Transcript
# mar/06/2013 01:34:04 by RouterOS 5.14 # software id = 6BG3-CY74 # /interface ethernet set 0 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited \ disabled=no full-duplex=yes l2mtu=1598 mac-address=D4:CA:6D:23:A5:73 \ master-port=none mtu=1500 name=e1wan1 speed=100Mbps set 1 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited \ disabled=no full-duplex=yes l2mtu=1598 mac-address=D4:CA:6D:23:A5:74 \ master-port=none mtu=1500 name=e2wan2 speed=100Mbps set 2 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited \ disabled=yes full-duplex=yes l2mtu=1598 mac-address=D4:CA:6D:23:A5:75 \ master-port=none mtu=1500 name=e3wan3 speed=100Mbps set 3 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited \ disabled=yes full-duplex=yes l2mtu=1598 mac-address=D4:CA:6D:23:A5:76 \ master-port=none mtu=1500 name=e4proxy speed=100Mbps set 4 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited \ disabled=no full-duplex=yes l2mtu=1598 mac-address=D4:CA:6D:23:A5:77 \ master-port=none mtu=1500 name=e5lokal speed=100Mbps /interface ethernet switch set 0 mirror-source=none mirror-target=none name=switch1 /ip hotspot profile set [ find default=yes ] dns-name="" hotspot-address=0.0.0.0 html-directory=\ hotspot http-cookie-lifetime=3d http-proxy=0.0.0.0:0 login-by=\ cookie,http-chap name=default rate-limit="" smtp-server=0.0.0.0 \ split-user-domain=no use-radius=no /ip hotspot user profile set [ find default=yes ] idle-timeout=none keepalive-timeout=2m name=default \ shared-users=1 status-autorefresh=1m transparent-proxy=no /ip ipsec proposal set [ find default=yes ] auth-algorithms=sha1 disabled=no enc-algorithms=3des \ lifetime=30m name=default pfs-group=modp1024 /ppp profile set 0 change-tcp-mss=yes name=default only-one=default use-compression=\ default use-encryption=default use-mpls=default use-vj-compression=\ default set 1 change-tcp-mss=yes name=default-encryption only-one=default \ use-compression=default use-encryption=yes use-mpls=default \ use-vj-compression=default /queue simple add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both \ disabled=no interface=all limit-at=0/0 max-limit=100M/100M name=ROOT \ packet-marks=no-mark parent=none priority=8 queue=\ default-small/default-small target-addresses="" total-queue=default-small add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both \ disabled=no interface=all limit-at=64k/64k max-limit=256k/256k name=\ 01-kritis packet-marks=critical_up,critical_down parent=ROOT priority=1 \ queue=default-small/default-small target-addresses=192.168.100.0/24 \ total-queue=default-small add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both \ disabled=no interface=all limit-at=384k/1M max-limit=512k/1500k name=\ 02-game packet-marks=game_up,game_down parent=ROOT priority=2 queue=\ pcq-game-up/pcq-game-down target-addresses=192.168.100.0/24 total-queue=\ default-small add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both \ disabled=no interface=all limit-at=0/0 max-limit=384k/3M name=\ 04-all-paket packet-marks=big_up,big_down parent=ROOT priority=7 queue=\ sfq-up/sfq-down target-addresses=192.168.100.0/24 total-queue=\ default-small
�add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both \ disabled=no interface=all limit-at=18k/100k max-limit=384k/1M name=OP \ packet-marks="" parent=04-all-paket priority=8 queue=\ default-small/default-small target-addresses=192.168.100.253/32 \ total-queue=default-small add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both \ disabled=no interface=all limit-at=18k/100k max-limit=200k/1M name=\ CLIENT-01 packet-marks="" parent=04-all-paket priority=8 queue=\ default-small/default-small target-addresses=192.168.100.1/32 \ total-queue=default-small add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both \ disabled=no interface=all limit-at=18k/100k max-limit=200k/1M name=\ CLIENT-02 packet-marks="" parent=04-all-paket priority=8 queue=\ default-small/default-small target-addresses=192.168.100.2/32 \ total-queue=default-small add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both \ disabled=no interface=all limit-at=48k/196k max-limit=200k/1M name=\ CLIENT-03 packet-marks="" parent=04-all-paket priority=8 queue=\ default-small/default-small target-addresses=192.168.100.3/32 \ total-queue=default-small add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both \ disabled=no interface=all limit-at=18k/100k max-limit=200k/1M name=\ CLIENT-04 packet-marks="" parent=04-all-paket priority=8 queue=\ default-small/default-small target-addresses=192.168.100.4/32 \ total-queue=default-small add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both \ disabled=no interface=all limit-at=18k/100k max-limit=200k/1M name=\ CLIENT-05 packet-marks="" parent=04-all-paket priority=8 queue=\ default-small/default-small target-addresses=192.168.100.5/32 \ total-queue=default-small add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both \ disabled=no interface=all limit-at=18k/100k max-limit=200k/1M name=\ CLIENT-06 packet-marks="" parent=04-all-paket priority=8 queue=\ default-small/default-small target-addresses=192.168.100.6/32 \ total-queue=default-small add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both \ disabled=no interface=all limit-at=18k/100k max-limit=200k/1M name=\ CLIENT-07 packet-marks="" parent=04-all-paket priority=8 queue=\ default-small/default-small target-addresses=192.168.100.7/32 \ total-queue=default-small add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both \ disabled=no interface=all limit-at=18k/100k max-limit=200k/1M name=\ CLIENT-08 packet-marks="" parent=04-all-paket priority=8 queue=\ default-small/default-small target-addresses=192.168.100.8/32 \ total-queue=default-small add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both \ disabled=no interface=all limit-at=18k/100k max-limit=200k/1M name=\ CLIENT-09 packet-marks="" parent=04-all-paket priority=8 queue=\ default-small/default-small target-addresses=192.168.100.9/32 \ total-queue=default-small add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both \ disabled=no interface=all limit-at=18k/100k max-limit=200k/1M name=\ CLIENT-10 packet-marks="" parent=04-all-paket priority=8 queue=\ default-small/default-small target-addresses=192.168.100.10/32 \ total-queue=default-small add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both \ disabled=no interface=all limit-at=18k/100k max-limit=200k/1M name=\ CLIENT-11 packet-marks="" parent=04-all-paket priority=8 queue=\ default-small/default-small target-addresses=192.168.100.11/32 \ total-queue=default-small
�add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both \ disabled=no interface=all limit-at=18k/100k max-limit=200k/1M name=\ CLIENT-12 packet-marks="" parent=04-all-paket priority=8 queue=\ default-small/default-small target-addresses=192.168.100.12/32 \ total-queue=default-small add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both \ disabled=no interface=all limit-at=18k/100k max-limit=200k/1M name=\ CLIENT-13 packet-marks="" parent=04-all-paket priority=8 queue=\ default-small/default-small target-addresses=192.168.100.13/32 \ total-queue=default-small add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both \ disabled=no interface=all limit-at=18k/100k max-limit=200k/1M name=\ CLIENT-14 packet-marks="" parent=04-all-paket priority=8 queue=\ default-small/default-small target-addresses=192.168.100.14/32 \ total-queue=default-small add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both \ disabled=no interface=all limit-at=18k/100k max-limit=200k/1M name=\ CLIENT-15 packet-marks="" parent=04-all-paket priority=8 queue=\ default-small/default-small target-addresses=192.168.100.15/32 \ total-queue=default-small add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both \ disabled=no interface=all limit-at=18k/100k max-limit=200k/1M name=\ CLIENT-16 packet-marks="" parent=04-all-paket priority=8 queue=\ default-small/default-small target-addresses=192.168.100.16/32 \ total-queue=default-small add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both \ disabled=no interface=all limit-at=18k/100k max-limit=200k/1M name=\ CLIENT-17 packet-marks="" parent=04-all-paket priority=8 queue=\ default-small/default-small target-addresses=192.168.100.17/32 \ total-queue=default-small add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both \ disabled=no interface=all limit-at=18k/100k max-limit=200k/1M name=\ CLIENT-18 packet-marks="" parent=04-all-paket priority=8 queue=\ default-small/default-small target-addresses=192.168.100.18/32 \ total-queue=default-small add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both \ disabled=no interface=all limit-at=18k/100k max-limit=200k/1M name=\ CLIENT-19 packet-marks="" parent=04-all-paket priority=8 queue=\ default-small/default-small target-addresses=192.168.100.19/32 \ total-queue=default-small add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both \ disabled=no interface=all limit-at=18k/100k max-limit=200k/1M name=\ CLIENT-20 packet-marks="" parent=04-all-paket priority=8 queue=\ default-small/default-small target-addresses=192.168.100.20/32 \ total-queue=default-small add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both \ disabled=no interface=all limit-at=18k/100k max-limit=200k/1M name=\ CLIENT-21 packet-marks="" parent=04-all-paket priority=8 queue=\ default-small/default-small target-addresses=192.168.100.21/32 \ total-queue=default-small /routing bgp instance set default as=65530 client-to-client-reflection=yes disabled=no \ ignore-as-path-len=no name=default out-filter="" redistribute-connected=\ no redistribute-ospf=no redistribute-other-bgp=no redistribute-rip=no \ redistribute-static=no router-id=0.0.0.0 routing-table="" /routing ospf instance set [ find default=yes ] disabled=no distribute-default=never in-filter=\ ospf-in metric-bgp=auto metric-connected=20 metric-default=1 \ metric-other-ospf=auto metric-rip=20 metric-static=20 name=default \ out-filter=ospf-out redistribute-bgp=no redistribute-connected=no \
�redistribute-other-ospf=no redistribute-rip=no redistribute-static=no \ router-id=0.0.0.0 /routing ospf area set [ find default=yes ] area-id=0.0.0.0 disabled=no instance=default name=\ backbone type=default /snmp community set [ find default=yes ] address=0.0.0.0/0 authentication-password="" \ authentication-protocol=MD5 encryption-password="" encryption-protocol=\ DES name=public read-access=yes security=none write-access=no /system logging action set 0 memory-lines=100 memory-stop-on-full=no name=memory target=memory set 1 disk-file-count=2 disk-file-name=log disk-lines-per-file=100 \ disk-stop-on-full=no name=disk target=disk set 2 name=echo remember=yes target=echo set 3 bsd-syslog=no name=remote remote-port=514 src-address=0.0.0.0 \ syslog-facility=daemon syslog-severity=auto target=remote /user group set read name=read policy="local,telnet,ssh,reboot,read,test,winbox,password,w\ eb,sniff,sensitive,api,!ftp,!write,!policy" skin=default set write name=write policy="local,telnet,ssh,reboot,read,write,test,winbox,pa\ ssword,web,sniff,sensitive,api,!ftp,!policy" skin=default set full name=full policy="local,telnet,ssh,ftp,reboot,read,write,policy,test,\ winbox,password,web,sniff,sensitive,api" skin=default /interface bridge settings set use-ip-firewall=no use-ip-firewall-for-pppoe=no use-ip-firewall-for-vlan=\ no /interface ethernet switch port set 0 vlan-header=leave-as-is vlan-mode=disabled set 1 vlan-header=leave-as-is vlan-mode=disabled set 2 vlan-header=leave-as-is vlan-mode=disabled set 3 vlan-header=leave-as-is vlan-mode=disabled set 4 vlan-header=leave-as-is vlan-mode=disabled set 5 vlan-header=leave-as-is vlan-mode=disabled /interface l2tp-server server set authentication=pap,chap,mschap1,mschap2 default-profile=\ default-encryption enabled=no max-mru=1460 max-mtu=1460 mrru=disabled /interface ovpn-server server set auth=sha1,md5 certificate=none cipher=blowfish128,aes128 default-profile=\ default enabled=no keepalive-timeout=60 mac-address=FE:57:CD:DE:D5:B9 \ max-mtu=1500 mode=ip netmask=24 port=1194 require-client-certificate=no /interface pptp-server server set authentication=mschap1,mschap2 default-profile=default-encryption \ enabled=no keepalive-timeout=30 max-mru=1460 max-mtu=1460 mrru=disabled /interface sstp-server server set authentication=pap,chap,mschap1,mschap2 certificate=none default-profile=\ default enabled=no keepalive-timeout=60 max-mru=1500 max-mtu=1500 mrru=\ disabled port=443 verify-client-certificate=no /ip accounting set account-local-traffic=no enabled=no threshold=256 /ip accounting web-access set accessible-via-web=no address=0.0.0.0/0 /ip address add address=192.168.1.2/24 disabled=no interface=e1wan1 network=192.168.1.0 add address=192.168.2.2/24 disabled=no interface=e2wan2 network=192.168.2.0 add address=192.168.100.254/24 disabled=no interface=e5lokal network=\ 192.168.100.0 /ip dhcp-server config set store-leases-disk=5m /ip dns set allow-remote-requests=yes cache-max-ttl=1w cache-size=2048KiB \
�/ip add add add add add add add add add /ip add /ip set
/ip add /ip add add add add add add add
add add
add add
add
add
max-udp-packet-size=512 servers=\ 8.8.8.8,8.8.4.4,203.130.193.74,203.130.196.5 dns static address=203.130.193.75 disabled=yes name=ns2.telkom.net.id ttl=1d address=202.134.0.155 disabled=yes name=nsjkt1.telkom.net.id ttl=1d address=203.130.196.5 disabled=yes name=nsjkt2.telkom.net.id ttl=1d address=203.130.196.155 disabled=yes name=nsjkt3.telkom.net.id ttl=1d address=222.124.204.34 disabled=yes name=ns2.telkom.net.id ttl=1d address=203.130.196.6 disabled=yes name=ns1.telkom.net.id ttl=1d address=202.134.2.5 disabled=yes name=nsbdg1.telkom.net.id ttl=1d address=203.130.208.18 disabled=yes name=nssmg1.telkom.net.id ttl=1d address=202.134.1.10 disabled=yes name=nssby1.telkom.net.id ttl=1d firewall address-list address=192.168.100.0/24 disabled=no list=Local firewall connection tracking enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s \ tcp-close-wait-timeout=10s tcp-established-timeout=1d \ tcp-fin-wait-timeout=10s tcp-last-ack-timeout=10s \ tcp-syn-received-timeout=5s tcp-syn-sent-timeout=5s tcp-syncookie=no \ tcp-time-wait-timeout=10s udp-stream-timeout=3m udp-timeout=10s firewall filter action=drop chain=input disabled=no dst-port=21,22,23,8291 protocol=tcp firewall mangle action=mark-packet chain=prerouting disabled=yes dscp=12 new-packet-mark=\ Proxy-hit passthrough=no protocol=tcp action=mark-packet chain=postrouting disabled=yes dscp=12 \ new-packet-mark=Proxy-hit passthrough=no protocol=tcp action=mark-connection chain=input disabled=no in-interface=speedy1 \ new-connection-mark=con_speedy1 passthrough=yes action=mark-connection chain=input disabled=no in-interface=speedy2 \ new-connection-mark=con_speedy2 passthrough=yes action=mark-routing chain=output connection-mark=con_speedy1 disabled=no \ new-routing-mark=ro_speedy1 passthrough=yes action=mark-routing chain=output connection-mark=con_speedy2 disabled=no \ new-routing-mark=ro_speedy2 passthrough=yes action=mark-connection chain=prerouting disabled=no dst-port=\ 40000-40010,42489,12020-12080,13000-13080,9401,9600,40040-40500,1293,1479 \ in-interface=e5lokal new-connection-mark=con_game passthrough=yes \ protocol=udp action=mark-connection chain=prerouting disabled=no dst-port=\ 7777-7977,30000,15000-15002,14009-14010,27017 in-interface=e5lokal \ new-connection-mark=con_game passthrough=yes protocol=udp action=mark-connection chain=prerouting disabled=no dst-port="19101,19000,\ 39220,39190,49100,27780,29000,22100,6000-6152,1818,13002,10012" \ in-interface=e5lokal new-connection-mark=con_game passthrough=yes \ protocol=tcp action=mark-connection chain=prerouting disabled=no dst-port=\ 14009-14010,39100,39110,8001,9015,40300-40404,36567 in-interface=e5lokal \ new-connection-mark=con_game passthrough=yes protocol=tcp action=mark-connection chain=prerouting disabled=no dst-port="10009,13008,\ 16666,28012,9300,9400,9700,10001-10011,40000,4300,22100,12025,13051" \ in-interface=e5lokal new-connection-mark=con_game passthrough=yes \ protocol=tcp action=mark-connection chain=prerouting disabled=no dst-port="5340,5352,11\ 132,11458,18901-18910,13045,27018,7777,2001,5121,9600-9602,12011,12110" \ in-interface=e5lokal new-connection-mark=con_game passthrough=yes \ protocol=tcp action=mark-connection chain=prerouting disabled=no dst-port=\ 843,9339,1111-1120,11000-14000,5050,5060 in-interface=e5lokal \ new-connection-mark=con_game passthrough=yes protocol=tcp
�add action=mark-routing chain=prerouting connection-mark=con_game disabled=no \ in-interface=e5lokal new-routing-mark=ro_speedy1 passthrough=yes add action=mark-packet chain=prerouting disabled=no dst-port=53 in-interface=\ e5lokal new-packet-mark=critical_up passthrough=no protocol=udp add action=mark-packet chain=postrouting disabled=no new-packet-mark=\ critical_down out-interface=e5lokal passthrough=no protocol=udp src-port=\ 53 add action=mark-packet chain=prerouting disabled=no icmp-options=0:0 \ in-interface=e5lokal new-packet-mark=critical_up passthrough=no protocol=\ icmp add action=mark-packet chain=prerouting disabled=no icmp-options=8:0 \ in-interface=e5lokal new-packet-mark=critical_up passthrough=no protocol=\ icmp add action=mark-packet chain=postrouting disabled=no icmp-options=0:0 \ new-packet-mark=critical_down out-interface=e5lokal passthrough=no \ protocol=icmp add action=mark-packet chain=postrouting disabled=no icmp-options=8:0 \ new-packet-mark=critical_down out-interface=e5lokal passthrough=no \ protocol=icmp add action=mark-packet chain=prerouting connection-mark=con_game disabled=no \ in-interface=e5lokal new-packet-mark=game_up passthrough=no add action=mark-packet chain=postrouting connection-mark=con_game disabled=no \ new-packet-mark=game_down out-interface=e5lokal passthrough=no add action=mark-connection chain=prerouting disabled=no dst-address-type=\ !local dst-port=80,8080 in-interface=e5lokal new-connection-mark=\ con_speedy1 nth=3,1 passthrough=yes protocol=tcp add action=mark-connection chain=prerouting disabled=no dst-address-type=\ !local dst-port=80,8080 in-interface=e5lokal new-connection-mark=\ con_speedy2 nth=3,2 passthrough=yes protocol=tcp add action=mark-connection chain=prerouting disabled=no dst-address-type=\ !local dst-port=80,8080 in-interface=e5lokal new-connection-mark=\ con_spidol3 nth=3,3 passthrough=yes protocol=tcp add action=mark-routing chain=prerouting connection-mark=con_speedy1 \ disabled=no in-interface=e5lokal new-routing-mark=ro_speedy1 passthrough=\ yes add action=mark-routing chain=prerouting connection-mark=con_speedy2 \ disabled=no in-interface=e5lokal new-routing-mark=ro_speedy2 passthrough=\ yes add action=mark-routing chain=prerouting connection-mark=con_spidol3 \ disabled=no in-interface=e5lokal new-routing-mark=ro_speedy2 passthrough=\ yes add action=mark-connection chain=prerouting disabled=no dst-address-type=\ !local dst-port=!80,8080 in-interface=e5lokal new-connection-mark=\ con_speedy1 passthrough=yes per-connection-classifier=both-addresses:3/0 \ protocol=tcp add action=mark-connection chain=prerouting disabled=no dst-address-type=\ !local dst-port=!80,8080 in-interface=e5lokal new-connection-mark=\ con_speedy2 passthrough=yes per-connection-classifier=both-addresses:3/1 \ protocol=tcp add action=mark-connection chain=prerouting disabled=no dst-address-type=\ !local dst-port=!80,8080 in-interface=e5lokal new-connection-mark=\ con_spidol3 passthrough=yes per-connection-classifier=both-addresses:3/2 \ protocol=tcp add action=mark-connection chain=prerouting disabled=no dst-address-type=\ !local dst-port=!67,68 in-interface=e5lokal new-connection-mark=\ con_speedy1 passthrough=yes per-connection-classifier=dst-address:3/0 \ protocol=udp add action=mark-connection chain=prerouting disabled=no dst-address-type=\ !local dst-port=!67,68 in-interface=e5lokal new-connection-mark=\ con_speedy2 passthrough=yes per-connection-classifier=dst-address:3/1 \
�protocol=udp add action=mark-connection chain=prerouting disabled=no dst-address-type=\ !local dst-port=!67,68 in-interface=e5lokal new-connection-mark=\ con_spidol3 passthrough=yes per-connection-classifier=both-ports:3/2 \ protocol=udp add action=mark-routing chain=prerouting connection-mark=con_speedy1 \ disabled=no in-interface=e5lokal new-routing-mark=ro_speedy1 passthrough=\ yes add action=mark-routing chain=prerouting connection-mark=con_speedy2 \ disabled=no in-interface=e5lokal new-routing-mark=ro_speedy2 passthrough=\ yes add action=mark-routing chain=prerouting connection-mark=con_spidol3 \ disabled=no in-interface=e5lokal new-routing-mark=ro_speedy2 passthrough=\ yes add action=mark-packet chain=prerouting disabled=yes dst-port=\ 80,8080,443,21,22,465 in-interface=e5lokal new-packet-mark=\ time_critical_up packet-size=0-666 passthrough=no protocol=tcp tcp-flags=\ syn add action=mark-packet chain=prerouting disabled=yes dst-port=\ 80,8080,443,21,22,465 in-interface=e5lokal new-packet-mark=\ time_critical_up packet-size=0-123 passthrough=no protocol=tcp tcp-flags=\ ack add action=mark-packet chain=postrouting disabled=yes new-packet-mark=\ time_critical_down out-interface=e5lokal packet-size=0-666 passthrough=no \ protocol=tcp src-port=80,8080,443,21,22,465 tcp-flags=syn add action=mark-packet chain=postrouting disabled=yes new-packet-mark=\ time_critical_down out-interface=e5lokal packet-size=0-123 passthrough=no \ protocol=tcp src-port=80,8080,443,21,22,465 tcp-flags=ack add action=mark-packet chain=prerouting disabled=no dst-address-list=!Local \ in-interface=e5lokal new-packet-mark=big_up passthrough=no add action=mark-packet chain=postrouting disabled=no new-packet-mark=big_down \ out-interface=e5lokal passthrough=no src-address-list=!Local /ip firewall nat add action=masquerade chain=srcnat disabled=no out-interface=speedy1 add action=masquerade chain=srcnat disabled=no out-interface=speedy2 /ip firewall service-port set ftp disabled=no ports=21 set tftp disabled=no ports=69 set irc disabled=no ports=6667 set h323 disabled=no set sip disabled=no ports=5060,5061 sip-direct-media=yes set pptp disabled=no /ip hotspot service-port set ftp disabled=no ports=21 /ip neighbor discovery set e1wan1 disabled=no set e2wan2 disabled=no set e3wan3 disabled=no set e4proxy disabled=no set e5lokal disabled=no set speedy1 disabled=yes set speedy2 disabled=yes /ip proxy set always-from-cache=no cache-administrator=webmaster cache-hit-dscp=4 \ cache-on-disk=no enabled=no max-cache-size=none max-client-connections=\ 600 max-fresh-time=3d max-server-connections=600 parent-proxy=0.0.0.0 \ parent-proxy-port=0 port=8080 serialize-connections=no src-address=\ 0.0.0.0 /ip route add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
�speedy1 routing-mark=ro_speedy1 scope=30 target-scope=10 add check-gateway=ping disabled=no distance=2 dst-address=0.0.0.0/0 gateway=\ speedy2 routing-mark=ro_speedy1 scope=30 target-scope=10 add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\ speedy2 routing-mark=ro_speedy2 scope=30 target-scope=10 add check-gateway=ping disabled=no distance=2 dst-address=0.0.0.0/0 gateway=\ speedy1 routing-mark=ro_speedy2 scope=30 target-scope=10 add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\ speedy2 scope=30 target-scope=10 add check-gateway=ping disabled=no distance=2 dst-address=0.0.0.0/0 gateway=\ speedy1 scope=30 target-scope=10 /ip service set telnet address=0.0.0.0/0 disabled=yes port=23 set ftp address=0.0.0.0/0 disabled=yes port=21 set www address=0.0.0.0/0 disabled=no port=808 set ssh address=0.0.0.0/0 disabled=yes port=22 set www-ssl address=0.0.0.0/0 certificate=none disabled=yes port=443 set api address=0.0.0.0/0 disabled=yes port=8728 set winbox address=0.0.0.0/0 disabled=no port=8292 /ip smb set allow-guests=yes comment=MikrotikSMB domain=MSHOME enabled=no interfaces=\ all /ip smb shares set [ find default=yes ] comment="default share" directory=/pub disabled=no \ max-sessions=10 name=pub /ip smb users set [ find default=yes ] disabled=no name=guest password="" read-only=yes /ip socks set connection-idle-timeout=2m enabled=no max-connections=200 port=1080 /ip traffic-flow set active-flow-timeout=30m cache-entries=4k enabled=no \ inactive-flow-timeout=15s interfaces=all /ip upnp set allow-disable-external-interface=yes enabled=no show-dummy-rule=yes /mpls set dynamic-label-range=16-1048575 propagate-ttl=yes /mpls interface set [ find default=yes ] disabled=no interface=all mpls-mtu=1508 /mpls ldp set distribute-for-default-route=no enabled=no hop-limit=255 loop-detect=no \ lsr-id=0.0.0.0 path-vector-limit=255 transport-address=0.0.0.0 \ use-explicit-null=no /port firmware set directory=firmware /ppp aaa set accounting=yes interim-update=0s use-radius=no /queue interface set e1wan1 queue=only-hardware-queue set e2wan2 queue=only-hardware-queue set e3wan3 queue=only-hardware-queue set e4proxy queue=only-hardware-queue set e5lokal queue=only-hardware-queue /radius incoming set accept=no port=3799 /routing bfd interface set [ find default=yes ] disabled=no interface=all interval=0.2s min-rx=0.2s \ multiplier=5 /routing mme set bidirectional-timeout=2 gateway-class=none gateway-keepalive=1m \ gateway-selection=no-gateway origination-interval=5s preferred-gateway=\
�0.0.0.0 timeout=1m ttl=50 /routing rip set distribute-default=never garbage-timer=2m metric-bgp=1 metric-connected=1 \ metric-default=1 metric-ospf=1 metric-static=1 redistribute-bgp=no \ redistribute-connected=no redistribute-ospf=no redistribute-static=no \ routing-table=main timeout-timer=3m update-timer=30s /snmp set contact="" enabled=no engine-id="" location="" trap-generators="" \ trap-target="" trap-version=1 /system clock set time-zone-name=Asia/Jakarta /system clock manual set dst-delta=+00:00 dst-end="jan/01/1970 00:00:00" dst-start=\ "jan/01/1970 00:00:00" time-zone=+00:00 /system identity set name=WAR-NET /system logging set 0 action=memory disabled=no prefix="" topics=info set 1 action=memory disabled=no prefix="" topics=error set 2 action=memory disabled=no prefix="" topics=warning set 3 action=echo disabled=no prefix="" topics=critical /system note set note="CyberCafe by SoftNET" show-at-login=yes /system ntp client set enabled=yes mode=unicast primary-ntp=203.34.118.4 secondary-ntp=\ 123.108.200.163 /system resource irq set 0 cpu=auto set 1 cpu=auto /system routerboard settings set boot-device=nand-if-fail-then-ethernet boot-protocol=bootp cpu-frequency=\ 400MHz force-backup-booter=no silent-boot=no /system scheduler add comment="flush dns cache" disabled=no interval=1d name=flush-dns-cache \ on-event="/ip dns cache flush" policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive \ start-date=jan/01/1970 start-time=06:00:00 /system upgrade mirror set check-interval=1d enabled=no primary-server=0.0.0.0 secondary-server=\ 0.0.0.0 user="" /system watchdog set auto-send-supout=no automatic-supout=yes no-ping-delay=5m watch-address=\ none watchdog-timer=yes /tool bandwidth-server set allocate-udp-ports-from=2000 authenticate=yes enabled=yes max-sessions=\ 100 /tool e-mail set address=0.0.0.0 from=<> password="" port=25 user="" /tool graphing set page-refresh=300 store-every=5min /tool mac-server add disabled=no interface=all /tool mac-server mac-winbox set [ find default=yes ] disabled=no interface=all /tool mac-server ping set enabled=yes /tool sms set allowed-number="" channel=0 keep-max-sms=0 receive-enabled=no secret="" /tool sniffer set file-limit=1000KiB file-name="" filter-ip-address="" filter-ip-protocol=\
�"" filter-mac-address="" filter-mac-protocol="" filter-port="" \ filter-stream=yes interface=all memory-limit=100KiB memory-scroll=yes \ only-headers=no streaming-enabled=no streaming-server=0.0.0.0 /tool traffic-generator set latency-distribution-scale=10 test-id=0 /user aaa set accounting=yes default-group=read exclude-groups="" interim-update=0s \ use-radius=no
�