Skip to the content.

UniFi

My repo for UniFi. Others may find some usefulness from it also.

This should work on the UDM-PRO (Unifi Dream Machine Pro), the UDR (Unifi Dream Router) and maybe other Unifi OS products.


Backups via rsync info

Scripts

Firewall Config and Groups for Casting across VLANs

How to Downgrade apps like Protect in Unifi OS

Content Filter

Content Filter - AdBlocking


CLI Syntax

Interface Basics

ip help ( Shows your the commands for IP)

ip addr sh # To see interface address information

ip route sh # To see routing information.

route # An alternate way of seeing routes

wg show Shows the WireGuard current configuration and device information. This can be used for Teleport also.

wg showconf tlprt0 Show the configuration for example, Teleport0 inteface (the default interface if you add Teleport VPN).

wg help - List Commands for Help


Firewall

Firewall Logs

tail -f -n 1 /var/log/ulog/syslogemu.log

(change -n 1 to your own syntax as required to read th number of line in tail)

If you were logging Deny rules you’ve created for want to see all Denys in the firewall log, try this instead.

tail -f -n 1 /var/log/ulog/syslogemu.log | grep Deny

or

cat /var/log/ulog/syslogemu.log | grep Deny


DNAT rule to redirect traffic using iptables

Syntax using iptables

iptables -t nat -A PREROUTING -i br<VLANID> -s x.x.x.x/xx -d 0.0.0.0/0 -p udp --dport yy -j DNAT --to z.z.z.z

Example of redirecting Google DNS destination traffic to your own DNS server at 192.168.10.10 for VLAN20.

iptables -t nat -A PREROUTING -i br20 -s 192.168.20.0/24 -d 8.8.8.8/32 -p udp --dport 53 -j DNAT --to 192.168.10.10

iptables -t nat -A PREROUTING -i br20 -s 192.168.20.0/24 -d 8.8.4.4/32 -p udp --dport 53 -j DNAT --to 192.168.10.10

To see the chain and rules with numbering (line simple layout)

iptables -t nat -L PREROUTING --line

To delete a rule in the chain

iptables -t nat -D PREROUTING <X>

<X> indicates the number of the rule in the chain to delete


Storage and Paths

Hard Disk Filling Up Quickly on the UDM-PRO? (Unifi Protect)

Find the largest 20 files in /volume1

du -a /volume1 | sort -n -r | head -n 20

You may need to remove 1GB UBV files in /pool directory

rm /volume1/.srv/unifi-protect/video/pool/*.ubv

Paths

Recordings du -hs /volume1/.srv/unifi-protect/video/

Data du -hs /data


my unifi usg repo here

Packet Capture - Read this on Reddit

UniFi Utilities

Split-VPN - Credit @Peacey

UDM Source Code - Credit @tusc

UDM and Wireguard-kmod - Credit @tusc