|
version 1.1, 2010/09/29 14:13:30
|
version 1.2, 2011/06/08 12:45:40
|
|
Line 0
|
Line 1
|
| |
<?xml version="1.0"?> |
| |
<!-- elwix default system configuration --> |
| |
<!-- $Id$ --> |
| |
<elwix> |
| |
<version>1.0</version> |
| |
<lastchange></lastchange> |
| |
<system> |
| |
<hostname>elwix</hostname> |
| |
<domain>elwix.org</domain> |
| |
<dnsserver></dnsserver> |
| |
<dnsallowoverride/> |
| |
<username>admin</username> |
| |
<password>$1$2xGLA75j$W/jiJc00HYBZX7kFjxjQv0</password> |
| |
<timezone>Europe/Sofia</timezone> |
| |
<time-update-interval>300</time-update-interval> |
| |
<timeservers>pool.ntp.org</timeservers> |
| |
<timeservers-randomize/> <!-- first time usage only --> |
| |
<webgui> |
| |
<protocol>http</protocol> |
| |
<!-- |
| |
<port></port> |
| |
<certificate></certificate> |
| |
<private-key></private-key> |
| |
<noassigninterfaces/> |
| |
<expanddiags/> |
| |
<noantilockout></noantilockout> |
| |
--> |
| |
</webgui> |
| |
<!-- |
| |
<user> |
| |
<name></name> |
| |
<fullname></fullname> |
| |
<groupname></groupname> |
| |
<password></password> |
| |
</user> |
| |
--> |
| |
<!-- |
| |
<group> |
| |
<name></name> |
| |
<description></description> |
| |
<pages></pages> |
| |
</group> |
| |
--> |
| |
<!-- <disableconsolemenu/> --> |
| |
<!-- <disablefirmwarecheck/> --> |
| |
<!-- <shellcmd></shellcmd> --> |
| |
<!-- <earlyshellcmd></earlyshellcmd> --> |
| |
<!-- <harddiskstandby></harddiskstandby> --> |
| |
<!-- <polling/> --> |
| |
<!-- <notes></notes> --> |
| |
<!-- <enableipv6/> --> |
| |
</system> |
| |
<interfaces> |
| |
<lan> |
| |
<if>fxp0</if> |
| |
<ipaddr>192.168.1.1</ipaddr> |
| |
<subnet>24</subnet> |
| |
<media></media> |
| |
<mediaopt></mediaopt> |
| |
<!-- |
| |
<ipaddr6>xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx|6to4</ipaddr6> |
| |
<subnet6></subnet6> |
| |
<ipv6ra /> |
| |
<wireless> |
| |
*see below (opt[n])* |
| |
</wireless> |
| |
--> |
| |
</lan> |
| |
<wan> |
| |
<if>sis1</if> |
| |
<ipaddr>dhcp</ipaddr> |
| |
<!-- *or* ipv4-address *or* 'pppoe' *or* 'pptp' --> |
| |
<subnet></subnet> |
| |
<gateway></gateway> |
| |
<blockpriv/> |
| |
<dhcphostname></dhcphostname> |
| |
<media></media> |
| |
<mediaopt></mediaopt> |
| |
<!-- |
| |
<ipaddr6>xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx|6to4|ppp|aiccu</ipaddr6> |
| |
<subnet6></subnet6> |
| |
<gateway6></gateway6> |
| |
<tunnel6>xxx.xxx.xxx.xxx</tunnel6> |
| |
<aiccu> |
| |
<username></username> |
| |
<password></password> |
| |
<tunnelid></tunnelid> |
| |
</aiccu> |
| |
<ispointtopoint/> |
| |
<wireless> |
| |
*see below (opt[n])* |
| |
</wireless> |
| |
--> |
| |
</wan> |
| |
<!-- |
| |
<opt[n]> |
| |
<enable/> |
| |
<descr></descr> |
| |
<if></if> |
| |
<ipaddr></ipaddr> |
| |
<subnet></subnet> |
| |
<ipaddr6>xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx|6to4</ipaddr6> |
| |
<subnet6></subnet6> |
| |
<ipv6ra /> |
| |
<media></media> |
| |
<mediaopt></mediaopt> |
| |
<bridge>lan|wan|opt[n]</bridge> |
| |
<wireless> |
| |
<standard>11a|11b|11g</standard> |
| |
<mode>hostap *or* bss *or* ibss</mode> |
| |
<ssid></ssid> |
| |
<channel></channel> |
| |
<wep> |
| |
<enable/> |
| |
<key> |
| |
<txkey/> |
| |
<value></value> |
| |
</key> |
| |
</wep> |
| |
<hidessid/> |
| |
<wpa> |
| |
<mode>none|psk|enterprise</mode> |
| |
<version>1|2|3</version> |
| |
<cipher>tkip|ccmp|both</cipher> |
| |
<psk></psk> |
| |
<radius> |
| |
<server></server> |
| |
<authport></authport> |
| |
<acctport></acctport> |
| |
<secret></secret> |
| |
</radius> |
| |
</wpa> |
| |
</wireless> |
| |
</opt[n]> |
| |
--> |
| |
</interfaces> |
| |
<!-- |
| |
<vlans> |
| |
<vlan> |
| |
<tag></tag> |
| |
<if></if> |
| |
<descr></descr> |
| |
</vlan> |
| |
</vlans> |
| |
--> |
| |
<staticroutes> |
| |
<!-- |
| |
<route> |
| |
<interface>lan|opt[n]|pptp</interface> |
| |
<network>xxx.xxx.xxx.xxx/xx</network> |
| |
<gateway>xxx.xxx.xxx.xxx</gateway> |
| |
<descr></descr> |
| |
</route> |
| |
<route6> |
| |
<interface>lan|opt[n]</interface> |
| |
<network>xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx/xx</network> |
| |
<gateway>xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx</gateway> |
| |
<descr></descr> |
| |
</route6> |
| |
--> |
| |
</staticroutes> |
| |
<pppoe> |
| |
<username></username> |
| |
<password></password> |
| |
<provider></provider> |
| |
<!-- |
| |
<mtu></mtu> |
| |
<dnsnosec/> |
| |
--> |
| |
</pppoe> |
| |
<pptp> |
| |
<username></username> |
| |
<password></password> |
| |
<local></local> |
| |
<subnet></subnet> |
| |
<remote></remote> |
| |
<!-- |
| |
<local-ip></local-ip> |
| |
<remote-ip></remote-ip> |
| |
--> |
| |
</pptp> |
| |
<dyndns> |
| |
<!-- <enable/> --> |
| |
<type>dyndns</type> |
| |
<username></username> |
| |
<password></password> |
| |
<host></host> |
| |
<mx></mx> |
| |
<!-- <wildcard/> --> |
| |
<server></server> |
| |
<port></port> |
| |
</dyndns> |
| |
<dnsupdate> |
| |
<!-- |
| |
<enable/> |
| |
<host></host> |
| |
<ttl></ttl> |
| |
<keyname></keyname> |
| |
<keydata></keydata> |
| |
</usetcp> |
| |
--> |
| |
</dnsupdate> |
| |
<dhcpd> |
| |
<lan> |
| |
<enable/> |
| |
<range> |
| |
<from>192.168.1.100</from> |
| |
<to>192.168.1.199</to> |
| |
</range> |
| |
<!-- |
| |
<winsserver>xxx.xxx.xxx.xxx</winsserver> |
| |
<defaultleasetime></defaultleasetime> |
| |
<maxleasetime></maxleasetime> |
| |
<gateway>xxx.xxx.xxx.xxx</gateway> |
| |
<domain></domain> |
| |
<dnsserver></dnsserver> |
| |
<next-server></next-server> |
| |
<filename></filename> |
| |
<staticmap> |
| |
<mac>xx:xx:xx:xx:xx:xx</mac> |
| |
<ipaddr>xxx.xxx.xxx.xxx</ipaddr> |
| |
<descr></descr> |
| |
</staticmap> |
| |
--> |
| |
</lan> |
| |
<!-- |
| |
<opt[n]> |
| |
... |
| |
</opt[n]> |
| |
--> |
| |
</dhcpd> |
| |
<pptpd> |
| |
<mode><!-- off *or* server *or* redir --></mode> |
| |
<nunits>16</nunits> |
| |
<redir></redir> |
| |
<localip></localip> |
| |
<remoteip></remoteip> |
| |
<!-- <dnsserver></dnsserver> --> |
| |
<!-- <accounting/> --> |
| |
<!-- |
| |
<user> |
| |
<name></name> |
| |
<password></password> |
| |
</user> |
| |
<radius> |
| |
<enable/> |
| |
<accounting/> |
| |
<radiusip/> |
| |
<server></server> |
| |
<secret></secret> |
| |
</radius> |
| |
--> |
| |
<!-- <nofwrulegen/> --> |
| |
</pptpd> |
| |
<dnsmasq> |
| |
<enable/> |
| |
<!-- |
| |
<hosts> |
| |
<host></host> |
| |
<domain></domain> |
| |
<ip></ip> |
| |
<descr></descr> |
| |
</hosts> |
| |
<domainoverrides> |
| |
<domain></domain> |
| |
<ip></ip> |
| |
<descr></descr> |
| |
</domainoverrides> |
| |
--> |
| |
</dnsmasq> |
| |
<snmpd> |
| |
<!-- <enable/> --> |
| |
<syslocation></syslocation> |
| |
<syscontact></syscontact> |
| |
<rocommunity>public</rocommunity> |
| |
<!-- <bindlan/> --> |
| |
</snmpd> |
| |
<diag> |
| |
<!-- <ipfstatentries></ipfstatentries> --> |
| |
</diag> |
| |
<bridge> |
| |
<!-- <filteringbridge/> --> |
| |
</bridge> |
| |
<syslog> |
| |
<!-- |
| |
<reverse/> |
| |
<enable/> |
| |
<remoteserver>xxx.xxx.xxx.xxx</remoteserver> |
| |
<remoteport>514</remoteport> |
| |
<filter/> |
| |
<dhcp/> |
| |
<system/> |
| |
<portalauth/> |
| |
<vpn/> |
| |
<nologdefaultblock/> |
| |
<resolve/> |
| |
--> |
| |
</syslog> |
| |
<!-- |
| |
<captiveportal> |
| |
<enable/> |
| |
<interface>lan|opt[n]</interface> |
| |
<idletimeout>minutes</idletimeout> |
| |
<timeout>minutes</timeout> |
| |
<page> |
| |
<htmltext></htmltext> |
| |
<errtext></errtext> |
| |
</page> |
| |
<httpslogin/> |
| |
<httpsname></httpsname> |
| |
<certificate></certificate> |
| |
<private-key></private-key> |
| |
<redirurl></redirurl> |
| |
<auth_method>none|radius|local</auth_method> |
| |
<radiusip></radiusip> |
| |
<radiusip2></radiusip2> |
| |
<radiusport></radiusport> |
| |
<radiusport2></radiusport2> |
| |
<radiuskey></radiuskey> |
| |
<radiuskey2></radiuskey2> |
| |
<radiussession_timeout></radiussession_timeout> |
| |
<nomacfilter/> |
| |
<reauthenticate/> |
| |
<reauthenticateacct>stopstart|interimupdate</reauthenticateacct> |
| |
<maxproc></maxproc> |
| |
<maxprocperip></maxprocperip> |
| |
<croninterval></croninterval> |
| |
|
| |
<user> |
| |
<name></name> |
| |
<fullname></fullname> |
| |
<password></password> |
| |
<expirationdate></expirationdate> |
| |
</user> |
| |
|
| |
<element> |
| |
<name></name> |
| |
<size></size> |
| |
<content></content> |
| |
</element> |
| |
</captiveportal> |
| |
--> |
| |
<nat> |
| |
<!-- |
| |
<rule> |
| |
<interface></interface> |
| |
<external-address></external-address> |
| |
<protocol></protocol> |
| |
<external-port></external-port> |
| |
<target></target> |
| |
<local-port></local-port> |
| |
<descr></descr> |
| |
</rule> |
| |
--> |
| |
<!-- |
| |
<onetoone> |
| |
<interface></interface> |
| |
<external>xxx.xxx.xxx.xxx</external> |
| |
<internal>xxx.xxx.xxx.xxx</internal> |
| |
<subnet></subnet> |
| |
<descr></descr> |
| |
</onetoone> |
| |
--> |
| |
<!-- |
| |
<advancedoutbound> |
| |
<enable/> |
| |
<rule> |
| |
<interface></interface> |
| |
<source> |
| |
<network>xxx.xxx.xxx.xxx/xx</network> |
| |
</source> |
| |
<destination> |
| |
<not/> |
| |
<any/> |
| |
*or* |
| |
<network>xxx.xxx.xxx.xxx/xx</network> |
| |
</destination> |
| |
<target>xxx.xxx.xxx.xxx</target> |
| |
<descr></descr> |
| |
<noportmap/> |
| |
</rule> |
| |
</advancedoutbound> |
| |
--> |
| |
<!-- |
| |
<servernat> |
| |
<ipaddr></ipaddr> |
| |
<descr></descr> |
| |
</servernat> |
| |
--> |
| |
<!-- |
| |
<portrange-low></portrange-low> |
| |
<portrange-high></portrange-high> |
| |
--> |
| |
</nat> |
| |
<filter> |
| |
<!-- <tcpidletimeout></tcpidletimeout> --> |
| |
<!-- <bypassstaticroutes/> --> |
| |
<!-- <allowipsecfrags/> --> |
| |
<rule> |
| |
<type>pass</type> |
| |
<descr>Default LAN -> any</descr> |
| |
<interface>lan</interface> |
| |
<source> |
| |
<network>lan</network> |
| |
</source> |
| |
<destination> |
| |
<any/> |
| |
</destination> |
| |
</rule> |
| |
<rule> |
| |
<type>pass</type> |
| |
<descr>Default IPsec VPN</descr> |
| |
<interface>ipsec</interface> |
| |
<source> |
| |
<any/> |
| |
</source> |
| |
<destination> |
| |
<any/> |
| |
</destination> |
| |
</rule> |
| |
<!-- rule syntax: |
| |
<rule/rule6> |
| |
<disabled/> |
| |
<type>pass|block|reject</type> |
| |
<descr>...</descr> |
| |
<interface>lan|opt[n]|wan|pptp|ipsec</interface> |
| |
<protocol>tcp|udp|tcp/udp|...</protocol> |
| |
<icmptype></icmptype> |
| |
<source> |
| |
<not/> |
| |
|
| |
<address>xxx.xxx.xxx.xxx(/xx) or alias</address> |
| |
*or* |
| |
<network>lan|opt[n]|pptp</network> |
| |
*or* |
| |
<any/> |
| |
|
| |
<port>a[-b]</port> |
| |
</source> |
| |
<destination> |
| |
*same as for source* |
| |
</destination> |
| |
<frags/> |
| |
<log/> |
| |
</rule/rule6> |
| |
--> |
| |
</filter> |
| |
<shaper> |
| |
<!-- <enable/> --> |
| |
<!-- rule syntax: |
| |
<rule> |
| |
<disabled/> |
| |
<descr></descr> |
| |
|
| |
<targetpipe>number (zero based)</targetpipe> |
| |
*or* |
| |
<targetqueue>number (zero based)</targetqueue> |
| |
|
| |
<interface>lan|wan|opt[n]|pptp</interface> |
| |
<protocol>tcp|udp</protocol> |
| |
<direction>in|out</direction> |
| |
<source> |
| |
<not/> |
| |
|
| |
<address>xxx.xxx.xxx.xxx(/xx)</address> |
| |
*or* |
| |
<network>lan|opt[n]|pptp</network> |
| |
*or* |
| |
<any/> |
| |
|
| |
<port>a[-b]</port> |
| |
</source> |
| |
<destination> |
| |
*same as for source* |
| |
</destination> |
| |
|
| |
<iplen>from[-to]</iplen> |
| |
<iptos>(!)lowdelay,throughput,reliability,mincost,congestion</iptos> |
| |
<tcpflags>(!)fin,syn,rst,psh,ack,urg</tcpflags> |
| |
</rule> |
| |
<pipe> |
| |
<descr></descr> |
| |
<bandwidth></bandwidth> |
| |
<delay></delay> |
| |
<mask>source|destination</mask> |
| |
</pipe> |
| |
<queue> |
| |
<descr></descr> |
| |
<targetpipe>number (zero based)</targetpipe> |
| |
<weight></weight> |
| |
<mask>source|destination</mask> |
| |
</queue> |
| |
--> |
| |
</shaper> |
| |
<ipsec> |
| |
<!-- <enable/> --> |
| |
<!-- <preferoldsa/> --> |
| |
<!-- <dns-interval></dns-interval> --> |
| |
<!-- syntax: |
| |
<tunnel> |
| |
<disabled/> |
| |
<auto/> |
| |
<descr></descr> |
| |
<dpddelay></dpddelay> |
| |
<interface>lan|wan|opt[n]</interface> |
| |
<local-subnet> |
| |
<address>xxx.xxx.xxx.xxx(/xx)</address> |
| |
*or* |
| |
<network>lan|opt[n]</network> |
| |
</local-subnet> |
| |
<remote-subnet>xxx.xxx.xxx.xxx/xx</remote-subnet> |
| |
<remote-gateway></remote-gateway> |
| |
<p1> |
| |
<mode></mode> |
| |
<myident> |
| |
<myaddress/> |
| |
*or* |
| |
<address>xxx.xxx.xxx.xxx</address> |
| |
*or* |
| |
<fqdn>the.fq.dn</fqdn> |
| |
</myident> |
| |
<encryption-algorithm></encryption-algorithm> |
| |
<hash-algorithm></hash-algorithm> |
| |
<dhgroup></dhgroup> |
| |
<lifetime></lifetime> |
| |
<pre-shared-key></pre-shared-key> |
| |
</p1> |
| |
<p2> |
| |
<protocol></protocol> |
| |
<encryption-algorithm-option></encryption-algorithm-option> |
| |
<hash-algorithm-option></hash-algorithm-option> |
| |
<pfsgroup></pfsgroup> |
| |
<lifetime></lifetime> |
| |
</p2> |
| |
</tunnel> |
| |
<mobileclients> |
| |
<enable/> |
| |
<dpddelay></dpddelay> |
| |
<p1> |
| |
<mode></mode> |
| |
<myident> |
| |
<myaddress/> |
| |
*or* |
| |
<address>xxx.xxx.xxx.xxx</address> |
| |
*or* |
| |
<fqdn>the.fq.dn</fqdn> |
| |
</myident> |
| |
<encryption-algorithm></encryption-algorithm> |
| |
<hash-algorithm></hash-algorithm> |
| |
<dhgroup></dhgroup> |
| |
<lifetime></lifetime> |
| |
</p1> |
| |
<p2> |
| |
<protocol></protocol> |
| |
<encryption-algorithm-option></encryption-algorithm-option> |
| |
<hash-algorithm-option></hash-algorithm-option> |
| |
<pfsgroup></pfsgroup> |
| |
<lifetime></lifetime> |
| |
</p2> |
| |
</mobileclients> |
| |
<mobilekey> |
| |
<ident></ident> |
| |
<pre-shared-key></pre-shared-key> |
| |
</mobilekey> |
| |
--> |
| |
</ipsec> |
| |
<aliases> |
| |
<!-- |
| |
<alias> |
| |
<name></name> |
| |
<address>xxx.xxx.xxx.xxx(/xx)</address> |
| |
<descr></descr> |
| |
</alias> |
| |
--> |
| |
</aliases> |
| |
<proxyarp> |
| |
<!-- |
| |
<proxyarpnet> |
| |
<network>xxx.xxx.xxx.xxx/xx</network> |
| |
*or* |
| |
<range> |
| |
<from>xxx.xxx.xxx.xxx</from> |
| |
<to>xxx.xxx.xxx.xxx</to> |
| |
</range> |
| |
</proxyarpnet> |
| |
--> |
| |
</proxyarp> |
| |
<wol> |
| |
<!-- |
| |
<wolentry> |
| |
<interface>lan|opt[n]</interface> |
| |
<mac>xx:xx:xx:xx:xx:xx</mac> |
| |
<descr></descr> |
| |
</wolentry> |
| |
--> |
| |
</wol> |
| |
</elwix> |
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to config.xml CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedtools / etc