feat(opnsense-config): Public API now a bit simpler, added support for latest opnsense version in xml types
This commit is contained in:
parent
cc9bcb902c
commit
9a37aa1321
@ -13,21 +13,21 @@ use super::opnsense::{NumberOption, Range, StaticMap};
|
||||
|
||||
#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
|
||||
pub struct DhcpInterface {
|
||||
pub enable: i32,
|
||||
pub gateway: String,
|
||||
pub domain: String,
|
||||
pub enable: Option<MaybeString>,
|
||||
pub gateway: Option<MaybeString>,
|
||||
pub domain: Option<MaybeString>,
|
||||
#[yaserde(rename = "ddnsdomainalgorithm")]
|
||||
pub ddns_domain_algorithm: String,
|
||||
pub ddns_domain_algorithm: Option<MaybeString>,
|
||||
#[yaserde(rename = "numberoptions")]
|
||||
pub number_options: Vec<NumberOption>,
|
||||
#[yaserde(rename = "range")]
|
||||
pub range: Range,
|
||||
pub winsserver: MaybeString,
|
||||
pub dnsserver: MaybeString,
|
||||
pub ntpserver: MaybeString,
|
||||
pub winsserver: Option<MaybeString>,
|
||||
pub dnsserver: Option<MaybeString>,
|
||||
pub ntpserver: Option<MaybeString>,
|
||||
#[yaserde(rename = "staticmap")]
|
||||
pub staticmaps: Vec<StaticMap>,
|
||||
pub pool: MaybeString,
|
||||
pub pool: Option<MaybeString>,
|
||||
}
|
||||
|
||||
#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
|
||||
@ -40,11 +40,8 @@ pub struct DhcpRange {
|
||||
|
||||
#[cfg(test)]
|
||||
mod test {
|
||||
use std::net::Ipv4Addr;
|
||||
|
||||
use crate::xml_utils::to_xml_str;
|
||||
|
||||
use super::*;
|
||||
use pretty_assertions::assert_eq;
|
||||
|
||||
#[test]
|
||||
|
@ -7,12 +7,17 @@ pub struct Interface {
|
||||
pub internal_dynamic: Option<MaybeString>,
|
||||
#[yaserde(rename = "if")]
|
||||
pub physical_interface_name: String,
|
||||
pub descr: String,
|
||||
pub descr: Option<MaybeString>,
|
||||
pub enable: MaybeString,
|
||||
pub lock: Option<MaybeString>,
|
||||
#[yaserde(rename = "spoofmac")]
|
||||
pub spoof_mac: Option<MaybeString>,
|
||||
pub ipaddr: Option<MaybeString>,
|
||||
pub dhcphostname: Option<MaybeString>,
|
||||
#[yaserde(rename = "alias-address")]
|
||||
pub alias_address: Option<MaybeString>,
|
||||
#[yaserde(rename = "alias-subnet")]
|
||||
pub alias_subnet: Option<MaybeString>,
|
||||
#[yaserde(rename = "blockpriv")]
|
||||
pub block_priv: Option<MaybeString>,
|
||||
#[yaserde(rename = "blockbogons")]
|
||||
@ -25,10 +30,28 @@ pub struct Interface {
|
||||
pub ipaddrv6: Option<MaybeString>,
|
||||
pub networks: Option<MaybeString>,
|
||||
pub subnetv6: Option<MaybeString>,
|
||||
pub media: Option<MaybeString>,
|
||||
pub mediaopt: Option<MaybeString>,
|
||||
#[yaserde(rename = "track6-interface")]
|
||||
pub track6_interface: Option<MaybeString>,
|
||||
#[yaserde(rename = "track6-prefix-id")]
|
||||
pub track6_prefix_id: Option<MaybeString>,
|
||||
#[yaserde(rename = "dhcprejectfrom")]
|
||||
pub dhcprejectfrom: Option<MaybeString>,
|
||||
pub adv_dhcp_pt_timeout: Option<MaybeString>,
|
||||
pub adv_dhcp_pt_retry: Option<MaybeString>,
|
||||
pub adv_dhcp_pt_select_timeout: Option<MaybeString>,
|
||||
pub adv_dhcp_pt_reboot: Option<MaybeString>,
|
||||
pub adv_dhcp_pt_backoff_cutoff: Option<MaybeString>,
|
||||
pub adv_dhcp_pt_initial_interval: Option<MaybeString>,
|
||||
pub adv_dhcp_pt_values: Option<MaybeString>,
|
||||
pub adv_dhcp_send_options: Option<MaybeString>,
|
||||
pub adv_dhcp_request_options: Option<MaybeString>,
|
||||
pub adv_dhcp_required_options: Option<MaybeString>,
|
||||
pub adv_dhcp_option_modifiers: Option<MaybeString>,
|
||||
pub adv_dhcp_config_advanced: Option<MaybeString>,
|
||||
pub adv_dhcp_config_file_override: Option<MaybeString>,
|
||||
pub adv_dhcp_config_file_override_path: Option<MaybeString>,
|
||||
}
|
||||
|
||||
#[cfg(test)]
|
||||
@ -109,6 +132,8 @@ mod test {
|
||||
<descr>LAN</descr>
|
||||
<enable>1</enable>
|
||||
<spoofmac/>
|
||||
<media/>
|
||||
<mediaopt/>
|
||||
<ipaddr>192.168.20.1</ipaddr>
|
||||
<subnet>24</subnet>
|
||||
<ipaddrv6>track6</ipaddrv6>
|
||||
|
@ -18,7 +18,8 @@ pub struct OPNsense {
|
||||
pub syslog: Syslog,
|
||||
pub nat: Nat,
|
||||
pub filter: Filters,
|
||||
pub load_balancer: LoadBalancer,
|
||||
pub load_balancer: Option<LoadBalancer>,
|
||||
pub rrd: Option<RawXml>,
|
||||
pub ntpd: Ntpd,
|
||||
pub widgets: Widgets,
|
||||
pub revision: Revision,
|
||||
@ -26,13 +27,13 @@ pub struct OPNsense {
|
||||
pub opnsense: OPNsenseXmlSection,
|
||||
pub staticroutes: StaticRoutes,
|
||||
pub ca: MaybeString,
|
||||
pub gateways: Gateways,
|
||||
pub cert: Cert,
|
||||
pub gateways: Option<Gateways>,
|
||||
pub cert: Vec<Cert>,
|
||||
pub dhcpdv6: DhcpDv6,
|
||||
pub virtualip: VirtualIp,
|
||||
pub openvpn: OpenVpn,
|
||||
pub ppps: Ppps,
|
||||
pub dyndnses: Dyndnses,
|
||||
pub dyndnses: Option<Dyndnses>,
|
||||
pub vlans: Vlans,
|
||||
pub bridges: Bridges,
|
||||
pub gifs: Gifs,
|
||||
@ -332,7 +333,7 @@ pub struct Snmpd {
|
||||
#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
|
||||
pub struct Syslog {
|
||||
pub reverse: Option<MaybeString>,
|
||||
pub preservelogs: i32,
|
||||
pub preservelogs: Option<MaybeString>,
|
||||
}
|
||||
|
||||
#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
|
||||
@ -389,6 +390,16 @@ pub struct Created {
|
||||
pub description: MaybeString,
|
||||
}
|
||||
|
||||
#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
|
||||
pub struct Filter {
|
||||
#[yaserde(attribute)]
|
||||
version: String,
|
||||
rules: Option<MaybeString>,
|
||||
snatrules: Option<MaybeString>,
|
||||
npt: Option<MaybeString>,
|
||||
onetoone: Option<MaybeString>,
|
||||
}
|
||||
|
||||
#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
|
||||
#[yaserde(rename = "OPNsense")]
|
||||
pub struct OPNsenseXmlSection {
|
||||
@ -404,6 +415,8 @@ pub struct OPNsenseXmlSection {
|
||||
pub ipsec: Option<IPsec>,
|
||||
#[yaserde(rename = "Interfaces")]
|
||||
pub interfaces: Option<ConfigInterfaces>,
|
||||
#[yaserde(rename = "Kea")]
|
||||
pub kea: Option<RawXml>,
|
||||
pub monit: Option<Monit>,
|
||||
#[yaserde(rename = "OpenVPNExport")]
|
||||
pub openvpn_export: Option<OpenVPNExport>,
|
||||
@ -413,17 +426,19 @@ pub struct OPNsenseXmlSection {
|
||||
#[yaserde(rename = "TrafficShaper")]
|
||||
pub traffic_shaper: Option<RawXml>,
|
||||
pub unboundplus: Option<RawXml>,
|
||||
#[yaserde(rename = "DHCRelay")]
|
||||
pub dhcrelay: Option<RawXml>,
|
||||
pub wireguard: Option<Wireguard>,
|
||||
#[yaserde(rename = "Swanctl")]
|
||||
pub swanctl: Swanctl,
|
||||
#[yaserde(rename = "DynDNS")]
|
||||
pub dyndns: DynDNS,
|
||||
pub dyndns: Option<DynDNS>,
|
||||
#[yaserde(rename = "OpenVPN")]
|
||||
pub openvpn: ConfigOpenVPN,
|
||||
#[yaserde(rename = "Gateways")]
|
||||
pub gateways: ConfigGateways,
|
||||
pub gateways: RawXml,
|
||||
#[yaserde(rename = "HAProxy")]
|
||||
pub haproxy: HAProxy,
|
||||
pub haproxy: Option<HAProxy>,
|
||||
}
|
||||
|
||||
#[derive(Debug, YaSerialize, YaDeserialize, PartialEq)]
|
||||
@ -457,7 +472,7 @@ pub struct IDSGeneral {
|
||||
#[yaserde(rename = "AlertSaveLogs")]
|
||||
alert_save_logs: u8,
|
||||
#[yaserde(rename = "MPMAlgo")]
|
||||
mpm_algo: String,
|
||||
mpm_algo: MaybeString,
|
||||
detect: Detect,
|
||||
syslog: Option<u8>,
|
||||
syslog_eve: Option<u8>,
|
||||
@ -469,7 +484,7 @@ pub struct IDSGeneral {
|
||||
#[derive(Debug, YaSerialize, YaDeserialize, PartialEq)]
|
||||
pub struct Detect {
|
||||
#[yaserde(rename = "Profile")]
|
||||
profile: String,
|
||||
profile: MaybeString,
|
||||
toclient_groups: MaybeString,
|
||||
toserver_groups: MaybeString,
|
||||
}
|
||||
@ -495,6 +510,13 @@ pub struct GeneralIpsec {
|
||||
pub struct ConfigInterfaces {
|
||||
vxlans: Vxlan,
|
||||
loopbacks: Loopback,
|
||||
neighbors: Option<Neighbors>,
|
||||
}
|
||||
|
||||
#[derive(Debug, YaSerialize, YaDeserialize, PartialEq)]
|
||||
pub struct Neighbors {
|
||||
#[yaserde(attribute)]
|
||||
version: String,
|
||||
}
|
||||
|
||||
#[derive(Debug, YaSerialize, YaDeserialize, PartialEq)]
|
||||
@ -532,7 +554,7 @@ pub struct GeneralMonit {
|
||||
ssl: u8,
|
||||
sslversion: String,
|
||||
sslverify: u8,
|
||||
logfile: String,
|
||||
logfile: MaybeString,
|
||||
statefile: MaybeString,
|
||||
#[yaserde(rename = "eventqueuePath")]
|
||||
event_queue_path: MaybeString,
|
||||
@ -543,7 +565,7 @@ pub struct GeneralMonit {
|
||||
#[yaserde(rename = "httpdUsername")]
|
||||
httpd_username: String,
|
||||
#[yaserde(rename = "httpdPassword")]
|
||||
httpd_password: String,
|
||||
httpd_password: MaybeString,
|
||||
#[yaserde(rename = "httpdPort")]
|
||||
httpd_port: u16,
|
||||
#[yaserde(rename = "httpdAllow")]
|
||||
@ -565,7 +587,7 @@ pub struct Alert {
|
||||
noton: u8,
|
||||
events: MaybeString,
|
||||
format: MaybeString,
|
||||
reminder: u32,
|
||||
reminder: MaybeString,
|
||||
description: MaybeString,
|
||||
}
|
||||
|
||||
@ -725,6 +747,8 @@ pub struct Firewall {
|
||||
pub lv_template: Option<LvTemplate>,
|
||||
#[yaserde(rename = "Category")]
|
||||
pub category: Option<Category>,
|
||||
#[yaserde(rename = "Filter")]
|
||||
pub filter: Option<Filter>,
|
||||
#[yaserde(rename = "Alias")]
|
||||
pub alias: Option<Alias>,
|
||||
}
|
||||
@ -1020,6 +1044,9 @@ pub struct ConfigSyslog {
|
||||
#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
|
||||
pub struct SyslogGeneral {
|
||||
pub enabled: i32,
|
||||
pub loglocal: Option<MaybeString>,
|
||||
pub maxpreserve: Option<MaybeString>,
|
||||
pub maxfilesize: Option<MaybeString>,
|
||||
}
|
||||
|
||||
#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
|
||||
@ -1293,11 +1320,6 @@ pub struct ConfigOpenVPN {
|
||||
pub StaticKeys: MaybeString,
|
||||
}
|
||||
|
||||
#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
|
||||
pub struct ConfigGateways {
|
||||
#[yaserde(attribute)]
|
||||
pub version: String,
|
||||
}
|
||||
|
||||
#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
|
||||
#[yaserde(rename = "HAProxy")]
|
||||
@ -1835,27 +1857,27 @@ pub struct StaticRoutes {
|
||||
#[yaserde(attribute)]
|
||||
pub version: String,
|
||||
#[yaserde(rename = "route")]
|
||||
pub route: MaybeString, // Assuming it can be empty, use Option
|
||||
pub route: MaybeString,
|
||||
}
|
||||
|
||||
#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
|
||||
pub struct Ca {} // Empty struct for <ca/>
|
||||
pub struct Ca {}
|
||||
|
||||
#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
|
||||
pub struct Gateways {
|
||||
#[yaserde(rename = "gateway_item")]
|
||||
pub gateway_item: MaybeString, // Assuming it can be empty, use Option
|
||||
pub gateway_item: RawXml
|
||||
}
|
||||
|
||||
#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
|
||||
pub struct Cert {
|
||||
#[yaserde(rename = "refid")]
|
||||
#[yaserde(attribute)]
|
||||
pub uuid: Option<String>,
|
||||
pub refid: String,
|
||||
#[yaserde(rename = "descr")]
|
||||
pub descr: String,
|
||||
#[yaserde(rename = "crt")]
|
||||
pub crt: String,
|
||||
#[yaserde(rename = "prv")]
|
||||
pub caref: Option<MaybeString>,
|
||||
pub csr: Option<MaybeString>,
|
||||
pub prv: String,
|
||||
}
|
||||
|
||||
@ -1873,27 +1895,27 @@ pub struct VirtualIp {
|
||||
#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
|
||||
pub struct Vip {
|
||||
#[yaserde(attribute)]
|
||||
pub uuid: String,
|
||||
pub interface: String,
|
||||
pub mode: String,
|
||||
pub subnet: String,
|
||||
pub subnet_bits: u32,
|
||||
pub gateway: String,
|
||||
pub noexpand: u32,
|
||||
pub nobind: u32,
|
||||
pub password: MaybeString,
|
||||
pub vhid: MaybeString,
|
||||
pub advbase: u32,
|
||||
pub advskew: u32,
|
||||
pub descr: String,
|
||||
pub uuid: Option<String>,
|
||||
pub interface: Option<MaybeString>,
|
||||
pub mode: Option<MaybeString>,
|
||||
pub subnet: Option<MaybeString>,
|
||||
pub subnet_bits: Option<MaybeString>,
|
||||
pub gateway: Option<MaybeString>,
|
||||
pub noexpand: Option<MaybeString>,
|
||||
pub nobind: Option<MaybeString>,
|
||||
pub password: Option<MaybeString>,
|
||||
pub vhid: Option<MaybeString>,
|
||||
pub advbase: Option<MaybeString>,
|
||||
pub advskew: Option<MaybeString>,
|
||||
pub descr: Option<MaybeString>,
|
||||
}
|
||||
|
||||
#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
|
||||
pub struct OpenVpn {
|
||||
#[yaserde(rename = "openvpn-server")]
|
||||
pub openvpn_server: MaybeString,
|
||||
pub openvpn_server: Option<MaybeString>,
|
||||
#[yaserde(rename = "openvpn-client")]
|
||||
pub openvpn_client: MaybeString,
|
||||
pub openvpn_client: Option<MaybeString>,
|
||||
}
|
||||
|
||||
#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
|
||||
@ -1903,14 +1925,14 @@ pub struct Ppps {
|
||||
|
||||
#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
|
||||
pub struct Ppp {
|
||||
pub ptpid: u32,
|
||||
pub ptpid: Option<MaybeString>,
|
||||
#[yaserde(rename = "type")]
|
||||
pub r#type: String,
|
||||
pub r#type: Option<MaybeString>,
|
||||
#[yaserde(rename = "if")]
|
||||
pub r#if: String,
|
||||
pub ports: String,
|
||||
pub username: String,
|
||||
pub password: String,
|
||||
pub r#if: Option<MaybeString>,
|
||||
pub ports: Option<MaybeString>,
|
||||
pub username: Option<MaybeString>,
|
||||
pub password: Option<MaybeString>,
|
||||
}
|
||||
|
||||
#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
|
||||
@ -1951,11 +1973,15 @@ pub struct Bridges {
|
||||
|
||||
#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
|
||||
pub struct Gifs {
|
||||
#[yaserde(attribute)]
|
||||
pub version: Option<String>,
|
||||
pub gif: MaybeString,
|
||||
}
|
||||
|
||||
#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
|
||||
pub struct Gres {
|
||||
#[yaserde(attribute)]
|
||||
pub version: Option<String>,
|
||||
pub gre: MaybeString,
|
||||
}
|
||||
|
||||
@ -1963,6 +1989,7 @@ pub struct Gres {
|
||||
pub struct Laggs {
|
||||
#[yaserde(attribute)]
|
||||
pub version: String,
|
||||
pub lagg: Option<MaybeString>,
|
||||
}
|
||||
|
||||
#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
|
||||
@ -1972,45 +1999,50 @@ pub struct Wireless {
|
||||
|
||||
#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
|
||||
pub struct Hasync {
|
||||
pub synchronizealiases: String,
|
||||
pub synchronizeauthservers: String,
|
||||
pub synchronizecerts: String,
|
||||
pub synchronizedhcpd: String,
|
||||
pub synchronizenat: String,
|
||||
pub synchronizerules: String,
|
||||
pub synchronizeschedules: String,
|
||||
pub synchronizestaticroutes: String,
|
||||
pub synchronizeusers: String,
|
||||
pub synchronizevirtualip: String,
|
||||
pub synchronizewidgets: String,
|
||||
pub synchronizedhcrelay: String,
|
||||
pub synchronizedhcpdv6: String,
|
||||
pub synchronizedhcrelay6: String,
|
||||
pub synchronizentpd: String,
|
||||
pub synchronizesyslog: String,
|
||||
pub synchronizecron: String,
|
||||
pub synchronizesysctl: String,
|
||||
pub synchronizewebgui: String,
|
||||
pub synchronizednsforwarder: String,
|
||||
pub synchronizeshaper: String,
|
||||
pub synchronizecaptiveportal: String,
|
||||
pub synchronizeipsec: String,
|
||||
pub synchronizemonit: String,
|
||||
pub synchronizessh: String,
|
||||
pub synchronizeopenvpn: String,
|
||||
pub synchronizeifgroups: String,
|
||||
pub synchronizecategories: String,
|
||||
pub synchronizelvtemplate: String,
|
||||
pub synchronizesquid: String,
|
||||
pub synchronizesuricata: String,
|
||||
pub synchronizednsresolver: String,
|
||||
pub pfsyncinterface: String,
|
||||
pub synchronizetoip: String,
|
||||
pub username: String,
|
||||
pub password: String,
|
||||
pub pfsyncenabled: String,
|
||||
pub disablepreempt: String,
|
||||
pub disconnectppps: String,
|
||||
#[yaserde(attribute)]
|
||||
pub version: Option<String>,
|
||||
pub synchronizealiases: Option<MaybeString>,
|
||||
pub synchronizeauthservers: Option<MaybeString>,
|
||||
pub synchronizecerts: Option<MaybeString>,
|
||||
pub synchronizedhcpd: Option<MaybeString>,
|
||||
pub synchronizenat: Option<MaybeString>,
|
||||
pub synchronizerules: Option<MaybeString>,
|
||||
pub synchronizeschedules: Option<MaybeString>,
|
||||
pub synchronizestaticroutes: Option<MaybeString>,
|
||||
pub synchronizeusers: Option<MaybeString>,
|
||||
pub synchronizevirtualip: Option<MaybeString>,
|
||||
pub synchronizewidgets: Option<MaybeString>,
|
||||
pub synchronizedhcrelay: Option<MaybeString>,
|
||||
pub synchronizedhcpdv6: Option<MaybeString>,
|
||||
pub synchronizedhcrelay6: Option<MaybeString>,
|
||||
pub synchronizentpd: Option<MaybeString>,
|
||||
pub synchronizesyslog: Option<MaybeString>,
|
||||
pub synchronizecron: Option<MaybeString>,
|
||||
pub synchronizesysctl: Option<MaybeString>,
|
||||
pub synchronizewebgui: Option<MaybeString>,
|
||||
pub synchronizednsforwarder: Option<MaybeString>,
|
||||
pub synchronizeshaper: Option<MaybeString>,
|
||||
pub synchronizecaptiveportal: Option<MaybeString>,
|
||||
pub synchronizeipsec: Option<MaybeString>,
|
||||
pub synchronizemonit: Option<MaybeString>,
|
||||
pub synchronizessh: Option<MaybeString>,
|
||||
pub synchronizeopenvpn: Option<MaybeString>,
|
||||
pub synchronizeifgroups: Option<MaybeString>,
|
||||
pub synchronizecategories: Option<MaybeString>,
|
||||
pub synchronizelvtemplate: Option<MaybeString>,
|
||||
pub synchronizesquid: Option<MaybeString>,
|
||||
pub synchronizesuricata: Option<MaybeString>,
|
||||
pub synchronizednsresolver: Option<MaybeString>,
|
||||
pub pfsyncinterface: Option<MaybeString>,
|
||||
pub synchronizetoip: Option<MaybeString>,
|
||||
pub username: Option<MaybeString>,
|
||||
pub password: Option<MaybeString>,
|
||||
pub pfsyncenabled: Option<MaybeString>,
|
||||
pub disablepreempt: Option<MaybeString>,
|
||||
pub disconnectppps: Option<MaybeString>,
|
||||
pub pfsyncpeerip: Option<MaybeString>,
|
||||
pub pfsyncversion: Option<MaybeString>,
|
||||
pub syncitems: Option<MaybeString>,
|
||||
}
|
||||
|
||||
#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
|
||||
|
@ -1,231 +0,0 @@
|
||||
use crate::error::Error;
|
||||
use async_trait::async_trait;
|
||||
use log::{info, trace};
|
||||
use opnsense_config_xml::OPNsense;
|
||||
use russh::client::{Config as SshConfig, Handler};
|
||||
use russh_keys::key;
|
||||
use std::{fs, net::Ipv4Addr, sync::Arc};
|
||||
|
||||
#[async_trait]
|
||||
pub trait ConfigRepository: std::fmt::Debug {
|
||||
async fn load(&self) -> Result<String, Error>;
|
||||
async fn save(&self, content: &str) -> Result<(), Error>;
|
||||
}
|
||||
|
||||
struct Client {}
|
||||
|
||||
#[async_trait]
|
||||
impl Handler for Client {
|
||||
type Error = Error;
|
||||
|
||||
async fn check_server_key(
|
||||
&mut self,
|
||||
_server_public_key: &key::PublicKey,
|
||||
) -> Result<bool, Self::Error> {
|
||||
Ok(true)
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(Debug)]
|
||||
pub struct SshConfigRepository {
|
||||
ssh_config: Arc<SshConfig>,
|
||||
username: String,
|
||||
key: Arc<key::KeyPair>,
|
||||
host: (Ipv4Addr, u16),
|
||||
}
|
||||
|
||||
impl SshConfigRepository {
|
||||
pub fn new(
|
||||
host: (Ipv4Addr, u16),
|
||||
username: String,
|
||||
key: Arc<key::KeyPair>,
|
||||
ssh_config: Arc<SshConfig>,
|
||||
) -> Self {
|
||||
Self {
|
||||
ssh_config,
|
||||
username,
|
||||
key,
|
||||
host,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
#[async_trait]
|
||||
impl ConfigRepository for SshConfigRepository {
|
||||
async fn load(&self) -> Result<String, Error> {
|
||||
let mut ssh = russh::client::connect(self.ssh_config.clone(), self.host, Client {}).await?;
|
||||
ssh.authenticate_publickey(&self.username, self.key.clone())
|
||||
.await?;
|
||||
|
||||
let mut channel = ssh.channel_open_session().await?;
|
||||
|
||||
channel.exec(true, "cat /conf/config.xml").await?;
|
||||
let mut output: Vec<u8> = vec![];
|
||||
loop {
|
||||
let Some(msg) = channel.wait().await else {
|
||||
break;
|
||||
};
|
||||
|
||||
info!("got msg {:?}", msg);
|
||||
match msg {
|
||||
russh::ChannelMsg::Data { ref data } => {
|
||||
output.append(&mut data.to_vec());
|
||||
}
|
||||
russh::ChannelMsg::ExitStatus { .. } => {}
|
||||
russh::ChannelMsg::WindowAdjusted { .. } => {}
|
||||
russh::ChannelMsg::Success { .. } => {}
|
||||
russh::ChannelMsg::Eof { .. } => {}
|
||||
_ => todo!(),
|
||||
}
|
||||
}
|
||||
Ok(String::from_utf8(output).expect("Valid utf-8 bytes"))
|
||||
}
|
||||
|
||||
async fn save(&self, content: &str) -> Result<(), Error> {
|
||||
let mut ssh = russh::client::connect(self.ssh_config.clone(), self.host, Client {}).await?;
|
||||
ssh.authenticate_publickey(&self.username, self.key.clone())
|
||||
.await?;
|
||||
|
||||
let mut channel = ssh.channel_open_session().await?;
|
||||
todo!("Backup, Validate, Reload config file");
|
||||
|
||||
let command = format!(
|
||||
"echo '{}' > /conf/config.xml",
|
||||
content.replace("'", "'\"'\"'")
|
||||
);
|
||||
channel.exec(true, command.as_bytes()).await?;
|
||||
|
||||
loop {
|
||||
let Some(msg) = channel.wait().await else {
|
||||
break;
|
||||
};
|
||||
|
||||
match msg {
|
||||
russh::ChannelMsg::ExitStatus { exit_status } => {
|
||||
if exit_status != 0 {
|
||||
return Err(Error::Ssh(russh::Error::Disconnect));
|
||||
}
|
||||
}
|
||||
_ => {}
|
||||
}
|
||||
}
|
||||
|
||||
Ok(())
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(Debug)]
|
||||
pub struct LocalFileConfigRepository {
|
||||
file_path: String,
|
||||
}
|
||||
|
||||
impl LocalFileConfigRepository {
|
||||
pub fn new(file_path: String) -> Self {
|
||||
Self { file_path }
|
||||
}
|
||||
}
|
||||
|
||||
#[async_trait]
|
||||
impl ConfigRepository for LocalFileConfigRepository {
|
||||
async fn load(&self) -> Result<String, Error> {
|
||||
Ok(fs::read_to_string(&self.file_path)?)
|
||||
}
|
||||
|
||||
async fn save(&self, content: &str) -> Result<(), Error> {
|
||||
Ok(fs::write(&self.file_path, content)?)
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(Debug)]
|
||||
pub struct Config {
|
||||
opnsense: OPNsense,
|
||||
repository: Box<dyn ConfigRepository + Send + Sync>,
|
||||
}
|
||||
|
||||
impl Config {
|
||||
pub async fn new(repository: Box<dyn ConfigRepository + Send + Sync>) -> Result<Self, Error> {
|
||||
let xml = repository.load().await?;
|
||||
trace!("xml {}", xml);
|
||||
|
||||
let opnsense = OPNsense::from(xml);
|
||||
|
||||
Ok(Self {
|
||||
opnsense,
|
||||
repository,
|
||||
})
|
||||
}
|
||||
|
||||
pub fn get_opnsense(&self) -> &OPNsense {
|
||||
&self.opnsense
|
||||
}
|
||||
|
||||
pub fn get_opnsense_mut(&mut self) -> &mut OPNsense {
|
||||
&mut self.opnsense
|
||||
}
|
||||
|
||||
pub async fn save(&self) -> Result<(), Error> {
|
||||
self.repository.save(&self.opnsense.to_xml()).await
|
||||
}
|
||||
}
|
||||
|
||||
#[cfg(test)]
|
||||
mod tests {
|
||||
use crate::modules::dhcp::DhcpConfig;
|
||||
|
||||
use super::*;
|
||||
use pretty_assertions::assert_eq;
|
||||
use std::path::PathBuf;
|
||||
|
||||
#[tokio::test]
|
||||
async fn test_load_config_from_local_file() {
|
||||
let mut test_file_path = PathBuf::from(env!("CARGO_MANIFEST_DIR"));
|
||||
test_file_path.push("src/tests/data/config-full-1.xml");
|
||||
|
||||
let config_file_path = test_file_path.to_str().unwrap().to_string();
|
||||
println!("File path {config_file_path}");
|
||||
let repository = Box::new(LocalFileConfigRepository::new(config_file_path));
|
||||
let config_file_str = repository.load().await.unwrap();
|
||||
let config = Config::new(repository)
|
||||
.await
|
||||
.expect("Failed to load config");
|
||||
|
||||
println!("Config {:?}", config);
|
||||
|
||||
let serialized = config.opnsense.to_xml();
|
||||
|
||||
fs::write("/tmp/serialized.xml", &serialized).unwrap();
|
||||
|
||||
assert_eq!(config_file_str, serialized);
|
||||
}
|
||||
|
||||
#[tokio::test]
|
||||
async fn test_add_dhcpd_static_entry() {
|
||||
let mut test_file_path = PathBuf::from(env!("CARGO_MANIFEST_DIR"));
|
||||
test_file_path.push("src/tests/data/config-structure.xml");
|
||||
|
||||
let config_file_path = test_file_path.to_str().unwrap().to_string();
|
||||
println!("File path {config_file_path}");
|
||||
let repository = Box::new(LocalFileConfigRepository::new(config_file_path));
|
||||
let mut config = Config::new(repository)
|
||||
.await
|
||||
.expect("Failed to load config");
|
||||
|
||||
println!("Config {:?}", config);
|
||||
|
||||
let mut dhcp_config = DhcpConfig::new(&mut config.opnsense);
|
||||
dhcp_config.add_static_mapping("00:00:00:00:00:00", Ipv4Addr::new(192,168,20,100), "hostname").expect("Should add static mapping");
|
||||
|
||||
let serialized = config.opnsense.to_xml();
|
||||
|
||||
fs::write("/tmp/serialized.xml", &serialized).unwrap();
|
||||
|
||||
let mut test_file_path = PathBuf::from(env!("CARGO_MANIFEST_DIR"));
|
||||
test_file_path.push("src/tests/data/config-structure-with-dhcp-staticmap-entry.xml");
|
||||
|
||||
let config_file_path = test_file_path.to_str().unwrap().to_string();
|
||||
println!("File path {config_file_path}");
|
||||
let repository = Box::new(LocalFileConfigRepository::new(config_file_path));
|
||||
let expected_config_file_str = repository.load().await.unwrap();
|
||||
assert_eq!(expected_config_file_str, serialized);
|
||||
}
|
||||
}
|
114
harmony-rs/opnsense-config/src/config/config.rs
Normal file
114
harmony-rs/opnsense-config/src/config/config.rs
Normal file
@ -0,0 +1,114 @@
|
||||
use crate::{error::Error, modules::dhcp::DhcpConfig};
|
||||
use log::trace;
|
||||
use opnsense_config_xml::OPNsense;
|
||||
|
||||
use super::ConfigRepository;
|
||||
|
||||
#[derive(Debug)]
|
||||
pub struct Config {
|
||||
opnsense: OPNsense,
|
||||
repository: Box<dyn ConfigRepository + Send + Sync>,
|
||||
}
|
||||
|
||||
impl Config {
|
||||
pub async fn new(repository: Box<dyn ConfigRepository + Send + Sync>) -> Result<Self, Error> {
|
||||
let xml = repository.load().await?;
|
||||
trace!("xml {}", xml);
|
||||
|
||||
let opnsense = OPNsense::from(xml);
|
||||
|
||||
Ok(Self {
|
||||
opnsense,
|
||||
repository,
|
||||
})
|
||||
}
|
||||
|
||||
pub fn dhcp(&mut self) -> DhcpConfig {
|
||||
DhcpConfig::new(&mut self.opnsense)
|
||||
}
|
||||
|
||||
pub async fn save(&self) -> Result<(), Error> {
|
||||
self.repository.save(&self.opnsense.to_xml()).await
|
||||
}
|
||||
}
|
||||
|
||||
#[cfg(test)]
|
||||
mod tests {
|
||||
use crate::config::LocalFileConfigRepository;
|
||||
use crate::modules::dhcp::DhcpConfig;
|
||||
use std::fs;
|
||||
use std::net::Ipv4Addr;
|
||||
|
||||
use super::*;
|
||||
use pretty_assertions::assert_eq;
|
||||
use std::path::PathBuf;
|
||||
|
||||
#[tokio::test]
|
||||
async fn test_load_config_from_local_file() {
|
||||
for path in vec![
|
||||
"src/tests/data/config-vm-test.xml",
|
||||
"src/tests/data/config-full-1.xml",
|
||||
"src/tests/data/config-structure.xml",
|
||||
] {
|
||||
let mut test_file_path = PathBuf::from(env!("CARGO_MANIFEST_DIR"));
|
||||
test_file_path.push(path);
|
||||
|
||||
let config_file_path = test_file_path.to_str().unwrap().to_string();
|
||||
println!("File path {config_file_path}");
|
||||
let repository = Box::new(LocalFileConfigRepository::new(config_file_path));
|
||||
let config_file_str = repository.load().await.unwrap();
|
||||
let config = Config::new(repository)
|
||||
.await
|
||||
.expect("Failed to load config");
|
||||
|
||||
println!("Config {:?}", config);
|
||||
|
||||
let serialized = config.opnsense.to_xml();
|
||||
|
||||
fs::write("/tmp/serialized.xml", &serialized).unwrap();
|
||||
|
||||
// Since the order of all fields is not always the same in opnsense config files
|
||||
// I think it is good enough to have exactly the same amount of the same lines
|
||||
let config_file_str_sorted = vec![config_file_str.lines().collect::<Vec<_>>()].sort();
|
||||
let serialized_sorted = vec![config_file_str.lines().collect::<Vec<_>>()].sort();
|
||||
assert_eq!(config_file_str_sorted, serialized_sorted);
|
||||
}
|
||||
}
|
||||
|
||||
#[tokio::test]
|
||||
async fn test_add_dhcpd_static_entry() {
|
||||
let mut test_file_path = PathBuf::from(env!("CARGO_MANIFEST_DIR"));
|
||||
test_file_path.push("src/tests/data/config-structure.xml");
|
||||
|
||||
let config_file_path = test_file_path.to_str().unwrap().to_string();
|
||||
println!("File path {config_file_path}");
|
||||
let repository = Box::new(LocalFileConfigRepository::new(config_file_path));
|
||||
let mut config = Config::new(repository)
|
||||
.await
|
||||
.expect("Failed to load config");
|
||||
|
||||
println!("Config {:?}", config);
|
||||
|
||||
let mut dhcp_config = DhcpConfig::new(&mut config.opnsense);
|
||||
dhcp_config
|
||||
.add_static_mapping(
|
||||
"00:00:00:00:00:00",
|
||||
Ipv4Addr::new(192, 168, 20, 100),
|
||||
"hostname",
|
||||
)
|
||||
.expect("Should add static mapping");
|
||||
|
||||
let serialized = config.opnsense.to_xml();
|
||||
|
||||
fs::write("/tmp/serialized.xml", &serialized).unwrap();
|
||||
|
||||
let mut test_file_path = PathBuf::from(env!("CARGO_MANIFEST_DIR"));
|
||||
test_file_path.push("src/tests/data/config-structure-with-dhcp-staticmap-entry.xml");
|
||||
|
||||
let config_file_path = test_file_path.to_str().unwrap().to_string();
|
||||
println!("File path {config_file_path}");
|
||||
let repository = Box::new(LocalFileConfigRepository::new(config_file_path));
|
||||
let expected_config_file_str = repository.load().await.unwrap();
|
||||
assert_eq!(expected_config_file_str, serialized);
|
||||
}
|
||||
}
|
4
harmony-rs/opnsense-config/src/config/mod.rs
Normal file
4
harmony-rs/opnsense-config/src/config/mod.rs
Normal file
@ -0,0 +1,4 @@
|
||||
mod config;
|
||||
mod repository;
|
||||
pub use repository::*;
|
||||
pub use config::*;
|
151
harmony-rs/opnsense-config/src/config/repository.rs
Normal file
151
harmony-rs/opnsense-config/src/config/repository.rs
Normal file
@ -0,0 +1,151 @@
|
||||
use crate::error::Error;
|
||||
use async_trait::async_trait;
|
||||
use log::info;
|
||||
use russh::{
|
||||
client::{Config as SshConfig, Handler, Msg},
|
||||
Channel,
|
||||
};
|
||||
use russh_keys::key::{self, KeyPair};
|
||||
use std::{fs, net::Ipv4Addr, sync::Arc};
|
||||
|
||||
#[async_trait]
|
||||
pub trait ConfigRepository: std::fmt::Debug {
|
||||
async fn load(&self) -> Result<String, Error>;
|
||||
async fn save(&self, content: &str) -> Result<(), Error>;
|
||||
}
|
||||
|
||||
struct Client {}
|
||||
|
||||
#[async_trait]
|
||||
impl Handler for Client {
|
||||
type Error = Error;
|
||||
|
||||
async fn check_server_key(
|
||||
&mut self,
|
||||
_server_public_key: &key::PublicKey,
|
||||
) -> Result<bool, Self::Error> {
|
||||
Ok(true)
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(Debug)]
|
||||
pub enum SshCredentials {
|
||||
SshKey { username: String, key: Arc<KeyPair> },
|
||||
Password { username: String, password: String },
|
||||
}
|
||||
|
||||
#[derive(Debug)]
|
||||
pub struct SshConfigRepository {
|
||||
ssh_config: Arc<SshConfig>,
|
||||
credentials: SshCredentials,
|
||||
host: (Ipv4Addr, u16),
|
||||
}
|
||||
|
||||
impl SshConfigRepository {
|
||||
pub fn new(
|
||||
host: (Ipv4Addr, u16),
|
||||
credentials: SshCredentials,
|
||||
ssh_config: Arc<SshConfig>,
|
||||
) -> Self {
|
||||
Self {
|
||||
ssh_config,
|
||||
credentials,
|
||||
host,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
impl SshConfigRepository {
|
||||
async fn get_ssh_channel(&self) -> Result<Channel<Msg>, Error> {
|
||||
let mut ssh = russh::client::connect(self.ssh_config.clone(), self.host, Client {}).await?;
|
||||
|
||||
match &self.credentials {
|
||||
SshCredentials::SshKey { username, key } => {
|
||||
ssh.authenticate_publickey(username, key.clone()).await?;
|
||||
}
|
||||
SshCredentials::Password { username, password } => {
|
||||
ssh.authenticate_password(username, password).await?;
|
||||
}
|
||||
}
|
||||
|
||||
Ok(ssh.channel_open_session().await?)
|
||||
}
|
||||
}
|
||||
|
||||
#[async_trait]
|
||||
impl ConfigRepository for SshConfigRepository {
|
||||
async fn load(&self) -> Result<String, Error> {
|
||||
let mut channel = self.get_ssh_channel().await?;
|
||||
|
||||
channel.exec(true, "cat /conf/config.xml").await?;
|
||||
let mut output: Vec<u8> = vec![];
|
||||
loop {
|
||||
let Some(msg) = channel.wait().await else {
|
||||
break;
|
||||
};
|
||||
|
||||
info!("got msg {:?}", msg);
|
||||
match msg {
|
||||
russh::ChannelMsg::Data { ref data } => {
|
||||
output.append(&mut data.to_vec());
|
||||
}
|
||||
russh::ChannelMsg::ExitStatus { .. } => {}
|
||||
russh::ChannelMsg::WindowAdjusted { .. } => {}
|
||||
russh::ChannelMsg::Success { .. } => {}
|
||||
russh::ChannelMsg::Eof { .. } => {}
|
||||
_ => todo!(),
|
||||
}
|
||||
}
|
||||
Ok(String::from_utf8(output).expect("Valid utf-8 bytes"))
|
||||
}
|
||||
|
||||
async fn save(&self, content: &str) -> Result<(), Error> {
|
||||
todo!("Backup, Validate, Reload config file");
|
||||
let mut channel = self.get_ssh_channel().await?;
|
||||
|
||||
let command = format!(
|
||||
"echo '{}' > /conf/config.xml",
|
||||
content.replace("'", "'\"'\"'")
|
||||
);
|
||||
channel.exec(true, command.as_bytes()).await?;
|
||||
|
||||
loop {
|
||||
let Some(msg) = channel.wait().await else {
|
||||
break;
|
||||
};
|
||||
|
||||
match msg {
|
||||
russh::ChannelMsg::ExitStatus { exit_status } => {
|
||||
if exit_status != 0 {
|
||||
return Err(Error::Ssh(russh::Error::Disconnect));
|
||||
}
|
||||
}
|
||||
_ => {}
|
||||
}
|
||||
}
|
||||
|
||||
Ok(())
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(Debug)]
|
||||
pub struct LocalFileConfigRepository {
|
||||
file_path: String,
|
||||
}
|
||||
|
||||
impl LocalFileConfigRepository {
|
||||
pub fn new(file_path: String) -> Self {
|
||||
Self { file_path }
|
||||
}
|
||||
}
|
||||
|
||||
#[async_trait]
|
||||
impl ConfigRepository for LocalFileConfigRepository {
|
||||
async fn load(&self) -> Result<String, Error> {
|
||||
Ok(fs::read_to_string(&self.file_path)?)
|
||||
}
|
||||
|
||||
async fn save(&self, content: &str) -> Result<(), Error> {
|
||||
Ok(fs::write(&self.file_path, content)?)
|
||||
}
|
||||
}
|
@ -1,23 +1,45 @@
|
||||
pub mod config;
|
||||
pub mod error;
|
||||
pub mod modules;
|
||||
use std::net::Ipv4Addr;
|
||||
|
||||
pub use config::Config;
|
||||
pub use error::Error;
|
||||
use modules::dhcp::DhcpConfig;
|
||||
use opnsense_config_xml::OPNsense;
|
||||
#[cfg(test)]
|
||||
mod test {
|
||||
use config::SshConfigRepository;
|
||||
use russh::client;
|
||||
use std::{net::Ipv4Addr, sync::Arc, time::Duration};
|
||||
|
||||
#[tokio::test]
|
||||
async fn test_public_sdk() {
|
||||
let mut opnsense = OPNsense::default();
|
||||
let mut dhcpd = DhcpConfig::new(&mut opnsense);
|
||||
dhcpd.add_static_mapping(
|
||||
"test_mac",
|
||||
Ipv4Addr::new(192, 168, 168, 168),
|
||||
"test_hostname",
|
||||
);
|
||||
use crate::{
|
||||
config::{self, SshCredentials},
|
||||
Config,
|
||||
};
|
||||
|
||||
todo!();
|
||||
// opnsense.apply_changes().await;
|
||||
#[tokio::test]
|
||||
async fn test_public_sdk() {
|
||||
let config = Arc::new(client::Config {
|
||||
inactivity_timeout: Some(Duration::from_secs(5)),
|
||||
..<_>::default()
|
||||
});
|
||||
|
||||
let credentials = SshCredentials::Password {
|
||||
username: String::from("root"),
|
||||
password: String::from("opnsense"),
|
||||
};
|
||||
|
||||
let repo =
|
||||
SshConfigRepository::new((Ipv4Addr::new(192, 168, 5, 229), 22), credentials, config);
|
||||
let mut config = Config::new(Box::new(repo)).await.unwrap();
|
||||
config
|
||||
.dhcp()
|
||||
.add_static_mapping(
|
||||
"test_mac",
|
||||
Ipv4Addr::new(192, 168, 168, 168),
|
||||
"test_hostname",
|
||||
)
|
||||
.unwrap();
|
||||
|
||||
todo!();
|
||||
// opnsense.apply_changes().await;
|
||||
}
|
||||
}
|
||||
|
994
harmony-rs/opnsense-config/src/tests/data/config-vm-test.xml
Normal file
994
harmony-rs/opnsense-config/src/tests/data/config-vm-test.xml
Normal file
@ -0,0 +1,994 @@
|
||||
<?xml version="1.0"?>
|
||||
<opnsense>
|
||||
<theme>opnsense</theme>
|
||||
<sysctl>
|
||||
<item>
|
||||
<descr>Increase UFS read-ahead speeds to match the state of hard drives and NCQ.</descr>
|
||||
<tunable>vfs.read_max</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Set the ephemeral port range to be lower.</descr>
|
||||
<tunable>net.inet.ip.portrange.first</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Drop packets to closed TCP ports without returning a RST</descr>
|
||||
<tunable>net.inet.tcp.blackhole</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Do not send ICMP port unreachable messages for closed UDP ports</descr>
|
||||
<tunable>net.inet.udp.blackhole</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Randomize the ID field in IP packets</descr>
|
||||
<tunable>net.inet.ip.random_id</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>
|
||||
Source routing is another way for an attacker to try to reach non-routable addresses behind your box.
|
||||
It can also be used to probe for information about your internal networks. These functions come enabled
|
||||
as part of the standard FreeBSD core system.
|
||||
</descr>
|
||||
<tunable>net.inet.ip.sourceroute</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>
|
||||
Source routing is another way for an attacker to try to reach non-routable addresses behind your box.
|
||||
It can also be used to probe for information about your internal networks. These functions come enabled
|
||||
as part of the standard FreeBSD core system.
|
||||
</descr>
|
||||
<tunable>net.inet.ip.accept_sourceroute</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>
|
||||
This option turns off the logging of redirect packets because there is no limit and this could fill
|
||||
up your logs consuming your whole hard drive.
|
||||
</descr>
|
||||
<tunable>net.inet.icmp.log_redirect</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Drop SYN-FIN packets (breaks RFC1379, but nobody uses it anyway)</descr>
|
||||
<tunable>net.inet.tcp.drop_synfin</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Enable sending IPv6 redirects</descr>
|
||||
<tunable>net.inet6.ip6.redirect</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Enable privacy settings for IPv6 (RFC 4941)</descr>
|
||||
<tunable>net.inet6.ip6.use_tempaddr</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Prefer privacy addresses and use them over the normal addresses</descr>
|
||||
<tunable>net.inet6.ip6.prefer_tempaddr</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Generate SYN cookies for outbound SYN-ACK packets</descr>
|
||||
<tunable>net.inet.tcp.syncookies</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Maximum incoming/outgoing TCP datagram size (receive)</descr>
|
||||
<tunable>net.inet.tcp.recvspace</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Maximum incoming/outgoing TCP datagram size (send)</descr>
|
||||
<tunable>net.inet.tcp.sendspace</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Do not delay ACK to try and piggyback it onto a data packet</descr>
|
||||
<tunable>net.inet.tcp.delayed_ack</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Maximum outgoing UDP datagram size</descr>
|
||||
<tunable>net.inet.udp.maxdgram</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Handling of non-IP packets which are not passed to pfil (see if_bridge(4))</descr>
|
||||
<tunable>net.link.bridge.pfil_onlyip</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Set to 1 to additionally filter on the physical interface for locally destined packets</descr>
|
||||
<tunable>net.link.bridge.pfil_local_phys</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Set to 0 to disable filtering on the incoming and outgoing member interfaces.</descr>
|
||||
<tunable>net.link.bridge.pfil_member</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Set to 1 to enable filtering on the bridge interface</descr>
|
||||
<tunable>net.link.bridge.pfil_bridge</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Allow unprivileged access to tap(4) device nodes</descr>
|
||||
<tunable>net.link.tap.user_open</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Randomize PID's (see src/sys/kern/kern_fork.c: sysctl_kern_randompid())</descr>
|
||||
<tunable>kern.randompid</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Disable CTRL+ALT+Delete reboot from keyboard.</descr>
|
||||
<tunable>hw.syscons.kbd_reboot</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Enable TCP extended debugging</descr>
|
||||
<tunable>net.inet.tcp.log_debug</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Set ICMP Limits</descr>
|
||||
<tunable>net.inet.icmp.icmplim</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>TCP Offload Engine</descr>
|
||||
<tunable>net.inet.tcp.tso</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>UDP Checksums</descr>
|
||||
<tunable>net.inet.udp.checksum</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Maximum socket buffer size</descr>
|
||||
<tunable>kern.ipc.maxsockbuf</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Page Table Isolation (Meltdown mitigation, requires reboot.)</descr>
|
||||
<tunable>vm.pmap.pti</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Disable Indirect Branch Restricted Speculation (Spectre V2 mitigation)</descr>
|
||||
<tunable>hw.ibrs_disable</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Hide processes running as other groups</descr>
|
||||
<tunable>security.bsd.see_other_gids</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Hide processes running as other users</descr>
|
||||
<tunable>security.bsd.see_other_uids</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Enable/disable sending of ICMP redirects in response to IP packets for which a better,
|
||||
and for the sender directly reachable, route and next hop is known.
|
||||
</descr>
|
||||
<tunable>net.inet.ip.redirect</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Maximum outgoing UDP datagram size</descr>
|
||||
<tunable>net.local.dgram.maxdgram</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
</sysctl>
|
||||
<system>
|
||||
<optimization>normal</optimization>
|
||||
<hostname>OPNsense</hostname>
|
||||
<domain>localdomain</domain>
|
||||
<dnsallowoverride>1</dnsallowoverride>
|
||||
<group>
|
||||
<name>admins</name>
|
||||
<description>System Administrators</description>
|
||||
<scope>system</scope>
|
||||
<gid>1999</gid>
|
||||
<member>0</member>
|
||||
<priv>page-all</priv>
|
||||
</group>
|
||||
<user>
|
||||
<name>root</name>
|
||||
<descr>System Administrator</descr>
|
||||
<scope>system</scope>
|
||||
<groupname>admins</groupname>
|
||||
<password>$2y$10$YRVoF4SgskIsrXOvOQjGieB9XqHPRra9R7d80B3BZdbY/j21TwBfS</password>
|
||||
<uid>0</uid>
|
||||
</user>
|
||||
<nextuid>2000</nextuid>
|
||||
<nextgid>2000</nextgid>
|
||||
<timezone>Etc/UTC</timezone>
|
||||
<timeservers>0.opnsense.pool.ntp.org 1.opnsense.pool.ntp.org 2.opnsense.pool.ntp.org 3.opnsense.pool.ntp.org</timeservers>
|
||||
<webgui>
|
||||
<protocol>https</protocol>
|
||||
<ssl-certref>6734d6c82dc59</ssl-certref>
|
||||
<port/>
|
||||
<ssl-ciphers/>
|
||||
<interfaces/>
|
||||
<compression/>
|
||||
</webgui>
|
||||
<disablenatreflection>yes</disablenatreflection>
|
||||
<usevirtualterminal>1</usevirtualterminal>
|
||||
<disableconsolemenu>1</disableconsolemenu>
|
||||
<disablevlanhwfilter>1</disablevlanhwfilter>
|
||||
<disablechecksumoffloading>1</disablechecksumoffloading>
|
||||
<disablesegmentationoffloading>1</disablesegmentationoffloading>
|
||||
<disablelargereceiveoffloading>1</disablelargereceiveoffloading>
|
||||
<ipv6allow>1</ipv6allow>
|
||||
<powerd_ac_mode>hadp</powerd_ac_mode>
|
||||
<powerd_battery_mode>hadp</powerd_battery_mode>
|
||||
<powerd_normal_mode>hadp</powerd_normal_mode>
|
||||
<bogons>
|
||||
<interval>monthly</interval>
|
||||
</bogons>
|
||||
<pf_share_forward>1</pf_share_forward>
|
||||
<lb_use_sticky>1</lb_use_sticky>
|
||||
<ssh>
|
||||
<group>admins</group>
|
||||
<noauto>1</noauto>
|
||||
<interfaces/>
|
||||
<kex/>
|
||||
<ciphers/>
|
||||
<macs/>
|
||||
<keys/>
|
||||
<keysig/>
|
||||
<enabled>enabled</enabled>
|
||||
<passwordauth>1</passwordauth>
|
||||
<permitrootlogin>1</permitrootlogin>
|
||||
</ssh>
|
||||
<rrdbackup>-1</rrdbackup>
|
||||
<netflowbackup>-1</netflowbackup>
|
||||
<firmware version="1.0.1">
|
||||
<mirror/>
|
||||
<flavour/>
|
||||
<plugins/>
|
||||
<type/>
|
||||
<subscription/>
|
||||
<reboot/>
|
||||
</firmware>
|
||||
<dnsserver>192.168.5.1</dnsserver>
|
||||
<language>en_US</language>
|
||||
<serialspeed>115200</serialspeed>
|
||||
<primaryconsole>video</primaryconsole>
|
||||
<secondaryconsole>serial</secondaryconsole>
|
||||
</system>
|
||||
<interfaces>
|
||||
<lan>
|
||||
<enable>1</enable>
|
||||
<if>le1</if>
|
||||
<ipaddr>10.100.8.1</ipaddr>
|
||||
<subnet>24</subnet>
|
||||
<ipaddrv6>track6</ipaddrv6>
|
||||
<subnetv6>64</subnetv6>
|
||||
<media/>
|
||||
<mediaopt/>
|
||||
<track6-interface>wan</track6-interface>
|
||||
<track6-prefix-id>0</track6-prefix-id>
|
||||
</lan>
|
||||
<lo0>
|
||||
<internal_dynamic>1</internal_dynamic>
|
||||
<descr>Loopback</descr>
|
||||
<enable>1</enable>
|
||||
<if>lo0</if>
|
||||
<ipaddr>127.0.0.1</ipaddr>
|
||||
<ipaddrv6>::1</ipaddrv6>
|
||||
<subnet>8</subnet>
|
||||
<subnetv6>128</subnetv6>
|
||||
<type>none</type>
|
||||
<virtual>1</virtual>
|
||||
</lo0>
|
||||
<wan>
|
||||
<if>le0</if>
|
||||
<descr/>
|
||||
<enable>1</enable>
|
||||
<spoofmac/>
|
||||
<ipaddr>dhcp</ipaddr>
|
||||
<dhcphostname/>
|
||||
<alias-address/>
|
||||
<alias-subnet>32</alias-subnet>
|
||||
<dhcprejectfrom/>
|
||||
<adv_dhcp_pt_timeout/>
|
||||
<adv_dhcp_pt_retry/>
|
||||
<adv_dhcp_pt_select_timeout/>
|
||||
<adv_dhcp_pt_reboot/>
|
||||
<adv_dhcp_pt_backoff_cutoff/>
|
||||
<adv_dhcp_pt_initial_interval/>
|
||||
<adv_dhcp_pt_values>SavedCfg</adv_dhcp_pt_values>
|
||||
<adv_dhcp_send_options/>
|
||||
<adv_dhcp_request_options/>
|
||||
<adv_dhcp_required_options/>
|
||||
<adv_dhcp_option_modifiers/>
|
||||
<adv_dhcp_config_advanced/>
|
||||
<adv_dhcp_config_file_override/>
|
||||
<adv_dhcp_config_file_override_path/>
|
||||
</wan>
|
||||
</interfaces>
|
||||
<dhcpd>
|
||||
<lan>
|
||||
<enable/>
|
||||
<range>
|
||||
<from>10.100.8.10</from>
|
||||
<to>10.100.8.245</to>
|
||||
</range>
|
||||
<staticmap>
|
||||
<mac>d8:5e:d3:e7:2c:8c</mac>
|
||||
<ipaddr>10.100.8.15</ipaddr>
|
||||
<hostname>rtx4090</hostname>
|
||||
<winsserver/>
|
||||
<dnsserver/>
|
||||
<ntpserver/>
|
||||
</staticmap>
|
||||
</lan>
|
||||
</dhcpd>
|
||||
<snmpd>
|
||||
<syslocation/>
|
||||
<syscontact/>
|
||||
<rocommunity>public</rocommunity>
|
||||
</snmpd>
|
||||
<nat>
|
||||
<outbound>
|
||||
<mode>automatic</mode>
|
||||
</outbound>
|
||||
</nat>
|
||||
<filter>
|
||||
<rule uuid="f79eded0-3c11-4f57-9aaa-55d4888589fa">
|
||||
<type>pass</type>
|
||||
<interface>wan</interface>
|
||||
<ipprotocol>inet</ipprotocol>
|
||||
<statetype>keep state</statetype>
|
||||
<direction>in</direction>
|
||||
<quick>1</quick>
|
||||
<protocol>tcp</protocol>
|
||||
<source>
|
||||
<any>1</any>
|
||||
</source>
|
||||
<destination>
|
||||
<network>wanip</network>
|
||||
<port>80</port>
|
||||
</destination>
|
||||
<updated>
|
||||
<username>root@192.168.5.204</username>
|
||||
<time>1731518072.7612</time>
|
||||
<description>/firewall_rules_edit.php made changes</description>
|
||||
</updated>
|
||||
<created>
|
||||
<username>root@192.168.5.204</username>
|
||||
<time>1731518072.7612</time>
|
||||
<description>/firewall_rules_edit.php made changes</description>
|
||||
</created>
|
||||
</rule>
|
||||
<rule uuid="4a5e7b65-0d7f-4452-8a29-2ec61a47ec19">
|
||||
<type>pass</type>
|
||||
<interface>wan</interface>
|
||||
<ipprotocol>inet</ipprotocol>
|
||||
<statetype>keep state</statetype>
|
||||
<direction>in</direction>
|
||||
<quick>1</quick>
|
||||
<protocol>tcp</protocol>
|
||||
<source>
|
||||
<any>1</any>
|
||||
</source>
|
||||
<destination>
|
||||
<network>wanip</network>
|
||||
<port>443</port>
|
||||
</destination>
|
||||
<updated>
|
||||
<username>root@192.168.5.204</username>
|
||||
<time>1731518084.0639</time>
|
||||
<description>/firewall_rules_edit.php made changes</description>
|
||||
</updated>
|
||||
<created>
|
||||
<username>root@192.168.5.204</username>
|
||||
<time>1731518084.0639</time>
|
||||
<description>/firewall_rules_edit.php made changes</description>
|
||||
</created>
|
||||
</rule>
|
||||
<rule uuid="0465308d-8605-466c-bcb4-95eeb989251a">
|
||||
<type>pass</type>
|
||||
<interface>wan</interface>
|
||||
<ipprotocol>inet</ipprotocol>
|
||||
<statetype>keep state</statetype>
|
||||
<direction>in</direction>
|
||||
<quick>1</quick>
|
||||
<protocol>tcp/udp</protocol>
|
||||
<source>
|
||||
<any>1</any>
|
||||
</source>
|
||||
<destination>
|
||||
<any>1</any>
|
||||
<port>22</port>
|
||||
</destination>
|
||||
<updated>
|
||||
<username>root@192.168.5.204</username>
|
||||
<time>1731518114.2801</time>
|
||||
<description>/firewall_rules_edit.php made changes</description>
|
||||
</updated>
|
||||
<created>
|
||||
<username>root@192.168.5.204</username>
|
||||
<time>1731518114.2801</time>
|
||||
<description>/firewall_rules_edit.php made changes</description>
|
||||
</created>
|
||||
</rule>
|
||||
<rule uuid="2df05591-13e7-4d91-a1b8-d25e338ada5f">
|
||||
<type>pass</type>
|
||||
<interface>wan</interface>
|
||||
<ipprotocol>inet</ipprotocol>
|
||||
<statetype>keep state</statetype>
|
||||
<descr>Allow ping</descr>
|
||||
<direction>in</direction>
|
||||
<quick>1</quick>
|
||||
<protocol>icmp</protocol>
|
||||
<source>
|
||||
<any>1</any>
|
||||
</source>
|
||||
<destination>
|
||||
<network>(self)</network>
|
||||
</destination>
|
||||
<updated>
|
||||
<username>root@192.168.5.204</username>
|
||||
<time>1731518356.7559</time>
|
||||
<description>/firewall_rules_edit.php made changes</description>
|
||||
</updated>
|
||||
<created>
|
||||
<username>root@192.168.5.204</username>
|
||||
<time>1731518311.7033</time>
|
||||
<description>/firewall_rules_edit.php made changes</description>
|
||||
</created>
|
||||
</rule>
|
||||
<rule uuid="f2ee612c-c290-4445-8045-df82a86db0e5">
|
||||
<type>pass</type>
|
||||
<ipprotocol>inet</ipprotocol>
|
||||
<descr>Default allow LAN to any rule</descr>
|
||||
<interface>lan</interface>
|
||||
<source>
|
||||
<network>lan</network>
|
||||
</source>
|
||||
<destination>
|
||||
<any/>
|
||||
</destination>
|
||||
</rule>
|
||||
<rule uuid="b21f808a-6a4a-4cd6-9a83-1660cc8ea58b">
|
||||
<type>pass</type>
|
||||
<ipprotocol>inet6</ipprotocol>
|
||||
<descr>Default allow LAN IPv6 to any rule</descr>
|
||||
<interface>lan</interface>
|
||||
<source>
|
||||
<network>lan</network>
|
||||
</source>
|
||||
<destination>
|
||||
<any/>
|
||||
</destination>
|
||||
</rule>
|
||||
</filter>
|
||||
<rrd>
|
||||
<enable/>
|
||||
</rrd>
|
||||
<ntpd>
|
||||
<prefer>0.opnsense.pool.ntp.org</prefer>
|
||||
</ntpd>
|
||||
<widgets>
|
||||
<sequence>system_information-container:00000000-col3:show,services_status-container:00000001-col4:show,gateways-container:00000002-col4:show,interface_list-container:00000003-col4:show</sequence>
|
||||
<column_count>2</column_count>
|
||||
</widgets>
|
||||
<revision>
|
||||
<username>root@192.168.5.204</username>
|
||||
<time>1731534516.7156</time>
|
||||
<description>/interfaces.php made changes</description>
|
||||
</revision>
|
||||
<OPNsense>
|
||||
<DHCRelay version="1.0.1"/>
|
||||
<wireguard>
|
||||
<client version="1.0.0">
|
||||
<clients/>
|
||||
</client>
|
||||
<general version="0.0.1">
|
||||
<enabled>0</enabled>
|
||||
</general>
|
||||
<server version="1.0.0">
|
||||
<servers/>
|
||||
</server>
|
||||
</wireguard>
|
||||
<IPsec version="1.0.1">
|
||||
<general>
|
||||
<enabled/>
|
||||
</general>
|
||||
<keyPairs/>
|
||||
<preSharedKeys/>
|
||||
</IPsec>
|
||||
<Swanctl version="1.0.0">
|
||||
<Connections/>
|
||||
<locals/>
|
||||
<remotes/>
|
||||
<children/>
|
||||
<Pools/>
|
||||
<VTIs/>
|
||||
<SPDs/>
|
||||
</Swanctl>
|
||||
<OpenVPNExport version="0.0.1">
|
||||
<servers/>
|
||||
</OpenVPNExport>
|
||||
<OpenVPN version="1.0.0">
|
||||
<Overwrites/>
|
||||
<Instances/>
|
||||
<StaticKeys/>
|
||||
</OpenVPN>
|
||||
<captiveportal version="1.0.2">
|
||||
<zones/>
|
||||
<templates/>
|
||||
</captiveportal>
|
||||
<cron version="1.0.4">
|
||||
<jobs/>
|
||||
</cron>
|
||||
<Firewall>
|
||||
<Lvtemplate version="0.0.1">
|
||||
<templates/>
|
||||
</Lvtemplate>
|
||||
<Alias version="1.0.1">
|
||||
<geoip>
|
||||
<url/>
|
||||
</geoip>
|
||||
<aliases/>
|
||||
</Alias>
|
||||
<Category version="1.0.0">
|
||||
<categories/>
|
||||
</Category>
|
||||
<Filter version="1.0.4">
|
||||
<rules/>
|
||||
<snatrules/>
|
||||
<npt/>
|
||||
<onetoone/>
|
||||
</Filter>
|
||||
</Firewall>
|
||||
<Netflow version="1.0.1">
|
||||
<capture>
|
||||
<interfaces/>
|
||||
<egress_only/>
|
||||
<version>v9</version>
|
||||
<targets/>
|
||||
</capture>
|
||||
<collect>
|
||||
<enable>0</enable>
|
||||
</collect>
|
||||
<activeTimeout>1800</activeTimeout>
|
||||
<inactiveTimeout>15</inactiveTimeout>
|
||||
</Netflow>
|
||||
<IDS version="1.0.9">
|
||||
<rules/>
|
||||
<policies/>
|
||||
<userDefinedRules/>
|
||||
<files/>
|
||||
<fileTags/>
|
||||
<general>
|
||||
<enabled>0</enabled>
|
||||
<ips>0</ips>
|
||||
<promisc>0</promisc>
|
||||
<interfaces>wan</interfaces>
|
||||
<homenet>192.168.0.0/16,10.0.0.0/8,172.16.0.0/12</homenet>
|
||||
<defaultPacketSize/>
|
||||
<UpdateCron/>
|
||||
<AlertLogrotate>W0D23</AlertLogrotate>
|
||||
<AlertSaveLogs>4</AlertSaveLogs>
|
||||
<MPMAlgo/>
|
||||
<detect>
|
||||
<Profile/>
|
||||
<toclient_groups/>
|
||||
<toserver_groups/>
|
||||
</detect>
|
||||
<syslog>0</syslog>
|
||||
<syslog_eve>0</syslog_eve>
|
||||
<LogPayload>0</LogPayload>
|
||||
<verbosity/>
|
||||
</general>
|
||||
</IDS>
|
||||
<Interfaces>
|
||||
<loopbacks version="1.0.0"/>
|
||||
<neighbors version="1.0.0"/>
|
||||
<vxlans version="1.0.2"/>
|
||||
</Interfaces>
|
||||
<Kea>
|
||||
<ctrl_agent version="0.0.1">
|
||||
<general>
|
||||
<enabled>0</enabled>
|
||||
<http_host>127.0.0.1</http_host>
|
||||
<http_port>8000</http_port>
|
||||
</general>
|
||||
</ctrl_agent>
|
||||
<dhcp4 version="1.0.0">
|
||||
<general>
|
||||
<enabled>0</enabled>
|
||||
<interfaces/>
|
||||
<valid_lifetime>4000</valid_lifetime>
|
||||
<fwrules>1</fwrules>
|
||||
</general>
|
||||
<ha>
|
||||
<enabled>0</enabled>
|
||||
<this_server_name/>
|
||||
</ha>
|
||||
<subnets/>
|
||||
<reservations/>
|
||||
<ha_peers/>
|
||||
</dhcp4>
|
||||
</Kea>
|
||||
<monit version="1.0.13">
|
||||
<general>
|
||||
<enabled>0</enabled>
|
||||
<interval>120</interval>
|
||||
<startdelay>120</startdelay>
|
||||
<mailserver>127.0.0.1</mailserver>
|
||||
<port>25</port>
|
||||
<username/>
|
||||
<password/>
|
||||
<ssl>0</ssl>
|
||||
<sslversion>auto</sslversion>
|
||||
<sslverify>1</sslverify>
|
||||
<logfile/>
|
||||
<statefile/>
|
||||
<eventqueuePath/>
|
||||
<eventqueueSlots/>
|
||||
<httpdEnabled>0</httpdEnabled>
|
||||
<httpdUsername>root</httpdUsername>
|
||||
<httpdPassword/>
|
||||
<httpdPort>2812</httpdPort>
|
||||
<httpdAllow/>
|
||||
<mmonitUrl/>
|
||||
<mmonitTimeout>5</mmonitTimeout>
|
||||
<mmonitRegisterCredentials>1</mmonitRegisterCredentials>
|
||||
</general>
|
||||
<alert uuid="15f1e9ca-5dd5-4b20-b595-b6b4f82245d0">
|
||||
<enabled>0</enabled>
|
||||
<recipient>root@localhost.local</recipient>
|
||||
<noton>0</noton>
|
||||
<events/>
|
||||
<format/>
|
||||
<reminder/>
|
||||
<description/>
|
||||
</alert>
|
||||
<service uuid="c1e99556-91f5-4dbf-81d7-7915a3213de9">
|
||||
<enabled>1</enabled>
|
||||
<name>$HOST</name>
|
||||
<description/>
|
||||
<type>system</type>
|
||||
<pidfile/>
|
||||
<match/>
|
||||
<path/>
|
||||
<timeout>300</timeout>
|
||||
<starttimeout>30</starttimeout>
|
||||
<address/>
|
||||
<interface/>
|
||||
<start/>
|
||||
<stop/>
|
||||
<tests>91b4e409-211b-49d5-9fa3-dc9054106646,cbe9cb72-e8c2-4740-990c-abcc486b0654,c0708923-88de-4178-abdd-819737440ce0,e887125d-c5d2-45e6-b40d-2c400d5449d1</tests>
|
||||
<depends/>
|
||||
<polltime/>
|
||||
</service>
|
||||
<service uuid="7513f341-7d21-4f11-903f-30d07b3aa41e">
|
||||
<enabled>1</enabled>
|
||||
<name>RootFs</name>
|
||||
<description/>
|
||||
<type>filesystem</type>
|
||||
<pidfile/>
|
||||
<match/>
|
||||
<path>/</path>
|
||||
<timeout>300</timeout>
|
||||
<starttimeout>30</starttimeout>
|
||||
<address/>
|
||||
<interface/>
|
||||
<start/>
|
||||
<stop/>
|
||||
<tests>cc3684f2-701e-4de4-883d-803e08cf47b6</tests>
|
||||
<depends/>
|
||||
<polltime/>
|
||||
</service>
|
||||
<service uuid="f99ada79-ba1a-4ee1-81f1-ef570e8e5ea9">
|
||||
<enabled>0</enabled>
|
||||
<name>carp_status_change</name>
|
||||
<description/>
|
||||
<type>custom</type>
|
||||
<pidfile/>
|
||||
<match/>
|
||||
<path>/usr/local/opnsense/scripts/OPNsense/Monit/carp_status</path>
|
||||
<timeout>300</timeout>
|
||||
<starttimeout>30</starttimeout>
|
||||
<address/>
|
||||
<interface/>
|
||||
<start/>
|
||||
<stop/>
|
||||
<tests>f2d734cb-2a0e-4375-9460-11bdd5b20503</tests>
|
||||
<depends/>
|
||||
<polltime/>
|
||||
</service>
|
||||
<service uuid="dca8a81f-d389-4baa-b477-8b348194fd25">
|
||||
<enabled>0</enabled>
|
||||
<name>gateway_alert</name>
|
||||
<description/>
|
||||
<type>custom</type>
|
||||
<pidfile/>
|
||||
<match/>
|
||||
<path>/usr/local/opnsense/scripts/OPNsense/Monit/gateway_alert</path>
|
||||
<timeout>300</timeout>
|
||||
<starttimeout>30</starttimeout>
|
||||
<address/>
|
||||
<interface/>
|
||||
<start/>
|
||||
<stop/>
|
||||
<tests>865105a2-cbea-4a01-9979-c67818da9d99</tests>
|
||||
<depends/>
|
||||
<polltime/>
|
||||
</service>
|
||||
<test uuid="ea6b821c-4f30-455b-bd5b-23a6f0c20554">
|
||||
<name>Ping</name>
|
||||
<type>NetworkPing</type>
|
||||
<condition>failed ping</condition>
|
||||
<action>alert</action>
|
||||
<path/>
|
||||
</test>
|
||||
<test uuid="16186b38-0e13-4cc3-ad18-ccc3fcc91837">
|
||||
<name>NetworkLink</name>
|
||||
<type>NetworkInterface</type>
|
||||
<condition>failed link</condition>
|
||||
<action>alert</action>
|
||||
<path/>
|
||||
</test>
|
||||
<test uuid="69117d4d-8c41-4712-97c0-87b4fa7c9837">
|
||||
<name>NetworkSaturation</name>
|
||||
<type>NetworkInterface</type>
|
||||
<condition>saturation is greater than 75%</condition>
|
||||
<action>alert</action>
|
||||
<path/>
|
||||
</test>
|
||||
<test uuid="91b4e409-211b-49d5-9fa3-dc9054106646">
|
||||
<name>MemoryUsage</name>
|
||||
<type>SystemResource</type>
|
||||
<condition>memory usage is greater than 75%</condition>
|
||||
<action>alert</action>
|
||||
<path/>
|
||||
</test>
|
||||
<test uuid="cbe9cb72-e8c2-4740-990c-abcc486b0654">
|
||||
<name>CPUUsage</name>
|
||||
<type>SystemResource</type>
|
||||
<condition>cpu usage is greater than 75%</condition>
|
||||
<action>alert</action>
|
||||
<path/>
|
||||
</test>
|
||||
<test uuid="c0708923-88de-4178-abdd-819737440ce0">
|
||||
<name>LoadAvg1</name>
|
||||
<type>SystemResource</type>
|
||||
<condition>loadavg (1min) is greater than 4</condition>
|
||||
<action>alert</action>
|
||||
<path/>
|
||||
</test>
|
||||
<test uuid="e887125d-c5d2-45e6-b40d-2c400d5449d1">
|
||||
<name>LoadAvg5</name>
|
||||
<type>SystemResource</type>
|
||||
<condition>loadavg (5min) is greater than 3</condition>
|
||||
<action>alert</action>
|
||||
<path/>
|
||||
</test>
|
||||
<test uuid="c34aab30-9194-4667-b516-004b9c90c1c0">
|
||||
<name>LoadAvg15</name>
|
||||
<type>SystemResource</type>
|
||||
<condition>loadavg (15min) is greater than 2</condition>
|
||||
<action>alert</action>
|
||||
<path/>
|
||||
</test>
|
||||
<test uuid="cc3684f2-701e-4de4-883d-803e08cf47b6">
|
||||
<name>SpaceUsage</name>
|
||||
<type>SpaceUsage</type>
|
||||
<condition>space usage is greater than 75%</condition>
|
||||
<action>alert</action>
|
||||
<path/>
|
||||
</test>
|
||||
<test uuid="f2d734cb-2a0e-4375-9460-11bdd5b20503">
|
||||
<name>ChangedStatus</name>
|
||||
<type>ProgramStatus</type>
|
||||
<condition>changed status</condition>
|
||||
<action>alert</action>
|
||||
<path/>
|
||||
</test>
|
||||
<test uuid="865105a2-cbea-4a01-9979-c67818da9d99">
|
||||
<name>NonZeroStatus</name>
|
||||
<type>ProgramStatus</type>
|
||||
<condition>status != 0</condition>
|
||||
<action>alert</action>
|
||||
<path/>
|
||||
</test>
|
||||
</monit>
|
||||
<Gateways version="1.0.0">
|
||||
<gateway_item uuid="a6ea102d-68bb-430f-af8b-269d52498fe1">
|
||||
<disabled>0</disabled>
|
||||
<name>WAN_GW</name>
|
||||
<descr>Interface WAN Gateway</descr>
|
||||
<interface>wan</interface>
|
||||
<ipprotocol>inet</ipprotocol>
|
||||
<gateway>172.17.0.1</gateway>
|
||||
<defaultgw>1</defaultgw>
|
||||
<fargw>0</fargw>
|
||||
<monitor_disable>1</monitor_disable>
|
||||
<monitor_noroute/>
|
||||
<monitor/>
|
||||
<force_down/>
|
||||
<priority>255</priority>
|
||||
<weight>1</weight>
|
||||
<latencylow/>
|
||||
<latencyhigh/>
|
||||
<losslow/>
|
||||
<losshigh/>
|
||||
<interval/>
|
||||
<time_period/>
|
||||
<loss_interval/>
|
||||
<data_length/>
|
||||
</gateway_item>
|
||||
</Gateways>
|
||||
<Syslog version="1.0.2">
|
||||
<general>
|
||||
<enabled>1</enabled>
|
||||
<loglocal>1</loglocal>
|
||||
<maxpreserve>31</maxpreserve>
|
||||
<maxfilesize/>
|
||||
</general>
|
||||
<destinations/>
|
||||
</Syslog>
|
||||
<TrafficShaper version="1.0.3">
|
||||
<pipes/>
|
||||
<queues/>
|
||||
<rules/>
|
||||
</TrafficShaper>
|
||||
<unboundplus version="1.0.9">
|
||||
<general>
|
||||
<enabled>1</enabled>
|
||||
<port>53</port>
|
||||
<stats/>
|
||||
<active_interface/>
|
||||
<dns64/>
|
||||
<dns64prefix/>
|
||||
<noarecords/>
|
||||
<regdhcp/>
|
||||
<regdhcpdomain/>
|
||||
<regdhcpstatic/>
|
||||
<noreglladdr6/>
|
||||
<noregrecords/>
|
||||
<txtsupport/>
|
||||
<cacheflush/>
|
||||
<local_zone_type>transparent</local_zone_type>
|
||||
<outgoing_interface/>
|
||||
<enable_wpad/>
|
||||
</general>
|
||||
<advanced>
|
||||
<hideidentity/>
|
||||
<hideversion/>
|
||||
<prefetch/>
|
||||
<prefetchkey/>
|
||||
<aggressivensec>1</aggressivensec>
|
||||
<serveexpired/>
|
||||
<serveexpiredreplyttl/>
|
||||
<serveexpiredttl/>
|
||||
<serveexpiredttlreset/>
|
||||
<serveexpiredclienttimeout/>
|
||||
<qnameminstrict/>
|
||||
<extendedstatistics/>
|
||||
<logqueries/>
|
||||
<logreplies/>
|
||||
<logtagqueryreply/>
|
||||
<logservfail/>
|
||||
<loglocalactions/>
|
||||
<logverbosity>1</logverbosity>
|
||||
<valloglevel>0</valloglevel>
|
||||
<privatedomain/>
|
||||
<privateaddress>0.0.0.0/8,10.0.0.0/8,100.64.0.0/10,169.254.0.0/16,172.16.0.0/12,192.0.2.0/24,192.168.0.0/16,198.18.0.0/15,198.51.100.0/24,203.0.113.0/24,233.252.0.0/24,::1/128,2001:db8::/32,fc00::/8,fd00::/8,fe80::/10</privateaddress>
|
||||
<insecuredomain/>
|
||||
<msgcachesize/>
|
||||
<rrsetcachesize/>
|
||||
<outgoingnumtcp/>
|
||||
<incomingnumtcp/>
|
||||
<numqueriesperthread/>
|
||||
<outgoingrange/>
|
||||
<jostletimeout/>
|
||||
<cachemaxttl/>
|
||||
<cachemaxnegativettl/>
|
||||
<cacheminttl/>
|
||||
<infrahostttl/>
|
||||
<infrakeepprobing/>
|
||||
<infracachenumhosts/>
|
||||
<unwantedreplythreshold/>
|
||||
</advanced>
|
||||
<acls>
|
||||
<default_action>allow</default_action>
|
||||
</acls>
|
||||
<dnsbl>
|
||||
<enabled>0</enabled>
|
||||
<safesearch/>
|
||||
<type/>
|
||||
<lists/>
|
||||
<whitelists/>
|
||||
<blocklists/>
|
||||
<wildcards/>
|
||||
<address/>
|
||||
<nxdomain/>
|
||||
</dnsbl>
|
||||
<forwarding>
|
||||
<enabled/>
|
||||
</forwarding>
|
||||
<dots/>
|
||||
<hosts/>
|
||||
<aliases/>
|
||||
<domains/>
|
||||
</unboundplus>
|
||||
</OPNsense>
|
||||
<hasync version="1.0.0">
|
||||
<disablepreempt>0</disablepreempt>
|
||||
<disconnectppps>0</disconnectppps>
|
||||
<pfsyncenabled>0</pfsyncenabled>
|
||||
<pfsyncinterface>lan</pfsyncinterface>
|
||||
<pfsyncpeerip/>
|
||||
<pfsyncversion>1400</pfsyncversion>
|
||||
<synchronizetoip/>
|
||||
<username/>
|
||||
<password/>
|
||||
<syncitems/>
|
||||
</hasync>
|
||||
<openvpn/>
|
||||
<ifgroups version="1.0.0"/>
|
||||
<gifs version="1.0.0">
|
||||
<gif/>
|
||||
</gifs>
|
||||
<gres version="1.0.0">
|
||||
<gre/>
|
||||
</gres>
|
||||
<laggs version="1.0.0">
|
||||
<lagg/>
|
||||
</laggs>
|
||||
<virtualip version="1.0.0">
|
||||
<vip/>
|
||||
</virtualip>
|
||||
<vlans version="1.0.0">
|
||||
<vlan/>
|
||||
</vlans>
|
||||
<staticroutes version="1.0.0">
|
||||
<route/>
|
||||
</staticroutes>
|
||||
<bridges>
|
||||
<bridged/>
|
||||
</bridges>
|
||||
<ppps>
|
||||
<ppp/>
|
||||
</ppps>
|
||||
<wireless>
|
||||
<clone/>
|
||||
</wireless>
|
||||
<ca/>
|
||||
<dhcpdv6/>
|
||||
<cert uuid="547102e9-23ba-48b8-8af8-64be61049e96">
|
||||
<refid>6734d13fa9e4a</refid>
|
||||
<descr>Web GUI TLS certificate</descr>
|
||||
<caref/>
|
||||
<crt>LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUhIakNDQlFhZ0F3SUJBZ0lVSUhVRkpwc253VGtzYWRrZmRDNUp1SDhqWnZNd0RRWUpLb1pJaHZjTkFRRUwKQlFBd2dZa3hIVEFiQmdOVkJBTU1GRTlRVG5ObGJuTmxMbXh2WTJGc1pHOXRZV2x1TVFzd0NRWURWUVFHRXdKTwpUREVWTUJNR0ExVUVDQXdNV25WcFpDMUliMnhzWVc1a01SVXdFd1lEVlFRSERBeE5hV1JrWld4b1lYSnVhWE14CkxUQXJCZ05WQkFvTUpFOVFUbk5sYm5ObElITmxiR1l0YzJsbmJtVmtJSGRsWWlCalpYSjBhV1pwWTJGMFpUQWUKRncweU5ERXhNVE14TmpFNE1EbGFGdzB5TlRFeU1UVXhOakU0TURsYU1JR0pNUjB3R3dZRFZRUUREQlJQVUU1egpaVzV6WlM1c2IyTmhiR1J2YldGcGJqRUxNQWtHQTFVRUJoTUNUa3d4RlRBVEJnTlZCQWdNREZwMWFXUXRTRzlzCmJHRnVaREVWTUJNR0ExVUVCd3dNVFdsa1pHVnNhR0Z5Ym1sek1TMHdLd1lEVlFRS0RDUlBVRTV6Wlc1elpTQnoKWld4bUxYTnBaMjVsWkNCM1pXSWdZMlZ5ZEdsbWFXTmhkR1V3Z2dJaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQwpEd0F3Z2dJS0FvSUNBUURKU1FlZ1RYckp5dDVWYmk0Rk9IeHJrOXhxQ21FRU54V2pINVVwNDBFK3hjUzZQU1NyCkNEclc3ZDlYcVJkOEpEZENtdGtLRGlMYWNaUzJMUm1abnd6VnRzZGtBR2pOYm5OM1hSNmlFajdGL0JnbVBlcDEKU2pJWnBTZzNkOS9YeHFPQTNZQllzTS9uUk9vWHlmTHcycFJOLzhHVjN3MHoxbVFZUitMZWI3UTFuc1c3dTJ5NworVHc5STZGU0J4bkdaR3RyUFl5NkVBb0NMdm1GQnFCYWxkWTQ2ejdlWjlIRkZXaE8ybWpaUzVPdTE3ZVozVHBxCnBRTVB1T2JxV3FyaE0xdjVjdmJodU5kREhNZ3ZVVFVnQ0RNK2FkS3dIc0dNNGw5ZGtOQTgxdGlJcXpzN1BqcjEKUm0wMlVuUXRneW8zY3hPRXVsYk9nU0hsdGhTMmtUMXE2UmhyemYvRGRJSEhta1RROGtwWVloWGc0VmpMQVdpSQpQbm9ncnZsRUlWMERhQ3ZEMjZiRkRDbVkxc29FbDV1NGtYanJScDRXK29NUVRHeG80NzFMQnNBMlh1Si82ZFJBCkJMVzh4dXBFODhEYmlrWW51NVdQaUp6ZXh4UVIyNU1FQVd6TCtKK0lubFExbmpMVWwyN3R0c1VQQ1VjL3c0NXoKcHBERHYwZnU0Nnp1S3EzY0VWRitiREsrQWdlT0Q2SXNzUjVRRTdFNVdkWjYrNWl6ZHB4eWdUeGh0L1k1RlBkSApHQjlCbDFrejR4bHRhczlvbmZrSDFkVHk3dzFNck43Z1l5WjgvS0pMWW9EY2NBOVFuNGt6bGtPeFVUMENuS1ExCmtWNk90aFRsVFgzK2duaUpJK3RXWUQ5bTRldXNzYWN1anpyWDl5TTNZcEloMnZqODJ0NHpPNjIrNFFJREFRQUIKbzRJQmVqQ0NBWFl3Q1FZRFZSMFRCQUl3QURBUkJnbGdoa2dCaHZoQ0FRRUVCQU1DQmtBd05BWUpZSVpJQVliNApRZ0VOQkNjV0pVOVFUbk5sYm5ObElFZGxibVZ5WVhSbFpDQlRaWEoyWlhJZ1EyVnlkR2xtYVdOaGRHVXdIUVlEClZSME9CQllFRkJRZytucWI5QW9HSWtoTUxhNHFzWGRvY0JGcE1JR3pCZ05WSFNNRWdhc3dnYWloZ1kra2dZd3cKZ1lreEhUQWJCZ05WQkFNTUZFOVFUbk5sYm5ObExteHZZMkZzWkc5dFlXbHVNUXN3Q1FZRFZRUUdFd0pPVERFVgpNQk1HQTFVRUNBd01XblZwWkMxSWIyeHNZVzVrTVJVd0V3WURWUVFIREF4TmFXUmtaV3hvWVhKdWFYTXhMVEFyCkJnTlZCQW9NSkU5UVRuTmxibk5sSUhObGJHWXRjMmxuYm1Wa0lIZGxZaUJqWlhKMGFXWnBZMkYwWllJVUlIVUYKSnBzbndUa3NhZGtmZEM1SnVIOGpadk13SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQ0FJQwpNQXNHQTFVZER3UUVBd0lGb0RBZkJnTlZIUkVFR0RBV2doUlBVRTV6Wlc1elpTNXNiMk5oYkdSdmJXRnBiakFOCkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQUZqNlQ1MmRIUklVMHJuZDE0d2dob2tjUkdrK0hIQloyTGlDRHpUeUwKNHdCeTJ1ZXJXQWdvYUZzeUlNQzhwWTBhWlc4TFlSd1BtRVB0OXlUS09ZZzF0NWtOUnk2RkF5akszeis5TGZTQwoxRlFpb0pma3FHRnhoc1IxV1R5RjBGNmJmM2tZRDZ4OWw1dEdqMXF3SndrekZWZWcvZGNtUVhvRTBmUDRqSFFvCmgxWXdiZ3pTa084TzRLUVhuWXVRM3g0bWdoZnBvR0hQM2xINlcybDJlWHpqSzllRjJtUG1ZS0p1M3JpSnkvL3gKRzhQWXBYNlNTN3RoVnNNeHF3cGJHbURXQXRuSnNrSmVsNDI1WUdOYlZ4YTNPOHE3RWxLNGFoNXpmai8wRnVwTgo3SnlqMWQyZjZFck14WlFnUi9EdmlUVnhISytRY1lBRXBqU2ZmZzBrRStpS1BlN0VYTVk1VU1aZUFTK1ZteG1LCjBPOWxaQXNpWUlEMzkwVjNTaDZxYjhoL2xMZ0V2NCtSNUw1VEpFaldYc0dQSUpGaHJNSFJWR1lhV3JIYWx3eHYKNjE5NFlpSXBEaUlHSVVSWGN1U3dNcndIQzN0bms2QVo2OW5CczVXT1JYM0NxOVhRRnVrVlA5eUMxQnRuSmFwbQpubUMzK3NtTTErRjkxUXlkVXJtbUxPNUVwUmtTMitBcmRTSklUR1NRNWt4L3VLNjhzV0QzVVdNNVRibUxrcWdOCkt6djZjemVCbzJiVExDT0JKUWJ4STFCckRPTUFMSDlCdXdUamVXdUVtWE9TWE1lTDFsejdhL2JZKzJxa1BSOVAKTE5IekE2QXZlVmxucDNaeFdqMjZFK3dwYnU5cHBaY0QzRGVHRnRnZzVJbUJ2ZDNWbjJ6UVc4a1ZMT1ZBdllSawptdWc9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K</crt>
|
||||
<csr/>
|
||||
<prv>LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUpSQUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQ1M0d2dna3FBZ0VBQW9JQ0FRREpTUWVnVFhySnl0NVYKYmk0Rk9IeHJrOXhxQ21FRU54V2pINVVwNDBFK3hjUzZQU1NyQ0RyVzdkOVhxUmQ4SkRkQ210a0tEaUxhY1pTMgpMUm1abnd6VnRzZGtBR2pOYm5OM1hSNmlFajdGL0JnbVBlcDFTaklacFNnM2Q5L1h4cU9BM1lCWXNNL25ST29YCnlmTHcycFJOLzhHVjN3MHoxbVFZUitMZWI3UTFuc1c3dTJ5NytUdzlJNkZTQnhuR1pHdHJQWXk2RUFvQ0x2bUYKQnFCYWxkWTQ2ejdlWjlIRkZXaE8ybWpaUzVPdTE3ZVozVHBxcFFNUHVPYnFXcXJoTTF2NWN2Ymh1TmRESE1ndgpVVFVnQ0RNK2FkS3dIc0dNNGw5ZGtOQTgxdGlJcXpzN1BqcjFSbTAyVW5RdGd5bzNjeE9FdWxiT2dTSGx0aFMyCmtUMXE2UmhyemYvRGRJSEhta1RROGtwWVloWGc0VmpMQVdpSVBub2dydmxFSVYwRGFDdkQyNmJGRENtWTFzb0UKbDV1NGtYanJScDRXK29NUVRHeG80NzFMQnNBMlh1Si82ZFJBQkxXOHh1cEU4OERiaWtZbnU1V1BpSnpleHhRUgoyNU1FQVd6TCtKK0lubFExbmpMVWwyN3R0c1VQQ1VjL3c0NXpwcEREdjBmdTQ2enVLcTNjRVZGK2JESytBZ2VPCkQ2SXNzUjVRRTdFNVdkWjYrNWl6ZHB4eWdUeGh0L1k1RlBkSEdCOUJsMWt6NHhsdGFzOW9uZmtIMWRUeTd3MU0Kck43Z1l5WjgvS0pMWW9EY2NBOVFuNGt6bGtPeFVUMENuS1Exa1Y2T3RoVGxUWDMrZ25pSkkrdFdZRDltNGV1cwpzYWN1anpyWDl5TTNZcEloMnZqODJ0NHpPNjIrNFFJREFRQUJBb0lDQUNPNnZpc1BIY3pzb1NjK2dkWkU1dGNNCnZkc240UDFIenVRd0VzRUcrVG1zanVWMVBZbExrbkE4OU1DQmdDejEyOFpMcU51ZlUwSDkxK1Uzbjd2MGJ1bVAKd3BpR2R4UUNOMlpZaGZ2RWE5YW1qMTNZYjBJbks3b0FKbUdrT254NW91UFl6YlBRblBNRE9WK0VKa2JwTWRxZgptOHdmOWg2OXYzSk03bUZJS0UrOVVZR252UjhuMkhETTNwR3FONEhQS1A4MkE0RXlvQ2d2a1BTelRxc052bU5ICnBOY0RURW5rNlNsWUhUVDNOSzJjVnBldUhMUzUrazlqNWI5elhUSlE5TkpVZlN6bnEvUmFpMUZVNDY1K0xpUjEKMGVPWDdnajFWUExOcGgwcWtQQy9ubW0vZStVMmZXUGZZb2FDcWkrQ0VwU2twQXlQZ1FZZTJsSG0rYVU4MzZ2UQpuaHZuL0p5ZHJDL1NyTUFZaXpOZFYyZjlHTkNwcE1SbUZyOS9saVJiNEFpSzRLSDRETGdSRUxHaDJLNzJuOFRLCkxUSVhIV3RacisyMWU4c0Mxbm5MSENnK21wMHBvSWJsbEtoYk9VTmVxR09yWm95NFBXdDZMQndFYzN0MG1wVEMKODhiSUpqMzFCQngzTGE1SUE5b0FNRi9lbHJYdFhhVnl4bm5yTHdjYzFNVWpCV20rZDVqbC9WOEdIcEJRd3pXYwpPNWdNSXlQNUIvdzBacUcyZjV1akZkOHo4dElmcEFRRTJSbDNxRUFYNU1NY1JQaFlTNDJqTWl4czc3TmtOVldQCkpqUVoxVDVXQTVKOUxEL2FKRkplQ2MvbjhpNldOQ3FzdEQ5OVNPTCsrTTBFQTlka2lLNWtOcXFZeXZuRG9SZVcKSW84eXhvVnpObURsWjBkSU9UUzlBb0lCQVFEb2tvMWxPS05FNlBWWmRRU3lmS0JOTEZNcEl1V1VVZmp0ODU4awpJTTB0TnNyS0d2N3NmYkt0dlMvOWgwMGluU2FyWTJ4amVETG91WEI5VzdKY1B1NjRoNHYwek1lbXRhdDRyTUJnClA5bkQ3MW00dERqS2ZrZDAza2tUbk4ySTBxYkwzeFVoTjNEQlJZTU9veDFMa2M4MFFFMHhSUEM1YmRJaXcwemEKTWdtK1dOZVY1VEZoSkpQZ2dVRVo5U1A2aWV1VEY0OW9wRGNWdGUwQ0I0WnFUaTRWb3YvZFVDWGpNK0djRnNWdgpPWTZYTE9KTmRldHdnUVNkd1hlSzB1WlBpWnVKTGlsTEg4OFVKYWNoQThDZW1SclMxRUtxWElwK2dkQWV4MnhVCmY5amRMMGF2SlJEY0xqWlhETXBvWlJpc0JoWVArZzY3VHZza3FscDh4M2p2STlWVkFvSUJBUURkajZrdWNLM0MKYXprMzlqYllvM3RFZ0R5L2VGNnBjWFlpK21Ba1ZNRk9vSWJ5cmNyN3BqSnRMNFMyMEFDRmpBUGFQT042dWVVWQpQQm92dC9QODB1V1c5cGZCK29mRmdadzRqc3hLWFY4eEJmOVdLWVZndFBsOHhIL1RJcERTMjhVTlowNDlhUW4vCjlCRzNac0lyenk3RzFLRTZPLzBMMnVmMnFyaUxxRFQyV3dsdFVsbWs2Ym5NeThkR0sra1JLcFhvSm1RTlNHRHoKOXd4blU2ZmZ1NDdDLzRYMHRIVk1MVFVneFh4djdqN3BpSzI4dzBuZ1N5S3ozV0IzWTJwaFVsZEJIdEprQko1RQpoRm8zMXJCVDU5enhkb2crYXh1bkh4S3EySGFHRkt0ZUZ6RGpkTTFpQzE3bWNtWXBzR2tuenA0cjRjZm5FYTFSCko4Wmo5ZVFQaEVOZEFvSUJBUUN3d2hsbXNkb2MySFVJVFZDSm13QjJSdGJaYitWT2lkS0lmdDBYcHpwcFA3aDIKVEhndEl3ZDIxayt2LzNJWGVaclhMWlJHTVNkNEN1QTgxa0ZEckt6Z1lGeDFiR0hkQ1R2T1ZuVkxjWnUvTjUxWQpMTmp3eFhMbmxyMnhnMG8zMytuWERyQlBjNFJsejcvZ2t3WUQxa2pGckkwK2dlZjI5a2w4RkRUSHJMb05DaGFuCm5PNmZweDRneGZ2Rmo3T05pZDhhQnhEK2RiaEw3dDIzNmlJMWp6K2xRQ0g0Z1I2YWhHYldxOVBZU2NWZWprVmMKbTkrWnZPVFdSU0RteUkwMExDQ2k3UXVEUmlTcmFrYVFaL3F3VHlxOHk0ZnpWS3dKby8yYU52VFZiK2xSaWNuTgorWHpMNnU5dno0L1NNZXZEYWtqQVVjdDZmbmVQa1UxK2dsZ2VZSHlWQW9JQkFRRFJtYW0wVEZhbFdXaHMvNWtOClEwTkhINFhZb1JmMGRta0xXQStCNzBoY2lOS0JYRlp0ME9GZGw1bVdsSm9adk1hY1BBUDd3MGJ1c1ZVWWxZN1YKTy9LRTZVM1I3WjlxQWw1Mnh1aU81Vnc3ZFhBRDVBM1EyZ1EzdTNFdG5VS2lwOVA0QlNYb1JLbDRJVDV0WVdJSgpyZHVUciszQ3VLT0FCcHh4Snpxa3JBRkdtZ01HRCtUTWRXd1hTU1NBeHVPYklNMW1MSU4wYVdlSEJNMFFKdnptClZIb1BFVXA1b0FwamdWVUVacTk4K0VjK0NOWkxmL2d3bndQNllsQnpRWEtQRlNXRWJwTWNtWjNjTmRWZmc5T1YKM1FDUTBkQzhNL21hRlhSRWVibE95TmtCanpEcHpVTExJUFNyVDhoRVlpWm95VGVyVGRJZVVBUEZoYnBTTUhtTApFRlhsQW9JQkFRQ0VUdVJQRHZvMC9tdDhyTzhLNENsamtuU0gxZ1FBSjFha3U3UXg3NUJUTDB6OWRNY2lMK1JLCng1R1lFTW1wcUtNb2FPbWc0WFVRMVRlQ2Vic1R0NjMyWXp6cmNCU0d1RzVnN1o0UUVublUzRXU5QklIMUVSL2gKSEk0NWowU0xNRUpObkNiTkpnRVNRRUFCbzN3cHhrRTdiRGlNdTVPOXVqMlFRVTlTTm94QkFmbVFXRDJJaU1BRQpWYzV3QTNZajBMdElSYkJmdzNBTE9uNlRSc2xucy9JMnd2Z1RCQW9sU3NZbEtEK0NRY3hDZldlNmZwU21aYmlCClBGUE9DY1ZQTXhGeXBhZWFJMkRXNWRPNFNoNGQ0ZlZma2F3ck9LN1N2QnFZb0Y5L2VndThzQS9ZdklaRVltQUQKd0ZIOGs1QjJ4WXdiNkVmNmFFQ29ZTitsNWtlWmhNWTgKLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo=</prv>
|
||||
</cert>
|
||||
<cert uuid="cad18e13-92c5-48b6-9b44-ad2e5dcc799e">
|
||||
<refid>6734d6c82dc59</refid>
|
||||
<descr>Web GUI TLS certificate</descr>
|
||||
<caref/>
|
||||
<crt>LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUhIakNDQlFhZ0F3SUJBZ0lVZkNETXpFclQ4dlVoenJaTVJta3JiT3dnSUdNd0RRWUpLb1pJaHZjTkFRRUwKQlFBd2dZa3hIVEFiQmdOVkJBTU1GRTlRVG5ObGJuTmxMbXh2WTJGc1pHOXRZV2x1TVFzd0NRWURWUVFHRXdKTwpUREVWTUJNR0ExVUVDQXdNV25WcFpDMUliMnhzWVc1a01SVXdFd1lEVlFRSERBeE5hV1JrWld4b1lYSnVhWE14CkxUQXJCZ05WQkFvTUpFOVFUbk5sYm5ObElITmxiR1l0YzJsbmJtVmtJSGRsWWlCalpYSjBhV1pwWTJGMFpUQWUKRncweU5ERXhNVE14TmpReE5EVmFGdzB5TlRFeU1UVXhOalF4TkRWYU1JR0pNUjB3R3dZRFZRUUREQlJQVUU1egpaVzV6WlM1c2IyTmhiR1J2YldGcGJqRUxNQWtHQTFVRUJoTUNUa3d4RlRBVEJnTlZCQWdNREZwMWFXUXRTRzlzCmJHRnVaREVWTUJNR0ExVUVCd3dNVFdsa1pHVnNhR0Z5Ym1sek1TMHdLd1lEVlFRS0RDUlBVRTV6Wlc1elpTQnoKWld4bUxYTnBaMjVsWkNCM1pXSWdZMlZ5ZEdsbWFXTmhkR1V3Z2dJaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQwpEd0F3Z2dJS0FvSUNBUURMc0xEbjRta1R4RXJYdHdqTXoxencyeHJhNTZ5bTYrYzlRNEM3UjMyMzVuWjVPM1ovCnczL2tNV2Y5L25GbGpnMkFXWERJSmNXZjk0NFJFblFMdmlha2NNTHR1Qm1KTVRYZnVQWnhsSWE4Wlc0S0ZuT20KVFM0WXFCVzhHQkpJd0xtQ2kxb2RoWXhmUEQ2TFdEZnZYMm1tWEIrUFNxL0l4WEhOSjdxZVB4YzVuSzUyMW1uNQpuQ0FtZFBDY2JmdmdXdUM2TnhWbXpkeXpta1QvNnVqRUJFYTZ6RkQyUUtDN1N6a2ptZUNpd2VDQjc5NjZqeEV5ClFrVlFqYlQ5MFlyeENvdE8rbTJIQU5QZHNjT3FvNldXMEhmSlNpa2k4K2NDWHlzbGRFSzFZbmxueTNFWlVqTEwKVmplRS9XQVU0Q1BZUmhYVFVGVTIxZFV2azNvYUVpeldVdmhKc1FHYnh2aFRUQlN3aVliOUQ3Ymx1MWl4UzJxNwo3Mzk5VWdRN3FTNUFhOElHbXA4NUNoUUlBWUVjSTd6RGVWTGtrOGpkWkFCaTdGbDl0M05OQTU3WlVZVzErWE45CitUZ3ljMTlTbGoxVW1RdkRvekxCQzk5TVJpLzREQTIxRFpIODY3ekFYenFqZWUrckorQkZvNzVEQjlqd2tMTmUKUGVpemxRenRIWmpSU0tnaWdSNU9KSmtSVHIvNjduaTBtbzVITGNkU3hBSDFmdXdXS0hWS2RHQlQrNjhhYkUrZwprUSsrVDhMenVhK1FtakxOUVFqMVJCSFYzSzVQL3dvbXJKZG02d1ZLbm85RXlNait4azFwS05wb0F4UnR1WllmCkNEVVVQWjR1cEJtbzBLN3dGNHdtV3VXYSttVndlb1ZTcDRXMEhOWVJGU1pyWWxrc1AzdWViSHcva1FJREFRQUIKbzRJQmVqQ0NBWFl3Q1FZRFZSMFRCQUl3QURBUkJnbGdoa2dCaHZoQ0FRRUVCQU1DQmtBd05BWUpZSVpJQVliNApRZ0VOQkNjV0pVOVFUbk5sYm5ObElFZGxibVZ5WVhSbFpDQlRaWEoyWlhJZ1EyVnlkR2xtYVdOaGRHVXdIUVlEClZSME9CQllFRktidDd0QkRKN1daV1lMblQ5cEhTMklPdTg1TU1JR3pCZ05WSFNNRWdhc3dnYWloZ1kra2dZd3cKZ1lreEhUQWJCZ05WQkFNTUZFOVFUbk5sYm5ObExteHZZMkZzWkc5dFlXbHVNUXN3Q1FZRFZRUUdFd0pPVERFVgpNQk1HQTFVRUNBd01XblZwWkMxSWIyeHNZVzVrTVJVd0V3WURWUVFIREF4TmFXUmtaV3hvWVhKdWFYTXhMVEFyCkJnTlZCQW9NSkU5UVRuTmxibk5sSUhObGJHWXRjMmxuYm1Wa0lIZGxZaUJqWlhKMGFXWnBZMkYwWllJVWZDRE0KekVyVDh2VWh6clpNUm1rcmJPd2dJR013SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQ0FJQwpNQXNHQTFVZER3UUVBd0lGb0RBZkJnTlZIUkVFR0RBV2doUlBVRTV6Wlc1elpTNXNiMk5oYkdSdmJXRnBiakFOCkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQWNQbmllQ29FSmRjV25CVHdqRmE3bjZqTFMrZ1pUYUk2ZjAzWktQMFYKQ0pSaDUxWTNwb2dpcnJYcVNHQ1VGTVNHbGpsQ21mU2VhdW9GWFYwanZLejhnMGZ1NU9kYlhjd2FrZFBZSXgydQpVT0dMbllTaEdCNlpoMmhpWWdSVGFpemJoTVliQitzQkV4QU1CdHZRZElSZ3dBWkRNWE9jY0MwZnJaMFhRRlRFCnQ3by82VGYvZEprdnB0cmRYWW1INnFUWlA2MGxyTnlabVloTjc1NEluOFZLRVVSRWNZamg1ejlJanA1NTE1cU0Kb0VrSGNKbTBDNkh2VStETG1ybFpFYkV4bnVOMFQzWTBNZ0hiVFVhU2Y1L2FKVmlIM0dOMnMzbG1ZM0VXTS9Vcwo3azFyc2JTa2orZzJvQXlTcjU0Nlc4RkdaMjliZFlOYk1EaTQ4aXVRQWlzRlQrTGZXN3Y3RVl3WGJ3NUhSVkpNCjV2MlhnenJwN2Yxa08zckEzeXUyS1VSSktHdjJ1ZXhNSythb1VOZXhRT3ludmZGUTBCemRHQ1dlcmVvZTZ3bDMKbHc4Z2dCWDI1VGIxbzR3d1UzNXdtUUIrMC9rbjB0SXoveVBhY2JzbDAwZ0dJNFhTbWpRQmF0MUZYRHFEME1JMgp4S0RqMXZ2dkNTVnRKc09ESG95eDhLc3ptbno5UVFoV0ZNeC9LTXp1clh0OWtsWFRJc0t3d2NXMytZQWtQMzNaClgvOGJnZS8zK2RibTdNN3BndmFBNVFlU3VTbkwzNjdLT1g1NlNZNGFZWHhkc1haVDc0ZGxVRU1jbG9NU0NIOG4KR25QWlpyWTNHdnZaU2ovQWdqT2lDNHNBL2JSSmh4cCtUQndlRFByR0pFUEJFVW9sZEZHVXdraFJXMVVuRlc2YwpyTGM9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K</crt>
|
||||
<csr/>
|
||||
<prv>LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUpRZ0lCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQ1N3d2dna29BZ0VBQW9JQ0FRRExzTERuNG1rVHhFclgKdHdqTXoxencyeHJhNTZ5bTYrYzlRNEM3UjMyMzVuWjVPM1ovdzMva01XZjkvbkZsamcyQVdYRElKY1dmOTQ0UgpFblFMdmlha2NNTHR1Qm1KTVRYZnVQWnhsSWE4Wlc0S0ZuT21UUzRZcUJXOEdCSkl3TG1DaTFvZGhZeGZQRDZMCldEZnZYMm1tWEIrUFNxL0l4WEhOSjdxZVB4YzVuSzUyMW1uNW5DQW1kUENjYmZ2Z1d1QzZOeFZtemR5em1rVC8KNnVqRUJFYTZ6RkQyUUtDN1N6a2ptZUNpd2VDQjc5NjZqeEV5UWtWUWpiVDkwWXJ4Q290TyttMkhBTlBkc2NPcQpvNldXMEhmSlNpa2k4K2NDWHlzbGRFSzFZbmxueTNFWlVqTExWamVFL1dBVTRDUFlSaFhUVUZVMjFkVXZrM29hCkVpeldVdmhKc1FHYnh2aFRUQlN3aVliOUQ3Ymx1MWl4UzJxNzczOTlVZ1E3cVM1QWE4SUdtcDg1Q2hRSUFZRWMKSTd6RGVWTGtrOGpkWkFCaTdGbDl0M05OQTU3WlVZVzErWE45K1RneWMxOVNsajFVbVF2RG96TEJDOTlNUmkvNApEQTIxRFpIODY3ekFYenFqZWUrckorQkZvNzVEQjlqd2tMTmVQZWl6bFF6dEhaalJTS2dpZ1I1T0pKa1JUci82CjduaTBtbzVITGNkU3hBSDFmdXdXS0hWS2RHQlQrNjhhYkUrZ2tRKytUOEx6dWErUW1qTE5RUWoxUkJIVjNLNVAKL3dvbXJKZG02d1ZLbm85RXlNait4azFwS05wb0F4UnR1WllmQ0RVVVBaNHVwQm1vMEs3d0Y0d21XdVdhK21Wdwplb1ZTcDRXMEhOWVJGU1pyWWxrc1AzdWViSHcva1FJREFRQUJBb0lDQUFzc3hPL2IzSTd3a0hpWU9wdmQ3b2ZxClJXVm9HM0ZHOVBkSCtrcU1DQW9zVXlpZ2lnWkZhQUZSY3BhZFBJUnBVRFZQOHQrUUx2RHhTSEtJVkNTR3lLRHgKN01mVTkxV3ZCUGtpc1NhWEV2TklEMHJ2WTJYbXl4WWdOcDBNcHdnbHhxZXlWSDNWSTFmZ09zQXpWVkpGSmtzeAp0NnVKV2U2R1lwRnlVZ3MzZytNdHhPYVJLZHcvWkFZb0dVRkR5WE5NR1JNdVRYYkg2WWxTOStFZ2RxZTJZbGtDCk41amkvODUydUlwSytXZUVnbmd1ZkVZNDdpVVhQSzFJTVB0UjRURUxOb3hkTWVBYnZBUG9La2QwMWZOWnVaQ3EKQ0dxNS9kMEQ4cDZKNjlUK3M1RnR1R1UrdkxtcUg3NmtsZjVmTTZnOFpCc2xSNStNQ0xlay9DaHRBZGU2VXBQRApXQ2EwazU3dmdneUdQdGVlVXY2RVJBMEp6SjlJd2VHZGdVWHhNdW5LK3ZSNWYydWJKWFJoMVJpNTNFSTNvVUxYClFvWm9hOTY3VzNUajQ3UzR2RlQyK2dLb0g2OXlNckdVNVkwcjJrSTFXMVVhWEJ1aVVrMi94amdyWVdTblUzUUQKZkM3ZXllTlNlN3c4UW9MMVBEYXJwVXdaK2xGZ0w3NFVScldLQU12WVhxa3NTMHVtb0tTSWo4cjZMM0hVSUVaUgpZRzhBTU91dFhrQk5lMkNpTXRKM2NYUXNIOWloQU9QL3AvaE9BTTBGNkM3Ymt1Vm85d1pRdDVESWxRWUl4TlArClFRZ2doRnhBNTlTWmpwRk00QkN5L0hEOENJY3VuSURZOVNlbXNSYXdyUVY1eGk1akFScVdOYTdBSVMvVlArdUUKQkpmS0dDNFlZVmxqS1VLeEgxVUJBb0lCQVFEcnZOWXNrd3ZhQ2Z6MlcvbkIrRjNjVE1RbjM2RENSYnZwQ0s1dApldm96TjJGbjBJdWFnN2RrYzN2NTFxTVNEd0h1cVNkVTRHUHZMcm83alpJaFNEZ1AwLzBLWmc0VmxtZE5HbEovCk1lcXhmOGRkOFdTQjZiUksrK2FRcEhaeDd2SUFTWkE4eHkvZ3F2NGJpSmlqVDhUQ2lSeXdYSTQ0ZlRYM0xLZTIKVG1Uc29XNk9yQmErSWJRYjBpTEh4WE4rZ3JDM0cxWWxIUlNvTEpKUkU0eFVLMGsvM1JLNU16RjRIYUNZb1BWOQpDOFpQellMR253SE9ERU8zbHRtSGJvQUNFa0VrT2dFV3U4RFo2YlYrMXJBcVh6WnN0L3hNZnJ5KzlMRVdYQUwvCkRnOEdkall0YzdyUTFZd1BIY1h6cFo2clVIdXh2K0p6VEE1ZzNCS1p6aWhwNFdHaEFvSUJBUURkTXE3N0dRWGMKYW5hYlMxanlFT3VzNFp5ZlJ4cW10NEVFaHZjY0dRVVVrV0IrWk11bnpyaENxb3ZwQ1dhVU9zWVhuNG45Y3BQSAo3bm1mOUJHbFI4NVhCVHNLM2d4bE5NMUhjSGFTNXZSem9WQVBNd3o2VVV0ZFNLWXRLR0Q3Wkxmbm9ISXN1SlEzCnJ6WWIyTFhpVmx6MWlNNUVmT0VrL1J5UjBwMGtleXVwa0F0OXBRV0hzaURYb0pibDE2d1ZLc2NDNGUzNjdRRWsKcFdoeXcyS3A4bXdtOGxqQllxZWtHdUREeGVZSDMzMVlGa2FMUEJCT2xPQnlveFlOUDdBVVREUlV3KzB1T01jNwozb0N1VE9jWnAxVWMwQURBOXRTRVRINklWdlFEUXZlYzR6MWRTVGRmUEkxRzVUTCt4Mzlvam5OcGVoYng0bEwvCmRxTTBmcFlPL2ZmeEFvSUJBRmwzOU8wNzdjNlY1ZHoyY1djTnhVbThGT0p4UEVrZlFEOGtYVmNOeW5HdnZoY3gKamhwWmpUdmhuSmJvd0VFMVV1MXFZNVFTQ2J1WVIzUWN1ZTVKdzRVMlZwNGd0NDIzNUlMZHo1dVlyVk1xaE5jQgpxN3ltbnhlcVhRcGVjTm15NzBQdXA0QjV0SkVYTkpQc2xzbThsNWVoaERMbkhjOFFybStlRWhUZDBlNEJJcjJoClVJeGVyRVcyemg1MXNPeTkyeVhUaVRGU3hTbENxVkYrRXM5TEVtVGJtYVNTYWw4RkY1TjEyMVhYSnkvWWRwNjkKY0dqc1BMTXIzR2xMSmVnalYzZlJUK0o1NWFxT3lhUlhCTXRBRVo3WGdUampETzJJWHNGMnNHaHV4SU1XVUYrVgp3YnhLbi9xSXVUMU1pVmpKbGZpVE0vWEFVdUN1QlowOEloaDFRcUVDZ2dFQUZwdzJySzRMSGxPM21mb2l0bU9xClkzcVFVdXVtdXNIcEt6aE1qQSsycURxUC9YdDZJY1lNcWF2YkwwL3ByMTh1bm4yTlVsM2k0ejNxS3NKOUIwTUcKd1hoa1o2RDQ3V052VkUwWG9iNS80RTN0N0EvUTFNbDRoYW1HYXZsRXFJM01DcDRvN1k5VWZ6aW10RVA3bTQ0dQpaRjYranR1ZysvSHZlS3hwcWEvNWI1U3N5QVFWUTZDZW9Ndm1nTW9CNmd2OFdid1VZbURWakJSb1Q4clBEQVllCnJnQjV1QkxJaGdyRlROMnV2TUZJZzdlTE1ISk1UR3dGWVZKd1Q1eGgrRUV0M0RoR3gwSEFnOHNqcGkxd05md1gKeENFeTRvYVloSWw1S2FDUndyK1dwZS9JZHYrajdGVTVMN1QvK0hFV0FlOEZ0eE5td3dUYWJRaUllRFkwU29ZRgpVUUtDQVFFQXRiclZqbTFsaDQ1REhIWnVsem4xNllIQzJrMUYwWG9FZFVSQ3o0QTFsMHBEK3ljL2srdmJ0Qmg0Cm1RRDV1a3FicHFFZy9GNUhDZmdOaHlieHNNdVV6NzFaU24zN2dwczNDWUdiUyt4RkhjZTJBakNTbUlYQWIxQjgKR0Z2WnV4UlB5QXU0YVBvT1J3RzM3NVBOM0VNNk83bzdxbjlYeExTZWRIMHExM2U0YkhYYm4rc2xOa1RIM2xmcwpLVnBOUUhVSUNDSW5vQ0llV1dwdnAwQnFoYjlKclRsbXd2c25zOHpZVDNiY3F5QXZHZGRnNUs3Y0MwRVJaem9ECnFJTkI3S05FVjQ1NmF0eDZVT3VYUlpKREMvaHNJUTZNaVBveUJacHRsK1ZIMEtQbEFIWGExb0FXZmNuL0U3MFYKK0RaeVBiMWxkQUdpb1hqditGd2h5VzZlWEVrQlBnPT0KLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo=</prv>
|
||||
</cert>
|
||||
<syslog/>
|
||||
</opnsense>
|
@ -0,0 +1,987 @@
|
||||
<?xml version="1.0"?>
|
||||
<opnsense>
|
||||
<theme>opnsense</theme>
|
||||
<sysctl>
|
||||
<item>
|
||||
<descr>Increase UFS read-ahead speeds to match the state of hard drives and NCQ.</descr>
|
||||
<tunable>vfs.read_max</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Set the ephemeral port range to be lower.</descr>
|
||||
<tunable>net.inet.ip.portrange.first</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Drop packets to closed TCP ports without returning a RST</descr>
|
||||
<tunable>net.inet.tcp.blackhole</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Do not send ICMP port unreachable messages for closed UDP ports</descr>
|
||||
<tunable>net.inet.udp.blackhole</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Randomize the ID field in IP packets</descr>
|
||||
<tunable>net.inet.ip.random_id</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Source routing is another way for an attacker to try to reach non-routable addresses behind your box.
|
||||
It can also be used to probe for information about your internal networks. These functions come enabled
|
||||
as part of the standard FreeBSD core system.</descr>
|
||||
<tunable>net.inet.ip.sourceroute</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Source routing is another way for an attacker to try to reach non-routable addresses behind your box.
|
||||
It can also be used to probe for information about your internal networks. These functions come enabled
|
||||
as part of the standard FreeBSD core system.</descr>
|
||||
<tunable>net.inet.ip.accept_sourceroute</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>This option turns off the logging of redirect packets because there is no limit and this could fill
|
||||
up your logs consuming your whole hard drive.</descr>
|
||||
<tunable>net.inet.icmp.log_redirect</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Drop SYN-FIN packets (breaks RFC1379, but nobody uses it anyway)</descr>
|
||||
<tunable>net.inet.tcp.drop_synfin</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Enable sending IPv6 redirects</descr>
|
||||
<tunable>net.inet6.ip6.redirect</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Enable privacy settings for IPv6 (RFC 4941)</descr>
|
||||
<tunable>net.inet6.ip6.use_tempaddr</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Prefer privacy addresses and use them over the normal addresses</descr>
|
||||
<tunable>net.inet6.ip6.prefer_tempaddr</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Generate SYN cookies for outbound SYN-ACK packets</descr>
|
||||
<tunable>net.inet.tcp.syncookies</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Maximum incoming/outgoing TCP datagram size (receive)</descr>
|
||||
<tunable>net.inet.tcp.recvspace</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Maximum incoming/outgoing TCP datagram size (send)</descr>
|
||||
<tunable>net.inet.tcp.sendspace</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Do not delay ACK to try and piggyback it onto a data packet</descr>
|
||||
<tunable>net.inet.tcp.delayed_ack</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Maximum outgoing UDP datagram size</descr>
|
||||
<tunable>net.inet.udp.maxdgram</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Handling of non-IP packets which are not passed to pfil (see if_bridge(4))</descr>
|
||||
<tunable>net.link.bridge.pfil_onlyip</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Set to 1 to additionally filter on the physical interface for locally destined packets</descr>
|
||||
<tunable>net.link.bridge.pfil_local_phys</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Set to 0 to disable filtering on the incoming and outgoing member interfaces.</descr>
|
||||
<tunable>net.link.bridge.pfil_member</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Set to 1 to enable filtering on the bridge interface</descr>
|
||||
<tunable>net.link.bridge.pfil_bridge</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Allow unprivileged access to tap(4) device nodes</descr>
|
||||
<tunable>net.link.tap.user_open</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Randomize PID's (see src/sys/kern/kern_fork.c: sysctl_kern_randompid())</descr>
|
||||
<tunable>kern.randompid</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Disable CTRL+ALT+Delete reboot from keyboard.</descr>
|
||||
<tunable>hw.syscons.kbd_reboot</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Enable TCP extended debugging</descr>
|
||||
<tunable>net.inet.tcp.log_debug</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Set ICMP Limits</descr>
|
||||
<tunable>net.inet.icmp.icmplim</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>TCP Offload Engine</descr>
|
||||
<tunable>net.inet.tcp.tso</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>UDP Checksums</descr>
|
||||
<tunable>net.inet.udp.checksum</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Maximum socket buffer size</descr>
|
||||
<tunable>kern.ipc.maxsockbuf</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Page Table Isolation (Meltdown mitigation, requires reboot.)</descr>
|
||||
<tunable>vm.pmap.pti</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Disable Indirect Branch Restricted Speculation (Spectre V2 mitigation)</descr>
|
||||
<tunable>hw.ibrs_disable</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Hide processes running as other groups</descr>
|
||||
<tunable>security.bsd.see_other_gids</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Hide processes running as other users</descr>
|
||||
<tunable>security.bsd.see_other_uids</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Enable/disable sending of ICMP redirects in response to IP packets for which a better,
|
||||
and for the sender directly reachable, route and next hop is known.</descr>
|
||||
<tunable>net.inet.ip.redirect</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Maximum outgoing UDP datagram size</descr>
|
||||
<tunable>net.local.dgram.maxdgram</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
</sysctl>
|
||||
<system>
|
||||
<optimization>normal</optimization>
|
||||
<hostname>OPNsense</hostname>
|
||||
<domain>localdomain</domain>
|
||||
<dnsallowoverride>1</dnsallowoverride>
|
||||
<group>
|
||||
<name>admins</name>
|
||||
<description>System Administrators</description>
|
||||
<scope>system</scope>
|
||||
<gid>1999</gid>
|
||||
<member>0</member>
|
||||
<priv>page-all</priv>
|
||||
</group>
|
||||
<user>
|
||||
<name>root</name>
|
||||
<descr>System Administrator</descr>
|
||||
<scope>system</scope>
|
||||
<groupname>admins</groupname>
|
||||
<password>$2y$10$YRVoF4SgskIsrXOvOQjGieB9XqHPRra9R7d80B3BZdbY/j21TwBfS</password>
|
||||
<uid>0</uid>
|
||||
</user>
|
||||
<nextuid>2000</nextuid>
|
||||
<nextgid>2000</nextgid>
|
||||
<timezone>Etc/UTC</timezone>
|
||||
<timeservers>0.opnsense.pool.ntp.org 1.opnsense.pool.ntp.org 2.opnsense.pool.ntp.org 3.opnsense.pool.ntp.org</timeservers>
|
||||
<webgui>
|
||||
<protocol>https</protocol>
|
||||
<ssl-certref>6734d6c82dc59</ssl-certref>
|
||||
<port/>
|
||||
<ssl-ciphers/>
|
||||
<interfaces/>
|
||||
<compression/>
|
||||
</webgui>
|
||||
<disablenatreflection>yes</disablenatreflection>
|
||||
<usevirtualterminal>1</usevirtualterminal>
|
||||
<disableconsolemenu>1</disableconsolemenu>
|
||||
<disablevlanhwfilter>1</disablevlanhwfilter>
|
||||
<disablechecksumoffloading>1</disablechecksumoffloading>
|
||||
<disablesegmentationoffloading>1</disablesegmentationoffloading>
|
||||
<disablelargereceiveoffloading>1</disablelargereceiveoffloading>
|
||||
<ipv6allow>1</ipv6allow>
|
||||
<powerd_ac_mode>hadp</powerd_ac_mode>
|
||||
<powerd_battery_mode>hadp</powerd_battery_mode>
|
||||
<powerd_normal_mode>hadp</powerd_normal_mode>
|
||||
<bogons>
|
||||
<interval>monthly</interval>
|
||||
</bogons>
|
||||
<pf_share_forward>1</pf_share_forward>
|
||||
<lb_use_sticky>1</lb_use_sticky>
|
||||
<ssh>
|
||||
<group>admins</group>
|
||||
<noauto>1</noauto>
|
||||
<interfaces/>
|
||||
<kex/>
|
||||
<ciphers/>
|
||||
<macs/>
|
||||
<keys/>
|
||||
<keysig/>
|
||||
<enabled>enabled</enabled>
|
||||
<passwordauth>1</passwordauth>
|
||||
<permitrootlogin>1</permitrootlogin>
|
||||
</ssh>
|
||||
<rrdbackup>-1</rrdbackup>
|
||||
<netflowbackup>-1</netflowbackup>
|
||||
<firmware version="1.0.1">
|
||||
<mirror/>
|
||||
<flavour/>
|
||||
<plugins/>
|
||||
<type/>
|
||||
<subscription/>
|
||||
<reboot/>
|
||||
</firmware>
|
||||
<dnsserver>192.168.5.1</dnsserver>
|
||||
<language>en_US</language>
|
||||
<serialspeed>115200</serialspeed>
|
||||
<primaryconsole>video</primaryconsole>
|
||||
<secondaryconsole>serial</secondaryconsole>
|
||||
</system>
|
||||
<interfaces>
|
||||
<lan>
|
||||
<enable>1</enable>
|
||||
<if>le1</if>
|
||||
<ipaddr>10.100.8.1</ipaddr>
|
||||
<subnet>24</subnet>
|
||||
<ipaddrv6>track6</ipaddrv6>
|
||||
<subnetv6>64</subnetv6>
|
||||
<media/>
|
||||
<mediaopt/>
|
||||
<track6-interface>wan</track6-interface>
|
||||
<track6-prefix-id>0</track6-prefix-id>
|
||||
</lan>
|
||||
<lo0>
|
||||
<internal_dynamic>1</internal_dynamic>
|
||||
<descr>Loopback</descr>
|
||||
<enable>1</enable>
|
||||
<if>lo0</if>
|
||||
<ipaddr>127.0.0.1</ipaddr>
|
||||
<ipaddrv6>::1</ipaddrv6>
|
||||
<subnet>8</subnet>
|
||||
<subnetv6>128</subnetv6>
|
||||
<type>none</type>
|
||||
<virtual>1</virtual>
|
||||
</lo0>
|
||||
<wan>
|
||||
<if>le0</if>
|
||||
<descr/>
|
||||
<enable>1</enable>
|
||||
<spoofmac/>
|
||||
<ipaddr>dhcp</ipaddr>
|
||||
<dhcphostname/>
|
||||
<alias-address/>
|
||||
<alias-subnet>32</alias-subnet>
|
||||
<dhcprejectfrom/>
|
||||
<adv_dhcp_pt_timeout/>
|
||||
<adv_dhcp_pt_retry/>
|
||||
<adv_dhcp_pt_select_timeout/>
|
||||
<adv_dhcp_pt_reboot/>
|
||||
<adv_dhcp_pt_backoff_cutoff/>
|
||||
<adv_dhcp_pt_initial_interval/>
|
||||
<adv_dhcp_pt_values>SavedCfg</adv_dhcp_pt_values>
|
||||
<adv_dhcp_send_options/>
|
||||
<adv_dhcp_request_options/>
|
||||
<adv_dhcp_required_options/>
|
||||
<adv_dhcp_option_modifiers/>
|
||||
<adv_dhcp_config_advanced/>
|
||||
<adv_dhcp_config_file_override/>
|
||||
<adv_dhcp_config_file_override_path/>
|
||||
</wan>
|
||||
</interfaces>
|
||||
<dhcpd>
|
||||
<lan>
|
||||
<enable/>
|
||||
<range>
|
||||
<from>10.100.8.10</from>
|
||||
<to>10.100.8.245</to>
|
||||
</range>
|
||||
<staticmap>
|
||||
<mac>d8:5e:d3:e7:2c:8c</mac>
|
||||
<ipaddr>10.100.8.15</ipaddr>
|
||||
<hostname>rtx4090</hostname>
|
||||
<winsserver/>
|
||||
<dnsserver/>
|
||||
<ntpserver/>
|
||||
</staticmap>
|
||||
</lan>
|
||||
</dhcpd>
|
||||
<snmpd>
|
||||
<syslocation/>
|
||||
<syscontact/>
|
||||
<rocommunity>public</rocommunity>
|
||||
</snmpd>
|
||||
<nat>
|
||||
<outbound>
|
||||
<mode>automatic</mode>
|
||||
</outbound>
|
||||
</nat>
|
||||
<filter>
|
||||
<rule uuid="f79eded0-3c11-4f57-9aaa-55d4888589fa">
|
||||
<type>pass</type>
|
||||
<interface>wan</interface>
|
||||
<ipprotocol>inet</ipprotocol>
|
||||
<statetype>keep state</statetype>
|
||||
<direction>in</direction>
|
||||
<quick>1</quick>
|
||||
<protocol>tcp</protocol>
|
||||
<source>
|
||||
<any>1</any>
|
||||
</source>
|
||||
<destination>
|
||||
<network>wanip</network>
|
||||
<port>80</port>
|
||||
</destination>
|
||||
<updated>
|
||||
<username>root@192.168.5.204</username>
|
||||
<time>1731518072.7612</time>
|
||||
<description>/firewall_rules_edit.php made changes</description>
|
||||
</updated>
|
||||
<created>
|
||||
<username>root@192.168.5.204</username>
|
||||
<time>1731518072.7612</time>
|
||||
<description>/firewall_rules_edit.php made changes</description>
|
||||
</created>
|
||||
</rule>
|
||||
<rule uuid="4a5e7b65-0d7f-4452-8a29-2ec61a47ec19">
|
||||
<type>pass</type>
|
||||
<interface>wan</interface>
|
||||
<ipprotocol>inet</ipprotocol>
|
||||
<statetype>keep state</statetype>
|
||||
<direction>in</direction>
|
||||
<quick>1</quick>
|
||||
<protocol>tcp</protocol>
|
||||
<source>
|
||||
<any>1</any>
|
||||
</source>
|
||||
<destination>
|
||||
<network>wanip</network>
|
||||
<port>443</port>
|
||||
</destination>
|
||||
<updated>
|
||||
<username>root@192.168.5.204</username>
|
||||
<time>1731518084.0639</time>
|
||||
<description>/firewall_rules_edit.php made changes</description>
|
||||
</updated>
|
||||
<created>
|
||||
<username>root@192.168.5.204</username>
|
||||
<time>1731518084.0639</time>
|
||||
<description>/firewall_rules_edit.php made changes</description>
|
||||
</created>
|
||||
</rule>
|
||||
<rule uuid="0465308d-8605-466c-bcb4-95eeb989251a">
|
||||
<type>pass</type>
|
||||
<interface>wan</interface>
|
||||
<ipprotocol>inet</ipprotocol>
|
||||
<statetype>keep state</statetype>
|
||||
<direction>in</direction>
|
||||
<quick>1</quick>
|
||||
<protocol>tcp/udp</protocol>
|
||||
<source>
|
||||
<any>1</any>
|
||||
</source>
|
||||
<destination>
|
||||
<any>1</any>
|
||||
<port>22</port>
|
||||
</destination>
|
||||
<updated>
|
||||
<username>root@192.168.5.204</username>
|
||||
<time>1731518114.2801</time>
|
||||
<description>/firewall_rules_edit.php made changes</description>
|
||||
</updated>
|
||||
<created>
|
||||
<username>root@192.168.5.204</username>
|
||||
<time>1731518114.2801</time>
|
||||
<description>/firewall_rules_edit.php made changes</description>
|
||||
</created>
|
||||
</rule>
|
||||
<rule uuid="2df05591-13e7-4d91-a1b8-d25e338ada5f">
|
||||
<type>pass</type>
|
||||
<interface>wan</interface>
|
||||
<ipprotocol>inet</ipprotocol>
|
||||
<statetype>keep state</statetype>
|
||||
<descr>Allow ping</descr>
|
||||
<direction>in</direction>
|
||||
<quick>1</quick>
|
||||
<protocol>icmp</protocol>
|
||||
<source>
|
||||
<any>1</any>
|
||||
</source>
|
||||
<destination>
|
||||
<network>(self)</network>
|
||||
</destination>
|
||||
<updated>
|
||||
<username>root@192.168.5.204</username>
|
||||
<time>1731518356.7559</time>
|
||||
<description>/firewall_rules_edit.php made changes</description>
|
||||
</updated>
|
||||
<created>
|
||||
<username>root@192.168.5.204</username>
|
||||
<time>1731518311.7033</time>
|
||||
<description>/firewall_rules_edit.php made changes</description>
|
||||
</created>
|
||||
</rule>
|
||||
<rule uuid="f2ee612c-c290-4445-8045-df82a86db0e5">
|
||||
<type>pass</type>
|
||||
<ipprotocol>inet</ipprotocol>
|
||||
<descr>Default allow LAN to any rule</descr>
|
||||
<interface>lan</interface>
|
||||
<source>
|
||||
<network>lan</network>
|
||||
</source>
|
||||
<destination>
|
||||
<any/>
|
||||
</destination>
|
||||
</rule>
|
||||
<rule uuid="b21f808a-6a4a-4cd6-9a83-1660cc8ea58b">
|
||||
<type>pass</type>
|
||||
<ipprotocol>inet6</ipprotocol>
|
||||
<descr>Default allow LAN IPv6 to any rule</descr>
|
||||
<interface>lan</interface>
|
||||
<source>
|
||||
<network>lan</network>
|
||||
</source>
|
||||
<destination>
|
||||
<any/>
|
||||
</destination>
|
||||
</rule>
|
||||
</filter>
|
||||
<rrd>
|
||||
<enable/>
|
||||
</rrd>
|
||||
<ntpd>
|
||||
<prefer>0.opnsense.pool.ntp.org</prefer>
|
||||
</ntpd>
|
||||
<widgets>
|
||||
<sequence>system_information-container:00000000-col3:show,services_status-container:00000001-col4:show,gateways-container:00000002-col4:show,interface_list-container:00000003-col4:show</sequence>
|
||||
<column_count>2</column_count>
|
||||
</widgets>
|
||||
<revision>
|
||||
<username>root@192.168.5.204</username>
|
||||
<time>1731534516.7156</time>
|
||||
<description>/interfaces.php made changes</description>
|
||||
</revision>
|
||||
<OPNsense>
|
||||
<DHCRelay version="1.0.1"/>
|
||||
<wireguard>
|
||||
<client version="1.0.0">
|
||||
<clients/>
|
||||
</client>
|
||||
<general version="0.0.1">
|
||||
<enabled>0</enabled>
|
||||
</general>
|
||||
<server version="1.0.0">
|
||||
<servers/>
|
||||
</server>
|
||||
</wireguard>
|
||||
<IPsec version="1.0.1">
|
||||
<general>
|
||||
<enabled/>
|
||||
</general>
|
||||
<keyPairs/>
|
||||
<preSharedKeys/>
|
||||
</IPsec>
|
||||
<Swanctl version="1.0.0">
|
||||
<Connections/>
|
||||
<locals/>
|
||||
<remotes/>
|
||||
<children/>
|
||||
<Pools/>
|
||||
<VTIs/>
|
||||
<SPDs/>
|
||||
</Swanctl>
|
||||
<OpenVPNExport version="0.0.1">
|
||||
<servers/>
|
||||
</OpenVPNExport>
|
||||
<OpenVPN version="1.0.0">
|
||||
<Overwrites/>
|
||||
<Instances/>
|
||||
<StaticKeys/>
|
||||
</OpenVPN>
|
||||
<captiveportal version="1.0.2">
|
||||
<zones/>
|
||||
<templates/>
|
||||
</captiveportal>
|
||||
<cron version="1.0.4">
|
||||
<jobs/>
|
||||
</cron>
|
||||
<Firewall>
|
||||
<Lvtemplate version="0.0.1">
|
||||
<templates/>
|
||||
</Lvtemplate>
|
||||
<Alias version="1.0.1">
|
||||
<geoip>
|
||||
<url/>
|
||||
</geoip>
|
||||
<aliases/>
|
||||
</Alias>
|
||||
<Category version="1.0.0">
|
||||
<categories/>
|
||||
</Category>
|
||||
<Filter version="1.0.4">
|
||||
<rules/>
|
||||
<snatrules/>
|
||||
<npt/>
|
||||
<onetoone/>
|
||||
</Filter>
|
||||
</Firewall>
|
||||
<Netflow version="1.0.1">
|
||||
<capture>
|
||||
<interfaces/>
|
||||
<egress_only/>
|
||||
<version>v9</version>
|
||||
<targets/>
|
||||
</capture>
|
||||
<collect>
|
||||
<enable>0</enable>
|
||||
</collect>
|
||||
<activeTimeout>1800</activeTimeout>
|
||||
<inactiveTimeout>15</inactiveTimeout>
|
||||
</Netflow>
|
||||
<IDS version="1.0.9">
|
||||
<rules/>
|
||||
<policies/>
|
||||
<userDefinedRules/>
|
||||
<files/>
|
||||
<fileTags/>
|
||||
<general>
|
||||
<enabled>0</enabled>
|
||||
<ips>0</ips>
|
||||
<promisc>0</promisc>
|
||||
<interfaces>wan</interfaces>
|
||||
<homenet>192.168.0.0/16,10.0.0.0/8,172.16.0.0/12</homenet>
|
||||
<defaultPacketSize/>
|
||||
<UpdateCron/>
|
||||
<AlertLogrotate>W0D23</AlertLogrotate>
|
||||
<AlertSaveLogs>4</AlertSaveLogs>
|
||||
<MPMAlgo/>
|
||||
<detect>
|
||||
<Profile/>
|
||||
<toclient_groups/>
|
||||
<toserver_groups/>
|
||||
</detect>
|
||||
<syslog>0</syslog>
|
||||
<syslog_eve>0</syslog_eve>
|
||||
<LogPayload>0</LogPayload>
|
||||
<verbosity/>
|
||||
</general>
|
||||
</IDS>
|
||||
<Interfaces>
|
||||
<loopbacks version="1.0.0"/>
|
||||
<neighbors version="1.0.0"/>
|
||||
<vxlans version="1.0.2"/>
|
||||
</Interfaces>
|
||||
<Kea>
|
||||
<ctrl_agent version="0.0.1">
|
||||
<general>
|
||||
<enabled>0</enabled>
|
||||
<http_host>127.0.0.1</http_host>
|
||||
<http_port>8000</http_port>
|
||||
</general>
|
||||
</ctrl_agent>
|
||||
<dhcp4 version="1.0.0">
|
||||
<general>
|
||||
<enabled>0</enabled>
|
||||
<interfaces/>
|
||||
<valid_lifetime>4000</valid_lifetime>
|
||||
<fwrules>1</fwrules>
|
||||
</general>
|
||||
<ha>
|
||||
<enabled>0</enabled>
|
||||
<this_server_name/>
|
||||
</ha>
|
||||
<subnets/>
|
||||
<reservations/>
|
||||
<ha_peers/>
|
||||
</dhcp4>
|
||||
</Kea>
|
||||
<monit version="1.0.13">
|
||||
<general>
|
||||
<enabled>0</enabled>
|
||||
<interval>120</interval>
|
||||
<startdelay>120</startdelay>
|
||||
<mailserver>127.0.0.1</mailserver>
|
||||
<port>25</port>
|
||||
<username/>
|
||||
<password/>
|
||||
<ssl>0</ssl>
|
||||
<sslversion>auto</sslversion>
|
||||
<sslverify>1</sslverify>
|
||||
<logfile/>
|
||||
<statefile/>
|
||||
<eventqueuePath/>
|
||||
<eventqueueSlots/>
|
||||
<httpdEnabled>0</httpdEnabled>
|
||||
<httpdUsername>root</httpdUsername>
|
||||
<httpdPassword/>
|
||||
<httpdPort>2812</httpdPort>
|
||||
<httpdAllow/>
|
||||
<mmonitUrl/>
|
||||
<mmonitTimeout>5</mmonitTimeout>
|
||||
<mmonitRegisterCredentials>1</mmonitRegisterCredentials>
|
||||
</general>
|
||||
<alert uuid="15f1e9ca-5dd5-4b20-b595-b6b4f82245d0">
|
||||
<enabled>0</enabled>
|
||||
<recipient>root@localhost.local</recipient>
|
||||
<noton>0</noton>
|
||||
<events/>
|
||||
<format/>
|
||||
<reminder/>
|
||||
<description/>
|
||||
</alert>
|
||||
<service uuid="c1e99556-91f5-4dbf-81d7-7915a3213de9">
|
||||
<enabled>1</enabled>
|
||||
<name>$HOST</name>
|
||||
<description/>
|
||||
<type>system</type>
|
||||
<pidfile/>
|
||||
<match/>
|
||||
<path/>
|
||||
<timeout>300</timeout>
|
||||
<starttimeout>30</starttimeout>
|
||||
<address/>
|
||||
<interface/>
|
||||
<start/>
|
||||
<stop/>
|
||||
<tests>91b4e409-211b-49d5-9fa3-dc9054106646,cbe9cb72-e8c2-4740-990c-abcc486b0654,c0708923-88de-4178-abdd-819737440ce0,e887125d-c5d2-45e6-b40d-2c400d5449d1</tests>
|
||||
<depends/>
|
||||
<polltime/>
|
||||
</service>
|
||||
<service uuid="7513f341-7d21-4f11-903f-30d07b3aa41e">
|
||||
<enabled>1</enabled>
|
||||
<name>RootFs</name>
|
||||
<description/>
|
||||
<type>filesystem</type>
|
||||
<pidfile/>
|
||||
<match/>
|
||||
<path>/</path>
|
||||
<timeout>300</timeout>
|
||||
<starttimeout>30</starttimeout>
|
||||
<address/>
|
||||
<interface/>
|
||||
<start/>
|
||||
<stop/>
|
||||
<tests>cc3684f2-701e-4de4-883d-803e08cf47b6</tests>
|
||||
<depends/>
|
||||
<polltime/>
|
||||
</service>
|
||||
<service uuid="f99ada79-ba1a-4ee1-81f1-ef570e8e5ea9">
|
||||
<enabled>0</enabled>
|
||||
<name>carp_status_change</name>
|
||||
<description/>
|
||||
<type>custom</type>
|
||||
<pidfile/>
|
||||
<match/>
|
||||
<path>/usr/local/opnsense/scripts/OPNsense/Monit/carp_status</path>
|
||||
<timeout>300</timeout>
|
||||
<starttimeout>30</starttimeout>
|
||||
<address/>
|
||||
<interface/>
|
||||
<start/>
|
||||
<stop/>
|
||||
<tests>f2d734cb-2a0e-4375-9460-11bdd5b20503</tests>
|
||||
<depends/>
|
||||
<polltime/>
|
||||
</service>
|
||||
<service uuid="dca8a81f-d389-4baa-b477-8b348194fd25">
|
||||
<enabled>0</enabled>
|
||||
<name>gateway_alert</name>
|
||||
<description/>
|
||||
<type>custom</type>
|
||||
<pidfile/>
|
||||
<match/>
|
||||
<path>/usr/local/opnsense/scripts/OPNsense/Monit/gateway_alert</path>
|
||||
<timeout>300</timeout>
|
||||
<starttimeout>30</starttimeout>
|
||||
<address/>
|
||||
<interface/>
|
||||
<start/>
|
||||
<stop/>
|
||||
<tests>865105a2-cbea-4a01-9979-c67818da9d99</tests>
|
||||
<depends/>
|
||||
<polltime/>
|
||||
</service>
|
||||
<test uuid="ea6b821c-4f30-455b-bd5b-23a6f0c20554">
|
||||
<name>Ping</name>
|
||||
<type>NetworkPing</type>
|
||||
<condition>failed ping</condition>
|
||||
<action>alert</action>
|
||||
<path/>
|
||||
</test>
|
||||
<test uuid="16186b38-0e13-4cc3-ad18-ccc3fcc91837">
|
||||
<name>NetworkLink</name>
|
||||
<type>NetworkInterface</type>
|
||||
<condition>failed link</condition>
|
||||
<action>alert</action>
|
||||
<path/>
|
||||
</test>
|
||||
<test uuid="69117d4d-8c41-4712-97c0-87b4fa7c9837">
|
||||
<name>NetworkSaturation</name>
|
||||
<type>NetworkInterface</type>
|
||||
<condition>saturation is greater than 75%</condition>
|
||||
<action>alert</action>
|
||||
<path/>
|
||||
</test>
|
||||
<test uuid="91b4e409-211b-49d5-9fa3-dc9054106646">
|
||||
<name>MemoryUsage</name>
|
||||
<type>SystemResource</type>
|
||||
<condition>memory usage is greater than 75%</condition>
|
||||
<action>alert</action>
|
||||
<path/>
|
||||
</test>
|
||||
<test uuid="cbe9cb72-e8c2-4740-990c-abcc486b0654">
|
||||
<name>CPUUsage</name>
|
||||
<type>SystemResource</type>
|
||||
<condition>cpu usage is greater than 75%</condition>
|
||||
<action>alert</action>
|
||||
<path/>
|
||||
</test>
|
||||
<test uuid="c0708923-88de-4178-abdd-819737440ce0">
|
||||
<name>LoadAvg1</name>
|
||||
<type>SystemResource</type>
|
||||
<condition>loadavg (1min) is greater than 4</condition>
|
||||
<action>alert</action>
|
||||
<path/>
|
||||
</test>
|
||||
<test uuid="e887125d-c5d2-45e6-b40d-2c400d5449d1">
|
||||
<name>LoadAvg5</name>
|
||||
<type>SystemResource</type>
|
||||
<condition>loadavg (5min) is greater than 3</condition>
|
||||
<action>alert</action>
|
||||
<path/>
|
||||
</test>
|
||||
<test uuid="c34aab30-9194-4667-b516-004b9c90c1c0">
|
||||
<name>LoadAvg15</name>
|
||||
<type>SystemResource</type>
|
||||
<condition>loadavg (15min) is greater than 2</condition>
|
||||
<action>alert</action>
|
||||
<path/>
|
||||
</test>
|
||||
<test uuid="cc3684f2-701e-4de4-883d-803e08cf47b6">
|
||||
<name>SpaceUsage</name>
|
||||
<type>SpaceUsage</type>
|
||||
<condition>space usage is greater than 75%</condition>
|
||||
<action>alert</action>
|
||||
<path/>
|
||||
</test>
|
||||
<test uuid="f2d734cb-2a0e-4375-9460-11bdd5b20503">
|
||||
<name>ChangedStatus</name>
|
||||
<type>ProgramStatus</type>
|
||||
<condition>changed status</condition>
|
||||
<action>alert</action>
|
||||
<path/>
|
||||
</test>
|
||||
<test uuid="865105a2-cbea-4a01-9979-c67818da9d99">
|
||||
<name>NonZeroStatus</name>
|
||||
<type>ProgramStatus</type>
|
||||
<condition>status != 0</condition>
|
||||
<action>alert</action>
|
||||
<path/>
|
||||
</test>
|
||||
</monit>
|
||||
<Gateways version="1.0.0">
|
||||
<gateway_item uuid="a6ea102d-68bb-430f-af8b-269d52498fe1">
|
||||
<disabled>0</disabled>
|
||||
<name>WAN_GW</name>
|
||||
<descr>Interface WAN Gateway</descr>
|
||||
<interface>wan</interface>
|
||||
<ipprotocol>inet</ipprotocol>
|
||||
<gateway>172.17.0.1</gateway>
|
||||
<defaultgw>1</defaultgw>
|
||||
<fargw>0</fargw>
|
||||
<monitor_disable>1</monitor_disable>
|
||||
<monitor_noroute/>
|
||||
<monitor/>
|
||||
<force_down/>
|
||||
<priority>255</priority>
|
||||
<weight>1</weight>
|
||||
<latencylow/>
|
||||
<latencyhigh/>
|
||||
<losslow/>
|
||||
<losshigh/>
|
||||
<interval/>
|
||||
<time_period/>
|
||||
<loss_interval/>
|
||||
<data_length/>
|
||||
</gateway_item>
|
||||
</Gateways>
|
||||
<Syslog version="1.0.2">
|
||||
<general>
|
||||
<enabled>1</enabled>
|
||||
<loglocal>1</loglocal>
|
||||
<maxpreserve>31</maxpreserve>
|
||||
<maxfilesize/>
|
||||
</general>
|
||||
<destinations/>
|
||||
</Syslog>
|
||||
<TrafficShaper version="1.0.3">
|
||||
<pipes/>
|
||||
<queues/>
|
||||
<rules/>
|
||||
</TrafficShaper>
|
||||
<unboundplus version="1.0.9">
|
||||
<general>
|
||||
<enabled>1</enabled>
|
||||
<port>53</port>
|
||||
<stats/>
|
||||
<active_interface/>
|
||||
<dns64/>
|
||||
<dns64prefix/>
|
||||
<noarecords/>
|
||||
<regdhcp/>
|
||||
<regdhcpdomain/>
|
||||
<regdhcpstatic/>
|
||||
<noreglladdr6/>
|
||||
<noregrecords/>
|
||||
<txtsupport/>
|
||||
<cacheflush/>
|
||||
<local_zone_type>transparent</local_zone_type>
|
||||
<outgoing_interface/>
|
||||
<enable_wpad/>
|
||||
</general>
|
||||
<advanced>
|
||||
<hideidentity/>
|
||||
<hideversion/>
|
||||
<prefetch/>
|
||||
<prefetchkey/>
|
||||
<aggressivensec>1</aggressivensec>
|
||||
<serveexpired/>
|
||||
<serveexpiredreplyttl/>
|
||||
<serveexpiredttl/>
|
||||
<serveexpiredttlreset/>
|
||||
<serveexpiredclienttimeout/>
|
||||
<qnameminstrict/>
|
||||
<extendedstatistics/>
|
||||
<logqueries/>
|
||||
<logreplies/>
|
||||
<logtagqueryreply/>
|
||||
<logservfail/>
|
||||
<loglocalactions/>
|
||||
<logverbosity>1</logverbosity>
|
||||
<valloglevel>0</valloglevel>
|
||||
<privatedomain/>
|
||||
<privateaddress>0.0.0.0/8,10.0.0.0/8,100.64.0.0/10,169.254.0.0/16,172.16.0.0/12,192.0.2.0/24,192.168.0.0/16,198.18.0.0/15,198.51.100.0/24,203.0.113.0/24,233.252.0.0/24,::1/128,2001:db8::/32,fc00::/8,fd00::/8,fe80::/10</privateaddress>
|
||||
<insecuredomain/>
|
||||
<msgcachesize/>
|
||||
<rrsetcachesize/>
|
||||
<outgoingnumtcp/>
|
||||
<incomingnumtcp/>
|
||||
<numqueriesperthread/>
|
||||
<outgoingrange/>
|
||||
<jostletimeout/>
|
||||
<cachemaxttl/>
|
||||
<cachemaxnegativettl/>
|
||||
<cacheminttl/>
|
||||
<infrahostttl/>
|
||||
<infrakeepprobing/>
|
||||
<infracachenumhosts/>
|
||||
<unwantedreplythreshold/>
|
||||
</advanced>
|
||||
<acls>
|
||||
<default_action>allow</default_action>
|
||||
</acls>
|
||||
<dnsbl>
|
||||
<enabled>0</enabled>
|
||||
<safesearch/>
|
||||
<type/>
|
||||
<lists/>
|
||||
<whitelists/>
|
||||
<blocklists/>
|
||||
<wildcards/>
|
||||
<address/>
|
||||
<nxdomain/>
|
||||
</dnsbl>
|
||||
<forwarding>
|
||||
<enabled/>
|
||||
</forwarding>
|
||||
<dots/>
|
||||
<hosts/>
|
||||
<aliases/>
|
||||
<domains/>
|
||||
</unboundplus>
|
||||
</OPNsense>
|
||||
<hasync version="1.0.0">
|
||||
<disablepreempt>0</disablepreempt>
|
||||
<disconnectppps>0</disconnectppps>
|
||||
<pfsyncenabled>0</pfsyncenabled>
|
||||
<pfsyncinterface>lan</pfsyncinterface>
|
||||
<pfsyncpeerip/>
|
||||
<pfsyncversion>1400</pfsyncversion>
|
||||
<synchronizetoip/>
|
||||
<username/>
|
||||
<password/>
|
||||
<syncitems/>
|
||||
</hasync>
|
||||
<openvpn/>
|
||||
<ifgroups version="1.0.0"/>
|
||||
<gifs version="1.0.0">
|
||||
<gif/>
|
||||
</gifs>
|
||||
<gres version="1.0.0">
|
||||
<gre/>
|
||||
</gres>
|
||||
<laggs version="1.0.0">
|
||||
<lagg/>
|
||||
</laggs>
|
||||
<virtualip version="1.0.0">
|
||||
<vip/>
|
||||
</virtualip>
|
||||
<vlans version="1.0.0">
|
||||
<vlan/>
|
||||
</vlans>
|
||||
<staticroutes version="1.0.0">
|
||||
<route/>
|
||||
</staticroutes>
|
||||
<bridges>
|
||||
<bridged/>
|
||||
</bridges>
|
||||
<ppps>
|
||||
<ppp/>
|
||||
</ppps>
|
||||
<wireless>
|
||||
<clone/>
|
||||
</wireless>
|
||||
<ca/>
|
||||
<dhcpdv6/>
|
||||
<cert uuid="547102e9-23ba-48b8-8af8-64be61049e96">
|
||||
<refid>6734d13fa9e4a</refid>
|
||||
<descr>Web GUI TLS certificate</descr>
|
||||
<caref/>
|
||||
<crt>LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUhIakNDQlFhZ0F3SUJBZ0lVSUhVRkpwc253VGtzYWRrZmRDNUp1SDhqWnZNd0RRWUpLb1pJaHZjTkFRRUwKQlFBd2dZa3hIVEFiQmdOVkJBTU1GRTlRVG5ObGJuTmxMbXh2WTJGc1pHOXRZV2x1TVFzd0NRWURWUVFHRXdKTwpUREVWTUJNR0ExVUVDQXdNV25WcFpDMUliMnhzWVc1a01SVXdFd1lEVlFRSERBeE5hV1JrWld4b1lYSnVhWE14CkxUQXJCZ05WQkFvTUpFOVFUbk5sYm5ObElITmxiR1l0YzJsbmJtVmtJSGRsWWlCalpYSjBhV1pwWTJGMFpUQWUKRncweU5ERXhNVE14TmpFNE1EbGFGdzB5TlRFeU1UVXhOakU0TURsYU1JR0pNUjB3R3dZRFZRUUREQlJQVUU1egpaVzV6WlM1c2IyTmhiR1J2YldGcGJqRUxNQWtHQTFVRUJoTUNUa3d4RlRBVEJnTlZCQWdNREZwMWFXUXRTRzlzCmJHRnVaREVWTUJNR0ExVUVCd3dNVFdsa1pHVnNhR0Z5Ym1sek1TMHdLd1lEVlFRS0RDUlBVRTV6Wlc1elpTQnoKWld4bUxYTnBaMjVsWkNCM1pXSWdZMlZ5ZEdsbWFXTmhkR1V3Z2dJaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQwpEd0F3Z2dJS0FvSUNBUURKU1FlZ1RYckp5dDVWYmk0Rk9IeHJrOXhxQ21FRU54V2pINVVwNDBFK3hjUzZQU1NyCkNEclc3ZDlYcVJkOEpEZENtdGtLRGlMYWNaUzJMUm1abnd6VnRzZGtBR2pOYm5OM1hSNmlFajdGL0JnbVBlcDEKU2pJWnBTZzNkOS9YeHFPQTNZQllzTS9uUk9vWHlmTHcycFJOLzhHVjN3MHoxbVFZUitMZWI3UTFuc1c3dTJ5NworVHc5STZGU0J4bkdaR3RyUFl5NkVBb0NMdm1GQnFCYWxkWTQ2ejdlWjlIRkZXaE8ybWpaUzVPdTE3ZVozVHBxCnBRTVB1T2JxV3FyaE0xdjVjdmJodU5kREhNZ3ZVVFVnQ0RNK2FkS3dIc0dNNGw5ZGtOQTgxdGlJcXpzN1BqcjEKUm0wMlVuUXRneW8zY3hPRXVsYk9nU0hsdGhTMmtUMXE2UmhyemYvRGRJSEhta1RROGtwWVloWGc0VmpMQVdpSQpQbm9ncnZsRUlWMERhQ3ZEMjZiRkRDbVkxc29FbDV1NGtYanJScDRXK29NUVRHeG80NzFMQnNBMlh1Si82ZFJBCkJMVzh4dXBFODhEYmlrWW51NVdQaUp6ZXh4UVIyNU1FQVd6TCtKK0lubFExbmpMVWwyN3R0c1VQQ1VjL3c0NXoKcHBERHYwZnU0Nnp1S3EzY0VWRitiREsrQWdlT0Q2SXNzUjVRRTdFNVdkWjYrNWl6ZHB4eWdUeGh0L1k1RlBkSApHQjlCbDFrejR4bHRhczlvbmZrSDFkVHk3dzFNck43Z1l5WjgvS0pMWW9EY2NBOVFuNGt6bGtPeFVUMENuS1ExCmtWNk90aFRsVFgzK2duaUpJK3RXWUQ5bTRldXNzYWN1anpyWDl5TTNZcEloMnZqODJ0NHpPNjIrNFFJREFRQUIKbzRJQmVqQ0NBWFl3Q1FZRFZSMFRCQUl3QURBUkJnbGdoa2dCaHZoQ0FRRUVCQU1DQmtBd05BWUpZSVpJQVliNApRZ0VOQkNjV0pVOVFUbk5sYm5ObElFZGxibVZ5WVhSbFpDQlRaWEoyWlhJZ1EyVnlkR2xtYVdOaGRHVXdIUVlEClZSME9CQllFRkJRZytucWI5QW9HSWtoTUxhNHFzWGRvY0JGcE1JR3pCZ05WSFNNRWdhc3dnYWloZ1kra2dZd3cKZ1lreEhUQWJCZ05WQkFNTUZFOVFUbk5sYm5ObExteHZZMkZzWkc5dFlXbHVNUXN3Q1FZRFZRUUdFd0pPVERFVgpNQk1HQTFVRUNBd01XblZwWkMxSWIyeHNZVzVrTVJVd0V3WURWUVFIREF4TmFXUmtaV3hvWVhKdWFYTXhMVEFyCkJnTlZCQW9NSkU5UVRuTmxibk5sSUhObGJHWXRjMmxuYm1Wa0lIZGxZaUJqWlhKMGFXWnBZMkYwWllJVUlIVUYKSnBzbndUa3NhZGtmZEM1SnVIOGpadk13SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQ0FJQwpNQXNHQTFVZER3UUVBd0lGb0RBZkJnTlZIUkVFR0RBV2doUlBVRTV6Wlc1elpTNXNiMk5oYkdSdmJXRnBiakFOCkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQUZqNlQ1MmRIUklVMHJuZDE0d2dob2tjUkdrK0hIQloyTGlDRHpUeUwKNHdCeTJ1ZXJXQWdvYUZzeUlNQzhwWTBhWlc4TFlSd1BtRVB0OXlUS09ZZzF0NWtOUnk2RkF5akszeis5TGZTQwoxRlFpb0pma3FHRnhoc1IxV1R5RjBGNmJmM2tZRDZ4OWw1dEdqMXF3SndrekZWZWcvZGNtUVhvRTBmUDRqSFFvCmgxWXdiZ3pTa084TzRLUVhuWXVRM3g0bWdoZnBvR0hQM2xINlcybDJlWHpqSzllRjJtUG1ZS0p1M3JpSnkvL3gKRzhQWXBYNlNTN3RoVnNNeHF3cGJHbURXQXRuSnNrSmVsNDI1WUdOYlZ4YTNPOHE3RWxLNGFoNXpmai8wRnVwTgo3SnlqMWQyZjZFck14WlFnUi9EdmlUVnhISytRY1lBRXBqU2ZmZzBrRStpS1BlN0VYTVk1VU1aZUFTK1ZteG1LCjBPOWxaQXNpWUlEMzkwVjNTaDZxYjhoL2xMZ0V2NCtSNUw1VEpFaldYc0dQSUpGaHJNSFJWR1lhV3JIYWx3eHYKNjE5NFlpSXBEaUlHSVVSWGN1U3dNcndIQzN0bms2QVo2OW5CczVXT1JYM0NxOVhRRnVrVlA5eUMxQnRuSmFwbQpubUMzK3NtTTErRjkxUXlkVXJtbUxPNUVwUmtTMitBcmRTSklUR1NRNWt4L3VLNjhzV0QzVVdNNVRibUxrcWdOCkt6djZjemVCbzJiVExDT0JKUWJ4STFCckRPTUFMSDlCdXdUamVXdUVtWE9TWE1lTDFsejdhL2JZKzJxa1BSOVAKTE5IekE2QXZlVmxucDNaeFdqMjZFK3dwYnU5cHBaY0QzRGVHRnRnZzVJbUJ2ZDNWbjJ6UVc4a1ZMT1ZBdllSawptdWc9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K</crt>
|
||||
<csr/>
|
||||
<prv>LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUpSQUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQ1M0d2dna3FBZ0VBQW9JQ0FRREpTUWVnVFhySnl0NVYKYmk0Rk9IeHJrOXhxQ21FRU54V2pINVVwNDBFK3hjUzZQU1NyQ0RyVzdkOVhxUmQ4SkRkQ210a0tEaUxhY1pTMgpMUm1abnd6VnRzZGtBR2pOYm5OM1hSNmlFajdGL0JnbVBlcDFTaklacFNnM2Q5L1h4cU9BM1lCWXNNL25ST29YCnlmTHcycFJOLzhHVjN3MHoxbVFZUitMZWI3UTFuc1c3dTJ5NytUdzlJNkZTQnhuR1pHdHJQWXk2RUFvQ0x2bUYKQnFCYWxkWTQ2ejdlWjlIRkZXaE8ybWpaUzVPdTE3ZVozVHBxcFFNUHVPYnFXcXJoTTF2NWN2Ymh1TmRESE1ndgpVVFVnQ0RNK2FkS3dIc0dNNGw5ZGtOQTgxdGlJcXpzN1BqcjFSbTAyVW5RdGd5bzNjeE9FdWxiT2dTSGx0aFMyCmtUMXE2UmhyemYvRGRJSEhta1RROGtwWVloWGc0VmpMQVdpSVBub2dydmxFSVYwRGFDdkQyNmJGRENtWTFzb0UKbDV1NGtYanJScDRXK29NUVRHeG80NzFMQnNBMlh1Si82ZFJBQkxXOHh1cEU4OERiaWtZbnU1V1BpSnpleHhRUgoyNU1FQVd6TCtKK0lubFExbmpMVWwyN3R0c1VQQ1VjL3c0NXpwcEREdjBmdTQ2enVLcTNjRVZGK2JESytBZ2VPCkQ2SXNzUjVRRTdFNVdkWjYrNWl6ZHB4eWdUeGh0L1k1RlBkSEdCOUJsMWt6NHhsdGFzOW9uZmtIMWRUeTd3MU0Kck43Z1l5WjgvS0pMWW9EY2NBOVFuNGt6bGtPeFVUMENuS1Exa1Y2T3RoVGxUWDMrZ25pSkkrdFdZRDltNGV1cwpzYWN1anpyWDl5TTNZcEloMnZqODJ0NHpPNjIrNFFJREFRQUJBb0lDQUNPNnZpc1BIY3pzb1NjK2dkWkU1dGNNCnZkc240UDFIenVRd0VzRUcrVG1zanVWMVBZbExrbkE4OU1DQmdDejEyOFpMcU51ZlUwSDkxK1Uzbjd2MGJ1bVAKd3BpR2R4UUNOMlpZaGZ2RWE5YW1qMTNZYjBJbks3b0FKbUdrT254NW91UFl6YlBRblBNRE9WK0VKa2JwTWRxZgptOHdmOWg2OXYzSk03bUZJS0UrOVVZR252UjhuMkhETTNwR3FONEhQS1A4MkE0RXlvQ2d2a1BTelRxc052bU5ICnBOY0RURW5rNlNsWUhUVDNOSzJjVnBldUhMUzUrazlqNWI5elhUSlE5TkpVZlN6bnEvUmFpMUZVNDY1K0xpUjEKMGVPWDdnajFWUExOcGgwcWtQQy9ubW0vZStVMmZXUGZZb2FDcWkrQ0VwU2twQXlQZ1FZZTJsSG0rYVU4MzZ2UQpuaHZuL0p5ZHJDL1NyTUFZaXpOZFYyZjlHTkNwcE1SbUZyOS9saVJiNEFpSzRLSDRETGdSRUxHaDJLNzJuOFRLCkxUSVhIV3RacisyMWU4c0Mxbm5MSENnK21wMHBvSWJsbEtoYk9VTmVxR09yWm95NFBXdDZMQndFYzN0MG1wVEMKODhiSUpqMzFCQngzTGE1SUE5b0FNRi9lbHJYdFhhVnl4bm5yTHdjYzFNVWpCV20rZDVqbC9WOEdIcEJRd3pXYwpPNWdNSXlQNUIvdzBacUcyZjV1akZkOHo4dElmcEFRRTJSbDNxRUFYNU1NY1JQaFlTNDJqTWl4czc3TmtOVldQCkpqUVoxVDVXQTVKOUxEL2FKRkplQ2MvbjhpNldOQ3FzdEQ5OVNPTCsrTTBFQTlka2lLNWtOcXFZeXZuRG9SZVcKSW84eXhvVnpObURsWjBkSU9UUzlBb0lCQVFEb2tvMWxPS05FNlBWWmRRU3lmS0JOTEZNcEl1V1VVZmp0ODU4awpJTTB0TnNyS0d2N3NmYkt0dlMvOWgwMGluU2FyWTJ4amVETG91WEI5VzdKY1B1NjRoNHYwek1lbXRhdDRyTUJnClA5bkQ3MW00dERqS2ZrZDAza2tUbk4ySTBxYkwzeFVoTjNEQlJZTU9veDFMa2M4MFFFMHhSUEM1YmRJaXcwemEKTWdtK1dOZVY1VEZoSkpQZ2dVRVo5U1A2aWV1VEY0OW9wRGNWdGUwQ0I0WnFUaTRWb3YvZFVDWGpNK0djRnNWdgpPWTZYTE9KTmRldHdnUVNkd1hlSzB1WlBpWnVKTGlsTEg4OFVKYWNoQThDZW1SclMxRUtxWElwK2dkQWV4MnhVCmY5amRMMGF2SlJEY0xqWlhETXBvWlJpc0JoWVArZzY3VHZza3FscDh4M2p2STlWVkFvSUJBUURkajZrdWNLM0MKYXprMzlqYllvM3RFZ0R5L2VGNnBjWFlpK21Ba1ZNRk9vSWJ5cmNyN3BqSnRMNFMyMEFDRmpBUGFQT042dWVVWQpQQm92dC9QODB1V1c5cGZCK29mRmdadzRqc3hLWFY4eEJmOVdLWVZndFBsOHhIL1RJcERTMjhVTlowNDlhUW4vCjlCRzNac0lyenk3RzFLRTZPLzBMMnVmMnFyaUxxRFQyV3dsdFVsbWs2Ym5NeThkR0sra1JLcFhvSm1RTlNHRHoKOXd4blU2ZmZ1NDdDLzRYMHRIVk1MVFVneFh4djdqN3BpSzI4dzBuZ1N5S3ozV0IzWTJwaFVsZEJIdEprQko1RQpoRm8zMXJCVDU5enhkb2crYXh1bkh4S3EySGFHRkt0ZUZ6RGpkTTFpQzE3bWNtWXBzR2tuenA0cjRjZm5FYTFSCko4Wmo5ZVFQaEVOZEFvSUJBUUN3d2hsbXNkb2MySFVJVFZDSm13QjJSdGJaYitWT2lkS0lmdDBYcHpwcFA3aDIKVEhndEl3ZDIxayt2LzNJWGVaclhMWlJHTVNkNEN1QTgxa0ZEckt6Z1lGeDFiR0hkQ1R2T1ZuVkxjWnUvTjUxWQpMTmp3eFhMbmxyMnhnMG8zMytuWERyQlBjNFJsejcvZ2t3WUQxa2pGckkwK2dlZjI5a2w4RkRUSHJMb05DaGFuCm5PNmZweDRneGZ2Rmo3T05pZDhhQnhEK2RiaEw3dDIzNmlJMWp6K2xRQ0g0Z1I2YWhHYldxOVBZU2NWZWprVmMKbTkrWnZPVFdSU0RteUkwMExDQ2k3UXVEUmlTcmFrYVFaL3F3VHlxOHk0ZnpWS3dKby8yYU52VFZiK2xSaWNuTgorWHpMNnU5dno0L1NNZXZEYWtqQVVjdDZmbmVQa1UxK2dsZ2VZSHlWQW9JQkFRRFJtYW0wVEZhbFdXaHMvNWtOClEwTkhINFhZb1JmMGRta0xXQStCNzBoY2lOS0JYRlp0ME9GZGw1bVdsSm9adk1hY1BBUDd3MGJ1c1ZVWWxZN1YKTy9LRTZVM1I3WjlxQWw1Mnh1aU81Vnc3ZFhBRDVBM1EyZ1EzdTNFdG5VS2lwOVA0QlNYb1JLbDRJVDV0WVdJSgpyZHVUciszQ3VLT0FCcHh4Snpxa3JBRkdtZ01HRCtUTWRXd1hTU1NBeHVPYklNMW1MSU4wYVdlSEJNMFFKdnptClZIb1BFVXA1b0FwamdWVUVacTk4K0VjK0NOWkxmL2d3bndQNllsQnpRWEtQRlNXRWJwTWNtWjNjTmRWZmc5T1YKM1FDUTBkQzhNL21hRlhSRWVibE95TmtCanpEcHpVTExJUFNyVDhoRVlpWm95VGVyVGRJZVVBUEZoYnBTTUhtTApFRlhsQW9JQkFRQ0VUdVJQRHZvMC9tdDhyTzhLNENsamtuU0gxZ1FBSjFha3U3UXg3NUJUTDB6OWRNY2lMK1JLCng1R1lFTW1wcUtNb2FPbWc0WFVRMVRlQ2Vic1R0NjMyWXp6cmNCU0d1RzVnN1o0UUVublUzRXU5QklIMUVSL2gKSEk0NWowU0xNRUpObkNiTkpnRVNRRUFCbzN3cHhrRTdiRGlNdTVPOXVqMlFRVTlTTm94QkFmbVFXRDJJaU1BRQpWYzV3QTNZajBMdElSYkJmdzNBTE9uNlRSc2xucy9JMnd2Z1RCQW9sU3NZbEtEK0NRY3hDZldlNmZwU21aYmlCClBGUE9DY1ZQTXhGeXBhZWFJMkRXNWRPNFNoNGQ0ZlZma2F3ck9LN1N2QnFZb0Y5L2VndThzQS9ZdklaRVltQUQKd0ZIOGs1QjJ4WXdiNkVmNmFFQ29ZTitsNWtlWmhNWTgKLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo=</prv>
|
||||
</cert>
|
||||
<cert uuid="cad18e13-92c5-48b6-9b44-ad2e5dcc799e">
|
||||
<refid>6734d6c82dc59</refid>
|
||||
<descr>Web GUI TLS certificate</descr>
|
||||
<caref/>
|
||||
<crt>LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUhIakNDQlFhZ0F3SUJBZ0lVZkNETXpFclQ4dlVoenJaTVJta3JiT3dnSUdNd0RRWUpLb1pJaHZjTkFRRUwKQlFBd2dZa3hIVEFiQmdOVkJBTU1GRTlRVG5ObGJuTmxMbXh2WTJGc1pHOXRZV2x1TVFzd0NRWURWUVFHRXdKTwpUREVWTUJNR0ExVUVDQXdNV25WcFpDMUliMnhzWVc1a01SVXdFd1lEVlFRSERBeE5hV1JrWld4b1lYSnVhWE14CkxUQXJCZ05WQkFvTUpFOVFUbk5sYm5ObElITmxiR1l0YzJsbmJtVmtJSGRsWWlCalpYSjBhV1pwWTJGMFpUQWUKRncweU5ERXhNVE14TmpReE5EVmFGdzB5TlRFeU1UVXhOalF4TkRWYU1JR0pNUjB3R3dZRFZRUUREQlJQVUU1egpaVzV6WlM1c2IyTmhiR1J2YldGcGJqRUxNQWtHQTFVRUJoTUNUa3d4RlRBVEJnTlZCQWdNREZwMWFXUXRTRzlzCmJHRnVaREVWTUJNR0ExVUVCd3dNVFdsa1pHVnNhR0Z5Ym1sek1TMHdLd1lEVlFRS0RDUlBVRTV6Wlc1elpTQnoKWld4bUxYTnBaMjVsWkNCM1pXSWdZMlZ5ZEdsbWFXTmhkR1V3Z2dJaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQwpEd0F3Z2dJS0FvSUNBUURMc0xEbjRta1R4RXJYdHdqTXoxencyeHJhNTZ5bTYrYzlRNEM3UjMyMzVuWjVPM1ovCnczL2tNV2Y5L25GbGpnMkFXWERJSmNXZjk0NFJFblFMdmlha2NNTHR1Qm1KTVRYZnVQWnhsSWE4Wlc0S0ZuT20KVFM0WXFCVzhHQkpJd0xtQ2kxb2RoWXhmUEQ2TFdEZnZYMm1tWEIrUFNxL0l4WEhOSjdxZVB4YzVuSzUyMW1uNQpuQ0FtZFBDY2JmdmdXdUM2TnhWbXpkeXpta1QvNnVqRUJFYTZ6RkQyUUtDN1N6a2ptZUNpd2VDQjc5NjZqeEV5ClFrVlFqYlQ5MFlyeENvdE8rbTJIQU5QZHNjT3FvNldXMEhmSlNpa2k4K2NDWHlzbGRFSzFZbmxueTNFWlVqTEwKVmplRS9XQVU0Q1BZUmhYVFVGVTIxZFV2azNvYUVpeldVdmhKc1FHYnh2aFRUQlN3aVliOUQ3Ymx1MWl4UzJxNwo3Mzk5VWdRN3FTNUFhOElHbXA4NUNoUUlBWUVjSTd6RGVWTGtrOGpkWkFCaTdGbDl0M05OQTU3WlVZVzErWE45CitUZ3ljMTlTbGoxVW1RdkRvekxCQzk5TVJpLzREQTIxRFpIODY3ekFYenFqZWUrckorQkZvNzVEQjlqd2tMTmUKUGVpemxRenRIWmpSU0tnaWdSNU9KSmtSVHIvNjduaTBtbzVITGNkU3hBSDFmdXdXS0hWS2RHQlQrNjhhYkUrZwprUSsrVDhMenVhK1FtakxOUVFqMVJCSFYzSzVQL3dvbXJKZG02d1ZLbm85RXlNait4azFwS05wb0F4UnR1WllmCkNEVVVQWjR1cEJtbzBLN3dGNHdtV3VXYSttVndlb1ZTcDRXMEhOWVJGU1pyWWxrc1AzdWViSHcva1FJREFRQUIKbzRJQmVqQ0NBWFl3Q1FZRFZSMFRCQUl3QURBUkJnbGdoa2dCaHZoQ0FRRUVCQU1DQmtBd05BWUpZSVpJQVliNApRZ0VOQkNjV0pVOVFUbk5sYm5ObElFZGxibVZ5WVhSbFpDQlRaWEoyWlhJZ1EyVnlkR2xtYVdOaGRHVXdIUVlEClZSME9CQllFRktidDd0QkRKN1daV1lMblQ5cEhTMklPdTg1TU1JR3pCZ05WSFNNRWdhc3dnYWloZ1kra2dZd3cKZ1lreEhUQWJCZ05WQkFNTUZFOVFUbk5sYm5ObExteHZZMkZzWkc5dFlXbHVNUXN3Q1FZRFZRUUdFd0pPVERFVgpNQk1HQTFVRUNBd01XblZwWkMxSWIyeHNZVzVrTVJVd0V3WURWUVFIREF4TmFXUmtaV3hvWVhKdWFYTXhMVEFyCkJnTlZCQW9NSkU5UVRuTmxibk5sSUhObGJHWXRjMmxuYm1Wa0lIZGxZaUJqWlhKMGFXWnBZMkYwWllJVWZDRE0KekVyVDh2VWh6clpNUm1rcmJPd2dJR013SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQ0FJQwpNQXNHQTFVZER3UUVBd0lGb0RBZkJnTlZIUkVFR0RBV2doUlBVRTV6Wlc1elpTNXNiMk5oYkdSdmJXRnBiakFOCkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQWNQbmllQ29FSmRjV25CVHdqRmE3bjZqTFMrZ1pUYUk2ZjAzWktQMFYKQ0pSaDUxWTNwb2dpcnJYcVNHQ1VGTVNHbGpsQ21mU2VhdW9GWFYwanZLejhnMGZ1NU9kYlhjd2FrZFBZSXgydQpVT0dMbllTaEdCNlpoMmhpWWdSVGFpemJoTVliQitzQkV4QU1CdHZRZElSZ3dBWkRNWE9jY0MwZnJaMFhRRlRFCnQ3by82VGYvZEprdnB0cmRYWW1INnFUWlA2MGxyTnlabVloTjc1NEluOFZLRVVSRWNZamg1ejlJanA1NTE1cU0Kb0VrSGNKbTBDNkh2VStETG1ybFpFYkV4bnVOMFQzWTBNZ0hiVFVhU2Y1L2FKVmlIM0dOMnMzbG1ZM0VXTS9Vcwo3azFyc2JTa2orZzJvQXlTcjU0Nlc4RkdaMjliZFlOYk1EaTQ4aXVRQWlzRlQrTGZXN3Y3RVl3WGJ3NUhSVkpNCjV2MlhnenJwN2Yxa08zckEzeXUyS1VSSktHdjJ1ZXhNSythb1VOZXhRT3ludmZGUTBCemRHQ1dlcmVvZTZ3bDMKbHc4Z2dCWDI1VGIxbzR3d1UzNXdtUUIrMC9rbjB0SXoveVBhY2JzbDAwZ0dJNFhTbWpRQmF0MUZYRHFEME1JMgp4S0RqMXZ2dkNTVnRKc09ESG95eDhLc3ptbno5UVFoV0ZNeC9LTXp1clh0OWtsWFRJc0t3d2NXMytZQWtQMzNaClgvOGJnZS8zK2RibTdNN3BndmFBNVFlU3VTbkwzNjdLT1g1NlNZNGFZWHhkc1haVDc0ZGxVRU1jbG9NU0NIOG4KR25QWlpyWTNHdnZaU2ovQWdqT2lDNHNBL2JSSmh4cCtUQndlRFByR0pFUEJFVW9sZEZHVXdraFJXMVVuRlc2YwpyTGM9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K</crt>
|
||||
<csr/>
|
||||
<prv>LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUpRZ0lCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQ1N3d2dna29BZ0VBQW9JQ0FRRExzTERuNG1rVHhFclgKdHdqTXoxencyeHJhNTZ5bTYrYzlRNEM3UjMyMzVuWjVPM1ovdzMva01XZjkvbkZsamcyQVdYRElKY1dmOTQ0UgpFblFMdmlha2NNTHR1Qm1KTVRYZnVQWnhsSWE4Wlc0S0ZuT21UUzRZcUJXOEdCSkl3TG1DaTFvZGhZeGZQRDZMCldEZnZYMm1tWEIrUFNxL0l4WEhOSjdxZVB4YzVuSzUyMW1uNW5DQW1kUENjYmZ2Z1d1QzZOeFZtemR5em1rVC8KNnVqRUJFYTZ6RkQyUUtDN1N6a2ptZUNpd2VDQjc5NjZqeEV5UWtWUWpiVDkwWXJ4Q290TyttMkhBTlBkc2NPcQpvNldXMEhmSlNpa2k4K2NDWHlzbGRFSzFZbmxueTNFWlVqTExWamVFL1dBVTRDUFlSaFhUVUZVMjFkVXZrM29hCkVpeldVdmhKc1FHYnh2aFRUQlN3aVliOUQ3Ymx1MWl4UzJxNzczOTlVZ1E3cVM1QWE4SUdtcDg1Q2hRSUFZRWMKSTd6RGVWTGtrOGpkWkFCaTdGbDl0M05OQTU3WlVZVzErWE45K1RneWMxOVNsajFVbVF2RG96TEJDOTlNUmkvNApEQTIxRFpIODY3ekFYenFqZWUrckorQkZvNzVEQjlqd2tMTmVQZWl6bFF6dEhaalJTS2dpZ1I1T0pKa1JUci82CjduaTBtbzVITGNkU3hBSDFmdXdXS0hWS2RHQlQrNjhhYkUrZ2tRKytUOEx6dWErUW1qTE5RUWoxUkJIVjNLNVAKL3dvbXJKZG02d1ZLbm85RXlNait4azFwS05wb0F4UnR1WllmQ0RVVVBaNHVwQm1vMEs3d0Y0d21XdVdhK21Wdwplb1ZTcDRXMEhOWVJGU1pyWWxrc1AzdWViSHcva1FJREFRQUJBb0lDQUFzc3hPL2IzSTd3a0hpWU9wdmQ3b2ZxClJXVm9HM0ZHOVBkSCtrcU1DQW9zVXlpZ2lnWkZhQUZSY3BhZFBJUnBVRFZQOHQrUUx2RHhTSEtJVkNTR3lLRHgKN01mVTkxV3ZCUGtpc1NhWEV2TklEMHJ2WTJYbXl4WWdOcDBNcHdnbHhxZXlWSDNWSTFmZ09zQXpWVkpGSmtzeAp0NnVKV2U2R1lwRnlVZ3MzZytNdHhPYVJLZHcvWkFZb0dVRkR5WE5NR1JNdVRYYkg2WWxTOStFZ2RxZTJZbGtDCk41amkvODUydUlwSytXZUVnbmd1ZkVZNDdpVVhQSzFJTVB0UjRURUxOb3hkTWVBYnZBUG9La2QwMWZOWnVaQ3EKQ0dxNS9kMEQ4cDZKNjlUK3M1RnR1R1UrdkxtcUg3NmtsZjVmTTZnOFpCc2xSNStNQ0xlay9DaHRBZGU2VXBQRApXQ2EwazU3dmdneUdQdGVlVXY2RVJBMEp6SjlJd2VHZGdVWHhNdW5LK3ZSNWYydWJKWFJoMVJpNTNFSTNvVUxYClFvWm9hOTY3VzNUajQ3UzR2RlQyK2dLb0g2OXlNckdVNVkwcjJrSTFXMVVhWEJ1aVVrMi94amdyWVdTblUzUUQKZkM3ZXllTlNlN3c4UW9MMVBEYXJwVXdaK2xGZ0w3NFVScldLQU12WVhxa3NTMHVtb0tTSWo4cjZMM0hVSUVaUgpZRzhBTU91dFhrQk5lMkNpTXRKM2NYUXNIOWloQU9QL3AvaE9BTTBGNkM3Ymt1Vm85d1pRdDVESWxRWUl4TlArClFRZ2doRnhBNTlTWmpwRk00QkN5L0hEOENJY3VuSURZOVNlbXNSYXdyUVY1eGk1akFScVdOYTdBSVMvVlArdUUKQkpmS0dDNFlZVmxqS1VLeEgxVUJBb0lCQVFEcnZOWXNrd3ZhQ2Z6MlcvbkIrRjNjVE1RbjM2RENSYnZwQ0s1dApldm96TjJGbjBJdWFnN2RrYzN2NTFxTVNEd0h1cVNkVTRHUHZMcm83alpJaFNEZ1AwLzBLWmc0VmxtZE5HbEovCk1lcXhmOGRkOFdTQjZiUksrK2FRcEhaeDd2SUFTWkE4eHkvZ3F2NGJpSmlqVDhUQ2lSeXdYSTQ0ZlRYM0xLZTIKVG1Uc29XNk9yQmErSWJRYjBpTEh4WE4rZ3JDM0cxWWxIUlNvTEpKUkU0eFVLMGsvM1JLNU16RjRIYUNZb1BWOQpDOFpQellMR253SE9ERU8zbHRtSGJvQUNFa0VrT2dFV3U4RFo2YlYrMXJBcVh6WnN0L3hNZnJ5KzlMRVdYQUwvCkRnOEdkall0YzdyUTFZd1BIY1h6cFo2clVIdXh2K0p6VEE1ZzNCS1p6aWhwNFdHaEFvSUJBUURkTXE3N0dRWGMKYW5hYlMxanlFT3VzNFp5ZlJ4cW10NEVFaHZjY0dRVVVrV0IrWk11bnpyaENxb3ZwQ1dhVU9zWVhuNG45Y3BQSAo3bm1mOUJHbFI4NVhCVHNLM2d4bE5NMUhjSGFTNXZSem9WQVBNd3o2VVV0ZFNLWXRLR0Q3Wkxmbm9ISXN1SlEzCnJ6WWIyTFhpVmx6MWlNNUVmT0VrL1J5UjBwMGtleXVwa0F0OXBRV0hzaURYb0pibDE2d1ZLc2NDNGUzNjdRRWsKcFdoeXcyS3A4bXdtOGxqQllxZWtHdUREeGVZSDMzMVlGa2FMUEJCT2xPQnlveFlOUDdBVVREUlV3KzB1T01jNwozb0N1VE9jWnAxVWMwQURBOXRTRVRINklWdlFEUXZlYzR6MWRTVGRmUEkxRzVUTCt4Mzlvam5OcGVoYng0bEwvCmRxTTBmcFlPL2ZmeEFvSUJBRmwzOU8wNzdjNlY1ZHoyY1djTnhVbThGT0p4UEVrZlFEOGtYVmNOeW5HdnZoY3gKamhwWmpUdmhuSmJvd0VFMVV1MXFZNVFTQ2J1WVIzUWN1ZTVKdzRVMlZwNGd0NDIzNUlMZHo1dVlyVk1xaE5jQgpxN3ltbnhlcVhRcGVjTm15NzBQdXA0QjV0SkVYTkpQc2xzbThsNWVoaERMbkhjOFFybStlRWhUZDBlNEJJcjJoClVJeGVyRVcyemg1MXNPeTkyeVhUaVRGU3hTbENxVkYrRXM5TEVtVGJtYVNTYWw4RkY1TjEyMVhYSnkvWWRwNjkKY0dqc1BMTXIzR2xMSmVnalYzZlJUK0o1NWFxT3lhUlhCTXRBRVo3WGdUampETzJJWHNGMnNHaHV4SU1XVUYrVgp3YnhLbi9xSXVUMU1pVmpKbGZpVE0vWEFVdUN1QlowOEloaDFRcUVDZ2dFQUZwdzJySzRMSGxPM21mb2l0bU9xClkzcVFVdXVtdXNIcEt6aE1qQSsycURxUC9YdDZJY1lNcWF2YkwwL3ByMTh1bm4yTlVsM2k0ejNxS3NKOUIwTUcKd1hoa1o2RDQ3V052VkUwWG9iNS80RTN0N0EvUTFNbDRoYW1HYXZsRXFJM01DcDRvN1k5VWZ6aW10RVA3bTQ0dQpaRjYranR1ZysvSHZlS3hwcWEvNWI1U3N5QVFWUTZDZW9Ndm1nTW9CNmd2OFdid1VZbURWakJSb1Q4clBEQVllCnJnQjV1QkxJaGdyRlROMnV2TUZJZzdlTE1ISk1UR3dGWVZKd1Q1eGgrRUV0M0RoR3gwSEFnOHNqcGkxd05md1gKeENFeTRvYVloSWw1S2FDUndyK1dwZS9JZHYrajdGVTVMN1QvK0hFV0FlOEZ0eE5td3dUYWJRaUllRFkwU29ZRgpVUUtDQVFFQXRiclZqbTFsaDQ1REhIWnVsem4xNllIQzJrMUYwWG9FZFVSQ3o0QTFsMHBEK3ljL2srdmJ0Qmg0Cm1RRDV1a3FicHFFZy9GNUhDZmdOaHlieHNNdVV6NzFaU24zN2dwczNDWUdiUyt4RkhjZTJBakNTbUlYQWIxQjgKR0Z2WnV4UlB5QXU0YVBvT1J3RzM3NVBOM0VNNk83bzdxbjlYeExTZWRIMHExM2U0YkhYYm4rc2xOa1RIM2xmcwpLVnBOUUhVSUNDSW5vQ0llV1dwdnAwQnFoYjlKclRsbXd2c25zOHpZVDNiY3F5QXZHZGRnNUs3Y0MwRVJaem9ECnFJTkI3S05FVjQ1NmF0eDZVT3VYUlpKREMvaHNJUTZNaVBveUJacHRsK1ZIMEtQbEFIWGExb0FXZmNuL0U3MFYKK0RaeVBiMWxkQUdpb1hqditGd2h5VzZlWEVrQlBnPT0KLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo=</prv>
|
||||
</cert>
|
||||
<syslog/>
|
||||
</opnsense>
|
@ -0,0 +1,994 @@
|
||||
<?xml version="1.0"?>
|
||||
<opnsense>
|
||||
<theme>opnsense</theme>
|
||||
<sysctl>
|
||||
<item>
|
||||
<descr>Increase UFS read-ahead speeds to match the state of hard drives and NCQ.</descr>
|
||||
<tunable>vfs.read_max</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Set the ephemeral port range to be lower.</descr>
|
||||
<tunable>net.inet.ip.portrange.first</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Drop packets to closed TCP ports without returning a RST</descr>
|
||||
<tunable>net.inet.tcp.blackhole</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Do not send ICMP port unreachable messages for closed UDP ports</descr>
|
||||
<tunable>net.inet.udp.blackhole</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Randomize the ID field in IP packets</descr>
|
||||
<tunable>net.inet.ip.random_id</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>
|
||||
Source routing is another way for an attacker to try to reach non-routable addresses behind your box.
|
||||
It can also be used to probe for information about your internal networks. These functions come enabled
|
||||
as part of the standard FreeBSD core system.
|
||||
</descr>
|
||||
<tunable>net.inet.ip.sourceroute</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>
|
||||
Source routing is another way for an attacker to try to reach non-routable addresses behind your box.
|
||||
It can also be used to probe for information about your internal networks. These functions come enabled
|
||||
as part of the standard FreeBSD core system.
|
||||
</descr>
|
||||
<tunable>net.inet.ip.accept_sourceroute</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>
|
||||
This option turns off the logging of redirect packets because there is no limit and this could fill
|
||||
up your logs consuming your whole hard drive.
|
||||
</descr>
|
||||
<tunable>net.inet.icmp.log_redirect</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Drop SYN-FIN packets (breaks RFC1379, but nobody uses it anyway)</descr>
|
||||
<tunable>net.inet.tcp.drop_synfin</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Enable sending IPv6 redirects</descr>
|
||||
<tunable>net.inet6.ip6.redirect</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Enable privacy settings for IPv6 (RFC 4941)</descr>
|
||||
<tunable>net.inet6.ip6.use_tempaddr</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Prefer privacy addresses and use them over the normal addresses</descr>
|
||||
<tunable>net.inet6.ip6.prefer_tempaddr</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Generate SYN cookies for outbound SYN-ACK packets</descr>
|
||||
<tunable>net.inet.tcp.syncookies</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Maximum incoming/outgoing TCP datagram size (receive)</descr>
|
||||
<tunable>net.inet.tcp.recvspace</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Maximum incoming/outgoing TCP datagram size (send)</descr>
|
||||
<tunable>net.inet.tcp.sendspace</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Do not delay ACK to try and piggyback it onto a data packet</descr>
|
||||
<tunable>net.inet.tcp.delayed_ack</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Maximum outgoing UDP datagram size</descr>
|
||||
<tunable>net.inet.udp.maxdgram</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Handling of non-IP packets which are not passed to pfil (see if_bridge(4))</descr>
|
||||
<tunable>net.link.bridge.pfil_onlyip</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Set to 1 to additionally filter on the physical interface for locally destined packets</descr>
|
||||
<tunable>net.link.bridge.pfil_local_phys</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Set to 0 to disable filtering on the incoming and outgoing member interfaces.</descr>
|
||||
<tunable>net.link.bridge.pfil_member</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Set to 1 to enable filtering on the bridge interface</descr>
|
||||
<tunable>net.link.bridge.pfil_bridge</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Allow unprivileged access to tap(4) device nodes</descr>
|
||||
<tunable>net.link.tap.user_open</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Randomize PID's (see src/sys/kern/kern_fork.c: sysctl_kern_randompid())</descr>
|
||||
<tunable>kern.randompid</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Disable CTRL+ALT+Delete reboot from keyboard.</descr>
|
||||
<tunable>hw.syscons.kbd_reboot</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Enable TCP extended debugging</descr>
|
||||
<tunable>net.inet.tcp.log_debug</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Set ICMP Limits</descr>
|
||||
<tunable>net.inet.icmp.icmplim</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>TCP Offload Engine</descr>
|
||||
<tunable>net.inet.tcp.tso</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>UDP Checksums</descr>
|
||||
<tunable>net.inet.udp.checksum</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Maximum socket buffer size</descr>
|
||||
<tunable>kern.ipc.maxsockbuf</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Page Table Isolation (Meltdown mitigation, requires reboot.)</descr>
|
||||
<tunable>vm.pmap.pti</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Disable Indirect Branch Restricted Speculation (Spectre V2 mitigation)</descr>
|
||||
<tunable>hw.ibrs_disable</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Hide processes running as other groups</descr>
|
||||
<tunable>security.bsd.see_other_gids</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Hide processes running as other users</descr>
|
||||
<tunable>security.bsd.see_other_uids</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Enable/disable sending of ICMP redirects in response to IP packets for which a better,
|
||||
and for the sender directly reachable, route and next hop is known.
|
||||
</descr>
|
||||
<tunable>net.inet.ip.redirect</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
<item>
|
||||
<descr>Maximum outgoing UDP datagram size</descr>
|
||||
<tunable>net.local.dgram.maxdgram</tunable>
|
||||
<value>default</value>
|
||||
</item>
|
||||
</sysctl>
|
||||
<system>
|
||||
<optimization>normal</optimization>
|
||||
<hostname>OPNsense</hostname>
|
||||
<domain>localdomain</domain>
|
||||
<dnsallowoverride>1</dnsallowoverride>
|
||||
<group>
|
||||
<name>admins</name>
|
||||
<description>System Administrators</description>
|
||||
<scope>system</scope>
|
||||
<gid>1999</gid>
|
||||
<member>0</member>
|
||||
<priv>page-all</priv>
|
||||
</group>
|
||||
<user>
|
||||
<name>root</name>
|
||||
<descr>System Administrator</descr>
|
||||
<scope>system</scope>
|
||||
<groupname>admins</groupname>
|
||||
<password>$2y$10$YRVoF4SgskIsrXOvOQjGieB9XqHPRra9R7d80B3BZdbY/j21TwBfS</password>
|
||||
<uid>0</uid>
|
||||
</user>
|
||||
<nextuid>2000</nextuid>
|
||||
<nextgid>2000</nextgid>
|
||||
<timezone>Etc/UTC</timezone>
|
||||
<timeservers>0.opnsense.pool.ntp.org 1.opnsense.pool.ntp.org 2.opnsense.pool.ntp.org 3.opnsense.pool.ntp.org</timeservers>
|
||||
<webgui>
|
||||
<protocol>https</protocol>
|
||||
<ssl-certref>6734d6c82dc59</ssl-certref>
|
||||
<port/>
|
||||
<ssl-ciphers/>
|
||||
<interfaces/>
|
||||
<compression/>
|
||||
</webgui>
|
||||
<disablenatreflection>yes</disablenatreflection>
|
||||
<usevirtualterminal>1</usevirtualterminal>
|
||||
<disableconsolemenu>1</disableconsolemenu>
|
||||
<disablevlanhwfilter>1</disablevlanhwfilter>
|
||||
<disablechecksumoffloading>1</disablechecksumoffloading>
|
||||
<disablesegmentationoffloading>1</disablesegmentationoffloading>
|
||||
<disablelargereceiveoffloading>1</disablelargereceiveoffloading>
|
||||
<ipv6allow>1</ipv6allow>
|
||||
<powerd_ac_mode>hadp</powerd_ac_mode>
|
||||
<powerd_battery_mode>hadp</powerd_battery_mode>
|
||||
<powerd_normal_mode>hadp</powerd_normal_mode>
|
||||
<bogons>
|
||||
<interval>monthly</interval>
|
||||
</bogons>
|
||||
<pf_share_forward>1</pf_share_forward>
|
||||
<lb_use_sticky>1</lb_use_sticky>
|
||||
<ssh>
|
||||
<group>admins</group>
|
||||
<noauto>1</noauto>
|
||||
<interfaces/>
|
||||
<kex/>
|
||||
<ciphers/>
|
||||
<macs/>
|
||||
<keys/>
|
||||
<keysig/>
|
||||
<enabled>enabled</enabled>
|
||||
<passwordauth>1</passwordauth>
|
||||
<permitrootlogin>1</permitrootlogin>
|
||||
</ssh>
|
||||
<rrdbackup>-1</rrdbackup>
|
||||
<netflowbackup>-1</netflowbackup>
|
||||
<firmware version="1.0.1">
|
||||
<mirror/>
|
||||
<flavour/>
|
||||
<plugins/>
|
||||
<type/>
|
||||
<subscription/>
|
||||
<reboot/>
|
||||
</firmware>
|
||||
<dnsserver>192.168.5.1</dnsserver>
|
||||
<language>en_US</language>
|
||||
<serialspeed>115200</serialspeed>
|
||||
<primaryconsole>video</primaryconsole>
|
||||
<secondaryconsole>serial</secondaryconsole>
|
||||
</system>
|
||||
<interfaces>
|
||||
<lan>
|
||||
<enable>1</enable>
|
||||
<if>le1</if>
|
||||
<ipaddr>10.100.8.1</ipaddr>
|
||||
<subnet>24</subnet>
|
||||
<ipaddrv6>track6</ipaddrv6>
|
||||
<subnetv6>64</subnetv6>
|
||||
<media/>
|
||||
<mediaopt/>
|
||||
<track6-interface>wan</track6-interface>
|
||||
<track6-prefix-id>0</track6-prefix-id>
|
||||
</lan>
|
||||
<lo0>
|
||||
<internal_dynamic>1</internal_dynamic>
|
||||
<descr>Loopback</descr>
|
||||
<enable>1</enable>
|
||||
<if>lo0</if>
|
||||
<ipaddr>127.0.0.1</ipaddr>
|
||||
<ipaddrv6>::1</ipaddrv6>
|
||||
<subnet>8</subnet>
|
||||
<subnetv6>128</subnetv6>
|
||||
<type>none</type>
|
||||
<virtual>1</virtual>
|
||||
</lo0>
|
||||
<wan>
|
||||
<if>le0</if>
|
||||
<descr/>
|
||||
<enable>1</enable>
|
||||
<spoofmac/>
|
||||
<ipaddr>dhcp</ipaddr>
|
||||
<dhcphostname/>
|
||||
<alias-address/>
|
||||
<alias-subnet>32</alias-subnet>
|
||||
<dhcprejectfrom/>
|
||||
<adv_dhcp_pt_timeout/>
|
||||
<adv_dhcp_pt_retry/>
|
||||
<adv_dhcp_pt_select_timeout/>
|
||||
<adv_dhcp_pt_reboot/>
|
||||
<adv_dhcp_pt_backoff_cutoff/>
|
||||
<adv_dhcp_pt_initial_interval/>
|
||||
<adv_dhcp_pt_values>SavedCfg</adv_dhcp_pt_values>
|
||||
<adv_dhcp_send_options/>
|
||||
<adv_dhcp_request_options/>
|
||||
<adv_dhcp_required_options/>
|
||||
<adv_dhcp_option_modifiers/>
|
||||
<adv_dhcp_config_advanced/>
|
||||
<adv_dhcp_config_file_override/>
|
||||
<adv_dhcp_config_file_override_path/>
|
||||
</wan>
|
||||
</interfaces>
|
||||
<dhcpd>
|
||||
<lan>
|
||||
<enable/>
|
||||
<range>
|
||||
<from>10.100.8.10</from>
|
||||
<to>10.100.8.245</to>
|
||||
</range>
|
||||
<staticmap>
|
||||
<mac>d8:5e:d3:e7:2c:8c</mac>
|
||||
<ipaddr>10.100.8.15</ipaddr>
|
||||
<hostname>rtx4090</hostname>
|
||||
<winsserver/>
|
||||
<dnsserver/>
|
||||
<ntpserver/>
|
||||
</staticmap>
|
||||
</lan>
|
||||
</dhcpd>
|
||||
<snmpd>
|
||||
<syslocation/>
|
||||
<syscontact/>
|
||||
<rocommunity>public</rocommunity>
|
||||
</snmpd>
|
||||
<nat>
|
||||
<outbound>
|
||||
<mode>automatic</mode>
|
||||
</outbound>
|
||||
</nat>
|
||||
<filter>
|
||||
<rule uuid="f79eded0-3c11-4f57-9aaa-55d4888589fa">
|
||||
<type>pass</type>
|
||||
<interface>wan</interface>
|
||||
<ipprotocol>inet</ipprotocol>
|
||||
<statetype>keep state</statetype>
|
||||
<direction>in</direction>
|
||||
<quick>1</quick>
|
||||
<protocol>tcp</protocol>
|
||||
<source>
|
||||
<any>1</any>
|
||||
</source>
|
||||
<destination>
|
||||
<network>wanip</network>
|
||||
<port>80</port>
|
||||
</destination>
|
||||
<updated>
|
||||
<username>root@192.168.5.204</username>
|
||||
<time>1731518072.7612</time>
|
||||
<description>/firewall_rules_edit.php made changes</description>
|
||||
</updated>
|
||||
<created>
|
||||
<username>root@192.168.5.204</username>
|
||||
<time>1731518072.7612</time>
|
||||
<description>/firewall_rules_edit.php made changes</description>
|
||||
</created>
|
||||
</rule>
|
||||
<rule uuid="4a5e7b65-0d7f-4452-8a29-2ec61a47ec19">
|
||||
<type>pass</type>
|
||||
<interface>wan</interface>
|
||||
<ipprotocol>inet</ipprotocol>
|
||||
<statetype>keep state</statetype>
|
||||
<direction>in</direction>
|
||||
<quick>1</quick>
|
||||
<protocol>tcp</protocol>
|
||||
<source>
|
||||
<any>1</any>
|
||||
</source>
|
||||
<destination>
|
||||
<network>wanip</network>
|
||||
<port>443</port>
|
||||
</destination>
|
||||
<updated>
|
||||
<username>root@192.168.5.204</username>
|
||||
<time>1731518084.0639</time>
|
||||
<description>/firewall_rules_edit.php made changes</description>
|
||||
</updated>
|
||||
<created>
|
||||
<username>root@192.168.5.204</username>
|
||||
<time>1731518084.0639</time>
|
||||
<description>/firewall_rules_edit.php made changes</description>
|
||||
</created>
|
||||
</rule>
|
||||
<rule uuid="0465308d-8605-466c-bcb4-95eeb989251a">
|
||||
<type>pass</type>
|
||||
<interface>wan</interface>
|
||||
<ipprotocol>inet</ipprotocol>
|
||||
<statetype>keep state</statetype>
|
||||
<direction>in</direction>
|
||||
<quick>1</quick>
|
||||
<protocol>tcp/udp</protocol>
|
||||
<source>
|
||||
<any>1</any>
|
||||
</source>
|
||||
<destination>
|
||||
<any>1</any>
|
||||
<port>22</port>
|
||||
</destination>
|
||||
<updated>
|
||||
<username>root@192.168.5.204</username>
|
||||
<time>1731518114.2801</time>
|
||||
<description>/firewall_rules_edit.php made changes</description>
|
||||
</updated>
|
||||
<created>
|
||||
<username>root@192.168.5.204</username>
|
||||
<time>1731518114.2801</time>
|
||||
<description>/firewall_rules_edit.php made changes</description>
|
||||
</created>
|
||||
</rule>
|
||||
<rule uuid="2df05591-13e7-4d91-a1b8-d25e338ada5f">
|
||||
<type>pass</type>
|
||||
<interface>wan</interface>
|
||||
<ipprotocol>inet</ipprotocol>
|
||||
<statetype>keep state</statetype>
|
||||
<descr>Allow ping</descr>
|
||||
<direction>in</direction>
|
||||
<quick>1</quick>
|
||||
<protocol>icmp</protocol>
|
||||
<source>
|
||||
<any>1</any>
|
||||
</source>
|
||||
<destination>
|
||||
<network>(self)</network>
|
||||
</destination>
|
||||
<updated>
|
||||
<username>root@192.168.5.204</username>
|
||||
<time>1731518356.7559</time>
|
||||
<description>/firewall_rules_edit.php made changes</description>
|
||||
</updated>
|
||||
<created>
|
||||
<username>root@192.168.5.204</username>
|
||||
<time>1731518311.7033</time>
|
||||
<description>/firewall_rules_edit.php made changes</description>
|
||||
</created>
|
||||
</rule>
|
||||
<rule uuid="f2ee612c-c290-4445-8045-df82a86db0e5">
|
||||
<type>pass</type>
|
||||
<ipprotocol>inet</ipprotocol>
|
||||
<descr>Default allow LAN to any rule</descr>
|
||||
<interface>lan</interface>
|
||||
<source>
|
||||
<network>lan</network>
|
||||
</source>
|
||||
<destination>
|
||||
<any/>
|
||||
</destination>
|
||||
</rule>
|
||||
<rule uuid="b21f808a-6a4a-4cd6-9a83-1660cc8ea58b">
|
||||
<type>pass</type>
|
||||
<ipprotocol>inet6</ipprotocol>
|
||||
<descr>Default allow LAN IPv6 to any rule</descr>
|
||||
<interface>lan</interface>
|
||||
<source>
|
||||
<network>lan</network>
|
||||
</source>
|
||||
<destination>
|
||||
<any/>
|
||||
</destination>
|
||||
</rule>
|
||||
</filter>
|
||||
<rrd>
|
||||
<enable/>
|
||||
</rrd>
|
||||
<ntpd>
|
||||
<prefer>0.opnsense.pool.ntp.org</prefer>
|
||||
</ntpd>
|
||||
<widgets>
|
||||
<sequence>system_information-container:00000000-col3:show,services_status-container:00000001-col4:show,gateways-container:00000002-col4:show,interface_list-container:00000003-col4:show</sequence>
|
||||
<column_count>2</column_count>
|
||||
</widgets>
|
||||
<revision>
|
||||
<username>root@192.168.5.204</username>
|
||||
<time>1731534516.7156</time>
|
||||
<description>/interfaces.php made changes</description>
|
||||
</revision>
|
||||
<OPNsense>
|
||||
<DHCRelay version="1.0.1"/>
|
||||
<wireguard>
|
||||
<client version="1.0.0">
|
||||
<clients/>
|
||||
</client>
|
||||
<general version="0.0.1">
|
||||
<enabled>0</enabled>
|
||||
</general>
|
||||
<server version="1.0.0">
|
||||
<servers/>
|
||||
</server>
|
||||
</wireguard>
|
||||
<IPsec version="1.0.1">
|
||||
<general>
|
||||
<enabled/>
|
||||
</general>
|
||||
<keyPairs/>
|
||||
<preSharedKeys/>
|
||||
</IPsec>
|
||||
<Swanctl version="1.0.0">
|
||||
<Connections/>
|
||||
<locals/>
|
||||
<remotes/>
|
||||
<children/>
|
||||
<Pools/>
|
||||
<VTIs/>
|
||||
<SPDs/>
|
||||
</Swanctl>
|
||||
<OpenVPNExport version="0.0.1">
|
||||
<servers/>
|
||||
</OpenVPNExport>
|
||||
<OpenVPN version="1.0.0">
|
||||
<Overwrites/>
|
||||
<Instances/>
|
||||
<StaticKeys/>
|
||||
</OpenVPN>
|
||||
<captiveportal version="1.0.2">
|
||||
<zones/>
|
||||
<templates/>
|
||||
</captiveportal>
|
||||
<cron version="1.0.4">
|
||||
<jobs/>
|
||||
</cron>
|
||||
<Firewall>
|
||||
<Lvtemplate version="0.0.1">
|
||||
<templates/>
|
||||
</Lvtemplate>
|
||||
<Alias version="1.0.1">
|
||||
<geoip>
|
||||
<url/>
|
||||
</geoip>
|
||||
<aliases/>
|
||||
</Alias>
|
||||
<Category version="1.0.0">
|
||||
<categories/>
|
||||
</Category>
|
||||
<Filter version="1.0.4">
|
||||
<rules/>
|
||||
<snatrules/>
|
||||
<npt/>
|
||||
<onetoone/>
|
||||
</Filter>
|
||||
</Firewall>
|
||||
<Netflow version="1.0.1">
|
||||
<capture>
|
||||
<interfaces/>
|
||||
<egress_only/>
|
||||
<version>v9</version>
|
||||
<targets/>
|
||||
</capture>
|
||||
<collect>
|
||||
<enable>0</enable>
|
||||
</collect>
|
||||
<activeTimeout>1800</activeTimeout>
|
||||
<inactiveTimeout>15</inactiveTimeout>
|
||||
</Netflow>
|
||||
<IDS version="1.0.9">
|
||||
<rules/>
|
||||
<policies/>
|
||||
<userDefinedRules/>
|
||||
<files/>
|
||||
<fileTags/>
|
||||
<general>
|
||||
<enabled>0</enabled>
|
||||
<ips>0</ips>
|
||||
<promisc>0</promisc>
|
||||
<interfaces>wan</interfaces>
|
||||
<homenet>192.168.0.0/16,10.0.0.0/8,172.16.0.0/12</homenet>
|
||||
<defaultPacketSize/>
|
||||
<UpdateCron/>
|
||||
<AlertLogrotate>W0D23</AlertLogrotate>
|
||||
<AlertSaveLogs>4</AlertSaveLogs>
|
||||
<MPMAlgo/>
|
||||
<detect>
|
||||
<Profile/>
|
||||
<toclient_groups/>
|
||||
<toserver_groups/>
|
||||
</detect>
|
||||
<syslog>0</syslog>
|
||||
<syslog_eve>0</syslog_eve>
|
||||
<LogPayload>0</LogPayload>
|
||||
<verbosity/>
|
||||
</general>
|
||||
</IDS>
|
||||
<Interfaces>
|
||||
<loopbacks version="1.0.0"/>
|
||||
<neighbors version="1.0.0"/>
|
||||
<vxlans version="1.0.2"/>
|
||||
</Interfaces>
|
||||
<Kea>
|
||||
<ctrl_agent version="0.0.1">
|
||||
<general>
|
||||
<enabled>0</enabled>
|
||||
<http_host>127.0.0.1</http_host>
|
||||
<http_port>8000</http_port>
|
||||
</general>
|
||||
</ctrl_agent>
|
||||
<dhcp4 version="1.0.0">
|
||||
<general>
|
||||
<enabled>0</enabled>
|
||||
<interfaces/>
|
||||
<valid_lifetime>4000</valid_lifetime>
|
||||
<fwrules>1</fwrules>
|
||||
</general>
|
||||
<ha>
|
||||
<enabled>0</enabled>
|
||||
<this_server_name/>
|
||||
</ha>
|
||||
<subnets/>
|
||||
<reservations/>
|
||||
<ha_peers/>
|
||||
</dhcp4>
|
||||
</Kea>
|
||||
<monit version="1.0.13">
|
||||
<general>
|
||||
<enabled>0</enabled>
|
||||
<interval>120</interval>
|
||||
<startdelay>120</startdelay>
|
||||
<mailserver>127.0.0.1</mailserver>
|
||||
<port>25</port>
|
||||
<username/>
|
||||
<password/>
|
||||
<ssl>0</ssl>
|
||||
<sslversion>auto</sslversion>
|
||||
<sslverify>1</sslverify>
|
||||
<logfile/>
|
||||
<statefile/>
|
||||
<eventqueuePath/>
|
||||
<eventqueueSlots/>
|
||||
<httpdEnabled>0</httpdEnabled>
|
||||
<httpdUsername>root</httpdUsername>
|
||||
<httpdPassword/>
|
||||
<httpdPort>2812</httpdPort>
|
||||
<httpdAllow/>
|
||||
<mmonitUrl/>
|
||||
<mmonitTimeout>5</mmonitTimeout>
|
||||
<mmonitRegisterCredentials>1</mmonitRegisterCredentials>
|
||||
</general>
|
||||
<alert uuid="15f1e9ca-5dd5-4b20-b595-b6b4f82245d0">
|
||||
<enabled>0</enabled>
|
||||
<recipient>root@localhost.local</recipient>
|
||||
<noton>0</noton>
|
||||
<events/>
|
||||
<format/>
|
||||
<reminder/>
|
||||
<description/>
|
||||
</alert>
|
||||
<service uuid="c1e99556-91f5-4dbf-81d7-7915a3213de9">
|
||||
<enabled>1</enabled>
|
||||
<name>$HOST</name>
|
||||
<description/>
|
||||
<type>system</type>
|
||||
<pidfile/>
|
||||
<match/>
|
||||
<path/>
|
||||
<timeout>300</timeout>
|
||||
<starttimeout>30</starttimeout>
|
||||
<address/>
|
||||
<interface/>
|
||||
<start/>
|
||||
<stop/>
|
||||
<tests>91b4e409-211b-49d5-9fa3-dc9054106646,cbe9cb72-e8c2-4740-990c-abcc486b0654,c0708923-88de-4178-abdd-819737440ce0,e887125d-c5d2-45e6-b40d-2c400d5449d1</tests>
|
||||
<depends/>
|
||||
<polltime/>
|
||||
</service>
|
||||
<service uuid="7513f341-7d21-4f11-903f-30d07b3aa41e">
|
||||
<enabled>1</enabled>
|
||||
<name>RootFs</name>
|
||||
<description/>
|
||||
<type>filesystem</type>
|
||||
<pidfile/>
|
||||
<match/>
|
||||
<path>/</path>
|
||||
<timeout>300</timeout>
|
||||
<starttimeout>30</starttimeout>
|
||||
<address/>
|
||||
<interface/>
|
||||
<start/>
|
||||
<stop/>
|
||||
<tests>cc3684f2-701e-4de4-883d-803e08cf47b6</tests>
|
||||
<depends/>
|
||||
<polltime/>
|
||||
</service>
|
||||
<service uuid="f99ada79-ba1a-4ee1-81f1-ef570e8e5ea9">
|
||||
<enabled>0</enabled>
|
||||
<name>carp_status_change</name>
|
||||
<description/>
|
||||
<type>custom</type>
|
||||
<pidfile/>
|
||||
<match/>
|
||||
<path>/usr/local/opnsense/scripts/OPNsense/Monit/carp_status</path>
|
||||
<timeout>300</timeout>
|
||||
<starttimeout>30</starttimeout>
|
||||
<address/>
|
||||
<interface/>
|
||||
<start/>
|
||||
<stop/>
|
||||
<tests>f2d734cb-2a0e-4375-9460-11bdd5b20503</tests>
|
||||
<depends/>
|
||||
<polltime/>
|
||||
</service>
|
||||
<service uuid="dca8a81f-d389-4baa-b477-8b348194fd25">
|
||||
<enabled>0</enabled>
|
||||
<name>gateway_alert</name>
|
||||
<description/>
|
||||
<type>custom</type>
|
||||
<pidfile/>
|
||||
<match/>
|
||||
<path>/usr/local/opnsense/scripts/OPNsense/Monit/gateway_alert</path>
|
||||
<timeout>300</timeout>
|
||||
<starttimeout>30</starttimeout>
|
||||
<address/>
|
||||
<interface/>
|
||||
<start/>
|
||||
<stop/>
|
||||
<tests>865105a2-cbea-4a01-9979-c67818da9d99</tests>
|
||||
<depends/>
|
||||
<polltime/>
|
||||
</service>
|
||||
<test uuid="ea6b821c-4f30-455b-bd5b-23a6f0c20554">
|
||||
<name>Ping</name>
|
||||
<type>NetworkPing</type>
|
||||
<condition>failed ping</condition>
|
||||
<action>alert</action>
|
||||
<path/>
|
||||
</test>
|
||||
<test uuid="16186b38-0e13-4cc3-ad18-ccc3fcc91837">
|
||||
<name>NetworkLink</name>
|
||||
<type>NetworkInterface</type>
|
||||
<condition>failed link</condition>
|
||||
<action>alert</action>
|
||||
<path/>
|
||||
</test>
|
||||
<test uuid="69117d4d-8c41-4712-97c0-87b4fa7c9837">
|
||||
<name>NetworkSaturation</name>
|
||||
<type>NetworkInterface</type>
|
||||
<condition>saturation is greater than 75%</condition>
|
||||
<action>alert</action>
|
||||
<path/>
|
||||
</test>
|
||||
<test uuid="91b4e409-211b-49d5-9fa3-dc9054106646">
|
||||
<name>MemoryUsage</name>
|
||||
<type>SystemResource</type>
|
||||
<condition>memory usage is greater than 75%</condition>
|
||||
<action>alert</action>
|
||||
<path/>
|
||||
</test>
|
||||
<test uuid="cbe9cb72-e8c2-4740-990c-abcc486b0654">
|
||||
<name>CPUUsage</name>
|
||||
<type>SystemResource</type>
|
||||
<condition>cpu usage is greater than 75%</condition>
|
||||
<action>alert</action>
|
||||
<path/>
|
||||
</test>
|
||||
<test uuid="c0708923-88de-4178-abdd-819737440ce0">
|
||||
<name>LoadAvg1</name>
|
||||
<type>SystemResource</type>
|
||||
<condition>loadavg (1min) is greater than 4</condition>
|
||||
<action>alert</action>
|
||||
<path/>
|
||||
</test>
|
||||
<test uuid="e887125d-c5d2-45e6-b40d-2c400d5449d1">
|
||||
<name>LoadAvg5</name>
|
||||
<type>SystemResource</type>
|
||||
<condition>loadavg (5min) is greater than 3</condition>
|
||||
<action>alert</action>
|
||||
<path/>
|
||||
</test>
|
||||
<test uuid="c34aab30-9194-4667-b516-004b9c90c1c0">
|
||||
<name>LoadAvg15</name>
|
||||
<type>SystemResource</type>
|
||||
<condition>loadavg (15min) is greater than 2</condition>
|
||||
<action>alert</action>
|
||||
<path/>
|
||||
</test>
|
||||
<test uuid="cc3684f2-701e-4de4-883d-803e08cf47b6">
|
||||
<name>SpaceUsage</name>
|
||||
<type>SpaceUsage</type>
|
||||
<condition>space usage is greater than 75%</condition>
|
||||
<action>alert</action>
|
||||
<path/>
|
||||
</test>
|
||||
<test uuid="f2d734cb-2a0e-4375-9460-11bdd5b20503">
|
||||
<name>ChangedStatus</name>
|
||||
<type>ProgramStatus</type>
|
||||
<condition>changed status</condition>
|
||||
<action>alert</action>
|
||||
<path/>
|
||||
</test>
|
||||
<test uuid="865105a2-cbea-4a01-9979-c67818da9d99">
|
||||
<name>NonZeroStatus</name>
|
||||
<type>ProgramStatus</type>
|
||||
<condition>status != 0</condition>
|
||||
<action>alert</action>
|
||||
<path/>
|
||||
</test>
|
||||
</monit>
|
||||
<Gateways version="1.0.0">
|
||||
<gateway_item uuid="a6ea102d-68bb-430f-af8b-269d52498fe1">
|
||||
<disabled>0</disabled>
|
||||
<name>WAN_GW</name>
|
||||
<descr>Interface WAN Gateway</descr>
|
||||
<interface>wan</interface>
|
||||
<ipprotocol>inet</ipprotocol>
|
||||
<gateway>172.17.0.1</gateway>
|
||||
<defaultgw>1</defaultgw>
|
||||
<fargw>0</fargw>
|
||||
<monitor_disable>1</monitor_disable>
|
||||
<monitor_noroute/>
|
||||
<monitor/>
|
||||
<force_down/>
|
||||
<priority>255</priority>
|
||||
<weight>1</weight>
|
||||
<latencylow/>
|
||||
<latencyhigh/>
|
||||
<losslow/>
|
||||
<losshigh/>
|
||||
<interval/>
|
||||
<time_period/>
|
||||
<loss_interval/>
|
||||
<data_length/>
|
||||
</gateway_item>
|
||||
</Gateways>
|
||||
<Syslog version="1.0.2">
|
||||
<general>
|
||||
<enabled>1</enabled>
|
||||
<loglocal>1</loglocal>
|
||||
<maxpreserve>31</maxpreserve>
|
||||
<maxfilesize/>
|
||||
</general>
|
||||
<destinations/>
|
||||
</Syslog>
|
||||
<TrafficShaper version="1.0.3">
|
||||
<pipes/>
|
||||
<queues/>
|
||||
<rules/>
|
||||
</TrafficShaper>
|
||||
<unboundplus version="1.0.9">
|
||||
<general>
|
||||
<enabled>1</enabled>
|
||||
<port>53</port>
|
||||
<stats/>
|
||||
<active_interface/>
|
||||
<dns64/>
|
||||
<dns64prefix/>
|
||||
<noarecords/>
|
||||
<regdhcp/>
|
||||
<regdhcpdomain/>
|
||||
<regdhcpstatic/>
|
||||
<noreglladdr6/>
|
||||
<noregrecords/>
|
||||
<txtsupport/>
|
||||
<cacheflush/>
|
||||
<local_zone_type>transparent</local_zone_type>
|
||||
<outgoing_interface/>
|
||||
<enable_wpad/>
|
||||
</general>
|
||||
<advanced>
|
||||
<hideidentity/>
|
||||
<hideversion/>
|
||||
<prefetch/>
|
||||
<prefetchkey/>
|
||||
<aggressivensec>1</aggressivensec>
|
||||
<serveexpired/>
|
||||
<serveexpiredreplyttl/>
|
||||
<serveexpiredttl/>
|
||||
<serveexpiredttlreset/>
|
||||
<serveexpiredclienttimeout/>
|
||||
<qnameminstrict/>
|
||||
<extendedstatistics/>
|
||||
<logqueries/>
|
||||
<logreplies/>
|
||||
<logtagqueryreply/>
|
||||
<logservfail/>
|
||||
<loglocalactions/>
|
||||
<logverbosity>1</logverbosity>
|
||||
<valloglevel>0</valloglevel>
|
||||
<privatedomain/>
|
||||
<privateaddress>0.0.0.0/8,10.0.0.0/8,100.64.0.0/10,169.254.0.0/16,172.16.0.0/12,192.0.2.0/24,192.168.0.0/16,198.18.0.0/15,198.51.100.0/24,203.0.113.0/24,233.252.0.0/24,::1/128,2001:db8::/32,fc00::/8,fd00::/8,fe80::/10</privateaddress>
|
||||
<insecuredomain/>
|
||||
<msgcachesize/>
|
||||
<rrsetcachesize/>
|
||||
<outgoingnumtcp/>
|
||||
<incomingnumtcp/>
|
||||
<numqueriesperthread/>
|
||||
<outgoingrange/>
|
||||
<jostletimeout/>
|
||||
<cachemaxttl/>
|
||||
<cachemaxnegativettl/>
|
||||
<cacheminttl/>
|
||||
<infrahostttl/>
|
||||
<infrakeepprobing/>
|
||||
<infracachenumhosts/>
|
||||
<unwantedreplythreshold/>
|
||||
</advanced>
|
||||
<acls>
|
||||
<default_action>allow</default_action>
|
||||
</acls>
|
||||
<dnsbl>
|
||||
<enabled>0</enabled>
|
||||
<safesearch/>
|
||||
<type/>
|
||||
<lists/>
|
||||
<whitelists/>
|
||||
<blocklists/>
|
||||
<wildcards/>
|
||||
<address/>
|
||||
<nxdomain/>
|
||||
</dnsbl>
|
||||
<forwarding>
|
||||
<enabled/>
|
||||
</forwarding>
|
||||
<dots/>
|
||||
<hosts/>
|
||||
<aliases/>
|
||||
<domains/>
|
||||
</unboundplus>
|
||||
</OPNsense>
|
||||
<hasync version="1.0.0">
|
||||
<disablepreempt>0</disablepreempt>
|
||||
<disconnectppps>0</disconnectppps>
|
||||
<pfsyncenabled>0</pfsyncenabled>
|
||||
<pfsyncinterface>lan</pfsyncinterface>
|
||||
<pfsyncpeerip/>
|
||||
<pfsyncversion>1400</pfsyncversion>
|
||||
<synchronizetoip/>
|
||||
<username/>
|
||||
<password/>
|
||||
<syncitems/>
|
||||
</hasync>
|
||||
<openvpn/>
|
||||
<ifgroups version="1.0.0"/>
|
||||
<gifs version="1.0.0">
|
||||
<gif/>
|
||||
</gifs>
|
||||
<gres version="1.0.0">
|
||||
<gre/>
|
||||
</gres>
|
||||
<laggs version="1.0.0">
|
||||
<lagg/>
|
||||
</laggs>
|
||||
<virtualip version="1.0.0">
|
||||
<vip/>
|
||||
</virtualip>
|
||||
<vlans version="1.0.0">
|
||||
<vlan/>
|
||||
</vlans>
|
||||
<staticroutes version="1.0.0">
|
||||
<route/>
|
||||
</staticroutes>
|
||||
<bridges>
|
||||
<bridged/>
|
||||
</bridges>
|
||||
<ppps>
|
||||
<ppp/>
|
||||
</ppps>
|
||||
<wireless>
|
||||
<clone/>
|
||||
</wireless>
|
||||
<ca/>
|
||||
<dhcpdv6/>
|
||||
<cert uuid="547102e9-23ba-48b8-8af8-64be61049e96">
|
||||
<refid>6734d13fa9e4a</refid>
|
||||
<descr>Web GUI TLS certificate</descr>
|
||||
<caref/>
|
||||
<crt>LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUhIakNDQlFhZ0F3SUJBZ0lVSUhVRkpwc253VGtzYWRrZmRDNUp1SDhqWnZNd0RRWUpLb1pJaHZjTkFRRUwKQlFBd2dZa3hIVEFiQmdOVkJBTU1GRTlRVG5ObGJuTmxMbXh2WTJGc1pHOXRZV2x1TVFzd0NRWURWUVFHRXdKTwpUREVWTUJNR0ExVUVDQXdNV25WcFpDMUliMnhzWVc1a01SVXdFd1lEVlFRSERBeE5hV1JrWld4b1lYSnVhWE14CkxUQXJCZ05WQkFvTUpFOVFUbk5sYm5ObElITmxiR1l0YzJsbmJtVmtJSGRsWWlCalpYSjBhV1pwWTJGMFpUQWUKRncweU5ERXhNVE14TmpFNE1EbGFGdzB5TlRFeU1UVXhOakU0TURsYU1JR0pNUjB3R3dZRFZRUUREQlJQVUU1egpaVzV6WlM1c2IyTmhiR1J2YldGcGJqRUxNQWtHQTFVRUJoTUNUa3d4RlRBVEJnTlZCQWdNREZwMWFXUXRTRzlzCmJHRnVaREVWTUJNR0ExVUVCd3dNVFdsa1pHVnNhR0Z5Ym1sek1TMHdLd1lEVlFRS0RDUlBVRTV6Wlc1elpTQnoKWld4bUxYTnBaMjVsWkNCM1pXSWdZMlZ5ZEdsbWFXTmhkR1V3Z2dJaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQwpEd0F3Z2dJS0FvSUNBUURKU1FlZ1RYckp5dDVWYmk0Rk9IeHJrOXhxQ21FRU54V2pINVVwNDBFK3hjUzZQU1NyCkNEclc3ZDlYcVJkOEpEZENtdGtLRGlMYWNaUzJMUm1abnd6VnRzZGtBR2pOYm5OM1hSNmlFajdGL0JnbVBlcDEKU2pJWnBTZzNkOS9YeHFPQTNZQllzTS9uUk9vWHlmTHcycFJOLzhHVjN3MHoxbVFZUitMZWI3UTFuc1c3dTJ5NworVHc5STZGU0J4bkdaR3RyUFl5NkVBb0NMdm1GQnFCYWxkWTQ2ejdlWjlIRkZXaE8ybWpaUzVPdTE3ZVozVHBxCnBRTVB1T2JxV3FyaE0xdjVjdmJodU5kREhNZ3ZVVFVnQ0RNK2FkS3dIc0dNNGw5ZGtOQTgxdGlJcXpzN1BqcjEKUm0wMlVuUXRneW8zY3hPRXVsYk9nU0hsdGhTMmtUMXE2UmhyemYvRGRJSEhta1RROGtwWVloWGc0VmpMQVdpSQpQbm9ncnZsRUlWMERhQ3ZEMjZiRkRDbVkxc29FbDV1NGtYanJScDRXK29NUVRHeG80NzFMQnNBMlh1Si82ZFJBCkJMVzh4dXBFODhEYmlrWW51NVdQaUp6ZXh4UVIyNU1FQVd6TCtKK0lubFExbmpMVWwyN3R0c1VQQ1VjL3c0NXoKcHBERHYwZnU0Nnp1S3EzY0VWRitiREsrQWdlT0Q2SXNzUjVRRTdFNVdkWjYrNWl6ZHB4eWdUeGh0L1k1RlBkSApHQjlCbDFrejR4bHRhczlvbmZrSDFkVHk3dzFNck43Z1l5WjgvS0pMWW9EY2NBOVFuNGt6bGtPeFVUMENuS1ExCmtWNk90aFRsVFgzK2duaUpJK3RXWUQ5bTRldXNzYWN1anpyWDl5TTNZcEloMnZqODJ0NHpPNjIrNFFJREFRQUIKbzRJQmVqQ0NBWFl3Q1FZRFZSMFRCQUl3QURBUkJnbGdoa2dCaHZoQ0FRRUVCQU1DQmtBd05BWUpZSVpJQVliNApRZ0VOQkNjV0pVOVFUbk5sYm5ObElFZGxibVZ5WVhSbFpDQlRaWEoyWlhJZ1EyVnlkR2xtYVdOaGRHVXdIUVlEClZSME9CQllFRkJRZytucWI5QW9HSWtoTUxhNHFzWGRvY0JGcE1JR3pCZ05WSFNNRWdhc3dnYWloZ1kra2dZd3cKZ1lreEhUQWJCZ05WQkFNTUZFOVFUbk5sYm5ObExteHZZMkZzWkc5dFlXbHVNUXN3Q1FZRFZRUUdFd0pPVERFVgpNQk1HQTFVRUNBd01XblZwWkMxSWIyeHNZVzVrTVJVd0V3WURWUVFIREF4TmFXUmtaV3hvWVhKdWFYTXhMVEFyCkJnTlZCQW9NSkU5UVRuTmxibk5sSUhObGJHWXRjMmxuYm1Wa0lIZGxZaUJqWlhKMGFXWnBZMkYwWllJVUlIVUYKSnBzbndUa3NhZGtmZEM1SnVIOGpadk13SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQ0FJQwpNQXNHQTFVZER3UUVBd0lGb0RBZkJnTlZIUkVFR0RBV2doUlBVRTV6Wlc1elpTNXNiMk5oYkdSdmJXRnBiakFOCkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQUZqNlQ1MmRIUklVMHJuZDE0d2dob2tjUkdrK0hIQloyTGlDRHpUeUwKNHdCeTJ1ZXJXQWdvYUZzeUlNQzhwWTBhWlc4TFlSd1BtRVB0OXlUS09ZZzF0NWtOUnk2RkF5akszeis5TGZTQwoxRlFpb0pma3FHRnhoc1IxV1R5RjBGNmJmM2tZRDZ4OWw1dEdqMXF3SndrekZWZWcvZGNtUVhvRTBmUDRqSFFvCmgxWXdiZ3pTa084TzRLUVhuWXVRM3g0bWdoZnBvR0hQM2xINlcybDJlWHpqSzllRjJtUG1ZS0p1M3JpSnkvL3gKRzhQWXBYNlNTN3RoVnNNeHF3cGJHbURXQXRuSnNrSmVsNDI1WUdOYlZ4YTNPOHE3RWxLNGFoNXpmai8wRnVwTgo3SnlqMWQyZjZFck14WlFnUi9EdmlUVnhISytRY1lBRXBqU2ZmZzBrRStpS1BlN0VYTVk1VU1aZUFTK1ZteG1LCjBPOWxaQXNpWUlEMzkwVjNTaDZxYjhoL2xMZ0V2NCtSNUw1VEpFaldYc0dQSUpGaHJNSFJWR1lhV3JIYWx3eHYKNjE5NFlpSXBEaUlHSVVSWGN1U3dNcndIQzN0bms2QVo2OW5CczVXT1JYM0NxOVhRRnVrVlA5eUMxQnRuSmFwbQpubUMzK3NtTTErRjkxUXlkVXJtbUxPNUVwUmtTMitBcmRTSklUR1NRNWt4L3VLNjhzV0QzVVdNNVRibUxrcWdOCkt6djZjemVCbzJiVExDT0JKUWJ4STFCckRPTUFMSDlCdXdUamVXdUVtWE9TWE1lTDFsejdhL2JZKzJxa1BSOVAKTE5IekE2QXZlVmxucDNaeFdqMjZFK3dwYnU5cHBaY0QzRGVHRnRnZzVJbUJ2ZDNWbjJ6UVc4a1ZMT1ZBdllSawptdWc9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K</crt>
|
||||
<csr/>
|
||||
<prv>LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUpSQUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQ1M0d2dna3FBZ0VBQW9JQ0FRREpTUWVnVFhySnl0NVYKYmk0Rk9IeHJrOXhxQ21FRU54V2pINVVwNDBFK3hjUzZQU1NyQ0RyVzdkOVhxUmQ4SkRkQ210a0tEaUxhY1pTMgpMUm1abnd6VnRzZGtBR2pOYm5OM1hSNmlFajdGL0JnbVBlcDFTaklacFNnM2Q5L1h4cU9BM1lCWXNNL25ST29YCnlmTHcycFJOLzhHVjN3MHoxbVFZUitMZWI3UTFuc1c3dTJ5NytUdzlJNkZTQnhuR1pHdHJQWXk2RUFvQ0x2bUYKQnFCYWxkWTQ2ejdlWjlIRkZXaE8ybWpaUzVPdTE3ZVozVHBxcFFNUHVPYnFXcXJoTTF2NWN2Ymh1TmRESE1ndgpVVFVnQ0RNK2FkS3dIc0dNNGw5ZGtOQTgxdGlJcXpzN1BqcjFSbTAyVW5RdGd5bzNjeE9FdWxiT2dTSGx0aFMyCmtUMXE2UmhyemYvRGRJSEhta1RROGtwWVloWGc0VmpMQVdpSVBub2dydmxFSVYwRGFDdkQyNmJGRENtWTFzb0UKbDV1NGtYanJScDRXK29NUVRHeG80NzFMQnNBMlh1Si82ZFJBQkxXOHh1cEU4OERiaWtZbnU1V1BpSnpleHhRUgoyNU1FQVd6TCtKK0lubFExbmpMVWwyN3R0c1VQQ1VjL3c0NXpwcEREdjBmdTQ2enVLcTNjRVZGK2JESytBZ2VPCkQ2SXNzUjVRRTdFNVdkWjYrNWl6ZHB4eWdUeGh0L1k1RlBkSEdCOUJsMWt6NHhsdGFzOW9uZmtIMWRUeTd3MU0Kck43Z1l5WjgvS0pMWW9EY2NBOVFuNGt6bGtPeFVUMENuS1Exa1Y2T3RoVGxUWDMrZ25pSkkrdFdZRDltNGV1cwpzYWN1anpyWDl5TTNZcEloMnZqODJ0NHpPNjIrNFFJREFRQUJBb0lDQUNPNnZpc1BIY3pzb1NjK2dkWkU1dGNNCnZkc240UDFIenVRd0VzRUcrVG1zanVWMVBZbExrbkE4OU1DQmdDejEyOFpMcU51ZlUwSDkxK1Uzbjd2MGJ1bVAKd3BpR2R4UUNOMlpZaGZ2RWE5YW1qMTNZYjBJbks3b0FKbUdrT254NW91UFl6YlBRblBNRE9WK0VKa2JwTWRxZgptOHdmOWg2OXYzSk03bUZJS0UrOVVZR252UjhuMkhETTNwR3FONEhQS1A4MkE0RXlvQ2d2a1BTelRxc052bU5ICnBOY0RURW5rNlNsWUhUVDNOSzJjVnBldUhMUzUrazlqNWI5elhUSlE5TkpVZlN6bnEvUmFpMUZVNDY1K0xpUjEKMGVPWDdnajFWUExOcGgwcWtQQy9ubW0vZStVMmZXUGZZb2FDcWkrQ0VwU2twQXlQZ1FZZTJsSG0rYVU4MzZ2UQpuaHZuL0p5ZHJDL1NyTUFZaXpOZFYyZjlHTkNwcE1SbUZyOS9saVJiNEFpSzRLSDRETGdSRUxHaDJLNzJuOFRLCkxUSVhIV3RacisyMWU4c0Mxbm5MSENnK21wMHBvSWJsbEtoYk9VTmVxR09yWm95NFBXdDZMQndFYzN0MG1wVEMKODhiSUpqMzFCQngzTGE1SUE5b0FNRi9lbHJYdFhhVnl4bm5yTHdjYzFNVWpCV20rZDVqbC9WOEdIcEJRd3pXYwpPNWdNSXlQNUIvdzBacUcyZjV1akZkOHo4dElmcEFRRTJSbDNxRUFYNU1NY1JQaFlTNDJqTWl4czc3TmtOVldQCkpqUVoxVDVXQTVKOUxEL2FKRkplQ2MvbjhpNldOQ3FzdEQ5OVNPTCsrTTBFQTlka2lLNWtOcXFZeXZuRG9SZVcKSW84eXhvVnpObURsWjBkSU9UUzlBb0lCQVFEb2tvMWxPS05FNlBWWmRRU3lmS0JOTEZNcEl1V1VVZmp0ODU4awpJTTB0TnNyS0d2N3NmYkt0dlMvOWgwMGluU2FyWTJ4amVETG91WEI5VzdKY1B1NjRoNHYwek1lbXRhdDRyTUJnClA5bkQ3MW00dERqS2ZrZDAza2tUbk4ySTBxYkwzeFVoTjNEQlJZTU9veDFMa2M4MFFFMHhSUEM1YmRJaXcwemEKTWdtK1dOZVY1VEZoSkpQZ2dVRVo5U1A2aWV1VEY0OW9wRGNWdGUwQ0I0WnFUaTRWb3YvZFVDWGpNK0djRnNWdgpPWTZYTE9KTmRldHdnUVNkd1hlSzB1WlBpWnVKTGlsTEg4OFVKYWNoQThDZW1SclMxRUtxWElwK2dkQWV4MnhVCmY5amRMMGF2SlJEY0xqWlhETXBvWlJpc0JoWVArZzY3VHZza3FscDh4M2p2STlWVkFvSUJBUURkajZrdWNLM0MKYXprMzlqYllvM3RFZ0R5L2VGNnBjWFlpK21Ba1ZNRk9vSWJ5cmNyN3BqSnRMNFMyMEFDRmpBUGFQT042dWVVWQpQQm92dC9QODB1V1c5cGZCK29mRmdadzRqc3hLWFY4eEJmOVdLWVZndFBsOHhIL1RJcERTMjhVTlowNDlhUW4vCjlCRzNac0lyenk3RzFLRTZPLzBMMnVmMnFyaUxxRFQyV3dsdFVsbWs2Ym5NeThkR0sra1JLcFhvSm1RTlNHRHoKOXd4blU2ZmZ1NDdDLzRYMHRIVk1MVFVneFh4djdqN3BpSzI4dzBuZ1N5S3ozV0IzWTJwaFVsZEJIdEprQko1RQpoRm8zMXJCVDU5enhkb2crYXh1bkh4S3EySGFHRkt0ZUZ6RGpkTTFpQzE3bWNtWXBzR2tuenA0cjRjZm5FYTFSCko4Wmo5ZVFQaEVOZEFvSUJBUUN3d2hsbXNkb2MySFVJVFZDSm13QjJSdGJaYitWT2lkS0lmdDBYcHpwcFA3aDIKVEhndEl3ZDIxayt2LzNJWGVaclhMWlJHTVNkNEN1QTgxa0ZEckt6Z1lGeDFiR0hkQ1R2T1ZuVkxjWnUvTjUxWQpMTmp3eFhMbmxyMnhnMG8zMytuWERyQlBjNFJsejcvZ2t3WUQxa2pGckkwK2dlZjI5a2w4RkRUSHJMb05DaGFuCm5PNmZweDRneGZ2Rmo3T05pZDhhQnhEK2RiaEw3dDIzNmlJMWp6K2xRQ0g0Z1I2YWhHYldxOVBZU2NWZWprVmMKbTkrWnZPVFdSU0RteUkwMExDQ2k3UXVEUmlTcmFrYVFaL3F3VHlxOHk0ZnpWS3dKby8yYU52VFZiK2xSaWNuTgorWHpMNnU5dno0L1NNZXZEYWtqQVVjdDZmbmVQa1UxK2dsZ2VZSHlWQW9JQkFRRFJtYW0wVEZhbFdXaHMvNWtOClEwTkhINFhZb1JmMGRta0xXQStCNzBoY2lOS0JYRlp0ME9GZGw1bVdsSm9adk1hY1BBUDd3MGJ1c1ZVWWxZN1YKTy9LRTZVM1I3WjlxQWw1Mnh1aU81Vnc3ZFhBRDVBM1EyZ1EzdTNFdG5VS2lwOVA0QlNYb1JLbDRJVDV0WVdJSgpyZHVUciszQ3VLT0FCcHh4Snpxa3JBRkdtZ01HRCtUTWRXd1hTU1NBeHVPYklNMW1MSU4wYVdlSEJNMFFKdnptClZIb1BFVXA1b0FwamdWVUVacTk4K0VjK0NOWkxmL2d3bndQNllsQnpRWEtQRlNXRWJwTWNtWjNjTmRWZmc5T1YKM1FDUTBkQzhNL21hRlhSRWVibE95TmtCanpEcHpVTExJUFNyVDhoRVlpWm95VGVyVGRJZVVBUEZoYnBTTUhtTApFRlhsQW9JQkFRQ0VUdVJQRHZvMC9tdDhyTzhLNENsamtuU0gxZ1FBSjFha3U3UXg3NUJUTDB6OWRNY2lMK1JLCng1R1lFTW1wcUtNb2FPbWc0WFVRMVRlQ2Vic1R0NjMyWXp6cmNCU0d1RzVnN1o0UUVublUzRXU5QklIMUVSL2gKSEk0NWowU0xNRUpObkNiTkpnRVNRRUFCbzN3cHhrRTdiRGlNdTVPOXVqMlFRVTlTTm94QkFmbVFXRDJJaU1BRQpWYzV3QTNZajBMdElSYkJmdzNBTE9uNlRSc2xucy9JMnd2Z1RCQW9sU3NZbEtEK0NRY3hDZldlNmZwU21aYmlCClBGUE9DY1ZQTXhGeXBhZWFJMkRXNWRPNFNoNGQ0ZlZma2F3ck9LN1N2QnFZb0Y5L2VndThzQS9ZdklaRVltQUQKd0ZIOGs1QjJ4WXdiNkVmNmFFQ29ZTitsNWtlWmhNWTgKLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo=</prv>
|
||||
</cert>
|
||||
<cert uuid="cad18e13-92c5-48b6-9b44-ad2e5dcc799e">
|
||||
<refid>6734d6c82dc59</refid>
|
||||
<descr>Web GUI TLS certificate</descr>
|
||||
<caref/>
|
||||
<crt>LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUhIakNDQlFhZ0F3SUJBZ0lVZkNETXpFclQ4dlVoenJaTVJta3JiT3dnSUdNd0RRWUpLb1pJaHZjTkFRRUwKQlFBd2dZa3hIVEFiQmdOVkJBTU1GRTlRVG5ObGJuTmxMbXh2WTJGc1pHOXRZV2x1TVFzd0NRWURWUVFHRXdKTwpUREVWTUJNR0ExVUVDQXdNV25WcFpDMUliMnhzWVc1a01SVXdFd1lEVlFRSERBeE5hV1JrWld4b1lYSnVhWE14CkxUQXJCZ05WQkFvTUpFOVFUbk5sYm5ObElITmxiR1l0YzJsbmJtVmtJSGRsWWlCalpYSjBhV1pwWTJGMFpUQWUKRncweU5ERXhNVE14TmpReE5EVmFGdzB5TlRFeU1UVXhOalF4TkRWYU1JR0pNUjB3R3dZRFZRUUREQlJQVUU1egpaVzV6WlM1c2IyTmhiR1J2YldGcGJqRUxNQWtHQTFVRUJoTUNUa3d4RlRBVEJnTlZCQWdNREZwMWFXUXRTRzlzCmJHRnVaREVWTUJNR0ExVUVCd3dNVFdsa1pHVnNhR0Z5Ym1sek1TMHdLd1lEVlFRS0RDUlBVRTV6Wlc1elpTQnoKWld4bUxYTnBaMjVsWkNCM1pXSWdZMlZ5ZEdsbWFXTmhkR1V3Z2dJaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQwpEd0F3Z2dJS0FvSUNBUURMc0xEbjRta1R4RXJYdHdqTXoxencyeHJhNTZ5bTYrYzlRNEM3UjMyMzVuWjVPM1ovCnczL2tNV2Y5L25GbGpnMkFXWERJSmNXZjk0NFJFblFMdmlha2NNTHR1Qm1KTVRYZnVQWnhsSWE4Wlc0S0ZuT20KVFM0WXFCVzhHQkpJd0xtQ2kxb2RoWXhmUEQ2TFdEZnZYMm1tWEIrUFNxL0l4WEhOSjdxZVB4YzVuSzUyMW1uNQpuQ0FtZFBDY2JmdmdXdUM2TnhWbXpkeXpta1QvNnVqRUJFYTZ6RkQyUUtDN1N6a2ptZUNpd2VDQjc5NjZqeEV5ClFrVlFqYlQ5MFlyeENvdE8rbTJIQU5QZHNjT3FvNldXMEhmSlNpa2k4K2NDWHlzbGRFSzFZbmxueTNFWlVqTEwKVmplRS9XQVU0Q1BZUmhYVFVGVTIxZFV2azNvYUVpeldVdmhKc1FHYnh2aFRUQlN3aVliOUQ3Ymx1MWl4UzJxNwo3Mzk5VWdRN3FTNUFhOElHbXA4NUNoUUlBWUVjSTd6RGVWTGtrOGpkWkFCaTdGbDl0M05OQTU3WlVZVzErWE45CitUZ3ljMTlTbGoxVW1RdkRvekxCQzk5TVJpLzREQTIxRFpIODY3ekFYenFqZWUrckorQkZvNzVEQjlqd2tMTmUKUGVpemxRenRIWmpSU0tnaWdSNU9KSmtSVHIvNjduaTBtbzVITGNkU3hBSDFmdXdXS0hWS2RHQlQrNjhhYkUrZwprUSsrVDhMenVhK1FtakxOUVFqMVJCSFYzSzVQL3dvbXJKZG02d1ZLbm85RXlNait4azFwS05wb0F4UnR1WllmCkNEVVVQWjR1cEJtbzBLN3dGNHdtV3VXYSttVndlb1ZTcDRXMEhOWVJGU1pyWWxrc1AzdWViSHcva1FJREFRQUIKbzRJQmVqQ0NBWFl3Q1FZRFZSMFRCQUl3QURBUkJnbGdoa2dCaHZoQ0FRRUVCQU1DQmtBd05BWUpZSVpJQVliNApRZ0VOQkNjV0pVOVFUbk5sYm5ObElFZGxibVZ5WVhSbFpDQlRaWEoyWlhJZ1EyVnlkR2xtYVdOaGRHVXdIUVlEClZSME9CQllFRktidDd0QkRKN1daV1lMblQ5cEhTMklPdTg1TU1JR3pCZ05WSFNNRWdhc3dnYWloZ1kra2dZd3cKZ1lreEhUQWJCZ05WQkFNTUZFOVFUbk5sYm5ObExteHZZMkZzWkc5dFlXbHVNUXN3Q1FZRFZRUUdFd0pPVERFVgpNQk1HQTFVRUNBd01XblZwWkMxSWIyeHNZVzVrTVJVd0V3WURWUVFIREF4TmFXUmtaV3hvWVhKdWFYTXhMVEFyCkJnTlZCQW9NSkU5UVRuTmxibk5sSUhObGJHWXRjMmxuYm1Wa0lIZGxZaUJqWlhKMGFXWnBZMkYwWllJVWZDRE0KekVyVDh2VWh6clpNUm1rcmJPd2dJR013SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQ0FJQwpNQXNHQTFVZER3UUVBd0lGb0RBZkJnTlZIUkVFR0RBV2doUlBVRTV6Wlc1elpTNXNiMk5oYkdSdmJXRnBiakFOCkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQWNQbmllQ29FSmRjV25CVHdqRmE3bjZqTFMrZ1pUYUk2ZjAzWktQMFYKQ0pSaDUxWTNwb2dpcnJYcVNHQ1VGTVNHbGpsQ21mU2VhdW9GWFYwanZLejhnMGZ1NU9kYlhjd2FrZFBZSXgydQpVT0dMbllTaEdCNlpoMmhpWWdSVGFpemJoTVliQitzQkV4QU1CdHZRZElSZ3dBWkRNWE9jY0MwZnJaMFhRRlRFCnQ3by82VGYvZEprdnB0cmRYWW1INnFUWlA2MGxyTnlabVloTjc1NEluOFZLRVVSRWNZamg1ejlJanA1NTE1cU0Kb0VrSGNKbTBDNkh2VStETG1ybFpFYkV4bnVOMFQzWTBNZ0hiVFVhU2Y1L2FKVmlIM0dOMnMzbG1ZM0VXTS9Vcwo3azFyc2JTa2orZzJvQXlTcjU0Nlc4RkdaMjliZFlOYk1EaTQ4aXVRQWlzRlQrTGZXN3Y3RVl3WGJ3NUhSVkpNCjV2MlhnenJwN2Yxa08zckEzeXUyS1VSSktHdjJ1ZXhNSythb1VOZXhRT3ludmZGUTBCemRHQ1dlcmVvZTZ3bDMKbHc4Z2dCWDI1VGIxbzR3d1UzNXdtUUIrMC9rbjB0SXoveVBhY2JzbDAwZ0dJNFhTbWpRQmF0MUZYRHFEME1JMgp4S0RqMXZ2dkNTVnRKc09ESG95eDhLc3ptbno5UVFoV0ZNeC9LTXp1clh0OWtsWFRJc0t3d2NXMytZQWtQMzNaClgvOGJnZS8zK2RibTdNN3BndmFBNVFlU3VTbkwzNjdLT1g1NlNZNGFZWHhkc1haVDc0ZGxVRU1jbG9NU0NIOG4KR25QWlpyWTNHdnZaU2ovQWdqT2lDNHNBL2JSSmh4cCtUQndlRFByR0pFUEJFVW9sZEZHVXdraFJXMVVuRlc2YwpyTGM9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K</crt>
|
||||
<csr/>
|
||||
<prv>LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUpRZ0lCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQ1N3d2dna29BZ0VBQW9JQ0FRRExzTERuNG1rVHhFclgKdHdqTXoxencyeHJhNTZ5bTYrYzlRNEM3UjMyMzVuWjVPM1ovdzMva01XZjkvbkZsamcyQVdYRElKY1dmOTQ0UgpFblFMdmlha2NNTHR1Qm1KTVRYZnVQWnhsSWE4Wlc0S0ZuT21UUzRZcUJXOEdCSkl3TG1DaTFvZGhZeGZQRDZMCldEZnZYMm1tWEIrUFNxL0l4WEhOSjdxZVB4YzVuSzUyMW1uNW5DQW1kUENjYmZ2Z1d1QzZOeFZtemR5em1rVC8KNnVqRUJFYTZ6RkQyUUtDN1N6a2ptZUNpd2VDQjc5NjZqeEV5UWtWUWpiVDkwWXJ4Q290TyttMkhBTlBkc2NPcQpvNldXMEhmSlNpa2k4K2NDWHlzbGRFSzFZbmxueTNFWlVqTExWamVFL1dBVTRDUFlSaFhUVUZVMjFkVXZrM29hCkVpeldVdmhKc1FHYnh2aFRUQlN3aVliOUQ3Ymx1MWl4UzJxNzczOTlVZ1E3cVM1QWE4SUdtcDg1Q2hRSUFZRWMKSTd6RGVWTGtrOGpkWkFCaTdGbDl0M05OQTU3WlVZVzErWE45K1RneWMxOVNsajFVbVF2RG96TEJDOTlNUmkvNApEQTIxRFpIODY3ekFYenFqZWUrckorQkZvNzVEQjlqd2tMTmVQZWl6bFF6dEhaalJTS2dpZ1I1T0pKa1JUci82CjduaTBtbzVITGNkU3hBSDFmdXdXS0hWS2RHQlQrNjhhYkUrZ2tRKytUOEx6dWErUW1qTE5RUWoxUkJIVjNLNVAKL3dvbXJKZG02d1ZLbm85RXlNait4azFwS05wb0F4UnR1WllmQ0RVVVBaNHVwQm1vMEs3d0Y0d21XdVdhK21Wdwplb1ZTcDRXMEhOWVJGU1pyWWxrc1AzdWViSHcva1FJREFRQUJBb0lDQUFzc3hPL2IzSTd3a0hpWU9wdmQ3b2ZxClJXVm9HM0ZHOVBkSCtrcU1DQW9zVXlpZ2lnWkZhQUZSY3BhZFBJUnBVRFZQOHQrUUx2RHhTSEtJVkNTR3lLRHgKN01mVTkxV3ZCUGtpc1NhWEV2TklEMHJ2WTJYbXl4WWdOcDBNcHdnbHhxZXlWSDNWSTFmZ09zQXpWVkpGSmtzeAp0NnVKV2U2R1lwRnlVZ3MzZytNdHhPYVJLZHcvWkFZb0dVRkR5WE5NR1JNdVRYYkg2WWxTOStFZ2RxZTJZbGtDCk41amkvODUydUlwSytXZUVnbmd1ZkVZNDdpVVhQSzFJTVB0UjRURUxOb3hkTWVBYnZBUG9La2QwMWZOWnVaQ3EKQ0dxNS9kMEQ4cDZKNjlUK3M1RnR1R1UrdkxtcUg3NmtsZjVmTTZnOFpCc2xSNStNQ0xlay9DaHRBZGU2VXBQRApXQ2EwazU3dmdneUdQdGVlVXY2RVJBMEp6SjlJd2VHZGdVWHhNdW5LK3ZSNWYydWJKWFJoMVJpNTNFSTNvVUxYClFvWm9hOTY3VzNUajQ3UzR2RlQyK2dLb0g2OXlNckdVNVkwcjJrSTFXMVVhWEJ1aVVrMi94amdyWVdTblUzUUQKZkM3ZXllTlNlN3c4UW9MMVBEYXJwVXdaK2xGZ0w3NFVScldLQU12WVhxa3NTMHVtb0tTSWo4cjZMM0hVSUVaUgpZRzhBTU91dFhrQk5lMkNpTXRKM2NYUXNIOWloQU9QL3AvaE9BTTBGNkM3Ymt1Vm85d1pRdDVESWxRWUl4TlArClFRZ2doRnhBNTlTWmpwRk00QkN5L0hEOENJY3VuSURZOVNlbXNSYXdyUVY1eGk1akFScVdOYTdBSVMvVlArdUUKQkpmS0dDNFlZVmxqS1VLeEgxVUJBb0lCQVFEcnZOWXNrd3ZhQ2Z6MlcvbkIrRjNjVE1RbjM2RENSYnZwQ0s1dApldm96TjJGbjBJdWFnN2RrYzN2NTFxTVNEd0h1cVNkVTRHUHZMcm83alpJaFNEZ1AwLzBLWmc0VmxtZE5HbEovCk1lcXhmOGRkOFdTQjZiUksrK2FRcEhaeDd2SUFTWkE4eHkvZ3F2NGJpSmlqVDhUQ2lSeXdYSTQ0ZlRYM0xLZTIKVG1Uc29XNk9yQmErSWJRYjBpTEh4WE4rZ3JDM0cxWWxIUlNvTEpKUkU0eFVLMGsvM1JLNU16RjRIYUNZb1BWOQpDOFpQellMR253SE9ERU8zbHRtSGJvQUNFa0VrT2dFV3U4RFo2YlYrMXJBcVh6WnN0L3hNZnJ5KzlMRVdYQUwvCkRnOEdkall0YzdyUTFZd1BIY1h6cFo2clVIdXh2K0p6VEE1ZzNCS1p6aWhwNFdHaEFvSUJBUURkTXE3N0dRWGMKYW5hYlMxanlFT3VzNFp5ZlJ4cW10NEVFaHZjY0dRVVVrV0IrWk11bnpyaENxb3ZwQ1dhVU9zWVhuNG45Y3BQSAo3bm1mOUJHbFI4NVhCVHNLM2d4bE5NMUhjSGFTNXZSem9WQVBNd3o2VVV0ZFNLWXRLR0Q3Wkxmbm9ISXN1SlEzCnJ6WWIyTFhpVmx6MWlNNUVmT0VrL1J5UjBwMGtleXVwa0F0OXBRV0hzaURYb0pibDE2d1ZLc2NDNGUzNjdRRWsKcFdoeXcyS3A4bXdtOGxqQllxZWtHdUREeGVZSDMzMVlGa2FMUEJCT2xPQnlveFlOUDdBVVREUlV3KzB1T01jNwozb0N1VE9jWnAxVWMwQURBOXRTRVRINklWdlFEUXZlYzR6MWRTVGRmUEkxRzVUTCt4Mzlvam5OcGVoYng0bEwvCmRxTTBmcFlPL2ZmeEFvSUJBRmwzOU8wNzdjNlY1ZHoyY1djTnhVbThGT0p4UEVrZlFEOGtYVmNOeW5HdnZoY3gKamhwWmpUdmhuSmJvd0VFMVV1MXFZNVFTQ2J1WVIzUWN1ZTVKdzRVMlZwNGd0NDIzNUlMZHo1dVlyVk1xaE5jQgpxN3ltbnhlcVhRcGVjTm15NzBQdXA0QjV0SkVYTkpQc2xzbThsNWVoaERMbkhjOFFybStlRWhUZDBlNEJJcjJoClVJeGVyRVcyemg1MXNPeTkyeVhUaVRGU3hTbENxVkYrRXM5TEVtVGJtYVNTYWw4RkY1TjEyMVhYSnkvWWRwNjkKY0dqc1BMTXIzR2xMSmVnalYzZlJUK0o1NWFxT3lhUlhCTXRBRVo3WGdUampETzJJWHNGMnNHaHV4SU1XVUYrVgp3YnhLbi9xSXVUMU1pVmpKbGZpVE0vWEFVdUN1QlowOEloaDFRcUVDZ2dFQUZwdzJySzRMSGxPM21mb2l0bU9xClkzcVFVdXVtdXNIcEt6aE1qQSsycURxUC9YdDZJY1lNcWF2YkwwL3ByMTh1bm4yTlVsM2k0ejNxS3NKOUIwTUcKd1hoa1o2RDQ3V052VkUwWG9iNS80RTN0N0EvUTFNbDRoYW1HYXZsRXFJM01DcDRvN1k5VWZ6aW10RVA3bTQ0dQpaRjYranR1ZysvSHZlS3hwcWEvNWI1U3N5QVFWUTZDZW9Ndm1nTW9CNmd2OFdid1VZbURWakJSb1Q4clBEQVllCnJnQjV1QkxJaGdyRlROMnV2TUZJZzdlTE1ISk1UR3dGWVZKd1Q1eGgrRUV0M0RoR3gwSEFnOHNqcGkxd05md1gKeENFeTRvYVloSWw1S2FDUndyK1dwZS9JZHYrajdGVTVMN1QvK0hFV0FlOEZ0eE5td3dUYWJRaUllRFkwU29ZRgpVUUtDQVFFQXRiclZqbTFsaDQ1REhIWnVsem4xNllIQzJrMUYwWG9FZFVSQ3o0QTFsMHBEK3ljL2srdmJ0Qmg0Cm1RRDV1a3FicHFFZy9GNUhDZmdOaHlieHNNdVV6NzFaU24zN2dwczNDWUdiUyt4RkhjZTJBakNTbUlYQWIxQjgKR0Z2WnV4UlB5QXU0YVBvT1J3RzM3NVBOM0VNNk83bzdxbjlYeExTZWRIMHExM2U0YkhYYm4rc2xOa1RIM2xmcwpLVnBOUUhVSUNDSW5vQ0llV1dwdnAwQnFoYjlKclRsbXd2c25zOHpZVDNiY3F5QXZHZGRnNUs3Y0MwRVJaem9ECnFJTkI3S05FVjQ1NmF0eDZVT3VYUlpKREMvaHNJUTZNaVBveUJacHRsK1ZIMEtQbEFIWGExb0FXZmNuL0U3MFYKK0RaeVBiMWxkQUdpb1hqditGd2h5VzZlWEVrQlBnPT0KLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo=</prv>
|
||||
</cert>
|
||||
<syslog/>
|
||||
</opnsense>
|
@ -0,0 +1,987 @@
|
||||
</acls>
|
||||
<acls>
|
||||
<action>alert</action>
|
||||
<action>alert</action>
|
||||
<action>alert</action>
|
||||
<action>alert</action>
|
||||
<action>alert</action>
|
||||
<action>alert</action>
|
||||
<action>alert</action>
|
||||
<action>alert</action>
|
||||
<action>alert</action>
|
||||
<action>alert</action>
|
||||
<action>alert</action>
|
||||
<active_interface/>
|
||||
<activeTimeout>1800</activeTimeout>
|
||||
<address/>
|
||||
<address/>
|
||||
<address/>
|
||||
<address/>
|
||||
<address/>
|
||||
</advanced>
|
||||
<advanced>
|
||||
<adv_dhcp_config_advanced/>
|
||||
<adv_dhcp_config_file_override/>
|
||||
<adv_dhcp_config_file_override_path/>
|
||||
<adv_dhcp_option_modifiers/>
|
||||
<adv_dhcp_pt_backoff_cutoff/>
|
||||
<adv_dhcp_pt_initial_interval/>
|
||||
<adv_dhcp_pt_reboot/>
|
||||
<adv_dhcp_pt_retry/>
|
||||
<adv_dhcp_pt_select_timeout/>
|
||||
<adv_dhcp_pt_timeout/>
|
||||
<adv_dhcp_pt_values>SavedCfg</adv_dhcp_pt_values>
|
||||
<adv_dhcp_request_options/>
|
||||
<adv_dhcp_required_options/>
|
||||
<adv_dhcp_send_options/>
|
||||
<aggressivensec>1</aggressivensec>
|
||||
</alert>
|
||||
<AlertLogrotate>W0D23</AlertLogrotate>
|
||||
<AlertSaveLogs>4</AlertSaveLogs>
|
||||
<alert uuid="15f1e9ca-5dd5-4b20-b595-b6b4f82245d0">
|
||||
</Alias>
|
||||
<alias-address/>
|
||||
<aliases/>
|
||||
<aliases/>
|
||||
<alias-subnet>32</alias-subnet>
|
||||
<Alias version="1.0.1">
|
||||
and for the sender directly reachable, route and next hop is known.</descr>
|
||||
<any/>
|
||||
<any/>
|
||||
<any>1</any>
|
||||
<any>1</any>
|
||||
<any>1</any>
|
||||
<any>1</any>
|
||||
<any>1</any>
|
||||
as part of the standard FreeBSD core system.</descr>
|
||||
as part of the standard FreeBSD core system.</descr>
|
||||
<blocklists/>
|
||||
</bogons>
|
||||
<bogons>
|
||||
<bridged/>
|
||||
</bridges>
|
||||
<bridges>
|
||||
<ca/>
|
||||
<cacheflush/>
|
||||
<cachemaxnegativettl/>
|
||||
<cachemaxttl/>
|
||||
<cacheminttl/>
|
||||
</captiveportal>
|
||||
<captiveportal version="1.0.2">
|
||||
</capture>
|
||||
<capture>
|
||||
<caref/>
|
||||
<caref/>
|
||||
<categories/>
|
||||
</Category>
|
||||
<Category version="1.0.0">
|
||||
</cert>
|
||||
</cert>
|
||||
<cert uuid="547102e9-23ba-48b8-8af8-64be61049e96">
|
||||
<cert uuid="cad18e13-92c5-48b6-9b44-ad2e5dcc799e">
|
||||
<children/>
|
||||
<ciphers/>
|
||||
</client>
|
||||
<clients/>
|
||||
<client version="1.0.0">
|
||||
<clone/>
|
||||
</collect>
|
||||
<collect>
|
||||
<column_count>2</column_count>
|
||||
<compression/>
|
||||
<condition>changed status</condition>
|
||||
<condition>cpu usage is greater than 75%</condition>
|
||||
<condition>failed link</condition>
|
||||
<condition>failed ping</condition>
|
||||
<condition>loadavg (15min) is greater than 2</condition>
|
||||
<condition>loadavg (1min) is greater than 4</condition>
|
||||
<condition>loadavg (5min) is greater than 3</condition>
|
||||
<condition>memory usage is greater than 75%</condition>
|
||||
<condition>saturation is greater than 75%</condition>
|
||||
<condition>space usage is greater than 75%</condition>
|
||||
<condition>status != 0</condition>
|
||||
<Connections/>
|
||||
</created>
|
||||
</created>
|
||||
</created>
|
||||
</created>
|
||||
<created>
|
||||
<created>
|
||||
<created>
|
||||
<created>
|
||||
</cron>
|
||||
<cron version="1.0.4">
|
||||
<crt>LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUhIakNDQlFhZ0F3SUJBZ0lVSUhVRkpwc253VGtzYWRrZmRDNUp1SDhqWnZNd0RRWUpLb1pJaHZjTkFRRUwKQlFBd2dZa3hIVEFiQmdOVkJBTU1GRTlRVG5ObGJuTmxMbXh2WTJGc1pHOXRZV2x1TVFzd0NRWURWUVFHRXdKTwpUREVWTUJNR0ExVUVDQXdNV25WcFpDMUliMnhzWVc1a01SVXdFd1lEVlFRSERBeE5hV1JrWld4b1lYSnVhWE14CkxUQXJCZ05WQkFvTUpFOVFUbk5sYm5ObElITmxiR1l0YzJsbmJtVmtJSGRsWWlCalpYSjBhV1pwWTJGMFpUQWUKRncweU5ERXhNVE14TmpFNE1EbGFGdzB5TlRFeU1UVXhOakU0TURsYU1JR0pNUjB3R3dZRFZRUUREQlJQVUU1egpaVzV6WlM1c2IyTmhiR1J2YldGcGJqRUxNQWtHQTFVRUJoTUNUa3d4RlRBVEJnTlZCQWdNREZwMWFXUXRTRzlzCmJHRnVaREVWTUJNR0ExVUVCd3dNVFdsa1pHVnNhR0Z5Ym1sek1TMHdLd1lEVlFRS0RDUlBVRTV6Wlc1elpTQnoKWld4bUxYTnBaMjVsWkNCM1pXSWdZMlZ5ZEdsbWFXTmhkR1V3Z2dJaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQwpEd0F3Z2dJS0FvSUNBUURKU1FlZ1RYckp5dDVWYmk0Rk9IeHJrOXhxQ21FRU54V2pINVVwNDBFK3hjUzZQU1NyCkNEclc3ZDlYcVJkOEpEZENtdGtLRGlMYWNaUzJMUm1abnd6VnRzZGtBR2pOYm5OM1hSNmlFajdGL0JnbVBlcDEKU2pJWnBTZzNkOS9YeHFPQTNZQllzTS9uUk9vWHlmTHcycFJOLzhHVjN3MHoxbVFZUitMZWI3UTFuc1c3dTJ5NworVHc5STZGU0J4bkdaR3RyUFl5NkVBb0NMdm1GQnFCYWxkWTQ2ejdlWjlIRkZXaE8ybWpaUzVPdTE3ZVozVHBxCnBRTVB1T2JxV3FyaE0xdjVjdmJodU5kREhNZ3ZVVFVnQ0RNK2FkS3dIc0dNNGw5ZGtOQTgxdGlJcXpzN1BqcjEKUm0wMlVuUXRneW8zY3hPRXVsYk9nU0hsdGhTMmtUMXE2UmhyemYvRGRJSEhta1RROGtwWVloWGc0VmpMQVdpSQpQbm9ncnZsRUlWMERhQ3ZEMjZiRkRDbVkxc29FbDV1NGtYanJScDRXK29NUVRHeG80NzFMQnNBMlh1Si82ZFJBCkJMVzh4dXBFODhEYmlrWW51NVdQaUp6ZXh4UVIyNU1FQVd6TCtKK0lubFExbmpMVWwyN3R0c1VQQ1VjL3c0NXoKcHBERHYwZnU0Nnp1S3EzY0VWRitiREsrQWdlT0Q2SXNzUjVRRTdFNVdkWjYrNWl6ZHB4eWdUeGh0L1k1RlBkSApHQjlCbDFrejR4bHRhczlvbmZrSDFkVHk3dzFNck43Z1l5WjgvS0pMWW9EY2NBOVFuNGt6bGtPeFVUMENuS1ExCmtWNk90aFRsVFgzK2duaUpJK3RXWUQ5bTRldXNzYWN1anpyWDl5TTNZcEloMnZqODJ0NHpPNjIrNFFJREFRQUIKbzRJQmVqQ0NBWFl3Q1FZRFZSMFRCQUl3QURBUkJnbGdoa2dCaHZoQ0FRRUVCQU1DQmtBd05BWUpZSVpJQVliNApRZ0VOQkNjV0pVOVFUbk5sYm5ObElFZGxibVZ5WVhSbFpDQlRaWEoyWlhJZ1EyVnlkR2xtYVdOaGRHVXdIUVlEClZSME9CQllFRkJRZytucWI5QW9HSWtoTUxhNHFzWGRvY0JGcE1JR3pCZ05WSFNNRWdhc3dnYWloZ1kra2dZd3cKZ1lreEhUQWJCZ05WQkFNTUZFOVFUbk5sYm5ObExteHZZMkZzWkc5dFlXbHVNUXN3Q1FZRFZRUUdFd0pPVERFVgpNQk1HQTFVRUNBd01XblZwWkMxSWIyeHNZVzVrTVJVd0V3WURWUVFIREF4TmFXUmtaV3hvWVhKdWFYTXhMVEFyCkJnTlZCQW9NSkU5UVRuTmxibk5sSUhObGJHWXRjMmxuYm1Wa0lIZGxZaUJqWlhKMGFXWnBZMkYwWllJVUlIVUYKSnBzbndUa3NhZGtmZEM1SnVIOGpadk13SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQ0FJQwpNQXNHQTFVZER3UUVBd0lGb0RBZkJnTlZIUkVFR0RBV2doUlBVRTV6Wlc1elpTNXNiMk5oYkdSdmJXRnBiakFOCkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQUZqNlQ1MmRIUklVMHJuZDE0d2dob2tjUkdrK0hIQloyTGlDRHpUeUwKNHdCeTJ1ZXJXQWdvYUZzeUlNQzhwWTBhWlc4TFlSd1BtRVB0OXlUS09ZZzF0NWtOUnk2RkF5akszeis5TGZTQwoxRlFpb0pma3FHRnhoc1IxV1R5RjBGNmJmM2tZRDZ4OWw1dEdqMXF3SndrekZWZWcvZGNtUVhvRTBmUDRqSFFvCmgxWXdiZ3pTa084TzRLUVhuWXVRM3g0bWdoZnBvR0hQM2xINlcybDJlWHpqSzllRjJtUG1ZS0p1M3JpSnkvL3gKRzhQWXBYNlNTN3RoVnNNeHF3cGJHbURXQXRuSnNrSmVsNDI1WUdOYlZ4YTNPOHE3RWxLNGFoNXpmai8wRnVwTgo3SnlqMWQyZjZFck14WlFnUi9EdmlUVnhISytRY1lBRXBqU2ZmZzBrRStpS1BlN0VYTVk1VU1aZUFTK1ZteG1LCjBPOWxaQXNpWUlEMzkwVjNTaDZxYjhoL2xMZ0V2NCtSNUw1VEpFaldYc0dQSUpGaHJNSFJWR1lhV3JIYWx3eHYKNjE5NFlpSXBEaUlHSVVSWGN1U3dNcndIQzN0bms2QVo2OW5CczVXT1JYM0NxOVhRRnVrVlA5eUMxQnRuSmFwbQpubUMzK3NtTTErRjkxUXlkVXJtbUxPNUVwUmtTMitBcmRTSklUR1NRNWt4L3VLNjhzV0QzVVdNNVRibUxrcWdOCkt6djZjemVCbzJiVExDT0JKUWJ4STFCckRPTUFMSDlCdXdUamVXdUVtWE9TWE1lTDFsejdhL2JZKzJxa1BSOVAKTE5IekE2QXZlVmxucDNaeFdqMjZFK3dwYnU5cHBaY0QzRGVHRnRnZzVJbUJ2ZDNWbjJ6UVc4a1ZMT1ZBdllSawptdWc9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K</crt>
|
||||
<crt>LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUhIakNDQlFhZ0F3SUJBZ0lVZkNETXpFclQ4dlVoenJaTVJta3JiT3dnSUdNd0RRWUpLb1pJaHZjTkFRRUwKQlFBd2dZa3hIVEFiQmdOVkJBTU1GRTlRVG5ObGJuTmxMbXh2WTJGc1pHOXRZV2x1TVFzd0NRWURWUVFHRXdKTwpUREVWTUJNR0ExVUVDQXdNV25WcFpDMUliMnhzWVc1a01SVXdFd1lEVlFRSERBeE5hV1JrWld4b1lYSnVhWE14CkxUQXJCZ05WQkFvTUpFOVFUbk5sYm5ObElITmxiR1l0YzJsbmJtVmtJSGRsWWlCalpYSjBhV1pwWTJGMFpUQWUKRncweU5ERXhNVE14TmpReE5EVmFGdzB5TlRFeU1UVXhOalF4TkRWYU1JR0pNUjB3R3dZRFZRUUREQlJQVUU1egpaVzV6WlM1c2IyTmhiR1J2YldGcGJqRUxNQWtHQTFVRUJoTUNUa3d4RlRBVEJnTlZCQWdNREZwMWFXUXRTRzlzCmJHRnVaREVWTUJNR0ExVUVCd3dNVFdsa1pHVnNhR0Z5Ym1sek1TMHdLd1lEVlFRS0RDUlBVRTV6Wlc1elpTQnoKWld4bUxYTnBaMjVsWkNCM1pXSWdZMlZ5ZEdsbWFXTmhkR1V3Z2dJaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQwpEd0F3Z2dJS0FvSUNBUURMc0xEbjRta1R4RXJYdHdqTXoxencyeHJhNTZ5bTYrYzlRNEM3UjMyMzVuWjVPM1ovCnczL2tNV2Y5L25GbGpnMkFXWERJSmNXZjk0NFJFblFMdmlha2NNTHR1Qm1KTVRYZnVQWnhsSWE4Wlc0S0ZuT20KVFM0WXFCVzhHQkpJd0xtQ2kxb2RoWXhmUEQ2TFdEZnZYMm1tWEIrUFNxL0l4WEhOSjdxZVB4YzVuSzUyMW1uNQpuQ0FtZFBDY2JmdmdXdUM2TnhWbXpkeXpta1QvNnVqRUJFYTZ6RkQyUUtDN1N6a2ptZUNpd2VDQjc5NjZqeEV5ClFrVlFqYlQ5MFlyeENvdE8rbTJIQU5QZHNjT3FvNldXMEhmSlNpa2k4K2NDWHlzbGRFSzFZbmxueTNFWlVqTEwKVmplRS9XQVU0Q1BZUmhYVFVGVTIxZFV2azNvYUVpeldVdmhKc1FHYnh2aFRUQlN3aVliOUQ3Ymx1MWl4UzJxNwo3Mzk5VWdRN3FTNUFhOElHbXA4NUNoUUlBWUVjSTd6RGVWTGtrOGpkWkFCaTdGbDl0M05OQTU3WlVZVzErWE45CitUZ3ljMTlTbGoxVW1RdkRvekxCQzk5TVJpLzREQTIxRFpIODY3ekFYenFqZWUrckorQkZvNzVEQjlqd2tMTmUKUGVpemxRenRIWmpSU0tnaWdSNU9KSmtSVHIvNjduaTBtbzVITGNkU3hBSDFmdXdXS0hWS2RHQlQrNjhhYkUrZwprUSsrVDhMenVhK1FtakxOUVFqMVJCSFYzSzVQL3dvbXJKZG02d1ZLbm85RXlNait4azFwS05wb0F4UnR1WllmCkNEVVVQWjR1cEJtbzBLN3dGNHdtV3VXYSttVndlb1ZTcDRXMEhOWVJGU1pyWWxrc1AzdWViSHcva1FJREFRQUIKbzRJQmVqQ0NBWFl3Q1FZRFZSMFRCQUl3QURBUkJnbGdoa2dCaHZoQ0FRRUVCQU1DQmtBd05BWUpZSVpJQVliNApRZ0VOQkNjV0pVOVFUbk5sYm5ObElFZGxibVZ5WVhSbFpDQlRaWEoyWlhJZ1EyVnlkR2xtYVdOaGRHVXdIUVlEClZSME9CQllFRktidDd0QkRKN1daV1lMblQ5cEhTMklPdTg1TU1JR3pCZ05WSFNNRWdhc3dnYWloZ1kra2dZd3cKZ1lreEhUQWJCZ05WQkFNTUZFOVFUbk5sYm5ObExteHZZMkZzWkc5dFlXbHVNUXN3Q1FZRFZRUUdFd0pPVERFVgpNQk1HQTFVRUNBd01XblZwWkMxSWIyeHNZVzVrTVJVd0V3WURWUVFIREF4TmFXUmtaV3hvWVhKdWFYTXhMVEFyCkJnTlZCQW9NSkU5UVRuTmxibk5sSUhObGJHWXRjMmxuYm1Wa0lIZGxZaUJqWlhKMGFXWnBZMkYwWllJVWZDRE0KekVyVDh2VWh6clpNUm1rcmJPd2dJR013SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQ0FJQwpNQXNHQTFVZER3UUVBd0lGb0RBZkJnTlZIUkVFR0RBV2doUlBVRTV6Wlc1elpTNXNiMk5oYkdSdmJXRnBiakFOCkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQWNQbmllQ29FSmRjV25CVHdqRmE3bjZqTFMrZ1pUYUk2ZjAzWktQMFYKQ0pSaDUxWTNwb2dpcnJYcVNHQ1VGTVNHbGpsQ21mU2VhdW9GWFYwanZLejhnMGZ1NU9kYlhjd2FrZFBZSXgydQpVT0dMbllTaEdCNlpoMmhpWWdSVGFpemJoTVliQitzQkV4QU1CdHZRZElSZ3dBWkRNWE9jY0MwZnJaMFhRRlRFCnQ3by82VGYvZEprdnB0cmRYWW1INnFUWlA2MGxyTnlabVloTjc1NEluOFZLRVVSRWNZamg1ejlJanA1NTE1cU0Kb0VrSGNKbTBDNkh2VStETG1ybFpFYkV4bnVOMFQzWTBNZ0hiVFVhU2Y1L2FKVmlIM0dOMnMzbG1ZM0VXTS9Vcwo3azFyc2JTa2orZzJvQXlTcjU0Nlc4RkdaMjliZFlOYk1EaTQ4aXVRQWlzRlQrTGZXN3Y3RVl3WGJ3NUhSVkpNCjV2MlhnenJwN2Yxa08zckEzeXUyS1VSSktHdjJ1ZXhNSythb1VOZXhRT3ludmZGUTBCemRHQ1dlcmVvZTZ3bDMKbHc4Z2dCWDI1VGIxbzR3d1UzNXdtUUIrMC9rbjB0SXoveVBhY2JzbDAwZ0dJNFhTbWpRQmF0MUZYRHFEME1JMgp4S0RqMXZ2dkNTVnRKc09ESG95eDhLc3ptbno5UVFoV0ZNeC9LTXp1clh0OWtsWFRJc0t3d2NXMytZQWtQMzNaClgvOGJnZS8zK2RibTdNN3BndmFBNVFlU3VTbkwzNjdLT1g1NlNZNGFZWHhkc1haVDc0ZGxVRU1jbG9NU0NIOG4KR25QWlpyWTNHdnZaU2ovQWdqT2lDNHNBL2JSSmh4cCtUQndlRFByR0pFUEJFVW9sZEZHVXdraFJXMVVuRlc2YwpyTGM9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K</crt>
|
||||
<csr/>
|
||||
<csr/>
|
||||
</ctrl_agent>
|
||||
<ctrl_agent version="0.0.1">
|
||||
<data_length/>
|
||||
<default_action>allow</default_action>
|
||||
<defaultgw>1</defaultgw>
|
||||
<defaultPacketSize/>
|
||||
<depends/>
|
||||
<depends/>
|
||||
<depends/>
|
||||
<depends/>
|
||||
<descr/>
|
||||
<descr>Allow ping</descr>
|
||||
<descr>Allow unprivileged access to tap(4) device nodes</descr>
|
||||
<descr>Default allow LAN IPv6 to any rule</descr>
|
||||
<descr>Default allow LAN to any rule</descr>
|
||||
<descr>Disable CTRL+ALT+Delete reboot from keyboard.</descr>
|
||||
<descr>Disable Indirect Branch Restricted Speculation (Spectre V2 mitigation)</descr>
|
||||
<descr>Do not delay ACK to try and piggyback it onto a data packet</descr>
|
||||
<descr>Do not send ICMP port unreachable messages for closed UDP ports</descr>
|
||||
<descr>Drop packets to closed TCP ports without returning a RST</descr>
|
||||
<descr>Drop SYN-FIN packets (breaks RFC1379, but nobody uses it anyway)</descr>
|
||||
<descr>Enable/disable sending of ICMP redirects in response to IP packets for which a better,
|
||||
<descr>Enable privacy settings for IPv6 (RFC 4941)</descr>
|
||||
<descr>Enable sending IPv6 redirects</descr>
|
||||
<descr>Enable TCP extended debugging</descr>
|
||||
<descr>Generate SYN cookies for outbound SYN-ACK packets</descr>
|
||||
<descr>Handling of non-IP packets which are not passed to pfil (see if_bridge(4))</descr>
|
||||
<descr>Hide processes running as other groups</descr>
|
||||
<descr>Hide processes running as other users</descr>
|
||||
<descr>Increase UFS read-ahead speeds to match the state of hard drives and NCQ.</descr>
|
||||
<descr>Interface WAN Gateway</descr>
|
||||
<description/>
|
||||
<description/>
|
||||
<description/>
|
||||
<description/>
|
||||
<description/>
|
||||
<description>/firewall_rules_edit.php made changes</description>
|
||||
<description>/firewall_rules_edit.php made changes</description>
|
||||
<description>/firewall_rules_edit.php made changes</description>
|
||||
<description>/firewall_rules_edit.php made changes</description>
|
||||
<description>/firewall_rules_edit.php made changes</description>
|
||||
<description>/firewall_rules_edit.php made changes</description>
|
||||
<description>/firewall_rules_edit.php made changes</description>
|
||||
<description>/firewall_rules_edit.php made changes</description>
|
||||
<description>/interfaces.php made changes</description>
|
||||
<description>System Administrators</description>
|
||||
<descr>Loopback</descr>
|
||||
<descr>Maximum incoming/outgoing TCP datagram size (receive)</descr>
|
||||
<descr>Maximum incoming/outgoing TCP datagram size (send)</descr>
|
||||
<descr>Maximum outgoing UDP datagram size</descr>
|
||||
<descr>Maximum outgoing UDP datagram size</descr>
|
||||
<descr>Maximum socket buffer size</descr>
|
||||
<descr>Page Table Isolation (Meltdown mitigation, requires reboot.)</descr>
|
||||
<descr>Prefer privacy addresses and use them over the normal addresses</descr>
|
||||
<descr>Randomize PID's (see src/sys/kern/kern_fork.c: sysctl_kern_randompid())</descr>
|
||||
<descr>Randomize the ID field in IP packets</descr>
|
||||
<descr>Set ICMP Limits</descr>
|
||||
<descr>Set the ephemeral port range to be lower.</descr>
|
||||
<descr>Set to 0 to disable filtering on the incoming and outgoing member interfaces.</descr>
|
||||
<descr>Set to 1 to additionally filter on the physical interface for locally destined packets</descr>
|
||||
<descr>Set to 1 to enable filtering on the bridge interface</descr>
|
||||
<descr>Source routing is another way for an attacker to try to reach non-routable addresses behind your box.
|
||||
<descr>Source routing is another way for an attacker to try to reach non-routable addresses behind your box.
|
||||
<descr>System Administrator</descr>
|
||||
<descr>TCP Offload Engine</descr>
|
||||
<descr>This option turns off the logging of redirect packets because there is no limit and this could fill
|
||||
<descr>UDP Checksums</descr>
|
||||
<descr>Web GUI TLS certificate</descr>
|
||||
<descr>Web GUI TLS certificate</descr>
|
||||
</destination>
|
||||
</destination>
|
||||
</destination>
|
||||
</destination>
|
||||
</destination>
|
||||
</destination>
|
||||
<destination>
|
||||
<destination>
|
||||
<destination>
|
||||
<destination>
|
||||
<destination>
|
||||
<destination>
|
||||
<destinations/>
|
||||
</detect>
|
||||
<detect>
|
||||
</dhcp4>
|
||||
<dhcp4 version="1.0.0">
|
||||
</dhcpd>
|
||||
<dhcpd>
|
||||
<dhcpdv6/>
|
||||
<dhcphostname/>
|
||||
<dhcprejectfrom/>
|
||||
<DHCRelay version="1.0.1"/>
|
||||
<direction>in</direction>
|
||||
<direction>in</direction>
|
||||
<direction>in</direction>
|
||||
<direction>in</direction>
|
||||
<disablechecksumoffloading>1</disablechecksumoffloading>
|
||||
<disableconsolemenu>1</disableconsolemenu>
|
||||
<disabled>0</disabled>
|
||||
<disablelargereceiveoffloading>1</disablelargereceiveoffloading>
|
||||
<disablenatreflection>yes</disablenatreflection>
|
||||
<disablepreempt>0</disablepreempt>
|
||||
<disablesegmentationoffloading>1</disablesegmentationoffloading>
|
||||
<disablevlanhwfilter>1</disablevlanhwfilter>
|
||||
<disconnectppps>0</disconnectppps>
|
||||
<dns64/>
|
||||
<dns64prefix/>
|
||||
<dnsallowoverride>1</dnsallowoverride>
|
||||
</dnsbl>
|
||||
<dnsbl>
|
||||
<dnsserver/>
|
||||
<dnsserver>192.168.5.1</dnsserver>
|
||||
<domain>localdomain</domain>
|
||||
<domains/>
|
||||
<dots/>
|
||||
<egress_only/>
|
||||
<enable/>
|
||||
<enable/>
|
||||
<enable>0</enable>
|
||||
<enable>1</enable>
|
||||
<enable>1</enable>
|
||||
<enable>1</enable>
|
||||
<enabled/>
|
||||
<enabled/>
|
||||
<enabled>0</enabled>
|
||||
<enabled>0</enabled>
|
||||
<enabled>0</enabled>
|
||||
<enabled>0</enabled>
|
||||
<enabled>0</enabled>
|
||||
<enabled>0</enabled>
|
||||
<enabled>0</enabled>
|
||||
<enabled>0</enabled>
|
||||
<enabled>0</enabled>
|
||||
<enabled>0</enabled>
|
||||
<enabled>1</enabled>
|
||||
<enabled>1</enabled>
|
||||
<enabled>1</enabled>
|
||||
<enabled>1</enabled>
|
||||
<enabled>enabled</enabled>
|
||||
<enable_wpad/>
|
||||
<eventqueuePath/>
|
||||
<eventqueueSlots/>
|
||||
<events/>
|
||||
<extendedstatistics/>
|
||||
<fargw>0</fargw>
|
||||
<files/>
|
||||
<fileTags/>
|
||||
</filter>
|
||||
<filter>
|
||||
</Filter>
|
||||
<Filter version="1.0.4">
|
||||
</Firewall>
|
||||
<Firewall>
|
||||
</firmware>
|
||||
<firmware version="1.0.1">
|
||||
<flavour/>
|
||||
<force_down/>
|
||||
<format/>
|
||||
</forwarding>
|
||||
<forwarding>
|
||||
<from>10.100.8.10</from>
|
||||
<fwrules>1</fwrules>
|
||||
<gateway>172.17.0.1</gateway>
|
||||
</gateway_item>
|
||||
<gateway_item uuid="a6ea102d-68bb-430f-af8b-269d52498fe1">
|
||||
</Gateways>
|
||||
<Gateways version="1.0.0">
|
||||
</general>
|
||||
</general>
|
||||
<general>
|
||||
<general>
|
||||
</general>
|
||||
</general>
|
||||
</general>
|
||||
</general>
|
||||
</general>
|
||||
</general>
|
||||
<general>
|
||||
<general>
|
||||
<general>
|
||||
<general>
|
||||
<general>
|
||||
<general version="0.0.1">
|
||||
</geoip>
|
||||
<geoip>
|
||||
<gid>1999</gid>
|
||||
<gif/>
|
||||
</gifs>
|
||||
<gifs version="1.0.0">
|
||||
<gre/>
|
||||
</gres>
|
||||
<gres version="1.0.0">
|
||||
</group>
|
||||
<group>
|
||||
<group>admins</group>
|
||||
<groupname>admins</groupname>
|
||||
</ha>
|
||||
<ha>
|
||||
<ha_peers/>
|
||||
</hasync>
|
||||
<hasync version="1.0.0">
|
||||
<hideidentity/>
|
||||
<hideversion/>
|
||||
<homenet>192.168.0.0/16,10.0.0.0/8,172.16.0.0/12</homenet>
|
||||
<hostname>OPNsense</hostname>
|
||||
<hostname>rtx4090</hostname>
|
||||
<hosts/>
|
||||
<httpdAllow/>
|
||||
<httpdEnabled>0</httpdEnabled>
|
||||
<httpdPassword/>
|
||||
<httpdPort>2812</httpdPort>
|
||||
<httpdUsername>root</httpdUsername>
|
||||
<http_host>127.0.0.1</http_host>
|
||||
<http_port>8000</http_port>
|
||||
</IDS>
|
||||
<IDS version="1.0.9">
|
||||
<ifgroups version="1.0.0"/>
|
||||
<if>le0</if>
|
||||
<if>le1</if>
|
||||
<if>lo0</if>
|
||||
<inactiveTimeout>15</inactiveTimeout>
|
||||
<incomingnumtcp/>
|
||||
<infracachenumhosts/>
|
||||
<infrahostttl/>
|
||||
<infrakeepprobing/>
|
||||
<insecuredomain/>
|
||||
<Instances/>
|
||||
<interface/>
|
||||
<interface/>
|
||||
<interface/>
|
||||
<interface/>
|
||||
<interface>lan</interface>
|
||||
<interface>lan</interface>
|
||||
<interfaces/>
|
||||
<interfaces/>
|
||||
<interfaces/>
|
||||
<interfaces/>
|
||||
</interfaces>
|
||||
<interfaces>
|
||||
</Interfaces>
|
||||
<Interfaces>
|
||||
<interfaces>wan</interfaces>
|
||||
<interface>wan</interface>
|
||||
<interface>wan</interface>
|
||||
<interface>wan</interface>
|
||||
<interface>wan</interface>
|
||||
<interface>wan</interface>
|
||||
<internal_dynamic>1</internal_dynamic>
|
||||
<interval/>
|
||||
<interval>120</interval>
|
||||
<interval>monthly</interval>
|
||||
<ipaddr>10.100.8.15</ipaddr>
|
||||
<ipaddr>10.100.8.1</ipaddr>
|
||||
<ipaddr>127.0.0.1</ipaddr>
|
||||
<ipaddr>dhcp</ipaddr>
|
||||
<ipaddrv6>::1</ipaddrv6>
|
||||
<ipaddrv6>track6</ipaddrv6>
|
||||
<ipprotocol>inet6</ipprotocol>
|
||||
<ipprotocol>inet</ipprotocol>
|
||||
<ipprotocol>inet</ipprotocol>
|
||||
<ipprotocol>inet</ipprotocol>
|
||||
<ipprotocol>inet</ipprotocol>
|
||||
<ipprotocol>inet</ipprotocol>
|
||||
<ipprotocol>inet</ipprotocol>
|
||||
<ips>0</ips>
|
||||
</IPsec>
|
||||
<IPsec version="1.0.1">
|
||||
<ipv6allow>1</ipv6allow>
|
||||
It can also be used to probe for information about your internal networks. These functions come enabled
|
||||
It can also be used to probe for information about your internal networks. These functions come enabled
|
||||
</item>
|
||||
</item>
|
||||
</item>
|
||||
</item>
|
||||
</item>
|
||||
</item>
|
||||
</item>
|
||||
</item>
|
||||
</item>
|
||||
</item>
|
||||
</item>
|
||||
</item>
|
||||
</item>
|
||||
</item>
|
||||
</item>
|
||||
</item>
|
||||
</item>
|
||||
</item>
|
||||
</item>
|
||||
</item>
|
||||
</item>
|
||||
</item>
|
||||
</item>
|
||||
</item>
|
||||
</item>
|
||||
</item>
|
||||
</item>
|
||||
</item>
|
||||
</item>
|
||||
</item>
|
||||
</item>
|
||||
</item>
|
||||
</item>
|
||||
</item>
|
||||
</item>
|
||||
<item>
|
||||
<item>
|
||||
<item>
|
||||
<item>
|
||||
<item>
|
||||
<item>
|
||||
<item>
|
||||
<item>
|
||||
<item>
|
||||
<item>
|
||||
<item>
|
||||
<item>
|
||||
<item>
|
||||
<item>
|
||||
<item>
|
||||
<item>
|
||||
<item>
|
||||
<item>
|
||||
<item>
|
||||
<item>
|
||||
<item>
|
||||
<item>
|
||||
<item>
|
||||
<item>
|
||||
<item>
|
||||
<item>
|
||||
<item>
|
||||
<item>
|
||||
<item>
|
||||
<item>
|
||||
<item>
|
||||
<item>
|
||||
<item>
|
||||
<item>
|
||||
<item>
|
||||
<jobs/>
|
||||
<jostletimeout/>
|
||||
</Kea>
|
||||
<Kea>
|
||||
<kex/>
|
||||
<keyPairs/>
|
||||
<keys/>
|
||||
<keysig/>
|
||||
<lagg/>
|
||||
</laggs>
|
||||
<laggs version="1.0.0">
|
||||
</lan>
|
||||
</lan>
|
||||
<lan>
|
||||
<lan>
|
||||
<language>en_US</language>
|
||||
<latencyhigh/>
|
||||
<latencylow/>
|
||||
<lb_use_sticky>1</lb_use_sticky>
|
||||
<lists/>
|
||||
</lo0>
|
||||
<lo0>
|
||||
<locals/>
|
||||
<local_zone_type>transparent</local_zone_type>
|
||||
<logfile/>
|
||||
<loglocal>1</loglocal>
|
||||
<loglocalactions/>
|
||||
<LogPayload>0</LogPayload>
|
||||
<logqueries/>
|
||||
<logreplies/>
|
||||
<logservfail/>
|
||||
<logtagqueryreply/>
|
||||
<logverbosity>1</logverbosity>
|
||||
<loopbacks version="1.0.0"/>
|
||||
<losshigh/>
|
||||
<loss_interval/>
|
||||
<losslow/>
|
||||
</Lvtemplate>
|
||||
<Lvtemplate version="0.0.1">
|
||||
<mac>d8:5e:d3:e7:2c:8c</mac>
|
||||
<macs/>
|
||||
<mailserver>127.0.0.1</mailserver>
|
||||
<match/>
|
||||
<match/>
|
||||
<match/>
|
||||
<match/>
|
||||
<maxfilesize/>
|
||||
<maxpreserve>31</maxpreserve>
|
||||
<media/>
|
||||
<mediaopt/>
|
||||
<member>0</member>
|
||||
<mirror/>
|
||||
<mmonitRegisterCredentials>1</mmonitRegisterCredentials>
|
||||
<mmonitTimeout>5</mmonitTimeout>
|
||||
<mmonitUrl/>
|
||||
<mode>automatic</mode>
|
||||
</monit>
|
||||
<monitor/>
|
||||
<monitor_disable>1</monitor_disable>
|
||||
<monitor_noroute/>
|
||||
<monit version="1.0.13">
|
||||
<MPMAlgo/>
|
||||
<msgcachesize/>
|
||||
<name>$HOST</name>
|
||||
<name>admins</name>
|
||||
<name>carp_status_change</name>
|
||||
<name>ChangedStatus</name>
|
||||
<name>CPUUsage</name>
|
||||
<name>gateway_alert</name>
|
||||
<name>LoadAvg15</name>
|
||||
<name>LoadAvg1</name>
|
||||
<name>LoadAvg5</name>
|
||||
<name>MemoryUsage</name>
|
||||
<name>NetworkLink</name>
|
||||
<name>NetworkSaturation</name>
|
||||
<name>NonZeroStatus</name>
|
||||
<name>Ping</name>
|
||||
<name>RootFs</name>
|
||||
<name>root</name>
|
||||
<name>SpaceUsage</name>
|
||||
<name>WAN_GW</name>
|
||||
</nat>
|
||||
<nat>
|
||||
<neighbors version="1.0.0"/>
|
||||
</Netflow>
|
||||
<netflowbackup>-1</netflowbackup>
|
||||
<Netflow version="1.0.1">
|
||||
<network>lan</network>
|
||||
<network>lan</network>
|
||||
<network>(self)</network>
|
||||
<network>wanip</network>
|
||||
<network>wanip</network>
|
||||
<nextgid>2000</nextgid>
|
||||
<nextuid>2000</nextuid>
|
||||
<noarecords/>
|
||||
<noauto>1</noauto>
|
||||
<noreglladdr6/>
|
||||
<noregrecords/>
|
||||
<noton>0</noton>
|
||||
<npt/>
|
||||
</ntpd>
|
||||
<ntpd>
|
||||
<ntpserver/>
|
||||
<numqueriesperthread/>
|
||||
<nxdomain/>
|
||||
<onetoone/>
|
||||
<openvpn/>
|
||||
</OpenVPN>
|
||||
</OpenVPNExport>
|
||||
<OpenVPNExport version="0.0.1">
|
||||
<OpenVPN version="1.0.0">
|
||||
</opnsense>
|
||||
<opnsense>
|
||||
</OPNsense>
|
||||
<OPNsense>
|
||||
<optimization>normal</optimization>
|
||||
</outbound>
|
||||
<outbound>
|
||||
<outgoing_interface/>
|
||||
<outgoingnumtcp/>
|
||||
<outgoingrange/>
|
||||
<Overwrites/>
|
||||
<password/>
|
||||
<password/>
|
||||
<password>$2y$10$YRVoF4SgskIsrXOvOQjGieB9XqHPRra9R7d80B3BZdbY/j21TwBfS</password>
|
||||
<passwordauth>1</passwordauth>
|
||||
<path/>
|
||||
<path/>
|
||||
<path/>
|
||||
<path/>
|
||||
<path/>
|
||||
<path/>
|
||||
<path/>
|
||||
<path/>
|
||||
<path/>
|
||||
<path/>
|
||||
<path/>
|
||||
<path/>
|
||||
<path>/</path>
|
||||
<path>/usr/local/opnsense/scripts/OPNsense/Monit/carp_status</path>
|
||||
<path>/usr/local/opnsense/scripts/OPNsense/Monit/gateway_alert</path>
|
||||
<permitrootlogin>1</permitrootlogin>
|
||||
<pf_share_forward>1</pf_share_forward>
|
||||
<pfsyncenabled>0</pfsyncenabled>
|
||||
<pfsyncinterface>lan</pfsyncinterface>
|
||||
<pfsyncpeerip/>
|
||||
<pfsyncversion>1400</pfsyncversion>
|
||||
<pidfile/>
|
||||
<pidfile/>
|
||||
<pidfile/>
|
||||
<pidfile/>
|
||||
<pipes/>
|
||||
<plugins/>
|
||||
<policies/>
|
||||
<polltime/>
|
||||
<polltime/>
|
||||
<polltime/>
|
||||
<polltime/>
|
||||
<Pools/>
|
||||
<port/>
|
||||
<port>22</port>
|
||||
<port>25</port>
|
||||
<port>443</port>
|
||||
<port>53</port>
|
||||
<port>80</port>
|
||||
<powerd_ac_mode>hadp</powerd_ac_mode>
|
||||
<powerd_battery_mode>hadp</powerd_battery_mode>
|
||||
<powerd_normal_mode>hadp</powerd_normal_mode>
|
||||
<ppp/>
|
||||
</ppps>
|
||||
<ppps>
|
||||
<prefer>0.opnsense.pool.ntp.org</prefer>
|
||||
<prefetch/>
|
||||
<prefetchkey/>
|
||||
<preSharedKeys/>
|
||||
<primaryconsole>video</primaryconsole>
|
||||
<priority>255</priority>
|
||||
<privateaddress>0.0.0.0/8,10.0.0.0/8,100.64.0.0/10,169.254.0.0/16,172.16.0.0/12,192.0.2.0/24,192.168.0.0/16,198.18.0.0/15,198.51.100.0/24,203.0.113.0/24,233.252.0.0/24,::1/128,2001:db8::/32,fc00::/8,fd00::/8,fe80::/10</privateaddress>
|
||||
<privatedomain/>
|
||||
<priv>page-all</priv>
|
||||
<Profile/>
|
||||
<promisc>0</promisc>
|
||||
<protocol>https</protocol>
|
||||
<protocol>icmp</protocol>
|
||||
<protocol>tcp</protocol>
|
||||
<protocol>tcp</protocol>
|
||||
<protocol>tcp/udp</protocol>
|
||||
<prv>LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUpRZ0lCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQ1N3d2dna29BZ0VBQW9JQ0FRRExzTERuNG1rVHhFclgKdHdqTXoxencyeHJhNTZ5bTYrYzlRNEM3UjMyMzVuWjVPM1ovdzMva01XZjkvbkZsamcyQVdYRElKY1dmOTQ0UgpFblFMdmlha2NNTHR1Qm1KTVRYZnVQWnhsSWE4Wlc0S0ZuT21UUzRZcUJXOEdCSkl3TG1DaTFvZGhZeGZQRDZMCldEZnZYMm1tWEIrUFNxL0l4WEhOSjdxZVB4YzVuSzUyMW1uNW5DQW1kUENjYmZ2Z1d1QzZOeFZtemR5em1rVC8KNnVqRUJFYTZ6RkQyUUtDN1N6a2ptZUNpd2VDQjc5NjZqeEV5UWtWUWpiVDkwWXJ4Q290TyttMkhBTlBkc2NPcQpvNldXMEhmSlNpa2k4K2NDWHlzbGRFSzFZbmxueTNFWlVqTExWamVFL1dBVTRDUFlSaFhUVUZVMjFkVXZrM29hCkVpeldVdmhKc1FHYnh2aFRUQlN3aVliOUQ3Ymx1MWl4UzJxNzczOTlVZ1E3cVM1QWE4SUdtcDg1Q2hRSUFZRWMKSTd6RGVWTGtrOGpkWkFCaTdGbDl0M05OQTU3WlVZVzErWE45K1RneWMxOVNsajFVbVF2RG96TEJDOTlNUmkvNApEQTIxRFpIODY3ekFYenFqZWUrckorQkZvNzVEQjlqd2tMTmVQZWl6bFF6dEhaalJTS2dpZ1I1T0pKa1JUci82CjduaTBtbzVITGNkU3hBSDFmdXdXS0hWS2RHQlQrNjhhYkUrZ2tRKytUOEx6dWErUW1qTE5RUWoxUkJIVjNLNVAKL3dvbXJKZG02d1ZLbm85RXlNait4azFwS05wb0F4UnR1WllmQ0RVVVBaNHVwQm1vMEs3d0Y0d21XdVdhK21Wdwplb1ZTcDRXMEhOWVJGU1pyWWxrc1AzdWViSHcva1FJREFRQUJBb0lDQUFzc3hPL2IzSTd3a0hpWU9wdmQ3b2ZxClJXVm9HM0ZHOVBkSCtrcU1DQW9zVXlpZ2lnWkZhQUZSY3BhZFBJUnBVRFZQOHQrUUx2RHhTSEtJVkNTR3lLRHgKN01mVTkxV3ZCUGtpc1NhWEV2TklEMHJ2WTJYbXl4WWdOcDBNcHdnbHhxZXlWSDNWSTFmZ09zQXpWVkpGSmtzeAp0NnVKV2U2R1lwRnlVZ3MzZytNdHhPYVJLZHcvWkFZb0dVRkR5WE5NR1JNdVRYYkg2WWxTOStFZ2RxZTJZbGtDCk41amkvODUydUlwSytXZUVnbmd1ZkVZNDdpVVhQSzFJTVB0UjRURUxOb3hkTWVBYnZBUG9La2QwMWZOWnVaQ3EKQ0dxNS9kMEQ4cDZKNjlUK3M1RnR1R1UrdkxtcUg3NmtsZjVmTTZnOFpCc2xSNStNQ0xlay9DaHRBZGU2VXBQRApXQ2EwazU3dmdneUdQdGVlVXY2RVJBMEp6SjlJd2VHZGdVWHhNdW5LK3ZSNWYydWJKWFJoMVJpNTNFSTNvVUxYClFvWm9hOTY3VzNUajQ3UzR2RlQyK2dLb0g2OXlNckdVNVkwcjJrSTFXMVVhWEJ1aVVrMi94amdyWVdTblUzUUQKZkM3ZXllTlNlN3c4UW9MMVBEYXJwVXdaK2xGZ0w3NFVScldLQU12WVhxa3NTMHVtb0tTSWo4cjZMM0hVSUVaUgpZRzhBTU91dFhrQk5lMkNpTXRKM2NYUXNIOWloQU9QL3AvaE9BTTBGNkM3Ymt1Vm85d1pRdDVESWxRWUl4TlArClFRZ2doRnhBNTlTWmpwRk00QkN5L0hEOENJY3VuSURZOVNlbXNSYXdyUVY1eGk1akFScVdOYTdBSVMvVlArdUUKQkpmS0dDNFlZVmxqS1VLeEgxVUJBb0lCQVFEcnZOWXNrd3ZhQ2Z6MlcvbkIrRjNjVE1RbjM2RENSYnZwQ0s1dApldm96TjJGbjBJdWFnN2RrYzN2NTFxTVNEd0h1cVNkVTRHUHZMcm83alpJaFNEZ1AwLzBLWmc0VmxtZE5HbEovCk1lcXhmOGRkOFdTQjZiUksrK2FRcEhaeDd2SUFTWkE4eHkvZ3F2NGJpSmlqVDhUQ2lSeXdYSTQ0ZlRYM0xLZTIKVG1Uc29XNk9yQmErSWJRYjBpTEh4WE4rZ3JDM0cxWWxIUlNvTEpKUkU0eFVLMGsvM1JLNU16RjRIYUNZb1BWOQpDOFpQellMR253SE9ERU8zbHRtSGJvQUNFa0VrT2dFV3U4RFo2YlYrMXJBcVh6WnN0L3hNZnJ5KzlMRVdYQUwvCkRnOEdkall0YzdyUTFZd1BIY1h6cFo2clVIdXh2K0p6VEE1ZzNCS1p6aWhwNFdHaEFvSUJBUURkTXE3N0dRWGMKYW5hYlMxanlFT3VzNFp5ZlJ4cW10NEVFaHZjY0dRVVVrV0IrWk11bnpyaENxb3ZwQ1dhVU9zWVhuNG45Y3BQSAo3bm1mOUJHbFI4NVhCVHNLM2d4bE5NMUhjSGFTNXZSem9WQVBNd3o2VVV0ZFNLWXRLR0Q3Wkxmbm9ISXN1SlEzCnJ6WWIyTFhpVmx6MWlNNUVmT0VrL1J5UjBwMGtleXVwa0F0OXBRV0hzaURYb0pibDE2d1ZLc2NDNGUzNjdRRWsKcFdoeXcyS3A4bXdtOGxqQllxZWtHdUREeGVZSDMzMVlGa2FMUEJCT2xPQnlveFlOUDdBVVREUlV3KzB1T01jNwozb0N1VE9jWnAxVWMwQURBOXRTRVRINklWdlFEUXZlYzR6MWRTVGRmUEkxRzVUTCt4Mzlvam5OcGVoYng0bEwvCmRxTTBmcFlPL2ZmeEFvSUJBRmwzOU8wNzdjNlY1ZHoyY1djTnhVbThGT0p4UEVrZlFEOGtYVmNOeW5HdnZoY3gKamhwWmpUdmhuSmJvd0VFMVV1MXFZNVFTQ2J1WVIzUWN1ZTVKdzRVMlZwNGd0NDIzNUlMZHo1dVlyVk1xaE5jQgpxN3ltbnhlcVhRcGVjTm15NzBQdXA0QjV0SkVYTkpQc2xzbThsNWVoaERMbkhjOFFybStlRWhUZDBlNEJJcjJoClVJeGVyRVcyemg1MXNPeTkyeVhUaVRGU3hTbENxVkYrRXM5TEVtVGJtYVNTYWw4RkY1TjEyMVhYSnkvWWRwNjkKY0dqc1BMTXIzR2xMSmVnalYzZlJUK0o1NWFxT3lhUlhCTXRBRVo3WGdUampETzJJWHNGMnNHaHV4SU1XVUYrVgp3YnhLbi9xSXVUMU1pVmpKbGZpVE0vWEFVdUN1QlowOEloaDFRcUVDZ2dFQUZwdzJySzRMSGxPM21mb2l0bU9xClkzcVFVdXVtdXNIcEt6aE1qQSsycURxUC9YdDZJY1lNcWF2YkwwL3ByMTh1bm4yTlVsM2k0ejNxS3NKOUIwTUcKd1hoa1o2RDQ3V052VkUwWG9iNS80RTN0N0EvUTFNbDRoYW1HYXZsRXFJM01DcDRvN1k5VWZ6aW10RVA3bTQ0dQpaRjYranR1ZysvSHZlS3hwcWEvNWI1U3N5QVFWUTZDZW9Ndm1nTW9CNmd2OFdid1VZbURWakJSb1Q4clBEQVllCnJnQjV1QkxJaGdyRlROMnV2TUZJZzdlTE1ISk1UR3dGWVZKd1Q1eGgrRUV0M0RoR3gwSEFnOHNqcGkxd05md1gKeENFeTRvYVloSWw1S2FDUndyK1dwZS9JZHYrajdGVTVMN1QvK0hFV0FlOEZ0eE5td3dUYWJRaUllRFkwU29ZRgpVUUtDQVFFQXRiclZqbTFsaDQ1REhIWnVsem4xNllIQzJrMUYwWG9FZFVSQ3o0QTFsMHBEK3ljL2srdmJ0Qmg0Cm1RRDV1a3FicHFFZy9GNUhDZmdOaHlieHNNdVV6NzFaU24zN2dwczNDWUdiUyt4RkhjZTJBakNTbUlYQWIxQjgKR0Z2WnV4UlB5QXU0YVBvT1J3RzM3NVBOM0VNNk83bzdxbjlYeExTZWRIMHExM2U0YkhYYm4rc2xOa1RIM2xmcwpLVnBOUUhVSUNDSW5vQ0llV1dwdnAwQnFoYjlKclRsbXd2c25zOHpZVDNiY3F5QXZHZGRnNUs3Y0MwRVJaem9ECnFJTkI3S05FVjQ1NmF0eDZVT3VYUlpKREMvaHNJUTZNaVBveUJacHRsK1ZIMEtQbEFIWGExb0FXZmNuL0U3MFYKK0RaeVBiMWxkQUdpb1hqditGd2h5VzZlWEVrQlBnPT0KLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo=</prv>
|
||||
<prv>LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUpSQUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQ1M0d2dna3FBZ0VBQW9JQ0FRREpTUWVnVFhySnl0NVYKYmk0Rk9IeHJrOXhxQ21FRU54V2pINVVwNDBFK3hjUzZQU1NyQ0RyVzdkOVhxUmQ4SkRkQ210a0tEaUxhY1pTMgpMUm1abnd6VnRzZGtBR2pOYm5OM1hSNmlFajdGL0JnbVBlcDFTaklacFNnM2Q5L1h4cU9BM1lCWXNNL25ST29YCnlmTHcycFJOLzhHVjN3MHoxbVFZUitMZWI3UTFuc1c3dTJ5NytUdzlJNkZTQnhuR1pHdHJQWXk2RUFvQ0x2bUYKQnFCYWxkWTQ2ejdlWjlIRkZXaE8ybWpaUzVPdTE3ZVozVHBxcFFNUHVPYnFXcXJoTTF2NWN2Ymh1TmRESE1ndgpVVFVnQ0RNK2FkS3dIc0dNNGw5ZGtOQTgxdGlJcXpzN1BqcjFSbTAyVW5RdGd5bzNjeE9FdWxiT2dTSGx0aFMyCmtUMXE2UmhyemYvRGRJSEhta1RROGtwWVloWGc0VmpMQVdpSVBub2dydmxFSVYwRGFDdkQyNmJGRENtWTFzb0UKbDV1NGtYanJScDRXK29NUVRHeG80NzFMQnNBMlh1Si82ZFJBQkxXOHh1cEU4OERiaWtZbnU1V1BpSnpleHhRUgoyNU1FQVd6TCtKK0lubFExbmpMVWwyN3R0c1VQQ1VjL3c0NXpwcEREdjBmdTQ2enVLcTNjRVZGK2JESytBZ2VPCkQ2SXNzUjVRRTdFNVdkWjYrNWl6ZHB4eWdUeGh0L1k1RlBkSEdCOUJsMWt6NHhsdGFzOW9uZmtIMWRUeTd3MU0Kck43Z1l5WjgvS0pMWW9EY2NBOVFuNGt6bGtPeFVUMENuS1Exa1Y2T3RoVGxUWDMrZ25pSkkrdFdZRDltNGV1cwpzYWN1anpyWDl5TTNZcEloMnZqODJ0NHpPNjIrNFFJREFRQUJBb0lDQUNPNnZpc1BIY3pzb1NjK2dkWkU1dGNNCnZkc240UDFIenVRd0VzRUcrVG1zanVWMVBZbExrbkE4OU1DQmdDejEyOFpMcU51ZlUwSDkxK1Uzbjd2MGJ1bVAKd3BpR2R4UUNOMlpZaGZ2RWE5YW1qMTNZYjBJbks3b0FKbUdrT254NW91UFl6YlBRblBNRE9WK0VKa2JwTWRxZgptOHdmOWg2OXYzSk03bUZJS0UrOVVZR252UjhuMkhETTNwR3FONEhQS1A4MkE0RXlvQ2d2a1BTelRxc052bU5ICnBOY0RURW5rNlNsWUhUVDNOSzJjVnBldUhMUzUrazlqNWI5elhUSlE5TkpVZlN6bnEvUmFpMUZVNDY1K0xpUjEKMGVPWDdnajFWUExOcGgwcWtQQy9ubW0vZStVMmZXUGZZb2FDcWkrQ0VwU2twQXlQZ1FZZTJsSG0rYVU4MzZ2UQpuaHZuL0p5ZHJDL1NyTUFZaXpOZFYyZjlHTkNwcE1SbUZyOS9saVJiNEFpSzRLSDRETGdSRUxHaDJLNzJuOFRLCkxUSVhIV3RacisyMWU4c0Mxbm5MSENnK21wMHBvSWJsbEtoYk9VTmVxR09yWm95NFBXdDZMQndFYzN0MG1wVEMKODhiSUpqMzFCQngzTGE1SUE5b0FNRi9lbHJYdFhhVnl4bm5yTHdjYzFNVWpCV20rZDVqbC9WOEdIcEJRd3pXYwpPNWdNSXlQNUIvdzBacUcyZjV1akZkOHo4dElmcEFRRTJSbDNxRUFYNU1NY1JQaFlTNDJqTWl4czc3TmtOVldQCkpqUVoxVDVXQTVKOUxEL2FKRkplQ2MvbjhpNldOQ3FzdEQ5OVNPTCsrTTBFQTlka2lLNWtOcXFZeXZuRG9SZVcKSW84eXhvVnpObURsWjBkSU9UUzlBb0lCQVFEb2tvMWxPS05FNlBWWmRRU3lmS0JOTEZNcEl1V1VVZmp0ODU4awpJTTB0TnNyS0d2N3NmYkt0dlMvOWgwMGluU2FyWTJ4amVETG91WEI5VzdKY1B1NjRoNHYwek1lbXRhdDRyTUJnClA5bkQ3MW00dERqS2ZrZDAza2tUbk4ySTBxYkwzeFVoTjNEQlJZTU9veDFMa2M4MFFFMHhSUEM1YmRJaXcwemEKTWdtK1dOZVY1VEZoSkpQZ2dVRVo5U1A2aWV1VEY0OW9wRGNWdGUwQ0I0WnFUaTRWb3YvZFVDWGpNK0djRnNWdgpPWTZYTE9KTmRldHdnUVNkd1hlSzB1WlBpWnVKTGlsTEg4OFVKYWNoQThDZW1SclMxRUtxWElwK2dkQWV4MnhVCmY5amRMMGF2SlJEY0xqWlhETXBvWlJpc0JoWVArZzY3VHZza3FscDh4M2p2STlWVkFvSUJBUURkajZrdWNLM0MKYXprMzlqYllvM3RFZ0R5L2VGNnBjWFlpK21Ba1ZNRk9vSWJ5cmNyN3BqSnRMNFMyMEFDRmpBUGFQT042dWVVWQpQQm92dC9QODB1V1c5cGZCK29mRmdadzRqc3hLWFY4eEJmOVdLWVZndFBsOHhIL1RJcERTMjhVTlowNDlhUW4vCjlCRzNac0lyenk3RzFLRTZPLzBMMnVmMnFyaUxxRFQyV3dsdFVsbWs2Ym5NeThkR0sra1JLcFhvSm1RTlNHRHoKOXd4blU2ZmZ1NDdDLzRYMHRIVk1MVFVneFh4djdqN3BpSzI4dzBuZ1N5S3ozV0IzWTJwaFVsZEJIdEprQko1RQpoRm8zMXJCVDU5enhkb2crYXh1bkh4S3EySGFHRkt0ZUZ6RGpkTTFpQzE3bWNtWXBzR2tuenA0cjRjZm5FYTFSCko4Wmo5ZVFQaEVOZEFvSUJBUUN3d2hsbXNkb2MySFVJVFZDSm13QjJSdGJaYitWT2lkS0lmdDBYcHpwcFA3aDIKVEhndEl3ZDIxayt2LzNJWGVaclhMWlJHTVNkNEN1QTgxa0ZEckt6Z1lGeDFiR0hkQ1R2T1ZuVkxjWnUvTjUxWQpMTmp3eFhMbmxyMnhnMG8zMytuWERyQlBjNFJsejcvZ2t3WUQxa2pGckkwK2dlZjI5a2w4RkRUSHJMb05DaGFuCm5PNmZweDRneGZ2Rmo3T05pZDhhQnhEK2RiaEw3dDIzNmlJMWp6K2xRQ0g0Z1I2YWhHYldxOVBZU2NWZWprVmMKbTkrWnZPVFdSU0RteUkwMExDQ2k3UXVEUmlTcmFrYVFaL3F3VHlxOHk0ZnpWS3dKby8yYU52VFZiK2xSaWNuTgorWHpMNnU5dno0L1NNZXZEYWtqQVVjdDZmbmVQa1UxK2dsZ2VZSHlWQW9JQkFRRFJtYW0wVEZhbFdXaHMvNWtOClEwTkhINFhZb1JmMGRta0xXQStCNzBoY2lOS0JYRlp0ME9GZGw1bVdsSm9adk1hY1BBUDd3MGJ1c1ZVWWxZN1YKTy9LRTZVM1I3WjlxQWw1Mnh1aU81Vnc3ZFhBRDVBM1EyZ1EzdTNFdG5VS2lwOVA0QlNYb1JLbDRJVDV0WVdJSgpyZHVUciszQ3VLT0FCcHh4Snpxa3JBRkdtZ01HRCtUTWRXd1hTU1NBeHVPYklNMW1MSU4wYVdlSEJNMFFKdnptClZIb1BFVXA1b0FwamdWVUVacTk4K0VjK0NOWkxmL2d3bndQNllsQnpRWEtQRlNXRWJwTWNtWjNjTmRWZmc5T1YKM1FDUTBkQzhNL21hRlhSRWVibE95TmtCanpEcHpVTExJUFNyVDhoRVlpWm95VGVyVGRJZVVBUEZoYnBTTUhtTApFRlhsQW9JQkFRQ0VUdVJQRHZvMC9tdDhyTzhLNENsamtuU0gxZ1FBSjFha3U3UXg3NUJUTDB6OWRNY2lMK1JLCng1R1lFTW1wcUtNb2FPbWc0WFVRMVRlQ2Vic1R0NjMyWXp6cmNCU0d1RzVnN1o0UUVublUzRXU5QklIMUVSL2gKSEk0NWowU0xNRUpObkNiTkpnRVNRRUFCbzN3cHhrRTdiRGlNdTVPOXVqMlFRVTlTTm94QkFmbVFXRDJJaU1BRQpWYzV3QTNZajBMdElSYkJmdzNBTE9uNlRSc2xucy9JMnd2Z1RCQW9sU3NZbEtEK0NRY3hDZldlNmZwU21aYmlCClBGUE9DY1ZQTXhGeXBhZWFJMkRXNWRPNFNoNGQ0ZlZma2F3ck9LN1N2QnFZb0Y5L2VndThzQS9ZdklaRVltQUQKd0ZIOGs1QjJ4WXdiNkVmNmFFQ29ZTitsNWtlWmhNWTgKLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo=</prv>
|
||||
<qnameminstrict/>
|
||||
<queues/>
|
||||
<quick>1</quick>
|
||||
<quick>1</quick>
|
||||
<quick>1</quick>
|
||||
<quick>1</quick>
|
||||
</range>
|
||||
<range>
|
||||
<reboot/>
|
||||
<recipient>root@localhost.local</recipient>
|
||||
<refid>6734d13fa9e4a</refid>
|
||||
<refid>6734d6c82dc59</refid>
|
||||
<regdhcp/>
|
||||
<regdhcpdomain/>
|
||||
<regdhcpstatic/>
|
||||
<reminder/>
|
||||
<remotes/>
|
||||
<reservations/>
|
||||
</revision>
|
||||
<revision>
|
||||
<rocommunity>public</rocommunity>
|
||||
<route/>
|
||||
</rrd>
|
||||
<rrd>
|
||||
<rrdbackup>-1</rrdbackup>
|
||||
<rrsetcachesize/>
|
||||
</rule>
|
||||
</rule>
|
||||
</rule>
|
||||
</rule>
|
||||
</rule>
|
||||
</rule>
|
||||
<rules/>
|
||||
<rules/>
|
||||
<rules/>
|
||||
<rule uuid="0465308d-8605-466c-bcb4-95eeb989251a">
|
||||
<rule uuid="2df05591-13e7-4d91-a1b8-d25e338ada5f">
|
||||
<rule uuid="4a5e7b65-0d7f-4452-8a29-2ec61a47ec19">
|
||||
<rule uuid="b21f808a-6a4a-4cd6-9a83-1660cc8ea58b">
|
||||
<rule uuid="f2ee612c-c290-4445-8045-df82a86db0e5">
|
||||
<rule uuid="f79eded0-3c11-4f57-9aaa-55d4888589fa">
|
||||
<safesearch/>
|
||||
<scope>system</scope>
|
||||
<scope>system</scope>
|
||||
<secondaryconsole>serial</secondaryconsole>
|
||||
<sequence>system_information-container:00000000-col3:show,services_status-container:00000001-col4:show,gateways-container:00000002-col4:show,interface_list-container:00000003-col4:show</sequence>
|
||||
<serialspeed>115200</serialspeed>
|
||||
<serveexpired/>
|
||||
<serveexpiredclienttimeout/>
|
||||
<serveexpiredreplyttl/>
|
||||
<serveexpiredttl/>
|
||||
<serveexpiredttlreset/>
|
||||
</server>
|
||||
<servers/>
|
||||
<servers/>
|
||||
<server version="1.0.0">
|
||||
</service>
|
||||
</service>
|
||||
</service>
|
||||
</service>
|
||||
<service uuid="7513f341-7d21-4f11-903f-30d07b3aa41e">
|
||||
<service uuid="c1e99556-91f5-4dbf-81d7-7915a3213de9">
|
||||
<service uuid="dca8a81f-d389-4baa-b477-8b348194fd25">
|
||||
<service uuid="f99ada79-ba1a-4ee1-81f1-ef570e8e5ea9">
|
||||
<snatrules/>
|
||||
</snmpd>
|
||||
<snmpd>
|
||||
</source>
|
||||
</source>
|
||||
</source>
|
||||
</source>
|
||||
</source>
|
||||
</source>
|
||||
<source>
|
||||
<source>
|
||||
<source>
|
||||
<source>
|
||||
<source>
|
||||
<source>
|
||||
<SPDs/>
|
||||
<spoofmac/>
|
||||
</ssh>
|
||||
<ssh>
|
||||
<ssl>0</ssl>
|
||||
<ssl-certref>6734d6c82dc59</ssl-certref>
|
||||
<ssl-ciphers/>
|
||||
<sslverify>1</sslverify>
|
||||
<sslversion>auto</sslversion>
|
||||
<start/>
|
||||
<start/>
|
||||
<start/>
|
||||
<start/>
|
||||
<startdelay>120</startdelay>
|
||||
<starttimeout>30</starttimeout>
|
||||
<starttimeout>30</starttimeout>
|
||||
<starttimeout>30</starttimeout>
|
||||
<starttimeout>30</starttimeout>
|
||||
<statefile/>
|
||||
<statetype>keep state</statetype>
|
||||
<statetype>keep state</statetype>
|
||||
<statetype>keep state</statetype>
|
||||
<statetype>keep state</statetype>
|
||||
<StaticKeys/>
|
||||
</staticmap>
|
||||
<staticmap>
|
||||
</staticroutes>
|
||||
<staticroutes version="1.0.0">
|
||||
<stats/>
|
||||
<stop/>
|
||||
<stop/>
|
||||
<stop/>
|
||||
<stop/>
|
||||
<subnet>24</subnet>
|
||||
<subnet>8</subnet>
|
||||
<subnets/>
|
||||
<subnetv6>128</subnetv6>
|
||||
<subnetv6>64</subnetv6>
|
||||
<subscription/>
|
||||
</Swanctl>
|
||||
<Swanctl version="1.0.0">
|
||||
<synchronizetoip/>
|
||||
<syncitems/>
|
||||
<syscontact/>
|
||||
</sysctl>
|
||||
<sysctl>
|
||||
<syslocation/>
|
||||
<syslog/>
|
||||
</Syslog>
|
||||
<syslog>0</syslog>
|
||||
<syslog_eve>0</syslog_eve>
|
||||
<Syslog version="1.0.2">
|
||||
</system>
|
||||
<system>
|
||||
<targets/>
|
||||
<templates/>
|
||||
<templates/>
|
||||
</test>
|
||||
</test>
|
||||
</test>
|
||||
</test>
|
||||
</test>
|
||||
</test>
|
||||
</test>
|
||||
</test>
|
||||
</test>
|
||||
</test>
|
||||
</test>
|
||||
<tests>865105a2-cbea-4a01-9979-c67818da9d99</tests>
|
||||
<tests>91b4e409-211b-49d5-9fa3-dc9054106646,cbe9cb72-e8c2-4740-990c-abcc486b0654,c0708923-88de-4178-abdd-819737440ce0,e887125d-c5d2-45e6-b40d-2c400d5449d1</tests>
|
||||
<tests>cc3684f2-701e-4de4-883d-803e08cf47b6</tests>
|
||||
<tests>f2d734cb-2a0e-4375-9460-11bdd5b20503</tests>
|
||||
<test uuid="16186b38-0e13-4cc3-ad18-ccc3fcc91837">
|
||||
<test uuid="69117d4d-8c41-4712-97c0-87b4fa7c9837">
|
||||
<test uuid="865105a2-cbea-4a01-9979-c67818da9d99">
|
||||
<test uuid="91b4e409-211b-49d5-9fa3-dc9054106646">
|
||||
<test uuid="c0708923-88de-4178-abdd-819737440ce0">
|
||||
<test uuid="c34aab30-9194-4667-b516-004b9c90c1c0">
|
||||
<test uuid="cbe9cb72-e8c2-4740-990c-abcc486b0654">
|
||||
<test uuid="cc3684f2-701e-4de4-883d-803e08cf47b6">
|
||||
<test uuid="e887125d-c5d2-45e6-b40d-2c400d5449d1">
|
||||
<test uuid="ea6b821c-4f30-455b-bd5b-23a6f0c20554">
|
||||
<test uuid="f2d734cb-2a0e-4375-9460-11bdd5b20503">
|
||||
<theme>opnsense</theme>
|
||||
<this_server_name/>
|
||||
<time>1731518072.7612</time>
|
||||
<time>1731518072.7612</time>
|
||||
<time>1731518084.0639</time>
|
||||
<time>1731518084.0639</time>
|
||||
<time>1731518114.2801</time>
|
||||
<time>1731518114.2801</time>
|
||||
<time>1731518311.7033</time>
|
||||
<time>1731518356.7559</time>
|
||||
<time>1731534516.7156</time>
|
||||
<timeout>300</timeout>
|
||||
<timeout>300</timeout>
|
||||
<timeout>300</timeout>
|
||||
<timeout>300</timeout>
|
||||
<time_period/>
|
||||
<timeservers>0.opnsense.pool.ntp.org 1.opnsense.pool.ntp.org 2.opnsense.pool.ntp.org 3.opnsense.pool.ntp.org</timeservers>
|
||||
<timezone>Etc/UTC</timezone>
|
||||
<to>10.100.8.245</to>
|
||||
<toclient_groups/>
|
||||
<toserver_groups/>
|
||||
<track6-interface>wan</track6-interface>
|
||||
<track6-prefix-id>0</track6-prefix-id>
|
||||
</TrafficShaper>
|
||||
<TrafficShaper version="1.0.3">
|
||||
<tunable>hw.ibrs_disable</tunable>
|
||||
<tunable>hw.syscons.kbd_reboot</tunable>
|
||||
<tunable>kern.ipc.maxsockbuf</tunable>
|
||||
<tunable>kern.randompid</tunable>
|
||||
<tunable>net.inet6.ip6.prefer_tempaddr</tunable>
|
||||
<tunable>net.inet6.ip6.redirect</tunable>
|
||||
<tunable>net.inet6.ip6.use_tempaddr</tunable>
|
||||
<tunable>net.inet.icmp.icmplim</tunable>
|
||||
<tunable>net.inet.icmp.log_redirect</tunable>
|
||||
<tunable>net.inet.ip.accept_sourceroute</tunable>
|
||||
<tunable>net.inet.ip.portrange.first</tunable>
|
||||
<tunable>net.inet.ip.random_id</tunable>
|
||||
<tunable>net.inet.ip.redirect</tunable>
|
||||
<tunable>net.inet.ip.sourceroute</tunable>
|
||||
<tunable>net.inet.tcp.blackhole</tunable>
|
||||
<tunable>net.inet.tcp.delayed_ack</tunable>
|
||||
<tunable>net.inet.tcp.drop_synfin</tunable>
|
||||
<tunable>net.inet.tcp.log_debug</tunable>
|
||||
<tunable>net.inet.tcp.recvspace</tunable>
|
||||
<tunable>net.inet.tcp.sendspace</tunable>
|
||||
<tunable>net.inet.tcp.syncookies</tunable>
|
||||
<tunable>net.inet.tcp.tso</tunable>
|
||||
<tunable>net.inet.udp.blackhole</tunable>
|
||||
<tunable>net.inet.udp.checksum</tunable>
|
||||
<tunable>net.inet.udp.maxdgram</tunable>
|
||||
<tunable>net.link.bridge.pfil_bridge</tunable>
|
||||
<tunable>net.link.bridge.pfil_local_phys</tunable>
|
||||
<tunable>net.link.bridge.pfil_member</tunable>
|
||||
<tunable>net.link.bridge.pfil_onlyip</tunable>
|
||||
<tunable>net.link.tap.user_open</tunable>
|
||||
<tunable>net.local.dgram.maxdgram</tunable>
|
||||
<tunable>security.bsd.see_other_gids</tunable>
|
||||
<tunable>security.bsd.see_other_uids</tunable>
|
||||
<tunable>vfs.read_max</tunable>
|
||||
<tunable>vm.pmap.pti</tunable>
|
||||
<txtsupport/>
|
||||
<type/>
|
||||
<type/>
|
||||
<type>custom</type>
|
||||
<type>custom</type>
|
||||
<type>filesystem</type>
|
||||
<type>NetworkInterface</type>
|
||||
<type>NetworkInterface</type>
|
||||
<type>NetworkPing</type>
|
||||
<type>none</type>
|
||||
<type>pass</type>
|
||||
<type>pass</type>
|
||||
<type>pass</type>
|
||||
<type>pass</type>
|
||||
<type>pass</type>
|
||||
<type>pass</type>
|
||||
<type>ProgramStatus</type>
|
||||
<type>ProgramStatus</type>
|
||||
<type>SpaceUsage</type>
|
||||
<type>SystemResource</type>
|
||||
<type>SystemResource</type>
|
||||
<type>SystemResource</type>
|
||||
<type>SystemResource</type>
|
||||
<type>SystemResource</type>
|
||||
<type>system</type>
|
||||
<uid>0</uid>
|
||||
</unboundplus>
|
||||
<unboundplus version="1.0.9">
|
||||
<unwantedreplythreshold/>
|
||||
<UpdateCron/>
|
||||
</updated>
|
||||
</updated>
|
||||
</updated>
|
||||
</updated>
|
||||
<updated>
|
||||
<updated>
|
||||
<updated>
|
||||
<updated>
|
||||
up your logs consuming your whole hard drive.</descr>
|
||||
<url/>
|
||||
</user>
|
||||
<user>
|
||||
<userDefinedRules/>
|
||||
<username/>
|
||||
<username/>
|
||||
<username>root@192.168.5.204</username>
|
||||
<username>root@192.168.5.204</username>
|
||||
<username>root@192.168.5.204</username>
|
||||
<username>root@192.168.5.204</username>
|
||||
<username>root@192.168.5.204</username>
|
||||
<username>root@192.168.5.204</username>
|
||||
<username>root@192.168.5.204</username>
|
||||
<username>root@192.168.5.204</username>
|
||||
<username>root@192.168.5.204</username>
|
||||
<usevirtualterminal>1</usevirtualterminal>
|
||||
<valid_lifetime>4000</valid_lifetime>
|
||||
<valloglevel>0</valloglevel>
|
||||
<value>default</value>
|
||||
<value>default</value>
|
||||
<value>default</value>
|
||||
<value>default</value>
|
||||
<value>default</value>
|
||||
<value>default</value>
|
||||
<value>default</value>
|
||||
<value>default</value>
|
||||
<value>default</value>
|
||||
<value>default</value>
|
||||
<value>default</value>
|
||||
<value>default</value>
|
||||
<value>default</value>
|
||||
<value>default</value>
|
||||
<value>default</value>
|
||||
<value>default</value>
|
||||
<value>default</value>
|
||||
<value>default</value>
|
||||
<value>default</value>
|
||||
<value>default</value>
|
||||
<value>default</value>
|
||||
<value>default</value>
|
||||
<value>default</value>
|
||||
<value>default</value>
|
||||
<value>default</value>
|
||||
<value>default</value>
|
||||
<value>default</value>
|
||||
<value>default</value>
|
||||
<value>default</value>
|
||||
<value>default</value>
|
||||
<value>default</value>
|
||||
<value>default</value>
|
||||
<value>default</value>
|
||||
<value>default</value>
|
||||
<value>default</value>
|
||||
<verbosity/>
|
||||
<version>v9</version>
|
||||
<vip/>
|
||||
<virtual>1</virtual>
|
||||
</virtualip>
|
||||
<virtualip version="1.0.0">
|
||||
<vlan/>
|
||||
</vlans>
|
||||
<vlans version="1.0.0">
|
||||
<VTIs/>
|
||||
<vxlans version="1.0.2"/>
|
||||
</wan>
|
||||
<wan>
|
||||
</webgui>
|
||||
<webgui>
|
||||
<weight>1</weight>
|
||||
<whitelists/>
|
||||
</widgets>
|
||||
<widgets>
|
||||
<wildcards/>
|
||||
<winsserver/>
|
||||
</wireguard>
|
||||
<wireguard>
|
||||
</wireless>
|
||||
<wireless>
|
||||
<?xml version="1.0"?>
|
||||
<zones/>
|
Loading…
Reference in New Issue
Block a user