JustPaste.it

/export hide-sensitive

  MMM      MMM       KKK                          TTTTTTTTTTT      KKK
  MMMM    MMMM       KKK                          TTTTTTTTTTT      KKK
  MMM MMMM MMM  III  KKK  KKK  RRRRRR     OOOOOO      TTT     III  KKK  KKK
  MMM  MM  MMM  III  KKKKK     RRR  RRR  OOO  OOO     TTT     III  KKKKK
  MMM      MMM  III  KKK KKK   RRRRRR    OOO  OOO     TTT     III  KKK KKK
  MMM      MMM  III  KKK  KKK  RRR  RRR   OOOOOO      TTT     III  KKK  KKK

  MikroTik RouterOS 6.47.4 (c) 1999-2020       http://www.mikrotik.com/

[?]             Gives the list of available commands
command [?]     Gives help on the command and list of arguments

[Tab]           Completes the command/word. If the input is ambiguous,
                a second [Tab] gives possible options

/               Move up to base level
..              Move up one level
/command        Use command at the base level
[admin@MikroTik] > /export hide-sensitive
# oct/17/2020 14:11:22 by RouterOS 6.47.4
# software id = SQDY-F8EK
#
# model = 2011UAS-2HnD
# serial number = 419F0286969F
/interface bridge
add admin-mac=D4:CA:6D:D8:35:E2 auto-mac=no fast-forward=no mtu=1500 name=\
    bridge-local
/interface wireless
set [ find default-name=wlan1 ] antenna-gain=0 band=2ghz-b/g/n channel-width=\
    20/40mhz-Ce country=no_country_set disabled=no distance=indoors \
    frequency-mode=manual-txpower mode=ap-bridge ssid="Das Computerspielen" \
    station-roaming=enabled wireless-protocol=802.11
/interface ethernet
set [ find default-name=ether1 ] name=ether1-gateway speed=100Mbps
set [ find default-name=ether2 ] speed=100Mbps
set [ find default-name=ether3 ] speed=100Mbps
set [ find default-name=ether4 ] speed=100Mbps
set [ find default-name=ether5 ] speed=100Mbps
set [ find default-name=ether6 ] advertise=\
    10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full name=\
    ether6-master-local
set [ find default-name=ether7 ] advertise=\
    10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full name=\
    ether7-slave-local
set [ find default-name=ether8 ] advertise=\
    10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full name=\
    ether8-slave-local
set [ find default-name=ether9 ] advertise=\
    10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full name=\
    ether9-slave-local
set [ find default-name=ether10 ] advertise=\
    10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full name=\
    ether10-slave-local
set [ find default-name=sfp1 ] name=sfp1-gateway
/interface pptp-client
add connect-to=nl.privateinternetaccess.com disabled=no mrru=1600 name=\
    "PIA Proxy" user=x1147082
/interface list
add exclude=dynamic name=discover
add name=mactel
add name=mac-winbox
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa-psk,wpa2-psk mode=\
    dynamic-keys supplicant-identity=MikroTik
/ip ipsec proposal
set [ find default=yes ] enc-algorithms=3des
/ip pool
add name=default-dhcp ranges=192.168.88.10-192.168.88.254
/ip dhcp-server
add address-pool=default-dhcp authoritative=after-2sec-delay disabled=no \
    interface=bridge-local lease-time=3d name=default
/queue simple
add max-limit=64k/3M name="Dad's Firestick" target=192.168.88.28/32
add max-limit=256k/2M name="Keegan tab" target=192.168.88.23/32
/system logging action
set 0 memory-lines=100
set 1 disk-lines-per-file=100
/interface bridge port
add bridge=bridge-local hw=no interface=ether2
add bridge=bridge-local hw=no interface=ether3
add bridge=bridge-local hw=no interface=ether4
add bridge=bridge-local hw=no interface=ether5
add bridge=bridge-local interface=ether6-master-local
add bridge=bridge-local interface=wlan1
add bridge=bridge-local interface=ether7-slave-local
add bridge=bridge-local interface=ether8-slave-local
add bridge=bridge-local interface=ether9-slave-local
add bridge=bridge-local interface=ether10-slave-local
/ip neighbor discovery-settings
set discover-interface-list=discover
/interface list member
add interface=ether2 list=discover
add interface=ether3 list=discover
add interface=ether4 list=discover
add interface=ether5 list=discover
add interface=ether6-master-local list=discover
add interface=ether7-slave-local list=discover
add interface=ether8-slave-local list=discover
add interface=ether9-slave-local list=discover
add interface=ether10-slave-local list=discover
add interface=wlan1 list=discover
add interface=bridge-local list=discover
add interface="PIA Proxy" list=discover
add interface=ether2 list=mactel
add interface=ether2 list=mac-winbox
add interface=ether3 list=mactel
add interface=ether3 list=mac-winbox
add interface=ether4 list=mactel
add interface=ether5 list=mactel
add interface=ether4 list=mac-winbox
add interface=ether6-master-local list=mactel
add interface=ether5 list=mac-winbox
add interface=ether7-slave-local list=mactel
add interface=ether6-master-local list=mac-winbox
add interface=ether8-slave-local list=mactel
add interface=ether7-slave-local list=mac-winbox
add interface=ether9-slave-local list=mactel
add interface=ether8-slave-local list=mac-winbox
add interface=wlan1 list=mactel
add interface=ether9-slave-local list=mac-winbox
add interface=bridge-local list=mactel
add interface=wlan1 list=mac-winbox
add interface=bridge-local list=mac-winbox
/ip address
add address=192.168.88.1/24 comment="default configuration" interface=wlan1 \
    network=192.168.88.0
/ip arp
add address=192.168.88.28 interface=bridge-local mac-address=0C:47:C9:8F:5F:B1
add address=192.168.88.29 interface=bridge-local mac-address=D0:4D:2C:B4:A7:C5
add address=192.168.88.21 interface=bridge-local mac-address=40:4E:36:25:D2:B3
add address=192.168.88.10 interface=bridge-local mac-address=00:1F:BC:11:CC:83
add address=192.168.88.33 interface=bridge-local mac-address=00:0B:6A:A0:42:11
add address=192.168.88.30 interface=bridge-local mac-address=88:83:5D:B3:E8:21
add address=192.168.88.23 interface=bridge-local mac-address=FC:A1:83:A5:79:61
add address=192.168.88.27 interface=bridge-local mac-address=30:B5:C2:11:08:71
/ip dhcp-client
add comment="default configuration" disabled=no interface=ether1-gateway
/ip dhcp-server lease
add address=192.168.88.10 client-id=1:0:1f:bc:11:cc:83 mac-address=\
    00:1F:BC:11:CC:83 server=default
add address=192.168.88.12 client-id=1:34:68:95:94:a2:b5 mac-address=\
    34:68:95:94:A2:B5 server=default
add address=192.168.88.13 client-id=1:34:e6:d7:40:52:da mac-address=\
    34:E6:D7:40:52:DA server=default
add address=192.168.88.11 always-broadcast=yes client-id=1:0:1f:bc:11:cc:82 \
    mac-address=00:1F:BC:11:CC:82 server=default
add address=192.168.88.16 client-id=1:c4:e9:84:ee:6:1a mac-address=\
    C4:E9:84:EE:06:1A server=default
add address=192.168.88.21 client-id=1:40:4e:36:25:d2:b3 mac-address=\
    40:4E:36:25:D2:B3 server=default
/ip dhcp-server network
add address=192.168.88.0/24 comment="default configuration" dns-server=\
    192.168.88.1 gateway=192.168.88.1
/ip dns
set allow-remote-requests=yes servers=208.67.222.222,208.67.220.220
/ip dns static
add address=192.168.88.1 name=router
/ip firewall address-list
add address=192.168.88.21 comment="Pixel 1" disabled=yes list=VPN
add address=192.168.88.28 comment=firestick list=VPN
add address=192.168.88.29 comment="Nick's Roku" disabled=yes list=VPN
add address=192.168.88.33 comment="Nick's Android TV Box" list=VPN
add address=192.168.88.30 comment=box2 list=VPN
add address=192.168.88.10 comment="Nick's PC Netherlands" disabled=yes list=VPN
add address=192.168.88.27 comment=netbook list=VPN
/ip firewall filter
add action=drop chain=forward dst-address=199.255.40.171
add action=accept chain=input dst-address=192.168.88.1 src-address=\
    192.168.88.0/24
add action=accept chain=input comment="default configuration" protocol=icmp
add action=accept chain=input comment="default configuration" connection-state=\
    established
add action=accept chain=input comment="default configuration" connection-state=\
    related
add action=drop chain=input comment="default configuration" in-interface=\
    ether1-gateway
add action=accept chain=forward comment="default configuration" \
    connection-state=established
add action=accept chain=forward comment="default configuration" \
    connection-state=related
add action=drop chain=forward comment="default configuration" connection-state=\
    invalid
/ip firewall mangle
add action=mark-routing chain=prerouting new-routing-mark=VPN passthrough=yes \
    src-address-list=VPN
add action=mark-routing chain=prerouting new-routing-mark=VPN passthrough=yes \
    src-address-list=VPN
/ip firewall nat
add action=dst-nat chain=dstnat disabled=yes dst-address=107.134.245.93 \
    to-addresses=192.168.88.15
add action=masquerade chain=srcnat comment="default configuration" \
    out-interface=ether1-gateway
add action=masquerade chain=srcnat out-interface="PIA Proxy"
add action=masquerade chain=srcnat out-interface="PIA Proxy"
add action=redirect chain=dstnat dst-address-type=!local dst-port=53 protocol=\
    udp to-addresses=0.0.0.0 to-ports=53
add action=dst-nat chain=dstnat dst-port=5900 protocol=tcp to-addresses=\
    192.168.88.10 to-ports=5900
add action=dst-nat chain=dstnat dst-port=5900 protocol=tcp to-addresses=\
    192.168.88.30 to-ports=5900
add action=dst-nat chain=dstnat dst-port=5900 protocol=tcp to-addresses=\
    192.168.88.33 to-ports=5900
add action=dst-nat chain=dstnat dst-port=5900 protocol=tcp to-addresses=\
    192.168.88.21 to-ports=5900
/ip proxy
set cache-path=web-proxy1 parent-proxy=0.0.0.0
/ip route
add check-gateway=ping distance=1 gateway="PIA Proxy" routing-mark=VPN
add check-gateway=ping distance=1 gateway="PIA Proxy" routing-mark=VPN
/ip upnp
set allow-disable-external-interface=yes enabled=yes
/system clock
set time-zone-name=America/Chicago
/tool mac-server
set allowed-interface-list=mactel
/tool mac-server mac-winbox
set allowed-interface-list=mac-winbox
[admin@MikroTik] >