Rudschuba0
Aktives Mitglied
Thread Starter
- Dabei seit
- 01.11.2004
- Beiträge
- 194
- Reaktionspunkte
- 1
hmm... hier nochmal meine aktuelle base! kannst da ja nochmal schuen... habe am anfang etwas raus genommen... weil es sonst nicht ins forum past!
# Ether networks used with IP protocol:
#------------------------------------------------------------------------------
IP_ETH_N='1' #number of ip ethernet networks, usually 1
IP_ETH_1_NAME='' #optional: other device name than ethX
IP_ETH_1_IPADDR='192.168.6.1' #IP address of your nth ethernet card
IP_ETH_1_NETWORK='192.168.6.0' #network of your LAN
IP_ETH_1_NETMASK='255.255.255.0' #netmask of your LAN
#------------------------------------------------------------------------------
# Additional routes, optional
#------------------------------------------------------------------------------
IP_DEFAULT_GATEWAY='' #normally not used, read documentation!
IP_ROUTE_N='0' #number of additional routes
IP_ROUTE_1='192.168.7.0 255.255.255.0 192.168.6.99'# network netmask gateway
#------------------------------------------------------------------------------
# Masquerading:
#------------------------------------------------------------------------------
MASQ_NETWORK='192.168.6.0/24' #networks to masquerade (e.g. our LAN)
MASQ_MODULE_N='1' #load n masq modules (default: only ftp)
MASQ_MODULE_1='ftp' #ftp
MASQ_MODULE_2='h323' #h323 (netmeeting)
MASQ_MODULE_3='icq' #icq (use with caution!)
MASQ_MODULE_4='irc' #irc
MASQ_MODULE_5='raudio' #raudio
MASQ_MODULE_6='vdolive' #vdolive
MASQ_MODULE_7='quake' #quake
MASQ_MODULE_8='cuseeme' #cuseeme
MASQ_MODULE_9='mms' #MSN-Filetransfer
MASQ_MODULE_10='pptp' #pptp
MASQ_MODULE_11='ipsec' #ipsec
MASQ_MODULE_12='dplay' #dplay (direct play)
MASQ_MODULE_13='msn-0.02' #msn zone (use version 0.01 or 0.02)
MASQ_MODULE_14='udp_dloose' #pseudo mod: some internet games need it
MASQ_FTP_PORT_N='0' #using ftp masq-module on different ports
MASQ_FTP_PORT_1='21' #standard ftp port
MASQ_FTP_PORT_2='2021' #additional port
#------------------------------------------------------------------------------
# Optional package: PORTFW
#
# If you set OPT_PORTFW='yes', you can also edit opt/etc/portfw.sh
#------------------------------------------------------------------------------
OPT_PORTFW='no' #install port forwarding tools/modules
PORTFW_N='0' #how many portforwardings to set up
PORTFW_1='8080 192.168.6.15:80 tcp' #sample 1: forward ext. port 8080 to int.
# host 192.168.6.15 to port 80 (use tcp)
PORTFW_2='3000-3010 192.168.6.15 tcp' #sample 2: forward portrange to int. host
# 192.168.5.15 (use tcp)
#------------------------------------------------------------------------------
# Routing without masquerading
#------------------------------------------------------------------------------
ROUTE_NETWORK='' #optional: route from/to network, no masq
#------------------------------------------------------------------------------
# Routing: internal hosts to deny forwarding
#------------------------------------------------------------------------------
FORWARD_DENY_HOST_N='0' #number of denied hosts
FORWARD_DENY_HOST_1='192.168.6.5' #optional: 1st denied host
FORWARD_DENY_HOST_2='192.168.6.6' #optional: 2nd denied host
#------------------------------------------------------------------------------
# Routing: ports to reject/deny forwarding (from inside and outside!)
#------------------------------------------------------------------------------
FORWARD_DENY_PORT_N='1' #no. of ports to reject/deny forwarding
FORWARD_DENY_PORT_1='137:139 REJECT' #deny/reject forwarding of netbios
FORWARD_TRUSTED_NETS='' #but allow forwarding between LANs
#------------------------------------------------------------------------------
# Firewall: ports to reject/deny from outside (all served ports)
#
# here we leave two ports untouched:
#
# 53 dns
# 113 auth
#------------------------------------------------------------------------------
FIREWALL_DENY_PORT_N='6' #no. of ports to reject/deny
FIREWALL_DENY_PORT_1='0:52 REJECT' #privileged ports: reject or deny
FIREWALL_DENY_PORT_2='54:112 REJECT' #privileged ports: reject or deny
FIREWALL_DENY_PORT_3='114:1023 REJECT' #privileged ports: reject or deny
FIREWALL_DENY_PORT_4='5000:5001 REJECT' #imond/telmond ports: reject or deny
FIREWALL_DENY_PORT_5='8000 REJECT' #proxy access: reject or deny
FIREWALL_DENY_PORT_6='20012 REJECT' #vbox server access: reject or deny
FIREWALL_DENY_ICMP='no' #deny icmp (ping): yes or no
FIREWALL_LOG='yes' #log access to rejected/denied ports
#------------------------------------------------------------------------------
# Domain configuration:
#------------------------------------------------------------------------------
START_DNS='yes' #start dns server: yes or no
DNS_FORWARDERS='192.76.144.66' #DNS servers of your provider, e.g. MSN
DNS_VERBOSE='no' #log queries in /usr/local/ens/ens.log
DOMAIN_NAME='lan.fli4l' #your domain name
DNS_FORBIDDEN_N='0' #number of forbidden domains
DNS_FORBIDDEN_1='foo.bar' #1st forbidden domain
DNS_FORBIDDEN_2='bar.foo' #2nd forbidden domain
HOSTS_N='8' #number of hosts in your domain
#------------------------------------------------------------------------------
# Special DNS configuration
#------------------------------------------------------------------------------
DNS_N='0' #number of special dns servers, normally 0
#DNS_1='firma.de 192.168.1.12' # 1st special dns server for firma.de
#DNS_2='lan.firma.de 192.168.2.12' # 2nd special dns server for lan.firma.de
#------------------------------------------------------------------------------
# imond configuration:
#------------------------------------------------------------------------------
START_IMOND='yes' #start imond: yes or no
IMOND_PORT='5000' #TCP-Port, see also FIREWALL_DENY_PORT_x!
IMOND_PASS='' #imond-password, may be empty
IMOND_ADMIN_PASS='' #imond-admin-password, may be empty
IMOND_LED='' #tty for led: com1 - com4 or empty
IMOND_BEEP='yes' #beep if connection going up/down
IMOND_LOG='yes' #log /var/log/imond.log: yes or no
IMOND_LOGDIR='/var/log' #log-directory, e.g. /var/log
IMOND_ENABLE='yes' #accept "enable/disable" commands
IMOND_DIAL='yes' #accept "dial/hangup" commands
IMOND_ROUTE='yes' #accept "route" command
IMOND_REBOOT='yes' #accept "reboot" command
#------------------------------------------------------------------------------
# Generic circuit configuration:
#------------------------------------------------------------------------------
IP_DYN_ADDR='yes' #use dyn. ip addresses (most providers do)
DIALMODE='manual' #standard dialmode: auto, manual, or off
#------------------------------------------------------------------------------
# optional package: syslogd
#------------------------------------------------------------------------------
OPT_SYSLOGD='yes' #start syslogd: yes or no
SYSLOGD_DEST_N='1' #number of destinations
SYSLOGD_DEST_1='*.* /dev/console' #nth prio & destination of syslog msgs
SYSLOGD_DEST_2='*.* @192.168.6.2' #example: loghost 192.168.6.2
SYSLOGD_DEST_3='kern.info /var/log/dial.log'# example: log infos
#------------------------------------------------------------------------------
# optional package: klogd
#------------------------------------------------------------------------------
OPT_KLOGD='no' #start klogd: yes or no
#------------------------------------------------------------------------------
# optional package: y2k correction
#------------------------------------------------------------------------------
OPT_Y2K='no' #y2k correction: yes or no
Y2K_DAYS='' #correct hardware Y2K-Bug: add x days
#------------------------------------------------------------------------------
# Optional package: PNP
#------------------------------------------------------------------------------
OPT_PNP='no' #install isapnp tools: yes or no
HOST_1='192.168.6.1 client1'
HOST_2='192.168.6.2 client2'
HOST_3='192.168.6.3 client3'
HOST_4='192.168.6.4 client4'
HOST_5='192.168.6.5 client5'
HOST_6='192.168.6.6 client6'
HOST_7='192.168.6.7 client7'
HOST_8='192.168.6.8 client8'
# Ether networks used with IP protocol:
#------------------------------------------------------------------------------
IP_ETH_N='1' #number of ip ethernet networks, usually 1
IP_ETH_1_NAME='' #optional: other device name than ethX
IP_ETH_1_IPADDR='192.168.6.1' #IP address of your nth ethernet card
IP_ETH_1_NETWORK='192.168.6.0' #network of your LAN
IP_ETH_1_NETMASK='255.255.255.0' #netmask of your LAN
#------------------------------------------------------------------------------
# Additional routes, optional
#------------------------------------------------------------------------------
IP_DEFAULT_GATEWAY='' #normally not used, read documentation!
IP_ROUTE_N='0' #number of additional routes
IP_ROUTE_1='192.168.7.0 255.255.255.0 192.168.6.99'# network netmask gateway
#------------------------------------------------------------------------------
# Masquerading:
#------------------------------------------------------------------------------
MASQ_NETWORK='192.168.6.0/24' #networks to masquerade (e.g. our LAN)
MASQ_MODULE_N='1' #load n masq modules (default: only ftp)
MASQ_MODULE_1='ftp' #ftp
MASQ_MODULE_2='h323' #h323 (netmeeting)
MASQ_MODULE_3='icq' #icq (use with caution!)
MASQ_MODULE_4='irc' #irc
MASQ_MODULE_5='raudio' #raudio
MASQ_MODULE_6='vdolive' #vdolive
MASQ_MODULE_7='quake' #quake
MASQ_MODULE_8='cuseeme' #cuseeme
MASQ_MODULE_9='mms' #MSN-Filetransfer
MASQ_MODULE_10='pptp' #pptp
MASQ_MODULE_11='ipsec' #ipsec
MASQ_MODULE_12='dplay' #dplay (direct play)
MASQ_MODULE_13='msn-0.02' #msn zone (use version 0.01 or 0.02)
MASQ_MODULE_14='udp_dloose' #pseudo mod: some internet games need it
MASQ_FTP_PORT_N='0' #using ftp masq-module on different ports
MASQ_FTP_PORT_1='21' #standard ftp port
MASQ_FTP_PORT_2='2021' #additional port
#------------------------------------------------------------------------------
# Optional package: PORTFW
#
# If you set OPT_PORTFW='yes', you can also edit opt/etc/portfw.sh
#------------------------------------------------------------------------------
OPT_PORTFW='no' #install port forwarding tools/modules
PORTFW_N='0' #how many portforwardings to set up
PORTFW_1='8080 192.168.6.15:80 tcp' #sample 1: forward ext. port 8080 to int.
# host 192.168.6.15 to port 80 (use tcp)
PORTFW_2='3000-3010 192.168.6.15 tcp' #sample 2: forward portrange to int. host
# 192.168.5.15 (use tcp)
#------------------------------------------------------------------------------
# Routing without masquerading
#------------------------------------------------------------------------------
ROUTE_NETWORK='' #optional: route from/to network, no masq
#------------------------------------------------------------------------------
# Routing: internal hosts to deny forwarding
#------------------------------------------------------------------------------
FORWARD_DENY_HOST_N='0' #number of denied hosts
FORWARD_DENY_HOST_1='192.168.6.5' #optional: 1st denied host
FORWARD_DENY_HOST_2='192.168.6.6' #optional: 2nd denied host
#------------------------------------------------------------------------------
# Routing: ports to reject/deny forwarding (from inside and outside!)
#------------------------------------------------------------------------------
FORWARD_DENY_PORT_N='1' #no. of ports to reject/deny forwarding
FORWARD_DENY_PORT_1='137:139 REJECT' #deny/reject forwarding of netbios
FORWARD_TRUSTED_NETS='' #but allow forwarding between LANs
#------------------------------------------------------------------------------
# Firewall: ports to reject/deny from outside (all served ports)
#
# here we leave two ports untouched:
#
# 53 dns
# 113 auth
#------------------------------------------------------------------------------
FIREWALL_DENY_PORT_N='6' #no. of ports to reject/deny
FIREWALL_DENY_PORT_1='0:52 REJECT' #privileged ports: reject or deny
FIREWALL_DENY_PORT_2='54:112 REJECT' #privileged ports: reject or deny
FIREWALL_DENY_PORT_3='114:1023 REJECT' #privileged ports: reject or deny
FIREWALL_DENY_PORT_4='5000:5001 REJECT' #imond/telmond ports: reject or deny
FIREWALL_DENY_PORT_5='8000 REJECT' #proxy access: reject or deny
FIREWALL_DENY_PORT_6='20012 REJECT' #vbox server access: reject or deny
FIREWALL_DENY_ICMP='no' #deny icmp (ping): yes or no
FIREWALL_LOG='yes' #log access to rejected/denied ports
#------------------------------------------------------------------------------
# Domain configuration:
#------------------------------------------------------------------------------
START_DNS='yes' #start dns server: yes or no
DNS_FORWARDERS='192.76.144.66' #DNS servers of your provider, e.g. MSN
DNS_VERBOSE='no' #log queries in /usr/local/ens/ens.log
DOMAIN_NAME='lan.fli4l' #your domain name
DNS_FORBIDDEN_N='0' #number of forbidden domains
DNS_FORBIDDEN_1='foo.bar' #1st forbidden domain
DNS_FORBIDDEN_2='bar.foo' #2nd forbidden domain
HOSTS_N='8' #number of hosts in your domain
#------------------------------------------------------------------------------
# Special DNS configuration
#------------------------------------------------------------------------------
DNS_N='0' #number of special dns servers, normally 0
#DNS_1='firma.de 192.168.1.12' # 1st special dns server for firma.de
#DNS_2='lan.firma.de 192.168.2.12' # 2nd special dns server for lan.firma.de
#------------------------------------------------------------------------------
# imond configuration:
#------------------------------------------------------------------------------
START_IMOND='yes' #start imond: yes or no
IMOND_PORT='5000' #TCP-Port, see also FIREWALL_DENY_PORT_x!
IMOND_PASS='' #imond-password, may be empty
IMOND_ADMIN_PASS='' #imond-admin-password, may be empty
IMOND_LED='' #tty for led: com1 - com4 or empty
IMOND_BEEP='yes' #beep if connection going up/down
IMOND_LOG='yes' #log /var/log/imond.log: yes or no
IMOND_LOGDIR='/var/log' #log-directory, e.g. /var/log
IMOND_ENABLE='yes' #accept "enable/disable" commands
IMOND_DIAL='yes' #accept "dial/hangup" commands
IMOND_ROUTE='yes' #accept "route" command
IMOND_REBOOT='yes' #accept "reboot" command
#------------------------------------------------------------------------------
# Generic circuit configuration:
#------------------------------------------------------------------------------
IP_DYN_ADDR='yes' #use dyn. ip addresses (most providers do)
DIALMODE='manual' #standard dialmode: auto, manual, or off
#------------------------------------------------------------------------------
# optional package: syslogd
#------------------------------------------------------------------------------
OPT_SYSLOGD='yes' #start syslogd: yes or no
SYSLOGD_DEST_N='1' #number of destinations
SYSLOGD_DEST_1='*.* /dev/console' #nth prio & destination of syslog msgs
SYSLOGD_DEST_2='*.* @192.168.6.2' #example: loghost 192.168.6.2
SYSLOGD_DEST_3='kern.info /var/log/dial.log'# example: log infos
#------------------------------------------------------------------------------
# optional package: klogd
#------------------------------------------------------------------------------
OPT_KLOGD='no' #start klogd: yes or no
#------------------------------------------------------------------------------
# optional package: y2k correction
#------------------------------------------------------------------------------
OPT_Y2K='no' #y2k correction: yes or no
Y2K_DAYS='' #correct hardware Y2K-Bug: add x days
#------------------------------------------------------------------------------
# Optional package: PNP
#------------------------------------------------------------------------------
OPT_PNP='no' #install isapnp tools: yes or no
HOST_1='192.168.6.1 client1'
HOST_2='192.168.6.2 client2'
HOST_3='192.168.6.3 client3'
HOST_4='192.168.6.4 client4'
HOST_5='192.168.6.5 client5'
HOST_6='192.168.6.6 client6'
HOST_7='192.168.6.7 client7'
HOST_8='192.168.6.8 client8'