Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ####################################################################
- root@OpenWrt:/etc/config# cat vpnbypass
- config vpnbypass 'config'
- list localport '32400'
- list remotesubnet '25.0.0.0/8'
- option enabled '1'
- ####################################################################
- root@OpenWrt:/etc/config# cat dhcp
- config dnsmasq
- option domainneeded '1'
- option localise_queries '1'
- option rebind_protection '1'
- option rebind_localhost '1'
- option local '/lan/'
- option domain 'lan'
- option expandhosts '1'
- option authoritative '1'
- option readethers '1'
- option leasefile '/tmp/dhcp.leases'
- option resolvfile '/tmp/resolv.conf.auto'
- option nonwildcard '1'
- option localservice '1'
- list ipset '/wtfismyip.com/vpnbypass'
- option serversfile '/tmp/adb_list.overall'
- list rebind_domain 'plex.direct'
- [...]
- ####################################################################
- root@OpenWrt:/etc/config# cat network
- [...]
- config interface 'lan'
- option type 'bridge'
- option ifname 'eth0'
- option proto 'static'
- option netmask '255.255.255.0'
- option ip6assign '60'
- option ipaddr '192.168.0.1'
- option dns '1.1.1.1 1.0.0.1'
- [...]
- config interface 'ovpn'
- option proto 'none'
- option ifname 'tun0'
- ####################################################################
- root@OpenWrt:/etc/config# iptables -L
- Chain INPUT (policy ACCEPT)
- target prot opt source destination
- ACCEPT all -- anywhere anywhere /* !fw3 */
- input_rule all -- anywhere anywhere /* !fw3: Custom input rule chain */
- ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED /* !fw3 */
- syn_flood tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN /* !fw3 */
- zone_lan_input all -- anywhere anywhere /* !fw3 */
- zone_wan_input all -- anywhere anywhere /* !fw3 */
- zone_wan_input all -- anywhere anywhere /* !fw3 */
- Chain FORWARD (policy DROP)
- target prot opt source destination
- forwarding_rule all -- anywhere anywhere /* !fw3: Custom forwarding rule chain */
- ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED /* !fw3 */
- zone_lan_forward all -- anywhere anywhere /* !fw3 */
- zone_wan_forward all -- anywhere anywhere /* !fw3 */
- zone_wan_forward all -- anywhere anywhere /* !fw3 */
- reject all -- anywhere anywhere /* !fw3 */
- Chain OUTPUT (policy ACCEPT)
- target prot opt source destination
- ACCEPT all -- anywhere anywhere /* !fw3 */
- output_rule all -- anywhere anywhere /* !fw3: Custom output rule chain */
- ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED /* !fw3 */
- zone_lan_output all -- anywhere anywhere /* !fw3 */
- zone_wan_output all -- anywhere anywhere /* !fw3 */
- zone_wan_output all -- anywhere anywhere /* !fw3 */
- Chain forwarding_lan_rule (1 references)
- target prot opt source destination
- Chain forwarding_rule (1 references)
- target prot opt source destination
- Chain forwarding_wan_rule (1 references)
- target prot opt source destination
- Chain input_lan_rule (1 references)
- target prot opt source destination
- Chain input_rule (1 references)
- target prot opt source destination
- Chain input_wan_rule (1 references)
- target prot opt source destination
- Chain output_lan_rule (1 references)
- target prot opt source destination
- Chain output_rule (1 references)
- target prot opt source destination
- Chain output_wan_rule (1 references)
- target prot opt source destination
- Chain reject (5 references)
- target prot opt source destination
- REJECT tcp -- anywhere anywhere /* !fw3 */ reject-with tcp-reset
- REJECT all -- anywhere anywhere /* !fw3 */ reject-with icmp-port-unreachable
- Chain syn_flood (1 references)
- target prot opt source destination
- RETURN tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN limit: avg 25/sec burst 50 /* !fw3 */
- DROP all -- anywhere anywhere /* !fw3 */
- Chain zone_lan_dest_ACCEPT (4 references)
- target prot opt source destination
- ACCEPT all -- anywhere anywhere /* !fw3 */
- Chain zone_lan_forward (1 references)
- target prot opt source destination
- forwarding_lan_rule all -- anywhere anywhere /* !fw3: Custom lan forwarding rule chain */
- zone_wan_dest_ACCEPT all -- anywhere anywhere /* !fw3: Zone lan to wan forwarding policy */
- ACCEPT all -- anywhere anywhere ctstate DNAT /* !fw3: Accept port forwards */
- zone_lan_dest_ACCEPT all -- anywhere anywhere /* !fw3 */
- Chain zone_lan_input (1 references)
- target prot opt source destination
- input_lan_rule all -- anywhere anywhere /* !fw3: Custom lan input rule chain */
- ACCEPT all -- anywhere anywhere ctstate DNAT /* !fw3: Accept port redirections */
- zone_lan_src_ACCEPT all -- anywhere anywhere /* !fw3 */
- Chain zone_lan_output (1 references)
- target prot opt source destination
- output_lan_rule all -- anywhere anywhere /* !fw3: Custom lan output rule chain */
- zone_lan_dest_ACCEPT all -- anywhere anywhere /* !fw3 */
- Chain zone_lan_src_ACCEPT (1 references)
- target prot opt source destination
- ACCEPT all -- anywhere anywhere ctstate NEW,UNTRACKED /* !fw3 */
- Chain zone_wan_dest_ACCEPT (2 references)
- target prot opt source destination
- DROP all -- anywhere anywhere ctstate INVALID /* !fw3: Prevent NAT leakage */
- ACCEPT all -- anywhere anywhere /* !fw3 */
- DROP all -- anywhere anywhere ctstate INVALID /* !fw3: Prevent NAT leakage */
- ACCEPT all -- anywhere anywhere /* !fw3 */
- Chain zone_wan_dest_REJECT (1 references)
- target prot opt source destination
- reject all -- anywhere anywhere /* !fw3 */
- reject all -- anywhere anywhere /* !fw3 */
- Chain zone_wan_forward (2 references)
- target prot opt source destination
- forwarding_wan_rule all -- anywhere anywhere /* !fw3: Custom wan forwarding rule chain */
- zone_lan_dest_ACCEPT esp -- anywhere anywhere /* !fw3: Allow-IPSec-ESP */
- zone_lan_dest_ACCEPT udp -- anywhere anywhere udp dpt:isakmp /* !fw3: Allow-ISAKMP */
- ACCEPT all -- anywhere anywhere ctstate DNAT /* !fw3: Accept port forwards */
- zone_wan_dest_REJECT all -- anywhere anywhere /* !fw3 */
- Chain zone_wan_input (2 references)
- target prot opt source destination
- input_wan_rule all -- anywhere anywhere /* !fw3: Custom wan input rule chain */
- ACCEPT udp -- anywhere anywhere udp dpt:bootpc /* !fw3: Allow-DHCP-Renew */
- ACCEPT icmp -- anywhere anywhere icmp echo-request /* !fw3: Allow-Ping */
- ACCEPT igmp -- anywhere anywhere /* !fw3: Allow-IGMP */
- ACCEPT all -- anywhere anywhere ctstate DNAT /* !fw3: Accept port redirections */
- zone_wan_src_REJECT all -- anywhere anywhere /* !fw3 */
- Chain zone_wan_output (2 references)
- target prot opt source destination
- output_wan_rule all -- anywhere anywhere /* !fw3: Custom wan output rule chain */
- zone_wan_dest_ACCEPT all -- anywhere anywhere /* !fw3 */
- Chain zone_wan_src_REJECT (1 references)
- target prot opt source destination
- reject all -- anywhere anywhere /* !fw3 */
- reject all -- anywhere anywhere /* !fw3 */
- ####################################################################
- Installed Packages
- adblock - 3.5.5-3
- ath10k-firmware-qca4019 - 2018-05-12-952afa49-1
- base-files - 194.2-r7676-cddd7b4c77
- bash - 4.4.18-2
- busybox - 1.28.4-3
- ddns-scripts - 2.7.8-1
- ddns-scripts_no-ip_com - 2.7.8-1
- dnsmasq-full - 2.80-1.4
- firewall - 2018-08-13-1c4d5bcd-1
- fstools - 2018-12-28-af93f4b8-3
- fwtool - 1
- hostapd-common - 2018-05-21-62566bc2-5
- ip6tables - 1.6.2-1
- ipset - 6.38-1
- iptables - 1.6.2-1
- iw - 4.14-1
- iwinfo - 2018-07-31-65b8333f-1
- jshn - 2018-07-25-c83a84af-2
- jsonfilter - 2018-02-04-c7e938d6-1
- kernel - 4.14.95-1-3e42ea4c9976fef2dddc0dc55922a58a
- kmod-ath - 4.14.95+2017-11-01-9
- kmod-ath10k - 4.14.95+2017-11-01-9
- kmod-cfg80211 - 4.14.95+2017-11-01-9
- kmod-gpio-button-hotplug - 4.14.95-2
- kmod-ip6tables - 4.14.95-1
- kmod-ipt-conntrack - 4.14.95-1
- kmod-ipt-core - 4.14.95-1
- kmod-ipt-ipset - 4.14.95-1
- kmod-ipt-nat - 4.14.95-1
- kmod-ipt-offload - 4.14.95-1
- kmod-leds-gpio - 4.14.95-1
- kmod-lib-crc-ccitt - 4.14.95-1
- kmod-mac80211 - 4.14.95+2017-11-01-9
- kmod-nf-conntrack - 4.14.95-1
- kmod-nf-conntrack-netlink - 4.14.95-1
- kmod-nf-conntrack6 - 4.14.95-1
- kmod-nf-flow - 4.14.95-1
- kmod-nf-ipt - 4.14.95-1
- kmod-nf-ipt6 - 4.14.95-1
- kmod-nf-nat - 4.14.95-1
- kmod-nf-reject - 4.14.95-1
- kmod-nf-reject6 - 4.14.95-1
- kmod-nfnetlink - 4.14.95-1
- kmod-nls-base - 4.14.95-1
- kmod-ppp - 4.14.95-1
- kmod-pppoe - 4.14.95-1
- kmod-pppox - 4.14.95-1
- kmod-slhc - 4.14.95-1
- kmod-tun - 4.14.95-1
- kmod-usb-core - 4.14.95-1
- kmod-usb-dwc3 - 4.14.95-1
- kmod-usb-dwc3-of-simple - 4.14.95-1
- kmod-usb-phy-qcom-dwc3 - 4.14.95-1
- kmod-usb3 - 4.14.95-1
- libblobmsg-json - 2018-07-25-c83a84af-2
- libc - 1.1.19-1
- libgcc - 7.3.0-1
- libgmp - 6.1.2-1
- libip4tc - 1.6.2-1
- libip6tc - 1.6.2-1
- libipset - 6.38-1
- libiwinfo - 2018-07-31-65b8333f-1
- libiwinfo-lua - 2018-07-31-65b8333f-1
- libjson-c - 0.12.1-2
- libjson-script - 2018-07-25-c83a84af-2
- liblua - 5.1.5-1
- liblucihttp - 2019-06-05-91c01c3c-1
- liblucihttp-lua - 2019-06-05-91c01c3c-1
- liblzo - 2.10-1
- libmbedtls - 2.16.1-1
- libmnl - 1.0.4-1
- libncurses - 6.1-1
- libnetfilter-conntrack - 2017-07-25-e8704326-1
- libnettle - 3.4-1
- libnfnetlink - 1.0.1-1
- libnl-tiny - 0.1-5
- libopenssl - 1.0.2s-1
- libpcap - 1.8.1-1
- libpcre - 8.41-2
- libpopt - 1.16-1
- libpopt - 1.16-1
- libpthread - 1.1.19-1
- libreadline - 7.0-1
- libstdcpp - 7.3.0-1
- libubox - 2018-07-25-c83a84af-2
- libubus - 2018-10-06-221ce7e7-1
- libubus-lua - 2018-10-06-221ce7e7-1
- libuci - 2019-05-17-f199b961-1
- libuclient - 2018-11-24-3ba74ebc-1
- libustream-mbedtls - 2018-07-30-23a3f283-1
- libxtables - 1.6.2-1
- logd - 2018-02-14-128bc35f-2
- lua - 5.1.5-1
- luci - git-19.156.63894-115c4e3-1
- luci-app-adblock - git-19.156.63894-115c4e3-1
- luci-app-ddns - 2.4.9-3
- luci-app-firewall - git-19.156.63894-115c4e3-1
- luci-app-openvpn - git-19.156.63894-115c4e3-1
- luci-app-vpnbypass - git-19.156.63894-115c4e3-4
- luci-base - git-19.156.63894-115c4e3-1
- luci-lib-ip - git-19.156.63894-115c4e3-1
- luci-lib-jsonc - git-19.156.63894-115c4e3-1
- luci-lib-nixio - git-19.156.63894-115c4e3-1
- luci-mod-admin-full - git-19.156.63894-115c4e3-1
- luci-proto-ipv6 - git-19.156.63894-115c4e3-1
- luci-proto-ppp - git-19.156.63894-115c4e3-1
- luci-theme-bootstrap - git-19.156.63894-115c4e3-1
- mtd - 23
- netifd - 2019-01-31-a2aba5c7-2.1
- nmap - 7.70-1
- odhcp6c - 2018-07-14-67ae6a71-15
- odhcpd-ipv6only - 1.15-3
- openssh-client - 7.7p1-1
- openssh-client-utils - 7.7p1-1
- openssh-keygen - 7.7p1-1
- openssh-server - 7.7p1-1
- openssh-sftp-server - 7.7p1-1
- openssl-util - 1.0.2s-1
- openvpn-easy-rsa - 3.0.4-1
- openvpn-openssl - 2.4.5-4.2
- openwrt-keyring - 2018-05-18-103a32e9-1
- opkg - 2019-01-18-7708a01a-1
- ppp - 2.4.7-12
- ppp-mod-pppoe - 2.4.7-12
- procd - 2018-03-28-dfb68f85-1
- rpcd - 2018-11-28-3aa81d0d-2
- rpcd-mod-rrdns - 20170710
- rsync - 3.1.3-1
- swconfig - 11
- tcpdump - 4.9.2-1
- terminfo - 6.1-1
- ubi-utils - 2.0.2-1
- ubox - 2018-02-14-128bc35f-2
- ubus - 2018-10-06-221ce7e7-1
- ubusd - 2018-10-06-221ce7e7-1
- uci - 2019-05-17-f199b961-1
- uclient-fetch - 2018-11-24-3ba74ebc-1
- uhttpd - 2018-11-28-cdfc902a-3
- usign - 2015-07-04-ef641914-1
- vim - 8.0.586-2
- vpnbypass - 1.3.1-1
- wireless-regdb - 2017-10-20-4343d359
- wpad-mini - 2018-05-21-62566bc2-5
- zlib - 1.2.11-2
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement