Compare text

Find the difference between two text files

Real-time diff

Unified diff

Collapse lines

Highlight change

Syntax highlighting

Tools

GLiNet IPv6 Passthrough

Created 2 months agoDiff never expires

16 removals

460 lines

35 additions

479 lines

IPV6 NATIVE

IPV6 PASSTHROUGH

root@GL-MT6000:~# cat /etc/config/dhcp

root@GL-MT6000:~# cat /etc/config/dhcp

config dnsmasq

config dnsmasq

option domainneeded '1'

option domainneeded '1'

option boguspriv '1'

option boguspriv '1'

option filterwin2k '0'

option filterwin2k '0'

option localise_queries '1'

option localise_queries '1'

option rebind_localhost '1'

option rebind_localhost '1'

option local '/lan/'

option local '/lan/'

option domain 'lan'

option domain 'lan'

option expandhosts '1'

option expandhosts '1'

option nonegcache '0'

option nonegcache '0'

option authoritative '1'

option authoritative '1'

option readethers '1'

option readethers '1'

option leasefile '/tmp/dhcp.leases'

option leasefile '/tmp/dhcp.leases'

option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'

option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'

option nonwildcard '1'

option nonwildcard '1'

option localservice '1'

option localservice '1'

option ednspacket_max '1232'

option ednspacket_max '1232'

option rebind_protection '0'

option rebind_protection '0'

config dhcp 'lan'

config dhcp 'lan'

option interface 'lan'

option interface 'lan'

option start '100'

option start '100'

option limit '150'

option limit '150'

option leasetime '12h'

option leasetime '12h'

option dhcpv4 'server'

option dhcpv4 'server'

option ra_slaac '1'

option ra_slaac '1'

option force '1'

option force '1'

option dhcpv6 'server'

option dhcpv6 'relay'

option ra 'server'

option ra 'relay'

option ndp 'disabled'

option ndp 'relay'

option ra_management '0'

list ra_flags 'other-config'

option ra_default '1'

list dns 'fd47:85f0:de56:0000:0000:0000:0000:0001'

config dhcp 'wan'

config dhcp 'wan'

option interface 'wan'

option interface 'wan'

option ignore '1'

option ignore '1'

config odhcpd 'odhcpd'

config odhcpd 'odhcpd'

option maindhcp '0'

option maindhcp '0'

option leasefile '/tmp/hosts/odhcpd'

option leasefile '/tmp/hosts/odhcpd'

option leasetrigger '/usr/sbin/odhcpd-update'

option leasetrigger '/usr/sbin/odhcpd-update'

option loglevel '4'

option loglevel '4'

config domain

config domain

option name 'console.gl-inet.com'

option name 'console.gl-inet.com'

option ip '192.168.8.1'

option ip '192.168.8.1'

config domain

config domain

option name 'console.gl-inet.com'

option name 'console.gl-inet.com'

option ip '::ffff:192.168.8.1'

option ip '::ffff:192.168.8.1'

config dhcp 'guest'

config dhcp 'guest'

option interface 'guest'

option interface 'guest'

option start '100'

option start '100'

option limit '150'

option limit '150'

option leasetime '12h'

option leasetime '12h'

list dns 'fd47:85f0:de56:0001:0000:0000:0000:0001'

list dns 'fd47:85f0:de56:0001:0000:0000:0000:0001'

option dhcpv6 'server'

option dhcpv6 'server'

option ra 'server'

option ra 'server'

option ra_management '1'

option ra_management '1'

option ra_default '1'

option ra_default '1'

list ra_flags 'other-config'

list ra_flags 'other-config'

list ra_flags 'managed-config'

list ra_flags 'managed-config'

config dhcp 'secondwan'

config dhcp 'secondwan'

option interface 'secondwan'

option interface 'secondwan'

option ignore '1'

option ignore '1'

config dhcp 'wan6'

option interface 'wan6'

option dhcpv6 'relay'

option ra 'relay'

option ndp 'relay'

option master '1'

config dhcp 'wwan6'

option interface 'wwan6'

option dhcpv6 'relay'

option ra 'relay'

option ndp 'relay'

option master '1'

config dhcp 'tethering6'

option interface 'tethering6'

option dhcpv6 'relay'

option ra 'relay'

option ndp 'relay'

option master '1'

config dhcp 'modem_1_1_2_6'

option interface 'modem_1_1_2'

option dhcpv6 'relay'

option ra 'relay'

option ndp 'relay'

option master '1'

root@GL-MT6000:~# cat /etc/config/network

root@GL-MT6000:~# cat /etc/config/network

config interface 'loopback'

config interface 'loopback'

option device 'lo'

option device 'lo'

option proto 'static'

option proto 'static'

option ipaddr '127.0.0.1'

option ipaddr '127.0.0.1'

option netmask '255.0.0.0'

option netmask '255.0.0.0'

config globals 'globals'

config globals 'globals'

option ula_prefix 'fd47:85f0:de56::/48'

option ula_prefix 'fd47:85f0:de56::/48'

config device

config device

option name 'br-lan'

option name 'br-lan'

option type 'bridge'

option type 'bridge'

list ports 'lan1'

list ports 'lan1'

list ports 'lan2'

list ports 'lan2'

list ports 'lan3'

list ports 'lan3'

list ports 'lan4'

list ports 'lan4'

list ports 'lan5'

list ports 'lan5'

option macaddr '94:83:c4:a2:0f:0c'

option macaddr '94:83:c4:a2:0f:0c'

config device

config device

option name 'lan1'

option name 'lan1'

option macaddr '94:83:c4:a2:0f:0c'

option macaddr '94:83:c4:a2:0f:0c'

config device

config device

option name 'lan2'

option name 'lan2'

option macaddr '94:83:c4:a2:0f:0c'

option macaddr '94:83:c4:a2:0f:0c'

config device

config device

option name 'lan3'

option name 'lan3'

option macaddr '94:83:c4:a2:0f:0c'

option macaddr '94:83:c4:a2:0f:0c'

config device

config device

option name 'lan4'

option name 'lan4'

option macaddr '94:83:c4:a2:0f:0c'

option macaddr '94:83:c4:a2:0f:0c'

config device

config device

option name 'lan5'

option name 'lan5'

option macaddr '94:83:c4:a2:0f:0c'

option macaddr '94:83:c4:a2:0f:0c'

config interface 'lan'

config interface 'lan'

option device 'br-lan'

option device 'br-lan'

option proto 'static'

option proto 'static'

option ipaddr '192.168.8.1'

option ipaddr '192.168.8.1'

option netmask '255.255.255.0'

option netmask '255.255.255.0'

option isolate '0'

option isolate '0'

option ip6assign '64'

option ip6hint '0000'

option ip6hint '0000'

option ip6ifaceid '::1'

option ip6ifaceid '::1'

option ip6assign '60'

list ip6class 'wan6'

list ip6class 'wwan6'

list ip6class 'tethering6'

list ip6class 'modem_2_1_6'

list ip6class 'modem_1_2_6'

config device

config device

option name 'eth1'

option name 'eth1'

option macaddr '94:83:c4:a2:0f:0a'

option macaddr '94:83:c4:a2:0f:0a'

config interface 'wan'

config interface 'wan'

option device 'eth1'

option device 'eth1'

option proto 'dhcp'

option proto 'dhcp'

option force_link '0'

option force_link '0'

option metric '10'

option metric '10'

option ipv6 '1'

option ipv6 '1'

config interface 'wan6'

config interface 'wan6'

option proto 'dhcpv6'

option proto 'dhcpv6'

option device '@wan'

option device '@wan'

option disabled '0'

option disabled '0'

config interface 'tethering6'

config interface 'tethering6'

option device '@tethering'

option device '@tethering'

option proto 'dhcpv6'

option proto 'dhcpv6'

option disabled '0'

option disabled '0'

config interface 'wwan6'

config interface 'wwan6'

option device '@wwan'

option device '@wwan'

option proto 'dhcpv6'

option proto 'dhcpv6'

option disabled '0'

option disabled '0'

config interface 'guest'

config interface 'guest'

option force_link '1'

option force_link '1'

option type 'bridge'

option type 'bridge'

option proto 'static'

option proto 'static'

option ipaddr '192.168.9.1'

option ipaddr '192.168.9.1'

option netmask '255.255.255.0'

option netmask '255.255.255.0'

option multicast_querier '1'

option multicast_querier '1'

option igmp_snooping '0'

option igmp_snooping '0'

option isolate '0'

option isolate '0'

option bridge_empty '1'

option bridge_empty '1'

option disabled '1'

option disabled '1'

option ip6prefix 'fd47:85f0:de56::/48'

option ip6prefix 'fd47:85f0:de56::/48'

option ip6assign '64'

option ip6assign '64'

option ip6hint '0001'

option ip6hint '0001'

option ip6ifaceid '::1'

option ip6ifaceid '::1'

option ip6class 'guest'

option ip6class 'guest'

config interface 'wwan'

config interface 'wwan'

option proto 'dhcp'

option proto 'dhcp'

option metric '20'

option metric '20'

config interface 'secondwan'

config interface 'secondwan'

option ipv6 '0'

option ipv6 '0'

option proto 'dhcp'

option proto 'dhcp'

option metric '15'

option metric '15'

option force_link '0'

option force_link '0'

config interface 'secondwan6'

config interface 'secondwan6'

option proto 'dhcpv6'

option proto 'dhcpv6'

option device '@secondwan'

option device '@secondwan'

option disabled '1'

option disabled '1'

option metric '15'

option metric '15'

config interface 'modem_1_1_2_6'

config interface 'modem_1_1_2_6'

option ifname '@modem_1_1_2'

option ifname '@modem_1_1_2'

option proto 'dhcpv6'

option proto 'dhcpv6'

option disabled '0'

option disabled '0'

config rule 'policy_direct_rt'

config rule 'policy_direct_rt'

option lookup 'main'

option lookup 'main'

option suppress_prefixlength '0'

option suppress_prefixlength '0'

option priority '1100'

option priority '1100'

config rule 'policy_default_rt_vpn'

config rule 'policy_default_rt_vpn'

option mark '0x8000/0xc000'

option mark '0x8000/0xc000'

option lookup '8000'

option lookup '8000'

option priority '1101'

option priority '1101'

option invert '1'

option invert '1'

config rule6 'policy_direct_rt6'

config rule6 'policy_direct_rt6'

option lookup 'main'

option lookup 'main'

option suppress_prefixlength '0'

option suppress_prefixlength '0'

option priority '1100'

option priority '1100'

config rule6 'policy_default_rt_vpn6'

config rule6 'policy_default_rt_vpn6'

option mark '0x8000/0xc000'

option mark '0x8000/0xc000'

option lookup '8000'

option lookup '8000'

option priority '1101'

option priority '1101'

option invert '1'

option invert '1'

config rule 'policy_default_rt_vpn_ts'

config rule 'policy_default_rt_vpn_ts'

option lookup 'main'

option lookup 'main'

option priority '1099'

option priority '1099'

option mark '0x80000/0xc0000'

option mark '0x80000/0xc0000'

option invert '0'

option invert '0'

root@GL-MT6000:~# cat /etc/config/firewall

root@GL-MT6000:~# cat /etc/config/firewall

config defaults

config defaults

option syn_flood '1'

option syn_flood '1'

option input 'ACCEPT'

option input 'ACCEPT'

option output 'ACCEPT'

option output 'ACCEPT'

option forward 'REJECT'

option forward 'REJECT'

config zone

config zone

option name 'lan'

option name 'lan'

list network 'lan'

list network 'lan'

option input 'ACCEPT'

option input 'ACCEPT'

option output 'ACCEPT'

option output 'ACCEPT'

option forward 'ACCEPT'

option forward 'ACCEPT'

config zone

config zone

option name 'wan'

option name 'wan'

list network 'wan'

list network 'wan'

list network 'wan6'

list network 'wan6'

list network 'wwan'

list network 'wwan'

list network 'secondwan'

list network 'secondwan'

option output 'ACCEPT'

option output 'ACCEPT'

option forward 'REJECT'

option forward 'REJECT'

option mtu_fix '1'

option mtu_fix '1'

option input 'DROP'

option input 'DROP'

option masq '1'

option masq '1'

config forwarding

config forwarding

option src 'lan'

option src 'lan'

option dest 'wan'

option dest 'wan'

config rule

config rule

option name 'Allow-DHCP-Renew'

option name 'Allow-DHCP-Renew'

option src 'wan'

option src 'wan'

option proto 'udp'

option proto 'udp'

option dest_port '68'

option dest_port '68'

option target 'ACCEPT'

option target 'ACCEPT'

option family 'ipv4'

option family 'ipv4'

config rule

config rule

option name 'Allow-IGMP'

option name 'Allow-IGMP'

option src 'wan'

option src 'wan'

option proto 'igmp'

option proto 'igmp'

option family 'ipv4'

option family 'ipv4'

option target 'ACCEPT'

option target 'ACCEPT'

config rule

config rule

option name 'Allow-DHCPv6'

option name 'Allow-DHCPv6'

option src 'wan'

option src 'wan'

option proto 'udp'

option proto 'udp'

option dest_port '546'

option dest_port '546'

option family 'ipv6'

option family 'ipv6'

option target 'ACCEPT'

option target 'ACCEPT'

config rule

config rule

option name 'Allow-MLD'

option name 'Allow-MLD'

option src 'wan'

option src 'wan'

option proto 'icmp'

option proto 'icmp'

option src_ip 'fe80::/10'

option src_ip 'fe80::/10'

list icmp_type '130/0'

list icmp_type '130/0'

list icmp_type '131/0'

list icmp_type '131/0'

list icmp_type '132/0'

list icmp_type '132/0'

list icmp_type '143/0'

list icmp_type '143/0'

option family 'ipv6'

option family 'ipv6'

option target 'ACCEPT'

option target 'ACCEPT'

config rule

config rule

option name 'Allow-ICMPv6-Input'

option name 'Allow-ICMPv6-Input'

option src 'wan'

option src 'wan'

option proto 'icmp'

option proto 'icmp'

list icmp_type 'echo-request'

list icmp_type 'echo-request'

list icmp_type 'echo-reply'

list icmp_type 'echo-reply'

list icmp_type 'destination-unreachable'

list icmp_type 'destination-unreachable'

list icmp_type 'packet-too-big'

list icmp_type 'packet-too-big'

list icmp_type 'time-exceeded'

list icmp_type 'time-exceeded'

list icmp_type 'bad-header'

list icmp_type 'bad-header'

list icmp_type 'unknown-header-type'

list icmp_type 'unknown-header-type'

list icmp_type 'router-solicitation'

list icmp_type 'router-solicitation'

list icmp_type 'neighbour-solicitation'

list icmp_type 'neighbour-solicitation'

list icmp_type 'router-advertisement'

list icmp_type 'router-advertisement'

list icmp_type 'neighbour-advertisement'

list icmp_type 'neighbour-advertisement'

option limit '1000/sec'

option limit '1000/sec'

option family 'ipv6'

option family 'ipv6'

option target 'ACCEPT'

option target 'ACCEPT'

config rule

config rule

option name 'Allow-ICMPv6-Forward'

option name 'Allow-ICMPv6-Forward'

option src 'wan'

option src 'wan'

option dest '*'

option dest '*'

option proto 'icmp'

option proto 'icmp'

list icmp_type 'echo-request'

list icmp_type 'echo-request'

list icmp_type 'echo-reply'

list icmp_type 'echo-reply'

list icmp_type 'destination-unreachable'

list icmp_type 'destination-unreachable'

list icmp_type 'packet-too-big'

list icmp_type 'packet-too-big'

list icmp_type 'time-exceeded'

list icmp_type 'time-exceeded'

list icmp_type 'bad-header'

list icmp_type 'bad-header'

list icmp_type 'unknown-header-type'

list icmp_type 'unknown-header-type'

option limit '1000/sec'

option limit '1000/sec'

option family 'ipv6'

option family 'ipv6'

option target 'ACCEPT'

option target 'ACCEPT'

config rule

config rule

option name 'Allow-IPSec-ESP'

option name 'Allow-IPSec-ESP'

option src 'wan'

option src 'wan'

option dest 'lan'

option dest 'lan'

option proto 'esp'

option proto 'esp'

option target 'ACCEPT'

option target 'ACCEPT'

config rule

config rule

option name 'Allow-ISAKMP'

option name 'Allow-ISAKMP'

option src 'wan'

option src 'wan'

option dest 'lan'

option dest 'lan'

option dest_port '500'

option dest_port '500'

option proto 'udp'

option proto 'udp'

option target 'ACCEPT'

option target 'ACCEPT'

config rule

config rule

option name 'Support-UDP-Traceroute'

option name 'Support-UDP-Traceroute'

option src 'wan'

option src 'wan'

option dest_port '33434:33689'

option dest_port '33434:33689'

option proto 'udp'

option proto 'udp'

option family 'ipv4'

option family 'ipv4'

option target 'REJECT'

option target 'REJECT'

option enabled 'false'

option enabled 'false'

config include

config include

option path '/etc/firewall.user'

option path '/etc/firewall.user'

config include 'nat6'

config include 'nat6'

option path '/etc/firewall.nat6'

option path '/etc/firewall.nat6'

option reload '1'

option reload '1'

config rule 'block_dns'

config rule 'block_dns'

option name 'block_dns'

option name 'block_dns'

option src '*'

option src '*'

option device 'br-+'

option device 'br-+'

option dest_port '53'

option dest_port '53'

option target 'REJECT'

option target 'REJECT'

option enabled '0'

option enabled '0'

config rule 'process_mark'

config rule 'process_mark'

option name 'process_mark'

option name 'process_mark'

option dest '*'

option dest '*'

option proto 'all'

option proto 'all'

option extra '-m owner --gid-owner 65533'

option extra '-m owner --gid-owner 65533'

option target 'MARK'

option target 'MARK'

option set_xmark '0x8000/0xc000'

option set_xmark '0x8000/0xc000'

config rule 'wan_in_conn_mark'

config rule 'wan_in_conn_mark'

option name 'wan_in_conn_mark'

option name 'wan_in_conn_mark'

option src 'wan'

option src 'wan'

option dest '*'

option dest '*'

option set_xmark '0x8000/0xc000'

option set_xmark '0x8000/0xc000'

option target 'MARK'

option target 'MARK'

option extra '-j CONNMARK --set-xmark 0x8000/0xc000'

option extra '-j CONNMARK --set-xmark 0x8000/0xc000'

option enabled '0'

option enabled '0'

config rule 'lan_in_conn_mark_restore'

config rule 'lan_in_conn_mark_restore'

option name 'lan_in_conn_mark_restore'

option name 'lan_in_conn_mark_restore'

option src 'lan'

option src 'lan'

option dest '*'

option dest '*'

option set_xmark '0x8000/0xc000'

option set_xmark '0x8000/0xc000'

option target 'MARK'

option target 'MARK'

option extra '-m connmark --mark 0x8000/0xc000 -j CONNMARK --restore-mark'

option extra '-m connmark --mark 0x8000/0xc000 -j CONNMARK --restore-mark'

option enabled '0'

option enabled '0'

config rule 'out_conn_mark_restore'

config rule 'out_conn_mark_restore'

option name 'out_conn_mark_restore'

option name 'out_conn_mark_restore'

option dest '*'

option dest '*'

option set_xmark '0x8000/0xc000'

option set_xmark '0x8000/0xc000'

option target 'MARK'

option target 'MARK'

option extra '-m connmark --mark 0x8000/0xc000 -j CONNMARK --restore-mark'

option extra '-m connmark --mark 0x8000/0xc000 -j CONNMARK --restore-mark'

option enabled '0'

option enabled '0'

config include 'swap_wan_in_conn_mark'

config include 'swap_wan_in_conn_mark'

option type 'script'

option type 'script'

option reload '1'

option reload '1'

option path '/etc/firewall.swap_wan_in_conn_mark.sh'

option path '/etc/firewall.swap_wan_in_conn_mark.sh'

option enabled '0'

option enabled '0'

config include 'gls2s'

config include 'gls2s'

option type 'script'

option type 'script'

option path '/var/etc/gls2s.include'

option path '/var/etc/gls2s.include'

option reload '1'

option reload '1'

config include 'glblock'

config include 'glblock'

option type 'script'

option type 'script'

option path '/usr/bin/gl_block.sh'

option path '/usr/bin/gl_block.sh'

option reload '1'

option reload '1'

config zone

config zone

option name 'guest'

option name 'guest'

option network 'guest'

option network 'guest'

option forward 'REJECT'

option forward 'REJECT'

option output 'ACCEPT'

option output 'ACCEPT'

option input 'REJECT'

option input 'REJECT'

config forwarding

config forwarding

option src 'guest'

option src 'guest'

option dest 'wan'

option dest 'wan'

config rule

config rule

option name 'Allow-DHCP'

option name 'Allow-DHCP'

option src 'guest'

option src 'guest'

option target 'ACCEPT'

option target 'ACCEPT'

option proto 'udp'

option proto 'udp'

option dest_port '67-68'

option dest_port '67-68'

config rule

config rule

option name 'Allow-DNS'

option name 'Allow-DNS'

option src 'guest'

option src 'guest'

option target 'ACCEPT'

option target 'ACCEPT'

option proto 'tcp udp'

option proto 'tcp udp'

option dest_port '53'

option dest_port '53'

config include 'vpn_server_policy'

config include 'vpn_server_policy'

option type 'script'

option type 'script'

option path '/etc/firewall.vpn_server_policy.sh'

option path '/etc/firewall.vpn_server_policy.sh'

option reload '1'

option reload '1'

option enabled '1'

option enabled '1'

config rule 'glipv6_guest_dhcp'

config rule 'glipv6_guest_dhcp'

option name 'Allow-DHCP-IPV6'

option name 'Allow-DHCP-IPV6'

option src 'guest'

option src 'guest'

option target 'ACCEPT'

option target 'ACCEPT'

option proto 'udp'

option proto 'udp'

option dest_port '546:547'

option dest_port '546:547'

option family 'ipv6'

option family 'ipv6'

config rule 'glipv6_guest_icmp'

config rule 'glipv6_guest_icmp'

option name 'Allow-ICMP-IPV6'

option name 'Allow-ICMP-IPV6'

option src 'guest'

option src 'guest'

option target 'ACCEPT'

option target 'ACCEPT'

option proto 'icmp'

option proto 'icmp'

option dest_port '58'

option dest_port '58'

option family 'ipv6'

option family 'ipv6'

root@GL-MT6000:~#

root@GL-MT6000:~#

Saved diffs

Original text

Open file

IPV6 NATIVE
root@GL-MT6000:~# cat /etc/config/dhcp

config dnsmasq
        option domainneeded '1'
        option boguspriv '1'
        option filterwin2k '0'
        option localise_queries '1'
        option rebind_localhost '1'
        option local '/lan/'
        option domain 'lan'
        option expandhosts '1'
        option nonegcache '0'
        option authoritative '1'
        option readethers '1'
        option leasefile '/tmp/dhcp.leases'
        option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
        option nonwildcard '1'
        option localservice '1'
        option ednspacket_max '1232'
        option rebind_protection '0'

config dhcp 'lan'
        option interface 'lan'
        option start '100'
        option limit '150'
        option leasetime '12h'
        option dhcpv4 'server'
        option ra_slaac '1'
        option force '1'
        option dhcpv6 'server'
        option ra 'server'
        option ndp 'disabled'
        option ra_management '0'
        list ra_flags 'other-config'
        option ra_default '1'
        list dns 'fd47:85f0:de56:0000:0000:0000:0000:0001'

config dhcp 'wan'
        option interface 'wan'
        option ignore '1'

config odhcpd 'odhcpd'
        option maindhcp '0'
        option leasefile '/tmp/hosts/odhcpd'
        option leasetrigger '/usr/sbin/odhcpd-update'
        option loglevel '4'

config domain
        option name 'console.gl-inet.com'
        option ip '192.168.8.1'

config domain
        option name 'console.gl-inet.com'
        option ip '::ffff:192.168.8.1'

config dhcp 'guest'
        option interface 'guest'
        option start '100'
        option limit '150'
        option leasetime '12h'
        list dns 'fd47:85f0:de56:0001:0000:0000:0000:0001'
        option dhcpv6 'server'
        option ra 'server'
        option ra_management '1'
        option ra_default '1'
        list ra_flags 'other-config'
        list ra_flags 'managed-config'

config dhcp 'secondwan'
        option interface 'secondwan'
        option ignore '1'

root@GL-MT6000:~# cat /etc/config/network

config interface 'loopback'
        option device 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fd47:85f0:de56::/48'

config device
        option name 'br-lan'
        option type 'bridge'
        list ports 'lan1'
        list ports 'lan2'
        list ports 'lan3'
        list ports 'lan4'
        list ports 'lan5'
        option macaddr '94:83:c4:a2:0f:0c'

config device
        option name 'lan1'
        option macaddr '94:83:c4:a2:0f:0c'

config device
        option name 'lan2'
        option macaddr '94:83:c4:a2:0f:0c'

config device
        option name 'lan3'
        option macaddr '94:83:c4:a2:0f:0c'

config device
        option name 'lan4'
        option macaddr '94:83:c4:a2:0f:0c'

config device
        option name 'lan5'
        option macaddr '94:83:c4:a2:0f:0c'

config interface 'lan'
        option device 'br-lan'
        option proto 'static'
        option ipaddr '192.168.8.1'
        option netmask '255.255.255.0'
        option isolate '0'
        option ip6hint '0000'
        option ip6ifaceid '::1'
        option ip6assign '60'
        list ip6class 'wan6'
        list ip6class 'wwan6'
        list ip6class 'tethering6'
        list ip6class 'modem_2_1_6'
        list ip6class 'modem_1_2_6'

config device
        option name 'eth1'
        option macaddr '94:83:c4:a2:0f:0a'

config interface 'wan'
        option device 'eth1'
        option proto 'dhcp'
        option force_link '0'
        option metric '10'
        option ipv6 '1'

config interface 'wan6'
        option proto 'dhcpv6'
        option device '@wan'
        option disabled '0'

config interface 'tethering6'
        option device '@tethering'
        option proto 'dhcpv6'
        option disabled '0'

config interface 'wwan6'
        option device '@wwan'
        option proto 'dhcpv6'
        option disabled '0'

config interface 'guest'
        option force_link '1'
        option type 'bridge'
        option proto 'static'
        option ipaddr '192.168.9.1'
        option netmask '255.255.255.0'
        option multicast_querier '1'
        option igmp_snooping '0'
        option isolate '0'
        option bridge_empty '1'
        option disabled '1'
        option ip6prefix 'fd47:85f0:de56::/48'
        option ip6assign '64'
        option ip6hint '0001'
        option ip6ifaceid '::1'
        option ip6class 'guest'

config interface 'wwan'
        option proto 'dhcp'
        option metric '20'

config interface 'secondwan'
        option ipv6 '0'
        option proto 'dhcp'
        option metric '15'
        option force_link '0'

config interface 'secondwan6'
        option proto 'dhcpv6'
        option device '@secondwan'
        option disabled '1'
        option metric '15'

config interface 'modem_1_1_2_6'
        option ifname '@modem_1_1_2'
        option proto 'dhcpv6'
        option disabled '0'

config rule 'policy_direct_rt'
        option lookup 'main'
        option suppress_prefixlength '0'
        option priority '1100'

config rule 'policy_default_rt_vpn'
        option mark '0x8000/0xc000'
        option lookup '8000'
        option priority '1101'
        option invert '1'

config rule6 'policy_direct_rt6'
        option lookup 'main'
        option suppress_prefixlength '0'
        option priority '1100'

config rule6 'policy_default_rt_vpn6'
        option mark '0x8000/0xc000'
        option lookup '8000'
        option priority '1101'
        option invert '1'

config rule 'policy_default_rt_vpn_ts'
        option lookup 'main'
        option priority '1099'
        option mark '0x80000/0xc0000'
        option invert '0'

root@GL-MT6000:~# cat /etc/config/firewall

config defaults
        option syn_flood '1'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'REJECT'

config zone
        option name 'lan'
        list network 'lan'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'

config zone
        option name 'wan'
        list network 'wan'
        list network 'wan6'
        list network 'wwan'
        list network 'secondwan'
        option output 'ACCEPT'
        option forward 'REJECT'
        option mtu_fix '1'
        option input 'DROP'
        option masq '1'

config forwarding
        option src 'lan'
        option dest 'wan'

config rule
        option name 'Allow-DHCP-Renew'
        option src 'wan'
        option proto 'udp'
        option dest_port '68'
        option target 'ACCEPT'
        option family 'ipv4'

config rule
        option name 'Allow-IGMP'
        option src 'wan'
        option proto 'igmp'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-DHCPv6'
        option src 'wan'
        option proto 'udp'
        option dest_port '546'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-MLD'
        option src 'wan'
        option proto 'icmp'
        option src_ip 'fe80::/10'
        list icmp_type '130/0'
        list icmp_type '131/0'
        list icmp_type '132/0'
        list icmp_type '143/0'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Input'
        option src 'wan'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        list icmp_type 'router-solicitation'
        list icmp_type 'neighbour-solicitation'
        list icmp_type 'router-advertisement'
        list icmp_type 'neighbour-advertisement'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Forward'
        option src 'wan'
        option dest '*'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-IPSec-ESP'
        option src 'wan'
        option dest 'lan'
        option proto 'esp'
        option target 'ACCEPT'

config rule
        option name 'Allow-ISAKMP'
        option src 'wan'
        option dest 'lan'
        option dest_port '500'
        option proto 'udp'
        option target 'ACCEPT'

config rule
        option name 'Support-UDP-Traceroute'
        option src 'wan'
        option dest_port '33434:33689'
        option proto 'udp'
        option family 'ipv4'
        option target 'REJECT'
        option enabled 'false'

config include
        option path '/etc/firewall.user'

config include 'nat6'
        option path '/etc/firewall.nat6'
        option reload '1'

config rule 'block_dns'
        option name 'block_dns'
        option src '*'
        option device 'br-+'
        option dest_port '53'
        option target 'REJECT'
        option enabled '0'

config rule 'process_mark'
        option name 'process_mark'
        option dest '*'
        option proto 'all'
        option extra '-m owner --gid-owner 65533'
        option target 'MARK'
        option set_xmark '0x8000/0xc000'

config rule 'wan_in_conn_mark'
        option name 'wan_in_conn_mark'
        option src 'wan'
        option dest '*'
        option set_xmark '0x8000/0xc000'
        option target 'MARK'
        option extra '-j CONNMARK --set-xmark 0x8000/0xc000'
        option enabled '0'

config rule 'lan_in_conn_mark_restore'
        option name 'lan_in_conn_mark_restore'
        option src 'lan'
        option dest '*'
        option set_xmark '0x8000/0xc000'
        option target 'MARK'
        option extra '-m connmark --mark 0x8000/0xc000 -j CONNMARK --restore-mark'
        option enabled '0'

config rule 'out_conn_mark_restore'
        option name 'out_conn_mark_restore'
        option dest '*'
        option set_xmark '0x8000/0xc000'
        option target 'MARK'
        option extra '-m connmark --mark 0x8000/0xc000 -j CONNMARK --restore-mark'
        option enabled '0'

config include 'swap_wan_in_conn_mark'
        option type 'script'
        option reload '1'
        option path '/etc/firewall.swap_wan_in_conn_mark.sh'
        option enabled '0'

config include 'gls2s'
        option type 'script'
        option path '/var/etc/gls2s.include'
        option reload '1'

config include 'glblock'
        option type 'script'
        option path '/usr/bin/gl_block.sh'
        option reload '1'

config zone
        option name 'guest'
        option network 'guest'
        option forward 'REJECT'
        option output 'ACCEPT'
        option input 'REJECT'

config forwarding
        option src 'guest'
        option dest 'wan'

config rule
        option name 'Allow-DHCP'
        option src 'guest'
        option target 'ACCEPT'
        option proto 'udp'
        option dest_port '67-68'

config rule
        option name 'Allow-DNS'
        option src 'guest'
        option target 'ACCEPT'
        option proto 'tcp udp'
        option dest_port '53'

config include 'vpn_server_policy'
        option type 'script'
        option path '/etc/firewall.vpn_server_policy.sh'
        option reload '1'
        option enabled '1'

config rule 'glipv6_guest_dhcp'
        option name 'Allow-DHCP-IPV6'
        option src 'guest'
        option target 'ACCEPT'
        option proto 'udp'
        option dest_port '546:547'
        option family 'ipv6'

config rule 'glipv6_guest_icmp'
        option name 'Allow-ICMP-IPV6'
        option src 'guest'
        option target 'ACCEPT'
        option proto 'icmp'
        option dest_port '58'
        option family 'ipv6'

root@GL-MT6000:~#

Changed text

Open file

IPV6 PASSTHROUGH
root@GL-MT6000:~# cat /etc/config/dhcp

config dnsmasq
        option domainneeded '1'
        option boguspriv '1'
        option filterwin2k '0'
        option localise_queries '1'
        option rebind_localhost '1'
        option local '/lan/'
        option domain 'lan'
        option expandhosts '1'
        option nonegcache '0'
        option authoritative '1'
        option readethers '1'
        option leasefile '/tmp/dhcp.leases'
        option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
        option nonwildcard '1'
        option localservice '1'
        option ednspacket_max '1232'
        option rebind_protection '0'

config dhcp 'lan'
        option interface 'lan'
        option start '100'
        option limit '150'
        option leasetime '12h'
        option dhcpv4 'server'
        option ra_slaac '1'
        option force '1'
        option dhcpv6 'relay'
        option ra 'relay'
        option ndp 'relay'

config dhcp 'wan'
        option interface 'wan'
        option ignore '1'

config odhcpd 'odhcpd'
        option maindhcp '0'
        option leasefile '/tmp/hosts/odhcpd'
        option leasetrigger '/usr/sbin/odhcpd-update'
        option loglevel '4'

config domain
        option name 'console.gl-inet.com'
        option ip '192.168.8.1'

config domain
        option name 'console.gl-inet.com'
        option ip '::ffff:192.168.8.1'

config dhcp 'guest'
        option interface 'guest'
        option start '100'
        option limit '150'
        option leasetime '12h'
        list dns 'fd47:85f0:de56:0001:0000:0000:0000:0001'
        option dhcpv6 'server'
        option ra 'server'
        option ra_management '1'
        option ra_default '1'
        list ra_flags 'other-config'
        list ra_flags 'managed-config'

config dhcp 'secondwan'
        option interface 'secondwan'
        option ignore '1'

config dhcp 'wan6'
        option interface 'wan6'
        option dhcpv6 'relay'
        option ra 'relay'
        option ndp 'relay'
        option master '1'

config dhcp 'wwan6'
        option interface 'wwan6'
        option dhcpv6 'relay'
        option ra 'relay'
        option ndp 'relay'
        option master '1'

config dhcp 'tethering6'
        option interface 'tethering6'
        option dhcpv6 'relay'
        option ra 'relay'
        option ndp 'relay'
        option master '1'

config dhcp 'modem_1_1_2_6'
        option interface 'modem_1_1_2'
        option dhcpv6 'relay'
        option ra 'relay'
        option ndp 'relay'
        option master '1'

root@GL-MT6000:~# cat /etc/config/network

config interface 'loopback'
        option device 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fd47:85f0:de56::/48'

config device
        option name 'br-lan'
        option type 'bridge'
        list ports 'lan1'
        list ports 'lan2'
        list ports 'lan3'
        list ports 'lan4'
        list ports 'lan5'
        option macaddr '94:83:c4:a2:0f:0c'

config device
        option name 'lan1'
        option macaddr '94:83:c4:a2:0f:0c'

config device
        option name 'lan2'
        option macaddr '94:83:c4:a2:0f:0c'

config device
        option name 'lan3'
        option macaddr '94:83:c4:a2:0f:0c'

config device
        option name 'lan4'
        option macaddr '94:83:c4:a2:0f:0c'

config device
        option name 'lan5'
        option macaddr '94:83:c4:a2:0f:0c'

config interface 'lan'
        option device 'br-lan'
        option proto 'static'
        option ipaddr '192.168.8.1'
        option netmask '255.255.255.0'
        option isolate '0'
        option ip6assign '64'
        option ip6hint '0000'
        option ip6ifaceid '::1'

config device
        option name 'eth1'
        option macaddr '94:83:c4:a2:0f:0a'

config interface 'wan'
        option device 'eth1'
        option proto 'dhcp'
        option force_link '0'
        option metric '10'
        option ipv6 '1'

config interface 'wan6'
        option proto 'dhcpv6'
        option device '@wan'
        option disabled '0'

config interface 'tethering6'
        option device '@tethering'
        option proto 'dhcpv6'
        option disabled '0'

config interface 'wwan6'
        option device '@wwan'
        option proto 'dhcpv6'
        option disabled '0'

config interface 'guest'
        option force_link '1'
        option type 'bridge'
        option proto 'static'
        option ipaddr '192.168.9.1'
        option netmask '255.255.255.0'
        option multicast_querier '1'
        option igmp_snooping '0'
        option isolate '0'
        option bridge_empty '1'
        option disabled '1'
        option ip6prefix 'fd47:85f0:de56::/48'
        option ip6assign '64'
        option ip6hint '0001'
        option ip6ifaceid '::1'
        option ip6class 'guest'

config interface 'wwan'
        option proto 'dhcp'
        option metric '20'

config interface 'secondwan'
        option ipv6 '0'
        option proto 'dhcp'
        option metric '15'
        option force_link '0'

config interface 'secondwan6'
        option proto 'dhcpv6'
        option device '@secondwan'
        option disabled '1'
        option metric '15'

config interface 'modem_1_1_2_6'
        option ifname '@modem_1_1_2'
        option proto 'dhcpv6'
        option disabled '0'

config rule 'policy_direct_rt'
        option lookup 'main'
        option suppress_prefixlength '0'
        option priority '1100'

config rule 'policy_default_rt_vpn'
        option mark '0x8000/0xc000'
        option lookup '8000'
        option priority '1101'
        option invert '1'

config rule6 'policy_direct_rt6'
        option lookup 'main'
        option suppress_prefixlength '0'
        option priority '1100'

config rule6 'policy_default_rt_vpn6'
        option mark '0x8000/0xc000'
        option lookup '8000'
        option priority '1101'
        option invert '1'

config rule 'policy_default_rt_vpn_ts'
        option lookup 'main'
        option priority '1099'
        option mark '0x80000/0xc0000'
        option invert '0'

root@GL-MT6000:~# cat /etc/config/firewall

config defaults
        option syn_flood '1'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'REJECT'

config zone
        option name 'lan'
        list network 'lan'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'

config zone
        option name 'wan'
        list network 'wan'
        list network 'wan6'
        list network 'wwan'
        list network 'secondwan'
        option output 'ACCEPT'
        option forward 'REJECT'
        option mtu_fix '1'
        option input 'DROP'
        option masq '1'

config forwarding
        option src 'lan'
        option dest 'wan'

config rule
        option name 'Allow-DHCP-Renew'
        option src 'wan'
        option proto 'udp'
        option dest_port '68'
        option target 'ACCEPT'
        option family 'ipv4'

config rule
        option name 'Allow-IGMP'
        option src 'wan'
        option proto 'igmp'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-DHCPv6'
        option src 'wan'
        option proto 'udp'
        option dest_port '546'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-MLD'
        option src 'wan'
        option proto 'icmp'
        option src_ip 'fe80::/10'
        list icmp_type '130/0'
        list icmp_type '131/0'
        list icmp_type '132/0'
        list icmp_type '143/0'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Input'
        option src 'wan'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        list icmp_type 'router-solicitation'
        list icmp_type 'neighbour-solicitation'
        list icmp_type 'router-advertisement'
        list icmp_type 'neighbour-advertisement'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Forward'
        option src 'wan'
        option dest '*'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-IPSec-ESP'
        option src 'wan'
        option dest 'lan'
        option proto 'esp'
        option target 'ACCEPT'

config rule
        option name 'Allow-ISAKMP'
        option src 'wan'
        option dest 'lan'
        option dest_port '500'
        option proto 'udp'
        option target 'ACCEPT'

config rule
        option name 'Support-UDP-Traceroute'
        option src 'wan'
        option dest_port '33434:33689'
        option proto 'udp'
        option family 'ipv4'
        option target 'REJECT'
        option enabled 'false'

config include
        option path '/etc/firewall.user'

config include 'nat6'
        option path '/etc/firewall.nat6'
        option reload '1'

config rule 'block_dns'
        option name 'block_dns'
        option src '*'
        option device 'br-+'
        option dest_port '53'
        option target 'REJECT'
        option enabled '0'

config rule 'process_mark'
        option name 'process_mark'
        option dest '*'
        option proto 'all'
        option extra '-m owner --gid-owner 65533'
        option target 'MARK'
        option set_xmark '0x8000/0xc000'

config rule 'wan_in_conn_mark'
        option name 'wan_in_conn_mark'
        option src 'wan'
        option dest '*'
        option set_xmark '0x8000/0xc000'
        option target 'MARK'
        option extra '-j CONNMARK --set-xmark 0x8000/0xc000'
        option enabled '0'

config rule 'lan_in_conn_mark_restore'
        option name 'lan_in_conn_mark_restore'
        option src 'lan'
        option dest '*'
        option set_xmark '0x8000/0xc000'
        option target 'MARK'
        option extra '-m connmark --mark 0x8000/0xc000 -j CONNMARK --restore-mark'
        option enabled '0'

config rule 'out_conn_mark_restore'
        option name 'out_conn_mark_restore'
        option dest '*'
        option set_xmark '0x8000/0xc000'
        option target 'MARK'
        option extra '-m connmark --mark 0x8000/0xc000 -j CONNMARK --restore-mark'
        option enabled '0'

config include 'swap_wan_in_conn_mark'
        option type 'script'
        option reload '1'
        option path '/etc/firewall.swap_wan_in_conn_mark.sh'
        option enabled '0'

config include 'gls2s'
        option type 'script'
        option path '/var/etc/gls2s.include'
        option reload '1'

config include 'glblock'
        option type 'script'
        option path '/usr/bin/gl_block.sh'
        option reload '1'

config zone
        option name 'guest'
        option network 'guest'
        option forward 'REJECT'
        option output 'ACCEPT'
        option input 'REJECT'

config forwarding
        option src 'guest'
        option dest 'wan'

config rule
        option name 'Allow-DHCP'
        option src 'guest'
        option target 'ACCEPT'
        option proto 'udp'
        option dest_port '67-68'

config rule
        option name 'Allow-DNS'
        option src 'guest'
        option target 'ACCEPT'
        option proto 'tcp udp'
        option dest_port '53'

config include 'vpn_server_policy'
        option type 'script'
        option path '/etc/firewall.vpn_server_policy.sh'
        option reload '1'
        option enabled '1'

config rule 'glipv6_guest_dhcp'
        option name 'Allow-DHCP-IPV6'
        option src 'guest'
        option target 'ACCEPT'
        option proto 'udp'
        option dest_port '546:547'
        option family 'ipv6'

config rule 'glipv6_guest_icmp'
        option name 'Allow-ICMP-IPV6'
        option src 'guest'
        option target 'ACCEPT'
        option proto 'icmp'
        option dest_port '58'
        option family 'ipv6'

root@GL-MT6000:~#