Scribd
Upload
7 views

Tutorial Thome DNS

Tuorial Dns

Uploaded by

amp.ticonsultoria
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
7 views

Tutorial Thome DNS

Tuorial Dns

Uploaded by

amp.ticonsultoria
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

TUTORIAL THOMEDNS, CONFIGURAÇÃO MIKROTIK

1º Escolha a interface que conectará o servidor ThomeDNS, e configure o IP que será o Gateway do
servidor ThomeDNS:

2º Aplique UM dos Script NAT ou MANGLE no Mikrotik, para redirecionamento automático das
requisições DNS dos clientes para o Servidor ThomeDNS:

::::::::::::::::::::::SCRIPT POR NAT:::::::::::::::::::

:global IPTHOME 172.30.201.2;

/ip firewall mangle


remove [find chain=prerouting protocol="udp" dst-port="53"]
remove [find chain=prerouting protocol="tcp" dst-port="53"]

/ip firewall nat


remove [find src-address="$IPTHOME"]
remove [find src-address="!$IPTHOME" dst-port="53"]

add action=masquerade chain=srcnat comment="Internet para ThomeDNS" src-address="$IPTHOME"


add chain=dstnat src-address="!$IPTHOME" dst-address="!$IPTHOME" protocol=udp dst-port=53 \
action=dst-nat to-addresses="$IPTHOME" to-ports=53 comment="Redireciona DNS"
add chain=dstnat src-address="!$IPTHOME" dst-address="!$IPTHOME" protocol=tcp dst-port=53 \
action=dst-nat to-addresses="$IPTHOME" to-ports=53

move [find src-address="!$IPTHOME" protocol="udp" dst-port="53"] [:pick [find] 0]


move [find src-address="!$IPTHOME" protocol="tcp" dst-port="53"] [:pick [find] 1]
move [find src-address="$IPTHOME"] [:pick [find] 2]

/tool netwatch
remove [find host=$IPTHOME]
add disabled=no down-script="\r\
\n ip firewall nat set [ find to-addresses=$IPTHOME ] disabled=yes\r\
\n\r\
\n" host=$IPTHOME interval=3s timeout=1s up-script="\r\
\n ip firewall nat set [ find to-addresses=$IPTHOME ] disabled=no\r\
\n\r\
\n"
::::::::::::::::::::::::SCRIPT POR MANGLE:::::::::::::::::::::::::

:global IPTHOME 172.30.201.2;

/ip firewall nat


remove [find src-address="$IPTHOME"]
remove [find src-address="!$IPTHOME" dst-port="53"]
add action=masquerade chain=srcnat comment="Internet para ThomeDNS" src-address="$IPTHOME"

/ip firewall mangle


remove [find chain=prerouting protocol="udp" dst-port="53"]
remove [find chain=prerouting protocol="tcp" dst-port="53"]

add action=mark-routing src-address="!$IPTHOME" dst-address="!$IPTHOME" chain=prerouting \


disabled=yes dst-port=53 new-routing-mark=ThomeDNS passthrough=no protocol=udp \
comment="Redireciona DNS"
add action=mark-routing src-address="!$IPTHOME" dst-address="!$IPTHOME" chain=prerouting \
disabled=yes dst-port=53 new-routing-mark=ThomeDNS passthrough=no protocol=tcp

move [find new-routing-mark=ThomeDNS protocol="udp" dst-port="53"] [:pick [find] 0]


move [find new-routing-mark=ThomeDNS protocol="tcp" dst-port="53"] [:pick [find] 1]

/ip firewall nat


#remove [find src-address="$IPTHOME"]
remove [find src-address="!$IPTHOME" dst-port="53"]

/ip route
remove [find gateway=$IPTHOME]
remove [find routing-mark=ThomeDNS]
add check-gateway=ping disabled=yes distance=1 dst-address=0.0.0.0/0 gateway=\
$IPTHOME routing-mark=ThomeDNS scope=30 target-scope=10

/tool netwatch
remove [find host=$IPTHOME]
add disabled=no down-script=" \r\
ip firewall mangle set [ find new-routing-mark=ThomeDNS ] disabled=yes\r\
\n ip route set [ find routing-mark=ThomeDNS ] disabled=yes\r\
\n ip firewall nat set [ find to-addresses=$IPTHOME ] disabled=yes\r\
\n\r\
\n" host=$IPTHOME interval=3s timeout=1s up-script="\r\
ip firewall mangle set [ find new-routing-mark=ThomeDNS ] disabled=no\r\
\n ip route set [ find routing-mark=ThomeDNS ] disabled=no\r\
\n ip firewall nat set [ find to-addresses=$IPTHOME ] disabled=no\r\
\n\r\
\n"

You might also like