# The following creates a PPTP and L2TP VPN server on the MikroTik: # !!! YOU MUST UPDATE DNS IN /PPP PROFILE TO THE CUSTOMERS ISP DNS IP ADDRESS !!! /ip pool add name=VPN_Pool_192 ranges=192.168.131.50-192.168.131.150 /ppp profile add change-tcp-mss=yes dns-server=68.94.156.1,68.94.157.1 local-address=\ 192.168.131.254 name=VPN-Encrypt remote-address=VPN_Pool_192 \ use-encryption=yes /ppp profile add change-tcp-mss=yes dns-server=192.168.131.253,10.0.0.12 local-address=\ 192.168.131.254 name=Guido-Encrypt remote-address=VPN_Pool_192 \ use-encryption=yes /interface l2tp-server server set default-profile=VPN-Encrypt enabled=yes /interface pptp-server server set authentication=pap,chap,mschap1,mschap2 default-profile=VPN-Encrypt \ enabled=yes # The following creates a user on the VPN Server MikroTik: /ppp secret add name=aravpnadmin password=YsD9fKN3fVZP profile=VPN-Encrypt
Mikrotik VPN Script PPTP & L2TP
Block torrents with mikrotik
Block torrents with mikrotik
/ip firewall layer7-protocol add comment="Block Bit Torrent" name=layer7-bittorrent-exp regexp="^(\\x13bitt\ orrent protocol|azver\\x01\$|get /scrape\\\?info_hash=get /announce\\\?inf\ o_hash=|get /client/bitcomet/|GET /data\\\?fid=)|d1:ad2:id20:|\\x08'7P\\)[\ RP]" /ip firewall filter add action=add-src-to-address-list address-list=Torrent-Conn \ address-list-timeout=2m chain=forward layer7-protocol=\ layer7-bittorrent-exp src-address=192.168.10.0/24 src-address-list=\ !allow-bit add action=add-src-to-address-list address-list=Torrent-Conn \ address-list-timeout=2m chain=forward p2p=all-p2p src-address=\ 192.168.10.0/24 src-address-list=!allow-bit /ip firewall filter add action=drop chain=forward dst-port=!0-1024,8291,5900,5800,3389,14147,5222,59905 protocol=tcp \ src-address-list=Torrent-Conn add action=drop chain=forward dst-port=!0-1024,8291,5900,5800,3389,14147,5222,59905 protocol=udp \ src-address-list=Torrent-Conn
Linux / UNIX: Delete a file
To remove a file or directory in Linux, FreeBSD, Solaris or Unix-like operating systems use the rm command.
To remove all files & subdirectories from a directory (MS-DOS deltree like command), enter:
To remove all files & subdirectories from a directory (MS-DOS deltree like command), enter:
rm -rf mydir
Prioritize SpeedTest.Net Results via Mikrotik Queue
# Mark speedtest in Layer7 firewall /ip firewall layer7-protocol add name=speedtest regexp="^.+(speedtest).*\\\$" # Marking SPEEDTEST.NET in mangle section using L7 /ip firewall mangle add action=mark-connection chain=forward comment=SPEEDTEST layer7-protocol=speedtest new-connection-mark=speedtest_conn add action=mark-connection chain=prerouting new-connection-mark=speedtest_conn protocol=tcp src-port=8080 add action=mark-packet chain=prerouting connection-mark=speedtest_conn new-packet-mark=speedtest_pkt passthrough=no add action=mark-connection chain=postrouting dst-port=8080 new-connection-mark=speedtest_conn protocol=tcp add action=mark-packet chain=postrouting connection-mark=speedtest_conn new-packet-mark=speedtest_pkt passthrough=no # ADD PCQ so that i can be applied on per ip bases later in simple queue / zaib /queue type add kind=pcq name=download-2mb pcq-burst-rate=0 pcq-burst-threshold=0 pcq-burst-time=10s pcq-classifier=dst-address pcq-dst-address-mask=32 pcq-dst-address6-mask=64 pcq-limit=50 pcq-rate=2048k \ pcq-src-address-mask=32 pcq-src-address6-mask=64 pcq-total-limit=2000 add kind=pcq name=upload-2mb pcq-burst-rate=0 pcq-burst-threshold=0 pcq-burst-time=10s pcq-classifier=src-address pcq-dst-address-mask=32 pcq-dst-address6-mask=64 pcq-limit=50 pcq-rate=2048k \ pcq-src-address-mask=32 pcq-src-address6-mask=64 pcq-total-limit=2000 # Add simple QUEUE to limit speedtest.net 2mb PER USER /queue simple add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s comment="Limit every Users at 2mb using PCQ. for speedtest only marked by mangle / zaib" direction=both disabled=no interface=all limit-at=0/0 max-limit=0/0 name=\ "SpeedTest.Net 2Mb per use via g PCQ / zaib" packet-marks=speedtest_pkt parent=none priority=8 queue=upload-2mb/download-2mb target-addresses=192.168.5.0/24 total-queue=default-small # Add simple QUEUE to limit user PC individually for rest of traffic, static or dynamic up to your network. add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=512k/512k max-limit=512k/512k name="Zaib Desktop 512k A llowed - 192.168.5.2" packet-marks="" \ parent=none priority=8 queue=default-small/default-small target-addresses=192.168.5.2/32 total-queue=default-small
Manual squid-3 tproxy Installation with mikrotik
#manual for debian7 ubuntu12/14 after finish your installing of ubuntu / debian # change or replace /etc/apt/sources.list with a local repository debian 7 indonesia= deb http://kambing.ui.ac.id/debian/ wheezy main contrib non-free deb http://kambing.ui.ac.id/debian/ wheezy-updates main contrib non-free deb http://kambing.ui.ac.id/debian-security/ wheezy/updates main contrib non-free for debian error key= aptitude install debian-keyring debian-archive-keyring apt-key update apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 8B48AD6246925553 apt-get update && apt-get upgrade -y key input (q) #edit tuning limits.conf at /security/limits.conf add /etc/security/limits.conf ============================================================= * soft nofile 65536 * hard nofile 65536 root soft nofile 65536 root hard nofile 65536 proxy soft nofile 65536 proxy hard nofile 65536 ================================================================ #edit kernel @ .. /etc/sysctl.conf ================================================================= #remove all contents and replace with config below ################################################################ << ..................................................................................... kernel.panic = 30 kernel.panic_on_oops = 30 kernel.sysrq = 0 kernel.core_uses_pid = 1 kernel.msgmnb = 65536 kernel.msgmax = 65536 fs.file-max = 65536 vm.swappiness = 5 vm.vfs_cache_pressure=50 vm.mmap_min_addr = 4096 vm.overcommit_ratio = 0 vm.overcommit_memory = 0 kernel.shmmax = 268435456 kernel.shmall = 268435456 vm.min_free_kbytes = 65536 net.ipv4.tcp_syncookies = 1 net.ipv4.tcp_syn_retries = 5 net.ipv4.tcp_synack_retries = 2 net.ipv4.tcp_max_syn_backlog = 4096 net.ipv4.ip_forward = 1 net.ipv4.conf.all.forwarding = 1 net.ipv4.conf.default.forwarding = 1 net.ipv4.conf.all.accept_source_route = 0 net.ipv4.conf.default.accept_source_route = 0 net.ipv4.conf.all.rp_filter = 0 net.ipv4.conf.default.rp_filter = 0 net.ipv4.conf.eth0.rp_filter = 0 net.ipv4.conf.all.accept_redirects = 0 net.ipv4.conf.default.accept_redirects = 0 net.ipv4.conf.all.log_martians = 0 net.ipv4.conf.default.log_martians = 0 net.ipv4.tcp_fin_timeout = 15 net.ipv4.tcp_keepalive_time = 300 net.ipv4.tcp_keepalive_probes = 5 net.ipv4.tcp_keepalive_intvl = 15 net.ipv4.conf.all.bootp_relay = 0 net.ipv4.conf.all.proxy_arp = 0 net.ipv4.tcp_dsack = 1 net.ipv4.tcp_sack = 1 net.ipv4.tcp_fack = 1 net.ipv4.tcp_timestamps = 1 net.ipv4.icmp_echo_ignore_all = 0 net.ipv4.icmp_echo_ignore_broadcasts = 1 net.ipv4.icmp_ignore_bogus_error_responses = 1 net.ipv4.ip_local_port_range = 1024 65535 net.ipv4.tcp_rfc1337 = 1 net.ipv4.tcp_congestion_control = cubic net.ipv4.tcp_window_scaling = 1 net.ipv4.tcp_mem = 65536 131072 262144 net.ipv4.udp_mem = 65536 131072 262144 net.ipv4.tcp_rmem = 8192 87380 16777216 net.ipv4.udp_rmem_min = 16384 net.core.rmem_default = 87380 net.core.rmem_max = 16777216 net.ipv4.tcp_wmem = 8192 65536 16777216 net.ipv4.udp_wmem_min = 16384 net.core.wmem_default = 65536 net.core.wmem_max = 16777216 net.core.somaxconn = 32768 net.core.netdev_max_backlog = 4096 net.core.dev_weight = 64 net.core.optmem_max = 65536 net.ipv4.tcp_max_tw_buckets = 1440000 net.ipv4.tcp_tw_recycle = 1 net.ipv4.tcp_tw_reuse = 1 net.ipv4.tcp_max_orphans = 16384 net.ipv4.tcp_orphan_retries = 0 net.ipv4.ipfrag_high_thresh = 512000 net.ipv4.ipfrag_low_thresh = 446464 net.ipv4.tcp_no_metrics_save = 1 net.ipv4.tcp_moderate_rcvbuf = 1 net.unix.max_dgram_qlen = 50 net.ipv4.neigh.default.gc_thresh3 = 2048 net.ipv4.neigh.default.gc_thresh2 = 1024 net.ipv4.neigh.default.gc_thresh1 = 32 net.ipv4.neigh.default.gc_interval = 30 net.ipv4.neigh.default.proxy_qlen = 96 net.ipv4.neigh.default.unres_qlen = 6 net.ipv4.tcp_ecn = 1 net.ipv4.tcp_reordering = 3 net.ipv4.tcp_retries2 = 15 net.ipv4.tcp_retries1 = 3 <<<........................................................................................................... ============================================================================================================== # install web server apt-get install apache2 php5 php5-mysql mysql-server phpmyadmin -y edit apache2.conf @/etc/apache2/apache2.conf # Include the virtual host configurations: Include sites-enabled/ ServerName localhost <<<< adding # install dns server can bind or unbound I used to wear when unbound, user friendly installation apt-get install unbound /etc/init.d/unbound stop cd /etc/unbound wget ftp://ftp.internic.net/domain/named.cache -O /etc/unbound/named.cache edit unbound.conf= <<<my unbound.conf.... http://pastebin.com/2gTnMNAV edit dns-nameservers in /etc/netwwork/interfaces replace with localhost ip # for mikrotik router <<<.. adding my mikrotik nat dns-server unbound resolver= http://pastebin.com/190MZmtz unbound-control-setup chown unbound:root unbound_* && chmod 440 unbound_* /etc/init.d/unbound restart flush cache unbound= /etc/init.d/unbound reload or unbound control-reload #mulai konfigurasi squid proxy # install packet apt-get install devscripts build-essential openssl libssl-dev fakeroot libcppunit-dev libsasl2-dev cdbs ebtables bridge-utils libcap2 libcap-dev libcap2-dev sysv-rc-conf iproute kernel-package libncurses5-dev fakeroot wget bzip2 debhelper linuxdoc-tools libselinux1-dev htop iftop dnstop perl libnet-ssleay-perl openssl libauthen-pam-perl libpam-runtime libio-pty-perl apt-show-versions python ccze pastebinit checkinstall libssl-dev htop iftop iptraf mtr-tiny bwm-ng ccze sysv-rc-conf -y #libecap download libecap= http://www.4shared.com/archive/uMVmB3ADce/libecap-100tar.html download DSI_ecap_youtube.so= http://www.4shared.com/file/rYJcJqyVce/DSI_ecap_youtube.html tar -xzf libecap-1.0.0.tar.gz cd libecap-1.0.0/ ./configure && make && make install echo "/usr/local/lib" >> /etc/ld.so.conf ldconfig #ecap_adapter apt-get install pkg-config wget http://www.measurement-factory.com/tmp/ecap/ecap_adapter_sample-1.0.0.tar.gz tar -xzf ecap_adapter_sample-1.0.0.tar.gz cd ecap_adapter_sample-1.0.0 # download patch ecap_adapter in mikrotik squid indonesia group / thanks to Mikrotike N SquidLovers https://www.facebook.com/download/989568241123182/patch_ecap_adapter_sample.patch <<< move patch_ecap_adapter_sample.patch > #to directory= /ecap_adapter_sample-1.0.0 <<< and then input the scripts below >>> eksekusi >> patch -p1 < patch_ecap_adapter_sample.patch ./configure && make && make install #squid installation wget http://www.squid-cache.org/Versions/v3/3.5/squid-3.5.12.tar.gz tar -xzvf squid-3.5.12.tar.gz cd squid-3* ./configure \ CHOST="x86_64-pc-linux-gnu" \ CFLAGS="-march=core2 -O2 -pipe" \ CXXFLAGS="${CFLAGS}" \ --build=x86_64-linux-gnu \ --prefix=/usr \ --exec-prefix=/usr \ --bindir=/usr/bin \ --sbindir=/usr/sbin \ --libdir=/usr/lib \ --sharedstatedir=/usr/com \ --includedir=/usr/include \ --localstatedir=/var \ --libexecdir=/usr/lib/squid \ --srcdir=. \ --datadir=/usr/share/squid \ --sysconfdir=/etc/squid \ --infodir=/usr/share/info \ --mandir=/usr/share/man \ --x-includes=/usr/include \ --x-libraries=/usr/lib \ --with-default-user=proxy \ --with-logdir=/var/log/squid \ --with-swapdir=/cache/cache \ --with-pidfile=/var/run/squid.pid \ --enable-err-languages=English \ --enable-default-err-language=English \ --enable-storeio=ufs,aufs,diskd \ --enable-linux-netfilter \ --enable-removal-policies=lru,heap \ --enable-gnuregex \ --enable-follow-x-forwarded-for \ --enable-x-accelerator-vary \ --enable-zph-qos \ --enable-delay-pools \ --enable-snmp \ --enable-underscores \ --with-openssl \ --enable-ssl-crtd \ --enable-http-violations \ --enable-async-io=24 \ --enable-storeid-rewrite-helpers \ --with-large-files \ --with-libcap \ --with-libnetfilter-conntrack \ --with-included-ltdl \ --with-maxfd=65536 \ --with-filedescriptors=65536 \ --with-pthreads \ --without-gnutls \ --without-mit-krb5 \ --without-heimdal-krb5 \ --without-gnugss \ --disable-icap-client \ --disable-wccp \ --disable-wccpv2 \ --disable-dependency-tracking \ --disable-auth --disable-epoll \ --disable-ident-lookups \ --disable-icmp \ --enable-ecap \ PKG_CONFIG_PATH=/usr/local/lib/pkgconfig make && make install chown -R proxy:proxy /cache/cache/ chmod -R 777 /cache/cache/ cd /etc/squid mkdir ssl_certs cd ssl_certs openssl genrsa -out squid.key 2048 openssl req -new -key squid.key -out squid.csr -nodes #input data for certificate squid# openssl x509 -req -days 3652 -in squid.csr -signkey squid.key -out squid.crt /usr/lib/squid/ssl_crtd -c -s /etc/squid/ssl_db #edit squid.conf my squid.conf for tproxy= http://pastebin.com/18Rb3nD0 my squid.conf non tproxy only virtualbox= http://pastebin.com/uvtLinw8 my store-id.pl= http://pastebin.com/pLK4Jk81 chown -R nobody /etc/squid/ chown -R proxy:proxy /etc/squid/ chmod -R 777 /etc/squid/ /usr/lib/squid/ssl_crtd -c -s /etc/squid/ssl_db cd /var/log/squid/ touch access.log touch cache.log cd ... chown -R proxy:proxy /var/log/squid/access.log chown -R proxy:proxy /var/log/squid/cache.log chmod -R 777 /var/log/squid/access.log chmod -R 777 /var/log/squid/cache.log cd /etc/init.d/ touch squid >> add scripts /etc/init.d/squid= http://pastebin.com/W8xQAD0d edit line 64 squid file @/etc/init.d/squid >>line 64= #cache_dir=`find_cache_dir cache_dir /cache/cache` chmod +x /etc/init.d/squid update-rc.d squid defaults /etc/init.d/squid stop <<< chown -R nobody /etc/squid/ssl_db/ <<< chown -R proxy:proxy /etc/squid/ssl_db/ <<< chmod -R 777 /etc/squid/ssl_db/ # edit /etc/rc.local config rc.local>>>.... http://pastebin.com/3z3s1Hpy squid -z reboot ################################################################################### # your mikrotik add your ip proxy @ ip firewall address list <<and this is mikrotik simple config for tproxy access >>> http://pastebin.com/9uyMpMac ##################################################################################### #back to proxy and login input= /etc/init.d/squid restart #ssl_cert import download ssl_cert your squid directory using winscp >> download ssl_certs on directory /etc/squid/ >> to your computer windows/.... #setting non tproxy manual browser input #add setting your browser mozilla / chrome or etc.... # google chrome= setting >>> add https/ssl >> manage certificates >> click trusted root certification click buttin import >>> and import your squid.crt -on directory /ssl_cets # mozilla/firefox click tools >> advanced >> certificates >> clieck button view certifictes >> import your squid.crt -on directory /ssl_cets ======================================================================================================= # if you install dns-crypt and unbound>> script auto start dns-crypt= <<<... /usr/local/sbin/dnscrypt-proxy -a 127.0.0.1:40 -d -R d0wn-sg-ns1 -e 4096 -p /run/dnscrypt-proxy.pid ========================================================================================================
Mikrotik dual wan failover script
Mikrotik Multi wan failover script
# Script Starts here... # Internet Host to be checked You can modify them as per required, JZ :local host1 "8.8.8.8" :local host2 "208.67.222.123" # Do not modify data below without proper understanding. :local i 0; :local F 0; :local date; :local time; :global InternetStatus; :global InternetLastChange; # PING each host 5 times :for i from=1 to=5 do={ if ([/ping $host1 count=1]=0) do={:set F ($F + 1)} if ([/ping $host2 count=1]=0) do={:set F ($F + 1)} :delay 1; }; # If both links are down and all replies are timedout, then link is considered down :if (($F=10)) do={ :if (($InternetStatus="UP")) do={ :log error "WARNING : The INTERNET link seems to be DOWN. Please Check"; :set InternetStatus "DOWN"; ## ADD YOUR RULES HERE, LIKE ROUTE CHANGE OR WHAT EVER IS REQUIRED, Example is below ... ## /ip route set [find comment="Default Route"] distance=3 ## /ip firewall nat disable [find comment="Your Rules, Example"] :set date [/system clock get date]; :set time [/system clock get time]; :set InternetLastChange ($time . " " . $date); } else={:set InternetStatus "DOWN";} } else={ ## If reply is received , then consider the Link is UP :if (($InternetStatus="DOWN")) do={ :log warning "WARNING :The INTERNET link have been restored"; :set InternetStatus "UP"; ## ADD YOUR RULES HERE, LIKE ROUTE CHANGE OR WHAT EVER IS REQUIRED, Example is below ... ## /ip route set [find comment="Default Route"] distance=1 ## /ip firewall nat enable [find comment="Your Rules, Example"] :set date [/system clock get date]; :set time [/system clock get time]; :set InternetLastChange ($time . " " . $date); } else={:set InternetStatus "UP";} } # Script Ends Here. # Thank you
Auto Send Email Mikrotik Backup File
Auto Send Email Mikrotik Backup File Script
:log info "*** Auto-backup konfigurasi RB Central Ganesha - RB450G" :global backupfile Konfigurasi_RBCentralGanesha_RB450G :global mikrotikexport Resource_RBCentralGanesha_RB450G /system backup save name=$backupfile /export file=$mikrotikexport :log info "*** Sending Email ..." :delay 400s /tool e-mail send to="windhiartoarief@gmail.com" subject=([/system clock get date] . \ " - AutoBackup Konfigurasi - RB Central Ganesha - RB450G") body="File autobackup konfigurasi Mikrotik" file=$backupfile start-tls=yes /tool e-mail send to="ariefwindhiarto@gmail.com" subject=([/system clock get date] . \ " - AutoBackup Konfigurasi - RB Central Ganesha - RB450G") body="File autobackup konfigurasi Mikrotik" file=$backupfile start-tls=yes /tool e-mail send to="windhiartoarief@gmail.com" subject=([/system clock get date] . \ " - AutoBackup Resource - RB Central Ganesha - RB450G") body="File autobackup resource Mikrotik" file=$mikrotikexport start-tls=yes /tool e-mail send to="ariefwindhiarto@gmail.com" subject=([/system clock get date] . \ " - AutoBackup Resource - RB Central Ganesha - RB450G") body="File autobackup resource Mikrotik" file=$mikrotikexport start-tls=yes :delay 40s :log info "*** Email Send Successfully !!" /file remove $backupfile
Ubuntu DNS Primary Master with Caching Nameserver
DNS Auto Install Script
#!/bin/bash #title :install-dns-on-ubuntu1404.sh #description :This script will install dns on ubuntu 14.04 #author :Henry den Hengst #date :25 November 2014 #version :0.1 #usage :bash install-dns-on-ubuntu1404.sh #URL :- #user_password :- #notes :- #bash_version :- #credits_source :https://help.ubuntu.com/ # sudo apt-get update && sudo apt-get upgrade -y sudo apt-get install bind9 dnsutils openssh-server ntp -y # Edit /etc/network/interfaces to meet your requirements. # sudo sed -i 's!dhcp!static!g' /etc/network/interfaces sudo sed -i '$ a\address 192.168.1.10' /etc/network/interfaces sudo sed -i '$ a\netmask 255.255.255.0' /etc/network/interfaces sudo sed -i '$ a\network 192.168.1.0' /etc/network/interfaces sudo sed -i '$ a\broadcast 192.168.1.255' /etc/network/interfaces sudo sed -i '$ a\gateway 192.168.1.1' /etc/network/interfaces # sudo sed -i '$ a\dns-nameservers 192.168.1.10 192.168.1.11 8.8.8.8 8.8.4.4' /etc/network/interfaces sudo sed -i '$ a\dns-search cloudconsult.local' /etc/network/interfaces sudo sed -i '$ a\dns-domain cloudconsult.local' /etc/network/interfaces # # restart network sudo service networking restart # cd /etc/bind/ # sudo rm named.conf.options # sudo wget -c https://dl.dropboxusercontent.com/u/36257811/bind9/named.conf.options sudo rm named.conf.local sudo wget -c https://dl.dropboxusercontent.com/u/36257811/bind9/named.conf.local sudo wget -c https://dl.dropboxusercontent.com/u/36257811/bind9/db.cloudconsult.local sudo wget -c https://dl.dropboxusercontent.com/u/36257811/bind9/db.192 sudo service bind9 restart sudo ufw enable sudo ufw allow OpenSSH sudo ufw allow Bind9
Auto DNS Install and configure on Ubuntu
DNS Auto Install Script
#!/bin/bash # # Before echo Before > quertytime.txt dig distrowatch.com | grep 'Query time' >> quertytime.txt # sudo apt-get install bind9 dnsutils bind9-doc -y # sudo xxx /etc/bind/named.conf.options forwarders { 8.8.8.8; 8.8.4.4; }; # sudo xxx /etc/bind/named.conf.local zone "linux.rocks" { type master; file "/etc/bind/db.linux.rocks"; }; zone "96.168.192.in-addr.arpa" { type master; notify no; file "/etc/bind/db.192"; }; # sudo cp /etc/bind/db.local /etc/bind/db.linux.rocks sudo xxx /etc/bind/db.linux.rocks zie 192.168.1.4 # sudo cp /etc/bind/db.127 /etc/bind/db.192 sudo xxx /etc/bind/db.192 # sudo /etc/init.d/bind9 start # ping a-host-in-netwerk -c 4 > test.txt # # # After echo After >> quertytime.txt dig distrowatch.com | grep 'Query time' >> quertytime.txt
Subscribe to:
Posts (Atom)
Mikrotik Malicious Spam IP Blacklist – Firewall Auto Update Script
We have published a malicious ip blacklist for free! Combined dshield and spamhaus malicious blacklists formatted for Mikrotik RouterOS .r...
-
We have published a malicious ip blacklist for free! Combined dshield and spamhaus malicious blacklists formatted for Mikrotik RouterOS .r... -
# The following creates a PPTP and L2TP VPN server on the MikroTik: # !!! YOU MUST UPDATE DNS IN /PPP PROFILE TO THE CUSTOMERS ISP DNS ...
-
Block torrents with mikrotik / ip firewall layer7 - protocol add comment = "Block Bit Torrent" name = layer7 - bittorrent - ex...