interfaces { ethernet eth0 { address <sanitised> address

1. interfaces {
2. ethernet eth0 {
3. address <sanitised>
4. address <sanitised>
5. description LAN
6. duplex auto
7. hw-id <sanitised>
8. ip {
9. ospf {
10. dead-interval 40
11. hello-interval 10
12. priority 1
13. retransmit-interval 5
14. transmit-delay 1
15. }
16. }
17. policy {
18. route Servers_Out
19. }
20. smp_affinity auto
21. speed auto
22. }
23. ethernet eth1 {
24. address <sanitised>
25. description DMZ
26. duplex auto
27. hw-id <sanitised>
28. policy {
29. route DMZ_out
30. }
31. smp_affinity auto
32. speed auto
33. }
34. ethernet eth2 {
35. address <sanitised>
36. description DSL
37. duplex auto
38. hw-id <sanitised>
39. pppoe 0 {
40. default-route none
41. firewall {
42. in {
43. name Servers-In
44. }
45. local {
46. name Router
47. }
48. out {
49. name Outbound
50. }
51. }
52. mtu 1492
53. name-server none
54. password <sanitised>
55. user-id <sanitised>
56. }
57. smp_affinity auto
58. speed auto
59. }
60. ethernet eth3 {
61. address dhcp
62. description Cable
63. duplex auto
64. firewall {
65. in {
66. name Clients-In
67. }
68. local {
69. name Router
70. }
71. out {
72. name Outbound
73. }
74. }
75. hw-id <sanitised>
76. smp_affinity auto
77. speed auto
78. }
79. tunnel tun0 {
80. address <sanitised>
81. description "HE.NET IPv6 Tunnel"
82. disable
83. encapsulation sit
84. local-ip <sanitised>
85. multicast disable
86. remote-ip <sanitised>
87. }
88. }
89. nat {
90. destination {
91. rule 100 {
92. description "SSL Filter"
93. destination {
94. address <sanitised>
95. port <sanitised>
96. }
97. disable
98. inbound-interface pppoe0
99. log enable
100. protocol tcp
101. translation {
102. address <sanitised>
103. }
104. }
105. rule 101 {
106. description "SMTP Filter"
107. destination {
108. address <sanitised>
109. port <sanitised>
110. }
111. inbound-interface pppoe0
112. log enable
113. protocol tcp
114. translation {
115. address <sanitised>
116. }
117. }
118. rule 146 {
119. description "Web Server"
120. destination {
121. address <sanitised>
122. port <sanitised>
123. }
124. inbound-interface pppoe0
125. log enable
126. protocol tcp
127. translation {
128. address <sanitised>
129. }
130. }
131. ......... <sanitised> .........
132. ......... You don't need to know my other NAT rules .......
133. }
134. source {
135. rule 1146 {
136. description "Web Server"
137. log enable
138. outbound-interface pppoe0
139. protocol tcp
140. source {
141. address <sanitised>
142. }
143. translation {
144. address <sanitised>
145. }
146. }
147. rule 1150 {
148. description VyOS
149. log enable
150. outbound-interface pppoe0
151. protocol tcp
152. source {
153. address <sanitised>
154. }
155. translation {
156. address <sanitised>
157. }
158. }
159. rule 2000 {
160. description "LAN OUT"
161. log enable
162. outbound-interface eth3
163. source {
164. address <sanitised>
165. }
166. translation {
167. address masquerade
168. }
169. }
170. rule 2002 {
171. description "Servers OUT"
172. log enable
173. outbound-interface pppoe0
174. source {
175. address <sanitised>
176. }
177. translation {
178. address masquerade
179. }
180. }
181. rule 2003 {
182. description "WiFi OUT"
183. log enable
184. outbound-interface eth3
185. source {
186. address <sanitised>
187. }
188. translation {
189. address masquerade
190. }
191. }
192. ............... <sanitised> ................
193. ....... You don't need the rest of my rules ..........
194. }
195. }
196. policy {
197. route DMZ_out {
198. description "Policy for DMZ Out"
199. rule 10 {
200. destination {
201. address 0.0.0.0/0
202. }
203. set {
204. table 1
205. }
206. source {
207. address <sanitised>
208. }
209. }
210. }
211. route Servers_Out {
212. description "Policy for Servers Out"
213. rule 10 {
214. destination {
215. address <sanitised>
216. }
217. set {
218. table 3
219. }
220. source {
221. address 0.0.0.0/0
222. }
223. }
224. }
225. }
226. protocols {
227. table 1 {
228. route 0.0.0.0/0 {
229. next-hop <sanitised> {
230. }
231. }
232. }
233. table 3 {
234. route 0.0.0.0/0 {
235. next-hop <sanitised> {
236. }
237. }
238. }
239. }
240. }
241. service {
242. dns {
243. forwarding {
244. cache-size 150
245. listen-on eth0
246. listen-on eth1
247. system
248. }
249. }
250. https {
251. http-redirect enable
252. listen-address <sanitised>
253. }
254. ssh {
255. listen-address <sanitised>
256. port 22
257. }
258. }
259. system {
260. config-management {
261. commit-revisions 20
262. }
263. console {
264. device ttyS0 {
265. speed 9600
266. }
267. }
268. domain-name <sanitised>
269. host-name VyOS-R3
270. name-server 2001:470:20::2
271. name-server 208.67.222.222
272. name-server 208.67.220.220
273. ntp {
274. server 0.pool.ntp.org {
275. }
276. server 1.pool.ntp.org {
277. }
278. server 2.pool.ntp.org {
279. }
280. }
281. package {
282. auto-sync 1
283. repository community {
284. components main
285. distribution helium
286. password ""
287. url http://packages.vyos.net/vyos
288. username ""
289. }
290. repository squeeze {
291. components "main contrib non-free"
292. distribution squeeze
293. password ""
294. url http://mirrors.kernel.org/debian
295. username ""
296. }
297. repository squeeze-lts {
298. components "main contrib non-free"
299. distribution squeeze-lts
300. password ""
301. url http://mirrors.kernel.org/debian
302. username ""
303. }
304. }
305. syslog {
306. global {
307. facility all {
308. level notice
309. }
310. facility protocols {
311. level debug
312. }
313. }
314. }
315. time-zone Canada/Eastern
316. }