# model: RB760iGS # serial-number: HEP09DRD2K9 # firmware-type: mt7621L # current-firmware: 6.48.6 # installed-version: 7.13 # Flags: U - UNDOABLE # Columns: ACTION, BY, POLICY, TIME # ACTION BY POLICY TIME # U ip service changed bruna.noc write 2024-09-16 14:00:50 # U ip service changed bruna.noc write 2024-09-16 14:00:49 # U ip service changed bruna.noc write 2024-09-16 14:00:49 # U ip service changed bruna.noc write 2024-09-16 14:00:49 # U user oxidized added bruna.noc write 2024-09-16 14:00:49 # policy # U user luan.noc added bruna.noc write 2024-09-16 14:00:49 # policy # U user marcos.noc added bruna.noc write 2024-09-16 14:00:49 # policy # U user oxidized removed bruna.noc write 2024-09-16 14:00:43 # policy # U user marcos.noc removed bruna.noc write 2024-09-16 14:00:43 # policy # U user scripts.noc removed bruna.noc write 2024-09-16 14:00:43 # policy # # 2024-10-05 02:29:08 by RouterOS 7.13 # software id = 02R4-47E3 # # model = RB760iGS # serial number = HEP09DRD2K9 /interface bridge add name=REDE-WIFI add name=loopback /interface ethernet set [ find default-name=ether1 ] comment=LINK set [ find default-name=ether2 ] comment=REDE-INTERNA set [ find default-name=ether3 ] comment=SE77E-LP-SALA-RESERVA-FUNDOS set [ find default-name=ether4 ] comment=SE77E-LP-PONTOCENTRAL set [ find default-name=ether5 ] comment=SE77E-LP-KIDS /interface vlan add interface=ether1 name=VLAN-225-LPP vlan-id=225 /interface lte apn set [ find default=yes ] ip-type=ipv4 use-network-apn=no /ip hotspot profile set [ find default=yes ] html-directory=hotspot add hotspot-address=192.168.76.1 html-directory=flash/connectspot login-by=http-pap name=Profileconnectspot nas-port-type=ethernet radius-interim-update=15m use-radius=yes /ip hotspot user profile set [ find default=yes ] add-mac-cookie=no idle-timeout=30m keepalive-timeout=30m shared-users=unlimited /ip pool add name=dhcp_pool0 ranges=192.168.77.2-192.168.77.254 add name=dhcp_pool1 ranges=192.168.76.2-192.168.76.254 /ip dhcp-server add address-pool=dhcp_pool0 interface=ether2 lease-time=1d name=dhcp1 add address-pool=dhcp_pool1 interface=REDE-WIFI lease-time=1d name=dhcp2 /ip hotspot add address-pool=dhcp_pool1 addresses-per-mac=unlimited disabled=no idle-timeout=30m interface=REDE-WIFI keepalive-timeout=30m name=Connectspot profile=Profileconnectspot /port set 0 name=serial0 /routing ospf instance add disabled=no name=default-v2 router-id=10.0.8.58 add disabled=no name=default-v3 router-id=10.0.8.58 version=3 /routing ospf area add disabled=no instance=default-v2 name=backbone /interface bridge port add bridge=REDE-WIFI interface=ether3 add bridge=REDE-WIFI interface=ether4 add bridge=REDE-WIFI interface=ether5 /ipv6 settings set disable-ipv6=yes max-neighbor-entries=8192 /interface ovpn-server server set auth=sha1,md5 /ip address add address=10.0.8.58/30 comment=VLAN-225-LPP interface=VLAN-225-LPP network=10.0.8.56 add address=192.168.77.1/24 comment=REDE-INTERNA interface=ether2 network=192.168.77.0 add address=143.0.254.69 comment=LOOPBACK-REDE-INTERNA interface=loopback network=143.0.254.69 add address=192.168.76.1/24 comment=REDE-WIFI interface=REDE-WIFI network=192.168.76.0 add address=143.0.252.157 comment=LOOPBACK-WIFI interface=loopback network=143.0.252.157 /ip dhcp-server lease add address=192.168.76.252 client-id=1:f0:9f:c2:fc:60:f4 comment=UNIFI mac-address=F0:9F:C2:FC:60:F4 server=dhcp2 add address=192.168.76.253 client-id=1:e0:63:da:3c:96:6b comment=UNIFI mac-address=E0:63:DA:3C:96:6B server=dhcp2 add address=192.168.76.254 client-id=1:74:83:c2:c0:4f:df comment=UNIFI mac-address=74:83:C2:C0:4F:DF server=dhcp2 /ip dhcp-server network add address=192.168.76.0/24 gateway=192.168.76.1 add address=192.168.77.0/24 gateway=192.168.77.1 /ip dns set servers=143.0.252.10,143.0.252.20 /ip firewall filter add action=passthrough chain=unused-hs-chain comment="place hotspot rules here" disabled=yes /ip firewall nat add action=passthrough chain=unused-hs-chain comment="place hotspot rules here" disabled=yes add action=same chain=srcnat same-not-by-dst=no src-address=192.168.77.0/24 to-addresses=143.0.254.69 add action=same chain=srcnat same-not-by-dst=no src-address=192.168.76.0/24 to-addresses=143.0.252.157 add action=same chain=srcnat protocol=!ospf same-not-by-dst=no src-address=10.0.8.58 to-addresses=143.0.252.157 /ip hotspot ip-binding add address=0.0.0.0/0 add address=192.168.76.252 comment=UNIFI mac-address=F0:9F:C2:FC:60:F4 server=Connectspot to-address=192.168.76.252 type=bypassed add address=192.168.76.253 comment=UNIFI mac-address=E0:63:DA:3C:96:6B server=Connectspot to-address=192.168.76.253 type=bypassed add address=192.168.76.254 comment=UNIFI mac-address=74:83:C2:C0:4F:DF server=Connectspot to-address=192.168.76.254 type=bypassed /ip hotspot walled-garden add dst-host=*connectspot* add dst-host=*cloudfront* add comment="login/check-in via Facebook" dst-host=*facebook.com* add dst-host=*akamai* add dst-host=*facebook.net* add dst-host=*fbcdn.net* add comment="login via Google" dst-host=*.googleapis.com add dst-host=*.googleusercontent.com add dst-host=*.accounts.youtube.com add dst-host=*.apis.google.com add dst-host=*.accounts.google.com add dst-host=accounts.google.com add dst-host=*.l.google.com add comment="login via Linkedin" dst-host=*linkedin* add dst-host=*licdn* add dst-host=*akamaiedge* add dst-host=*msedge* add dst-host=*epsiloncdn.net add dst-host=*epsiloncdn* add comment="login via tiktok" dst-host=*tiktok* add dst-host=*tiktokapis* add dst-host=*akamai* add dst-host=open.tiktokapis.com add dst-host=open-api.tiktok.com add comment="login via Twitter" dst-host=*twitter* add dst-host=*twimg* add dst-host=*fastly.net* add dst-host=*edgecastcdn.net* /ip service set telnet disabled=yes set ftp disabled=yes set www disabled=yes set ssh address=205.164.78.0/23,143.0.252.0/22,143.0.252.58/32 port=2277 set api address=143.0.252.13/32 set winbox address=143.0.252.0/22,205.164.78.0/23 set api-ssl disabled=yes /radius add address=52.67.125.75 secret=#edc2016#RFV service=hotspot timeout=10s /routing bfd configuration add disabled=no interfaces=all min-rx=200ms min-tx=200ms multiplier=5 /routing ospf interface-template add area=backbone disabled=no interfaces=VLAN-225-LPP networks=10.0.8.56/30 type=nbma add area=backbone disabled=no interfaces=loopback networks=143.0.254.69/32 add area=backbone disabled=no interfaces=loopback networks=143.0.252.157/32 /system clock set time-zone-name=America/Sao_Paulo /system identity set name=1604577735 /system note set show-at-login=no /system scheduler add interval=30m name=ResolveServidorRadius on-event=ResolveServidorRadius policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive start-date=2017-05-27 start-time=14:36:50 /system script add dont-require-permissions=no name=IXCProvedor-fazer-e-enviar-backup owner=ixc.soft policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive source="export file=backup-mikrotik_SE77E_SBF.rsc; :log info message=\"IXCSoft enviando backup por email\"; /tool e-mail send to=\"backup.noc@se77e.com.br\" subject=\"backup-SE77E_SBF\" file=backup-mikrotik_SE77E_SBF.rsc start-tls=yes" add dont-require-permissions=no name=ResolveServidorRadius owner=admin policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive source="\n:local resolvedIP [:resolve \"radius.connectspot.com.br\"];\n:local radiusID [/radius find secret=\"#edc2016#RFV\"];\n:local currentIP [/radius get \$radiusID address];\n:if (\$resolvedIP != \$currentIP) do={/radius set \$radiusID address=\$resolvedIP; /log info \"IP do servidor Radius atualizado!\";}\n" /system watchdog set automatic-supout=no watchdog-timer=no /tool e-mail set from=backup.noc@se77e.com.br server=plesk.se77e.com.br user=backup.noc@se77e.com.br /tool romon set enabled=yes