{
  # Resret router with /system reset-configuration keep-users no-defaults run-after-reset=router-config.rsc
  "/interface bridge" = [
    {
      auto-mac = "no";
      comment = "defconf";
      name = "bridge";
    }
    { name = "wifi"; }
  ];
  "/interface list" = [
    { name = "WAN"; }
    { name = "LAN"; }
  ];
  "/ip pool" = [
    {
      name = "wired-pool";
      ranges = "10.10.10.10-10.10.10.254";
    }
    {
      name = "wifi-pool";
      ranges = "10.10.11.10-10.10.11.254";
    }
  ];
  "/ip dhcp-server" = [
    {
      address-pool = "wired-pool";
      disabled = "no";
      interface = "bridge";
      name = "wired-dhcp";
    }
    {
      address-pool = "wifi-pool";
      disabled = "no";
      interface = "wifi";
      name = "wifi-dhcp";
    }
  ];
  "/interface bridge port" = [
    {
      bridge = "bridge";
      interface = "ether2";
    }
    {
      bridge = "bridge";
      interface = "ether3";
    }
    {
      bridge = "bridge";
      interface = "ether4";
    }
    {
      bridge = "wifi";
      interface = "ether5";
    }
    {
      bridge = "bridge";
      interface = "sfp1";
    }
  ];
  "/ip neighbor discovery-settings" = {
    discover-interface-list = "LAN";
  };
  "/interface list member" = [
    {
      interface = "bridge";
      list = "LAN";
    }
    {
      interface = "ether1";
      list = "WAN";
    }
  ];
  "/ip address" = [
    {
      address = "10.10.10.1/24";
      interface = "bridge";
      network = "10.10.10.0";
    }
    {
      address = "10.10.11.1/24";
      interface = "wifi";
      network = "10.10.11.0";
    }
  ];
  "/ip dhcp-client" = [
    {
      disabled = "no";
      interface = "ether1";
    }
  ];
  "/ip dhcp-server network" = [
    {
      address = "10.10.10.0/24";
      gateway = "10.10.10.1";
      netmask = "24";
    }
    {
      address = "10.10.11.0/24";
      gateway = "10.10.11.1";
      netmask = "24";
    }
  ];
  "/ip dns" = {
    no_label = {
      allow-remote-requests = "yes";
      servers = "1.1.1.1,1.0.0.1";
    };
  };
  "/ip dns static" = [
    {
      address = "192.168.88.1";
      name = "router.lan";
    }
  ];
  "/ip firewall address-list" = [
    {
      address = "10.10.10.10-10.10.10.10.254";
      list = "allowed_to_router";
    }
  ];
  "/ip firewall filter" = [
    {
      action = "accept";
      chain = "input";
      src-address-list = "allowed_to_router";
    }
    {
      action = "accept";
      chain = "input";
      protocol = "icmp";
    }
  ];
  "/ip firewall nat" = [
    {
      action = "masquerade";
      chain = "srcnat";
      comment = "defconf: masquerade";
      "ipsec-policy" = "out,none";
      "out-interface-list" = "WAN";
    }
  ];
  "/system clock" = {
    "time-zone-name" = "Europe/Berlin";
  };
  "/system routerboard settings" = {
    "silent-boot" = "no";
  };
  "/tool mac-server" = {
    "allowed-interface-list" = "LAN";
  };
  "/tool mac-server mac-winbox" = {
    "allowed-interface-list" = "LAN";
  };
}