Monday, October 13, 2014

2 Wan+Hotspot 

/ip address
add address=192.168.0.1/24 disabled=no interface=Local network=192.168.0.0
add address=192.168.1.2/24 disabled=no interface=WAN1 network=192.168.1.0
add address=192.168.2.2/24 disabled=no interface=WAN2 network=192.168.2.0

/ip pool
add name=hs-pool ranges=192.168.0.30-192.168.0.254
add name=pppoe-pool ranges=192.168.0.30-192.168.0.253

/ip dns
set allow-remote-requests=yes cache-max-ttl=1w cache-size=20480KiB \
    max-udp-packet-size=10240 servers=8.8.8.8,8.8.4.4

/ip dhcp-server
add address-pool=hs-pool authoritative=after-2sec-delay bootp-support=static \
    disabled=no interface=Local lease-time=1h name=dhcp1

/ip dhcp-server config
set store-leases-disk=5m

/ip dhcp-server network
add address=192.168.0.0/24 comment="hotspot network" dhcp-option="" \
    dns-server="" gateway=192.168.0.1 ntp-server="" wins-server=""


/ip hotspot profile
set [ find default=yes ] dns-name="" hotspot-address=0.0.0.0 html-directory=\
    hotspot http-cookie-lifetime=3d http-proxy=0.0.0.0:0 login-by=\
    cookie,http-chap name=default rate-limit="" smtp-server=0.0.0.0 \
    split-user-domain=no use-radius=no
add dns-name=login.wifitech.com.pk hotspot-address=192.168.0.1 html-directory=hotspot \
    http-proxy=0.0.0.0:0 login-by=http-chap name=hotspot rate-limit=\
    "256K/1M 256K/1500K 256K/1200K 30/30 8 256K/1M" smtp-server=0.0.0.0 \
    split-user-domain=no use-radius=no

/ip hotspot
add address-pool=hs-pool addresses-per-mac=1 disabled=no idle-timeout=5m \
    interface=Local keepalive-timeout=none name=hotspot profile=hotspot
/ip hotspot user profile
add address-pool=hs-pool advertise=no idle-timeout=none keepalive-timeout=2m \
    name="Student D" open-status-page=http-login rate-limit=\
    "200K/512K 200K/850K 200K/600K 30/30 8 200K/512K" shared-users=1 \
    status-autorefresh=1m transparent-proxy=yes


/ip firewall filter
add action=passthrough chain=unused-hs-chain comment=\
    "place hotspot rules here" disabled=yes
/ip firewall mangle
add action=mark-packet chain=output disabled=no dscp=4 new-packet-mark=\
    cache-hits passthrough=no
add action=mark-connection chain=input disabled=no hotspot=auth in-interface=\
    Local new-connection-mark=WAN1_conn passthrough=yes
add action=mark-connection chain=input disabled=no hotspot=auth in-interface=\
    Local new-connection-mark=WAN2_conn passthrough=yes
add action=mark-routing chain=output connection-mark=WAN1_conn disabled=no \
    hotspot=auth new-routing-mark=to_WAN1 passthrough=yes
add action=mark-routing chain=output connection-mark=WAN2_conn disabled=no \
    hotspot=auth new-routing-mark=to_WAN2 passthrough=yes
add action=accept chain=prerouting disabled=no dst-address=192.168.1.0/24 \
    hotspot=auth in-interface=Local
add action=accept chain=prerouting disabled=no dst-address=192.168.2.0/24 \
    hotspot=auth in-interface=Local
add action=mark-connection chain=prerouting disabled=no dst-address-type=\
    !local hotspot=auth in-interface=Local new-connection-mark=WAN1_conn \
    passthrough=yes per-connection-classifier=both-addresses-and-ports:2/0
add action=mark-connection chain=prerouting disabled=no dst-address-type=\
    !local hotspot=auth in-interface=Local new-connection-mark=WAN2_conn \
    passthrough=yes per-connection-classifier=both-addresses-and-ports:2/1
add action=mark-routing chain=prerouting connection-mark=WAN1_conn disabled=\
    no hotspot=auth in-interface=Local new-routing-mark=to_WAN1 passthrough=\
    yes
add action=mark-routing chain=prerouting connection-mark=WAN2_conn disabled=\
    no hotspot=auth in-interface=Local new-routing-mark=to_WAN2 passthrough=\
    yes
/ip firewall nat
add action=passthrough chain=unused-hs-chain comment=\
    "place hotspot rules here" disabled=yes to-addresses=0.0.0.0
add action=redirect chain=dstnat disabled=no dst-port=80 protocol=tcp \
    to-ports=8080
add action=accept chain=pre-hotspot disabled=no dst-address-type=!local \
    hotspot=auth
add action=masquerade chain=srcnat disabled=no out-interface=Local
add action=masquerade chain=srcnat disabled=no out-interface=Local
add action=masquerade chain=srcnat comment="masquerade hotspot network" \
    disabled=no src-address=192.168.0.0/24 to-addresses=0.0.0.0
/ip route
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
    192.168.1.1 routing-mark=to_WAN1 scope=30 target-scope=10
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
    192.168.2.1 routing-mark=to_WAN2 scope=30 target-scope=10
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
    192.168.1.1 scope=30 target-scope=10
add check-gateway=ping disabled=no distance=2 dst-address=0.0.0.0/0 gateway=\
    192.168.2.1 scope=30 target-scope=10
/system identity
set name="Powered By Wifitech"
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)