# node.rsc: Generated automatically from http://oregonhamwan.org/node.rsc?& on Fri 03-29-2024 03:47:44 # # This script can be generated from the Mikrotik command line using a command of the following format: # /tool fetch url="http://www.oregonhamwan.org/node.rsc" mode=http http-method=post http-data="KZ7ZZZ-01&lat=45.523064&lon=-122.676483" # # This script can be executed using either of the following two commands: # /import verbose=yes file=node.rsc # /system reset-configuration no-defaults=yes run-after-reset=node.rsc # # Wait for all interfaces to be ready. # :delay 15s # # Set the IP Address and define a default route and a DNS server to enable SSH keys to be retrieved. # /ip address remove [find interface=ether1] /ip address add interface ether1 address 192.168.88.1 netmask 255.255.255.0 /ip route add dst 0.0.0.0/0 gateway 192.168.88.100 /ip dns set servers 8.8.8.8 # # Remove the default route and DNS servers established earlier in this script. Internet is not required for the remainder of the script. # /ip route remove [find where dst-address=0.0.0.0/0] /ip dns set servers="" # # Enable Ethernet boot in case you ever need to reinstall the router with NetInstall. # /system routerboard settings set boot-device=try-ethernet-once-then-nand # # Remote Logging. # /system logging action set 3 bsd-syslog=no name=remote remote=44.24.244.8 remote-port=514 src-address=0.0.0.0 syslog-facility=daemon syslog-severity=auto target=remote /system logging add action=remote disabled=no prefix="" topics=info /system logging add action=remote disabled=no prefix="" topics=warning /system logging add action=remote disabled=no prefix="" topics=error # # SNMP Monitoring. Allow SNMP read access on both the WAN (44.24.240.0/20) and the LAN (192.168.0.0/16) interfaces. # /snmp set enabled=yes contact="#HamWAN-Support on irc.freenode.org" /snmp community set name=hamwan addresses=44.24.240.0/20,192.168.0.0/16 read-access=yes write-access=no numbers=0 # # Use HamWAN's Anycast NTP Servers. # /system ntp client set enabled=yes primary-ntp=44.24.244.4 secondary-ntp=44.24.245.4 # # Clear firewall filter rules # /ip firewall filter remove [find dynamic=no] # # Set the HamWAN Maximum Transmission Unit (MTU) policy. # /ip firewall mangle add action=change-mss chain=output new-mss=1378 protocol=tcp tcp-flags=syn tcp-mss=!0-1378 /ip firewall mangle add action=change-mss chain=forward new-mss=1378 protocol=tcp tcp-flags=syn tcp-mss=!0-1378 # # Remove local DHCP server. # /ip dhcp-server remove [find] /ip dhcp-server network remove [find] # # Remove IP address from wireless interface. # /ip address remove [find interface~"^wlan1"] # # Disable DNS service. # /ip dns set allow-remote-requests=no # # Add HamWAN sector channels. # /interface wireless channels add band=5ghz-onlyn comment="Cell sites radiate this at 0 degrees (north)" frequency=5920 list=HamWAN name=Sector1-5 width=5 /interface wireless channels add band=5ghz-onlyn comment="Cell sites radiate this at 120 degrees (south-east)" frequency=5900 list=HamWAN name=Sector2-5 width=5 /interface wireless channels add band=5ghz-onlyn comment="Cell sites radiate this at 240 degrees (south-west)" frequency=5880 list=HamWAN name=Sector3-5 width=5 /interface wireless channels add band=5ghz-onlyn comment="Cell sites radiate this at 0 degrees (north)" frequency=5920 list=HamWAN name=Sector1-10 width=10 /interface wireless channels add band=5ghz-onlyn comment="Cell sites radiate this at 120 degrees (south-east)" frequency=5900 list=HamWAN name=Sector2-10 width=10 /interface wireless channels add band=5ghz-onlyn comment="Cell sites radiate this at 240 degrees (south-west)" frequency=5880 list=HamWAN name=Sector3-10 width=10 # # Configure the wireless card to use HamWAN. # /interface wireless set 0 disabled=no frequency-mode=superchannel band=5ghz-onlyn mode=station scan-list="HamWAN" ssid=HamWAN wireless-protocol=nv2 # # Tell your modem to pull DHCP, including default gateway, from HamWAN. # /ip dhcp-client add add-default-route=yes dhcp-options=hostname,clientid disabled=no interface=wlan1 # ### The following is customized for each Node: # # Configure System Identity and Wireless Radio Name with your Callsign and Unique Identifier. # ### /system identity set name=$callsign ### /interface wireless set 0 radio-name="$callsign" # # Configure your GPS Location. # ### /snmp set location=$latitude,$longitude # # Create a self-signed certificate and enable SSL # ### /certificate add name=root-cert common-name=$callsign days-valid=36525 key-usage=key-cert-sign,crl-sign ### /certificate sign root-cert # $callsign ### /certificate add name=https-cert common-name=$callsign days-valid=36525 ### /certificate sign ca=root-cert https-cert # $callsign ### /ip service set www-ssl certificate=https-cert disabled=no # $callsign ### /ip service disable telnet,ftp,www,api,api-ssl # $callsign