Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- config dnsmasq
- option domainneeded '1'
- option boguspriv '1'
- option filterwin2k '0'
- option localise_queries '1'
- option rebind_protection '1'
- option rebind_localhost '1'
- option local '/lan/'
- option domain 'lan'
- option expandhosts '1'
- option nonegcache '0'
- option authoritative '1'
- option readethers '1'
- option leasefile '/tmp/dhcp.leases'
- option resolvfile '/tmp/resolv.conf.auto'
- option nonwildcard '1'
- option localservice '1'
- config dhcp 'lan'
- option interface 'lan'
- option start '100'
- option limit '150'
- option leasetime '12h'
- option dhcpv6 'server'
- option ra 'server'
- list dhcp_option '6,10.64.0.1'
- option ra_management '1'
- config dhcp 'wan'
- option interface 'wan'
- option ignore '1'
- config odhcpd 'odhcpd'
- option maindhcp '0'
- option leasefile '/tmp/hosts/odhcpd'
- option leasetrigger '/usr/sbin/odhcpd-update'
- option loglevel '4'
- config dropbear
- option PasswordAuth 'on'
- option Port '22'
- option Interface 'lan'
- config defaults
- option syn_flood '1'
- option input 'ACCEPT'
- option output 'ACCEPT'
- option forward 'REJECT'
- config zone
- option name 'lan'
- list network 'lan'
- option input 'ACCEPT'
- option output 'ACCEPT'
- option forward 'ACCEPT'
- config zone
- option name 'wan'
- list network 'wan'
- list network 'wan6'
- option output 'ACCEPT'
- option masq '1'
- option mtu_fix '1'
- option input 'REJECT'
- option forward 'REJECT'
- config rule
- option name 'Allow-DHCP-Renew'
- option src 'wan'
- option proto 'udp'
- option dest_port '68'
- option target 'ACCEPT'
- option family 'ipv4'
- config rule
- option name 'Allow-Ping'
- option src 'wan'
- option proto 'icmp'
- option icmp_type 'echo-request'
- option family 'ipv4'
- option target 'ACCEPT'
- config rule
- option name 'Allow-IGMP'
- option src 'wan'
- option proto 'igmp'
- option family 'ipv4'
- option target 'ACCEPT'
- config rule
- option name 'Allow-DHCPv6'
- option src 'wan'
- option proto 'udp'
- option src_ip 'fc00::/6'
- option dest_ip 'fc00::/6'
- option dest_port '546'
- option family 'ipv6'
- option target 'ACCEPT'
- config rule
- option name 'Allow-MLD'
- option src 'wan'
- option proto 'icmp'
- option src_ip 'fe80::/10'
- list icmp_type '130/0'
- list icmp_type '131/0'
- list icmp_type '132/0'
- list icmp_type '143/0'
- option family 'ipv6'
- option target 'ACCEPT'
- config rule
- option name 'Allow-ICMPv6-Input'
- option src 'wan'
- option proto 'icmp'
- list icmp_type 'echo-request'
- list icmp_type 'echo-reply'
- list icmp_type 'destination-unreachable'
- list icmp_type 'packet-too-big'
- list icmp_type 'time-exceeded'
- list icmp_type 'bad-header'
- list icmp_type 'unknown-header-type'
- list icmp_type 'router-solicitation'
- list icmp_type 'neighbour-solicitation'
- list icmp_type 'router-advertisement'
- list icmp_type 'neighbour-advertisement'
- option limit '1000/sec'
- option family 'ipv6'
- option target 'ACCEPT'
- config rule
- option name 'Allow-ICMPv6-Forward'
- option src 'wan'
- option dest '*'
- option proto 'icmp'
- list icmp_type 'echo-request'
- list icmp_type 'echo-reply'
- list icmp_type 'destination-unreachable'
- list icmp_type 'packet-too-big'
- list icmp_type 'time-exceeded'
- list icmp_type 'bad-header'
- list icmp_type 'unknown-header-type'
- option limit '1000/sec'
- option family 'ipv6'
- option target 'ACCEPT'
- config rule
- option name 'Allow-IPSec-ESP'
- option src 'wan'
- option dest 'lan'
- option proto 'esp'
- option target 'ACCEPT'
- config rule
- option name 'Allow-ISAKMP'
- option src 'wan'
- option dest 'lan'
- option dest_port '500'
- option proto 'udp'
- option target 'ACCEPT'
- config include
- option path '/etc/firewall.user'
- config zone
- option name 'WGZONE'
- option mtu_fix '1'
- option masq '1'
- option output 'ACCEPT'
- option network 'WGINTERFACE'
- option input 'REJECT'
- option forward 'REJECT'
- config forwarding
- option dest 'WGZONE'
- option src 'lan'
- config redirect
- option name 'Mullvad'
- option src_dport '4764'
- option target 'DNAT'
- option src 'WGZONE'
- option dest 'lan'
- config core 'main'
- option lang 'auto'
- option mediaurlbase '/luci-static/bootstrap'
- option resourcebase '/luci-static/resources'
- config extern 'flash_keep'
- option uci '/etc/config/'
- option dropbear '/etc/dropbear/'
- option openvpn '/etc/openvpn/'
- option passwd '/etc/passwd'
- option opkg '/etc/opkg.conf'
- option firewall '/etc/firewall.user'
- option uploads '/lib/uci/upload/'
- config internal 'languages'
- config internal 'sauth'
- option sessionpath '/tmp/luci-sessions'
- option sessiontime '3600'
- config internal 'ccache'
- option enable '1'
- config internal 'themes'
- option Bootstrap '/luci-static/bootstrap'
- config internal 'apply'
- option rollback '30'
- option holdoff '4'
- option timeout '5'
- option display '1.5'
- config internal 'diag'
- option dns 'openwrt.org'
- option ping 'openwrt.org'
- option route 'openwrt.org'
- config core main
- option lang auto
- option mediaurlbase /luci-static/bootstrap
- option resourcebase /luci-static/resources
- option ubuspath /ubus/
- config extern flash_keep
- option uci "/etc/config/"
- option dropbear "/etc/dropbear/"
- option openvpn "/etc/openvpn/"
- option passwd "/etc/passwd"
- option opkg "/etc/opkg.conf"
- option firewall "/etc/firewall.user"
- option uploads "/lib/uci/upload/"
- config internal languages
- config internal sauth
- option sessionpath "/tmp/luci-sessions"
- option sessiontime 3600
- config internal ccache
- option enable 1
- config internal themes
- config internal apply
- option rollback 90
- option holdoff 4
- option timeout 5
- option display 1.5
- config interface 'loopback'
- option ifname 'lo'
- option proto 'static'
- option ipaddr '127.0.0.1'
- option netmask '255.0.0.0'
- config globals 'globals'
- option ula_prefix 'fdb6:3082:3116::/48'
- config interface 'lan'
- option type 'bridge'
- option ifname 'eth0.1'
- option proto 'static'
- option netmask '255.255.255.0'
- option ip6assign '60'
- option ipaddr '192.168.0.2'
- config device 'lan_eth0_1_dev'
- option name 'eth0.1'
- option macaddr '18:d6:c7:51:6e:c4'
- config interface 'wan'
- option ifname 'eth0.2'
- option proto 'dhcp'
- option macaddr 'D8:CB:8A:F1:FA:00'
- config device 'wan_eth0_2_dev'
- option name 'eth0.2'
- option macaddr '18:d6:c7:51:6e:c5'
- config interface 'wan6'
- option ifname 'eth0.2'
- option proto 'dhcpv6'
- option reqprefix 'auto'
- option reqaddress 'try'
- option macaddr 'D8:CB:8A:F1:FA:00'
- config switch
- option name 'switch0'
- option reset '1'
- option enable_vlan '1'
- option ar8xxx_mib_type '0'
- option ar8xxx_mib_poll_interval '500'
- config switch_vlan
- option device 'switch0'
- option vlan '1'
- option ports '1 2 3 4 0t'
- config switch_vlan
- option device 'switch0'
- option vlan '2'
- option ports '5 0t'
- config interface 'WGINTERFACE'
- option proto 'wireguard'
- option private_key 'REMOVED'
- option listen_port '51820'
- list addresses 'REMOVED'
- option force_link '1'
- config wireguard_WGINTERFACE
- option public_key 'REMOVED'
- option description 'nl'
- option persistent_keepalive '25'
- option endpoint_port '51820'
- list allowed_ips '0.0.0.0/0'
- option route_allowed_ips '1'
- option endpoint_host 'REMOVED'
- config rpcd
- option socket /var/run/ubus.sock
- option timeout 30
- config login
- option username 'root'
- option password '$p$root'
- list read '*'
- list write '*'
- config system
- option hostname 'OpenWrt'
- option ttylogin '0'
- option log_size '64'
- option urandom_seed '0'
- option log_proto 'udp'
- option conloglevel '8'
- option cronloglevel '5'
- option timezone 'GMT0'
- option zonename 'Etc/GMT'
- config timeserver 'ntp'
- list server '0.openwrt.pool.ntp.org'
- list server '1.openwrt.pool.ntp.org'
- list server '2.openwrt.pool.ntp.org'
- list server '3.openwrt.pool.ntp.org'
- config led 'led_wlan'
- option name 'WLAN'
- option sysfs 'tp-link:green:wlan'
- option trigger 'phy0tpt'
- config led 'led_wan'
- option name 'WAN'
- option sysfs 'tp-link:green:wan'
- option trigger 'switch0'
- option port_mask '0x20'
- config led 'led_lan1'
- option name 'LAN1'
- option sysfs 'tp-link:green:lan1'
- option trigger 'switch0'
- option port_mask '0x10'
- config led 'led_lan2'
- option name 'LAN2'
- option sysfs 'tp-link:green:lan2'
- option trigger 'switch0'
- option port_mask '0x08'
- config led 'led_lan3'
- option name 'LAN3'
- option sysfs 'tp-link:green:lan3'
- option trigger 'switch0'
- option port_mask '0x04'
- config led 'led_lan4'
- option name 'LAN4'
- option sysfs 'tp-link:green:lan4'
- option trigger 'switch0'
- option port_mask '0x02'
- config led 'led_usb'
- option name 'USB'
- option sysfs 'tp-link:green:usb'
- option trigger 'usbport'
- list port 'usb1-port1'
- config network
- option init network
- list affects dhcp
- list affects radvd
- config wireless
- list affects network
- config firewall
- option init firewall
- list affects luci-splash
- list affects qos
- list affects miniupnpd
- config olsr
- option init olsrd
- config dhcp
- option init dnsmasq
- list affects odhcpd
- config odhcpd
- option init odhcpd
- config dropbear
- option init dropbear
- config httpd
- option init httpd
- config fstab
- option exec '/sbin/block mount'
- config qos
- option init qos
- config system
- option init led
- option exec '/etc/init.d/log reload'
- list affects luci_statistics
- list affects dhcp
- config luci_splash
- option init luci_splash
- config upnpd
- option init miniupnpd
- config ntpclient
- option init ntpclient
- config samba
- option init samba
- config tinyproxy
- option init tinyproxy
- # Server configuration
- config uhttpd main
- # HTTP listen addresses, multiple allowed
- list listen_http 0.0.0.0:80
- list listen_http [::]:80
- # HTTPS listen addresses, multiple allowed
- list listen_https 0.0.0.0:443
- list listen_https [::]:443
- # Redirect HTTP requests to HTTPS if possible
- option redirect_https 1
- # Server document root
- option home /www
- # Reject requests from RFC1918 IP addresses
- # directed to the servers public IP(s).
- # This is a DNS rebinding countermeasure.
- option rfc1918_filter 1
- # Maximum number of concurrent requests.
- # If this number is exceeded, further requests are
- # queued until the number of running requests drops
- # below the limit again.
- option max_requests 3
- # Maximum number of concurrent connections.
- # If this number is exceeded, further TCP connection
- # attempts are queued until the number of active
- # connections drops below the limit again.
- option max_connections 100
- # Certificate and private key for HTTPS.
- # If no listen_https addresses are given,
- # the key options are ignored.
- option cert /etc/uhttpd.crt
- option key /etc/uhttpd.key
- # CGI url prefix, will be searched in docroot.
- # Default is /cgi-bin
- option cgi_prefix /cgi-bin
- # List of extension->interpreter mappings.
- # Files with an associated interpreter can
- # be called outside of the CGI prefix and do
- # not need to be executable.
- # list interpreter ".php=/usr/bin/php-cgi"
- # list interpreter ".cgi=/usr/bin/perl"
- # List of prefix->Lua handler mappings.
- # Any request to an URL beneath the prefix
- # will be dispatched to the associated Lua
- # handler script. Lua support is disabled when
- # no handler mappings are specified. Lua prefix
- # matches have precedence over the CGI prefix.
- list lua_prefix "/cgi-bin/luci=/usr/lib/lua/luci/sgi/uhttpd.lua"
- # Specify the ubus-rpc prefix and socket path.
- # option ubus_prefix /ubus
- # option ubus_socket /var/run/ubus.sock
- # CGI/Lua timeout, if the called script does not
- # write data within the given amount of seconds,
- # the server will terminate the request with
- # 504 Gateway Timeout response.
- option script_timeout 60
- # Network timeout, if the current connection is
- # blocked for the specified amount of seconds,
- # the server will terminate the associated
- # request process.
- option network_timeout 30
- # HTTP Keep-Alive, specifies the timeout for persistent
- # HTTP/1.1 connections. Setting this to 0 will disable
- # persistent HTTP connections.
- option http_keepalive 20
- # TCP Keep-Alive, send periodic keep-alive probes
- # over established connections to detect dead peers.
- # The value is given in seconds to specify the
- # interval between subsequent probes.
- # Setting this to 0 will disable TCP keep-alive.
- option tcp_keepalive 1
- # Basic auth realm, defaults to local hostname
- # option realm OpenWrt
- # Configuration file in busybox httpd format
- # option config /etc/httpd.conf
- # Do not follow symlinks that point outside of the
- # home directory.
- # option no_symlinks 0
- # Do not produce directory listings but send 403
- # instead if a client requests an url pointing to
- # a directory without any index file.
- # option no_dirlists 0
- # Do not authenticate any ubus-rpc requests against
- # the ubus session/access procedure.
- # This is dangerous and should be always left off
- # except for development and debug purposes!
- # option no_ubusauth 0
- # For this instance of uhttpd use the listed httpauth
- # sections to require Basic auth to the specified
- # resources.
- # list httpauth prefix_user
- # Defaults for automatic certificate and key generation
- config cert defaults
- # Validity time
- option days 730
- # key type: rsa or ec
- option key_type rsa
- # RSA key size
- option bits 2048
- # EC curve name
- # Curve names vary between mbedtls/px5g and openssl
- # P-256 or P-384 are guaranteed to work
- option ec_curve P-256
- # Location
- option country ZZ
- option state Somewhere
- option location Unknown
- # Common name
- option commonname 'OpenWrt'
- # config httpauth prefix_user
- # option prefix /protected/url/path
- # option username user
- # option password 'plaintext_or_md5_or_$p$user_for_system_user'
- config wifi-device 'radio0'
- option type 'mac80211'
- option channel '11'
- option hwmode '11g'
- option htmode 'HT20'
- option path 'platform/ahb/18100000.wmac'
- config wifi-iface 'default_radio0'
- option device 'radio0'
- option network 'lan'
- option mode 'ap'
- option ssid 'OpenWrt'
- option key 'x'
- option encryption 'psk2'
Add Comment
Please, Sign In to add comment