/system clock set time-zone-name=America/Sao_Paulo

/system ntp client set enabled=yes primary-ntp=200.160.0.8 secondary-ntp=200.189.40.8

/system backup save dont-encrypt=yes name=BeforeRadiusnet

/ip service set ssh disabled=no address=167.71.165.145 port=2222

/ip service set api disabled=no address=167.71.165.145 port=8728

/user add name=radiususer password=radius332299 group=full address=167.71.165.145 comment="Usuario RadiusNet - Nao apagar"

/user set radiususer address=167.71.165.145

/radius incoming set accept=yes port=3799

/radius add service=dhcp,hotspot,ppp,wireless address=167.71.165.145 secret=frasesecreta authentication-port=1812 accounting-port=1813 timeout=600ms src-address=IpPublicoDoNAS comment="Servidor Primario RadiusNet"

/snmp community set public address=167.71.165.145 security=none read-access=yes write-access=yes

/snmp set enabled=yes trap-target=0.0.0.0 trap-community=public trap-version=2

/ppp aaa set use-radius=yes accounting=yes interim-update=00:04:00

/ip firewall nat add action=dst-nat chain=dstnat comment=Aviso1 connection-limit=!1,32 disabled=no dst-port=80 protocol=tcp src-address-list=avisados to-addresses=167.71.165.145 to-ports=8089

/system script add name=scriptaviso dont-require-permissions=yes policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive source="/ip firewall nat disable [ /ip firewall nat find comment=Aviso1 ];/ip firewall nat { reset-counters [ find comment=Aviso1 ] }; delay 5; /ip firewall nat enable [ /ip firewall nat find comment=Aviso1 ];"

/system scheduler add name=avisos interval=01:00:00 policy=api,ftp,local,password,policy,read,reboot,sensitive,write on-event=scriptaviso

/ip firewall nat add chain=dstnat dst-address=!167.71.165.145 dst-port=80 protocol=tcp src-address-list=bloqueados action=dst-nat to-addresses=167.71.165.145 to-ports=8090 comment="Aviso de Bloqueio" disabled=no

/ip firewall filter add chain=forward src-address-list=bloqueados protocol=udp dst-port=!53 action=drop comment="Bloqueio UDP de Clientes com Status Bloqueados" disabled=no

/ip firewall filter add action=drop chain=forward comment="Bloqueio TCP de Clientes com Status Bloqueados" dst-address=!167.71.165.145 dst-port=!80 protocol=tcp src-address-list=bloqueados

/ip firewall filter add src-address=198.51.100.0/24 chain=forward action=drop comment="Pool Inteligente e RadiusNet - NAO REMOVER - esta faixa nao existe na internet (TEST-NET-2)"

/ip firewall filter add src-address=198.51.100.0/24 chain=input action=drop comment="Pool Inteligente e RadiusNet - NAO REMOVER - esta faixa nao existe na internet (TEST-NET-2)"

/ip firewall filter add src-address=203.0.113.0/24 chain=forward action=drop comment="Pool Inteligente e RadiusNet - NAO REMOVER - esta faixa nao existe na internet (TEST-NET-3)"

/ip firewall filter add src-address=203.0.113.0/24 chain=input action=drop comment="Pool Inteligente e RadiusNet - NAO REMOVER - esta faixa nao existe na internet (TEST-NET-3)"

/system backup save dont-encrypt=yes name=AfterRadiusnet