Firewallin' !

[John Fields]

OK, I found a few good scripts and am starting an archive of the source(s) here..

The MFG manual for configuring is in Google Docs:

https://docs.google.com/document/d/1LVuukSuby7aCuAaQezFn-kM8ZQM-I0kuGiI_XnT0sDg/edit 

http://rolfebozier.com/archives/51

This is the basis for THE firewalling script.  Will be mirrored in the git repo.

I was super confused by the "t" in the set statement for the VLAN script so I finally found this comment in another script.

Sooo every port is linked to port 8(all) like to a switch backbone.  If we want to isolate a single port from the rest (like when running a 5GHz Access Point off it...) then we will need to change it here.

From: http://ubuntuforums.org/showthread.php?t=2287281

# Lamobo R1 aka BPi R1 Routerboard

#

# Speaker | LAN1 | LAN2 | LAN3 | LAN4 || LAN5 | HDMI

# SW-Port |  P2  |  P1  |  P0  |  P4  ||  P3  |

# VLAN    |  11  |  12  |  13  |  14  ||ALL(t)|

#

# Switch-Port P8 - ALL(t) boards internal CPU Port

root@bananapi ~ # swconfig list                       

Found: switch0 - eth0

root@bananapi ~ # swconfig dev switch0 help                                                                                                    :(

switch0: eth0(BCM53125), ports: 9 (cpu @ 8), vlans: 4096

     --switch

Attribute 1 (int): enable_vlan (Enable VLAN mode)

Attribute 2 (string): ports (Available Ports (as bitmask))

Attribute 3 (int): reset_mib (Reset MIB counters)

Attribute 4 (int): enable_jumbo (Enable Jumbo Frames)

Attribute 5 (int): allow_vid_4095 (Allow VID 4095)

Attribute 6 (none): apply (Activate changes in the hardware)

Attribute 7 (none): reset (Reset the switch)

     --vlan

Attribute 1 (ports): ports (VLAN port mapping)

     --port

Attribute 1 (string): mib (Get port's MIB counters)

Attribute 2 (int): pvid (Primary VLAN ID)

Attribute 3 (string): link (Get port link information)

Reboot for changes to take effect...

root@bananapi ~ # swconfig dev switch0 show         

Global attributes:

enable_vlan: 1

ports: 0x011f

reset_mib: ???

enable_jumbo: 0

allow_vid_4095: 0

<...>

Port 3:

mib: TxOctets            : 20098

TxDropPkts          : 0

TxBroadcastPkts     : 4

TxMulticastPkts     : 2

TxUnicastPkts       : 135

TxCollisions        : 0

TxSingleCollision   : 0

TxMultipleCollision : 0

TxDeferredTransmit  : 0

TxLateCollision     : 0

TxExcessiveCollision: 0

TxPausePkts         : 0

RxOctets            : 26504

RxUndersizePkts     : 0

RxPausePkts         : 0

Pkts64Octets        : 6

Pkts65to127Octets   : 135

Pkts128to255Octets  : 10

Pkts256to511Octets  : 23

Pkts512to1023Octets : 5

Pkts1024to1522Octets: 1

RxOversizePkts      : 0

RxJabbers           : 0

RxAlignmentErrors   : 0

RxFCSErrors         : 0

RxGoodOctets        : 26504

RxDropPkts          : 0

RxUnicastPkts       : 150

RxMulticastPkts     : 28

RxBroadcastPkts     : 2

RxSAChanges         : 26

RxFragments         : 0

RxJumboPkts         : 0

RxSymbolErrors      : 0

RxDiscarded         : 0

pvid: 101

link: port:3 link:up speed:1000baseT full-duplex auto

<...>

VLAN 101:

ports: 3 8t 

VLAN 102:

ports: 0 1 2 4 8t 

Monkey