summaryrefslogtreecommitdiff
path: root/smoketest/configs
diff options
context:
space:
mode:
authorgoodNETnick <33053932+goodNETnick@users.noreply.github.com>2022-03-31 13:48:47 +1000
committerGitHub <noreply@github.com>2022-03-31 13:48:47 +1000
commitaa5b35b68c1170bfd0b9661bafa72bb10fe6ca95 (patch)
tree46f3ffc41c29666c3251f25f2f93cb1f1b9a6c60 /smoketest/configs
parentb776003cf55e1035ac83186e44f72764e52e9e0d (diff)
parentbafb1973d906707cb571385e994a949d0d90b645 (diff)
downloadvyos-1x-aa5b35b68c1170bfd0b9661bafa72bb10fe6ca95.tar.gz
vyos-1x-aa5b35b68c1170bfd0b9661bafa72bb10fe6ca95.zip
Merge branch 'vyos:current' into ocserv_local_otp
Diffstat (limited to 'smoketest/configs')
-rw-r--r--smoketest/configs/basic-vyos88
-rw-r--r--smoketest/configs/dialup-router-complex16
2 files changed, 104 insertions, 0 deletions
diff --git a/smoketest/configs/basic-vyos b/smoketest/configs/basic-vyos
new file mode 100644
index 000000000..493feed5b
--- /dev/null
+++ b/smoketest/configs/basic-vyos
@@ -0,0 +1,88 @@
+interfaces {
+ ethernet eth0 {
+ address 192.168.0.1/24
+ duplex auto
+ smp-affinity auto
+ speed auto
+ }
+ ethernet eth1 {
+ address 100.64.0.0/31
+ duplex auto
+ smp-affinity auto
+ speed auto
+ }
+ loopback lo {
+ }
+}
+protocols {
+ static {
+ route 0.0.0.0/0 {
+ next-hop 100.64.0.1 {
+ }
+ }
+ }
+}
+service {
+ dhcp-server {
+ shared-network-name LAN {
+ authoritative
+ subnet 192.168.0.0/24 {
+ default-router 192.168.0.1
+ dns-server 192.168.0.1
+ domain-name vyos.net
+ domain-search vyos.net
+ range LANDynamic {
+ start 192.168.0.20
+ stop 192.168.0.240
+ }
+ }
+ }
+ }
+ dns {
+ forwarding {
+ allow-from 192.168.0.0/16
+ cache-size 10000
+ dnssec off
+ listen-address 192.168.0.1
+ }
+ }
+ ssh {
+ ciphers aes128-ctr,aes192-ctr,aes256-ctr
+ ciphers chacha20-poly1305@openssh.com,rijndael-cbc@lysator.liu.se
+ listen-address 192.168.0.1
+ key-exchange curve25519-sha256@libssh.org
+ key-exchange diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256
+ port 22
+ }
+}
+system {
+ config-management {
+ commit-revisions 100
+ }
+ console {
+ device ttyS0 {
+ speed 115200
+ }
+ }
+ host-name vyos
+ login {
+ user vyos {
+ authentication {
+ encrypted-password $6$O5gJRlDYQpj$MtrCV9lxMnZPMbcxlU7.FI793MImNHznxGoMFgm3Q6QP3vfKJyOSRCt3Ka/GzFQyW1yZS4NS616NLHaIPPFHc0
+ plaintext-password ""
+ }
+ }
+ }
+ name-server 192.168.0.1
+ syslog {
+ global {
+ facility all {
+ level info
+ }
+ }
+ }
+ time-zone Europe/Berlin
+}
+/* Warning: Do not remove the following line. */
+/* === vyatta-config-version: "broadcast-relay@1:cluster@1:config-management@1:conntrack-sync@1:conntrack@1:dhcp-relay@2:dhcp-server@5:dns-forwarding@1:firewall@5:ipsec@5:l2tp@1:mdns@1:nat@4:ntp@1:pptp@1:qos@1:quagga@6:snmp@1:ssh@1:system@9:vrrp@2:wanloadbalance@3:webgui@1:webproxy@1:webproxy@2:zone-policy@1" === */
+/* Release version: 1.2.6 */
diff --git a/smoketest/configs/dialup-router-complex b/smoketest/configs/dialup-router-complex
index fef79ea56..1b62deb5c 100644
--- a/smoketest/configs/dialup-router-complex
+++ b/smoketest/configs/dialup-router-complex
@@ -267,6 +267,22 @@ firewall {
}
protocol udp
}
+ rule 800 {
+ action drop
+ description "SSH anti brute force"
+ destination {
+ port ssh
+ }
+ log enable
+ protocol tcp
+ recent {
+ count 4
+ time 60
+ }
+ state {
+ new enable
+ }
+ }
}
name DMZ-WAN {
default-action accept