lf3/server-conf
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
server-conf/router.nix
jopejoe1 0e56405038 format
2024-05-01 10:40:26 +02:00

221 lines
4.6 KiB
Nix
Raw Blame History

{
"/interface bridge" = [
{
auto-mac = "no";
comment = "defconf";
name = "bridge";
}
];
"/interface list" = [
{
comment = "defconf";
name = "WAN";
}
{
comment = "defconf";
name = "LAN";
}
];
"/interface wireless security-profiles" = [
{
find.default = "yes";
supplicant-identity = "MikroTik";
}
];
"/ip pool" = [
{
name = "default-dhcp";
ranges = "192.168.88.10-192.168.88.254";
}
];
"/ip dhcp-server" = [
{
address-pool = "default-dhcp";
disabled = "no";
interface = "bridge";
name = "defconf";
}
];
"/interface bridge port" = [
{
bridge = "bridge";
comment = "defconf";
interface = "ether2";
}
{
bridge = "bridge";
comment = "defconf";
interface = "ether3";
}
{
bridge = "bridge";
comment = "defconf";
interface = "ether4";
}
{
bridge = "bridge";
comment = "defconf";
interface = "ether5";
}
];
"/ip neighbor discovery-settings" = {
discover-interface-list = "LAN";
};
"/interface ethernet switch vlan" = [
{
"independent-learning" = "no";
ports = "ether2,ether3";
switch = "switch1";
"vlan-id" = "20";
}
{
"independent-learning" = "no";
ports = "ether4";
switch = "switch1";
"vlan-id" = "30";
}
{
"independent-learning" = "no";
ports = "ether5";
switch = "switch1";
"vlan-id" = "40";
}
];
"/interface list member" = [
{
comment = "defconf";
interface = "bridge";
list = "LAN";
}
{
comment = "defconf";
interface = "ether1";
list = "WAN";
}
];
"/ip address" = [
{
address = "192.168.88.1/24";
comment = "defconf";
interface = "bridge";
network = "192.168.88.0";
}
];
"/ip dhcp-client" = [
{
comment = "defconf";
"dhcp-options" = "hostname,clientid";
disabled = "no";
interface = "ether1";
}
];
"/ip dhcp-server lease" = [
{
address = "192.168.88.253";
"allow-dual-stack-queue" = "no";
"mac-address" = "D8:3A:DD:28:1D:3B";
}
];
"/ip dhcp-server network" = [
{
address = "192.168.88.0/24";
comment = "defconf";
gateway = "192.168.88.1";
}
];
"/ip dns" = {
"allow-remote-requests" = "yes";
servers = "192.168.88.253";
};
"/ip dns static" = [
{
address = "192.168.88.1";
name = "router.lan";
}
];
"/ip firewall filter" = [
{
action = "accept";
chain = "input";
comment = "defconf: accept established,related,untracked";
"connection-state" = "established,related,untracked";
}
{
action = "drop";
chain = "input";
comment = "defconf: drop invalid";
"connection-state" = "invalid";
}
{
action = "accept";
chain = "input";
comment = "defconf: accept ICMP";
protocol = "icmp";
}
{
action = "drop";
chain = "input";
comment = "defconf: drop all not coming from LAN";
"in-interface-list" = "!LAN";
}
{
action = "accept";
chain = "forward";
comment = "defconf: accept in ipsec policy";
"ipsec-policy" = "in,ipsec";
}
{
action = "accept";
chain = "forward";
comment = "defconf: accept out ipsec policy";
"ipsec-policy" = "out,ipsec";
}
{
action = "fasttrack-connection";
chain = "forward";
comment = "defconf: fasttrack";
"connection-state" = "established,related";
}
{
action = "accept";
chain = "forward";
comment = "defconf: accept established,related, untracked";
"connection-state" = "established,related,untracked";
}
{
action = "drop";
chain = "forward";
comment = "defconf: drop invalid";
"connection-state" = "invalid";
}
{
action = "drop";
chain = "forward";
comment = "defconf: drop all from WAN not DSTNATed";
"connection-nat-state" = "!dstnat";
"connection-state" = "new";
"in-interface-list" = "WAN";
}
];
"/ip firewall nat" = [
{
action = "masquerade";
chain = "srcnat";
comment = "defconf: masquerade";
"ipsec-policy" = "out,none";
"out-interface-list" = "WAN";
}
];
"/system clock" = {
"time-zone-name" = "Europe/Berlin";
};
"/system routerboard settings" = {
"silent-boot" = "no";
};
"/tool mac-server" = {
"allowed-interface-list" = "LAN";
};
"/tool mac-server mac-winbox" = {
"allowed-interface-list" = "LAN";
};
}
Reference in a new issue View git blame Copy permalink