wareck
/
cgminer-openwrt-packages


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119
							
config 'defaults'
	option 'syn_flood' '1'
	option 'input' 'ACCEPT'
	option 'output' 'ACCEPT'
	option 'forward' 'REJECT'

config 'zone'
	option 'name' 'lan'
	option 'network' 'lan'
	option 'input' 'ACCEPT'
	option 'output' 'ACCEPT'
	option 'forward' 'REJECT'

config 'zone'
	option 'name' 'wan'
	option 'input' 'REJECT'
	option 'output' 'ACCEPT'
	option 'forward' 'REJECT'
	option 'masq' '1'
	option 'mtu_fix' '1'
	option 'network' 'wan wwan'

config 'forwarding'
	option 'src' 'lan'
	option 'dest' 'wan'

config 'rule'
	option 'name' 'Allow-DHCP-Renew'
	option 'src' 'wan'
	option 'proto' 'udp'
	option 'dest_port' '68'
	option 'target' 'ACCEPT'
	option 'family' 'ipv4'

config 'rule'
	option 'name' 'Allow-Ping'
	option 'src' 'wan'
	option 'proto' 'icmp'
	option 'icmp_type' 'echo-request'
	option 'family' 'ipv4'
	option 'target' 'ACCEPT'

config 'rule'
	option 'name' 'Allow-DHCPv6'
	option 'src' 'wan'
	option 'proto' 'udp'
	option 'src_ip' 'fe80::/10'
	option 'src_port' '547'
	option 'dest_ip' 'fe80::/10'
	option 'dest_port' '546'
	option 'family' 'ipv6'
	option 'target' 'ACCEPT'

config 'rule'
	option 'name' 'Allow-ICMPv6-Input'
	option 'src' 'wan'
	option 'proto' 'icmp'
	list 'icmp_type' 'echo-request'
	list 'icmp_type' 'destination-unreachable'
	list 'icmp_type' 'packet-too-big'
	list 'icmp_type' 'time-exceeded'
	list 'icmp_type' 'bad-header'
	list 'icmp_type' 'unknown-header-type'
	list 'icmp_type' 'router-solicitation'
	list 'icmp_type' 'neighbour-solicitation'
	option 'limit' '1000/sec'
	option 'family' 'ipv6'
	option 'target' 'ACCEPT'

config 'rule'
	option 'name' 'Allow-ICMPv6-Forward'
	option 'src' 'wan'
	option 'dest' '*'
	option 'proto' 'icmp'
	list 'icmp_type' 'echo-request'
	list 'icmp_type' 'destination-unreachable'
	list 'icmp_type' 'packet-too-big'
	list 'icmp_type' 'time-exceeded'
	list 'icmp_type' 'bad-header'
	list 'icmp_type' 'unknown-header-type'
	option 'limit' '1000/sec'
	option 'family' 'ipv6'
	option 'target' 'ACCEPT'

config 'include'
	option 'path' '/etc/firewall.user'

config 'zone'
	option 'name' 'newzone'
	option 'input' 'ACCEPT'
	option 'forward' 'REJECT'
	option 'network' ' '
	option 'output' 'ACCEPT'

config 'rule'
	option 'target' 'ACCEPT'
	option 'src' 'wan'
	option 'dest_port' '22'
	option 'name' 'ssh'
	option 'family' 'ipv4'
	option 'proto' 'tcp udp'

config 'rule'
	option 'target' 'ACCEPT'
	option 'src' 'wan'
	option 'dest_port' '80'
	option 'name' 'web'
	option 'family' 'ipv4'
	option 'proto' 'tcp udp'

config 'rule'
	option 'target' 'ACCEPT'
	option 'src' 'wan'
	option 'dest_port' '4028'
	option 'name' 'cgminer'
	option 'family' 'ipv4'
	option 'proto' 'tcp udp'