summaryrefslogtreecommitdiffstats
path: root/cf/conf/config.xml
diff options
context:
space:
mode:
Diffstat (limited to 'cf/conf/config.xml')
-rw-r--r--cf/conf/config.xml522
1 files changed, 522 insertions, 0 deletions
diff --git a/cf/conf/config.xml b/cf/conf/config.xml
new file mode 100644
index 0000000..1dba5ab
--- /dev/null
+++ b/cf/conf/config.xml
@@ -0,0 +1,522 @@
+<?xml version="1.0"?>
+<!-- m0n0wall default system configuration -->
+<m0n0wall>
+ <version>1.4</version>
+ <lastchange></lastchange>
+ <system>
+ <hostname>m0n0wall</hostname>
+ <domain>local</domain>
+ <dnsserver></dnsserver>
+ <dnsallowoverride/>
+ <username>admin</username>
+ <password>$1$2xGLA75j$W/jiJc00HYBZX7kFjxjQv0</password>
+ <timezone>Etc/UTC</timezone>
+ <time-update-interval>300</time-update-interval>
+ <timeservers>pool.ntp.org</timeservers>
+ <webgui>
+ <protocol>http</protocol>
+ <!--
+ <port></port>
+ <certificate></certificate>
+ <private-key></private-key>
+ <noassigninterfaces/>
+ <expanddiags/>
+ <noantilockout></noantilockout>
+ -->
+ </webgui>
+ <!-- <disableconsolemenu/> -->
+ <!-- <disablefirmwarecheck/> -->
+ <!-- <shellcmd></shellcmd> -->
+ <!-- <earlyshellcmd></earlyshellcmd> -->
+ <!-- <harddiskstandby></harddiskstandby> -->
+ </system>
+ <interfaces>
+ <lan>
+ <if>sis0</if>
+ <ipaddr>192.168.1.1</ipaddr>
+ <subnet>24</subnet>
+ <media></media>
+ <mediaopt></mediaopt>
+ <!--
+ <wireless>
+ *see below (opt[n])*
+ </wireless>
+ -->
+ </lan>
+ <wan>
+ <if>sis1</if>
+ <mtu></mtu>
+ <ipaddr>dhcp</ipaddr>
+ <!-- *or* ipv4-address *or* 'pppoe' *or* 'pptp' *or* 'bigpond' -->
+ <subnet></subnet>
+ <gateway></gateway>
+ <blockpriv/>
+ <dhcphostname></dhcphostname>
+ <media></media>
+ <mediaopt></mediaopt>
+ <!--
+ <wireless>
+ *see below (opt[n])*
+ </wireless>
+ -->
+ </wan>
+ <!--
+ <opt[n]>
+ <enable/>
+ <descr></descr>
+ <if></if>
+ <ipaddr></ipaddr>
+ <subnet></subnet>
+ <media></media>
+ <mediaopt></mediaopt>
+ <bridge>lan|wan|opt[n]</bridge>
+ <wireless>
+ <mode>hostap *or* bss *or* ibss</mode>
+ <ssid></ssid>
+ <channel></channel>
+ <wep>
+ <enable/>
+ <key>
+ <txkey/>
+ <value></value>
+ </key>
+ </wep>
+ </wireless>
+ </opt[n]>
+ -->
+ </interfaces>
+ <!--
+ <vlans>
+ <vlan>
+ <tag></tag>
+ <if></if>
+ <descr></descr>
+ </vlan>
+ </vlans>
+ -->
+ <staticroutes>
+ <!--
+ <route>
+ <interface>lan|opt[n]|pptp</interface>
+ <network>xxx.xxx.xxx.xxx/xx</network>
+ <gateway>xxx.xxx.xxx.xxx</gateway>
+ <descr></descr>
+ </route>
+ -->
+ </staticroutes>
+ <pppoe>
+ <username></username>
+ <password></password>
+ <provider></provider>
+ <!--
+ <ondemand/>
+ <timeout></timeout>
+ -->
+ </pppoe>
+ <pptp>
+ <username></username>
+ <password></password>
+ <local></local>
+ <subnet></subnet>
+ <remote></remote>
+ <!--
+ <ondemand/>
+ <timeout></timeout>
+ -->
+ </pptp>
+ <bigpond>
+ <username></username>
+ <password></password>
+ <authserver></authserver>
+ <authdomain></authdomain>
+ <minheartbeatinterval></minheartbeatinterval>
+ </bigpond>
+ <dyndns>
+ <!-- <enable/> -->
+ <type>dyndns</type>
+ <username></username>
+ <password></password>
+ <host></host>
+ <mx></mx>
+ <!-- <wildcard/> -->
+ </dyndns>
+ <dhcpd>
+ <lan>
+ <enable/>
+ <range>
+ <from>192.168.1.100</from>
+ <to>192.168.1.199</to>
+ </range>
+ <!--
+ <winsserver>xxx.xxx.xxx.xxx</winsserver>
+ <defaultleasetime></defaultleasetime>
+ <maxleasetime></maxleasetime>
+ <gateway>xxx.xxx.xxx.xxx</gateway>
+ <domain></domain>
+ <dnsserver></dnsserver>
+ <next-server></next-server>
+ <filename></filename>
+ -->
+ </lan>
+ <!--
+ <opt[n]>
+ ...
+ </opt[n]>
+ -->
+ <!--
+ <staticmap>
+ <mac>xx:xx:xx:xx:xx:xx</mac>
+ <ipaddr>xxx.xxx.xxx.xxx</ipaddr>
+ <descr></descr>
+ </staticmap>
+ -->
+ </dhcpd>
+ <pptpd>
+ <mode><!-- off *or* server *or* redir --></mode>
+ <redir></redir>
+ <localip></localip>
+ <remoteip></remoteip>
+ <!-- <accounting/> -->
+ <!--
+ <user>
+ <name></name>
+ <password></password>
+ </user>
+ -->
+ </pptpd>
+ <ovpn>
+ <!--
+ <server>
+ <enable/>
+ <ca_cert></ca_cert>
+ <srv_cert></srv_cert>
+ <srv_key></srv_key>
+ <dh_param></dh_param>
+ <verb></verb>
+ <tun_iface></tun_iface>
+ <port></port>
+ <bind_iface></bind_iface>
+ <cli2cli/>
+ <maxcli></maxcli>
+ <prefix></prefix>
+ <ipblock></ipblock>
+ <crypto></crypto>
+ <dupcn/>
+ <psh_options>
+ <redir></redir>
+ <redir_loc></redir_loc>
+ <rte_delay></rte_delay>
+ <ping></ping>
+ <pingrst></pingrst>
+ <pingexit></pingexit>
+ <inact></inact>
+ </psh_options>
+ </server>
+ <client>
+ <tunnel></tunnel>
+ <ca_cert></ca_cert>
+ <cli_cert></cli_cert>
+ <cli_key></cli_key>
+ <type></type>
+ <tunnel>
+ <if></if>
+ <proto></proto>
+ <cport></cport>
+ <saddr></saddr>
+ <sport></sport>
+ <crypto></crypto>
+ </tunnel>
+ </client>
+ -->
+ </ovpn>
+ <dnsmasq>
+ <enable/>
+ <!--
+ <hosts>
+ <host></host>
+ <domain></domain>
+ <ip></ip>
+ <descr></descr>
+ </hosts>
+ -->
+ </dnsmasq>
+ <snmpd>
+ <!-- <enable/> -->
+ <syslocation></syslocation>
+ <syscontact></syscontact>
+ <rocommunity>public</rocommunity>
+ </snmpd>
+ <diag>
+ <ipv6nat>
+ <!-- <enable/> -->
+ <ipaddr></ipaddr>
+ </ipv6nat>
+ </diag>
+ <bridge>
+ <!-- <filteringbridge/> -->
+ </bridge>
+ <syslog>
+ <!--
+ <reverse/>
+ <enable/>
+ <remoteserver>xxx.xxx.xxx.xxx</remoteserver>
+ <filter/>
+ <dhcp/>
+ <system/>
+ <nologdefaultblock/>
+ -->
+ </syslog>
+ <!--
+ <captiveportal>
+ <enable/>
+ <interface>lan|opt[n]</interface>
+ <idletimeout>minutes</idletimeout>
+ <timeout>minutes</timeout>
+ <page>
+ <htmltext></htmltext>
+ <errtext></errtext>
+ </page>
+ <httpslogin/>
+ <httpsname></httpsname>
+ <certificate></certificate>
+ <private-key></private-key>
+ <redirurl></redirurl>
+ <radiusip></radiusip>
+ <radiusport></radiusport>
+ <radiuskey></radiuskey>
+ <nomacfilter/>
+ </captiveportal>
+ -->
+ <nat>
+ <!--
+ <rule>
+ <interface></interface>
+ <external-address></external-address>
+ <protocol></protocol>
+ <external-port></external-port>
+ <target></target>
+ <local-port></local-port>
+ <descr></descr>
+ </rule>
+ -->
+ <!--
+ <onetoone>
+ <interface></interface>
+ <external>xxx.xxx.xxx.xxx</external>
+ <internal>xxx.xxx.xxx.xxx</internal>
+ <subnet></subnet>
+ <descr></descr>
+ </onetoone>
+ -->
+ <!--
+ <advancedoutbound>
+ <enable/>
+ <rule>
+ <interface></interface>
+ <source>
+ <network>xxx.xxx.xxx.xxx/xx</network>
+ </source>
+ <destination>
+ <not/>
+ <any/>
+ *or*
+ <network>xxx.xxx.xxx.xxx/xx</network>
+ </destination>
+ <target>xxx.xxx.xxx.xxx</target>
+ <descr></descr>
+ </rule>
+ </advancedoutbound>
+ -->
+ <!--
+ <servernat>
+ <ipaddr></ipaddr>
+ <descr></descr>
+ </servernat>
+ -->
+ </nat>
+ <filter>
+ <!-- <tcpidletimeout></tcpidletimeout> -->
+ <rule>
+ <type>pass</type>
+ <descr>Default LAN -&gt; any</descr>
+ <interface>lan</interface>
+ <source>
+ <network>lan</network>
+ </source>
+ <destination>
+ <any/>
+ </destination>
+ </rule>
+ <!-- rule syntax:
+ <rule>
+ <disabled/>
+ <type>pass|block|reject</type>
+ <descr>...</descr>
+ <interface>lan|opt[n]|wan|pptp</interface>
+ <protocol>tcp|udp|tcp/udp|...</protocol>
+ <icmptype></icmptype>
+ <source>
+ <not/>
+
+ <address>xxx.xxx.xxx.xxx(/xx) or alias</address>
+ *or*
+ <network>lan|opt[n]|pptp</network>
+ *or*
+ <any/>
+
+ <port>a[-b]</port>
+ </source>
+ <destination>
+ *same as for source*
+ </destination>
+ <frags/>
+ <log/>
+ </rule>
+ -->
+ </filter>
+ <shaper>
+ <!-- <enable/> -->
+ <!-- rule syntax:
+ <rule>
+ <disabled/>
+ <descr></descr>
+
+ <targetpipe>number (zero based)</targetpipe>
+ *or*
+ <targetqueue>number (zero based)</targetqueue>
+
+ <interface>lan|wan|opt[n]|pptp</interface>
+ <protocol>tcp|udp</protocol>
+ <direction>in|out</direction>
+ <source>
+ <not/>
+
+ <address>xxx.xxx.xxx.xxx(/xx)</address>
+ *or*
+ <network>lan|opt[n]|pptp</network>
+ *or*
+ <any/>
+
+ <port>a[-b]</port>
+ </source>
+ <destination>
+ *same as for source*
+ </destination>
+
+ <iplen>from[-to]</iplen>
+ <iptos>(!)lowdelay,throughput,reliability,mincost,congestion</iptos>
+ <tcpflags>(!)fin,syn,rst,psh,ack,urg</tcpflags>
+ </rule>
+ <pipe>
+ <descr></descr>
+ <bandwidth></bandwidth>
+ <delay></delay>
+ <mask>source|destination</mask>
+ </pipe>
+ <queue>
+ <descr></descr>
+ <targetpipe>number (zero based)</targetpipe>
+ <weight></weight>
+ <mask>source|destination</mask>
+ </queue>
+ -->
+ </shaper>
+ <ipsec>
+ <!-- <enable/> -->
+ <!-- syntax:
+ <tunnel>
+ <disabled/>
+ <auto/>
+ <descr></descr>
+ <interface>lan|wan|opt[n]</interface>
+ <local-subnet>
+ <address>xxx.xxx.xxx.xxx(/xx)</address>
+ *or*
+ <network>lan|opt[n]</network>
+ </local-subnet>
+ <remote-subnet>xxx.xxx.xxx.xxx/xx</remote-subnet>
+ <remote-gateway></remote-gateway>
+ <p1>
+ <mode></mode>
+ <myident>
+ <myaddress/>
+ *or*
+ <address>xxx.xxx.xxx.xxx</address>
+ *or*
+ <fqdn>the.fq.dn</fqdn>
+ </myident>
+ <encryption-algorithm></encryption-algorithm>
+ <hash-algorithm></hash-algorithm>
+ <dhgroup></dhgroup>
+ <lifetime></lifetime>
+ <pre-shared-key></pre-shared-key>
+ </p1>
+ <p2>
+ <protocol></protocol>
+ <encryption-algorithm-option></encryption-algorithm-option>
+ <hash-algorithm-option></hash-algorithm-option>
+ <pfsgroup></pfsgroup>
+ <lifetime></lifetime>
+ </p2>
+ </tunnel>
+ <mobileclients>
+ <enable/>
+ <p1>
+ <mode></mode>
+ <myident>
+ <myaddress/>
+ *or*
+ <address>xxx.xxx.xxx.xxx</address>
+ *or*
+ <fqdn>the.fq.dn</fqdn>
+ </myident>
+ <encryption-algorithm></encryption-algorithm>
+ <hash-algorithm></hash-algorithm>
+ <dhgroup></dhgroup>
+ <lifetime></lifetime>
+ </p1>
+ <p2>
+ <protocol></protocol>
+ <encryption-algorithm-option></encryption-algorithm-option>
+ <hash-algorithm-option></hash-algorithm-option>
+ <pfsgroup></pfsgroup>
+ <lifetime></lifetime>
+ </p2>
+ </mobileclients>
+ <mobilekey>
+ <ident></ident>
+ <pre-shared-key></pre-shared-key>
+ </mobilekey>
+ -->
+ </ipsec>
+ <aliases>
+ <!--
+ <alias>
+ <name></name>
+ <address>xxx.xxx.xxx.xxx(/xx)</address>
+ <descr></descr>
+ </alias>
+ -->
+ </aliases>
+ <proxyarp>
+ <!--
+ <proxyarpnet>
+ <network>xxx.xxx.xxx.xxx/xx</network>
+ *or*
+ <range>
+ <from>xxx.xxx.xxx.xxx</from>
+ <to>xxx.xxx.xxx.xxx</to>
+ </range>
+ </proxyarpnet>
+ -->
+ </proxyarp>
+ <wol>
+ <!--
+ <wolentry>
+ <interface>lan|opt[n]</interface>
+ <mac>xx:xx:xx:xx:xx:xx</mac>
+ <descr></descr>
+ </wolentry>
+ -->
+ </wol>
+</m0n0wall>
OpenPOWER on IntegriCloud