API tools faq
paste
Guest User

Untitled

a guest
Jul 5th, 2020
49
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 13.95 KB | None | 0 0
raw download clone embed print report
  1. config dnsmasq
  2. option domainneeded '1'
  3. option boguspriv '1'
  4. option filterwin2k '0'
  5. option localise_queries '1'
  6. option rebind_protection '1'
  7. option rebind_localhost '1'
  8. option local '/lan/'
  9. option domain 'lan'
  10. option expandhosts '1'
  11. option nonegcache '0'
  12. option authoritative '1'
  13. option readethers '1'
  14. option leasefile '/tmp/dhcp.leases'
  15. option resolvfile '/tmp/resolv.conf.auto'
  16. option nonwildcard '1'
  17. option localservice '1'
  18.  
  19. config dhcp 'lan'
  20. option interface 'lan'
  21. option start '100'
  22. option limit '150'
  23. option leasetime '12h'
  24. option dhcpv6 'server'
  25. option ra 'server'
  26. list dhcp_option '6,10.64.0.1'
  27. option ra_management '1'
  28.  
  29. config dhcp 'wan'
  30. option interface 'wan'
  31. option ignore '1'
  32.  
  33. config odhcpd 'odhcpd'
  34. option maindhcp '0'
  35. option leasefile '/tmp/hosts/odhcpd'
  36. option leasetrigger '/usr/sbin/odhcpd-update'
  37. option loglevel '4'
  38.  
  39.  
  40. config dropbear
  41. option PasswordAuth 'on'
  42. option Port '22'
  43. option Interface 'lan'
  44.  
  45.  
  46. config defaults
  47. option syn_flood '1'
  48. option input 'ACCEPT'
  49. option output 'ACCEPT'
  50. option forward 'REJECT'
  51.  
  52. config zone
  53. option name 'lan'
  54. list network 'lan'
  55. option input 'ACCEPT'
  56. option output 'ACCEPT'
  57. option forward 'ACCEPT'
  58.  
  59. config zone
  60. option name 'wan'
  61. list network 'wan'
  62. list network 'wan6'
  63. option output 'ACCEPT'
  64. option masq '1'
  65. option mtu_fix '1'
  66. option input 'REJECT'
  67. option forward 'REJECT'
  68.  
  69. config rule
  70. option name 'Allow-DHCP-Renew'
  71. option src 'wan'
  72. option proto 'udp'
  73. option dest_port '68'
  74. option target 'ACCEPT'
  75. option family 'ipv4'
  76.  
  77. config rule
  78. option name 'Allow-Ping'
  79. option src 'wan'
  80. option proto 'icmp'
  81. option icmp_type 'echo-request'
  82. option family 'ipv4'
  83. option target 'ACCEPT'
  84.  
  85. config rule
  86. option name 'Allow-IGMP'
  87. option src 'wan'
  88. option proto 'igmp'
  89. option family 'ipv4'
  90. option target 'ACCEPT'
  91.  
  92. config rule
  93. option name 'Allow-DHCPv6'
  94. option src 'wan'
  95. option proto 'udp'
  96. option src_ip 'fc00::/6'
  97. option dest_ip 'fc00::/6'
  98. option dest_port '546'
  99. option family 'ipv6'
  100. option target 'ACCEPT'
  101.  
  102. config rule
  103. option name 'Allow-MLD'
  104. option src 'wan'
  105. option proto 'icmp'
  106. option src_ip 'fe80::/10'
  107. list icmp_type '130/0'
  108. list icmp_type '131/0'
  109. list icmp_type '132/0'
  110. list icmp_type '143/0'
  111. option family 'ipv6'
  112. option target 'ACCEPT'
  113.  
  114. config rule
  115. option name 'Allow-ICMPv6-Input'
  116. option src 'wan'
  117. option proto 'icmp'
  118. list icmp_type 'echo-request'
  119. list icmp_type 'echo-reply'
  120. list icmp_type 'destination-unreachable'
  121. list icmp_type 'packet-too-big'
  122. list icmp_type 'time-exceeded'
  123. list icmp_type 'bad-header'
  124. list icmp_type 'unknown-header-type'
  125. list icmp_type 'router-solicitation'
  126. list icmp_type 'neighbour-solicitation'
  127. list icmp_type 'router-advertisement'
  128. list icmp_type 'neighbour-advertisement'
  129. option limit '1000/sec'
  130. option family 'ipv6'
  131. option target 'ACCEPT'
  132.  
  133. config rule
  134. option name 'Allow-ICMPv6-Forward'
  135. option src 'wan'
  136. option dest '*'
  137. option proto 'icmp'
  138. list icmp_type 'echo-request'
  139. list icmp_type 'echo-reply'
  140. list icmp_type 'destination-unreachable'
  141. list icmp_type 'packet-too-big'
  142. list icmp_type 'time-exceeded'
  143. list icmp_type 'bad-header'
  144. list icmp_type 'unknown-header-type'
  145. option limit '1000/sec'
  146. option family 'ipv6'
  147. option target 'ACCEPT'
  148.  
  149. config rule
  150. option name 'Allow-IPSec-ESP'
  151. option src 'wan'
  152. option dest 'lan'
  153. option proto 'esp'
  154. option target 'ACCEPT'
  155.  
  156. config rule
  157. option name 'Allow-ISAKMP'
  158. option src 'wan'
  159. option dest 'lan'
  160. option dest_port '500'
  161. option proto 'udp'
  162. option target 'ACCEPT'
  163.  
  164. config include
  165. option path '/etc/firewall.user'
  166.  
  167. config zone
  168. option name 'WGZONE'
  169. option mtu_fix '1'
  170. option masq '1'
  171. option output 'ACCEPT'
  172. option network 'WGINTERFACE'
  173. option input 'REJECT'
  174. option forward 'REJECT'
  175.  
  176. config forwarding
  177. option dest 'WGZONE'
  178. option src 'lan'
  179.  
  180. config redirect
  181. option name 'Mullvad'
  182. option src_dport '4764'
  183. option target 'DNAT'
  184. option src 'WGZONE'
  185. option dest 'lan'
  186.  
  187.  
  188. config core 'main'
  189. option lang 'auto'
  190. option mediaurlbase '/luci-static/bootstrap'
  191. option resourcebase '/luci-static/resources'
  192.  
  193. config extern 'flash_keep'
  194. option uci '/etc/config/'
  195. option dropbear '/etc/dropbear/'
  196. option openvpn '/etc/openvpn/'
  197. option passwd '/etc/passwd'
  198. option opkg '/etc/opkg.conf'
  199. option firewall '/etc/firewall.user'
  200. option uploads '/lib/uci/upload/'
  201.  
  202. config internal 'languages'
  203.  
  204. config internal 'sauth'
  205. option sessionpath '/tmp/luci-sessions'
  206. option sessiontime '3600'
  207.  
  208. config internal 'ccache'
  209. option enable '1'
  210.  
  211. config internal 'themes'
  212. option Bootstrap '/luci-static/bootstrap'
  213.  
  214. config internal 'apply'
  215. option rollback '30'
  216. option holdoff '4'
  217. option timeout '5'
  218. option display '1.5'
  219.  
  220. config internal 'diag'
  221. option dns 'openwrt.org'
  222. option ping 'openwrt.org'
  223. option route 'openwrt.org'
  224.  
  225. config core main
  226. option lang auto
  227. option mediaurlbase /luci-static/bootstrap
  228. option resourcebase /luci-static/resources
  229. option ubuspath /ubus/
  230.  
  231. config extern flash_keep
  232. option uci "/etc/config/"
  233. option dropbear "/etc/dropbear/"
  234. option openvpn "/etc/openvpn/"
  235. option passwd "/etc/passwd"
  236. option opkg "/etc/opkg.conf"
  237. option firewall "/etc/firewall.user"
  238. option uploads "/lib/uci/upload/"
  239.  
  240. config internal languages
  241.  
  242. config internal sauth
  243. option sessionpath "/tmp/luci-sessions"
  244. option sessiontime 3600
  245.  
  246. config internal ccache
  247. option enable 1
  248.  
  249. config internal themes
  250.  
  251. config internal apply
  252. option rollback 90
  253. option holdoff 4
  254. option timeout 5
  255. option display 1.5
  256.  
  257. config interface 'loopback'
  258. option ifname 'lo'
  259. option proto 'static'
  260. option ipaddr '127.0.0.1'
  261. option netmask '255.0.0.0'
  262.  
  263. config globals 'globals'
  264. option ula_prefix 'fdb6:3082:3116::/48'
  265.  
  266. config interface 'lan'
  267. option type 'bridge'
  268. option ifname 'eth0.1'
  269. option proto 'static'
  270. option netmask '255.255.255.0'
  271. option ip6assign '60'
  272. option ipaddr '192.168.99.1'
  273.  
  274. config device 'lan_eth0_1_dev'
  275. option name 'eth0.1'
  276. option macaddr '18:d6:c7:51:6e:c4'
  277.  
  278. config interface 'wan'
  279. option ifname 'eth0.2'
  280. option proto 'dhcp'
  281. option macaddr 'D8:CB:8A:F1:FA:00'
  282.  
  283. config device 'wan_eth0_2_dev'
  284. option name 'eth0.2'
  285. option macaddr '18:d6:c7:51:6e:c5'
  286.  
  287. config interface 'wan6'
  288. option ifname 'eth0.2'
  289. option proto 'dhcpv6'
  290. option reqprefix 'auto'
  291. option reqaddress 'try'
  292. option macaddr 'D8:CB:8A:F1:FA:00'
  293.  
  294. config switch
  295. option name 'switch0'
  296. option reset '1'
  297. option enable_vlan '1'
  298. option ar8xxx_mib_type '0'
  299. option ar8xxx_mib_poll_interval '500'
  300.  
  301. config switch_vlan
  302. option device 'switch0'
  303. option vlan '1'
  304. option ports '1 2 3 4 0t'
  305.  
  306. config switch_vlan
  307. option device 'switch0'
  308. option vlan '2'
  309. option ports '5 0t'
  310.  
  311. config interface 'WGINTERFACE'
  312. option proto 'wireguard'
  313. option private_key 'REMOVED'
  314. option listen_port '51820'
  315. list addresses 'REMOVED'
  316. option force_link '1'
  317.  
  318. config wireguard_WGINTERFACE
  319. option public_key 'REMOVED'
  320. option description 'nl'
  321. option persistent_keepalive '25'
  322. option endpoint_port '51820'
  323. list allowed_ips '0.0.0.0/0'
  324. option route_allowed_ips '1'
  325. option endpoint_host 'REMOVED'
  326.  
  327. config rpcd
  328. option socket /var/run/ubus.sock
  329. option timeout 30
  330.  
  331. config login
  332. option username 'root'
  333. option password '$p$root'
  334. list read '*'
  335. list write '*'
  336.  
  337.  
  338. config system
  339. option hostname 'OpenWrt'
  340. option ttylogin '0'
  341. option log_size '64'
  342. option urandom_seed '0'
  343. option log_proto 'udp'
  344. option conloglevel '8'
  345. option cronloglevel '5'
  346. option timezone 'GMT0'
  347. option zonename 'Etc/GMT'
  348.  
  349. config timeserver 'ntp'
  350. list server '0.openwrt.pool.ntp.org'
  351. list server '1.openwrt.pool.ntp.org'
  352. list server '2.openwrt.pool.ntp.org'
  353. list server '3.openwrt.pool.ntp.org'
  354.  
  355. config led 'led_wlan'
  356. option name 'WLAN'
  357. option sysfs 'tp-link:green:wlan'
  358. option trigger 'phy0tpt'
  359.  
  360. config led 'led_wan'
  361. option name 'WAN'
  362. option sysfs 'tp-link:green:wan'
  363. option trigger 'switch0'
  364. option port_mask '0x20'
  365.  
  366. config led 'led_lan1'
  367. option name 'LAN1'
  368. option sysfs 'tp-link:green:lan1'
  369. option trigger 'switch0'
  370. option port_mask '0x10'
  371.  
  372. config led 'led_lan2'
  373. option name 'LAN2'
  374. option sysfs 'tp-link:green:lan2'
  375. option trigger 'switch0'
  376. option port_mask '0x08'
  377.  
  378. config led 'led_lan3'
  379. option name 'LAN3'
  380. option sysfs 'tp-link:green:lan3'
  381. option trigger 'switch0'
  382. option port_mask '0x04'
  383.  
  384. config led 'led_lan4'
  385. option name 'LAN4'
  386. option sysfs 'tp-link:green:lan4'
  387. option trigger 'switch0'
  388. option port_mask '0x02'
  389.  
  390. config led 'led_usb'
  391. option name 'USB'
  392. option sysfs 'tp-link:green:usb'
  393. option trigger 'usbport'
  394. list port 'usb1-port1'
  395.  
  396. config network
  397. option init network
  398. list affects dhcp
  399. list affects radvd
  400.  
  401. config wireless
  402. list affects network
  403.  
  404. config firewall
  405. option init firewall
  406. list affects luci-splash
  407. list affects qos
  408. list affects miniupnpd
  409.  
  410. config olsr
  411. option init olsrd
  412.  
  413. config dhcp
  414. option init dnsmasq
  415. list affects odhcpd
  416.  
  417. config odhcpd
  418. option init odhcpd
  419.  
  420. config dropbear
  421. option init dropbear
  422.  
  423. config httpd
  424. option init httpd
  425.  
  426. config fstab
  427. option exec '/sbin/block mount'
  428.  
  429. config qos
  430. option init qos
  431.  
  432. config system
  433. option init led
  434. option exec '/etc/init.d/log reload'
  435. list affects luci_statistics
  436. list affects dhcp
  437.  
  438. config luci_splash
  439. option init luci_splash
  440.  
  441. config upnpd
  442. option init miniupnpd
  443.  
  444. config ntpclient
  445. option init ntpclient
  446.  
  447. config samba
  448. option init samba
  449.  
  450. config tinyproxy
  451. option init tinyproxy
  452. # Server configuration
  453. config uhttpd main
  454.  
  455. # HTTP listen addresses, multiple allowed
  456. list listen_http 0.0.0.0:80
  457. list listen_http [::]:80
  458.  
  459. # HTTPS listen addresses, multiple allowed
  460. list listen_https 0.0.0.0:443
  461. list listen_https [::]:443
  462.  
  463. # Redirect HTTP requests to HTTPS if possible
  464. option redirect_https 1
  465.  
  466. # Server document root
  467. option home /www
  468.  
  469. # Reject requests from RFC1918 IP addresses
  470. # directed to the servers public IP(s).
  471. # This is a DNS rebinding countermeasure.
  472. option rfc1918_filter 1
  473.  
  474. # Maximum number of concurrent requests.
  475. # If this number is exceeded, further requests are
  476. # queued until the number of running requests drops
  477. # below the limit again.
  478. option max_requests 3
  479.  
  480. # Maximum number of concurrent connections.
  481. # If this number is exceeded, further TCP connection
  482. # attempts are queued until the number of active
  483. # connections drops below the limit again.
  484. option max_connections 100
  485.  
  486. # Certificate and private key for HTTPS.
  487. # If no listen_https addresses are given,
  488. # the key options are ignored.
  489. option cert /etc/uhttpd.crt
  490. option key /etc/uhttpd.key
  491.  
  492. # CGI url prefix, will be searched in docroot.
  493. # Default is /cgi-bin
  494. option cgi_prefix /cgi-bin
  495.  
  496. # List of extension->interpreter mappings.
  497. # Files with an associated interpreter can
  498. # be called outside of the CGI prefix and do
  499. # not need to be executable.
  500. # list interpreter ".php=/usr/bin/php-cgi"
  501. # list interpreter ".cgi=/usr/bin/perl"
  502.  
  503. # List of prefix->Lua handler mappings.
  504. # Any request to an URL beneath the prefix
  505. # will be dispatched to the associated Lua
  506. # handler script. Lua support is disabled when
  507. # no handler mappings are specified. Lua prefix
  508. # matches have precedence over the CGI prefix.
  509. list lua_prefix "/cgi-bin/luci=/usr/lib/lua/luci/sgi/uhttpd.lua"
  510.  
  511. # Specify the ubus-rpc prefix and socket path.
  512. # option ubus_prefix /ubus
  513. # option ubus_socket /var/run/ubus.sock
  514.  
  515. # CGI/Lua timeout, if the called script does not
  516. # write data within the given amount of seconds,
  517. # the server will terminate the request with
  518. # 504 Gateway Timeout response.
  519. option script_timeout 60
  520.  
  521. # Network timeout, if the current connection is
  522. # blocked for the specified amount of seconds,
  523. # the server will terminate the associated
  524. # request process.
  525. option network_timeout 30
  526.  
  527. # HTTP Keep-Alive, specifies the timeout for persistent
  528. # HTTP/1.1 connections. Setting this to 0 will disable
  529. # persistent HTTP connections.
  530. option http_keepalive 20
  531.  
  532. # TCP Keep-Alive, send periodic keep-alive probes
  533. # over established connections to detect dead peers.
  534. # The value is given in seconds to specify the
  535. # interval between subsequent probes.
  536. # Setting this to 0 will disable TCP keep-alive.
  537. option tcp_keepalive 1
  538.  
  539. # Basic auth realm, defaults to local hostname
  540. # option realm OpenWrt
  541.  
  542. # Configuration file in busybox httpd format
  543. # option config /etc/httpd.conf
  544.  
  545. # Do not follow symlinks that point outside of the
  546. # home directory.
  547. # option no_symlinks 0
  548.  
  549. # Do not produce directory listings but send 403
  550. # instead if a client requests an url pointing to
  551. # a directory without any index file.
  552. # option no_dirlists 0
  553.  
  554. # Do not authenticate any ubus-rpc requests against
  555. # the ubus session/access procedure.
  556. # This is dangerous and should be always left off
  557. # except for development and debug purposes!
  558. # option no_ubusauth 0
  559.  
  560. # For this instance of uhttpd use the listed httpauth
  561. # sections to require Basic auth to the specified
  562. # resources.
  563. # list httpauth prefix_user
  564.  
  565.  
  566. # Defaults for automatic certificate and key generation
  567. config cert defaults
  568.  
  569. # Validity time
  570. option days 730
  571.  
  572. # key type: rsa or ec
  573. option key_type rsa
  574.  
  575. # RSA key size
  576. option bits 2048
  577.  
  578. # EC curve name
  579. # Curve names vary between mbedtls/px5g and openssl
  580. # P-256 or P-384 are guaranteed to work
  581. option ec_curve P-256
  582.  
  583. # Location
  584. option country ZZ
  585. option state Somewhere
  586. option location Unknown
  587.  
  588. # Common name
  589. option commonname 'OpenWrt'
  590.  
  591. # config httpauth prefix_user
  592. # option prefix /protected/url/path
  593. # option username user
  594. # option password 'plaintext_or_md5_or_$p$user_for_system_user'
  595.  
  596. config wifi-device 'radio0'
  597. option type 'mac80211'
  598. option channel '11'
  599. option hwmode '11g'
  600. option htmode 'HT20'
  601. option path 'platform/ahb/18100000.wmac'
  602.  
  603. config wifi-iface 'default_radio0'
  604. option device 'radio0'
  605. option network 'lan'
  606. option mode 'ap'
  607. option ssid 'OpenWrt'
  608. option key 'nancylegrand'
  609. option encryption 'psk2'
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!