#        routerboard: yes
#              model: RB2011UiAS
#      serial-number: 77AD07A75F70
#      firmware-type: ar9344
#   factory-firmware: 3.33
#   current-firmware: 7.7
#   upgrade-firmware: 7.7
# 
#             channel: stable
#   installed-version: 7.7
# 
# 
# software id = KSZW-SDJB
#
# model = RB2011UiAS
# serial number = 77AD07A75F70
/interface bridge
add arp=reply-only name=REDE_REBRAS
add name=loopbridge
add fast-forward=no name=paineis
add name=tubeteira
/interface ethernet
set [ find default-name=ether1 ] comment="CTO TBT"
set [ find default-name=ether2 ] comment="LINK GENERAL"
set [ find default-name=ether3 ] comment=TUBETEIRA
set [ find default-name=ether4 ] comment=Escritorio
set [ find default-name=ether5 ] comment=QUEIMADA disabled=yes
set [ find default-name=ether6 ] comment=PROBLEMA disabled=yes
set [ find default-name=ether7 ] comment=QUEIMADA disabled=yes
set [ find default-name=ether8 ] comment=VLAN
set [ find default-name=ether9 ] comment=QUEIMADA disabled=yes
set [ find default-name=ether10 ] comment=QUEIMOU disabled=yes poe-out=off
/interface vlan
add interface=ether2 name=vlan205 vlan-id=205
/interface lte apn
set [ find default=yes ] ip-type=ipv4 use-network-apn=no
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip ipsec proposal
set [ find default=yes ] enc-algorithms=aes-128-cbc
/ip pool
add name=dhcp_pool1 ranges=192.168.2.20-192.168.2.254
add name=pgcorte ranges=192.168.50.10-192.168.50.254
add name=pool2 ranges=100.65.12.2-100.65.12.254
add comment="Bloqueio IXCSoft" name=pool_bloqueio ranges=172.21.17.0/24
add comment="Aguardando Assinatura IXCSoft" name=pool_aguardando_assinatura ranges=172.22.17.0/24
/ip dhcp-server
add add-arp=yes address-pool=dhcp_pool1 authoritative=after-2sec-delay interface=REDE_REBRAS lease-time=1d name=dhcp1
/port
set 0 name=serial0
/ppp profile
add address-list=a name="set interim-update=20m use-radius=yes"
add dns-server=45.236.84.18,45.236.84.19 local-address=192.168.42.1 name=profile1 remote-address=pool2 use-mpls=no
/queue simple
add dst=ether4 max-limit=200M/200M name=Rebras target=192.168.2.0/24
/routing bgp template
set default disabled=no output.network=bgp-networks
/routing ospf instance
add disabled=no in-filter-chain=ospf-in name=default-v2 originate-default=never redistribute=connected,static,modem router-id=192.168.200.7
add disabled=no name=default-v3 originate-default=never redistribute=connected,static,modem router-id=192.168.200.7 version=3
/routing ospf area
add disabled=no instance=default-v2 name=backbone-v2
add area-id=0.0.0.1 default-cost=1 disabled=no instance=default-v2 name=area1-v2 type=stub
add disabled=no instance=default-v3 name=backbone-v3
/snmp community
set [ find default=yes ] addresses=0.0.0.0/0 name=public-noway
/user group
add name=backup policy="local,telnet,ssh,ftp,read,write,policy,test,password,sensitive,!reboot,!winbox,!web,!sniff,!api,!romon,!rest-api"
#error exporting /interface/bridge/calea
/interface bridge port
add bridge=paineis ingress-filtering=no interface=ether8
add bridge=paineis ingress-filtering=no interface=ether1
add bridge=paineis ingress-filtering=no interface=ether9
add bridge=REDE_REBRAS ingress-filtering=no interface=ether4
add bridge=paineis ingress-filtering=no interface=ether6
add bridge=tubeteira ingress-filtering=no interface=ether3
add bridge=paineis ingress-filtering=no interface=ether7
/ip firewall connection tracking
set enabled=yes
/ip neighbor discovery-settings
set discover-interface-list=all
/ip settings
set max-neighbor-entries=1024 rp-filter=loose tcp-syncookies=yes
/ipv6 settings
set max-neighbor-entries=8192
/interface ovpn-server server
set auth=sha1,md5
/interface pppoe-server server
add authentication=mschap1,mschap2 default-profile=profile1 disabled=no interface=paineis max-mru=1480 max-mtu=1480 one-session-per-host=yes service-name=PTK-NN-RB-1
add authentication=mschap1,mschap2 default-profile=profile1 disabled=no interface=tubeteira max-mru=1480 max-mtu=1480 one-session-per-host=yes service-name=tubeteira
add authentication=mschap1,mschap2 default-profile=profile1 interface=ether4 max-mru=1480 max-mtu=1480 one-session-per-host=yes service-name=service1
/ip address
add address=192.168.2.1/24 interface=REDE_REBRAS network=192.168.2.0
add address=192.168.200.7 interface=loopbridge network=192.168.200.7
add address=192.168.102.81/29 interface=paineis network=192.168.102.80
add address=192.168.99.138/30 interface=ether2 network=192.168.99.136
add address=10.0.0.129/28 interface=ether3 network=10.0.0.128
add address=45.236.86.54 interface=loopbridge network=45.236.86.54
/ip arp
add address=192.168.2.28 comment="DVR 1" interface=REDE_REBRAS mac-address=24:FD:0D:BA:3C:9F
add address=192.168.2.23 interface=REDE_REBRAS mac-address=0C:CC:47:E6:63:D8
add address=192.168.2.38 interface=REDE_REBRAS mac-address=BE:77:0A:04:1B:66
/ip dhcp-server lease
add address=192.168.2.53 address-lists=Lista_Liberados client-id=1:c0:25:e9:1d:38:f0 comment="COMPUTADOR DARLETE" mac-address=C0:25:E9:1D:38:F0 server=dhcp1
add address=192.168.2.74 address-lists=Lista_Liberados client-id=1:cc:52:af:48:16:42 comment="COMPUTADOR BRUNA" mac-address=CC:52:AF:48:16:42 server=dhcp1
add address=192.168.2.20 address-lists=Lista_Liberados comment=ALARME mac-address=D8:36:5F:AA:D9:DE server=dhcp1
add address=192.168.2.178 address-lists=Lista_Liberados client-id=1:8a:ce:18:fd:35:bb comment="CELULAR ACACIO" mac-address=8A:CE:18:FD:35:BB server=dhcp1
add address=192.168.2.107 address-lists=Lista_Liberados client-id=1:f0:79:59:68:0:40 comment="COMPUTADOR MAURI" mac-address=F0:79:59:68:00:40 server=dhcp1
add address=192.168.2.28 address-lists=Lista_Liberados client-id=1:24:fd:d:ba:3c:9f comment=DVR1 mac-address=24:FD:0D:BA:3C:9F server=dhcp1
add address=192.168.2.123 address-lists=Lista_Liberados client-id=1:50:b3:63:0:63:ef comment="COMPUTADOR TV" mac-address=50:B3:63:00:63:EF server=dhcp1
add address=192.168.2.133 address-lists=Lista_Liberados client-id=1:d8:77:8b:b6:47:b7 comment="CAMERA ESCRITORIO" mac-address=D8:77:8B:B6:47:B7 server=dhcp1
add address=192.168.2.30 address-lists=Lista_Liberados client-id=1:80:8f:e8:f8:54:aa comment="DVR 2" mac-address=80:8F:E8:F8:54:AA server=dhcp1
add address=192.168.2.172 address-lists=Lista_Liberados client-id=1:64:1c:67:a9:21:20 comment="COMPUTADOR ARLETE" mac-address=64:1C:67:A9:21:20 server=dhcp1
add address=192.168.2.119 address-lists=Lista_Liberados client-id=1:44:3b:32:9e:27:25 comment="DVR 3" mac-address=44:3B:32:9E:27:25 server=dhcp1
add address=192.168.2.168 address-lists=Lista_Liberados client-id=1:ca:f0:e4:5:13:3c comment="CELULAR ESCRITORIO 1" mac-address=CA:F0:E4:05:13:3C server=dhcp1
add address=192.168.2.40 address-lists=Lista_Liberados client-id=1:2e:d5:a1:4:75:13 comment="CELULAR LABORATORIO" mac-address=2E:D5:A1:04:75:13 server=dhcp1
add address=192.168.2.46 address-lists=Lista_Liberados client-id=1:2e:5b:ce:4f:4d:78 comment="CELULAR ACACIO" mac-address=2E:5B:CE:4F:4D:78 server=dhcp1
add address=192.168.2.52 address-lists=Lista_Liberados client-id=1:de:bb:d7:a7:f:ee comment="CELULAR LABORATORIO" mac-address=DE:BB:D7:A7:0F:EE server=dhcp1
add address=192.168.2.54 address-lists=Lista_Liberados client-id=1:fe:ae:2d:59:d:db comment=acacio mac-address=FE:AE:2D:59:0D:DB server=dhcp1
add address=192.168.2.116 client-id=1:d8:77:8b:b6:48:61 comment="CAMERA IM4" mac-address=D8:77:8B:B6:48:61 server=dhcp1
add address=192.168.2.179 address-lists=Lista_Liberados client-id=1:d8:77:8b:ac:f:62 comment="CAMERA IM4" mac-address=D8:77:8B:AC:0F:62 server=dhcp1
add address=192.168.2.99 address-lists=Lista_Liberados client-id=1:d8:77:8b:ab:fe:c4 comment="CAMERA IM4" mac-address=D8:77:8B:AB:FE:C4 server=dhcp1
add address=192.168.2.180 address-lists=Lista_Liberados client-id=1:d8:77:8b:ac:5:58 comment="CAMERA IM4" mac-address=D8:77:8B:AC:05:58 server=dhcp1
add address=192.168.2.120 address-lists=Lista_Liberados client-id=1:66:68:83:7e:0:3 comment="CELULAR VOLMIR ESCRITORIO" mac-address=66:68:83:7E:00:03 server=dhcp1
add address=192.168.2.197 address-lists=Lista_Liberados client-id=1:2e:f2:4c:e3:cb:e7 comment="CELULAR BRUNA" mac-address=2E:F2:4C:E3:CB:E7 server=dhcp1
add address=192.168.2.192 address-lists=Lista_Liberados client-id=1:80:58:f8:76:33:fb comment="CELULAR JHENIFER BALANCA" mac-address=80:58:F8:76:33:FB server=dhcp1
add address=192.168.2.196 address-lists=Lista_Liberados client-id=1:6e:90:7b:7:da:6d comment="CELULAR MAURI " mac-address=6E:90:7B:07:DA:6D server=dhcp1
add address=192.168.2.190 address-lists=Lista_Liberados client-id=1:e:1a:71:35:8f:ca comment="CELULAR MAURI " mac-address=0E:1A:71:35:8F:CA server=dhcp1
add address=192.168.2.211 address-lists=Lista_Liberados client-id=1:f2:99:e2:22:1f:a6 comment="BRUNA CELULAR BALAN\C7A" mac-address=F2:99:E2:22:1F:A6 server=dhcp1
add address=192.168.2.198 address-lists=Lista_Liberados client-id=1:5a:e0:aa:f1:a4:35 comment="VOLMIR FABRICA" mac-address=5A:E0:AA:F1:A4:35 server=dhcp1
add address=192.168.2.216 client-id=1:fa:a6:1a:a5:1:4d comment="ARLETE NAO LIBERAR" mac-address=FA:A6:1A:A5:01:4D server=dhcp1
add address=192.168.2.219 address-lists=Lista_Liberados client-id=1:82:20:61:ac:d1:88 comment="arlete balan\E7a liberar" mac-address=82:20:61:AC:D1:88 server=dhcp1
add address=192.168.2.220 address-lists=Lista_Liberados client-id=1:66:82:f6:79:39:1c comment="VOLMIR FABRICA 5G" mac-address=66:82:F6:79:39:1C server=dhcp1
add address=192.168.2.226 address-lists=Lista_Liberados client-id=1:3c:84:6a:8:8d:55 comment="ROTEADOR CASA CEDE" mac-address=3C:84:6A:08:8D:55 server=dhcp1
add address=192.168.2.228 address-lists=Lista_Liberados client-id=1:fa:55:64:fb:65:1f comment="CELULAR SEBASTIAO ESCRITORIO" mac-address=FA:55:64:FB:65:1F server=dhcp1
add address=192.168.2.237 address-lists=Lista_Liberados client-id=1:d8:36:5f:42:b3:c1 comment="NVR DESCOBRIR" mac-address=D8:36:5F:42:B3:C1 server=dhcp1
add address=192.168.2.247 client-id=1:5c:c5:d4:ff:6:13 comment="COMPUTADOR FABRICA" mac-address=5C:C5:D4:FF:06:13 server=dhcp1
add address=192.168.2.252 address-lists=Lista_Liberados client-id=1:d8:77:8b:b4:2e:b comment="DVR HIDRAPULPER" mac-address=D8:77:8B:B4:2E:0B server=dhcp1
add address=192.168.2.253 client-id=1:4a:66:82:fb:db:fa mac-address=4A:66:82:FB:DB:FA server=dhcp1
add address=192.168.2.254 address-lists=Lista_Liberados client-id=1:42:33:a1:2a:6c:18 comment="MAURI CELULAR ESCRITORIO" mac-address=42:33:A1:2A:6C:18 server=dhcp1
add address=192.168.2.24 address-lists=Lista_Liberados client-id=1:d8:d0:90:3:48:e3 mac-address=D8:D0:90:03:48:E3 server=dhcp1
add address=192.168.2.26 address-lists=Lista_Liberados client-id=1:8e:f1:77:a0:dd:96 comment="CELULAR MAURI ROTEADOR FABRICA" mac-address=8E:F1:77:A0:DD:96 server=dhcp1
add address=192.168.2.27 address-lists=Lista_Liberados client-id=1:fe:4c:ef:d8:cb:78 comment="CELULAR SEBASTIAO FABRICA" mac-address=FE:4C:EF:D8:CB:78 server=dhcp1
add address=192.168.2.80 address-lists=Lista_Liberados client-id=1:b6:a8:5e:97:71:d4 comment="BRUNA ESCRITORIO" mac-address=B6:A8:5E:97:71:D4 server=dhcp1
add address=192.168.2.89 address-lists=Lista_Liberados client-id=1:86:d9:93:5:13:61 comment="CELULAR LABORATORIO" mac-address=86:D9:93:05:13:61 server=dhcp1
add address=192.168.2.129 address-lists=Lista_Liberados client-id=1:0:e0:36:2c:ad:1d comment="WIFI COMPUTADOR ELETRICA" mac-address=00:E0:36:2C:AD:1D server=dhcp1
add address=192.168.2.173 address-lists=Lista_Liberados client-id=1:8a:3:b2:da:86:cb comment="CELULAR TADEU ESCRITORIO" mac-address=8A:03:B2:DA:86:CB server=dhcp1
add address=192.168.2.60 address-lists=Lista_Liberados client-id=1:a2:74:24:5c:23:7f comment="GASTAO ESCRITORIO ADMINISTRACAO" mac-address=A2:74:24:5C:23:7F server=dhcp1
add address=192.168.2.65 client-id=1:a6:ff:bd:86:b8:63 mac-address=A6:FF:BD:86:B8:63 server=dhcp1
add address=192.168.2.251 address-lists=Lista_Liberados client-id=1:6e:67:f:2c:68:80 comment=SANDRO mac-address=6E:67:0F:2C:68:80 server=dhcp1
add address=192.168.2.67 address-lists=Lista_Liberados client-id=1:46:97:27:3e:a8:d0 comment="Celular Gustavo \nEscrit\F3rio Administrativo" mac-address=46:97:27:3E:A8:D0 server=dhcp1
add address=192.168.2.70 address-lists=Lista_Liberados client-id=1:c2:d0:65:ce:37:c6 comment="CELULAR BERNARDO ESCRITORIO" mac-address=C2:D0:65:CE:37:C6 server=dhcp1
add address=192.168.2.71 address-lists=Lista_Liberados client-id=1:7c:d1:c3:80:9c:94 comment="NOTBOOK BERNARDO ESCRITORIO" mac-address=7C:D1:C3:80:9C:94 server=dhcp1
add address=192.168.2.93 address-lists=Lista_Liberados client-id=1:1e:db:b7:49:7:8a comment="CELULAR MAURI FABRICA" mac-address=1E:DB:B7:49:07:8A server=dhcp1
add address=192.168.2.156 address-lists=Lista_Liberados client-id=1:3a:2:cb:3d:f1:da comment="CELULUAR 2 TADEU" mac-address=3A:02:CB:3D:F1:DA server=dhcp1
add address=192.168.2.169 address-lists=Lista_Liberados client-id=1:6:25:78:46:c0:89 comment="CELULAR GASTAO" mac-address=06:25:78:46:C0:89 server=dhcp1
add address=192.168.2.193 address-lists=Lista_Liberados client-id=1:a4:63:a1:6e:32:58 comment="not tadeu" mac-address=A4:63:A1:6E:32:58 server=dhcp1
add address=192.168.2.98 address-lists=Lista_Liberados client-id=1:4a:99:21:fc:71:a4 comment="CELULAR VOLMIR" mac-address=4A:99:21:FC:71:A4 server=dhcp1
add address=192.168.2.44 address-lists=Lista_Liberados client-id=1:5e:83:80:42:3a:50 comment=WILLIAM mac-address=5E:83:80:42:3A:50 server=dhcp1
add address=192.168.2.45 address-lists=Lista_Liberados client-id=1:9e:c9:a1:c3:20:35 comment=MARCELO mac-address=9E:C9:A1:C3:20:35 server=dhcp1
add address=192.168.2.69 address-lists="" block-access=yes client-id=1:a6:79:5d:82:a6:59 mac-address=A6:79:5D:82:A6:59 server=dhcp1
add address=192.168.2.87 address-lists=Lista_Liberados client-id=1:da:ec:63:1b:d6:f comment="Celular Geraldo - BALAN\C7A" mac-address=DA:EC:63:1B:D6:0F server=dhcp1
add address=192.168.2.132 address-lists=Lista_Liberados client-id=1:d8:36:5f:9a:d8:85 comment="DVR ESCRITORIO FABRICA" mac-address=D8:36:5F:9A:D8:85 server=dhcp1
add address=192.168.2.134 address-lists=Lista_Liberados client-id=1:80:8f:e8:c4:34:c4 comment="DVR CALDEIRA" mac-address=80:8F:E8:C4:34:C4 server=dhcp1
add address=192.168.2.136 address-lists=Lista_Liberados client-id=1:d8:36:5f:79:45:44 comment="FUNDOS FABRICA" mac-address=D8:36:5F:79:45:44 server=dhcp1
add address=192.168.2.113 address-lists=Lista_Liberados client-id=1:3e:93:ef:c3:a2:7f comment="CELULAR BRUNA" mac-address=3E:93:EF:C3:A2:7F server=dhcp1
add address=192.168.2.144 address-lists=Lista_Liberados client-id=1:be:c9:2f:e6:63:58 comment="BRUNA CELULAR FABRICA" mac-address=BE:C9:2F:E6:63:58 server=dhcp1
add address=192.168.2.159 address-lists=Lista_Liberados client-id=1:82:81:65:1:8d:61 comment="CELULAR ACACIO" mac-address=82:81:65:01:8D:61 server=dhcp1
add address=192.168.2.56 address-lists=Lista_Liberados client-id=1:86:23:3:f6:7e:26 comment="GASTAO BALANCA" mac-address=86:23:03:F6:7E:26 server=dhcp1
add address=192.168.2.110 address-lists=Lista_Liberados client-id=1:7e:f2:fe:2a:a7:3e comment="CELULAR BRUNA BALANCA" mac-address=7E:F2:FE:2A:A7:3E server=dhcp1
add address=192.168.2.115 address-lists=Lista_Liberados client-id=1:52:32:71:2c:25:90 comment="CELULAR TADEU" mac-address=52:32:71:2C:25:90 server=dhcp1
add address=192.168.2.153 address-lists=Lista_Liberados client-id=1:12:e4:ae:b3:3b:68 comment="CELULAR SANDRO ADMINISTRATIVO" mac-address=12:E4:AE:B3:3B:68 server=dhcp1
add address=192.168.2.57 address-lists=Lista_Liberados client-id=1:be:44:59:30:ad:70 comment=auditoria mac-address=BE:44:59:30:AD:70 server=dhcp1
add address=192.168.2.59 address-lists=Lista_Liberados client-id=1:b4:b5:b6:b4:fb:c5 comment=auditoria mac-address=B4:B5:B6:B4:FB:C5 server=dhcp1
add address=192.168.2.104 address-lists=Lista_Liberados client-id=1:6e:54:a6:8e:7:a2 comment="auditoria carlos" mac-address=6E:54:A6:8E:07:A2 server=dhcp1
add address=192.168.2.105 address-lists=Lista_Liberados client-id=1:f8:da:c:94:8a:c9 comment="auditoria carlos" mac-address=F8:DA:0C:94:8A:C9 server=dhcp1
add address=192.168.2.112 address-lists=Lista_Liberados client-id=1:50:5b:c2:94:82:bb comment="NOT SANDRO FABBRICA" mac-address=50:5B:C2:94:82:BB server=dhcp1
add address=192.168.2.175 address-lists=Lista_Liberados client-id=1:fc:b9:df:0:fe:b9 comment="NOVO CELULAR MAURI" mac-address=FC:B9:DF:00:FE:B9 server=dhcp1
add address=192.168.2.212 address-lists=Lista_Liberados client-id=1:76:e8:ae:1b:11:a4 comment="CELULAR BRUNA" mac-address=76:E8:AE:1B:11:A4 server=dhcp1
add address=192.168.2.215 address-lists=Lista_Liberados client-id=1:a2:b1:2d:1e:9e:50 comment="Sergio PROTEK" mac-address=A2:B1:2D:1E:9E:50 server=dhcp1
add address=192.168.2.23 address-lists=Lista_Liberados client-id=1:c:cc:47:e6:63:d8 comment="mnot lucas" mac-address=0C:CC:47:E6:63:D8 server=dhcp1
add address=192.168.2.127 address-lists=Lista_Liberados client-id=1:9a:2d:35:f1:93:ae comment="Celular Eliomar" mac-address=9A:2D:35:F1:93:AE server=dhcp1
add address=192.168.2.109 address-lists=Lista_Liberados client-id=1:5c:c9:d3:5f:89:11 comment=MEDICOS mac-address=5C:C9:D3:5F:89:11 server=dhcp1
add address=192.168.2.111 address-lists=Lista_Liberados client-id=1:b6:23:d:fb:e3:c5 comment="CELULAR MEDICO" mac-address=B6:23:0D:FB:E3:C5 server=dhcp1
add address=192.168.2.117 address-lists=Lista_Liberados client-id=1:62:dc:a2:3d:89:97 mac-address=62:DC:A2:3D:89:97 server=dhcp1
add address=192.168.2.183 address-lists=Lista_Liberados client-id=1:42:6b:71:74:25:37 mac-address=42:6B:71:74:25:37 server=dhcp1
add address=192.168.2.177 address-lists=Lista_Liberados client-id=1:d8:36:5f:10:c7:f9 mac-address=D8:36:5F:10:C7:F9 server=dhcp1
add address=192.168.2.76 address-lists=Lista_Liberados client-id=1:4a:99:d3:b9:46:22 comment=celular_mauri_balanca mac-address=4A:99:D3:B9:46:22 server=dhcp1
add address=192.168.2.145 address-lists=Lista_Liberados client-id=1:16:2e:b1:3:5b:a0 comment="celular rebras balan\E7a" mac-address=16:2E:B1:03:5B:A0 server=dhcp1
add address=192.168.2.157 address-lists=Lista_Liberados comment="MEDIDOR MERCADO LIVRE" mac-address=98:CD:AC:88:01:EB server=dhcp1
add address=192.168.2.50 address-lists=Lista_Liberados client-id=1:8c:e3:d9:92:3d:1 comment="PC da Eletrica" mac-address=8C:E3:D9:92:3D:01 server=dhcp1
add address=192.168.2.195 address-lists=Lista_Liberados client-id=1:5c:cd:5b:f1:91:2c comment=SERGIO mac-address=5C:CD:5B:F1:91:2C server=dhcp1
add address=192.168.2.62 address-lists=Lista_Liberados client-id=1:22:11:4a:a6:13:54 comment="celular balan\E7a" mac-address=22:11:4A:A6:13:54 server=dhcp1
/ip dhcp-server network
add address=192.168.2.0/24 dns-server=45.236.84.18,45.236.84.19 gateway=192.168.2.1
/ip dns
set servers=45.236.84.18,45.236.84.19
/ip firewall address-list
add address=192.168.199.1 comment="IXCProvedor endereco IP do sistema" list=rede_local
add address=192.168.2.69 list=Lista_Liberados
#error exporting /ip/firewall/calea
/ip firewall filter
add action=drop chain=forward disabled=yes dst-address=239.255.255.250 dst-port=1900 protocol=udp src-address=192.168.2.0/24
add action=drop chain=forward comment=CORTE disabled=yes dst-port=!53 protocol=udp src-address-list=pgcorte
add action=drop chain=forward comment=CORTE disabled=yes dst-port=!80,85,443,445 protocol=tcp src-address-list=pgcorte
add action=drop chain=forward comment=CORTE disabled=yes dst-port=!53 protocol=udp src-address=192.168.50.1-192.168.50.254
add action=drop chain=forward comment=CORTE disabled=yes dst-port=!80,85,443,445 protocol=tcp src-address=192.168.50.1-192.168.50.254
add action=drop chain=forward comment="IXCProvedor regra de aviso bloqueio" dst-address=!192.168.199.1 protocol=tcp src-address=172.21.17.0/24
add action=drop chain=forward comment="IXCProvedor regra de aviso bloqueio" dst-address=!192.168.199.1 protocol=tcp src-address-list=aviso_bloqueio
add action=drop chain=forward comment="IXCProvedor regra de aviso bloqueio" dst-port=!53 protocol=udp src-address=172.21.17.0/24
add action=drop chain=forward comment="IXCProvedor regra de aviso bloqueio" dst-port=!53 protocol=udp src-address-list=aviso_bloqueio
add action=drop chain=forward comment="IXCProvedor regra de aguardando assinatura" dst-address=!192.168.199.1 protocol=tcp src-address=172.22.17.0/24
add action=drop chain=forward comment="IXCProvedor regra de aguardando assinatura" dst-address=!192.168.199.1 protocol=tcp src-address-list=aguardando_assinatura
add action=drop chain=forward comment="IXCProvedor regra de aguardando assinatura" dst-port=!53 protocol=udp src-address=172.22.17.0/24
add action=drop chain=forward comment="IXCProvedor regra de aguardando assinatura" dst-port=!53 protocol=udp src-address-list=aguardando_assinatura
add action=fasttrack-connection chain=forward disabled=yes hw-offload=yes
add action=accept chain=forward disabled=yes
/ip firewall nat
add action=dst-nat chain=dstnat comment="DVR CAMERAS FABRICA REBRAS" disabled=yes dst-address=45.236.86.54 dst-port=34567 protocol=tcp to-addresses=192.168.2.150
add action=dst-nat chain=dstnat comment="DVR CAMERAS FABRICA REBRAS" disabled=yes dst-address=45.236.86.54 dst-port=1100 protocol=tcp to-addresses=192.168.2.150
add action=dst-nat chain=dstnat comment=REBRAS disabled=yes dst-address=45.236.86.54 dst-port=37776 protocol=tcp to-addresses=192.168.2.166
add action=dst-nat chain=dstnat disabled=yes dst-address=45.236.86.54 dst-port=37779 protocol=tcp to-addresses=192.168.2.158
add action=dst-nat chain=dstnat disabled=yes dst-address=45.236.86.54 dst-port=37777 protocol=tcp to-addresses=192.168.2.69
add action=dst-nat chain=dstnat disabled=yes dst-address=45.236.86.54 dst-port=37775 protocol=tcp to-addresses=192.168.2.160
add action=masquerade chain=srcnat comment="MASCARAMENTO REBRAS" disabled=yes out-interface=ether2 src-address-list=Lista_Liberados to-addresses=45.236.86.54
add action=src-nat chain=srcnat comment="MASCARAMENTO REBRAS" disabled=yes out-interface=ether2 src-address=192.168.2.0/24 to-addresses=45.236.86.54
add action=dst-nat chain=dstnat comment="IXCProvedor regra de aviso bloqueio" dst-address=!192.168.199.1 dst-port=80 protocol=tcp src-address=172.21.17.0/24 to-addresses=192.168.199.1 to-ports=8082
add action=dst-nat chain=dstnat comment="IXCProvedor regra de aviso bloqueio" dst-address=!192.168.199.1 dst-port=80 protocol=tcp src-address-list=aviso_bloqueio to-addresses=192.168.199.1 to-ports=8082
add action=dst-nat chain=dstnat comment="IXCProvedor regra de aguardando assinatura" dst-address=!192.168.199.1 dst-port=80 protocol=tcp src-address=172.22.17.0/24 to-addresses=192.168.199.1 to-ports=8086
add action=dst-nat chain=dstnat comment="IXCProvedor regra de aguardando assinatura" dst-address=!192.168.199.1 dst-port=80 protocol=tcp src-address-list=aguardando_assinatura to-addresses=192.168.199.1 to-ports=8086
add action=src-nat chain=srcnat comment="MASCARAMENTO REBRAS" out-interface=ether2 src-address-list=Lista_Liberados to-addresses=45.236.86.54
/ip service
set telnet address=45.236.84.0/22,192.168.0.0/16,189.127.168.0/22 disabled=yes port=10023
set ftp disabled=yes port=10021
set www address=192.168.0.0/16,45.236.84.0/22,100.64.0.0/10 disabled=yes port=10080
set ssh address="45.236.84.0/22,192.168.0.0/16,45.236.86.37/32,192.168.199.1/32,45.236.84.34/32" port=10022
set api address=45.236.84.24/32,45.236.84.25/32,45.236.87.255/32,192.168.199.1/32
set winbox address=45.236.84.0/22,192.168.0.0/16,45.236.84.34/32,45.236.86.37/32 port=25000
set api-ssl address=45.236.84.24/32,45.236.84.25/32,45.236.87.255/32,192.168.199.1/32
/ip smb
set allow-guests=no interfaces=paineis
/ip ssh
set allow-none-crypto=yes
/ipv6 address
add address=2804:4de8:1000::9/128 advertise=no interface=loopbridge
add address=2804:4de8:1002:7::1 advertise=no interface=vlan205
/ipv6 nd
set [ find default=yes ] advertise-dns=no
/ppp aaa
set interim-update=20m use-radius=yes
/ppp secret
add name=suporte service=pppoe
add disabled=yes name=diego.maguelniski profile=profile1 service=pppoe
add disabled=yes name=roselibarbara profile=profile1 service=pppoe
/radius
add address=192.168.199.1 comment="IXCProvedor configuracao radius" service=ppp,hotspot,wireless src-address=192.168.200.7 timeout=3s
add address=45.236.84.27 disabled=yes service=ppp src-address=192.168.200.7 timeout=900ms
/radius incoming
set accept=yes
/routing filter rule
add chain=ospf-in disabled=no rule="if (dst == 0.0.0.0/0) { set pref-src 192.168.200.7; accept; }"
add chain=ospf-in disabled=yes rule="if (dst == 192.168.199.1) { set pref-src 192.168.200.7 }"
add chain=ospf-in disabled=no rule="if (dst in 10.0.0.0/8) { accept }"
add chain=ospf-in disabled=no rule="if (dst in 172.16.0.0/12) { accept }"
add chain=ospf-in disabled=no rule="if (dst in 100.64.0.0/10) { accept }"
add chain=ospf-in disabled=no rule="if (dst in 192.168.0.0/16) { accept }"
add chain=ospf-in disabled=no rule="if (dst in 45.236.84.0/22) { accept }"
/routing ospf interface-template
add area=area1-v2 disabled=no interfaces=loopbridge networks=192.168.200.7 priority=1
add area=backbone-v2 auth-id=1 auth-key="" cost=10 disabled=no interfaces=ether2 networks=192.168.99.136/30 priority=1 type=nbma
add area=backbone-v3 cost=10 disabled=no interfaces=vlan205 priority=1 type=nbma
/routing ospf static-neighbor
add address=192.168.99.137%vlan205 area=backbone-v2 disabled=no
/snmp
set contact=acacio.protek@gmail.com enabled=yes location="[-26.4432446,-51.2812218]" trap-version=2
/system clock
set time-zone-name=America/Sao_Paulo
/system identity
set name=Rebras
/system scheduler
add name=reboot-ativar-ipv6 on-event="/system reboot" policy=reboot,read,write,policy,password start-date=mar/17/2021 start-time=05:00:00
add interval=1d name=IXCProvedor_agendamento-backup on-event=IXCProvedor-fazer-e-enviar-backup policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive start-date=jun/19/2023 start-time=04:00:00
/system script
add dont-require-permissions=no name=IXCProvedor-fazer-e-enviar-backup owner=ixc.sistema policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive source="export file=backup-mikrotik_Rebras.rsc; :log info message=\"IXCSoft enviando backup por email\"; /tool e-mail send to=\"acacio@proteknet.com.br\" subject=\"backup-Rebras\" file=backup-mikrotik_Rebras.rsc start-tls=yes"
/tool e-mail
set address=smtps.uhserver.com.com from=financeiro@proteknet.com.br port=465 user=financeiro@proteknet.com.br