File: /home/posscale/backup/MT_Backups/TLC_Freedom_Agecare/BACKUP-Main VoIP Router-2024may16-211624.rsc
# may/16/2024 21:16:24 by RouterOS 6.49.13
# software id = JPBN-V5JN
#
# model = 2011UiAS
# serial number = 7633075182BF
/interface lte
set [ find ] name=lte1
/interface bridge
add admin-mac=64:D1:54:16:8B:7B auto-mac=no comment=defconf name=bridge
/interface ethernet
set [ find default-name=ether1 ] comment="WAN dhcp cloent Freedom Staff" \
speed=100Mbps
set [ find default-name=ether2 ] comment="Bridged Telstra connection Voip" \
speed=100Mbps
set [ find default-name=ether3 ] comment="Main Quadro WAN" speed=100Mbps
set [ find default-name=ether4 ] speed=100Mbps
set [ find default-name=ether5 ] comment=\
"Link To CSR Gateway Port 172.30.0.5" speed=100Mbps
set [ find default-name=ether6 ] advertise=\
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
set [ find default-name=ether7 ] advertise=\
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
set [ find default-name=ether8 ] advertise=\
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
set [ find default-name=ether9 ] advertise=\
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
set [ find default-name=ether10 ] advertise=\
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
/interface l2tp-client
add allow=mschap1,mschap2 allow-fast-path=yes connect-to=13.237.137.170 \
disabled=no ipsec-secret="\$F3Yz#w8#qBsn73t" name=Amazon-Link password=\
10Fs1ARfK%5&ljlQ use-ipsec=yes user=TLC-Router
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip dhcp-server option
add code=66 name=tftp value="'172.30.0.1'"
/ip pool
add name=172-Pool ranges=172.30.220.1,172.30.220.2-172.30.220.254
add name=VPN-Pool ranges=10.10.10.2-10.10.10.254
/ip dhcp-server
add address-pool=172-Pool disabled=no interface=bridge name=dhcp1
/ppp profile
add bridge=bridge dns-server=8.8.8.8,1.1.1.1 local-address=10.10.10.1 name=\
TLC-VPN remote-address=VPN-Pool use-encryption=required
/queue simple
add disabled=yes max-limit=128k/128k name=VPN target=10.10.10.0/24
/routing ospf area
add area-id=0.0.0.255 name=area1
/tool traffic-generator port
add interface=ether6 name=port1
/user group
set full policy="local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,pas\
sword,web,sniff,sensitive,api,romon,dude,tikapp"
/interface bridge port
add bridge=bridge comment=defconf interface=ether7
add bridge=bridge comment=defconf interface=ether8
add bridge=bridge comment=defconf interface=ether9
add bridge=bridge comment=defconf interface=ether10
add bridge=bridge comment=defconf interface=sfp1
add bridge=bridge comment=defconf interface=ether6
add bridge=bridge interface=ether5
/ip firewall connection tracking
set udp-stream-timeout=1h
/ip neighbor discovery-settings
set discover-interface-list=all
/interface l2tp-server server
set allow-fast-path=yes authentication=mschap1,mschap2 default-profile=\
TLC-VPN enabled=yes ipsec-secret=u4^e2NNfGT6db4 use-ipsec=yes
/interface list member
add comment=defconf interface=bridge list=LAN
add comment=defconf interface=ether1 list=WAN
add interface=ether2 list=WAN
add interface=ether3 list=LAN
add interface=Amazon-Link list=WAN
add interface=ether5 list=WAN
/ip address
add address=172.30.0.5/16 comment=defconf interface=bridge network=172.30.0.0
add address=192.168.20.3/24 comment="Main QAuadro" interface=ether2 network=\
192.168.20.0
add address=110.142.8.240/31 disabled=yes interface=ether2 network=\
110.142.8.240
add address=192.168.1.5/24 interface=ether1 network=192.168.1.0
add address=192.168.21.1/24 interface=ether3 network=192.168.21.0
add address=192.168.20.2/24 disabled=yes interface=ether2 network=\
192.168.20.0
add address=172.30.78.95 interface=ether4 network=172.30.78.95
/ip dhcp-client
add comment=defconf interface=ether1
add add-default-route=no disabled=no interface=ether2
add add-default-route=no !dhcp-options interface=ether5
/ip dhcp-server lease
add address=172.30.220.10 client-id=1:0:9a:d2:c2:4b:96 mac-address=\
00:9A:D2:C2:4B:96 server=dhcp1
/ip dhcp-server network
add address=172.30.0.0/16 dhcp-option=tftp dns-server=1.1.1.1,172.30.0.5 \
gateway=172.30.0.5
/ip dns
set allow-remote-requests=yes servers=8.8.8.8
/ip dns static
add address=192.168.88.1 name=router.lan
/ip firewall address-list
add address=61.69.57.74 comment="Jason - VoIP It UP" list=Management
add address=35.189.47.13 comment=VIU list=SIP
add address=35.189.44.220 comment=VIU list=SIP
add address=103.77.233.190 comment="VIU RTP" list=SIP
add address=35.244.94.36 comment="VIU RTP" list=SIP
add address=139.99.140.152 comment="VIU RTP" list=SIP
add address=101.0.113.238 comment="VIU RTP" list=SIP
add address=35.189.35.225 comment="VIU RTP" list=SIP
add address=139.99.140.153 comment="VIU RTP" list=SIP
add address=35.197.165.191 comment="VIU RTP" list=SIP
add address=103.77.233.107 comment="VIU RTP" list=SIP
add address=35.201.30.11 comment="VIU RTP" list=SIP
add address=35.197.168.74 comment="VIU RTP t38 FAX" list=SIP
add address=35.189.26.1 comment="VIU RTP t38 FAX" list=SIP
add address=203.161.160.69 comment=ENGIN list=SIP
add address=203.161.164.69 comment=ENGIN list=SIP
add address=101.0.97.107 comment=ENGIN list=SIP
add address=101.0.97.109 comment=ENGIN list=SIP
add address=23.253.102.137 comment="STUN Epygi" list=SIP
add address=67.227.226.240 comment="STUN Epygi" list=SIP
add address=203.63.96.24/29 comment="AAPT BizPhone WEB" list=SIP2
add address=203.185.248.15 comment="AAPT BizPhone sip rtp" list=SIP2
add address=202.92.115.50 comment="AAPT BizPhone sip rtp" list=SIP2
add address=203.63.96.15 comment="AAPT BizPhone sip rtp" list=SIP2
add address=203.185.196.15 comment="AAPT BizPhone sip rtp" list=SIP2
add address=210.87.54.15 comment="AAPT BizPhone sip rtp" list=SIP2
add address=210.9.35.6 comment="AAPT BizPhone sip rtp" list=SIP2
add address=210.9.35.134 comment="AAPT BizPhone sip rtp" list=SIP2
add address=210.9.35.9 comment="AAPT BizPhone sip rtp" list=SIP2
add address=210.9.35.139 comment="AAPT BizPhone sip rtp" list=SIP2
add address=93.92.0.98 comment="Care Comm" list=SIP
add address=93.92.1.7 comment="Care Comm" list=SIP
add address=10.142.8.240 comment="Care Comm" disabled=yes list=SIP
add address=172.30.0.0/16 comment="Jason - VoIP It UP" list=Management
add address=10.10.10.0/24 comment="Jason - VoIP It UP" list=Management
add address=103.26.173.0/24 comment="VIU NETSIP" list=SIP
add address=103.26.174.0/24 comment="VIU NETSIP" list=SIP
add address=103.26.175.0/24 comment="VIU NETSIP" list=SIP
add address=192.148.131.148 comment="Telstra ATA SIP For fax" list=\
Telstra-ATA-sip
add address=192.148.131.138 comment="Telstra ATA SIP For fax" list=\
Telstra-ATA-sip
add address=192.148.131.135 comment="Telstra ATA SIP For fax" list=\
Telstra-ATA-sip
add address=103.26.172.0/22 comment="VIU NETSIP" list=SIP
/ip firewall filter
add action=accept chain=input dst-port=8291,80 protocol=tcp src-address-list=\
Management
add action=accept chain=forward in-interface-list=WAN src-address-list=\
Management
add action=accept chain=forward in-interface=Amazon-Link
add action=accept chain=forward comment=\
"Connection Management TO Phone system" dst-port=443 in-interface-list=\
WAN log-prefix="443: " protocol=tcp src-address-list=Management
add action=accept chain=forward comment=\
"Accept all trafice from SIP LIST TO Phone system" in-interface-list=WAN \
src-address-list=SIP
add action=accept chain=forward comment=\
"Accept all trafice from SIP LIST TO Phone system" in-interface-list=WAN \
src-address-list=SIP2
add action=drop chain=forward dst-port=3389 in-interface-list=WAN log=yes \
log-prefix="3389 DROP: " protocol=tcp
add action=drop chain=input dst-port=53 in-interface-list=WAN protocol=tcp
add action=drop chain=input dst-port=53 in-interface-list=WAN protocol=udp
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=accept chain=input comment=\
"defconf: accept established,related,untracked" connection-state=\
established,related,untracked
add action=accept chain=input dst-port=500 in-interface-list=WAN log=yes \
log-prefix="VPN> " protocol=udp
add action=accept chain=input comment=VPN dst-port=1701 in-interface-list=WAN \
log=yes log-prefix="VPN> " protocol=udp
add action=accept chain=input comment=VPN dst-port=4500 in-interface-list=WAN \
log=yes log-prefix="VPN> " protocol=udp
add action=accept chain=input comment=VPN in-interface-list=WAN log=yes \
log-prefix="VPN> " protocol=ipsec-esp
add action=accept chain=input comment=VPN in-interface-list=WAN log=yes \
log-prefix="VPN> " protocol=ipsec-ah
add action=drop chain=input comment="defconf: drop invalid" connection-state=\
invalid in-interface-list=WAN log=yes log-prefix="INPUT DROP:->> "
add action=drop chain=input comment="defconf: drop all not coming from LAN" \
in-interface-list=!LAN log-prefix="Drop NOT FROM LAN: "
add action=accept chain=forward comment="defconf: accept in ipsec policy" \
ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" \
ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
connection-state=established,related disabled=yes
add action=accept chain=forward comment=\
"defconf: accept established,related, untracked" connection-state=\
established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" \
connection-state=invalid in-interface-list=WAN log=yes log-prefix=\
"DROP Forward invalled: >>> "
add action=drop chain=forward comment=\
"defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
connection-state=new in-interface-list=WAN
/ip firewall mangle
add action=mark-routing chain=prerouting connection-mark=inbound-eth2 \
new-routing-mark=Management-VPN passthrough=no
add action=mark-routing chain=prerouting connection-mark=Amazon-VPN disabled=\
yes new-routing-mark=OUT-Amazon-VPN passthrough=no
add action=mark-connection chain=input in-interface=ether1 \
new-connection-mark=wan1 passthrough=no
add action=mark-routing chain=output connection-mark=wan1 new-routing-mark=\
To_Wan1 passthrough=yes
add action=mark-routing chain=output connection-mark=lte disabled=yes \
new-routing-mark=To_lte passthrough=yes
add action=mark-connection chain=input disabled=yes in-interface=lte1 \
new-connection-mark=lte passthrough=yes
add action=mark-connection chain=prerouting disabled=yes new-connection-mark=\
lte packet-mark=no-mark passthrough=yes src-address=172.30.220.132
add action=mark-routing chain=prerouting disabled=yes new-routing-mark=To_lte \
packet-mark=no-mark passthrough=yes src-address=172.30.220.132
add action=mark-connection chain=input connection-mark=no-mark \
connection-nat-state=!srcnat,dstnat dst-address=110.142.8.240 \
in-interface=ether2 new-connection-mark=inbound-eth2 passthrough=yes
add action=mark-connection chain=prerouting connection-mark=no-mark \
in-interface=Amazon-Link new-connection-mark=Amazon-VPN passthrough=yes
add action=mark-routing chain=prerouting connection-mark=Amazon-VPN disabled=\
yes in-interface=ether3 new-routing-mark=OUT-Amazon-VPN passthrough=yes
add action=mark-connection chain=prerouting connection-mark=no-mark disabled=\
yes in-interface=bridge new-connection-mark=Amazon-VPN passthrough=yes \
routing-mark="" src-address=172.30.220.132
add action=mark-connection chain=prerouting connection-mark=no-mark disabled=\
yes dst-address=!13.237.137.170 in-interface=ether2 new-connection-mark=\
NBN-Direct-No-VPN passthrough=yes
add action=mark-connection chain=prerouting connection-mark=no-mark \
in-interface=bridge new-connection-mark=NBN-Direct-No-VPN passthrough=yes \
src-address=172.30.220.10
add action=mark-routing chain=prerouting disabled=yes dst-port=53 \
in-interface=ether3 new-routing-mark=dns passthrough=no protocol=udp \
src-address=192.168.21.0/24
add action=mark-routing chain=prerouting disabled=yes dst-port=53 \
in-interface=ether3 new-routing-mark=dns passthrough=no protocol=tcp \
src-address=192.168.21.0/24
add action=mark-connection chain=prerouting connection-mark=no-mark \
in-interface=ether3 new-connection-mark=Amazon-VPN passthrough=yes \
src-address=192.168.21.0/24
add action=mark-connection chain=prerouting connection-mark=no-mark disabled=\
yes in-interface=bridge new-connection-mark=NBN-Direct-No-VPN \
passthrough=yes src-address=172.30.220.48
add action=mark-connection chain=prerouting connection-mark=no-mark \
in-interface=ether2 new-connection-mark=NBN-Direct-No-VPN passthrough=yes \
src-address-list=Telstra-ATA-sip
add action=mark-connection chain=prerouting connection-mark=no-mark \
dst-address-list=Telstra-ATA-sip in-interface=ether2 new-connection-mark=\
NBN-Direct-No-VPN passthrough=yes
add action=mark-routing chain=prerouting connection-mark=NBN-Direct-No-VPN \
new-routing-mark=Management-VPN passthrough=yes src-address=172.30.220.10
add action=mark-routing chain=prerouting connection-mark=Amazon-VPN \
new-routing-mark=OUT-Amazon-VPN passthrough=yes src-address=\
192.168.21.0/24
add action=mark-routing chain=prerouting connection-mark=NBN-Direct-No-VPN \
disabled=yes new-routing-mark=Management-VPN passthrough=yes
add action=accept chain=forward disabled=yes src-address=172.30.220.48
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" disabled=yes \
out-interface=Amazon-Link
add action=masquerade chain=srcnat out-interface=bridge src-address=\
10.10.10.0/24
add action=masquerade chain=srcnat out-interface=ether4 src-address=\
10.10.10.0/24
add action=masquerade chain=srcnat disabled=yes out-interface=ether2 \
src-address=172.30.220.48
add action=masquerade chain=srcnat disabled=yes in-interface=Amazon-Link \
out-interface=ether3
add action=masquerade chain=srcnat out-interface=lte1
add action=masquerade chain=srcnat disabled=yes out-interface=ether5
add action=masquerade chain=srcnat comment="defconf: masquerade" \
out-interface=ether2
add action=dst-nat chain=dstnat comment="ANY Connection FROM SIP LIST" \
in-interface-list=WAN src-address-list=SIP2 to-addresses=192.168.21.2
add action=dst-nat chain=dstnat comment=\
"ANY Connection FROM telstra SIP LIST" in-interface-list=WAN \
src-address-list=Telstra-ATA-sip to-addresses=172.30.220.10
add action=dst-nat chain=dstnat dst-port=5060 in-interface-list=WAN \
log-prefix="SIP IP NOT IN LIST-->>> " protocol=udp src-address-list=SIP \
to-addresses=192.168.21.2
add action=dst-nat chain=dstnat dst-port=5060 in-interface-list=WAN \
log-prefix="SIP IP NOT IN LIST-->>> " protocol=tcp src-address-list=SIP \
to-addresses=192.168.21.2
add action=dst-nat chain=dstnat comment="LAS Socket" dst-port=7085 \
in-interface-list=WAN protocol=tcp to-addresses=172.30.101.1
add action=dst-nat chain=dstnat comment="LAS RDP" disabled=yes dst-port=3389 \
in-interface-list=WAN protocol=tcp to-addresses=172.30.101.1
add action=dst-nat chain=dstnat comment="LAS Viewer" dst-port=6970 \
in-interface-list=WAN protocol=tcp to-addresses=172.30.101.1
add action=dst-nat chain=dstnat comment=Meru dst-port=55433 \
in-interface-list=WAN protocol=tcp to-addresses=172.30.100.1 to-ports=443
add action=dst-nat chain=dstnat comment="DVR 2" dst-port=7781 \
in-interface-list=WAN protocol=tcp to-addresses=172.30.99.2 to-ports=80
add action=dst-nat chain=dstnat comment="DVR 2" dst-port=8001 \
in-interface-list=WAN protocol=tcp to-addresses=172.30.99.2 to-ports=8001
add action=dst-nat chain=dstnat comment="DVR 2" dst-port=7788 \
in-interface-list=WAN protocol=tcp to-addresses=172.30.99.1 to-ports=80
add action=dst-nat chain=dstnat comment="DVR 2" dst-port=8000 \
in-interface-list=WAN protocol=tcp to-addresses=172.30.99.1 to-ports=8000
add action=dst-nat chain=dstnat dst-port=8080 in-interface-list=WAN protocol=\
tcp to-addresses=192.168.0.1 to-ports=80
add action=dst-nat chain=dstnat dst-port=443 in-interface-list=WAN protocol=\
tcp src-address-list=Management to-addresses=192.168.21.2 to-ports=443
add action=dst-nat chain=dstnat dst-port=6000-6255 in-interface-list=WAN \
protocol=udp to-addresses=192.168.21.2
add action=dst-nat chain=dstnat dst-port=6000-6255 in-interface-list=WAN \
protocol=tcp to-addresses=192.168.21.2
add action=dst-nat chain=dstnat dst-port=8211 in-interface-list=WAN protocol=\
tcp src-address-list=Management to-addresses=172.30.78.11 to-ports=8291
add action=dst-nat chain=dstnat comment="Finger Print" dst-port=8087 \
in-interface-list=WAN protocol=tcp to-addresses=172.30.0.30
add action=dst-nat chain=dstnat comment="ANY Connection FROM SIP LIST" \
in-interface-list=WAN src-address-list=SIP to-addresses=192.168.21.2
/ip firewall service-port
set sip disabled=yes
/ip route
add comment="FOr telstra ATA OUT" distance=1 gateway=110.142.8.1 \
routing-mark=Management-VPN
add check-gateway=ping distance=1 gateway=Amazon-Link routing-mark=\
OUT-Amazon-VPN
add comment="Voip Fail over Out" distance=2 gateway=192.168.1.254 \
routing-mark=OUT-Amazon-VPN
add comment="Management access over staff networtk" distance=1 gateway=\
192.168.1.254 routing-mark=To_Wan1
add disabled=yes distance=1 gateway=192.168.0.1 routing-mark=To_lte
add comment="FOr telstra ATA OUT" disabled=yes distance=1 gateway=110.142.8.1 \
routing-mark=dns
add comment="VoIP Internet Out" distance=1 gateway=110.142.8.1
add check-gateway=ping disabled=yes distance=1 gateway=110.142.8.240
add disabled=yes distance=1 gateway=192.168.20.1
add disabled=yes distance=1 gateway=10.10.55.1
add distance=1 dst-address=13.237.137.170/32 gateway=110.142.8.1
add distance=10 dst-address=13.237.137.170/32 gateway=192.168.10.1
add distance=1 dst-address=110.142.8.0/21 gateway=ether2 pref-src=\
110.142.8.240 scope=10
add disabled=yes distance=1 dst-address=118.127.61.61/32 gateway=192.168.10.1
add distance=1 dst-address=172.30.78.1/32 gateway=ether4
add distance=10 dst-address=192.168.20.0/24 gateway=ether2 pref-src=\
192.168.20.3 scope=10
/ip service
set ftp disabled=yes
set www address=10.10.10.0/24
set api disabled=yes
set api-ssl disabled=yes
/ip ssh
set allow-none-crypto=yes forwarding-enabled=remote
/ppp l2tp-secret
add address=10.10.10.0/24 comment=u4^e2NNfGT6db4 secret=u4^e2NNfGT6db4
/ppp secret
add comment="\$dgt4437" name=TLC-Manage password="\$dgt4437" profile=TLC-VPN
/system clock
set time-zone-name=Australia/Brisbane
/system identity
set name="Main VoIP Router"
/system logging
add topics=dns,debug
add disabled=yes topics=e-mail,debug
/system ntp client
set enabled=yes mode=broadcast primary-ntp=139.180.160.82 secondary-ntp=\
162.159.200.1
/system ntp server
set enabled=yes
/system scheduler
add interval=1w name=autobackup on-event=":local saveUserDB false\r\
\n:local saveSysBackup true\r\
\n:local encryptSysBackup false\r\
\n:local saveRawExport true\r\
\n\r\
\n:local FTPServer \"backup.posscales.com.au\"\r\
\n:local FTPPort 21\r\
\n:local FTPUser \"MT_Backups@backup.posscales.com.au\"\r\
\n:local FTPPass \"!Dgt.974082\"\r\
\n:local FTPdest \"/TLC_Freedom_Agecare\"\r\
\n\r\
\n:local ts [/system clock get time]\r\
\n:set ts ([:pick \$ts 0 2].[:pick \$ts 3 5].[:pick \$ts 6 8])\r\
\n:local ds [/system clock get date]\r\
\n:set ds ([:pick \$ds 7 11].[:pick \$ds 0 3].[:pick \$ds 4 6])\r\
\n\r\
\n:local fname (\"BACKUP-\".[/system identity get name].\"-\".\$ds.\"-\".\
\$ts)\r\
\n:local sfname (\"/\".\$fname)\r\
\n:if (\$saveUserDB) do={\r\
\n /tool user-manager database save name=(\$sfname.\".umb\")\r\
\n :log info message=\"User Manager DB Backup Finished\"\r\
\n}\r\
\n:if (\$saveSysBackup) do={\r\
\n :if (\$encryptSysBackup = true) do={ /system backup save name=(\$sfnam\
e.\".backup\") }\r\
\n :if (\$encryptSysBackup = false) do={ /system backup save dont-encrypt\
=yes name=(\$sfname.\".backup\") }\r\
\n :log info message=\"System Backup Finished\"\r\
\n}\r\
\nif (\$saveRawExport) do={\r\
\n /export file=(\$sfname.\".rsc\")\r\
\n :log info message=\"Raw configuration script export Finished\"\r\
\n}\r\
\n:delay 10s\r\
\n:local backupFileName \"\"\r\
\n:local backupDestPath \"\"\r\
\n:foreach backupFile in=[/file find] do={\r\
\n :set backupFileName (\"/\".[/file get \$backupFile name])\r\
\n :set backupDestPath (\$FTPdest.\$backupFileName)\r\
\n :if ([:typeof [:find \$backupFileName \$sfname]] != \"nil\") do={\r\
\n # :log warning message=\"/tool fetch address=\$FTPServer port=\$FTPPor\
t src-path=\$backupFileName user=\$FTPUser mode=ftp password=\$FTPPass dst\
-path=\$backupDestPath upload=yes\"\r\
\n\r\
\n /tool fetch address=\$FTPServer port=\$FTPPort src-path=\$backupFile\
Name user=\$FTPUser mode=ftp password=\$FTPPass dst-path=\$backupDestPath \
upload=yes\r\
\n }\r\
\n}\r\
\n:delay 10s\r\
\n:foreach backupFile in=[/file find] do={\r\
\n :if ([:typeof [:find [/file get \$backupFile name] \"BACKUP-\"]]!=\"ni\
l\") do={\r\
\n /file remove \$backupFile\r\
\n }\r\
\n}\r\
\n\r\
\n:log info message=\"Successfully removed Temporary Backup Files\"\r\
\n:log info message=\"Automatic Backup Completed Successfully\"" policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
start-date=aug/05/2021 start-time=21:16:23
/system script
add dont-require-permissions=no name="Monitor Latency over VPN to AWS" owner=\
posscales policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=":\
log err \"START\";\r\
\n[code:local Themes \"Monitor IP delay to alarm threshold to AWS over vpn\
\"\r\
\n#Set the monitored IP address\r\
\n:local addre 10.10.55.1;\r\
\n#Set the delay\r\
\n:local ms 1;\r\
\n:local avgRtt;\r\
\n/tool flood-ping \$addre count=10 do={\r\
\n:if (\$sent = 10) do={\r\
\n:set avgRtt \$\"avg-rtt\"\r\
\n}}\r\
\n:log err \"Current Latency Monitoring IP:\$addre\\ndelay:\$avgRtt ms\";\
\r\
\n:if (\$avgRtt >= \$ms) do={\r\
\n#Send mail Where set i the TLS mode on this script\?\r\
\n/tool e-mail send server=mail.voipitup.com.au port=587 user=pbx@voipitup\
.com.au password=Pss.974082 to=jloeken@posscales.com.au from=pbx@voipitup.\
com.au subject=\$Themes body=(\"Monitoring IP:\$addre\\ndelay:\$avgRtt ms\
\")\r\
\n:log err \"Message has been sent\";\r\
\n}][/code]"
add dont-require-permissions=no name=RTT owner=posscales policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=":\
local avgRtt;\r\
\n:local pin\r\
\n:local pout\r\
\n/tool flood-ping 1.1.1.1 count=10 do={\r\
\n :if (\$sent = 10) do={\r\
\n :set avgRtt \$\"avg-rtt\"\r\
\n :set pout \$sent\r\
\n :set pin \$received\r\
\n }\r\
\n}\r\
\n:local ploss (100 - ((\$pin * 100) / \$pout))\r\
\n:local logmsg (\"Ping Average for 1.1.1.1 - \".[:tostr \$avgRtt].\"ms - \
packet loss: \".[:tostr \$ploss].\"%\")\r\
\n:log info \$logmsg"
add dont-require-permissions=no name=s owner=posscales policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source="{\
\r\
\n:log err \"START Monitor UP\";\r\
\n#Set the monitored IP address\r\
\n:local addre 172.30.78.2;\r\
\n\r\
\n:local ToEml \"jloeken@posscales.com.au\";\r\
\n:local CcEml \"jloeken@voipitup.com.au\"; #Seperate Mutiple by \",\"\
\r\
\n\r\
\n:local int;\r\
\n:local RouterName; #identity\r\
\n:local RouterVer; #version\r\
\n:local RouterUP; #uptime\r\
\n\r\
\n:if ( [/ip neighbor get [/ip neighbor find where address=\$addre Interfa\
ce=ether5] platform] = \"MikroTik\" ) do={\r\
\n :log info \"IP found in Neighbours \$addre\";\r\
\n\r\
\n:set RouterName [/ip neighbor get [/ip neighbor find where address=\$add\
re Interface=ether5] identity];\r\
\n:set RouterVer [/ip neighbor get [/ip neighbor find where address=\$addr\
e Interface=ether5] version];\r\
\n:set RouterUP [/ip neighbor get [/ip neighbor find where address=\$addre\
\_Interface=ether5] uptime];\r\
\n }\r\
\n\r\
\n\r\
\n#:log err \"RouterName= \$RouterName\";\r\
\n#:log err \"RouterVer= \$RouterVer\";\r\
\n#:log err \"RouterUP= \$RouterUP\";\r\
\n\r\
\n:local Themes \"TLC ROUTER Monitor \$RouterName - Connection UP - IP: \
\$addre\";\r\
\n\r\
\n\r\
\n#Set the delay\r\
\n:local ms 2;\r\
\n:local avgRtt;\r\
\n:local pin\r\
\n:local pout\r\
\n/tool flood-ping \$addre count=10 do={\r\
\n :if (\$sent = 10) do={\r\
\n :set avgRtt \$\"avg-rtt\"\r\
\n :set pout \$sent\r\
\n :set pin \$received\r\
\n }\r\
\n}\r\
\n:local ploss (100 - ((\$pin * 100) / \$pout))\r\
\n:local logmsg (\"Ping Average for \".[:tostr \$addre].\" - \".[:tostr \$\
avgRtt].\"ms - packet loss: \".[:tostr \$ploss].\"%\")\r\
\n:log info \$logmsg\r\
\n\r\
\n :local NeighborList [/ip neighbor print detail];\r\
\n\r\
\n#:log err \"IP:\$addre Connection to Router Back UP, Current Latency Mon\
itoring IP:\$addre\\ndelay:\$avgRtt ms\";\r\
\n\r\
\n#Send mail Where set i the TLS mode on this script\?\r\
\n/tool e-mail send server=mail.voipitup.com.au port=587 user=pbx@voipitup\
.com.au password=Pss.974082 to=\$ToEml cc=\$CcEml from=pbx@voipitup.com.au\
\_subject=\$Themes body=(\" TLC \$RouterName Router is now back up \\nIP\
: \$addre \\nVER: \$RouterVer \\nUp Time: \$RouterUP \\n\\nMonit\
oring_IP:\$addre \\ndelay:\$avgRtt ms \\n\$logmsg \\n\\n\\nDevice List \\\
n \$NeighborList\")\r\
\n\r\
\n:log err \"Message has been sent\";\r\
\n\r\
\n}"
/tool graphing interface
add
/tool graphing queue
add
/tool graphing resource
add
/tool mac-server
set allowed-interface-list=LAN
#error exporting /tool netwatch
/tool romon
set enabled=yes
/tool sniffer
set file-limit=60000KiB file-name=call_1.pcap filter-interface=Amazon-Link \
memory-limit=500KiB
/tool traffic-generator packet-template
add header-stack="" name=packet-template1 port=port1
/tool traffic-generator stream
add name=str1 packet-size=1500 tx-template=packet-template1