here we go, had to edit out a couple of addresses, as you can understand
# feb/24/2013 20:34:23 by RouterOS 5.24
# software id = xxxx-xxxx
#
/interface bridge
add admin-mac=xx:xx:xx:xx:xx:xx auto-mac=no l2mtu=1598 name=bridge-local \
protocol-mode=rstp
add name=bridge_link_to_EoIP
/interface wireless
set 0 antenna-gain=4 band=2ghz-b/g/n channel-width=20/40mhz-ht-above country=\
"united kingdom" disabled=no distance=indoors ht-rxchains=0,1 \
ht-txchains=0,1 l2mtu=2290 mode=ap-bridge ssid=Internal \
tx-power-mode=manual-table wireless-protocol=802.11
/interface ethernet
set 0 name=sfp1-gateway
set 1 name=ether1-gateway
set 6 name=ether6-master-local
set 7 master-port=ether6-master-local name=ether7-slave-local
set 8 master-port=ether6-master-local name=ether8-slave-local
set 9 master-port=ether6-master-local name=ether9-slave-local
set 10 comment="EoIP Tunnel / Testing"
/interface pppoe-client
add add-default-route=yes disabled=no interface=ether1-gateway name=\
pppoe-out1 password=abc123 use-peer-dns=yes user=mypppoelogin
/interface wireless manual-tx-power-table
set wlan1 manual-tx-powers="1Mbps:20,2Mbps:20,5.5Mbps:20,11Mbps:20,6Mbps:20,9M\
bps:20,12Mbps:20,18Mbps:20,24Mbps:20,36Mbps:20,48Mbps:20,54Mbps:20,HT20-0:\
20,HT20-1:20,HT20-2:20,HT20-3:20,HT20-4:20,HT20-5:20,HT20-6:20,HT20-7:20,H\
T40-0:20,HT40-1:20,HT40-2:20,HT40-3:20,HT40-4:20,HT40-5:20,HT40-6:20,HT40-\
7:20"
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa-psk,wpa2-psk eap-methods=\
passthrough mode=dynamic-keys supplicant-identity=MikroTik \
wpa-pre-shared-key=cantbreakthiscode wpa2-pre-shared-key=cantbreakthiscode
add authentication-types=wpa-psk,wpa2-psk eap-methods=passthrough \
management-protection=allowed mode=dynamic-keys name=Test-Wifi \
supplicant-identity="" wpa-pre-shared-key=12345678 wpa2-pre-shared-key=\
12345678
/interface wireless
add area="" arp=enabled bridge-mode=enabled default-ap-tx-limit=0 \
default-authentication=yes default-client-tx-limit=0 default-forwarding=\
yes disable-running-check=no disabled=no hide-ssid=no l2mtu=2290 \
mac-address=xx:xx:xx:xx:xx:xx master-interface=wlan1 max-station-count=\
2007 mtu=1500 multicast-helper=default name=wlan2 proprietary-extensions=\
post-2.9.25 security-profile=Test-Wifi ssid=Guest update-stats-interval=\
disabled wds-cost-range=0 wds-default-bridge=none wds-default-cost=0 \
wds-ignore-ssid=no wds-mode=disabled wmm-support=disabled
/ip hotspot user profile
set [ find default=yes ] idle-timeout=none keepalive-timeout=2m
/ip pool
add name=default-dhcp ranges=192.168.88.60-192.168.88.254
add name=Guest_Pool ranges=172.16.1.2-172.16.1.254
/ip dhcp-server
add address-pool=default-dhcp disabled=no interface=bridge-local name=default
add address-pool=Guest_Pool disabled=no interface=wlan2 lease-time=1d name=\
Guest
/snmp community
set [ find default=yes ] name=client
/tool user-manager customer
add backup-allowed=yes disabled=no login=admin password=abc123 \
paypal-accept-pending=no paypal-allowed=no paypal-secure-response=no \
permissions=owner signup-allowed=no time-zone=-00:00
/tool user-manager profile
add name=Test name-for-users="" override-shared-users=off owner=admin price=0 \
starts-at=logon validity=0s
/interface bridge port
add bridge=bridge-local interface=ether2
add bridge=bridge-local interface=ether3
add bridge=bridge-local interface=ether4
add bridge=bridge-local interface=ether5
add bridge=bridge-local interface=ether6-master-local
add bridge=bridge-local interface=wlan1
/ip address
add address=192.168.88.1/24 comment="default configuration" interface=\
bridge-local
add address=172.16.1.1/32 interface=wlan2 network=172.16.1.1
/ip dhcp-client
add comment="default configuration" disabled=no interface=sfp1-gateway
add comment="default configuration" disabled=no interface=ether1-gateway
/ip dhcp-server network
add address=172.16.1.0/24 dns-server=172.16.1.1 gateway=172.16.1.1
add address=192.168.88.0/24 comment="default configuration" dns-server=\
192.168.88.1 gateway=192.168.88.1
/ip dns
set allow-remote-requests=yes servers=8.8.8.8
/ip dns static
add address=192.168.88.1 name=router
add address=172.16.1.1 name=Guest
/ip firewall address-list
add address=xxx.xxx.xxx.xxx list=AllowedFullAccess
/ip firewall connection tracking
set tcp-syncookie=yes
/ip firewall filter
add chain=input comment="Allow access from all connections on Address Li\
st 'AllowedFullAccess'" in-interface=pppoe-out1 src-address-list=\
AllowedFullAccess
add chain=input comment=\
"Allow access from all connections on internal LAN" in-interface=\
bridge-local
add chain=input comment="Allow normal pings, but not Ping Of Death" \
in-interface=pppoe-out1 limit=1,5 protocol=icmp
add chain=input comment=\
"Allow already allowed and established connections" \
connection-state=established in-interface=pppoe-out1
add chain=input comment="Allow already allowed Related connections" \
connection-state=related in-interface=pppoe-out1
add action=log chain=input comment="Log everything being dropped" \
in-interface=pppoe-out1 log-prefix=Dropping:
add action=drop chain=input comment=\
"Drop everything else not allowed above" in-interface=pppoe-out1
/ip firewall nat
add action=masquerade chain=srcnat comment="default configuration" disabled=\
yes out-interface=sfp1-gateway
add action=masquerade chain=srcnat comment="default configuration" \
out-interface=pppoe-out1 to-addresses=0.0.0.0
add action=masquerade chain=srcnat out-interface=pppoe-out1 src-address=\
172.16.1.0/24
/ip firewall service-port
set tftp disabled=yes
set irc disabled=yes
set h323 disabled=yes
set sip disabled=yes
/ip neighbor discovery
set sfp1-gateway disabled=yes
set ether1-gateway disabled=yes
set wlan1 disabled=yes
set pppoe-out1 disabled=no
set wlan2 disabled=yes
/ip service
set telnet disabled=yes
set ftp address=192.168.88.0/24
set www port=80
set ssh port=22
set api disabled=no
/ip upnp
set enabled=yes
/system identity
set name=2011-UAS
/system lcd
set contrast=0 enabled=no port=parallel type=24x4
/system lcd page
set time disabled=yes display-time=5s
set resources disabled=yes display-time=5s
set uptime disabled=yes display-time=5s
set packets disabled=yes display-time=5s
set bits disabled=yes display-time=5s
set version disabled=yes display-time=5s
set identity disabled=yes display-time=5s
set pppoe-out1 disabled=yes display-time=5s
set bridge-local disabled=yes display-time=5s
set wlan1 disabled=yes display-time=5s
set ether10 disabled=yes display-time=5s
set eoip-tunnel1 disabled=yes display-time=5s
set ether9-slave-local disabled=yes display-time=5s
set ether8-slave-local disabled=yes display-time=5s
set ether7-slave-local disabled=yes display-time=5s
set ether6-master-local disabled=yes display-time=5s
set ether5 disabled=yes display-time=5s
set ether4 disabled=yes display-time=5s
set ether3 disabled=yes display-time=5s
set ether2 disabled=yes display-time=5s
set ether1-gateway disabled=yes display-time=5s
set sfp1-gateway disabled=yes display-time=5s
set wlan2 disabled=yes display-time=5s
/system ntp client
set enabled=yes mode=unicast primary-ntp=pool.ntp.org
/tool graphing interface
add interface=pppoe-out1
add interface=wlan1
add interface=wlan2
/tool mac-server
add disabled=no interface=ether2
add disabled=no interface=ether3
add disabled=no interface=ether4
add disabled=no interface=ether5
add disabled=no interface=ether6-master-local
add disabled=no interface=ether7-slave-local
add disabled=no interface=ether8-slave-local
add disabled=no interface=ether9-slave-local
add disabled=no interface=wlan1
add disabled=no interface=bridge-local
/tool mac-server mac-winbox
set [ find default=yes ] disabled=yes
add interface=ether2
add interface=ether3
add interface=ether4
add interface=ether5
add interface=ether6-master-local
add interface=ether7-slave-local
add interface=ether8-slave-local
add interface=ether9-slave-local
add interface=wlan1
add interface=bridge-local