-
[EdgeRouter] 명령어 익히기 - show configuration commandsDevice 2021. 3. 9. 08:35
마법사를 이용해 설정한 내용 보는 방법
참조: help.ui.com/hc/en-us/articles/205223490-EdgeRouter-Copy-and-Replace-Configuration-Sections
앞서 마법사를 이용해 기본 설정을 해두었는데, EdgeRouter에서는 설정된 내용을 기반으로 어떤 명령을 사용하면 현재와 동일한 설정을 만들수 있는지 알려주는 show configuration commands 명령어가 있다.
show configuration commands 를 입력하면 기본적으로 more 모드로 동작하는데 no-more 로 한꺼번에 출력 할 수 있다.
zeper@ubnt:~$ show configuration commands | no-more set firewall all-ping enable set firewall broadcast-ping disable set firewall ipv6-name WANv6_IN default-action drop set firewall ipv6-name WANv6_IN description 'WAN inbound traffic forwarded to LAN' set firewall ipv6-name WANv6_IN enable-default-log set firewall ipv6-name WANv6_IN rule 10 action accept set firewall ipv6-name WANv6_IN rule 10 description 'Allow established/related sessions' set firewall ipv6-name WANv6_IN rule 10 state established enable set firewall ipv6-name WANv6_IN rule 10 state related enable set firewall ipv6-name WANv6_IN rule 20 action drop set firewall ipv6-name WANv6_IN rule 20 description 'Drop invalid state' set firewall ipv6-name WANv6_IN rule 20 state invalid enable set firewall ipv6-name WANv6_LOCAL default-action drop set firewall ipv6-name WANv6_LOCAL description 'WAN inbound traffic to the router' set firewall ipv6-name WANv6_LOCAL enable-default-log set firewall ipv6-name WANv6_LOCAL rule 10 action accept set firewall ipv6-name WANv6_LOCAL rule 10 description 'Allow established/related sessions' set firewall ipv6-name WANv6_LOCAL rule 10 state established enable set firewall ipv6-name WANv6_LOCAL rule 10 state related enable set firewall ipv6-name WANv6_LOCAL rule 20 action drop set firewall ipv6-name WANv6_LOCAL rule 20 description 'Drop invalid state' set firewall ipv6-name WANv6_LOCAL rule 20 state invalid enable set firewall ipv6-name WANv6_LOCAL rule 30 action accept set firewall ipv6-name WANv6_LOCAL rule 30 description 'Allow IPv6 icmp' set firewall ipv6-name WANv6_LOCAL rule 30 protocol ipv6-icmp set firewall ipv6-name WANv6_LOCAL rule 40 action accept set firewall ipv6-name WANv6_LOCAL rule 40 description 'allow dhcpv6' set firewall ipv6-name WANv6_LOCAL rule 40 destination port 546 set firewall ipv6-name WANv6_LOCAL rule 40 protocol udp set firewall ipv6-name WANv6_LOCAL rule 40 source port 547 set firewall ipv6-receive-redirects disable set firewall ipv6-src-route disable set firewall ip-src-route disable set firewall log-martians enable set firewall name WAN_IN default-action drop set firewall name WAN_IN description 'WAN to internal' set firewall name WAN_IN rule 10 action accept set firewall name WAN_IN rule 10 description 'Allow established/related' set firewall name WAN_IN rule 10 state established enable set firewall name WAN_IN rule 10 state related enable set firewall name WAN_IN rule 20 action drop set firewall name WAN_IN rule 20 description 'Drop invalid state' set firewall name WAN_IN rule 20 state invalid enable set firewall name WAN_LOCAL default-action drop set firewall name WAN_LOCAL description 'WAN to router' set firewall name WAN_LOCAL rule 10 action accept set firewall name WAN_LOCAL rule 10 description 'Allow established/related' set firewall name WAN_LOCAL rule 10 state established enable set firewall name WAN_LOCAL rule 10 state related enable set firewall name WAN_LOCAL rule 20 action drop set firewall name WAN_LOCAL rule 20 description 'Drop invalid state' set firewall name WAN_LOCAL rule 20 state invalid enable set firewall receive-redirects disable set firewall send-redirects enable set firewall source-validation disable set firewall syn-cookies enable set interfaces ethernet eth0 address dhcp set interfaces ethernet eth0 description Internet set interfaces ethernet eth0 duplex auto set interfaces ethernet eth0 firewall in ipv6-name WANv6_IN set interfaces ethernet eth0 firewall in name WAN_IN set interfaces ethernet eth0 firewall local ipv6-name WANv6_LOCAL set interfaces ethernet eth0 firewall local name WAN_LOCAL set interfaces ethernet eth0 speed auto set interfaces ethernet eth1 address 192.168.1.1/24 set interfaces ethernet eth1 description Local set interfaces ethernet eth1 duplex auto set interfaces ethernet eth1 speed auto set interfaces ethernet eth2 address 192.168.2.1/24 set interfaces ethernet eth2 description 'Local 2' set interfaces ethernet eth2 duplex auto set interfaces ethernet eth2 speed auto set interfaces loopback lo set service dhcp-server disabled false set service dhcp-server hostfile-update disable set service dhcp-server shared-network-name LAN1 authoritative enable set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 default-router 192.168.1.1 set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 dns-server 192.168.1.1 set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 lease 86400 set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 start 192.168.1.38 stop 192.168.1.243 set service dhcp-server shared-network-name LAN2 authoritative enable set service dhcp-server shared-network-name LAN2 subnet 192.168.2.0/24 default-router 192.168.2.1 set service dhcp-server shared-network-name LAN2 subnet 192.168.2.0/24 dns-server 192.168.2.1 set service dhcp-server shared-network-name LAN2 subnet 192.168.2.0/24 lease 86400 set service dhcp-server shared-network-name LAN2 subnet 192.168.2.0/24 start 192.168.2.38 stop 192.168.2.243 set service dhcp-server static-arp disable set service dhcp-server use-dnsmasq disable set service dns forwarding cache-size 150 set service dns forwarding listen-on eth1 set service dns forwarding listen-on eth2 set service gui http-port 80 set service gui https-port 443 set service gui older-ciphers enable set service nat rule 5010 description 'masquerade for WAN' set service nat rule 5010 outbound-interface eth0 set service nat rule 5010 type masquerade set service ssh port 22 set service ssh protocol-version v2 set system host-name ubnt set system ntp server 0.ubnt.pool.ntp.org set system ntp server 1.ubnt.pool.ntp.org set system ntp server 2.ubnt.pool.ntp.org set system ntp server 3.ubnt.pool.ntp.org set system syslog global facility all level notice set system syslog global facility protocols level debug set system time-zone UTC
간단히 마법사로 설정한 내용이 명령어로는 상당한 내용이 존재한다.
위 명령어에서 eth0을 eth2로 바꾸면 WAN 인터페이스를 eth0에서 eth2로 바꾼 동일한 설정을 만들어 낼 수 있다.
열장의 이미지로 설정을 알려주는 것 보다 한번의 명렁어로 간단하게 설정 할 수 있는게 명령어의 장점이기에 앞으로 하나씩 알아가볼 생각이다.
728x90반응형