Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- interfaces {
- ethernet eth0 {
- address <sanitised>
- address <sanitised>
- description LAN
- duplex auto
- hw-id <sanitised>
- ip {
- ospf {
- dead-interval 40
- hello-interval 10
- priority 1
- retransmit-interval 5
- transmit-delay 1
- }
- }
- policy {
- route Servers_Out
- }
- smp_affinity auto
- speed auto
- }
- ethernet eth1 {
- address <sanitised>
- description DMZ
- duplex auto
- hw-id <sanitised>
- policy {
- route DMZ_out
- }
- smp_affinity auto
- speed auto
- }
- ethernet eth2 {
- address <sanitised>
- description DSL
- duplex auto
- hw-id <sanitised>
- pppoe 0 {
- default-route none
- firewall {
- in {
- name Servers-In
- }
- local {
- name Router
- }
- out {
- name Outbound
- }
- }
- mtu 1492
- name-server none
- password <sanitised>
- user-id <sanitised>
- }
- smp_affinity auto
- speed auto
- }
- ethernet eth3 {
- address dhcp
- description Cable
- duplex auto
- firewall {
- in {
- name Clients-In
- }
- local {
- name Router
- }
- out {
- name Outbound
- }
- }
- hw-id <sanitised>
- smp_affinity auto
- speed auto
- }
- tunnel tun0 {
- address <sanitised>
- description "HE.NET IPv6 Tunnel"
- disable
- encapsulation sit
- local-ip <sanitised>
- multicast disable
- remote-ip <sanitised>
- }
- }
- nat {
- destination {
- rule 100 {
- description "SSL Filter"
- destination {
- address <sanitised>
- port <sanitised>
- }
- disable
- inbound-interface pppoe0
- log enable
- protocol tcp
- translation {
- address <sanitised>
- }
- }
- rule 101 {
- description "SMTP Filter"
- destination {
- address <sanitised>
- port <sanitised>
- }
- inbound-interface pppoe0
- log enable
- protocol tcp
- translation {
- address <sanitised>
- }
- }
- rule 146 {
- description "Web Server"
- destination {
- address <sanitised>
- port <sanitised>
- }
- inbound-interface pppoe0
- log enable
- protocol tcp
- translation {
- address <sanitised>
- }
- }
- ......... <sanitised> .........
- ......... You don't need to know my other NAT rules .......
- }
- source {
- rule 1146 {
- description "Web Server"
- log enable
- outbound-interface pppoe0
- protocol tcp
- source {
- address <sanitised>
- }
- translation {
- address <sanitised>
- }
- }
- rule 1150 {
- description VyOS
- log enable
- outbound-interface pppoe0
- protocol tcp
- source {
- address <sanitised>
- }
- translation {
- address <sanitised>
- }
- }
- rule 2000 {
- description "LAN OUT"
- log enable
- outbound-interface eth3
- source {
- address <sanitised>
- }
- translation {
- address masquerade
- }
- }
- rule 2002 {
- description "Servers OUT"
- log enable
- outbound-interface pppoe0
- source {
- address <sanitised>
- }
- translation {
- address masquerade
- }
- }
- rule 2003 {
- description "WiFi OUT"
- log enable
- outbound-interface eth3
- source {
- address <sanitised>
- }
- translation {
- address masquerade
- }
- }
- ............... <sanitised> ................
- ....... You don't need the rest of my rules ..........
- }
- }
- policy {
- route DMZ_out {
- description "Policy for DMZ Out"
- rule 10 {
- destination {
- address 0.0.0.0/0
- }
- set {
- table 1
- }
- source {
- address <sanitised>
- }
- }
- }
- route Servers_Out {
- description "Policy for Servers Out"
- rule 10 {
- destination {
- address <sanitised>
- }
- set {
- table 3
- }
- source {
- address 0.0.0.0/0
- }
- }
- }
- }
- protocols {
- table 1 {
- route 0.0.0.0/0 {
- next-hop <sanitised> {
- }
- }
- }
- table 3 {
- route 0.0.0.0/0 {
- next-hop <sanitised> {
- }
- }
- }
- }
- }
- service {
- dns {
- forwarding {
- cache-size 150
- listen-on eth0
- listen-on eth1
- system
- }
- }
- https {
- http-redirect enable
- listen-address <sanitised>
- }
- ssh {
- listen-address <sanitised>
- port 22
- }
- }
- system {
- config-management {
- commit-revisions 20
- }
- console {
- device ttyS0 {
- speed 9600
- }
- }
- domain-name <sanitised>
- host-name VyOS-R3
- name-server 2001:470:20::2
- name-server 208.67.222.222
- name-server 208.67.220.220
- ntp {
- server 0.pool.ntp.org {
- }
- server 1.pool.ntp.org {
- }
- server 2.pool.ntp.org {
- }
- }
- package {
- auto-sync 1
- repository community {
- components main
- distribution helium
- password ""
- url http://packages.vyos.net/vyos
- username ""
- }
- repository squeeze {
- components "main contrib non-free"
- distribution squeeze
- password ""
- url http://mirrors.kernel.org/debian
- username ""
- }
- repository squeeze-lts {
- components "main contrib non-free"
- distribution squeeze-lts
- password ""
- url http://mirrors.kernel.org/debian
- username ""
- }
- }
- syslog {
- global {
- facility all {
- level notice
- }
- facility protocols {
- level debug
- }
- }
- }
- time-zone Canada/Eastern
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement