set firewall all-ping enable set firewall broadcast-ping disable set firewall ipv6-receive-redirects disable set firewall ipv6-src-route disable set firewall ip-src-route disable set firewall log-martians enable set firewall name WAN_IN default-action drop set firewall name WAN_IN description 'WAN to internal' set firewall name WAN_IN rule 10 action accept set firewall name WAN_IN rule 10 description 'Allow established/related' set firewall name WAN_IN rule 10 state established enable set firewall name WAN_IN rule 10 state related enable set firewall name WAN_IN rule 20 action drop set firewall name WAN_IN rule 20 description 'Drop invalid state' set firewall name WAN_IN rule 20 state invalid enable set firewall name WAN_LOCAL default-action drop set firewall name WAN_LOCAL description 'WAN to router' set firewall name WAN_LOCAL rule 10 action accept set firewall name WAN_LOCAL rule 10 description 'Allow established/related' set firewall name WAN_LOCAL rule 10 state established enable set firewall name WAN_LOCAL rule 10 state related enable set firewall name WAN_LOCAL rule 30 action drop set firewall name WAN_LOCAL rule 30 description 'Drop invalid state' set firewall name WAN_LOCAL rule 30 state invalid enable set firewall options mss-clamp mss 1412 set firewall receive-redirects disable set firewall send-redirects enable set firewall source-validation disable set firewall syn-cookies enable set interfaces ethernet eth0 description 'Internet (PPPoE)' set interfaces ethernet eth0 duplex auto set interfaces ethernet eth0 pppoe 0 default-route auto set interfaces ethernet eth0 pppoe 0 firewall in name WAN_IN set interfaces ethernet eth0 pppoe 0 firewall local name WAN_LOCAL set interfaces ethernet eth0 pppoe 0 mtu 1492 set interfaces ethernet eth0 pppoe 0 name-server auto set interfaces ethernet eth0 pppoe 0 password 24ydrUYs set interfaces ethernet eth0 pppoe 0 user-id hafnerjoseph set interfaces ethernet eth0 speed auto set interfaces ethernet eth1 address 192.168.2.1/24 set interfaces ethernet eth1 description Local set interfaces ethernet eth1 duplex auto set interfaces ethernet eth1 speed auto set interfaces ethernet eth2 description 'Local 2' set interfaces ethernet eth2 duplex auto set interfaces ethernet eth2 speed auto set interfaces ethernet eth3 description 'Local 2' set interfaces ethernet eth3 duplex auto set interfaces ethernet eth3 speed auto set interfaces ethernet eth4 description 'Local 2' set interfaces ethernet eth4 duplex auto set interfaces ethernet eth4 speed auto set interfaces ethernet eth5 description 'Local 2' set interfaces ethernet eth5 duplex auto set interfaces ethernet eth5 speed auto set interfaces ethernet eth6 description 'Local 2' set interfaces ethernet eth6 duplex auto set interfaces ethernet eth6 speed auto set interfaces ethernet eth7 description 'Local 2' set interfaces ethernet eth7 duplex auto set interfaces ethernet eth7 speed auto set interfaces ethernet eth8 description 'Local 2' set interfaces ethernet eth8 duplex auto set interfaces ethernet eth8 speed auto set interfaces ethernet eth9 description 'Local 2' set interfaces ethernet eth9 duplex auto set interfaces ethernet eth9 poe output 24v set interfaces ethernet eth9 speed auto set interfaces loopback lo set interfaces switch switch0 address 192.168.1.1/24 set interfaces switch switch0 description 'Local 2' set interfaces switch switch0 mtu 1500 set interfaces switch switch0 switch-port interface eth2 set interfaces switch switch0 switch-port interface eth3 set interfaces switch switch0 switch-port interface eth4 set interfaces switch switch0 switch-port interface eth5 set interfaces switch switch0 switch-port interface eth6 set interfaces switch switch0 switch-port interface eth7 set interfaces switch switch0 switch-port interface eth8 set interfaces switch switch0 switch-port interface eth9 set interfaces switch switch0 switch-port vlan-aware disable set port-forward auto-firewall enable set port-forward hairpin-nat enable set port-forward lan-interface switch0 set port-forward rule 1 description Plex set port-forward rule 1 forward-to address 192.168.1.23 set port-forward rule 1 original-port 32400 set port-forward rule 1 protocol tcp_udp set port-forward rule 2 description BitTorrent set port-forward rule 2 forward-to address 192.168.1.21 set port-forward rule 2 original-port 51000-51999 set port-forward rule 2 protocol tcp_udp set port-forward rule 3 description WireGuard set port-forward rule 3 forward-to address 192.168.1.23 set port-forward rule 3 original-port 53820-53829 set port-forward rule 3 protocol tcp_udp set port-forward rule 4 description Minecraft set port-forward rule 4 forward-to address 192.168.1.23 set port-forward rule 4 forward-to port 25565 set port-forward rule 4 original-port 25565 set port-forward rule 4 protocol tcp_udp set port-forward rule 5 description Iperf set port-forward rule 5 forward-to address 192.168.1.23 set port-forward rule 5 original-port 50201 set port-forward rule 5 protocol tcp_udp set port-forward rule 6 description https,http set port-forward rule 6 forward-to address 192.168.1.23 set port-forward rule 6 original-port 443,80 set port-forward rule 6 protocol tcp_udp set port-forward rule 7 description 'Peertube Live' set port-forward rule 7 forward-to address 192.168.1.23 set port-forward rule 7 forward-to port 22 set port-forward rule 7 original-port 1935 set port-forward rule 7 protocol tcp_udp set port-forward rule 8 description 'Git SSH' set port-forward rule 8 forward-to address 192.168.1.23 set port-forward rule 8 original-port 2228-2229 set port-forward rule 8 protocol tcp_udp set port-forward rule 9 description SFTP set port-forward rule 9 forward-to address 192.168.1.23 set port-forward rule 9 original-port 23450 set port-forward rule 9 protocol tcp_udp set port-forward rule 10 description Terraria set port-forward rule 10 forward-to address 192.168.1.100 set port-forward rule 10 forward-to port 7777 set port-forward rule 10 original-port 50777 set port-forward rule 10 protocol tcp_udp set port-forward rule 11 description BitTorrent set port-forward rule 11 forward-to address 192.168.1.23 set port-forward rule 11 original-port 50000 set port-forward rule 11 protocol tcp_udp set port-forward wan-interface pppoe0 set service dhcp-server disabled false set service dhcp-server hostfile-update disable set service dhcp-server shared-network-name LAN1 authoritative enable set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 default-router 192.168.1.1 set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 dns-server 1.1.1.1 set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 dns-server 1.0.0.1 set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 domain-name local set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 lease 86400 set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 start 192.168.1.100 stop 192.168.1.254 set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 static-mapping U6-Lite ip-address 192.168.1.3 set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 static-mapping U6-Lite mac-address '78:45:58:67:87:14' set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 static-mapping UAP-AC-LR ip-address 192.168.1.2 set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 static-mapping UAP-AC-LR mac-address '18:e8:29:50:f7:5b' set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 static-mapping joey-nas ip-address 192.168.1.10 set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 static-mapping joey-nas mac-address '40:8d:5c:52:41:89' set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 static-mapping joey-seedbox ip-address 192.168.1.21 set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 static-mapping joey-seedbox mac-address '24:4b:fe:57:bc:85' set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 static-mapping joey-server ip-address 192.168.1.23 set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 static-mapping joey-server mac-address '24:4b:fe:8b:f3:b0' set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 static-mapping joeyPrinter ip-address 192.168.1.60 set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 static-mapping joeyPrinter mac-address '9c:32:ce:7c:f8:25' set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 static-mapping pihole ip-address 192.168.1.22 set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 static-mapping pihole mac-address 'b8:27:eb:3c:8e:bb' set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 static-mapping tasmota-1 ip-address 192.168.1.50 set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 static-mapping tasmota-1 mac-address '3C:61:05:F6:44:1E' set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 static-mapping tasmota-2 ip-address 192.168.1.51 set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 static-mapping tasmota-2 mac-address '3c:61:05:f6:d7:d3' set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 static-mapping tasmota-3 ip-address 192.168.1.52 set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 static-mapping tasmota-3 mac-address '3c:61:05:f6:f0:62' set service dhcp-server shared-network-name LAN2 authoritative enable set service dhcp-server shared-network-name LAN2 subnet 192.168.2.0/24 default-router 192.168.2.1 set service dhcp-server shared-network-name LAN2 subnet 192.168.2.0/24 dns-server 192.168.2.1 set service dhcp-server shared-network-name LAN2 subnet 192.168.2.0/24 lease 86400 set service dhcp-server shared-network-name LAN2 subnet 192.168.2.0/24 start 192.168.2.38 stop 192.168.2.243 set service dhcp-server static-arp disable set service dhcp-server use-dnsmasq enable set service dns forwarding cache-size 150 set service dns forwarding listen-on switch0 set service dns forwarding name-server 192.168.1.1 set service dns forwarding name-server 1.1.1.1 set service dns forwarding name-server 1.0.0.1 set service dns forwarding options strict-order set service dns forwarding system set service gui http-port 8080 set service gui https-port 4433 set service gui older-ciphers enable set service nat rule 5010 description 'masquerade for WAN' set service nat rule 5010 outbound-interface pppoe0 set service nat rule 5010 type masquerade set service ssh port 22 set service ssh protocol-version v2 set service unms disable set system domain-name local set system host-name ubnt set system login user admin authentication encrypted-password '$5$j8QJRFCpc2Pc90kV$AA7DbPJldnwMlahDbbFWf0N9WiNnL9faW473jO9z1Z0' set system login user admin authentication public-keys jafner425@gmail.com key AAAAB3NzaC1yc2EAAAADAQABAAAEAQCyolGiQAOvyKZ9GtPx2FbKwdt8twLuKs8l0+o3QVZsS5NCG4pX6GXuH8GspmHSedy4yfgVBN0NlOoVPpwxGslZZ5BLkOyhfcoiayPMbYyEpyiujcmnIUlNLI04otz7Ucqhopy+DC/+UpLTMqgnlevWDJW5YgYNAInPFNP7cIJ//sjimisP/su0n4DTzq/1WDUHN+Pk2LKw9P6NnAyk+RhSAH2v5Z/sq0FjUVxe57oNnCGec8KzVsxvI3PP44ax17n8MIyZlXhDa41+1u/LsE9oHSeidaWz8S8IZaRQbUkdtaViiOL+JS55ZOut11cmEOBTsXgmwEH9d1gLS5NKukwTDruBjznqJDXuFlcoRvHIYOTbBXVBDzI710kX7hucks/XZuUhXuOsO0hqQjqAJFX/LKbeR/XN+7AvuGIy25bslZu3/HUdL9UYhenm/AJL5YtUKRsLIeznRyHJcJ8905qgMIELRVWYxTDlekbsL5rNzrRSJ4+gV9Y5TFe1uxRaqqGiuyJ1T7/R2++z+p+sYoBJOY+vehUul7CtaYeVe7FUGuJzWHylkmkOMSJQb0XvjQWjFgSOstIf4MoFcRSfgztL4C2utDNayvR2XjLjRcaZnIzzAkBweY/g0Y0Jnnjk+dmnKWeoDHUXOT/GHGi/KfL4lwnQFRtS8x6M52sX417Of9K14ljILaHESJibjPN2jWboQdvTw0PFhbr72jr6+rhayuiP3n+5rENtDxwPlfYdSsCdgVyg7HC/2F6ZL5QHXctJFjIswMdJds+3pHnb7l5d4TiRdBQNQGVv7pYYfZdyqMGk5sdKXBzn/uS1a0SRqzJAhgH6nA67HfuBKq2xwu86hlOnc6hsFuehXAweaZ/UvTBiCE+4oYokAyHcpHsjOYqTmK6rSTTfGQ3Yc8zgD5vGb04tGRMVFA0+uQSrcBeIidxFZA1pbrMuDGDQDqtevIyna+rN958IWjCMvs8O+wro4SFYKAHYOkaBW0syQl1m/GKePcDJR6rkLx8eLrr6jaj4rHAS5fVJVYOpPIkrnfI5kTvnuRqJTH9NIaan3q4+6mAQ1prBqrtO2RUWcdmfkuVuUapDcqhgqGQqzsaKNWjsiCr21CPnYuj8pYItyJziF2VGS5oci2feCxWwbqqW8WUXZha7PnhQaIIiv7vyIo/JVWKK12v8UfeFRiRL73JOfFdtRCWldQxF2yRTt5gFxObCPQj5oSj1+Buc/IzQwqkKxeKpjUdtYt1RjsU3rJR1JDjEhrbbN/LZg986wkxrsLVqQmsXxSniai2X4vN+9KZu4kcg8Crk4g29+L0Snj0P7PQ61SXT3HMZxp5T2jLvekwLyn9yIKl75IiQSdgp+DIv set system login user admin authentication public-keys jafner425@gmail.com type ssh-rsa set system login user admin authentication public-keys joey@joey-server key AAAAB3NzaC1yc2EAAAADAQABAAACAQDOCCXndD7BbVmUHsYEkVLobZVBbZ8mgHjpKreUSsyZLah9Et2VxzATOh1bnXwapHu137h/cMeBDBPD3AfoCT3njd/mvVZB3INkyS8mPoFuwYViHmlW2L+6Bv5kGiMpjK/G5lPkKLsA79bTMu2kuAM6usslap3hEdwNW0vK3a+feM1RSwxirQmDXq4WRmsY9r4Md9wIfxLaezy0l0oK8k7xqMeiLrqMsrpsDOVV5Cb7iyufDqEx4QbicosrMD+C4Mql8ptdOYVj86jOND9lcpoqujOQWD2k8Cvl/zdoWY3ZG7duZjD9NYFgvM7F62LM5p7t5iNicxcegCqdZmFR5+ueZtoIn6BpCT4cvAWHSipRuvNmAWaQBnfr/NKh4H2QF0wJluDkG+wTrJPjH9FmK4sUHdOx+rqZ4iWhhZ7a2c4wNgm9i+UHoh//MPSvWOC5lQ97FvTUVBmE8BiWh8tZ82SxjSUtWaYPGZEmJvEIVXus70aY8Rwelxn9gXTwLlzRZl+0G7XOQia1EIj8VnUtPtWMxHeI09klOP1BRUVSRXBGOvz1UjbHIAEYvnxkTiW5LG1xxJopUQ3QiyDDERBbelLtM3iBIRFbVlFcqyIG3OsZaR90LwngBFIMtPZrv3vWTg3YdtMDw7uW1SVHHBDfxEc9cSBYQinVGupUmyztTLkM4Q== set system login user admin authentication public-keys joey@joey-server type ssh-rsa set system login user admin level admin set system name-server 127.0.0.1 set system name-server 1.1.1.1 set system name-server 1.0.0.1 set system ntp server 0.ubnt.pool.ntp.org set system ntp server 1.ubnt.pool.ntp.org set system ntp server 2.ubnt.pool.ntp.org set system ntp server 3.ubnt.pool.ntp.org set system offload hwnat enable set system package repository stretch components 'main contrib non-free' set system package repository stretch distribution stretch set system package repository stretch password '' set system package repository stretch url 'http://http.us.debian.org/debian' set system package repository stretch username '' set system syslog global facility all level notice set system syslog global facility protocols level debug set system time-zone America/Los_Angeles