API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jan 20th, 2018
172
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 18.86 KB | None | 0 0
raw download clone embed print report
  1. ubnt@ubnt# show
  2. firewall {
  3. all-ping enable
  4. broadcast-ping disable
  5. ipv6-receive-redirects disable
  6. ipv6-src-route disable
  7. ip-src-route disable
  8. log-martians enable
  9. name WAN_IN {
  10. default-action drop
  11. description "WAN to internal"
  12. rule 10 {
  13. action accept
  14. description "Allow established/related"
  15. state {
  16. established enable
  17. related enable
  18. }
  19. }
  20. rule 20 {
  21. action drop
  22. description "Drop invalid state"
  23. state {
  24. invalid enable
  25. }
  26. }
  27. }
  28. name WAN_LOCAL {
  29. default-action drop
  30. description "WAN to router"
  31. rule 10 {
  32. action accept
  33. description "Allow established/related"
  34. state {
  35. established enable
  36. related enable
  37. }
  38. }
  39. rule 20 {
  40. action drop
  41. description "Drop invalid state"
  42. state {
  43. invalid enable
  44. }
  45. }
  46. }
  47. receive-redirects disable
  48. send-redirects enable
  49. source-validation disable
  50. syn-cookies enable
  51. }
  52. interfaces {
  53. ethernet eth0 {
  54. address dhcp
  55. description Internet
  56. duplex auto
  57. firewall {
  58. in {
  59. name WAN_IN
  60. }
  61. local {
  62. name WAN_LOCAL
  63. }
  64. }
  65. speed auto
  66. }
  67. ethernet eth1 {
  68. address 192.168.1.1/24
  69. description Local
  70. duplex auto
  71. speed auto
  72. }
  73. ethernet eth2 {
  74. address 192.168.2.1/24
  75. description "Local 2"
  76. disable
  77. duplex auto
  78. speed auto
  79. }
  80. loopback lo {
  81. }
  82. }
  83. service {
  84. dhcp-server {
  85. disabled false
  86. hostfile-update disable
  87. shared-network-name LAN1 {
  88. authoritative disable
  89. subnet 192.168.1.0/24 {
  90. default-router 192.168.1.1
  91. dns-server 192.168.1.1
  92. lease 86400
  93. start 192.168.1.20 {
  94. stop 192.168.1.250
  95. }
  96. static-mapping HP_Laser_CP1510 {
  97. ip-address 192.168.1.15
  98. mac-address f4:ce:46:49:fb:6a
  99. }
  100. static-mapping HP_Pro_7740 {
  101. ip-address 192.168.1.17
  102. mac-address 3c:52:82:88:3c:2d
  103. }
  104. static-mapping Savin_C230_floor_laser {
  105. ip-address 192.168.1.16
  106. mac-address 00:26:73:70:b9:0a
  107. }
  108. static-mapping UNIFI-AP-1 {
  109. ip-address 192.168.1.10
  110. mac-address 44:d9:e7:42:67:2a
  111. }
  112. static-mapping Unitytube-SV1 {
  113. ip-address 192.168.1.2
  114. mac-address 6c:0b:84:3e:ef:14
  115. }
  116. static-mapping voip1 {
  117. ip-address 192.168.1.41
  118. mac-address 08:00:0f:81:e9:96
  119. }
  120. static-mapping voip2 {
  121. ip-address 192.168.1.42
  122. mac-address 08:00:0f:81:e9:1d
  123. }
  124. static-mapping voip3 {
  125. ip-address 192.168.1.43
  126. mac-address 08:00:0f:81:e5:dd
  127. }
  128. static-mapping voip4 {
  129. ip-address 192.168.1.44
  130. mac-address 08:00:0f:81:a9:ec
  131. }
  132. static-mapping voip5 {
  133. ip-address 192.168.1.45
  134. mac-address 08:00:0f:81:e9:94
  135. }
  136. static-mapping voip6 {
  137. ip-address 192.168.1.46
  138. mac-address 08:00:0f:81:e9:27
  139. }
  140. static-mapping voip_special_alarm {
  141. ip-address 192.168.1.40
  142. mac-address 00:0b:82:b0:7d:6e
  143. }
  144. }
  145. }
  146. use-dnsmasq disable
  147. }
  148. dns {
  149. forwarding {
  150. cache-size 150
  151. listen-on eth1
  152. listen-on eth2
  153. }
  154. }
  155. gui {
  156. http-port 80
  157. https-port 443
  158. older-ciphers enable
  159. }
  160. nat {
  161. rule 5010 {
  162. description "masquerade for WAN"
  163. outbound-interface eth0
  164. type masquerade
  165. }
  166. }
  167. ssh {
  168. port 22
  169. protocol-version v2
  170. }
  171. upnp {
  172. listen-on eth1 {
  173. outbound-interface eth0
  174. }
  175. }
  176. }
  177. system {
  178. conntrack {
  179. expect-table-size 2048
  180. hash-size 32768
  181. ignore {
  182. rule 10 {
  183. destination {
  184. address 255.255.255.255
  185. }
  186. }
  187. }
  188. modules {
  189. sip {
  190. disable
  191. }
  192. }
  193. table-size 262144
  194. }
  195. host-name ubnt
  196. login {
  197. user ubnt {
  198. authentication {
  199. encrypted-password $6$oQ2s8zwi.nA9N$xAFX3YhlixzSNPTiJghA6V6CY4bJKe791SljLMxZqKAbKRHTJAQGotxKwMdNRjHtGbkkT/MJ4oHI3vmveQvap1
  200. plaintext-password ""
  201. }
  202. full-name ""
  203. level admin
  204. }
  205. }
  206. ntp {
  207. server 0.ubnt.pool.ntp.org {
  208. }
  209. server 1.ubnt.pool.ntp.org {
  210. }
  211. server 2.ubnt.pool.ntp.org {
  212. }
  213. server 3.ubnt.pool.ntp.org {
  214. }
  215. }
  216. offload {
  217. ipv4 {
  218. forwarding enable
  219. }
  220. ipv6 {
  221. forwarding enable
  222. }
  223. }
  224. syslog {
  225. global {
  226. facility all {
  227. level notice
  228. }
  229. facility protocols {
  230. level debug
  231. }
  232. }
  233. }
  234. time-zone UTC
  235. traffic-analysis {
  236. dpi disable
  237. export disable
  238. }
  239. }
  240. traffic-control {
  241. }
  242. [edit]
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!