#!v0.1 ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; This is an ARSE (Automatic Router Scripting Engine) script ; [For Viking I chipset] ; ; for more details see here.. ; http://corz.org/windows/software/accessories/Automatic-Router-Scripting-Engine/ ; ; ; Basic Voyager 205 Setup Script ; ; This script will setup your Voyager 205 router with all the basic settings you need. ; it deletes the built-in rules, and creates a simple stealth pair. A few essential ; tweaks are also applied. If you need P2P, servers, whatever, just throw in the ; appropriate script. ; delete all the factory-preset rules that come with your Voyager205.. [deleting factory presets] delete ipf rule entry ruleid 1010 delete ipf rule entry ruleid 1020 delete ipf rule entry ruleid 1030 delete ipf rule entry ruleid 1040 delete ipf rule entry ruleid 1090 delete ipf rule entry ruleid 1190 delete ipf rule entry ruleid 1200 delete ipf rule entry ruleid 1230 delete ipf rule entry ruleid 1240 delete ipf rule entry ruleid 1250 delete ipf rule entry ruleid 1260 delete ipf rule entry ruleid 1270 delete ipf rule entry ruleid 1280 delete ipf rule entry ruleid 1290 delete ipf rule entry ruleid 1300 delete ipf rule entry ruleid 1310 delete ipf rule entry ruleid 1320 delete ipf rule entry ruleid 1330 delete ipf rule entry ruleid 1340 delete ipf rule entry ruleid 1350 ; delete the power-cycle rules. (there is a separate script *just* for those, ; and an application "RAD" that is dedicated to just this task.) ; automatical insertoids.. [deleting auto-rules (same as old RAD)] delete ipf rule entry ruleid 8 delete ipf rule entry ruleid 10 delete ipf rule entry ruleid 11 delete ipf rule entry ruleid 12 delete ipf rule entry ruleid 27 delete ipf rule entry ruleid 28 delete ipf rule entry ruleid 29 delete ipf rule entry ruleid 30 delete ipf rule entry ruleid 32 delete ipf rule entry ruleid 47 delete ipf rule entry ruleid 48 delete ipf rule entry ruleid 49 delete ipf rule entry ruleid 50 delete ipf rule entry ruleid 51 delete ipf rule entry ruleid 52 delete ipf rule entry ruleid 67 delete ipf rule entry ruleid 68 delete ipf rule entry ruleid 69 delete ipf rule entry ruleid 70 delete ipf rule entry ruleid 71 delete ipf rule entry ruleid 72 delete ipf rule entry ruleid 73 delete ipf rule entry ruleid 74 delete ipf rule entry ruleid 87 delete ipf rule entry ruleid 88 delete ipf rule entry ruleid 90 delete ipf rule entry ruleid 91 delete ipf rule entry ruleid 92 delete ipf rule entry ruleid 93 delete ipf rule entry ruleid 94 delete ipf rule entry ruleid 107 delete ipf rule entry ruleid 108 [enabling stealth firewall] ; stealth.. ; this rule allows all outgoing communication from Local Area Network >> INTERNET create ipf rule entry ruleid 5 dir out act accept storestate enable seclevel high medium low ; this rule denies all traffic from INTERNET >> LAN create ipf rule entry ruleid 500000 ifname public dir in log enable seclevel high medium low ; two rules, that's it! ; set security level to high (low, medium or high, don't matter; all rules are for all settings) modify ipf global seclevel high pubdefact accept dmzdefact accept [performing essential tweaks..] ; essential tweaks.. nbsize maxipsess 511 ; just in case. some foreign ISP's like to keep this enabled. tut tut! modify mctl access httpwanaccess disable telnetwanaccess disable ftpwanaccess disable tftpwanaccess disable snmpwanaccess disable ; ppp time-outs.. modify ppp global pppsesstimer 9999 keepalive enable ; tweak the NAT / timeout settings.. modify nat global tcpidletimeout 3600 tcpclosewait 30 tcptimeout 30 udptimeout 45 enable create nat rule entry ruleid 100000 napt ; handy ALG.. create alg port portno 7000 prot num 6 algtype mirc [dhcp server pool: 192.168.1.50 - 192.168.1.99] ; dhcp server.. modify dhcp server cfg enable ; known, fixed clients from 192.168.1.1 - 192.168.1.49, guests (dhcp) from 50-99, servers from 100-200. well, that's my LAN! delete dhcp server pool poolid 0 create dhcp server pool start-ip 192.168.1.50 poolid 0 end-ip 192.168.1.99 mask 255.255.255.0 gwy 192.168.1.1 enable [disable nasty UPnP] ; disable nasty UPnP.. modify upnp cfg nbstatus disable # make the changes permanent.. commit