root@OpenWrt:~# ubus call system board
{
"kernel": "5.15.162",
"hostname": "OpenWrt",
"system": "MediaTek MT7621 ver:1 eco:3",
"model": "Xiaomi Mi Router 3G",
"board_name": "xiaomi,mi-router-3g",
"rootfs_type": "squashfs",
"release": {
"distribution": "OpenWrt",
"version": "23.05.4",
"revision": "r24012-d8dd03c46f",
"target": "ramips/mt7621",
"description": "OpenWrt 23.05.4 r24012-d8dd03c46f"
}
}
root@OpenWrt:~# cat /etc/config/network
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
config device
option name 'br-lan'
option type 'bridge'
list ports 'lan1'
list ports 'lan2'
config interface 'lan'
option device 'br-lan'
option proto 'static'
option ipaddr '192.168.13.1'
option netmask '255.255.255.0'
option ip6assign '60'
config interface 'wan'
option device 'wan'
option proto 'dhcp'
config interface 'wan6'
option device 'wan'
option proto 'dhcpv6'
option reqaddress 'try'
option reqprefix 'auto'
root@OpenWrt:~# cat /etc/config/wireless
config wifi-device 'radio0'
option type 'mac80211'
option path '1e140000.pcie/pci0000:00/0000:00:00.0/0000:01:00.0'
option channel '5'
option band '2g'
option htmode 'HT20'
option txpower '20'
option cell_density '0'
config wifi-iface 'default_radio0'
option device 'radio0'
option network 'lan'
option mode 'ap'
option ssid 'Rein_SH'
option encryption 'sae-mixed'
option key ''
config wifi-device 'radio1'
option type 'mac80211'
option path '1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0'
option channel '144'
option band '5g'
option htmode 'VHT80'
option txpower '20'
option cell_density '0'
config wifi-iface 'default_radio1'
option device 'radio1'
option network 'lan'
option mode 'ap'
option ssid 'Rein_SH'
option encryption 'sae-mixed'
option key ''
root@OpenWrt:~# cat /etc/config/dhcp
config dnsmasq
option domainneeded '1'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option cachesize '1000'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
option localservice '1'
option ednspacket_max '1232'
config dhcp 'lan'
option interface 'lan'
option start '100'
option limit '150'
option leasetime '12h'
option dhcpv4 'server'
option dhcpv6 'relay'
option ra 'relay'
option ndp 'relay'
config dhcp 'wan'
option interface 'wan'
option master '1'
option ra 'relay'
option dhcpv6 'relay'
option ndp 'relay'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '4'
config dhcp 'wan6'
option interface 'wan6'
option ignore '1'
root@OpenWrt:~# cat /etc/config/firewall
config defaults
option syn_flood '1'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
config zone
option name 'lan'
list network 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
config zone
option name 'wan'
list network 'wan'
list network 'wan6'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
config forwarding
option src 'lan'
option dest 'wan'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-IGMP'
option src 'wan'
option proto 'igmp'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-MLD'
option src 'wan'
option proto 'icmp'
option src_ip 'fe80::/10'
list icmp_type '130/0'
list icmp_type '131/0'
list icmp_type '132/0'
list icmp_type '143/0'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-IPSec-ESP'
option src 'wan'
option dest 'lan'
option proto 'esp'
option target 'ACCEPT'
config rule
option name 'Allow-ISAKMP'
option src 'wan'
option dest 'lan'
option dest_port '500'
option proto 'udp'
option target 'ACCEPT'
config rule
option name 'Transmission'
list proto 'tcp'
option src 'wan'
option dest_port '51413'
option target 'ACCEPT'
root@OpenWrt:~# opkg list-installed
attr - 2.5.1-1
avahi-dbus-daemon - 0.8-8
base-files - 1559-r24012-d8dd03c46f
block-mount - 2023-02-28-bfe882d5-1
busybox - 1.36.1-1
ca-bundle - 20230311-1
cgi-io - 2022-08-10-901b0f04-21
dbus - 1.13.18-12
dnsmasq - 2.90-2
dropbear - 2022.82-6
firewall4 - 2023-09-01-598d9fbb-1
fstools - 2023-02-28-bfe882d5-1
fwtool - 2019-11-12-8f7fe925-1
getrandom - 2022-08-13-4c7b720b-2
hd-idle - 1.05-2
hostapd-common - 2023-09-08-e5ccbfc6-7
iw - 5.19-1
iwinfo - 2023-07-01-ca79f641-1
jansson4 - 2.14-3
jshn - 2023-05-23-75a3b870-1
jsonfilter - 2024-01-23-594cfa86-1
kernel - 5.15.162-1-144de9e5c1a8813b724b14faa054d9f0
kmod-cfg80211 - 5.15.162+6.1.97-1-1
kmod-crypto-acompress - 5.15.162-1
kmod-crypto-aead - 5.15.162-1
kmod-crypto-ccm - 5.15.162-1
kmod-crypto-cmac - 5.15.162-1
kmod-crypto-crc32 - 5.15.162-1
kmod-crypto-crc32c - 5.15.162-1
kmod-crypto-ctr - 5.15.162-1
kmod-crypto-gcm - 5.15.162-1
kmod-crypto-gf128 - 5.15.162-1
kmod-crypto-ghash - 5.15.162-1
kmod-crypto-hash - 5.15.162-1
kmod-crypto-hmac - 5.15.162-1
kmod-crypto-manager - 5.15.162-1
kmod-crypto-null - 5.15.162-1
kmod-crypto-rng - 5.15.162-1
kmod-crypto-seqiv - 5.15.162-1
kmod-crypto-sha512 - 5.15.162-1
kmod-fs-exfat - 5.15.162-1
kmod-fs-ext4 - 5.15.162-1
kmod-fs-f2fs - 5.15.162-1
kmod-fs-ntfs - 5.15.162-1
kmod-fs-vfat - 5.15.162-1
kmod-gpio-button-hotplug - 5.15.162-3
kmod-leds-gpio - 5.15.162-1
kmod-lib-crc-ccitt - 5.15.162-1
kmod-lib-crc16 - 5.15.162-1
kmod-lib-crc32c - 5.15.162-1
kmod-lib-lzo - 5.15.162-1
kmod-mac80211 - 5.15.162+6.1.97-1-1
kmod-mt76-core - 5.15.162+2024-04-03-1e336a85-1
kmod-mt7603 - 5.15.162+2024-04-03-1e336a85-1
kmod-mt76x02-common - 5.15.162+2024-04-03-1e336a85-1
kmod-mt76x2 - 5.15.162+2024-04-03-1e336a85-1
kmod-mt76x2-common - 5.15.162+2024-04-03-1e336a85-1
kmod-nf-conntrack - 5.15.162-1
kmod-nf-conntrack6 - 5.15.162-1
kmod-nf-flow - 5.15.162-1
kmod-nf-log - 5.15.162-1
kmod-nf-log6 - 5.15.162-1
kmod-nf-nat - 5.15.162-1
kmod-nf-reject - 5.15.162-1
kmod-nf-reject6 - 5.15.162-1
kmod-nfnetlink - 5.15.162-1
kmod-nft-core - 5.15.162-1
kmod-nft-fib - 5.15.162-1
kmod-nft-nat - 5.15.162-1
kmod-nft-offload - 5.15.162-1
kmod-nls-base - 5.15.162-1
kmod-nls-cp437 - 5.15.162-1
kmod-nls-iso8859-1 - 5.15.162-1
kmod-nls-utf8 - 5.15.162-1
kmod-ppp - 5.15.162-1
kmod-pppoe - 5.15.162-1
kmod-pppox - 5.15.162-1
kmod-scsi-core - 5.15.162-1
kmod-scsi-generic - 5.15.162-1
kmod-slhc - 5.15.162-1
kmod-usb-core - 5.15.162-1
kmod-usb-ehci - 5.15.162-1
kmod-usb-ledtrig-usbport - 5.15.162-1
kmod-usb-storage - 5.15.162-1
kmod-usb-storage-uas - 5.15.162-1
kmod-usb-xhci-hcd - 5.15.162-1
kmod-usb-xhci-mtk - 5.15.162-1
kmod-usb2 - 5.15.162-1
kmod-usb3 - 5.15.162-1
libatomic1 - 12.3.0-4
libattr - 2.5.1-1
libavahi-client - 0.8-8
libavahi-dbus-support - 0.8-8
libblkid1 - 2.39-2
libblobmsg-json20230523 - 2023-05-23-75a3b870-1
libc - 1.2.4-4
libcap - 2.69-1
libcap-ng - 0.8.3-2
libcurl4 - 8.7.1-r1
libdaemon - 0.14-5
libdbus - 1.13.18-12
libdeflate - 1.18-1
libdht - 2022-04-27-11123089-1
libevdev - 1.13.0-1
libevent2-7 - 2.1.12-1
libevent2-core7 - 2.1.12-1
libevent2-pthreads7 - 2.1.12-1
libexpat - 2.5.0-1
libgcc1 - 12.3.0-4
libgmp10 - 6.2.1-1
libgnutls - 3.8.3-1
libidn2 - 2.3.4-1
libiwinfo-data - 2023-07-01-ca79f641-1
libiwinfo20230701 - 2023-07-01-ca79f641-1
libjson-c5 - 0.16-3
libjson-script20230523 - 2023-05-23-75a3b870-1
liblucihttp-ucode - 2023-03-15-9b5b683f-1
liblucihttp0 - 2023-03-15-9b5b683f-1
libmbedtls12 - 2.28.8-1
libminiupnpc - 2.2.3-1
libmnl0 - 1.0.5-1
libmount1 - 2.39-2
libnatpmp1 - 20150609-3
libncurses6 - 6.4-2
libnettle8 - 3.9.1-1
libnftnl11 - 1.2.6-1
libnghttp2-14 - 1.57.0-1
libnl-tiny1 - 2023-07-27-bc92a280-1
libopenssl3 - 3.0.14-2
libpam - 1.5.2-1
libpcre2 - 10.42-1
libpopt0 - 1.19-1
libpsl5 - 0.21.2-1
libpthread - 1.2.4-4
libreadline8 - 8.2-1
librt - 1.2.4-4
libsmartcols1 - 2.39-2
libstdcpp6 - 12.3.0-4
libtasn1 - 4.19.0-2
libtirpc - 1.3.3-1
libubox20230523 - 2023-05-23-75a3b870-1
libubus20230605 - 2023-06-05-f787c97b-1
libuci20130104 - 2023-08-10-5781664d-1
libuclient20201210 - 2023-04-13-007d9454-1
libucode20230711 - 2024-07-11-1a8a0bcf-1
libudev-zero - 1.0.1-1
libunistring - 1.1-1
libusb-1.0-0 - 1.0.26-3
libustream-mbedtls20201210 - 2023-02-25-498f6e26-1
libutp - 2023-02-14-c95738b1-1
libuuid1 - 2.39-2
logd - 2022-08-13-4c7b720b-2
lsblk - 2.39-2
luci - git-23.051.66410-a505bb1
luci-app-firewall - git-24.067.01746-69867db
luci-app-hd-idle - git-21.322.37170-27ca2e2
luci-app-opkg - git-24.148.43905-2891ca4
luci-app-samba4 - git-23.142.65904-c0478f0
luci-app-transmission - git-21.337.84171-2ef8100
luci-app-upnp - git-24.025.85485-89a9b58
luci-base - git-24.086.45142-09d5a38
luci-light - git-23.024.33244-34dee82
luci-mod-admin-full - git-19.253.48496-3f93650
luci-mod-network - git-24.111.76511-ff6b275
luci-mod-status - git-24.141.29354-5cfe7a7
luci-mod-system - git-24.067.01860-7a82b2f
luci-proto-ipv6 - git-24.086.45108-51aee90
luci-proto-ppp - git-24.135.44542-f1ec9c2
luci-ssl - git-23.035.26083-7550ad6
luci-theme-bootstrap - git-24.086.46634-1ffe078
miniupnpd-nftables - 2.3.3-2
mtd - 26
netifd - 2024-01-04-c18cc79d-2
nftables-json - 1.0.8-1
odhcp6c - 2023-05-12-bcd28363-20
odhcpd-ipv6only - 2023-10-24-d8118f6e-1
openwrt-keyring - 2022-03-25-62471e69-2
opkg - 2022-02-24-d038e5b6-2
ppp - 2.4.9.git-2021-01-04-4
ppp-mod-pppoe - 2.4.9.git-2021-01-04-4
procd - 2023-06-25-2db83655-2
procd-seccomp - 2023-06-25-2db83655-2
procd-ujail - 2023-06-25-2db83655-2
px5g-mbedtls - 10
rpcd - 2023-07-01-c07ab2f9-1
rpcd-mod-file - 2023-07-01-c07ab2f9-1
rpcd-mod-iwinfo - 2023-07-01-c07ab2f9-1
rpcd-mod-luci - 20240305-1
rpcd-mod-rrdns - 20170710
rpcd-mod-ucode - 2023-07-01-c07ab2f9-1
samba4-libs - 4.18.8-1
samba4-server - 4.18.8-1
terminfo - 6.4-2
transmission-cli - 4.0.6-1
transmission-daemon - 4.0.6-1
transmission-remote - 4.0.6-1
transmission-web - 4.0.6-1
ubi-utils - 2.1.5-1
ubox - 2022-08-13-4c7b720b-2
ubus - 2023-06-05-f787c97b-1
ubusd - 2023-06-05-f787c97b-1
uci - 2023-08-10-5781664d-1
uclient-fetch - 2023-04-13-007d9454-1
ucode - 2024-07-11-1a8a0bcf-1
ucode-mod-fs - 2024-07-11-1a8a0bcf-1
ucode-mod-html - 1
ucode-mod-math - 2024-07-11-1a8a0bcf-1
ucode-mod-nl80211 - 2024-07-11-1a8a0bcf-1
ucode-mod-rtnl - 2024-07-11-1a8a0bcf-1
ucode-mod-ubus - 2024-07-11-1a8a0bcf-1
ucode-mod-uci - 2024-07-11-1a8a0bcf-1
ucode-mod-uloop - 2024-07-11-1a8a0bcf-1
uhttpd - 2023-06-25-34a8a74d-2
uhttpd-mod-ubus - 2023-06-25-34a8a74d-2
urandom-seed - 3
urngd - 2023-11-01-44365eb1-1
usbutils - 014-1
usign - 2020-05-23-f1f65026-1
wget-ssl - 1.21.4-1
wireless-regdb - 2024.07.04-1
wpad-basic-mbedtls - 2023-09-08-e5ccbfc6-7
zlib - 1.2.13-1
root@OpenWrt:~# nft list ruleset | less
Pattern not found