gilles/opnsense_backup
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
eaada423ab26cb22d2260c69664ee6e5aff275db
opnsense_backup/config.xml

2736 lines
97 KiB
XML
Raw Blame History

<?xml version="1.0"?>
<opnsense>
<theme>opnsense</theme>
<sysctl version="1.0.1">
<item uuid="dba80c74-c6a5-41a5-b1ef-863b358dbffd">
<tunable>vfs.read_max</tunable>
<value/>
<descr>Increase UFS read-ahead speeds to match the state of hard drives and NCQ.</descr>
</item>
<item uuid="8c542a08-7fa3-4f6e-aa89-426da2d61d4b">
<tunable>net.inet.ip.portrange.first</tunable>
<value/>
<descr>Set the ephemeral port range to be lower.</descr>
</item>
<item uuid="c03eaa7e-2f88-4fb3-86f7-703c648dc04b">
<tunable>net.inet.tcp.blackhole</tunable>
<value/>
<descr>Drop packets to closed TCP ports without returning a RST</descr>
</item>
<item uuid="d9576d5c-0dd7-4b6f-9b24-1daefaa4ac73">
<tunable>net.inet.udp.blackhole</tunable>
<value/>
<descr>Do not send ICMP port unreachable messages for closed UDP ports</descr>
</item>
<item uuid="11424c11-fb7d-42d9-a6dc-2c7e49055743">
<tunable>net.inet.ip.random_id</tunable>
<value/>
<descr>Randomize the ID field in IP packets</descr>
</item>
<item uuid="2f162afd-2f5d-4379-a960-dc91b659fd6e">
<tunable>net.inet.ip.sourceroute</tunable>
<value/>
<descr>
Source routing is another way for an attacker to try to reach non-routable addresses behind your box.
It can also be used to probe for information about your internal networks. These functions come enabled
as part of the standard FreeBSD core system.
</descr>
</item>
<item uuid="2f86f433-3d1d-4dc9-8db5-ed398ffb401a">
<tunable>net.inet.ip.accept_sourceroute</tunable>
<value/>
<descr>
Source routing is another way for an attacker to try to reach non-routable addresses behind your box.
It can also be used to probe for information about your internal networks. These functions come enabled
as part of the standard FreeBSD core system.
</descr>
</item>
<item uuid="bb93b567-77de-4ab6-afaf-c187eed49b71">
<tunable>net.inet.icmp.log_redirect</tunable>
<value/>
<descr>
This option turns off the logging of redirect packets because there is no limit and this could fill
up your logs consuming your whole hard drive.
</descr>
</item>
<item uuid="2f60bc38-eead-448c-a52b-5011cd6c41a4">
<tunable>net.inet.tcp.drop_synfin</tunable>
<value/>
<descr>Drop SYN-FIN packets (breaks RFC1379, but nobody uses it anyway)</descr>
</item>
<item uuid="6c9e2248-9cae-4ab7-af21-f03f629f553b">
<tunable>net.inet6.ip6.redirect</tunable>
<value/>
<descr>Enable sending IPv6 redirects</descr>
</item>
<item uuid="1d19bd8e-be30-4b6f-b205-c98f48bd6536">
<tunable>net.inet6.ip6.use_tempaddr</tunable>
<value/>
<descr>Enable privacy settings for IPv6 (RFC 4941)</descr>
</item>
<item uuid="eebbc072-6ecd-4b8d-9fb3-a93d454d2791">
<tunable>net.inet6.ip6.prefer_tempaddr</tunable>
<value/>
<descr>Prefer privacy addresses and use them over the normal addresses</descr>
</item>
<item uuid="b598c190-5d26-4acc-a3a2-ba59a8e276e5">
<tunable>net.inet.tcp.syncookies</tunable>
<value/>
<descr>Generate SYN cookies for outbound SYN-ACK packets</descr>
</item>
<item uuid="9e2f3f2c-d5ec-4328-9236-f230f76b77d1">
<tunable>net.inet.tcp.recvspace</tunable>
<value/>
<descr>Maximum incoming/outgoing TCP datagram size (receive)</descr>
</item>
<item uuid="cd15d8b1-b88d-44ff-b812-f94ecdc7f130">
<tunable>net.inet.tcp.sendspace</tunable>
<value/>
<descr>Maximum incoming/outgoing TCP datagram size (send)</descr>
</item>
<item uuid="15e8fdee-836d-4eec-8657-cb2aa56240d6">
<tunable>net.inet.tcp.delayed_ack</tunable>
<value/>
<descr>Do not delay ACK to try and piggyback it onto a data packet</descr>
</item>
<item uuid="f6a7203e-2d77-4533-ab7b-e9f042e87c4e">
<tunable>net.inet.udp.maxdgram</tunable>
<value/>
<descr>Maximum outgoing UDP datagram size</descr>
</item>
<item uuid="23c00305-b1e3-428d-b94a-47aa30dcd14d">
<tunable>net.link.bridge.pfil_onlyip</tunable>
<value/>
<descr>Handling of non-IP packets which are not passed to pfil (see if_bridge(4))</descr>
</item>
<item uuid="7a26351e-aac0-4b90-8b63-46d0edfc1f52">
<tunable>net.link.bridge.pfil_local_phys</tunable>
<value/>
<descr>Set to 1 to additionally filter on the physical interface for locally destined packets</descr>
</item>
<item uuid="921d58da-9e80-4845-b586-970848b74d0b">
<tunable>net.link.bridge.pfil_member</tunable>
<value/>
<descr>Set to 0 to disable filtering on the incoming and outgoing member interfaces.</descr>
</item>
<item uuid="1d966212-a0cd-476f-8791-2653ae8d8580">
<tunable>net.link.bridge.pfil_bridge</tunable>
<value/>
<descr>Set to 1 to enable filtering on the bridge interface</descr>
</item>
<item uuid="bf70147b-9e89-423c-b584-ad309c1c9a43">
<tunable>net.link.tap.user_open</tunable>
<value/>
<descr>Allow unprivileged access to tap(4) device nodes</descr>
</item>
<item uuid="eef65128-94a9-4bd9-8d58-149e65e84b43">
<tunable>kern.randompid</tunable>
<value/>
<descr>Randomize PID's (see src/sys/kern/kern_fork.c: sysctl_kern_randompid())</descr>
</item>
<item uuid="996dfe65-126a-44e3-bb6e-1600d74b6137">
<tunable>hw.syscons.kbd_reboot</tunable>
<value/>
<descr>Disable CTRL+ALT+Delete reboot from keyboard.</descr>
</item>
<item uuid="5bc2edcc-8707-4d63-9294-bb93bf463346">
<tunable>net.inet.tcp.log_debug</tunable>
<value/>
<descr>Enable TCP extended debugging</descr>
</item>
<item uuid="83676508-907b-4d64-b43b-9f075b6403cb">
<tunable>net.inet.icmp.icmplim</tunable>
<value/>
<descr>Set ICMP Limits</descr>
</item>
<item uuid="329070af-121b-4a27-9bb0-95662ad55394">
<tunable>net.inet.tcp.tso</tunable>
<value/>
<descr>TCP Offload Engine</descr>
</item>
<item uuid="7d8b4f04-a2d2-4cbd-b999-45924343f836">
<tunable>net.inet.udp.checksum</tunable>
<value/>
<descr>UDP Checksums</descr>
</item>
<item uuid="a7317ec9-1251-4163-b754-6598dde2f9c5">
<tunable>kern.ipc.maxsockbuf</tunable>
<value/>
<descr>Maximum socket buffer size</descr>
</item>
<item uuid="8487762e-b40e-4c32-94ba-cf0908fd9353">
<tunable>vm.pmap.pti</tunable>
<value/>
<descr>Page Table Isolation (Meltdown mitigation, requires reboot.)</descr>
</item>
<item uuid="33ea5b8a-49e5-456b-b0b5-c128c0ccdffb">
<tunable>hw.ibrs_disable</tunable>
<value/>
<descr>Disable Indirect Branch Restricted Speculation (Spectre V2 mitigation)</descr>
</item>
<item uuid="c1825fd3-732e-4689-a12e-3ac7abbae98c">
<tunable>security.bsd.see_other_gids</tunable>
<value/>
<descr>Hide processes running as other groups</descr>
</item>
<item uuid="34caf470-ae1b-426f-88f7-90caffe76ed7">
<tunable>security.bsd.see_other_uids</tunable>
<value/>
<descr>Hide processes running as other users</descr>
</item>
<item uuid="598e599f-0298-4f78-a1f3-e4202f208f45">
<tunable>net.inet.ip.redirect</tunable>
<value/>
<descr>Enable/disable sending of ICMP redirects in response to IP packets for which a better,
and for the sender directly reachable, route and next hop is known.
</descr>
</item>
<item uuid="eeba65e5-9848-4a84-a532-193e8a5a52d1">
<tunable>net.inet.icmp.drop_redirect</tunable>
<value>1</value>
<descr>
Redirect attacks are the purposeful mass-issuing of ICMP type 5 packets. In a normal network, redirects
to the end stations should not be required. This option enables the NIC to drop all inbound ICMP redirect
packets without returning a response.
</descr>
</item>
<item uuid="0b4507d3-5793-45ef-b1e1-ca34afeb5c73">
<tunable>net.local.dgram.maxdgram</tunable>
<value/>
<descr>Maximum outgoing UDP datagram size</descr>
</item>
</sysctl>
<system>
<optimization>normal</optimization>
<hostname>opnsense</hostname>
<domain>home</domain>
<dnsallowoverride>0</dnsallowoverride>
<group uuid="7055f85e-6e1d-4fbe-becc-312caa1b3e54">
<gid>1999</gid>
<name>admins</name>
<scope>system</scope>
<description>System Administrators</description>
<priv>page-all</priv>
<member>0,2000</member>
<source_networks/>
</group>
<user uuid="ecca05c5-1798-4589-84f4-266aedcc203e">
<uid>0</uid>
<name>root</name>
<disabled>0</disabled>
<scope>system</scope>
<expires/>
<authorizedkeys/>
<otp_seed/>
<shell/>
<password>$2y$11$c4SUQpuTdpAKxLtXChnanuO06m7Ro2rkjuHIsVQMD26oEV22MWGRW</password>
<pwd_changed_at/>
<landing_page/>
<comment/>
<email/>
<apikeys/>
<priv/>
<language/>
<descr>System Administrator</descr>
<dashboard/>
</user>
<user uuid="157c6027-602c-444b-a444-b7f41be4e19a">
<uid>2000</uid>
<name>gilles</name>
<disabled>0</disabled>
<scope>user</scope>
<expires/>
<authorizedkeys/>
<otp_seed/>
<shell>/bin/sh</shell>
<password>$2y$11$e9BIlxwYQUZ8b6P8qgZIAuMgg6Kb/7l8ZVVyex.VjNTmRWuZe05M6</password>
<pwd_changed_at/>
<landing_page/>
<comment/>
<email/>
<apikeys>4oZKfb4FVcvC3N/wYbAUb4D9yS+3bHCztnqPQS5Pz7ZlctgGYeMQNThn3gVxcyV6FWzVygSIXZa2tRzd|$6$$./RJ7bYaOuHkZG1kQVoSWaF4DA4xQ6bhHZTU8EanKRRQYShYImZ3mCSaKBh7ZmPJfT9zURfNlcJHuIpVro52x1</apikeys>
<priv>page-all</priv>
<language/>
<descr>gilles</descr>
<dashboard/>
</user>
<nextuid>2001</nextuid>
<nextgid>2000</nextgid>
<timezone>Europe/Paris</timezone>
<timeservers>0.opnsense.pool.ntp.org 1.opnsense.pool.ntp.org 2.opnsense.pool.ntp.org 3.opnsense.pool.ntp.org</timeservers>
<webgui>
<protocol>http</protocol>
<ssl-certref>6607da87d5f1f</ssl-certref>
<port/>
<ssl-ciphers/>
<interfaces/>
<compression/>
<authmode>Local Database</authmode>
</webgui>
<disablenatreflection>yes</disablenatreflection>
<usevirtualterminal>1</usevirtualterminal>
<disableconsolemenu>1</disableconsolemenu>
<disablevlanhwfilter>1</disablevlanhwfilter>
<disablechecksumoffloading>1</disablechecksumoffloading>
<disablesegmentationoffloading>1</disablesegmentationoffloading>
<disablelargereceiveoffloading>1</disablelargereceiveoffloading>
<powerd_ac_mode>hadp</powerd_ac_mode>
<powerd_battery_mode>hadp</powerd_battery_mode>
<powerd_normal_mode>hadp</powerd_normal_mode>
<bogons>
<interval>monthly</interval>
</bogons>
<pf_share_forward>1</pf_share_forward>
<lb_use_sticky>1</lb_use_sticky>
<ssh>
<group>admins</group>
<noauto>1</noauto>
<interfaces>lan</interfaces>
<kex/>
<ciphers/>
<macs/>
<keys/>
<keysig/>
<enabled>enabled</enabled>
<passwordauth>1</passwordauth>
<permitrootlogin>1</permitrootlogin>
</ssh>
<rrdbackup>-1</rrdbackup>
<netflowbackup>-1</netflowbackup>
<firmware version="1.0.1" persisted_at="1763924696.58" description="Firmware settings">
<mirror/>
<flavour/>
<plugins>os-caddy,os-cpu-microcode-intel,os-ddclient,os-dmidecode,os-git-backup,os-hw-probe,os-mdns-repeater,os-qemu-guest-agent,os-upnp,os-wol,os-zabbix-agent</plugins>
<type/>
<subscription/>
<reboot>0</reboot>
</firmware>
<language>fr_FR</language>
<dnsserver>10.0.0.15</dnsserver>
<dnsallowoverride_exclude/>
<dns1gw>none</dns1gw>
<dns2gw>none</dns2gw>
<dns3gw>none</dns3gw>
<dns4gw>none</dns4gw>
<dns5gw>none</dns5gw>
<dns6gw>none</dns6gw>
<dns7gw>none</dns7gw>
<dns8gw>none</dns8gw>
<serialspeed>115200</serialspeed>
<primaryconsole>video</primaryconsole>
<sudo_allow_wheel>1</sudo_allow_wheel>
<sudo_allow_group>admins</sudo_allow_group>
<backupcount>10</backupcount>
<backup>
<git version="1.0.0" persisted_at="1763924897,17" description="Git Backup Settings">
<enabled>1</enabled>
<url>https://gitea.maison43.duckdns.org/gilles/opnsense_backup.git</url>
<branch>main</branch>
<force_push>1</force_push>
<privkey/>
<user>gilles</user>
<password>Misstibet5*</password>
</git>
</backup>
<prefer_ipv4>1</prefer_ipv4>
</system>
<interfaces>
<wan>
<if>vtnet0</if>
<descr/>
<enable>1</enable>
<spoofmac/>
<blockpriv>1</blockpriv>
<blockbogons>1</blockbogons>
<ipaddr>dhcp</ipaddr>
<dhcphostname/>
<alias-address/>
<alias-subnet>32</alias-subnet>
<dhcprejectfrom/>
<adv_dhcp_pt_timeout/>
<adv_dhcp_pt_retry/>
<adv_dhcp_pt_select_timeout/>
<adv_dhcp_pt_reboot/>
<adv_dhcp_pt_backoff_cutoff/>
<adv_dhcp_pt_initial_interval/>
<adv_dhcp_pt_values>SavedCfg</adv_dhcp_pt_values>
<adv_dhcp_send_options/>
<adv_dhcp_request_options/>
<adv_dhcp_required_options/>
<adv_dhcp_option_modifiers/>
<adv_dhcp_config_advanced/>
<adv_dhcp_config_file_override/>
<adv_dhcp_config_file_override_path/>
</wan>
<lan>
<enable>1</enable>
<if>vtnet1</if>
<ipaddr>10.0.0.1</ipaddr>
<subnet>22</subnet>
<ipaddrv6>track6</ipaddrv6>
<subnetv6>64</subnetv6>
<media/>
<mediaopt/>
<track6-interface>wan</track6-interface>
<track6-prefix-id>0</track6-prefix-id>
<gateway/>
<gatewayv6/>
</lan>
<lo0>
<internal_dynamic>1</internal_dynamic>
<descr>Loopback</descr>
<enable>1</enable>
<if>lo0</if>
<ipaddr>127.0.0.1</ipaddr>
<ipaddrv6>::1</ipaddrv6>
<subnet>8</subnet>
<subnetv6>128</subnetv6>
<type>none</type>
<virtual>1</virtual>
</lo0>
<wireguard>
<internal_dynamic>1</internal_dynamic>
<descr>WireGuard (Group)</descr>
<if>wireguard</if>
<virtual>1</virtual>
<enable>1</enable>
<type>group</type>
<networks/>
</wireguard>
<opt1>
<if>wg0</if>
<descr>Wireguard</descr>
<enable>1</enable>
<lock>1</lock>
<spoofmac/>
</opt1>
</interfaces>
<dhcpd>
<lan>
<enable>1</enable>
<gateway>10.0.0.1</gateway>
<domain>home</domain>
<ddnsdomainalgorithm>hmac-md5</ddnsdomainalgorithm>
<ddnsupdate>1</ddnsupdate>
<netboot>1</netboot>
<nextserver>10.0.3.250</nextserver>
<filename>pxelinux.0</filename>
<numberoptions>
<item/>
</numberoptions>
<range>
<from>10.0.1.0</from>
<to>10.0.1.245</to>
</range>
<winsserver/>
<dnsserver>8.8.8.8</dnsserver>
<dnsserver>192.168.1.1</dnsserver>
<ntpserver>10.0.0.1</ntpserver>
<staticmap>
<mac>dc:a6:32:72:ef:ec</mac>
<ipaddr>10.0.1.12</ipaddr>
<hostname>solar-assistant</hostname>
<gateway>10.0.0.1</gateway>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>60:57:18:99:ed:05</mac>
<ipaddr>10.0.1.67</ipaddr>
<hostname>yoga</hostname>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>ec:71:db:d9:4d:bf</mac>
<ipaddr>10.0.1.192</ipaddr>
<hostname>RLC-410-5MP</hostname>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>bc:24:11:1f:a5:bd</mac>
<ipaddr>10.0.1.233</ipaddr>
<hostname>cosmos</hostname>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>dc:54:75:a8:47:78</mac>
<cid>ecoflow</cid>
<ipaddr>10.0.1.236</ipaddr>
<hostname>ecoflow</hostname>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>10:08:c1:39:e7:e7</mac>
<ipaddr>10.0.1.241</ipaddr>
<hostname>lg-tv</hostname>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>80:97:1b:04:12:1e</mac>
<ipaddr>10.0.1.243</ipaddr>
<hostname>apsystem_ECU_R</hostname>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>60:c5:a8:7f:5a:83</mac>
<ipaddr>10.0.1.244</ipaddr>
<hostname>apsystem_ecur_wifi</hostname>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
</lan>
</dhcpd>
<snmpd>
<syslocation/>
<syscontact/>
<rocommunity>public</rocommunity>
</snmpd>
<nat>
<outbound>
<mode>automatic</mode>
</outbound>
<rule>
<protocol>udp</protocol>
<interface>wan</interface>
<category/>
<ipprotocol>inet</ipprotocol>
<descr/>
<tag/>
<tagged/>
<poolopts/>
<associated-rule-id>nat_6607f82b9ce888.05887649</associated-rule-id>
<log>1</log>
<target>10.0.0.222</target>
<local-port>51820</local-port>
<source>
<any>1</any>
</source>
<destination>
<network>wan</network>
<port>51820</port>
</destination>
<natreflection>purenat</natreflection>
<updated>
<username>root@10.0.1.0</username>
<time>1721468862.2475</time>
<description>/firewall_nat_edit.php made changes</description>
</updated>
<created>
<username>root@10.0.0.128</username>
<time>1711798315.6428</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
<rule>
<protocol>udp</protocol>
<interface>wan</interface>
<category/>
<ipprotocol>inet</ipprotocol>
<descr/>
<tag/>
<tagged/>
<poolopts/>
<associated-rule-id>nat_6607fafb218422.21849064</associated-rule-id>
<disabled>1</disabled>
<log>1</log>
<target>10.0.0.222</target>
<local-port>51821</local-port>
<source>
<any>1</any>
</source>
<destination>
<network>wan</network>
<port>51821</port>
</destination>
<natreflection>purenat</natreflection>
<updated>
<username>root@10.0.1.0</username>
<time>1721468871.5849</time>
<description>/firewall_nat_edit.php made changes</description>
</updated>
<created>
<username>root@10.0.0.128</username>
<time>1711799035.1374</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
<rule>
<protocol>tcp</protocol>
<interface>wan</interface>
<category/>
<ipprotocol>inet</ipprotocol>
<descr/>
<tag/>
<tagged/>
<poolopts/>
<associated-rule-id>nat_661bb8d6ef88f5.62438693</associated-rule-id>
<target>10.0.0.202</target>
<local-port>80</local-port>
<source>
<any>1</any>
</source>
<destination>
<network>wanip</network>
<port>80</port>
</destination>
<updated>
<username>root@10.0.1.0</username>
<time>1721468886.1042</time>
<description>/firewall_nat_edit.php made changes</description>
</updated>
<created>
<username>root@10.0.1.0</username>
<time>1713092822.9813</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
<rule>
<protocol>tcp</protocol>
<interface>wan</interface>
<category/>
<ipprotocol>inet</ipprotocol>
<descr>Ssh</descr>
<tag/>
<tagged/>
<poolopts/>
<associated-rule-id>nat_665da9805af827.84975328</associated-rule-id>
<target>10.0.0.141</target>
<local-port>22</local-port>
<source>
<any>1</any>
</source>
<destination>
<network>wanip</network>
<port>2222</port>
</destination>
<updated>
<username>gilles@10.0.0.222</username>
<time>1734355712.8559</time>
<description>/firewall_nat_edit.php made changes</description>
</updated>
<created>
<username>root@10.0.0.11</username>
<time>1717414272.3727</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
<rule>
<protocol>tcp</protocol>
<interface>wan</interface>
<category/>
<ipprotocol>inet</ipprotocol>
<descr/>
<tag/>
<tagged/>
<poolopts/>
<associated-rule-id>nat_661bb8fa0a1542.18207141</associated-rule-id>
<target>10.0.0.202</target>
<local-port>443</local-port>
<source>
<any>1</any>
</source>
<destination>
<network>wanip</network>
<port>443</port>
</destination>
<updated>
<username>root@10.0.1.0</username>
<time>1721468895.8729</time>
<description>/firewall_nat_edit.php made changes</description>
</updated>
<created>
<username>root@10.0.1.0</username>
<time>1713092858.0414</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
<rule>
<protocol>udp</protocol>
<interface>wan</interface>
<category/>
<ipprotocol>inet</ipprotocol>
<descr/>
<tag/>
<tagged/>
<poolopts/>
<associated-rule-id>nat_66249754bbbc23.12958361</associated-rule-id>
<target>10.0.1.231</target>
<local-port>4242</local-port>
<source>
<any>1</any>
</source>
<destination>
<network>wanip</network>
<port>4242</port>
</destination>
<updated>
<username>root@10.0.1.97</username>
<time>1713674068.769</time>
<description>/firewall_nat_edit.php made changes</description>
</updated>
<created>
<username>root@10.0.1.97</username>
<time>1713674068.769</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
</nat>
<filter>
<rule uuid="861ba77f-f94f-46ba-bd01-8e6fff2a4d30">
<associated-rule-id>nat_6607f82b9ce888.05887649</associated-rule-id>
<source>
<any>1</any>
</source>
<interface>wan</interface>
<statetype>keep state</statetype>
<protocol>udp</protocol>
<ipprotocol>inet</ipprotocol>
<destination>
<address>10.0.0.222</address>
<port>51820</port>
</destination>
<descr/>
<category/>
<created>
<username>root@10.0.0.128</username>
<time>1711798315.6427</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
<log>1</log>
</rule>
<rule uuid="f3929ccb-5ac0-4186-9931-cddf7c675e9a">
<associated-rule-id>nat_6607fafb218422.21849064</associated-rule-id>
<source>
<any>1</any>
</source>
<interface>wan</interface>
<statetype>keep state</statetype>
<protocol>udp</protocol>
<ipprotocol>inet</ipprotocol>
<destination>
<address>10.0.0.222</address>
<port>51821</port>
</destination>
<log>1</log>
<descr/>
<category/>
<created>
<username>root@10.0.0.128</username>
<time>1711799035.1373</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
<disabled>1</disabled>
</rule>
<rule uuid="097b8bd0-2351-4518-966c-55b104e98d11">
<type>pass</type>
<interface>wan</interface>
<ipprotocol>inet</ipprotocol>
<statetype>keep state</statetype>
<descr>Allow client to connect to the Wireguard Service</descr>
<direction>in</direction>
<quick>1</quick>
<protocol>udp</protocol>
<source>
<any>1</any>
</source>
<destination>
<network>wanip</network>
<port>51720</port>
</destination>
<updated>
<username>root@10.0.1.109</username>
<time>1763925161,82</time>
<description>/firewall_rules_edit.php made changes</description>
</updated>
<created>
<username>root@10.0.1.0</username>
<time>1711873163.8921</time>
<description>/firewall_rules_edit.php made changes</description>
</created>
</rule>
<rule uuid="043bea08-5454-4f43-b0ec-0bd16995a66a">
<associated-rule-id>nat_661bb8d6ef88f5.62438693</associated-rule-id>
<source>
<any>1</any>
</source>
<interface>wan</interface>
<statetype>keep state</statetype>
<protocol>tcp</protocol>
<ipprotocol>inet</ipprotocol>
<destination>
<address>10.0.0.202</address>
<port>80</port>
</destination>
<descr/>
<category/>
<created>
<username>root@10.0.1.0</username>
<time>1713092822.9812</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
<rule uuid="54b325bb-982e-4339-848c-5ee75006e303">
<associated-rule-id>nat_661bb8fa0a1542.18207141</associated-rule-id>
<source>
<any>1</any>
</source>
<interface>wan</interface>
<statetype>keep state</statetype>
<protocol>tcp</protocol>
<ipprotocol>inet</ipprotocol>
<destination>
<address>10.0.0.202</address>
<port>443</port>
</destination>
<descr/>
<category/>
<created>
<username>root@10.0.1.0</username>
<time>1713092858.0414</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
<rule uuid="677ae56d-e43a-4cbc-bd34-41ee7554dee7">
<associated-rule-id>nat_66249754bbbc23.12958361</associated-rule-id>
<source>
<any>1</any>
</source>
<interface>wan</interface>
<statetype>keep state</statetype>
<protocol>udp</protocol>
<ipprotocol>inet</ipprotocol>
<destination>
<address>10.0.1.231</address>
<port>4242</port>
</destination>
<descr/>
<category/>
<created>
<username>root@10.0.1.97</username>
<time>1713674068.769</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
<rule uuid="b96a07e8-a1bf-4208-a981-04aa274e8dcd">
<associated-rule-id>nat_665da9805af827.84975328</associated-rule-id>
<source>
<any>1</any>
</source>
<interface>wan</interface>
<statetype>keep state</statetype>
<protocol>tcp</protocol>
<ipprotocol>inet</ipprotocol>
<destination>
<address>10.0.0.141</address>
<port>22</port>
</destination>
<descr>Ssh</descr>
<category/>
<created>
<username>root@10.0.0.11</username>
<time>1717414272.3726</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
<rule uuid="2e26b533-5497-431e-8d9e-b0e8ea895569">
<type>pass</type>
<interface>lan</interface>
<ipprotocol>inet</ipprotocol>
<statetype>keep state</statetype>
<descr>Default allow LAN to any rule</descr>
<direction>in</direction>
<quick>1</quick>
<source>
<any>1</any>
</source>
<destination>
<any>1</any>
</destination>
<updated>
<username>root@10.0.1.0</username>
<time>1711875400.3917</time>
<description>/firewall_rules_edit.php made changes</description>
</updated>
</rule>
<rule uuid="5cfdc89a-6eaa-4ab2-ad33-338ac33460e9">
<type>pass</type>
<interface>lan</interface>
<ipprotocol>inet6</ipprotocol>
<statetype>keep state</statetype>
<descr>Default allow LAN IPv6 to any rule</descr>
<direction>in</direction>
<disabled>1</disabled>
<quick>1</quick>
<source>
<network>lan</network>
</source>
<destination>
<any>1</any>
</destination>
<updated>
<username>root@10.0.1.109</username>
<time>1763840238,30</time>
<description>/firewall_rules_edit.php made changes</description>
</updated>
</rule>
<rule uuid="a36c51c7-f4ff-4337-bd37-9318fe662aa1">
<type>pass</type>
<interface>lan</interface>
<ipprotocol>inet</ipprotocol>
<statetype>keep state</statetype>
<direction>in</direction>
<quick>1</quick>
<protocol>tcp/udp</protocol>
<source>
<network>lan</network>
</source>
<destination>
<address>10.0.0.15/32</address>
<port>53</port>
</destination>
<updated>
<username>root@10.0.1.109</username>
<time>1763922940,25</time>
<description>/firewall_rules_edit.php made changes</description>
</updated>
<created>
<username>root@10.0.1.109</username>
<time>1763922693,30</time>
<description>/firewall_rules_edit.php made changes</description>
</created>
</rule>
<rule uuid="f37a9bce-334b-45ac-8ff9-ee75f0c0a67b">
<type>pass</type>
<interface>lan</interface>
<ipprotocol>inet</ipprotocol>
<statetype>keep state</statetype>
<direction>in</direction>
<quick>1</quick>
<source>
<network>lanip</network>
</source>
<destination>
<any>1</any>
</destination>
<updated>
<username>root@10.0.1.0</username>
<time>1711887544.5988</time>
<description>/firewall_rules_edit.php made changes</description>
</updated>
<created>
<username>root@10.0.1.0</username>
<time>1711887008.0442</time>
<description>/firewall_rules_edit.php made changes</description>
</created>
<log>1</log>
</rule>
<rule uuid="f8c860db-9912-4f0c-afeb-b112c0f6a3ff">
<type>pass</type>
<interface>opt1</interface>
<ipprotocol>inet</ipprotocol>
<statetype>keep state</statetype>
<direction>in</direction>
<quick>1</quick>
<source>
<any>1</any>
</source>
<destination>
<any>1</any>
</destination>
<updated>
<username>root@10.0.1.0</username>
<time>1711874845.3034</time>
<description>/firewall_rules_edit.php made changes</description>
</updated>
<created>
<username>root@10.0.1.0</username>
<time>1711874845.3034</time>
<description>/firewall_rules_edit.php made changes</description>
</created>
</rule>
<scrub>
<rule>
<interface>wireguard</interface>
<proto>any</proto>
<src>any</src>
<srcmask>24</srcmask>
<dst>any</dst>
<dstmask>24</dstmask>
<max-mss>1360</max-mss>
<direction>in</direction>
<updated>
<username>root@10.0.1.0</username>
<time>1711873427.8916</time>
<description>/firewall_scrub_edit.php made changes</description>
</updated>
<created>
<username>root@10.0.1.0</username>
<time>1711873427.8916</time>
<description>/firewall_scrub_edit.php made changes</description>
</created>
</rule>
</scrub>
</filter>
<rrd>
<enable/>
</rrd>
<load_balancer>
<monitor_type>
<name>ICMP</name>
<type>icmp</type>
<descr>ICMP</descr>
<options/>
</monitor_type>
<monitor_type>
<name>TCP</name>
<type>tcp</type>
<descr>Generic TCP</descr>
<options/>
</monitor_type>
<monitor_type>
<name>HTTP</name>
<type>http</type>
<descr>Generic HTTP</descr>
<options>
<path>/</path>
<host/>
<code>200</code>
</options>
</monitor_type>
<monitor_type>
<name>HTTPS</name>
<type>https</type>
<descr>Generic HTTPS</descr>
<options>
<path>/</path>
<host/>
<code>200</code>
</options>
</monitor_type>
<monitor_type>
<name>SMTP</name>
<type>send</type>
<descr>Generic SMTP</descr>
<options>
<send/>
<expect>220 *</expect>
</options>
</monitor_type>
</load_balancer>
<ntpd>
<prefer>0.opnsense.pool.ntp.org</prefer>
</ntpd>
<widgets>
<sequence>system_information-container:00000000-col1:show,cpu_usage-container:00000001-col1:show,services_status-container:00000002-col4:show,wireguard-container:00000003-col4:show,traffic_graphs-container:00000004-col4:show,dmidecode-container:00000005-col4:show,gateways-container:00000006-col6:show,interface_list-container:00000007-col6:show,interface_statistics-container:00000008-col6:show,log-container:00000009-col6:show</sequence>
<column_count>3</column_count>
<traffic_graphs_interfaces>wan</traffic_graphs_interfaces>
</widgets>
<revision>
<username>root@10.0.1.109</username>
<description>/api/unbound/settings/add_host_override/ changement(s) effectu&#xE9;(s)</description>
<time>1766670611.49</time>
</revision>
<OPNsense>
<wireguard>
<client version="1.0.0">
<clients>
<client uuid="2e6c1feb-c260-4084-845a-042e4174aa8d">
<enabled>1</enabled>
<name>test</name>
<pubkey>SwIxZQLGVYIWKo6y0KXR5XsBEenaT/fBKC0yfjQ/rmw=</pubkey>
<psk/>
<tunneladdress>10.0.10.2/32</tunneladdress>
<serveraddress>maison43.duckdns.org</serveraddress>
<serverport>51720</serverport>
<keepalive/>
</client>
</clients>
</client>
<general version="0.0.1">
<enabled>1</enabled>
</general>
<server version="1.0.1" persisted_at="1762022797.20">
<servers>
<server uuid="087dca2a-61d5-43dd-bcda-4ba51de23b59">
<enabled>1</enabled>
<name>wireguard</name>
<instance>0</instance>
<pubkey>voHbW40dMXGE5MPnMYEGjQr6zp2JvtnarHRJC4+PaUM=</pubkey>
<privkey>6CwodBia347/qUqDazOyCCBuJjWysw37ZBuQR9CUWVA=</privkey>
<port>51720</port>
<mtu/>
<dns/>
<tunneladdress>10.0.10.0/24</tunneladdress>
<disableroutes>0</disableroutes>
<gateway/>
<carp_depend_on/>
<peers>2e6c1feb-c260-4084-845a-042e4174aa8d</peers>
<debug>0</debug>
<endpoint/>
<peer_dns/>
</server>
</servers>
</server>
</wireguard>
<IPsec version="1.0.5" persisted_at="1757740796.76">
<general>
<enabled/>
<preferred_oldsa>0</preferred_oldsa>
<disablevpnrules>0</disablevpnrules>
<passthrough_networks/>
<user_source/>
<local_group/>
</general>
<charon>
<max_ikev1_exchanges/>
<threads>16</threads>
<ikesa_table_size>32</ikesa_table_size>
<ikesa_table_segments>4</ikesa_table_segments>
<init_limit_half_open>1000</init_limit_half_open>
<ignore_acquire_ts>1</ignore_acquire_ts>
<install_routes>0</install_routes>
<cisco_unity>0</cisco_unity>
<make_before_break>0</make_before_break>
<retransmit_tries/>
<retransmit_timeout/>
<retransmit_base/>
<retransmit_jitter/>
<retransmit_limit/>
<syslog>
<daemon>
<ike_name>1</ike_name>
<log_level>0</log_level>
<app>1</app>
<asn>1</asn>
<cfg>1</cfg>
<chd>1</chd>
<dmn>1</dmn>
<enc>1</enc>
<esp>1</esp>
<ike>1</ike>
<imc>1</imc>
<imv>1</imv>
<job>1</job>
<knl>1</knl>
<lib>1</lib>
<mgr>1</mgr>
<net>1</net>
<pts>1</pts>
<tls>1</tls>
<tnc>1</tnc>
</daemon>
</syslog>
<plugins>
<attr>
<subnet/>
<split-include/>
<x_28674/>
<x_28675/>
<x_28672/>
<x_28673>0</x_28673>
<x_28679/>
<dns/>
<nbns/>
</attr>
<eap-radius>
<servers/>
<accounting>0</accounting>
<class_group>0</class_group>
</eap-radius>
<xauth-pam>
<pam_service>ipsec</pam_service>
<session>0</session>
<trim_email>1</trim_email>
</xauth-pam>
</plugins>
</charon>
<keyPairs/>
<preSharedKeys/>
</IPsec>
<Swanctl version="1.0.0">
<Connections/>
<locals/>
<remotes/>
<children/>
<Pools/>
<VTIs/>
<SPDs/>
</Swanctl>
<OpenVPNExport version="0.0.1">
<servers/>
</OpenVPNExport>
<OpenVPN version="1.0.1">
<Overwrites/>
<Instances/>
<StaticKeys/>
</OpenVPN>
<captiveportal version="1.0.4">
<zones/>
<templates/>
</captiveportal>
<cron version="1.0.4">
<jobs>
<job uuid="363946bc-c1f3-445e-a761-245e3b81f579">
<origin>IDS</origin>
<enabled>0</enabled>
<minutes>0</minutes>
<hours>0</hours>
<days>*</days>
<months>*</months>
<weekdays>*</weekdays>
<who>root</who>
<command>ids update</command>
<parameters/>
<description>ids rule updates</description>
</job>
</jobs>
</cron>
<Firewall>
<Lvtemplate version="0.0.1">
<templates/>
</Lvtemplate>
<Alias version="1.0.1">
<geoip>
<url>https://1106509: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@download.maxmind.com/geoip/databases/GeoLite2-Country-CSV/download?suffix=zip</url>
</geoip>
<aliases>
<alias uuid="2ca27cd1-e5c1-4014-9043-99d0e7df1019">
<enabled>1</enabled>
<name>Geoblocking</name>
<type>geoip</type>
<proto/>
<interface/>
<counters>1</counters>
<updatefreq/>
<content>CN
BY
RU</content>
<categories/>
<description/>
</alias>
</aliases>
</Alias>
<Category version="1.0.0">
<categories/>
</Category>
<Filter version="1.0.4">
<rules/>
<snatrules/>
<npt/>
<onetoone/>
</Filter>
</Firewall>
<Netflow version="1.0.1">
<capture>
<interfaces>lan,wan</interfaces>
<egress_only>wan</egress_only>
<version>v9</version>
<targets/>
</capture>
<collect>
<enable>0</enable>
</collect>
<activeTimeout>1800</activeTimeout>
<inactiveTimeout>15</inactiveTimeout>
</Netflow>
<IDS version="1.1.1" persisted_at="1762022797.34">
<rules>
<rule uuid="b262249b-f2a1-4e05-895c-e747c8bea367">
<sid>2000016</sid>
<enabled>1</enabled>
<action>alert</action>
</rule>
<rule uuid="f72359f6-8daf-4fd3-950d-1b155188bbba">
<sid>2000013</sid>
<enabled>1</enabled>
<action>alert</action>
</rule>
<rule uuid="e1005204-a66f-4960-8ca4-954ac4917f8e">
<sid>2000012</sid>
<enabled>1</enabled>
<action>alert</action>
</rule>
<rule uuid="9d5d6fd0-15e8-4e50-a786-445952583f8d">
<sid>2000011</sid>
<enabled>1</enabled>
<action>alert</action>
</rule>
<rule uuid="b32ac6b2-1098-45b4-8b2a-1d6f5f777fc9">
<sid>2000010</sid>
<enabled>1</enabled>
<action>alert</action>
</rule>
<rule uuid="e617a767-0b75-4b54-a8b9-22f26d5e8de8">
<sid>2000009</sid>
<enabled>1</enabled>
<action>alert</action>
</rule>
<rule uuid="105eba76-6c72-4c4b-97a6-9024c12ab6bd">
<sid>2000007</sid>
<enabled>1</enabled>
<action>alert</action>
</rule>
<rule uuid="1c917fef-e9a5-4f66-a943-ec4fc20fef01">
<sid>2000006</sid>
<enabled>1</enabled>
<action>alert</action>
</rule>
<rule uuid="1b7bbe0d-ecdc-4db7-abba-c2feeeeb3f23">
<sid>2000005</sid>
<enabled>1</enabled>
<action>alert</action>
</rule>
<rule uuid="6a334751-10a9-4ea4-a83a-b62d2c886448">
<sid>2008054</sid>
<enabled>1</enabled>
<action>alert</action>
</rule>
<rule uuid="659ba334-f185-460c-ba83-311d858a2698">
<sid>2008064</sid>
<enabled>1</enabled>
<action>alert</action>
</rule>
<rule uuid="e242e9c3-31ad-40ee-848d-1a23d9318931">
<sid>2008065</sid>
<enabled>1</enabled>
<action>alert</action>
</rule>
<rule uuid="092ed4c6-ade7-472d-a666-17e8e8049992">
<sid>2009076</sid>
<enabled>1</enabled>
<action>alert</action>
</rule>
<rule uuid="273e057e-50a1-48da-a5e4-6f7f1f36d945">
<sid>2011307</sid>
<enabled>1</enabled>
<action>alert</action>
</rule>
<rule uuid="c2b12573-7303-40e4-b28d-818de263e4bb">
<sid>2011355</sid>
<enabled>1</enabled>
<action>alert</action>
</rule>
<rule uuid="4f4d4c01-2d4f-461a-bb82-7608e5904498">
<sid>2011765</sid>
<enabled>1</enabled>
<action>alert</action>
</rule>
<rule uuid="a525649a-cf47-4adc-ba84-b5a3ed67855b">
<sid>2012195</sid>
<enabled>1</enabled>
<action>alert</action>
</rule>
<rule uuid="128ad74e-7cf8-4fe5-88e3-d9701bd5fe79">
<sid>2016918</sid>
<enabled>1</enabled>
<action>alert</action>
</rule>
</rules>
<policies/>
<userDefinedRules/>
<files>
<file uuid="ddb08a17-652e-474e-8798-69f4e369f723">
<filename>abuse.ch.feodotracker.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="b8ed437a-c0ee-4173-b6c6-bc1c6eb09c5d">
<filename>opnsense.uncategorized.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="90c4e62d-333f-4e3f-961b-c342d98db721">
<filename>opnsense.test.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="09e6c3fd-e22d-4498-a210-681b26058d7d">
<filename>opnsense.social_media.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="de2b843f-1295-4e94-a44f-e177cff02162">
<filename>opnsense.messaging.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="4abf01e2-c81a-4186-a879-0126c3caa7d9">
<filename>opnsense.media_streaming.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="3009f82a-bbe1-4e0c-af83-31be5d33d6d6">
<filename>opnsense.mail.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="69dc502b-f092-4874-9e2c-b7c14cd1e4b7">
<filename>opnsense.file_transfer.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="97e5bb13-a0af-42ab-9976-d485b169b21d">
<filename>tor.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="80b68fb4-400f-4dbf-ad6e-5b5f2c2e9b44">
<filename>threatview_CS_c2.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="9935c19e-01e8-4dbb-9110-a33740db95c1">
<filename>emerging-worm.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="f1f8bb19-c49a-4575-afad-b4ed0e14f05d">
<filename>emerging-web_specific_apps.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="82287f16-718d-4833-8adb-592d7c4d58e0">
<filename>emerging-web_server.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="d2c68c23-aa73-4096-9f02-c5a2ff7a15cf">
<filename>emerging-web_client.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="50cfea54-dc0c-48e1-ac9a-9296ade4d3c6">
<filename>emerging-voip.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="87233b6f-cd5f-4ff7-bc95-cff336d09b1d">
<filename>emerging-user_agents.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="5c1c35b9-551b-4872-8796-ee3fbb8c34f9">
<filename>emerging-tftp.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="26706e09-5b18-40e8-b110-2992abd1da9b">
<filename>emerging-telnet.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="03a04ef9-122d-4a9c-8106-46789f589c20">
<filename>emerging-sql.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="8abf1395-9f95-4b6f-9773-d0b59155ec00">
<filename>emerging-snmp.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="d341e8b4-0f83-46c4-bea6-04ae5e49a281">
<filename>emerging-smtp.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="9ccbacae-6a2d-4602-94c5-6450328a1928">
<filename>emerging-shellcode.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="fc48cdf6-1ecf-44b5-a343-52923528b466">
<filename>emerging-scan.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="2bf1af17-a637-4b59-932c-074d5a184d61">
<filename>emerging-scada.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="3fd70509-481c-4e60-95c7-01529b55bd1f">
<filename>emerging-rpc.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="3b8233fa-229e-4b11-be28-faa83f7306ef">
<filename>emerging-pop3.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="21c9f57a-7aa6-4ffb-9b70-b9e80ba99bb5">
<filename>emerging-policy.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="af0a20a1-f8ed-426a-a404-38de6bd08400">
<filename>emerging-phishing.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="24df984b-10fe-49bc-800a-e65d282d92e3">
<filename>emerging-p2p.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="fac28aea-6307-4096-95dc-d2f3528b78bc">
<filename>emerging-netbios.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="c580e43e-c8d9-42ee-b4c4-c7a5bcb1ecab">
<filename>emerging-mobile_malware.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="653b57ae-f176-4589-9933-4fcdd20c951a">
<filename>emerging-misc.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="786d01dc-f806-4219-be1e-16d70a61d3eb">
<filename>emerging-malware.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="675fed36-e90d-42c3-89b3-9b9dbec2a470">
<filename>emerging-ja3.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="fc7ad906-e461-4636-9284-4a562170dc82">
<filename>emerging-info.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="e4af18c8-9e61-498d-8f65-c0be6ca1dae5">
<filename>emerging-inappropriate.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="b03e11a8-81e9-453a-bb72-6e2d0ef8433a">
<filename>emerging-imap.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="3caf9fc5-f8a1-4417-b5d2-0e6be1d3e581">
<filename>emerging-icmp_info.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="530bd850-1def-482a-b9a8-78bae002bf8a">
<filename>emerging-icmp.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="2f0eed04-4f73-429e-9830-4761b5b0a3a2">
<filename>emerging-hunting.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="a380d1f6-40e3-4a5f-90b4-224074718ca5">
<filename>emerging-games.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="338e8aca-eed8-45ee-8a49-683296ad1a25">
<filename>emerging-ftp.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="8434ad29-749e-4114-a0c7-92c6748068ce">
<filename>emerging-exploit_kit.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="ed3f7a5c-deb7-4a8a-be94-f7e31512b706">
<filename>emerging-exploit.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="14aac676-4b19-4a9e-a2a6-71295955d665">
<filename>emerging-dos.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="16eb367a-69b2-4fc5-a94e-9f88198c8aba">
<filename>emerging-dns.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="9d5285ac-db66-4433-9e5a-1684e7ba432a">
<filename>emerging-deleted.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="51bda86c-bc78-467b-8067-74b1e5274cd1">
<filename>emerging-current_events.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="bd5da71a-0443-40b6-be23-aebee3aac65f">
<filename>emerging-coinminer.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="5ef2d58d-1295-4885-8a5a-88ad26f8c735">
<filename>emerging-chat.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="b1de2c72-2ea4-4400-b0ce-e463097679a1">
<filename>emerging-attack_response.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="ceb1980a-1361-496e-bbf8-5773342a6a7a">
<filename>emerging-adware_pup.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="5283398e-4e9a-42a3-814c-f94f93e9d38b">
<filename>emerging-activex.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="62414d51-f4cb-4710-a91d-ee8e41f95b23">
<filename>dshield.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="5b6b5b65-ede8-44ca-9eb8-5dbfbf3ba407">
<filename>drop.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="5abb8941-73e7-4b3a-a461-eb1252d3d54f">
<filename>compromised.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="62dbec21-3904-4d20-a009-8c5f502d821f">
<filename>ciarmy.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="d6a308d7-1cb1-4eba-850b-85dcc5644158">
<filename>botcc.portgrouped.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="a740a571-ee34-4c26-92e2-dbe66a061bf9">
<filename>botcc.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="1b15092b-a3fb-4fe6-af3c-04b6ab709928">
<filename>3coresec.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="9c66acbc-fdd0-4777-a789-a8719e37bc13">
<filename>abuse.ch.urlhaus.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="ddec40ec-872d-41b2-bfe1-9eb7eab4a09e">
<filename>abuse.ch.threatfox.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="e6e9802e-5127-4787-8f5c-226a254ec25d">
<filename>abuse.ch.sslipblacklist.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="132d90ca-7f10-42d9-bb75-787635f46d7e">
<filename>abuse.ch.sslblacklist.rules</filename>
<enabled>1</enabled>
</file>
</files>
<fileTags/>
<general>
<enabled>1</enabled>
<ips>0</ips>
<promisc>0</promisc>
<interfaces>wan</interfaces>
<homenet>192.168.0.0/16,10.0.0.0/8,172.16.0.0/12</homenet>
<defaultPacketSize/>
<UpdateCron>363946bc-c1f3-445e-a761-245e3b81f579</UpdateCron>
<AlertLogrotate>W0D23</AlertLogrotate>
<AlertSaveLogs>4</AlertSaveLogs>
<MPMAlgo/>
<detect>
<Profile/>
<toclient_groups/>
<toserver_groups/>
</detect>
<syslog>1</syslog>
<syslog_eve>0</syslog_eve>
<LogPayload>0</LogPayload>
<verbosity/>
<eveLog>
<http>
<enable>0</enable>
<extended>0</extended>
<dumpAllHeaders/>
</http>
<tls>
<enable>0</enable>
<extended>0</extended>
<sessionResumption>0</sessionResumption>
<custom/>
</tls>
</eveLog>
</general>
</IDS>
<Interfaces>
<loopbacks version="1.0.0"/>
<neighbors version="1.0.0"/>
<vxlans version="1.0.2"/>
</Interfaces>
<Kea>
<ctrl_agent version="0.0.1">
<general>
<enabled>0</enabled>
<http_host>127.0.0.1</http_host>
<http_port>8000</http_port>
</general>
</ctrl_agent>
<dhcp4 version="1.0.4" persisted_at="1754480138.60">
<general>
<enabled>0</enabled>
<manual_config>0</manual_config>
<interfaces/>
<valid_lifetime>4000</valid_lifetime>
<fwrules>1</fwrules>
<dhcp_socket_type>raw</dhcp_socket_type>
</general>
<ha>
<enabled>0</enabled>
<this_server_name/>
<max_unacked_clients>2</max_unacked_clients>
</ha>
<subnets/>
<reservations/>
<ha_peers/>
</dhcp4>
<dhcp6 version="1.0.0" persisted_at="1763924154.03" description="Kea DHCPv6 configuration">
<general>
<enabled>0</enabled>
<manual_config>0</manual_config>
<interfaces/>
<valid_lifetime>4000</valid_lifetime>
<fwrules>1</fwrules>
</general>
<lexpire>
<hold_reclaimed_time/>
<reclaim_timer_wait_time/>
<flush_reclaimed_timer_wait_time/>
<max_reclaim_time/>
<max_reclaim_leases/>
<unwarned_reclaim_cycles/>
</lexpire>
<ha>
<enabled>0</enabled>
<this_server_name/>
<max_unacked_clients>2</max_unacked_clients>
</ha>
<subnets/>
<reservations/>
<pd_pools/>
<ha_peers/>
</dhcp6>
</Kea>
<monit version="1.0.14" persisted_at="1757740796.20">
<general>
<enabled>0</enabled>
<interval>120</interval>
<startdelay>120</startdelay>
<mailserver>127.0.0.1</mailserver>
<port>25</port>
<username/>
<password/>
<ssl>0</ssl>
<sslversion>auto</sslversion>
<sslverify>1</sslverify>
<logfile/>
<statefile/>
<eventqueuePath/>
<eventqueueSlots/>
<httpdEnabled>0</httpdEnabled>
<httpdUsername>root</httpdUsername>
<httpdPassword>2eWJ1KCbKrYL09TU9OrXqkomJyk</httpdPassword>
<httpdPort>2812</httpdPort>
<httpdAllow/>
<mmonitUrl/>
<mmonitTimeout>5</mmonitTimeout>
<mmonitRegisterCredentials>1</mmonitRegisterCredentials>
</general>
<alert uuid="becaf9fd-43d2-43ff-8a70-0c6f90ed73ee">
<enabled>0</enabled>
<recipient>root@localhost.local</recipient>
<noton>0</noton>
<events/>
<format/>
<reminder/>
<description/>
</alert>
<service uuid="dcbfffcf-9dfc-48d8-93e2-99e957c28fa8">
<enabled>1</enabled>
<name>$HOST</name>
<description/>
<type>system</type>
<pidfile/>
<match/>
<path/>
<timeout>300</timeout>
<starttimeout>30</starttimeout>
<address/>
<interface/>
<start/>
<stop/>
<tests>19a7dae6-e858-415f-90b3-316fcee88d4f,6cfb26d0-a9eb-4db5-a4d8-2aab45f6fafd,17f136cd-5730-427e-82c7-5607afb399f5,28aade0b-0568-40aa-babd-24521bd2166a</tests>
<depends/>
<polltime/>
</service>
<service uuid="b390af21-7935-4bc2-a224-b0b97aa71f82">
<enabled>1</enabled>
<name>RootFs</name>
<description/>
<type>filesystem</type>
<pidfile/>
<match/>
<path>/</path>
<timeout>300</timeout>
<starttimeout>30</starttimeout>
<address/>
<interface/>
<start/>
<stop/>
<tests>a0773493-306b-43f6-b13b-d733bcd6d8ed</tests>
<depends/>
<polltime/>
</service>
<service uuid="d2ae0e33-64b0-476c-b809-a36befd710d7">
<enabled>0</enabled>
<name>carp_status_change</name>
<description/>
<type>custom</type>
<pidfile/>
<match/>
<path>/usr/local/opnsense/scripts/monit/carp_status.php</path>
<timeout>300</timeout>
<starttimeout>30</starttimeout>
<address/>
<interface/>
<start/>
<stop/>
<tests>c578b7db-4bb0-47aa-94ad-d9310feb90e7</tests>
<depends/>
<polltime/>
</service>
<service uuid="92368379-e77f-4358-812f-2ad9f4f4098e">
<enabled>0</enabled>
<name>gateway_alert</name>
<description/>
<type>custom</type>
<pidfile/>
<match/>
<path>/usr/local/opnsense/scripts/monit/gateway_alert.php</path>
<timeout>300</timeout>
<starttimeout>30</starttimeout>
<address/>
<interface/>
<start/>
<stop/>
<tests>b11890a8-3088-4ce0-952e-5f2ada40d073</tests>
<depends/>
<polltime/>
</service>
<test uuid="cfbac5d6-99d5-45d5-a51e-2fc0c83ab045">
<name>Ping</name>
<type>NetworkPing</type>
<condition>failed ping</condition>
<action>alert</action>
<path/>
</test>
<test uuid="007dad1b-6c47-4217-924e-e53f9199bf1b">
<name>NetworkLink</name>
<type>NetworkInterface</type>
<condition>failed link</condition>
<action>alert</action>
<path/>
</test>
<test uuid="7e75214b-5d6d-4858-b42f-6ecf6de4e280">
<name>NetworkSaturation</name>
<type>NetworkInterface</type>
<condition>saturation is greater than 75%</condition>
<action>alert</action>
<path/>
</test>
<test uuid="19a7dae6-e858-415f-90b3-316fcee88d4f">
<name>MemoryUsage</name>
<type>SystemResource</type>
<condition>memory usage is greater than 75%</condition>
<action>alert</action>
<path/>
</test>
<test uuid="6cfb26d0-a9eb-4db5-a4d8-2aab45f6fafd">
<name>CPUUsage</name>
<type>SystemResource</type>
<condition>cpu usage is greater than 75%</condition>
<action>alert</action>
<path/>
</test>
<test uuid="17f136cd-5730-427e-82c7-5607afb399f5">
<name>LoadAvg1</name>
<type>SystemResource</type>
<condition>loadavg (1min) is greater than 6</condition>
<action>alert</action>
<path/>
</test>
<test uuid="28aade0b-0568-40aa-babd-24521bd2166a">
<name>LoadAvg5</name>
<type>SystemResource</type>
<condition>loadavg (5min) is greater than 4.5</condition>
<action>alert</action>
<path/>
</test>
<test uuid="3e09b6a8-9b0b-4075-a7e4-e3fb3b075618">
<name>LoadAvg15</name>
<type>SystemResource</type>
<condition>loadavg (15min) is greater than 3</condition>
<action>alert</action>
<path/>
</test>
<test uuid="a0773493-306b-43f6-b13b-d733bcd6d8ed">
<name>SpaceUsage</name>
<type>SpaceUsage</type>
<condition>space usage is greater than 75%</condition>
<action>alert</action>
<path/>
</test>
<test uuid="c578b7db-4bb0-47aa-94ad-d9310feb90e7">
<name>ChangedStatus</name>
<type>ProgramStatus</type>
<condition>changed status</condition>
<action>alert</action>
<path/>
</test>
<test uuid="b11890a8-3088-4ce0-952e-5f2ada40d073">
<name>NonZeroStatus</name>
<type>ProgramStatus</type>
<condition>status != 0</condition>
<action>alert</action>
<path/>
</test>
</monit>
<Gateways version="1.0.0" persisted_at="1763924977.04" description="Gateways configuration">
<gateway_item uuid="2f51bbf2-0992-4584-bcc1-db9e833d411a">
<disabled>0</disabled>
<name>WAN_GW</name>
<descr>WAN Gateway</descr>
<interface>wan</interface>
<ipprotocol>inet</ipprotocol>
<gateway/>
<defaultgw>1</defaultgw>
<fargw/>
<monitor_disable>1</monitor_disable>
<monitor_noroute/>
<monitor_killstates>0</monitor_killstates>
<monitor_killstates_priority>0</monitor_killstates_priority>
<monitor/>
<force_down/>
<priority>255</priority>
<weight>1</weight>
<latencylow/>
<latencyhigh/>
<losslow/>
<losshigh/>
<interval/>
<time_period/>
<loss_interval/>
<data_length/>
</gateway_item>
<gateway_item uuid="dd7e1011-bf8d-48f6-b511-e2ea3a04a1db">
<disabled>1</disabled>
<name>WAN_DHCP6</name>
<descr>Interface WAN_DHCP6 Gateway</descr>
<interface>wan</interface>
<ipprotocol>inet6</ipprotocol>
<gateway/>
<defaultgw>0</defaultgw>
<fargw>0</fargw>
<monitor_disable>1</monitor_disable>
<monitor_noroute>0</monitor_noroute>
<monitor_killstates>0</monitor_killstates>
<monitor_killstates_priority>0</monitor_killstates_priority>
<monitor/>
<force_down>0</force_down>
<priority>254</priority>
<weight>1</weight>
<latencylow/>
<latencyhigh/>
<losslow/>
<losshigh/>
<interval/>
<time_period/>
<loss_interval/>
<data_length/>
</gateway_item>
</Gateways>
<Syslog version="1.0.2">
<general>
<enabled>1</enabled>
<loglocal>1</loglocal>
<maxpreserve>31</maxpreserve>
<maxfilesize/>
</general>
<destinations/>
</Syslog>
<TrafficShaper version="1.0.3">
<pipes/>
<queues/>
<rules/>
</TrafficShaper>
<unboundplus version="1.0.13" persisted_at="1766670611.49" description="Unbound configuration">
<general>
<enabled>0</enabled>
<port>53</port>
<stats/>
<active_interface/>
<dnssec>0</dnssec>
<dns64>0</dns64>
<dns64prefix/>
<noarecords>0</noarecords>
<regdhcp>1</regdhcp>
<regdhcpdomain/>
<regdhcpstatic>0</regdhcpstatic>
<noreglladdr6>0</noreglladdr6>
<noregrecords>0</noregrecords>
<txtsupport>0</txtsupport>
<cacheflush>0</cacheflush>
<safesearch/>
<local_zone_type>transparent</local_zone_type>
<outgoing_interface/>
<enable_wpad>0</enable_wpad>
</general>
<advanced>
<hideidentity>0</hideidentity>
<hideversion>0</hideversion>
<prefetch>0</prefetch>
<prefetchkey>0</prefetchkey>
<dnssecstripped>0</dnssecstripped>
<aggressivensec>1</aggressivensec>
<serveexpired>0</serveexpired>
<serveexpiredreplyttl/>
<serveexpiredttl/>
<serveexpiredttlreset>0</serveexpiredttlreset>
<serveexpiredclienttimeout/>
<qnameminstrict>0</qnameminstrict>
<extendedstatistics>0</extendedstatistics>
<logqueries>0</logqueries>
<logreplies>0</logreplies>
<logtagqueryreply>0</logtagqueryreply>
<logservfail>0</logservfail>
<loglocalactions>0</loglocalactions>
<logverbosity>1</logverbosity>
<valloglevel>0</valloglevel>
<privatedomain/>
<privateaddress>0.0.0.0/8,10.0.0.0/8,100.64.0.0/10,169.254.0.0/16,172.16.0.0/12,192.0.2.0/24,192.168.0.0/16,198.18.0.0/15,198.51.100.0/24,203.0.113.0/24,233.252.0.0/24</privateaddress>
<insecuredomain/>
<msgcachesize/>
<rrsetcachesize/>
<outgoingnumtcp/>
<incomingnumtcp/>
<numqueriesperthread/>
<outgoingrange/>
<jostletimeout/>
<discardtimeout/>
<cachemaxttl/>
<cachemaxnegativettl/>
<cacheminttl/>
<infrahostttl/>
<infrakeepprobing>0</infrakeepprobing>
<infracachenumhosts/>
<unwantedreplythreshold/>
</advanced>
<acls>
<default_action>allow</default_action>
</acls>
<dnsbl/>
<forwarding>
<enabled/>
</forwarding>
<dots/>
<hosts>
<host uuid="f40152ab-d686-448c-bab9-07ecd44a3666">
<enabled>1</enabled>
<hostname>homeassistant</hostname>
<domain>home</domain>
<rr>A</rr>
<mxprio/>
<mx/>
<ttl/>
<server>10.0.0.2</server>
<txtdata/>
<description/>
</host>
<host uuid="c227f354-65c1-493d-9721-e48eeadfdacf">
<enabled>1</enabled>
<hostname>lxc-mariadb</hostname>
<domain>home</domain>
<rr>A</rr>
<mxprio/>
<mx/>
<ttl/>
<server>10.0.0.14</server>
<txtdata/>
<description/>
</host>
<host uuid="fa34e4b0-b433-4c6f-ae14-cab48ddb0978">
<enabled>1</enabled>
<hostname>vm-ansible</hostname>
<domain>home</domain>
<rr>A</rr>
<mxprio/>
<mx/>
<ttl/>
<server>10.0.1.11</server>
<txtdata/>
<description/>
</host>
<host uuid="24c783c9-dc22-4ff8-a14f-dc2ab42957c4">
<enabled>1</enabled>
<hostname>vm-docker8</hostname>
<domain>home</domain>
<rr>A</rr>
<mxprio/>
<mx/>
<ttl/>
<server>10.0.0.8</server>
<txtdata/>
<description/>
</host>
<host uuid="38355383-b078-4849-9841-232ebae0d463">
<enabled>1</enabled>
<hostname>vm-docker0</hostname>
<domain>home</domain>
<rr>A</rr>
<mxprio/>
<mx/>
<ttl/>
<server>10.0.0.212</server>
<txtdata/>
<description/>
</host>
<host uuid="77308666-4ae5-4fb7-8d15-2412ad02c3e9">
<enabled>1</enabled>
<hostname>vm-docker10</hostname>
<domain>home</domain>
<rr>A</rr>
<mxprio/>
<mx/>
<ttl/>
<server>10.0.0.20</server>
<txtdata/>
<description/>
</host>
<host uuid="d4564bd4-54f8-40b5-a229-42c68a442394">
<enabled>1</enabled>
<hostname>vm-docker13</hostname>
<domain>home</domain>
<rr>A</rr>
<mxprio/>
<mx/>
<ttl/>
<server>10.0.1.98</server>
<txtdata/>
<description/>
</host>
<host uuid="ed4fca39-ca0f-4c6c-ba46-f64158e3c43d">
<enabled>1</enabled>
<hostname>vm-docker2</hostname>
<domain>home</domain>
<rr>A</rr>
<mxprio/>
<mx/>
<ttl/>
<server>10.0.0.26</server>
<txtdata/>
<description/>
</host>
<host uuid="0ee62546-5e14-4744-ae79-8bdf05c83810">
<enabled>1</enabled>
<hostname>vm-docker3</hostname>
<domain>home</domain>
<rr>A</rr>
<mxprio/>
<mx/>
<ttl/>
<server>10.0.1.98</server>
<txtdata/>
<description/>
</host>
<host uuid="f27f1f86-bf9d-487f-8481-80ab13e07d04">
<enabled>1</enabled>
<hostname>vm-frigate</hostname>
<domain>home</domain>
<rr>A</rr>
<mxprio/>
<mx/>
<ttl/>
<server>10.0.0.206</server>
<txtdata/>
<description/>
</host>
<host uuid="2be929e5-0506-4f0a-ad4e-d55f30865322">
<enabled>1</enabled>
<hostname>vm-gitlab</hostname>
<domain>home</domain>
<rr>A</rr>
<mxprio/>
<mx/>
<ttl/>
<server>10.0.0.200</server>
<txtdata/>
<description/>
</host>
<host uuid="de31e06a-ca0a-4daa-b54a-d4ba43fec06d">
<enabled>1</enabled>
<hostname>vm-jellyfin</hostname>
<domain>home</domain>
<rr>A</rr>
<mxprio/>
<mx/>
<ttl/>
<server>10.0.0.33</server>
<txtdata/>
<description/>
</host>
</hosts>
<aliases/>
</unboundplus>
<DynDNS version="1.5.1">
<general>
<enabled>1</enabled>
<verbose>1</verbose>
<allowipv6>0</allowipv6>
<daemon_delay>300</daemon_delay>
<backend>opnsense</backend>
</general>
<accounts>
<account uuid="1f3f26fe-959d-4cb8-afdf-b9386978e85c">
<enabled>1</enabled>
<service>duckdns</service>
<protocol/>
<server/>
<username/>
<password>0fd20557-743c-41da-858e-724143602751</password>
<resourceId/>
<hostnames>maison43.duckdns.org</hostnames>
<wildcard>0</wildcard>
<zone/>
<checkip>web_dyndns</checkip>
<checkip_timeout>10</checkip_timeout>
<force_ssl>1</force_ssl>
<ttl>300</ttl>
<interface>wan</interface>
<description>Duckdns</description>
</account>
</accounts>
</DynDNS>
<DHCRelay version="1.0.1"/>
<hwprobe>
<general version="0.0.1">
<enabled>0</enabled>
</general>
</hwprobe>
<MDNSRepeater version="1.0.1" persisted_at="1763924220.67" description="mdns-repeater settings">
<enabled>0</enabled>
<enablecarp>1</enablecarp>
<interfaces>lan</interfaces>
<blocklist/>
</MDNSRepeater>
<QemuGuestAgent version="1.0.0">
<general>
<Enabled>1</Enabled>
<LogDebug>0</LogDebug>
<DisabledRPCs/>
</general>
</QemuGuestAgent>
<trust>
<general version="1.0.1">
<store_intermediate_certs>0</store_intermediate_certs>
<install_crls>0</install_crls>
<fetch_crls>0</fetch_crls>
<enable_legacy_sect>1</enable_legacy_sect>
<enable_config_constraints>0</enable_config_constraints>
<CipherString/>
<Ciphersuites/>
<groups/>
<MinProtocol/>
<MinProtocol_DTLS/>
</general>
</trust>
<ZabbixAgent version="1.2.4">
<local>
<hostname>Zabbix agent</hostname>
</local>
<settings>
<main>
<enabled>1</enabled>
<serverList>10.0.1.236</serverList>
<listenPort>10050</listenPort>
<listenIP>0.0.0.0</listenIP>
<sourceIP/>
<syslogEnable>0</syslogEnable>
<logFileSize>100</logFileSize>
<debugLevel>val_3</debugLevel>
<sudoRoot>0</sudoRoot>
</main>
<tuning>
<startAgents>3</startAgents>
<bufferSend>5</bufferSend>
<bufferSize>100</bufferSize>
<maxLinesPerSecond>100</maxLinesPerSecond>
<timeout>3</timeout>
</tuning>
<features>
<enableActiveChecks>1</enableActiveChecks>
<activeCheckServers>10.0.1.236</activeCheckServers>
<refreshActiveChecks>120</refreshActiveChecks>
<enableRemoteCommands>0</enableRemoteCommands>
<logRemoteCommands>0</logRemoteCommands>
<encryption>0</encryption>
<encryptionidentity/>
<encryptionpsk/>
</features>
</settings>
<userparameters/>
<aliases/>
</ZabbixAgent>
</OPNsense>
<openvpn/>
<ifgroups version="1.0.0"/>
<laggs version="1.0.0">
<lagg/>
</laggs>
<virtualip version="1.0.1">
<vip/>
</virtualip>
<vlans version="1.0.0">
<vlan/>
</vlans>
<staticroutes version="1.0.0">
<route/>
</staticroutes>
<bridges version="1.0.0">
<bridged/>
</bridges>
<gifs version="1.0.0">
<gif/>
</gifs>
<gres version="1.0.0">
<gre/>
</gres>
<ppps>
<ppp/>
</ppps>
<wireless>
<clone/>
</wireless>
<ca/>
<dhcpdv6>
<lan>
<enable>-1</enable>
<ramode>disabled</ramode>
</lan>
</dhcpdv6>
<cert uuid="d39544d8-1b90-49b4-a3ad-2e59347433a7">
<refid>6607d788bf4eb</refid>
<descr>Web GUI TLS certificate</descr>
<caref/>
<crt>LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUhIakNDQlFhZ0F3SUJBZ0lVVndjK1BlYUltalhKK0FBYUdHRG9OM3BCVi9Zd0RRWUpLb1pJaHZjTkFRRUwKQlFBd2dZa3hIVEFiQmdOVkJBTU1GRTlRVG5ObGJuTmxMbXh2WTJGc1pHOXRZV2x1TVFzd0NRWURWUVFHRXdKTwpUREVWTUJNR0ExVUVDQXdNV25WcFpDMUliMnhzWVc1a01SVXdFd1lEVlFRSERBeE5hV1JrWld4b1lYSnVhWE14CkxUQXJCZ05WQkFvTUpFOVFUbk5sYm5ObElITmxiR1l0YzJsbmJtVmtJSGRsWWlCalpYSjBhV1pwWTJGMFpUQWUKRncweU5EQXpNekF3T1RFeU5ESmFGdzB5TlRBMU1ERXdPVEV5TkRKYU1JR0pNUjB3R3dZRFZRUUREQlJQVUU1egpaVzV6WlM1c2IyTmhiR1J2YldGcGJqRUxNQWtHQTFVRUJoTUNUa3d4RlRBVEJnTlZCQWdNREZwMWFXUXRTRzlzCmJHRnVaREVWTUJNR0ExVUVCd3dNVFdsa1pHVnNhR0Z5Ym1sek1TMHdLd1lEVlFRS0RDUlBVRTV6Wlc1elpTQnoKWld4bUxYTnBaMjVsWkNCM1pXSWdZMlZ5ZEdsbWFXTmhkR1V3Z2dJaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQwpEd0F3Z2dJS0FvSUNBUUNMS3FLelg4QUVFcSs5MzNlUm1qTC9hdW5DMXZOaVlkVkZ4Y214OGJEd09YNG90cWJNCnk2dmIwSlZxVDQvSTFlZ2h0L05iL2ZEVGtoT3RtRmFjd0ZtRWthNGwrUlptbUN3a1p1Ukl0NldQcXpnZkhSc3MKY01LbmltSHR4OXJvd3FVa1VKNHpWZHdwcitGS08wRmYrOFdoT0xVWWdwN2c1TEhRNnpTNE9kSzlqSWNYdHJxNwpvOXVEOXBVN3d6cmZWNm9oT0FzYTdtVXdVQUlJeXVNT3Q4RXFiUzlOcTVLVEJZVDAyekV6MzRaYkZGM0ZOMGRxCnpVYXd6ZWd5ODFYSWVNeldhaG1OdTBNWWtMSlRrRjE4ZHhaN25zdXFqOW85TlpNckZTYnU1eVVJSnQxWG9Bc3AKaGN0VERQR1RzRjZFS2hFL3FyS2F1ZFVKeVN3eWNuS2VLNzhxRkEvNWVscjk4VzFWUXZhRlVOcHRGUFVObjJVWQpkUkZMNnVVUDJtNjhicG1rRktVN2ZTM2MvTEVvZHRNS3B1K2s4MGVLVEpDVWFNZnluMnpzSTV4M01Xd1dYYTRaCnZ0RFdxZEFiemF3aUNrVVVtRVZ6cVFtYVJFM3QyR1ZqR0Z0eTl4MXo5cFF1YSttSUs4VWxBdVdka20zc1pveHcKOXk0Z3dveU9oL2VCdjNjeHE3VC9kRUp1TUx4cFc1OEZ1cGMzajVhNEVqcnJJWXR3NGIrdVk5eDZuU3FLUklCZQpGZWU3L2ovbWtBUUV1Y1lsZkYrK3hiL3NGbVhQUEdkMmhwWFVYdmpDaTRQSUlxUWt3WlMzUlRlMVVtVE93OS84ClQ4VHluSHNnZ0h1WjRUK2dMSXFTZFhNd0JaNWtvaXJUSzVWUXFsNU5oZmdFcTAvenRTR1dLL2Zla3dJREFRQUIKbzRJQmVqQ0NBWFl3Q1FZRFZSMFRCQUl3QURBUkJnbGdoa2dCaHZoQ0FRRUVCQU1DQmtBd05BWUpZSVpJQVliNApRZ0VOQkNjV0pVOVFUbk5sYm5ObElFZGxibVZ5WVhSbFpDQlRaWEoyWlhJZ1EyVnlkR2xtYVdOaGRHVXdIUVlEClZSME9CQllFRkZZZE9vcWVmcWJLZmRocCs5ZjlRRy9IVGtSdk1JR3pCZ05WSFNNRWdhc3dnYWloZ1kra2dZd3cKZ1lreEhUQWJCZ05WQkFNTUZFOVFUbk5sYm5ObExteHZZMkZzWkc5dFlXbHVNUXN3Q1FZRFZRUUdFd0pPVERFVgpNQk1HQTFVRUNBd01XblZwWkMxSWIyeHNZVzVrTVJVd0V3WURWUVFIREF4TmFXUmtaV3hvWVhKdWFYTXhMVEFyCkJnTlZCQW9NSkU5UVRuTmxibk5sSUhObGJHWXRjMmxuYm1Wa0lIZGxZaUJqWlhKMGFXWnBZMkYwWllJVVZ3YysKUGVhSW1qWEorQUFhR0dEb04zcEJWL1l3SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQ0FJQwpNQXNHQTFVZER3UUVBd0lGb0RBZkJnTlZIUkVFR0RBV2doUlBVRTV6Wlc1elpTNXNiMk5oYkdSdmJXRnBiakFOCkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQUk0ZVROdDBhdGJ2ZE94alliVXR4YnlKWWt1VTh3cnphaGI3ZGJSdm8Kcnd1alBrT2t2c2gyUjlYMW1IOFFhamhVMlRSMCticER0eTNWRk9oQnpMbjhhWUI3RHZUcmFGSG9hVHFiVitTYQpLRmsxRDdNRk1SaGVHZG9IZnRNTG5GR2syazE2RkVkYUF0ZXhFMnJqclVINzJrNERuZDlsOTBYaG02LzV4d0JSCkJnellJS1VJN0V5KzhIb29JQjFDYWh2Tng5Q052ZXhyQkZLZU01VGtKYm1lY2ZqaDgwZGdlOU1MdnNTQVAxdWkKcDBoM21QN00zMElHanVzQWdna3lmVGE5THZ5UWhOWnNsdDU3QWtuWTFQaFFBRVozRkdTVFp1NllFTDZYNVh5VgpibVU1ckxQbDl1aEQzVkk5MnNRd0hOMFRTVHc3WGhsai9sa2h2L3JUeXdNRGZjNnROTWlHRmFyczJ1cnk2MnhyCkhNNHlYZEJLU1BnbUg1MEJVYitLZnUwa1N2VTNYNlI2Uzdxa25mNWtJN0IyNy9EY29Sc2VnN1FTeGl4RUQvbzAKYkRDMTlncTArWUw3WE85cit2dGNFOGk2SVB4MFZPWnVXbldyZCt5NEMxMVpPVHdjbi83S3I4ZWhxNm16WkFhdQpxTHFSeGhHTG5ER0dYazBZNS9EZUM0T01XUWk5U01DQXU3TkROekFGN2l0Z2pKczVwUVE5UzdBeExpYzlvajR1ClhZVjBZUlBQMk9nV09oVFYwblRpNVZaRUZLUlJsU0RvbmhmSlhicXVvaHNveUZsbURmbGdYU2RlR2tZOGdnWEUKRGhKTS9IekoreUhXcmpPaWg1TDZMaTBpM2g5M2tmRStaY1NtWVo2THJmQTZLeXpZTWhyclhuMDZ1bnRyc3MrbQpDWlU9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K</crt>
<csr/>
<prv>LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUpRZ0lCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQ1N3d2dna29BZ0VBQW9JQ0FRQ0xLcUt6WDhBRUVxKzkKMzNlUm1qTC9hdW5DMXZOaVlkVkZ4Y214OGJEd09YNG90cWJNeTZ2YjBKVnFUNC9JMWVnaHQvTmIvZkRUa2hPdAptRmFjd0ZtRWthNGwrUlptbUN3a1p1Ukl0NldQcXpnZkhSc3NjTUtuaW1IdHg5cm93cVVrVUo0elZkd3ByK0ZLCk8wRmYrOFdoT0xVWWdwN2c1TEhRNnpTNE9kSzlqSWNYdHJxN285dUQ5cFU3d3pyZlY2b2hPQXNhN21Vd1VBSUkKeXVNT3Q4RXFiUzlOcTVLVEJZVDAyekV6MzRaYkZGM0ZOMGRxelVhd3plZ3k4MVhJZU16V2FobU51ME1Za0xKVAprRjE4ZHhaN25zdXFqOW85TlpNckZTYnU1eVVJSnQxWG9Bc3BoY3RURFBHVHNGNkVLaEUvcXJLYXVkVUp5U3d5CmNuS2VLNzhxRkEvNWVscjk4VzFWUXZhRlVOcHRGUFVObjJVWWRSRkw2dVVQMm02OGJwbWtGS1U3ZlMzYy9MRW8KZHRNS3B1K2s4MGVLVEpDVWFNZnluMnpzSTV4M01Xd1dYYTRadnREV3FkQWJ6YXdpQ2tVVW1FVnpxUW1hUkUzdAoyR1ZqR0Z0eTl4MXo5cFF1YSttSUs4VWxBdVdka20zc1pveHc5eTRnd295T2gvZUJ2M2N4cTdUL2RFSnVNTHhwClc1OEZ1cGMzajVhNEVqcnJJWXR3NGIrdVk5eDZuU3FLUklCZUZlZTcvai9ta0FRRXVjWWxmRisreGIvc0ZtWFAKUEdkMmhwWFVYdmpDaTRQSUlxUWt3WlMzUlRlMVVtVE93OS84VDhUeW5Ic2dnSHVaNFQrZ0xJcVNkWE13Qlo1awpvaXJUSzVWUXFsNU5oZmdFcTAvenRTR1dLL2Zla3dJREFRQUJBb0lDQUNLK0JSbzB1RElNSERXUm1UOFBPTllNCjhjakRjc1ZIMlQ5dTdqaHZOeFh4dEc0amt5YWpYZ2NsWG5mSTN3TnJhMlVua0NpU0Q5SXhzSm53NHdhRStwUWUKN2xQcWlFNGFoVUtkTVRaNkttbmdlOFZBdGV6MVJaTWY5K3l0clJmWXAvT1Y4TGl1SWFXQ2xBSzlJa2Y5Q2N5Qwo1S3IyeVFVcDhyNU9TYjRJS1hWS3BOc2xzaDV2L0xoSUVkOTJrTGI3SXF6aVdkdGlVbjZxS3FmWlJyQUE3Y2RTCnRMRjJPTVJkWjJEZGE3NGdlbUU0aDJSWnRZbVRMNmVwNytMd1hxVUtpMUNuOGpNdzRjSTdOVm1wTzcxNzJYQUoKSjUwd0JuS3JjazhhRzdzZWwxOGVuTGxvYWdEMnR0akg3WE5LWDM0dEpsczNtUmtKZFliWTR5REE4NTVMRzVEZQpaeGJqMG1xaDNoQkdreS9qMnlUbU5DUFlYbUdncC9OSnYvTHI0dllMbVd2a1F3NFJuNXl0NHM5SldIVXNXUjcwCkdqNUROWURUL2Z5d1JkQXdPTWJORTk5YzI4K1o3QmlQQjJGVGhadFhicWxrdWRCdmgvUENLMDdYVy8rMTNjVHIKVUdDMWlKbDdvaGZGdTgybW1FYkhyZVJmRjhsUGVBc0MyK2F3cEtUWnB3K2MzcjF6Nkt0Tm9rZGFGMHVhaWE1NApCbVhvam5ZRzVrL0twUjcwTHVVdHpvbVBMUVJkSmtVVGVTcWh6bU1Ed0UvNGdUWkdQY0NiMjZQc3Eza0Z1WFhVCkVhOHJRZHFIU0hYL1lwNG5RVG9GT1A5YUlIT1p2aGMzNE5BaGhpb2pJNFZZd3hOMHltQytrUTBDVFJGYW9lZm0KeTBSRWF3UEJSUXhGQlU5LzkzaEpBb0lCQVFEQkRTQ2hFbCtVZUVXVDZoYWhDY0hWVjJ5V1FUNTBleHlJeUp6SgpFc0FNYmhYOElLTXFjZUcvTXo1a3lUUCtaNVpMUzFBeXBYcCt0RnRtV2EwZ0ZGVkJkTWNBd05wa005YVVjb01TCmE0RGpIblVxcXI5Q2VGYUl0RElVa2ZSbkgrbXd3M0JIcXh3Z1NnWG0yanNHNUV6Yy95cUFMbkh3TThhczhJbmMKK3VwOWZreXRYbXBiRjUrcmhqWDBNWHdKZk5vRFlJZUJTVUtXbThFaTQyeGcxOEhKS2YyVm9TOEJHSnFzZ3dnQQpzcXZibWxFb1k2cUFKSVFoK0Rad1JZcXdzR2Qvdm5XaFc0aHp1QUU0SVlvc0lPV1c1cjE5WU1WWHhLdHNhRU84CnRKQW1JcmlvK3pPY2ZXRUc3Wngzc0tMWHNzWmY5UDdOMSs2MlFlUDJYTEZTVWZUdkFvSUJBUUM0aTRESi9lV3gKZEtUMkpDRlgyT3N4TkVyOExrbkVtbEVYYktrMWVXODlOR2RQMkxFNDkvK1pFTjR4SmdxNEJISW0yUWYrR2dxaQptcVVJLy9ZOVBRTFpZSDluUkVUSm9odis1Y1EvU0ZoNDMvcTgzbHdSY1I4RjdDMVorZ2hJK0NYcVQ3L201L1hVCmRtSGQ5NTBDd0FlL1k2VzBTMTY0V0s0UUxtc1ZuWk1qVGpxWllPT0N3RU5oL3plemZranVmMG5LU1FlYVo1U1cKVW14MjJyc1JUblhoSW1kaW5YbE8wWEUvZlZkTzBoZmFRUjBXM1dJZnhiUEJPak15WVJQRGRONDExMkJwWmVLdwo5T21STzRMd2NxK21LbFRpUy8ybW9FVFhXdHFacHJkNFZrWXdjOUFTTHdscjZOb0RlOTVQbS9iS21yUTUzWlZkCnRIVmpCWm9GcGRpZEFvSUJBUUMrM0JTclNqZjIyR1dwbENDbE83bElDL1BPSlZqeTNoaGEzME9xdzMvZGlpVHcKTFBCRDhXMUhsQWtXcVpsZTV0aS9QZ2xlMlIxZkVUN2YxTDhGM1RSZ3oyeER3V2JvOUJzc2puNHBndUZkS2VxYQpzVThBRDJzMklqajAvMHZMZk5DVXN0Ulo5c0NLNThRbjlRK3dnNXUrVGdPZDBNMVN0azJ4QXVxNTc5UlBGOFFGCkR6aEZNUGpxSW5sTElIVktDQWFlbWh1OTVVa1JENUlGeFNTTUppTnZsN1VlN3NsQzR5bGdidmRGZ1YvSmNDclcKckpxUHNBcDJieWliSFJXK0U5bHZnVVJZcjk4YTBRdGJqRVZIMVlwSEEzN0o2eGVQNjEremdPMmZMa0RwZ3lCZgo2R0toVDQvU3dxNFQ0eTFMNVhLY3dlSDhib1NSNmxqUFk5cm4wU0UvQW9JQkFBWEVWa0g1clRQZWNVay8xOHJtCi9IS05MOHF4cDV4OU5ndUZXY1JTQnlmaWUxZ0RiWVphT2FLTzVHS2t6YkR5Y3A3RUtYdkhWSTNBUjJnQWw3RlMKTnNTVVAyYjZ1eXVSNVU0UjRCQWFNcW1VVmtHUXNVL2FPUjMyUTNTTVc3WHNDME5IT3JmOGg3SWNBUEx1eWZsTQpCdkgwS3psM0lYNmhSczg2cEI0SXpwQkw0WWpwZmpLWHo0TkFkbjBsZFNIKzJFOTUrTUxhZWNvNHlTcnRxdXJmCmlNK0FRN3JSTVBsRmtrUnBwbERRUCs2U0dsYWNsSFJwdVRSUW5VajF2NmhiL3BXd0pWTWwyKytydDZEU08wVkkKVURUaEhjWDBtZmliQ1l1eFN5T0NFam13ZUlFTEhYVjBBdGRjYjNPc2EwWVJtYVM3TU9hZUJnem5sc09CYVU3RAo0QUVDZ2dFQVo3L1hwL08xejJXZlMyUHVPRy9SSEE2TkNKeW1wVktMVGFsVEtlWEdYMUErUGNXOFFJLzQzVURBClkxcWJEeGNUODFIU2JQcE80Z0xET2k4OXArb2M5MTJkS2NYQ1poenNsbjlpbGpwUEt0RGlSY2NBUXVhMWU2TWEKaUY1dGYrRC9FTzZtZkxwL2xCZHhmN2QzbzR5cjF3N2JiMXpkZ0xMZXdHMkxYRE05TTNxcEdBODk3S2w5V2g2UwpWdVNwZEdkMDh6WFBVK1RteFZLMHpGVVBjbnpaTlVPbmp1aHk5L0VVQkRKU0ljS0x1U3NHbS8rRUFmdkhoYi90Cll3c2dxZ1NWNUplOXBPYXBFWFB1QUkzZlFYUm5uYXArdWVVdERZNWNnanV5TW5JVGZKSlA5bHd3eGI5ZEZYTXoKVmVmdFFGNHRQdFJNdFRTaVcxV3l6c3NCeUNrLzV3PT0KLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo=</prv>
</cert>
<cert uuid="fa4322d6-3be9-4300-ba0c-14812fc50d37">
<refid>6607da87d5f1f</refid>
<descr>Web GUI TLS certificate</descr>
<caref/>
<crt>LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUhIakNDQlFhZ0F3SUJBZ0lVTUswSFdwa25HbzMvQ1BWcDk1dnphS2V2ZFVFd0RRWUpLb1pJaHZjTkFRRUwKQlFBd2dZa3hIVEFiQmdOVkJBTU1GRTlRVG5ObGJuTmxMbXh2WTJGc1pHOXRZV2x1TVFzd0NRWURWUVFHRXdKTwpUREVWTUJNR0ExVUVDQXdNV25WcFpDMUliMnhzWVc1a01SVXdFd1lEVlFRSERBeE5hV1JrWld4b1lYSnVhWE14CkxUQXJCZ05WQkFvTUpFOVFUbk5sYm5ObElITmxiR1l0YzJsbmJtVmtJSGRsWWlCalpYSjBhV1pwWTJGMFpUQWUKRncweU5EQXpNekF3T1RJMU1qbGFGdzB5TlRBMU1ERXdPVEkxTWpsYU1JR0pNUjB3R3dZRFZRUUREQlJQVUU1egpaVzV6WlM1c2IyTmhiR1J2YldGcGJqRUxNQWtHQTFVRUJoTUNUa3d4RlRBVEJnTlZCQWdNREZwMWFXUXRTRzlzCmJHRnVaREVWTUJNR0ExVUVCd3dNVFdsa1pHVnNhR0Z5Ym1sek1TMHdLd1lEVlFRS0RDUlBVRTV6Wlc1elpTQnoKWld4bUxYTnBaMjVsWkNCM1pXSWdZMlZ5ZEdsbWFXTmhkR1V3Z2dJaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQwpEd0F3Z2dJS0FvSUNBUURQQVcvTmVXWGVFZ3gzbStIK3Y4OUdvek5PRTJFWlBQOE1CTllhWHJvNW1GeVlrV01hCnRMTkZGMlBzNVdDWHBJVFNkbnU3M0hQOVd6d0M4dWZTdDBORlZ1dEROclloeWJYYVhXTmVESTlnUmFTWmRXQ0cKUCtjb29KdC91SThJSjNQTVdtVSs0S2ZuMHdLWHRUeVBqQ1luYVlVK1BvMDhXWERIdW9wa2VxeWQ3TThkNFBCMgpvRnk2NzZLWm9tTG84bW0wSEh6OUhqVFQ1Qk5BUGNTV28rWXoxMGhOY0E1aGdNSUpUdWpnZ1RYV3ovSVA4aHlLClhiRXpTOXdqVTdidzNETTFDZnJBUlB3Qnd4NTd6NDc5MDJFRHJHNVJGMzA2cXU4TVExdGJ5S0drREpwZWZNOHMKelUzNUplTmRIZ2N4ZlByWW5XSXR2SFBsL0FONVAvcW03MFVvMzFRUGU2bEhFbmt3UzRKbkdYcXJoaEZaY0FDbgpmaWwydExEb2RQYisyUE5Ca1kvY0wreGhkaW9ldkxsNUNudjJpSDdDWEdPNzZoNEV0U1ZNZGpCNzgwemwrZXA4Ck80dTR3L0xVUTlCWXRXNmllYytwN2hxZ0lzc3I4am4zbmJnMTIwN3RaS004czNZVVJqMHl4aktJK3pHLzRFQW4KdnVwdTFNS2RQU0JCYzdhNzhRVDd6ZjdXMERncU5DRXp1dS9lNzMrUHpla1g0OWxHMEgwb1pwejkzbzVTYnkwVApXVW4rVHpxOWQ0SGZGeU9zdk9ldm51OU10dFE0Y1lCNy93ek5WRzVzSkk4UjlqeEJTWUpvZVRvQXhEdWdHWTkrCk8rbTZaRWpyVW16VGx1YlllSUJuYzBySjErR3o4OVg1REtKY3FBekkvS3VOaHNsMjYwWG5xdXRLL3dJREFRQUIKbzRJQmVqQ0NBWFl3Q1FZRFZSMFRCQUl3QURBUkJnbGdoa2dCaHZoQ0FRRUVCQU1DQmtBd05BWUpZSVpJQVliNApRZ0VOQkNjV0pVOVFUbk5sYm5ObElFZGxibVZ5WVhSbFpDQlRaWEoyWlhJZ1EyVnlkR2xtYVdOaGRHVXdIUVlEClZSME9CQllFRkVhMFZrRVVta0RzVzNLSjVCNnBIbDNBQTc0RE1JR3pCZ05WSFNNRWdhc3dnYWloZ1kra2dZd3cKZ1lreEhUQWJCZ05WQkFNTUZFOVFUbk5sYm5ObExteHZZMkZzWkc5dFlXbHVNUXN3Q1FZRFZRUUdFd0pPVERFVgpNQk1HQTFVRUNBd01XblZwWkMxSWIyeHNZVzVrTVJVd0V3WURWUVFIREF4TmFXUmtaV3hvWVhKdWFYTXhMVEFyCkJnTlZCQW9NSkU5UVRuTmxibk5sSUhObGJHWXRjMmxuYm1Wa0lIZGxZaUJqWlhKMGFXWnBZMkYwWllJVU1LMEgKV3BrbkdvMy9DUFZwOTV2emFLZXZkVUV3SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQ0FJQwpNQXNHQTFVZER3UUVBd0lGb0RBZkJnTlZIUkVFR0RBV2doUlBVRTV6Wlc1elpTNXNiMk5oYkdSdmJXRnBiakFOCkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQXVRZnJTeXVkVVNPV1QyL0FTZFQ5c2ZWbmhlbWUxdkpuMXZJdjBtUjYKa2UvMXJDNXplYmZMeHlHMzVwbGdlWFFhOTdPTC9ZSER2NlZ4bkNOM3ZkK3R0S0FaWUtla3FWd3Ywcmg1QUcyZQo1b1lib0NwazBLTHZvNTJKVWswQVNsTXhDdndFVi9qRGFKZkNsRjdCV3BpTDQrMnlMeXl0ZFpSL0pyd3ZQZjFXCnU0YWl4WGRVN2RrQXFOK2dvM1BEclJPVkgvNHF5TUVQRUZTR1JNK0EvU0dOWjZtRXVkdzR1UDNzaDZqSHRQWTAKbHRVNklpTnY3N2FrV21iR0RmbnpoWERYbU0rNjEyT1FDOXJaK0pQVFcrcW9WaHJnOFJIclBpQS9oeW9WRFVQbwoxV3BXZ0RiUVFXSERJdG00WCtVS1RTdEZJNkw5WjdFMExEeUlsQXNOd1ZoRU4yekRtcHFPT3I5WkZvYmFDNXJtCnFvUWdDcU0zSHE0OVg0ejNhU01FeVU3eUZxNCtwZEorSnRxS3haS29UMmtzMU4ybEVxdDJDaGxhS0g2Ymc5cjAKSTRrQkQraG1pQVc2WHprYWRsUG90ZlR0eDJ4c2pnQWtNN0RRYjZobUxyQksxK0pmVUN6QUl2RTdBK1RsRlVOcQpTVUd1eHpEdHM4b0Nick01Z1hwcDczYW1mc2UyYkJVVVZzVjYrYndyelRjREVKdm5xZjFUNFZLYU9SQVdSYjV5CkhxQWt3a2hOTTE5VjhUeHIvKzAxSVNadFJJZVpBTGtEWFFDKy9YRHprOHloUzdwRWNUK0w2bnQzQmlaUkRXN24KTk12eXR1OWJmL3lUYVhJZlNCVVJVWm1rdVZ6UjRQdkhrbmxDS2RPVVQ2cGZNU2JNU1RUaGZ1TGI4bUpvc0l3SApPOFU9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K</crt>
<csr/>
<prv>LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUpSQUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQ1M0d2dna3FBZ0VBQW9JQ0FRRFBBVy9OZVdYZUVneDMKbStIK3Y4OUdvek5PRTJFWlBQOE1CTllhWHJvNW1GeVlrV01hdExORkYyUHM1V0NYcElUU2RudTczSFA5V3p3Qwo4dWZTdDBORlZ1dEROclloeWJYYVhXTmVESTlnUmFTWmRXQ0dQK2Nvb0p0L3VJOElKM1BNV21VKzRLZm4wd0tYCnRUeVBqQ1luYVlVK1BvMDhXWERIdW9wa2VxeWQ3TThkNFBCMm9GeTY3Nktab21MbzhtbTBISHo5SGpUVDVCTkEKUGNTV28rWXoxMGhOY0E1aGdNSUpUdWpnZ1RYV3ovSVA4aHlLWGJFelM5d2pVN2J3M0RNMUNmckFSUHdCd3g1Nwp6NDc5MDJFRHJHNVJGMzA2cXU4TVExdGJ5S0drREpwZWZNOHN6VTM1SmVOZEhnY3hmUHJZbldJdHZIUGwvQU41ClAvcW03MFVvMzFRUGU2bEhFbmt3UzRKbkdYcXJoaEZaY0FDbmZpbDJ0TERvZFBiKzJQTkJrWS9jTCt4aGRpb2UKdkxsNUNudjJpSDdDWEdPNzZoNEV0U1ZNZGpCNzgwemwrZXA4TzR1NHcvTFVROUJZdFc2aWVjK3A3aHFnSXNzcgo4am4zbmJnMTIwN3RaS004czNZVVJqMHl4aktJK3pHLzRFQW52dXB1MU1LZFBTQkJjN2E3OFFUN3pmN1cwRGdxCk5DRXp1dS9lNzMrUHpla1g0OWxHMEgwb1pwejkzbzVTYnkwVFdVbitUenE5ZDRIZkZ5T3N2T2V2bnU5TXR0UTQKY1lCNy93ek5WRzVzSkk4UjlqeEJTWUpvZVRvQXhEdWdHWTkrTyttNlpFanJVbXpUbHViWWVJQm5jMHJKMStHego4OVg1REtKY3FBekkvS3VOaHNsMjYwWG5xdXRLL3dJREFRQUJBb0lDQUFTdFhLSWRWVTdseEdQbkJJdmVxZFc1Cmg5UTdjekpPcllOQkFnM2VzeXdJM1NpRUFWV1RlVE95amJYRzVlVjhsT3BkeTZSY2NnWjQ1ODgzNmdvZzZiR2wKUmxkVVZNM1cyM2VXbmlhMUUvR1ZlaVBWOCtKN3c5RDloSFFudy9Ebng3NGtMdlJXMjgwK2xMNU40K2krYVNRUApmMHppMlpqOHMrc1lRajQrU25PQ0pOR29IblVEUkpHT0RwQmJxQ2RiRG1MTzM4RDhXb09wV0pkWEhDcFk5WGg4CjFqWmh0YXdqM2t5M1VkVFJxRmsxTUEyL2c3SExVaVg5a0hqRyt4NXNoN2lPUzBlUkZhNWZuM2xDUFRWcnFMTmoKakZXcXVUT0c3V3puMTE5aGEzWnlPUjZ4TTNaK0JKcXJHR0JnSVRSZURLbk9USXUwckFhYlJUbEVPMXpWa1o0WQp1V2x0ejNnbGNvemJXNFlyNmZ5RndjcFBQaWxGQjE2M01Rb1Y5ZVVBdTlHNW16MWNReHRRMmc5YnhselNXMnlwCkdkazlYakpxVWZsQnNWQm90T0wrODdCOWU2ZmRsSzNkbTJxdGxJb1BDTVFjNlRKUXo1bGE1T3l1akxvMXB4bXoKUnQwdHAwNHowYUdFdS8xRHZLVVEwS2tCbVlsd0F4S3pvZzl1MDFHU2ZwOWNScGovZkVLT1J2aFYvY0N4cTgxZApmQWNTMnk3SEltZFoveDhvWFRUdTUzU2ZkdUQ5QzhIcTd2UUlPTGhDc2E5SUdIVmcyN2FkOFYrSElLUVlJRis2Cm9GWUpFY0IxeHRCTEhCVERSVDhRaWNQTm1UNDFFT3BlOVZsMUQ3VlFCMGRpK1h3QWM2dkxyN3N5MDU1OWdxcEYKT0tFL3BtRVJsaVJKbStCR2hIYVJBb0lCQVFEdVdVZFgzRVpneFVNSm4rVGdSeFRXcHFjUGMycmxnM1BDeWtRcApOMk5RdE9xSE0rVURYUXFHZ0RJV3I0cHp5YzRFUkMwM3NqQkhnaWpLU29pMGZ6K2lwbmVlaWtGeFEybkhVUnY2Cld6aG5Xak9UR3ZCY3lhd2wyNmJGaWFzNU9XU3QwRk5BZG05cTZlL2laYUwyVXIvMjBmSmw3eVIzbXlldHVYcG0KSU8rYmRreFg4d3NSbEN3TWJHTkh6VHFMNUt5K3ZKQlJnVzFlMFRyY1pubXJGdEUzOVoxM28xS0JEM25ka2NzVgpyMDd5MVczN0hmVnJMdmpmb3p0QktYUzJBTmhrTXYwWUp3eWEyc2ZReWZMODZuOVdSb3hPdW1JV00vRDJhbTRTClBEaTNhWTh3YlI1M2Y2cW5TZ1p4cDBrOHdvSS9MdWI1Zy9IT2xad1F1V3dPK09BcEFvSUJBUURlVmZEbXoybE4KWGxFVmUvbVhESmh3YndIZ3hKL0NaUU43VTdPZjhnbXZHSTJkNlI2eVR5T0tMTFBDc0h5NkhRam5URjUwdUZnegpKZHFOdWVGYXN4TFFGSW5HNXc1TW95L0N6VVo1TVdzM3JJRnZxOCtqTzk4RnZpRklMdG52dnhGMmk1clc0OUFhCjF0MXREU3l6cSs5OWhCVEdpbGg0NElLUE9veTlndWtJbXhieU9oUWExN0RnWW1MR0Fud3NvalpBYlJNNzJ6dmIKMDBXbFp5NDNZUkdRNFhBRklOVGtqQkQrTW02Mk5uR3BoOGZhSWVsT1NFMjI5YzBaUW9OZ3lQcjRVOERkNnlxSQpBNHlLVHhtSFFoanBXUXBNUElIL2p3c1dxMnJMN1VVY2dyVlQxWnZUQjlabStuMThQV2RmQ0Vtd1E5d1dBVzVHCjFSUmp4UWtKR1pibkFvSUJBUUN1VkVKb01zYU85UGpKUzFlZDZwK0ZPRE1zaStCOXFoMjdOVEdSYTkrS0lpai8KWnFkMFJGTDBlVU1wY0k4MWpUN1B4QVhHbk4vUERaWkVEeXZaeU5DRWFIbEpUaG43ZTdFY2hXaVBQclVNY3Q4UwpFendHd2NMVmxjaHU1dmlEVEVVbEZDQXdIKy95Sk5TOXBGVURFUmN5c2ZBM09paFVDdm1FaVFyTE0vL01sMFBUCmVBSjZnd09NdXFJSzNFS2NHMDkxMm5rOEJBdzRzNVAzckVRRkxSVXRkc29MdlRzVkJucTk0bXJGbTRtRTl6SVAKMzZPbkY1NFVCRkhNb1VPcDh3aFNrVENvdjdicWRHWjlnWmZtQUtYT05wOWMzZG5zSDJWNDlmTTRCeS84aG9xaQpnczByM2dhMWdPRWhzNWRQaDN5NE5kZmVXL0U2aGhhMTdNanFVb0d4QW9JQkFRQ2JoN2oyYlA4M3ZST3htTUVYClZodEpBNDVud29RVGc0QTFCRzl5SXVsOVVBcTQvVHVZOWwxaEtqWXhxaTRHTDR0cjZmTmxhUk5oN0VmL3Zwa1QKVHBPSmRlU1BmRkIzY2V4V05DenBXSld0STRLRU1NY1daQ3AySlBPNVAvVDZqa2xVQ1FLdThqeEFtaS9aT2s4YgovTm1TanhQTmN6ZkNqeU1sdUlwOWc1Y3FpdnM1UlVHTktYYzA3LzR5ajhoM25KMmc0ZXlEZ2JCVTdXMFo4SnpXCjVwTllLeXVtbXJueWlyelVaVWtuTTl5OUFCdmd6cm9iSmQ4ZmJzRWp1M0NXQXVIMVZ2bGpCRUFEVjZBM25HKzYKTzVXYm5zcmlXNjJBclhyUFIraDBjUzFZYldNVkd5ZGZMMnRmTERrZDhRSmY2emRKRTU5ZzBXMW9KV1NYQ2wxdwp2VExmQW9JQkFRQ3d0Z2l6WlZMR0xQUEl5UVJxajNUa3kyS2s1K1dHSUdrQ1l4WXZMVEtFZzZvbFB3anRJZzZLCno4YUNhekJIQ1BVR3dKYWt2cDdOVXZTOHo4ekwzbmFyU1RxUnRxTHFHSVEzZGk4dE9DVjJZLzRlT2VRcXU0R1gKN3FOVm5vckxsRnJiSTVzbTlqdjNUV2tCaExHRzdueDZBMnJqV3ZDNTBwVUNYY3AvMVJyOG5VcUJmaVA2VHRvZApnQ0MwQ0VGMnNNOFcwMmNTN0lIeDFVajlpbXZyaHhaZkNnSTNpbGJHUStHWFVKUUdYZGlRVGtCVS91TC9QbWFwCmJ4c2FsWG05V3VMUXV5NG4yTW5UL2RvUGlINlV6NVhqN01qMHM4ZGl0NUdWNTJmRFpNTWZOcEtqcGZSZ2Y1S1cKSXV6SVprVlBzdWt1Tlp0Yk1CeiszRU5wSkQ5bFloeWQKLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo=</prv>
</cert>
<Pischem>
<caddy version="1.3.7">
<general>
<enabled>0</enabled>
<EnableLayer4/>
<HttpPort/>
<HttpsPort/>
<TlsEmail/>
<TlsAutoHttps/>
<TlsDnsProvider/>
<TlsDnsApiKey/>
<TlsDnsPropagationTimeout/>
<TlsDnsPropagationTimeoutPeriod/>
<TlsDnsPropagationDelay/>
<TlsDnsPropagationResolvers/>
<TlsDnsEchDomain/>
<accesslist/>
<ClientIpHeaders/>
<DisableSuperuser>0</DisableSuperuser>
<GracePeriod>10</GracePeriod>
<HttpVersions>h1,h2</HttpVersions>
<LogCredentials/>
<LogAccessPlain/>
<LogAccessPlainKeep>10</LogAccessPlainKeep>
<LogLevel/>
<DynDnsSimpleHttp/>
<DynDnsInterface/>
<DynDnsInterval/>
<DynDnsIpVersions>ipv4</DynDnsIpVersions>
<DynDnsTtl/>
<DynDnsUpdateOnly/>
<AuthProvider/>
<AuthToDomain/>
<AuthToPort/>
<AuthToTls>0</AuthToTls>
<AuthToUri/>
<CopyHeaders/>
</general>
<reverseproxy/>
</caddy>
</Pischem>
<dnsmasq version="1.0.8" persisted_at="1766317386.47" description="Dnsmasq DNS and DHCP">
<enable>1</enable>
<regdhcp>1</regdhcp>
<regdhcpstatic>1</regdhcpstatic>
<dhcpfirst>1</dhcpfirst>
<strict_order>0</strict_order>
<domain_needed>0</domain_needed>
<no_private_reverse>0</no_private_reverse>
<no_resolv>0</no_resolv>
<log_queries>0</log_queries>
<no_hosts>0</no_hosts>
<strictbind>0</strictbind>
<dnssec>0</dnssec>
<regdhcpdomain>home</regdhcpdomain>
<interface/>
<port/>
<dns_forward_max/>
<cache_size/>
<local_ttl/>
<add_mac/>
<add_subnet>0</add_subnet>
<strip_subnet>0</strip_subnet>
<dhcp>
<no_interface/>
<fqdn>0</fqdn>
<domain/>
<local>1</local>
<lease_max/>
<authoritative>0</authoritative>
<default_fw_rules>1</default_fw_rules>
<reply_delay/>
<enable_ra>0</enable_ra>
<nosync>0</nosync>
</dhcp>
<no_ident>1</no_ident>
<hosts uuid="18e41138-de88-4096-ad30-e7030f85dd09">
<host>homeassistant</host>
<domain>home</domain>
<local>0</local>
<ip>10.0.0.2</ip>
<cnames/>
<client_id/>
<hwaddr/>
<lease_time/>
<ignore>0</ignore>
<set_tag/>
<descr/>
<comments/>
<aliases/>
</hosts>
<hosts uuid="f9554065-e2b8-460a-8a49-b35e0940a4db">
<host>lxc-mariadb</host>
<domain>home</domain>
<local>0</local>
<ip>10.0.0.14</ip>
<cnames/>
<client_id/>
<hwaddr/>
<lease_time/>
<ignore>0</ignore>
<set_tag/>
<descr/>
<comments/>
<aliases/>
</hosts>
<hosts uuid="8f8d0078-647b-4a46-90e7-e67989265a56">
<host>vm-ansible</host>
<domain>home</domain>
<local>0</local>
<ip>10.0.1.11</ip>
<cnames/>
<client_id/>
<hwaddr/>
<lease_time/>
<ignore>0</ignore>
<set_tag/>
<descr/>
<comments/>
<aliases/>
</hosts>
<hosts uuid="6743730a-3c50-4d78-af6e-a832b9cb0791">
<host>vm-docker</host>
<domain>home</domain>
<local>0</local>
<ip>10.0.0.8</ip>
<cnames/>
<client_id/>
<hwaddr/>
<lease_time/>
<ignore>0</ignore>
<set_tag/>
<descr/>
<comments/>
<aliases/>
</hosts>
<hosts uuid="972d9171-8eda-4605-b37b-b744677c6022">
<host>vm-docker0</host>
<domain>home</domain>
<local>0</local>
<ip>10.0.0.212</ip>
<cnames/>
<client_id/>
<hwaddr/>
<lease_time/>
<ignore>0</ignore>
<set_tag/>
<descr/>
<comments/>
<aliases/>
</hosts>
<hosts uuid="f8218b76-c7b4-464e-8d54-c4e53e0f5164">
<host>vm-docker10</host>
<domain>home</domain>
<local>0</local>
<ip>10.0.0.20</ip>
<cnames/>
<client_id/>
<hwaddr/>
<lease_time/>
<ignore>0</ignore>
<set_tag/>
<descr/>
<comments/>
<aliases/>
</hosts>
<hosts uuid="08e1fe8d-620a-415b-b06b-fcaef2a50073">
<host>vm-docker13</host>
<domain>home</domain>
<local>0</local>
<ip>10.0.1.98</ip>
<cnames/>
<client_id/>
<hwaddr/>
<lease_time/>
<ignore>0</ignore>
<set_tag/>
<descr/>
<comments/>
<aliases/>
</hosts>
<hosts uuid="6a72b1d5-5554-412a-bcc0-702403c848f2">
<host>vm-docker2</host>
<domain>home</domain>
<local>0</local>
<ip>10.0.0.26</ip>
<cnames/>
<client_id/>
<hwaddr/>
<lease_time/>
<ignore>0</ignore>
<set_tag/>
<descr/>
<comments/>
<aliases/>
</hosts>
<hosts uuid="25a6328b-2bee-4f15-a1f0-ebf060a0ec02">
<host>vm-docker3</host>
<domain>home</domain>
<local>0</local>
<ip>10.0.1.98</ip>
<cnames/>
<client_id/>
<hwaddr/>
<lease_time/>
<ignore>0</ignore>
<set_tag/>
<descr/>
<comments/>
<aliases/>
</hosts>
<hosts uuid="de6ef150-d14c-4d44-983d-4663526a35d8">
<host>vm-frigate</host>
<domain>home</domain>
<local>0</local>
<ip>10.0.0.206</ip>
<cnames/>
<client_id/>
<hwaddr/>
<lease_time/>
<ignore>0</ignore>
<set_tag/>
<descr/>
<comments/>
<aliases/>
</hosts>
<hosts uuid="86728e8d-8a70-42c1-9462-7cab19c026b0">
<host>vm-gitlab</host>
<domain>home</domain>
<local>0</local>
<ip>10.0.0.200</ip>
<cnames/>
<client_id/>
<hwaddr/>
<lease_time/>
<ignore>0</ignore>
<set_tag/>
<descr/>
<comments/>
<aliases/>
</hosts>
<hosts uuid="3492c64f-72d5-4b16-b3f0-ac759e4ea344">
<host>vm-jellyfin</host>
<domain>home</domain>
<local>0</local>
<ip>10.0.0.33</ip>
<cnames/>
<client_id/>
<hwaddr/>
<lease_time/>
<ignore>0</ignore>
<set_tag/>
<descr/>
<comments/>
<aliases/>
</hosts>
<hosts uuid="8aad7108-b903-4228-a010-3b041904868c">
<host>vm-mediaserver</host>
<domain>home</domain>
<local>0</local>
<ip>10.0.0.29</ip>
<cnames/>
<client_id/>
<hwaddr/>
<lease_time/>
<ignore>0</ignore>
<set_tag/>
<descr/>
<comments/>
<aliases/>
</hosts>
<hosts uuid="177bee9b-1423-44dd-9391-76d93b3ab8d9">
<host>vm-mesdata</host>
<domain>home</domain>
<local>0</local>
<ip>10.0.0.34</ip>
<cnames/>
<client_id/>
<hwaddr/>
<lease_time/>
<ignore>0</ignore>
<set_tag/>
<descr/>
<comments/>
<aliases/>
</hosts>
<hosts uuid="8a2cd0b8-9a70-409e-abce-9572f03686d5">
<host>vm-mqtt</host>
<domain>home</domain>
<local>0</local>
<ip>10.0.0.3</ip>
<cnames/>
<client_id/>
<hwaddr/>
<lease_time/>
<ignore>0</ignore>
<set_tag/>
<descr/>
<comments/>
<aliases/>
</hosts>
<hosts uuid="5cd87547-638a-4e5a-acc1-f186073a9480">
<host>vm-nodered</host>
<domain>home</domain>
<local>0</local>
<ip>10.0.0.9</ip>
<cnames/>
<client_id/>
<hwaddr/>
<lease_time/>
<ignore>0</ignore>
<set_tag/>
<descr/>
<comments/>
<aliases/>
</hosts>
<hosts uuid="fd547308-1ce8-4242-8adc-48fc3de42f46">
<host>vm-vaultwarden</host>
<domain>home</domain>
<local>0</local>
<ip>10.0.0.16</ip>
<cnames/>
<client_id/>
<hwaddr/>
<lease_time/>
<ignore>0</ignore>
<set_tag/>
<descr/>
<comments/>
<aliases/>
</hosts>
<hosts uuid="69da78eb-0ce7-4d24-b08e-9e944adfb74a">
<host>vm-weewx</host>
<domain>home</domain>
<local>0</local>
<ip>10.0.0.13</ip>
<cnames/>
<client_id/>
<hwaddr/>
<lease_time/>
<ignore>0</ignore>
<set_tag/>
<descr/>
<comments/>
<aliases/>
</hosts>
<hosts uuid="df64398c-ae3d-4b89-b26f-35aee6f3a5aa">
<host>vm-wireguard</host>
<domain>home</domain>
<local>0</local>
<ip>10.0.0.11</ip>
<cnames/>
<client_id/>
<hwaddr/>
<lease_time/>
<ignore>0</ignore>
<set_tag/>
<descr/>
<comments/>
<aliases/>
</hosts>
<hosts uuid="aafaed34-5a66-4e54-a6fa-dd1542fa460d">
<host>vm-ytubedl</host>
<domain>home</domain>
<local>0</local>
<ip>10.0.0.210</ip>
<cnames/>
<client_id/>
<hwaddr/>
<lease_time/>
<ignore>0</ignore>
<set_tag/>
<descr/>
<comments/>
<aliases/>
</hosts>
</dnsmasq>
<syslog/>
<wol version="1.0.0"/>
<installedpackages>
<miniupnpd>
<config>
<enable>1</enable>
<enable_upnp>1</enable_upnp>
<enable_natpmp>1</enable_natpmp>
<ext_iface>wan</ext_iface>
<download/>
<upload/>
<overridewanip/>
<overridesubnet/>
<stun_host/>
<stun_port/>
<permuser1/>
<permuser2/>
<permuser3/>
<permuser4/>
<permuser5/>
<permuser6/>
<permuser7/>
<permuser8/>
<iface_array>lan</iface_array>
</config>
</miniupnpd>
</installedpackages>
<hasync version="1.0.2">
<disablepreempt>0</disablepreempt>
<disconnectppps>0</disconnectppps>
<pfsyncinterface/>
<pfsyncpeerip/>
<pfsyncversion>1400</pfsyncversion>
<synchronizetoip/>
<verifypeer>0</verifypeer>
<username/>
<password/>
<syncitems/>
</hasync>
</opnsense>
Reference in New Issue View Git Blame Copy Permalink