Advertisement
sicsscam

LisbonDaysINN

Jul 18th, 2014
278
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.47 KB | None | 0 0
  1. firewall {
  2. all-ping enable
  3. broadcast-ping disable
  4. ipv6-receive-redirects disable
  5. ipv6-src-route disable
  6. ip-src-route disable
  7. log-martians enable
  8. name Eth2-Guest {
  9. default-action drop
  10. description ""
  11. rule 1 {
  12. action drop
  13. description "block all protocols"
  14. destination {
  15. address 192.168.1.0/24
  16. }
  17. log enable
  18. protocol all
  19. }
  20. rule 2 {
  21. action drop
  22. description "block ping"
  23. destination {
  24. address 192.168.1.0/24
  25. }
  26. log disable
  27. protocol icmp
  28. }
  29. rule 3 {
  30. action accept
  31. log disable
  32. protocol all
  33. }
  34. }
  35. name WAN_IN {
  36. default-action drop
  37. description "WAN to internal"
  38. rule 10 {
  39. action accept
  40. state {
  41. established enable
  42. related enable
  43. }
  44. }
  45. rule 20 {
  46. action drop
  47. state {
  48. invalid enable
  49. }
  50. }
  51. }
  52. name WAN_LOCAL {
  53. default-action drop
  54. description "WAN to router"
  55. rule 10 {
  56. action accept
  57. state {
  58. established enable
  59. related enable
  60. }
  61. }
  62. rule 20 {
  63. action drop
  64. state {
  65. invalid enable
  66. }
  67. }
  68. }
  69. receive-redirects disable
  70. send-redirects enable
  71. source-validation disable
  72. syn-cookies enable
  73. }
  74. interfaces {
  75. ethernet eth0 {
  76. address 192.168.1.1/24
  77. description Local
  78. duplex auto
  79. speed auto
  80. }
  81. ethernet eth1 {
  82. address dhcp
  83. description Internet
  84. duplex auto
  85. firewall {
  86. in {
  87. name WAN_IN
  88. }
  89. local {
  90. name WAN_LOCAL
  91. }
  92. }
  93. speed auto
  94. }
  95. ethernet eth2 {
  96. address 192.168.2.1/24
  97. description "Local 2"
  98. duplex auto
  99. firewall {
  100. in {
  101. name Eth2-Guest
  102. }
  103. out {
  104. name Eth2-Guest
  105. }
  106. }
  107. speed auto
  108. }
  109. loopback lo {
  110. }
  111. }
  112. service {
  113. dhcp-server {
  114. disabled false
  115. hostfile-update disable
  116. shared-network-name LAN1 {
  117. authoritative disable
  118. subnet 192.168.1.0/24 {
  119. default-router 192.168.1.1
  120. dns-server 192.168.1.1
  121. lease 86400
  122. start 192.168.1.21 {
  123. stop 192.168.1.240
  124. }
  125. }
  126. }
  127. shared-network-name LAN2 {
  128. authoritative disable
  129. subnet 192.168.2.0/24 {
  130. default-router 192.168.2.1
  131. dns-server 192.168.2.1
  132. lease 86400
  133. start 192.168.2.21 {
  134. stop 192.168.2.240
  135. }
  136. }
  137. }
  138. }
  139. dns {
  140. forwarding {
  141. cache-size 150
  142. listen-on eth0
  143. listen-on eth2
  144. }
  145. }
  146. gui {
  147. https-port 443
  148. }
  149. nat {
  150. rule 5010 {
  151. outbound-interface eth1
  152. type masquerade
  153. }
  154. }
  155. ssh {
  156. port 22
  157. protocol-version v2
  158. }
  159. }
  160. system {
  161. host-name ubnt
  162. login {
  163. user ubnt {
  164. authentication {
  165. encrypted-password $1$zKNoUbAo$gomzUbYvgyUMcD436Wo66.
  166. }
  167. level admin
  168. }
  169. }
  170. ntp {
  171. server 0.ubnt.pool.ntp.org {
  172. }
  173. server 1.ubnt.pool.ntp.org {
  174. }
  175. server 2.ubnt.pool.ntp.org {
  176. }
  177. server 3.ubnt.pool.ntp.org {
  178. }
  179. }
  180. syslog {
  181. global {
  182. facility all {
  183. level notice
  184. }
  185. facility protocols {
  186. level debug
  187. }
  188. }
  189. }
  190. time-zone UTC
  191. }
  192.  
  193.  
  194. /* Warning: Do not remove the following line. */
  195. /* === vyatta-config-version: "config-management@1:conntrack@1:cron@1:dhcp-relay@1:dhcp-server@4:firewall@5:ipsec@3:nat@3:qos@1:quagga@2:system@4:ubnt-pptp@1:ubnt-util@1:vrrp@1:webgui@1:webproxy@1:zone-policy@1" === */
  196. /* Release version: v1.5.0.4677648.140620.1301 */
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement