API tools faq
paste
Guest User

Untitled

a guest
Jun 9th, 2020
54
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 41.51 KB | None | 0 0
raw download clone embed print report
  1.  
  2. admin@Thuis:~$ show configuration | no-more
  3. firewall {
  4. all-ping enable
  5. broadcast-ping disable
  6. ipv6-name WANv6_IN {
  7. default-action drop
  8. description "WAN IPv6 naar LAN"
  9. rule 10 {
  10. action accept
  11. description "Allow established/related"
  12. state {
  13. established enable
  14. related enable
  15. }
  16. }
  17. rule 20 {
  18. action drop
  19. description "Drop invalid state"
  20. state {
  21. invalid enable
  22. }
  23. }
  24. rule 30 {
  25. action accept
  26. description "Allow IPv6 icmp"
  27. icmpv6 {
  28. type echo-request
  29. }
  30. protocol ipv6-icmp
  31. }
  32. }
  33. ipv6-name WANv6_LOCAL {
  34. default-action drop
  35. description "WAN IPv6 naar Router"
  36. rule 10 {
  37. action accept
  38. description "Allow established/related"
  39. state {
  40. established enable
  41. related enable
  42. }
  43. }
  44. rule 20 {
  45. action drop
  46. description "Drop invalid state"
  47. state {
  48. invalid enable
  49. }
  50. }
  51. rule 30 {
  52. action accept
  53. description "Allow IPv6 icmp"
  54. protocol ipv6-icmp
  55. }
  56. rule 40 {
  57. action accept
  58. description "Allow dhcpv6"
  59. destination {
  60. port 546
  61. }
  62. protocol udp
  63. source {
  64. port 547
  65. }
  66. }
  67. }
  68. ipv6-receive-redirects disable
  69. ipv6-src-route disable
  70. ip-src-route disable
  71. log-martians enable
  72. name WAN_IN {
  73. default-action drop
  74. description "WAN naar LAN"
  75. rule 10 {
  76. action accept
  77. description "Allow established/related"
  78. log disable
  79. state {
  80. established enable
  81. related enable
  82. }
  83. }
  84. rule 20 {
  85. action drop
  86. description "Drop invalid state"
  87. state {
  88. invalid enable
  89. }
  90. }
  91. }
  92. name WAN_LOCAL {
  93. default-action drop
  94. description "WAN naar Router"
  95. rule 10 {
  96. action accept
  97. description "Allow established/related"
  98. log disable
  99. state {
  100. established enable
  101. invalid disable
  102. new disable
  103. related enable
  104. }
  105. }
  106. rule 20 {
  107. action drop
  108. description "Drop invalid state"
  109. state {
  110. established disable
  111. invalid enable
  112. new disable
  113. related disable
  114. }
  115. }
  116. }
  117. receive-redirects disable
  118. send-redirects enable
  119. source-validation disable
  120. syn-cookies enable
  121. }
  122. interfaces {
  123. ethernet eth0 {
  124. description FTTH
  125. duplex auto
  126. mtu 1512
  127. speed auto
  128. vif 4 {
  129. address dhcp
  130. description "KPN IPTV"
  131. dhcp-options {
  132. client-option "send vendor-class-identifier "IPTV_RG";
  133. "
  134. client-option "request subnet-mask, routers, rfc3442-classless-s
  135. tatic-routes;"
  136. default-route no-update
  137. default-route-distance 210
  138. name-server update
  139. }
  140. mtu 1500
  141. }
  142. vif 6 {
  143. description "KPN Internet"
  144. mtu 1508
  145. pppoe 0 {
  146. default-route auto
  147. dhcpv6-pd {
  148. no-dns
  149. pd 0 {
  150. interface switch0 {
  151. host-address ::1
  152. prefix-id :1
  153. service slaac
  154. }
  155. prefix-length /48
  156. }
  157. rapid-commit enable
  158. }
  159. firewall {
  160. in {
  161. ipv6-name WANv6_IN
  162. name WAN_IN
  163. }
  164. local {
  165. ipv6-name WANv6_LOCAL
  166. name WAN_LOCAL
  167. }
  168. }
  169. idle-timeout 180
  170. ipv6 {
  171. address {
  172. autoconf
  173. }
  174. dup-addr-detect-transmits 1
  175. enable {
  176. }
  177. }
  178. mtu 1500
  179. name-server auto
  180. password ****************
  181. user-id 74-83-c2-72-b2-e7@internet
  182. }
  183. }
  184. }
  185. ethernet eth1 {
  186. address 192.168.4.254/24
  187. description IPTV
  188. duplex auto
  189. mtu 1500
  190. speed auto
  191. }
  192. ethernet eth2 {
  193. description "Poort 2 TV woonkamer"
  194. duplex auto
  195. speed auto
  196. }
  197. ethernet eth3 {
  198. description "Poort 3 gaming pc woonkamer"
  199. duplex auto
  200. speed auto
  201. }
  202. ethernet eth4 {
  203. description "Poort 4 Accesspoint woonkamer"
  204. duplex auto
  205. speed auto
  206. }
  207. ethernet eth5 {
  208. description "Poort 5 uplink 2e verdieping switch"
  209. duplex auto
  210. speed auto
  211. }
  212. ethernet eth6 {
  213. duplex auto
  214. speed auto
  215. }
  216. ethernet eth7 {
  217. duplex auto
  218. speed auto
  219. }
  220. ethernet eth8 {
  221. duplex auto
  222. speed auto
  223. }
  224. ethernet eth9 {
  225. description "Poort 9 Accesspoint 2de verdieping"
  226. duplex auto
  227. poe {
  228. output off
  229. }
  230. speed auto
  231. }
  232. loopback lo {
  233. }
  234. switch switch0 {
  235. address 192.168.178.254/24
  236. description "Thuis netwerk"
  237. ipv6 {
  238. dup-addr-detect-transmits 1
  239. router-advert {
  240. cur-hop-limit 64
  241. link-mtu 0
  242. managed-flag false
  243. max-interval 600
  244. name-server 2a02:a47f:e000::53
  245. name-server 2a02:a47f:e000::54
  246. other-config-flag false
  247. prefix ::/64 {
  248. autonomous-flag true
  249. on-link-flag true
  250. valid-lifetime 2592000
  251. }
  252. radvd-options "RDNSS 2a02:a47f:e000::53 2a02:a47f:e000::54 {};"
  253. reachable-time 0
  254. retrans-timer 0
  255. send-advert true
  256. }
  257. }
  258. mtu 1500
  259. switch-port {
  260. interface eth2 {
  261. }
  262. interface eth3 {
  263. }
  264. interface eth4 {
  265. }
  266. interface eth5 {
  267. }
  268. interface eth6 {
  269. }
  270. interface eth7 {
  271. }
  272. interface eth8 {
  273. }
  274. interface eth9 {
  275. }
  276. vlan-aware disable
  277. }
  278. }
  279. }
  280. port-forward {
  281. auto-firewall enable
  282. hairpin-nat enable
  283. lan-interface switch0
  284. rule 1 {
  285. description "CSGO s01 port"
  286. forward-to {
  287. address 192.168.178.10
  288. port 27015
  289. }
  290. original-port 27015
  291. protocol tcp_udp
  292. }
  293. rule 2 {
  294. description "TeamSpeak s01 port"
  295. forward-to {
  296. address 192.168.178.10
  297. port 9987
  298. }
  299. original-port 9987
  300. protocol tcp_udp
  301. }
  302. rule 3 {
  303. description "http s01 port"
  304. forward-to {
  305. address 192.168.178.10
  306. port 80
  307. }
  308. original-port 80
  309. protocol tcp_udp
  310. }
  311. rule 4 {
  312. description "https s01 port"
  313. forward-to {
  314. address 192.168.178.10
  315. port 443
  316. }
  317. original-port 443
  318. protocol tcp_udp
  319. }
  320. rule 5 {
  321. description "ftp s01"
  322. forward-to {
  323. address 192.168.178.10
  324. port 21
  325. }
  326. original-port 21
  327. protocol tcp_udp
  328. }
  329. wan-interface pppoe0
  330. }
  331. protocols {
  332. igmp-proxy {
  333. interface eth0.4 {
  334. alt-subnet 0.0.0.0/0
  335. role upstream
  336. threshold 1
  337. }
  338. interface eth1 {
  339. alt-subnet 192.168.4.0/24
  340. role downstream
  341. threshold 1
  342. }
  343. }
  344. static {
  345. interface-route6 ::/0 {
  346. next-hop-interface pppoe0 {
  347. }
  348. }
  349. }
  350. }
  351. service {
  352. dhcp-server {
  353. disabled false
  354. hostfile-update disable
  355. shared-network-name IPTV {
  356. authoritative disable
  357. subnet 192.168.4.0/24 {
  358. default-router 192.168.4.254
  359. dns-server 192.168.4.254
  360. domain-name iptv.local
  361. lease 86400
  362. start 192.168.4.1 {
  363. stop 192.168.4.253
  364. }
  365. }
  366. }
  367. shared-network-name Thuis {
  368. authoritative disable
  369. subnet 192.168.178.0/24 {
  370. default-router 192.168.178.254
  371. dns-server 192.168.178.12
  372. dns-server 195.121.1.66
  373. lease 86400
  374. start 192.168.178.50 {
  375. stop 192.168.178.199
  376. }
  377. }
  378. }
  379. static-arp disable
  380. use-dnsmasq disable
  381. }
  382. dns {
  383. forwarding {
  384. cache-size 4000
  385. listen-on switch0
  386. name-server 195.121.1.34
  387. name-server 195.121.1.66
  388. name-server 2a02:a47f:e000::53
  389. name-server 2a02:a47f:e000::54
  390. options listen-address=192.168.2.254
  391. }
  392. }
  393. gui {
  394. http-port 80
  395. https-port 443
  396. older-ciphers enable
  397. }
  398. nat {
  399. rule 5000 {
  400. description IPTV
  401. destination {
  402. address 213.75.112.0/21
  403. }
  404. log disable
  405. outbound-interface eth0.4
  406. protocol all
  407. source {
  408. address 192.168.2.0/24
  409. }
  410. type masquerade
  411. }
  412. rule 5010 {
  413. description Internet
  414. log disable
  415. outbound-interface pppoe0
  416. protocol all
  417. type masquerade
  418. }
  419. }
  420. ssh {
  421. port 22
  422. protocol-version v2
  423. }
  424. telnet {
  425. port 23
  426. }
  427. unms {
  428. connection wss://fuuv.unmsapp.com:443+jPl-KLNm_NmUFVXgLpvB8u0Yf8huRUyZKK
  429. Qu2dAjVBwAAAAA+allowUntrustedCertificate
  430. }
  431. }
  432. system {
  433. conntrack {
  434. expect-table-size 2048
  435. hash-size 32768
  436. modules {
  437. sip {
  438. disable
  439. }
  440. }
  441. table-size 262144
  442. }
  443. domain-name thuis.local
  444. flow-accounting {
  445. disable-memory-table
  446. ingress-capture post-dnat
  447. interface eth0
  448. netflow {
  449. enable-egress {
  450. engine-id 51
  451. }
  452. engine-id 50
  453. mode daemon
  454. server 161.35.129.148 {
  455. port 2055
  456. }
  457. timeout {
  458. expiry-interval 60
  459. flow-generic 60
  460. icmp 60
  461. max-active-life 60
  462. tcp-fin 10
  463. tcp-generic 60
  464. tcp-rst 10
  465. udp 60
  466. }
  467. version 9
  468. }
  469. syslog-facility daemon
  470. }
  471. host-name Thuis
  472. login {
  473. user admin {
  474. authentication {
  475. encrypted-password ****************
  476. plaintext-password ****************
  477. }
  478. full-name admin
  479. level admin
  480. }
  481. }
  482. name-server 127.0.0.1
  483. ntp {
  484. server 0.nl.pool.ntp.org {
  485. }
  486. server 1.nl.pool.ntp.org {
  487. }
  488. server ntp0.nl.net {
  489. }
  490. server ntp1.nl.net {
  491. }
  492. server time.kpn.net {
  493. }
  494. }
  495. offload {
  496. hwnat enable
  497. }
  498. syslog {
  499. global {
  500. facility all {
  501. level notice
  502. }
  503. facility protocols {
  504. level debug
  505. }
  506. }
  507. }
  508. time-zone Europe/Amsterdam
  509. traffic-analysis {
  510. dpi enable
  511. export enable
  512. }
  513. }
  514. traffic-control {
  515. optimized-queue {
  516. policy global
  517. policy queues
  518. }
  519. }
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!