# routerboard: yes # model: CCR2004-1G-12S+2XS # serial-number: D4F00E6CE42C # firmware-type: al64 # factory-firmware: 6.48.1 # current-firmware: 7.19.4 # upgrade-firmware: 7.19.4 # # channel: stable # installed-version: 7.19.4 # status: finding out latest version... # # Flags: U - UNDOABLE # Columns: ACTION, BY, POLICY, TIME # ACTION BY POLICY TIME # U address removed marcos write 2025-09-30 12:06:17 # U address added marcos write 2025-09-30 12:02:57 # U bridge port added marcos write 2025-09-26 11:15:59 # U bridge port added marcos write 2025-09-26 11:15:48 # U device added marcos write 2025-09-26 11:15:34 # U device changed marcos write 2025-09-26 11:14:17 # U device added marcos write 2025-09-26 11:13:25 # U device added marcos write 2025-09-26 11:12:56 # U bridge port added marcos write 2025-09-16 10:36:28 # U bridge port removed marcos write 2025-09-16 10:36:17 # U device changed marcos write 2025-09-16 10:35:34 # U device added marcos write 2025-09-16 10:35:20 # U device removed marcos write 2025-09-15 20:54:51 # U dhcp lease removed marcos write 2025-09-15 20:54:40 # U bridge port added marcos write 2025-09-15 19:44:30 # U device changed marcos write 2025-09-15 19:40:58 # U device added marcos write 2025-09-15 19:40:25 # U dhcp lease changed andres write 2025-09-12 19:58:36 # U pool pool_NETVIDEO changed marcos write 2025-09-08 14:01:28 # U dhcp lease removed marcos write 2025-09-08 13:56:59 # U pool pool_NETVIDEO changed marcos write 2025-09-08 13:56:51 # U address list entry changed marcos write 2025-08-29 18:31:43 # # 2025-10-01 10:09:37 by RouterOS 7.19.4 # software id = K4LT-8NV9 # # model = CCR2004-1G-12S+2XS # serial number = D4F00E6CE42C /interface bridge add fast-forward=no igmp-snooping=yes igmp-version=3 mld-version=2 multicast-querier=yes name=bridge_LAN add fast-forward=no igmp-snooping=yes igmp-version=3 mld-version=2 multicast-querier=yes name=bridge_vlan99 add name=bridge_vlan1002 add name=bridge_vlan1004 add name=bridge_vlan1008 /interface ethernet set [ find default-name=ether1 ] comment="MGMT - UNTAGGED VLAN99" set [ find default-name=sfp28-1 ] auto-negotiation=no comment=TRUNK_MAIN speed=10G-baseT set [ find default-name=sfp28-2 ] auto-negotiation=no comment="TRUNK_NETVIDEO+IPTV (SERVIDORES)" speed=10G-baseT /interface vlan add interface=sfp28-1 name=vlan99 vlan-id=99 add comment="TRAFICO RED_NOC" interface=sfp28-1 name=vlan1002 vlan-id=1002 add comment="TRAFICO EXTERNO" interface=sfp28-1 name=vlan1004 vlan-id=1004 add comment="TRAFICO INTERNO" interface=sfp28-1 name=vlan1005 vlan-id=1005 add comment="Servicio HOSTING/HOUSING" interface=sfp28-1 name=vlan1008 vlan-id=1008 add interface=sfp28-2 name=vlan1010 vlan-id=1010 add comment=Camaras interface=sfp28-1 name=vlan1020 vlan-id=1020 add interface=sfp28-2 name=vlan_99 vlan-id=99 add comment="TRAFICO RED_NOC" interface=sfp28-2 name=vlan_1002 vlan-id=1002 add comment="PUBLICA ISPCube" interface=sfp28-2 name=vlan_1004 vlan-id=1004 add comment="Servicio HOSTING/HOUSING" interface=sfp28-2 name=vlan_1008 vlan-id=1008 /interface list add name=MGMT /ip pool add name=pool_NETVIDEO ranges=10.1.0.5-10.1.0.62,10.1.0.65-10.1.0.126 /ip dhcp-server add address-pool=pool_NETVIDEO interface=bridge_LAN name=server_NETVIDEO /port set 0 name=serial0 /routing id add disabled=no id=10.255.255.10 name=ospf_id select-dynamic-id="" /routing ospf instance add disabled=no name=ospf-backbone_v2 router-id=ospf_id add disabled=yes name=insta_netvideo_v2 router-id=ospf_id /routing ospf area add disabled=yes instance=insta_netvideo_v2 name=ospf_netvideo_v2 add disabled=no instance=ospf-backbone_v2 name=ospf-area-backbone_v2 /snmp community add addresses=192.168.200.253/32,192.168.200.155/32 authentication-protocol=SHA1 encryption-protocol=AES name=pnet /system logging action add disk-file-count=5 disk-file-name=Critical name=CriticalLogs target=disk add disk-file-count=5 disk-file-name=Error name=ErrorLogs target=disk add disk-file-count=5 disk-file-name=Info name=InfoLogs target=disk add disk-file-count=5 disk-file-name=Interfaces name=InterfacesLogs target=disk add disk-file-count=5 disk-file-name=Warning name=WarningLogs target=disk add name=DudeLogs remote=192.168.200.253 remote-log-format=syslog syslog-facility=local6 target=remote add name=GrafanaLogs remote=192.168.200.168 remote-log-format=syslog src-address=10.99.0.5 target=remote add name=GrafanaLogsAlert remote=192.168.200.168 remote-log-format=syslog src-address=10.99.0.5 syslog-facility=local1 syslog-severity=alert target=remote add name=GrafanaLogsInfo remote=192.168.200.168 remote-log-format=syslog src-address=10.99.0.5 syslog-facility=local1 syslog-severity=info target=remote add disk-file-count=5 disk-file-name=OSPF name=OSPFLogs target=disk add disk-file-count=5 disk-file-name=DHCP name=DHCPLogs target=disk add disk-file-count=5 disk-file-name=Mails name=MailsLogs target=disk /user group add name=dude policy="local,reboot,read,write,test,winbox,web,!telnet,!ssh,!ftp,!policy,!password,!sniff,!sensitive,!api,!romon,!rest-api" add name=oxidized policy="ssh,read,!local,!telnet,!ftp,!reboot,!write,!policy,!test,!winbox,!password,!web,!sniff,!sensitive,!api,!romon,!rest-api" /interface bridge port add bridge=bridge_vlan99 interface=ether1 add bridge=bridge_vlan99 interface=vlan99 add bridge=bridge_vlan99 interface=vlan_99 add bridge=bridge_LAN interface=vlan1010 add bridge=bridge_vlan1004 interface=vlan_1004 add bridge=bridge_vlan1004 interface=vlan1004 add bridge=bridge_vlan1002 interface=vlan1002 add bridge=bridge_vlan1002 interface=vlan_1002 add bridge=bridge_LAN interface=vlan1020 add bridge=bridge_vlan1008 interface=vlan1008 add bridge=bridge_vlan1008 interface=vlan_1008 /ip neighbor discovery-settings set discover-interface-list=MGMT /ipv6 settings set disable-ipv6=yes /interface list member add interface=bridge_vlan99 list=MGMT /interface ovpn-server server add mac-address=FE:6A:E1:56:74:52 name=ovpn-server1 /ip address add address=10.99.0.76/24 comment=MGMT interface=bridge_vlan99 network=10.99.0.0 add address=10.1.0.1/24 interface=bridge_LAN network=10.1.0.0 add address=10.1.1.1/24 interface=vlan1005 network=10.1.1.0 add address=168.197.196.102/29 interface=bridge_vlan1004 network=168.197.196.96 add address=168.197.196.98 interface=bridge_vlan1004 network=168.197.196.98 add address=10.255.255.10 interface=lo network=10.255.255.10 add address=168.197.196.100 comment="USADA POR ISPCUBE" disabled=yes interface=bridge_vlan1004 network=168.197.196.100 add address=168.197.196.99 disabled=yes interface=bridge_vlan1004 network=168.197.196.99 add address=168.197.196.101 interface=bridge_vlan1004 network=168.197.196.101 /ip dhcp-server lease add address=10.1.0.24 client-id=1:0:13:14:2:18:f5 comment=Encoder_5 mac-address=00:13:14:02:18:F5 server=server_NETVIDEO add address=10.1.0.21 client-id=1:0:13:14:2:1a:28 comment=Encoder_4 mac-address=00:13:14:02:1A:28 server=server_NETVIDEO add address=10.1.0.27 comment="NetVideo1- Cable 1" mac-address=18:C0:4D:6B:81:16 server=server_NETVIDEO add address=10.1.0.22 comment=Deco_1 mac-address=00:1E:2A:37:D1:B8 server=server_NETVIDEO add address=10.1.0.26 client-id=1:0:0:23:34:45:66 comment=Encoder_1 mac-address=00:00:23:34:45:66 server=server_NETVIDEO add address=10.1.0.25 comment=Deco_4 mac-address=00:1E:5B:37:59:F4 server=server_NETVIDEO add address=10.1.0.7 comment="NetVideo1- Cable 2" mac-address=A8:A1:59:DD:44:00 server=server_NETVIDEO add address=10.1.0.30 client-id=ff:33:1b:d3:bb:0:2:0:0:ab:11:1c:ba:88:b8:49:65:69:f4 comment=IPTV mac-address=6C:B3:11:56:5B:59 server=server_NETVIDEO add address=10.1.0.28 client-id=1:0:13:14:1:74:29 comment=Encoder_2 mac-address=00:13:14:01:74:29 server=server_NETVIDEO add address=10.1.0.18 client-id=1:64:db:8b:81:7b:47 comment=DVR mac-address=64:DB:8B:81:7B:47 server=server_NETVIDEO add address=10.1.0.16 client-id=1:10:12:fb:54:9c:56 comment="Camara 2" mac-address=10:12:FB:54:9C:56 server=server_NETVIDEO add address=10.1.0.62 client-id=1:8:54:11:9d:ed:15 comment="Camara 1" mac-address=08:54:11:9D:ED:15 server=server_NETVIDEO add address=10.1.0.8 client-id=1:bc:5e:33:72:29:1d comment="Camara 3" mac-address=BC:5E:33:72:29:1D server=server_NETVIDEO add address=10.1.0.48 mac-address=C0:25:E9:A8:99:4C server=server_NETVIDEO add address=10.1.0.56 mac-address=C4:71:54:5B:75:78 server=server_NETVIDEO add address=10.1.0.20 client-id=1:0:13:14:2:1b:f5 comment=Encoder_3 mac-address=00:13:14:02:1B:F5 server=server_NETVIDEO add address=10.1.0.15 client-id=1:10:12:fb:54:9c:43 comment="Camra Emilio" mac-address=10:12:FB:54:9C:43 server=server_NETVIDEO add address=10.1.0.53 mac-address=68:FF:7B:D5:7F:FB server=server_NETVIDEO add address=10.1.0.60 client-id=1:24:32:ae:a9:89:a7 comment="Camara Sala2" mac-address=24:32:AE:A9:89:A7 server=server_NETVIDEO add address=10.1.0.17 mac-address=AC:15:18:CA:EB:64 server=server_NETVIDEO add address=10.1.0.125 comment="Sala 2" mac-address=F4:F2:6D:DF:E0:89 server=server_NETVIDEO /ip dhcp-server network add address=10.1.0.0/24 comment="RED NETVIDEO" dns-server=185.180.9.62 gateway=10.1.0.1 /ip dns set allow-remote-requests=yes servers=1.1.1.1,8.8.8.8 /ip firewall address-list add address=181.191.140.0/24 comment="Pedro Jara" list=lista-iptv add address=128.201.22.0/24 comment="Javier Orlandi" list=lista-iptv add address=201.190.184.0/23 comment=TRR-Super list=lista-iptv add address=186.182.9.0/24 comment=TRR-Claro list=lista-iptv add address=181.1.22.194 comment=Marcos list=lista-iptv add address=170.51.254.176 comment="Antonella Pozzi" list=lista-iptv add address=138.117.17.218 comment="Fabian Condori" list=lista-iptv add address=45.189.216.0/22 comment="Lucas Baile" list=lista-iptv add address=181.80.20.130 comment="estadio malvinas para daniel" list=lista-iptv add address=84.126.225.141 comment="Flavio Cappellani Vodafone" list=lista-iptv add address=177.22.254.14 comment="Tula Lucas APINET" list=lista-iptv add address=186.0.241.2 comment="Andres Amigo Emilio" list=lista-iptv add address=190.15.192.0/19 comment="Kislak / Quiroga Pablo" list=lista-iptv add address=190.15.203.89 comment="Nestor Caliri" list=lista-iptv add address=191.81.239.22 comment="Kevin Pastran" list=lista-iptv add address=168.197.196.44/30 comment="Ciber Cafe - SR" list=lista-iptv add address=201.190.128.0/17 comment="Mestre Nestor - Arlink" list=lista-iptv add address=168.197.196.70 comment="Roberto Gonzalez - Nodo_R50" list=lista-iptv add address=186.122.0.0/16 comment="Emilio Guaymallen" list=lista-iptv add address=190.3.83.85 comment=Marcos-2 list=lista-iptv add list=ddos-attackers add list=ddos-targets add address=152.170.0.0/16 comment="Joni Amigo Emi" list=lista-iptv add address=138.117.17.156 comment="Agustin fernandez" list=lista-iptv add address=181.81.245.162 comment="estadio malvinas para daniel" list=lista-iptv add address=186.157.164.74 list="Marcos 3" add address=181.116.60.128 comment="Julieta pozzi" list=lista-iptv add address=168.197.196.0/22 comment="Toda nuestra red" list=lista-iptv add address=168.197.196.158 comment=Lemos list=lista-iptv add address=45.171.36.0/22 comment="Gerardo Gutierrez" list=lista-iptv add address=168.205.120.0/22 comment="Gerardo Gutierrez" list=lista-iptv /ip firewall filter add action=fasttrack-connection chain=forward comment="default configuration " connection-state=established,related hw-offload=yes add action=accept chain=forward comment="accept established and related connections" connection-state=established,related add action=drop chain=input comment="Drop escaneadores de puertos" src-address=!192.168.200.253 src-address-list="port scanners" add action=add-src-to-address-list address-list="port scanners" address-list-timeout=4w2d chain=input comment="------Escaneadores de puertos" protocol=tcp psd=10,3s,3,1 add action=add-src-to-address-list address-list="port scanners" address-list-timeout=4w2d chain=input comment="------NMAP FIN Stealth scan" protocol=tcp tcp-flags=fin,!syn,!rst,!psh,!ack,!urg add action=add-src-to-address-list address-list="port scanners" address-list-timeout=4w2d chain=input comment="------SYN/FIN scan" protocol=tcp tcp-flags=fin,syn add action=add-src-to-address-list address-list="port scanners" address-list-timeout=4w2d chain=input comment="------SYN/RST scan" protocol=tcp tcp-flags=syn,rst add action=add-src-to-address-list address-list="port scanners" address-list-timeout=4w2d chain=input comment="------FIN/PSH/URG scan" protocol=tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack add action=add-src-to-address-list address-list="port scanners" address-list-timeout=4w2d chain=input comment="------ALL/ALL scan" protocol=tcp tcp-flags=fin,syn,rst,psh,ack,urg add action=add-src-to-address-list address-list="port scanners" address-list-timeout=4w2d chain=input comment="------NMAP NULL scan" protocol=tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg add action=accept chain=input comment="Echo request - Evitar Ping Flood" disabled=yes icmp-options=8:0 limit=1,5:packet protocol=icmp add action=accept chain=input comment="Echo reply" disabled=yes icmp-options=0:0 protocol=icmp add action=drop chain=input comment="Drop ICMP" disabled=yes protocol=icmp add action=return chain=detect-ddos comment="Protection against DDoS" dst-limit=32,32,src-and-dst-addresses/10s add action=add-dst-to-address-list address-list=ddos-targets address-list-timeout=10m chain=detect-ddos add action=add-src-to-address-list address-list=ddos-attackers address-list-timeout=10m chain=detect-ddos add action=drop chain=input comment="Drop to DOS UDP attack list" src-address=!192.168.200.155 src-address-list="DOS attack UDP" add action=add-src-to-address-list address-list="DOS attack UDP" address-list-timeout=2w1d chain=input comment="------Add DOS UDP attack src IP to the list" connection-limit=100,32 protocol=udp src-address-list="!local address" add action=accept chain=input comment="Allow Established/Related/Untracked connections" connection-state=established,related,untracked add action=drop chain=input comment="Drop invalid connections" connection-state=invalid add action=accept chain=input comment="Allow ICMP" protocol=icmp add action=accept chain=input comment="Allow OSPF" in-interface=bridge_vlan99 protocol=ospf add action=accept chain=input in-interface=vlan1005 protocol=ospf add action=accept chain=input comment="Allow DNS" dst-port=53 protocol=udp add action=accept chain=input comment="Allow DHCP" dst-port=67 in-interface=bridge_LAN protocol=udp add action=accept chain=input comment="Allow SNMP" dst-port=161,162 in-interface=bridge_vlan99 protocol=udp add action=accept chain=input comment="Allow UDP" disabled=yes protocol=udp add action=accept chain=input comment=Oxidized dst-port=22 in-interface=bridge_vlan99 protocol=tcp add action=accept chain=input comment="Bandwidth Test" dst-port=2000 in-interface=bridge_vlan99 protocol=tcp add action=accept chain=input comment=WINBOX dst-port=8291 protocol=tcp add action=drop chain=input comment="Drop everything else" /ip firewall nat add action=dst-nat chain=dstnat comment="DNAT NetVideo - Pub" dst-address=168.197.196.98 dst-port=80 in-interface=bridge_vlan1004 protocol=tcp to-addresses=10.1.0.27 to-ports=80 add action=dst-nat chain=dstnat comment="SSH IP Tv " dst-address=168.197.196.98 dst-port=225 in-interface=bridge_vlan1004 protocol=tcp to-addresses=10.1.0.30 to-ports=22 add action=dst-nat chain=dstnat comment="TV HeadEnd" dst-address=168.197.196.98 dst-port=9981 in-interface=bridge_vlan1004 protocol=tcp to-addresses=10.1.0.30 to-ports=9981 add action=dst-nat chain=dstnat comment="TV HeadEnd - Lucas Baile" dst-address=168.197.196.98 dst-port=82 in-interface=bridge_vlan1004 protocol=tcp to-addresses=10.1.0.30 to-ports=9981 add action=dst-nat chain=dstnat comment=IKS dst-address=168.197.196.98 dst-port=15050 in-interface=bridge_vlan1004 protocol=tcp to-addresses=10.1.0.30 to-ports=15050 add action=dst-nat chain=dstnat comment=IKS dst-address=168.197.196.98 dst-port=12555 in-interface=bridge_vlan1004 protocol=tcp to-addresses=10.1.0.30 to-ports=12555 add action=dst-nat chain=dstnat comment=Xtream dst-address=168.197.196.98 dst-port=25500 in-interface=bridge_vlan1004 protocol=tcp to-addresses=10.1.0.30 to-ports=25500 add action=dst-nat chain=dstnat comment="Xtream API" dst-address=168.197.196.98 dst-port=25461 in-interface=bridge_vlan1004 protocol=tcp to-addresses=10.1.0.30 to-ports=25461 add action=dst-nat chain=dstnat comment="DNAT PuntoTV - Pub" dst-address=168.197.196.98 dst-port=224 in-interface=bridge_vlan1004 protocol=tcp to-addresses=10.1.0.30 to-ports=22 add action=dst-nat chain=dstnat comment=UI dst-address=168.197.196.98 dst-port=81 in-interface=bridge_vlan1004 protocol=tcp to-addresses=10.1.0.30 to-ports=80 add action=dst-nat chain=dstnat dst-address=168.197.196.98 dst-port=8000 in-interface=bridge_vlan1004 protocol=tcp to-addresses=10.1.0.30 to-ports=8000 add action=dst-nat chain=dstnat dst-address=168.197.196.98 dst-port=9000 in-interface=bridge_vlan1004 protocol=tcp to-addresses=10.1.0.30 to-ports=9000 add action=dst-nat chain=dstnat comment=Oscam dst-address=168.197.196.98 dst-port=8888 in-interface=bridge_vlan1004 protocol=tcp to-addresses=10.1.0.30 to-ports=8888 add action=dst-nat chain=dstnat dst-address=168.197.196.98 dst-port=15050 in-interface=bridge_vlan1004 protocol=tcp to-addresses=10.1.0.30 to-ports=15050 add action=dst-nat chain=dstnat dst-address=168.197.196.98 dst-port=25500 in-interface=bridge_vlan1004 protocol=tcp to-addresses=10.1.0.30 to-ports=25500 add action=masquerade chain=srcnat comment="SNAT INET" out-interface=bridge_vlan1004 /ip firewall raw add action=drop chain=prerouting comment="BCP - LAN-NETVIDEO_IPTV" in-interface=bridge_LAN src-address=!10.1.0.0/24 add action=drop chain=prerouting comment="ACCESO IPTV" dst-port=80,82,9981 in-interface=bridge_vlan1004 protocol=tcp src-address-list=!lista-iptv add action=drop chain=prerouting comment="Protection against DDoS" dst-address-list=ddos-targets src-address-list=ddos-attackers add action=notrack chain=prerouting comment="No track - OSPF" protocol=ospf add action=notrack chain=output protocol=ospf /ip firewall service-port set ftp disabled=yes set tftp disabled=yes set h323 disabled=yes set sip disabled=yes set pptp disabled=yes /ip ipsec profile set [ find default=yes ] dpd-interval=2m dpd-maximum-failures=5 /ip route add comment=RED_NOC disabled=no distance=1 dst-address=192.168.200.0/24 gateway=10.99.0.1 routing-table=main scope=30 suppress-hw-offload=no target-scope=10 add comment=RED_VPN-WireGuard-bck disabled=yes distance=1 dst-address=10.100.3.0/24 gateway=10.99.0.5 routing-table=main scope=30 suppress-hw-offload=no target-scope=10 add comment="RED VPN-L2TP" disabled=no distance=1 dst-address=10.100.0.0/24 gateway=10.99.0.1 routing-table=main scope=30 suppress-hw-offload=no target-scope=10 add comment=RED_VPN-WireGuard disabled=yes distance=1 dst-address=10.100.2.0/24 gateway=10.99.0.5 routing-table=main scope=30 suppress-hw-offload=no target-scope=10 add disabled=no distance=10 dst-address=0.0.0.0/0 gateway=168.197.196.97 routing-table=main scope=30 suppress-hw-offload=no target-scope=10 add comment="RED VQZ" disabled=no dst-address=172.22.17.0/24 gateway=10.1.1.7 routing-table=main suppress-hw-offload=no add comment="RED SB-1" disabled=no dst-address=172.22.6.0/23 gateway=10.1.1.2 routing-table=main suppress-hw-offload=no add comment="RED GPON-SB-1" disabled=no distance=1 dst-address=172.16.0.0/23 gateway=10.1.1.2 routing-table=main scope=30 suppress-hw-offload=no target-scope=10 add comment="RED CBL" disabled=no distance=1 dst-address=172.22.18.0/24 gateway=10.1.1.2 routing-table=main scope=30 suppress-hw-offload=no target-scope=10 add comment="RED BNT" disabled=no distance=1 dst-address=172.22.14.0/24 gateway=10.1.1.2 routing-table=main scope=30 suppress-hw-offload=no target-scope=10 add comment="RED MEC-CMP" disabled=no distance=1 dst-address=172.22.1.0/24 gateway=10.1.1.2 routing-table=main scope=30 suppress-hw-offload=no target-scope=10 add comment="RED R60" disabled=no distance=1 dst-address=172.22.0.0/24 gateway=10.1.1.3 routing-table=main scope=30 suppress-hw-offload=no target-scope=10 add comment="RED MLK" disabled=no distance=1 dst-address=172.22.16.0/24 gateway=10.1.1.4 routing-table=main scope=30 suppress-hw-offload=no target-scope=10 add comment="RED R50" disabled=no distance=1 dst-address=172.22.8.0/23 gateway=10.1.1.4 routing-table=main scope=30 suppress-hw-offload=no target-scope=10 add comment="RED GPON-R50" disabled=no distance=1 dst-address=172.16.2.0/23 gateway=10.1.1.4 routing-table=main scope=30 suppress-hw-offload=no target-scope=10 add comment="RED JDN" disabled=no dst-address=172.22.15.0/24 gateway=10.1.1.6 routing-table=main suppress-hw-offload=no add comment="RED SR" disabled=no distance=1 dst-address=172.22.4.0/24 gateway=10.1.1.6 routing-table=main scope=30 suppress-hw-offload=no target-scope=10 add comment="RED BRS" disabled=no distance=1 dst-address=172.22.5.0/24 gateway=10.1.1.6 routing-table=main scope=30 suppress-hw-offload=no target-scope=10 add comment="RED FO" disabled=no distance=1 dst-address=172.22.11.0/24 gateway=10.1.1.9 routing-table=main scope=30 suppress-hw-offload=no target-scope=10 add comment="RED GPON-FO" disabled=no distance=1 dst-address=172.16.4.0/23 gateway=10.1.1.9 routing-table=main scope=30 suppress-hw-offload=no target-scope=10 add comment="RED FO-NEW" disabled=no distance=1 dst-address=172.22.20.0/23 gateway=10.1.1.9 routing-table=main scope=30 suppress-hw-offload=no target-scope=10 add comment="RED RDM" disabled=no distance=1 dst-address=172.22.10.0/24 gateway=10.1.1.5 routing-table=main scope=30 suppress-hw-offload=no target-scope=10 add comment="RED GPON-FLB" disabled=no distance=1 dst-address=172.16.6.0/23 gateway=10.1.1.5 routing-table=main scope=30 suppress-hw-offload=no target-scope=10 add comment="RED FLB-NEW" disabled=no distance=1 dst-address=172.22.28.0/22 gateway=10.1.1.5 routing-table=main scope=30 suppress-hw-offload=no target-scope=10 add comment="RED FLB" disabled=no distance=1 dst-address=172.22.2.0/23 gateway=10.1.1.5 routing-table=main scope=30 suppress-hw-offload=no target-scope=10 add comment="RED PDG" disabled=no distance=1 dst-address=172.22.12.0/24 gateway=10.1.1.8 routing-table=main scope=30 suppress-hw-offload=no target-scope=10 add comment="RED 3RA" disabled=no distance=1 dst-address=172.22.13.0/24 gateway=10.1.1.8 routing-table=main scope=30 suppress-hw-offload=no target-scope=10 add comment="RED TRR" disabled=no dst-address=192.168.60.0/24 gateway=10.1.1.10 routing-table=main suppress-hw-offload=no add comment="RED ISG" disabled=no distance=1 dst-address=172.22.19.0/24 gateway=10.1.1.2 routing-table=main scope=30 suppress-hw-offload=no target-scope=10 /ip service set ftp disabled=yes set ssh address=192.168.200.155/32 set telnet disabled=yes set www disabled=yes set api disabled=yes set api-ssl disabled=yes /routing ospf interface-template add area=ospf-area-backbone_v2 disabled=no interfaces=bridge_vlan99 add area=ospf-area-backbone_v2 disabled=no interfaces=vlan1005 add area=ospf-area-backbone_v2 disabled=no interfaces=bridge_LAN passive add area=ospf-area-backbone_v2 disabled=no interfaces=lo passive /snmp set contact=pnet@puntonetinternet.com enabled=yes location="Nodo SB" trap-community=pnet trap-generators=interfaces trap-interfaces=bridge_vlan99 trap-version=2 /system clock set time-zone-name=America/Argentina/Mendoza /system identity set name=CORE_NETVIDEO /system logging set 0 action=InfoLogs set 1 action=ErrorLogs set 2 action=WarningLogs set 3 action=CriticalLogs add action=DudeLogs topics=info add action=InterfacesLogs topics=interface add action=GrafanaLogsAlert topics=system,error add action=GrafanaLogsInfo topics=system,info add action=GrafanaLogs topics=system,info,account add action=DHCPLogs topics=dhcp,info add action=OSPFLogs topics=route,ospf add action=MailsLogs topics=e-mail,info /system ntp client set enabled=yes /system ntp client servers add address=192.168.200.1 /system routerboard settings set auto-upgrade=yes /system scheduler add name=Reiniciar-1 on-event="/system reboot" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon start-date=2025-08-28 start-time=05:00:00 add name=Reiniciar-2 on-event="/system reboot" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon start-date=2025-08-28 start-time=05:10:00 /system script add dont-require-permissions=no name=backup_mail owner=marcos policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=":log info \"backup beginning now\"\r\n:global backupfile ([/system identity get name] . \"-\" . [/system clock\_get time])\r\n/system backup save name=\$backupfile\r\n:log info \"backup pausing for 10s\"\r\n:delay 10s\r\n:log info \"backup being emailed\"\r\n/tool e-mail send to=puntonetinet@gmail.com subject=([/system identity get name] . \\ \" Backup\") from=\"CORE_NETVIDEO (CCR2004-1G-12S+2XS) \" file=\$backupfile \r\n:log info \"backup finished\"" /tool e-mail set from="CORE_NETVIDEO (CCR2004-1G-12S+2XS) " port=465 server=mail.puntonetinternet.com tls=yes user=noc@puntonetinternet.com /tool netwatch add disabled=no down-script="/tool e-mail send to=pozziandres@gmail.com from=\"SALA 1 \" subject=\"Se corto la luz\" body=\" \"" host=10.1.0.5 http-codes="" interval=30s test-script="" timeout=10s type=simple up-script="/tool e-mail send to=pozziandres@gmail.com from=\"SALA1 \" subject=\"Volvio la luz\" body=\" \""