# # # # # # # # # # # # # # # # # # # # # # # # # # # # corz "default stealth" BT voyager 205 config # # see here for more details.. # # http://corz.org/comms/hardware/router/ # # tests: # # v1.8 100% AOK! # v1.6 100% AOK! # # this is the user/pass you use to login to telnet create user name admin passwd admin root # in <= v1.6 you can set this to 512.. # note: no "modify" in v1.8 nbsize maxipsess 511 # outside the UK, you might need to change this.. size maxvc 8 max1483vc 8 maxppe 8 # or some other big number. modify ppp global pppsesstimer 9999 keepalive enable modify system contact "cor.. http://corz.org/" model "Viking" location "http://corz.org/comms/hardware/router/" vendor "GlobespanVirata Inc.,100 Schulz Drive, Red Bank,NJ 07701,U.S.A" logthresh 1 systime "Feb 05 14:05:31 2005" dst on timezone "GMT" name "Voyager_205" dname "home" #modify system contact "GlobespanVirata Inc.,100 Schulz Drive, Red Bank,NJ 07701,U.S.A" model "Voyager205" location "GlobespanVirata Inc.,100 Schulz Drive, Red Bank,NJ 07701,U.S.A" vendor "GlobespanVirata Inc.,100 Schulz Drive, Red Bank,NJ 07701,U.S.A" logthresh 1 systime "Jan 01 01:00:15 1970" dst on timezone "GMT" name "voyager" dname "home" magicnum 2 modify bridge mode wan2wan disable modify pfraw global enable create pfraw rule entry ruleid 15 ifname private dir in act deny create pfraw rule entry ruleid 16 ifname private act deny create pfraw rule entry ruleid 17 ifname private dir in act deny create pfraw rule entry ruleid 18 ifname private act deny create pfraw rule entry ruleid 19 ifname private dir in act deny create pfraw rule entry ruleid 20 ifname private act deny create pfraw rule entry ruleid 21 ifname private dir in act deny create pfraw rule entry ruleid 22 ifname private act deny create pfraw rule entry ruleid 23 ifname private dir in act deny create pfraw rule entry ruleid 24 ifname private act deny create pfraw rule entry ruleid 25 ifname private dir in act deny create pfraw rule entry ruleid 26 ifname private act deny create pfraw rule entry ruleid 27 ifname private dir in act deny create pfraw rule entry ruleid 28 ifname private act deny create pfraw rule entry ruleid 29 ifname private dir in act deny create pfraw rule entry ruleid 30 ifname private act deny create pfraw rule entry ruleid 31 ifname private dir in act deny create pfraw rule entry ruleid 32 ifname private act deny create pfraw rule entry ruleid 33 ifname private dir in act deny create pfraw rule entry ruleid 34 ifname private act deny create pfraw rule entry ruleid 35 ifname private dir in act callmgmt create pfraw rule entry ruleid 36 ifname dmz dir in act callmgmt create pfraw rule entry ruleid 37 dir in act callmgmt create pfraw subrule entry ruleid 15 subruleid 1 mask 0xFFFF offset 12 enable cmpt range 0x8863 0x8864 create pfraw subrule entry ruleid 16 subruleid 1 mask 0xFFFF offset 12 enable cmpt range 0x8863 0x8864 create pfraw subrule entry ruleid 17 subruleid 1 mask 0xFFFFFFFF start iph offset 16 enable cmpt range 0xE0000000 0xEFFFFFFF create pfraw subrule entry ruleid 18 subruleid 1 mask 0xFFFFFFFF start iph offset 16 enable cmpt range 0xE0000000 0xEFFFFFFF create pfraw subrule entry ruleid 19 subruleid 1 mask 0xFFFF offset 12 enable cmpt eq 0x8035 create pfraw subrule entry ruleid 20 subruleid 1 mask 0xFFFF offset 12 enable cmpt eq 0x8035 create pfraw subrule entry ruleid 21 subruleid 1 mask 0xFFFF offset 12 enable cmpt eq 0x809B create pfraw subrule entry ruleid 22 subruleid 1 mask 0xFFFF offset 12 enable cmpt eq 0x809B create pfraw subrule entry ruleid 23 subruleid 1 mask 0xFFFF offset 12 enable cmpt lteq 0x05DC create pfraw subrule entry ruleid 23 subruleid 2 mask 0xFFFF offset 14 enable cmpt eq 0xF0F0 create pfraw subrule entry ruleid 24 subruleid 1 mask 0xFFFF offset 12 enable cmpt lteq 0x05DC create pfraw subrule entry ruleid 24 subruleid 2 mask 0xFFFF offset 14 enable cmpt eq 0xF0F0 create pfraw subrule entry ruleid 25 subruleid 1 mask 0xFFFF offset 12 enable cmpt range 0x8137 0x8138 create pfraw subrule entry ruleid 26 subruleid 1 mask 0xFFFF offset 12 enable cmpt range 0x8137 0x8138 create pfraw subrule entry ruleid 27 subruleid 1 mask 0xFFFFFFFFFFFF offset 0 enable cmpt eq 0x0180C2000000 create pfraw subrule entry ruleid 28 subruleid 1 mask 0xFFFFFFFFFFFF offset 0 enable cmpt eq 0x0180C2000000 create pfraw subrule entry ruleid 29 subruleid 1 mask 0xFFFF offset 12 enable cmpt eq 0x0806 create pfraw subrule entry ruleid 30 subruleid 1 mask 0xFFFF offset 12 enable cmpt eq 0x0806 create pfraw subrule entry ruleid 31 subruleid 1 mask 0xFFFF offset 0 enable cmpt eq 0x3333 create pfraw subrule entry ruleid 32 subruleid 1 mask 0xFFFF offset 0 enable cmpt eq 0x3333 create pfraw subrule entry ruleid 33 subruleid 1 mask 0xFFFF offset 12 enable cmpt eq 0x8100 create pfraw subrule entry ruleid 34 subruleid 1 mask 0xFFFF offset 12 enable cmpt eq 0x8100 create pfraw subrule entry ruleid 35 subruleid 1 mask 0xFFFF offset 12 enable cmpt range 0x8863 0x8864 create pfraw subrule entry ruleid 36 subruleid 1 mask 0xFFFF offset 12 enable cmpt range 0x8863 0x8864 create pfraw subrule entry ruleid 37 subruleid 1 mask 0xFF offset 15 enable cmpt eq 0xA7 # certain games might prefer if you disable these.. (with stealth, that would be okay) modify fwl global blistprotect enable attackprotect enable dosprotect enable # the two stealth rules. the first allows all outgoing, the second denies all incoming. create ipf rule entry ruleid 5 dir out act accept storestate enable seclevel high medium low create ipf rule entry ruleid 12201 ifname public dir in act accept transprot eq udp destport range 12201 12300 seclevel high medium low create ipf rule entry ruleid 500000 ifname public dir in log enable seclevel high medium low modify ipf global seclevel high pubdefact accept dmzdefact accept # new for v1.8 modify dhcp server cfg enable # known clients from 192.168.1.1 - 192.168.1.49, guests from 50-99, servers from 100-200. well, that's my LAN! create dhcp server pool start-ip 192.168.1.50 poolid 0 end-ip 192.168.1.99 mask 255.255.255.0 dname home gwy 192.168.1.1 enable modify snmp trap disable # note: no USB interface has been created! create ethernet intf ifname eth-0 ip 192.168.1.1 mask 255.255.255.0 # swap this for a time server close to YOU! create sntp servaddr dname ntp0.strath.ac.uk create sntp servaddr dname Time.asia.apple.com create sntp servaddr dname Time.euro.apple.com create sntp servaddr dname www.time.gov create sntp servaddr dname www.worldtimeserver.com modify sntp cfg enable modify ip cfg ttl 64 modify dsl config multi bitswap enable create atm port enable ifname atm-0 maxvc 8 oamsrc 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF create ppp security ifname default # you can put your ISP user/pass combo directly into here.. #create ppp security ifname ppp-0 chap login myusername@isp.co.uk passwd MyPassw0rd create ppp security ifname ppp-0 chap login voyager205.user@btbroadband.com create atm trfdesc trfindex 0 create atm vc intf ifname aal5-0 lowif atm-0 vpi 0 vci 38 a5maxproto 1 vcmux create ppp intf ifname ppp-0 startondata mru 1500 lowif aal5-0 droute true ppoa outside usedns true #modify nat global enable modify nat global tcpidletimeout 3600 tcpclosewait 30 tcptimeout 19 udptimeout 9 enable #modify nat global tcpidletimeout 3600 tcpclosewait 30 tcptimeout 30 udptimeout 60 enable create nat rule entry ruleid 100000 napt create nat rule entry ruleid 12201 rdr lcladdrfrom 192.168.1.3 lcladdrto 192.168.1.3 destportfrom num 12201 destportto num 12300 create alg port portno 21 prot num 6 algtype ftp create alg port portno 1701 prot num 17 algtype l2tp create alg port portno 1723 prot num 6 algtype pptp create alg port portno 554 prot num 6 algtype rtsp create alg port portno 7070 prot num 6 algtype ra create alg port portno 7648 prot num 6 algtype cuseeme create alg port portno 1719 prot num 17 algtype h323_ras create alg port portno 1720 prot num 6 algtype h323_q931 create alg port portno 6661 prot num 6 algtype mirc create alg port portno 6662 prot num 6 algtype mirc create alg port portno 6663 prot num 6 algtype mirc create alg port portno 6664 prot num 6 algtype mirc create alg port portno 6665 prot num 6 algtype mirc create alg port portno 6666 prot num 6 algtype mirc create alg port portno 6667 prot num 6 algtype mirc create alg port portno 6668 prot num 6 algtype mirc create alg port portno 6669 prot num 6 algtype mirc create alg port portno 7000 prot num 6 algtype mirc create alg port portno 161 prot num 17 algtype snmp create alg port portno 407 prot num 17 algtype timbuktu create alg port portno 6301 prot num 17 algtype sgicompcore create alg port portno 1863 prot num 6 upnpaware true algtype msnmsgr create alg port portno 389 prot num 6 algtype ldap create alg port portno 1002 prot num 6 algtype ldap create alg port portno 500 prot num 17 algtype ike create alg port portno 0 prot num 50 algtype esp create alg port portno 1503 prot num 6 upnpaware true algtype t120 create alg port portno 5060 upnpaware true algtype sip create alg port portno 5190 prot num 6 algtype icq create bridge port intf ifname eth-0 modify stp port info ifname eth-0 priority 0x80 pcost 100 create igmp intf ifname ppp-0 host #create dns servaddr priority 0 212.159.11.150 #create dns servaddr priority 1 212.159.13.150 modify mctl access httpwanaccess disable telnetwanaccess disable ftpwanaccess disable tftpwanaccess disable snmpwanaccess disable # you may want to enable this.. UPnP #modify upnp cfg nbstatus enable modify ilmi access protocol ifname atm-0 vpi 0 vci 38 proto any END