m0n0wall: status
Wed Nov 23 17:31:05 ICT 2005
Note: make sure to remove any sensitive information
(passwords, maybe also IP addresses) before posting
information from this page in public places (like mailing lists)!
Passwords in config.xml have been automatically removed.
This status page includes the following information:
| System uptime |
5:31PM up 4:05, 0 users, load averages: 0.00, 0.00, 0.00 |
| Interfaces |
xl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 options=1<RXCSUM> inet 222.222.64.1 netmask 0xfffffe00 broadcast 222.222.65.255 ether 00:04:75:f4:20:75 media: Ethernet autoselect (100baseTX <full-duplex>) status: active xl1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 options=1<RXCSUM> inet 222.222.63.50 netmask 0xfffffffc broadcast 222.222.63.51 ether 00:10:5a:6d:70:5c media: Ethernet autoselect (100baseTX <full-duplex>) status: active lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384 inet 127.0.0.1 netmask 0xff000000 |
| Routing tables |
Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 222.222.63.49 UGSc 6 328076 xl1 127.0.0.1 127.0.0.1 UH 0 0 lo0 222.222.63.48/30 link#2 UC 1 0 xl1 222.222.63.49 00:04:28:ac:7c:00 UHLW 6 5 xl1 894 222.222.64/23 link#1 UC 13 0 xl0 222.222.64.57 00:12:f0:8f:59:41 UHLW 0 10863 xl0 1157 222.222.64.66 00:0e:35:32:84:9a UHLW 0 597 xl0 157 222.222.64.73 00:0e:35:23:9b:e7 UHLW 0 3921 xl0 186 222.222.64.74 00:0e:9b:a5:5d:6d UHLW 0 3424 xl0 191 222.222.64.75 00:0e:35:2d:b4:c9 UHLW 0 1113 xl0 656 222.222.64.86 00:0e:35:4c:53:70 UHLW 0 11035 xl0 1198 222.222.64.94 00:02:44:93:63:ab UHLW 0 7546 xl0 1132 222.222.64.99 link#1 UHLW 1 8914 xl0 222.222.64.119 00:90:4b:ee:84:3d UHLW 0 3728 xl0 1003 222.222.64.121 00:0c:f1:4f:77:c7 UHLW 1 3469 xl0 899 222.222.64.136 00:09:5b:54:7e:7b UHLW 0 25414 xl0 584 222.222.64.146 00:0e:35:3a:c9:4a UHLW 0 2115 xl0 874 222.222.64.156 00:12:f0:c9:48:3c UHLW 0 79 xl0 1078 |
| ipfw show |
00500 7621 6486224 allow ip from 222.222.64.1 to any out via xl0 00501 6378 655894 allow ip from any to 222.222.64.1 in via xl0 01000 781745 669267381 skipto 50000 ip from any to any not layer2 not via xl0 01001 782155 669334035 allow ip from any to any layer2 not via xl0 01100 732 32466 allow ip from any to any layer2 mac-type 0x0806 01101 541 41190 deny ip from any to any layer2 not mac-type 0x0800 01102 788701 672806579 skipto 20000 ip from any to any layer2 01200 96 31829 allow udp from any 68 to 255.255.255.255 dst-port 67 in 01201 0 0 allow udp from any 68 to 222.222.64.1 dst-port 67 in 01202 0 0 allow udp from 222.222.64.1 67 to any dst-port 68 out 01203 0 0 allow icmp from 222.222.64.1 to any out icmptypes 8 01204 0 0 allow icmp from any to 222.222.64.1 in icmptypes 0 01300 0 0 allow udp from any to 222.222.64.1 dst-port 53 in 01301 0 0 allow udp from 222.222.64.1 53 to any out 01302 0 0 allow tcp from any to 222.222.64.1 dst-port 8000 in 01303 0 0 allow tcp from 222.222.64.1 8000 to any out 10000 209732 11119631 skipto 50000 ip from any to 222.222.0.0/16 in 10000 383922 541963883 skipto 50000 ip from 222.222.0.0/16 to any out 10001 0 0 skipto 50000 ip from any to 111.111.111.0/24 in 10001 0 0 skipto 50000 ip from 111.111.111.0/24 to any out 10002 0 0 skipto 50000 ip from any to 123.45.67.45 in 10002 0 0 skipto 50000 ip from 123.45.67.45 to any out 10003 2712 495396 skipto 50000 ip from any to 123.45.67.46 in 10003 2672 1672470 skipto 50000 ip from 123.45.67.46 to any out 10004 831 51775 skipto 50000 ip from any to 123.45.67.47 in 10004 595 140893 skipto 50000 ip from 123.45.67.47 to any out 10005 3496 590016 skipto 50000 ip from 222.222.64.74 to any in 10005 4323 3559149 skipto 50000 ip from any to 222.222.64.74 out 10006 6948 1014750 skipto 50000 ip from 222.222.64.57 to any in 10006 8151 5575358 skipto 50000 ip from any to 222.222.64.57 out 10007 2439 261861 skipto 50000 ip from 222.222.64.73 to any in 10007 3323 2596922 skipto 50000 ip from any to 222.222.64.73 out 10008 9314 1146606 skipto 50000 ip from 222.222.64.86 to any in 10008 10417 8411404 skipto 50000 ip from any to 222.222.64.86 out 10009 13298 1414619 skipto 50000 ip from 222.222.64.70 to any in 10009 19021 19504115 skipto 50000 ip from any to 222.222.64.70 out 10010 5734 941007 skipto 50000 ip from 222.222.64.94 to any in 10010 6075 4093937 skipto 50000 ip from any to 222.222.64.94 out 10014 8275 1154215 skipto 50000 ip from 222.222.64.136 to any in 10014 10455 9113941 skipto 50000 ip from any to 222.222.64.136 out 10016 19738 1121674 skipto 50000 ip from 222.222.64.75 to any in 10016 33882 44880552 skipto 50000 ip from any to 222.222.64.75 out 10017 2669 582619 skipto 50000 ip from 222.222.64.119 to any in 10017 2928 1869019 skipto 50000 ip from any to 222.222.64.119 out 19900 4233 402843 fwd 127.0.0.1,8000 tcp from any to any dst-port 80 in 19901 5659 6280466 allow tcp from any 80 to any out 19902 1477 77104 deny ip from any to any 20005 0 0 deny ip from 222.222.64.74 not MAC any 00:0e:9b:a5:5d:6d any layer2 in 20005 0 0 deny ip from any to 222.222.64.74 not MAC 00:0e:9b:a5:5d:6d any layer2 out 20006 0 0 deny ip from 222.222.64.57 not MAC any 00:12:f0:8f:59:41 any layer2 in 20006 0 0 deny ip from any to 222.222.64.57 not MAC 00:12:f0:8f:59:41 any layer2 out 20007 0 0 deny ip from 222.222.64.73 not MAC any 00:0e:35:23:9b:e7 any layer2 in 20007 0 0 deny ip from any to 222.222.64.73 not MAC 00:0e:35:23:9b:e7 any layer2 out 20008 0 0 deny ip from 222.222.64.86 not MAC any 00:0e:35:4c:53:70 any layer2 in 20008 0 0 deny ip from any to 222.222.64.86 not MAC 00:0e:35:4c:53:70 any layer2 out 20009 0 0 deny ip from 222.222.64.70 not MAC any 00:0c:f1:3f:8a:d3 any layer2 in 20009 0 0 deny ip from any to 222.222.64.70 not MAC 00:0c:f1:3f:8a:d3 any layer2 out 20010 0 0 deny ip from 222.222.64.94 not MAC any 00:02:44:93:63:ab any layer2 in 20010 0 0 deny ip from any to 222.222.64.94 not MAC 00:02:44:93:63:ab any layer2 out 20014 0 0 deny ip from 222.222.64.136 not MAC any 00:09:5b:54:7e:7b any layer2 in 20014 0 0 deny ip from any to 222.222.64.136 not MAC 00:09:5b:54:7e:7b any layer2 out 20016 0 0 deny ip from 222.222.64.75 not MAC any 00:0e:35:2d:b4:c9 any layer2 in 20016 0 0 deny ip from any to 222.222.64.75 not MAC 00:0e:35:2d:b4:c9 any layer2 out 20017 0 0 deny ip from 222.222.64.119 not MAC any 00:90:4b:ee:84:3d any layer2 in 20017 0 0 deny ip from any to 222.222.64.119 not MAC 00:90:4b:ee:84:3d any layer2 out 29900 788622 672728935 allow ip from any to any layer2 65535 1393271 1193874455 allow ip from any to any |
| ipnat -lv |
List of active MAP/Redirect filters: List of active sessions: MAP 222.222.64.119 1228 <- -> 222.222.63.50 16112 [222.222.46.116 5101] age 15411 use 0 sumd 0x38df/0x38df pr 6 bkt 835/1459 flags 1 drop 0/0 ifp xl1 bytes 2285 pkts 23 MAP 222.222.64.94 3332 <- -> 222.222.63.50 12924 [207.46.6.185 1863] age 15409 use 0 sumd 0x244c/0x244c pr 6 bkt 392/1156 flags 1 drop 0/0 ifp xl1 bytes 2168 pkts 20 MAP 222.222.64.74 1457 <- -> 222.222.63.50 10419 [203.81.162.137 80] age 12341 use 0 sumd 0x21ea/0x21ea pr 6 bkt 575/930 flags 1 drop 0/0 ifp xl1 bytes 6203 pkts 16 MAP 222.222.64.74 1454 <- -> 222.222.63.50 10416 [203.81.162.137 80] age 12341 use 0 sumd 0x21ea/0x21ea pr 6 bkt 1854/162 flags 1 drop 0/0 ifp xl1 bytes 181008 pkts 200 MAP 222.222.64.119 1092 <- -> 222.222.63.50 16102 [68.142.233.172 443] age 15252 use 0 sumd 0x395d/0x395d pr 6 bkt 2035/1140 flags 1 drop 0/0 ifp xl1 bytes 3226 pkts 17 MAP 222.222.64.119 1084 <- -> 222.222.63.50 16094 [216.155.193.168 5050] age 15387 use 0 sumd 0x395d/0x395d pr 6 bkt 1282/387 flags 1 drop 0/0 ifp xl1 bytes 8077 pkts 56 MAP 222.222.64.57 5101 <- -> 222.222.63.50 8267 [222.222.47.69 4075] age 11984 use 0 sumd 0xb57/0xb57 pr 6 bkt 2035/1426 flags 1 drop 0/0 ifp xl1 bytes 224 pkts 5 MAP 222.222.64.57 1501 <- -> 222.222.63.50 8321 [216.155.193.171 5050] age 15411 use 0 sumd 0x199d/0x199d pr 6 bkt 182/1131 flags 1 drop 0/0 ifp xl1 bytes 71027 pkts 572 MAP 222.222.64.75 1233 <- -> 222.222.63.50 10573 [213.150.62.121 80] age 11897 use 0 sumd 0x2363/0x2363 pr 6 bkt 1084/1930 flags 1 drop 0/0 ifp xl1 bytes 6348 pkts 12 MAP 222.222.64.57 1490 <- -> 222.222.63.50 8310 [207.46.4.74 1863] age 15386 use 0 sumd 0x199d/0x199d pr 6 bkt 1985/887 flags 1 drop 0/0 ifp xl1 bytes 33498 pkts 326 MAP 222.222.64.168 1295 <- -> 222.222.63.50 22227 [222.222.5.11 80] age 9091 use 0 sumd 0x504e/0x504e pr 6 bkt 5/378 flags 1 drop 0/0 ifp xl1 bytes 1019 pkts 7 MAP 222.222.64.168 1247 <- -> 222.222.63.50 22305 [203.155.154.14 80] age 8507 use 0 sumd 0x50cc/0x50cc pr 6 bkt 35/1897 flags 1 drop 0/0 ifp xl1 bytes 4370 pkts 11 MAP 222.222.64.168 1240 <- -> 222.222.63.50 22298 [203.155.154.14 80] age 8371 use 0 sumd 0x50cc/0x50cc pr 6 bkt 290/105 flags 1 drop 0/0 ifp xl1 bytes 4368 pkts 11 MAP 222.222.64.70 1688 <- -> 222.222.63.50 9894 [219.232.48.76 80] age 6066 use 0 sumd 0x1efa/0x1efa pr 6 bkt 384/1785 flags 1 drop 0/0 ifp xl1 bytes 3529 pkts 10 MAP 222.222.64.70 1462 <- -> 222.222.63.50 9920 [61.183.11.4 80] age 4372 use 0 sumd 0x1ff6/0x1ff6 pr 6 bkt 1338/1716 flags 1 drop 0/0 ifp xl1 bytes 3998 pkts 11 MAP 222.222.64.74 1444 <- -> 222.222.63.50 10406 [222.222.5.11 80] age 3670 use 0 sumd 0x21ea/0x21ea pr 6 bkt 739/1094 flags 1 drop 0/0 ifp xl1 bytes 69123 pkts 80 MAP 222.222.64.70 1390 <- -> 222.222.63.50 9848 [211.100.33.171 80] age 3535 use 0 sumd 0x1ff6/0x1ff6 pr 6 bkt 707/1085 flags 1 drop 0/0 ifp xl1 bytes 1046 pkts 6 MAP 222.222.64.99 4899 <- -> 222.222.63.50 13609 [222.222.28.4 43539] age 3006 use 0 sumd 0x20d5/0x20d5 pr 6 bkt 576/1804 flags 1 drop 0/0 ifp xl1 bytes 296 pkts 5 MAP 222.222.64.99 4899 <- -> 222.222.63.50 13609 [222.222.28.4 43528] age 1847 use 0 sumd 0x20d5/0x20d5 pr 6 bkt 1854/1035 flags 1 drop 0/0 ifp xl1 bytes 296 pkts 5 MAP 222.222.64.99 4899 <- -> 222.222.63.50 13609 [222.222.28.4 43518] age 1099 use 0 sumd 0x20d5/0x20d5 pr 6 bkt 1372/553 flags 1 drop 0/0 ifp xl1 bytes 348 pkts 6 MAP 222.222.64.99 4899 <- -> 222.222.63.50 13609 [222.222.28.4 43514] age 816 use 0 sumd 0x20d5/0x20d5 pr 6 bkt 348/1576 flags 1 drop 0/0 ifp xl1 bytes 296 pkts 5 MAP 222.222.64.99 4899 <- -> 222.222.63.50 13609 [222.222.28.4 43513] age 609 use 0 sumd 0x20d5/0x20d5 pr 6 bkt 92/1320 flags 1 drop 0/0 ifp xl1 bytes 296 pkts 5 MAP 222.222.64.136 1172 <- -> 222.222.63.50 18198 [68.142.233.150 443] age 14803 use 0 sumd 0x412c/0x412c pr 6 bkt 2015/991 flags 1 drop 0/0 ifp xl1 bytes 6931 pkts 53 MAP 222.222.64.136 1158 <- -> 222.222.63.50 18184 [216.155.193.145 119] age 15345 use 0 sumd 0x412c/0x412c pr 6 bkt 972/1995 flags 1 drop 0/0 ifp xl1 bytes 26503 pkts 211 MAP 222.222.64.99 4899 <- -> 222.222.63.50 13609 [222.222.28.4 43506] age 21 use 0 sumd 0x20d5/0x20d5 pr 6 bkt 347/1575 flags 1 drop 0/0 ifp xl1 bytes 296 pkts 5 MAP 222.222.64.94 2821 <- -> 222.222.63.50 12917 [207.46.4.85 1863] age 15400 use 0 sumd 0x2644/0x2644 pr 6 bkt 974/715 flags 1 drop 0/0 ifp xl1 bytes 77811 pkts 878 List of active host mappings: 222.222.64.57 -> 0.0.0.0 (use = 3 hv = 196) 222.222.64.70 -> 0.0.0.0 (use = 3 hv = 248) 222.222.64.74 -> 0.0.0.0 (use = 3 hv = 264) 222.222.64.75 -> 0.0.0.0 (use = 1 hv = 268) 222.222.64.94 -> 0.0.0.0 (use = 1 hv = 344) 222.222.64.94 -> 0.0.0.0 (use = 1 hv = 344) 222.222.64.99 -> 0.0.0.0 (use = 3 hv = 364) 222.222.64.99 -> 0.0.0.0 (use = 2 hv = 364) 222.222.64.99 -> 0.0.0.0 (use = 1 hv = 364) 222.222.64.119 -> 0.0.0.0 (use = 3 hv = 444) 222.222.64.136 -> 0.0.0.0 (use = 2 hv = 512) 222.222.64.168 -> 0.0.0.0 (use = 3 hv = 640) |
| ipfstat -v |
opts 0x40 name /dev/ipl IPv6 packets: in 0 out 0 input packets: blocked 1276 passed 935776 nomatch 0 counted 0 short 0 output packets: blocked 21 passed 935249 nomatch 0 counted 0 short 0 input packets logged: blocked 1246 passed 23 output packets logged: blocked 0 passed 0 packets logged: input 0 output 0 log failures: input 0 output 0 fragment state(in): kept 0 lost 0 not fragmented 0 fragment state(out): kept 0 lost 0 not fragmented 0 packet state(in): kept 10853 lost 30 packet state(out): kept 129 lost 21 ICMP replies: 0 TCP RSTs sent: 0 Invalid source(in): 0 Result cache hits(in): 337 (out): 0 IN Pullups succeeded: 0 failed: 0 OUT Pullups succeeded: 0 failed: 0 Fastroute successes: 0 failures: 0 TCP cksum fails(in): 0 (out): 0 Packet log flags set: (0) none |
| ipfstat -nio |
@1 pass out quick on lo0 from any to any @2 pass out quick on xl0 proto udp from 222.222.64.1/32 port = 67 to any port = 68 @3 pass out quick on xl1 proto udp from any port = 68 to any port = 67 @4 pass out quick on xl0 from any to any keep state @5 pass out quick on xl1 from any to any keep state @6 block out log quick from any to any @1 pass in quick on lo0 from any to any @2 block in log quick from any to any with short @3 block in log quick from any to any with ipopt @4 pass in quick on xl0 proto udp from any port = 68 to 255.255.255.255/32 port = 67 @5 pass in quick on xl0 proto udp from any port = 68 to 222.222.64.1/32 port = 67 @6 block in log quick on xl1 from 222.222.64.0/23 to any @7 block in log quick on xl1 proto udp from any port = 67 to 222.222.64.0/23 port = 68 @8 pass in quick on xl1 proto udp from any port = 67 to any port = 68 @9 block in log quick on xl0 from !222.222.64.0/23 to any @10 block in log quick on xl1 from 10.0.0.0/8 to any @11 block in log quick on xl1 from 127.0.0.0/8 to any @12 block in log quick on xl1 from 172.16.0.0/12 to any @13 block in log quick on xl1 from 192.168.0.0/16 to any @14 skip 1 in proto tcp from any to any flags S/FSRA @15 block in log quick proto tcp from any to any @16 block in log quick on xl0 from any to any head 100 @1 pass in quick from 222.222.64.0/23 to 222.222.64.1/32 keep state group 100 @2 block return-rst in log first quick proto tcp from any to any port = 3128 flags S/SA group 100 @3 pass in quick from any to any keep state group 100 @17 block in log quick on xl1 from any to any head 200 @1 pass in quick proto tcp from 222.222.0.0/16 to any port = 443 keep state group 200 @2 pass in quick proto icmp from any to any keep state group 200 @3 pass in quick proto udp from 222.222.0.0/16 to any port = 161 keep state group 200 @4 pass in quick proto tcp from 222.222.5.7/32 to any port = 58796 keep state group 200 @18 block in log quick from any to any |
| unparsed ipnat rules |
| unparsed ipfilter rules |
# loopback pass in quick on lo0 all pass out quick on lo0 all # block short packets block in log quick all with short # block IP options block in log quick all with ipopts # allow access to DHCP server on LAN pass in quick on xl0 proto udp from any port = 68 to 255.255.255.255 port = 67 pass in quick on xl0 proto udp from any port = 68 to 222.222.64.1 port = 67 pass out quick on xl0 proto udp from 222.222.64.1 port = 67 to any port = 68 # WAN spoof check block in log quick on xl1 from 222.222.64.0/23 to any # allow our DHCP client out to the WAN # XXX - should be more restrictive # (not possible at the moment - need 'me' like in ipfw) pass out quick on xl1 proto udp from any port = 68 to any port = 67 block in log quick on xl1 proto udp from any port = 67 to 222.222.64.0/23 port = 68 pass in quick on xl1 proto udp from any port = 67 to any port = 68 # LAN/OPT spoof check (needs to be after DHCP because of broadcast addresses) block in log quick on xl0 from ! 222.222.64.0/23 to any # block anything from private networks on WAN interface block in log quick on xl1 from 10.0.0.0/8 to any block in log quick on xl1 from 127.0.0.0/8 to any block in log quick on xl1 from 172.16.0.0/12 to any block in log quick on xl1 from 192.168.0.0/16 to any # Block TCP packets that do not mark the start of a connection skip 1 in proto tcp all flags S/SAFR block in log quick proto tcp all #--------------------------------------------------------------------------- # group head 100 - LAN interface #--------------------------------------------------------------------------- block in log quick on xl0 all head 100 # let out anything from the firewall host itself and decrypted IPsec traffic pass out quick on xl0 all keep state #--------------------------------------------------------------------------- # group head 200 - WAN interface #--------------------------------------------------------------------------- block in log quick on xl1 all head 200 # let out anything from the firewall host itself and decrypted IPsec traffic pass out quick on xl1 all keep state # make sure the user cannot lock himself out of the webGUI pass in quick from 222.222.64.0/23 to 222.222.64.1 keep state group 100 # User-defined rules follow pass in quick proto tcp from 222.222.0.0/16 to any port = 443 keep state group 200 pass in quick proto icmp from any to any keep state group 200 pass in quick proto udp from 222.222.0.0/16 to any port = 161 keep state group 200 pass in quick proto tcp from 222.222.5.7 to any port = 58796 keep state group 200 block return-rst in log first quick proto tcp from any to any port = 3128 flags S/SA group 100 pass in quick from any to any keep state group 100 #--------------------------------------------------------------------------- # default rules (just to be sure) #--------------------------------------------------------------------------- block in log quick all block out log quick all |
| unparsed ipfw rules |
add 50000 set 4 pass all from 222.222.64.1 to any add 50001 set 4 pass all from any to 222.222.64.1 |
| resolv.conf |
domain mydomain.com nameserver 222.222.0.1 |
| Processes |
USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND root 10700 13.0 1.6 6492 5940 ?? SN 5:31PM 0:00.25 /usr/local/bin/php status.php root 10722 0.0 0.3 1332 968 ?? SN 5:31PM 0:00.00 sh -c ps xauww 2>&1 root 10702 0.0 0.5 2376 1872 ?? S 5:31PM 0:00.09 /usr/local/sbin/mini_httpd -S -E /var/etc/cert.pem -c **.php|**.cgi -u root -maxproc 16 -i /var/run/mini_httpd.pid root 10701 0.0 0.5 2376 1872 ?? S 5:31PM 0:00.00 /usr/local/sbin/mini_httpd -S -E /var/etc/cert.pem -c **.php|**.cgi -u root -maxproc 16 -i /var/run/mini_httpd.pid root 4422 0.0 0.2 1036 768 ?? SNs 2:32PM 0:00.19 /usr/sbin/syslogd -s -f /var/etc/syslog.conf root 3304 0.0 0.2 888 560 ?? INs 2:17PM 0:00.08 /usr/local/bin/minicron 60 /var/run/minicron.pid /etc/rc.prunecaptiveportal root 3301 0.0 0.3 2248 1252 ?? INs 2:17PM 0:00.36 /usr/local/sbin/mini_httpd -a -M 0 -u root -maxproc 16 -p 8000 -i /var/run/mini_httpd.cp.pid root 151 0.0 0.2 1336 904 ?? I 1:26PM 0:00.01 /bin/sh /etc/rc.initial console root 98 0.0 0.2 1104 772 con- I 1:26PM 0:00.01 /usr/local/bin/msntp -r -P no -l /var/run/msntp.pid -x 300 222.222.0.1 root 96 0.0 0.2 1332 840 con- I 1:26PM 0:00.01 /bin/sh /usr/local/bin/runmsntp.sh /var/run/runmsntp.pid /var/run/msntp.pid 300 222.222.0.1 root 92 0.0 0.3 1532 1232 con- I 1:26PM 0:00.01 /usr/local/sbin/snmpd -c /var/etc/snmpd.conf -P /var/run/snmpd.pid root 89 0.0 0.2 1032 728 ?? Is 1:26PM 0:00.06 /usr/local/sbin/dhcrelay -i xl0 -i xl1 -a -m replace 222.222.0.6 root 86 0.0 0.4 2292 1640 ?? Ss 1:26PM 0:00.55 /usr/local/sbin/mini_httpd -S -E /var/etc/cert.pem -c **.php|**.cgi -u root -maxproc 16 -i /var/run/mini_httpd.pid root 78 0.0 0.3 1456 1224 ?? Ss 1:26PM 0:00.55 /sbin/ipmon -sD root 9 0.0 0.0 0 0 ?? DL 1:26PM 0:00.08 (vnlru) root 8 0.0 0.0 0 0 ?? DL 1:26PM 0:00.35 (syncer) root 7 0.0 0.0 0 0 ?? DL 1:26PM 0:00.09 (bufdaemon) root 6 0.0 0.0 0 0 ?? DL 1:26PM 0:00.02 (pagedaemon) root 5 0.0 0.0 0 0 ?? DL 1:26PM 0:00.00 (usbtask) root 4 0.0 0.0 0 0 ?? DL 1:26PM 0:00.00 (usb0) root 3 0.0 0.0 0 0 ?? DL 1:26PM 0:00.00 (taskqueue) root 2 0.0 0.0 0 0 ?? DL 1:26PM 0:00.00 (cryptoret) root 1 0.0 0.2 1060 696 ?? ILs 1:26PM 0:00.11 /sbin/init -- root 10723 0.0 0.2 1080 676 ?? RN 5:31PM 0:00.00 ps xauww root 0 0.0 0.0 0 0 ?? DLs 1:26PM 0:00.00 (swapper) |
| dhcpd.conf |
cat: /var/etc/dhcpd.conf: No such file or directory |
| ez-ipupdate.cache |
cat: /conf/ez-ipupdate.cache: No such file or directory |
| df |
Filesystem 512-blocks Used Avail Capacity Mounted on /dev/md0c 21758 19650 2108 90% / procfs 8 8 0 100% /proc /dev/fd0 2849 59 2790 2% /cf |
| racoon.conf |
cat: /var/etc/racoon.conf: No such file or directory |
| SPD |
No SPD entries. |
| SAD |
No SAD entries. |
| last 200 system log entries |
Nov 23 13:26:14 wlgate01 /kernel: Waiting (max 60 seconds) for system process `vnlru' to stop...stopped Nov 23 13:26:14 wlgate01 /kernel: Waiting (max 60 seconds) for system process `bufdaemon' to stop...stopped Nov 23 13:26:14 wlgate01 /kernel: Waiting (max 60 seconds) for system process `syncer' to stop...stopped Nov 23 13:26:14 wlgate01 /kernel: Nov 23 13:26:14 wlgate01 /kernel: syncing disks... Nov 23 13:26:14 wlgate01 /kernel: done Nov 23 13:26:14 wlgate01 /kernel: Uptime: 28m27s Nov 23 13:26:14 wlgate01 /kernel: Rebooting... Nov 23 13:26:14 wlgate01 /kernel: Copyright (c) 1992-2005 The FreeBSD Project. Nov 23 13:26:14 wlgate01 /kernel: Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 Nov 23 13:26:14 wlgate01 /kernel: The Regents of the University of California. All rights reserved. Nov 23 13:26:14 wlgate01 /kernel: FreeBSD 4.11-RELEASE-p11 #0: Wed Sep 7 13:49:09 CEST 2005 Nov 23 13:26:14 wlgate01 /kernel: root@fb411.neon1.net:/usr/src/sys/compile/M0N0WALL_GENERIC Nov 23 13:26:14 wlgate01 /kernel: Timecounter "i8254" frequency 1193182 Hz Nov 23 13:26:14 wlgate01 /kernel: CPU: Pentium III/Pentium III Xeon/Celeron (497.84-MHz 686-class CPU) Nov 23 13:26:14 wlgate01 /kernel: Origin = "GenuineIntel" Id = 0x673 Stepping = 3 Nov 23 13:26:14 wlgate01 /kernel: Features=0x383f9ff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE> Nov 23 13:26:14 wlgate01 /kernel: real memory = 402653184 (393216K bytes) Nov 23 13:26:14 wlgate01 /kernel: avail memory = 374837248 (366052K bytes) Nov 23 13:26:14 wlgate01 /kernel: Preloaded elf kernel "kernel" at 0xc1006000. Nov 23 13:26:14 wlgate01 /kernel: Preloaded mfs_root "/mfsroot" at 0xc100609c. Nov 23 13:26:14 wlgate01 /kernel: Pentium Pro MTRR support enabled Nov 23 13:26:14 wlgate01 /kernel: md0: Preloaded image </mfsroot> 11534336 bytes at 0xc0504d9c Nov 23 13:26:14 wlgate01 /kernel: md1: Malloc disk Nov 23 13:26:14 wlgate01 /kernel: Using $PIR table, 6 entries at 0xc00edb90 Nov 23 13:26:14 wlgate01 /kernel: npx0: <math processor> on motherboard Nov 23 13:26:14 wlgate01 /kernel: npx0: INT 16 interface Nov 23 13:26:14 wlgate01 /kernel: pcib0: <Intel 82443BX (440 BX) host to PCI bridge> on motherboard Nov 23 13:26:14 wlgate01 /kernel: pci0: <PCI bus> on pcib0 Nov 23 13:26:14 wlgate01 /kernel: pcib1: <Intel 82443BX (440 BX) PCI-PCI (AGP) bridge> at device 1.0 on pci0 Nov 23 13:26:14 wlgate01 /kernel: pci1: <PCI bus> on pcib1 Nov 23 13:26:14 wlgate01 /kernel: pci1: <Trident model 9880 VGA-compatible display device> at 0.0 irq 11 Nov 23 13:26:14 wlgate01 /kernel: xl0: <3Com 3c905C-TX Fast Etherlink XL> port 0x1400-0x147f mem 0x41200000-0x4120007f irq 11 at device 14.0 on pci0 Nov 23 13:26:14 wlgate01 /kernel: xl0: Ethernet address: 00:04:75:f4:20:75 Nov 23 13:26:14 wlgate01 /kernel: miibus0: <MII bus> on xl0 Nov 23 13:26:14 wlgate01 /kernel: ukphy0: <Generic IEEE 802.3u media interface> on miibus0 Nov 23 13:26:14 wlgate01 /kernel: ukphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto Nov 23 13:26:14 wlgate01 /kernel: xl1: <3Com 3c905B-TX Fast Etherlink XL> port 0x1080-0x10ff mem 0x41100000-0x4110007f irq 11 at device 15.0 on pci0 Nov 23 13:26:14 wlgate01 /kernel: xl1: Ethernet address: 00:10:5a:6d:70:5c Nov 23 13:26:14 wlgate01 /kernel: miibus1: <MII bus> on xl1 Nov 23 13:26:14 wlgate01 /kernel: xlphy0: <3Com internal media interface> on miibus1 Nov 23 13:26:14 wlgate01 /kernel: xlphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto Nov 23 13:26:14 wlgate01 /kernel: isab0: <Intel 82371AB PCI to ISA bridge> at device 20.0 on pci0 Nov 23 13:26:14 wlgate01 /kernel: isa0: <ISA bus> on isab0 Nov 23 13:26:14 wlgate01 /kernel: atapci0: <Intel PIIX4 ATA33 controller> port 0x1020-0x102f at device 20.1 on pci0 Nov 23 13:26:14 wlgate01 /kernel: ata0: at 0x1f0 irq 14 on atapci0 Nov 23 13:26:14 wlgate01 /kernel: ata1: at 0x170 irq 15 on atapci0 Nov 23 13:26:14 wlgate01 /kernel: uhci0: <Intel 82371AB/EB (PIIX4) USB controller> port 0x1000-0x101f irq 11 at device 20.2 on pci0 Nov 23 13:26:14 wlgate01 /kernel: usb0: <Intel 82371AB/EB (PIIX4) USB controller> on uhci0 Nov 23 13:26:14 wlgate01 /kernel: usb0: USB revision 1.0 Nov 23 13:26:14 wlgate01 /kernel: uhub0: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1 Nov 23 13:26:14 wlgate01 /kernel: uhub0: 2 ports with 2 removable, self powered Nov 23 13:26:14 wlgate01 /kernel: chip1: <Intel 82371AB Power management controller> port 0xfc00-0xfc0f at device 20.3 on pci0 Nov 23 13:26:14 wlgate01 /kernel: orm0: <Option ROMs> at iomem 0xc0000-0xcbfff,0xcc000-0xcc7ff,0xe0000-0xe7fff on isa0 Nov 23 13:26:14 wlgate01 /kernel: pmtimer0 on isa0 Nov 23 13:26:14 wlgate01 /kernel: fdc0: <NEC 72065B or clone> at port 0x3f0-0x3f5,0x3f7 irq 6 drq 2 on isa0 Nov 23 13:26:14 wlgate01 /kernel: fdc0: FIFO enabled, 8 bytes threshold Nov 23 13:26:14 wlgate01 /kernel: fd0: <1440-KB 3.5" drive> on fdc0 drive 0 Nov 23 13:26:14 wlgate01 /kernel: atkbdc0: <Keyboard controller (i8042)> at port 0x60,0x64 on isa0 Nov 23 13:26:14 wlgate01 /kernel: atkbd0: <AT Keyboard> flags 0x1 irq 1 on atkbdc0 Nov 23 13:26:14 wlgate01 /kernel: kbd0 at atkbd0 Nov 23 13:26:14 wlgate01 /kernel: vga0: <Generic ISA VGA> at port 0x3c0-0x3df iomem 0xa0000-0xbffff on isa0 Nov 23 13:26:14 wlgate01 /kernel: sc0: <System console> at flags 0x100 on isa0 Nov 23 13:26:14 wlgate01 /kernel: sc0: VGA <16 virtual consoles, flags=0x300> Nov 23 13:26:14 wlgate01 /kernel: sio0 at port 0x3f8-0x3ff irq 4 flags 0x10 on isa0 Nov 23 13:26:14 wlgate01 /kernel: sio0: type 16550A Nov 23 13:26:14 wlgate01 /kernel: sio1 at port 0x2f8-0x2ff irq 3 on isa0 Nov 23 13:26:14 wlgate01 /kernel: sio1: type 16550A Nov 23 13:26:14 wlgate01 /kernel: BRIDGE 020214 loaded Nov 23 13:26:14 wlgate01 /kernel: IPsec: Initialized Security Association Processing. Nov 23 13:26:14 wlgate01 /kernel: IP Filter: v3.4.35 initialized. Default = block all, Logging = enabled Nov 23 13:26:14 wlgate01 /kernel: acd0: CDROM <40X PCA403CD> at ata1-master PIO4 Nov 23 13:26:14 wlgate01 /kernel: Mounting root from ufs:/dev/md0c Nov 23 13:26:14 wlgate01 dhcrelay: Internet Systems Consortium DHCP Relay Agent V3.0.3 Nov 23 13:26:14 wlgate01 dhcrelay: Copyright 2004-2005 Internet Systems Consortium. Nov 23 13:26:14 wlgate01 dhcrelay: All rights reserved. Nov 23 13:26:14 wlgate01 dhcrelay: For info, please visit http://www.isc.org/sw/dhcp/ Nov 23 13:26:14 wlgate01 dhcrelay: Listening on BPF/xl1/00:10:5a:6d:70:5c Nov 23 13:26:14 wlgate01 dhcrelay: Sending on BPF/xl1/00:10:5a:6d:70:5c Nov 23 13:26:14 wlgate01 dhcrelay: Listening on BPF/xl0/00:04:75:f4:20:75 Nov 23 13:26:14 wlgate01 dhcrelay: Sending on BPF/xl0/00:04:75:f4:20:75 Nov 23 13:26:14 wlgate01 dhcrelay: Sending on Socket/fallback Nov 23 13:26:14 wlgate01 /kernel: ipfw2 initialized, divert disabled, rule-based forwarding enabled, default to accept, logging disabled Nov 23 13:26:14 wlgate01 /kernel: DUMMYNET initialized (011031) Nov 23 14:32:25 wlgate01 syslogd: exiting on signal 15 |
| last 50 filter log entries |
Nov 23 17:19:44 wlgate01 ipmon[78]: 17:19:43.600320 xl1 @0:15 b 211.157.36.61,80 -> 222.222.64.120,345 PR tcp len 20 40 -AR IN Nov 23 17:19:51 wlgate01 ipmon[78]: 17:19:50.699558 xl1 @0:15 b 216.155.193.145,119 -> 222.222.63.50,18184 PR tcp len 20 175 -ARP IN Nov 23 17:19:52 wlgate01 ipmon[78]: 17:19:52.485237 xl1 @0:17 b 222.222.0.6,67 -> 222.222.64.1,67 PR udp len 20 330 IN Nov 23 17:19:53 wlgate01 ipmon[78]: 17:19:53.098402 2x xl1 @0:17 b 222.222.0.6,67 -> 222.222.64.1,67 PR udp len 20 330 IN Nov 23 17:19:56 wlgate01 ipmon[78]: 17:19:56.283122 xl1 @0:7 b 222.222.0.6,67 -> 222.222.64.121,68 PR udp len 20 328 IN Nov 23 17:19:59 wlgate01 ipmon[78]: 17:19:59.287491 xl1 @0:7 b 222.222.0.6,67 -> 222.222.64.121,68 PR udp len 20 328 IN Nov 23 17:20:40 wlgate01 ipmon[78]: 17:20:40.017154 xl1 @0:15 b 68.142.233.172,443 -> 222.222.63.50,16102 PR tcp len 20 40 -A IN Nov 23 17:20:44 wlgate01 ipmon[78]: 17:20:44.450922 2x xl1 @0:17 b 222.222.0.6,67 -> 222.222.64.1,67 PR udp len 20 330 IN Nov 23 17:21:00 wlgate01 ipmon[78]: 17:21:00.136336 xl1 @0:15 b 211.157.36.61,80 -> 222.222.64.120,345 PR tcp len 20 40 -AR IN Nov 23 17:21:30 wlgate01 ipmon[78]: 17:21:30.045533 xl1 @0:17 b 222.222.0.6,67 -> 222.222.64.1,67 PR udp len 20 330 IN Nov 23 17:21:39 wlgate01 ipmon[78]: 17:21:38.810588 xl1 @0:15 b 211.157.36.61,80 -> 222.222.64.51,124 PR tcp len 20 40 -AR IN Nov 23 17:21:52 wlgate01 ipmon[78]: 17:21:52.543017 xl1 @0:15 b 219.153.37.82,80 -> 222.222.64.121,7790 PR tcp len 20 44 -AS IN Nov 23 17:21:53 wlgate01 ipmon[78]: 17:21:52.799208 xl1 @0:15 b 219.153.37.82,80 -> 222.222.64.121,7790 PR tcp len 20 44 -AS IN Nov 23 17:21:55 wlgate01 ipmon[78]: 17:21:55.028137 xl1 @0:15 b 68.142.233.172,443 -> 222.222.63.50,16102 PR tcp len 20 40 -A IN Nov 23 17:21:56 wlgate01 ipmon[78]: 17:21:56.579042 xl1 @0:15 b 68.142.233.150,443 -> 222.222.63.50,18198 PR tcp len 20 40 -A IN Nov 23 17:22:55 wlgate01 ipmon[78]: 17:22:55.508070 xl1 @0:15 b 211.157.36.61,80 -> 222.222.64.51,124 PR tcp len 20 40 -AR IN Nov 23 17:23:01 wlgate01 ipmon[78]: 17:23:00.670810 xl1 @0:7 b 222.222.0.6,67 -> 222.222.64.121,68 PR udp len 20 328 IN Nov 23 17:23:03 wlgate01 ipmon[78]: 17:23:03.667217 xl1 @0:7 b 222.222.0.6,67 -> 222.222.64.121,68 PR udp len 20 328 IN Nov 23 17:23:10 wlgate01 ipmon[78]: 17:23:10.273716 xl1 @0:15 b 68.142.233.172,443 -> 222.222.63.50,16102 PR tcp len 20 40 -A IN Nov 23 17:23:11 wlgate01 ipmon[78]: 17:23:11.316161 xl1 @0:15 b 68.142.233.150,443 -> 222.222.63.50,18198 PR tcp len 20 40 -A IN Nov 23 17:23:34 wlgate01 ipmon[78]: 17:23:34.589999 xl1 @0:15 b 211.157.36.61,80 -> 222.222.64.59,201 PR tcp len 20 40 -AR IN Nov 23 17:23:44 wlgate01 ipmon[78]: 17:23:44.324706 xl1 @0:15 b 211.157.36.61,80 -> 222.222.64.35,339 PR tcp len 20 40 -AR IN Nov 23 17:23:46 wlgate01 ipmon[78]: 17:23:46.159505 xl1 @0:15 b 211.157.36.61,80 -> 222.222.64.18,671 PR tcp len 20 40 -AR IN Nov 23 17:24:20 wlgate01 ipmon[78]: 17:24:19.792001 xl1 @0:15 b 211.157.36.61,80 -> 222.222.64.27,436 PR tcp len 20 40 -AR IN Nov 23 17:24:25 wlgate01 ipmon[78]: 17:24:24.920378 xl1 @0:15 b 68.142.233.172,443 -> 222.222.63.50,16102 PR tcp len 20 40 -A IN Nov 23 17:24:26 wlgate01 ipmon[78]: 17:24:25.962969 xl1 @0:15 b 68.142.233.150,443 -> 222.222.63.50,18198 PR tcp len 20 40 -AR IN Nov 23 17:24:35 wlgate01 ipmon[78]: 17:24:35.288604 xl1 @0:15 b 211.157.36.61,80 -> 222.222.64.46,748 PR tcp len 20 40 -AR IN Nov 23 17:24:51 wlgate01 ipmon[78]: 17:24:51.308661 xl1 @0:15 b 211.157.36.61,80 -> 222.222.64.59,201 PR tcp len 20 40 -AR IN Nov 23 17:25:01 wlgate01 ipmon[78]: 17:25:01.089074 xl1 @0:15 b 211.157.36.61,80 -> 222.222.64.35,339 PR tcp len 20 40 -AR IN Nov 23 17:25:03 wlgate01 ipmon[78]: 17:25:02.981989 xl1 @0:15 b 211.157.36.61,80 -> 222.222.64.18,671 PR tcp len 20 40 -AR IN Nov 23 17:25:37 wlgate01 ipmon[78]: 17:25:37.125349 xl1 @0:15 b 211.157.36.61,80 -> 222.222.64.27,436 PR tcp len 20 40 -AR IN Nov 23 17:25:40 wlgate01 ipmon[78]: 17:25:40.253029 xl1 @0:15 b 68.142.233.172,443 -> 222.222.63.50,16102 PR tcp len 20 40 -A IN Nov 23 17:25:52 wlgate01 ipmon[78]: 17:25:52.132160 xl1 @0:15 b 211.157.36.61,80 -> 222.222.64.84,426 PR tcp len 20 40 -AR IN Nov 23 17:25:52 wlgate01 ipmon[78]: 17:25:52.795670 xl1 @0:15 b 211.157.36.61,80 -> 222.222.64.46,748 PR tcp len 20 40 -AR IN Nov 23 17:26:00 wlgate01 ipmon[78]: 17:26:00.812390 3x xl1 @0:17 b 222.222.0.6,67 -> 222.222.64.1,67 PR udp len 20 330 IN Nov 23 17:26:06 wlgate01 ipmon[78]: 17:26:06.703063 xl1 @0:15 b 210.52.223.111,80 -> 222.222.64.21,10595 PR tcp len 20 44 -AS IN Nov 23 17:26:27 wlgate01 ipmon[78]: 17:26:27.860684 xl1 @0:15 b 219.153.37.82,80 -> 222.222.64.111,858 PR tcp len 20 44 -AS IN Nov 23 17:26:28 wlgate01 ipmon[78]: 17:26:28.151000 xl1 @0:15 b 219.153.37.82,80 -> 222.222.64.111,858 PR tcp len 20 44 -AS IN Nov 23 17:26:32 wlgate01 ipmon[78]: 17:26:32.764683 xl1 @0:7 b 222.222.0.6,67 -> 222.222.64.121,68 PR udp len 20 328 IN Nov 23 17:26:35 wlgate01 ipmon[78]: 17:26:35.767735 xl1 @0:7 b 222.222.0.6,67 -> 222.222.64.121,68 PR udp len 20 328 IN Nov 23 17:26:42 wlgate01 ipmon[78]: 17:26:42.643998 xl1 @0:15 b 204.13.64.34,80 -> 222.222.64.92,1347 PR tcp len 20 48 -AS IN Nov 23 17:26:55 wlgate01 ipmon[78]: 17:26:55.086829 xl1 @0:15 b 68.142.233.172,443 -> 222.222.63.50,16102 PR tcp len 20 40 -A IN Nov 23 17:27:10 wlgate01 ipmon[78]: 17:27:10.779842 xl1 @0:15 b 211.157.36.61,80 -> 222.222.64.84,426 PR tcp len 20 40 -AR IN Nov 23 17:28:09 wlgate01 ipmon[78]: 17:28:09.123969 xl1 @0:15 b 211.157.36.61,80 -> 222.222.64.7,61 PR tcp len 20 40 -AR IN Nov 23 17:28:10 wlgate01 ipmon[78]: 17:28:10.223219 xl1 @0:15 b 68.142.233.172,443 -> 222.222.63.50,16102 PR tcp len 20 40 -AR IN Nov 23 17:29:00 wlgate01 ipmon[78]: 17:29:00.084221 2x xl1 @0:17 b 222.222.0.6,67 -> 222.222.64.1,67 PR udp len 20 330 IN Nov 23 17:29:05 wlgate01 ipmon[78]: 17:29:05.263783 xl1 @0:17 b 222.222.0.6,67 -> 222.222.64.1,67 PR udp len 20 330 IN Nov 23 17:29:26 wlgate01 ipmon[78]: 17:29:25.772211 xl1 @0:15 b 211.157.36.61,80 -> 222.222.64.7,61 PR tcp len 20 40 -AR IN Nov 23 17:30:32 wlgate01 ipmon[78]: 17:30:31.400023 xl1 @0:15 b 211.157.36.61,80 -> 222.222.64.93,367 PR tcp len 20 40 -AR IN Nov 23 17:30:40 wlgate01 ipmon[78]: 17:30:39.880940 xl1 @0:15 b 211.157.36.61,80 -> 222.222.64.72,274 PR tcp len 20 40 -AR IN |
| ls /conf |
config.xml |
| ls /var/run |
dev.db dhcrelay.pid htpasswd ipmon.pid ld-elf.so.hints log mini_httpd.cp.pid mini_httpd.pid minicron.pid msntp.pid runmsntp.pid snmpd.pid syslog.pid utmp |
| config.xml |
<?xml version="1.0"?>
<m0n0wall>
<version>1.6</version>
<lastchange>1132740565</lastchange>
<system>
<hostname>wlgate01</hostname>
<domain>mydomain.com</domain>
<username>admin</username>
<password>xxxxx</password>
<timezone>Asia/Bangkok</timezone>
<time-update-interval>300</time-update-interval>
<timeservers>222.222.0.1</timeservers>
<webgui>
<protocol>https</protocol>
<port/>
</webgui>
<dnsserver>222.222.0.1</dnsserver>
</system>
<interfaces>
<lan>
<if>xl0</if>
<ipaddr>222.222.64.1</ipaddr>
<subnet>23</subnet>
<media/>
<mediaopt/>
</lan>
<wan>
<if>xl1</if>
<mtu/>
<blockpriv/>
<media/>
<mediaopt/>
<spoofmac/>
<ipaddr>222.222.63.50</ipaddr>
<subnet>30</subnet>
<gateway>222.222.63.49</gateway>
</wan>
</interfaces>
<staticroutes/>
<pppoe/>
<pptp/>
<bigpond/>
<dyndns>
<type>dyndns</type>
<username/>
<password/>
<host/>
<mx/>
<server/>
<port/>
</dyndns>
<dnsupdate/>
<dhcpd>
<lan>
<range>
<from>222.222.66.2</from>
<to>222.222.66.249</to>
</range>
<defaultleasetime/>
<maxleasetime/>
</lan>
</dhcpd>
<pptpd>
<mode/>
<redir/>
<localip/>
<remoteip/>
</pptpd>
<dnsmasq/>
<snmpd>
<syslocation>ITServ Wireless gateway</syslocation>
<syscontact>helpdesk@mydomain.com</syscontact>
<rocommunity>AitSnmpQuery</rocommunity>
<enable/>
</snmpd>
<diag>
<ipv6nat>
<ipaddr/>
</ipv6nat>
</diag>
<bridge/>
<syslog>
<nentries>100</nentries>
<remoteserver>222.222.5.6</remoteserver>
<portalauth/>
<system/>
<enable/>
</syslog>
<nat>
<advancedoutbound>
<enable/>
</advancedoutbound>
</nat>
<filter>
<rule>
<type>pass</type>
<interface>wan</interface>
<protocol>tcp</protocol>
<source>
<address>222.222.0.0/16</address>
</source>
<destination>
<any/>
<port>443</port>
</destination>
<descr>Allow web admin from WAN</descr>
</rule>
<rule>
<type>pass</type>
<interface>wan</interface>
<protocol>icmp</protocol>
<source>
<any/>
</source>
<destination>
<any/>
</destination>
<descr>Allow ICMP</descr>
</rule>
<rule>
<type>pass</type>
<interface>wan</interface>
<protocol>udp</protocol>
<source>
<address>222.222.0.0/16</address>
</source>
<destination>
<any/>
<port>161</port>
</destination>
<descr>Allow SNMP queries</descr>
</rule>
<rule>
<type>pass</type>
<interface>wan</interface>
<protocol>tcp</protocol>
<source>
<address>222.222.5.7</address>
</source>
<destination>
<any/>
<port>58796</port>
</destination>
<descr>Allow Trend OSCE on avserv to clients</descr>
</rule>
<rule>
<type>reject</type>
<interface>lan</interface>
<protocol>tcp</protocol>
<source>
<any/>
</source>
<destination>
<any/>
<port>3128</port>
</destination>
<log/>
<descr>Block proxies</descr>
</rule>
<rule>
<type>pass</type>
<interface>lan</interface>
<source>
<any/>
</source>
<destination>
<any/>
</destination>
<descr>Default LAN -> any</descr>
</rule>
</filter>
<ipsec/>
<aliases>
<alias>
<name>AITMAIN</name>
<address>222.222.0.0/16</address>
<descr>AIT Main Network</descr>
</alias>
<alias>
<name>AITCSIM</name>
<address>111.111.111.0/24</address>
<descr>AIT CSIM Network</descr>
</alias>
</aliases>
<proxyarp/>
<wol/>
<captiveportal>
<interface>lan</interface>
<timeout>1440</timeout>
<idletimeout>60</idletimeout>
<enable/>
<auth_method>radius</auth_method>
<reauthenticateacct>interimupdate</reauthenticateacct>
<httpsname/>
<certificate/>
<private-key/>
<redirurl/>
<radiusip>222.222.5.2</radiusip>
<radiusport>1812</radiusport>
<radiusacctport>1813</radiusacctport>
<radiuskey>foobar</radiuskey>
<page>
<htmltext>...mumble...</htmltext>
</page>
<logoutwin_enable/>
<allowedip>
<ip>222.222.0.0/16</ip>
<descr/>
<dir>to</dir>
</allowedip>
<allowedip>
<ip>111.111.111.0/24</ip>
<descr/>
<dir>to</dir>
</allowedip>
<allowedip>
<ip>123.45.67.45</ip>
<descr/>
<dir>to</dir>
</allowedip>
<allowedip>
<ip>123.45.67.46</ip>
<descr/>
<dir>to</dir>
</allowedip>
<allowedip>
<ip>123.45.67.47</ip>
<descr/>
<dir>to</dir>
</allowedip>
<radacct_enable/>
</captiveportal>
<dhcrelay>
<agentoption/>
<server>222.222.0.6</server>
<lan>
<enable/>
</lan>
</dhcrelay>
<shaper>
<magic>
<p2plow/>
<maskq/>
<maxup>10240</maxup>
<maxdown>10240</maxdown>
</magic>
</shaper>
</m0n0wall>
|