OpenWrt packages

OpenWrt packages Git Source Tree

Root/milkymist-files/data/m1/files/etc/config/firewall

1
2	config 'defaults'
3	option 'syn_flood' '1'
4	option 'input' 'ACCEPT'
5	option 'output' 'ACCEPT'
6	option 'forward' 'REJECT'
7
8	config 'zone'
9	option 'name' 'lan'
10	option 'network' 'lan'
11	option 'input' 'ACCEPT'
12	option 'output' 'ACCEPT'
13	option 'forward' 'REJECT'
14
15	config 'zone'
16	option 'name' 'wan'
17	option 'input' 'REJECT'
18	option 'output' 'ACCEPT'
19	option 'forward' 'REJECT'
20	option 'masq' '1'
21	option 'mtu_fix' '1'
22	option 'network' 'wan wwan'
23
24	config 'forwarding'
25	option 'src' 'lan'
26	option 'dest' 'wan'
27
28	config 'rule'
29	option 'name' 'Allow-DHCP-Renew'
30	option 'src' 'wan'
31	option 'proto' 'udp'
32	option 'dest_port' '68'
33	option 'target' 'ACCEPT'
34	option 'family' 'ipv4'
35
36	config 'rule'
37	option 'name' 'Allow-Ping'
38	option 'src' 'wan'
39	option 'proto' 'icmp'
40	option 'icmp_type' 'echo-request'
41	option 'family' 'ipv4'
42	option 'target' 'ACCEPT'
43
44	config 'rule'
45	option 'name' 'Allow-DHCPv6'
46	option 'src' 'wan'
47	option 'proto' 'udp'
48	option 'src_ip' 'fe80::/10'
49	option 'src_port' '547'
50	option 'dest_ip' 'fe80::/10'
51	option 'dest_port' '546'
52	option 'family' 'ipv6'
53	option 'target' 'ACCEPT'
54
55	config 'rule'
56	option 'name' 'Allow-ICMPv6-Input'
57	option 'src' 'wan'
58	option 'proto' 'icmp'
59	list 'icmp_type' 'echo-request'
60	list 'icmp_type' 'destination-unreachable'
61	list 'icmp_type' 'packet-too-big'
62	list 'icmp_type' 'time-exceeded'
63	list 'icmp_type' 'bad-header'
64	list 'icmp_type' 'unknown-header-type'
65	list 'icmp_type' 'router-solicitation'
66	list 'icmp_type' 'neighbour-solicitation'
67	option 'limit' '1000/sec'
68	option 'family' 'ipv6'
69	option 'target' 'ACCEPT'
70
71	config 'rule'
72	option 'name' 'Allow-ICMPv6-Forward'
73	option 'src' 'wan'
74	option 'dest' '*'
75	option 'proto' 'icmp'
76	list 'icmp_type' 'echo-request'
77	list 'icmp_type' 'destination-unreachable'
78	list 'icmp_type' 'packet-too-big'
79	list 'icmp_type' 'time-exceeded'
80	list 'icmp_type' 'bad-header'
81	list 'icmp_type' 'unknown-header-type'
82	option 'limit' '1000/sec'
83	option 'family' 'ipv6'
84	option 'target' 'ACCEPT'
85
86	config 'include'
87	option 'path' '/etc/firewall.user'
88
89	config 'zone'
90	option 'name' 'newzone'
91	option 'input' 'ACCEPT'
92	option 'forward' 'REJECT'
93	option 'network' ' '
94	option 'output' 'ACCEPT'
95
96	config 'rule'
97	option 'target' 'ACCEPT'
98	option 'src' 'wan'
99	option 'dest_port' '22'
100	option 'name' 'ssh'
101	option 'family' 'ipv4'
102	option 'proto' 'tcp udp'
103
104	config 'rule'
105	option 'target' 'ACCEPT'
106	option 'src' 'wan'
107	option 'dest_port' '80'
108	option 'name' 'web'
109	option 'family' 'ipv4'
110	option 'proto' 'tcp udp'
111
112	config 'redirect'
113	option 'target' 'DNAT'
114	option 'src' 'wan'
115	option 'dest' 'lan'
116	option 'proto' 'tcp udp'
117	option 'src_dport' '4444'
118	option 'dest_ip' '192.168.42.100'
119	option 'dest_port' '4444'
120	option 'name' 'osc'
121
122	config 'redirect'
123	option 'target' 'DNAT'
124	option 'src' 'wan'
125	option 'dest' 'lan'
126	option 'proto' 'tcp'
127	option 'src_dport' '21'
128	option 'dest_ip' '192.168.42.100'
129	option 'dest_port' '21'
130	option 'name' 'ftp'
131
132	config 'redirect'
133	option 'target' 'DNAT'
134	option 'src' 'wan'
135	option 'dest' 'lan'
136	option 'proto' 'tcp udp'
137	option 'src_dport' '23'
138	option 'dest_ip' '192.168.42.100'
139	option 'dest_port' '23'
140	option 'name' 'telnet'
141
142

Download this file

Branches:
backfire
master
release_2010-11-17
release_2010-12-14
release_2011-02-23
release_2011-05-28
release_2011-08-27
release_2011-11-13
release_2012-03-18
release_2012-04-09
release_2012-07-11
release_2012-10-11

OpenWrt packages

OpenWrt packages Git Source Tree

Root/milkymist-files/data/m1/files/etc/config/firewall

interactive