[TURTORIAL] Konfiguracja sieci gościnnej (VLAN + multiSSID)
|
drawsko |
Dodano 23-10-2013 20:51
|
Power User
Posty: 249
Dołączył: 06/07/2011 07:31
|
Cytat drawsko napisał(a):
Cytat drawsko napisał(a):
I dalej jest kiszka, tj. ten sam problem - z siecią gościnna (br2) można się tylko połączyć gdy sieć jest otwarta lub zabezpieczona WEP.
Połączony z 09 sierpień 2013 22:43:14:
Wgrałem na nowo tomato i dalej nie trybi :/
Połączony z 09 sierpień 2013 23:03:34:
Po kilku testach stwierdzam:
tomato-K26USB-1.28.RT-N5x-MIPSR2-112-NEWDRIVER-AIO-64K.trx - niedziała poprawnie wirtualna sieć
tomato-K26USB-1.28.RT-N5x-MIPSR2-112-AIO-64K.trx - działa tak jak należy
wrzuciłem na rt-n66u Tomato Firmware 1.28.0000 MIPSR2-114 K26AC USB AIO-64K i znów kiszka. Do sieci gościnnej można się połączyć gdy sieć jest otwarta lub zabezpieczona WEP.
mam prośbę ... sprawdźcie czy mając wrzucone Tomato Firmware 1.28.0000 MIPSR2-114 K26AC USB AIO-64K możecie połączyć się do sieci przy zabezpieczeniu innym niż wep? |
|
|
|
kiton |
Dodano 24-01-2014 22:04
|
User
Posty: 13
Dołączył: 12/12/2008 21:41
|
Pod port1 (lan1) podłączyłem AP. Czy jest możliwość dostania się do jego konfiguracji z lan?
kiton załączono następujące plik:
Nie masz uprawnień, by zobaczyć załączniki w tym wątku.
|
|
|
|
shibby |
Dodano 24-01-2014 22:12
|
SysOp
Posty: 17109
Dołączył: 15/01/2009 20:30
|
jeszcze jakbyś wypiął port1 z br0
Proxmox VE: i5-13400T, 64GB RAM, 2x 512GB NVMe, 3x 2TB SSD, Intel X710-DA2 SFP+
VM Router: OpenWRT 22.03.4
VM NAS: Synology SA6400
VM VPS: Debian, WWW, Home Assistant
Switch: Netgear MS510TXPP
Switch: Ubiquiti USW-Flex-mini - szt. 2
Wi-Fi: Ubiquiti U6-Lite - szt. 2
|
|
|
|
kiton |
Dodano 25-01-2014 11:15
|
User
Posty: 13
Dołączył: 12/12/2008 21:41
|
Obawiam się że nie ma takiej opcji. Odznaczam port1 z lan (bt0), klikam ok, klikam zapisz i po restarcie routera ustawienia wracają do tego co było, czyli jak na poprzednim obrazku
Połączony z 25 styczeń 2014 11:48:32:
Dodam że mój router to asus rt-n10u.
Połączony z 23 luty 2014 19:48:35:
Nie będę zakładał nowego tematu, mam jeszcze dwa pytania związane z dwoma vlanami:
1. Dlaczego nie można dodać tego samego mac adresu do drugiego vlanu? Powiedzmy że na dachu mam AP i czasami chciałbym się do niego logować jako zanany użytkownik.
2. Jak się ma qos do drugiego vlanu? W zakładce "monitor ruchu ip/szczegóły ip trafic" widzę sporo połączeń tcp i udp z komputera z vlan2, a w zakładce "qos/szczegóły połączeń", jedno: "Unclassified".
Dziękuję za odpowiedz.
Edytowany przez kiton dnia 23-02-2014 19:48
|
|
|
|
ptyku |
Dodano 29-03-2014 16:52
|
User
Posty: 16
Dołączył: 10/10/2007 00:18
|
trochę walczyłem z siecią domową na swoim wrt54gl i najnowszym tomato v116en i niestety tak jak któryś z kolegów napisał dalej na tym routerze jest problem z szyfrowaniem. Tzn jeśli sieć gościnna jest nieszyfrowana to wszystko gra, elegancko się łączymy ale po włączeniu szyfrowania sieć ... znika. Czy ktoś ma jakieś pomysły?
pozdrawiam |
|
|
|
Callahan |
Dodano 28-04-2014 19:14
|
User
Posty: 23
Dołączył: 08/06/2012 23:06
|
A jak to ustawić, gdy chciałbym to zrobić na samym access poincie bez dnsa i dhcp, który kieruje ruch z własnego wifi na bramkę po lanie?
Netgear WNR3500L V1
1.28.0000 MIPSR2-138 K26 USB
Netgear WNR3500L V2
1.28.0000 MIPSR2-138 K26 USB AIO
UPC 120/10 EPC3212
Syn DS213J
|
|
|
|
tartarek |
Dodano 09-06-2014 11:41
|
User
Posty: 63
Dołączył: 14/01/2012 12:23
|
mam 2 sieci na wifi:
wifi1 - 192.168.3.
wifi2 - 192.168.5.
jak zablokowac 192.168.5. dostep do routera 192.168.3.1?
innymi slowy - postawic calkowita separacje pomiedzy 3/5 |
|
|
|
sapcio2 |
Dodano 09-06-2014 12:44
|
Power User
Posty: 352
Dołączył: 21/11/2012 19:45
|
Według mnie powinno wystarczyć w Administracja->admin access w sekcji Admin Restrictions wpisać adresy które mają dostęp, ewentualnie pulę adresów np 192.168.3.1-192.168.3.254
To oczywiście dotyczy dostępu do administracji routerem.
-------------------------------------------------------------------------------------------------------------------------------------------------------------------
Asus RT-N16 - tomato-K26USB-1.28.RT-N5x-MIPSR2-115-NEWDRIVER
|
|
|
|
shibby |
Dodano 09-06-2014 13:16
|
SysOp
Posty: 17109
Dołączył: 15/01/2009 20:30
|
Cytat jak zablokowac 192.168.5. dostep do routera 192.168.3.1?
chodzi o dostęp do gui tomato czy jakieś usługi na routerze np. sambe?
Proxmox VE: i5-13400T, 64GB RAM, 2x 512GB NVMe, 3x 2TB SSD, Intel X710-DA2 SFP+
VM Router: OpenWRT 22.03.4
VM NAS: Synology SA6400
VM VPS: Debian, WWW, Home Assistant
Switch: Netgear MS510TXPP
Switch: Ubiquiti USW-Flex-mini - szt. 2
Wi-Fi: Ubiquiti U6-Lite - szt. 2
|
|
|
|
tartarek |
Dodano 09-06-2014 13:26
|
User
Posty: 63
Dołączył: 14/01/2012 12:23
|
calkowicie wyciac dostep do 192.168.3.* z 192.168.5.* pozostawiajac 192.168.5.* dostep do sieci. |
|
|
|
shibby |
Dodano 09-06-2014 13:45
|
SysOp
Posty: 17109
Dołączył: 15/01/2009 20:30
|
ale te sieci są odseparowane np. komputer w sieci 192.16.3.x mie będzie widział drukarki w 192.168.5.x - chyba że na to zezwolisz.
Jedynie usługi które dzierży router są dostępne dla każdej sieci bo to wpada w łańcuch INPUT a nie FORWARD.
Co znaczy
Cytat pozostawiajac 192.168.5.* dostep do sieci.
??
chcesz drugiej sieci wyłączyć też internet?
Proxmox VE: i5-13400T, 64GB RAM, 2x 512GB NVMe, 3x 2TB SSD, Intel X710-DA2 SFP+
VM Router: OpenWRT 22.03.4
VM NAS: Synology SA6400
VM VPS: Debian, WWW, Home Assistant
Switch: Netgear MS510TXPP
Switch: Ubiquiti USW-Flex-mini - szt. 2
Wi-Fi: Ubiquiti U6-Lite - szt. 2
|
|
|
|
tartarek |
Dodano 09-06-2014 13:56
|
User
Posty: 63
Dołączył: 14/01/2012 12:23
|
na chwile obecna podlaczajac sie niezaleznie do 192.168.3.* lub 192.168.5.* mam dostep do zasobow w obu sieciach oraz do internetu.
moj cel to calkowita separacja:
- 192.168.3.* ma miec dostep do routera 192.168.3.1 oraz zasobow w obrebie 192.168.3.* + internet
- 192.168.5.* nie ma miec dostepu do routera 192.168.3.1 oraz zasobow w obrebie 192.168.3.*, a jedynie 192.168.5.* + internet
biezaca konfiguracja
Advanced -> Virtual wireless
eth1 (wl0) Yes Wifi1 Access Point LAN (br0)
wl0.1 Yes Wifi2 Access Point LAN1 (br1)
Advanved -> VLAN
VLAN VID Port 1 Tagged Port 2 Tagged Port 3 Tagged Port 4 Tagged WAN Port Tagged Default Bridge
1 1 Yes Yes Yes Yes * LAN (br0)
2 2 Yes WAN
Zgodnie z opisem http://www.mcbsys.com/techblog/2011/11/set-up-guest-wireless-with-tomato/ musze dodac nowy VLAN (3) i podpiac pon LAN1(br1), ale wymaga to resetu i czysci mi calkowicie NVRAM
pytanie, gdzie popelniam blad? |
|
|
|
shibby |
Dodano 09-06-2014 14:35
|
SysOp
Posty: 17109
Dołączył: 15/01/2009 20:30
|
no właśnie brak tebo pustego vlan3. Mówisz, że czyści ci nvram ... może nie masz już miejsca w nvramie by dokonywać zmian?
Proxmox VE: i5-13400T, 64GB RAM, 2x 512GB NVMe, 3x 2TB SSD, Intel X710-DA2 SFP+
VM Router: OpenWRT 22.03.4
VM NAS: Synology SA6400
VM VPS: Debian, WWW, Home Assistant
Switch: Netgear MS510TXPP
Switch: Ubiquiti USW-Flex-mini - szt. 2
Wi-Fi: Ubiquiti U6-Lite - szt. 2
|
|
|
|
tartarek |
Dodano 09-06-2014 20:09
|
User
Posty: 63
Dołączył: 14/01/2012 12:23
|
bardzo mozliwe
Total / Free NVRAM 32.00 KB / 1272 (3.88%)
jak moge zwolnic troche miejsca/sprawdzic co zajmuje nvram?
router to rt-n16 |
|
|
|
shibby |
Dodano 09-06-2014 20:25
|
SysOp
Posty: 17109
Dołączył: 15/01/2009 20:30
|
nvram show | more
Proxmox VE: i5-13400T, 64GB RAM, 2x 512GB NVMe, 3x 2TB SSD, Intel X710-DA2 SFP+
VM Router: OpenWRT 22.03.4
VM NAS: Synology SA6400
VM VPS: Debian, WWW, Home Assistant
Switch: Netgear MS510TXPP
Switch: Ubiquiti USW-Flex-mini - szt. 2
Wi-Fi: Ubiquiti U6-Lite - szt. 2
|
|
|
|
tartarek |
Dodano 09-06-2014 21:54
|
User
Posty: 63
Dołączył: 14/01/2012 12:23
|
DSCP_fix_enable=1
NC_AllowedWebHosts=
NC_BridgeLAN=br0
NC_DocumentRoot=/tmp/splashd
NC_ExcludePorts=1863
NC_ForcedRedirect=1
NC_GatewayMode=Open
NC_GatewayName=Tomato Captive Portal
NC_GatewayPort=5280
NC_HomePage=http://google.com
NC_IdleTimeout=0
NC_IncludePorts=
NC_LoginTimeout=3600
NC_MACWhiteList=
NC_MaxMissedARP=5
NC_PeerChecktimeout=0
NC_RenewTimeout=0
NC_Verbosity=2
NC_enable=0
RBrowser=/opt/RouterBrowser
action_service=
atm_overhead=0
block_wan=1
block_wan_limit=1
block_wan_limit_icmp=1
block_wan_limit_tr=5
boardflags2=0x400
boardflags=0x310
boardnum=45
boardrev=0x1218
boardtype=0x04cf
boot_wait=on
brau_state=
bt_auth=1
bt_binary=internal
bt_binary_custom=/path/to/binaries/directory
bt_blocklist=1
bt_blocklist_url=http://list.iblocklist.com/?list=bt_level1
bt_check=1
bt_check_time=15
bt_custom=
bt_dht=0
bt_dir=/opt/mp3
bt_dl=248
bt_dl_enable=0
bt_dl_queue_enable=0
bt_dl_queue_size=5
bt_enable=0
bt_incomplete=1
bt_login=admin
bt_lpd=0
bt_message=2
bt_password=nomore.2
bt_peer_limit_global=150
bt_peer_limit_per_torrent=30
bt_pex=0
bt_port=51515
bt_port_gui=9099
bt_ratio=1.0000
bt_ratio_enable=0
bt_ratio_idle=1
bt_ratio_idle_enable=1
bt_rpc_enable=1
bt_rpc_wan=0
bt_settings=down_dir
bt_settings_custom=/tmp/btclient
bt_sleep=10
bt_ul=1
bt_ul_enable=1
bt_ul_queue_enable=0
bt_ul_queue_size=5
bt_ul_slot_per_torrent=10
bt_utp=1
btn_override=
btn_reset=
cifs1=
cifs2=
clkfreq=480,240,120
console_loglevel=1
cstats_all=1
cstats_bak=0
cstats_enable=1
cstats_exclude=
cstats_include=
cstats_labels=0
cstats_offset=1
cstats_path=
cstats_sshut=1
cstats_stime=48
ct_hashsize=2048
ct_max=8192
ct_tcp_timeout=0 1200 120 60 120 120 10 60 30 0
ct_timeout=600 30
ct_udp_timeout=30 180
ctf_disable=1
ddnsx0=
ddnsx0_cache=
ddnsx1=
ddnsx1_cache=
ddnsx_ip=
ddnsx_refresh=28
ddnsx_save=1
debug_clkfix=1
debug_cprintf=0
debug_cprintf_file=0
debug_ddns=0
debug_nocommit=0
dhcp1_lease=1440
dhcp1_num=6
dhcp1_start=50
dhcp2_lease=
dhcp2_num=
dhcp2_start=
dhcp3_lease=
dhcp3_num=
dhcp3_start=
dhcp_domain=wan
dhcp_lease=1440
dhcp_num=31
dhcp_pass=1
dhcp_routes=1
dhcp_start=100
dhcpc_custom=
dhcpc_minpkt=1
dhcpd1_endip=192.168.5.10
dhcpd1_startip=192.168.5.20
dhcpd2_endip=
dhcpd2_startip=
dhcpd3_endip=
dhcpd3_startip=
dhcpd_dmdns=1
dhcpd_endip=192.168.3.13
dhcpd_gwmode=
dhcpd_lmax=
dhcpd_slt=0
dhcpd_startip=192.168.3.5
dhcpd_static_only=0
dmz_enable=0
dmz_ifname=br0
dmz_ipaddr=0
dmz_ra=1
dmz_sip=
dns_addget=0
dns_intcpt=0
dns_norebind=1
dnscrypt_cmd=-m 99
dnscrypt_port=40
dnscrypt_priority=1
dnscrypt_proxy=0
dnsmasq_custom=
dnsmasq_q=0
dnsmasq_static_only=0
dnssec_enable=0
dr_lan1_rx=0
dr_lan1_tx=0
dr_lan2_rx=0
dr_lan2_tx=0
dr_lan3_rx=0
dr_lan3_tx=0
dr_lan_rx=0
dr_lan_tx=0
dr_setting=0
dr_wan_rx=0
dr_wan_tx=0
emf_enable=0
emf_entry=
emf_rtport_entry=
emf_uffp_entry=
env_path=
et0macaddr=XX:XX
et0phyaddr=30
ftp_anonrate=0
ftp_anonroot=
ftp_anonymous=0
ftp_custom=
ftp_dirlist=0
ftp_enable=2
ftp_ipmax=0
ftp_limit=1,3,60
ftp_max=0
ftp_port=21
ftp_pubroot=
ftp_pvtroot=
ftp_rate=0
ftp_sip=
ftp_staytimeout=300
ftp_super=0
ftp_users=xx
gpio11=robo_reset
gpio5=ses_button
hardware_version=RT-N16
http_enable=0
http_id=xx
http_lanport=80
http_passwd=xx
http_username=
http_wanport=8080
https_crt=
https_crt_cn=
https_crt_gen=0
https_crt_save=0
https_enable=1
https_lanport=443
idle_enable=0
ipv6_6rd_borderrelay=68.113.165.1
ipv6_6rd_ipv4masklen=0
ipv6_6rd_prefix=2602:100::
ipv6_6rd_prefix_length=32
ipv6_accept_ra=0
ipv6_dns=
ipv6_get_dns=
ipv6_ifname=six0
ipv6_portforward=
ipv6_prefix=
ipv6_prefix_length=64
ipv6_radvd=1
ipv6_relay=1
ipv6_rtr_addr=
ipv6_service=
ipv6_tun_addr=
ipv6_tun_addrlen=64
ipv6_tun_mtu=0
ipv6_tun_ttl=255
ipv6_tun_v4end=0.0.0.0
jffs2_exec=
jffs2_format=0
jffs2_on=1
jumbo_frame_enable=0
jumbo_frame_size=2000
l2tp_server_ip=
lan1_ifname=br1
lan1_ifnames=wl0.1
lan1_ipaddr=192.168.5.1
lan1_netmask=255.255.255.0
lan1_proto=dhcp
lan1_stp=0
lan2_ifname=
lan2_ifnames=
lan2_ipaddr=
lan2_netmask=
lan2_proto=
lan2_stp=
lan3_ifname=
lan3_ifnames=
lan3_ipaddr=
lan3_netmask=
lan3_proto=
lan3_stp=
lan_desc=1
lan_dhcp=0
lan_domain=
lan_gateway=0.0.0.0
lan_hostname=xx
lan_hwaddr=xx
lan_hwnames=
lan_ifname=br0
lan_ifnames=vlan1 eth1
lan_invert=0
lan_ipaddr=192.168.3.1
lan_lease=86400
lan_netmask=255.255.255.0
lan_proto=dhcp
lan_route=
lan_state=1
lan_stp=0
lan_wins=
landevs=vlan1 wl0
led_override=
limit_br1_dlc=
limit_br1_dlr=
limit_br1_enable=0
limit_br1_prio=2
limit_br1_ulc=
limit_br1_ulr=
limit_br2_dlc=
limit_br2_dlr=
limit_br2_enable=0
limit_br2_prio=2
limit_br2_ulc=
limit_br2_ulr=
limit_br3_dlc=
limit_br3_dlr=
limit_br3_enable=0
limit_br3_prio=2
limit_br3_ulc=
limit_br3_ulr=
log_events=
log_file=1
log_file_custom=0
log_file_keep=1
log_file_path=/opt/logr/messages
log_file_size=50
log_ftp=1
log_in=0
log_limit=60
log_mark=10080
log_out=0
log_remote=0
log_remoteip=
log_remoteport=514
log_wm=1
log_wmdmax=300
log_wmip=192.168.3.6
log_wmsmax=300
log_wmtype=0
mac_wan=xx
macnames=xx
manual_boot_nv=0
modem_apn=internet
modem_dev=ttyUSB0
modem_init=*99#
modem_ipaddr=0.0.0.0
modem_pin=
ms_dbdir=
ms_dirs=/mnt<
ms_enable=0
ms_port=0
ms_sas=0
ms_stdlna=0
ms_tivo=0
mtu_enable=0
multicast_lan1=0
multicast_lan2=0
multicast_lan3=0
multicast_lan=0
multicast_pass=0
ne_shlimit=1,3,60
ne_snat=0
ne_syncookies=0
ne_valpha=2
ne_vbeta=6
ne_vegas=0
ne_vgamma=2
new_qoslimit_enable=0
new_qoslimit_ibw=
new_qoslimit_obw=
new_qoslimit_rules=
nf_ftp=1
nf_h323=1
nf_l7in=1
nf_loopback=0
nf_pptp=1
nf_rtsp=0
nf_sip=1
nf_ttl=0
nfs_enable=0
nfs_exports=
nginx_custom=# NGINX Custom Parameters.
nginx_docroot=/www
nginx_enable=0
nginx_fqdn=Tomato
nginx_keepconf=0
nginx_php=0
nginx_port=85
nginx_priority=10
ntp_kiss=
ntp_kiss_ignore=
ntp_server=0.europe.pool.ntp.org 1.europe.pool.ntp.org 2.europe.pool.ntp.org
ntp_tdod=0
ntp_updates=4
os_date=sob, 17 maj 2014 19:34:22 +0200
os_name=linux
os_version=1.28.0000 MIPSR2-119 K26 USB AIO
pa0maxpwr=400
pci/1/1/aa5g=0x7
pci/1/1/ag1=2
pci/1/1/antswctl2g=0
pci/1/1/antswctl5g=0
pci/1/1/antswitch=3
pci/1/1/boardflags2=0x0202
pci/1/1/boardflags=0xa00
pci/1/1/bw40po=0
pci/1/1/bwduppo=0
pci/1/1/ccode=0
pci/1/1/cddpo=0
pci/1/1/devid=0x432d
pci/1/1/extpagain5g=0
pci/1/1/itt5ga0=0x3e
pci/1/1/itt5ga1=0x3e
pci/1/1/ledbh0=0
pci/1/1/ledbh1=0
pci/1/1/ledbh2=0
pci/1/1/ledbh3=0
pci/1/1/leddc=0xffff
pci/1/1/macaddr=xx
pci/1/1/maxp5ga0=0x40
pci/1/1/maxp5ga1=0x40
pci/1/1/maxp5gha0=0x3c
pci/1/1/maxp5gha1=0x3c
pci/1/1/maxp5gla0=0x40
pci/1/1/maxp5gla1=0x40
pci/1/1/pa5ghw0a0=0xfeab
pci/1/1/pa5ghw0a1=0xfea1
pci/1/1/pa5ghw1a0=0x163a
pci/1/1/pa5ghw1a1=0x1630
pci/1/1/pa5ghw2a0=0xfaaf
pci/1/1/pa5ghw2a1=0xfa9f
pci/1/1/pa5glw0a0=0xfe87
pci/1/1/pa5glw0a1=0xfe9a
pci/1/1/pa5glw1a0=0x1637
pci/1/1/pa5glw1a1=0x1591
pci/1/1/pa5glw2a0=0xfa8e
pci/1/1/pa5glw2a1=0xfabc
pci/1/1/pa5gw0a0=0xfe9b
pci/1/1/pa5gw0a1=0xfe92
pci/1/1/pa5gw1a0=0x15a8
pci/1/1/pa5gw1a1=0x15bf
pci/1/1/pa5gw2a0=0xfabc
pci/1/1/pa5gw2a1=0xfab0
pci/1/1/pdetrange5g=0
pci/1/1/regrev=0
pci/1/1/rxchain=3
pci/1/1/sromrev=8
pci/1/1/stbcpo=0
pci/1/1/triso5g=3
pci/1/1/tssipos5g=1
pci/1/1/txchain=3
pmon_ver=CFE 5.10.56.3
portforward=xx
ppp_ac=
ppp_custom=
ppp_demand=0
ppp_get_ac=
ppp_get_ip=
ppp_get_srv=
ppp_idletime=5
ppp_keepalive=0
ppp_mlppp=0
ppp_mru=1500
ppp_mtu=1500
ppp_passwd=
ppp_redialperiod=10
ppp_service=
ppp_static=0
ppp_static_ip=
ppp_username=
pppoe_ac=
pppoe_demand=0
pppoe_idletime=5
pppoe_ifname=
pppoe_keepalive=0
pppoe_lef=
pppoe_lei=
pppoe_passwd=
pppoe_service=
pppoe_static=0
pppoe_static_ip=
pppoe_username=
pptp_client_crypt=0
pptp_client_custom=
pptp_client_dfltroute=0
pptp_client_enable=0
pptp_client_mru=1450
pptp_client_mruenable=0
pptp_client_mtu=1450
pptp_client_mtuenable=0
pptp_client_nat=0
pptp_client_passwd=
pptp_client_peerdns=0
pptp_client_srvip=
pptp_client_srvsub=10.0.0.0
pptp_client_srvsubmsk=255.0.0.0
pptp_client_username=
pptp_dhcp=1
pptp_server_ip=
pptpd_broadcast=br0ppp
pptpd_custom=
pptpd_dns1=
pptpd_dns2=
pptpd_enable=0
pptpd_forcemppe=1
pptpd_mru=1450
pptpd_mtu=1450
pptpd_remoteip=xx
pptpd_users=xx
pptpd_wins1=
pptpd_wins2=
qos_ack=0
qos_burst0=
qos_burst1=
qos_classnames=Service VOIP/Game Media Remote WWW Mail Messenger Download P2P/Bulk Crawl
qos_default=8
qos_enable=0
qos_fin=1
qos_ibw=100000
qos_icmp=0
qos_inuse=511
qos_irates=2-10,60-100,5-30,5-90,5-90,5-10,1-1,3-90,1-90,1-100
qos_obw=4000
qos_orates=5-20,50-100,5-90,5-90,5-90,5-80,5-80,5-80,1-10,1-10
qos_orules=xx
qos_pfifo=0
qos_reset=1
qos_rst=1
qos_syn=1
qos_udp=0
qosl_dlc=
qosl_dlr=
qosl_enable=0
qosl_tcp=0
qosl_udp=0
qosl_ulc=
qosl_ulr=
regulation_domain=0X30GB
remote_management=0
remote_mgt_https=0
reset_gpio=8
restore_defaults=0
rmgt_sip=192.168.3.1-192.168.3.254
router_name=s
routes_static=
routes_static_saved=
rrule0=0|1320|300|31|||word text ^begins-with.domain. .ends-with.net$ ^www.exact-domain.net$|0|example
rrule1=1|-1|-1|127||-2
rrule2=0|1395|330|127|~||||0|wireless
rrule3=1|-1|-1|127|192.168.3.125|||0|block SAP internet access
rruleN=3
rrules_activated=a
rrules_radio=-1
rrulewp=80,8080
rstats_bak=0
rstats_colors=
rstats_data=
rstats_enable=1
rstats_exclude=
rstats_offset=1
rstats_path=
rstats_sshut=1
rstats_stime=48
sb/1/aa2g=7
sb/1/ag0=2
sb/1/ag1=2
sb/1/antswctl2g=0
sb/1/antswitch=3
sb/1/boardflags2=0x400
sb/1/boardflags=0x310
sb/1/bw40po=0
sb/1/bwduppo=0
sb/1/cck2gpo=0x0000
sb/1/ccode=0
sb/1/cddpo=0
sb/1/devid=0x4329
sb/1/extpagain2g=0
sb/1/itt2ga0=0x20
sb/1/itt2ga1=0x20
sb/1/ledbh0=0
sb/1/ledbh1=0
sb/1/ledbh2=0
sb/1/ledbh3=0
sb/1/leddc=0xffff
sb/1/macaddr=xx
sb/1/maxp2ga0=0x4A
sb/1/maxp2ga1=0x4A
sb/1/mcs2gpo0=0x7777
sb/1/mcs2gpo1=0x7777
sb/1/mcs2gpo2=0xaaaa
sb/1/mcs2gpo3=0xaaaa
sb/1/mcs2gpo4=0x7777
sb/1/mcs2gpo5=0x7777
sb/1/mcs2gpo6=0xaaaa
sb/1/mcs2gpo7=0xaaaa
sb/1/ofdm2gpo=0x66666666
sb/1/pa2gw0a0=0xFEDE
sb/1/pa2gw0a1=0xFEBF
sb/1/pa2gw1a0=0x12A6
sb/1/pa2gw1a1=0x129D
sb/1/pa2gw2a0=0xFB8B
sb/1/pa2gw2a1=0xFB79
sb/1/pdetrange2g=0
sb/1/regrev=0
sb/1/rxchain=3
sb/1/sromrev=8
sb/1/stbcpo=0
sb/1/triso2g=3
sb/1/tssipos2g=1
sb/1/txchain=3
sch_c1=1,1170,127
sch_c1_cmd=/opt/bin/logwatch
sch_c1_last=1402335001
sch_c2=0,-30,127
sch_c2_cmd=
sch_c3=0,-30,127
sch_c3_cmd=
sch_c4=0,-30,127
sch_c4_cmd=
sch_c5=0,-30,127
sch_c5_cmd=
sch_rboot=0,300,127
sch_rcon=0,0,127
script_brau=
script_fire=/bin/mount /dev/sda1 /opt iptables -t filter -A INPUT -p tcp --dport 9081 -j ACCEPT iptables -A INPUT -s 213.152.255.146 -j DROP iptables -A OUTPUT -d 213.152.255.146 -j DROP iptables -I INPUT -s 61.166.147.0/24 -j DROP iptables -I INPUT -s 61.166.147.35 -j DROP iptables -I INPUT -s 193.17.208.73 -j DROP iptables -I INPUT -s 184.75.214.74 -j DROP iptables -I INPUT -s 95.85.31.223 -j DROP iptables -I INPUT -s 195.25.87.9 -j DROP iptables -I INPUT -s 202.77.104.163 -j DROP iptables -I INPUT -s 66.230.107.174 -j DROP iptables -I INPUT -s 85.214.250.151 -j DROP
script_init=echo "LABEL=optware /opt ext3 defaults 1 1" >> /etc/fstab iptables -t filter -A INPUT -p tcp --dport 9081 -j ACCEPT iptables -A INPUT -p tcp --dport 9081 -j ACCEPT service firewall restart /opt/etc/init.d/S80lighttpd restart /opt/etc/init.d/S70mysqld restart
script_shut=
script_usbhotplug=
script_usbmount=/opt/sms/usb_on
script_usbumount=
script_wanup=/jffs/net_up
sdram_config=0x104
sdram_init=0x419
sdram_ncdl=0x7f26162a
sdram_refresh=0x1a5a
secret_code=81533596
sesx_b0=1
sesx_b1=4
sesx_b2=4
sesx_b3=4
sesx_led=0
sesx_script=[ $1 -ge 20 ] && telnetd -p 233 -l /bin/sh
smbd_autoshare=2
smbd_cpage=
smbd_cset=utf8
smbd_custom=hosts allow = 192.168.3.
smbd_enable=2
smbd_master=1
smbd_passwd=xx
smbd_shares=xx
smbd_user=xx
smbd_wgroup=WORKGROUP
smbd_wins=1
snmp_contact=admin@tomato
snmp_enable=0
snmp_location=router
snmp_port=161
snmp_remote=0
snmp_remote_sip=
snmp_ro=rocommunity
sshd_authkeys=
sshd_dsskey=xx
sshd_eas=1
sshd_forwarding=1
sshd_hostkey=xx
sshd_motd=1
sshd_pass=1
sshd_port=22
sshd_remote=0
sshd_rport=22
t_cafree=1
t_features=0xC1
t_fix1=RT-N16
t_hidelr=0
t_model=29
t_model_name=Asus RT-N16
telnetd_eas=1
telnetd_port=23
tm_dst=1
tm_sel=CET-1CEST,M3.5.0/2,M10.5.0/3
tm_tz=CET-1CEST,M3.5.0/2,M10.5.0/3
tomatoanon_answer=1
tomatoanon_cru=6
tomatoanon_enable=0
tomatoanon_id=
tomatoanon_notify=1
tor_custom=
tor_datadir=/tmp/tor
tor_dnsport=9053
tor_enable=0
tor_iface=br0
tor_socksport=9050
tor_transport=9040
tor_users=192.168.1.0/24
trigforward=0<1
trunk_vlan_so=0
ttb_css=example
udpxy_clients=3
udpxy_enable=0
udpxy_port=4022
udpxy_stats=0
upnp_clean=1
upnp_clean_interval=600
upnp_clean_threshold=20
upnp_custom=
upnp_enable=0
upnp_mnp=0
upnp_port=0
upnp_secure=1
upnp_ssdp_interval=60
usb_3g=1
usb_automount=1
usb_enable=1
usb_ext_opt=
usb_fat_opt=
usb_fs_ext3=1
usb_fs_fat=1
usb_fs_hfs=0
usb_fs_ntfs=1
usb_irq_thresh=0
usb_ntfs_opt=
usb_ohci=0
usb_printer=0
usb_printer_bidirect=0
usb_storage=1
usb_uhci=-1
usb_usb2=1
vlan1hwname=et0
vlan1ports=4 3 2 1 8*
vlan2hwname=et0
vlan2ports=0 8
vlan_enable=1
vpn_client1_addr=
vpn_client1_adns=0
vpn_client1_bridge=1
vpn_client1_ca=
vpn_client1_cipher=default
vpn_client1_comp=adaptive
vpn_client1_crt=
vpn_client1_crypt=tls
vpn_client1_custom=
vpn_client1_firewall=auto
vpn_client1_gw=
vpn_client1_hmac=-1
vpn_client1_if=tun
vpn_client1_key=
vpn_client1_local=10.8.0.2
vpn_client1_nat=1
vpn_client1_nm=255.255.255.0
vpn_client1_poll=0
vpn_client1_port=1194
vpn_client1_proto=udp
vpn_client1_remote=10.8.0.1
vpn_client1_reneg=-1
vpn_client1_retry=30
vpn_client1_rg=0
vpn_client1_rgw=0
vpn_client1_static=
vpn_client2_addr=
vpn_client2_adns=0
vpn_client2_bridge=1
vpn_client2_ca=
vpn_client2_cipher=default
vpn_client2_comp=adaptive
vpn_client2_crt=
vpn_client2_crypt=tls
vpn_client2_custom=
vpn_client2_firewall=auto
vpn_client2_gw=
vpn_client2_hmac=-1
vpn_client2_if=tun
vpn_client2_key=
vpn_client2_local=10.8.0.2
vpn_client2_nat=1
vpn_client2_nm=255.255.255.0
vpn_client2_poll=0
vpn_client2_port=1194
vpn_client2_proto=udp
vpn_client2_remote=10.8.0.1
vpn_client2_reneg=-1
vpn_client2_retry=30
vpn_client2_rg=0
vpn_client2_rgw=0
vpn_client2_static=
vpn_client_eas=
vpn_debug=0
vpn_server1_c2c=0
vpn_server1_ca=xx
vpn_server1_ccd=0
vpn_server1_ccd_excl=0
vpn_server1_ccd_val=
vpn_server1_cipher=xx
vpn_server1_comp=adaptive
vpn_server1_crt=xx
vpn_server1_crypt=tls
vpn_server1_custom=
vpn_server1_dh=xx
vpn_server1_dhcp=1
vpn_server1_firewall=auto
vpn_server1_hmac=-1
vpn_server1_if=tun
vpn_server1_key=xx
vpn_server1_local=10.8.0.1
vpn_server1_nm=255.255.255.0
vpn_server1_nocert=0
vpn_server1_pdns=1
vpn_server1_plan=1
vpn_server1_poll=0
vpn_server1_port=1914
vpn_server1_proto=tcp-server
vpn_server1_r1=192.168.3.50
vpn_server1_r2=192.168.3.55
vpn_server1_remote=10.8.0.2
vpn_server1_reneg=-1
vpn_server1_rgw=1
vpn_server1_sn=10.8.0.0
vpn_server1_static=
vpn_server1_userpass=0
vpn_server1_users_val=
vpn_server2_c2c=0
vpn_server2_ca=
vpn_server2_ccd=0
vpn_server2_ccd_excl=0
vpn_server2_ccd_val=
vpn_server2_cipher=default
vpn_server2_comp=adaptive
vpn_server2_crt=
vpn_server2_crypt=tls
vpn_server2_custom=
vpn_server2_dh=
vpn_server2_dhcp=1
vpn_server2_firewall=auto
vpn_server2_hmac=-1
vpn_server2_if=tun
vpn_server2_key=
vpn_server2_local=10.8.0.1
vpn_server2_nm=255.255.255.0
vpn_server2_nocert=0
vpn_server2_pdns=0
vpn_server2_plan=1
vpn_server2_poll=0
vpn_server2_port=1194
vpn_server2_proto=udp
vpn_server2_r1=192.168.3.50
vpn_server2_r2=192.168.3.55
vpn_server2_remote=10.8.0.2
vpn_server2_reneg=-1
vpn_server2_rgw=0
vpn_server2_sn=10.8.0.0
vpn_server2_static=
vpn_server2_userpass=0
vpn_server2_users_val=
vpn_server_dns=1,
vpn_server_eas=1,
wait_time=5
wan_6rd=
wan_dns=
wan_domain=
wan_gateway=xx
wan_gateway_get=xx
wan_get_dns=xx
wan_get_domain=xx
wan_hostname=
wan_hwaddr=xx
wan_hwname=
wan_iface=vlan2
wan_ifname=vlan2
wan_ifnameX=vlan2
wan_ifnames=vlan2
wan_ipaddr=xx
wan_islan=0
wan_lease=3600
wan_msroutes=
wan_mtu=1500
wan_netmask=255.255.254.0
wan_primary=1
wan_proto=dhcp
wan_routes1=
wan_routes2=
wan_routes=
wan_run_mtu=1500
wan_speed=4
wan_unit=0
wan_wins=
wandevs=et0
watchdog=2000
web_css=openlinksys
web_mx=status,bwm
web_pb=
web_svg=1
web_wl_filter=0
webmon_bkp=0
webmon_dir=/tmp
webmon_shrink=0
wk_mode=gateway
wl0.10_hwaddr=xx
wl0.11_hwaddr=xx
wl0.12_hwaddr=xx
wl0.13_hwaddr=xx
wl0.14_hwaddr=xx
wl0.15_hwaddr=xx
wl0.1_akm=psk2
wl0.1_auth=0
wl0.1_auth_mode=none
wl0.1_bss_enabled=1
wl0.1_bss_maxassoc=128
wl0.1_closed=0
wl0.1_crypto=aes
wl0.1_hwaddr=xx
wl0.1_ifname=wl0.1
wl0.1_key1=
wl0.1_key2=
wl0.1_key3=
wl0.1_key4=
wl0.1_key=1
wl0.1_maclist=xx
wl0.1_macmode=disabled
wl0.1_mode=ap
wl0.1_passphrase=
wl0.1_radio=1
wl0.1_radius_ipaddr=
wl0.1_radius_key=
wl0.1_radius_port=1812
wl0.1_security_mode=wpa2_personal
wl0.1_ssid=wifi1
wl0.1_wep=disabled
wl0.1_wep_bit=128
wl0.1_wme=on
wl0.1_wpa_gtk_rekey=3600
wl0.1_wpa_psk=xx
wl0.2_hwaddr=xx
wl0.3_hwaddr=xx
wl0.4_hwaddr=xx
wl0.5_hwaddr=xx
wl0.6_hwaddr=xx
wl0.7_hwaddr=xx
wl0.8_hwaddr=xx
wl0.9_hwaddr=xx
wl0_afterburner=off
wl0_akm=psk2
wl0_ampdu=auto
wl0_ampdu_rr_rtylimit_tid=2 2 2 2 2 2 2 2
wl0_ampdu_rtylimit_tid=5 5 5 5 5 5 5 5
wl0_amsdu=auto
wl0_antdiv=-1
wl0_ap_isolate=0
wl0_auth=0
wl0_auth_mode=none
wl0_bcn=100
wl0_bcn_rotate=1
wl0_bss_enabled=1
wl0_bss_maxassoc=128
wl0_btc_mode=0
wl0_channel=6
wl0_closed=0
wl0_corerev=17
wl0_country_code=US
wl0_crypto=aes
wl0_dfs_postism=60
wl0_dfs_preism=60
wl0_distance=
wl0_dtim=1
wl0_frag=2346
wl0_frameburst=off
wl0_gmode=1
wl0_gmode_protection=off
wl0_hw_rxchain=3
wl0_hw_txchain=3
wl0_hwaddr=xx
wl0_ifname=eth1
wl0_infra=1
wl0_key1=
wl0_key2=
wl0_key3=
wl0_key4=
wl0_key=1
wl0_lazywds=0
wl0_leddc=0x640000
wl0_mac_deny=
wl0_macaddr=
wl0_maclist=xx
wl0_macmode=disabled
wl0_maxassoc=128
wl0_mcast_regen_bss_enable=1
wl0_mimo_preamble=mm
wl0_mitigation=0
wl0_mode=ap
wl0_mrate=0
wl0_nband=2
wl0_nbw=40
wl0_nbw_cap=1
wl0_nctrlsb=upper
wl0_net_mode=mixed
wl0_net_reauth=36000
wl0_nmcsidx=-1
wl0_nmode=-1
wl0_nmode_protection=off
wl0_nreqd=0
wl0_obss_coex=0
wl0_passphrase=
wl0_phytype=n
wl0_phytypes=n
wl0_plcphdr=long
wl0_radarthrs=1 0x6c0 0x6e0 0x6bc 0x6e0 0x6ac 0x6cc 0x6bc 0x6e0
wl0_radio=1
wl0_radio_pwrsave_enable=0
wl0_radio_pwrsave_on_time=50
wl0_radio_pwrsave_pps=10
wl0_radio_pwrsave_quiet_time=1800
wl0_radioids=BCM2056
wl0_radius_ipaddr=
wl0_radius_key=
wl0_radius_port=1812
wl0_rate=0
wl0_rateset=default
wl0_reg_mode=off
wl0_rifs_advert=auto
wl0_rts=2347
wl0_rxchain=3
wl0_rxchain_pwrsave_enable=1
wl0_rxchain_pwrsave_pps=10
wl0_rxchain_pwrsave_quiet_time=1800
wl0_rxstreams=0
wl0_security_mode=wpa2_personal
wl0_ssid=xx
wl0_sta_retry_time=5
wl0_stbc_tx=auto
wl0_tnoise=-99
wl0_txant=3
wl0_txchain=3
wl0_txpwr=17
wl0_txstreams=0
wl0_unit=0
wl0_vifs=wl0.1
wl0_vlan_prio_mode=off
wl0_wds=
wl0_wds_enable=0
wl0_wds_timeout=1
wl0_wep=disabled
wl0_wep_bit=128
wl0_wep_buf=
wl0_wep_gen=
wl0_wep_last=
wl0_wme=on
wl0_wme_ap_be=15 63 3 0 0 off off
wl0_wme_ap_bk=15 1023 7 0 0 off off
wl0_wme_ap_vi=7 15 1 6016 3008 off off
wl0_wme_ap_vo=3 7 1 3264 1504 off off
wl0_wme_apsd=on
wl0_wme_bss_disable=0
wl0_wme_no_ack=off
wl0_wme_sta_be=15 1023 3 0 0 off off
wl0_wme_sta_bk=15 1023 7 0 0 off off
wl0_wme_sta_vi=7 15 2 6016 3008 off off
wl0_wme_sta_vo=3 7 2 3264 1504 off off
wl0_wme_txp_be=7 3 4 2 0
wl0_wme_txp_bk=7 3 4 2 0
wl0_wme_txp_vi=7 3 4 2 0
wl0_wme_txp_vo=7 3 4 2 0
wl0_wmf_bss_enable=0
wl0_wpa_gtk_rekey=3600
wl0_wpa_psk=xx
wl0gpio7=0x08
wl1_channel=0
wl1_leddc=0x640000
wl1_nband=1
wl1_radio=1
wl1_ssid=Tomato50
wl1_wme=auto
wl_afterburner=off
wl_akm=
wl_ampdu=auto
wl_ampdu_rr_rtylimit_tid=2 2 2 2 2 2 2 2
wl_ampdu_rtylimit_tid=5 5 5 5 5 5 5 5
wl_amsdu=auto
wl_antdiv=-1
wl_ap_isolate=0
wl_auth=0
wl_auth_mode=none
wl_bcn=100
wl_bcn_rotate=1
wl_bss_enabled=1
wl_bss_maxassoc=128
wl_btc_mode=0
wl_channel=6
wl_closed=0
wl_corerev=
wl_country_code=US
wl_crypto=aes
wl_dfs_postism=60
wl_dfs_preism=60
wl_distance=
wl_dtim=1
wl_frag=2346
wl_frameburst=off
wl_gmode=1
wl_gmode_protection=off
wl_hwaddr=
wl_ifname=eth1
wl_infra=1
wl_key1=
wl_key2=
wl_key3=
wl_key4=
wl_key=1
wl_lazywds=1
wl_leddc=0x640000
wl_mac_deny=
wl_macaddr=
wl_maclist=xx
wl_macmode=disabled
wl_maxassoc=128
wl_mcast_regen_bss_enable=1
wl_mimo_preamble=mm
wl_mitigation=0
wl_mode=ap
wl_mrate=0
wl_nband=2
wl_nbw=40
wl_nbw_cap=1
wl_nctrlsb=upper
wl_net_mode=mixed
wl_net_reauth=36000
wl_nmcsidx=-1
wl_nmode=-1
wl_nmode_protection=off
wl_nreqd=0
wl_obss_coex=0
wl_passphrase=
wl_phytype=b
wl_phytypes=
wl_plcphdr=long
wl_radarthrs=1 0x6c0 0x6e0 0x6bc 0x6e0 0x6ac 0x6cc 0x6bc 0x6e0
wl_radio=1
wl_radio_pwrsave_enable=0
wl_radio_pwrsave_on_time=50
wl_radio_pwrsave_pps=10
wl_radio_pwrsave_quiet_time=1800
wl_radioids=
wl_radius_ipaddr=
wl_radius_key=
wl_radius_port=1812
wl_rate=0
wl_rateset=default
wl_reg_mode=off
wl_rifs_advert=auto
wl_rts=2347
wl_rxchain_pwrsave_enable=1
wl_rxchain_pwrsave_pps=10
wl_rxchain_pwrsave_quiet_time=1800
wl_rxstreams=0
wl_security_mode=disabled
wl_ssid=Tomato24
wl_sta_retry_time=5
wl_stbc_tx=auto
wl_tnoise=-99
wl_txant=3
wl_txpwr=17
wl_txstreams=0
wl_unit=0
wl_vifs=
wl_vlan_prio_mode=off
wl_wds=
wl_wds_enable=0
wl_wds_timeout=1
wl_wep=disabled
wl_wep_bit=128
wl_wep_buf=
wl_wep_gen=
wl_wep_last=
wl_wme=auto
wl_wme_ap_be=15 63 3 0 0 off off
wl_wme_ap_bk=15 1023 7 0 0 off off
wl_wme_ap_vi=7 15 1 6016 3008 off off
wl_wme_ap_vo=3 7 1 3264 1504 off off
wl_wme_apsd=on
wl_wme_bss_disable=0
wl_wme_no_ack=off
wl_wme_sta_be=15 1023 3 0 0 off off
wl_wme_sta_bk=15 1023 7 0 0 off off
wl_wme_sta_vi=7 15 2 6016 3008 off off
wl_wme_sta_vo=3 7 2 3264 1504 off off
wl_wme_txp_be=7 3 4 2 0
wl_wme_txp_bk=7 3 4 2 0
wl_wme_txp_vi=7 3 4 2 0
wl_wme_txp_vo=7 3 4 2 0
wl_wmf_bss_enable=0
wl_wpa_gtk_rekey=3600
wl_wpa_psk=
xtalfreq=20000
---
1157 entries, 31493 bytes used, 1275 bytes free. |
|
|
|
shibby |
Dodano 09-06-2014 22:35
|
SysOp
Posty: 17109
Dołączył: 15/01/2009 20:30
|
oczyść skrypt firewall.
druga opcja to wgrac nizszy wariant tomato np. bez bt i nocata i usunąć zbędne wpisy w nvram.
Proxmox VE: i5-13400T, 64GB RAM, 2x 512GB NVMe, 3x 2TB SSD, Intel X710-DA2 SFP+
VM Router: OpenWRT 22.03.4
VM NAS: Synology SA6400
VM VPS: Debian, WWW, Home Assistant
Switch: Netgear MS510TXPP
Switch: Ubiquiti USW-Flex-mini - szt. 2
Wi-Fi: Ubiquiti U6-Lite - szt. 2
|
|
|
|
tartarek |
Dodano 10-06-2014 17:33
|
User
Posty: 63
Dołączył: 14/01/2012 12:23
|
oczyscilem firewall i dodalem vlan (3)
VLAN VID Port 1 Tagged Port 2 Tagged Port 3 Tagged Port 4 Tagged WAN Port Tagged Default Bridge
1 1 Yes Yes Yes Yes * LAN (br0)
2 2 Yes WAN
3 3 LAN1 (br1)
jednakze nadal mam dostep z .5.* do .3.* i odwrotnie
na stronie
http://somethingk.com/main/?p=323
jest dodatkowy krok z separacja sieci, bede wdzieczny za pomoc w dostosowaniu?
Połączony z 18 czerwiec 2014 21:34:20:
kolejna sprawa - czy sie zrobic, aby uzytkownikowi po zalogowaniu pojawila sie strona powitalna, a dostep byl przyznawany tylko po oplaceniu skladki?
Edytowany przez tartarek dnia 18-06-2014 21:34
|
|
|
|
pawelz |
Dodano 09-07-2014 16:22
|
User
Posty: 4
Dołączył: 09/07/2014 16:15
|
Czy problem z zabezpieczaniami wirtualnych wifi opisywany kilka postów wcześniej został rozwiązany?
Bo na dzień dzisiejszy nadal nie można połączyć się z siecią wirtualną jeżeli włączone jest jakiekolwiek zabezpieczenie
wersja tomato 1.28.0000 MIPSR2-116-PL K26 USB AIO
asus rtn16 |
|
|
|
Snap |
Dodano 09-07-2014 17:07
|
User
Posty: 78
Dołączył: 19/11/2013 21:11
|
Według mnie problem został rozwiązany, sam mam rt-n16 , skonfigurowaną sieć gościnna , zabezpieczoną wpa2 i od ponad 2-ch miesięcy hula aż miło. |
|
|