UserName = $Config['MainRouter']['UserName']; $Routerboard->Timeout = $Config['MainRouter']['ConnectTimeout']; $Routerboard->Debug = true; $InetInterface = $Config['MainRouter']['InetInterface']; $Items = array(); $DbResult = $Database->query('SELECT Member.*, Subject.Name FROM Member JOIN Subject ON Member.Subject = Subject.Id'); while($Member = $DbResult->fetch_assoc()) { echo($Member['Name'].': '); // Hosts $DbResult2 = $Database->query('SELECT NetworkInterface.*, NetworkDevice.Name AS DeviceName FROM NetworkInterface LEFT JOIN NetworkDevice ON NetworkDevice.Id = NetworkInterface.Device WHERE (NetworkInterface.ExternalIP <> "") AND (NetworkDevice.Member = '.$Member['Id'].') AND (NetworkInterface.LocalIP != NetworkInterface.ExternalIP) ORDER BY id DESC'); while($Interface = $DbResult2->fetch_assoc()) { $Name = $Interface['DeviceName']; if($Interface['Name'] != '') $Name .= '-'.$Interface['Name']; $Name = RouterOSIdent($Name); echo($Name.'('.$Interface['LocalIP'].'), '); $Items[] = array('chain' => 'srcnat', 'src-address' => $Interface['LocalIP'], 'out-interface' => $InetInterface, 'action' => 'src-nat', 'to-addresses' => $Interface['ExternalIP'], 'comment' => $Name.'-out'); $Items[] = array('chain' => 'dstnat', 'dst-address' => $Interface['ExternalIP'], 'in-interface' => $InetInterface, 'action' => 'dst-nat', 'to-addresses' => $Interface['LocalIP'], 'comment' => $Name.'-in'); } // Subnets $DbResult2 = $Database->select('NetworkSubnet', '*', 'Member='.$Member['Id']); while($Subnet = $DbResult2->fetch_assoc()) { $Subnet['Name'] = RouterOSIdent('subnet-'.$Subnet['Name']); echo($Subnet['Name'].'('.$Subnet['AddressRange'].'/'.$Subnet['Mask'].'), '); $NewAddress = new NetworkAddressIPv4(); $NewAddress->AddressFromString($Subnet['ExtAddressRange']); $NewAddress->Prefix = $Subnet['ExtMask']; $Range = $NewAddress->GetRange(); if($Subnet['ExtMask'] != 32) $Range = $Range['From'].'-'.$Range['To']; else $Range = $Range['From']; if($Subnet['Mask'] == 32) $Src = $Subnet['AddressRange']; else $Src = $Subnet['AddressRange'].'/'.$Subnet['Mask']; $Items[] = array('chain' => 'srcnat', 'src-address' => $Src, 'out-interface' => $InetInterface, 'action' => 'src-nat', 'to-addresses' => $Range, 'comment' => $Subnet['Name'].'-out'); $NewAddress = new NetworkAddressIPv4(); $NewAddress->AddressFromString($Subnet['AddressRange']); $NewAddress->Prefix = $Subnet['Mask']; $Range = $NewAddress->GetRange(); if($Subnet['Mask'] != 32) $Range = $Range['From'].'-'.$Range['To']; else $Range = $Range['From']; if($Subnet['ExtMask'] == 32) $Dest = $Subnet['ExtAddressRange']; else $Dest = $Subnet['ExtAddressRange'].'/'.$Subnet['ExtMask']; $Items[] = array('chain' => 'dstnat', 'dst-address' => $Dest, 'in-interface' => $InetInterface, 'action' => 'dst-nat', 'to-addresses' => $Range, 'comment' => $Subnet['Name'].'-in'); } echo("\n"); } // Masquerade hosts without public ip $Items[] = array('chain' => 'srcnat', 'out-interface' => $InetInterface, 'action' => 'masquerade', 'comment' => 'Default_NAT'); // Redirect DNS port $Items[] = array('chain' => 'dstnat', 'dst-address' => '212.111.4.174', 'protocol' => 'tcp', 'dst-port' => 53, 'in-interface' => $InetInterface, 'action' => 'dst-nat', 'to-addresses' => '10.145.64.8', 'to-ports' => 53, 'comment' => 'DNS_redirection_UDP'); $Items[] = array('chain' => 'dstnat', 'dst-address' => '212.111.4.174', 'protocol' => 'udp', 'dst-port' => 53, 'in-interface' => $InetInterface, 'action' => 'dst-nat', 'to-addresses' => '10.145.64.8', 'to-ports' => 53, 'comment' => 'DNS_redirection_UDP'); $Routerboard->ListUpdate($Path, array('chain', 'dst-address', 'in-interface', 'src-address', 'out-interface', 'to-ports', 'dst-port', 'protocol', 'action', 'to-addresses', 'comment'), $Items); ?>