#GTX300-S 411AT HE910 #VERSION 2.2 (udpate from 07.02.2020) #RouterOS 6.45.6 /system logging action set 1 disk-file-count=3 /system logging set 0 action=memory set 1 action=disk set 2 action=disk set 3 action=memory add action=memory topics=async disabled=yes add action=memory topics=debug disabled=yes :global NUM 0; :global ALLNUM 24; :global VER [:pick [/system resource get version] 0 4]; :global MODEL [:pick [/system routerboard get model] 0 3]; :log warning "SETTINGS_START_INSTALL"; /system identity set name=GTX300-S-411AT :set $NUM ($NUM+1); :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".SET_IDENTITY"; /interface ppp-client set [ find name=ppp-out1 ] apn=internet comment="WAN" default-route-distance=1 \ dial-on-demand=no disabled=no info-channel=3 name=ppp-out1 port=usb2 :set $NUM ($NUM+1); :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".SET_PPP"; :delay 6s; /interface ethernet set [ find default-name=ether1 ] comment="LAN" :set $NUM ($NUM+1); :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".SET_LAN"; /interface list add name=WAN add name=LAN /interface list member add interface=ppp-out1 list=WAN add interface=ether1 list=LAN :set $NUM ($NUM+1) :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".ADD_LISTS" /ip firewall raw add chain=prerouting action=drop in-interface-list=WAN protocol=udp dst-port=53 :set $NUM ($NUM+1) :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".ADD_RAW_RULE" /ip firewall nat add action=masquerade chain=srcnat comment="LAN to WAN" out-interface-list=WAN :set $NUM ($NUM+1); :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".ADD_NAT"; /ip firewall filter add action=accept chain=input connection-state=established,related comment="Accept established,related on chain input" add action=drop chain=input connection-state=invalid comment="Drop invalid on chain input" add action=accept chain=input protocol=icmp comment="Accept ICMP" add action=drop chain=input in-interface-list=!LAN comment="Drop all not coming from LAN on chain input" add action=accept chain=forward connection-state=established,related comment="Accept established,related on chain forward" add action=drop chain=forward connection-state=invalid comment="Drop invalid on chain forward" add action=drop chain=forward connection-nat-state=!dstnat connection-state=new in-interface-list=WAN comment="Drop all from WAN not DSTNATed on chain forward" :set $NUM ($NUM+1); :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".ADD_FILTER_RULES"; /ip service disable api disable api-ssl disable ftp disable www-ssl set telnet address=192.168.88.0/24 :set $NUM ($NUM+1); :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".SET_SERVICES"; /ip neighbor discovery-settings set discover-interface-list=LAN :set $NUM ($NUM+1); :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".SET_DISCOVERY"; /ip dns set allow-remote-requests=yes :set $NUM ($NUM+1); :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".SET_DNS"; /ip cloud set update-time=no :set $NUM ($NUM+1); :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".DISABLE_IPCLOUD_UPD_TIME"; /system clock set time-zone-autodetect=no time-zone-name=Europe/Moscow :set $NUM ($NUM+1); :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".SET_TIME_ZONE"; /system ntp client set enabled=yes server-dns-names=\ ntp4.stratum2.ru,ntp3.stratum2.ru,ntp5.stratum1.ru,timeserver.ru :set $NUM ($NUM+1); :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".SET_NTP_CLIENT"; /system note set note="\ \n TTTTTTTT EEEEEE LL EEEEEE OOOO FFFFFF IIII SSSSS\ \n TT EE LL EE OO OO FF II SS\ \n TT EEEEEE LL EEEEEE OO OO FFFFFF II SSSSS\ \n TT EE LL EE OO OO FF II SS\ \n TT EEEEEE LLLLLL EEEEEE OOOO FF IIII SSSSS\ \n\ \n Teleofis for MikroTik RouterOS $"VER" (c) 2004-2019 http://teleofis.ru/\ \n\ \n" :set $NUM ($NUM+1); :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".SET_LOGO"; /system script add name=watchdog_script policy=reboot,read,write,test dont-require-permissions=yes \ source=":global ITERATION 0;\r\ \n:global IP1 8.8.8.8;\r\ \n:global IP2 8.8.4.4;\r\ \n:log debug \"watchdog: Start Watchdog\";\r\ \n:while (true) do={\r\ \n :if ( [ :len [ /system resource usb find ] ] < 2 ) do={\r\ \n :log error \"watchdog: Could not Find Modem Card - REBOOT\";\r\ \n :delay 5s; \r\ \n /system reboot\r\ \n :delay 1s;\r\ \n }\r\ \n :if ( [ /port find inactive=no ] != \"\" ) do={\r\ \n :global PING1 [ /ping \$IP1 count=10 ];\r\ \n :if (\$PING1>5) do={\r\ \n :log info \"watchdog: Ping 1 Watchdog - OK\";\r\ \n :quit;\r\ \n }\r\ \n :global PING2 [ /ping \$IP2 count=10 ];\r\ \n :if (\$PING2>5) do={\r\ \n :log info \"watchdog: Ping 2 Watchdog - OK\";\r\ \n :quit;\r\ \n }\r\ \n :if (\$ITERATION<3) do={\r\ \n :log warning \"watchdog: Could not Ping - RECONNECT\";\r\ \n /interface ppp-client disable ppp-out1\r\ \n :delay 5s;\r\ \n /interface ppp-client enable ppp-out1\r\ \n :set \$ITERATION (\$ITERATION+1);\r\ \n :delay 30s;\r\ \n } else={\r\ \n :log error \"watchdog: Could not Ping - REBOOT\";\r\ \n /system reboot\r\ \n :delay 1s;\r\ \n }\r\ \n } else={\r\ \n :log error \"watchdog: Could not Find Port - REBOOT\";\r\ \n /system reboot\r\ \n :delay 1s;\r\ \n }\r\ \n}" :set $NUM ($NUM+1); :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".ADD_WATCHDOG"; /system scheduler add disabled=no interval=5m name=watchdog on-event="watchdog_script" policy=reboot,read,write,test \ start-time=startup :set $NUM ($NUM+1); :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".RUN_WATCHDOG"; :global LEDSTATUS [/system leds find disabled=no]; :if ($LEDSTATUS != "") do={ /system leds set 0 interface=ether1 leds=user-led type=interface-transmit add interface=ppp-out1 leds=led1,led2,led3,led4,led5 modem-signal-treshold=-105 type=modem-signal } else={ /system leds add interface=ether1 type=interface-transmit leds=user-led add interface=ppp-out1 leds=led1,led2,led3,led4,led5 modem-signal-treshold=-105 type=modem-signal } :set $NUM ($NUM+1); :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".SET_LED"; /ip pool add name=dhcp-pool1 ranges=192.168.88.10-192.168.88.250 :set $NUM ($NUM+1); :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".ADD_DHCP-POOL"; /ip address add address=192.168.88.1/24 comment="LAN" interface=ether1 network=192.168.88.0 :set $NUM ($NUM+1); :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".SET_ADDRESS"; /ip dhcp-server network add address=192.168.88.0/24 comment="LAN" dns-server=192.168.88.1 \ gateway=192.168.88.1 netmask=24 :set $NUM ($NUM+1); :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".SET_DHCP_SERVER_NET"; /ip dhcp-server add add-arp=yes address-pool=dhcp-pool1 bootp-lease-time=lease-time \ bootp-support=dynamic disabled=no interface=ether1 lease-time=3d name=\ dhcp-server1 :set $NUM ($NUM+1); :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".SET_DHCP_SERVER"; /tool mac-server set allowed-interface-list=LAN :set $NUM ($NUM+1); :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".SET_MAC_SERVER"; /system backup save name="factory_gtx300s_$"MODEL"at_$"VER"" :set $NUM ($NUM+1); :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".ADD_BACKUP"; /system routerboard upgrade :set $NUM ($NUM+1); :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".UPGRADE_ROUTERBOARD"; /system note set show-at-login=no /file remove [ find type="directory" ] /file remove [ find type="package" ] /file remove [ find type=".fwf file" ] /file remove [ find type=".rif file" ] /file remove [ find type="web-proxy store" ] /system package disable [ find name=wireless ] /system package disable [ find name=wireless-fp ] /system package disable [ find name=wireless-cm2 ] :log warning "SETTINGS_INSTALL_END"; :log warning "REBOOT"; /system reboot