Created
August 22, 2013 22:01
-
-
Save LeoAdamek/6313360 to your computer and use it in GitHub Desktop.
OpenVPN Stuff
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # iptables -L | |
| Chain INPUT (policy ACCEPT) | |
| target prot opt source destination | |
| ACCEPT 0 -- anywhere anywhere state RELATED,ESTABLISHED | |
| logdrop udp -- anywhere anywhere udp dpt:route | |
| logdrop udp -- anywhere anywhere udp dpt:route | |
| ACCEPT udp -- anywhere anywhere udp dpt:route | |
| ACCEPT ipv6 -- anywhere anywhere | |
| ACCEPT icmp -- anywhere anywhere | |
| logdrop igmp -- anywhere anywhere | |
| ACCEPT 0 -- anywhere anywhere state NEW | |
| ACCEPT 0 -- anywhere anywhere state NEW | |
| logdrop 0 -- anywhere anywhere | |
| Chain FORWARD (policy ACCEPT) | |
| target prot opt source destination | |
| ACCEPT gre -- 10.0.0.0/24 anywhere | |
| ACCEPT tcp -- 10.0.0.0/24 anywhere tcp dpt:1723 | |
| ACCEPT 0 -- anywhere anywhere | |
| TCPMSS tcp -- anywhere anywhere tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU | |
| lan2wan 0 -- anywhere anywhere | |
| ACCEPT 0 -- anywhere anywhere state RELATED,ESTABLISHED | |
| ACCEPT tcp -- anywhere 10.0.0.100 tcp dpt:5000 | |
| TRIGGER 0 -- anywhere anywhere TRIGGER type:in match:0 relate:0 | |
| trigger_out 0 -- anywhere anywhere | |
| ACCEPT 0 -- anywhere anywhere state NEW | |
| logdrop 0 -- anywhere anywhere | |
| Chain OUTPUT (policy ACCEPT) | |
| target prot opt source destination | |
| Chain advgrp_1 (0 references) | |
| target prot opt source destination | |
| Chain advgrp_10 (0 references) | |
| target prot opt source destination | |
| Chain advgrp_2 (0 references) | |
| target prot opt source destination | |
| Chain advgrp_3 (0 references) | |
| target prot opt source destination | |
| Chain advgrp_4 (0 references) | |
| target prot opt source destination | |
| Chain advgrp_5 (0 references) | |
| target prot opt source destination | |
| Chain advgrp_6 (0 references) | |
| target prot opt source destination | |
| Chain advgrp_7 (0 references) | |
| target prot opt source destination | |
| Chain advgrp_8 (0 references) | |
| target prot opt source destination | |
| Chain advgrp_9 (0 references) | |
| target prot opt source destination | |
| Chain grp_1 (0 references) | |
| target prot opt source destination | |
| Chain grp_10 (0 references) | |
| target prot opt source destination | |
| Chain grp_2 (0 references) | |
| target prot opt source destination | |
| Chain grp_3 (0 references) | |
| target prot opt source destination | |
| Chain grp_4 (0 references) | |
| target prot opt source destination | |
| Chain grp_5 (0 references) | |
| target prot opt source destination | |
| Chain grp_6 (0 references) | |
| target prot opt source destination | |
| Chain grp_7 (0 references) | |
| target prot opt source destination | |
| root@number59:~# netstat -tnl | |
| Active Internet connections (only servers) | |
| Proto Recv-Q Send-Q Local Address Foreign Address State | |
| tcp 0 0 10.0.0.1:49152 0.0.0.0:* LISTEN | |
| tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN | |
| tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN | |
| tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN | |
| tcp 0 0 0.0.0.0:1337 0.0.0.0:* LISTEN | |
| tcp 0 0 :::53 :::* LISTEN | |
| tcp 0 0 :::22 :::* LISTEN | |
| root@number59:~# iptables -L | |
| Chain INPUT (policy ACCEPT) | |
| target prot opt source destination | |
| ACCEPT 0 -- anywhere anywhere state RELATED,ESTABLISHED | |
| logdrop udp -- anywhere anywhere udp dpt:route | |
| logdrop udp -- anywhere anywhere udp dpt:route | |
| ACCEPT udp -- anywhere anywhere udp dpt:route | |
| ACCEPT ipv6 -- anywhere anywhere | |
| ACCEPT icmp -- anywhere anywhere | |
| logdrop igmp -- anywhere anywhere | |
| ACCEPT 0 -- anywhere anywhere state NEW | |
| ACCEPT 0 -- anywhere anywhere state NEW | |
| logdrop 0 -- anywhere anywhere | |
| Chain FORWARD (policy ACCEPT) | |
| target prot opt source destination | |
| ACCEPT gre -- 10.0.0.0/24 anywhere | |
| ACCEPT tcp -- 10.0.0.0/24 anywhere tcp dpt:1723 | |
| ACCEPT 0 -- anywhere anywhere | |
| TCPMSS tcp -- anywhere anywhere tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU | |
| lan2wan 0 -- anywhere anywhere | |
| ACCEPT 0 -- anywhere anywhere state RELATED,ESTABLISHED | |
| ACCEPT tcp -- anywhere 10.0.0.100 tcp dpt:5000 | |
| TRIGGER 0 -- anywhere anywhere TRIGGER type:in match:0 relate:0 | |
| trigger_out 0 -- anywhere anywhere | |
| ACCEPT 0 -- anywhere anywhere state NEW | |
| logdrop 0 -- anywhere anywhere | |
| Chain OUTPUT (policy ACCEPT) | |
| target prot opt source destination | |
| Chain advgrp_1 (0 references) | |
| target prot opt source destination | |
| Chain advgrp_10 (0 references) | |
| target prot opt source destination | |
| Chain advgrp_2 (0 references) | |
| target prot opt source destination | |
| Chain advgrp_3 (0 references) | |
| target prot opt source destination | |
| Chain advgrp_4 (0 references) | |
| target prot opt source destination | |
| Chain advgrp_5 (0 references) | |
| target prot opt source destination | |
| Chain advgrp_6 (0 references) | |
| target prot opt source destination | |
| Chain advgrp_7 (0 references) | |
| target prot opt source destination | |
| Chain advgrp_8 (0 references) | |
| target prot opt source destination | |
| Chain advgrp_9 (0 references) | |
| target prot opt source destination | |
| Chain grp_1 (0 references) | |
| target prot opt source destination | |
| Chain grp_10 (0 references) | |
| target prot opt source destination | |
| Chain grp_2 (0 references) | |
| target prot opt source destination | |
| Chain grp_3 (0 references) | |
| target prot opt source destination | |
| Chain grp_4 (0 references) | |
| target prot opt source destination | |
| Chain grp_5 (0 references) | |
| target prot opt source destination | |
| Chain grp_6 (0 references) | |
| target prot opt source destination | |
| Chain grp_7 (0 references) | |
| target prot opt source destination | |
| Chain grp_8 (0 references) | |
| target prot opt source destination | |
| Chain grp_9 (0 references) | |
| target prot opt source destination | |
| Chain lan2wan (1 references) | |
| target prot opt source destination | |
| Chain logaccept (0 references) | |
| target prot opt source destination | |
| ACCEPT 0 -- anywhere anywhere | |
| Chain logbrute (0 references) | |
| target prot opt source destination | |
| 0 -- anywhere anywhere recent: SET name: BRUTEFORCE side: source | |
| RETURN 0 -- anywhere anywhere !recent: UPDATE seconds: 60 hit_count: 4 name: BRUTEFORCE side: source | |
| RETURN 0 -- anywhere anywhere limit: avg 1/min burst 1 | |
| logdrop 0 -- anywhere anywhere | |
| Chain logdrop (6 references) | |
| target prot opt source destination | |
| DROP 0 -- anywhere anywhere | |
| Chain logreject (0 references) | |
| target prot opt source destination | |
| LOG 0 -- anywhere anywhere LOG level warning tcp-sequence tcp-options ip-options prefix `WEBDROP ' | |
| REJECT tcp -- anywhere anywhere reject-with tcp-reset | |
| Chain trigger_out (1 references) | |
| target prot opt source destination |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # netstat -nl | |
| Active Internet connections (only servers) | |
| Proto Recv-Q Send-Q Local Address Foreign Address State | |
| tcp 0 0 10.0.0.1:49152 0.0.0.0:* LISTEN | |
| tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN | |
| tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN | |
| tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN | |
| tcp 0 0 0.0.0.0:1337 0.0.0.0:* LISTEN | |
| tcp 0 0 :::53 :::* LISTEN | |
| tcp 0 0 :::22 :::* LISTEN | |
| udp 0 0 0.0.0.0:53 0.0.0.0:* | |
| udp 0 0 0.0.0.0:67 0.0.0.0:* | |
| udp 0 0 0.0.0.0:22359 0.0.0.0:* | |
| udp 0 0 0.0.0.0:22616 0.0.0.0:* | |
| udp 0 0 0.0.0.0:52067 0.0.0.0:* | |
| udp 0 0 0.0.0.0:1900 0.0.0.0:* | |
| udp 0 0 0.0.0.0:48632 0.0.0.0:* | |
| udp 0 0 :::53 :::* | |
| raw 0 0 0.0.0.0:255 0.0.0.0:* 255 | |
| Active UNIX domain sockets (only servers) | |
| Proto RefCnt Flags Type State I-Node Path | |
| unix 2 [ ACC ] STREAM LISTENING 24057 /tmp/acpalarm |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| port 1337 | |
| proto tcp-server | |
| dev tun | |
| tls-server | |
| ca /jffs/openvpn/ca.crt | |
| cert /jffs/openvpn/server.crt | |
| key /jffs/openvpn/server.key | |
| dh /jffs/openvpn/dh1024.pem | |
| push "route 10.0.0.0 255.255.255.0" | |
| keepalive 10 120 | |
| comp-lzo | |
| max-clients 10 | |
| persist-key | |
| persist-tun | |
| status openvpn-status.log | |
| verb 3 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Aug 22 22:51:10 HomeRouter openvpn: OpenVPN 2.2.1 mips-linux [SSL] [LZO2] [EPOLL] built on Sep 27 2012 | |
| Aug 22 22:51:10 HomeRouter openvpn: NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables | |
| Aug 22 22:51:10 HomeRouter openvpn: Note: cannot open openvpn-status.log for WRITE | |
| Aug 22 22:51:10 HomeRouter openvpn: Diffie-Hellman initialized with 1024 bit key | |
| Aug 22 22:51:10 HomeRouter openvpn: LZO compression initialized | |
| Aug 22 22:51:10 HomeRouter openvpn: Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ] | |
| Aug 22 22:51:10 HomeRouter openvpn: Socket Buffers: R=[87380->131072] S=[16384->131072] | |
| Aug 22 22:51:10 HomeRouter openvpn: TUN/TAP device tun0 opened | |
| Aug 22 22:51:10 HomeRouter openvpn: TUN/TAP TX queue length set to 100 | |
| Aug 22 22:51:10 HomeRouter openvpn: WARNING: External program may not be called unless '--script-security 2' or higher is enabled. Use '--script-security 3 system' for backward compatibility with 2.1_rc8 and earlier. See --help text or man page for deta | |
| Aug 22 22:51:10 HomeRouter openvpn: WARNING: Failed running command (--route-up): external program fork failed | |
| Aug 22 22:51:10 HomeRouter openvpn: Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ] | |
| Aug 22 22:51:10 HomeRouter openvpn: Local Options hash (VER=V4): 'c0103fa8' | |
| Aug 22 22:51:10 HomeRouter openvpn: Expected Remote Options hash (VER=V4): '69109d17' | |
| Aug 22 22:51:10 HomeRouter openvpn: Listening for incoming TCP connection on [undef]:1337 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment