www.alessandro-pensato.it

Configurazione di Vyatta

5 luglio 2009 Lascia un commento Vai ai commenti

vyatta@wifi-gw> show configuration
    protocols {
        snmp {
            community public {
            }
            contact: "Alessandro Pensato"
            description: "Gateway for wireless LAN"
            location: "Piano -1"
        }
        static {
            route 0.0.0.0/0 {
                next-hop: 192.168.0.1
            }
        }
    }
    policy {
    }
    interfaces {
        loopback lo {
        }
        ethernet eth0 {
            hw-id: 00:50:fc:30:31:03
            address 192.168.0.2 {
                prefix-length: 24
            }
            firewall {
                in {
                    name: "OUT"
                }
            }
        }
    }
    service {
        ssh {
        }
        webgui {
        }
    }
    firewall {
        name OUT {
            description: "Traffico consentito"
            rule 1 {
                description: "Traffico FTP"
                protocol: "tcp"
                action: "accept"
                source {

network: "192.168.0.0/24"
                }
                destination {

port-number 20
                }
            }
            rule 2 {
                description: "Traffico FTP"
                protocol: "tcp"
                action: "accept"
                source {

network: "192.168.0.0/24"
                }
                destination {

port-number 21
                }
            }
            rule 3 {
                description: "Traffico SMTP"
                protocol: "tcp"
                action: "accept"
                source {

network: "192.168.0.0/24"
                }
                destination {

port-number 25
                }
            }
            rule 4 {
                description: "Traffico HTTP"
                protocol: "tcp"
                action: "accept"
                source {

network: "192.168.0.0/24"
                }
                destination {

port-number 80
                }
            }
            rule 5 {
                description: "Traffico POP3"
                protocol: "tcp"
                action: "accept"
                source {

network: "192.168.0.0/24"
                }
                destination {

port-number 110
                }
            }
            rule 6 {
                description: "Traffico HTTPS"
                protocol: "tcp"
                action: "accept"
                source {

network: "192.168.0.0/24"
                }
                destination {

port-number 443
                }
            }
            rule 7 {
                description: "Traffico DNS"
                protocol: "udp"
                action: "accept"
                source {

network: "192.168.0.0/24"
                }
                destination {

port-number 53
                }
            }
            rule 15 {
                description: "Traffico LAN-to-LAN"
                action: "accept"
                source {

network: "192.168.0.0/24"
                }
                destination {

network: "192.168.0.0/24"
                }
            }
        }
    }
    system {
        host-name: "wifi-gw"
        domain-name: "ced.local"
        name-server 208.67.222.222
        name-server 151.99.0.100
        ntp-server "88.33.54.219"
        ntp-server "62.173.184.58"
        login {
            user root {
                authentication {

encrypted-password: "$1$$Ht7gBYnxI1xCdO/JOnodh."
                }
            }
            user vyatta {
                authentication {

encrypted-password: "$1$9pLfONjL$CeaVnVIACEEw1JkQEEOaY1"
                }
            }
        }
        package {
            repository community {
                component: "contrib main"

url: "http://archive.vyatta.com/vyatta"
            }
        }
    }