2024-06-03
This commit is contained in:
132
_-Review/vyos.md
Normal file
132
_-Review/vyos.md
Normal file
@ -0,0 +1,132 @@
|
||||
---
|
||||
type: "note"
|
||||
created: "2024-02-26T18:56:35.288Z"
|
||||
updated: "2024-02-26T20:44:29.922Z"
|
||||
---
|
||||
# vyos
|
||||
|
||||
```bash
|
||||
# https://docs.vyos.io/en/latest/quick-start.html
|
||||
show interfaces
|
||||
configure
|
||||
set interfaces ethernet eth0 address dhcp
|
||||
show
|
||||
set interfaces ethernet eth0 description 'OUTSIDE'
|
||||
set interfaces ethernet eth1 address '192.168.0.1/24'
|
||||
set interfaces ethernet eth1 address '10.0.1.1/24'
|
||||
set interfaces ethernet eth1 description 'INSIDE'
|
||||
show interfaces
|
||||
commit
|
||||
save
|
||||
```
|
||||
|
||||
```bash
|
||||
configure
|
||||
set service ssh port '22'
|
||||
commit
|
||||
save
|
||||
```
|
||||
|
||||
```bash
|
||||
configure
|
||||
set system name-server 1.1.1.1
|
||||
set system name-server 8.8.8.8
|
||||
set system name-server 192.168.1.1
|
||||
commit
|
||||
save
|
||||
```
|
||||
|
||||
```bash
|
||||
# https://www.youtube.com/watch?v=2yJ1jaDiV8A
|
||||
configure
|
||||
edit protocols static route 0.0.0.0/0 next-hop 192.168.1.1
|
||||
commit
|
||||
save
|
||||
```
|
||||
|
||||
```bash
|
||||
sudo tar -C /usr/local -xzf go1.19.2.linux-amd64.tar.gz
|
||||
export PATH=$PATH:/usr/local/go/bin
|
||||
go version
|
||||
```
|
||||
|
||||
```bash
|
||||
sudo mkdir -p /etc/apt/keyrings
|
||||
sudo curl -L -o /etc/apt/keyrings/syncthing-archive-keyring.gpg https://syncthing.net/release-key.gpg
|
||||
echo "deb [signed-by=/etc/apt/keyrings/syncthing-archive-keyring.gpg] https://apt.syncthing.net/ syncthing stable" | sudo tee /etc/apt/sources.list.d/syncthing.list
|
||||
sudo apt-get update
|
||||
sudo apt-get install syncthing
|
||||
```
|
||||
|
||||
```bash
|
||||
wget -qO- https://dl.packager.io/srv/gogs/gogs/key | sudo apt-key add -
|
||||
sudo wget -O /etc/apt/sources.list.d/gogs.list \
|
||||
https://dl.packager.io/srv/gogs/gogs/main/installer/debian/12.repo
|
||||
sudo apt-get update
|
||||
sudo apt-get install gogs
|
||||
```
|
||||
|
||||
```bash
|
||||
set service dhcp-server shared-network-name LAN subnet 192.168.0.0/24 option default-router '192.168.0.1'
|
||||
set service dhcp-server shared-network-name LAN subnet 192.168.0.0/24 option name-server '192.168.0.1'
|
||||
set service dhcp-server shared-network-name LAN subnet 192.168.0.0/24 option domain-name 'vyos.net'
|
||||
set service dhcp-server shared-network-name LAN subnet 192.168.0.0/24 lease '86400'
|
||||
set service dhcp-server shared-network-name LAN subnet 192.168.0.0/24 range 0 start '192.168.0.9'
|
||||
set service dhcp-server shared-network-name LAN subnet 192.168.0.0/24 range 0 stop '192.168.0.254'
|
||||
set service dhcp-server shared-network-name LAN subnet 192.168.0.0/24 subnet-id '1'
|
||||
|
||||
set service dns forwarding cache-size '0'
|
||||
set service dns forwarding listen-address '192.168.0.1'
|
||||
set service dns forwarding allow-from '192.168.0.0/24'
|
||||
```
|
||||
|
||||
```bash
|
||||
set nat source rule 100 outbound-interface name 'eth0'
|
||||
set nat source rule 100 source address '192.168.0.0/24'
|
||||
set nat source rule 100 source address '10.0.1.0/24'
|
||||
set nat source rule 100 translation address masquerade
|
||||
show nat
|
||||
```
|
||||
|
||||
```bash
|
||||
set firewall group interface-group WAN interface eth0
|
||||
set firewall group interface-group LAN interface eth1
|
||||
set firewall group network-group NET-INSIDE-v4 network '192.168.0.0/24'
|
||||
```
|
||||
|
||||
```bash
|
||||
set firewall global-options state-policy established action accept
|
||||
set firewall global-options state-policy related action accept
|
||||
set firewall global-options state-policy invalid action drop
|
||||
```
|
||||
|
||||
```bash
|
||||
set firewall ipv4 name CONN_FILTER default-action 'return'
|
||||
|
||||
set firewall ipv4 name CONN_FILTER rule 10 action 'accept'
|
||||
set firewall ipv4 name CONN_FILTER rule 10 state established
|
||||
set firewall ipv4 name CONN_FILTER rule 10 state related
|
||||
|
||||
set firewall ipv4 name CONN_FILTER rule 20 action 'drop'
|
||||
set firewall ipv4 name CONN_FILTER rule 20 state invalid
|
||||
```
|
||||
|
||||
```bash
|
||||
set service ssh port '22'
|
||||
```
|
||||
|
||||
```bash
|
||||
https://www.youtube.com/watch?v=DtZetdg0rxg
|
||||
set interfaces ethernet eth0 address '10.101.101.123/24'
|
||||
set interfaces wireless wlan0 address 'ddhcp'
|
||||
set interfaces wireless wlan0 channel '6'
|
||||
set interfaces wireless wlan0 physical-device 'phy0'
|
||||
set interfaces wireless wlan0 security wpa mode 'dwpa2'
|
||||
set interfaces wireless wlan0 security wpa passphrase 'abc123'
|
||||
set interfaces wireless wlan0 ssid 'abc123'
|
||||
set interfaces wireless wlan0 type 'station'
|
||||
set nat source rule 1 outbound-interface 'wlan0'
|
||||
set nat source rule 1 source address '0.0.0.0/0'
|
||||
set nat source rule 1 translation address 'masquerade'
|
||||
vyosilvyos:-$
|
||||
```
|
||||
Reference in New Issue
Block a user