# model: RB5009UPr+S+ # serial-number: HEM08ZNS48W # firmware-type: 70x0 # current-firmware: 7.8 # installed-version: 7.14.3 # Flags: U - UNDOABLE # Columns: ACTION, BY, POLICY, TIME # ACTION BY POLICY TIME # U queue changed admin write 2024-10-04 13:03:28 # U queue changed admin write 2024-10-04 13:03:28 # U queue changed admin write 2024-10-04 13:03:28 # U queue changed admin write 2024-10-04 13:03:28 # U device changed admin write 2024-10-04 13:03:28 # U queue changed admin write 2024-10-04 13:03:28 # U queue changed admin write 2024-10-04 13:03:28 # U queue type changed admin write 2024-10-04 13:03:27 # U queue type changed admin write 2024-10-04 13:03:27 # U address list entry changed admin write 2024-10-04 13:03:27 # U queue changed admin write 2024-10-04 13:01:31 # U queue changed admin write 2024-10-04 13:01:31 # U queue changed admin write 2024-10-04 13:01:31 # U queue changed admin write 2024-10-04 13:01:31 # U queue changed admin write 2024-10-04 13:01:31 # U queue changed admin write 2024-10-04 13:01:31 # U device changed admin write 2024-10-04 13:01:30 # U queue type changed admin write 2024-10-04 13:01:30 # U queue type changed admin write 2024-10-04 13:01:30 # U address list entry changed admin write 2024-10-04 13:01:30 # U queue changed admin write 2024-10-04 12:59:31 # U queue changed admin write 2024-10-04 12:59:31 # U queue changed admin write 2024-10-04 12:59:31 # U queue changed admin write 2024-10-04 12:59:31 # U queue changed admin write 2024-10-04 12:59:31 # U queue changed admin write 2024-10-04 12:59:30 # U device changed admin write 2024-10-04 12:59:30 # U queue type changed admin write 2024-10-04 12:59:30 # U queue type changed admin write 2024-10-04 12:59:30 # U address list entry changed admin write 2024-10-04 12:59:30 # U queue changed admin write 2024-10-04 12:04:00 # U queue changed admin write 2024-10-04 12:04:00 # U queue changed admin write 2024-10-04 12:04:00 # U queue changed admin write 2024-10-04 12:04:00 # U queue changed admin write 2024-10-04 12:03:59 # U queue changed admin write 2024-10-04 12:03:59 # U device changed admin write 2024-10-04 12:03:59 # U queue type changed admin write 2024-10-04 12:03:59 # U address list entry changed admin write 2024-10-04 12:03:59 # U queue type changed admin write 2024-10-04 12:03:59 # U queue changed admin write 2024-10-04 11:42:50 # U queue changed admin write 2024-10-04 11:42:50 # U queue changed admin write 2024-10-04 11:42:50 # U queue changed admin write 2024-10-04 11:42:49 # U queue changed admin write 2024-10-04 11:42:49 # U queue changed admin write 2024-10-04 11:42:49 # U device changed admin write 2024-10-04 11:42:49 # U queue type changed admin write 2024-10-04 11:42:49 # U queue type changed admin write 2024-10-04 11:42:49 # U address list entry changed admin write 2024-10-04 11:42:49 # U queue changed admin write 2024-10-04 11:34:55 # U queue changed admin write 2024-10-04 11:34:55 # U queue changed admin write 2024-10-04 11:34:55 # U queue changed admin write 2024-10-04 11:34:55 # U queue changed admin write 2024-10-04 11:34:55 # U queue changed admin write 2024-10-04 11:34:55 # U device changed admin write 2024-10-04 11:34:55 # U queue type changed admin write 2024-10-04 11:34:54 # U queue type changed admin write 2024-10-04 11:34:54 # U address list entry changed admin write 2024-10-04 11:34:54 # U queue changed admin write 2024-10-03 18:40:42 # U queue changed admin write 2024-10-03 18:40:42 # U queue changed admin write 2024-10-03 18:40:42 # U queue changed admin write 2024-10-03 18:40:42 # U queue changed admin write 2024-10-03 18:40:42 # U queue changed admin write 2024-10-03 18:40:42 # U address list entry changed admin write 2024-10-03 18:40:42 # U device changed admin write 2024-10-03 18:40:41 # U queue type changed admin write 2024-10-03 18:40:41 # U queue type changed admin write 2024-10-03 18:40:41 # U queue changed admin write 2024-10-03 18:03:16 # U queue changed admin write 2024-10-03 18:03:16 # U queue changed admin write 2024-10-03 18:03:16 # U queue changed admin write 2024-10-03 18:03:16 # U queue changed admin write 2024-10-03 18:03:16 # U device changed admin write 2024-10-03 18:03:16 # U queue changed admin write 2024-10-03 18:03:16 # U address added admin write 2024-10-03 18:03:16 # U address list entry changed admin write 2024-10-03 18:03:16 # U queue type changed admin write 2024-10-03 18:03:16 # U route 10.0.30.0/24 added admin write 2024-10-03 18:03:16 # U queue type changed admin write 2024-10-03 18:03:16 # U address removed sergei.danilov write 2024-10-03 18:02:42 # U queue changed admin write 2024-10-03 17:52:45 # U queue changed admin write 2024-10-03 17:52:45 # U queue changed admin write 2024-10-03 17:52:45 # U queue changed admin write 2024-10-03 17:52:45 # U device changed admin write 2024-10-03 17:52:45 # U queue changed admin write 2024-10-03 17:52:45 # U queue changed admin write 2024-10-03 17:52:45 # U address list entry changed admin write 2024-10-03 17:52:45 # U address added admin write 2024-10-03 17:52:45 # U route 10.0.30.0/24 added admin write 2024-10-03 17:52:44 # U queue type changed admin write 2024-10-03 17:52:44 # U queue type changed admin write 2024-10-03 17:52:44 # U address removed sergei.danilov write 2024-10-03 17:50:55 # U queue changed admin write 2024-10-03 17:50:11 # U queue changed admin write 2024-10-03 17:50:11 # U queue changed admin write 2024-10-03 17:50:11 # U queue changed admin write 2024-10-03 17:50:11 # # software id = BU0F-Q1M9 # # model = RB5009UPr+S+ # serial number = HEM08ZNS48W /interface bridge add fast-forward=no name=bridge_local /interface ovpn-client add auth=sha256 connect-to=5.187.0.165 disabled=yes disconnect-notify=no mac-address=02:13:BC:3C:40:4F name=ovpn-frankfurt password="DyIV>@q/RgJ{" protocol=udp route-nopull=yes use-peer-dns=no user=SPBGW add certificate=vpn-office-spb.crt cipher=aes256-cbc connect-to=vpn.tages.ru mac-address=FE:E9:FA:06:4A:19 name=ovpn-office-spb password="uF5\$2RXpjHvA" port=1202 use-peer-dns=no user=vpn-office-spb add certificate=ovpn-cert.pem_0 connect-to=5.187.0.165 disabled=yes mac-address=02:2E:3F:80:20:60 name=ovpn-out1 protocol=udp route-nopull=yes user=1 /interface wireguard add listen-port=51820 mtu=1420 name=wireguard-frankfurt private-key="mD3ySWud0L4xZ9wZTm+QXuHucnpVPgOol+yyo0j8nE0=" add disabled=yes listen-port=13231 mtu=1420 name=wireguard1 private-key="KHYJ1vXJ54v2gL+OlkmqJwX9ZhVeMgzSOTNCDrdfQEs=" /interface list add name=LAN add name=WAN /ip dhcp-server option add code=66 name=option66 value="'192.168.70.1'" add code=67 name=67_netboot value="'netboot.xyz-snponly.efi'" add code=67 force=yes name=67 value="'iventoy_loader_16000_uefi'" /ip pool add name=dhcp_local_pool ranges=192.168.70.10-192.168.70.254 /ip dhcp-server add address-pool=dhcp_local_pool interface=bridge_local lease-time=1h name=dhcp_bridge_local /ppp profile set *0 local-address=192.168.30.13 remote-address=192.168.30.1 /interface sstp-client add connect-to=5.187.0.165 name=sstp-out1 password=YOU_VPN_PASS profile=default-encryption user=YOUR_VPN_USERNAME verify-server-address-from-certificate=no /queue type add kind=pcq name=PCQ-Download pcq-burst-time=1m10s pcq-classifier=dst-address pcq-dst-address-mask=0 pcq-dst-address6-mask=0 pcq-rate=60M pcq-src-address-mask=0 pcq-src-address6-mask=0 add kind=pcq name=PCQ-Upload pcq-burst-time=1m10s pcq-classifier=dst-address pcq-dst-address-mask=0 pcq-dst-address6-mask=0 pcq-rate=60M pcq-src-address-mask=0 pcq-src-address6-mask=0 /queue tree add bucket-size=0.2 max-limit=65M name=WAN_IN parent=global queue=PCQ-Download add bucket-size=0.2 max-limit=65M name=WAN_OUT parent=global queue=PCQ-Upload add bucket-size=0.2 name=OTHER_IN packet-mark=Other_in parent=WAN_IN queue=PCQ-Download add max-limit=65M name=RTP_IN packet-mark=RTP_In parent=WAN_IN priority=1 queue=PCQ-Download add bucket-size=0.2 name=OTHER_OUT packet-mark=Other_out parent=WAN_OUT queue=PCQ-Upload add max-limit=65M name=RTP-OUT packet-mark=RTP_Out parent=WAN_OUT priority=1 queue=PCQ-Upload /routing table add fib name=VPN_UNBLOCK /system logging action set 3 bsd-syslog=yes remote=178.154.206.90 syslog-facility=syslog /user group add name=api_write policy="read,write,policy,password,sensitive,api,!local,!telnet,!ssh,!ftp,!reboot,!test,!winbox,!web,!sniff,!romon,!rest-api" add name=api_read policy="read,sensitive,api,!local,!telnet,!ssh,!ftp,!reboot,!write,!policy,!test,!winbox,!password,!web,!sniff,!romon,!rest-api" /interface bridge port add bridge=bridge_local interface=ether5 add bridge=bridge_local interface=ether7 add bridge=bridge_local interface=ether4 add bridge=bridge_local interface=ether3 add bridge=bridge_local interface=ether2 add bridge=bridge_local interface=ether8 add bridge=bridge_local interface=ether6 add bridge=bridge_local interface=sfp-sfpplus1 /interface bridge settings set allow-fast-path=no /ip neighbor discovery-settings set discover-interface-list=none lldp-med-net-policy-vlan=1 protocol="" /interface list member add interface=bridge_local list=LAN add interface=ether1 list=WAN /interface wireguard peers add allowed-address=0.0.0.0/0 client-address=10.0.0.2/32 client-listen-port=51820 endpoint-address=5.187.0.165 endpoint-port=51820 interface=wireguard-frankfurt public-key="L2Y3FAHnCS/YwwJDxhjsUC9TsNK9xdMt6CppGH/Ym7M=" /ip address add address=217.195.93.246/19 interface=ether1 network=217.195.64.0 add address=192.168.70.1/24 interface=bridge_local network=192.168.70.0 add address=10.0.0.2/24 interface=wireguard-frankfurt network=10.0.0.0 /ip arp add address=192.168.70.238 interface=bridge_local mac-address=F0:18:98:38:1D:3B /ip dhcp-server lease add address=192.168.70.92 comment="DANILOV TEMP MIKROTIK" mac-address=08:00:27:14:08:E0 server=dhcp_bridge_local add address=192.168.70.39 comment="DANILOV MAC" mac-address=3C:22:FB:0E:B6:1D server=dhcp_bridge_local add address=192.168.70.50 client-id=ff:ca:53:9:5a:0:2:0:0:ab:11:3a:59:81:2e:85:14:99:33 mac-address=BC:24:11:4B:BF:F4 server=dhcp_bridge_local add address=192.168.70.151 mac-address=88:66:5A:54:37:F1 server=dhcp_bridge_local add address=192.168.70.85 client-id=1:78:9a:18:27:da:67 mac-address=78:9A:18:27:DA:67 server=dhcp_bridge_local add address=192.168.70.38 client-id=1:70:85:c2:d5:26:15 mac-address=70:85:C2:D5:26:15 server=dhcp_bridge_local /ip dhcp-server network add address=192.168.70.0/24 dns-server=192.168.70.1 gateway=192.168.70.1 /ip dns set allow-remote-requests=yes servers=8.8.8.8 /ip firewall address-list add address=ark.intel.com disabled=yes list=VPN_UNBLOCK add address=www.intel.com disabled=yes list=VPN_UNBLOCK add address=veeam.com disabled=yes list=VPN_UNBLOCK add address=medium.com disabled=yes list=VPN_UNBLOCK add address=linkedin.com disabled=yes list=VPN_UNBLOCK add disabled=yes list=VPN_UNBLOCK add address=dell.com disabled=yes list=VPN_UNBLOCK add address=helpcenter.veeam.com disabled=yes list=VPN_UNBLOCK add address=chatgpt.com disabled=yes list=VPN_UNBLOCK add address=www.disctech.com disabled=yes list=VPN_UNBLOCK add address=facebook.com disabled=yes list=VPN_UNBLOCK add address=community.cisco.com disabled=yes list=VPN_UNBLOCK add address=ident.me list=VPN_UNBLOCK add address=help.veeam.com disabled=yes list=VPN_UNBLOCK add address=docker.io disabled=yes list=VPN_UNBLOCK add address=hub.docker.com disabled=yes list=VPN_UNBLOCK add address=instagram.com disabled=yes list=VPN_UNBLOCK add list=brute_stage2 add list=brute_stage1 add address=91.142.93.232/30 comment=Miran list=Trusted_list add list=brute_stage3 add address=91.142.81.128/29 comment=Miran list=Trusted_list add address=91.142.93.80/28 comment=Miran list=Trusted_list add address=192.168.70.39 comment=SPB_DANILOV list=Trusted_list add address=5.187.0.165 comment=outline list=Trusted_list add address=91.142.93.32/28 comment=Miran list=Trusted_list add address=217.195.93.246 comment=SPB_OFFICE list=Trusted_list add address=192.168.70.38 list=NO_INET /ip firewall filter add action=accept chain=input src-address=192.168.70.0/24 add action=accept chain=input src-address=10.0.0.0/24 add action=accept chain=output dst-address=10.0.0.0/24 add action=accept chain=input src-address=5.187.0.165 add action=accept chain=output dst-address=5.187.0.165 add action=drop chain=forward comment="BLOCK 1C VM INET" dst-address=!192.168.70.0/24 src-address-list=NO_INET add action=accept chain=input comment="ALLOW ESTABLISHED, RELATED INPUT" connection-state=established,related,untracked add action=accept chain=input comment="Allow trusted list" src-address-list=Trusted_list add action=drop chain=input comment="Drop invalid connections" connection-state=invalid add action=add-src-to-address-list address-list=BAN_brute_blacklist address-list-timeout=30m chain=input comment=brute_s3 connection-state=new dst-port=11209,11210,8728 protocol=tcp src-address-list=brute_stage2 add action=add-src-to-address-list address-list=brute_stage2 address-list-timeout=15m chain=input comment=brute_s2 connection-state=new dst-port=11209,11210,8728 protocol=tcp src-address-list=brute_stage1 add action=add-src-to-address-list address-list=brute_stage1 address-list-timeout=5m chain=input comment=brute_s1 connection-state=new dst-port=11209,11210,8728 protocol=tcp src-address-list=!Trusted_list add action=accept chain=input comment="Permit API" connection-state="" dst-port=8728 protocol=tcp add action=accept chain=input comment="Permit Winbox/SSH" dst-port=11209,11210 protocol=tcp add action=add-src-to-address-list address-list=BAN_black_list address-list-timeout=30m chain=input comment="Add Syn Flood IP to the list" connection-limit=30,32 connection-state=new in-interface-list=WAN protocol=tcp tcp-flags=syn add action=add-src-to-address-list address-list=BAN_black_list address-list-timeout=2w chain=input comment="Port scanners to list" in-interface-list=WAN protocol=tcp psd=21,3s,3,1 add action=add-src-to-address-list address-list=BAN_black_list address-list-timeout=2w chain=input comment="NMAP FIN Stealth scan" in-interface-list=WAN protocol=tcp tcp-flags=fin,!syn,!rst,!psh,!ack,!urg add action=add-src-to-address-list address-list=BAN_black_list address-list-timeout=2w chain=input comment="SYN/FIN scan" in-interface-list=WAN protocol=tcp tcp-flags=fin,syn add action=add-src-to-address-list address-list=BAN_black_list address-list-timeout=2w chain=input comment="SYN/RST scan" in-interface-list=WAN protocol=tcp tcp-flags=syn,rst add action=add-src-to-address-list address-list=BAN_black_list address-list-timeout=2w chain=input comment="FIN/PSH/URG scan" in-interface-list=WAN protocol=tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack add action=add-src-to-address-list address-list=BAN_black_list address-list-timeout=2w chain=input comment="ALL/ALL scan" in-interface-list=WAN protocol=tcp tcp-flags=fin,syn,rst,psh,ack,urg add action=add-src-to-address-list address-list=BAN_black_list address-list-timeout=2w chain=input comment="NMAP NULL scan" in-interface-list=WAN protocol=tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg add action=jump chain=forward comment=DDOS-DETECTION connection-state=new jump-target=detect-ddos add action=return chain=detect-ddos comment="ADD COMMENT" dst-limit=32,32,src-and-dst-addresses/10s add action=return chain=detect-ddos comment="ADD COMMENT" dst-limit=32,32,src-and-dst-addresses/10s protocol=tcp tcp-flags=syn,ack add action=add-dst-to-address-list address-list=ddos-targets address-list-timeout=10m chain=detect-ddos comment="ADD COMMENT" add action=drop chain=input comment=TESTOVOE1 connection-state=invalid add action=drop chain=input comment=TESTOVOE2 connection-state=invalid add action=drop chain=input comment=TESTOVOE3 connection-state=invalid add action=add-src-to-address-list address-list=ddos-attackers address-list-timeout=10m chain=detect-ddos comment="ADD COMMENT" add action=accept chain=input comment="ICMP attack prevention" icmp-options=3:0-255 limit=1,5:packet protocol=icmp add action=drop chain=input comment="Accept ICMP" icmp-options=3:0-255 protocol=icmp add action=accept chain=input comment="Accept ICMP" icmp-options=8:0 limit=1,5 protocol=icmp add action=accept chain=input comment="Accept ICMP" icmp-options=12:0-255 limit=1,5 protocol=icmp add action=drop chain=input comment="Drop any other" connection-nat-state=!dstnat connection-state=new in-interface-list=WAN add action=accept chain=forward comment="Accept established,related,untracked" connection-state=established,related,untracked add action=accept chain=forward comment="Accept forward" /ip firewall mangle add action=mark-connection chain=prerouting comment=meet disabled=yes dst-address=74.125.250.0/24 fragment=no new-connection-mark=meet passthrough=yes add action=mark-packet chain=prerouting comment="ADD COMMENT" connection-mark=meet disabled=yes fragment=no new-packet-mark=GMeet packet-mark=no-mark passthrough=no add action=mark-connection chain=prerouting comment="RTP traffic in" new-connection-mark=RTP-connect passthrough=yes port=8801,3478,3479,19302-19309,10000 protocol=udp add action=mark-packet chain=prerouting comment="ADD COMMENT" connection-mark=RTP-connect new-packet-mark=RTP_In passthrough=no add action=mark-connection chain=forward comment="RTP traffic out" new-connection-mark=RTP-connect-out out-interface-list=WAN passthrough=yes port=8801,3478,3479,19302-19309,10000 protocol=udp add action=mark-packet chain=forward comment="ADD COMMENT" connection-mark=RTP-connect-out new-packet-mark=RTP_Out out-interface-list=WAN passthrough=no add action=mark-connection chain=forward comment="Other in mark connection" disabled=yes fragment=no in-interface-list=WAN new-connection-mark=Other_in passthrough=yes port=!8801,3478,3479,19302-19309,10000 protocol=udp add action=mark-packet chain=forward comment="Other in mark packet" connection-mark=Other_in disabled=yes fragment=no in-interface-list=WAN new-packet-mark=Other_in passthrough=yes port=!8801,3478,3479,19302-19309,10000 protocol=udp add action=mark-connection chain=prerouting comment="Other in" connection-mark=!RTP-connect in-interface-list=WAN new-connection-mark=Other_in packet-mark=!RTP_In passthrough=yes add action=mark-packet chain=prerouting comment="ADD COMMENT" connection-mark=Other_in in-interface-list=WAN new-packet-mark=Other_in packet-mark=!RTP_In passthrough=no add action=mark-connection chain=output comment="Other out" new-connection-mark=Other_out out-interface-list=WAN packet-mark=!RTP_Out passthrough=yes add action=mark-packet chain=output comment="ADD COMMENT" connection-mark=Other_out new-packet-mark=Other_out out-interface-list=WAN packet-mark=!RTP_Out passthrough=no add action=mark-connection chain=prerouting comment=google-meet dst-address-list=Google-meet fragment=no new-connection-mark=google-meet passthrough=yes add action=mark-packet chain=prerouting comment=google-meet connection-mark=google-meet fragment=no new-packet-mark=google-meet-packet passthrough=no add action=mark-routing chain=prerouting comment="ADD COMMENT" disabled=yes dst-address-list=Telegram fragment=no passthrough=yes add action=mark-routing chain=output comment="ADD COMMENT" disabled=yes dst-address-list=VPN_UNBLOCK fragment=no new-routing-mark=VPN_UNBLOCK passthrough=no add action=mark-routing chain=prerouting comment="VPN_UNBLOCK MARK ROUTING" disabled=yes dst-address-list=VPN_UNBLOCK fragment=no new-routing-mark=VPN_UNBLOCK passthrough=no add action=mark-routing chain=prerouting comment="VPN_UNBLOCK MARK ROUTING" dst-address=10.0.0.1 fragment=no new-routing-mark=VPN_UNBLOCK passthrough=no /ip firewall nat add action=dst-nat chain=dstnat comment="ADD COMMENT" dst-port=55123 protocol=tcp to-addresses=192.168.70.50 to-ports=22 add action=masquerade chain=srcnat comment="ADD COMMENT" out-interface=wireguard-frankfurt routing-mark=VPN_UNBLOCK add action=masquerade chain=srcnat comment="defconf: masquerade" ipsec-policy=out,none out-interface-list=WAN add action=masquerade chain=srcnat comment="ADD COMMENT" out-interface=ovpn-office-spb add action=dst-nat chain=dstnat comment="ADD COMMENT" protocol=tcp src-address=185.165.162.143 to-addresses=192.168.70.50 to-ports=22 add action=dst-nat chain=dstnat dst-port=55555 protocol=tcp to-addresses=192.168.70.255 to-ports=8728 /ip firewall raw add action=drop chain=prerouting comment="Drop brute_force" src-address-list=BAN_brute_blacklist /ip route add dst-address=0.0.0.0/0 gateway=217.195.93.225 add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=10.0.0.1 pref-src="" routing-table=VPN_UNBLOCK scope=30 suppress-hw-offload=no target-scope=10 add disabled=no distance=1 dst-address=192.168.30.0/24 gateway=ovpn-frankfurt pref-src="" routing-table=main scope=10 suppress-hw-offload=no target-scope=10 add distance=1 dst-address=10.0.30.0/24 gateway=10.10.15.1 routing-table=main scope=30 target-scope=10 add distance=1 dst-address=10.0.30.0/24 gateway=10.10.15.1 routing-table=main scope=30 target-scope=10 add distance=1 dst-address=10.0.30.0/24 gateway=10.10.15.1 routing-table=main scope=30 target-scope=10 add distance=1 dst-address=10.0.30.0/24 gateway=10.10.15.1 routing-table=main scope=30 target-scope=10 add distance=1 dst-address=10.0.30.0/24 gateway=10.10.15.1 routing-table=main scope=30 target-scope=10 add distance=1 dst-address=10.0.30.0/24 gateway=10.10.15.1 routing-table=main scope=30 target-scope=10 add distance=1 dst-address=10.0.30.0/24 gateway=10.10.15.1 routing-table=main scope=30 target-scope=10 add distance=1 dst-address=10.0.30.0/24 gateway=10.10.15.1 routing-table=main scope=30 target-scope=10 add distance=1 dst-address=10.0.30.0/24 gateway=10.10.15.1 routing-table=main scope=30 target-scope=10 add distance=1 dst-address=10.0.30.0/24 gateway=10.10.15.1 routing-table=main scope=30 target-scope=10 /ip service set telnet disabled=yes set ftp disabled=yes set www disabled=yes set ssh port=11209 set winbox port=11210 set api-ssl disabled=yes /ip tftp add allow-rollover=yes real-filename=/ /system clock set time-zone-name=Europe/Moscow /system identity set name=SPB-GW /system logging add topics=wireguard add topics=sstp add topics=tftp add action=remote prefix=:Warning topics=warning add action=remote prefix=:Info topics=info add action=remote prefix=:Error topics=error add action=remote prefix=:Critical topics=critical add prefix=:Account topics=account add action=remote prefix=:Account topics=account /system note set show-at-login=no