da falox79 » mar 7 dic 2010, 14:19
spero sia questo che volevi......
/interface bridge
add admin-mac=00:00:00:00:00:00 ageing-time=5m arp=enabled auto-mac=yes \
comment="" disabled=no forward-delay=15s l2mtu=1526 max-message-age=20s \
mtu=1500 name=bridge priority=0x8000 protocol-mode=none \
transmit-hold-count=6
/interface ethernet
set 0 arp=enabled auto-negotiation=yes comment="" disabled=no full-duplex=yes \
l2mtu=1526 mac-address=00:0C:42:4C:4D:98 mtu=1500 name=ether1 speed=\
100Mbps
/interface wireless security-profiles
set default authentication-types="" eap-methods=passthrough group-ciphers="" \
group-key-update=5m interim-update=0s mode=none name=default \
radius-eap-accounting=no radius-mac-accounting=no \
radius-mac-authentication=no radius-mac-caching=disabled \
radius-mac-format=XX:XX:XX:XX:XX:XX radius-mac-mode=as-username \
static-algo-0=none static-algo-1=none static-algo-2=none static-algo-3=\
none static-key-0="" static-key-1="" static-key-2="" static-key-3="" \
static-sta-private-algo=none static-sta-private-key="" \
static-transmit-key=key-0 supplicant-identity=HIPERLINK tls-certificate=\
none tls-mode=no-certificates unicast-ciphers="" wpa-pre-shared-key="" \
wpa2-pre-shared-key=""
add authentication-types=wpa2-psk group-ciphers=tkip,aes-ccm \
group-key-update=5m interim-update=0s mode=dynamic-keys name=profile1 \
radius-eap-accounting=no radius-mac-accounting=no \
radius-mac-authentication=no radius-mac-caching=disabled \
radius-mac-format=XX:XX:XX:XX:XX:XX radius-mac-mode=as-username \
static-algo-0=none static-algo-1=none static-algo-2=none static-algo-3=\
none static-key-0="" static-key-1="" static-key-2="" static-key-3="" \
static-sta-private-algo=none static-sta-private-key="" \
static-transmit-key=key-0 supplicant-identity="" tls-certificate=none \
tls-mode=no-certificates unicast-ciphers=tkip,aes-ccm wpa-pre-shared-key=\
"" wpa2-pre-shared-key=XXXXXXXXX
/interface wireless
set 0 ack-timeout=dynamic adaptive-noise-immunity=none allow-sharedkey=no \
antenna-gain=0 antenna-mode=ant-a area="" arp=enabled band=2.4ghz-b/g \
basic-rates-a/g=6Mbps basic-rates-b=1Mbps burst-time=disabled comment="" \
compression=no country=no_country_set default-ap-tx-limit=0 \
default-authentication=yes default-client-tx-limit=0 default-forwarding=\
yes dfs-mode=none disable-running-check=no disabled=no \
disconnect-timeout=3s frame-lifetime=0 frequency=2462 frequency-mode=\
manual-txpower hide-ssid=no hw-retries=4 mac-address=00:80:48:65:01:52 \
max-station-count=2007 mode=station mtu=1500 name=wlan1 \
noise-floor-threshold=default on-fail-retry-time=100ms \
periodic-calibration=default periodic-calibration-interval=60 \
preamble-mode=both proprietary-extensions=post-2.9.25 radio-name=\
008048650152 rate-set=default scan-list=default security-profile=profile1 \
ssid="Prova comune" station-bridge-clone-mac=00:00:00:00:00:00 \
supported-rates-a/g=6Mbps,9Mbps,12Mbps,18Mbps,24Mbps,36Mbps,48Mbps,54Mbps \
supported-rates-b=1Mbps,2Mbps,5.5Mbps,11Mbps tx-power-mode=default \
update-stats-interval=disabled wds-cost-range=50-150 wds-default-bridge=\
none wds-default-cost=100 wds-ignore-ssid=no wds-mode=disabled \
wmm-support=disabled
/interface wireless manual-tx-power-table
set wlan1 comment="" manual-tx-powers="1Mbps:17,2Mbps:17,5.5Mbps:17,11Mbps:17,\
6Mbps:17,9Mbps:17,12Mbps:17,18Mbps:17,24Mbps:17,36Mbps:17,48Mbps:17,54Mbps\
:17,HT20-1:0,HT20-2:0,HT20-3:0,HT20-4:0,HT20-5:0,HT20-6:0,HT20-7:0,HT20-8:\
0,HT40-1:0,HT40-2:0,HT40-3:0,HT40-4:0,HT40-5:0,HT40-6:0,HT40-7:0,HT40-8:0"
/interface wireless nstreme
set wlan1 comment="" disable-csma=no enable-nstreme=no enable-polling=yes \
framer-limit=3200 framer-policy=none
/ip hotspot profile
set default dns-name="" hotspot-address=0.0.0.0 html-directory=hotspot \
http-cookie-lifetime=3d http-proxy=0.0.0.0:0 login-by=cookie,http-chap \
name=default rate-limit="" smtp-server=0.0.0.0 split-user-domain=no \
use-radius=no
/ip hotspot user profile
set default idle-timeout=none keepalive-timeout=2m name=default shared-users=\
1 status-autorefresh=1m transparent-proxy=no
/ip ipsec proposal
set default auth-algorithms=sha1 disabled=no enc-algorithms=3des lifetime=30m \
name=default pfs-group=modp1024
/ip pool
add name=webbox ranges=192.168.50.100-192.168.50.149
/ip dhcp-server
add address-pool=webbox authoritative=after-2sec-delay bootp-support=static \
disabled=yes interface=bridge lease-time=3d name=webbox
/port
set 0 baud-rate=115200 data-bits=8 flow-control=none name=serial0 parity=none \
stop-bits=1
/ppp profile
set default change-tcp-mss=yes comment="" name=default only-one=default \
use-compression=default use-encryption=default use-vj-compression=default
set default-encryption change-tcp-mss=yes comment="" name=default-encryption \
only-one=default use-compression=default use-encryption=yes \
use-vj-compression=default
/queue type
set default kind=pfifo name=default pfifo-limit=50
set ethernet-default kind=pfifo name=ethernet-default pfifo-limit=50
set wireless-default kind=sfq name=wireless-default sfq-allot=1514 \
sfq-perturb=5
set synchronous-default kind=red name=synchronous-default red-avg-packet=1000 \
red-burst=20 red-limit=60 red-max-threshold=50 red-min-threshold=10
set hotspot-default kind=sfq name=hotspot-default sfq-allot=1514 sfq-perturb=\
5
set default-small kind=pfifo name=default-small pfifo-limit=10
/routing bgp instance
set default as=65530 client-to-client-reflection=yes comment="" disabled=no \
ignore-as-path-len=no name=default out-filter="" redistribute-connected=\
no redistribute-ospf=no redistribute-other-bgp=no redistribute-rip=no \
redistribute-static=no router-id=0.0.0.0
/routing ospf area
set backbone area-id=0.0.0.0 authentication=none disabled=no name=backbone \
type=default
/snmp
set contact="" enabled=no engine-boots=0 engine-id="" location="" \
time-window=15 trap-sink=0.0.0.0 trap-version=1
/snmp community
set public address=0.0.0.0/0 authentication-password="" \
authentication-protocol=MD5 encryption-password="" encryption-protocol=\
DES name=public read-access=yes security=none write-access=no
/system logging action
set memory memory-lines=100 memory-stop-on-full=no name=memory target=memory
set disk disk-file-count=2 disk-file-name=log disk-lines-per-file=100 \
disk-stop-on-full=no name=disk target=disk
set echo name=echo remember=yes target=echo
set remote bsd-syslog=no name=remote remote=0.0.0.0:514 src-address=0.0.0.0 \
syslog-facility=daemon syslog-severity=auto target=remote
/system routerboard settings
set baud-rate=115200 boot-delay=2s boot-device=nand-if-fail-then-ethernet \
boot-protocol=bootp cpu-frequency=300MHz enable-jumper-reset=yes \
enter-setup-on=any-key force-backup-booter=no
set baud-rate=115200 boot-delay=2s boot-device=nand-if-fail-then-ethernet \
boot-protocol=bootp cpu-frequency=300MHz enable-jumper-reset=yes \
enter-setup-on=any-key force-backup-booter=no
/user group
add comment="" name=read policy="local,telnet,ssh,reboot,read,test,winbox,pass\
word,web,sniff,sensitive,!ftp,!write,!policy"
add comment="" name=write policy="local,telnet,ssh,reboot,read,write,test,winb\
ox,password,web,sniff,sensitive,!ftp,!policy"
add comment="" name=full policy="local,telnet,ssh,ftp,reboot,read,write,policy\
,test,winbox,password,web,sniff,sensitive"
/interface bridge port
add bridge=bridge comment="" disabled=no edge=auto external-fdb=auto horizon=\
none interface=ether1 path-cost=10 point-to-point=auto priority=0x80
/interface bridge settings
set use-ip-firewall=no use-ip-firewall-for-pppoe=no use-ip-firewall-for-vlan=\
no
/interface ethernet mirror
set mirror-port=none source-port=none
/interface l2tp-server server
set authentication=pap,chap,mschap1,mschap2 default-profile=\
default-encryption enabled=no max-mru=1460 max-mtu=1460 mrru=disabled
/interface ovpn-server server
set auth=sha1,md5 certificate=none cipher=blowfish128,aes128 default-profile=\
default enabled=no keepalive-timeout=60 mac-address=FE:58:36:DE:E8:19 \
max-mtu=1500 mode=ip netmask=24 port=1194 require-client-certificate=no
/interface pptp-server server
set authentication=mschap1,mschap2 default-profile=default-encryption \
enabled=no keepalive-timeout=30 max-mru=1460 max-mtu=1460 mrru=disabled
/interface wireless access-list
add ap-tx-limit=0 authentication=yes client-tx-limit=0 comment="" disabled=no \
forwarding=yes interface=wlan1 mac-address=00:27:19:DB:78:D0 \
private-algo=none private-key="" private-pre-shared-key="" signal-range=\
-120..120
/interface wireless align
set active-mode=yes audio-max=-20 audio-min=-100 audio-monitor=\
00:00:00:00:00:00 filter-mac=00:00:00:00:00:00 frame-size=300 \
frames-per-second=25 receive-all=no ssid-all=no
/interface wireless sniffer
set channel-time=200ms file-limit=10 file-name="" memory-limit=10 \
multiple-channels=no only-headers=no receive-errors=no streaming-enabled=\
no streaming-max-rate=0 streaming-server=0.0.0.0
/interface wireless snooper
set channel-time=200ms multiple-channels=yes receive-errors=no
/ip accounting
set account-local-traffic=no enabled=no threshold=256
/ip accounting web-access
set accessible-via-web=no address=0.0.0.0/0
/ip address
add address=192.168.50.1/24 broadcast=192.168.50.255 comment="" disabled=no \
interface=ether1 network=192.168.50.0
/ip dhcp-client
add add-default-route=yes comment="" default-route-distance=0 disabled=no \
interface=wlan1 use-peer-dns=yes use-peer-ntp=yes
/ip dhcp-server config
set store-leases-disk=5m
/ip dhcp-server network
add address=192.168.50.0/24 comment="" dns-server=8.8.8.8,8.8.4.4 gateway=\
192.168.50.1
/ip dns
set allow-remote-requests=no cache-max-ttl=1w cache-size=2048KiB \
max-udp-packet-size=512 primary-dns=192.168.10.1 secondary-dns=0.0.0.0
/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s \
tcp-close-wait-timeout=10s tcp-established-timeout=1d \
tcp-fin-wait-timeout=10s tcp-last-ack-timeout=10s \
tcp-syn-received-timeout=5s tcp-syn-sent-timeout=5s tcp-syncookie=no \
tcp-time-wait-timeout=10s udp-stream-timeout=3m udp-timeout=10s
/ip firewall nat
add action=masquerade chain=srcnat comment="Added by webbox" disabled=no \
out-interface=wlan1
/ip firewall service-port
set ftp disabled=no ports=21
set tftp disabled=no ports=69
set irc disabled=no ports=6667
set h323 disabled=no
set sip disabled=no ports=5060,5061
set pptp disabled=no
/ip hotspot service-port
set ftp disabled=no ports=21
/ip neighbor discovery
set ether1 discover=yes
set wlan1 discover=no
set bridge discover=yes
/ip proxy
set always-from-cache=no cache-administrator=webmaster cache-hit-dscp=4 \
cache-on-disk=no enabled=no max-cache-size=none max-client-connections=\
600 max-fresh-time=3d max-server-connections=600 parent-proxy=0.0.0.0 \
parent-proxy-port=0 port=8080 serialize-connections=no src-address=\
0.0.0.0
/ip service
set telnet address=0.0.0.0/0 disabled=no port=23
set ftp address=0.0.0.0/0 disabled=no port=21
set www address=0.0.0.0/0 disabled=no port=80
set ssh address=0.0.0.0/0 disabled=no port=22
set www-ssl address=0.0.0.0/0 certificate=none disabled=yes port=443
set api address=0.0.0.0/0 disabled=yes port=8728
set winbox address=0.0.0.0/0 disabled=no port=8291
/ip socks
set connection-idle-timeout=2m enabled=no max-connections=200 port=1080
/ip traffic-flow
set active-flow-timeout=30m cache-entries=4k enabled=no \
inactive-flow-timeout=15s interfaces=all
/ip upnp
set allow-disable-external-interface=no enabled=yes show-dummy-rule=yes
/ip upnp interfaces
add disabled=no interface=ether1 type=internal
add disabled=no interface=wlan1 type=external
add disabled=no interface=bridge type=internal
/ppp aaa
set accounting=yes interim-update=0s use-radius=no
/queue interface
set ether1 queue=ethernet-default
set wlan1 queue=wireless-default
set bridge queue=default
/radius incoming
set accept=no port=3799
/routing mme
set bidirectional-timeout=2 gateway-class=none gateway-keepalive=1m \
gateway-selection=no-gateway origination-interval=5s preferred-gateway=\
0.0.0.0 timeout=1m ttl=50
/routing ospf
set distribute-default=never metric-bgp=20 metric-connected=20 \
metric-default=1 metric-rip=20 metric-static=20 mpls-te-area=unspecified \
mpls-te-router-id=unspecified redistribute-bgp=no redistribute-connected=\
no redistribute-rip=no redistribute-static=no router-id=0.0.0.0
/routing rip
set distribute-default=never garbage-timer=2m metric-bgp=1 metric-connected=1 \
metric-default=1 metric-ospf=1 metric-static=1 redistribute-bgp=no \
redistribute-connected=no redistribute-ospf=no redistribute-static=no \
timeout-timer=3m update-timer=30s
/store
add comment="" disabled=no disk=system name=web-proxy1 type=web-proxy
/system clock
set time-zone-name=manual
/system clock manual
set dst-delta=+00:00 dst-end="jan/01/1970 00:00:00" dst-start=\
"jan/01/1970 00:00:00" time-zone=+00:00
/system console
add disabled=no port=serial0 term=vt102
/system health
set
/system identity
set name=castelnuovovdc-CPE
/system logging
add action=memory disabled=no prefix="" topics=info
add action=memory disabled=no prefix="" topics=error
add action=memory disabled=no prefix="" topics=warning
add action=echo disabled=no prefix="" topics=critical
/system note
set note="" show-at-login=yes
/system ntp client
set enabled=no mode=broadcast primary-ntp=0.0.0.0 secondary-ntp=0.0.0.0
/system upgrade mirror
set check-interval=1d enabled=no primary-server=0.0.0.0 secondary-server=\
0.0.0.0 user=""
/system watchdog
set auto-send-supout=no automatic-supout=yes no-ping-delay=5m watch-address=\
none watchdog-timer=yes
/tool bandwidth-server
set allocate-udp-ports-from=2000 authenticate=yes enabled=yes max-sessions=\
100
/tool e-mail
set from=<> password="" server=0.0.0.0:25 username=""
/tool graphing
set page-refresh=300 store-every=5min
/tool graphing interface
add allow-address=0.0.0.0/0 disabled=no interface=all store-on-disk=yes
/tool mac-server
add disabled=no interface=all
/tool mac-server ping
set enabled=yes
/tool sms
set allowed-number="" channel=0 keep-max-sms=0 receive-enabled=no secret=""
/tool sniffer
set file-limit=10 file-name="" filter-address1=0.0.0.0/0:0-65535 \
filter-address2=0.0.0.0/0:0-65535 filter-protocol=ip-only filter-stream=\
yes interface=all memory-limit=10 only-headers=no streaming-enabled=no \
streaming-server=0.0.0.0
/user aaa
set accounting=yes default-group=read interim-update=0s use-radius=no
