Rozdíly

Zde můžete vidět rozdíly mezi vybranou verzí a aktuální verzí dané stránky.

--- routerboard [02.01.2015 11:16]
mtalma [skripty]
+++ routerboard [13.03.2020 18:43] (aktuální)
@@ Řádek 2: / Řádek 2: @@
 ====== Routerboard ======
-  *[[http://wiki.mikrotik.com/wiki/License_levels|LEVELS - porovnání]]
+  *[[http://wiki.mikrotik.com/index.php?title=Manual:License&redirect=no#License_Levels|LEVELS - porovnání]]
   *[[http://wiki.hkfree.org/Routerboard|HKfree Routerboard]]
   *[[http://www.mikrotik.com/testdocs/ros/3.0/refman3.0.pdf|PDF dokumentace]]
@@ Řádek 48: / Řádek 48: @@
 <code>
 /ip firewall nat add action=masquerade chain=srcnat comment="" disabled=no out-interface=ether1
+</code>
+<code>
+################
+## VPN L2TP/PPTP
+################
+/ip firewall nat
+add action=dst-nat chain=dstnat comment="FWD -> SBS (PPTP)" dst-port=1723 in-interface=ether6-internet protocol=tcp to-addresses=192.168.1.5
+add action=dst-nat chain=dstnat in-interface=ether6-internet protocol=gre to-addresses=192.168.1.5
+add action=dst-nat chain=dstnat comment="FWD -> SBS (L2TP IpSEC)" dst-port=500,1701,4500 in-interface=ether6-internet protocol=udp to-addresses=192.168.1.5
+add action=dst-nat chain=dstnat in-interface=ether6-internet protocol=ipsec-esp to-addresses=192.168.1.5
 </code>
@@ Řádek 215: / Řádek 227: @@
 /export file=backup
 </code>
+  *dynamická změna IP ve skupině<code>
+/system scheduler
+add interval=2h name=dynamic_ACL_Admin on-event="/ip firewall address-list add\
+    \_address=[:resolve cl.talman.cz] list=Admin_IP timeout=\"7d 00:00:00\"\r\
+    \n/ip firewall address-list add address=[:resolve mail.nevole.com] list=Ad\
+    min_IP timeout=\"7d 00:00:00\"" policy=\
+    ftp,reboot,read,write,policy,test,password,sensitive start-date=\
+    sep/08/2015 start-time=00:00:00</code>
   *pokud není ping, provede se reset konfigurace a po spuštění se naleje backup.rsc<code>
-:if ([/ping 86.63.200.74 count=5] = 0) do={ /system reset-configuration keep-users=yes run-after-reset=backup.rsc   }
+:if ([/ping 86.63.200.74 count=5] = 0) do={ /system reset-configuration keep-users=yes no-defaults=yes run-after-reset=backup.rsc   }
 </code>
   *poslání zálohy na mail<code>
-add interval=1w name=send_config on-event=":local emailTo \"mtalman@datron.cz\"\r\
+:local emailFrom "<asd@asda.cz>"
-    \n:local emailFrom \"<gym@gym-cl.cz>\"\r\
+:local emailTo "<asd@asdasd>"
-    \n:local smtp \"172.16.10.49\"\r\
+:local smtp "mailserver"
-    \n\r\
-    \n/system backup save name=backup.backup dont-encrypt=yes\r\
+# set mailserver
-    \n/export file=backup\r\
+/tool e-mail set address=$smtp
-    \n:delay 10s\r\
-    \n/tool e-mail send to=\$emailTo subject=(\"Mikrotik: \" . [/system identity get name] ) file=backup.\
+# start backup
-    backup server=\$smtp from=\$emailFrom\r\
+/system backup save name=backup.backup password=[/system identity get name]
-    \n/tool e-mail send to=\$emailTo subject=(\"Mikrotik: \" . [/system identity get name] ) file=backup.\
+/export file=backup
-    rsc server=\$smtp from=\$emailFrom\r\
-    \n:delay 10s\r\
+:delay 10s
-    \n/file remove backup.backup\r\
+/tool e-mail send to=$emailTo subject=("Mikrotik: " . [/system identity get name] ) file=backup.backup from=$emailFrom
-    \n/file remove backup.rsc" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive \
+/tool e-mail send to=$emailTo subject=("Mikrotik: " . [/system identity get name] ) file=backup.rsc from=$emailFrom
-    start-date=aug/22/2011 start-time=00:01:00
+:delay 10s
+/file remove backup.backup
+/file remove backup.rsc
  </code>
@@ Řádek 241: / Řádek 265: @@
   /tool e-mail send to="mtalman@datron.cz" subject=("Mikrotik: " . [/system identity get name] . " - restarted") server=212.158.133.141 from=<mikrotik@gym-cl.cz> body=([/ip address get number=4 value-name=address])
 </code>
+  *Facebook IP<code>
+/ip firewall address-list
+add address=92.240.179.149 list=Facebook
+add address=31.13.24.0/21 list=Facebook
+add address=31.13.64.0/18 list=Facebook
+add address=31.13.64.0/19 list=Facebook
+add address=31.13.64.0/24 list=Facebook
+add address=31.13.65.0/24 list=Facebook
+add address=31.13.66.0/24 list=Facebook
+add address=31.13.70.0/24 list=Facebook
+add address=31.13.71.0/24 list=Facebook
+add address=31.13.72.0/24 list=Facebook
+add address=31.13.73.0/24 list=Facebook
+add address=31.13.74.0/24 list=Facebook
+add address=31.13.75.0/24 list=Facebook
+add address=31.13.76.0/24 list=Facebook
+add address=31.13.77.0/24 list=Facebook
+add address=31.13.79.0/24 list=Facebook
+add address=31.13.82.0/24 list=Facebook
+add address=31.13.83.0/24 list=Facebook
+add address=31.13.84.0/24 list=Facebook
+add address=31.13.85.0/24 list=Facebook
+add address=31.13.86.0/24 list=Facebook
+add address=31.13.90.0/24 list=Facebook
+add address=31.13.91.0/24 list=Facebook
+add address=31.13.93.0/24 list=Facebook
+add address=31.13.95.0/24 list=Facebook
+add address=31.13.96.0/19 list=Facebook
+add address=66.220.144.0/20 list=Facebook
+add address=66.220.144.0/21 list=Facebook
+add address=66.220.152.0/21 list=Facebook
+add address=69.63.176.0/20 list=Facebook
+add address=69.63.176.0/21 list=Facebook
+add address=69.63.184.0/21 list=Facebook
+add address=69.171.224.0/19 list=Facebook
+add address=69.171.224.0/20 list=Facebook
+add address=69.171.239.0/24 list=Facebook
+add address=69.171.240.0/20 list=Facebook
+add address=69.171.255.0/24 list=Facebook
+add address=74.119.76.0/22 list=Facebook
+add address=103.4.96.0/22 list=Facebook
+add address=173.252.64.0/19 list=Facebook
+add address=173.252.96.0/19 list=Facebook
+add address=179.60.192.0/22 list=Facebook
+add address=179.60.192.0/24 list=Facebook
+add address=179.60.193.0/24 list=Facebook
+add address=204.15.20.0/22 list=Facebook
+</code>
+=== export konfigurace na mail ===
+<code>
+# v6 and higher
+:local emailTo "mail@from.cz";
+:local emailFrom "rb493g@domain.com";
+:local smtp "85.207.44.1";
+/export compact file=export
+/tool e-mail send to="$emailTo" subject=("Mikrotik: " . [/system identity get name] ) file=export.rsc server=$smtp from=$emailFrom
+</code>
+=== resolve Eset ===
+<code>
+:local listname Eset
+:local list {
+"um01.eset.com";"um02.eset.com";"um03.eset.com";"um04.eset.com";"um05.eset.com";"um06.eset.com";"um07.eset.com";"um08.eset.com";"um09.eset.com";
+"um10.eset.com";"um11.eset.com";"um13.eset.com";"um21.eset.com";"um23.eset.com";"um01.ru.eset.com";"um01.cn.eset.com";"um10.za.eset.com";
+"register.eset.com";"h1-weblb01-v.eset.com";"h3-weblb01-v.eset.com";"edf.eset.com";"edfpcs.trafficmanager.net";"edf-pcs.cloudapp.net";"edf-pcs2.cloudapp.net"
+};
+:foreach name in=$list do={
+:do {
+  /ip firewall address-list add address=[:resolve $name] list="$listname" comment="$name" timeout="1d 00:00:00"
+} on-error={ :log info "resolver failed - $name allready in list"};
+};
+</code>
+=== access list by IP Country ===
+<code>
+/system scheduler
+add interval=1d name="address lists CZ" on-event="/tool fetch url=http://www.iwik.org/ipcountry/mikrotik/CZ\r\
+    \n/import file-name=CZ" policy=read,write,test start-time=startup
+</code>