Advertisement
Guest User

Untitled

a guest
Nov 11th, 2020
48
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1.  
  2.  
  3. BusyBox v1.30.1 () built-in shell (ash)
  4.  
  5. _______ ________ __
  6. | |.-----.-----.-----.| | | |.----.| |_
  7. | - || _ | -__| || | | || _|| _|
  8. |_______|| __|_____|__|__||________||__| |____|
  9. |__| W I R E L E S S F R E E D O M
  10. -----------------------------------------------------
  11. OpenWrt 19.07.4, r11208-ce6496d796
  12. -----------------------------------------------------
  13. root@OCTOPUS:~# ubus call system board; \
  14. > uci export network; uci export wireless; \
  15. > uci export dhcp; uci export firewall; \
  16. > head -n -0 /etc/firewall.user; \
  17. > iptables-save -c; \
  18. > ip -4 addr ; ip -4 ro li tab all ; ip -4 ru
  19. {
  20. "kernel": "4.14.195",
  21. "hostname": "OCTOPUS",
  22. "system": "Qualcomm Atheros QCA956X ver 1 rev 0",
  23. "model": "GL-AR750S",
  24. "board_name": "gl-ar750s",
  25. "release": {
  26. "distribution": "OpenWrt",
  27. "version": "19.07.4",
  28. "revision": "r11208-ce6496d796",
  29. "target": "ar71xx/generic",
  30. "description": "OpenWrt 19.07.4 r11208-ce6496d796"
  31. }
  32. }
  33. package network
  34.  
  35. config interface 'loopback'
  36. option ifname 'lo'
  37. option proto 'static'
  38. option ipaddr '127.0.0.1'
  39. option netmask '255.0.0.0'
  40.  
  41. config globals 'globals'
  42. option ula_prefix 'fdcf:b5c9:9ca3::/48'
  43.  
  44. config interface 'lan'
  45. option type 'bridge'
  46. option ifname 'eth0.1'
  47. option proto 'static'
  48. option netmask '255.255.255.0'
  49. option ip6assign '60'
  50. option ipaddr '192.168.100.2'
  51.  
  52. config interface 'wan'
  53. option ifname 'eth0.2'
  54. option proto 'dhcp'
  55.  
  56. config interface 'wan6'
  57. option ifname 'eth0.2'
  58. option proto 'dhcpv6'
  59.  
  60. config switch
  61. option name 'switch0'
  62. option reset '1'
  63. option enable_vlan '1'
  64.  
  65. config switch_vlan
  66. option device 'switch0'
  67. option vlan '1'
  68. option ports '2 3 0t'
  69.  
  70. config switch_vlan
  71. option device 'switch0'
  72. option vlan '2'
  73. option ports '1 0t'
  74.  
  75. config interface 'wwan'
  76. option proto 'static'
  77. option ipaddr '192.168.1.15'
  78. option netmask '255.255.255.0'
  79.  
  80. config route
  81. option target '192.168.1.0/24'
  82. option gateway '192.168.1.1'
  83. option netmask '255.255.255.0'
  84. option interface 'lan'
  85.  
  86. package wireless
  87.  
  88. config wifi-device 'radio0'
  89. option type 'mac80211'
  90. option hwmode '11a'
  91. option path 'pci0000:00/0000:00:00.0'
  92. option htmode 'VHT80'
  93. option country 'US'
  94. option channel 'auto'
  95.  
  96. config wifi-device 'radio1'
  97. option type 'mac80211'
  98. option hwmode '11g'
  99. option path 'platform/qca956x_wmac'
  100. option htmode 'HT20'
  101. option country 'US'
  102. option channel 'auto'
  103.  
  104. config wifi-iface 'wifinet2'
  105. option ssid '1320-Secure'
  106. option device 'radio0'
  107. option mode 'sta'
  108. option key '*********'
  109. option encryption 'psk2'
  110. option network 'wwan'
  111.  
  112. config wifi-iface 'wifinet1'
  113. option ssid 'Monaco'
  114. option encryption 'psk2'
  115. option device 'radio0'
  116. option mode 'ap'
  117. option key '*******'
  118. option network 'lan'
  119.  
  120. config wifi-iface 'wifinet3'
  121. option ssid 'Monaco'
  122. option encryption 'psk2'
  123. option device 'radio1'
  124. option mode 'ap'
  125. option network 'lan'
  126. option key '*******'
  127.  
  128. package dhcp
  129.  
  130. config dnsmasq
  131. option domainneeded '1'
  132. option boguspriv '1'
  133. option filterwin2k '0'
  134. option localise_queries '1'
  135. option rebind_protection '1'
  136. option rebind_localhost '1'
  137. option local '/lan/'
  138. option domain 'lan'
  139. option expandhosts '1'
  140. option nonegcache '0'
  141. option authoritative '1'
  142. option readethers '1'
  143. option leasefile '/tmp/dhcp.leases'
  144. option resolvfile '/tmp/resolv.conf.auto'
  145. option nonwildcard '1'
  146. option localservice '1'
  147.  
  148. config dhcp 'lan'
  149. option interface 'lan'
  150. option ignore '1'
  151.  
  152. config dhcp 'wan'
  153. option interface 'wan'
  154. option ignore '1'
  155.  
  156. config odhcpd 'odhcpd'
  157. option maindhcp '0'
  158. option leasefile '/tmp/hosts/odhcpd'
  159. option leasetrigger '/usr/sbin/odhcpd-update'
  160. option loglevel '4'
  161.  
  162. package firewall
  163.  
  164. config defaults
  165. option input 'ACCEPT'
  166. option output 'ACCEPT'
  167. option forward 'ACCEPT'
  168. option synflood_protect '1'
  169.  
  170. config zone
  171. option name 'lan'
  172. option input 'ACCEPT'
  173. option output 'ACCEPT'
  174. option forward 'ACCEPT'
  175. option network 'lan wwan'
  176.  
  177. config zone
  178. option name 'wan'
  179. option input 'REJECT'
  180. option output 'ACCEPT'
  181. option forward 'REJECT'
  182. option masq '1'
  183. option mtu_fix '1'
  184. option network 'wan wan6'
  185.  
  186. config forwarding
  187. option src 'lan'
  188. option dest 'wan'
  189.  
  190. config rule
  191. option name 'Allow-DHCP-Renew'
  192. option src 'wan'
  193. option proto 'udp'
  194. option dest_port '68'
  195. option target 'ACCEPT'
  196. option family 'ipv4'
  197.  
  198. config rule
  199. option name 'Allow-Ping'
  200. option src 'wan'
  201. option proto 'icmp'
  202. option icmp_type 'echo-request'
  203. option family 'ipv4'
  204. option target 'ACCEPT'
  205.  
  206. config rule
  207. option name 'Allow-IGMP'
  208. option src 'wan'
  209. option proto 'igmp'
  210. option family 'ipv4'
  211. option target 'ACCEPT'
  212.  
  213. config rule
  214. option name 'Allow-DHCPv6'
  215. option src 'wan'
  216. option proto 'udp'
  217. option src_ip 'fc00::/6'
  218. option dest_ip 'fc00::/6'
  219. option dest_port '546'
  220. option family 'ipv6'
  221. option target 'ACCEPT'
  222.  
  223. config rule
  224. option name 'Allow-MLD'
  225. option src 'wan'
  226. option proto 'icmp'
  227. option src_ip 'fe80::/10'
  228. list icmp_type '130/0'
  229. list icmp_type '131/0'
  230. list icmp_type '132/0'
  231. list icmp_type '143/0'
  232. option family 'ipv6'
  233. option target 'ACCEPT'
  234.  
  235. config rule
  236. option name 'Allow-ICMPv6-Input'
  237. option src 'wan'
  238. option proto 'icmp'
  239. list icmp_type 'echo-request'
  240. list icmp_type 'echo-reply'
  241. list icmp_type 'destination-unreachable'
  242. list icmp_type 'packet-too-big'
  243. list icmp_type 'time-exceeded'
  244. list icmp_type 'bad-header'
  245. list icmp_type 'unknown-header-type'
  246. list icmp_type 'router-solicitation'
  247. list icmp_type 'neighbour-solicitation'
  248. list icmp_type 'router-advertisement'
  249. list icmp_type 'neighbour-advertisement'
  250. option limit '1000/sec'
  251. option family 'ipv6'
  252. option target 'ACCEPT'
  253.  
  254. config rule
  255. option name 'Allow-ICMPv6-Forward'
  256. option src 'wan'
  257. option dest '*'
  258. option proto 'icmp'
  259. list icmp_type 'echo-request'
  260. list icmp_type 'echo-reply'
  261. list icmp_type 'destination-unreachable'
  262. list icmp_type 'packet-too-big'
  263. list icmp_type 'time-exceeded'
  264. list icmp_type 'bad-header'
  265. list icmp_type 'unknown-header-type'
  266. option limit '1000/sec'
  267. option family 'ipv6'
  268. option target 'ACCEPT'
  269.  
  270. config rule
  271. option name 'Allow-IPSec-ESP'
  272. option src 'wan'
  273. option dest 'lan'
  274. option proto 'esp'
  275. option target 'ACCEPT'
  276.  
  277. config rule
  278. option name 'Allow-ISAKMP'
  279. option src 'wan'
  280. option dest 'lan'
  281. option dest_port '500'
  282. option proto 'udp'
  283. option target 'ACCEPT'
  284.  
  285. config include
  286. option path '/etc/firewall.user'
  287.  
  288. # This file is interpreted as shell script.
  289. # Put your custom iptables rules here, they will
  290. # be executed with each firewall (re-)start.
  291.  
  292. # Internal uci firewall chains are flushed and recreated on reload, so
  293. # put custom rules into the root chains e.g. INPUT or FORWARD or into the
  294. # special user chains, e.g. input_wan_rule or postrouting_lan_rule.
  295. # Generated by iptables-save v1.8.3 on Wed Nov 11 11:53:04 2020
  296. *nat
  297. :PREROUTING ACCEPT [0:0]
  298. :INPUT ACCEPT [0:0]
  299. :OUTPUT ACCEPT [0:0]
  300. :POSTROUTING ACCEPT [0:0]
  301. COMMIT
  302. # Completed on Wed Nov 11 11:53:04 2020
  303. # Generated by iptables-save v1.8.3 on Wed Nov 11 11:53:04 2020
  304. *mangle
  305. :PREROUTING ACCEPT [194998:45714279]
  306. :INPUT ACCEPT [136565:24595172]
  307. :FORWARD ACCEPT [210:30665]
  308. :OUTPUT ACCEPT [96705:3729007]
  309. :POSTROUTING ACCEPT [96915:3759672]
  310. COMMIT
  311. # Completed on Wed Nov 11 11:53:04 2020
  312. # Generated by iptables-save v1.8.3 on Wed Nov 11 11:53:04 2020
  313. *filter
  314. :INPUT ACCEPT [136566:24595212]
  315. :FORWARD ACCEPT [210:30665]
  316. :OUTPUT ACCEPT [96707:3729903]
  317. COMMIT
  318. # Completed on Wed Nov 11 11:53:04 2020
  319. 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
  320. inet 127.0.0.1/8 scope host lo
  321. valid_lft forever preferred_lft forever
  322. 16: br-lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
  323. inet 192.168.100.2/24 brd 192.168.100.255 scope global br-lan
  324. valid_lft forever preferred_lft forever
  325. 19: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
  326. inet 192.168.1.15/24 brd 192.168.1.255 scope global wlan0
  327. valid_lft forever preferred_lft forever
  328. 192.168.1.0/24 dev wlan0 scope link src 192.168.1.15
  329. 192.168.100.0/24 dev br-lan scope link src 192.168.100.2
  330. broadcast 127.0.0.0 dev lo table local scope link src 127.0.0.1
  331. local 127.0.0.0/8 dev lo table local scope host src 127.0.0.1
  332. local 127.0.0.1 dev lo table local scope host src 127.0.0.1
  333. broadcast 127.255.255.255 dev lo table local scope link src 127.0.0.1
  334. broadcast 192.168.1.0 dev wlan0 table local scope link src 192.168.1.15
  335. local 192.168.1.15 dev wlan0 table local scope host src 192.168.1.15
  336. broadcast 192.168.1.255 dev wlan0 table local scope link src 192.168.1.15
  337. broadcast 192.168.100.0 dev br-lan table local scope link src 192.168.100.2
  338. local 192.168.100.2 dev br-lan table local scope host src 192.168.100.2
  339. broadcast 192.168.100.255 dev br-lan table local scope link src 192.168.100.2
  340. 0: from all lookup local
  341. 32766: from all lookup main
  342. 32767: from all lookup default
  343. root@OCTOPUS:~#
Advertisement
RAW Paste Data Copied
Advertisement