Jean-Gabriel Gill-Couture
da5a869771
All checks were successful
Run Check Script / check (pull_request) Successful in 59s
Co-authored-by: Jean-Gabriel Gill-Couture <jeangabriel.gc@gmail.com> Co-authored-by: Ian Letourneau <ian@noma.to> Reviewed-on: https://git.nationtech.io/NationTech/harmony/pulls/130 Reviewed-by: Ian Letourneau <ian@noma.to> Co-authored-by: Jean-Gabriel Gill-Couture <jg@nationtech.io> Co-committed-by: Jean-Gabriel Gill-Couture <jg@nationtech.io>
1675 lines
60 KiB
XML
1675 lines
60 KiB
XML
<?xml version="1.0"?>
|
|
<opnsense>
|
|
<theme>opnsense</theme>
|
|
<sysctl/>
|
|
<system>
|
|
<serialspeed>115200</serialspeed>
|
|
<primaryconsole>serial</primaryconsole>
|
|
<optimization>normal</optimization>
|
|
<hostname>OPNsense</hostname>
|
|
<domain>testpxe.harmony.mcd</domain>
|
|
<group>
|
|
<name>admins</name>
|
|
<description>System Administrators</description>
|
|
<scope>system</scope>
|
|
<gid>1999</gid>
|
|
<member>0,2000</member>
|
|
<priv>page-all</priv>
|
|
<source_networks/>
|
|
</group>
|
|
<user>
|
|
<name>root</name>
|
|
<descr>System Administrator</descr>
|
|
<scope>system</scope>
|
|
<password>$2y$10$YRVoF4SgskIsrXOvOQjGieB9XqHPRra9R7d80B3BZdbY/j21TwBfS</password>
|
|
<pwd_changed_at/>
|
|
<uid>0</uid>
|
|
<disabled>0</disabled>
|
|
<landing_page/>
|
|
<comment/>
|
|
<email/>
|
|
<apikeys/>
|
|
<priv/>
|
|
<language/>
|
|
<expires/>
|
|
<authorizedkeys/>
|
|
<dashboard/>
|
|
<otp_seed/>
|
|
<shell/>
|
|
</user>
|
|
<timezone>Etc/UTC</timezone>
|
|
<timeservers>0.opnsense.pool.ntp.org 1.opnsense.pool.ntp.org 2.opnsense.pool.ntp.org 3.opnsense.pool.ntp.org</timeservers>
|
|
<webgui>
|
|
<protocol>https</protocol>
|
|
<ssl-certref>68a72b6f7f776</ssl-certref>
|
|
<port/>
|
|
<ssl-ciphers/>
|
|
<interfaces/>
|
|
<compression/>
|
|
</webgui>
|
|
<usevirtualterminal>1</usevirtualterminal>
|
|
<disablenatreflection>yes</disablenatreflection>
|
|
<disableconsolemenu>1</disableconsolemenu>
|
|
<disablevlanhwfilter>1</disablevlanhwfilter>
|
|
<disablechecksumoffloading>1</disablechecksumoffloading>
|
|
<disablesegmentationoffloading>1</disablesegmentationoffloading>
|
|
<disablelargereceiveoffloading>1</disablelargereceiveoffloading>
|
|
<ipv6allow>1</ipv6allow>
|
|
<powerd_ac_mode>hadp</powerd_ac_mode>
|
|
<powerd_battery_mode>hadp</powerd_battery_mode>
|
|
<powerd_normal_mode>hadp</powerd_normal_mode>
|
|
<bogons>
|
|
<interval>monthly</interval>
|
|
</bogons>
|
|
<pf_share_forward>1</pf_share_forward>
|
|
<lb_use_sticky>1</lb_use_sticky>
|
|
<ssh>
|
|
<group>admins</group>
|
|
<noauto>1</noauto>
|
|
<interfaces/>
|
|
<kex/>
|
|
<ciphers/>
|
|
<macs/>
|
|
<keys/>
|
|
<enabled>enabled</enabled>
|
|
<passwordauth>1</passwordauth>
|
|
<keysig/>
|
|
<permitrootlogin>1</permitrootlogin>
|
|
<rekeylimit/>
|
|
</ssh>
|
|
<rrdbackup>-1</rrdbackup>
|
|
<netflowbackup>-1</netflowbackup>
|
|
<firmware version="1.0.1">
|
|
<mirror/>
|
|
<flavour/>
|
|
<plugins>os-caddy,os-haproxy,os-tftp</plugins>
|
|
<type/>
|
|
<subscription/>
|
|
<reboot>0</reboot>
|
|
</firmware>
|
|
<language>en_US</language>
|
|
<dnsserver/>
|
|
<dnsallowoverride>1</dnsallowoverride>
|
|
<dnsallowoverride_exclude/>
|
|
</system>
|
|
<interfaces>
|
|
<wan>
|
|
<if>vtnet0</if>
|
|
<mtu/>
|
|
<enable>1</enable>
|
|
<spoofmac/>
|
|
<mss/>
|
|
<ipaddr>dhcp</ipaddr>
|
|
<dhcphostname/>
|
|
<blockpriv>1</blockpriv>
|
|
<blockbogons>1</blockbogons>
|
|
<subnet/>
|
|
<ipaddrv6>dhcp6</ipaddrv6>
|
|
<dhcp6-ia-pd-len>0</dhcp6-ia-pd-len>
|
|
<gateway/>
|
|
<media/>
|
|
<mediaopt/>
|
|
</wan>
|
|
<lan>
|
|
<if>vtnet1</if>
|
|
<enable>1</enable>
|
|
<ipaddr>192.168.1.1</ipaddr>
|
|
<subnet>24</subnet>
|
|
<ipaddrv6/>
|
|
<subnetv6/>
|
|
<gateway/>
|
|
<gatewayv6/>
|
|
<media/>
|
|
<mediaopt/>
|
|
</lan>
|
|
<lo0>
|
|
<internal_dynamic>1</internal_dynamic>
|
|
<if>lo0</if>
|
|
<descr>Loopback</descr>
|
|
<enable>1</enable>
|
|
<ipaddr>127.0.0.1</ipaddr>
|
|
<type>none</type>
|
|
<virtual>1</virtual>
|
|
<subnet>8</subnet>
|
|
<ipaddrv6>::1</ipaddrv6>
|
|
<subnetv6>128</subnetv6>
|
|
</lo0>
|
|
</interfaces>
|
|
<dhcpd/>
|
|
<snmpd>
|
|
<syslocation/>
|
|
<syscontact/>
|
|
<rocommunity>public</rocommunity>
|
|
</snmpd>
|
|
<syslog/>
|
|
<nat>
|
|
<outbound>
|
|
<mode>automatic</mode>
|
|
</outbound>
|
|
</nat>
|
|
<filter>
|
|
<rule>
|
|
<type>pass</type>
|
|
<interface>lan</interface>
|
|
<ipprotocol>inet</ipprotocol>
|
|
<descr>Default allow LAN to any rule</descr>
|
|
<source>
|
|
<network>lan</network>
|
|
</source>
|
|
<destination>
|
|
<any/>
|
|
</destination>
|
|
</rule>
|
|
<rule>
|
|
<type>pass</type>
|
|
<interface>lan</interface>
|
|
<ipprotocol>inet6</ipprotocol>
|
|
<descr>Default allow LAN IPv6 to any rule</descr>
|
|
<source>
|
|
<network>lan</network>
|
|
</source>
|
|
<destination>
|
|
<any/>
|
|
</destination>
|
|
</rule>
|
|
</filter>
|
|
<rrd>
|
|
<enable/>
|
|
</rrd>
|
|
<ntpd>
|
|
<prefer>0.opnsense.pool.ntp.org</prefer>
|
|
</ntpd>
|
|
<revision>
|
|
<username>root@192.168.1.5</username>
|
|
<description>/api/dnsmasq/settings/set made changes</description>
|
|
<time>1756758457.18</time>
|
|
</revision>
|
|
<OPNsense>
|
|
<captiveportal version="1.0.4">
|
|
<zones/>
|
|
<templates/>
|
|
</captiveportal>
|
|
<cron version="1.0.4">
|
|
<jobs/>
|
|
</cron>
|
|
<Netflow version="1.0.1">
|
|
<capture>
|
|
<interfaces/>
|
|
<egress_only/>
|
|
<version>v9</version>
|
|
<targets/>
|
|
</capture>
|
|
<collect>
|
|
<enable>0</enable>
|
|
</collect>
|
|
<activeTimeout>1800</activeTimeout>
|
|
<inactiveTimeout>15</inactiveTimeout>
|
|
</Netflow>
|
|
<Firewall>
|
|
<Lvtemplate version="0.0.1">
|
|
<templates/>
|
|
</Lvtemplate>
|
|
<Category version="1.0.0">
|
|
<categories/>
|
|
</Category>
|
|
<Filter version="1.0.4">
|
|
<rules/>
|
|
<snatrules/>
|
|
<npt/>
|
|
<onetoone/>
|
|
</Filter>
|
|
<Alias version="1.0.1">
|
|
<geoip>
|
|
<url/>
|
|
</geoip>
|
|
<aliases/>
|
|
</Alias>
|
|
</Firewall>
|
|
<IDS version="1.1.0">
|
|
<rules/>
|
|
<policies/>
|
|
<userDefinedRules/>
|
|
<files/>
|
|
<fileTags/>
|
|
<general>
|
|
<enabled>0</enabled>
|
|
<ips>0</ips>
|
|
<promisc>0</promisc>
|
|
<interfaces>wan</interfaces>
|
|
<homenet>192.168.0.0/16,10.0.0.0/8,172.16.0.0/12</homenet>
|
|
<defaultPacketSize/>
|
|
<UpdateCron/>
|
|
<AlertLogrotate>W0D23</AlertLogrotate>
|
|
<AlertSaveLogs>4</AlertSaveLogs>
|
|
<MPMAlgo/>
|
|
<detect>
|
|
<Profile/>
|
|
<toclient_groups/>
|
|
<toserver_groups/>
|
|
</detect>
|
|
<syslog>0</syslog>
|
|
<syslog_eve>0</syslog_eve>
|
|
<LogPayload>0</LogPayload>
|
|
<verbosity/>
|
|
<eveLog>
|
|
<http>
|
|
<enable>0</enable>
|
|
<extended>0</extended>
|
|
<dumpAllHeaders/>
|
|
</http>
|
|
<tls>
|
|
<enable>0</enable>
|
|
<extended>0</extended>
|
|
<sessionResumption>0</sessionResumption>
|
|
<custom/>
|
|
</tls>
|
|
</eveLog>
|
|
</general>
|
|
</IDS>
|
|
<IPsec version="1.0.4">
|
|
<general>
|
|
<enabled/>
|
|
<preferred_oldsa>0</preferred_oldsa>
|
|
<disablevpnrules>0</disablevpnrules>
|
|
<passthrough_networks/>
|
|
<user_source/>
|
|
<local_group/>
|
|
</general>
|
|
<keyPairs/>
|
|
<preSharedKeys/>
|
|
<charon>
|
|
<max_ikev1_exchanges/>
|
|
<threads>16</threads>
|
|
<ikesa_table_size>32</ikesa_table_size>
|
|
<ikesa_table_segments>4</ikesa_table_segments>
|
|
<init_limit_half_open>1000</init_limit_half_open>
|
|
<ignore_acquire_ts>1</ignore_acquire_ts>
|
|
<install_routes>0</install_routes>
|
|
<cisco_unity>0</cisco_unity>
|
|
<make_before_break>0</make_before_break>
|
|
<retransmit_tries/>
|
|
<retransmit_timeout/>
|
|
<retransmit_base/>
|
|
<retransmit_jitter/>
|
|
<retransmit_limit/>
|
|
<syslog>
|
|
<daemon>
|
|
<ike_name>1</ike_name>
|
|
<log_level>0</log_level>
|
|
<app>1</app>
|
|
<asn>1</asn>
|
|
<cfg>1</cfg>
|
|
<chd>1</chd>
|
|
<dmn>1</dmn>
|
|
<enc>1</enc>
|
|
<esp>1</esp>
|
|
<ike>1</ike>
|
|
<imc>1</imc>
|
|
<imv>1</imv>
|
|
<job>1</job>
|
|
<knl>1</knl>
|
|
<lib>1</lib>
|
|
<mgr>1</mgr>
|
|
<net>1</net>
|
|
<pts>1</pts>
|
|
<tls>1</tls>
|
|
<tnc>1</tnc>
|
|
</daemon>
|
|
</syslog>
|
|
<plugins>
|
|
<attr>
|
|
<subnet/>
|
|
<split-include/>
|
|
<x_28674/>
|
|
<x_28675/>
|
|
<x_28672/>
|
|
<x_28673>0</x_28673>
|
|
<x_28679/>
|
|
<dns/>
|
|
<nbns/>
|
|
</attr>
|
|
<eap-radius>
|
|
<servers/>
|
|
<accounting>0</accounting>
|
|
<class_group>0</class_group>
|
|
</eap-radius>
|
|
<xauth-pam>
|
|
<pam_service>ipsec</pam_service>
|
|
<session>0</session>
|
|
<trim_email>1</trim_email>
|
|
</xauth-pam>
|
|
</plugins>
|
|
</charon>
|
|
</IPsec>
|
|
<Interfaces>
|
|
<vxlans version="1.0.2"/>
|
|
<loopbacks version="1.0.0"/>
|
|
<neighbors version="1.0.0"/>
|
|
</Interfaces>
|
|
<Kea>
|
|
<dhcp4 version="1.0.4" persisted_at="1755786069.95">
|
|
<general>
|
|
<enabled>0</enabled>
|
|
<manual_config>0</manual_config>
|
|
<interfaces/>
|
|
<valid_lifetime>4000</valid_lifetime>
|
|
<fwrules>1</fwrules>
|
|
<dhcp_socket_type>raw</dhcp_socket_type>
|
|
</general>
|
|
<ha>
|
|
<enabled>0</enabled>
|
|
<this_server_name/>
|
|
<max_unacked_clients>2</max_unacked_clients>
|
|
</ha>
|
|
<subnets/>
|
|
<reservations/>
|
|
<ha_peers/>
|
|
</dhcp4>
|
|
<ctrl_agent version="0.0.1" persisted_at="1755786069.95">
|
|
<general>
|
|
<enabled>0</enabled>
|
|
<http_host>127.0.0.1</http_host>
|
|
<http_port>8000</http_port>
|
|
</general>
|
|
</ctrl_agent>
|
|
<dhcp6 version="1.0.0" persisted_at="1755786069.95">
|
|
<general>
|
|
<enabled>0</enabled>
|
|
<manual_config>0</manual_config>
|
|
<interfaces/>
|
|
<valid_lifetime>4000</valid_lifetime>
|
|
<fwrules>1</fwrules>
|
|
</general>
|
|
<ha>
|
|
<enabled>0</enabled>
|
|
<this_server_name/>
|
|
<max_unacked_clients>2</max_unacked_clients>
|
|
</ha>
|
|
<subnets/>
|
|
<reservations/>
|
|
<pd_pools/>
|
|
<ha_peers/>
|
|
</dhcp6>
|
|
</Kea>
|
|
<monit version="1.0.13">
|
|
<general>
|
|
<enabled>0</enabled>
|
|
<interval>120</interval>
|
|
<startdelay>120</startdelay>
|
|
<mailserver>127.0.0.1</mailserver>
|
|
<port>25</port>
|
|
<username/>
|
|
<password/>
|
|
<ssl>0</ssl>
|
|
<sslversion>auto</sslversion>
|
|
<sslverify>1</sslverify>
|
|
<logfile/>
|
|
<statefile/>
|
|
<eventqueuePath/>
|
|
<eventqueueSlots/>
|
|
<httpdEnabled>0</httpdEnabled>
|
|
<httpdUsername>root</httpdUsername>
|
|
<httpdPassword/>
|
|
<httpdPort>2812</httpdPort>
|
|
<httpdAllow/>
|
|
<mmonitUrl/>
|
|
<mmonitTimeout>5</mmonitTimeout>
|
|
<mmonitRegisterCredentials>1</mmonitRegisterCredentials>
|
|
</general>
|
|
<alert uuid="ce8ca7d9-66ab-41d5-acea-598f4803e8ba">
|
|
<enabled>0</enabled>
|
|
<recipient>root@localhost.local</recipient>
|
|
<noton>0</noton>
|
|
<events/>
|
|
<format/>
|
|
<reminder/>
|
|
<description/>
|
|
</alert>
|
|
<service uuid="dc3b9298-4a56-4c45-bd61-be2fdb103383">
|
|
<enabled>1</enabled>
|
|
<name>$HOST</name>
|
|
<description/>
|
|
<type>system</type>
|
|
<pidfile/>
|
|
<match/>
|
|
<path/>
|
|
<timeout>300</timeout>
|
|
<starttimeout>30</starttimeout>
|
|
<address/>
|
|
<interface/>
|
|
<start/>
|
|
<stop/>
|
|
<tests>cfed35dc-f74b-417d-9ed9-682c5de96495,f961277a-07f1-49a4-90ee-bb15738d9ebb,30b2cce2-f650-4e44-a3e2-ee53886cda3f,3c86136f-35a4-4126-865b-82732c6542d9</tests>
|
|
<depends/>
|
|
<polltime/>
|
|
</service>
|
|
<service uuid="b4d5bdb4-206d-4afe-8d86-377ffbbdb2ec">
|
|
<enabled>1</enabled>
|
|
<name>RootFs</name>
|
|
<description/>
|
|
<type>filesystem</type>
|
|
<pidfile/>
|
|
<match/>
|
|
<path>/</path>
|
|
<timeout>300</timeout>
|
|
<starttimeout>30</starttimeout>
|
|
<address/>
|
|
<interface/>
|
|
<start/>
|
|
<stop/>
|
|
<tests>fbb8dfe2-b9ad-4730-a0f3-41d7ecda6289</tests>
|
|
<depends/>
|
|
<polltime/>
|
|
</service>
|
|
<service uuid="f96e3cbb-6c98-4d20-8337-bab717d4ab54">
|
|
<enabled>0</enabled>
|
|
<name>carp_status_change</name>
|
|
<description/>
|
|
<type>custom</type>
|
|
<pidfile/>
|
|
<match/>
|
|
<path>/usr/local/opnsense/scripts/OPNsense/Monit/carp_status</path>
|
|
<timeout>300</timeout>
|
|
<starttimeout>30</starttimeout>
|
|
<address/>
|
|
<interface/>
|
|
<start/>
|
|
<stop/>
|
|
<tests>11ceca8a-dff8-45e0-9dc5-ed80dc4b3947</tests>
|
|
<depends/>
|
|
<polltime/>
|
|
</service>
|
|
<service uuid="69bbd4d5-3a50-42a7-ab64-050450504038">
|
|
<enabled>0</enabled>
|
|
<name>gateway_alert</name>
|
|
<description/>
|
|
<type>custom</type>
|
|
<pidfile/>
|
|
<match/>
|
|
<path>/usr/local/opnsense/scripts/OPNsense/Monit/gateway_alert</path>
|
|
<timeout>300</timeout>
|
|
<starttimeout>30</starttimeout>
|
|
<address/>
|
|
<interface/>
|
|
<start/>
|
|
<stop/>
|
|
<tests>fad1f465-4a92-4b93-be66-59d7059b8779</tests>
|
|
<depends/>
|
|
<polltime/>
|
|
</service>
|
|
<test uuid="2bd5d8c0-6a4a-430b-b953-34214a107ccf">
|
|
<name>Ping</name>
|
|
<type>NetworkPing</type>
|
|
<condition>failed ping</condition>
|
|
<action>alert</action>
|
|
<path/>
|
|
</test>
|
|
<test uuid="0f06ffff-9bfa-463d-b75e-f7195cd8dcab">
|
|
<name>NetworkLink</name>
|
|
<type>NetworkInterface</type>
|
|
<condition>failed link</condition>
|
|
<action>alert</action>
|
|
<path/>
|
|
</test>
|
|
<test uuid="79b119ce-10e0-4a6a-bd1a-b0be371d0fd7">
|
|
<name>NetworkSaturation</name>
|
|
<type>NetworkInterface</type>
|
|
<condition>saturation is greater than 75%</condition>
|
|
<action>alert</action>
|
|
<path/>
|
|
</test>
|
|
<test uuid="cfed35dc-f74b-417d-9ed9-682c5de96495">
|
|
<name>MemoryUsage</name>
|
|
<type>SystemResource</type>
|
|
<condition>memory usage is greater than 75%</condition>
|
|
<action>alert</action>
|
|
<path/>
|
|
</test>
|
|
<test uuid="f961277a-07f1-49a4-90ee-bb15738d9ebb">
|
|
<name>CPUUsage</name>
|
|
<type>SystemResource</type>
|
|
<condition>cpu usage is greater than 75%</condition>
|
|
<action>alert</action>
|
|
<path/>
|
|
</test>
|
|
<test uuid="30b2cce2-f650-4e44-a3e2-ee53886cda3f">
|
|
<name>LoadAvg1</name>
|
|
<type>SystemResource</type>
|
|
<condition>loadavg (1min) is greater than 4</condition>
|
|
<action>alert</action>
|
|
<path/>
|
|
</test>
|
|
<test uuid="3c86136f-35a4-4126-865b-82732c6542d9">
|
|
<name>LoadAvg5</name>
|
|
<type>SystemResource</type>
|
|
<condition>loadavg (5min) is greater than 3</condition>
|
|
<action>alert</action>
|
|
<path/>
|
|
</test>
|
|
<test uuid="27e91c6f-3e8e-4570-bb3a-27f46dd301a7">
|
|
<name>LoadAvg15</name>
|
|
<type>SystemResource</type>
|
|
<condition>loadavg (15min) is greater than 2</condition>
|
|
<action>alert</action>
|
|
<path/>
|
|
</test>
|
|
<test uuid="fbb8dfe2-b9ad-4730-a0f3-41d7ecda6289">
|
|
<name>SpaceUsage</name>
|
|
<type>SpaceUsage</type>
|
|
<condition>space usage is greater than 75%</condition>
|
|
<action>alert</action>
|
|
<path/>
|
|
</test>
|
|
<test uuid="11ceca8a-dff8-45e0-9dc5-ed80dc4b3947">
|
|
<name>ChangedStatus</name>
|
|
<type>ProgramStatus</type>
|
|
<condition>changed status</condition>
|
|
<action>alert</action>
|
|
<path/>
|
|
</test>
|
|
<test uuid="fad1f465-4a92-4b93-be66-59d7059b8779">
|
|
<name>NonZeroStatus</name>
|
|
<type>ProgramStatus</type>
|
|
<condition>status != 0</condition>
|
|
<action>alert</action>
|
|
<path/>
|
|
</test>
|
|
</monit>
|
|
<OpenVPNExport version="0.0.1">
|
|
<servers/>
|
|
</OpenVPNExport>
|
|
<Syslog version="1.0.2">
|
|
<general>
|
|
<enabled>1</enabled>
|
|
<loglocal>1</loglocal>
|
|
<maxpreserve>31</maxpreserve>
|
|
<maxfilesize/>
|
|
</general>
|
|
<destinations/>
|
|
</Syslog>
|
|
<TrafficShaper version="1.0.3" persisted_at="1755786069.77">
|
|
<pipes/>
|
|
<queues/>
|
|
<rules/>
|
|
</TrafficShaper>
|
|
<unboundplus version="1.0.12">
|
|
<general>
|
|
<enabled>1</enabled>
|
|
<port>53</port>
|
|
<stats>0</stats>
|
|
<active_interface/>
|
|
<dnssec>0</dnssec>
|
|
<dns64>0</dns64>
|
|
<dns64prefix/>
|
|
<noarecords>0</noarecords>
|
|
<regdhcp>0</regdhcp>
|
|
<regdhcpdomain/>
|
|
<regdhcpstatic>0</regdhcpstatic>
|
|
<noreglladdr6>0</noreglladdr6>
|
|
<noregrecords>0</noregrecords>
|
|
<txtsupport>0</txtsupport>
|
|
<cacheflush>0</cacheflush>
|
|
<local_zone_type>transparent</local_zone_type>
|
|
<outgoing_interface/>
|
|
<enable_wpad>0</enable_wpad>
|
|
</general>
|
|
<advanced>
|
|
<hideidentity>0</hideidentity>
|
|
<hideversion>0</hideversion>
|
|
<prefetch>0</prefetch>
|
|
<prefetchkey>0</prefetchkey>
|
|
<dnssecstripped>0</dnssecstripped>
|
|
<aggressivensec>1</aggressivensec>
|
|
<serveexpired>0</serveexpired>
|
|
<serveexpiredreplyttl/>
|
|
<serveexpiredttl/>
|
|
<serveexpiredttlreset>0</serveexpiredttlreset>
|
|
<serveexpiredclienttimeout/>
|
|
<qnameminstrict>0</qnameminstrict>
|
|
<extendedstatistics>0</extendedstatistics>
|
|
<logqueries>0</logqueries>
|
|
<logreplies>0</logreplies>
|
|
<logtagqueryreply>0</logtagqueryreply>
|
|
<logservfail>0</logservfail>
|
|
<loglocalactions>0</loglocalactions>
|
|
<logverbosity>1</logverbosity>
|
|
<valloglevel>0</valloglevel>
|
|
<privatedomain/>
|
|
<privateaddress>0.0.0.0/8,10.0.0.0/8,100.64.0.0/10,169.254.0.0/16,172.16.0.0/12,192.0.2.0/24,192.168.0.0/16,198.18.0.0/15,198.51.100.0/24,203.0.113.0/24,233.252.0.0/24,::1/128,2001:db8::/32,fc00::/8,fd00::/8,fe80::/10</privateaddress>
|
|
<insecuredomain/>
|
|
<msgcachesize/>
|
|
<rrsetcachesize/>
|
|
<outgoingnumtcp/>
|
|
<incomingnumtcp/>
|
|
<numqueriesperthread/>
|
|
<outgoingrange/>
|
|
<jostletimeout/>
|
|
<discardtimeout/>
|
|
<cachemaxttl/>
|
|
<cachemaxnegativettl/>
|
|
<cacheminttl/>
|
|
<infrahostttl/>
|
|
<infrakeepprobing>0</infrakeepprobing>
|
|
<infracachenumhosts/>
|
|
<unwantedreplythreshold/>
|
|
</advanced>
|
|
<acls>
|
|
<default_action>allow</default_action>
|
|
</acls>
|
|
<dnsbl>
|
|
<enabled>0</enabled>
|
|
<safesearch>0</safesearch>
|
|
<type/>
|
|
<lists/>
|
|
<whitelists/>
|
|
<blocklists/>
|
|
<wildcards/>
|
|
<address/>
|
|
<nxdomain>0</nxdomain>
|
|
</dnsbl>
|
|
<forwarding>
|
|
<enabled>0</enabled>
|
|
</forwarding>
|
|
<dots/>
|
|
<hosts/>
|
|
<aliases/>
|
|
</unboundplus>
|
|
<DHCRelay version="1.0.1" persisted_at="1755786069.97"/>
|
|
<trust>
|
|
<general version="1.0.1" persisted_at="1755786070.08">
|
|
<store_intermediate_certs>0</store_intermediate_certs>
|
|
<install_crls>0</install_crls>
|
|
<fetch_crls>0</fetch_crls>
|
|
<enable_legacy_sect>1</enable_legacy_sect>
|
|
<enable_config_constraints>0</enable_config_constraints>
|
|
<CipherString/>
|
|
<Ciphersuites/>
|
|
<SignatureAlgorithms/>
|
|
<groups/>
|
|
<MinProtocol/>
|
|
<MinProtocol_DTLS/>
|
|
</general>
|
|
</trust>
|
|
<tftp>
|
|
<general version="0.0.1">
|
|
<enabled>1</enabled>
|
|
<listen>192.168.1.1</listen>
|
|
</general>
|
|
</tftp>
|
|
<wireguard>
|
|
<general version="0.0.1">
|
|
<enabled>0</enabled>
|
|
</general>
|
|
<server version="1.0.0">
|
|
<servers/>
|
|
</server>
|
|
<client version="1.0.0">
|
|
<clients/>
|
|
</client>
|
|
</wireguard>
|
|
<Swanctl version="1.0.0">
|
|
<Connections/>
|
|
<locals/>
|
|
<remotes/>
|
|
<children/>
|
|
<Pools/>
|
|
<VTIs/>
|
|
<SPDs/>
|
|
</Swanctl>
|
|
<OpenVPN version="1.0.1">
|
|
<Overwrites/>
|
|
<Instances/>
|
|
<StaticKeys/>
|
|
</OpenVPN>
|
|
<Gateways version="1.0.0" persisted_at="1755786217.76"/>
|
|
<HAProxy version="4.1.0">
|
|
<general>
|
|
<enabled>1</enabled>
|
|
<gracefulStop>0</gracefulStop>
|
|
<hardStopAfter>60s</hardStopAfter>
|
|
<closeSpreadTime/>
|
|
<seamlessReload>0</seamlessReload>
|
|
<storeOcsp>0</storeOcsp>
|
|
<showIntro>1</showIntro>
|
|
<peers>
|
|
<enabled>0</enabled>
|
|
<name1/>
|
|
<listen1/>
|
|
<port1>1024</port1>
|
|
<name2/>
|
|
<listen2/>
|
|
<port2>1024</port2>
|
|
</peers>
|
|
<tuning>
|
|
<root>0</root>
|
|
<maxConnections/>
|
|
<nbthread>1</nbthread>
|
|
<resolversPrefer>ipv4</resolversPrefer>
|
|
<sslServerVerify>ignore</sslServerVerify>
|
|
<maxDHSize>2048</maxDHSize>
|
|
<bufferSize>16384</bufferSize>
|
|
<spreadChecks>2</spreadChecks>
|
|
<bogusProxyEnabled>0</bogusProxyEnabled>
|
|
<luaMaxMem>0</luaMaxMem>
|
|
<customOptions/>
|
|
<ocspUpdateEnabled>0</ocspUpdateEnabled>
|
|
<ocspUpdateMinDelay>300</ocspUpdateMinDelay>
|
|
<ocspUpdateMaxDelay>3600</ocspUpdateMaxDelay>
|
|
<ssl_defaultsEnabled>0</ssl_defaultsEnabled>
|
|
<ssl_bindOptions>prefer-client-ciphers</ssl_bindOptions>
|
|
<ssl_minVersion>TLSv1.2</ssl_minVersion>
|
|
<ssl_maxVersion/>
|
|
<ssl_cipherList>ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256</ssl_cipherList>
|
|
<ssl_cipherSuites>TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256</ssl_cipherSuites>
|
|
<h2_initialWindowSize/>
|
|
<h2_initialWindowSizeOutgoing/>
|
|
<h2_initialWindowSizeIncoming/>
|
|
<h2_maxConcurrentStreams/>
|
|
<h2_maxConcurrentStreamsOutgoing/>
|
|
<h2_maxConcurrentStreamsIncoming/>
|
|
</tuning>
|
|
<defaults>
|
|
<maxConnections/>
|
|
<maxConnectionsServers/>
|
|
<timeoutClient>30s</timeoutClient>
|
|
<timeoutConnect>30s</timeoutConnect>
|
|
<timeoutCheck/>
|
|
<timeoutServer>30s</timeoutServer>
|
|
<retries>3</retries>
|
|
<redispatch>x-1</redispatch>
|
|
<init_addr>last,libc</init_addr>
|
|
<customOptions/>
|
|
</defaults>
|
|
<logging>
|
|
<host>127.0.0.1</host>
|
|
<facility>local0</facility>
|
|
<level>info</level>
|
|
<length/>
|
|
</logging>
|
|
<stats>
|
|
<enabled>0</enabled>
|
|
<port>8822</port>
|
|
<remoteEnabled>0</remoteEnabled>
|
|
<remoteBind/>
|
|
<authEnabled>0</authEnabled>
|
|
<users/>
|
|
<allowedUsers/>
|
|
<allowedGroups/>
|
|
<customOptions/>
|
|
<prometheus_enabled>0</prometheus_enabled>
|
|
<prometheus_bind>*:8404</prometheus_bind>
|
|
<prometheus_path>/metrics</prometheus_path>
|
|
</stats>
|
|
<cache>
|
|
<enabled>0</enabled>
|
|
<totalMaxSize>4</totalMaxSize>
|
|
<maxAge>60</maxAge>
|
|
<maxObjectSize/>
|
|
<processVary>0</processVary>
|
|
<maxSecondaryEntries>10</maxSecondaryEntries>
|
|
</cache>
|
|
</general>
|
|
<frontends>
|
|
<frontend uuid="85a7d786-7ac3-4090-96f6-180fd5ed6e17">
|
|
<id>9fdfbc10cd927a0e.4bc71f5a</id>
|
|
<enabled>1</enabled>
|
|
<name>frontend_192.168.1.1:80</name>
|
|
<description/>
|
|
<bind>192.168.1.1:80</bind>
|
|
<bindOptions/>
|
|
<mode>tcp</mode>
|
|
<defaultBackend>5ac12c5f-70c9-4beb-85ca-a76060170ce0</defaultBackend>
|
|
<ssl_enabled>0</ssl_enabled>
|
|
<ssl_certificates/>
|
|
<ssl_default_certificate/>
|
|
<ssl_customOptions/>
|
|
<ssl_advancedEnabled>0</ssl_advancedEnabled>
|
|
<ssl_bindOptions/>
|
|
<ssl_minVersion/>
|
|
<ssl_maxVersion/>
|
|
<ssl_cipherList/>
|
|
<ssl_cipherSuites/>
|
|
<ssl_hstsEnabled>0</ssl_hstsEnabled>
|
|
<ssl_hstsIncludeSubDomains>0</ssl_hstsIncludeSubDomains>
|
|
<ssl_hstsPreload>0</ssl_hstsPreload>
|
|
<ssl_hstsMaxAge>0</ssl_hstsMaxAge>
|
|
<ssl_clientAuthEnabled>0</ssl_clientAuthEnabled>
|
|
<ssl_clientAuthVerify/>
|
|
<ssl_clientAuthCAs/>
|
|
<ssl_clientAuthCRLs/>
|
|
<basicAuthEnabled>0</basicAuthEnabled>
|
|
<basicAuthUsers/>
|
|
<basicAuthGroups/>
|
|
<tuning_maxConnections/>
|
|
<tuning_timeoutClient/>
|
|
<tuning_timeoutHttpReq/>
|
|
<tuning_timeoutHttpKeepAlive/>
|
|
<linkedCpuAffinityRules/>
|
|
<tuning_shards/>
|
|
<logging_dontLogNull>0</logging_dontLogNull>
|
|
<logging_dontLogNormal>0</logging_dontLogNormal>
|
|
<logging_logSeparateErrors>0</logging_logSeparateErrors>
|
|
<logging_detailedLog>0</logging_detailedLog>
|
|
<logging_socketStats>0</logging_socketStats>
|
|
<stickiness_pattern/>
|
|
<stickiness_dataTypes/>
|
|
<stickiness_expire/>
|
|
<stickiness_size/>
|
|
<stickiness_counter>0</stickiness_counter>
|
|
<stickiness_counter_key/>
|
|
<stickiness_length/>
|
|
<stickiness_connRatePeriod/>
|
|
<stickiness_sessRatePeriod/>
|
|
<stickiness_httpReqRatePeriod/>
|
|
<stickiness_httpErrRatePeriod/>
|
|
<stickiness_bytesInRatePeriod/>
|
|
<stickiness_bytesOutRatePeriod/>
|
|
<http2Enabled>0</http2Enabled>
|
|
<http2Enabled_nontls>0</http2Enabled_nontls>
|
|
<advertised_protocols/>
|
|
<forwardFor>0</forwardFor>
|
|
<prometheus_enabled>0</prometheus_enabled>
|
|
<prometheus_path/>
|
|
<connectionBehaviour/>
|
|
<customOptions/>
|
|
<linkedActions/>
|
|
<linkedErrorfiles/>
|
|
</frontend>
|
|
<frontend uuid="9154193f-5ac1-49eb-8fe7-e4748a1bbe0a">
|
|
<id>4e26f04f7ce919a9.9309067c</id>
|
|
<enabled>1</enabled>
|
|
<name>frontend_192.168.1.1:443</name>
|
|
<description/>
|
|
<bind>192.168.1.1:443</bind>
|
|
<bindOptions/>
|
|
<mode>tcp</mode>
|
|
<defaultBackend>62e22d3f-58e4-4a58-bb31-88b55337d41c</defaultBackend>
|
|
<ssl_enabled>0</ssl_enabled>
|
|
<ssl_certificates/>
|
|
<ssl_default_certificate/>
|
|
<ssl_customOptions/>
|
|
<ssl_advancedEnabled>0</ssl_advancedEnabled>
|
|
<ssl_bindOptions/>
|
|
<ssl_minVersion/>
|
|
<ssl_maxVersion/>
|
|
<ssl_cipherList/>
|
|
<ssl_cipherSuites/>
|
|
<ssl_hstsEnabled>0</ssl_hstsEnabled>
|
|
<ssl_hstsIncludeSubDomains>0</ssl_hstsIncludeSubDomains>
|
|
<ssl_hstsPreload>0</ssl_hstsPreload>
|
|
<ssl_hstsMaxAge>0</ssl_hstsMaxAge>
|
|
<ssl_clientAuthEnabled>0</ssl_clientAuthEnabled>
|
|
<ssl_clientAuthVerify/>
|
|
<ssl_clientAuthCAs/>
|
|
<ssl_clientAuthCRLs/>
|
|
<basicAuthEnabled>0</basicAuthEnabled>
|
|
<basicAuthUsers/>
|
|
<basicAuthGroups/>
|
|
<tuning_maxConnections/>
|
|
<tuning_timeoutClient/>
|
|
<tuning_timeoutHttpReq/>
|
|
<tuning_timeoutHttpKeepAlive/>
|
|
<linkedCpuAffinityRules/>
|
|
<tuning_shards/>
|
|
<logging_dontLogNull>0</logging_dontLogNull>
|
|
<logging_dontLogNormal>0</logging_dontLogNormal>
|
|
<logging_logSeparateErrors>0</logging_logSeparateErrors>
|
|
<logging_detailedLog>0</logging_detailedLog>
|
|
<logging_socketStats>0</logging_socketStats>
|
|
<stickiness_pattern/>
|
|
<stickiness_dataTypes/>
|
|
<stickiness_expire/>
|
|
<stickiness_size/>
|
|
<stickiness_counter>0</stickiness_counter>
|
|
<stickiness_counter_key/>
|
|
<stickiness_length/>
|
|
<stickiness_connRatePeriod/>
|
|
<stickiness_sessRatePeriod/>
|
|
<stickiness_httpReqRatePeriod/>
|
|
<stickiness_httpErrRatePeriod/>
|
|
<stickiness_bytesInRatePeriod/>
|
|
<stickiness_bytesOutRatePeriod/>
|
|
<http2Enabled>0</http2Enabled>
|
|
<http2Enabled_nontls>0</http2Enabled_nontls>
|
|
<advertised_protocols/>
|
|
<forwardFor>0</forwardFor>
|
|
<prometheus_enabled>0</prometheus_enabled>
|
|
<prometheus_path/>
|
|
<connectionBehaviour/>
|
|
<customOptions/>
|
|
<linkedActions/>
|
|
<linkedErrorfiles/>
|
|
</frontend>
|
|
<frontend uuid="ae00eb59-fbcb-401b-a203-b36afa808ae4">
|
|
<id>9a98ae460a9aafb7.422509b9</id>
|
|
<enabled>1</enabled>
|
|
<name>frontend_192.168.1.1:22623</name>
|
|
<description/>
|
|
<bind>192.168.1.1:22623</bind>
|
|
<bindOptions/>
|
|
<mode>tcp</mode>
|
|
<defaultBackend>7aa31ee2-86f3-4ee2-b661-98ca6eb76bc9</defaultBackend>
|
|
<ssl_enabled>0</ssl_enabled>
|
|
<ssl_certificates/>
|
|
<ssl_default_certificate/>
|
|
<ssl_customOptions/>
|
|
<ssl_advancedEnabled>0</ssl_advancedEnabled>
|
|
<ssl_bindOptions/>
|
|
<ssl_minVersion/>
|
|
<ssl_maxVersion/>
|
|
<ssl_cipherList/>
|
|
<ssl_cipherSuites/>
|
|
<ssl_hstsEnabled>0</ssl_hstsEnabled>
|
|
<ssl_hstsIncludeSubDomains>0</ssl_hstsIncludeSubDomains>
|
|
<ssl_hstsPreload>0</ssl_hstsPreload>
|
|
<ssl_hstsMaxAge>0</ssl_hstsMaxAge>
|
|
<ssl_clientAuthEnabled>0</ssl_clientAuthEnabled>
|
|
<ssl_clientAuthVerify/>
|
|
<ssl_clientAuthCAs/>
|
|
<ssl_clientAuthCRLs/>
|
|
<basicAuthEnabled>0</basicAuthEnabled>
|
|
<basicAuthUsers/>
|
|
<basicAuthGroups/>
|
|
<tuning_maxConnections/>
|
|
<tuning_timeoutClient/>
|
|
<tuning_timeoutHttpReq/>
|
|
<tuning_timeoutHttpKeepAlive/>
|
|
<linkedCpuAffinityRules/>
|
|
<tuning_shards/>
|
|
<logging_dontLogNull>0</logging_dontLogNull>
|
|
<logging_dontLogNormal>0</logging_dontLogNormal>
|
|
<logging_logSeparateErrors>0</logging_logSeparateErrors>
|
|
<logging_detailedLog>0</logging_detailedLog>
|
|
<logging_socketStats>0</logging_socketStats>
|
|
<stickiness_pattern/>
|
|
<stickiness_dataTypes/>
|
|
<stickiness_expire/>
|
|
<stickiness_size/>
|
|
<stickiness_counter>0</stickiness_counter>
|
|
<stickiness_counter_key/>
|
|
<stickiness_length/>
|
|
<stickiness_connRatePeriod/>
|
|
<stickiness_sessRatePeriod/>
|
|
<stickiness_httpReqRatePeriod/>
|
|
<stickiness_httpErrRatePeriod/>
|
|
<stickiness_bytesInRatePeriod/>
|
|
<stickiness_bytesOutRatePeriod/>
|
|
<http2Enabled>0</http2Enabled>
|
|
<http2Enabled_nontls>0</http2Enabled_nontls>
|
|
<advertised_protocols/>
|
|
<forwardFor>0</forwardFor>
|
|
<prometheus_enabled>0</prometheus_enabled>
|
|
<prometheus_path/>
|
|
<connectionBehaviour/>
|
|
<customOptions/>
|
|
<linkedActions/>
|
|
<linkedErrorfiles/>
|
|
</frontend>
|
|
<frontend uuid="cc6e3316-c318-404d-a06a-1d855c828506">
|
|
<id>7832147fac80fc37.486ed3ac</id>
|
|
<enabled>1</enabled>
|
|
<name>frontend_192.168.1.1:6443</name>
|
|
<description/>
|
|
<bind>192.168.1.1:6443</bind>
|
|
<bindOptions/>
|
|
<mode>tcp</mode>
|
|
<defaultBackend>61ef67ba-68e5-46fb-89ed-ede779bfcfc0</defaultBackend>
|
|
<ssl_enabled>0</ssl_enabled>
|
|
<ssl_certificates/>
|
|
<ssl_default_certificate/>
|
|
<ssl_customOptions/>
|
|
<ssl_advancedEnabled>0</ssl_advancedEnabled>
|
|
<ssl_bindOptions/>
|
|
<ssl_minVersion/>
|
|
<ssl_maxVersion/>
|
|
<ssl_cipherList/>
|
|
<ssl_cipherSuites/>
|
|
<ssl_hstsEnabled>0</ssl_hstsEnabled>
|
|
<ssl_hstsIncludeSubDomains>0</ssl_hstsIncludeSubDomains>
|
|
<ssl_hstsPreload>0</ssl_hstsPreload>
|
|
<ssl_hstsMaxAge>0</ssl_hstsMaxAge>
|
|
<ssl_clientAuthEnabled>0</ssl_clientAuthEnabled>
|
|
<ssl_clientAuthVerify/>
|
|
<ssl_clientAuthCAs/>
|
|
<ssl_clientAuthCRLs/>
|
|
<basicAuthEnabled>0</basicAuthEnabled>
|
|
<basicAuthUsers/>
|
|
<basicAuthGroups/>
|
|
<tuning_maxConnections/>
|
|
<tuning_timeoutClient/>
|
|
<tuning_timeoutHttpReq/>
|
|
<tuning_timeoutHttpKeepAlive/>
|
|
<linkedCpuAffinityRules/>
|
|
<tuning_shards/>
|
|
<logging_dontLogNull>0</logging_dontLogNull>
|
|
<logging_dontLogNormal>0</logging_dontLogNormal>
|
|
<logging_logSeparateErrors>0</logging_logSeparateErrors>
|
|
<logging_detailedLog>0</logging_detailedLog>
|
|
<logging_socketStats>0</logging_socketStats>
|
|
<stickiness_pattern/>
|
|
<stickiness_dataTypes/>
|
|
<stickiness_expire/>
|
|
<stickiness_size/>
|
|
<stickiness_counter>0</stickiness_counter>
|
|
<stickiness_counter_key/>
|
|
<stickiness_length/>
|
|
<stickiness_connRatePeriod/>
|
|
<stickiness_sessRatePeriod/>
|
|
<stickiness_httpReqRatePeriod/>
|
|
<stickiness_httpErrRatePeriod/>
|
|
<stickiness_bytesInRatePeriod/>
|
|
<stickiness_bytesOutRatePeriod/>
|
|
<http2Enabled>0</http2Enabled>
|
|
<http2Enabled_nontls>0</http2Enabled_nontls>
|
|
<advertised_protocols/>
|
|
<forwardFor>0</forwardFor>
|
|
<prometheus_enabled>0</prometheus_enabled>
|
|
<prometheus_path/>
|
|
<connectionBehaviour/>
|
|
<customOptions/>
|
|
<linkedActions/>
|
|
<linkedErrorfiles/>
|
|
</frontend>
|
|
</frontends>
|
|
<backends>
|
|
<backend uuid="3a96c812-1f45-4c3e-87d8-c6f982fed22b">
|
|
<id>6a54c1779007c844.4f855343</id>
|
|
<enabled>1</enabled>
|
|
<name>backend_192.168.1.1:80</name>
|
|
<description/>
|
|
<mode>tcp</mode>
|
|
<algorithm>roundrobin</algorithm>
|
|
<random_draws>2</random_draws>
|
|
<proxyProtocol/>
|
|
<linkedServers>07f4ebd1-5f2e-48c5-9418-a719109b2928,cfd90752-fc3e-42c5-8a7c-e49486e8de38</linkedServers>
|
|
<linkedFcgi/>
|
|
<linkedResolver/>
|
|
<resolverOpts/>
|
|
<resolvePrefer/>
|
|
<source/>
|
|
<healthCheckEnabled>1</healthCheckEnabled>
|
|
<healthCheck>24321590-fe6e-4ada-980a-1c9e1bb6a990</healthCheck>
|
|
<healthCheckLogStatus>0</healthCheckLogStatus>
|
|
<checkInterval/>
|
|
<checkDownInterval/>
|
|
<healthCheckFall/>
|
|
<healthCheckRise/>
|
|
<linkedMailer/>
|
|
<http2Enabled>0</http2Enabled>
|
|
<http2Enabled_nontls>0</http2Enabled_nontls>
|
|
<ba_advertised_protocols/>
|
|
<persistence/>
|
|
<persistence_cookiemode/>
|
|
<persistence_cookiename/>
|
|
<persistence_stripquotes>0</persistence_stripquotes>
|
|
<stickiness_pattern/>
|
|
<stickiness_dataTypes/>
|
|
<stickiness_expire>30m</stickiness_expire>
|
|
<stickiness_size>50k</stickiness_size>
|
|
<stickiness_cookiename/>
|
|
<stickiness_cookielength/>
|
|
<stickiness_connRatePeriod>10s</stickiness_connRatePeriod>
|
|
<stickiness_sessRatePeriod>10s</stickiness_sessRatePeriod>
|
|
<stickiness_httpReqRatePeriod>10s</stickiness_httpReqRatePeriod>
|
|
<stickiness_httpErrRatePeriod>10s</stickiness_httpErrRatePeriod>
|
|
<stickiness_bytesInRatePeriod>1m</stickiness_bytesInRatePeriod>
|
|
<stickiness_bytesOutRatePeriod>1m</stickiness_bytesOutRatePeriod>
|
|
<basicAuthEnabled>0</basicAuthEnabled>
|
|
<basicAuthUsers/>
|
|
<basicAuthGroups/>
|
|
<tuning_timeoutConnect/>
|
|
<tuning_timeoutCheck/>
|
|
<tuning_timeoutServer/>
|
|
<tuning_retries/>
|
|
<customOptions/>
|
|
<tuning_defaultserver/>
|
|
<tuning_noport>0</tuning_noport>
|
|
<tuning_httpreuse/>
|
|
<tuning_caching>0</tuning_caching>
|
|
<linkedActions/>
|
|
<linkedErrorfiles/>
|
|
</backend>
|
|
<backend uuid="135fca06-eac8-455d-aaf4-b4c2fa7ca123">
|
|
<id>17919f61aad1fdcb.6e03e25e</id>
|
|
<enabled>1</enabled>
|
|
<name>backend_192.168.1.1:443</name>
|
|
<description/>
|
|
<mode>tcp</mode>
|
|
<algorithm>roundrobin</algorithm>
|
|
<random_draws>2</random_draws>
|
|
<proxyProtocol/>
|
|
<linkedServers>2dfb75a8-1713-4452-a5f4-83c9759729ca,ff876fa2-0409-4b51-bbaf-406c53e74a71</linkedServers>
|
|
<linkedFcgi/>
|
|
<linkedResolver/>
|
|
<resolverOpts/>
|
|
<resolvePrefer/>
|
|
<source/>
|
|
<healthCheckEnabled>1</healthCheckEnabled>
|
|
<healthCheck>bb246c2b-6180-428c-a168-a2875b3d1b0a</healthCheck>
|
|
<healthCheckLogStatus>0</healthCheckLogStatus>
|
|
<checkInterval/>
|
|
<checkDownInterval/>
|
|
<healthCheckFall/>
|
|
<healthCheckRise/>
|
|
<linkedMailer/>
|
|
<http2Enabled>0</http2Enabled>
|
|
<http2Enabled_nontls>0</http2Enabled_nontls>
|
|
<ba_advertised_protocols/>
|
|
<persistence/>
|
|
<persistence_cookiemode/>
|
|
<persistence_cookiename/>
|
|
<persistence_stripquotes>0</persistence_stripquotes>
|
|
<stickiness_pattern/>
|
|
<stickiness_dataTypes/>
|
|
<stickiness_expire>30m</stickiness_expire>
|
|
<stickiness_size>50k</stickiness_size>
|
|
<stickiness_cookiename/>
|
|
<stickiness_cookielength/>
|
|
<stickiness_connRatePeriod>10s</stickiness_connRatePeriod>
|
|
<stickiness_sessRatePeriod>10s</stickiness_sessRatePeriod>
|
|
<stickiness_httpReqRatePeriod>10s</stickiness_httpReqRatePeriod>
|
|
<stickiness_httpErrRatePeriod>10s</stickiness_httpErrRatePeriod>
|
|
<stickiness_bytesInRatePeriod>1m</stickiness_bytesInRatePeriod>
|
|
<stickiness_bytesOutRatePeriod>1m</stickiness_bytesOutRatePeriod>
|
|
<basicAuthEnabled>0</basicAuthEnabled>
|
|
<basicAuthUsers/>
|
|
<basicAuthGroups/>
|
|
<tuning_timeoutConnect/>
|
|
<tuning_timeoutCheck/>
|
|
<tuning_timeoutServer/>
|
|
<tuning_retries/>
|
|
<customOptions/>
|
|
<tuning_defaultserver/>
|
|
<tuning_noport>0</tuning_noport>
|
|
<tuning_httpreuse/>
|
|
<tuning_caching>0</tuning_caching>
|
|
<linkedActions/>
|
|
<linkedErrorfiles/>
|
|
</backend>
|
|
<backend uuid="7a248df4-37e9-41bc-9bc3-3708272bb81c">
|
|
<id>9dadf56d866ff29b.690416dd</id>
|
|
<enabled>1</enabled>
|
|
<name>backend_192.168.1.1:22623</name>
|
|
<description/>
|
|
<mode>tcp</mode>
|
|
<algorithm>roundrobin</algorithm>
|
|
<random_draws>2</random_draws>
|
|
<proxyProtocol/>
|
|
<linkedServers>c8653027-8497-4bba-a5ae-6034011cf7c7,89ffae6e-79a4-413a-89ea-6e9e52783243</linkedServers>
|
|
<linkedFcgi/>
|
|
<linkedResolver/>
|
|
<resolverOpts/>
|
|
<resolvePrefer/>
|
|
<source/>
|
|
<healthCheckEnabled>1</healthCheckEnabled>
|
|
<healthCheck>46542083-998b-4bb9-a47c-a586aac8bc0d</healthCheck>
|
|
<healthCheckLogStatus>0</healthCheckLogStatus>
|
|
<checkInterval/>
|
|
<checkDownInterval/>
|
|
<healthCheckFall/>
|
|
<healthCheckRise/>
|
|
<linkedMailer/>
|
|
<http2Enabled>0</http2Enabled>
|
|
<http2Enabled_nontls>0</http2Enabled_nontls>
|
|
<ba_advertised_protocols/>
|
|
<persistence/>
|
|
<persistence_cookiemode/>
|
|
<persistence_cookiename/>
|
|
<persistence_stripquotes>0</persistence_stripquotes>
|
|
<stickiness_pattern/>
|
|
<stickiness_dataTypes/>
|
|
<stickiness_expire>30m</stickiness_expire>
|
|
<stickiness_size>50k</stickiness_size>
|
|
<stickiness_cookiename/>
|
|
<stickiness_cookielength/>
|
|
<stickiness_connRatePeriod>10s</stickiness_connRatePeriod>
|
|
<stickiness_sessRatePeriod>10s</stickiness_sessRatePeriod>
|
|
<stickiness_httpReqRatePeriod>10s</stickiness_httpReqRatePeriod>
|
|
<stickiness_httpErrRatePeriod>10s</stickiness_httpErrRatePeriod>
|
|
<stickiness_bytesInRatePeriod>1m</stickiness_bytesInRatePeriod>
|
|
<stickiness_bytesOutRatePeriod>1m</stickiness_bytesOutRatePeriod>
|
|
<basicAuthEnabled>0</basicAuthEnabled>
|
|
<basicAuthUsers/>
|
|
<basicAuthGroups/>
|
|
<tuning_timeoutConnect/>
|
|
<tuning_timeoutCheck/>
|
|
<tuning_timeoutServer/>
|
|
<tuning_retries/>
|
|
<customOptions/>
|
|
<tuning_defaultserver/>
|
|
<tuning_noport>0</tuning_noport>
|
|
<tuning_httpreuse/>
|
|
<tuning_caching>0</tuning_caching>
|
|
<linkedActions/>
|
|
<linkedErrorfiles/>
|
|
</backend>
|
|
<backend uuid="d6439f76-0bf0-4f94-9b01-4cdee7926241">
|
|
<id>fd857b0343b2e697.21f0f89e</id>
|
|
<enabled>1</enabled>
|
|
<name>backend_192.168.1.1:6443</name>
|
|
<description/>
|
|
<mode>tcp</mode>
|
|
<algorithm>roundrobin</algorithm>
|
|
<random_draws>2</random_draws>
|
|
<proxyProtocol/>
|
|
<linkedServers>b85e244f-fbb8-4d5d-93be-ff9fb9d828fc,c94bcbd2-2fe2-49a5-b611-034d1fc54119</linkedServers>
|
|
<linkedFcgi/>
|
|
<linkedResolver/>
|
|
<resolverOpts/>
|
|
<resolvePrefer/>
|
|
<source/>
|
|
<healthCheckEnabled>1</healthCheckEnabled>
|
|
<healthCheck>52dc61b7-d23e-4e47-ba22-9edfd914bbcb</healthCheck>
|
|
<healthCheckLogStatus>0</healthCheckLogStatus>
|
|
<checkInterval/>
|
|
<checkDownInterval/>
|
|
<healthCheckFall/>
|
|
<healthCheckRise/>
|
|
<linkedMailer/>
|
|
<http2Enabled>0</http2Enabled>
|
|
<http2Enabled_nontls>0</http2Enabled_nontls>
|
|
<ba_advertised_protocols/>
|
|
<persistence/>
|
|
<persistence_cookiemode/>
|
|
<persistence_cookiename/>
|
|
<persistence_stripquotes>0</persistence_stripquotes>
|
|
<stickiness_pattern/>
|
|
<stickiness_dataTypes/>
|
|
<stickiness_expire>30m</stickiness_expire>
|
|
<stickiness_size>50k</stickiness_size>
|
|
<stickiness_cookiename/>
|
|
<stickiness_cookielength/>
|
|
<stickiness_connRatePeriod>10s</stickiness_connRatePeriod>
|
|
<stickiness_sessRatePeriod>10s</stickiness_sessRatePeriod>
|
|
<stickiness_httpReqRatePeriod>10s</stickiness_httpReqRatePeriod>
|
|
<stickiness_httpErrRatePeriod>10s</stickiness_httpErrRatePeriod>
|
|
<stickiness_bytesInRatePeriod>1m</stickiness_bytesInRatePeriod>
|
|
<stickiness_bytesOutRatePeriod>1m</stickiness_bytesOutRatePeriod>
|
|
<basicAuthEnabled>0</basicAuthEnabled>
|
|
<basicAuthUsers/>
|
|
<basicAuthGroups/>
|
|
<tuning_timeoutConnect/>
|
|
<tuning_timeoutCheck/>
|
|
<tuning_timeoutServer/>
|
|
<tuning_retries/>
|
|
<customOptions/>
|
|
<tuning_defaultserver/>
|
|
<tuning_noport>0</tuning_noport>
|
|
<tuning_httpreuse/>
|
|
<tuning_caching>0</tuning_caching>
|
|
<linkedActions/>
|
|
<linkedErrorfiles/>
|
|
</backend>
|
|
</backends>
|
|
<servers>
|
|
<server uuid="4278dc7c-cd02-4148-8c13-b335012f2a7c">
|
|
<id>f33ae26833f881f7.d1ec1e06</id>
|
|
<enabled>1</enabled>
|
|
<name>10.100.8.20_80</name>
|
|
<description/>
|
|
<address>10.100.8.20</address>
|
|
<port>80</port>
|
|
<checkport/>
|
|
<mode>active</mode>
|
|
<multiplexer_protocol/>
|
|
<type>static</type>
|
|
<serviceName/>
|
|
<number/>
|
|
<linkedResolver/>
|
|
<resolverOpts/>
|
|
<resolvePrefer/>
|
|
<ssl>0</ssl>
|
|
<sslSNI/>
|
|
<sslVerify>0</sslVerify>
|
|
<sslCA/>
|
|
<sslCRL/>
|
|
<sslClientCertificate/>
|
|
<maxConnections/>
|
|
<checkInterval/>
|
|
<checkDownInterval/>
|
|
<source/>
|
|
<advanced/>
|
|
<unix_socket/>
|
|
</server>
|
|
<server uuid="7d0b3f1c-1688-4e8c-b2f8-7a6c6f9ae558">
|
|
<id>fd47b7f46d7d69d8.65fb15f6</id>
|
|
<enabled>1</enabled>
|
|
<name>10.100.8.20_443</name>
|
|
<description/>
|
|
<address>10.100.8.20</address>
|
|
<port>443</port>
|
|
<checkport/>
|
|
<mode>active</mode>
|
|
<multiplexer_protocol/>
|
|
<type>static</type>
|
|
<serviceName/>
|
|
<number/>
|
|
<linkedResolver/>
|
|
<resolverOpts/>
|
|
<resolvePrefer/>
|
|
<ssl>0</ssl>
|
|
<sslSNI/>
|
|
<sslVerify>0</sslVerify>
|
|
<sslCA/>
|
|
<sslCRL/>
|
|
<sslClientCertificate/>
|
|
<maxConnections/>
|
|
<checkInterval/>
|
|
<checkDownInterval/>
|
|
<source/>
|
|
<advanced/>
|
|
<unix_socket/>
|
|
</server>
|
|
<server uuid="e43e2c54-58b1-4ac6-9f6c-291f68a3ab98">
|
|
<id>3e3974dbcbc95c6d.cc0c066d</id>
|
|
<enabled>1</enabled>
|
|
<name>10.100.8.20_22623</name>
|
|
<description/>
|
|
<address>10.100.8.20</address>
|
|
<port>22623</port>
|
|
<checkport/>
|
|
<mode>active</mode>
|
|
<multiplexer_protocol/>
|
|
<type>static</type>
|
|
<serviceName/>
|
|
<number/>
|
|
<linkedResolver/>
|
|
<resolverOpts/>
|
|
<resolvePrefer/>
|
|
<ssl>0</ssl>
|
|
<sslSNI/>
|
|
<sslVerify>0</sslVerify>
|
|
<sslCA/>
|
|
<sslCRL/>
|
|
<sslClientCertificate/>
|
|
<maxConnections/>
|
|
<checkInterval/>
|
|
<checkDownInterval/>
|
|
<source/>
|
|
<advanced/>
|
|
<unix_socket/>
|
|
</server>
|
|
<server uuid="4e7691ca-eece-4eb9-a8b6-d73fbbd2053c">
|
|
<id>2817f4f2b67b9a5f.1960d7f6</id>
|
|
<enabled>1</enabled>
|
|
<name>10.100.8.20_6443</name>
|
|
<description/>
|
|
<address>10.100.8.20</address>
|
|
<port>6443</port>
|
|
<checkport/>
|
|
<mode>active</mode>
|
|
<multiplexer_protocol/>
|
|
<type>static</type>
|
|
<serviceName/>
|
|
<number/>
|
|
<linkedResolver/>
|
|
<resolverOpts/>
|
|
<resolvePrefer/>
|
|
<ssl>0</ssl>
|
|
<sslSNI/>
|
|
<sslVerify>0</sslVerify>
|
|
<sslCA/>
|
|
<sslCRL/>
|
|
<sslClientCertificate/>
|
|
<maxConnections/>
|
|
<checkInterval/>
|
|
<checkDownInterval/>
|
|
<source/>
|
|
<advanced/>
|
|
<unix_socket/>
|
|
</server>
|
|
</servers>
|
|
<healthchecks>
|
|
<healthcheck uuid="cf27ba69-e923-4886-885c-e937a88e2099">
|
|
<name>TCP_serverport</name>
|
|
<description/>
|
|
<type>tcp</type>
|
|
<interval>2s</interval>
|
|
<ssl/>
|
|
<sslSNI/>
|
|
<force_ssl>0</force_ssl>
|
|
<checkport/>
|
|
<http_method/>
|
|
<http_uri/>
|
|
<http_version/>
|
|
<http_host/>
|
|
<http_expression/>
|
|
<http_negate/>
|
|
<http_value/>
|
|
<tcp_enabled/>
|
|
<tcp_sendValue/>
|
|
<tcp_matchType/>
|
|
<tcp_negate/>
|
|
<tcp_matchValue/>
|
|
<agent_port/>
|
|
<mysql_user/>
|
|
<mysql_post41/>
|
|
<pgsql_user/>
|
|
<smtp_domain/>
|
|
<esmtp_domain/>
|
|
<agentPort/>
|
|
<dbUser/>
|
|
<smtpDomain/>
|
|
</healthcheck>
|
|
<healthcheck uuid="1aa449a0-2f71-4a91-8a63-fd84354948f7">
|
|
<name>HTTP_GET_/readyz</name>
|
|
<description/>
|
|
<type>http</type>
|
|
<interval>2s</interval>
|
|
<ssl/>
|
|
<sslSNI/>
|
|
<force_ssl>0</force_ssl>
|
|
<checkport/>
|
|
<http_method>GET</http_method>
|
|
<http_uri>/readyz</http_uri>
|
|
<http_version/>
|
|
<http_host/>
|
|
<http_expression/>
|
|
<http_negate/>
|
|
<http_value/>
|
|
<tcp_enabled/>
|
|
<tcp_sendValue/>
|
|
<tcp_matchType/>
|
|
<tcp_negate/>
|
|
<tcp_matchValue/>
|
|
<agent_port/>
|
|
<mysql_user/>
|
|
<mysql_post41/>
|
|
<pgsql_user/>
|
|
<smtp_domain/>
|
|
<esmtp_domain/>
|
|
<agentPort/>
|
|
<dbUser/>
|
|
<smtpDomain/>
|
|
</healthcheck>
|
|
</healthchecks>
|
|
<acls/>
|
|
<actions/>
|
|
<luas/>
|
|
<fcgis/>
|
|
<errorfiles/>
|
|
<mapfiles/>
|
|
<groups/>
|
|
<users/>
|
|
<cpus/>
|
|
<resolvers/>
|
|
<mailers/>
|
|
<maintenance>
|
|
<cronjobs>
|
|
<syncCerts>0</syncCerts>
|
|
<syncCertsCron/>
|
|
<updateOcsp>0</updateOcsp>
|
|
<updateOcspCron/>
|
|
<reloadService>0</reloadService>
|
|
<reloadServiceCron/>
|
|
<restartService>0</restartService>
|
|
<restartServiceCron/>
|
|
</cronjobs>
|
|
</maintenance>
|
|
</HAProxy>
|
|
</OPNsense>
|
|
<staticroutes version="1.0.0"/>
|
|
<ca/>
|
|
<cert uuid="4ced616b-f756-4058-8de3-3d876145eebb">
|
|
<refid>68a72b6f7f776</refid>
|
|
<descr>Web GUI TLS certificate</descr>
|
|
<crt>LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUhFakNDQlBxZ0F3SUJBZ0lVUkZqWUQ0Z1U0bzRNZGdiN2pIc29KNU9GVGFnd0RRWUpLb1pJaHZjTkFRRUwKQlFBd2dZWXhHakFZQmdOVkJBTU1FVTlRVG5ObGJuTmxMbWx1ZEdWeWJtRnNNUXN3Q1FZRFZRUUdFd0pPVERFVgpNQk1HQTFVRUNBd01XblZwWkMxSWIyeHNZVzVrTVJVd0V3WURWUVFIREF4TmFXUmtaV3hvWVhKdWFYTXhMVEFyCkJnTlZCQW9NSkU5UVRuTmxibk5sSUhObGJHWXRjMmxuYm1Wa0lIZGxZaUJqWlhKMGFXWnBZMkYwWlRBZUZ3MHkKTlRBNE1qRXhOREl4TXpaYUZ3MHlOakE1TWpJeE5ESXhNelphTUlHR01Sb3dHQVlEVlFRRERCRlBVRTV6Wlc1egpaUzVwYm5SbGNtNWhiREVMTUFrR0ExVUVCaE1DVGt3eEZUQVRCZ05WQkFnTURGcDFhV1F0U0c5c2JHRnVaREVWCk1CTUdBMVVFQnd3TVRXbGtaR1ZzYUdGeWJtbHpNUzB3S3dZRFZRUUtEQ1JQVUU1elpXNXpaU0J6Wld4bUxYTnAKWjI1bFpDQjNaV0lnWTJWeWRHbG1hV05oZEdVd2dnSWlNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0SUNEd0F3Z2dJSwpBb0lDQVFDbENkeFJ3ZWJQQkxvYlVORnYvL2t3TEdKWExweDl6OFFHV2lyWTNpamVDeUxDQ0FwczBLaE1adTNRClhkczMranppbDRnSE96L0hvUEo5Z0xxMy9FYnR4cE9ENWkvQzZwbXc3SGM1M2tTQ3JCK2tlWUFnVWZ1aDU3MzAKZyt3cGc5RDQzaHFBNzF1L3F0ZC95eitnTVJnTWdZMndEK3ZWQWRrdGxVSWlmN2piTmR1RDRGMmdkL0gwbzljWApEUm5zMzNNQVptTkZwajN4QWFwQi9RWnhKV1JMZ1J5K1A5MWcyZEZFNzhNaWY4ZTRNSCtrU29ndzIwVG1JbmpzCitKdEVTc0xQZmx2eUZUa0lkTVdFbURWOG1HUk5hNXVoYXlEbVNEUU9xV0NUTlZHV3ZVWjZTRnJRZ1Q1MDBEdXgKWnRtYlhGdEVqRzlIaGd5SW5QT0dKbWYzTWVzS3dYclVNMW1BenVCRVBFR0lwOTc3UTY2SitpTDYzWTUvTTB3aAphMGVVNGppNTVRQnJOQjlaWjJsa080bGU2TXdmZm50c29JakMrVDh5RW5tbW5nQTlTdWNPRW9CcFFhd3cvRGhOCmtSNGk4TUptR1JNdmpLazlHVzZ3Z2VNVThJVDhKZDRjTmJOVzdFSGpzV08xN1luTVhIMEUxOVZqa2d1R3dIODAKZ3ZROGtzTmV4WVA3WWo0b0VycnRKbWVhWU8wbFVkV0tGektNdS8va0UvNG5HK0h4emlRUnA5QmdyTURNYks4ZgpkM29mY2tqZFZTTW9Vc1FJaWlmdTFMK1I4V1Y3K3hsTzdTWS80dGk3Y28zcjNXRTYyVlE4Vk9QMVphcStWRFpvClNIMVRCa0lTSU5paVJFRzhZSDQvRHJwNWZ2dHBPcERBRGN1TGdDNDJHcExmS1pwVEtRSURBUUFCbzRJQmREQ0MKQVhBd0NRWURWUjBUQkFJd0FEQVJCZ2xnaGtnQmh2aENBUUVFQkFNQ0JrQXdOQVlKWUlaSUFZYjRRZ0VOQkNjVwpKVTlRVG5ObGJuTmxJRWRsYm1WeVlYUmxaQ0JUWlhKMlpYSWdRMlZ5ZEdsbWFXTmhkR1V3SFFZRFZSME9CQllFCkZIdUVQK05yYlorZWdMdWZVSUFKaUo2M1c4SDFNSUd3QmdOVkhTTUVnYWd3Z2FXaGdZeWtnWWt3Z1lZeEdqQVkKQmdOVkJBTU1FVTlRVG5ObGJuTmxMbWx1ZEdWeWJtRnNNUXN3Q1FZRFZRUUdFd0pPVERFVk1CTUdBMVVFQ0F3TQpXblZwWkMxSWIyeHNZVzVrTVJVd0V3WURWUVFIREF4TmFXUmtaV3hvWVhKdWFYTXhMVEFyQmdOVkJBb01KRTlRClRuTmxibk5sSUhObGJHWXRjMmxuYm1Wa0lIZGxZaUJqWlhKMGFXWnBZMkYwWllJVVJGallENGdVNG80TWRnYjcKakhzb0o1T0ZUYWd3SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQ0FJQ01Bc0dBMVVkRHdRRQpBd0lGb0RBY0JnTlZIUkVFRlRBVGdoRlBVRTV6Wlc1elpTNXBiblJsY201aGJEQU5CZ2txaGtpRzl3MEJBUXNGCkFBT0NBZ0VBV2JzM2MwSXYwcEd3Y0wvUmRlbnBiZVJHQ3FsODY0V1ZITEtMZzJIR3BkKytJdmRFcHJEZkZ3SCsKdHdOd2VrZTlXUEtYa20vUkZDWE5DQmVLNjkxeURVWCtCNUJOMjMvSks5N1lzRVdtMURIV3FvSDE1WmdqelZ0QQp2d2JmbnRQdlhCWU1wV2ZQY0Zua0hjN3pxUjI3RzBEZHFUeGg2TjhFenV1S3JRWXFtaWhJUXFkNU9HRVhteW9ZCmdPVjdoZ0lWSUR6a1Z0QkRiS3dFV3VFN2pKYzViMXR4Mk1FUFRsVklEZGo0Zm5vdURWemdkczA2RER4aFM4eXAKbXJOSXhxb045ekEzYXVtTnRNZ2haSHVZRHdjbm5GSnBNZHlJSEdHZ1dlNnZZNHFtdEFSVDd3a0x6MTZnUG9LMAo5bFhVU0RmV3YwUDJGUXFHZTJjaXQ3VVE2ZGtsUWsrVGVtUEFwNnhEV09HR3oxRkdmUUoxN040b3AvOGtlOUo2Cm96RVp3QTh1aDVYTUl2N3loM2dobjV1d1R6RDUyZ1BBZFdaekEyaHVWV3p5cVM0WVc0N3ZkaGV6TTFTUndabVEKUmYzNDk0UVFydWd0bzdycWdMUlRTSXN4WEtkU21MaHZjT0hsSlhISW1XNTRzeFlXNm9NUStpRExFT29ZVVdpcgp1aUJvT1RsNEJaOG5Xcm9pV0JtWlFLaVRPYlFRczVWTkIwYnVybmRISTJVdmtIRTE3QTM0bFYySjY5Q0dNNzJ2CjQ5aE9TN3B2Tzg4cEVKZm90d01YYlRhdkR2WTBHazZxbERFMVBud1U2Wm8ySEprcFdUTUxOSzh1alZ1RkhlMGkKR2JvZi9va08vZW4rUi9PUXNyd1JYbzFwVTRiWnlyWGVQeUdqSSsrdFYzemhjd0IwWjNJPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==</crt>
|
|
<caref/>
|
|
<csr/>
|
|
<prv>LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUpRUUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQ1Nzd2dna25BZ0VBQW9JQ0FRQ2xDZHhSd2ViUEJMb2IKVU5Gdi8va3dMR0pYTHB4OXo4UUdXaXJZM2lqZUN5TENDQXBzMEtoTVp1M1FYZHMzK2p6aWw0Z0hPei9Ib1BKOQpnTHEzL0VidHhwT0Q1aS9DNnBtdzdIYzUza1NDckIra2VZQWdVZnVoNTczMGcrd3BnOUQ0M2hxQTcxdS9xdGQvCnl6K2dNUmdNZ1kyd0QrdlZBZGt0bFVJaWY3amJOZHVENEYyZ2QvSDBvOWNYRFJuczMzTUFabU5GcGozeEFhcEIKL1FaeEpXUkxnUnkrUDkxZzJkRkU3OE1pZjhlNE1IK2tTb2d3MjBUbUluanMrSnRFU3NMUGZsdnlGVGtJZE1XRQptRFY4bUdSTmE1dWhheURtU0RRT3FXQ1ROVkdXdlVaNlNGclFnVDUwMER1eFp0bWJYRnRFakc5SGhneUluUE9HCkptZjNNZXNLd1hyVU0xbUF6dUJFUEVHSXA5NzdRNjZKK2lMNjNZNS9NMHdoYTBlVTRqaTU1UUJyTkI5WloybGsKTzRsZTZNd2ZmbnRzb0lqQytUOHlFbm1tbmdBOVN1Y09Fb0JwUWF3dy9EaE5rUjRpOE1KbUdSTXZqS2s5R1c2dwpnZU1VOElUOEpkNGNOYk5XN0VIanNXTzE3WW5NWEgwRTE5VmprZ3VHd0g4MGd2UThrc05leFlQN1lqNG9FcnJ0CkptZWFZTzBsVWRXS0Z6S011Ly9rRS80bkcrSHh6aVFScDlCZ3JNRE1iSzhmZDNvZmNramRWU01vVXNRSWlpZnUKMUwrUjhXVjcreGxPN1NZLzR0aTdjbzNyM1dFNjJWUThWT1AxWmFxK1ZEWm9TSDFUQmtJU0lOaWlSRUc4WUg0LwpEcnA1ZnZ0cE9wREFEY3VMZ0M0MkdwTGZLWnBUS1FJREFRQUJBb0lDQUFTSHc4Tit4aDR5ckFVcDc4WGFTZlhYCmtnK0FtUTBmRWV0MnVDeGgxTTlia09Xd29OQ2gzYXpUT24zNHhaYkF5TUVUbGNsVkNBZ3IwOXc4RjJRTGljcm4KSTQrQVZ4bExwVkprKzFUY1ZCY2VNSFFzWGFjRmVSblZxYkkzbU5qKzVGS2dqaXV4NWx2WmpiYlZWbmJJUWplOQpxcTBGa3R5ekEwb3NDYmUydDlWVW9pVDVtTGhaOG90Ym9BRGkvQzR6YUEyL3djUGNyMkNaUWhvem51U21PUjJWCmVydUNOMHA4VURGTFA1a0gxdXlvY0NpTFh6ZXdIVEVRQ3krK0YwMEZuRmxqeDVSYW5za3JvMnhqWFR5QlZtZUYKcDYwRHF0Q0hkTjVlS2VlQWxDL0dIRlFvL2swdzd3ejMxbHVsVGgza3FDQzJsaXRwYzVpZ2JsTGxaUDgxSUpXTQp0bkhlczNsTXk1RGNDWUx3L3huZFdmVDZFMTB4WlhFNWI0QTdxYjF4Yjhsd1FoNHFJckhDZ2p1NDVPYXNCMERJClBYZ3E2eWkwL2FKWXV6SU5kcjRTeFRibExGUkp6MXlQaGZTZDVGbjdWQVBYU1JNTDlDbzJrL0M1SDlwdG1HMjYKZHBLQVNib1ZMcStrbXg3anVKYXc0a1JNNHZmYndHZGNMZEhqMXByZ08xNkd1ckpQOVRRQ0x5YzhaR0xOekcvaApIMzBpU2FlclJOUmtDRlhmeTEzWWJJZTZHTE12KzVmODlYSENGNmZrZ1JkZjVrbTA3cEc3SCtMZytmZFdtd2lZCm0waExNSFVZeHJ3WkFma2tvZjhlSllscEVQVmQ3ZytCVjd2eTZhYW0yQituUTdHYk84WUprSnlJME04amlSaDEKeGdjRmFZaGZlT21RZGtVbi9BcUJBb0lCQVFEU1JZbDl0SnJyQk5UOXlZN0twWTJiOGVURFJqdDByU1NQRUJvNgppeWoyVWR5S1ZSbHFFdzRma2IrejV3WWt2bnBpMW1uS3NjNFlLZmoyaDVSdXVDbzVzTUNLbmpDUXBpbll4bWRFCk45Z3l6SWRYMmlzRUh6dXNSZkZiajBVSWU1dHc0TE9pL3cyVzFYWGJUc3liOFdhTmhkbVQ4TGxDNjQ5WkNNUWQKeDZkeTdOWS9uYnVWVVQ0KzM3WmV0VlR1eDg1ekl5OTdnMWp4dFZhaXZrd2hQVWtLcWpXWDYzaUZidjFuY1FVdgpiQURrWkFoOXRWYWV2UGZ2NURDeDZITldiVFlObjVRZWd3OTRyVndoSjhYb1V5ZDRqWFB0VmdXU2VkN0tWd2U5CmNkNW9CZWFBOVhDdnJxdkNIRjI4QXg2OUI2YWQrQlk1S0dVcGU2LythQnlKdlQwUkFvSUJBUURJN2c3c0dMc3AKVWJ4dGhJQm9yRzF5MDRKWWlnaE5VMlF4YjdzSkxocnRTc2NtRkxSZU5DYy8zOTBCV3ZrbVFIazFnZkpxV3hDLwp2R0VMT0Iwd3U5VFBBRWFsS25IZ2RhNkFTMURuM3NTWTltcFBRRjYvbEY2cm00cDlNUU1TTFo1V3ZsL0ZNRklHCjUvaXVSVjJaOVdkeTV4QVFWNG5uZmdMOWJDNzhPa2k3VnFPTDJDZk0vcEJEMHdzRUZmOGZiejFSZXo4dEFRZ2QKVXY4cEpFTWdDTCtQeEdkdG5DYUcxYm5obXhEUUxiWmQ4TTFOQkpKOWZLZFgzVWtLcTlDdmFJVXBIZlduSFBWVAprVWNwMUVTYnEzOFVhTzFSS1NBNUtQd1ZiNkVPVGJBSGtlaEN4ZVhpN2F3YkZwYXlTelpIaWl4Y05QQjk1YUtSCkpJQ0J5ekFwQTVTWkFvSUJBRlZKYXlrWGxqWjVNVUwyKy9ucUNIUVdPeW1SVlJCUUlpSDg4QWFLNTBSeGs3aHcKSit6RWFkZ1lMOTl5ZHlWME5RUGQzKzhkQzNEMXBVdXBWbVZLUWFaQXNQZ0lqYjQrQjM4cmlqczdRMi9uVVlZcQpzWVBzZnpHeTlPQ2tUZVhRN1ExdHRxOElNS1RiVkFCdUI4UEF1RTN5Mm51TkNqZkFmOVluSGhUT0pIY1M1UnZNCmlJZForcHRaOWdpWUdDajUxaDBSU25NWXBYejBobjFnSGxUbEhMazhySnhBSUJSUEhtMVVoRHZsM0w3R2JFTkEKeUM5K2lqbzlIaHNySTQwTW92NEhtZlorUmtvMlZzWUQ4ZHYzem15eFF6SWkwQVBIZHJ3dmJLNUVmMmRGN1dhbApKdDI3UldOb1NnUzJaME5ZMVJZQnlGSEt0cTJLdzZtMjVNeGhlMkVDZ2dFQVhSNFdSRXhoMEpCVXB0eVZOZTFTCis3Z1IzRDU4QW5uM0lRSUt5QUpaOEVhTGJKYUQwSFNUREFNUFJTV0grYlkvZGhDMjY1c3djK3MxZmlHUFJacUcKMFRmcmhYZmFOby9UUXhta2NSRElRNnRQTVZNL2xjR0k3amF6UTdtSEZ0R1ZZOVh1UkZCVWMyYmwxTDNJMXlUbgp3RlJkR1hXNEwxUXl4b2R3YnV3RDhPNEI5VGxEbUxrUTJwM2ZxUkVZbnRUS3NneFFCdWRIZjIrTFdPRzVTZ3RECjI3akZ4Z0pyeUdrY0wvWFJJT2xPYnRLK0VrZGdMRStzcmdlYlpocWlKK2hrYmQyNGpxM1k4OVdNQ1ZLYVNScDkKVmxRYVIxYXIzRkdtSWJrT0JyYnlNVS9wTjZqSEZSZllmdVZGQ1hQWnYrWEZFU1pubmJEaVdpbDBkTEpacTJoQgpZUUtDQVFBOVlTcE1wS3dhVGwrTmhTZlovMXU0NjZiMkpZcmJPYlRJM2VCZUowMnFwNXdQTjZYUHJ5aVZaZ1FXClh5cG04a3M5MEJIblBPNUczNFJnKzhLRFlONU1Ed1hBclJubDdSeTEySG5oV3lSaHNKYmdZOEh1c2d4SEROMU8KMEcwSFBpVWtIbTYydlRNYll6bkhPeE5sS1hFdFhBcTlZM3dQYkFjb01rRXZ0MzEwdEdLSUNtdTdEWkpXRlVvTAp1Y3RVS3Boc0V5VWdHbHIwRjJKekVoQWdMRXplczB0S1JpRWdlaFdnbXdlMEhlTEhCdW5oRFBTMmFJY2lCME1pCjY2SGc3cVZyMDlneXpFeGxrY3RLRzhsSm9WbU8vdlhucWQrWDB5M21YTUVZbkFIWHpIeG1Pd2JCNnF3Y3VWTlEKZytqRXliUWF3d3A2OC9id0JncFREQUhORGxrRQotLS0tLUVORCBQUklWQVRFIEtFWS0tLS0tCg==</prv>
|
|
</cert>
|
|
<dhcpdv6/>
|
|
<virtualip version="1.0.1">
|
|
<vip/>
|
|
</virtualip>
|
|
<openvpn/>
|
|
<ppps>
|
|
<ppp/>
|
|
</ppps>
|
|
<vlans version="1.0.0">
|
|
<vlan/>
|
|
</vlans>
|
|
<bridges/>
|
|
<gifs version="1.0.0">
|
|
<gif/>
|
|
</gifs>
|
|
<gres version="1.0.0">
|
|
<gre/>
|
|
</gres>
|
|
<laggs version="1.0.0">
|
|
<lagg/>
|
|
</laggs>
|
|
<wireless>
|
|
<clone/>
|
|
</wireless>
|
|
<hasync version="1.0.2">
|
|
<pfsyncinterface/>
|
|
<synchronizetoip/>
|
|
<verifypeer>0</verifypeer>
|
|
<username/>
|
|
<password/>
|
|
<disablepreempt>0</disablepreempt>
|
|
<disconnectppps>0</disconnectppps>
|
|
<pfsyncpeerip/>
|
|
<pfsyncversion>1400</pfsyncversion>
|
|
<syncitems/>
|
|
</hasync>
|
|
<Pischem>
|
|
<caddy>
|
|
<general>
|
|
<enabled>1</enabled>
|
|
<EnableLayer4>0</EnableLayer4>
|
|
<HttpPort>8080</HttpPort>
|
|
<HttpsPort>8443</HttpsPort>
|
|
<TlsEmail/>
|
|
<TlsAutoHttps/>
|
|
<TlsDnsProvider/>
|
|
<TlsDnsApiKey/>
|
|
<TlsDnsPropagationTimeout>0</TlsDnsPropagationTimeout>
|
|
<TlsDnsPropagationTimeoutPeriod/>
|
|
<TlsDnsPropagationDelay/>
|
|
<TlsDnsPropagationResolvers/>
|
|
<TlsDnsEchDomain/>
|
|
<accesslist/>
|
|
<DisableSuperuser>0</DisableSuperuser>
|
|
<GracePeriod>10</GracePeriod>
|
|
<HttpVersions>h1,h2</HttpVersions>
|
|
<timeout_read_body/>
|
|
<timeout_read_header/>
|
|
<timeout_write/>
|
|
<timeout_idle/>
|
|
<LogCredentials>0</LogCredentials>
|
|
<LogAccessPlain>0</LogAccessPlain>
|
|
<LogAccessPlainKeep>10</LogAccessPlainKeep>
|
|
<LogLevel/>
|
|
<DynDnsSimpleHttp/>
|
|
<DynDnsInterface/>
|
|
<DynDnsInterval/>
|
|
<DynDnsIpVersions/>
|
|
<DynDnsTtl/>
|
|
<DynDnsUpdateOnly>0</DynDnsUpdateOnly>
|
|
<AuthProvider/>
|
|
<AuthToDomain/>
|
|
<AuthToPort/>
|
|
<AuthToTls>0</AuthToTls>
|
|
<AuthToUri/>
|
|
<ClientIpHeaders/>
|
|
<CopyHeaders/>
|
|
</general>
|
|
<reverseproxy/>
|
|
</caddy>
|
|
</Pischem>
|
|
<ifgroups version="1.0.0"/>
|
|
<dnsmasq version="1.0.8" persisted_at="1756758457.18">
|
|
<enable>1</enable>
|
|
<regdhcp>0</regdhcp>
|
|
<regdhcpstatic>0</regdhcpstatic>
|
|
<dhcpfirst>0</dhcpfirst>
|
|
<strict_order>0</strict_order>
|
|
<domain_needed>0</domain_needed>
|
|
<no_private_reverse>0</no_private_reverse>
|
|
<no_resolv>0</no_resolv>
|
|
<log_queries>0</log_queries>
|
|
<no_hosts>0</no_hosts>
|
|
<strictbind>0</strictbind>
|
|
<dnssec>0</dnssec>
|
|
<regdhcpdomain/>
|
|
<interface>lan</interface>
|
|
<port>0</port>
|
|
<dns_forward_max/>
|
|
<cache_size/>
|
|
<local_ttl/>
|
|
<add_mac/>
|
|
<add_subnet>0</add_subnet>
|
|
<strip_subnet>0</strip_subnet>
|
|
<dhcp>
|
|
<no_interface/>
|
|
<fqdn>1</fqdn>
|
|
<domain/>
|
|
<local>1</local>
|
|
<lease_max/>
|
|
<authoritative>0</authoritative>
|
|
<default_fw_rules>1</default_fw_rules>
|
|
<reply_delay/>
|
|
<enable_ra>0</enable_ra>
|
|
<nosync>0</nosync>
|
|
</dhcp>
|
|
<no_ident>1</no_ident>
|
|
<hosts uuid="f0e9a436-b356-4662-b745-69f2c21f73dd">
|
|
<host>teststatichost</host>
|
|
<domain/>
|
|
<local>1</local>
|
|
<ip>192.168.1.20</ip>
|
|
<cnames/>
|
|
<client_id/>
|
|
<hwaddr>01:c4:f3:f4:8a:15,01:c4:f3:f4:8a:16</hwaddr>
|
|
<lease_time/>
|
|
<ignore>0</ignore>
|
|
<set_tag/>
|
|
<descr>description</descr>
|
|
<comments>controlled by someone comments</comments>
|
|
<aliases/>
|
|
</hosts>
|
|
<dhcp_tags uuid="8d190cf3-8d2d-47db-ab9b-fa21016b533e">
|
|
<tag>ipxe</tag>
|
|
</dhcp_tags>
|
|
<dhcp_tags uuid="0b2982da-198c-4ca4-9a3e-95813667047c">
|
|
<tag>pxeEfi</tag>
|
|
</dhcp_tags>
|
|
<dhcp_tags uuid="993e079f-09b9-4a0f-a70f-8898872b9983">
|
|
<tag>pxeBios</tag>
|
|
</dhcp_tags>
|
|
<dhcp_options uuid="580cae2d-edb3-448d-abf4-10fbbbf5e264">
|
|
<type>match</type>
|
|
<option>77</option>
|
|
<option6/>
|
|
<interface/>
|
|
<tag/>
|
|
<set_tag>8d190cf3-8d2d-47db-ab9b-fa21016b533e</set_tag>
|
|
<value>iPXE</value>
|
|
<force>0</force>
|
|
<description/>
|
|
</dhcp_options>
|
|
</dnsmasq>
|
|
</opnsense>
|