i want to collect real-time data from my davis weather station, for this i have to forward an udp broadcast:
https://support.davisinstruments.com/ar ... k-live-use
my weather station is hosted in vlan 20 (bridge_IoT) and my Raspberry in vlan 103 (bridge_intern)
i tried a few things, but i think i dont understand correctly how broadcasts are working, so maybe someone can help me :)
Code: Select all
# feb/21/2021 19:37:06 by RouterOS 6.47.7
# software id = QW9V-E8E2
#
# model = RB4011iGS+
/caps-man channel
add band=2ghz-b name=channel_2g
add band=5ghz-a/n/ac name=channel_5g
/interface bridge
add frame-types=admit-only-vlan-tagged name=bridge_IoT vlan-filtering=yes
add frame-types=admit-only-vlan-tagged name=bridge_hotspot vlan-filtering=yes
add name=bridge_intern pvid=107 vlan-filtering=yes
/interface ethernet
set [ find default-name=ether4 ] l2mtu=1598 mac-address=74:4D:28:D1:1D:0D \
name=ether1_PoE_in
set [ find default-name=ether2 ] l2mtu=1598 mac-address=74:4D:28:D1:1D:0F \
name=ether2_wan
set [ find default-name=ether3 ] l2mtu=1598 mac-address=74:4D:28:D1:1D:0E
set [ find default-name=ether1 ] l2mtu=1598 mac-address=74:4D:28:D1:1D:10 \
name=ether4
set [ find default-name=ether6 ] name=ether6_IoT_E23
set [ find default-name=ether7 ] name=ether7_IoT_F23
set [ find default-name=ether10 ] poe-out=off
set [ find default-name=sfp-sfpplus1 ] name=sfp-sfpplus1_intern_A1
/interface vlan
add interface=bridge_IoT name=vlan20_tagged_IoT vlan-id=20
add interface=bridge_intern name=vlan102_tagged_Clients vlan-id=102
add interface=bridge_intern name=vlan103_tagged_Raspi vlan-id=103
add interface=bridge_intern name=vlan107_untagged_Mgmt vlan-id=107
add interface=bridge_intern name=vlan134_tagged_WLAN_Home vlan-id=134
add interface=bridge_hotspot name=vlan135_tagged_WLAN_hotspot vlan-id=135
/interface bonding
add mode=802.3ad name=bonding_IoT slaves=ether6_IoT_E23,ether7_IoT_F23 \
transmit-hash-policy=layer-3-and-4
add mode=802.3ad name=bonding_intern slaves=ether9,ether10 \
transmit-hash-policy=layer-3-and-4
/caps-man datapath
add bridge=bridge_intern name=dp_vlan134_Home vlan-id=134 vlan-mode=use-tag
add bridge=bridge_hotspot name=dp_vlan135_Hotspot vlan-id=135 vlan-mode=\
use-tag
add bridge=bridge_IoT client-to-client-forwarding=no local-forwarding=no \
name=dp_vlan20_IoT vlan-id=20 vlan-mode=use-tag
/caps-man configuration
add country=austria datapath=dp_vlan135_Hotspot installation=indoor mode=ap \
name=capsconf_hotspot_5g ssid=birdygrille_hotspot_5g
add country=austria datapath=dp_vlan135_Hotspot installation=indoor name=\
capsconf_hotspot_2g ssid=birdygrille_hotspot_2g
/caps-man security
add authentication-types=wpa2-psk encryption=aes-ccm group-encryption=aes-ccm \
name=sec_birdygrille_home
add authentication-types=wpa2-psk encryption=aes-ccm group-encryption=aes-ccm \
name=sec_birdygrille_IoT
/caps-man configuration
add channel=channel_5g country=austria datapath=dp_vlan134_Home installation=\
indoor name=capsconf_home_5g security=sec_birdygrille_home \
security.authentication-types=wpa2-psk security.encryption=aes-ccm \
security.group-encryption=aes-ccm security.group-key-update=5m ssid=\
birdygrille_home_5g
add channel=channel_2g country=austria datapath=dp_vlan134_Home installation=\
indoor name=capsconf_home_2g security=sec_birdygrille_home \
security.authentication-types=wpa2-psk security.encryption=aes-ccm \
security.group-encryption=aes-ccm ssid=birdygrille_home_2g
add country=austria datapath=dp_vlan20_IoT \
datapath.client-to-client-forwarding=no datapath.local-forwarding=no \
hide-ssid=yes installation=indoor name=capsconf_IoT_2g security=\
sec_birdygrille_IoT ssid=birdygrille_IoT_2g
add country=austria datapath=dp_vlan20_IoT \
datapath.client-to-client-forwarding=no datapath.local-forwarding=no \
hide-ssid=yes installation=indoor name=capsconf_IoT_5g security=\
sec_birdygrille_IoT ssid=birdygrille_IoT_5g
/caps-man interface
add configuration=capsconf_home_2g disabled=no l2mtu=1600 mac-address=\
48:8F:5A:CC:2A:1C master-interface=none name=2g-wlan_ap_garage-1 \
radio-mac=48:8F:5A:CC:2A:1C radio-name=488F5ACC2A1C
add configuration=capsconf_IoT_2g disabled=no l2mtu=1600 mac-address=\
4A:8F:5A:CC:2A:1C master-interface=2g-wlan_ap_garage-1 name=\
2g-wlan_ap_garage-1-1 radio-mac=00:00:00:00:00:00 radio-name=4A8F5ACC2A1C
add configuration=capsconf_hotspot_2g disabled=no l2mtu=1600 mac-address=\
4A:8F:5A:CC:2A:1D master-interface=2g-wlan_ap_garage-1 name=\
2g-wlan_ap_garage-1-2 radio-mac=00:00:00:00:00:00 radio-name=4A8F5ACC2A1D
add configuration=capsconf_home_2g disabled=no l2mtu=1600 mac-address=\
48:8F:5A:77:93:38 master-interface=none name=2g-wlan_ap_wz-1 radio-mac=\
48:8F:5A:77:93:38 radio-name=488F5A779338
add configuration=capsconf_IoT_2g disabled=no l2mtu=1600 mac-address=\
4A:8F:5A:77:93:38 master-interface=2g-wlan_ap_wz-1 name=2g-wlan_ap_wz-1-1 \
radio-mac=00:00:00:00:00:00 radio-name=4A8F5A779338
add configuration=capsconf_hotspot_2g disabled=no l2mtu=1600 mac-address=\
4A:8F:5A:77:93:39 master-interface=2g-wlan_ap_wz-1 name=2g-wlan_ap_wz-1-2 \
radio-mac=00:00:00:00:00:00 radio-name=4A8F5A779339
add configuration=capsconf_home_5g disabled=no l2mtu=1600 mac-address=\
48:8F:5A:CC:2A:1D master-interface=none name=5g-wlan_ap_garage-1 \
radio-mac=48:8F:5A:CC:2A:1D radio-name=488F5ACC2A1D
add configuration=capsconf_IoT_5g disabled=no l2mtu=1600 mac-address=\
4A:8F:5A:CC:2A:1E master-interface=5g-wlan_ap_garage-1 name=\
5g-wlan_ap_garage-1-1 radio-mac=00:00:00:00:00:00 radio-name=4A8F5ACC2A1E
add configuration=capsconf_hotspot_5g disabled=no l2mtu=1600 mac-address=\
4A:8F:5A:CC:2A:1F master-interface=5g-wlan_ap_garage-1 name=\
5g-wlan_ap_garage-1-2 radio-mac=00:00:00:00:00:00 radio-name=4A8F5ACC2A1F
add configuration=capsconf_home_5g disabled=no l2mtu=1600 mac-address=\
48:8F:5A:77:93:39 master-interface=none name=5g-wlan_ap_wz-1 radio-mac=\
48:8F:5A:77:93:39 radio-name=488F5A779339
add configuration=capsconf_IoT_5g disabled=no l2mtu=1600 mac-address=\
4A:8F:5A:77:93:3A master-interface=5g-wlan_ap_wz-1 name=5g-wlan_ap_wz-1-1 \
radio-mac=00:00:00:00:00:00 radio-name=4A8F5A77933A
add configuration=capsconf_hotspot_5g disabled=no l2mtu=1600 mac-address=\
4A:8F:5A:77:93:3B master-interface=5g-wlan_ap_wz-1 name=5g-wlan_ap_wz-1-2 \
radio-mac=00:00:00:00:00:00 radio-name=4A8F5A77933B
/interface ethernet switch port
set 0 default-vlan-id=auto
set 1 default-vlan-id=auto
set 2 default-vlan-id=auto
set 3 default-vlan-id=auto
set 4 default-vlan-id=0
set 5 default-vlan-id=0
set 6 default-vlan-id=0
set 7 default-vlan-id=0
set 8 default-vlan-id=0
set 9 default-vlan-id=0
set 10 default-vlan-id=auto
set 11 default-vlan-id=0
/interface list
add name=WAN
add name=LAN
/interface lte apn
set [ find default=yes ] apn=mass.at
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa2-psk eap-methods="" mode=\
dynamic-keys supplicant-identity=MikroTik
add eap-methods="" name=sp_hotspot supplicant-identity=""
add authentication-types=wpa2-psk eap-methods="" mode=dynamic-keys name=\
sp_IoT supplicant-identity=""
add authentication-types=wpa2-psk eap-methods="" mode=dynamic-keys name=\
sp_home supplicant-identity=""
/ip dhcp-server option
add code=1 name=subnetmask value="'255.255.255.255'"
/ip dhcp-server option sets
add name=subnetmask options=subnetmask
/ip hotspot profile
add dns-name=grille.guest hotspot-address=172.16.1.1 name=hsprof2
/ip ipsec profile
add enc-algorithm=aes-256,3des name=ipsec-profile-grille
/ip ipsec peer
# This entry is unreachable
add name=ipsec-peer-grille passive=yes profile=ipsec-profile-grille
/ip ipsec proposal
add enc-algorithms=aes-256-cbc,aes-192-cbc,aes-128-cbc,3des name=\
ipsec-proposal-grille
/ip pool
add name=dhcppool_hotspot ranges=172.16.1.100-172.16.1.200
add name=dhcppool_vpn ranges=192.168.50.100-192.168.50.200
add name=dhcppool_IoT ranges=172.16.50.100-172.16.50.200
/ip dhcp-server
add address-pool=dhcppool_hotspot disabled=no interface=\
vlan135_tagged_WLAN_hotspot lease-time=1h name=dhcp_hotspot
add address-pool=dhcppool_IoT disabled=no interface=vlan20_tagged_IoT \
lease-time=1h name=dhcp_IoT
/ip hotspot
add address-pool=dhcppool_hotspot disabled=no interface=\
vlan135_tagged_WLAN_hotspot name=hotspot1 profile=hsprof2
/ip hotspot user profile
add address-pool=dhcppool_hotspot mac-cookie-timeout=1d name=10Mbit_2Mbit \
rate-limit=10000000/2000000
/ip ipsec mode-config
add address-pool=dhcppool_vpn name=ipsec-modeconfig-grille static-dns=\
192.168.7.22 system-dns=no
/port
set 0 baud-rate=9600 data-bits=8 flow-control=none name=usb1 parity=none \
stop-bits=1
/ppp profile
add change-tcp-mss=yes dns-server=8.8.8.8 local-address=192.168.50.1 name=\
ppp-profile remote-address=dhcppool_vpn use-encryption=required use-mpls=\
yes
/system logging action
set 1 disk-file-name=flash/log
/caps-man manager
set ca-certificate=auto certificate=auto enabled=yes package-path=\
upgrade/routeros-arm-6.47.7.npk upgrade-policy=require-same-version
/caps-man provisioning
add action=create-enabled hw-supported-modes=a,an,ac master-configuration=\
capsconf_home_5g name-format=prefix-identity name-prefix=5g \
slave-configurations=capsconf_IoT_5g,capsconf_hotspot_5g
add action=create-enabled hw-supported-modes=b,gn master-configuration=\
capsconf_home_2g name-format=prefix-identity name-prefix=2g \
slave-configurations=capsconf_IoT_2g,capsconf_hotspot_2g
/interface bridge port
add bridge=bridge_intern interface=sfp-sfpplus1_intern_A1 pvid=107
add bridge=bridge_intern frame-types=admit-only-vlan-tagged interface=\
vlan102_tagged_Clients pvid=102
add bridge=bridge_intern frame-types=admit-only-vlan-tagged interface=\
vlan134_tagged_WLAN_Home pvid=134
add bridge=bridge_IoT frame-types=admit-only-vlan-tagged interface=\
bonding_IoT pvid=20
add bridge=bridge_IoT frame-types=admit-only-vlan-tagged interface=\
vlan20_tagged_IoT pvid=20
add bridge=bridge_intern frame-types=admit-only-vlan-tagged interface=\
vlan103_tagged_Raspi pvid=103
/interface bridge settings
set use-ip-firewall=yes
/interface bridge vlan
add bridge=bridge_intern tagged=\
bridge_intern,vlan102_tagged_Clients,sfp-sfpplus1_intern_A1 vlan-ids=102
add bridge=bridge_intern tagged=bridge_intern,vlan107_untagged_Mgmt untagged=\
sfp-sfpplus1_intern_A1 vlan-ids=107
add bridge=bridge_intern tagged="bridge_intern,bonding_intern,vlan134_tagged_W\
LAN_Home,sfp-sfpplus1_intern_A1" vlan-ids=134
add bridge=bridge_IoT tagged=vlan20_tagged_IoT,bridge_IoT,bonding_IoT \
vlan-ids=20
add bridge=bridge_intern tagged=\
sfp-sfpplus1_intern_A1,bridge_intern,vlan103_tagged_Raspi vlan-ids=103
add bridge=bridge_hotspot tagged=bridge_hotspot,vlan135_tagged_WLAN_hotspot \
vlan-ids=135
/interface detect-internet
set detect-interface-list=WAN
/interface l2tp-server server
set authentication=mschap2 default-profile=ppp-profile enabled=yes use-ipsec=\
yes
/interface list member
add interface=ether2_wan list=WAN
add interface=bridge_intern list=LAN
/ip address
add address=192.168.7.1/24 interface=vlan107_untagged_Mgmt network=\
192.168.7.0
add address=192.168.2.1/24 interface=vlan102_tagged_Clients network=\
192.168.2.0
add address=192.168.34.1/24 interface=vlan134_tagged_WLAN_Home network=\
192.168.34.0
add address=172.16.1.1/24 comment="hotspot network" interface=\
vlan135_tagged_WLAN_hotspot network=172.16.1.0
add address=172.16.50.1/24 comment=IoT interface=vlan20_tagged_IoT network=\
172.16.50.0
add address=192.168.3.1/24 interface=vlan103_tagged_Raspi network=192.168.3.0
/ip dhcp-client
add disabled=no interface=ether2_wan
/ip dhcp-relay
add dhcp-server=192.168.7.22 disabled=no interface=vlan107_untagged_Mgmt \
name=relay_vlan107
add dhcp-server=192.168.7.22 disabled=no interface=vlan102_tagged_Clients \
name=relay_vlan102
add dhcp-server=192.168.7.22 disabled=no interface=vlan134_tagged_WLAN_Home \
name=relay_vlan134
add dhcp-server=192.168.7.22 disabled=no interface=vlan103_tagged_Raspi name=\
relay_vlan103
/ip dhcp-server lease
add address=172.16.50.192 client-id=1:0:4:20:27:b9:97 mac-address=\
00:04:20:27:B9:97 server=dhcp_IoT
add address=172.16.50.194 client-id=1:0:5:cd:c9:8e:8c mac-address=\
00:05:CD:C9:8E:8C server=dhcp_IoT
add address=172.16.50.189 mac-address=CC:50:E3:31:52:0A server=dhcp_IoT
add address=172.16.50.187 mac-address=DC:4F:22:2B:D7:56 server=dhcp_IoT
add address=172.16.50.186 mac-address=DC:4F:22:2B:DA:59 server=dhcp_IoT
add address=172.16.50.200 client-id=1:d8:e0:e1:c9:ab:f8 mac-address=\
D8:E0:E1:C9:AB:F8 server=dhcp_IoT
add address=172.16.50.183 client-id=1:0:1d:a:71:39:8f mac-address=\
00:1D:0A:71:39:8F server=dhcp_IoT
/ip dhcp-server network
add address=172.16.1.0/24 comment="hotspot network" dns-server=\
8.8.8.8,8.8.4.4 gateway=172.16.1.1
add address=172.16.50.0/24 comment="IoT Network" dns-server=\
208.67.222.222,208.67.220.220 gateway=172.16.50.1
/ip dns
set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4
/ip firewall filter
add action=accept chain=forward comment=\
"Allow IoT-2-intern (ICMP,HTTP,HTTPS)" dst-address=192.168.0.0/16 \
protocol=icmp src-address=172.16.50.0/24
add action=accept chain=forward dst-address=192.168.0.0/16 protocol=tcp \
src-address=172.16.50.0/24 src-port=80,443
add action=drop chain=forward comment=\
"Allow IoT-2-extern (ICMP, DNS, HTTP, HTTPS)" connection-state=invalid \
protocol=tcp src-address=172.16.50.0/24
add action=accept chain=forward connection-state=related src-address=\
172.16.50.0/24
add action=accept chain=forward out-interface=ether2_wan protocol=icmp \
src-address=172.16.50.0/24
add action=accept chain=forward dst-port=53,80,443 out-interface=ether2_wan \
protocol=tcp src-address=172.16.50.0/24
add action=accept chain=forward dst-port=53 out-interface=ether2_wan \
protocol=udp src-address=172.16.50.0/24
add action=accept chain=forward comment="RoboVac Special Port" dst-port=8886 \
out-interface=ether2_wan protocol=tcp src-address=172.16.50.189
add action=accept chain=forward comment="Squeezebox Special Ports" dst-port=\
3483,9000 out-interface=ether2_wan protocol=tcp src-address=172.16.50.192
add action=accept chain=forward dst-port=3483 out-interface=ether2_wan \
protocol=udp src-address=172.16.50.192
add action=accept chain=forward comment="WeatherLinkLive Special Port" \
dst-port=5621 out-interface=ether2_wan protocol=tcp src-address=\
172.16.50.183
add action=drop chain=forward comment="Drop IoT" src-address=172.16.50.0/24
add action=accept chain=input comment="L2TP & IPsec" dst-port=500,1701,4500 \
protocol=udp
add action=accept chain=input protocol=ipsec-esp
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes
add action=accept chain=input comment="Portforwarding SSH | HTTP | Winbox" \
connection-mark=ssh-redirect dst-port=22 protocol=tcp
add action=accept chain=input connection-mark=http_redirect dst-port=80 \
protocol=tcp
add action=accept chain=input dst-port=8291 protocol=tcp
add action=accept chain=input connection-state=established
add action=accept chain=input connection-state=related
add action=accept chain=forward
add action=drop chain=input in-interface=ether2_wan
/ip firewall mangle
add action=mark-connection chain=prerouting comment="Mark SSH" dst-port=8444 \
new-connection-mark=ssh-redirect passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment="Mark HTTP" dst-port=8443 \
new-connection-mark=http_redirect passthrough=yes protocol=tcp
/ip firewall nat
add action=accept chain=pre-hotspot comment="place hotspot rules here" \
dst-address-type=!local hotspot=auth
add action=masquerade chain=srcnat comment=masquerade out-interface=\
ether2_wan
add action=dst-nat chain=dstnat comment=Qnap_Qsync_Qfile_HTTPS dst-port=65010 \
protocol=tcp to-addresses=192.168.7.20 to-ports=444
add action=dst-nat chain=dstnat comment=Raspi_Oscam dst-port=63000 protocol=\
tcp to-addresses=192.168.3.40 to-ports=63000
add action=dst-nat chain=dstnat dst-port=16002 protocol=tcp to-addresses=\
192.168.3.40 to-ports=16002
add action=dst-nat chain=dstnat comment=Raspi_Wetter dst-port=60450 protocol=\
tcp to-addresses=192.168.3.38 to-ports=80
add action=dst-nat chain=dstnat comment=Raspi_Strom dst-port=60550 protocol=\
tcp to-addresses=192.168.3.39 to-ports=80
add action=dst-nat chain=dstnat comment="SSH Mikrotik" dst-port=8444 \
protocol=tcp to-addresses=192.168.7.1 to-ports=22
add action=dst-nat chain=dstnat comment="HTTP Mikrotik" dst-port=8443 \
protocol=tcp to-addresses=192.168.7.1 to-ports=80
add action=dst-nat chain=dstnat comment="Winbox Mikrotik" dst-port=8291 \
protocol=tcp to-addresses=192.168.7.1 to-ports=8291
add action=dst-nat chain=dstnat disabled=yes dst-port=65000 protocol=tcp \
to-addresses=192.168.7.22 to-ports=80
add action=dst-nat chain=dstnat disabled=yes dst-port=65001 protocol=tcp \
to-addresses=192.168.7.22 to-ports=22
add action=masquerade chain=srcnat comment="masquerade hotspot network" \
src-address=172.16.1.0/24
/ip hotspot user
add name=test profile=10Mbit_2Mbit
/ip ipsec identity
add mode-config=ipsec-modeconfig-grille peer=ipsec-peer-grille
/ip ipsec policy
add proposal=ipsec-proposal-grille template=yes
set 1 disabled=yes
/ip service
set telnet disabled=yes
set ftp disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/ip smb shares
set [ find default=yes ] directory=/flash/pub
/ip traffic-flow
set cache-entries=32k interfaces=*15
/ppp secret
add name=vpn_grille profile=ppp-profile service=l2tp
add name=vpn_johann profile=ppp-profile service=l2tp
/system clock
set time-zone-name=Europe/Vienna
/system leds
set 0 leds="" type=wireless-status
add leds="" type=wireless-status
add leds=sfp-sfpplus-led type=interface-activity
/system logging
add topics=lte
add topics=ppp
/system resource irq rps
set ether1_PoE_in disabled=no
set ether3 disabled=no
set ether2_wan disabled=no
set ether4 disabled=no
/system scheduler
add interval=5m name="Update No-IP DDNS grille-stick" on-event="/system schedu\
ler add comment=\"Update No-IP DDNS\" disabled=no interval=5m \\\r\
\nname=no-ip_ddns_update on-event=no-ip_ddns_update policy=read,write,test\
" policy=read,policy,test start-date=oct/11/2020 start-time=07:20:06
add interval=5m name="Update No-IP DDNS grille-hof" on-event="/system schedule\
r add comment=\"Update No-IP DDNS grille-hof\" disabled=no interval=5m \\\
\r\
\nname=no-ip_ddns_update_grille-hof on-event=no-ip_ddns_update policy=read\
,write,test" policy=read,policy,test start-date=oct/29/2020 start-time=\
09:41:35
add interval=1d name=disable_wlan on-event=disable_wlan policy=\
read,write,policy,test start-date=nov/05/2020 start-time=22:00:00
add interval=1d name=enable_wlan on-event=enable_wlan policy=\
read,write,policy,test start-date=nov/05/2020 start-time=05:30:00
add comment="init global functions and aliases" name=roshrc on-event=\
"/system script run roshrc" policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
start-time=startup
/system script
add dont-require-permissions=no name=disable_wlan owner=admin policy=\
read,write,test source="/caps-man interface\r\
\n:foreach ap in=[find where name~\"2g-wlan\" || name~\"5g-wlan\"] do={\r\
\n :put [get \$ap name];\r\
\n /caps-man interface disable [get \$ap name];\r\
\n}"
add dont-require-permissions=no name=enable_wlan owner=admin policy=\
read,write,test source="/caps-man interface\r\
\n:foreach ap in=[find where name~\"2g-wlan\" || name~\"5g-wlan\"] do={\r\
\n :put [get \$ap name];\r\
\n /caps-man interface enable [get \$ap name];\r\
\n}"
/tool bandwidth-server
set enabled=no
/tool traffic-monitor
add name=tmon1 traffic=received
