diff --git a/router/config/config.boot-commands b/router/config/config.boot-commands deleted file mode 100644 index 0132666..0000000 --- a/router/config/config.boot-commands +++ /dev/null @@ -1,208 +0,0 @@ -set firewall all-ping enable -set firewall broadcast-ping disable -set firewall ipv6-receive-redirects disable -set firewall ipv6-src-route disable -set firewall ip-src-route disable -set firewall log-martians enable -set firewall name WAN_IN default-action drop -set firewall name WAN_IN description 'WAN to internal' -set firewall name WAN_IN rule 10 action accept -set firewall name WAN_IN rule 10 description 'Allow established/related' -set firewall name WAN_IN rule 10 state established enable -set firewall name WAN_IN rule 10 state related enable -set firewall name WAN_IN rule 20 action drop -set firewall name WAN_IN rule 20 description 'Drop invalid state' -set firewall name WAN_IN rule 20 state invalid enable -set firewall name WAN_LOCAL default-action drop -set firewall name WAN_LOCAL description 'WAN to router' -set firewall name WAN_LOCAL rule 10 action accept -set firewall name WAN_LOCAL rule 10 description 'Allow established/related' -set firewall name WAN_LOCAL rule 10 state established enable -set firewall name WAN_LOCAL rule 10 state related enable -set firewall name WAN_LOCAL rule 30 action drop -set firewall name WAN_LOCAL rule 30 description 'Drop invalid state' -set firewall name WAN_LOCAL rule 30 state invalid enable -set firewall options mss-clamp mss 1412 -set firewall receive-redirects disable -set firewall send-redirects enable -set firewall source-validation disable -set firewall syn-cookies enable -set interfaces ethernet eth0 description 'Internet (PPPoE)' -set interfaces ethernet eth0 duplex auto -set interfaces ethernet eth0 pppoe 0 default-route auto -set interfaces ethernet eth0 pppoe 0 firewall in name WAN_IN -set interfaces ethernet eth0 pppoe 0 firewall local name WAN_LOCAL -set interfaces ethernet eth0 pppoe 0 mtu 1492 -set interfaces ethernet eth0 pppoe 0 name-server auto -set interfaces ethernet eth0 pppoe 0 password 24ydrUYs -set interfaces ethernet eth0 pppoe 0 user-id hafnerjoseph -set interfaces ethernet eth0 speed auto -set interfaces ethernet eth1 address 192.168.2.1/24 -set interfaces ethernet eth1 description Local -set interfaces ethernet eth1 duplex auto -set interfaces ethernet eth1 speed auto -set interfaces ethernet eth2 description 'Local 2' -set interfaces ethernet eth2 duplex auto -set interfaces ethernet eth2 speed auto -set interfaces ethernet eth3 description 'Local 2' -set interfaces ethernet eth3 duplex auto -set interfaces ethernet eth3 speed auto -set interfaces ethernet eth4 description 'Local 2' -set interfaces ethernet eth4 duplex auto -set interfaces ethernet eth4 speed auto -set interfaces ethernet eth5 description 'Local 2' -set interfaces ethernet eth5 duplex auto -set interfaces ethernet eth5 speed auto -set interfaces ethernet eth6 description 'Local 2' -set interfaces ethernet eth6 duplex auto -set interfaces ethernet eth6 speed auto -set interfaces ethernet eth7 description 'Local 2' -set interfaces ethernet eth7 duplex auto -set interfaces ethernet eth7 speed auto -set interfaces ethernet eth8 description 'Local 2' -set interfaces ethernet eth8 duplex auto -set interfaces ethernet eth8 speed auto -set interfaces ethernet eth9 description 'Local 2' -set interfaces ethernet eth9 duplex auto -set interfaces ethernet eth9 poe output 24v -set interfaces ethernet eth9 speed auto -set interfaces loopback lo -set interfaces switch switch0 address 192.168.1.1/24 -set interfaces switch switch0 description 'Local 2' -set interfaces switch switch0 mtu 1500 -set interfaces switch switch0 switch-port interface eth2 -set interfaces switch switch0 switch-port interface eth3 -set interfaces switch switch0 switch-port interface eth4 -set interfaces switch switch0 switch-port interface eth5 -set interfaces switch switch0 switch-port interface eth6 -set interfaces switch switch0 switch-port interface eth7 -set interfaces switch switch0 switch-port interface eth8 -set interfaces switch switch0 switch-port interface eth9 -set interfaces switch switch0 switch-port vlan-aware disable -set port-forward auto-firewall enable -set port-forward hairpin-nat enable -set port-forward lan-interface switch0 -set port-forward rule 1 description Plex -set port-forward rule 1 forward-to address 192.168.1.23 -set port-forward rule 1 original-port 32400 -set port-forward rule 1 protocol tcp_udp -set port-forward rule 2 description BitTorrent -set port-forward rule 2 forward-to address 192.168.1.21 -set port-forward rule 2 original-port 51000-51999 -set port-forward rule 2 protocol tcp_udp -set port-forward rule 3 description WireGuard -set port-forward rule 3 forward-to address 192.168.1.23 -set port-forward rule 3 original-port 53820-53829 -set port-forward rule 3 protocol tcp_udp -set port-forward rule 4 description Minecraft -set port-forward rule 4 forward-to address 192.168.1.23 -set port-forward rule 4 forward-to port 25565 -set port-forward rule 4 original-port 25565 -set port-forward rule 4 protocol tcp_udp -set port-forward rule 5 description Iperf -set port-forward rule 5 forward-to address 192.168.1.23 -set port-forward rule 5 original-port 50201 -set port-forward rule 5 protocol tcp_udp -set port-forward rule 6 description https,http -set port-forward rule 6 forward-to address 192.168.1.23 -set port-forward rule 6 original-port 443,80 -set port-forward rule 6 protocol tcp_udp -set port-forward rule 7 description 'Peertube Live' -set port-forward rule 7 forward-to address 192.168.1.23 -set port-forward rule 7 forward-to port 22 -set port-forward rule 7 original-port 1935 -set port-forward rule 7 protocol tcp_udp -set port-forward rule 8 description 'Git SSH' -set port-forward rule 8 forward-to address 192.168.1.23 -set port-forward rule 8 original-port 2228-2229 -set port-forward rule 8 protocol tcp_udp -set port-forward rule 9 description SFTP -set port-forward rule 9 forward-to address 192.168.1.23 -set port-forward rule 9 original-port 23450 -set port-forward rule 9 protocol tcp_udp -set port-forward rule 10 description Terraria -set port-forward rule 10 forward-to address 192.168.1.100 -set port-forward rule 10 forward-to port 7777 -set port-forward rule 10 original-port 50777 -set port-forward rule 10 protocol tcp_udp -set port-forward rule 11 description BitTorrent -set port-forward rule 11 forward-to address 192.168.1.23 -set port-forward rule 11 original-port 50000 -set port-forward rule 11 protocol tcp_udp -set port-forward wan-interface pppoe0 -set service dhcp-server disabled false -set service dhcp-server hostfile-update disable -set service dhcp-server shared-network-name LAN1 authoritative enable -set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 default-router 192.168.1.1 -set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 dns-server 1.1.1.1 -set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 dns-server 1.0.0.1 -set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 domain-name local -set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 lease 86400 -set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 start 192.168.1.100 stop 192.168.1.254 -set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 static-mapping U6-Lite ip-address 192.168.1.3 -set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 static-mapping U6-Lite mac-address '78:45:58:67:87:14' -set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 static-mapping UAP-AC-LR ip-address 192.168.1.2 -set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 static-mapping UAP-AC-LR mac-address '18:e8:29:50:f7:5b' -set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 static-mapping joey-nas ip-address 192.168.1.10 -set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 static-mapping joey-nas mac-address '40:8d:5c:52:41:89' -set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 static-mapping joey-seedbox ip-address 192.168.1.21 -set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 static-mapping joey-seedbox mac-address '24:4b:fe:57:bc:85' -set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 static-mapping joey-server ip-address 192.168.1.23 -set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 static-mapping joey-server mac-address '24:4b:fe:8b:f3:b0' -set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 static-mapping joeyPrinter ip-address 192.168.1.60 -set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 static-mapping joeyPrinter mac-address '9c:32:ce:7c:f8:25' -set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 static-mapping pihole ip-address 192.168.1.22 -set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 static-mapping pihole mac-address 'b8:27:eb:3c:8e:bb' -set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 static-mapping tasmota-1 ip-address 192.168.1.50 -set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 static-mapping tasmota-1 mac-address '3C:61:05:F6:44:1E' -set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 static-mapping tasmota-2 ip-address 192.168.1.51 -set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 static-mapping tasmota-2 mac-address '3c:61:05:f6:d7:d3' -set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 static-mapping tasmota-3 ip-address 192.168.1.52 -set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 static-mapping tasmota-3 mac-address '3c:61:05:f6:f0:62' -set service dhcp-server shared-network-name LAN2 authoritative enable -set service dhcp-server shared-network-name LAN2 subnet 192.168.2.0/24 default-router 192.168.2.1 -set service dhcp-server shared-network-name LAN2 subnet 192.168.2.0/24 dns-server 192.168.2.1 -set service dhcp-server shared-network-name LAN2 subnet 192.168.2.0/24 lease 86400 -set service dhcp-server shared-network-name LAN2 subnet 192.168.2.0/24 start 192.168.2.38 stop 192.168.2.243 -set service dhcp-server static-arp disable -set service dhcp-server use-dnsmasq enable -set service dns forwarding cache-size 150 -set service dns forwarding listen-on switch0 -set service dns forwarding name-server 192.168.1.1 -set service dns forwarding name-server 1.1.1.1 -set service dns forwarding name-server 1.0.0.1 -set service dns forwarding options strict-order -set service dns forwarding system -set service gui http-port 8080 -set service gui https-port 4433 -set service gui older-ciphers enable -set service nat rule 5010 description 'masquerade for WAN' -set service nat rule 5010 outbound-interface pppoe0 -set service nat rule 5010 type masquerade -set service ssh port 22 -set service ssh protocol-version v2 -set service unms disable -set system domain-name local -set system host-name ubnt -set system login user admin authentication encrypted-password '$5$j8QJRFCpc2Pc90kV$AA7DbPJldnwMlahDbbFWf0N9WiNnL9faW473jO9z1Z0' -set system login user admin authentication public-keys jafner425@gmail.com key AAAAB3NzaC1yc2EAAAADAQABAAAEAQCyolGiQAOvyKZ9GtPx2FbKwdt8twLuKs8l0+o3QVZsS5NCG4pX6GXuH8GspmHSedy4yfgVBN0NlOoVPpwxGslZZ5BLkOyhfcoiayPMbYyEpyiujcmnIUlNLI04otz7Ucqhopy+DC/+UpLTMqgnlevWDJW5YgYNAInPFNP7cIJ//sjimisP/su0n4DTzq/1WDUHN+Pk2LKw9P6NnAyk+RhSAH2v5Z/sq0FjUVxe57oNnCGec8KzVsxvI3PP44ax17n8MIyZlXhDa41+1u/LsE9oHSeidaWz8S8IZaRQbUkdtaViiOL+JS55ZOut11cmEOBTsXgmwEH9d1gLS5NKukwTDruBjznqJDXuFlcoRvHIYOTbBXVBDzI710kX7hucks/XZuUhXuOsO0hqQjqAJFX/LKbeR/XN+7AvuGIy25bslZu3/HUdL9UYhenm/AJL5YtUKRsLIeznRyHJcJ8905qgMIELRVWYxTDlekbsL5rNzrRSJ4+gV9Y5TFe1uxRaqqGiuyJ1T7/R2++z+p+sYoBJOY+vehUul7CtaYeVe7FUGuJzWHylkmkOMSJQb0XvjQWjFgSOstIf4MoFcRSfgztL4C2utDNayvR2XjLjRcaZnIzzAkBweY/g0Y0Jnnjk+dmnKWeoDHUXOT/GHGi/KfL4lwnQFRtS8x6M52sX417Of9K14ljILaHESJibjPN2jWboQdvTw0PFhbr72jr6+rhayuiP3n+5rENtDxwPlfYdSsCdgVyg7HC/2F6ZL5QHXctJFjIswMdJds+3pHnb7l5d4TiRdBQNQGVv7pYYfZdyqMGk5sdKXBzn/uS1a0SRqzJAhgH6nA67HfuBKq2xwu86hlOnc6hsFuehXAweaZ/UvTBiCE+4oYokAyHcpHsjOYqTmK6rSTTfGQ3Yc8zgD5vGb04tGRMVFA0+uQSrcBeIidxFZA1pbrMuDGDQDqtevIyna+rN958IWjCMvs8O+wro4SFYKAHYOkaBW0syQl1m/GKePcDJR6rkLx8eLrr6jaj4rHAS5fVJVYOpPIkrnfI5kTvnuRqJTH9NIaan3q4+6mAQ1prBqrtO2RUWcdmfkuVuUapDcqhgqGQqzsaKNWjsiCr21CPnYuj8pYItyJziF2VGS5oci2feCxWwbqqW8WUXZha7PnhQaIIiv7vyIo/JVWKK12v8UfeFRiRL73JOfFdtRCWldQxF2yRTt5gFxObCPQj5oSj1+Buc/IzQwqkKxeKpjUdtYt1RjsU3rJR1JDjEhrbbN/LZg986wkxrsLVqQmsXxSniai2X4vN+9KZu4kcg8Crk4g29+L0Snj0P7PQ61SXT3HMZxp5T2jLvekwLyn9yIKl75IiQSdgp+DIv -set system login user admin authentication public-keys jafner425@gmail.com type ssh-rsa -set system login user admin authentication public-keys joey@joey-server key AAAAB3NzaC1yc2EAAAADAQABAAACAQDOCCXndD7BbVmUHsYEkVLobZVBbZ8mgHjpKreUSsyZLah9Et2VxzATOh1bnXwapHu137h/cMeBDBPD3AfoCT3njd/mvVZB3INkyS8mPoFuwYViHmlW2L+6Bv5kGiMpjK/G5lPkKLsA79bTMu2kuAM6usslap3hEdwNW0vK3a+feM1RSwxirQmDXq4WRmsY9r4Md9wIfxLaezy0l0oK8k7xqMeiLrqMsrpsDOVV5Cb7iyufDqEx4QbicosrMD+C4Mql8ptdOYVj86jOND9lcpoqujOQWD2k8Cvl/zdoWY3ZG7duZjD9NYFgvM7F62LM5p7t5iNicxcegCqdZmFR5+ueZtoIn6BpCT4cvAWHSipRuvNmAWaQBnfr/NKh4H2QF0wJluDkG+wTrJPjH9FmK4sUHdOx+rqZ4iWhhZ7a2c4wNgm9i+UHoh//MPSvWOC5lQ97FvTUVBmE8BiWh8tZ82SxjSUtWaYPGZEmJvEIVXus70aY8Rwelxn9gXTwLlzRZl+0G7XOQia1EIj8VnUtPtWMxHeI09klOP1BRUVSRXBGOvz1UjbHIAEYvnxkTiW5LG1xxJopUQ3QiyDDERBbelLtM3iBIRFbVlFcqyIG3OsZaR90LwngBFIMtPZrv3vWTg3YdtMDw7uW1SVHHBDfxEc9cSBYQinVGupUmyztTLkM4Q== -set system login user admin authentication public-keys joey@joey-server type ssh-rsa -set system login user admin level admin -set system name-server 127.0.0.1 -set system name-server 1.1.1.1 -set system name-server 1.0.0.1 -set system ntp server 0.ubnt.pool.ntp.org -set system ntp server 1.ubnt.pool.ntp.org -set system ntp server 2.ubnt.pool.ntp.org -set system ntp server 3.ubnt.pool.ntp.org -set system offload hwnat enable -set system package repository stretch components 'main contrib non-free' -set system package repository stretch distribution stretch -set system package repository stretch password '' -set system package repository stretch url 'http://http.us.debian.org/debian' -set system package repository stretch username '' -set system syslog global facility all level notice -set system syslog global facility protocols level debug -set system time-zone America/Los_Angeles \ No newline at end of file diff --git a/router/config/old-config.boot b/router/config/old-config.boot new file mode 100644 index 0000000..68856b5 --- /dev/null +++ b/router/config/old-config.boot @@ -0,0 +1,407 @@ +firewall { + all-ping enable + broadcast-ping disable + ipv6-receive-redirects disable + ipv6-src-route disable + ip-src-route disable + log-martians enable + name WAN_IN { + default-action drop + description "WAN to internal" + rule 10 { + action accept + description "Allow established/related" + state { + established enable + related enable + } + } + rule 20 { + action drop + description "Drop invalid state" + state { + invalid enable + } + } + } + name WAN_LOCAL { + default-action drop + description "WAN to router" + rule 10 { + action accept + description "Allow established/related" + state { + established enable + related enable + } + } + rule 30 { + action drop + description "Drop invalid state" + state { + invalid enable + } + } + } + options { + mss-clamp { + mss 1412 + } + } + receive-redirects disable + send-redirects enable + source-validation disable + syn-cookies enable +} +interfaces { + ethernet eth0 { + description "Internet (PPPoE)" + duplex auto + pppoe 0 { + default-route auto + firewall { + in { + name WAN_IN + } + local { + name WAN_LOCAL + } + } + mtu 1492 + name-server auto + password **************** + user-id hafnerjoseph + } + speed auto + } + ethernet eth1 { + address 192.168.2.1/24 + description Local + duplex auto + speed auto + } + ethernet eth2 { + description "Local 2" + duplex auto + speed auto + } + ethernet eth3 { + description "Local 2" + duplex auto + speed auto + } + ethernet eth4 { + description "Local 2" + duplex auto + speed auto + } + ethernet eth5 { + description "Local 2" + duplex auto + speed auto + } + ethernet eth6 { + description "Local 2" + duplex auto + speed auto + } + ethernet eth7 { + description "Local 2" + duplex auto + speed auto + } + ethernet eth8 { + description "Local 2" + duplex auto + speed auto + } + ethernet eth9 { + description "Local 2" + duplex auto + poe { + output 24v + } + speed auto + } + loopback lo { + } + switch switch0 { + address 192.168.1.1/24 + description "Local 2" + mtu 1500 + switch-port { + interface eth2 { + } + interface eth3 { + } + interface eth4 { + } + interface eth5 { + } + interface eth6 { + } + interface eth7 { + } + interface eth8 { + } + interface eth9 { + } + vlan-aware disable + } + } +} +port-forward { + auto-firewall enable + hairpin-nat enable + lan-interface switch0 + rule 1 { + description Plex + forward-to { + address 192.168.1.23 + } + original-port 32400 + protocol tcp_udp + } + rule 2 { + description BitTorrent + forward-to { + address 192.168.1.21 + } + original-port 51000-51999 + protocol tcp_udp + } + rule 3 { + description WireGuard + forward-to { + address 192.168.1.23 + } + original-port 53820-53829 + protocol tcp_udp + } + rule 4 { + description Minecraft + forward-to { + address 192.168.1.23 + port 25565 + } + original-port 25565 + protocol tcp_udp + } + rule 5 { + description Iperf + forward-to { + address 192.168.1.23 + } + original-port 50201 + protocol tcp_udp + } + rule 6 { + description https,http + forward-to { + address 192.168.1.23 + } + original-port 443,80 + protocol tcp_udp + } + rule 7 { + description "Peertube Live" + forward-to { + address 192.168.1.23 + port 22 + } + original-port 1935 + protocol tcp_udp + } + rule 8 { + description "Git SSH" + forward-to { + address 192.168.1.23 + } + original-port 2228-2229 + protocol tcp_udp + } + rule 9 { + description SFTP + forward-to { + address 192.168.1.23 + } + original-port 23450 + protocol tcp_udp + } + rule 10 { + description Terraria + forward-to { + address 192.168.1.100 + port 7777 + } + original-port 50777 + protocol tcp_udp + } + rule 11 { + description BitTorrent + forward-to { + address 192.168.1.23 + } + original-port 50000 + protocol tcp_udp + } + wan-interface pppoe0 +} +service { + dhcp-server { + disabled false + hostfile-update disable + shared-network-name LAN1 { + authoritative enable + subnet 192.168.1.0/24 { + default-router 192.168.1.1 + dns-server 1.1.1.1 + dns-server 1.0.0.1 + domain-name local + lease 86400 + start 192.168.1.100 { + stop 192.168.1.254 + } + static-mapping U6-Lite { + ip-address 192.168.1.3 + mac-address 78:45:58:67:87:14 + } + static-mapping UAP-AC-LR { + ip-address 192.168.1.2 + mac-address 18:e8:29:50:f7:5b + } + static-mapping joey-nas { + ip-address 192.168.1.10 + mac-address 40:8d:5c:52:41:89 + } + static-mapping joey-seedbox { + ip-address 192.168.1.21 + mac-address 24:4b:fe:57:bc:85 + } + static-mapping joey-server { + ip-address 192.168.1.23 + mac-address 24:4b:fe:8b:f3:b0 + } + static-mapping joeyPrinter { + ip-address 192.168.1.60 + mac-address 9c:32:ce:7c:f8:25 + } + static-mapping pihole { + ip-address 192.168.1.22 + mac-address b8:27:eb:3c:8e:bb + } + static-mapping tasmota-1 { + ip-address 192.168.1.50 + mac-address 3C:61:05:F6:44:1E + } + static-mapping tasmota-2 { + ip-address 192.168.1.51 + mac-address 3c:61:05:f6:d7:d3 + } + static-mapping tasmota-3 { + ip-address 192.168.1.52 + mac-address 3c:61:05:f6:f0:62 + } + } + } + shared-network-name LAN2 { + authoritative enable + subnet 192.168.2.0/24 { + default-router 192.168.2.1 + dns-server 192.168.2.1 + lease 86400 + start 192.168.2.38 { + stop 192.168.2.243 + } + } + } + static-arp disable + use-dnsmasq enable + } + dns { + forwarding { + cache-size 150 + listen-on switch0 + name-server 192.168.1.1 + name-server 1.1.1.1 + name-server 1.0.0.1 + options strict-order + system + } + } + gui { + http-port 8080 + https-port 4433 + older-ciphers enable + } + nat { + rule 5010 { + description "masquerade for WAN" + outbound-interface pppoe0 + type masquerade + } + } + ssh { + port 22 + protocol-version v2 + } + unms { + disable + } +} +system { + domain-name local + host-name ubnt + login { + user admin { + authentication { + encrypted-password **************** + public-keys jafner425@gmail.com { + key **************** + type ssh-rsa + } + public-keys joey@joey-server { + key **************** + type ssh-rsa + } + } + level admin + } + } + name-server 127.0.0.1 + name-server 1.1.1.1 + name-server 1.0.0.1 + ntp { + server 0.ubnt.pool.ntp.org { + } + server 1.ubnt.pool.ntp.org { + } + server 2.ubnt.pool.ntp.org { + } + server 3.ubnt.pool.ntp.org { + } + } + offload { + hwnat enable + } + package { + repository stretch { + components "main contrib non-free" + distribution stretch + password **************** + url http://http.us.debian.org/debian + username "" + } + } + syslog { + global { + facility all { + level notice + } + facility protocols { + level debug + } + } + } + time-zone America/Los_Angeles +} \ No newline at end of file