Vyos Commands - savannahc502/SavC-TechJournal-SEC350 GitHub Wiki
| Task | Command(s) |
|---|---|
| Setting the Hostname |
configureset system host-name <hostname>commitsaveexit
|
| Changing Password |
configureset system login user <username> authentication plaintext-password <password>commitsaveexit
|
| Deleting DHCP Configuration |
delete interfaces ethernet <interface> address dhcpcommitsave
|
| Setting Interface Descriptions and IPs |
configureset interfaces ethernet <interface> description <description>set interfaces ethernet <interface> address <IP address>commitsave
|
| Setting Default Gateway and DNS |
set protocols static route 0.0.0.0/0 next-hop <gateway IP>set system name-server <DNS IP>commitsave
|
| NAT Forwarding |
configureset nat source rule <rule number> description "NAT FROM <source> to <destination>"set nat source rule <rule number> outbound-interface <interface>set nat source rule <rule number> source address <source IP>set nat source rule <rule number> translation address masqueradecommitsave
|
| DNS Forwarding |
set service dns forwarding listen-address <IP address>set service dns forwarding allow-from <IP range>set service dns forwarding systemcommitsave
|
| Task | Command |
|---|---|
| Configure Firewall Zones |
configureset zone-policy zone <zone> interface <interface>
|
| Default Drop and Log Rules |
set firewall name <firewall name> default-action dropset firewall name <firewall name> enable-default-log
|
| Assign Firewalls to Zones |
set zone-policy zone <zone> from <zone> firewall name <firewall name> |
| Create Firewall Rules |
set firewall name <firewall name> rule <rule number>set firewall name <firewall name > rule <rule number> action <action>set firewall name <firewall name> rule <rule number> description "<description>"set firewall name <firewall name > rule <rule number> destination address <address>set firewall name <firewall name> rule <rule number> destination port <port>set firewall name <firewall name> rule <rule number> protocol <protocol>
|
| Allow Established Connections | set firewall name <firewall name> rule <rule numeber> state established enable |
| Enable Logs | tail -f /var/log/messages |