# jul/08/2008 09:05:56 by RouterOS 2.9.6
# software id = 32J7-ZAN
#
/ interface ethernet
set SERVER name="SERVER" mtu=1500 mac-address=00:0B:6A:89:A8:68 arp=enabled \
disable-running-check=yes auto-negotiation=yes full-duplex=yes \
cable-settings=default speed=100Mbps comment="" disabled=no
set "ISP 1" name="ISP 1" mtu=1500 mac-address=00:0C:42:02:72:9B arp=enabled \
disable-running-check=yes auto-negotiation=yes full-duplex=yes \
cable-settings=default speed=100Mbps comment="" disabled=no
set "ISP 2" name="ISP 2" mtu=1500 mac-address=00:0C:42:02:72:9C arp=enabled \
disable-running-check=yes auto-negotiation=yes full-duplex=yes \
cable-settings=default speed=100Mbps comment="" disabled=no
set "ISP 3" name="ISP 3" mtu=1500 mac-address=00:0C:42:02:72:9D arp=enabled \
disable-running-check=yes auto-negotiation=yes full-duplex=yes \
cable-settings=default speed=100Mbps comment="" disabled=no
set "ISP 4" name="ISP 4" mtu=1500 mac-address=00:0C:42:02:72:9E arp=enabled \
disable-running-check=yes auto-negotiation=yes full-duplex=yes \
cable-settings=default speed=100Mbps comment="" disabled=no
set "ISP 5" name="ISP 5" mtu=1500 mac-address=00:0C:42:02:72:9F arp=enabled \
disable-running-check=yes auto-negotiation=yes full-duplex=yes \
cable-settings=default speed=100Mbps comment="" disabled=no
set "ISP 6" name="ISP 6" mtu=1500 mac-address=00:0C:42:02:72:A0 arp=enabled \
disable-running-check=yes auto-negotiation=yes full-duplex=yes \
cable-settings=default speed=100Mbps comment="" disabled=no
set JARDIKNAS name="JARDIKNAS" mtu=1500 mac-address=00:0C:42:02:72:A1 \
arp=enabled disable-running-check=yes auto-negotiation=yes full-duplex=yes \
cable-settings=default speed=100Mbps comment="" disabled=no
set game name="game" mtu=1500 mac-address=00:0C:42:02:72:A2 arp=enabled \
disable-running-check=yes auto-negotiation=yes full-duplex=yes \
cable-settings=default speed=100Mbps comment="" disabled=no
/ interface bridge port
set SERVER bridge=none priority=128 path-cost=10
set "ISP 1" bridge=none priority=128 path-cost=10
set "ISP 2" bridge=none priority=128 path-cost=10
set "ISP 3" bridge=none priority=128 path-cost=10
set "ISP 4" bridge=none priority=128 path-cost=10
set "ISP 5" bridge=none priority=128 path-cost=10
set "ISP 6" bridge=none priority=128 path-cost=10
set JARDIKNAS bridge=none priority=128 path-cost=10
set game bridge=none priority=128 path-cost=10
/ interface l2tp-server server
set enabled=no max-mtu=1460 max-mru=1460 \
authentication=pap,chap,mschap1,mschap2 default-profile=default-encryption
/ interface pptp-server server
set enabled=no max-mtu=1460 max-mru=1460 authentication=mschap1,mschap2 \
keepalive-timeout=30 default-profile=default-encryption
/ interface pppoe-client
add name="pppoe-out1" max-mtu=1480 max-mru=1480 interface="ISP 1" \
user="111801100416@telkom.net" password="telkom" profile=default \
service-name="" ac-name="" add-default-route=no dial-on-demand=no \
use-peer-dns=yes allow=pap,chap,mschap1,mschap2 disabled=yes
add name="pppoe-out2" max-mtu=1480 max-mru=1480 interface="ISP 2" \
user="111801100656@telkom.net" password="telkom" profile=default \
service-name="telkom2" ac-name="" add-default-route=no dial-on-demand=no \
use-peer-dns=no allow=pap,chap,mschap1,mschap2 disabled=yes
add name="pppoe-out3" max-mtu=1480 max-mru=1480 interface="ISP 3" \
user="111801100186@telkom.net" password="telkom" profile=default \
service-name="" ac-name="" add-default-route=no dial-on-demand=no \
use-peer-dns=yes allow=pap,chap,mschap1,mschap2 disabled=yes
add name="pppoe-out4" max-mtu=1480 max-mru=1480 interface="ISP 4" \
user="111801100281@telkom.net" password="telkom" profile=default \
service-name="telkom4" ac-name="" add-default-route=no dial-on-demand=no \
use-peer-dns=no allow=pap,chap,mschap1,mschap2 disabled=yes
add name="pppoe-out5" max-mtu=1480 max-mru=1480 interface="ISP 5" \
user="111801100113@telkom.net" password="telkom" profile=default \
service-name="telkom5" ac-name="" add-default-route=yes dial-on-demand=no \
use-peer-dns=no allow=pap,chap,mschap1,mschap2 disabled=yes
/ ip telephony region
/ ip telephony gatekeeper
set gatekeeper=none remote-id="" remote-address=0.0.0.0
/ ip telephony aaa
set use-radius-accounting=no interim-update=0s
/ ip telephony codec
move G.711-uLaw-64k/sw
move G.711-ALaw-64k/sw
move G.729A-8k/sw
move G.729-8k/sw
move G.723.1-6.3k/sw
move GSM-06.10-13.2k/sw
move LPC-10-2.5k/sw
/ ip accounting
set enabled=no account-local-traffic=no threshold=256
/ ip accounting web-access
set accessible-via-web=no address=0.0.0.0/0
/ ip service
set telnet port=23 address=0.0.0.0/0 disabled=no
set ftp port=21 address=0.0.0.0/0 disabled=no
set www port=80 address=0.0.0.0/0 disabled=no
set ssh port=22 address=0.0.0.0/0 disabled=no
set www-ssl port=443 address=0.0.0.0/0 certificate=none disabled=yes
/ ip socks
set enabled=no port=1080 connection-idle-timeout=2m max-connections=200
/ ip arp
/ ip upnp
set enabled=no allow-disable-external-interface=yes show-dummy-rule=yes
/ ip traffic-flow
set enabled=no interfaces=all cache-entries=4k active-flow-timeout=30m \
inactive-flow-timeout=15s
/ ip dns
set primary-dns=1.1.1.1 secondary-dns=202.134.2.5 allow-remote-requests=yes \
cache-size=5120KiB cache-max-ttl=1w
/ ip dns static
add name="gateway-primary.ict-bl.net" address=10.29.0.17 ttl=1d
/ ip address
add address=10.29.0.17/28 network=10.29.0.16 broadcast=10.29.0.31 \
interface=SERVER comment="" disabled=no
add address=1.1.1.2/24 network=1.1.1.0 broadcast=1.1.1.255 interface="ISP 1" \
comment="" disabled=no
add address=1.1.2.2/24 network=1.1.2.0 broadcast=1.1.2.255 interface="ISP 2" \
comment="" disabled=no
add address=192.168.3.2/24 network=192.168.3.0 broadcast=192.168.3.255 \
interface="ISP 3" comment="" disabled=no
add address=1.1.4.2/24 network=1.1.4.0 broadcast=1.1.4.255 interface="ISP 4" \
comment="" disabled=no
add address=1.1.5.2/24 network=1.1.5.0 broadcast=1.1.5.255 interface="ISP 5" \
comment="" disabled=no
add address=192.168.6.2/24 network=192.168.6.0 broadcast=192.168.6.255 \
interface="ISP 6" comment="" disabled=no
add address=202.154.183.140/29 network=202.154.183.136 \
broadcast=202.154.183.143 interface=game comment="" disabled=yes
/ ip proxy
set enabled=no port=8080 parent-proxy=10.29.0.22:8080 \
maximal-client-connecions=1000 maximal-server-connectons=1000
/ ip proxy access
add dst-port=23-25 action=deny comment="block telnet & spam e-mail relaying" \
disabled=no
add method=CONNECT dst-port=443 action=allow comment="allow CONNECT only to \
SSL ports 443 \[https\] and 563 \[snews\]" disabled=no
add method=CONNECT dst-port=563 action=allow comment="allow CONNECT only to \
SSL ports 443 \[https\] and 563 \[snews\]" disabled=yes
add method=CONNECT action=deny comment="allow CONNECT only to SSL ports 443 \
\[https\] and 563 \[snews\]" disabled=no
/ ip neighbor discovery
set SERVER discover=yes
set "ISP 1" discover=yes
set "ISP 2" discover=yes
set "ISP 3" discover=yes
set "ISP 4" discover=yes
set pppoe-out1 discover=no
set pppoe-out2 discover=no
set pppoe-out3 discover=no
set pppoe-out4 discover=no
set pppoe-out5 discover=no
set "ISP 5" discover=yes
set "ISP 6" discover=yes
set JARDIKNAS discover=yes
set game discover=yes
/ ip route
add dst-address=10.29.1.0/24 gateway=10.29.0.18 scope=255 target-scope=10 \
comment="" disabled=no
add dst-address=10.29.2.0/24 gateway=10.29.0.18 scope=255 target-scope=10 \
comment="" disabled=no
add dst-address=169.254.66.0/24 gateway=10.29.0.18 scope=255 target-scope=10 \
comment="" disabled=no
add dst-address=192.168.0.0/24 gateway=10.29.0.18 scope=255 target-scope=10 \
comment="" disabled=no
add dst-address=209.73.160.0/19 gateway=192.168.4.1 scope=255 target-scope=10 \
comment="ini jangan di kutik2" disabled=yes
add dst-address=0.0.0.0/0 gateway=1.1.2.1 check-gateway=ping scope=255 \
target-scope=10 routing-mark=dua comment="" disabled=no
add dst-address=0.0.0.0/0 gateway=192.168.3.1 check-gateway=ping scope=255 \
target-scope=10 routing-mark=tiga comment="" disabled=no
add dst-address=0.0.0.0/0 gateway=1.1.5.1 check-gateway=ping scope=255 \
target-scope=10 routing-mark=lima comment="" disabled=no
add dst-address=0.0.0.0/0 gateway=1.1.7.2 check-gateway=ping scope=255 \
target-scope=10 routing-mark=tujuh comment="" disabled=yes
add dst-address=0.0.0.0/0 gateway=1.1.1.1 scope=255 target-scope=10 \
routing-mark=satu comment="" disabled=no
add dst-address=0.0.0.0/0 gateway=1.1.1.1 scope=255 target-scope=10 comment="" \
disabled=no
add dst-address=0.0.0.0/0 gateway=1.1.4.1 check-gateway=ping scope=255 \
target-scope=10 routing-mark=empat comment="" disabled=no
add dst-address=0.0.0.0/0 gateway=202.154.183.137 scope=255 target-scope=10 \
routing-mark=game comment="" disabled=yes
add dst-address=0.0.0.0/0 gateway=192.168.6.1 check-gateway=ping scope=255 \
target-scope=10 routing-mark=enam comment="" disabled=no
/ ip firewall mangle
add chain=prerouting in-interface=SERVER connection-state=new \
src-address-list=game action=mark-connection new-connection-mark=game \
passthrough=yes comment="" disabled=yes
add chain=prerouting in-interface=SERVER connection-state=new \
dst-address-list=game action=mark-connection new-connection-mark=game \
passthrough=yes comment="" disabled=yes
add chain=prerouting in-interface=SERVER connection-mark=game \
action=mark-routing new-routing-mark=game passthrough=no comment="" \
disabled=yes
add chain=prerouting in-interface=SERVER connection-state=new nth=5,0,0 \
action=mark-connection new-connection-mark=satu passthrough=yes comment="" \
disabled=no
add chain=prerouting in-interface=SERVER connection-mark=satu \
action=mark-routing new-routing-mark=satu passthrough=no comment="" \
disabled=no
add chain=prerouting in-interface=SERVER connection-state=new nth=5,0,1 \
action=mark-connection new-connection-mark=dua passthrough=yes comment="" \
disabled=no
add chain=prerouting in-interface=SERVER connection-mark=dua \
action=mark-routing new-routing-mark=dua passthrough=no comment="" \
disabled=no
add chain=prerouting in-interface=SERVER connection-state=new nth=5,0,2 \
action=mark-connection new-connection-mark=tiga passthrough=yes comment="" \
disabled=no
add chain=prerouting in-interface=SERVER connection-mark=tiga \
action=mark-routing new-routing-mark=tiga passthrough=no comment="" \
disabled=no
add chain=prerouting in-interface=SERVER connection-state=new nth=5,0,3 \
action=mark-connection new-connection-mark=empat passthrough=yes \
comment="" disabled=no
add chain=prerouting in-interface=SERVER connection-mark=empat \
action=mark-routing new-routing-mark=empat passthrough=no comment="" \
disabled=no
add chain=prerouting in-interface=SERVER connection-state=new nth=5,0,4 \
action=mark-connection new-connection-mark=lima passthrough=yes comment="" \
disabled=no
add chain=prerouting in-interface=SERVER connection-mark=lima \
action=mark-routing new-routing-mark=lima passthrough=no comment="" \
disabled=no
add chain=prerouting in-interface=SERVER connection-state=new nth=5,0,5 \
action=mark-connection new-connection-mark=enam passthrough=yes comment="" \
disabled=no
add chain=prerouting in-interface=SERVER connection-mark=enam \
action=mark-routing new-routing-mark=enam passthrough=no comment="" \
disabled=no
/ ip firewall nat
add chain=srcnat action=masquerade comment="Global Masking" disabled=yes
add chain=srcnat connection-mark=satu action=src-nat to-addresses=1.1.1.2 \
to-ports=0-65535 comment="satu" disabled=no
add chain=srcnat connection-mark=dua action=src-nat to-addresses=1.1.2.2 \
to-ports=0-65535 comment="dua" disabled=no
add chain=srcnat connection-mark=tiga action=src-nat to-addresses=192.168.3.2 \
to-ports=0-65535 comment="tiga" disabled=no
add chain=srcnat connection-mark=empat action=src-nat to-addresses=1.1.4.2 \
to-ports=0-65535 comment="empat" disabled=no
add chain=srcnat connection-mark=lima action=src-nat to-addresses=1.1.5.2 \
to-ports=0-65535 comment="lima" disabled=no
add chain=srcnat connection-mark=enam action=src-nat to-addresses=192.168.6.2 \
to-ports=0-65535 comment="enam" disabled=no
add chain=srcnat out-interface="ISP 2" action=masquerade comment="" \
disabled=yes
add chain=srcnat out-interface="ISP 3" action=masquerade comment="" \
disabled=yes
add chain=srcnat out-interface="ISP 5" action=masquerade comment="" \
disabled=yes
add chain=srcnat out-interface=(unknown) action=masquerade comment="" \
disabled=yes
add chain=srcnat out-interface=(unknown) action=masquerade comment="" \
disabled=yes
add chain=srcnat out-interface=pppoe-out2 action=masquerade comment="" \
disabled=yes
add chain=srcnat out-interface=pppoe-out3 action=masquerade comment="" \
disabled=yes
add chain=srcnat out-interface=(unknown) action=masquerade comment="" \
disabled=yes
add chain=srcnat connection-mark=satu action=src-nat to-addresses=192.168.1.3 \
to-ports=0-65535 comment="" disabled=yes
add chain=srcnat connection-mark=dua action=src-nat to-addresses=192.168.2.2 \
to-ports=0-65535 comment="" disabled=yes
add chain=srcnat connection-mark=tiga action=src-nat to-addresses=192.168.3.2 \
to-ports=0-65535 comment="" disabled=yes
add chain=srcnat connection-mark=empat action=src-nat to-addresses=192.168.4.2 \
to-ports=0-65535 comment="" disabled=yes
add chain=srcnat connection-mark=lima action=src-nat to-addresses=192.168.5.2 \
to-ports=0-65535 comment="" disabled=yes
add chain=srcnat connection-mark=tujuh action=src-nat to-addresses=1.1.7.1 \
to-ports=0-65535 comment="tujuh" disabled=yes
add chain=srcnat action=accept comment="" disabled=yes
add chain=dstnat src-address=10.29.0.24 action=dst-nat to-addresses=10.29.0.17 \
to-ports=0-65535 comment="" disabled=yes
add chain=srcnat out-interface=game action=masquerade comment="" disabled=yes
/ ip firewall connection tracking
set enabled=yes tcp-syn-sent-timeout=10s tcp-syn-received-timeout=10s \
tcp-established-timeout=1d tcp-fin-wait-timeout=10s \
tcp-close-wait-timeout=10s tcp-last-ack-timeout=10s \
tcp-time-wait-timeout=10s tcp-close-timeout=10s udp-timeout=10s \
udp-stream-timeout=3m icmp-timeout=10s generic-timeout=10m
/ ip firewall filter
add chain=forward dst-address=209.73.191.242 protocol=tcp action=drop \
comment="" disabled=no
add chain=input connection-state=invalid action=drop comment="Drop Invalid \
connections" disabled=no
add chain=input connection-state=established action=accept comment="Allow \
Established connections" disabled=yes
add chain=input protocol=udp action=accept comment="Allow UDP" disabled=yes
add chain=input protocol=icmp action=accept comment="Allow ICMP" disabled=yes
add chain=forward protocol=tcp connection-state=invalid action=drop \
comment="drop invalid connections" disabled=yes
add chain=forward connection-state=established action=accept comment="allow \
already established connections" disabled=yes
add chain=forward connection-state=related action=accept comment="allow \
related connections" disabled=yes
add chain=forward protocol=tcp action=jump jump-target=tcp comment="" \
disabled=yes
add chain=forward protocol=udp action=jump jump-target=udp comment="" \
disabled=yes
add chain=forward protocol=icmp action=jump jump-target=icmp comment="" \
disabled=yes
add chain=tcp protocol=tcp dst-port=69 action=drop comment="deny TFTP" \
disabled=yes
add chain=tcp protocol=tcp dst-port=111 action=drop comment="deny RPC \
portmapper" disabled=yes
add chain=tcp protocol=tcp dst-port=135 action=drop comment="deny RPC \
portmapper" disabled=yes
add chain=tcp protocol=tcp dst-port=137-139 action=drop comment="deny NBT" \
disabled=yes
add chain=tcp protocol=tcp dst-port=445 action=drop comment="deny cifs" \
disabled=yes
add chain=tcp protocol=tcp dst-port=2049 action=drop comment="deny NFS" \
disabled=yes
add chain=tcp protocol=tcp dst-port=12345-12346 action=drop comment="deny \
NetBus" disabled=yes
add chain=tcp protocol=tcp dst-port=20034 action=drop comment="deny NetBus" \
disabled=yes
add chain=tcp protocol=tcp dst-port=3133 action=drop comment="deny \
BackOriffice" disabled=yes
add chain=tcp protocol=tcp dst-port=67-68 action=drop comment="deny DHCP" \
disabled=yes
add chain=udp protocol=udp dst-port=69 action=drop comment="deny TFTP" \
disabled=yes
add chain=udp protocol=udp dst-port=111 action=drop comment="deny PRC \
portmapper" disabled=yes
add chain=udp protocol=udp dst-port=135 action=drop comment="deny PRC \
portmapper" disabled=yes
add chain=udp protocol=udp dst-port=137-139 action=drop comment="deny NBT" \
disabled=yes
add chain=udp protocol=udp dst-port=2049 action=drop comment="deny NFS" \
disabled=yes
add chain=udp protocol=udp dst-port=3133 action=drop comment="deny \
BackOriffice" disabled=yes
add chain=icmp protocol=icmp icmp-options=0:0 action=accept comment="drop \
invalid connections" disabled=yes
add chain=icmp protocol=icmp icmp-options=3:0 action=accept comment="allow \
established connections" disabled=yes
add chain=icmp protocol=icmp icmp-options=3:1 action=accept comment="allow \
already established connections" disabled=yes
add chain=icmp protocol=icmp icmp-options=4:0 action=accept comment="allow \
source quench" disabled=yes
add chain=icmp protocol=icmp icmp-options=8:0 action=accept comment="allow \
echo request" disabled=yes
add chain=icmp protocol=icmp icmp-options=11:0 action=accept comment="allow \
time exceed" disabled=yes
add chain=icmp protocol=icmp icmp-options=12:0 action=accept comment="allow \
parameter bad" disabled=yes
add chain=icmp action=drop comment="deny all other types" disabled=yes
/ ip firewall address-list
add list=game address=202.65.113.0/24 comment="" disabled=no
add list=game address=202.93.17.0/24 comment="" disabled=no
add list=game address=202.93.20.0/24 comment="" disabled=no
add list=game address=202.154.176.0/24 comment="" disabled=no
add list=game address=202.154.183.0/24 comment="" disabled=no
add list=game address=122.102.49.0/24 comment="" disabled=no
/ ip firewall service-port
set ftp ports=21 disabled=no
set tftp ports=69 disabled=no
set irc ports=6667 disabled=no
set h323 disabled=yes
set quake3 disabled=no
set mms disabled=no
set gre disabled=yes
set pptp disabled=yes
/ ip dhcp-server config
set store-leases-disk=5m
/ ip hotspot service-port
set ftp ports=21 disabled=no
/ ip hotspot profile
set default name="default" hotspot-address=0.0.0.0 dns-name="" \
html-directory=hotspot rate-limit="" http-proxy=0.0.0.0:0 \
smtp-server=0.0.0.0 login-by=cookie,http-chap http-cookie-lifetime=3d \
split-user-domain=no use-radius=no
add name="hsprof1" hotspot-address=10.29.2.41 dns-name="PRIVATE-ROUTER" \
html-directory=hotspot rate-limit="" http-proxy=0.0.0.0:0 \
smtp-server=10.29.2.2 login-by=cookie,http-chap http-cookie-lifetime=3d \
split-user-domain=no use-radius=no
/ ip hotspot user profile
set default name="default" idle-timeout=none keepalive-timeout=2m \
status-autorefresh=1m shared-users=1 transparent-proxy=yes \
open-status-page=always advertise=no
/ ip ipsec proposal
add name="default" auth-algorithms=sha1 enc-algorithms=3des lifetime=30m \
lifebytes=0 pfs-group=modp1024 disabled=no
/ system logging
add topics=info prefix="" action=memory disabled=no
add topics=error prefix="" action=memory disabled=no
add topics=warning prefix="" action=memory disabled=no
add topics=critical prefix="" action=echo disabled=no
/ system logging action
set memory name="memory" target=memory memory-lines=100 memory-stop-on-full=no
set disk name="disk" target=disk disk-lines=100 disk-stop-on-full=no
set echo name="echo" target=echo remember=yes
set remote name="remote" target=remote remote=0.0.0.0:514
/ system upgrade mirror
set enabled=no primary-server=0.0.0.0 secondary-server=0.0.0.0 \
check-interval=1d user=""
/ system clock dst
set dst-delta=+01:00 dst-start="jan/01/1970 00:00:00" dst-end="jan/01/1970 \
00:00:00"
/ system watchdog
set reboot-on-failure=yes watch-address=none watchdog-timer=yes \
no-ping-delay=5m automatic-supout=yes auto-send-supout=no
/ system console
add port=serial0 term="" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
/ system console screen
set line-count=25
/ system identity
set name="PUBLIC-ROUTER"
/ system note
set show-at-login=yes note=""
/ system gps
set enabled=no set-system-time=no
/ system lcd
set enabled=no type=24x4 port=parallel contrast=0
/ system lcd page
set time display-time=5s disabled=yes
set resources display-time=5s disabled=yes
set uptime display-time=5s disabled=yes
set packets display-time=5s disabled=yes
set bits display-time=5s disabled=yes
set version display-time=5s disabled=yes
set pppoe-out1 display-time=5s disabled=yes
set pppoe-out2 display-time=5s disabled=yes
set pppoe-out3 display-time=5s disabled=yes
set pppoe-out4 display-time=5s disabled=yes
set "ISP 1" display-time=5s disabled=yes
set "ISP 2" display-time=5s disabled=yes
set "ISP 3" display-time=5s disabled=yes
set "ISP 4" display-time=5s disabled=yes
set "ISP 5" display-time=5s disabled=yes
set "ISP 6" display-time=5s disabled=yes
set JARDIKNAS display-time=5s disabled=yes
set game display-time=5s disabled=yes
set SERVER display-time=5s disabled=yes
set pppoe-out5 display-time=5s disabled=yes
/ system ntp server
set enabled=no broadcast=no multicast=no manycast=yes
/ system ntp client
set enabled=no mode=unicast primary-ntp=0.0.0.0 secondary-ntp=0.0.0.0
/ system routerboard bios
set
/ system health
set state-after-reboot=enabled
/ port
set serial0 name="serial0" baud-rate=9600 data-bits=8 parity=none stop-bits=1 \
flow-control=hardware
/ ppp profile
set default name="default" use-compression=default use-vj-compression=default \
use-encryption=default only-one=default change-tcp-mss=default comment=""
set default-encryption name="default-encryption" use-compression=default \
use-vj-compression=default use-encryption=yes only-one=default \
change-tcp-mss=default comment=""
/ ppp aaa
set use-radius=no accounting=yes interim-update=0s
/ queue type
set default name="default" kind=pfifo pfifo-limit=50
set ethernet-default name="ethernet-default" kind=pfifo pfifo-limit=50
set wireless-default name="wireless-default" kind=sfq sfq-perturb=5 \
sfq-allot=1514
set synchronous-default name="synchronous-default" kind=red red-limit=60 \
red-min-threshold=10 red-max-threshold=50 red-burst=20 red-avg-packet=1000
set hotspot-default name="hotspot-default" kind=sfq sfq-perturb=5 \
sfq-allot=1514
/ user
add name="admin" group=full address=0.0.0.0/0 comment="system default user" \
disabled=no
add name="hendra" group=full address=202.154.183.0/24 comment="" disabled=no
/ user group
add name="read" policy=local,telnet,ssh,reboot,read,test,winbox,password,web,!f\
tp,!write,!policy
add name="write" policy=local,telnet,ssh,reboot,read,write,test,winbox,password\
,web,!ftp,!policy
add name="full" policy=local,telnet,ssh,ftp,reboot,read,write,policy,test,winbo\
x,password,web
/ user aaa
set use-radius=no accounting=yes interim-update=0s default-group=read
/ radius incoming
set accept=no port=1700
/ driver
/ snmp
set enabled=yes contact="7494825" location="privatrouter"
/ snmp community
set public name="public" address=0.0.0.0/0 read-access=yes
/ tool bandwidth-server
set enabled=yes authenticate=no allocate-udp-ports-from=2000 max-sessions=10
/ tool mac-server ping
set enabled=yes
/ tool e-mail
set server=0.0.0.0 from="<>"
/ tool sniffer
set interface=all only-headers=no memory-limit=10 file-name="" file-limit=10 \
streaming-enabled=no streaming-server=0.0.0.0 filter-stream=yes \
filter-protocol=ip-only filter-address1=0.0.0.0/0:0-65535 \
filter-address2=0.0.0.0/0:0-65535
/ tool graphing
set store-every=5min
/ tool graphing queue
add allow-address=0.0.0.0/0 store-on-disk=yes allow-target=yes disabled=no
add allow-address=0.0.0.0/0 store-on-disk=yes allow-target=yes disabled=no
add allow-address=0.0.0.0/0 store-on-disk=yes allow-target=yes disabled=no
add allow-address=0.0.0.0/0 store-on-disk=yes allow-target=yes disabled=no
add allow-address=0.0.0.0/0 store-on-disk=yes allow-target=yes disabled=no
add allow-address=0.0.0.0/0 store-on-disk=yes allow-target=yes disabled=no
add allow-address=0.0.0.0/0 store-on-disk=yes allow-target=yes disabled=no
add allow-address=0.0.0.0/0 store-on-disk=yes allow-target=yes disabled=no
add allow-address=0.0.0.0/0 store-on-disk=yes allow-target=yes disabled=no
add allow-address=0.0.0.0/0 store-on-disk=yes allow-target=yes disabled=no
add allow-address=0.0.0.0/0 store-on-disk=yes allow-target=yes disabled=no
add allow-address=0.0.0.0/0 store-on-disk=yes allow-target=yes disabled=no
add allow-address=0.0.0.0/0 store-on-disk=yes allow-target=yes disabled=no
add allow-address=0.0.0.0/0 store-on-disk=yes allow-target=yes disabled=no
add allow-address=0.0.0.0/0 store-on-disk=yes allow-target=yes disabled=no
add allow-address=0.0.0.0/0 store-on-disk=yes allow-target=yes disabled=no
add allow-address=0.0.0.0/0 store-on-disk=yes allow-target=yes disabled=no
add allow-address=0.0.0.0/0 store-on-disk=yes allow-target=yes disabled=no
add allow-address=0.0.0.0/0 store-on-disk=yes allow-target=yes disabled=no
add allow-address=0.0.0.0/0 store-on-disk=yes allow-target=yes disabled=no
/ tool graphing interface
add interface=all allow-address=0.0.0.0/0 store-on-disk=yes disabled=no
/ routing bgp instance
set default as=65530 router-id=0.0.0.0 redistribute-static=no \
redistribute-connected=no redistribute-rip=no redistribute-ospf=no \
redistribute-other-bgp=no name="default" out-filter="" disabled=no
/ routing rip
set redistribute-static=no redistribute-connected=no redistribute-ospf=no \
redistribute-bgp=no metric-static=1 metric-connected=1 metric-ospf=1 \
metric-bgp=1 update-timer=30s timeout-timer=3m garbage-timer=2m
/ routing rip interface
add interface=all receive=v2 send=v2 authentication=none authentication-key="" \
prefix-list-in="" prefix-list-out=""
/ routing ospf
set router-id=0.0.0.0 distribute-default=never redistribute-connected=no \
redistribute-static=no redistribute-rip=no redistribute-bgp=no \
metric-default=1 metric-connected=20 metric-static=20 metric-rip=20 \
metric-bgp=20
/ routing ospf area
set backbone area-id=0.0.0.0 authentication=none prefix-list-import="" \
prefix-list-export="" disabled=no
No comments:
Post a Comment