From cc9bcb902c15eee2b6eb16e3ddc9f7f894d441d1 Mon Sep 17 00:00:00 2001
From: Jean-Gabriel Gill-Couture <jeangabriel.gc@gmail.com>
Date: Mon, 18 Nov 2024 17:05:48 -0500
Subject: [PATCH] feat: DhcpConfig can now effectively manage a config file to
 add a static map entry

---
 .../opnsense-config-xml/interfaces_expand.rs  |  581 +------
 .../opnsense-config-xml/src/data/dhcpd.rs     |   12 +-
 .../src/data/interfaces.rs                    |   79 +-
 .../opnsense-config-xml/src/data/opnsense.rs  |   43 +-
 .../src/xml_utils/generic_xml.rs              |  256 ---
 .../src/xml_utils/maybe_string.rs             |  173 --
 .../opnsense-config-xml/src/xml_utils/mod.rs  |   26 +-
 .../src/xml_utils/yaserde.rs                  |   20 -
 harmony-rs/opnsense-config/src/config.rs      |   20 +-
 .../opnsense-config/src/modules/dhcp.rs       |   20 +-
 .../src/tests/data/config-full-1.xml          |   16 +-
 ...ig-structure-with-dhcp-staticmap-entry.xml | 1431 +++++++++++++++++
 .../src/tests/data/config-structure.xml       |   32 +-
 13 files changed, 1595 insertions(+), 1114 deletions(-)
 delete mode 100644 harmony-rs/opnsense-config-xml/src/xml_utils/generic_xml.rs
 delete mode 100644 harmony-rs/opnsense-config-xml/src/xml_utils/maybe_string.rs
 delete mode 100644 harmony-rs/opnsense-config-xml/src/xml_utils/yaserde.rs
 create mode 100644 harmony-rs/opnsense-config/src/tests/data/config-structure-with-dhcp-staticmap-entry.xml

diff --git a/harmony-rs/opnsense-config-xml/interfaces_expand.rs b/harmony-rs/opnsense-config-xml/interfaces_expand.rs
index f5c03c7..3ca4b76 100644
--- a/harmony-rs/opnsense-config-xml/interfaces_expand.rs
+++ b/harmony-rs/opnsense-config-xml/interfaces_expand.rs
@@ -1,586 +1,9 @@
 mod interfaces {
-    use xml::reader::XmlEvent;
     use yaserde::{
-        raw_xml::RawXml, YaDeserialize as YaDeserializeTrait,
-        YaSerialize as YaSerializeTrait,
+        NamedList, YaDeserialize as YaDeserializeTrait, YaSerialize as YaSerializeTrait,
     };
     use yaserde_derive::{YaDeserialize, YaSerialize};
-    use std::collections::HashMap;
-    use crate::xml_utils::MaybeString;
-    pub struct Interfaces {
-        pub testraw: RawXml,
-        pub interfaces: HashMap<String, Interface>,
-    }
-    #[automatically_derived]
-    impl ::core::default::Default for Interfaces {
-        #[inline]
-        fn default() -> Interfaces {
-            Interfaces {
-                testraw: ::core::default::Default::default(),
-                interfaces: ::core::default::Default::default(),
-            }
-        }
-    }
-    #[automatically_derived]
-    impl ::core::marker::StructuralPartialEq for Interfaces {}
-    #[automatically_derived]
-    impl ::core::cmp::PartialEq for Interfaces {
-        #[inline]
-        fn eq(&self, other: &Interfaces) -> bool {
-            self.testraw == other.testraw && self.interfaces == other.interfaces
-        }
-    }
-    #[automatically_derived]
-    impl ::core::fmt::Debug for Interfaces {
-        #[inline]
-        fn fmt(&self, f: &mut ::core::fmt::Formatter) -> ::core::fmt::Result {
-            ::core::fmt::Formatter::debug_struct_field2_finish(
-                f,
-                "Interfaces",
-                "testraw",
-                &self.testraw,
-                "interfaces",
-                &&self.interfaces,
-            )
-        }
-    }
-    #[allow(non_upper_case_globals, unused_attributes, unused_qualifications)]
-    const _IMPL_YA_SERIALIZE_FOR_Interfaces: () = {
-        use ::std::str::FromStr as _;
-        impl ::yaserde::YaSerialize for Interfaces {
-            #[allow(unused_variables)]
-            fn serialize<W: ::std::io::Write>(
-                &self,
-                writer: &mut ::yaserde::ser::Serializer<W>,
-            ) -> ::std::result::Result<(), ::std::string::String> {
-                let skip = writer.skip_start_end();
-                if !false && !skip {
-                    let mut child_attributes = ::alloc::vec::Vec::new();
-                    let mut child_attributes_namespace = ::yaserde::__xml::namespace::Namespace::empty();
-                    let yaserde_label = writer
-                        .get_start_event_name()
-                        .unwrap_or_else(|| "Interfaces".to_string());
-                    let struct_start_event = ::yaserde::__xml::writer::XmlEvent::start_element(
-                        yaserde_label.as_ref(),
-                    );
-                    let event: ::yaserde::__xml::writer::events::XmlEvent = struct_start_event
-                        .into();
-                    if let ::yaserde::__xml::writer::events::XmlEvent::StartElement {
-                        name,
-                        attributes,
-                        namespace,
-                    } = event {
-                        let mut attributes: ::std::vec::Vec<
-                            ::yaserde::__xml::attribute::OwnedAttribute,
-                        > = attributes
-                            .into_owned()
-                            .to_vec()
-                            .iter()
-                            .map(|k| k.to_owned())
-                            .collect();
-                        attributes.extend(child_attributes);
-                        let all_attributes = attributes
-                            .iter()
-                            .map(|ca| ca.borrow())
-                            .collect();
-                        let mut all_namespaces = namespace.into_owned();
-                        all_namespaces.extend(&child_attributes_namespace);
-                        writer
-                            .write(::yaserde::__xml::writer::events::XmlEvent::StartElement {
-                                name,
-                                attributes: ::std::borrow::Cow::Owned(all_attributes),
-                                namespace: ::std::borrow::Cow::Owned(all_namespaces),
-                            })
-                            .map_err(|e| e.to_string())?;
-                    } else {
-                        ::core::panicking::panic(
-                            "internal error: entered unreachable code",
-                        )
-                    }
-                }
-                if !false {
-                    writer
-                        .set_start_event_name(
-                            ::std::option::Option::Some("testraw".to_string()),
-                        );
-                    writer.set_skip_start_end(false);
-                    ::yaserde::YaSerialize::serialize(&self.testraw, writer)?;
-                }
-                if !false {
-                    writer
-                        .set_start_event_name(
-                            ::std::option::Option::Some("interfaces".to_string()),
-                        );
-                    writer.set_skip_start_end(false);
-                    ::yaserde::YaSerialize::serialize(&self.interfaces, writer)?;
-                }
-                if !false && !skip {
-                    let struct_end_event = ::yaserde::__xml::writer::XmlEvent::end_element();
-                    writer.write(struct_end_event).map_err(|e| e.to_string())?;
-                }
-                ::std::result::Result::Ok(())
-            }
-            fn serialize_attributes(
-                &self,
-                mut source_attributes: ::std::vec::Vec<
-                    ::yaserde::__xml::attribute::OwnedAttribute,
-                >,
-                mut source_namespace: ::yaserde::__xml::namespace::Namespace,
-            ) -> ::std::result::Result<
-                (
-                    ::std::vec::Vec<::yaserde::__xml::attribute::OwnedAttribute>,
-                    ::yaserde::__xml::namespace::Namespace,
-                ),
-                ::std::string::String,
-            > {
-                let mut child_attributes = ::std::vec::Vec::<
-                    ::yaserde::__xml::attribute::OwnedAttribute,
-                >::new();
-                let mut child_attributes_namespace = ::yaserde::__xml::namespace::Namespace::empty();
-                let struct_start_event = ::yaserde::__xml::writer::XmlEvent::start_element(
-                    "temporary_element_to_generate_attributes",
-                );
-                let event: ::yaserde::__xml::writer::events::XmlEvent = struct_start_event
-                    .into();
-                if let ::yaserde::__xml::writer::events::XmlEvent::StartElement {
-                    attributes,
-                    namespace,
-                    ..
-                } = event {
-                    source_namespace.extend(&namespace.into_owned());
-                    source_namespace.extend(&child_attributes_namespace);
-                    let a: ::std::vec::Vec<
-                        ::yaserde::__xml::attribute::OwnedAttribute,
-                    > = attributes
-                        .into_owned()
-                        .to_vec()
-                        .iter()
-                        .map(|k| k.to_owned())
-                        .collect();
-                    source_attributes.extend(a);
-                    source_attributes.extend(child_attributes);
-                    ::std::result::Result::Ok((source_attributes, source_namespace))
-                } else {
-                    ::core::panicking::panic("internal error: entered unreachable code");
-                }
-            }
-        }
-    };
-    #[allow(non_upper_case_globals, unused_attributes, unused_qualifications)]
-    const _IMPL_YA_DESERIALIZE_FOR_Interfaces: () = {
-        use ::std::str::FromStr as _;
-        use ::yaserde::Visitor as _;
-        impl ::yaserde::YaDeserialize for Interfaces {
-            #[allow(unused_variables)]
-            fn deserialize<R: ::std::io::Read>(
-                reader: &mut ::yaserde::de::Deserializer<R>,
-            ) -> ::std::result::Result<Self, ::std::string::String> {
-                let (named_element, struct_namespace) = if let ::yaserde::__xml::reader::XmlEvent::StartElement {
-                    name,
-                    ..
-                } = reader.peek()?.to_owned()
-                {
-                    (name.local_name.to_owned(), name.namespace.clone())
-                } else {
-                    (
-                        ::std::string::String::from("Interfaces"),
-                        ::std::option::Option::None,
-                    )
-                };
-                let start_depth = reader.depth();
-                {
-                    let lvl = ::log::Level::Debug;
-                    if lvl <= ::log::STATIC_MAX_LEVEL && lvl <= ::log::max_level() {
-                        ::log::__private_api::log(
-                            format_args!(
-                                "Struct {0} @ {1}: start to parse {2:?}",
-                                "Interfaces",
-                                start_depth,
-                                named_element,
-                            ),
-                            lvl,
-                            &(
-                                "yaserde_derive",
-                                "opnsense_config_xml::data::interfaces",
-                                ::log::__private_api::loc(),
-                            ),
-                            (),
-                        );
-                    }
-                };
-                if reader.depth() == 0 {
-                    if let Some(namespace) = struct_namespace {
-                        match namespace.as_str() {
-                            bad_namespace => {
-                                let msg = ::alloc::__export::must_use({
-                                    let res = ::alloc::fmt::format(
-                                        format_args!(
-                                            "bad namespace for {0}, found {1}",
-                                            named_element,
-                                            bad_namespace,
-                                        ),
-                                    );
-                                    res
-                                });
-                                return Err(msg);
-                            }
-                        }
-                    }
-                }
-                #[allow(unused_mut)]
-                let mut __testraw_value: Option<RawXml> = None;
-                #[allow(unused_mut)]
-                let mut __interfaces_value: Option<HashMap<String, Interface>> = None;
-                let mut depth = 0;
-                loop {
-                    let event = reader.peek()?.to_owned();
-                    {
-                        let lvl = ::log::Level::Trace;
-                        if lvl <= ::log::STATIC_MAX_LEVEL && lvl <= ::log::max_level() {
-                            ::log::__private_api::log(
-                                format_args!(
-                                    "Struct {0} @ {1}: matching {2:?}",
-                                    "Interfaces",
-                                    start_depth,
-                                    event,
-                                ),
-                                lvl,
-                                &(
-                                    "yaserde_derive",
-                                    "opnsense_config_xml::data::interfaces",
-                                    ::log::__private_api::loc(),
-                                ),
-                                (),
-                            );
-                        }
-                    };
-                    match event {
-                        ::yaserde::__xml::reader::XmlEvent::StartElement {
-                            ref name,
-                            ref attributes,
-                            ..
-                        } => {
-                            let namespace = name.namespace.clone().unwrap_or_default();
-                            if depth == 0 && name.local_name == "Interfaces"
-                                && namespace.as_str() == ""
-                            {
-                                let event = reader.next_event()?;
-                            } else {
-                                match (namespace.as_str(), name.local_name.as_str()) {
-                                    ("", "testraw") => {
-                                        if depth == 0 {
-                                            let _root = reader.next_event();
-                                        }
-                                        {
-                                            let lvl = ::log::Level::Debug;
-                                            if lvl <= ::log::STATIC_MAX_LEVEL
-                                                && lvl <= ::log::max_level()
-                                            {
-                                                ::log::__private_api::log(
-                                                    format_args!("Looking at startElement"),
-                                                    lvl,
-                                                    &(
-                                                        "yaserde_derive",
-                                                        "opnsense_config_xml::data::interfaces",
-                                                        ::log::__private_api::loc(),
-                                                    ),
-                                                    (),
-                                                );
-                                            }
-                                        };
-                                        {
-                                            let lvl = ::log::Level::Warn;
-                                            if lvl <= ::log::STATIC_MAX_LEVEL
-                                                && lvl <= ::log::max_level()
-                                            {
-                                                ::log::__private_api::log(
-                                                    format_args!("matching field type ASPDOJIASDPJIDASPJASDJI"),
-                                                    lvl,
-                                                    &(
-                                                        "opnsense_config_xml::data::interfaces",
-                                                        "opnsense_config_xml::data::interfaces",
-                                                        ::log::__private_api::loc(),
-                                                    ),
-                                                    (),
-                                                );
-                                            }
-                                        };
-                                        if let Ok(
-                                            ::yaserde::__xml::reader::XmlEvent::StartElement { .. },
-                                        ) = reader.peek()
-                                        {
-                                            {
-                                                let lvl = ::log::Level::Warn;
-                                                if lvl <= ::log::STATIC_MAX_LEVEL
-                                                    && lvl <= ::log::max_level()
-                                                {
-                                                    ::log::__private_api::log(
-                                                        format_args!("Found start element ?? {0}", "RawXml"),
-                                                        lvl,
-                                                        &(
-                                                            "opnsense_config_xml::data::interfaces",
-                                                            "opnsense_config_xml::data::interfaces",
-                                                            ::log::__private_api::loc(),
-                                                        ),
-                                                        (),
-                                                    );
-                                                }
-                                            };
-                                            let value = <RawXml as ::yaserde::YaDeserialize>::deserialize(
-                                                reader,
-                                            )?;
-                                            __testraw_value = ::std::option::Option::Some(value);
-                                            let _event = reader.next_event()?;
-                                        } else {
-                                            {
-                                                let lvl = ::log::Level::Warn;
-                                                if lvl <= ::log::STATIC_MAX_LEVEL
-                                                    && lvl <= ::log::max_level()
-                                                {
-                                                    ::log::__private_api::log(
-                                                        format_args!(
-                                                            "matching field type did not find substruct start element ? {0}",
-                                                            "RawXml",
-                                                        ),
-                                                        lvl,
-                                                        &(
-                                                            "opnsense_config_xml::data::interfaces",
-                                                            "opnsense_config_xml::data::interfaces",
-                                                            ::log::__private_api::loc(),
-                                                        ),
-                                                        (),
-                                                    );
-                                                }
-                                            };
-                                        }
-                                    }
-                                    ("", "interfaces") => {
-                                        if depth == 0 {
-                                            let _root = reader.next_event();
-                                        }
-                                        {
-                                            let lvl = ::log::Level::Debug;
-                                            if lvl <= ::log::STATIC_MAX_LEVEL
-                                                && lvl <= ::log::max_level()
-                                            {
-                                                ::log::__private_api::log(
-                                                    format_args!("Looking at startElement"),
-                                                    lvl,
-                                                    &(
-                                                        "yaserde_derive",
-                                                        "opnsense_config_xml::data::interfaces",
-                                                        ::log::__private_api::loc(),
-                                                    ),
-                                                    (),
-                                                );
-                                            }
-                                        };
-                                        {
-                                            let lvl = ::log::Level::Warn;
-                                            if lvl <= ::log::STATIC_MAX_LEVEL
-                                                && lvl <= ::log::max_level()
-                                            {
-                                                ::log::__private_api::log(
-                                                    format_args!("matching field type ASPDOJIASDPJIDASPJASDJI"),
-                                                    lvl,
-                                                    &(
-                                                        "opnsense_config_xml::data::interfaces",
-                                                        "opnsense_config_xml::data::interfaces",
-                                                        ::log::__private_api::loc(),
-                                                    ),
-                                                    (),
-                                                );
-                                            }
-                                        };
-                                        if let Ok(
-                                            ::yaserde::__xml::reader::XmlEvent::StartElement { .. },
-                                        ) = reader.peek()
-                                        {
-                                            {
-                                                let lvl = ::log::Level::Warn;
-                                                if lvl <= ::log::STATIC_MAX_LEVEL
-                                                    && lvl <= ::log::max_level()
-                                                {
-                                                    ::log::__private_api::log(
-                                                        format_args!(
-                                                            "Found start element ?? {0}",
-                                                            "HashMap < String, Interface >",
-                                                        ),
-                                                        lvl,
-                                                        &(
-                                                            "opnsense_config_xml::data::interfaces",
-                                                            "opnsense_config_xml::data::interfaces",
-                                                            ::log::__private_api::loc(),
-                                                        ),
-                                                        (),
-                                                    );
-                                                }
-                                            };
-                                            let value = <HashMap<
-                                                String,
-                                                Interface,
-                                            > as ::yaserde::YaDeserialize>::deserialize(reader)?;
-                                            __interfaces_value = ::std::option::Option::Some(value);
-                                            let _event = reader.next_event()?;
-                                        } else {
-                                            {
-                                                let lvl = ::log::Level::Warn;
-                                                if lvl <= ::log::STATIC_MAX_LEVEL
-                                                    && lvl <= ::log::max_level()
-                                                {
-                                                    ::log::__private_api::log(
-                                                        format_args!(
-                                                            "matching field type did not find substruct start element ? {0}",
-                                                            "HashMap < String, Interface >",
-                                                        ),
-                                                        lvl,
-                                                        &(
-                                                            "opnsense_config_xml::data::interfaces",
-                                                            "opnsense_config_xml::data::interfaces",
-                                                            ::log::__private_api::loc(),
-                                                        ),
-                                                        (),
-                                                    );
-                                                }
-                                            };
-                                        }
-                                    }
-                                    _ => {
-                                        {
-                                            let lvl = ::log::Level::Trace;
-                                            if lvl <= ::log::STATIC_MAX_LEVEL
-                                                && lvl <= ::log::max_level()
-                                            {
-                                                ::log::__private_api::log(
-                                                    format_args!("Got StartElement {0:?}", name.local_name),
-                                                    lvl,
-                                                    &(
-                                                        "yaserde_derive",
-                                                        "opnsense_config_xml::data::interfaces",
-                                                        ::log::__private_api::loc(),
-                                                    ),
-                                                    (),
-                                                );
-                                            }
-                                        };
-                                        let event = reader.next_event()?;
-                                        {
-                                            let lvl = ::log::Level::Trace;
-                                            if lvl <= ::log::STATIC_MAX_LEVEL
-                                                && lvl <= ::log::max_level()
-                                            {
-                                                ::log::__private_api::log(
-                                                    format_args!("Next event {0:?}", event),
-                                                    lvl,
-                                                    &(
-                                                        "yaserde_derive",
-                                                        "opnsense_config_xml::data::interfaces",
-                                                        ::log::__private_api::loc(),
-                                                    ),
-                                                    (),
-                                                );
-                                            }
-                                        };
-                                        if depth > 0 {
-                                            return Err(
-                                                ::alloc::__export::must_use({
-                                                    let res = ::alloc::fmt::format(
-                                                        format_args!(
-                                                            "Found unauthorized element {0}",
-                                                            name.local_name,
-                                                        ),
-                                                    );
-                                                    res
-                                                }),
-                                            );
-                                            reader.skip_element(|event| {})?;
-                                        }
-                                    }
-                                }
-                            }
-                            if depth == 0 {}
-                            depth += 1;
-                        }
-                        ::yaserde::__xml::reader::XmlEvent::EndElement { ref name } => {
-                            {
-                                let lvl = ::log::Level::Warn;
-                                if lvl <= ::log::STATIC_MAX_LEVEL
-                                    && lvl <= ::log::max_level()
-                                {
-                                    ::log::__private_api::log(
-                                        format_args!("endElement {0}", named_element),
-                                        lvl,
-                                        &(
-                                            "opnsense_config_xml::data::interfaces",
-                                            "opnsense_config_xml::data::interfaces",
-                                            ::log::__private_api::loc(),
-                                        ),
-                                        (),
-                                    );
-                                }
-                            };
-                            if name.local_name == named_element
-                                && reader.depth() == start_depth + 1
-                            {
-                                break;
-                            }
-                            let event = reader.next_event()?;
-                            depth -= 1;
-                        }
-                        ::yaserde::__xml::reader::XmlEvent::EndDocument => {
-                            if false {
-                                break;
-                            }
-                        }
-                        ::yaserde::__xml::reader::XmlEvent::Characters(
-                            ref text_content,
-                        ) => {
-                            let event = reader.next_event()?;
-                        }
-                        event => {
-                            return ::std::result::Result::Err(
-                                ::alloc::__export::must_use({
-                                    let res = ::alloc::fmt::format(
-                                        format_args!("unknown event {0:?}", event),
-                                    );
-                                    res
-                                }),
-                            );
-                        }
-                    }
-                }
-                {
-                    let lvl = ::log::Level::Debug;
-                    if lvl <= ::log::STATIC_MAX_LEVEL && lvl <= ::log::max_level() {
-                        ::log::__private_api::log(
-                            format_args!(
-                                "Struct {0} @ {1}: success",
-                                "Interfaces",
-                                start_depth,
-                            ),
-                            lvl,
-                            &(
-                                "yaserde_derive",
-                                "opnsense_config_xml::data::interfaces",
-                                ::log::__private_api::loc(),
-                            ),
-                            (),
-                        );
-                    }
-                };
-                ::std::result::Result::Ok(Interfaces {
-                    testraw: __testraw_value
-                        .ok_or_else(|| {
-                            "testraw is a required field of Interfaces".to_string()
-                        })?,
-                    interfaces: __interfaces_value
-                        .ok_or_else(|| {
-                            "interfaces is a required field of Interfaces".to_string()
-                        })?,
-                })
-            }
-        }
-    };
+    use yaserde::MaybeString;
     pub struct Interface {
         #[yaserde(rename = "if")]
         pub physical_interface_name: String,
diff --git a/harmony-rs/opnsense-config-xml/src/data/dhcpd.rs b/harmony-rs/opnsense-config-xml/src/data/dhcpd.rs
index 5f54437..9115e43 100644
--- a/harmony-rs/opnsense-config-xml/src/data/dhcpd.rs
+++ b/harmony-rs/opnsense-config-xml/src/data/dhcpd.rs
@@ -4,12 +4,12 @@ use yaserde::MaybeString;
 
 use super::opnsense::{NumberOption, Range, StaticMap};
 
-#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
-#[yaserde(rename = "dhcpd")]
-pub struct Dhcpd {
-    #[yaserde(rename = "lan")]
-    pub lan: DhcpInterface,
-}
+// #[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+// #[yaserde(rename = "dhcpd")]
+// pub struct Dhcpd {
+//     #[yaserde(rename = "lan")]
+//     pub lan: DhcpInterface,
+// }
 
 #[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
 pub struct DhcpInterface {
diff --git a/harmony-rs/opnsense-config-xml/src/data/interfaces.rs b/harmony-rs/opnsense-config-xml/src/data/interfaces.rs
index af5bb2a..9d8104e 100644
--- a/harmony-rs/opnsense-config-xml/src/data/interfaces.rs
+++ b/harmony-rs/opnsense-config-xml/src/data/interfaces.rs
@@ -1,65 +1,106 @@
-use yaserde::{NamedList, YaDeserialize as YaDeserializeTrait, YaSerialize as YaSerializeTrait};
 use yaserde_derive::{YaDeserialize, YaSerialize};
 
 use yaserde::MaybeString;
 
-#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
-pub struct Interfaces {
-    pub interfaces: NamedList<Interface>,
-}
-
 #[derive(Default, PartialEq, Debug, YaDeserialize, YaSerialize)]
 pub struct Interface {
+    pub internal_dynamic: Option<MaybeString>,
     #[yaserde(rename = "if")]
     pub physical_interface_name: String,
     pub descr: String,
     pub enable: MaybeString,
+    pub lock: Option<MaybeString>,
     #[yaserde(rename = "spoofmac")]
     pub spoof_mac: Option<MaybeString>,
-    pub internal_dynamic: Option<MaybeString>,
     pub ipaddr: Option<MaybeString>,
     #[yaserde(rename = "blockpriv")]
     pub block_priv: Option<MaybeString>,
     #[yaserde(rename = "blockbogons")]
     pub block_bogons: Option<MaybeString>,
-    pub lock: Option<MaybeString>,
     #[yaserde(rename = "type")]
     pub r#type: Option<MaybeString>,
     #[yaserde(rename = "virtual")]
     pub r#virtual: Option<MaybeString>,
     pub subnet: Option<MaybeString>,
+    pub ipaddrv6: Option<MaybeString>,
     pub networks: Option<MaybeString>,
     pub subnetv6: Option<MaybeString>,
-    pub ipaddrv6: Option<MaybeString>,
     #[yaserde(rename = "track6-interface")]
     pub track6_interface: Option<MaybeString>,
     #[yaserde(rename = "track6-prefix-id")]
     pub track6_prefix_id: Option<MaybeString>,
 }
 
-pub trait MyDeserialize: YaDeserializeTrait {}
-pub trait MySerialize: YaSerializeTrait {}
-
 #[cfg(test)]
 mod test {
+    use crate::xml_utils::to_xml_str;
+
     use super::*;
     use pretty_assertions::assert_eq;
+    use yaserde::NamedList;
 
     #[derive(Default, PartialEq, Debug, YaDeserialize, YaSerialize)]
-    pub struct TestStruct {
+    pub struct InterfacesParent {
         foo: String,
+        interfaces: NamedList<Interface>,
         bar: String,
     }
 
     #[test]
     fn should_deserialize_interfaces() {
-        let test_struct =
-            yaserde::de::from_str::<TestStruct>("<xml><foo>aodisj</foo><bar>barbaba</bar></xml>")
-                .unwrap();
-        println!("test_struct : {:?}", test_struct);
+        let interfaces =
+            yaserde::de::from_str::<NamedList<Interface>>(FULL_INTERFACES_XML).unwrap();
+        assert_eq!(interfaces.elements.len(), 6)
+    }
 
-        let interfaces = yaserde::de::from_str::<Interfaces>(FULL_INTERFACES_XML).unwrap();
-        assert_eq!(interfaces.interfaces.elements.len(), 6)
+    #[test]
+    fn should_serialize_interfaces() {
+        let named_list = NamedList {
+            elements: vec![
+                (String::from("paul"), Interface::default()),
+                (String::from("anotherpaul"), Interface::default()),
+                (String::from("thirdone"), Interface::default()),
+                (String::from("andgofor4"), Interface::default()),
+            ],
+        };
+
+        let parent = InterfacesParent {
+            foo: String::from("foo"),
+            interfaces: named_list,
+            bar: String::from("foo"),
+        };
+
+        assert_eq!(
+            &to_xml_str(&parent).unwrap(),
+            r#"<?xml version="1.0"?>
+<InterfacesParent>
+  <foo>foo</foo>
+  <interfaces>
+    <paul>
+      <if></if>
+      <descr></descr>
+      <enable/>
+    </paul>
+    <anotherpaul>
+      <if></if>
+      <descr></descr>
+      <enable/>
+    </anotherpaul>
+    <thirdone>
+      <if></if>
+      <descr></descr>
+      <enable/>
+    </thirdone>
+    <andgofor4>
+      <if></if>
+      <descr></descr>
+      <enable/>
+    </andgofor4>
+  </interfaces>
+  <bar>foo</bar>
+</InterfacesParent>
+"#
+        )
     }
 
     const FULL_INTERFACES_XML: &str = "<interfaces>
diff --git a/harmony-rs/opnsense-config-xml/src/data/opnsense.rs b/harmony-rs/opnsense-config-xml/src/data/opnsense.rs
index c331c45..6facf52 100644
--- a/harmony-rs/opnsense-config-xml/src/data/opnsense.rs
+++ b/harmony-rs/opnsense-config-xml/src/data/opnsense.rs
@@ -1,23 +1,9 @@
-use crate::data::dhcpd::Dhcpd;
-use yaserde::{MaybeString, RawXml};
+use crate::{data::dhcpd::DhcpInterface, xml_utils::to_xml_str};
 use log::error;
+use yaserde::{MaybeString, NamedList, RawXml};
 use yaserde_derive::{YaDeserialize, YaSerialize};
 
-impl From<String> for OPNsense {
-    fn from(content: String) -> Self {
-        yaserde::de::from_str(&content)
-            .map_err(|e| error!("{}", e.to_string()))
-            .expect("OPNSense received invalid string, should be full XML")
-    }
-}
-
-impl OPNsense {
-    pub fn to_xml(&self) -> String {
-        yaserde::ser::to_string(self)
-            .map_err(|e| error!("{}", e.to_string()))
-            .expect("OPNSense could not serialize to XML")
-    }
-}
+use super::Interface;
 
 #[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
 #[yaserde(rename = "opnsense")]
@@ -25,8 +11,9 @@ pub struct OPNsense {
     pub theme: String,
     pub sysctl: Sysctl,
     pub system: RawXml,
-    pub interfaces: RawXml,
-    pub dhcpd: Dhcpd,
+    // pub interfaces: RawXml,
+    pub interfaces: NamedList<Interface>,
+    pub dhcpd: NamedList<DhcpInterface>,
     pub snmpd: Snmpd,
     pub syslog: Syslog,
     pub nat: Nat,
@@ -56,6 +43,23 @@ pub struct OPNsense {
     pub ifgroups: Ifgroups,
 }
 
+impl From<String> for OPNsense {
+    fn from(content: String) -> Self {
+        yaserde::de::from_str(&content)
+            .map_err(|e| println!("{}", e.to_string()))
+            .expect("OPNSense received invalid string, should be full XML")
+    }
+}
+
+impl OPNsense {
+    pub fn to_xml(&self) -> String {
+        to_xml_str(self)
+            .map_err(|e| error!("{}", e.to_string()))
+            .expect("OPNSense could not serialize to XML")
+    }
+}
+
+
 #[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
 pub struct LoadBalancer {
     pub monitor_type: Vec<MonitorType>,
@@ -945,6 +949,7 @@ pub struct Acl {
     pub browser: MaybeString,
     #[yaserde(rename = "mimeType")]
     pub mime_type: MaybeString,
+    #[yaserde(rename = "googleapps")]
     pub google_apps: MaybeString,
     pub youtube: MaybeString,
     #[yaserde(rename = "safePorts")]
diff --git a/harmony-rs/opnsense-config-xml/src/xml_utils/generic_xml.rs b/harmony-rs/opnsense-config-xml/src/xml_utils/generic_xml.rs
deleted file mode 100644
index e670156..0000000
--- a/harmony-rs/opnsense-config-xml/src/xml_utils/generic_xml.rs
+++ /dev/null
@@ -1,256 +0,0 @@
-use xml::reader::XmlEvent as ReadEvent;
-use yaserde::{ser, YaDeserialize as YaDeserializeTrait, YaSerialize as YaSerializeTrait};
-
-#[derive(Debug, PartialEq, Default)]
-pub struct RawXml(String);
-
-impl YaDeserializeTrait for RawXml {
-    fn deserialize<R: std::io::Read>(
-        reader: &mut yaserde::de::Deserializer<R>,
-    ) -> Result<Self, String> {
-        let mut buffer = String::new();
-        let mut depth = 0;
-
-        let own_name = match reader.peek()? {
-            ReadEvent::StartElement { name, .. } => name.local_name.clone(),
-            _ => return Err("RawXml Should start deserializing with StartElement".to_string()),
-        };
-        println!("RawXml deserialize from root element name : {own_name}");
-        loop {
-            let current_event = reader.peek()?.to_owned();
-            match current_event.clone() {
-                ReadEvent::StartElement {
-                    name, attributes, ..
-                } => {
-                    println!("StartElement {name} depth {depth}");
-                    depth += 1;
-                    let mut attr_string = String::new();
-                    attributes.iter().for_each(|a| {
-                        attr_string.push_str(&format!(r#" {}="{}""#, &a.name, &a.value));
-                    });
-                    buffer.push_str(&format!("<{}{}>", name, attr_string));
-                    let _event = reader.next_event()?;
-                }
-                ReadEvent::EndElement { name } => {
-                    println!("EndElement {name} depth {depth}");
-                    depth -= 1;
-                    buffer.push_str(&format!("</{}>", name));
-                    println!(
-                        "Checking if name.local_name {} matches own_name {} at depth {depth}",
-                        &name.local_name, &own_name
-                    );
-                    if name.local_name == own_name && depth == 0 {
-                        println!(
-                            "Found next EndElement is closing my struct, breaking out of loop"
-                        );
-                        break;
-                    } else {
-                        let _event = reader.next_event()?;
-                    }
-                }
-                ReadEvent::Characters(content) => {
-                    println!("Characters {content} depth {depth}");
-                    buffer.push_str(&content);
-                    let _event = reader.next_event()?;
-                }
-                ReadEvent::StartDocument {
-                    version,
-                    encoding,
-                    standalone,
-                } => todo!(
-                    "StartDocument {:?} {:?} {:?}",
-                    version,
-                    encoding,
-                    standalone
-                ),
-                ReadEvent::EndDocument => todo!(),
-                ReadEvent::ProcessingInstruction { name, data } => {
-                    todo!("ProcessingInstruction {:?}, {:?}", name, data)
-                }
-                ReadEvent::CData(cdata) => todo!("CData, {:?}", cdata),
-                ReadEvent::Comment(comment) => todo!("Comment, {:?}", comment),
-                ReadEvent::Whitespace(whitespace) => todo!("Whitespace, {:?}", whitespace),
-            }
-            let next = reader.peek()?;
-            println!(
-                "Processing done on \ncurrent_event : {:?} \nnext : {:?}",
-                &current_event, &next
-            );
-        }
-
-        println!("buffered events {buffer}");
-        let next = reader.peek()?;
-        println!("next : {:?}", &next);
-
-        Ok(RawXml(buffer))
-    }
-}
-
-impl YaSerializeTrait for RawXml {
-    fn serialize<W: std::io::Write>(&self, writer: &mut ser::Serializer<W>) -> Result<(), String> {
-        let content = self.0.clone();
-        let content = xml::EventReader::from_str(content.as_str());
-        let mut reader = yaserde::de::Deserializer::new(content);
-        loop {
-            let e = reader.next_event()?;
-            if let ReadEvent::EndDocument = e {
-                break;
-            }
-            writer
-                .write(e.as_writer_event().unwrap())
-                .expect("Writer should write write event");
-        }
-        Ok(())
-    }
-
-    fn serialize_attributes(
-        &self,
-        attributes: Vec<xml::attribute::OwnedAttribute>,
-        namespace: xml::namespace::Namespace,
-    ) -> Result<
-        (
-            Vec<xml::attribute::OwnedAttribute>,
-            xml::namespace::Namespace,
-        ),
-        String,
-    > {
-        todo!()
-    }
-}
-
-#[cfg(test)]
-mod test {
-    use crate::xml_utils::to_xml_str;
-
-    use super::*;
-    use pretty_assertions::assert_eq;
-    use yaserde_derive::YaDeserialize;
-    use yaserde_derive::YaSerialize;
-
-    #[derive(Debug, PartialEq, Default, YaDeserialize)]
-    pub struct Parent {
-        //    pub rawxml_child: RawXml,
-        pub string_child: String,
-        pub child_child: Child,
-    }
-
-    #[derive(Debug, PartialEq, Default, YaDeserialize)]
-    pub struct Child {
-        pub child_val: String,
-        pub child_val2: String,
-        pub child_option: Option<String>,
-    }
-
-    #[test]
-    fn rawxml_should_buffer_empty_element() {
-        let rawxml: RawXml = yaserde::de::from_str("<something/>").unwrap();
-        assert_eq!(rawxml.0, String::from("<something></something>"));
-    }
-
-    #[test]
-    fn rawxml_should_buffer_elements_with_different_case_as_they_are() {
-        let xml = "<xml><Some_thing></Some_thing><something></something></xml>";
-        let rawxml: RawXml = yaserde::de::from_str(xml).unwrap();
-        assert_eq!(rawxml.0, String::from(xml));
-    }
-
-    #[test]
-    fn rawxml_should_buffer_elements_with_attributes() {
-        let xml = r#"<xml version="ababa"><Some_thing></Some_thing><something></something></xml>"#;
-        let rawxml: RawXml = yaserde::de::from_str(xml).unwrap();
-        assert_eq!(rawxml.0, String::from(xml));
-    }
-
-    #[test]
-    fn rawxml_should_handle_complex_documents() {
-        let xml = r#"<xml><OpenVPN version="1.0.0"><Overwrites></Overwrites><Instances></Instances><StaticKeys></StaticKeys></OpenVPN><Gateways version="0.0.1"></Gateways><HAProxy version="4.0.0"><general><enabled>1</enabled><gracefulStop>0</gracefulStop><hardStopAfter>60s</hardStopAfter><closeSpreadTime></closeSpreadTime><seamlessReload>0</seamlessReload><storeOcsp>0</storeOcsp><showIntro>1</showIntro><peers><enabled>0</enabled><name1></name1><listen1></listen1><port1>1024</port1><name2></name2><listen2></listen2><port2>1024</port2></peers><tuning><root>0</root><maxConnections></maxConnections><nbthread>1</nbthread><sslServerVerify>ignore</sslServerVerify><maxDHSize>2048</maxDHSize><bufferSize>16384</bufferSize></tuning></general></HAProxy></xml>"#;
-        let rawxml: RawXml = yaserde::de::from_str(xml).unwrap();
-        assert_eq!(rawxml.0, String::from(xml));
-    }
-
-    #[test]
-    fn rawxml_should_serialize_simple_documents() {
-        let xml = r#"<?xml version="1.0" encoding="utf-8"?><xml />"#;
-        let rawxml: RawXml = yaserde::de::from_str(xml).unwrap();
-        assert_eq!(yaserde::ser::to_string(&rawxml).unwrap(), xml);
-    }
-
-    #[test]
-    fn rawxml_should_serialize_complex_documents() {
-        let xml = r#"<?xml version="1.0"?>
-<xml>
-  <OpenVPN version="1.0.0">
-    <Overwrites/>
-    <Instances/>
-    <StaticKeys/>
-  </OpenVPN>
-  <Gateways version="0.0.1"/>
-  <HAProxy version="4.0.0">
-    <general>
-      <enabled>1</enabled>
-      <gracefulStop>0</gracefulStop>
-      <hardStopAfter>60s</hardStopAfter>
-      <closeSpreadTime/>
-      <seamlessReload>0</seamlessReload>
-      <storeOcsp>0</storeOcsp>
-      <showIntro>1</showIntro>
-      <peers>
-        <enabled>0</enabled>
-        <name1/>
-        <listen1/>
-        <port1>1024</port1>
-        <name2/>
-        <listen2/>
-        <port2>1024</port2>
-      </peers>
-      <tuning>
-        <root>0</root>
-        <maxConnections/>
-        <nbthread>1</nbthread>
-        <sslServerVerify>ignore</sslServerVerify>
-        <maxDHSize>2048</maxDHSize>
-        <bufferSize>16384</bufferSize>
-      </tuning>
-    </general>
-  </HAProxy>
-</xml>
-"#;
-        let rawxml: RawXml = yaserde::de::from_str(xml).unwrap();
-        assert_eq!(to_xml_str(&rawxml).unwrap(), xml);
-    }
-
-    #[test]
-    fn rawxml_should_allow_siblings_before() {
-        #[derive(YaDeserialize, YaSerialize)]
-        struct Config {
-            paul: Vec<String>,
-            raw: RawXml,
-        }
-        let xml = r#"<?xml version="1.0" encoding="utf-8"?><Config><paul>bobob</paul><paul>patate</paul><raw>allo something</raw></Config>"#;
-        let config: Config = yaserde::de::from_str(xml).unwrap();
-        assert_eq!(yaserde::ser::to_string(&config).unwrap(), xml);
-    }
-
-    #[test]
-    fn rawxml_should_allow_siblings_after() {
-        #[derive(YaDeserialize, YaSerialize)]
-        struct Config {
-            raw: RawXml,
-            paul: Vec<String>,
-        }
-        let xml = r#"<?xml version="1.0" encoding="utf-8"?><Config><raw>allo something</raw><paul>bobob</paul><paul>patate</paul></Config>"#;
-        let config: Config = yaserde::de::from_str(xml).unwrap();
-        assert_eq!(config.paul.get(0).unwrap(), "bobob");
-        assert_eq!(config.paul.get(1).unwrap(), "patate");
-        assert_eq!(config.paul.len(), 2);
-        assert_eq!(config.raw.0, "<raw>allo something</raw>");
-        assert_eq!(yaserde::ser::to_string(&config).unwrap(), xml);
-    }
-
-    #[test]
-    fn rawxml_should_allow_being_end_of_document() {
-        let xml = r#"<?xml version="1.0" encoding="utf-8"?><Config><raw>allo something</raw><paul>bobob</paul><paul>patate</paul></Config>"#;
-        let config: RawXml = yaserde::de::from_str(xml).unwrap();
-        assert_eq!(yaserde::ser::to_string(&config).unwrap(), xml);
-    }
-}
diff --git a/harmony-rs/opnsense-config-xml/src/xml_utils/maybe_string.rs b/harmony-rs/opnsense-config-xml/src/xml_utils/maybe_string.rs
deleted file mode 100644
index 7c7f4c9..0000000
--- a/harmony-rs/opnsense-config-xml/src/xml_utils/maybe_string.rs
+++ /dev/null
@@ -1,173 +0,0 @@
-use xml::reader::XmlEvent as ReadEvent;
-use xml::writer::XmlEvent as WriteEvent;
-use yaserde::{ser, YaDeserialize as YaDeserializeTrait, YaSerialize as YaSerializeTrait};
-
-#[derive(Debug, PartialEq, Default)]
-pub struct MaybeString {
-    field_name: String,
-    content: Option<String>,
-}
-
-impl YaDeserializeTrait for MaybeString {
-    fn deserialize<R: std::io::Read>(
-        reader: &mut yaserde::de::Deserializer<R>,
-    ) -> Result<Self, String> {
-        let field_name = match reader.peek()? {
-            ReadEvent::StartElement {
-                name, attributes, ..
-            } => {
-                if attributes.len() > 0 {
-                    return Err(String::from(
-                        "Attributes not currently supported by MaybeString",
-                    ));
-                }
-
-                name.local_name.clone()
-            }
-            _ => return Err(String::from("Unsupporte ReadEvent type")),
-        };
-        reader.next_event()?;
-
-        let content = match reader.peek()? {
-            ReadEvent::Characters(content) => Some(content.clone()),
-            ReadEvent::EndElement { name } => {
-                if name.local_name != field_name {
-                    return Err(format!(
-                        "Invalid EndElement, expected {field_name} but got {}",
-                        name.local_name
-                    ));
-                }
-                None
-            }
-            _ => return Err(String::from("Unsupporte ReadEvent type")),
-        };
-
-        Ok(Self {
-            field_name,
-            content,
-        })
-    }
-}
-
-impl YaSerializeTrait for MaybeString {
-    fn serialize<W: std::io::Write>(&self, writer: &mut ser::Serializer<W>) -> Result<(), String> {
-        let start_element_event = WriteEvent::start_element(self.field_name.as_str());
-        writer.write(start_element_event).expect("Writer failed");
-        match &self.content {
-            Some(content) => {
-                writer
-                    .write(WriteEvent::characters(content))
-                    .expect("Writer failed");
-            }
-            None => {}
-        };
-
-        writer
-            .write(WriteEvent::end_element())
-            .expect("Writer failed");
-        Ok(())
-    }
-
-    fn serialize_attributes(
-        &self,
-        _attributes: Vec<xml::attribute::OwnedAttribute>,
-        _namespace: xml::namespace::Namespace,
-    ) -> Result<
-        (
-            Vec<xml::attribute::OwnedAttribute>,
-            xml::namespace::Namespace,
-        ),
-        String,
-    > {
-        unimplemented!("MaybeString does not currently support attributes")
-    }
-}
-
-#[cfg(test)]
-mod test {
-    use super::*;
-    use pretty_assertions::assert_eq;
-    use yaserde_derive::YaDeserialize;
-    use yaserde_derive::YaSerialize;
-
-    #[derive(Debug, PartialEq, Default, YaDeserialize, YaSerialize)]
-    struct TestStruct {
-        maybe: MaybeString,
-    }
-
-    #[test]
-    fn maybe_string_should_deserialize_empty_element() {
-        let initial_xml = "<struct><maybe/></struct>";
-        let test_struct: TestStruct =
-            yaserde::de::from_str(initial_xml).expect("Shoudl deserialize teststruct");
-        println!("Got test_struct {:?}", test_struct);
-        assert_eq!(
-            test_struct,
-            TestStruct {
-                maybe: MaybeString {
-                    field_name: String::from("maybe"),
-                    content: None
-                }
-            }
-        );
-    }
-
-    #[test]
-    fn maybe_string_should_deserialize_content() {
-        let initial_xml = "<struct><maybe>some content</maybe></struct>";
-        let test_struct: TestStruct =
-            yaserde::de::from_str(initial_xml).expect("Shoudl deserialize teststruct");
-        println!("Got test_struct {:?}", test_struct);
-        assert_eq!(
-            test_struct,
-            TestStruct {
-                maybe: MaybeString {
-                    field_name: String::from("maybe"),
-                    content: Some(String::from("some content"))
-                }
-            }
-        );
-    }
-
-    #[test]
-    fn maybe_string_should_deserialize_empty_long_format() {
-        let initial_xml = "<struct><maybe></maybe></struct>";
-        let test_struct: TestStruct =
-            yaserde::de::from_str(initial_xml).expect("Shoudl deserialize teststruct");
-        println!("Got test_struct {:?}", test_struct);
-        assert_eq!(
-            test_struct,
-            TestStruct {
-                maybe: MaybeString {
-                    field_name: String::from("maybe"),
-                    content: None
-                }
-            }
-        );
-    }
-
-    #[test]
-    fn maybe_string_should_serialize_to_empty_element() {
-        let initial_xml =
-            r#"<?xml version="1.0" encoding="utf-8"?><TestStruct><maybe /></TestStruct>"#;
-        let test_struct: TestStruct =
-            yaserde::de::from_str(initial_xml).expect("Shoudl deserialize teststruct");
-        println!("Got test_struct {:?}", test_struct);
-        assert_eq!(
-            yaserde::ser::to_string(&test_struct).expect("should serialize teststruct"),
-            initial_xml
-        );
-    }
-
-    #[test]
-    fn maybe_string_should_serialize_content() {
-        let initial_xml = r#"<?xml version="1.0" encoding="utf-8"?><TestStruct><maybe>some content</maybe></TestStruct>"#;
-        let test_struct: TestStruct =
-            yaserde::de::from_str(initial_xml).expect("Shoudl deserialize teststruct");
-        println!("Got test_struct {:?}", test_struct);
-        assert_eq!(
-            yaserde::ser::to_string(&test_struct).expect("should serialize teststruct"),
-            initial_xml
-        );
-    }
-}
diff --git a/harmony-rs/opnsense-config-xml/src/xml_utils/mod.rs b/harmony-rs/opnsense-config-xml/src/xml_utils/mod.rs
index ea92079..bdd2fcd 100644
--- a/harmony-rs/opnsense-config-xml/src/xml_utils/mod.rs
+++ b/harmony-rs/opnsense-config-xml/src/xml_utils/mod.rs
@@ -1,6 +1,20 @@
-//mod generic_xml;
-//mod maybe_string;
-mod yaserde;
-//pub use generic_xml::*;
-//pub use maybe_string::*;
-pub use yaserde::*;
+use yaserde::YaSerialize;
+
+pub fn to_xml_str<T: YaSerialize>(model: &T) -> Result<String, String> {
+    let yaserde_cfg = yaserde::ser::Config {
+        perform_indent: true,
+        write_document_declaration: false,
+        pad_self_closing: false,
+        ..Default::default()
+    };
+    let serialized = yaserde::ser::to_string_with_config::<T>(model, &yaserde_cfg)?;
+
+    // Opnsense does not specify encoding in the document declaration
+    //
+    // yaserde / xml-rs does not allow disabling the encoding attribute in the
+    // document declaration
+    //
+    // So here we just manually prefix the xml document with the exact document declaration
+    // that opnsense uses
+    Ok(format!("<?xml version=\"1.0\"?>\n{serialized}\n"))
+}
diff --git a/harmony-rs/opnsense-config-xml/src/xml_utils/yaserde.rs b/harmony-rs/opnsense-config-xml/src/xml_utils/yaserde.rs
deleted file mode 100644
index bdd2fcd..0000000
--- a/harmony-rs/opnsense-config-xml/src/xml_utils/yaserde.rs
+++ /dev/null
@@ -1,20 +0,0 @@
-use yaserde::YaSerialize;
-
-pub fn to_xml_str<T: YaSerialize>(model: &T) -> Result<String, String> {
-    let yaserde_cfg = yaserde::ser::Config {
-        perform_indent: true,
-        write_document_declaration: false,
-        pad_self_closing: false,
-        ..Default::default()
-    };
-    let serialized = yaserde::ser::to_string_with_config::<T>(model, &yaserde_cfg)?;
-
-    // Opnsense does not specify encoding in the document declaration
-    //
-    // yaserde / xml-rs does not allow disabling the encoding attribute in the
-    // document declaration
-    //
-    // So here we just manually prefix the xml document with the exact document declaration
-    // that opnsense uses
-    Ok(format!("<?xml version=\"1.0\"?>\n{serialized}\n"))
-}
diff --git a/harmony-rs/opnsense-config/src/config.rs b/harmony-rs/opnsense-config/src/config.rs
index 36681f6..0a40aa3 100644
--- a/harmony-rs/opnsense-config/src/config.rs
+++ b/harmony-rs/opnsense-config/src/config.rs
@@ -170,9 +170,11 @@ impl Config {
 
 #[cfg(test)]
 mod tests {
+    use crate::modules::dhcp::DhcpConfig;
+
     use super::*;
-    use std::path::PathBuf;
     use pretty_assertions::assert_eq;
+    use std::path::PathBuf;
 
     #[tokio::test]
     async fn test_load_config_from_local_file() {
@@ -199,23 +201,31 @@ mod tests {
     #[tokio::test]
     async fn test_add_dhcpd_static_entry() {
         let mut test_file_path = PathBuf::from(env!("CARGO_MANIFEST_DIR"));
-        test_file_path.push("src/tests/data/config-full-1.xml");
+        test_file_path.push("src/tests/data/config-structure.xml");
 
         let config_file_path = test_file_path.to_str().unwrap().to_string();
         println!("File path {config_file_path}");
         let repository = Box::new(LocalFileConfigRepository::new(config_file_path));
-        let config_file_str = repository.load().await.unwrap();
         let mut config = Config::new(repository)
             .await
             .expect("Failed to load config");
 
         println!("Config {:?}", config);
 
+        let mut dhcp_config = DhcpConfig::new(&mut config.opnsense);
+        dhcp_config.add_static_mapping("00:00:00:00:00:00", Ipv4Addr::new(192,168,20,100), "hostname").expect("Should add static mapping");
+
         let serialized = config.opnsense.to_xml();
 
         fs::write("/tmp/serialized.xml", &serialized).unwrap();
 
-        assert_eq!(config_file_str, serialized);
-        todo!();
+        let mut test_file_path = PathBuf::from(env!("CARGO_MANIFEST_DIR"));
+        test_file_path.push("src/tests/data/config-structure-with-dhcp-staticmap-entry.xml");
+
+        let config_file_path = test_file_path.to_str().unwrap().to_string();
+        println!("File path {config_file_path}");
+        let repository = Box::new(LocalFileConfigRepository::new(config_file_path));
+        let expected_config_file_str = repository.load().await.unwrap();
+        assert_eq!(expected_config_file_str, serialized);
     }
 }
diff --git a/harmony-rs/opnsense-config/src/modules/dhcp.rs b/harmony-rs/opnsense-config/src/modules/dhcp.rs
index 4b50d18..983c1d5 100644
--- a/harmony-rs/opnsense-config/src/modules/dhcp.rs
+++ b/harmony-rs/opnsense-config/src/modules/dhcp.rs
@@ -51,7 +51,16 @@ impl<'a> DhcpConfig<'a> {
     ) -> Result<(), DhcpError> {
         let mac = mac.to_string();
         let hostname = hostname.to_string();
-        let range = &self.opnsense.dhcpd.lan.range;
+        let lan_dhcpd = &mut self
+            .opnsense
+            .dhcpd
+            .elements
+            .iter_mut()
+            .find(|(name, _config)| return name == "lan")
+            .expect("Interface lan should have dhcpd activated")
+            .1;
+
+        let range = &lan_dhcpd.range;
 
         if !Self::is_valid_mac(&mac) {
             return Err(DhcpError::InvalidMacAddress(mac));
@@ -61,7 +70,7 @@ impl<'a> DhcpConfig<'a> {
             return Err(DhcpError::IpAddressOutOfRange(ipaddr.to_string()));
         }
 
-        let existing_mappings = &self.opnsense.dhcpd.lan.staticmaps;
+        let existing_mappings: &mut Vec<StaticMap> = &mut lan_dhcpd.staticmaps;
 
         if existing_mappings.iter().any(|m| {
             m.ipaddr
@@ -86,14 +95,10 @@ impl<'a> DhcpConfig<'a> {
             ntpserver: Default::default(),
         };
 
-        self.opnsense.dhcpd.lan.staticmaps.push(static_map);
+        existing_mappings.push(static_map);
         Ok(())
     }
 
-    pub fn get_static_mappings(&self) -> &[StaticMap] {
-        &self.opnsense.dhcpd.lan.staticmaps
-    }
-
     fn is_valid_mac(mac: &str) -> bool {
         let parts: Vec<&str> = mac.split(':').collect();
         if parts.len() != 6 {
@@ -158,5 +163,4 @@ mod test {
         let ip = "192.168.1.201".parse::<Ipv4Addr>().unwrap();
         assert_eq!(DhcpConfig::is_ip_in_range(&ip, &range), false);
     }
-
 }
diff --git a/harmony-rs/opnsense-config/src/tests/data/config-full-1.xml b/harmony-rs/opnsense-config/src/tests/data/config-full-1.xml
index fd2853d..33eff7a 100644
--- a/harmony-rs/opnsense-config/src/tests/data/config-full-1.xml
+++ b/harmony-rs/opnsense-config/src/tests/data/config-full-1.xml
@@ -320,9 +320,9 @@
       <enable>1</enable>
       <lock>1</lock>
       <spoofmac/>
+      <ipaddr>pppoe</ipaddr>
       <blockpriv>1</blockpriv>
       <blockbogons>1</blockbogons>
-      <ipaddr>pppoe</ipaddr>
     </wan>
     <lan>
       <if>em1</if>
@@ -337,15 +337,15 @@
     </lan>
     <lo0>
       <internal_dynamic>1</internal_dynamic>
+      <if>lo0</if>
       <descr>Loopback</descr>
       <enable>1</enable>
-      <if>lo0</if>
       <ipaddr>127.0.0.1</ipaddr>
-      <ipaddrv6>::1</ipaddrv6>
-      <subnet>8</subnet>
-      <subnetv6>128</subnetv6>
       <type>none</type>
       <virtual>1</virtual>
+      <subnet>8</subnet>
+      <ipaddrv6>::1</ipaddrv6>
+      <subnetv6>128</subnetv6>
     </lo0>
     <opt1>
       <if>em5</if>
@@ -358,18 +358,18 @@
     </opt1>
     <wireguard>
       <internal_dynamic>1</internal_dynamic>
-      <descr>WireGuard (Group)</descr>
       <if>wireguard</if>
-      <virtual>1</virtual>
+      <descr>WireGuard (Group)</descr>
       <enable>1</enable>
       <type>group</type>
+      <virtual>1</virtual>
       <networks/>
     </wireguard>
     <openvpn>
       <internal_dynamic>1</internal_dynamic>
-      <enable>1</enable>
       <if>openvpn</if>
       <descr>OpenVPN</descr>
+      <enable>1</enable>
       <type>group</type>
       <virtual>1</virtual>
       <networks/>
diff --git a/harmony-rs/opnsense-config/src/tests/data/config-structure-with-dhcp-staticmap-entry.xml b/harmony-rs/opnsense-config/src/tests/data/config-structure-with-dhcp-staticmap-entry.xml
new file mode 100644
index 0000000..51d1a09
--- /dev/null
+++ b/harmony-rs/opnsense-config/src/tests/data/config-structure-with-dhcp-staticmap-entry.xml
@@ -0,0 +1,1431 @@
+<?xml version="1.0"?>
+<opnsense>
+  <theme>opnsense</theme>
+  <sysctl>
+    <item>
+      <descr>Increase UFS read-ahead speeds to match the state of hard drives and NCQ.</descr>
+      <tunable>vfs.read_max</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Set the ephemeral port range to be lower.</descr>
+      <tunable>net.inet.ip.portrange.first</tunable>
+      <value>default</value>
+    </item>
+  </sysctl>
+  <system>
+    <use_mfs_tmp/>
+    <use_mfs_var/>
+    <serialspeed>115200</serialspeed>
+    <primaryconsole>serial</primaryconsole>
+    <secondaryconsole>video</secondaryconsole>
+    <optimization>normal</optimization>
+    <hostname>OPN1</hostname>
+    <domain>somedomain.yourlocal.mcd</domain>
+    <group>
+      <name>admins</name>
+      <description>System Administrators</description>
+      <scope>system</scope>
+      <gid>1999</gid>
+      <member>0</member>
+      <member>2000</member>
+      <priv>page-all</priv>
+    </group>
+    <user>
+      <name>root</name>
+      <descr>System Administrator</descr>
+      <scope>system</scope>
+      <groupname>admins</groupname>
+      <password>$2y$10$5555555555o8dj21980j1doiOIJDIOASJOID!jidjeue19812y</password>
+      <uid>0</uid>
+      <expires/>
+      <authorizedkeys/>
+      <ipsecpsk/>
+      <otp_seed/>
+    </user>
+    <user>
+      <password>$2y$11$55555555556D8198uOASIDJaiojdjd1oijdijosaoijdaoidOIASJDoijdoiadOASdoiK</password>
+      <scope>user</scope>
+      <name>someuser</name>
+      <descr/>
+      <expires/>
+      <authorizedkeys/>
+      <ipsecpsk/>
+      <otp_seed/>
+      <shell>/bin/sh</shell>
+      <uid>2000</uid>
+    </user>
+    <nextuid>2001</nextuid>
+    <nextgid>2000</nextgid>
+    <timezone>Etc/UTC</timezone>
+    <timeservers>0.opnsense.pool.ntp.org 1.opnsense.pool.ntp.org 2.opnsense.pool.ntp.org 3.opnsense.pool.ntp.org</timeservers>
+    <webgui>
+      <protocol>https</protocol>
+      <ssl-certref>6155aba4c9375</ssl-certref>
+      <port/>
+      <ssl-ciphers/>
+      <interfaces/>
+      <compression/>
+    </webgui>
+    <usevirtualterminal>1</usevirtualterminal>
+    <disableconsolemenu>1</disableconsolemenu>
+    <disablevlanhwfilter>1</disablevlanhwfilter>
+    <disablechecksumoffloading>1</disablechecksumoffloading>
+    <disablesegmentationoffloading>1</disablesegmentationoffloading>
+    <disablelargereceiveoffloading>1</disablelargereceiveoffloading>
+    <ipv6allow>1</ipv6allow>
+    <powerd_ac_mode>hadp</powerd_ac_mode>
+    <powerd_battery_mode>hadp</powerd_battery_mode>
+    <powerd_normal_mode>hadp</powerd_normal_mode>
+    <bogons>
+      <interval>monthly</interval>
+    </bogons>
+    <crypto_hardware>aesni</crypto_hardware>
+    <pf_share_forward>1</pf_share_forward>
+    <lb_use_sticky>1</lb_use_sticky>
+    <kill_states>1</kill_states>
+    <ssh>
+      <group>admins</group>
+      <noauto>1</noauto>
+      <interfaces/>
+      <kex/>
+      <ciphers/>
+      <macs/>
+      <keys/>
+      <enabled>enabled</enabled>
+      <passwordauth>1</passwordauth>
+      <keysig/>
+      <permitrootlogin>1</permitrootlogin>
+    </ssh>
+    <firmware version="1.0.1">
+      <mirror/>
+      <flavour/>
+      <plugins>os-ddclient,os-dyndns,os-haproxy,os-wireguard</plugins>
+      <type/>
+      <subscription/>
+    </firmware>
+    <sudo_allow_wheel>1</sudo_allow_wheel>
+    <sudo_allow_group>admins</sudo_allow_group>
+    <enablenatreflectionhelper>yes</enablenatreflectionhelper>
+    <rulesetoptimization>basic</rulesetoptimization>
+    <maximumstates/>
+    <maximumfrags/>
+    <aliasesresolveinterval/>
+    <maximumtableentries/>
+    <language>en_US</language>
+    <dnsserver/>
+    <dns1gw>none</dns1gw>
+    <dns2gw>none</dns2gw>
+    <dns3gw>none</dns3gw>
+    <dns4gw>none</dns4gw>
+    <dns5gw>none</dns5gw>
+    <dns6gw>none</dns6gw>
+    <dns7gw>none</dns7gw>
+    <dns8gw>none</dns8gw>
+    <dnsallowoverride>1</dnsallowoverride>
+    <dnsallowoverride_exclude/>
+  </system>
+  <interfaces>
+    <wan>
+      <if>pppoe0</if>
+      <descr>WAN</descr>
+      <enable>1</enable>
+      <lock>1</lock>
+      <spoofmac/>
+      <ipaddr>pppoe</ipaddr>
+      <blockpriv>1</blockpriv>
+      <blockbogons>1</blockbogons>
+    </wan>
+    <lan>
+      <if>em1</if>
+      <descr>LAN</descr>
+      <enable>1</enable>
+      <spoofmac/>
+      <ipaddr>192.168.20.1</ipaddr>
+      <subnet>24</subnet>
+      <ipaddrv6>track6</ipaddrv6>
+      <track6-interface/>
+      <track6-prefix-id>0</track6-prefix-id>
+    </lan>
+    <lo0>
+      <internal_dynamic>1</internal_dynamic>
+      <if>lo0</if>
+      <descr>Loopback</descr>
+      <enable>1</enable>
+      <ipaddr>127.0.0.1</ipaddr>
+      <type>none</type>
+      <virtual>1</virtual>
+      <subnet>8</subnet>
+      <ipaddrv6>::1</ipaddrv6>
+      <subnetv6>128</subnetv6>
+    </lo0>
+    <opt1>
+      <if>em5</if>
+      <descr>backup_sync</descr>
+      <enable>1</enable>
+      <lock>1</lock>
+      <spoofmac/>
+      <ipaddr>10.10.5.1</ipaddr>
+      <subnet>24</subnet>
+    </opt1>
+    <wireguard>
+      <internal_dynamic>1</internal_dynamic>
+      <if>wireguard</if>
+      <descr>WireGuard (Group)</descr>
+      <enable>1</enable>
+      <type>group</type>
+      <virtual>1</virtual>
+      <networks/>
+    </wireguard>
+    <openvpn>
+      <internal_dynamic>1</internal_dynamic>
+      <if>openvpn</if>
+      <descr>OpenVPN</descr>
+      <enable>1</enable>
+      <type>group</type>
+      <virtual>1</virtual>
+      <networks/>
+    </openvpn>
+  </interfaces>
+  <dhcpd>
+    <lan>
+      <enable>1</enable>
+      <gateway>192.168.20.1</gateway>
+      <domain>somedomain.yourlocal.mcd</domain>
+      <ddnsdomainalgorithm>hmac-md5</ddnsdomainalgorithm>
+      <numberoptions>
+        <item/>
+      </numberoptions>
+      <range>
+        <from>192.168.20.50</from>
+        <to>192.168.20.200</to>
+      </range>
+      <winsserver/>
+      <dnsserver>192.168.20.1</dnsserver>
+      <ntpserver/>
+      <staticmap>
+        <mac>55:55:55:55:55:1c</mac>
+        <ipaddr>192.168.20.160</ipaddr>
+        <hostname>somehost983</hostname>
+        <descr>someservire8</descr>
+        <winsserver/>
+        <dnsserver/>
+        <ntpserver/>
+      </staticmap>
+      <staticmap>
+        <mac>55:55:55:55:55:1c</mac>
+        <ipaddr>192.168.20.155</ipaddr>
+        <hostname>somehost893</hostname>
+        <winsserver/>
+        <dnsserver/>
+        <ntpserver/>
+      </staticmap>
+      <staticmap>
+        <mac>55:55:55:55:55:1c</mac>
+        <ipaddr>192.168.20.50</ipaddr>
+        <hostname>hostswitch2</hostname>
+        <descr>switch-2 (bottom)</descr>
+        <winsserver/>
+        <dnsserver/>
+        <ntpserver/>
+      </staticmap>
+      <staticmap>
+        <mac>00:00:00:00:00:00</mac>
+        <ipaddr>192.168.20.100</ipaddr>
+        <hostname>hostname</hostname>
+        <winsserver/>
+        <dnsserver/>
+        <ntpserver/>
+      </staticmap>
+      <pool/>
+    </lan>
+  </dhcpd>
+  <snmpd>
+    <syslocation/>
+    <syscontact/>
+    <rocommunity>public</rocommunity>
+  </snmpd>
+  <syslog>
+    <reverse/>
+    <preservelogs>3</preservelogs>
+  </syslog>
+  <nat>
+    <outbound>
+      <mode>automatic</mode>
+    </outbound>
+    <rule>
+      <protocol>tcp</protocol>
+      <interface>wan</interface>
+      <category/>
+      <ipprotocol>inet</ipprotocol>
+      <descr/>
+      <tag/>
+      <tagged/>
+      <poolopts/>
+      <associated-rule-id>nat_618812d37b8193.31302503</associated-rule-id>
+      <target>host_3</target>
+      <local-port>22</local-port>
+      <source>
+        <any>1</any>
+      </source>
+      <destination>
+        <network>wanip</network>
+        <port>55555</port>
+      </destination>
+      <updated>
+        <username>root@192.168.1.118</username>
+        <time>1636307667.506</time>
+        <description>/firewall_nat_edit.php made changes</description>
+      </updated>
+      <created>
+        <username>root@192.168.1.118</username>
+        <time>1636307667.506</time>
+        <description>/firewall_nat_edit.php made changes</description>
+      </created>
+    </rule>
+    <rule>
+      <protocol>tcp</protocol>
+      <interface>wan</interface>
+      <category/>
+      <ipprotocol>inet</ipprotocol>
+      <descr/>
+      <tag/>
+      <tagged/>
+      <poolopts/>
+      <associated-rule-id>nat_651ffc35e573d9.09092618</associated-rule-id>
+      <target>192.168.20.140</target>
+      <local-port>22</local-port>
+      <source>
+        <any>1</any>
+      </source>
+      <destination>
+        <network>wanip</network>
+        <port>30140</port>
+      </destination>
+      <updated>
+        <username>root@172.12.0.11</username>
+        <time>1696594997.9399</time>
+        <description>/firewall_nat_edit.php made changes</description>
+      </updated>
+      <created>
+        <username>root@172.12.0.11</username>
+        <time>1696594997.9399</time>
+        <description>/firewall_nat_edit.php made changes</description>
+      </created>
+    </rule>
+  </nat>
+  <filter>
+    <rule uuid="36bf9a49-7705-40d4-9ea8-815a215ce007">
+      <type>pass</type>
+      <interface>wan</interface>
+      <ipprotocol>inet</ipprotocol>
+      <statetype>keep state</statetype>
+      <descr>allow public connections to vpn</descr>
+      <direction>in</direction>
+      <category>wireguard</category>
+      <quick>1</quick>
+      <protocol>udp</protocol>
+      <source>
+        <any>1</any>
+      </source>
+      <destination>
+        <network>wanip</network>
+        <port>51820</port>
+      </destination>
+      <updated>
+        <username>root@192.168.1.118</username>
+        <time>1636306863.2747</time>
+        <description>/firewall_rules_edit.php made changes</description>
+      </updated>
+      <created>
+        <username>root@192.168.1.118</username>
+        <time>1636305029.8036</time>
+        <description>/firewall_rules_edit.php made changes</description>
+      </created>
+    </rule>
+    <rule>
+      <associated-rule-id>nat_670979b3279551.73601303</associated-rule-id>
+      <interface>wan</interface>
+      <ipprotocol>inet</ipprotocol>
+      <statetype>keep state</statetype>
+      <descr>port forwarding for virtual ip for someservice2 servers</descr>
+      <category/>
+      <protocol>tcp</protocol>
+      <source>
+        <any>1</any>
+      </source>
+      <destination>
+        <address>192.168.20.1</address>
+        <port>55555</port>
+      </destination>
+      <created>
+        <username>root@172.12.0.12</username>
+        <time>1728674227.1622</time>
+        <description>/firewall_nat_edit.php made changes</description>
+      </created>
+      <disabled>1</disabled>
+    </rule>
+  </filter>
+  <load_balancer>
+    <monitor_type>
+      <name>ICMP</name>
+      <type>icmp</type>
+      <descr>ICMP</descr>
+      <options/>
+    </monitor_type>
+    <monitor_type>
+      <name>TCP</name>
+      <type>tcp</type>
+      <descr>Generic TCP</descr>
+      <options/>
+    </monitor_type>
+    <monitor_type>
+      <name>HTTP</name>
+      <type>http</type>
+      <descr>Generic HTTP</descr>
+      <options>
+        <path>/</path>
+        <host/>
+        <code>200</code>
+      </options>
+    </monitor_type>
+  </load_balancer>
+  <ntpd>
+    <prefer>0.opnsense.pool.ntp.org</prefer>
+  </ntpd>
+  <widgets>
+    <sequence>system_information-container:00000000-col3:show,traffic_graphs-container:00000001-col3:show,thermal_sensors-container:00000002-col3:show,log-container:00000003-col3:show,services_status-container:00000004-col4:show,gateways-container:00000005-col4:show,interface_list-container:00000006-col4:show,carp_status-container:00000007-col4:show,wireguard-container:00000008-col4:show,dyn_dns_status-container:00000009-col4:show,system_log-container:00000010-col4:show</sequence>
+    <column_count>2</column_count>
+  </widgets>
+  <revision>
+    <username>root@172.12.0.12</username>
+    <time>1728676391.9878</time>
+    <description>/firewall_nat.php made changes</description>
+  </revision>
+  <OPNsense>
+    <captiveportal version="1.0.1">
+      <zones/>
+      <templates/>
+    </captiveportal>
+    <cron version="1.0.4">
+      <jobs/>
+    </cron>
+    <Netflow version="1.0.1">
+      <capture>
+        <interfaces/>
+        <egress_only/>
+        <version>v9</version>
+        <targets/>
+      </capture>
+      <collect>
+        <enable>0</enable>
+      </collect>
+      <activeTimeout>1800</activeTimeout>
+      <inactiveTimeout>15</inactiveTimeout>
+    </Netflow>
+    <Firewall>
+      <Lvtemplate version="0.0.1">
+        <templates/>
+      </Lvtemplate>
+      <Category version="1.0.0">
+        <categories>
+          <category uuid="1d91d52b-7588-40c5-8c2c-05acdfcf8c1e">
+            <name>wireguard</name>
+            <auto>1</auto>
+            <color/>
+          </category>
+        </categories>
+      </Category>
+      <Alias version="1.0.1">
+        <geoip>
+          <url/>
+        </geoip>
+        <aliases>
+          <alias uuid="298089ad-f84a-4dda-9c10-6653a7464294">
+            <enabled>1</enabled>
+            <name>x3690_3</name>
+            <type>host</type>
+            <proto/>
+            <interface/>
+            <counters>0</counters>
+            <updatefreq/>
+            <content>192.168.1.136</content>
+            <categories/>
+            <description/>
+          </alias>
+          <alias uuid="e80d6d23-a0b0-4432-aff5-b5be0557eb01">
+            <enabled>1</enabled>
+            <name>someservice2_vip</name>
+            <type>host</type>
+            <proto/>
+            <interface/>
+            <counters>0</counters>
+            <updatefreq/>
+            <content>192.168.20.225</content>
+            <categories/>
+            <description>alias for someservice2 vip</description>
+          </alias>
+        </aliases>
+      </Alias>
+    </Firewall>
+    <IDS version="1.0.9">
+      <rules/>
+      <policies/>
+      <userDefinedRules/>
+      <files/>
+      <fileTags/>
+      <general>
+        <enabled>0</enabled>
+        <ips>0</ips>
+        <promisc>0</promisc>
+        <interfaces>wan</interfaces>
+        <homenet>192.168.0.0/16,10.0.0.0/8,172.16.0.0/12</homenet>
+        <defaultPacketSize/>
+        <UpdateCron/>
+        <AlertLogrotate>W0D23</AlertLogrotate>
+        <AlertSaveLogs>4</AlertSaveLogs>
+        <MPMAlgo>ac</MPMAlgo>
+        <detect>
+          <Profile>medium</Profile>
+          <toclient_groups/>
+          <toserver_groups/>
+        </detect>
+        <syslog>0</syslog>
+        <syslog_eve>0</syslog_eve>
+        <LogPayload>0</LogPayload>
+        <verbosity/>
+      </general>
+    </IDS>
+    <IPsec version="1.0.1">
+      <general>
+        <enabled/>
+      </general>
+      <keyPairs/>
+      <preSharedKeys/>
+    </IPsec>
+    <Interfaces>
+      <vxlans version="1.0.1"/>
+      <loopbacks version="1.0.0"/>
+    </Interfaces>
+    <monit version="1.0.12">
+      <general>
+        <enabled>0</enabled>
+        <interval>120</interval>
+        <startdelay>120</startdelay>
+        <mailserver>127.0.0.1</mailserver>
+        <port>25</port>
+        <username/>
+        <password/>
+        <ssl>0</ssl>
+        <sslversion>auto</sslversion>
+        <sslverify>1</sslverify>
+        <logfile>syslog facility log_daemon</logfile>
+        <statefile/>
+        <eventqueuePath/>
+        <eventqueueSlots/>
+        <httpdEnabled>0</httpdEnabled>
+        <httpdUsername>root</httpdUsername>
+        <httpdPassword>oiujds9889DSIJSDIJSDIjdj</httpdPassword>
+        <httpdPort>2812</httpdPort>
+        <httpdAllow/>
+        <mmonitUrl/>
+        <mmonitTimeout>5</mmonitTimeout>
+        <mmonitRegisterCredentials>1</mmonitRegisterCredentials>
+      </general>
+      <alert uuid="d307f1df-e759-4262-a4cd-7b9673f0ad36">
+        <enabled>0</enabled>
+        <recipient>root@localhost.local</recipient>
+        <noton>0</noton>
+        <events/>
+        <format/>
+        <reminder>10</reminder>
+        <description/>
+      </alert>
+      <service uuid="9f01617b-08c1-487d-9c8a-fa1340add37e">
+        <enabled>1</enabled>
+        <name>$HOST</name>
+        <description/>
+        <type>system</type>
+        <pidfile/>
+        <match/>
+        <path/>
+        <timeout>300</timeout>
+        <starttimeout>30</starttimeout>
+        <address/>
+        <interface/>
+        <start/>
+        <stop/>
+        <tests>da6083fd-852c-44af-9ae7-8c9de443bbc9,4f18b847-c2ab-4707-9686-bf656e187ab8,62ea6632-3554-43be-bb0b-ceceab685338,f543f50a-4e52-4afd-85ce-95fe6d61dc54</tests>
+        <depends/>
+        <polltime/>
+      </service>
+      <test uuid="93365006-3a70-4d80-bab8-72fb9214a51b">
+        <name>Ping</name>
+        <type>NetworkPing</type>
+        <condition>failed ping</condition>
+        <action>alert</action>
+        <path/>
+      </test>
+      <test uuid="48a4ae66-c879-40fe-a554-0f354ee67770">
+        <name>NetworkLink</name>
+        <type>NetworkInterface</type>
+        <condition>failed link</condition>
+        <action>alert</action>
+        <path/>
+      </test>
+    </monit>
+    <OpenVPNExport version="0.0.1">
+      <servers/>
+    </OpenVPNExport>
+    <proxy version="1.0.6">
+      <general>
+        <enabled>0</enabled>
+        <error_pages>opnsense</error_pages>
+        <icpPort/>
+        <logging>
+          <enable>
+            <accessLog>1</accessLog>
+            <storeLog>1</storeLog>
+          </enable>
+          <ignoreLogACL/>
+          <target/>
+        </logging>
+        <alternateDNSservers/>
+        <dnsV4First>0</dnsV4First>
+        <forwardedForHandling>on</forwardedForHandling>
+        <uriWhitespaceHandling>strip</uriWhitespaceHandling>
+        <enablePinger>1</enablePinger>
+        <useViaHeader>1</useViaHeader>
+        <suppressVersion>0</suppressVersion>
+        <connecttimeout/>
+        <VisibleEmail>admin@localhost.local</VisibleEmail>
+        <VisibleHostname/>
+        <cache>
+          <local>
+            <enabled>0</enabled>
+            <directory>/var/squid/cache</directory>
+            <cache_mem>256</cache_mem>
+            <maximum_object_size/>
+            <maximum_object_size_in_memory/>
+            <memory_cache_mode>always</memory_cache_mode>
+            <size>100</size>
+            <l1>16</l1>
+            <l2>256</l2>
+            <cache_linux_packages>0</cache_linux_packages>
+            <cache_windows_updates>0</cache_windows_updates>
+          </local>
+        </cache>
+        <traffic>
+          <enabled>0</enabled>
+          <maxDownloadSize>2048</maxDownloadSize>
+          <maxUploadSize>1024</maxUploadSize>
+          <OverallBandwidthTrotteling>1024</OverallBandwidthTrotteling>
+          <perHostTrotteling>256</perHostTrotteling>
+        </traffic>
+        <parentproxy>
+          <enabled>0</enabled>
+          <host/>
+          <enableauth>0</enableauth>
+          <user>username</user>
+          <password>password</password>
+          <port/>
+          <localdomains/>
+          <localips/>
+        </parentproxy>
+      </general>
+      <forward>
+        <interfaces>lan</interfaces>
+        <port>3128</port>
+        <sslbumpport>3129</sslbumpport>
+        <sslbump>0</sslbump>
+        <sslurlonly>0</sslurlonly>
+        <sslcertificate/>
+        <sslnobumpsites/>
+        <ssl_crtd_storage_max_size>4</ssl_crtd_storage_max_size>
+        <sslcrtd_children>5</sslcrtd_children>
+        <snmp_enable>0</snmp_enable>
+        <snmp_port>3401</snmp_port>
+        <snmp_password>public</snmp_password>
+        <ftpInterfaces/>
+        <ftpPort>2121</ftpPort>
+        <ftpTransparentMode>0</ftpTransparentMode>
+        <addACLforInterfaceSubnets>1</addACLforInterfaceSubnets>
+        <transparentMode>0</transparentMode>
+        <acl>
+          <allowedSubnets/>
+          <unrestricted/>
+          <bannedHosts/>
+          <whiteList/>
+          <blackList/>
+          <browser/>
+          <mimeType/>
+          <googleapps/>
+          <youtube/>
+          <safePorts>80:http,21:ftp,443:https,70:gopher,210:wais,1025-65535:unregistered ports,280:http-mgmt,488:gss-http,591:filemaker,777:multiling http</safePorts>
+          <sslPorts>443:https</sslPorts>
+          <remoteACLs>
+            <blacklists/>
+            <UpdateCron/>
+          </remoteACLs>
+        </acl>
+        <icap>
+          <enable>0</enable>
+          <RequestURL>icap://[::1]:1344/avscan</RequestURL>
+          <ResponseURL>icap://[::1]:1344/avscan</ResponseURL>
+          <SendClientIP>1</SendClientIP>
+          <SendUsername>0</SendUsername>
+          <EncodeUsername>0</EncodeUsername>
+          <UsernameHeader>X-Username</UsernameHeader>
+          <EnablePreview>1</EnablePreview>
+          <PreviewSize>1024</PreviewSize>
+          <OptionsTTL>60</OptionsTTL>
+          <exclude/>
+        </icap>
+        <authentication>
+          <method/>
+          <authEnforceGroup/>
+          <realm>OPNsense proxy authentication</realm>
+          <credentialsttl>2</credentialsttl>
+          <children>5</children>
+        </authentication>
+      </forward>
+      <pac/>
+      <error_pages>
+        <template/>
+      </error_pages>
+    </proxy>
+    <Syslog version="1.0.1">
+      <general>
+        <enabled>1</enabled>
+      </general>
+      <destinations/>
+    </Syslog>
+    <TrafficShaper version="1.0.3">
+      <pipes/>
+      <queues/>
+      <rules/>
+    </TrafficShaper>
+    <unboundplus version="1.0.8">
+      <general>
+        <enabled>1</enabled>
+        <port>53</port>
+        <stats/>
+        <active_interface/>
+        <dnssec/>
+        <dns64/>
+        <dns64prefix/>
+        <noarecords/>
+        <regdhcp>1</regdhcp>
+        <regdhcpdomain/>
+        <regdhcpstatic>1</regdhcpstatic>
+        <noreglladdr6/>
+        <noregrecords/>
+        <txtsupport/>
+        <cacheflush/>
+        <local_zone_type>transparent</local_zone_type>
+        <outgoing_interface/>
+        <enable_wpad/>
+      </general>
+      <advanced>
+        <hideidentity>0</hideidentity>
+        <hideversion>0</hideversion>
+        <prefetch>0</prefetch>
+        <prefetchkey>0</prefetchkey>
+        <dnssecstripped>0</dnssecstripped>
+        <serveexpired>0</serveexpired>
+        <serveexpiredreplyttl/>
+        <serveexpiredttl/>
+        <serveexpiredttlreset>0</serveexpiredttlreset>
+        <serveexpiredclienttimeout/>
+        <qnameminstrict>0</qnameminstrict>
+        <extendedstatistics>0</extendedstatistics>
+        <logqueries>0</logqueries>
+        <logreplies>0</logreplies>
+        <logtagqueryreply>0</logtagqueryreply>
+        <logservfail/>
+        <loglocalactions/>
+        <logverbosity>1</logverbosity>
+        <valloglevel>0</valloglevel>
+        <privatedomain/>
+        <privateaddress>0.0.0.0/8,10.0.0.0/8,100.64.0.0/10,169.254.0.0/16,172.16.0.0/12,192.0.2.0/24,192.168.0.0/16,198.18.0.0/15,198.51.100.0/24,203.0.113.0/24,233.252.0.0/24,::1/128,2001:db8::/32,fc00::/8,fd00::/8,fe80::/10</privateaddress>
+        <insecuredomain/>
+        <msgcachesize/>
+        <rrsetcachesize/>
+        <outgoingnumtcp/>
+        <incomingnumtcp/>
+        <numqueriesperthread/>
+        <outgoingrange/>
+        <jostletimeout/>
+        <cachemaxttl/>
+        <cachemaxnegativettl/>
+        <cacheminttl/>
+        <infrahostttl/>
+        <infrakeepprobing/>
+        <infracachenumhosts/>
+        <unwantedreplythreshold/>
+      </advanced>
+      <acls>
+        <default_action>allow</default_action>
+      </acls>
+      <dnsbl>
+        <enabled>0</enabled>
+        <safesearch/>
+        <type/>
+        <lists/>
+        <whitelists/>
+        <blocklists/>
+        <wildcards/>
+        <address/>
+        <nxdomain>0</nxdomain>
+      </dnsbl>
+      <forwarding>
+        <enabled>0</enabled>
+      </forwarding>
+      <dots/>
+      <hosts>
+        <host uuid="a681fc39-70fa-4cf1-9331-79f5cbf9048f">
+          <enabled>1</enabled>
+          <hostname>api</hostname>
+          <domain>someapp.yourdomain.local.mcd</domain>
+          <rr>A</rr>
+          <mxprio/>
+          <mx/>
+          <server>192.168.20.161</server>
+          <description>Some app local</description>
+        </host>
+        <host uuid="dd593e95-02bc-476f-8610-fa1ee454e950">
+          <enabled>1</enabled>
+          <hostname>api-int</hostname>
+          <domain>someapp.yourdomain.local.mcd</domain>
+          <rr>A</rr>
+          <mxprio/>
+          <mx/>
+          <server>192.168.20.161</server>
+          <description>Some app local</description>
+        </host>
+        <host uuid="e1606f96-dd38-471f-a3d7-ad25e41e810d">
+          <enabled>1</enabled>
+          <hostname>*</hostname>
+          <domain>someapp.yourdomain.local.mcd</domain>
+          <rr>A</rr>
+          <mxprio/>
+          <mx/>
+          <server>192.168.20.161</server>
+          <description>Some app local</description>
+        </host>
+      </hosts>
+      <aliases/>
+      <domains/>
+    </unboundplus>
+    <wireguard>
+      <general version="0.0.1">
+        <enabled>1</enabled>
+      </general>
+      <server version="0.0.4">
+        <servers>
+          <server uuid="3ec7bf83-b3b7-4fba-b4f2-a96dafbfb162">
+            <enabled>1</enabled>
+            <name>publicwg</name>
+            <instance>0</instance>
+            <pubkey>89udsjiuod109jadsSUIDSAUIduhashuiauas/asdkj=</pubkey>
+            <privkey>eH555555555555555+892jdjiodsjiodsoijsdjiodj=</privkey>
+            <port>51820</port>
+            <mtu/>
+            <dns/>
+            <tunneladdress>172.12.0.1/24</tunneladdress>
+            <disableroutes>0</disableroutes>
+            <gateway/>
+            <carp_depend_on/>
+            <peers>03031aec-2e84-462e-9eab-57762dde667a,98e6ca3d-1de9-449b-be80-77022221b509,67c0ace5-e802-4d2b-a536-f8b7a2db6f99,74b60fff-7844-4097-9966-f1c2b1ad29ff,3de82ad5-bc1b-4b91-9598-f906e58ac937,a95e6b5e-24a4-40b5-bb41-b79e784f6f1c,6c9a12c6-c1ca-4c14-866b-975406a30590,c33b308b-7125-4688-9561-989ace8787b5,e43f004a-23bf-4027-8fb0-953fbb40479f</peers>
+          </server>
+        </servers>
+      </server>
+      <client version="0.0.7">
+        <clients>
+          <client uuid="98e6ca3d-1de9-449b-be80-77022221b509">
+            <enabled>1</enabled>
+            <name>some-laptop</name>
+            <pubkey>95555555555555555555555555555FN2aCHemL3RjA8=</pubkey>
+            <psk/>
+            <tunneladdress>172.12.0.8/32</tunneladdress>
+            <serveraddress/>
+            <serverport/>
+            <keepalive/>
+          </client>
+          <client uuid="74b60fff-7844-4097-9966-f1c2b1ad29ff">
+            <enabled>1</enabled>
+            <name>user2</name>
+            <pubkey>pJ555555555555555555xiUxuJof78XXugx1KUrrYg8=</pubkey>
+            <psk/>
+            <tunneladdress>172.12.0.6/32</tunneladdress>
+            <serveraddress/>
+            <serverport/>
+            <keepalive/>
+          </client>
+          <client uuid="67c0ace5-e802-4d2b-a536-f8b7a2db6f99">
+            <enabled>1</enabled>
+            <name>some-phone</name>
+            <pubkey>SLQXdM/555555555555555555MWhR2WSEkaSXh1ZpXU=</pubkey>
+            <psk/>
+            <tunneladdress>172.12.0.9/32</tunneladdress>
+            <serveraddress/>
+            <serverport/>
+            <keepalive/>
+          </client>
+        </clients>
+      </client>
+    </wireguard>
+    <Swanctl version="1.0.0">
+      <Connections/>
+      <locals/>
+      <remotes/>
+      <children/>
+      <Pools/>
+      <VTIs/>
+      <SPDs/>
+    </Swanctl>
+    <DynDNS version="1.5.1">
+      <general>
+        <enabled>1</enabled>
+        <verbose>0</verbose>
+        <allowipv6>0</allowipv6>
+        <daemon_delay>300</daemon_delay>
+        <backend>ddclient</backend>
+      </general>
+      <accounts>
+        <account uuid="5be8a905-3cde-4e34-b16c-e53623146c95">
+          <enabled>1</enabled>
+          <service>someddnsprovider</service>
+          <protocol/>
+          <server/>
+          <username>someusername.com</username>
+          <password>55555555555555555555555555555dsi</password>
+          <resourceId/>
+          <hostnames>yourpublic.host.com</hostnames>
+          <wildcard>0</wildcard>
+          <zone/>
+          <checkip>if</checkip>
+          <checkip_timeout>10</checkip_timeout>
+          <force_ssl>1</force_ssl>
+          <ttl>300</ttl>
+          <interface>wan</interface>
+          <description>yourpublic.host.com</description>
+        </account>
+      </accounts>
+    </DynDNS>
+    <OpenVPN version="1.0.0">
+      <Overwrites/>
+      <Instances/>
+      <StaticKeys/>
+    </OpenVPN>
+    <Gateways version="0.0.1"/>
+    <HAProxy version="4.0.0">
+      <general>
+        <enabled>1</enabled>
+        <gracefulStop>0</gracefulStop>
+        <hardStopAfter>60s</hardStopAfter>
+        <closeSpreadTime/>
+        <seamlessReload>0</seamlessReload>
+        <storeOcsp>0</storeOcsp>
+        <showIntro>1</showIntro>
+        <peers>
+          <enabled>0</enabled>
+          <name1/>
+          <listen1/>
+          <port1>1024</port1>
+          <name2/>
+          <listen2/>
+          <port2>1024</port2>
+        </peers>
+        <tuning>
+          <root>0</root>
+          <maxConnections/>
+          <nbthread>1</nbthread>
+          <sslServerVerify>ignore</sslServerVerify>
+          <maxDHSize>2048</maxDHSize>
+          <bufferSize>16384</bufferSize>
+          <spreadChecks>2</spreadChecks>
+          <bogusProxyEnabled>0</bogusProxyEnabled>
+          <luaMaxMem>0</luaMaxMem>
+          <customOptions/>
+          <ssl_defaultsEnabled>0</ssl_defaultsEnabled>
+          <ssl_bindOptions>prefer-client-ciphers</ssl_bindOptions>
+          <ssl_minVersion>TLSv1.2</ssl_minVersion>
+          <ssl_maxVersion/>
+          <ssl_cipherList>ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256</ssl_cipherList>
+          <ssl_cipherSuites>TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256</ssl_cipherSuites>
+        </tuning>
+        <defaults>
+          <maxConnections/>
+          <maxConnectionsServers/>
+          <timeoutClient>30s</timeoutClient>
+          <timeoutConnect>30s</timeoutConnect>
+          <timeoutCheck/>
+          <timeoutServer>30s</timeoutServer>
+          <retries>3</retries>
+          <redispatch>x-1</redispatch>
+          <init_addr>last,libc</init_addr>
+          <customOptions/>
+        </defaults>
+        <logging>
+          <host>127.0.0.1</host>
+          <facility>local0</facility>
+          <level>info</level>
+          <length/>
+        </logging>
+        <stats>
+          <enabled>0</enabled>
+          <port>8822</port>
+          <remoteEnabled>0</remoteEnabled>
+          <remoteBind/>
+          <authEnabled>0</authEnabled>
+          <users/>
+          <allowedUsers/>
+          <allowedGroups/>
+          <customOptions/>
+          <prometheus_enabled>0</prometheus_enabled>
+          <prometheus_bind>*:8404</prometheus_bind>
+          <prometheus_path>/metrics</prometheus_path>
+        </stats>
+        <cache>
+          <enabled>0</enabled>
+          <totalMaxSize>4</totalMaxSize>
+          <maxAge>60</maxAge>
+          <maxObjectSize/>
+          <processVary>0</processVary>
+          <maxSecondaryEntries>10</maxSecondaryEntries>
+        </cache>
+      </general>
+      <frontends>
+        <frontend uuid="379ce7bf-4df6-4b12-8aee-a32cff084d92">
+          <id>6707fe74642f67.52019899</id>
+          <enabled>1</enabled>
+          <name>some-ingress</name>
+          <description>public service redirecting traffic</description>
+          <bind>192.168.20.55:55555</bind>
+          <bindOptions/>
+          <mode>tcp</mode>
+          <defaultBackend>f0c76bef-8623-4fa8-a992-61f83d504b87</defaultBackend>
+          <ssl_enabled>0</ssl_enabled>
+          <ssl_certificates/>
+          <ssl_default_certificate/>
+          <ssl_customOptions/>
+          <ssl_advancedEnabled>0</ssl_advancedEnabled>
+          <ssl_bindOptions>prefer-client-ciphers</ssl_bindOptions>
+          <ssl_minVersion>TLSv1.2</ssl_minVersion>
+          <ssl_maxVersion/>
+          <ssl_cipherList>ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256</ssl_cipherList>
+          <ssl_cipherSuites>TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256</ssl_cipherSuites>
+          <ssl_hstsEnabled>1</ssl_hstsEnabled>
+          <ssl_hstsIncludeSubDomains>0</ssl_hstsIncludeSubDomains>
+          <ssl_hstsPreload>0</ssl_hstsPreload>
+          <ssl_hstsMaxAge>15768000</ssl_hstsMaxAge>
+          <ssl_clientAuthEnabled>0</ssl_clientAuthEnabled>
+          <ssl_clientAuthVerify>required</ssl_clientAuthVerify>
+          <ssl_clientAuthCAs/>
+          <ssl_clientAuthCRLs/>
+          <basicAuthEnabled>0</basicAuthEnabled>
+          <basicAuthUsers/>
+          <basicAuthGroups/>
+          <tuning_maxConnections/>
+          <tuning_timeoutClient/>
+          <tuning_timeoutHttpReq/>
+          <tuning_timeoutHttpKeepAlive/>
+          <linkedCpuAffinityRules/>
+          <tuning_shards/>
+          <logging_dontLogNull>0</logging_dontLogNull>
+          <logging_dontLogNormal>0</logging_dontLogNormal>
+          <logging_logSeparateErrors>0</logging_logSeparateErrors>
+          <logging_detailedLog>0</logging_detailedLog>
+          <logging_socketStats>0</logging_socketStats>
+          <stickiness_pattern/>
+          <stickiness_dataTypes/>
+          <stickiness_expire>30m</stickiness_expire>
+          <stickiness_size>50k</stickiness_size>
+          <stickiness_counter>1</stickiness_counter>
+          <stickiness_counter_key>src</stickiness_counter_key>
+          <stickiness_length/>
+          <stickiness_connRatePeriod>10s</stickiness_connRatePeriod>
+          <stickiness_sessRatePeriod>10s</stickiness_sessRatePeriod>
+          <stickiness_httpReqRatePeriod>10s</stickiness_httpReqRatePeriod>
+          <stickiness_httpErrRatePeriod>10s</stickiness_httpErrRatePeriod>
+          <stickiness_bytesInRatePeriod>1m</stickiness_bytesInRatePeriod>
+          <stickiness_bytesOutRatePeriod>1m</stickiness_bytesOutRatePeriod>
+          <http2Enabled>0</http2Enabled>
+          <http2Enabled_nontls>0</http2Enabled_nontls>
+          <advertised_protocols>h2,http11</advertised_protocols>
+          <forwardFor>0</forwardFor>
+          <prometheus_enabled>0</prometheus_enabled>
+          <prometheus_path>/metrics</prometheus_path>
+          <connectionBehaviour>http-keep-alive</connectionBehaviour>
+          <customOptions/>
+          <linkedActions/>
+          <linkedErrorfiles/>
+        </frontend>
+        <frontend uuid="e5cdd687-92a0-46a1-93c0-7b26431fea92">
+          <id>670979396dea69.72299427</id>
+          <enabled>0</enabled>
+          <name>another-ingress</name>
+          <description>public service redirecting traffic with non descriptive description</description>
+          <bind>192.168.20.1:55555</bind>
+          <bindOptions/>
+          <mode>tcp</mode>
+          <defaultBackend>f0c76bef-8623-4fa8-a992-61f83d504b87</defaultBackend>
+          <ssl_enabled>0</ssl_enabled>
+          <ssl_certificates/>
+          <ssl_default_certificate/>
+          <ssl_customOptions/>
+          <ssl_advancedEnabled>0</ssl_advancedEnabled>
+          <ssl_bindOptions>prefer-client-ciphers</ssl_bindOptions>
+          <ssl_minVersion>TLSv1.2</ssl_minVersion>
+          <ssl_maxVersion/>
+          <ssl_cipherList>ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256</ssl_cipherList>
+          <ssl_cipherSuites>TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256</ssl_cipherSuites>
+          <ssl_hstsEnabled>1</ssl_hstsEnabled>
+          <ssl_hstsIncludeSubDomains>0</ssl_hstsIncludeSubDomains>
+          <ssl_hstsPreload>0</ssl_hstsPreload>
+          <ssl_hstsMaxAge>15768000</ssl_hstsMaxAge>
+          <ssl_clientAuthEnabled>0</ssl_clientAuthEnabled>
+          <ssl_clientAuthVerify>required</ssl_clientAuthVerify>
+          <ssl_clientAuthCAs/>
+          <ssl_clientAuthCRLs/>
+          <basicAuthEnabled>0</basicAuthEnabled>
+          <basicAuthUsers/>
+          <basicAuthGroups/>
+          <tuning_maxConnections/>
+          <tuning_timeoutClient/>
+          <tuning_timeoutHttpReq/>
+          <tuning_timeoutHttpKeepAlive/>
+          <linkedCpuAffinityRules/>
+          <tuning_shards/>
+          <logging_dontLogNull>0</logging_dontLogNull>
+          <logging_dontLogNormal>0</logging_dontLogNormal>
+          <logging_logSeparateErrors>0</logging_logSeparateErrors>
+          <logging_detailedLog>0</logging_detailedLog>
+          <logging_socketStats>0</logging_socketStats>
+          <stickiness_pattern/>
+          <stickiness_dataTypes/>
+          <stickiness_expire>30m</stickiness_expire>
+          <stickiness_size>50k</stickiness_size>
+          <stickiness_counter>1</stickiness_counter>
+          <stickiness_counter_key>src</stickiness_counter_key>
+          <stickiness_length/>
+          <stickiness_connRatePeriod>10s</stickiness_connRatePeriod>
+          <stickiness_sessRatePeriod>10s</stickiness_sessRatePeriod>
+          <stickiness_httpReqRatePeriod>10s</stickiness_httpReqRatePeriod>
+          <stickiness_httpErrRatePeriod>10s</stickiness_httpErrRatePeriod>
+          <stickiness_bytesInRatePeriod>1m</stickiness_bytesInRatePeriod>
+          <stickiness_bytesOutRatePeriod>1m</stickiness_bytesOutRatePeriod>
+          <http2Enabled>0</http2Enabled>
+          <http2Enabled_nontls>0</http2Enabled_nontls>
+          <advertised_protocols>h2,http11</advertised_protocols>
+          <forwardFor>0</forwardFor>
+          <prometheus_enabled>0</prometheus_enabled>
+          <prometheus_path>/metrics</prometheus_path>
+          <connectionBehaviour>http-keep-alive</connectionBehaviour>
+          <customOptions/>
+          <linkedActions/>
+          <linkedErrorfiles/>
+        </frontend>
+      </frontends>
+      <backends>
+        <backend uuid="f0c76bef-8623-4fa8-a992-61f83d504b87">
+          <id>6707fa71c3cb99.64451664</id>
+          <enabled>1</enabled>
+          <name>some_servers</name>
+          <description/>
+          <mode>tcp</mode>
+          <algorithm>roundrobin</algorithm>
+          <random_draws>2</random_draws>
+          <proxyProtocol/>
+          <linkedServers>c0364e69-459d-48b2-a1d1-808324fea9cb,187d8b79-4376-45fc-9fd7-476074a7a577</linkedServers>
+          <linkedFcgi/>
+          <linkedResolver/>
+          <resolverOpts/>
+          <resolvePrefer/>
+          <source/>
+          <healthCheckEnabled>1</healthCheckEnabled>
+          <healthCheck>5110db0c-afa9-4bad-bbbe-5bbeb52262bb</healthCheck>
+          <healthCheckLogStatus>0</healthCheckLogStatus>
+          <checkInterval/>
+          <checkDownInterval/>
+          <healthCheckFall/>
+          <healthCheckRise/>
+          <linkedMailer/>
+          <http2Enabled>0</http2Enabled>
+          <http2Enabled_nontls>0</http2Enabled_nontls>
+          <ba_advertised_protocols>h2,http11</ba_advertised_protocols>
+          <persistence>sticktable</persistence>
+          <persistence_cookiemode>piggyback</persistence_cookiemode>
+          <persistence_cookiename>SRVCOOKIE</persistence_cookiename>
+          <persistence_stripquotes>1</persistence_stripquotes>
+          <stickiness_pattern>sourceipv4</stickiness_pattern>
+          <stickiness_dataTypes/>
+          <stickiness_expire>30m</stickiness_expire>
+          <stickiness_size>50k</stickiness_size>
+          <stickiness_cookiename/>
+          <stickiness_cookielength/>
+          <stickiness_connRatePeriod>10s</stickiness_connRatePeriod>
+          <stickiness_sessRatePeriod>10s</stickiness_sessRatePeriod>
+          <stickiness_httpReqRatePeriod>10s</stickiness_httpReqRatePeriod>
+          <stickiness_httpErrRatePeriod>10s</stickiness_httpErrRatePeriod>
+          <stickiness_bytesInRatePeriod>1m</stickiness_bytesInRatePeriod>
+          <stickiness_bytesOutRatePeriod>1m</stickiness_bytesOutRatePeriod>
+          <basicAuthEnabled>0</basicAuthEnabled>
+          <basicAuthUsers/>
+          <basicAuthGroups/>
+          <tuning_timeoutConnect/>
+          <tuning_timeoutCheck/>
+          <tuning_timeoutServer/>
+          <tuning_retries/>
+          <customOptions/>
+          <tuning_defaultserver/>
+          <tuning_noport>0</tuning_noport>
+          <tuning_httpreuse>safe</tuning_httpreuse>
+          <tuning_caching>0</tuning_caching>
+          <linkedActions/>
+          <linkedErrorfiles/>
+        </backend>
+      </backends>
+      <servers>
+        <server uuid="c0364e69-459d-48b2-a1d1-808324fea9cb">
+          <id>6707f9a980b271.59222580</id>
+          <enabled>1</enabled>
+          <name>server1</name>
+          <description>server running on host</description>
+          <address>192.168.20.55</address>
+          <port>55555</port>
+          <checkport/>
+          <mode>active</mode>
+          <multiplexer_protocol>unspecified</multiplexer_protocol>
+          <type>static</type>
+          <serviceName/>
+          <number/>
+          <linkedResolver/>
+          <resolverOpts/>
+          <resolvePrefer/>
+          <ssl>0</ssl>
+          <sslSNI/>
+          <sslVerify>1</sslVerify>
+          <sslCA/>
+          <sslCRL/>
+          <sslClientCertificate/>
+          <maxConnections/>
+          <weight>33</weight>
+          <checkInterval/>
+          <checkDownInterval/>
+          <source/>
+          <advanced/>
+          <unix_socket/>
+        </server>
+        <server uuid="187d8b79-4376-45fc-9fd7-476074a7a577">
+          <id>6707faa46d5f57.14318783</id>
+          <enabled>1</enabled>
+          <name>server2</name>
+          <description>server running something</description>
+          <address>192.168.20.155</address>
+          <port>55555</port>
+          <checkport/>
+          <mode>active</mode>
+          <multiplexer_protocol>unspecified</multiplexer_protocol>
+          <type>static</type>
+          <serviceName/>
+          <number/>
+          <linkedResolver/>
+          <resolverOpts/>
+          <resolvePrefer/>
+          <ssl>0</ssl>
+          <sslSNI/>
+          <sslVerify>1</sslVerify>
+          <sslCA/>
+          <sslCRL/>
+          <sslClientCertificate/>
+          <maxConnections/>
+          <weight>67</weight>
+          <checkInterval/>
+          <checkDownInterval/>
+          <source/>
+          <advanced/>
+          <unix_socket/>
+        </server>
+      </servers>
+      <healthchecks>
+        <healthcheck uuid="5110db0c-afa9-4bad-bbbe-5bbeb52262bb">
+          <name>server-loadbalancer-monitor</name>
+          <description/>
+          <type>tcp</type>
+          <interval>2s</interval>
+          <ssl>nopref</ssl>
+          <sslSNI/>
+          <force_ssl>0</force_ssl>
+          <checkport/>
+          <http_method>options</http_method>
+          <http_uri>/</http_uri>
+          <http_version>http10</http_version>
+          <http_host>localhost</http_host>
+          <http_expressionEnabled>0</http_expressionEnabled>
+          <http_expression/>
+          <http_negate>0</http_negate>
+          <http_value/>
+          <tcp_enabled>0</tcp_enabled>
+          <tcp_sendValue/>
+          <tcp_matchType>string</tcp_matchType>
+          <tcp_negate>0</tcp_negate>
+          <tcp_matchValue/>
+          <agent_port/>
+          <mysql_user/>
+          <mysql_post41>0</mysql_post41>
+          <pgsql_user/>
+          <smtp_domain/>
+          <esmtp_domain/>
+          <agentPort/>
+          <dbUser/>
+          <smtpDomain/>
+        </healthcheck>
+      </healthchecks>
+      <acls/>
+      <actions/>
+      <luas/>
+      <fcgis/>
+      <errorfiles/>
+      <mapfiles/>
+      <groups/>
+      <users/>
+      <cpus/>
+      <resolvers/>
+      <mailers/>
+      <maintenance>
+        <cronjobs>
+          <syncCerts>0</syncCerts>
+          <syncCertsCron/>
+          <updateOcsp>0</updateOcsp>
+          <updateOcspCron/>
+          <reloadService>0</reloadService>
+          <reloadServiceCron/>
+          <restartService>0</restartService>
+          <restartServiceCron/>
+        </cronjobs>
+      </maintenance>
+    </HAProxy>
+  </OPNsense>
+  <staticroutes version="1.0.0">
+    <route/>
+  </staticroutes>
+  <ca/>
+  <gateways>
+    <gateway_item/>
+  </gateways>
+  <cert>
+    <refid>6155aba4c9375</refid>
+    <descr>Web GUI TLS certificate</descr>
+    <crt>LtCg==</crt>
+    <prv>L22o=</prv>
+  </cert>
+  <dhcpdv6/>
+  <virtualip version="1.0.0">
+    <vip uuid="756c3b4a-f61a-4406-8776-383bc429a5b3">
+      <interface>wan</interface>
+      <mode>ipalias</mode>
+      <subnet>192.168.20.155</subnet>
+      <subnet_bits>32</subnet_bits>
+      <gateway>10.11.16.17</gateway>
+      <noexpand>0</noexpand>
+      <nobind>0</nobind>
+      <password/>
+      <vhid/>
+      <advbase>1</advbase>
+      <advskew>0</advskew>
+      <descr>virtual ip for service</descr>
+    </vip>
+  </virtualip>
+  <openvpn>
+    <openvpn-server/>
+    <openvpn-client/>
+  </openvpn>
+  <ppps>
+    <ppp>
+      <ptpid>0</ptpid>
+      <type>pppoe</type>
+      <if>pppoe0</if>
+      <ports>em0</ports>
+      <username>someuser@ppoeserver.com</username>
+      <password>5555555555AyNA==</password>
+    </ppp>
+  </ppps>
+  <dyndnses>
+    <dyndns>
+      <type>someddnsprovider</type>
+      <username/>
+      <password>5555555555ee479874398u1298e98u18</password>
+      <host>yourpublic.host.com</host>
+      <mx/>
+      <interface>wan</interface>
+      <zoneid/>
+      <resourceid/>
+      <ttl/>
+      <updateurl/>
+      <resultmatch/>
+      <requestif>wan</requestif>
+      <descr/>
+      <id>0</id>
+    </dyndns>
+  </dyndnses>
+  <vlans version="1.0.0">
+    <vlan/>
+  </vlans>
+  <bridges>
+    <bridged/>
+  </bridges>
+  <gifs>
+    <gif/>
+  </gifs>
+  <gres>
+    <gre/>
+  </gres>
+  <laggs version="1.0.0"/>
+  <wireless>
+    <clone/>
+  </wireless>
+  <hasync>
+    <synchronizealiases>on</synchronizealiases>
+    <synchronizeauthservers>on</synchronizeauthservers>
+    <synchronizecerts>on</synchronizecerts>
+    <synchronizedhcpd>on</synchronizedhcpd>
+    <synchronizenat>on</synchronizenat>
+    <synchronizerules>on</synchronizerules>
+    <synchronizeschedules>on</synchronizeschedules>
+    <synchronizestaticroutes>on</synchronizestaticroutes>
+    <synchronizeusers>on</synchronizeusers>
+    <synchronizevirtualip>on</synchronizevirtualip>
+    <synchronizewidgets>on</synchronizewidgets>
+    <synchronizedhcrelay>on</synchronizedhcrelay>
+    <synchronizedhcpdv6>on</synchronizedhcpdv6>
+    <synchronizedhcrelay6>on</synchronizedhcrelay6>
+    <synchronizentpd>on</synchronizentpd>
+    <synchronizesyslog>on</synchronizesyslog>
+    <synchronizecron>on</synchronizecron>
+    <synchronizesysctl>on</synchronizesysctl>
+    <synchronizewebgui>on</synchronizewebgui>
+    <synchronizednsforwarder>on</synchronizednsforwarder>
+    <synchronizeshaper>on</synchronizeshaper>
+    <synchronizecaptiveportal>on</synchronizecaptiveportal>
+    <synchronizeipsec>on</synchronizeipsec>
+    <synchronizemonit>on</synchronizemonit>
+    <synchronizessh>on</synchronizessh>
+    <synchronizeopenvpn>on</synchronizeopenvpn>
+    <synchronizeifgroups>on</synchronizeifgroups>
+    <synchronizecategories>on</synchronizecategories>
+    <synchronizelvtemplate>on</synchronizelvtemplate>
+    <synchronizesquid>on</synchronizesquid>
+    <synchronizesuricata>on</synchronizesuricata>
+    <synchronizednsresolver>on</synchronizednsresolver>
+    <pfsyncinterface>opt1</pfsyncinterface>
+    <synchronizetoip>10.10.5.2</synchronizetoip>
+    <username>root</username>
+    <password>555555555</password>
+    <pfsyncenabled>on</pfsyncenabled>
+    <disablepreempt>on</disablepreempt>
+    <disconnectppps>on</disconnectppps>
+  </hasync>
+  <ifgroups version="1.0.0"/>
+</opnsense>
diff --git a/harmony-rs/opnsense-config/src/tests/data/config-structure.xml b/harmony-rs/opnsense-config/src/tests/data/config-structure.xml
index b67feaa..7816a8a 100644
--- a/harmony-rs/opnsense-config/src/tests/data/config-structure.xml
+++ b/harmony-rs/opnsense-config/src/tests/data/config-structure.xml
@@ -132,9 +132,9 @@
       <enable>1</enable>
       <lock>1</lock>
       <spoofmac/>
+      <ipaddr>pppoe</ipaddr>
       <blockpriv>1</blockpriv>
       <blockbogons>1</blockbogons>
-      <ipaddr>pppoe</ipaddr>
     </wan>
     <lan>
       <if>em1</if>
@@ -149,15 +149,15 @@
     </lan>
     <lo0>
       <internal_dynamic>1</internal_dynamic>
+      <if>lo0</if>
       <descr>Loopback</descr>
       <enable>1</enable>
-      <if>lo0</if>
       <ipaddr>127.0.0.1</ipaddr>
-      <ipaddrv6>::1</ipaddrv6>
-      <subnet>8</subnet>
-      <subnetv6>128</subnetv6>
       <type>none</type>
       <virtual>1</virtual>
+      <subnet>8</subnet>
+      <ipaddrv6>::1</ipaddrv6>
+      <subnetv6>128</subnetv6>
     </lo0>
     <opt1>
       <if>em5</if>
@@ -170,18 +170,18 @@
     </opt1>
     <wireguard>
       <internal_dynamic>1</internal_dynamic>
-      <descr>WireGuard (Group)</descr>
       <if>wireguard</if>
-      <virtual>1</virtual>
+      <descr>WireGuard (Group)</descr>
       <enable>1</enable>
       <type>group</type>
+      <virtual>1</virtual>
       <networks/>
     </wireguard>
     <openvpn>
       <internal_dynamic>1</internal_dynamic>
-      <enable>1</enable>
       <if>openvpn</if>
       <descr>OpenVPN</descr>
+      <enable>1</enable>
       <type>group</type>
       <virtual>1</virtual>
       <networks/>
@@ -337,19 +337,19 @@
     </rule>
     <rule>
       <associated-rule-id>nat_670979b3279551.73601303</associated-rule-id>
+      <interface>wan</interface>
+      <ipprotocol>inet</ipprotocol>
+      <statetype>keep state</statetype>
+      <descr>port forwarding for virtual ip for someservice2 servers</descr>
+      <category/>
+      <protocol>tcp</protocol>
       <source>
         <any>1</any>
       </source>
-      <interface>wan</interface>
-      <statetype>keep state</statetype>
-      <protocol>tcp</protocol>
-      <ipprotocol>inet</ipprotocol>
       <destination>
         <address>192.168.20.1</address>
         <port>55555</port>
       </destination>
-      <descr>port forwarding for virtual ip for someservice2 servers</descr>
-      <category/>
       <created>
         <username>root@172.12.0.12</username>
         <time>1728674227.1622</time>
@@ -1264,13 +1264,15 @@
           <tcp_matchType>string</tcp_matchType>
           <tcp_negate>0</tcp_negate>
           <tcp_matchValue/>
-          <agentPort/>
+          <agent_port/>
           <mysql_user/>
           <mysql_post41>0</mysql_post41>
           <pgsql_user/>
           <smtp_domain/>
           <esmtp_domain/>
+          <agentPort/>
           <dbUser/>
+          <smtpDomain/>
         </healthcheck>
       </healthchecks>
       <acls/>