OpenWrt packages

OpenWrt packages Git Source Tree

Root/nanonote-TLWR11U/files/etc/config/firewall

1
2	config defaults
3	option syn_flood '1'
4	option input 'ACCEPT'
5	option output 'ACCEPT'
6	option forward 'REJECT'
7
8	config zone
9	option name 'lan'
10	option input 'ACCEPT'
11	option output 'ACCEPT'
12	option forward 'REJECT'
13	option network 'lan USB'
14
15	config zone
16	option name 'wan'
17	option input 'REJECT'
18	option output 'ACCEPT'
19	option forward 'REJECT'
20	option masq '1'
21	option mtu_fix '1'
22	option network 'wan wwan'
23
24	config forwarding
25	option src 'lan'
26	option dest 'wan'
27
28	config rule
29	option name 'Allow-DHCP-Renew'
30	option src 'wan'
31	option proto 'udp'
32	option dest_port '68'
33	option target 'ACCEPT'
34	option family 'ipv4'
35
36	config rule
37	option name 'Allow-Ping'
38	option src 'wan'
39	option proto 'icmp'
40	option icmp_type 'echo-request'
41	option family 'ipv4'
42	option target 'ACCEPT'
43
44	config rule
45	option name 'Allow-DHCPv6'
46	option src 'wan'
47	option proto 'udp'
48	option src_ip 'fe80::/10'
49	option src_port '547'
50	option dest_ip 'fe80::/10'
51	option dest_port '546'
52	option family 'ipv6'
53	option target 'ACCEPT'
54
55	config rule
56	option name 'Allow-ICMPv6-Input'
57	option src 'wan'
58	option proto 'icmp'
59	list icmp_type 'echo-request'
60	list icmp_type 'destination-unreachable'
61	list icmp_type 'packet-too-big'
62	list icmp_type 'time-exceeded'
63	list icmp_type 'bad-header'
64	list icmp_type 'unknown-header-type'
65	list icmp_type 'router-solicitation'
66	list icmp_type 'neighbour-solicitation'
67	option limit '1000/sec'
68	option family 'ipv6'
69	option target 'ACCEPT'
70
71	config rule
72	option name 'Allow-ICMPv6-Forward'
73	option src 'wan'
74	option dest '*'
75	option proto 'icmp'
76	list icmp_type 'echo-request'
77	list icmp_type 'destination-unreachable'
78	list icmp_type 'packet-too-big'
79	list icmp_type 'time-exceeded'
80	list icmp_type 'bad-header'
81	list icmp_type 'unknown-header-type'
82	option limit '1000/sec'
83	option family 'ipv6'
84	option target 'ACCEPT'
85
86	config include
87	option path '/etc/firewall.user'
88
89	config zone
90	option name 'newzone'
91	option input 'ACCEPT'
92	option forward 'REJECT'
93	option network ' '
94	option output 'ACCEPT'
95
96	config rule
97	option target 'ACCEPT'
98	option src 'wan'
99	option dest_port '22'
100	option name 'ssh'
101	option family 'ipv4'
102	option proto 'tcp udp'
103
104	config rule
105	option target 'ACCEPT'
106	option src 'wan'
107	option dest_port '80'
108	option name 'web'
109	option family 'ipv4'
110	option proto 'tcp udp'
111
112	config redirect
113	option target 'DNAT'
114	option src 'wan'
115	option dest 'lan'
116	option proto 'tcp udp'
117	option src_dport '4444'
118	option dest_ip '192.168.42.100'
119	option dest_port '4444'
120	option name 'osc'
121
122	config redirect
123	option target 'DNAT'
124	option src 'wan'
125	option dest 'lan'
126	option proto 'tcp'
127	option src_dport '21'
128	option dest_ip '192.168.42.100'
129	option dest_port '21'
130	option name 'ftp'
131
132	config redirect
133	option target 'DNAT'
134	option src 'wan'
135	option dest 'lan'
136	option proto 'tcp udp'
137	option src_dport '23'
138	option dest_ip '192.168.42.100'
139	option dest_port '23'
140	option name 'telnet'
141
142	config rule
143	option target 'ACCEPT'
144	option src 'wan'
145	option proto 'tcp udp'
146	option dest_port '8080'
147	option name 'mjpg'
148
149

Download this file

Branches:
backfire
master
release_2010-11-17
release_2010-12-14
release_2011-02-23
release_2011-05-28
release_2011-08-27
release_2011-11-13
release_2012-03-18
release_2012-04-09
release_2012-07-11
release_2012-10-11

OpenWrt packages

OpenWrt packages Git Source Tree

Root/nanonote-TLWR11U/files/etc/config/firewall

interactive