/ip firewall mangle
add action=mark-connection chain=prerouting connection-state=new in-interface=ether5 new-connection-mark=conn1 nth=4,1
add action=mark-routing chain=prerouting connection-mark=conn1 in-interface=ether5 new-routing-mark=conn1 passthrough=no
add action=mark-connection chain=prerouting connection-state=new in-interface=ether5 new-connection-mark=conn2 nth=4,2
add action=mark-routing chain=prerouting connection-mark=conn2 in-interface=ether5 new-routing-mark=conn2 passthrough=no
add action=mark-connection chain=prerouting connection-state=new in-interface=ether5 new-connection-mark=conn3 nth=4,3
add action=mark-routing chain=prerouting connection-mark=conn3 in-interface=ether5 new-routing-mark=conn3 passthrough=no
add action=mark-connection chain=prerouting connection-state=new in-interface=ether5 new-connection-mark=conn4 nth=4,4
add action=mark-routing chain=prerouting connection-mark=conn4 in-interface=ether5 new-routing-mark=conn4 passthrough=no
/ip firewall nat
add action=masquerade chain=srcnat connection-mark=conn1 out-interface=ether1
add action=masquerade chain=srcnat connection-mark=conn2 out-interface=ether2
add action=masquerade chain=srcnat connection-mark=conn3 out-interface=ether3
add action=masquerade chain=srcnat connection-mark=conn4 out-interface=ether4
/system script
add name=ether2_force policy=read,write source=":if ([/interface find name=\"e\
ther2\"] = \"\") do={\r\
\n\t:error \"Target interface does not exist\";\r\
\n\t}\r\
\n\t\r\
\n:if ([/interface get [find name=\"ether2\"] disabled ]) do={\r\
\n\t:error \"Target interface ether2 is disabled.\";\r\
\n\t}\r\
\n\r\
\n:if ([/ip dhcp-client find interface=\"ether2\"] = \"\") do={\r\
\n\t:error \"Target interface is not running a DHCP client.\";\r\
\n\t}\r\
\n\r\
\n:if ([/ip dhcp-client get [find interface=\"ether2\"] status] != \"bound\
\") do={\r\
\n\t:error \"DHCP client is not bound to an address.\";\r\
\n\t}\r\
\n\t\r\
\n:local dhcpgateway [/ip dhcp-client get [find interface=\"ether2\"] gate\
way];\r\
\n:if (\$dhcpgateway = \"\") do={\r\
\n\t:error \"Interface has not been assigned a gateway address.\";\r\
\n\t}\r\
\n\t\r\
\n:local oldgatewayid [/ip route find comment=\"ether2_force\"];\r\
\n\r\
\n:if (\"\$oldgatewayid\" = \"\") do={\r\
\n\t:log warning \"Adding route\";\r\
\n\t:execute \"/ip route add \\\r\
\n\t\tdst-address=0.0.0.0/0 \\\r\
\n\t\tcomment=ether2_force \\\r\
\n\t\trouting-mark=conn2 \\\r\
\n\t\tgateway=\$dhcpgateway\";\r\
\n\t:error \"All done.\";\r\
\n\t}\r\
\n\r\
\n:local oldgateway [/ip route get number=\"\$oldgatewayid\" gateway];\r\
\n:if (\"\$oldgateway\" != \"\$dhcpgateway\") do={\r\
\n\t/ip route set numbers=\"\$oldgatewayid\" gateway=\"\$dhcpgateway\";\r\
\n\t}\r\
\n\r\
\n#The Same IP Gatway\r\
\n\r\
\n:local dhcpgateway [/ip dhcp-client get [find interface=\"ether2\"] gate\
way];\r\
\n\r\
\n /ip route set [find comment=\"ether2_force\"] gateway=(\$dhcpgateway.\"\
%ether2\")\r\
\n\r\
\n# Disable Schedule\r\
\n\r\
\n:local RCount [/system scheduler get [find name =schedule2] run-count]\r\
\n\r\
\n:if (\$RCount >2) do={\r\
\n/system scheduler set [find name=\"schedule2\"] disable=yes\r\
\n#: log warning phalla;\r\
\n}"
add name=ether3_force policy=read,write source=":if ([/interface find name=\"e\
ther3\"] = \"\") do={\r\
\n\t:error \"Target interface does not exist\";\r\
\n\t}\r\
\n\t\r\
\n:if ([/interface get [find name=\"ether3\"] disabled ]) do={\r\
\n\t:error \"Target interface ether3 is disabled.\";\r\
\n\t}\r\
\n\r\
\n:if ([/ip dhcp-client find interface=\"ether3\"] = \"\") do={\r\
\n\t:error \"Target interface is not running a DHCP client.\";\r\
\n\t}\r\
\n\r\
\n:if ([/ip dhcp-client get [find interface=\"ether3\"] status] != \"bound\
\") do={\r\
\n\t:error \"DHCP client is not bound to an address.\";\r\
\n\t}\r\
\n\t\r\
\n:local dhcpgateway [/ip dhcp-client get [find interface=\"ether3\"] gate\
way];\r\
\n:if (\$dhcpgateway = \"\") do={\r\
\n\t:error \"Interface has not been assigned a gateway address.\";\r\
\n\t}\r\
\n\t\r\
\n:local oldgatewayid [/ip route find comment=\"ether3_force\"];\r\
\n\r\
\n:if (\"\$oldgatewayid\" = \"\") do={\r\
\n\t:log warning \"Adding route\";\r\
\n\t:execute \"/ip route add \\\r\
\n\t\tdst-address=0.0.0.0/0 \\\r\
\n\t\tcomment=ether3_force \\\r\
\n\t\trouting-mark=conn3 \\\r\
\n\t\tgateway=\$dhcpgateway\";\r\
\n\t:error \"All done.\";\r\
\n\t}\r\
\n\r\
\n:local oldgateway [/ip route get number=\"\$oldgatewayid\" gateway];\r\
\n:if (\"\$oldgateway\" != \"\$dhcpgateway\") do={\r\
\n\t/ip route set numbers=\"\$oldgatewayid\" gateway=\"\$dhcpgateway\";\r\
\n\t}\r\
\n\r\
\n\r\
\n#The Same IP Gatway\r\
\n\r\
\n:local dhcpgateway [/ip dhcp-client get [find interface=\"ether3\"] gate\
way];\r\
\n\r\
\n /ip route set [find comment=\"ether3_force\"] gateway=(\$dhcpgateway.\"\
%ether3\")\r\
\n\r\
\n# Disable Schedule\r\
\n\r\
\n:local RCount [/system scheduler get [find name =schedule3] run-count]\r\
\n\r\
\n:if (\$RCount >2) do={\r\
\n/system scheduler set [find name=\"schedule3\"] disable=yes\r\
\n#: log warning phalla;\r\
\n}"
add name=ether4_force policy=read,write source=":if ([/interface find name=\"e\
ther4\"] = \"\") do={\r\
\n\t:error \"Target interface does not exist\";\r\
\n\t}\r\
\n\t\r\
\n:if ([/interface get [find name=\"ether4\"] disabled ]) do={\r\
\n\t:error \"Target interface ether4 is disabled.\";\r\
\n\t}\r\
\n\r\
\n:if ([/ip dhcp-client find interface=\"ether4\"] = \"\") do={\r\
\n\t:error \"Target interface is not running a DHCP client.\";\r\
\n\t}\r\
\n\r\
\n:if ([/ip dhcp-client get [find interface=\"ether4\"] status] != \"bound\
\") do={\r\
\n\t:error \"DHCP client is not bound to an address.\";\r\
\n\t}\r\
\n\t\r\
\n:local dhcpgateway [/ip dhcp-client get [find interface=\"ether4\"] gate\
way];\r\
\n:if (\$dhcpgateway = \"\") do={\r\
\n\t:error \"Interface has not been assigned a gateway address.\";\r\
\n\t}\r\
\n\t\r\
\n:local oldgatewayid [/ip route find comment=\"ether4_force\"];\r\
\n\r\
\n:if (\"\$oldgatewayid\" = \"\") do={\r\
\n\t:log warning \"Adding route\";\r\
\n\t:execute \"/ip route add \\\r\
\n\t\tdst-address=0.0.0.0/0 \\\r\
\n\t\tcomment=ether4_force \\\r\
\n\t\trouting-mark=conn4 \\\r\
\n\t\tgateway=\$dhcpgateway\";\r\
\n\t:error \"All done.\";\r\
\n\t}\r\
\n\r\
\n:local oldgateway [/ip route get number=\"\$oldgatewayid\" gateway];\r\
\n:if (\"\$oldgateway\" != \"\$dhcpgateway\") do={\r\
\n\t/ip route set numbers=\"\$oldgatewayid\" gateway=\"\$dhcpgateway\";\r\
\n\t}\r\
\n\r\
\n\r\
\n\r\
\n#The Same IP Gatway\r\
\n\r\
\n:local dhcpgateway [/ip dhcp-client get [find interface=\"ether4\"] gate\
way];\r\
\n\r\
\n /ip route set [find comment=\"ether4_force\"] gateway=(\$dhcpgateway.\"\
%ether4\")\r\
\n\r\
\n\r\
\n# Disable Schedule\r\
\n\r\
\n:local RCount [/system scheduler get [find name =schedule4] run-count]\r\
\n\r\
\n:if (\$RCount >2) do={\r\
\n/system scheduler set [find name=\"schedule4\"] disable=yes\r\
\n#: log warning phalla;\r\
\n}"
add name=ether1_force policy=read,write source=":if ([/interface find name=\"e\
ther1\"] = \"\") do={\r\
\n\t:error \"Target interface does not exist\";\r\
\n\t}\r\
\n\t\r\
\n:if ([/interface get [find name=\"ether1\"] disabled ]) do={\r\
\n\t:error \"Target interface ether1 is disabled.\";\r\
\n\t}\r\
\n\r\
\n:if ([/ip dhcp-client find interface=\"ether1\"] = \"\") do={\r\
\n\t:error \"Target interface is not running a DHCP client.\";\r\
\n\t}\r\
\n\r\
\n:if ([/ip dhcp-client get [find interface=\"ether1\"] status] != \"bound\
\") do={\r\
\n\t:error \"DHCP client is not bound to an address.\";\r\
\n\t}\r\
\n\t\r\
\n:local dhcpgateway [/ip dhcp-client get [find interface=\"ether1\"] gate\
way];\r\
\n:if (\$dhcpgateway = \"\") do={\r\
\n\t:error \"Interface has not been assigned a gateway address.\";\r\
\n\t}\r\
\n\t\r\
\n:local oldgatewayid [/ip route find comment=\"ether1_force\"];\r\
\n\r\
\n:if (\"\$oldgatewayid\" = \"\") do={\r\
\n\t:log warning \"Adding route\";\r\
\n\t:execute \"/ip route add \\\r\
\n\t\tdst-address=0.0.0.0/0 \\\r\
\n\t\tcomment=ether1_force \\\r\
\n\t\trouting-mark=conn1 \\\r\
\n\t\tgateway=\$dhcpgateway\";\r\
\n\t:error \"All done.\";\r\
\n\t}\r\
\n\r\
\n:local oldgateway [/ip route get number=\"\$oldgatewayid\" gateway];\r\
\n:if (\"\$oldgateway\" != \"\$dhcpgateway\") do={\r\
\n\t/ip route set numbers=\"\$oldgatewayid\" gateway=\"\$dhcpgateway\";\r\
\n\t}\r\
\n\r\
\n#The Same IP Gatway\r\
\n\r\
\n:local dhcpgateway [/ip dhcp-client get [find interface=\"ether1\"] gate\
way];\r\
\n\r\
\n /ip route set [find comment=\"ether1_force\"] gateway=(\$dhcpgateway.\"\
%ether1\")\r\
\n\r\
\n# Disable Schedule\r\
\n\r\
\n:local RCount [/system scheduler get [find name =schedule1] run-count]\r\
\n\r\
\n:if (\$RCount >2) do={\r\
\n/system scheduler set [find name=\"schedule1\"] disable=yes\r\
\n#: log warning phalla;\r\
\n}"
/system scheduler
add disabled=yes interval=10s name=schedule1 on-event=\
"\r\
\n/system script run ether1_force" policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive start-time=\
startup
add disabled=yes interval=10s name=schedule2 on-event=\
"\r\
\n/system script run ether2_force\r\
\n" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive \
start-time=startup
add disabled=yes interval=10s name=schedule4 on-event=\
"\r\
\n/system script run ether4_force\r\
\n" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive \
start-time=startup
add disabled=yes interval=10s name=schedule3 on-event=\
"\r\
\n/system script run ether3_force\r\
\n" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive \
start-time=startup
add name=Enable-All-Schedules on-event=" /system scheduler set [find name=\"sc\
hedule1\"] disable=no;\r\
\n\r\
\n /system scheduler set [find name=\"schedule2\"] disable=no;\r\
\n\r\
\n /system scheduler set [find name=\"schedule3\"] disable=no;\r\
\n\r\
\n /system scheduler set [find name=\"schedule4\"] disable=no;\r\
\n\r\
\n /system scheduler set [find name=\"schedule5\"] disable=no;" policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive start-time=\
startup
No comments:
Post a Comment