config interface 'se00'
option ifname 'se00'
option proto 'static'
option ipaddr '172.30.42.1'
option netmask '255.255.255.224'
option ip6assign '64'
config interface 'se01'
option ifname 'se01'
option proto 'static'
option ipaddr '172.30.42.33'
option netmask '255.255.255.224'
option ip6assign '64'
config interface 'ge00'
option ifname 'ge00'
option proto 'pppoe'
option username 'myusername'
option password 'mypassword'
config switch
option name 'rtl8366s'
option reset '1'
option blinkrate '2'
option max_length '3'
option enable_vlan '1'
option enable_vlan4k '1'
config switch_vlan
option device 'rtl8366s'
option vlan '1'
option ports '2 3 5t'
config switch_vlan
option device 'rtl8366s'
option vlan '2'
option ports '0 1 5t'
config switch_port
option device 'rtl8366s'
option port '1'
option led '6'
config switch_port
option device 'rtl8366s'
option port '2'
option led '9'
config switch_port
option device 'rtl8366s'
option port '5'
option led '2'
Firewall
config defaults
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
option drop_invalid '1'
option syn_flood '1'
option synflood_rate '200'
option synflood_burst '500'
option tcp_ecn '1'
config zone
option input 'ACCEPT'
option forward 'REJECT'
option output 'ACCEPT'
option name 'wan'
option masq '1'
option mtu_fix '1'
option network 'ge00'
config zone
option input 'ACCEPT'
option forward 'ACCEPT'
option output 'ACCEPT'
option name 'lan'
option network 'se00 se01 sw00 sw10'
config forwarding
option dest 'wan'
option src 'lan'
config forwarding
option dest 'lan'
option src 'wan'
config zone
option input 'ACCEPT'
option output 'ACCEPT'
option name 'guest'
option forward 'ACCEPT'
option network 'gw00 gw01 gw10 gw11'
config forwarding
option dest 'wan'
option src 'guest'
config forwarding
option dest 'guest'
option src 'lan'
config forwarding
option dest 'guest'
option src 'wan'
config rule
option target 'ACCEPT'
option name 'domain'
option src '*'
option dest '*'
option dest_port '53'
config rule
option target 'ACCEPT'
option name 'ntp'
option proto 'udp'
option dest '*'
option src '*'
option dest_port '123'
config rule
option target 'ACCEPT'
option name 'dhcp4'
option family 'ipv4'
option proto 'udp'
option src '*'
option dest '*'
option dest_port '68'
config rule
option target 'ACCEPT'
option name 'printers'
option proto 'tcp'
option src '*'
option dest '*'
option dest_port '631'
config rule
option target 'ACCEPT'
option name 'Useful Services'
option proto 'tcp'
option src '*'
option dest '*'
option dest_port '80 443 873 993'
config rule
option target 'ACCEPT'
option name 'ipv6 dfz'
option family 'ipv6'
option proto 'all'
option src '*'
option dest 'guest'
config rule
option target 'ACCEPT'
option name 'icmpv6'
option family 'ipv6'
option proto 'icmp'
option src '*'
option dest '*'
config rule
option src 'wan'
option proto 'tcp udp'
option dest_port '81 137 138 139 445 9091 8123'
option name 'blockconfig'
option target 'DROP'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option src_ip 'fe80::/10'
option src_port '547'
option dest_ip 'fe80::/10'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option src 'guest'
option proto 'tcp udp'
option dest_port '81 137 138 139 445 8123'
option name 'blockconfig2'
option target 'DROP'
DHCP
config dnsmasq
option domainneeded '1'
option boguspriv '1'
option filterwin2k '0'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/home.lan/'
option domain 'home.lan'
option expandhosts '1'
option port '53'
option nonegcache '0'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.auto'
option cachesize '5000'
option dhcpscript '/etc/dnsmasq_net6.sh'
list notinterface 'ge00'
config dhcp 'se00'
option interface 'se00'
option start '2'
option limit '26'
list dhcp_option '42,0.0.0.0'
list dhcp_option '44,0.0.0.0'
list dhcp_option '45,0.0.0.0'
list dhcp_option '46,8'
option leasetime '24h'
option domain 'home.lan'
config dhcp 'se01'
option interface 'se01'
option start '34'
option limit '4'
option leasetime '24h'
option domain 'home.lan'
config dhcp 'ge00'
option interface 'ge00'
option ignore '1'
config domain
option name 'gw.home.lan'
option ip '172.30.42.1'
config domain
option name 'wpad.home.lan'
option ip '172.30.42.1'