Linux ubnt 3.10.107-UBNT #1 SMP Wed Oct 20 08:39:03 UTC 2021 mips64
_ .._
| | |
__ |\_
__/|
| | / \| || __) | | (c) 2010-2021
| | | | \ || \ | | Ubiquiti, Inc.
|
__|
_| /||
/ ||
|_/
https://www.ui.com
Welcome to EdgeOS on UniFi Security Gateway!
WARNING!
- Configuration changes made here are not persistent. *
- They will be overwritten by the controller on next *
- provision. Configuration must be done in controller. *
****
Last login: Wed Apr 6 17:37:50 2022 from 192.168.8.120
Hamrlik@ubnt:~$
show interfaces ; sudo ipset list ADDRv4_eth2
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface IP Address S/L Description
--------- ---------- --- -----------
eth0 192.168.8.1/24 u/u LAN
eth1 - A/D
eth2
aaa.aaa.aaa.aaa/24 u/u WAN
eth3
aaa.aaa.aaa.aaa/30 u/u WAN2
lo 127.0.0.1/8 u/u
::1/128
Name: ADDRv4_eth2
Type: hash:net
Revision: 3
Header: family inet hashsize 1024 maxelem 65536
Size in memory: 16792
References: 3
Members:
192.168.1.41
Hamrlik@ubnt:~$
configure
[edit]
Hamrlik@ubnt#
show firewall name WAN_IN
default-action drop
description "packets from internet to intranet"
rule 3001 {
action accept
description "allow established/related sessions"
state {
established enable
invalid disable
new disable
related enable
}
}
rule 3002 {
action drop
description "drop invalid state"
state {
established disable
invalid enable
new disable
related disable
}
}
rule 4000 {
action accept
description "Home Assistant"
destination {
group {
port-group 624d9f97aa536443898f8a55
}
}
protocol all
source {
group {
port-group 624d9f97aa536443898f8a55
}
}
}
[edit]
Hamrlik@ubnt# set service nat rule 4001 description 'webserver'
[edit]
Hamrlik@ubnt# set service nat rule 4001 destination group address-group ADDRv4_eth3
[edit]
Hamrlik@ubnt# set service nat rule 4001 destination port 8123
[edit]
Hamrlik@ubnt# set service nat rule 4001 inbound-interface eth3
[edit]
Hamrlik@ubnt# set service nat rule 4001 inside-address address 192.168.8.33
[edit]
Hamrlik@ubnt# set service nat rule 4001 inside-address port 8123
[edit]
Hamrlik@ubnt# set service nat rule 4001 protocol tcp
[edit]
Hamrlik@ubnt# set service nat rule 4001 type destination
[edit]
Hamrlik@ubnt#
commit ; exit
Warning: configuration changes have not been saved.
exit
Hamrlik@ubnt:~$