· 7 years ago · Jun 04, 2018, 07:38 PM
1AP-HD-BZ.v3.9.37# cat /tmp/system.cfg
2# unifi
3unifi.version=5.8.20
4unifi.idp=enabled
5unifi.mcip=239.254.127.63
6unifi.key=be6f790e9cd8164f17c141c794e4798c
7unifi.cfgcap_info=0x7
8# system
9system.timezone=GMT0BST,M3.5.0,M10.5.0
10locale.timezone=GMT0BST,M3.5.0,M10.5.0
11# users
12users.status=enabled
13users.1.name=admin
14users.1.password=$6$YeSBOboq$QPv9NtMA8QL8VsIwdWmn2tLqLO1qnFVhHqBLs2Di1vUCcA9KVsYKmARmDEQZj33bhInRxkxJNGuZthK4FtGO5/
15users.1.status=enabled
16users.2.name=nobody
17users.2.password=x
18users.2.shell=/bin/false
19users.2.status=enabled
20# wlans (radio)
21radio.status=enabled
22radio.countrycode=826
23aaa.status=enabled
24wireless.status=enabled
25radio.outdoor=disabled
26radio.1.phyname=wifi0
27radio.1.ack.auto=disabled
28radio.1.acktimeout=64
29radio.1.ampdu.status=enabled
30radio.1.clksel=1
31radio.1.countrycode=826
32radio.1.cwm.enable=0
33radio.1.cwm.mode=0
34radio.1.forbiasauto=0
35radio.1.channel=48
36radio.1.ieee_mode=11naht80
37radio.1.mode=master
38radio.1.rate.auto=enabled
39radio.1.rate.mcs=auto
40radio.1.rfscan=disabled
41radio.1.ubntroam.status=disabled
42radio.1.bcmc_l2_filter.status=enabled
43radio.1.bgscan.status=disabled
44radio.1.antenna.gain=4
45radio.1.antenna=-1
46radio.1.txpower_mode=high
47radio.1.txpower=auto
48radio.1.hard_noisefloor.status=disabled
49radio.1.devname=ath0
50radio.1.status=enabled
51radio.1.virtual.1.devname=ath1
52radio.1.virtual.1.status=enabled
53radio.1.virtual.2.devname=vwire2
54radio.1.virtual.2.status=enabled
55radio.2.phyname=wifi1
56radio.2.ack.auto=disabled
57radio.2.acktimeout=64
58radio.2.ampdu.status=enabled
59radio.2.clksel=1
60radio.2.countrycode=826
61radio.2.cwm.enable=0
62radio.2.cwm.mode=0
63radio.2.forbiasauto=0
64radio.2.channel=11
65radio.2.ieee_mode=11nght20
66radio.2.mode=master
67radio.2.rate.auto=enabled
68radio.2.rate.mcs=auto
69radio.2.rfscan=disabled
70radio.2.ubntroam.status=disabled
71radio.2.bcmc_l2_filter.status=enabled
72radio.2.bgscan.status=disabled
73radio.2.antenna.gain=3
74radio.2.antenna=-1
75radio.2.txpower_mode=medium
76radio.2.txpower=auto
77radio.2.hard_noisefloor.status=disabled
78radio.2.devname=ath3
79radio.2.status=enabled
80radio.2.virtual.1.devname=ath4
81radio.2.virtual.1.status=enabled
82radio.2.virtual.2.devname=vwire5
83radio.2.virtual.2.status=enabled
84aaa.1.pmf.status=disabled
85aaa.1.pmf.mode=0
86aaa.1.ft.status=enabled
87aaa.1.br.devname=br0
88aaa.1.devname=ath0
89aaa.1.driver=madwifi
90aaa.1.ssid=Swifty
91aaa.1.status=enabled
92aaa.1.verbose=2
93aaa.1.wpa=2
94aaa.1.eapol_version=2
95aaa.1.wpa.group_rekey=3600
96aaa.1.wpa.1.pairwise=CCMP
97aaa.1.wpa.key.1.mgmt=WPA-PSK
98aaa.1.wpa.psk=marine10
99aaa.1.id=5b100e0e25acce91fb83c0cf
100wireless.1.mode=master
101wireless.1.devname=ath0
102wireless.1.id=5b100e0e25acce91fb83c0cf
103wireless.1.status=enabled
104wireless.1.authmode=1
105wireless.1.l2_isolation=disabled
106wireless.1.is_guest=false
107wireless.1.security=none
108wireless.1.addmtikie=disabled
109wireless.1.ssid=Swifty
110wireless.1.hide_ssid=false
111wireless.1.mac_acl.status=enabled
112wireless.1.mac_acl.policy=deny
113wireless.1.wmm=enabled
114wireless.1.uapsd=enabled
115wireless.1.parent=wifi0
116wireless.1.puren=0
117wireless.1.pureg=1
118wireless.1.usage=user
119wireless.1.wds=disabled
120wireless.1.mcast.enhance=1
121wireless.1.autowds=disabled
122wireless.1.vport=disabled
123wireless.1.vwire=disabled
124wireless.1.schedule_enabled=disabled
125wireless.1.bga_filter=enabled
126wireless.1.dtim_period=1
127aaa.1.iapp_key=8334615046588281010fa8279a5af097
128aaa.2.pmf.status=disabled
129aaa.2.pmf.mode=0
130aaa.2.ft.status=enabled
131aaa.2.br.devname=br0.2
132aaa.2.devname=ath1
133aaa.2.driver=madwifi
134aaa.2.ssid=Swifty Privileged Guest
135aaa.2.status=enabled
136aaa.2.id=5b100e0e25acce91fb83c0d0
137wireless.2.mode=master
138wireless.2.devname=ath1
139wireless.2.id=5b100e0e25acce91fb83c0d0
140wireless.2.status=enabled
141wireless.2.authmode=0
142wireless.2.l2_isolation=enabled
143wireless.2.is_guest=true
144wireless.2.security=none
145wireless.2.addmtikie=disabled
146wireless.2.ssid=Swifty Privileged Guest
147wireless.2.hide_ssid=false
148wireless.2.mac_acl.status=enabled
149wireless.2.mac_acl.policy=deny
150wireless.2.wmm=enabled
151wireless.2.uapsd=enabled
152wireless.2.parent=wifi0
153wireless.2.puren=0
154wireless.2.pureg=1
155wireless.2.usage=guest
156wireless.2.wds=disabled
157wireless.2.mcast.enhance=1
158wireless.2.autowds=disabled
159wireless.2.vport=disabled
160wireless.2.vwire=disabled
161wireless.2.schedule_enabled=disabled
162wireless.2.bga_filter=enabled
163wireless.2.dtim_period=1
164aaa.2.iapp_key=c94a83c9a8b2b69826145e40e2f8490c
165aaa.3.pmf.status=disabled
166aaa.3.pmf.mode=0
167aaa.3.ft.status=disabled
168aaa.3.br.devname=br0
169aaa.3.devname=vwire2
170aaa.3.driver=madwifi
171aaa.3.ssid=vwire-f2a86816213fbcf7
172aaa.3.status=enabled
173aaa.3.verbose=2
174aaa.3.wpa=2
175aaa.3.eapol_version=2
176aaa.3.wpa.group_rekey=3600
177aaa.3.wpa.1.pairwise=CCMP
178aaa.3.wpa.key.1.mgmt=WPA-PSK
179aaa.3.wpa.psk=bd4aafe262a4cf3fd363ae13aa541ebd
180wireless.3.mode=master
181wireless.3.devname=vwire2
182wireless.3.status=enabled
183wireless.3.authmode=1
184wireless.3.l2_isolation=disabled
185wireless.3.is_guest=false
186wireless.3.security=none
187wireless.3.addmtikie=disabled
188wireless.3.ssid=vwire-f2a86816213fbcf7
189wireless.3.hide_ssid=true
190wireless.3.mac_acl.status=enabled
191wireless.3.mac_acl.policy=deny
192wireless.3.wmm=enabled
193wireless.3.uapsd=disabled
194wireless.3.parent=wifi0
195wireless.3.puren=0
196wireless.3.pureg=1
197wireless.3.usage=downlink
198wireless.3.wds=enabled
199wireless.3.mcast.enhance=0
200wireless.3.autowds=disabled
201wireless.3.vport=disabled
202wireless.3.vwire=enabled
203wireless.3.schedule_enabled=disabled
204wireless.3.bga_filter=disabled
205aaa.4.pmf.status=disabled
206aaa.4.pmf.mode=0
207aaa.4.ft.status=enabled
208aaa.4.br.devname=br0
209aaa.4.devname=ath3
210aaa.4.driver=madwifi
211aaa.4.ssid=Swifty
212aaa.4.status=enabled
213aaa.4.verbose=2
214aaa.4.wpa=2
215aaa.4.eapol_version=2
216aaa.4.wpa.group_rekey=3600
217aaa.4.wpa.1.pairwise=CCMP
218aaa.4.wpa.key.1.mgmt=WPA-PSK
219aaa.4.wpa.psk=marine10
220aaa.4.id=5b100e0e25acce91fb83c0cf
221wireless.4.mode=master
222wireless.4.devname=ath3
223wireless.4.id=5b100e0e25acce91fb83c0cf
224wireless.4.status=enabled
225wireless.4.authmode=1
226wireless.4.l2_isolation=disabled
227wireless.4.is_guest=false
228wireless.4.security=none
229wireless.4.addmtikie=disabled
230wireless.4.ssid=Swifty
231wireless.4.hide_ssid=false
232wireless.4.mac_acl.status=enabled
233wireless.4.mac_acl.policy=deny
234wireless.4.wmm=enabled
235wireless.4.uapsd=enabled
236wireless.4.parent=wifi1
237wireless.4.puren=0
238wireless.4.pureg=1
239wireless.4.usage=user
240wireless.4.wds=disabled
241wireless.4.mcast.enhance=1
242wireless.4.autowds=disabled
243wireless.4.vport=disabled
244wireless.4.vwire=disabled
245wireless.4.schedule_enabled=disabled
246wireless.4.bga_filter=enabled
247wireless.4.dtim_period=1
248aaa.4.iapp_key=8334615046588281010fa8279a5af097
249aaa.5.pmf.status=disabled
250aaa.5.pmf.mode=0
251aaa.5.ft.status=enabled
252aaa.5.br.devname=br0.2
253aaa.5.devname=ath4
254aaa.5.driver=madwifi
255aaa.5.ssid=Swifty Privileged Guest
256aaa.5.status=enabled
257aaa.5.id=5b100e0e25acce91fb83c0d0
258wireless.5.mode=master
259wireless.5.devname=ath4
260wireless.5.id=5b100e0e25acce91fb83c0d0
261wireless.5.status=enabled
262wireless.5.authmode=0
263wireless.5.l2_isolation=enabled
264wireless.5.is_guest=true
265wireless.5.security=none
266wireless.5.addmtikie=disabled
267wireless.5.ssid=Swifty Privileged Guest
268wireless.5.hide_ssid=false
269wireless.5.mac_acl.status=enabled
270wireless.5.mac_acl.policy=deny
271wireless.5.wmm=enabled
272wireless.5.uapsd=enabled
273wireless.5.parent=wifi1
274wireless.5.puren=0
275wireless.5.pureg=1
276wireless.5.usage=guest
277wireless.5.wds=disabled
278wireless.5.mcast.enhance=1
279wireless.5.autowds=disabled
280wireless.5.vport=disabled
281wireless.5.vwire=disabled
282wireless.5.schedule_enabled=disabled
283wireless.5.bga_filter=enabled
284wireless.5.dtim_period=1
285aaa.5.iapp_key=c94a83c9a8b2b69826145e40e2f8490c
286aaa.6.pmf.status=disabled
287aaa.6.pmf.mode=0
288aaa.6.ft.status=disabled
289aaa.6.br.devname=br0
290aaa.6.devname=vwire5
291aaa.6.driver=madwifi
292aaa.6.ssid=vwire-f2a86816213fbcf7
293aaa.6.status=enabled
294aaa.6.verbose=2
295aaa.6.wpa=2
296aaa.6.eapol_version=2
297aaa.6.wpa.group_rekey=3600
298aaa.6.wpa.1.pairwise=CCMP
299aaa.6.wpa.key.1.mgmt=WPA-PSK
300aaa.6.wpa.psk=bd4aafe262a4cf3fd363ae13aa541ebd
301wireless.6.mode=master
302wireless.6.devname=vwire5
303wireless.6.status=enabled
304wireless.6.authmode=1
305wireless.6.l2_isolation=disabled
306wireless.6.is_guest=false
307wireless.6.security=none
308wireless.6.addmtikie=disabled
309wireless.6.ssid=vwire-f2a86816213fbcf7
310wireless.6.hide_ssid=true
311wireless.6.mac_acl.status=enabled
312wireless.6.mac_acl.policy=deny
313wireless.6.wmm=enabled
314wireless.6.uapsd=disabled
315wireless.6.parent=wifi1
316wireless.6.puren=0
317wireless.6.pureg=1
318wireless.6.usage=downlink
319wireless.6.wds=enabled
320wireless.6.mcast.enhance=0
321wireless.6.autowds=disabled
322wireless.6.vport=disabled
323wireless.6.vwire=enabled
324wireless.6.schedule_enabled=disabled
325wireless.6.bga_filter=disabled
326# mesh
327mesh.status=enabled
328mesh.version=3
329mesh.essid=vwire-f2a86816213fbcf7
330mesh.psk=bd4aafe262a4cf3fd363ae13aa541ebd
331# bandsteering
332bandsteering.status=disabled
333# airtime fairness
334atf.status=enabled
335atf.mode=disabled
336# ubntroam
337ubntroam.status=disabled
338# stamgr
339stamgr.status=disabled
340# connectivity
341connectivity.status=enabled
342connectivity.uplink_eth=eth0
343connectivity.uplink_bridge=br0
344# vlan
345vlan.status=enabled
346vlan.1.devname=eth0
347vlan.1.id=2
348vlan.2.devname=eth1
349vlan.2.id=2
350vlan.3.devname=vwire2
351vlan.3.id=2
352vlan.4.devname=vwire5
353vlan.4.id=2
354# bridge
355bridge.status=enabled
356bridge.1.devname=br0
357bridge.1.fd=1
358bridge.1.stp.status=disabled
359bridge.1.port.1.devname=eth0
360bridge.1.port.2.devname=eth1
361bridge.1.port.3.devname=ath0
362bridge.1.port.4.devname=vwire2
363bridge.1.port.5.devname=ath3
364bridge.1.port.6.devname=vwire5
365bridge.2.devname=br0.2
366bridge.2.fd=1
367bridge.2.stp.status=disabled
368bridge.2.port.1.devname=ath1
369bridge.2.port.2.devname=ath4
370bridge.2.port.3.devname=eth0.2
371bridge.2.port.4.devname=eth1.2
372bridge.2.port.5.devname=vwire2.2
373bridge.2.port.6.devname=vwire5.2
374# qos
375qos.status=enabled
376qos.mode=1
377qos.if.1.devname=eth0
378qos.if.1.devspeed=1000
379qos.if.1.type=uplink
380qos.if.2.devname=eth1
381qos.if.2.devspeed=1000
382qos.if.2.type=uplink
383qos.if.3.devname=ath0
384qos.if.3.devspeed=1733
385qos.vap.1.id=1
386qos.vap.1.devname=ath0
387qos.vap.1.dwnlink.minspeed=1733
388qos.vap.1.uplink.1.devname=eth0
389qos.vap.1.uplink.1.minspeed=1733
390qos.vap.1.uplink.2.devname=eth1
391qos.vap.1.uplink.2.minspeed=1733
392qos.vap.1.uplink.3.devname=vwire2
393qos.vap.1.uplink.3.minspeed=1733
394qos.vap.1.uplink.4.devname=vwire5
395qos.vap.1.uplink.4.minspeed=1733
396qos.if.4.devname=ath1
397qos.if.4.devspeed=1733
398qos.vap.2.id=2
399qos.vap.2.devname=ath1
400qos.vap.2.dwnlink.minspeed=5000
401qos.vap.2.dwnlink.maxspeed=5000
402qos.vap.2.uplink.1.devname=eth0
403qos.vap.2.uplink.1.minspeed=1000
404qos.vap.2.uplink.1.maxspeed=1000
405qos.vap.2.uplink.2.devname=eth1
406qos.vap.2.uplink.2.minspeed=1000
407qos.vap.2.uplink.2.maxspeed=1000
408qos.vap.2.uplink.3.devname=vwire2
409qos.vap.2.uplink.3.minspeed=1000
410qos.vap.2.uplink.3.maxspeed=1000
411qos.vap.2.uplink.4.devname=vwire5
412qos.vap.2.uplink.4.minspeed=1000
413qos.vap.2.uplink.4.maxspeed=1000
414qos.if.5.devname=vwire2
415qos.if.5.devspeed=1733
416qos.if.5.type=uplink
417qos.if.6.devname=ath3
418qos.if.6.devspeed=800
419qos.vap.3.id=3
420qos.vap.3.devname=ath3
421qos.vap.3.dwnlink.minspeed=800
422qos.vap.3.uplink.1.devname=eth0
423qos.vap.3.uplink.1.minspeed=800
424qos.vap.3.uplink.2.devname=eth1
425qos.vap.3.uplink.2.minspeed=800
426qos.vap.3.uplink.3.devname=vwire2
427qos.vap.3.uplink.3.minspeed=800
428qos.vap.3.uplink.4.devname=vwire5
429qos.vap.3.uplink.4.minspeed=800
430qos.if.7.devname=ath4
431qos.if.7.devspeed=800
432qos.vap.4.id=4
433qos.vap.4.devname=ath4
434qos.vap.4.dwnlink.minspeed=5000
435qos.vap.4.dwnlink.maxspeed=5000
436qos.vap.4.uplink.1.devname=eth0
437qos.vap.4.uplink.1.minspeed=1000
438qos.vap.4.uplink.1.maxspeed=1000
439qos.vap.4.uplink.2.devname=eth1
440qos.vap.4.uplink.2.minspeed=1000
441qos.vap.4.uplink.2.maxspeed=1000
442qos.vap.4.uplink.3.devname=vwire2
443qos.vap.4.uplink.3.minspeed=1000
444qos.vap.4.uplink.3.maxspeed=1000
445qos.vap.4.uplink.4.devname=vwire5
446qos.vap.4.uplink.4.minspeed=1000
447qos.vap.4.uplink.4.maxspeed=1000
448qos.if.8.devname=vwire5
449qos.if.8.devspeed=800
450qos.if.8.type=uplink
451qos.ebt.1.cmd=PREROUTING --in-interface ath0 -j mark --set-mark 4096 --mark-target CONTINUE
452qos.ebt.2.cmd=POSTROUTING --out-interface ath0 -j mark --mark-or 4096 --mark-target CONTINUE
453qos.ebt.3.cmd=PREROUTING --in-interface ath1 -j mark --set-mark 8192 --mark-target CONTINUE
454qos.ebt.4.cmd=POSTROUTING --out-interface ath1 -j mark --mark-or 8192 --mark-target CONTINUE
455qos.ebt.5.cmd=PREROUTING --in-interface ath3 -j mark --set-mark 12288 --mark-target CONTINUE
456qos.ebt.6.cmd=POSTROUTING --out-interface ath3 -j mark --mark-or 12288 --mark-target CONTINUE
457qos.ebt.7.cmd=PREROUTING --in-interface ath4 -j mark --set-mark 16384 --mark-target CONTINUE
458qos.ebt.8.cmd=POSTROUTING --out-interface ath4 -j mark --mark-or 16384 --mark-target CONTINUE
459# bonding
460bonding.status=disabled
461# netconf
462netconf.status=enabled
463netconf.1.status=enabled
464netconf.1.devname=br0
465netconf.1.ip=0.0.0.0
466netconf.1.autoip.status=disabled
467netconf.1.up=enabled
468netconf.2.status=enabled
469netconf.2.devname=br0.2
470netconf.2.ip=0.0.0.0
471netconf.2.autoip.status=disabled
472netconf.2.up=enabled
473netconf.3.status=enabled
474netconf.3.devname=eth0
475netconf.3.ip=0.0.0.0
476netconf.3.autoip.status=disabled
477netconf.3.promisc=enabled
478netconf.3.up=enabled
479netconf.4.status=enabled
480netconf.4.devname=eth1
481netconf.4.ip=0.0.0.0
482netconf.4.autoip.status=disabled
483netconf.4.promisc=enabled
484netconf.4.up=enabled
485netconf.5.status=enabled
486netconf.5.devname=ath0
487netconf.5.ip=0.0.0.0
488netconf.5.autoip.status=disabled
489netconf.5.promisc=enabled
490netconf.5.up=disabled
491netconf.6.status=enabled
492netconf.6.devname=ath1
493netconf.6.ip=0.0.0.0
494netconf.6.autoip.status=disabled
495netconf.6.promisc=enabled
496netconf.6.up=disabled
497netconf.7.status=enabled
498netconf.7.devname=vwire2
499netconf.7.ip=0.0.0.0
500netconf.7.autoip.status=disabled
501netconf.7.promisc=enabled
502netconf.7.up=disabled
503netconf.8.status=enabled
504netconf.8.devname=ath3
505netconf.8.ip=0.0.0.0
506netconf.8.autoip.status=disabled
507netconf.8.promisc=enabled
508netconf.8.up=disabled
509netconf.9.status=enabled
510netconf.9.devname=ath4
511netconf.9.ip=0.0.0.0
512netconf.9.autoip.status=disabled
513netconf.9.promisc=enabled
514netconf.9.up=disabled
515netconf.10.status=enabled
516netconf.10.devname=vwire5
517netconf.10.ip=0.0.0.0
518netconf.10.autoip.status=disabled
519netconf.10.promisc=enabled
520netconf.10.up=disabled
521netconf.11.status=enabled
522netconf.11.devname=eth0.2
523netconf.11.ip=0.0.0.0
524netconf.11.autoip.status=disabled
525netconf.11.up=enabled
526netconf.12.status=enabled
527netconf.12.devname=eth1.2
528netconf.12.ip=0.0.0.0
529netconf.12.autoip.status=disabled
530netconf.12.up=enabled
531netconf.13.status=enabled
532netconf.13.devname=vwire2.2
533netconf.13.ip=0.0.0.0
534netconf.13.autoip.status=disabled
535netconf.13.up=enabled
536netconf.14.status=enabled
537netconf.14.devname=vwire5.2
538netconf.14.ip=0.0.0.0
539netconf.14.autoip.status=disabled
540netconf.14.up=enabled
541# mac acl
542macacl.status=disabled
543# dhcpc
544dhcpc.status=enabled
545dhcpc.1.status=enabled
546dhcpc.1.devname=br0
547dhcpc.2.status=enabled
548dhcpc.2.ip_only=true
549dhcpc.2.devname=br0.2
550# route
551route.status=enabled
552# resolv
553resolv.status=enabled
554resolv.host.1.name=AP-HD
555resolv.nameserver.1.status=disabled
556resolv.nameserver.2.status=disabled
557# ebtables
558ebtables.status=enabled
559ebtables.add_vlan.status=disabled
560ebtables.1.cmd=-t nat -N GUESTIN -P DROP
561ebtables.2.cmd=-t nat -N GUESTOUT -P ACCEPT
562ebtables.3.cmd=-t nat -A PREROUTING --in-interface ath1 -j GUESTIN
563ebtables.4.cmd=-t nat -A POSTROUTING --out-interface ath1 -j GUESTOUT
564ebtables.5.cmd=-t nat -A PREROUTING --in-interface ath4 -j GUESTIN
565ebtables.6.cmd=-t nat -A POSTROUTING --out-interface ath4 -j GUESTOUT
566ebtables.7.cmd=-t nat -A GUESTIN -p 0x800 --pkttype-type broadcast --ip-proto 17 --ip-sport 68 --ip-dport 67 -j ACCEPT
567ebtables.8.cmd=-t nat -A GUESTIN -p arp -j ACCEPT
568ebtables.9.cmd=-t nat -N GUEST_DNS -P DROP
569ebtables.10.cmd=-t nat -A GUESTIN -p 0x800 --ip-proto 17 --ip-dport 53 -j GUEST_DNS
570ebtables.11.cmd=-t nat -A GUESTIN -p 0x800 --ip-proto 6 --ip-dport 53 -j GUEST_DNS
571ebtables.12.cmd=-t nat -A GUESTIN -p 0x86dd -j DROP
572ebtables.13.cmd=-t nat -A GUESTIN --pkttype-type broadcast -j DROP
573ebtables.14.cmd=-t nat -A GUESTOUT -p 0x800 --pkttype-type broadcast --ip-proto 17 --ip-sport 67 --ip-dport 68 -j ACCEPT
574ebtables.15.cmd=-t nat -A GUESTOUT -p arp -j ACCEPT
575ebtables.16.cmd=-t nat -A GUESTOUT -p 0x86dd -j DROP
576ebtables.17.cmd=-t nat -A GUESTOUT --pkttype-type broadcast -j DROP
577ebtables.18.cmd=-t nat -A GUESTIN -p 0x800 --ip-proto 6 --ip-dport 8880 --ip-dst 192.168.1.12 -j ACCEPT
578ebtables.19.cmd=-t nat -A GUESTIN -p 0x800 --ip-proto 6 --ip-dport 8843 --ip-dst 192.168.1.12 -j ACCEPT
579ebtables.20.cmd=-t nat -N CAPTIVE_PORTAL -P RETURN
580ebtables.21.cmd=-t nat -A GUESTIN -p 0x800 --ip-proto 6 --ip-dport 443 -j CAPTIVE_PORTAL
581ebtables.22.cmd=-t nat -N ALLOWED_DOMAIN_IN -P RETURN
582ebtables.23.cmd=-t nat -I GUESTIN -p 0x800 -j ALLOWED_DOMAIN_IN
583ebtables.24.cmd=-t nat -N ALLOWED_DOMAIN_OUT -P RETURN
584ebtables.25.cmd=-t nat -I GUESTOUT -p 0x800 -j ALLOWED_DOMAIN_OUT
585ebtables.26.cmd=-t nat -A GUESTIN -p 0x800 --ip-dst 224.0.0.0/4 -j DROP
586ebtables.27.cmd=-t nat -A GUESTOUT -p 0x800 --ip-dst 224.0.0.0/4 -j DROP
587ebtables.28.cmd=-t nat -N RESTRICTED_DOMAIN_IN -P RETURN
588ebtables.29.cmd=-t nat -A GUESTIN -p 0x800 -j RESTRICTED_DOMAIN_IN
589ebtables.30.cmd=-t nat -A GUESTIN -p 0x800 --ip-dst 192.168.0.1/24 -j DROP
590ebtables.31.cmd=-t nat -A GUESTIN -p 0x800 --ip-dst -j DROP
591ebtables.32.cmd=-t nat -A GUESTIN -p 0x800 --ip-dst -j DROP
592ebtables.33.cmd=-t nat -N REDIRECT_HTTP
593ebtables.34.cmd=-t nat -A REDIRECT_HTTP -j mark --mark-or 0x00500000 --mark-target CONTINUE
594ebtables.35.cmd=-t nat -A REDIRECT_HTTP -j redirect
595ebtables.36.cmd=-t nat -N REDIRECT_HTTPS
596ebtables.37.cmd=-t nat -A REDIRECT_HTTPS -j mark --mark-or 0x01BB0000 --mark-target CONTINUE
597ebtables.38.cmd=-t nat -A REDIRECT_HTTPS -j redirect
598ebtables.39.cmd=-t nat -N AUTHORIZED_GUESTS -P RETURN
599ebtables.40.cmd=-t nat -A GUESTIN -p 0x800 --pkttype-type otherhost -j AUTHORIZED_GUESTS
600ebtables.41.cmd=-t nat -A GUESTIN -p 0x800 --ip-proto 6 --ip-dport 80 -j REDIRECT_HTTP
601ebtables.42.cmd=-t nat -A GUESTIN -p 0x800 --ip-proto 6 --ip-dport 443 -j REDIRECT_HTTPS
602ebtables.43.cmd=-t nat -N REDIRECT_DNS
603ebtables.44.cmd=-t nat -A REDIRECT_DNS -j mark --mark-or 0x00500000 --mark-target CONTINUE
604ebtables.45.cmd=-t nat -A REDIRECT_DNS -j redirect
605ebtables.46.cmd=-t nat -A GUEST_DNS -p 0x800 --ip-proto 17 --ip-dport 53 -j AUTHORIZED_GUESTS
606ebtables.47.cmd=-t nat -A GUEST_DNS -p 0x800 --ip-proto 6 --ip-dport 53 -j AUTHORIZED_GUESTS
607ebtables.48.cmd=-t nat -A GUEST_DNS -p 0x800 --ip-proto 17 --ip-dport 53 -j REDIRECT_DNS
608ebtables.49.cmd=-t nat -A GUEST_DNS -p 0x800 --ip-proto 6 --ip-dport 53 -j REDIRECT_DNS
609ebtables.50.cmd=-t nat -I GUESTIN -p 0x800 --ip-dst 192.168.1.12 --ip-proto 6 --ip-dport 8881 -j REDIRECT_HTTP
610ebtables.51.cmd=-t nat -I GUESTIN -p 0x800 --ip-dst 192.168.1.12 --ip-proto 6 --ip-dport 8882 -j ACCEPT
611ebtables.52.cmd=-t broute -A BROUTING -i ath1 -p 802_1Q -j DROP
612ebtables.53.cmd=-t broute -A BROUTING -i ath4 -p 802_1Q -j DROP
613ebtables.54.cmd=-t broute -A BROUTING --vlan-id 2 -p 802_1Q -j DROP
614# iptables
615iptables.status=enabled
616iptables.1.cmd=-t nat -A PREROUTING -p tcp -m mark --mark 0x00500000/0xffff0000 -j REDIRECT --to-ports 80
617iptables.2.cmd=-t nat -A PREROUTING -p tcp -m mark --mark 0x01BB0000/0xffff0000 -j REDIRECT --to-ports 443
618iptables.3.cmd=-t nat -A PREROUTING -p udp --dport 53 -m mark --mark 0x00500000/0x00500000 -j REDIRECT --to-ports 53
619# redirector
620redirector.status=enabled
621redirector.url=http://192.168.1.12:8880/guest/s/default/
622redirector.url_https=http://192.168.1.12:8880/guest/s/default/
623redirector.https.status=enabled
624redirector.redirect_pattern=http://192.168.1.12:8881
625# dnsmasq
626dnsmasq.status=enabled
627dnsmasq.1.devname=br0.2
628# syslog
629syslog.status=enabled
630syslog.level=7
631sshd.status=enabled
632sshd.auth.passwd=enabled
633sshd.1.status=enabled
634sshd.1.ifname=br0
635# ntpclient
636ntpclient.status=enabled
637ntpclient.1.status=enabled
638ntpclient.1.server=0.ubnt.pool.ntp.org
639ntpclient.2.status=enabled
640ntpclient.2.server=1.ubnt.pool.ntp.org
641ntpclient.3.status=enabled
642ntpclient.3.server=2.ubnt.pool.ntp.org
643ntpclient.4.status=enabled
644ntpclient.4.server=3.ubnt.pool.ntp.org
645# switch
646switch.status=disabled
647# cron
648cron.status=enabled
649cron.1.status=enabled
650cron.1.user=admin
651cron.1.job.1.status=enabled
652cron.1.job.1.schedule=*/10 * * * *
653cron.1.job.1.cmd=syswrapper.sh refresh-walled-garden 1
654cron.1.job.2.status=enabled
655cron.1.job.2.schedule=0 4 * * *
656cron.1.job.2.cmd=syswrapper.sh 11k-scan
657# walled garden
658dnsmasq.walled_garden.1.status=enabled
659dnsmasq.walled_garden.1.site.1.allowed=192.168.0.1/24
660dnsmasq.walled_garden.1.site.1.restricted=192.168.0.1/24
661# misc