opnsense Disable the pf ftp proxy handler. debug.pfftpproxy default Increase UFS read-ahead speeds to match current state of hard drives and NCQ. More information here: http://ivoras.sharanet.org/blog/tree/2010-11-19.ufs-read-ahead.html vfs.read_max default Set the ephemeral port range to be lower. net.inet.ip.portrange.first default Drop packets to closed TCP ports without returning a RST net.inet.tcp.blackhole default Do not send ICMP port unreachable messages for closed UDP ports net.inet.udp.blackhole default Randomize the ID field in IP packets (default is 0: sequential IP IDs) net.inet.ip.random_id default Source routing is another way for an attacker to try to reach non-routable addresses behind your box. It can also be used to probe for information about your internal networks. These functions come enabled as part of the standard FreeBSD core system. net.inet.ip.sourceroute default Source routing is another way for an attacker to try to reach non-routable addresses behind your box. It can also be used to probe for information about your internal networks. These functions come enabled as part of the standard FreeBSD core system. net.inet.ip.accept_sourceroute default Redirect attacks are the purposeful mass-issuing of ICMP type 5 packets. In a normal network, redirects to the end stations should not be required. This option enables the NIC to drop all inbound ICMP redirect packets without returning a response. net.inet.icmp.drop_redirect default This option turns off the logging of redirect packets because there is no limit and this could fill up your logs consuming your whole hard drive. net.inet.icmp.log_redirect default Drop SYN-FIN packets (breaks RFC1379, but nobody uses it anyway) net.inet.tcp.drop_synfin default Enable sending IPv4 redirects net.inet.ip.redirect default Enable sending IPv6 redirects net.inet6.ip6.redirect default Enable privacy settings for IPv6 (RFC 4941) net.inet6.ip6.use_tempaddr default Prefer privacy addresses and use them over the normal addresses net.inet6.ip6.prefer_tempaddr default Generate SYN cookies for outbound SYN-ACK packets net.inet.tcp.syncookies default Maximum incoming/outgoing TCP datagram size (receive) net.inet.tcp.recvspace default Maximum incoming/outgoing TCP datagram size (send) net.inet.tcp.sendspace default Do not delay ACK to try and piggyback it onto a data packet net.inet.tcp.delayed_ack default Maximum outgoing UDP datagram size net.inet.udp.maxdgram default Handling of non-IP packets which are not passed to pfil (see if_bridge(4)) net.link.bridge.pfil_onlyip default Set to 1 to additionally filter on the physical interface for locally destined packets net.link.bridge.pfil_local_phys default Set to 0 to disable filtering on the incoming and outgoing member interfaces. net.link.bridge.pfil_member default Set to 1 to enable filtering on the bridge interface net.link.bridge.pfil_bridge default Allow unprivileged access to tap(4) device nodes net.link.tap.user_open default Randomize PID's (see src/sys/kern/kern_fork.c: sysctl_kern_randompid()) kern.randompid default Maximum size of the IP input queue net.inet.ip.intr_queue_maxlen default Disable CTRL+ALT+Delete reboot from keyboard. hw.syscons.kbd_reboot default Enable TCP extended debugging net.inet.tcp.log_debug default Set ICMP Limits net.inet.icmp.icmplim default TCP Offload Engine net.inet.tcp.tso default UDP Checksums net.inet.udp.checksum default Maximum socket buffer size kern.ipc.maxsockbuf default dev.netmap.buf_num 1000000 Automatically added by Zenarmor: Max NETMAP buffers conservative hellfire home admins System Administrators system 1999 0 2000 user-shell-access page-all root System Administrator system admins $2b$10$fEJUP7gNN.UAaGQIL1zyKeuviU4nAFIfrOH9BlU83MiQxXXACEDOm 0 c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSUVjRmpLT0MrVFdMdXJVL3EvSlFVYk1QMEFmTmFVVFdXWGUyenk4QkRzMnYgbWF0dGhld0BzaGlsbGFtLm1lLnVr $2y$10$5Slr/aP9jkfFVhcZ8ESpau6AuvXbthuNpKOXOVh7GbEqnDk3SINCW user mshillam Matthew Shillam c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSUVjRmpLT0MrVFdMdXJVL3EvSlFVYk1QMEFmTmFVVFdXWGUyenk4QkRzMnYgbWF0dGhld0BzaGlsbGFtLm1lLnVr matthew@shillam.me.uk 2000 5a75bd345a2ac /bin/csh $2y$10$/OwZwl6x4KSv7Dy88C1Vf.fAS98kQy7nEyKLTwx913DlsSQOQIcm6 user homeassistant Home Assistant 2001 dl9j7B6Qc9oNA7KesEGNm7UKb5WX7N+f/e0wOV2cDo7HYLwNAg2QC05uxy9+XqXdmZAlB1/nwpjYjrCx $6$$.sQAwbMl0hDQdkyM0JIPxLWc8LLd8npnZ.6ddC2VhghMiRR9x0u5XDLJ6EqnJ0HYo25.FuH0cCrN4IWOmiohL1 2002 2000 Europe/London 0.opnsense.pool.ntp.org 1.opnsense.pool.ntp.org 2.opnsense.pool.ntp.org 3.opnsense.pool.ntp.org http

6076e25ed3bf1

Local Database

1 1 1 1 hadp hadp hadp monthly 1 60 1 1 en_US 8.8.8.8 1.0.0.1 1.1.1.1 8.8.4.4 1 none none none none none none none none basic 1 https://nextcloud.nabble.co.uk mshillam a8r67h3XXiuB4Y OPNsense-Backup 1 https://gitea.shillam.me.uk/mshillam/hellfire.git master mshillam TWi7mE9rrxzXam yes 115200 video 1 enabled 1 admins 1 https://mirror.dns-root.de/opnsense os-sunnyvalley,os-sensei,os-redis,os-ntopng,os-theme-rebellion,os-theme-vicuna,os-theme-cicada,os-speedtest-community,os-sensei-updater,os-zabbix-agent,os-upnp,os-git-backup,os-wireguard,os-ddclient aesni 1 1 igb0 1 192.168.0.1 16 1 Loopback 1 lo0 127.0.0.1 ::1 8 128 none 1 igb1 1 1 1 dhcp

SavedCfg

1 1 wireguard WireGuard (Group) group 1 vlan01 Vlan1 1 10.0.0.1 24 1 hmac-md5 192.168.250.1 192.168.250.254 9c:c9:eb:d6:da:a6 192.168.0.3 ng-sw-8p-bedroom Netgear 8 Port Switch Bedroom - GS308T a0:63:91:b7:e2:14 192.168.0.4 ng-sw-24p-office Netgear 24 Port Switch - Office - GS724Tv4 44:d9:e7:ff:7c:0b 192.168.0.5 sw-ub-24p-shed Ubiquiti Switch - 24 Port - Shed - Edgeswitch Lite 44:d9:e7:ff:7c:47 192.168.0.6 sw-ub-24p-shed-2 Ubiquiti Edgeswitch Lite - Shed - For Gluster 42:4c:fa:d9:11:0e 192.168.0.21 zabbix Zabbix Monitoring 7a:fd:90:ae:6b:e5 192.168.0.30 docker Docker test system 66:48:46:cb:a3:08 192.168.0.31 cloudserver Cloudserver.io Web hosting 46:0e:b7:b7:39:c5 192.168.0.32 fastpanel da:c7:4a:53:59:fb 192.168.0.33 git ee:e6:5b:54:ce:b1 192.168.0.40 mail Mailcow Docker deployment a2:c1:4a:ca:c9:1d 192.168.0.41 vitalpbx 88:66:5a:15:8a:9a 192.168.1.10 MatBook-Pro New Macbook Pro 16" 80:2a:a8:89:1b:0a 192.168.2.2 unifi-ap2 Shed 80:2a:a8:49:cd:f4 192.168.2.3 unifi-ap Ubiquiti Access Point 1 44:d2:44:25:f9:47 192.168.2.5 epson-xp-790 Epson XP790 Printer b8:e8:56:46:70:50 192.168.2.6 nikita-macbook Nikitas Macbook Pro cc:44:63:93:53:83 192.168.2.7 mat-ipad-pro Mats iPad Pro 80:b0:3d:ea:e3:7a 192.168.2.8 mat-iphone-x Mats iPhone X 1c:36:bb:7d:8a:c0 192.168.2.9 mat-apple-watch-v3 Mats Apple watch v3 b8:09:8a:c0:83:ad 192.168.2.10 mat-imac-sophys-room Mats iMac 5k - Sophys room d0:3f:aa:1e:28:4f 192.168.2.11 mats-iphone-11-pro Mats iPhone 11 Max Pro b8:09:8a:44:71:1f 192.168.2.12 mat-hackintosh Mats hackintosh c0:a5:3e:e3:71:f5 192.168.2.20 katie-apple-watch-v3 Katies Apple watch v3 84:ad:8d:bf:12:4a 192.168.2.21 katie-iphone-x Katies iPhone X bc:09:63:95:eb:84 192.168.2.22 katie-iphone-11-pro-2 74:75:48:22:b8:0d 192.168.2.31 firetv-bedroom Fire TV Bedroom cc:b1:1a:a5:15:c6 192.168.2.32 samsung-tv-downstairs Samsung TV downstairs 10:09:f9:7a:c1:57 192.168.2.33 firetv-cube-front-room FireTv Cube - Front Room 1c:9e:46:08:a1:25 192.168.2.40 jessica-ipad-mini Jessicas iPad Mini c0:d0:12:9b:d2:e3 192.168.2.41 jessica-iphone-7 Jessicas iPhone 7 + 1 68:db:f5:bc:0d:b9 192.168.2.42 jessica-echo-dot Jessicas Echo Dot a0:02:dc:79:4b:50 192.168.2.43 jessica-fire-tv fa:80:c0:9c:05:63 192.168.2.44 savannah-phone 42:a1:19:f7:55:36 192.168.2.50 david-ipad Davids iPad 40:83:1d:67:b9:34 192.168.2.51 david_iphone_7_plus Davids iPhone 7 + 08:12:a5:40:1a:1c 192.168.2.52 david-echo-dot Davids Echo dot 1 da:e7:32:78:34:a0 192.168.2.53 david-iphone-11 74:df:bf:64:83:87 192.168.2.61 nikita-laptop Nikita Ideapad Lenovo Laptop bc:fe:d9:82:78:69 192.168.2.62 nick-iphone Nicks iPhone 1 40:83:1d:4f:3c:b4 192.168.2.64 nikita-new-iphone Nikitas New Phone 60:5b:b4:8f:77:07 192.168.2.65 nikita-ps4 Nikitas PS4 30:9c:23:64:61:f4 192.168.2.66 nikita-pc Nikitas NEW PC 78:88:6d:7f:5d:f8 192.168.2.70 sophy-iphone Sophys iPhone 14:cc:20:27:fb:44 192.168.2.73 tplink-usb USB TPlink Wifi f4:06:16:7f:d0:da 192.168.2.87 iPhone albert-iphone-xr 28:c5:38:84:28:ae 192.168.2.94 Louis-iPhone Louis iPhone 13 Pro Max f0:08:d1:d3:f9:bc 192.168.2.100 esp_office_propagator ESp32_1 Office Propagator dc:4f:22:7a:de:02 192.168.2.110 inkbird1 Inkbird Controller 1 84:d8:1b:8b:68:be 192.168.2.111 tp-link-smart-3way-1 TP Link Smart 3way switch - 1 b4:85:e1:1c:a3:91 192.168.3.4 katie-iphone-12 Katies iPhone 12 ( White ) fe:31:b9:21:40:2b 192.168.10.1 kali KaliLinux d2:ce:92:32:4b:0e 192.168.20.6 pbx Original PBX Server 22:ba:b6:ce:41:1d 192.168.20.32 gluster-proxy Gluster Proxy b4:7a:f1:a7:13:86 192.168.20.51 g1 Gluster1 b4:7a:f1:3c:79:5e 192.168.20.52 g2 Gluster2 5c:ba:2c:2c:06:60 192.168.20.53 g3 Gluster 3 5c:ba:2c:2b:f2:68 192.168.20.54 g4 Gluster 4 f8:0f:41:fc:09:bb 192.168.20.120 gluster1 Gluster OLD Server1 f8:0f:41:fc:13:76 192.168.20.121 gluster2 Gluster OLD Server2 00:8c:fa:09:75:5d 192.168.20.122 gluster5 Gluster OLD Server 5 00:8c:fa:09:7c:f5 192.168.20.123 gluster6 Gluster OLD Server 6 10:52:1c:64:5b:18 192.168.32.2 esp32_2 ESP32 2 ( Shed staging area dc:4f:22:4d:9d:23 192.168.32.50 dmxgo 84:f3:eb:64:8c:d3 192.168.32.101 energy_1 Energy socket 1 b4:e6:2d:1e:68:18 192.168.32.102 energy_2 Sheds Main heater socket for Stagins Area b4:e6:2d:1e:1e:84 192.168.32.103 energy_3 bc:dd:c2:e3:52:ab 192.168.32.104 energy_4 24:a1:60:17:02:29 192.168.32.105 energy_5 Energy 5 c4:dd:57:04:19:1f 192.168.32.106 energy_6 c4:dd:57:04:6c:61 192.168.32.107 energy_7 3c:61:05:12:ee:28 192.168.32.200 esp32_poly 80:45:dd:46:00:69 192.168.32.211 Sophy-Work-Laptop 00:e0:67:06:e1:90 192.168.32.250 viperfire 44:8a:5b:58:29:d2 192.168.33.1 albert-pc-2 44:39:c4:3a:4f:2e 192.168.50.1 gandalf Gandalf - Proxmox 1 44:39:c4:50:2e:7f 192.168.50.2 golem Proxmox 2 44:39:c4:50:2b:5e 192.168.50.3 gumball Gumball - Proxmox 3 9c:b6:54:bb:f5:5d 192.168.50.10 gimp Proxmox - Testing box 78:2b:cb:66:32:ff 192.168.50.11 gimboid Gimboid - Proxmox Server 38:ea:a7:a1:04:6f 192.168.50.100 bilbo TrueNas 1 48:df:37:2d:25:60 192.168.50.101 dumbledore Truenas Proxmox Management link 74:ab:93:3f:0c:73 192.168.69.1 blink-sync 74:ab:93:55:b0:d9 192.168.69.2 blin-cam1 62:0d:c3:83:cf:f0 192.168.100.1 modem modem ac:87:a3:21:9d:31 192.168.100.10 iMat-5K Mats iMac 5K 1 ce:9b:5c:bc:1d:be 192.168.100.13 ha HomeAssistant Proxmox 1 b4:2e:99:a1:67:fa 192.168.100.20 mat-hackintosh Mats Hackintosh 1 bc:6e:76:01:97:a4 192.168.100.30 cosy-heating 9c:b6:54:06:78:52 192.168.100.49 media2 Media 2 - ( GLUSTER ) 1 00:bb:3a:97:1b:1f 192.168.100.50 firetv-front-room Front room FireTV 1 b0:da:f9:52:7c:59 192.168.100.51 virgin-media-tivo Virgin Box 5c:49:7d:20:fd:58 192.168.100.52 samsung-frontroom Samsung TV front room 1 04:42:1a:95:50:52 192.168.100.60 louis-pc Louis PC 1 1c:1b:0d:e6:4f:6c 192.168.100.61 david-pc Davids PC 1 1c:1b:0d:34:8c:b0 192.168.100.66 jessica-pc Jessicas PC 1 00:1c:bf:85:f7:ec 192.168.100.67 jesslaptop 0c:fe:45:63:29:c0 192.168.100.70 nikita-ps4-wired Nikitas PS4 Wired 1 b0:7f:b9:43:a5:ac 192.168.100.79 albert-netgear-wireless Alberts Wireless Netgear 04:d9:f5:1d:bd:3c 192.168.100.80 albert-pc Alberts PC 2c:f0:5d:e4:da:a2 192.168.100.81 audioz Mats Audio PC - Ryzen 2c:f0:5d:89:1c:f6 192.168.100.82 albert-new-pc Alberts new pc d8:bb:c1:45:b1:c0 192.168.100.83 alberts-latest-pc 40:a2:db:13:a0:b5 192.168.100.84 albert-firetv-cube 08:12:a5:42:d0:90 192.168.100.85 jess-firetv-cube 0c:ee:99:61:03:5b 192.168.100.86 david-firetv-cube 1 hmac-md5 10.0.0.200 10.0.0.254 1 1 1 1 public 1 1 1 1 1 hybrid 192.168.0.41/32 1 wan inet mshillam@192.168.2.6 1535550092.5563 /firewall_nat_out_edit.php made changes wanip 1 1 mshillam@192.168.1.10 1645397261.9664 /firewall_nat_out_edit.php made changes tcp inet Home Assistant

nat_603e4caf9744d4.12162657

192.168.100.13

8123

1 wanip 8123 mshillam@192.168.2.6 1614695599.6197 /firewall_nat_edit.php made changes mshillam@192.168.2.6 1614695599.6198 /firewall_nat_edit.php made changes tcp wan inet

nat_61d0e26867ca51.69694975

192.168.0.30

443

1 wanip 443 mshillam@192.168.1.10 1641079422.8387 /firewall_nat_edit.php made changes mshillam@192.168.1.10 1641079400.4252 /firewall_nat_edit.php made changes tcp wan inet

nat_61d0e2981ea0b4.36316537

192.168.0.30

1 wanip 80 mshillam@192.168.1.10 1663056703.8121 /firewall_nat_edit.php made changes mshillam@192.168.1.10 1641079448.1255 /firewall_nat_edit.php made changes tcp wan inet

nat_63970e309636f5.96868671

192.168.0.40

1 wanip 80 mshillam@192.168.1.10 1670843952.6153 /firewall_nat_edit.php made changes mshillam@192.168.1.10 1670843952.6153 /firewall_nat_edit.php made changes 1 tcp wan inet

nat_61e172ee5e2db6.55417174

192.168.0.32

2122

1 wanip 2122 mshillam@192.168.1.10 1642164974.3858 /firewall_nat_edit.php made changes mshillam@192.168.1.10 1642164974.3858 /firewall_nat_edit.php made changes tcp wan inet

nat_61f1358acec6d1.41516685

192.168.20.32

59349

1 wanip 59349 mshillam@192.168.1.10 1643197834.847 /firewall_nat_edit.php made changes mshillam@192.168.1.10 1643197834.847 /firewall_nat_edit.php made changes tcp wan inet

nat_61d9abe437c253.03770640

192.168.0.40

MAIL_PORTS

1 wanip MAIL_PORTS mshillam@192.168.1.10 1641655268.2285 /firewall_nat_edit.php made changes mshillam@192.168.1.10 1641655268.2285 /firewall_nat_edit.php made changes tcp/udp wan inet

nat_61ddd885a87c13.07466954

192.168.0.41

5060

1 wanip 5060-5082 purenat mshillam@192.168.1.10 1642098764.4328 /firewall_nat_edit.php made changes mshillam@192.168.1.10 1641928837.6902 /firewall_nat_edit.php made changes udp wan inet

nat_61ddd973cb6413.87351681

192.168.0.41

10000

1 wanip 10000-20000 purenat mshillam@192.168.1.10 1642098751.6138 /firewall_nat_edit.php made changes mshillam@192.168.1.10 1641929075.8331 /firewall_nat_edit.php made changes block lan,wan inet6 keep state Block all IPv6 and Do NOT log any yes 1 1 1 mshillam@192.168.1.10 1640653744.3777 /firewall_rules_edit.php made changes root@192.168.2.6 1517661056.9788 /firewall_rules_edit.php made changes block lan,wan inet46 keep state Block Malicious IP's any malware yes 1 1 1

UT_malicious_ips

mshillam@192.168.1.10 1645457378.7744 /firewall_rules_edit.php made changes mshillam@192.168.1.10 1645457378.7744 /firewall_rules_edit.php made changes block wan inet keep state in yes 1 1

178.208.164.0/22

1 mshillam@192.168.1.10 1664719936.5096 /firewall_rules_edit.php made changes mshillam@192.168.1.10 1664719936.5096 /firewall_rules_edit.php made changes block wan inet keep state in yes 1 1

178.208.172.0/22

1 mshillam@192.168.1.10 1664730543.8147 /firewall_rules_edit.php made changes mshillam@192.168.1.10 1664730543.8147 /firewall_rules_edit.php made changes pass lan inet keep state Allowing all Jessicas Devices 8am_12pm_7days any yes 1

jessica_devices

1 mshillam@192.168.2.8 1597023302.5007 /firewall_rules_edit.php made changes mshillam@192.168.2.6 1589546925.423 /firewall_rules_edit.php made changes 1 pass lan inet keep state Allowing all Davids Devices 8am_12pm_7days any yes 1 1

david_devices

1 mshillam@192.168.1.10 1643201222.3983 /firewall_rules_edit.php made changes mshillam@192.168.2.6 1589546960.9538 /firewall_rules_edit.php made changes block lan,wan inet keep state any yes 1 1

192.168.100.52

1 mshillam@192.168.100.81 1671395530.9826 /firewall_rules_edit.php made changes mshillam@192.168.1.10 1649875469.8912 /firewall_rules_edit.php made changes 1 pass lan inet keep state Allow all essential devices in yes 1

essential_devices

1 mshillam@192.168.1.10 1654128038.6972 /firewall_rules_edit.php made changes mshillam@192.168.2.6 1589544984.064 /firewall_rules_edit.php made changes block wan inet keep state Block ALL NONE UK from VOIP. in countries 1 1

Country_block_to_core_services

192.168.0.41

mshillam@192.168.1.10 1645474413.8583 /firewall_rules_edit.php made changes mshillam@192.168.1.10 1645472947.3452 /firewall_rules_edit.php made changes 1 wan keep state tcp inet

192.168.0.30

443

nat_61d0e26867ca51.69694975

mshillam@192.168.1.10 1641079400.4251 /firewall_nat_edit.php made changes 1 wan keep state tcp inet

192.168.0.30

nat_61d0e2981ea0b4.36316537

mshillam@192.168.1.10 1641079448.1255 /firewall_nat_edit.php made changes 1 wan keep state tcp inet

192.168.0.40

MAIL_PORTS

nat_61d9abe437c253.03770640

mshillam@192.168.1.10 1641655268.2284 /firewall_nat_edit.php made changes 1 wan keep state tcp/udp inet

192.168.0.41

5060-5082

nat_61ddd885a87c13.07466954

mshillam@192.168.1.10 1641928837.6901 /firewall_nat_edit.php made changes 1 1 wan keep state udp inet

192.168.0.41

10000-20000

nat_61ddd973cb6413.87351681

mshillam@192.168.1.10 1641929075.8331 /firewall_nat_edit.php made changes 1 1 wan keep state tcp inet

192.168.0.32

2122

nat_61e172ee5e2db6.55417174

mshillam@192.168.1.10 1642164974.3858 /firewall_nat_edit.php made changes 1 wan keep state tcp inet

192.168.20.32

59349

nat_61f1358acec6d1.41516685

mshillam@192.168.1.10 1643197834.847 /firewall_nat_edit.php made changes 1 wan keep state tcp inet

192.168.0.40

nat_63970e309636f5.96868671

mshillam@192.168.1.10 1670843952.6153 /firewall_nat_edit.php made changes pass lan inet keep state Default allow LAN to any rule in 1 1 lan 1 mshillam@192.168.1.10 1633378387.2996 /firewall_rules_edit.php made changes OpenVPN Remote My Dental Security Staf wizard 1 1 openvpn pass on root@192.168.2.6 1517665486.4982 /wizard.php made changes 1 pass wireguard inet keep state WG WAN to LAN in 1

WIREGUARD_CLIENTS

1 mshillam@192.168.100.20 1618255944.4809 /firewall_rules_edit.php made changes mshillam@192.168.100.20 1618255944.4809 /firewall_rules_edit.php made changes ICMP icmp ICMP TCP tcp Generic TCP HTTP http Generic HTTP / 200 HTTPS https Generic HTTPS / 200 SMTP send Generic SMTP 220 * 0.opnsense.pool.ntp.org interface_statistics-container:00000000-col1:show,system_information-container:00000001-col1:show,gateways-container:00000002-col2:show,interface_list-container:00000003-col2:show,dyn_dns_status-container:00000004-col2:show,traffic_graphs-container:00000005-col2:show,services_status-container:00000006-col4:show 2 1 WAN_DHCP (system) 1675104901.1579 /usr/local/opnsense/mvc/app/models/OPNsense/Sensei/CLI.php made changes 1 lan 0 wan wan 5060 7070 7089 300 46 0 0 0 0 600 500 20 0 0 0 1 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16 1 217.0.23.100/32 1 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16 0 malware 1 countries 1 https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-Country-CSV&license_key=bUDDilXVKtjByVCi&suffix=zip 1 david_ipad host 0 192.168.2.50 Davids iPad 1 david_pc host 0 192.168.100.61 Davids PC 1 jessica_ipad_mini host 0 192.168.2.40 Jessicas iPad mini 1 jessica_iphone_7 host 0 192.168.2.41 Jessicas iPhone 7 1 jessica_pc host 0 192.168.100.66 Jessicas PC 1 louis_iphone_7 host 0 192.168.2.92 Louis iPhone 7 1 louis_pc host 0 192.168.100.60 Louis PC 1 nikita_iphone_7 host 0 192.168.2.64 Nikitas iPhone 7 1 nikitas_laptop host 0 192.168.2.61 Nikitas Laptop 1 unifi_ap_downstairs host 0 192.168.2.3 Unifi Access point - Downstairs 1 canon_mg6600_printer host 0 192.168.2.4 Canon Mg6600 Printer 1 matbook host 0 192.168.2.6 Mats Macbook Pro 1 mat_ipad_pro host 0 192.168.2.7 Mats iPad Pro 1 mat_iphone_x host 0 192.168.2.8 Mats iPhone X 1 mat_apple_watch_v3 host 0 192.168.2.9 Mats Apple watch v3 1 mat_imac_5k_sophys_room host 0 192.168.2.10 Mats iMac 5k -Sophys room 1 katie_apple_watch_v3 host 0 192.168.2.20 Katies Apple watch v3 1 katie_iphone_x host 0 192.168.2.21 Katies iPhone X 1 fire_tv_front_room host 0 192.168.100.50 Fire TV - Front Room 1 fire_tv_bedroom host 0 192.168.2.31 Fire TV Bedroom 1 samsung_tv_front_room host 0 192.168.100.52 Samsung TV - Front room 1 mat_hackintosh host 0 192.168.100.20 Mats Hackintosh 1 media1 host 0 192.168.100.48 Media 1 1 media2 host 0 192.168.100.49 Media 2 1 essential_devices host 0 unifi_ap_downstairs canon_mg6600_printer matbook mat_ipad_pro mat_iphone_x mat_apple_watch_v3 katie_apple_watch_v3 katie_iphone_x fire_tv_front_room fire_tv_bedroom samsung_tv_front_room mat_hackintosh media1 media2 guest_devices cosy_heating jessica_echo_dot david_echo_dot epson_xp_790 sophy_iphone sophy_laptop virgin_box nikita_ps4 albert_pc sophy_ps4 mats_iphone_11_pro katie_iphone_11_pro_2 192.168.2.192 192.168.2.194 192.168.2.199 esp32_1 albert_iphone_xr dad_pc albert_new_pc mat_hackintosh_wifi inkbird_1 ha tp_link_smart_3way_1 nikita_devices jessica_devices david_devices tp_link_wifi home_assistant shed_socket_heater1 energy_1 unifi_ap2 esp_devices david_ipad all_mats_devices Internal_infrastructure katies_devices louis_devices albert_devices blink_devices fire_tv_cube_front_room 192.168.100.85 192.168.100.86 nikita_pc management proxmox_network All our essential devices ( online always! ) 1 louis_devices host 0 louis_iphone_7 louis_pc 192.168.2.93 192.168.2.94 Louis stuff 1 nikita_devices host 0 nikita_iphone_7 nikitas_laptop mat_imac_5k_sophys_room Nikitas stuff 1 jessica_devices host 0 jessica_ipad_mini jessica_iphone_7 jessica_pc jessica_echo_dot jessica_fire_tv jess_laptop savannah_phone Jessicas stuff 1 david_devices host 0 david_ipad david_pc david_iphones Davids stuff 1 guest_devices host 0 Guest's Devices to allow 1 cosy_heating host 0 192.168.100.30 Cosy heating system 1 david_iphones host 0 192.168.2.51 192.168.2.53 Davids iPhone 7 + 11 1 jessica_echo_dot host 0 192.168.2.42 Jessicas Echo dot 1 david_echo_dot host 0 192.168.2.52 Davids Echo dot 1 opnsense host 0 192.168.0.1 Opensense Server 1 epson_xp_790 host 0 192.168.2.5 Epson XP790 Printer 1 nikita_ps4 host 0 192.168.2.65 Nikitas PS4 1 sophy_iphone host 0 192.168.2.70 Sophys iPhone 1 sophy_laptop host 0 192.168.2.71 Sophys Laptop 1 virgin_box host 0 192.168.100.51 Virgin box 1 nikita_ps4_wired host 0 192.168.100.70 Nikitas PS4 Wired 1 albert_pc host 0 192.168.100.80 Alberts PC 1 sophy_ps4 host 0 192.168.2.72 Sophys PS$ 1 mats_iphone_11_pro host 0 192.168.2.11 Mats iPhone 11 Pro Max 1 katie_iphone_11_pro_2 host 0 192.168.2.22 Katies iPhone 11 Max Pro 2 1 esp32_1 host 0 192.168.2.100 ESP32_1 1 albert_iphone_xr host 0 192.168.2.87 Alberts iPhone XR 1 jessica_fire_tv host 0 192.168.2.43 Jessicas fire TV stick 1 dad_pc host 0 192.168.100.81 Dads PC 1 albert_new_pc host 0 192.168.100.82 Alberts new pc 1 mat_hackintosh_wifi host 0 192.168.2.12 Mats Hackintosh Wifi 1 inkbird_1 host 0 192.168.2.110 Inkbird Controller 1 1 ha host 0 192.168.2.13 Home Assistant Parallels 1 tp_link_smart_3way_1 host 0 192.168.2.111 TP Link Smart 3way - 1 1 tp_link_wifi host 0 192.168.2.73 USB TPLink Wifi 1 home_assistant host 0 192.168.100.13 Home Assistant - Parallels 1 shed_socket_heater1 host 0 192.168.2.121 Sheds Socket for Heater 1 Staging area 1 energy_1 host 0 192.168.2.122 Energy socket 1 1 unifi_ap2 host 0 192.168.2.2 1 esp_devices network 0 192.168.32.0/24 ESP Devices 1 trading_view host 0 52.89.214.238 34.212.75.30 54.218.53.128 52.32.178.7 Tradingview allow ips 1 all_mats_devices network 0 192.168.1.0/24 192.168.10.0/24 All Mats devices 1 Internal_infrastructure network 0 192.168.50.0/24 1 WIREGUARD_CLIENTS network 0 10.10.10.0/24 Wireguard Clients 1 katies_devices network 0 192.168.3.0/24 Katies Devices 1 albert_devices network 0 192.168.33.0/24 albert_latest_pc 192.168.100.84 192.168.100.79 Alberts Devices 1 jess_laptop host 0 192.168.100.67 1 blink_devices network 0 192.168.69.0/24 1 savannah_phone host 0 192.168.2.44 1 albert_latest_pc host 0 192.168.100.83 Alberts Latest PC 1 fire_tv_cube_front_room host 0 192.168.2.33 Fire TV Cube - Front Room 1 nikita_pc host 0 192.168.2.66 Nikitas PC 1 management network 0 192.168.0.1/24 192.168.250.1/24 Management devices 1 netgear_sw_8p_bedroom host 0 192.168.0.3 Netgear 8 Port Switch - Bedroom 1 ng_sw_24p_office host 0 192.168.0.4 Netgear 24 Port Switch - Office 1 MAIL_PORTS port 0 25 465 143 587 993 4190 Mail ports for forwarding to Mail Server 1 proxmox_network network 0 192.168.20.0/24 Proxmox g1 g2 etc 1 UT_malicious_ips urltable 0 0.5 https://www.spamhaus.org/drop/drop.txt https://www.spamhaus.org/drop/edrop.txt https://www.spamhaus.org/drop/dropv6.txt https://iplists.firehol.org/files/dshield_30d.netset Malicious IP Lists 1 Country_block_to_core_services geoip IPv4 0 AO BF BI BJ BW CD CF CG CI CM DJ DZ EG EH ER ET GA GH GM GN GQ GW KE LR LS LY MA ML MR MW MZ NA NE NG RW SD SL SN SO SS ST SZ TD TG TN TZ UG ZA ZM ZW AG AI AR AW BB BL BO BQ BR BS BZ CA CL CO CR CU CW DM DO EC GD GF GL GP GT GY HN HT JM KN KY LC MF MQ MS MX NI PA PE PM PR PY SR SV SX TC TT US UY VC VE VG VI AQ SJ AE AF AM AZ BD BH BN BT CN CY GE HK ID IL IN IQ IR JO JP KG KH KP KR KW KZ LA LB LK MM MN MO MY NP OM PH PK PS QA SA SG SY TH TJ TL TM TW UZ VN YE BM CV FK FO GS IS SH AU AD AL AT AX BA BE BG BY CH CZ DE DK EE ES FI FR GG GI GR HR HU IM IT JE LI LT LU LV MC MD ME MK MT NL NO PL PT RO RS RU SE SI SK SM TR UA VA CC CX IO KM MG MU MV RE SC TF YT AS CK FJ FM GU KI MH MP NC NF NR NU NZ PF PG PN PW SB TK TO TV UM VU WF WS All country block list except UK/IRE 10000 1 10 Mbit src-ip 0 0 0 TrafficShaper PipeUp-18Mbps 10001 1 900 Mbit 2 none fq_codel 1 0 0 2700 TrafficShaper Download 10002 1 54 Mbit none fq_codel 0 1 0 TrafficShaper 1 Upload 10000 1 675f6f4d-cf3d-467f-84f6-319a4daad0bb 10 none 0 0 0 Queue-59349 TrafficShaper 10001 1 9bd79685-8663-485d-a938-60ddba240284 100 dst-ip 0 1 0 Download Queue TrafficShaper 10002 1 f2a0b8e9-0acf-4da0-809b-e0e93602a13b 100 src-ip 0 1 0 Upload Queue TrafficShaper 1 1 wan ip 192.168.20.32 0 any any 0 any 675f6f4d-cf3d-467f-84f6-319a4daad0bb Gluster-Proxy TrafficShaper 1 2 wan ip any 0 any any 0 any in b7dcbf65-986d-4511-8ba6-8eb89edda598 Download Rule TrafficShaper 1 3 wan ip any 0 any any 0 any out 2a756398-08a3-4312-9a2e-1ef291ec36b3 Upload rule TrafficShaper 1 lan,wan wan v9 127.0.0.1:2056 1 1800 15 0 3000 0 opnsense 1 1 0 on strip 1 1 0 admin@localhost.local 0 /var/squid/cache 256 always 100 16 256 0 0 0 2048 1024 1024 256 0 0 username password lan 3128 3129 0 0 4 5 0 3401 public 2121 0 1 0 80:http,21:ftp,443:https,70:gopher,210:wais,1025-65535:unregistered ports,280:http-mgmt,488:gss-http,591:filemaker,777:multiling http 443:https 0 icap://[::1]:1344/avscan icap://[::1]:1344/avscan 1 0 0 X-Username 1 1024 60 OPNsense proxy authentication 2 5