From 064722be6d09a736aca206f57880bd763beb71a0 Mon Sep 17 00:00:00 2001
From: oxidized <oxidized@einsle.de>
Date: Thu, 8 Aug 2019 19:55:05 +0200
Subject: [PATCH] update mikrotik/mt-dg.ke.einsle.de

---
 mikrotik/mt-dg.ke.einsle.de | 234 ++++++++++++++++++++----------------
 1 file changed, 129 insertions(+), 105 deletions(-)

diff --git a/mikrotik/mt-dg.ke.einsle.de b/mikrotik/mt-dg.ke.einsle.de
index a824276..a796fab 100644
--- a/mikrotik/mt-dg.ke.einsle.de
+++ b/mikrotik/mt-dg.ke.einsle.de
@@ -1,107 +1,131 @@
-#        routerboard: yes
-#         board-name: hAP ac
-#              model: RouterBOARD 962UiGS-5HacT2HnT
-#      serial-number: 67370685D272
-#      firmware-type: qca9550L
-#   factory-firmware: 3.31
-#   current-firmware: 6.45.3
+# /system routerboard print[oxidized@mt-dg] > /system routerboard print
+#        routerboard: yes
+#         board-name: hAP ac
+#              model: RouterBOARD 962UiGS-5HacT2HnT
+#      serial-number: 67370685D272
+#      firmware-type: qca9550L
+#   factory-firmware: 3.31
+#   current-firmware: 6.45.3
 #   upgrade-firmware: 6.45.3
-# 
-#             channel: stable
+# [oxidized@mt-dg] >                                                             [oxidized@mt-dg] > # /system package update print[oxidized@mt-dg] > /system package update print
+#             channel: stable
 #   installed-version: 6.45.3
-# 
-# Flags: U - undoable, R - redoable, F - floating-undo 
-#   ACTION                                   BY               POLICY             
-# 
-# software id = 4J0Q-ELYL
-#
-# model = RouterBOARD 962UiGS-5HacT2HnT
-# serial number = 67370685D272
-/interface bridge
-add fast-forward=no name=br_vlan1 protocol-mode=none
-add fast-forward=no name=br_vlan10 protocol-mode=none
-add fast-forward=no name=br_vlan42 protocol-mode=none
-add fast-forward=no name=br_vlan50 protocol-mode=none
-add fast-forward=no name=br_vlan51 protocol-mode=none
-add fast-forward=no name=br_vlan52 protocol-mode=none
-add fast-forward=no name=br_vlan99 protocol-mode=none
-add fast-forward=no name=br_wlan protocol-mode=none
-/interface ethernet
-set [ find default-name=ether1 ] speed=100Mbps
-set [ find default-name=ether2 ] speed=100Mbps
-set [ find default-name=ether3 ] speed=100Mbps
-set [ find default-name=ether4 ] speed=100Mbps
-set [ find default-name=ether5 ] speed=100Mbps
-set [ find default-name=sfp1 ] advertise=10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
-/interface wireless
-# managed by CAPsMAN
-# channel: 2412/20/gn(10dBm), SSID: wifis.org/ke/bertling, CAPsMAN forwarding
-set [ find default-name=wlan1 ] ssid=MikroTik
-# managed by CAPsMAN
-# channel: 5180/20/ac(20dBm), SSID: wifis.org/ke/bertling, CAPsMAN forwarding
-set [ find default-name=wlan2 ] ssid=MikroTik
-/interface vlan
-add interface=br_wlan loop-protect-disable-time=0s loop-protect-send-interval=0s name=br_wlan_vlan42 vlan-id=42
-add interface=br_wlan loop-protect-disable-time=0s loop-protect-send-interval=0s name=br_wlan_vlan50 vlan-id=50
-add interface=br_wlan loop-protect-disable-time=0s loop-protect-send-interval=0s name=br_wlan_vlan51 vlan-id=51
-add interface=br_wlan loop-protect-disable-time=0s loop-protect-send-interval=0s name=br_wlan_vlan52 vlan-id=52
-add interface=br_wlan loop-protect-disable-time=0s loop-protect-send-interval=0s name=br_wlan_vlan99 vlan-id=99
-add interface=ether1 loop-protect-disable-time=0s loop-protect-send-interval=0s name=vlan1 vlan-id=1
-add interface=ether1 loop-protect-disable-time=0s loop-protect-send-interval=0s name=vlan10 vlan-id=10
-add interface=ether1 loop-protect-disable-time=0s loop-protect-send-interval=0s name=vlan42 vlan-id=42
-add interface=ether1 loop-protect-disable-time=0s loop-protect-send-interval=0s name=vlan50 vlan-id=50
-add interface=ether1 loop-protect-disable-time=0s loop-protect-send-interval=0s name=vlan51 vlan-id=51
-add interface=ether1 loop-protect-disable-time=0s loop-protect-send-interval=0s name=vlan52 vlan-id=52
-add interface=ether1 loop-protect-disable-time=0s loop-protect-send-interval=0s name=vlan60 vlan-id=60
-add interface=ether1 loop-protect-disable-time=0s loop-protect-send-interval=0s name=vlan99 vlan-id=99
-/interface wireless security-profiles
-set [ find default=yes ] supplicant-identity=MikroTik
-/ip hotspot profile
-set [ find default=yes ] html-directory=flash/hotspot
-/routing bgp instance
-set default disabled=yes
-/routing ospf instance
-set [ find default=yes ] disabled=yes
-/snmp community
-set [ find default=yes ] addresses=172.24.0.0/16 authentication-password=nUTIRozDeJMiQ2Goj8BR authentication-protocol=SHA1 encryption-password=nUTIRozDeJMiQ2Goj8BR encryption-protocol=AES name=jie6Wao5weeSahs
-add addresses=172.24.1.0/24,172.24.10.0/24 authentication-password=nUTIRozDeJMiQ2Goj8BR authentication-protocol=SHA1 encryption-password=nUTIRozDeJMiQ2Goj8BR encryption-protocol=AES name=monitor security=private
-/interface bridge port
-add bridge=br_vlan1 interface=vlan1
-add bridge=br_vlan10 interface=vlan10
-add bridge=br_vlan42 interface=vlan42
-add bridge=br_vlan50 interface=vlan50
-add bridge=br_vlan51 interface=vlan51
-add bridge=br_vlan52 interface=vlan52
-add bridge=br_vlan10 hw=no interface=ether2
-add bridge=br_vlan51 hw=no interface=ether3
-add bridge=br_vlan51 hw=no interface=ether4
-add bridge=br_vlan52 hw=no interface=ether5
-add bridge=br_vlan42 interface=br_wlan_vlan42
-add bridge=br_vlan50 interface=br_wlan_vlan50
-add bridge=br_vlan51 interface=br_wlan_vlan51
-add bridge=br_vlan52 interface=br_wlan_vlan52
-add bridge=br_vlan99 interface=br_wlan_vlan99
-add bridge=br_vlan99 interface=vlan99
-/interface wireless cap
-# 
-set bridge=br_wlan caps-man-addresses=172.24.1.97 enabled=yes interfaces=wlan1,wlan2
-/ip address
-add address=172.24.1.95/24 interface=vlan1 network=172.24.1.0
-add address=172.24.10.95/24 interface=vlan10 network=172.24.10.0
-add address=172.24.42.95/24 interface=vlan42 network=172.24.42.0
-/ip dns
-set servers=172.24.10.11,172.24.10.12
-/ip route
-add distance=1 gateway=172.24.1.1
-/ip ssh
-set allow-none-crypto=yes forwarding-enabled=remote
-/snmp
-set contact="Robert Einsle <robert@einsle.de>" enabled=yes location="Kempten, Dachgeschoss" trap-version=3
-/system clock
-set time-zone-name=Europe/Berlin
-/system identity
-set name=mt-dg
-/system ntp client
-set enabled=yes primary-ntp=172.24.10.13 secondary-ntp=172.24.10.12
-/tool romon
-set enabled=yes id=6C:3B:6B:19:5C:58 secrets=78f244b59c
+# [oxidized@mt-dg] >                                                             [oxidized@mt-dg] > # /system history print[oxidized@mt-dg] > /system history print
+# Flags: [m[1mU[m - undoable, [m[1mR[m - redoable, [m[1mF[m - floating-undo 
+# [m[1m  ACTION                                   BY               POLICY             
+# [m[oxidized@mt-dg] >                                                             [oxidized@mt-dg] > /export[oxidized@mt-dg] > /export
+# aug/08/2019 19:55:03 by RouterOS 6.45.3
+# software id = 4J0Q-ELYL
+#
+# model = RouterBOARD 962UiGS-5HacT2HnT
+# serial number = 67370685D272
+/interface bridge
+add fast-forward=no name=br_vlan1 protocol-mode=none
+add fast-forward=no name=br_vlan10 protocol-mode=none
+add fast-forward=no name=br_vlan42 protocol-mode=none
+add fast-forward=no name=br_vlan50 protocol-mode=none
+add fast-forward=no name=br_vlan51 protocol-mode=none
+add fast-forward=no name=br_vlan52 protocol-mode=none
+add fast-forward=no name=br_vlan99 protocol-mode=none
+add fast-forward=no name=br_wlan protocol-mode=none
+/interface ethernet
+set [ find default-name=ether1 ] speed=100Mbps
+set [ find default-name=ether2 ] speed=100Mbps
+set [ find default-name=ether3 ] speed=100Mbps
+set [ find default-name=ether4 ] speed=100Mbps
+set [ find default-name=ether5 ] speed=100Mbps
+set [ find default-name=sfp1 ] advertise=\
+    10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
+/interface wireless
+# managed by CAPsMAN
+# channel: 2412/20/gn(10dBm), SSID: wifis.org/ke/bertling, CAPsMAN forwarding
+set [ find default-name=wlan1 ] ssid=MikroTik
+# managed by CAPsMAN
+# channel: 5180/20/ac(20dBm), SSID: wifis.org/ke/bertling, CAPsMAN forwarding
+set [ find default-name=wlan2 ] ssid=MikroTik
+/interface vlan
+add interface=br_wlan loop-protect-disable-time=0s \
+    loop-protect-send-interval=0s name=br_wlan_vlan42 vlan-id=42
+add interface=br_wlan loop-protect-disable-time=0s \
+    loop-protect-send-interval=0s name=br_wlan_vlan50 vlan-id=50
+add interface=br_wlan loop-protect-disable-time=0s \
+    loop-protect-send-interval=0s name=br_wlan_vlan51 vlan-id=51
+add interface=br_wlan loop-protect-disable-time=0s \
+    loop-protect-send-interval=0s name=br_wlan_vlan52 vlan-id=52
+add interface=br_wlan loop-protect-disable-time=0s \
+    loop-protect-send-interval=0s name=br_wlan_vlan99 vlan-id=99
+add interface=ether1 loop-protect-disable-time=0s loop-protect-send-interval=\
+    0s name=vlan1 vlan-id=1
+add interface=ether1 loop-protect-disable-time=0s loop-protect-send-interval=\
+    0s name=vlan10 vlan-id=10
+add interface=ether1 loop-protect-disable-time=0s loop-protect-send-interval=\
+    0s name=vlan42 vlan-id=42
+add interface=ether1 loop-protect-disable-time=0s loop-protect-send-interval=\
+    0s name=vlan50 vlan-id=50
+add interface=ether1 loop-protect-disable-time=0s loop-protect-send-interval=\
+    0s name=vlan51 vlan-id=51
+add interface=ether1 loop-protect-disable-time=0s loop-protect-send-interval=\
+    0s name=vlan52 vlan-id=52
+add interface=ether1 loop-protect-disable-time=0s loop-protect-send-interval=\
+    0s name=vlan60 vlan-id=60
+add interface=ether1 loop-protect-disable-time=0s loop-protect-send-interval=\
+    0s name=vlan99 vlan-id=99
+/interface wireless security-profiles
+set [ find default=yes ] supplicant-identity=MikroTik
+/ip hotspot profile
+set [ find default=yes ] html-directory=flash/hotspot
+/routing bgp instance
+set default disabled=yes
+/routing ospf instance
+set [ find default=yes ] disabled=yes
+/snmp community
+set [ find default=yes ] addresses=172.24.0.0/16 authentication-password=\
+    nUTIRozDeJMiQ2Goj8BR authentication-protocol=SHA1 encryption-password=\
+    nUTIRozDeJMiQ2Goj8BR encryption-protocol=AES name=jie6Wao5weeSahs
+add addresses=172.24.1.0/24,172.24.10.0/24 authentication-password=\
+    nUTIRozDeJMiQ2Goj8BR authentication-protocol=SHA1 encryption-password=\
+    nUTIRozDeJMiQ2Goj8BR encryption-protocol=AES name=monitor security=\
+    private
+/interface bridge port
+add bridge=br_vlan1 interface=vlan1
+add bridge=br_vlan10 interface=vlan10
+add bridge=br_vlan42 interface=vlan42
+add bridge=br_vlan50 interface=vlan50
+add bridge=br_vlan51 interface=vlan51
+add bridge=br_vlan52 interface=vlan52
+add bridge=br_vlan10 hw=no interface=ether2
+add bridge=br_vlan51 hw=no interface=ether3
+add bridge=br_vlan51 hw=no interface=ether4
+add bridge=br_vlan52 hw=no interface=ether5
+add bridge=br_vlan42 interface=br_wlan_vlan42
+add bridge=br_vlan50 interface=br_wlan_vlan50
+add bridge=br_vlan51 interface=br_wlan_vlan51
+add bridge=br_vlan52 interface=br_wlan_vlan52
+add bridge=br_vlan99 interface=br_wlan_vlan99
+add bridge=br_vlan99 interface=vlan99
+/interface wireless cap
+# 
+set bridge=br_wlan caps-man-addresses=172.24.1.97 enabled=yes interfaces=\
+    wlan1,wlan2
+/ip address
+add address=172.24.1.95/24 interface=vlan1 network=172.24.1.0
+add address=172.24.10.95/24 interface=vlan10 network=172.24.10.0
+add address=172.24.42.95/24 interface=vlan42 network=172.24.42.0
+/ip dns
+set servers=172.24.10.11,172.24.10.12
+/ip route
+add distance=1 gateway=172.24.1.1
+/ip ssh
+set allow-none-crypto=yes forwarding-enabled=remote
+/snmp
+set contact="Robert Einsle <robert@einsle.de>" enabled=yes location=\
+    "Kempten, Dachgeschoss" trap-version=3
+/system clock
+set time-zone-name=Europe/Berlin
+/system identity
+set name=mt-dg
+/system ntp client
+set enabled=yes primary-ntp=172.24.10.13 secondary-ntp=172.24.10.12
+/tool romon
+set enabled=yes id=6C:3B:6B:19:5C:58 secrets=78f244b59c
+[oxidized@mt-dg] >                                                             [oxidized@mt-dg] >