Skip to content
/ UniFi Public

UniFi - guides on CLI syntax like rsync, iptables, firewall logs, what ports, manage Protect storage. Info about Content Filter, AdBlocking and more.

systemjargon.github.io/unifi/
9 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

SystemJargon/UniFi

BranchesTags

Repository files navigation

UniFi

My repo for UniFi. Others may find some usefulness from it also.

This should work on the UDM-PRO (Unifi Dream Machine Pro), the UDR (Unifi Dream Router) and maybe other Unifi OS products.

Links

Backups via rsync info

Scripts

Firewall Config and Groups for Casting across VLANs

How to Downgrade apps like Protect in Unifi OS

Content Filter

Content Filter - AdBlocking

Network Ports

CLI Syntax

Interface Basics

ip help ( Shows your the commands for IP)

ip addr sh # To see interface address information

ip route sh # To see routing information.

route # An alternate way of seeing routes

wg show Shows the WireGuard current configuration and device information. This can be used for Teleport also.

wg showconf tlprt0 Show the configuration for example, Teleport0 inteface (the default interface if you add Teleport VPN).

wg help - List Commands for Help

Firewall

Firewall Logs

tail -f -n 1 /var/log/ulog/syslogemu.log

(change -n 1 to your own syntax as required to read th number of line in tail)

If you were logging Deny rules you've created for want to see all Denys in the firewall log, try this instead.

tail -f -n 1 /var/log/ulog/syslogemu.log | grep Deny

or

cat /var/log/ulog/syslogemu.log | grep Deny

DNAT rule to redirect traffic using iptables

Syntax using iptables

iptables -t nat -A PREROUTING -i br<VLANID> -s x.x.x.x/xx -d 0.0.0.0/0 -p udp --dport yy -j DNAT --to z.z.z.z

Example of redirecting Google DNS destination traffic to your own DNS server at 192.168.10.10 for VLAN20.

iptables -t nat -A PREROUTING -i br20 -s 192.168.20.0/24 -d 8.8.8.8/32 -p udp --dport 53 -j DNAT --to 192.168.10.10

iptables -t nat -A PREROUTING -i br20 -s 192.168.20.0/24 -d 8.8.4.4/32 -p udp --dport 53 -j DNAT --to 192.168.10.10

To see the chain and rules with numbering (line simple layout)

iptables -t nat -L PREROUTING --line

To delete a rule in the chain

iptables -t nat -D PREROUTING <X>

<X> indicates the number of the rule in the chain to delete

Storage and Paths

Hard Disk Filling Up Quickly on the UDM-PRO? (Unifi Protect)

Find the largest 20 files in /volume1

du -a /volume1 | sort -n -r | head -n 20

You may need to remove 1GB UBV files in /pool directory

rm /volume1/.srv/unifi-protect/video/pool/*.ubv

Paths

Recordings du -hs /volume1/.srv/unifi-protect/video/

Data du -hs /data

Other Repo's / Useful Links

my unifi usg repo here

Packet Capture - Read this on Reddit

UniFi Utilities

Split-VPN - Credit @Peacey

UDM Source Code - Credit @tusc

UDM and Wireguard-kmod - Credit @tusc

About

UniFi - guides on CLI syntax like rsync, iptables, firewall logs, what ports, manage Protect storage. Info about Content Filter, AdBlocking and more.

systemjargon.github.io/UniFi/

Topics

unifi ubiquiti unifi-controller iptables-rules unifi-protect unifi-dream-machine udm-pro unifi-os dream-machine-pro unifi-network

Resources

Readme
Activity

Stars

9 stars

Watchers

1 watching

Forks

0 forks
Report repository

Languages