opnsense debug.pfftpproxy Disable the pf ftp proxy handler. vfs.read_max Increase UFS read-ahead speeds to match current state of hard drives and NCQ. More information here: http://ivoras.sharanet.org/blog/tree/2010-11-19.ufs-read-ahead.html net.inet.ip.portrange.first Set the ephemeral port range to be lower. net.inet.tcp.blackhole Drop packets to closed TCP ports without returning a RST net.inet.udp.blackhole Do not send ICMP port unreachable messages for closed UDP ports net.inet.ip.random_id Randomize the ID field in IP packets (default is 0: sequential IP IDs) net.inet.ip.sourceroute Source routing is another way for an attacker to try to reach non-routable addresses behind your box. It can also be used to probe for information about your internal networks. These functions come enabled as part of the standard FreeBSD core system. net.inet.ip.accept_sourceroute Source routing is another way for an attacker to try to reach non-routable addresses behind your box. It can also be used to probe for information about your internal networks. These functions come enabled as part of the standard FreeBSD core system. net.inet.icmp.drop_redirect Redirect attacks are the purposeful mass-issuing of ICMP type 5 packets. In a normal network, redirects to the end stations should not be required. This option enables the NIC to drop all inbound ICMP redirect packets without returning a response. net.inet.icmp.log_redirect This option turns off the logging of redirect packets because there is no limit and this could fill up your logs consuming your whole hard drive. net.inet.tcp.drop_synfin Drop SYN-FIN packets (breaks RFC1379, but nobody uses it anyway) net.inet.ip.redirect Enable sending IPv4 redirects net.inet6.ip6.redirect Enable sending IPv6 redirects net.inet6.ip6.use_tempaddr Enable privacy settings for IPv6 (RFC 4941) net.inet6.ip6.prefer_tempaddr Prefer privacy addresses and use them over the normal addresses net.inet.tcp.syncookies Generate SYN cookies for outbound SYN-ACK packets net.inet.tcp.recvspace Maximum incoming/outgoing TCP datagram size (receive) net.inet.tcp.sendspace Maximum incoming/outgoing TCP datagram size (send) net.inet.tcp.delayed_ack Do not delay ACK to try and piggyback it onto a data packet net.inet.udp.maxdgram Maximum outgoing UDP datagram size net.link.bridge.pfil_onlyip Handling of non-IP packets which are not passed to pfil (see if_bridge(4)) net.link.bridge.pfil_local_phys Set to 1 to additionally filter on the physical interface for locally destined packets net.link.bridge.pfil_member Set to 0 to disable filtering on the incoming and outgoing member interfaces. net.link.bridge.pfil_bridge Set to 1 to enable filtering on the bridge interface net.link.tap.user_open Allow unprivileged access to tap(4) device nodes kern.randompid Randomize PID's (see src/sys/kern/kern_fork.c: sysctl_kern_randompid()) net.inet.ip.intr_queue_maxlen Maximum size of the IP input queue hw.syscons.kbd_reboot Disable CTRL+ALT+Delete reboot from keyboard. net.inet.tcp.log_debug Enable TCP extended debugging net.inet.icmp.icmplim Set ICMP Limits net.inet.tcp.tso TCP Offload Engine net.inet.udp.checksum UDP Checksums kern.ipc.maxsockbuf Maximum socket buffer size dev.netmap.buf_num 1000000 Automatically added by Zenarmor: Max NETMAP buffers conservative hellfire home 1999 admins system System Administrators user-shell-access,page-all 0,2000 0 root 0 system c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSUVjRmpLT0MrVFdMdXJVL3EvSlFVYk1QMEFmTmFVVFdXWGUyenk4QkRzMnYgbWF0dGhld0BzaGlsbGFtLm1lLnVr $2b$10$fEJUP7gNN.UAaGQIL1zyKeuviU4nAFIfrOH9BlU83MiQxXXACEDOm System Administrator 2000 mshillam 0 user c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSUVjRmpLT0MrVFdMdXJVL3EvSlFVYk1QMEFmTmFVVFdXWGUyenk4QkRzMnYgbWF0dGhld0BzaGlsbGFtLm1lLnVr /bin/csh $2y$10$5Slr/aP9jkfFVhcZ8ESpau6AuvXbthuNpKOXOVh7GbEqnDk3SINCW matthew@shillam.me.uk dQLYP2Ks2Cee9EBcFJrY+wabKFG9wD95Wz16zq49hHmWosctpe6klIPNnm1iGmPsohIYHK033BFh+nLE|$6$$ZAF737T7DnDZidguYDDs3R5DOZ/PxpIZVNKXxaYps19VQAk5dT7pW0N3wlx1zUbTUZ97EEWc7g2j8ZAYtSZSD/ Matthew Shillam eyJvcHRpb25zIjpbXSwid2lkZ2V0cyI6W3siaWQiOiJzeXN0ZW1pbmZvcm1hdGlvbiIsIm1pblciOjIsIngiOjAsInkiOjAsImgiOjYyMCwid2lkZ2V0IjpbXSwidyI6Mn0seyJpZCI6Im1lbW9yeSIsIm1pblciOjEsIngiOjIsInkiOjAsImgiOjEwNiwid2lkZ2V0IjpbXSwidyI6bnVsbH0seyJpZCI6ImRpc2siLCJtaW5XIjoxLCJ4IjozLCJ5IjowLCJoIjoxMDYsIndpZGdldCI6W10sInciOm51bGx9LHsiaWQiOiJ0cmFmZmljIiwibWluVyI6MiwieCI6NCwieSI6MCwidyI6NCwiaCI6NDQ2LCJ3aWRnZXQiOnsiaW50ZXJmYWNlcyI6WyJsYW4iLCJ3YW4iXX19LHsiaWQiOiJzZXJ2aWNlcyIsIm1pblciOjIsIngiOjgsInkiOjAsInciOjQsInNpemVUb0NvbnRlbnQiOjY1MCwiaCI6NjUwLCJ3aWRnZXQiOltdfSx7ImlkIjoiZ2F0ZXdheXMiLCJtaW5XIjoyLCJ4IjoyLCJ5IjoxMDYsInNpemVUb0NvbnRlbnQiOjY1MCwiaCI6Mjg4LCJ3aWRnZXQiOnsiZ2F0ZXdheXMiOlsiZTliOGE5OTgtZDM5MC00MTg4LTgwYzQtZmQ2NTNmZGU3ODVhIiwiYjM2N2M1NWUtYjA3OC00YzU1LWFiMmItMWNlMGNmODM1NTVmIl19LCJ3IjoyfSx7ImlkIjoiY3B1IiwibWluVyI6MiwieCI6MiwieSI6Mzk0LCJoIjoxOTUsIndpZGdldCI6eyJncmFwaHMiOlsidG90YWwiXX0sInciOjJ9LHsiaWQiOiJmaXJld2FsbCIsIm1pblciOjIsIngiOjQsInkiOjQ0NiwidyI6NCwiaCI6MjU1LCJ3aWRnZXQiOltdfV19 2001 homeassistant 0 user $2y$10$/OwZwl6x4KSv7Dy88C1Vf.fAS98kQy7nEyKLTwx913DlsSQOQIcm6 dl9j7B6Qc9oNA7KesEGNm7UKb5WX7N+f/e0wOV2cDo7HYLwNAg2QC05uxy9+XqXdmZAlB1/nwpjYjrCx|$6$$.sQAwbMl0hDQdkyM0JIPxLWc8LLd8npnZ.6ddC2VhghMiRR9x0u5XDLJ6EqnJ0HYo25.FuH0cCrN4IWOmiohL1 Home Assistant 2002 2000 Europe/London 0.opnsense.pool.ntp.org 1.opnsense.pool.ntp.org 2.opnsense.pool.ntp.org 3.opnsense.pool.ntp.org http 6076e25ed3bf1 Local Database 1 hellfire.shillam.me.uk 1 1 1 1 hadp hadp hadp monthly 1 60 1 1 en_US 8.8.8.8 1.0.0.1 1.1.1.1 8.8.4.4 1 none none none none none none none none basic 1 https://nextcloud.nabble.co.uk mshillam a8r67h3XXiuB4Y OPNsense-Backup 1 https://gitea.shillam.me.uk/mshillam/hellfire2.git master 0 mshillam TWi7mE9rrxzXam yes 115200 video 1 enabled 1 admins 1 os-ddclient,os-git-backup,os-ntopng,os-redis,os-sensei,os-sensei-updater,os-speedtest-community,os-sunnyvalley,os-theme-cicada,os-theme-rebellion,os-theme-vicuna,os-upnp,os-zabbix-agent aesni 1 1 1 urgent igc0 1 192.168.0.1 16 1 Loopback 1 lo0 127.0.0.1 ::1 8 128 none 1 igb1 1 1 1 1 dhcp 32 SavedCfg 1 WireGuard (Group) wireguard 1 1 group 1 1 openvpn OpenVPN group 1 1 hmac-md5 192.168.250.1 192.168.250.254 9c:c9:eb:d6:da:a6 192.168.0.3 ng-sw-8p-bedroom Netgear 8 Port Switch Bedroom - GS308T a0:63:91:b7:e2:14 192.168.0.4 ng-sw-24p-office Netgear 24 Port Switch - Office - GS724Tv4 44:d9:e7:ff:7c:0b 192.168.0.5 sw-ub-24p-shed Ubiquiti Switch - 24 Port - Shed - Edgeswitch Lite 44:d9:e7:ff:7c:47 192.168.0.6 sw-ub-24p-shed-2 Ubiquiti Edgeswitch Lite - Shed - For Gluster 42:4c:fa:d9:11:0e 192.168.0.21 zabbix Zabbix Monitoring 7a:fd:90:ae:6b:e5 192.168.0.30 docker Docker test system 46:0e:b7:b7:39:c5 192.168.0.32 fastpanel da:c7:4a:53:59:fb 192.168.0.33 git ee:e6:5b:54:ce:b1 192.168.0.40 mail Mailcow Docker deployment a2:c1:4a:ca:c9:1d 192.168.0.41 vitalpbx d6:8f:c4:b3:c8:16 192.168.0.42 wazuh Wazuh Server 5a:d9:6d:f5:19:d7 192.168.0.50 nc1 Nextcloud 1 - Test server 3c:1b:f8:4b:95:ac 192.168.0.100 nvr Annke DW81KD NVR bc:24:11:8b:f1:fb 192.168.0.101 cams Frigate Docker LXC container 90:31:4b:ad:fd:d7 192.168.0.102 cam-poly-front Wifi Camera Polytunnel Front 90:31:4b:ae:7b:23 192.168.0.103 cam-poly-back 88:66:5a:15:8a:9a 192.168.1.10 MatBook-Pro New Macbook Pro 16" 80:2a:a8:89:1b:0a 192.168.2.2 unifi-ap2 Shed 80:2a:a8:49:cd:f4 192.168.2.3 unifi-ap Ubiquiti Access Point 1 f4:e2:c6:e9:77:15 192.168.2.4 unifi-wifi6-hall Unifi Wifi 6 Pro Hall 44:d2:44:25:f9:47 192.168.2.5 epson-xp-790 Epson XP790 Printer b8:e8:56:46:70:50 192.168.2.6 nikita-macbook Nikitas Macbook Pro 1c:36:bb:7d:8a:c0 192.168.2.9 mat-apple-watch-v3 Mats Apple watch v3 b8:09:8a:c0:83:ad 192.168.2.10 mat-imac-sophys-room Mats iMac 5k - Sophys room c0:a5:3e:e3:71:f5 192.168.2.20 katie-apple-watch-v3 Katies Apple watch v3 74:75:48:22:b8:0d 192.168.2.31 firetv-bedroom Fire TV Bedroom 10:09:f9:7a:c1:57 192.168.2.33 firetv-cube-front-room FireTv Cube - Front Room 68:db:f5:bc:0d:b9 192.168.2.42 jessica-echo-dot Jessicas Echo Dot a0:02:dc:79:4b:50 192.168.2.43 jessica-fire-tv 42:a1:19:f7:55:36 192.168.2.50 david-ipad Davids iPad 08:12:a5:40:1a:1c 192.168.2.52 david-echo-dot Davids Echo dot 1 40:83:1d:4f:3c:b4 192.168.2.64 nikita-new-iphone Nikitas New Phone 60:5b:b4:8f:77:07 192.168.2.65 nikita-ps4 Nikitas PS4 28:c5:38:84:28:ae 192.168.2.94 Louis-iPhone Louis iPhone 13 Pro Max f0:08:d1:d3:f9:bc 192.168.2.100 esp_office_propagator ESp32_1 Office Propagator dc:4f:22:7a:de:02 192.168.2.110 inkbird1 Inkbird Controller 1 84:d8:1b:8b:68:be 192.168.2.111 tp-link-smart-3way-1 TP Link Smart 3way switch - 1 84:d8:1b:8b:69:0a 192.168.2.112 green-house-power-strip-1 TP Link Greenhouse Power strip 1 fe:31:b9:21:40:2b 192.168.10.1 kali KaliLinux bc:24:11:03:8f:48 192.168.20.10 tactical rmm tactical dentalsupportuk.com 22:ba:b6:ce:41:1d 192.168.20.32 gluster-proxy Gluster Proxy b4:7a:f1:a7:13:86 192.168.20.51 g1 Gluster1 b4:7a:f1:3c:79:5e 192.168.20.52 g2 Gluster2 5c:ba:2c:2c:06:60 192.168.20.53 g3 Gluster 3 5c:ba:2c:2b:f2:68 192.168.20.54 g4 Gluster 4 b4:7a:f1:38:69:7a 192.168.20.55 backup1 Backup Server 1 ( Striped 4 x 12TB ) b4:7a:f1:33:80:58 192.168.20.56 backup2 Backup Server 2 Gluster 3 x 12 TB f8:0f:41:fc:09:bb 192.168.20.120 gluster1 Gluster OLD Server1 f8:0f:41:fc:13:76 192.168.20.121 gluster2 Gluster OLD Server2 00:8c:fa:09:75:5d 192.168.20.122 gluster5 Gluster OLD Server 5 00:8c:fa:09:7c:f5 192.168.20.123 gluster6 Gluster OLD Server 6 10:52:1c:64:5b:18 192.168.32.2 esp32-shed1 ESP32 1 10:52:1c:64:73:9c 192.168.32.3 esp32-greenhouse1 Esp32 Controller for pumps in Greenhouse a0:a3:b3:2a:98:c0 192.168.32.4 esp32-greenhouse2 84:f3:eb:64:8c:d3 192.168.32.101 energy_1 Energy socket 1 b4:e6:2d:1e:68:18 192.168.32.102 energy_2 Sheds Main heater socket for Stagins Area b4:e6:2d:1e:1e:84 192.168.32.103 energy_3 bc:dd:c2:e3:52:ab 192.168.32.104 energy_4 24:a1:60:17:02:29 192.168.32.105 energy_5 Energy 5 c4:dd:57:04:19:1f 192.168.32.106 energy_6 c4:dd:57:04:6c:61 192.168.32.107 energy_7 3c:61:05:12:ee:28 192.168.32.200 esp32_poly 10:52:1c:62:aa:68 192.168.32.201 esp32-greenhouse d8:d6:68:d8:12:77 192.168.32.202 temp-humidity-colour-1 e2:34:4a:b5:e1:1f 192.168.50.10 humbug Proxmox Server 38:ea:a7:a1:04:6f 192.168.50.100 bilbo TrueNas 1 48:df:37:2d:25:60 192.168.50.101 dumbledore Truenas Proxmox Management link 74:ab:93:55:b0:d9 192.168.69.2 blin-cam1 02:96:c4:7b:46:13 192.168.100.13 ha Homeassistant Proxmox bc:6e:76:01:97:a4 192.168.100.30 cosy-heating public 1 1 1 1 1 1 hybrid 192.168.0.41/32 1 wan inet mshillam@192.168.2.6 /firewall_nat_out_edit.php made changes wanip 1 1 mshillam@192.168.1.10 /firewall_nat_out_edit.php made changes 1 192.168.250.209/32 1 wan inet mshillam@192.168.250.162 /firewall_nat_out_edit.php made changes 0 1 1 mshillam@192.168.250.162 /firewall_nat_out_edit.php made changes 10.100.0.0/24 1 wan inet mshillam@192.168.1.10 /firewall_nat_out_edit.php made changes 0 mshillam@192.168.1.10 /firewall_nat_out_edit.php made changes tcp wan inet nat_61d0e26867ca51.69694975 1 192.168.0.30 443 1 wanip 443 mshillam@192.168.250.138 /firewall_nat_edit.php made changes mshillam@192.168.1.10 /firewall_nat_edit.php made changes tcp wan inet nat_61d0e2981ea0b4.36316537 192.168.0.30 80 1 wanip 80 mshillam@192.168.1.10 /firewall_nat_edit.php made changes mshillam@192.168.1.10 /firewall_nat_edit.php made changes tcp wan inet SSH - FastPanel nat_61e172ee5e2db6.55417174 192.168.0.32 2122 1 wanip 2122 mshillam@192.168.250.162 /firewall_nat_edit.php made changes mshillam@192.168.1.10 /firewall_nat_edit.php made changes tcp wan inet SSH - Backup System nat_61f1358acec6d1.41516685 192.168.20.32 59349 1 wanip 59349 mshillam@192.168.250.162 /firewall_nat_edit.php made changes mshillam@192.168.1.10 /firewall_nat_edit.php made changes tcp wan inet nat_61d9abe437c253.03770640 192.168.0.40 MAIL_PORTS 1 wanip MAIL_PORTS mshillam@192.168.1.10 /firewall_nat_edit.php made changes mshillam@192.168.1.10 /firewall_nat_edit.php made changes udp wan inet SIP + RTP UDP forward to SHILLAM VoIP server nat_6914dd14467a85.86870511 192.168.250.209 PBX_SHILLAM_PORTS 1 wanip PBX_SHILLAM_PORTS purenat mshillam@192.168.250.162 /firewall_nat_edit.php made changes mshillam@192.168.250.162 /firewall_nat_edit.php made changes udp wan inet nat_6914dd3053c322.11146330 192.168.250.209 10000 1 wanip 10000-20000 purenat mshillam@192.168.250.162 /firewall_nat_edit.php made changes mshillam@192.168.250.162 /firewall_nat_edit.php made changes 1 tcp/udp wan inet Wazuh Comm Ports Forward nat_691112a669f4f3.90718174 192.168.0.42 Wazuh_Ports 1 wanip Wazuh_Ports purenat mshillam@192.168.250.162 /firewall_nat_edit.php made changes mshillam@192.168.250.162 /firewall_nat_edit.php made changes udp wan inet nat_61ddd973cb6413.87351681 192.168.0.41 10000 1 wanip 10000-10100 purenat mshillam@192.168.250.162 /firewall_nat_edit.php made changes mshillam@192.168.1.10 /firewall_nat_edit.php made changes 1 udp wan inet nat_6439315a906da8.89657158 192.168.0.41 5060 1 wanip 5060 purenat mshillam@192.168.1.10 /firewall_nat_edit.php made changes mshillam@192.168.1.10 /firewall_nat_edit.php made changes 1 tcp/udp wan inet QbitTorrent nat_64972efdc0eb78.57389754 192.168.250.162 27671 1 wanip 27671 mshillam@192.168.250.162 /firewall_nat_edit.php made changes mshillam@192.168.1.10 /firewall_nat_edit.php made changes udp wan inet Headscale nat_691a45b21bdfb2.70925554 192.168.0.30 3480 1 wanip 3480 mshillam@192.168.250.162 /firewall_nat_edit.php made changes mshillam@192.168.250.162 /firewall_nat_edit.php made changes tcp/udp wan inet NETBIRD_FORWARD nat_6927802d2c1a65.18189907 192.168.250.214 netbird_ports 1 wanip netbird_ports mshillam@192.168.250.211 /firewall_nat_edit.php made changes mshillam@192.168.250.211 /firewall_nat_edit.php made changes block lan,wan inet6 keep state Block all IPv6 and Do NOT log any yes 1 1 1 mshillam@192.168.1.10 /firewall_rules_edit.php made changes root@192.168.2.6 /firewall_rules_edit.php made changes block lan,wan inet46 keep state Block Malicious IP's any malware yes 1 1 1
UT_malicious_ips
 mshillam@192.168.1.10 /firewall_rules_edit.php made changes mshillam@192.168.1.10 /firewall_rules_edit.php made changes pass lan inet keep state Allow all essential devices in yes 1
essential_devices
1 mshillam@192.168.1.10 /firewall_rules_edit.php made changes mshillam@192.168.2.6 /firewall_rules_edit.php made changes block wan inet46 keep state Block AbuseIPDB ALL in 1 1
Blocklist_AbuseIPDB_all
1 mshillam@192.168.250.162 /firewall_rules_edit.php made changes mshillam@192.168.250.162 /firewall_rules_edit.php made changes pass wan inet keep state Allow Wireguard Clients in 1 udp 1 wanip 51820 mshillam@10.10.10.2 /firewall_rules_edit.php made changes mshillam@192.168.1.10 /firewall_rules_edit.php made changes block wan inet46 keep state Block Shite countries from Core Services in countries 1 1
block_shite_countries
core_services
 mshillam@192.168.250.162 /firewall_rules_edit.php made changes mshillam@192.168.250.162 /firewall_rules_edit.php made changes pass wan inet keep state Allow ALL UK to VOIP. in countries 1 1
uk_only
192.168.0.41
 mshillam@192.168.1.10 /firewall_rules_edit.php made changes mshillam@192.168.1.10 /firewall_rules_edit.php made changes block wan inet keep state Block ALL from VOIP. in countries 1 1 1
192.168.0.41
 mshillam@192.168.1.10 /firewall_rules_edit.php made changes mshillam@192.168.1.10 /firewall_rules_edit.php made changes 1 wan keep state tcp inet
192.168.0.30
443 nat_61d0e26867ca51.69694975 mshillam@192.168.1.10 /firewall_nat_edit.php made changes 1 1 wan keep state tcp inet
192.168.0.30
80 nat_61d0e2981ea0b4.36316537 mshillam@192.168.1.10 /firewall_nat_edit.php made changes 1 1 wan keep state tcp inet
192.168.0.40
MAIL_PORTS nat_61d9abe437c253.03770640 mshillam@192.168.1.10 /firewall_nat_edit.php made changes 1 wan keep state udp inet
192.168.0.41
10000-10100 nat_61ddd973cb6413.87351681 mshillam@192.168.1.10 /firewall_nat_edit.php made changes 1 1 wan keep state tcp inet
192.168.0.32
2122 SSH - FastPanel nat_61e172ee5e2db6.55417174 mshillam@192.168.1.10 /firewall_nat_edit.php made changes 1 wan keep state tcp inet
192.168.20.32
59349 SSH - Backup System nat_61f1358acec6d1.41516685 mshillam@192.168.1.10 /firewall_nat_edit.php made changes 1 wan keep state udp inet
192.168.0.41
5060 nat_6439315a906da8.89657158 mshillam@192.168.1.10 /firewall_nat_edit.php made changes 1 1 wan keep state tcp/udp inet
192.168.250.162
27671 QbitTorrent nat_64972efdc0eb78.57389754 mshillam@192.168.1.10 /firewall_nat_edit.php made changes pass lan inet keep state Default allow LAN to any rule in 1 lan 1 mshillam@192.168.1.10 /firewall_rules_edit.php made changes 1 pass lan inet keep state Allow access from secondary router LAN to primary router networks and the Internet in 1
10.100.0.0/24
1 mshillam@192.168.1.10 /firewall_rules_edit.php made changes mshillam@192.168.1.10 /firewall_rules_edit.php made changes pass lan inet keep state Allow access to all devices on the secondary router LAN in 1 tcp/udp lan
10.100.0.0/24
 mshillam@192.168.1.10 /firewall_rules_edit.php made changes mshillam@192.168.1.10 /firewall_rules_edit.php made changes OpenVPN Remote My Dental Security Staf wizard 1 1 openvpn pass on root@192.168.2.6 /wizard.php made changes 1 pass nat_691112a669f4f3.90718174 1 wan keep state tcp/udp inet
192.168.0.42
Wazuh_Ports Wazuh Comm Ports Forward mshillam@192.168.250.162 /firewall_nat_edit.php made changes pass nat_6914dd14467a85.86870511 1 wan keep state udp inet
192.168.250.209
PBX_SHILLAM_PORTS SIP + RTP UDP forward to SHILLAM VoIP server mshillam@192.168.250.162 /firewall_nat_edit.php made changes pass nat_6914dd3053c322.11146330 1 wan keep state udp inet
192.168.250.209
10000-20000 mshillam@192.168.250.162 /firewall_nat_edit.php made changes 1 pass nat_691a45b21bdfb2.70925554 1 wan keep state udp inet
192.168.0.30
3480 Headscale mshillam@192.168.250.162 /firewall_nat_edit.php made changes pass nat_6927802d2c1a65.18189907 1 wan keep state tcp/udp inet
192.168.250.214
netbird_ports NETBIRD_FORWARD mshillam@192.168.250.211 /firewall_nat_edit.php made changes wireguard any any 24 any 24 1380 Wireguard MSS Clamping IPv4 mshillam@192.168.1.10 /firewall_scrub_edit.php made changes mshillam@192.168.1.10 /firewall_scrub_edit.php made changes yes ICMP icmp ICMP TCP tcp Generic TCP HTTP http Generic HTTP / 200 HTTPS https Generic HTTPS / 200 SMTP send Generic SMTP 220 * 0.opnsense.pool.ntp.org interface_statistics-container:00000000-col1:show,system_information-container:00000001-col1:show,gateways-container:00000002-col2:show,interface_list-container:00000003-col2:show,dyn_dns_status-container:00000004-col2:show,traffic_graphs-container:00000005-col2:show,services_status-container:00000006-col4:show 2 1 WAN_DHCP,LandLab mshillam@192.168.250.211 /api/firewall/alias/add_item/ made changes 1 lan 0 wan wan 5060 7070 7089 300 46 0 0 0 0 600 500 20 0 0 0 1 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16 1 217.0.23.100/32 1 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16 0 malware 1 countries 1 https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-Country-CSV&license_key=bUDDilXVKtjByVCi&suffix=zip 1 david_ipad host 0 192.168.2.50 Davids iPad 1 david_pc host 0 192.168.100.61 Davids PC 1 jessica_ipad_mini host 0 192.168.2.40 Jessicas iPad mini 1 jessica_iphone_7 host 0 192.168.2.41 Jessicas iPhone 7 1 jessica_pc host 0 192.168.100.66 Jessicas PC 1 louis_iphone_7 host 0 192.168.2.92 Louis iPhone 7 1 louis_pc host 0 192.168.100.60 Louis PC 1 nikita_iphone_7 host 0 192.168.2.64 Nikitas iPhone 7 1 nikitas_laptop host 0 192.168.2.61 Nikitas Laptop 1 unifi_ap_downstairs host 0 192.168.2.3 Unifi Access point - Downstairs 1 canon_mg6600_printer host 0 192.168.2.4 Canon Mg6600 Printer 1 matbook host 0 192.168.2.6 Mats Macbook Pro 1 mat_ipad_pro host 0 192.168.2.7 Mats iPad Pro 1 mat_iphone_x host 0 192.168.2.8 Mats iPhone X 1 mat_apple_watch_v3 host 0 192.168.2.9 Mats Apple watch v3 1 mat_imac_5k_sophys_room host 0 192.168.2.10 Mats iMac 5k -Sophys room 1 katie_apple_watch_v3 host 0 192.168.2.20 Katies Apple watch v3 1 katie_iphone_x host 0 192.168.2.21 Katies iPhone X 1 fire_tv_front_room host 0 192.168.100.50 Fire TV - Front Room 1 fire_tv_bedroom host 0 192.168.2.31 Fire TV Bedroom 1 samsung_tv_front_room host 0 192.168.100.52 Samsung TV - Front room 1 mat_hackintosh host 0 192.168.100.20 Mats Hackintosh 1 media1 host 0 192.168.100.48 Media 1 1 media2 host 0 192.168.100.49 Media 2 1 essential_devices host 0 unifi_ap_downstairs canon_mg6600_printer matbook mat_ipad_pro mat_iphone_x mat_apple_watch_v3 katie_apple_watch_v3 katie_iphone_x fire_tv_front_room fire_tv_bedroom samsung_tv_front_room mat_hackintosh media1 media2 guest_devices cosy_heating jessica_echo_dot david_echo_dot epson_xp_790 sophy_iphone sophy_laptop virgin_box nikita_ps4 albert_pc sophy_ps4 mats_iphone_11_pro katie_iphone_11_pro_2 192.168.2.192 192.168.2.194 192.168.2.199 esp32_1 albert_iphone_xr dad_pc albert_new_pc mat_hackintosh_wifi inkbird_1 ha tp_link_smart_3way_1 nikita_devices jessica_devices david_devices tp_link_wifi home_assistant shed_socket_heater1 energy_1 unifi_ap2 esp_devices david_ipad all_mats_devices Internal_infrastructure katies_devices louis_devices albert_devices blink_devices fire_tv_cube_front_room 192.168.100.85 192.168.100.86 nikita_pc management proxmox_network 192.168.249.1 SecondaryRouter wireless_pc All our essential devices ( online always! ) 1 louis_devices host 0 louis_iphone_7 louis_pc 192.168.2.93 192.168.2.94 Louis stuff 1 nikita_devices host 0 nikita_iphone_7 nikitas_laptop mat_imac_5k_sophys_room Nikitas stuff 1 jessica_devices host 0 jessica_ipad_mini jessica_iphone_7 jessica_pc jessica_echo_dot jessica_fire_tv jess_laptop savannah_phone Jessicas stuff 1 david_devices host 0 david_ipad david_pc david_iphones Davids stuff 1 guest_devices host 0 Guest's Devices to allow 1 cosy_heating host 0 192.168.100.30 Cosy heating system 1 david_iphones host 0 192.168.2.51 192.168.2.53 Davids iPhone 7 + 11 1 jessica_echo_dot host 0 192.168.2.42 Jessicas Echo dot 1 david_echo_dot host 0 192.168.2.52 Davids Echo dot 1 opnsense host 0 192.168.0.1 Opensense Server 1 epson_xp_790 host 0 192.168.2.5 Epson XP790 Printer 1 nikita_ps4 host 0 192.168.2.65 Nikitas PS4 1 sophy_iphone host 0 192.168.2.70 Sophys iPhone 1 sophy_laptop host 0 192.168.2.71 Sophys Laptop 1 virgin_box host 0 192.168.100.51 Virgin box 1 nikita_ps4_wired host 0 192.168.100.70 Nikitas PS4 Wired 1 albert_pc host 0 192.168.100.80 Alberts PC 1 sophy_ps4 host 0 192.168.2.72 Sophys PS$ 1 mats_iphone_11_pro host 0 192.168.2.11 Mats iPhone 11 Pro Max 1 katie_iphone_11_pro_2 host 0 192.168.2.22 Katies iPhone 11 Max Pro 2 1 esp32_1 host 0 192.168.2.100 ESP32_1 1 albert_iphone_xr host 0 192.168.2.87 Alberts iPhone XR 1 jessica_fire_tv host 0 192.168.2.43 Jessicas fire TV stick 1 dad_pc host 0 192.168.100.81 Dads PC 1 albert_new_pc host 0 192.168.100.82 Alberts new pc 1 mat_hackintosh_wifi host 0 192.168.2.12 Mats Hackintosh Wifi 1 inkbird_1 host 0 192.168.2.110 Inkbird Controller 1 1 ha host 0 192.168.2.13 Home Assistant Parallels 1 tp_link_smart_3way_1 host 0 192.168.2.111 TP Link Smart 3way - 1 1 tp_link_wifi host 0 192.168.2.73 USB TPLink Wifi 1 home_assistant host 0 192.168.100.13 Home Assistant - Parallels 1 shed_socket_heater1 host 0 192.168.2.121 Sheds Socket for Heater 1 Staging area 1 energy_1 host 0 192.168.2.122 Energy socket 1 1 unifi_ap2 host 0 192.168.2.2 1 esp_devices network 0 192.168.32.0/24 ESP Devices 1 trading_view host 0 52.89.214.238 34.212.75.30 54.218.53.128 52.32.178.7 Tradingview allow ips 1 all_mats_devices network 0 192.168.1.0/24 192.168.10.0/24 192.168.249.0/24 192.168.250.0/24 All Mats devices 1 Internal_infrastructure network 0 192.168.50.0/24 1 WIREGUARD_CLIENTS network 0 10.10.10.0/24 Wireguard Clients 1 katies_devices network 0 192.168.3.0/24 Katies Devices 1 albert_devices network 0 192.168.33.0/24 albert_latest_pc 192.168.100.84 192.168.100.79 Alberts Devices 1 jess_laptop host 0 192.168.100.67 1 blink_devices network 0 192.168.69.0/24 1 savannah_phone host 0 192.168.2.44 1 albert_latest_pc host 0 192.168.100.83 Alberts Latest PC 1 fire_tv_cube_front_room host 0 192.168.2.33 Fire TV Cube - Front Room 1 nikita_pc host 0 192.168.2.66 Nikitas PC 1 management network 0 192.168.0.1/24 192.168.250.1/24 Management devices 1 netgear_sw_8p_bedroom host 0 192.168.0.3 Netgear 8 Port Switch - Bedroom 1 ng_sw_24p_office host 0 192.168.0.4 Netgear 24 Port Switch - Office 1 MAIL_PORTS port 0 25 465 143 587 993 4190 Mail ports for forwarding to Mail Server 1 proxmox_network network 0 192.168.20.0/24 Proxmox g1 g2 etc 1 UT_malicious_ips urltable 0 0.5 https://www.spamhaus.org/drop/drop.txt https://www.spamhaus.org/drop/edrop.txt https://www.spamhaus.org/drop/dropv6.txt https://iplists.firehol.org/files/dshield_30d.netset Malicious IP Lists 1 uk_only geoip 0 GB AL 837c5309-3f56-4048-88ac-bf7797250f18 UK only IP's 1 Wazuh_Ports port 0 1514 1515 55000 1 Wireguard port 0 51820 Wireguard port 1 SecondaryRouter network 0 10.100.0.0/24 Secondary Router Lan 1 block_shite_countries geoip 0 AO BF BI BJ BW CD CF CG CI CM DJ DZ EG EH ER ET GA GH GM GN GQ GW KE LR LS LY MA ML MR MW MZ NA NE NG RW SD SL SN SO SS ST SZ TD TG TN TZ UG ZA ZM ZW AG AI AR AW BB BL BO BQ BR BS BZ CL CO CR CU CW DM DO EC GD GF GL GP GT GY HN HT JM KN KY LC MF MQ MS MX NI PA PE PM PR PY SR SV SX TC TT UY VC VE VG VI AQ SJ AF AM AZ BD BH BN BT CY GE ID IL IN IQ IR JO JP KG KH KP KR KW KZ LA LB LK MM MN MO MY NP OM PH PK PS QA SA SY TH TJ TL TM UZ VN YE BM CV FK FO GS IS SH EU AD AX BY EE LI LT LU LV MC MD PL RS RU SM UA VA CC CX IO KM MG MU MV RE SC TF YT AS CK FJ FM GU KI MH MP NC NF NR NU NZ PF PG PN PW SB TK TO TV UM VU WF WS Block Shite countries 1 mail_server host 0 192.168.0.40 1 web_server host 0 192.168.0.40 1 nginx_proxy host 0 192.168.0.30 1 next_cloud host 0 192.168.0.50 1 core_services host 0 mail_server web_server nginx_proxy next_cloud voip_server 1 Blocklist_AbuseIPDB1 urltable 0 0.16666666666666666 https://raw.githubusercontent.com/cscmh/AbuseIPDB/refs/heads/main/abuseipdb1.txt AbuseIPDB 1 1 Blocklist_AbuseIPDB2 urltable 0 0.16666666666666666 https://raw.githubusercontent.com/cscmh/AbuseIPDB/refs/heads/main/abuseipdb2.txt AbuseIPDB 2 1 Blocklist_AbuseIPDB3 urltable 0 0.16666666666666666 https://raw.githubusercontent.com/cscmh/AbuseIPDB/refs/heads/main/abuseipdb3.txt AbuseIPDB 3 1 Blocklist_AbuseIPDB4 urltable 0 0.16666666666666666 https://raw.githubusercontent.com/cscmh/AbuseIPDB/refs/heads/main/abuseipdb4.txt AbuseIPDB 4 1 Blocklist_AbuseIPDB_all host 0 Blocklist_AbuseIPDB1 Blocklist_AbuseIPDB2 Blocklist_AbuseIPDB3 Blocklist_AbuseIPDB4 Blocklist AbuseIPDB ALL! 1 voip_server host 0 Voip PBX Server 1 TEMPLOCK host 0 192.168.250.186-192.168.250.248 TEMP BLOCK 1 wireless_pc host 0 192.168.250.106 1 PBX_SHILLAM_PORTS port 0 5060 10000:10100 SIP + RTP UDP Ports for *SHILLAM* VoIP server 1 netbird_ports port 0 33080 1 netbird_ports_2 port 0 33073 33080 10000 10000 0 10 Mbit src-ip 0 0 0 TrafficShaper PipeUp-18Mbps 10001 0 900 Mbit 2 none fq_codel 1 0 0 2700 TrafficShaper Download 10002 0 54 Mbit none fq_codel 0 1 0 TrafficShaper 1 Upload 10003 0 30 Kbit src-ip 0 0 0 TrafficShaper PipeUp-30Kbps 10000 0 675f6f4d-cf3d-467f-84f6-319a4daad0bb 10 none 0 0 0 Queue-59349 TrafficShaper 10001 0 9bd79685-8663-485d-a938-60ddba240284 100 dst-ip 0 1 0 Download Queue TrafficShaper 10002 0 f2a0b8e9-0acf-4da0-809b-e0e93602a13b 100 src-ip 0 1 0 Upload Queue TrafficShaper 10003 0 91a7f402-9dd9-4949-9733-3b4f168d89bc 10 none 0 0 0 Queue-WOW TrafficShaper 0 1 wan ip 192.168.20.32 0 any any 0 any 675f6f4d-cf3d-467f-84f6-319a4daad0bb Gluster-Proxy TrafficShaper 0 2 wan ip any 0 any any 0 any in b7dcbf65-986d-4511-8ba6-8eb89edda598 Download Rule TrafficShaper 0 3 wan ip any 0 any any 0 any out 2a756398-08a3-4312-9a2e-1ef291ec36b3 Upload rule TrafficShaper 0 4 wan ip any 0 1119 any 0 any 91a7f402-9dd9-4949-9733-3b4f168d89bc WoW TrafficShaper 0 5 wan ip any 0 any any 0 1119 91a7f402-9dd9-4949-9733-3b4f168d89bc WoW TrafficShaper 1 1 31 lan,wan wan v9 127.0.0.1:2056 1 1800 15 0 3333 0 opnsense 1 1 0 on strip 1 1 0 admin@localhost.local 0 /var/squid/cache 256 always 100 16 256 0 0 0 2048 1024 1024 256 0 0 username password lan 3128 3129 0 0 4 5 0 3401 public 2121 0 1 0 80:http,21:ftp,443:https,70:gopher,210:wais,1025-65535:unregistered ports,280:http-mgmt,488:gss-http,591:filemaker,777:multiling http 443:https 0 icap://[::1]:1344/avscan icap://[::1]:1344/avscan 1 0 0 X-Username 1 1024 60 OPNsense proxy authentication 2 5