.infineon/_-Review/vyos.md

---
type: "note"
created: "2024-02-26T18:56:35.288Z"
updated: "2024-02-26T20:44:29.922Z"
---
# vyos

```bash
# https://docs.vyos.io/en/latest/quick-start.html
show interfaces
configure
set interfaces ethernet eth0 address dhcp
show
set interfaces ethernet eth0 description 'OUTSIDE'
set interfaces ethernet eth1 address '192.168.0.1/24'
set interfaces ethernet eth1 address '10.0.1.1/24'
set interfaces ethernet eth1 description 'INSIDE'
show interfaces
commit
save
```

```bash
configure
set service ssh port '22'
commit
save
```

```bash
configure
set system name-server 1.1.1.1
set system name-server 8.8.8.8
set system name-server 192.168.1.1
commit
save
```

```bash
# https://www.youtube.com/watch?v=2yJ1jaDiV8A
configure
edit protocols static route 0.0.0.0/0 next-hop 192.168.1.1
commit
save
```

```bash
sudo tar -C /usr/local -xzf go1.19.2.linux-amd64.tar.gz
export PATH=$PATH:/usr/local/go/bin
go version
```

```bash
sudo mkdir -p /etc/apt/keyrings
sudo curl -L -o /etc/apt/keyrings/syncthing-archive-keyring.gpg https://syncthing.net/release-key.gpg
echo "deb [signed-by=/etc/apt/keyrings/syncthing-archive-keyring.gpg] https://apt.syncthing.net/ syncthing stable" | sudo tee /etc/apt/sources.list.d/syncthing.list
sudo apt-get update
sudo apt-get install syncthing
```

```bash
wget -qO- https://dl.packager.io/srv/gogs/gogs/key | sudo apt-key add -
sudo wget -O /etc/apt/sources.list.d/gogs.list \
  https://dl.packager.io/srv/gogs/gogs/main/installer/debian/12.repo
sudo apt-get update
sudo apt-get install gogs
```

```bash
set service dhcp-server shared-network-name LAN subnet 192.168.0.0/24 option default-router '192.168.0.1'
set service dhcp-server shared-network-name LAN subnet 192.168.0.0/24 option name-server '192.168.0.1'
set service dhcp-server shared-network-name LAN subnet 192.168.0.0/24 option domain-name 'vyos.net'
set service dhcp-server shared-network-name LAN subnet 192.168.0.0/24 lease '86400'
set service dhcp-server shared-network-name LAN subnet 192.168.0.0/24 range 0 start '192.168.0.9'
set service dhcp-server shared-network-name LAN subnet 192.168.0.0/24 range 0 stop '192.168.0.254'
set service dhcp-server shared-network-name LAN subnet 192.168.0.0/24 subnet-id '1'

set service dns forwarding cache-size '0'
set service dns forwarding listen-address '192.168.0.1'
set service dns forwarding allow-from '192.168.0.0/24'
```

```bash
set nat source rule 100 outbound-interface name 'eth0'
set nat source rule 100 source address '192.168.0.0/24'
set nat source rule 100 source address '10.0.1.0/24'
set nat source rule 100 translation address masquerade
show nat
```

```bash
set firewall group interface-group WAN interface eth0
set firewall group interface-group LAN interface eth1
set firewall group network-group NET-INSIDE-v4 network '192.168.0.0/24'
```

```bash
set firewall global-options state-policy established action accept
set firewall global-options state-policy related action accept
set firewall global-options state-policy invalid action drop
```

```bash
set firewall ipv4 name CONN_FILTER default-action 'return'

set firewall ipv4 name CONN_FILTER rule 10 action 'accept'
set firewall ipv4 name CONN_FILTER rule 10 state established
set firewall ipv4 name CONN_FILTER rule 10 state related

set firewall ipv4 name CONN_FILTER rule 20 action 'drop'
set firewall ipv4 name CONN_FILTER rule 20 state invalid
```

```bash
set service ssh port '22'
```

```bash
https://www.youtube.com/watch?v=DtZetdg0rxg
set interfaces ethernet eth0 address '10.101.101.123/24'
set interfaces wireless wlan0 address 'ddhcp'
set interfaces wireless wlan0 channel '6'
set interfaces wireless wlan0 physical-device 'phy0'
set interfaces wireless wlan0 security wpa mode 'dwpa2'
set interfaces wireless wlan0 security wpa passphrase 'abc123'
set interfaces wireless wlan0 ssid 'abc123'
set interfaces wireless wlan0 type 'station' 
set nat source rule 1 outbound-interface 'wlan0'
set nat source rule 1 source address '0.0.0.0/0'
set nat source rule 1 translation address 'masquerade' 
vyosilvyos:-$ 
```