Servidor Mikrotik Pronto Pra Usar

Wireless N Access Point
O ponto de acesso substitui ou acrescenta funcionalidades WiFi N a um modem/router ou box

que utilize a norma 802.11g. Baseado na nova norma WiFi 802.11n, o ponto de acesso
Hercules Wireless N permite larguras de banda que chegam aos 300 Mbps* - isto , 5,5 vezes
mais do que a anterior norma 802.11g.
Configurao do tipo Plug & Play - s preciso preencher as definies da rede WiFi (nome da
rede e informaes de segurana).
A largura de banda de 300 Mbps permite transmitir filmes de alta definio e msica com uma
mistura 5.1, navegar na Internet e jogar online simultaneamente, sem atraso.
Tutorial Mikrotik
tutorial completo para montar seu servidor Mikrotik com bloqueio memoria cache e mas
# Etapa1
# Configurando interfaces
/ interface ethernet
set ether1 name="Link_A" mtu=1500 arp=enabled disable-running-check=yes autonegotiation=yes full-duplex=yes cable-settings=default speed=100Mbps comment="Links
Principal" disabled=no
set ether2 name="Link_B" mtu=1500 arp=enabled disable-running-check=yes autonegotiation=yes full-duplex=yes cable-settings=default speed=100Mbps comment="Link de
BackUp" disabled=no
set ether3 name="Interna" mtu=1500 arp=enabled disable-running-check=yes autonegotiation=yes full-duplex=yes cable-settings=default speed=100Mbps comment="Interface
com NAT - Network Address Translator" disabled=no
# Etapa2
# Configurando IPs de rede interna
/ ip address
add address=192.168.36.129/24 interface=Link_A comment="" disable=no
add address=142.86.92.152/24 interface=Link_B comment="" disable=no
# Etapa3
# Configurando Roteador
/ ip route
add dst-address=0.0.0.0/0 gateway=192.168.36.2,142.86.92.200 scope=255 target-scope=10
comment="Tolerancia a Falhas" disabled=no
# Etapa4
# Configurando Regras de filtragem do firewall
/ ip firewall filter
add chain=input protocol=icmp icmp-options=8:0-255 action=log log-prefix="Bloqueio Ping
Para o Servidor" comment="Bloqueio Ping Para o Servidor" disabled=yes
add chain=input protocol=icmp icmp-options=8:0-255 action=drop comment="" disabled=yes
add chain=input in-interface=Externa protocol=tcp dst-port=8080 action=log log-prefix=""
comment="Bloqueio do Proxy Externo" disabled=no
add chain=input in-interface=Externa protocol=tcp dst-port=8080 action=drop comment=""
disabled=no
add chain=forward src-address=80.80.1.0/24 p2p=warez action=log log-prefix=""
comment="Quebra de Criptografia ares" disabled=no
add chain=forward src-address=80.80.1.0/24 p2p=warez action=drop comment="" disabled=no
add chain=forward src-address=175.0.0.0/8 dst-address=175.0.0.0/8 action=log log-prefix=""
comment="Bloqueia tr fego entre clientes na rede" disabled=no
add chain=forward src-address=175.0.0.0/8 dst-address=175.0.0.0/8 action=drop comment=""
disabled=no
add chain=virus protocol=tcp dst-port=445 action=log log-prefix="" comment="Bloqueio de
VIRUS conhecidos" disabled=no
add chain=virus protocol=tcp dst-port=445 action=drop comment="" disabled=no
add chain=virus protocol=udp dst-port=445 action=log log-prefix="" comment="" disabled=no
add chain=virus protocol=udp dst-port=445 action=drop comment="" disabled=no
add chain=virus protocol=tcp dst-port=593 action=log log-prefix="" comment="" disabled=no
add chain=virus protocol=tcp dst-port=1433-1434 action=log log-prefix="" comment=""
disabled=no
add chain=virus protocol=tcp dst-port=1433-1434 action=drop comment="" disabled=no
add chain=virus protocol=tcp dst-port=1024-1030 action=log log-prefix="" comment=""
disabled=no
add chain=virus protocol=tcp dst-port=135-139 action=log log-prefix="" comment="Drop
Blaster Worm" disabled=no
add chain=virus protocol=udp dst-port=135-139 action=log log-prefix="" comment="Drop
Messenger Worm" disabled=no
add chain=virus protocol=udp dst-port=135-139 action=drop comment="" disabled=no
add chain=virus protocol=tcp dst-port=445 action=log log-prefix="" comment="Drop Blaster
Worm" disabled=no
add chain=virus protocol=udp dst-port=445 action=log log-prefix="" comment="Drop Blaster
Worm" disabled=no
add chain=virus protocol=tcp dst-port=593 action=log log-prefix="" comment="________"
disabled=no
add chain=virus protocol=tcp dst-port=1024-1030 action=log log-prefix=""
comment="________" disabled=no
add chain=virus protocol=tcp dst-port=1080 action=log log-prefix="" comment="Drop MyDoom"
disabled=no
disabled=no
add chain=virus protocol=tcp dst-port=1363 action=log log-prefix="" comment="ndm requester"
disabled=no
add chain=virus protocol=tcp dst-port=1364 action=log log-prefix="" comment="ndm server"
disabled=no
add chain=virus protocol=tcp dst-port=1368 action=log log-prefix="" comment="screen cast"
disabled=no
add chain=virus protocol=tcp dst-port=1373 action=log log-prefix="" comment="hromgrafx"
disabled=no
add chain=virus protocol=tcp dst-port=1377 action=log log-prefix="" comment="cichlid"
disabled=no
add chain=virus protocol=tcp dst-port=1433-1434 action=log log-prefix="" comment="Worm"
disabled=no
add chain=virus protocol=tcp dst-port=2745 action=log log-prefix="" comment="Bagle Virus"
disabled=no
add chain=virus protocol=tcp dst-port=2283 action=log log-prefix="" comment="Drop
Dumaru.Y" disabled=no
add chain=virus protocol=tcp dst-port=2535 action=log log-prefix="" comment="Drop Beagle"
disabled=no
add chain=virus protocol=tcp dst-port=2745 action=log log-prefix="" comment="Drop Beagle.CK" disabled=no
porta proxy" disabled=no
add chain=virus protocol=tcp dst-port=3410 action=log log-prefix="" comment="Drop Backdoor
OptixPro" disabled=no
add chain=virus protocol=tcp dst-port=4444 action=log log-prefix="" comment="Worm"
disabled=no
add chain=virus protocol=udp dst-port=4444 action=log log-prefix="" comment="Worm"
disabled=no
add chain=virus protocol=tcp dst-port=5554 action=log log-prefix="" comment="Drop Sasser"
disabled=no
add chain=virus protocol=tcp dst-port=8866 action=log log-prefix="" comment="Drop Beagle.B"
disabled=no
add chain=virus protocol=tcp dst-port=9898 action=log log-prefix="" comment="Drop Dabber.AB" disabled=no

MyDoom.B" disabled=no
add chain=virus protocol=tcp dst-port=12345 action=log log-prefix="" comment="Drop NetBus"
disabled=no
add chain=virus protocol=tcp dst-port=17300 action=log log-prefix="" comment="Drop Kuang2"
disabled=no
SubSeven" disabled=no
add chain=virus protocol=tcp dst-port=65506 action=log log-prefix="" comment="Drop PhatBot,
Agobot, Gaobot" disabled=no
Blaster Worm" disabled=no
add chain=virus protocol=udp dst-port=135-139 action=log log-prefix="" comment="Drop
Messenger Worm" disabled=no
add chain=virus protocol=udp dst-port=135-139 action=drop comment="" disabled=no
add chain=virus protocol=tcp dst-port=445 action=log log-prefix="" comment="Drop Blaster
Worm" disabled=no
add chain=virus protocol=udp dst-port=445 action=log log-prefix="" comment="Drop Blaster
Worm" disabled=no
disabled=no
add chain=virus protocol=tcp dst-port=1024-1030 action=log log-prefix=""
comment="________" disabled=no
add chain=virus protocol=tcp dst-port=1080 action=log log-prefix="" comment="Drop MyDoom"
disabled=no
disabled=no

add chain=virus protocol=tcp dst-port=1363 action=log log-prefix="" comment="ndm requester"
disabled=no
add chain=virus protocol=tcp dst-port=1364 action=log log-prefix="" comment="ndm server"
disabled=no
add chain=virus protocol=tcp dst-port=1368 action=log log-prefix="" comment="screen cast"
disabled=no
add chain=virus protocol=tcp dst-port=1373 action=log log-prefix="" comment="hromgrafx"
disabled=no
add chain=virus protocol=tcp dst-port=1377 action=log log-prefix="" comment="cichlid"
disabled=no
add chain=virus protocol=tcp dst-port=1433-1434 action=log log-prefix="" comment="Worm"
disabled=no
add chain=virus protocol=tcp dst-port=2745 action=log log-prefix="" comment="Bagle Virus"
disabled=no
add chain=virus protocol=tcp dst-port=2535 action=log log-prefix="" comment="Drop Beagle"
disabled=no
add chain=virus protocol=tcp dst-port=2745 action=log log-prefix="" comment="Drop Beagle.CK" disabled=no
MyDoom" disabled=no
add chain=virus protocol=tcp dst-port=3410 action=log log-prefix="" comment="Drop Backdoor
OptixPro" disabled=no
add chain=virus protocol=tcp dst-port=4444 action=log log-prefix="" comment="Worm"
disabled=no
add chain=virus protocol=udp dst-port=4444 action=log log-prefix="" comment="Worm"
disabled=no
add chain=virus protocol=tcp dst-port=5554 action=log log-prefix="" comment="Drop Sasser"
disabled=no
add chain=virus protocol=tcp dst-port=8866 action=log log-prefix="" comment="Drop Beagle.B"
disabled=no
add chain=virus protocol=tcp dst-port=9898 action=log log-prefix="" comment="Drop Dabber.AB" disabled=no
MyDoom.B" disabled=no
add chain=virus protocol=tcp dst-port=12345 action=log log-prefix="" comment="Drop NetBus"
disabled=no
add chain=virus protocol=tcp dst-port=17300 action=log log-prefix="" comment="Drop Kuang2"
disabled=no
SubSeven" disabled=no
add chain=virus protocol=tcp dst-port=65506 action=log log-prefix="" comment="Drop PhatBot,
Agobot, Gaobot" disabled=no
add chain=forward dst-address=69.5.88.0/24 action=log log-prefix="" comment="Bloqueio Site
www.megaclick.com" disabled=no
add chain=forward dst-address=69.5.88.0/24 action=drop comment="" disabled=no
add chain=forward dst-address=204.16.252.0/24 action=log log-prefix="" comment="Bloqueio
Virus Orkut" disabled=no
add chain=forward dst-address=82.204.219.0/24 action=log log-prefix="" comment="Virus msn"
disabled=no
# Etapa6
# Configurando Regras de NAT do Firewall
/ ip firewall nat
add chain=dstnat src-address=175.0.2.2 action=dst-nat to-addresses=200.221.2.45 to-ports=065535 comment="REDIRECIONA CLIENTE BLOQUEADO PARA TELA DE AVISO" disabled=yes
add chain=dstnat in-interface=Interna dst-address=200.201.160.0/24 protocol=tcp dst-port=80
action=accept comment="Repassa tr fego programas da Caixa Econ mica" disabled=yes
action=accept comment="" disabled=yes
add chain=srcnat out-interface=Link_A action=masquerade comment="NAT - Network Address
Translator" disabled=no
add chain=srcnat out-interface=Link_B action=masquerade comment="" disabled=no
add chain=dstnat in-interface=Interna action=redirect to-ports=8080 comment="" disabled=no
# Etapa7
# Configurando Servicos do Sistema
/ ip service
set telnet port=23 address=0.0.0.0/0 disabled=yes
set ftp port=21 address=0.0.0.0/0 disabled=no
set www port=80 address=0.0.0.0/0 disabled=no
set ssh port=22 address=0.0.0.0/0 disabled=yes
set www-ssl port=443 address=0.0.0.0/0 certificate=none disabled=yes
# Etapa8
# Configurando do Servidor de DNS
/ ip dns
set primary-dns=192.168.36.2 secondary-dns=142.86.92.1 allow-remote-requests=yes cache-
size=4096KiB cache-max-ttl=1w
# Etapa9
# Configurando Servidor Proxy
/ ip proxy
set enabled=no port=8080 parent-proxy=0.0.0.0:0 maximal-client-connecions=1000 maximalserver-connectons=1000
/ ip proxy access
add dst-port=23-25 action=deny comment="block telnet & spam e-mail relaying" disabled=no
# Etapa10
# Configurando regras de acesso ao proxy
/ ip proxy access
add dst-port=23-25 action=deny comment="block telnet & spam e-mail relaying" disabled=no
# Etapa11
# Configurando Web-Proxy
# Etapa11-1 Configurando Cache
/ ip web-proxy cache
add url=":cgi-bin \\?" action=deny comment="don't cache dynamic http pages" disabled=no
add url="https://" action=deny comment="no cache dynamic https pages" disabled=no
add url="http*youtube*get_video*" action=allow comment="youtube" disabled=no
# Etapa12
# Configurando Queue
# Configurando Simple Queue
/ queue simple
add name="Cache Full" dst-address=0.0.0.0/0 interface=all parent=none packetmarks=proxyfull direction=both priority=8 queue=default-small/default-small limit-at=0/0
max-limit=0/0 total-queue=default-small disabled=no

# Configurando Tree Queue
/ queue tree
add name="Q.o.S - Quality of Service" parent=global-total packet-mark="" limit-at=0
queue=default priority=1 max-limit=1280000 burst-limit=0 burst-threshold=0 burst-time=0s
disabled=no
add name="1 - Navegacao" parent="Q.o.S - Quality of Service" packet-mark=NavegacaoPacotes limit-at=600000 queue=default priority=1 max-limit=1000000 burst-limit=0 burstthreshold=0 burst-time=0s disabled=no
add name="2 - Messenger" parent="Q.o.S - Quality of Service" packet-mark=Messenger-Pacotes
limit-at=512000 queue=default priority=1 max-limit=900000 burst-limit=0 burst-threshold=0
burst-time=0s disabled=no
add name="2 - E-mail" parent="Q.o.S - Quality of Service" packet-mark=E-mail-Pacotes limitat=512000 queue=default priority=2 max-limit=900000 burst-limit=0 burst-threshold=0 bursttime=0s disabled=no
add name="8 - P2P" parent="Q.o.S - Quality of Service" packet-mark=P2P-Pacotes limit-at=0
queue=default priority=8 max-limit=32000 burst-limit=0 burst-threshold=0 burst-time=0s
disabled=no
add name="4 - Acesso-Remoto" parent="Q.o.S - Quality of Service" packet-mark=AcessoRemoto-Pacotes limit-at=256000 queue=default priority=3 max-limit=512000 burst-limit=0
burst-threshold=0 burst-time=0s disabled=no
add name="5 - ICMP" parent="Q.o.S - Quality of Service" packet-mark=ICMP-Pacotes limitat=256000 queue=default priority=8 max-limit=512000 burst-limit=0 burst-threshold=0 bursttime=0s disabled=no
add name="6 - UDP" parent="Q.o.S - Quality of Service" packet-mark=UDP-Pacotes limitat=700000 queue=default priority=8 max-limit=700000 burst-limit=0 burst-threshold=0 bursttime=0s disabled=no
add name="7 - Outros" parent="Q.o.S - Quality of Service" packet-mark=Outros-Pacotes limitat=0 queue=default priority=8 max-limit=700000 burst-limit=0 burst-threshold=0 bursttime=0s disabled=no
add name="3 - Banco-Dados" parent="Q.o.S - Quality of Service" packet-mark=Banco-DadosPacotes limit-at=256000 queue=default priority=6 max-limit=512000 burst-limit=0 burstthreshold=0 burst-time=0s disabled=no
add name="3 - Jogos" parent="Q.o.S - Quality of Service" packet-mark=Jogos-Pacotes limitat=512000 queue=default priority=6 max-limit=900000 burst-limit=0 burst-threshold=0 bursttime=0s disabled=no
# Etapa13
# Configurando Usuarios do Sistema

/ user
add name="dennis.siade.adm" group=full pass=$$$$$$$$$$ address=0.0.0.0/0
comment="system default user" disabled=no
/ user group
add name="read" policy=local,telnet,ssh,reboot,read,test,winbox,password,web,!ftp,!write,!
policy
add name="write" policy=local,telnet,ssh,reboot,read,write,test,winbox,password,web,!ftp,!
policy
add name="full"
policy=local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,password,web
/ user aaa
set use-radius=no accounting=yes interim-update=0s default-group=read
Pronto para usar.

Servidor Mikrotik Pronto Pra Usar

Enviado por

Dados do documento

Direitos autorais

Formatos disponíveis

Compartilhar este documento

Compartilhar ou incorporar documento

Opções de compartilhamento

Você considera este documento útil?

Este conteúdo é inapropriado?

Direitos autorais:

Formatos disponíveis

Servidor Mikrotik Pronto Pra Usar

Enviado por

Direitos autorais:

Formatos disponíveis

Wireless N Access Point

O ponto de acesso substitui ou acrescenta funcionalidades WiFi N a um modem/router ou box

add chain=virus protocol=tcp dst-port=10000 action=log log-prefix="" comment="Drop

add chain=virus protocol=tcp dst-port=1214 action=drop comment="" disabled=no

max-limit=0/0 total-queue=default-small disabled=no

# Configurando Usuarios do Sistema

Você também pode gostar