Auteur Sujet: [FTTH] TP-Link Archer C7 v2 sous LEDE 18.06.1 - Bouygues VLAN 100 (Lu 1847 fois)

zode94 · « **le:** 14 octobre 2018 à 14:16:38 »

Bonjour,

Pour les intéressés, voici ma config TP-Link Archer C7 v2 sous LEDE 18.06.1 - Bouygues VLAN 100

Documentations

PPTP : https://wiki.openwrt.org/doc/howto/vpn.nat.pptp

IPTV : https://wiki.openwrt.org/doc/howto/udp_multicast

Fichiers de configuration

firewall

Code: [Sélectionner]

config defaults
	option syn_flood '1'
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'REJECT'

config zone
	option name 'lan'
	list network 'lan'
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'ACCEPT'

config zone
	option name 'wan'
	list network 'wan'
	list network 'wan6'
	option input 'REJECT'
	option output 'ACCEPT'
	option forward 'REJECT'
	option masq '1'
	option mtu_fix '1'

config forwarding
	option src 'lan'
	option dest 'wan'

config rule
	option name 'Allow-DHCP-Renew'
	option src 'wan'
	option proto 'udp'
	option dest_port '68'
	option target 'ACCEPT'
	option family 'ipv4'

config rule
	option name 'Allow-Ping'
	option src 'wan'
	option proto 'icmp'
	option icmp_type 'echo-request'
	option family 'ipv4'
	option target 'ACCEPT'

config rule
	option name 'Allow-IGMP'
	option src 'wan'
	option proto 'igmp'
	option family 'ipv4'
	option target 'ACCEPT'

config rule
	option name 'Allow-DHCPv6'
	option src 'wan'
	option proto 'udp'
	option src_ip 'fc00::/6'
	option dest_ip 'fc00::/6'
	option dest_port '546'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-MLD'
	option src 'wan'
	option proto 'icmp'
	option src_ip 'fe80::/10'
	list icmp_type '130/0'
	list icmp_type '131/0'
	list icmp_type '132/0'
	list icmp_type '143/0'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-ICMPv6-Input'
	option src 'wan'
	option proto 'icmp'
	list icmp_type 'echo-request'
	list icmp_type 'echo-reply'
	list icmp_type 'destination-unreachable'
	list icmp_type 'packet-too-big'
	list icmp_type 'time-exceeded'
	list icmp_type 'bad-header'
	list icmp_type 'unknown-header-type'
	list icmp_type 'router-solicitation'
	list icmp_type 'neighbour-solicitation'
	list icmp_type 'router-advertisement'
	list icmp_type 'neighbour-advertisement'
	option limit '1000/sec'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-ICMPv6-Forward'
	option src 'wan'
	option dest '*'
	option proto 'icmp'
	list icmp_type 'echo-request'
	list icmp_type 'echo-reply'
	list icmp_type 'destination-unreachable'
	list icmp_type 'packet-too-big'
	list icmp_type 'time-exceeded'
	list icmp_type 'bad-header'
	list icmp_type 'unknown-header-type'
	option limit '1000/sec'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-IPSec-ESP'
	option src 'wan'
	option dest 'lan'
	option proto 'esp'
	option target 'ACCEPT'

config rule
	option name 'Allow-ISAKMP'
	option src 'wan'
	option dest 'lan'
	option dest_port '500'
	option proto 'udp'
	option target 'ACCEPT'

config rule
        option src      wan
        option proto    igmp
        option target   ACCEPT
config rule
        option src      wan
        option proto    udp
        option dest     lan
        option dest_ip  224.0.0.0/4
        option target   ACCEPT
        option family   ipv4

config rule
	option src 'wan'
	option proto ''
	option target 'ACCEPT'
	option dest 'lan'

igmpproxy

Code: [Sélectionner]

config igmpproxy
        option quickleave 1

config phyint
        option network wan
        option direction upstream
        list altnet 0.0.0.0/0

config phyint
        option network lan
        option direction downstream

igmpproxy-opkg

Code: [Sélectionner]

config igmpproxy
        option quickleave 1

config phyint
        option network wan
        option direction upstream
        list altnet 0.0.0.0/0

config phyint
        option network lan
        option direction downstream

network

Code: [Sélectionner]

config interface 'loopback'
	option ifname 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'xxxxxxxxxx::/48'

config interface 'lan'
	option type 'bridge'
        option igmp_snooping 1
	option ifname 'eth1'
	option proto 'static'
	option netmask '255.255.255.0'
	option ipaddr '192.168.1.1'

config interface 'wan'
	option proto 'dhcp'
	option delegate '0'
	option vendorid 'BYGTELIAD'
	option igmp_snooping '1'
	option ifname 'eth0.100'
	option macaddr 'XXXXXXXXXXXXXXX'

config interface 'wan6'
	option ifname 'eth0.100'
	option _orig_ifname 'eth0.100'
	option _orig_bridge 'false'
	option proto 'none'

config switch
	option name 'switch0'
	option reset '1'
	option enable_vlan '1'

config switch_vlan
	option device 'switch0'
	option vlan '1'
	option ports '2 3 4 5 0'

config switch_vlan
	option device 'switch0'
	option vlan '2'
	option vid '100'
	option ports '1t 6t'

Auteur Sujet: [FTTH] TP-Link Archer C7 v2 sous LEDE 18.06.1 - Bouygues VLAN 100 (Lu 1847 fois)

zode94

[FTTH] TP-Link Archer C7 v2 sous LEDE 18.06.1 - Bouygues VLAN 100