# may/19/2009 17:14:43 by RouterOS 2.9.

27
# software id = FPMH-TX0
#
/ interface ethernet
set lan name="lan" mtu=1500 mac-address=00:D0:B7:16:BE:11 arp=enabled disable-running-
check=yes auto-negotiation=yes \
    full-duplex=yes cable-settings=default speed=100Mbps comment="" disabled=no
set inet name="inet" mtu=1500 mac-address=50:78:26:66:A4:C3 arp=enabled disable-running-
check=yes auto-negotiation=yes \
    full-duplex=yes cable-settings=default speed=100Mbps comment="" disabled=no
/ interface wireless security-profiles
set default name="default" mode=none authentication-types="" unicast-ciphers="" group-ciphers=""
wpa-pre-shared-key="" \
    wpa2-pre-shared-key="" eap-methods=passthrough tls-mode=no-certificates tls-certificate=none
static-algo-0=none \
    static-key-0="" static-algo-1=none static-key-1="" static-algo-2=none static-key-2="" static-algo-
3=none \
    static-key-3="" static-transmit-key=key-0 static-sta-private-algo=none static-sta-private-key="" \
    radius-mac-authentication=no group-key-update=5m
/ interface wireless align
set frame-size=300 active-mode=yes receive-all=no audio-monitor=00:00:00:00:00:00 filter-
mac=00:00:00:00:00:00 ssid-all=no \
    frames-per-second=25 audio-min=-100 audio-max=-20
/ interface wireless snooper
set multiple-channels=yes channel-time=200ms receive-errors=no
/ interface wireless sniffer
set multiple-channels=no channel-time=200ms only-headers=no receive-errors=no memory-limit=10
file-name="" file-limit=10 \
    streaming-enabled=no streaming-server=0.0.0.0 streaming-max-rate=0
/ interface l2tp-server server
set enabled=no max-mtu=1460 max-mru=1460 authentication=pap,chap,mschap1,mschap2 default-
profile=default-encryption
/ interface pptp-server server
set enabled=yes max-mtu=1460 max-mru=1460 authentication=pap,chap,mschap1,mschap2 keepalive-
timeout=30 \
    default-profile=default-encryption
/ interface pppoe-client
add name="pppoe-out1" max-mtu=1480 max-mru=1480 interface=inet user="[email protected]"
password="password" \
    profile=default service-name="speedy" ac-name="" add-default-route=yes dial-on-demand=no use-
peer-dns=no \
    allow=pap,chap,mschap1,mschap2 disabled=no
/ ip pool
add name="vpn" ranges=172.16.16.10-172.16.16.50
/ ip telephony region
/ ip telephony gatekeeper
set gatekeeper=none remote-id="" remote-address=0.0.0.0
/ ip telephony aaa
set use-radius-accounting=no interim-update=0s
/ ip telephony codec
move G.711-uLaw-64k/sw
move G.711-ALaw-64k/sw
move G.729A-8k/sw
move G.729-8k/sw
move G.723.1-6.3k/sw
move GSM-06.10-13.2k/sw
move LPC-10-2.5k/sw
/ ip accounting
set enabled=no account-local-traffic=no threshold=256
/ ip accounting web-access
set accessible-via-web=no address=0.0.0.0/0
/ ip service
set telnet port=23 address=0.0.0.0/0 disabled=no
set ftp port=21 address=0.0.0.0/0 disabled=no
set www port=80 address=0.0.0.0/0 disabled=no
set ssh port=22 address=0.0.0.0/0 disabled=no
set www-ssl port=443 address=0.0.0.0/0 certificate=none disabled=yes
/ ip upnp
set enabled=no allow-disable-external-interface=yes show-dummy-rule=yes
/ ip arp
/ ip socks
set enabled=no port=1080 connection-idle-timeout=2m max-connections=200
/ ip dns
set primary-dns=202.138.224.2 secondary-dns=202.138.224.4 allow-remote-requests=no cache-
size=2048KiB cache-max-ttl=1w
/ ip traffic-flow
set enabled=no interfaces=all cache-entries=4k active-flow-timeout=30m inactive-flow-timeout=15s
/ ip address
add address=172.16.16.1/24 network=172.16.16.0 broadcast=172.16.16.255 interface=lan comment=""
disabled=no
add address=192.168.2.150/24 network=192.168.2.0 broadcast=192.168.2.255 interface=inet
comment="" disabled=no
/ ip proxy
set enabled=no port=8080 parent-proxy=0.0.0.0:0 maximal-client-connecions=1000 maximal-server-
connectons=1000
/ ip proxy access
add dst-port=23-25 action=deny comment="block telnet & spam e-mail relaying" disabled=no
/ ip neighbor discovery
set lan discover=yes
set inet discover=yes
set pppoe-out1 discover=no
/ ip route
add dst-address=0.0.0.0/0 gateway=192.168.2.1 scope=255 target-scope=10 comment="" disabled=yes
/ ip firewall mangle
add chain=prerouting protocol=icmp action=mark-connection new-connection-mark=icmp-con
passthrough=yes comment="" \
    disabled=yes
add chain=prerouting protocol=icmp connection-mark=icmp-con action=mark-packet new-packet-
mark=icmp-pkt passthrough=no \
    comment="" disabled=yes
add chain=prerouting action=mark-connection new-connection-mark=con-up passthrough=yes
comment="" disabled=yes
add chain=prerouting connection-mark=con-up action=mark-packet new-packet-mark=all-pkt
passthrough=no comment="" \
    disabled=yes
add chain=output content="X-Cache: HIT" action=mark-connection new-connection-mark=proxy-con
passthrough=yes comment="" \
    disabled=yes
add chain=output connection-mark=proxy-con action=mark-packet new-packet-mark=proxy-pkt
passthrough=no comment="" \
    disabled=yes
add chain=forward action=mark-connection new-connection-mark=direct-con passthrough=yes
comment="" disabled=yes
add chain=forward protocol=tcp connection-mark=direct-con action=mark-packet new-packet-
mark=all-pkt passthrough=no \
    comment="" disabled=yes
add chain=output protocol=tcp connection-mark=direct-con action=mark-packet new-packet-mark=all-
pkt passthrough=no \
    comment="" disabled=yes
/ ip firewall nat
add chain=srcnat src-address-list=pronet action=masquerade comment="" disabled=no
add chain=dstnat protocol=tcp dst-port=80 src-address-list=pronet action=redirect to-ports=3128
comment="" disabled=no
/ ip firewall connection tracking
set enabled=yes tcp-syn-sent-timeout=5s tcp-syn-received-timeout=5s tcp-established-timeout=1d tcp-
fin-wait-timeout=10s \
    tcp-close-wait-timeout=10s tcp-last-ack-timeout=10s tcp-time-wait-timeout=10s tcp-close-
timeout=10s udp-timeout=10s \
    udp-stream-timeout=3m icmp-timeout=10s generic-timeout=10m tcp-syncookie=no
/ ip firewall address-list
add list=pronet address=172.16.16.100 comment="" disabled=no
add list=pronet address=172.16.16.101 comment="" disabled=no
add list=pronet address=172.16.16.102 comment="" disabled=no
add list=pronet address=172.16.16.103 comment="" disabled=no
add list=pronet address=172.16.16.104 comment="" disabled=no
add list=pronet address=172.16.16.105 comment="" disabled=no
add list=pronet address=172.16.16.106 comment="" disabled=no
add list=pronet address=172.16.16.107 comment="" disabled=no
add list=pronet address=172.16.16.108 comment="" disabled=no
add list=pronet address=172.16.16.109 comment="" disabled=no
add list=pronet address=172.16.16.110 comment="" disabled=no
add list=pronet address=172.16.16.2 comment="" disabled=no
/ ip firewall service-port
set ftp ports=21 disabled=no
set tftp ports=69 disabled=no
set irc ports=6667 disabled=no
set h323 disabled=no
set quake3 disabled=no
set gre disabled=no
set pptp disabled=no
/ ip hotspot service-port
set ftp ports=21 disabled=no
/ ip hotspot profile
set default name="default" hotspot-address=0.0.0.0 dns-name="" html-directory=hotspot rate-limit=""
http-proxy=0.0.0.0:0 \
    smtp-server=0.0.0.0 login-by=cookie,http-chap http-cookie-lifetime=3d split-user-domain=no use-
radius=no
/ ip hotspot user profile
set default name="default" idle-timeout=none keepalive-timeout=2m status-autorefresh=1m shared-
users=1 \
    transparent-proxy=yes open-status-page=always advertise=no
/ ip dhcp-server config
set store-leases-disk=5m
/ ip ipsec proposal
add name="default" auth-algorithms=sha1 enc-algorithms=3des lifetime=30m lifebytes=0 pfs-
group=modp1024 disabled=no
/ ip web-proxy
set enabled=yes src-address=0.0.0.0 port=3128 hostname="pronet" transparent-proxy=yes parent-
proxy=0.0.0.0:0 \
    cache-administrator="admin@pronet" max-object-size=1200KiB cache-drive=system max-cache-
size=10000000KiB \
    max-ram-cache-size=none
/ ip web-proxy access
add dst-port=23-25 action=deny comment="block telnet & spam e-mail relaying" disabled=no
add src-address=!172.16.16.100/32 url="*.swf" action=deny comment="" disabled=yes
add src-address=!172.16.16.2/32 url="*.swf" action=deny comment="" disabled=yes
add src-address=!172.16.16.2/32 url="*.mpg" action=deny comment="" disabled=yes
add src-address=!172.16.16.2/32 url="*.DAT" action=deny comment="" disabled=yes
add src-address=!172.16.16.2/32 url="*.mpeg" action=deny comment="" disabled=yes
add src-address=!172.16.16.2/32 url="*.avi" action=deny comment="" disabled=yes
add src-address=!172.16.16.2/32 url="*.iso" action=deny comment="" disabled=no
add src-address=!172.16.16.2/32 url="*.banner/" action=deny comment="" disabled=yes
add src-address=!172.16.16.2/32 url="*.banner.*" action=deny comment="" disabled=yes
add src-address=!172.16.16.2/32 url="*.jpg.*" action=deny comment="" disabled=yes
add src-address=!172.16.16.2/32 url="*.bmp.*" action=deny comment="" disabled=yes
add src-address=!172.16.16.2/32 url="www.microsoft.com" action=deny comment="" disabled=no
add src-address=!172.16.16.2/32 url="http://update.microsoft.com" action=deny comment=""
disabled=no
add src-address=!172.16.16.2/32 url="http://windowsupdate.microsoft.com" action=deny comment=""
disabled=no
add src-address=!172.16.16.2/32 url="\":\\\\\\\\.flv\$\"" action=deny comment="" disabled=yes
add src-address=!172.16.16.2/32 url="\":\\\\\\\\.mp3\$\"" action=deny comment="" disabled=yes
add src-address=!172.16.16.2/32 url="http://windowsupdate.microsoft.com" action=deny comment=""
disabled=no
/ ip web-proxy cache
add url=":cgi-bin \\?" action=deny comment="don't cache dynamic http pages" disabled=no
/ system logging
add topics=info prefix="" action=memory disabled=no
add topics=error prefix="" action=memory disabled=no
add topics=warning prefix="" action=memory disabled=no
add topics=critical prefix="" action=echo disabled=no
/ system logging action
set memory name="memory" target=memory memory-lines=100 memory-stop-on-full=no
set disk name="disk" target=disk disk-lines=100 disk-stop-on-full=no
set echo name="echo" target=echo remember=yes
set remote name="remote" target=remote remote=0.0.0.0:514
/ system upgrade mirror
set enabled=no primary-server=0.0.0.0 secondary-server=0.0.0.0 check-interval=1d user=""
/ system clock dst
set dst-delta=+00:00 dst-start="jan/01/1970 00:00:00" dst-end="jan/01/1970 00:00:00"
/ system watchdog
set reboot-on-failure=yes watch-address=none watchdog-timer=yes no-ping-delay=5m automatic-
supout=yes auto-send-supout=no
/ system console
add term="" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
set FIXME term="linux" disabled=no
/ system console screen
set line-count=25
/ system identity
set name="ProNet"
/ system note
set show-at-login=yes note=""
/ system gps
set enabled=no set-system-time=yes
/ system lcd
set enabled=no type=24x4 port=parallel contrast=0
/ system lcd page
set time display-time=5s disabled=yes
set resources display-time=5s disabled=yes
set uptime display-time=5s disabled=yes
set packets display-time=5s disabled=yes
set bits display-time=5s disabled=yes
set version display-time=5s disabled=yes
set lan display-time=5s disabled=yes
set inet display-time=5s disabled=yes
set pppoe-out1 display-time=5s disabled=yes
/ system ntp server
set enabled=no broadcast=no multicast=no manycast=yes
/ system ntp client
set enabled=no mode=unicast primary-ntp=0.0.0.0 secondary-ntp=0.0.0.0
/ system routerboard bios
set
/ system health
set state-after-reboot=enabled
/ ppp profile
set default name="default" use-compression=default use-vj-compression=default use-
encryption=default only-one=default \
    change-tcp-mss=yes comment=""
add name="vpn" local-address=vpn remote-address=vpn use-compression=default use-vj-
compression=default \
    use-encryption=default only-one=default change-tcp-mss=default dns-
server=202.138.224.2,202.138.224.4 comment=""
set default-encryption name="default-encryption" use-compression=default use-vj-
compression=default use-encryption=yes \
    only-one=default change-tcp-mss=yes comment=""
/ ppp secret
add name="pronet" service=pptp caller-id="" password="190406" profile=vpn routes="" limit-bytes-
in=0 limit-bytes-out=0 \
    comment="" disabled=no
/ ppp aaa
set use-radius=no accounting=yes interim-update=0s
/ queue type
set default name="default" kind=pfifo pfifo-limit=50
set ethernet-default name="ethernet-default" kind=pfifo pfifo-limit=50
set wireless-default name="wireless-default" kind=sfq sfq-perturb=5 sfq-allot=1514
set synchronous-default name="synchronous-default" kind=red red-limit=60 red-min-threshold=10
red-max-threshold=50 \
    red-burst=20 red-avg-packet=1000
set hotspot-default name="hotspot-default" kind=sfq sfq-perturb=5 sfq-allot=1514
add name="default-small" kind=pfifo pfifo-limit=10
/ queue simple
add name="proxy-HIT" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=proxy-pkt
direction=both priority=8 \
    queue=default-small/default-small limit-at=0/0 max-limit=0/0 total-queue=default-small
disabled=yes
add name="ping-queue" dst-address=0.0.0.0/0 interface=all parent=none packet-marks=icmp-pkt
direction=both priority=2 \
    queue=default-small/default-small limit-at=0/0 max-limit=0/0 total-queue=default-small
disabled=yes
add name="parent-queue" dst-address=0.0.0.0/0 interface=all parent=none direction=both priority=8 \
    queue=default-small/default-small limit-at=0/0 max-limit=64000/300000 total-queue=default-small
disabled=yes
add name="billing" target-addresses=172.16.16.100/32 dst-address=0.0.0.0/0 interface=all
parent=parent-queue \
    packet-marks=all-pkt direction=both priority=8 queue=default-small/default-small limit-
at=64000/300000 \
    max-limit=64000/300000 total-queue=default-small disabled=yes
add name="pronet1" target-addresses=172.16.16.101/32 dst-address=0.0.0.0/0 interface=all
parent=parent-queue \
    packet-marks=all-pkt direction=both priority=8 queue=default-small/default-small limit-
at=40000/300000 \
    max-limit=40000/300000 total-queue=default-small disabled=yes
add name="pronet2" target-addresses=172.16.16.102/32 dst-address=0.0.0.0/0 interface=all
parent=parent-queue \
    packet-marks=all-pkt direction=both priority=8 queue=default-small/default-small limit-
at=40000/300000 \
    max-limit=40000/300000 total-queue=default-small disabled=yes
add name="pronet3" target-addresses=172.16.16.103/32 dst-address=0.0.0.0/0 interface=all
parent=parent-queue \
    packet-marks=all-pkt direction=both priority=8 queue=default-small/default-small limit-
at=40000/300000 \
    max-limit=40000/300000 total-queue=default-small disabled=yes
add name="pronet4" target-addresses=172.16.16.104/32 dst-address=0.0.0.0/0 interface=all
parent=parent-queue \
    packet-marks=all-pkt direction=both priority=8 queue=default-small/default-small limit-
at=40000/300000 \
    max-limit=40000/300000 total-queue=default-small disabled=yes
add name="pronet5" target-addresses=172.16.16.105/32 dst-address=0.0.0.0/0 interface=all
parent=parent-queue \
    packet-marks=all-pkt direction=both priority=8 queue=default-small/default-small limit-
at=40000/300000 \
    max-limit=40000/300000 total-queue=default-small disabled=yes
add name="pronet6" target-addresses=172.16.16.106/32 dst-address=0.0.0.0/0 interface=all
parent=parent-queue \
    packet-marks=all-pkt direction=both priority=8 queue=default-small/default-small limit-
at=40000/300000 \
    max-limit=40000/300000 total-queue=default-small disabled=yes
add name="pronet7" target-addresses=172.16.16.107/32 dst-address=0.0.0.0/0 interface=all
parent=parent-queue \
    packet-marks=all-pkt direction=both priority=8 queue=default-small/default-small limit-
at=40000/300000 \
    max-limit=40000/300000 total-queue=default-small disabled=yes
add name="pronet8" target-addresses=172.16.16.108/32 dst-address=0.0.0.0/0 interface=all
parent=parent-queue \
    packet-marks=all-pkt direction=both priority=8 queue=default-small/default-small limit-
at=40000/300000 \
    max-limit=40000/300000 total-queue=default-small disabled=yes
add name="pronet9" target-addresses=172.16.16.109/32 dst-address=0.0.0.0/0 interface=all
parent=parent-queue \
    packet-marks=all-pkt direction=both priority=8 queue=default-small/default-small limit-
at=40000/300000 \
    max-limit=40000/300000 total-queue=default-small disabled=yes
add name="babeh" target-addresses=172.16.16.2/32 dst-address=0.0.0.0/0 interface=all parent=parent-
queue \
    packet-marks=all-pkt direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-
limit=0/0 \
    total-queue=default-small disabled=yes
add name="net1" target-addresses=172.16.16.101/32 dst-address=0.0.0.0/0 interface=all parent=none
direction=both \
    priority=8 queue=default-small/default-small limit-at=64000/512000 max-limit=64000/512000
burst-limit=512000/512000 \
    burst-threshold=64000/64000 burst-time=30s/30s total-queue=default-small disabled=no
add name="net2" target-addresses=172.16.16.102/32 dst-address=0.0.0.0/0 interface=all parent=none
direction=both \
    priority=8 queue=default-small/default-small limit-at=64000/512000 max-limit=64000/512000
burst-limit=512000/512000 \
    burst-threshold=64000/64000 burst-time=30s/30s total-queue=default-small disabled=no
add name="net3" target-addresses=172.16.16.103/32 dst-address=0.0.0.0/0 interface=all parent=none
direction=both \
    priority=8 queue=default-small/default-small limit-at=64000/512000 max-limit=64000/512000
burst-limit=512000/512000 \
    burst-threshold=64000/64000 burst-time=30s/30s total-queue=default-small disabled=no
add name="net4" target-addresses=172.16.16.104/32 dst-address=0.0.0.0/0 interface=all parent=none
direction=both \
    priority=8 queue=default-small/default-small limit-at=64000/512000 max-limit=64000/512000
burst-limit=512000/512000 \
    burst-threshold=64000/64000 burst-time=30s/30s total-queue=default-small disabled=no
add name="net5" target-addresses=172.16.16.105/32 dst-address=0.0.0.0/0 interface=all parent=none
direction=both \
    priority=8 queue=default-small/default-small limit-at=64000/512000 max-limit=64000/512000
burst-limit=512000/512000 \
    burst-threshold=64000/64000 burst-time=30s/30s total-queue=default-small disabled=no
add name="net6" target-addresses=172.16.16.106/32 dst-address=0.0.0.0/0 interface=all parent=none
direction=both \
    priority=8 queue=default-small/default-small limit-at=64000/512000 max-limit=64000/512000
burst-limit=512000/512000 \
    burst-threshold=64000/64000 burst-time=30s/30s total-queue=default-small disabled=no
add name="net7" target-addresses=172.16.16.107/32 dst-address=0.0.0.0/0 interface=all parent=none
direction=both \
    priority=8 queue=default-small/default-small limit-at=64000/512000 max-limit=64000/512000
burst-limit=512000/512000 \
    burst-threshold=64000/64000 burst-time=30s/30s total-queue=default-small disabled=no
add name="net8" target-addresses=172.16.16.108/32 dst-address=0.0.0.0/0 interface=all parent=none
direction=both \
    priority=8 queue=default-small/default-small limit-at=64000/512000 max-limit=64000/512000
burst-limit=512000/512000 \
    burst-threshold=64000/64000 burst-time=30s/30s total-queue=default-small disabled=no
add name="net9" target-addresses=172.16.16.109/32 dst-address=0.0.0.0/0 interface=all parent=none
direction=both \
    priority=8 queue=default-small/default-small limit-at=64000/512000 max-limit=64000/512000
burst-limit=512000/512000 \
    burst-threshold=64000/64000 burst-time=30s/30s total-queue=default-small disabled=no
add name="net10" target-addresses=172.16.16.110/32 dst-address=0.0.0.0/0 interface=all parent=none
direction=both \
    priority=8 queue=default-small/default-small limit-at=64000/512000 max-limit=64000/512000
burst-limit=512000/512000 \
    burst-threshold=64000/64000 burst-time=30s/30s total-queue=default-small disabled=no
add name="operator" target-addresses=172.16.16.100/32 dst-address=0.0.0.0/0 interface=all
parent=none direction=both \
    priority=8 queue=default-small/default-small limit-at=64000/512000 max-limit=64000/512000
burst-limit=512000/512000 \
    burst-threshold=64000/64000 burst-time=30s/30s total-queue=default-small disabled=no
add name="pa john" target-addresses=172.16.16.2/32 dst-address=0.0.0.0/0 interface=all parent=none
direction=both \
    priority=8 queue=default-small/default-small limit-at=0/0 max-limit=0/0 total-queue=default-small
disabled=no
/ user
add name="farrel" group=full address=0.0.0.0/0 comment="system default user" disabled=no
add name="admin" group=read address=0.0.0.0/0 comment="" disabled=no
add name="ricky" group=read address=0.0.0.0/0 comment="" disabled=no
/ user group
add name="read" policy=local,telnet,ssh,reboot,read,test,winbox,password,web,!ftp,!write,!policy
add name="write" policy=local,telnet,ssh,reboot,read,write,test,winbox,password,web,!ftp,!policy
add name="full" policy=local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,password,web
/ user aaa
set use-radius=no accounting=yes interim-update=0s default-group=read
/ radius incoming
set accept=no port=1700
/ driver
/ snmp
set enabled=no contact="" location=""
/ snmp community
set public name="public" address=0.0.0.0/0 read-access=yes
/ tool bandwidth-server
set enabled=yes authenticate=yes allocate-udp-ports-from=2000 max-sessions=10
/ tool mac-server ping
set enabled=yes
/ tool e-mail
set server=0.0.0.0 from="<>"
/ tool sniffer
set interface=all only-headers=no memory-limit=10 file-name="" file-limit=10 streaming-enabled=no
streaming-server=0.0.0.0 \
    filter-stream=yes filter-protocol=ip-only filter-address1=0.0.0.0/0:0-65535 filter-
address2=0.0.0.0/0:0-65535
/ tool graphing
set store-every=5min
/ tool graphing interface
add interface=all allow-address=0.0.0.0/0 store-on-disk=yes disabled=no
/ routing ospf
set router-id=0.0.0.0 distribute-default=never redistribute-connected=no redistribute-static=no
redistribute-rip=no \
    redistribute-bgp=no metric-default=1 metric-connected=20 metric-static=20 metric-rip=20 metric-
bgp=20
/ routing ospf area
set backbone area-id=0.0.0.0 type=default translator-role=translate-candidate authentication=none
prefix-list-import="" \
    prefix-list-export="" disabled=no
/ routing bgp
set enabled=no as=1 router-id=0.0.0.0 redistribute-static=no redistribute-connected=no redistribute-
rip=no \
    redistribute-ospf=no
/ routing rip
set redistribute-static=no redistribute-connected=no redistribute-ospf=no redistribute-bgp=no metric-
static=1 \
    metric-connected=1 metric-ospf=1 metric-bgp=1 update-timer=30s timeout-timer=3m garbage-
timer=2m