diff --git a/harmony-rs/opnsense-config-xml/src/data/dhcpd.rs b/harmony-rs/opnsense-config-xml/src/data/dhcpd.rs
index 9115e43..9c06716 100644
--- a/harmony-rs/opnsense-config-xml/src/data/dhcpd.rs
+++ b/harmony-rs/opnsense-config-xml/src/data/dhcpd.rs
@@ -13,21 +13,21 @@ use super::opnsense::{NumberOption, Range, StaticMap};
 
 #[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
 pub struct DhcpInterface {
-    pub enable: i32,
-    pub gateway: String,
-    pub domain: String,
+    pub enable: Option<MaybeString>,
+    pub gateway: Option<MaybeString>,
+    pub domain: Option<MaybeString>,
     #[yaserde(rename = "ddnsdomainalgorithm")]
-    pub ddns_domain_algorithm: String,
+    pub ddns_domain_algorithm: Option<MaybeString>,
     #[yaserde(rename = "numberoptions")]
     pub number_options: Vec<NumberOption>,
     #[yaserde(rename = "range")]
     pub range: Range,
-    pub winsserver: MaybeString,
-    pub dnsserver: MaybeString,
-    pub ntpserver: MaybeString,
+    pub winsserver: Option<MaybeString>,
+    pub dnsserver: Option<MaybeString>,
+    pub ntpserver: Option<MaybeString>,
     #[yaserde(rename = "staticmap")]
     pub staticmaps: Vec<StaticMap>,
-    pub pool: MaybeString,
+    pub pool: Option<MaybeString>,
 }
 
 #[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
@@ -40,11 +40,8 @@ pub struct DhcpRange {
 
 #[cfg(test)]
 mod test {
-    use std::net::Ipv4Addr;
-
     use crate::xml_utils::to_xml_str;
 
-    use super::*;
     use pretty_assertions::assert_eq;
 
     #[test]
diff --git a/harmony-rs/opnsense-config-xml/src/data/interfaces.rs b/harmony-rs/opnsense-config-xml/src/data/interfaces.rs
index 9d8104e..e980c73 100644
--- a/harmony-rs/opnsense-config-xml/src/data/interfaces.rs
+++ b/harmony-rs/opnsense-config-xml/src/data/interfaces.rs
@@ -7,12 +7,17 @@ pub struct Interface {
     pub internal_dynamic: Option<MaybeString>,
     #[yaserde(rename = "if")]
     pub physical_interface_name: String,
-    pub descr: String,
+    pub descr: Option<MaybeString>,
     pub enable: MaybeString,
     pub lock: Option<MaybeString>,
     #[yaserde(rename = "spoofmac")]
     pub spoof_mac: Option<MaybeString>,
     pub ipaddr: Option<MaybeString>,
+    pub dhcphostname: Option<MaybeString>,
+    #[yaserde(rename = "alias-address")]
+    pub alias_address: Option<MaybeString>,
+    #[yaserde(rename = "alias-subnet")]
+    pub alias_subnet: Option<MaybeString>,
     #[yaserde(rename = "blockpriv")]
     pub block_priv: Option<MaybeString>,
     #[yaserde(rename = "blockbogons")]
@@ -25,10 +30,28 @@ pub struct Interface {
     pub ipaddrv6: Option<MaybeString>,
     pub networks: Option<MaybeString>,
     pub subnetv6: Option<MaybeString>,
+    pub media: Option<MaybeString>,
+    pub mediaopt: Option<MaybeString>,
     #[yaserde(rename = "track6-interface")]
     pub track6_interface: Option<MaybeString>,
     #[yaserde(rename = "track6-prefix-id")]
     pub track6_prefix_id: Option<MaybeString>,
+    #[yaserde(rename = "dhcprejectfrom")]
+    pub dhcprejectfrom: Option<MaybeString>,
+    pub adv_dhcp_pt_timeout: Option<MaybeString>,
+    pub adv_dhcp_pt_retry: Option<MaybeString>,
+    pub adv_dhcp_pt_select_timeout: Option<MaybeString>,
+    pub adv_dhcp_pt_reboot: Option<MaybeString>,
+    pub adv_dhcp_pt_backoff_cutoff: Option<MaybeString>,
+    pub adv_dhcp_pt_initial_interval: Option<MaybeString>,
+    pub adv_dhcp_pt_values: Option<MaybeString>,
+    pub adv_dhcp_send_options: Option<MaybeString>,
+    pub adv_dhcp_request_options: Option<MaybeString>,
+    pub adv_dhcp_required_options: Option<MaybeString>,
+    pub adv_dhcp_option_modifiers: Option<MaybeString>,
+    pub adv_dhcp_config_advanced: Option<MaybeString>,
+    pub adv_dhcp_config_file_override: Option<MaybeString>,
+    pub adv_dhcp_config_file_override_path: Option<MaybeString>,
 }
 
 #[cfg(test)]
@@ -109,6 +132,8 @@ mod test {
       <descr>LAN</descr>
       <enable>1</enable>
       <spoofmac/>
+      <media/>
+      <mediaopt/>
       <ipaddr>192.168.20.1</ipaddr>
       <subnet>24</subnet>
       <ipaddrv6>track6</ipaddrv6>
diff --git a/harmony-rs/opnsense-config-xml/src/data/opnsense.rs b/harmony-rs/opnsense-config-xml/src/data/opnsense.rs
index 6facf52..48ff582 100644
--- a/harmony-rs/opnsense-config-xml/src/data/opnsense.rs
+++ b/harmony-rs/opnsense-config-xml/src/data/opnsense.rs
@@ -18,7 +18,8 @@ pub struct OPNsense {
     pub syslog: Syslog,
     pub nat: Nat,
     pub filter: Filters,
-    pub load_balancer: LoadBalancer,
+    pub load_balancer: Option<LoadBalancer>,
+    pub rrd: Option<RawXml>,
     pub ntpd: Ntpd,
     pub widgets: Widgets,
     pub revision: Revision,
@@ -26,13 +27,13 @@ pub struct OPNsense {
     pub opnsense: OPNsenseXmlSection,
     pub staticroutes: StaticRoutes,
     pub ca: MaybeString,
-    pub gateways: Gateways,
-    pub cert: Cert,
+    pub gateways: Option<Gateways>,
+    pub cert: Vec<Cert>,
     pub dhcpdv6: DhcpDv6,
     pub virtualip: VirtualIp,
     pub openvpn: OpenVpn,
     pub ppps: Ppps,
-    pub dyndnses: Dyndnses,
+    pub dyndnses: Option<Dyndnses>,
     pub vlans: Vlans,
     pub bridges: Bridges,
     pub gifs: Gifs,
@@ -332,7 +333,7 @@ pub struct Snmpd {
 #[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
 pub struct Syslog {
     pub reverse: Option<MaybeString>,
-    pub preservelogs: i32,
+    pub preservelogs: Option<MaybeString>,
 }
 
 #[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
@@ -389,6 +390,16 @@ pub struct Created {
     pub description: MaybeString,
 }
 
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Filter {
+    #[yaserde(attribute)]
+    version: String,
+    rules: Option<MaybeString>,
+    snatrules: Option<MaybeString>,
+    npt: Option<MaybeString>,
+    onetoone: Option<MaybeString>,
+}
+
 #[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
 #[yaserde(rename = "OPNsense")]
 pub struct OPNsenseXmlSection {
@@ -404,6 +415,8 @@ pub struct OPNsenseXmlSection {
     pub ipsec: Option<IPsec>,
     #[yaserde(rename = "Interfaces")]
     pub interfaces: Option<ConfigInterfaces>,
+    #[yaserde(rename = "Kea")]
+    pub kea: Option<RawXml>,
     pub monit: Option<Monit>,
     #[yaserde(rename = "OpenVPNExport")]
     pub openvpn_export: Option<OpenVPNExport>,
@@ -413,17 +426,19 @@ pub struct OPNsenseXmlSection {
     #[yaserde(rename = "TrafficShaper")]
     pub traffic_shaper: Option<RawXml>,
     pub unboundplus: Option<RawXml>,
+    #[yaserde(rename = "DHCRelay")]
+    pub dhcrelay: Option<RawXml>,
     pub wireguard: Option<Wireguard>,
     #[yaserde(rename = "Swanctl")]
     pub swanctl: Swanctl,
     #[yaserde(rename = "DynDNS")]
-    pub dyndns: DynDNS,
+    pub dyndns: Option<DynDNS>,
     #[yaserde(rename = "OpenVPN")]
     pub openvpn: ConfigOpenVPN,
     #[yaserde(rename = "Gateways")]
-    pub gateways: ConfigGateways,
+    pub gateways: RawXml,
     #[yaserde(rename = "HAProxy")]
-    pub haproxy: HAProxy,
+    pub haproxy: Option<HAProxy>,
 }
 
 #[derive(Debug, YaSerialize, YaDeserialize, PartialEq)]
@@ -457,7 +472,7 @@ pub struct IDSGeneral {
     #[yaserde(rename = "AlertSaveLogs")]
     alert_save_logs: u8,
     #[yaserde(rename = "MPMAlgo")]
-    mpm_algo: String,
+    mpm_algo: MaybeString,
     detect: Detect,
     syslog: Option<u8>,
     syslog_eve: Option<u8>,
@@ -469,7 +484,7 @@ pub struct IDSGeneral {
 #[derive(Debug, YaSerialize, YaDeserialize, PartialEq)]
 pub struct Detect {
     #[yaserde(rename = "Profile")]
-    profile: String,
+    profile: MaybeString,
     toclient_groups: MaybeString,
     toserver_groups: MaybeString,
 }
@@ -495,6 +510,13 @@ pub struct GeneralIpsec {
 pub struct ConfigInterfaces {
     vxlans: Vxlan,
     loopbacks: Loopback,
+    neighbors: Option<Neighbors>,
+}
+
+#[derive(Debug, YaSerialize, YaDeserialize, PartialEq)]
+pub struct Neighbors {
+    #[yaserde(attribute)]
+    version: String,
 }
 
 #[derive(Debug, YaSerialize, YaDeserialize, PartialEq)]
@@ -532,7 +554,7 @@ pub struct GeneralMonit {
     ssl: u8,
     sslversion: String,
     sslverify: u8,
-    logfile: String,
+    logfile: MaybeString,
     statefile: MaybeString,
     #[yaserde(rename = "eventqueuePath")]
     event_queue_path: MaybeString,
@@ -543,7 +565,7 @@ pub struct GeneralMonit {
     #[yaserde(rename = "httpdUsername")]
     httpd_username: String,
     #[yaserde(rename = "httpdPassword")]
-    httpd_password: String,
+    httpd_password: MaybeString,
     #[yaserde(rename = "httpdPort")]
     httpd_port: u16,
     #[yaserde(rename = "httpdAllow")]
@@ -565,7 +587,7 @@ pub struct Alert {
     noton: u8,
     events: MaybeString,
     format: MaybeString,
-    reminder: u32,
+    reminder: MaybeString,
     description: MaybeString,
 }
 
@@ -725,6 +747,8 @@ pub struct Firewall {
     pub lv_template: Option<LvTemplate>,
     #[yaserde(rename = "Category")]
     pub category: Option<Category>,
+    #[yaserde(rename = "Filter")]
+    pub filter: Option<Filter>,
     #[yaserde(rename = "Alias")]
     pub alias: Option<Alias>,
 }
@@ -1020,6 +1044,9 @@ pub struct ConfigSyslog {
 #[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
 pub struct SyslogGeneral {
     pub enabled: i32,
+    pub loglocal: Option<MaybeString>,
+    pub maxpreserve: Option<MaybeString>,
+    pub maxfilesize: Option<MaybeString>,
 }
 
 #[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
@@ -1293,11 +1320,6 @@ pub struct ConfigOpenVPN {
     pub StaticKeys: MaybeString,
 }
 
-#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
-pub struct ConfigGateways {
-    #[yaserde(attribute)]
-    pub version: String,
-}
 
 #[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
 #[yaserde(rename = "HAProxy")]
@@ -1835,27 +1857,27 @@ pub struct StaticRoutes {
     #[yaserde(attribute)]
     pub version: String,
     #[yaserde(rename = "route")]
-    pub route: MaybeString, // Assuming it can be empty, use Option
+    pub route: MaybeString,
 }
 
 #[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
-pub struct Ca {} // Empty struct for <ca/>
+pub struct Ca {}
 
 #[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
 pub struct Gateways {
     #[yaserde(rename = "gateway_item")]
-    pub gateway_item: MaybeString, // Assuming it can be empty, use Option
+    pub gateway_item: RawXml
 }
 
 #[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
 pub struct Cert {
-    #[yaserde(rename = "refid")]
+    #[yaserde(attribute)]
+    pub uuid: Option<String>,
     pub refid: String,
-    #[yaserde(rename = "descr")]
     pub descr: String,
-    #[yaserde(rename = "crt")]
     pub crt: String,
-    #[yaserde(rename = "prv")]
+    pub caref: Option<MaybeString>,
+    pub csr: Option<MaybeString>,
     pub prv: String,
 }
 
@@ -1873,27 +1895,27 @@ pub struct VirtualIp {
 #[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
 pub struct Vip {
     #[yaserde(attribute)]
-    pub uuid: String,
-    pub interface: String,
-    pub mode: String,
-    pub subnet: String,
-    pub subnet_bits: u32,
-    pub gateway: String,
-    pub noexpand: u32,
-    pub nobind: u32,
-    pub password: MaybeString,
-    pub vhid: MaybeString,
-    pub advbase: u32,
-    pub advskew: u32,
-    pub descr: String,
+    pub uuid: Option<String>,
+    pub interface: Option<MaybeString>,
+    pub mode: Option<MaybeString>,
+    pub subnet: Option<MaybeString>,
+    pub subnet_bits: Option<MaybeString>,
+    pub gateway: Option<MaybeString>,
+    pub noexpand: Option<MaybeString>,
+    pub nobind: Option<MaybeString>,
+    pub password: Option<MaybeString>,
+    pub vhid: Option<MaybeString>,
+    pub advbase: Option<MaybeString>,
+    pub advskew: Option<MaybeString>,
+    pub descr: Option<MaybeString>,
 }
 
 #[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
 pub struct OpenVpn {
     #[yaserde(rename = "openvpn-server")]
-    pub openvpn_server: MaybeString,
+    pub openvpn_server: Option<MaybeString>,
     #[yaserde(rename = "openvpn-client")]
-    pub openvpn_client: MaybeString,
+    pub openvpn_client: Option<MaybeString>,
 }
 
 #[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
@@ -1903,14 +1925,14 @@ pub struct Ppps {
 
 #[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
 pub struct Ppp {
-    pub ptpid: u32,
+    pub ptpid: Option<MaybeString>,
     #[yaserde(rename = "type")]
-    pub r#type: String,
+    pub r#type: Option<MaybeString>,
     #[yaserde(rename = "if")]
-    pub r#if: String,
-    pub ports: String,
-    pub username: String,
-    pub password: String,
+    pub r#if: Option<MaybeString>,
+    pub ports: Option<MaybeString>,
+    pub username: Option<MaybeString>,
+    pub password: Option<MaybeString>,
 }
 
 #[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
@@ -1951,11 +1973,15 @@ pub struct Bridges {
 
 #[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
 pub struct Gifs {
+    #[yaserde(attribute)]
+    pub version: Option<String>,
     pub gif: MaybeString,
 }
 
 #[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
 pub struct Gres {
+    #[yaserde(attribute)]
+    pub version: Option<String>,
     pub gre: MaybeString,
 }
 
@@ -1963,6 +1989,7 @@ pub struct Gres {
 pub struct Laggs {
     #[yaserde(attribute)]
     pub version: String,
+    pub lagg: Option<MaybeString>,
 }
 
 #[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
@@ -1972,45 +1999,50 @@ pub struct Wireless {
 
 #[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
 pub struct Hasync {
-    pub synchronizealiases: String,
-    pub synchronizeauthservers: String,
-    pub synchronizecerts: String,
-    pub synchronizedhcpd: String,
-    pub synchronizenat: String,
-    pub synchronizerules: String,
-    pub synchronizeschedules: String,
-    pub synchronizestaticroutes: String,
-    pub synchronizeusers: String,
-    pub synchronizevirtualip: String,
-    pub synchronizewidgets: String,
-    pub synchronizedhcrelay: String,
-    pub synchronizedhcpdv6: String,
-    pub synchronizedhcrelay6: String,
-    pub synchronizentpd: String,
-    pub synchronizesyslog: String,
-    pub synchronizecron: String,
-    pub synchronizesysctl: String,
-    pub synchronizewebgui: String,
-    pub synchronizednsforwarder: String,
-    pub synchronizeshaper: String,
-    pub synchronizecaptiveportal: String,
-    pub synchronizeipsec: String,
-    pub synchronizemonit: String,
-    pub synchronizessh: String,
-    pub synchronizeopenvpn: String,
-    pub synchronizeifgroups: String,
-    pub synchronizecategories: String,
-    pub synchronizelvtemplate: String,
-    pub synchronizesquid: String,
-    pub synchronizesuricata: String,
-    pub synchronizednsresolver: String,
-    pub pfsyncinterface: String,
-    pub synchronizetoip: String,
-    pub username: String,
-    pub password: String,
-    pub pfsyncenabled: String,
-    pub disablepreempt: String,
-    pub disconnectppps: String,
+    #[yaserde(attribute)]
+    pub version: Option<String>,
+    pub synchronizealiases: Option<MaybeString>,
+    pub synchronizeauthservers: Option<MaybeString>,
+    pub synchronizecerts: Option<MaybeString>,
+    pub synchronizedhcpd: Option<MaybeString>,
+    pub synchronizenat: Option<MaybeString>,
+    pub synchronizerules: Option<MaybeString>,
+    pub synchronizeschedules: Option<MaybeString>,
+    pub synchronizestaticroutes: Option<MaybeString>,
+    pub synchronizeusers: Option<MaybeString>,
+    pub synchronizevirtualip: Option<MaybeString>,
+    pub synchronizewidgets: Option<MaybeString>,
+    pub synchronizedhcrelay: Option<MaybeString>,
+    pub synchronizedhcpdv6: Option<MaybeString>,
+    pub synchronizedhcrelay6: Option<MaybeString>,
+    pub synchronizentpd: Option<MaybeString>,
+    pub synchronizesyslog: Option<MaybeString>,
+    pub synchronizecron: Option<MaybeString>,
+    pub synchronizesysctl: Option<MaybeString>,
+    pub synchronizewebgui: Option<MaybeString>,
+    pub synchronizednsforwarder: Option<MaybeString>,
+    pub synchronizeshaper: Option<MaybeString>,
+    pub synchronizecaptiveportal: Option<MaybeString>,
+    pub synchronizeipsec: Option<MaybeString>,
+    pub synchronizemonit: Option<MaybeString>,
+    pub synchronizessh: Option<MaybeString>,
+    pub synchronizeopenvpn: Option<MaybeString>,
+    pub synchronizeifgroups: Option<MaybeString>,
+    pub synchronizecategories: Option<MaybeString>,
+    pub synchronizelvtemplate: Option<MaybeString>,
+    pub synchronizesquid: Option<MaybeString>,
+    pub synchronizesuricata: Option<MaybeString>,
+    pub synchronizednsresolver: Option<MaybeString>,
+    pub pfsyncinterface: Option<MaybeString>,
+    pub synchronizetoip: Option<MaybeString>,
+    pub username: Option<MaybeString>,
+    pub password: Option<MaybeString>,
+    pub pfsyncenabled: Option<MaybeString>,
+    pub disablepreempt: Option<MaybeString>,
+    pub disconnectppps: Option<MaybeString>,
+    pub pfsyncpeerip: Option<MaybeString>,
+    pub pfsyncversion: Option<MaybeString>,
+    pub syncitems: Option<MaybeString>,
 }
 
 #[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
diff --git a/harmony-rs/opnsense-config/src/config.rs b/harmony-rs/opnsense-config/src/config.rs
deleted file mode 100644
index 0a40aa3..0000000
--- a/harmony-rs/opnsense-config/src/config.rs
+++ /dev/null
@@ -1,231 +0,0 @@
-use crate::error::Error;
-use async_trait::async_trait;
-use log::{info, trace};
-use opnsense_config_xml::OPNsense;
-use russh::client::{Config as SshConfig, Handler};
-use russh_keys::key;
-use std::{fs, net::Ipv4Addr, sync::Arc};
-
-#[async_trait]
-pub trait ConfigRepository: std::fmt::Debug {
-    async fn load(&self) -> Result<String, Error>;
-    async fn save(&self, content: &str) -> Result<(), Error>;
-}
-
-struct Client {}
-
-#[async_trait]
-impl Handler for Client {
-    type Error = Error;
-
-    async fn check_server_key(
-        &mut self,
-        _server_public_key: &key::PublicKey,
-    ) -> Result<bool, Self::Error> {
-        Ok(true)
-    }
-}
-
-#[derive(Debug)]
-pub struct SshConfigRepository {
-    ssh_config: Arc<SshConfig>,
-    username: String,
-    key: Arc<key::KeyPair>,
-    host: (Ipv4Addr, u16),
-}
-
-impl SshConfigRepository {
-    pub fn new(
-        host: (Ipv4Addr, u16),
-        username: String,
-        key: Arc<key::KeyPair>,
-        ssh_config: Arc<SshConfig>,
-    ) -> Self {
-        Self {
-            ssh_config,
-            username,
-            key,
-            host,
-        }
-    }
-}
-
-#[async_trait]
-impl ConfigRepository for SshConfigRepository {
-    async fn load(&self) -> Result<String, Error> {
-        let mut ssh = russh::client::connect(self.ssh_config.clone(), self.host, Client {}).await?;
-        ssh.authenticate_publickey(&self.username, self.key.clone())
-            .await?;
-
-        let mut channel = ssh.channel_open_session().await?;
-
-        channel.exec(true, "cat /conf/config.xml").await?;
-        let mut output: Vec<u8> = vec![];
-        loop {
-            let Some(msg) = channel.wait().await else {
-                break;
-            };
-
-            info!("got msg {:?}", msg);
-            match msg {
-                russh::ChannelMsg::Data { ref data } => {
-                    output.append(&mut data.to_vec());
-                }
-                russh::ChannelMsg::ExitStatus { .. } => {}
-                russh::ChannelMsg::WindowAdjusted { .. } => {}
-                russh::ChannelMsg::Success { .. } => {}
-                russh::ChannelMsg::Eof { .. } => {}
-                _ => todo!(),
-            }
-        }
-        Ok(String::from_utf8(output).expect("Valid utf-8 bytes"))
-    }
-
-    async fn save(&self, content: &str) -> Result<(), Error> {
-        let mut ssh = russh::client::connect(self.ssh_config.clone(), self.host, Client {}).await?;
-        ssh.authenticate_publickey(&self.username, self.key.clone())
-            .await?;
-
-        let mut channel = ssh.channel_open_session().await?;
-        todo!("Backup, Validate, Reload config file");
-
-        let command = format!(
-            "echo '{}' > /conf/config.xml",
-            content.replace("'", "'\"'\"'")
-        );
-        channel.exec(true, command.as_bytes()).await?;
-
-        loop {
-            let Some(msg) = channel.wait().await else {
-                break;
-            };
-
-            match msg {
-                russh::ChannelMsg::ExitStatus { exit_status } => {
-                    if exit_status != 0 {
-                        return Err(Error::Ssh(russh::Error::Disconnect));
-                    }
-                }
-                _ => {}
-            }
-        }
-
-        Ok(())
-    }
-}
-
-#[derive(Debug)]
-pub struct LocalFileConfigRepository {
-    file_path: String,
-}
-
-impl LocalFileConfigRepository {
-    pub fn new(file_path: String) -> Self {
-        Self { file_path }
-    }
-}
-
-#[async_trait]
-impl ConfigRepository for LocalFileConfigRepository {
-    async fn load(&self) -> Result<String, Error> {
-        Ok(fs::read_to_string(&self.file_path)?)
-    }
-
-    async fn save(&self, content: &str) -> Result<(), Error> {
-        Ok(fs::write(&self.file_path, content)?)
-    }
-}
-
-#[derive(Debug)]
-pub struct Config {
-    opnsense: OPNsense,
-    repository: Box<dyn ConfigRepository + Send + Sync>,
-}
-
-impl Config {
-    pub async fn new(repository: Box<dyn ConfigRepository + Send + Sync>) -> Result<Self, Error> {
-        let xml = repository.load().await?;
-        trace!("xml {}", xml);
-
-        let opnsense = OPNsense::from(xml);
-
-        Ok(Self {
-            opnsense,
-            repository,
-        })
-    }
-
-    pub fn get_opnsense(&self) -> &OPNsense {
-        &self.opnsense
-    }
-
-    pub fn get_opnsense_mut(&mut self) -> &mut OPNsense {
-        &mut self.opnsense
-    }
-
-    pub async fn save(&self) -> Result<(), Error> {
-        self.repository.save(&self.opnsense.to_xml()).await
-    }
-}
-
-#[cfg(test)]
-mod tests {
-    use crate::modules::dhcp::DhcpConfig;
-
-    use super::*;
-    use pretty_assertions::assert_eq;
-    use std::path::PathBuf;
-
-    #[tokio::test]
-    async fn test_load_config_from_local_file() {
-        let mut test_file_path = PathBuf::from(env!("CARGO_MANIFEST_DIR"));
-        test_file_path.push("src/tests/data/config-full-1.xml");
-
-        let config_file_path = test_file_path.to_str().unwrap().to_string();
-        println!("File path {config_file_path}");
-        let repository = Box::new(LocalFileConfigRepository::new(config_file_path));
-        let config_file_str = repository.load().await.unwrap();
-        let config = Config::new(repository)
-            .await
-            .expect("Failed to load config");
-
-        println!("Config {:?}", config);
-
-        let serialized = config.opnsense.to_xml();
-
-        fs::write("/tmp/serialized.xml", &serialized).unwrap();
-
-        assert_eq!(config_file_str, serialized);
-    }
-
-    #[tokio::test]
-    async fn test_add_dhcpd_static_entry() {
-        let mut test_file_path = PathBuf::from(env!("CARGO_MANIFEST_DIR"));
-        test_file_path.push("src/tests/data/config-structure.xml");
-
-        let config_file_path = test_file_path.to_str().unwrap().to_string();
-        println!("File path {config_file_path}");
-        let repository = Box::new(LocalFileConfigRepository::new(config_file_path));
-        let mut config = Config::new(repository)
-            .await
-            .expect("Failed to load config");
-
-        println!("Config {:?}", config);
-
-        let mut dhcp_config = DhcpConfig::new(&mut config.opnsense);
-        dhcp_config.add_static_mapping("00:00:00:00:00:00", Ipv4Addr::new(192,168,20,100), "hostname").expect("Should add static mapping");
-
-        let serialized = config.opnsense.to_xml();
-
-        fs::write("/tmp/serialized.xml", &serialized).unwrap();
-
-        let mut test_file_path = PathBuf::from(env!("CARGO_MANIFEST_DIR"));
-        test_file_path.push("src/tests/data/config-structure-with-dhcp-staticmap-entry.xml");
-
-        let config_file_path = test_file_path.to_str().unwrap().to_string();
-        println!("File path {config_file_path}");
-        let repository = Box::new(LocalFileConfigRepository::new(config_file_path));
-        let expected_config_file_str = repository.load().await.unwrap();
-        assert_eq!(expected_config_file_str, serialized);
-    }
-}
diff --git a/harmony-rs/opnsense-config/src/config/config.rs b/harmony-rs/opnsense-config/src/config/config.rs
new file mode 100644
index 0000000..b842638
--- /dev/null
+++ b/harmony-rs/opnsense-config/src/config/config.rs
@@ -0,0 +1,114 @@
+use crate::{error::Error, modules::dhcp::DhcpConfig};
+use log::trace;
+use opnsense_config_xml::OPNsense;
+
+use super::ConfigRepository;
+
+#[derive(Debug)]
+pub struct Config {
+    opnsense: OPNsense,
+    repository: Box<dyn ConfigRepository + Send + Sync>,
+}
+
+impl Config {
+    pub async fn new(repository: Box<dyn ConfigRepository + Send + Sync>) -> Result<Self, Error> {
+        let xml = repository.load().await?;
+        trace!("xml {}", xml);
+
+        let opnsense = OPNsense::from(xml);
+
+        Ok(Self {
+            opnsense,
+            repository,
+        })
+    }
+
+    pub fn dhcp(&mut self) -> DhcpConfig {
+        DhcpConfig::new(&mut self.opnsense)
+    }
+
+    pub async fn save(&self) -> Result<(), Error> {
+        self.repository.save(&self.opnsense.to_xml()).await
+    }
+}
+
+#[cfg(test)]
+mod tests {
+    use crate::config::LocalFileConfigRepository;
+    use crate::modules::dhcp::DhcpConfig;
+    use std::fs;
+    use std::net::Ipv4Addr;
+
+    use super::*;
+    use pretty_assertions::assert_eq;
+    use std::path::PathBuf;
+
+    #[tokio::test]
+    async fn test_load_config_from_local_file() {
+        for path in vec![
+            "src/tests/data/config-vm-test.xml",
+            "src/tests/data/config-full-1.xml",
+            "src/tests/data/config-structure.xml",
+        ] {
+            let mut test_file_path = PathBuf::from(env!("CARGO_MANIFEST_DIR"));
+            test_file_path.push(path);
+
+            let config_file_path = test_file_path.to_str().unwrap().to_string();
+            println!("File path {config_file_path}");
+            let repository = Box::new(LocalFileConfigRepository::new(config_file_path));
+            let config_file_str = repository.load().await.unwrap();
+            let config = Config::new(repository)
+                .await
+                .expect("Failed to load config");
+
+            println!("Config {:?}", config);
+
+            let serialized = config.opnsense.to_xml();
+
+            fs::write("/tmp/serialized.xml", &serialized).unwrap();
+
+            // Since the order of all fields is not always the same in opnsense config files
+            // I think it is good enough to have exactly the same amount of the same lines
+            let config_file_str_sorted = vec![config_file_str.lines().collect::<Vec<_>>()].sort();
+            let serialized_sorted = vec![config_file_str.lines().collect::<Vec<_>>()].sort();
+            assert_eq!(config_file_str_sorted, serialized_sorted);
+        }
+    }
+
+    #[tokio::test]
+    async fn test_add_dhcpd_static_entry() {
+        let mut test_file_path = PathBuf::from(env!("CARGO_MANIFEST_DIR"));
+        test_file_path.push("src/tests/data/config-structure.xml");
+
+        let config_file_path = test_file_path.to_str().unwrap().to_string();
+        println!("File path {config_file_path}");
+        let repository = Box::new(LocalFileConfigRepository::new(config_file_path));
+        let mut config = Config::new(repository)
+            .await
+            .expect("Failed to load config");
+
+        println!("Config {:?}", config);
+
+        let mut dhcp_config = DhcpConfig::new(&mut config.opnsense);
+        dhcp_config
+            .add_static_mapping(
+                "00:00:00:00:00:00",
+                Ipv4Addr::new(192, 168, 20, 100),
+                "hostname",
+            )
+            .expect("Should add static mapping");
+
+        let serialized = config.opnsense.to_xml();
+
+        fs::write("/tmp/serialized.xml", &serialized).unwrap();
+
+        let mut test_file_path = PathBuf::from(env!("CARGO_MANIFEST_DIR"));
+        test_file_path.push("src/tests/data/config-structure-with-dhcp-staticmap-entry.xml");
+
+        let config_file_path = test_file_path.to_str().unwrap().to_string();
+        println!("File path {config_file_path}");
+        let repository = Box::new(LocalFileConfigRepository::new(config_file_path));
+        let expected_config_file_str = repository.load().await.unwrap();
+        assert_eq!(expected_config_file_str, serialized);
+    }
+}
diff --git a/harmony-rs/opnsense-config/src/config/mod.rs b/harmony-rs/opnsense-config/src/config/mod.rs
new file mode 100644
index 0000000..8b814a4
--- /dev/null
+++ b/harmony-rs/opnsense-config/src/config/mod.rs
@@ -0,0 +1,4 @@
+mod config;
+mod repository;
+pub use repository::*;
+pub use config::*;
diff --git a/harmony-rs/opnsense-config/src/config/repository.rs b/harmony-rs/opnsense-config/src/config/repository.rs
new file mode 100644
index 0000000..ecb2c2a
--- /dev/null
+++ b/harmony-rs/opnsense-config/src/config/repository.rs
@@ -0,0 +1,151 @@
+use crate::error::Error;
+use async_trait::async_trait;
+use log::info;
+use russh::{
+    client::{Config as SshConfig, Handler, Msg},
+    Channel,
+};
+use russh_keys::key::{self, KeyPair};
+use std::{fs, net::Ipv4Addr, sync::Arc};
+
+#[async_trait]
+pub trait ConfigRepository: std::fmt::Debug {
+    async fn load(&self) -> Result<String, Error>;
+    async fn save(&self, content: &str) -> Result<(), Error>;
+}
+
+struct Client {}
+
+#[async_trait]
+impl Handler for Client {
+    type Error = Error;
+
+    async fn check_server_key(
+        &mut self,
+        _server_public_key: &key::PublicKey,
+    ) -> Result<bool, Self::Error> {
+        Ok(true)
+    }
+}
+
+#[derive(Debug)]
+pub enum SshCredentials {
+    SshKey { username: String, key: Arc<KeyPair> },
+    Password { username: String, password: String },
+}
+
+#[derive(Debug)]
+pub struct SshConfigRepository {
+    ssh_config: Arc<SshConfig>,
+    credentials: SshCredentials,
+    host: (Ipv4Addr, u16),
+}
+
+impl SshConfigRepository {
+    pub fn new(
+        host: (Ipv4Addr, u16),
+        credentials: SshCredentials,
+        ssh_config: Arc<SshConfig>,
+    ) -> Self {
+        Self {
+            ssh_config,
+            credentials,
+            host,
+        }
+    }
+}
+
+impl SshConfigRepository {
+    async fn get_ssh_channel(&self) -> Result<Channel<Msg>, Error> {
+        let mut ssh = russh::client::connect(self.ssh_config.clone(), self.host, Client {}).await?;
+
+        match &self.credentials {
+            SshCredentials::SshKey { username, key } => {
+                ssh.authenticate_publickey(username, key.clone()).await?;
+            }
+            SshCredentials::Password { username, password } => {
+                ssh.authenticate_password(username, password).await?;
+            }
+        }
+
+        Ok(ssh.channel_open_session().await?)
+    }
+}
+
+#[async_trait]
+impl ConfigRepository for SshConfigRepository {
+    async fn load(&self) -> Result<String, Error> {
+        let mut channel = self.get_ssh_channel().await?;
+
+        channel.exec(true, "cat /conf/config.xml").await?;
+        let mut output: Vec<u8> = vec![];
+        loop {
+            let Some(msg) = channel.wait().await else {
+                break;
+            };
+
+            info!("got msg {:?}", msg);
+            match msg {
+                russh::ChannelMsg::Data { ref data } => {
+                    output.append(&mut data.to_vec());
+                }
+                russh::ChannelMsg::ExitStatus { .. } => {}
+                russh::ChannelMsg::WindowAdjusted { .. } => {}
+                russh::ChannelMsg::Success { .. } => {}
+                russh::ChannelMsg::Eof { .. } => {}
+                _ => todo!(),
+            }
+        }
+        Ok(String::from_utf8(output).expect("Valid utf-8 bytes"))
+    }
+
+    async fn save(&self, content: &str) -> Result<(), Error> {
+        todo!("Backup, Validate, Reload config file");
+        let mut channel = self.get_ssh_channel().await?;
+
+        let command = format!(
+            "echo '{}' > /conf/config.xml",
+            content.replace("'", "'\"'\"'")
+        );
+        channel.exec(true, command.as_bytes()).await?;
+
+        loop {
+            let Some(msg) = channel.wait().await else {
+                break;
+            };
+
+            match msg {
+                russh::ChannelMsg::ExitStatus { exit_status } => {
+                    if exit_status != 0 {
+                        return Err(Error::Ssh(russh::Error::Disconnect));
+                    }
+                }
+                _ => {}
+            }
+        }
+
+        Ok(())
+    }
+}
+
+#[derive(Debug)]
+pub struct LocalFileConfigRepository {
+    file_path: String,
+}
+
+impl LocalFileConfigRepository {
+    pub fn new(file_path: String) -> Self {
+        Self { file_path }
+    }
+}
+
+#[async_trait]
+impl ConfigRepository for LocalFileConfigRepository {
+    async fn load(&self) -> Result<String, Error> {
+        Ok(fs::read_to_string(&self.file_path)?)
+    }
+
+    async fn save(&self, content: &str) -> Result<(), Error> {
+        Ok(fs::write(&self.file_path, content)?)
+    }
+}
diff --git a/harmony-rs/opnsense-config/src/lib.rs b/harmony-rs/opnsense-config/src/lib.rs
index 6625b3a..1b7af7f 100644
--- a/harmony-rs/opnsense-config/src/lib.rs
+++ b/harmony-rs/opnsense-config/src/lib.rs
@@ -1,23 +1,45 @@
 pub mod config;
 pub mod error;
 pub mod modules;
-use std::net::Ipv4Addr;
 
 pub use config::Config;
 pub use error::Error;
-use modules::dhcp::DhcpConfig;
-use opnsense_config_xml::OPNsense;
+#[cfg(test)]
+mod test {
+    use config::SshConfigRepository;
+    use russh::client;
+    use std::{net::Ipv4Addr, sync::Arc, time::Duration};
 
-#[tokio::test]
-async fn test_public_sdk() {
-    let mut opnsense = OPNsense::default();
-    let mut dhcpd = DhcpConfig::new(&mut opnsense);
-    dhcpd.add_static_mapping(
-        "test_mac",
-        Ipv4Addr::new(192, 168, 168, 168),
-        "test_hostname",
-    );
+    use crate::{
+        config::{self, SshCredentials},
+        Config,
+    };
 
-    todo!();
-    // opnsense.apply_changes().await;
+    #[tokio::test]
+    async fn test_public_sdk() {
+        let config = Arc::new(client::Config {
+            inactivity_timeout: Some(Duration::from_secs(5)),
+            ..<_>::default()
+        });
+
+        let credentials = SshCredentials::Password {
+            username: String::from("root"),
+            password: String::from("opnsense"),
+        };
+
+        let repo =
+            SshConfigRepository::new((Ipv4Addr::new(192, 168, 5, 229), 22), credentials, config);
+        let mut config = Config::new(Box::new(repo)).await.unwrap();
+        config
+            .dhcp()
+            .add_static_mapping(
+                "test_mac",
+                Ipv4Addr::new(192, 168, 168, 168),
+                "test_hostname",
+            )
+            .unwrap();
+
+        todo!();
+        // opnsense.apply_changes().await;
+    }
 }
diff --git a/harmony-rs/opnsense-config/src/tests/data/config-vm-test.xml b/harmony-rs/opnsense-config/src/tests/data/config-vm-test.xml
new file mode 100644
index 0000000..1d176b4
--- /dev/null
+++ b/harmony-rs/opnsense-config/src/tests/data/config-vm-test.xml
@@ -0,0 +1,994 @@
+<?xml version="1.0"?>
+<opnsense>
+  <theme>opnsense</theme>
+  <sysctl>
+    <item>
+      <descr>Increase UFS read-ahead speeds to match the state of hard drives and NCQ.</descr>
+      <tunable>vfs.read_max</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Set the ephemeral port range to be lower.</descr>
+      <tunable>net.inet.ip.portrange.first</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Drop packets to closed TCP ports without returning a RST</descr>
+      <tunable>net.inet.tcp.blackhole</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Do not send ICMP port unreachable messages for closed UDP ports</descr>
+      <tunable>net.inet.udp.blackhole</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Randomize the ID field in IP packets</descr>
+      <tunable>net.inet.ip.random_id</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>
+        Source routing is another way for an attacker to try to reach non-routable addresses behind your box.
+        It can also be used to probe for information about your internal networks. These functions come enabled
+        as part of the standard FreeBSD core system.
+      </descr>
+      <tunable>net.inet.ip.sourceroute</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>
+        Source routing is another way for an attacker to try to reach non-routable addresses behind your box.
+        It can also be used to probe for information about your internal networks. These functions come enabled
+        as part of the standard FreeBSD core system.
+      </descr>
+      <tunable>net.inet.ip.accept_sourceroute</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>
+        This option turns off the logging of redirect packets because there is no limit and this could fill
+        up your logs consuming your whole hard drive.
+      </descr>
+      <tunable>net.inet.icmp.log_redirect</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Drop SYN-FIN packets (breaks RFC1379, but nobody uses it anyway)</descr>
+      <tunable>net.inet.tcp.drop_synfin</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Enable sending IPv6 redirects</descr>
+      <tunable>net.inet6.ip6.redirect</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Enable privacy settings for IPv6 (RFC 4941)</descr>
+      <tunable>net.inet6.ip6.use_tempaddr</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Prefer privacy addresses and use them over the normal addresses</descr>
+      <tunable>net.inet6.ip6.prefer_tempaddr</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Generate SYN cookies for outbound SYN-ACK packets</descr>
+      <tunable>net.inet.tcp.syncookies</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Maximum incoming/outgoing TCP datagram size (receive)</descr>
+      <tunable>net.inet.tcp.recvspace</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Maximum incoming/outgoing TCP datagram size (send)</descr>
+      <tunable>net.inet.tcp.sendspace</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Do not delay ACK to try and piggyback it onto a data packet</descr>
+      <tunable>net.inet.tcp.delayed_ack</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Maximum outgoing UDP datagram size</descr>
+      <tunable>net.inet.udp.maxdgram</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Handling of non-IP packets which are not passed to pfil (see if_bridge(4))</descr>
+      <tunable>net.link.bridge.pfil_onlyip</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Set to 1 to additionally filter on the physical interface for locally destined packets</descr>
+      <tunable>net.link.bridge.pfil_local_phys</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Set to 0 to disable filtering on the incoming and outgoing member interfaces.</descr>
+      <tunable>net.link.bridge.pfil_member</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Set to 1 to enable filtering on the bridge interface</descr>
+      <tunable>net.link.bridge.pfil_bridge</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Allow unprivileged access to tap(4) device nodes</descr>
+      <tunable>net.link.tap.user_open</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Randomize PID's (see src/sys/kern/kern_fork.c: sysctl_kern_randompid())</descr>
+      <tunable>kern.randompid</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Disable CTRL+ALT+Delete reboot from keyboard.</descr>
+      <tunable>hw.syscons.kbd_reboot</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Enable TCP extended debugging</descr>
+      <tunable>net.inet.tcp.log_debug</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Set ICMP Limits</descr>
+      <tunable>net.inet.icmp.icmplim</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>TCP Offload Engine</descr>
+      <tunable>net.inet.tcp.tso</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>UDP Checksums</descr>
+      <tunable>net.inet.udp.checksum</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Maximum socket buffer size</descr>
+      <tunable>kern.ipc.maxsockbuf</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Page Table Isolation (Meltdown mitigation, requires reboot.)</descr>
+      <tunable>vm.pmap.pti</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Disable Indirect Branch Restricted Speculation (Spectre V2 mitigation)</descr>
+      <tunable>hw.ibrs_disable</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Hide processes running as other groups</descr>
+      <tunable>security.bsd.see_other_gids</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Hide processes running as other users</descr>
+      <tunable>security.bsd.see_other_uids</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Enable/disable sending of ICMP redirects in response to IP packets for which a better,
+        and for the sender directly reachable, route and next hop is known.
+      </descr>
+      <tunable>net.inet.ip.redirect</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Maximum outgoing UDP datagram size</descr>
+      <tunable>net.local.dgram.maxdgram</tunable>
+      <value>default</value>
+    </item>
+  </sysctl>
+  <system>
+    <optimization>normal</optimization>
+    <hostname>OPNsense</hostname>
+    <domain>localdomain</domain>
+    <dnsallowoverride>1</dnsallowoverride>
+    <group>
+      <name>admins</name>
+      <description>System Administrators</description>
+      <scope>system</scope>
+      <gid>1999</gid>
+      <member>0</member>
+      <priv>page-all</priv>
+    </group>
+    <user>
+      <name>root</name>
+      <descr>System Administrator</descr>
+      <scope>system</scope>
+      <groupname>admins</groupname>
+      <password>$2y$10$YRVoF4SgskIsrXOvOQjGieB9XqHPRra9R7d80B3BZdbY/j21TwBfS</password>
+      <uid>0</uid>
+    </user>
+    <nextuid>2000</nextuid>
+    <nextgid>2000</nextgid>
+    <timezone>Etc/UTC</timezone>
+    <timeservers>0.opnsense.pool.ntp.org 1.opnsense.pool.ntp.org 2.opnsense.pool.ntp.org 3.opnsense.pool.ntp.org</timeservers>
+    <webgui>
+      <protocol>https</protocol>
+      <ssl-certref>6734d6c82dc59</ssl-certref>
+      <port/>
+      <ssl-ciphers/>
+      <interfaces/>
+      <compression/>
+    </webgui>
+    <disablenatreflection>yes</disablenatreflection>
+    <usevirtualterminal>1</usevirtualterminal>
+    <disableconsolemenu>1</disableconsolemenu>
+    <disablevlanhwfilter>1</disablevlanhwfilter>
+    <disablechecksumoffloading>1</disablechecksumoffloading>
+    <disablesegmentationoffloading>1</disablesegmentationoffloading>
+    <disablelargereceiveoffloading>1</disablelargereceiveoffloading>
+    <ipv6allow>1</ipv6allow>
+    <powerd_ac_mode>hadp</powerd_ac_mode>
+    <powerd_battery_mode>hadp</powerd_battery_mode>
+    <powerd_normal_mode>hadp</powerd_normal_mode>
+    <bogons>
+      <interval>monthly</interval>
+    </bogons>
+    <pf_share_forward>1</pf_share_forward>
+    <lb_use_sticky>1</lb_use_sticky>
+    <ssh>
+      <group>admins</group>
+      <noauto>1</noauto>
+      <interfaces/>
+      <kex/>
+      <ciphers/>
+      <macs/>
+      <keys/>
+      <keysig/>
+      <enabled>enabled</enabled>
+      <passwordauth>1</passwordauth>
+      <permitrootlogin>1</permitrootlogin>
+    </ssh>
+    <rrdbackup>-1</rrdbackup>
+    <netflowbackup>-1</netflowbackup>
+    <firmware version="1.0.1">
+      <mirror/>
+      <flavour/>
+      <plugins/>
+      <type/>
+      <subscription/>
+      <reboot/>
+    </firmware>
+    <dnsserver>192.168.5.1</dnsserver>
+    <language>en_US</language>
+    <serialspeed>115200</serialspeed>
+    <primaryconsole>video</primaryconsole>
+    <secondaryconsole>serial</secondaryconsole>
+  </system>
+  <interfaces>
+    <lan>
+      <enable>1</enable>
+      <if>le1</if>
+      <ipaddr>10.100.8.1</ipaddr>
+      <subnet>24</subnet>
+      <ipaddrv6>track6</ipaddrv6>
+      <subnetv6>64</subnetv6>
+      <media/>
+      <mediaopt/>
+      <track6-interface>wan</track6-interface>
+      <track6-prefix-id>0</track6-prefix-id>
+    </lan>
+    <lo0>
+      <internal_dynamic>1</internal_dynamic>
+      <descr>Loopback</descr>
+      <enable>1</enable>
+      <if>lo0</if>
+      <ipaddr>127.0.0.1</ipaddr>
+      <ipaddrv6>::1</ipaddrv6>
+      <subnet>8</subnet>
+      <subnetv6>128</subnetv6>
+      <type>none</type>
+      <virtual>1</virtual>
+    </lo0>
+    <wan>
+      <if>le0</if>
+      <descr/>
+      <enable>1</enable>
+      <spoofmac/>
+      <ipaddr>dhcp</ipaddr>
+      <dhcphostname/>
+      <alias-address/>
+      <alias-subnet>32</alias-subnet>
+      <dhcprejectfrom/>
+      <adv_dhcp_pt_timeout/>
+      <adv_dhcp_pt_retry/>
+      <adv_dhcp_pt_select_timeout/>
+      <adv_dhcp_pt_reboot/>
+      <adv_dhcp_pt_backoff_cutoff/>
+      <adv_dhcp_pt_initial_interval/>
+      <adv_dhcp_pt_values>SavedCfg</adv_dhcp_pt_values>
+      <adv_dhcp_send_options/>
+      <adv_dhcp_request_options/>
+      <adv_dhcp_required_options/>
+      <adv_dhcp_option_modifiers/>
+      <adv_dhcp_config_advanced/>
+      <adv_dhcp_config_file_override/>
+      <adv_dhcp_config_file_override_path/>
+    </wan>
+  </interfaces>
+  <dhcpd>
+    <lan>
+      <enable/>
+      <range>
+        <from>10.100.8.10</from>
+        <to>10.100.8.245</to>
+      </range>
+      <staticmap>
+        <mac>d8:5e:d3:e7:2c:8c</mac>
+        <ipaddr>10.100.8.15</ipaddr>
+        <hostname>rtx4090</hostname>
+        <winsserver/>
+        <dnsserver/>
+        <ntpserver/>
+      </staticmap>
+    </lan>
+  </dhcpd>
+  <snmpd>
+    <syslocation/>
+    <syscontact/>
+    <rocommunity>public</rocommunity>
+  </snmpd>
+  <nat>
+    <outbound>
+      <mode>automatic</mode>
+    </outbound>
+  </nat>
+  <filter>
+    <rule uuid="f79eded0-3c11-4f57-9aaa-55d4888589fa">
+      <type>pass</type>
+      <interface>wan</interface>
+      <ipprotocol>inet</ipprotocol>
+      <statetype>keep state</statetype>
+      <direction>in</direction>
+      <quick>1</quick>
+      <protocol>tcp</protocol>
+      <source>
+        <any>1</any>
+      </source>
+      <destination>
+        <network>wanip</network>
+        <port>80</port>
+      </destination>
+      <updated>
+        <username>root@192.168.5.204</username>
+        <time>1731518072.7612</time>
+        <description>/firewall_rules_edit.php made changes</description>
+      </updated>
+      <created>
+        <username>root@192.168.5.204</username>
+        <time>1731518072.7612</time>
+        <description>/firewall_rules_edit.php made changes</description>
+      </created>
+    </rule>
+    <rule uuid="4a5e7b65-0d7f-4452-8a29-2ec61a47ec19">
+      <type>pass</type>
+      <interface>wan</interface>
+      <ipprotocol>inet</ipprotocol>
+      <statetype>keep state</statetype>
+      <direction>in</direction>
+      <quick>1</quick>
+      <protocol>tcp</protocol>
+      <source>
+        <any>1</any>
+      </source>
+      <destination>
+        <network>wanip</network>
+        <port>443</port>
+      </destination>
+      <updated>
+        <username>root@192.168.5.204</username>
+        <time>1731518084.0639</time>
+        <description>/firewall_rules_edit.php made changes</description>
+      </updated>
+      <created>
+        <username>root@192.168.5.204</username>
+        <time>1731518084.0639</time>
+        <description>/firewall_rules_edit.php made changes</description>
+      </created>
+    </rule>
+    <rule uuid="0465308d-8605-466c-bcb4-95eeb989251a">
+      <type>pass</type>
+      <interface>wan</interface>
+      <ipprotocol>inet</ipprotocol>
+      <statetype>keep state</statetype>
+      <direction>in</direction>
+      <quick>1</quick>
+      <protocol>tcp/udp</protocol>
+      <source>
+        <any>1</any>
+      </source>
+      <destination>
+        <any>1</any>
+        <port>22</port>
+      </destination>
+      <updated>
+        <username>root@192.168.5.204</username>
+        <time>1731518114.2801</time>
+        <description>/firewall_rules_edit.php made changes</description>
+      </updated>
+      <created>
+        <username>root@192.168.5.204</username>
+        <time>1731518114.2801</time>
+        <description>/firewall_rules_edit.php made changes</description>
+      </created>
+    </rule>
+    <rule uuid="2df05591-13e7-4d91-a1b8-d25e338ada5f">
+      <type>pass</type>
+      <interface>wan</interface>
+      <ipprotocol>inet</ipprotocol>
+      <statetype>keep state</statetype>
+      <descr>Allow ping</descr>
+      <direction>in</direction>
+      <quick>1</quick>
+      <protocol>icmp</protocol>
+      <source>
+        <any>1</any>
+      </source>
+      <destination>
+        <network>(self)</network>
+      </destination>
+      <updated>
+        <username>root@192.168.5.204</username>
+        <time>1731518356.7559</time>
+        <description>/firewall_rules_edit.php made changes</description>
+      </updated>
+      <created>
+        <username>root@192.168.5.204</username>
+        <time>1731518311.7033</time>
+        <description>/firewall_rules_edit.php made changes</description>
+      </created>
+    </rule>
+    <rule uuid="f2ee612c-c290-4445-8045-df82a86db0e5">
+      <type>pass</type>
+      <ipprotocol>inet</ipprotocol>
+      <descr>Default allow LAN to any rule</descr>
+      <interface>lan</interface>
+      <source>
+        <network>lan</network>
+      </source>
+      <destination>
+        <any/>
+      </destination>
+    </rule>
+    <rule uuid="b21f808a-6a4a-4cd6-9a83-1660cc8ea58b">
+      <type>pass</type>
+      <ipprotocol>inet6</ipprotocol>
+      <descr>Default allow LAN IPv6 to any rule</descr>
+      <interface>lan</interface>
+      <source>
+        <network>lan</network>
+      </source>
+      <destination>
+        <any/>
+      </destination>
+    </rule>
+  </filter>
+  <rrd>
+    <enable/>
+  </rrd>
+  <ntpd>
+    <prefer>0.opnsense.pool.ntp.org</prefer>
+  </ntpd>
+  <widgets>
+    <sequence>system_information-container:00000000-col3:show,services_status-container:00000001-col4:show,gateways-container:00000002-col4:show,interface_list-container:00000003-col4:show</sequence>
+    <column_count>2</column_count>
+  </widgets>
+  <revision>
+    <username>root@192.168.5.204</username>
+    <time>1731534516.7156</time>
+    <description>/interfaces.php made changes</description>
+  </revision>
+  <OPNsense>
+    <DHCRelay version="1.0.1"/>
+    <wireguard>
+      <client version="1.0.0">
+        <clients/>
+      </client>
+      <general version="0.0.1">
+        <enabled>0</enabled>
+      </general>
+      <server version="1.0.0">
+        <servers/>
+      </server>
+    </wireguard>
+    <IPsec version="1.0.1">
+      <general>
+        <enabled/>
+      </general>
+      <keyPairs/>
+      <preSharedKeys/>
+    </IPsec>
+    <Swanctl version="1.0.0">
+      <Connections/>
+      <locals/>
+      <remotes/>
+      <children/>
+      <Pools/>
+      <VTIs/>
+      <SPDs/>
+    </Swanctl>
+    <OpenVPNExport version="0.0.1">
+      <servers/>
+    </OpenVPNExport>
+    <OpenVPN version="1.0.0">
+      <Overwrites/>
+      <Instances/>
+      <StaticKeys/>
+    </OpenVPN>
+    <captiveportal version="1.0.2">
+      <zones/>
+      <templates/>
+    </captiveportal>
+    <cron version="1.0.4">
+      <jobs/>
+    </cron>
+    <Firewall>
+      <Lvtemplate version="0.0.1">
+        <templates/>
+      </Lvtemplate>
+      <Alias version="1.0.1">
+        <geoip>
+          <url/>
+        </geoip>
+        <aliases/>
+      </Alias>
+      <Category version="1.0.0">
+        <categories/>
+      </Category>
+      <Filter version="1.0.4">
+        <rules/>
+        <snatrules/>
+        <npt/>
+        <onetoone/>
+      </Filter>
+    </Firewall>
+    <Netflow version="1.0.1">
+      <capture>
+        <interfaces/>
+        <egress_only/>
+        <version>v9</version>
+        <targets/>
+      </capture>
+      <collect>
+        <enable>0</enable>
+      </collect>
+      <activeTimeout>1800</activeTimeout>
+      <inactiveTimeout>15</inactiveTimeout>
+    </Netflow>
+    <IDS version="1.0.9">
+      <rules/>
+      <policies/>
+      <userDefinedRules/>
+      <files/>
+      <fileTags/>
+      <general>
+        <enabled>0</enabled>
+        <ips>0</ips>
+        <promisc>0</promisc>
+        <interfaces>wan</interfaces>
+        <homenet>192.168.0.0/16,10.0.0.0/8,172.16.0.0/12</homenet>
+        <defaultPacketSize/>
+        <UpdateCron/>
+        <AlertLogrotate>W0D23</AlertLogrotate>
+        <AlertSaveLogs>4</AlertSaveLogs>
+        <MPMAlgo/>
+        <detect>
+          <Profile/>
+          <toclient_groups/>
+          <toserver_groups/>
+        </detect>
+        <syslog>0</syslog>
+        <syslog_eve>0</syslog_eve>
+        <LogPayload>0</LogPayload>
+        <verbosity/>
+      </general>
+    </IDS>
+    <Interfaces>
+      <loopbacks version="1.0.0"/>
+      <neighbors version="1.0.0"/>
+      <vxlans version="1.0.2"/>
+    </Interfaces>
+    <Kea>
+      <ctrl_agent version="0.0.1">
+        <general>
+          <enabled>0</enabled>
+          <http_host>127.0.0.1</http_host>
+          <http_port>8000</http_port>
+        </general>
+      </ctrl_agent>
+      <dhcp4 version="1.0.0">
+        <general>
+          <enabled>0</enabled>
+          <interfaces/>
+          <valid_lifetime>4000</valid_lifetime>
+          <fwrules>1</fwrules>
+        </general>
+        <ha>
+          <enabled>0</enabled>
+          <this_server_name/>
+        </ha>
+        <subnets/>
+        <reservations/>
+        <ha_peers/>
+      </dhcp4>
+    </Kea>
+    <monit version="1.0.13">
+      <general>
+        <enabled>0</enabled>
+        <interval>120</interval>
+        <startdelay>120</startdelay>
+        <mailserver>127.0.0.1</mailserver>
+        <port>25</port>
+        <username/>
+        <password/>
+        <ssl>0</ssl>
+        <sslversion>auto</sslversion>
+        <sslverify>1</sslverify>
+        <logfile/>
+        <statefile/>
+        <eventqueuePath/>
+        <eventqueueSlots/>
+        <httpdEnabled>0</httpdEnabled>
+        <httpdUsername>root</httpdUsername>
+        <httpdPassword/>
+        <httpdPort>2812</httpdPort>
+        <httpdAllow/>
+        <mmonitUrl/>
+        <mmonitTimeout>5</mmonitTimeout>
+        <mmonitRegisterCredentials>1</mmonitRegisterCredentials>
+      </general>
+      <alert uuid="15f1e9ca-5dd5-4b20-b595-b6b4f82245d0">
+        <enabled>0</enabled>
+        <recipient>root@localhost.local</recipient>
+        <noton>0</noton>
+        <events/>
+        <format/>
+        <reminder/>
+        <description/>
+      </alert>
+      <service uuid="c1e99556-91f5-4dbf-81d7-7915a3213de9">
+        <enabled>1</enabled>
+        <name>$HOST</name>
+        <description/>
+        <type>system</type>
+        <pidfile/>
+        <match/>
+        <path/>
+        <timeout>300</timeout>
+        <starttimeout>30</starttimeout>
+        <address/>
+        <interface/>
+        <start/>
+        <stop/>
+        <tests>91b4e409-211b-49d5-9fa3-dc9054106646,cbe9cb72-e8c2-4740-990c-abcc486b0654,c0708923-88de-4178-abdd-819737440ce0,e887125d-c5d2-45e6-b40d-2c400d5449d1</tests>
+        <depends/>
+        <polltime/>
+      </service>
+      <service uuid="7513f341-7d21-4f11-903f-30d07b3aa41e">
+        <enabled>1</enabled>
+        <name>RootFs</name>
+        <description/>
+        <type>filesystem</type>
+        <pidfile/>
+        <match/>
+        <path>/</path>
+        <timeout>300</timeout>
+        <starttimeout>30</starttimeout>
+        <address/>
+        <interface/>
+        <start/>
+        <stop/>
+        <tests>cc3684f2-701e-4de4-883d-803e08cf47b6</tests>
+        <depends/>
+        <polltime/>
+      </service>
+      <service uuid="f99ada79-ba1a-4ee1-81f1-ef570e8e5ea9">
+        <enabled>0</enabled>
+        <name>carp_status_change</name>
+        <description/>
+        <type>custom</type>
+        <pidfile/>
+        <match/>
+        <path>/usr/local/opnsense/scripts/OPNsense/Monit/carp_status</path>
+        <timeout>300</timeout>
+        <starttimeout>30</starttimeout>
+        <address/>
+        <interface/>
+        <start/>
+        <stop/>
+        <tests>f2d734cb-2a0e-4375-9460-11bdd5b20503</tests>
+        <depends/>
+        <polltime/>
+      </service>
+      <service uuid="dca8a81f-d389-4baa-b477-8b348194fd25">
+        <enabled>0</enabled>
+        <name>gateway_alert</name>
+        <description/>
+        <type>custom</type>
+        <pidfile/>
+        <match/>
+        <path>/usr/local/opnsense/scripts/OPNsense/Monit/gateway_alert</path>
+        <timeout>300</timeout>
+        <starttimeout>30</starttimeout>
+        <address/>
+        <interface/>
+        <start/>
+        <stop/>
+        <tests>865105a2-cbea-4a01-9979-c67818da9d99</tests>
+        <depends/>
+        <polltime/>
+      </service>
+      <test uuid="ea6b821c-4f30-455b-bd5b-23a6f0c20554">
+        <name>Ping</name>
+        <type>NetworkPing</type>
+        <condition>failed ping</condition>
+        <action>alert</action>
+        <path/>
+      </test>
+      <test uuid="16186b38-0e13-4cc3-ad18-ccc3fcc91837">
+        <name>NetworkLink</name>
+        <type>NetworkInterface</type>
+        <condition>failed link</condition>
+        <action>alert</action>
+        <path/>
+      </test>
+      <test uuid="69117d4d-8c41-4712-97c0-87b4fa7c9837">
+        <name>NetworkSaturation</name>
+        <type>NetworkInterface</type>
+        <condition>saturation is greater than 75%</condition>
+        <action>alert</action>
+        <path/>
+      </test>
+      <test uuid="91b4e409-211b-49d5-9fa3-dc9054106646">
+        <name>MemoryUsage</name>
+        <type>SystemResource</type>
+        <condition>memory usage is greater than 75%</condition>
+        <action>alert</action>
+        <path/>
+      </test>
+      <test uuid="cbe9cb72-e8c2-4740-990c-abcc486b0654">
+        <name>CPUUsage</name>
+        <type>SystemResource</type>
+        <condition>cpu usage is greater than 75%</condition>
+        <action>alert</action>
+        <path/>
+      </test>
+      <test uuid="c0708923-88de-4178-abdd-819737440ce0">
+        <name>LoadAvg1</name>
+        <type>SystemResource</type>
+        <condition>loadavg (1min) is greater than 4</condition>
+        <action>alert</action>
+        <path/>
+      </test>
+      <test uuid="e887125d-c5d2-45e6-b40d-2c400d5449d1">
+        <name>LoadAvg5</name>
+        <type>SystemResource</type>
+        <condition>loadavg (5min) is greater than 3</condition>
+        <action>alert</action>
+        <path/>
+      </test>
+      <test uuid="c34aab30-9194-4667-b516-004b9c90c1c0">
+        <name>LoadAvg15</name>
+        <type>SystemResource</type>
+        <condition>loadavg (15min) is greater than 2</condition>
+        <action>alert</action>
+        <path/>
+      </test>
+      <test uuid="cc3684f2-701e-4de4-883d-803e08cf47b6">
+        <name>SpaceUsage</name>
+        <type>SpaceUsage</type>
+        <condition>space usage is greater than 75%</condition>
+        <action>alert</action>
+        <path/>
+      </test>
+      <test uuid="f2d734cb-2a0e-4375-9460-11bdd5b20503">
+        <name>ChangedStatus</name>
+        <type>ProgramStatus</type>
+        <condition>changed status</condition>
+        <action>alert</action>
+        <path/>
+      </test>
+      <test uuid="865105a2-cbea-4a01-9979-c67818da9d99">
+        <name>NonZeroStatus</name>
+        <type>ProgramStatus</type>
+        <condition>status != 0</condition>
+        <action>alert</action>
+        <path/>
+      </test>
+    </monit>
+    <Gateways version="1.0.0">
+      <gateway_item uuid="a6ea102d-68bb-430f-af8b-269d52498fe1">
+        <disabled>0</disabled>
+        <name>WAN_GW</name>
+        <descr>Interface WAN Gateway</descr>
+        <interface>wan</interface>
+        <ipprotocol>inet</ipprotocol>
+        <gateway>172.17.0.1</gateway>
+        <defaultgw>1</defaultgw>
+        <fargw>0</fargw>
+        <monitor_disable>1</monitor_disable>
+        <monitor_noroute/>
+        <monitor/>
+        <force_down/>
+        <priority>255</priority>
+        <weight>1</weight>
+        <latencylow/>
+        <latencyhigh/>
+        <losslow/>
+        <losshigh/>
+        <interval/>
+        <time_period/>
+        <loss_interval/>
+        <data_length/>
+      </gateway_item>
+    </Gateways>
+    <Syslog version="1.0.2">
+      <general>
+        <enabled>1</enabled>
+        <loglocal>1</loglocal>
+        <maxpreserve>31</maxpreserve>
+        <maxfilesize/>
+      </general>
+      <destinations/>
+    </Syslog>
+    <TrafficShaper version="1.0.3">
+      <pipes/>
+      <queues/>
+      <rules/>
+    </TrafficShaper>
+    <unboundplus version="1.0.9">
+      <general>
+        <enabled>1</enabled>
+        <port>53</port>
+        <stats/>
+        <active_interface/>
+        <dns64/>
+        <dns64prefix/>
+        <noarecords/>
+        <regdhcp/>
+        <regdhcpdomain/>
+        <regdhcpstatic/>
+        <noreglladdr6/>
+        <noregrecords/>
+        <txtsupport/>
+        <cacheflush/>
+        <local_zone_type>transparent</local_zone_type>
+        <outgoing_interface/>
+        <enable_wpad/>
+      </general>
+      <advanced>
+        <hideidentity/>
+        <hideversion/>
+        <prefetch/>
+        <prefetchkey/>
+        <aggressivensec>1</aggressivensec>
+        <serveexpired/>
+        <serveexpiredreplyttl/>
+        <serveexpiredttl/>
+        <serveexpiredttlreset/>
+        <serveexpiredclienttimeout/>
+        <qnameminstrict/>
+        <extendedstatistics/>
+        <logqueries/>
+        <logreplies/>
+        <logtagqueryreply/>
+        <logservfail/>
+        <loglocalactions/>
+        <logverbosity>1</logverbosity>
+        <valloglevel>0</valloglevel>
+        <privatedomain/>
+        <privateaddress>0.0.0.0/8,10.0.0.0/8,100.64.0.0/10,169.254.0.0/16,172.16.0.0/12,192.0.2.0/24,192.168.0.0/16,198.18.0.0/15,198.51.100.0/24,203.0.113.0/24,233.252.0.0/24,::1/128,2001:db8::/32,fc00::/8,fd00::/8,fe80::/10</privateaddress>
+        <insecuredomain/>
+        <msgcachesize/>
+        <rrsetcachesize/>
+        <outgoingnumtcp/>
+        <incomingnumtcp/>
+        <numqueriesperthread/>
+        <outgoingrange/>
+        <jostletimeout/>
+        <cachemaxttl/>
+        <cachemaxnegativettl/>
+        <cacheminttl/>
+        <infrahostttl/>
+        <infrakeepprobing/>
+        <infracachenumhosts/>
+        <unwantedreplythreshold/>
+      </advanced>
+      <acls>
+        <default_action>allow</default_action>
+      </acls>
+      <dnsbl>
+        <enabled>0</enabled>
+        <safesearch/>
+        <type/>
+        <lists/>
+        <whitelists/>
+        <blocklists/>
+        <wildcards/>
+        <address/>
+        <nxdomain/>
+      </dnsbl>
+      <forwarding>
+        <enabled/>
+      </forwarding>
+      <dots/>
+      <hosts/>
+      <aliases/>
+      <domains/>
+    </unboundplus>
+  </OPNsense>
+  <hasync version="1.0.0">
+    <disablepreempt>0</disablepreempt>
+    <disconnectppps>0</disconnectppps>
+    <pfsyncenabled>0</pfsyncenabled>
+    <pfsyncinterface>lan</pfsyncinterface>
+    <pfsyncpeerip/>
+    <pfsyncversion>1400</pfsyncversion>
+    <synchronizetoip/>
+    <username/>
+    <password/>
+    <syncitems/>
+  </hasync>
+  <openvpn/>
+  <ifgroups version="1.0.0"/>
+  <gifs version="1.0.0">
+    <gif/>
+  </gifs>
+  <gres version="1.0.0">
+    <gre/>
+  </gres>
+  <laggs version="1.0.0">
+    <lagg/>
+  </laggs>
+  <virtualip version="1.0.0">
+    <vip/>
+  </virtualip>
+  <vlans version="1.0.0">
+    <vlan/>
+  </vlans>
+  <staticroutes version="1.0.0">
+    <route/>
+  </staticroutes>
+  <bridges>
+    <bridged/>
+  </bridges>
+  <ppps>
+    <ppp/>
+  </ppps>
+  <wireless>
+    <clone/>
+  </wireless>
+  <ca/>
+  <dhcpdv6/>
+  <cert uuid="547102e9-23ba-48b8-8af8-64be61049e96">
+    <refid>6734d13fa9e4a</refid>
+    <descr>Web GUI TLS certificate</descr>
+    <caref/>
+    <crt>LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUhIakNDQlFhZ0F3SUJBZ0lVSUhVRkpwc253VGtzYWRrZmRDNUp1SDhqWnZNd0RRWUpLb1pJaHZjTkFRRUwKQlFBd2dZa3hIVEFiQmdOVkJBTU1GRTlRVG5ObGJuTmxMbXh2WTJGc1pHOXRZV2x1TVFzd0NRWURWUVFHRXdKTwpUREVWTUJNR0ExVUVDQXdNV25WcFpDMUliMnhzWVc1a01SVXdFd1lEVlFRSERBeE5hV1JrWld4b1lYSnVhWE14CkxUQXJCZ05WQkFvTUpFOVFUbk5sYm5ObElITmxiR1l0YzJsbmJtVmtJSGRsWWlCalpYSjBhV1pwWTJGMFpUQWUKRncweU5ERXhNVE14TmpFNE1EbGFGdzB5TlRFeU1UVXhOakU0TURsYU1JR0pNUjB3R3dZRFZRUUREQlJQVUU1egpaVzV6WlM1c2IyTmhiR1J2YldGcGJqRUxNQWtHQTFVRUJoTUNUa3d4RlRBVEJnTlZCQWdNREZwMWFXUXRTRzlzCmJHRnVaREVWTUJNR0ExVUVCd3dNVFdsa1pHVnNhR0Z5Ym1sek1TMHdLd1lEVlFRS0RDUlBVRTV6Wlc1elpTQnoKWld4bUxYTnBaMjVsWkNCM1pXSWdZMlZ5ZEdsbWFXTmhkR1V3Z2dJaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQwpEd0F3Z2dJS0FvSUNBUURKU1FlZ1RYckp5dDVWYmk0Rk9IeHJrOXhxQ21FRU54V2pINVVwNDBFK3hjUzZQU1NyCkNEclc3ZDlYcVJkOEpEZENtdGtLRGlMYWNaUzJMUm1abnd6VnRzZGtBR2pOYm5OM1hSNmlFajdGL0JnbVBlcDEKU2pJWnBTZzNkOS9YeHFPQTNZQllzTS9uUk9vWHlmTHcycFJOLzhHVjN3MHoxbVFZUitMZWI3UTFuc1c3dTJ5NworVHc5STZGU0J4bkdaR3RyUFl5NkVBb0NMdm1GQnFCYWxkWTQ2ejdlWjlIRkZXaE8ybWpaUzVPdTE3ZVozVHBxCnBRTVB1T2JxV3FyaE0xdjVjdmJodU5kREhNZ3ZVVFVnQ0RNK2FkS3dIc0dNNGw5ZGtOQTgxdGlJcXpzN1BqcjEKUm0wMlVuUXRneW8zY3hPRXVsYk9nU0hsdGhTMmtUMXE2UmhyemYvRGRJSEhta1RROGtwWVloWGc0VmpMQVdpSQpQbm9ncnZsRUlWMERhQ3ZEMjZiRkRDbVkxc29FbDV1NGtYanJScDRXK29NUVRHeG80NzFMQnNBMlh1Si82ZFJBCkJMVzh4dXBFODhEYmlrWW51NVdQaUp6ZXh4UVIyNU1FQVd6TCtKK0lubFExbmpMVWwyN3R0c1VQQ1VjL3c0NXoKcHBERHYwZnU0Nnp1S3EzY0VWRitiREsrQWdlT0Q2SXNzUjVRRTdFNVdkWjYrNWl6ZHB4eWdUeGh0L1k1RlBkSApHQjlCbDFrejR4bHRhczlvbmZrSDFkVHk3dzFNck43Z1l5WjgvS0pMWW9EY2NBOVFuNGt6bGtPeFVUMENuS1ExCmtWNk90aFRsVFgzK2duaUpJK3RXWUQ5bTRldXNzYWN1anpyWDl5TTNZcEloMnZqODJ0NHpPNjIrNFFJREFRQUIKbzRJQmVqQ0NBWFl3Q1FZRFZSMFRCQUl3QURBUkJnbGdoa2dCaHZoQ0FRRUVCQU1DQmtBd05BWUpZSVpJQVliNApRZ0VOQkNjV0pVOVFUbk5sYm5ObElFZGxibVZ5WVhSbFpDQlRaWEoyWlhJZ1EyVnlkR2xtYVdOaGRHVXdIUVlEClZSME9CQllFRkJRZytucWI5QW9HSWtoTUxhNHFzWGRvY0JGcE1JR3pCZ05WSFNNRWdhc3dnYWloZ1kra2dZd3cKZ1lreEhUQWJCZ05WQkFNTUZFOVFUbk5sYm5ObExteHZZMkZzWkc5dFlXbHVNUXN3Q1FZRFZRUUdFd0pPVERFVgpNQk1HQTFVRUNBd01XblZwWkMxSWIyeHNZVzVrTVJVd0V3WURWUVFIREF4TmFXUmtaV3hvWVhKdWFYTXhMVEFyCkJnTlZCQW9NSkU5UVRuTmxibk5sSUhObGJHWXRjMmxuYm1Wa0lIZGxZaUJqWlhKMGFXWnBZMkYwWllJVUlIVUYKSnBzbndUa3NhZGtmZEM1SnVIOGpadk13SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQ0FJQwpNQXNHQTFVZER3UUVBd0lGb0RBZkJnTlZIUkVFR0RBV2doUlBVRTV6Wlc1elpTNXNiMk5oYkdSdmJXRnBiakFOCkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQUZqNlQ1MmRIUklVMHJuZDE0d2dob2tjUkdrK0hIQloyTGlDRHpUeUwKNHdCeTJ1ZXJXQWdvYUZzeUlNQzhwWTBhWlc4TFlSd1BtRVB0OXlUS09ZZzF0NWtOUnk2RkF5akszeis5TGZTQwoxRlFpb0pma3FHRnhoc1IxV1R5RjBGNmJmM2tZRDZ4OWw1dEdqMXF3SndrekZWZWcvZGNtUVhvRTBmUDRqSFFvCmgxWXdiZ3pTa084TzRLUVhuWXVRM3g0bWdoZnBvR0hQM2xINlcybDJlWHpqSzllRjJtUG1ZS0p1M3JpSnkvL3gKRzhQWXBYNlNTN3RoVnNNeHF3cGJHbURXQXRuSnNrSmVsNDI1WUdOYlZ4YTNPOHE3RWxLNGFoNXpmai8wRnVwTgo3SnlqMWQyZjZFck14WlFnUi9EdmlUVnhISytRY1lBRXBqU2ZmZzBrRStpS1BlN0VYTVk1VU1aZUFTK1ZteG1LCjBPOWxaQXNpWUlEMzkwVjNTaDZxYjhoL2xMZ0V2NCtSNUw1VEpFaldYc0dQSUpGaHJNSFJWR1lhV3JIYWx3eHYKNjE5NFlpSXBEaUlHSVVSWGN1U3dNcndIQzN0bms2QVo2OW5CczVXT1JYM0NxOVhRRnVrVlA5eUMxQnRuSmFwbQpubUMzK3NtTTErRjkxUXlkVXJtbUxPNUVwUmtTMitBcmRTSklUR1NRNWt4L3VLNjhzV0QzVVdNNVRibUxrcWdOCkt6djZjemVCbzJiVExDT0JKUWJ4STFCckRPTUFMSDlCdXdUamVXdUVtWE9TWE1lTDFsejdhL2JZKzJxa1BSOVAKTE5IekE2QXZlVmxucDNaeFdqMjZFK3dwYnU5cHBaY0QzRGVHRnRnZzVJbUJ2ZDNWbjJ6UVc4a1ZMT1ZBdllSawptdWc9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K</crt>
+    <csr/>
+    <prv>LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUpSQUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQ1M0d2dna3FBZ0VBQW9JQ0FRREpTUWVnVFhySnl0NVYKYmk0Rk9IeHJrOXhxQ21FRU54V2pINVVwNDBFK3hjUzZQU1NyQ0RyVzdkOVhxUmQ4SkRkQ210a0tEaUxhY1pTMgpMUm1abnd6VnRzZGtBR2pOYm5OM1hSNmlFajdGL0JnbVBlcDFTaklacFNnM2Q5L1h4cU9BM1lCWXNNL25ST29YCnlmTHcycFJOLzhHVjN3MHoxbVFZUitMZWI3UTFuc1c3dTJ5NytUdzlJNkZTQnhuR1pHdHJQWXk2RUFvQ0x2bUYKQnFCYWxkWTQ2ejdlWjlIRkZXaE8ybWpaUzVPdTE3ZVozVHBxcFFNUHVPYnFXcXJoTTF2NWN2Ymh1TmRESE1ndgpVVFVnQ0RNK2FkS3dIc0dNNGw5ZGtOQTgxdGlJcXpzN1BqcjFSbTAyVW5RdGd5bzNjeE9FdWxiT2dTSGx0aFMyCmtUMXE2UmhyemYvRGRJSEhta1RROGtwWVloWGc0VmpMQVdpSVBub2dydmxFSVYwRGFDdkQyNmJGRENtWTFzb0UKbDV1NGtYanJScDRXK29NUVRHeG80NzFMQnNBMlh1Si82ZFJBQkxXOHh1cEU4OERiaWtZbnU1V1BpSnpleHhRUgoyNU1FQVd6TCtKK0lubFExbmpMVWwyN3R0c1VQQ1VjL3c0NXpwcEREdjBmdTQ2enVLcTNjRVZGK2JESytBZ2VPCkQ2SXNzUjVRRTdFNVdkWjYrNWl6ZHB4eWdUeGh0L1k1RlBkSEdCOUJsMWt6NHhsdGFzOW9uZmtIMWRUeTd3MU0Kck43Z1l5WjgvS0pMWW9EY2NBOVFuNGt6bGtPeFVUMENuS1Exa1Y2T3RoVGxUWDMrZ25pSkkrdFdZRDltNGV1cwpzYWN1anpyWDl5TTNZcEloMnZqODJ0NHpPNjIrNFFJREFRQUJBb0lDQUNPNnZpc1BIY3pzb1NjK2dkWkU1dGNNCnZkc240UDFIenVRd0VzRUcrVG1zanVWMVBZbExrbkE4OU1DQmdDejEyOFpMcU51ZlUwSDkxK1Uzbjd2MGJ1bVAKd3BpR2R4UUNOMlpZaGZ2RWE5YW1qMTNZYjBJbks3b0FKbUdrT254NW91UFl6YlBRblBNRE9WK0VKa2JwTWRxZgptOHdmOWg2OXYzSk03bUZJS0UrOVVZR252UjhuMkhETTNwR3FONEhQS1A4MkE0RXlvQ2d2a1BTelRxc052bU5ICnBOY0RURW5rNlNsWUhUVDNOSzJjVnBldUhMUzUrazlqNWI5elhUSlE5TkpVZlN6bnEvUmFpMUZVNDY1K0xpUjEKMGVPWDdnajFWUExOcGgwcWtQQy9ubW0vZStVMmZXUGZZb2FDcWkrQ0VwU2twQXlQZ1FZZTJsSG0rYVU4MzZ2UQpuaHZuL0p5ZHJDL1NyTUFZaXpOZFYyZjlHTkNwcE1SbUZyOS9saVJiNEFpSzRLSDRETGdSRUxHaDJLNzJuOFRLCkxUSVhIV3RacisyMWU4c0Mxbm5MSENnK21wMHBvSWJsbEtoYk9VTmVxR09yWm95NFBXdDZMQndFYzN0MG1wVEMKODhiSUpqMzFCQngzTGE1SUE5b0FNRi9lbHJYdFhhVnl4bm5yTHdjYzFNVWpCV20rZDVqbC9WOEdIcEJRd3pXYwpPNWdNSXlQNUIvdzBacUcyZjV1akZkOHo4dElmcEFRRTJSbDNxRUFYNU1NY1JQaFlTNDJqTWl4czc3TmtOVldQCkpqUVoxVDVXQTVKOUxEL2FKRkplQ2MvbjhpNldOQ3FzdEQ5OVNPTCsrTTBFQTlka2lLNWtOcXFZeXZuRG9SZVcKSW84eXhvVnpObURsWjBkSU9UUzlBb0lCQVFEb2tvMWxPS05FNlBWWmRRU3lmS0JOTEZNcEl1V1VVZmp0ODU4awpJTTB0TnNyS0d2N3NmYkt0dlMvOWgwMGluU2FyWTJ4amVETG91WEI5VzdKY1B1NjRoNHYwek1lbXRhdDRyTUJnClA5bkQ3MW00dERqS2ZrZDAza2tUbk4ySTBxYkwzeFVoTjNEQlJZTU9veDFMa2M4MFFFMHhSUEM1YmRJaXcwemEKTWdtK1dOZVY1VEZoSkpQZ2dVRVo5U1A2aWV1VEY0OW9wRGNWdGUwQ0I0WnFUaTRWb3YvZFVDWGpNK0djRnNWdgpPWTZYTE9KTmRldHdnUVNkd1hlSzB1WlBpWnVKTGlsTEg4OFVKYWNoQThDZW1SclMxRUtxWElwK2dkQWV4MnhVCmY5amRMMGF2SlJEY0xqWlhETXBvWlJpc0JoWVArZzY3VHZza3FscDh4M2p2STlWVkFvSUJBUURkajZrdWNLM0MKYXprMzlqYllvM3RFZ0R5L2VGNnBjWFlpK21Ba1ZNRk9vSWJ5cmNyN3BqSnRMNFMyMEFDRmpBUGFQT042dWVVWQpQQm92dC9QODB1V1c5cGZCK29mRmdadzRqc3hLWFY4eEJmOVdLWVZndFBsOHhIL1RJcERTMjhVTlowNDlhUW4vCjlCRzNac0lyenk3RzFLRTZPLzBMMnVmMnFyaUxxRFQyV3dsdFVsbWs2Ym5NeThkR0sra1JLcFhvSm1RTlNHRHoKOXd4blU2ZmZ1NDdDLzRYMHRIVk1MVFVneFh4djdqN3BpSzI4dzBuZ1N5S3ozV0IzWTJwaFVsZEJIdEprQko1RQpoRm8zMXJCVDU5enhkb2crYXh1bkh4S3EySGFHRkt0ZUZ6RGpkTTFpQzE3bWNtWXBzR2tuenA0cjRjZm5FYTFSCko4Wmo5ZVFQaEVOZEFvSUJBUUN3d2hsbXNkb2MySFVJVFZDSm13QjJSdGJaYitWT2lkS0lmdDBYcHpwcFA3aDIKVEhndEl3ZDIxayt2LzNJWGVaclhMWlJHTVNkNEN1QTgxa0ZEckt6Z1lGeDFiR0hkQ1R2T1ZuVkxjWnUvTjUxWQpMTmp3eFhMbmxyMnhnMG8zMytuWERyQlBjNFJsejcvZ2t3WUQxa2pGckkwK2dlZjI5a2w4RkRUSHJMb05DaGFuCm5PNmZweDRneGZ2Rmo3T05pZDhhQnhEK2RiaEw3dDIzNmlJMWp6K2xRQ0g0Z1I2YWhHYldxOVBZU2NWZWprVmMKbTkrWnZPVFdSU0RteUkwMExDQ2k3UXVEUmlTcmFrYVFaL3F3VHlxOHk0ZnpWS3dKby8yYU52VFZiK2xSaWNuTgorWHpMNnU5dno0L1NNZXZEYWtqQVVjdDZmbmVQa1UxK2dsZ2VZSHlWQW9JQkFRRFJtYW0wVEZhbFdXaHMvNWtOClEwTkhINFhZb1JmMGRta0xXQStCNzBoY2lOS0JYRlp0ME9GZGw1bVdsSm9adk1hY1BBUDd3MGJ1c1ZVWWxZN1YKTy9LRTZVM1I3WjlxQWw1Mnh1aU81Vnc3ZFhBRDVBM1EyZ1EzdTNFdG5VS2lwOVA0QlNYb1JLbDRJVDV0WVdJSgpyZHVUciszQ3VLT0FCcHh4Snpxa3JBRkdtZ01HRCtUTWRXd1hTU1NBeHVPYklNMW1MSU4wYVdlSEJNMFFKdnptClZIb1BFVXA1b0FwamdWVUVacTk4K0VjK0NOWkxmL2d3bndQNllsQnpRWEtQRlNXRWJwTWNtWjNjTmRWZmc5T1YKM1FDUTBkQzhNL21hRlhSRWVibE95TmtCanpEcHpVTExJUFNyVDhoRVlpWm95VGVyVGRJZVVBUEZoYnBTTUhtTApFRlhsQW9JQkFRQ0VUdVJQRHZvMC9tdDhyTzhLNENsamtuU0gxZ1FBSjFha3U3UXg3NUJUTDB6OWRNY2lMK1JLCng1R1lFTW1wcUtNb2FPbWc0WFVRMVRlQ2Vic1R0NjMyWXp6cmNCU0d1RzVnN1o0UUVublUzRXU5QklIMUVSL2gKSEk0NWowU0xNRUpObkNiTkpnRVNRRUFCbzN3cHhrRTdiRGlNdTVPOXVqMlFRVTlTTm94QkFmbVFXRDJJaU1BRQpWYzV3QTNZajBMdElSYkJmdzNBTE9uNlRSc2xucy9JMnd2Z1RCQW9sU3NZbEtEK0NRY3hDZldlNmZwU21aYmlCClBGUE9DY1ZQTXhGeXBhZWFJMkRXNWRPNFNoNGQ0ZlZma2F3ck9LN1N2QnFZb0Y5L2VndThzQS9ZdklaRVltQUQKd0ZIOGs1QjJ4WXdiNkVmNmFFQ29ZTitsNWtlWmhNWTgKLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo=</prv>
+  </cert>
+  <cert uuid="cad18e13-92c5-48b6-9b44-ad2e5dcc799e">
+    <refid>6734d6c82dc59</refid>
+    <descr>Web GUI TLS certificate</descr>
+    <caref/>
+    <crt>LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUhIakNDQlFhZ0F3SUJBZ0lVZkNETXpFclQ4dlVoenJaTVJta3JiT3dnSUdNd0RRWUpLb1pJaHZjTkFRRUwKQlFBd2dZa3hIVEFiQmdOVkJBTU1GRTlRVG5ObGJuTmxMbXh2WTJGc1pHOXRZV2x1TVFzd0NRWURWUVFHRXdKTwpUREVWTUJNR0ExVUVDQXdNV25WcFpDMUliMnhzWVc1a01SVXdFd1lEVlFRSERBeE5hV1JrWld4b1lYSnVhWE14CkxUQXJCZ05WQkFvTUpFOVFUbk5sYm5ObElITmxiR1l0YzJsbmJtVmtJSGRsWWlCalpYSjBhV1pwWTJGMFpUQWUKRncweU5ERXhNVE14TmpReE5EVmFGdzB5TlRFeU1UVXhOalF4TkRWYU1JR0pNUjB3R3dZRFZRUUREQlJQVUU1egpaVzV6WlM1c2IyTmhiR1J2YldGcGJqRUxNQWtHQTFVRUJoTUNUa3d4RlRBVEJnTlZCQWdNREZwMWFXUXRTRzlzCmJHRnVaREVWTUJNR0ExVUVCd3dNVFdsa1pHVnNhR0Z5Ym1sek1TMHdLd1lEVlFRS0RDUlBVRTV6Wlc1elpTQnoKWld4bUxYTnBaMjVsWkNCM1pXSWdZMlZ5ZEdsbWFXTmhkR1V3Z2dJaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQwpEd0F3Z2dJS0FvSUNBUURMc0xEbjRta1R4RXJYdHdqTXoxencyeHJhNTZ5bTYrYzlRNEM3UjMyMzVuWjVPM1ovCnczL2tNV2Y5L25GbGpnMkFXWERJSmNXZjk0NFJFblFMdmlha2NNTHR1Qm1KTVRYZnVQWnhsSWE4Wlc0S0ZuT20KVFM0WXFCVzhHQkpJd0xtQ2kxb2RoWXhmUEQ2TFdEZnZYMm1tWEIrUFNxL0l4WEhOSjdxZVB4YzVuSzUyMW1uNQpuQ0FtZFBDY2JmdmdXdUM2TnhWbXpkeXpta1QvNnVqRUJFYTZ6RkQyUUtDN1N6a2ptZUNpd2VDQjc5NjZqeEV5ClFrVlFqYlQ5MFlyeENvdE8rbTJIQU5QZHNjT3FvNldXMEhmSlNpa2k4K2NDWHlzbGRFSzFZbmxueTNFWlVqTEwKVmplRS9XQVU0Q1BZUmhYVFVGVTIxZFV2azNvYUVpeldVdmhKc1FHYnh2aFRUQlN3aVliOUQ3Ymx1MWl4UzJxNwo3Mzk5VWdRN3FTNUFhOElHbXA4NUNoUUlBWUVjSTd6RGVWTGtrOGpkWkFCaTdGbDl0M05OQTU3WlVZVzErWE45CitUZ3ljMTlTbGoxVW1RdkRvekxCQzk5TVJpLzREQTIxRFpIODY3ekFYenFqZWUrckorQkZvNzVEQjlqd2tMTmUKUGVpemxRenRIWmpSU0tnaWdSNU9KSmtSVHIvNjduaTBtbzVITGNkU3hBSDFmdXdXS0hWS2RHQlQrNjhhYkUrZwprUSsrVDhMenVhK1FtakxOUVFqMVJCSFYzSzVQL3dvbXJKZG02d1ZLbm85RXlNait4azFwS05wb0F4UnR1WllmCkNEVVVQWjR1cEJtbzBLN3dGNHdtV3VXYSttVndlb1ZTcDRXMEhOWVJGU1pyWWxrc1AzdWViSHcva1FJREFRQUIKbzRJQmVqQ0NBWFl3Q1FZRFZSMFRCQUl3QURBUkJnbGdoa2dCaHZoQ0FRRUVCQU1DQmtBd05BWUpZSVpJQVliNApRZ0VOQkNjV0pVOVFUbk5sYm5ObElFZGxibVZ5WVhSbFpDQlRaWEoyWlhJZ1EyVnlkR2xtYVdOaGRHVXdIUVlEClZSME9CQllFRktidDd0QkRKN1daV1lMblQ5cEhTMklPdTg1TU1JR3pCZ05WSFNNRWdhc3dnYWloZ1kra2dZd3cKZ1lreEhUQWJCZ05WQkFNTUZFOVFUbk5sYm5ObExteHZZMkZzWkc5dFlXbHVNUXN3Q1FZRFZRUUdFd0pPVERFVgpNQk1HQTFVRUNBd01XblZwWkMxSWIyeHNZVzVrTVJVd0V3WURWUVFIREF4TmFXUmtaV3hvWVhKdWFYTXhMVEFyCkJnTlZCQW9NSkU5UVRuTmxibk5sSUhObGJHWXRjMmxuYm1Wa0lIZGxZaUJqWlhKMGFXWnBZMkYwWllJVWZDRE0KekVyVDh2VWh6clpNUm1rcmJPd2dJR013SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQ0FJQwpNQXNHQTFVZER3UUVBd0lGb0RBZkJnTlZIUkVFR0RBV2doUlBVRTV6Wlc1elpTNXNiMk5oYkdSdmJXRnBiakFOCkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQWNQbmllQ29FSmRjV25CVHdqRmE3bjZqTFMrZ1pUYUk2ZjAzWktQMFYKQ0pSaDUxWTNwb2dpcnJYcVNHQ1VGTVNHbGpsQ21mU2VhdW9GWFYwanZLejhnMGZ1NU9kYlhjd2FrZFBZSXgydQpVT0dMbllTaEdCNlpoMmhpWWdSVGFpemJoTVliQitzQkV4QU1CdHZRZElSZ3dBWkRNWE9jY0MwZnJaMFhRRlRFCnQ3by82VGYvZEprdnB0cmRYWW1INnFUWlA2MGxyTnlabVloTjc1NEluOFZLRVVSRWNZamg1ejlJanA1NTE1cU0Kb0VrSGNKbTBDNkh2VStETG1ybFpFYkV4bnVOMFQzWTBNZ0hiVFVhU2Y1L2FKVmlIM0dOMnMzbG1ZM0VXTS9Vcwo3azFyc2JTa2orZzJvQXlTcjU0Nlc4RkdaMjliZFlOYk1EaTQ4aXVRQWlzRlQrTGZXN3Y3RVl3WGJ3NUhSVkpNCjV2MlhnenJwN2Yxa08zckEzeXUyS1VSSktHdjJ1ZXhNSythb1VOZXhRT3ludmZGUTBCemRHQ1dlcmVvZTZ3bDMKbHc4Z2dCWDI1VGIxbzR3d1UzNXdtUUIrMC9rbjB0SXoveVBhY2JzbDAwZ0dJNFhTbWpRQmF0MUZYRHFEME1JMgp4S0RqMXZ2dkNTVnRKc09ESG95eDhLc3ptbno5UVFoV0ZNeC9LTXp1clh0OWtsWFRJc0t3d2NXMytZQWtQMzNaClgvOGJnZS8zK2RibTdNN3BndmFBNVFlU3VTbkwzNjdLT1g1NlNZNGFZWHhkc1haVDc0ZGxVRU1jbG9NU0NIOG4KR25QWlpyWTNHdnZaU2ovQWdqT2lDNHNBL2JSSmh4cCtUQndlRFByR0pFUEJFVW9sZEZHVXdraFJXMVVuRlc2YwpyTGM9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K</crt>
+    <csr/>
+    <prv>LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUpRZ0lCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQ1N3d2dna29BZ0VBQW9JQ0FRRExzTERuNG1rVHhFclgKdHdqTXoxencyeHJhNTZ5bTYrYzlRNEM3UjMyMzVuWjVPM1ovdzMva01XZjkvbkZsamcyQVdYRElKY1dmOTQ0UgpFblFMdmlha2NNTHR1Qm1KTVRYZnVQWnhsSWE4Wlc0S0ZuT21UUzRZcUJXOEdCSkl3TG1DaTFvZGhZeGZQRDZMCldEZnZYMm1tWEIrUFNxL0l4WEhOSjdxZVB4YzVuSzUyMW1uNW5DQW1kUENjYmZ2Z1d1QzZOeFZtemR5em1rVC8KNnVqRUJFYTZ6RkQyUUtDN1N6a2ptZUNpd2VDQjc5NjZqeEV5UWtWUWpiVDkwWXJ4Q290TyttMkhBTlBkc2NPcQpvNldXMEhmSlNpa2k4K2NDWHlzbGRFSzFZbmxueTNFWlVqTExWamVFL1dBVTRDUFlSaFhUVUZVMjFkVXZrM29hCkVpeldVdmhKc1FHYnh2aFRUQlN3aVliOUQ3Ymx1MWl4UzJxNzczOTlVZ1E3cVM1QWE4SUdtcDg1Q2hRSUFZRWMKSTd6RGVWTGtrOGpkWkFCaTdGbDl0M05OQTU3WlVZVzErWE45K1RneWMxOVNsajFVbVF2RG96TEJDOTlNUmkvNApEQTIxRFpIODY3ekFYenFqZWUrckorQkZvNzVEQjlqd2tMTmVQZWl6bFF6dEhaalJTS2dpZ1I1T0pKa1JUci82CjduaTBtbzVITGNkU3hBSDFmdXdXS0hWS2RHQlQrNjhhYkUrZ2tRKytUOEx6dWErUW1qTE5RUWoxUkJIVjNLNVAKL3dvbXJKZG02d1ZLbm85RXlNait4azFwS05wb0F4UnR1WllmQ0RVVVBaNHVwQm1vMEs3d0Y0d21XdVdhK21Wdwplb1ZTcDRXMEhOWVJGU1pyWWxrc1AzdWViSHcva1FJREFRQUJBb0lDQUFzc3hPL2IzSTd3a0hpWU9wdmQ3b2ZxClJXVm9HM0ZHOVBkSCtrcU1DQW9zVXlpZ2lnWkZhQUZSY3BhZFBJUnBVRFZQOHQrUUx2RHhTSEtJVkNTR3lLRHgKN01mVTkxV3ZCUGtpc1NhWEV2TklEMHJ2WTJYbXl4WWdOcDBNcHdnbHhxZXlWSDNWSTFmZ09zQXpWVkpGSmtzeAp0NnVKV2U2R1lwRnlVZ3MzZytNdHhPYVJLZHcvWkFZb0dVRkR5WE5NR1JNdVRYYkg2WWxTOStFZ2RxZTJZbGtDCk41amkvODUydUlwSytXZUVnbmd1ZkVZNDdpVVhQSzFJTVB0UjRURUxOb3hkTWVBYnZBUG9La2QwMWZOWnVaQ3EKQ0dxNS9kMEQ4cDZKNjlUK3M1RnR1R1UrdkxtcUg3NmtsZjVmTTZnOFpCc2xSNStNQ0xlay9DaHRBZGU2VXBQRApXQ2EwazU3dmdneUdQdGVlVXY2RVJBMEp6SjlJd2VHZGdVWHhNdW5LK3ZSNWYydWJKWFJoMVJpNTNFSTNvVUxYClFvWm9hOTY3VzNUajQ3UzR2RlQyK2dLb0g2OXlNckdVNVkwcjJrSTFXMVVhWEJ1aVVrMi94amdyWVdTblUzUUQKZkM3ZXllTlNlN3c4UW9MMVBEYXJwVXdaK2xGZ0w3NFVScldLQU12WVhxa3NTMHVtb0tTSWo4cjZMM0hVSUVaUgpZRzhBTU91dFhrQk5lMkNpTXRKM2NYUXNIOWloQU9QL3AvaE9BTTBGNkM3Ymt1Vm85d1pRdDVESWxRWUl4TlArClFRZ2doRnhBNTlTWmpwRk00QkN5L0hEOENJY3VuSURZOVNlbXNSYXdyUVY1eGk1akFScVdOYTdBSVMvVlArdUUKQkpmS0dDNFlZVmxqS1VLeEgxVUJBb0lCQVFEcnZOWXNrd3ZhQ2Z6MlcvbkIrRjNjVE1RbjM2RENSYnZwQ0s1dApldm96TjJGbjBJdWFnN2RrYzN2NTFxTVNEd0h1cVNkVTRHUHZMcm83alpJaFNEZ1AwLzBLWmc0VmxtZE5HbEovCk1lcXhmOGRkOFdTQjZiUksrK2FRcEhaeDd2SUFTWkE4eHkvZ3F2NGJpSmlqVDhUQ2lSeXdYSTQ0ZlRYM0xLZTIKVG1Uc29XNk9yQmErSWJRYjBpTEh4WE4rZ3JDM0cxWWxIUlNvTEpKUkU0eFVLMGsvM1JLNU16RjRIYUNZb1BWOQpDOFpQellMR253SE9ERU8zbHRtSGJvQUNFa0VrT2dFV3U4RFo2YlYrMXJBcVh6WnN0L3hNZnJ5KzlMRVdYQUwvCkRnOEdkall0YzdyUTFZd1BIY1h6cFo2clVIdXh2K0p6VEE1ZzNCS1p6aWhwNFdHaEFvSUJBUURkTXE3N0dRWGMKYW5hYlMxanlFT3VzNFp5ZlJ4cW10NEVFaHZjY0dRVVVrV0IrWk11bnpyaENxb3ZwQ1dhVU9zWVhuNG45Y3BQSAo3bm1mOUJHbFI4NVhCVHNLM2d4bE5NMUhjSGFTNXZSem9WQVBNd3o2VVV0ZFNLWXRLR0Q3Wkxmbm9ISXN1SlEzCnJ6WWIyTFhpVmx6MWlNNUVmT0VrL1J5UjBwMGtleXVwa0F0OXBRV0hzaURYb0pibDE2d1ZLc2NDNGUzNjdRRWsKcFdoeXcyS3A4bXdtOGxqQllxZWtHdUREeGVZSDMzMVlGa2FMUEJCT2xPQnlveFlOUDdBVVREUlV3KzB1T01jNwozb0N1VE9jWnAxVWMwQURBOXRTRVRINklWdlFEUXZlYzR6MWRTVGRmUEkxRzVUTCt4Mzlvam5OcGVoYng0bEwvCmRxTTBmcFlPL2ZmeEFvSUJBRmwzOU8wNzdjNlY1ZHoyY1djTnhVbThGT0p4UEVrZlFEOGtYVmNOeW5HdnZoY3gKamhwWmpUdmhuSmJvd0VFMVV1MXFZNVFTQ2J1WVIzUWN1ZTVKdzRVMlZwNGd0NDIzNUlMZHo1dVlyVk1xaE5jQgpxN3ltbnhlcVhRcGVjTm15NzBQdXA0QjV0SkVYTkpQc2xzbThsNWVoaERMbkhjOFFybStlRWhUZDBlNEJJcjJoClVJeGVyRVcyemg1MXNPeTkyeVhUaVRGU3hTbENxVkYrRXM5TEVtVGJtYVNTYWw4RkY1TjEyMVhYSnkvWWRwNjkKY0dqc1BMTXIzR2xMSmVnalYzZlJUK0o1NWFxT3lhUlhCTXRBRVo3WGdUampETzJJWHNGMnNHaHV4SU1XVUYrVgp3YnhLbi9xSXVUMU1pVmpKbGZpVE0vWEFVdUN1QlowOEloaDFRcUVDZ2dFQUZwdzJySzRMSGxPM21mb2l0bU9xClkzcVFVdXVtdXNIcEt6aE1qQSsycURxUC9YdDZJY1lNcWF2YkwwL3ByMTh1bm4yTlVsM2k0ejNxS3NKOUIwTUcKd1hoa1o2RDQ3V052VkUwWG9iNS80RTN0N0EvUTFNbDRoYW1HYXZsRXFJM01DcDRvN1k5VWZ6aW10RVA3bTQ0dQpaRjYranR1ZysvSHZlS3hwcWEvNWI1U3N5QVFWUTZDZW9Ndm1nTW9CNmd2OFdid1VZbURWakJSb1Q4clBEQVllCnJnQjV1QkxJaGdyRlROMnV2TUZJZzdlTE1ISk1UR3dGWVZKd1Q1eGgrRUV0M0RoR3gwSEFnOHNqcGkxd05md1gKeENFeTRvYVloSWw1S2FDUndyK1dwZS9JZHYrajdGVTVMN1QvK0hFV0FlOEZ0eE5td3dUYWJRaUllRFkwU29ZRgpVUUtDQVFFQXRiclZqbTFsaDQ1REhIWnVsem4xNllIQzJrMUYwWG9FZFVSQ3o0QTFsMHBEK3ljL2srdmJ0Qmg0Cm1RRDV1a3FicHFFZy9GNUhDZmdOaHlieHNNdVV6NzFaU24zN2dwczNDWUdiUyt4RkhjZTJBakNTbUlYQWIxQjgKR0Z2WnV4UlB5QXU0YVBvT1J3RzM3NVBOM0VNNk83bzdxbjlYeExTZWRIMHExM2U0YkhYYm4rc2xOa1RIM2xmcwpLVnBOUUhVSUNDSW5vQ0llV1dwdnAwQnFoYjlKclRsbXd2c25zOHpZVDNiY3F5QXZHZGRnNUs3Y0MwRVJaem9ECnFJTkI3S05FVjQ1NmF0eDZVT3VYUlpKREMvaHNJUTZNaVBveUJacHRsK1ZIMEtQbEFIWGExb0FXZmNuL0U3MFYKK0RaeVBiMWxkQUdpb1hqditGd2h5VzZlWEVrQlBnPT0KLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo=</prv>
+  </cert>
+  <syslog/>
+</opnsense>
diff --git a/harmony-rs/opnsense-config/src/tests/data/config-vm-test_cheat_descr.xml b/harmony-rs/opnsense-config/src/tests/data/config-vm-test_cheat_descr.xml
new file mode 100644
index 0000000..4f1442a
--- /dev/null
+++ b/harmony-rs/opnsense-config/src/tests/data/config-vm-test_cheat_descr.xml
@@ -0,0 +1,987 @@
+<?xml version="1.0"?>
+<opnsense>
+  <theme>opnsense</theme>
+  <sysctl>
+    <item>
+      <descr>Increase UFS read-ahead speeds to match the state of hard drives and NCQ.</descr>
+      <tunable>vfs.read_max</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Set the ephemeral port range to be lower.</descr>
+      <tunable>net.inet.ip.portrange.first</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Drop packets to closed TCP ports without returning a RST</descr>
+      <tunable>net.inet.tcp.blackhole</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Do not send ICMP port unreachable messages for closed UDP ports</descr>
+      <tunable>net.inet.udp.blackhole</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Randomize the ID field in IP packets</descr>
+      <tunable>net.inet.ip.random_id</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Source routing is another way for an attacker to try to reach non-routable addresses behind your box.
+        It can also be used to probe for information about your internal networks. These functions come enabled
+        as part of the standard FreeBSD core system.</descr>
+      <tunable>net.inet.ip.sourceroute</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Source routing is another way for an attacker to try to reach non-routable addresses behind your box.
+        It can also be used to probe for information about your internal networks. These functions come enabled
+        as part of the standard FreeBSD core system.</descr>
+      <tunable>net.inet.ip.accept_sourceroute</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>This option turns off the logging of redirect packets because there is no limit and this could fill
+        up your logs consuming your whole hard drive.</descr>
+      <tunable>net.inet.icmp.log_redirect</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Drop SYN-FIN packets (breaks RFC1379, but nobody uses it anyway)</descr>
+      <tunable>net.inet.tcp.drop_synfin</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Enable sending IPv6 redirects</descr>
+      <tunable>net.inet6.ip6.redirect</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Enable privacy settings for IPv6 (RFC 4941)</descr>
+      <tunable>net.inet6.ip6.use_tempaddr</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Prefer privacy addresses and use them over the normal addresses</descr>
+      <tunable>net.inet6.ip6.prefer_tempaddr</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Generate SYN cookies for outbound SYN-ACK packets</descr>
+      <tunable>net.inet.tcp.syncookies</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Maximum incoming/outgoing TCP datagram size (receive)</descr>
+      <tunable>net.inet.tcp.recvspace</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Maximum incoming/outgoing TCP datagram size (send)</descr>
+      <tunable>net.inet.tcp.sendspace</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Do not delay ACK to try and piggyback it onto a data packet</descr>
+      <tunable>net.inet.tcp.delayed_ack</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Maximum outgoing UDP datagram size</descr>
+      <tunable>net.inet.udp.maxdgram</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Handling of non-IP packets which are not passed to pfil (see if_bridge(4))</descr>
+      <tunable>net.link.bridge.pfil_onlyip</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Set to 1 to additionally filter on the physical interface for locally destined packets</descr>
+      <tunable>net.link.bridge.pfil_local_phys</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Set to 0 to disable filtering on the incoming and outgoing member interfaces.</descr>
+      <tunable>net.link.bridge.pfil_member</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Set to 1 to enable filtering on the bridge interface</descr>
+      <tunable>net.link.bridge.pfil_bridge</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Allow unprivileged access to tap(4) device nodes</descr>
+      <tunable>net.link.tap.user_open</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Randomize PID's (see src/sys/kern/kern_fork.c: sysctl_kern_randompid())</descr>
+      <tunable>kern.randompid</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Disable CTRL+ALT+Delete reboot from keyboard.</descr>
+      <tunable>hw.syscons.kbd_reboot</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Enable TCP extended debugging</descr>
+      <tunable>net.inet.tcp.log_debug</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Set ICMP Limits</descr>
+      <tunable>net.inet.icmp.icmplim</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>TCP Offload Engine</descr>
+      <tunable>net.inet.tcp.tso</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>UDP Checksums</descr>
+      <tunable>net.inet.udp.checksum</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Maximum socket buffer size</descr>
+      <tunable>kern.ipc.maxsockbuf</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Page Table Isolation (Meltdown mitigation, requires reboot.)</descr>
+      <tunable>vm.pmap.pti</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Disable Indirect Branch Restricted Speculation (Spectre V2 mitigation)</descr>
+      <tunable>hw.ibrs_disable</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Hide processes running as other groups</descr>
+      <tunable>security.bsd.see_other_gids</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Hide processes running as other users</descr>
+      <tunable>security.bsd.see_other_uids</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Enable/disable sending of ICMP redirects in response to IP packets for which a better,
+        and for the sender directly reachable, route and next hop is known.</descr>
+      <tunable>net.inet.ip.redirect</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Maximum outgoing UDP datagram size</descr>
+      <tunable>net.local.dgram.maxdgram</tunable>
+      <value>default</value>
+    </item>
+  </sysctl>
+  <system>
+    <optimization>normal</optimization>
+    <hostname>OPNsense</hostname>
+    <domain>localdomain</domain>
+    <dnsallowoverride>1</dnsallowoverride>
+    <group>
+      <name>admins</name>
+      <description>System Administrators</description>
+      <scope>system</scope>
+      <gid>1999</gid>
+      <member>0</member>
+      <priv>page-all</priv>
+    </group>
+    <user>
+      <name>root</name>
+      <descr>System Administrator</descr>
+      <scope>system</scope>
+      <groupname>admins</groupname>
+      <password>$2y$10$YRVoF4SgskIsrXOvOQjGieB9XqHPRra9R7d80B3BZdbY/j21TwBfS</password>
+      <uid>0</uid>
+    </user>
+    <nextuid>2000</nextuid>
+    <nextgid>2000</nextgid>
+    <timezone>Etc/UTC</timezone>
+    <timeservers>0.opnsense.pool.ntp.org 1.opnsense.pool.ntp.org 2.opnsense.pool.ntp.org 3.opnsense.pool.ntp.org</timeservers>
+    <webgui>
+      <protocol>https</protocol>
+      <ssl-certref>6734d6c82dc59</ssl-certref>
+      <port/>
+      <ssl-ciphers/>
+      <interfaces/>
+      <compression/>
+    </webgui>
+    <disablenatreflection>yes</disablenatreflection>
+    <usevirtualterminal>1</usevirtualterminal>
+    <disableconsolemenu>1</disableconsolemenu>
+    <disablevlanhwfilter>1</disablevlanhwfilter>
+    <disablechecksumoffloading>1</disablechecksumoffloading>
+    <disablesegmentationoffloading>1</disablesegmentationoffloading>
+    <disablelargereceiveoffloading>1</disablelargereceiveoffloading>
+    <ipv6allow>1</ipv6allow>
+    <powerd_ac_mode>hadp</powerd_ac_mode>
+    <powerd_battery_mode>hadp</powerd_battery_mode>
+    <powerd_normal_mode>hadp</powerd_normal_mode>
+    <bogons>
+      <interval>monthly</interval>
+    </bogons>
+    <pf_share_forward>1</pf_share_forward>
+    <lb_use_sticky>1</lb_use_sticky>
+    <ssh>
+      <group>admins</group>
+      <noauto>1</noauto>
+      <interfaces/>
+      <kex/>
+      <ciphers/>
+      <macs/>
+      <keys/>
+      <keysig/>
+      <enabled>enabled</enabled>
+      <passwordauth>1</passwordauth>
+      <permitrootlogin>1</permitrootlogin>
+    </ssh>
+    <rrdbackup>-1</rrdbackup>
+    <netflowbackup>-1</netflowbackup>
+    <firmware version="1.0.1">
+      <mirror/>
+      <flavour/>
+      <plugins/>
+      <type/>
+      <subscription/>
+      <reboot/>
+    </firmware>
+    <dnsserver>192.168.5.1</dnsserver>
+    <language>en_US</language>
+    <serialspeed>115200</serialspeed>
+    <primaryconsole>video</primaryconsole>
+    <secondaryconsole>serial</secondaryconsole>
+  </system>
+  <interfaces>
+    <lan>
+      <enable>1</enable>
+      <if>le1</if>
+      <ipaddr>10.100.8.1</ipaddr>
+      <subnet>24</subnet>
+      <ipaddrv6>track6</ipaddrv6>
+      <subnetv6>64</subnetv6>
+      <media/>
+      <mediaopt/>
+      <track6-interface>wan</track6-interface>
+      <track6-prefix-id>0</track6-prefix-id>
+    </lan>
+    <lo0>
+      <internal_dynamic>1</internal_dynamic>
+      <descr>Loopback</descr>
+      <enable>1</enable>
+      <if>lo0</if>
+      <ipaddr>127.0.0.1</ipaddr>
+      <ipaddrv6>::1</ipaddrv6>
+      <subnet>8</subnet>
+      <subnetv6>128</subnetv6>
+      <type>none</type>
+      <virtual>1</virtual>
+    </lo0>
+    <wan>
+      <if>le0</if>
+      <descr/>
+      <enable>1</enable>
+      <spoofmac/>
+      <ipaddr>dhcp</ipaddr>
+      <dhcphostname/>
+      <alias-address/>
+      <alias-subnet>32</alias-subnet>
+      <dhcprejectfrom/>
+      <adv_dhcp_pt_timeout/>
+      <adv_dhcp_pt_retry/>
+      <adv_dhcp_pt_select_timeout/>
+      <adv_dhcp_pt_reboot/>
+      <adv_dhcp_pt_backoff_cutoff/>
+      <adv_dhcp_pt_initial_interval/>
+      <adv_dhcp_pt_values>SavedCfg</adv_dhcp_pt_values>
+      <adv_dhcp_send_options/>
+      <adv_dhcp_request_options/>
+      <adv_dhcp_required_options/>
+      <adv_dhcp_option_modifiers/>
+      <adv_dhcp_config_advanced/>
+      <adv_dhcp_config_file_override/>
+      <adv_dhcp_config_file_override_path/>
+    </wan>
+  </interfaces>
+  <dhcpd>
+    <lan>
+      <enable/>
+      <range>
+        <from>10.100.8.10</from>
+        <to>10.100.8.245</to>
+      </range>
+      <staticmap>
+        <mac>d8:5e:d3:e7:2c:8c</mac>
+        <ipaddr>10.100.8.15</ipaddr>
+        <hostname>rtx4090</hostname>
+        <winsserver/>
+        <dnsserver/>
+        <ntpserver/>
+      </staticmap>
+    </lan>
+  </dhcpd>
+  <snmpd>
+    <syslocation/>
+    <syscontact/>
+    <rocommunity>public</rocommunity>
+  </snmpd>
+  <nat>
+    <outbound>
+      <mode>automatic</mode>
+    </outbound>
+  </nat>
+  <filter>
+    <rule uuid="f79eded0-3c11-4f57-9aaa-55d4888589fa">
+      <type>pass</type>
+      <interface>wan</interface>
+      <ipprotocol>inet</ipprotocol>
+      <statetype>keep state</statetype>
+      <direction>in</direction>
+      <quick>1</quick>
+      <protocol>tcp</protocol>
+      <source>
+        <any>1</any>
+      </source>
+      <destination>
+        <network>wanip</network>
+        <port>80</port>
+      </destination>
+      <updated>
+        <username>root@192.168.5.204</username>
+        <time>1731518072.7612</time>
+        <description>/firewall_rules_edit.php made changes</description>
+      </updated>
+      <created>
+        <username>root@192.168.5.204</username>
+        <time>1731518072.7612</time>
+        <description>/firewall_rules_edit.php made changes</description>
+      </created>
+    </rule>
+    <rule uuid="4a5e7b65-0d7f-4452-8a29-2ec61a47ec19">
+      <type>pass</type>
+      <interface>wan</interface>
+      <ipprotocol>inet</ipprotocol>
+      <statetype>keep state</statetype>
+      <direction>in</direction>
+      <quick>1</quick>
+      <protocol>tcp</protocol>
+      <source>
+        <any>1</any>
+      </source>
+      <destination>
+        <network>wanip</network>
+        <port>443</port>
+      </destination>
+      <updated>
+        <username>root@192.168.5.204</username>
+        <time>1731518084.0639</time>
+        <description>/firewall_rules_edit.php made changes</description>
+      </updated>
+      <created>
+        <username>root@192.168.5.204</username>
+        <time>1731518084.0639</time>
+        <description>/firewall_rules_edit.php made changes</description>
+      </created>
+    </rule>
+    <rule uuid="0465308d-8605-466c-bcb4-95eeb989251a">
+      <type>pass</type>
+      <interface>wan</interface>
+      <ipprotocol>inet</ipprotocol>
+      <statetype>keep state</statetype>
+      <direction>in</direction>
+      <quick>1</quick>
+      <protocol>tcp/udp</protocol>
+      <source>
+        <any>1</any>
+      </source>
+      <destination>
+        <any>1</any>
+        <port>22</port>
+      </destination>
+      <updated>
+        <username>root@192.168.5.204</username>
+        <time>1731518114.2801</time>
+        <description>/firewall_rules_edit.php made changes</description>
+      </updated>
+      <created>
+        <username>root@192.168.5.204</username>
+        <time>1731518114.2801</time>
+        <description>/firewall_rules_edit.php made changes</description>
+      </created>
+    </rule>
+    <rule uuid="2df05591-13e7-4d91-a1b8-d25e338ada5f">
+      <type>pass</type>
+      <interface>wan</interface>
+      <ipprotocol>inet</ipprotocol>
+      <statetype>keep state</statetype>
+      <descr>Allow ping</descr>
+      <direction>in</direction>
+      <quick>1</quick>
+      <protocol>icmp</protocol>
+      <source>
+        <any>1</any>
+      </source>
+      <destination>
+        <network>(self)</network>
+      </destination>
+      <updated>
+        <username>root@192.168.5.204</username>
+        <time>1731518356.7559</time>
+        <description>/firewall_rules_edit.php made changes</description>
+      </updated>
+      <created>
+        <username>root@192.168.5.204</username>
+        <time>1731518311.7033</time>
+        <description>/firewall_rules_edit.php made changes</description>
+      </created>
+    </rule>
+    <rule uuid="f2ee612c-c290-4445-8045-df82a86db0e5">
+      <type>pass</type>
+      <ipprotocol>inet</ipprotocol>
+      <descr>Default allow LAN to any rule</descr>
+      <interface>lan</interface>
+      <source>
+        <network>lan</network>
+      </source>
+      <destination>
+        <any/>
+      </destination>
+    </rule>
+    <rule uuid="b21f808a-6a4a-4cd6-9a83-1660cc8ea58b">
+      <type>pass</type>
+      <ipprotocol>inet6</ipprotocol>
+      <descr>Default allow LAN IPv6 to any rule</descr>
+      <interface>lan</interface>
+      <source>
+        <network>lan</network>
+      </source>
+      <destination>
+        <any/>
+      </destination>
+    </rule>
+  </filter>
+  <rrd>
+    <enable/>
+  </rrd>
+  <ntpd>
+    <prefer>0.opnsense.pool.ntp.org</prefer>
+  </ntpd>
+  <widgets>
+    <sequence>system_information-container:00000000-col3:show,services_status-container:00000001-col4:show,gateways-container:00000002-col4:show,interface_list-container:00000003-col4:show</sequence>
+    <column_count>2</column_count>
+  </widgets>
+  <revision>
+    <username>root@192.168.5.204</username>
+    <time>1731534516.7156</time>
+    <description>/interfaces.php made changes</description>
+  </revision>
+  <OPNsense>
+    <DHCRelay version="1.0.1"/>
+    <wireguard>
+      <client version="1.0.0">
+        <clients/>
+      </client>
+      <general version="0.0.1">
+        <enabled>0</enabled>
+      </general>
+      <server version="1.0.0">
+        <servers/>
+      </server>
+    </wireguard>
+    <IPsec version="1.0.1">
+      <general>
+        <enabled/>
+      </general>
+      <keyPairs/>
+      <preSharedKeys/>
+    </IPsec>
+    <Swanctl version="1.0.0">
+      <Connections/>
+      <locals/>
+      <remotes/>
+      <children/>
+      <Pools/>
+      <VTIs/>
+      <SPDs/>
+    </Swanctl>
+    <OpenVPNExport version="0.0.1">
+      <servers/>
+    </OpenVPNExport>
+    <OpenVPN version="1.0.0">
+      <Overwrites/>
+      <Instances/>
+      <StaticKeys/>
+    </OpenVPN>
+    <captiveportal version="1.0.2">
+      <zones/>
+      <templates/>
+    </captiveportal>
+    <cron version="1.0.4">
+      <jobs/>
+    </cron>
+    <Firewall>
+      <Lvtemplate version="0.0.1">
+        <templates/>
+      </Lvtemplate>
+      <Alias version="1.0.1">
+        <geoip>
+          <url/>
+        </geoip>
+        <aliases/>
+      </Alias>
+      <Category version="1.0.0">
+        <categories/>
+      </Category>
+      <Filter version="1.0.4">
+        <rules/>
+        <snatrules/>
+        <npt/>
+        <onetoone/>
+      </Filter>
+    </Firewall>
+    <Netflow version="1.0.1">
+      <capture>
+        <interfaces/>
+        <egress_only/>
+        <version>v9</version>
+        <targets/>
+      </capture>
+      <collect>
+        <enable>0</enable>
+      </collect>
+      <activeTimeout>1800</activeTimeout>
+      <inactiveTimeout>15</inactiveTimeout>
+    </Netflow>
+    <IDS version="1.0.9">
+      <rules/>
+      <policies/>
+      <userDefinedRules/>
+      <files/>
+      <fileTags/>
+      <general>
+        <enabled>0</enabled>
+        <ips>0</ips>
+        <promisc>0</promisc>
+        <interfaces>wan</interfaces>
+        <homenet>192.168.0.0/16,10.0.0.0/8,172.16.0.0/12</homenet>
+        <defaultPacketSize/>
+        <UpdateCron/>
+        <AlertLogrotate>W0D23</AlertLogrotate>
+        <AlertSaveLogs>4</AlertSaveLogs>
+        <MPMAlgo/>
+        <detect>
+          <Profile/>
+          <toclient_groups/>
+          <toserver_groups/>
+        </detect>
+        <syslog>0</syslog>
+        <syslog_eve>0</syslog_eve>
+        <LogPayload>0</LogPayload>
+        <verbosity/>
+      </general>
+    </IDS>
+    <Interfaces>
+      <loopbacks version="1.0.0"/>
+      <neighbors version="1.0.0"/>
+      <vxlans version="1.0.2"/>
+    </Interfaces>
+    <Kea>
+      <ctrl_agent version="0.0.1">
+        <general>
+          <enabled>0</enabled>
+          <http_host>127.0.0.1</http_host>
+          <http_port>8000</http_port>
+        </general>
+      </ctrl_agent>
+      <dhcp4 version="1.0.0">
+        <general>
+          <enabled>0</enabled>
+          <interfaces/>
+          <valid_lifetime>4000</valid_lifetime>
+          <fwrules>1</fwrules>
+        </general>
+        <ha>
+          <enabled>0</enabled>
+          <this_server_name/>
+        </ha>
+        <subnets/>
+        <reservations/>
+        <ha_peers/>
+      </dhcp4>
+    </Kea>
+    <monit version="1.0.13">
+      <general>
+        <enabled>0</enabled>
+        <interval>120</interval>
+        <startdelay>120</startdelay>
+        <mailserver>127.0.0.1</mailserver>
+        <port>25</port>
+        <username/>
+        <password/>
+        <ssl>0</ssl>
+        <sslversion>auto</sslversion>
+        <sslverify>1</sslverify>
+        <logfile/>
+        <statefile/>
+        <eventqueuePath/>
+        <eventqueueSlots/>
+        <httpdEnabled>0</httpdEnabled>
+        <httpdUsername>root</httpdUsername>
+        <httpdPassword/>
+        <httpdPort>2812</httpdPort>
+        <httpdAllow/>
+        <mmonitUrl/>
+        <mmonitTimeout>5</mmonitTimeout>
+        <mmonitRegisterCredentials>1</mmonitRegisterCredentials>
+      </general>
+      <alert uuid="15f1e9ca-5dd5-4b20-b595-b6b4f82245d0">
+        <enabled>0</enabled>
+        <recipient>root@localhost.local</recipient>
+        <noton>0</noton>
+        <events/>
+        <format/>
+        <reminder/>
+        <description/>
+      </alert>
+      <service uuid="c1e99556-91f5-4dbf-81d7-7915a3213de9">
+        <enabled>1</enabled>
+        <name>$HOST</name>
+        <description/>
+        <type>system</type>
+        <pidfile/>
+        <match/>
+        <path/>
+        <timeout>300</timeout>
+        <starttimeout>30</starttimeout>
+        <address/>
+        <interface/>
+        <start/>
+        <stop/>
+        <tests>91b4e409-211b-49d5-9fa3-dc9054106646,cbe9cb72-e8c2-4740-990c-abcc486b0654,c0708923-88de-4178-abdd-819737440ce0,e887125d-c5d2-45e6-b40d-2c400d5449d1</tests>
+        <depends/>
+        <polltime/>
+      </service>
+      <service uuid="7513f341-7d21-4f11-903f-30d07b3aa41e">
+        <enabled>1</enabled>
+        <name>RootFs</name>
+        <description/>
+        <type>filesystem</type>
+        <pidfile/>
+        <match/>
+        <path>/</path>
+        <timeout>300</timeout>
+        <starttimeout>30</starttimeout>
+        <address/>
+        <interface/>
+        <start/>
+        <stop/>
+        <tests>cc3684f2-701e-4de4-883d-803e08cf47b6</tests>
+        <depends/>
+        <polltime/>
+      </service>
+      <service uuid="f99ada79-ba1a-4ee1-81f1-ef570e8e5ea9">
+        <enabled>0</enabled>
+        <name>carp_status_change</name>
+        <description/>
+        <type>custom</type>
+        <pidfile/>
+        <match/>
+        <path>/usr/local/opnsense/scripts/OPNsense/Monit/carp_status</path>
+        <timeout>300</timeout>
+        <starttimeout>30</starttimeout>
+        <address/>
+        <interface/>
+        <start/>
+        <stop/>
+        <tests>f2d734cb-2a0e-4375-9460-11bdd5b20503</tests>
+        <depends/>
+        <polltime/>
+      </service>
+      <service uuid="dca8a81f-d389-4baa-b477-8b348194fd25">
+        <enabled>0</enabled>
+        <name>gateway_alert</name>
+        <description/>
+        <type>custom</type>
+        <pidfile/>
+        <match/>
+        <path>/usr/local/opnsense/scripts/OPNsense/Monit/gateway_alert</path>
+        <timeout>300</timeout>
+        <starttimeout>30</starttimeout>
+        <address/>
+        <interface/>
+        <start/>
+        <stop/>
+        <tests>865105a2-cbea-4a01-9979-c67818da9d99</tests>
+        <depends/>
+        <polltime/>
+      </service>
+      <test uuid="ea6b821c-4f30-455b-bd5b-23a6f0c20554">
+        <name>Ping</name>
+        <type>NetworkPing</type>
+        <condition>failed ping</condition>
+        <action>alert</action>
+        <path/>
+      </test>
+      <test uuid="16186b38-0e13-4cc3-ad18-ccc3fcc91837">
+        <name>NetworkLink</name>
+        <type>NetworkInterface</type>
+        <condition>failed link</condition>
+        <action>alert</action>
+        <path/>
+      </test>
+      <test uuid="69117d4d-8c41-4712-97c0-87b4fa7c9837">
+        <name>NetworkSaturation</name>
+        <type>NetworkInterface</type>
+        <condition>saturation is greater than 75%</condition>
+        <action>alert</action>
+        <path/>
+      </test>
+      <test uuid="91b4e409-211b-49d5-9fa3-dc9054106646">
+        <name>MemoryUsage</name>
+        <type>SystemResource</type>
+        <condition>memory usage is greater than 75%</condition>
+        <action>alert</action>
+        <path/>
+      </test>
+      <test uuid="cbe9cb72-e8c2-4740-990c-abcc486b0654">
+        <name>CPUUsage</name>
+        <type>SystemResource</type>
+        <condition>cpu usage is greater than 75%</condition>
+        <action>alert</action>
+        <path/>
+      </test>
+      <test uuid="c0708923-88de-4178-abdd-819737440ce0">
+        <name>LoadAvg1</name>
+        <type>SystemResource</type>
+        <condition>loadavg (1min) is greater than 4</condition>
+        <action>alert</action>
+        <path/>
+      </test>
+      <test uuid="e887125d-c5d2-45e6-b40d-2c400d5449d1">
+        <name>LoadAvg5</name>
+        <type>SystemResource</type>
+        <condition>loadavg (5min) is greater than 3</condition>
+        <action>alert</action>
+        <path/>
+      </test>
+      <test uuid="c34aab30-9194-4667-b516-004b9c90c1c0">
+        <name>LoadAvg15</name>
+        <type>SystemResource</type>
+        <condition>loadavg (15min) is greater than 2</condition>
+        <action>alert</action>
+        <path/>
+      </test>
+      <test uuid="cc3684f2-701e-4de4-883d-803e08cf47b6">
+        <name>SpaceUsage</name>
+        <type>SpaceUsage</type>
+        <condition>space usage is greater than 75%</condition>
+        <action>alert</action>
+        <path/>
+      </test>
+      <test uuid="f2d734cb-2a0e-4375-9460-11bdd5b20503">
+        <name>ChangedStatus</name>
+        <type>ProgramStatus</type>
+        <condition>changed status</condition>
+        <action>alert</action>
+        <path/>
+      </test>
+      <test uuid="865105a2-cbea-4a01-9979-c67818da9d99">
+        <name>NonZeroStatus</name>
+        <type>ProgramStatus</type>
+        <condition>status != 0</condition>
+        <action>alert</action>
+        <path/>
+      </test>
+    </monit>
+    <Gateways version="1.0.0">
+      <gateway_item uuid="a6ea102d-68bb-430f-af8b-269d52498fe1">
+        <disabled>0</disabled>
+        <name>WAN_GW</name>
+        <descr>Interface WAN Gateway</descr>
+        <interface>wan</interface>
+        <ipprotocol>inet</ipprotocol>
+        <gateway>172.17.0.1</gateway>
+        <defaultgw>1</defaultgw>
+        <fargw>0</fargw>
+        <monitor_disable>1</monitor_disable>
+        <monitor_noroute/>
+        <monitor/>
+        <force_down/>
+        <priority>255</priority>
+        <weight>1</weight>
+        <latencylow/>
+        <latencyhigh/>
+        <losslow/>
+        <losshigh/>
+        <interval/>
+        <time_period/>
+        <loss_interval/>
+        <data_length/>
+      </gateway_item>
+    </Gateways>
+    <Syslog version="1.0.2">
+      <general>
+        <enabled>1</enabled>
+        <loglocal>1</loglocal>
+        <maxpreserve>31</maxpreserve>
+        <maxfilesize/>
+      </general>
+      <destinations/>
+    </Syslog>
+    <TrafficShaper version="1.0.3">
+      <pipes/>
+      <queues/>
+      <rules/>
+    </TrafficShaper>
+    <unboundplus version="1.0.9">
+      <general>
+        <enabled>1</enabled>
+        <port>53</port>
+        <stats/>
+        <active_interface/>
+        <dns64/>
+        <dns64prefix/>
+        <noarecords/>
+        <regdhcp/>
+        <regdhcpdomain/>
+        <regdhcpstatic/>
+        <noreglladdr6/>
+        <noregrecords/>
+        <txtsupport/>
+        <cacheflush/>
+        <local_zone_type>transparent</local_zone_type>
+        <outgoing_interface/>
+        <enable_wpad/>
+      </general>
+      <advanced>
+        <hideidentity/>
+        <hideversion/>
+        <prefetch/>
+        <prefetchkey/>
+        <aggressivensec>1</aggressivensec>
+        <serveexpired/>
+        <serveexpiredreplyttl/>
+        <serveexpiredttl/>
+        <serveexpiredttlreset/>
+        <serveexpiredclienttimeout/>
+        <qnameminstrict/>
+        <extendedstatistics/>
+        <logqueries/>
+        <logreplies/>
+        <logtagqueryreply/>
+        <logservfail/>
+        <loglocalactions/>
+        <logverbosity>1</logverbosity>
+        <valloglevel>0</valloglevel>
+        <privatedomain/>
+        <privateaddress>0.0.0.0/8,10.0.0.0/8,100.64.0.0/10,169.254.0.0/16,172.16.0.0/12,192.0.2.0/24,192.168.0.0/16,198.18.0.0/15,198.51.100.0/24,203.0.113.0/24,233.252.0.0/24,::1/128,2001:db8::/32,fc00::/8,fd00::/8,fe80::/10</privateaddress>
+        <insecuredomain/>
+        <msgcachesize/>
+        <rrsetcachesize/>
+        <outgoingnumtcp/>
+        <incomingnumtcp/>
+        <numqueriesperthread/>
+        <outgoingrange/>
+        <jostletimeout/>
+        <cachemaxttl/>
+        <cachemaxnegativettl/>
+        <cacheminttl/>
+        <infrahostttl/>
+        <infrakeepprobing/>
+        <infracachenumhosts/>
+        <unwantedreplythreshold/>
+      </advanced>
+      <acls>
+        <default_action>allow</default_action>
+      </acls>
+      <dnsbl>
+        <enabled>0</enabled>
+        <safesearch/>
+        <type/>
+        <lists/>
+        <whitelists/>
+        <blocklists/>
+        <wildcards/>
+        <address/>
+        <nxdomain/>
+      </dnsbl>
+      <forwarding>
+        <enabled/>
+      </forwarding>
+      <dots/>
+      <hosts/>
+      <aliases/>
+      <domains/>
+    </unboundplus>
+  </OPNsense>
+  <hasync version="1.0.0">
+    <disablepreempt>0</disablepreempt>
+    <disconnectppps>0</disconnectppps>
+    <pfsyncenabled>0</pfsyncenabled>
+    <pfsyncinterface>lan</pfsyncinterface>
+    <pfsyncpeerip/>
+    <pfsyncversion>1400</pfsyncversion>
+    <synchronizetoip/>
+    <username/>
+    <password/>
+    <syncitems/>
+  </hasync>
+  <openvpn/>
+  <ifgroups version="1.0.0"/>
+  <gifs version="1.0.0">
+    <gif/>
+  </gifs>
+  <gres version="1.0.0">
+    <gre/>
+  </gres>
+  <laggs version="1.0.0">
+    <lagg/>
+  </laggs>
+  <virtualip version="1.0.0">
+    <vip/>
+  </virtualip>
+  <vlans version="1.0.0">
+    <vlan/>
+  </vlans>
+  <staticroutes version="1.0.0">
+    <route/>
+  </staticroutes>
+  <bridges>
+    <bridged/>
+  </bridges>
+  <ppps>
+    <ppp/>
+  </ppps>
+  <wireless>
+    <clone/>
+  </wireless>
+  <ca/>
+  <dhcpdv6/>
+  <cert uuid="547102e9-23ba-48b8-8af8-64be61049e96">
+    <refid>6734d13fa9e4a</refid>
+    <descr>Web GUI TLS certificate</descr>
+    <caref/>
+    <crt>LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUhIakNDQlFhZ0F3SUJBZ0lVSUhVRkpwc253VGtzYWRrZmRDNUp1SDhqWnZNd0RRWUpLb1pJaHZjTkFRRUwKQlFBd2dZa3hIVEFiQmdOVkJBTU1GRTlRVG5ObGJuTmxMbXh2WTJGc1pHOXRZV2x1TVFzd0NRWURWUVFHRXdKTwpUREVWTUJNR0ExVUVDQXdNV25WcFpDMUliMnhzWVc1a01SVXdFd1lEVlFRSERBeE5hV1JrWld4b1lYSnVhWE14CkxUQXJCZ05WQkFvTUpFOVFUbk5sYm5ObElITmxiR1l0YzJsbmJtVmtJSGRsWWlCalpYSjBhV1pwWTJGMFpUQWUKRncweU5ERXhNVE14TmpFNE1EbGFGdzB5TlRFeU1UVXhOakU0TURsYU1JR0pNUjB3R3dZRFZRUUREQlJQVUU1egpaVzV6WlM1c2IyTmhiR1J2YldGcGJqRUxNQWtHQTFVRUJoTUNUa3d4RlRBVEJnTlZCQWdNREZwMWFXUXRTRzlzCmJHRnVaREVWTUJNR0ExVUVCd3dNVFdsa1pHVnNhR0Z5Ym1sek1TMHdLd1lEVlFRS0RDUlBVRTV6Wlc1elpTQnoKWld4bUxYTnBaMjVsWkNCM1pXSWdZMlZ5ZEdsbWFXTmhkR1V3Z2dJaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQwpEd0F3Z2dJS0FvSUNBUURKU1FlZ1RYckp5dDVWYmk0Rk9IeHJrOXhxQ21FRU54V2pINVVwNDBFK3hjUzZQU1NyCkNEclc3ZDlYcVJkOEpEZENtdGtLRGlMYWNaUzJMUm1abnd6VnRzZGtBR2pOYm5OM1hSNmlFajdGL0JnbVBlcDEKU2pJWnBTZzNkOS9YeHFPQTNZQllzTS9uUk9vWHlmTHcycFJOLzhHVjN3MHoxbVFZUitMZWI3UTFuc1c3dTJ5NworVHc5STZGU0J4bkdaR3RyUFl5NkVBb0NMdm1GQnFCYWxkWTQ2ejdlWjlIRkZXaE8ybWpaUzVPdTE3ZVozVHBxCnBRTVB1T2JxV3FyaE0xdjVjdmJodU5kREhNZ3ZVVFVnQ0RNK2FkS3dIc0dNNGw5ZGtOQTgxdGlJcXpzN1BqcjEKUm0wMlVuUXRneW8zY3hPRXVsYk9nU0hsdGhTMmtUMXE2UmhyemYvRGRJSEhta1RROGtwWVloWGc0VmpMQVdpSQpQbm9ncnZsRUlWMERhQ3ZEMjZiRkRDbVkxc29FbDV1NGtYanJScDRXK29NUVRHeG80NzFMQnNBMlh1Si82ZFJBCkJMVzh4dXBFODhEYmlrWW51NVdQaUp6ZXh4UVIyNU1FQVd6TCtKK0lubFExbmpMVWwyN3R0c1VQQ1VjL3c0NXoKcHBERHYwZnU0Nnp1S3EzY0VWRitiREsrQWdlT0Q2SXNzUjVRRTdFNVdkWjYrNWl6ZHB4eWdUeGh0L1k1RlBkSApHQjlCbDFrejR4bHRhczlvbmZrSDFkVHk3dzFNck43Z1l5WjgvS0pMWW9EY2NBOVFuNGt6bGtPeFVUMENuS1ExCmtWNk90aFRsVFgzK2duaUpJK3RXWUQ5bTRldXNzYWN1anpyWDl5TTNZcEloMnZqODJ0NHpPNjIrNFFJREFRQUIKbzRJQmVqQ0NBWFl3Q1FZRFZSMFRCQUl3QURBUkJnbGdoa2dCaHZoQ0FRRUVCQU1DQmtBd05BWUpZSVpJQVliNApRZ0VOQkNjV0pVOVFUbk5sYm5ObElFZGxibVZ5WVhSbFpDQlRaWEoyWlhJZ1EyVnlkR2xtYVdOaGRHVXdIUVlEClZSME9CQllFRkJRZytucWI5QW9HSWtoTUxhNHFzWGRvY0JGcE1JR3pCZ05WSFNNRWdhc3dnYWloZ1kra2dZd3cKZ1lreEhUQWJCZ05WQkFNTUZFOVFUbk5sYm5ObExteHZZMkZzWkc5dFlXbHVNUXN3Q1FZRFZRUUdFd0pPVERFVgpNQk1HQTFVRUNBd01XblZwWkMxSWIyeHNZVzVrTVJVd0V3WURWUVFIREF4TmFXUmtaV3hvWVhKdWFYTXhMVEFyCkJnTlZCQW9NSkU5UVRuTmxibk5sSUhObGJHWXRjMmxuYm1Wa0lIZGxZaUJqWlhKMGFXWnBZMkYwWllJVUlIVUYKSnBzbndUa3NhZGtmZEM1SnVIOGpadk13SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQ0FJQwpNQXNHQTFVZER3UUVBd0lGb0RBZkJnTlZIUkVFR0RBV2doUlBVRTV6Wlc1elpTNXNiMk5oYkdSdmJXRnBiakFOCkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQUZqNlQ1MmRIUklVMHJuZDE0d2dob2tjUkdrK0hIQloyTGlDRHpUeUwKNHdCeTJ1ZXJXQWdvYUZzeUlNQzhwWTBhWlc4TFlSd1BtRVB0OXlUS09ZZzF0NWtOUnk2RkF5akszeis5TGZTQwoxRlFpb0pma3FHRnhoc1IxV1R5RjBGNmJmM2tZRDZ4OWw1dEdqMXF3SndrekZWZWcvZGNtUVhvRTBmUDRqSFFvCmgxWXdiZ3pTa084TzRLUVhuWXVRM3g0bWdoZnBvR0hQM2xINlcybDJlWHpqSzllRjJtUG1ZS0p1M3JpSnkvL3gKRzhQWXBYNlNTN3RoVnNNeHF3cGJHbURXQXRuSnNrSmVsNDI1WUdOYlZ4YTNPOHE3RWxLNGFoNXpmai8wRnVwTgo3SnlqMWQyZjZFck14WlFnUi9EdmlUVnhISytRY1lBRXBqU2ZmZzBrRStpS1BlN0VYTVk1VU1aZUFTK1ZteG1LCjBPOWxaQXNpWUlEMzkwVjNTaDZxYjhoL2xMZ0V2NCtSNUw1VEpFaldYc0dQSUpGaHJNSFJWR1lhV3JIYWx3eHYKNjE5NFlpSXBEaUlHSVVSWGN1U3dNcndIQzN0bms2QVo2OW5CczVXT1JYM0NxOVhRRnVrVlA5eUMxQnRuSmFwbQpubUMzK3NtTTErRjkxUXlkVXJtbUxPNUVwUmtTMitBcmRTSklUR1NRNWt4L3VLNjhzV0QzVVdNNVRibUxrcWdOCkt6djZjemVCbzJiVExDT0JKUWJ4STFCckRPTUFMSDlCdXdUamVXdUVtWE9TWE1lTDFsejdhL2JZKzJxa1BSOVAKTE5IekE2QXZlVmxucDNaeFdqMjZFK3dwYnU5cHBaY0QzRGVHRnRnZzVJbUJ2ZDNWbjJ6UVc4a1ZMT1ZBdllSawptdWc9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K</crt>
+    <csr/>
+    <prv>LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUpSQUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQ1M0d2dna3FBZ0VBQW9JQ0FRREpTUWVnVFhySnl0NVYKYmk0Rk9IeHJrOXhxQ21FRU54V2pINVVwNDBFK3hjUzZQU1NyQ0RyVzdkOVhxUmQ4SkRkQ210a0tEaUxhY1pTMgpMUm1abnd6VnRzZGtBR2pOYm5OM1hSNmlFajdGL0JnbVBlcDFTaklacFNnM2Q5L1h4cU9BM1lCWXNNL25ST29YCnlmTHcycFJOLzhHVjN3MHoxbVFZUitMZWI3UTFuc1c3dTJ5NytUdzlJNkZTQnhuR1pHdHJQWXk2RUFvQ0x2bUYKQnFCYWxkWTQ2ejdlWjlIRkZXaE8ybWpaUzVPdTE3ZVozVHBxcFFNUHVPYnFXcXJoTTF2NWN2Ymh1TmRESE1ndgpVVFVnQ0RNK2FkS3dIc0dNNGw5ZGtOQTgxdGlJcXpzN1BqcjFSbTAyVW5RdGd5bzNjeE9FdWxiT2dTSGx0aFMyCmtUMXE2UmhyemYvRGRJSEhta1RROGtwWVloWGc0VmpMQVdpSVBub2dydmxFSVYwRGFDdkQyNmJGRENtWTFzb0UKbDV1NGtYanJScDRXK29NUVRHeG80NzFMQnNBMlh1Si82ZFJBQkxXOHh1cEU4OERiaWtZbnU1V1BpSnpleHhRUgoyNU1FQVd6TCtKK0lubFExbmpMVWwyN3R0c1VQQ1VjL3c0NXpwcEREdjBmdTQ2enVLcTNjRVZGK2JESytBZ2VPCkQ2SXNzUjVRRTdFNVdkWjYrNWl6ZHB4eWdUeGh0L1k1RlBkSEdCOUJsMWt6NHhsdGFzOW9uZmtIMWRUeTd3MU0Kck43Z1l5WjgvS0pMWW9EY2NBOVFuNGt6bGtPeFVUMENuS1Exa1Y2T3RoVGxUWDMrZ25pSkkrdFdZRDltNGV1cwpzYWN1anpyWDl5TTNZcEloMnZqODJ0NHpPNjIrNFFJREFRQUJBb0lDQUNPNnZpc1BIY3pzb1NjK2dkWkU1dGNNCnZkc240UDFIenVRd0VzRUcrVG1zanVWMVBZbExrbkE4OU1DQmdDejEyOFpMcU51ZlUwSDkxK1Uzbjd2MGJ1bVAKd3BpR2R4UUNOMlpZaGZ2RWE5YW1qMTNZYjBJbks3b0FKbUdrT254NW91UFl6YlBRblBNRE9WK0VKa2JwTWRxZgptOHdmOWg2OXYzSk03bUZJS0UrOVVZR252UjhuMkhETTNwR3FONEhQS1A4MkE0RXlvQ2d2a1BTelRxc052bU5ICnBOY0RURW5rNlNsWUhUVDNOSzJjVnBldUhMUzUrazlqNWI5elhUSlE5TkpVZlN6bnEvUmFpMUZVNDY1K0xpUjEKMGVPWDdnajFWUExOcGgwcWtQQy9ubW0vZStVMmZXUGZZb2FDcWkrQ0VwU2twQXlQZ1FZZTJsSG0rYVU4MzZ2UQpuaHZuL0p5ZHJDL1NyTUFZaXpOZFYyZjlHTkNwcE1SbUZyOS9saVJiNEFpSzRLSDRETGdSRUxHaDJLNzJuOFRLCkxUSVhIV3RacisyMWU4c0Mxbm5MSENnK21wMHBvSWJsbEtoYk9VTmVxR09yWm95NFBXdDZMQndFYzN0MG1wVEMKODhiSUpqMzFCQngzTGE1SUE5b0FNRi9lbHJYdFhhVnl4bm5yTHdjYzFNVWpCV20rZDVqbC9WOEdIcEJRd3pXYwpPNWdNSXlQNUIvdzBacUcyZjV1akZkOHo4dElmcEFRRTJSbDNxRUFYNU1NY1JQaFlTNDJqTWl4czc3TmtOVldQCkpqUVoxVDVXQTVKOUxEL2FKRkplQ2MvbjhpNldOQ3FzdEQ5OVNPTCsrTTBFQTlka2lLNWtOcXFZeXZuRG9SZVcKSW84eXhvVnpObURsWjBkSU9UUzlBb0lCQVFEb2tvMWxPS05FNlBWWmRRU3lmS0JOTEZNcEl1V1VVZmp0ODU4awpJTTB0TnNyS0d2N3NmYkt0dlMvOWgwMGluU2FyWTJ4amVETG91WEI5VzdKY1B1NjRoNHYwek1lbXRhdDRyTUJnClA5bkQ3MW00dERqS2ZrZDAza2tUbk4ySTBxYkwzeFVoTjNEQlJZTU9veDFMa2M4MFFFMHhSUEM1YmRJaXcwemEKTWdtK1dOZVY1VEZoSkpQZ2dVRVo5U1A2aWV1VEY0OW9wRGNWdGUwQ0I0WnFUaTRWb3YvZFVDWGpNK0djRnNWdgpPWTZYTE9KTmRldHdnUVNkd1hlSzB1WlBpWnVKTGlsTEg4OFVKYWNoQThDZW1SclMxRUtxWElwK2dkQWV4MnhVCmY5amRMMGF2SlJEY0xqWlhETXBvWlJpc0JoWVArZzY3VHZza3FscDh4M2p2STlWVkFvSUJBUURkajZrdWNLM0MKYXprMzlqYllvM3RFZ0R5L2VGNnBjWFlpK21Ba1ZNRk9vSWJ5cmNyN3BqSnRMNFMyMEFDRmpBUGFQT042dWVVWQpQQm92dC9QODB1V1c5cGZCK29mRmdadzRqc3hLWFY4eEJmOVdLWVZndFBsOHhIL1RJcERTMjhVTlowNDlhUW4vCjlCRzNac0lyenk3RzFLRTZPLzBMMnVmMnFyaUxxRFQyV3dsdFVsbWs2Ym5NeThkR0sra1JLcFhvSm1RTlNHRHoKOXd4blU2ZmZ1NDdDLzRYMHRIVk1MVFVneFh4djdqN3BpSzI4dzBuZ1N5S3ozV0IzWTJwaFVsZEJIdEprQko1RQpoRm8zMXJCVDU5enhkb2crYXh1bkh4S3EySGFHRkt0ZUZ6RGpkTTFpQzE3bWNtWXBzR2tuenA0cjRjZm5FYTFSCko4Wmo5ZVFQaEVOZEFvSUJBUUN3d2hsbXNkb2MySFVJVFZDSm13QjJSdGJaYitWT2lkS0lmdDBYcHpwcFA3aDIKVEhndEl3ZDIxayt2LzNJWGVaclhMWlJHTVNkNEN1QTgxa0ZEckt6Z1lGeDFiR0hkQ1R2T1ZuVkxjWnUvTjUxWQpMTmp3eFhMbmxyMnhnMG8zMytuWERyQlBjNFJsejcvZ2t3WUQxa2pGckkwK2dlZjI5a2w4RkRUSHJMb05DaGFuCm5PNmZweDRneGZ2Rmo3T05pZDhhQnhEK2RiaEw3dDIzNmlJMWp6K2xRQ0g0Z1I2YWhHYldxOVBZU2NWZWprVmMKbTkrWnZPVFdSU0RteUkwMExDQ2k3UXVEUmlTcmFrYVFaL3F3VHlxOHk0ZnpWS3dKby8yYU52VFZiK2xSaWNuTgorWHpMNnU5dno0L1NNZXZEYWtqQVVjdDZmbmVQa1UxK2dsZ2VZSHlWQW9JQkFRRFJtYW0wVEZhbFdXaHMvNWtOClEwTkhINFhZb1JmMGRta0xXQStCNzBoY2lOS0JYRlp0ME9GZGw1bVdsSm9adk1hY1BBUDd3MGJ1c1ZVWWxZN1YKTy9LRTZVM1I3WjlxQWw1Mnh1aU81Vnc3ZFhBRDVBM1EyZ1EzdTNFdG5VS2lwOVA0QlNYb1JLbDRJVDV0WVdJSgpyZHVUciszQ3VLT0FCcHh4Snpxa3JBRkdtZ01HRCtUTWRXd1hTU1NBeHVPYklNMW1MSU4wYVdlSEJNMFFKdnptClZIb1BFVXA1b0FwamdWVUVacTk4K0VjK0NOWkxmL2d3bndQNllsQnpRWEtQRlNXRWJwTWNtWjNjTmRWZmc5T1YKM1FDUTBkQzhNL21hRlhSRWVibE95TmtCanpEcHpVTExJUFNyVDhoRVlpWm95VGVyVGRJZVVBUEZoYnBTTUhtTApFRlhsQW9JQkFRQ0VUdVJQRHZvMC9tdDhyTzhLNENsamtuU0gxZ1FBSjFha3U3UXg3NUJUTDB6OWRNY2lMK1JLCng1R1lFTW1wcUtNb2FPbWc0WFVRMVRlQ2Vic1R0NjMyWXp6cmNCU0d1RzVnN1o0UUVublUzRXU5QklIMUVSL2gKSEk0NWowU0xNRUpObkNiTkpnRVNRRUFCbzN3cHhrRTdiRGlNdTVPOXVqMlFRVTlTTm94QkFmbVFXRDJJaU1BRQpWYzV3QTNZajBMdElSYkJmdzNBTE9uNlRSc2xucy9JMnd2Z1RCQW9sU3NZbEtEK0NRY3hDZldlNmZwU21aYmlCClBGUE9DY1ZQTXhGeXBhZWFJMkRXNWRPNFNoNGQ0ZlZma2F3ck9LN1N2QnFZb0Y5L2VndThzQS9ZdklaRVltQUQKd0ZIOGs1QjJ4WXdiNkVmNmFFQ29ZTitsNWtlWmhNWTgKLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo=</prv>
+  </cert>
+  <cert uuid="cad18e13-92c5-48b6-9b44-ad2e5dcc799e">
+    <refid>6734d6c82dc59</refid>
+    <descr>Web GUI TLS certificate</descr>
+    <caref/>
+    <crt>LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUhIakNDQlFhZ0F3SUJBZ0lVZkNETXpFclQ4dlVoenJaTVJta3JiT3dnSUdNd0RRWUpLb1pJaHZjTkFRRUwKQlFBd2dZa3hIVEFiQmdOVkJBTU1GRTlRVG5ObGJuTmxMbXh2WTJGc1pHOXRZV2x1TVFzd0NRWURWUVFHRXdKTwpUREVWTUJNR0ExVUVDQXdNV25WcFpDMUliMnhzWVc1a01SVXdFd1lEVlFRSERBeE5hV1JrWld4b1lYSnVhWE14CkxUQXJCZ05WQkFvTUpFOVFUbk5sYm5ObElITmxiR1l0YzJsbmJtVmtJSGRsWWlCalpYSjBhV1pwWTJGMFpUQWUKRncweU5ERXhNVE14TmpReE5EVmFGdzB5TlRFeU1UVXhOalF4TkRWYU1JR0pNUjB3R3dZRFZRUUREQlJQVUU1egpaVzV6WlM1c2IyTmhiR1J2YldGcGJqRUxNQWtHQTFVRUJoTUNUa3d4RlRBVEJnTlZCQWdNREZwMWFXUXRTRzlzCmJHRnVaREVWTUJNR0ExVUVCd3dNVFdsa1pHVnNhR0Z5Ym1sek1TMHdLd1lEVlFRS0RDUlBVRTV6Wlc1elpTQnoKWld4bUxYTnBaMjVsWkNCM1pXSWdZMlZ5ZEdsbWFXTmhkR1V3Z2dJaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQwpEd0F3Z2dJS0FvSUNBUURMc0xEbjRta1R4RXJYdHdqTXoxencyeHJhNTZ5bTYrYzlRNEM3UjMyMzVuWjVPM1ovCnczL2tNV2Y5L25GbGpnMkFXWERJSmNXZjk0NFJFblFMdmlha2NNTHR1Qm1KTVRYZnVQWnhsSWE4Wlc0S0ZuT20KVFM0WXFCVzhHQkpJd0xtQ2kxb2RoWXhmUEQ2TFdEZnZYMm1tWEIrUFNxL0l4WEhOSjdxZVB4YzVuSzUyMW1uNQpuQ0FtZFBDY2JmdmdXdUM2TnhWbXpkeXpta1QvNnVqRUJFYTZ6RkQyUUtDN1N6a2ptZUNpd2VDQjc5NjZqeEV5ClFrVlFqYlQ5MFlyeENvdE8rbTJIQU5QZHNjT3FvNldXMEhmSlNpa2k4K2NDWHlzbGRFSzFZbmxueTNFWlVqTEwKVmplRS9XQVU0Q1BZUmhYVFVGVTIxZFV2azNvYUVpeldVdmhKc1FHYnh2aFRUQlN3aVliOUQ3Ymx1MWl4UzJxNwo3Mzk5VWdRN3FTNUFhOElHbXA4NUNoUUlBWUVjSTd6RGVWTGtrOGpkWkFCaTdGbDl0M05OQTU3WlVZVzErWE45CitUZ3ljMTlTbGoxVW1RdkRvekxCQzk5TVJpLzREQTIxRFpIODY3ekFYenFqZWUrckorQkZvNzVEQjlqd2tMTmUKUGVpemxRenRIWmpSU0tnaWdSNU9KSmtSVHIvNjduaTBtbzVITGNkU3hBSDFmdXdXS0hWS2RHQlQrNjhhYkUrZwprUSsrVDhMenVhK1FtakxOUVFqMVJCSFYzSzVQL3dvbXJKZG02d1ZLbm85RXlNait4azFwS05wb0F4UnR1WllmCkNEVVVQWjR1cEJtbzBLN3dGNHdtV3VXYSttVndlb1ZTcDRXMEhOWVJGU1pyWWxrc1AzdWViSHcva1FJREFRQUIKbzRJQmVqQ0NBWFl3Q1FZRFZSMFRCQUl3QURBUkJnbGdoa2dCaHZoQ0FRRUVCQU1DQmtBd05BWUpZSVpJQVliNApRZ0VOQkNjV0pVOVFUbk5sYm5ObElFZGxibVZ5WVhSbFpDQlRaWEoyWlhJZ1EyVnlkR2xtYVdOaGRHVXdIUVlEClZSME9CQllFRktidDd0QkRKN1daV1lMblQ5cEhTMklPdTg1TU1JR3pCZ05WSFNNRWdhc3dnYWloZ1kra2dZd3cKZ1lreEhUQWJCZ05WQkFNTUZFOVFUbk5sYm5ObExteHZZMkZzWkc5dFlXbHVNUXN3Q1FZRFZRUUdFd0pPVERFVgpNQk1HQTFVRUNBd01XblZwWkMxSWIyeHNZVzVrTVJVd0V3WURWUVFIREF4TmFXUmtaV3hvWVhKdWFYTXhMVEFyCkJnTlZCQW9NSkU5UVRuTmxibk5sSUhObGJHWXRjMmxuYm1Wa0lIZGxZaUJqWlhKMGFXWnBZMkYwWllJVWZDRE0KekVyVDh2VWh6clpNUm1rcmJPd2dJR013SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQ0FJQwpNQXNHQTFVZER3UUVBd0lGb0RBZkJnTlZIUkVFR0RBV2doUlBVRTV6Wlc1elpTNXNiMk5oYkdSdmJXRnBiakFOCkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQWNQbmllQ29FSmRjV25CVHdqRmE3bjZqTFMrZ1pUYUk2ZjAzWktQMFYKQ0pSaDUxWTNwb2dpcnJYcVNHQ1VGTVNHbGpsQ21mU2VhdW9GWFYwanZLejhnMGZ1NU9kYlhjd2FrZFBZSXgydQpVT0dMbllTaEdCNlpoMmhpWWdSVGFpemJoTVliQitzQkV4QU1CdHZRZElSZ3dBWkRNWE9jY0MwZnJaMFhRRlRFCnQ3by82VGYvZEprdnB0cmRYWW1INnFUWlA2MGxyTnlabVloTjc1NEluOFZLRVVSRWNZamg1ejlJanA1NTE1cU0Kb0VrSGNKbTBDNkh2VStETG1ybFpFYkV4bnVOMFQzWTBNZ0hiVFVhU2Y1L2FKVmlIM0dOMnMzbG1ZM0VXTS9Vcwo3azFyc2JTa2orZzJvQXlTcjU0Nlc4RkdaMjliZFlOYk1EaTQ4aXVRQWlzRlQrTGZXN3Y3RVl3WGJ3NUhSVkpNCjV2MlhnenJwN2Yxa08zckEzeXUyS1VSSktHdjJ1ZXhNSythb1VOZXhRT3ludmZGUTBCemRHQ1dlcmVvZTZ3bDMKbHc4Z2dCWDI1VGIxbzR3d1UzNXdtUUIrMC9rbjB0SXoveVBhY2JzbDAwZ0dJNFhTbWpRQmF0MUZYRHFEME1JMgp4S0RqMXZ2dkNTVnRKc09ESG95eDhLc3ptbno5UVFoV0ZNeC9LTXp1clh0OWtsWFRJc0t3d2NXMytZQWtQMzNaClgvOGJnZS8zK2RibTdNN3BndmFBNVFlU3VTbkwzNjdLT1g1NlNZNGFZWHhkc1haVDc0ZGxVRU1jbG9NU0NIOG4KR25QWlpyWTNHdnZaU2ovQWdqT2lDNHNBL2JSSmh4cCtUQndlRFByR0pFUEJFVW9sZEZHVXdraFJXMVVuRlc2YwpyTGM9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K</crt>
+    <csr/>
+    <prv>LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUpRZ0lCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQ1N3d2dna29BZ0VBQW9JQ0FRRExzTERuNG1rVHhFclgKdHdqTXoxencyeHJhNTZ5bTYrYzlRNEM3UjMyMzVuWjVPM1ovdzMva01XZjkvbkZsamcyQVdYRElKY1dmOTQ0UgpFblFMdmlha2NNTHR1Qm1KTVRYZnVQWnhsSWE4Wlc0S0ZuT21UUzRZcUJXOEdCSkl3TG1DaTFvZGhZeGZQRDZMCldEZnZYMm1tWEIrUFNxL0l4WEhOSjdxZVB4YzVuSzUyMW1uNW5DQW1kUENjYmZ2Z1d1QzZOeFZtemR5em1rVC8KNnVqRUJFYTZ6RkQyUUtDN1N6a2ptZUNpd2VDQjc5NjZqeEV5UWtWUWpiVDkwWXJ4Q290TyttMkhBTlBkc2NPcQpvNldXMEhmSlNpa2k4K2NDWHlzbGRFSzFZbmxueTNFWlVqTExWamVFL1dBVTRDUFlSaFhUVUZVMjFkVXZrM29hCkVpeldVdmhKc1FHYnh2aFRUQlN3aVliOUQ3Ymx1MWl4UzJxNzczOTlVZ1E3cVM1QWE4SUdtcDg1Q2hRSUFZRWMKSTd6RGVWTGtrOGpkWkFCaTdGbDl0M05OQTU3WlVZVzErWE45K1RneWMxOVNsajFVbVF2RG96TEJDOTlNUmkvNApEQTIxRFpIODY3ekFYenFqZWUrckorQkZvNzVEQjlqd2tMTmVQZWl6bFF6dEhaalJTS2dpZ1I1T0pKa1JUci82CjduaTBtbzVITGNkU3hBSDFmdXdXS0hWS2RHQlQrNjhhYkUrZ2tRKytUOEx6dWErUW1qTE5RUWoxUkJIVjNLNVAKL3dvbXJKZG02d1ZLbm85RXlNait4azFwS05wb0F4UnR1WllmQ0RVVVBaNHVwQm1vMEs3d0Y0d21XdVdhK21Wdwplb1ZTcDRXMEhOWVJGU1pyWWxrc1AzdWViSHcva1FJREFRQUJBb0lDQUFzc3hPL2IzSTd3a0hpWU9wdmQ3b2ZxClJXVm9HM0ZHOVBkSCtrcU1DQW9zVXlpZ2lnWkZhQUZSY3BhZFBJUnBVRFZQOHQrUUx2RHhTSEtJVkNTR3lLRHgKN01mVTkxV3ZCUGtpc1NhWEV2TklEMHJ2WTJYbXl4WWdOcDBNcHdnbHhxZXlWSDNWSTFmZ09zQXpWVkpGSmtzeAp0NnVKV2U2R1lwRnlVZ3MzZytNdHhPYVJLZHcvWkFZb0dVRkR5WE5NR1JNdVRYYkg2WWxTOStFZ2RxZTJZbGtDCk41amkvODUydUlwSytXZUVnbmd1ZkVZNDdpVVhQSzFJTVB0UjRURUxOb3hkTWVBYnZBUG9La2QwMWZOWnVaQ3EKQ0dxNS9kMEQ4cDZKNjlUK3M1RnR1R1UrdkxtcUg3NmtsZjVmTTZnOFpCc2xSNStNQ0xlay9DaHRBZGU2VXBQRApXQ2EwazU3dmdneUdQdGVlVXY2RVJBMEp6SjlJd2VHZGdVWHhNdW5LK3ZSNWYydWJKWFJoMVJpNTNFSTNvVUxYClFvWm9hOTY3VzNUajQ3UzR2RlQyK2dLb0g2OXlNckdVNVkwcjJrSTFXMVVhWEJ1aVVrMi94amdyWVdTblUzUUQKZkM3ZXllTlNlN3c4UW9MMVBEYXJwVXdaK2xGZ0w3NFVScldLQU12WVhxa3NTMHVtb0tTSWo4cjZMM0hVSUVaUgpZRzhBTU91dFhrQk5lMkNpTXRKM2NYUXNIOWloQU9QL3AvaE9BTTBGNkM3Ymt1Vm85d1pRdDVESWxRWUl4TlArClFRZ2doRnhBNTlTWmpwRk00QkN5L0hEOENJY3VuSURZOVNlbXNSYXdyUVY1eGk1akFScVdOYTdBSVMvVlArdUUKQkpmS0dDNFlZVmxqS1VLeEgxVUJBb0lCQVFEcnZOWXNrd3ZhQ2Z6MlcvbkIrRjNjVE1RbjM2RENSYnZwQ0s1dApldm96TjJGbjBJdWFnN2RrYzN2NTFxTVNEd0h1cVNkVTRHUHZMcm83alpJaFNEZ1AwLzBLWmc0VmxtZE5HbEovCk1lcXhmOGRkOFdTQjZiUksrK2FRcEhaeDd2SUFTWkE4eHkvZ3F2NGJpSmlqVDhUQ2lSeXdYSTQ0ZlRYM0xLZTIKVG1Uc29XNk9yQmErSWJRYjBpTEh4WE4rZ3JDM0cxWWxIUlNvTEpKUkU0eFVLMGsvM1JLNU16RjRIYUNZb1BWOQpDOFpQellMR253SE9ERU8zbHRtSGJvQUNFa0VrT2dFV3U4RFo2YlYrMXJBcVh6WnN0L3hNZnJ5KzlMRVdYQUwvCkRnOEdkall0YzdyUTFZd1BIY1h6cFo2clVIdXh2K0p6VEE1ZzNCS1p6aWhwNFdHaEFvSUJBUURkTXE3N0dRWGMKYW5hYlMxanlFT3VzNFp5ZlJ4cW10NEVFaHZjY0dRVVVrV0IrWk11bnpyaENxb3ZwQ1dhVU9zWVhuNG45Y3BQSAo3bm1mOUJHbFI4NVhCVHNLM2d4bE5NMUhjSGFTNXZSem9WQVBNd3o2VVV0ZFNLWXRLR0Q3Wkxmbm9ISXN1SlEzCnJ6WWIyTFhpVmx6MWlNNUVmT0VrL1J5UjBwMGtleXVwa0F0OXBRV0hzaURYb0pibDE2d1ZLc2NDNGUzNjdRRWsKcFdoeXcyS3A4bXdtOGxqQllxZWtHdUREeGVZSDMzMVlGa2FMUEJCT2xPQnlveFlOUDdBVVREUlV3KzB1T01jNwozb0N1VE9jWnAxVWMwQURBOXRTRVRINklWdlFEUXZlYzR6MWRTVGRmUEkxRzVUTCt4Mzlvam5OcGVoYng0bEwvCmRxTTBmcFlPL2ZmeEFvSUJBRmwzOU8wNzdjNlY1ZHoyY1djTnhVbThGT0p4UEVrZlFEOGtYVmNOeW5HdnZoY3gKamhwWmpUdmhuSmJvd0VFMVV1MXFZNVFTQ2J1WVIzUWN1ZTVKdzRVMlZwNGd0NDIzNUlMZHo1dVlyVk1xaE5jQgpxN3ltbnhlcVhRcGVjTm15NzBQdXA0QjV0SkVYTkpQc2xzbThsNWVoaERMbkhjOFFybStlRWhUZDBlNEJJcjJoClVJeGVyRVcyemg1MXNPeTkyeVhUaVRGU3hTbENxVkYrRXM5TEVtVGJtYVNTYWw4RkY1TjEyMVhYSnkvWWRwNjkKY0dqc1BMTXIzR2xMSmVnalYzZlJUK0o1NWFxT3lhUlhCTXRBRVo3WGdUampETzJJWHNGMnNHaHV4SU1XVUYrVgp3YnhLbi9xSXVUMU1pVmpKbGZpVE0vWEFVdUN1QlowOEloaDFRcUVDZ2dFQUZwdzJySzRMSGxPM21mb2l0bU9xClkzcVFVdXVtdXNIcEt6aE1qQSsycURxUC9YdDZJY1lNcWF2YkwwL3ByMTh1bm4yTlVsM2k0ejNxS3NKOUIwTUcKd1hoa1o2RDQ3V052VkUwWG9iNS80RTN0N0EvUTFNbDRoYW1HYXZsRXFJM01DcDRvN1k5VWZ6aW10RVA3bTQ0dQpaRjYranR1ZysvSHZlS3hwcWEvNWI1U3N5QVFWUTZDZW9Ndm1nTW9CNmd2OFdid1VZbURWakJSb1Q4clBEQVllCnJnQjV1QkxJaGdyRlROMnV2TUZJZzdlTE1ISk1UR3dGWVZKd1Q1eGgrRUV0M0RoR3gwSEFnOHNqcGkxd05md1gKeENFeTRvYVloSWw1S2FDUndyK1dwZS9JZHYrajdGVTVMN1QvK0hFV0FlOEZ0eE5td3dUYWJRaUllRFkwU29ZRgpVUUtDQVFFQXRiclZqbTFsaDQ1REhIWnVsem4xNllIQzJrMUYwWG9FZFVSQ3o0QTFsMHBEK3ljL2srdmJ0Qmg0Cm1RRDV1a3FicHFFZy9GNUhDZmdOaHlieHNNdVV6NzFaU24zN2dwczNDWUdiUyt4RkhjZTJBakNTbUlYQWIxQjgKR0Z2WnV4UlB5QXU0YVBvT1J3RzM3NVBOM0VNNk83bzdxbjlYeExTZWRIMHExM2U0YkhYYm4rc2xOa1RIM2xmcwpLVnBOUUhVSUNDSW5vQ0llV1dwdnAwQnFoYjlKclRsbXd2c25zOHpZVDNiY3F5QXZHZGRnNUs3Y0MwRVJaem9ECnFJTkI3S05FVjQ1NmF0eDZVT3VYUlpKREMvaHNJUTZNaVBveUJacHRsK1ZIMEtQbEFIWGExb0FXZmNuL0U3MFYKK0RaeVBiMWxkQUdpb1hqditGd2h5VzZlWEVrQlBnPT0KLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo=</prv>
+  </cert>
+  <syslog/>
+</opnsense>
diff --git a/harmony-rs/opnsense-config/src/tests/data/config-vm-test_linted.xml b/harmony-rs/opnsense-config/src/tests/data/config-vm-test_linted.xml
new file mode 100644
index 0000000..1d176b4
--- /dev/null
+++ b/harmony-rs/opnsense-config/src/tests/data/config-vm-test_linted.xml
@@ -0,0 +1,994 @@
+<?xml version="1.0"?>
+<opnsense>
+  <theme>opnsense</theme>
+  <sysctl>
+    <item>
+      <descr>Increase UFS read-ahead speeds to match the state of hard drives and NCQ.</descr>
+      <tunable>vfs.read_max</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Set the ephemeral port range to be lower.</descr>
+      <tunable>net.inet.ip.portrange.first</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Drop packets to closed TCP ports without returning a RST</descr>
+      <tunable>net.inet.tcp.blackhole</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Do not send ICMP port unreachable messages for closed UDP ports</descr>
+      <tunable>net.inet.udp.blackhole</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Randomize the ID field in IP packets</descr>
+      <tunable>net.inet.ip.random_id</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>
+        Source routing is another way for an attacker to try to reach non-routable addresses behind your box.
+        It can also be used to probe for information about your internal networks. These functions come enabled
+        as part of the standard FreeBSD core system.
+      </descr>
+      <tunable>net.inet.ip.sourceroute</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>
+        Source routing is another way for an attacker to try to reach non-routable addresses behind your box.
+        It can also be used to probe for information about your internal networks. These functions come enabled
+        as part of the standard FreeBSD core system.
+      </descr>
+      <tunable>net.inet.ip.accept_sourceroute</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>
+        This option turns off the logging of redirect packets because there is no limit and this could fill
+        up your logs consuming your whole hard drive.
+      </descr>
+      <tunable>net.inet.icmp.log_redirect</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Drop SYN-FIN packets (breaks RFC1379, but nobody uses it anyway)</descr>
+      <tunable>net.inet.tcp.drop_synfin</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Enable sending IPv6 redirects</descr>
+      <tunable>net.inet6.ip6.redirect</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Enable privacy settings for IPv6 (RFC 4941)</descr>
+      <tunable>net.inet6.ip6.use_tempaddr</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Prefer privacy addresses and use them over the normal addresses</descr>
+      <tunable>net.inet6.ip6.prefer_tempaddr</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Generate SYN cookies for outbound SYN-ACK packets</descr>
+      <tunable>net.inet.tcp.syncookies</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Maximum incoming/outgoing TCP datagram size (receive)</descr>
+      <tunable>net.inet.tcp.recvspace</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Maximum incoming/outgoing TCP datagram size (send)</descr>
+      <tunable>net.inet.tcp.sendspace</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Do not delay ACK to try and piggyback it onto a data packet</descr>
+      <tunable>net.inet.tcp.delayed_ack</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Maximum outgoing UDP datagram size</descr>
+      <tunable>net.inet.udp.maxdgram</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Handling of non-IP packets which are not passed to pfil (see if_bridge(4))</descr>
+      <tunable>net.link.bridge.pfil_onlyip</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Set to 1 to additionally filter on the physical interface for locally destined packets</descr>
+      <tunable>net.link.bridge.pfil_local_phys</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Set to 0 to disable filtering on the incoming and outgoing member interfaces.</descr>
+      <tunable>net.link.bridge.pfil_member</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Set to 1 to enable filtering on the bridge interface</descr>
+      <tunable>net.link.bridge.pfil_bridge</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Allow unprivileged access to tap(4) device nodes</descr>
+      <tunable>net.link.tap.user_open</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Randomize PID's (see src/sys/kern/kern_fork.c: sysctl_kern_randompid())</descr>
+      <tunable>kern.randompid</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Disable CTRL+ALT+Delete reboot from keyboard.</descr>
+      <tunable>hw.syscons.kbd_reboot</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Enable TCP extended debugging</descr>
+      <tunable>net.inet.tcp.log_debug</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Set ICMP Limits</descr>
+      <tunable>net.inet.icmp.icmplim</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>TCP Offload Engine</descr>
+      <tunable>net.inet.tcp.tso</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>UDP Checksums</descr>
+      <tunable>net.inet.udp.checksum</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Maximum socket buffer size</descr>
+      <tunable>kern.ipc.maxsockbuf</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Page Table Isolation (Meltdown mitigation, requires reboot.)</descr>
+      <tunable>vm.pmap.pti</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Disable Indirect Branch Restricted Speculation (Spectre V2 mitigation)</descr>
+      <tunable>hw.ibrs_disable</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Hide processes running as other groups</descr>
+      <tunable>security.bsd.see_other_gids</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Hide processes running as other users</descr>
+      <tunable>security.bsd.see_other_uids</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Enable/disable sending of ICMP redirects in response to IP packets for which a better,
+        and for the sender directly reachable, route and next hop is known.
+      </descr>
+      <tunable>net.inet.ip.redirect</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Maximum outgoing UDP datagram size</descr>
+      <tunable>net.local.dgram.maxdgram</tunable>
+      <value>default</value>
+    </item>
+  </sysctl>
+  <system>
+    <optimization>normal</optimization>
+    <hostname>OPNsense</hostname>
+    <domain>localdomain</domain>
+    <dnsallowoverride>1</dnsallowoverride>
+    <group>
+      <name>admins</name>
+      <description>System Administrators</description>
+      <scope>system</scope>
+      <gid>1999</gid>
+      <member>0</member>
+      <priv>page-all</priv>
+    </group>
+    <user>
+      <name>root</name>
+      <descr>System Administrator</descr>
+      <scope>system</scope>
+      <groupname>admins</groupname>
+      <password>$2y$10$YRVoF4SgskIsrXOvOQjGieB9XqHPRra9R7d80B3BZdbY/j21TwBfS</password>
+      <uid>0</uid>
+    </user>
+    <nextuid>2000</nextuid>
+    <nextgid>2000</nextgid>
+    <timezone>Etc/UTC</timezone>
+    <timeservers>0.opnsense.pool.ntp.org 1.opnsense.pool.ntp.org 2.opnsense.pool.ntp.org 3.opnsense.pool.ntp.org</timeservers>
+    <webgui>
+      <protocol>https</protocol>
+      <ssl-certref>6734d6c82dc59</ssl-certref>
+      <port/>
+      <ssl-ciphers/>
+      <interfaces/>
+      <compression/>
+    </webgui>
+    <disablenatreflection>yes</disablenatreflection>
+    <usevirtualterminal>1</usevirtualterminal>
+    <disableconsolemenu>1</disableconsolemenu>
+    <disablevlanhwfilter>1</disablevlanhwfilter>
+    <disablechecksumoffloading>1</disablechecksumoffloading>
+    <disablesegmentationoffloading>1</disablesegmentationoffloading>
+    <disablelargereceiveoffloading>1</disablelargereceiveoffloading>
+    <ipv6allow>1</ipv6allow>
+    <powerd_ac_mode>hadp</powerd_ac_mode>
+    <powerd_battery_mode>hadp</powerd_battery_mode>
+    <powerd_normal_mode>hadp</powerd_normal_mode>
+    <bogons>
+      <interval>monthly</interval>
+    </bogons>
+    <pf_share_forward>1</pf_share_forward>
+    <lb_use_sticky>1</lb_use_sticky>
+    <ssh>
+      <group>admins</group>
+      <noauto>1</noauto>
+      <interfaces/>
+      <kex/>
+      <ciphers/>
+      <macs/>
+      <keys/>
+      <keysig/>
+      <enabled>enabled</enabled>
+      <passwordauth>1</passwordauth>
+      <permitrootlogin>1</permitrootlogin>
+    </ssh>
+    <rrdbackup>-1</rrdbackup>
+    <netflowbackup>-1</netflowbackup>
+    <firmware version="1.0.1">
+      <mirror/>
+      <flavour/>
+      <plugins/>
+      <type/>
+      <subscription/>
+      <reboot/>
+    </firmware>
+    <dnsserver>192.168.5.1</dnsserver>
+    <language>en_US</language>
+    <serialspeed>115200</serialspeed>
+    <primaryconsole>video</primaryconsole>
+    <secondaryconsole>serial</secondaryconsole>
+  </system>
+  <interfaces>
+    <lan>
+      <enable>1</enable>
+      <if>le1</if>
+      <ipaddr>10.100.8.1</ipaddr>
+      <subnet>24</subnet>
+      <ipaddrv6>track6</ipaddrv6>
+      <subnetv6>64</subnetv6>
+      <media/>
+      <mediaopt/>
+      <track6-interface>wan</track6-interface>
+      <track6-prefix-id>0</track6-prefix-id>
+    </lan>
+    <lo0>
+      <internal_dynamic>1</internal_dynamic>
+      <descr>Loopback</descr>
+      <enable>1</enable>
+      <if>lo0</if>
+      <ipaddr>127.0.0.1</ipaddr>
+      <ipaddrv6>::1</ipaddrv6>
+      <subnet>8</subnet>
+      <subnetv6>128</subnetv6>
+      <type>none</type>
+      <virtual>1</virtual>
+    </lo0>
+    <wan>
+      <if>le0</if>
+      <descr/>
+      <enable>1</enable>
+      <spoofmac/>
+      <ipaddr>dhcp</ipaddr>
+      <dhcphostname/>
+      <alias-address/>
+      <alias-subnet>32</alias-subnet>
+      <dhcprejectfrom/>
+      <adv_dhcp_pt_timeout/>
+      <adv_dhcp_pt_retry/>
+      <adv_dhcp_pt_select_timeout/>
+      <adv_dhcp_pt_reboot/>
+      <adv_dhcp_pt_backoff_cutoff/>
+      <adv_dhcp_pt_initial_interval/>
+      <adv_dhcp_pt_values>SavedCfg</adv_dhcp_pt_values>
+      <adv_dhcp_send_options/>
+      <adv_dhcp_request_options/>
+      <adv_dhcp_required_options/>
+      <adv_dhcp_option_modifiers/>
+      <adv_dhcp_config_advanced/>
+      <adv_dhcp_config_file_override/>
+      <adv_dhcp_config_file_override_path/>
+    </wan>
+  </interfaces>
+  <dhcpd>
+    <lan>
+      <enable/>
+      <range>
+        <from>10.100.8.10</from>
+        <to>10.100.8.245</to>
+      </range>
+      <staticmap>
+        <mac>d8:5e:d3:e7:2c:8c</mac>
+        <ipaddr>10.100.8.15</ipaddr>
+        <hostname>rtx4090</hostname>
+        <winsserver/>
+        <dnsserver/>
+        <ntpserver/>
+      </staticmap>
+    </lan>
+  </dhcpd>
+  <snmpd>
+    <syslocation/>
+    <syscontact/>
+    <rocommunity>public</rocommunity>
+  </snmpd>
+  <nat>
+    <outbound>
+      <mode>automatic</mode>
+    </outbound>
+  </nat>
+  <filter>
+    <rule uuid="f79eded0-3c11-4f57-9aaa-55d4888589fa">
+      <type>pass</type>
+      <interface>wan</interface>
+      <ipprotocol>inet</ipprotocol>
+      <statetype>keep state</statetype>
+      <direction>in</direction>
+      <quick>1</quick>
+      <protocol>tcp</protocol>
+      <source>
+        <any>1</any>
+      </source>
+      <destination>
+        <network>wanip</network>
+        <port>80</port>
+      </destination>
+      <updated>
+        <username>root@192.168.5.204</username>
+        <time>1731518072.7612</time>
+        <description>/firewall_rules_edit.php made changes</description>
+      </updated>
+      <created>
+        <username>root@192.168.5.204</username>
+        <time>1731518072.7612</time>
+        <description>/firewall_rules_edit.php made changes</description>
+      </created>
+    </rule>
+    <rule uuid="4a5e7b65-0d7f-4452-8a29-2ec61a47ec19">
+      <type>pass</type>
+      <interface>wan</interface>
+      <ipprotocol>inet</ipprotocol>
+      <statetype>keep state</statetype>
+      <direction>in</direction>
+      <quick>1</quick>
+      <protocol>tcp</protocol>
+      <source>
+        <any>1</any>
+      </source>
+      <destination>
+        <network>wanip</network>
+        <port>443</port>
+      </destination>
+      <updated>
+        <username>root@192.168.5.204</username>
+        <time>1731518084.0639</time>
+        <description>/firewall_rules_edit.php made changes</description>
+      </updated>
+      <created>
+        <username>root@192.168.5.204</username>
+        <time>1731518084.0639</time>
+        <description>/firewall_rules_edit.php made changes</description>
+      </created>
+    </rule>
+    <rule uuid="0465308d-8605-466c-bcb4-95eeb989251a">
+      <type>pass</type>
+      <interface>wan</interface>
+      <ipprotocol>inet</ipprotocol>
+      <statetype>keep state</statetype>
+      <direction>in</direction>
+      <quick>1</quick>
+      <protocol>tcp/udp</protocol>
+      <source>
+        <any>1</any>
+      </source>
+      <destination>
+        <any>1</any>
+        <port>22</port>
+      </destination>
+      <updated>
+        <username>root@192.168.5.204</username>
+        <time>1731518114.2801</time>
+        <description>/firewall_rules_edit.php made changes</description>
+      </updated>
+      <created>
+        <username>root@192.168.5.204</username>
+        <time>1731518114.2801</time>
+        <description>/firewall_rules_edit.php made changes</description>
+      </created>
+    </rule>
+    <rule uuid="2df05591-13e7-4d91-a1b8-d25e338ada5f">
+      <type>pass</type>
+      <interface>wan</interface>
+      <ipprotocol>inet</ipprotocol>
+      <statetype>keep state</statetype>
+      <descr>Allow ping</descr>
+      <direction>in</direction>
+      <quick>1</quick>
+      <protocol>icmp</protocol>
+      <source>
+        <any>1</any>
+      </source>
+      <destination>
+        <network>(self)</network>
+      </destination>
+      <updated>
+        <username>root@192.168.5.204</username>
+        <time>1731518356.7559</time>
+        <description>/firewall_rules_edit.php made changes</description>
+      </updated>
+      <created>
+        <username>root@192.168.5.204</username>
+        <time>1731518311.7033</time>
+        <description>/firewall_rules_edit.php made changes</description>
+      </created>
+    </rule>
+    <rule uuid="f2ee612c-c290-4445-8045-df82a86db0e5">
+      <type>pass</type>
+      <ipprotocol>inet</ipprotocol>
+      <descr>Default allow LAN to any rule</descr>
+      <interface>lan</interface>
+      <source>
+        <network>lan</network>
+      </source>
+      <destination>
+        <any/>
+      </destination>
+    </rule>
+    <rule uuid="b21f808a-6a4a-4cd6-9a83-1660cc8ea58b">
+      <type>pass</type>
+      <ipprotocol>inet6</ipprotocol>
+      <descr>Default allow LAN IPv6 to any rule</descr>
+      <interface>lan</interface>
+      <source>
+        <network>lan</network>
+      </source>
+      <destination>
+        <any/>
+      </destination>
+    </rule>
+  </filter>
+  <rrd>
+    <enable/>
+  </rrd>
+  <ntpd>
+    <prefer>0.opnsense.pool.ntp.org</prefer>
+  </ntpd>
+  <widgets>
+    <sequence>system_information-container:00000000-col3:show,services_status-container:00000001-col4:show,gateways-container:00000002-col4:show,interface_list-container:00000003-col4:show</sequence>
+    <column_count>2</column_count>
+  </widgets>
+  <revision>
+    <username>root@192.168.5.204</username>
+    <time>1731534516.7156</time>
+    <description>/interfaces.php made changes</description>
+  </revision>
+  <OPNsense>
+    <DHCRelay version="1.0.1"/>
+    <wireguard>
+      <client version="1.0.0">
+        <clients/>
+      </client>
+      <general version="0.0.1">
+        <enabled>0</enabled>
+      </general>
+      <server version="1.0.0">
+        <servers/>
+      </server>
+    </wireguard>
+    <IPsec version="1.0.1">
+      <general>
+        <enabled/>
+      </general>
+      <keyPairs/>
+      <preSharedKeys/>
+    </IPsec>
+    <Swanctl version="1.0.0">
+      <Connections/>
+      <locals/>
+      <remotes/>
+      <children/>
+      <Pools/>
+      <VTIs/>
+      <SPDs/>
+    </Swanctl>
+    <OpenVPNExport version="0.0.1">
+      <servers/>
+    </OpenVPNExport>
+    <OpenVPN version="1.0.0">
+      <Overwrites/>
+      <Instances/>
+      <StaticKeys/>
+    </OpenVPN>
+    <captiveportal version="1.0.2">
+      <zones/>
+      <templates/>
+    </captiveportal>
+    <cron version="1.0.4">
+      <jobs/>
+    </cron>
+    <Firewall>
+      <Lvtemplate version="0.0.1">
+        <templates/>
+      </Lvtemplate>
+      <Alias version="1.0.1">
+        <geoip>
+          <url/>
+        </geoip>
+        <aliases/>
+      </Alias>
+      <Category version="1.0.0">
+        <categories/>
+      </Category>
+      <Filter version="1.0.4">
+        <rules/>
+        <snatrules/>
+        <npt/>
+        <onetoone/>
+      </Filter>
+    </Firewall>
+    <Netflow version="1.0.1">
+      <capture>
+        <interfaces/>
+        <egress_only/>
+        <version>v9</version>
+        <targets/>
+      </capture>
+      <collect>
+        <enable>0</enable>
+      </collect>
+      <activeTimeout>1800</activeTimeout>
+      <inactiveTimeout>15</inactiveTimeout>
+    </Netflow>
+    <IDS version="1.0.9">
+      <rules/>
+      <policies/>
+      <userDefinedRules/>
+      <files/>
+      <fileTags/>
+      <general>
+        <enabled>0</enabled>
+        <ips>0</ips>
+        <promisc>0</promisc>
+        <interfaces>wan</interfaces>
+        <homenet>192.168.0.0/16,10.0.0.0/8,172.16.0.0/12</homenet>
+        <defaultPacketSize/>
+        <UpdateCron/>
+        <AlertLogrotate>W0D23</AlertLogrotate>
+        <AlertSaveLogs>4</AlertSaveLogs>
+        <MPMAlgo/>
+        <detect>
+          <Profile/>
+          <toclient_groups/>
+          <toserver_groups/>
+        </detect>
+        <syslog>0</syslog>
+        <syslog_eve>0</syslog_eve>
+        <LogPayload>0</LogPayload>
+        <verbosity/>
+      </general>
+    </IDS>
+    <Interfaces>
+      <loopbacks version="1.0.0"/>
+      <neighbors version="1.0.0"/>
+      <vxlans version="1.0.2"/>
+    </Interfaces>
+    <Kea>
+      <ctrl_agent version="0.0.1">
+        <general>
+          <enabled>0</enabled>
+          <http_host>127.0.0.1</http_host>
+          <http_port>8000</http_port>
+        </general>
+      </ctrl_agent>
+      <dhcp4 version="1.0.0">
+        <general>
+          <enabled>0</enabled>
+          <interfaces/>
+          <valid_lifetime>4000</valid_lifetime>
+          <fwrules>1</fwrules>
+        </general>
+        <ha>
+          <enabled>0</enabled>
+          <this_server_name/>
+        </ha>
+        <subnets/>
+        <reservations/>
+        <ha_peers/>
+      </dhcp4>
+    </Kea>
+    <monit version="1.0.13">
+      <general>
+        <enabled>0</enabled>
+        <interval>120</interval>
+        <startdelay>120</startdelay>
+        <mailserver>127.0.0.1</mailserver>
+        <port>25</port>
+        <username/>
+        <password/>
+        <ssl>0</ssl>
+        <sslversion>auto</sslversion>
+        <sslverify>1</sslverify>
+        <logfile/>
+        <statefile/>
+        <eventqueuePath/>
+        <eventqueueSlots/>
+        <httpdEnabled>0</httpdEnabled>
+        <httpdUsername>root</httpdUsername>
+        <httpdPassword/>
+        <httpdPort>2812</httpdPort>
+        <httpdAllow/>
+        <mmonitUrl/>
+        <mmonitTimeout>5</mmonitTimeout>
+        <mmonitRegisterCredentials>1</mmonitRegisterCredentials>
+      </general>
+      <alert uuid="15f1e9ca-5dd5-4b20-b595-b6b4f82245d0">
+        <enabled>0</enabled>
+        <recipient>root@localhost.local</recipient>
+        <noton>0</noton>
+        <events/>
+        <format/>
+        <reminder/>
+        <description/>
+      </alert>
+      <service uuid="c1e99556-91f5-4dbf-81d7-7915a3213de9">
+        <enabled>1</enabled>
+        <name>$HOST</name>
+        <description/>
+        <type>system</type>
+        <pidfile/>
+        <match/>
+        <path/>
+        <timeout>300</timeout>
+        <starttimeout>30</starttimeout>
+        <address/>
+        <interface/>
+        <start/>
+        <stop/>
+        <tests>91b4e409-211b-49d5-9fa3-dc9054106646,cbe9cb72-e8c2-4740-990c-abcc486b0654,c0708923-88de-4178-abdd-819737440ce0,e887125d-c5d2-45e6-b40d-2c400d5449d1</tests>
+        <depends/>
+        <polltime/>
+      </service>
+      <service uuid="7513f341-7d21-4f11-903f-30d07b3aa41e">
+        <enabled>1</enabled>
+        <name>RootFs</name>
+        <description/>
+        <type>filesystem</type>
+        <pidfile/>
+        <match/>
+        <path>/</path>
+        <timeout>300</timeout>
+        <starttimeout>30</starttimeout>
+        <address/>
+        <interface/>
+        <start/>
+        <stop/>
+        <tests>cc3684f2-701e-4de4-883d-803e08cf47b6</tests>
+        <depends/>
+        <polltime/>
+      </service>
+      <service uuid="f99ada79-ba1a-4ee1-81f1-ef570e8e5ea9">
+        <enabled>0</enabled>
+        <name>carp_status_change</name>
+        <description/>
+        <type>custom</type>
+        <pidfile/>
+        <match/>
+        <path>/usr/local/opnsense/scripts/OPNsense/Monit/carp_status</path>
+        <timeout>300</timeout>
+        <starttimeout>30</starttimeout>
+        <address/>
+        <interface/>
+        <start/>
+        <stop/>
+        <tests>f2d734cb-2a0e-4375-9460-11bdd5b20503</tests>
+        <depends/>
+        <polltime/>
+      </service>
+      <service uuid="dca8a81f-d389-4baa-b477-8b348194fd25">
+        <enabled>0</enabled>
+        <name>gateway_alert</name>
+        <description/>
+        <type>custom</type>
+        <pidfile/>
+        <match/>
+        <path>/usr/local/opnsense/scripts/OPNsense/Monit/gateway_alert</path>
+        <timeout>300</timeout>
+        <starttimeout>30</starttimeout>
+        <address/>
+        <interface/>
+        <start/>
+        <stop/>
+        <tests>865105a2-cbea-4a01-9979-c67818da9d99</tests>
+        <depends/>
+        <polltime/>
+      </service>
+      <test uuid="ea6b821c-4f30-455b-bd5b-23a6f0c20554">
+        <name>Ping</name>
+        <type>NetworkPing</type>
+        <condition>failed ping</condition>
+        <action>alert</action>
+        <path/>
+      </test>
+      <test uuid="16186b38-0e13-4cc3-ad18-ccc3fcc91837">
+        <name>NetworkLink</name>
+        <type>NetworkInterface</type>
+        <condition>failed link</condition>
+        <action>alert</action>
+        <path/>
+      </test>
+      <test uuid="69117d4d-8c41-4712-97c0-87b4fa7c9837">
+        <name>NetworkSaturation</name>
+        <type>NetworkInterface</type>
+        <condition>saturation is greater than 75%</condition>
+        <action>alert</action>
+        <path/>
+      </test>
+      <test uuid="91b4e409-211b-49d5-9fa3-dc9054106646">
+        <name>MemoryUsage</name>
+        <type>SystemResource</type>
+        <condition>memory usage is greater than 75%</condition>
+        <action>alert</action>
+        <path/>
+      </test>
+      <test uuid="cbe9cb72-e8c2-4740-990c-abcc486b0654">
+        <name>CPUUsage</name>
+        <type>SystemResource</type>
+        <condition>cpu usage is greater than 75%</condition>
+        <action>alert</action>
+        <path/>
+      </test>
+      <test uuid="c0708923-88de-4178-abdd-819737440ce0">
+        <name>LoadAvg1</name>
+        <type>SystemResource</type>
+        <condition>loadavg (1min) is greater than 4</condition>
+        <action>alert</action>
+        <path/>
+      </test>
+      <test uuid="e887125d-c5d2-45e6-b40d-2c400d5449d1">
+        <name>LoadAvg5</name>
+        <type>SystemResource</type>
+        <condition>loadavg (5min) is greater than 3</condition>
+        <action>alert</action>
+        <path/>
+      </test>
+      <test uuid="c34aab30-9194-4667-b516-004b9c90c1c0">
+        <name>LoadAvg15</name>
+        <type>SystemResource</type>
+        <condition>loadavg (15min) is greater than 2</condition>
+        <action>alert</action>
+        <path/>
+      </test>
+      <test uuid="cc3684f2-701e-4de4-883d-803e08cf47b6">
+        <name>SpaceUsage</name>
+        <type>SpaceUsage</type>
+        <condition>space usage is greater than 75%</condition>
+        <action>alert</action>
+        <path/>
+      </test>
+      <test uuid="f2d734cb-2a0e-4375-9460-11bdd5b20503">
+        <name>ChangedStatus</name>
+        <type>ProgramStatus</type>
+        <condition>changed status</condition>
+        <action>alert</action>
+        <path/>
+      </test>
+      <test uuid="865105a2-cbea-4a01-9979-c67818da9d99">
+        <name>NonZeroStatus</name>
+        <type>ProgramStatus</type>
+        <condition>status != 0</condition>
+        <action>alert</action>
+        <path/>
+      </test>
+    </monit>
+    <Gateways version="1.0.0">
+      <gateway_item uuid="a6ea102d-68bb-430f-af8b-269d52498fe1">
+        <disabled>0</disabled>
+        <name>WAN_GW</name>
+        <descr>Interface WAN Gateway</descr>
+        <interface>wan</interface>
+        <ipprotocol>inet</ipprotocol>
+        <gateway>172.17.0.1</gateway>
+        <defaultgw>1</defaultgw>
+        <fargw>0</fargw>
+        <monitor_disable>1</monitor_disable>
+        <monitor_noroute/>
+        <monitor/>
+        <force_down/>
+        <priority>255</priority>
+        <weight>1</weight>
+        <latencylow/>
+        <latencyhigh/>
+        <losslow/>
+        <losshigh/>
+        <interval/>
+        <time_period/>
+        <loss_interval/>
+        <data_length/>
+      </gateway_item>
+    </Gateways>
+    <Syslog version="1.0.2">
+      <general>
+        <enabled>1</enabled>
+        <loglocal>1</loglocal>
+        <maxpreserve>31</maxpreserve>
+        <maxfilesize/>
+      </general>
+      <destinations/>
+    </Syslog>
+    <TrafficShaper version="1.0.3">
+      <pipes/>
+      <queues/>
+      <rules/>
+    </TrafficShaper>
+    <unboundplus version="1.0.9">
+      <general>
+        <enabled>1</enabled>
+        <port>53</port>
+        <stats/>
+        <active_interface/>
+        <dns64/>
+        <dns64prefix/>
+        <noarecords/>
+        <regdhcp/>
+        <regdhcpdomain/>
+        <regdhcpstatic/>
+        <noreglladdr6/>
+        <noregrecords/>
+        <txtsupport/>
+        <cacheflush/>
+        <local_zone_type>transparent</local_zone_type>
+        <outgoing_interface/>
+        <enable_wpad/>
+      </general>
+      <advanced>
+        <hideidentity/>
+        <hideversion/>
+        <prefetch/>
+        <prefetchkey/>
+        <aggressivensec>1</aggressivensec>
+        <serveexpired/>
+        <serveexpiredreplyttl/>
+        <serveexpiredttl/>
+        <serveexpiredttlreset/>
+        <serveexpiredclienttimeout/>
+        <qnameminstrict/>
+        <extendedstatistics/>
+        <logqueries/>
+        <logreplies/>
+        <logtagqueryreply/>
+        <logservfail/>
+        <loglocalactions/>
+        <logverbosity>1</logverbosity>
+        <valloglevel>0</valloglevel>
+        <privatedomain/>
+        <privateaddress>0.0.0.0/8,10.0.0.0/8,100.64.0.0/10,169.254.0.0/16,172.16.0.0/12,192.0.2.0/24,192.168.0.0/16,198.18.0.0/15,198.51.100.0/24,203.0.113.0/24,233.252.0.0/24,::1/128,2001:db8::/32,fc00::/8,fd00::/8,fe80::/10</privateaddress>
+        <insecuredomain/>
+        <msgcachesize/>
+        <rrsetcachesize/>
+        <outgoingnumtcp/>
+        <incomingnumtcp/>
+        <numqueriesperthread/>
+        <outgoingrange/>
+        <jostletimeout/>
+        <cachemaxttl/>
+        <cachemaxnegativettl/>
+        <cacheminttl/>
+        <infrahostttl/>
+        <infrakeepprobing/>
+        <infracachenumhosts/>
+        <unwantedreplythreshold/>
+      </advanced>
+      <acls>
+        <default_action>allow</default_action>
+      </acls>
+      <dnsbl>
+        <enabled>0</enabled>
+        <safesearch/>
+        <type/>
+        <lists/>
+        <whitelists/>
+        <blocklists/>
+        <wildcards/>
+        <address/>
+        <nxdomain/>
+      </dnsbl>
+      <forwarding>
+        <enabled/>
+      </forwarding>
+      <dots/>
+      <hosts/>
+      <aliases/>
+      <domains/>
+    </unboundplus>
+  </OPNsense>
+  <hasync version="1.0.0">
+    <disablepreempt>0</disablepreempt>
+    <disconnectppps>0</disconnectppps>
+    <pfsyncenabled>0</pfsyncenabled>
+    <pfsyncinterface>lan</pfsyncinterface>
+    <pfsyncpeerip/>
+    <pfsyncversion>1400</pfsyncversion>
+    <synchronizetoip/>
+    <username/>
+    <password/>
+    <syncitems/>
+  </hasync>
+  <openvpn/>
+  <ifgroups version="1.0.0"/>
+  <gifs version="1.0.0">
+    <gif/>
+  </gifs>
+  <gres version="1.0.0">
+    <gre/>
+  </gres>
+  <laggs version="1.0.0">
+    <lagg/>
+  </laggs>
+  <virtualip version="1.0.0">
+    <vip/>
+  </virtualip>
+  <vlans version="1.0.0">
+    <vlan/>
+  </vlans>
+  <staticroutes version="1.0.0">
+    <route/>
+  </staticroutes>
+  <bridges>
+    <bridged/>
+  </bridges>
+  <ppps>
+    <ppp/>
+  </ppps>
+  <wireless>
+    <clone/>
+  </wireless>
+  <ca/>
+  <dhcpdv6/>
+  <cert uuid="547102e9-23ba-48b8-8af8-64be61049e96">
+    <refid>6734d13fa9e4a</refid>
+    <descr>Web GUI TLS certificate</descr>
+    <caref/>
+    <crt>LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUhIakNDQlFhZ0F3SUJBZ0lVSUhVRkpwc253VGtzYWRrZmRDNUp1SDhqWnZNd0RRWUpLb1pJaHZjTkFRRUwKQlFBd2dZa3hIVEFiQmdOVkJBTU1GRTlRVG5ObGJuTmxMbXh2WTJGc1pHOXRZV2x1TVFzd0NRWURWUVFHRXdKTwpUREVWTUJNR0ExVUVDQXdNV25WcFpDMUliMnhzWVc1a01SVXdFd1lEVlFRSERBeE5hV1JrWld4b1lYSnVhWE14CkxUQXJCZ05WQkFvTUpFOVFUbk5sYm5ObElITmxiR1l0YzJsbmJtVmtJSGRsWWlCalpYSjBhV1pwWTJGMFpUQWUKRncweU5ERXhNVE14TmpFNE1EbGFGdzB5TlRFeU1UVXhOakU0TURsYU1JR0pNUjB3R3dZRFZRUUREQlJQVUU1egpaVzV6WlM1c2IyTmhiR1J2YldGcGJqRUxNQWtHQTFVRUJoTUNUa3d4RlRBVEJnTlZCQWdNREZwMWFXUXRTRzlzCmJHRnVaREVWTUJNR0ExVUVCd3dNVFdsa1pHVnNhR0Z5Ym1sek1TMHdLd1lEVlFRS0RDUlBVRTV6Wlc1elpTQnoKWld4bUxYTnBaMjVsWkNCM1pXSWdZMlZ5ZEdsbWFXTmhkR1V3Z2dJaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQwpEd0F3Z2dJS0FvSUNBUURKU1FlZ1RYckp5dDVWYmk0Rk9IeHJrOXhxQ21FRU54V2pINVVwNDBFK3hjUzZQU1NyCkNEclc3ZDlYcVJkOEpEZENtdGtLRGlMYWNaUzJMUm1abnd6VnRzZGtBR2pOYm5OM1hSNmlFajdGL0JnbVBlcDEKU2pJWnBTZzNkOS9YeHFPQTNZQllzTS9uUk9vWHlmTHcycFJOLzhHVjN3MHoxbVFZUitMZWI3UTFuc1c3dTJ5NworVHc5STZGU0J4bkdaR3RyUFl5NkVBb0NMdm1GQnFCYWxkWTQ2ejdlWjlIRkZXaE8ybWpaUzVPdTE3ZVozVHBxCnBRTVB1T2JxV3FyaE0xdjVjdmJodU5kREhNZ3ZVVFVnQ0RNK2FkS3dIc0dNNGw5ZGtOQTgxdGlJcXpzN1BqcjEKUm0wMlVuUXRneW8zY3hPRXVsYk9nU0hsdGhTMmtUMXE2UmhyemYvRGRJSEhta1RROGtwWVloWGc0VmpMQVdpSQpQbm9ncnZsRUlWMERhQ3ZEMjZiRkRDbVkxc29FbDV1NGtYanJScDRXK29NUVRHeG80NzFMQnNBMlh1Si82ZFJBCkJMVzh4dXBFODhEYmlrWW51NVdQaUp6ZXh4UVIyNU1FQVd6TCtKK0lubFExbmpMVWwyN3R0c1VQQ1VjL3c0NXoKcHBERHYwZnU0Nnp1S3EzY0VWRitiREsrQWdlT0Q2SXNzUjVRRTdFNVdkWjYrNWl6ZHB4eWdUeGh0L1k1RlBkSApHQjlCbDFrejR4bHRhczlvbmZrSDFkVHk3dzFNck43Z1l5WjgvS0pMWW9EY2NBOVFuNGt6bGtPeFVUMENuS1ExCmtWNk90aFRsVFgzK2duaUpJK3RXWUQ5bTRldXNzYWN1anpyWDl5TTNZcEloMnZqODJ0NHpPNjIrNFFJREFRQUIKbzRJQmVqQ0NBWFl3Q1FZRFZSMFRCQUl3QURBUkJnbGdoa2dCaHZoQ0FRRUVCQU1DQmtBd05BWUpZSVpJQVliNApRZ0VOQkNjV0pVOVFUbk5sYm5ObElFZGxibVZ5WVhSbFpDQlRaWEoyWlhJZ1EyVnlkR2xtYVdOaGRHVXdIUVlEClZSME9CQllFRkJRZytucWI5QW9HSWtoTUxhNHFzWGRvY0JGcE1JR3pCZ05WSFNNRWdhc3dnYWloZ1kra2dZd3cKZ1lreEhUQWJCZ05WQkFNTUZFOVFUbk5sYm5ObExteHZZMkZzWkc5dFlXbHVNUXN3Q1FZRFZRUUdFd0pPVERFVgpNQk1HQTFVRUNBd01XblZwWkMxSWIyeHNZVzVrTVJVd0V3WURWUVFIREF4TmFXUmtaV3hvWVhKdWFYTXhMVEFyCkJnTlZCQW9NSkU5UVRuTmxibk5sSUhObGJHWXRjMmxuYm1Wa0lIZGxZaUJqWlhKMGFXWnBZMkYwWllJVUlIVUYKSnBzbndUa3NhZGtmZEM1SnVIOGpadk13SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQ0FJQwpNQXNHQTFVZER3UUVBd0lGb0RBZkJnTlZIUkVFR0RBV2doUlBVRTV6Wlc1elpTNXNiMk5oYkdSdmJXRnBiakFOCkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQUZqNlQ1MmRIUklVMHJuZDE0d2dob2tjUkdrK0hIQloyTGlDRHpUeUwKNHdCeTJ1ZXJXQWdvYUZzeUlNQzhwWTBhWlc4TFlSd1BtRVB0OXlUS09ZZzF0NWtOUnk2RkF5akszeis5TGZTQwoxRlFpb0pma3FHRnhoc1IxV1R5RjBGNmJmM2tZRDZ4OWw1dEdqMXF3SndrekZWZWcvZGNtUVhvRTBmUDRqSFFvCmgxWXdiZ3pTa084TzRLUVhuWXVRM3g0bWdoZnBvR0hQM2xINlcybDJlWHpqSzllRjJtUG1ZS0p1M3JpSnkvL3gKRzhQWXBYNlNTN3RoVnNNeHF3cGJHbURXQXRuSnNrSmVsNDI1WUdOYlZ4YTNPOHE3RWxLNGFoNXpmai8wRnVwTgo3SnlqMWQyZjZFck14WlFnUi9EdmlUVnhISytRY1lBRXBqU2ZmZzBrRStpS1BlN0VYTVk1VU1aZUFTK1ZteG1LCjBPOWxaQXNpWUlEMzkwVjNTaDZxYjhoL2xMZ0V2NCtSNUw1VEpFaldYc0dQSUpGaHJNSFJWR1lhV3JIYWx3eHYKNjE5NFlpSXBEaUlHSVVSWGN1U3dNcndIQzN0bms2QVo2OW5CczVXT1JYM0NxOVhRRnVrVlA5eUMxQnRuSmFwbQpubUMzK3NtTTErRjkxUXlkVXJtbUxPNUVwUmtTMitBcmRTSklUR1NRNWt4L3VLNjhzV0QzVVdNNVRibUxrcWdOCkt6djZjemVCbzJiVExDT0JKUWJ4STFCckRPTUFMSDlCdXdUamVXdUVtWE9TWE1lTDFsejdhL2JZKzJxa1BSOVAKTE5IekE2QXZlVmxucDNaeFdqMjZFK3dwYnU5cHBaY0QzRGVHRnRnZzVJbUJ2ZDNWbjJ6UVc4a1ZMT1ZBdllSawptdWc9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K</crt>
+    <csr/>
+    <prv>LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUpSQUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQ1M0d2dna3FBZ0VBQW9JQ0FRREpTUWVnVFhySnl0NVYKYmk0Rk9IeHJrOXhxQ21FRU54V2pINVVwNDBFK3hjUzZQU1NyQ0RyVzdkOVhxUmQ4SkRkQ210a0tEaUxhY1pTMgpMUm1abnd6VnRzZGtBR2pOYm5OM1hSNmlFajdGL0JnbVBlcDFTaklacFNnM2Q5L1h4cU9BM1lCWXNNL25ST29YCnlmTHcycFJOLzhHVjN3MHoxbVFZUitMZWI3UTFuc1c3dTJ5NytUdzlJNkZTQnhuR1pHdHJQWXk2RUFvQ0x2bUYKQnFCYWxkWTQ2ejdlWjlIRkZXaE8ybWpaUzVPdTE3ZVozVHBxcFFNUHVPYnFXcXJoTTF2NWN2Ymh1TmRESE1ndgpVVFVnQ0RNK2FkS3dIc0dNNGw5ZGtOQTgxdGlJcXpzN1BqcjFSbTAyVW5RdGd5bzNjeE9FdWxiT2dTSGx0aFMyCmtUMXE2UmhyemYvRGRJSEhta1RROGtwWVloWGc0VmpMQVdpSVBub2dydmxFSVYwRGFDdkQyNmJGRENtWTFzb0UKbDV1NGtYanJScDRXK29NUVRHeG80NzFMQnNBMlh1Si82ZFJBQkxXOHh1cEU4OERiaWtZbnU1V1BpSnpleHhRUgoyNU1FQVd6TCtKK0lubFExbmpMVWwyN3R0c1VQQ1VjL3c0NXpwcEREdjBmdTQ2enVLcTNjRVZGK2JESytBZ2VPCkQ2SXNzUjVRRTdFNVdkWjYrNWl6ZHB4eWdUeGh0L1k1RlBkSEdCOUJsMWt6NHhsdGFzOW9uZmtIMWRUeTd3MU0Kck43Z1l5WjgvS0pMWW9EY2NBOVFuNGt6bGtPeFVUMENuS1Exa1Y2T3RoVGxUWDMrZ25pSkkrdFdZRDltNGV1cwpzYWN1anpyWDl5TTNZcEloMnZqODJ0NHpPNjIrNFFJREFRQUJBb0lDQUNPNnZpc1BIY3pzb1NjK2dkWkU1dGNNCnZkc240UDFIenVRd0VzRUcrVG1zanVWMVBZbExrbkE4OU1DQmdDejEyOFpMcU51ZlUwSDkxK1Uzbjd2MGJ1bVAKd3BpR2R4UUNOMlpZaGZ2RWE5YW1qMTNZYjBJbks3b0FKbUdrT254NW91UFl6YlBRblBNRE9WK0VKa2JwTWRxZgptOHdmOWg2OXYzSk03bUZJS0UrOVVZR252UjhuMkhETTNwR3FONEhQS1A4MkE0RXlvQ2d2a1BTelRxc052bU5ICnBOY0RURW5rNlNsWUhUVDNOSzJjVnBldUhMUzUrazlqNWI5elhUSlE5TkpVZlN6bnEvUmFpMUZVNDY1K0xpUjEKMGVPWDdnajFWUExOcGgwcWtQQy9ubW0vZStVMmZXUGZZb2FDcWkrQ0VwU2twQXlQZ1FZZTJsSG0rYVU4MzZ2UQpuaHZuL0p5ZHJDL1NyTUFZaXpOZFYyZjlHTkNwcE1SbUZyOS9saVJiNEFpSzRLSDRETGdSRUxHaDJLNzJuOFRLCkxUSVhIV3RacisyMWU4c0Mxbm5MSENnK21wMHBvSWJsbEtoYk9VTmVxR09yWm95NFBXdDZMQndFYzN0MG1wVEMKODhiSUpqMzFCQngzTGE1SUE5b0FNRi9lbHJYdFhhVnl4bm5yTHdjYzFNVWpCV20rZDVqbC9WOEdIcEJRd3pXYwpPNWdNSXlQNUIvdzBacUcyZjV1akZkOHo4dElmcEFRRTJSbDNxRUFYNU1NY1JQaFlTNDJqTWl4czc3TmtOVldQCkpqUVoxVDVXQTVKOUxEL2FKRkplQ2MvbjhpNldOQ3FzdEQ5OVNPTCsrTTBFQTlka2lLNWtOcXFZeXZuRG9SZVcKSW84eXhvVnpObURsWjBkSU9UUzlBb0lCQVFEb2tvMWxPS05FNlBWWmRRU3lmS0JOTEZNcEl1V1VVZmp0ODU4awpJTTB0TnNyS0d2N3NmYkt0dlMvOWgwMGluU2FyWTJ4amVETG91WEI5VzdKY1B1NjRoNHYwek1lbXRhdDRyTUJnClA5bkQ3MW00dERqS2ZrZDAza2tUbk4ySTBxYkwzeFVoTjNEQlJZTU9veDFMa2M4MFFFMHhSUEM1YmRJaXcwemEKTWdtK1dOZVY1VEZoSkpQZ2dVRVo5U1A2aWV1VEY0OW9wRGNWdGUwQ0I0WnFUaTRWb3YvZFVDWGpNK0djRnNWdgpPWTZYTE9KTmRldHdnUVNkd1hlSzB1WlBpWnVKTGlsTEg4OFVKYWNoQThDZW1SclMxRUtxWElwK2dkQWV4MnhVCmY5amRMMGF2SlJEY0xqWlhETXBvWlJpc0JoWVArZzY3VHZza3FscDh4M2p2STlWVkFvSUJBUURkajZrdWNLM0MKYXprMzlqYllvM3RFZ0R5L2VGNnBjWFlpK21Ba1ZNRk9vSWJ5cmNyN3BqSnRMNFMyMEFDRmpBUGFQT042dWVVWQpQQm92dC9QODB1V1c5cGZCK29mRmdadzRqc3hLWFY4eEJmOVdLWVZndFBsOHhIL1RJcERTMjhVTlowNDlhUW4vCjlCRzNac0lyenk3RzFLRTZPLzBMMnVmMnFyaUxxRFQyV3dsdFVsbWs2Ym5NeThkR0sra1JLcFhvSm1RTlNHRHoKOXd4blU2ZmZ1NDdDLzRYMHRIVk1MVFVneFh4djdqN3BpSzI4dzBuZ1N5S3ozV0IzWTJwaFVsZEJIdEprQko1RQpoRm8zMXJCVDU5enhkb2crYXh1bkh4S3EySGFHRkt0ZUZ6RGpkTTFpQzE3bWNtWXBzR2tuenA0cjRjZm5FYTFSCko4Wmo5ZVFQaEVOZEFvSUJBUUN3d2hsbXNkb2MySFVJVFZDSm13QjJSdGJaYitWT2lkS0lmdDBYcHpwcFA3aDIKVEhndEl3ZDIxayt2LzNJWGVaclhMWlJHTVNkNEN1QTgxa0ZEckt6Z1lGeDFiR0hkQ1R2T1ZuVkxjWnUvTjUxWQpMTmp3eFhMbmxyMnhnMG8zMytuWERyQlBjNFJsejcvZ2t3WUQxa2pGckkwK2dlZjI5a2w4RkRUSHJMb05DaGFuCm5PNmZweDRneGZ2Rmo3T05pZDhhQnhEK2RiaEw3dDIzNmlJMWp6K2xRQ0g0Z1I2YWhHYldxOVBZU2NWZWprVmMKbTkrWnZPVFdSU0RteUkwMExDQ2k3UXVEUmlTcmFrYVFaL3F3VHlxOHk0ZnpWS3dKby8yYU52VFZiK2xSaWNuTgorWHpMNnU5dno0L1NNZXZEYWtqQVVjdDZmbmVQa1UxK2dsZ2VZSHlWQW9JQkFRRFJtYW0wVEZhbFdXaHMvNWtOClEwTkhINFhZb1JmMGRta0xXQStCNzBoY2lOS0JYRlp0ME9GZGw1bVdsSm9adk1hY1BBUDd3MGJ1c1ZVWWxZN1YKTy9LRTZVM1I3WjlxQWw1Mnh1aU81Vnc3ZFhBRDVBM1EyZ1EzdTNFdG5VS2lwOVA0QlNYb1JLbDRJVDV0WVdJSgpyZHVUciszQ3VLT0FCcHh4Snpxa3JBRkdtZ01HRCtUTWRXd1hTU1NBeHVPYklNMW1MSU4wYVdlSEJNMFFKdnptClZIb1BFVXA1b0FwamdWVUVacTk4K0VjK0NOWkxmL2d3bndQNllsQnpRWEtQRlNXRWJwTWNtWjNjTmRWZmc5T1YKM1FDUTBkQzhNL21hRlhSRWVibE95TmtCanpEcHpVTExJUFNyVDhoRVlpWm95VGVyVGRJZVVBUEZoYnBTTUhtTApFRlhsQW9JQkFRQ0VUdVJQRHZvMC9tdDhyTzhLNENsamtuU0gxZ1FBSjFha3U3UXg3NUJUTDB6OWRNY2lMK1JLCng1R1lFTW1wcUtNb2FPbWc0WFVRMVRlQ2Vic1R0NjMyWXp6cmNCU0d1RzVnN1o0UUVublUzRXU5QklIMUVSL2gKSEk0NWowU0xNRUpObkNiTkpnRVNRRUFCbzN3cHhrRTdiRGlNdTVPOXVqMlFRVTlTTm94QkFmbVFXRDJJaU1BRQpWYzV3QTNZajBMdElSYkJmdzNBTE9uNlRSc2xucy9JMnd2Z1RCQW9sU3NZbEtEK0NRY3hDZldlNmZwU21aYmlCClBGUE9DY1ZQTXhGeXBhZWFJMkRXNWRPNFNoNGQ0ZlZma2F3ck9LN1N2QnFZb0Y5L2VndThzQS9ZdklaRVltQUQKd0ZIOGs1QjJ4WXdiNkVmNmFFQ29ZTitsNWtlWmhNWTgKLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo=</prv>
+  </cert>
+  <cert uuid="cad18e13-92c5-48b6-9b44-ad2e5dcc799e">
+    <refid>6734d6c82dc59</refid>
+    <descr>Web GUI TLS certificate</descr>
+    <caref/>
+    <crt>LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUhIakNDQlFhZ0F3SUJBZ0lVZkNETXpFclQ4dlVoenJaTVJta3JiT3dnSUdNd0RRWUpLb1pJaHZjTkFRRUwKQlFBd2dZa3hIVEFiQmdOVkJBTU1GRTlRVG5ObGJuTmxMbXh2WTJGc1pHOXRZV2x1TVFzd0NRWURWUVFHRXdKTwpUREVWTUJNR0ExVUVDQXdNV25WcFpDMUliMnhzWVc1a01SVXdFd1lEVlFRSERBeE5hV1JrWld4b1lYSnVhWE14CkxUQXJCZ05WQkFvTUpFOVFUbk5sYm5ObElITmxiR1l0YzJsbmJtVmtJSGRsWWlCalpYSjBhV1pwWTJGMFpUQWUKRncweU5ERXhNVE14TmpReE5EVmFGdzB5TlRFeU1UVXhOalF4TkRWYU1JR0pNUjB3R3dZRFZRUUREQlJQVUU1egpaVzV6WlM1c2IyTmhiR1J2YldGcGJqRUxNQWtHQTFVRUJoTUNUa3d4RlRBVEJnTlZCQWdNREZwMWFXUXRTRzlzCmJHRnVaREVWTUJNR0ExVUVCd3dNVFdsa1pHVnNhR0Z5Ym1sek1TMHdLd1lEVlFRS0RDUlBVRTV6Wlc1elpTQnoKWld4bUxYTnBaMjVsWkNCM1pXSWdZMlZ5ZEdsbWFXTmhkR1V3Z2dJaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQwpEd0F3Z2dJS0FvSUNBUURMc0xEbjRta1R4RXJYdHdqTXoxencyeHJhNTZ5bTYrYzlRNEM3UjMyMzVuWjVPM1ovCnczL2tNV2Y5L25GbGpnMkFXWERJSmNXZjk0NFJFblFMdmlha2NNTHR1Qm1KTVRYZnVQWnhsSWE4Wlc0S0ZuT20KVFM0WXFCVzhHQkpJd0xtQ2kxb2RoWXhmUEQ2TFdEZnZYMm1tWEIrUFNxL0l4WEhOSjdxZVB4YzVuSzUyMW1uNQpuQ0FtZFBDY2JmdmdXdUM2TnhWbXpkeXpta1QvNnVqRUJFYTZ6RkQyUUtDN1N6a2ptZUNpd2VDQjc5NjZqeEV5ClFrVlFqYlQ5MFlyeENvdE8rbTJIQU5QZHNjT3FvNldXMEhmSlNpa2k4K2NDWHlzbGRFSzFZbmxueTNFWlVqTEwKVmplRS9XQVU0Q1BZUmhYVFVGVTIxZFV2azNvYUVpeldVdmhKc1FHYnh2aFRUQlN3aVliOUQ3Ymx1MWl4UzJxNwo3Mzk5VWdRN3FTNUFhOElHbXA4NUNoUUlBWUVjSTd6RGVWTGtrOGpkWkFCaTdGbDl0M05OQTU3WlVZVzErWE45CitUZ3ljMTlTbGoxVW1RdkRvekxCQzk5TVJpLzREQTIxRFpIODY3ekFYenFqZWUrckorQkZvNzVEQjlqd2tMTmUKUGVpemxRenRIWmpSU0tnaWdSNU9KSmtSVHIvNjduaTBtbzVITGNkU3hBSDFmdXdXS0hWS2RHQlQrNjhhYkUrZwprUSsrVDhMenVhK1FtakxOUVFqMVJCSFYzSzVQL3dvbXJKZG02d1ZLbm85RXlNait4azFwS05wb0F4UnR1WllmCkNEVVVQWjR1cEJtbzBLN3dGNHdtV3VXYSttVndlb1ZTcDRXMEhOWVJGU1pyWWxrc1AzdWViSHcva1FJREFRQUIKbzRJQmVqQ0NBWFl3Q1FZRFZSMFRCQUl3QURBUkJnbGdoa2dCaHZoQ0FRRUVCQU1DQmtBd05BWUpZSVpJQVliNApRZ0VOQkNjV0pVOVFUbk5sYm5ObElFZGxibVZ5WVhSbFpDQlRaWEoyWlhJZ1EyVnlkR2xtYVdOaGRHVXdIUVlEClZSME9CQllFRktidDd0QkRKN1daV1lMblQ5cEhTMklPdTg1TU1JR3pCZ05WSFNNRWdhc3dnYWloZ1kra2dZd3cKZ1lreEhUQWJCZ05WQkFNTUZFOVFUbk5sYm5ObExteHZZMkZzWkc5dFlXbHVNUXN3Q1FZRFZRUUdFd0pPVERFVgpNQk1HQTFVRUNBd01XblZwWkMxSWIyeHNZVzVrTVJVd0V3WURWUVFIREF4TmFXUmtaV3hvWVhKdWFYTXhMVEFyCkJnTlZCQW9NSkU5UVRuTmxibk5sSUhObGJHWXRjMmxuYm1Wa0lIZGxZaUJqWlhKMGFXWnBZMkYwWllJVWZDRE0KekVyVDh2VWh6clpNUm1rcmJPd2dJR013SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQ0FJQwpNQXNHQTFVZER3UUVBd0lGb0RBZkJnTlZIUkVFR0RBV2doUlBVRTV6Wlc1elpTNXNiMk5oYkdSdmJXRnBiakFOCkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQWNQbmllQ29FSmRjV25CVHdqRmE3bjZqTFMrZ1pUYUk2ZjAzWktQMFYKQ0pSaDUxWTNwb2dpcnJYcVNHQ1VGTVNHbGpsQ21mU2VhdW9GWFYwanZLejhnMGZ1NU9kYlhjd2FrZFBZSXgydQpVT0dMbllTaEdCNlpoMmhpWWdSVGFpemJoTVliQitzQkV4QU1CdHZRZElSZ3dBWkRNWE9jY0MwZnJaMFhRRlRFCnQ3by82VGYvZEprdnB0cmRYWW1INnFUWlA2MGxyTnlabVloTjc1NEluOFZLRVVSRWNZamg1ejlJanA1NTE1cU0Kb0VrSGNKbTBDNkh2VStETG1ybFpFYkV4bnVOMFQzWTBNZ0hiVFVhU2Y1L2FKVmlIM0dOMnMzbG1ZM0VXTS9Vcwo3azFyc2JTa2orZzJvQXlTcjU0Nlc4RkdaMjliZFlOYk1EaTQ4aXVRQWlzRlQrTGZXN3Y3RVl3WGJ3NUhSVkpNCjV2MlhnenJwN2Yxa08zckEzeXUyS1VSSktHdjJ1ZXhNSythb1VOZXhRT3ludmZGUTBCemRHQ1dlcmVvZTZ3bDMKbHc4Z2dCWDI1VGIxbzR3d1UzNXdtUUIrMC9rbjB0SXoveVBhY2JzbDAwZ0dJNFhTbWpRQmF0MUZYRHFEME1JMgp4S0RqMXZ2dkNTVnRKc09ESG95eDhLc3ptbno5UVFoV0ZNeC9LTXp1clh0OWtsWFRJc0t3d2NXMytZQWtQMzNaClgvOGJnZS8zK2RibTdNN3BndmFBNVFlU3VTbkwzNjdLT1g1NlNZNGFZWHhkc1haVDc0ZGxVRU1jbG9NU0NIOG4KR25QWlpyWTNHdnZaU2ovQWdqT2lDNHNBL2JSSmh4cCtUQndlRFByR0pFUEJFVW9sZEZHVXdraFJXMVVuRlc2YwpyTGM9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K</crt>
+    <csr/>
+    <prv>LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUpRZ0lCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQ1N3d2dna29BZ0VBQW9JQ0FRRExzTERuNG1rVHhFclgKdHdqTXoxencyeHJhNTZ5bTYrYzlRNEM3UjMyMzVuWjVPM1ovdzMva01XZjkvbkZsamcyQVdYRElKY1dmOTQ0UgpFblFMdmlha2NNTHR1Qm1KTVRYZnVQWnhsSWE4Wlc0S0ZuT21UUzRZcUJXOEdCSkl3TG1DaTFvZGhZeGZQRDZMCldEZnZYMm1tWEIrUFNxL0l4WEhOSjdxZVB4YzVuSzUyMW1uNW5DQW1kUENjYmZ2Z1d1QzZOeFZtemR5em1rVC8KNnVqRUJFYTZ6RkQyUUtDN1N6a2ptZUNpd2VDQjc5NjZqeEV5UWtWUWpiVDkwWXJ4Q290TyttMkhBTlBkc2NPcQpvNldXMEhmSlNpa2k4K2NDWHlzbGRFSzFZbmxueTNFWlVqTExWamVFL1dBVTRDUFlSaFhUVUZVMjFkVXZrM29hCkVpeldVdmhKc1FHYnh2aFRUQlN3aVliOUQ3Ymx1MWl4UzJxNzczOTlVZ1E3cVM1QWE4SUdtcDg1Q2hRSUFZRWMKSTd6RGVWTGtrOGpkWkFCaTdGbDl0M05OQTU3WlVZVzErWE45K1RneWMxOVNsajFVbVF2RG96TEJDOTlNUmkvNApEQTIxRFpIODY3ekFYenFqZWUrckorQkZvNzVEQjlqd2tMTmVQZWl6bFF6dEhaalJTS2dpZ1I1T0pKa1JUci82CjduaTBtbzVITGNkU3hBSDFmdXdXS0hWS2RHQlQrNjhhYkUrZ2tRKytUOEx6dWErUW1qTE5RUWoxUkJIVjNLNVAKL3dvbXJKZG02d1ZLbm85RXlNait4azFwS05wb0F4UnR1WllmQ0RVVVBaNHVwQm1vMEs3d0Y0d21XdVdhK21Wdwplb1ZTcDRXMEhOWVJGU1pyWWxrc1AzdWViSHcva1FJREFRQUJBb0lDQUFzc3hPL2IzSTd3a0hpWU9wdmQ3b2ZxClJXVm9HM0ZHOVBkSCtrcU1DQW9zVXlpZ2lnWkZhQUZSY3BhZFBJUnBVRFZQOHQrUUx2RHhTSEtJVkNTR3lLRHgKN01mVTkxV3ZCUGtpc1NhWEV2TklEMHJ2WTJYbXl4WWdOcDBNcHdnbHhxZXlWSDNWSTFmZ09zQXpWVkpGSmtzeAp0NnVKV2U2R1lwRnlVZ3MzZytNdHhPYVJLZHcvWkFZb0dVRkR5WE5NR1JNdVRYYkg2WWxTOStFZ2RxZTJZbGtDCk41amkvODUydUlwSytXZUVnbmd1ZkVZNDdpVVhQSzFJTVB0UjRURUxOb3hkTWVBYnZBUG9La2QwMWZOWnVaQ3EKQ0dxNS9kMEQ4cDZKNjlUK3M1RnR1R1UrdkxtcUg3NmtsZjVmTTZnOFpCc2xSNStNQ0xlay9DaHRBZGU2VXBQRApXQ2EwazU3dmdneUdQdGVlVXY2RVJBMEp6SjlJd2VHZGdVWHhNdW5LK3ZSNWYydWJKWFJoMVJpNTNFSTNvVUxYClFvWm9hOTY3VzNUajQ3UzR2RlQyK2dLb0g2OXlNckdVNVkwcjJrSTFXMVVhWEJ1aVVrMi94amdyWVdTblUzUUQKZkM3ZXllTlNlN3c4UW9MMVBEYXJwVXdaK2xGZ0w3NFVScldLQU12WVhxa3NTMHVtb0tTSWo4cjZMM0hVSUVaUgpZRzhBTU91dFhrQk5lMkNpTXRKM2NYUXNIOWloQU9QL3AvaE9BTTBGNkM3Ymt1Vm85d1pRdDVESWxRWUl4TlArClFRZ2doRnhBNTlTWmpwRk00QkN5L0hEOENJY3VuSURZOVNlbXNSYXdyUVY1eGk1akFScVdOYTdBSVMvVlArdUUKQkpmS0dDNFlZVmxqS1VLeEgxVUJBb0lCQVFEcnZOWXNrd3ZhQ2Z6MlcvbkIrRjNjVE1RbjM2RENSYnZwQ0s1dApldm96TjJGbjBJdWFnN2RrYzN2NTFxTVNEd0h1cVNkVTRHUHZMcm83alpJaFNEZ1AwLzBLWmc0VmxtZE5HbEovCk1lcXhmOGRkOFdTQjZiUksrK2FRcEhaeDd2SUFTWkE4eHkvZ3F2NGJpSmlqVDhUQ2lSeXdYSTQ0ZlRYM0xLZTIKVG1Uc29XNk9yQmErSWJRYjBpTEh4WE4rZ3JDM0cxWWxIUlNvTEpKUkU0eFVLMGsvM1JLNU16RjRIYUNZb1BWOQpDOFpQellMR253SE9ERU8zbHRtSGJvQUNFa0VrT2dFV3U4RFo2YlYrMXJBcVh6WnN0L3hNZnJ5KzlMRVdYQUwvCkRnOEdkall0YzdyUTFZd1BIY1h6cFo2clVIdXh2K0p6VEE1ZzNCS1p6aWhwNFdHaEFvSUJBUURkTXE3N0dRWGMKYW5hYlMxanlFT3VzNFp5ZlJ4cW10NEVFaHZjY0dRVVVrV0IrWk11bnpyaENxb3ZwQ1dhVU9zWVhuNG45Y3BQSAo3bm1mOUJHbFI4NVhCVHNLM2d4bE5NMUhjSGFTNXZSem9WQVBNd3o2VVV0ZFNLWXRLR0Q3Wkxmbm9ISXN1SlEzCnJ6WWIyTFhpVmx6MWlNNUVmT0VrL1J5UjBwMGtleXVwa0F0OXBRV0hzaURYb0pibDE2d1ZLc2NDNGUzNjdRRWsKcFdoeXcyS3A4bXdtOGxqQllxZWtHdUREeGVZSDMzMVlGa2FMUEJCT2xPQnlveFlOUDdBVVREUlV3KzB1T01jNwozb0N1VE9jWnAxVWMwQURBOXRTRVRINklWdlFEUXZlYzR6MWRTVGRmUEkxRzVUTCt4Mzlvam5OcGVoYng0bEwvCmRxTTBmcFlPL2ZmeEFvSUJBRmwzOU8wNzdjNlY1ZHoyY1djTnhVbThGT0p4UEVrZlFEOGtYVmNOeW5HdnZoY3gKamhwWmpUdmhuSmJvd0VFMVV1MXFZNVFTQ2J1WVIzUWN1ZTVKdzRVMlZwNGd0NDIzNUlMZHo1dVlyVk1xaE5jQgpxN3ltbnhlcVhRcGVjTm15NzBQdXA0QjV0SkVYTkpQc2xzbThsNWVoaERMbkhjOFFybStlRWhUZDBlNEJJcjJoClVJeGVyRVcyemg1MXNPeTkyeVhUaVRGU3hTbENxVkYrRXM5TEVtVGJtYVNTYWw4RkY1TjEyMVhYSnkvWWRwNjkKY0dqc1BMTXIzR2xMSmVnalYzZlJUK0o1NWFxT3lhUlhCTXRBRVo3WGdUampETzJJWHNGMnNHaHV4SU1XVUYrVgp3YnhLbi9xSXVUMU1pVmpKbGZpVE0vWEFVdUN1QlowOEloaDFRcUVDZ2dFQUZwdzJySzRMSGxPM21mb2l0bU9xClkzcVFVdXVtdXNIcEt6aE1qQSsycURxUC9YdDZJY1lNcWF2YkwwL3ByMTh1bm4yTlVsM2k0ejNxS3NKOUIwTUcKd1hoa1o2RDQ3V052VkUwWG9iNS80RTN0N0EvUTFNbDRoYW1HYXZsRXFJM01DcDRvN1k5VWZ6aW10RVA3bTQ0dQpaRjYranR1ZysvSHZlS3hwcWEvNWI1U3N5QVFWUTZDZW9Ndm1nTW9CNmd2OFdid1VZbURWakJSb1Q4clBEQVllCnJnQjV1QkxJaGdyRlROMnV2TUZJZzdlTE1ISk1UR3dGWVZKd1Q1eGgrRUV0M0RoR3gwSEFnOHNqcGkxd05md1gKeENFeTRvYVloSWw1S2FDUndyK1dwZS9JZHYrajdGVTVMN1QvK0hFV0FlOEZ0eE5td3dUYWJRaUllRFkwU29ZRgpVUUtDQVFFQXRiclZqbTFsaDQ1REhIWnVsem4xNllIQzJrMUYwWG9FZFVSQ3o0QTFsMHBEK3ljL2srdmJ0Qmg0Cm1RRDV1a3FicHFFZy9GNUhDZmdOaHlieHNNdVV6NzFaU24zN2dwczNDWUdiUyt4RkhjZTJBakNTbUlYQWIxQjgKR0Z2WnV4UlB5QXU0YVBvT1J3RzM3NVBOM0VNNk83bzdxbjlYeExTZWRIMHExM2U0YkhYYm4rc2xOa1RIM2xmcwpLVnBOUUhVSUNDSW5vQ0llV1dwdnAwQnFoYjlKclRsbXd2c25zOHpZVDNiY3F5QXZHZGRnNUs3Y0MwRVJaem9ECnFJTkI3S05FVjQ1NmF0eDZVT3VYUlpKREMvaHNJUTZNaVBveUJacHRsK1ZIMEtQbEFIWGExb0FXZmNuL0U3MFYKK0RaeVBiMWxkQUdpb1hqditGd2h5VzZlWEVrQlBnPT0KLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo=</prv>
+  </cert>
+  <syslog/>
+</opnsense>
diff --git a/harmony-rs/opnsense-config/src/tests/data/config-vm-test_sorted.xml b/harmony-rs/opnsense-config/src/tests/data/config-vm-test_sorted.xml
new file mode 100644
index 0000000..185d765
--- /dev/null
+++ b/harmony-rs/opnsense-config/src/tests/data/config-vm-test_sorted.xml
@@ -0,0 +1,987 @@
+      </acls>
+      <acls>
+        <action>alert</action>
+        <action>alert</action>
+        <action>alert</action>
+        <action>alert</action>
+        <action>alert</action>
+        <action>alert</action>
+        <action>alert</action>
+        <action>alert</action>
+        <action>alert</action>
+        <action>alert</action>
+        <action>alert</action>
+        <active_interface/>
+      <activeTimeout>1800</activeTimeout>
+        <address/>
+        <address/>
+        <address/>
+        <address/>
+        <address/>
+      </advanced>
+      <advanced>
+      <adv_dhcp_config_advanced/>
+      <adv_dhcp_config_file_override/>
+      <adv_dhcp_config_file_override_path/>
+      <adv_dhcp_option_modifiers/>
+      <adv_dhcp_pt_backoff_cutoff/>
+      <adv_dhcp_pt_initial_interval/>
+      <adv_dhcp_pt_reboot/>
+      <adv_dhcp_pt_retry/>
+      <adv_dhcp_pt_select_timeout/>
+      <adv_dhcp_pt_timeout/>
+      <adv_dhcp_pt_values>SavedCfg</adv_dhcp_pt_values>
+      <adv_dhcp_request_options/>
+      <adv_dhcp_required_options/>
+      <adv_dhcp_send_options/>
+        <aggressivensec>1</aggressivensec>
+      </alert>
+        <AlertLogrotate>W0D23</AlertLogrotate>
+        <AlertSaveLogs>4</AlertSaveLogs>
+      <alert uuid="15f1e9ca-5dd5-4b20-b595-b6b4f82245d0">
+      </Alias>
+      <alias-address/>
+        <aliases/>
+      <aliases/>
+      <alias-subnet>32</alias-subnet>
+      <Alias version="1.0.1">
+        and for the sender directly reachable, route and next hop is known.</descr>
+        <any/>
+        <any/>
+        <any>1</any>
+        <any>1</any>
+        <any>1</any>
+        <any>1</any>
+        <any>1</any>
+        as part of the standard FreeBSD core system.</descr>
+        as part of the standard FreeBSD core system.</descr>
+        <blocklists/>
+    </bogons>
+    <bogons>
+    <bridged/>
+  </bridges>
+  <bridges>
+  <ca/>
+        <cacheflush/>
+        <cachemaxnegativettl/>
+        <cachemaxttl/>
+        <cacheminttl/>
+    </captiveportal>
+    <captiveportal version="1.0.2">
+      </capture>
+      <capture>
+    <caref/>
+    <caref/>
+        <categories/>
+      </Category>
+      <Category version="1.0.0">
+  </cert>
+  </cert>
+  <cert uuid="547102e9-23ba-48b8-8af8-64be61049e96">
+  <cert uuid="cad18e13-92c5-48b6-9b44-ad2e5dcc799e">
+      <children/>
+      <ciphers/>
+      </client>
+        <clients/>
+      <client version="1.0.0">
+    <clone/>
+      </collect>
+      <collect>
+    <column_count>2</column_count>
+      <compression/>
+        <condition>changed status</condition>
+        <condition>cpu usage is greater than 75%</condition>
+        <condition>failed link</condition>
+        <condition>failed ping</condition>
+        <condition>loadavg (15min) is greater than 2</condition>
+        <condition>loadavg (1min) is greater than 4</condition>
+        <condition>loadavg (5min) is greater than 3</condition>
+        <condition>memory usage is greater than 75%</condition>
+        <condition>saturation is greater than 75%</condition>
+        <condition>space usage is greater than 75%</condition>
+        <condition>status != 0</condition>
+      <Connections/>
+      </created>
+      </created>
+      </created>
+      </created>
+      <created>
+      <created>
+      <created>
+      <created>
+    </cron>
+    <cron version="1.0.4">
+    <crt>LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUhIakNDQlFhZ0F3SUJBZ0lVSUhVRkpwc253VGtzYWRrZmRDNUp1SDhqWnZNd0RRWUpLb1pJaHZjTkFRRUwKQlFBd2dZa3hIVEFiQmdOVkJBTU1GRTlRVG5ObGJuTmxMbXh2WTJGc1pHOXRZV2x1TVFzd0NRWURWUVFHRXdKTwpUREVWTUJNR0ExVUVDQXdNV25WcFpDMUliMnhzWVc1a01SVXdFd1lEVlFRSERBeE5hV1JrWld4b1lYSnVhWE14CkxUQXJCZ05WQkFvTUpFOVFUbk5sYm5ObElITmxiR1l0YzJsbmJtVmtJSGRsWWlCalpYSjBhV1pwWTJGMFpUQWUKRncweU5ERXhNVE14TmpFNE1EbGFGdzB5TlRFeU1UVXhOakU0TURsYU1JR0pNUjB3R3dZRFZRUUREQlJQVUU1egpaVzV6WlM1c2IyTmhiR1J2YldGcGJqRUxNQWtHQTFVRUJoTUNUa3d4RlRBVEJnTlZCQWdNREZwMWFXUXRTRzlzCmJHRnVaREVWTUJNR0ExVUVCd3dNVFdsa1pHVnNhR0Z5Ym1sek1TMHdLd1lEVlFRS0RDUlBVRTV6Wlc1elpTQnoKWld4bUxYTnBaMjVsWkNCM1pXSWdZMlZ5ZEdsbWFXTmhkR1V3Z2dJaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQwpEd0F3Z2dJS0FvSUNBUURKU1FlZ1RYckp5dDVWYmk0Rk9IeHJrOXhxQ21FRU54V2pINVVwNDBFK3hjUzZQU1NyCkNEclc3ZDlYcVJkOEpEZENtdGtLRGlMYWNaUzJMUm1abnd6VnRzZGtBR2pOYm5OM1hSNmlFajdGL0JnbVBlcDEKU2pJWnBTZzNkOS9YeHFPQTNZQllzTS9uUk9vWHlmTHcycFJOLzhHVjN3MHoxbVFZUitMZWI3UTFuc1c3dTJ5NworVHc5STZGU0J4bkdaR3RyUFl5NkVBb0NMdm1GQnFCYWxkWTQ2ejdlWjlIRkZXaE8ybWpaUzVPdTE3ZVozVHBxCnBRTVB1T2JxV3FyaE0xdjVjdmJodU5kREhNZ3ZVVFVnQ0RNK2FkS3dIc0dNNGw5ZGtOQTgxdGlJcXpzN1BqcjEKUm0wMlVuUXRneW8zY3hPRXVsYk9nU0hsdGhTMmtUMXE2UmhyemYvRGRJSEhta1RROGtwWVloWGc0VmpMQVdpSQpQbm9ncnZsRUlWMERhQ3ZEMjZiRkRDbVkxc29FbDV1NGtYanJScDRXK29NUVRHeG80NzFMQnNBMlh1Si82ZFJBCkJMVzh4dXBFODhEYmlrWW51NVdQaUp6ZXh4UVIyNU1FQVd6TCtKK0lubFExbmpMVWwyN3R0c1VQQ1VjL3c0NXoKcHBERHYwZnU0Nnp1S3EzY0VWRitiREsrQWdlT0Q2SXNzUjVRRTdFNVdkWjYrNWl6ZHB4eWdUeGh0L1k1RlBkSApHQjlCbDFrejR4bHRhczlvbmZrSDFkVHk3dzFNck43Z1l5WjgvS0pMWW9EY2NBOVFuNGt6bGtPeFVUMENuS1ExCmtWNk90aFRsVFgzK2duaUpJK3RXWUQ5bTRldXNzYWN1anpyWDl5TTNZcEloMnZqODJ0NHpPNjIrNFFJREFRQUIKbzRJQmVqQ0NBWFl3Q1FZRFZSMFRCQUl3QURBUkJnbGdoa2dCaHZoQ0FRRUVCQU1DQmtBd05BWUpZSVpJQVliNApRZ0VOQkNjV0pVOVFUbk5sYm5ObElFZGxibVZ5WVhSbFpDQlRaWEoyWlhJZ1EyVnlkR2xtYVdOaGRHVXdIUVlEClZSME9CQllFRkJRZytucWI5QW9HSWtoTUxhNHFzWGRvY0JGcE1JR3pCZ05WSFNNRWdhc3dnYWloZ1kra2dZd3cKZ1lreEhUQWJCZ05WQkFNTUZFOVFUbk5sYm5ObExteHZZMkZzWkc5dFlXbHVNUXN3Q1FZRFZRUUdFd0pPVERFVgpNQk1HQTFVRUNBd01XblZwWkMxSWIyeHNZVzVrTVJVd0V3WURWUVFIREF4TmFXUmtaV3hvWVhKdWFYTXhMVEFyCkJnTlZCQW9NSkU5UVRuTmxibk5sSUhObGJHWXRjMmxuYm1Wa0lIZGxZaUJqWlhKMGFXWnBZMkYwWllJVUlIVUYKSnBzbndUa3NhZGtmZEM1SnVIOGpadk13SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQ0FJQwpNQXNHQTFVZER3UUVBd0lGb0RBZkJnTlZIUkVFR0RBV2doUlBVRTV6Wlc1elpTNXNiMk5oYkdSdmJXRnBiakFOCkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQUZqNlQ1MmRIUklVMHJuZDE0d2dob2tjUkdrK0hIQloyTGlDRHpUeUwKNHdCeTJ1ZXJXQWdvYUZzeUlNQzhwWTBhWlc4TFlSd1BtRVB0OXlUS09ZZzF0NWtOUnk2RkF5akszeis5TGZTQwoxRlFpb0pma3FHRnhoc1IxV1R5RjBGNmJmM2tZRDZ4OWw1dEdqMXF3SndrekZWZWcvZGNtUVhvRTBmUDRqSFFvCmgxWXdiZ3pTa084TzRLUVhuWXVRM3g0bWdoZnBvR0hQM2xINlcybDJlWHpqSzllRjJtUG1ZS0p1M3JpSnkvL3gKRzhQWXBYNlNTN3RoVnNNeHF3cGJHbURXQXRuSnNrSmVsNDI1WUdOYlZ4YTNPOHE3RWxLNGFoNXpmai8wRnVwTgo3SnlqMWQyZjZFck14WlFnUi9EdmlUVnhISytRY1lBRXBqU2ZmZzBrRStpS1BlN0VYTVk1VU1aZUFTK1ZteG1LCjBPOWxaQXNpWUlEMzkwVjNTaDZxYjhoL2xMZ0V2NCtSNUw1VEpFaldYc0dQSUpGaHJNSFJWR1lhV3JIYWx3eHYKNjE5NFlpSXBEaUlHSVVSWGN1U3dNcndIQzN0bms2QVo2OW5CczVXT1JYM0NxOVhRRnVrVlA5eUMxQnRuSmFwbQpubUMzK3NtTTErRjkxUXlkVXJtbUxPNUVwUmtTMitBcmRTSklUR1NRNWt4L3VLNjhzV0QzVVdNNVRibUxrcWdOCkt6djZjemVCbzJiVExDT0JKUWJ4STFCckRPTUFMSDlCdXdUamVXdUVtWE9TWE1lTDFsejdhL2JZKzJxa1BSOVAKTE5IekE2QXZlVmxucDNaeFdqMjZFK3dwYnU5cHBaY0QzRGVHRnRnZzVJbUJ2ZDNWbjJ6UVc4a1ZMT1ZBdllSawptdWc9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K</crt>
+    <crt>LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUhIakNDQlFhZ0F3SUJBZ0lVZkNETXpFclQ4dlVoenJaTVJta3JiT3dnSUdNd0RRWUpLb1pJaHZjTkFRRUwKQlFBd2dZa3hIVEFiQmdOVkJBTU1GRTlRVG5ObGJuTmxMbXh2WTJGc1pHOXRZV2x1TVFzd0NRWURWUVFHRXdKTwpUREVWTUJNR0ExVUVDQXdNV25WcFpDMUliMnhzWVc1a01SVXdFd1lEVlFRSERBeE5hV1JrWld4b1lYSnVhWE14CkxUQXJCZ05WQkFvTUpFOVFUbk5sYm5ObElITmxiR1l0YzJsbmJtVmtJSGRsWWlCalpYSjBhV1pwWTJGMFpUQWUKRncweU5ERXhNVE14TmpReE5EVmFGdzB5TlRFeU1UVXhOalF4TkRWYU1JR0pNUjB3R3dZRFZRUUREQlJQVUU1egpaVzV6WlM1c2IyTmhiR1J2YldGcGJqRUxNQWtHQTFVRUJoTUNUa3d4RlRBVEJnTlZCQWdNREZwMWFXUXRTRzlzCmJHRnVaREVWTUJNR0ExVUVCd3dNVFdsa1pHVnNhR0Z5Ym1sek1TMHdLd1lEVlFRS0RDUlBVRTV6Wlc1elpTQnoKWld4bUxYTnBaMjVsWkNCM1pXSWdZMlZ5ZEdsbWFXTmhkR1V3Z2dJaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQwpEd0F3Z2dJS0FvSUNBUURMc0xEbjRta1R4RXJYdHdqTXoxencyeHJhNTZ5bTYrYzlRNEM3UjMyMzVuWjVPM1ovCnczL2tNV2Y5L25GbGpnMkFXWERJSmNXZjk0NFJFblFMdmlha2NNTHR1Qm1KTVRYZnVQWnhsSWE4Wlc0S0ZuT20KVFM0WXFCVzhHQkpJd0xtQ2kxb2RoWXhmUEQ2TFdEZnZYMm1tWEIrUFNxL0l4WEhOSjdxZVB4YzVuSzUyMW1uNQpuQ0FtZFBDY2JmdmdXdUM2TnhWbXpkeXpta1QvNnVqRUJFYTZ6RkQyUUtDN1N6a2ptZUNpd2VDQjc5NjZqeEV5ClFrVlFqYlQ5MFlyeENvdE8rbTJIQU5QZHNjT3FvNldXMEhmSlNpa2k4K2NDWHlzbGRFSzFZbmxueTNFWlVqTEwKVmplRS9XQVU0Q1BZUmhYVFVGVTIxZFV2azNvYUVpeldVdmhKc1FHYnh2aFRUQlN3aVliOUQ3Ymx1MWl4UzJxNwo3Mzk5VWdRN3FTNUFhOElHbXA4NUNoUUlBWUVjSTd6RGVWTGtrOGpkWkFCaTdGbDl0M05OQTU3WlVZVzErWE45CitUZ3ljMTlTbGoxVW1RdkRvekxCQzk5TVJpLzREQTIxRFpIODY3ekFYenFqZWUrckorQkZvNzVEQjlqd2tMTmUKUGVpemxRenRIWmpSU0tnaWdSNU9KSmtSVHIvNjduaTBtbzVITGNkU3hBSDFmdXdXS0hWS2RHQlQrNjhhYkUrZwprUSsrVDhMenVhK1FtakxOUVFqMVJCSFYzSzVQL3dvbXJKZG02d1ZLbm85RXlNait4azFwS05wb0F4UnR1WllmCkNEVVVQWjR1cEJtbzBLN3dGNHdtV3VXYSttVndlb1ZTcDRXMEhOWVJGU1pyWWxrc1AzdWViSHcva1FJREFRQUIKbzRJQmVqQ0NBWFl3Q1FZRFZSMFRCQUl3QURBUkJnbGdoa2dCaHZoQ0FRRUVCQU1DQmtBd05BWUpZSVpJQVliNApRZ0VOQkNjV0pVOVFUbk5sYm5ObElFZGxibVZ5WVhSbFpDQlRaWEoyWlhJZ1EyVnlkR2xtYVdOaGRHVXdIUVlEClZSME9CQllFRktidDd0QkRKN1daV1lMblQ5cEhTMklPdTg1TU1JR3pCZ05WSFNNRWdhc3dnYWloZ1kra2dZd3cKZ1lreEhUQWJCZ05WQkFNTUZFOVFUbk5sYm5ObExteHZZMkZzWkc5dFlXbHVNUXN3Q1FZRFZRUUdFd0pPVERFVgpNQk1HQTFVRUNBd01XblZwWkMxSWIyeHNZVzVrTVJVd0V3WURWUVFIREF4TmFXUmtaV3hvWVhKdWFYTXhMVEFyCkJnTlZCQW9NSkU5UVRuTmxibk5sSUhObGJHWXRjMmxuYm1Wa0lIZGxZaUJqWlhKMGFXWnBZMkYwWllJVWZDRE0KekVyVDh2VWh6clpNUm1rcmJPd2dJR013SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQ0FJQwpNQXNHQTFVZER3UUVBd0lGb0RBZkJnTlZIUkVFR0RBV2doUlBVRTV6Wlc1elpTNXNiMk5oYkdSdmJXRnBiakFOCkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQWNQbmllQ29FSmRjV25CVHdqRmE3bjZqTFMrZ1pUYUk2ZjAzWktQMFYKQ0pSaDUxWTNwb2dpcnJYcVNHQ1VGTVNHbGpsQ21mU2VhdW9GWFYwanZLejhnMGZ1NU9kYlhjd2FrZFBZSXgydQpVT0dMbllTaEdCNlpoMmhpWWdSVGFpemJoTVliQitzQkV4QU1CdHZRZElSZ3dBWkRNWE9jY0MwZnJaMFhRRlRFCnQ3by82VGYvZEprdnB0cmRYWW1INnFUWlA2MGxyTnlabVloTjc1NEluOFZLRVVSRWNZamg1ejlJanA1NTE1cU0Kb0VrSGNKbTBDNkh2VStETG1ybFpFYkV4bnVOMFQzWTBNZ0hiVFVhU2Y1L2FKVmlIM0dOMnMzbG1ZM0VXTS9Vcwo3azFyc2JTa2orZzJvQXlTcjU0Nlc4RkdaMjliZFlOYk1EaTQ4aXVRQWlzRlQrTGZXN3Y3RVl3WGJ3NUhSVkpNCjV2MlhnenJwN2Yxa08zckEzeXUyS1VSSktHdjJ1ZXhNSythb1VOZXhRT3ludmZGUTBCemRHQ1dlcmVvZTZ3bDMKbHc4Z2dCWDI1VGIxbzR3d1UzNXdtUUIrMC9rbjB0SXoveVBhY2JzbDAwZ0dJNFhTbWpRQmF0MUZYRHFEME1JMgp4S0RqMXZ2dkNTVnRKc09ESG95eDhLc3ptbno5UVFoV0ZNeC9LTXp1clh0OWtsWFRJc0t3d2NXMytZQWtQMzNaClgvOGJnZS8zK2RibTdNN3BndmFBNVFlU3VTbkwzNjdLT1g1NlNZNGFZWHhkc1haVDc0ZGxVRU1jbG9NU0NIOG4KR25QWlpyWTNHdnZaU2ovQWdqT2lDNHNBL2JSSmh4cCtUQndlRFByR0pFUEJFVW9sZEZHVXdraFJXMVVuRlc2YwpyTGM9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K</crt>
+    <csr/>
+    <csr/>
+      </ctrl_agent>
+      <ctrl_agent version="0.0.1">
+        <data_length/>
+        <default_action>allow</default_action>
+        <defaultgw>1</defaultgw>
+        <defaultPacketSize/>
+        <depends/>
+        <depends/>
+        <depends/>
+        <depends/>
+      <descr/>
+      <descr>Allow ping</descr>
+      <descr>Allow unprivileged access to tap(4) device nodes</descr>
+      <descr>Default allow LAN IPv6 to any rule</descr>
+      <descr>Default allow LAN to any rule</descr>
+      <descr>Disable CTRL+ALT+Delete reboot from keyboard.</descr>
+      <descr>Disable Indirect Branch Restricted Speculation (Spectre V2 mitigation)</descr>
+      <descr>Do not delay ACK to try and piggyback it onto a data packet</descr>
+      <descr>Do not send ICMP port unreachable messages for closed UDP ports</descr>
+      <descr>Drop packets to closed TCP ports without returning a RST</descr>
+      <descr>Drop SYN-FIN packets (breaks RFC1379, but nobody uses it anyway)</descr>
+      <descr>Enable/disable sending of ICMP redirects in response to IP packets for which a better,
+      <descr>Enable privacy settings for IPv6 (RFC 4941)</descr>
+      <descr>Enable sending IPv6 redirects</descr>
+      <descr>Enable TCP extended debugging</descr>
+      <descr>Generate SYN cookies for outbound SYN-ACK packets</descr>
+      <descr>Handling of non-IP packets which are not passed to pfil (see if_bridge(4))</descr>
+      <descr>Hide processes running as other groups</descr>
+      <descr>Hide processes running as other users</descr>
+      <descr>Increase UFS read-ahead speeds to match the state of hard drives and NCQ.</descr>
+        <descr>Interface WAN Gateway</descr>
+        <description/>
+        <description/>
+        <description/>
+        <description/>
+        <description/>
+        <description>/firewall_rules_edit.php made changes</description>
+        <description>/firewall_rules_edit.php made changes</description>
+        <description>/firewall_rules_edit.php made changes</description>
+        <description>/firewall_rules_edit.php made changes</description>
+        <description>/firewall_rules_edit.php made changes</description>
+        <description>/firewall_rules_edit.php made changes</description>
+        <description>/firewall_rules_edit.php made changes</description>
+        <description>/firewall_rules_edit.php made changes</description>
+    <description>/interfaces.php made changes</description>
+      <description>System Administrators</description>
+      <descr>Loopback</descr>
+      <descr>Maximum incoming/outgoing TCP datagram size (receive)</descr>
+      <descr>Maximum incoming/outgoing TCP datagram size (send)</descr>
+      <descr>Maximum outgoing UDP datagram size</descr>
+      <descr>Maximum outgoing UDP datagram size</descr>
+      <descr>Maximum socket buffer size</descr>
+      <descr>Page Table Isolation (Meltdown mitigation, requires reboot.)</descr>
+      <descr>Prefer privacy addresses and use them over the normal addresses</descr>
+      <descr>Randomize PID's (see src/sys/kern/kern_fork.c: sysctl_kern_randompid())</descr>
+      <descr>Randomize the ID field in IP packets</descr>
+      <descr>Set ICMP Limits</descr>
+      <descr>Set the ephemeral port range to be lower.</descr>
+      <descr>Set to 0 to disable filtering on the incoming and outgoing member interfaces.</descr>
+      <descr>Set to 1 to additionally filter on the physical interface for locally destined packets</descr>
+      <descr>Set to 1 to enable filtering on the bridge interface</descr>
+      <descr>Source routing is another way for an attacker to try to reach non-routable addresses behind your box.
+      <descr>Source routing is another way for an attacker to try to reach non-routable addresses behind your box.
+      <descr>System Administrator</descr>
+      <descr>TCP Offload Engine</descr>
+      <descr>This option turns off the logging of redirect packets because there is no limit and this could fill
+      <descr>UDP Checksums</descr>
+    <descr>Web GUI TLS certificate</descr>
+    <descr>Web GUI TLS certificate</descr>
+      </destination>
+      </destination>
+      </destination>
+      </destination>
+      </destination>
+      </destination>
+      <destination>
+      <destination>
+      <destination>
+      <destination>
+      <destination>
+      <destination>
+      <destinations/>
+        </detect>
+        <detect>
+      </dhcp4>
+      <dhcp4 version="1.0.0">
+  </dhcpd>
+  <dhcpd>
+  <dhcpdv6/>
+      <dhcphostname/>
+      <dhcprejectfrom/>
+    <DHCRelay version="1.0.1"/>
+      <direction>in</direction>
+      <direction>in</direction>
+      <direction>in</direction>
+      <direction>in</direction>
+    <disablechecksumoffloading>1</disablechecksumoffloading>
+    <disableconsolemenu>1</disableconsolemenu>
+        <disabled>0</disabled>
+    <disablelargereceiveoffloading>1</disablelargereceiveoffloading>
+    <disablenatreflection>yes</disablenatreflection>
+    <disablepreempt>0</disablepreempt>
+    <disablesegmentationoffloading>1</disablesegmentationoffloading>
+    <disablevlanhwfilter>1</disablevlanhwfilter>
+    <disconnectppps>0</disconnectppps>
+        <dns64/>
+        <dns64prefix/>
+    <dnsallowoverride>1</dnsallowoverride>
+      </dnsbl>
+      <dnsbl>
+        <dnsserver/>
+    <dnsserver>192.168.5.1</dnsserver>
+    <domain>localdomain</domain>
+      <domains/>
+      <dots/>
+        <egress_only/>
+      <enable/>
+    <enable/>
+        <enable>0</enable>
+      <enable>1</enable>
+      <enable>1</enable>
+      <enable>1</enable>
+        <enabled/>
+        <enabled/>
+          <enabled>0</enabled>
+          <enabled>0</enabled>
+          <enabled>0</enabled>
+        <enabled>0</enabled>
+        <enabled>0</enabled>
+        <enabled>0</enabled>
+        <enabled>0</enabled>
+        <enabled>0</enabled>
+        <enabled>0</enabled>
+        <enabled>0</enabled>
+        <enabled>1</enabled>
+        <enabled>1</enabled>
+        <enabled>1</enabled>
+        <enabled>1</enabled>
+      <enabled>enabled</enabled>
+        <enable_wpad/>
+        <eventqueuePath/>
+        <eventqueueSlots/>
+        <events/>
+        <extendedstatistics/>
+        <fargw>0</fargw>
+      <files/>
+      <fileTags/>
+  </filter>
+  <filter>
+      </Filter>
+      <Filter version="1.0.4">
+    </Firewall>
+    <Firewall>
+    </firmware>
+    <firmware version="1.0.1">
+      <flavour/>
+        <force_down/>
+        <format/>
+      </forwarding>
+      <forwarding>
+        <from>10.100.8.10</from>
+          <fwrules>1</fwrules>
+        <gateway>172.17.0.1</gateway>
+      </gateway_item>
+      <gateway_item uuid="a6ea102d-68bb-430f-af8b-269d52498fe1">
+    </Gateways>
+    <Gateways version="1.0.0">
+        </general>
+        </general>
+        <general>
+        <general>
+      </general>
+      </general>
+      </general>
+      </general>
+      </general>
+      </general>
+      <general>
+      <general>
+      <general>
+      <general>
+      <general>
+      <general version="0.0.1">
+        </geoip>
+        <geoip>
+      <gid>1999</gid>
+    <gif/>
+  </gifs>
+  <gifs version="1.0.0">
+    <gre/>
+  </gres>
+  <gres version="1.0.0">
+    </group>
+    <group>
+      <group>admins</group>
+      <groupname>admins</groupname>
+        </ha>
+        <ha>
+        <ha_peers/>
+  </hasync>
+  <hasync version="1.0.0">
+        <hideidentity/>
+        <hideversion/>
+        <homenet>192.168.0.0/16,10.0.0.0/8,172.16.0.0/12</homenet>
+    <hostname>OPNsense</hostname>
+        <hostname>rtx4090</hostname>
+      <hosts/>
+        <httpdAllow/>
+        <httpdEnabled>0</httpdEnabled>
+        <httpdPassword/>
+        <httpdPort>2812</httpdPort>
+        <httpdUsername>root</httpdUsername>
+          <http_host>127.0.0.1</http_host>
+          <http_port>8000</http_port>
+    </IDS>
+    <IDS version="1.0.9">
+  <ifgroups version="1.0.0"/>
+      <if>le0</if>
+      <if>le1</if>
+      <if>lo0</if>
+      <inactiveTimeout>15</inactiveTimeout>
+        <incomingnumtcp/>
+        <infracachenumhosts/>
+        <infrahostttl/>
+        <infrakeepprobing/>
+        <insecuredomain/>
+      <Instances/>
+        <interface/>
+        <interface/>
+        <interface/>
+        <interface/>
+      <interface>lan</interface>
+      <interface>lan</interface>
+          <interfaces/>
+        <interfaces/>
+      <interfaces/>
+      <interfaces/>
+  </interfaces>
+  <interfaces>
+    </Interfaces>
+    <Interfaces>
+        <interfaces>wan</interfaces>
+        <interface>wan</interface>
+      <interface>wan</interface>
+      <interface>wan</interface>
+      <interface>wan</interface>
+      <interface>wan</interface>
+      <internal_dynamic>1</internal_dynamic>
+        <interval/>
+        <interval>120</interval>
+      <interval>monthly</interval>
+        <ipaddr>10.100.8.15</ipaddr>
+      <ipaddr>10.100.8.1</ipaddr>
+      <ipaddr>127.0.0.1</ipaddr>
+      <ipaddr>dhcp</ipaddr>
+      <ipaddrv6>::1</ipaddrv6>
+      <ipaddrv6>track6</ipaddrv6>
+      <ipprotocol>inet6</ipprotocol>
+        <ipprotocol>inet</ipprotocol>
+      <ipprotocol>inet</ipprotocol>
+      <ipprotocol>inet</ipprotocol>
+      <ipprotocol>inet</ipprotocol>
+      <ipprotocol>inet</ipprotocol>
+      <ipprotocol>inet</ipprotocol>
+        <ips>0</ips>
+    </IPsec>
+    <IPsec version="1.0.1">
+    <ipv6allow>1</ipv6allow>
+        It can also be used to probe for information about your internal networks. These functions come enabled
+        It can also be used to probe for information about your internal networks. These functions come enabled
+    </item>
+    </item>
+    </item>
+    </item>
+    </item>
+    </item>
+    </item>
+    </item>
+    </item>
+    </item>
+    </item>
+    </item>
+    </item>
+    </item>
+    </item>
+    </item>
+    </item>
+    </item>
+    </item>
+    </item>
+    </item>
+    </item>
+    </item>
+    </item>
+    </item>
+    </item>
+    </item>
+    </item>
+    </item>
+    </item>
+    </item>
+    </item>
+    </item>
+    </item>
+    </item>
+    <item>
+    <item>
+    <item>
+    <item>
+    <item>
+    <item>
+    <item>
+    <item>
+    <item>
+    <item>
+    <item>
+    <item>
+    <item>
+    <item>
+    <item>
+    <item>
+    <item>
+    <item>
+    <item>
+    <item>
+    <item>
+    <item>
+    <item>
+    <item>
+    <item>
+    <item>
+    <item>
+    <item>
+    <item>
+    <item>
+    <item>
+    <item>
+    <item>
+    <item>
+    <item>
+      <jobs/>
+        <jostletimeout/>
+    </Kea>
+    <Kea>
+      <kex/>
+      <keyPairs/>
+      <keys/>
+      <keysig/>
+    <lagg/>
+  </laggs>
+  <laggs version="1.0.0">
+    </lan>
+    </lan>
+    <lan>
+    <lan>
+    <language>en_US</language>
+        <latencyhigh/>
+        <latencylow/>
+    <lb_use_sticky>1</lb_use_sticky>
+        <lists/>
+    </lo0>
+    <lo0>
+      <locals/>
+        <local_zone_type>transparent</local_zone_type>
+        <logfile/>
+        <loglocal>1</loglocal>
+        <loglocalactions/>
+        <LogPayload>0</LogPayload>
+        <logqueries/>
+        <logreplies/>
+        <logservfail/>
+        <logtagqueryreply/>
+        <logverbosity>1</logverbosity>
+      <loopbacks version="1.0.0"/>
+        <losshigh/>
+        <loss_interval/>
+        <losslow/>
+      </Lvtemplate>
+      <Lvtemplate version="0.0.1">
+        <mac>d8:5e:d3:e7:2c:8c</mac>
+      <macs/>
+        <mailserver>127.0.0.1</mailserver>
+        <match/>
+        <match/>
+        <match/>
+        <match/>
+        <maxfilesize/>
+        <maxpreserve>31</maxpreserve>
+      <media/>
+      <mediaopt/>
+      <member>0</member>
+      <mirror/>
+        <mmonitRegisterCredentials>1</mmonitRegisterCredentials>
+        <mmonitTimeout>5</mmonitTimeout>
+        <mmonitUrl/>
+      <mode>automatic</mode>
+    </monit>
+        <monitor/>
+        <monitor_disable>1</monitor_disable>
+        <monitor_noroute/>
+    <monit version="1.0.13">
+        <MPMAlgo/>
+        <msgcachesize/>
+        <name>$HOST</name>
+      <name>admins</name>
+        <name>carp_status_change</name>
+        <name>ChangedStatus</name>
+        <name>CPUUsage</name>
+        <name>gateway_alert</name>
+        <name>LoadAvg15</name>
+        <name>LoadAvg1</name>
+        <name>LoadAvg5</name>
+        <name>MemoryUsage</name>
+        <name>NetworkLink</name>
+        <name>NetworkSaturation</name>
+        <name>NonZeroStatus</name>
+        <name>Ping</name>
+        <name>RootFs</name>
+      <name>root</name>
+        <name>SpaceUsage</name>
+        <name>WAN_GW</name>
+  </nat>
+  <nat>
+      <neighbors version="1.0.0"/>
+    </Netflow>
+    <netflowbackup>-1</netflowbackup>
+    <Netflow version="1.0.1">
+        <network>lan</network>
+        <network>lan</network>
+        <network>(self)</network>
+        <network>wanip</network>
+        <network>wanip</network>
+    <nextgid>2000</nextgid>
+    <nextuid>2000</nextuid>
+        <noarecords/>
+      <noauto>1</noauto>
+        <noreglladdr6/>
+        <noregrecords/>
+        <noton>0</noton>
+        <npt/>
+  </ntpd>
+  <ntpd>
+        <ntpserver/>
+        <numqueriesperthread/>
+        <nxdomain/>
+        <onetoone/>
+  <openvpn/>
+    </OpenVPN>
+    </OpenVPNExport>
+    <OpenVPNExport version="0.0.1">
+    <OpenVPN version="1.0.0">
+</opnsense>
+<opnsense>
+  </OPNsense>
+  <OPNsense>
+    <optimization>normal</optimization>
+    </outbound>
+    <outbound>
+        <outgoing_interface/>
+        <outgoingnumtcp/>
+        <outgoingrange/>
+      <Overwrites/>
+        <password/>
+    <password/>
+      <password>$2y$10$YRVoF4SgskIsrXOvOQjGieB9XqHPRra9R7d80B3BZdbY/j21TwBfS</password>
+      <passwordauth>1</passwordauth>
+        <path/>
+        <path/>
+        <path/>
+        <path/>
+        <path/>
+        <path/>
+        <path/>
+        <path/>
+        <path/>
+        <path/>
+        <path/>
+        <path/>
+        <path>/</path>
+        <path>/usr/local/opnsense/scripts/OPNsense/Monit/carp_status</path>
+        <path>/usr/local/opnsense/scripts/OPNsense/Monit/gateway_alert</path>
+      <permitrootlogin>1</permitrootlogin>
+    <pf_share_forward>1</pf_share_forward>
+    <pfsyncenabled>0</pfsyncenabled>
+    <pfsyncinterface>lan</pfsyncinterface>
+    <pfsyncpeerip/>
+    <pfsyncversion>1400</pfsyncversion>
+        <pidfile/>
+        <pidfile/>
+        <pidfile/>
+        <pidfile/>
+      <pipes/>
+      <plugins/>
+      <policies/>
+        <polltime/>
+        <polltime/>
+        <polltime/>
+        <polltime/>
+      <Pools/>
+      <port/>
+        <port>22</port>
+        <port>25</port>
+        <port>443</port>
+        <port>53</port>
+        <port>80</port>
+    <powerd_ac_mode>hadp</powerd_ac_mode>
+    <powerd_battery_mode>hadp</powerd_battery_mode>
+    <powerd_normal_mode>hadp</powerd_normal_mode>
+    <ppp/>
+  </ppps>
+  <ppps>
+    <prefer>0.opnsense.pool.ntp.org</prefer>
+        <prefetch/>
+        <prefetchkey/>
+      <preSharedKeys/>
+    <primaryconsole>video</primaryconsole>
+        <priority>255</priority>
+        <privateaddress>0.0.0.0/8,10.0.0.0/8,100.64.0.0/10,169.254.0.0/16,172.16.0.0/12,192.0.2.0/24,192.168.0.0/16,198.18.0.0/15,198.51.100.0/24,203.0.113.0/24,233.252.0.0/24,::1/128,2001:db8::/32,fc00::/8,fd00::/8,fe80::/10</privateaddress>
+        <privatedomain/>
+      <priv>page-all</priv>
+          <Profile/>
+        <promisc>0</promisc>
+      <protocol>https</protocol>
+      <protocol>icmp</protocol>
+      <protocol>tcp</protocol>
+      <protocol>tcp</protocol>
+      <protocol>tcp/udp</protocol>
+    <prv>LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUpRZ0lCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQ1N3d2dna29BZ0VBQW9JQ0FRRExzTERuNG1rVHhFclgKdHdqTXoxencyeHJhNTZ5bTYrYzlRNEM3UjMyMzVuWjVPM1ovdzMva01XZjkvbkZsamcyQVdYRElKY1dmOTQ0UgpFblFMdmlha2NNTHR1Qm1KTVRYZnVQWnhsSWE4Wlc0S0ZuT21UUzRZcUJXOEdCSkl3TG1DaTFvZGhZeGZQRDZMCldEZnZYMm1tWEIrUFNxL0l4WEhOSjdxZVB4YzVuSzUyMW1uNW5DQW1kUENjYmZ2Z1d1QzZOeFZtemR5em1rVC8KNnVqRUJFYTZ6RkQyUUtDN1N6a2ptZUNpd2VDQjc5NjZqeEV5UWtWUWpiVDkwWXJ4Q290TyttMkhBTlBkc2NPcQpvNldXMEhmSlNpa2k4K2NDWHlzbGRFSzFZbmxueTNFWlVqTExWamVFL1dBVTRDUFlSaFhUVUZVMjFkVXZrM29hCkVpeldVdmhKc1FHYnh2aFRUQlN3aVliOUQ3Ymx1MWl4UzJxNzczOTlVZ1E3cVM1QWE4SUdtcDg1Q2hRSUFZRWMKSTd6RGVWTGtrOGpkWkFCaTdGbDl0M05OQTU3WlVZVzErWE45K1RneWMxOVNsajFVbVF2RG96TEJDOTlNUmkvNApEQTIxRFpIODY3ekFYenFqZWUrckorQkZvNzVEQjlqd2tMTmVQZWl6bFF6dEhaalJTS2dpZ1I1T0pKa1JUci82CjduaTBtbzVITGNkU3hBSDFmdXdXS0hWS2RHQlQrNjhhYkUrZ2tRKytUOEx6dWErUW1qTE5RUWoxUkJIVjNLNVAKL3dvbXJKZG02d1ZLbm85RXlNait4azFwS05wb0F4UnR1WllmQ0RVVVBaNHVwQm1vMEs3d0Y0d21XdVdhK21Wdwplb1ZTcDRXMEhOWVJGU1pyWWxrc1AzdWViSHcva1FJREFRQUJBb0lDQUFzc3hPL2IzSTd3a0hpWU9wdmQ3b2ZxClJXVm9HM0ZHOVBkSCtrcU1DQW9zVXlpZ2lnWkZhQUZSY3BhZFBJUnBVRFZQOHQrUUx2RHhTSEtJVkNTR3lLRHgKN01mVTkxV3ZCUGtpc1NhWEV2TklEMHJ2WTJYbXl4WWdOcDBNcHdnbHhxZXlWSDNWSTFmZ09zQXpWVkpGSmtzeAp0NnVKV2U2R1lwRnlVZ3MzZytNdHhPYVJLZHcvWkFZb0dVRkR5WE5NR1JNdVRYYkg2WWxTOStFZ2RxZTJZbGtDCk41amkvODUydUlwSytXZUVnbmd1ZkVZNDdpVVhQSzFJTVB0UjRURUxOb3hkTWVBYnZBUG9La2QwMWZOWnVaQ3EKQ0dxNS9kMEQ4cDZKNjlUK3M1RnR1R1UrdkxtcUg3NmtsZjVmTTZnOFpCc2xSNStNQ0xlay9DaHRBZGU2VXBQRApXQ2EwazU3dmdneUdQdGVlVXY2RVJBMEp6SjlJd2VHZGdVWHhNdW5LK3ZSNWYydWJKWFJoMVJpNTNFSTNvVUxYClFvWm9hOTY3VzNUajQ3UzR2RlQyK2dLb0g2OXlNckdVNVkwcjJrSTFXMVVhWEJ1aVVrMi94amdyWVdTblUzUUQKZkM3ZXllTlNlN3c4UW9MMVBEYXJwVXdaK2xGZ0w3NFVScldLQU12WVhxa3NTMHVtb0tTSWo4cjZMM0hVSUVaUgpZRzhBTU91dFhrQk5lMkNpTXRKM2NYUXNIOWloQU9QL3AvaE9BTTBGNkM3Ymt1Vm85d1pRdDVESWxRWUl4TlArClFRZ2doRnhBNTlTWmpwRk00QkN5L0hEOENJY3VuSURZOVNlbXNSYXdyUVY1eGk1akFScVdOYTdBSVMvVlArdUUKQkpmS0dDNFlZVmxqS1VLeEgxVUJBb0lCQVFEcnZOWXNrd3ZhQ2Z6MlcvbkIrRjNjVE1RbjM2RENSYnZwQ0s1dApldm96TjJGbjBJdWFnN2RrYzN2NTFxTVNEd0h1cVNkVTRHUHZMcm83alpJaFNEZ1AwLzBLWmc0VmxtZE5HbEovCk1lcXhmOGRkOFdTQjZiUksrK2FRcEhaeDd2SUFTWkE4eHkvZ3F2NGJpSmlqVDhUQ2lSeXdYSTQ0ZlRYM0xLZTIKVG1Uc29XNk9yQmErSWJRYjBpTEh4WE4rZ3JDM0cxWWxIUlNvTEpKUkU0eFVLMGsvM1JLNU16RjRIYUNZb1BWOQpDOFpQellMR253SE9ERU8zbHRtSGJvQUNFa0VrT2dFV3U4RFo2YlYrMXJBcVh6WnN0L3hNZnJ5KzlMRVdYQUwvCkRnOEdkall0YzdyUTFZd1BIY1h6cFo2clVIdXh2K0p6VEE1ZzNCS1p6aWhwNFdHaEFvSUJBUURkTXE3N0dRWGMKYW5hYlMxanlFT3VzNFp5ZlJ4cW10NEVFaHZjY0dRVVVrV0IrWk11bnpyaENxb3ZwQ1dhVU9zWVhuNG45Y3BQSAo3bm1mOUJHbFI4NVhCVHNLM2d4bE5NMUhjSGFTNXZSem9WQVBNd3o2VVV0ZFNLWXRLR0Q3Wkxmbm9ISXN1SlEzCnJ6WWIyTFhpVmx6MWlNNUVmT0VrL1J5UjBwMGtleXVwa0F0OXBRV0hzaURYb0pibDE2d1ZLc2NDNGUzNjdRRWsKcFdoeXcyS3A4bXdtOGxqQllxZWtHdUREeGVZSDMzMVlGa2FMUEJCT2xPQnlveFlOUDdBVVREUlV3KzB1T01jNwozb0N1VE9jWnAxVWMwQURBOXRTRVRINklWdlFEUXZlYzR6MWRTVGRmUEkxRzVUTCt4Mzlvam5OcGVoYng0bEwvCmRxTTBmcFlPL2ZmeEFvSUJBRmwzOU8wNzdjNlY1ZHoyY1djTnhVbThGT0p4UEVrZlFEOGtYVmNOeW5HdnZoY3gKamhwWmpUdmhuSmJvd0VFMVV1MXFZNVFTQ2J1WVIzUWN1ZTVKdzRVMlZwNGd0NDIzNUlMZHo1dVlyVk1xaE5jQgpxN3ltbnhlcVhRcGVjTm15NzBQdXA0QjV0SkVYTkpQc2xzbThsNWVoaERMbkhjOFFybStlRWhUZDBlNEJJcjJoClVJeGVyRVcyemg1MXNPeTkyeVhUaVRGU3hTbENxVkYrRXM5TEVtVGJtYVNTYWw4RkY1TjEyMVhYSnkvWWRwNjkKY0dqc1BMTXIzR2xMSmVnalYzZlJUK0o1NWFxT3lhUlhCTXRBRVo3WGdUampETzJJWHNGMnNHaHV4SU1XVUYrVgp3YnhLbi9xSXVUMU1pVmpKbGZpVE0vWEFVdUN1QlowOEloaDFRcUVDZ2dFQUZwdzJySzRMSGxPM21mb2l0bU9xClkzcVFVdXVtdXNIcEt6aE1qQSsycURxUC9YdDZJY1lNcWF2YkwwL3ByMTh1bm4yTlVsM2k0ejNxS3NKOUIwTUcKd1hoa1o2RDQ3V052VkUwWG9iNS80RTN0N0EvUTFNbDRoYW1HYXZsRXFJM01DcDRvN1k5VWZ6aW10RVA3bTQ0dQpaRjYranR1ZysvSHZlS3hwcWEvNWI1U3N5QVFWUTZDZW9Ndm1nTW9CNmd2OFdid1VZbURWakJSb1Q4clBEQVllCnJnQjV1QkxJaGdyRlROMnV2TUZJZzdlTE1ISk1UR3dGWVZKd1Q1eGgrRUV0M0RoR3gwSEFnOHNqcGkxd05md1gKeENFeTRvYVloSWw1S2FDUndyK1dwZS9JZHYrajdGVTVMN1QvK0hFV0FlOEZ0eE5td3dUYWJRaUllRFkwU29ZRgpVUUtDQVFFQXRiclZqbTFsaDQ1REhIWnVsem4xNllIQzJrMUYwWG9FZFVSQ3o0QTFsMHBEK3ljL2srdmJ0Qmg0Cm1RRDV1a3FicHFFZy9GNUhDZmdOaHlieHNNdVV6NzFaU24zN2dwczNDWUdiUyt4RkhjZTJBakNTbUlYQWIxQjgKR0Z2WnV4UlB5QXU0YVBvT1J3RzM3NVBOM0VNNk83bzdxbjlYeExTZWRIMHExM2U0YkhYYm4rc2xOa1RIM2xmcwpLVnBOUUhVSUNDSW5vQ0llV1dwdnAwQnFoYjlKclRsbXd2c25zOHpZVDNiY3F5QXZHZGRnNUs3Y0MwRVJaem9ECnFJTkI3S05FVjQ1NmF0eDZVT3VYUlpKREMvaHNJUTZNaVBveUJacHRsK1ZIMEtQbEFIWGExb0FXZmNuL0U3MFYKK0RaeVBiMWxkQUdpb1hqditGd2h5VzZlWEVrQlBnPT0KLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo=</prv>
+    <prv>LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUpSQUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQ1M0d2dna3FBZ0VBQW9JQ0FRREpTUWVnVFhySnl0NVYKYmk0Rk9IeHJrOXhxQ21FRU54V2pINVVwNDBFK3hjUzZQU1NyQ0RyVzdkOVhxUmQ4SkRkQ210a0tEaUxhY1pTMgpMUm1abnd6VnRzZGtBR2pOYm5OM1hSNmlFajdGL0JnbVBlcDFTaklacFNnM2Q5L1h4cU9BM1lCWXNNL25ST29YCnlmTHcycFJOLzhHVjN3MHoxbVFZUitMZWI3UTFuc1c3dTJ5NytUdzlJNkZTQnhuR1pHdHJQWXk2RUFvQ0x2bUYKQnFCYWxkWTQ2ejdlWjlIRkZXaE8ybWpaUzVPdTE3ZVozVHBxcFFNUHVPYnFXcXJoTTF2NWN2Ymh1TmRESE1ndgpVVFVnQ0RNK2FkS3dIc0dNNGw5ZGtOQTgxdGlJcXpzN1BqcjFSbTAyVW5RdGd5bzNjeE9FdWxiT2dTSGx0aFMyCmtUMXE2UmhyemYvRGRJSEhta1RROGtwWVloWGc0VmpMQVdpSVBub2dydmxFSVYwRGFDdkQyNmJGRENtWTFzb0UKbDV1NGtYanJScDRXK29NUVRHeG80NzFMQnNBMlh1Si82ZFJBQkxXOHh1cEU4OERiaWtZbnU1V1BpSnpleHhRUgoyNU1FQVd6TCtKK0lubFExbmpMVWwyN3R0c1VQQ1VjL3c0NXpwcEREdjBmdTQ2enVLcTNjRVZGK2JESytBZ2VPCkQ2SXNzUjVRRTdFNVdkWjYrNWl6ZHB4eWdUeGh0L1k1RlBkSEdCOUJsMWt6NHhsdGFzOW9uZmtIMWRUeTd3MU0Kck43Z1l5WjgvS0pMWW9EY2NBOVFuNGt6bGtPeFVUMENuS1Exa1Y2T3RoVGxUWDMrZ25pSkkrdFdZRDltNGV1cwpzYWN1anpyWDl5TTNZcEloMnZqODJ0NHpPNjIrNFFJREFRQUJBb0lDQUNPNnZpc1BIY3pzb1NjK2dkWkU1dGNNCnZkc240UDFIenVRd0VzRUcrVG1zanVWMVBZbExrbkE4OU1DQmdDejEyOFpMcU51ZlUwSDkxK1Uzbjd2MGJ1bVAKd3BpR2R4UUNOMlpZaGZ2RWE5YW1qMTNZYjBJbks3b0FKbUdrT254NW91UFl6YlBRblBNRE9WK0VKa2JwTWRxZgptOHdmOWg2OXYzSk03bUZJS0UrOVVZR252UjhuMkhETTNwR3FONEhQS1A4MkE0RXlvQ2d2a1BTelRxc052bU5ICnBOY0RURW5rNlNsWUhUVDNOSzJjVnBldUhMUzUrazlqNWI5elhUSlE5TkpVZlN6bnEvUmFpMUZVNDY1K0xpUjEKMGVPWDdnajFWUExOcGgwcWtQQy9ubW0vZStVMmZXUGZZb2FDcWkrQ0VwU2twQXlQZ1FZZTJsSG0rYVU4MzZ2UQpuaHZuL0p5ZHJDL1NyTUFZaXpOZFYyZjlHTkNwcE1SbUZyOS9saVJiNEFpSzRLSDRETGdSRUxHaDJLNzJuOFRLCkxUSVhIV3RacisyMWU4c0Mxbm5MSENnK21wMHBvSWJsbEtoYk9VTmVxR09yWm95NFBXdDZMQndFYzN0MG1wVEMKODhiSUpqMzFCQngzTGE1SUE5b0FNRi9lbHJYdFhhVnl4bm5yTHdjYzFNVWpCV20rZDVqbC9WOEdIcEJRd3pXYwpPNWdNSXlQNUIvdzBacUcyZjV1akZkOHo4dElmcEFRRTJSbDNxRUFYNU1NY1JQaFlTNDJqTWl4czc3TmtOVldQCkpqUVoxVDVXQTVKOUxEL2FKRkplQ2MvbjhpNldOQ3FzdEQ5OVNPTCsrTTBFQTlka2lLNWtOcXFZeXZuRG9SZVcKSW84eXhvVnpObURsWjBkSU9UUzlBb0lCQVFEb2tvMWxPS05FNlBWWmRRU3lmS0JOTEZNcEl1V1VVZmp0ODU4awpJTTB0TnNyS0d2N3NmYkt0dlMvOWgwMGluU2FyWTJ4amVETG91WEI5VzdKY1B1NjRoNHYwek1lbXRhdDRyTUJnClA5bkQ3MW00dERqS2ZrZDAza2tUbk4ySTBxYkwzeFVoTjNEQlJZTU9veDFMa2M4MFFFMHhSUEM1YmRJaXcwemEKTWdtK1dOZVY1VEZoSkpQZ2dVRVo5U1A2aWV1VEY0OW9wRGNWdGUwQ0I0WnFUaTRWb3YvZFVDWGpNK0djRnNWdgpPWTZYTE9KTmRldHdnUVNkd1hlSzB1WlBpWnVKTGlsTEg4OFVKYWNoQThDZW1SclMxRUtxWElwK2dkQWV4MnhVCmY5amRMMGF2SlJEY0xqWlhETXBvWlJpc0JoWVArZzY3VHZza3FscDh4M2p2STlWVkFvSUJBUURkajZrdWNLM0MKYXprMzlqYllvM3RFZ0R5L2VGNnBjWFlpK21Ba1ZNRk9vSWJ5cmNyN3BqSnRMNFMyMEFDRmpBUGFQT042dWVVWQpQQm92dC9QODB1V1c5cGZCK29mRmdadzRqc3hLWFY4eEJmOVdLWVZndFBsOHhIL1RJcERTMjhVTlowNDlhUW4vCjlCRzNac0lyenk3RzFLRTZPLzBMMnVmMnFyaUxxRFQyV3dsdFVsbWs2Ym5NeThkR0sra1JLcFhvSm1RTlNHRHoKOXd4blU2ZmZ1NDdDLzRYMHRIVk1MVFVneFh4djdqN3BpSzI4dzBuZ1N5S3ozV0IzWTJwaFVsZEJIdEprQko1RQpoRm8zMXJCVDU5enhkb2crYXh1bkh4S3EySGFHRkt0ZUZ6RGpkTTFpQzE3bWNtWXBzR2tuenA0cjRjZm5FYTFSCko4Wmo5ZVFQaEVOZEFvSUJBUUN3d2hsbXNkb2MySFVJVFZDSm13QjJSdGJaYitWT2lkS0lmdDBYcHpwcFA3aDIKVEhndEl3ZDIxayt2LzNJWGVaclhMWlJHTVNkNEN1QTgxa0ZEckt6Z1lGeDFiR0hkQ1R2T1ZuVkxjWnUvTjUxWQpMTmp3eFhMbmxyMnhnMG8zMytuWERyQlBjNFJsejcvZ2t3WUQxa2pGckkwK2dlZjI5a2w4RkRUSHJMb05DaGFuCm5PNmZweDRneGZ2Rmo3T05pZDhhQnhEK2RiaEw3dDIzNmlJMWp6K2xRQ0g0Z1I2YWhHYldxOVBZU2NWZWprVmMKbTkrWnZPVFdSU0RteUkwMExDQ2k3UXVEUmlTcmFrYVFaL3F3VHlxOHk0ZnpWS3dKby8yYU52VFZiK2xSaWNuTgorWHpMNnU5dno0L1NNZXZEYWtqQVVjdDZmbmVQa1UxK2dsZ2VZSHlWQW9JQkFRRFJtYW0wVEZhbFdXaHMvNWtOClEwTkhINFhZb1JmMGRta0xXQStCNzBoY2lOS0JYRlp0ME9GZGw1bVdsSm9adk1hY1BBUDd3MGJ1c1ZVWWxZN1YKTy9LRTZVM1I3WjlxQWw1Mnh1aU81Vnc3ZFhBRDVBM1EyZ1EzdTNFdG5VS2lwOVA0QlNYb1JLbDRJVDV0WVdJSgpyZHVUciszQ3VLT0FCcHh4Snpxa3JBRkdtZ01HRCtUTWRXd1hTU1NBeHVPYklNMW1MSU4wYVdlSEJNMFFKdnptClZIb1BFVXA1b0FwamdWVUVacTk4K0VjK0NOWkxmL2d3bndQNllsQnpRWEtQRlNXRWJwTWNtWjNjTmRWZmc5T1YKM1FDUTBkQzhNL21hRlhSRWVibE95TmtCanpEcHpVTExJUFNyVDhoRVlpWm95VGVyVGRJZVVBUEZoYnBTTUhtTApFRlhsQW9JQkFRQ0VUdVJQRHZvMC9tdDhyTzhLNENsamtuU0gxZ1FBSjFha3U3UXg3NUJUTDB6OWRNY2lMK1JLCng1R1lFTW1wcUtNb2FPbWc0WFVRMVRlQ2Vic1R0NjMyWXp6cmNCU0d1RzVnN1o0UUVublUzRXU5QklIMUVSL2gKSEk0NWowU0xNRUpObkNiTkpnRVNRRUFCbzN3cHhrRTdiRGlNdTVPOXVqMlFRVTlTTm94QkFmbVFXRDJJaU1BRQpWYzV3QTNZajBMdElSYkJmdzNBTE9uNlRSc2xucy9JMnd2Z1RCQW9sU3NZbEtEK0NRY3hDZldlNmZwU21aYmlCClBGUE9DY1ZQTXhGeXBhZWFJMkRXNWRPNFNoNGQ0ZlZma2F3ck9LN1N2QnFZb0Y5L2VndThzQS9ZdklaRVltQUQKd0ZIOGs1QjJ4WXdiNkVmNmFFQ29ZTitsNWtlWmhNWTgKLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo=</prv>
+        <qnameminstrict/>
+      <queues/>
+      <quick>1</quick>
+      <quick>1</quick>
+      <quick>1</quick>
+      <quick>1</quick>
+      </range>
+      <range>
+      <reboot/>
+        <recipient>root@localhost.local</recipient>
+    <refid>6734d13fa9e4a</refid>
+    <refid>6734d6c82dc59</refid>
+        <regdhcp/>
+        <regdhcpdomain/>
+        <regdhcpstatic/>
+        <reminder/>
+      <remotes/>
+        <reservations/>
+  </revision>
+  <revision>
+    <rocommunity>public</rocommunity>
+    <route/>
+  </rrd>
+  <rrd>
+    <rrdbackup>-1</rrdbackup>
+        <rrsetcachesize/>
+    </rule>
+    </rule>
+    </rule>
+    </rule>
+    </rule>
+    </rule>
+        <rules/>
+      <rules/>
+      <rules/>
+    <rule uuid="0465308d-8605-466c-bcb4-95eeb989251a">
+    <rule uuid="2df05591-13e7-4d91-a1b8-d25e338ada5f">
+    <rule uuid="4a5e7b65-0d7f-4452-8a29-2ec61a47ec19">
+    <rule uuid="b21f808a-6a4a-4cd6-9a83-1660cc8ea58b">
+    <rule uuid="f2ee612c-c290-4445-8045-df82a86db0e5">
+    <rule uuid="f79eded0-3c11-4f57-9aaa-55d4888589fa">
+        <safesearch/>
+      <scope>system</scope>
+      <scope>system</scope>
+    <secondaryconsole>serial</secondaryconsole>
+    <sequence>system_information-container:00000000-col3:show,services_status-container:00000001-col4:show,gateways-container:00000002-col4:show,interface_list-container:00000003-col4:show</sequence>
+    <serialspeed>115200</serialspeed>
+        <serveexpired/>
+        <serveexpiredclienttimeout/>
+        <serveexpiredreplyttl/>
+        <serveexpiredttl/>
+        <serveexpiredttlreset/>
+      </server>
+        <servers/>
+      <servers/>
+      <server version="1.0.0">
+      </service>
+      </service>
+      </service>
+      </service>
+      <service uuid="7513f341-7d21-4f11-903f-30d07b3aa41e">
+      <service uuid="c1e99556-91f5-4dbf-81d7-7915a3213de9">
+      <service uuid="dca8a81f-d389-4baa-b477-8b348194fd25">
+      <service uuid="f99ada79-ba1a-4ee1-81f1-ef570e8e5ea9">
+        <snatrules/>
+  </snmpd>
+  <snmpd>
+      </source>
+      </source>
+      </source>
+      </source>
+      </source>
+      </source>
+      <source>
+      <source>
+      <source>
+      <source>
+      <source>
+      <source>
+      <SPDs/>
+      <spoofmac/>
+    </ssh>
+    <ssh>
+        <ssl>0</ssl>
+      <ssl-certref>6734d6c82dc59</ssl-certref>
+      <ssl-ciphers/>
+        <sslverify>1</sslverify>
+        <sslversion>auto</sslversion>
+        <start/>
+        <start/>
+        <start/>
+        <start/>
+        <startdelay>120</startdelay>
+        <starttimeout>30</starttimeout>
+        <starttimeout>30</starttimeout>
+        <starttimeout>30</starttimeout>
+        <starttimeout>30</starttimeout>
+        <statefile/>
+      <statetype>keep state</statetype>
+      <statetype>keep state</statetype>
+      <statetype>keep state</statetype>
+      <statetype>keep state</statetype>
+      <StaticKeys/>
+      </staticmap>
+      <staticmap>
+  </staticroutes>
+  <staticroutes version="1.0.0">
+        <stats/>
+        <stop/>
+        <stop/>
+        <stop/>
+        <stop/>
+      <subnet>24</subnet>
+      <subnet>8</subnet>
+        <subnets/>
+      <subnetv6>128</subnetv6>
+      <subnetv6>64</subnetv6>
+      <subscription/>
+    </Swanctl>
+    <Swanctl version="1.0.0">
+    <synchronizetoip/>
+    <syncitems/>
+    <syscontact/>
+  </sysctl>
+  <sysctl>
+    <syslocation/>
+  <syslog/>
+    </Syslog>
+        <syslog>0</syslog>
+        <syslog_eve>0</syslog_eve>
+    <Syslog version="1.0.2">
+  </system>
+  <system>
+        <targets/>
+        <templates/>
+      <templates/>
+      </test>
+      </test>
+      </test>
+      </test>
+      </test>
+      </test>
+      </test>
+      </test>
+      </test>
+      </test>
+      </test>
+        <tests>865105a2-cbea-4a01-9979-c67818da9d99</tests>
+        <tests>91b4e409-211b-49d5-9fa3-dc9054106646,cbe9cb72-e8c2-4740-990c-abcc486b0654,c0708923-88de-4178-abdd-819737440ce0,e887125d-c5d2-45e6-b40d-2c400d5449d1</tests>
+        <tests>cc3684f2-701e-4de4-883d-803e08cf47b6</tests>
+        <tests>f2d734cb-2a0e-4375-9460-11bdd5b20503</tests>
+      <test uuid="16186b38-0e13-4cc3-ad18-ccc3fcc91837">
+      <test uuid="69117d4d-8c41-4712-97c0-87b4fa7c9837">
+      <test uuid="865105a2-cbea-4a01-9979-c67818da9d99">
+      <test uuid="91b4e409-211b-49d5-9fa3-dc9054106646">
+      <test uuid="c0708923-88de-4178-abdd-819737440ce0">
+      <test uuid="c34aab30-9194-4667-b516-004b9c90c1c0">
+      <test uuid="cbe9cb72-e8c2-4740-990c-abcc486b0654">
+      <test uuid="cc3684f2-701e-4de4-883d-803e08cf47b6">
+      <test uuid="e887125d-c5d2-45e6-b40d-2c400d5449d1">
+      <test uuid="ea6b821c-4f30-455b-bd5b-23a6f0c20554">
+      <test uuid="f2d734cb-2a0e-4375-9460-11bdd5b20503">
+  <theme>opnsense</theme>
+          <this_server_name/>
+        <time>1731518072.7612</time>
+        <time>1731518072.7612</time>
+        <time>1731518084.0639</time>
+        <time>1731518084.0639</time>
+        <time>1731518114.2801</time>
+        <time>1731518114.2801</time>
+        <time>1731518311.7033</time>
+        <time>1731518356.7559</time>
+    <time>1731534516.7156</time>
+        <timeout>300</timeout>
+        <timeout>300</timeout>
+        <timeout>300</timeout>
+        <timeout>300</timeout>
+        <time_period/>
+    <timeservers>0.opnsense.pool.ntp.org 1.opnsense.pool.ntp.org 2.opnsense.pool.ntp.org 3.opnsense.pool.ntp.org</timeservers>
+    <timezone>Etc/UTC</timezone>
+        <to>10.100.8.245</to>
+          <toclient_groups/>
+          <toserver_groups/>
+      <track6-interface>wan</track6-interface>
+      <track6-prefix-id>0</track6-prefix-id>
+    </TrafficShaper>
+    <TrafficShaper version="1.0.3">
+      <tunable>hw.ibrs_disable</tunable>
+      <tunable>hw.syscons.kbd_reboot</tunable>
+      <tunable>kern.ipc.maxsockbuf</tunable>
+      <tunable>kern.randompid</tunable>
+      <tunable>net.inet6.ip6.prefer_tempaddr</tunable>
+      <tunable>net.inet6.ip6.redirect</tunable>
+      <tunable>net.inet6.ip6.use_tempaddr</tunable>
+      <tunable>net.inet.icmp.icmplim</tunable>
+      <tunable>net.inet.icmp.log_redirect</tunable>
+      <tunable>net.inet.ip.accept_sourceroute</tunable>
+      <tunable>net.inet.ip.portrange.first</tunable>
+      <tunable>net.inet.ip.random_id</tunable>
+      <tunable>net.inet.ip.redirect</tunable>
+      <tunable>net.inet.ip.sourceroute</tunable>
+      <tunable>net.inet.tcp.blackhole</tunable>
+      <tunable>net.inet.tcp.delayed_ack</tunable>
+      <tunable>net.inet.tcp.drop_synfin</tunable>
+      <tunable>net.inet.tcp.log_debug</tunable>
+      <tunable>net.inet.tcp.recvspace</tunable>
+      <tunable>net.inet.tcp.sendspace</tunable>
+      <tunable>net.inet.tcp.syncookies</tunable>
+      <tunable>net.inet.tcp.tso</tunable>
+      <tunable>net.inet.udp.blackhole</tunable>
+      <tunable>net.inet.udp.checksum</tunable>
+      <tunable>net.inet.udp.maxdgram</tunable>
+      <tunable>net.link.bridge.pfil_bridge</tunable>
+      <tunable>net.link.bridge.pfil_local_phys</tunable>
+      <tunable>net.link.bridge.pfil_member</tunable>
+      <tunable>net.link.bridge.pfil_onlyip</tunable>
+      <tunable>net.link.tap.user_open</tunable>
+      <tunable>net.local.dgram.maxdgram</tunable>
+      <tunable>security.bsd.see_other_gids</tunable>
+      <tunable>security.bsd.see_other_uids</tunable>
+      <tunable>vfs.read_max</tunable>
+      <tunable>vm.pmap.pti</tunable>
+        <txtsupport/>
+        <type/>
+      <type/>
+        <type>custom</type>
+        <type>custom</type>
+        <type>filesystem</type>
+        <type>NetworkInterface</type>
+        <type>NetworkInterface</type>
+        <type>NetworkPing</type>
+      <type>none</type>
+      <type>pass</type>
+      <type>pass</type>
+      <type>pass</type>
+      <type>pass</type>
+      <type>pass</type>
+      <type>pass</type>
+        <type>ProgramStatus</type>
+        <type>ProgramStatus</type>
+        <type>SpaceUsage</type>
+        <type>SystemResource</type>
+        <type>SystemResource</type>
+        <type>SystemResource</type>
+        <type>SystemResource</type>
+        <type>SystemResource</type>
+        <type>system</type>
+      <uid>0</uid>
+    </unboundplus>
+    <unboundplus version="1.0.9">
+        <unwantedreplythreshold/>
+        <UpdateCron/>
+      </updated>
+      </updated>
+      </updated>
+      </updated>
+      <updated>
+      <updated>
+      <updated>
+      <updated>
+        up your logs consuming your whole hard drive.</descr>
+          <url/>
+    </user>
+    <user>
+      <userDefinedRules/>
+        <username/>
+    <username/>
+        <username>root@192.168.5.204</username>
+        <username>root@192.168.5.204</username>
+        <username>root@192.168.5.204</username>
+        <username>root@192.168.5.204</username>
+        <username>root@192.168.5.204</username>
+        <username>root@192.168.5.204</username>
+        <username>root@192.168.5.204</username>
+        <username>root@192.168.5.204</username>
+    <username>root@192.168.5.204</username>
+    <usevirtualterminal>1</usevirtualterminal>
+          <valid_lifetime>4000</valid_lifetime>
+        <valloglevel>0</valloglevel>
+      <value>default</value>
+      <value>default</value>
+      <value>default</value>
+      <value>default</value>
+      <value>default</value>
+      <value>default</value>
+      <value>default</value>
+      <value>default</value>
+      <value>default</value>
+      <value>default</value>
+      <value>default</value>
+      <value>default</value>
+      <value>default</value>
+      <value>default</value>
+      <value>default</value>
+      <value>default</value>
+      <value>default</value>
+      <value>default</value>
+      <value>default</value>
+      <value>default</value>
+      <value>default</value>
+      <value>default</value>
+      <value>default</value>
+      <value>default</value>
+      <value>default</value>
+      <value>default</value>
+      <value>default</value>
+      <value>default</value>
+      <value>default</value>
+      <value>default</value>
+      <value>default</value>
+      <value>default</value>
+      <value>default</value>
+      <value>default</value>
+      <value>default</value>
+        <verbosity/>
+        <version>v9</version>
+    <vip/>
+      <virtual>1</virtual>
+  </virtualip>
+  <virtualip version="1.0.0">
+    <vlan/>
+  </vlans>
+  <vlans version="1.0.0">
+      <VTIs/>
+      <vxlans version="1.0.2"/>
+    </wan>
+    <wan>
+    </webgui>
+    <webgui>
+        <weight>1</weight>
+        <whitelists/>
+  </widgets>
+  <widgets>
+        <wildcards/>
+        <winsserver/>
+    </wireguard>
+    <wireguard>
+  </wireless>
+  <wireless>
+<?xml version="1.0"?>
+      <zones/>