miketweaver · February 28, 2018 22:37
diff --git a/config.boot b/config.boot
 firewall {
    all-ping enable
    broadcast-ping disable
    config-trap disable
    ipv6-receive-redirects disable
    ipv6-src-route disable
    ip-src-route disable
    log-martians enable
    receive-redirects disable
    send-redirects enable
    source-validation disable
    syn-cookies enable
    twa-hazards-protection disable
    name LAN-IN {
        default-action drop
        rule 10 {
            action accept
            state {
                established enable
                related enable
            }
        }
    }
    name LAN-LOCAL {
        default-action drop
        rule 10 {
            action accept
            state {
                established enable
                related enable
            }
        }
    }
 }
 interfaces {
    ethernet eth0 {
        address dhcp
        description LAN
        duplex auto
        firewall {
            in {
                name LAN-IN
            }
            local {
                name LAN-LOCAL
            }
        }
        smp_affinity auto
        speed auto
    }
    ethernet eth1 {
        address 192.168.0.1/24
        description "VPN Network"
        duplex auto
        smp_affinity auto
        speed auto
    }
    loopback lo {
    }
 }
 service {
    dhcp-server {
        disabled false
        shared-network-name VPN-LAN {
            authoritative disable
            subnet 192.168.0.0/24 {
                default-router 192.168.0.1
                dns-server 192.168.0.1
                domain-name local
                lease 86400
                start 192.168.0.10 {
                    stop 192.168.0.150
                }
            }
        }
    }
    dns {
        forwarding {
            cache-size 0
            listen-on eth1
            name-server 8.8.8.8
            name-server 8.8.4.4
        }
    }
 }
 system {
    config-management {
        commit-revisions 20
    }
    host-name vyos
    login {
        user vyos {
            authentication {
                encrypted-password $6$0qH9IPTOUwKTu$H7f3iyivBvvSR1o8TtD6mL/vQcqblEwIjZNu4auYV20r/xhm6JfbCapCb57bvjAMsD3Fmwdxqg0zJpoJMgTUf0
            }
            level admin
        }
    }
    ntp {
        server 0.pool.ntp.org
        server 1.pool.ntp.org
        server 2.pool.ntp.org
    }
    name-server 8.8.8.8
    name-server 8.8.4.4
    package {
        auto-sync 1
        repository community {
            components main
            distribution helium
            password ""
            url http://packages.vyos.net/vyos
            username ""
        }
    }
    syslog {
        global {
            facility all {
                level notice
            }
            facility protocols {
                level debug
            }
        }
    }
    time-zone UTC
 }


 /* Warning: Do not remove the following line. */
 /* === vyatta-config-version: "cluster@1:config-management@1:conntrack-sync@1:conntrack@1:cron@1:dhcp-relay@1:dhcp-server@4:firewall@5:ipsec@4:nat@4:qos@1:quagga@2:system@6:vrrp@1:wanloadbalance@3:webgui@1:webproxy@1:zone-policy@1" === */
 /* Release version: VyOS 1.1.7 */
	firewall {
	all-ping enable
	broadcast-ping disable
	config-trap disable
	ipv6-receive-redirects disable
	ipv6-src-route disable
	ip-src-route disable
	log-martians enable
	receive-redirects disable
	send-redirects enable
	source-validation disable
	syn-cookies enable
	twa-hazards-protection disable
	name LAN-IN {
	default-action drop
	rule 10 {
	action accept
	state {
	established enable
	related enable
	}
	}
	}
	name LAN-LOCAL {
	default-action drop
	rule 10 {
	action accept
	state {
	established enable
	related enable
	}
	}
	}
	}
	interfaces {
	ethernet eth0 {
	address dhcp
	description LAN
	duplex auto
	firewall {
	in {
	name LAN-IN
	}
	local {
	name LAN-LOCAL
	}
	}
	smp_affinity auto
	speed auto
	}
	ethernet eth1 {
	address 192.168.0.1/24
	description "VPN Network"
	duplex auto
	smp_affinity auto
	speed auto
	}
	loopback lo {
	}
	}
	service {
	dhcp-server {
	disabled false
	shared-network-name VPN-LAN {
	authoritative disable
	subnet 192.168.0.0/24 {
	default-router 192.168.0.1
	dns-server 192.168.0.1
	domain-name local
	lease 86400
	start 192.168.0.10 {
	stop 192.168.0.150
	}
	}
	}
	}
	dns {
	forwarding {
	cache-size 0
	listen-on eth1
	name-server 8.8.8.8
	name-server 8.8.4.4
	}
	}
	}
	system {
	config-management {
	commit-revisions 20
	}
	host-name vyos
	login {
	user vyos {
	authentication {
	encrypted-password $6$0qH9IPTOUwKTu$H7f3iyivBvvSR1o8TtD6mL/vQcqblEwIjZNu4auYV20r/xhm6JfbCapCb57bvjAMsD3Fmwdxqg0zJpoJMgTUf0
	}
	level admin
	}
	}
	ntp {
	server 0.pool.ntp.org
	server 1.pool.ntp.org
	server 2.pool.ntp.org
	}
	name-server 8.8.8.8
	name-server 8.8.4.4
	package {
	auto-sync 1
	repository community {
	components main
	distribution helium
	password ""
	url http://packages.vyos.net/vyos
	username ""
	}
	}
	syslog {
	global {
	facility all {
	level notice
	}
	facility protocols {
	level debug
	}
	}
	}
	time-zone UTC
	}


	/* Warning: Do not remove the following line. */
	/* === vyatta-config-version: "cluster@1:config-management@1:conntrack-sync@1:conntrack@1:cron@1:dhcp-relay@1:dhcp-server@4:firewall@5:ipsec@4:nat@4:qos@1:quagga@2:system@6:vrrp@1:wanloadbalance@3:webgui@1:webproxy@1:zone-policy@1" === */
	/* Release version: VyOS 1.1.7 */