-rate=51200k add kind=pcq name=TP_1455_in_global_speed pcq-classifier=dst-address pcq-rate=102400k add kind=pcq name=TP_1458_out_global_speed pcq-classifier=src-address pcq-rate=51200k add kind=pcq name=TP_1458_in_global_speed pcq-classifier=dst-address pcq-rate=51200k add kind=pcq name=TP_1459_out_global_speed pcq-classifier=src-address pcq-rate=102400k add kind=pcq name=TP_1459_in_global_speed pcq-classifier=dst-address pcq-rate=102400k add kind=pcq name=TP_1467_out_global_speed pcq-classifier=src-address pcq-rate=20480k add kind=pcq name=TP_1467_in_global_speed pcq-classifier=dst-address pcq-rate=51200k add kind=pcq name=TP_1468_out_global_speed pcq-classifier=src-address pcq-rate=51200k add kind=pcq name=TP_1468_in_global_speed pcq-classifier=dst-address pcq-rate=102400k add kind=pcq name=TP_1470_out_global_speed pcq-classifier=src-address pcq-rate=10240k add kind=pcq name=TP_1470_in_global_speed pcq-classifier=dst-address pcq-rate=10240k /queue tree add name=TP_1409_in_global packet-mark=ALLOW_TRAFFIC_CLASS_1409_in parent=global priority=5 queue=TP_1409_in_global_speed add name=TP_1409_out_global packet-mark=ALLOW_TRAFFIC_CLASS_1409_out parent=global priority=5 queue=TP_1409_out_global_speed add name=TP_1451_in_global packet-mark=ALLOW_TRAFFIC_CLASS_1451_in parent=global priority=5 queue=TP_1451_in_global_speed add name=TP_1451_out_global packet-mark=ALLOW_TRAFFIC_CLASS_1451_out parent=global priority=5 queue=TP_1451_out_global_speed add name=TP_1452_in_global packet-mark=ALLOW_TRAFFIC_CLASS_1452_in parent=global priority=5 queue=TP_1452_in_global_speed add name=TP_1452_out_global packet-mark=ALLOW_TRAFFIC_CLASS_1452_out parent=global priority=5 queue=TP_1452_out_global_speed add name=TP_1454_in_global packet-mark=ALLOW_TRAFFIC_CLASS_1454_in parent=global priority=5 queue=TP_1454_in_global_speed add name=TP_1454_out_global packet-mark=ALLOW_TRAFFIC_CLASS_1454_out parent=global priority=5 queue=TP_1454_out_global_speed add name=TP_1455_in_global packet-mark=ALLOW_TRAFFIC_CLASS_1455_in parent=global priority=5 queue=TP_1455_in_global_speed add name=TP_1455_out_global packet-mark=ALLOW_TRAFFIC_CLASS_1455_out parent=global priority=5 queue=TP_1455_out_global_speed add name=TP_1458_in_global packet-mark=ALLOW_TRAFFIC_CLASS_1458_in parent=global priority=5 queue=TP_1458_in_global_speed add name=TP_1458_out_global packet-mark=ALLOW_TRAFFIC_CLASS_1458_out parent=global priority=5 queue=TP_1458_out_global_speed add name=TP_1459_in_global packet-mark=ALLOW_TRAFFIC_CLASS_1459_in parent=global priority=5 queue=TP_1459_in_global_speed add name=TP_1459_out_global packet-mark=ALLOW_TRAFFIC_CLASS_1459_out parent=global priority=5 queue=TP_1459_out_global_speed add name=TP_1467_in_global packet-mark=ALLOW_TRAFFIC_CLASS_1467_in parent=global priority=5 queue=TP_1467_in_global_speed add name=TP_1467_out_global packet-mark=ALLOW_TRAFFIC_CLASS_1467_out parent=global priority=5 queue=TP_1467_out_global_speed add name=TP_1468_in_global packet-mark=ALLOW_TRAFFIC_CLASS_1468_in parent=global priority=5 queue=TP_1468_in_global_speed add name=TP_1468_out_global packet-mark=ALLOW_TRAFFIC_CLASS_1468_out parent=global priority=5 queue=TP_1468_out_global_speed add name=TP_1470_in_global packet-mark=ALLOW_TRAFFIC_CLASS_1470_in parent=global priority=5 queue=TP_1470_in_global_speed add name=TP_1470_out_global packet-mark=ALLOW_TRAFFIC_CLASS_1470_out parent=global priority=5 queue=TP_1470_out_global_speed /snmp community set [ find default=yes ] addresses=95.47.136.14/32,194.213.105.83/32,95.46.108.3/32 name=snmpUZ /user group set full policy="local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,password,web,sniff,sensitive,api,romon,dude,tikapp" /ip neighbor discovery-settings set discover-interface-list=!dynamic /interface list member add interface=ether1 list=WAN add list=LAN /ip address add address=194.213.105.3/29 interface=ether1 network=194.213.105.0 add address=10.3.0.1/16 interface=ether2 network=10.3.0.0 add address=10.100.2.2/16 comment=switches interface=ether2 network=10.100.0.0 add address=194.213.104.65/26 comment=cust interface=ether2 network=194.213.104.64 add address=194.213.105.233/29 comment=cust interface=ether2 network=194.213.105.232 add address=194.213.104.129/29 comment=cust interface=ether2 network=194.213.104.128 add address=194.213.104.145/28 comment=cust interface=ether2 network=194.213.104.144 add address=194.213.105.33/27 interface=ether2 network=194.213.105.32 add address=194.213.104.1 comment=sh5hi9:18 interface=ether2 network=194.213.104.30 add address=194.213.104.1 interface=ether2 network=194.213.104.23 add address=194.213.104.65 comment=sh2hir9:17 interface=ether2 network=194.213.104.108 add address=194.213.104.1 interface=ether2 network=194.213.104.25 add address=194.213.105.193/27 interface=ether2 network=194.213.105.192 add address=194.213.104.225/27 interface=ether2 network=194.213.104.224 add address=194.213.105.193 comment=sh2hir9.p7 interface=ether2 network=194.213.105.203 add address=194.213.104.1/26 interface=ether2 network=194.213.104.0 add address=194.213.105.129/26 interface=ether2 network=194.213.105.128 /ip cloud set update-time=no /ip dhcp-server network add address=10.3.0.0/16 dns-server=194.213.105.2,95.47.136.8,95.47.136.12 gateway=10.3.0.1 netmask=16 add address=194.213.104.0/26 dns-server=194.213.105.2,95.47.136.8,95.47.136.12 domain=tevaint.lan gateway=194.213.104.1 netmask=26 add address=194.213.104.64/26 dns-server=194.213.105.2,95.47.136.8,95.47.136.12 domain=teviant.lan gateway=194.213.104.65 netmask=26 add address=194.213.104.128/26 dns-server=194.213.105.2,95.47.136.8,95.47.136.12 domain=teviant.lan gateway=194.213.104.129 netmask=29 add address=194.213.104.144/28 dns-server=194.213.105.2,95.47.136.8,95.47.136.12 domain=tevaint.lan gateway=194.213.104.145 netmask=28 add address=194.213.104.184/29 dns-server=194.213.105.2,95.47.136.8,95.47.136.12 gateway=194.213.104.185 netmask=29 add address=194.213.104.224/27 dns-server=194.213.105.2,95.47.136.8,95.47.136.12 domain=teviant.lan gateway=194.213.104.225 netmask=27 add address=194.213.105.32/27 dns-server=194.213.105.2,95.47.136.8,95.47.136.12 domain=fck.u gateway=194.213.105.33 add address=194.213.105.128/26 dns-server=194.213.105.2,95.47.136.8,95.47.136.12 domain=teviant.lan gateway=194.213.105.129 netmask=26 add address=194.213.105.192/27 dns-server=194.213.105.2,95.47.136.8,95.47.136.12 domain=teviant.lan gateway=194.213.105.193 netmask=27 add address=194.213.105.232/29 dns-server=194.213.105.2,95.47.136.8,95.47.136.12 domain=teviant.lan gateway=194.213.105.233 netmask=29 /ip dns set servers=1.1.1.1,8.8.8.8 /ip firewall address-list add address=95.47.136.14 list=admin add address=95.47.136.9 list=admin add address=10.20.1.34 list=admin add address=95.47.136.13 list=admin add address=194.213.105.4 list=admin add address=194.213.105.83 list=admin add address=95.47.136.11 list=admin add address=95.46.108.3 list=admin add address=0.0.0.0/0 list=TRAFFIC_CLASS_1 add address=95.46.108.0/24 list=admin add address=95.47.136.15 list=admin add address=194.213.105.2 list=NS-servers add address=95.47.136.8 list=NS-servers add address=95.47.136.12 list=NS-servers /ip firewall filter add action=accept chain=input protocol=icmp add action=accept chain=forward comment=DIC connection-state=established add action=accept chain=forward connection-state=related add action=accept chain=input connection-state=established add action=accept chain=input connection-state=related add action=drop chain=forward connection-state=invalid disabled=yes add action=accept chain=input comment=adm src-address-list=admin add action=drop chain=input /ip firewall mangle add action=mark-packet chain=forward dst-address=0.0.0.0/0 new-packet-mark=ALLOW_TRAFFIC_CLASS_1409_out passthrough=yes src-address-list=CLIENTS_1409 add action=mark-packet chain=forward dst-address-list=CLIENTS_1409 new-packet-mark=ALLOW_TRAFFIC_CLASS_1409_in passthrough=yes src-address=0.0.0.0/0 add action=mark-packet chain=forward dst-address=0.0.0.0/0 new-packet-mark=ALLOW_TRAFFIC_CLASS_1451_out passthrough=yes src-address-list=CLIENTS_1451 add action=mark-packet chain=forward dst-address-list=CLIENTS_1451 new-packet-mark=ALLOW_TRAFFIC_CLASS_1451_in passthrough=yes src-address=0.0.0.0/0 add action=mark-packet chain=forward dst-address=0.0.0.0/0 new-packet-mark=ALLOW_TRAFFIC_CLASS_1452_out passthrough=yes src-address-list=CLIENTS_1452 add action=mark-packet chain=forward dst-address-list=CLIENTS_1452 new-packet-mark=ALLOW_TRAFFIC_CLASS_1452_in passthrough=yes src-address=0.0.0.0/0 add action=mark-packet chain=forward dst-address=0.0.0.0/0 new-packet-mark=ALLOW_TRAFFIC_CLASS_1454_out passthrough=yes src-address-list=CLIENTS_1454 add action=mark-packet chain=forward dst-address-list=CLIENTS_1454 new-packet-mark=ALLOW_TRAFFIC_CLASS_1454_in passthrough=yes src-address=0.0.0.0/0 add action=mark-packet chain=forward dst-address=0.0.0.0/0 new-packet-mark=ALLOW_TRAFFIC_CLASS_1455_out passthrough=yes src-address-list=CLIENTS_1455 add action=mark-packet chain=forward dst-address-list=CLIENTS_1455 new-packet-mark=ALLOW_TRAFFIC_CLASS_1455_in passthrough=yes src-address=0.0.0.0/0 add action=mark-packet chain=forward dst-address=0.0.0.0/0 new-packet-mark=ALLOW_TRAFFIC_CLASS_1458_out passthrough=yes src-address-list=CLIENTS_1458 add action=mark-packet chain=forward dst-address-list=CLIENTS_1458 new-packet-mark=ALLOW_TRAFFIC_CLASS_1458_in passthrough=yes src-address=0.0.0.0/0 add action=mark-packet chain=forward dst-address=0.0.0.0/0 new-packet-mark=ALLOW_TRAFFIC_CLASS_1459_out passthrough=yes src-address-list=CLIENTS_1459 add action=mark-packet chain=forward dst-address-list=CLIENTS_1459 new-packet-mark=ALLOW_TRAFFIC_CLASS_1459_in passthrough=yes src-address=0.0.0.0/0 add action=mark-packet chain=forward dst-address=0.0.0.0/0 new-packet-mark=ALLOW_TRAFFIC_CLASS_1467_out passthrough=yes src-address-list=CLIENTS_1467 add action=mark-packet chain=forward dst-address-list=CLIENTS_1467 new-packet-mark=ALLOW_TRAFFIC_CLASS_1467_in passthrough=yes src-address=0.0.0.0/0 add action=mark-packet chain=forward dst-address=0.0.0.0/0 new-packet-mark=ALLOW_TRAFFIC_CLASS_1468_out passthrough=yes src-address-list=CLIENTS_1468 add action=mark-packet chain=forward dst-address-list=CLIENTS_1468 new-packet-mark=ALLOW_TRAFFIC_CLASS_1468_in passthrough=yes src-address=0.0.0.0/0 add action=mark-packet chain=forward dst-address=0.0.0.0/0 new-packet-mark=ALLOW_TRAFFIC_CLASS_1470_out passthrough=yes src-address-list=CLIENTS_1470 add action=mark-packet chain=forward dst-address-list=CLIENTS_1470 new-packet-mark=ALLOW_TRAFFIC_CLASS_1470_in passthrough=yes src-address=0.0.0.0/0 /ip firewall nat add action=accept chain=srcnat comment="- NAT" src-address=194.213.104.0/24 add action=accept chain=srcnat src-address=194.213.105.0/24 add action=masquerade chain=srcnat comment=NS dst-address-list=NS-servers src-address-list=negative add action=masquerade chain=srcnat dst-address-list=NS-servers src-address-list=negative14 add action=masquerade chain=srcnat comment=access_2_captive dst-address=194.213.105.136 add action=netmap chain=srcnat comment="ABillS Extended NAT" src-address=10.3.2.0/23 to-addresses=194.213.105.88 add action=netmap chain=srcnat comment="ABillS Extended NAT" src-address=10.3.4.0/23 to-addresses=194.213.105.89 add action=netmap chain=srcnat comment="ABillS Extended NAT" src-address=10.3.6.0/23 to-addresses=194.213.105.90 add action=netmap chain=srcnat comment="ABillS Extended NAT" src-address=10.3.8.0/23 to-addresses=194.213.105.91 add action=netmap chain=srcnat comment="ABillS Extended NAT" src-address=10.3.10.0/23 to-addresses=194.213.105.92 add action=netmap chain=srcnat comment="ABillS Extended NAT" src-address=10.3.12.0/23 to-addresses=194.213.105.93 add action=netmap chain=srcnat comment="ABillS Extended NAT" src-address=10.3.0.0/16 to-addresses=194.213.105.94 add action=masquerade chain=srcnat comment="ABillS Masquerade CUSTOM" src-address-list=CUSTOM_SPEED /ip route add distance=1 gateway=194.213.105.1 /ip service set telnet address=95.46.108.3/32 set ftp disabled=yes set www disabled=yes set ssh port=52221 set api disabled=yes set api-ssl disabled=yes /ip traffic-flow set enabled=yes /ip traffic-flow target add dst-address=194.213.104.226 port=2056 src-address=194.213.105.3 version=5 /ppp aaa set use-radius=yes /radius add address=95.47.136.15 comment=PPPoE secret=uzgorod402 service=ppp timeout=600ms add address=95.47.136.15 comment=dhcp secret=uzgorod402 service=dhcp timeout=2s /radius incoming set accept=yes /snmp set contact=hostmaster@gal.net.ua enabled=yes location=Uzgorod trap-version=3 /system identity set name="MT #Teviant-NAS3"