# routerboard: yes # model: RB3011UiAS # serial-number: 783D070F0989 # firmware-type: ipq8060 # factory-firmware: 3.35 # current-firmware: 7.12.1 # upgrade-firmware: 7.12.1 # # channel: development # installed-version: 7.12.1 # # # 2024-10-05 17:10:27 by RouterOS 7.12.1 # software id = FCFA-Z77H # # model = RB3011UiAS # serial number = 783D070F0989 /interface bridge add name=dhcp add name=loopback add name=loopbridge add name=paineis_pppoe /interface ethernet set [ find default-name=ether1 ] comment="Rede Local - DHCP" set [ find default-name=ether2 ] comment="Rede Local - DHCP (Casa Marcio)" set [ find default-name=ether4 ] comment=Roteador set [ find default-name=ether6 ] comment="Rede Local - DHCP" set [ find default-name=ether7 ] comment="MARCIO <> JEFINHO - ROCKET AC" set [ find default-name=ether8 ] comment="MARCIO <> POSTO REDUNDANCIA " set [ find default-name=ether9 ] comment=PTK-NN-MRC-01 set [ find default-name=ether10 ] auto-negotiation=no poe-out=forced-on set [ find default-name=sfp1 ] auto-negotiation=no comment="MARCIO <> POSTO " /interface vlan add interface=sfp1 name=vlan320-Marcio_viaFibra vlan-id=320 /interface lte apn set [ find default=yes ] ip-type=ipv4 use-network-apn=no /interface wireless security-profiles set [ find default=yes ] supplicant-identity=MikroTik /ip pool add name=pool_pppoe ranges=100.65.45.0/26 add name=dhcp_pool1 ranges=192.168.16.2-192.168.16.254 add comment="Bloqueio IXCSoft" name=pool_bloqueio ranges=172.21.26.0/24 add comment="Aguardando Assinatura IXCSoft" name=pool_aguardando_assinatura ranges=172.22.26.0/24 /ip dhcp-server add address-pool=dhcp_pool1 interface=dhcp lease-time=10m name=dhcp1 /port set 0 name=serial0 /ppp profile add dns-server=45.236.84.18,45.236.84.19 local-address=192.168.18.1 name=pppoe-profile remote-address=pool_pppoe /queue simple add max-limit=30M/30M name=Marcio_30_MB target=192.168.16.0/24 /routing bgp template set default disabled=no output.network=bgp-networks /routing ospf instance add disabled=no name=default-v2 originate-default=never redistribute=connected router-id=192.168.200.16 add disabled=no in-filter-chain=ospf-in name=default-v3 router-id=192.168.200.16 version=3 /routing ospf area add disabled=no instance=default-v2 name=backbone-v2 add disabled=yes instance=default-v3 name=backbone-v3 /snmp community set [ find default=yes ] addresses=0.0.0.0/0 name=public-noway write-access=yes /user group add name=backup policy="local,telnet,ssh,ftp,read,write,policy,test,sensitive,!reboot,!winbox,!password,!web,!sniff,!api,!romon,!rest-api" #error exporting "/interface/bridge/calea" /interface bridge port add bridge=paineis_pppoe ingress-filtering=no interface=ether9 add bridge=dhcp ingress-filtering=no interface=ether2 add bridge=dhcp ingress-filtering=no interface=ether1 add bridge=dhcp ingress-filtering=no interface=ether6 add bridge=paineis_pppoe ingress-filtering=no interface=ether4 /ip neighbor discovery-settings set discover-interface-list=!dynamic /ip settings set max-neighbor-entries=8192 rp-filter=loose tcp-syncookies=yes /ipv6 settings set max-neighbor-entries=8192 /interface ovpn-server server set auth=sha1,md5 /interface pppoe-server server add interface=ether3 service-name=service1 add default-profile=pppoe-profile disabled=no interface=paineis_pppoe max-mru=1480 max-mtu=1480 one-session-per-host=yes service-name=pppoe-paineis /ip address add address=192.168.254.49/29 interface=ether7 network=192.168.254.48 add address=192.168.200.16 interface=loopback network=192.168.200.16 add address=192.168.16.1/24 interface=dhcp network=192.168.16.0 add address=192.168.254.100/29 interface=ether8 network=192.168.254.96 add address=192.168.104.105/29 interface=paineis_pppoe network=192.168.104.104 add address=192.168.254.106/30 interface=vlan320-Marcio_viaFibra network=192.168.254.104 /ip dhcp-server network add address=192.168.16.0/24 dns-server=45.236.84.18,45.236.84.19 gateway=192.168.16.1 /ip dns set servers=45.236.84.18,45.236.84.19 /ip firewall address-list add address=192.168.199.1 comment="IXCProvedor endereco IP do sistema" list=rede_local #error exporting "/ip/firewall/calea" /ip firewall filter add action=drop chain=forward comment="IXCProvedor regra de aviso bloqueio" dst-address=!192.168.199.1 protocol=tcp src-address=172.21.26.0/24 add action=drop chain=forward comment="IXCProvedor regra de aviso bloqueio" dst-address=!192.168.199.1 protocol=tcp src-address-list=aviso_bloqueio add action=drop chain=forward comment="IXCProvedor regra de aviso bloqueio" dst-port=!53 protocol=udp src-address=172.21.26.0/24 add action=drop chain=forward comment="IXCProvedor regra de aviso bloqueio" dst-port=!53 protocol=udp src-address-list=aviso_bloqueio add action=drop chain=forward comment="IXCProvedor regra de aguardando assinatura" dst-address=!192.168.199.1 protocol=tcp src-address=172.22.26.0/24 add action=drop chain=forward comment="IXCProvedor regra de aguardando assinatura" dst-address=!192.168.199.1 protocol=tcp src-address-list=aguardando_assinatura add action=drop chain=forward comment="IXCProvedor regra de aguardando assinatura" dst-port=!53 protocol=udp src-address=172.22.26.0/24 add action=drop chain=forward comment="IXCProvedor regra de aguardando assinatura" dst-port=!53 protocol=udp src-address-list=aguardando_assinatura add action=fasttrack-connection chain=forward hw-offload=yes add action=accept chain=forward /ip firewall nat add action=src-nat chain=srcnat out-interface=vlan320-Marcio_viaFibra src-address=192.168.16.0/24 to-addresses=192.168.200.16 add action=src-nat chain=srcnat out-interface=ether10 src-address=192.168.16.0/24 to-addresses=192.168.200.16 add action=src-nat chain=srcnat out-interface=ether8 src-address=192.168.16.0/24 to-addresses=192.168.200.16 add action=dst-nat chain=dstnat comment="IXCProvedor regra de aviso bloqueio" dst-address=!192.168.199.1 dst-port=80 protocol=tcp src-address=172.21.26.0/24 to-addresses=192.168.199.1 to-ports=8082 add action=dst-nat chain=dstnat comment="IXCProvedor regra de aviso bloqueio" dst-address=!192.168.199.1 dst-port=80 protocol=tcp src-address-list=aviso_bloqueio to-addresses=192.168.199.1 to-ports=8082 add action=dst-nat chain=dstnat comment="IXCProvedor regra de aguardando assinatura" dst-address=!192.168.199.1 dst-port=80 protocol=tcp src-address=172.22.26.0/24 to-addresses=192.168.199.1 to-ports=8086 add action=dst-nat chain=dstnat comment="IXCProvedor regra de aguardando assinatura" dst-address=!192.168.199.1 dst-port=80 protocol=tcp src-address-list=aguardando_assinatura to-addresses=192.168.199.1 to-ports=8086 /ip service set telnet port=10023 set ftp address=192.168.0.0/16,45.236.84.0/22,100.64.0.0/10 disabled=yes port=10021 set www address=192.168.0.0/16,45.236.84.0/22,100.64.0.0/10 disabled=yes port=10080 set ssh address="45.236.84.0/22,189.127.168.0/22,192.168.0.0/16,100.64.0.0/10,45.187.80.0/22,177.10.56.0/22" port=10022 set api address=45.236.84.24/32,45.236.84.25/32,45.236.87.255/32,192.168.199.1/32 set winbox address="45.236.84.0/22,189.127.168.0/22,192.168.0.0/16,100.64.0.0/10,45.187.80.0/22,177.10.56.0/22" port=25000 set api-ssl address=45.236.84.24/32,45.236.84.25/32,45.236.87.255/32,192.168.199.1/32 /ip smb set allow-guests=no interfaces=loopbridge /ip tftp add disabled=yes ip-addresses=192.168.1.20 req-filename=xm.bin /ipv6 nd set [ find default=yes ] advertise-dns=no /ppp aaa set interim-update=20m use-radius=yes /ppp secret add name=torre.marcio profile=pppoe-profile service=pppoe add name=marcio.casarao profile=pppoe-profile service=pppoe /radius add address=45.236.84.27 disabled=yes service=ppp,login src-address=192.168.200.16 add address=192.168.199.1 comment="IXCProvedor configuracao radius" service=ppp,hotspot,wireless src-address=192.168.200.16 timeout=3s /radius incoming set accept=yes /routing bfd configuration add disabled=yes interfaces=all min-rx=200ms min-tx=200ms multiplier=5 /routing filter rule add chain=ospf-in disabled=no rule="if (dst == 0.0.0.0/0) { set pref-src 192.168.200.16; }" /routing ospf interface-template add area=backbone-v2 auth-id=1 auth-key="" cost=31 disabled=no interfaces=ether7 networks=192.168.254.48/29 priority=1 use-bfd=no add area=backbone-v2 auth-id=1 auth-key="" cost=40 disabled=no interfaces=ether8 networks=192.168.254.96/29 priority=1 type=ptp use-bfd=no add area=backbone-v2 auth-id=1 auth-key="" cost=10 disabled=no interfaces=vlan320-Marcio_viaFibra networks=192.168.254.104/30 priority=1 type=ptp use-bfd=no /snmp set contact="Acacio Correa " enabled=yes location="[-26.42434465, -51.31973698]" trap-version=2 /system clock set time-zone-name=America/Sao_Paulo /system identity set name="Protek - Marcio" /system note set show-at-login=no /system ntp client set enabled=yes /system ntp client servers add address=45.236.84.23 add address=200.160.0.8 /system package update set channel=development /system scheduler add interval=1d name=IXCProvedor_agendamento-backup on-event=IXCProvedor-fazer-e-enviar-backup policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive start-date=2023-06-19 start-time=04:00:00 /system script add dont-require-permissions=no name=script1 owner=lucas policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source="#E-mail para Alerta\r\n:local email \"lmochnacz436@gmail.com\"\r\n#Alertar quando a voltagem estive baixa\r\n:local volalerta \"230\"\r\n#Mostra mensagen do E-mail\r\n:local alerta \"23v\"\r\n:local voltinfo [/system health get voltage]\r\n:local nomeidenf [/system identity get name]\r\n:global ipserver [:resolve smtp.gmail.com]\r\n:if ([/system health get voltage]< \$volalerta ) do={\r\n:log info \"Voltagem Menor que \$alerta\"\r\n:log info \"Voltagem Atual \$voltinfo Volts\"\r\n/tool e-mail send to=\$email server=\$ipserver subject=\"Voltagem de \$voltinfo Volts - \$nomeidenf \" body=\"O medidor de voltagem da Rb: \$nomeidenf esta abaixo de \$alerta . No momento a voltagem atual \E9 de \$voltinfo Volts - start-tls=yes\r\n:log info \"E-mail Enviado\"\r\n}" add dont-require-permissions=no name=IXCProvedor-fazer-e-enviar-backup owner=ixc.sistema policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive source="export file=backup-mikrotik_Marcio.rsc; :log info message=\"IXCSoft enviando backup por email\"; /tool e-mail send to=\"acacio@proteknet.com.br\" subject=\"backup-Marcio\" file=backup-mikrotik_Marcio.rsc start-tls=yes" /tool e-mail set from=financeiro@proteknet.com.br port=465 server=smtps.uhserver.com.com user=financeiro@proteknet.com.br /tool romon set enabled=yes /user aaa set default-group=full use-radius=yes