API tools faq
paste
Guest User

Untitled

a guest
Jun 5th, 2020
33
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 37.49 KB | None | 0 0
raw download clone embed print report
  1. admin@Thuis:~$ show configuration | no-more
  2. firewall {
  3. all-ping enable
  4. broadcast-ping disable
  5. ipv6-name WANv6_IN {
  6. default-action drop
  7. description "WAN IPv6 naar LAN"
  8. rule 10 {
  9. action accept
  10. description "Allow established/related"
  11. state {
  12. established enable
  13. related enable
  14. }
  15. }
  16. rule 20 {
  17. action drop
  18. description "Drop invalid state"
  19. state {
  20. invalid enable
  21. }
  22. }
  23. rule 30 {
  24. action accept
  25. description "Allow IPv6 icmp"
  26. icmpv6 {
  27. type echo-request
  28. }
  29. protocol ipv6-icmp
  30. }
  31. }
  32. ipv6-name WANv6_LOCAL {
  33. default-action drop
  34. description "WAN IPv6 naar Router"
  35. rule 10 {
  36. action accept
  37. description "Allow established/related"
  38. state {
  39. established enable
  40. related enable
  41. }
  42. }
  43. rule 20 {
  44. action drop
  45. description "Drop invalid state"
  46. state {
  47. invalid enable
  48. }
  49. }
  50. rule 30 {
  51. action accept
  52. description "Allow IPv6 icmp"
  53. protocol ipv6-icmp
  54. }
  55. rule 40 {
  56. action accept
  57. description "Allow dhcpv6"
  58. destination {
  59. port 546
  60. }
  61. protocol udp
  62. source {
  63. port 547
  64. }
  65. }
  66. }
  67. ipv6-receive-redirects disable
  68. ipv6-src-route disable
  69. ip-src-route disable
  70. log-martians enable
  71. name WAN_IN {
  72. default-action drop
  73. description "WAN naar LAN"
  74. rule 10 {
  75. action accept
  76. description "Allow established/related"
  77. log disable
  78. state {
  79. established enable
  80. related enable
  81. }
  82. }
  83. rule 20 {
  84. action drop
  85. description "Drop invalid state"
  86. state {
  87. invalid enable
  88. }
  89. }
  90. }
  91. name WAN_LOCAL {
  92. default-action drop
  93. description "WAN naar Router"
  94. rule 10 {
  95. action accept
  96. description "Allow established/related"
  97. log disable
  98. state {
  99. established enable
  100. invalid disable
  101. new disable
  102. related enable
  103. }
  104. }
  105. rule 20 {
  106. action drop
  107. description "Drop invalid state"
  108. state {
  109. established disable
  110. invalid enable
  111. new disable
  112. related disable
  113. }
  114. }
  115. }
  116. receive-redirects disable
  117. send-redirects enable
  118. source-validation disable
  119. syn-cookies enable
  120. }
  121. interfaces {
  122. ethernet eth0 {
  123. description FTTH
  124. duplex auto
  125. mtu 1512
  126. speed auto
  127. vif 4 {
  128. address dhcp
  129. description "KPN IPTV"
  130. dhcp-options {
  131. client-option "send vendor-class-identifier "IPTV_RG";
  132. "
  133. client-option "request subnet-mask, routers, rfc3442-classless-s
  134. tatic-routes;"
  135. default-route no-update
  136. default-route-distance 210
  137. name-server update
  138. }
  139. mtu 1500
  140. }
  141. vif 6 {
  142. description "KPN Internet"
  143. mtu 1508
  144. pppoe 0 {
  145. default-route auto
  146. dhcpv6-pd {
  147. no-dns
  148. pd 0 {
  149. interface switch0 {
  150. host-address ::1
  151. prefix-id :1
  152. service slaac
  153. }
  154. prefix-length /48
  155. }
  156. rapid-commit enable
  157. }
  158. firewall {
  159. in {
  160. ipv6-name WANv6_IN
  161. name WAN_IN
  162. }
  163. local {
  164. ipv6-name WANv6_LOCAL
  165. name WAN_LOCAL
  166. }
  167. }
  168. idle-timeout 180
  169. ipv6 {
  170. address {
  171. autoconf
  172. }
  173. dup-addr-detect-transmits 1
  174. enable {
  175. }
  176. }
  177. mtu 1500
  178. name-server auto
  179. password ****************
  180. user-id 74-83-c2-72-b2-e7@internet
  181. }
  182. }
  183. }
  184. ethernet eth1 {
  185. description "Poort 1 TV ontvanger"
  186. duplex auto
  187. speed auto
  188. }
  189. ethernet eth2 {
  190. description "Poort 2 TV woonkamer"
  191. duplex auto
  192. speed auto
  193. }
  194. ethernet eth3 {
  195. description "Poort 3 gaming pc woonkamer"
  196. duplex auto
  197. speed auto
  198. }
  199. ethernet eth4 {
  200. description "Poort 4 Accesspoint woonkamer"
  201. duplex auto
  202. speed auto
  203. }
  204. ethernet eth5 {
  205. description "Poort 5 uplink 2e verdieping switch"
  206. duplex auto
  207. speed auto
  208. }
  209. ethernet eth6 {
  210. duplex auto
  211. speed auto
  212. }
  213. ethernet eth7 {
  214. duplex auto
  215. speed auto
  216. }
  217. ethernet eth8 {
  218. duplex auto
  219. speed auto
  220. }
  221. ethernet eth9 {
  222. description "Poort 9 Accesspoint 2de verdieping"
  223. duplex auto
  224. poe {
  225. output off
  226. }
  227. speed auto
  228. }
  229. loopback lo {
  230. }
  231. switch switch0 {
  232. address 192.168.178.254/24
  233. description "Thuis netwerk"
  234. ipv6 {
  235. dup-addr-detect-transmits 1
  236. router-advert {
  237. cur-hop-limit 64
  238. link-mtu 0
  239. managed-flag false
  240. max-interval 600
  241. name-server 2a02:a47f:e000::53
  242. name-server 2a02:a47f:e000::54
  243. other-config-flag false
  244. prefix ::/64 {
  245. autonomous-flag true
  246. on-link-flag true
  247. valid-lifetime 2592000
  248. }
  249. radvd-options "RDNSS 2a02:a47f:e000::53 2a02:a47f:e000::54 {};"
  250. reachable-time 0
  251. retrans-timer 0
  252. send-advert true
  253. }
  254. }
  255. mtu 1500
  256. switch-port {
  257. interface eth1 {
  258. }
  259. interface eth2 {
  260. }
  261. interface eth3 {
  262. }
  263. interface eth4 {
  264. }
  265. interface eth5 {
  266. }
  267. interface eth6 {
  268. }
  269. interface eth7 {
  270. }
  271. interface eth8 {
  272. }
  273. interface eth9 {
  274. }
  275. vlan-aware disable
  276. }
  277. }
  278. }
  279. port-forward {
  280. auto-firewall enable
  281. hairpin-nat enable
  282. lan-interface switch0
  283. rule 1 {
  284. description "CSGO s01 port"
  285. forward-to {
  286. address 192.168.178.10
  287. port 27015
  288. }
  289. original-port 27015
  290. protocol tcp_udp
  291. }
  292. rule 2 {
  293. description "TeamSpeak s01 port"
  294. forward-to {
  295. address 192.168.178.10
  296. port 9987
  297. }
  298. original-port 9987
  299. protocol tcp_udp
  300. }
  301. rule 3 {
  302. description "http s01 port"
  303. forward-to {
  304. address 192.168.178.10
  305. port 80
  306. }
  307. original-port 80
  308. protocol tcp_udp
  309. }
  310. rule 4 {
  311. description "https s01 port"
  312. forward-to {
  313. address 192.168.178.10
  314. port 443
  315. }
  316. original-port 443
  317. protocol tcp_udp
  318. }
  319. rule 5 {
  320. description "ftp s01"
  321. forward-to {
  322. address 192.168.178.10
  323. port 21
  324. }
  325. original-port 21
  326. protocol tcp_udp
  327. }
  328. wan-interface pppoe0
  329. }
  330. protocols {
  331. igmp-proxy {
  332. interface eth0.4 {
  333. alt-subnet 0.0.0.0/0
  334. role upstream
  335. threshold 1
  336. }
  337. interface switch0 {
  338. alt-subnet 0.0.0.0/0
  339. role downstream
  340. threshold 1
  341. }
  342. }
  343. static {
  344. interface-route6 ::/0 {
  345. next-hop-interface pppoe0 {
  346. }
  347. }
  348. }
  349. }
  350. service {
  351. dhcp-server {
  352. disabled false
  353. hostfile-update disable
  354. shared-network-name Thuis {
  355. authoritative disable
  356. subnet 192.168.178.0/24 {
  357. default-router 192.168.178.254
  358. dns-server 195.121.1.34
  359. dns-server 195.121.1.66
  360. lease 86400
  361. start 192.168.178.50 {
  362. stop 192.168.178.199
  363. }
  364. }
  365. }
  366. static-arp disable
  367. use-dnsmasq disable
  368. }
  369. dns {
  370. forwarding {
  371. cache-size 4000
  372. listen-on switch0
  373. name-server 195.121.1.34
  374. name-server 195.121.1.66
  375. name-server 2a02:a47f:e000::53
  376. name-server 2a02:a47f:e000::54
  377. options listen-address=192.168.2.254
  378. }
  379. }
  380. gui {
  381. http-port 80
  382. https-port 443
  383. older-ciphers enable
  384. }
  385. nat {
  386. rule 5000 {
  387. description IPTV
  388. destination {
  389. address 213.75.112.0/21
  390. }
  391. log disable
  392. outbound-interface eth0.4
  393. protocol all
  394. source {
  395. address 192.168.2.0/24
  396. }
  397. type masquerade
  398. }
  399. rule 5010 {
  400. description Internet
  401. log disable
  402. outbound-interface pppoe0
  403. protocol all
  404. type masquerade
  405. }
  406. }
  407. ssh {
  408. port 22
  409. protocol-version v2
  410. }
  411. telnet {
  412. port 23
  413. }
  414. unms {
  415. disable
  416. }
  417. }
  418. system {
  419. conntrack {
  420. modules {
  421. sip {
  422. disable
  423. }
  424. }
  425. }
  426. domain-name thuis.local
  427. host-name Thuis
  428. login {
  429. user admin {
  430. authentication {
  431. encrypted-password ****************
  432. plaintext-password ****************
  433. }
  434. full-name admin
  435. level admin
  436. }
  437. }
  438. name-server 127.0.0.1
  439. ntp {
  440. server 0.nl.pool.ntp.org {
  441. }
  442. server 1.nl.pool.ntp.org {
  443. }
  444. server ntp0.nl.net {
  445. }
  446. server ntp1.nl.net {
  447. }
  448. server time.kpn.net {
  449. }
  450. }
  451. offload {
  452. hwnat enable
  453. }
  454. syslog {
  455. global {
  456. facility all {
  457. level notice
  458. }
  459. facility protocols {
  460. level debug
  461. }
  462. }
  463. }
  464. time-zone Europe/Amsterdam
  465. traffic-analysis {
  466. dpi disable
  467. export disable
  468. }
  469. }
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!