| firewall { | |
| all-ping enable | |
| broadcast-ping disable | |
| config-trap disable | |
| ipv6-receive-redirects disable | |
| ipv6-src-route disable | |
| ip-src-route disable | |
| log-martians enable | |
| name OUTSIDE-IN { | |
| default-action drop | |
| rule 10 { | |
| action accept | |
| state { | |
| established enable | |
| related enable | |
| } | |
| } | |
| } | |
| name OUTSIDE-LOCAL { | |
| default-action accept | |
| rule 10 { | |
| action accept | |
| state { | |
| established enable | |
| related enable | |
| } | |
| } | |
| rule 20 { | |
| action accept | |
| icmp { | |
| type-name echo-request | |
| } | |
| protocol icmp | |
| state { | |
| new enable | |
| } | |
| } | |
| rule 30 { | |
| action drop | |
| destination { | |
| port 9528 | |
| } | |
| protocol tcp | |
| recent { | |
| count 4 | |
| time 60 | |
| } | |
| state { | |
| new enable | |
| } | |
| } | |
| rule 31 { | |
| action accept | |
| destination { | |
| port 9528 | |
| } | |
| protocol tcp | |
| state { | |
| new enable | |
| } | |
| } | |
| } | |
| receive-redirects disable | |
| send-redirects enable | |
| source-validation disable | |
| syn-cookies enable | |
| twa-hazards-protection disable | |
| } | |
| interfaces { | |
| bridge br0 { | |
| address 192.168.11.1/24 | |
| aging 300 | |
| hello-time 2 | |
| max-age 20 | |
| priority 32768 | |
| stp false | |
| } | |
| ethernet eth0 { | |
| duplex auto | |
| hw-id 00:e0:67:08:47:ea | |
| pppoe 0 { | |
| default-route auto | |
| firewall { | |
| in { | |
| name OUTSIDE-IN | |
| } | |
| local { | |
| name OUTSIDE-LOCAL | |
| } | |
| } | |
| mtu 1492 | |
| name-server none | |
| password 0000000 | |
| traffic-policy { | |
| out WAN-OUT | |
| } | |
| user-id 000000000 | |
| } | |
| smp-affinity auto | |
| speed auto | |
| } | |
| ethernet eth1 { | |
| address 10.32.3.152/22 | |
| duplex auto | |
| hw-id 00:e0:67:08:47:eb | |
| smp-affinity auto | |
| speed auto | |
| } | |
| ethernet eth2 { | |
| bridge-group { | |
| bridge br0 | |
| } | |
| duplex auto | |
| hw-id 00:e0:67:08:47:ec | |
| smp-affinity auto | |
| speed auto | |
| } | |
| ethernet eth3 { | |
| bridge-group { | |
| bridge br0 | |
| } | |
| duplex auto | |
| hw-id 00:e0:67:08:47:ed | |
| smp-affinity auto | |
| speed auto | |
| } | |
| ethernet eth4 { | |
| bridge-group { | |
| bridge br0 | |
| } | |
| duplex auto | |
| hw-id 00:e0:67:08:47:ee | |
| smp-affinity auto | |
| speed auto | |
| } | |
| ethernet eth5 { | |
| bridge-group { | |
| bridge br0 | |
| } | |
| duplex auto | |
| hw-id 00:e0:67:08:47:ef | |
| smp-affinity auto | |
| speed auto | |
| } | |
| loopback lo { | |
| } | |
| } | |
| nat { | |
| destination { | |
| rule 100 { | |
| destination { | |
| address 10.32.3.152 | |
| port 3389 | |
| } | |
| inbound-interface eth1 | |
| protocol tcp | |
| translation { | |
| address 192.168.11.100 | |
| port 3389 | |
| } | |
| } | |
| } | |
| source { | |
| rule 10 { | |
| outbound-interface pppoe0 | |
| source { | |
| address 192.168.11.0/24 | |
| } | |
| translation { | |
| address masquerade | |
| } | |
| } | |
| rule 11 { | |
| destination { | |
| address 10.32.0.0/16 | |
| } | |
| outbound-interface eth1 | |
| source { | |
| address 192.168.11.0/24 | |
| } | |
| translation { | |
| address masquerade | |
| } | |
| } | |
| } | |
| } | |
| protocols { | |
| static { | |
| route 10.32.0.0/22 { | |
| next-hop 10.32.0.252 { | |
| } | |
| } | |
| route 10.32.200.0/22 { | |
| next-hop 10.32.0.252 { | |
| } | |
| } | |
| } | |
| } | |
| service { | |
| dhcp-server { | |
| shared-network-name lan-dhcp { | |
| description bridge-lan-dhcp | |
| subnet 192.168.11.0/24 { | |
| default-router 192.168.11.1 | |
| dns-server 192.168.11.1 | |
| domain-name grapecity.net | |
| domain-search gcvyos.net | |
| domain-search grapecity.net | |
| lease 86400 | |
| range 0 { | |
| start 192.168.11.100 | |
| stop 192.168.11.254 | |
| } | |
| } | |
| } | |
| } | |
| dns { | |
| forwarding { | |
| domain grapecity.net { | |
| server 10.32.0.2 | |
| server 10.32.0.3 | |
| server 10.2.0.2 | |
| server 10.2.0.3 | |
| } | |
| listen-address 192.168.11.1 | |
| name-server 114.114.114.114 | |
| } | |
| } | |
| mdns { | |
| repeater { | |
| interface eth1 | |
| interface br0 | |
| } | |
| } | |
| snmp { | |
| community OkayGrapeCity { | |
| authorization ro | |
| network 10.32.0.0/22 | |
| } | |
| contact [email protected] | |
| listen-address 10.32.3.152 { | |
| port 161 | |
| } | |
| location 3F-Lobby-SteveDong | |
| trap-target 203.0.113.10 { | |
| } | |
| } | |
| ssh { | |
| port 9528 | |
| } | |
| webproxy { | |
| cache-size 100 | |
| default-port 3128 | |
| listen-address 192.168.11.1 { | |
| } | |
| } | |
| } | |
| system { | |
| config-management { | |
| commit-revisions 100 | |
| } | |
| console { | |
| device ttyS0 { | |
| speed 9600 | |
| } | |
| } | |
| domain-search { | |
| domain grapecity.net | |
| } | |
| host-name sys-testing-gw | |
| login { | |
| user vyos { | |
| authentication { | |
| encrypted-password $6$99999999. | |
| plaintext-password "" | |
| } | |
| level admin | |
| } | |
| } | |
| name-server 192.168.11.1 | |
| ntp { | |
| server 0.pool.ntp.org { | |
| } | |
| server 1.pool.ntp.org { | |
| } | |
| server 2.pool.ntp.org { | |
| } | |
| } | |
| options { | |
| beep-if-fully-booted | |
| ctrl-alt-del-action ignore | |
| reboot-on-panic true | |
| } | |
| static-host-mapping { | |
| host-name xa-vc { | |
| inet 10.32.3.55 | |
| } | |
| host-name xa-vc.grapecity.net { | |
| inet 10.32.3.55 | |
| } | |
| } | |
| syslog { | |
| global { | |
| facility all { | |
| level info | |
| } | |
| facility protocols { | |
| level debug | |
| } | |
| } | |
| } | |
| time-zone Asia/Chongqing | |
| } | |
| traffic-policy { | |
| shaper LAN-OUT { | |
| bandwidth 4Mbit | |
| default { | |
| bandwidth 50% | |
| burst 15k | |
| ceiling 100% | |
| queue-type fair-queue | |
| } | |
| } | |
| shaper WAN-OUT { | |
| bandwidth 50Mbit | |
| default { | |
| bandwidth 50% | |
| burst 15k | |
| ceiling 100% | |
| queue-type fair-queue | |
| } | |
| } | |
| } | |
| /* Warning: Do not remove the following line. */ | |
| /* === vyatta-config-version: "broadcast-relay@1:cluster@1:config-management@1:conntrack-sync@1:conntrack@1:dhcp-relay@2:dhcp-server@5:firewall@5:ipsec@4:l2tp@1:mdns@1:nat@4:qos@1:quagga@3:ssh@1:system@9:vrrp@2:wanloadbalance@3:webgui@1:webproxy@1:zone-policy@1" === */ | |
| /* Release version: 1.2.0-rc7 */ |
File Metadata
File Metadata
- Mime Type
- text/plain
- Storage Engine
- local-disk
- Storage Format
- Raw Data
- Storage Handle
- 0c/20/39a3e9a2433a3519daa20e8d4120
- Default Alt Text
- config.backup20181121 (7 KB)