
maxoliveira
(usa Slackware)
Enviado em 03/07/2025 - 10:34h
Amigo segue as informações, muitissimo obrigado.
NAT
===
/ip firewall export
# 2025-07-03 10:23:27 by RouterOS 7.12.2
# software id = 2MUX-7YH1
#
# model = RB3011UiAS
# serial number = HGA09G2ZQEP
/ip firewall address-list
add address=xvideos.com list="Sites Bloqueados"
add address=roblox.com.br list="Sites Bloqueados"
add address=pt.pornhub.com list="Sites Bloqueados"
add address=webmail-seguro.com.br list="Sites Liberados"
/ip firewall filter
add action=accept chain=input comment=\
"Permitir conexes estabelecidas e relacionadas" \
connection-state=established,related disabled=yes
add action=drop chain=forward disabled=yes dst-address-list=\
"Sites Bloqueados" dst-port=80,443 protocol=tcp
add action=drop chain=forward disabled=yes dst-port=80,443 \
protocol=tcp tls-host=*torrent*
add action=accept chain=forward disabled=yes dst-port=80,443 \
protocol=tcp
add action=accept chain=forward disabled=yes dst-address=\
186.202.140.214 dst-port=80,443,993,143,465,995 \
protocol=tcp
/ip firewall nat
add action=masquerade chain=srcnat src-address=0.0.0.0
add action=dst-nat chain=dstnat comment="SERVIDOR WEB" \
dst-address=186.201.12.10 dst-port=85 protocol=tcp \
to-addresses=192.168.0.96 to-ports=80
add action=dst-nat chain=dstnat comment="SERVER WEB" \
dst-address=186.201.12.10 dst-address-list="" dst-port=\
80 protocol=tcp to-addresses=192.168.0.16 to-ports=80
add action=dst-nat chain=dstnat comment="SERVIDOR DESCANSO" \
dst-address=192.168.0.12 dst-port=7082 protocol=tcp \
to-addresses=192.168.0.12 to-ports=7082
add action=dst-nat chain=dstnat comment="SERVIDOR REST 01" \
disabled=yes dst-address=192.168.0.16 dst-port=8522 \
protocol=tcp to-addresses=192.168.0.16 to-ports=22
add action=dst-nat chain=dstnat comment="MARIA DB-02" \
disabled=yes dst-address=192.168.0.16 dst-port=13306 \
protocol=tcp to-addresses=192.168.0.16 to-ports=3306
add action=dst-nat chain=dstnat comment=SSH97 disabled=yes \
dst-address=192.168.0.16 dst-port=2022 protocol=tcp \
to-addresses=192.168.0.16 to-ports=22
add action=dst-nat chain=dstnat comment=BANCO dst-address=\
186.201.12.10 dst-port=3050 protocol=tcp to-addresses=\
192.168.0.21 to-ports=3050
add action=dst-nat chain=dstnat comment="SOMENTE OFFICE" \
dst-address=192.168.0.4 dst-port=11080 protocol=tcp \
to-addresses=192.168.0.4 to-ports=11080
add action=dst-nat chain=dstnat comment=VIVO dst-address=\
192.168.0.21 dst-port=9060 protocol=tcp to-addresses=\
192.168.0.21 to-ports=80
add action=dst-nat chain=dstnat comment=CAMERAS dst-address=\
192.168.0.137 dst-port=9090 protocol=tcp to-addresses=\
192.168.0.137 to-ports=9090
add action=dst-nat chain=dstnat comment="CAMERAS II" \
dst-address=192.168.0.137 dst-port=9000 protocol=tcp \
to-addresses=192.168.0.137 to-ports=9000
add action=dst-nat chain=dstnat comment=TCP-1521-VIVO \
dst-address=192.168.0.10 dst-port=1521 protocol=tcp \
to-addresses=192.168.0.10 to-ports=1521
add action=dst-nat chain=dstnat comment=PROJETO dst-address=\
192.168.0.4 dst-port=3389 protocol=tcp to-addresses=\
192.168.0.4 to-ports=3389
add action=dst-nat chain=dstnat comment="SRV APLICATIVO" \
dst-address=192.168.0.5 dst-port=8066 protocol=tcp \
to-addresses=192.168.0.5 to-ports=8066
add action=dst-nat chain=dstnat dst-address=192.168.0.124 \
dst-port=6124 protocol=tcp to-addresses=192.168.0.124 \
to-ports=3389
add action=dst-nat chain=dstnat comment=TCP9088 dst-address=\
192.168.0.12 dst-port=9088 protocol=tcp to-addresses=\
192.168.0.12 to-ports=80
add action=dst-nat chain=dstnat comment=TCP6110 dst-address=\
192.168.0.30 dst-port=6110 protocol=tcp to-addresses=\
192.168.0.30 to-ports=3389
add action=dst-nat chain=dstnat comment=TCP6179 dst-address=\
192.168.0.3 dst-port=6179 protocol=tcp to-addresses=\
192.168.0.3 to-ports=3389
add action=dst-nat chain=dstnat comment=TCP6080 dst-address=\
192.168.0.208 dst-port=6080 protocol=tcp to-addresses=\
192.168.0.208 to-ports=3389
add action=dst-nat chain=dstnat comment=TCP18080 \
dst-address=192.168.0.176 dst-port=6146 protocol=tcp \
to-addresses=192.168.0.176 to-ports=3389
add action=dst-nat chain=dstnat dst-address=192.168.0.10 \
dst-port=1521 protocol=tcp to-addresses=192.168.0.10 \
to-ports=1521
add action=dst-nat chain=dstnat comment=NAS-SFTP \
dst-address=192.168.0.6 dst-port=2252 protocol=tcp \
to-addresses=192.168.0.6 to-ports=2252
add action=dst-nat chain=dstnat dst-address=186.201.12.10 \
dst-port=18080 protocol=tcp to-addresses=192.168.0.21 \
to-ports=8080
add action=dst-nat chain=dstnat comment=MIKROTIK disabled=\
yes dst-address=192.168.0.1 dst-port=8728 protocol=tcp \
to-addresses=192.168.0.1
add action=masquerade chain=srcnat out-interface-list=WAN
add action=dst-nat chain=dstnat comment="BANCO SGAR" \
dst-address=192.168.0.17 dst-port=3050 protocol=tcp \
to-addresses=192.168.0.17 to-ports=3050
add action=dst-nat chain=dstnat dst-address=192.168.0.21 \
dst-port=3050 protocol=tcp to-addresses=192.168.0.21 \
to-ports=3050
add action=masquerade chain=srcnat
add action=masquerade chain=srcnat out-interface-list=WAN
add action=accept chain=srcnat disabled=yes dst-port=1723 \
protocol=tcp
add action=accept chain=srcnat disabled=yes protocol=gre
add action=masquerade chain=srcnat comment=\
"masq. vpn traffic" src-address=192.168.89.0/24
add action=dst-nat chain=dstnat comment=RILDO dst-address=\
186.201.12.10 dst-port=8090 protocol=tcp to-addresses=\
192.168.0.2 to-ports=8090
add action=dst-nat chain=dstnat dst-address=186.201.12.10 \
dst-address-list="" dst-port=11080 protocol=tcp \
to-addresses=192.168.0.4 to-ports=11080
/ip firewall service-port
set ftp disabled=yes
set tftp disabled=yes
set h323 disabled=yes
set sip disabled=yes
set pptp disabled=yes
DNS
====
servers: 8.8.8.8,8.8.4.4
dynamic-servers:
use-doh-server:
verify-doh-cert: no
doh-max-server-connections: 5
doh-max-concurrent-queries: 50
doh-timeout: 5s
allow-remote-requests: no
max-udp-packet-size: 4096
query-server-timeout: 2s
query-total-timeout: 10s
max-concurrent-queries: 100
max-concurrent-tcp-sessions: 20
cache-size: 2048KiB
cache-max-ttl: 1w
address-list-extra-time: 0s
cache-used: 38KiB
ROTAS
======
Flags: D - DYNAMIC; A - ACTIVE; c - CONNECT, s - STATIC
Columns: DST-ADDRESS, GATEWAY, DISTANCE
# DST-ADDRESS GATEWAY DISTANCE
;;; ROTA_MUNDIVOX
0 s 0.0.0.0/0 187.102.151.41 2
;;; ROTA_VIVO
1 As 0.0.0.0/0 186.201.12.9 1
;;; Monitora Vivo
2 As 1.1.1.1/32 186.201.12.9 1
DAc 186.200.0.0/14 ether1 0
DAc 187.102.151.40/29 ether2 0
DAc 192.168.0.0/24 ether3 0