#        routerboard: yes
#         board-name: hEX
#              model: RouterBOARD 750G r3
#           revision: r3
#      serial-number: 8AFF0956E4BA
#      firmware-type: mt7621L
#   factory-firmware: 3.41
#   current-firmware: 6.44.5
#   upgrade-firmware: 6.44.5
# 
#             channel: long-term
#   installed-version: 6.44.5
# 
# Flags: U - undoable, R - redoable, F - floating-undo 
#   ACTION                                   BY               POLICY             
# 
# software id = V3X0-CBZL
#
# model = RouterBOARD 750G r3
# serial number = 8AFF0956E4BA
/interface bridge
add name=bridge1
/interface ethernet
set [ find default-name=ether1 ] speed=100Mbps
set [ find default-name=ether2 ] speed=100Mbps
set [ find default-name=ether3 ] speed=100Mbps
set [ find default-name=ether4 ] speed=100Mbps
set [ find default-name=ether5 ] speed=100Mbps
/ip pool
add name=dhcp ranges=192.168.2.100-192.168.2.200
/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridge1 lease-time=30m name=dhcp1
/snmp community
set [ find default=yes ] addresses=45.225.65.10/32 name=onnet@2017
/interface bridge port
add bridge=bridge1 hw=no interface=ether2
add bridge=bridge1 hw=no interface=ether3
add bridge=bridge1 hw=no interface=ether4
add bridge=bridge1 hw=no interface=ether5
/ip address
add address=45.225.66.102/30 interface=ether1 network=45.225.66.100
add address=192.168.2.1/24 interface=ether2 network=192.168.2.0
/ip dhcp-client
add dhcp-options=hostname,clientid interface=ether1
/ip dhcp-server network
add address=192.168.2.0/24 dns-server=172.16.20.40,8.8.8.8 gateway=192.168.2.1 netmask=24
/ip dns
set servers=172.16.20.40,8.8.8.8
/ip firewall filter
add action=accept chain=input dst-address=45.225.66.102 protocol=icmp src-address=45.225.64.0/22
add action=accept chain=input dst-address=45.225.66.102 protocol=icmp src-address=172.16.20.50
add action=accept chain=input in-interface=ether1 src-address=45.225.64.0/22
add action=accept chain=input src-address=192.168.2.0/24
add action=accept chain=forward src-address=192.168.2.0/24
add action=accept chain=input connection-state=established,related in-interface=ether1
add action=drop chain=input in-interface=ether1 log-prefix=FW
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1
/ip route
add distance=1 gateway=45.225.66.101
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www address=45.225.64.0/22,192.168.0.0/16
set ssh address=45.225.65.10/32 port=2222
set api disabled=yes
set winbox port=25000
set api-ssl disabled=yes
/snmp
set enabled=yes
/system clock
set time-zone-name=America/Sao_Paulo
/system identity
set name=Tabokas
/system package update
set channel=long-term
/system resource irq rps
set ether1 disabled=no
set ether2 disabled=no
set ether3 disabled=no
set ether4 disabled=no
set ether5 disabled=no