代碼: 選擇全部
#| ether1 is renamed ether1-gateway, rest of interfaces are switched
#| IP address 192.168.88.1/24 is on switch
#| DHCP client is on ether1-gateway
#| DHCP server is on switch, with address pool 192.168.88.10-192.168.88.254
#| masquerade on ether1-gateway
:global action
# these commands are executed after installation or configuration reset
:if ($action = "apply") do={
/interface set ether1 name=ether1-gateway
/interface set ether2 name=ether2-local-master
/interface set ether3 name=ether3-local-slave
/interface set ether4 name=ether4-local-slave
/interface set ether5 name=ether5-local-slave
/interface ethernet set ether3-local-slave master-port=ether2-local-master
/interface ethernet set ether4-local-slave master-port=ether2-local-master
/interface ethernet set ether5-local-slave master-port=ether2-local-master
/ip address add address=192.168.88.1/24 interface=ether2-local-master comment="default configuration"
:if ([:len [/system package find name="dhcp" !disabled]] != 0) do={
/ip dhcp-client add interface=ether1-gateway disabled=no comment="default configuration";
/ip pool add name=default-dhcp ranges=192.168.88.10-192.168.88.254;
/ip dhcp-server add name=default address-pool=default-dhcp interface=ether2-local-master disabled=no;
/ip dhcp-server network add address=192.168.88.0/24 gateway=192.168.88.1 dns-server=192.168.88.1 comment="default configuration";
}
/ip firewall {
filter add chain=input action=accept protocol=icmp comment="default configuration"
filter add chain=input action=accept connection-state=established in-interface=ether1-gateway comment="default configuration"
filter add chain=input action=accept connection-state=related in-interface=ether1-gateway comment="default configuration"
filter add chain=input action=drop in-interface=ether1-gateway comment="default configuration"
nat add chain=srcnat out-interface=ether1-gateway action=masquerade comment="default configuration"
}
/ip dns {
set allow-remote-requests=yes
static add name=router address=192.168.88.1
}
/tool mac-server remove [find]
/tool mac-server add interface=ether2-local-master disabled=no
/tool mac-server add interface=ether3-local-slave disabled=no
/tool mac-server add interface=ether4-local-slave disabled=no
/tool mac-server add interface=ether5-local-slave disabled=no
/tool mac-server mac-winbox disable [find]
/tool mac-server mac-winbox add interface=ether2-local-master disabled=no
/tool mac-server mac-winbox add interface=ether3-local-slave disabled=no
/tool mac-server mac-winbox add interface=ether4-local-slave disabled=no
/tool mac-server mac-winbox add interface=ether5-local-slave disabled=no
/ip neighbor discovery set [find name=ether1-gateway] discover=no
}
# these commands are executed if user requests to remove default configuration
:if ($action = "revert") do={
/ip firewall {
:local o [nat find comment="default configuration"]
:if ([:len $o] != 0) do={ nat remove $o }
:local o [filter find comment="default configuration"]
:if ([:len $o] != 0) do={ filter remove $o }
}
:if ([:len [/system package find name="dhcp" !disabled]] != 0) do={
:local o [/ip dhcp-server network find comment="default configuration"]
:if ([:len $o] != 0) do={ /ip dhcp-server network remove $o }
:local o [/ip dhcp-server find name="default" address-pool="default-dhcp" interface=ether2-local-master !disabled]
:if ([:len $o] != 0) do={ /ip dhcp-server remove $o }
/ip pool {
:local o [find name=default-dhcp ranges=192.168.88.10-192.168.88.254]
:if ([:len $o] != 0) do={ remove $o }
}
:local o [/ip dhcp-client find comment="default configuration"]
:if ([:len $o] != 0) do={ /ip dhcp-client remove $o }
}
/ip dns {
set allow-remote-requests=no
:local o [static find name=router address=192.168.88.1]
:if ([:len $o] != 0) do={ static remove $o }
}
/ip address {
:local o [find comment="default configuration"]
:if ([:len $o] != 0) do={ remove $o }
}
/tool mac-server remove [find]
/tool mac-server add interface=all disabled=no
/tool mac-server mac-winbox remove [find interface!=all]
/tool mac-server mac-winbox set [find] disabled=no
/ip neighbor discovery set [find name=ether1-gateway] discover=yes
/interface ethernet set ether3-local-slave master-port=none
/interface ethernet set ether4-local-slave master-port=none
/interface ethernet set ether5-local-slave master-port=none
/interface set ether1-gateway name=ether1
/interface set ether2-local-master name=ether2
/interface set ether3-local-slave name=ether3
/interface set ether4-local-slave name=ether4
/interface set ether5-local-slave name=ether5
}