summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGregor Kleen <gkleen@yggdrasil.li>2022-01-08 22:43:04 +0100
committerGregor Kleen <gkleen@yggdrasil.li>2022-01-08 22:43:04 +0100
commitda8bfbd7a61c805259b3711e9f0981884aca8569 (patch)
tree2733df83aeca09f2f2f2f0f65f97fcb0b6f23ab0
parent170c5f2b6dbe23aa33eb344dd299863f30ae126f (diff)
downloadap01-da8bfbd7a61c805259b3711e9f0981884aca8569.tar
ap01-da8bfbd7a61c805259b3711e9f0981884aca8569.tar.gz
ap01-da8bfbd7a61c805259b3711e9f0981884aca8569.tar.bz2
ap01-da8bfbd7a61c805259b3711e9f0981884aca8569.tar.xz
ap01-da8bfbd7a61c805259b3711e9f0981884aca8569.zip
...
-rw-r--r--files/.config28
-rw-r--r--files/files/etc/config/firewall16
2 files changed, 30 insertions, 14 deletions
diff --git a/files/.config b/files/.config
index a5789dc..80044c5 100644
--- a/files/.config
+++ b/files/.config
@@ -3967,19 +3967,20 @@ CONFIG_GOLANG_BUILD_CACHE_DIR=""
3967# CONFIG_PACKAGE_dkjson is not set 3967# CONFIG_PACKAGE_dkjson is not set
3968# CONFIG_PACKAGE_json4lua is not set 3968# CONFIG_PACKAGE_json4lua is not set
3969# CONFIG_PACKAGE_ldbus is not set 3969# CONFIG_PACKAGE_ldbus is not set
3970# CONFIG_PACKAGE_libiwinfo-lua is not set 3970CONFIG_PACKAGE_libiwinfo-lua=y
3971# CONFIG_PACKAGE_linotify is not set 3971# CONFIG_PACKAGE_linotify is not set
3972# CONFIG_PACKAGE_lpeg is not set 3972# CONFIG_PACKAGE_lpeg is not set
3973# CONFIG_PACKAGE_lsqlite3 is not set 3973# CONFIG_PACKAGE_lsqlite3 is not set
3974# CONFIG_PACKAGE_lua is not set 3974CONFIG_PACKAGE_lua=y
3975# CONFIG_PACKAGE_lua-argparse is not set 3975# CONFIG_PACKAGE_lua-argparse is not set
3976# CONFIG_PACKAGE_lua-bencode is not set 3976# CONFIG_PACKAGE_lua-bencode is not set
3977# CONFIG_PACKAGE_lua-bit32 is not set 3977CONFIG_PACKAGE_lua-bit32=y
3978# CONFIG_PACKAGE_lua-cjson is not set 3978# CONFIG_PACKAGE_lua-cjson is not set
3979# CONFIG_PACKAGE_lua-copas is not set 3979# CONFIG_PACKAGE_lua-copas is not set
3980# CONFIG_PACKAGE_lua-coxpcall is not set 3980# CONFIG_PACKAGE_lua-coxpcall is not set
3981# CONFIG_PACKAGE_lua-curl-v3 is not set 3981# CONFIG_PACKAGE_lua-curl-v3 is not set
3982# CONFIG_PACKAGE_lua-ev is not set 3982# CONFIG_PACKAGE_lua-ev is not set
3983# CONFIG_PACKAGE_lua-examples is not set
3983# CONFIG_PACKAGE_lua-libmodbus is not set 3984# CONFIG_PACKAGE_lua-libmodbus is not set
3984# CONFIG_PACKAGE_lua-lzlib is not set 3985# CONFIG_PACKAGE_lua-lzlib is not set
3985# CONFIG_PACKAGE_lua-md5 is not set 3986# CONFIG_PACKAGE_lua-md5 is not set
@@ -4006,7 +4007,7 @@ CONFIG_GOLANG_BUILD_CACHE_DIR=""
4006# CONFIG_PACKAGE_luarocks is not set 4007# CONFIG_PACKAGE_luarocks is not set
4007# CONFIG_PACKAGE_luasec is not set 4008# CONFIG_PACKAGE_luasec is not set
4008# CONFIG_PACKAGE_luasoap is not set 4009# CONFIG_PACKAGE_luasoap is not set
4009# CONFIG_PACKAGE_luasocket is not set 4010CONFIG_PACKAGE_luasocket=y
4010# CONFIG_PACKAGE_luasocket5.3 is not set 4011# CONFIG_PACKAGE_luasocket5.3 is not set
4011# CONFIG_PACKAGE_luasql-mysql is not set 4012# CONFIG_PACKAGE_luasql-mysql is not set
4012# CONFIG_PACKAGE_luasql-pgsql is not set 4013# CONFIG_PACKAGE_luasql-pgsql is not set
@@ -5092,7 +5093,7 @@ CONFIG_PACKAGE_libjson-c=y
5092# CONFIG_PACKAGE_libleptonica is not set 5093# CONFIG_PACKAGE_libleptonica is not set
5093# CONFIG_PACKAGE_libloragw is not set 5094# CONFIG_PACKAGE_libloragw is not set
5094# CONFIG_PACKAGE_libltdl is not set 5095# CONFIG_PACKAGE_libltdl is not set
5095# CONFIG_PACKAGE_liblua is not set 5096CONFIG_PACKAGE_liblua=y
5096# CONFIG_PACKAGE_liblua5.3 is not set 5097# CONFIG_PACKAGE_liblua5.3 is not set
5097# CONFIG_PACKAGE_liblucihttp is not set 5098# CONFIG_PACKAGE_liblucihttp is not set
5098# CONFIG_PACKAGE_liblucihttp-lua is not set 5099# CONFIG_PACKAGE_liblucihttp-lua is not set
@@ -5263,7 +5264,7 @@ CONFIG_PACKAGE_libss=y
5263CONFIG_PACKAGE_libubox=y 5264CONFIG_PACKAGE_libubox=y
5264# CONFIG_PACKAGE_libubox-lua is not set 5265# CONFIG_PACKAGE_libubox-lua is not set
5265CONFIG_PACKAGE_libubus=y 5266CONFIG_PACKAGE_libubus=y
5266# CONFIG_PACKAGE_libubus-lua is not set 5267CONFIG_PACKAGE_libubus-lua=y
5267CONFIG_PACKAGE_libuci=y 5268CONFIG_PACKAGE_libuci=y
5268# CONFIG_PACKAGE_libuci-lua is not set 5269# CONFIG_PACKAGE_libuci-lua is not set
5269# CONFIG_PACKAGE_libuci2 is not set 5270# CONFIG_PACKAGE_libuci2 is not set
@@ -6357,7 +6358,7 @@ CONFIG_PACKAGE_wireguard-tools=y
6357CONFIG_PACKAGE_hostapd-common=y 6358CONFIG_PACKAGE_hostapd-common=y
6358# CONFIG_PACKAGE_hostapd-mini is not set 6359# CONFIG_PACKAGE_hostapd-mini is not set
6359# CONFIG_PACKAGE_hostapd-openssl is not set 6360# CONFIG_PACKAGE_hostapd-openssl is not set
6360# CONFIG_PACKAGE_hostapd-utils is not set 6361CONFIG_PACKAGE_hostapd-utils=y
6361# CONFIG_PACKAGE_hostapd-wolfssl is not set 6362# CONFIG_PACKAGE_hostapd-wolfssl is not set
6362# CONFIG_PACKAGE_hs20-client is not set 6363# CONFIG_PACKAGE_hs20-client is not set
6363# CONFIG_PACKAGE_hs20-common is not set 6364# CONFIG_PACKAGE_hs20-common is not set
@@ -7203,7 +7204,18 @@ CONFIG_PACKAGE_libjson-script=y
7203# CONFIG_PACKAGE_procps-ng is not set 7204# CONFIG_PACKAGE_procps-ng is not set
7204# CONFIG_PACKAGE_progress is not set 7205# CONFIG_PACKAGE_progress is not set
7205# CONFIG_PACKAGE_prometheus is not set 7206# CONFIG_PACKAGE_prometheus is not set
7206# CONFIG_PACKAGE_prometheus-node-exporter-lua is not set 7207CONFIG_PACKAGE_prometheus-node-exporter-lua=y
7208# CONFIG_PACKAGE_prometheus-node-exporter-lua-dawn is not set
7209CONFIG_PACKAGE_prometheus-node-exporter-lua-hostapd_stations=y
7210# CONFIG_PACKAGE_prometheus-node-exporter-lua-hostapd_ubus_stations is not set
7211CONFIG_PACKAGE_prometheus-node-exporter-lua-nat_traffic=y
7212CONFIG_PACKAGE_prometheus-node-exporter-lua-netstat=y
7213CONFIG_PACKAGE_prometheus-node-exporter-lua-openwrt=y
7214# CONFIG_PACKAGE_prometheus-node-exporter-lua-snmp6 is not set
7215# CONFIG_PACKAGE_prometheus-node-exporter-lua-textfile is not set
7216# CONFIG_PACKAGE_prometheus-node-exporter-lua-uci_dhcp_host is not set
7217CONFIG_PACKAGE_prometheus-node-exporter-lua-wifi=y
7218CONFIG_PACKAGE_prometheus-node-exporter-lua-wifi_stations=y
7207# CONFIG_PACKAGE_prometheus-statsd-exporter is not set 7219# CONFIG_PACKAGE_prometheus-statsd-exporter is not set
7208# CONFIG_PACKAGE_pservice is not set 7220# CONFIG_PACKAGE_pservice is not set
7209# CONFIG_PACKAGE_psmisc is not set 7221# CONFIG_PACKAGE_psmisc is not set
diff --git a/files/files/etc/config/firewall b/files/files/etc/config/firewall
index 5997399..f2675d4 100644
--- a/files/files/etc/config/firewall
+++ b/files/files/etc/config/firewall
@@ -1,6 +1,6 @@
1config defaults 1config defaults
2 option syn_flood '1' 2 option synflood_protect '1'
3 option input 'ACCEPT' 3 option input 'REJECT'
4 option output 'ACCEPT' 4 option output 'ACCEPT'
5 option forward 'REJECT' 5 option forward 'REJECT'
6 6
@@ -14,9 +14,6 @@ config zone 'lan'
14config zone 'mgmt' 14config zone 'mgmt'
15 option name 'mgmt' 15 option name 'mgmt'
16 list network 'mgmt' 16 list network 'mgmt'
17 option input 'ACCEPT'
18 option output 'ACCEPT'
19 option forward 'REJECT'
20 17
21config rule 18config rule
22 option name 'Allow-Ping' 19 option name 'Allow-Ping'
@@ -63,7 +60,14 @@ config rule
63 60
64config rule 61config rule
65 option name 'Allow-SSH' 62 option name 'Allow-SSH'
66 option src '*' 63 option src 'mgmt'
67 option dest_port '22' 64 option dest_port '22'
68 option proto 'tcp' 65 option proto 'tcp'
69 option target 'ACCEPT' 66 option target 'ACCEPT'
67
68config rule
69 option name 'Allow-Prometheus'
70 option src 'mgmt'
71 option dest_port '9100'
72 option proto 'tcp'
73 option target 'ACCEPT'