Page Menu
Home
VyOS Platform
Search
Configure Global Search
Log In
Files
F1370328
config.txt
All Users
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Flag For Later
Award Token
Authored By
ngoehring
May 3 2021, 7:04 PM
2021-05-03 19:04:03 (UTC+0)
Size
35 KB
Referenced Files
None
Subscribers
None
config.txt
View Options
firewall {
all-ping enable
broadcast-ping disable
config-trap disable
group {
address-group CameraTabs {
address xxx.xxx.20.17-xxx.xxx.20.18
}
address-group KidsLaptops {
address xxx.xxx.20.22-xxx.xxx.20.23
}
address-group Sonos {
address xxx.xxx.2.50-xxx.xxx.2.60
description Sonos
}
address-group Streaming {
address xxx.xxx.20.30
address xxx.xxx.20.31
address xxx.xxx.2.3
address xxx.xxx.2.4
address xxx.xxx.2.7
address xxx.xxx.2.8
}
network-group Cameras {
network xxx.xxx.40.0/24
}
network-group DMZ {
network xxx.xxx.80.0/24
}
network-group Isolated {
network xxx.xxx.20.0/24
}
network-group LocalSubnets {
network xxx.xxx.2.0/24
network xxx.xxx.20.0/24
network xxx.xxx.40.0/24
network xxx.xxx.80.0/24
network xxx.xxx.88.0/24
}
network-group Trusted {
network xxx.xxx.2.0/24
}
network-group UtahNetworks {
network xxx.xxx.1.0/24
network xxx.xxx.10.0/24
network xxx.xxx.30.0/24
network xxx.xxx.50.0/24
}
}
ipv6-receive-redirects disable
ipv6-src-route disable
ip-src-route disable
log-martians enable
name CAMERAS-DMZ {
default-action drop
}
name CAMERAS-KIDS {
default-action drop
}
name CAMERAS-LAN {
default-action drop
rule 10 {
action accept
destination {
address xxx.xxx.2.6
port 53
}
protocol tcp_udp
}
rule 20 {
action accept
destination {
address xxx.xxx.2.10
}
}
}
name CAMERAS-LOCAL {
default-action drop
rule 100 {
action accept
destination {
port 53
}
protocol tcp_udp
}
rule 110 {
action accept
destination {
port 67-68
}
protocol tcp_udp
}
rule 120 {
action accept
destination {
port 123
}
protocol tcp_udp
}
}
name CAMERAS-MULLVAD {
default-action drop
}
name CAMERAS-REMOTE {
default-action accept
}
name CAMERAS-UTAH {
default-action accept
}
name CAMERAS-WAN {
default-action accept
}
name DMZ-CAMERAS {
default-action drop
}
name DMZ-KIDS {
default-action drop
}
name DMZ-LAN {
default-action drop
rule 10 {
action accept
destination {
address xxx.xxx.2.6
port 53
}
protocol tcp_udp
}
}
name DMZ-LOCAL {
default-action drop
rule 100 {
action accept
destination {
port 53
}
protocol tcp_udp
}
rule 110 {
action accept
destination {
port 67-68
}
protocol tcp_udp
}
rule 120 {
action accept
destination {
port 123
}
protocol tcp_udp
}
}
name DMZ-MULLVAD {
default-action accept
}
name DMZ-REMOTE {
default-action drop
}
name DMZ-UTAH {
default-action drop
}
name DMZ-WAN {
default-action accept
}
name KIDS-CAMERAS {
default-action drop
}
name KIDS-DMZ {
default-action drop
}
name KIDS-LAN {
default-action drop
rule 10 {
action accept
destination {
address xxx.xxx.2.6
port 53
}
protocol tcp_udp
}
rule 15 {
action accept
destination {
address xxx.xxx.2.5
port 6690
}
protocol tcp_udp
source {
group {
address-group KidsLaptops
}
}
}
rule 20 {
action accept
destination {
address xxx.xxx.2.10
}
source {
group {
address-group CameraTabs
}
}
}
}
name KIDS-LOCAL {
default-action drop
rule 100 {
action accept
destination {
port 53
}
protocol tcp_udp
}
rule 110 {
action accept
destination {
port 67-68
}
protocol tcp_udp
}
rule 120 {
action accept
destination {
port 123
}
protocol tcp_udp
}
}
name KIDS-MULLVAD {
default-action accept
}
name KIDS-REMOTE {
default-action accept
}
name KIDS-UTAH {
default-action accept
}
name KIDS-WAN {
default-action accept
}
name LAN-CAMERAS {
default-action drop
enable-default-log
rule 5 {
action accept
destination {
group {
network-group Cameras
}
}
}
}
name LAN-DMZ {
default-action accept
}
name LAN-KIDS {
default-action accept
}
name LAN-LOCAL {
default-action drop
rule 5 {
action accept
icmp {
}
}
rule 100 {
action accept
destination {
port 53
}
protocol tcp_udp
}
rule 110 {
action accept
destination {
port 67-68
}
protocol tcp_udp
}
rule 120 {
action accept
destination {
port 123
}
protocol tcp_udp
}
rule 200 {
action accept
destination {
port 55512
}
protocol tcp
}
}
name LAN-MULLVAD {
default-action accept
}
name LAN-REMOTE {
default-action accept
}
name LAN-UTAH {
default-action accept
}
name LAN-WAN {
default-action accept
rule 10 {
action drop
disable
}
}
name LOCAL-CAMERAS {
default-action accept
}
name LOCAL-DMZ {
default-action accept
}
name LOCAL-KIDS {
default-action accept
}
name LOCAL-LAN {
default-action accept
}
name LOCAL-MULLVAD {
default-action accept
}
name LOCAL-REMOTE {
default-action accept
}
name LOCAL-UTAH {
default-action accept
}
name LOCAL-WAN {
default-action accept
}
name MULLVAD-CAMERAS {
default-action drop
}
name MULLVAD-DMZ {
default-action drop
}
name MULLVAD-KIDS {
default-action drop
}
name MULLVAD-LAN {
default-action drop
}
name MULLVAD-LOCAL {
default-action drop
}
name REMOTE-CAMERAS {
default-action accept
}
name REMOTE-DMZ {
default-action accept
}
name REMOTE-KIDS {
default-action accept
}
name REMOTE-LAN {
default-action accept
}
name REMOTE-LOCAL {
default-action accept
}
name UTAH-CAMERAS {
default-action accept
}
name UTAH-DMZ {
default-action drop
}
name UTAH-KIDS {
default-action accept
}
name UTAH-LAN {
default-action accept
rule 10 {
action accept
log enable
}
}
name UTAH-LOCAL {
default-action accept
}
name WAN-CAMERAS {
default-action drop
enable-default-log
}
name WAN-DMZ {
default-action drop
enable-default-log
}
name WAN-KIDS {
default-action drop
enable-default-log
}
name WAN-LAN {
default-action drop
enable-default-log
}
name WAN-LOCAL {
default-action drop
enable-default-log
rule 5 {
action accept
icmp {
}
}
rule 5000 {
action accept
description RoadWarriorWG
destination {
port 50000
}
protocol udp
}
rule 5100 {
action accept
description ssh
destination {
port 55512
}
protocol tcp_udp
}
rule 5200 {
action accept
description UtahWG
destination {
port 51825
}
protocol udp
}
}
receive-redirects disable
send-redirects enable
source-validation disable
state-policy {
established {
action accept
}
invalid {
action drop
}
related {
action accept
}
}
syn-cookies enable
twa-hazards-protection disable
}
interfaces {
ethernet eth0 {
address xxx.xxx.2.1/24
description LAN
duplex auto
hw-id XX:XX:XX:XX:XX:10
policy {
route LAN-New
}
speed auto
vif 20 {
address xxx.xxx.20.1/24
description Kids
policy {
route VLAN20-New
}
}
}
ethernet eth1 {
address xxx.xxx.40.1/24
description Cameras
duplex auto
hw-id XX:XX:XX:XX:XX:11
policy {
route VLAN40
}
speed auto
}
ethernet eth2 {
duplex auto
hw-id XX:XX:XX:XX:XX:12
speed auto
}
ethernet eth3 {
address xxx.xxx.80.1/24
description DMZ
duplex auto
hw-id XX:XX:XX:XX:XX:13
policy {
route DMZ
}
speed auto
}
ethernet eth4 {
address dhcp
description ToLTE
duplex auto
hw-id XX:XX:XX:XX:XX:0e
speed auto
}
ethernet eth5 {
duplex auto
hw-id XX:XX:XX:XX:XX:0f
speed auto
}
loopback lo {
}
wireguard wg15 {
address xxx.xxx.194.225/32
description MullvadNY96
mtu 1420
peer MullvadNY {
address xxx.xxx.143.210
allowed-ips xxx.xxx.0.0/0
persistent-keepalive 15
port 51820
pubkey ****************
}
private-key ****************
}
wireguard wg16 {
address xxx.xxx.45.237/32
description MullvadLA
mtu 1420
peer MullvadLA {
address xxx.xxx.114.236
allowed-ips xxx.xxx.0.0/0
persistent-keepalive 15
port 51820
pubkey ****************
}
private-key ****************
}
wireguard wg20 {
address xxx.xxx.80.3/24
description UtahWireguard
mtu 1420
peer Utah {
address xxx.xxx.203.9
allowed-ips xxx.xxx.0.0/0
persistent-keepalive 5
port 51820
pubkey ****************
}
port 51825
private-key ****************
}
wireguard wg25 {
address xxx.xxx.85.2/24
description UtahAlternate
mtu 1420
peer UtahAlternate {
address xxx.xxx.203.9
allowed-ips xxx.xxx.1.0/24
allowed-ips xxx.xxx.10.0/24
allowed-ips xxx.xxx.30.0/24
allowed-ips xxx.xxx.50.0/24
allowed-ips xxx.xxx.85.1/32
persistent-keepalive 5
port 51825
pubkey ****************
}
port 51826
private-key ****************
}
wireguard wg100 {
address xxx.xxx.100.1/24
description RoadWarrior
mtu 1420
peer Pixel {
allowed-ips xxx.xxx.100.2/32
pubkey ****************
}
policy {
route Wireguard
}
port 50000
private-key ****************
}
}
nat {
destination {
rule 10 {
destination {
port 53
}
inbound-interface eth0
protocol tcp_udp
source {
address xxx.xxx.2.3
}
translation {
address xxx.xxx.2.1
}
}
rule 20 {
destination {
port 53
}
inbound-interface eth0
protocol tcp_udp
source {
address xxx.xxx.2.4
}
translation {
address xxx.xxx.2.1
}
}
rule 30 {
description FirTVWifi
destination {
port 53
}
inbound-interface eth0
protocol tcp_udp
source {
address xxx.xxx.2.7
}
translation {
address xxx.xxx.2.1
}
}
rule 100 {
description XBOX
destination {
port 3074
}
inbound-interface eth4
protocol tcp_udp
translation {
address xxx.xxx.80.5
port 3074
}
}
rule 110 {
description XBOX
destination {
port 3544
}
inbound-interface eth4
protocol udp
translation {
address xxx.xxx.80.5
port 3544
}
}
rule 120 {
description XBOX
destination {
port 4500
}
inbound-interface eth4
protocol udp
translation {
address xxx.xxx.80.5
port 4500
}
}
rule 130 {
description XBOX
destination {
port 88
}
inbound-interface eth4
protocol udp
translation {
address xxx.xxx.80.5
}
}
rule 140 {
description XBOX
destination {
port 53
}
inbound-interface eth4
protocol tcp_udp
translation {
address xxx.xxx.80.5
}
}
rule 150 {
description XBOX
destination {
port 80
}
inbound-interface eth4
protocol tcp
translation {
address xxx.xxx.80.5
}
}
rule 160 {
description XBOX
destination {
port 500
}
inbound-interface eth4
protocol udp
translation {
address xxx.xxx.80.5
}
}
}
source {
rule 10 {
description WAN
outbound-interface eth4
translation {
address masquerade
}
}
rule 20 {
description MullvadNY
outbound-interface wg15
translation {
address masquerade
}
}
rule 25 {
description MullvadLA
outbound-interface wg16
translation {
address masquerade
}
}
rule 30 {
description Utah
outbound-interface wg20
translation {
address masquerade
}
}
rule 35 {
description UtahAlternate
disable
outbound-interface wg25
translation {
address masquerade
}
}
}
}
policy {
route DMZ {
rule 100 {
set {
table main
}
}
}
route LAN-New {
rule 4 {
set {
table main
}
source {
address xxx.xxx.2.6
}
}
rule 5 {
set {
table main
}
source {
group {
address-group Sonos
}
}
}
rule 10 {
destination {
group {
network-group LocalSubnets
}
}
set {
table main
}
}
rule 20 {
destination {
address xxx.xxx.80.0/24
}
set {
table 25
}
}
rule 25 {
destination {
address xxx.xxx.100.0/24
}
set {
table main
}
}
rule 30 {
destination {
group {
network-group !UtahNetworks
}
}
set {
table 20
}
source {
group {
address-group Streaming
}
}
}
rule 40 {
destination {
group {
network-group UtahNetworks
}
}
disable
set {
table 20
}
}
rule 41 {
destination {
group {
network-group UtahNetworks
}
}
set {
table 25
}
}
rule 90 {
disable
set {
table main
}
source {
address xxx.xxx.2.100
}
}
rule 100 {
set {
table 10
}
}
}
route VLAN20-New {
rule 10 {
destination {
group {
network-group LocalSubnets
}
}
log enable
set {
table main
}
}
rule 15 {
destination {
address xxx.xxx.100.0/24
}
set {
table main
}
}
rule 20 {
set {
table 20
}
source {
group {
address-group Streaming
}
}
}
rule 100 {
set {
table 10
}
}
}
route VLAN40 {
rule 20 {
destination {
address xxx.xxx.30.21
}
set {
table 20
}
}
rule 100 {
log enable
set {
table main
}
}
}
route Wireguard {
enable-default-log
rule 100 {
destination {
group {
network-group LocalSubnets
}
}
set {
table main
}
}
}
}
protocols {
static {
interface-route xxx.xxx.100.0/24 {
next-hop-interface eth4.100 {
}
}
interface-route xxx.xxx.80.0/24 {
next-hop-interface wg20 {
}
}
interface-route xxx.xxx.85.0/24 {
next-hop-interface wg20 {
}
}
table 10 {
interface-route xxx.xxx.0.0/0 {
next-hop-interface wg15 {
}
}
}
table 15 {
interface-route xxx.xxx.0.0/0 {
next-hop-interface wg16 {
}
}
}
table 20 {
interface-route xxx.xxx.0.0/0 {
next-hop-interface wg20 {
}
}
}
table 25 {
interface-route xxx.xxx.0.0/0 {
next-hop-interface wg25 {
}
}
}
}
}
service {
dhcp-server {
shared-network-name xxxxxx {
subnet xxx.xxx.40.0/24 {
default-router xxx.xxx.40.1
dns-server xxx.xxx.2.6
domain-name xxxxxx
lease 86400
range 0 {
start xxx.xxx.40.100
stop xxx.xxx.40.200
}
static-mapping xxxxxx {
ip-address xxx.xxx.40.21
mac-address XX:XX:XX:XX:XX:00
}
static-mapping xxxxxx {
ip-address xxx.xxx.40.32
mac-address XX:XX:XX:XX:XX:c8
}
static-mapping xxxxxx {
ip-address xxx.xxx.40.31
mac-address XX:XX:XX:XX:XX:4e
}
static-mapping xxxxxx {
ip-address xxx.xxx.40.30
mac-address XX:XX:XX:XX:XX:AF
}
}
}
shared-network-name xxxxxx {
subnet xxx.xxx.80.0/24 {
default-router xxx.xxx.80.1
dns-server xxx.xxx.2.6
domain-name xxxxxx
lease 86400
range 0 {
start xxx.xxx.80.100
stop xxx.xxx.80.200
}
static-mapping xxxxxx {
ip-address xxx.xxx.80.5
mac-address XX:XX:XX:XX:XX:85
}
}
}
shared-network-name xxxxxx {
subnet xxx.xxx.20.0/24 {
default-router xxx.xxx.20.1
dns-server xxx.xxx.2.6
domain-name xxxxxx
lease 86400
range 0 {
start xxx.xxx.20.100
stop xxx.xxx.20.200
}
static-mapping xxxxxx {
ip-address xxx.xxx.20.30
mac-address XX:XX:XX:XX:XX:c5
}
static-mapping xxxxxx {
ip-address xxx.xxx.20.31
mac-address XX:XX:XX:XX:XX:b1
}
static-mapping xxxxxx {
ip-address xxx.xxx.20.5
mac-address XX:XX:XX:XX:XX:57
}
static-mapping xxxxxx {
ip-address xxx.xxx.20.22
mac-address XX:XX:XX:XX:XX:9e
}
static-mapping xxxxxx {
ip-address xxx.xxx.20.20
mac-address XX:XX:XX:XX:XX:d7
}
static-mapping xxxxxx {
ip-address xxx.xxx.20.21
mac-address XX:XX:XX:XX:XX:FE
}
static-mapping xxxxxx {
ip-address xxx.xxx.20.18
mac-address XX:XX:XX:XX:XX:4c
}
static-mapping xxxxxx {
ip-address xxx.xxx.20.23
mac-address XX:XX:XX:XX:XX:84
}
static-mapping xxxxxx {
ip-address xxx.xxx.20.15
mac-address XX:XX:XX:XX:XX:0f
}
}
}
shared-network-name xxxxxx {
description LAN_DHCP
subnet xxx.xxx.2.0/24 {
default-router xxx.xxx.2.1
dns-server xxx.xxx.2.6
domain-name xxxxxx
lease 86400
range 0 {
start xxx.xxx.2.100
stop xxx.xxx.2.200
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.13
mac-address XX:XX:XX:XX:XX:de
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.12
mac-address XX:XX:XX:XX:XX:4a
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.21
mac-address XX:XX:XX:XX:XX:cb
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.24
mac-address XX:XX:XX:XX:XX:ee
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.23
mac-address XX:XX:XX:XX:XX:4a
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.4
mac-address XX:XX:XX:XX:XX:e0
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.10
mac-address XX:XX:XX:XX:XX:3d
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.5
mac-address XX:XX:XX:XX:XX:fd
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.3
mac-address XX:XX:XX:XX:XX:fd
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.8
mac-address XX:XX:XX:XX:XX:f3
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.20
mac-address XX:XX:XX:XX:XX:89
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.22
mac-address XX:XX:XX:XX:XX:7e
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.74
mac-address XX:XX:XX:XX:XX:48
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.72
mac-address XX:XX:XX:XX:XX:2c
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.73
mac-address XX:XX:XX:XX:XX:f6
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.6
mac-address XX:XX:XX:XX:XX:88
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.21
mac-address XX:XX:XX:XX:XX:cb
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.57
mac-address XX:XX:XX:XX:XX:d8
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.51
mac-address XX:XX:XX:XX:XX:b0
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.50
mac-address XX:XX:XX:XX:XX:ec
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.56
mac-address XX:XX:XX:XX:XX:b2
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.52
mac-address XX:XX:XX:XX:XX:b2
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.55
mac-address XX:XX:XX:XX:XX:a8
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.53
mac-address XX:XX:XX:XX:XX:91
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.54
mac-address XX:XX:XX:XX:XX:d0
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.70
mac-address XX:XX:XX:XX:XX:d2
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.71
mac-address XX:XX:XX:XX:XX:49
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.15
mac-address XX:XX:XX:XX:XX:EE
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.6
mac-address XX:XX:XX:XX:XX:b7
}
static-mapping xxxxxx {
ip-address xxx.xxx.2.11
mac-address XX:XX:XX:XX:XX:3f
}
}
}
}
dns {
dynamic {
interface eth4 {
service GoogleDNS {
host-name xxxxxx
login mkIwUK4lQ4InMMUV
password xxxxxx
protocol dyndns2
server xxxxx.tld
}
use-web {
url http://icanhazip.com/
}
}
}
forwarding {
allow-from xxx.xxx.0.0/16
cache-size 3000
listen-address xxx.xxx.40.1
listen-address xxx.xxx.80.1
listen-address xxx.xxx.2.1
listen-address xxx.xxx.20.1
name-server xxx.xxx.222.222
name-server xxx.xxx.220.220
}
}
mdns {
repeater {
interface eth0
interface eth1
interface eth0.20
}
}
ssh {
port 55512
}
}
system {
acceleration {
qat
}
config-management {
commit-archive {
location xxxxxx
}
commit-revisions 100
}
console {
device ttyS0 {
speed 115200
}
}
domain-name xxxxxx
host-name xxxxxx
login {
user xxxxxx {
authentication {
encrypted-password xxxxxx
plaintext-password xxxxxx
}
}
}
name-server xxx.xxx.8.8
name-server xxx.xxx.4.4
name-servers-dhcp eth4
ntp {
server xxxxx.tld {
}
server xxxxx.tld {
}
server xxxxx.tld {
}
server xxxxx.tld {
}
}
syslog {
global {
facility all {
level info
}
facility protocols {
level debug
}
}
}
time-zone Asia/Kuwait
}
zone-policy {
zone CAMERAS {
default-action drop
from DMZ {
firewall {
name DMZ-CAMERAS
}
}
from KIDS {
firewall {
name KIDS-CAMERAS
}
}
from LAN {
firewall {
name LAN-CAMERAS
}
}
from LOCAL {
firewall {
name LOCAL-CAMERAS
}
}
from REMOTE {
firewall {
name REMOTE-CAMERAS
}
}
from UTAH {
firewall {
name UTAH-CAMERAS
}
}
from WAN {
firewall {
name WAN-CAMERAS
}
}
interface eth1
}
zone DMZ {
default-action drop
from CAMERAS {
firewall {
name CAMERAS-DMZ
}
}
from KIDS {
firewall {
name KIDS-DMZ
}
}
from LAN {
firewall {
name LAN-DMZ
}
}
from LOCAL {
firewall {
name LOCAL-DMZ
}
}
from REMOTE {
firewall {
name REMOTE-DMZ
}
}
from UTAH {
firewall {
name UTAH-DMZ
}
}
from WAN {
firewall {
name WAN-DMZ
}
}
interface eth3
}
zone KIDS {
default-action drop
from CAMERAS {
firewall {
name CAMERAS-KIDS
}
}
from DMZ {
firewall {
name DMZ-KIDS
}
}
from LAN {
firewall {
name LAN-KIDS
}
}
from LOCAL {
firewall {
name LOCAL-KIDS
}
}
from REMOTE {
firewall {
name REMOTE-KIDS
}
}
from UTAH {
firewall {
name UTAH-KIDS
}
}
from WAN {
firewall {
name WAN-KIDS
}
}
interface eth0.20
}
zone LAN {
default-action drop
from CAMERAS {
firewall {
name CAMERAS-LAN
}
}
from DMZ {
firewall {
name DMZ-LAN
}
}
from KIDS {
firewall {
name KIDS-LAN
}
}
from LOCAL {
firewall {
name LOCAL-LAN
}
}
from REMOTE {
firewall {
name REMOTE-LAN
}
}
from UTAH {
firewall {
name UTAH-LAN
}
}
from WAN {
firewall {
name WAN-LAN
}
}
interface eth0
}
zone LOCAL {
default-action drop
from CAMERAS {
firewall {
name CAMERAS-LOCAL
}
}
from DMZ {
firewall {
name DMZ-LOCAL
}
}
from KIDS {
firewall {
name KIDS-LOCAL
}
}
from LAN {
firewall {
name LAN-LOCAL
}
}
from REMOTE {
firewall {
name REMOTE-LOCAL
}
}
from UTAH {
firewall {
name UTAH-LOCAL
}
}
from WAN {
firewall {
name WAN-LOCAL
}
}
local-zone
}
zone REMOTE {
default-action drop
from CAMERAS {
firewall {
name CAMERAS-REMOTE
}
}
from DMZ {
firewall {
name DMZ-REMOTE
}
}
from KIDS {
firewall {
name KIDS-REMOTE
}
}
from LAN {
firewall {
name LAN-REMOTE
}
}
from LOCAL {
firewall {
name LOCAL-REMOTE
}
}
interface wg100
}
zone UTAH {
default-action drop
from CAMERAS {
firewall {
name CAMERAS-UTAH
}
}
from DMZ {
firewall {
name CAMERAS-DMZ
}
}
from KIDS {
firewall {
name KIDS-UTAH
}
}
from LAN {
firewall {
name LAN-UTAH
}
}
from LOCAL {
firewall {
name LOCAL-UTAH
}
}
interface wg20
interface wg25
}
zone WAN {
default-action drop
from CAMERAS {
firewall {
name CAMERAS-WAN
}
}
from DMZ {
firewall {
name DMZ-WAN
}
}
from KIDS {
firewall {
name KIDS-WAN
}
}
from LAN {
firewall {
name LAN-WAN
}
}
from LOCAL {
firewall {
name LOCAL-WAN
}
}
interface eth4
interface wg15
interface wg16
}
}
File Metadata
Details
Attached
Mime Type
text/plain
Storage Engine
local-disk
Storage Format
Raw Data
Storage Handle
95/e1/2d66694c11f700d5f5df99564a6c
Default Alt Text
config.txt (35 KB)
Attached To
Mode
T3513: Attempting to remove firewall rule results in error
Attached
Detach File
Event Timeline
Log In to Comment