From 6e49c227c18d4f3008318aaa0a38a36c4de7f6c9 Mon Sep 17 00:00:00 2001 From: seth Date: Sun, 7 May 2023 23:17:33 -0400 Subject: hosts: remove prefix from turret --- hosts/_turret/files/etc/config/dhcp | 55 ------- hosts/_turret/files/etc/config/dropbear | 5 - hosts/_turret/files/etc/config/firewall | 189 ----------------------- hosts/_turret/files/etc/config/https-dns-proxy | 18 --- hosts/_turret/files/etc/config/luci | 41 ----- hosts/_turret/files/etc/config/network | 29 ---- hosts/_turret/files/etc/config/rpcd | 10 -- hosts/_turret/files/etc/config/system | 16 -- hosts/_turret/files/etc/config/ucitrack | 56 ------- hosts/_turret/files/etc/config/uhttpd | 31 ---- hosts/_turret/files/etc/config/wireless | Bin 827 -> 0 bytes hosts/_turret/files/etc/dropbear/authorized_keys | 1 - 12 files changed, 451 deletions(-) delete mode 100644 hosts/_turret/files/etc/config/dhcp delete mode 100644 hosts/_turret/files/etc/config/dropbear delete mode 100644 hosts/_turret/files/etc/config/firewall delete mode 100644 hosts/_turret/files/etc/config/https-dns-proxy delete mode 100644 hosts/_turret/files/etc/config/luci delete mode 100644 hosts/_turret/files/etc/config/network delete mode 100644 hosts/_turret/files/etc/config/rpcd delete mode 100644 hosts/_turret/files/etc/config/system delete mode 100644 hosts/_turret/files/etc/config/ucitrack delete mode 100644 hosts/_turret/files/etc/config/uhttpd delete mode 100644 hosts/_turret/files/etc/config/wireless delete mode 100644 hosts/_turret/files/etc/dropbear/authorized_keys (limited to 'hosts/_turret/files/etc') diff --git a/hosts/_turret/files/etc/config/dhcp b/hosts/_turret/files/etc/config/dhcp deleted file mode 100644 index 4a471cf..0000000 --- a/hosts/_turret/files/etc/config/dhcp +++ /dev/null @@ -1,55 +0,0 @@ - -config dnsmasq - option domainneeded '1' - option boguspriv '1' - option filterwin2k '0' - option localise_queries '1' - option rebind_protection '1' - option rebind_localhost '1' - option local '/lan/' - option domain 'lan' - option expandhosts '1' - option nonegcache '0' - option authoritative '1' - option readethers '1' - option leasefile '/tmp/dhcp.leases' - option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto' - option nonwildcard '1' - option localservice '1' - option ednspacket_max '1232' - option doh_backup_noresolv '-1' - option noresolv '1' - list doh_backup_server '' - list doh_backup_server '/mask.icloud.com/' - list doh_backup_server '/mask-h2.icloud.com/' - list doh_backup_server '/use-application-dns.net/' - list doh_backup_server '127.0.0.1#5054' - list doh_backup_server '127.0.0.1#5053' - list server '/mask.icloud.com/' - list server '/mask-h2.icloud.com/' - list server '/use-application-dns.net/' - list server '127.0.0.1#5054' - list server '127.0.0.1#5053' - -config dhcp 'lan' - option interface 'lan' - option start '100' - option limit '150' - option leasetime '12h' - option dhcpv4 'server' - option dhcpv6 'server' - option ra 'server' - option ra_slaac '1' - list ra_flags 'managed-config' - list ra_flags 'other-config' - -config dhcp 'wan' - option interface 'wan' - option ignore '1' - -config odhcpd 'odhcpd' - option maindhcp '0' - option leasefile '/tmp/hosts/odhcpd' - option leasetrigger '/usr/sbin/odhcpd-update' - option loglevel '4' - diff --git a/hosts/_turret/files/etc/config/dropbear b/hosts/_turret/files/etc/config/dropbear deleted file mode 100644 index 2139ba0..0000000 --- a/hosts/_turret/files/etc/config/dropbear +++ /dev/null @@ -1,5 +0,0 @@ -config dropbear - option PasswordAuth 'on' - option RootPasswordAuth 'on' - option Port '22' -# option BannerFile '/etc/banner' diff --git a/hosts/_turret/files/etc/config/firewall b/hosts/_turret/files/etc/config/firewall deleted file mode 100644 index b9a4647..0000000 --- a/hosts/_turret/files/etc/config/firewall +++ /dev/null @@ -1,189 +0,0 @@ -config defaults - option syn_flood 1 - option input ACCEPT - option output ACCEPT - option forward REJECT -# Uncomment this line to disable ipv6 rules -# option disable_ipv6 1 - -config zone - option name lan - list network 'lan' - option input ACCEPT - option output ACCEPT - option forward ACCEPT - -config zone - option name wan - list network 'wan' - list network 'wan6' - option input REJECT - option output ACCEPT - option forward REJECT - option masq 1 - option mtu_fix 1 - -config forwarding - option src lan - option dest wan - -# We need to accept udp packets on port 68, -# see https://dev.openwrt.org/ticket/4108 -config rule - option name Allow-DHCP-Renew - option src wan - option proto udp - option dest_port 68 - option target ACCEPT - option family ipv4 - -# Allow IPv4 ping -config rule - option name Allow-Ping - option src wan - option proto icmp - option icmp_type echo-request - option family ipv4 - option target ACCEPT - -config rule - option name Allow-IGMP - option src wan - option proto igmp - option family ipv4 - option target ACCEPT - -# Allow DHCPv6 replies -# see https://github.com/openwrt/openwrt/issues/5066 -config rule - option name Allow-DHCPv6 - option src wan - option proto udp - option dest_port 546 - option family ipv6 - option target ACCEPT - -config rule - option name Allow-MLD - option src wan - option proto icmp - option src_ip fe80::/10 - list icmp_type '130/0' - list icmp_type '131/0' - list icmp_type '132/0' - list icmp_type '143/0' - option family ipv6 - option target ACCEPT - -# Allow essential incoming IPv6 ICMP traffic -config rule - option name Allow-ICMPv6-Input - option src wan - option proto icmp - list icmp_type echo-request - list icmp_type echo-reply - list icmp_type destination-unreachable - list icmp_type packet-too-big - list icmp_type time-exceeded - list icmp_type bad-header - list icmp_type unknown-header-type - list icmp_type router-solicitation - list icmp_type neighbour-solicitation - list icmp_type router-advertisement - list icmp_type neighbour-advertisement - option limit 1000/sec - option family ipv6 - option target ACCEPT - -# Allow essential forwarded IPv6 ICMP traffic -config rule - option name Allow-ICMPv6-Forward - option src wan - option dest * - option proto icmp - list icmp_type echo-request - list icmp_type echo-reply - list icmp_type destination-unreachable - list icmp_type packet-too-big - list icmp_type time-exceeded - list icmp_type bad-header - list icmp_type unknown-header-type - option limit 1000/sec - option family ipv6 - option target ACCEPT - -config rule - option name Allow-IPSec-ESP - option src wan - option dest lan - option proto esp - option target ACCEPT - -config rule - option name Allow-ISAKMP - option src wan - option dest lan - option dest_port 500 - option proto udp - option target ACCEPT - - -### EXAMPLE CONFIG SECTIONS -# do not allow a specific ip to access wan -#config rule -# option src lan -# option src_ip 192.168.45.2 -# option dest wan -# option proto tcp -# option target REJECT - -# block a specific mac on wan -#config rule -# option dest wan -# option src_mac 00:11:22:33:44:66 -# option target REJECT - -# block incoming ICMP traffic on a zone -#config rule -# option src lan -# option proto ICMP -# option target DROP - -# port redirect port coming in on wan to lan -#config redirect -# option src wan -# option src_dport 80 -# option dest lan -# option dest_ip 192.168.16.235 -# option dest_port 80 -# option proto tcp - -# port redirect of remapped ssh port (22001) on wan -#config redirect -# option src wan -# option src_dport 22001 -# option dest lan -# option dest_port 22 -# option proto tcp - -### FULL CONFIG SECTIONS -#config rule -# option src lan -# option src_ip 192.168.45.2 -# option src_mac 00:11:22:33:44:55 -# option src_port 80 -# option dest wan -# option dest_ip 194.25.2.129 -# option dest_port 120 -# option proto tcp -# option target REJECT - -#config redirect -# option src lan -# option src_ip 192.168.45.2 -# option src_mac 00:11:22:33:44:55 -# option src_port 1024 -# option src_dport 80 -# option dest_ip 194.25.2.129 -# option dest_port 120 -# option proto tcp diff --git a/hosts/_turret/files/etc/config/https-dns-proxy b/hosts/_turret/files/etc/config/https-dns-proxy deleted file mode 100644 index e5623ad..0000000 --- a/hosts/_turret/files/etc/config/https-dns-proxy +++ /dev/null @@ -1,18 +0,0 @@ - -config main 'config' - option dnsmasq_config_update '*' - list force_dns_port '53' - list force_dns_port '853' - option procd_trigger_wan6 '0' - option canary_domains_icloud '0' - option canary_domains_mozilla '0' - option force_dns '0' - -config https-dns-proxy - option bootstrap_dns '1.1.1.1,1.0.0.1' - option resolver_url 'https://cloudflare-dns.com/dns-query' - option listen_addr '127.0.0.1' - option listen_port '5054' - option user 'nobody' - option group 'nogroup' - diff --git a/hosts/_turret/files/etc/config/luci b/hosts/_turret/files/etc/config/luci deleted file mode 100644 index 8eb8a9b..0000000 --- a/hosts/_turret/files/etc/config/luci +++ /dev/null @@ -1,41 +0,0 @@ - -config core 'main' - option lang 'auto' - option mediaurlbase '/luci-static/bootstrap' - option resourcebase '/luci-static/resources' - option ubuspath '/ubus/' - -config extern 'flash_keep' - option uci '/etc/config/' - option dropbear '/etc/dropbear/' - option openvpn '/etc/openvpn/' - option passwd '/etc/passwd' - option opkg '/etc/opkg.conf' - option firewall '/etc/firewall.user' - option uploads '/lib/uci/upload/' - -config internal 'languages' - -config internal 'sauth' - option sessionpath '/tmp/luci-sessions' - option sessiontime '3600' - -config internal 'ccache' - option enable '1' - -config internal 'themes' - option Bootstrap '/luci-static/bootstrap' - option BootstrapDark '/luci-static/bootstrap-dark' - option BootstrapLight '/luci-static/bootstrap-light' - -config internal 'apply' - option rollback '90' - option holdoff '4' - option timeout '5' - option display '1.5' - -config internal 'diag' - option dns 'openwrt.org' - option ping 'openwrt.org' - option route 'openwrt.org' - diff --git a/hosts/_turret/files/etc/config/network b/hosts/_turret/files/etc/config/network deleted file mode 100644 index c71cf98..0000000 --- a/hosts/_turret/files/etc/config/network +++ /dev/null @@ -1,29 +0,0 @@ - -config interface 'loopback' - option device 'lo' - option proto 'static' - option ipaddr '127.0.0.1' - option netmask '255.0.0.0' - -config globals 'globals' - option packet_steering '1' - option ula_prefix 'fd26:3166:dece::/48' - -config device - option name 'br-lan' - option type 'bridge' - list ports 'lan2' - list ports 'lan3' - list ports 'lan4' - -config interface 'lan' - option device 'br-lan' - option proto 'static' - option ipaddr '192.168.1.1' - option netmask '255.255.255.0' - option ip6assign '60' - -config interface 'wan' - option device 'lan1' - option proto 'dhcp' - diff --git a/hosts/_turret/files/etc/config/rpcd b/hosts/_turret/files/etc/config/rpcd deleted file mode 100644 index 176c643..0000000 --- a/hosts/_turret/files/etc/config/rpcd +++ /dev/null @@ -1,10 +0,0 @@ -config rpcd - option socket /var/run/ubus/ubus.sock - option timeout 30 - -config login - option username 'root' - option password '$p$root' - list read '*' - list write '*' - diff --git a/hosts/_turret/files/etc/config/system b/hosts/_turret/files/etc/config/system deleted file mode 100644 index ee3415f..0000000 --- a/hosts/_turret/files/etc/config/system +++ /dev/null @@ -1,16 +0,0 @@ - -config system - option hostname 'turret' - option timezone 'UTC' - option ttylogin '0' - option log_size '64' - option urandom_seed '0' - option compat_version '1.1' - -config timeserver 'ntp' - option enabled '1' - option enable_server '0' - list server '0.openwrt.pool.ntp.org' - list server '1.openwrt.pool.ntp.org' - list server '2.openwrt.pool.ntp.org' - list server '3.openwrt.pool.ntp.org' diff --git a/hosts/_turret/files/etc/config/ucitrack b/hosts/_turret/files/etc/config/ucitrack deleted file mode 100644 index bb4cdbc..0000000 --- a/hosts/_turret/files/etc/config/ucitrack +++ /dev/null @@ -1,56 +0,0 @@ -config network - option init network - list affects dhcp - -config wireless - list affects network - -config firewall - option init firewall - list affects luci-splash - list affects qos - list affects miniupnpd - -config olsr - option init olsrd - -config dhcp - option init dnsmasq - list affects odhcpd - -config odhcpd - option init odhcpd - -config dropbear - option init dropbear - -config httpd - option init httpd - -config fstab - option exec '/sbin/block mount' - -config qos - option init qos - -config system - option init led - option exec '/etc/init.d/log reload' - list affects luci_statistics - list affects dhcp - -config luci_splash - option init luci_splash - -config upnpd - option init miniupnpd - -config ntpclient - option init ntpclient - -config samba - option init samba - -config tinyproxy - option init tinyproxy - diff --git a/hosts/_turret/files/etc/config/uhttpd b/hosts/_turret/files/etc/config/uhttpd deleted file mode 100644 index cb2ff71..0000000 --- a/hosts/_turret/files/etc/config/uhttpd +++ /dev/null @@ -1,31 +0,0 @@ - -config uhttpd 'main' - list listen_http '0.0.0.0:80' - list listen_http '[::]:80' - list listen_https '0.0.0.0:443' - list listen_https '[::]:443' - option redirect_https '0' - option home '/www' - option rfc1918_filter '1' - option max_requests '3' - option max_connections '100' - option cert '/etc/uhttpd.crt' - option key '/etc/uhttpd.key' - option cgi_prefix '/cgi-bin' - list lua_prefix '/cgi-bin/luci=/usr/lib/lua/luci/sgi/uhttpd.lua' - option script_timeout '60' - option network_timeout '30' - option http_keepalive '20' - option tcp_keepalive '1' - option ubus_prefix '/ubus' - -config cert 'defaults' - option days '730' - option key_type 'ec' - option bits '2048' - option ec_curve 'P-256' - option country 'ZZ' - option state 'Somewhere' - option location 'Unknown' - option commonname 'OpenWrt' - diff --git a/hosts/_turret/files/etc/config/wireless b/hosts/_turret/files/etc/config/wireless deleted file mode 100644 index b4a431d..0000000 Binary files a/hosts/_turret/files/etc/config/wireless and /dev/null differ diff --git a/hosts/_turret/files/etc/dropbear/authorized_keys b/hosts/_turret/files/etc/dropbear/authorized_keys deleted file mode 100644 index 495c605..0000000 --- a/hosts/_turret/files/etc/dropbear/authorized_keys +++ /dev/null @@ -1 +0,0 @@ -ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIERx0I8DKtALZ9VrYnY1iBEpwl2pBlRiS8oJQvZwpl5e seth@glados -- cgit v1.2.3