API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Mar 23rd, 2021
58
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 14.34 KB | None | 0 0
raw download clone embed print report
  1. {
  2. "kernel": "4.4.92",
  3. "hostname": "rp0w0",
  4. "system": "ARMv6-compatible processor rev 7 (v6l)",
  5. "model": "Raspberry Pi Zero W Rev 1.1",
  6. "board_name": "rpi-zero-w",
  7. "release": {
  8. "distribution": "LEDE",
  9. "version": "17.01.4",
  10. "revision": "r3560-79f57e422d",
  11. "codename": "reboot",
  12. "target": "brcm2708\/bcm2708",
  13. "description": "LEDE Reboot 17.01.4 r3560-79f57e422d"
  14. }
  15. }
  16. network.loopback=interface
  17. network.loopback.ifname='lo'
  18. network.loopback.proto='static'
  19. network.loopback.ipaddr='127.0.0.1'
  20. network.loopback.netmask='255.0.0.0'
  21. network.globals=globals
  22. network.globals.ula_prefix='fd4c:481d:6483::/48'
  23. network.lan=interface
  24. network.lan.type='bridge'
  25. network.lan.proto='static'
  26. network.lan.netmask='255.255.255.0'
  27. network.lan.ip6assign='60'
  28. network.lan.ipaddr='192.168.1.3'
  29. network.lan.ifname='usb0'
  30. network.wwan=interface
  31. network.wwan.proto='dhcp'
  32. wireless.radio0=wifi-device
  33. wireless.radio0.type='mac80211'
  34. wireless.radio0.hwmode='11g'
  35. wireless.radio0.path='platform/soc/20300000.mmc/mmc_host/mmc1/mmc1:0001/mmc1:0001:1'
  36. wireless.radio0.htmode='HT20'
  37. wireless.radio0.disabled='0'
  38. wireless.radio0.channel='1'
  39. wireless.radio0.country='00'
  40. wireless.@wifi-iface[0]=wifi-iface
  41. wireless.@wifi-iface[0].ssid='......'
  42. wireless.@wifi-iface[0].encryption='......'
  43. wireless.@wifi-iface[0].device='radio0'
  44. wireless.@wifi-iface[0].mode='sta'
  45. wireless.@wifi-iface[0].bssid='......'
  46. wireless.@wifi-iface[0].key='......'
  47. wireless.@wifi-iface[0].network='lan wwan'
  48. firewall.@defaults[0]=defaults
  49. firewall.@defaults[0].syn_flood='1'
  50. firewall.@defaults[0].input='ACCEPT'
  51. firewall.@defaults[0].output='ACCEPT'
  52. firewall.@defaults[0].forward='REJECT'
  53. firewall.@zone[0]=zone
  54. firewall.@zone[0].name='lan'
  55. firewall.@zone[0].input='ACCEPT'
  56. firewall.@zone[0].output='ACCEPT'
  57. firewall.@zone[0].forward='ACCEPT'
  58. firewall.@zone[0].network='lan'
  59. firewall.@zone[1]=zone
  60. firewall.@zone[1].name='wan'
  61. firewall.@zone[1].input='REJECT'
  62. firewall.@zone[1].output='ACCEPT'
  63. firewall.@zone[1].forward='REJECT'
  64. firewall.@zone[1].masq='1'
  65. firewall.@zone[1].mtu_fix='1'
  66. firewall.@zone[1].network='wan wan6 wwan'
  67. firewall.@forwarding[0]=forwarding
  68. firewall.@forwarding[0].src='lan'
  69. firewall.@forwarding[0].dest='wan'
  70. firewall.@rule[0]=rule
  71. firewall.@rule[0].name='Allow-DHCP-Renew'
  72. firewall.@rule[0].src='wan'
  73. firewall.@rule[0].proto='udp'
  74. firewall.@rule[0].dest_port='68'
  75. firewall.@rule[0].target='ACCEPT'
  76. firewall.@rule[0].family='ipv4'
  77. firewall.@rule[1]=rule
  78. firewall.@rule[1].name='Allow-Ping'
  79. firewall.@rule[1].src='wan'
  80. firewall.@rule[1].proto='icmp'
  81. firewall.@rule[1].icmp_type='echo-request'
  82. firewall.@rule[1].family='ipv4'
  83. firewall.@rule[1].target='ACCEPT'
  84. firewall.@rule[2]=rule
  85. firewall.@rule[2].name='Allow-IGMP'
  86. firewall.@rule[2].src='wan'
  87. firewall.@rule[2].proto='igmp'
  88. firewall.@rule[2].family='ipv4'
  89. firewall.@rule[2].target='ACCEPT'
  90. firewall.@rule[3]=rule
  91. firewall.@rule[3].name='Allow-DHCPv6'
  92. firewall.@rule[3].src='wan'
  93. firewall.@rule[3].proto='udp'
  94. firewall.@rule[3].src_ip='fc00::/6'
  95. firewall.@rule[3].dest_ip='fc00::/6'
  96. firewall.@rule[3].dest_port='546'
  97. firewall.@rule[3].family='ipv6'
  98. firewall.@rule[3].target='ACCEPT'
  99. firewall.@rule[4]=rule
  100. firewall.@rule[4].name='Allow-MLD'
  101. firewall.@rule[4].src='wan'
  102. firewall.@rule[4].proto='icmp'
  103. firewall.@rule[4].src_ip='fe80::/10'
  104. firewall.@rule[4].icmp_type='130/0' '131/0' '132/0' '143/0'
  105. firewall.@rule[4].family='ipv6'
  106. firewall.@rule[4].target='ACCEPT'
  107. firewall.@rule[5]=rule
  108. firewall.@rule[5].name='Allow-ICMPv6-Input'
  109. firewall.@rule[5].src='wan'
  110. firewall.@rule[5].proto='icmp'
  111. firewall.@rule[5].icmp_type='echo-request' 'echo-reply' 'destination-unreachable' 'packet-too-big' 'time-exceeded' 'bad-header' 'unknown-header-type' 'router-solicitation' 'neighbour-solicitation' 'router-advertisement' 'neighbour-advertisement'
  112. firewall.@rule[5].limit='1000/sec'
  113. firewall.@rule[5].family='ipv6'
  114. firewall.@rule[5].target='ACCEPT'
  115. firewall.@rule[6]=rule
  116. firewall.@rule[6].name='Allow-ICMPv6-Forward'
  117. firewall.@rule[6].src='wan'
  118. firewall.@rule[6].dest='*'
  119. firewall.@rule[6].proto='icmp'
  120. firewall.@rule[6].icmp_type='echo-request' 'echo-reply' 'destination-unreachable' 'packet-too-big' 'time-exceeded' 'bad-header' 'unknown-header-type'
  121. firewall.@rule[6].limit='1000/sec'
  122. firewall.@rule[6].family='ipv6'
  123. firewall.@rule[6].target='ACCEPT'
  124. firewall.@rule[7]=rule
  125. firewall.@rule[7].name='Allow-IPSec-ESP'
  126. firewall.@rule[7].src='wan'
  127. firewall.@rule[7].dest='lan'
  128. firewall.@rule[7].proto='esp'
  129. firewall.@rule[7].target='ACCEPT'
  130. firewall.@rule[8]=rule
  131. firewall.@rule[8].name='Allow-ISAKMP'
  132. firewall.@rule[8].src='wan'
  133. firewall.@rule[8].dest='lan'
  134. firewall.@rule[8].dest_port='500'
  135. firewall.@rule[8].proto='udp'
  136. firewall.@rule[8].target='ACCEPT'
  137. firewall.@include[0]=include
  138. firewall.@include[0].path='/etc/firewall.user'
  139. 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
  140. link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
  141. inet 127.0.0.1/8 scope host lo
  142. valid_lft forever preferred_lft forever
  143. inet6 ::1/128 scope host
  144. valid_lft forever preferred_lft forever
  145. 2: usb0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel master br-lan state UP qlen 1000
  146. link/ether 32:3c:fd:bd:47:53 brd ff:ff:ff:ff:ff:ff
  147. 3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP qlen 1000
  148. link/ether b8:27:eb:ac:98:95 brd ff:ff:ff:ff:ff:ff
  149. inet 192.168.1.3/24 brd 192.168.1.255 scope global wlan0
  150. valid_lft forever preferred_lft forever
  151. inet6 fe80::ba27:ebff:feac:9895/64 scope link tentative flags 08
  152. valid_lft forever preferred_lft forever
  153. 4: br-lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
  154. link/ether 32:3c:fd:bd:47:53 brd ff:ff:ff:ff:ff:ff
  155. inet 192.168.1.3/24 brd 192.168.1.255 scope global br-lan
  156. valid_lft forever preferred_lft forever
  157. inet6 fd4c:481d:6483::1/60 scope global
  158. valid_lft forever preferred_lft forever
  159. inet6 fe80::303c:fdff:febd:4753/64 scope link
  160. valid_lft forever preferred_lft forever
  161. default via 192.168.1.1 dev wlan0 src 192.168.1.3
  162. 192.168.1.0/24 dev br-lan src 192.168.1.3
  163. 192.168.1.0/24 dev wlan0 src 192.168.1.3
  164. 192.168.1.1 dev wlan0 src 192.168.1.3
  165. broadcast 127.0.0.0 dev lo src 127.0.0.1
  166. local 127.0.0.0/8 dev lo src 127.0.0.1
  167. local 127.0.0.1 dev lo src 127.0.0.1
  168. broadcast 127.255.255.255 dev lo src 127.0.0.1
  169. broadcast 192.168.1.0 dev br-lan src 192.168.1.3
  170. broadcast 192.168.1.0 dev wlan0 src 192.168.1.3
  171. local 192.168.1.3 dev br-lan src 192.168.1.3
  172. local 192.168.1.3 dev wlan0 src 192.168.1.3
  173. broadcast 192.168.1.255 dev br-lan src 192.168.1.3
  174. broadcast 192.168.1.255 dev wlan0 src 192.168.1.3
  175. fd4c:481d:6483::/64 dev br-lan metric 1024
  176. unreachable fd4c:481d:6483::/48 dev lo metric 2147483647 error -113
  177. fe80::/64 dev br-lan metric 256
  178. fe80::/64 dev wlan0 metric 256
  179. unreachable default dev lo metric -1 error -101
  180. local ::1 dev lo metric 0
  181. local fd4c:481d:6483:: dev lo metric 0
  182. local fd4c:481d:6483::1 dev lo metric 0
  183. local fe80:: dev lo metric 0
  184. local fe80::303c:fdff:febd:4753 dev lo metric 0
  185. ff00::/8 dev br-lan metric 256
  186. ff00::/8 dev wlan0 metric 256
  187. unreachable default dev lo metric -1 error -101
  188. 0: from all lookup local
  189. 32766: from all lookup main
  190. 32767: from all lookup default
  191. # Generated by iptables-save v1.4.21 on Tue Mar 23 15:01:01 2021
  192. *nat
  193. :PREROUTING ACCEPT [43:4889]
  194. :INPUT ACCEPT [24:1777]
  195. :OUTPUT ACCEPT [48:3444]
  196. :POSTROUTING ACCEPT [6:636]
  197. :postrouting_lan_rule - [0:0]
  198. :postrouting_rule - [0:0]
  199. :postrouting_wan_rule - [0:0]
  200. :prerouting_lan_rule - [0:0]
  201. :prerouting_rule - [0:0]
  202. :prerouting_wan_rule - [0:0]
  203. :zone_lan_postrouting - [0:0]
  204. :zone_lan_prerouting - [0:0]
  205. :zone_wan_postrouting - [0:0]
  206. :zone_wan_prerouting - [0:0]
  207. [43:4889] -A PREROUTING -m comment --comment "!fw3: user chain for prerouting" -j prerouting_rule
  208. [41:4785] -A PREROUTING -i br-lan -m comment --comment "!fw3" -j zone_lan_prerouting
  209. [2:104] -A PREROUTING -i wlan0 -m comment --comment "!fw3" -j zone_wan_prerouting
  210. [53:3760] -A POSTROUTING -m comment --comment "!fw3: user chain for postrouting" -j postrouting_rule
  211. [2:376] -A POSTROUTING -o br-lan -m comment --comment "!fw3" -j zone_lan_postrouting
  212. [47:3124] -A POSTROUTING -o wlan0 -m comment --comment "!fw3" -j zone_wan_postrouting
  213. [2:376] -A zone_lan_postrouting -m comment --comment "!fw3: user chain for postrouting" -j postrouting_lan_rule
  214. [41:4785] -A zone_lan_prerouting -m comment --comment "!fw3: user chain for prerouting" -j prerouting_lan_rule
  215. [47:3124] -A zone_wan_postrouting -m comment --comment "!fw3: user chain for postrouting" -j postrouting_wan_rule
  216. [47:3124] -A zone_wan_postrouting -m comment --comment "!fw3" -j MASQUERADE
  217. [2:104] -A zone_wan_prerouting -m comment --comment "!fw3: user chain for prerouting" -j prerouting_wan_rule
  218. COMMIT
  219. # Completed on Tue Mar 23 15:01:01 2021
  220. # Generated by iptables-save v1.4.21 on Tue Mar 23 15:01:01 2021
  221. *mangle
  222. :PREROUTING ACCEPT [293:32988]
  223. :INPUT ACCEPT [222:20188]
  224. :FORWARD ACCEPT [58:10076]
  225. :OUTPUT ACCEPT [214:32734]
  226. :POSTROUTING ACCEPT [272:42810]
  227. [4:240] -A FORWARD -o wlan0 -p tcp -m tcp --tcp-flags SYN,RST SYN -m comment --comment "!fw3: wan (mtu_fix)" -j TCPMSS --clamp-mss-to-pmtu
  228. COMMIT
  229. # Completed on Tue Mar 23 15:01:01 2021
  230. # Generated by iptables-save v1.4.21 on Tue Mar 23 15:01:01 2021
  231. *filter
  232. :INPUT ACCEPT [0:0]
  233. :FORWARD DROP [0:0]
  234. :OUTPUT ACCEPT [0:0]
  235. :forwarding_lan_rule - [0:0]
  236. :forwarding_rule - [0:0]
  237. :forwarding_wan_rule - [0:0]
  238. :input_lan_rule - [0:0]
  239. :input_rule - [0:0]
  240. :input_wan_rule - [0:0]
  241. :output_lan_rule - [0:0]
  242. :output_rule - [0:0]
  243. :output_wan_rule - [0:0]
  244. :reject - [0:0]
  245. :syn_flood - [0:0]
  246. :zone_lan_dest_ACCEPT - [0:0]
  247. :zone_lan_forward - [0:0]
  248. :zone_lan_input - [0:0]
  249. :zone_lan_output - [0:0]
  250. :zone_lan_src_ACCEPT - [0:0]
  251. :zone_wan_dest_ACCEPT - [0:0]
  252. :zone_wan_dest_REJECT - [0:0]
  253. :zone_wan_forward - [0:0]
  254. :zone_wan_input - [0:0]
  255. :zone_wan_output - [0:0]
  256. :zone_wan_src_REJECT - [0:0]
  257. [22:2030] -A INPUT -i lo -m comment --comment "!fw3" -j ACCEPT
  258. [203:18314] -A INPUT -m comment --comment "!fw3: user chain for input" -j input_rule
  259. [162:14896] -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -m comment --comment "!fw3" -j ACCEPT
  260. [1:60] -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m comment --comment "!fw3" -j syn_flood
  261. [39:3314] -A INPUT -i br-lan -m comment --comment "!fw3" -j zone_lan_input
  262. [2:104] -A INPUT -i wlan0 -m comment --comment "!fw3" -j zone_wan_input
  263. [58:10076] -A FORWARD -m comment --comment "!fw3: user chain for forwarding" -j forwarding_rule
  264. [53:9760] -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -m comment --comment "!fw3" -j ACCEPT
  265. [5:316] -A FORWARD -i br-lan -m comment --comment "!fw3" -j zone_lan_forward
  266. [0:0] -A FORWARD -i wlan0 -m comment --comment "!fw3" -j zone_wan_forward
  267. [0:0] -A FORWARD -m comment --comment "!fw3" -j reject
  268. [22:2030] -A OUTPUT -o lo -m comment --comment "!fw3" -j ACCEPT
  269. [195:31452] -A OUTPUT -m comment --comment "!fw3: user chain for output" -j output_rule
  270. [149:27870] -A OUTPUT -m conntrack --ctstate RELATED,ESTABLISHED -m comment --comment "!fw3" -j ACCEPT
  271. [3:709] -A OUTPUT -o br-lan -m comment --comment "!fw3" -j zone_lan_output
  272. [43:2873] -A OUTPUT -o wlan0 -m comment --comment "!fw3" -j zone_wan_output
  273. [0:0] -A reject -p tcp -m comment --comment "!fw3" -j REJECT --reject-with tcp-reset
  274. [1:72] -A reject -m comment --comment "!fw3" -j REJECT --reject-with icmp-port-unreachable
  275. [1:60] -A syn_flood -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m limit --limit 25/sec --limit-burst 50 -m comment --comment "!fw3" -j RETURN
  276. [0:0] -A syn_flood -m comment --comment "!fw3" -j DROP
  277. [3:709] -A zone_lan_dest_ACCEPT -o br-lan -m comment --comment "!fw3" -j ACCEPT
  278. [5:316] -A zone_lan_forward -m comment --comment "!fw3: user chain for forwarding" -j forwarding_lan_rule
  279. [5:316] -A zone_lan_forward -m comment --comment "!fw3: forwarding lan -> wan" -j zone_wan_dest_ACCEPT
  280. [0:0] -A zone_lan_forward -m conntrack --ctstate DNAT -m comment --comment "!fw3: Accept port forwards" -j ACCEPT
  281. [0:0] -A zone_lan_forward -m comment --comment "!fw3" -j zone_lan_dest_ACCEPT
  282. [39:3314] -A zone_lan_input -m comment --comment "!fw3: user chain for input" -j input_lan_rule
  283. [0:0] -A zone_lan_input -m conntrack --ctstate DNAT -m comment --comment "!fw3: Accept port redirections" -j ACCEPT
  284. [39:3314] -A zone_lan_input -m comment --comment "!fw3" -j zone_lan_src_ACCEPT
  285. [3:709] -A zone_lan_output -m comment --comment "!fw3: user chain for output" -j output_lan_rule
  286. [3:709] -A zone_lan_output -m comment --comment "!fw3" -j zone_lan_dest_ACCEPT
  287. [39:3314] -A zone_lan_src_ACCEPT -i br-lan -m conntrack --ctstate NEW,UNTRACKED -m comment --comment "!fw3" -j ACCEPT
  288. [0:0] -A zone_wan_dest_ACCEPT -o wlan0 -m conntrack --ctstate INVALID -m comment --comment "!fw3: Prevent NAT leakage" -j DROP
  289. [48:3189] -A zone_wan_dest_ACCEPT -o wlan0 -m comment --comment "!fw3" -j ACCEPT
  290. [0:0] -A zone_wan_dest_REJECT -o wlan0 -m comment --comment "!fw3" -j reject
  291. [0:0] -A zone_wan_forward -m comment --comment "!fw3: user chain for forwarding" -j forwarding_wan_rule
  292. [0:0] -A zone_wan_forward -p esp -m comment --comment "!fw3: Allow-IPSec-ESP" -j zone_lan_dest_ACCEPT
  293. [0:0] -A zone_wan_forward -p udp -m udp --dport 500 -m comment --comment "!fw3: Allow-ISAKMP" -j zone_lan_dest_ACCEPT
  294. [0:0] -A zone_wan_forward -m conntrack --ctstate DNAT -m comment --comment "!fw3: Accept port forwards" -j ACCEPT
  295. [0:0] -A zone_wan_forward -m comment --comment "!fw3" -j zone_wan_dest_REJECT
  296. [2:104] -A zone_wan_input -m comment --comment "!fw3: user chain for input" -j input_wan_rule
  297. [0:0] -A zone_wan_input -p udp -m udp --dport 68 -m comment --comment "!fw3: Allow-DHCP-Renew" -j ACCEPT
  298. [0:0] -A zone_wan_input -p icmp -m icmp --icmp-type 8 -m comment --comment "!fw3: Allow-Ping" -j ACCEPT
  299. [1:32] -A zone_wan_input -p igmp -m comment --comment "!fw3: Allow-IGMP" -j ACCEPT
  300. [0:0] -A zone_wan_input -m conntrack --ctstate DNAT -m comment --comment "!fw3: Accept port redirections" -j ACCEPT
  301. [1:72] -A zone_wan_input -m comment --comment "!fw3" -j zone_wan_src_REJECT
  302. [43:2873] -A zone_wan_output -m comment --comment "!fw3: user chain for output" -j output_wan_rule
  303. [43:2873] -A zone_wan_output -m comment --comment "!fw3" -j zone_wan_dest_ACCEPT
  304. [1:72] -A zone_wan_src_REJECT -i wlan0 -m comment --comment "!fw3" -j reject
  305. COMMIT
  306. # Completed on Tue Mar 23 15:01:01 2021
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!