This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
firewall { | |
all-ping enable | |
broadcast-ping disable | |
ipv6-receive-redirects disable | |
ipv6-src-route disable | |
ip-src-route disable | |
log-martians enable | |
name WAN_IN { | |
default-action drop | |
description "WAN to Internal" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
set firewall all-ping enable | |
set firewall broadcast-ping disable | |
set firewall ipv6-name WANv6_IN default-action drop | |
set firewall ipv6-name WANv6_IN description 'WAN inbound traffic forwarded to LAN' | |
set firewall ipv6-name WANv6_IN rule 10 action accept | |
set firewall ipv6-name WANv6_IN rule 10 description 'Allow established/related' | |
set firewall ipv6-name WANv6_IN rule 10 state established enable | |
set firewall ipv6-name WANv6_IN rule 10 state related enable | |
set firewall ipv6-name WANv6_IN rule 20 action drop | |
set firewall ipv6-name WANv6_IN rule 20 description 'Drop invalid state' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# EdgeOS v1.9 Google Fiber Config Script | |
# by Steve Jenkins (http://www.stevejenkins.com/) | |
# Last updated: Aug 14, 2016 | |
# Based on settings & scripts by Atlantisman, TK, and CompTech | |
# RUN THIS SCRIPT AS ROOT ON YOUR EDGEROUTER | |
# Script runs best if you copy and paste in sections | |
#______________________Basic Firewall Setup_______________________________ | |
configure |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Google Fiber TV Service Additional Script | |
# Based on Atlantisman's TV script | |
# http://blog.nexusshield.com/google-fiber-ubiquitis-edgerouter/ | |
# Edited by Steve Jenkins to work with his version of the script | |
#______________________TV Service Config _____________________ | |
#Setup IGMP Proxy | |
configure | |
edit protocols igmp-proxy | |
set interface eth0.2 role upstream | |
set interface eth2 role downstream |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# MOVED TO: https://github.com/stevejenkins/unifi-linux-utils |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# POSTSCREEN OPTIONS v2017-03-18 | |
postscreen_access_list = permit_mynetworks, | |
cidr:/etc/postfix/postscreen_access.cidr, | |
cidr:/etc/postfix/postscreen_spf_whitelist.cidr, | |
hash:/etc/postfix/postscreen_whitelist | |
postscreen_blacklist_action = drop | |
postscreen_dnsbl_action = enforce | |
postscreen_greet_action = enforce | |
postscreen_dnsbl_threshold = 3 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Imports data from OpenDMARC's opendmarc.dat file into a local MySQL DB | |
# and sends DMARC failure reports to domain owners. | |
# Based on a script from Hamzah Khan (http://blog.hamzahkhan.com/) | |
set -e | |
# Database and History File Info | |
DBHOST='localhost' | |
DBUSER='opendmarc' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# SMTPD Restrictions v2015-06-02 | |
# NOTE: Overiding restrictions are in master.cf for submission and other services | |
smtpd_helo_required = yes | |
disable_vrfy_command = yes | |
smtpd_recipient_restrictions = | |
permit_mynetworks, | |
permit_sasl_authenticated, | |
permit_dnswl_client list.dnswl.org=127.0.[2..14].[2..3], |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## Steve Jenkins' E4200 v1 Speed Optimizations | |
## Can be used on any Broadcom-based DD-WRT device | |
## PLEASE READ: http://wp.me/p1iGgP-DW | |
## Have fun, but use and tweak at your own risk :) | |
## Updated Feb 4, 2016 | |
## INITIAL SLEEP COMMAND | |
## First command in script is ignored in some builds, so this is a throw-away | |
sleep 10 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Script for remote processing of multiple mail server's OpenDMARC history files | |
# Based on a script from Hamzah Khan (http://blog.hamzahkhan.com/) | |
set -e | |
cd /tmp | |
# Remote Hosts, Database, and History File Info | |
HOSTS='mx1.example.com mx2.example.com mx3.example.com' |