ar7cfg {
mode = dsldmode_bridge;
ethmode = ethmode_bridge;
ethinterfaces {
name = "eth0";
ipaddr = 192.168.178.1;
netmask = 255.255.255.0;
} {
name = "eth1";
ipaddr = 192.168.181.1;
netmask = 255.255.255.0;
} {
name = "usbrndis";
ipaddr = 192.168.179.1;
netmask = 255.255.255.0;
} {
name = "wlan";
interfaces = "tiwlan0", "wdsup0", "wdsdw0", "wdsdw1", "wdsdw2", "wdsdw3";
ipaddr = 192.168.182.1;
netmask = 255.255.255.0;
}
brinterfaces {
name = "lan";
ipaddr = 192.168.178.1;
netmask = 255.255.255.0;
interfaces = "eth0", "usbrndis", "eth1", "tiwlan0", "wdsup0", "wdsdw0", "wdsdw1", "wdsdw2", "wdsdw3";
}
dslinterface {
name = "dsl";
ipaddr = 192.168.179.1;
netmask = 255.255.255.255;
dstipaddr = 192.168.179.1;
}
pppoefw {
interfaces = "usbrndis", "eth0", "eth1", "tiwlan0", "wdsup0", "wdsdw0", "wdsdw1", "wdsdw2", "wdsdw3";
dpconfig {
security = dpsec_host;
lowinput {
policy = "reject";
accesslist =
"permit ip any any connection outgoing-related",
"permit ip any any connection incoming-related",
"permit icmp any any";
}
lowoutput {
policy = "permit";
}
highinput {
policy = "permit";
}
highoutput {
policy = "permit";
accesslist =
"reject ip any 242.0.0.0 255.0.0.0",
"deny ip any host 255.255.255.255",
"reject ip any 169.254.0.0 255.255.0.0",
"reject udp any any eq 135",
"reject tcp any any eq 135",
"reject udp any any range 137 139",
"reject tcp any any range 137 139",
"reject udp any any range 161 162",
"reject udp any any eq 520",
"reject udp any any eq 111",
"reject udp any any eq 22289",
"reject udp any any eq 1710",
"reject udp any any eq 1048",
"reject udp any any eq 158",
"reject udp any any eq 515",
"reject icmp any 149.1.1.0 255.255.255.0";
}
shaper = "globalshaper";
}
}
vccs {
VPI = 1;
VCI = 32;
dsl_encap = dslencap_pppoe;
connections = "internet", "voip";
}
dslifaces {
name = "internet";
ppptarget = "internet";
stay_always_online = no;
username_prefix_after_auth_failure = "";
dsldpconfig {
security = dpsec_firewall;
lowinput {
policy = "permit";
accesslist =
"deny ip any 242.0.0.0 255.0.0.0",
"deny ip any host 255.255.255.255",
"deny udp any any eq 135",
"deny tcp any any eq 135",
"deny udp any any range 137 139",
"deny tcp any any range 137 139",
"deny udp any any range 161 162",
"deny udp any any eq 520",
"deny udp any any eq 111",
"deny udp any any eq 22289",
"deny udp any any eq 1710",
"deny udp any any eq 1048",
"deny udp any any eq 158",
"deny udp any any eq 515";
}
lowoutput {
policy = "permit";
}
highinput {
policy = "permit";
}
highoutput {
policy = "permit";
accesslist =
"reject ip any 242.0.0.0 255.0.0.0",
"deny ip any host 255.255.255.255",
"reject ip any 169.254.0.0 255.255.0.0",
"reject udp any any eq 135",
"reject tcp any any eq 135",
"reject udp any any range 137 139",
"reject tcp any any range 137 139",
"reject udp any any range 161 162",
"reject udp any any eq 520",
"reject udp any any eq 111",
"reject udp any any eq 22289",
"reject udp any any eq 1710",
"reject udp any any eq 1048",
"reject udp any any eq 158",
"reject udp any any eq 515",
"reject icmp any 149.1.1.0 255.255.255.0";
}
forwardrules = "udp 0.0.0.0:5060 0.0.0.0:5060",
"udp 0.0.0.0:7078 0.0.0.0:7078",
"udp 0.0.0.0:7079 0.0.0.0:7079",
"udp 0.0.0.0:7080 0.0.0.0:7080",
"udp 0.0.0.0:7081 0.0.0.0:7081",
"udp 0.0.0.0:7082 0.0.0.0:7082",
"udp 0.0.0.0:7083 0.0.0.0:7083",
"udp 0.0.0.0:7084 0.0.0.0:7084",
"udp 0.0.0.0:7085 0.0.0.0:7085",
"udp 0.0.0.0:7086 0.0.0.0:7086",
"udp 0.0.0.0:7087 0.0.0.0:7087",
"udp 0.0.0.0:7089 0.0.0.0:7089",
"udp 0.0.0.0:7090 0.0.0.0:7090",
"udp 0.0.0.0:7091 0.0.0.0:7091",
"udp 0.0.0.0:7092 0.0.0.0:7092",
"udp 0.0.0.0:7093 0.0.0.0:7093",
"udp 0.0.0.0:7094 0.0.0.0:7094",
"udp 0.0.0.0:7095 0.0.0.0:7095",
"udp 0.0.0.0:7096 0.0.0.0:7096",
"udp 0.0.0.0:7097 0.0.0.0:7097";
shaper = "globalshaper";
}
} {
name = "voip";
ppptarget = "voip";
stay_always_online = yes;
username_prefix_after_auth_failure = "";
dsldpconfig {
security = dpsec_firewall;
lowinput {
policy = "permit";
accesslist = "permit udp any any",
"permit icmp any any",
"deny ip any host 255.255.255.255",
"reject ip any any";
}
lowoutput {
policy = "permit";
}
highinput {
policy = "permit";
}
highoutput {
policy = "permit";
accesslist = "permit udp any any",
"reject ip any any";
}
forwardrules = "udp 0.0.0.0:5060 0.0.0.0:5060",
"udp 0.0.0.0:7078 0.0.0.0:7078",
"udp 0.0.0.0:7079 0.0.0.0:7079",
"udp 0.0.0.0:7080 0.0.0.0:7080",
"udp 0.0.0.0:7081 0.0.0.0:7081",
"udp 0.0.0.0:7082 0.0.0.0:7082",
"udp 0.0.0.0:7083 0.0.0.0:7083",
"udp 0.0.0.0:7084 0.0.0.0:7084",
"udp 0.0.0.0:7085 0.0.0.0:7085",
"udp 0.0.0.0:7086 0.0.0.0:7086",
"udp 0.0.0.0:7087 0.0.0.0:7087",
"udp 0.0.0.0:7089 0.0.0.0:7089",
"udp 0.0.0.0:7090 0.0.0.0:7090",
"udp 0.0.0.0:7091 0.0.0.0:7091",
"udp 0.0.0.0:7092 0.0.0.0:7092",
"udp 0.0.0.0:7093 0.0.0.0:7093",
"udp 0.0.0.0:7094 0.0.0.0:7094",
"udp 0.0.0.0:7095 0.0.0.0:7095",
"udp 0.0.0.0:7096 0.0.0.0:7096",
"udp 0.0.0.0:7097 0.0.0.0:7097";
shaper = "globalshaper";
}
}
targets {
type = pppcfg_target_internet;
name = "internet";
only_crypt_auth = no;
local {
username = "";
passwd = "";
}
remoteauth = pppcfg_authtype_chap;
remote {
}
inactivity_timeout = 5m;
bProviderDisconnectPrevention = yes;
ProviderDisconnectPreventionInterval = 1d;
ProviderDisconnectPreventionHour = 3;
} {
type = pppcfg_target_internet;
name = "voip";
only_crypt_auth = no;
local {
username = "";
passwd = "";
}
remoteauth = pppcfg_authtype_chap;
remote {
}
inactivity_timeout = 0w;
bProviderDisconnectPrevention = yes;
ProviderDisconnectPreventionInterval = 1d;
ProviderDisconnectPreventionHour = 3;
}
dslglobalconfig {
autodetect = yes;
templates {
VPI = 1;
VCI = 32;
encap = dslencap_pppoe;
} {
VPI = 8;
VCI = 35;
encap = dslencap_pppoe;
} {
VPI = 8;
VCI = 48;
encap = dslencap_pppoe;
} {
VPI = 8;
VCI = 48;
encap = dslencap_pppoa;
} {
VPI = 8;
VCI = 48;
encap = dslencap_pppoa_llc;
} {
VPI = 8;
VCI = 67;
encap = dslencap_pppoa;
} {
VPI = 8;
VCI = 67;
encap = dslencap_pppoa_llc;
} {
VPI = 8;
VCI = 64;
encap = dslencap_pppoa;
} {
VPI = 8;
VCI = 36;
encap = dslencap_pppoe;
} {
VPI = 0;
VCI = 35;
encap = dslencap_pppoa;
} {
VPI = 0;
VCI = 35;
encap = dslencap_pppoa_llc;
} {
VPI = 0;
VCI = 35;
encap = dslencap_pppoe;
} {
VPI = 9;
VCI = 35;
encap = dslencap_pppoe;
} {
VPI = 1;
VCI = 32;
encap = dslencap_pppoa;
} {
VPI = 1;
VCI = 32;
encap = dslencap_pppoa_llc;
} {
VPI = 0;
VCI = 32;
encap = dslencap_pppoe;
} {
VPI = 0;
VCI = 32;
encap = dslencap_pppoa;
} {
VPI = 0;
VCI = 32;
encap = dslencap_pppoa_llc;
} {
VPI = 0;
VCI = 34;
encap = dslencap_pppoe;
} {
VPI = 0;
VCI = 34;
encap = dslencap_pppoa;
} {
VPI = 0;
VCI = 34;
encap = dslencap_pppoa_llc;
} {
VPI = 0;
VCI = 33;
encap = dslencap_pppoe;
} {
VPI = 8;
VCI = 32;
encap = dslencap_pppoe;
} {
VPI = 8;
VCI = 32;
encap = dslencap_pppoa;
} {
VPI = 8;
VCI = 32;
encap = dslencap_pppoa_llc;
} {
VPI = 0;
VCI = 38;
encap = dslencap_pppoa;
} {
VPI = 0;
VCI = 38;
encap = dslencap_pppoa_llc;
} {
VPI = 8;
VCI = 35;
encap = dslencap_pppoa;
} {
VPI = 8;
VCI = 35;
encap = dslencap_pppoa_llc;
} {
VPI = 0;
VCI = 81;
encap = dslencap_pppoe;
} {
VPI = 0;
VCI = 81;
encap = dslencap_pppoa;
} {
VPI = 0;
VCI = 81;
encap = dslencap_pppoa_llc;
} {
VPI = 8;
VCI = 81;
encap = dslencap_pppoe;
} {
VPI = 8;
VCI = 81;
encap = dslencap_pppoa;
} {
VPI = 8;
VCI = 81;
encap = dslencap_pppoa_llc;
} {
VPI = 0;
VCI = 100;
encap = dslencap_pppoe;
} {
VPI = 0;
VCI = 100;
encap = dslencap_pppoa;
} {
VPI = 0;
VCI = 100;
encap = dslencap_pppoa_llc;
} {
VPI = 1;
VCI = 50;
encap = dslencap_pppoe;
}
}
shapers {
name = "globalshaper";
OutFragmentWhenVoIP = 0;
shaperconnection {
enabled = yes;
targets = "";
name = "Fritz!Box";
limiters {
name = "default-out";
bps_limit {
limit_total = 100;
limit_p0 = 0;
limit_p1 = 95;
limit_p2 = 95;
limit_p3 = 0;
}
pps_limit {
limit_total = 0;
limit_p0 = 0;
limit_p1 = 0;
limit_p2 = 0;
limit_p3 = 0;
}
min_priority = 0;
max_priority = 3;
grouping_by_source_ip = no;
grouping_by_dest_ip = no;
grouping_by_source_port = no;
grouping_by_dest_port = no;
dynamic_balancing = no;
bps_child_limit {
limit_total = 0;
limit_p0 = 0;
limit_p1 = 0;
limit_p2 = 0;
limit_p3 = 0;
}
pps_child_limit {
limit_total = 0;
limit_p0 = 0;
limit_p1 = 0;
limit_p2 = 0;
limit_p3 = 0;
}
shapeOutgoingOnIncomingCounters = no;
} {
name = "default-in";
bps_limit {
limit_total = 0;
limit_p0 = 0;
limit_p1 = 0;
limit_p2 = 0;
limit_p3 = 0;
}
pps_limit {
limit_total = 0;
limit_p0 = 0;
limit_p1 = 0;
limit_p2 = 0;
limit_p3 = 0;
}
min_priority = 0;
max_priority = 0;
grouping_by_source_ip = no;
grouping_by_dest_ip = no;
grouping_by_source_port = no;
grouping_by_dest_port = no;
dynamic_balancing = no;
bps_child_limit {
limit_total = 0;
limit_p0 = 0;
limit_p1 = 0;
limit_p2 = 0;
limit_p3 = 0;
}
pps_child_limit {
limit_total = 0;
limit_p0 = 0;
limit_p1 = 0;
limit_p2 = 0;
limit_p3 = 0;
}
shapeOutgoingOnIncomingCounters = no;
}
out_rules {
name = "fon-rtp";
filter = "tc:rtp,sip";
priority = 3;
limiters = "default-out";
} {
name = "download-tcp-ack";
filter = "tc:tcp_ack";
priority = 2;
limiters = "default-out";
} {
name = "dns";
filter = "tc:dns,sipdns,ntpdns,tr069dns";
priority = 1;
limiters = "default-out";
} {
name = "http-requests";
filter = "tc:http_req,tr069";
priority = 1;
limiters = "default-out";
} {
name = "pri-out";
filter = "tc:icmp";
priority = 1;
limiters = "default-out";
} {
name = "default";
filter = "";
priority = 0;
limiters = "default-out";
}
in_rules {
name = "default";
filter = "";
priority = 0;
limiters = "default-in";
}
demasquerade = no;
}
}
}
qos {
always_set_tos = no;
rules {
tcclass = "sip";
rules = "udp.dport 5060";
} {
tcclass = "dns";
rules = "udp.dport 53";
} {
tcclass = "http_req";
rules = "tcp.dport 80 ip.len <= 800",
"tcp.dport 8080 ip.len <= 800",
"tcp.dport 3128 ip.len <= 800";
} {
tcclass = "tcp_ack";
rules = "ip.proto == tcp ip.len <= 64";
} {
tcclass = "icmp";
rules = "ip.proto == icmp";
}
}
// EOF