Page MenuHomeVyOS Platform
Files F1370328

config.txt
All Users
Actions

Authored By
ngoehring
May 3 2021, 7:04 PM
Size
35 KB
Referenced Files
None
Subscribers
None

config.txt
View Options

firewall {
all-ping enable
broadcast-ping disable
config-trap disable
group {
address-group CameraTabs {
address xxx.xxx.20.17-xxx.xxx.20.18
}
address-group KidsLaptops {
address xxx.xxx.20.22-xxx.xxx.20.23
}
address-group Sonos {
address xxx.xxx.2.50-xxx.xxx.2.60
description Sonos
}
address-group Streaming {
address xxx.xxx.20.30
address xxx.xxx.20.31
address xxx.xxx.2.3
address xxx.xxx.2.4
address xxx.xxx.2.7
address xxx.xxx.2.8
}
network-group Cameras {
network xxx.xxx.40.0/24
}
network-group DMZ {
network xxx.xxx.80.0/24
}
network-group Isolated {
network xxx.xxx.20.0/24
}
network-group LocalSubnets {
network xxx.xxx.2.0/24
network xxx.xxx.20.0/24
network xxx.xxx.40.0/24
network xxx.xxx.80.0/24
network xxx.xxx.88.0/24
}
network-group Trusted {
network xxx.xxx.2.0/24
}
network-group UtahNetworks {
network xxx.xxx.1.0/24
network xxx.xxx.10.0/24
network xxx.xxx.30.0/24
network xxx.xxx.50.0/24
}
}
ipv6-receive-redirects disable
ipv6-src-route disable
ip-src-route disable
log-martians enable
name CAMERAS-DMZ {
default-action drop
}
name CAMERAS-KIDS {
default-action drop
}
name CAMERAS-LAN {
default-action drop
rule 10 {
action accept
destination {
address xxx.xxx.2.6
port 53
}
protocol tcp_udp
}
rule 20 {
action accept
destination {
address xxx.xxx.2.10
}
}
}
name CAMERAS-LOCAL {
default-action drop
rule 100 {
action accept
destination {
port 53
}
protocol tcp_udp
}
rule 110 {
action accept
destination {
port 67-68
}
protocol tcp_udp
}
rule 120 {
action accept
destination {
port 123
}
protocol tcp_udp
}
}
name CAMERAS-MULLVAD {
default-action drop
}
name CAMERAS-REMOTE {
default-action accept
}
name CAMERAS-UTAH {
default-action accept
}
name CAMERAS-WAN {
default-action accept
}
name DMZ-CAMERAS {
default-action drop
}
name DMZ-KIDS {
default-action drop
}
name DMZ-LAN {
default-action drop
rule 10 {
action accept
destination {
address xxx.xxx.2.6
port 53
}
protocol tcp_udp
}
}
name DMZ-LOCAL {
default-action drop
rule 100 {
action accept
destination {
port 53
}
protocol tcp_udp
}
rule 110 {
action accept
destination {
port 67-68
}
protocol tcp_udp
}
rule 120 {
action accept
destination {
port 123
}
protocol tcp_udp
}
}
name DMZ-MULLVAD {
default-action accept
}
name DMZ-REMOTE {
default-action drop
}
name DMZ-UTAH {
default-action drop
}
name DMZ-WAN {
default-action accept
}
name KIDS-CAMERAS {
default-action drop
}
name KIDS-DMZ {
default-action drop
}
name KIDS-LAN {
default-action drop
rule 10 {
action accept
destination {
address xxx.xxx.2.6
port 53
}
protocol tcp_udp
}
rule 15 {
action accept
destination {
address xxx.xxx.2.5
port 6690
}
protocol tcp_udp
source {
group {
address-group KidsLaptops
}
}
}
rule 20 {
action accept
destination {
address xxx.xxx.2.10
}
source {
group {
address-group CameraTabs
}
}
}
}
name KIDS-LOCAL {
default-action drop
rule 100 {
action accept
destination {
port 53
}
protocol tcp_udp
}
rule 110 {
action accept
destination {
port 67-68
}
protocol tcp_udp
}
rule 120 {
action accept
destination {
port 123
}
protocol tcp_udp
}
}
name KIDS-MULLVAD {
default-action accept
}
name KIDS-REMOTE {
default-action accept
}
name KIDS-UTAH {
default-action accept
}
name KIDS-WAN {
default-action accept
}
name LAN-CAMERAS {
default-action drop
enable-default-log
rule 5 {
action accept
destination {
group {
network-group Cameras
}
}
}
}
name LAN-DMZ {
default-action accept
}
name LAN-KIDS {
default-action accept
}
name LAN-LOCAL {
default-action drop
rule 5 {
action accept
icmp {
}
}
rule 100 {
action accept
destination {
port 53
}
protocol tcp_udp
}
rule 110 {
action accept
destination {
port 67-68
}
protocol tcp_udp
}
rule 120 {
action accept
destination {
port 123
}
protocol tcp_udp
}
rule 200 {
action accept
destination {
port 55512
}
protocol tcp
}
}
name LAN-MULLVAD {
default-action accept
}
name LAN-REMOTE {
default-action accept
}
name LAN-UTAH {
default-action accept
}
name LAN-WAN {
default-action accept
rule 10 {
action drop
disable
}
}
name LOCAL-CAMERAS {
default-action accept
}
name LOCAL-DMZ {
default-action accept
}
name LOCAL-KIDS {
default-action accept
}
name LOCAL-LAN {
default-action accept
}
name LOCAL-MULLVAD {
default-action accept
}
name LOCAL-REMOTE {
default-action accept
}
name LOCAL-UTAH {
default-action accept
}
name LOCAL-WAN {
default-action accept
}
name MULLVAD-CAMERAS {
default-action drop
}
name MULLVAD-DMZ {
default-action drop
}
name MULLVAD-KIDS {
default-action drop
}
name MULLVAD-LAN {
default-action drop
}
name MULLVAD-LOCAL {
default-action drop
}
name REMOTE-CAMERAS {
default-action accept
}
name REMOTE-DMZ {
default-action accept
}
name REMOTE-KIDS {
default-action accept
}
name REMOTE-LAN {
default-action accept
}
name REMOTE-LOCAL {
default-action accept
}
name UTAH-CAMERAS {
default-action accept
}
name UTAH-DMZ {
default-action drop
}
name UTAH-KIDS {
default-action accept
}
name UTAH-LAN {
default-action accept
rule 10 {
action accept
log enable
}
}
name UTAH-LOCAL {
default-action accept
}
name WAN-CAMERAS {
default-action drop
enable-default-log
}
name WAN-DMZ {
default-action drop
enable-default-log
}
name WAN-KIDS {
default-action drop
enable-default-log
}
name WAN-LAN {
default-action drop
enable-default-log
}
name WAN-LOCAL {
default-action drop
enable-default-log
rule 5 {
action accept
icmp {
}
}
rule 5000 {
action accept
description RoadWarriorWG
destination {
port 50000
}
protocol udp
}
rule 5100 {
action accept
description ssh
destination {
port 55512
}
protocol tcp_udp
}
rule 5200 {
action accept
description UtahWG
destination {
port 51825
}
protocol udp
}
}
receive-redirects disable
send-redirects enable
source-validation disable
state-policy {
established {
action accept
}
invalid {
action drop
}
related {
action accept
}
}
syn-cookies enable
twa-hazards-protection disable
}
interfaces {
ethernet eth0 {
address xxx.xxx.2.1/24
description LAN
duplex auto
hw-id XX:XX:XX:XX:XX:10
policy {
route LAN-New
}
speed auto
vif 20 {
address xxx.xxx.20.1/24
description Kids
policy {
route VLAN20-New
}
}
}
ethernet eth1 {
address xxx.xxx.40.1/24
description Cameras
duplex auto
hw-id XX:XX:XX:XX:XX:11
policy {
route VLAN40
}
speed auto
}
ethernet eth2 {
duplex auto
hw-id XX:XX:XX:XX:XX:12
speed auto
}
ethernet eth3 {
address xxx.xxx.80.1/24
description DMZ
duplex auto
hw-id XX:XX:XX:XX:XX:13
policy {
route DMZ
}
speed auto
}
ethernet eth4 {
address dhcp
description ToLTE
duplex auto
hw-id XX:XX:XX:XX:XX:0e
speed auto
}
ethernet eth5 {
duplex auto
hw-id XX:XX:XX:XX:XX:0f
speed auto
}
loopback lo {
}
wireguard wg15 {
address xxx.xxx.194.225/32
description MullvadNY96
mtu 1420
peer MullvadNY {
address xxx.xxx.143.210
allowed-ips xxx.xxx.0.0/0
persistent-keepalive 15
port 51820
pubkey ****************
}
private-key ****************
}
wireguard wg16 {
address xxx.xxx.45.237/32
description MullvadLA
mtu 1420
peer MullvadLA {
address xxx.xxx.114.236
allowed-ips xxx.xxx.0.0/0
persistent-keepalive 15
port 51820
pubkey ****************
}
private-key ****************
}
wireguard wg20 {
address xxx.xxx.80.3/24
description UtahWireguard
mtu 1420
peer Utah {
address xxx.xxx.203.9
allowed-ips xxx.xxx.0.0/0
persistent-keepalive 5
port 51820
pubkey ****************
}
port 51825
private-key ****************
}
wireguard wg25 {
address xxx.xxx.85.2/24
description UtahAlternate
mtu 1420
peer UtahAlternate {
address xxx.xxx.203.9
allowed-ips xxx.xxx.1.0/24
allowed-ips xxx.xxx.10.0/24
allowed-ips xxx.xxx.30.0/24
allowed-ips xxx.xxx.50.0/24
allowed-ips xxx.xxx.85.1/32
persistent-keepalive 5
port 51825
pubkey ****************
}
port 51826
private-key ****************
}
wireguard wg100 {
address xxx.xxx.100.1/24
description RoadWarrior
mtu 1420
peer Pixel {
allowed-ips xxx.xxx.100.2/32
pubkey ****************
}
policy {
route Wireguard
}
port 50000
private-key ****************
}
}
nat {
destination {
rule 10 {
destination {
port 53
}
inbound-interface eth0
protocol tcp_udp
source {
address xxx.xxx.2.3
}
translation {
address xxx.xxx.2.1
}
}
rule 20 {
destination {
port 53
}
inbound-interface eth0
protocol tcp_udp
source {
address xxx.xxx.2.4
}
translation {
address xxx.xxx.2.1
}
}
rule 30 {
description FirTVWifi
destination {
port 53
}
inbound-interface eth0
protocol tcp_udp
source {
address xxx.xxx.2.7
}
translation {
address xxx.xxx.2.1
}
}
rule 100 {
description XBOX
destination {
port 3074
}
inbound-interface eth4
protocol tcp_udp
translation {
address xxx.xxx.80.5
port 3074
}
}
rule 110 {
description XBOX
destination {
port 3544
}
inbound-interface eth4
protocol udp
translation {
address xxx.xxx.80.5
port 3544
}
}
rule 120 {
description XBOX
destination {
port 4500
}
inbound-interface eth4
protocol udp
translation {
address xxx.xxx.80.5
port 4500
}
}
rule 130 {
description XBOX
destination {
port 88
}
inbound-interface eth4
protocol udp
translation {
address xxx.xxx.80.5
}
}
rule 140 {
description XBOX
destination {
port 53
}
inbound-interface eth4
protocol tcp_udp
translation {
address xxx.xxx.80.5
}
}
rule 150 {
description XBOX
destination {
port 80
}
inbound-interface eth4
protocol tcp
translation {
address xxx.xxx.80.5
}
}
rule 160 {
description XBOX
destination {
port 500
}
inbound-interface eth4
protocol udp
translation {
address xxx.xxx.80.5
}
}
}
source {
rule 10 {
description WAN
outbound-interface eth4
translation {
address masquerade
}
}
rule 20 {
description MullvadNY
outbound-interface wg15
translation {
address masquerade
}
}
rule 25 {
description MullvadLA
outbound-interface wg16
translation {
address masquerade
}
}
rule 30 {
description Utah
outbound-interface wg20
translation {
address masquerade
}
}
rule 35 {
description UtahAlternate
disable
outbound-interface wg25
translation {
address masquerade
}
}
}
}
policy {
route DMZ {
rule 100 {
set {
table main
}
}
}
route LAN-New {
rule 4 {
set {
table main
}
source {
address xxx.xxx.2.6
}
}
rule 5 {
set {
table main
}
source {
group {
address-group Sonos
}
}
}
rule 10 {
destination {
group {
network-group LocalSubnets
}
}
set {
table main
}
}
rule 20 {
destination {
address xxx.xxx.80.0/24
}
set {
table 25
}
}
rule 25 {
destination {
address xxx.xxx.100.0/24
}
set {
table main
}
}
rule 30 {
destination {
group {
network-group !UtahNetworks
}
}
set {
table 20
}
source {
group {
address-group Streaming
}
}
}
rule 40 {
destination {
group {
network-group UtahNetworks
}
}
disable
set {
table 20
}
}
rule 41 {
destination {
group {
network-group UtahNetworks
}
}
set {
table 25
}
}
rule 90 {
disable
set {
table main
}
source {
address xxx.xxx.2.100
}
}
rule 100 {
set {
table 10
}
}
}
route VLAN20-New {
rule 10 {
destination {
group {
network-group LocalSubnets
}
}
log enable
set {
table main
}
}
rule 15 {
destination {
address xxx.xxx.100.0/24
}
set {
table main
}
}
rule 20 {
set {
table 20
}
source {
group {
address-group Streaming
}
}
}
rule 100 {
set {
table 10
}
}
}
route VLAN40 {
rule 20 {
destination {
address xxx.xxx.30.21
}
set {
table 20
}
}
rule 100 {
log enable
set {
table main
}
}
}
route Wireguard {
enable-default-log
rule 100 {
destination {
group {
network-group LocalSubnets
}
}
set {
table main
}
}
}
}
protocols {
static {
interface-route xxx.xxx.100.0/24 {
next-hop-interface eth4.100 {
}
}
interface-route xxx.xxx.80.0/24 {
next-hop-interface wg20 {
}
}
interface-route xxx.xxx.85.0/24 {
next-hop-interface wg20 {
}
}
table 10 {
interface-route xxx.xxx.0.0/0 {
next-hop-interface wg15 {
}
}
}
table 15 {
interface-route xxx.xxx.0.0/0 {
next-hop-interface wg16 {
}
}
}
table 20 {
interface-route xxx.xxx.0.0/0 {
next-hop-interface wg20 {
}
}
}
table 25 {
interface-route xxx.xxx.0.0/0 {
next-hop-interface wg25 {
}
}
}
}
}
service {
dhcp-server {
shared-network-name xxxxxx {
subnet xxx.xxx.40.0/24 {
default-router xxx.xxx.40.1
dns-server xxx.xxx.2.6
domain-name xxxxxx
lease 86400
range 0 {
start xxx.xxx.40.100
stop xxx.xxx.40.200
}
static-mapping xxxxxx {
ip-address xxx.xxx.40.21
mac-address XX:XX:XX:XX:XX:00
}
static-mapping xxxxxx {
ip-address xxx.xxx.40.32
mac-address XX:XX:XX:XX:XX:c8
}
static-mapping xxxxxx {
ip-address xxx.xxx.40.31
mac-address XX:XX:XX:XX:XX:4e
}
static-mapping xxxxxx {
ip-address xxx.xxx.40.30
mac-address XX:XX:XX:XX:XX:AF
}
}
}
shared-network-name xxxxxx {
subnet xxx.xxx.80.0/24 {
default-router xxx.xxx.80.1
dns-server xxx.xxx.2.6
domain-name xxxxxx
lease 86400
range 0 {
start xxx.xxx.80.100
stop xxx.xxx.80.200
}
static-mapping xxxxxx {
ip-address xxx.xxx.80.5
mac-address XX:XX:XX:XX:XX:85
}
}
}
shared-network-name xxxxxx {
subnet xxx.xxx.20.0/24 {
default-router xxx.xxx.20.1
dns-server xxx.xxx.2.6
domain-name xxxxxx
lease 86400
range 0 {
start xxx.xxx.20.100
stop xxx.xxx.20.200
}
static-mapping xxxxxx {
ip-address xxx.xxx.20.30
mac-address XX:XX:XX:XX:XX:c5
}
static-mapping xxxxxx {
ip-address xxx.xxx.20.31
mac-address XX:XX:XX:XX:XX:b1
}
static-mapping xxxxxx {
ip-address xxx.xxx.20.5
mac-address XX:XX:XX:XX:XX:57
}
static-mapping xxxxxx {
ip-address xxx.xxx.20.22
mac-address XX:XX:XX:XX:XX:9e
}
static-mapping xxxxxx {
ip-address xxx.xxx.20.20
mac-address XX:XX:XX:XX:XX:d7
}
static-mapping xxxxxx {
ip-address xxx.xxx.20.21
mac-address XX:XX:XX:XX:XX:FE
}
static-mapping xxxxxx {
ip-address xxx.xxx.20.18
mac-address XX:XX:XX:XX:XX:4c
}
static-mapping xxxxxx {
ip-address xxx.xxx.20.23
mac-address XX:XX:XX:XX:XX:84
}
static-mapping xxxxxx {
ip-address xxx.xxx.20.15
mac-address XX:XX:XX:XX:XX:0f
}
}
}
shared-network-name xxxxxx {
description LAN_DHCP
subnet xxx.xxx.2.0/24 {
default-router xxx.xxx.2.1
dns-server xxx.xxx.2.6
domain-name xxxxxx
lease 86400
range 0 {
start xxx.xxx.2.100
stop xxx.xxx.2.200
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.13
mac-address XX:XX:XX:XX:XX:de
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.12
mac-address XX:XX:XX:XX:XX:4a
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.21
mac-address XX:XX:XX:XX:XX:cb
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.24
mac-address XX:XX:XX:XX:XX:ee
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.23
mac-address XX:XX:XX:XX:XX:4a
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.4
mac-address XX:XX:XX:XX:XX:e0
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.10
mac-address XX:XX:XX:XX:XX:3d
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.5
mac-address XX:XX:XX:XX:XX:fd
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.3
mac-address XX:XX:XX:XX:XX:fd
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.8
mac-address XX:XX:XX:XX:XX:f3
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.20
mac-address XX:XX:XX:XX:XX:89
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.22
mac-address XX:XX:XX:XX:XX:7e
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.74
mac-address XX:XX:XX:XX:XX:48
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.72
mac-address XX:XX:XX:XX:XX:2c
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.73
mac-address XX:XX:XX:XX:XX:f6
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.6
mac-address XX:XX:XX:XX:XX:88
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.21
mac-address XX:XX:XX:XX:XX:cb
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.57
mac-address XX:XX:XX:XX:XX:d8
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.51
mac-address XX:XX:XX:XX:XX:b0
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.50
mac-address XX:XX:XX:XX:XX:ec
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.56
mac-address XX:XX:XX:XX:XX:b2
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.52
mac-address XX:XX:XX:XX:XX:b2
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.55
mac-address XX:XX:XX:XX:XX:a8
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.53
mac-address XX:XX:XX:XX:XX:91
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.54
mac-address XX:XX:XX:XX:XX:d0
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.70
mac-address XX:XX:XX:XX:XX:d2
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.71
mac-address XX:XX:XX:XX:XX:49
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.15
mac-address XX:XX:XX:XX:XX:EE
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.6
mac-address XX:XX:XX:XX:XX:b7
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.11
mac-address XX:XX:XX:XX:XX:3f
}
}
}
}
dns {
dynamic {
interface eth4 {
service GoogleDNS {
host-name xxxxxx
login mkIwUK4lQ4InMMUV
password xxxxxx
protocol dyndns2
server xxxxx.tld
}
use-web {
url http://icanhazip.com/
}
}
}
forwarding {
allow-from xxx.xxx.0.0/16
cache-size 3000
listen-address xxx.xxx.40.1
listen-address xxx.xxx.80.1
listen-address xxx.xxx.2.1
listen-address xxx.xxx.20.1
name-server xxx.xxx.222.222
name-server xxx.xxx.220.220
}
}
mdns {
repeater {
interface eth0
interface eth1
interface eth0.20
}
}
ssh {
port 55512
}
}
system {
acceleration {
qat
}
config-management {
commit-archive {
location xxxxxx
}
commit-revisions 100
}
console {
device ttyS0 {
speed 115200
}
}
domain-name xxxxxx
host-name xxxxxx
login {
user xxxxxx {
authentication {
encrypted-password xxxxxx
plaintext-password xxxxxx
}
}
}
name-server xxx.xxx.8.8
name-server xxx.xxx.4.4
name-servers-dhcp eth4
ntp {
server xxxxx.tld {
}
server xxxxx.tld {
}
server xxxxx.tld {
}
server xxxxx.tld {
}
}
syslog {
global {
facility all {
level info
}
facility protocols {
level debug
}
}
}
time-zone Asia/Kuwait
}
zone-policy {
zone CAMERAS {
default-action drop
from DMZ {
firewall {
name DMZ-CAMERAS
}
}
from KIDS {
firewall {
name KIDS-CAMERAS
}
}
from LAN {
firewall {
name LAN-CAMERAS
}
}
from LOCAL {
firewall {
name LOCAL-CAMERAS
}
}
from REMOTE {
firewall {
name REMOTE-CAMERAS
}
}
from UTAH {
firewall {
name UTAH-CAMERAS
}
}
from WAN {
firewall {
name WAN-CAMERAS
}
}
interface eth1
}
zone DMZ {
default-action drop
from CAMERAS {
firewall {
name CAMERAS-DMZ
}
}
from KIDS {
firewall {
name KIDS-DMZ
}
}
from LAN {
firewall {
name LAN-DMZ
}
}
from LOCAL {
firewall {
name LOCAL-DMZ
}
}
from REMOTE {
firewall {
name REMOTE-DMZ
}
}
from UTAH {
firewall {
name UTAH-DMZ
}
}
from WAN {
firewall {
name WAN-DMZ
}
}
interface eth3
}
zone KIDS {
default-action drop
from CAMERAS {
firewall {
name CAMERAS-KIDS
}
}
from DMZ {
firewall {
name DMZ-KIDS
}
}
from LAN {
firewall {
name LAN-KIDS
}
}
from LOCAL {
firewall {
name LOCAL-KIDS
}
}
from REMOTE {
firewall {
name REMOTE-KIDS
}
}
from UTAH {
firewall {
name UTAH-KIDS
}
}
from WAN {
firewall {
name WAN-KIDS
}
}
interface eth0.20
}
zone LAN {
default-action drop
from CAMERAS {
firewall {
name CAMERAS-LAN
}
}
from DMZ {
firewall {
name DMZ-LAN
}
}
from KIDS {
firewall {
name KIDS-LAN
}
}
from LOCAL {
firewall {
name LOCAL-LAN
}
}
from REMOTE {
firewall {
name REMOTE-LAN
}
}
from UTAH {
firewall {
name UTAH-LAN
}
}
from WAN {
firewall {
name WAN-LAN
}
}
interface eth0
}
zone LOCAL {
default-action drop
from CAMERAS {
firewall {
name CAMERAS-LOCAL
}
}
from DMZ {
firewall {
name DMZ-LOCAL
}
}
from KIDS {
firewall {
name KIDS-LOCAL
}
}
from LAN {
firewall {
name LAN-LOCAL
}
}
from REMOTE {
firewall {
name REMOTE-LOCAL
}
}
from UTAH {
firewall {
name UTAH-LOCAL
}
}
from WAN {
firewall {
name WAN-LOCAL
}
}
local-zone
}
zone REMOTE {
default-action drop
from CAMERAS {
firewall {
name CAMERAS-REMOTE
}
}
from DMZ {
firewall {
name DMZ-REMOTE
}
}
from KIDS {
firewall {
name KIDS-REMOTE
}
}
from LAN {
firewall {
name LAN-REMOTE
}
}
from LOCAL {
firewall {
name LOCAL-REMOTE
}
}
interface wg100
}
zone UTAH {
default-action drop
from CAMERAS {
firewall {
name CAMERAS-UTAH
}
}
from DMZ {
firewall {
name CAMERAS-DMZ
}
}
from KIDS {
firewall {
name KIDS-UTAH
}
}
from LAN {
firewall {
name LAN-UTAH
}
}
from LOCAL {
firewall {
name LOCAL-UTAH
}
}
interface wg20
interface wg25
}
zone WAN {
default-action drop
from CAMERAS {
firewall {
name CAMERAS-WAN
}
}
from DMZ {
firewall {
name DMZ-WAN
}
}
from KIDS {
firewall {
name KIDS-WAN
}
}
from LAN {
firewall {
name LAN-WAN
}
}
from LOCAL {
firewall {
name LOCAL-WAN
}
}
interface eth4
interface wg15
interface wg16
}
}

File Metadata

Mime Type
text/plain
Storage Engine
local-disk
Storage Format
Raw Data
Storage Handle
95/e1/2d66694c11f700d5f5df99564a6c
Default Alt Text
config.txt (35 KB)

Event Timeline