Scripts Mikrotik de Darato

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:::::::::::::::::::::::::::::::::::::::
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:::::::::::::::::::::::::::::::::::::::
NOTA: Si deseas usar el MODO BRIDGE, debes crear MODO BRIDGE y el ENLAZADO DE
PUERTOS AL MODO BRIDGE,
CAMBIAR la palabra "LAN" por "Bridge_LAN" en este documento, antes de agregar los
SCRIPTS y finalmente,
CAMBIAR el nombre de la Interface ether3, ether4 y ether5, por "LAN3, LAN4 y LAN5".
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:::::::::::::::::::::::::::::::::::::::
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:::::::::::::::::::::::::::::::::::::::
:::::::CONFIGURACION DE INTERFACES CON BRIDGE::::::::

/interface ethernet
set [ find default-name=ether1 ] comment="ENTRADAS WAN" name=WAN1
set [ find default-name=ether2 ] name=WAN2
set [ find default-name=ether5 ] comment="SALIDAS LAN" name=LAN
:::::::CREACIÓN DE MODO BRIDGE::::::::

/interface bridge
add comment="SALIDAS LAN" name=Bridge_LAN
:::::::ENLAZADO DE PUERTOS AL MODO BRIDGE::::::::

/interface bridge port
add bridge=Bridge_LAN interface=LAN3
:::::::DIRECCIONES DE LA RED::::::::
/ip address
add address=192.168.1.2/24 interface=WAN1 network=192.168.1.0
add address=192.168.2.2/24 interface=WAN2 network=192.168.2.0
add address=192.168.21.1/24 interface=LAN network=192.168.21.0
:::::::CONFIGURACIÓN DE LAS DNS::::::::

/ip dns
set allow-remote-requests=yes servers=200.48.225.130,200.48.225.146
:::::::ENMASCARADO DE LAS REDES::::::::

/ip firewall nat
add chain=srcnat out-interface=WAN1 action=masquerade
add chain=srcnat out-interface=WAN2 action=masquerade
:::::::RUTAS CON FAILOVER::::::::

/ip route
add check-gateway=ping distance=1 gateway=192.168.1.1 routing-mark=to_WAN1
add check-gateway=ping distance=1 gateway=192.168.2.1 routing-mark=to_WAN2
add check-gateway=ping distance=1 gateway=192.168.1.1
add check-gateway=ping distance=2 gateway=192.168.2.1
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
HASTA AQUI ES LA CONFIGURACIÓN BASICA EN ESTE PUNTO YA DEBERIAS TENER
ACCESO A INTERNET CON TOTAL NORMALIDAD SIN LIMITACIONES NI ADICIONALES
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:::::::CREACIÓN DE UN POOL DE IPS::::::::

/ip pool
add name=Pool_LAN ranges=192.168.21.101-192.168.21.254
:::::::CONFIGURACIÓN DEL DHCP SERVER CON MODO BRIDGE::::::::

/ip dhcp-server
add address-pool=Pool_LAN disabled=no interface=LAN name=DHCP_LAN
/ip dhcp-server config

set store-leases-disk=never
/ip dhcp-server network

add address=192.168.21.0/24 dns-server=200.48.225.130,200.48.225.146
gateway=192.168.21.1 ntp-server=216.239.35.4,200.189.40.8
:::::::IP CLOUD::::::::
/ip cloud
set ddns-enabled=yes
:::::::BALANCEO DE CARGA (ESTILO ANTIGUO)::::::::

/ip firewall mangle
add action=mark-connection chain=input in-interface=WAN1 new-connection-
mark=WAN1_conn
mark=WAN2_conn
add action=mark-routing chain=output connection-mark=WAN1_conn new-routing-
mark=WAN1_conn
mark=WAN2_conn
add chain=prerouting dst-address=192.168.1.0/24 in-interface=LAN
add chain=prerouting dst-address=192.168.2.0/24 in-interface=LAN
add action=mark-connection chain=prerouting dst-address-type=!local in-
interface=LAN new-connection-mark=WAN1_conn per-connection-classifier=both-
addresses-and-ports:2/0
interface=LAN new-connection-mark=WAN2_conn per-connection-classifier=both-
addresses-and-ports:2/1
add action=mark-routing chain=prerouting connection-mark=WAN1_conn in-interface=LAN
new-routing-mark=to_WAN1
new-routing-mark=to_WAN2
:::::::BALANCEO DE CARGA (ESTILO NUEVO)::::::::

/ip firewall mangle
mark=WAN1_conn passthrough=yes
add action=accept chain=prerouting dst-address=192.168.1.0/24 in-interface=LAN
add action=accept chain=prerouting dst-address=192.168.2.0/24 in-interface=LAN
interface=LAN new-connection-mark=WAN1_conn passthrough=yes per-connection-
classifier=both-addresses-and-ports:2/0
interface=LAN new-connection-mark=WAN2_conn passthrough=yes per-connection-
classifier=both-addresses-and-ports:2/1
new-routing-mark=to_WAN1 passthrough=yes
new-routing-mark=to_WAN2 passthrough=yes
:::::::QoS TRAFICO DE DNS::::::::

/ip firewall mangle
add action=mark-packet chain=prerouting comment="DNS Priority (Trafico de DNS)"
connection-mark=DNS_con new-packet-mark=DNS_pkt passthrough=no
add action=mark-packet chain=output new-packet-mark=DNS_pkt
add action=mark-connection chain=prerouting dst-port=53 new-connection-mark=DNS_con
protocol=udp
add action=mark-connection chain=output dst-port=53 new-connection-mark=DNS_con
protocol=udp
:::::::QoS TRAFICO DE ICMP::::::::

/ip firewall mangle
add action=mark-packet chain=prerouting comment="ICMP Priority (Trafico de PING)"
connection-mark=ICMP_con new-packet-mark=ICMP_pkt passthrough=no protocol=icmp
add action=mark-connection chain=prerouting in-interface=LAN new-connection-
mark=ICMP_con protocol=icmp
add action=mark-routing chain=prerouting comment="ICMP = WanX" connection-
mark=ICMP_con new-routing-mark=to_WAN1
:::::::QoS TRAFICO DE NAVEGACIÓN::::::::

/ip firewall mangle
add action=mark-packet chain=prerouting comment="WEB Priority (Trafico de
Navegacion)" connection-mark=NAVEGACION_con new-packet-mark=NAVEGACION_pkt
passthrough=no
add action=mark-connection chain=prerouting dst-address-list=!Youtube,Netflix dst-
port=80,8080,443 in-interface=LAN new-connection-mark=NAVEGACION_con protocol=tcp
add action=mark-connection chain=prerouting dst-address-list=!Youtube,Netflix dst-
port=80,8080,443 in-interface=LAN new-connection-mark=NAVEGACION_con protocol=udp
add action=mark-routing chain=prerouting comment="WEB = WanX" connection-
mark=NAVEGACION_con in-interface=LAN new-routing-mark=to_WAN1
:::::::QoS TRAFICO DE YOUTUBE::::::::

/ip firewall mangle
add action=mark-packet chain=prerouting comment="QUIC Protocol (Trafico de
Youtube)" connection-mark=QUIC_con new-packet-mark=QUIC_pkt passthrough=no
add action=mark-packet chain=forward new-packet-mark=QUIC_pkt passthrough=no src-
address-list=Youtube
add action=mark-connection chain=prerouting dst-address-list=Youtube dst-port=443
in-interface=LAN new-connection-mark=QUIC_con protocol=udp
add action=mark-connection chain=prerouting dst-address-list=Youtube dst-port=443
in-interface=LAN new-connection-mark=QUIC_con protocol=tcp
add action=mark-routing chain=prerouting comment="QUIC = WanX" connection-
mark=QUIC_con in-interface=LAN new-routing-mark=to_WAN1
:::::::QoS TRAFICO DE NETFLIX::::::::

/ip firewall mangle
add action=mark-packet chain=prerouting comment="NETFLIX Priority (Trafico de
Netflix)" connection-mark=NETFLIX_con new-packet-mark=NETFLIX_pkt passthrough=no
add action=mark-packet chain=forward new-packet-mark=NETFLIX_pkt passthrough=no
src-address-list=Netflix
add action=mark-connection chain=prerouting dst-address-list=Netflix in-
interface=LAN new-connection-mark=NETFLIX_con
add action=mark-routing chain=prerouting comment="NETFLIX = WanX" connection-
mark=NETFLIX_con new-routing-mark=to_WAN1
:::::::QoS TRAFICO DE JUEGOS::::::::
/ip firewall mangle
add action=mark-packet chain=prerouting comment="GAMES Priority (Trafico de
Juegos)" connection-mark=JUEGOS_con new-packet-mark=JUEGOS_pkt passthrough=no
add action=mark-connection chain=prerouting dst-port=27000-27050 in-interface=LAN
new-connection-mark=JUEGOS_con protocol=tcp
add action=mark-connection chain=prerouting dst-port=27000-27050 in-interface=LAN
new-connection-mark=JUEGOS_con protocol=udp
add action=mark-routing chain=prerouting comment="GAMES = WanX" connection-
mark=JUEGOS_con in-interface=LAN new-routing-mark=to_WAN1
add action=mark-connection chain=prerouting comment=Audition-OFF disabled=yes dst-
port="9110,12012,12013,18200,18201,18206,18300,18301,18306,18400,18401,18505,18506,
19000,19001" in-interface=LAN new-connection-mark=JUEGOS_con protocol=tcp
add action=mark-connection chain=prerouting disabled=yes dst-
port="9110,12012,12013,18200,18201,18206,18300,18301,18306,18400,18401,18505,18506,
19000,19001" in-interface=LAN new-connection-mark=JUEGOS_con protocol=udp
add action=mark-connection chain=prerouting comment=Blizzard-OFF disabled=yes dst-
port=1119,1120,3724,4000,6112-6114 in-interface=LAN new-connection-mark=JUEGOS_con
protocol=tcp
port=1119,1120,3478,3479,3724,4000,5060,5062,6112-6114,6250,12000-64000 in-
interface=LAN new-connection-mark=JUEGOS_con protocol=udp
add action=mark-connection chain=prerouting comment="Age Of Empires 2 & 3"
disabled=yes dst-port=4662,4672,4711 in-interface=LAN new-connection-
mark=JUEGOS_con protocol=tcp
add action=mark-connection chain=prerouting disabled=yes dst-port=4662,4672,4711
in-interface=LAN new-connection-mark=JUEGOS_con protocol=udp
add action=mark-connection chain=prerouting comment="ARK Survival Evolved"
disabled=yes dst-port=7777,7778,27015,27020 in-interface=LAN new-connection-
port=7777,7778,27015,27020 in-interface=LAN new-connection-mark=JUEGOS_con
protocol=udp
add action=mark-connection chain=prerouting comment="Arma 3" disabled=yes dst-
port=2300-2305,8766,27016 in-interface=LAN new-connection-mark=JUEGOS_con
protocol=tcp
add action=mark-connection chain=prerouting disabled=yes dst-port=2300-
2305,8766,27016 in-interface=LAN new-connection-mark=JUEGOS_con protocol=udp
add action=mark-connection chain=prerouting comment="Assassins Creed Syndicate"
disabled=yes dst-port=9103 in-interface=LAN new-connection-mark=JUEGOS_con
protocol=tcp
add action=mark-connection chain=prerouting disabled=yes dst-port=9103 in-
add action=mark-connection chain=prerouting comment="Assassins Creed Unity"
disabled=yes dst-port=3074,13000,13005,13200,14000,14008 in-interface=LAN new-
connection-mark=JUEGOS_con protocol=tcp
port=3074,13000,13005,13200,14000,14008 in-interface=LAN new-connection-
mark=JUEGOS_con protocol=udp
add action=mark-connection chain=prerouting comment=Battleborn disabled=yes dst-
port=3478,4379,4380,27000-27050 in-interface=LAN new-connection-mark=JUEGOS_con
protocol=tcp
protocol=udp
add action=mark-connection chain=prerouting comment="Battlefield 1" disabled=yes
dst-port=3659,5669 in-interface=LAN new-connection-mark=JUEGOS_con protocol=tcp
add action=mark-connection chain=prerouting disabled=yes dst-port=3659,5669 in-
add action=mark-connection chain=prerouting comment=Battlerite disabled=yes dst-
port=27000-27400,28000-28400 in-interface=LAN new-connection-mark=JUEGOS_con
protocol=tcp
27400,28000-28400 in-interface=LAN new-connection-mark=JUEGOS_con protocol=udp
add action=mark-connection chain=prerouting comment="Call of Duty: Advanced
Warfare, Black Ops 3, 4 & Infinite Warfare" disabled=yes dst-port=3074,3478,4379-
4380,27000-27050 in-interface=LAN new-connection-mark=JUEGOS_con protocol=tcp
add action=mark-connection chain=prerouting disabled=yes dst-port=3074,3478,4379-
4380,27000-27050 in-interface=LAN new-connection-mark=JUEGOS_con protocol=udp
add action=mark-connection chain=prerouting comment="Company of Heroes 1 & 2"
disabled=yes dst-port=6112,9100,27000-27030,30260 in-interface=LAN new-connection-
27030,30260 in-interface=LAN new-connection-mark=JUEGOS_con protocol=udp
add action=mark-connection chain=prerouting comment="Counter Strike Global
Offensive" disabled=yes dst-port=4000-4200,8800-8899,14020 in-interface=LAN new-
add action=mark-connection chain=prerouting disabled=yes dst-port=3658,5730-5739
add action=mark-connection chain=prerouting comment="Dark Souls 3" disabled=yes
dst-port=3478,4379,4380,27000-27050,50000-50003,50050 in-interface=LAN new-
port=3478,4379,4380,27000-27050,50000-50003,50050 in-interface=LAN new-connection-
add action=mark-connection chain=prerouting comment=Destiny disabled=yes dst-
port=500,1935,3074,3478-3480,3544,4500 in-interface=LAN new-connection-
port=500,1935,3074,3478-3480,3544,4500 in-interface=LAN new-connection-
add action=mark-connection chain=prerouting comment="Diablo I, II & III"
disabled=yes dst-port=1119,6112-6120,4000 in-interface=LAN new-connection-
add action=mark-connection chain=prerouting comment="Doom 2016" disabled=yes dst-
protocol=tcp
protocol=udp
add action=mark-connection chain=prerouting comment="Dota 2" disabled=yes dst-
protocol=tcp
protocol=udp
add action=mark-connection chain=prerouting comment="Dying Light" disabled=yes dst-
protocol=tcp
protocol=udp
add action=mark-connection chain=prerouting comment="Evolve Stage 2" disabled=yes
dst-port=4380,27000-27015 in-interface=LAN new-connection-mark=JUEGOS_con
protocol=tcp
add action=mark-connection chain=prerouting comment=Fornite disabled=yes dst-
port=5795,99,5222,5800,5847 in-interface=LAN new-connection-mark=JUEGOS_con
protocol=tcp
protocol=udp
add action=mark-connection chain=prerouting comment="Grand Theft Auto V"
disabled=yes dst-port=6672,61455-61458 in-interface=LAN new-connection-
add action=mark-connection chain=prerouting comment="Guild Wars 1 & 2" disabled=yes
dst-port=6112,6600 in-interface=LAN new-connection-mark=JUEGOS_con protocol=tcp
add action=mark-connection chain=prerouting comment="Hearthstone: Heroes of
Warcraft" disabled=yes dst-port=1119,3724 in-interface=LAN new-connection-
add action=mark-connection chain=prerouting comment="Heroes Of The Storm-OFF"
disabled=yes dst-port=1119,1120,3724,6113 in-interface=LAN new-connection-
add action=mark-connection chain=prerouting disabled=yes dst-port=1119-1120,3478-
3479,3724,5060,5062,6113,6250,12000-64000 in-interface=LAN new-connection-
add action=mark-connection chain=prerouting comment="League of Legends"
disabled=yes dst-port=2099,5222,5223,5000-5500,8393-8400 in-interface=LAN new-
port=2099,5222,5223,5000-5500,8393-8400 in-interface=LAN new-connection-
add action=mark-connection chain=prerouting comment=Minecraft disabled=yes dst-
port=25565 in-interface=LAN new-connection-mark=JUEGOS_con protocol=tcp
add action=mark-connection chain=prerouting comment="NBA 2K17" disabled=yes dst-
protocol=tcp
protocol=udp
add action=mark-connection chain=prerouting comment="No Man\92s Sky\r\n"
disabled=yes dst-port=1935,3478-3480 in-interface=LAN new-connection-
add action=mark-connection chain=prerouting comment=Overwatch-OFF disabled=yes dst-
port=1119,3724,6113,36503 in-interface=LAN new-connection-mark=JUEGOS_con
protocol=tcp
3479,5060,5062,6250,12000-64000 in-interface=LAN new-connection-mark=JUEGOS_con
protocol=udp
add action=mark-connection chain=prerouting comment=Paladins disabled=yes dst-
add action=mark-connection chain=prerouting comment=Paragon disabled=yes dst-
add action=mark-connection chain=prerouting comment="PlayStation Network"
disabled=yes dst-port=3478,3479,3480 in-interface=LAN new-connection-
add action=mark-connection chain=prerouting comment="Pro Evolution Soccer 2016 &
2017" disabled=yes dst-port=3658,4000-4200,5730-5739,8800-8899,14020 in-
interface=LAN new-connection-mark=JUEGOS_con protocol=tcp
add action=mark-connection chain=prerouting disabled=yes dst-port=3658,4000-
4200,5730-5739,8800-8899,14020 in-interface=LAN new-connection-mark=JUEGOS_con
protocol=udp
add action=mark-connection chain=prerouting comment="PUBG \96 Player Unknown\92s
Battleground" disabled=yes dst-port=81,7144,7280,7086,7450,16516 in-interface=LAN
port=81,7144,7280,7086,7450,16516 in-interface=LAN new-connection-mark=JUEGOS_con
protocol=udp
add action=mark-connection chain=prerouting comment=Rakion disabled=yes dst-
port=1100-1399,2300-2399,8500,40706-40737,50817 in-interface=LAN new-connection-
2399,8500,40706-40737,50817 in-interface=LAN new-connection-mark=JUEGOS_con
protocol=udp
add action=mark-connection chain=prerouting comment="Rocket League" disabled=yes
dst-port=7000-8079,8081-9000 in-interface=LAN new-connection-mark=JUEGOS_con
protocol=tcp
9000 in-interface=LAN new-connection-mark=JUEGOS_con protocol=udp
add action=mark-connection chain=prerouting comment=Smite disabled=yes dst-
add action=mark-connection chain=prerouting comment="Star Wars Battlefront-OFF"
disabled=yes dst-port=3569,3659,9000-9999,10000-29999,42100-44325 in-interface=LAN
9999,10000-29999,42100-44325 in-interface=LAN new-connection-mark=JUEGOS_con
protocol=udp
add action=mark-connection chain=prerouting comment="StarCraft 1 & 2" disabled=yes
dst-port=1119,1120,3724,6112,6113 in-interface=LAN new-connection-mark=JUEGOS_con
protocol=tcp
protocol=udp
add action=mark-connection chain=prerouting comment="Team Fortress 2" disabled=yes
dst-port=27005,27015,27020 in-interface=LAN new-connection-mark=JUEGOS_con
protocol=tcp
add action=mark-connection chain=prerouting comment=Terraria disabled=yes dst-
add action=mark-connection chain=prerouting comment="Tom Clancy\92s The Division-
OFF" disabled=yes dst-port=27015,33000-33499,51000,55000-55999,56000-56999 in-
interface=LAN new-connection-mark=JUEGOS_con protocol=tcp
add action=mark-connection chain=prerouting disabled=yes dst-port=27015,33000-
33499,51000,55000-55999,56000-56999 in-interface=LAN new-connection-mark=JUEGOS_con
protocol=udp
add action=mark-connection chain=prerouting comment="Warcraft 2 & 3" disabled=yes
dst-port=6112-6119 in-interface=LAN new-connection-mark=JUEGOS_con protocol=tcp
add action=mark-connection chain=prerouting disabled=yes dst-port=6112-6119 in-
add action=mark-connection chain=prerouting comment=Wolfteam-OFF disabled=yes dst-
port=30707-30724,40707 in-interface=LAN new-connection-mark=JUEGOS_con protocol=tcp
add action=mark-connection chain=prerouting disabled=yes dst-port=30707-30724,40718
add action=mark-connection chain=prerouting comment="World Of Warcraft"
disabled=yes dst-port=1119,3724,4662,4672,4711 in-interface=LAN new-connection-
protocol=udp
add action=mark-connection chain=prerouting comment="Xbox Live" disabled=yes dst-
protocol=tcp
protocol=udp
:::::::CREACIÓN DE LISTAS DE DIRECCIONES IP PARA ACCESOS ESPECIALES::::::::

/ip firewall address-list
add address=192.168.21.21 list=Administradores
add address=192.168.21.30-192.168.21.254 list="Control Parental"
add address=192.168.21.21-192.168.21.22 list="Axceso al Router"
:::::::BLOQUEAR ACCESO AL ROUTER VIA LAN::::::::

/ip firewall filter
add chain=input comment="Bloquear/Permitir Axceso al Router via LAN" connection-
state=established,related
add chain=input src-address-list="Axceso al Router"
:::::::DNS CONTROL PARENTAL::::::::

/ip firewall nat
add action=dst-nat chain=dstnat comment="DNS Control Parental (Filtro AntiPorn)"
dst-port=53 in-interface=LAN protocol=udp src-address-list="Control Parental" to-
addresses=198.153.192.50 to-ports=53
:::::::CREACIÓN DE BAJADA Y SUBIDA::::::::

/queue type
add kind=pcq name=Bajada pcq-classifier=dst-address pcq-dst-address6-mask=64 pcq-
src-address6-mask=64
add kind=pcq name=Subida pcq-classifier=src-address pcq-dst-address6-mask=64 pcq-
src-address6-mask=64
:::::::CONFIGURACIÓN DE CALIDAD DE SERVICIO "QoS" BAJADA Y SUBIDA EN MODO

BRIDGE::::::::
/queue tree
add disabled=yes limit-at=1M max-limit=300M name="QoS Bajada" parent=LAN
queue=Bajada
add disabled=yes limit-at=1M max-limit=30M name="QoS Subida" parent=WAN1
queue=Subida
add disabled=yes limit-at=1M max-limit=1M name="PING Bajada" packet-mark=ICMP_pkt
parent="QoS Bajada" priority=1 queue=Bajada
add disabled=yes limit-at=1M max-limit=1M name="DNS Bajada" packet-mark=DNS_pkt
add disabled=yes limit-at=1M max-limit=100M name="QUIC Bajada" packet-mark=QUIC_pkt
add disabled=yes limit-at=1M max-limit=100M name="NAVEGACION Bajada" packet-
mark=NAVEGACION_pkt parent="QoS Bajada" priority=4 queue=Bajada
add disabled=yes limit-at=1M max-limit=1M name="DNS Subida" packet-mark=DNS_pkt
parent="QoS Subida" priority=2 queue=Subida
add disabled=yes limit-at=1M max-limit=10M name="NAVEGACION Subida" packet-
mark=NAVEGACION_pkt parent="QoS Subida" priority=4 queue=Subida
add disabled=yes limit-at=1M max-limit=1M name="PING Subida" packet-mark=ICMP_pkt
add disabled=yes limit-at=1M max-limit=10M name="QUIC Subida" packet-mark=QUIC_pkt
add disabled=yes limit-at=1M max-limit=100M name="JUEGOS Bajada" packet-
mark=JUEGOS_pkt parent="QoS Bajada" priority=3 queue=Bajada
add disabled=yes limit-at=1M max-limit=10M name="JUEGOS Subida" packet-
mark=JUEGOS_pkt parent="QoS Subida" priority=3 queue=Subida
add disabled=yes limit-at=1M max-limit=100M name="NETFLIX Bajada" packet-
mark=NETFLIX_pkt parent="QoS Bajada" priority=6 queue=Bajada
add disabled=yes limit-at=1M max-limit=10M name="NETFLIX Subida" packet-
mark=NETFLIX_pkt parent="QoS Subida" priority=6 queue=Subida
:::::::LIMITAR ANCHO DE BANDA::::::::

:for e from=2 to=254 do={
/queue simple add name="Cliente $e" target="192.168.21.$e" max-
limit=1000000/10000000 queue=default/default total-queue=default
}
:::::::CONFIGURACIÓN DEl RELOJ::::::::

/system clock
set time-zone-name=America/Lima
:::::::CONFIGURACIÓN DE ZONA HORARIO CON NTP DE GOOGLE::::::::

/system ntp client
set enabled=yes primary-ntp=216.239.35.0 secondary-ntp=200.189.40.8
:::::::BLOQUEAR CONEXIONES ENTRANTES DE IP AL MIKROTIK::::::::

/ip service
set telnet disabled=yes
set ftp disabled=yes
set ssh disabled=yes
set api disabled=yes
set api-ssl disabled=yes
:::::::CONFIGURACIÓN DE NOMBRE DE EMPRESA::::::::

/system identity
set name="Darato Corp ISP"
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:::::::::::::::::::::::::::::::::
CONFIGURACIONES QUE AUN ME FALTAN REVISAR CORRECTAMENTE POR QUE NO RECUERDO CUANDO
LAS CREE JAJAJAJAJAJAJAJA.
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:::::::::::::::::::::::::::::::::
:::::::ESTABILIZAR PING (ICMP)::::::::

/ip firewall mangle
add action=mark-connection new-connection-mark=ICMP_con chain=prerouting
protocol=icmp passthrough=yes comment="ICMP ESTABILIZADOR DE PING"
add action=mark-packet new-packet-mark=ICMP_pkt chain=prerouting protocol=icmp
connection-mark=ICMP_con passthrough=no
add action=mark-connection new-connection-mark=ICMP_con chain=postrouting
protocol=icmp passthrough=yes
add action=mark-packet new-packet-mark=ICMP_pkt chain=postrouting protocol=icmp
connection-mark=ICMP_con passthrough=no
/queue simple
add name=ICMP max-limit=512k/512k packet-marks=ICMP_pkt
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=1024k max-
limit=2048k name=Hi-Prio-to-icmp-aacable packet-mark=icmp-pkt parent=global-in
priority=1 queue=default
Cree un script desde Sistema -> Scripts con la siguiente fuente:

/queue simple move [find name="ICMP"] [:pick [find] 0]
Luego vaya a IP -> Hotspot -> Perfil de usuario. Seleccione el perfil deseado y
bajo los scripts agregue lo siguiente:
/system script run moveICMP
:::::::BLOQUEO DE ACCESOS A CIERTAS COSAS::::::::

/ip firewall filter
add chain=input disabled=yes protocol=icmp
add action=drop chain=input disabled=yes
add action=drop chain=forward comment="Drop Web = Wan 1 (Bloqueo de Navegacion) "
disabled=yes dst-address-list=!Youtube dst-port=80,443,8080 out-interface=WAN1
protocol=tcp
add action=drop chain=forward disabled=yes dst-address-list=!Youtube dst-
port=80,443,8080 out-interface=WAN1 protocol=udp
add action=drop chain=forward comment="Drop Youtube = Wan 1 (Bloqueo de Yotube) "
disabled=yes dst-address-list=Youtube dst-port=443 out-interface=WAN1 protocol=udp
add action=drop chain=forward comment="Whatsapp Blocker" disabled=yes dst-address-
list=Whatsapp
:::::::NO RECUERDO XD::::::::

/ip firewall nat
add action=masquerade chain=srcnat comment="NAT de ISPs (Redes Wan)" out-
interface=WAN1
add action=masquerade chain=srcnat disabled=yes out-interface=WAN2

Scripts Mikrotik de Darato

Uploaded by

Copyright:

Available Formats

Scripts Mikrotik de Darato

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Scripts Mikrotik de Darato

Uploaded by

Copyright:

Available Formats

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:::::::CONFIGURACION DE INTERFACES CON BRIDGE::::::::

:::::::CREACIÓN DE MODO BRIDGE::::::::

:::::::ENLAZADO DE PUERTOS AL MODO BRIDGE::::::::

:::::::CONFIGURACIÓN DE LAS DNS::::::::

:::::::ENMASCARADO DE LAS REDES::::::::

:::::::RUTAS CON FAILOVER::::::::

:::::::CREACIÓN DE UN POOL DE IPS::::::::

:::::::CONFIGURACIÓN DEL DHCP SERVER CON MODO BRIDGE::::::::

/ip dhcp-server config

/ip dhcp-server network

:::::::BALANCEO DE CARGA (ESTILO ANTIGUO)::::::::

:::::::BALANCEO DE CARGA (ESTILO NUEVO)::::::::

:::::::QoS TRAFICO DE DNS::::::::

:::::::QoS TRAFICO DE ICMP::::::::

:::::::QoS TRAFICO DE NAVEGACIÓN::::::::

:::::::QoS TRAFICO DE YOUTUBE::::::::

:::::::QoS TRAFICO DE NETFLIX::::::::

:::::::CREACIÓN DE LISTAS DE DIRECCIONES IP PARA ACCESOS ESPECIALES::::::::

:::::::BLOQUEAR ACCESO AL ROUTER VIA LAN::::::::

:::::::DNS CONTROL PARENTAL::::::::

:::::::CREACIÓN DE BAJADA Y SUBIDA::::::::

:::::::CONFIGURACIÓN DE CALIDAD DE SERVICIO "QoS" BAJADA Y SUBIDA EN MODO

:::::::LIMITAR ANCHO DE BANDA::::::::

:::::::CONFIGURACIÓN DEl RELOJ::::::::

:::::::CONFIGURACIÓN DE ZONA HORARIO CON NTP DE GOOGLE::::::::

:::::::BLOQUEAR CONEXIONES ENTRANTES DE IP AL MIKROTIK::::::::

:::::::CONFIGURACIÓN DE NOMBRE DE EMPRESA::::::::

:::::::ESTABILIZAR PING (ICMP)::::::::

Cree un script desde Sistema -> Scripts con la siguiente fuente:

:::::::BLOQUEO DE ACCESOS A CIERTAS COSAS::::::::

:::::::NO RECUERDO XD::::::::

You might also like