#GTX400 912BC PLS8 #VERSION 2.2 (udpate from 07.02.2020) #RouterOS 6.45.6 /system logging action set 1 disk-file-count=3 /system logging set 0 action=memory set 1 action=disk set 2 action=disk set 3 action=memory add action=memory topics=async disabled=yes add action=memory topics=debug disabled=yes :global NUM 0 :global ALLNUM 26; :global VER [:pick [/system resource get version] 0 4] :global MODEL [:pick [/system routerboard get model] 0 3] :log warning "SETTINGS_START_INSTALL" /system routerboard settings set cpu-frequency=600MHz init-delay=5s /system routerboard usb set type=mini-PCIe :set $NUM ($NUM+1) :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".MINI-PCI ACTIVATED" :delay 3s /system identity set name=GTX400-912BC :set $NUM ($NUM+1) :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".SET_IDENTITY"; :delay 2s; /interface ppp-client remove [find name="ppp-out1"] :delay 2s; /interface lte set [find name="lte1"] comment="WAN" :delay 3s; /interface lte apn set [find name="default"] default-route-distance=1 :set $NUM ($NUM+1) :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".SET_LTE"; :delay 3s; /interface ethernet set [ find default-name=ether1 ] comment="LAN" :set $NUM ($NUM+1) :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".SET_LAN"; :delay 3s; /interface list add name=WAN add name=LAN /interface list member add interface=lte1 list=WAN add interface=ether1 list=LAN :set $NUM ($NUM+1) :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".ADD_LISTS"; /ip firewall raw add chain=prerouting action=drop in-interface-list=WAN protocol=udp dst-port=53 :set $NUM ($NUM+1) :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".ADD_RAW_RULE"; /ip firewall nat add action=masquerade chain=srcnat comment="LAN to WAN" out-interface-list=WAN :set $NUM ($NUM+1); :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".ADD_NAT"; /ip firewall filter add action=accept chain=input connection-state=established,related comment="Accept established,related on chain input" add action=drop chain=input connection-state=invalid comment="Drop invalid on chain input" add action=accept chain=input protocol=icmp comment="Accept ICMP" add action=drop chain=input in-interface-list=!LAN comment="Drop all not coming from LAN on chain input" add action=accept chain=forward connection-state=established,related comment="Accept established,related on chain forward" add action=drop chain=forward connection-state=invalid comment="Drop invalid on chain forward" add action=drop chain=forward connection-nat-state=!dstnat connection-state=new in-interface-list=WAN comment="Drop all from WAN not DSTNATed on chain forward" :set $NUM ($NUM+1); :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".ADD_FILTER_RULES"; /ip service disable api disable api-ssl disable ftp set telnet address=192.168.88.0/24 disable www-ssl :set $NUM ($NUM+1); :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".SET_SERVICES"; /ip neighbor discovery-settings set discover-interface-list=LAN :set $NUM ($NUM+1) :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".SET_DISCOVERY"; /ip dns set allow-remote-requests=yes :set $NUM ($NUM+1) :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".SET_DNS"; /ip cloud set update-time=no :set $NUM ($NUM+1); :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".DISABLE_IPCLOUD_UPD_TIME"; /system clock set time-zone-autodetect=no time-zone-name=Europe/Moscow :set $NUM ($NUM+1) :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".SET_TIME_ZONE"; /system ntp client set enabled=yes server-dns-names=\ ntp4.stratum2.ru,ntp3.stratum2.ru,ntp5.stratum1.ru,timeserver.ru :set $NUM ($NUM+1) :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".SET_NTP_CLIENT"; /system note set note="\ \n TTTTTTTT EEEEEE LL EEEEEE OOOO FFFFFF IIII SSSSS\ \n TT EE LL EE OO OO FF II SS\ \n TT EEEEEE LL EEEEEE OO OO FFFFFF II SSSSS\ \n TT EE LL EE OO OO FF II SS\ \n TT EEEEEE LLLLLL EEEEEE OOOO FF IIII SSSSS\ \n\ \n Teleofis for MikroTik RouterOS $"VER" (c) 2004-2019 http://teleofis.ru/\ \n\ \n" :set $NUM ($NUM+1) :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".SET_LOGO"; /system script add name=watchdog_script policy=reboot,read,write,test dont-require-permissions=yes \ source=":global ITERATION 0;\r\ \n:global IP1\r\ \n:global IP2\r\ \n:global ITERATION1 0;\r\ \n\r\ \n:do {\r\ \n :set \$IP1 [:resolve yandex.ru]\r\ \n} on-error={\r\ \n :set \$IP1 77.88.8.8\r\ \n}\r\ \n:do {\r\ \n :set \$IP2 [:resolve google.com]\r\ \n} on-error={\r\ \n :set \$IP2 8.8.8.8\r\ \n}\r\ \n\r\ \n:log debug \"watchdog: Start Watchdog\";\r\ \n:while (true) do={\r\ \n :if ([:len [/system resource usb find]] < 2) do={\r\ \n :log error \"watchdog: Could not Find Modem Card - REBOOT\"\r\ \n :delay 5s\r\ \n /system reboot\r\ \n :delay 1s\r\ \n }\r\ \n :if ([/port get number=0 channel] != 1) do={\r\ \n :log error \"watchdog: Invalid Number of Channels - REBOOT\"\r\ \n :delay 5s\r\ \n /system reboot\r\ \n :delay 1s\r\ \n }\r\ \n :if ([/port find inactive=no] != \"\") do={\r\ \n :global PING1 [/ping \$IP1 count=10]\r\ \n :if (\$PING1 > 5) do={\r\ \n :log info \"watchdog: Ping 1 Watchdog - OK\"\r\ \n :quit;\r\ \n }\r\ \n :global PING2 [/ping \$IP2 count=10];\r\ \n :if (\$PING2 > 5) do={\r\ \n :log info \"watchdog: Ping 2 Watchdog - OK\"\r\ \n :quit;\r\ \n }\r\ \n :if (\$ITERATION < 3) do={\r\ \n :log warning \"watchdog: Could not Ping - RECONNECT\"\r\ \n /interface lte set lte1 disabled=yes\r\ \n :delay 5s\r\ \n /interface lte set lte1 disabled=no\r\ \n :set \$ITERATION (\$ITERATION+1)\r\ \n :delay 40s\r\ \n } else={\r\ \n :if (\$ITERATION1 = 1) do={\r\ \n :log warning \"watchdog: Could not Ping - REBOOT\"\r\ \n /system reboot\r\ \n :delay 1s\r\ \n }\r\ \n :log error \"watchdog: Could not Ping - USB POWER-RESET\"\r\ \n /system routerboard usb power-reset duration=5\r\ \n :delay 50s\r\ \n :set \$ITERATION1 (\$ITERATION1+1)\r\ \n :set \$ITERATION 0\r\ \n }\r\ \n } else={\r\ \n :log error \"watchdog: Could not Find Port - REBOOT\"\r\ \n /system reboot\r\ \n :delay 1s\r\ \n }\r\ \n}" :set $NUM ($NUM+1) :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".ADD_WATCHDOG"; add name=lte_register \ policy=reboot,read,write,test dont-require-permissions=yes source=":delay 20s\r\ \n:log info \"lte_registered: start registered...\"\r\ \n/interface lte at-chat 0 input=\"AT+CFUN=0\" wait=yes\r\ \n:delay 2s\r\ \n/interface lte at-chat 0 input=\"AT+CFUN=1\"" :set $NUM ($NUM+1); :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".ADD_LTE_REGISTER"; /system scheduler add disabled=no interval=10m name=watchdog on-event="watchdog_script" policy=reboot,read,write,test \ start-time=startup add disabled=no name=lte_register on-event="lte_register" policy=reboot,read,write,test \ start-time=startup :set $NUM ($NUM+1); :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".RUN_WATCHDOG"; :delay 1s; :global LEDSTATUS [/system leds find disabled=no]; :if ($LEDSTATUS != "") do={ /system leds set 0 interface=lte1 leds=user-led type=interface-transmit add interface=lte1 leds=led1,led2,led3,led4,led5 modem-signal-treshold=-105 type=modem-signal } else={ /system leds add interface=lte1 leds=user-led type=interface-transmit add interface=lte1 leds=led1,led2,led3,led4,led5 modem-signal-treshold=-105 type=modem-signal } :set $NUM ($NUM+1); :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".SET_LED"; /ip pool add name=dhcp-pool1 ranges=192.168.88.10-192.168.88.250 :set $NUM ($NUM+1) :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".ADD_DHCP-POOL"; /ip address add address=192.168.88.1/24 comment="LAN" interface=ether1 network=192.168.88.0 :set $NUM ($NUM+1); :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".SET_ADDRESS"; /ip dhcp-server network add address=192.168.88.0/24 comment="LAN" dns-server=192.168.88.1 gateway=192.168.88.1 netmask=24 :set $NUM ($NUM+1) :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".SET_DHCP_SERVER_NETWORK"; /ip dhcp-server add add-arp=yes address-pool=dhcp-pool1 bootp-lease-time=lease-time \ bootp-support=dynamic disabled=no interface=ether1 lease-time=3d name=\ dhcp-server1 :set $NUM ($NUM+1) :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".SET_DHCP_SERVER"; /tool mac-server set allowed-interface-list=LAN :set $NUM ($NUM+1); :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".SET_MAC_SERVER"; /system backup save name="factory_gtx400_$"MODEL"gm_$"VER"" :set $NUM ($NUM+1); :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".ADD_BACKUP"; /system routerboard upgrade :set $NUM ($NUM+1); :log warning "STEP_$"NUM"_OUT_OF_$"ALLNUM".UPGRADE_ROUTERBOARD"; :if (:put [:len [/system package find name=gps]] > 0) do={ /system gps set channel=0 enabled=yes init-string="" port=usb1 set-system-time=yes :log warning "GPS_SET"; } /system note set show-at-login=no /file remove [ find type="directory" ] remove [ find type="package" ] remove [ find type=".fwf file" ] remove [ find type=".rif file" ] remove [ find type="web-proxy store" ] /system package disable [ find name=wireless ] /system package disable [ find name=wireless-fp ] /system package disable [ find name=wireless-cm2 ] :log warning "SETTINGS_INSTALL_END" :log warning "REBOOT" /system reboot