#        routerboard: yes
#         board-name: hEX lite
#              model: RouterBOARD 750 r2
#      serial-number: 67D306826ED7
#      firmware-type: qca9531L
#   factory-firmware: 3.33
#   current-firmware: 6.48.6
#   upgrade-firmware: 6.48.6
# 
#             channel: long-term
#   installed-version: 6.48.6
# 
# Flags: U - undoable, R - redoable, F - floating-undo 
#   ACTION                                   BY               POLICY             
# 
# software id = 4CKB-HJ60
#
# model = RouterBOARD 750 r2
# serial number = 67D306826ED7
/interface bridge
add name=bridge1
/interface ethernet
set [ find default-name=ether1 ] advertise=10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
set [ find default-name=ether2 ] advertise=10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
set [ find default-name=ether3 ] advertise=10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
set [ find default-name=ether4 ] advertise=10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
set [ find default-name=ether5 ] advertise=10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
/interface list
add name=WAN
add name=LAN
/ip pool
add name=dhcp ranges=10.0.0.100-10.0.0.200
/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridge1 lease-time=12h name=dhcp1
/snmp community
set [ find default=yes ] addresses=45.225.65.10/32 name=onnet@2017
/interface bridge port
add bridge=bridge1 interface=ether2
add bridge=bridge1 interface=ether3
add bridge=bridge1 interface=ether4
add bridge=bridge1 interface=ether5
/ip neighbor discovery-settings
set discover-interface-list=!dynamic
/interface list member
add interface=ether1 list=WAN
add interface=bridge1 list=LAN
/ip address
add address=45.225.65.158/30 interface=ether1 network=45.225.65.156
add address=10.0.0.1/24 interface=ether2 network=10.0.0.0
/ip dhcp-client
add interface=ether1
/ip dhcp-server network
add address=10.0.0.0/24 dns-server=177.10.56.3,177.10.56.30 gateway=10.0.0.1 netmask=24
/ip dns
set servers=8.8.8.8,45.225.64.10,172.16.20.40
/ip firewall filter
add action=accept chain=input dst-address=45.225.65.158 protocol=icmp src-address=45.225.64.0/22
add action=accept chain=input dst-address=45.225.65.158 protocol=icmp src-address=172.16.20.50
add action=accept chain=input in-interface=ether1 src-address=45.225.64.0/22
add action=accept chain=input src-address=10.0.0.0/24
add action=accept chain=forward src-address=10.0.0.0/24
add action=drop chain=input disabled=yes in-interface=ether1 log-prefix=FW
/ip firewall nat
add action=masquerade chain=srcnat out-interface-list=WAN
/ip route
add distance=1 gateway=45.225.65.157
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www address=45.225.64.0/22,192.168.0.0/16
set ssh address=45.225.65.10/32 port=2222
set api disabled=yes
set winbox port=25000
set api-ssl disabled=yes
/ipv6 nd
set [ find default=yes ] advertise-dns=no
/snmp
set enabled=yes
/system clock
set time-zone-name=America/Sao_Paulo
/system identity
set name=Dalcol
/system package update
set channel=long-term