====== Scripts para gerar a configuração para BRAS Mikrotik RB750 ====== ===== Script PHP ===== Esse script é o que vai receber as informações, repassar para ou próximo scritp, receber o retorno e mostrar na tela. Cria configuração de concentradores PPPoE para RB750 Informe todos os dados abaixo.

Pool IPs de CGNat:

IP para a LoopBack:

Número de interfaces com PPPoE (entre 1 e 4):

Local da instalação do concentrador:

Faixa da WAN:

IP da WAN:

Gateway da WAN:

IP público:

Senha do Radius:

Favor informar TODOS os dados solicitados.'; } } ?> Esse é o script .sh que gera a configuração, salvar como configura_cpppoe_mk_750.sh. #!/bin/bash # # Descrição das variaveis. # # IP_Pool: faixa de IP de CGnat, exemplo 100.64.66.0/27 # IP_Loopback: IP /32 da interface loopback que será usado para comunicação com o Radius # numPPPoE: número de interfaces com servidor PPPoE, deve ser entre 1 e 4 # Local: nome da localidade onde o concentrador será instalado # net_WAN: identificação da rede da WAN, exemplo se a rede for 10.10.10.0/30 a rede será 10.10.10.0 # IP_Pub: IP que ficará na WAN para CGNat # IP_WAN: IP privado que ficará na WAN do roteador # IP_gw: Endereço IP do gateway e que irá fechar o OSPF # Radius_Password: senha de autenticação do servidor radius # # Como usar o script: # echo 100.64.66.0/27 172.16.100.250 4 "Nome_do_Local" 10.0.100.252 177.137.58.121 10.0.100.254 10.0.100.253 "Senha_do_Radius_aqui" | bash configura_cpppoe_mk_750.sh # read IP_Pool IP_Loopback numPPPoE Local net_WAN IP_Pub IP_WAN IP_gw Radius_Password echo " /interface bridge add fast-forward=no name=LoopBack /interface ethernet set [ find default-name=ether1 ] comment=\"LINK_ONU - OSPF Borda\" " numPPPoE=$numPPPoE+1; echo "/interface vlan" for (( port=2; port<=$numPPPoE; port++ )) do echo "add interface=ether$port name=Vlan3-Gerencia_Rede_ether$port vlan-id=3" done echo "/ip pool add name=POOL_FTTH ranges=$IP_Pool " echo "/queue type set 0 pfifo-limit=60 set 9 pfifo-limit=60 /ppp profile set *0 dns-server=8.8.8.8,1.1.1.1 local-address=$IP_Loopback only-one=yes queue-type=default remote-address=POOL_FTTH " echo "/routing ospf instance set [ find default=yes ] redistribute-connected=as-type-2 redistribute-static=as-type-2 router-id=$IP_Loopback /snmp community add addresses=172.16.0.100/32 name=Comunidade_Leitura /ip settings set rp-filter=strict tcp-syncookies=yes " echo "/interface pppoe-server server" for (( port=2; port<=$numPPPoE; port++ )) do echo "add authentication=pap,chap disabled=no interface=ether$port max-mru=1492 max-mtu=1492 mrru=1600 one-session-per-host=yes service-name=PPPoE_$Local-Ether_$port" done echo "/ip address add address=$IP_WAN/30 interface=ether1 network=$net_WAN add address=$IP_Pub interface=ether1 network=$IP_Pub add address=$IP_Loopback interface=LoopBack network=$IP_Loopback /ip dns set servers=8.8.8.8,1.1.1.1 /ip firewall address-list add address=172.16.0.100 list=redes_com_acesso_total add address=172.16.10.0/28 list=redes_sem_nat add address=8.8.8.8 list=ServidoresLiberados " echo "/ip firewall filter add action=drop chain=input connection-state=!established,new src-address-list=!redes_com_acesso_total add action=drop chain=forward dst-port=21,22,23,80,443,5060,5431,8089,8090,8091,8291,8092,8080 out-interface=all-ppp protocol=tcp src-address-list=!redes_com_acesso_total add action=drop chain=forward dst-port=21,22,23 out-interface=all-ppp protocol=tcp src-address-list=!redes_com_acesso_total add action=drop chain=forward dst-port=19,25,53,1900,10001,11211 out-interface=all-ppp protocol=tcp src-address-list=!redes_com_acesso_total add action=drop chain=forward dst-port=19,25,53,1900,5656-5699,10001,11211 out-interface=all-ppp protocol=udp /ip firewall nat add action=src-nat chain=srcnat dst-address=200.192.232.8 out-interface=ether1 src-address=$IP_WAN to-addresses=$IP_Pub " echo "/ip firewall service-port set ftp disabled=yes set tftp disabled=yes set irc disabled=yes set h323 disabled=yes set sip disabled=yes set udplite disabled=yes set dccp disabled=yes set sctp disabled=yes /ip route add distance=200 gateway=$IP_gw /ip service set telnet disabled=yes set ftp disabled=yes set ssh disabled=yes set api disabled=yes set api-ssl disabled=yes /ip upnp set enabled=yes /ppp aaa set interim-update=5m use-radius=yes /radius add address=172.16.100.12 secret=$Radius_Password service=ppp src-address=$IP_Loopback add address=172.16.200.12 secret=$Radius_Password service=ppp src-address=$IP_Loopback /radius incoming set accept=yes /routing filter add action=discard chain=ospf-in prefix=!0.0.0.0/0 /routing ospf interface add disabled=no interface=LoopBack network-type=broadcast /routing ospf network add area=backbone network=$net_WAN/30 " echo "/snmp set contact=\"Nome de contato\" enabled=yes location=\"$Local\" trap-community=Comunidade_Leitura trap-version=2 /system clock set time-zone-name=America/Bahia /system identity set name=CPPPoE_$Local /system ntp client set enabled=yes primary-ntp=200.192.232.8 /system routerboard settings set silent-boot=no /tool bandwidth-server set enabled=no " echo "#################################################################################### Configuração para CGNat ####################################################################################" ipRede=$(echo $IP_Pool | sed -e "s/\/.*//g") echo \" :global sqrt do={ :for i from=0 to=$1 do={ :if (i * i > $1) do={ :return ($i - 1) } } } :global addNatRules do={ /ip firewall nat add chain=srcnat action=jump jump-target=CGNat \ src-address="$($srcStart)-$($srcStart + $count - 1)" :local x [$sqrt $count] :local y $x :if ($x * $x = $count) do={ :set y ($x + 1) } :for i from=0 to=$x do={ /ip firewall nat add chain=CGNat action=jump jump-target="CGNat-$($i)" \ src-address="$($srcStart + ($x * $i))-$($srcStart + ($x * ($i + 1) - 1))" } :for i from=0 to=($count - 1) do={ :local prange "$($portStart + ($i * $portsPerAddr))-$($portStart + (($i + 1) * $portsPerAddr) - 1)" /ip firewall nat add chain="CGNat-$($i / $x)" action=src-nat protocol=tcp src-address=($srcStart + $i) \ to-address=$toAddr to-ports=$prange /ip firewall nat add chain="CGNat-$($i / $x)" action=src-nat protocol=udp src-address=($srcStart + $i) \ to-address=$toAddr to-ports=$prange } } \" echo " \$addNatRules count=32 srcStart=$ipRede toAddr=$IP_Pub portStart=1000 portsPerAddr=2000 /ip firewall nat /ip firewall nat add action=src-nat chain=srcnat src-address=$IP_Pool to-addresses=$IP_Pub "