diff --git a/image-extras/tplink_archer-c7-v5/etc/uci-defaults/99defaults b/image-extras/tplink_archer-c7-v5/etc/uci-defaults/99defaults index cd71b41..cbe4f5d 100644 --- a/image-extras/tplink_archer-c7-v5/etc/uci-defaults/99defaults +++ b/image-extras/tplink_archer-c7-v5/etc/uci-defaults/99defaults @@ -78,7 +78,6 @@ uci commit uhttpd # DHCP server on/off uci set dhcp.lan.ignore="$dhcpsrv" -# DHCP ip range uci set dhcp.lan.start='50' uci set dhcp.lan.limit='100' uci add host @@ -272,98 +271,98 @@ uci set firewall.@defaults[0].drop_invalid='1' uci set firewall.@defaults[0].synflood_protect='1' # ADD ZONES uci add firewall zone -uci set firewall.@zone[2].name='vpn0' -uci set firewall.@zone[2].input='ACCEPT' -uci set firewall.@zone[2].forward='ACCEPT' -uci set firewall.@zone[2].device='vpn0' -uci set firewall.@zone[2].output='ACCEPT' -uci set firewall.@zone[2].network='vpn0' +uci set firewall.@zone[-1].name='vpn0' +uci set firewall.@zone[-1].input='ACCEPT' +uci set firewall.@zone[-1].forward='ACCEPT' +uci set firewall.@zone[-1].device='vpn0' +uci set firewall.@zone[-1].output='ACCEPT' +uci set firewall.@zone[-1].network='vpn0' uci add firewall zone -uci set firewall.@zone[3].name='vpn1' -uci set firewall.@zone[3].input='ACCEPT' -uci set firewall.@zone[3].forward='ACCEPT' -uci set firewall.@zone[3].device='vpn1' -uci set firewall.@zone[3].output='ACCEPT' -uci set firewall.@zone[3].network='vpn1' +uci set firewall.@zone[-1].name='vpn1' +uci set firewall.@zone[-1].input='ACCEPT' +uci set firewall.@zone[-1].forward='ACCEPT' +uci set firewall.@zone[-1].device='vpn1' +uci set firewall.@zone[-1].output='ACCEPT' +uci set firewall.@zone[-1].network='vpn1' uci add firewall zone -uci set firewall.@zone[4].name='vpn2' -uci set firewall.@zone[4].input='ACCEPT' -uci set firewall.@zone[4].forward='ACCEPT' -uci set firewall.@zone[4].device='vpn2' -uci set firewall.@zone[4].output='ACCEPT' -uci set firewall.@zone[4].network='vpn2' +uci set firewall.@zone[-1].name='vpn2' +uci set firewall.@zone[-1].input='ACCEPT' +uci set firewall.@zone[-1].forward='ACCEPT' +uci set firewall.@zone[-1].device='vpn2' +uci set firewall.@zone[-1].output='ACCEPT' +uci set firewall.@zone[-1].network='vpn2' uci add firewall zone -uci set firewall.@zone[5].name='vpn3' -uci set firewall.@zone[5].input='ACCEPT' -uci set firewall.@zone[5].forward='ACCEPT' -uci set firewall.@zone[5].device='vpn3' -uci set firewall.@zone[5].output='ACCEPT' -uci set firewall.@zone[5].network='vpn3' +uci set firewall.@zone[-1].name='vpn3' +uci set firewall.@zone[-1].input='ACCEPT' +uci set firewall.@zone[-1].forward='ACCEPT' +uci set firewall.@zone[-1].device='vpn3' +uci set firewall.@zone[-1].output='ACCEPT' +uci set firewall.@zone[-1].network='vpn3' uci add firewall zone -uci set firewall.@zone[6].name='wg777' -uci set firewall.@zone[6].input='ACCEPT' -uci set firewall.@zone[6].forward='ACCEPT' -uci set firewall.@zone[6].output='ACCEPT' -uci set firewall.@zone[6].network='wg777' +uci set firewall.@zone[-1].name='wg777' +uci set firewall.@zone[-1].input='ACCEPT' +uci set firewall.@zone[-1].forward='ACCEPT' +uci set firewall.@zone[-1].output='ACCEPT' +uci set firewall.@zone[-1].network='wg777' uci add firewall zone -uci set firewall.@zone[7].name='wg' -uci set firewall.@zone[7].family='ipv4' -uci set firewall.@zone[7].masq='1' -uci set firewall.@zone[7].output='ACCEPT' -uci set firewall.@zone[7].forward='REJECT' -uci set firewall.@zone[7].input='REJECT' -uci set firewall.@zone[7].mtu_fix='1' -uci set firewall.@zone[7].network='wg0' +uci set firewall.@zone[-1].name='wg' +uci set firewall.@zone[-1].family='ipv4' +uci set firewall.@zone[-1].masq='1' +uci set firewall.@zone[-1].output='ACCEPT' +uci set firewall.@zone[-1].forward='REJECT' +uci set firewall.@zone[-1].input='REJECT' +uci set firewall.@zone[-1].mtu_fix='1' +uci set firewall.@zone[-1].network='wg0' # ADD RULES uci add firewall rule -uci set firewall.@rule[10].target='ACCEPT' -uci set firewall.@rule[10].src='wan' -uci set firewall.@rule[10].proto='tcp udp' -uci set firewall.@rule[10].dest_port='5001' -uci set firewall.@rule[10].name='iperf ' +uci set firewall.@rule[-1].target='ACCEPT' +uci set firewall.@rule[-1].src='wan' +uci set firewall.@rule[-1].proto='tcp udp' +uci set firewall.@rule[-1].dest_port='5001' +uci set firewall.@rule[-1].name='iperf ' uci add firewall rule -uci set firewall.@rule[11].target='ACCEPT' -uci set firewall.@rule[11].proto='udp' -uci set firewall.@rule[11].dest_port='23555' -uci set firewall.@rule[11].name='Allow-Baumana-Elmash-Inbound' -uci set firewall.@rule[11].src='wan' +uci set firewall.@rule[-1].target='ACCEPT' +uci set firewall.@rule[-1].proto='udp' +uci set firewall.@rule[-1].dest_port='23555' +uci set firewall.@rule[-1].name='Allow-Baumana-Elmash-Inbound' +uci set firewall.@rule[-1].src='wan' uci add firewall rule -uci set firewall.@rule[12].target='ACCEPT' -uci set firewall.@rule[12].proto='udp' -uci set firewall.@rule[12].dest_port='23556' -uci set firewall.@rule[12].name='Allow-Elmash-Aramil-Inbound' -uci set firewall.@rule[12].src='wan' +uci set firewall.@rule[-1].target='ACCEPT' +uci set firewall.@rule[-1].proto='udp' +uci set firewall.@rule[-1].dest_port='23556' +uci set firewall.@rule[-1].name='Allow-Elmash-Aramil-Inbound' +uci set firewall.@rule[-1].src='wan' uci add firewall rule -uci set firewall.@rule[13].target='ACCEPT' -uci set firewall.@rule[13].proto='udp' -uci set firewall.@rule[13].dest_port='23559' -uci set firewall.@rule[13].name='Allow-Elmash-Olga-Inbound' -uci set firewall.@rule[13].src='wan' +uci set firewall.@rule[-1].target='ACCEPT' +uci set firewall.@rule[-1].proto='udp' +uci set firewall.@rule[-1].dest_port='23559' +uci set firewall.@rule[-1].name='Allow-Elmash-Olga-Inbound' +uci set firewall.@rule[-1].src='wan' uci add firewall rule -uci set firewall.@rule[14].target='ACCEPT' -uci set firewall.@rule[14].proto='udp' -uci set firewall.@rule[14].dest_port='51820' -uci set firewall.@rule[14].name='Allow-Wireguard-Hetzner' -uci set firewall.@rule[14].src='wan' +uci set firewall.@rule[-1].target='ACCEPT' +uci set firewall.@rule[-1].proto='udp' +uci set firewall.@rule[-1].dest_port='51820' +uci set firewall.@rule[-1].name='Allow-Wireguard-Hetzner' +uci set firewall.@rule[-1].src='wan' uci add firewall rule -uci set firewall.@rule[15].target='ACCEPT' -uci set firewall.@rule[15].proto='udp' -uci set firewall.@rule[15].dest_port='26261' -uci set firewall.@rule[15].name='Allow-Wireguard-VPS' -uci set firewall.@rule[15].src='wan' +uci set firewall.@rule[-1].target='ACCEPT' +uci set firewall.@rule[-1].proto='udp' +uci set firewall.@rule[-1].dest_port='26261' +uci set firewall.@rule[-1].name='Allow-Wireguard-VPS' +uci set firewall.@rule[-1].src='wan' uci add firewall rule -uci set firewall.@rule[16].target='ACCEPT' -uci set firewall.@rule[16].proto='udp' -uci set firewall.@rule[16].dest_port='23560' -uci set firewall.@rule[16].name='Allow-Elmash-Pivko-Inbound' -uci set firewall.@rule[16].src='wan' +uci set firewall.@rule[-1].target='ACCEPT' +uci set firewall.@rule[-1].proto='udp' +uci set firewall.@rule[-1].dest_port='23560' +uci set firewall.@rule[-1].name='Allow-Elmash-Pivko-Inbound' +uci set firewall.@rule[-1].src='wan' uci add firewall rule -uci set firewall.@rule[17].target='ACCEPT' -uci set firewall.@rule[17].proto='udp' -uci set firewall.@rule[17].dest_port='27027' -uci set firewall.@rule[17].src='wan' -uci set firewall.@rule[17].name='Allow-Remote-Jurists-Inbound' +uci set firewall.@rule[-1].target='ACCEPT' +uci set firewall.@rule[-1].proto='udp' +uci set firewall.@rule[-1].dest_port='27027' +uci set firewall.@rule[-1].src='wan' +uci set firewall.@rule[-1].name='Allow-Remote-Jurists-Inbound' #ADD IPSET uci add firewall ipset @@ -384,189 +383,189 @@ uci set firewall.@rule[-1].family='ipv4' # ADD REDIRECT uci add firewall redirect -uci set firewall.@redirect[0].target='DNAT' -uci set firewall.@redirect[0].src='wan' -uci set firewall.@redirect[0].dest='lan' -uci set firewall.@redirect[0].proto='tcp' -uci set firewall.@redirect[0].src_dport='5222' -uci set firewall.@redirect[0].dest_port='5222' -uci set firewall.@redirect[0].name='jabber1' -uci set firewall.@redirect[0].dest_ip='192.168.77.2' +uci set firewall.@redirect[-1].target='DNAT' +uci set firewall.@redirect[-1].src='wan' +uci set firewall.@redirect[-1].dest='lan' +uci set firewall.@redirect[-1].proto='tcp' +uci set firewall.@redirect[-1].src_dport='5222' +uci set firewall.@redirect[-1].dest_port='5222' +uci set firewall.@redirect[-1].name='jabber1' +uci set firewall.@redirect[-1].dest_ip='192.168.77.2' uci add firewall redirect -uci set firewall.@redirect[1].target='DNAT' -uci set firewall.@redirect[1].src='wan' -uci set firewall.@redirect[1].dest='lan' -uci set firewall.@redirect[1].proto='tcp' -uci set firewall.@redirect[1].src_dport='5223' -uci set firewall.@redirect[1].dest_port='5223' -uci set firewall.@redirect[1].name='jabber2' -uci set firewall.@redirect[1].dest_ip='192.168.77.2' +uci set firewall.@redirect[-1].target='DNAT' +uci set firewall.@redirect[-1].src='wan' +uci set firewall.@redirect[-1].dest='lan' +uci set firewall.@redirect[-1].proto='tcp' +uci set firewall.@redirect[-1].src_dport='5223' +uci set firewall.@redirect[-1].dest_port='5223' +uci set firewall.@redirect[-1].name='jabber2' +uci set firewall.@redirect[-1].dest_ip='192.168.77.2' uci add firewall redirect -uci set firewall.@redirect[2].target='DNAT' -uci set firewall.@redirect[2].src='wan' -uci set firewall.@redirect[2].dest='lan' -uci set firewall.@redirect[2].proto='tcp' -uci set firewall.@redirect[2].src_dport='5269' -uci set firewall.@redirect[2].dest_port='5269' -uci set firewall.@redirect[2].name='jabber3' -uci set firewall.@redirect[2].dest_ip='192.168.77.2' +uci set firewall.@redirect[-1].target='DNAT' +uci set firewall.@redirect[-1].src='wan' +uci set firewall.@redirect[-1].dest='lan' +uci set firewall.@redirect[-1].proto='tcp' +uci set firewall.@redirect[-1].src_dport='5269' +uci set firewall.@redirect[-1].dest_port='5269' +uci set firewall.@redirect[-1].name='jabber3' +uci set firewall.@redirect[-1].dest_ip='192.168.77.2' uci add firewall redirect -uci set firewall.@redirect[3].target='DNAT' -uci set firewall.@redirect[3].src='wan' -uci set firewall.@redirect[3].dest='lan' -uci set firewall.@redirect[3].proto='tcp' -uci set firewall.@redirect[3].src_dport='5280' -uci set firewall.@redirect[3].dest_port='5280' -uci set firewall.@redirect[3].name='jabber4' -uci set firewall.@redirect[3].dest_ip='192.168.77.2' +uci set firewall.@redirect[-1].target='DNAT' +uci set firewall.@redirect[-1].src='wan' +uci set firewall.@redirect[-1].dest='lan' +uci set firewall.@redirect[-1].proto='tcp' +uci set firewall.@redirect[-1].src_dport='5280' +uci set firewall.@redirect[-1].dest_port='5280' +uci set firewall.@redirect[-1].name='jabber4' +uci set firewall.@redirect[-1].dest_ip='192.168.77.2' uci add firewall redirect -uci set firewall.@redirect[4].target='DNAT' -uci set firewall.@redirect[4].src='wan' -uci set firewall.@redirect[4].dest='lan' -uci set firewall.@redirect[4].proto='tcp' -uci set firewall.@redirect[4].src_dport='5443' -uci set firewall.@redirect[4].dest_port='5443' -uci set firewall.@redirect[4].name='jabber5' -uci set firewall.@redirect[4].dest_ip='192.168.77.2' +uci set firewall.@redirect[-1].target='DNAT' +uci set firewall.@redirect[-1].src='wan' +uci set firewall.@redirect[-1].dest='lan' +uci set firewall.@redirect[-1].proto='tcp' +uci set firewall.@redirect[-1].src_dport='5443' +uci set firewall.@redirect[-1].dest_port='5443' +uci set firewall.@redirect[-1].name='jabber5' +uci set firewall.@redirect[-1].dest_ip='192.168.77.2' uci add firewall redirect -uci set firewall.@redirect[5].target='DNAT' -uci set firewall.@redirect[5].src='wan' -uci set firewall.@redirect[5].dest='lan' -uci set firewall.@redirect[5].proto='udp' -uci set firewall.@redirect[5].dest_ip='192.168.77.3' -uci set firewall.@redirect[5].name='rtp' -uci set firewall.@redirect[5].src_dport='10000-20000' -uci set firewall.@redirect[5].dest_port='10000-20000' +uci set firewall.@redirect[-1].target='DNAT' +uci set firewall.@redirect[-1].src='wan' +uci set firewall.@redirect[-1].dest='lan' +uci set firewall.@redirect[-1].proto='udp' +uci set firewall.@redirect[-1].dest_ip='192.168.77.3' +uci set firewall.@redirect[-1].name='rtp' +uci set firewall.@redirect[-1].src_dport='10000-20000' +uci set firewall.@redirect[-1].dest_port='10000-20000' uci add firewall redirect -uci set firewall.@redirect[6].dest='lan' -uci set firewall.@redirect[6].target='DNAT' -uci set firewall.@redirect[6].name='stunt' -uci set firewall.@redirect[6].src='wan' -uci set firewall.@redirect[6].src_dport='3478' -uci set firewall.@redirect[6].dest_ip='192.168.77.2' +uci set firewall.@redirect[-1].dest='lan' +uci set firewall.@redirect[-1].target='DNAT' +uci set firewall.@redirect[-1].name='stunt' +uci set firewall.@redirect[-1].src='wan' +uci set firewall.@redirect[-1].src_dport='3478' +uci set firewall.@redirect[-1].dest_ip='192.168.77.2' uci add firewall redirect -uci set firewall.@redirect[7].dest='lan' -uci set firewall.@redirect[7].target='DNAT' -uci set firewall.@redirect[7].name='stunts' -uci set firewall.@redirect[7].proto='tcp' -uci set firewall.@redirect[7].src='wan' -uci set firewall.@redirect[7].src_dport='5349' -uci set firewall.@redirect[7].dest_ip='192.168.77.2' +uci set firewall.@redirect[-1].dest='lan' +uci set firewall.@redirect[-1].target='DNAT' +uci set firewall.@redirect[-1].name='stunts' +uci set firewall.@redirect[-1].proto='tcp' +uci set firewall.@redirect[-1].src='wan' +uci set firewall.@redirect[-1].src_dport='5349' +uci set firewall.@redirect[-1].dest_ip='192.168.77.2' uci add firewall redirect -uci set firewall.@redirect[8].dest='lan' -uci set firewall.@redirect[8].target='DNAT' -uci set firewall.@redirect[8].name='turn' -uci set firewall.@redirect[8].src='wan' -uci set firewall.@redirect[8].src_dport='3478' -uci set firewall.@redirect[8].dest_ip='192.168.77.2' +uci set firewall.@redirect[-1].dest='lan' +uci set firewall.@redirect[-1].target='DNAT' +uci set firewall.@redirect[-1].name='turn' +uci set firewall.@redirect[-1].src='wan' +uci set firewall.@redirect[-1].src_dport='3478' +uci set firewall.@redirect[-1].dest_ip='192.168.77.2' uci add firewall redirect -uci set firewall.@redirect[9].dest='lan' -uci set firewall.@redirect[9].target='DNAT' -uci set firewall.@redirect[9].name='turns' -uci set firewall.@redirect[9].proto='tcp' -uci set firewall.@redirect[9].src='wan' -uci set firewall.@redirect[9].src_dport='5349' -uci set firewall.@redirect[9].dest_ip='192.168.77.2' +uci set firewall.@redirect[-1].dest='lan' +uci set firewall.@redirect[-1].target='DNAT' +uci set firewall.@redirect[-1].name='turns' +uci set firewall.@redirect[-1].proto='tcp' +uci set firewall.@redirect[-1].src='wan' +uci set firewall.@redirect[-1].src_dport='5349' +uci set firewall.@redirect[-1].dest_ip='192.168.77.2' uci add firewall redirect -uci set firewall.@redirect[10].dest='lan' -uci set firewall.@redirect[10].target='DNAT' -uci set firewall.@redirect[10].name='ejabb-stunt' -uci set firewall.@redirect[10].src='wan' -uci set firewall.@redirect[10].src_dport='49152-65535' -uci set firewall.@redirect[10].dest_ip='192.168.77.2' +uci set firewall.@redirect[-1].dest='lan' +uci set firewall.@redirect[-1].target='DNAT' +uci set firewall.@redirect[-1].name='ejabb-stunt' +uci set firewall.@redirect[-1].src='wan' +uci set firewall.@redirect[-1].src_dport='49152-65535' +uci set firewall.@redirect[-1].dest_ip='192.168.77.2' uci add firewall redirect -uci set firewall.@redirect[11].dest='lan' -uci set firewall.@redirect[11].target='DNAT' -uci set firewall.@redirect[11].src='wan' -uci set firewall.@redirect[11].src_dport='80' -uci set firewall.@redirect[11].dest_ip='192.168.77.2' -uci set firewall.@redirect[11].dest_port='5280' -uci set firewall.@redirect[11].name='acme_ejabberd_http' -uci set firewall.@redirect[11].enabled='0' +uci set firewall.@redirect[-1].dest='lan' +uci set firewall.@redirect[-1].target='DNAT' +uci set firewall.@redirect[-1].src='wan' +uci set firewall.@redirect[-1].src_dport='80' +uci set firewall.@redirect[-1].dest_ip='192.168.77.2' +uci set firewall.@redirect[-1].dest_port='5280' +uci set firewall.@redirect[-1].name='acme_ejabberd_http' +uci set firewall.@redirect[-1].enabled='0' uci add firewall redirect -uci set firewall.@redirect[12].dest='lan' -uci set firewall.@redirect[12].target='DNAT' -uci set firewall.@redirect[12].proto='udp' -uci set firewall.@redirect[12].src='wan' -uci set firewall.@redirect[12].src_dport='49152-65535' -uci set firewall.@redirect[12].dest_ip='192.168.77.2' -uci set firewall.@redirect[12].dest_port='49152-65535' -uci set firewall.@redirect[12].name='stun_udp_RANGE' +uci set firewall.@redirect[-1].dest='lan' +uci set firewall.@redirect[-1].target='DNAT' +uci set firewall.@redirect[-1].proto='udp' +uci set firewall.@redirect[-1].src='wan' +uci set firewall.@redirect[-1].src_dport='49152-65535' +uci set firewall.@redirect[-1].dest_ip='192.168.77.2' +uci set firewall.@redirect[-1].dest_port='49152-65535' +uci set firewall.@redirect[-1].name='stun_udp_RANGE' uci add firewall redirect -uci set firewall.@redirect[13].dest='lan' -uci set firewall.@redirect[13].target='DNAT' -uci set firewall.@redirect[13].name='stun_tcp_RANGE' -uci set firewall.@redirect[13].proto='tcp' -uci set firewall.@redirect[13].src='wan' -uci set firewall.@redirect[13].src_dport='49152-65535' -uci set firewall.@redirect[13].dest_ip='192.168.77.2' -uci set firewall.@redirect[13].dest_port='49152-65535' +uci set firewall.@redirect[-1].dest='lan' +uci set firewall.@redirect[-1].target='DNAT' +uci set firewall.@redirect[-1].name='stun_tcp_RANGE' +uci set firewall.@redirect[-1].proto='tcp' +uci set firewall.@redirect[-1].src='wan' +uci set firewall.@redirect[-1].src_dport='49152-65535' +uci set firewall.@redirect[-1].dest_ip='192.168.77.2' +uci set firewall.@redirect[-1].dest_port='49152-65535' uci add firewall redirect -uci set firewall.@redirect[14].dest='lan' -uci set firewall.@redirect[14].target='DNAT' -uci set firewall.@redirect[14].name='NPM-80' -uci set firewall.@redirect[14].src='wan' -uci set firewall.@redirect[14].src_dport='80' -uci set firewall.@redirect[14].dest_ip='192.168.77.191' -uci set firewall.@redirect[14].dest_port='80' +uci set firewall.@redirect[-1].dest='lan' +uci set firewall.@redirect[-1].target='DNAT' +uci set firewall.@redirect[-1].name='NPM-80' +uci set firewall.@redirect[-1].src='wan' +uci set firewall.@redirect[-1].src_dport='80' +uci set firewall.@redirect[-1].dest_ip='192.168.77.191' +uci set firewall.@redirect[-1].dest_port='80' uci add firewall redirect -uci set firewall.@redirect[15].dest='lan' -uci set firewall.@redirect[15].target='DNAT' -uci set firewall.@redirect[15].name='NPM-443' -uci set firewall.@redirect[15].src='wan' -uci set firewall.@redirect[15].src_dport='443' -uci set firewall.@redirect[15].dest_ip='192.168.77.191' -uci set firewall.@redirect[15].dest_port='443' +uci set firewall.@redirect[-1].dest='lan' +uci set firewall.@redirect[-1].target='DNAT' +uci set firewall.@redirect[-1].name='NPM-443' +uci set firewall.@redirect[-1].src='wan' +uci set firewall.@redirect[-1].src_dport='443' +uci set firewall.@redirect[-1].dest_ip='192.168.77.191' +uci set firewall.@redirect[-1].dest_port='443' uci add firewall redirect -uci set firewall.@redirect[16].dest='lan' -uci set firewall.@redirect[16].target='DNAT' -uci set firewall.@redirect[16].name='gitea_SSH' -uci set firewall.@redirect[16].src='wan' -uci set firewall.@redirect[16].src_dport='2222' -uci set firewall.@redirect[16].dest_ip='192.168.77.193' -uci set firewall.@redirect[16].dest_port='22' +uci set firewall.@redirect[-1].dest='lan' +uci set firewall.@redirect[-1].target='DNAT' +uci set firewall.@redirect[-1].name='gitea_SSH' +uci set firewall.@redirect[-1].src='wan' +uci set firewall.@redirect[-1].src_dport='2222' +uci set firewall.@redirect[-1].dest_ip='192.168.77.193' +uci set firewall.@redirect[-1].dest_port='22' # ADD FORWARD ZONES uci add firewall forwarding -uci set firewall.@forwarding[1].dest='lan' -uci set firewall.@forwarding[1].src='vpn0' +uci set firewall.@forwarding[-1].dest='lan' +uci set firewall.@forwarding[-1].src='vpn0' uci add firewall forwarding -uci set firewall.@forwarding[2].dest='vpn0' -uci set firewall.@forwarding[2].src='lan' +uci set firewall.@forwarding[-1].dest='vpn0' +uci set firewall.@forwarding[-1].src='lan' uci add firewall forwarding -uci set firewall.@forwarding[3].dest='lan' -uci set firewall.@forwarding[3].src='vpn1' +uci set firewall.@forwarding[-1].dest='lan' +uci set firewall.@forwarding[-1].src='vpn1' uci add firewall forwarding -uci set firewall.@forwarding[4].dest='vpn1' -uci set firewall.@forwarding[4].src='lan' +uci set firewall.@forwarding[-1].dest='vpn1' +uci set firewall.@forwarding[-1].src='lan' uci add firewall forwarding -uci set firewall.@forwarding[5].src='vpn2' -uci set firewall.@forwarding[5].dest='lan' +uci set firewall.@forwarding[-1].src='vpn2' +uci set firewall.@forwarding[-1].dest='lan' uci add firewall forwarding -uci set firewall.@forwarding[6].src='lan' -uci set firewall.@forwarding[6].dest='vpn2' +uci set firewall.@forwarding[-1].src='lan' +uci set firewall.@forwarding[-1].dest='vpn2' uci add firewall forwarding -uci set firewall.@forwarding[7].dest='lan' -uci set firewall.@forwarding[7].src='vpn3' +uci set firewall.@forwarding[-1].dest='lan' +uci set firewall.@forwarding[-1].src='vpn3' uci add firewall forwarding -uci set firewall.@forwarding[8].dest='vpn3' -uci set firewall.@forwarding[8].src='lan' +uci set firewall.@forwarding[-1].dest='vpn3' +uci set firewall.@forwarding[-1].src='lan' uci add firewall forwarding -uci set firewall.@forwarding[9].src='wg777' -uci set firewall.@forwarding[9].dest='wan' +uci set firewall.@forwarding[-1].src='wg777' +uci set firewall.@forwarding[-1].dest='wan' uci add firewall forwarding -uci set firewall.@forwarding[10].src='wan' -uci set firewall.@forwarding[10].dest='wg777' +uci set firewall.@forwarding[-1].src='wan' +uci set firewall.@forwarding[-1].dest='wg777' uci add firewall forwarding -uci set firewall.@forwarding[11].dest='lan' -uci set firewall.@forwarding[11].src='wg777' +uci set firewall.@forwarding[-1].dest='lan' +uci set firewall.@forwarding[-1].src='wg777' uci add firewall forwarding -uci set firewall.@forwarding[12].dest='wg777' -uci set firewall.@forwarding[12].src='lan' +uci set firewall.@forwarding[-1].dest='wg777' +uci set firewall.@forwarding[-1].src='lan' uci add firewall forwarding -uci set firewall.@forwarding[13].family='ipv4' -uci set firewall.@forwarding[13].src='lan' -uci set firewall.@forwarding[13].dest='wg' +uci set firewall.@forwarding[-1].family='ipv4' +uci set firewall.@forwarding[-1].src='lan' +uci set firewall.@forwarding[-1].dest='wg' uci commit firewall /etc/init.d/firewall restart diff --git a/image-extras/tplink_tl-wdr3600-v1/etc/uci-defaults/99-defaults b/image-extras/tplink_tl-wdr3600-v1/etc/uci-defaults/99-defaults index 85d1fec..2a9f3f0 100644 --- a/image-extras/tplink_tl-wdr3600-v1/etc/uci-defaults/99-defaults +++ b/image-extras/tplink_tl-wdr3600-v1/etc/uci-defaults/99-defaults @@ -400,164 +400,164 @@ uci set firewall.@redirect[-1].proto='tcp' uci set firewall.@redirect[-1].src_dport='5269' uci set firewall.@redirect[-1].dest_port='5269' uci set firewall.@redirect[-1].name='jabber3' -uci set firewall.@redirect[2].dest_ip='192.168.77.2' +uci set firewall.@redirect[-1].dest_ip='192.168.77.2' uci add firewall redirect -uci set firewall.@redirect[3].target='DNAT' -uci set firewall.@redirect[3].src='wan' -uci set firewall.@redirect[3].dest='lan' -uci set firewall.@redirect[3].proto='tcp' -uci set firewall.@redirect[3].src_dport='5280' -uci set firewall.@redirect[3].dest_port='5280' -uci set firewall.@redirect[3].name='jabber4' -uci set firewall.@redirect[3].dest_ip='192.168.77.2' +uci set firewall.@redirect[-1].target='DNAT' +uci set firewall.@redirect[-1].src='wan' +uci set firewall.@redirect[-1].dest='lan' +uci set firewall.@redirect[-1].proto='tcp' +uci set firewall.@redirect[-1].src_dport='5280' +uci set firewall.@redirect[-1].dest_port='5280' +uci set firewall.@redirect[-1].name='jabber4' +uci set firewall.@redirect[-1].dest_ip='192.168.77.2' uci add firewall redirect -uci set firewall.@redirect[4].target='DNAT' -uci set firewall.@redirect[4].src='wan' -uci set firewall.@redirect[4].dest='lan' -uci set firewall.@redirect[4].proto='tcp' -uci set firewall.@redirect[4].src_dport='5443' -uci set firewall.@redirect[4].dest_port='5443' -uci set firewall.@redirect[4].name='jabber5' -uci set firewall.@redirect[4].dest_ip='192.168.77.2' +uci set firewall.@redirect[-1].target='DNAT' +uci set firewall.@redirect[-1].src='wan' +uci set firewall.@redirect[-1].dest='lan' +uci set firewall.@redirect[-1].proto='tcp' +uci set firewall.@redirect[-1].src_dport='5443' +uci set firewall.@redirect[-1].dest_port='5443' +uci set firewall.@redirect[-1].name='jabber5' +uci set firewall.@redirect[-1].dest_ip='192.168.77.2' uci add firewall redirect -uci set firewall.@redirect[5].target='DNAT' -uci set firewall.@redirect[5].src='wan' -uci set firewall.@redirect[5].dest='lan' -uci set firewall.@redirect[5].proto='udp' -uci set firewall.@redirect[5].dest_ip='192.168.77.3' -uci set firewall.@redirect[5].name='rtp' -uci set firewall.@redirect[5].src_dport='10000-20000' -uci set firewall.@redirect[5].dest_port='10000-20000' +uci set firewall.@redirect[-1].target='DNAT' +uci set firewall.@redirect[-1].src='wan' +uci set firewall.@redirect[-1].dest='lan' +uci set firewall.@redirect[-1].proto='udp' +uci set firewall.@redirect[-1].dest_ip='192.168.77.3' +uci set firewall.@redirect[-1].name='rtp' +uci set firewall.@redirect[-1].src_dport='10000-20000' +uci set firewall.@redirect[-1].dest_port='10000-20000' uci add firewall redirect -uci set firewall.@redirect[6].dest='lan' -uci set firewall.@redirect[6].target='DNAT' -uci set firewall.@redirect[6].name='stunt' -uci set firewall.@redirect[6].src='wan' -uci set firewall.@redirect[6].src_dport='3478' -uci set firewall.@redirect[6].dest_ip='192.168.77.2' +uci set firewall.@redirect[-1].dest='lan' +uci set firewall.@redirect[-1].target='DNAT' +uci set firewall.@redirect[-1].name='stunt' +uci set firewall.@redirect[-1].src='wan' +uci set firewall.@redirect[-1].src_dport='3478' +uci set firewall.@redirect[-1].dest_ip='192.168.77.2' uci add firewall redirect -uci set firewall.@redirect[7].dest='lan' -uci set firewall.@redirect[7].target='DNAT' -uci set firewall.@redirect[7].name='stunts' -uci set firewall.@redirect[7].proto='tcp' -uci set firewall.@redirect[7].src='wan' -uci set firewall.@redirect[7].src_dport='5349' -uci set firewall.@redirect[7].dest_ip='192.168.77.2' +uci set firewall.@redirect[-1].dest='lan' +uci set firewall.@redirect[-1].target='DNAT' +uci set firewall.@redirect[-1].name='stunts' +uci set firewall.@redirect[-1].proto='tcp' +uci set firewall.@redirect[-1].src='wan' +uci set firewall.@redirect[-1].src_dport='5349' +uci set firewall.@redirect[-1].dest_ip='192.168.77.2' uci add firewall redirect -uci set firewall.@redirect[8].dest='lan' -uci set firewall.@redirect[8].target='DNAT' -uci set firewall.@redirect[8].name='turn' -uci set firewall.@redirect[8].src='wan' -uci set firewall.@redirect[8].src_dport='3478' -uci set firewall.@redirect[8].dest_ip='192.168.77.2' +uci set firewall.@redirect[-1].dest='lan' +uci set firewall.@redirect[-1].target='DNAT' +uci set firewall.@redirect[-1].name='turn' +uci set firewall.@redirect[-1].src='wan' +uci set firewall.@redirect[-1].src_dport='3478' +uci set firewall.@redirect[-1].dest_ip='192.168.77.2' uci add firewall redirect -uci set firewall.@redirect[9].dest='lan' -uci set firewall.@redirect[9].target='DNAT' -uci set firewall.@redirect[9].name='turns' -uci set firewall.@redirect[9].proto='tcp' -uci set firewall.@redirect[9].src='wan' -uci set firewall.@redirect[9].src_dport='5349' -uci set firewall.@redirect[9].dest_ip='192.168.77.2' +uci set firewall.@redirect[-1].dest='lan' +uci set firewall.@redirect[-1].target='DNAT' +uci set firewall.@redirect[-1].name='turns' +uci set firewall.@redirect[-1].proto='tcp' +uci set firewall.@redirect[-1].src='wan' +uci set firewall.@redirect[-1].src_dport='5349' +uci set firewall.@redirect[-1].dest_ip='192.168.77.2' uci add firewall redirect -uci set firewall.@redirect[10].dest='lan' -uci set firewall.@redirect[10].target='DNAT' -uci set firewall.@redirect[10].name='ejabb-stunt' -uci set firewall.@redirect[10].src='wan' -uci set firewall.@redirect[10].src_dport='49152-65535' -uci set firewall.@redirect[10].dest_ip='192.168.77.2' +uci set firewall.@redirect[-1].dest='lan' +uci set firewall.@redirect[-1].target='DNAT' +uci set firewall.@redirect[-1].name='ejabb-stunt' +uci set firewall.@redirect[-1].src='wan' +uci set firewall.@redirect[-1].src_dport='49152-65535' +uci set firewall.@redirect[-1].dest_ip='192.168.77.2' uci add firewall redirect -uci set firewall.@redirect[11].dest='lan' -uci set firewall.@redirect[11].target='DNAT' -uci set firewall.@redirect[11].src='wan' -uci set firewall.@redirect[11].src_dport='80' -uci set firewall.@redirect[11].dest_ip='192.168.77.2' -uci set firewall.@redirect[11].dest_port='5280' -uci set firewall.@redirect[11].name='acme_ejabberd_http' -uci set firewall.@redirect[11].enabled='0' +uci set firewall.@redirect[-1].dest='lan' +uci set firewall.@redirect[-1].target='DNAT' +uci set firewall.@redirect[-1].src='wan' +uci set firewall.@redirect[-1].src_dport='80' +uci set firewall.@redirect[-1].dest_ip='192.168.77.2' +uci set firewall.@redirect[-1].dest_port='5280' +uci set firewall.@redirect[-1].name='acme_ejabberd_http' +uci set firewall.@redirect[-1].enabled='0' uci add firewall redirect -uci set firewall.@redirect[12].dest='lan' -uci set firewall.@redirect[12].target='DNAT' -uci set firewall.@redirect[12].proto='udp' -uci set firewall.@redirect[12].src='wan' -uci set firewall.@redirect[12].src_dport='49152-65535' -uci set firewall.@redirect[12].dest_ip='192.168.77.2' -uci set firewall.@redirect[12].dest_port='49152-65535' -uci set firewall.@redirect[12].name='stun_udp_RANGE' +uci set firewall.@redirect[-1].dest='lan' +uci set firewall.@redirect[-1].target='DNAT' +uci set firewall.@redirect[-1].proto='udp' +uci set firewall.@redirect[-1].src='wan' +uci set firewall.@redirect[-1].src_dport='49152-65535' +uci set firewall.@redirect[-1].dest_ip='192.168.77.2' +uci set firewall.@redirect[-1].dest_port='49152-65535' +uci set firewall.@redirect[-1].name='stun_udp_RANGE' uci add firewall redirect -uci set firewall.@redirect[13].dest='lan' -uci set firewall.@redirect[13].target='DNAT' -uci set firewall.@redirect[13].name='stun_tcp_RANGE' -uci set firewall.@redirect[13].proto='tcp' -uci set firewall.@redirect[13].src='wan' -uci set firewall.@redirect[13].src_dport='49152-65535' -uci set firewall.@redirect[13].dest_ip='192.168.77.2' -uci set firewall.@redirect[13].dest_port='49152-65535' +uci set firewall.@redirect[-1].dest='lan' +uci set firewall.@redirect[-1].target='DNAT' +uci set firewall.@redirect[-1].name='stun_tcp_RANGE' +uci set firewall.@redirect[-1].proto='tcp' +uci set firewall.@redirect[-1].src='wan' +uci set firewall.@redirect[-1].src_dport='49152-65535' +uci set firewall.@redirect[-1].dest_ip='192.168.77.2' +uci set firewall.@redirect[-1].dest_port='49152-65535' uci add firewall redirect -uci set firewall.@redirect[14].dest='lan' -uci set firewall.@redirect[14].target='DNAT' -uci set firewall.@redirect[14].name='NPM-80' -uci set firewall.@redirect[14].src='wan' -uci set firewall.@redirect[14].src_dport='80' -uci set firewall.@redirect[14].dest_ip='192.168.77.191' -uci set firewall.@redirect[14].dest_port='80' +uci set firewall.@redirect[-1].dest='lan' +uci set firewall.@redirect[-1].target='DNAT' +uci set firewall.@redirect[-1].name='NPM-80' +uci set firewall.@redirect[-1].src='wan' +uci set firewall.@redirect[-1].src_dport='80' +uci set firewall.@redirect[-1].dest_ip='192.168.77.191' +uci set firewall.@redirect[-1].dest_port='80' uci add firewall redirect -uci set firewall.@redirect[15].dest='lan' -uci set firewall.@redirect[15].target='DNAT' -uci set firewall.@redirect[15].name='NPM-443' -uci set firewall.@redirect[15].src='wan' -uci set firewall.@redirect[15].src_dport='443' -uci set firewall.@redirect[15].dest_ip='192.168.77.191' -uci set firewall.@redirect[15].dest_port='443' +uci set firewall.@redirect[-1].dest='lan' +uci set firewall.@redirect[-1].target='DNAT' +uci set firewall.@redirect[-1].name='NPM-443' +uci set firewall.@redirect[-1].src='wan' +uci set firewall.@redirect[-1].src_dport='443' +uci set firewall.@redirect[-1].dest_ip='192.168.77.191' +uci set firewall.@redirect[-1].dest_port='443' uci add firewall redirect -uci set firewall.@redirect[16].dest='lan' -uci set firewall.@redirect[16].target='DNAT' -uci set firewall.@redirect[16].name='gitea_SSH' -uci set firewall.@redirect[16].src='wan' -uci set firewall.@redirect[16].src_dport='2222' -uci set firewall.@redirect[16].dest_ip='192.168.77.193' -uci set firewall.@redirect[16].dest_port='22' +uci set firewall.@redirect[-1].dest='lan' +uci set firewall.@redirect[-1].target='DNAT' +uci set firewall.@redirect[-1].name='gitea_SSH' +uci set firewall.@redirect[-1].src='wan' +uci set firewall.@redirect[-1].src_dport='2222' +uci set firewall.@redirect[-1].dest_ip='192.168.77.193' +uci set firewall.@redirect[-1].dest_port='22' # ADD FORWARD ZONES uci add firewall forwarding -uci set firewall.@forwarding[1].dest='lan' -uci set firewall.@forwarding[1].src='vpn0' +uci set firewall.@forwarding[-1].dest='lan' +uci set firewall.@forwarding[-1].src='vpn0' uci add firewall forwarding -uci set firewall.@forwarding[2].dest='vpn0' -uci set firewall.@forwarding[2].src='lan' +uci set firewall.@forwarding[-1].dest='vpn0' +uci set firewall.@forwarding[-1].src='lan' uci add firewall forwarding -uci set firewall.@forwarding[3].dest='lan' -uci set firewall.@forwarding[3].src='vpn1' +uci set firewall.@forwarding[-1].dest='lan' +uci set firewall.@forwarding[-1].src='vpn1' uci add firewall forwarding -uci set firewall.@forwarding[4].dest='vpn1' -uci set firewall.@forwarding[4].src='lan' +uci set firewall.@forwarding[-1].dest='vpn1' +uci set firewall.@forwarding[-1].src='lan' uci add firewall forwarding -uci set firewall.@forwarding[5].src='vpn2' -uci set firewall.@forwarding[5].dest='lan' +uci set firewall.@forwarding[-1].src='vpn2' +uci set firewall.@forwarding[-1].dest='lan' uci add firewall forwarding -uci set firewall.@forwarding[6].src='lan' -uci set firewall.@forwarding[6].dest='vpn2' +uci set firewall.@forwarding[-1].src='lan' +uci set firewall.@forwarding[-1].dest='vpn2' uci add firewall forwarding -uci set firewall.@forwarding[7].dest='lan' -uci set firewall.@forwarding[7].src='vpn3' +uci set firewall.@forwarding[-1].dest='lan' +uci set firewall.@forwarding[-1].src='vpn3' uci add firewall forwarding -uci set firewall.@forwarding[8].dest='vpn3' -uci set firewall.@forwarding[8].src='lan' +uci set firewall.@forwarding[-1].dest='vpn3' +uci set firewall.@forwarding[-1].src='lan' uci add firewall forwarding -uci set firewall.@forwarding[9].src='wg777' -uci set firewall.@forwarding[9].dest='wan' +uci set firewall.@forwarding[-1].src='wg777' +uci set firewall.@forwarding[-1].dest='wan' uci add firewall forwarding -uci set firewall.@forwarding[10].src='wan' -uci set firewall.@forwarding[10].dest='wg777' +uci set firewall.@forwarding[-1].src='wan' +uci set firewall.@forwarding[-1].dest='wg777' uci add firewall forwarding -uci set firewall.@forwarding[11].dest='lan' -uci set firewall.@forwarding[11].src='wg777' +uci set firewall.@forwarding[-1].dest='lan' +uci set firewall.@forwarding[-1].src='wg777' uci add firewall forwarding -uci set firewall.@forwarding[12].dest='wg777' -uci set firewall.@forwarding[12].src='lan' +uci set firewall.@forwarding[-1].dest='wg777' +uci set firewall.@forwarding[-1].src='lan' uci add firewall forwarding -uci set firewall.@forwarding[13].family='ipv4' -uci set firewall.@forwarding[13].src='lan' -uci set firewall.@forwarding[13].dest='wg' +uci set firewall.@forwarding[-1].family='ipv4' +uci set firewall.@forwarding[-1].src='lan' +uci set firewall.@forwarding[-1].dest='wg' uci commit firewall /etc/init.d/firewall restart