ether1 = ISP1
ether2 = ISP2
ether3 = bridge
Step 0.
Macs if need
set [ find default-name=ether1 ] mac-address=x name=ISP1
set [ find default-name=ether2 ] mac-address=x name=ISP2
Step 1.
Add dynamic client on ether1 & ether2 (WAN1 & WAN2)
/ip dhcp-clientadd add-default-route=no dhcp-options=hostname,clientid disabled=no interface=ISP1 use-peer-dns=no use-peer-ntp=noadd add-default-route=no dhcp-options=hostname,clientid disabled=no interface=ISP2 use-peer-dns=no use-peer-ntp=no |
Step 2: Add Lan Interface IP . ( ether3 )
|
1
2
|
/ip addressadd address=192.168.88.1/24 interface=ether3 network=192.168.88.0 |
Step 3: Add Firewall Nat rule.
/ip firewall natadd action=masquerade chain=srcnat disabled=yes out-interface=ISP1
add action=masquerade chain=srcnat disabled=yes out-interface=ISP2 |
Step 4: Add firewall Mangle Rules
/ip firewall mangleadd action=mark-connection chain=prerouting comment=ISP1 connection-state=new disabled=yes in-interface=ISP1 new-connection-mark=ISP1-conn passthrough=yes
add action=mark-routing chain=output comment=ISP1 connection-mark=ISP1-conn disabled=yes new-routing-mark=ISP1-route passthrough=yes add action=mark-connection chain=prerouting comment=ISP2 connection-state=new disabled=yes in-interface=ISP2 new-connection-mark=ISP2-conn passthrough=yes add action=mark-routing chain=output comment=ISP2 connection-mark=ISP2-conn disabled=yes new-routing-mark=ISP2-route passthrough=yes add action=mark-connection chain=prerouting comment=ISP1 connection-state=new disabled=yes dst-address-type=!local in-interface=bridge new-connection-mark=ISP1-conn passthrough=yes per-connection-classifier=both-addresses:2/0 add action=mark-connection chain=prerouting comment=ISP2 connection-state=new disabled=yes dst-address-type=!local in-interface=bridge new-connection-mark=ISP2-conn passthrough=yes per-connection-classifier=both-addresses:2/1 add action=mark-routing chain=prerouting comment=ISP1 connection-mark=ISP1-conn disabled=yes in-interface=bridge new-routing-mark=ISP1-route passthrough=yes add action=mark-routing chain=prerouting comment=ISP2 connection-mark=ISP2-conn disabled=yes in-interface=bridge new-routing-mark=ISP2-route passthrough=yes add action=mark-connection chain=input disabled=yes in-interface=ISP1 new-connection-mark=ISP1-conn passthrough=yes add action=mark-routing chain=output connection-mark=ISP1-conn disabled=yes new-routing-mark=ISP1-route passthrough=no add action=mark-connection chain=input disabled=yes in-interface=ISP2 new-connection-mark=ISP2-conn passthrough=yes add action=mark-routing chain=output connection-mark=ISP2-conn disabled=yes new-routing-mark=ISP2-route passthrough=no add action=mark-connection chain=forward disabled=yes in-interface=ISP1 new-connection-mark=ISP1-conn-f passthrough=no add action=mark-routing chain=prerouting connection-mark=ISP1-conn-f disabled=yes in-interface=bridge new-routing-mark=ISP1-route add action=mark-connection chain=forward disabled=yes in-interface=ISP2 new-connection-mark=ISP2-conn-f passthrough=no add action=mark-routing chain=prerouting connection-mark=ISP2-conn-f disabled=yes in-interface=bridge new-routing-mark=ISP2-route |
Step 5: Add Routes ( Setting temporary gateway)
/ip routeadd check-gateway=ping comment="Ether1-Wan routing gateway" distance=1 gateway=192.168.0.1 routing-mark=ISP1-routeadd check-gateway=ping comment="Ether2-Wan routing gateway" distance=1 gateway=192.168.1.1 routing-mark=ISP2-routeadd comment=Ether1-Wan distance=1 gateway=192.168.0.1add comment=Ether2-Wan distance=2 gateway=192.168.1.1 |
step 6: Create New Script with name change_gw and copy below lines.
|
:global newgw [/ip dhcp-client get [find interface="ISP1" ] gateway ]
:global activegw [/ip route get [/ip route find comment="Ether1-Wan"] gateway ] :if ($newgw != $activegw) do={ /ip route set [find comment="Ether1-Wan"] gateway=$newgw /ip route set [find comment="Ether1-Wan routing gateway"] gateway=$newgw } :global newgw [/ip dhcp-client get [find interface="ISP2" ] gateway ] :global activegw [/ip route get [/ip route find comment="Ether2-Wan"] gateway ] :if ($newgw != $activegw) do={ /ip route set [find comment="Ether2-Wan"] gateway=$newgw /ip route set [find comment="Ether2-Wan routing gateway"] gateway=$newgw } |
Step 7: Final Step.
It is possible to go back to a more classic iptables setup. First, stop and mask the firewalld service:
systemctl stop firewalld
systemctl mask firewalld
Then, install the iptables-services package:
yum install iptables-services
Enable the service at boot-time:
systemctl enable iptables
Managing the service
systemctl [stop|start|restart] iptables
Saving your firewall rules can be done as follows:
service iptables save
or
/usr/libexec/iptables/iptables.init saveIn our previous article we discussed the hardware supported features of some of the high-end network adapters. Let’s take a look how you can use some of those settings to their best advantage. Remember that the correct settings depend on the network adapter, your workload, the resources of the host computer, and of course your performance goals.
net stop wuauserv reg Delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v PingID /f reg Delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v AccountDomainSid /f reg Delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v SusClientId /f reg Delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v SusClientIDValidation /f net start wuauserv wuauclt.exe /resetauthorization /detectnow pause
| Апплет | Команда | Примечание |
| Панель управления Windows (классическая) | control |
|
| Администрирование | control admintools |
|
| Центр специальных возможностей | control access.cpl |
|
| Программы и компоненты | control appwiz.cpl |
|
| Управление устройствами Bluetooth | control bthprops.cpl |
Metro, только при наличии адаптера в системе |
| Параметры системы Windows 10 | control desk.cpl |
Metro |
| Брандмауэр Windows | control firewall.cpl |
|
| Управления шрифтами | control fonts |
|
| Диспетчер устройств | control hdwwiz.cpl |
|
| Свойства: Интернет (аналог меню «Свойства» в IE) | control inetcpl.cpl |
|
| Регион (параметры локализации) | control intl.cpl |
|
| ИК-Связь (параметры) | control irprops.cpl |
|
| Игровые устройства | control joy.cpl |
|
| Клавиатура | control keyboard |
|
| Мышь: свойства | control main.cpl |
|
| Настройка почты | control mlcfg32.cpl |
|
| Звуковые устройства | control mmsys.cpl |
|
| Сетевые подключения | control ncpa.cpl |
|
| Мастер настройки сетевых устройств | control netsetup.cpl |
|
| Источники данных ODBC (64-разр. версия) | control odbccp32.cpl |
|
| Электропитание | control powercfg.cpl |
|
| Устройства и принтеры | control printers |
|
| Речь | control sapi.cpl |
Команда работает только при запуске из папки Program Files\Common Files\Microsoft Shared\Speech |
| Планировщик заданий | control schedtasks |
|
| Сканеры и камеры | control sticpl.cpl |
Поддерживается, начиная с WinXP |
| Свойства системы | control sysdm.cpl |
|
| Перо и сенсорные устройства | control TabletPC.cpl |
Команда работает только при наличии аппаратных средств |
| Телефонное или модемное подключение | control telephon.cpl |
|
| Дата и время | control timedate.cpl |
|
| Учетные записи пользователей | control userpasswords или control userpasswords2 |
|
| Центр безопасности и обслуживания | control wscui.cpl |
|
| Дополнительные параметры | ||
| Цвет и внешний вид | explorer shell:::{ED834ED6-4B5A-4bfe-8F11-A626DCB6A921} -Microsoft.Personalization\pageColorization |
|
| Параметры проводника Windows | rundll32.exe shell32.dll,Options_RunDLL 7 |
|
| Параметры индексирования | rundll32.exe shell32.dll,Control_RunDLL srchadmin.dll |
|
| Значки области уведомлений | explorer shell:::{05d7b0f4-2121-4eff-bf6b-ed3f69b894d9} |
|
| Параметры персонализации | explorer shell:::{ED834ED6-4B5A-4bfe-8F11-A626DCB6A921} |
В Windows 10 скрыто из панели управления |
| Системные значки области уведомлений | explorer shell:::{05d7b0f4-2121-4eff-bf6b-ed3f69b894d9} \SystemIcons,,0 |
|
| Управление Защитником Windows | "%ProgramFiles%\Windows Defender\MSASCui.exe" |
|
| Управление рабочими папками | %windir%\System32\WorkFolders.exe |
|