Home Explore Help
Sign In
OpenWrt
/
openwrt
mirror of https://github.com/openwrt/openwrt.git
2
0
Fork 0
Files Issues 0 Wiki
Tree: 1d970c0035
Branches Tags
openwrt
/
package
/
firewall
/
files
/
firewall.config

firewall.config 1.6 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081 
  1. config defaults
    2. 

  2. 	option syn_flood	1
    3. 

  3. 	option input		ACCEPT
    4. 

  4. 	option output		ACCEPT 
    5. 

  5. 	option forward		REJECT
    6. 

  6. 

  7. config zone
    8. 

  8. 	option name		lan
    9. 

  9. 	option input	ACCEPT 
    10. 

  10. 	option output	ACCEPT 
    11. 

  11. 	option forward	REJECT
    12. 

  12. 

  13. config zone
    14. 

  14. 	option name		wan
    15. 

  15. 	option input	REJECT
    16. 

  16. 	option output	ACCEPT 
    17. 

  17. 	option forward	REJECT
    18. 

  18. 	option masq		1 
    19. 

  19. 

  20. config forwarding 
    21. 

  21. 	option src      lan
    22. 

  22. 	option dest     wan
    23. 

  23. 	option mtu_fix	1
    24. 

  24. 

  25. 

  26. ### EXAMPLE CONFIG SECTIONS
    27. 

  27. # do not allow a specific ip to access wan
    28. 

  28. #config rule
    29. 

  29. #	option src		lan
    30. 

  30. #	option src_ip	192.168.45.2
    31. 

  31. #	option dest		wan
    32. 

  32. #	option proto	tcp
    33. 

  33. #	option target	REJECT 
    34. 

  34. 

  35. # block a specific mac on wan
    36. 

  36. #config rule
    37. 

  37. #	option dest		wan
    38. 

  38. #	option src_mac	00:11:22:33:44:66
    39. 

  39. #	option target	REJECT 
    40. 

  40. 

  41. # block incoming ICMP traffic on a zone
    42. 

  42. #config rule
    43. 

  43. #	option src		lan
    44. 

  44. #	option proto	ICMP
    45. 

  45. #	option target	DROP
    46. 

  46. 

  47. # port redirect port coming in on wan to lan
    48. 

  48. #config redirect
    49. 

  49. #	option src			wan
    50. 

  50. #	option src_dport	80
    51. 

  51. #	option dest			lan
    52. 

  52. #	option dest_ip		192.168.16.235
    53. 

  53. #	option dest_port	80 
    54. 

  54. #	option proto		tcp
    55. 

  55. 

  56. # include a file with users custom iptables rules
    57. 

  57. #config include
    58. 

  58. #	option path /etc/firewall.user
    59. 

  59. 

  60. 

  61. ### FULL CONFIG SECTIONS
    62. 

  62. #config rule
    63. 

  63. #	option src		lan
    64. 

  64. #	option src_ip	192.168.45.2
    65. 

  65. #	option src_mac	00:11:22:33:44:55
    66. 

  66. #	option src_port	80
    67. 

  67. #	option dest		wan
    68. 

  68. #	option dest_ip	194.25.2.129
    69. 

  69. #	option dest_port	120
    70. 

  70. #	option proto	tcp
    71. 

  71. #	option target	REJECT 
    72. 

  72. 

  73. #config redirect
    74. 

  74. #	option src		lan
    75. 

  75. #	option src_ip	192.168.45.2
    76. 

  76. #	option src_mac	00:11:22:33:44:55
    77. 

  77. #	option src_port		1024
    78. 

  78. #	option src_dport	80
    79. 

  79. #	option dest_ip	194.25.2.129
    80. 

  80. #	option dest_port	120
    81. 

  81. #	option proto	tcp
    82.