CONFIGURATION FILES
CHAPTER 5
53
ECOTEL 3G 16.1. Revised: 1 March 2011.
5.1.12.3 INTEGRATED DSL-ROUTER SCENARIO FOR VOIP TRAFFIC WITH
AN ACTIVE DHCP SERVER AND FIREWALL
In the following example, the system is connected to the local IP network through emac0. The DSL modem is con-
nected to the emac1 interface, which enables the system to connect directly to the carrier network without an ad-
ditional router when the connection is used only for VoIP data. A DHCP server is used for dynamic IP-address
allocation:
[System]
[emac0]
IpAddress=192.168.0.2/24
[emac1]
IpAddress=up
[pppoe0]
PppoeIf=emac1
User=usertelekom
Pwd=pwd
AuthProto=chap
Route=default
[nat]
map=pppoe0 192.168.0.0/24 -> 0/32 proxy port ftp ftp/tcp
map=pppoe0 192.168.0.0/24 -> 0/32 portmap tcp/udp 40000:60000
map=pppoe0 192.168.0.0/24 -> 0/32
[firewall]
; loopback
fw=pass in quick on emac0 all
fw=pass out quick on emac0 all
; traffic to outgoing
fw=pass out quick on pppoe0 proto tcp all flags S keep state keep frags
fw=pass out quick on pppoe0 proto udp all keep state keep frags
fw=pass out quick on pppoe0 proto icmp all keep state keep frags
; incoming traffic
fw=pass in quick on pppoe0 proto tcp from 10.4.0.0/16 to any port eq 21 flags S keep state keep frags
fw=pass in quick on pppoe0 proto tcp from 10.4.0.0/16 to any port eq 23 flags S keep state keep frags
fw=pass in quick on pppoe0 proto tcp from 10.4.0.0/16 to any port eq 4445 keep state
; icmp traffic
fw=pass in quick on pppoe0 proto icmp all keep state
; other will be blocked
fw=block in log quick on pppoe0 all
fw=block out log quick on pppoe0 all
[dhcpd]
; Global dhcp parameters
allow unknown-clients;
ddns-update-style none;
; Parameter for the Subnet
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.3 192.168.1.20;
option broadcast-address 192.168.1.255;
option domain-name "company.de";
option domain-name-servers 192.168.1.100;
option routers 192.168.1.2;
option subnet-mask 255.255.255.0;
To Next Page
Loading...