Mikrotik Dual Wan

# NAT -----------------
# Enmascarar cualquier tráfico saliente por las interfaces wan:
# ether1 = canal_primario
# ether2 = canal_secundario
# ether3 = canal_terciario


ip firewall nat add chain=src-nat out-interface=ether1 action masquerade
ip firewall nat add chain=src-nat out-interface=ether2 action masquerade
ip firewall nat add chain=src-nat out-interface=ether3 action masquerade

# MANGLE -------------

# Marco el tráfico entrante de la red lan 10.2.59.0/24 para utilizar el canal primario

ip firewall mangle add src-address=10.2.59.0/24 action=mark-routing new-routing-mark=canal_primario chain=prerouting

# Marco el tráfico entrante de la red lan 10.2.60.0/24 utilizar el canal secundario

ip firewall mangle add src-address=10.2.60.0/24 action=mark-routing new-routing-mark=canal_secundario chain=prerouting

# Marco el tráfico entrante de la red lan 10.2.61.0/24 para utilizar el canal terciario

ip firewall mangle add src-address=10.2.61.0/24 action=mark-routing new-routing-mark=canal_terciario chain=prerouting

# Marco el tráfico saliente del router Mktik hacia los proveedores de servicio (en este caso 3 wans)

ip firewall mangle add src-address=192.168.56.2 action=mark-routing new-routing-mark=canal_primario chain=output
ip firewall mangle add src-address=192.168.57.2 action=mark-routing new-routing-mark=canal_secundario chain=output
ip firewall mangle add src-address=192.168.58.2 action=mark-routing new-routing-mark=canal_terciario chain=output


# ROUTE ----------------
# Estas son las reglas de enrutamiento basadas en marcas

ip route add gateway=192.168.56.1 routing-mark=canal_primario
ip route add gateway=192.168.57.1 routing-mark=canal_secundario
ip route add gateway=192.168.58.1 routing-mark=canal_terciario
ip route rule add dst-address=0.0.0.0/0 routing-mark=canal_primario table=canal_primario action=lookup
ip route rule add dst-address=0.0.0.0/0 routing-mark=canal_secundario table=canal_secundario action=lookup
ip route rule add dst-address=0.0.0.0/0 routing-mark=canal_terciario table=canal_terciario action=lookup
Advertisements

STOP IPTABLES

#!/bin/sh
echo "Stopping firewall and allowing everyone..."
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT

Maillog Enhanced Queries

POSTFIX

E-Mails TO specific address ignoring amavis delivered queue “relay=127.0.0.1”

cat postfix| grep -v Greylisting | grep -i "to=<foo@foo>" | grep -Ev 'relay=dfilt|relay=127.0.0.1' | awk '{print $6}' | grep -v NOQUEUE | sort | uniq | while read L; do echo -e "\n------$L------\n" && grep $L postfix; done > output.txt; COUNT=`cat postfix| grep -v Greylisting | grep -i "to=<foo@foo>" | grep -Ev 'relay=dfilt|relay=127.0.0.1' | awk '{print $6}' | grep -v NOQUEUE | sort | uniq | wc -l` && echo -e "\n\nTOTAL CORREOS = $COUNT\n" >> output.txt

E-Mails FROM specific address ignoring amavis delivered queue “relay=127.0.0.1”

cat postfix| grep -i "from=<foo@foo>" | awk '{print $6}' | grep -v NOQUEUE | sort | uniq > temp.queues ; cat temp.queues | while read L; do grep $L postfix| grep -E 'relay=127.0.0.1|relay=dfilt' | awk '{print $6}' ; done > temp.queues.2 ; diff temp.queues temp.queues.2 | grep "<" | awk '{print $2}' | while read Z; do echo -e "\n-----$Z-----\n" && grep $Z postfix; done > output.txt; COUNT=`diff temp.queues temp.queues.2 | grep "<" | wc -l` && echo -e "\n\nTOTAL CORREOS = $COUNT\n" >> output.txt; rm temp.queues* -rf

Calculate navigation size SQUID logs

IP’s used by administrator user

user = administrator

(xzcat *access*.xz; zcat *access*.gz) | grep administrator | awk '{if(data[$3]==0)ips[++cnt]=$3; data[$3]+=$5}END{for(i=1;i<=cnt;i++){print ips[i]" "data[ips[i]]/1048576}}'

IP’s used by impresora user without DENY

(xzcat *access*.xz; zcat *access*.gz) | grep -v TCP_DENIED | awk '$8 ~ /impresora/ {if(data[$3]==0)ips[++cnt]=$3; data[$3]+=$5}END{for(i=1;i<=cnt;i++){print ips[i]" "data[ips[i]]/1048576}}'