Skip to content

Instantly share code, notes, and snippets.

@hplc

hplc/config.cfg

Created December 9, 2011 01:39
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save hplc/1449707 to your computer and use it in GitHub Desktop.
Save hplc/1449707 to your computer and use it in GitHub Desktop.
Download ZIP
H3C SecPath FW100-C NAT and ADSL
Raw
config.cfg
#
sysname H3C
#
firewall packet-filter enable
firewall packet-filter default permit
#
undo connection-limit enable
connection-limit default deny
connection-limit default amount upper-limit 50 lower-limit 20
#
dialer-rule 1 ip permit
#
firewall statistic system enable
#
radius scheme system
server-type extended
#
domain system
#
local-user helloit.info
password simple helloit.info
service-type telnet
level 3
#
dhcp server ip-pool 1
network 192.168.90.0 mask 255.255.255.0
gateway-list 192.168.90.1
dns-list 8.8.8.8 8.8.4.4
#
acl number 3001
rule 0 permit ip source 192.168.90.0 0.0.0.255
#
interface Dialer1
link-protocol ppp
ppp pap local-user helloit.info password cipher helloit.info
ip address ppp-negotiate
dialer user helloit.info
dialer-group 1
dialer bundle 1
nat outbound 3001
#
interface Ethernet1/0
ip address 192.168.90.1 255.255.255.0
#
interface Ethernet2/0
speed 10
duplex full
pppoe-client dial-bundle-number 1
ip address dhcp-alloc
#
interface NULL0
#
firewall zone local
set priority 100
#
firewall zone trust
add interface Ethernet1/0
set priority 85
#
firewall zone untrust
add interface Ethernet2/0
add interface Dialer1
set priority 5
#
firewall zone DMZ
set priority 50
#
firewall interzone local trust
#
firewall interzone local untrust
#
firewall interzone local DMZ
#
firewall interzone trust untrust
#
firewall interzone trust DMZ
#
firewall interzone DMZ untrust
#
FTP server enable
#
dhcp server forbidden-ip 192.168.90.1
#
ip route-static 0.0.0.0 0.0.0.0 Dialer 1 preference 60
#
firewall defend ip-spoofing
firewall defend land
firewall defend smurf
firewall defend fraggle
firewall defend winnuke
firewall defend icmp-redirect
firewall defend icmp-unreachable
firewall defend source-route
firewall defend route-record
firewall defend tracert
firewall defend ping-of-death
firewall defend tcp-flag
firewall defend ip-fragment
firewall defend large-icmp
firewall defend teardrop
firewall defend ip-sweep
firewall defend port-scan
firewall defend arp-spoofing
firewall defend arp-reverse-query
firewall defend arp-flood
firewall defend frag-flood
firewall defend syn-flood enable
firewall defend udp-flood enable
firewall defend icmp-flood enable
#
user-interface con 0
user-interface vty 0 4
authentication-mode scheme
#
return
@hplc
Copy link
Author

hplc commented Dec 14, 2011 

<H3C>display version
 H3C Comware Software
 Comware software, Version 3.40, Release 1608P04
 Copyright (c) 2004-2007 Hangzhou H3C Technologies Co., Ltd.
 All rights reserved.
 Without the owner's prior written consent, no decompiling
 nor reverse-engineering shall be allowed.
 H3C SecPath F100-C uptime is 4 weeks, 6 days, 17 hours, 12 minutes

  CPU type: PowerPC 859DSL 80MHz
  64M bytes SDRAM Memory
  8M bytes Flash Memory
  0K bytes NvRAM Memory
  Pcb      Version:5.0
  Logic    Version:1.0
  BootROM  Version:2.06
  [SLOT 1] 1FE      (Hardware)5.0, (Driver)1.0, (Cpld)1.0
  [SLOT 2] 1ETH     (Hardware)5.0, (Driver)1.0, (Cpld)1.0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment