vladget/gist:1de9aa3f10fe20638cd61356064738fb

## gistfile1.txt
# sep/04/2022 17:59:15 by RouterOS 6.49.6
/interface bridge
add name=bridge
/interface ethernet
set [ find default-name=ether1 ] name=ether1-wan1
set [ find default-name=ether2 ] name=ether2-wan2
/interface wireless
set [ find default-name=wlan1 ] ssid=MikroTik
set [ find default-name=wlan2 ] ssid=MikroTik
/interface list
add name=WAN
add name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp_pool0 ranges=10.100.10.2-10.100.10.254
/ip dhcp-server
add address-pool=dhcp_pool0 disabled=no interface=bridge name=dhcp1
/interface bridge port
add bridge=bridge interface=ether3
add bridge=bridge interface=ether4
add bridge=bridge interface=ether5
/interface list member
add interface=bridge list=LAN
add interface=ether1-wan1 list=WAN
add interface=ether2-wan2 list=WAN
/ip address
add address=10.100.10.1/24 interface=bridge network=10.100.10.0
/ip dhcp-client
add add-default-route=no disabled=no interface=ether1-wan1 script="{\r\
    \n:local rmark \"wan1\"\r\
    \n:local count [/ip route print count-only where comment=\"wan1\"]\r\
    \n:if (\$bound=1) do={\r\
    \n:if (\$count = 0) do={\r\
    \n/ip route add gateway=\$\"gateway-address\" comment=\"wan1\" distance=1\
    \r\
    \n/ip route remove [find where comment=\"wan1-hc\"]\r\
    \n/ip route add dst-address=8.8.4.4 gateway=\$\"gateway-address\" comment=\
    \"wan1-hc\" distance=1\r\
    \n} else={\r\
    \n:if (\$count = 1) do={\r\
    \n:local test [/ip route find where comment=\"wan1\"]\r\
    \n:if ([/ip route get \$test gateway] != \$\"gateway-address\") do={\r\
    \n/ip route set \$test gateway=\$\"gateway-address\"\r\
    \n}\r\
    \n} else={\r\
    \n:error \"Multiple routes found\"\r\
    \n}\r\
    \n}\r\
    \n} else={\r\
    \n/ip route remove [find comment=\"wan1\"]\r\
    \n}\r\
    \n}" use-peer-dns=no use-peer-ntp=no
add add-default-route=no disabled=no interface=ether2-wan2 script="{\r\
    \n:local rmark \"wan2\"\r\
    \n:local count [/ip route print count-only where comment=\"wan2\"]\r\
    \n:if (\$bound=1) do={\r\
    \n:if (\$count = 0) do={\r\
    \n/ip route add gateway=\$\"gateway-address\" comment=\"wan2\" distance=2\
    \r\
    \n} else={\r\
    \n:if (\$count = 1) do={\r\
    \n:local test [/ip route find where comment=\"wan2\"]\r\
    \n:if ([/ip route get \$test gateway] != \$\"gateway-address\") do={\r\
    \n/ip route set \$test gateway=\$\"gateway-address\"\r\
    \n}\r\
    \n} else={\r\
    \n:error \"Multiple routes found\"\r\
    \n}\r\
    \n}\r\
    \n} else={\r\
    \n/ip route remove [find comment=\"wan2\"]\r\
    \n}\r\
    \n}" use-peer-dns=no use-peer-ntp=no
/ip dhcp-server network
add address=10.100.10.0/24 dns-server=8.8.8.8 gateway=10.100.10.1
/ip dns
set servers=8.8.8.8,1.1.1.1
/ip firewall filter
add action=drop chain=output comment=Netwatch dst-address=8.8.4.4 \
    out-interface=ether2-wan2 protocol=icmp
/ip firewall nat
add action=masquerade chain=srcnat ipsec-policy=out,none out-interface-list=\
    WAN
/ip route
add comment=wan1 distance=1 gateway=192.168.50.1
add comment=wan2 disabled=yes distance=2 gateway=10.0.173.129
add comment=wan1-hc distance=1 dst-address=8.8.4.4/32 gateway=192.168.50.1
add comment=wan1-hc distance=1 dst-address=8.8.4.4/32 gateway=192.168.50.1
/system clock
set time-zone-name=Europe/Kiev
/tool netwatch
add down-script="/ip route disable [find comment=\"wan1\"]\r\
    \n/ip route enable [find comment=\"wan2\"]\r\
    \n:foreach i in=[/ip firewall connection find protocol~\"udp\"] do={ /ip f\
    irewall connection remove \$i }\r\
    \n:foreach i in=[/ip firewall connection find protocol~\"tcp\"] do={ /ip f\
    irewall connection remove \$i }\r\
    \n" host=8.8.4.4 interval=30s timeout=100ms up-script="/ip route disable [\
    find comment=\"wan2\"]\r\
    \n/ip route enable [find comment=\"wan1\"]\r\
    \n:foreach i in=[/ip firewall connection find protocol~\"udp\"] do={ /ip f\
    irewall connection remove \$i }\r\
    \n:foreach i in=[/ip firewall connection find protocol~\"tcp\"] do={ /ip f\
    irewall connection remove \$i }"
	# sep/04/2022 17:59:15 by RouterOS 6.49.6
	/interface bridge
	add name=bridge
	/interface ethernet
	set [ find default-name=ether1 ] name=ether1-wan1
	set [ find default-name=ether2 ] name=ether2-wan2
	/interface wireless
	set [ find default-name=wlan1 ] ssid=MikroTik
	set [ find default-name=wlan2 ] ssid=MikroTik
	/interface list
	add name=WAN
	add name=LAN
	/interface wireless security-profiles
	set [ find default=yes ] supplicant-identity=MikroTik
	/ip pool
	add name=dhcp_pool0 ranges=10.100.10.2-10.100.10.254
	/ip dhcp-server
	add address-pool=dhcp_pool0 disabled=no interface=bridge name=dhcp1
	/interface bridge port
	add bridge=bridge interface=ether3
	add bridge=bridge interface=ether4
	add bridge=bridge interface=ether5
	/interface list member
	add interface=bridge list=LAN
	add interface=ether1-wan1 list=WAN
	add interface=ether2-wan2 list=WAN
	/ip address
	add address=10.100.10.1/24 interface=bridge network=10.100.10.0
	/ip dhcp-client
	add add-default-route=no disabled=no interface=ether1-wan1 script="{\r\
	\n:local rmark \"wan1\"\r\
	\n:local count [/ip route print count-only where comment=\"wan1\"]\r\
	\n:if (\$bound=1) do={\r\
	\n:if (\$count = 0) do={\r\
	\n/ip route add gateway=\$\"gateway-address\" comment=\"wan1\" distance=1\
	\r\
	\n/ip route remove [find where comment=\"wan1-hc\"]\r\
	\n/ip route add dst-address=8.8.4.4 gateway=\$\"gateway-address\" comment=\
	\"wan1-hc\" distance=1\r\
	\n} else={\r\
	\n:if (\$count = 1) do={\r\
	\n:local test [/ip route find where comment=\"wan1\"]\r\
	\n:if ([/ip route get \$test gateway] != \$\"gateway-address\") do={\r\
	\n/ip route set \$test gateway=\$\"gateway-address\"\r\
	\n}\r\
	\n} else={\r\
	\n:error \"Multiple routes found\"\r\
	\n}\r\
	\n}\r\
	\n} else={\r\
	\n/ip route remove [find comment=\"wan1\"]\r\
	\n}\r\
	\n}" use-peer-dns=no use-peer-ntp=no
	add add-default-route=no disabled=no interface=ether2-wan2 script="{\r\
	\n:local rmark \"wan2\"\r\
	\n:local count [/ip route print count-only where comment=\"wan2\"]\r\
	\n:if (\$bound=1) do={\r\
	\n:if (\$count = 0) do={\r\
	\n/ip route add gateway=\$\"gateway-address\" comment=\"wan2\" distance=2\
	\r\
	\n} else={\r\
	\n:if (\$count = 1) do={\r\
	\n:local test [/ip route find where comment=\"wan2\"]\r\
	\n:if ([/ip route get \$test gateway] != \$\"gateway-address\") do={\r\
	\n/ip route set \$test gateway=\$\"gateway-address\"\r\
	\n}\r\
	\n} else={\r\
	\n:error \"Multiple routes found\"\r\
	\n}\r\
	\n}\r\
	\n} else={\r\
	\n/ip route remove [find comment=\"wan2\"]\r\
	\n}\r\
	\n}" use-peer-dns=no use-peer-ntp=no
	/ip dhcp-server network
	add address=10.100.10.0/24 dns-server=8.8.8.8 gateway=10.100.10.1
	/ip dns
	set servers=8.8.8.8,1.1.1.1
	/ip firewall filter
	add action=drop chain=output comment=Netwatch dst-address=8.8.4.4 \
	out-interface=ether2-wan2 protocol=icmp
	/ip firewall nat
	add action=masquerade chain=srcnat ipsec-policy=out,none out-interface-list=\
	WAN
	/ip route
	add comment=wan1 distance=1 gateway=192.168.50.1
	add comment=wan2 disabled=yes distance=2 gateway=10.0.173.129
	add comment=wan1-hc distance=1 dst-address=8.8.4.4/32 gateway=192.168.50.1
	add comment=wan1-hc distance=1 dst-address=8.8.4.4/32 gateway=192.168.50.1
	/system clock
	set time-zone-name=Europe/Kiev
	/tool netwatch
	add down-script="/ip route disable [find comment=\"wan1\"]\r\
	\n/ip route enable [find comment=\"wan2\"]\r\
	\n:foreach i in=[/ip firewall connection find protocol~\"udp\"] do={ /ip f\
	irewall connection remove \$i }\r\
	\n:foreach i in=[/ip firewall connection find protocol~\"tcp\"] do={ /ip f\
	irewall connection remove \$i }\r\
	\n" host=8.8.4.4 interval=30s timeout=100ms up-script="/ip route disable [\
	find comment=\"wan2\"]\r\
	\n/ip route enable [find comment=\"wan1\"]\r\
	\n:foreach i in=[/ip firewall connection find protocol~\"udp\"] do={ /ip f\
	irewall connection remove \$i }\r\
	\n:foreach i in=[/ip firewall connection find protocol~\"tcp\"] do={ /ip f\
	irewall connection remove \$i }"