# routerboard: yes # model: CRS125-24G-1S # serial-number: 49CB04427923 # firmware-type: ar9344 # factory-firmware: 3.12 # current-firmware: 3.33 # upgrade-firmware: 6.49.10 # # channel: stable # installed-version: 6.49.10 # # Flags: U - undoable, R - redoable, F - floating-undo # ACTION BY POLICY # U filter rule changed flwvlw write # U filter rule added flwvlw write # U filter rule added flwvlw write # U address changed lucas write # U address added lucas write # U device changed lucas write # U device changed lucas write # U device changed lucas write # U device changed lucas write # U device changed lucas write # U device changed lucas write # U device changed lucas write # U device changed lucas write # U device changed lucas write # U device changed lucas write # U device changed lucas write # U device changed lucas write # U device changed lucas write # U device changed lucas write # U device changed lucas write # U device changed lucas write # U device changed lucas write # U device changed lucas write # U device changed lucas write # U device changed lucas write # U device changed lucas write # U device changed lucas write # U device changed lucas write # U device changed lucas write # U device changed lucas write # U device changed lucas write # U device changed lucas write # U device changed lucas write # U device changed lucas write # U device changed lucas write # U device changed lucas write # U device changed lucas write # U device changed flwvlw write # U device changed flwvlw write # U device changed lucas write # U device changed lucas write # U device changed lucas write # U device changed lucas write # U device changed lucas write # U device changed lucas write # U bridge port added lucas write # U device changed lucas write # U device changed lucas write # U device changed lucas write # U device changed lucas write # U device changed lucas write # U device changed lucas write # # software id = 963S-UGYE # # model = CRS125-24G-1S # serial number = 49CB04427923 /interface bridge add name=loopbridge add name=paineis /interface ethernet set [ find default-name=ether1 ] comment="pode ta queimada" set [ find default-name=ether2 ] comment="n funciona giga" set [ find default-name=ether3 ] comment=PTK-OMINI-PDR-02 set [ find default-name=ether4 ] comment=PTK-RKT-PDR-03 speed=10Mbps set [ find default-name=ether5 ] comment=VLAN set [ find default-name=ether6 ] comment=PTK-M2-PDR-01 set [ find default-name=ether7 ] comment=PDRxCA set [ find default-name=ether9 ] comment=PROBLEMA disabled=yes set [ find default-name=ether10 ] comment=PROBLEMA disabled=yes set [ find default-name=ether12 ] comment=PTK-RKT-PDR-04 set [ find default-name=ether20 ] comment="DHCP ATIVO" /ip pool add name=pool1 ranges=100.65.22.2-100.65.22.99 add comment="Bloqueio IXCSoft" name=pool_bloqueio ranges=172.21.27.0/24 add comment="Aguardando Assinatura IXCSoft" name=pool_aguardando_assinatura ranges=172.22.27.0/24 /ppp profile add dns-server=45.236.84.18,45.236.84.19 local-address=192.168.41.1 name=pppoe rate-limit=10m/10m remote-address=pool1 add dns-server=45.236.84.18,45.236.84.19 local-address=192.168.41.1 name=profile1 rate-limit=100m/100m remote-address=pool1 add comment="{{IXCSoft Aviso de Bloqueio}}" name=pool_bloqueio rate-limit="" remote-address=pool_bloqueio add comment="{{IXCSoft}}" name=Servicos_de_Comunicacao rate-limit="" add comment="{{IXCSoft}}" name=Energia_Eletrica rate-limit="" add comment="{{IXCSoft}}" name=Compra_de_Servicos rate-limit="" add comment="{{IXCSoft}}" name=CTe_Conhecimento_de_Frete rate-limit="" add comment="{{IXCSoft}}" name=SVA_Servico_Valor_Agregado rate-limit="" add comment="{{IXCSoft}}" name=Plano_15_MB_Fibra_ rate-limit="17M/17M 0/0 0/0 0/0 1 0/0" add comment="{{IXCSoft}}" name=Plano_20_MB_Fibra rate-limit="21M/21M 0/0 0/0 0/0 1 0/0" add comment="{{IXCSoft}}" name=Plano_25_MB_Fibra rate-limit="25M/25M 0/0 0/0 0/0 1 0/0" add comment="{{IXCSoft}}" name=Plano_35_MB_Fibra rate-limit="35M/35M 0/0 0/0 0/0 1 0/0" add comment="{{IXCSoft}}" name=Plano_8_MB_Radio_ rate-limit="9M/9M 0/0 0/0 0/0 1 0/0" add comment="{{IXCSoft}}" name=Plano_60_MB_Fibra rate-limit="61M/61M 0/0 0/0 0/0 1 0/0" add comment="{{IXCSoft}}" name=Plano_70_MB_Fibra rate-limit="70M/70M 0/0 0/0 0/0 1 0/0" add comment="{{IXCSoft}}" name=Plano_1_5_MB_Radio rate-limit="1M/1M 0/0 0/0 0/0 1 0/0" add comment="{{IXCSoft}}" name=Plano_1_5_MB_Radio_Comodato_ rate-limit="2M/2M 0/0 0/0 0/0 1 0/0" add comment="{{IXCSoft}}" name=Plano_1MB_Radio rate-limit="1M/1M 0/0 0/0 0/0 1 0/0" add comment="{{IXCSoft}}" name=Plano_2_MB_Radio rate-limit="2M/4M 0/0 0/0 0/0 1 0/0" add comment="{{IXCSoft}}" name=Plano_4_MB_Radio_ rate-limit="2M/4M 0/0 0/0 0/0 1 0/0" add comment="{{IXCSoft}}" name=Plano_5_MB_Radio___ rate-limit="2M/5M 0/0 0/0 0/0 1 0/0" add comment="{{IXCSoft}}" name=Servico_de_Comodato rate-limit="" add comment="{{IXCSoft}}" name=Servico_de_ativacao rate-limit="" add comment="{{IXCSoft}}" name=Servico_de_Ativacao___Gratuito__ rate-limit="" add comment="{{IXCSoft}}" name=Plano_8_MB_Radio rate-limit="4M/9M 0/0 0/0 0/0 1 0/0" add comment="{{IXCSoft}}" name=Plano_6_MB_Radio rate-limit="2M/6M 0/0 0/0 0/0 1 0/0" add comment="{{IXCSoft}}" name=Internet_230mbps_Dedicado_Prefeitura rate-limit="100M/100M 0/0 0/0 0/0 1 0/0" add comment="{{IXCSoft}}" name=Servico_de_Manutencao_de_rede_de_internet_ rate-limit="" add comment="{{IXCSoft}}" name=Servico_de_Abastecimento_de_Agua_ rate-limit="" add comment="{{IXCSoft}}" name=Plano_15_MB_Fibra rate-limit="17M/17M 0/0 0/0 0/0 1 0/0" add comment="{{IXCSoft}}" name=Plano_5_MB_Radio rate-limit="6M/6M 0/0 0/0 0/0 1 0/0" add comment="{{IXCSoft}}" name=Plano_10_MB_ rate-limit="11M/11M 0/0 0/0 0/0 1 0/0" add comment="{{IXCSoft}}" name=15_MB_Fibra___Prefeitura__ rate-limit="16M/16M 0/0 0/0 0/0 1 0/0" add comment="{{IXCSoft}}" name=Plano_30_MB_Fibra rate-limit="32M/32M 0/0 0/0 0/0 1 0/0" add comment="{{IXCSoft}}" name=Plano_10_MB_Radio rate-limit="5M/10M 0/0 0/0 0/0 1 0/0" add comment="{{IXCSoft}}" name=Plano_5_MB_Radio_ rate-limit="3M/5M 0/0 0/0 0/0 1 0/0" add comment="{{IXCSoft}}" name=Plano_40_MB_Fibra_ rate-limit="40M/40M 0/0 0/0 0/0 1 0/0" add comment="{{IXCSoft}}" name=Plano_200_MB_Fibra rate-limit="102M/200M 0/0 0/0 0/0 1 0/0" add comment="{{IXCSoft}}" name=Plano_300_MB_Fibra rate-limit="300M/300M 0/0 0/0 0/0 1 0/0" add comment="{{IXCSoft}}" name=Plano_130_MB_Fibra rate-limit="65M/130M 0/0 0/0 0/0 1 0/0" add comment="{{IXCSoft}}" name=Troca_de_Senha rate-limit="" add comment="{{IXCSoft}}" name=Troca_de_Endereco rate-limit="" add comment="{{IXCSoft}}" name=Plano_Ultra_200_MB_Fibra rate-limit="201M/201M 0/0 0/0 0/0 1 0/0" add comment="{{IXCSoft}}" name=Plano_Ultra_300_MB_Fibra rate-limit="301M/301M 0/0 0/0 0/0 1 0/0" add comment="{{IXCSoft}}" name=Plano_Ultra_150_MB rate-limit="151M/151M 0/0 0/0 0/0 1 0/0" add comment="{{IXCSoft}}" name=Plano_Ultra_250_MB rate-limit="251M/251M 0/0 0/0 0/0 1 0/0" add comment="{{IXCSoft}}" name=Plano_Migracao_400_MB_Fibra rate-limit="400M/400M 0/0 0/0 0/0 1 0/0" add comment="{{IXCSoft}}" name=Plano_100_MB_Fibra rate-limit="999M/999M 0/0 0/0 0/0 1 0/0" add comment="{{IXCSoft}}" name=Plano_50_MB_Fibra_ rate-limit="50M/50M 0/0 0/0 0/0 1 0/0" add comment="{{IXCSoft}}" name=Plano_Ultra_500_MB rate-limit="" /routing ospf instance set [ find default=yes ] redistribute-connected=as-type-1 redistribute-static=as-type-1 router-id=192.168.200.17 /snmp community set [ find default=yes ] addresses=0.0.0.0/0 name=public-noway /user group add name=backup policy="local,telnet,ssh,ftp,read,write,policy,test,sensitive,!reboot,!winbox,!password,!web,!sniff,!api,!romon,!dude,!tikapp" #error exporting /interface bridge calea /interface bridge port add bridge=paineis interface=ether3 add bridge=paineis interface=ether4 add bridge=paineis interface=ether5 add bridge=paineis interface=ether6 add bridge=paineis disabled=yes interface=ether7 add bridge=paineis interface=ether8 add bridge=paineis interface=ether9 add bridge=paineis interface=ether10 add bridge=paineis interface=ether11 add bridge=paineis interface=ether12 /ip neighbor discovery-settings set discover-interface-list=!dynamic /ip settings set rp-filter=loose tcp-syncookies=yes /interface pppoe-server server add default-profile=pppoe disabled=no interface=paineis one-session-per-host=yes service-name=service1 /ip address add address=192.168.99.92/29 interface=ether7 network=192.168.99.88 add address=192.168.100.1/30 interface=paineis network=192.168.100.0 add address=192.168.101.105/29 interface=paineis network=192.168.101.104 add address=192.168.102.33/29 interface=paineis network=192.168.102.32 add address=192.168.102.41/29 interface=paineis network=192.168.102.40 add address=192.168.102.49/30 interface=paineis network=192.168.102.48 add address=192.168.200.17 interface=loopbridge network=192.168.200.17 add address=192.168.99.60/29 interface=ether1 network=192.168.99.56 add address=45.236.84.7 interface=loopbridge network=45.236.84.7 add address=192.168.1.1/24 disabled=yes interface=ether12 network=192.168.1.0 /ip dns set servers=45.236.84.18,45.236.84.19 /ip firewall address-list add address=192.168.199.1 comment="IXCProvedor endereco IP do sistema" list=rede_local #error exporting /ip firewall calea /ip firewall filter add action=drop chain=forward comment="IXCProvedor regra de aviso bloqueio" dst-address=!192.168.199.1 protocol=tcp src-address=172.21.27.0/24 add action=drop chain=forward comment="IXCProvedor regra de aviso bloqueio" dst-address=!192.168.199.1 protocol=tcp src-address-list=aviso_bloqueio add action=drop chain=forward comment="IXCProvedor regra de aviso bloqueio" dst-port=!53 protocol=udp src-address=172.21.27.0/24 add action=drop chain=forward comment="IXCProvedor regra de aviso bloqueio" dst-port=!53 protocol=udp src-address-list=aviso_bloqueio add action=drop chain=forward comment="IXCProvedor regra de aguardando assinatura" dst-address=!192.168.199.1 protocol=tcp src-address=172.22.27.0/24 add action=drop chain=forward comment="IXCProvedor regra de aguardando assinatura" dst-address=!192.168.199.1 protocol=tcp src-address-list=aguardando_assinatura add action=drop chain=forward comment="IXCProvedor regra de aguardando assinatura" dst-port=!53 protocol=udp src-address=172.22.27.0/24 add action=drop chain=forward comment="IXCProvedor regra de aguardando assinatura" dst-port=!53 protocol=udp src-address-list=aguardando_assinatura add action=fasttrack-connection chain=forward add action=accept chain=forward connection-state=established,related /ip firewall nat add action=dst-nat chain=dstnat comment="IXCProvedor regra de aviso bloqueio" dst-address=!192.168.199.1 dst-port=80 protocol=tcp src-address=172.21.27.0/24 to-addresses=192.168.199.1 to-ports=8082 add action=dst-nat chain=dstnat comment="IXCProvedor regra de aviso bloqueio" dst-address=!192.168.199.1 dst-port=80 protocol=tcp src-address-list=aviso_bloqueio to-addresses=192.168.199.1 to-ports=8082 add action=dst-nat chain=dstnat comment="IXCProvedor regra de aguardando assinatura" dst-address=!192.168.199.1 dst-port=80 protocol=tcp src-address=172.22.27.0/24 to-addresses=192.168.199.1 to-ports=8086 add action=dst-nat chain=dstnat comment="IXCProvedor regra de aguardando assinatura" dst-address=!192.168.199.1 dst-port=80 protocol=tcp src-address-list=aguardando_assinatura to-addresses=192.168.199.1 to-ports=8086 add action=src-nat chain=srcnat out-interface=ether7 src-address=192.168.50.0/24 to-addresses=192.168.200.17 /ip route add distance=1 gateway=192.168.99.89 /ip service set telnet disabled=yes port=10023 set ftp disabled=yes port=2100 set www disabled=yes port=10080 set ssh address="45.236.84.0/22,189.127.168.0/22,192.168.0.0/16,100.64.0.0/10,45.187.80.0/22,177.10.56.0/22" port=10022 set api address=45.236.84.24/32,45.236.84.25/32,45.236.87.255/32,192.168.199.1/32 set winbox address="45.236.84.0/22,189.127.168.0/22,192.168.0.0/16,100.64.0.0/10,45.187.80.0/22,177.10.56.0/22" port=25000 set api-ssl address=45.236.84.24/32,45.236.84.25/32,45.236.87.255/32,192.168.199.1/32 /ip smb set allow-guests=no interfaces=loopbridge /ip smb shares set [ find default=yes ] disabled=yes /ip ssh set allow-none-crypto=yes forwarding-enabled=remote /ppp aaa set interim-update=20m use-radius=yes /ppp secret add name=casa.jangada password=Ac4c10 profile=pppoe service=pppoe add name=torre.pedreira password=Ac4c10 profile=pppoe service=pppoe add name=teste password=Ac4c10 profile=pppoe service=pppoe add name=teste2 password=123 profile=profile1 service=pppoe /radius add address=45.236.84.27 disabled=yes secret=proinfo25. service=ppp src-address=192.168.200.17 add address=192.168.199.1 comment="IXCProvedor configuracao radius" secret=L3Grtn3f8zBuczunrftLWt service=ppp,hotspot,wireless src-address=192.168.200.17 timeout=3s /radius incoming set accept=yes /routing ospf interface add instance-id=121 add cost=30 interface=ether1 network-type=point-to-point add interface=ether7 network-type=point-to-point /routing ospf network add area=backbone network=192.168.99.88/29 add area=backbone network=192.168.99.56/29 add area=backbone network=45.236.84.0/22 add area=backbone network=100.64.0.0/10 add area=backbone network=192.168.0.0/16 /snmp set contact="Acacio Correa " enabled=yes location="Pedreira Jangada" trap-version=2 /system clock set time-zone-name=America/Sao_Paulo /system identity set name="Protek-Pedreira Jangada" /system ntp client set enabled=yes primary-ntp=45.236.84.23 /system scheduler add interval=1d name=IXCProvedor_agendamento-backup on-event=IXCProvedor-fazer-e-enviar-backup policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive start-date=nov/25/2023 start-time=04:00:00 /system script add dont-require-permissions=no name=IXCProvedor-fazer-e-enviar-backup owner=ixc.sistema policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive source="export file=backup-mikrotik_PedreiraJangada.rsc; :log info message=\"IXCSoft enviando backup por email\"; /tool e-mail send to=\"acacio@proteknet.com.br\" subject=\"backup-PedreiraJangada\" file=backup-mikrotik_PedreiraJangada.rsc start-tls=yes" /system watchdog set ping-timeout=10s watchdog-timer=no /tool e-mail set address=smtps.uhserver.com from=financeiro@proteknet.com.br password="ab9PcFRe8unCgpbJxNiGlWRFg769==" port=465 user=financeiro@proteknet.com.br /tool netwatch add comment="{IXCSoft Netwatch}" down-script="/ppp secret ; :foreach i in [ find comment~\"IXCSoft PPPOE\" ] do={ enable \$i };" host=192.168.199.1 interval=5m up-script="/ppp secret ; :foreach i in [ find comment~\"IXCSoft PPPOE\" ] do={ disable \$i }; /ppp active; :foreach p in [find comment~\"IXCSoft\"] do={ remove \$p; :delay 1};"