#              model: RB5009UPr+S+
#      serial-number: HEM08SF7QNG
#      firmware-type: 70x0
#   current-firmware: 7.13.5
#   installed-version: 7.15.2
# 
# software id = RB16-TABS
#
# model = RB5009UPr+S+
# serial number = HEM08SF7QNG
/interface bridge
add admin-mac=CC:2D:E0:F5:55:A5 auto-mac=no comment=defconf name=bridge port-cost-mode=short
/interface ethernet
set [ find default-name=ether1 ] mac-address=CC:2D:E0:F5:55:A4 poe-out=off
set [ find default-name=ether2 ] mac-address=CC:2D:E0:F5:55:A5 poe-out=off
set [ find default-name=ether3 ] mac-address=CC:2D:E0:F5:55:A6 poe-out=off
set [ find default-name=ether4 ] mac-address=CC:2D:E0:F5:55:A7 poe-out=off
set [ find default-name=ether5 ] mac-address=CC:2D:E0:F5:55:A8 poe-out=off
set [ find default-name=ether6 ] mac-address=CC:2D:E0:F5:55:A9 poe-out=off
set [ find default-name=ether7 ] mac-address=CC:2D:E0:F5:55:B0
set [ find default-name=ether8 ] mac-address=CC:2D:E0:F5:55:B1 poe-out=off
/interface ovpn-client
add auth=sha256 connect-to=5.187.0.165 disabled=yes mac-address=02:75:44:83:0E:2E name=ovpn-frankfurt password="1(=IRx1iBKl_" protocol=udp route-nopull=yes use-peer-dns=no user=UFAGW
add certificate=vpn-office-ufa.crt_0 cipher=aes256-cbc connect-to=vpn.tages.ru mac-address=02:2C:55:DF:BB:92 name=vpn-office-ufa password="hZ%C\$awS7%S~" port=1201 use-peer-dns=no user=vpn-office-ufa
/interface gre
add local-address=81.30.218.19 name=gre-miran remote-address=185.73.214.42
/interface vlan
add interface=bridge name=vlan20-buh vlan-id=20
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip ipsec peer
add address=185.73.214.42/32 name=miran
/ip ipsec profile
add enc-algorithm=aes-256,aes-128 name=main
/ip ipsec proposal
add auth-algorithms=sha256,sha1 name=proposal1 pfs-group=modp2048
/ip pool
add name=dhcp ranges=192.168.88.20-192.168.88.254
add name=vpn_pool ranges=11.11.11.1-11.11.11.3
add name=buh-hidden ranges=172.22.20.5-172.22.20.50
add name=pool1 ranges=192.168.89.10-192.168.89.200
/ip dhcp-server
add address-pool=dhcp interface=bridge lease-time=1h name=defconf
add address-pool=buh-hidden interface=vlan20-buh name=buh-hidden
/ip smb users
set [ find default=yes ] disabled=yes
/ppp profile
add local-address=vpn_pool name=vpn_ufanet remote-address=vpn_pool
/interface ovpn-client
add cipher=aes256-cbc connect-to=147.78.65.216 disabled=yes mac-address=02:60:56:B8:7D:CA name=147.78.65.216-ovpn-out password=2a84ZHLDGE profile=default-encryption user=81.30.218.19
/interface sstp-client
add authentication=mschap2 connect-to=94.158.52.89 disabled=no name=vpn-uz password="U{K54wKesq\$Q" profile=default-encryption user=office-ufa verify-server-address-from-certificate=no
/queue simple
add max-limit=200M/200M name=speed-limit priority=1/1 target=""
add limit-at=10M/10M max-limit=80M/80M name=meet packet-marks=meet priority=5/5 target=""
/routing table
add disabled=no fib name=vpn-frankfurt
add disabled=no fib name=to_vpn
add disabled=no fib name=vpn-uz
add disabled=no fib name=wg_test
/system logging action
set 3 bsd-syslog=yes remote=178.154.206.90 syslog-facility=syslog
/interface bridge port
add bridge=bridge comment=defconf interface=ether2 internal-path-cost=10 path-cost=10
add bridge=bridge comment=defconf interface=ether3 internal-path-cost=10 path-cost=10
add bridge=bridge comment=defconf interface=ether4 internal-path-cost=10 path-cost=10
add bridge=bridge comment=defconf interface=ether5 internal-path-cost=10 path-cost=10
add bridge=bridge comment=defconf interface=ether6 internal-path-cost=10 path-cost=10
add bridge=bridge comment=defconf interface=ether7 internal-path-cost=10 path-cost=10
add bridge=bridge comment=defconf interface=ether8 internal-path-cost=10 path-cost=10
add bridge=bridge comment=defconf interface=sfp-sfpplus1 internal-path-cost=10 path-cost=10
/ip firewall connection tracking
set udp-timeout=10s
/ip neighbor discovery-settings
set discover-interface-list=LAN lldp-med-net-policy-vlan=1
/interface bridge vlan
add bridge=bridge tagged=bridge,ether3 vlan-ids=20
/interface list member
add comment=defconf interface=bridge list=LAN
add comment=defconf interface=ether1 list=WAN
/interface pptp-server server
# PPTP connections are considered unsafe, it is suggested to use a more modern VPN protocol instead
set default-profile=vpn_ufanet
/interface wireguard peers
add allowed-address=0.0.0.0/0 endpoint-address=5.187.0.165 endpoint-port=51820 interface=*12 name=peer1 preshared-key="PUW5ThRVuz8rDsqSl9Dx94cs/8ICVViIAfbtKELfxBg=" public-key="0QB8ADcI0BbUld0sqD4DsPde1pPql5kxxBt2NkS//wY="
/ip address
add address=192.168.88.1/24 comment=defconf interface=ether2 network=192.168.88.0
add address=81.30.218.19/24 interface=ether1 network=81.30.218.0
add address=10.10.0.6/30 interface=gre-miran network=10.10.0.4
add address=172.22.20.1/24 interface=vlan20-buh network=172.22.20.0
add address=192.168.89.1/24 comment=defconf disabled=yes interface=bridge network=192.168.89.0
/ip dhcp-server lease
add address=192.168.88.254 client-id=1:74:83:c2:7b:f:a9 mac-address=74:83:C2:7B:0F:A9 server=defconf
add address=192.168.88.253 client-id=1:6c:96:cf:e0:b3:7 mac-address=6C:96:CF:E0:B3:07 server=defconf
add address=192.168.88.135 client-id=1:74:56:3c:6b:97:57 mac-address=74:56:3C:6B:97:57 server=defconf
/ip dhcp-server network
add address=172.22.20.0/24 dns-server=172.22.20.1 gateway=172.22.20.1
add address=192.168.88.0/24 comment=defconf dns-server=192.168.88.1 gateway=192.168.88.1
/ip dns
set allow-remote-requests=yes servers=8.8.8.8,1.1.1.1
/ip dns static
add address=192.168.88.1 comment=defconf name=router.lan
add address=10.0.30.151 disabled=yes name=meet.tages.ru
add address=127.0.0.1 disabled=yes name=ya.ru
add address=51.250.102.10 name=admin.check.test
add address=51.250.102.10 name=seq2.check.test
add address=51.250.102.10 name=mobile.check.test
add address=159.148.147.204 name=download.mikrotik.com
add forward-to=10.0.10.10 regexp=".*\\.corp\\.tages.ru" type=FWD
/ip firewall address-list
add address=81.30.199.70 comment="Ufanet admins" disabled=yes list=ufanet
add address=92.50.163.142 disabled=yes list=ufanet
add address=92.50.178.4 disabled=yes list=ufanet
add address=95.105.90.40 disabled=yes list=ufanet
add address=89.189.150.8 disabled=yes list=ufanet
add address=94.41.87.133 disabled=yes list=ufanet
add address=lh3.googleusercontent.com disabled=yes list=VPN
add address=lh4.googleusercontent.com disabled=yes list=VPN
add address=lh5.googleusercontent.com disabled=yes list=VPN
add address=lh6.googleusercontent.com disabled=yes list=VPN
add address=mattermost.com list=vpn-hetzner
add address=104.154.110.42 list=vpn-hetzner
add address=docker.elastic.co list=vpn-hetzner
add address=3.2.34.0/26 list=vpn-hetzner
add address=3.2.34.0/26 list=aws
add address=3.5.140.0/22 list=aws
add address=13.34.37.64/27 list=aws
add address=13.34.65.64/27 list=aws
add address=13.34.66.0/27 list=aws
add address=13.34.78.160/27 list=aws
add address=15.230.221.0/24 list=aws
add address=35.180.0.0/16 list=aws
add address=43.224.79.154/31 list=aws
add address=43.224.79.174/31 list=aws
add address=52.93.153.170 list=aws
add address=52.93.178.234 list=aws
add address=52.94.76.0/22 list=aws
add address=52.95.36.0/22 list=aws
add address=52.219.170.0/23 list=aws
add address=99.87.32.0/22 list=aws
add address=120.52.22.96/27 list=aws
add address=150.222.11.86/31 list=aws
add address=150.222.81.0/24 list=aws
add address=150.222.234.54/31 list=aws
add address=3.2.35.64/26 list=aws
add address=13.34.11.32/27 list=aws
add address=13.34.24.160/27 list=aws
add address=13.34.50.32/27 list=aws
add address=13.34.52.96/27 list=aws
add address=13.34.69.64/27 list=aws
add address=15.230.39.60/31 list=aws
add address=43.224.79.48/31 list=aws
add address=43.224.79.212/31 list=aws
add address=52.46.188.68/30 list=aws
add address=52.46.189.248/30 list=aws
add address=52.94.152.9 list=aws
add address=52.219.168.0/24 list=aws
add address=150.222.78.0/24 list=aws
add address=3.108.0.0/14 list=aws
add address=13.34.43.192/27 list=aws
add address=13.34.52.0/27 list=aws
add address=13.34.64.32/27 list=aws
add address=15.181.232.0/21 list=aws
add address=15.230.39.208/31 list=aws
add address=52.93.17.0/24 list=aws
add address=52.93.127.163 list=aws
add address=52.93.240.164/31 list=aws
add address=52.95.150.0/24 list=aws
add address=52.219.60.0/23 list=aws
add address=142.4.160.136/29 list=aws
add address=150.222.230.102/31 list=aws
add address=3.2.0.0/24 list=aws
add address=13.34.43.96/27 list=aws
add address=13.34.48.0/27 list=aws
add address=13.34.62.160/27 list=aws
add address=13.34.64.96/27 list=aws
add address=13.248.56.0/22 list=aws
add address=13.248.117.0/24 list=aws
add address=15.221.34.0/24 list=aws
add address=15.230.137.0/24 list=aws
add address=52.93.126.135 list=aws
add address=52.93.178.219 list=aws
add address=52.93.240.186/31 list=aws
add address=52.94.24.0/23 list=aws
add address=150.222.3.187 list=aws
add address=150.222.199.0/25 list=aws
add address=150.222.252.248/31 list=aws
add address=161.188.154.0/23 list=aws
add address=13.34.71.0/27 list=aws
add address=15.230.39.44/31 list=aws
add address=43.249.45.0/24 list=aws
add address=52.4.0.0/14 list=aws
add address=52.46.191.174/31 list=aws
add address=52.93.92.68/31 list=aws
add address=52.93.127.27 list=aws
add address=52.144.227.192/26 list=aws
add address=52.144.229.64/26 list=aws
add address=54.222.88.0/24 list=aws
add address=64.252.81.0/24 list=aws
add address=142.4.160.80/29 list=aws
add address=13.34.70.224/27 list=aws
add address=13.248.70.0/24 list=aws
add address=15.230.73.192/26 list=aws
add address=43.224.76.28/30 list=aws
add address=50.16.0.0/15 list=aws
add address=52.46.189.108/30 list=aws
add address=52.93.116.148 list=aws
add address=52.93.127.133 list=aws
add address=52.93.198.0/25 list=aws
add address=52.95.208.0/22 list=aws
add address=52.95.224.0/24 list=aws
add address=104.255.59.104 list=aws
add address=104.255.59.114 list=aws
add address=150.222.84.0/24 list=aws
add address=150.222.129.244/31 list=aws
add address=150.222.208.82/31 list=aws
add address=150.222.234.50/31 list=aws
add address=205.251.249.0/24 list=aws
add address=13.34.32.128/27 list=aws
add address=13.34.49.0/27 list=aws
add address=13.34.73.96/27 list=aws
add address=15.193.3.0/24 list=aws
add address=15.220.196.0/22 list=aws
add address=15.220.216.0/22 list=aws
add address=35.71.115.0/24 list=aws
add address=43.224.76.152/30 list=aws
add address=52.93.127.169 list=aws
add address=52.93.153.148 list=aws
add address=52.94.244.0/22 list=aws
add address=52.119.208.0/23 list=aws
add address=54.117.0.0/16 list=aws
add address=54.240.236.26 list=aws
add address=150.222.3.190 list=aws
add address=150.222.228.0/24 list=aws
add address=13.34.34.192/27 list=aws
add address=15.197.34.0/23 list=aws
add address=15.205.0.0/16 list=aws
add address=15.230.39.10/31 list=aws
add address=15.230.254.2/31 list=aws
add address=16.12.6.0/23 list=aws
add address=52.46.190.68/30 list=aws
add address=52.82.169.16/28 list=aws
add address=52.93.34.56 list=aws
add address=52.94.198.16/28 list=aws
add address=52.144.225.128/26 list=aws
add address=64.252.69.0/24 list=aws
add address=71.131.192.0/18 list=aws
add address=150.222.122.104/31 list=aws
add address=13.34.17.64/27 list=aws
add address=13.236.0.0/14 list=aws
add address=15.197.36.0/22 list=aws
add address=15.230.158.0/23 list=aws
add address=16.12.32.0/22 list=aws
add address=16.57.0.0/16 list=aws
add address=43.206.0.0/15 list=aws
add address=43.224.77.192/30 list=aws
add address=52.46.220.0/22 list=aws
add address=52.93.50.128 list=aws
add address=52.93.50.140/31 list=aws
add address=52.93.56.0/24 list=aws
add address=52.93.178.152 list=aws
add address=52.95.41.0/24 list=aws
add address=52.95.100.0/22 list=aws
add address=52.95.226.0/24 list=aws
add address=52.219.204.0/22 list=aws
add address=99.78.152.0/22 list=aws
add address=142.4.160.56/29 list=aws
add address=150.222.135.0/24 list=aws
add address=150.222.202.0/24 list=aws
add address=176.32.125.244/31 list=aws
add address=3.4.0.0/24 list=aws
add address=13.34.53.192/27 list=aws
add address=13.34.60.128/27 list=aws
add address=15.177.83.0/24 list=aws
add address=15.185.0.0/16 list=aws
add address=15.220.252.0/22 list=aws
add address=15.221.35.0/24 list=aws
add address=15.230.39.28/31 list=aws
add address=15.248.28.0/22 list=aws
add address=16.30.0.0/16 list=aws
add address=16.49.0.0/16 list=aws
add address=40.167.0.0/16 list=aws
add address=52.46.190.0/30 list=aws
add address=52.93.35.212 list=aws
add address=52.93.127.118 list=aws
add address=52.93.178.205 list=aws
add address=52.94.26.0/23 list=aws
add address=52.94.152.44 list=aws
add address=52.95.182.0/23 list=aws
add address=54.240.236.54 list=aws
add address=54.247.0.0/16 list=aws
add address=54.248.0.0/15 list=aws
add address=3.2.40.0/25 list=aws
add address=13.34.41.192/27 list=aws
add address=13.248.72.0/24 list=aws
add address=15.230.39.196/31 list=aws
add address=15.251.0.9 list=aws
add address=16.155.0.0/16 list=aws
add address=18.34.248.0/22 list=aws
add address=35.71.99.0/24 list=aws
add address=43.224.76.76/30 list=aws
add address=43.224.79.70/31 list=aws
add address=43.224.79.200/31 list=aws
add address=52.46.188.192/30 list=aws
add address=52.119.252.0/22 list=aws
add address=54.148.0.0/15 list=aws
add address=69.107.7.16/29 list=aws
add address=99.77.130.0/24 list=aws
add address=150.222.3.185 list=aws
add address=150.222.11.78/31 list=aws
add address=150.222.27.12 list=aws
add address=150.222.234.52/31 list=aws
add address=150.222.234.68/31 list=aws
add address=180.163.57.128/26 list=aws
add address=13.34.50.224/27 list=aws
add address=15.230.68.192/26 list=aws
add address=18.200.0.0/16 list=aws
add address=43.224.76.144/30 list=aws
add address=52.93.91.102 list=aws
add address=52.93.141.212 list=aws
add address=54.21.0.0/16 list=aws
add address=54.206.0.0/16 list=aws
add address=54.240.236.69 list=aws
add address=99.150.56.0/21 list=aws
add address=108.175.56.0/22 list=aws
add address=150.222.96.0/24 list=aws
add address=13.34.15.32/27 list=aws
add address=13.34.29.224/27 list=aws
add address=13.34.68.160/27 list=aws
add address=13.34.69.224/27 list=aws
add address=13.34.70.64/27 list=aws
add address=13.248.124.0/24 list=aws
add address=15.193.2.0/24 list=aws
add address=15.220.222.0/23 list=aws
add address=15.230.67.64/26 list=aws
add address=15.230.212.0/23 list=aws
add address=16.22.0.0/16 list=aws
add address=16.24.0.0/15 list=aws
add address=43.224.76.32/30 list=aws
add address=43.224.79.94/31 list=aws
add address=43.224.79.222/31 list=aws
add address=52.93.178.136 list=aws
add address=52.219.192.0/23 list=aws
add address=99.77.132.0/24 list=aws
add address=104.255.59.82 list=aws
add address=150.222.120.242/31 list=aws
add address=161.188.146.0/23 list=aws
add address=13.204.0.0/14 list=aws
add address=15.181.247.0/24 list=aws
add address=15.230.200.0/24 list=aws
add address=16.12.24.0/21 list=aws
add address=18.232.0.0/14 list=aws
add address=43.224.77.0/29 list=aws
add address=52.82.169.0/28 list=aws
add address=52.93.112.0/24 list=aws
add address=52.93.178.138 list=aws
add address=54.239.0.224/28 list=aws
add address=54.239.48.0/22 list=aws
add address=64.252.118.0/24 list=aws
add address=142.4.160.144/29 list=aws
add address=13.34.54.224/27 list=aws
add address=13.34.79.192/27 list=aws
add address=13.248.119.0/24 list=aws
add address=15.220.120.0/21 list=aws
add address=15.230.39.254/31 list=aws
add address=15.230.179.16/29 list=aws
add address=52.93.81.0/24 list=aws
add address=52.93.240.170/31 list=aws
add address=54.74.0.0/15 list=aws
add address=150.222.15.124 list=aws
add address=150.222.114.0/24 list=aws
add address=150.222.242.214/31 list=aws
add address=13.34.27.32/27 list=aws
add address=13.34.39.32/27 list=aws
add address=15.220.207.0/24 list=aws
add address=15.230.39.206/31 list=aws
add address=15.230.39.244/31 list=aws
add address=18.102.0.0/16 list=aws
add address=52.46.190.144/30 list=aws
add address=52.46.191.98/31 list=aws
add address=52.83.0.0/16 list=aws
add address=52.93.14.18 list=aws
add address=52.94.6.0/24 list=aws
add address=52.144.197.192/26 list=aws
add address=64.252.122.0/24 list=aws
add address=69.107.7.56/29 list=aws
add address=150.222.2.0/24 list=aws
add address=150.222.3.234/31 list=aws
add address=150.222.27.18/31 list=aws
add address=150.222.164.220/31 list=aws
add address=13.34.23.0/27 list=aws
add address=13.248.67.0/24 list=aws
add address=15.230.138.0/24 list=aws
add address=15.230.169.6/31 list=aws
add address=43.224.79.254/31 list=aws
add address=52.46.190.32/30 list=aws
add address=52.47.0.0/16 list=aws
add address=52.93.16.0/24 list=aws
add address=52.94.249.144/28 list=aws
add address=52.95.136.0/23 list=aws
add address=52.95.255.64/28 list=aws
add address=52.144.199.128/26 list=aws
add address=52.144.225.64/26 list=aws
add address=52.219.143.0/24 list=aws
add address=54.240.236.22 list=aws
add address=204.246.168.0/22 list=aws
add address=13.34.25.248/29 list=aws
add address=13.34.38.64/27 list=aws
add address=13.34.72.160/27 list=aws
add address=13.208.0.0/16 list=aws
add address=15.193.7.0/24 list=aws
add address=15.230.39.108/31 list=aws
add address=15.230.70.0/26 list=aws
add address=15.230.74.128/26 list=aws
add address=15.230.76.0/26 list=aws
add address=15.230.253.0/24 list=aws
add address=43.224.79.96/31 list=aws
add address=52.46.191.64/31 list=aws
add address=52.93.50.136/31 list=aws
add address=52.93.50.166/31 list=aws
add address=52.93.96.0/24 list=aws
add address=52.93.122.203 list=aws
add address=52.93.127.194 list=aws
add address=54.156.0.0/14 list=aws
add address=54.222.90.0/24 list=aws
add address=54.236.0.0/15 list=aws
add address=99.150.8.0/21 list=aws
add address=150.222.234.18/31 list=aws
add address=150.222.234.98/31 list=aws
add address=3.5.40.0/22 list=aws
add address=3.5.136.0/22 list=aws
add address=13.34.3.160/27 list=aws
add address=15.181.160.0/20 list=aws
add address=15.230.29.0/24 list=aws
add address=15.230.39.14/31 list=aws
add address=16.56.0.0/16 list=aws
add address=18.191.0.0/16 list=aws
add address=43.224.79.56/31 list=aws
add address=52.144.210.0/26 list=aws
add address=98.131.0.0/16 list=aws
add address=99.77.159.0/24 list=aws
add address=99.83.97.0/24 list=aws
add address=150.222.232.88 list=aws
add address=13.34.21.128/27 list=aws
add address=13.34.55.0/27 list=aws
add address=15.177.82.0/24 list=aws
add address=15.181.80.0/20 list=aws
add address=15.230.241.0/24 list=aws
add address=16.55.0.0/16 list=aws
add address=47.128.0.0/14 list=aws
add address=52.46.191.60/31 list=aws
add address=52.46.191.156/31 list=aws
add address=52.93.127.112 list=aws
add address=52.93.178.134 list=aws
add address=52.93.240.160/31 list=aws
add address=52.144.211.196/31 list=aws
add address=52.219.72.0/22 list=aws
add address=54.153.128.0/17 list=aws
add address=54.222.58.0/28 list=aws
add address=122.248.192.0/18 list=aws
add address=150.222.119.0/24 list=aws
add address=13.34.19.64/27 list=aws
add address=13.34.22.160/27 list=aws
add address=13.34.39.64/27 list=aws
add address=13.247.0.0/16 list=aws
add address=15.230.39.34/31 list=aws
add address=15.230.218.0/24 list=aws
add address=18.192.0.0/15 list=aws
add address=35.71.114.0/24 list=aws
add address=52.46.191.68/31 list=aws
add address=52.46.191.234/31 list=aws
add address=52.93.126.132 list=aws
add address=52.93.127.126 list=aws
add address=52.93.133.177 list=aws
add address=52.93.178.183 list=aws
add address=52.144.215.192/31 list=aws
add address=52.219.68.0/22 list=aws
add address=54.229.0.0/16 list=aws
add address=54.239.1.96/28 list=aws
add address=54.239.102.234/31 list=aws
add address=104.255.59.103 list=aws
add address=150.222.28.136/31 list=aws
add address=3.2.34.128/26 list=aws
add address=13.34.59.96/27 list=aws
add address=13.34.67.224/27 list=aws
add address=13.34.74.64/27 list=aws
add address=13.248.100.0/24 list=aws
add address=15.230.130.0/24 list=aws
add address=15.230.183.0/24 list=aws
add address=18.160.0.0/15 list=aws
add address=52.46.190.204/31 list=aws
add address=52.93.5.0/24 list=aws
add address=52.93.50.146/31 list=aws
add address=52.93.50.156/31 list=aws
add address=52.93.55.146/31 list=aws
add address=52.93.71.30 list=aws
add address=52.93.120.178 list=aws
add address=52.93.127.124 list=aws
add address=52.144.193.128/26 list=aws
add address=54.20.0.0/16 list=aws
add address=54.250.0.0/16 list=aws
add address=64.252.89.0/24 list=aws
add address=69.107.7.136/29 list=aws
add address=76.223.168.0/24 list=aws
add address=107.20.0.0/14 list=aws
add address=150.222.28.130/31 list=aws
add address=150.222.28.140/31 list=aws
add address=150.222.129.62/31 list=aws
add address=3.5.160.0/22 list=aws
add address=13.34.7.0/27 list=aws
add address=13.34.13.0/27 list=aws
add address=15.221.36.0/22 list=aws
add address=15.230.9.47 list=aws
add address=15.230.40.0/24 list=aws
add address=46.51.192.0/20 list=aws
add address=52.93.50.174/31 list=aws
add address=52.93.115.0/24 list=aws
add address=52.93.178.161 list=aws
add address=52.93.193.200 list=aws
add address=52.95.174.0/24 list=aws
add address=99.77.149.0/24 list=aws
add address=99.78.156.0/22 list=aws
add address=150.222.120.20/31 list=aws
add address=150.222.220.0/24 list=aws
add address=3.132.0.0/14 list=aws
add address=13.34.3.224/27 list=aws
add address=13.34.5.46 list=aws
add address=13.34.39.192/27 list=aws
add address=15.221.7.0/24 list=aws
add address=15.230.4.164/31 list=aws
add address=15.230.132.0/24 list=aws
add address=15.230.202.0/30 list=aws
add address=15.251.0.27 list=aws
add address=43.224.79.194/31 list=aws
add address=52.46.208.0/21 list=aws
add address=52.93.51.28 list=aws
add address=52.94.12.0/24 list=aws
add address=52.95.187.0/24 list=aws
add address=63.32.0.0/14 list=aws
add address=64.252.85.0/24 list=aws
add address=150.222.3.240/31 list=aws
add address=150.222.129.134/31 list=aws
add address=13.34.45.160/27 list=aws
add address=13.34.71.224/27 list=aws
add address=13.36.0.0/14 list=aws
add address=15.230.36.0/23 list=aws
add address=15.230.39.54/31 list=aws
add address=16.12.48.0/21 list=aws
add address=52.93.91.101 list=aws
add address=52.93.240.188/31 list=aws
add address=70.232.80.0/21 list=aws
add address=99.82.184.0/22 list=aws
add address=150.222.28.108/31 list=aws
add address=150.222.121.0/24 list=aws
add address=150.222.234.34/31 list=aws
add address=172.96.98.0/24 list=aws
add address=13.34.20.0/27 list=aws
add address=13.34.35.160/27 list=aws
add address=15.177.94.0/24 list=aws
add address=43.224.76.188/30 list=aws
add address=43.224.77.136/30 list=aws
add address=52.46.189.140/30 list=aws
add address=52.46.252.0/22 list=aws
add address=52.93.126.198 list=aws
add address=52.94.152.67 list=aws
add address=52.95.255.16/28 list=aws
add address=52.219.141.0/24 list=aws
add address=54.240.236.38 list=aws
add address=150.222.3.198/31 list=aws
add address=13.34.55.64/27 list=aws
add address=13.34.71.32/27 list=aws
add address=15.230.0.12/31 list=aws
add address=15.230.87.0/24 list=aws
add address=18.236.0.0/15 list=aws
add address=51.20.0.0/14 list=aws
add address=52.46.188.72/30 list=aws
add address=52.46.188.244/30 list=aws
add address=52.46.191.230/31 list=aws
add address=52.93.50.142/31 list=aws
add address=52.93.127.104 list=aws
add address=52.93.240.192/31 list=aws
add address=52.94.249.80/28 list=aws
add address=52.95.139.0/24 list=aws
add address=54.240.198.0/24 list=aws
add address=64.252.74.0/24 list=aws
add address=99.77.183.0/24 list=aws
add address=150.222.227.0/24 list=aws
add address=150.222.230.130/31 list=aws
add address=13.34.29.128/27 list=aws
add address=13.34.52.64/27 list=aws
add address=13.248.32.0/20 list=aws
add address=52.94.199.0/24 list=aws
add address=52.95.128.0/21 list=aws
add address=52.119.206.0/23 list=aws
add address=64.252.79.0/24 list=aws
add address=150.222.28.106/31 list=aws
add address=161.188.148.0/23 list=aws
add address=176.32.125.230/31 list=aws
add address=205.251.252.0/23 list=aws
add address=13.34.11.128/27 list=aws
add address=13.34.20.64/27 list=aws
add address=13.34.23.224/27 list=aws
add address=13.34.67.64/27 list=aws
add address=13.248.113.0/24 list=aws
add address=15.188.0.0/16 list=aws
add address=15.230.39.220/31 list=aws
add address=15.230.251.4/31 list=aws
add address=18.116.0.0/14 list=aws
add address=52.46.189.16/30 list=aws
add address=52.93.126.235 list=aws
add address=52.93.127.218 list=aws
add address=52.93.127.239 list=aws
add address=52.93.133.153 list=aws
add address=52.93.178.231 list=aws
add address=52.95.178.0/23 list=aws
add address=54.200.0.0/15 list=aws
add address=54.239.1.16/28 list=aws
add address=185.143.16.0/24 list=aws
add address=205.251.244.0/23 list=aws
add address=3.5.36.0/22 list=aws
add address=13.34.38.160/27 list=aws
add address=13.34.65.0/27 list=aws
add address=13.34.68.0/27 list=aws
add address=15.230.251.0/31 list=aws
add address=16.20.0.0/16 list=aws
add address=18.34.32.0/20 list=aws
add address=43.224.77.28/30 list=aws
add address=52.46.92.0/22 list=aws
add address=52.46.190.104/30 list=aws
add address=52.46.191.158/31 list=aws
add address=52.93.50.178/31 list=aws
add address=52.93.50.188/31 list=aws
add address=52.93.236.0/24 list=aws
add address=54.239.98.0/24 list=aws
add address=176.32.125.228/31 list=aws
add address=13.34.30.128/27 list=aws
add address=43.224.77.152/30 list=aws
add address=52.46.188.84/30 list=aws
add address=52.46.189.32/30 list=aws
add address=52.46.189.156/30 list=aws
add address=52.46.190.100/30 list=aws
add address=52.93.178.187 list=aws
add address=52.119.176.0/21 list=aws
add address=54.144.0.0/14 list=aws
add address=54.169.0.0/16 list=aws
add address=54.240.236.74 list=aws
add address=63.246.113.0/24 list=aws
add address=99.77.136.0/24 list=aws
add address=150.222.230.104/31 list=aws
add address=161.188.158.0/23 list=aws
add address=13.34.26.96/27 list=aws
add address=15.230.74.192/26 list=aws
add address=15.230.78.192/26 list=aws
add address=35.71.118.0/24 list=aws
add address=43.224.76.184/30 list=aws
add address=52.93.127.69 list=aws
add address=52.93.193.199 list=aws
add address=52.93.240.148/31 list=aws
add address=52.95.104.0/22 list=aws
add address=52.119.249.0/24 list=aws
add address=54.222.91.0/24 list=aws
add address=64.252.72.0/24 list=aws
add address=150.222.85.0/24 list=aws
add address=150.222.245.122/31 list=aws
add address=13.34.35.224/27 list=aws
add address=13.34.69.0/27 list=aws
add address=15.230.178.0/24 list=aws
add address=15.230.192.0/24 list=aws
add address=43.224.79.58/31 list=aws
add address=52.46.188.120/30 list=aws
add address=52.93.127.121 list=aws
add address=52.93.240.194/31 list=aws
add address=52.95.168.0/24 list=aws
add address=52.144.224.128/26 list=aws
add address=54.192.0.0/16 list=aws
add address=54.239.0.16/28 list=aws
add address=54.239.0.96/28 list=aws
add address=99.77.148.0/24 list=aws
add address=13.34.37.0/27 list=aws
add address=13.248.110.0/24 list=aws
add address=15.197.32.0/23 list=aws
add address=15.230.39.40/31 list=aws
add address=15.251.0.7 list=aws
add address=43.224.76.104/30 list=aws
add address=43.224.76.212/30 list=aws
add address=43.224.77.40/30 list=aws
add address=52.46.188.228/30 list=aws
add address=52.93.71.38 list=aws
add address=52.95.240.0/24 list=aws
add address=52.219.16.0/22 list=aws
add address=75.101.128.0/17 list=aws
add address=96.0.16.0/21 list=aws
add address=150.222.3.242/31 list=aws
add address=150.222.129.122/31 list=aws
add address=176.32.125.234/31 list=aws
add address=204.246.173.0/24 list=aws
add address=3.4.3.0/24 list=aws
add address=15.222.0.0/15 list=aws
add address=16.180.0.0/16 list=aws
add address=43.224.79.198/31 list=aws
add address=52.93.62.0/24 list=aws
add address=52.93.127.127 list=aws
add address=52.94.176.0/20 list=aws
add address=69.235.128.0/18 list=aws
add address=150.222.129.149 list=aws
add address=150.222.234.142/31 list=aws
add address=3.2.41.0/26 list=aws
add address=13.34.6.224/27 list=aws
add address=13.34.24.96/27 list=aws
add address=13.34.43.128/27 list=aws
add address=13.34.61.224/27 list=aws
add address=13.34.73.192/27 list=aws
add address=15.221.50.0/24 list=aws
add address=35.96.0.0/12 list=aws
add address=52.93.20.0/24 list=aws
add address=52.93.127.96 list=aws
add address=52.144.192.0/26 list=aws
add address=150.222.112.0/24 list=aws
add address=204.236.128.0/18 list=aws
add address=3.5.208.0/22 list=aws
add address=13.34.30.160/27 list=aws
add address=13.34.34.64/27 list=aws
add address=13.34.45.64/27 list=aws
add address=13.34.46.0/27 list=aws
add address=15.177.76.0/24 list=aws
add address=15.230.135.0/24 list=aws
add address=43.224.77.96/30 list=aws
add address=43.224.77.180/30 list=aws
add address=43.224.79.52/31 list=aws
add address=52.30.0.0/15 list=aws
add address=52.46.188.76/30 list=aws
add address=52.46.189.80/30 list=aws
add address=52.93.71.27 list=aws
add address=52.94.8.0/24 list=aws
add address=52.94.249.64/28 list=aws
add address=54.92.0.0/17 list=aws
add address=54.154.0.0/16 list=aws
add address=64.252.76.0/24 list=aws
add address=67.202.0.0/18 list=aws
add address=103.246.148.0/23 list=aws
add address=150.222.120.230/31 list=aws
add address=150.222.230.92 list=aws
add address=150.222.232.123 list=aws
add address=150.222.234.56/31 list=aws
add address=161.188.156.0/23 list=aws
add address=3.3.24.0/22 list=aws
add address=3.30.0.0/15 list=aws
add address=13.34.23.64/27 list=aws
add address=13.34.32.0/27 list=aws
add address=15.181.253.0/24 list=aws
add address=15.197.0.0/23 list=aws
add address=18.34.0.0/19 list=aws
add address=35.71.119.0/24 list=aws
add address=43.249.47.0/24 list=aws
add address=52.46.188.48/30 list=aws
add address=52.93.55.156/31 list=aws
add address=54.226.0.0/15 list=aws
add address=54.230.200.0/21 list=aws
add address=162.250.237.0/24 list=aws
add address=3.112.0.0/14 list=aws
add address=3.144.0.0/13 list=aws
add address=13.34.5.14 list=aws
add address=13.34.49.224/27 list=aws
add address=13.34.77.192/27 list=aws
add address=15.220.168.0/21 list=aws
add address=52.46.191.24/31 list=aws
add address=52.93.178.166 list=aws
add address=52.94.128.0/22 list=aws
add address=52.95.244.0/24 list=aws
add address=64.187.128.0/20 list=aws
add address=64.252.111.0/24 list=aws
add address=99.82.188.0/22 list=aws
add address=136.9.0.0/16 list=aws
add address=172.96.110.0/24 list=aws
add address=3.2.37.128/26 list=aws
add address=13.34.56.224/27 list=aws
add address=13.34.71.96/27 list=aws
add address=13.34.79.128/27 list=aws
add address=15.230.18.0/24 list=aws
add address=15.230.149.11 list=aws
add address=18.231.0.0/16 list=aws
add address=43.224.79.136/31 list=aws
add address=52.46.191.8/31 list=aws
add address=52.93.127.201 list=aws
add address=52.93.141.234/31 list=aws
add address=52.94.152.182 list=aws
add address=54.252.0.0/16 list=aws
add address=120.253.240.192/26 list=aws
add address=150.222.3.182 list=aws
add address=150.222.28.142/31 list=aws
add address=150.222.79.0/24 list=aws
add address=3.224.0.0/12 list=aws
add address=13.34.40.160/27 list=aws
add address=13.248.68.0/24 list=aws
add address=15.230.39.2/31 list=aws
add address=16.157.0.0/16 list=aws
add address=35.71.104.0/24 list=aws
add address=35.71.117.0/24 list=aws
add address=43.224.79.208/31 list=aws
add address=52.93.50.162/31 list=aws
add address=52.93.50.184/31 list=aws
add address=52.93.229.149 list=aws
add address=52.93.240.178/31 list=aws
add address=52.94.216.0/21 list=aws
add address=52.144.192.192/26 list=aws
add address=52.144.196.192/26 list=aws
add address=54.221.0.0/16 list=aws
add address=54.240.202.0/24 list=aws
add address=54.255.0.0/16 list=aws
add address=150.222.230.106/31 list=aws
add address=13.34.45.224/27 list=aws
add address=15.230.72.0/26 list=aws
add address=52.46.190.40/30 list=aws
add address=52.46.191.62/31 list=aws
add address=52.93.34.126/31 list=aws
add address=52.93.127.159 list=aws
add address=52.93.141.220/31 list=aws
add address=52.119.248.0/24 list=aws
add address=52.144.205.0/26 list=aws
add address=54.239.0.144/28 list=aws
add address=99.77.56.0/21 list=aws
add address=142.4.160.40/29 list=aws
add address=150.222.120.248/31 list=aws
add address=150.222.129.132/31 list=aws
add address=13.34.25.96/27 list=aws
add address=15.228.0.0/15 list=aws
add address=15.230.14.18/31 list=aws
add address=52.46.189.128/30 list=aws
add address=52.46.189.192/30 list=aws
add address=52.93.57.0/24 list=aws
add address=52.93.127.93 list=aws
add address=52.93.127.254 list=aws
add address=52.95.63.0/24 list=aws
add address=69.107.7.40/29 list=aws
add address=99.83.102.0/24 list=aws
add address=142.4.160.8/29 list=aws
add address=150.222.3.212/31 list=aws
add address=157.241.0.0/16 list=aws
add address=13.34.32.32/27 list=aws
add address=13.34.40.192/27 list=aws
add address=13.34.57.64/27 list=aws
add address=15.181.112.0/22 list=aws
add address=15.230.16.20/31 list=aws
add address=15.230.189.128/25 list=aws
add address=16.12.15.0/24 list=aws
add address=43.224.79.50/31 list=aws
add address=52.46.190.108/30 list=aws
add address=52.46.191.216/31 list=aws
add address=52.93.34.40 list=aws
add address=52.93.126.215 list=aws
add address=52.93.127.177 list=aws
add address=52.93.127.196 list=aws
add address=52.93.127.217 list=aws
add address=52.93.240.180/31 list=aws
add address=52.94.249.208/28 list=aws
add address=54.233.0.0/18 list=aws
add address=68.66.112.0/20 list=aws
add address=69.231.128.0/18 list=aws
add address=99.82.172.0/24 list=aws
add address=99.151.120.0/21 list=aws
add address=108.136.0.0/15 list=aws
add address=116.129.226.128/26 list=aws
add address=150.222.82.0/24 list=aws
add address=13.34.28.160/27 list=aws
add address=13.34.35.0/27 list=aws
add address=13.34.38.0/27 list=aws
add address=13.34.51.192/27 list=aws
add address=13.34.72.0/27 list=aws
add address=13.34.74.224/27 list=aws
add address=18.34.72.0/21 list=aws
add address=35.176.0.0/15 list=aws
add address=43.224.79.234/31 list=aws
add address=52.93.193.195 list=aws
add address=54.239.112.0/24 list=aws
add address=70.224.192.0/18 list=aws
add address=99.77.153.0/24 list=aws
add address=150.222.105.0/24 list=aws
add address=161.188.136.0/23 list=aws
add address=3.4.7.0/24 list=aws
add address=13.34.5.80 list=aws
add address=13.34.43.160/27 list=aws
add address=13.34.53.32/27 list=aws
add address=13.34.56.32/27 list=aws
add address=13.34.61.32/27 list=aws
add address=15.221.6.0/24 list=aws
add address=15.230.19.248/31 list=aws
add address=15.230.79.64/26 list=aws
add address=16.12.10.0/23 list=aws
add address=52.219.148.0/23 list=aws
add address=69.107.7.88/29 list=aws
add address=99.77.155.0/24 list=aws
add address=150.222.3.176 list=aws
add address=150.222.252.250/31 list=aws
add address=13.34.40.96/27 list=aws
add address=13.34.46.32/27 list=aws
add address=13.34.53.160/27 list=aws
add address=13.34.57.0/27 list=aws
add address=13.34.75.96/27 list=aws
add address=13.34.80.0/27 list=aws
add address=15.230.67.0/26 list=aws
add address=43.224.76.16/30 list=aws
add address=43.224.79.82/31 list=aws
add address=52.46.189.220/30 list=aws
add address=52.93.127.179 list=aws
add address=52.93.178.206 list=aws
add address=52.93.178.230 list=aws
add address=52.95.255.32/28 list=aws
add address=52.144.229.0/26 list=aws
add address=69.230.192.0/18 list=aws
add address=130.176.0.0/17 list=aws
add address=150.222.11.84/31 list=aws
add address=150.222.232.176/28 list=aws
add address=150.222.234.112/31 list=aws
add address=150.222.234.128/31 list=aws
add address=160.1.0.0/16 list=aws
add address=3.5.128.0/22 list=aws
add address=13.34.79.96/27 list=aws
add address=15.181.241.0/24 list=aws
add address=15.230.21.0/24 list=aws
add address=15.230.67.128/26 list=aws
add address=18.216.0.0/14 list=aws
add address=34.192.0.0/12 list=aws
add address=43.224.76.108/30 list=aws
add address=43.224.79.76/31 list=aws
add address=43.224.79.214/31 list=aws
add address=52.46.191.76/31 list=aws
add address=52.93.37.222 list=aws
add address=52.93.178.220 list=aws
add address=52.94.64.0/22 list=aws
add address=99.83.100.0/24 list=aws
add address=150.222.234.78/31 list=aws
add address=3.104.0.0/14 list=aws
add address=13.34.62.192/27 list=aws
add address=13.34.76.160/27 list=aws
add address=15.177.99.0/24 list=aws
add address=15.193.5.0/24 list=aws
add address=15.197.16.0/23 list=aws
add address=15.220.32.0/21 list=aws
add address=15.230.39.24/31 list=aws
add address=15.230.39.162/31 list=aws
add address=15.230.184.0/24 list=aws
add address=43.224.79.106/31 list=aws
add address=52.46.188.176/30 list=aws
add address=52.80.0.0/16 list=aws
add address=52.93.71.46 list=aws
add address=52.94.250.16/28 list=aws
add address=52.95.216.0/22 list=aws
add address=52.119.232.0/21 list=aws
add address=52.144.201.128/26 list=aws
add address=64.252.121.0/24 list=aws
add address=99.150.32.0/21 list=aws
add address=108.156.0.0/14 list=aws
add address=150.222.99.0/24 list=aws
add address=150.222.218.0/24 list=aws
add address=150.222.234.104/31 list=aws
add address=175.41.128.0/18 list=aws
add address=176.32.125.250/31 list=aws
add address=13.34.59.128/27 list=aws
add address=15.230.39.194/31 list=aws
add address=15.230.152.0/24 list=aws
add address=52.46.189.68/30 list=aws
add address=52.93.127.167 list=aws
add address=52.93.178.215 list=aws
add address=54.239.108.0/22 list=aws
add address=64.252.68.0/24 list=aws
add address=150.222.133.0/24 list=aws
add address=161.188.130.0/23 list=aws
add address=13.34.37.96/27 list=aws
add address=13.34.76.96/27 list=aws
add address=15.230.193.0/24 list=aws
add address=18.229.0.0/16 list=aws
add address=52.46.189.72/30 list=aws
add address=52.93.50.148/31 list=aws
add address=52.93.127.174 list=aws
add address=52.93.127.238 list=aws
add address=52.93.178.182 list=aws
add address=52.94.68.0/24 list=aws
add address=52.95.192.0/20 list=aws
add address=52.144.230.204/31 list=aws
add address=52.219.195.0/24 list=aws
add address=54.219.0.0/16 list=aws
add address=150.222.28.122/31 list=aws
add address=150.222.232.122 list=aws
add address=3.32.0.0/16 list=aws
add address=15.230.0.6/31 list=aws
add address=35.182.0.0/15 list=aws
add address=43.224.76.24/30 list=aws
add address=43.224.77.44/30 list=aws
add address=52.46.191.178/31 list=aws
add address=52.93.122.255 list=aws
add address=54.230.192.0/21 list=aws
add address=70.232.124.0/22 list=aws
add address=99.77.191.0/24 list=aws
add address=3.5.72.0/23 list=aws
add address=13.34.26.0/27 list=aws
add address=13.34.62.32/27 list=aws
add address=13.250.0.0/15 list=aws
add address=15.230.39.104/31 list=aws
add address=43.224.79.80/31 list=aws
add address=44.192.0.0/11 list=aws
add address=52.46.189.132/30 list=aws
add address=52.46.190.168/30 list=aws
add address=52.93.127.17 list=aws
add address=52.93.127.99 list=aws
add address=52.95.166.0/23 list=aws
add address=52.144.216.2/31 list=aws
add address=150.222.129.148 list=aws
add address=150.222.208.66/31 list=aws
add address=13.34.26.64/27 list=aws
add address=13.34.58.32/27 list=aws
add address=13.34.70.0/27 list=aws
add address=15.230.39.136/31 list=aws
add address=15.230.39.226/31 list=aws
add address=15.251.0.10 list=aws
add address=16.12.20.0/24 list=aws
add address=52.144.215.0/31 list=aws
add address=52.144.215.196/31 list=aws
add address=54.240.236.78 list=aws
add address=64.252.102.0/24 list=aws
add address=64.252.108.0/24 list=aws
add address=69.107.6.200/29 list=aws
add address=87.238.80.0/21 list=aws
add address=99.77.156.0/24 list=aws
add address=161.188.140.0/23 list=aws
add address=13.34.2.0/27 list=aws
add address=13.34.12.64/27 list=aws
add address=13.34.46.192/27 list=aws
add address=13.34.60.224/27 list=aws
add address=15.230.78.64/26 list=aws
add address=15.230.243.0/24 list=aws
add address=52.46.191.2/31 list=aws
add address=52.93.50.129 list=aws
add address=52.93.178.147 list=aws
add address=52.95.169.0/24 list=aws
add address=54.222.0.0/19 list=aws
add address=54.239.0.112/28 list=aws
add address=54.239.8.0/21 list=aws
add address=54.240.204.0/22 list=aws
add address=99.86.0.0/16 list=aws
add address=150.222.203.0/24 list=aws
add address=207.171.176.0/20 list=aws
add address=13.34.13.160/27 list=aws
add address=13.34.21.96/27 list=aws
add address=15.168.0.0/16 list=aws
add address=15.230.14.252/31 list=aws
add address=15.230.32.0/24 list=aws
add address=15.230.39.192/31 list=aws
add address=15.230.79.0/26 list=aws
add address=43.224.77.184/30 list=aws
add address=52.46.189.160/30 list=aws
add address=52.93.178.179 list=aws
add address=54.240.236.18 list=aws
add address=99.77.138.0/24 list=aws
add address=150.222.5.0/24 list=aws
add address=150.222.120.62/31 list=aws
add address=162.250.238.0/23 list=aws
add address=178.236.0.0/20 list=aws
add address=3.5.152.0/21 list=aws
add address=13.34.37.160/27 list=aws
add address=15.230.39.72/31 list=aws
add address=18.224.0.0/14 list=aws
add address=43.224.76.180/30 list=aws
add address=43.224.79.74/31 list=aws
add address=52.56.0.0/16 list=aws
add address=52.93.55.162/31 list=aws
add address=52.93.92.74/31 list=aws
add address=52.93.127.248 list=aws
add address=52.93.153.149 list=aws
add address=52.93.178.170 list=aws
add address=52.93.178.223 list=aws
add address=52.144.233.70/31 list=aws
add address=54.240.212.0/22 list=aws
add address=54.245.0.0/16 list=aws
add address=142.4.160.0/29 list=aws
add address=150.222.100.0/24 list=aws
add address=13.34.21.160/27 list=aws
add address=13.34.24.64/27 list=aws
add address=13.34.27.0/27 list=aws
add address=13.34.33.64/27 list=aws
add address=13.34.48.192/27 list=aws
add address=13.34.72.64/27 list=aws
add address=13.248.105.0/24 list=aws
add address=16.12.16.0/23 list=aws
add address=18.230.0.0/16 list=aws
add address=52.46.189.88/30 list=aws
add address=52.46.190.188/31 list=aws
add address=52.58.0.0/15 list=aws
add address=52.93.50.130 list=aws
add address=52.93.121.195 list=aws
add address=52.93.127.25 list=aws
add address=52.218.0.0/17 list=aws
add address=150.222.176.0/22 list=aws
add address=13.34.30.96/27 list=aws
add address=13.34.40.128/27 list=aws
add address=13.34.62.224/27 list=aws
add address=13.34.74.32/27 list=aws
add address=13.248.0.0/20 list=aws
add address=15.230.39.174/31 list=aws
add address=15.230.39.240/31 list=aws
add address=52.93.127.219 list=aws
add address=52.93.153.177 list=aws
add address=52.94.152.63 list=aws
add address=52.95.29.0/26 list=aws
add address=52.144.228.0/31 list=aws
add address=52.219.142.0/24 list=aws
add address=99.77.152.0/24 list=aws
add address=150.222.217.248/31 list=aws
add address=3.131.0.0/16 list=aws
add address=13.34.29.96/27 list=aws
add address=13.34.53.224/27 list=aws
add address=13.34.59.64/27 list=aws
add address=13.34.63.0/27 list=aws
add address=13.34.74.96/27 list=aws
add address=15.220.80.0/20 list=aws
add address=15.230.9.10/31 list=aws
add address=15.230.39.158/31 list=aws
add address=15.230.73.128/26 list=aws
add address=52.46.191.88/31 list=aws
add address=52.46.191.236/31 list=aws
add address=52.93.122.202 list=aws
add address=52.93.127.18 list=aws
add address=52.93.127.195 list=aws
add address=52.219.0.0/20 list=aws
add address=54.240.248.0/21 list=aws
add address=pecl.php.net list=vpn-hetzner
add address=jsfiddle.net list=vpn-hetzner
add address=registry.terraform.io list=vpn-hetzner
add address=play.google.com list=vpn-hetzner
add address=software.cisco.com list=vpn-hetzner
add address=code-with-me.jetbrains.com list=vpn-hetzner
add address=leafletjs.com list=vpn-hetzner
add address=my.mehnat.uz list=vpn-uz
add address=mehnat.uz list=vpn-uz
add address=developer.apple.com list=vpn-hetzner
add address=grpc.io list=vpn-hetzner
add address=medium.com list=vpn-hetzner
add address=91.108.56.0/22 list=Telegram
add address=91.108.4.0/22 list=Telegram
add address=91.108.8.0/22 list=Telegram
add address=91.108.16.0/22 list=Telegram
add address=91.108.12.0/22 list=Telegram
add address=149.154.160.0/20 list=Telegram
add address=91.105.192.0/23 list=Telegram
add address=91.108.20.0/22 list=Telegram
add address=185.76.151.0/24 list=Telegram
add address=bard.google.com list=vpn-hetzner
add address=chat.openai.com list=vpn-hetzner
add address=cdn.oaistatic.com list=vpn-hetzner
add address=sysdig.com list=vpn-hetzner
add address=docs.gitlab.com list=vpn-hetzner
add address=temp-mail.org list=vpn-hetzner
add address=52.0.0.0/8 comment=docker disabled=yes list=aws
add address=44.0.0.0/8 comment=docker disabled=yes list=aws
add address=54.0.0.0/8 comment=docker disabled=yes list=aws
add address=getoutline.org list=aws
add address=192.168.88.89 list=ALLOW_1C_MIRAN
add address=123.com list=vpn-hetzner
add address=redis.io list=vpn-hetzner
add address=download.jetbrains.com list=vpn-hetzner
add address=sqlite.org list=vpn-hetzner
add address=vector.dev list=vpn-hetzner
add address=openai.com list=vpn-hetzner
add address=chatgpt.com list=vpn-hetzner
add address=auth0.openai.com list=vpn-hetzner
add address=ident.me comment=software.cisco.com list=vpn-hetzner
/ip firewall filter
add action=fasttrack-connection chain=forward connection-state=established,related disabled=yes hw-offload=yes protocol=tcp
add action=fasttrack-connection chain=forward connection-state=established,related disabled=yes hw-offload=yes protocol=udp
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=accept chain=forward connection-state=established,related
add action=accept chain=input comment="PERMIT API FROM GRAFANA" dst-port=8728 in-interface-list=WAN protocol=tcp src-address=178.154.206.90
add action=accept chain=input comment="PERMIT SSH OXID" dst-port=11209 protocol=tcp
add action=accept chain=input disabled=yes in-interface=vpn-office-ufa
add action=accept chain=forward comment="allow icmp vpn tunnel" in-interface=vpn-office-ufa log=yes protocol=icmp
add action=accept chain=input comment=temp.admin dst-port=8291 protocol=tcp
add action=accept chain=input comment="allow winbox vpn tunnel" dst-port=8291 in-interface=vpn-office-ufa protocol=tcp src-port=""
add action=accept chain=input comment="allow winbox vpn tunnel" dst-port=8291 in-interface=vpn-uz protocol=tcp src-port=""
add action=accept chain=input comment="allow 80 vpn tunnel" dst-port=80 in-interface=vpn-office-ufa log=yes protocol=tcp
add action=accept chain=input comment="allow 80 vpn tunnel" dst-port=80 in-interface=vpn-uz log=yes protocol=tcp
add action=accept chain=forward comment="allow icmp vpn tunnel" in-interface=vpn-uz log=yes protocol=icmp
add action=accept chain=input comment="defconf: accept established,related,untracked" connection-state=established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=invalid disabled=yes
add action=accept chain=input comment="allow dns" dst-port=53 in-interface=!ether1 protocol=udp
add action=accept chain=input dst-port=8728 protocol=tcp src-address=91.142.93.46
add action=accept chain=input comment=snmp disabled=yes in-interface-list=WAN port=161 protocol=udp
add action=accept chain=forward comment="ALLOW MIRAN 1C" dst-address=10.0.10.0/24 src-address-list=ALLOW_1C_MIRAN
add action=drop chain=input comment="defconf: drop all not coming from LAN" in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept in ipsec policy" ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" connection-state=established,related disabled=yes hw-offload=yes
add action=accept chain=forward comment="defconf: accept established,related, untracked" connection-state=established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" connection-state=invalid
add action=drop chain=forward comment="defconf:  drop all from WAN not DSTNATed" connection-nat-state=!dstnat connection-state=new in-interface-list=WAN
/ip firewall mangle
add action=mark-routing chain=output dst-address=49.12.234.183 new-routing-mark=wg_test passthrough=yes
add action=mark-packet chain=forward new-packet-mark=meet passthrough=yes port=10000-20000 protocol=udp
add action=mark-connection chain=prerouting connection-state=new disabled=yes dst-address-list=google-lh3 log=yes new-connection-mark=to_hetzner passthrough=yes
add action=mark-connection chain=prerouting connection-state=new disabled=yes dst-address-list=route_to_vpn new-connection-mark=to_vpn passthrough=yes
add action=mark-routing chain=prerouting disabled=yes dst-address-list=VPN new-routing-mark=vpn-frankfurt passthrough=yes
add action=mark-routing chain=prerouting disabled=yes dst-address-list=vpn-hetzner new-routing-mark=vpn-frankfurt passthrough=yes
add action=mark-routing chain=output dst-address-list=vpn-hetzner new-routing-mark=vpn-frankfurt passthrough=yes
add action=mark-routing chain=prerouting disabled=yes dst-address-list=aws new-routing-mark=vpn-frankfurt passthrough=yes
add action=mark-routing chain=prerouting disabled=yes dst-address-list=Telegram new-routing-mark=vpn-frankfurt passthrough=yes
add action=mark-routing chain=prerouting connection-mark=to_vpn disabled=yes new-routing-mark=to_vpn passthrough=no
add action=mark-routing chain=prerouting dst-address-list=vpn-uz new-routing-mark=vpn-uz passthrough=yes
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" ipsec-policy=out,none out-interface-list=WAN
add action=masquerade chain=srcnat connection-mark=to_hetzner disabled=yes
add action=masquerade chain=srcnat connection-mark=to_vpn disabled=yes
add action=masquerade chain=srcnat out-interface=vpn-office-ufa
add action=masquerade chain=srcnat out-interface=vpn-uz
add action=masquerade chain=srcnat disabled=yes out-interface=ovpn-frankfurt
add action=dst-nat chain=dstnat comment="WEB ACCESS TO SWITCH" disabled=yes dst-port=55123 protocol=tcp to-addresses=192.168.88.3 to-ports=80
/ip ipsec identity
add peer=miran secret="-~*B.M^#uR7=xuh@12Q8"
/ip ipsec policy
set 0 proposal=proposal1
/ip route
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=vpn-uz routing-table=vpn-uz suppress-hw-offload=no
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=81.30.218.1 pref-src="" routing-table=main suppress-hw-offload=no
add disabled=yes distance=1 dst-address=10.0.10.0/24 gateway=10.10.14.1 pref-src="" routing-table=main scope=30 suppress-hw-offload=no target-scope=10
add comment="ether main channel" disabled=yes distance=1 dst-address=77.88.8.1/32 gateway=81.30.218.1 routing-table=main suppress-hw-offload=no
add comment="lte backup channel" disabled=yes distance=1 dst-address=77.88.8.8/32 gateway=10.0.0.1 routing-table=main suppress-hw-offload=no
add distance=1 dst-address=192.168.1.0/24 gateway=vpn-office-ufa pref-src=192.168.88.1
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=ovpn-frankfurt routing-table=vpn-frankfurt scope=30 suppress-hw-offload=no target-scope=10
add disabled=no distance=1 dst-address=10.0.10.0/24 gateway=10.10.0.5 pref-src="" routing-table=main scope=30 suppress-hw-offload=no target-scope=10
add disabled=no distance=1 dst-address=10.0.30.0/24 gateway=10.10.14.1 routing-table=main scope=30 suppress-hw-offload=no target-scope=10 vrf-interface=vpn-office-ufa
add disabled=no distance=1 dst-address=192.168.30.0/24 gateway=ovpn-frankfurt routing-table=main scope=10 suppress-hw-offload=no
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh port=11209
/ip smb shares
set [ find default=yes ] directory=/pub
/ipv6 firewall address-list
add address=::/128 comment="defconf: unspecified address" list=bad_ipv6
add address=::1/128 comment="defconf: lo" list=bad_ipv6
add address=fec0::/10 comment="defconf: site-local" list=bad_ipv6
add address=::ffff:0.0.0.0/96 comment="defconf: ipv4-mapped" list=bad_ipv6
add address=::/96 comment="defconf: ipv4 compat" list=bad_ipv6
add address=100::/64 comment="defconf: discard only " list=bad_ipv6
add address=2001:db8::/32 comment="defconf: documentation" list=bad_ipv6
add address=2001:10::/28 comment="defconf: ORCHID" list=bad_ipv6
add address=3ffe::/16 comment="defconf: 6bone" list=bad_ipv6
/ipv6 firewall filter
add action=accept chain=input comment="defconf: accept established,related,untracked" connection-state=established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=invalid
add action=accept chain=input comment="defconf: accept ICMPv6" protocol=icmpv6
add action=accept chain=input comment="defconf: accept UDP traceroute" port=33434-33534 protocol=udp
add action=accept chain=input comment="defconf: accept DHCPv6-Client prefix delegation." dst-port=546 protocol=udp src-address=fe80::/10
add action=accept chain=input comment="defconf: accept IKE" dst-port=500,4500 protocol=udp
add action=accept chain=input comment="defconf: accept ipsec AH" protocol=ipsec-ah
add action=accept chain=input comment="defconf: accept ipsec ESP" protocol=ipsec-esp
add action=accept chain=input comment="defconf: accept all that matches ipsec policy" ipsec-policy=in,ipsec
add action=drop chain=input comment="defconf: drop everything else not coming from LAN" in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept established,related,untracked" connection-state=established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" connection-state=invalid
add action=drop chain=forward comment="defconf: drop packets with bad src ipv6" src-address-list=bad_ipv6
add action=drop chain=forward comment="defconf: drop packets with bad dst ipv6" dst-address-list=bad_ipv6
add action=drop chain=forward comment="defconf: rfc4890 drop hop-limit=1" hop-limit=equal:1 protocol=icmpv6
add action=accept chain=forward comment="defconf: accept ICMPv6" protocol=icmpv6
add action=accept chain=forward comment="defconf: accept HIP" protocol=139
add action=accept chain=forward comment="defconf: accept IKE" dst-port=500,4500 protocol=udp
add action=accept chain=forward comment="defconf: accept ipsec AH" protocol=ipsec-ah
add action=accept chain=forward comment="defconf: accept ipsec ESP" protocol=ipsec-esp
add action=accept chain=forward comment="defconf: accept all that matches ipsec policy" ipsec-policy=in,ipsec
add action=drop chain=forward comment="defconf: drop everything else not coming from LAN" in-interface-list=!LAN
/ppp secret
add name=ufanet password=1GMcp8oOKGlMR0f profile=vpn_ufanet service=pptp
/snmp
set trap-generators=""
/system clock
set time-zone-name=Asia/Yekaterinburg
/system identity
set name=gw-ufa
/system logging
set 0 action=remote prefix=:Info topics=info,!dhcp
set 1 action=remote prefix=:Error
set 2 action=remote prefix=:Warning
set 3 action=remote prefix=:Critical
add action=remote prefix=:Firewall topics=firewall
add action=remote prefix=:Account topics=account
add prefix=:Info topics=info,!dhcp
add prefix=:Warning topics=warning
add prefix=:Error topics=error
add prefix=:Critical topics=critical
add prefix=:Account topics=account
/system note
set show-at-login=no
/system scheduler
add interval=10s name=SendGWHostAvailability on-event="/system script run GW1CHostAvailability" policy=read,write,policy,test start-date=2024-07-25 start-time=17:32:57
add interval=10s name=SendMiranHostAvailability on-event="/system script run MiranHostAvailability" policy=read,write,policy,test start-date=2024-07-25 start-time=17:32:57
/system script
add dont-require-permissions=yes name=GW1CHostAvailability owner=artem.krasnoseletskii policy=read,write,policy,test source=":local ipAddress \"10.0.10.1\"\r\n:local ipAddressSTS \"10.10.0.1\"\r\n:local hostName \"GW-1c-internal\"\r\n:local hostNameSTS \"sts GW Miran\"\r\n:local dst \"GW-UFA\"\r\n:local state \"firing\"\r\n:local state2 \"resolved\"\r\n:local alertname \"\$hostName Down\"\r\n:local alertnameSTS \"VPNTunnelDown\"\r\n:local job \"MikrotikNetwatch\"\r\n:local severity \"critical\"\r\n:local description \"\$hostName down\"\r\n:local descriptionSTS \"VPN tunnel down\"\r\n:local summaryText \"routes\"\r\n:local summaryText2 \"interface\"\r\n:local summary \"Can not reach \$hostName. Check the \$summaryText or \$hostName availability\"\r\n:local time [/system clock get time]\r\n:local date [/system clock get date]\r\n:local url http://178.154.206.90:8080/integrations/v1/webhook/syqCZNKkVMnLrUYeQeHNfvjKR/\r\n:local testurl https://webhook.site/394297f3-ff8d-4d55-8ebf-1bb4df2a7fa7\r\n:global DownState\r\n\r\n    :local pingHost [/ping \$ipAddress count=5]\r\n        :if (\$pingHost = 0 && \$DownState != true) do={\r\n            /tool fetch url=\"\$url\" http-method=post mode=http http-header-field=\"content-type: application/json\" http-data=\"{\\\"state\\\": \\\"\$state\\\",\\\"alert\\\": {\\\"alertname\\\": \\\"\$alertname\\\",\\\"job\\\": \\\"\$job\\\",\\\"instance\\\": \\\"\$dst\\\",\\\"severity\\\":\_\\\"\$severity\\\"},\\\"annotations\\\": {\\\"description\\\": \\\"\$description\\\",\\\"summary\\\": \\\"\$summary\\\"},\\\"startsAt\\\": \\\"\$date \$time\\\"}\"  output=none;\r\n            :set \$DownState true;\r\n            } else={ \r\n                if (\$DownState = true && \$pingHost != 0) do={\r\n                        /tool fetch url=\"\$url\" http-method=post mode=http http-header-field=\"content-type: application/json\" http-data=\"{\\\"state\\\": \\\"\$state2\\\",\\\"alert\\\": {\\\"alertname\\\": \\\"\$alertname\\\",\\\"job\\\": \\\"\$job\\\",\\\"instance\\\": \\\"\$dst\\\",\\\"severity\\\": \\\"\$severity\\\"},\\\"annotations\\\": {\\\"description\\\": \\\"\$description\\\",\\\"summary\\\": \\\"\$summary\\\"},\\\"startsAt\\\": \\\"\$date \$time\\\"}\"  output=none;\r\n                        :set \$DownState false;\r\n            }\r\n            }"
add dont-require-permissions=yes name=MiranHostAvailability owner=artem.krasnoseletskii policy=read,write,policy,test source=":local ipAddress \"10.0.10.1\"\r\n:local ipAddressSTS \"10.10.0.1\"\r\n:local hostName \"GW-1c-internal\"\r\n:local hostNameSTS \"sts GW Miran\"\r\n:local dst \"GW-UFA\"\r\n:local state \"firing\"\r\n:local state2 \"resolved\"\r\n:local alertname \"\$hostNameSTS Down\"\r\n:local alertnameSTS \"VPNTunnelDown\"\r\n:local job \"MikrotikNetwatch\"\r\n:local severity \"critical\"\r\n:local description \"\$hostNameSTS down\"\r\n:local descriptionSTS \"VPN tunnel down\"\r\n:local summaryText \"routes\"\r\n:local summaryTextSTS \"interface\"\r\n:local summary \"Can not reach \$hostNameSTS. Check the \$summaryTextSTS\_or \$hostNameSTS availability\"\r\n:local time [/system clock get time]\r\n:local date [/system clock get date]\r\n:local url http://178.154.206.90:8080/integrations/v1/webhook/syqCZNKkVMnLrUYeQeHNfvjKR/\r\n:local testurl https://webhook.site/394297f3-ff8d-4d55-8ebf-1bb4df2a7fa7\r\n:global DownStateM\r\n\r\n    :local pingHost [/ping \$ipAddressSTS count=5]\r\n        :if (\$pingHost = 0 && \$DownStateM != true) do={\r\n            /tool fetch url=\"\$url\" http-method=post mode=http http-header-field=\"content-type: application/json\" http-data=\"{\\\"state\\\": \\\"\$state\\\",\\\"alert\\\": {\\\"alertname\\\": \\\"\$alertnameSTS\\\",\\\"job\\\": \\\"\$job\\\",\\\"instance\\\": \\\"\$dst\\\",\\\"severity\\\": \\\"\$severity\\\"},\\\"annotations\\\": {\\\"description\\\": \\\"\$description\\\",\\\"summary\\\": \\\"\$summary\\\"},\\\"startsAt\\\": \\\"\$date \$time\\\"}\"  output=none;\r\n            :set \$DownStateM true;\r\n            } else={ \r\n                if (\$DownStateM = true && \$pingHost != 0) do={\r\n                        /tool fetch url=\"\$url\" http-method=post mode=http http-header-field=\"content-type: application/json\" http-data=\"{\\\"state\\\": \\\"\$state2\\\",\\\"alert\\\": {\\\"alertname\\\": \\\"\$alertnameSTS\\\",\\\"job\\\": \\\"\$job\\\",\\\"instance\\\": \\\"\$dst\\\",\\\"severity\\\": \\\"\$severity\\\"},\\\"annotations\\\": {\\\"description\\\": \\\"\$description\\\",\\\"summary\\\": \\\"\$summary\\\"},\\\"startsAt\\\": \\\"\$date \$time\\\"}\"  output=none;\r\n                        :set \$DownStateM false;\r\n            }\r\n            }"
/tool bandwidth-server
set authenticate=no enabled=no
/tool mac-server
set allowed-interface-list=LAN
/tool mac-server mac-winbox
set allowed-interface-list=LAN
/user group
add name=prometheus policy="read,test,winbox,api,!local,!telnet,!ssh,!ftp,!reboot,!write,!policy,!password,!web,!sniff,!sensitive,!romon,!rest-api"
add name=api_read policy="read,api,!local,!telnet,!ssh,!ftp,!reboot,!write,!policy,!test,!winbox,!password,!web,!sniff,!sensitive,!romon,!rest-api"