API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Dec 7th, 2018
355
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 31.91 KB | None | 0 0
raw download clone embed print report
  1. ubnt@Edgerouter-X:~$ show configuration
  2. firewall {
  3. all-ping enable
  4. broadcast-ping disable
  5. group {
  6. address-group LAN1_lte_only {
  7. address 192.168.2.11-192.168.2.19
  8. }
  9. address-group ping_DSL_L_weby {
  10. address 173.249.11.214
  11. address 216.58.201.99
  12. description "dsl.cz a google.sk"
  13. }
  14. address-group ping_DSL_M_weby {
  15. address 217.67.19.197
  16. description dsl.sk
  17. }
  18. address-group ping_LTE_weby {
  19. address 91.235.52.167
  20. description zive.sk
  21. }
  22. network-group PRIVATE_NETS {
  23. network 192.168.0.0/16
  24. network 172.16.0.0/12
  25. network 10.0.0.0/8
  26. }
  27. network-group VLAN_isolate {
  28. description "Drop traffic between vlans"
  29. network 192.168.50.0/24
  30. network 192.168.102.0/24
  31. network 192.168.103.0/24
  32. network 192.168.104.0/24
  33. network 192.168.105.0/24
  34. network 192.168.106.0/24
  35. network 192.168.107.0/24
  36. network 192.168.108.0/24
  37. network 192.168.2.0/24
  38. }
  39. port-group broadcast_steam {
  40. description broadcast_steam
  41. port 27000-28999
  42. }
  43. port-group game_porty {
  44. description Steam_LoL_PUBG_TS
  45. port 2099
  46. port 5000-5500
  47. port 8393-8400
  48. port 7000-7999
  49. port 16000-17999
  50. port 35000-35999
  51. port 9000-9999
  52. port 4379-4380
  53. port 5795-5847
  54. port 10000-10300
  55. port 27000-28999
  56. port 24024
  57. }
  58. port-group imap_mail {
  59. description "Porty pre emaily"
  60. port 143
  61. port 993
  62. port 465
  63. port 995
  64. port 25
  65. }
  66. }
  67. ipv6-receive-redirects disable
  68. ipv6-src-route disable
  69. ip-src-route disable
  70. log-martians disable
  71. modify DSL_M_only {
  72. rule 5 {
  73. action modify
  74. modify {
  75. lb-group DSL_M
  76. }
  77. }
  78. }
  79. modify LTE_Pecalka {
  80. description "Pecalka LTE + Game porty cez DSL"
  81. rule 3 {
  82. action modify
  83. description test_ping_dsl_sk
  84. destination {
  85. group {
  86. address-group ping_DSL_M_weby
  87. }
  88. }
  89. modify {
  90. lb-group DSL_M
  91. }
  92. }
  93. rule 4 {
  94. action modify
  95. description Game_porty_cez_DSL_M
  96. destination {
  97. group {
  98. port-group game_porty
  99. }
  100. }
  101. modify {
  102. lb-group LTE
  103. }
  104. }
  105. rule 5 {
  106. action modify
  107. modify {
  108. lb-group DSL_L
  109. }
  110. }
  111. }
  112. modify Lukas_DSL_vlan {
  113. rule 5 {
  114. action modify
  115. modify {
  116. lb-group DSL_L
  117. }
  118. }
  119. }
  120. modify Lukas_LTE_vlan {
  121. rule 5 {
  122. action modify
  123. modify {
  124. lb-group LTE
  125. }
  126. }
  127. }
  128. modify balance {
  129. rule 2 {
  130. action modify
  131. description "Ping DSL_L weby"
  132. destination {
  133. group {
  134. address-group ping_DSL_L_weby
  135. }
  136. }
  137. modify {
  138. lb-group DSL_L
  139. }
  140. }
  141. rule 3 {
  142. action modify
  143. description "Ping LTE weby"
  144. destination {
  145. group {
  146. address-group ping_LTE_weby
  147. }
  148. }
  149. modify {
  150. lb-group LTE
  151. }
  152. }
  153. rule 4 {
  154. action modify
  155. description "Ping DSL_M weby"
  156. destination {
  157. group {
  158. address-group ping_DSL_M_weby
  159. }
  160. }
  161. modify {
  162. lb-group DSL_M
  163. }
  164. }
  165. rule 5 {
  166. action modify
  167. description maily_LTE
  168. destination {
  169. group {
  170. port-group imap_mail
  171. }
  172. }
  173. modify {
  174. lb-group LTE
  175. }
  176. }
  177. rule 6 {
  178. action modify
  179. description Game_porty
  180. destination {
  181. group {
  182. port-group game_porty
  183. }
  184. }
  185. modify {
  186. lb-group DSL_M
  187. }
  188. }
  189. rule 7 {
  190. action modify
  191. description LTE_pre_LAN_subnet
  192. modify {
  193. lb-group LTE
  194. }
  195. source {
  196. group {
  197. address-group LAN1_lte_only
  198. }
  199. }
  200. }
  201. rule 8 {
  202. action modify
  203. description Stahovanie_IP_100_Loadbalacing
  204. modify {
  205. lb-group G
  206. }
  207. source {
  208. address 192.168.2.100
  209. }
  210. }
  211. rule 9 {
  212. action modify
  213. description "LTE30 only pre IP 101"
  214. modify {
  215. lb-group LTE30
  216. }
  217. source {
  218. address 192.168.2.101
  219. }
  220. }
  221. rule 10 {
  222. action modify
  223. description "do NOT load balance lan to lan"
  224. destination {
  225. group {
  226. network-group PRIVATE_NETS
  227. }
  228. }
  229. modify {
  230. table main
  231. }
  232. }
  233. rule 20 {
  234. action modify
  235. description "do NOT load balance destination public address"
  236. destination {
  237. group {
  238. address-group ADDRv4_eth0
  239. }
  240. }
  241. modify {
  242. table main
  243. }
  244. }
  245. rule 30 {
  246. action modify
  247. description "do NOT load balance destination public address"
  248. destination {
  249. group {
  250. address-group ADDRv4_eth1
  251. }
  252. }
  253. modify {
  254. table main
  255. }
  256. }
  257. rule 40 {
  258. action modify
  259. description "do NOT load balance destination public address"
  260. destination {
  261. group {
  262. address-group ADDRv4_eth2
  263. }
  264. }
  265. modify {
  266. table main
  267. }
  268. }
  269. rule 70 {
  270. action modify
  271. modify {
  272. lb-group LTE
  273. }
  274. }
  275. }
  276. name PROTECT_IN {
  277. default-action accept
  278. rule 10 {
  279. action accept
  280. description "Accept Established/Related"
  281. protocol all
  282. state {
  283. established enable
  284. related enable
  285. }
  286. }
  287. rule 20 {
  288. action drop
  289. description "Drop LAN_NETWORKS"
  290. destination {
  291. group {
  292. network-group VLAN_isolate
  293. }
  294. }
  295. protocol all
  296. }
  297. }
  298. name PROTECT_LOCAL {
  299. default-action drop
  300. rule 10 {
  301. action accept
  302. description "Accept DNS"
  303. destination {
  304. port 53
  305. }
  306. protocol tcp_udp
  307. }
  308. rule 20 {
  309. action accept
  310. description "accept DHCP"
  311. destination {
  312. port 67
  313. }
  314. protocol udp
  315. }
  316. }
  317. name WAN_IN {
  318. default-action drop
  319. description "WAN to internal"
  320. rule 10 {
  321. action accept
  322. description "Allow established/related"
  323. state {
  324. established enable
  325. related enable
  326. }
  327. }
  328. rule 20 {
  329. action drop
  330. description "Drop invalid state"
  331. state {
  332. invalid enable
  333. }
  334. }
  335. }
  336. name WAN_LOCAL {
  337. default-action drop
  338. description "WAN to router"
  339. rule 10 {
  340. action accept
  341. description "Allow established/related"
  342. state {
  343. established enable
  344. related enable
  345. }
  346. }
  347. rule 20 {
  348. action drop
  349. description "Drop invalid state"
  350. state {
  351. invalid enable
  352. }
  353. }
  354. }
  355. receive-redirects disable
  356. send-redirects enable
  357. source-validation disable
  358. syn-cookies enable
  359. }
  360. interfaces {
  361. ethernet eth0 {
  362. description x_ETH0_2x_LTE
  363. duplex auto
  364. firewall {
  365. in {
  366. name WAN_IN
  367. }
  368. local {
  369. name WAN_LOCAL
  370. }
  371. }
  372. speed auto
  373. vif 9 {
  374. address dhcp
  375. description 0_LTE_15Mbit
  376. firewall {
  377. in {
  378. name WAN_IN
  379. }
  380. local {
  381. name WAN_LOCAL
  382. }
  383. }
  384. }
  385. vif 10 {
  386. address dhcp
  387. description 0_LTE_30Mbit
  388. firewall {
  389. in {
  390. name WAN_IN
  391. }
  392. local {
  393. name WAN_LOCAL
  394. }
  395. }
  396. }
  397. }
  398. ethernet eth1 {
  399. address 192.168.11.10/24
  400. description 1_DSL_M
  401. duplex auto
  402. firewall {
  403. in {
  404. name WAN_IN
  405. }
  406. local {
  407. name WAN_LOCAL
  408. }
  409. }
  410. speed auto
  411. }
  412. ethernet eth2 {
  413. address 192.168.12.11/24
  414. description 2_DSL_L
  415. disable
  416. :
  417. name WAN_LOCAL
  418. }
  419. }
  420. }
  421. }
  422. ethernet eth1 {
  423. address 192.168.11.10/24
  424. description 1_DSL_M
  425. duplex auto
  426. firewall {
  427. in {
  428. name WAN_IN
  429. }
  430. local {
  431. name WAN_LOCAL
  432. }
  433. }
  434. speed auto
  435. }
  436. ethernet eth2 {
  437. address 192.168.12.11/24
  438. description 2_DSL_L
  439. disable
  440. duplex auto
  441. firewall {
  442. in {
  443. name WAN_IN
  444. }
  445. local {
  446. name WAN_LOCAL
  447. }
  448. }
  449. speed auto
  450. }
  451. ethernet eth3 {
  452. address 192.168.2.1/24
  453. description LAN
  454. duplex auto
  455. firewall {
  456. in {
  457. modify balance
  458. }
  459. }
  460. speed auto
  461. vif 5 {
  462. address 192.168.50.1/24
  463. description VLAN_Guest
  464. firewall {
  465. in {
  466. modify DSL_M_only
  467. name PROTECT_IN
  468. }
  469. local {
  470. name PROTECT_LOCAL
  471. }
  472. }
  473. mtu 1500
  474. }
  475. }
  476. ethernet eth4 {
  477. address 192.168.3.1/24
  478. description KLIENTI
  479. duplex auto
  480. firewall {
  481. in {
  482. modify balance
  483. }
  484. }
  485. poe {
  486. output off
  487. }
  488. speed auto
  489. vif 102 {
  490. address 192.168.102.1/24
  491. description Byt_Tomas
  492. firewall {
  493. in {
  494. modify Lukas_DSL_vlan
  495. name PROTECT_IN
  496. }
  497. local {
  498. name PROTECT_LOCAL
  499. }
  500. }
  501. }
  502. vif 103 {
  503. address 192.168.103.1/24
  504. description Byt_Jozko
  505. firewall {
  506. in {
  507. modify Lukas_DSL_vlan
  508. name PROTECT_IN
  509. }
  510. local {
  511. name PROTECT_LOCAL
  512. }
  513. }
  514. }
  515. vif 104 {
  516. address 192.168.104.1/24
  517. description Byt_Pecalka
  518. firewall {
  519. in {
  520. modify LTE_Pecalka
  521. name PROTECT_IN
  522. }
  523. local {
  524. name PROTECT_LOCAL
  525. }
  526. }
  527. }
  528. vif 105 {
  529. address 192.168.105.1/24
  530. description x_Byt_105
  531. firewall {
  532. in {
  533. modify Lukas_LTE_vlan
  534. name PROTECT_IN
  535. }
  536. local {
  537. name PROTECT_LOCAL
  538. }
  539. }
  540. }
  541. vif 106 {
  542. address 192.168.106.1/24
  543. description x_Byt_106
  544. firewall {
  545. in {
  546. modify Lukas_LTE_vlan
  547. name PROTECT_IN
  548. }
  549. local {
  550. name PROTECT_LOCAL
  551. }
  552. }
  553. }
  554. vif 107 {
  555. address 192.168.107.1/24
  556. description Byt__Lukas
  557. firewall {
  558. in {
  559. modify Lukas_LTE_vlan
  560. name PROTECT_IN
  561. }
  562. local {
  563. name PROTECT_LOCAL
  564. }
  565. }
  566. }
  567. vif 108 {
  568. address 192.168.108.1/24
  569. description Byt_Janka
  570. firewall {
  571. in {
  572. modify Lukas_DSL_vlan
  573. name PROTECT_IN
  574. }
  575. local {
  576. name PROTECT_LOCAL
  577. }
  578. }
  579. }
  580. vif 109 {
  581. address 192.168.109.1/24
  582. description Nano_109
  583. firewall {
  584. in {
  585. modify Lukas_DSL_vlan
  586. name PROTECT_IN
  587. }
  588. local {
  589. name PROTECT_LOCAL
  590. }
  591. }
  592. mtu 1500
  593. }
  594. }
  595. loopback lo {
  596. }
  597. switch switch0 {
  598. address 192.168.1.1/24
  599. description Local
  600. firewall {
  601. in {
  602. modify balance
  603. }
  604. }
  605. mtu 1500
  606. switch-port {
  607. vlan-aware disable
  608. }
  609. }
  610. }
  611. load-balance {
  612. group DSL_L {
  613. interface eth0.9 {
  614. failover-only
  615. }
  616. interface eth2 {
  617. route-test {
  618. count {
  619. failure 5
  620. success 5
  621. }
  622. initial-delay 60
  623. interval 10
  624. type {
  625. ping {
  626. target 1.1.1.1
  627. }
  628. }
  629. }
  630. }
  631. lb-local enable
  632. lb-local-metric-change disable
  633. }
  634. group DSL_M {
  635. interface eth1 {
  636. route-test {
  637. count {
  638. failure 5
  639. success 5
  640. }
  641. initial-delay 60
  642. interval 10
  643. type {
  644. ping {
  645. target 1.1.1.1
  646. }
  647. }
  648. }
  649. }
  650. lb-local enable
  651. lb-local-metric-change disable
  652. }
  653. group G {
  654. interface eth0.9 {
  655. }
  656. interface eth0.10 {
  657. }
  658. interface eth2 {
  659. route-test {
  660. count {
  661. failure 5
  662. success 5
  663. }
  664. initial-delay 60
  665. interval 10
  666. type {
  667. ping {
  668. target 1.1.1.1
  669. }
  670. }
  671. }
  672. weight 20
  673. }
  674. lb-local enable
  675. lb-local-metric-change disable
  676. }
  677. group LTE {
  678. interface eth0.9 {
  679. weight 70
  680. }
  681. interface eth0.10 {
  682. weight 30
  683. }
  684. lb-local enable
  685. lb-local-metric-change disable
  686. }
  687. group LTE30 {
  688. interface eth0.9 {
  689. failover-only
  690. }
  691. interface eth0.10 {
  692. }
  693. lb-local enable
  694. lb-local-metric-change disable
  695. }
  696. }
  697. protocols {
  698. static {
  699. route 0.0.0.0/0 {
  700. next-hop 192.168.10.1 {
  701. }
  702. next-hop 192.168.11.1 {
  703. }
  704. next-hop 192.168.12.1 {
  705. }
  706. }
  707. }
  708. }
  709. service {
  710. dhcp-server {
  711. disabled false
  712. hostfile-update disable
  713. shared-network-name ETH4 {
  714. authoritative disable
  715. subnet 192.168.3.0/24 {
  716. default-router 192.168.3.1
  717. lease 86400
  718. start 192.168.3.10 {
  719. stop 192.168.3.10
  720. }
  721. }
  722. }
  723. shared-network-name LAN_PRIVATE {
  724. authoritative enable
  725. subnet 192.168.2.0/24 {
  726. default-router 192.168.2.1
  727. dns-server 192.168.2.1
  728. lease 43200
  729. start 192.168.2.50 {
  730. stop 192.168.2.55
  731. }
  732. static-mapping Brother_Tlaciaren {
  733. ip-address 192.168.2.18
  734. mac-address c4:8e:8f:bd:e9:5f
  735. }
  736. static-mapping IP_Cam {
  737. ip-address 192.168.2.15
  738. mac-address 00:e0:f8:a2:37:4a
  739. }
  740. static-mapping Lenovo_android {
  741. ip-address 192.168.2.16
  742. mac-address 14:36:c6:4a:29:13
  743. }
  744. static-mapping Michal_PC {
  745. ip-address 192.168.2.10
  746. mac-address 4c:cc:6a:cd:91:36
  747. }
  748. static-mapping NB_Katarina {
  749. ip-address 192.168.2.12
  750. mac-address 94:e9:79:73:8e:fd
  751. }
  752. static-mapping OPO_Find7a {
  753. ip-address 192.168.2.17
  754. mac-address 8c:0e:e3:5d:21:b5
  755. }
  756. static-mapping RedmiNote5 {
  757. ip-address 192.168.2.11
  758. mac-address 20:47:da:25:88:0f
  759. }
  760. static-mapping TV_Box {
  761. ip-address 192.168.2.14
  762. mac-address c4:2f:ad:15:84:14
  763. }
  764. static-mapping XIAOMI {
  765. ip-address 192.168.2.2
  766. mac-address F0:B4:29:17:DB:95
  767. }
  768. }
  769. }
  770. shared-network-name VLAN5 {
  771. authoritative disable
  772. subnet 192.168.50.0/24 {
  773. default-router 192.168.50.1
  774. dns-server 192.168.2.1
  775. lease 86400
  776. start 192.168.50.10 {
  777. stop 192.168.50.19
  778. }
  779. }
  780. }
  781. shared-network-name VLAN_102 {
  782. authoritative enable
  783. subnet 192.168.102.0/24 {
  784. default-router 192.168.102.1
  785. dns-server 1.1.1.1
  786. dns-server 1.0.0.1
  787. lease 86400
  788. start 192.168.102.2 {
  789. stop 192.168.102.2
  790. }
  791. static-mapping Tomas_TPLink {
  792. ip-address 192.168.102.2
  793. mac-address 74:d4:35:1a:17:34
  794. }
  795. }
  796. }
  797. shared-network-name VLAN_103 {
  798. authoritative enable
  799. subnet 192.168.103.0/24 {
  800. default-router 192.168.103.1
  801. dns-server 1.1.1.1
  802. dns-server 1.0.0.1
  803. lease 86400
  804. start 192.168.103.2 {
  805. stop 192.168.103.2
  806. }
  807. static-mapping Jozko {
  808. ip-address 192.168.103.2
  809. mac-address 18:31:bf:65:6b:e4
  810. }
  811. }
  812. }
  813. shared-network-name VLAN_104 {
  814. authoritative enable
  815. subnet 192.168.104.0/24 {
  816. default-router 192.168.104.1
  817. dns-server 1.1.1.1
  818. dns-server 1.0.0.1
  819. lease 86400
  820. start 192.168.104.2 {
  821. stop 192.168.104.2
  822. }
  823. static-mapping Pecalka {
  824. ip-address 192.168.104.2
  825. mac-address c8:3a:35:5e:63:80
  826. }
  827. }
  828. }
  829. shared-network-name VLAN_105 {
  830. authoritative enable
  831. subnet 192.168.105.0/24 {
  832. default-router 192.168.105.1
  833. dns-server 1.1.1.1
  834. dns-server 1.0.0.1
  835. lease 86400
  836. start 192.168.105.2 {
  837. stop 192.168.105.3
  838. }
  839. }
  840. }
  841. shared-network-name VLAN_106 {
  842. authoritative enable
  843. subnet 192.168.106.0/24 {
  844. default-router 192.168.106.1
  845. dns-server 1.1.1.1
  846. dns-server 1.0.0.1
  847. lease 86400
  848. start 192.168.106.2 {
  849. stop 192.168.106.3
  850. }
  851. }
  852. }
  853. shared-network-name VLAN_107 {
  854. authoritative enable
  855. subnet 192.168.107.0/24 {
  856. default-router 192.168.107.1
  857. dns-server 1.1.1.1
  858. dns-server 1.0.0.1
  859. lease 86400
  860. start 192.168.107.2 {
  861. stop 192.168.107.2
  862. }
  863. static-mapping Lukas_ASUS {
  864. ip-address 192.168.107.2
  865. mac-address b0:6e:bf:db:e8:b4
  866. }
  867. }
  868. }
  869. shared-network-name VLAN_108_Nano {
  870. authoritative enable
  871. subnet 192.168.108.0/24 {
  872. default-router 192.168.108.1
  873. dns-server 1.1.1.1
  874. dns-server 1.0.0.1
  875. lease 86400
  876. start 192.168.108.2 {
  877. stop 192.168.108.2
  878. }
  879. static-mapping Janka_LocoM2 {
  880. ip-address 192.168.108.2
  881. mac-address 78:8a:20:a6:85:fd
  882. }
  883. }
  884. }
  885. shared-network-name VLAN_109_Nano {
  886. authoritative enable
  887. disable
  888. subnet 192.168.109.0/24 {
  889. default-router 192.168.109.1
  890. dns-server 1.1.1.1
  891. dns-server 1.0.0.1
  892. lease 86400
  893. start 192.168.109.2 {
  894. stop 192.168.109.2
  895. }
  896. }
  897. }
  898. static-arp disable
  899. use-dnsmasq disable
  900. }
  901. dns {
  902. forwarding {
  903. cache-size 150
  904. listen-on eth3
  905. listen-on eth4
  906. listen-on eth3.5
  907. listen-on eth4.102
  908. listen-on eth4.103
  909. listen-on eth4.104
  910. listen-on eth4.105
  911. listen-on eth4.106
  912. listen-on eth4.107
  913. listen-on eth4.108
  914. listen-on eth4.109
  915. }
  916. }
  917. gui {
  918. http-port 80
  919. https-port 443
  920. older-ciphers enable
  921. }
  922. nat {
  923. rule 5000 {
  924. description "masquerade for WAN"
  925. outbound-interface eth0
  926. type masquerade
  927. }
  928. rule 5002 {
  929. description "masquerade for WAN 2"
  930. outbound-interface eth1
  931. type masquerade
  932. }
  933. rule 5004 {
  934. description "masquerade for WAN 3"
  935. outbound-interface eth2
  936. type masquerade
  937. }
  938. rule 5005 {
  939. description "masquerade for WAN_LTE_VLAN9"
  940. log disable
  941. outbound-interface eth0.9
  942. protocol all
  943. type masquerade
  944. }
  945. rule 5006 {
  946. description "masquerade for WAN_LTE_VLAN10"
  947. log disable
  948. outbound-interface eth0.10
  949. protocol all
  950. type masquerade
  951. }
  952. }
  953. snmp {
  954. community public {
  955. authorization ro
  956. client 192.168.2.10
  957. }
  958. }
  959. ssh {
  960. port 22
  961. protocol-version v2
  962. }
  963. unms {
  964. connection wss://unms888.ddns.net:443+7RLlzLaILNwXhgN-YohBBNipa3EJdybK3pjbK9qSNMsAAAAA+allowUntrustedCertificate
  965. }
  966. }
  967. system {
  968. conntrack {
  969. expect-table-size 4096
  970. hash-size 4096
  971. table-size 32768
  972. tcp {
  973. half-open-connections 512
  974. loose enable
  975. max-retrans 3
  976. }
  977. }
  978. domain-name Edgerouter-X
  979. flow-accounting {
  980. disable-memory-table
  981. ingress-capture post-dnat
  982. interface eth0
  983. interface eth2
  984. interface eth1
  985. netflow {
  986. enable-egress {
  987. engine-id 1
  988. }
  989. engine-id 0
  990. server 35.198.77.34 {
  991. port 2055
  992. }
  993. timeout {
  994. expiry-interval 60
  995. flow-generic 60
  996. icmp 60
  997. max-active-life 60
  998. tcp-fin 10
  999. tcp-generic 60
  1000. tcp-rst 10
  1001. udp 60
  1002. }
  1003. version 9
  1004. }
  1005. syslog-facility daemon
  1006. }
  1007. host-name Edgerouter-X
  1008. login {
  1009. user ubnt {
  1010. authentication {
  1011. encrypted-password ****************
  1012. plaintext-password ****************
  1013. }
  1014. full-name "EdgeRouter X"
  1015. level admin
  1016. }
  1017. }
  1018. name-server 1.1.1.1
  1019. name-server 1.0.0.1
  1020. ntp {
  1021. server 0.ubnt.pool.ntp.org {
  1022. }
  1023. server 1.ubnt.pool.ntp.org {
  1024. }
  1025. server 2.ubnt.pool.ntp.org {
  1026. }
  1027. server 3.ubnt.pool.ntp.org {
  1028. }
  1029. }
  1030. package {
  1031. repository wheezy {
  1032. components "main contrib non-free"
  1033. distribution wheezy
  1034. password ****************
  1035. url http://http.us.debian.org/debian
  1036. username ""
  1037. }
  1038. }
  1039. syslog {
  1040. global {
  1041. facility all {
  1042. level notice
  1043. }
  1044. facility protocols {
  1045. level debug
  1046. }
  1047. }
  1048. }
  1049. time-zone Europe/Bratislava
  1050. traffic-analysis {
  1051. dpi enable
  1052. export enable
  1053. }
  1054. }
  1055. traffic-control {
  1056. advanced-queue {
  1057. filters {
  1058. match 1 {
  1059. attach-to 1023
  1060. ip {
  1061. source {
  1062. address 192.168.102.0/24
  1063. }
  1064. }
  1065. target 1
  1066. }
  1067. match 2 {
  1068. attach-to 1023
  1069. ip {
  1070. destination {
  1071. address 192.168.102.0/24
  1072. }
  1073. }
  1074. target 2
  1075. }
  1076. match 3 {
  1077. attach-to 1023
  1078. ip {
  1079. source {
  1080. address 192.168.103.0/24
  1081. }
  1082. }
  1083. target 3
  1084. }
  1085. match 4 {
  1086. attach-to 1023
  1087. ip {
  1088. destination {
  1089. address 192.168.103.0/24
  1090. }
  1091. }
  1092. target 4
  1093. }
  1094. match 5 {
  1095. attach-to 1023
  1096. ip {
  1097. source {
  1098. address 192.168.104.0/24
  1099. }
  1100. }
  1101. target 5
  1102. }
  1103. match 6 {
  1104. attach-to 1023
  1105. ip {
  1106. destination {
  1107. address 192.168.104.0/24
  1108. }
  1109. }
  1110. target 6
  1111. }
  1112. match 7 {
  1113. attach-to 1023
  1114. ip {
  1115. source {
  1116. address 192.168.108.0/24
  1117. }
  1118. }
  1119. target 7
  1120. }
  1121. match 8 {
  1122. attach-to 1023
  1123. ip {
  1124. destination {
  1125. address 192.168.108.0/24
  1126. }
  1127. }
  1128. target 8
  1129. }
  1130. match 9 {
  1131. attach-to 1023
  1132. ip {
  1133. source {
  1134. address 192.168.107.0/24
  1135. }
  1136. }
  1137. target 9
  1138. }
  1139. match 10 {
  1140. attach-to 1023
  1141. ip {
  1142. destination {
  1143. address 192.168.107.0/24
  1144. }
  1145. }
  1146. target 10
  1147. }
  1148. }
  1149. leaf {
  1150. queue 1 {
  1151. bandwidth 100mbit
  1152. parent 1023
  1153. queue-type UBNT_BQ_SFQ
  1154. }
  1155. queue 2 {
  1156. bandwidth 2.5mbit
  1157. burst {
  1158. burst-rate 7mbit
  1159. burst-size 1mb
  1160. }
  1161. parent 1023
  1162. queue-type UBNT_BQ_SFQ
  1163. }
  1164. queue 3 {
  1165. bandwidth 100mbit
  1166. parent 1023
  1167. queue-type UBNT_BQ_SFQ
  1168. }
  1169. queue 4 {
  1170. bandwidth 2.5mbit
  1171. burst {
  1172. burst-rate 7mbit
  1173. burst-size 1mb
  1174. }
  1175. parent 1023
  1176. queue-type UBNT_BQ_SFQ
  1177. }
  1178. queue 5 {
  1179. bandwidth 100mbit
  1180. parent 1023
  1181. queue-type UBNT_BQ_SFQ
  1182. }
  1183. queue 6 {
  1184. bandwidth 3.5mbit
  1185. burst {
  1186. burst-rate 7mbit
  1187. burst-size 1mb
  1188. }
  1189. parent 1023
  1190. queue-type UBNT_BQ_SFQ
  1191. }
  1192. queue 7 {
  1193. bandwidth 100mbit
  1194. parent 1023
  1195. queue-type UBNT_BQ_SFQ
  1196. }
  1197. queue 8 {
  1198. bandwidth 2.5mbit
  1199. burst {
  1200. burst-rate 7mbit
  1201. burst-size 1mb
  1202. }
  1203. parent 1023
  1204. queue-type UBNT_BQ_SFQ
  1205. }
  1206. queue 9 {
  1207. bandwidth 2mbit
  1208. parent 1023
  1209. queue-type UBNT_BQ_SFQ
  1210. }
  1211. queue 10 {
  1212. bandwidth 10mbit
  1213. parent 1023
  1214. queue-type UBNT_BQ_SFQ
  1215. }
  1216. }
  1217. queue-type {
  1218. sfq UBNT_BQ_SFQ {
  1219. }
  1220. }
  1221. root {
  1222. queue 1023 {
  1223. attach-to global
  1224. bandwidth 1000mbit
  1225. description UBNT-BQ
  1226. }
  1227. }
  1228. }
  1229. smart-queue LTE_30 {
  1230. download {
  1231. ecn enable
  1232. flows 1024
  1233. fq-quantum 1514
  1234. limit 10240
  1235. rate 18mbit
  1236. }
  1237. upload {
  1238. ecn enable
  1239. flows 1024
  1240. fq-quantum 1514
  1241. limit 10240
  1242. rate 5mbit
  1243. }
  1244. wan-interface eth0.10
  1245. }
  1246. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!