option dest_port 22
config redirect
- option name sshalt
+ option name sshkd
option src wan
- option src_dport 2222
+ option src_dport 2202
option dest_port 22
- option dest_ip $l.3
+ option dest_ip $l.2
option dest lan
config rule
option src wan
option target ACCEPT
- option dest_port 2222
+ option dest_port 2202
+config redirect
+ option name sshfrodo
+ option src wan
+ option src_dport 2203
+ option dest_port 22
+ option dest_ip $l.3
+ option dest lan
config rule
option src wan
option target ACCEPT
- option dest_port 2220
+ option dest_port 2203
+config redirect
+ option name sshx2
+ option src wan
+ option src_dport 2205
+ option dest_port 22
+ option dest_ip $l.5
+ option dest lan
+config rule
+ option src wan
+ option target ACCEPT
+ option dest_port 2205
config redirect
+ option name sshx3
option src wan
- option src_dport 443
+ option src_dport 2207
+ option dest_port 22
+ option dest_ip $l.7
option dest lan
+config rule
+ option src wan
+ option target ACCEPT
+ option dest_port 2207
+
+config redirect
+ option name sshtp
+ option src wan
+ option src_dport 2208
+ option dest_port 22
option dest_ip $l.8
- option proto tcp
+ option dest lan
config rule
option src wan
option target ACCEPT
- option dest_port 443
- option proto tcp
+ option dest_port 2208
+
+
+config rule
+ option name sshwrt
+ option src wan
+ option target ACCEPT
+ option dest_port 2220
+
config redirect
+ option name vpntp
option src wan
option src_dport 1196
option dest lan
config redirect
+ option name httptp
option src wan
option src_dport 80
option dest lan
option dest_port 80
option proto tcp
+config redirect
+ option name httpstp
+ option src wan
+ option src_dport 443
+ option dest lan
+ option dest_ip $l.8
+ option proto tcp
+config rule
+ option src wan
+ option target ACCEPT
+ option dest_port 443
+ option proto tcp
+
config redirect
option name syncthing
option src wan
option family ipv6
config rule
- option name http-ipv6
+ option name https-ipv6
option src wan
option dest lan
- option dest_port 80
+ option dest_port 443
option target ACCEPT
option family ipv6
$l.9 bb8
$l.14 wrt3
72.14.176.105 li
+172.105.84.95 l2
# netns creation looks for next free subnet starting at 10.173, but I only
# use one, and I would keep this one as the first created.
# to start.
mkdir -p /mnt/usb/tftpboot
v cedit /etc/dnsmasq.conf <<EOF || dnsmasq_restart=true
+server=/dmarctest.b8.nz/#
+server=/_domainkey.b8.nz/#
+server=/_dmarc.b8.nz/#
+server=/ns1.b8.nz/#
+server=/ns2.b8.nz/#
+mx-host=b8.nz,mail.iankelling.org,10
+txt-record=b8.nz,"v=spf1 a ?all"
+
# https://ret2got.wordpress.com/2018/01/19/how-your-ethereum-can-be-stolen-using-dns-rebinding/
stop-dns-rebind
iankelling.org / git / automated-distro-installer / blobdiff