API tools faq
paste
Guest User

Edgerouter X KPN IPTV

a guest
Jul 11th, 2015
787
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.72 KB | None | 0 0
raw download clone embed print report
  1. firewall {
  2. all-ping enable
  3. broadcast-ping disable
  4. ipv6-receive-redirects disable
  5. ipv6-src-route disable
  6. ip-src-route disable
  7. log-martians enable
  8. name WAN_IN {
  9. default-action drop
  10. description "WAN to internal"
  11. rule 10 {
  12. action accept
  13. description "Allow established/related"
  14. state {
  15. established enable
  16. related enable
  17. }
  18. }
  19. rule 20 {
  20. action drop
  21. description "Drop invalid state"
  22. state {
  23. invalid enable
  24. }
  25. }
  26. }
  27. name WAN_LOCAL {
  28. default-action drop
  29. description "WAN to router"
  30. rule 10 {
  31. action accept
  32. description "Allow established/related"
  33. state {
  34. established enable
  35. related enable
  36. }
  37. }
  38. rule 20 {
  39. action drop
  40. description "Drop invalid state"
  41. state {
  42. invalid enable
  43. }
  44. }
  45. }
  46. options {
  47. }
  48. receive-redirects disable
  49. send-redirects enable
  50. source-validation disable
  51. syn-cookies enable
  52. }
  53. interfaces {
  54. ethernet eth0 {
  55. address 192.168.1.1/24
  56. description "Internal Network"
  57. duplex auto
  58. speed auto
  59. }
  60. ethernet eth1 {
  61. description Uplink
  62. duplex auto
  63. mtu 1510
  64. speed auto
  65. vif 4 {
  66. address dhcp
  67. description IPTV
  68. dhcp-options {
  69. client-option "send vendor-class-identifier "IPTV_RG"
  70. ;"
  71. client-option "request subnet-mask, routers, rfc3442-classless-
  72. static-routes;"
  73. default-route no-update
  74. default-route-distance 254
  75. name-server update
  76. }
  77. }
  78. vif 6 {
  79. description "Internet (PPPoE)"
  80. mtu 1500
  81. pppoe 0 {
  82. default-route auto
  83. firewall {
  84. in {
  85. name WAN_IN
  86. }
  87. local {
  88. name WAN_LOCAL
  89. }
  90. }
  91. mtu 1500
  92. name-server auto
  93. password ppp
  94. user-id AB-CD-EF-GH-IJ-KL@internet
  95. }
  96. }
  97. }
  98. ethernet eth2 {
  99. description "Local 2"
  100. duplex auto
  101. speed auto
  102. }
  103. ethernet eth3 {
  104. description "Local 3"
  105. duplex auto
  106. speed auto
  107. }
  108. ethernet eth4 {
  109. description "Local 2"
  110. duplex auto
  111. poe {
  112. output off
  113. }
  114. speed auto
  115. }
  116. loopback lo {
  117. }
  118. switch switch0 {
  119. switch-port {
  120. interface eth2
  121. interface eth3
  122. interface eth4
  123. }
  124. }
  125. }
  126. port-forward {
  127. auto-firewall enable
  128. hairpin-nat enable
  129. lan-interface eth0
  130. wan-interface pppoe0
  131. }
  132. protocols {
  133. igmp-proxy {
  134. interface eth0 {
  135. role downstream
  136. threshold 1
  137. }
  138. interface eth1.4 {
  139. alt-subnet 0.0.0.0/0
  140. role upstream
  141. threshold 1
  142. }
  143. }
  144. static {
  145. route 213.75.112.0/21 {
  146. next-hop 10.233.64.1 {
  147. }
  148. }
  149. }
  150. }
  151. service {
  152. dhcp-server {
  153. disabled false
  154. global-parameters "option vendor-class-identifier code 60 = string;"
  155. global-parameters "option broadcast-address code 28 = ip-address;"
  156. hostfile-update disable
  157. shared-network-name DHCP {
  158. authoritative disable
  159. subnet 192.168.1.0/24 {
  160. default-router 192.168.1.1
  161. dns-server 192.168.1.1
  162. lease 86400
  163. start 192.168.1.21 {
  164. stop 192.168.1.240
  165. }
  166. static-mapping STB_woonkamer {
  167. ip-address 192.168.1.22
  168. mac-address 00:02:9b:bc:e1:28
  169. }
  170. subnet-parameters "option vendor-class-identifier "IPTV_RG
  171. ";"
  172. subnet-parameters "option broadcast-address 192.168.1.255;"
  173. }
  174. }
  175. }
  176. dns {
  177. forwarding {
  178. cache-size 150
  179. listen-on eth0
  180. }
  181. }
  182. gui {
  183. https-port 443
  184. }
  185. nat {
  186. rule 5008 {
  187. description IPTV
  188. destination {
  189. address 10.142.64.0/18
  190. }
  191. log disable
  192. outbound-interface eth1.4
  193. protocol all
  194. type masquerade
  195. }
  196. rule 5009 {
  197. description IPTV
  198. destination {
  199. address 213.75.112.0/21
  200. }
  201. log disable
  202. outbound-interface eth1.4
  203. protocol all
  204. type masquerade
  205. }
  206. rule 5010 {
  207. log disable
  208. outbound-interface pppoe0
  209. protocol all
  210. source {
  211. }
  212. type masquerade
  213. }
  214. }
  215. ssh {
  216. port 22
  217. protocol-version v2
  218. }
  219. }
  220. system {
  221. config-management {
  222. commit-revisions 20
  223. }
  224. conntrack {
  225. expect-table-size 2048
  226. hash-size 32768
  227. table-size 262144
  228. }
  229. host-name chickroute
  230. login {
  231. user admin {
  232. authentication {
  233. encrypted-password ********************
  234. plaintext-password ""
  235. }
  236. }
  237. user ubnt {
  238. authentication {
  239. encrypted-password ******************.
  240. }
  241. level admin
  242. }
  243. }
  244. ntp {
  245. server 0.ubnt.pool.ntp.org {
  246. }
  247. server 1.ubnt.pool.ntp.org {
  248. }
  249. server 2.ubnt.pool.ntp.org {
  250. }
  251. server 3.ubnt.pool.ntp.org {
  252. }
  253. }
  254. syslog {
  255. global {
  256. facility all {
  257. level notice
  258. }
  259. facility protocols {
  260. level debug
  261. }
  262. }
  263. }
  264. time-zone Europe/Amsterdam
  265. }
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!