# model: RB750r2 # serial-number: 67D2083E6709 # firmware-type: qca9531L # current-firmware: 7.2 # installed-version: 7.14 # Flags: U - UNDOABLE # Columns: ACTION, BY, POLICY, TIME # ACTION BY POLICY TIME # U ip service changed bruna.noc write 2024-09-16 12:09:07 # U ip service changed bruna.noc write 2024-09-16 12:09:07 # U ip service changed bruna.noc write 2024-09-16 12:09:07 # U ip service changed bruna.noc write 2024-09-16 12:09:07 # U user oxidized added bruna.noc write 2024-09-16 12:09:07 # policy # U user luan.noc added bruna.noc write 2024-09-16 12:09:07 # policy # U user marcos.noc added bruna.noc write 2024-09-16 12:09:07 # policy # U user marcos.noc removed bruna.noc write 2024-09-16 12:08:57 # policy # U user scripts.noc removed bruna.noc write 2024-09-16 12:08:56 # policy # U user oxidized removed bruna.noc write 2024-09-16 12:08:54 # policy # U nat rule changed bruna.noc write 2024-08-02 14:32:30 # U ospf-interface-2 changed bruna.noc write 2024-08-02 14:32:18 # U nat rule changed bruna.noc write 2024-08-02 14:32:12 # U address changed bruna.noc write 2024-08-02 14:32:04 # U nat rule changed bruna.noc write 2024-08-02 13:19:53 # U nat rule changed bruna.noc write 2024-08-02 13:18:20 # U nat rule changed bruna.noc write 2024-08-02 13:16:55 # U config changed jeffrey.noc write 2024-08-02 11:10:01 # # 2024-10-05 00:47:42 by RouterOS 7.14 # software id = VV5Z-9BZH # # model = RB750r2 # serial number = 67D2083E6709 /interface bridge add name=CAM+220V port-cost-mode=short add name="REDE-ESCRIT\D3RIO" port-cost-mode=short add name=loopback port-cost-mode=short /interface ethernet set [ find default-name=ether1 ] comment=LINK set [ find default-name=ether2 ] comment=UniFi set [ find default-name=ether3 ] comment="SW-C\C2MERAS" set [ find default-name=ether4 ] comment="PC-RECEP\C7\C2O" set [ find default-name=ether5 ] comment=220V-ABA /interface vlan add interface=ether1 name=VLAN-210-ESC-ABA vlan-id=210 /interface lte apn set [ find default=yes ] ip-type=ipv4 use-network-apn=no /ip pool add name=dhcp_pool1 ranges=192.168.5.2-192.168.5.254 /ip dhcp-server add address-pool=dhcp_pool1 interface="REDE-ESCRIT\D3RIO" lease-time=10m name=dhcp1 /ip smb users set [ find default=yes ] disabled=yes /queue simple add max-limit=20M/20M name=ROTEADOR target=192.168.5.0/24 /routing bgp template set default disabled=no output.network=bgp-networks /routing ospf instance add disabled=no name=default-v2 router-id=10.0.8.122 add disabled=no name=default-v3 router-id=10.0.8.122 version=3 /routing ospf area add disabled=no instance=default-v2 name=backbone-v2 add disabled=no instance=default-v3 name=backbone-v3 /snmp community set [ find default=yes ] addresses=143.0.252.0/22,2804:2994::/32 name=SnmP_Se77E /interface bridge port add bridge="REDE-ESCRIT\D3RIO" interface=ether2 internal-path-cost=10 path-cost=10 add bridge="REDE-ESCRIT\D3RIO" interface=ether4 internal-path-cost=10 path-cost=10 add bridge=CAM+220V interface=ether3 internal-path-cost=10 path-cost=10 add bridge=CAM+220V interface=ether5 internal-path-cost=10 path-cost=10 /ip firewall connection tracking set tcp-established-timeout=1h udp-timeout=10s /ip neighbor discovery-settings set discover-interface-list=!dynamic /ip settings set max-neighbor-entries=8192 /ipv6 settings set disable-ipv6=yes max-neighbor-entries=8192 /interface ovpn-server server set auth=sha1,md5 /ip address add address=10.77.78.1/24 comment=CAMERAS interface=CAM+220V network=10.77.78.0 add address=143.0.254.180 interface=loopback network=143.0.254.180 add address=192.168.5.1/24 comment="REDE-ESCRIT\D3RIO" interface="REDE-ESCRIT\D3RIO" network=192.168.5.0 add address=10.0.8.122/30 interface=VLAN-210-ESC-ABA network=10.0.8.120 /ip dhcp-server lease add address=192.168.5.117 client-id=1:b2:be:76:13:f0:e0 comment=PC mac-address=B2:BE:76:13:F0:E0 server=dhcp1 add address=192.168.5.80 client-id=1:80:2a:a8:ac:78:5 comment=UNIFI mac-address=80:2A:A8:AC:78:05 server=dhcp1 /ip dhcp-server network add address=192.168.5.0/24 gateway=192.168.5.1 /ip dns set servers=143.0.252.10,143.0.252.20,2804:2994:77::10,2804:2994:77::20 /ip firewall filter add action=fasttrack-connection chain=forward connection-state=established,related hw-offload=yes /ip firewall nat add action=same chain=srcnat comment="REDE-ESCRIT\D3RIO" same-not-by-dst=no src-address=192.168.5.0/24 to-addresses=143.0.254.180 add action=dst-nat chain=dstnat comment=TELEFONE disabled=yes dst-address=143.0.252.166 dst-port=8080 protocol=tcp to-addresses=192.168.5.43 to-ports=80 add action=same chain=srcnat disabled=yes protocol=!ospf same-not-by-dst=no src-address=10.0.8.122 to-addresses=143.0.252.166 add action=dst-nat chain=dstnat comment=RED-PC-TELEFONE disabled=yes dst-address=143.0.252.166 dst-port=10000-20000,5060 protocol=tcp to-addresses=192.168.5.117 add action=dst-nat chain=dstnat comment=RED-PC-TELEFONE disabled=yes dst-address=143.0.252.166 dst-port=10000-20000,5060 protocol=udp to-addresses=192.168.5.117 /ip service set telnet disabled=yes set ftp disabled=yes set www disabled=yes set ssh address=205.164.78.0/23,143.0.252.0/22,143.0.252.58/32 port=2277 set api disabled=yes set winbox address=143.0.252.0/22,205.164.78.0/23 set api-ssl disabled=yes /ip smb shares set [ find default=yes ] directory=/flash/pub /ipv6 nd set [ find default=yes ] advertise-dns=no /routing filter rule add chain=ospf-in disabled=no rule="if (dst-len in 1-32) { reject; }" /routing ospf interface-template add area=backbone-v2 disabled=no interfaces=VLAN-210-ESC-ABA networks=10.0.8.120/30 priority=1 type=ptp add area=backbone-v2 disabled=no interfaces=loopback networks=143.0.254.180/32 add area=backbone-v3 disabled=no interfaces=VLAN-210-ESC-ABA type=ptp add area=backbone-v2 disabled=no interfaces=CAM+220V networks=10.77.78.0/24 /snmp set enabled=yes trap-version=2 /system clock set time-zone-name=America/Sao_Paulo /system identity set name=VLAN-210-ESC-ABA /system note set show-at-login=no /system ntp client set enabled=yes /system ntp server set manycast=yes /system ntp client servers add address=143.0.252.51 /system package update set channel=testing /system watchdog set watchdog-timer=no /tool romon set enabled=yes secrets=@a7net@#