From e78975df35946a699ae191cfd0887a6b68cea03d Mon Sep 17 00:00:00 2001 From: System Administrator Date: Sat, 7 Feb 2026 00:52:54 +0100 Subject: [PATCH] =?UTF-8?q?/diag=5Fbackup.php=20changement(s)=20effectu?= =?UTF-8?q?=C3=A9(s)=20@=20-=20(root@10.0.1.106)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- config.xml | 3125 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 3125 insertions(+) create mode 100644 config.xml diff --git a/config.xml b/config.xml new file mode 100644 index 0000000..2047963 --- /dev/null +++ b/config.xml @@ -0,0 +1,3125 @@ + + + opnsense + + + vfs.read_max + + Increase UFS read-ahead speeds to match the state of hard drives and NCQ. + + + net.inet.ip.portrange.first + + Set the ephemeral port range to be lower. + + + net.inet.tcp.blackhole + + Drop packets to closed TCP ports without returning a RST + + + net.inet.udp.blackhole + + Do not send ICMP port unreachable messages for closed UDP ports + + + net.inet.ip.random_id + + Randomize the ID field in IP packets + + + net.inet.ip.sourceroute + + + Source routing is another way for an attacker to try to reach non-routable addresses behind your box. + It can also be used to probe for information about your internal networks. These functions come enabled + as part of the standard FreeBSD core system. + + + + net.inet.ip.accept_sourceroute + + + Source routing is another way for an attacker to try to reach non-routable addresses behind your box. + It can also be used to probe for information about your internal networks. These functions come enabled + as part of the standard FreeBSD core system. + + + + net.inet.icmp.log_redirect + + + This option turns off the logging of redirect packets because there is no limit and this could fill + up your logs consuming your whole hard drive. + + + + net.inet.tcp.drop_synfin + + Drop SYN-FIN packets (breaks RFC1379, but nobody uses it anyway) + + + net.inet6.ip6.redirect + + Enable sending IPv6 redirects + + + net.inet6.ip6.use_tempaddr + + Enable privacy settings for IPv6 (RFC 4941) + + + net.inet6.ip6.prefer_tempaddr + + Prefer privacy addresses and use them over the normal addresses + + + net.inet.tcp.syncookies + + Generate SYN cookies for outbound SYN-ACK packets + + + net.inet.tcp.recvspace + + Maximum incoming/outgoing TCP datagram size (receive) + + + net.inet.tcp.sendspace + + Maximum incoming/outgoing TCP datagram size (send) + + + net.inet.tcp.delayed_ack + + Do not delay ACK to try and piggyback it onto a data packet + + + net.inet.udp.maxdgram + + Maximum outgoing UDP datagram size + + + net.link.bridge.pfil_onlyip + + Handling of non-IP packets which are not passed to pfil (see if_bridge(4)) + + + net.link.bridge.pfil_local_phys + + Set to 1 to additionally filter on the physical interface for locally destined packets + + + net.link.bridge.pfil_member + + Set to 0 to disable filtering on the incoming and outgoing member interfaces. + + + net.link.bridge.pfil_bridge + + Set to 1 to enable filtering on the bridge interface + + + net.link.tap.user_open + + Allow unprivileged access to tap(4) device nodes + + + kern.randompid + + Randomize PID's (see src/sys/kern/kern_fork.c: sysctl_kern_randompid()) + + + hw.syscons.kbd_reboot + + Disable CTRL+ALT+Delete reboot from keyboard. + + + net.inet.tcp.log_debug + + Enable TCP extended debugging + + + net.inet.icmp.icmplim + + Set ICMP Limits + + + net.inet.tcp.tso + + TCP Offload Engine + + + net.inet.udp.checksum + + UDP Checksums + + + kern.ipc.maxsockbuf + + Maximum socket buffer size + + + vm.pmap.pti + + Page Table Isolation (Meltdown mitigation, requires reboot.) + + + hw.ibrs_disable + + Disable Indirect Branch Restricted Speculation (Spectre V2 mitigation) + + + security.bsd.see_other_gids + + Hide processes running as other groups + + + security.bsd.see_other_uids + + Hide processes running as other users + + + net.inet.ip.redirect + + Enable/disable sending of ICMP redirects in response to IP packets for which a better, + and for the sender directly reachable, route and next hop is known. + + + + net.inet.icmp.drop_redirect + 1 + + Redirect attacks are the purposeful mass-issuing of ICMP type 5 packets. In a normal network, redirects + to the end stations should not be required. This option enables the NIC to drop all inbound ICMP redirect + packets without returning a response. + + + + net.local.dgram.maxdgram + + Maximum outgoing UDP datagram size + + + + normal + opnsense + home + 0 + + 1999 + admins + system + System Administrators + page-all + 0,2000,2001 + + + + 0 + root + 0 + system + + + + + $2y$11$c4SUQpuTdpAKxLtXChnanuO06m7Ro2rkjuHIsVQMD26oEV22MWGRW + + + + + + + + System Administrator + eyJvcHRpb25zIjpbXSwid2lkZ2V0cyI6W3siaWQiOiJzeXN0ZW1pbmZvcm1hdGlvbiIsIm1pblciOjIsIngiOjAsInkiOjAsImgiOjUxMiwid2lkZ2V0IjpbXSwidyI6Mn0seyJpZCI6Im1lbW9yeSIsIm1pblciOjEsIngiOjIsInkiOjAsImgiOjE0Miwid2lkZ2V0IjpbXSwidyI6bnVsbH0seyJpZCI6ImRpc2siLCJtaW5XIjoxLCJ4IjozLCJ5IjowLCJoIjoxNDIsIndpZGdldCI6W10sInciOm51bGx9LHsiaWQiOiJpbnRlcmZhY2VzdGF0aXN0aWNzIiwibWluVyI6MiwieCI6NCwieSI6MCwidyI6NCwiaCI6NDAzLCJ3aWRnZXQiOltdfSx7ImlkIjoiZmlyZXdhbGwiLCJtaW5XIjoyLCJ4Ijo4LCJ5IjowLCJ3Ijo0LCJoIjo0MDMsIndpZGdldCI6W119LHsiaWQiOiJnYXRld2F5cyIsIm1pblciOjIsIngiOjIsInkiOjE0Miwic2l6ZVRvQ29udGVudCI6MjM0LCJoIjoyMzQsIndpZGdldCI6eyJnYXRld2F5cyI6WyIyZjUxYmJmMi0wOTkyLTQ1ODQtYmNjMS1kYjllODMzZDQxMWEiLCJkZDdlMTAxMS1iZjhkLTQ4ZjYtYjUxMS1lMmVhM2EwNGExZGIiXX0sInciOjJ9LHsiaWQiOiJhbm5vdW5jZW1lbnRzIiwibWluVyI6MiwieCI6MiwieSI6Mzc2LCJzaXplVG9Db250ZW50IjozNTAsImgiOjM1MCwid2lkZ2V0IjpbXSwidyI6Mn0seyJpZCI6InNlcnZpY2VzIiwibWluVyI6MiwieCI6NCwieSI6NDAzLCJ3Ijo0LCJzaXplVG9Db250ZW50Ijo2NTAsImgiOjY1MCwid2lkZ2V0IjpbXX0seyJpZCI6InRyYWZmaWMiLCJtaW5XIjoyLCJ4Ijo4LCJ5Ijo0MDMsInciOjQsImgiOjQ0Niwid2lkZ2V0Ijp7ImludGVyZmFjZXMiOlsibGFuIiwid2FuIl19fSx7ImlkIjoiY3B1IiwibWluVyI6MiwieCI6MCwieSI6NTEyLCJoIjoxNjAsIndpZGdldCI6eyJncmFwaHMiOlsidG90YWwiXX0sInciOjJ9LHsiaWQiOiJkbnNtYXNxbGVhc2VzIiwibWluVyI6Miwic2l6ZVRvQ29udGVudCI6MTI4LCJ4IjowLCJ5Ijo2NzIsImgiOjEyOCwid2lkZ2V0Ijp7ImxlYXNlc1RvU2hvdyI6IjIifSwidyI6Mn0seyJpZCI6ImRkY2xpZW50IiwibWluVyI6Miwic2l6ZVRvQ29udGVudCI6NjUwLCJ4IjoyLCJ5Ijo3MjYsImgiOjE2OCwid2lkZ2V0IjpbXSwidyI6Mn0seyJpZCI6InN3YXAiLCJtaW5XIjoxLCJ4IjowLCJ5Ijo4MDAsImgiOjE0Miwid2lkZ2V0IjpbXSwidyI6bnVsbH0seyJpZCI6ImZpcmV3YWxsc3RhdGVzIiwibWluVyI6MSwieCI6MSwieSI6ODAwLCJoIjoxNDIsIndpZGdldCI6W10sInciOm51bGx9LHsiaWQiOiJpbnRlcmZhY2VzIiwibWluVyI6Miwic2l6ZVRvQ29udGVudCI6NjUwLCJ4Ijo4LCJ5Ijo4NDksImgiOjMwMiwid2lkZ2V0IjpbXSwidyI6Mn0seyJpZCI6InRoZXJtYWxzZW5zb3JzIiwibWluVyI6MiwieCI6MTAsInkiOjg0OSwiaCI6MTQ2LCJ3aWRnZXQiOnsic2Vuc29ycyI6W119LCJ3IjoyfSx7ImlkIjoiV2lyZWd1YXJkIiwibWluVyI6Miwic2l6ZVRvQ29udGVudCI6NjUwLCJ4IjoyLCJ5Ijo4OTQsImgiOjE5Niwid2lkZ2V0IjpbXSwidyI6Mn0seyJpZCI6Im1vbml0IiwibWluVyI6MiwieCI6MiwieSI6MTA5MCwiaCI6MTI4LCJ3aWRnZXQiOltdLCJ3IjoyfV19 + + + 2000 + gilles + 0 + user + + + + /bin/sh + $2y$11$e9BIlxwYQUZ8b6P8qgZIAuMgg6Kb/7l8ZVVyex.VjNTmRWuZe05M6 + + + + + 4oZKfb4FVcvC3N/wYbAUb4D9yS+3bHCztnqPQS5Pz7ZlctgGYeMQNThn3gVxcyV6FWzVygSIXZa2tRzd|$6$$./RJ7bYaOuHkZG1kQVoSWaF4DA4xQ6bhHZTU8EanKRRQYShYImZ3mCSaKBh7ZmPJfT9zURfNlcJHuIpVro52x1 + page-all + + gilles + + + + 2001 + webui_api + 0 + user + + + ARXXULH3NIENJEQEQAFNHRVKSDUYP7PA + + $2y$11$Om75ATi8OQRI06XjE.wlpOcL9ZI0l3C0MO2EZSkQ78pHPFwFXWxSu + + + + + G+9Zoz+vwR0dU24H2TzwbY4qemppj+k9hHEnf49eOX1N35LmgMNxeb/bUJM6k087ccABMr8IG2cr1ewQ|$6$$nSS.SFFtWjQvxjtUB8bnpl/REMcrVL6bVYYNFFfCVSanyAKrceyWR2cu/4apM/61e9uKmyA6CwGUwb6dUlJJZ/ + page-diagnostics-arptable,page-diagnostics-pf-info,page-diagnostics-logs-firewall-general,page-diagnostics-logs-dhcp,page-diagnostics-logs-firewall-dynamic,page-diagnostics-ping,page-diagnostics-testport,page-diagnostics-traceroute,page-firewall-nat-portforward,page-firewall-rules,page-diagnostics-dns_diagnostics,page-services-dhcpserver,page-services-dnsresolver-acls,page-system-advanced-firewall + + + + + + 2002 + mcp_user + 0 + user + + + + + $2y$11$9Nvze6MjVDiPZTxzVNjYI.6BXUV0PckbLtnkkBrtnXEYwGlUUFisa + + + + + ZOwL1iuko13l9tnARvJlU0s93C/44gFwZNRmStRhzGV8u6m2nXAcoOAbb6jxtkEe8dqzIjj4zECcKdzI|$6$$pca55.4EabiFKbdwF7581/rZ6PojvzcduKuSz2TPudQmWR/WxaKLA4BUO8V3xmU3t06dBMNoSfqB.Voqui.0m. + + + + + + 2001 + 2000 + Europe/Paris + 0.opnsense.pool.ntp.org 1.opnsense.pool.ntp.org 2.opnsense.pool.ntp.org 3.opnsense.pool.ntp.org + + http + 6607da87d5f1f + + + + + Local Database + + yes + 1 + 1 + 1 + 1 + 1 + 1 + hadp + hadp + hadp + + monthly + + 1 + 1 + + admins + 1 + lan + + + + + + enabled + 1 + 1 + + -1 + -1 + + + + os-caddy,os-cpu-microcode-intel,os-ddclient,os-dmidecode,os-git-backup,os-hw-probe,os-mdns-repeater,os-qemu-guest-agent,os-upnp,os-wol + + + 0 + + fr_FR + 10.0.0.15 + + none + none + none + none + none + none + none + none + 115200 + video + 1 + admins + 10 + + + 1 + https://gitea.maison43.duckdns.org/gilles/opnsense_backup.git + main + 1 + + gilles + Misstibet5* + + + 1 + + + + + + vtnet0 + + 1 + + 1 + 1 + dhcp + + + 32 + + + + + + + + SavedCfg + + + + + + + + + + 1 + vtnet1 + 10.0.0.1 + 22 + track6 + 64 + + + wan + 0 + + + + + 1 + Boucle + 1 + lo0 + 127.0.0.1 + ::1 + 8 + 128 + none + 1 + + + 1 + WireGuard (Groupe) + wireguard + 1 + 1 + group + + + + wg0 + Wireguard + 1 + 1 + + + + + + 10.0.0.1 + home + hmac-md5 + 1 + 1 + 10.0.3.250 + pxelinux.0 + + + + + 10.0.1.0 + 10.0.1.245 + + + 8.8.8.8 + 192.168.1.1 + 10.0.0.1 + + + + + + public + + + + automatic + + + udp + wan + + inet + + + + + nat_6607f82b9ce888.05887649 + 1 + 10.0.0.222 + 51820 + + 1 + + + wan + 51820 + + purenat + + root@10.0.1.0 + + /firewall_nat_edit.php made changes + + + root@10.0.0.128 + + /firewall_nat_edit.php made changes + + + + udp + wan + + inet + + + + + nat_6607fafb218422.21849064 + 1 + 1 + 10.0.0.222 + 51821 + + 1 + + + wan + 51821 + + purenat + + root@10.0.1.0 + + /firewall_nat_edit.php made changes + + + root@10.0.0.128 + + /firewall_nat_edit.php made changes + + + + tcp + wan + + inet + + + + + nat_661bb8d6ef88f5.62438693 + 10.0.0.202 + 80 + + 1 + + + wanip + 80 + + + root@10.0.1.0 + + /firewall_nat_edit.php made changes + + + root@10.0.1.0 + + /firewall_nat_edit.php made changes + + + + tcp + wan + + inet + Ssh + + + + nat_665da9805af827.84975328 + 10.0.0.141 + 22 + + 1 + + + wanip + 2222 + + + gilles@10.0.0.222 + + /firewall_nat_edit.php made changes + + + root@10.0.0.11 + + /firewall_nat_edit.php made changes + + + + tcp + wan + + inet + + + + + nat_661bb8fa0a1542.18207141 + 10.0.0.202 + 443 + + 1 + + + wanip + 443 + + + root@10.0.1.0 + + /firewall_nat_edit.php made changes + + + root@10.0.1.0 + + /firewall_nat_edit.php made changes + + + + udp + wan + + inet + + + + + nat_66249754bbbc23.12958361 + 10.0.1.231 + 4242 + + 1 + + + wanip + 4242 + + + root@10.0.1.97 + + /firewall_nat_edit.php made changes + + + root@10.0.1.97 + + /firewall_nat_edit.php made changes + + + + tcp/udp + lan + + inet + Forcer DNS LAN vers OPNsense + + + + nat_694d54e2ef9234.46943943 + 10.0.0.1 + 53 + + lan + + + 1 + 53 + + + root@10.0.1.109 + + /firewall_nat_edit.php made changes + + + root@10.0.1.109 + + /firewall_nat_edit.php made changes + + + + + + nat_6607f82b9ce888.05887649 + + 1 + + wan + keep state + udp + inet + +
10.0.0.222
+ 51820 + + + + + root@10.0.0.128 + + /firewall_nat_edit.php made changes + + 1 + + + nat_6607fafb218422.21849064 + + 1 + + wan + keep state + udp + inet + +
10.0.0.222
+ 51821 + + 1 + + + + root@10.0.0.128 + + /firewall_nat_edit.php made changes + + 1 + + + pass + wan + inet + keep state + Allow client to connect to the Wireguard Service + in + 1 + udp + + 1 + + + wanip + 51720 + + + root@10.0.1.109 + + /firewall_rules_edit.php made changes + + + root@10.0.1.0 + + /firewall_rules_edit.php made changes + + + + nat_661bb8d6ef88f5.62438693 + + 1 + + wan + keep state + tcp + inet + +
10.0.0.202
+ 80 + + + + + root@10.0.1.0 + + /firewall_nat_edit.php made changes + + + + nat_661bb8fa0a1542.18207141 + + 1 + + wan + keep state + tcp + inet + +
10.0.0.202
+ 443 + + + + + root@10.0.1.0 + + /firewall_nat_edit.php made changes + + + + nat_66249754bbbc23.12958361 + + 1 + + wan + keep state + udp + inet + +
10.0.1.231
+ 4242 + + + + + root@10.0.1.97 + + /firewall_nat_edit.php made changes + + + + nat_665da9805af827.84975328 + + 1 + + wan + keep state + tcp + inet + +
10.0.0.141
+ 22 + + Ssh + + + root@10.0.0.11 + + /firewall_nat_edit.php made changes + + + + pass + lan + inet + keep state + Default allow LAN to any rule + in + 1 + + 1 + + + 1 + + + root@10.0.1.0 + + /firewall_rules_edit.php made changes + + + + pass + lan + inet6 + keep state + Default allow LAN IPv6 to any rule + in + 1 + 1 + + lan + + + 1 + + + root@10.0.1.109 + + /firewall_rules_edit.php made changes + + + + pass + lan + inet + keep state + in + 1 + tcp/udp + + lan + + +
10.0.0.15/32
+ 53 + + + root@10.0.1.109 + + /firewall_rules_edit.php made changes + + + root@10.0.1.109 + + /firewall_rules_edit.php made changes + + + + pass + lan + inet + keep state + in + 1 + + lanip + + + 1 + + + root@10.0.1.0 + + /firewall_rules_edit.php made changes + + + root@10.0.1.0 + + /firewall_rules_edit.php made changes + + 1 + + + pass + lan + inet + keep state + DNS LAN vers OPNsense + in + 1 + 1 + tcp/udp + + lan + + + (self) + 53 + + + root@10.0.1.109 + + /firewall_rules_edit.php made changes + + + root@10.0.1.109 + + /firewall_rules_edit.php made changes + + + + pass + opt1 + inet + keep state + in + 1 + + 1 + + + 1 + + + root@10.0.1.0 + + /firewall_rules_edit.php made changes + + + root@10.0.1.0 + + /firewall_rules_edit.php made changes + + + + pass + nat_694d54e2ef9234.46943943 + + lan + + lan + keep state + tcp/udp + inet + +
10.0.0.1
+ 53 + + Forcer DNS LAN vers OPNsense + + + root@10.0.1.109 + + /firewall_nat_edit.php made changes + + + + + wireguard + any + any + 24 + any + 24 + 1360 + in + + root@10.0.1.0 + + /firewall_scrub_edit.php made changes + + + root@10.0.1.0 + + /firewall_scrub_edit.php made changes + + + + + + + + + + ICMP + icmp + ICMP + + + + TCP + tcp + Generic TCP + + + + HTTP + http + Generic HTTP + + / + + 200 + + + + HTTPS + https + Generic HTTPS + + / + + 200 + + + + SMTP + send + Generic SMTP + + + 220 * + + + + + 0.opnsense.pool.ntp.org + + + system_information-container:00000000-col1:show,cpu_usage-container:00000001-col1:show,services_status-container:00000002-col4:show,wireguard-container:00000003-col4:show,traffic_graphs-container:00000004-col4:show,dmidecode-container:00000005-col4:show,gateways-container:00000006-col6:show,interface_list-container:00000007-col6:show,interface_statistics-container:00000008-col6:show,log-container:00000009-col6:show + 3 + wan + + + root@10.0.1.106 + /diag_backup.php changement(s) effectué(s) + + + + + + + + 1 + test + SwIxZQLGVYIWKo6y0KXR5XsBEenaT/fBKC0yfjQ/rmw= + + 10.0.10.2/32 + maison43.duckdns.org + 51720 + + + + + + 1 + + + + + 1 + wireguard + 0 + voHbW40dMXGE5MPnMYEGjQr6zp2JvtnarHRJC4+PaUM= + 6CwodBia347/qUqDazOyCCBuJjWysw37ZBuQR9CUWVA= + 51720 + + + 10.0.10.0/24 + 0 + + + 2e6c1feb-c260-4084-845a-042e4174aa8d + 0 + + + + + + + + + + 0 + 0 + + + + + + + 16 + 32 + 4 + 1000 + 1 + 0 + 0 + 0 + + + + + + + + 1 + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + + + + + + + + + + 0 + + + + + + + 0 + 0 + + + ipsec + 0 + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + IDS + 0 + 0 + 0 + * + * + * + root + ids update + + ids rule updates + + + + + + + + + + https://1106509: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@download.maxmind.com/geoip/databases/GeoLite2-Country-CSV/download?suffix=zip + + + + 1 + Geoblocking + geoip + + + + 1 + + CN +BY +RU + + + + + + + + + 1 + PAYS_BLOQUES + geoip + + + + 1 + + CN +KP +RU + + + + + + PAYS_BLOQUES + + + + + + + + + + + + + + + + lan,wan + wan + v9 + + + + 0 + + 1800 + 15 + + + + + 2000016 + 1 + alert + + + 2000013 + 1 + alert + + + 2000012 + 1 + alert + + + 2000011 + 1 + alert + + + 2000010 + 1 + alert + + + 2000009 + 1 + alert + + + 2000007 + 1 + alert + + + 2000006 + 1 + alert + + + 2000005 + 1 + alert + + + 2008054 + 1 + alert + + + 2008064 + 1 + alert + + + 2008065 + 1 + alert + + + 2009076 + 1 + alert + + + 2011307 + 1 + alert + + + 2011355 + 1 + alert + + + 2011765 + 1 + alert + + + 2012195 + 1 + alert + + + 2016918 + 1 + alert + + + + + + + abuse.ch.feodotracker.rules + 1 + + + opnsense.uncategorized.rules + 1 + + + opnsense.test.rules + 1 + + + opnsense.social_media.rules + 1 + + + opnsense.messaging.rules + 1 + + + opnsense.media_streaming.rules + 1 + + + opnsense.mail.rules + 1 + + + opnsense.file_transfer.rules + 1 + + + tor.rules + 1 + + + threatview_CS_c2.rules + 1 + + + emerging-worm.rules + 1 + + + emerging-web_specific_apps.rules + 1 + + + emerging-web_server.rules + 1 + + + emerging-web_client.rules + 1 + + + emerging-voip.rules + 1 + + + emerging-user_agents.rules + 1 + + + emerging-tftp.rules + 1 + + + emerging-telnet.rules + 1 + + + emerging-sql.rules + 1 + + + emerging-snmp.rules + 1 + + + emerging-smtp.rules + 1 + + + emerging-shellcode.rules + 1 + + + emerging-scan.rules + 1 + + + emerging-scada.rules + 1 + + + emerging-rpc.rules + 1 + + + emerging-pop3.rules + 1 + + + emerging-policy.rules + 1 + + + emerging-phishing.rules + 1 + + + emerging-p2p.rules + 1 + + + emerging-netbios.rules + 1 + + + emerging-mobile_malware.rules + 1 + + + emerging-misc.rules + 1 + + + emerging-malware.rules + 1 + + + emerging-ja3.rules + 1 + + + emerging-info.rules + 1 + + + emerging-inappropriate.rules + 1 + + + emerging-imap.rules + 1 + + + emerging-icmp_info.rules + 1 + + + emerging-icmp.rules + 1 + + + emerging-hunting.rules + 1 + + + emerging-games.rules + 1 + + + emerging-ftp.rules + 1 + + + emerging-exploit_kit.rules + 1 + + + emerging-exploit.rules + 1 + + + emerging-dos.rules + 1 + + + emerging-dns.rules + 1 + + + emerging-deleted.rules + 1 + + + emerging-current_events.rules + 1 + + + emerging-coinminer.rules + 1 + + + emerging-chat.rules + 1 + + + emerging-attack_response.rules + 1 + + + emerging-adware_pup.rules + 1 + + + emerging-activex.rules + 1 + + + dshield.rules + 1 + + + drop.rules + 1 + + + compromised.rules + 1 + + + ciarmy.rules + 1 + + + botcc.portgrouped.rules + 1 + + + botcc.rules + 1 + + + 3coresec.rules + 1 + + + abuse.ch.urlhaus.rules + 1 + + + abuse.ch.threatfox.rules + 1 + + + abuse.ch.sslipblacklist.rules + 1 + + + abuse.ch.sslblacklist.rules + 1 + + + + + 1 + 0 + 0 + wan + 192.168.0.0/16,10.0.0.0/8,172.16.0.0/12 + + 363946bc-c1f3-445e-a761-245e3b81f579 + W0D23 + 4 + + + + + + + 1 + 0 + 0 + + + + 0 + 0 + + + + 0 + 0 + 0 + + + + + + + + + + + + + + 1 + 127.0.0.1 + 8000 + + + + + 1 + 0 + lan + 4000 + 1 + raw + + + + + + + + + + + 0 + + 2 + + + + 10.0.0.0/22 + + 1 + + + + + + + home + + 10.0.0.1 + + + + + + 1 + 10.0.1.1-10.0.1.254 + plage dhcp + + + + + dd9a92e9-d66d-48bd-8afe-9e0ebed747e5 + 10.0.1.2 + 4c:53:fd:27:af:65 + amazon + + + + + + + + + + + + + + + + dd9a92e9-d66d-48bd-8afe-9e0ebed747e5 + 10.0.1.12 + dc:a6:32:72:ef:ec + solar-assistant + + + + + + + + + + + + + + + + dd9a92e9-d66d-48bd-8afe-9e0ebed747e5 + 10.0.1.67 + 60:57:18:99:ed:05 + yoga + + + + + + + + + + + + + + + + dd9a92e9-d66d-48bd-8afe-9e0ebed747e5 + 10.0.1.192 + ec:71:db:d9:4d:bf + RLC-410-5MP + + + + + + + + + + + + + + + + dd9a92e9-d66d-48bd-8afe-9e0ebed747e5 + 10.0.1.233 + bc:24:11:1f:a5:bd + cosmos + + + + + + + + + + + + + + + + dd9a92e9-d66d-48bd-8afe-9e0ebed747e5 + 10.0.1.236 + dc:54:75:a8:47:78 + ecoflow + + + + + + + + + + + + + + + + dd9a92e9-d66d-48bd-8afe-9e0ebed747e5 + 10.0.1.243 + 80:97:1b:04:12:1e + apsystem_ECU_R + + + + + + + + + + + + + + + + dd9a92e9-d66d-48bd-8afe-9e0ebed747e5 + 10.0.1.244 + 60:c5:a8:7f:5a:83 + apsystem_ecur_wifi + + + + + + + + + + + + + + + + + + + + 0 + 0 + + 4000 + 1 + + + + + + + + + + + 0 + + 2 + + + + + + + + + + 0 + 120 + 120 + 127.0.0.1 + 25 + + + 0 + auto + 1 + + + + + 0 + root + 2eWJ1KCbKrYL09TU9OrXqkomJyk + 2812 + + + 5 + 1 + + + 0 + root@localhost.local + 0 + + + + + + + 1 + $HOST + + system + + + + 300 + 30 +
+ + + + 19a7dae6-e858-415f-90b3-316fcee88d4f,6cfb26d0-a9eb-4db5-a4d8-2aab45f6fafd,17f136cd-5730-427e-82c7-5607afb399f5,28aade0b-0568-40aa-babd-24521bd2166a + + + + + 1 + RootFs + + filesystem + + + / + 300 + 30 +
+ + + + a0773493-306b-43f6-b13b-d733bcd6d8ed + + + + + 0 + carp_status_change + + custom + + + /usr/local/opnsense/scripts/monit/carp_status.php + 300 + 30 +
+ + + + c578b7db-4bb0-47aa-94ad-d9310feb90e7 + + + + + 0 + gateway_alert + + custom + + + /usr/local/opnsense/scripts/monit/gateway_alert.php + 300 + 30 +
+ + + + b11890a8-3088-4ce0-952e-5f2ada40d073 + + + + + Ping + NetworkPing + failed ping + alert + + + + NetworkLink + NetworkInterface + failed link + alert + + + + NetworkSaturation + NetworkInterface + saturation is greater than 75% + alert + + + + MemoryUsage + SystemResource + memory usage is greater than 75% + alert + + + + CPUUsage + SystemResource + cpu usage is greater than 75% + alert + + + + LoadAvg1 + SystemResource + loadavg (1min) is greater than 6 + alert + + + + LoadAvg5 + SystemResource + loadavg (5min) is greater than 4.5 + alert + + + + LoadAvg15 + SystemResource + loadavg (15min) is greater than 3 + alert + + + + SpaceUsage + SpaceUsage + space usage is greater than 75% + alert + + + + ChangedStatus + ProgramStatus + changed status + alert + + + + NonZeroStatus + ProgramStatus + status != 0 + alert + + + + + + 0 + WAN_GW + WAN Gateway + wan + inet + + 1 + + 1 + + 0 + 0 + + + 255 + 1 + + + + + + + + + + + 1 + WAN_DHCP6 + Interface WAN_DHCP6 Gateway + wan + inet6 + + 0 + 0 + 1 + 0 + 0 + 0 + + 0 + 254 + 1 + + + + + + + + + + + + + 1 + 1 + 31 + + + + + + + + + + + + 1 + 53 + 1 + + 1 + 0 + + 0 + 1 + + 0 + 0 + 0 + 0 + 0 + 0 + transparent + + 0 + + + 0 + 0 + 0 + 0 + 0 + 1 + 0 + + + 0 + + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 1 + 0 + + 0.0.0.0/8,10.0.0.0/8,100.64.0.0/10,169.254.0.0/16,172.16.0.0/12,192.0.2.0/24,192.168.0.0/16,198.18.0.0/15,198.51.100.0/24,203.0.113.0/24,233.252.0.0/24 + + + + + + + + + + + + + + 0 + + + + + allow + + + + + + + + 1 + dot + + 9.9.9.9 + 853 + + 0 + 0 + Quad9 DNS over TLS + + + 1 + dot + + 149.112.112.112 + 853 + + 0 + 0 + Quad9 secondaire + + + 1 + dot + + 1.1.1.1 + 853 + + 0 + 0 + Cloudflare DoT + + + 1 + dot + + 1.0.0.1 + 853 + + 0 + 0 + Cloudflare DoT secondaire + + + + + 1 + homeassistant + home + A + + + + 10.0.0.2 + + + + + 1 + lxc-mariadb + home + A + + + + 10.0.0.14 + + + + + 1 + vm-ansible + home + A + + + + 10.0.1.11 + + + + + 1 + vm-docker8 + home + A + + + + 10.0.0.8 + + + + + 1 + vm-docker0 + home + A + + + + 10.0.0.212 + + + + + 1 + vm-docker10 + home + A + + + + 10.0.0.20 + + + + + 1 + vm-docker13 + home + A + + + + 10.0.1.98 + + + + + 1 + vm-docker2 + home + A + + + + 10.0.0.26 + + + + + 1 + vm-docker3 + home + A + + + + 10.0.1.98 + + + + + 1 + vm-frigate + home + A + + + + 10.0.0.206 + + + + + 1 + vm-gitlab + home + A + + + + 10.0.0.200 + + + + + 1 + vm-jellyfin + home + A + + + + 10.0.0.33 + + + + + 1 + vm-mediaserver + home + A + + + + 10.0.0.29 + + + + + 1 + vm-mesdata + home + A + + + + 10.0.0.34 + + + + + 1 + vm-mqtt + home + A + + + + 10.0.0.3 + + + + + 1 + vm-nodered + home + A + + + + 10.0.0.9 + + + + + 1 + vm-vaultwarden + home + A + + + + 10.0.0.16 + + + + + 1 + vm-weewx + home + A + + + + 10.0.0.13 + + + + + + + + + 1 + 1 + 0 + 300 + opnsense + + + + 1 + duckdns + + + + 0fd20557-743c-41da-858e-724143602751 + + maison43.duckdns.org + 0 + + web_dyndns + 10 + 1 + 300 + wan + Duckdns + + + + + + + 0 + + + + 1 + 1 + lan + + + + + 1 + 0 + + + + + + 0 + 0 + 0 + 1 + 0 + + + + + + + + + + Zabbix agent + + +
+ 1 + 10.0.1.236 + 10050 + 0.0.0.0 + + 0 + 100 + val_3 + 0 +
+ + 3 + 5 + 100 + 100 + 3 + + + 1 + 10.0.1.236 + 120 + 0 + 0 + 0 + + + + + + + + + + 1 + 0 + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + -1 + + + + 6607d788bf4eb + Web GUI TLS certificate + + LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUhIakNDQlFhZ0F3SUJBZ0lVVndjK1BlYUltalhKK0FBYUdHRG9OM3BCVi9Zd0RRWUpLb1pJaHZjTkFRRUwKQlFBd2dZa3hIVEFiQmdOVkJBTU1GRTlRVG5ObGJuTmxMbXh2WTJGc1pHOXRZV2x1TVFzd0NRWURWUVFHRXdKTwpUREVWTUJNR0ExVUVDQXdNV25WcFpDMUliMnhzWVc1a01SVXdFd1lEVlFRSERBeE5hV1JrWld4b1lYSnVhWE14CkxUQXJCZ05WQkFvTUpFOVFUbk5sYm5ObElITmxiR1l0YzJsbmJtVmtJSGRsWWlCalpYSjBhV1pwWTJGMFpUQWUKRncweU5EQXpNekF3T1RFeU5ESmFGdzB5TlRBMU1ERXdPVEV5TkRKYU1JR0pNUjB3R3dZRFZRUUREQlJQVUU1egpaVzV6WlM1c2IyTmhiR1J2YldGcGJqRUxNQWtHQTFVRUJoTUNUa3d4RlRBVEJnTlZCQWdNREZwMWFXUXRTRzlzCmJHRnVaREVWTUJNR0ExVUVCd3dNVFdsa1pHVnNhR0Z5Ym1sek1TMHdLd1lEVlFRS0RDUlBVRTV6Wlc1elpTQnoKWld4bUxYTnBaMjVsWkNCM1pXSWdZMlZ5ZEdsbWFXTmhkR1V3Z2dJaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQwpEd0F3Z2dJS0FvSUNBUUNMS3FLelg4QUVFcSs5MzNlUm1qTC9hdW5DMXZOaVlkVkZ4Y214OGJEd09YNG90cWJNCnk2dmIwSlZxVDQvSTFlZ2h0L05iL2ZEVGtoT3RtRmFjd0ZtRWthNGwrUlptbUN3a1p1Ukl0NldQcXpnZkhSc3MKY01LbmltSHR4OXJvd3FVa1VKNHpWZHdwcitGS08wRmYrOFdoT0xVWWdwN2c1TEhRNnpTNE9kSzlqSWNYdHJxNwpvOXVEOXBVN3d6cmZWNm9oT0FzYTdtVXdVQUlJeXVNT3Q4RXFiUzlOcTVLVEJZVDAyekV6MzRaYkZGM0ZOMGRxCnpVYXd6ZWd5ODFYSWVNeldhaG1OdTBNWWtMSlRrRjE4ZHhaN25zdXFqOW85TlpNckZTYnU1eVVJSnQxWG9Bc3AKaGN0VERQR1RzRjZFS2hFL3FyS2F1ZFVKeVN3eWNuS2VLNzhxRkEvNWVscjk4VzFWUXZhRlVOcHRGUFVObjJVWQpkUkZMNnVVUDJtNjhicG1rRktVN2ZTM2MvTEVvZHRNS3B1K2s4MGVLVEpDVWFNZnluMnpzSTV4M01Xd1dYYTRaCnZ0RFdxZEFiemF3aUNrVVVtRVZ6cVFtYVJFM3QyR1ZqR0Z0eTl4MXo5cFF1YSttSUs4VWxBdVdka20zc1pveHcKOXk0Z3dveU9oL2VCdjNjeHE3VC9kRUp1TUx4cFc1OEZ1cGMzajVhNEVqcnJJWXR3NGIrdVk5eDZuU3FLUklCZQpGZWU3L2ovbWtBUUV1Y1lsZkYrK3hiL3NGbVhQUEdkMmhwWFVYdmpDaTRQSUlxUWt3WlMzUlRlMVVtVE93OS84ClQ4VHluSHNnZ0h1WjRUK2dMSXFTZFhNd0JaNWtvaXJUSzVWUXFsNU5oZmdFcTAvenRTR1dLL2Zla3dJREFRQUIKbzRJQmVqQ0NBWFl3Q1FZRFZSMFRCQUl3QURBUkJnbGdoa2dCaHZoQ0FRRUVCQU1DQmtBd05BWUpZSVpJQVliNApRZ0VOQkNjV0pVOVFUbk5sYm5ObElFZGxibVZ5WVhSbFpDQlRaWEoyWlhJZ1EyVnlkR2xtYVdOaGRHVXdIUVlEClZSME9CQllFRkZZZE9vcWVmcWJLZmRocCs5ZjlRRy9IVGtSdk1JR3pCZ05WSFNNRWdhc3dnYWloZ1kra2dZd3cKZ1lreEhUQWJCZ05WQkFNTUZFOVFUbk5sYm5ObExteHZZMkZzWkc5dFlXbHVNUXN3Q1FZRFZRUUdFd0pPVERFVgpNQk1HQTFVRUNBd01XblZwWkMxSWIyeHNZVzVrTVJVd0V3WURWUVFIREF4TmFXUmtaV3hvWVhKdWFYTXhMVEFyCkJnTlZCQW9NSkU5UVRuTmxibk5sSUhObGJHWXRjMmxuYm1Wa0lIZGxZaUJqWlhKMGFXWnBZMkYwWllJVVZ3YysKUGVhSW1qWEorQUFhR0dEb04zcEJWL1l3SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQ0FJQwpNQXNHQTFVZER3UUVBd0lGb0RBZkJnTlZIUkVFR0RBV2doUlBVRTV6Wlc1elpTNXNiMk5oYkdSdmJXRnBiakFOCkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQUk0ZVROdDBhdGJ2ZE94alliVXR4YnlKWWt1VTh3cnphaGI3ZGJSdm8Kcnd1alBrT2t2c2gyUjlYMW1IOFFhamhVMlRSMCticER0eTNWRk9oQnpMbjhhWUI3RHZUcmFGSG9hVHFiVitTYQpLRmsxRDdNRk1SaGVHZG9IZnRNTG5GR2syazE2RkVkYUF0ZXhFMnJqclVINzJrNERuZDlsOTBYaG02LzV4d0JSCkJnellJS1VJN0V5KzhIb29JQjFDYWh2Tng5Q052ZXhyQkZLZU01VGtKYm1lY2ZqaDgwZGdlOU1MdnNTQVAxdWkKcDBoM21QN00zMElHanVzQWdna3lmVGE5THZ5UWhOWnNsdDU3QWtuWTFQaFFBRVozRkdTVFp1NllFTDZYNVh5VgpibVU1ckxQbDl1aEQzVkk5MnNRd0hOMFRTVHc3WGhsai9sa2h2L3JUeXdNRGZjNnROTWlHRmFyczJ1cnk2MnhyCkhNNHlYZEJLU1BnbUg1MEJVYitLZnUwa1N2VTNYNlI2Uzdxa25mNWtJN0IyNy9EY29Sc2VnN1FTeGl4RUQvbzAKYkRDMTlncTArWUw3WE85cit2dGNFOGk2SVB4MFZPWnVXbldyZCt5NEMxMVpPVHdjbi83S3I4ZWhxNm16WkFhdQpxTHFSeGhHTG5ER0dYazBZNS9EZUM0T01XUWk5U01DQXU3TkROekFGN2l0Z2pKczVwUVE5UzdBeExpYzlvajR1ClhZVjBZUlBQMk9nV09oVFYwblRpNVZaRUZLUlJsU0RvbmhmSlhicXVvaHNveUZsbURmbGdYU2RlR2tZOGdnWEUKRGhKTS9IekoreUhXcmpPaWg1TDZMaTBpM2g5M2tmRStaY1NtWVo2THJmQTZLeXpZTWhyclhuMDZ1bnRyc3MrbQpDWlU9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K + + LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUpRZ0lCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQ1N3d2dna29BZ0VBQW9JQ0FRQ0xLcUt6WDhBRUVxKzkKMzNlUm1qTC9hdW5DMXZOaVlkVkZ4Y214OGJEd09YNG90cWJNeTZ2YjBKVnFUNC9JMWVnaHQvTmIvZkRUa2hPdAptRmFjd0ZtRWthNGwrUlptbUN3a1p1Ukl0NldQcXpnZkhSc3NjTUtuaW1IdHg5cm93cVVrVUo0elZkd3ByK0ZLCk8wRmYrOFdoT0xVWWdwN2c1TEhRNnpTNE9kSzlqSWNYdHJxN285dUQ5cFU3d3pyZlY2b2hPQXNhN21Vd1VBSUkKeXVNT3Q4RXFiUzlOcTVLVEJZVDAyekV6MzRaYkZGM0ZOMGRxelVhd3plZ3k4MVhJZU16V2FobU51ME1Za0xKVAprRjE4ZHhaN25zdXFqOW85TlpNckZTYnU1eVVJSnQxWG9Bc3BoY3RURFBHVHNGNkVLaEUvcXJLYXVkVUp5U3d5CmNuS2VLNzhxRkEvNWVscjk4VzFWUXZhRlVOcHRGUFVObjJVWWRSRkw2dVVQMm02OGJwbWtGS1U3ZlMzYy9MRW8KZHRNS3B1K2s4MGVLVEpDVWFNZnluMnpzSTV4M01Xd1dYYTRadnREV3FkQWJ6YXdpQ2tVVW1FVnpxUW1hUkUzdAoyR1ZqR0Z0eTl4MXo5cFF1YSttSUs4VWxBdVdka20zc1pveHc5eTRnd295T2gvZUJ2M2N4cTdUL2RFSnVNTHhwClc1OEZ1cGMzajVhNEVqcnJJWXR3NGIrdVk5eDZuU3FLUklCZUZlZTcvai9ta0FRRXVjWWxmRisreGIvc0ZtWFAKUEdkMmhwWFVYdmpDaTRQSUlxUWt3WlMzUlRlMVVtVE93OS84VDhUeW5Ic2dnSHVaNFQrZ0xJcVNkWE13Qlo1awpvaXJUSzVWUXFsNU5oZmdFcTAvenRTR1dLL2Zla3dJREFRQUJBb0lDQUNLK0JSbzB1RElNSERXUm1UOFBPTllNCjhjakRjc1ZIMlQ5dTdqaHZOeFh4dEc0amt5YWpYZ2NsWG5mSTN3TnJhMlVua0NpU0Q5SXhzSm53NHdhRStwUWUKN2xQcWlFNGFoVUtkTVRaNkttbmdlOFZBdGV6MVJaTWY5K3l0clJmWXAvT1Y4TGl1SWFXQ2xBSzlJa2Y5Q2N5Qwo1S3IyeVFVcDhyNU9TYjRJS1hWS3BOc2xzaDV2L0xoSUVkOTJrTGI3SXF6aVdkdGlVbjZxS3FmWlJyQUE3Y2RTCnRMRjJPTVJkWjJEZGE3NGdlbUU0aDJSWnRZbVRMNmVwNytMd1hxVUtpMUNuOGpNdzRjSTdOVm1wTzcxNzJYQUoKSjUwd0JuS3JjazhhRzdzZWwxOGVuTGxvYWdEMnR0akg3WE5LWDM0dEpsczNtUmtKZFliWTR5REE4NTVMRzVEZQpaeGJqMG1xaDNoQkdreS9qMnlUbU5DUFlYbUdncC9OSnYvTHI0dllMbVd2a1F3NFJuNXl0NHM5SldIVXNXUjcwCkdqNUROWURUL2Z5d1JkQXdPTWJORTk5YzI4K1o3QmlQQjJGVGhadFhicWxrdWRCdmgvUENLMDdYVy8rMTNjVHIKVUdDMWlKbDdvaGZGdTgybW1FYkhyZVJmRjhsUGVBc0MyK2F3cEtUWnB3K2MzcjF6Nkt0Tm9rZGFGMHVhaWE1NApCbVhvam5ZRzVrL0twUjcwTHVVdHpvbVBMUVJkSmtVVGVTcWh6bU1Ed0UvNGdUWkdQY0NiMjZQc3Eza0Z1WFhVCkVhOHJRZHFIU0hYL1lwNG5RVG9GT1A5YUlIT1p2aGMzNE5BaGhpb2pJNFZZd3hOMHltQytrUTBDVFJGYW9lZm0KeTBSRWF3UEJSUXhGQlU5LzkzaEpBb0lCQVFEQkRTQ2hFbCtVZUVXVDZoYWhDY0hWVjJ5V1FUNTBleHlJeUp6SgpFc0FNYmhYOElLTXFjZUcvTXo1a3lUUCtaNVpMUzFBeXBYcCt0RnRtV2EwZ0ZGVkJkTWNBd05wa005YVVjb01TCmE0RGpIblVxcXI5Q2VGYUl0RElVa2ZSbkgrbXd3M0JIcXh3Z1NnWG0yanNHNUV6Yy95cUFMbkh3TThhczhJbmMKK3VwOWZreXRYbXBiRjUrcmhqWDBNWHdKZk5vRFlJZUJTVUtXbThFaTQyeGcxOEhKS2YyVm9TOEJHSnFzZ3dnQQpzcXZibWxFb1k2cUFKSVFoK0Rad1JZcXdzR2Qvdm5XaFc0aHp1QUU0SVlvc0lPV1c1cjE5WU1WWHhLdHNhRU84CnRKQW1JcmlvK3pPY2ZXRUc3Wngzc0tMWHNzWmY5UDdOMSs2MlFlUDJYTEZTVWZUdkFvSUJBUUM0aTRESi9lV3gKZEtUMkpDRlgyT3N4TkVyOExrbkVtbEVYYktrMWVXODlOR2RQMkxFNDkvK1pFTjR4SmdxNEJISW0yUWYrR2dxaQptcVVJLy9ZOVBRTFpZSDluUkVUSm9odis1Y1EvU0ZoNDMvcTgzbHdSY1I4RjdDMVorZ2hJK0NYcVQ3L201L1hVCmRtSGQ5NTBDd0FlL1k2VzBTMTY0V0s0UUxtc1ZuWk1qVGpxWllPT0N3RU5oL3plemZranVmMG5LU1FlYVo1U1cKVW14MjJyc1JUblhoSW1kaW5YbE8wWEUvZlZkTzBoZmFRUjBXM1dJZnhiUEJPak15WVJQRGRONDExMkJwWmVLdwo5T21STzRMd2NxK21LbFRpUy8ybW9FVFhXdHFacHJkNFZrWXdjOUFTTHdscjZOb0RlOTVQbS9iS21yUTUzWlZkCnRIVmpCWm9GcGRpZEFvSUJBUUMrM0JTclNqZjIyR1dwbENDbE83bElDL1BPSlZqeTNoaGEzME9xdzMvZGlpVHcKTFBCRDhXMUhsQWtXcVpsZTV0aS9QZ2xlMlIxZkVUN2YxTDhGM1RSZ3oyeER3V2JvOUJzc2puNHBndUZkS2VxYQpzVThBRDJzMklqajAvMHZMZk5DVXN0Ulo5c0NLNThRbjlRK3dnNXUrVGdPZDBNMVN0azJ4QXVxNTc5UlBGOFFGCkR6aEZNUGpxSW5sTElIVktDQWFlbWh1OTVVa1JENUlGeFNTTUppTnZsN1VlN3NsQzR5bGdidmRGZ1YvSmNDclcKckpxUHNBcDJieWliSFJXK0U5bHZnVVJZcjk4YTBRdGJqRVZIMVlwSEEzN0o2eGVQNjEremdPMmZMa0RwZ3lCZgo2R0toVDQvU3dxNFQ0eTFMNVhLY3dlSDhib1NSNmxqUFk5cm4wU0UvQW9JQkFBWEVWa0g1clRQZWNVay8xOHJtCi9IS05MOHF4cDV4OU5ndUZXY1JTQnlmaWUxZ0RiWVphT2FLTzVHS2t6YkR5Y3A3RUtYdkhWSTNBUjJnQWw3RlMKTnNTVVAyYjZ1eXVSNVU0UjRCQWFNcW1VVmtHUXNVL2FPUjMyUTNTTVc3WHNDME5IT3JmOGg3SWNBUEx1eWZsTQpCdkgwS3psM0lYNmhSczg2cEI0SXpwQkw0WWpwZmpLWHo0TkFkbjBsZFNIKzJFOTUrTUxhZWNvNHlTcnRxdXJmCmlNK0FRN3JSTVBsRmtrUnBwbERRUCs2U0dsYWNsSFJwdVRSUW5VajF2NmhiL3BXd0pWTWwyKytydDZEU08wVkkKVURUaEhjWDBtZmliQ1l1eFN5T0NFam13ZUlFTEhYVjBBdGRjYjNPc2EwWVJtYVM3TU9hZUJnem5sc09CYVU3RAo0QUVDZ2dFQVo3L1hwL08xejJXZlMyUHVPRy9SSEE2TkNKeW1wVktMVGFsVEtlWEdYMUErUGNXOFFJLzQzVURBClkxcWJEeGNUODFIU2JQcE80Z0xET2k4OXArb2M5MTJkS2NYQ1poenNsbjlpbGpwUEt0RGlSY2NBUXVhMWU2TWEKaUY1dGYrRC9FTzZtZkxwL2xCZHhmN2QzbzR5cjF3N2JiMXpkZ0xMZXdHMkxYRE05TTNxcEdBODk3S2w5V2g2UwpWdVNwZEdkMDh6WFBVK1RteFZLMHpGVVBjbnpaTlVPbmp1aHk5L0VVQkRKU0ljS0x1U3NHbS8rRUFmdkhoYi90Cll3c2dxZ1NWNUplOXBPYXBFWFB1QUkzZlFYUm5uYXArdWVVdERZNWNnanV5TW5JVGZKSlA5bHd3eGI5ZEZYTXoKVmVmdFFGNHRQdFJNdFRTaVcxV3l6c3NCeUNrLzV3PT0KLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo= + + + 6607da87d5f1f + Web GUI TLS certificate + + LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUhIakNDQlFhZ0F3SUJBZ0lVTUswSFdwa25HbzMvQ1BWcDk1dnphS2V2ZFVFd0RRWUpLb1pJaHZjTkFRRUwKQlFBd2dZa3hIVEFiQmdOVkJBTU1GRTlRVG5ObGJuTmxMbXh2WTJGc1pHOXRZV2x1TVFzd0NRWURWUVFHRXdKTwpUREVWTUJNR0ExVUVDQXdNV25WcFpDMUliMnhzWVc1a01SVXdFd1lEVlFRSERBeE5hV1JrWld4b1lYSnVhWE14CkxUQXJCZ05WQkFvTUpFOVFUbk5sYm5ObElITmxiR1l0YzJsbmJtVmtJSGRsWWlCalpYSjBhV1pwWTJGMFpUQWUKRncweU5EQXpNekF3T1RJMU1qbGFGdzB5TlRBMU1ERXdPVEkxTWpsYU1JR0pNUjB3R3dZRFZRUUREQlJQVUU1egpaVzV6WlM1c2IyTmhiR1J2YldGcGJqRUxNQWtHQTFVRUJoTUNUa3d4RlRBVEJnTlZCQWdNREZwMWFXUXRTRzlzCmJHRnVaREVWTUJNR0ExVUVCd3dNVFdsa1pHVnNhR0Z5Ym1sek1TMHdLd1lEVlFRS0RDUlBVRTV6Wlc1elpTQnoKWld4bUxYTnBaMjVsWkNCM1pXSWdZMlZ5ZEdsbWFXTmhkR1V3Z2dJaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQwpEd0F3Z2dJS0FvSUNBUURQQVcvTmVXWGVFZ3gzbStIK3Y4OUdvek5PRTJFWlBQOE1CTllhWHJvNW1GeVlrV01hCnRMTkZGMlBzNVdDWHBJVFNkbnU3M0hQOVd6d0M4dWZTdDBORlZ1dEROclloeWJYYVhXTmVESTlnUmFTWmRXQ0cKUCtjb29KdC91SThJSjNQTVdtVSs0S2ZuMHdLWHRUeVBqQ1luYVlVK1BvMDhXWERIdW9wa2VxeWQ3TThkNFBCMgpvRnk2NzZLWm9tTG84bW0wSEh6OUhqVFQ1Qk5BUGNTV28rWXoxMGhOY0E1aGdNSUpUdWpnZ1RYV3ovSVA4aHlLClhiRXpTOXdqVTdidzNETTFDZnJBUlB3Qnd4NTd6NDc5MDJFRHJHNVJGMzA2cXU4TVExdGJ5S0drREpwZWZNOHMKelUzNUplTmRIZ2N4ZlByWW5XSXR2SFBsL0FONVAvcW03MFVvMzFRUGU2bEhFbmt3UzRKbkdYcXJoaEZaY0FDbgpmaWwydExEb2RQYisyUE5Ca1kvY0wreGhkaW9ldkxsNUNudjJpSDdDWEdPNzZoNEV0U1ZNZGpCNzgwemwrZXA4Ck80dTR3L0xVUTlCWXRXNmllYytwN2hxZ0lzc3I4am4zbmJnMTIwN3RaS004czNZVVJqMHl4aktJK3pHLzRFQW4KdnVwdTFNS2RQU0JCYzdhNzhRVDd6ZjdXMERncU5DRXp1dS9lNzMrUHpla1g0OWxHMEgwb1pwejkzbzVTYnkwVApXVW4rVHpxOWQ0SGZGeU9zdk9ldm51OU10dFE0Y1lCNy93ek5WRzVzSkk4UjlqeEJTWUpvZVRvQXhEdWdHWTkrCk8rbTZaRWpyVW16VGx1YlllSUJuYzBySjErR3o4OVg1REtKY3FBekkvS3VOaHNsMjYwWG5xdXRLL3dJREFRQUIKbzRJQmVqQ0NBWFl3Q1FZRFZSMFRCQUl3QURBUkJnbGdoa2dCaHZoQ0FRRUVCQU1DQmtBd05BWUpZSVpJQVliNApRZ0VOQkNjV0pVOVFUbk5sYm5ObElFZGxibVZ5WVhSbFpDQlRaWEoyWlhJZ1EyVnlkR2xtYVdOaGRHVXdIUVlEClZSME9CQllFRkVhMFZrRVVta0RzVzNLSjVCNnBIbDNBQTc0RE1JR3pCZ05WSFNNRWdhc3dnYWloZ1kra2dZd3cKZ1lreEhUQWJCZ05WQkFNTUZFOVFUbk5sYm5ObExteHZZMkZzWkc5dFlXbHVNUXN3Q1FZRFZRUUdFd0pPVERFVgpNQk1HQTFVRUNBd01XblZwWkMxSWIyeHNZVzVrTVJVd0V3WURWUVFIREF4TmFXUmtaV3hvWVhKdWFYTXhMVEFyCkJnTlZCQW9NSkU5UVRuTmxibk5sSUhObGJHWXRjMmxuYm1Wa0lIZGxZaUJqWlhKMGFXWnBZMkYwWllJVU1LMEgKV3BrbkdvMy9DUFZwOTV2emFLZXZkVUV3SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQ0FJQwpNQXNHQTFVZER3UUVBd0lGb0RBZkJnTlZIUkVFR0RBV2doUlBVRTV6Wlc1elpTNXNiMk5oYkdSdmJXRnBiakFOCkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQXVRZnJTeXVkVVNPV1QyL0FTZFQ5c2ZWbmhlbWUxdkpuMXZJdjBtUjYKa2UvMXJDNXplYmZMeHlHMzVwbGdlWFFhOTdPTC9ZSER2NlZ4bkNOM3ZkK3R0S0FaWUtla3FWd3Ywcmg1QUcyZQo1b1lib0NwazBLTHZvNTJKVWswQVNsTXhDdndFVi9qRGFKZkNsRjdCV3BpTDQrMnlMeXl0ZFpSL0pyd3ZQZjFXCnU0YWl4WGRVN2RrQXFOK2dvM1BEclJPVkgvNHF5TUVQRUZTR1JNK0EvU0dOWjZtRXVkdzR1UDNzaDZqSHRQWTAKbHRVNklpTnY3N2FrV21iR0RmbnpoWERYbU0rNjEyT1FDOXJaK0pQVFcrcW9WaHJnOFJIclBpQS9oeW9WRFVQbwoxV3BXZ0RiUVFXSERJdG00WCtVS1RTdEZJNkw5WjdFMExEeUlsQXNOd1ZoRU4yekRtcHFPT3I5WkZvYmFDNXJtCnFvUWdDcU0zSHE0OVg0ejNhU01FeVU3eUZxNCtwZEorSnRxS3haS29UMmtzMU4ybEVxdDJDaGxhS0g2Ymc5cjAKSTRrQkQraG1pQVc2WHprYWRsUG90ZlR0eDJ4c2pnQWtNN0RRYjZobUxyQksxK0pmVUN6QUl2RTdBK1RsRlVOcQpTVUd1eHpEdHM4b0Nick01Z1hwcDczYW1mc2UyYkJVVVZzVjYrYndyelRjREVKdm5xZjFUNFZLYU9SQVdSYjV5CkhxQWt3a2hOTTE5VjhUeHIvKzAxSVNadFJJZVpBTGtEWFFDKy9YRHprOHloUzdwRWNUK0w2bnQzQmlaUkRXN24KTk12eXR1OWJmL3lUYVhJZlNCVVJVWm1rdVZ6UjRQdkhrbmxDS2RPVVQ2cGZNU2JNU1RUaGZ1TGI4bUpvc0l3SApPOFU9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K + + LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUpSQUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQ1M0d2dna3FBZ0VBQW9JQ0FRRFBBVy9OZVdYZUVneDMKbStIK3Y4OUdvek5PRTJFWlBQOE1CTllhWHJvNW1GeVlrV01hdExORkYyUHM1V0NYcElUU2RudTczSFA5V3p3Qwo4dWZTdDBORlZ1dEROclloeWJYYVhXTmVESTlnUmFTWmRXQ0dQK2Nvb0p0L3VJOElKM1BNV21VKzRLZm4wd0tYCnRUeVBqQ1luYVlVK1BvMDhXWERIdW9wa2VxeWQ3TThkNFBCMm9GeTY3Nktab21MbzhtbTBISHo5SGpUVDVCTkEKUGNTV28rWXoxMGhOY0E1aGdNSUpUdWpnZ1RYV3ovSVA4aHlLWGJFelM5d2pVN2J3M0RNMUNmckFSUHdCd3g1Nwp6NDc5MDJFRHJHNVJGMzA2cXU4TVExdGJ5S0drREpwZWZNOHN6VTM1SmVOZEhnY3hmUHJZbldJdHZIUGwvQU41ClAvcW03MFVvMzFRUGU2bEhFbmt3UzRKbkdYcXJoaEZaY0FDbmZpbDJ0TERvZFBiKzJQTkJrWS9jTCt4aGRpb2UKdkxsNUNudjJpSDdDWEdPNzZoNEV0U1ZNZGpCNzgwemwrZXA4TzR1NHcvTFVROUJZdFc2aWVjK3A3aHFnSXNzcgo4am4zbmJnMTIwN3RaS004czNZVVJqMHl4aktJK3pHLzRFQW52dXB1MU1LZFBTQkJjN2E3OFFUN3pmN1cwRGdxCk5DRXp1dS9lNzMrUHpla1g0OWxHMEgwb1pwejkzbzVTYnkwVFdVbitUenE5ZDRIZkZ5T3N2T2V2bnU5TXR0UTQKY1lCNy93ek5WRzVzSkk4UjlqeEJTWUpvZVRvQXhEdWdHWTkrTyttNlpFanJVbXpUbHViWWVJQm5jMHJKMStHego4OVg1REtKY3FBekkvS3VOaHNsMjYwWG5xdXRLL3dJREFRQUJBb0lDQUFTdFhLSWRWVTdseEdQbkJJdmVxZFc1Cmg5UTdjekpPcllOQkFnM2VzeXdJM1NpRUFWV1RlVE95amJYRzVlVjhsT3BkeTZSY2NnWjQ1ODgzNmdvZzZiR2wKUmxkVVZNM1cyM2VXbmlhMUUvR1ZlaVBWOCtKN3c5RDloSFFudy9Ebng3NGtMdlJXMjgwK2xMNU40K2krYVNRUApmMHppMlpqOHMrc1lRajQrU25PQ0pOR29IblVEUkpHT0RwQmJxQ2RiRG1MTzM4RDhXb09wV0pkWEhDcFk5WGg4CjFqWmh0YXdqM2t5M1VkVFJxRmsxTUEyL2c3SExVaVg5a0hqRyt4NXNoN2lPUzBlUkZhNWZuM2xDUFRWcnFMTmoKakZXcXVUT0c3V3puMTE5aGEzWnlPUjZ4TTNaK0JKcXJHR0JnSVRSZURLbk9USXUwckFhYlJUbEVPMXpWa1o0WQp1V2x0ejNnbGNvemJXNFlyNmZ5RndjcFBQaWxGQjE2M01Rb1Y5ZVVBdTlHNW16MWNReHRRMmc5YnhselNXMnlwCkdkazlYakpxVWZsQnNWQm90T0wrODdCOWU2ZmRsSzNkbTJxdGxJb1BDTVFjNlRKUXo1bGE1T3l1akxvMXB4bXoKUnQwdHAwNHowYUdFdS8xRHZLVVEwS2tCbVlsd0F4S3pvZzl1MDFHU2ZwOWNScGovZkVLT1J2aFYvY0N4cTgxZApmQWNTMnk3SEltZFoveDhvWFRUdTUzU2ZkdUQ5QzhIcTd2UUlPTGhDc2E5SUdIVmcyN2FkOFYrSElLUVlJRis2Cm9GWUpFY0IxeHRCTEhCVERSVDhRaWNQTm1UNDFFT3BlOVZsMUQ3VlFCMGRpK1h3QWM2dkxyN3N5MDU1OWdxcEYKT0tFL3BtRVJsaVJKbStCR2hIYVJBb0lCQVFEdVdVZFgzRVpneFVNSm4rVGdSeFRXcHFjUGMycmxnM1BDeWtRcApOMk5RdE9xSE0rVURYUXFHZ0RJV3I0cHp5YzRFUkMwM3NqQkhnaWpLU29pMGZ6K2lwbmVlaWtGeFEybkhVUnY2Cld6aG5Xak9UR3ZCY3lhd2wyNmJGaWFzNU9XU3QwRk5BZG05cTZlL2laYUwyVXIvMjBmSmw3eVIzbXlldHVYcG0KSU8rYmRreFg4d3NSbEN3TWJHTkh6VHFMNUt5K3ZKQlJnVzFlMFRyY1pubXJGdEUzOVoxM28xS0JEM25ka2NzVgpyMDd5MVczN0hmVnJMdmpmb3p0QktYUzJBTmhrTXYwWUp3eWEyc2ZReWZMODZuOVdSb3hPdW1JV00vRDJhbTRTClBEaTNhWTh3YlI1M2Y2cW5TZ1p4cDBrOHdvSS9MdWI1Zy9IT2xad1F1V3dPK09BcEFvSUJBUURlVmZEbXoybE4KWGxFVmUvbVhESmh3YndIZ3hKL0NaUU43VTdPZjhnbXZHSTJkNlI2eVR5T0tMTFBDc0h5NkhRam5URjUwdUZnegpKZHFOdWVGYXN4TFFGSW5HNXc1TW95L0N6VVo1TVdzM3JJRnZxOCtqTzk4RnZpRklMdG52dnhGMmk1clc0OUFhCjF0MXREU3l6cSs5OWhCVEdpbGg0NElLUE9veTlndWtJbXhieU9oUWExN0RnWW1MR0Fud3NvalpBYlJNNzJ6dmIKMDBXbFp5NDNZUkdRNFhBRklOVGtqQkQrTW02Mk5uR3BoOGZhSWVsT1NFMjI5YzBaUW9OZ3lQcjRVOERkNnlxSQpBNHlLVHhtSFFoanBXUXBNUElIL2p3c1dxMnJMN1VVY2dyVlQxWnZUQjlabStuMThQV2RmQ0Vtd1E5d1dBVzVHCjFSUmp4UWtKR1pibkFvSUJBUUN1VkVKb01zYU85UGpKUzFlZDZwK0ZPRE1zaStCOXFoMjdOVEdSYTkrS0lpai8KWnFkMFJGTDBlVU1wY0k4MWpUN1B4QVhHbk4vUERaWkVEeXZaeU5DRWFIbEpUaG43ZTdFY2hXaVBQclVNY3Q4UwpFendHd2NMVmxjaHU1dmlEVEVVbEZDQXdIKy95Sk5TOXBGVURFUmN5c2ZBM09paFVDdm1FaVFyTE0vL01sMFBUCmVBSjZnd09NdXFJSzNFS2NHMDkxMm5rOEJBdzRzNVAzckVRRkxSVXRkc29MdlRzVkJucTk0bXJGbTRtRTl6SVAKMzZPbkY1NFVCRkhNb1VPcDh3aFNrVENvdjdicWRHWjlnWmZtQUtYT05wOWMzZG5zSDJWNDlmTTRCeS84aG9xaQpnczByM2dhMWdPRWhzNWRQaDN5NE5kZmVXL0U2aGhhMTdNanFVb0d4QW9JQkFRQ2JoN2oyYlA4M3ZST3htTUVYClZodEpBNDVud29RVGc0QTFCRzl5SXVsOVVBcTQvVHVZOWwxaEtqWXhxaTRHTDR0cjZmTmxhUk5oN0VmL3Zwa1QKVHBPSmRlU1BmRkIzY2V4V05DenBXSld0STRLRU1NY1daQ3AySlBPNVAvVDZqa2xVQ1FLdThqeEFtaS9aT2s4YgovTm1TanhQTmN6ZkNqeU1sdUlwOWc1Y3FpdnM1UlVHTktYYzA3LzR5ajhoM25KMmc0ZXlEZ2JCVTdXMFo4SnpXCjVwTllLeXVtbXJueWlyelVaVWtuTTl5OUFCdmd6cm9iSmQ4ZmJzRWp1M0NXQXVIMVZ2bGpCRUFEVjZBM25HKzYKTzVXYm5zcmlXNjJBclhyUFIraDBjUzFZYldNVkd5ZGZMMnRmTERrZDhRSmY2emRKRTU5ZzBXMW9KV1NYQ2wxdwp2VExmQW9JQkFRQ3d0Z2l6WlZMR0xQUEl5UVJxajNUa3kyS2s1K1dHSUdrQ1l4WXZMVEtFZzZvbFB3anRJZzZLCno4YUNhekJIQ1BVR3dKYWt2cDdOVXZTOHo4ekwzbmFyU1RxUnRxTHFHSVEzZGk4dE9DVjJZLzRlT2VRcXU0R1gKN3FOVm5vckxsRnJiSTVzbTlqdjNUV2tCaExHRzdueDZBMnJqV3ZDNTBwVUNYY3AvMVJyOG5VcUJmaVA2VHRvZApnQ0MwQ0VGMnNNOFcwMmNTN0lIeDFVajlpbXZyaHhaZkNnSTNpbGJHUStHWFVKUUdYZGlRVGtCVS91TC9QbWFwCmJ4c2FsWG05V3VMUXV5NG4yTW5UL2RvUGlINlV6NVhqN01qMHM4ZGl0NUdWNTJmRFpNTWZOcEtqcGZSZ2Y1S1cKSXV6SVprVlBzdWt1Tlp0Yk1CeiszRU5wSkQ5bFloeWQKLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo= + + + + + 0 + + + + + + + + + + + + + + + 0 + 10 + h1,h2 + + + 10 + + + + + ipv4 + + + + + + 0 + + + + + + + + 0 + 1 + 1 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + home + + + + + + + 0 + 0 + + + 0 + + 1 + + 0 + 1 + + 0 + 0 + 0 + 0 + + 1 + + homeassistant + home + 0 + 10.0.0.2 + + + + + 0 + + + + + + + lxc-mariadb + home + 0 + 10.0.0.14 + + + + + 0 + + + + + + + vm-ansible + home + 0 + 10.0.1.11 + + + + + 0 + + + + + + + vm-docker + home + 0 + 10.0.0.8 + + + + + 0 + + + + + + + vm-docker0 + home + 0 + 10.0.0.212 + + + + + 0 + + + + + + + vm-docker10 + home + 0 + 10.0.0.20 + + + + + 0 + + + + + + + vm-docker13 + home + 0 + 10.0.1.98 + + + + + 0 + + + + + + + vm-docker2 + home + 0 + 10.0.0.26 + + + + + 0 + + + + + + + vm-docker3 + home + 0 + 10.0.1.98 + + + + + 0 + + + + + + + vm-frigate + home + 0 + 10.0.0.206 + + + + + 0 + + + + + + + vm-gitlab + home + 0 + 10.0.0.200 + + + + + 0 + + + + + + + vm-jellyfin + home + 0 + 10.0.0.33 + + + + + 0 + + + + + + + vm-mediaserver + home + 0 + 10.0.0.29 + + + + + 0 + + + + + + + vm-mesdata + home + 0 + 10.0.0.34 + + + + + 0 + + + + + + + vm-mqtt + home + 0 + 10.0.0.3 + + + + + 0 + + + + + + + vm-nodered + home + 0 + 10.0.0.9 + + + + + 0 + + + + + + + vm-vaultwarden + home + 0 + 10.0.0.16 + + + + + 0 + + + + + + + vm-weewx + home + 0 + 10.0.0.13 + + + + + 0 + + + + + + + vm-wireguard + home + 0 + 10.0.0.11 + + + + + 0 + + + + + + + vm-ytubedl + home + 0 + 10.0.0.210 + + + + + 0 + + + + + + + + + + + + 1 + 1 + 1 + wan + + + + + + + + + + + + + + + lan + + + + + 0 + 0 + + + 1400 + + 0 + + + + +