-
-
Save pesta/121659fa27a8022a5687c5730dbc04ad to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
firewall { | |
all-ping enable | |
broadcast-ping disable | |
ipv6-receive-redirects disable | |
ipv6-src-route disable | |
ip-src-route disable | |
log-martians enable | |
name WAN_IN { | |
default-action drop | |
description "WAN to internal" | |
rule 10 { | |
action accept | |
description "Allow established/related" | |
state { | |
established enable | |
related enable | |
} | |
} | |
rule 20 { | |
action drop | |
description "Drop invalid state" | |
state { | |
invalid enable | |
} | |
} | |
} | |
name WAN_LOCAL { | |
default-action drop | |
description "WAN to router" | |
rule 10 { | |
action accept | |
description "Allow established/related" | |
state { | |
established enable | |
related enable | |
} | |
} | |
rule 20 { | |
action drop | |
description "Drop invalid state" | |
state { | |
invalid enable | |
} | |
} | |
} | |
receive-redirects disable | |
send-redirects enable | |
source-validation disable | |
syn-cookies enable | |
} | |
interfaces { | |
bridge br0 { | |
aging 300 | |
bridged-conntrack disable | |
description "Bridge IPTV/Set-top box" | |
hello-time 2 | |
max-age 20 | |
priority 32768 | |
promiscuous disable | |
stp false | |
} | |
ethernet eth0 { | |
description WAN | |
duplex auto | |
poe { | |
output off | |
} | |
speed auto | |
vif 100 { | |
address dhcp | |
description Internet | |
firewall { | |
in { | |
name WAN_IN | |
} | |
local { | |
name WAN_LOCAL | |
} | |
} | |
} | |
vif 105 { | |
bridge-group { | |
bridge br0 | |
} | |
description IPTV | |
} | |
} | |
ethernet eth1 { | |
bridge-group { | |
bridge br0 | |
} | |
description "Set-top box" | |
duplex auto | |
poe { | |
output off | |
} | |
speed auto | |
} | |
ethernet eth2 { | |
description UAP-AC-LR | |
duplex auto | |
poe { | |
output 24v | |
} | |
speed auto | |
} | |
ethernet eth3 { | |
description Synology | |
duplex auto | |
poe { | |
output off | |
} | |
speed auto | |
} | |
ethernet eth4 { | |
description Management | |
duplex auto | |
poe { | |
output off | |
} | |
speed auto | |
} | |
ethernet eth5 { | |
description SFP | |
duplex auto | |
speed auto | |
} | |
loopback lo { | |
} | |
switch switch0 { | |
address 192.168.1.1/24 | |
description Switch | |
mtu 1500 | |
switch-port { | |
interface eth2 { | |
} | |
interface eth3 { | |
} | |
interface eth4 { | |
} | |
vlan-aware disable | |
} | |
} | |
} | |
port-forward { | |
auto-firewall enable | |
hairpin-nat enable | |
lan-interface switch0 | |
rule 1 { | |
description HTTPS | |
forward-to { | |
address 192.168.1.100 | |
port 443 | |
} | |
original-port 443 | |
protocol tcp | |
} | |
rule 2 { | |
description HTTPS | |
forward-to { | |
address 192.168.1.100 | |
port 22 | |
} | |
original-port 22 | |
protocol tcp | |
} | |
wan-interface eth0.100 | |
} | |
service { | |
dhcp-server { | |
disabled false | |
hostfile-update disable | |
shared-network-name LAN { | |
authoritative enable | |
subnet 192.168.1.0/24 { | |
default-router 192.168.1.1 | |
dns-server 192.162.17.5 | |
dns-server 8.8.8.8 | |
lease 86400 | |
start 192.168.1.200 { | |
stop 192.168.1.249 | |
} | |
} | |
} | |
use-dnsmasq disable | |
} | |
dns { | |
forwarding { | |
cache-size 150 | |
listen-on switch0 | |
} | |
} | |
gui { | |
http-port 80 | |
https-port 443 | |
older-ciphers enable | |
} | |
nat { | |
rule 5010 { | |
description "Masquerade for Internet" | |
log disable | |
outbound-interface eth0.100 | |
protocol all | |
type masquerade | |
} | |
} | |
ssh { | |
port 22 | |
protocol-version v2 | |
} | |
} | |
system { | |
host-name ubnt | |
login { | |
user pestana { | |
authentication { | |
encrypted-password **************** | |
plaintext-password **************** | |
public-keys pesta@Alexandres-MBP.lan { | |
key **************** | |
type ssh-rsa | |
} | |
} | |
full-name "" | |
level admin | |
} | |
} | |
ntp { | |
server 0.ubnt.pool.ntp.org { | |
} | |
server 1.ubnt.pool.ntp.org { | |
} | |
server 2.ubnt.pool.ntp.org { | |
} | |
server 3.ubnt.pool.ntp.org { | |
} | |
} | |
syslog { | |
global { | |
facility all { | |
level notice | |
} | |
facility protocols { | |
level debug | |
} | |
} | |
} | |
time-zone UTC | |
} |
Boas!
O meu router estragou-se por isso não te consigo dizer se a config ainda funciona. Mas tenta e se não der avisa que eu tento ajudar com o (pouco) que sei
E agora qual é o setup que tens com a Vodafone? Estás a usar o router deles? Ou um router próprio ligado ao ONT? Obrigado
Estou a usar o router deles, enquanto espero que apareça na Europa o dream machine pro
Há novidades? Tinha bastante interesse em substituir o router por um EdgeRouter.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
@pesta, obrigado por partilhares este gist.
Consegues dizer se este gist está up to date.
Preciso de configurar o edge router com ONT da vodafone fibra.
Obrigado
Diogo