From cbdd76d4aeb260a6216760a2aea5e84b1b5d7a9a Mon Sep 17 00:00:00 2001 From: oleg Date: Tue, 31 Mar 2026 20:05:06 +0000 Subject: [PATCH] docs: update mikrotik.md with podkop routes and DHCP DNS --- projects/niikn/mikrotik.md | 38 +++++++++++++++++++++++++++++--------- 1 file changed, 29 insertions(+), 9 deletions(-) diff --git a/projects/niikn/mikrotik.md b/projects/niikn/mikrotik.md index d6a5fef..aa20c44 100644 --- a/projects/niikn/mikrotik.md +++ b/projects/niikn/mikrotik.md @@ -3,13 +3,33 @@ - SSH: AI / OL260380eg - RouterOS 7.20.6, модель hAP ac³ - WAN IP: 85.235.181.190 -- NAT: 25,465,587,993,995,4190→Mailcow(192.168.1.128); 8448,3478→Matrix(192.168.1.133) - -## MikroTik НИИКН (192.168.1.1) -- SSH: AI / OL260380eg -- RouterOS 7.20.6, модель hAP ac³ -- WAN IP: 85.235.181.190 -- NAT: 25,465,587,993,995,4190→Mailcow(192.168.1.128); 8448,3478→Matrix(192.168.1.133); 7881/tcp,50100-50200/udp→LiveKit(192.168.1.133); 3479,20000-20100,49152-49252→NC(192.168.1.200); 21114-21119/tcp+21116/udp→RustDesk(192.168.1.112) -- Hairpin NAT: NPM(80,443), TURN(3478→133), Talk TURN(3479→200), RustDesk(21114-21119→112) - +## NAT (проброс портов) + +| Порты | Назначение | +|-------|------------| +| 25,465,587,993,995,4190 | Mailcow (192.168.1.128) | +| 8448,3478 | Matrix (192.168.1.133) | +| 7881/tcp, 50100-50200/udp | LiveKit (192.168.1.133) | +| 3479,20000-20100,49152-49252 | Nextcloud Talk (192.168.1.200) | +| 21114-21119/tcp + 21116/udp | RustDesk (192.168.1.112) | + +Hairpin NAT: NPM(80,443), TURN(3478→133), Talk TURN(3479→200), RustDesk(21114-21119→112) + +## Маршруты для обхода блокировок (podkop) + +``` +/ip route add dst-address=198.18.0.0/15 gateway=192.168.1.50 comment=podkop-fakeip +``` + +Трафик на FakeIP-диапазон направляется на OpenWrt (192.168.1.50) с podkop. + +## DHCP + +``` +/ip dhcp-server network set 0 dns-server=192.168.1.50 +``` + +Клиенты получают DNS 192.168.1.50 (OpenWrt/sing-box FakeIP). + +> Подробнее об обходе блокировок: [openwrt-bypass.md](openwrt-bypass.md)