cheapernet 


@@TITLE@@

/interface wireless
set [ find default-name=wlan1 ] adaptive-noise-immunity=client-mode \
    @@band@@ \
    country="czech republic" disabled=no hw-retries=15 \
    radio-name=@@uzivatelemail@@ ssid=@@ssid@@
/ip neighbor discovery
set wlan1 discover=no
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=pool1 ranges=192.168.100.101-192.168.100.199
/ip dhcp-server
add address-pool=pool1 authoritative=yes disabled=no interface=ether1 \
    name=server1
/ppp profile
add change-tcp-mss=yes name=cheapernet use-compression=no use-encryption=no \
    use-mpls=no
/interface pptp-client
add add-default-route=no allow=chap connect-to=10.10.0.1 dial-on-demand=no \
    disabled=no keepalive-timeout=60 max-mru=1460 max-mtu=1460 mrru=disabled \
    name=pptp-cheapernet password=@@heslo@@ profile=cheapernet \
    user=@@uzivatelemail@@
/ip address
add address=192.168.100.1/24 interface=ether1 network=192.168.100.0
/ip dhcp-client
add add-default-route=no dhcp-options=hostname,clientid disabled=no \
    interface=wlan1
/ip dhcp-server config
set store-leases-disk=never
/ip dhcp-server network
add address=192.168.100.0/24 dns-server=77.48.135.5,77.48.135.1 \
    domain=cheapernet.cz gateway=192.168.100.1
/ip firewall filter
add chain=input comment="Allow ping" protocol=icmp
add chain=input comment="Allow access from eth1" in-interface=ether1
add chain=input comment="Allow access from 77.48.135.0/24" src-address=77.48.135.0/24
add chain=input comment="Allow access from 10.0.0.0/8" src-address=10.0.0.0/8
add action=reject chain=input comment="Disable Others"
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
    connection-state=established,related
add action=drop chain=known_viruses comment="windows - not EXACTLY a virus" \
    dst-port=135-139 protocol=tcp
add action=drop chain=known_viruses comment="windows - not EXACTLY a virus" \
    dst-port=135-139 protocol=udp
add action=drop chain=known_viruses comment="winXP netbios not EXACTLY a virus" \
    dst-port=445 protocol=udp
add action=drop chain=known_viruses comment="winXP netbios not EXACTLY a virus" \
    dst-port=445 protocol=tcp
add action=drop chain=forward comment="drop invalid connections" \
    connection-state=invalid
add chain=forward comment="allow established connections" connection-state=established,related
add action=jump chain=forward comment="Known virus ports" jump-target=known_viruses
add chain=forward comment="Allow access from eth1" in-interface=ether1
add action=reject chain=forward comment="Disable Others"
/ip firewall nat
add action=masquerade chain=srcnat out-interface=pptp-cheapernet
add action=masquerade chain=srcnat out-interface=wlan1
add action=dst-nat chain=dstnat disabled=yes dst-port=433 in-interface=pptp-cheapernet \
    protocol=tcp to-addresses=192.168.100.98 to-ports=433
add action=dst-nat chain=dstnat disabled=yes dst-port=80 in-interface=pptp-cheapernet \
    protocol=tcp to-addresses=192.168.100.98 to-ports=80
/ip route
add distance=1 gateway=pptp-cheapernet
add distance=100 gateway=wlan1
add distance=1 dst-address=10.10.0.0/16 gateway=wlan1
/ip service
set winbox address=77.48.135.128/29,192.168.100.0/24
/ip upnp
set allow-disable-external-interface=no
/system clock
set time-zone-name=Europe/Prague
/system identity
set name=@@uzivatelemail@@
/system leds
set 0 interface=wlan1
/system ntp client
set enabled=yes primary-ntp=10.10.0.1
/system watchdog
set no-ping-delay=15m watch-address=10.10.0.1
/


© 2004-2019 cheapernet | Všeobecné podmínky
◦ Zákaznická linka: +420 222 261 333 ◦ Email: info@cheapernet.cz