API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 22nd, 2024
40
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 28.90 KB | None | 0 0
raw download clone embed print report
  1. >>> ifconfig
  2. br0 Link encap:Ethernet HWaddr <MAC>
  3. inet addr:192.168.10.1 Bcast:192.168.10.255 Mask:255.255.255.0
  4. UP BROADCAST RUNNING ALLMULTI MULTICAST MTU:1500 Metric:1
  5. RX packets:233971 errors:0 dropped:10 overruns:0 frame:0
  6. TX packets:522071 errors:0 dropped:0 overruns:0 carrier:0
  7. collisions:0 txqueuelen:1000
  8. RX bytes:25613585 (24.4 MiB) TX bytes:689924429 (657.9 MiB)
  9.  
  10. eth0 Link encap:Ethernet HWaddr <MAC>
  11. inet addr:192.168.100.2 Bcast:192.168.100.3 Mask:255.255.255.252
  12. UP BROADCAST RUNNING ALLMULTI MULTICAST MTU:1500 Metric:1
  13. RX packets:748324 errors:0 dropped:66416 overruns:0 frame:0
  14. TX packets:339857 errors:0 dropped:0 overruns:0 carrier:0
  15. collisions:0 txqueuelen:1000
  16. RX bytes:828799452 (790.4 MiB) TX bytes:131816213 (125.7 MiB)
  17.  
  18. eth1 Link encap:Ethernet HWaddr <MAC>
  19. UP BROADCAST RUNNING ALLMULTI MULTICAST MTU:1500 Metric:1
  20. RX packets:192501 errors:0 dropped:0 overruns:0 frame:0
  21. TX packets:436206 errors:0 dropped:0 overruns:0 carrier:0
  22. collisions:0 txqueuelen:1000
  23. RX bytes:22761154 (21.7 MiB) TX bytes:589955072 (562.6 MiB)
  24.  
  25. eth2 Link encap:Ethernet HWaddr <MAC>
  26. UP BROADCAST ALLMULTI MULTICAST MTU:1500 Metric:1
  27. RX packets:0 errors:0 dropped:0 overruns:0 frame:0
  28. TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
  29. collisions:0 txqueuelen:1000
  30. RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
  31.  
  32. eth3 Link encap:Ethernet HWaddr <MAC>
  33. UP BROADCAST ALLMULTI MULTICAST MTU:1500 Metric:1
  34. RX packets:0 errors:0 dropped:0 overruns:0 frame:0
  35. TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
  36. collisions:0 txqueuelen:1000
  37. RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
  38.  
  39. eth4 Link encap:Ethernet HWaddr <MAC>
  40. UP BROADCAST ALLMULTI MULTICAST MTU:1500 Metric:1
  41. RX packets:0 errors:0 dropped:0 overruns:0 frame:0
  42. TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
  43. collisions:0 txqueuelen:1000
  44. RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
  45.  
  46. eth5 Link encap:Ethernet HWaddr <MAC>
  47. UP BROADCAST RUNNING ALLMULTI MULTICAST MTU:1500 Metric:1
  48. RX packets:2371632 errors:0 dropped:0 overruns:0 frame:0
  49. TX packets:315742 errors:0 dropped:0 overruns:0 carrier:0
  50. collisions:0 txqueuelen:1000
  51. RX bytes:3534859792 (3.2 GiB) TX bytes:36633687 (34.9 MiB)
  52.  
  53. eth6 Link encap:Ethernet HWaddr <MAC>
  54. UP BROADCAST RUNNING ALLMULTI MULTICAST MTU:1500 Metric:1
  55. RX packets:0 errors:0 dropped:0 overruns:0 frame:0
  56. TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
  57. collisions:0 txqueuelen:1000
  58. RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
  59. Interrupt:70
  60.  
  61. eth7 Link encap:Ethernet HWaddr <MAC>
  62. UP BROADCAST RUNNING ALLMULTI MULTICAST MTU:1500 Metric:1
  63. RX packets:329659 errors:0 dropped:15 overruns:0 frame:0
  64. TX packets:2448390 errors:0 dropped:7 overruns:0 carrier:0
  65. collisions:0 txqueuelen:1000
  66. RX bytes:36979985 (35.2 MiB) TX bytes:3632496466 (3.3 GiB)
  67.  
  68. lo Link encap:Local Loopback
  69. inet addr:127.0.0.1 Mask:255.0.0.0
  70. UP LOOPBACK RUNNING MULTICAST MTU:65536 Metric:1
  71. RX packets:19523 errors:0 dropped:0 overruns:0 frame:0
  72. TX packets:19523 errors:0 dropped:0 overruns:0 carrier:0
  73. collisions:0 txqueuelen:1000
  74. RX bytes:4790909 (4.5 MiB) TX bytes:4790909 (4.5 MiB)
  75.  
  76. lo:0 Link encap:Local Loopback
  77. inet addr:127.0.1.1 Mask:255.0.0.0
  78. UP LOOPBACK RUNNING MULTICAST MTU:65536 Metric:1
  79.  
  80. spu_ds_dummy Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
  81. UP RUNNING NOARP MTU:2048 Metric:1
  82. RX packets:0 errors:0 dropped:0 overruns:0 frame:0
  83. TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
  84. collisions:0 txqueuelen:100
  85. RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
  86.  
  87. spu_us_dummy Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
  88. UP RUNNING NOARP MTU:2048 Metric:1
  89. RX packets:0 errors:0 dropped:0 overruns:0 frame:0
  90. TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
  91. collisions:0 txqueuelen:100
  92. RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
  93.  
  94. tun12 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
  95. inet addr:10.100.0.2 P-t-P:10.100.0.2 Mask:255.255.255.0
  96. UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
  97. RX packets:158008 errors:0 dropped:0 overruns:0 frame:0
  98. TX packets:55721 errors:0 dropped:0 overruns:0 carrier:0
  99. collisions:0 txqueuelen:1000
  100. RX bytes:190615902 (181.7 MiB) TX bytes:5724032 (5.4 MiB)
  101.  
  102. wgs1 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
  103. inet addr:192.168.11.1 P-t-P:192.168.11.1 Mask:255.255.255.255
  104. UP POINTOPOINT RUNNING NOARP MTU:1420 Metric:1
  105. RX packets:24959 errors:0 dropped:0 overruns:0 frame:0
  106. TX packets:76872 errors:0 dropped:0 overruns:0 carrier:0
  107. collisions:0 txqueuelen:1000
  108. RX bytes:2557972 (2.4 MiB) TX bytes:94575420 (90.1 MiB)
  109.  
  110. wl1.2 Link encap:Ethernet HWaddr C8:7F:54:DD:0A:AE
  111. UP BROADCAST RUNNING ALLMULTI MULTICAST MTU:1500 Metric:1
  112. RX packets:0 errors:0 dropped:1 overruns:0 frame:0
  113. TX packets:6072 errors:0 dropped:0 overruns:0 carrier:0
  114. collisions:0 txqueuelen:1000
  115. RX bytes:0 (0.0 B) TX bytes:1193306 (1.1 MiB)
  116.  
  117.  
  118. >>> brctl show
  119. bridge name bridge id STP enabled interfaces
  120. br0 8000.<REMOVED> no eth1
  121. eth2
  122. eth3
  123. eth4
  124. eth5
  125. eth6
  126. eth7
  127. wl1.2
  128.  
  129. >>> ip route show table main
  130. default via 192.168.100.1 dev eth0
  131. 1.0.0.2 via 192.168.100.1 dev eth0 metric 1
  132. 1.1.1.2 via 192.168.100.1 dev eth0 metric 1
  133. 10.100.0.0/24 dev tun12 proto kernel scope link src 10.100.0.2
  134. 127.0.0.0/8 dev lo scope link
  135. 192.168.10.0/24 dev br0 proto kernel scope link src 192.168.10.1
  136. 192.168.11.2 dev wgs1 scope link
  137. 192.168.11.3 dev wgs1 scope link
  138. 192.168.100.0/30 dev eth0 proto kernel scope link src 192.168.100.2
  139. 192.168.100.1 dev eth0 proto kernel scope link
  140.  
  141. >>> ip route show table ovpnc1
  142.  
  143. >>> ip route show table ovpnc2
  144. default via 10.100.0.1 dev tun12
  145. 1.0.0.2 via 192.168.100.1 dev eth0 metric 1
  146. 1.1.1.2 via 192.168.100.1 dev eth0 metric 1
  147. 10.100.0.0/24 dev tun12 proto kernel scope link src 10.100.0.2
  148. 127.0.0.0/8 dev lo scope link
  149. <WANVPNIP2> via 192.168.100.1 dev eth0
  150. 192.168.10.0/24 dev br0 proto kernel scope link src 192.168.10.1
  151. 192.168.11.2 dev wgs1 scope link
  152. 192.168.11.3 dev wgs1 scope link
  153. 192.168.100.0/30 dev eth0 proto kernel scope link src 192.168.100.2
  154. 192.168.100.1 dev eth0 proto kernel scope link
  155.  
  156. >>> ip rule
  157. 0: from all lookup local
  158. 90: from all to 192.168.11.2 lookup main
  159. 90: from all to 192.168.11.3 lookup main
  160. 10010: from 192.168.10.0/24 to 192.168.10.0/24 lookup main
  161. 10011: from 192.168.10.0/24 to 192.168.11.3 lookup main
  162. 10012: from 192.168.10.10 lookup main
  163. 10013: from 192.168.10.1 lookup main
  164. 10410: from 192.168.11.0/24 lookup ovpnc2
  165. 10411: from 192.168.10.0/24 lookup ovpnc2
  166. 12210: from 192.168.10.2 prohibit
  167. 12211: from 192.168.11.0/24 prohibit
  168. 12211: from 192.168.10.0/24 prohibit
  169. 32766: from all lookup main
  170. 32767: from all lookup default
  171.  
  172. >>> iptables -t mangle -vnL
  173. Chain PREROUTING (policy ACCEPT 459K packets, 416M bytes)
  174. pkts bytes target prot opt in out source destination
  175. 24701 1482K MARK all -- wgs1 * 0.0.0.0/0 0.0.0.0/0 MARK or 0x1
  176.  
  177. Chain INPUT (policy ACCEPT 219K packets, 209M bytes)
  178. pkts bytes target prot opt in out source destination
  179.  
  180. Chain FORWARD (policy ACCEPT 217K packets, 197M bytes)
  181. pkts bytes target prot opt in out source destination
  182.  
  183. Chain OUTPUT (policy ACCEPT 168K packets, 112M bytes)
  184. pkts bytes target prot opt in out source destination
  185.  
  186. Chain POSTROUTING (policy ACCEPT 386K packets, 309M bytes)
  187. pkts bytes target prot opt in out source destination
  188. 75677 92M MARK all -- * wgs1 0.0.0.0/0 0.0.0.0/0 MARK or 0x1
  189.  
  190. >>> iptables -t nat -vnL
  191. Chain PREROUTING (policy ACCEPT 26798 packets, 11M bytes)
  192. pkts bytes target prot opt in out source destination
  193. 3178 235K GAME_VSERVER all -- * * 0.0.0.0/0 192.168.100.2
  194. 3178 235K VSERVER all -- * * 0.0.0.0/0 192.168.100.2
  195. 416 32812 DNSFILTER udp -- br+ * 0.0.0.0/0 0.0.0.0/0 udp dpt:53
  196. 1 64 DNSFILTER tcp -- br+ * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
  197.  
  198. Chain INPUT (policy ACCEPT 665 packets, 69026 bytes)
  199. pkts bytes target prot opt in out source destination
  200.  
  201. Chain OUTPUT (policy ACCEPT 11618 packets, 932K bytes)
  202. pkts bytes target prot opt in out source destination
  203.  
  204. Chain POSTROUTING (policy ACCEPT 10945 packets, 872K bytes)
  205. pkts bytes target prot opt in out source destination
  206. 119 9050 MASQUERADE all -- * tun12 0.0.0.0/0 0.0.0.0/0
  207. 9842 794K PUPNP all -- * eth0 0.0.0.0/0 0.0.0.0/0
  208. 469 228K MASQUERADE all -- * eth0 !192.168.100.2 0.0.0.0/0
  209. 673 59508 MASQUERADE all -- * br0 192.168.10.0/24 192.168.10.0/24
  210.  
  211. Chain DNSFILTER (2 references)
  212. pkts bytes target prot opt in out source destination
  213. 417 32876 DNAT all -- * * 0.0.0.0/0 0.0.0.0/0 to:192.168.10.1
  214.  
  215. Chain GAME_VSERVER (1 references)
  216. pkts bytes target prot opt in out source destination
  217.  
  218. Chain LOCALSRV (0 references)
  219. pkts bytes target prot opt in out source destination
  220.  
  221. Chain MAPE (0 references)
  222. pkts bytes target prot opt in out source destination
  223.  
  224. Chain PCREDIRECT (0 references)
  225. pkts bytes target prot opt in out source destination
  226.  
  227. Chain PUPNP (1 references)
  228. pkts bytes target prot opt in out source destination
  229.  
  230. Chain VSERVER (1 references)
  231. pkts bytes target prot opt in out source destination
  232. 3178 235K VUPNP all -- * * 0.0.0.0/0 0.0.0.0/0
  233.  
  234. Chain VUPNP (1 references)
  235. pkts bytes target prot opt in out source destination
  236.  
  237. >>> iptables -vnL
  238. Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
  239. pkts bytes target prot opt in out source destination
  240. 31 1188 INPUT_PING icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8
  241. 200K 205M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
  242. 25 2528 logdrop all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID
  243. 15749 3107K PTCSRVWAN all -- !br0 * 0.0.0.0/0 0.0.0.0/0
  244. 2939 483K PTCSRVLAN all -- br0 * 0.0.0.0/0 0.0.0.0/0
  245. 0 0 logdrop tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 tcp dpt:<REMOVED>
  246. 2939 483K ACCEPT all -- br0 * 0.0.0.0/0 0.0.0.0/0 state NEW
  247. 12360 2864K ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 state NEW
  248. 2 80 INPUT_ICMP icmp -- * * 0.0.0.0/0 0.0.0.0/0
  249. 0 0 ACCEPT 47 -- * * 0.0.0.0/0 0.0.0.0/0
  250. 3389 243K WGSI all -- * * 0.0.0.0/0 0.0.0.0/0
  251. 3346 240K WGCI all -- * * 0.0.0.0/0 0.0.0.0/0
  252. 3346 240K OVPNSI all -- * * 0.0.0.0/0 0.0.0.0/0
  253. 3346 240K OVPNCI all -- * * 0.0.0.0/0 0.0.0.0/0
  254. 3346 240K logdrop all -- * * 0.0.0.0/0 0.0.0.0/0
  255.  
  256. Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
  257. pkts bytes target prot opt in out source destination
  258. 0 0 DROP ah -- br0 eth0 0.0.0.0/0 0.0.0.0/0
  259. 0 0 DROP esp -- br0 eth0 0.0.0.0/0 0.0.0.0/0
  260. 0 0 DROP udp -- br0 eth0 0.0.0.0/0 0.0.0.0/0 udp dpt:<REMOVED>
  261. 0 0 DROP udp -- br0 eth0 0.0.0.0/0 0.0.0.0/0 udp dpt:<REMOVED>
  262. 0 0 DROP udp -- br0 eth0 0.0.0.0/0 0.0.0.0/0 udp dpt:<REMOVED>
  263. 0 0 DROP 47 -- br0 eth0 0.0.0.0/0 0.0.0.0/0
  264. 0 0 DROP tcp -- br0 eth0 0.0.0.0/0 0.0.0.0/0 tcp dpt:<REMOVED>
  265. 217K 197M IPSEC_DROP_SUBNET_ICMP all -- * * 0.0.0.0/0 0.0.0.0/0
  266. 217K 197M IPSEC_STRONGSWAN all -- * * 0.0.0.0/0 0.0.0.0/0
  267. 217K 197M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
  268. 609 239K WGSF all -- * * 0.0.0.0/0 0.0.0.0/0
  269. 540 233K OVPNSF all -- * * 0.0.0.0/0 0.0.0.0/0
  270. 0 0 logdrop all -- !br0 eth0 0.0.0.0/0 0.0.0.0/0
  271. 0 0 ACCEPT all -- br0 br0 0.0.0.0/0 0.0.0.0/0
  272. 1 52 logdrop all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID
  273. 0 0 SECURITY all -- eth0 * 0.0.0.0/0 0.0.0.0/0
  274. 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate DNAT
  275. 0 0 DNSFILTER_DOT tcp -- br+ * 0.0.0.0/0 0.0.0.0/0 tcp dpt:853
  276. 539 233K WGCF all -- * * 0.0.0.0/0 0.0.0.0/0
  277. 539 233K OVPNCF all -- * * 0.0.0.0/0 0.0.0.0/0
  278. 476 229K VPNCF all -- * * 0.0.0.0/0 0.0.0.0/0
  279. 476 229K ACCEPT all -- br0 * 0.0.0.0/0 0.0.0.0/0
  280. 0 0 logdrop all -- * * 0.0.0.0/0 0.0.0.0/0
  281.  
  282. Chain OUTPUT (policy ACCEPT 166K packets, 111M bytes)
  283. pkts bytes target prot opt in out source destination
  284. 1207 83701 OUTPUT_DNS udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:53 u32 "<REMOVED>"
  285. 68 6949 OUTPUT_DNS tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 u32 "<REMOVED>"
  286. 168K 112M OUTPUT_IP all -- * * 0.0.0.0/0 0.0.0.0/0
  287.  
  288. Chain ACCESS_RESTRICTION (0 references)
  289. pkts bytes target prot opt in out source destination
  290.  
  291. Chain DNSFILTER_DOT (1 references)
  292. pkts bytes target prot opt in out source destination
  293. 0 0 REJECT all -- * * 0.0.0.0/0 !192.168.10.1 reject-with icmp-port-unreachable
  294.  
  295. Chain FUPNP (0 references)
  296. pkts bytes target prot opt in out source destination
  297.  
  298. Chain IControls (0 references)
  299. pkts bytes target prot opt in out source destination
  300.  
  301. Chain INPUT_ICMP (1 references)
  302. pkts bytes target prot opt in out source destination
  303. 0 0 RETURN icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8
  304. 2 80 RETURN icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 13
  305. 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
  306.  
  307. Chain INPUT_PING (1 references)
  308. pkts bytes target prot opt in out source destination
  309. 30 1128 logdrop icmp -- eth0 * 0.0.0.0/0 0.0.0.0/0
  310.  
  311. Chain IPSEC_DROP_SUBNET_ICMP (1 references)
  312. pkts bytes target prot opt in out source destination
  313.  
  314. Chain IPSEC_STRONGSWAN (1 references)
  315. pkts bytes target prot opt in out source destination
  316.  
  317. Chain OUTPUT_DNS (2 references)
  318. pkts bytes target prot opt in out source destination
  319. 0 0 logdrop_dns all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "<REMOVED>" ALGO name bm TO 65535 ICASE
  320. 0 0 logdrop_dns all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "<REMOVED>" ALGO name bm TO 65535 ICASE
  321. 0 0 logdrop_dns all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "<REMOVED>" ALGO name bm TO 65535 ICASE
  322. 0 0 logdrop_dns all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "<REMOVED>" ALGO name bm TO 65535 ICASE
  323. 0 0 logdrop_dns all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "<REMOVED>" ALGO name bm TO 65535 ICASE
  324. 0 0 logdrop_dns all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "<REMOVED>" ALGO name bm TO 65535 ICASE
  325. 0 0 logdrop_dns all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "<REMOVED>" ALGO name bm TO 65535 ICASE
  326. 0 0 logdrop_dns all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "<REMOVED>" ALGO name bm TO 65535 ICASE
  327. 0 0 logdrop_dns all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "<REMOVED>" ALGO name bm TO 65535 ICASE
  328. 0 0 logdrop_dns all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "<REMOVED>" ALGO name bm TO 65535 ICASE
  329. 0 0 logdrop_dns all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "<REMOVED>" ALGO name bm TO 65535 ICASE
  330. 0 0 logdrop_dns all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "<REMOVED>" ALGO name bm TO 65535 ICASE
  331. 0 0 logdrop_dns all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "<REMOVED>" ALGO name bm TO 65535 ICASE
  332. 0 0 logdrop_dns all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "<REMOVED>" ALGO name bm TO 65535 ICASE
  333. 0 0 logdrop_dns all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "<REMOVED>" ALGO name bm TO 65535 ICASE
  334. 0 0 logdrop_dns all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "<REMOVED>" ALGO name bm TO 65535 ICASE
  335. 0 0 logdrop_dns all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "<REMOVED>" ALGO name bm TO 65535 ICASE
  336. 0 0 logdrop_dns all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "<REMOVED>" ALGO name bm TO 65535 ICASE
  337. 0 0 logdrop_dns all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "<REMOVED>" ALGO name bm TO 65535 ICASE
  338. 0 0 logdrop_dns all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "<REMOVED>" ALGO name bm TO 65535 ICASE
  339. 0 0 logdrop_dns all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "<REMOVED>" ALGO name bm TO 65535 ICASE
  340.  
  341. Chain OUTPUT_IP (1 references)
  342. pkts bytes target prot opt in out source destination
  343. 0 0 logdrop_ip all -- * * 0.0.0.0/0 <SOMEREMOTEIP>
  344. 0 0 logdrop_ip all -- * * 0.0.0.0/0 <SOMEREMOTEIP>
  345. 0 0 logdrop_ip all -- * * 0.0.0.0/0 <SOMEREMOTEIP>
  346. 0 0 logdrop_ip all -- * * 0.0.0.0/0 <SOMEREMOTEIP>
  347. 0 0 logdrop_ip all -- * * 0.0.0.0/0 <SOMEREMOTEIP>
  348. 0 0 logdrop_ip all -- * * 0.0.0.0/0 <SOMEREMOTEIP>
  349.  
  350. Chain OVPNCF (1 references)
  351. pkts bytes target prot opt in out source destination
  352. 63 4794 ACCEPT all -- * tun12 0.0.0.0/0 0.0.0.0/0
  353. 0 0 DROP all -- tun12 * 0.0.0.0/0 0.0.0.0/0
  354.  
  355. Chain OVPNCI (1 references)
  356. pkts bytes target prot opt in out source destination
  357. 0 0 DROP all -- tun12 * 0.0.0.0/0 0.0.0.0/0
  358.  
  359. Chain OVPNSF (1 references)
  360. pkts bytes target prot opt in out source destination
  361.  
  362. Chain OVPNSI (1 references)
  363. pkts bytes target prot opt in out source destination
  364.  
  365. Chain PControls (0 references)
  366. pkts bytes target prot opt in out source destination
  367.  
  368. Chain PTCSRVLAN (1 references)
  369. pkts bytes target prot opt in out source destination
  370.  
  371. Chain PTCSRVWAN (1 references)
  372. pkts bytes target prot opt in out source destination
  373.  
  374. Chain SECURITY (1 references)
  375. pkts bytes target prot opt in out source destination
  376. 0 0 RETURN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcpflags: 0x17/0x02 limit: avg 1/sec burst 5
  377. 0 0 logdrop tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcpflags: 0x17/0x02
  378. 0 0 RETURN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcpflags: 0x17/0x04 limit: avg 1/sec burst 5
  379. 0 0 logdrop tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcpflags: 0x17/0x04
  380. 0 0 RETURN icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8 limit: avg 1/sec burst 5
  381. 0 0 logdrop icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8
  382. 0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
  383.  
  384. Chain VPNCF (1 references)
  385. pkts bytes target prot opt in out source destination
  386.  
  387. Chain VPNCI (0 references)
  388. pkts bytes target prot opt in out source destination
  389.  
  390. Chain WGCF (1 references)
  391. pkts bytes target prot opt in out source destination
  392.  
  393. Chain WGCI (1 references)
  394. pkts bytes target prot opt in out source destination
  395.  
  396. Chain WGNPControls (0 references)
  397. pkts bytes target prot opt in out source destination
  398.  
  399. Chain WGSF (1 references)
  400. pkts bytes target prot opt in out source destination
  401. 0 0 ACCEPT all -- * wgs1 0.0.0.0/0 0.0.0.0/0
  402. 69 5052 ACCEPT all -- wgs1 * 0.0.0.0/0 0.0.0.0/0
  403.  
  404. Chain WGSI (1 references)
  405. pkts bytes target prot opt in out source destination
  406. 6 924 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:<REMOVED>
  407. 37 2385 ACCEPT all -- wgs1 * 0.0.0.0/0 0.0.0.0/0
  408.  
  409. Chain default_block (0 references)
  410. pkts bytes target prot opt in out source destination
  411.  
  412. Chain logaccept (0 references)
  413. pkts bytes target prot opt in out source destination
  414. 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 state NEW LOG flags 7 level 4 prefix "ACCEPT "
  415. 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
  416.  
  417. Chain logdrop (10 references)
  418. pkts bytes target prot opt in out source destination
  419. 3402 243K DROP all -- * * 0.0.0.0/0 0.0.0.0/0
  420.  
  421. Chain logdrop_dns (21 references)
  422. pkts bytes target prot opt in out source destination
  423. 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 7 level 4 prefix "DROP_DNS "
  424. 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
  425.  
  426. Chain logdrop_ip (6 references)
  427. pkts bytes target prot opt in out source destination
  428. 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 7 level 4 prefix "DROP_IP "
  429. 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
  430.  
  431. >>> cat /tmp/etc/openvpn/client1/config.ovpn
  432. cat: can't open '/tmp/etc/openvpn/client1/config.ovpn': No such file or directory
  433.  
  434. >>> cat /tmp/etc/openvpn/client2/config.ovpn
  435. daemon ovpn-client2
  436. client
  437. dev tun12
  438. txqueuelen 1000
  439. proto udp
  440. fast-io
  441. remote <WANVPNIP2> 1194
  442. connect-retry-max 15
  443. nobind
  444. persist-key
  445. persist-tun
  446. compress
  447. data-ciphers AES-256-GCM:AES-128-GCM:AES-256-CBC:AES-128-CBC:CHACHA20-POLY1305
  448. auth SHA512
  449. route-noexec
  450. reneg-sec 0
  451. tls-auth static.key 1
  452. ca ca.crt
  453. auth-user-pass auth
  454. up 'ovpn-up 2 client'
  455. down 'ovpn-down 2 client'
  456. route-up 'ovpn-route-up'
  457. route-pre-down 'ovpn-route-pre-down'
  458. script-security 2
  459. route-delay 2
  460. verb 3
  461. status-version 2
  462. status status 5
  463.  
  464. # Custom Configuration
  465. resolv-retry infinite
  466. remote-random
  467. tun-mtu 1500
  468. tun-mtu-extra 32
  469. mssfix 1450
  470. ping 15
  471. ping-restart 0
  472. ping-timer-rem
  473. verify-x509-name CN=<REMOVED>
  474. remote-cert-tls server
  475. pull
  476. fast-io
  477. cipher AES-256-CBC
  478.  
  479. pull-filter ignore "ifconfig-ipv6"
  480. pull-filter ignore "route-ipv6"
  481. auth-nocache
  482. mute-replay-warnings
  483. disable-occ
  484.  
  485. nobind
  486. persist-key
  487. persist-tun
  488. reneg-sec 0
  489.  
  490. #log /tmp/vpn.log
  491. >>> cat /jffs/openvpn/vpndirector_rulelist
  492. <1>LAN to LAN>192.168.10.0/24>192.168.10.0/24>WAN<1>WG02 to LAN>192.168.10.0/24>192.168.11.3>WAN<1>PC to WAN>192.168.10.10>>WAN<1>RTR to WAN>192.168.10.1>>WAN<1>NAS to OVPN>192.168.10.2>>OVPN1<1>WG to OVPN>192.168.11.0/24>>OVPN2<1>LAN to OVPN>192.168.10.0/24>>OVPN2
  493.  
  494. >>> cat /tmp/etc/dnsmasq.conf
  495. pid-file=/var/run/dnsmasq.pid
  496. user=nobody
  497. bind-dynamic
  498. interface=br0
  499. interface=pptp*
  500. no-dhcp-interface=pptp*
  501. no-resolv
  502. servers-file=/tmp/resolv.dnsmasq
  503. no-poll
  504. no-negcache
  505. cache-size=1500
  506. min-port=4096
  507. dns-forward-max=1500
  508. domain=home
  509. expand-hosts
  510. bogus-priv
  511. domain-needed
  512. local=/home/
  513. dhcp-range=lan,192.168.10.21,192.168.10.50,255.255.255.0,86400s
  514. dhcp-option=lan,3,192.168.10.1
  515. dhcp-option=lan,15,home
  516. dhcp-authoritative
  517. interface=br1
  518. dhcp-range=br1,192.168.101.2,192.168.101.254,255.255.255.0,86400s
  519. dhcp-option=br1,3,192.168.101.1
  520. interface=br2
  521. dhcp-range=br2,192.168.102.2,192.168.102.254,255.255.255.0,86400s
  522. dhcp-option=br2,3,192.168.102.1
  523. interface=wgs1
  524. no-dhcp-interface=wgs1
  525. dhcp-host=<MAC>,set:<MAC>,192.168.10.2
  526. dhcp-host=<MAC>,set:<MAC>,192.168.10.10
  527. dhcp-host=<MAC>,set:<MAC>,192.168.10.3
  528. dhcp-host=<MAC>,set:<MAC>,192.168.10.4
  529. dhcp-host=<MAC>,set:<MAC>,192.168.10.9
  530. quiet-dhcp
  531. quiet-dhcp6
  532. trust-anchor=.,20326,8,2,<REMOVED>
  533. dnssec
  534. stop-dns-rebind
  535. rebind-domain-ok=dns.msftncsi.com
  536. address=/use-application-dns.net/
  537. address=/_dns.resolver.arpa/
  538. address=/mask.icloud.com/mask-h2.icloud.com/
  539. dhcp-name-match=set:wpad-ignore,wpad
  540. dhcp-ignore-names=tag:wpad-ignore
  541. dhcp-script=/sbin/dhcpc_lease
  542. script-arp
  543. edns-packet-max=1232
  544. ipset=/1drv.ms/asuswrt-merlin.net/asuswrt.lostrealm.ca/big.oisd.nl/bin.entware.net/cdn.jsdelivr.net/codeload.github.com/diversion.ch/entware.diversion.ch/entware.net/fwupdate.asuswrt-merlin.net/gist.githubusercontent.com/localhost.localdomain/maurerr.github.io/mirrors.bfsu.edu.cn/oisd.nl/onedrive.live.com/pgl.yoyo.org/pkg.entware.net/raw.githubusercontent.com/Skynet-WhitelistDomains # Skynet
  545. ipset=/small.oisd.nl/snbforums.com/someonewhocares.org/sourceforge.net/urlhaus.abuse.ch/iplists.firehol.org/ipdeny.com/ipapi.co/api.db-ip.com/api.bgpview.io/asn.ipinfo.app/speedguide.net/otx.alienvault.com/github.com/astrill.com/strongpath.net/nwsrv-ns1.asus.com/0.pool.ntp.org/1.pool.ntp.org/Skynet-WhitelistDomains # Skynet
  546.  
  547. # start of Diversion directives #
  548. conf-file=/opt/share/diversion/list/allowlist.conf
  549. conf-file=/opt/share/diversion/list/blockinglist.conf
  550. conf-file=/opt/share/diversion/list/denylist.conf
  551. log-async
  552. log-queries
  553. log-facility=/opt/var/log/dnsmasq.log
  554. # end of Diversion directives #
  555.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!