/interface bridge add name=bridge1 /interface ethernet set [ find default-name=ether1 ] comment=Firenet set [ find default-name=ether2 ] comment=Rbtnet /interface pppoe-client add disabled=no interface=ether1 name=firenet password=XXXXXXXXXXXX user=p29luiz /interface list add name=WAN add name=LAN /interface wireless security-profiles set [ find default=yes ] supplicant-identity=MikroTik /ip pool add name=visitantes ranges=172.16.1.2-172.16.1.13 add name=automacao ranges=172.16.0.2-172.16.0.13 add name=rede-local ranges=10.71.69.2-10.71.69.11 /ip dhcp-server add add-arp=yes address-pool=visitantes disabled=no interface=bridge1 \ lease-time=5m name=visitantes /ppp profile set *0 on-down="/ip route remove [find comment=\"Rota_Teste_FIRENET\"]\r\ \n/ip route remove [find comment=\"Rota_Padrao_FIRENET\"]\r\ \n/ip route remove [find comment=\"Rota_Marcacao_FIRENET\"]\r\ \n/ip route enable [find comment=\"Rota_Padrao_RBTNET\"]" on-up="/ip route\ \_add comment=Rota_Marcacao_FIRENET distance=1 gateway=\$\"remote-address\ \" routing-mark=link_claro\r\ \n/ip route add comment=Rota_Padrao_FIRENET distance=1 gateway=\$\"remote-\ address\"\r\ \n/ip route add comment=Rota_Teste_FIRENET distance=1 dst-address=8.8.8.8/\ 32 gateway=\$\"remote-address\"\r\ \n/ip route disable [find comment=\"Rota_Padrao_RBTNET\"]" /queue simple add disabled=yes max-limit=10M/10M name=visitantes target=172.16.1.0/28 add disabled=yes max-limit=1M/1M name=visitantes-1mb target=172.16.1.0/28 add disabled=yes max-limit=5M/5M name=redelocal target=10.71.69.0/28 /interface bridge port add bridge=bridge1 interface=ether3 add bridge=bridge1 interface=ether4 add bridge=bridge1 interface=ether5 /interface detect-internet set detect-interface-list=all /interface l2tp-server server set authentication=chap enabled=yes ipsec-secret="VheHegA9i7&E#W9D#\$zp" \ use-ipsec=required /interface list member add interface=firenet list=WAN add interface=ether5 list=LAN add list=WAN /ip address add address=10.71.69.1/28 comment="Rede Principal" interface=bridge1 network=\ 10.71.69.0 add address=172.16.0.1/28 comment="Rede Automacao" interface=bridge1 network=\ 172.16.0.0 add address=172.16.1.1/28 comment="Rede Visitantes" interface=bridge1 \ network=172.16.1.0 add address=10.4.96.2/30 comment="RBT NET" interface=ether2 network=10.4.96.0 add address=10.4.97.2/30 comment="Interface FireNet" interface=ether1 \ network=10.4.97.0 /ip arp add address=10.71.69.2 comment=scorpion interface=bridge1 mac-address=\ 38:2C:4A:8C:83:69 add address=10.71.69.4 comment=henrique interface=bridge1 mac-address=\ D8:68:A0:52:FD:D2 add address=10.71.69.5 comment=lidiane interface=bridge1 mac-address=\ 2C:15:BF:E7:AF:8F add address=10.71.69.6 comment=televisao interface=bridge1 mac-address=\ 8C:79:F5:96:F1:6A add address=10.71.69.14 comment=dns interface=bridge1 mac-address=\ 50:B3:63:01:21:46 add address=10.71.69.13 comment=wifi2 interface=bridge1 mac-address=\ 64:66:B3:FA:B4:1E add address=10.71.69.12 comment=wifi1 interface=bridge1 mac-address=\ A8:BF:3C:4E:27:AA add address=172.16.0.2 comment=alexa-sala interface=bridge1 mac-address=\ 90:11:95:DD:D9:B8 add address=172.16.0.3 comment=alexa-quarto interface=bridge1 mac-address=\ 74:E2:0C:1C:50:2C add address=172.16.0.5 comment=ventilador-quarto interface=bridge1 \ mac-address=7C:F6:66:81:40:9F add address=172.16.0.6 comment=ventilador-sala interface=bridge1 mac-address=\ 50:8A:06:AD:FB:84 add address=172.16.0.7 comment=ventilador-criancas interface=bridge1 \ mac-address=50:8A:06:AE:01:EF add address=172.16.0.8 comment=tomada-caixas-de-som interface=bridge1 \ mac-address=D8:1F:12:AF:DC:F4 add address=172.16.0.9 comment=tomada-ar-condicionado interface=bridge1 \ mac-address=10:5A:17:25:64:7A add address=172.16.0.10 comment=tomada-monitores interface=bridge1 \ mac-address=D8:1F:12:AF:DD:EA add address=172.16.0.11 comment=interruptor-gabinete interface=bridge1 \ mac-address=CC:8C:BF:4F:B3:8A add address=10.71.69.3 comment="SUB-ZERO - WIFI" interface=bridge1 \ mac-address=38:B1:DB:CE:D1:0D add address=10.71.69.7 comment=TPLINKUSB1 interface=bridge1 mac-address=\ 00:25:86:E8:EC:A8 add address=10.71.69.10 comment=VIRTUALBOX interface=bridge1 mac-address=\ 08:00:27:50:B9:1F add address=10.71.69.8 comment=TPLINKUSB2 interface=bridge1 mac-address=\ 10:27:F5:E8:A5:4B add address=10.71.69.9 comment="SUB-ZERO - RJ45" interface=bridge1 \ mac-address=74:E6:E2:CF:AB:2A add address=10.4.97.1 comment=interface-firenet interface=ether1 mac-address=\ F0:8C:FB:A0:3E:30 add address=10.4.96.1 comment=interface-rbtnet interface=ether2 mac-address=\ 70:CD:91:F1:79:AC /ip cloud set ddns-enabled=yes ddns-update-interval=5m /ip dhcp-server lease add address=10.71.69.2 comment=scorpion mac-address=38:2C:4A:8C:83:69 add address=10.71.69.4 comment=henrique mac-address=D8:68:A0:52:FD:D2 add address=10.71.69.5 comment=lidiane mac-address=2C:15:BF:E7:AF:8F add address=10.71.69.6 comment=televisao mac-address=8C:79:F5:96:F1:6A add address=10.71.69.14 comment=dns mac-address=50:B3:63:01:21:46 add address=10.71.69.13 comment=wifi2 mac-address=64:66:B3:FA:B4:1E add address=10.71.69.12 comment=wifi1 mac-address=A8:BF:3C:4E:27:AA add address=172.16.0.2 comment=alexa-sala mac-address=90:11:95:DD:D9:B8 add address=172.16.0.3 comment=alexa-quarto mac-address=74:E2:0C:1C:50:2C add address=172.16.0.5 comment=ventilador-quarto mac-address=\ 7C:F6:66:81:40:9F add address=172.16.0.6 comment=ventilador-sala mac-address=50:8A:06:AD:FB:84 add address=172.16.0.7 comment=ventilador-criancas mac-address=\ 50:8A:06:AE:01:EF add address=172.16.0.8 comment=tomada-caixas-de-som mac-address=\ D8:1F:12:AF:DC:F4 add address=172.16.0.9 comment=tomada-ar-condicionado mac-address=\ 10:5A:17:25:64:7A add address=172.16.0.10 comment=tomada-monitores mac-address=\ D8:1F:12:AF:DD:EA add address=172.16.0.11 comment=interruptor-gabinete mac-address=\ CC:8C:BF:4F:B3:8A add address=10.71.69.3 comment=sub-zero mac-address=38:B1:DB:CE:D1:0D add address=10.71.69.7 comment=usb1 mac-address=00:25:86:E8:EC:A8 add address=10.71.69.10 comment=virtualbox mac-address=08:00:27:50:B9:1F add address=10.71.69.9 comment=usb2 mac-address=10:27:F5:E8:A5:4B add address=10.71.69.9 comment=sub-zero-cabo disabled=yes mac-address=\ 74:E6:E2:CF:AB:2A /ip dhcp-server network add address=10.71.69.0/28 dns-server=10.71.69.14 domain=domain.local gateway=\ 10.71.69.1 netmask=28 add address=172.16.0.0/28 dns-server=172.16.0.14 domain=domain.local gateway=\ 172.16.0.1 netmask=28 add address=172.16.1.0/28 dns-server=172.16.1.14 domain=domain.local gateway=\ 172.16.1.1 netmask=28 /ip dns set cache-size=4096KiB servers=\ 2804:3364:82cf:8e00:52b3:63ff:fe01:2146,10.71.69.14 /ip dns static add address=10.71.69.1 disabled=yes name=sektor.henrique.tec.br add address=10.4.96.1 disabled=yes name=rbtnet.domain.local add address=10.4.97.1 disabled=yes name=firenet.domain.local add address=10.71.69.1 disabled=yes name=sektor.domain.local add address=10.71.69.2 disabled=yes name=scorpion.domain.local add address=10.71.69.3 disabled=yes name=sub-zero.domain.local add address=10.71.69.6 disabled=yes name=televisao.domain.local add address=10.71.69.10 disabled=yes name=virtualbox.domain.local add address=10.71.69.12 disabled=yes name=wifi1.domain.local add address=10.71.69.13 disabled=yes name=wifi2.domain.local add address=10.71.69.14 disabled=yes name=dns.domain.local add address=2804:3364:8285:3e00::1 disabled=yes name=sektor.domain.local \ type=AAAA add address=2804:3364:8285:3e00::4 disabled=yes name=virtualbox.domain.local \ type=AAAA add address=2804:3364:8285:3e00::14 disabled=yes name=dns.domain.local type=\ AAAA add address=2804:3364:8285:3e00:cf7d:bd40:4505:8628 disabled=yes name=\ sub-zero.domain.local type=AAAA add address=2804:3364:8285:3e00:eb11:f4ed:4cdc:7a3a disabled=yes name=\ scorpion.domain.local type=AAAA add cname=sub-zero.domain.local disabled=yes name=subzero.domain.local type=\ CNAME /ip firewall address-list add address=10.71.69.0/28 list=redes add address=172.16.1.0/28 comment="rede convidados" list=saida-rbt add address=172.16.0.0/28 list=redes add address=177.71.101.186 list=ip-insetnew add address=172.16.0.0/28 comment="rede automacao" list=saida-rbt add address=172.16.1.0/28 list=redes add address=10.71.69.5 comment="smarthpone da lidiane" list=saida-rbt add address=10.71.69.3 comment="computador subzero (wifi)" list=saida-rbt add address=10.71.69.6 comment=televisao list=saida-rbt add address=187.108.199.231 list=ip-redes-fixas add address=187.32.203.80/28 list=ip-redes-fixas add address=189.43.148.64/28 list=ip-redes-fixas add address=201.76.180.124/30 list=ip-redes-fixas add address=201.48.41.0/28 list=ip-redes-fixas add address=177.124.244.8/29 list=ip-redes-fixas add address=201.76.163.168/30 list=ip-redes-fixas add address=10.71.69.9 comment="computador subzero (rj45)" list=saida-rbt add address=10.71.69.4 comment="smartphone do henrique" disabled=yes list=\ saida-rbt add address=10.71.69.2 comment="computador scorpion" disabled=yes list=\ saida-rbt add address=10.71.69.10 comment=VIRTUALBOX disabled=yes list=saida-rbt add address=10.71.69.2 comment=Scorpion list=acesso-total add address=10.71.69.4 comment="SmartPhone Henrique" list=acesso-total add address=10.71.69.14 comment=dns list=acesso-total add address=10.71.69.7 comment="Adaptador Wifi TP-LINK Antigo" list=\ acesso-total add address=10.71.69.8 comment="Adaptador TP-LINK Novo" list=acesso-total add address=10.71.69.12 comment="Roteador da Sala" list=acesso-total add address=10.71.69.13 comment="Roteador do Quarto" list=acesso-total add address=10.71.69.10 comment=VirtualBox list=acesso-total add address=201.76.163.170 list=ip-redes-fixas add address=172.16.1.7 list=acesso-total /ip firewall filter add action=fasttrack-connection chain=forward connection-state=\ established,related in-interface=firenet add action=accept chain=forward comment=\ "Aceitar pacotes de conexoes estabelecidas e Relacionadas" \ connection-state=established,related add action=accept chain=forward comment="ACESSO TOTAL" src-address-list=\ acesso-total add action=accept chain=forward comment=\ "Libera acesso para rede de automa\E7\E3o" src-address=172.16.0.0/28 add action=accept chain=forward comment="Libera Ping" protocol=icmp \ src-address-list=redes add action=accept chain=forward comment="Libera portas redirecionadas" \ disabled=yes protocol=tcp src-address=10.71.69.10 src-port=3389 add action=accept chain=forward disabled=yes protocol=tcp src-address=\ 10.71.69.2 src-port=22 add action=accept chain=forward protocol=tcp src-address=10.71.69.3 src-port=\ 5938 add action=accept chain=forward comment="Libera Portas Web Comuns" dst-port=\ 80,443,8080,8443 protocol=tcp src-address-list=redes add action=accept chain=forward comment="Libera NTP" dst-port=123 protocol=\ udp src-address-list=redes add action=accept chain=forward comment="Libera acesso E-MAIL" dst-port=\ 25,110,143,465,587,993,995 protocol=tcp src-address=10.71.69.0/28 add action=accept chain=forward dst-port=25,110,143,465,587,993,995 protocol=\ tcp src-address=172.16.1.0/28 add action=accept chain=forward comment="Libera portas do WhatsApp" dst-port=\ 3478 protocol=udp src-address-list=redes add action=accept chain=forward dst-port=5222,5223 protocol=tcp \ src-address-list=redes add action=accept chain=forward comment="LIBERA ACESSO A VPN" dst-port=\ 1194,11941 protocol=udp src-address=10.71.69.0/28 add action=accept chain=forward dst-port=1194,11941 protocol=tcp src-address=\ 10.71.69.0/28 add action=drop chain=forward comment="Bloqueia todo o resto" log-prefix=\ "FORWARD DROP:" out-interface=firenet add action=drop chain=forward log-prefix="FORWARD DROP:" out-interface=ether2 add action=accept chain=input comment=\ "Aceitar pacotes de conexoes estabelecidas e Relacionadas" \ connection-state=established,related add action=accept chain=input comment="Libera PING para todas as origens" \ protocol=icmp add action=accept chain=input comment="Libera DNS para todas as redes" \ disabled=yes dst-port=53 protocol=udp src-address-list=redes add action=accept chain=input disabled=yes dst-port=53 protocol=tcp \ src-address-list=redes add action=accept chain=input comment="Acesso Winbox e SSH" dst-port=\ 9182,17169,2887 protocol=tcp src-address=10.71.69.0/28 add action=accept chain=input dst-port=9182,17169,2887 protocol=tcp \ src-address-list=ip-redes-fixas add action=accept chain=input dst-port=9182,17169,2887 protocol=tcp add action=accept chain=input comment="Libera DHCP" dst-port=67,68 \ in-interface=bridge1 protocol=udp add action=drop chain=input comment="Bloqueia todo o resto" log-prefix=\ "INPUT DROP:" add action=drop chain=output dst-address=8.8.4.4 out-interface=firenet \ protocol=icmp add action=drop chain=output dst-address=8.8.8.8 out-interface=ether2 \ protocol=icmp add action=accept chain=input comment="ICMP Fragmentation Needed" \ icmp-options=3:4 protocol=icmp /ip firewall mangle add action=mark-connection chain=input in-interface=firenet \ new-connection-mark=link_claro passthrough=yes add action=mark-routing chain=output connection-mark=link_claro \ new-routing-mark=link_claro passthrough=yes add action=mark-connection chain=input in-interface=ether2 \ new-connection-mark=link_rbtnet passthrough=yes add action=mark-routing chain=output connection-mark=link_rbtnet \ new-routing-mark=link_rbtnet passthrough=yes add action=mark-routing chain=prerouting comment=SAIDA_RBTNET \ new-routing-mark=link_rbtnet passthrough=yes src-address-list=saida-rbt add action=mark-routing chain=prerouting comment=SAIDA_FIRENET \ new-routing-mark=link_claro passthrough=yes src-address=172.16.1.11 add action=change-mss chain=forward comment="Clamp MSS to PMTU for IPv4" \ new-mss=clamp-to-pmtu passthrough=yes protocol=tcp tcp-flags=syn /ip firewall nat add action=masquerade chain=srcnat comment="Nat para a Internet funcionar" \ out-interface=firenet to-addresses=0.0.0.0 add action=masquerade chain=srcnat out-interface=ether2 to-addresses=0.0.0.0 add action=masquerade chain=srcnat out-interface=ether1 to-addresses=0.0.0.0 add action=dst-nat chain=dstnat comment="Portas Privadas Scorpion" dst-port=\ 8090,9443 in-interface=firenet protocol=tcp src-address-list=\ ip-redes-fixas to-addresses=10.71.69.2 add action=dst-nat chain=dstnat dst-port=8090,9443 in-interface=ether2 \ protocol=tcp src-address-list=ip-redes-fixas to-addresses=10.71.69.2 add action=dst-nat chain=dstnat comment="Portas Publicas Scorpion" dst-port=\ 51413 in-interface=firenet protocol=tcp to-addresses=10.71.69.2 add action=dst-nat chain=dstnat dst-port=51413 in-interface=ether2 protocol=\ tcp to-addresses=10.71.69.2 add action=dst-nat chain=dstnat comment="RDP Virtualbox" dst-port=3389 \ in-interface=firenet protocol=tcp src-address-list=ip-redes-fixas \ to-addresses=10.71.69.10 to-ports=3389 add action=dst-nat chain=dstnat dst-port=3389 in-interface=ether2 protocol=\ tcp src-address-list=ip-redes-fixas to-addresses=10.71.69.10 to-ports=\ 3389 add action=dst-nat chain=dstnat comment="SSH Sub-Zero - Wifi" dst-port=40022 \ in-interface=firenet protocol=tcp src-address-list=ip-redes-fixas \ to-addresses=10.71.69.3 to-ports=22 add action=dst-nat chain=dstnat dst-port=40022 in-interface=ether2 protocol=\ tcp src-address-list=ip-redes-fixas to-addresses=10.71.69.3 to-ports=22 add action=dst-nat chain=dstnat comment="TEAMVIEWER Sub-Zero - Wifi" \ dst-port=5938 in-interface=firenet protocol=tcp src-address-list=\ ip-redes-fixas to-addresses=10.71.69.3 to-ports=5938 add action=dst-nat chain=dstnat dst-port=5938 in-interface=ether2 protocol=\ tcp src-address-list=ip-redes-fixas to-addresses=10.71.69.3 to-ports=5938 add action=dst-nat chain=dstnat comment="SSH DNS Server" dst-port=22 \ in-interface=firenet protocol=tcp src-address-list=ip-redes-fixas \ to-addresses=10.71.69.14 to-ports=22 add action=dst-nat chain=dstnat dst-port=22 in-interface=ether2 protocol=tcp \ src-address-list=ip-redes-fixas to-addresses=10.71.69.14 to-ports=22 add action=dst-nat chain=dstnat comment="Interface Web Servidor Lenovo" \ dst-port=80 in-interface=firenet protocol=tcp to-addresses=10.71.69.14 \ to-ports=80 add action=dst-nat chain=dstnat dst-port=443 in-interface=firenet protocol=\ tcp to-addresses=10.71.69.14 to-ports=443 add action=dst-nat chain=dstnat dst-port=80 in-interface=ether2 protocol=tcp \ to-addresses=10.71.69.14 to-ports=80 add action=dst-nat chain=dstnat dst-port=443 in-interface=ether2 protocol=tcp \ to-addresses=10.71.69.14 to-ports=443 add action=dst-nat chain=dstnat comment="OpenVPN UDP" dst-port=11940 \ in-interface=firenet protocol=udp to-addresses=10.71.69.14 to-ports=11940 add action=dst-nat chain=dstnat dst-port=11940 in-interface=ether2 protocol=\ udp to-addresses=10.71.69.14 to-ports=11940 add action=dst-nat chain=dstnat dst-port=11941 in-interface=firenet protocol=\ udp to-addresses=10.71.69.14 to-ports=11941 add action=dst-nat chain=dstnat dst-port=11941 in-interface=ether2 protocol=\ udp to-addresses=10.71.69.14 to-ports=11941 /ip route add comment=Rota_Marcacao_FIRENET distance=1 gateway=168.194.165.184 \ routing-mark=link_claro add comment=Rota_Marcacao_RBTNET distance=1 gateway=10.4.96.1 routing-mark=\ link_rbtnet add comment=Rota_Padrao_FIRENET distance=1 gateway=168.194.165.184 add comment=Rota_Padrao_RBTNET disabled=yes distance=2 gateway=10.4.96.1 add comment=Rota_Teste_RBTNET distance=1 dst-address=8.8.4.4/32 gateway=\ 10.4.96.1 add comment=Rota_Teste_FIRENET distance=1 dst-address=8.8.8.8/32 gateway=\ 168.194.165.184 /ip service set telnet disabled=yes set ftp disabled=yes set ssh port=17169 set api port=2887 set winbox port=9182 set api-ssl disabled=yes port=2987 /ipv6 address add address=::1 comment="IPv6 MikroTik" from-pool=v6-firenet interface=\ bridge1 /ipv6 dhcp-client add add-default-route=yes interface=firenet pool-name=v6-firenet \ pool-prefix-length=56 request=prefix use-peer-dns=no /ipv6 firewall mangle add action=change-mss chain=forward comment="Clamp MSS to PMTU for IPv6" \ new-mss=clamp-to-pmtu passthrough=yes protocol=tcp tcp-flags=syn /system clock set time-zone-name=America/Sao_Paulo /system clock manual set dst-delta=-03:00 dst-end="feb/09/2024 00:00:00" dst-start=\ "feb/09/2024 00:00:00" time-zone=-03:00 /system identity set name=sektor /system ntp client set enabled=yes primary-ntp=200.160.7.186 secondary-ntp=201.49.148.135 /system scheduler add interval=1d name=backup on-event="/system script run number=backup" \ policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \ start-date=feb/10/2024 start-time=06:00:00 add interval=5m name=monitora-meu-ip on-event=\ " /system script run number=monitora-ip" policy=\ ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \ start-time=startup /system script add dont-require-permissions=yes name=backup owner=henrique policy=\ ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=":\ local COMPANY \"Henrique Fagundes\"\r\ \n:local sub1 ([/system identity get name])\r\ \n:local sub2 ([/system clock get time])\r\ \n:local sub3 ([/system clock get date])\r\ \n:local backupfile \"\$sub1.backup\"\r\ \n\r\ \n:local adminmail1 magnatahp@gmail.com\r\ \n \r\ \n:log warning \"\$COMPANY - Mikrotik Router Backup JOB Started...\"\r\ \n:log warning \"\$COMPANY - Creating new up-to date backup file...\"\r\ \n \r\ \n/system backup save name=\$backupfile dont-encrypt=yes\r\ \n\r\ \n:put \"\$COMPANY : Backup JOB process pausing for 20s so it can complete\ \_creating backup. Usually for Slow systems...\"\r\ \n:log warning \"\$COMPANY : Backup JOB process pausing for 20s so it can \ complete creating backup. Usually for Slow systems...\"\r\ \n:delay 20s\r\ \n \r\ \n:log warning \"Backup JOB is now sending Backup File via Email...\"\r\ \n\r\ \n/tool e-mail send to=\$adminmail1 subject=\"Backup da RB \$sub1 em \$sub\ 3, as \$sub2\" body=\"O arquivo de backup efetuado no dia \$sub3, as \$sub\ 2 segue em anexo.\" file=\$backupfile start-tls=yes\r\ \n\r\ \n:log warning \"\$COMPANY : BACKUP JOB: Sleeping for 20s seconds so email\ \_can be delivered...\"\r\ \n\r\ \n:delay 20s\r\ \n\r\ \n/file remove \$backupfile\r\ \n\r\ \n:log warning \"\$COMPANY : Backup JOB: Process Finished & Backup File Re\ moved. All Done. You should verify your inbox for confirmation.\"\r\ \n" add dont-require-permissions=no name=monitora-ip owner=henrique policy=\ ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=":\ local hostname \"6f3808c15de1.sn.mynetname.net\"\r\ \n:local chatId \"87646403\"\r\ \n:local botToken \"6406624225:AAHwj1f9DTzJlIK9_9mGiCXVmnJ-_Ed15J0\"\r\ \n:local fileName \"ip-atual.txt\"\r\ \n\r\ \n# LOG: In\EDcio\r\ \n:log info \"Verificando IP para \$hostname\"\r\ \n\r\ \n# VERIFICA SE O ARQUIVO EXISTE\r\ \n:if ([/file find name=\$fileName] = \"\") do={\r\ \n :log warning \"Arquivo \$fileName n\E3o encontrado. Criando com IP i\ nicial 0.0.0.0.\"\r\ \n /file print file=\$fileName where name=\$fileName\r\ \n /file set [find name=\$fileName] contents=\"0.0.0.0\"\r\ \n}\r\ \n\r\ \n# RESOLVE O HOSTNAME\r\ \n:local newIP [:resolve \$hostname]\r\ \n:if (\$newIP = \"\") do={\r\ \n :log error \"Falha ao resolver o dom\EDnio \$hostname. DNS pode esta\ r com problema.\"\r\ \n :return\r\ \n} else={\r\ \n :log info \"IP resolvido para \$hostname: \$newIP\"\r\ \n}\r\ \n\r\ \n# L\CA O IP SALVO ANTERIORMENTE\r\ \n:local oldIP [/file get [/file find name=\$fileName] contents]\r\ \n:log info \"IP anterior lido de \$fileName: \$oldIP\"\r\ \n\r\ \n# COMPARA IPs\r\ \n:if (\$newIP != \$oldIP) do={\r\ \n\r\ \n :log warning \"O IP mudou de \$oldIP para \$newIP\"\r\ \n\r\ \n # ATUALIZA ARQUIVO\r\ \n /file set [find name=\$fileName] contents=\$newIP\r\ \n :log info \"Arquivo \$fileName atualizado com novo IP: \$newIP\"\r\ \n\r\ \n # ENVIA MENSAGEM VIA TELEGRAM\r\ \n :local telegramURL (\"https://api.telegram.org/bot\" . \$botToken . \ \"/sendMessage\?chat_id=\" . \$chatId . \"&text=SEKTOR FIREWALL - O IP pub\ lico do firewall mudou para \" . \$newIP)\r\ \n /tool fetch url=\$telegramURL keep-result=no\r\ \n :log info \"Notifica\E7\E3o enviada para Telegram com o novo IP: \$n\ ewIP\"\r\ \n\r\ \n # OPCIONAL: ADICIONAR ATUALIZA\C7\C3O NA FIREWALL\r\ \n #:log info \"Aqui voc\EA pode atualizar a regra de firewall se desej\ ar\"\r\ \n\r\ \n} else={\r\ \n :log info \"O IP permanece o mesmo: \$oldIP\"\r\ \n}\r\ \n" /tool e-mail set address=smtp.zoho.com from= password=XXXXXXXXXXXXXXXXXXXXX \ port=587 start-tls=yes user=sektor@henrique.tec.br /tool netwatch add comment=Monitora_FIRENET down-script=":global rbnome \"SEKTOR FIREWALL\"\r\ \n:global operadora \"FIRENET\"\r\ \n:global ocorrencia \"CAIU\"\r\ \n\r\ \n:log info \"Notificacao - O Link da \$operadora \$ocorrencia!\"\r\ \n:global data [/system clock get date]\r\ \n:global hora [/system clock get time]\r\ \n\r\ \n:global msg \"\$rbnome - O Link da \$operadora \$ocorrencia em \$data as\ \_\$hora hs\"\r\ \n\r\ \n:global bot bot6406624225:AAHwj1f9DTzJlIK9_9mGiCXVmnJ-_Ed15J0\r\ \n:global lidiane 706264165\r\ \n:global henrique 87646403\r\ \n#:global nomes {\$henrique; \$lidiane;}\r\ \n:global nomes {\$henrique;}\r\ \n\r\ \n/ip route disable [find comment=\"Rota_Padrao_FIRENET\"]\r\ \n/ip route enable [find comment=Rota_Padrao_RBTNET]\r\ \n\r\ \n:delay 1s\r\ \n\r\ \n:foreach valor in=\$nomes do={\r\ \n/tool fetch keep-result=no \"https://api.telegram.org/\$bot/sendMessage\ \?chat_id=\$valor&text=\$msg\"\r\ \n}\r\ \n\r\ \n:log info message=\"A mensagem de notificacao foram enviados com sucesso\ !\"" host=8.8.8.8 interval=15s timeout=10s up-script=":global rbnome \"SEK\ TOR FIREWALL\"\r\ \n:global operadora \"FIRENET\"\r\ \n:global ocorrencia \"VOLTOU\"\r\ \n\r\ \n:log info \"Notificacao - O Link da \$operadora \$ocorrencia!\"\r\ \n:global data [/system clock get date]\r\ \n:global hora [/system clock get time]\r\ \n\r\ \n:global msg \"\$rbnome - O Link da \$operadora \$ocorrencia em \$data as\ \_\$hora hs\"\r\ \n\r\ \n:global bot bot6406624225:AAHwj1f9DTzJlIK9_9mGiCXVmnJ-_Ed15J0\r\ \n:global lidiane 706264165\r\ \n:global henrique 87646403\r\ \n#:global nomes {\$henrique; \$lidiane;}\r\ \n:global nomes {\$henrique;}\r\ \n\r\ \n/ip route disable [find comment=Rota_Padrao_RBTNET]\r\ \n/ip route enable [find comment=\"Rota_Padrao_FIRENET\"]\r\ \n\r\ \n:delay 1s\r\ \n\r\ \n:foreach valor in=\$nomes do={\r\ \n/tool fetch keep-result=no \"https://api.telegram.org/\$bot/sendMessage\ \?chat_id=\$valor&text=\$msg\"\r\ \n}\r\ \n\r\ \n:log info message=\"A mensagem de notificacao foram enviados com sucesso\ !\"" add comment=Monitora_RBTNET down-script=":global rbnome \"SEKTOR FIREWALL\"\r\ \n:global operadora \"RBTNET\"\r\ \n:global ocorrencia \"CAIU\"\r\ \n\r\ \n:log info \"Notificacao - O Link da \$operadora \$ocorrencia!\"\r\ \n:global data [/system clock get date]\r\ \n:global hora [/system clock get time]\r\ \n\r\ \n:global msg \"\$rbnome - O Link da \$operadora \$ocorrencia em \$data as\ \_\$hora hs\"\r\ \n\r\ \n:global bot bot6406624225:AAHwj1f9DTzJlIK9_9mGiCXVmnJ-_Ed15J0\r\ \n:global lidiane 706264165\r\ \n:global henrique 87646403\r\ \n#:global nomes {\$henrique; \$lidiane;}\r\ \n:global nomes {\$henrique;}\r\ \n\r\ \n/ip firewall mangle disable [find comment=SAIDA_RBTNET]\r\ \n\r\ \n:delay 1s\r\ \n\r\ \n:foreach valor in=\$nomes do={\r\ \n/tool fetch keep-result=no \"https://api.telegram.org/\$bot/sendMessage\ \?chat_id=\$valor&text=\$msg\"\r\ \n}\r\ \n\r\ \n:log info message=\"A mensagem de notificacao foram enviados com sucesso\ !\"" host=8.8.4.4 interval=15s timeout=10s up-script=":global rbnome \"SEK\ TOR FIREWALL\"\r\ \n:global operadora \"RBTNET\"\r\ \n:global ocorrencia \"VOLTOU\"\r\ \n\r\ \n:log info \"Notificacao - O Link da \$operadora \$ocorrencia!\"\r\ \n:global data [/system clock get date]\r\ \n:global hora [/system clock get time]\r\ \n\r\ \n:global msg \"\$rbnome - O Link da \$operadora \$ocorrencia em \$data as\ \_\$hora hs\"\r\ \n\r\ \n:global bot bot6406624225:AAHwj1f9DTzJlIK9_9mGiCXVmnJ-_Ed15J0\r\ \n:global lidiane 706264165\r\ \n:global henrique 87646403\r\ \n#:global nomes {\$henrique; \$lidiane;}\r\ \n:global nomes {\$henrique;}\r\ \n\r\ \n/ip firewall mangle enable [find comment=SAIDA_RBTNET]\r\ \n\r\ \n:delay 1s\r\ \n\r\ \n:foreach valor in=\$nomes do={\r\ \n/tool fetch keep-result=no \"https://api.telegram.org/\$bot/sendMessage\ \?chat_id=\$valor&text=\$msg\"\r\ \n}\r\ \n\r\ \n:log info message=\"A mensagem de notificacao foram enviados com sucesso\ !\""