General • Re: Manual DNS bypasses the Pihole - force redirect to pihole

dig google.com @8.8.8.8 +shortxxx.xxx.xxx.xxx

dig google.com @8.8.8.8 +short; <<>> DiG 9.16.45 <<>> google.com @8.8.8.8 +short;; global options: +cmd;; connection timed out; no servers could be reached

/container mountsadd dst=/opt/list name=list_pihole src=/usb1-part1/container_pihole/listadd dst=/etc/pihole name=etc_pihole src=/usb1-part1/container_pihole/etcadd dst=/etc/dnsmasq.d name=dnsmasq_pihole src=\    /usb1-part1/container_pihole/dnsmasqadd dst=/etc/cron.d name=crono_pihole src=/usb1-part1/container_pihole/crono/diskset usb1 type=hardwareadd parent=usb1 partition-number=1 partition-offset=512 partition-size=\    "500 107 861 504" type=partition/interface bridgeadd comment=Capsman name=BR-Capsman port-cost-mode=short priority=0x6000 \    vlan-filtering=yesadd comment=PiHole name=BR-PiHole port-cost-mode=short/interface vethadd address=192.168.55.55/24 gateway=192.168.55.1 gateway6="" name=veth1/interface vlanadd comment=Casa interface=BR-Capsman mtu=1480 name=100-Casa vlan-id=100add comment=Mamma interface=BR-Capsman mtu=1480 name=200-Mamma vlan-id=200add comment=Guests interface=BR-Capsman mtu=1480 name=300-Guest vlan-id=300add comment=Domus interface=BR-Capsman mtu=1480 name=400-Domus vlan-id=400add comment=Control disabled=yes interface=BR-Capsman mtu=1480 name=\    900-Control vlan-id=900add comment=WAN interface=ether1 mtu=1480 name=provider-vlan vlan-id=999/interface pppoe-clientadd add-default-route=yes disabled=no interface=provider-vlan name=\    provider-pppoe use-peer-dns=yes/interface listadd name=WANadd name=LANadd name=TRUSTED/interface wifi channeladd band=2ghz-g disabled=no frequency=2437 name=silent width=20/40mhz-Ceadd band=2ghz-g disabled=no name=guestadd band=5ghz-ax disabled=no frequency=5200 name=wlan5_ghz skip-dfs-channels=\    all width=20/40/80mhzadd band=2ghz-ax disabled=no frequency=2437 name=wlan2_channel6_main width=\    20/40mhzadd band=2ghz-ax disabled=no frequency=2412 name=wlan2_channel1add band=2ghz-ax disabled=no frequency=2462 name=wlan2_channel11add band=2ghz-ax disabled=yes frequency=2422 name=mcz width=20/40mhz-Ce/interface wifi datapathadd bridge=BR-Capsman disabled=no name=Wifi_Mamma vlan-id=200add bridge=BR-Capsman disabled=no name=Wifi_Guest vlan-id=300add bridge=BR-Capsman disabled=no name=Wifi_Casa vlan-id=100add bridge=BR-Capsman disabled=no name=Wifi_Domusadd bridge=BR-Capsman disabled=yes name=capmandp vlan-id=900/interface wifi securityadd authentication-types=wpa2-psk disabled=no group-encryption=ccmp name=homeadd authentication-types=wpa2-psk disabled=no group-encryption=ccmp name=\    guestadd authentication-types=wpa2-psk disabled=no name=silentadd authentication-types=wpa2-psk disabled=no name=serviceadd authentication-types=wpa2-psk disabled=yes encryption=tkip \    group-encryption=tkip group-key-update=1h name=mcz/interface wifi configurationadd antenna-gain=2 country=Italy datapath=Wifi_Guest disabled=yes name=guest \    security=guest ssid=Clochardadd country=Italy datapath=Wifi_Mamma disabled=no hide-ssid=yes mode=ap name=\    silent security=silent ssid=silentadd channel=wlan2_channel11 country=Italy datapath=Wifi_Domus disabled=no \    hide-ssid=no mode=ap name=studio_2ghz security=service ssid=\    LimitService2Gadd channel=wlan2_channel1 country=Italy datapath=Wifi_Domus disabled=no \    hide-ssid=no mode=ap name=centro_2ghz security=service ssid=\    LimitService2Gadd channel=wlan2_channel6_main country=Italy datapath=Wifi_Domus disabled=no \    hide-ssid=no mode=ap name=server_2ghz security=service ssid=\    LimitService2Gadd channel=wlan2_channel11 country=Italy datapath=Wifi_Domus disabled=no \    hide-ssid=no mode=ap name=taverna_2ghz security=service ssid=\    LimitService2Gadd channel=wlan2_channel1 country=Italy datapath=Wifi_Domus disabled=no \    hide-ssid=no mode=ap name=esterno_2ghz security=service ssid=\    LimitService2Gadd antenna-gain=2 country=Italy datapath=Wifi_Casa disabled=no mode=ap name=\    home2G security=home ssid=HyperLimitlessadd country=Italy datapath=Wifi_Domus disabled=no hide-ssid=no mode=ap name=\    service5G security=service ssid=LimitService5Gadd channel=wlan5_ghz country=Italy datapath=Wifi_Casa disabled=no mode=ap \    name=home5G security=home ssid=HyperLimitlessadd country=Italy disabled=yes hide-ssid=no mode=station name=mcz security=\    mcz ssid=MCZ-014A3FDA26BB90/interface wifiadd configuration=service5G disabled=no name=wifi1 radio-mac=\    48:A9:8A:0E:06:A8add configuration=service5G disabled=no name=wifi2 radio-mac=\    48:A9:8A:BC:A5:24add configuration=service5G disabled=no name=wifi3 radio-mac=\    48:A9:8A:0E:09:5Dadd configuration=home5G disabled=no mac-address=4A:A9:8A:0E:06:A8 \    master-interface=wifi1 name=wifi4add configuration=home5G disabled=no mac-address=4A:A9:8A:BC:A5:24 \    master-interface=wifi2 name=wifi5add configuration=home5G disabled=no mac-address=4A:A9:8A:0E:09:5D \    master-interface=wifi3 name=wifi6add configuration=service5G disabled=no name=wifi7 radio-mac=\    48:A9:8A:0E:03:51add configuration=service5G disabled=no name=wifi8 radio-mac=\    48:A9:8A:0E:06:47add configuration=home5G disabled=no mac-address=4A:A9:8A:0E:03:51 \    master-interface=wifi7 name=wifi9add configuration=home5G disabled=no mac-address=4A:A9:8A:0E:06:47 \    master-interface=wifi8 name=wifi10add configuration=centro_2ghz disabled=no name=wifi11 radio-mac=\    48:A9:8A:0E:06:A9add configuration=esterno_2ghz disabled=no name=wifi12 radio-mac=\    48:A9:8A:0E:09:5E# SSID not setadd configuration=guest disabled=no mac-address=4A:A9:8A:0E:06:A9 \    master-interface=wifi11 name=wifi13add configuration=home2G disabled=no mac-address=4A:A9:8A:0E:06:AA \    master-interface=wifi11 name=wifi14add configuration=studio_2ghz disabled=no name=wifi15 radio-mac=\    48:A9:8A:0E:03:52add configuration=taverna_2ghz disabled=no name=wifi16 radio-mac=\    48:A9:8A:0E:06:48# SSID not setadd configuration=guest disabled=no mac-address=4A:A9:8A:0E:09:5E \    master-interface=wifi12 name=wifi17add configuration=home2G disabled=no mac-address=4A:A9:8A:0E:09:5F \    master-interface=wifi12 name=wifi18add configuration=server_2ghz disabled=no name=wifi19 radio-mac=\    48:A9:8A:BC:A5:25# SSID not setadd configuration=guest disabled=no mac-address=4A:A9:8A:0E:03:52 \    master-interface=wifi15 name=wifi20add configuration=home2G disabled=no mac-address=4A:A9:8A:0E:03:53 \    master-interface=wifi15 name=wifi21# SSID not setadd configuration=guest disabled=no mac-address=4A:A9:8A:0E:06:48 \    master-interface=wifi16 name=wifi22add configuration=home2G disabled=no mac-address=4A:A9:8A:0E:06:49 \    master-interface=wifi16 name=wifi23# SSID not setadd configuration=guest disabled=no mac-address=4A:A9:8A:BC:A5:25 \    master-interface=wifi19 name=wifi24add configuration=home2G disabled=no mac-address=4A:A9:8A:BC:A5:26 \    master-interface=wifi19 name=wifi25add configuration=silent disabled=no mac-address=4A:A9:8A:BC:A5:27 \    master-interface=wifi19 name=wifi26/ip kid-controladd disabled=yes fri=0s-1d mon=0s-1d name=system-dummy sat=0s-1d sun=0s-1d \    thu=0s-1d tue=0s-1d tur-fri=0s-1d tur-mon=0s-1d tur-sat=0s-1d tur-sun=\    0s-1d tur-thu=0s-1d tur-tue=0s-1d tur-wed=0s-1d wed=0s-1d/ip pooladd name=MammaPool ranges=10.255.255.100-10.255.255.200add name=GuestsPool ranges=172.16.0.2-172.16.15.254add name=DomusPool ranges=192.168.240.100-192.168.240.200add name=CasaPool ranges=192.168.0.100-192.168.0.200add name=ControlPool ranges=10.10.0.100-10.10.0.200/ip dhcp-serveradd add-arp=yes address-pool=CasaPool interface=100-Casa lease-script="# When \    \"1\" all DNS entries with IP address of DHCP lease are removed\r\    \n:local dnsRemoveAllByIp \"1\"\r\    \n# When \"1\" all DNS entries with hostname of DHCP lease are removed\r\    \n:local dnsRemoveAllByName \"1\"\r\    \n# When \"1\" addition and removal of DNS entries is always done also for\    \_non-FQDN hostname\r\    \n:local dnsAlwaysNonfqdn \"1\"\r\    \n# DNS domain to add after DHCP client hostname\r\    \n:local dnsDomain \"lan\"\r\    \n# DNS TTL to set for DNS entries\r\    \n:local dnsTtl \"00:15:00\"\r\    \n# Source of DHCP client hostname, can be \"lease-hostname\" or any other\    \_lease attribute, like \"host-name\" or \"comment\"\r\    \n:local leaseClientHostnameSource \"comment\"\r\    \n\r\    \n:local leaseComment \"dhcp-lease-script_\$leaseServerName_\$leaseClientH\    ostnameSource\"\r\    \n:local leaseClientHostname\r\    \n:if (\$leaseClientHostnameSource = \"lease-hostname\") do={\r\    \n  :set leaseClientHostname \$\"lease-hostname\"\r\    \n} else={\r\    \n  :set leaseClientHostname ([:pick \\\r\    \n    [/ip dhcp-server lease print as-value where server=\"\$leaseServerNa\    me\" address=\"\$leaseActIP\" mac-address=\"\$leaseActMAC\"] \\\r\    \n    0]->\"\$leaseClientHostnameSource\")\r\    \n}\r\    \n:local leaseClientHostnameShort \"\$leaseClientHostname\"\r\    \n:local leaseClientHostnames \"\$leaseClientHostname\"\r\    \n:if ([:len [\$dnsDomain]] > 0) do={\r\    \n  :set leaseClientHostname \"\$leaseClientHostname.\$dnsDomain\"\r\    \n  :if (\$dnsAlwaysNonfqdn = \"1\") do={\r\    \n    :set leaseClientHostnames \"\$leaseClientHostname,\$leaseClientHostn\    ameShort\"\r\    \n  }\r\    \n}\r\    \n:if (\$dnsRemoveAllByIp = \"1\") do={\r\    \n  /ip dns static remove [/ip dns static find comment=\"\$leaseComment\" \    and address=\"\$leaseActIP\"]\r\    \n}\r\    \n:foreach h in=[:toarray value=\"\$leaseClientHostnames\"] do={\r\    \n  :if (\$dnsRemoveAllByName = \"1\") do={\r\    \n    /ip dns static remove [/ip dns static find comment=\"\$leaseComment\    \" and name=\"\$h\"]\r\    \n  }\r\    \n  /ip dns static remove [/ip dns static find comment=\"\$leaseComment\" \    and address=\"\$leaseActIP\" and name=\"\$h\"]\r\    \n  :if (\$leaseBound = \"1\") do={\r\    \n    :delay 1\r\    \n    /ip dns static add comment=\"\$leaseComment\" address=\"\$leaseActIP\    \" name=\"\$h\" ttl=\"\$dnsTtl\"\r\    \n  }\r\    \n}" lease-time=1d name=Casa_dhcpadd add-arp=yes address-pool=MammaPool bootp-support=none interface=200-Mamma \    lease-time=1d name=Mamma_dchp relay=10.255.254.2 server-address=\    10.255.254.1add add-arp=yes address-pool=GuestsPool interface=300-Guest lease-time=12h \    name=Guests_dhcpadd add-arp=yes address-pool=DomusPool interface=BR-Capsman lease-script="# Wh\    en \"1\" all DNS entries with IP address of DHCP lease are removed\r\    \n:local dnsRemoveAllByIp \"1\"\r\    \n# When \"1\" all DNS entries with hostname of DHCP lease are removed\r\    \n:local dnsRemoveAllByName \"1\"\r\    \n# When \"1\" addition and removal of DNS entries is always done also for\    \_non-FQDN hostname\r\    \n:local dnsAlwaysNonfqdn \"1\"\r\    \n# DNS domain to add after DHCP client hostname\r\    \n:local dnsDomain \"domus\"\r\    \n# DNS TTL to set for DNS entries\r\    \n:local dnsTtl \"00:15:00\"\r\    \n# Source of DHCP client hostname, can be \"lease-hostname\" or any other\    \_lease attribute, like \"host-name\" or \"comment\"\r\    \n:local leaseClientHostnameSource \"comment\"\r\    \n\r\    \n:local leaseComment \"dhcp-lease-script_\$leaseServerName_\$leaseClientH\    ostnameSource\"\r\    \n:local leaseClientHostname\r\    \n:if (\$leaseClientHostnameSource = \"lease-hostname\") do={\r\    \n  :set leaseClientHostname \$\"lease-hostname\"\r\    \n} else={\r\    \n  :set leaseClientHostname ([:pick \\\r\    \n    [/ip dhcp-server lease print as-value where server=\"\$leaseServerNa\    me\" address=\"\$leaseActIP\" mac-address=\"\$leaseActMAC\"] \\\r\    \n    0]->\"\$leaseClientHostnameSource\")\r\    \n}\r\    \n:local leaseClientHostnameShort \"\$leaseClientHostname\"\r\    \n:local leaseClientHostnames \"\$leaseClientHostname\"\r\    \n:if ([:len [\$dnsDomain]] > 0) do={\r\    \n  :set leaseClientHostname \"\$leaseClientHostname.\$dnsDomain\"\r\    \n  :if (\$dnsAlwaysNonfqdn = \"1\") do={\r\    \n    :set leaseClientHostnames \"\$leaseClientHostname,\$leaseClientHostn\    ameShort\"\r\    \n  }\r\    \n}\r\    \n:if (\$dnsRemoveAllByIp = \"1\") do={\r\    \n  /ip dns static remove [/ip dns static find comment=\"\$leaseComment\" \    and address=\"\$leaseActIP\"]\r\    \n}\r\    \n:foreach h in=[:toarray value=\"\$leaseClientHostnames\"] do={\r\    \n  :if (\$dnsRemoveAllByName = \"1\") do={\r\    \n    /ip dns static remove [/ip dns static find comment=\"\$leaseComment\    \" and name=\"\$h\"]\r\    \n  }\r\    \n  /ip dns static remove [/ip dns static find comment=\"\$leaseComment\" \    and address=\"\$leaseActIP\" and name=\"\$h\"]\r\    \n  :if (\$leaseBound = \"1\") do={\r\    \n    :delay 1\r\    \n    /ip dns static add comment=\"\$leaseComment\" address=\"\$leaseActIP\    \" name=\"\$h\" ttl=\"\$dnsTtl\"\r\    \n  }\r\    \n}" lease-time=1d name=Domus_dhcpadd add-arp=yes address-pool=ControlPool disabled=yes interface=BR-Capsman \    lease-time=2w1d name=Control_dhcp/containeradd envlist=pihole_envs interface=veth1 mounts=\    list_pihole,etc_pihole,dnsmasq_pihole,crono_pihole root-dir=\    usb1-part1/pihole start-on-boot=yes/container configset registry-url=https://registry-1.docker.io tmpdir=usb1-part1/pull/container envsadd key=TZ name=pihole_envs value=Europe/Romeadd key=WEBPASSWORD name=pihole_envs value="password"add key=DNSMASQ_USER name=pihole_envs value=rootadd key=FTLCONF_LOCAL_IPV4 name=pihole_envs value=192.168.55.55/interface bridge portadd bridge=BR-Capsman interface=sfp-sfpplus1 internal-path-cost=10 path-cost=\    10add bridge=BR-Capsman interface=ether8 internal-path-cost=10 path-cost=10add bridge=BR-PiHole interface=veth1 internal-path-cost=10 path-cost=10/ip neighbor discovery-settingsset discover-interface-list=TRUSTED/ipv6 settingsset disable-ipv6=yes forward=no/interface bridge vlanadd bridge=BR-Capsman comment="Mamma VLAN" tagged=BR-Capsman,sfp-sfpplus1 \    vlan-ids=200add bridge=BR-Capsman comment="Guest VLAN" tagged=BR-Capsman,sfp-sfpplus1 \    vlan-ids=300add bridge=BR-Capsman comment="Domus VLAN" tagged=BR-Capsman,sfp-sfpplus1 \    vlan-ids=400add bridge=BR-Capsman comment="Casa VLAN" tagged=BR-Capsman,sfp-sfpplus1 \    vlan-ids=100# BR-Capsman not a bridge portadd bridge=BR-Capsman comment="Control VLAN" disabled=yes tagged=\    BR-Capsman,sfp-sfpplus1 vlan-ids=900/interface list memberadd interface=provider-pppoe list=WANadd interface=100-Casa list=LANadd interface=provider-vlan list=WANadd interface=200-Mamma list=LANadd interface=300-Guest list=LANadd interface=400-Domus list=LANadd interface=100-Casa list=TRUSTEDadd interface=400-Domus list=TRUSTEDadd disabled=yes interface=900-Control list=LANadd interface=BR-Capsman list=LANadd disabled=yes interface=BR-PiHole list=LAN/interface wifi access-listadd action=accept comment="Apple Device" disabled=no mac-address=\    18:34:51:00:00:00 mac-address-mask=FF:FF:FF:00:00:00/interface wifi capsmanset enabled=yes interfaces=BR-Capsman package-path="" \    require-peer-certificate=no upgrade-policy=none/interface wifi provisioningadd action=create-enabled disabled=no master-configuration=service5G \    name-format="" radio-mac=48:A9:8A:BC:A5:24 slave-configurations=home5Gadd action=create-enabled disabled=no master-configuration=studio_2ghz \    name-format="" radio-mac=48:A9:8A:0E:03:52 slave-configurations=\    guest,home2Gadd action=create-enabled disabled=no master-configuration=service5G \    name-format="" radio-mac=48:A9:8A:0E:06:47 slave-configurations=home5Gadd action=create-enabled disabled=no master-configuration=service5G \    name-format="" radio-mac=48:A9:8A:0E:09:5D slave-configurations=home5Gadd action=create-enabled disabled=no master-configuration=service5G \    name-format="" radio-mac=48:A9:8A:0E:06:A8 slave-configurations=home5Gadd action=create-enabled disabled=no master-configuration=esterno_2ghz \    name-format="" radio-mac=48:A9:8A:0E:09:5E slave-configurations=\    guest,home2Gadd action=create-enabled disabled=no master-configuration=server_2ghz \    name-format="" radio-mac=48:A9:8A:BC:A5:25 slave-configurations=\    guest,home2G,silentadd action=create-enabled disabled=no master-configuration=service5G \    name-format="" radio-mac=48:A9:8A:0E:03:51 slave-configurations=home5G \    supported-bands=5ghz-axadd action=create-enabled disabled=no master-configuration=centro_2ghz \    name-format="" radio-mac=48:A9:8A:0E:06:A9 slave-configurations=\    guest,home2Gadd action=create-enabled disabled=no master-configuration=taverna_2ghz \    name-format="" radio-mac=48:A9:8A:0E:06:48 slave-configurations=\    guest,home2G/ip addressadd address=192.168.0.1/24 interface=100-Casa network=192.168.0.0add address=172.16.0.1/20 interface=300-Guest network=172.16.0.0add address=10.255.254.1/24 interface=200-Mamma network=10.255.254.0add address=192.168.240.1/24 interface=BR-Capsman network=192.168.240.0add address=192.168.55.1/24 interface=BR-PiHole network=192.168.55.0add address=10.10.0.1/24 disabled=yes interface=BR-Capsman network=10.10.0.0/ip dnsset allow-remote-requests=yes cache-max-ttl=1m servers=1.1.1.1,1.0.0.1/ip firewall address-listadd address=192.168.0.0/24 comment="Casa NET" list=net_casaadd address=xxx.xxx.xxx.xxx list=PublicIPadd address=10.255.255.0/24 comment="Mamma NET" list=net_mammaadd address=172.16.0.0/20 comment="Guest NET" list=net_guestadd address=10.255.255.0/24 comment="Excluded from PiHole" list=excludedadd address=172.16.0.0/20 comment="Excluded from PiHole" list=excludedadd address=192.168.55.55 comment="Excluded from PiHole" list=excludedadd address=192.168.240.0/24 comment="Domus NET" list=net_domusadd address=10.10.0.0/24 comment="Excluded from PiHole" list=excludedadd address=192.168.240.10 comment="Excluded from PiHole" list=excludedadd address=192.168.0.0/24 comment="Filtered from PiHole" list=filteredadd address=192.168.240.0/24 comment="Filtered from PiHole" list=filteredadd address=10.10.0.0/24 comment="Control NET" list=net_control/ip firewall filteradd action=accept chain=input comment=\    "defconf: accept established,related,untracked" connection-state=\    established,related,untrackedadd action=drop chain=input comment="defconf: drop invalid" connection-state=\    invalidadd action=accept chain=input comment="defconf: accept ICMP" protocol=icmpadd action=accept chain=input comment=\    "defconf: accept to local loopback (for CAPsMAN)" dst-address=127.0.0.1add action=accept chain=input comment=\    "ONLY allow trusted subnet full access to router services" \    src-address-list=net_casaadd action=accept chain=input comment=PiHole dst-port=53,123 \    in-interface-list=LAN protocol=udpadd action=accept chain=input comment=PiHole dst-port=53 in-interface-list=\    LAN protocol=tcpadd action=drop chain=input comment="DROP ALL ELSE"add action=accept chain=forward comment="defconf: accept in ipsec policy" \    ipsec-policy=in,ipsecadd action=accept chain=forward comment="defconf: accept out ipsec policy" \    ipsec-policy=out,ipsecadd action=fasttrack-connection chain=forward comment="defconf: fasttrack" \    connection-state=established,related hw-offload=yesadd action=accept chain=forward comment=\    "defconf: accept established,related, untracked" connection-state=\    established,related,untrackedadd action=accept chain=forward comment="internet traffic" in-interface-list=\    LAN out-interface-list=WAN src-address-list=!net_controladd action=accept chain=forward comment="internet traffic" \    out-interface-list=WAN src-address=192.168.55.55add action=accept chain=forward comment="allow access to ALL DomusNET" \    dst-address-list=net_domus src-address-list=net_casaadd action=accept chain=forward comment="allow access to ALL ControlNET" \    dst-address-list=net_control src-address-list=net_casaadd action=accept chain=forward comment="allow access to AP Mamma" \    dst-address=10.255.254.2 src-address-list=net_casaadd action=accept chain=forward comment="allow access to PiHOLE" dst-address=\    192.168.55.55 in-interface-list=LANadd action=accept chain=forward comment="port forwarding" \    connection-nat-state=dstnatadd action=drop chain=forward comment="DROP ALL ELSE"/ip firewall natadd action=masquerade chain=srcnat comment=Internet out-interface-list=WANadd action=dst-nat chain=dstnat comment="DNS Redirect to PI-Hole" dst-port=53 \    in-interface-list=LAN protocol=udp src-address-list=!excluded \    to-addresses=192.168.55.55 to-ports=53add action=dst-nat chain=dstnat comment="DNS Redirect to PI-Hole" dst-port=53 \    in-interface-list=LAN protocol=tcp src-address-list=!excluded \    to-addresses=192.168.55.55 to-ports=53add action=masquerade chain=srcnat comment="PiHole hairpin NAT" dst-address=\    192.168.55.55 dst-port=53 protocol=udp src-address-list=filteredadd action=masquerade chain=srcnat comment="PiHole hairpin NAT" dst-address=\    192.168.55.55 dst-port=53 protocol=tcp src-address-list=filtered/ip firewall service-portset ftp disabled=yesset h323 disabled=yesset pptp disabled=yes/ip routeadd disabled=no dst-address=10.255.255.0/24 gateway=10.255.254.2 \    routing-table=main suppress-hw-offload=noadd disabled=no dst-address=10.255.255.0/24 gateway=10.255.254.2 \    routing-table=main suppress-hw-offload=noadd disabled=no dst-address=10.255.255.0/24 gateway=10.255.254.2 \    routing-table=main suppress-hw-offload=no/ip upnp interfacesadd interface=provider-pppoe type=externaladd interface=100-Casa type=internaladd interface=400-Domus type=internaladd interface=provider-vlan type=externaladd interface=BR-PiHole type=internal/ipv6 firewall address-listadd address=::/128 comment="defconf: unspecified address" list=bad_ipv6add address=::1/128 comment="defconf: lo" list=bad_ipv6add address=fec0::/10 comment="defconf: site-local" list=bad_ipv6add address=::ffff:0.0.0.0/96 comment="defconf: ipv4-mapped" list=bad_ipv6add address=::/96 comment="defconf: ipv4 compat" list=bad_ipv6add address=100::/64 comment="defconf: discard only " list=bad_ipv6add address=2001:db8::/32 comment="defconf: documentation" list=bad_ipv6add address=2001:10::/28 comment="defconf: ORCHID" list=bad_ipv6add address=3ffe::/16 comment="defconf: 6bone" list=bad_ipv6add address=::224.0.0.0/100 comment="defconf: other" list=bad_ipv6add address=::127.0.0.0/104 comment="defconf: other" list=bad_ipv6add address=::/104 comment="defconf: other" list=bad_ipv6add address=::255.0.0.0/104 comment="defconf: other" list=bad_ipv6/ipv6 firewall filteradd action=drop chain=inputadd action=drop chain=forward/system clockset time-zone-name=Europe/Rome/system identityset name=Router/system loggingset 2 disabled=yesadd action=echo disabled=yes topics=dhcpadd action=echo disabled=yes topics=dhcpadd disabled=yes topics=wirelessadd action=echo disabled=yes topics=wirelessadd action=remote disabled=yes topics=wirelessadd disabled=yes prefix=dhcp topics=debugadd disabled=yes prefix=wireless topics=debugadd topics=wireless,debug,error,info,info/system noteset show-at-login=no/system ntp clientset enabled=yes/system ntp serverset enabled=yes local-clock-stratum=1 manycast=yes use-local-clock=yes/system ntp client serversadd address=0.it.pool.ntp.orgadd address=1.it.pool.ntp.orgadd address=2.it.pool.ntp.orgadd address=3.it.pool.ntp.org