Advertisement
Guest User

Untitled

a guest
Apr 20th, 2019
101
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. firewall.@defaults[0]=defaults
  2. firewall.@defaults[0].syn_flood='1'
  3. firewall.@defaults[0].input='ACCEPT'
  4. firewall.@defaults[0].output='ACCEPT'
  5. firewall.@defaults[0].forward='REJECT'
  6. firewall.@zone[0]=zone
  7. firewall.@zone[0].name='lan'
  8. firewall.@zone[0].input='ACCEPT'
  9. firewall.@zone[0].output='ACCEPT'
  10. firewall.@zone[0].forward='ACCEPT'
  11. firewall.@zone[0].network='lan'
  12. firewall.@zone[0].log='1'
  13. firewall.@zone[0].log_limit='10/second'
  14. firewall.@zone[1]=zone
  15. firewall.@zone[1].name='wan'
  16. firewall.@zone[1].input='REJECT'
  17. firewall.@zone[1].output='ACCEPT'
  18. firewall.@zone[1].forward='REJECT'
  19. firewall.@zone[1].masq='1'
  20. firewall.@zone[1].mtu_fix='1'
  21. firewall.@zone[1].network='wan wan6'
  22. firewall.@forwarding[0]=forwarding
  23. firewall.@forwarding[0].src='lan'
  24. firewall.@forwarding[0].dest='wan'
  25. firewall.@rule[0]=rule
  26. firewall.@rule[0].name='Allow-DHCP-Renew'
  27. firewall.@rule[0].src='wan'
  28. firewall.@rule[0].proto='udp'
  29. firewall.@rule[0].dest_port='68'
  30. firewall.@rule[0].target='ACCEPT'
  31. firewall.@rule[0].family='ipv4'
  32. firewall.@rule[1]=rule
  33. firewall.@rule[1].name='Allow-Ping'
  34. firewall.@rule[1].src='wan'
  35. firewall.@rule[1].proto='icmp'
  36. firewall.@rule[1].icmp_type='echo-request'
  37. firewall.@rule[1].family='ipv4'
  38. firewall.@rule[1].target='ACCEPT'
  39. firewall.@rule[2]=rule
  40. firewall.@rule[2].name='Allow-IGMP'
  41. firewall.@rule[2].src='wan'
  42. firewall.@rule[2].proto='igmp'
  43. firewall.@rule[2].family='ipv4'
  44. firewall.@rule[2].target='ACCEPT'
  45. firewall.@rule[3]=rule
  46. firewall.@rule[3].name='Allow-DHCPv6'
  47. firewall.@rule[3].src='wan'
  48. firewall.@rule[3].proto='udp'
  49. firewall.@rule[3].src_ip='fc00::/6'
  50. firewall.@rule[3].dest_ip='fc00::/6'
  51. firewall.@rule[3].dest_port='546'
  52. firewall.@rule[3].family='ipv6'
  53. firewall.@rule[3].target='ACCEPT'
  54. firewall.@rule[4]=rule
  55. firewall.@rule[4].name='Allow-MLD'
  56. firewall.@rule[4].src='wan'
  57. firewall.@rule[4].proto='icmp'
  58. firewall.@rule[4].src_ip='fe80::/10'
  59. firewall.@rule[4].icmp_type='130/0' '131/0' '132/0' '143/0'
  60. firewall.@rule[4].family='ipv6'
  61. firewall.@rule[4].target='ACCEPT'
  62. firewall.@rule[5]=rule
  63. firewall.@rule[5].name='Allow-ICMPv6-Input'
  64. firewall.@rule[5].src='wan'
  65. firewall.@rule[5].proto='icmp'
  66. firewall.@rule[5].icmp_type='echo-request' 'echo-reply' 'destination-unreachable' 'packet-too-big' 'time-exceeded' 'bad-header' 'unknown-header-type' 'router-solicitation' 'neighbour-solicitation' 'router-advertisement' 'neighbour-advertisement'
  67. firewall.@rule[5].limit='1000/sec'
  68. firewall.@rule[5].family='ipv6'
  69. firewall.@rule[5].target='ACCEPT'
  70. firewall.@rule[6]=rule
  71. firewall.@rule[6].name='Allow-ICMPv6-Forward'
  72. firewall.@rule[6].src='wan'
  73. firewall.@rule[6].dest='*'
  74. firewall.@rule[6].proto='icmp'
  75. firewall.@rule[6].icmp_type='echo-request' 'echo-reply' 'destination-unreachable' 'packet-too-big' 'time-exceeded' 'bad-header' 'unknown-header-type'
  76. firewall.@rule[6].limit='1000/sec'
  77. firewall.@rule[6].family='ipv6'
  78. firewall.@rule[6].target='ACCEPT'
  79. firewall.@rule[7]=rule
  80. firewall.@rule[7].name='Allow-IPSec-ESP'
  81. firewall.@rule[7].src='wan'
  82. firewall.@rule[7].dest='lan'
  83. firewall.@rule[7].proto='esp'
  84. firewall.@rule[7].target='ACCEPT'
  85. firewall.@rule[8]=rule
  86. firewall.@rule[8].name='Allow-ISAKMP'
  87. firewall.@rule[8].src='wan'
  88. firewall.@rule[8].dest='lan'
  89. firewall.@rule[8].dest_port='500'
  90. firewall.@rule[8].proto='udp'
  91. firewall.@rule[8].target='ACCEPT'
  92. firewall.@include[0]=include
  93. firewall.@include[0].path='/etc/firewall.user'
  94. firewall.@zone[2]=zone
  95. firewall.@zone[2].name='guest'
  96. firewall.@zone[2].forward='REJECT'
  97. firewall.@zone[2].output='ACCEPT'
  98. firewall.@zone[2].network='guest'
  99. firewall.@zone[2].input='REJECT'
  100. firewall.@forwarding[1]=forwarding
  101. firewall.@forwarding[1].dest='wan'
  102. firewall.@forwarding[1].src='guest'
  103. firewall.@rule[9]=rule
  104. firewall.@rule[9].target='ACCEPT'
  105. firewall.@rule[9].proto='tcp udp'
  106. firewall.@rule[9].dest_port='53'
  107. firewall.@rule[9].name='Guest DNS'
  108. firewall.@rule[9].src='guest'
  109. firewall.@rule[10]=rule
  110. firewall.@rule[10].target='ACCEPT'
  111. firewall.@rule[10].proto='udp'
  112. firewall.@rule[10].dest_port='67-68'
  113. firewall.@rule[10].name='Guest DHCP'
  114. firewall.@rule[10].src='guest'
  115. firewall.@rule[11]=rule
  116. firewall.@rule[11].target='ACCEPT'
  117. firewall.@rule[11].proto='tcp udp'
  118. firewall.@rule[11].dest_port='53'
  119. firewall.@rule[11].name='ben LAN DNS'
  120. firewall.@rule[11].src='lan'
  121. firewall.@rule[12]=rule
  122. firewall.@rule[12].enabled='1'
  123. firewall.@rule[12].target='ACCEPT'
  124. firewall.@rule[12].proto='tcp udp'
  125. firewall.@rule[12].dest_port='67-68'
  126. firewall.@rule[12].name='ben LAN DHCP'
  127. firewall.@rule[12].src='lan'
  128. firewall.@redirect[0]=# ... a couple of port forwards I don't think relevant
Advertisement
RAW Paste Data Copied
Advertisement