Commitedcfg mit Filtern.cfg
Aus ModemWiki
-> Zurück zu Filter extern definieren
| create user name alice@13184 passwd hnto$mgmt@lice root |
| create user name router passwd siemens root |
| size maxvc 8 max1483vc 8 maxppe 8 |
| modify ppp global pppsesstimer 5 keepalive enable maxauthtries 0 authretrydelay 15 maxlcpecho 2 |
| modify system logthresh 1 systime "Jul 08 23:25:09 2006" timezone "GMT" magicnum 33 |
| modify bridge mode wan2wan disable |
| alpha set /urlblk/status=0 |
| alpha set /misc/u32=0 |
| alpha set /misc/u16=0 |
| alpha set /misc/int=0 |
| alpha set /misc/u8=0 |
| alpha set /misc/u8syncpctime=0 |
| alpha set /misc/trscan=0 |
| alpha set /misc/enum=off |
| alpha set /misc/user=0 |
| alpha set /qos/mode=0 |
| alpha set /qos/p1=0 |
| alpha set /qos/p2=1 |
| alpha set /qos/p3=2 |
| alpha set /qos/p4=3 |
| alpha set /qos/w1=4 |
| alpha set /qos/w2=3 |
| alpha set /qos/w3=2 |
| alpha set /qos/w4=1 |
| alpha set /qos/voice_base=5000 |
| alpha set /qos/voice_end=6000 |
| alpha set /qos/video_base=54000 |
| alpha set /qos/video_end=55000 |
| alpha exec |
| create pfraw rule entry ruleid 15 ifname private dir in act deny |
| create pfraw rule entry ruleid 16 ifname private act deny |
| create pfraw rule entry ruleid 17 ifname private dir in act deny |
| create pfraw rule entry ruleid 18 ifname private act deny |
| create pfraw rule entry ruleid 19 ifname private dir in act deny |
| create pfraw rule entry ruleid 20 ifname private act deny |
| create pfraw rule entry ruleid 21 ifname private dir in act deny |
| create pfraw rule entry ruleid 22 ifname private act deny |
| create pfraw rule entry ruleid 23 ifname private dir in act deny |
| create pfraw rule entry ruleid 24 ifname private act deny |
| create pfraw rule entry ruleid 25 ifname private dir in act deny |
| create pfraw rule entry ruleid 26 ifname private act deny |
| create pfraw rule entry ruleid 27 ifname private dir in act deny |
| create pfraw rule entry ruleid 28 ifname private act deny |
| create pfraw rule entry ruleid 29 ifname private dir in act deny |
| create pfraw rule entry ruleid 30 ifname private act deny |
| create pfraw rule entry ruleid 31 ifname private dir in act deny |
| create pfraw rule entry ruleid 32 ifname private act deny |
| create pfraw rule entry ruleid 33 ifname private dir in act deny |
| create pfraw rule entry ruleid 34 ifname private act deny |
| create pfraw rule entry ruleid 35 ifname private dir in act callmgmt |
| create pfraw rule entry ruleid 36 ifname dmz dir in act callmgmt |
| create pfraw rule entry ruleid 37 dir in act callmgmt |
| create pfraw subrule entry ruleid 15 subruleid 1 mask 0xFFFF offset 12 enable cmpt range 0x8863 0x8864 |
| create pfraw subrule entry ruleid 16 subruleid 1 mask 0xFFFF offset 12 enable cmpt range 0x8863 0x8864 |
| create pfraw subrule entry ruleid 17 subruleid 1 mask 0xFFFFFFFF start iph offset 16 enable cmpt range 0xE0000000 0xEFFFFFFF |
| create pfraw subrule entry ruleid 18 subruleid 1 mask 0xFFFFFFFF start iph offset 16 enable cmpt range 0xE0000000 0xEFFFFFFF |
| create pfraw subrule entry ruleid 19 subruleid 1 mask 0xFFFF offset 12 enable cmpt eq 0x8035 |
| create pfraw subrule entry ruleid 20 subruleid 1 mask 0xFFFF offset 12 enable cmpt eq 0x8035 |
| create pfraw subrule entry ruleid 21 subruleid 1 mask 0xFFFF offset 12 enable cmpt eq 0x809B |
| create pfraw subrule entry ruleid 22 subruleid 1 mask 0xFFFF offset 12 enable cmpt eq 0x809B |
| create pfraw subrule entry ruleid 23 subruleid 1 mask 0xFFFF offset 12 enable cmpt lteq 0x05DC |
| create pfraw subrule entry ruleid 23 subruleid 2 mask 0xFFFF offset 14 enable cmpt eq 0xF0F0 |
| create pfraw subrule entry ruleid 24 subruleid 1 mask 0xFFFF offset 12 enable cmpt lteq 0x05DC |
| create pfraw subrule entry ruleid 24 subruleid 2 mask 0xFFFF offset 14 enable cmpt eq 0xF0F0 |
| create pfraw subrule entry ruleid 25 subruleid 1 mask 0xFFFF offset 12 enable cmpt range 0x8137 0x8138 |
| create pfraw subrule entry ruleid 26 subruleid 1 mask 0xFFFF offset 12 enable cmpt range 0x8137 0x8138 |
| create pfraw subrule entry ruleid 27 subruleid 1 mask 0xFFFFFFFFFFFF offset 0 enable cmpt eq 0x0180C2000000 |
| create pfraw subrule entry ruleid 28 subruleid 1 mask 0xFFFFFFFFFFFF offset 0 enable cmpt eq 0x0180C2000000 |
| create pfraw subrule entry ruleid 29 subruleid 1 mask 0xFFFF offset 12 enable cmpt eq 0x0806 |
| create pfraw subrule entry ruleid 30 subruleid 1 mask 0xFFFF offset 12 enable cmpt eq 0x0806 |
| create pfraw subrule entry ruleid 31 subruleid 1 mask 0xFFFF offset 0 enable cmpt eq 0x3333 |
| create pfraw subrule entry ruleid 32 subruleid 1 mask 0xFFFF offset 0 enable cmpt eq 0x3333 |
| create pfraw subrule entry ruleid 33 subruleid 1 mask 0xFFFF offset 12 enable cmpt eq 0x8100 |
| create pfraw subrule entry ruleid 34 subruleid 1 mask 0xFFFF offset 12 enable cmpt eq 0x8100 |
| create pfraw subrule entry ruleid 35 subruleid 1 mask 0xFFFF offset 12 enable cmpt range 0x8863 0x8864 |
| create pfraw subrule entry ruleid 36 subruleid 1 mask 0xFFFF offset 12 enable cmpt range 0x8863 0x8864 |
| create pfraw subrule entry ruleid 37 subruleid 1 mask 0xFF offset 15 enable cmpt eq 0xA7 |
| create ipf rule entry ruleid 2000 dir in act accept transprot eq ICMP seclevel high medium low |
| create ipf rule entry ruleid 2001 dir out act accept transprot eq ICMP seclevel high medium low |
| create ipf rule entry ruleid 2002 dir in act accept destaddr eq 192.168.1.4 srcaddr eq 192.168.1.1 transprot eq TCP srcport eq telnet seclevel high medium low |
| create ipf rule entry ruleid 2003 dir out act accept srcaddr eq 192.168.1.1 destaddr eq 192.168.1.4 transprot eq TCP destport eq telnet seclevel high medium low |
| create ipf rule entry ruleid 2004 ifname public dir out act accept transprot eq TCP destport range 20 22 seclevel high medium low |
| create ipf rule entry ruleid 2005 ifname public dir out act accept transprot eq TCP destport eq num 23 seclevel high medium low |
| create ipf rule entry ruleid 2006 ifname public dir out act accept transprot eq TCP destport eq num 25 seclevel high medium low |
| create ipf rule entry ruleid 2007 ifname public dir out act accept transprot eq UDP destport eq num 53 seclevel high medium low |
| create ipf rule entry ruleid 2008 ifname public dir out act accept transprot eq TCP destport eq num 80 seclevel high medium low |
| create ipf rule entry ruleid 2009 ifname public dir out act accept transprot eq TCP destport eq num 110 seclevel high medium low |
| create ipf rule entry ruleid 2010 ifname public dir out act accept transprot eq TCP destport eq num 443 seclevel high medium low |
| create ipf rule entry ruleid 2011 ifname public dir out act accept transprot eq TCP destport eq num 5190 seclevel high medium low |
| create ipf rule entry ruleid 2012 ifname public dir out act accept transprot eq TCP destport eq num 8245 seclevel high medium low |
| create ipf rule entry ruleid 2013 ifname public dir out act accept transprot eq TCP destport eq num 8080 seclevel high medium low |
| create ipf rule entry ruleid 2014 ifname public dir out act accept transprot eq TCP destport eq num 119 seclevel high medium low |
| create ipf rule entry ruleid 2015 ifname public dir in act accept transprot eq TCP srcport range 20 22 seclevel high medium low |
| create ipf rule entry ruleid 2016 ifname public dir in act accept transprot eq TCP srcport eq num 23 seclevel high medium low |
| create ipf rule entry ruleid 2017 ifname public dir in act accept transprot eq TCP srcport eq num 25 seclevel high medium low |
| create ipf rule entry ruleid 2018 ifname public dir in act accept transprot eq UDP srcport eq num 53 seclevel high medium low |
| create ipf rule entry ruleid 2019 ifname public dir in act accept transprot eq TCP srcport eq num 80 seclevel high medium low |
| create ipf rule entry ruleid 2020 ifname public dir in act accept transprot eq TCP srcport eq num 110 seclevel high medium low |
| create ipf rule entry ruleid 2021 ifname public dir in act accept transprot eq TCP srcport eq num 443 seclevel high medium low |
| create ipf rule entry ruleid 2022 ifname public dir in act accept transprot eq TCP srcport eq num 5190 seclevel high medium low |
| create ipf rule entry ruleid 2023 ifname public dir in act accept transprot eq TCP srcport eq num 8245 seclevel high medium low |
| create ipf rule entry ruleid 2024 ifname public dir in act accept transprot eq TCP srcport eq num 8080 seclevel high medium low |
| create ipf rule entry ruleid 2025 ifname public dir in act accept transprot eq TCP srcport eq num 119 seclevel high medium low |
| create ipf rule entry ruleid 2235 ifname public dir in seclevel high medium low |
| create ipf rule entry ruleid 2236 ifname public dir out seclevel high medium low |
| modify ipf global seclevel low pubdefact accept dmzdefact accept |
| create dhcp server pool start-ip 192.168.1.10 poolid 0 end-ip 192.168.1.30 mask 255.255.255.0 |
| modify snmp trap disable |
| create rip intf ifname ppp-0 |
| create ethernet intf ifname eth-0 ip 192.168.1.1 mask 255.255.255.0 |
| modify ip cfg ttl 64 |
| modify dsl config adsl2plus annex adsl2plus framing-3et maxbits 15 txstart 33 txend 63 rxstart 64 rxend 511 fastretrain enable duallatency disable ecfdmmode ec maxdnrate 0x1ff autosraenable disable |
| create atm port enable ifname atm-0 maxvc 8 oamsrc 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF |
| create ppp security ifname default |
| create ppp security ifname ppp-0 chap login 08004110411 passwd Alice |
| create atm trfdesc trfindex 0 |
| create atm vc intf ifname aal5-0 lowif atm-0 vpi 1 vci 32 a5maxproto 2 |
| modify ppe cfg padrmax 3 padrtime 1 |
| create ppp intf ifname ppp-0 mru 1492 lowif aal5-0 droute true ppoe outside usedns true |
| modify nat global tcpidletimeout 4800 tcpclosewait 15 tcptimeout 15 udptimeout 60 defnatage 15 enable |
| create nat rule entry ruleid 1 filter destportfrom num 6073 destportto num 6073 |
| create nat rule entry ruleid 2 filter prot num 17 destportfrom num 500 destportto num 500 |
| create nat rule entry ruleid 3 napt |
| create alg port portno 21 prot num 6 algtype ftp |
| create alg port portno 1701 prot num 17 algtype l2tp |
| create alg port portno 1723 prot num 6 algtype pptp |
| create alg port portno 554 prot num 6 algtype rtsp |
| create alg port portno 7070 prot num 6 algtype ra |
| create alg port portno 7648 prot num 6 algtype cuseeme |
| create alg port portno 1719 prot num 17 algtype h323_ras |
| create alg port portno 1720 prot num 6 algtype h323_q931 |
| create alg port portno 6661 prot num 6 algtype mirc |
| create alg port portno 6662 prot num 6 algtype mirc |
| create alg port portno 6663 prot num 6 algtype mirc |
| create alg port portno 6664 prot num 6 algtype mirc |
| create alg port portno 6665 prot num 6 algtype mirc |
| create alg port portno 6666 prot num 6 algtype mirc |
| create alg port portno 6667 prot num 6 algtype mirc |
| create alg port portno 6668 prot num 6 algtype mirc |
| create alg port portno 6669 prot num 6 algtype mirc |
| create alg port portno 161 prot num 17 algtype snmp |
| create alg port portno 407 prot num 17 algtype timbuktu |
| create alg port portno 6301 prot num 17 algtype sgicompcore |
| create alg port portno 1863 prot num 6 upnpaware true algtype msnmsgr |
| create alg port portno 389 prot num 6 algtype ldap |
| create alg port portno 1002 prot num 6 algtype ldap |
| create alg port portno 500 prot num 17 algtype ike |
| create alg port portno 0 prot num 50 algtype esp |
| create alg port portno 1503 prot num 6 upnpaware true algtype t120 |
| create alg port portno 5060 upnpaware true algtype sip |
| create alg port portno 5190 prot num 6 algtype icq |
| create bridge port intf ifname eth-0 |
| modify stp port info ifname eth-0 priority 0x80 pcost 100 |
| create dhcp relay intf ifname ppp-0 |
| modify dhcp relay cfg enable |
| create igmp intf ifname ppp-0 host |
| modify upnp cfg nbstatus enable |
| modify ilmi access protocol ifname atm-0 vpi 1 vci 32 proto any |
| trigger ilmi |
| END |
->Zurück zu Filter extern definieren
