Cerberus

i
Do you want to keep old configuration? [Y/n]: n

Continue, yes? [Y/n]:
y
Do you want to see the software license? [Y/n]:

n
Please press "Enter" to continue!

Enter
####
###
####
####
### Eliminar Configuracin Actual del Dispositivo
####
/system
reset-configuration no-defaults=yes
####
### Reiniciar el Dispositivo
####
/system
reboot
Reboot, yes? [Y,n]:
y
####
### Apagar el Dispositivo
####
/system
shutdown
Shutdown, yes? [Y,n]:
y
####
### Establecer Contrasea de usuario
####
/password
old-password: clave_actual
new-password: nueva_clave
confirm-new-password: nueva_clave
####
### Establecer Nombre del Dispositivo
####
/system identity
set name=nuevo_nombre
####
### Configurar Interfaces
####
/ip address
add address=10.0.2.15/24 interface=ether1
add address=192.168.0.1/24 interface=ether2
print
####
### Establecer el Gateway Principal
####
/ip route
add gateway 10.0.2.2
print
####
### Servidor: DNS
####
/ip dns
set servers=208.67.222.222,8.8.8.8
set allow-remote-requests=yes
print
####
### Servidor: DHCP
####
/ip pool
add name=ti_fn ranges=192.168.0.20-192.168.0.254
print
/ip dhcp-server lease

add address=192.168.0.2 mac-address=00:0C:29:34:7E:23 client-id="alfa-01"
/ip dhcp-server lease

add address=192.168.0.2 mac-address=00:0C:29:34:7E:23 client-id="alfa-01"
server=ti_fn use-src-mac=yes
make-static numbers=0
####
### Restriccion bi-direccional entre IP y MAC
####
/ip firewall filter

add chain=input src-address=192.168.0.2 src-mac-address=!00:0C:29:34:7E:23
action=drop disabled=no
add chain=input src-address=!192.168.0.2 src-mac-address=00:0C:29:34:7E:23
action=drop disabled=no
#
/ip dhcp-server
add name=ti_fn interface=ether2 address-pool=ti_fn relay=192.168.0.1 lease-time=10m
bootp-lease-time=forever authoritative=yes disabled=no
print
00:0C:29:C4:13:88
/ip dhcp-server network

add address=192.168.0.0/24 gateway=192.168.0.1 dns-server=192.168.0.1 wins-
server=192.168.0.1 domain=familynetpr.com
print
####
### Ver clientes del Servidor: DHCP
####
/ip arp
print
####
### NAT
####
/ip firewall nat

add chain=srcnat action=masquerade src-address=192.168.0.0/24 dst-address=0.0.0.0/0
out-interface=ether1 disabled=no
print
####
### Establecer Huso Horario
####
/system clock
set time-zone-autodetect=yes
set time-zone-name=America/Caracas
print
####
### Cliente: NTP
####
/system ntp client

set mode=unicast
set primary-ntp=[:resolve 0.south-america.pool.ntp.org]
set secondary-ntp=[:resolve 1.south-america.pool.ntp.org]
set enabled=yes
print
####
### Servidor: NTP
####
/system ntp server

set broadcast=yes
set multicast=yes
set manycast=no
set broadcast-addresses=192.168.0.1
set enabled=yes
print
####
### Web Proxy
####
/ip proxy
set enabled=yes
set src-address=0.0.0.0
set port=8080
set parent-proxy=0.0.0.0
set parent-proxy-port=0
set cache-administrator="webmaster"
set max-cache-size=none
set cache-on-disk=no
set max-client-connections=600
set max-server-connections=600
set max-fresh-time=3d
set always-from-cache=no
set cache-hit-dscp=4
set serialize-connections=no
print
# Proxy en Modo Transparente
/ip firewall nat

add chain=dstnat action=redirect to-ports=8080 protocol=tcp dst-port=80
print
# Evitar Proxy Abierto
/ip firewall filter

add chain=input action=drop protocol=tcp in-interface=ether1 dst-port=8080
print
# Evitar Descargas de Archivos de acuerdo a su Extensin
## Archivos Multimedia
/ip proxy access

add path=*.asf action=deny
add path=*.avi action=deny
add path=*.daa action=deny
add path=*.dat action=deny
add path=*.flv action=deny
add path=*.mkv action=deny
add path=*.mov action=deny
add path=*.mp3 action=deny
add path=*.mp4 action=deny
add path=*.mpg action=deny
add path=*.mpeg action=deny
add path=*.ram action=deny
add path=*.rmvb action=deny
add path=*.wav action=deny
add path=*.wmv action=deny
print
## Archivos Comprimidos
/ip proxy access

add path=*.7z action=deny
add path=*.rar action=deny
add path=*.zip action=deny
print
## Archivos Ofimticos
/ip proxy access

add path=*.pdf action=deny
add path=*.doc action=deny
add path=*.docx action=deny
add path=*.ppt action=deny
add path=*.pptx action=deny
add path=*.xls action=deny
add path=*.xlsx action=deny
print
## Archivos P2P
/ip proxy access

add path=*.torrent action=deny
print
# Evitar el Acceso a Sitios WEB especficos, utilizando su URL
/ip proxy access

add dst-host=www.vansol27.com action=deny
print
# Evitar el Acceso a Sitios WEB, de acuerdo a una palabra especfica contenido en

su URL
## Ejemplo: Bloquear acceso a facebook
/ip proxy access

add dst-host=:facebook action=deny
print
# Bloquear Acceso
/ip firewall filter

add chain=forward action=drop protocol=tcp src-address=192.168.0.0/24 dst-port=443
content=facebook
print
####
### Monitorear interfaces
####
/interface
print
monitor-traffic ether1,ether2
/interface
monitor-traffic etherX,...,wlanX
/ip address
print
add address XXX.XXX.XXX.XXX/XX interface=etherX
print

Cerberus

Enviado por

Dados do documento

Título original

Direitos autorais

Formatos disponíveis

Compartilhar este documento

Compartilhar ou incorporar documento

Opções de compartilhamento

Você considera este documento útil?

Este conteúdo é inapropriado?

Direitos autorais:

Formatos disponíveis

Cerberus

Enviado por

Direitos autorais:

Formatos disponíveis

i

Do you want to keep old configuration? [Y/n]: n

Do you want to see the software license? [Y/n]:

Please press "Enter" to continue!

/ip dhcp-server lease

/ip dhcp-server lease

/ip firewall filter

/ip dhcp-server network

/ip firewall nat

/system ntp client

/system ntp server

# Proxy en Modo Transparente

/ip firewall nat

# Evitar Proxy Abierto

/ip firewall filter

# Evitar Descargas de Archivos de acuerdo a su Extensin

/ip proxy access

/ip proxy access

/ip proxy access

/ip proxy access

# Evitar el Acceso a Sitios WEB especficos, utilizando su URL

/ip proxy access

# Evitar el Acceso a Sitios WEB, de acuerdo a una palabra especfica contenido en

## Ejemplo: Bloquear acceso a facebook

/ip proxy access

/ip firewall filter

Você também pode gostar