Created
March 23, 2016 08:50
-
-
Save tom-henderson/9174ab42588e778b2074 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
firewall { | |
all-ping enable | |
broadcast-ping disable | |
ipv6-receive-redirects disable | |
ipv6-src-route disable | |
ip-src-route disable | |
log-martians enable | |
name WAN_IN { | |
default-action drop | |
description "WAN to internal" | |
rule 10 { | |
action accept | |
description "Allow established/related" | |
state { | |
established enable | |
related enable | |
} | |
} | |
rule 20 { | |
action drop | |
description "Drop invalid state" | |
state { | |
invalid enable | |
} | |
} | |
} | |
name WAN_LOCAL { | |
default-action drop | |
description "WAN to router" | |
rule 1 { | |
action accept | |
description "Allow established/related" | |
log disable | |
state { | |
established enable | |
related enable | |
} | |
} | |
rule 2 { | |
action drop | |
description "Drop invalid state" | |
log disable | |
state { | |
invalid enable | |
} | |
} | |
} | |
options { | |
mss-clamp { | |
mss 1412 | |
} | |
} | |
receive-redirects disable | |
send-redirects enable | |
source-validation disable | |
syn-cookies enable | |
} | |
interfaces { | |
ethernet eth0 { | |
description "Internet (PPPoE)" | |
duplex auto | |
pppoe 0 { | |
default-route auto | |
firewall { | |
in { | |
name WAN_IN | |
} | |
local { | |
} | |
} | |
mtu 1492 | |
name-server auto | |
password **************** | |
user-id user@xtrabb.co.nz | |
} | |
speed auto | |
} | |
ethernet eth1 { | |
address 10.0.0.1/24 | |
description "LAN 1" | |
duplex auto | |
speed auto | |
} | |
ethernet eth2 { | |
address 10.0.1.1/24 | |
description "LAN 2" | |
duplex auto | |
speed auto | |
} | |
loopback lo { | |
} | |
} | |
port-forward { | |
auto-firewall enable | |
hairpin-nat enable | |
lan-interface eth1 | |
lan-interface eth2 | |
rule 1 { | |
description Transmission | |
forward-to { | |
address 10.0.0.9 | |
port 57989 | |
} | |
original-port 57989 | |
protocol tcp_udp | |
} | |
rule 2 { | |
description Plex | |
forward-to { | |
address 10.0.0.4 | |
port 32400 | |
} | |
original-port 32400 | |
protocol tcp_udp | |
} | |
wan-interface pppoe0 | |
} | |
service { | |
dhcp-server { | |
disabled false | |
hostfile-update disable | |
shared-network-name LAN1 { | |
authoritative disable | |
subnet 10.0.0.0/24 { | |
default-router 10.0.0.1 | |
dns-server 10.0.0.1 | |
lease 86400 | |
start 10.0.0.1 { | |
stop 10.0.0.199 | |
} | |
static-mapping Server { | |
ip-address 10.0.0.4 | |
mac-address F8:1E:DF:EB:A7:31 | |
} | |
} | |
} | |
shared-network-name LAN2 { | |
authoritative disable | |
subnet 10.0.1.0/24 { | |
default-router 10.0.1.1 | |
dns-server 10.0.1.1 | |
lease 86400 | |
start 10.0.1.1 { | |
stop 10.0.1.254 | |
} | |
} | |
} | |
} | |
dns { | |
forwarding { | |
cache-size 150 | |
listen-on eth1 | |
listen-on eth2 | |
} | |
} | |
gui { | |
https-port 443 | |
} | |
nat { | |
rule 5000 { | |
description "masquerade for WAN" | |
outbound-interface pppoe0 | |
type masquerade | |
} | |
} | |
ssh { | |
port 22 | |
protocol-version v2 | |
} | |
} | |
system { | |
host-name router | |
login { | |
user tom { | |
authentication { | |
encrypted-password **************** | |
plaintext-password **************** | |
} | |
full-name "Tom Henderson" | |
level admin | |
} | |
} | |
name-server 127.0.0.1 | |
ntp { | |
server 0.ubnt.pool.ntp.org { | |
} | |
server 1.ubnt.pool.ntp.org { | |
} | |
server 2.ubnt.pool.ntp.org { | |
} | |
server 3.ubnt.pool.ntp.org { | |
} | |
} | |
syslog { | |
global { | |
facility all { | |
level notice | |
} | |
facility protocols { | |
level debug | |
} | |
} | |
} | |
time-zone Pacific/Auckland | |
traffic-analysis { | |
dpi disable | |
export enable | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment