API tools faq
paste
Guest User

Untitled

a guest
Jun 9th, 2020
32
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 39.50 KB | None | 0 0
raw download clone embed print report
  1. admin@Thuis:~$ show configuration | no-more
  2. firewall {
  3. all-ping enable
  4. broadcast-ping disable
  5. ipv6-name WANv6_IN {
  6. default-action drop
  7. description "WAN IPv6 naar LAN"
  8. rule 10 {
  9. action accept
  10. description "Allow established/related"
  11. state {
  12. established enable
  13. related enable
  14. }
  15. }
  16. rule 20 {
  17. action drop
  18. description "Drop invalid state"
  19. state {
  20. invalid enable
  21. }
  22. }
  23. rule 30 {
  24. action accept
  25. description "Allow IPv6 icmp"
  26. icmpv6 {
  27. type echo-request
  28. }
  29. protocol ipv6-icmp
  30. }
  31. }
  32. ipv6-name WANv6_LOCAL {
  33. default-action drop
  34. description "WAN IPv6 naar Router"
  35. rule 10 {
  36. action accept
  37. description "Allow established/related"
  38. state {
  39. established enable
  40. related enable
  41. }
  42. }
  43. rule 20 {
  44. action drop
  45. description "Drop invalid state"
  46. state {
  47. invalid enable
  48. }
  49. }
  50. rule 30 {
  51. action accept
  52. description "Allow IPv6 icmp"
  53. protocol ipv6-icmp
  54. }
  55. rule 40 {
  56. action accept
  57. description "Allow dhcpv6"
  58. destination {
  59. port 546
  60. }
  61. protocol udp
  62. source {
  63. port 547
  64. }
  65. }
  66. }
  67. ipv6-receive-redirects disable
  68. ipv6-src-route disable
  69. ip-src-route disable
  70. log-martians enable
  71. name WAN_IN {
  72. default-action drop
  73. description "WAN naar LAN"
  74. rule 10 {
  75. action accept
  76. description "Allow established/related"
  77. log disable
  78. state {
  79. established enable
  80. related enable
  81. }
  82. }
  83. rule 20 {
  84. action drop
  85. description "Drop invalid state"
  86. state {
  87. invalid enable
  88. }
  89. }
  90. }
  91. name WAN_LOCAL {
  92. default-action drop
  93. description "WAN naar Router"
  94. rule 10 {
  95. action accept
  96. description "Allow established/related"
  97. log disable
  98. state {
  99. established enable
  100. invalid disable
  101. new disable
  102. related enable
  103. }
  104. }
  105. rule 20 {
  106. action drop
  107. description "Drop invalid state"
  108. state {
  109. established disable
  110. invalid enable
  111. new disable
  112. related disable
  113. }
  114. }
  115. }
  116. receive-redirects disable
  117. send-redirects enable
  118. source-validation disable
  119. syn-cookies enable
  120. }
  121. interfaces {
  122. ethernet eth0 {
  123. description FTTH
  124. duplex auto
  125. mtu 1512
  126. speed auto
  127. vif 4 {
  128. address dhcp
  129. description "KPN IPTV"
  130. dhcp-options {
  131. client-option "send vendor-class-identifier "IPTV_RG";
  132. "
  133. client-option "request subnet-mask, routers, rfc3442-classless-s
  134. tatic-routes;"
  135. default-route no-update
  136. default-route-distance 210
  137. name-server update
  138. }
  139. mtu 1500
  140. }
  141. vif 6 {
  142. description "KPN Internet"
  143. mtu 1508
  144. pppoe 0 {
  145. default-route auto
  146. dhcpv6-pd {
  147. no-dns
  148. pd 0 {
  149. interface switch0 {
  150. host-address ::1
  151. prefix-id :1
  152. service slaac
  153. }
  154. prefix-length /48
  155. }
  156. rapid-commit enable
  157. }
  158. firewall {
  159. in {
  160. ipv6-name WANv6_IN
  161. name WAN_IN
  162. }
  163. local {
  164. ipv6-name WANv6_LOCAL
  165. name WAN_LOCAL
  166. }
  167. }
  168. idle-timeout 180
  169. ipv6 {
  170. address {
  171. autoconf
  172. }
  173. dup-addr-detect-transmits 1
  174. enable {
  175. }
  176. }
  177. mtu 1500
  178. name-server auto
  179. password ****************
  180. user-id 74-83-c2-72-b2-e7@internet
  181. }
  182. }
  183. }
  184. ethernet eth1 {
  185. address 192.168.4.254/24
  186. description IPTV
  187. duplex auto
  188. speed auto
  189. }
  190. ethernet eth2 {
  191. description "Poort 2 TV woonkamer"
  192. duplex auto
  193. speed auto
  194. }
  195. ethernet eth3 {
  196. description "Poort 3 gaming pc woonkamer"
  197. duplex auto
  198. speed auto
  199. }
  200. ethernet eth4 {
  201. description "Poort 4 Accesspoint woonkamer"
  202. duplex auto
  203. speed auto
  204. }
  205. ethernet eth5 {
  206. description "Poort 5 uplink 2e verdieping switch"
  207. duplex auto
  208. speed auto
  209. }
  210. ethernet eth6 {
  211. duplex auto
  212. speed auto
  213. }
  214. ethernet eth7 {
  215. duplex auto
  216. speed auto
  217. }
  218. ethernet eth8 {
  219. duplex auto
  220. speed auto
  221. }
  222. ethernet eth9 {
  223. description "Poort 9 Accesspoint 2de verdieping"
  224. duplex auto
  225. poe {
  226. output off
  227. }
  228. speed auto
  229. }
  230. loopback lo {
  231. }
  232. switch switch0 {
  233. address 192.168.178.254/24
  234. description "Thuis netwerk"
  235. ipv6 {
  236. dup-addr-detect-transmits 1
  237. router-advert {
  238. cur-hop-limit 64
  239. link-mtu 0
  240. managed-flag false
  241. max-interval 600
  242. name-server 2a02:a47f:e000::53
  243. name-server 2a02:a47f:e000::54
  244. other-config-flag false
  245. prefix ::/64 {
  246. autonomous-flag true
  247. on-link-flag true
  248. valid-lifetime 2592000
  249. }
  250. radvd-options "RDNSS 2a02:a47f:e000::53 2a02:a47f:e000::54 {};"
  251. reachable-time 0
  252. retrans-timer 0
  253. send-advert true
  254. }
  255. }
  256. mtu 1500
  257. switch-port {
  258. interface eth2 {
  259. }
  260. interface eth3 {
  261. }
  262. interface eth4 {
  263. }
  264. interface eth5 {
  265. }
  266. interface eth6 {
  267. }
  268. interface eth7 {
  269. }
  270. interface eth8 {
  271. }
  272. interface eth9 {
  273. }
  274. vlan-aware disable
  275. }
  276. }
  277. }
  278. port-forward {
  279. auto-firewall enable
  280. hairpin-nat enable
  281. lan-interface switch0
  282. rule 1 {
  283. description "CSGO s01 port"
  284. forward-to {
  285. address 192.168.178.10
  286. port 27015
  287. }
  288. original-port 27015
  289. protocol tcp_udp
  290. }
  291. rule 2 {
  292. description "TeamSpeak s01 port"
  293. forward-to {
  294. address 192.168.178.10
  295. port 9987
  296. }
  297. original-port 9987
  298. protocol tcp_udp
  299. }
  300. rule 3 {
  301. description "http s01 port"
  302. forward-to {
  303. address 192.168.178.10
  304. port 80
  305. }
  306. original-port 80
  307. protocol tcp_udp
  308. }
  309. rule 4 {
  310. description "https s01 port"
  311. forward-to {
  312. address 192.168.178.10
  313. port 443
  314. }
  315. original-port 443
  316. protocol tcp_udp
  317. }
  318. rule 5 {
  319. description "ftp s01"
  320. forward-to {
  321. address 192.168.178.10
  322. port 21
  323. }
  324. original-port 21
  325. protocol tcp_udp
  326. }
  327. wan-interface pppoe0
  328. }
  329. protocols {
  330. igmp-proxy {
  331. interface eth0.4 {
  332. alt-subnet 0.0.0.0/0
  333. role upstream
  334. threshold 1
  335. }
  336. interface eth1 {
  337. alt-subnet 192.168.4.0/24
  338. role downstream
  339. threshold 1
  340. }
  341. }
  342. static {
  343. interface-route6 ::/0 {
  344. next-hop-interface pppoe0 {
  345. }
  346. }
  347. }
  348. }
  349. service {
  350. dhcp-server {
  351. disabled false
  352. global-parameters "option vendor-class-identifier code 60 = string;"
  353. global-parameters "option broadcast-address code 28 = ip-address;"
  354. hostfile-update disable
  355. shared-network-name IPTV {
  356. authoritative enable
  357. subnet 192.168.4.0/24 {
  358. default-router 192.168.4.254
  359. dns-server 192.168.4.254
  360. domain-name iptv.local
  361. lease 86400
  362. start 192.168.4.1 {
  363. stop 192.168.4.253
  364. }
  365. }
  366. }
  367. shared-network-name Thuis {
  368. authoritative enable
  369. subnet 192.168.178.0/24 {
  370. default-router 192.168.178.254
  371. dns-server 192.168.178.12
  372. dns-server 195.121.1.66
  373. lease 86400
  374. start 192.168.178.50 {
  375. stop 192.168.178.199
  376. }
  377. }
  378. }
  379. static-arp disable
  380. use-dnsmasq enable
  381. }
  382. dns {
  383. forwarding {
  384. cache-size 4000
  385. listen-on switch0
  386. listen-on eth1
  387. name-server 195.121.1.34
  388. name-server 195.121.1.66
  389. name-server 2a02:a47f:e000::53
  390. name-server 2a02:a47f:e000::54
  391. options listen-address=192.168.2.254
  392. }
  393. }
  394. gui {
  395. http-port 80
  396. https-port 443
  397. older-ciphers enable
  398. }
  399. nat {
  400. rule 5000 {
  401. description IPTV
  402. destination {
  403. address 213.75.112.0/21
  404. }
  405. log disable
  406. outbound-interface eth0.4
  407. protocol all
  408. source {
  409. address 192.168.4.0/24
  410. }
  411. type masquerade
  412. }
  413. rule 5010 {
  414. description Internet
  415. log disable
  416. outbound-interface pppoe0
  417. protocol all
  418. type masquerade
  419. }
  420. }
  421. ssh {
  422. port 22
  423. protocol-version v2
  424. }
  425. telnet {
  426. port 23
  427. }
  428. unms {
  429. connection wss://fuuv.unmsapp.com:443+jPl-KLNm_NmUFVXgLpvB8u0Yf8huRUyZKK
  430. Qu2dAjVBwAAAAA+allowUntrustedCertificate
  431. }
  432. }
  433. system {
  434. conntrack {
  435. expect-table-size 2048
  436. hash-size 32768
  437. modules {
  438. sip {
  439. disable
  440. }
  441. }
  442. table-size 262144
  443. }
  444. domain-name thuis.local
  445. host-name Thuis
  446. login {
  447. user admin {
  448. authentication {
  449. encrypted-password ****************
  450. plaintext-password ****************
  451. }
  452. full-name admin
  453. level admin
  454. }
  455. }
  456. name-server 127.0.0.1
  457. ntp {
  458. server 0.nl.pool.ntp.org {
  459. }
  460. server 1.nl.pool.ntp.org {
  461. }
  462. server ntp0.nl.net {
  463. }
  464. server ntp1.nl.net {
  465. }
  466. server time.kpn.net {
  467. }
  468. }
  469. offload {
  470. hwnat enable
  471. }
  472. syslog {
  473. global {
  474. facility all {
  475. level notice
  476. }
  477. facility protocols {
  478. level debug
  479. }
  480. }
  481. }
  482. time-zone Europe/Amsterdam
  483. traffic-analysis {
  484. dpi disable
  485. export disable
  486. }
  487. }
  488. traffic-control {
  489. optimized-queue {
  490. policy global
  491. policy queues
  492. }
  493. }
  494. admin@Thuis:~$
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!