# model: CCR1009-7G-1C-1S+ # serial-number: E3220D05745C # firmware-type: tilegx # current-firmware: 7.20 # installed-version: 7.20 # # software id = 5HXB-MCAB # # model = CCR1009-7G-1C-1S+ # serial number = E3220D05745C /interface bridge add name=loopback port-cost-mode=short protocol-mode=none /interface ethernet set [ find default-name=combo1 ] combo-mode=copper set [ find default-name=ether5 ] name=ether5-CellularBackup set [ find default-name=ether6 ] name=ether6-Lodge-3011-Uplink set [ find default-name=sfp-sfpplus1 ] comment="Switch Uplink" /interface l2tp-client add connect-to=103.230.157.31 ipsec-secret=lkdh36aA name=l2tp-out-valve password=zl3bfkmafrv use-ipsec=yes user=aviva /interface vlan add comment="management for olt" interface=sfp-sfpplus1 name=sfp-sfpplus1.98 vlan-id=98 add comment="PPPoE for Site offices" interface=sfp-sfpplus1 name=sfp-sfpplus1.101 vlan-id=101 add comment="PPPoE for Site offices" interface=sfp-sfpplus1 name=sfp-sfpplus1.102 vlan-id=102 add comment=CCTV interface=sfp-sfpplus1 name=sfp-sfpplus1.400 vlan-id=400 add comment="Cust: AvivaOfficer [1000Mbit]" interface=sfp-sfpplus1 name=sfp-sfpplus1.3809 vlan-id=3809 add comment=management interface=sfp-sfpplus1.3809 name=sfp-sfpplus1.3809.99 vlan-id=99 add comment="Local PPPoE customers" interface=sfp-sfpplus1.3809 name=sfp-sfpplus1.3809.111 vlan-id=111 add comment=Voice interface=sfp-sfpplus1.3809 name=sfp-sfpplus1.3809.200 vlan-id=200 add comment=Ubis interface=sfp-sfpplus1.3809 name=sfp-sfpplus1.3809.201 vlan-id=201 add comment="Community Wifi" interface=sfp-sfpplus1.3809 name=sfp-sfpplus1.3809.202 vlan-id=202 add comment="AP Management" interface=sfp-sfpplus1.3809 name=sfp-sfpplus1.3809.203 vlan-id=203 add comment=Internet disabled=yes interface=sfp-sfpplus1.3809 name=sfp-sfpplus1.3809.1000 vlan-id=1000 /interface list add name=no-neighbor-discovery-interface-list /interface lte apn set [ find default=yes ] ip-type=ipv4 use-network-apn=no /interface wireless security-profiles set [ find default=yes ] supplicant-identity=MikroTik /ip pool add name=dhcp_pool1 ranges=192.168.10.1-192.168.10.253 add name=dhcp_pool2 ranges=192.168.20.1-192.168.20.253 add name=dhcp_pool3 ranges=192.168.30.1-192.168.30.253 add name=dhcp_pool5 ranges=192.168.99.1-192.168.99.200 add name=CGNAT2 ranges=100.64.2.1-100.64.2.60 add name=dhcp_pool7 ranges=10.99.0.100-10.99.0.220 add name=dhcp_pool8 ranges=10.200.0.1-10.200.0.253 add name=dhcp_pool9 ranges=10.11.103.1-10.11.103.253 add name=dhcp_pool10 ranges=192.168.90.20-192.168.90.200 add name=dhcp_pool11 ranges=192.168.202.11-192.168.202.249 add name=dhcp_pool12 ranges=192.168.203.2-192.168.203.254 add name=dhcp_pool13 ranges=192.168.201.11-192.168.201.199 add name=dhcp_pool14 ranges=192.168.90.2-192.168.90.254 add name=dhcp_pool15 ranges=192.168.240.2-192.168.240.254 /ip dhcp-server add address-pool=dhcp_pool7 interface=sfp-sfpplus1.3809.99 lease-time=10m name=Management add address-pool=dhcp_pool8 interface=sfp-sfpplus1.3809.200 lease-time=10m name=Voice add address-pool=dhcp_pool9 interface=sfp-sfpplus1 lease-time=10m name=dhcp3 add address-pool=dhcp_pool11 interface=sfp-sfpplus1.3809.202 lease-time=10m name=CommunityWiFi add address-pool=dhcp_pool12 interface=sfp-sfpplus1.3809.203 lease-time=10m name=AP-Management add address-pool=dhcp_pool13 interface=sfp-sfpplus1.3809.201 lease-time=1h name=Ubis add address-pool=dhcp_pool14 interface=sfp-sfpplus1.102 lease-time=10m name=dhcp4 add address-pool=dhcp_pool15 interface=sfp-sfpplus1.400 lease-time=10m name=dhcp1 /ip pool add name=CGNAT1 next-pool=CGNAT2 ranges=100.64.1.1-100.64.1.60 add name=CGNAT0 next-pool=CGNAT1 ranges=100.64.0.1-100.64.0.60 /ip smb users set [ find default=yes ] disabled=yes /port set 0 baud-rate=9600 name=serial0 set 1 name=serial1 set 2 baud-rate=9600 /ppp profile add dns-server=8.8.8.8,8.8.4.4 local-address=172.30.0.1 name=PPPoE rate-limit=100M/100M remote-address=CGNAT0 add dns-server=8.8.8.8,8.8.4.4 local-address=dhcp_pool7 name=pptp remote-address=dhcp_pool7 add local-address=192.168.255.3 name=l2tp add change-tcp-mss=yes name=OVPN-SmartOLT only-one=yes use-encryption=required use-mpls=no /interface ovpn-client add certificate=SmartOLT-Client-AvivaOfficer cipher=aes256-cbc connect-to=corefibre.smartolt.com mac-address=FE:43:BF:E7:49:2F name=SmartOLT-VPN password=EG1h5qwmc0vA port=12220 profile=OVPN-SmartOLT user=AvivaOfficer@corefibre.smartolt.com verify-server-certificate=yes /routing bgp template set default as=65530 disabled=no output.network=bgp-networks /routing ospf instance add disabled=no in-filter-chain=ospf-in name=default-v2 out-filter-chain=ospf-out redistribute=connected router-id=10.255.255.66 /routing ospf area add disabled=no instance=default-v2 name=backbone-v2 /routing table add fib name=Via-4G add fib name=VIA-VALVE-VPN /snmp community set [ find default=yes ] disabled=yes add addresses=::/0 name=valve add addresses=::/0 name=CFNCOM /system logging action add name=valve target=memory /ip firewall connection tracking set udp-timeout=10s /ip neighbor discovery-settings set discover-interface-list=!no-neighbor-discovery-interface-list /ip settings set max-neighbor-entries=8192 /ipv6 settings set disable-ipv6=yes max-neighbor-entries=8192 soft-max-neighbor-entries=8191 /interface l2tp-server server set default-profile=l2tp enabled=yes ipsec-secret=TrueTelco1#42 one-session-per-host=yes use-ipsec=required /interface list member add interface=*F list=no-neighbor-discovery-interface-list /interface ovpn-server server add auth=sha1,md5 mac-address=FE:94:9E:28:DE:DC name=ovpn-server1 /interface pppoe-server server add authentication=pap,chap default-profile=PPPoE disabled=no interface=sfp-sfpplus1.101 max-mru=1500 max-mtu=1500 service-name=PPPoE-Lodge_PPPoE add authentication=pap,chap default-profile=PPPoE disabled=no interface=sfp-sfpplus1.3809.111 max-mru=1492 max-mtu=1492 pado-delay=500 service-name=Aviva-PPPoE /interface pptp-server server # PPTP connections are considered unsafe, it is suggested to use a more modern VPN protocol instead set default-profile=pptp /ip address add address=10.11.104.254/24 comment="OLT management interface" interface=sfp-sfpplus1.98 network=10.11.104.0 add address=10.99.0.254/24 comment="GPON Management VLAN" interface=sfp-sfpplus1.3809.99 network=10.99.0.0 add address=10.200.0.254/24 comment="GPON Voice VLAN" interface=sfp-sfpplus1.3809.200 network=10.200.0.0 add address=103.96.4.68 comment="secondary ip" interface=loopback network=103.96.4.68 add address=10.210.200.2/30 interface=sfp-sfpplus1.3809 network=10.210.200.0 add address=10.255.255.66 interface=loopback network=10.255.255.66 add address=103.96.4.65 comment="primary ip" interface=loopback network=103.96.4.65 add address=192.168.90.1/24 interface=sfp-sfpplus1.102 network=192.168.90.0 add address=10.11.103.254/24 comment="OLT management interface" interface=sfp-sfpplus1 network=10.11.103.0 add address=192.168.202.1/24 comment="Community WiFi" interface=sfp-sfpplus1.3809.202 network=192.168.202.0 add address=192.168.203.1/24 comment="AP Management" interface=sfp-sfpplus1.3809.203 network=192.168.203.0 add address=192.168.201.1/24 comment=Ubis interface=sfp-sfpplus1.3809.201 network=192.168.201.0 add address=192.168.8.254/24 comment=Ubis interface=sfp-sfpplus1.3809.201 network=192.168.8.0 add address=192.168.99.254/24 comment="GPON Management VLAN" interface=sfp-sfpplus1.3809.99 network=192.168.99.0 add address=192.168.88.1/24 disabled=yes interface=ether3 network=192.168.88.0 add address=192.168.88.254/24 interface=sfp-sfpplus1.101 network=192.168.88.0 add address=192.168.240.1/24 interface=sfp-sfpplus1.400 network=192.168.240.0 /ip dhcp-client # Interface not active add interface=ether5-CellularBackup /ip dhcp-server lease add address=10.11.103.253 client-id=1:dc:2c:6e:86:f6:e0 mac-address=DC:2C:6E:86:F6:E0 server=dhcp3 add address=10.200.0.249 client-id=1:28:41:c6:8f:3c:a7 mac-address=28:41:C6:8F:3C:A7 server=Voice add address=10.200.0.245 client-id=1:b4:6e:8:31:1c:c2 mac-address=B4:6E:08:31:1C:C2 server=Voice add address=10.200.0.253 client-id=1:b4:6e:8:ac:47:35 mac-address=B4:6E:08:AC:47:35 server=Voice add address=10.200.0.251 client-id=1:10:c3:ab:da:74:3d mac-address=10:C3:AB:DA:74:3D server=Voice add address=192.168.203.242 client-id=1:68:d7:9a:2:ab:5f mac-address=68:D7:9A:02:AB:5F server=AP-Management add address=192.168.202.247 client-id=1:b8:e3:b1:44:88:c mac-address=B8:E3:B1:44:88:0C server=CommunityWiFi add address=192.168.203.228 client-id=1:b4:fb:e4:f3:4b:4f mac-address=B4:FB:E4:F3:4B:4F server=AP-Management add address=192.168.201.51 mac-address=00:9D:6B:76:DE:76 server=Ubis add address=192.168.201.56 mac-address=00:9D:6B:73:81:61 server=Ubis add address=10.99.0.148 client-id=1:78:17:be:d1:c1:44 mac-address=78:17:BE:D1:C1:44 server=Management add address=10.99.0.158 client-id=1:28:41:c6:c8:54:86 mac-address=28:41:C6:C8:54:86 server=Management add address=10.99.0.154 client-id=1:cc:64:a6:21:f2:4b mac-address=CC:64:A6:21:F2:4B server=Management add address=10.99.0.164 client-id=1:28:de:e5:d:68:43 mac-address=28:DE:E5:0D:68:43 server=Management add address=10.99.0.187 client-id=1:5c:e8:83:17:f9:44 mac-address=5C:E8:83:17:F9:44 server=Management add address=10.99.0.193 client-id=1:28:11:ec:65:c4:da mac-address=28:11:EC:65:C4:DA server=Management add address=192.168.201.64 mac-address=CC:C0:79:C3:C4:A1 server=Ubis add address=192.168.201.28 mac-address=CC:C0:79:C5:17:5F server=Ubis add address=10.99.0.145 client-id=1:cc:64:a6:20:82:bb mac-address=CC:64:A6:20:82:BB server=Management add address=192.168.201.12 mac-address=CC:C0:79:C4:7B:64 server=Ubis add address=192.168.201.26 mac-address=CC:C0:79:C4:08:64 server=Ubis add address=192.168.201.67 mac-address=00:9D:6B:75:0C:D8 server=Ubis add address=192.168.201.36 mac-address=CC:C0:79:C5:FA:31 server=Ubis add address=192.168.201.42 mac-address=CC:C0:79:C4:94:18 server=Ubis add address=192.168.201.34 mac-address=CC:C0:79:C2:FA:8D server=Ubis add address=192.168.201.62 mac-address=CC:C0:79:C4:9B:C9 server=Ubis add address=192.168.201.72 mac-address=CC:C0:79:C2:42:5F server=Ubis add address=192.168.201.29 mac-address=CC:C0:79:C2:68:87 server=Ubis add address=192.168.201.13 mac-address=CC:C0:79:C7:DC:3F server=Ubis add address=192.168.201.23 mac-address=CC:C0:79:C6:A5:EA server=Ubis add address=192.168.201.57 mac-address=CC:C0:79:C5:90:DB server=Ubis add address=192.168.201.49 mac-address=CC:C0:79:C7:84:90 server=Ubis add address=192.168.201.15 mac-address=CC:C0:79:C2:76:29 server=Ubis add address=192.168.90.200 client-id=1:60:19:29:11:20:a9 mac-address=60:19:29:11:20:A9 server=dhcp4 add address=192.168.201.39 mac-address=CC:C0:79:C8:8E:18 server=Ubis add address=10.99.0.168 client-id=1:ac:b3:b5:28:d6:c1 mac-address=AC:B3:B5:28:D6:C1 server=Management add address=192.168.201.70 mac-address=CC:C0:79:C5:FB:CC server=Ubis add address=192.168.201.16 mac-address=00:9D:6B:76:EA:99 server=Ubis add address=10.200.0.246 client-id=1:b4:6e:8:31:60:3a mac-address=B4:6E:08:31:60:3A server=Voice add address=10.99.0.159 client-id=1:7c:d9:a0:d6:56:56 mac-address=7C:D9:A0:D6:56:56 server=Management add address=192.168.201.21 mac-address=00:9D:6B:77:73:77 server=Ubis add address=192.168.203.226 client-id=1:68:d7:9a:2:b5:25 mac-address=68:D7:9A:02:B5:25 server=AP-Management add address=192.168.201.45 mac-address=00:9D:6B:72:8D:52 server=Ubis add address=192.168.201.48 mac-address=00:9D:6B:74:84:AD server=Ubis add address=192.168.201.68 mac-address=CC:C0:79:C6:B8:60 server=Ubis add address=192.168.201.60 mac-address=00:9D:6B:78:5A:87 server=Ubis add address=192.168.201.65 mac-address=00:9D:6B:76:DB:38 server=Ubis add address=192.168.201.18 mac-address=00:9D:6B:79:71:C5 server=Ubis add address=192.168.201.14 mac-address=CC:C0:79:C6:5C:4F server=Ubis add address=192.168.201.53 mac-address=CC:C0:79:C8:E0:79 server=Ubis add address=10.200.0.247 client-id=1:7c:d9:a0:ac:c1:bc mac-address=7C:D9:A0:AC:C1:BC server=Voice add address=192.168.203.253 client-id=1:68:d7:9a:2:b4:f2 mac-address=68:D7:9A:02:B4:F2 server=AP-Management add address=192.168.201.32 mac-address=CC:C0:79:C7:D2:CA server=Ubis add address=192.168.201.47 mac-address=CC:C0:79:C9:02:F6 server=Ubis add address=192.168.201.43 mac-address=CC:C0:79:C6:C0:FB server=Ubis add address=192.168.201.38 mac-address=00:9D:6B:77:F0:F0 server=Ubis add address=192.168.201.40 mac-address=00:9D:6B:75:59:0B server=Ubis add address=192.168.201.20 mac-address=00:9D:6B:73:1F:E0 server=Ubis add address=192.168.201.41 mac-address=00:9D:6B:76:FF:07 server=Ubis add address=192.168.201.55 mac-address=00:9D:6B:76:18:B5 server=Ubis add address=192.168.201.52 mac-address=00:9D:6B:78:94:46 server=Ubis add address=192.168.201.54 mac-address=CC:C0:79:C2:34:FE server=Ubis add address=192.168.201.46 mac-address=CC:C0:79:C5:DB:67 server=Ubis add address=192.168.201.73 mac-address=CC:C0:79:C9:04:80 server=Ubis add address=192.168.201.27 mac-address=00:9D:6B:72:E3:11 server=Ubis add address=192.168.201.30 mac-address=CC:C0:79:C5:FC:5E server=Ubis add address=192.168.201.31 mac-address=CC:C0:79:C2:DA:C2 server=Ubis add address=192.168.201.22 mac-address=CC:C0:79:C7:74:EB server=Ubis add address=10.200.0.252 client-id=1:b4:6e:8:ae:25:dd mac-address=B4:6E:08:AE:25:DD server=Voice add address=192.168.201.50 mac-address=00:9D:6B:78:DA:2E server=Ubis add address=192.168.201.66 mac-address=CC:C0:79:C7:6C:B8 server=Ubis add address=192.168.201.71 mac-address=CC:C0:79:C6:EC:92 server=Ubis add address=192.168.201.76 mac-address=CC:C0:79:C4:44:86 server=Ubis add address=192.168.201.75 mac-address=CC:C0:79:C7:74:64 server=Ubis add address=192.168.201.19 mac-address=00:9D:6B:76:6E:05 server=Ubis add address=192.168.201.33 mac-address=00:9D:6B:77:44:0C server=Ubis add address=192.168.201.24 mac-address=00:9D:6B:78:20:D2 server=Ubis add address=192.168.203.225 client-id=1:f4:e2:c6:26:56:e7 mac-address=F4:E2:C6:26:56:E7 server=AP-Management add address=192.168.203.224 client-id=1:f4:e2:c6:26:56:1b mac-address=F4:E2:C6:26:56:1B server=AP-Management add address=192.168.203.223 client-id=1:f4:e2:c6:26:64:a6 mac-address=F4:E2:C6:26:64:A6 server=AP-Management add address=192.168.201.25 mac-address=CC:C0:79:C8:D4:41 server=Ubis add address=192.168.201.37 mac-address=00:9D:6B:73:C9:9A server=Ubis add address=192.168.201.74 mac-address=CC:C0:79:C4:4F:34 server=Ubis add address=192.168.201.35 mac-address=CC:C0:79:C2:E2:1D server=Ubis add address=192.168.201.59 mac-address=00:9D:6B:77:27:A4 server=Ubis add address=192.168.203.222 client-id=1:68:d7:9a:2:b4:f0 mac-address=68:D7:9A:02:B4:F0 server=AP-Management add address=192.168.201.58 mac-address=CC:C0:79:C8:DC:04 server=Ubis add address=192.168.201.44 mac-address=CC:C0:79:C2:3A:4D server=Ubis add address=192.168.201.69 mac-address=CC:C0:79:C2:B0:2D server=Ubis /ip dhcp-server network add address=10.11.103.0/24 gateway=10.11.103.254 add address=10.99.0.0/24 dns-server=8.8.8.8,8.8.4.4 gateway=10.99.0.254 add address=10.200.0.0/24 dns-server=8.8.8.8,8.8.4.4 gateway=10.200.0.254 add address=192.168.90.0/24 dns-server=1.1.1.1 gateway=192.168.90.1 add address=192.168.201.0/24 dns-server=1.1.1.1 gateway=192.168.201.1 add address=192.168.202.0/24 dns-server=1.1.1.1 gateway=192.168.202.1 add address=192.168.203.0/24 dns-server=1.1.1.1 gateway=192.168.203.1 add address=192.168.240.0/24 gateway=192.168.240.1 /ip dns set servers=8.8.8.8,8.8.4.4 /ip firewall address-list add address=valve-space-router.qld.valvenetworks.net comment="valve office" list=TrustedIPs add address=valve-koki-router.vic.valvenetworks.net comment="valve office" list=TrustedIPs add address=nms.valvenetworks.net comment=NMS list=TrustedIPs add address=rancid.valvenetworks.net comment=Rancid list=TrustedIPs add address=103.96.4.252 list=TrustedIPs add address=110.175.218.210 comment="CFN NMS IP Address" list=TrustedIPs add address=office.fixtel.com.au comment="True Telco Office Address" list=TrustedIPs add address=office.truetelco.com.au comment="True Telco Office Address" list=TrustedIPs add address=office.corefibre.com.au comment="True Telco Office Address" list=TrustedIPs add address=syd1.smartolt.com list=TrustedIPs add address=119.42.55.226 comment=Zabbix list=TrustedIPs add address=zabbix.corefibre.com.au comment=Zabbix list=TrustedIPs add address=103.67.56.0/23 list=TrustedIPs add address=acl.manisp.au list=TrustedIPs add address=43.224.182.114 comment=Zabbix list=TrustedIPs /ip firewall filter add action=accept chain=input comment="Allow ICMP input" protocol=icmp add action=accept chain=input comment="Allow input from trusted addresses" src-address-list=TrustedIPs add action=drop chain=input comment="Drop external using DNS inbound requests" connection-state=new dst-port=53 in-interface=sfp-sfpplus1.3809 protocol=udp add action=accept chain=input comment="Allow all input from valve office vpn" in-interface=sfp-sfpplus1.101 add action=accept chain=input comment=l2tp dst-port=500,1701,4500 in-interface=sfp-sfpplus1.3809 protocol=udp add action=accept chain=input comment="Allow established & related input" connection-state=established,related in-interface=sfp-sfpplus1.3809 add action=accept chain=input comment="Allow OSPF input" in-interface=sfp-sfpplus1.3809 protocol=ospf src-address=10.210.200.1 add action=drop chain=input comment="Drop all in backhaul" in-interface=sfp-sfpplus1.3809 src-address-list=!TrustedIPs add action=accept chain=forward comment="Allow established & related forwards" connection-state=established,related /ip firewall mangle add action=mark-connection chain=input disabled=yes in-interface=*12 new-connection-mark=Backhaul-Conn add action=mark-connection chain=input in-interface=ether4 new-connection-mark=5G-Conn add action=mark-connection chain=output dst-address=103.96.6.254 dst-port=500 new-connection-mark=ValveOffice protocol=udp add action=mark-connection chain=output dst-address=103.96.6.254 dst-port=1701 new-connection-mark=ValveOffice protocol=udp add action=mark-connection chain=output dst-address=103.96.6.254 dst-port=4500 new-connection-mark=ValveOffice protocol=udp add action=mark-connection chain=output dst-address=103.96.6.254 dst-port=1723 new-connection-mark=ValveOffice protocol=tcp add action=mark-routing chain=output connection-mark=ValveOffice new-routing-mark=Via-4G passthrough=no add action=mark-connection chain=input in-interface=l2tp-out-valve new-connection-mark=IN-VALVE-VPN add action=mark-routing chain=output connection-mark=IN-VALVE-VPN new-routing-mark=VIA-VALVE-VPN /ip firewall nat add action=accept chain=srcnat comment="SmartOLT-VPN traffic excluded from NAT" out-interface=SmartOLT-VPN add action=masquerade chain=srcnat disabled=yes out-interface=ether5-CellularBackup add action=masquerade chain=srcnat comment="NAT to OLT management interface" out-interface=ether1 add action=dst-nat chain=dstnat comment="snmp to olt for management" dst-port=2161 protocol=udp src-address-list=TrustedIPs to-addresses=10.99.0.1 to-ports=161 add action=dst-nat chain=dstnat comment="SNMP Switch" dst-port=163 protocol=udp src-address-list=TrustedIPs to-addresses=10.11.103.253 to-ports=161 add action=dst-nat chain=dstnat comment="SSH Switch" dst-port=2222 protocol=tcp src-address-list=TrustedIPs to-addresses=10.11.103.253 to-ports=22 add action=dst-nat chain=dstnat comment="winbox to switch" dst-port=8292 protocol=tcp src-address-list=TrustedIPs to-addresses=10.11.103.253 to-ports=8291 add action=dst-nat chain=dstnat comment="Truetelco managerment" dst-port=10050 in-interface=sfp-sfpplus1.3809 protocol=tcp src-address-list=TrustedIPs to-addresses=192.168.90.3 add action=dst-nat chain=dstnat comment="Truetelco managerment" dst-port=8443 in-interface=sfp-sfpplus1.3809 protocol=tcp src-address-list=TrustedIPs to-addresses=192.168.90.2 to-ports=443 add action=src-nat chain=srcnat comment="NAT to management network" dst-address=10.99.0.0/24 to-addresses=103.96.4.65 add action=src-nat chain=srcnat comment="Ubis network set public ip for NAT out" src-address=192.168.201.0/24 to-addresses=103.96.4.65 add action=src-nat chain=srcnat comment="WiFi network set public ip for NAT out" src-address=192.168.202.0/24 to-addresses=103.96.4.65 add action=src-nat chain=srcnat comment="CCTV set public ip for NAT out" src-address=192.168.240.0/24 to-addresses=103.96.4.65 add action=src-nat chain=srcnat comment="CFN Management PC set public ip for NAT out" src-address=192.168.90.0/24 to-addresses=103.96.4.65 add action=src-nat chain=srcnat comment="Community network set public ip for NAT out" src-address=192.168.203.0/24 to-addresses=103.96.4.65 add action=src-nat chain=srcnat comment="NAT to Voip network" src-address=10.200.0.0/24 to-addresses=103.96.4.65 add action=masquerade chain=srcnat comment="NAT out temp 5G" out-interface=ether5-CellularBackup add action=jump chain=srcnat comment="CGNAT rules" jump-target=xxx src-address=100.64.0.1-100.64.0.240 add action=src-nat chain=xxx comment="Source Nat for Public IP address 103.96.4.65 ICMP" protocol=icmp src-address=100.64.0.1-100.64.0.120 to-addresses=103.96.4.65 add action=src-nat chain=xxx comment="Source Nat for Public IP address 103.96.4.65 ICMP" protocol=icmp src-address=100.64.0.121-100.64.0.240 to-addresses=103.96.4.68 add action=jump chain=xxx jump-target=xxx-0 src-address=100.64.0.1-100.64.0.120 add action=jump chain=xxx jump-target=xxx-3 src-address=100.64.0.121-100.64.0.240 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.1 to-addresses=103.96.4.65 to-ports=2000-2499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.1 to-addresses=103.96.4.65 to-ports=2000-2499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.2 to-addresses=103.96.4.65 to-ports=2500-2999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.2 to-addresses=103.96.4.65 to-ports=2500-2999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.3 to-addresses=103.96.4.65 to-ports=3000-3499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.3 to-addresses=103.96.4.65 to-ports=3000-3499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.4 to-addresses=103.96.4.65 to-ports=3500-3999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.4 to-addresses=103.96.4.65 to-ports=3500-3999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.5 to-addresses=103.96.4.65 to-ports=4000-4499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.5 to-addresses=103.96.4.65 to-ports=4000-4499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.6 to-addresses=103.96.4.65 to-ports=4500-4999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.6 to-addresses=103.96.4.65 to-ports=4500-4999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.7 to-addresses=103.96.4.65 to-ports=5000-5499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.7 to-addresses=103.96.4.65 to-ports=5000-5499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.8 to-addresses=103.96.4.65 to-ports=5500-5999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.8 to-addresses=103.96.4.65 to-ports=5500-5999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.9 to-addresses=103.96.4.65 to-ports=6000-6499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.9 to-addresses=103.96.4.65 to-ports=6000-6499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.10 to-addresses=103.96.4.65 to-ports=6500-6999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.10 to-addresses=103.96.4.65 to-ports=6500-6999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.11 to-addresses=103.96.4.65 to-ports=7000-7499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.11 to-addresses=103.96.4.65 to-ports=7000-7499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.12 to-addresses=103.96.4.65 to-ports=7500-7999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.12 to-addresses=103.96.4.65 to-ports=7500-7999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.13 to-addresses=103.96.4.65 to-ports=8000-8499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.13 to-addresses=103.96.4.65 to-ports=8000-8499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.14 to-addresses=103.96.4.65 to-ports=8500-8999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.14 to-addresses=103.96.4.65 to-ports=8500-8999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.15 to-addresses=103.96.4.65 to-ports=9000-9499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.15 to-addresses=103.96.4.65 to-ports=9000-9499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.16 to-addresses=103.96.4.65 to-ports=9500-9999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.16 to-addresses=103.96.4.65 to-ports=9500-9999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.17 to-addresses=103.96.4.65 to-ports=10000-10499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.17 to-addresses=103.96.4.65 to-ports=10000-10499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.18 to-addresses=103.96.4.65 to-ports=10500-10999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.18 to-addresses=103.96.4.65 to-ports=10500-10999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.19 to-addresses=103.96.4.65 to-ports=11000-11499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.19 to-addresses=103.96.4.65 to-ports=11000-11499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.20 to-addresses=103.96.4.65 to-ports=11500-11999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.20 to-addresses=103.96.4.65 to-ports=11500-11999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.21 to-addresses=103.96.4.65 to-ports=12000-12499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.21 to-addresses=103.96.4.65 to-ports=12000-12499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.22 to-addresses=103.96.4.65 to-ports=12500-12999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.22 to-addresses=103.96.4.65 to-ports=12500-12999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.23 to-addresses=103.96.4.65 to-ports=13000-13499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.23 to-addresses=103.96.4.65 to-ports=13000-13499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.24 to-addresses=103.96.4.65 to-ports=13500-13999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.24 to-addresses=103.96.4.65 to-ports=13500-13999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.25 to-addresses=103.96.4.65 to-ports=14000-14499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.25 to-addresses=103.96.4.65 to-ports=14000-14499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.26 to-addresses=103.96.4.65 to-ports=14500-14999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.26 to-addresses=103.96.4.65 to-ports=14500-14999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.27 to-addresses=103.96.4.65 to-ports=15000-15499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.27 to-addresses=103.96.4.65 to-ports=15000-15499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.28 to-addresses=103.96.4.65 to-ports=15500-15999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.28 to-addresses=103.96.4.65 to-ports=15500-15999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.29 to-addresses=103.96.4.65 to-ports=16000-16499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.29 to-addresses=103.96.4.65 to-ports=16000-16499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.30 to-addresses=103.96.4.65 to-ports=16500-16999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.30 to-addresses=103.96.4.65 to-ports=16500-16999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.31 to-addresses=103.96.4.65 to-ports=17000-17499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.31 to-addresses=103.96.4.65 to-ports=17000-17499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.32 to-addresses=103.96.4.65 to-ports=17500-17999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.32 to-addresses=103.96.4.65 to-ports=17500-17999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.33 to-addresses=103.96.4.65 to-ports=18000-18499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.33 to-addresses=103.96.4.65 to-ports=18000-18499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.34 to-addresses=103.96.4.65 to-ports=18500-18999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.34 to-addresses=103.96.4.65 to-ports=18500-18999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.35 to-addresses=103.96.4.65 to-ports=19000-19499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.35 to-addresses=103.96.4.65 to-ports=19000-19499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.36 to-addresses=103.96.4.65 to-ports=19500-19999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.36 to-addresses=103.96.4.65 to-ports=19500-19999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.37 to-addresses=103.96.4.65 to-ports=20000-20499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.37 to-addresses=103.96.4.65 to-ports=20000-20499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.38 to-addresses=103.96.4.65 to-ports=20500-20999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.38 to-addresses=103.96.4.65 to-ports=20500-20999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.39 to-addresses=103.96.4.65 to-ports=21000-21499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.39 to-addresses=103.96.4.65 to-ports=21000-21499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.40 to-addresses=103.96.4.65 to-ports=21500-21999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.40 to-addresses=103.96.4.65 to-ports=21500-21999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.41 to-addresses=103.96.4.65 to-ports=22000-22499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.41 to-addresses=103.96.4.65 to-ports=22000-22499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.42 to-addresses=103.96.4.65 to-ports=22500-22999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.42 to-addresses=103.96.4.65 to-ports=22500-22999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.43 to-addresses=103.96.4.65 to-ports=23000-23499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.43 to-addresses=103.96.4.65 to-ports=23000-23499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.44 to-addresses=103.96.4.65 to-ports=23500-23999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.44 to-addresses=103.96.4.65 to-ports=23500-23999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.45 to-addresses=103.96.4.65 to-ports=24000-24499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.45 to-addresses=103.96.4.65 to-ports=24000-24499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.46 to-addresses=103.96.4.65 to-ports=24500-24999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.46 to-addresses=103.96.4.65 to-ports=24500-24999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.47 to-addresses=103.96.4.65 to-ports=25000-25499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.47 to-addresses=103.96.4.65 to-ports=25000-25499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.48 to-addresses=103.96.4.65 to-ports=25500-25999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.48 to-addresses=103.96.4.65 to-ports=25500-25999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.49 to-addresses=103.96.4.65 to-ports=26000-26499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.49 to-addresses=103.96.4.65 to-ports=26000-26499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.50 to-addresses=103.96.4.65 to-ports=26500-26999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.50 to-addresses=103.96.4.65 to-ports=26500-26999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.51 to-addresses=103.96.4.65 to-ports=27000-27499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.51 to-addresses=103.96.4.65 to-ports=27000-27499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.52 to-addresses=103.96.4.65 to-ports=27500-27999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.52 to-addresses=103.96.4.65 to-ports=27500-27999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.53 to-addresses=103.96.4.65 to-ports=28000-28499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.53 to-addresses=103.96.4.65 to-ports=28000-28499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.54 to-addresses=103.96.4.65 to-ports=28500-28999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.54 to-addresses=103.96.4.65 to-ports=28500-28999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.55 to-addresses=103.96.4.65 to-ports=29000-29499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.55 to-addresses=103.96.4.65 to-ports=29000-29499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.56 to-addresses=103.96.4.65 to-ports=29500-29999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.56 to-addresses=103.96.4.65 to-ports=29500-29999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.57 to-addresses=103.96.4.65 to-ports=30000-30499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.57 to-addresses=103.96.4.65 to-ports=30000-30499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.58 to-addresses=103.96.4.65 to-ports=30500-30999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.58 to-addresses=103.96.4.65 to-ports=30500-30999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.59 to-addresses=103.96.4.65 to-ports=31000-31499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.59 to-addresses=103.96.4.65 to-ports=31000-31499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.60 to-addresses=103.96.4.65 to-ports=31500-31999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.60 to-addresses=103.96.4.65 to-ports=31500-31999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.61 to-addresses=103.96.4.65 to-ports=33000-33499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.61 to-addresses=103.96.4.65 to-ports=33000-33499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.62 to-addresses=103.96.4.65 to-ports=33500-33999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.62 to-addresses=103.96.4.65 to-ports=33500-33999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.63 to-addresses=103.96.4.65 to-ports=34000-34499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.63 to-addresses=103.96.4.65 to-ports=34000-34499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.64 to-addresses=103.96.4.65 to-ports=34500-34999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.64 to-addresses=103.96.4.65 to-ports=34500-34999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.65 to-addresses=103.96.4.65 to-ports=35000-35499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.65 to-addresses=103.96.4.65 to-ports=35000-35499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.66 to-addresses=103.96.4.65 to-ports=35500-35999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.66 to-addresses=103.96.4.65 to-ports=35500-35999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.67 to-addresses=103.96.4.65 to-ports=36000-36499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.67 to-addresses=103.96.4.65 to-ports=36000-36499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.68 to-addresses=103.96.4.65 to-ports=36500-36999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.68 to-addresses=103.96.4.65 to-ports=36500-36999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.69 to-addresses=103.96.4.65 to-ports=37000-37499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.69 to-addresses=103.96.4.65 to-ports=37000-37499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.70 to-addresses=103.96.4.65 to-ports=37500-37999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.70 to-addresses=103.96.4.65 to-ports=37500-37999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.71 to-addresses=103.96.4.65 to-ports=38000-38499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.71 to-addresses=103.96.4.65 to-ports=38000-38499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.72 to-addresses=103.96.4.65 to-ports=38500-38999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.72 to-addresses=103.96.4.65 to-ports=38500-38999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.73 to-addresses=103.96.4.65 to-ports=39000-39499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.73 to-addresses=103.96.4.65 to-ports=39000-39499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.74 to-addresses=103.96.4.65 to-ports=39500-39999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.74 to-addresses=103.96.4.65 to-ports=39500-39999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.75 to-addresses=103.96.4.65 to-ports=40000-40499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.75 to-addresses=103.96.4.65 to-ports=40000-40499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.76 to-addresses=103.96.4.65 to-ports=40500-40999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.76 to-addresses=103.96.4.65 to-ports=40500-40999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.77 to-addresses=103.96.4.65 to-ports=41000-41499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.77 to-addresses=103.96.4.65 to-ports=41000-41499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.78 to-addresses=103.96.4.65 to-ports=41500-41999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.78 to-addresses=103.96.4.65 to-ports=41500-41999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.79 to-addresses=103.96.4.65 to-ports=42000-42499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.79 to-addresses=103.96.4.65 to-ports=42000-42499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.80 to-addresses=103.96.4.65 to-ports=42500-42999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.80 to-addresses=103.96.4.65 to-ports=42500-42999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.81 to-addresses=103.96.4.65 to-ports=43000-43499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.81 to-addresses=103.96.4.65 to-ports=43000-43499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.82 to-addresses=103.96.4.65 to-ports=43500-43999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.82 to-addresses=103.96.4.65 to-ports=43500-43999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.83 to-addresses=103.96.4.65 to-ports=44000-44499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.83 to-addresses=103.96.4.65 to-ports=44000-44499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.84 to-addresses=103.96.4.65 to-ports=44500-44999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.84 to-addresses=103.96.4.65 to-ports=44500-44999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.85 to-addresses=103.96.4.65 to-ports=45000-45499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.85 to-addresses=103.96.4.65 to-ports=45000-45499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.86 to-addresses=103.96.4.65 to-ports=45500-45999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.86 to-addresses=103.96.4.65 to-ports=45500-45999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.87 to-addresses=103.96.4.65 to-ports=46000-46499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.87 to-addresses=103.96.4.65 to-ports=46000-46499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.88 to-addresses=103.96.4.65 to-ports=46500-46999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.88 to-addresses=103.96.4.65 to-ports=46500-46999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.89 to-addresses=103.96.4.65 to-ports=47000-47499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.89 to-addresses=103.96.4.65 to-ports=47000-47499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.90 to-addresses=103.96.4.65 to-ports=47500-47999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.90 to-addresses=103.96.4.65 to-ports=47500-47999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.91 to-addresses=103.96.4.65 to-ports=48000-48499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.91 to-addresses=103.96.4.65 to-ports=48000-48499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.92 to-addresses=103.96.4.65 to-ports=48500-48999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.92 to-addresses=103.96.4.65 to-ports=48500-48999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.93 to-addresses=103.96.4.65 to-ports=49000-49499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.93 to-addresses=103.96.4.65 to-ports=49000-49499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.94 to-addresses=103.96.4.65 to-ports=49500-49999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.94 to-addresses=103.96.4.65 to-ports=49500-49999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.95 to-addresses=103.96.4.65 to-ports=50000-50499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.95 to-addresses=103.96.4.65 to-ports=50000-50499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.96 to-addresses=103.96.4.65 to-ports=50500-50999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.96 to-addresses=103.96.4.65 to-ports=50500-50999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.97 to-addresses=103.96.4.65 to-ports=51000-51499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.97 to-addresses=103.96.4.65 to-ports=51000-51499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.98 to-addresses=103.96.4.65 to-ports=51500-51999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.98 to-addresses=103.96.4.65 to-ports=51500-51999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.99 to-addresses=103.96.4.65 to-ports=52000-52499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.99 to-addresses=103.96.4.65 to-ports=52000-52499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.100 to-addresses=103.96.4.65 to-ports=52500-52999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.100 to-addresses=103.96.4.65 to-ports=52500-52999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.101 to-addresses=103.96.4.65 to-ports=53000-53499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.101 to-addresses=103.96.4.65 to-ports=53000-53499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.102 to-addresses=103.96.4.65 to-ports=53500-53999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.102 to-addresses=103.96.4.65 to-ports=53500-53999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.103 to-addresses=103.96.4.65 to-ports=54000-54499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.103 to-addresses=103.96.4.65 to-ports=54000-54499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.104 to-addresses=103.96.4.65 to-ports=54500-54999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.104 to-addresses=103.96.4.65 to-ports=54500-54999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.105 to-addresses=103.96.4.65 to-ports=55000-55499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.105 to-addresses=103.96.4.65 to-ports=55000-55499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.106 to-addresses=103.96.4.65 to-ports=55500-55999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.106 to-addresses=103.96.4.65 to-ports=55500-55999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.107 to-addresses=103.96.4.65 to-ports=56000-56499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.107 to-addresses=103.96.4.65 to-ports=56000-56499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.108 to-addresses=103.96.4.65 to-ports=56500-56999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.108 to-addresses=103.96.4.65 to-ports=56500-56999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.109 to-addresses=103.96.4.65 to-ports=57000-57499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.109 to-addresses=103.96.4.65 to-ports=57000-57499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.110 to-addresses=103.96.4.65 to-ports=57500-57999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.110 to-addresses=103.96.4.65 to-ports=57500-57999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.111 to-addresses=103.96.4.65 to-ports=58000-58499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.111 to-addresses=103.96.4.65 to-ports=58000-58499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.112 to-addresses=103.96.4.65 to-ports=58500-58999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.112 to-addresses=103.96.4.65 to-ports=58500-58999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.113 to-addresses=103.96.4.65 to-ports=59000-59499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.113 to-addresses=103.96.4.65 to-ports=59000-59499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.114 to-addresses=103.96.4.65 to-ports=59500-59999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.114 to-addresses=103.96.4.65 to-ports=59500-59999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.115 to-addresses=103.96.4.65 to-ports=60000-60499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.115 to-addresses=103.96.4.65 to-ports=60000-60499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.116 to-addresses=103.96.4.65 to-ports=60500-60999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.116 to-addresses=103.96.4.65 to-ports=60500-60999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.117 to-addresses=103.96.4.65 to-ports=61000-61499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.117 to-addresses=103.96.4.65 to-ports=61000-61499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.118 to-addresses=103.96.4.65 to-ports=61500-61999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.118 to-addresses=103.96.4.65 to-ports=61500-61999 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.119 to-addresses=103.96.4.65 to-ports=62000-62499 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.119 to-addresses=103.96.4.65 to-ports=62000-62499 add action=src-nat chain=xxx-0 protocol=tcp src-address=100.64.0.120 to-addresses=103.96.4.65 to-ports=62500-62999 add action=src-nat chain=xxx-0 protocol=udp src-address=100.64.0.120 to-addresses=103.96.4.65 to-ports=62500-62999 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.121 to-addresses=103.96.4.68 to-ports=2000-2499 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.121 to-addresses=103.96.4.68 to-ports=2000-2499 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.122 to-addresses=103.96.4.68 to-ports=2500-2999 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.122 to-addresses=103.96.4.68 to-ports=2500-2999 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.123 to-addresses=103.96.4.68 to-ports=3000-3499 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.123 to-addresses=103.96.4.68 to-ports=3000-3499 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.124 to-addresses=103.96.4.68 to-ports=3500-3999 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.124 to-addresses=103.96.4.68 to-ports=3500-3999 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.125 to-addresses=103.96.4.68 to-ports=4000-4499 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.125 to-addresses=103.96.4.68 to-ports=4000-4499 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.126 to-addresses=103.96.4.68 to-ports=4500-4999 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.126 to-addresses=103.96.4.68 to-ports=4500-4999 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.127 to-addresses=103.96.4.68 to-ports=5000-5499 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.127 to-addresses=103.96.4.68 to-ports=5000-5499 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.128 to-addresses=103.96.4.68 to-ports=5500-5999 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.128 to-addresses=103.96.4.68 to-ports=5500-5999 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.129 to-addresses=103.96.4.68 to-ports=6000-6499 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.129 to-addresses=103.96.4.68 to-ports=6000-6499 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.130 to-addresses=103.96.4.68 to-ports=6500-6999 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.130 to-addresses=103.96.4.68 to-ports=6500-6999 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.131 to-addresses=103.96.4.68 to-ports=7000-7499 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.131 to-addresses=103.96.4.68 to-ports=7000-7499 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.132 to-addresses=103.96.4.68 to-ports=7500-7999 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.132 to-addresses=103.96.4.68 to-ports=7500-7999 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.133 to-addresses=103.96.4.68 to-ports=8000-8499 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.133 to-addresses=103.96.4.68 to-ports=8000-8499 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.134 to-addresses=103.96.4.68 to-ports=8500-8999 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.134 to-addresses=103.96.4.68 to-ports=8500-8999 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.135 to-addresses=103.96.4.68 to-ports=9000-9499 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.135 to-addresses=103.96.4.68 to-ports=9000-9499 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.136 to-addresses=103.96.4.68 to-ports=9500-9999 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.136 to-addresses=103.96.4.68 to-ports=9500-9999 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.137 to-addresses=103.96.4.68 to-ports=10000-10499 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.137 to-addresses=103.96.4.68 to-ports=10000-10499 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.138 to-addresses=103.96.4.68 to-ports=10500-10999 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.138 to-addresses=103.96.4.68 to-ports=10500-10999 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.139 to-addresses=103.96.4.68 to-ports=11000-11499 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.139 to-addresses=103.96.4.68 to-ports=11000-11499 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.140 to-addresses=103.96.4.68 to-ports=11500-11999 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.140 to-addresses=103.96.4.68 to-ports=11500-11999 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.141 to-addresses=103.96.4.68 to-ports=12000-12499 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.141 to-addresses=103.96.4.68 to-ports=12000-12499 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.142 to-addresses=103.96.4.68 to-ports=12500-12999 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.142 to-addresses=103.96.4.68 to-ports=12500-12999 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.143 to-addresses=103.96.4.68 to-ports=13000-13499 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.143 to-addresses=103.96.4.68 to-ports=13000-13499 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.144 to-addresses=103.96.4.68 to-ports=13500-13999 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.144 to-addresses=103.96.4.68 to-ports=13500-13999 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.145 to-addresses=103.96.4.68 to-ports=14000-14499 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.145 to-addresses=103.96.4.68 to-ports=14000-14499 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.146 to-addresses=103.96.4.68 to-ports=14500-14999 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.146 to-addresses=103.96.4.68 to-ports=14500-14999 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.147 to-addresses=103.96.4.68 to-ports=15000-15499 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.147 to-addresses=103.96.4.68 to-ports=15000-15499 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.148 to-addresses=103.96.4.68 to-ports=15500-15999 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.148 to-addresses=103.96.4.68 to-ports=15500-15999 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.149 to-addresses=103.96.4.68 to-ports=16000-16499 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.149 to-addresses=103.96.4.68 to-ports=16000-16499 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.150 to-addresses=103.96.4.68 to-ports=16500-16999 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.150 to-addresses=103.96.4.68 to-ports=16500-16999 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.151 to-addresses=103.96.4.68 to-ports=17000-17499 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.151 to-addresses=103.96.4.68 to-ports=17000-17499 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.152 to-addresses=103.96.4.68 to-ports=17500-17999 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.152 to-addresses=103.96.4.68 to-ports=17500-17999 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.153 to-addresses=103.96.4.68 to-ports=18000-18499 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.153 to-addresses=103.96.4.68 to-ports=18000-18499 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.154 to-addresses=103.96.4.68 to-ports=18500-18999 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.154 to-addresses=103.96.4.68 to-ports=18500-18999 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.155 to-addresses=103.96.4.68 to-ports=19000-19499 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.155 to-addresses=103.96.4.68 to-ports=19000-19499 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.156 to-addresses=103.96.4.68 to-ports=19500-19999 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.156 to-addresses=103.96.4.68 to-ports=19500-19999 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.157 to-addresses=103.96.4.68 to-ports=20000-20499 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.157 to-addresses=103.96.4.68 to-ports=20000-20499 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.158 to-addresses=103.96.4.68 to-ports=20500-20999 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.158 to-addresses=103.96.4.68 to-ports=20500-20999 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.159 to-addresses=103.96.4.68 to-ports=21000-21499 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.159 to-addresses=103.96.4.68 to-ports=21000-21499 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.160 to-addresses=103.96.4.68 to-ports=21500-21999 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.160 to-addresses=103.96.4.68 to-ports=21500-21999 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.161 to-addresses=103.96.4.68 to-ports=22000-22499 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.161 to-addresses=103.96.4.68 to-ports=22000-22499 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.162 to-addresses=103.96.4.68 to-ports=22500-22999 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.162 to-addresses=103.96.4.68 to-ports=22500-22999 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.163 to-addresses=103.96.4.68 to-ports=23000-23499 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.163 to-addresses=103.96.4.68 to-ports=23000-23499 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.164 to-addresses=103.96.4.68 to-ports=23500-23999 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.164 to-addresses=103.96.4.68 to-ports=23500-23999 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.165 to-addresses=103.96.4.68 to-ports=24000-24499 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.165 to-addresses=103.96.4.68 to-ports=24000-24499 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.166 to-addresses=103.96.4.68 to-ports=24500-24999 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.166 to-addresses=103.96.4.68 to-ports=24500-24999 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.167 to-addresses=103.96.4.68 to-ports=25000-25499 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.167 to-addresses=103.96.4.68 to-ports=25000-25499 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.168 to-addresses=103.96.4.68 to-ports=25500-25999 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.168 to-addresses=103.96.4.68 to-ports=25500-25999 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.169 to-addresses=103.96.4.68 to-ports=26000-26499 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.169 to-addresses=103.96.4.68 to-ports=26000-26499 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.170 to-addresses=103.96.4.68 to-ports=26500-26999 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.170 to-addresses=103.96.4.68 to-ports=26500-26999 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.171 to-addresses=103.96.4.68 to-ports=27000-27499 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.171 to-addresses=103.96.4.68 to-ports=27000-27499 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.172 to-addresses=103.96.4.68 to-ports=27500-27999 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.172 to-addresses=103.96.4.68 to-ports=27500-27999 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.173 to-addresses=103.96.4.68 to-ports=28000-28499 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.173 to-addresses=103.96.4.68 to-ports=28000-28499 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.174 to-addresses=103.96.4.68 to-ports=28500-28999 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.174 to-addresses=103.96.4.68 to-ports=28500-28999 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.175 to-addresses=103.96.4.68 to-ports=29000-29499 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.175 to-addresses=103.96.4.68 to-ports=29000-29499 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.176 to-addresses=103.96.4.68 to-ports=29500-29999 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.176 to-addresses=103.96.4.68 to-ports=29500-29999 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.177 to-addresses=103.96.4.68 to-ports=30000-30499 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.177 to-addresses=103.96.4.68 to-ports=30000-30499 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.178 to-addresses=103.96.4.68 to-ports=30500-30999 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.178 to-addresses=103.96.4.68 to-ports=30500-30999 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.179 to-addresses=103.96.4.68 to-ports=31000-31499 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.179 to-addresses=103.96.4.68 to-ports=31000-31499 add action=src-nat chain=xxx-3 protocol=tcp src-address=100.64.0.180 to-addresses=103.96.4.68 to-ports=31500-31999 add action=src-nat chain=xxx-3 protocol=udp src-address=100.64.0.180 to-addresses=103.96.4.68 to-ports=31500-31999 add action=src-nat chain=srcnat comment="NAT for management network out" src-address=10.99.0.0/24 to-addresses=103.96.4.65 add action=src-nat chain=srcnat comment="NAT for lodge network out" src-address=192.168.90.0/30 to-addresses=103.96.4.68 add action=dst-nat chain=dstnat comment="temp nat to lodge router" dst-address=103.96.4.68 dst-port=50000 in-interface=sfp-sfpplus1.3809 protocol=tcp to-addresses=192.168.90.2 to-ports=8291 /ip ipsec profile set [ find default=yes ] dpd-interval=2m dpd-maximum-failures=5 /ip route add check-gateway=ping comment="Main route over Telstra MLL Backhaul" disabled=no dst-address=0.0.0.0/0 gateway=10.210.200.1 pref-src=103.96.4.65 add check-gateway=ping comment="Backup route over 4G" disabled=no distance=5 dst-address=0.0.0.0/0 gateway=192.168.1.1 add disabled=no dst-address=0.0.0.0/0 gateway=192.168.1.1 pref-src=192.168.1.99 routing-table=Via-4G add disabled=no dst-address=0.0.0.0/0 gateway=l2tp-out-valve routing-table=VIA-VALVE-VPN add check-gateway=ping disabled=no dst-address=103.16.129.23/32 gateway=l2tp-out-valve /ip service set ftp disabled=yes set telnet disabled=yes set www disabled=yes set api disabled=yes set api-ssl disabled=yes /ip smb shares set [ find default=yes ] directory=/pub /ppp aaa set interim-update=30m use-radius=yes /ppp secret add name=ttadmin password="Tru3t3lc0@\$" remote-address=192.168.255.4 service=l2tp /radius add address=103.16.129.23 comment=radius-1.intervisp.net.au require-message-auth=no secret="xnsa\$!ufgb2x" service=ppp timeout=3s add address=43.229.61.238 comment=radius-2.intervisp.net.au require-message-auth=no secret="xnsa\$!ufgb2x" service=ppp src-address=103.96.4.65 timeout=3s add address=112.213.37.223 comment=Portal.truetelco.com.au require-message-auth=no secret="xnsa\$!ufgb2x" service=ppp timeout=3s /radius incoming set accept=yes /routing bfd configuration add disabled=no interfaces=all min-rx=200ms min-tx=200ms multiplier=5 /routing filter rule add chain=ospf-in comment="Discard all inputs from upstream" disabled=no rule="if (dst in 0.0.0.0/0 && dst-len in 0-32) { reject; }" add chain=ospf-out comment="Allow Export of Valve IP address" disabled=no rule="if (dst in 103.96.4.0/22 && dst-len in 22-32) { accept; }" add chain=ospf-out comment="Allow Export of the Router ID" disabled=no rule="if (dst in 10.255.255.66 && dst-len == 32) { accept; }" add chain=ospf-out comment="Discard all inputs from upstream" disabled=no rule="if (dst in 100.64.0.0/16 && dst-len in 16-32) { reject; }" add chain=ospf-out comment="Discard all inputs from upstream" disabled=no rule="if (dst in 10.0.0.0/8 && dst-len in 8-32) { reject; }" add chain=ospf-out comment="Discard all inputs from upstream" disabled=no rule="if (dst in 192.168.0.0/16 && dst-len in 16-32) { reject; }" add chain=ospf-out comment="Discard all inputs from upstream" disabled=no rule="if (dst in 172.16.0.0/12 && dst-len in 12-32) { reject; }" add chain=ospf-out comment="Disable all other IP address" disabled=no rule="if (dst in 0.0.0.0/0 && dst-len in 0-32) { reject; }" /routing ospf interface-template add area=backbone-v2 auth-id=1 auth-key="" cost=10 disabled=no interfaces=sfp-sfpplus1.3809 networks=10.210.200.0/30 priority=1 type=ptp use-bfd=no /snmp set contact=noc@valvenetworks.com.au enabled=yes location="Aviva Officer" trap-community=CFNCOM trap-version=2 /system clock set time-zone-name=Australia/Melbourne /system console add disabled=no port=usb3 /system identity set name=AvivaOfficer-R1.CFN.VIC.intervisp.net /system logging add action=valve disabled=yes topics=radius add disabled=yes prefix=OSPF topics=ospf /tool romon set enabled=yes secrets=CFNCOM /tool sniffer set file-name=test.pcap filter-interface=*F memory-limit=10000KiB