API tools faq
paste
Advertisement
Guest User

Router A: Firewall

a guest
Sep 24th, 2018
113
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.53 KB | None | 0 0
raw download clone embed print report
  1. config rule 'cfg0c92bd'
  2. option dest_ip 'fe80::/10'
  3. option target 'ACCEPT'
  4. option dest_port '546'
  5. option src_port '547'
  6. option name 'Allow-DHCPv6'
  7. option src_ip 'fe80::/10'
  8. option family 'ipv6'
  9. option proto 'udp'
  10. option src 'wan'
  11.  
  12. config forwarding 'cfg16ad58'
  13. option dest 'wan'
  14. option src 'lan'
  15.  
  16. config zone 'cfg04dc81'
  17. option network 'lan'
  18. option output 'ACCEPT'
  19. option name 'lan'
  20. option input 'ACCEPT'
  21. option forward 'ACCEPT'
  22.  
  23. config rule 'cfg0892bd'
  24. option dest_port '68'
  25. option name 'Allow-DHCP-Renew'
  26. option family 'ipv4'
  27. option target 'ACCEPT'
  28. option proto 'udp'
  29. option src 'wan'
  30.  
  31. config rule 'cfg0e92bd'
  32. option target 'ACCEPT'
  33. list icmp_type 'destination-unreachable'
  34. list icmp_type 'time-exceeded'
  35. list icmp_type 'bad-header'
  36. list icmp_type 'echo-reply'
  37. list icmp_type 'neighbour-solicitation'
  38. list icmp_type 'echo-request'
  39. list icmp_type 'neighbour-advertisement'
  40. list icmp_type 'packet-too-big'
  41. list icmp_type 'router-advertisement'
  42. list icmp_type 'unknown-header-type'
  43. list icmp_type 'router-solicitation'
  44. option name 'Allow-ICMPv6-Input'
  45. option limit '1000/sec'
  46. option family 'ipv6'
  47. option proto 'icmp'
  48. option src 'wan'
  49.  
  50. config zone 'cfg14dc81'
  51. option output 'ACCEPT'
  52. option name 'ninux'
  53. option input 'ACCEPT'
  54. option forward 'ACCEPT'
  55. option network 'ninux vpnbas'
  56.  
  57. config zone 'cfg06dc81'
  58. option network 'wan wan6'
  59. option output 'ACCEPT'
  60. option masq '1'
  61. option name 'wan'
  62. option input 'ACCEPT'
  63. option forward 'REJECT'
  64. option mtu_fix '1'
  65.  
  66. config include 'cfg12af89'
  67. option path '/etc/firewall.user'
  68.  
  69. config rule 'cfg0a92bd'
  70. option icmp_type 'echo-request'
  71. option name 'Allow-Ping'
  72. option target 'ACCEPT'
  73. option family 'ipv4'
  74. option proto 'icmp'
  75. option src 'wan'
  76.  
  77. config defaults 'cfg02e63d'
  78. option syn_flood '1'
  79. option input 'ACCEPT'
  80. option forward 'ACCEPT'
  81. option output 'ACCEPT'
  82.  
  83. config rule 'cfg1092bd'
  84. option target 'ACCEPT'
  85. option family 'ipv6'
  86. list icmp_type 'destination-unreachable'
  87. list icmp_type 'echo-request'
  88. list icmp_type 'packet-too-big'
  89. list icmp_type 'unknown-header-type'
  90. list icmp_type 'time-exceeded'
  91. list icmp_type 'bad-header'
  92. list icmp_type 'echo-reply'
  93. option name 'Allow-ICMPv6-Forward'
  94. option limit '1000/sec'
  95. option dest '*'
  96. option proto 'icmp'
  97. option src 'wan'
  98.  
  99. config forwarding 'cfg0dad58'
  100. option dest 'wan'
  101. option src 'ninux'
  102.  
  103. config forwarding 'cfg0ead58'
  104. option dest 'ninux'
  105. option src 'lan'
  106.  
  107. config forwarding 'cfg0cad58'
  108. option dest 'lan'
  109. option src 'ninux'
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!