commit 5a445e0ab8a9d8cf3da15481ebf9ae8797a54fc6 Author: Matthew Shillam Date: Sun Nov 9 22:25:14 2025 +0000 /diag_backup.php made changes @ 2025-11-09T22:25:13.870000 (mshillam@192.168.250.162) diff --git a/config.xml b/config.xml new file mode 100644 index 0000000..92e7d1e --- /dev/null +++ b/config.xml @@ -0,0 +1,6146 @@ + + + opnsense + + + debug.pfftpproxy + + Disable the pf ftp proxy handler. + + + vfs.read_max + + Increase UFS read-ahead speeds to match current state of hard drives and NCQ. More information here: http://ivoras.sharanet.org/blog/tree/2010-11-19.ufs-read-ahead.html + + + net.inet.ip.portrange.first + + Set the ephemeral port range to be lower. + + + net.inet.tcp.blackhole + + Drop packets to closed TCP ports without returning a RST + + + net.inet.udp.blackhole + + Do not send ICMP port unreachable messages for closed UDP ports + + + net.inet.ip.random_id + + Randomize the ID field in IP packets (default is 0: sequential IP IDs) + + + net.inet.ip.sourceroute + + + Source routing is another way for an attacker to try to reach non-routable addresses behind your box. + It can also be used to probe for information about your internal networks. These functions come enabled + as part of the standard FreeBSD core system. + + + + net.inet.ip.accept_sourceroute + + + Source routing is another way for an attacker to try to reach non-routable addresses behind your box. + It can also be used to probe for information about your internal networks. These functions come enabled + as part of the standard FreeBSD core system. + + + + net.inet.icmp.drop_redirect + + + Redirect attacks are the purposeful mass-issuing of ICMP type 5 packets. In a normal network, redirects + to the end stations should not be required. This option enables the NIC to drop all inbound ICMP redirect + packets without returning a response. + + + + net.inet.icmp.log_redirect + + + This option turns off the logging of redirect packets because there is no limit and this could fill + up your logs consuming your whole hard drive. + + + + net.inet.tcp.drop_synfin + + Drop SYN-FIN packets (breaks RFC1379, but nobody uses it anyway) + + + net.inet.ip.redirect + + Enable sending IPv4 redirects + + + net.inet6.ip6.redirect + + Enable sending IPv6 redirects + + + net.inet6.ip6.use_tempaddr + + Enable privacy settings for IPv6 (RFC 4941) + + + net.inet6.ip6.prefer_tempaddr + + Prefer privacy addresses and use them over the normal addresses + + + net.inet.tcp.syncookies + + Generate SYN cookies for outbound SYN-ACK packets + + + net.inet.tcp.recvspace + + Maximum incoming/outgoing TCP datagram size (receive) + + + net.inet.tcp.sendspace + + Maximum incoming/outgoing TCP datagram size (send) + + + net.inet.tcp.delayed_ack + + Do not delay ACK to try and piggyback it onto a data packet + + + net.inet.udp.maxdgram + + Maximum outgoing UDP datagram size + + + net.link.bridge.pfil_onlyip + + Handling of non-IP packets which are not passed to pfil (see if_bridge(4)) + + + net.link.bridge.pfil_local_phys + + Set to 1 to additionally filter on the physical interface for locally destined packets + + + net.link.bridge.pfil_member + + Set to 0 to disable filtering on the incoming and outgoing member interfaces. + + + net.link.bridge.pfil_bridge + + Set to 1 to enable filtering on the bridge interface + + + net.link.tap.user_open + + Allow unprivileged access to tap(4) device nodes + + + kern.randompid + + Randomize PID's (see src/sys/kern/kern_fork.c: sysctl_kern_randompid()) + + + net.inet.ip.intr_queue_maxlen + + Maximum size of the IP input queue + + + hw.syscons.kbd_reboot + + Disable CTRL+ALT+Delete reboot from keyboard. + + + net.inet.tcp.log_debug + + Enable TCP extended debugging + + + net.inet.icmp.icmplim + + Set ICMP Limits + + + net.inet.tcp.tso + + TCP Offload Engine + + + net.inet.udp.checksum + + UDP Checksums + + + kern.ipc.maxsockbuf + + Maximum socket buffer size + + + dev.netmap.buf_num + 1000000 + Automatically added by Zenarmor: Max NETMAP buffers + + + + conservative + hellfire + home + + 1999 + admins + system + System Administrators + user-shell-access,page-all + 0,2000 + + + 0 + root + 0 + system + + c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSUVjRmpLT0MrVFdMdXJVL3EvSlFVYk1QMEFmTmFVVFdXWGUyenk4QkRzMnYgbWF0dGhld0BzaGlsbGFtLm1lLnVr + + + $2b$10$fEJUP7gNN.UAaGQIL1zyKeuviU4nAFIfrOH9BlU83MiQxXXACEDOm + + + + + + + System Administrator + + + + 2000 + mshillam + 0 + user + + c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSUVjRmpLT0MrVFdMdXJVL3EvSlFVYk1QMEFmTmFVVFdXWGUyenk4QkRzMnYgbWF0dGhld0BzaGlsbGFtLm1lLnVr + + /bin/csh + $2y$10$5Slr/aP9jkfFVhcZ8ESpau6AuvXbthuNpKOXOVh7GbEqnDk3SINCW + + + matthew@shillam.me.uk + + + + Matthew Shillam + + + + 2001 + homeassistant + 0 + user + + + + + $2y$10$/OwZwl6x4KSv7Dy88C1Vf.fAS98kQy7nEyKLTwx913DlsSQOQIcm6 + + + + dl9j7B6Qc9oNA7KesEGNm7UKb5WX7N+f/e0wOV2cDo7HYLwNAg2QC05uxy9+XqXdmZAlB1/nwpjYjrCx|$6$$.sQAwbMl0hDQdkyM0JIPxLWc8LLd8npnZ.6ddC2VhghMiRR9x0u5XDLJ6EqnJ0HYo25.FuH0cCrN4IWOmiohL1 + + + Home Assistant + + + 2002 + 2000 + Europe/London + 0.opnsense.pool.ntp.org 1.opnsense.pool.ntp.org 2.opnsense.pool.ntp.org 3.opnsense.pool.ntp.org + + http + 6076e25ed3bf1 + + + + + Local Database + 1 + hellfire.shillam.me.uk + + 1 + 1 + 1 + 1 + hadp + hadp + hadp + + monthly + + 1 + 60 + 1 + 1 + en_US + 8.8.8.8 + 1.0.0.1 + 1.1.1.1 + 8.8.4.4 + 1 + none + none + none + none + none + none + none + none + basic + + + + + + + 1 + https://nextcloud.nabble.co.uk + mshillam + a8r67h3XXiuB4Y + + OPNsense-Backup + + + 1 + https://gitea.shillam.me.uk/mshillam/hellfire2.git + master + 0 + + mshillam + TWi7mE9rrxzXam + + + yes + 115200 + video + + 1 + + + + + + enabled + 1 + admins + + + + 1 + + + + os-ddclient,os-git-backup,os-ntopng,os-redis,os-sensei,os-sensei-updater,os-speedtest-community,os-sunnyvalley,os-theme-cicada,os-theme-rebellion,os-theme-vicuna,os-upnp,os-zabbix-agent + + + + + aesni + 1 + 1 + 1 + + urgent + + + + + + igb0 + + 1 + + 192.168.0.1 + 16 + + + 1 + Loopback + 1 + lo0 + 127.0.0.1 + ::1 + 8 + 128 + none + 1 + + + igb1 + + 1 + 1 + + 1 + 1 + dhcp + + + 32 + + + + + + + + SavedCfg + + + + + + + + + + wg1 + WireGuard + 1 + 1 + + + + 1 + WireGuard (Group) + wireguard + 1 + 1 + group + + + + 1 + 1 + openvpn + OpenVPN + group + 1 + + + + + + 1 + hmac-md5 + + + + + 192.168.250.1 + 192.168.250.254 + + + + + + 9c:c9:eb:d6:da:a6 + 192.168.0.3 + ng-sw-8p-bedroom + Netgear 8 Port Switch Bedroom - GS308T + + + + + + a0:63:91:b7:e2:14 + 192.168.0.4 + ng-sw-24p-office + Netgear 24 Port Switch - Office - GS724Tv4 + + + + + + 44:d9:e7:ff:7c:0b + 192.168.0.5 + sw-ub-24p-shed + Ubiquiti Switch - 24 Port - Shed - Edgeswitch Lite + + + + + + 44:d9:e7:ff:7c:47 + 192.168.0.6 + sw-ub-24p-shed-2 + Ubiquiti Edgeswitch Lite - Shed - For Gluster + + + + + + 42:4c:fa:d9:11:0e + 192.168.0.21 + zabbix + Zabbix Monitoring + + + + + + 7a:fd:90:ae:6b:e5 + 192.168.0.30 + docker + Docker test system + + + + + + 46:0e:b7:b7:39:c5 + 192.168.0.32 + fastpanel + + + + + + da:c7:4a:53:59:fb + 192.168.0.33 + git + + + + + + ee:e6:5b:54:ce:b1 + 192.168.0.40 + mail + Mailcow Docker deployment + + + + + + a2:c1:4a:ca:c9:1d + 192.168.0.41 + vitalpbx + + + + + + d6:8f:c4:b3:c8:16 + 192.168.0.42 + wazuh + Wazuh Server + + + + + + 5a:d9:6d:f5:19:d7 + 192.168.0.50 + nc1 + Nextcloud 1 - Test server + + + + + + 3c:1b:f8:4b:95:ac + 192.168.0.100 + nvr + Annke DW81KD NVR + + + + + + bc:24:11:8b:f1:fb + 192.168.0.101 + cams + Frigate Docker LXC container + + + + + + 90:31:4b:ad:fd:d7 + 192.168.0.102 + cam-poly-front + Wifi Camera Polytunnel Front + + + + + + 90:31:4b:ae:7b:23 + 192.168.0.103 + cam-poly-back + + + + + + 88:66:5a:15:8a:9a + 192.168.1.10 + MatBook-Pro + New Macbook Pro 16" + + + + + + 80:2a:a8:89:1b:0a + 192.168.2.2 + unifi-ap2 + Shed + + + + + + 80:2a:a8:49:cd:f4 + 192.168.2.3 + unifi-ap + Ubiquiti Access Point + 1 + + + + + + f4:e2:c6:e9:77:15 + 192.168.2.4 + unifi-wifi6-hall + Unifi Wifi 6 Pro Hall + + + + + + 44:d2:44:25:f9:47 + 192.168.2.5 + epson-xp-790 + Epson XP790 Printer + + + + + + b8:e8:56:46:70:50 + 192.168.2.6 + nikita-macbook + Nikitas Macbook Pro + + + + + + 1c:36:bb:7d:8a:c0 + 192.168.2.9 + mat-apple-watch-v3 + Mats Apple watch v3 + + + + + + b8:09:8a:c0:83:ad + 192.168.2.10 + mat-imac-sophys-room + Mats iMac 5k - Sophys room + + + + + + c0:a5:3e:e3:71:f5 + 192.168.2.20 + katie-apple-watch-v3 + Katies Apple watch v3 + + + + + + 84:ad:8d:bf:12:4a + 192.168.2.21 + katie-iphone-x + Katies iPhone X + + + + + + 74:75:48:22:b8:0d + 192.168.2.31 + firetv-bedroom + Fire TV Bedroom + + + 10:09:f9:7a:c1:57 + 192.168.2.33 + firetv-cube-front-room + FireTv Cube - Front Room + + + + + + 1c:9e:46:08:a1:25 + 192.168.2.40 + jessica-ipad-mini + Jessicas iPad Mini + + + 68:db:f5:bc:0d:b9 + 192.168.2.42 + jessica-echo-dot + Jessicas Echo Dot + + + + + + a0:02:dc:79:4b:50 + 192.168.2.43 + jessica-fire-tv + + + + + + 42:a1:19:f7:55:36 + 192.168.2.50 + david-ipad + Davids iPad + + + + + + 08:12:a5:40:1a:1c + 192.168.2.52 + david-echo-dot + Davids Echo dot + 1 + + + + + + da:e7:32:78:34:a0 + 192.168.2.53 + david-iphone-11 + + + + + + 40:83:1d:4f:3c:b4 + 192.168.2.64 + nikita-new-iphone + Nikitas New Phone + + + 60:5b:b4:8f:77:07 + 192.168.2.65 + nikita-ps4 + Nikitas PS4 + + + + + + 14:cc:20:27:fb:44 + 192.168.2.73 + tplink-usb + USB TPlink Wifi + + + + + + 28:c5:38:84:28:ae + 192.168.2.94 + Louis-iPhone + Louis iPhone 13 Pro Max + + + + + + f0:08:d1:d3:f9:bc + 192.168.2.100 + esp_office_propagator + ESp32_1 Office Propagator + + + + + + dc:4f:22:7a:de:02 + 192.168.2.110 + inkbird1 + Inkbird Controller 1 + + + + + + 84:d8:1b:8b:68:be + 192.168.2.111 + tp-link-smart-3way-1 + TP Link Smart 3way switch - 1 + + + + + + 84:d8:1b:8b:69:0a + 192.168.2.112 + green-house-power-strip-1 + TP Link Greenhouse Power strip 1 + + + + + + b4:85:e1:1c:a3:91 + 192.168.3.4 + katie-iphone-12 + Katies iPhone 12 ( White ) + + + + + + fe:31:b9:21:40:2b + 192.168.10.1 + kali + KaliLinux + + + + + + bc:24:11:03:8f:48 + 192.168.20.10 + tactical + rmm tactical + dentalsupportuk.com + + + + + + 22:ba:b6:ce:41:1d + 192.168.20.32 + gluster-proxy + Gluster Proxy + + + + + + b4:7a:f1:a7:13:86 + 192.168.20.51 + g1 + Gluster1 + + + + + + b4:7a:f1:3c:79:5e + 192.168.20.52 + g2 + Gluster2 + + + + + + 5c:ba:2c:2c:06:60 + 192.168.20.53 + g3 + Gluster 3 + + + + + + 5c:ba:2c:2b:f2:68 + 192.168.20.54 + g4 + Gluster 4 + + + + + + b4:7a:f1:38:69:7a + 192.168.20.55 + backup1 + Backup Server 1 ( Striped 4 x 12TB ) + + + + + + b4:7a:f1:33:80:58 + 192.168.20.56 + backup2 + Backup Server 2 Gluster 3 x 12 TB + + + + + + f8:0f:41:fc:09:bb + 192.168.20.120 + gluster1 + Gluster OLD Server1 + + + + + + f8:0f:41:fc:13:76 + 192.168.20.121 + gluster2 + Gluster OLD Server2 + + + + + + 00:8c:fa:09:75:5d + 192.168.20.122 + gluster5 + Gluster OLD Server 5 + + + + + + 00:8c:fa:09:7c:f5 + 192.168.20.123 + gluster6 + Gluster OLD Server 6 + + + + + + 10:52:1c:64:5b:18 + 192.168.32.2 + esp32-shed1 + ESP32 1 + + + + + + 10:52:1c:64:73:9c + 192.168.32.3 + esp32-greenhouse1 + Esp32 Controller for pumps in Greenhouse + + + + + + a0:a3:b3:2a:98:c0 + 192.168.32.4 + esp32-greenhouse2 + + + + + + dc:4f:22:4d:9d:23 + 192.168.32.50 + dmxgo + + + + + + 84:f3:eb:64:8c:d3 + 192.168.32.101 + energy_1 + Energy socket 1 + + + + + + b4:e6:2d:1e:68:18 + 192.168.32.102 + energy_2 + Sheds Main heater socket for Stagins Area + + + + + + b4:e6:2d:1e:1e:84 + 192.168.32.103 + energy_3 + + + + + + bc:dd:c2:e3:52:ab + 192.168.32.104 + energy_4 + + + + + + 24:a1:60:17:02:29 + 192.168.32.105 + energy_5 + Energy 5 + + + + + + c4:dd:57:04:19:1f + 192.168.32.106 + energy_6 + + + + + + c4:dd:57:04:6c:61 + 192.168.32.107 + energy_7 + + + + + + 3c:61:05:12:ee:28 + 192.168.32.200 + esp32_poly + + + + + + 10:52:1c:62:aa:68 + 192.168.32.201 + esp32-greenhouse + + + + + + d8:d6:68:d8:12:77 + 192.168.32.202 + temp-humidity-colour-1 + + + + + + a0:a3:b3:2a:db:1c + 192.168.32.220 + pompe-ndertesa + + + + + + e2:34:4a:b5:e1:1f + 192.168.50.10 + humbug + Proxmox Server + + + + + + 38:ea:a7:a1:04:6f + 192.168.50.100 + bilbo + TrueNas + 1 + + + + + + 48:df:37:2d:25:60 + 192.168.50.101 + dumbledore + Truenas Proxmox Management link + + + + + + 74:ab:93:55:b0:d9 + 192.168.69.2 + blin-cam1 + + + + + + 62:0d:c3:83:cf:f0 + 192.168.100.1 + modem + modem + + + + + + ac:87:a3:21:9d:31 + 192.168.100.10 + iMat-5K + Mats iMac 5K + 1 + + + + + + 02:96:c4:7b:46:13 + 192.168.100.13 + ha + Homeassistant Proxmox + + + + + + b4:2e:99:a1:67:fa + 192.168.100.20 + mat-hackintosh + Mats Hackintosh + 1 + + + + + + bc:6e:76:01:97:a4 + 192.168.100.30 + cosy-heating + + + + + + 9c:b6:54:06:78:52 + 192.168.100.49 + media2 + Media 2 - ( GLUSTER ) + 1 + + + + + + 00:bb:3a:97:1b:1f + 192.168.100.50 + firetv-front-room + Front room FireTV + 1 + + + + + + b0:da:f9:52:7c:59 + 192.168.100.51 + virgin-media-tivo + Virgin Box + + + + + + 5c:49:7d:20:fd:58 + 192.168.100.52 + samsung-frontroom + Samsung TV front room + 1 + + + + + + 04:42:1a:95:50:52 + 192.168.100.60 + louis-pc + Louis PC + 1 + + + + + + 1c:1b:0d:e6:4f:6c + 192.168.100.61 + david-pc + Davids PC + 1 + + + + + + 1c:1b:0d:34:8c:b0 + 192.168.100.66 + jessica-pc + Jessicas PC + 1 + + + + + + 00:1c:bf:85:f7:ec + 192.168.100.67 + jesslaptop + + + + + + 0c:fe:45:63:29:c0 + 192.168.100.70 + nikita-ps4-wired + Nikitas PS4 Wired + 1 + + + + + + 2c:f0:5d:e4:da:a2 + 192.168.100.81 + audioz + Mats Audio PC - Ryzen + + + + + + 08:12:a5:42:d0:90 + 192.168.100.85 + jess-firetv-cube + + + + + + 0c:ee:99:61:03:5b + 192.168.100.86 + david-firetv-cube + + + + + + + + + + + public + + + 1 + 1 + 1 + 1 + 1 + 1 + + + + hybrid + + + 192.168.0.41/32 + + + 1 + + + + wan + + + + + inet + + mshillam@192.168.2.6 + + /firewall_nat_out_edit.php made changes + + wanip + 1 + + 1 + + mshillam@192.168.1.10 + + /firewall_nat_out_edit.php made changes + + + + + 10.100.0.0/24 + + + 1 + + + + wan + + + + + inet + + mshillam@192.168.1.10 + + /firewall_nat_out_edit.php made changes + + + 0 + + + mshillam@192.168.1.10 + + /firewall_nat_out_edit.php made changes + + + + + tcp + wan + + inet + + + + + nat_61d0e26867ca51.69694975 + 1 + 192.168.0.30 + 443 + + 1 + + + wanip + 443 + + + mshillam@192.168.250.138 + + /firewall_nat_edit.php made changes + + + mshillam@192.168.1.10 + + /firewall_nat_edit.php made changes + + + + tcp + wan + + inet + + + + + nat_61d0e2981ea0b4.36316537 + 192.168.0.30 + 80 + + 1 + + + wanip + 80 + + + mshillam@192.168.1.10 + + /firewall_nat_edit.php made changes + + + mshillam@192.168.1.10 + + /firewall_nat_edit.php made changes + + + + tcp + wan + + inet + + + + + nat_61e172ee5e2db6.55417174 + 192.168.0.32 + 2122 + + 1 + + + wanip + 2122 + + + mshillam@192.168.1.10 + + /firewall_nat_edit.php made changes + + + mshillam@192.168.1.10 + + /firewall_nat_edit.php made changes + + + + tcp + wan + + inet + + + + + nat_61f1358acec6d1.41516685 + 192.168.20.32 + 59349 + + 1 + + + wanip + 59349 + + + mshillam@192.168.1.10 + + /firewall_nat_edit.php made changes + + + mshillam@192.168.1.10 + + /firewall_nat_edit.php made changes + + + + tcp + wan + + inet + + + + + nat_61d9abe437c253.03770640 + 192.168.0.40 + MAIL_PORTS + + 1 + + + wanip + MAIL_PORTS + + + mshillam@192.168.1.10 + + /firewall_nat_edit.php made changes + + + mshillam@192.168.1.10 + + /firewall_nat_edit.php made changes + + + + udp + wan + + inet + + + + + nat_61ddd973cb6413.87351681 + 192.168.0.41 + 10000 + + 1 + + + wanip + 10000-10100 + + purenat + + mshillam@192.168.250.162 + + /firewall_nat_edit.php made changes + + + mshillam@192.168.1.10 + + /firewall_nat_edit.php made changes + + + + tcp/udp + wan + + inet + Wazuh Comm Ports Forward + + + + nat_691112a669f4f3.90718174 + 192.168.0.42 + Wazuh_Ports + + 1 + + + wanip + Wazuh_Ports + + purenat + + mshillam@192.168.250.162 + + /firewall_nat_edit.php made changes + + + mshillam@192.168.250.162 + + /firewall_nat_edit.php made changes + + + + udp + wan + + inet + + + + + nat_6439315a906da8.89657158 + 192.168.0.41 + 5060 + + 1 + + + wanip + 5060 + + purenat + + mshillam@192.168.1.10 + + /firewall_nat_edit.php made changes + + + mshillam@192.168.1.10 + + /firewall_nat_edit.php made changes + + + + tcp/udp + wan + + inet + QbitTorrent + + + + nat_64972efdc0eb78.57389754 + 192.168.1.10 + 27671 + + 1 + + + wanip + 27671 + + + mshillam@192.168.1.10 + + /firewall_nat_edit.php made changes + + + mshillam@192.168.1.10 + + /firewall_nat_edit.php made changes + + + + + + block + wan + inet + keep state + TEMP BLOCK DHCP + out + yes + 1 + 1 + +
TEMPLOCK
+ + + 1 + + + mshillam@192.168.250.162 + + /firewall_rules_edit.php made changes + + + mshillam@192.168.250.162 + + /firewall_rules_edit.php made changes + + 1 + + + pass + wan + inet + keep state + ALLOW SPARKHOST EMAILS THROUGH + in + yes + 1 + 1 + +
147.253.208.0/20
+ + + 1 + + + mshillam@192.168.250.162 + + /firewall_rules_edit.php made changes + + + mshillam@192.168.250.162 + + /firewall_rules_edit.php made changes + + + + block + opt1,lan,lo0,openvpn,wan + inet + keep state + Dodgy MAC block + any + yes + 1 + 1 + +
192.168.69.69/24
+ + + 1 + + + mshillam@192.168.1.10 + + /firewall_rules_edit.php made changes + + + mshillam@192.168.1.10 + + /firewall_rules_edit.php made changes + + + + block + lan,wan + inet6 + keep state + Block all IPv6 and Do NOT log + any + yes + 1 + + 1 + + + 1 + + + mshillam@192.168.1.10 + + /firewall_rules_edit.php made changes + + + root@192.168.2.6 + + /firewall_rules_edit.php made changes + + + + block + lan,wan + inet46 + keep state + Block Malicious IP's + any + malware + yes + 1 + 1 + + 1 + + +
UT_malicious_ips
+ + + mshillam@192.168.1.10 + + /firewall_rules_edit.php made changes + + + mshillam@192.168.1.10 + + /firewall_rules_edit.php made changes + + + + block + wan + inet + keep state + in + yes + 1 + 1 + +
178.208.164.0/22
+ + + 1 + + + mshillam@192.168.1.10 + + /firewall_rules_edit.php made changes + + + mshillam@192.168.1.10 + + /firewall_rules_edit.php made changes + + + + block + wan + inet + keep state + in + yes + 1 + 1 + +
178.208.172.0/22
+ + + 1 + + + mshillam@192.168.1.10 + + /firewall_rules_edit.php made changes + + + mshillam@192.168.1.10 + + /firewall_rules_edit.php made changes + + + + pass + lan + inet + keep state + Allow all essential devices + in + yes + 1 + +
essential_devices
+ + + 1 + + + mshillam@192.168.1.10 + + /firewall_rules_edit.php made changes + + + mshillam@192.168.2.6 + + /firewall_rules_edit.php made changes + + + + block + wan + inet46 + keep state + Block AbuseIPDB ALL + in + 1 + 1 + +
Blocklist_AbuseIPDB_all
+ + + 1 + + + mshillam@192.168.250.162 + + /firewall_rules_edit.php made changes + + + mshillam@192.168.250.162 + + /firewall_rules_edit.php made changes + + + + pass + wan + inet + keep state + Allow Wireguard Clients + in + 1 + udp + + 1 + + + wanip + 51820 + + + mshillam@10.10.10.2 + + /firewall_rules_edit.php made changes + + + mshillam@192.168.1.10 + + /firewall_rules_edit.php made changes + + + + pass + wan + inet + keep state + Allow ALL UK to VOIP. + in + countries + 1 + 1 + +
uk_only
+ + +
192.168.0.41
+ + + mshillam@192.168.1.10 + + /firewall_rules_edit.php made changes + + + mshillam@192.168.1.10 + + /firewall_rules_edit.php made changes + + + + block + wan + inet46 + keep state + Block Shite countries from Core Services + in + countries + 1 + 1 + +
block_shite_countries
+ + +
core_services
+ + + mshillam@192.168.250.162 + + /firewall_rules_edit.php made changes + + + mshillam@192.168.250.162 + + /firewall_rules_edit.php made changes + + + + block + wan + inet + keep state + Block ALL from VOIP. + in + countries + 1 + 1 + + 1 + + +
192.168.0.41
+ + + mshillam@192.168.1.10 + + /firewall_rules_edit.php made changes + + + mshillam@192.168.1.10 + + /firewall_rules_edit.php made changes + + + + + 1 + + wan + keep state + tcp + inet + +
192.168.0.30
+ 443 + + + + nat_61d0e26867ca51.69694975 + + mshillam@192.168.1.10 + + /firewall_nat_edit.php made changes + + 1 + + + + 1 + + wan + keep state + tcp + inet + +
192.168.0.30
+ 80 + + + + nat_61d0e2981ea0b4.36316537 + + mshillam@192.168.1.10 + + /firewall_nat_edit.php made changes + + 1 + + + + 1 + + wan + keep state + tcp + inet + +
192.168.0.40
+ MAIL_PORTS + + + + nat_61d9abe437c253.03770640 + + mshillam@192.168.1.10 + + /firewall_nat_edit.php made changes + + + + + 1 + + wan + keep state + udp + inet + +
192.168.0.41
+ 10000-10100 + + + + nat_61ddd973cb6413.87351681 + + mshillam@192.168.1.10 + + /firewall_nat_edit.php made changes + + + + + 1 + + wan + keep state + tcp + inet + +
192.168.0.32
+ 2122 + + + + nat_61e172ee5e2db6.55417174 + + mshillam@192.168.1.10 + + /firewall_nat_edit.php made changes + + + + + 1 + + wan + keep state + tcp + inet + +
192.168.20.32
+ 59349 + + + + nat_61f1358acec6d1.41516685 + + mshillam@192.168.1.10 + + /firewall_nat_edit.php made changes + + + + + 1 + + wan + keep state + udp + inet + +
192.168.0.41
+ 5060 + + + + nat_6439315a906da8.89657158 + + mshillam@192.168.1.10 + + /firewall_nat_edit.php made changes + + + + + 1 + + wan + keep state + tcp/udp + inet + +
192.168.1.10
+ 27671 + + QbitTorrent + + nat_64972efdc0eb78.57389754 + + mshillam@192.168.1.10 + + /firewall_nat_edit.php made changes + + + + pass + lan + inet + keep state + Default allow LAN to any rule + in + 1 + + lan + + + 1 + + + mshillam@192.168.1.10 + + /firewall_rules_edit.php made changes + + 1 + + + pass + lan + inet + keep state + Allow access from secondary router LAN to primary router networks and the Internet + in + 1 + +
10.100.0.0/24
+ + + 1 + + + mshillam@192.168.1.10 + + /firewall_rules_edit.php made changes + + + mshillam@192.168.1.10 + + /firewall_rules_edit.php made changes + + + + pass + lan + inet + keep state + Allow access to all devices on the secondary router LAN + in + 1 + tcp/udp + + lan + + +
10.100.0.0/24
+ + + mshillam@192.168.1.10 + + /firewall_rules_edit.php made changes + + + mshillam@192.168.1.10 + + /firewall_rules_edit.php made changes + + + + OpenVPN Remote My Dental Security Staf wizard + + 1 + + + 1 + + openvpn + pass + on + + root@192.168.2.6 + + /wizard.php made changes + + 1 + + + pass + opt2 + inet + keep state + in + 1 + + opt2 + + + 1 + + + mshillam@10.10.10.2 + + /firewall_rules_edit.php made changes + + + mshillam@192.168.1.10 + + /firewall_rules_edit.php made changes + + + + pass + wireguard + inet + keep state + WG WAN to LAN + in + 1 + +
WIREGUARD_CLIENTS
+ + + 1 + + + mshillam@192.168.100.20 + + /firewall_rules_edit.php made changes + + + mshillam@192.168.100.20 + + /firewall_rules_edit.php made changes + + + + pass + nat_691112a669f4f3.90718174 + + 1 + + wan + keep state + tcp/udp + inet + +
192.168.0.42
+ Wazuh_Ports + + Wazuh Comm Ports Forward + + + mshillam@192.168.250.162 + + /firewall_nat_edit.php made changes + + + + + wireguard + any + any + 24 + any + 24 + 1380 + Wireguard MSS Clamping IPv4 + + mshillam@192.168.1.10 + + /firewall_scrub_edit.php made changes + + + mshillam@192.168.1.10 + + /firewall_scrub_edit.php made changes + + + + yes + + + + + + + ICMP + icmp + ICMP + + + + TCP + tcp + Generic TCP + + + + HTTP + http + Generic HTTP + + / + + 200 + + + + HTTPS + https + Generic HTTPS + + / + + 200 + + + + SMTP + send + Generic SMTP + + + 220 * + + + + + 0.opnsense.pool.ntp.org + + + interface_statistics-container:00000000-col1:show,system_information-container:00000001-col1:show,gateways-container:00000002-col2:show,interface_list-container:00000003-col2:show,dyn_dns_status-container:00000004-col2:show,traffic_graphs-container:00000005-col2:show,services_status-container:00000006-col4:show + 2 + 1 + WAN_DHCP,LandLab + + + mshillam@192.168.250.162 + /diag_backup.php made changes + + + + + + + + + 1 + lan + + + + + + + + + + 0 + wan + wan + + + + + 5060 + 7070 + 7089 + 300 + 46 + 0 + 0 + 0 + 0 + 600 + 500 + 20 + + 0 + 0 + 0 + + 1 + 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16 + 1 + 217.0.23.100/32 + 1 + 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16 + 0 + + + + + + + + + + malware + 1 + + + + countries + 1 + + + + + + + + + + + + https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-Country-CSV&license_key=bUDDilXVKtjByVCi&suffix=zip + + + + 1 + david_ipad + host + + + + 0 + + 192.168.2.50 + + + + + + Davids iPad + + + 1 + david_pc + host + + + + 0 + + 192.168.100.61 + + + + + + Davids PC + + + 1 + jessica_ipad_mini + host + + + + 0 + + 192.168.2.40 + + + + + + Jessicas iPad mini + + + 1 + jessica_iphone_7 + host + + + + 0 + + 192.168.2.41 + + + + + + Jessicas iPhone 7 + + + 1 + jessica_pc + host + + + + 0 + + 192.168.100.66 + + + + + + Jessicas PC + + + 1 + louis_iphone_7 + host + + + + 0 + + 192.168.2.92 + + + + + + Louis iPhone 7 + + + 1 + louis_pc + host + + + + 0 + + 192.168.100.60 + + + + + + Louis PC + + + 1 + nikita_iphone_7 + host + + + + 0 + + 192.168.2.64 + + + + + + Nikitas iPhone 7 + + + 1 + nikitas_laptop + host + + + + 0 + + 192.168.2.61 + + + + + + Nikitas Laptop + + + 1 + unifi_ap_downstairs + host + + + + 0 + + 192.168.2.3 + + + + + + Unifi Access point - Downstairs + + + 1 + canon_mg6600_printer + host + + + + 0 + + 192.168.2.4 + + + + + + Canon Mg6600 Printer + + + 1 + matbook + host + + + + 0 + + 192.168.2.6 + + + + + + Mats Macbook Pro + + + 1 + mat_ipad_pro + host + + + + 0 + + 192.168.2.7 + + + + + + Mats iPad Pro + + + 1 + mat_iphone_x + host + + + + 0 + + 192.168.2.8 + + + + + + Mats iPhone X + + + 1 + mat_apple_watch_v3 + host + + + + 0 + + 192.168.2.9 + + + + + + Mats Apple watch v3 + + + 1 + mat_imac_5k_sophys_room + host + + + + 0 + + 192.168.2.10 + + + + + + Mats iMac 5k -Sophys room + + + 1 + katie_apple_watch_v3 + host + + + + 0 + + 192.168.2.20 + + + + + + Katies Apple watch v3 + + + 1 + katie_iphone_x + host + + + + 0 + + 192.168.2.21 + + + + + + Katies iPhone X + + + 1 + fire_tv_front_room + host + + + + 0 + + 192.168.100.50 + + + + + + Fire TV - Front Room + + + 1 + fire_tv_bedroom + host + + + + 0 + + 192.168.2.31 + + + + + + Fire TV Bedroom + + + 1 + samsung_tv_front_room + host + + + + 0 + + 192.168.100.52 + + + + + + Samsung TV - Front room + + + 1 + mat_hackintosh + host + + + + 0 + + 192.168.100.20 + + + + + + Mats Hackintosh + + + 1 + media1 + host + + + + 0 + + 192.168.100.48 + + + + + + Media 1 + + + 1 + media2 + host + + + + 0 + + 192.168.100.49 + + + + + + Media 2 + + + 1 + essential_devices + host + + + + 0 + + unifi_ap_downstairs +canon_mg6600_printer +matbook +mat_ipad_pro +mat_iphone_x +mat_apple_watch_v3 +katie_apple_watch_v3 +katie_iphone_x +fire_tv_front_room +fire_tv_bedroom +samsung_tv_front_room +mat_hackintosh +media1 +media2 +guest_devices +cosy_heating +jessica_echo_dot +david_echo_dot +epson_xp_790 +sophy_iphone +sophy_laptop +virgin_box +nikita_ps4 +albert_pc +sophy_ps4 +mats_iphone_11_pro +katie_iphone_11_pro_2 +192.168.2.192 +192.168.2.194 +192.168.2.199 +esp32_1 +albert_iphone_xr +dad_pc +albert_new_pc +mat_hackintosh_wifi +inkbird_1 +ha +tp_link_smart_3way_1 +nikita_devices +jessica_devices +david_devices +tp_link_wifi +home_assistant +shed_socket_heater1 +energy_1 +unifi_ap2 +esp_devices +david_ipad +all_mats_devices +Internal_infrastructure +katies_devices +louis_devices +albert_devices +blink_devices +fire_tv_cube_front_room +192.168.100.85 +192.168.100.86 +nikita_pc +management +proxmox_network +192.168.249.1 +SecondaryRouter +wireless_pc + + + + + + All our essential devices ( online always! ) + + + 1 + louis_devices + host + + + + 0 + + louis_iphone_7 +louis_pc +192.168.2.93 +192.168.2.94 + + + + + + Louis stuff + + + 1 + nikita_devices + host + + + + 0 + + nikita_iphone_7 +nikitas_laptop +mat_imac_5k_sophys_room + + + + + + Nikitas stuff + + + 1 + jessica_devices + host + + + + 0 + + jessica_ipad_mini +jessica_iphone_7 +jessica_pc +jessica_echo_dot +jessica_fire_tv +jess_laptop +savannah_phone + + + + + + Jessicas stuff + + + 1 + david_devices + host + + + + 0 + + david_ipad +david_pc +david_iphones + + + + + + Davids stuff + + + 1 + guest_devices + host + + + + 0 + + + + + + + + Guest's Devices to allow + + + 1 + cosy_heating + host + + + + 0 + + 192.168.100.30 + + + + + + Cosy heating system + + + 1 + david_iphones + host + + + + 0 + + 192.168.2.51 +192.168.2.53 + + + + + + Davids iPhone 7 + 11 + + + 1 + jessica_echo_dot + host + + + + 0 + + 192.168.2.42 + + + + + + Jessicas Echo dot + + + 1 + david_echo_dot + host + + + + 0 + + 192.168.2.52 + + + + + + Davids Echo dot + + + 1 + opnsense + host + + + + 0 + + 192.168.0.1 + + + + + + Opensense Server + + + 1 + epson_xp_790 + host + + + + 0 + + 192.168.2.5 + + + + + + Epson XP790 Printer + + + 1 + nikita_ps4 + host + + + + 0 + + 192.168.2.65 + + + + + + Nikitas PS4 + + + 1 + sophy_iphone + host + + + + 0 + + 192.168.2.70 + + + + + + Sophys iPhone + + + 1 + sophy_laptop + host + + + + 0 + + 192.168.2.71 + + + + + + Sophys Laptop + + + 1 + virgin_box + host + + + + 0 + + 192.168.100.51 + + + + + + Virgin box + + + 1 + nikita_ps4_wired + host + + + + 0 + + 192.168.100.70 + + + + + + Nikitas PS4 Wired + + + 1 + albert_pc + host + + + + 0 + + 192.168.100.80 + + + + + + Alberts PC + + + 1 + sophy_ps4 + host + + + + 0 + + 192.168.2.72 + + + + + + Sophys PS$ + + + 1 + mats_iphone_11_pro + host + + + + 0 + + 192.168.2.11 + + + + + + Mats iPhone 11 Pro Max + + + 1 + katie_iphone_11_pro_2 + host + + + + 0 + + 192.168.2.22 + + + + + + Katies iPhone 11 Max Pro 2 + + + 1 + esp32_1 + host + + + + 0 + + 192.168.2.100 + + + + + + ESP32_1 + + + 1 + albert_iphone_xr + host + + + + 0 + + 192.168.2.87 + + + + + + Alberts iPhone XR + + + 1 + jessica_fire_tv + host + + + + 0 + + 192.168.2.43 + + + + + + Jessicas fire TV stick + + + 1 + dad_pc + host + + + + 0 + + 192.168.100.81 + + + + + + Dads PC + + + 1 + albert_new_pc + host + + + + 0 + + 192.168.100.82 + + + + + + Alberts new pc + + + 1 + mat_hackintosh_wifi + host + + + + 0 + + 192.168.2.12 + + + + + + Mats Hackintosh Wifi + + + 1 + inkbird_1 + host + + + + 0 + + 192.168.2.110 + + + + + + Inkbird Controller 1 + + + 1 + ha + host + + + + 0 + + 192.168.2.13 + + + + + + Home Assistant Parallels + + + 1 + tp_link_smart_3way_1 + host + + + + 0 + + 192.168.2.111 + + + + + + TP Link Smart 3way - 1 + + + 1 + tp_link_wifi + host + + + + 0 + + 192.168.2.73 + + + + + + USB TPLink Wifi + + + 1 + home_assistant + host + + + + 0 + + 192.168.100.13 + + + + + + Home Assistant - Parallels + + + 1 + shed_socket_heater1 + host + + + + 0 + + 192.168.2.121 + + + + + + Sheds Socket for Heater 1 Staging area + + + 1 + energy_1 + host + + + + 0 + + 192.168.2.122 + + + + + + Energy socket 1 + + + 1 + unifi_ap2 + host + + + + 0 + + 192.168.2.2 + + + + + + + + + 1 + esp_devices + network + + + + 0 + + 192.168.32.0/24 + + + + + + ESP Devices + + + 1 + trading_view + host + + + + 0 + + 52.89.214.238 +34.212.75.30 +54.218.53.128 +52.32.178.7 + + + + + + Tradingview allow ips + + + 1 + all_mats_devices + network + + + + 0 + + 192.168.1.0/24 +192.168.10.0/24 +192.168.249.0/24 +192.168.250.0/24 + + + + + + All Mats devices + + + 1 + Internal_infrastructure + network + + + + 0 + + 192.168.50.0/24 + + + + + + + + + 1 + WIREGUARD_CLIENTS + network + + + + 0 + + 10.10.10.0/24 + + + + + + Wireguard Clients + + + 1 + katies_devices + network + + + + 0 + + 192.168.3.0/24 + + + + + + Katies Devices + + + 1 + albert_devices + network + + + + 0 + + 192.168.33.0/24 +albert_latest_pc +192.168.100.84 +192.168.100.79 + + + + + + Alberts Devices + + + 1 + jess_laptop + host + + + + 0 + + 192.168.100.67 + + + + + + + + + 1 + blink_devices + network + + + + 0 + + 192.168.69.0/24 + + + + + + + + + 1 + savannah_phone + host + + + + 0 + + 192.168.2.44 + + + + + + + + + 1 + albert_latest_pc + host + + + + 0 + + 192.168.100.83 + + + + + + Alberts Latest PC + + + 1 + fire_tv_cube_front_room + host + + + + 0 + + 192.168.2.33 + + + + + + Fire TV Cube - Front Room + + + 1 + nikita_pc + host + + + + 0 + + 192.168.2.66 + + + + + + Nikitas PC + + + 1 + management + network + + + + 0 + + 192.168.0.1/24 +192.168.250.1/24 + + + + + + Management devices + + + 1 + netgear_sw_8p_bedroom + host + + + + 0 + + 192.168.0.3 + + + + + + Netgear 8 Port Switch - Bedroom + + + 1 + ng_sw_24p_office + host + + + + 0 + + 192.168.0.4 + + + + + + Netgear 24 Port Switch - Office + + + 1 + MAIL_PORTS + port + + + + 0 + + 25 +465 +143 +587 +993 +4190 + + + + + + Mail ports for forwarding to Mail Server + + + 1 + proxmox_network + network + + + + 0 + + 192.168.20.0/24 + + + + + + Proxmox g1 g2 etc + + + 1 + UT_malicious_ips + urltable + + + + 0 + 0.5 + https://www.spamhaus.org/drop/drop.txt https://www.spamhaus.org/drop/edrop.txt https://www.spamhaus.org/drop/dropv6.txt https://iplists.firehol.org/files/dshield_30d.netset + + + + + + Malicious IP Lists + + + 1 + uk_only + geoip + + + + 0 + + GB +AL + + + + + 837c5309-3f56-4048-88ac-bf7797250f18 + UK only IP's + + + 1 + Wazuh_Ports + port + + + + 0 + + 1514 +1515 +55000 + + + + + + + + + 1 + Wireguard + port + + + + 0 + + 51820 + + + + + + Wireguard port + + + 1 + SecondaryRouter + network + + + + 0 + + 10.100.0.0/24 + + + + + + Secondary Router Lan + + + 1 + block_shite_countries + geoip + + + + 0 + + AO +BF +BI +BJ +BW +CD +CF +CG +CI +CM +DJ +DZ +EG +EH +ER +ET +GA +GH +GM +GN +GQ +GW +KE +LR +LS +LY +MA +ML +MR +MW +MZ +NA +NE +NG +RW +SD +SL +SN +SO +SS +ST +SZ +TD +TG +TN +TZ +UG +ZA +ZM +ZW +AG +AI +AR +AW +BB +BL +BO +BQ +BR +BS +BZ +CL +CO +CR +CU +CW +DM +DO +EC +GD +GF +GL +GP +GT +GY +HN +HT +JM +KN +KY +LC +MF +MQ +MS +MX +NI +PA +PE +PM +PR +PY +SR +SV +SX +TC +TT +UY +VC +VE +VG +VI +AQ +SJ +AF +AM +AZ +BD +BH +BN +BT +CY +GE +ID +IL +IN +IQ +IR +JO +JP +KG +KH +KP +KR +KW +KZ +LA +LB +LK +MM +MN +MO +MY +NP +OM +PH +PK +PS +QA +SA +SY +TH +TJ +TL +TM +UZ +VN +YE +BM +CV +FK +FO +GS +IS +SH +EU +AD +AX +BY +EE +LI +LT +LU +LV +MC +MD +PL +RS +RU +SM +UA +VA +CC +CX +IO +KM +MG +MU +MV +RE +SC +TF +YT +AS +CK +FJ +FM +GU +KI +MH +MP +NC +NF +NR +NU +NZ +PF +PG +PN +PW +SB +TK +TO +TV +UM +VU +WF +WS + + + + + + Block Shite countries + + + 1 + mail_server + host + + + + 0 + + 192.168.0.40 + + + + + + + + + 1 + web_server + host + + + + 0 + + 192.168.0.40 + + + + + + + + + 1 + nginx_proxy + host + + + + 0 + + 192.168.0.30 + + + + + + + + + 1 + next_cloud + host + + + + 0 + + 192.168.0.50 + + + + + + + + + 1 + core_services + host + + + + 0 + + mail_server +web_server +nginx_proxy +next_cloud +voip_server + + + + + + + + + 1 + Blocklist_AbuseIPDB1 + urltable + + + + 0 + 0.16666666666666666 + https://raw.githubusercontent.com/cscmh/AbuseIPDB/refs/heads/main/abuseipdb1.txt + + + + + + AbuseIPDB 1 + + + 1 + Blocklist_AbuseIPDB2 + urltable + + + + 0 + 0.16666666666666666 + https://raw.githubusercontent.com/cscmh/AbuseIPDB/refs/heads/main/abuseipdb2.txt + + + + + + AbuseIPDB 2 + + + 1 + Blocklist_AbuseIPDB3 + urltable + + + + 0 + 0.16666666666666666 + https://raw.githubusercontent.com/cscmh/AbuseIPDB/refs/heads/main/abuseipdb3.txt + + + + + + AbuseIPDB 3 + + + 1 + Blocklist_AbuseIPDB4 + urltable + + + + 0 + 0.16666666666666666 + https://raw.githubusercontent.com/cscmh/AbuseIPDB/refs/heads/main/abuseipdb4.txt + + + + + + AbuseIPDB 4 + + + 1 + Blocklist_AbuseIPDB_all + host + + + + 0 + + Blocklist_AbuseIPDB1 +Blocklist_AbuseIPDB2 +Blocklist_AbuseIPDB3 +Blocklist_AbuseIPDB4 + + + + + + Blocklist AbuseIPDB ALL! + + + 1 + voip_server + host + + + + 0 + + + + + + + + Voip PBX Server + + + 1 + TEMPLOCK + host + + + + 0 + + 192.168.250.186-192.168.250.248 + + + + + + TEMP BLOCK + + + 1 + wireless_pc + host + + + + 0 + + 192.168.250.106 + + + + + + + + + + + + + + + + + + + + + + + 10000 + 0 + 10 + Mbit + + src-ip + + + 0 + + + 0 + 0 + + + + TrafficShaper + + PipeUp-18Mbps + + + 10001 + 0 + 900 + Mbit + 2 + none + + fq_codel + 1 + + + 0 + 0 + 2700 + + + TrafficShaper + + Download + + + 10002 + 0 + 54 + Mbit + + none + + fq_codel + 0 + + + 1 + 0 + + + + TrafficShaper + 1 + Upload + + + 10003 + 0 + 30 + Kbit + + src-ip + + + 0 + + + 0 + 0 + + + + TrafficShaper + + PipeUp-30Kbps + + + + + 10000 + 0 + 675f6f4d-cf3d-467f-84f6-319a4daad0bb + 10 + none + + 0 + + + 0 + 0 + Queue-59349 + TrafficShaper + + + 10001 + 0 + 9bd79685-8663-485d-a938-60ddba240284 + 100 + dst-ip + + 0 + + + 1 + 0 + Download Queue + TrafficShaper + + + 10002 + 0 + f2a0b8e9-0acf-4da0-809b-e0e93602a13b + 100 + src-ip + + 0 + + + 1 + 0 + Upload Queue + TrafficShaper + + + 10003 + 0 + 91a7f402-9dd9-4949-9733-3b4f168d89bc + 10 + none + + 0 + + + 0 + 0 + Queue-WOW + TrafficShaper + + + + + 0 + 1 + wan + + ip + + 192.168.20.32 + 0 + any + any + 0 + any + + + 675f6f4d-cf3d-467f-84f6-319a4daad0bb + Gluster-Proxy + TrafficShaper + + + 0 + 2 + wan + + ip + + any + 0 + any + any + 0 + any + + in + b7dcbf65-986d-4511-8ba6-8eb89edda598 + Download Rule + TrafficShaper + + + 0 + 3 + wan + + ip + + any + 0 + any + any + 0 + any + + out + 2a756398-08a3-4312-9a2e-1ef291ec36b3 + Upload rule + TrafficShaper + + + 0 + 4 + wan + + ip + + any + 0 + 1119 + any + 0 + any + + + 91a7f402-9dd9-4949-9733-3b4f168d89bc + WoW + TrafficShaper + + + 0 + 5 + wan + + ip + + any + 0 + any + any + 0 + 1119 + + + 91a7f402-9dd9-4949-9733-3b4f168d89bc + WoW + TrafficShaper + + + + + + 1 + 1 + 31 + + + + + + + + + + + + lan,wan + wan + v9 + 127.0.0.1:2056 + + + 1 + + 1800 + 15 + + + + 0 + + 3333 + + + + + + + + 0 + opnsense + + + + 1 + 1 + + + + + + 0 + on + strip + 1 + 1 + 0 + + admin@localhost.local + + + + 0 + /var/squid/cache + 256 + + + always + 100 + 16 + 256 + 0 + 0 + + + + 0 + 2048 + 1024 + 1024 + 256 + + + 0 + + 0 + username + password + + + + + + + lan + 3128 + 3129 + 0 + 0 + + + 4 + 5 + 0 + 3401 + public + + 2121 + 0 + 1 + 0 + + + + + + + + + + + 80:http,21:ftp,443:https,70:gopher,210:wais,1025-65535:unregistered ports,280:http-mgmt,488:gss-http,591:filemaker,777:multiling http + 443:https + + + + + + + 0 + icap://[::1]:1344/avscan + icap://[::1]:1344/avscan + 1 + 0 + 0 + X-Username + 1 + 1024 + 60 + + + + + + OPNsense proxy authentication + 2 + 5 + + + + +