mirror of
https://github.com/openNDS/openNDS.git
synced 2026-01-10 04:17:55 -05:00
75 lines
2.4 KiB
Plaintext
75 lines
2.4 KiB
Plaintext
# This is the legacy configuration file and is currently used by all non-OpenWrt installations.
|
|
# It is deprecated and will be replaced by the UCI style configuration file as used in OpenWrt in a future release
|
|
#
|
|
# For details of possible options, please see the OpenWrt UCI config file or the documentation at https://opennds.readthedocs.io/
|
|
#
|
|
#
|
|
# The "#" character at the beginning of a line indicates that the whole line is a comment.
|
|
#
|
|
# "#" characters within a line are assumed to be part of the configured option
|
|
#
|
|
|
|
# GatewayName
|
|
# Default: openNDS
|
|
#
|
|
# GatewayName openNDS
|
|
|
|
# Option: GatewayInterface
|
|
# Default: br-lan
|
|
#
|
|
# Set GatewayInterface to the interface on your router that is to be managed by openNDS.
|
|
# The selected interface must be allocated an IPv4 address.
|
|
# Typically on OpenWrt it is br-lan for the wired and wireless lan combined in a bridge.
|
|
# On generic Linux though, it might be wlan0
|
|
#
|
|
#GatewayInterface wlan0
|
|
|
|
# Login Option
|
|
# Default: 1
|
|
# Integer value sent to PreAuth script as login mode
|
|
#
|
|
# opennds comes preconfigured for three basic modes of operation
|
|
#
|
|
# option set to 1 - Default Dynamic Click to Continue splash sequence
|
|
#
|
|
# option set to 2 - Username/Emailaddress Dynamic Login
|
|
#
|
|
# option set to 3 - Use ThemeSpecPath to select a custom ThemeSpec file
|
|
#
|
|
#login_option_enabled 1
|
|
|
|
# Use outdated libmicrohttpd (MHD)
|
|
# Default 0
|
|
# Warning, if set to 1, this may be unstable or fail entirely - it would be better to upgrade MHD.
|
|
# Use at your own risk
|
|
#
|
|
# If this option is set to 0 (default), NDS will terminate if MHD is earlier than 0.9.71
|
|
# If this option is set to 1, NDS will attempt to start and log an error.
|
|
#use_outdated_mhd 0
|
|
|
|
# FirewallRuleSet: authenticated-users
|
|
#
|
|
# Control access for users after authentication.
|
|
FirewallRuleSet authenticated-users {
|
|
# FirewallRule passthrough all
|
|
}
|
|
|
|
FirewallRuleSet preauthenticated-users {
|
|
}
|
|
|
|
# FirewallRuleSet: users-to-router
|
|
# Control access to the router itself from the GatewayInterface.
|
|
# Essential - Allow ports for DNS and DHCP (disabling these will soft brick your router):
|
|
FirewallRuleSet users-to-router {
|
|
FirewallRule allow udp port 53
|
|
FirewallRule allow tcp port 53
|
|
FirewallRule allow udp port 67
|
|
# You may want to allow ssh, http, and https to the router
|
|
# for administration from the GatewayInterface. If not,
|
|
# comment these out.
|
|
FirewallRule allow tcp port 22
|
|
FirewallRule allow tcp port 80
|
|
FirewallRule allow tcp port 443
|
|
}
|
|
|