13.05.2008
Vyatta Configuration

set interfaces ethernet eth0 address 192.168.30.2/24
set interfaces ethernet eth1 address 192.168.10.1/24
set service ssh protocol-version 2
commit

set protocols static route 0.0.0.0/0 next-hop 192.168.30.1

set system name-server 192.168.10.2

set service nat rule 10 type masquerade
set service nat rule 10 source address 192.168.10.0/24
set service nat rule 10 outbound-interface eth0
commit

set vpn pptp
set vpn pptp remote-access client-ip-pool start 192.168.10.220
set vpn pptp remote-access client-ip-pool stop 192.168.10.230
set vpn pptp remote-access authentication mode radius
set vpn pptp remote-access authentication radius-server 192.168.10.2 key 12345
set vpn pptp remote-access dns-servers server-1 192.168.10.2
set vpn pptp remote-access wins-servers server-1 192.168.10.2
set vpn pptp remote-access outside-address 192.168.30.2
commit

set firewall broadcast-ping disable
set firewall log-martians enable
set firewall receive-redirects disable
set firewall send-redirects disable
set firewall syn-cookies enable
set firewall ip-src-route disable

set firewall name eth1local rule 10 action accept
set firewall name eth1local rule 10 protocol tcp
set firewall name eth1local rule 10 source address 192.168.10.2-192.168.10.10
set firewall name eth1local rule 10 destination port 22
set firewall name eth1local rule 10 destination address 192.168.10.1
set firewall name eth1local rule 10 state new enable
set firewall name eth1local rule 10 state established enable
set firewall name eth1local rule 10 state related enable
set firewall name eth1local rule 10 state invalid disable

set firewall name eth1local rule 15 action accept
set firewall name eth1local rule 15 protocol udp
set firewall name eth1local rule 15 source address 192.168.10.2
set firewall name eth1local rule 15 source port 1812
set firewall name eth1local rule 15 destination address 192.168.10.1
set firewall name eth1local rule 15 state established enable
set firewall name eth1local rule 15 state related enable
set firewall name eth1local rule 15 state invalid disable

set firewall name eth1local rule 20 action accept
set firewall name eth1local rule 20 protocol udp
set firewall name eth1local rule 20 source address 192.168.10.2
set firewall name eth1local rule 20 source port 1813
set firewall name eth1local rule 20 destination address 192.168.10.1
set firewall name eth1local rule 20 state established enable
set firewall name eth1local rule 20 state related enable
set firewall name eth1local rule 20 state invalid disable

set firewall name eth1local rule 25 action accept
set firewall name eth1local rule 25 protocol udp
set firewall name eth1local rule 25 source address 192.168.10.2
set firewall name eth1local rule 25 source port 53
set firewall name eth1local rule 25 destination address 192.168.10.1
set firewall name eth1local rule 25 state established enable
set firewall name eth1local rule 25 state related enable
set firewall name eth1local rule 25 state invalid disable

set firewall name eth1local rule 30 action accept
set firewall name eth1local rule 30 protocol icmp
set firewall name eth1local rule 30 source address 192.168.10.0/24
set firewall name eth1local rule 30 destination address 192.168.10.1
set firewall name eth1local rule 30 icmp type 0
set firewall name eth1local rule 30 icmp code 0
set firewall name eth1local rule 30 state established enable
set firewall name eth1local rule 30 state related enable
set firewall name eth1local rule 30 state invalid disable

set interfaces ethernet eth1 firewall local name eth1local
commit

set firewall name eth0local rule 10 action accept
set firewall name eth0local rule 10 protocol tcp
set firewall name eth0local rule 10 destination port 1723
set firewall name eth0local rule 10 destination address 192.168.30.2
set firewall name eth0local rule 10 state new enable
set firewall name eth0local rule 10 state established enable
set firewall name eth0local rule 10 state related enable
set firewall name eth0local rule 10 state invalid disable

set firewall name eth0local rule 15 action accept
set firewall name eth0local rule 15 protocol gre
set firewall name eth0local rule 15 destination address 192.168.30.2
set firewall name eth0local rule 15 state new enable
set firewall name eth0local rule 15 state established enable
set firewall name eth0local rule 15 state related enable
set firewall name eth0local rule 15 state invalid disable

set firewall name eth0local rule 20 action accept
set firewall name eth0local rule 20 protocol udp
set firewall name eth0local rule 20 source address 69.59.150.135
set firewall name eth0local rule 20 source port 123
set firewall name eth0local rule 20 destination address 192.168.30.2
set firewall name eth0local rule 20 state established enable
set firewall name eth0local rule 20 state related enable
set firewall name eth0local rule 20 state invalid disable

set firewall name eth0local rule 25 action accept
set firewall name eth0local rule 25 protocol icmp
set firewall name eth0local rule 25 destination address 192.168.30.2
set firewall name eth0local rule 25 icmp type 0
set firewall name eth0local rule 25 icmp code 0
set firewall name eth0local rule 25 state established enable
set firewall name eth0local rule 25 state related enable
set firewall name eth0local rule 25 state invalid disable

set firewall name eth0local rule 30 action accept
set firewall name eth0local rule 30 protocol tcp
set firewall name eth0local rule 30 destination port 22
set firewall name eth0local rule 30 destination address 192.168.30.2
set firewall name eth0local rule 30 state new enable
set firewall name eth0local rule 30 state established enable
set firewall name eth0local rule 30 state related enable
set firewall name eth0local rule 30 state invalid disable

set interfaces ethernet eth0 firewall local name eth0local
commit

set firewall name eth1in rule 10 action accept
set firewall name eth1in rule 10 protocol tcp
set firewall name eth1in rule 10 source address 192.168.10.2-192.168.10.210
set firewall name eth1in rule 10 destination port 80,443
set firewall name eth1in rule 10 destination address !192.168.10.220-192.168.10.240
set firewall name eth1in rule 10 state new enable
set firewall name eth1in rule 10 state established enable
set firewall name eth1in rule 10 state related enable
set firewall name eth1in rule 10 state invalid disable

set firewall name eth1in rule 15 action accept
set firewall name eth1in rule 15 protocol udp
set firewall name eth1in rule 15 source address 192.168.10.2
set firewall name eth1in rule 15 destination port 53
set firewall name eth1in rule 15 destination address 192.168.22.1
set firewall name eth1in rule 15 state new enable
set firewall name eth1in rule 15 state established enable
set firewall name eth1in rule 15 state related enable
set firewall name eth1in rule 15 state invalid disable

set firewall name eth1in rule 20 action accept
set firewall name eth1in rule 20 protocol all
set firewall name eth1in rule 20 source address 192.168.10.2
set firewall name eth1in rule 20 destination address 192.168.10.220-192.168.10.230
set firewall name eth1in rule 20 state established enable
set firewall name eth1in rule 20 state related enable
set firewall name eth1in rule 20 state invalid disable

set firewall name eth1in rule 30 action accept
set firewall name eth1in rule 30 protocol tcp
set firewall name eth1in rule 30 source address 192.168.10.2
set firewall name eth1in rule 30 destination address 192.168.10.235
set firewall name eth1in rule 30 source port 80
set firewall name eth1in rule 30 state established enable
set firewall name eth1in rule 30 state related enable
set firewall name eth1in rule 30 state invalid disable

set firewall name eth1in rule 35 action accept
set firewall name eth1in rule 35 protocol udp
set firewall name eth1in rule 35 source address 192.168.10.2
set firewall name eth1in rule 35 destination address 192.168.10.235
set firewall name eth1in rule 35 source port 53
set firewall name eth1in rule 35 state established enable
set firewall name eth1in rule 35 state related enable
set firewall name eth1in rule 35 state invalid disable

set interfaces ethernet eth1 firewall in name eth1in
commit

set firewall name eth0in rule 10 action accept
set firewall name eth0in rule 10 protocol tcp
set firewall name eth0in rule 10 source port 80,443
set firewall name eth0in rule 10 destination address 192.168.10.2-192.168.10.210
set firewall name eth0in rule 10 state established enable
set firewall name eth0in rule 10 state related enable
set firewall name eth0in rule 10 state invalid disable

set firewall name eth0in rule 15 action accept
set firewall name eth0in rule 15 protocol udp
set firewall name eth0in rule 15 source port 53
set firewall name eth0in rule 15 destination address 192.168.10.2
set firewall name eth0in rule 15 source address 192.168.22.1
set firewall name eth0in rule 15 state established enable
set firewall name eth0in rule 15 state related enable
set firewall name eth0in rule 15 state invalid disable

set firewall name eth0in rule 20 action accept
set firewall name eth0in rule 20 protocol tcp
set firewall name eth0in rule 20 source port 80,443
set firewall name eth0in rule 20 destination address 192.168.10.220-192.168.10.230
set firewall name eth0in rule 20 state established enable
set firewall name eth0in rule 20 state related enable
set firewall name eth0in rule 20 state invalid disable

set firewall name eth0in rule 25 action accept
set firewall name eth0in rule 25 protocol tcp
set firewall name eth0in rule 25 source port 80,443
set firewall name eth0in rule 25 destination address 192.168.10.235
set firewall name eth0in rule 25 state established enable
set firewall name eth0in rule 25 state related enable
set firewall name eth0in rule 25 state invalid disable

set interfaces ethernet eth0 firewall in name eth0in
commit

set firewall name eth1out rule 10 action accept
set firewall name eth1out rule 10 protocol all
set firewall name eth1out rule 10 destination address 192.168.10.2
set firewall name eth1out rule 10 source address 192.168.10.220-192.168.10.230
set firewall name eth1out rule 10 state new enable
set firewall name eth1out rule 10 state established enable
set firewall name eth1out rule 10 state related enable
set firewall name eth1out rule 10 state invalid disable

set firewall name eth1out rule 15 action accept
set firewall name eth1out rule 15 protocol tcp
set firewall name eth1out rule 15 destination address 192.168.10.2
set firewall name eth1out rule 15 source address 192.168.10.235
set firewall name eth1out rule 15 destination port 80
set firewall name eth1out rule 15 state new enable
set firewall name eth1out rule 15 state established enable
set firewall name eth1out rule 15 state related enable
set firewall name eth1out rule 15 state invalid disable

set firewall name eth1out rule 20 action accept
set firewall name eth1out rule 20 protocol udp
set firewall name eth1out rule 20 destination address 192.168.10.2
set firewall name eth1out rule 20 source address 192.168.10.235
set firewall name eth1out rule 20 destination port 53
set firewall name eth1out rule 20 state new enable
set firewall name eth1out rule 20 state established enable
set firewall name eth1out rule 20 state related enable
set firewall name eth1out rule 20 state invalid disable

set firewall name eth1out rule 25 action accept
set firewall name eth1out rule 25 protocol tcp
set firewall name eth1out rule 25 destination address 192.168.10.2-192.168.10.210
set firewall name eth1out rule 25 source address !192.168.10.220-192.168.10.240
set firewall name eth1out rule 25 source port 80,443
set firewall name eth1out rule 25 state established enable
set firewall name eth1out rule 25 state related enable
set firewall name eth1out rule 25 state invalid disable

set firewall name eth1out rule 30 action accept
set firewall name eth1out rule 30 protocol udp
set firewall name eth1out rule 30 destination address 192.168.10.2
set firewall name eth1out rule 30 source address 192.168.22.1
set firewall name eth1out rule 30 source port 53
set firewall name eth1out rule 30 state established enable
set firewall name eth1out rule 30 state related enable
set firewall name eth1out rule 30 state invalid disable

set interfaces ethernet eth1 firewall out name eth1out
commit

set firewall name eth0out rule 10 action accept
set firewall name eth0out rule 10 protocol tcp
set firewall name eth0out rule 10 source address 192.168.10.2-192.168.10.210
set firewall name eth0out rule 10 destination port 80,443
set firewall name eth0out rule 10 state new enable
set firewall name eth0out rule 10 state established enable
set firewall name eth0out rule 10 state related enable
set firewall name eth0out rule 10 state invalid disable

set firewall name eth0out rule 15 action accept
set firewall name eth0out rule 15 protocol udp
set firewall name eth0out rule 15 source address 192.168.10.2
set firewall name eth0out rule 15 destination address 192.168.22.1
set firewall name eth0out rule 15 destination port 53
set firewall name eth0out rule 15 state new enable
set firewall name eth0out rule 15 state established enable
set firewall name eth0out rule 15 state related enable
set firewall name eth0out rule 15 state invalid disable

set firewall name eth0out rule 20 action accept
set firewall name eth0out rule 20 protocol tcp
set firewall name eth0out rule 20 source address 192.168.10.220-192.168.10.230
set firewall name eth0out rule 20 destination port 80,443
set firewall name eth0out rule 20 state new enable
set firewall name eth0out rule 20 state established enable
set firewall name eth0out rule 20 state related enable
set firewall name eth0out rule 20 state invalid disable

set firewall name eth0out rule 25 action accept
set firewall name eth0out rule 25 protocol tcp
set firewall name eth0out rule 25 source address 192.168.10.235
set firewall name eth0out rule 25 destination port 80,443
set firewall name eth0out rule 25 state new enable
set firewall name eth0out rule 25 state established enable
set firewall name eth0out rule 25 state related enable
set firewall name eth0out rule 25 state invalid disable

set interfaces ethernet eth0 firewall out name eth0out
commit