mshillam
/
OPNSense-ramanet-router-edge-backup
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
OPNSense-ramanet-router-edg.../config.xml

1322 lines
49 KiB
XML
Raw Blame History

<?xml version="1.0"?>
<opnsense>
<theme>cicada</theme>
<sysctl>
<item>
<descr>Increase UFS read-ahead speeds to match the state of hard drives and NCQ.</descr>
<tunable>vfs.read_max</tunable>
<value>default</value>
</item>
<item>
<descr>Set the ephemeral port range to be lower.</descr>
<tunable>net.inet.ip.portrange.first</tunable>
<value>default</value>
</item>
<item>
<descr>Drop packets to closed TCP ports without returning a RST</descr>
<tunable>net.inet.tcp.blackhole</tunable>
<value>default</value>
</item>
<item>
<descr>Do not send ICMP port unreachable messages for closed UDP ports</descr>
<tunable>net.inet.udp.blackhole</tunable>
<value>default</value>
</item>
<item>
<descr>Randomize the ID field in IP packets</descr>
<tunable>net.inet.ip.random_id</tunable>
<value>default</value>
</item>
<item>
<descr>
Source routing is another way for an attacker to try to reach non-routable addresses behind your box.
It can also be used to probe for information about your internal networks. These functions come enabled
as part of the standard FreeBSD core system.
</descr>
<tunable>net.inet.ip.sourceroute</tunable>
<value>default</value>
</item>
<item>
<descr>
Source routing is another way for an attacker to try to reach non-routable addresses behind your box.
It can also be used to probe for information about your internal networks. These functions come enabled
as part of the standard FreeBSD core system.
</descr>
<tunable>net.inet.ip.accept_sourceroute</tunable>
<value>default</value>
</item>
<item>
<descr>
This option turns off the logging of redirect packets because there is no limit and this could fill
up your logs consuming your whole hard drive.
</descr>
<tunable>net.inet.icmp.log_redirect</tunable>
<value>default</value>
</item>
<item>
<descr>Drop SYN-FIN packets (breaks RFC1379, but nobody uses it anyway)</descr>
<tunable>net.inet.tcp.drop_synfin</tunable>
<value>default</value>
</item>
<item>
<descr>Enable sending IPv6 redirects</descr>
<tunable>net.inet6.ip6.redirect</tunable>
<value>default</value>
</item>
<item>
<descr>Enable privacy settings for IPv6 (RFC 4941)</descr>
<tunable>net.inet6.ip6.use_tempaddr</tunable>
<value>default</value>
</item>
<item>
<descr>Prefer privacy addresses and use them over the normal addresses</descr>
<tunable>net.inet6.ip6.prefer_tempaddr</tunable>
<value>default</value>
</item>
<item>
<descr>Generate SYN cookies for outbound SYN-ACK packets</descr>
<tunable>net.inet.tcp.syncookies</tunable>
<value>default</value>
</item>
<item>
<descr>Maximum incoming/outgoing TCP datagram size (receive)</descr>
<tunable>net.inet.tcp.recvspace</tunable>
<value>default</value>
</item>
<item>
<descr>Maximum incoming/outgoing TCP datagram size (send)</descr>
<tunable>net.inet.tcp.sendspace</tunable>
<value>default</value>
</item>
<item>
<descr>Do not delay ACK to try and piggyback it onto a data packet</descr>
<tunable>net.inet.tcp.delayed_ack</tunable>
<value>default</value>
</item>
<item>
<descr>Maximum outgoing UDP datagram size</descr>
<tunable>net.inet.udp.maxdgram</tunable>
<value>default</value>
</item>
<item>
<descr>Handling of non-IP packets which are not passed to pfil (see if_bridge(4))</descr>
<tunable>net.link.bridge.pfil_onlyip</tunable>
<value>default</value>
</item>
<item>
<descr>Set to 1 to additionally filter on the physical interface for locally destined packets</descr>
<tunable>net.link.bridge.pfil_local_phys</tunable>
<value>default</value>
</item>
<item>
<descr>Set to 0 to disable filtering on the incoming and outgoing member interfaces.</descr>
<tunable>net.link.bridge.pfil_member</tunable>
<value>default</value>
</item>
<item>
<descr>Set to 1 to enable filtering on the bridge interface</descr>
<tunable>net.link.bridge.pfil_bridge</tunable>
<value>default</value>
</item>
<item>
<descr>Allow unprivileged access to tap(4) device nodes</descr>
<tunable>net.link.tap.user_open</tunable>
<value>default</value>
</item>
<item>
<descr>Randomize PID's (see src/sys/kern/kern_fork.c: sysctl_kern_randompid())</descr>
<tunable>kern.randompid</tunable>
<value>default</value>
</item>
<item>
<descr>Disable CTRL+ALT+Delete reboot from keyboard.</descr>
<tunable>hw.syscons.kbd_reboot</tunable>
<value>default</value>
</item>
<item>
<descr>Enable TCP extended debugging</descr>
<tunable>net.inet.tcp.log_debug</tunable>
<value>default</value>
</item>
<item>
<descr>Set ICMP Limits</descr>
<tunable>net.inet.icmp.icmplim</tunable>
<value>default</value>
</item>
<item>
<descr>TCP Offload Engine</descr>
<tunable>net.inet.tcp.tso</tunable>
<value>default</value>
</item>
<item>
<descr>UDP Checksums</descr>
<tunable>net.inet.udp.checksum</tunable>
<value>default</value>
</item>
<item>
<descr>Maximum socket buffer size</descr>
<tunable>kern.ipc.maxsockbuf</tunable>
<value>default</value>
</item>
<item>
<descr>Page Table Isolation (Meltdown mitigation, requires reboot.)</descr>
<tunable>vm.pmap.pti</tunable>
<value>default</value>
</item>
<item>
<descr>Disable Indirect Branch Restricted Speculation (Spectre V2 mitigation)</descr>
<tunable>hw.ibrs_disable</tunable>
<value>default</value>
</item>
<item>
<descr>Hide processes running as other groups</descr>
<tunable>security.bsd.see_other_gids</tunable>
<value>default</value>
</item>
<item>
<descr>Hide processes running as other users</descr>
<tunable>security.bsd.see_other_uids</tunable>
<value>default</value>
</item>
<item>
<descr>Enable/disable sending of ICMP redirects in response to IP packets for which a better,
and for the sender directly reachable, route and next hop is known.
</descr>
<tunable>net.inet.ip.redirect</tunable>
<value>default</value>
</item>
<item>
<descr>
Redirect attacks are the purposeful mass-issuing of ICMP type 5 packets. In a normal network, redirects
to the end stations should not be required. This option enables the NIC to drop all inbound ICMP redirect
packets without returning a response.
</descr>
<tunable>net.inet.icmp.drop_redirect</tunable>
<value>1</value>
</item>
<item>
<descr>Maximum outgoing UDP datagram size</descr>
<tunable>net.local.dgram.maxdgram</tunable>
<value>default</value>
</item>
</sysctl>
<system>
<optimization>normal</optimization>
<hostname>router-edge</hostname>
<domain>ramanet</domain>
<group>
<name>admins</name>
<description>System Administrators</description>
<scope>system</scope>
<gid>1999</gid>
<member>0</member>
<member>2000</member>
<member>2001</member>
<priv>page-all</priv>
</group>
<user>
<name>root</name>
<descr>System Administrator</descr>
<scope>system</scope>
<groupname>admins</groupname>
<password>$2y$11$NgVcMFyIYgviLLTVCws4S.C3kNyY12q25vsZq/1omlBhtb.1OH.i2</password>
<uid>0</uid>
<expires/>
<authorizedkeys/>
<otp_seed/>
</user>
<user>
<password>$2y$11$uqL6Ib2tOES9z4QDdESq6OQKQGVGBgtFeXZ9AotNTv/JfGvM/CtEO</password>
<scope>user</scope>
<name>mshillam</name>
<descr>Matthew Shillam</descr>
<expires/>
<authorizedkeys>c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSUFFNWFtWS9Fa3ZkVVM5c0Jrc2hEc3B6UExlY0FPc052S0xWU0Rod2h0QmMgbWF0dGhld0BzaGlsbGFtLm1lLnVr</authorizedkeys>
<otp_seed/>
<email>matthew@shillam.me.uk</email>
<uid>2000</uid>
<shell>/bin/sh</shell>
</user>
<user>
<password>$2y$11$TZZEuzrrPXSXPpKe5s1q5./eEn0cUazwnXCjhpEKnSMvEyBme/z2W</password>
<scope>user</scope>
<name>homeassistant</name>
<descr/>
<expires/>
<authorizedkeys/>
<otp_seed/>
<uid>2001</uid>
<apikeys>
<item>
<key>O74j4p/Sor7nIhnsXlxV2DSPXpXn1K3nXnxcqrfBUr8+HNUAzrpzOL+ubPJm0GT+GeX8RTeH+cFcGxL8</key>
<secret>$6$$By21ccLB5.0K1bXHBnNuijsd7zZYE1YRKVsomkunElAONlpGUXhioo.VWcBrz/A.vMTWXZpaUw3YnAmbUrnvl0</secret>
</item>
</apikeys>
</user>
<nextuid>2002</nextuid>
<nextgid>2000</nextgid>
<timezone>Europe/London</timezone>
<timeservers>0.opnsense.pool.ntp.org 1.opnsense.pool.ntp.org 2.opnsense.pool.ntp.org 3.opnsense.pool.ntp.org</timeservers>
<webgui>
<protocol>https</protocol>
<ssl-certref>66140e2f5c134</ssl-certref>
<port/>
<compression/>
<althostnames>rama-router-edge.shillam.me.uk</althostnames>
</webgui>
<disablenatreflection>yes</disablenatreflection>
<usevirtualterminal>1</usevirtualterminal>
<disableconsolemenu>1</disableconsolemenu>
<disablevlanhwfilter>1</disablevlanhwfilter>
<disablechecksumoffloading>1</disablechecksumoffloading>
<disablesegmentationoffloading>1</disablesegmentationoffloading>
<disablelargereceiveoffloading>1</disablelargereceiveoffloading>
<powerd_ac_mode>hadp</powerd_ac_mode>
<powerd_battery_mode>hadp</powerd_battery_mode>
<powerd_normal_mode>hadp</powerd_normal_mode>
<bogons>
<interval>monthly</interval>
</bogons>
<pf_share_forward>1</pf_share_forward>
<lb_use_sticky>1</lb_use_sticky>
<ssh>
<group>admins</group>
<noauto>1</noauto>
<interfaces/>
<kex/>
<ciphers/>
<macs/>
<keys/>
<keysig/>
<enabled>enabled</enabled>
</ssh>
<rrdbackup>-1</rrdbackup>
<netflowbackup>-1</netflowbackup>
<firmware version="1.0.1">
<mirror/>
<flavour/>
<plugins>os-git-backup,os-homeassistant-maxit,os-nextcloud-backup,os-qemu-guest-agent,os-theme-cicada,os-theme-rebellion,os-upnp</plugins>
<type/>
<subscription/>
<reboot/>
</firmware>
<language>en_US</language>
<dnsserver>172.16.0.1</dnsserver>
<dnslocalhost>1</dnslocalhost>
<maximumstates/>
<maximumfrags/>
<aliasesresolveinterval/>
<maximumtableentries/>
<pfdebug>urgent</pfdebug>
<prefer_ipv4>1</prefer_ipv4>
<backup>
<git version="1.0.0">
<enabled>1</enabled>
<url>https://gitea.shillam.me.uk/mshillam/OPNSense-ramanet-router-edge-backup.git</url>
<branch>master</branch>
<privkey/>
<user>mshillam</user>
<password>TWi7mE9rrxzXam</password>
</git>
<nextcloud version="1.0.0">
<enabled>0</enabled>
<url/>
<user/>
<password/>
<password_encryption/>
<backupdir>OPNsense-Backup</backupdir>
</nextcloud>
</backup>
<remotebackup>
<GDriveEmail>113759209639241836928</GDriveEmail>
<GDriveFolderID>1q9-7dHcH-Uarlj_oD-RPzQ7QKrPlL6cq</GDriveFolderID>
<GDrivePrefixHostname>on</GDrivePrefixHostname>
<GDriveBackupCount>60</GDriveBackupCount>
<GDrivePassword>Syfhcefh1</GDrivePassword>
<GDriveEnabled>on</GDriveEnabled>
<GDriveP12key>MIIJqwIBAzCCCWQGCSqGSIb3DQEHAaCCCVUEgglRMIIJTTCCBXEGCSqGSIb3DQEHAaCCBWIEggVeMIIFWjCCBVYGCyqGSIb3DQEMCgECoIIE+zCCBPcwKQYKKoZIhvcNAQwBAzAbBBStgTWu5ptsbJmgVXjjQcMmvW832wIDAMNQBIIEyMg3AaY/tqTKKI+IBs850yddXWEoM6Yb0rrLv1rP8fB0a2ZUfq9R5f/GUbmCmoal/5PrvnhGNMZ/qhIdL/cUymZ3wRRq+9LdSsyDjvPcJ/eYZcKOkwEQ+q13I7sZKJpxUmvHBIKeJwTLbyj1y/fhOjh9b80ZcI1+Mu+ZR3WUll/U1deZ8Wz8Nt2zb0z9hDTWcfiQTUN1b6fG33Glj/aro6LJU9pIV8eL0K2xwH9xVJayM9+03zj7+3vPHXJN2rYNX6nMIDbK5dvIxX9BxHEZkXkvPSQgJyVFUqHbGSmnTUlDu1ZruIc3jQ0u109/aYIPGyg8aszRfyrk5rPdkr+ATg1653zgqoIxPnOV6iMOYV92VPIofnvwevx3inGykbYqSP0aeFhovEKCwJVjtLzQaiqnIJHyHLKN2NPrAWXsLhOu5iM1KK1HQqG74rTsY5kkv/wgdpItwfGfz4IWkQ1Q1+aVpC6P47Rrs9lMCiF3rgczxB4NJUK65NT0QWVBbejN8UPaZWZk6RE8u3m/URGNa2xgp1irEgvOrWaidPzY/xjtR2i1fqJgIqeUL/vK4WZr0T5OtAq9ehkvEm3GxWnbCDLCxKyk2cW45ShcOumcwdvua0tyIYgRkXboLqvmmlUm5jivqxZ4naGK4BJSvGepiuqdF4sWiuHMmFq/rw85uBbZOWAkfQjYSUUyTiEG7PBgXvSe0CCUTJrklBfjKjuvYgb4XuAU3x/Vrl9QDa2EJRhEr86kIgwneQvBSIN0uI1e9AY5rY8AUAzaybGVww09dPu1ghm0bJ+hQWs1w2WiiWrvi/AY1stIMg1cn7/9X5TG8PSMLPyIYCNfPrDxamCp5xBiuySZOhcADa9FURzrwFSxuDjNUTtbN78PVVDiKkvjOlZN2Hl80eGg27SjPWmmPgEYyT6pJUFrp65r4iVY1Aqg9wcsCEI61T8Y12ETPe5g43BK3FwSKSZVvLqJ9K4q22bpj/0RZYQusQrao0xPug5MVJ57dXpIcVNc9Fs1WdkohCwSSlkWBuuWBkN94U1qtDOy6fP5nzxuca8hpkdw5pt4sKHVN40BcygLuy7VojBhYTaWbfL2nVN/N3/buT3piA4kxwaP+sFMG0YMHIwOyIsppitZoBVD7cnXdSeIVO6Rzz/4R9AyBFrWoE85JDL2PGNUtp0zF3FT1SMPKsS8pa/w4QPgebIf+OM+TZEBo4+8NXVjG4koqF2CxOixH6tLECJ3ppZTDIL+A7K/7dFxqzVn472kpNb+EdYKF21f4lTOqV/kULkKJUiW48jJR0c8oHMIPJ6oJJcNnmOcevw3aKtP6fg30kyPVecl1np2ngDoxXbBYIqJvXjYMFvWGJrZtJ8ij3D36NqgzP2oHuiDNHStadIq/4gGR54qdY6dq2arMgkBNc7DCV2ZmWecTnlGV4pAPz6d9o3RNhDkjYQceCq8mCJz9LOcR6jj+S6TY55JRq7RuY+KjEkQx/LSALN+gyLf9aNCH5AY/nYz83M8mYbfwhuwfa/k143F5AwWTNKtVk60UJweVtLTgTutAWI1Ktyv5+bmnwYD1fuMsdY9cuk7lYBiT0iPLgLV6gxAKFbQzIl6N4/AQnBxZXDnYws6RkqSW9tU3mwgqzFIMCMGCSqGSIb3DQEJFDEWHhQAcAByAGkAdgBhAHQAZQBrAGUAeTAhBgkqhkiG9w0BCRUxFAQSVGltZSAxNzEyNjA0ODk3NzAyMIID1AYJKoZIhvcNAQcGoIIDxTCCA8ECAQAwggO6BgkqhkiG9w0BBwEwKQYKKoZIhvcNAQwBBjAbBBSFz4/dS0Q7F7nh6GQmyShGIpfYbwIDAMNQgIIDgM2DK+pM55K6AzcCzAi458SYJzo83lYMHtK6i3ml3Gcknpi4T/raNJDcdQ3HokdEim8wztUM6etGt5YRYeZconShSzZeWJver9mr2AQjbwSDtOeeG7eWwK/9qx6eoFfXQZ2XKqXdu/LPUDgSTxrnYhfoh/aybZLy5GQo0aw4mRlfg3falbSIxOrdzD9FWazQ/eKLSkJumLrxwD3r5Hrf2b1lDz/YMRFmKd97fqNjLg2+dlWAr1ybLXbrkaGz3TvJe0lKOgNqWHZ1MPA6QGqodMLgQ2wypUHj1M3yhcweQM07KQF8Tgodx5whiHVMcdz93sdyB2i54S16/SVd2BJ3ik+SDDtKfXldLPFTdpyGaDB/6jtG4E8SP2QFWwE5WSI+nnjRaUQhsyWTI5gtV0KYocRgfWrKUR2FFSGFnBwL+LEUL/K0YNieK+Ibo6pDyBZc/4iIO/J47ueNl3VUqnwH3xUDOSyy4yD2AjrpZSgyUqUSym1c28SDL2uHFlWXZMxN0AbrY5aT0e8BwM4VcO1Gm9T+78vPLFhObMO3j53dHUjSKUhJO4Th5rppRiY+9PVbO2zep2NxSvccB+0HUBjfVbnVQQiIxvUWA8u8VMRArXK8CpZgsGbh+m9htrHSO/olMVXMdb4E/nPWfm7NQz8hsX2AKcaYYidsbhDMT/BdbaPQW0YJ6mPm14gCa/N6fVPBHePLqQTVgTkcAfoULMCU8aFT6d6wDQbsZ2IeAfX7NXb0GAK8yE3w0yE8K6OL5Z621qOrz6iTfGuO0r92UBsGyuuy60jbr72v3Vv94DNZ0sFekDp6P08NvWCC4PIBNMphgPExEIYE+czHAj18tQviKJGtExqyqVcBKqnI9/6tp28oBL8iLvAZ2dANuHCE1xIxrcwbAqT6adnRMfj1PwiOYzrhc6x9ir/VRYvUntxBtu4fpwp0Rd101hFCf2fLqQGjPhFLLm638yRVb5q+vyPCDOjQrd8cbRG2pWT02MIJFEROGMQUN8AzhV0dS+jHl+nvjer8tzrh80h2dNRCxI8hMZiD520fPV5aV6r34pJDWCEsp4Rw4IasGTfzmj70CZnesoaZw9huCL/oX3DFCgctJVXNdMMrZhWZqn7lPxYrVV6fFOJxMPSLXAOPLDArAOFQS4/XYJDEg78Ncbf8HRSuNMc45zU7PdzG9IrKlkH8LMWHMD4wITAJBgUrDgMCGgUABBQTCLj66qTly8+l2Id+AnJWkgKDagQUlLtzywwe5mgBy+vpXWhR31nbvCYCAwGGoA==</GDriveP12key>
</remotebackup>
<serialspeed>115200</serialspeed>
<primaryconsole>video</primaryconsole>
<backupcount>100</backupcount>
<sudo_allow_wheel>1</sudo_allow_wheel>
<sudo_allow_group>admins</sudo_allow_group>
</system>
<interfaces>
<wan>
<if>vtnet0</if>
<descr/>
<enable>1</enable>
<lock>1</lock>
<spoofmac/>
<ipaddr>dhcp</ipaddr>
<dhcphostname/>
<alias-address/>
<alias-subnet>32</alias-subnet>
<dhcprejectfrom/>
<adv_dhcp_pt_timeout/>
<adv_dhcp_pt_retry/>
<adv_dhcp_pt_select_timeout/>
<adv_dhcp_pt_reboot/>
<adv_dhcp_pt_backoff_cutoff/>
<adv_dhcp_pt_initial_interval/>
<adv_dhcp_pt_values>SavedCfg</adv_dhcp_pt_values>
<adv_dhcp_send_options/>
<adv_dhcp_request_options/>
<adv_dhcp_required_options/>
<adv_dhcp_option_modifiers/>
<adv_dhcp_config_advanced/>
<adv_dhcp_config_file_override/>
<adv_dhcp_config_file_override_path/>
</wan>
<lan>
<if>vtnet1</if>
<descr/>
<enable>1</enable>
<lock>1</lock>
<spoofmac/>
<ipaddr>10.100.0.1</ipaddr>
<subnet>24</subnet>
<ipaddrv6>track6</ipaddrv6>
<track6-interface/>
<track6-prefix-id>0</track6-prefix-id>
</lan>
<lo0>
<internal_dynamic>1</internal_dynamic>
<descr>Loopback</descr>
<enable>1</enable>
<if>lo0</if>
<ipaddr>127.0.0.1</ipaddr>
<ipaddrv6>::1</ipaddrv6>
<subnet>8</subnet>
<subnetv6>128</subnetv6>
<type>none</type>
<virtual>1</virtual>
</lo0>
</interfaces>
<dhcpd>
<lan>
<enable>1</enable>
<ddnsdomainalgorithm>hmac-md5</ddnsdomainalgorithm>
<numberoptions>
<item/>
</numberoptions>
<range>
<from>10.100.0.221</from>
<to>10.100.0.250</to>
</range>
<winsserver/>
<dnsserver/>
<ntpserver/>
<staticmap>
<mac>ac:15:a2:02:b4:a1</mac>
<ipaddr>10.100.0.2</ipaddr>
<hostname>sw-tp-core-home</hostname>
<descr>Switch - TP-Link TL-SG108E - Core Home</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>bc:24:11:4e:cf:c0</mac>
<ipaddr>10.100.0.10</ipaddr>
<hostname>docker-landlab</hostname>
<descr>Docker on Proxmox - Landlab</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>bc:24:11:3d:31:5a</mac>
<ipaddr>10.100.0.11</ipaddr>
<hostname>nas</hostname>
<descr>Nas - Landlab</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>88:66:5a:15:8a:9a</mac>
<ipaddr>10.100.0.20</ipaddr>
<hostname>mats-macbook-wifi</hostname>
<descr>Mats MacBook Pro Wifi.</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>00:e0:4c:63:23:d8</mac>
<ipaddr>10.100.0.21</ipaddr>
<hostname>mats-macbook-eth</hostname>
<descr>Mats MacBook Pro Eth.</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>02:e8:8c:90:b9:c8</mac>
<ipaddr>10.100.0.50</ipaddr>
<hostname>ha</hostname>
<descr>Home Assistant</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>ec:71:db:b3:c1:0a</mac>
<ipaddr>10.100.0.101</ipaddr>
<hostname>sera1-cam1</hostname>
<descr>Sera1 - Cam1 - Reolink CX410</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>ec:71:db:4a:75:95</mac>
<ipaddr>10.100.0.102</ipaddr>
<hostname>sera1-cam2</hostname>
<descr>Sera1 - Cam2 - Reolink CX410</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>ec:71:db:a5:ce:f4</mac>
<ipaddr>10.100.0.103</ipaddr>
<hostname>sera1-cam3</hostname>
<descr>Sera1 - Cam3 - Reolink CX410</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>ec:71:db:d4:fa:1b</mac>
<ipaddr>10.100.0.104</ipaddr>
<hostname>sera1-cam4</hostname>
<descr>Sera1 - Cam4 - Reolink CX410</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>ec:71:db:eb:62:3b</mac>
<ipaddr>10.100.0.105</ipaddr>
<hostname>sera1-cam5</hostname>
<descr>Sera1 - Cam5 - Reolink CX410</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>ec:71:db:b7:cf:0b</mac>
<ipaddr>10.100.0.106</ipaddr>
<hostname>sera1-cam6</hostname>
<descr>Sera1 - Cam6 - Reolink CX410</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>b4:fb:e4:4c:5d:7e</mac>
<ipaddr>10.100.0.151</ipaddr>
<hostname>ub-ap-sera1-north</hostname>
<descr>Unifi UAC Pro - AP - Sera1 North</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>fc:ec:da:10:73:b5</mac>
<ipaddr>10.100.0.152</ipaddr>
<hostname>ub-ap-sera1-south</hostname>
<descr>Unifi UAC Pro - AP - Sera1 South</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
</lan>
</dhcpd>
<snmpd>
<syslocation/>
<syscontact/>
<rocommunity>public</rocommunity>
</snmpd>
<nat>
<outbound>
<mode>disabled</mode>
<rule/>
</outbound>
<rule/>
</nat>
<filter>
<rule uuid="710a4df7-8b02-456e-833c-707c6377fe1b">
<type>pass</type>
<interface>wan</interface>
<ipprotocol>inet</ipprotocol>
<statetype>keep state</statetype>
<descr>Allow traffic from the primary router to WAN interface</descr>
<direction>in</direction>
<quick>1</quick>
<source>
<address>10.10.10.0/24</address>
</source>
<destination>
<network>lan</network>
</destination>
<updated>
<username>mshillam@192.168.1.203</username>
<time>1713965024.1229</time>
<description>/firewall_rules_edit.php made changes</description>
</updated>
<created>
<username>root@10.100.0.10</username>
<time>1712592663.4342</time>
<description>/firewall_rules_edit.php made changes</description>
</created>
<log>1</log>
</rule>
<rule uuid="2bc331e9-3a77-4571-a3e1-03defcaa69a2">
<type>pass</type>
<interface>wan</interface>
<ipprotocol>inet</ipprotocol>
<statetype>keep state</statetype>
<descr>Allow ICMP on Wan Interface</descr>
<direction>in</direction>
<log>1</log>
<quick>1</quick>
<protocol>icmp</protocol>
<source>
<network>wan</network>
</source>
<destination>
<network>wanip</network>
</destination>
<updated>
<username>mshillam@192.168.1.201</username>
<time>1713958351.6556</time>
<description>/firewall_rules_edit.php made changes</description>
</updated>
<created>
<username>root@10.100.0.10</username>
<time>1712593851.1391</time>
<description>/firewall_rules_edit.php made changes</description>
</created>
</rule>
<rule uuid="3345c82d-2f00-49de-936c-08d350619c95">
<type>pass</type>
<interface>wan</interface>
<ipprotocol>inet</ipprotocol>
<statetype>keep state</statetype>
<descr>Allow Web ports through WAN interface</descr>
<direction>in</direction>
<log>1</log>
<quick>1</quick>
<protocol>tcp/udp</protocol>
<source>
<any>1</any>
</source>
<destination>
<address>10.100.0.10</address>
<port>_web_ports</port>
</destination>
<updated>
<username>mshillam@10.10.10.20</username>
<time>1713983152.8745</time>
<description>/firewall_rules_edit.php made changes</description>
</updated>
<created>
<username>mshillam@10.10.10.20</username>
<time>1713983026.7579</time>
<description>/firewall_rules_edit.php made changes</description>
</created>
</rule>
<rule uuid="a18af7b6-153b-4861-9e13-4c50a4565ced">
<type>pass</type>
<interface>wan</interface>
<ipprotocol>inet</ipprotocol>
<statetype>keep state</statetype>
<descr>Allow Web ports back WAN interface</descr>
<direction>out</direction>
<log>1</log>
<quick>1</quick>
<protocol>tcp/udp</protocol>
<source>
<address>10.100.0.10</address>
</source>
<destination>
<any>1</any>
</destination>
<updated>
<username>mshillam@10.10.10.20</username>
<time>1713985112.7993</time>
<description>/firewall_rules_edit.php made changes</description>
</updated>
<created>
<username>mshillam@10.10.10.20</username>
<time>1713985112.7993</time>
<description>/firewall_rules_edit.php made changes</description>
</created>
<disabled>1</disabled>
</rule>
<rule uuid="303446dc-ce40-4949-8a5f-c90dbce54c43">
<type>pass</type>
<ipprotocol>inet</ipprotocol>
<descr>Default allow LAN to any rule</descr>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
</destination>
</rule>
<rule uuid="a0847329-7813-4244-9dcb-e5289e396b1f">
<type>pass</type>
<ipprotocol>inet6</ipprotocol>
<descr>Default allow LAN IPv6 to any rule</descr>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
</destination>
</rule>
</filter>
<rrd>
<enable/>
</rrd>
<load_balancer>
<monitor_type>
<name>ICMP</name>
<type>icmp</type>
<descr>ICMP</descr>
<options/>
</monitor_type>
<monitor_type>
<name>TCP</name>
<type>tcp</type>
<descr>Generic TCP</descr>
<options/>
</monitor_type>
<monitor_type>
<name>HTTP</name>
<type>http</type>
<descr>Generic HTTP</descr>
<options>
<path>/</path>
<host/>
<code>200</code>
</options>
</monitor_type>
<monitor_type>
<name>HTTPS</name>
<type>https</type>
<descr>Generic HTTPS</descr>
<options>
<path>/</path>
<host/>
<code>200</code>
</options>
</monitor_type>
<monitor_type>
<name>SMTP</name>
<type>send</type>
<descr>Generic SMTP</descr>
<options>
<send/>
<expect>220 *</expect>
</options>
</monitor_type>
</load_balancer>
<ntpd>
<prefer>0.opnsense.pool.ntp.org</prefer>
</ntpd>
<widgets>
<sequence>system_information-container:00000000-col3:show,gateways-container:00000001-col4:show,traffic_graphs-container:00000002-col4:show,interface_list-container:00000003-col4:show,services_status-container:00000004-col4:show</sequence>
<column_count>2</column_count>
<servicestatusfilter>dhcpd6</servicestatusfilter>
<traffic_graphs_interfaces>lan,wan</traffic_graphs_interfaces>
</widgets>
<revision>
<username>mshillam@10.10.10.20</username>
<time>1713994348.4311</time>
<description>/firewall_nat_out.php made changes</description>
</revision>
<OPNsense>
<OpenVPN version="1.0.0">
<Overwrites/>
<Instances/>
<StaticKeys/>
</OpenVPN>
<OpenVPNExport version="0.0.1">
<servers/>
</OpenVPNExport>
<IPsec version="1.0.1">
<general>
<enabled/>
</general>
<keyPairs/>
<preSharedKeys/>
</IPsec>
<Swanctl version="1.0.0">
<Connections/>
<locals/>
<remotes/>
<children/>
<Pools/>
<VTIs/>
<SPDs/>
</Swanctl>
<QemuGuestAgent version="1.0.0">
<general>
<Enabled>1</Enabled>
<LogDebug>0</LogDebug>
<DisabledRPCs/>
</general>
</QemuGuestAgent>
<cron version="1.0.4">
<jobs/>
</cron>
<Firewall>
<Alias version="1.0.1">
<geoip>
<url/>
</geoip>
<aliases>
<alias uuid="8a1503c3-d3c7-44f4-8094-f59e1f88fdaf">
<enabled>1</enabled>
<name>mats_macbook_wifi</name>
<type>host</type>
<proto/>
<interface/>
<counters>0</counters>
<updatefreq/>
<content>10.10.10.20
10.100.0.20</content>
<categories/>
<description>Mats MacBook Pro Wifi.</description>
</alias>
<alias uuid="58736296-46af-4e07-90b9-428c45bde90b">
<enabled>1</enabled>
<name>mats_macbook_eth</name>
<type>host</type>
<proto/>
<interface/>
<counters>0</counters>
<updatefreq/>
<content>10.10.10.21
10.100.0.21</content>
<categories/>
<description>Mats MacBook Pro Eth.</description>
</alias>
<alias uuid="77917c5b-dc47-4947-93dd-74aff9857789">
<enabled>1</enabled>
<name>mats_devices</name>
<type>host</type>
<proto/>
<interface/>
<counters>0</counters>
<updatefreq/>
<content>mats_macbook_wifi
mats_macbook_eth</content>
<categories/>
<description>Mats Devices</description>
</alias>
<alias uuid="eea2acc3-58b6-4c14-aa13-064929cbd9b3">
<enabled>1</enabled>
<name>admin_devices</name>
<type>host</type>
<proto/>
<interface/>
<counters>0</counters>
<updatefreq/>
<content>mats_devices</content>
<categories/>
<description>Admin devices with escalated network access.</description>
</alias>
<alias uuid="5b78fc46-5a29-4d5a-bea9-23c61f869941">
<enabled>1</enabled>
<name>_web_ports</name>
<type>port</type>
<proto/>
<interface/>
<counters>0</counters>
<updatefreq/>
<content>80
443</content>
<categories/>
<description>Web Ports</description>
</alias>
</aliases>
</Alias>
<Category version="1.0.0">
<categories/>
</Category>
<Filter version="1.0.3">
<rules/>
<snatrules/>
<npt/>
</Filter>
<Lvtemplate version="0.0.1">
<templates/>
</Lvtemplate>
</Firewall>
<Netflow version="1.0.1">
<capture>
<interfaces/>
<egress_only/>
<version>v9</version>
<targets/>
</capture>
<collect>
<enable>0</enable>
</collect>
<activeTimeout>1800</activeTimeout>
<inactiveTimeout>15</inactiveTimeout>
</Netflow>
<monit version="1.0.12">
<general>
<enabled>0</enabled>
<interval>120</interval>
<startdelay>120</startdelay>
<mailserver>127.0.0.1</mailserver>
<port>25</port>
<username/>
<password/>
<ssl>0</ssl>
<sslversion>auto</sslversion>
<sslverify>1</sslverify>
<logfile/>
<statefile/>
<eventqueuePath/>
<eventqueueSlots/>
<httpdEnabled>0</httpdEnabled>
<httpdUsername>root</httpdUsername>
<httpdPassword>Gco2QHPETB3p0OYrAqm4qjLYnCXtR5b</httpdPassword>
<httpdPort>2812</httpdPort>
<httpdAllow/>
<mmonitUrl/>
<mmonitTimeout>5</mmonitTimeout>
<mmonitRegisterCredentials>1</mmonitRegisterCredentials>
</general>
<alert uuid="221a9e42-95d8-4685-b1a1-343c6c3dbcbb">
<enabled>0</enabled>
<recipient>root@localhost.local</recipient>
<noton>0</noton>
<events/>
<format/>
<reminder/>
<description/>
</alert>
<service uuid="8a320b8d-3b6b-4207-8625-cf91a059f0ae">
<enabled>1</enabled>
<name>$HOST</name>
<description/>
<type>system</type>
<pidfile/>
<match/>
<path/>
<timeout>300</timeout>
<starttimeout>30</starttimeout>
<address/>
<interface/>
<start/>
<stop/>
<tests>bab99c6e-5310-4a0e-bb28-ae4bd88aa578,f7041eef-b012-4813-86cd-7f391b664f73,d029d431-7d9e-4c77-aeda-866020b133e2,a0f551a1-e94d-4a6e-9390-9c554b00e972</tests>
<depends/>
<polltime/>
</service>
<service uuid="0db2d486-981c-463c-b552-58a7f08790e6">
<enabled>1</enabled>
<name>RootFs</name>
<description/>
<type>filesystem</type>
<pidfile/>
<match/>
<path>/</path>
<timeout>300</timeout>
<starttimeout>30</starttimeout>
<address/>
<interface/>
<start/>
<stop/>
<tests>311da6a1-b35b-4137-b52d-c114b000cdb1</tests>
<depends/>
<polltime/>
</service>
<service uuid="c62512f0-576c-468c-bc90-d7b5abb32d56">
<enabled>0</enabled>
<name>carp_status_change</name>
<description/>
<type>custom</type>
<pidfile/>
<match/>
<path>/usr/local/opnsense/scripts/OPNsense/Monit/carp_status</path>
<timeout>300</timeout>
<starttimeout>30</starttimeout>
<address/>
<interface/>
<start/>
<stop/>
<tests>4ef02271-56c6-4334-b756-a441b0d6b934</tests>
<depends/>
<polltime/>
</service>
<service uuid="072200ee-16d5-43c8-bc84-3ae88239073f">
<enabled>0</enabled>
<name>gateway_alert</name>
<description/>
<type>custom</type>
<pidfile/>
<match/>
<path>/usr/local/opnsense/scripts/OPNsense/Monit/gateway_alert</path>
<timeout>300</timeout>
<starttimeout>30</starttimeout>
<address/>
<interface/>
<start/>
<stop/>
<tests>6489b90f-5a20-40de-b182-0afa5124726c</tests>
<depends/>
<polltime/>
</service>
<test uuid="62748b4c-6be2-4e32-a9b2-1a373a848f1a">
<name>Ping</name>
<type>NetworkPing</type>
<condition>failed ping</condition>
<action>alert</action>
<path/>
</test>
<test uuid="5066b94d-29b6-42fa-b10e-9ade3b859971">
<name>NetworkLink</name>
<type>NetworkInterface</type>
<condition>failed link</condition>
<action>alert</action>
<path/>
</test>
<test uuid="052902ee-d078-4a4f-98fb-15059b6c2062">
<name>NetworkSaturation</name>
<type>NetworkInterface</type>
<condition>saturation is greater than 75%</condition>
<action>alert</action>
<path/>
</test>
<test uuid="bab99c6e-5310-4a0e-bb28-ae4bd88aa578">
<name>MemoryUsage</name>
<type>SystemResource</type>
<condition>memory usage is greater than 75%</condition>
<action>alert</action>
<path/>
</test>
<test uuid="f7041eef-b012-4813-86cd-7f391b664f73">
<name>CPUUsage</name>
<type>SystemResource</type>
<condition>cpu usage is greater than 75%</condition>
<action>alert</action>
<path/>
</test>
<test uuid="d029d431-7d9e-4c77-aeda-866020b133e2">
<name>LoadAvg1</name>
<type>SystemResource</type>
<condition>loadavg (1min) is greater than 8</condition>
<action>alert</action>
<path/>
</test>
<test uuid="a0f551a1-e94d-4a6e-9390-9c554b00e972">
<name>LoadAvg5</name>
<type>SystemResource</type>
<condition>loadavg (5min) is greater than 6</condition>
<action>alert</action>
<path/>
</test>
<test uuid="764cee64-e6fc-4ca9-af7a-1258c75682b4">
<name>LoadAvg15</name>
<type>SystemResource</type>
<condition>loadavg (15min) is greater than 4</condition>
<action>alert</action>
<path/>
</test>
<test uuid="311da6a1-b35b-4137-b52d-c114b000cdb1">
<name>SpaceUsage</name>
<type>SpaceUsage</type>
<condition>space usage is greater than 75%</condition>
<action>alert</action>
<path/>
</test>
<test uuid="4ef02271-56c6-4334-b756-a441b0d6b934">
<name>ChangedStatus</name>
<type>ProgramStatus</type>
<condition>changed status</condition>
<action>alert</action>
<path/>
</test>
<test uuid="6489b90f-5a20-40de-b182-0afa5124726c">
<name>NonZeroStatus</name>
<type>ProgramStatus</type>
<condition>status != 0</condition>
<action>alert</action>
<path/>
</test>
</monit>
<Syslog version="1.0.2">
<general>
<enabled>1</enabled>
<loglocal>1</loglocal>
<maxpreserve>31</maxpreserve>
<maxfilesize/>
</general>
<destinations/>
</Syslog>
<unboundplus version="1.0.9">
<general>
<enabled>0</enabled>
<port>53</port>
<stats/>
<active_interface/>
<dnssec>0</dnssec>
<dns64>0</dns64>
<dns64prefix/>
<noarecords>0</noarecords>
<regdhcp>0</regdhcp>
<regdhcpdomain/>
<regdhcpstatic>0</regdhcpstatic>
<noreglladdr6>0</noreglladdr6>
<noregrecords>0</noregrecords>
<txtsupport>0</txtsupport>
<cacheflush>0</cacheflush>
<local_zone_type>transparent</local_zone_type>
<outgoing_interface/>
<enable_wpad>0</enable_wpad>
</general>
<advanced>
<hideidentity/>
<hideversion/>
<prefetch/>
<prefetchkey/>
<dnssecstripped/>
<aggressivensec>1</aggressivensec>
<serveexpired/>
<serveexpiredreplyttl/>
<serveexpiredttl/>
<serveexpiredttlreset/>
<serveexpiredclienttimeout/>
<qnameminstrict/>
<extendedstatistics/>
<logqueries/>
<logreplies/>
<logtagqueryreply/>
<logservfail/>
<loglocalactions/>
<logverbosity>1</logverbosity>
<valloglevel>0</valloglevel>
<privatedomain/>
<privateaddress>0.0.0.0/8,10.0.0.0/8,100.64.0.0/10,169.254.0.0/16,172.16.0.0/12,192.0.2.0/24,192.168.0.0/16,198.18.0.0/15,198.51.100.0/24,203.0.113.0/24,233.252.0.0/24,::1/128,2001:db8::/32,fc00::/8,fd00::/8,fe80::/10</privateaddress>
<insecuredomain/>
<msgcachesize/>
<rrsetcachesize/>
<outgoingnumtcp/>
<incomingnumtcp/>
<numqueriesperthread/>
<outgoingrange/>
<jostletimeout/>
<cachemaxttl/>
<cachemaxnegativettl/>
<cacheminttl/>
<infrahostttl/>
<infrakeepprobing/>
<infracachenumhosts/>
<unwantedreplythreshold/>
</advanced>
<acls>
<default_action>allow</default_action>
</acls>
<dnsbl>
<enabled>0</enabled>
<safesearch/>
<type/>
<lists/>
<whitelists/>
<blocklists/>
<wildcards/>
<address/>
<nxdomain/>
</dnsbl>
<forwarding>
<enabled>1</enabled>
</forwarding>
<dots/>
<hosts/>
<aliases/>
<domains/>
</unboundplus>
<TrafficShaper version="1.0.3">
<pipes/>
<queues/>
<rules/>
</TrafficShaper>
<wireguard>
<client version="1.0.0">
<clients/>
</client>
<general version="0.0.1">
<enabled>0</enabled>
</general>
<server version="1.0.0">
<servers/>
</server>
</wireguard>
<Interfaces>
<neighbors version="1.0.0"/>
<vxlans version="1.0.2"/>
<loopbacks version="1.0.0"/>
</Interfaces>
<IDS version="1.0.9">
<rules/>
<policies/>
<userDefinedRules/>
<files/>
<fileTags/>
<general>
<enabled>0</enabled>
<ips>0</ips>
<promisc>0</promisc>
<interfaces>wan</interfaces>
<homenet>192.168.0.0/16,10.0.0.0/8,172.16.0.0/12</homenet>
<defaultPacketSize/>
<UpdateCron/>
<AlertLogrotate>W0D23</AlertLogrotate>
<AlertSaveLogs>4</AlertSaveLogs>
<MPMAlgo/>
<detect>
<Profile/>
<toclient_groups/>
<toserver_groups/>
</detect>
<syslog>0</syslog>
<syslog_eve>0</syslog_eve>
<LogPayload>0</LogPayload>
<verbosity/>
</general>
</IDS>
<captiveportal version="1.0.1">
<zones/>
<templates/>
</captiveportal>
<Gateways version="1.0.0">
<gateway_item uuid="7ff6df95-f59f-4d6f-8f0b-5866e5494032">
<disabled>0</disabled>
<name>WAN_GW</name>
<descr>WAN Gateway</descr>
<interface>wan</interface>
<ipprotocol>inet</ipprotocol>
<gateway/>
<defaultgw>0</defaultgw>
<fargw>0</fargw>
<monitor_disable>0</monitor_disable>
<monitor_noroute>0</monitor_noroute>
<monitor/>
<force_down>0</force_down>
<priority>255</priority>
<weight>1</weight>
<latencylow/>
<latencyhigh/>
<losslow/>
<losshigh/>
<interval/>
<time_period/>
<loss_interval/>
<data_length/>
</gateway_item>
</Gateways>
<Kea>
<ctrl_agent version="0.0.1">
<general>
<enabled>0</enabled>
<http_host>127.0.0.1</http_host>
<http_port>8000</http_port>
</general>
</ctrl_agent>
<dhcp4 version="1.0.0">
<general>
<enabled>0</enabled>
<interfaces/>
<valid_lifetime>4000</valid_lifetime>
<fwrules>1</fwrules>
</general>
<ha>
<enabled>0</enabled>
<this_server_name/>
</ha>
<subnets/>
<reservations/>
<ha_peers/>
</dhcp4>
</Kea>
<DHCRelay version="1.0.1"/>
</OPNsense>
<openvpn/>
<ifgroups version="1.0.0"/>
<staticroutes version="1.0.0">
<route/>
</staticroutes>
<vlans version="1.0.0">
<vlan/>
</vlans>
<laggs version="1.0.0">
<lagg/>
</laggs>
<virtualip version="1.0.0">
<vip/>
</virtualip>
<bridges>
<bridged/>
</bridges>
<gifs>
<gif/>
</gifs>
<gres>
<gre/>
</gres>
<ppps>
<ppp/>
</ppps>
<wireless>
<clone/>
</wireless>
<ca/>
<dhcpdv6/>
<cert>
<refid>66140e2f5c134</refid>
<descr>Web GUI TLS certificate</descr>
<crt>LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUhIakNDQlFhZ0F3SUJBZ0lVRzlsbm5ibEY1b0o2NUlYSDU4eXp1RGpVekIwd0RRWUpLb1pJaHZjTkFRRUwKQlFBd2dZa3hIVEFiQmdOVkJBTU1GRTlRVG5ObGJuTmxMbXh2WTJGc1pHOXRZV2x1TVFzd0NRWURWUVFHRXdKTwpUREVWTUJNR0ExVUVDQXdNV25WcFpDMUliMnhzWVc1a01SVXdFd1lEVlFRSERBeE5hV1JrWld4b1lYSnVhWE14CkxUQXJCZ05WQkFvTUpFOVFUbk5sYm5ObElITmxiR1l0YzJsbmJtVmtJSGRsWWlCalpYSjBhV1pwWTJGMFpUQWUKRncweU5EQTBNRGd4TlRNek1EUmFGdzB5TlRBMU1UQXhOVE16TURSYU1JR0pNUjB3R3dZRFZRUUREQlJQVUU1egpaVzV6WlM1c2IyTmhiR1J2YldGcGJqRUxNQWtHQTFVRUJoTUNUa3d4RlRBVEJnTlZCQWdNREZwMWFXUXRTRzlzCmJHRnVaREVWTUJNR0ExVUVCd3dNVFdsa1pHVnNhR0Z5Ym1sek1TMHdLd1lEVlFRS0RDUlBVRTV6Wlc1elpTQnoKWld4bUxYTnBaMjVsWkNCM1pXSWdZMlZ5ZEdsbWFXTmhkR1V3Z2dJaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQwpEd0F3Z2dJS0FvSUNBUURmaWV5ZXJmeHo5VVdsdmFTZ1RhdS9FWWVtVElaaDc3dE9BcnhoVGVmQVNZNHVCUlV2CiszUEhCVGhvbjRpdjVYZlFXTTlVUThXRW5NN1JpTGlYa2ExeTYvMTFTTWwxVExaT3pPOEQxTnhTSHFUU25ES2cKUTBBdGNzYm9NRHFzajNPZnJxUk1YV1RWMHRDd0lTcVNSdzhNRUtnL01DVzY2WEtzTVNOUytvbEgzU2I5MnppYQoxaEM1eEV6K3YyTzdTd0pCZEVxTHdiSldwYTRHUlVGbWRxOVpVTWd2ZTVkSUFTVWVWTUVvNXA3b3hGYnhjcGhZCmlGNlZYY3VHTjMvaG4xSkNUSlV1Snc1Q0lpY29hRGlNRkEyeGI0eUwzUUxVQTUzcU9BNkVoTkw2aUpNdnVoVnoKcGdoejFwK3A2V1drKzdaYzlKYVVDODJBUks3eHJYL21RS21IM2JlMWlWTUY1eDFlSzZBSmppQzhNbVJ2cWlvbgoybnFwMStYZTlvK0xLUkZEeGZGT2hxYUJxYWQ4TkM3bWlITnRzVmxkOU1RSkZPcHdiVDNpbitrcFVnb3RGZlNCCnBraWVTVXVFQ0VaN0tGd0Z5eWlmc0JPWUhIV1U2R3dyQ3FheXJCZy9NcUF3NkxCaGphVVg4R2lLSTZOc1RDWWUKN0xyVk9aZFZUZnlVYTRPRjViNCtTWSt4QUJKWWg2UGgvUS9uZWZobUNNMUt0Ym1CK2F5RmJidGluK3o5aUpoUQpPREkzTmE1TVlYS1QvelVHVHEwVXZJRTBpR1lhM1RHdXc4TmZEWnFTcDZYWXV4Yy9DTk4zdHFhVDRtV21ncVZuClpTRHRHSjVEWDBnVG9jSkxXUllZUW53eVJMNHZwQlNnR2FYcVAxMmdESTNrWmhXNHJzeldWVTJGSVFJREFRQUIKbzRJQmVqQ0NBWFl3Q1FZRFZSMFRCQUl3QURBUkJnbGdoa2dCaHZoQ0FRRUVCQU1DQmtBd05BWUpZSVpJQVliNApRZ0VOQkNjV0pVOVFUbk5sYm5ObElFZGxibVZ5WVhSbFpDQlRaWEoyWlhJZ1EyVnlkR2xtYVdOaGRHVXdIUVlEClZSME9CQllFRk1teXlmVURMRzRsZUlvdTQxMzdPcGtDKzVBY01JR3pCZ05WSFNNRWdhc3dnYWloZ1kra2dZd3cKZ1lreEhUQWJCZ05WQkFNTUZFOVFUbk5sYm5ObExteHZZMkZzWkc5dFlXbHVNUXN3Q1FZRFZRUUdFd0pPVERFVgpNQk1HQTFVRUNBd01XblZwWkMxSWIyeHNZVzVrTVJVd0V3WURWUVFIREF4TmFXUmtaV3hvWVhKdWFYTXhMVEFyCkJnTlZCQW9NSkU5UVRuTmxibk5sSUhObGJHWXRjMmxuYm1Wa0lIZGxZaUJqWlhKMGFXWnBZMkYwWllJVUc5bG4KbmJsRjVvSjY1SVhINTh5enVEalV6QjB3SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQ0FJQwpNQXNHQTFVZER3UUVBd0lGb0RBZkJnTlZIUkVFR0RBV2doUlBVRTV6Wlc1elpTNXNiMk5oYkdSdmJXRnBiakFOCkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQXBDUGxuUFpncHc2L2VSaWtSRDlaeVE4My9kZVNWelIxU3ZQSnl6MmQKTTkyaEk0bXU0Z1RKdmczQzg5KzZMRVNjeW51K2tIeTE2dG1SSTlwU0loZUlTK1RQRmt6Mk85dUJoUWc3RnVLQwp4NGJpU1VvcmxYQVMybFBIczBwU0lVRlJRL0Y1UlVxUytTZlpwZWJHSEtNTWFDNU1WV3NuZlgyTmJ3bnJkUmgvClJqczdKRFRia2drWHZSYUtQRDNwOXo5Vi9tT2tQTkIyOXFYUnhhMDlWSWhhU2sxMkdaaC9NWTNZMlpYUjJqOFgKZloxQVdyL1JJSFNpbHNzdlVFTEpLcm44Y1NjbVZvY00vdXdHNy9NaEg2cER1bXVrd2s5Q2dVQklnVUhnZjB1eAp0bFBGUWxmc2tHQU9DcW5OYXVvdkhHREVlWTBNeDRwaUVVUklpc2pEK1JlV2E1Vit3a2EwQ3FjY0hUOUk1c0hpCkYvZTQ3MkxFVGh2RjlYdzBJQVgzNUNxNStCTTRiTk5FSFlhL1ZOb1g5MVlFeEwwNFJoV3NzYlExREpGZ0xQbXgKb1MrenV5TmNKNDRJaFdwTERwNUZnaStFSEtwVWg2R1Q4TXVZaGEzSUJXeHV1N0V4dnh5U1pmRUMyRVNpSnN1RQpSZlJscHlPZmZKREdXYytaZHk2aVpFb3VqM3FiMUpxbXJ4ZWtoWHhzVmg2U1d1bFpmY3IwcytYL0NzMUEvQWRECjNPVGpkbjVhaFlybnF1STJ6VzBkQ0tlbFJNUnNpOXdwakFlakRQRE1JQnJBK3l0ajRoQmVYMGxtdUtCbGF4b3YKc213d3JFSXZxTElSK1YwdjdCSFl4Q2tvNi9lOEVKUERLdFRnYk0xRHlzS0krOTdkQmRqMk4rekxjcS83dFBvTQpFSUU9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K</crt>
<prv>LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUpRUUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQ1Nzd2dna25BZ0VBQW9JQ0FRRGZpZXllcmZ4ejlVV2wKdmFTZ1RhdS9FWWVtVElaaDc3dE9BcnhoVGVmQVNZNHVCUlV2KzNQSEJUaG9uNGl2NVhmUVdNOVVROFdFbk03UgppTGlYa2ExeTYvMTFTTWwxVExaT3pPOEQxTnhTSHFUU25ES2dRMEF0Y3Nib01EcXNqM09mcnFSTVhXVFYwdEN3CklTcVNSdzhNRUtnL01DVzY2WEtzTVNOUytvbEgzU2I5MnppYTFoQzV4RXordjJPN1N3SkJkRXFMd2JKV3BhNEcKUlVGbWRxOVpVTWd2ZTVkSUFTVWVWTUVvNXA3b3hGYnhjcGhZaUY2VlhjdUdOMy9objFKQ1RKVXVKdzVDSWljbwphRGlNRkEyeGI0eUwzUUxVQTUzcU9BNkVoTkw2aUpNdnVoVnpwZ2h6MXArcDZXV2srN1pjOUphVUM4MkFSSzd4CnJYL21RS21IM2JlMWlWTUY1eDFlSzZBSmppQzhNbVJ2cWlvbjJucXAxK1hlOW8rTEtSRkR4ZkZPaHFhQnFhZDgKTkM3bWlITnRzVmxkOU1RSkZPcHdiVDNpbitrcFVnb3RGZlNCcGtpZVNVdUVDRVo3S0Z3Rnl5aWZzQk9ZSEhXVQo2R3dyQ3FheXJCZy9NcUF3NkxCaGphVVg4R2lLSTZOc1RDWWU3THJWT1pkVlRmeVVhNE9GNWI0K1NZK3hBQkpZCmg2UGgvUS9uZWZobUNNMUt0Ym1CK2F5RmJidGluK3o5aUpoUU9ESTNOYTVNWVhLVC96VUdUcTBVdklFMGlHWWEKM1RHdXc4TmZEWnFTcDZYWXV4Yy9DTk4zdHFhVDRtV21ncVZuWlNEdEdKNURYMGdUb2NKTFdSWVlRbnd5Ukw0dgpwQlNnR2FYcVAxMmdESTNrWmhXNHJzeldWVTJGSVFJREFRQUJBb0lDQUFYTU1qaWdXeFNYMXkxWUNKSEd5ZTVMCjhsaDRFaUV1b2sxQTZXbGRwNlhYVW9wemc4dnBpZVJ1eUhxQUxyK2ZKRGNoWW9rMU04Vi9lcWE1Rk02TGp2UFUKMW85STZyNngxV1dnVDQrcUlPZTVWejJHSXhNQWc0VGFQZm51TEV0bThoRUJhczMzT3lNSGszV0orcXh1RHVBWgplMytlREZCM2R3dXJ2NWFLbkc1aWVEMHJ4eUZPN1lLZjZuNU44UFI5MnNwZlRZS243S3Z1SXFBVGdrRjUwUXp3Ck9TendGK21jYS8zSUpYVmQyOSsrSGVJbnZuZEhYQ3FrRXVBQmh2M1BUOGNiN04rVVVEeWJYYWdnNGR5U05aTzEKU0xBazlJcVNxSEVYY0pyenhmUU5BRUpENFlRTkdabUZoc0VWcGxiNzEwdzhaTDVrdXZqNWJ3OGlHSmZjYy9rZgpkdTRqT3RpbkgwRitoUFl0cmhDbDZ5QzlCckJiRmoxNUVYN01yM2xBMFdhSTFmdTVvdk1EZHpMZFY0a1NVQzhKCkR1VkhjS0s1UXpQN2xIc1ZXN2V2OVlQQlhYaFFXdWRwWEw0cmc4ZWF2eUhmTVdRakVUWFcraUFYZk0zMldBMWYKRUJBSHVWMHFLa0F1bUNYcXZTdXEzRXpBZkY4bWlmblA3MVRWQXdwVWJlNFM5ZDZUQVQrSW5hSlNpUU0waEtmUQpack44SFB2OEF2ME8xZHdvaGI3ZEVYZFdlNFZxcFJ3WGw0WG9CL2o1MHRObE12T1hKUHdxT1RhelVSR0RSWEFwClkwaWV4VUdvQVIxbzhad1dSU29pK3U3VDdjSnNzNXB0VHgwaGp5MHowcXVRRFVkYS8wOHdLUlRxMmRINVU0OTMKUHQvTENXSWNvWFIwZC9CQngwUzFBb0lCQVFEM0V6WWRTamtBcjN6UFlSMlo1dERQNUtmeHNLWlNoTWg5MkhhMworY0NFNkxheHd2NWFZYmNYcXFyU1dydjJmZ3FLc0p6a1Brb3dEaUNUZjJ0N2orRGRzd2p3TjNJWkd6UzVDZzVwCjlZc1pEbm9xd0tRRnd0akIyNEdWYndLY1Z3SE1tVWt5V2cyZVM5bmk0QncyZDJ0dnIwcVlVK1g4ZFNIUUZXUFoKYzZwV25YT3V5Mmw3dEpORFI5cThxcDVkcFBsR0JpZ05Va1dBNlk0ejJqeHQ0dnZMM29KelFBMnpqUEgwWWJrdQp5cHQzTytldVZ3RHFORU9NeWJHTmgyWWcyejQzNldLVmNqRWY5UC9hQUliMnl1SExPNHF4RGFqbGZLQTNVYStMCjlsZWlDZEY5S2hpeHYvYndPejdTaTNEWnF4TVpQOGp0V1V6NEorZnFlOFg2ZW14OUFvSUJBUURublJDV0dFRncKalgyd3EyZ2NadzJkQzRYaGM1ekFBcitiTWphMFB2bFMvbkNuTml4aWlaaitudm05VnZKZ3E2WVBscXJ6RjBrMQpFbGdYYktqSzEwTUJnZGc0WVZtSEMzd2ZzRmRyZmlQNmp1NGRURUk3aHQ1R3NGci9hbTd1amNrSFY2TThNZmtLClB0TTR0U3JpWjcxZHhaTjdzMEJlbk8wNDZnTXM4RlVPcFp3QWd1d3E3QmQ0VURSKzA4MGdHUHh0VTVkY0k3QnoKYnNLcG9jb2d1d01kV3FxSWk1aDBPWitxanZUdms5TmNjRjYrdFJHcExDeTB4RjlLZ1FFb2dXd05uVTVWNjNLegoxS2hnRzdmZjNOYmE4by8xelNoWWplQ3VBcGxmT2tabzhPODU5dHN3WlNhcDFFdlZ3VHp1OGovUWptcHVxZHRqCjUwQkVpaS9ERkxCMUFvSUJBRnRmcW5xb2tXNDBlRGNGbG5udFI3b3F1UVdFSys2R2x0TWJzOFFVUkdPaTRMWGIKQkZBT3BUVEdkRWc1TUJ4WHZyUk4zcWYyZFY5U1NpL2lSckM2cEJHNWZZdkJKWnd0V0pFNks5eDU1NGhMdDFpSwpSOTZ0a1pZWUJOTnI2NDVBQ3pWTVZ5cWM3VDVtbE56M3Z0ZFIwTlRNQWcxVnNjOXN6aVZ6VTZyK3dMY3BvYmU2CkdIZWNiMzNKWEJhOERyZFpKS3NGNmRnTFhoTHZ6UnhXRUZVZlJibSt2NFc1NFpkT2Y4aStQMHNUdU8wZXBXN3YKVkRKSlE5WVVYV3FXOFdralM5NUhuS0xpU1ZLbE85MjJwak10RXRZalhnWmVvK0RDOTBtZUZ3cnUvcmU1WTlVagpOV0MvT3FiYmNqOVJQRm56ajZ1ZDBFUWU2MzAyM09qMS8yREQxODBDZ2dFQVpNUjM3K1Z6cXlWVDl1Wk1NSGRCCmUvOEVhM2NpVG9Pam0wRDRmZWtjRGxpMjZIandUSnF5M3F5SjJTK1gyaWt6NFhwYXU5SjR2a2RSM2pjZkpNa00KMVA0SjlWV2RYdHpIVHY0b3VwS3gwcFFXMHRaWHhwQkI2cDFWcWVSRGlUUlVyd1lZOWRxRUVFb1BHWS93clhvVwo4RkpDZlVJYWtrOVNBajRGemFwdVJ5WVVQa0Mzd1dEZ1FTOGI5OFhzYTdlVE0zbDMwOVdQTWxtUkJiNW5NMkJKCjFaNlpyVGlXeHBJL2ZqUWVLcEcxRm5XcE11MlNWbmpxcG1iOVVtdlg5aWlBdTFlaU9rMXFwUVN6a01UZWRkNGQKK0RvcUdmWDlSTEhOZThlVHROT2t5SWx5ZTFTRVBvVHprbFhUL0piTERPYUdqeFUzQnhpTlkrUzdtRlpLdTJRbgo5UUtDQVFBeElTa1NrdjgrYTQrclh1TWVBMFFOL2xQMms4R0Y1dlJEYnc2QStjeVJicTlEdG1Lb285M0h2V3ZiClpXRjREdTVVNGdZam1WbkZZVDZaL1hJMUs2NUQvVzV1ejZlcFJtcGQ5T1VwbDZJczRHbDhqUXNESG5obkFWeVEKSmNydXMxRDIwdTA2NnB6U2VlQkFYSTN1elkxeThCeHJxQjYyRSs3ZlFSR1hjZ01BOU16blVhc01EemVEdkRVSQpyd2J2OUIvcEw5endWSzRPZGJ5ZHZHcnU1YU95cEZRaUtCcHhqWVVQMXZQM2UxZnFBWUowZzRNR1Mrb3Fwd0h6CmNXZUZxYVllQ2ZkYXhUNUg4WEhzMHlvQXU4d0JmVTVDcEs0S2JUUFVMR3RCYU43LzRib20rZk1jTmp3NGd4ODMKWG5Zd0s3YjdJT3pkQXlNTDZwWlBpeHR5NlNiUwotLS0tLUVORCBQUklWQVRFIEtFWS0tLS0tCg==</prv>
</cert>
<syslog/>
<installedpackages>
<miniupnpd>
<config>
<enable>1</enable>
<enable_upnp>1</enable_upnp>
<enable_natpmp>1</enable_natpmp>
<ext_iface>wan</ext_iface>
<download/>
<upload/>
<overridewanip/>
<overridesubnet/>
<stun_host/>
<stun_port/>
<permuser1/>
<permuser2/>
<permuser3/>
<permuser4/>
<permuser5/>
<permuser6/>
<permuser7/>
<permuser8/>
<iface_array>lan</iface_array>
</config>
</miniupnpd>
</installedpackages>
</opnsense>
Reference in New Issue View Git Blame Copy Permalink