From e0acbf304bf024f2f74803956f1f83b7f2b3fe8b Mon Sep 17 00:00:00 2001
From: Jean-Gabriel Gill-Couture <jeangabriel.gc@gmail.com>
Date: Fri, 18 Oct 2024 00:48:57 -0400
Subject: [PATCH] wip: Full opnsense deserializer almost done, works on a
 slightly cheated config file, next step is to try the real config file

---
 harmony-rs/Cargo.lock                         |    3 +-
 harmony-rs/opnsense-config/Cargo.toml         |    7 +-
 harmony-rs/opnsense-config/src/config.rs      |    2 +-
 .../src/modules/deserializer/interfaces.rs    |  110 +
 .../src/modules/deserializer/mod.rs           |    3 +
 .../opnsense-config/src/modules/dhcp.rs       |    4 +
 harmony-rs/opnsense-config/src/modules/mod.rs |    1 +
 .../opnsense-config/src/modules/opnsense.rs   | 1948 ++++++++++++++++-
 .../src/tests/data/config-structure.xml       | 1421 ++++++++++++
 9 files changed, 3475 insertions(+), 24 deletions(-)
 create mode 100644 harmony-rs/opnsense-config/src/modules/deserializer/interfaces.rs
 create mode 100644 harmony-rs/opnsense-config/src/modules/deserializer/mod.rs
 create mode 100644 harmony-rs/opnsense-config/src/tests/data/config-structure.xml

diff --git a/harmony-rs/Cargo.lock b/harmony-rs/Cargo.lock
index 6fc9ac4..a115db3 100644
--- a/harmony-rs/Cargo.lock
+++ b/harmony-rs/Cargo.lock
@@ -1240,6 +1240,7 @@ name = "opnsense-config"
 version = "0.1.0"
 dependencies = [
  "async-trait",
+ "env_logger",
  "log",
  "russh",
  "russh-keys",
@@ -2596,7 +2597,6 @@ dependencies = [
 [[package]]
 name = "yaserde"
 version = "0.11.1"
-source = "git+https://git.nationtech.io/NationTech/yaserde#353558737f3ef73e93164c596ff920d4344f30a3"
 dependencies = [
  "log",
  "xml-rs",
@@ -2605,7 +2605,6 @@ dependencies = [
 [[package]]
 name = "yaserde_derive"
 version = "0.11.1"
-source = "git+https://git.nationtech.io/NationTech/yaserde#353558737f3ef73e93164c596ff920d4344f30a3"
 dependencies = [
  "heck",
  "log",
diff --git a/harmony-rs/opnsense-config/Cargo.toml b/harmony-rs/opnsense-config/Cargo.toml
index d79b74e..7f6894d 100644
--- a/harmony-rs/opnsense-config/Cargo.toml
+++ b/harmony-rs/opnsense-config/Cargo.toml
@@ -6,10 +6,13 @@ edition = "2021"
 [dependencies]
 serde = { version = "1.0.123", features = [ "derive" ] }
 log = { workspace = true }
+env_logger = { workspace = true }
 russh = { workspace = true }
 russh-keys = { workspace = true }
-yaserde = { git = "https://git.nationtech.io/NationTech/yaserde" }
-yaserde_derive = { git = "https://git.nationtech.io/NationTech/yaserde" }
+#yaserde = { git = "https://git.nationtech.io/NationTech/yaserde" }
+#yaserde_derive = { git = "https://git.nationtech.io/NationTech/yaserde" }
+yaserde = { path = "../../../../github/yaserde/yaserde" }
+yaserde_derive = { path = "../../../../github/yaserde/yaserde_derive" }
 xml-rs = "0.8"
 thiserror = "1.0"
 async-trait = { workspace = true }
diff --git a/harmony-rs/opnsense-config/src/config.rs b/harmony-rs/opnsense-config/src/config.rs
index 41f2ee3..6d26b65 100644
--- a/harmony-rs/opnsense-config/src/config.rs
+++ b/harmony-rs/opnsense-config/src/config.rs
@@ -176,7 +176,7 @@ mod tests {
     #[tokio::test]
     async fn test_load_config_from_local_file() {
         let mut test_file_path = PathBuf::from(env!("CARGO_MANIFEST_DIR"));
-        test_file_path.push("src/tests/data/config-full-1.xml");
+        test_file_path.push("src/tests/data/config-structure.xml");
 
         let config_file_path = test_file_path.to_str().unwrap().to_string();
         println!("File path {config_file_path}");
diff --git a/harmony-rs/opnsense-config/src/modules/deserializer/interfaces.rs b/harmony-rs/opnsense-config/src/modules/deserializer/interfaces.rs
new file mode 100644
index 0000000..ee20f80
--- /dev/null
+++ b/harmony-rs/opnsense-config/src/modules/deserializer/interfaces.rs
@@ -0,0 +1,110 @@
+use xml::reader::XmlEvent;
+use yaserde::{YaDeserialize, YaSerialize};
+
+use crate::modules::opnsense::{Interface, Interfaces};
+
+impl YaSerialize for Interfaces {
+    fn serialize<W: std::io::Write>(
+        &self,
+        writer: &mut yaserde::ser::Serializer<W>,
+    ) -> Result<(), String> {
+        todo!()
+    }
+
+    fn serialize_attributes(
+        &self,
+        attributes: Vec<xml::attribute::OwnedAttribute>,
+        namespace: xml::namespace::Namespace,
+    ) -> Result<
+        (
+            Vec<xml::attribute::OwnedAttribute>,
+            xml::namespace::Namespace,
+        ),
+        String,
+    > {
+        todo!()
+    }
+}
+
+impl YaDeserialize for Interfaces {
+    fn deserialize<R: std::io::Read>(
+        reader: &mut yaserde::de::Deserializer<R>,
+    ) -> Result<Self, String> {
+        let mut interfaces = Interfaces::default();
+        let mut current_interface_name = String::new();
+        let mut current_interface = Interface::default();
+
+        let mut event = reader.next_event()?;
+        loop {
+            match event {
+                xml::reader::XmlEvent::EndElement { name } => {
+                    println!(
+                        "Handling EndElement {}, current_interface_name: {}",
+                        name.local_name, current_interface_name
+                    );
+                    println!("Peeking after EndElement {:?}", reader.peek()?);
+                    if name.local_name == "interfaces" {
+                        break;
+                    }
+                    todo!("Should not hit here");
+                }
+                xml::reader::XmlEvent::StartElement { ref name, .. } => {
+                    println!("Got start Element {:?}", name);
+                    current_interface_name = name.local_name.clone();
+                    println!("About to deserialize interface from name {:?}", name);
+                    // TODO store names
+                    'inner_iface: loop {
+                        let peek = reader.peek()?;
+                        println!("Peeking before forcing next event {:?}", peek);
+
+                        if let XmlEvent::EndElement { name } = peek {
+                            // TODO save the interface name and struct in the hashmap
+                            println!("Forcing next_event");
+                            reader.next_event()?;
+
+                            let peek = reader.peek()?;
+                            println!("Peeking after next event deserializing {:?}", peek);
+                            if let XmlEvent::EndElement { name } = peek {
+                                println!("Got two EndElement in a row, breaking out of loop");
+                                break 'inner_iface;
+                            }
+                        }
+                        println!("Peeking before deserializing {:?}", reader.peek()?);
+                        let interface = <Interface as yaserde::YaDeserialize>::deserialize(reader)?;
+                        println!("Interface deserialized {:?}", interface);
+                        println!("Peeking after deserializing {:?}", reader.peek()?);
+                    }
+                    println!(
+                        "Done with inner interface, loop completed {:?}",
+                        reader.peek()?
+                    );
+                }
+                xml::reader::XmlEvent::EndDocument => break,
+                _ => {
+                    return Err(
+                        "This Interfaces Deserializer does not support all XmlEvent types".into(),
+                    )
+                }
+            }
+            let peek = reader.peek()?;
+
+            let mut read_next = true;
+            if let XmlEvent::EndElement { name } = peek {
+                if name.local_name == "interfaces" {
+                    println!("Got endElement interfaces, not reading next event");
+                    break;
+                }
+            }
+
+            if read_next {
+                event = reader.next_event()?;
+            }
+            println!("Outer loop got event {:?}", event);
+            println!("Outer loop got peek {:?}", reader.peek()?);
+        }
+        println!("Done with interfaces {:?}", interfaces);
+        println!("reader peeking shows {:?}", reader.peek());
+
+        Ok(interfaces)
+    }
+}
diff --git a/harmony-rs/opnsense-config/src/modules/deserializer/mod.rs b/harmony-rs/opnsense-config/src/modules/deserializer/mod.rs
new file mode 100644
index 0000000..e358e80
--- /dev/null
+++ b/harmony-rs/opnsense-config/src/modules/deserializer/mod.rs
@@ -0,0 +1,3 @@
+
+mod interfaces;
+
diff --git a/harmony-rs/opnsense-config/src/modules/dhcp.rs b/harmony-rs/opnsense-config/src/modules/dhcp.rs
index 2bb7362..8d7172a 100644
--- a/harmony-rs/opnsense-config/src/modules/dhcp.rs
+++ b/harmony-rs/opnsense-config/src/modules/dhcp.rs
@@ -14,6 +14,10 @@ impl<'a> DhcpConfig<'a> {
             mac,
             ipaddr,
             hostname,
+            descr: Some("Automatically generated".into()),
+            winsserver: None,
+            dnsserver: None,
+            ntpserver: None,
         };
         self.opnsense.dhcpd.lan.staticmaps.push(static_map);
     }
diff --git a/harmony-rs/opnsense-config/src/modules/mod.rs b/harmony-rs/opnsense-config/src/modules/mod.rs
index d847dcb..0518c7f 100644
--- a/harmony-rs/opnsense-config/src/modules/mod.rs
+++ b/harmony-rs/opnsense-config/src/modules/mod.rs
@@ -1,2 +1,3 @@
 pub mod opnsense;
 pub mod dhcp;
+mod deserializer;
diff --git a/harmony-rs/opnsense-config/src/modules/opnsense.rs b/harmony-rs/opnsense-config/src/modules/opnsense.rs
index 2ca04c0..d7c2730 100644
--- a/harmony-rs/opnsense-config/src/modules/opnsense.rs
+++ b/harmony-rs/opnsense-config/src/modules/opnsense.rs
@@ -3,26 +3,142 @@ use yaserde_derive::{YaDeserialize, YaSerialize};
 #[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
 #[yaserde(rename = "opnsense")]
 pub struct OPNsense {
-    #[yaserde(rename = "dhcpd")]
     pub dhcpd: Dhcpd,
-    // Add other top-level elements as needed
+    pub theme: String,
+    pub sysctl: Sysctl,
+    pub system: System,
+    pub interfaces: Interfaces,
+    pub snmpd: Snmpd,
+    pub syslog: Syslog,
+    pub nat: Nat,
+    pub filter: Filters,
+    pub load_balancer: LoadBalancer,
+    pub ntpd: Ntpd,
+    pub widgets: Widgets,
+    pub revision: Revision,
+    #[yaserde(rename = "OPNsense")]
+    pub opnsense: OPNsenseConfig,
+    pub staticroutes: StaticRoutes,
+    pub ca: Option<String>,
+    pub gateways: Gateways,
+    pub cert: Cert,
+    pub dhcpdv6: DhcpDv6,
+    pub virtualip: VirtualIp,
+    pub openvpn: OpenVpn,
+    pub ppps: Ppps,
+    pub dyndnses: Dyndnses,
+    pub vlans: Vlans,
+    pub bridges: Bridges,
+    pub gifs: Gifs,
+    pub gres: Gres,
+    pub laggs: Laggs,
+    pub wireless: Wireless,
+    pub hasync: Hasync,
+    pub ifgroups: Ifgroups,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct LoadBalancer {
+    pub monitor_type: Vec<MonitorType>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct MonitorType {
+    pub name: String,
+    #[yaserde(rename = "type")]
+    pub r#type: String,
+    pub descr: String,
+    pub options: Option<Options>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Ntpd {
+    pub prefer: String,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Widgets {
+    pub sequence: String,
+    pub column_count: i32,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Revision {
+    pub username: String,
+    pub time: f64,
+    pub description: String,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Options {
+    pub path: Option<String>,
+    pub host: Option<String>,
+    pub code: Option<String>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Filters {
+    #[yaserde(rename = "rule")]
+    pub rules: Vec<Rule>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Rule {
+    #[yaserde(attribute)]
+    pub uuid: Option<String>,
+    #[yaserde(rename = "associated-rule-id")]
+    pub associated_rule_id: Option<String>,
+    #[yaserde(rename = "type")]
+    pub r#type: Option<String>,
+    pub interface: String,
+    pub ipprotocol: String,
+    pub statetype: String,
+    pub descr: String,
+    pub direction: Option<String>,
+    pub category: Option<String>,
+    pub quick: Option<String>,
+    pub protocol: String,
+    pub source: Source,
+    pub destination: Destination,
+    pub updated: Option<Updated>,
+    pub created: Created,
+    pub disabled: Option<u8>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Source {
+    pub any: Option<bool>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Destination {
+    pub network: Option<String>,
+    pub address: Option<String>,
+    pub port: Option<u16>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Username {
+    pub user: String,
+    pub host: String,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Sysctl {
+    pub item: SysctlItem,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct SysctlItem {
+    pub descr: String,
+    pub tunable: String,
+    pub value: String,
 }
 
 #[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
 pub struct Dhcpd {
     #[yaserde(rename = "lan")]
     pub lan: DhcpInterface,
-    // Add other interfaces as needed
-}
-
-#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
-pub struct DhcpInterface {
-    #[yaserde(rename = "enable")]
-    pub enable: bool,
-    #[yaserde(rename = "range")]
-    pub range: DhcpRange,
-    #[yaserde(rename = "staticmap")]
-    pub staticmaps: Vec<StaticMap>,
 }
 
 #[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
@@ -34,11 +150,1805 @@ pub struct DhcpRange {
 }
 
 #[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
-pub struct StaticMap {
-    #[yaserde(rename = "mac")]
-    pub mac: String,
-    #[yaserde(rename = "ipaddr")]
-    pub ipaddr: String,
-    #[yaserde(rename = "hostname")]
+pub struct System {
+    #[yaserde(rename = "use_mfs_tmp")]
+    pub use_mfs_tmp: Option<String>,
+    #[yaserde(rename = "use_mfs_var")]
+    pub use_mfs_var: Option<String>,
+    pub serialspeed: u32,
+    pub primaryconsole: String,
+    pub secondaryconsole: String,
+    pub optimization: String,
     pub hostname: String,
+    pub domain: String,
+    pub group: Vec<Group>,
+    pub user: Vec<User>,
+    pub nextuid: u32,
+    pub nextgid: u32,
+    pub timezone: String,
+    pub timeservers: String,
+    pub webgui: WebGui,
+    pub usevirtualterminal: bool,
+    pub disableconsolemenu: bool,
+    pub disablevlanhwfilter: bool,
+    pub disablechecksumoffloading: bool,
+    pub disablesegmentationoffloading: bool,
+    pub disablelargereceiveoffloading: bool,
+    pub ipv6allow: bool,
+    pub powerd_ac_mode: String,
+    pub powerd_battery_mode: String,
+    pub powerd_normal_mode: String,
+    pub bogons: Bogons,
+    pub crypto_hardware: String,
+    pub pf_share_forward: bool,
+    pub lb_use_sticky: bool,
+    pub kill_states: bool,
+    pub ssh: Ssh,
+    pub firmware: Firmware,
+    pub sudo_allow_wheel: bool,
+    pub sudo_allow_group: String,
+    pub enablenatreflectionhelper: String,
+    pub rulesetoptimization: String,
+    pub maximumstates: Option<String>,
+    pub maximumfrags: Option<String>,
+    pub aliasesresolveinterval: Option<String>,
+    pub maximumtableentries: Option<String>,
+    pub language: String,
+    pub dnsserver: Option<String>,
+    #[yaserde(rename = "dns1gw")]
+    pub dns1gw: String,
+    #[yaserde(rename = "dns2gw")]
+    pub dns2gw: String,
+    #[yaserde(rename = "dns3gw")]
+    pub dns3gw: String,
+    #[yaserde(rename = "dns4gw")]
+    pub dns4gw: String,
+    #[yaserde(rename = "dns5gw")]
+    pub dns5gw: String,
+    #[yaserde(rename = "dns6gw")]
+    pub dns6gw: String,
+    #[yaserde(rename = "dns7gw")]
+    pub dns7gw: String,
+    #[yaserde(rename = "dns8gw")]
+    pub dns8gw: String,
+    pub dnsallowoverride: bool,
+    pub dnsallowoverride_exclude: Option<String>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Ssh {
+    pub group: String,
+    pub noauto: bool,
+    pub interfaces: Option<String>,
+    pub kex: Option<String>,
+    pub ciphers: Option<String>,
+    pub macs: Option<String>,
+    pub keys: Option<String>,
+    pub enabled: String,
+    pub passwordauth: bool,
+    pub keysig: Option<String>,
+    pub permitrootlogin: bool,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Firmware {
+    #[yaserde(attribute)]
+    pub version: String,
+    pub mirror: Option<String>,
+    pub flavour: Option<String>,
+    pub plugins: String,
+    #[yaserde(rename = "type")]
+    pub firmware_type: Option<String>,
+    pub subscription: Option<String>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Bogons {
+    pub interval: String,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Group {
+    pub name: String,
+    pub description: String,
+    pub scope: String,
+    pub gid: u32,
+    pub member: Vec<u32>,
+    #[yaserde(rename = "priv")]
+    pub priv_: String,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct User {
+    pub name: String,
+    pub descr: Option<String>,
+    pub scope: String,
+    pub groupname: Option<String>,
+    pub password: String,
+    pub uid: u32,
+    pub expires: Option<String>,
+    pub authorizedkeys: Option<String>,
+    pub ipsecpsk: Option<String>,
+    pub otp_seed: Option<String>,
+    pub shell: Option<String>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct WebGui {
+    pub protocol: String,
+    #[yaserde(rename = "ssl-certref")]
+    pub ssl_certref: String,
+    pub port: Option<String>,
+    #[yaserde(rename = "ssl-ciphers")]
+    pub ssl_ciphers: Option<String>,
+    pub interfaces: Option<String>,
+
+    pub compression: Option<String>,
+}
+
+use std::collections::HashMap;
+
+#[derive(Default, PartialEq, Debug)]
+pub struct Interfaces {
+    pub interfaces: HashMap<String, Interface>,
+}
+
+#[derive(Default, PartialEq, Debug, YaDeserialize, YaSerialize)]
+pub struct Interface {
+    #[yaserde(rename = "if")]
+    pub physical_interface_name: String,
+    pub descr: String,
+    pub enable: u8,
+    #[yaserde(rename = "spoofmac")]
+    pub spoof_mac: Option<String>,
+    pub internal_dynamic: Option<u8>,
+    pub ipaddr: Option<String>,
+    #[yaserde(rename = "blockpriv")]
+    pub block_priv: Option<u8>,
+    #[yaserde(rename = "blockbogons")]
+    pub block_bogons: Option<u8>,
+    pub lock: Option<u8>,
+    #[yaserde(rename = "type")]
+    pub r#type: Option<String>,
+    #[yaserde(rename = "virtual")]
+    pub r#virtual: Option<String>,
+    pub subnet: Option<String>,
+    pub networks: Option<bool>,
+    pub subnetv6: Option<String>,
+    pub ipaddrv6: Option<String>,
+    #[yaserde(rename = "track6-interface")]
+    pub track6_interface: Option<String>,
+    #[yaserde(rename = "track6-prefix-id")]
+    pub track6_prefix_id: Option<String>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct DhcpInterface {
+    pub enable: i32,
+    pub gateway: String,
+    pub pool: Option<String>,
+    pub domain: String,
+    #[yaserde(rename = "ddnsdomainalgorithm")]
+    pub ddns_domain_algorithm: String,
+    #[yaserde(rename = "numberoptions")]
+    pub number_options: Vec<NumberOption>,
+    #[yaserde(rename = "range")]
+    pub range: Range,
+    pub winsserver: Option<String>,
+    pub dnsserver: String,
+    pub ntpserver: Option<String>,
+    #[yaserde(rename = "staticmap")]
+    pub staticmaps: Vec<StaticMap>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct NumberOption {
+    item: Option<String>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Range {
+    #[yaserde(rename = "from")]
+    pub from: String,
+    #[yaserde(rename = "to")]
+    pub to: String,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct StaticMap {
+    pub mac: String,
+    pub ipaddr: String,
+    pub hostname: String,
+    pub descr: Option<String>,
+    pub winsserver: Option<String>,
+    pub dnsserver: Option<String>,
+    pub ntpserver: Option<String>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Snmpd {
+    pub syslocation: Option<String>,
+    pub syscontact: Option<String>,
+    pub rocommunity: String,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Syslog {
+    pub reverse: Option<bool>,
+    pub preservelogs: i32,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Nat {
+    #[yaserde(rename = "outbound")]
+    pub outbound: Outbound,
+    #[yaserde(rename = "rule")]
+    pub rules: Vec<NatRule>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Outbound {
+    pub mode: String,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct NatRule {
+    pub protocol: String,
+    pub interface: String,
+    pub category: Option<String>,
+    pub ipprotocol: String,
+    pub descr: Option<String>,
+    pub tag: Option<String>,
+    pub tagged: Option<bool>,
+    pub poolopts: PoolOpts,
+    #[yaserde(rename = "associated-rule-id")]
+    pub associated_rule_id: String,
+    pub target: String,
+    #[yaserde(rename = "local-port")]
+    pub local_port: i32,
+    pub source: Source,
+    pub destination: Destination,
+    pub updated: Updated,
+    pub created: Created,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct PoolOpts {
+    // No specific fields for this element, can be added as needed
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Updated {
+    pub username: String,
+    pub time: f64,
+    pub description: Option<String>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Created {
+    pub username: String,
+    pub time: f64,
+    pub description: Option<String>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+#[yaserde(rename = "OPNsense")]
+pub struct OPNsenseConfig {
+    pub captiveportal: Option<CaptivePortal>,
+    pub cron: Option<Cron>,
+    #[yaserde(rename = "Netflow")]
+    pub netflow: Option<Netflow>,
+    #[yaserde(rename = "Firewall")]
+    pub firewall: Option<Firewall>,
+    #[yaserde(rename = "IDS")]
+    pub ids: Option<IDS>,
+    #[yaserde(rename = "IPsec")]
+    pub ipsec: Option<IPsec>,
+    #[yaserde(rename = "Interfaces")]
+    pub interfaces: Option<ConfigInterfaces>,
+    pub monit: Option<Monit>,
+    #[yaserde(rename = "OpenVPNExport")]
+    pub openvpn_export: Option<OpenVPNExport>,
+    pub proxy: Option<Proxy>,
+    #[yaserde(rename = "Syslog")]
+    pub syslog: Option<ConfigSyslog>,
+    #[yaserde(rename = "TrafficShaper")]
+    pub traffic_shaper: Option<TrafficShaper>,
+    pub unboundplus: Option<UnboundPlus>,
+    pub wireguard: Option<Wireguard>,
+    #[yaserde(rename = "Swanctl")]
+    pub swanctl: Swanctl,
+    #[yaserde(rename = "DynDNS")]
+    pub dyndns: DynDNS,
+    #[yaserde(rename = "OpenVPN")]
+    pub openvpn: ConfigOpenVPN,
+    #[yaserde(rename = "Gateways")]
+    pub gateways: ConfigGateways,
+    #[yaserde(rename = "HAProxy")]
+    pub haproxy: HAProxy,
+}
+
+#[derive(Debug, YaSerialize, YaDeserialize, PartialEq)]
+#[yaserde(rename = "IDS")]
+struct IDS {
+    #[yaserde(attribute)]
+    version: String,
+    rules: Option<String>,
+    policies: Option<String>,
+    #[yaserde(rename = "userDefinedRules")]
+    user_defined_rules: Option<String>,
+    files: Option<String>,
+    #[yaserde(rename = "fileTags")]
+    file_tags: Option<String>,
+    general: IDSGeneral,
+}
+
+#[derive(Debug, YaSerialize, YaDeserialize, PartialEq)]
+pub struct IDSGeneral {
+    enabled: Option<u8>,
+    ips: Option<u8>,
+    promisc: Option<u8>,
+    interfaces: String,
+    homenet: String,
+    defaultPacketSize: Option<String>,
+    UpdateCron: Option<String>,
+    AlertLogrotate: String,
+    AlertSaveLogs: u8,
+    MPMAlgo: String,
+    detect: Detect,
+    syslog: Option<u8>,
+    syslog_eve: Option<u8>,
+    LogPayload: Option<u8>,
+    verbosity: Option<String>,
+}
+
+#[derive(Debug, YaSerialize, YaDeserialize, PartialEq)]
+pub struct Detect {
+    Profile: String,
+    toclient_groups: Option<String>,
+    toserver_groups: Option<String>,
+}
+
+#[derive(Debug, YaSerialize, YaDeserialize, PartialEq)]
+#[yaserde(rename = "IPsec")]
+pub struct IPsec {
+    #[yaserde(attribute)]
+    version: String,
+    general: GeneralIpsec,
+    keyPairs: Option<String>,
+    preSharedKeys: Option<String>,
+}
+
+#[derive(Debug, YaSerialize, YaDeserialize, PartialEq)]
+pub struct GeneralIpsec {
+    enabled: Option<String>,
+}
+
+#[derive(Debug, YaSerialize, YaDeserialize, PartialEq)]
+#[yaserde(rename = "Interfaces")]
+pub struct ConfigInterfaces {
+    vxlans: Vxlan,
+    loopbacks: Loopback,
+}
+
+#[derive(Debug, YaSerialize, YaDeserialize, PartialEq)]
+struct Vxlan {
+    #[yaserde(attribute)]
+    version: String,
+}
+
+#[derive(Debug, YaSerialize, YaDeserialize, PartialEq)]
+struct Loopback {
+    #[yaserde(attribute)]
+    version: String,
+}
+
+#[derive(Debug, YaSerialize, YaDeserialize, PartialEq)]
+#[yaserde(rename = "monit")]
+struct Monit {
+    #[yaserde(attribute)]
+    version: String,
+    general: GeneralMonit,
+    alert: Option<Alert>,
+    service: Option<Service>,
+    test: Option<Test>,
+}
+
+#[derive(Debug, YaSerialize, YaDeserialize, PartialEq)]
+struct GeneralMonit {
+    enabled: u8,
+    interval: u32,
+    startdelay: u32,
+    mailserver: String,
+    port: u16,
+    username: Option<String>,
+    password: Option<String>,
+    ssl: u8,
+    sslversion: String,
+    sslverify: u8,
+    logfile: String,
+    statefile: Option<String>,
+    eventqueuePath: Option<String>,
+    eventqueueSlots: Option<String>,
+    httpdEnabled: u8,
+    httpdUsername: String,
+    httpdPassword: String,
+    httpdPort: u16,
+    httpdAllow: Option<String>,
+    mmonitUrl: Option<String>,
+    mmonitTimeout: u32,
+    mmonitRegisterCredentials: u8,
+}
+
+#[derive(Debug, YaSerialize, YaDeserialize, PartialEq)]
+struct Alert {
+    #[yaserde(attribute)]
+    uuid: String,
+    enabled: u8,
+    recipient: String,
+    noton: u8,
+    events: Option<String>,
+    format: Option<String>,
+    reminder: u32,
+    description: Option<String>,
+}
+
+#[derive(Debug, YaSerialize, YaDeserialize, PartialEq)]
+struct Service {
+    #[yaserde(attribute)]
+    uuid: String,
+    enabled: u8,
+    name: String,
+    description: Option<String>,
+    #[yaserde(rename = "type")]
+    r#type: String,
+    pidfile: Option<String>,
+    #[yaserde(rename = "match")]
+    r#match: Option<String>,
+    path: Option<String>,
+    timeout: u32,
+    starttimeout: u32,
+    address: Option<String>,
+    interface: Option<String>,
+    start: Option<String>,
+    stop: Option<String>,
+    tests: String,
+    depends: Option<String>,
+    polltime: Option<String>,
+}
+
+#[derive(Debug, YaSerialize, YaDeserialize, PartialEq)]
+struct Test {
+    #[yaserde(attribute)]
+    uuid: String,
+    name: String,
+    #[yaserde(rename = "type")]
+    r#type: String,
+    condition: String,
+    action: String,
+    path: Option<String>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct CaptivePortal {
+    #[yaserde(attribute)]
+    pub version: String,
+    #[yaserde(rename = "zones")]
+    pub zones: Option<Zones>,
+    #[yaserde(rename = "templates")]
+    pub templates: Option<Templates>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Cron {
+    #[yaserde(attribute)]
+    pub version: String,
+    #[yaserde(rename = "jobs")]
+    pub jobs: Option<Jobs>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Netflow {
+    #[yaserde(attribute)]
+    pub version: String,
+    #[yaserde(rename = "capture")]
+    pub capture: Option<Capture>,
+    #[yaserde(rename = "collect")]
+    pub collect: Option<Collect>,
+    #[yaserde(rename = "activeTimeout")]
+    pub active_timeout: Option<u64>,
+    #[yaserde(rename = "inactiveTimeout")]
+    pub inactive_timeout: Option<u64>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Capture {
+    #[yaserde(rename = "interfaces")]
+    pub interfaces: Option<String>,
+    #[yaserde(rename = "egress_only")]
+    pub egress_only: Option<bool>,
+    #[yaserde(rename = "version")]
+    pub version: Option<String>,
+    #[yaserde(rename = "targets")]
+    pub targets: Option<Targets>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Collect {
+    #[yaserde(rename = "enable")]
+    pub enable: Option<u8>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Zones {
+    // Define fields for Zones, e.g.:
+    #[yaserde(rename = "zone")]
+    pub zones: Vec<Zone>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Zone {
+    #[yaserde(attribute)]
+    pub uuid: Option<String>,
+    #[yaserde(rename = "name")]
+    pub name: Option<String>,
+    // Add other fields as needed
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Templates {
+    // Define fields for Templates, e.g.:
+    #[yaserde(rename = "template")]
+    pub templates: Vec<Template>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Template {
+    #[yaserde(attribute)]
+    pub uuid: Option<String>,
+    #[yaserde(rename = "name")]
+    pub name: Option<String>,
+    // Add other fields as needed
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Jobs {
+    // Define fields for Jobs, e.g.:
+    #[yaserde(rename = "job")]
+    pub jobs: Vec<Job>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Job {
+    #[yaserde(attribute)]
+    pub uuid: Option<String>,
+    #[yaserde(rename = "name")]
+    pub name: Option<String>,
+    // Add other fields as needed
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Targets {
+    // Define fields for Targets, e.g.:
+    #[yaserde(rename = "target")]
+    pub targets: Vec<Target>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Target {
+    #[yaserde(attribute)]
+    pub uuid: Option<String>,
+    #[yaserde(rename = "name")]
+    pub name: Option<String>,
+    // Add other fields as needed
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Firewall {
+    #[yaserde(rename = "Lvtemplate")]
+    pub lv_template: Option<LvTemplate>,
+    #[yaserde(rename = "Category")]
+    pub category: Option<Category>,
+    #[yaserde(rename = "Alias")]
+    pub alias: Option<Alias>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct LvTemplate {
+    #[yaserde(attribute)]
+    pub version: Option<String>,
+    #[yaserde(rename = "templates")]
+    pub templates: Option<Templates>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Category {
+    #[yaserde(attribute)]
+    pub version: Option<String>,
+    #[yaserde(rename = "categories")]
+    pub categories: Option<Categories>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Categories {
+    #[yaserde(rename = "category")]
+    pub categories: Vec<CategoryItem>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct CategoryItem {
+    #[yaserde(attribute)]
+    pub uuid: Option<String>,
+    #[yaserde(rename = "name")]
+    pub name: Option<String>,
+    #[yaserde(rename = "auto")]
+    pub auto: Option<u8>,
+    #[yaserde(rename = "color")]
+    pub color: Option<String>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Alias {
+    #[yaserde(attribute)]
+    pub version: Option<String>,
+    #[yaserde(rename = "geoip")]
+    pub geoip: Option<GeoIP>,
+    #[yaserde(rename = "aliases")]
+    pub aliases: Option<Aliases>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct GeoIP {
+    #[yaserde(rename = "url")]
+    pub url: Option<String>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Aliases {
+    #[yaserde(rename = "alias")]
+    pub aliases: Vec<AliasItem>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct AliasItem {
+    #[yaserde(attribute)]
+    pub uuid: String,
+    pub enabled: String,
+    pub name: String,
+    #[yaserde(rename = "type")]
+    pub r#type: String,
+    pub interface: Option<String>,
+    pub counters: String,
+    pub updatefreq: Option<String>,
+    pub content: String,
+    pub categories: Option<String>,
+    pub description: Option<String>,
+    pub proto: Option<String>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct OpenVPNExport {
+    #[yaserde(attribute)]
+    pub version: String,
+    pub servers: Option<Servers>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Servers {}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+#[yaserde(rename = "proxy")]
+pub struct Proxy {
+    #[yaserde(attribute)]
+    pub version: String,
+    pub general: ConfigGeneral,
+    pub forward: Forward,
+    pub pac: Option<Pac>,
+    #[yaserde(rename = "error_pages")]
+    pub error_pages: ErrorPages,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct ConfigGeneral {
+    pub enabled: i32,
+    #[yaserde(rename = "error_pages")]
+    pub error_pages: String,
+    pub icpPort: Option<String>,
+    pub logging: Logging,
+    pub alternateDNSservers: Option<String>,
+    pub dnsV4First: i32,
+    pub forwardedForHandling: String,
+    pub uriWhitespaceHandling: String,
+    pub enablePinger: i32,
+    pub useViaHeader: i32,
+    pub suppressVersion: i32,
+    pub connecttimeout: Option<String>,
+    #[yaserde(rename = "VisibleEmail")]
+    pub visible_email: String,
+    #[yaserde(rename = "VisibleHostname")]
+    pub visible_hostname: Option<String>,
+    pub cache: Cache,
+    pub traffic: Traffic,
+    pub parentproxy: ParentProxy,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Logging {
+    pub enable: Enable,
+    pub ignoreLogACL: Option<String>,
+    pub target: Option<String>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Enable {
+    pub accessLog: i32,
+    pub storeLog: i32,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Cache {
+    pub local: LocalCache,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct LocalCache {
+    pub enabled: i32,
+    pub directory: String,
+    pub cache_mem: i32,
+    pub maximum_object_size: Option<String>,
+    pub maximum_object_size_in_memory: Option<String>,
+    pub memory_cache_mode: String,
+    pub size: i32,
+    pub l1: i32,
+    pub l2: i32,
+    pub cache_linux_packages: i32,
+    pub cache_windows_updates: i32,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Traffic {
+    pub enabled: i32,
+    pub maxDownloadSize: i32,
+    pub maxUploadSize: i32,
+    pub OverallBandwidthTrotteling: i32,
+    pub perHostTrotteling: i32,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct ParentProxy {
+    pub enabled: i32,
+    pub host: Option<String>,
+    pub enableauth: i32,
+    pub user: Option<String>,
+    pub password: Option<String>,
+    pub port: Option<String>,
+    pub localdomains: Option<String>,
+    pub localips: Option<String>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Forward {
+    pub interfaces: String,
+    pub port: i32,
+    pub sslbumpport: i32,
+    pub sslbump: i32,
+    pub sslurlonly: i32,
+    pub sslcertificate: Option<String>,
+    pub sslnobumpsites: Option<String>,
+    pub ssl_crtd_storage_max_size: i32,
+    pub sslcrtd_children: i32,
+    pub snmp_enable: i32,
+    pub snmp_port: i32,
+    pub snmp_password: String,
+    pub ftpInterfaces: Option<String>,
+    pub ftpPort: i32,
+    pub ftpTransparentMode: i32,
+    pub addACLforInterfaceSubnets: i32,
+    pub transparentMode: i32,
+    pub acl: Acl,
+    pub icap: Icap,
+    pub authentication: Authentication,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Acl {
+    pub allowedSubnets: Option<String>,
+    pub unrestricted: Option<String>,
+    pub bannedHosts: Option<String>,
+    pub whiteList: Option<String>,
+    pub blackList: Option<String>,
+    pub browser: Option<String>,
+    pub mimeType: Option<String>,
+    pub googleapps: Option<String>,
+    pub youtube: Option<String>,
+    pub safePorts: String,
+    pub sslPorts: String,
+    pub remoteACLs: RemoteAcls,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct RemoteAcls {
+    pub blacklists: Option<String>,
+    pub UpdateCron: Option<String>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Icap {
+    pub enable: i32,
+    pub RequestURL: String,
+    pub ResponseURL: String,
+    pub SendClientIP: i32,
+    pub SendUsername: i32,
+    pub EncodeUsername: i32,
+    pub UsernameHeader: String,
+    pub EnablePreview: i32,
+    pub PreviewSize: i32,
+    pub OptionsTTL: i32,
+    pub exclude: Option<String>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Authentication {
+    pub method: Option<String>,
+    pub authEnforceGroup: Option<String>,
+    pub realm: String,
+    pub credentialsttl: i32,
+    pub children: i32,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Pac {}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct ErrorPages {
+    pub template: Option<String>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct ConfigSyslog {
+    #[yaserde(attribute)]
+    pub version: String,
+    pub general: SyslogGeneral,
+    pub destinations: Option<String>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct SyslogGeneral {
+    pub enabled: i32,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+#[yaserde(rename = "TrafficShaper")]
+pub struct TrafficShaper {
+    #[yaserde(attribute)]
+    pub version: String,
+    pub pipes: Option<String>,
+    pub queues: Option<String>,
+    pub rules: Option<String>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct UnboundPlus {
+    #[yaserde(attribute)]
+    pub version: String,
+    pub general: UnboundGeneral,
+    pub advanced: Advanced,
+    pub acls: Acls,
+    pub dnsbl: Dnsbl,
+    pub forwarding: Forwarding,
+    pub dots: Option<String>,
+    pub hosts: Hosts,
+    pub aliases: Option<String>,
+    pub domains: Option<String>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct UnboundGeneral {
+    pub enabled: i32,
+    pub port: i32,
+    pub stats: Option<String>,
+    pub active_interface: Option<String>,
+    pub dnssec: Option<String>,
+    pub dns64: Option<String>,
+    pub dns64prefix: Option<String>,
+    pub noarecords: Option<String>,
+    pub regdhcp: i32,
+    pub regdhcpdomain: Option<String>,
+    pub regdhcpstatic: i32,
+    pub noreglladdr6: Option<String>,
+    pub noregrecords: Option<String>,
+    pub txtsupport: Option<String>,
+    pub cacheflush: Option<String>,
+    pub local_zone_type: String,
+    pub outgoing_interface: Option<String>,
+    pub enable_wpad: Option<String>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Advanced {
+    pub hideidentity: i32,
+    pub hideversion: i32,
+    pub prefetch: i32,
+    pub prefetchkey: i32,
+    pub dnssecstripped: i32,
+    pub serveexpired: i32,
+    pub serveexpiredreplyttl: Option<String>,
+    pub serveexpiredttl: Option<String>,
+    pub serveexpiredttlreset: i32,
+    pub serveexpiredclienttimeout: Option<String>,
+    pub qnameminstrict: i32,
+    pub extendedstatistics: i32,
+    pub logqueries: i32,
+    pub logreplies: i32,
+    pub logtagqueryreply: i32,
+    pub logservfail: Option<String>,
+    pub loglocalactions: Option<String>,
+    pub logverbosity: i32,
+    pub valloglevel: i32,
+    pub privatedomain: Option<String>,
+    pub privateaddress: Option<String>,
+    pub insecuredomain: Option<String>,
+    pub msgcachesize: Option<String>,
+    pub rrsetcachesize: Option<String>,
+    pub outgoingnumtcp: Option<String>,
+    pub incomingnumtcp: Option<String>,
+    pub numqueriesperthread: Option<String>,
+    pub outgoingrange: Option<String>,
+    pub jostletimeout: Option<String>,
+    pub cachemaxttl: Option<String>,
+    pub cachemaxnegativettl: Option<String>,
+    pub cacheminttl: Option<String>,
+    pub infrahostttl: Option<String>,
+    pub infrakeepprobing: Option<String>,
+    pub infracachenumhosts: Option<String>,
+    pub unwantedreplythreshold: Option<String>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Acls {
+    #[yaserde(rename = "default_action")]
+    pub default_action: String,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Dnsbl {
+    pub enabled: i32,
+    pub safesearch: Option<String>,
+    #[yaserde(rename = "type")]
+    pub r#type: Option<String>,
+    pub lists: Option<String>,
+    pub whitelists: Option<String>,
+    pub blocklists: Option<String>,
+    pub wildcards: Option<String>,
+    pub address: Option<String>,
+    pub nxdomain: i32,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Forwarding {
+    pub enabled: i32,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Hosts {
+    #[yaserde(rename = "host")]
+    pub hosts: Vec<Host>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Host {
+    #[yaserde(attribute)]
+    pub uuid: String,
+    pub enabled: i32,
+    pub hostname: String,
+    pub domain: String,
+    pub rr: String,
+    pub mxprio: Option<String>,
+    pub mx: Option<String>,
+    pub server: String,
+    pub description: String,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Wireguard {
+    pub general: WireguardGeneral,
+    pub server: WireguardServer,
+    pub client: WireguardClient,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct WireguardGeneral {
+    #[yaserde(attribute)]
+    pub version: String,
+    pub enabled: i32,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct WireguardServer {
+    #[yaserde(attribute)]
+    pub version: String,
+    pub servers: WireguardServerList,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct WireguardServerList {
+    pub server: Vec<WireguardServerItem>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct WireguardServerItem {
+    #[yaserde(attribute)]
+    pub uuid: String,
+    pub enabled: i32,
+    pub name: String,
+    pub instance: i32,
+    pub pubkey: String,
+    pub privkey: String,
+    pub port: i32,
+    pub mtu: Option<String>,
+    pub dns: Option<String>,
+    pub tunneladdress: String,
+    pub disableroutes: i32,
+    pub gateway: Option<String>,
+    pub carp_depend_on: Option<String>,
+    pub peers: String,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct WireguardClient {
+    #[yaserde(attribute)]
+    pub version: String,
+    pub clients: WireguardClientList,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct WireguardClientList {
+    pub client: Vec<WireguardClientItem>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct WireguardClientItem {
+    #[yaserde(attribute)]
+    pub uuid: String,
+    pub enabled: i32,
+    pub name: String,
+    pub pubkey: String,
+    pub psk: Option<String>,
+    pub tunneladdress: String,
+    pub serveraddress: Option<String>,
+    pub serverport: Option<String>,
+    pub keepalive: Option<String>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Swanctl {
+    #[yaserde(attribute)]
+    pub version: String,
+    #[yaserde(rename = "Connections")]
+    pub connections: Option<String>,
+    pub locals: Option<String>,
+    pub remotes: Option<String>,
+    pub children: Option<String>,
+    #[yaserde(rename = "Pools")]
+    pub pools: Option<String>,
+    #[yaserde(rename = "VTIs")]
+    pub vtis: Option<String>,
+    #[yaserde(rename = "SPDs")]
+    pub spds: Option<String>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+#[yaserde(rename = "DynDNS")]
+pub struct DynDNS {
+    #[yaserde(attribute)]
+    pub version: String,
+    pub general: DynDNSGeneral,
+    pub accounts: Accounts,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct DynDNSGeneral {
+    pub enabled: i32,
+    pub verbose: i32,
+    pub allowipv6: i32,
+    pub daemon_delay: i32,
+    pub backend: String,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Accounts {
+    #[yaserde(rename = "account")]
+    pub account: Account,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Account {
+    #[yaserde(attribute)]
+    pub uuid: String,
+    pub enabled: i32,
+    pub service: String,
+    pub protocol: Option<String>,
+    pub server: Option<String>,
+    pub username: String,
+    pub password: String,
+    #[yaserde(rename = "resourceId")]
+    pub resource_id: Option<String>,
+    pub hostnames: String,
+    pub wildcard: i32,
+    pub zone: Option<String>,
+    pub checkip: String,
+    #[yaserde(rename = "checkip_timeout")]
+    pub checkip_timeout: i32,
+    #[yaserde(rename = "force_ssl")]
+    pub force_ssl: i32,
+    pub ttl: i32,
+    pub interface: String,
+    pub description: String,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct ConfigOpenVPN {
+    #[yaserde(attribute)]
+    pub version: String,
+    pub Overwrites: Option<String>,
+    pub Instances: Option<String>,
+    pub StaticKeys: Option<String>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct ConfigGateways {
+    #[yaserde(attribute)]
+    pub version: String,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+#[yaserde(rename = "HAProxy")]
+pub struct HAProxy {
+    #[yaserde(attribute)]
+    pub version: String,
+    pub general: HaProxyGeneral,
+    pub frontends: HAProxyFrontends,
+    pub backends: HAProxyBackends,
+    pub servers: HAProxyServers,
+    pub healthchecks: HAProxyHealthChecks,
+    pub acls: Option<String>,
+    pub actions: Option<String>,
+    pub luas: Option<String>,
+    pub fcgis: Option<String>,
+    pub errorfiles: Option<String>,
+    pub mapfiles: Option<String>,
+    pub groups: Option<String>,
+    pub users: Option<String>,
+    pub cpus: Option<String>,
+    pub resolvers: Option<String>,
+    pub mailers: Option<String>,
+    pub maintenance: Maintenance,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Maintenance {
+    #[yaserde(rename = "cronjobs")]
+    pub cronjobs: CronJobs,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct CronJobs {
+    #[yaserde(rename = "syncCerts")]
+    pub sync_certs: u32,
+    #[yaserde(rename = "syncCertsCron")]
+    pub sync_certs_cron: Option<String>,
+    #[yaserde(rename = "updateOcsp")]
+    pub update_ocsp: u32,
+    #[yaserde(rename = "updateOcspCron")]
+    pub update_ocsp_cron: Option<String>,
+    #[yaserde(rename = "reloadService")]
+    pub reload_service: u32,
+    #[yaserde(rename = "reloadServiceCron")]
+    pub reload_service_cron: Option<String>,
+    #[yaserde(rename = "restartService")]
+    pub restart_service: u32,
+    #[yaserde(rename = "restartServiceCron")]
+    pub restart_service_cron: Option<String>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct HaProxyGeneral {
+    pub enabled: i32,
+    pub gracefulStop: i32,
+    pub hardStopAfter: String,
+    pub closeSpreadTime: Option<String>,
+    pub seamlessReload: i32,
+    pub storeOcsp: i32,
+    pub showIntro: i32,
+    pub peers: Peers,
+    pub tuning: Tuning,
+    pub defaults: HaProxyDefaults,
+    pub logging: HaProxyLogging,
+    pub stats: Stats,
+    pub cache: HaProxyCache,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Peers {
+    pub enabled: i32,
+    pub name1: Option<String>,
+    pub listen1: Option<String>,
+    pub port1: i32,
+    pub name2: Option<String>,
+    pub listen2: Option<String>,
+    pub port2: i32,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Tuning {
+    pub root: i32,
+    pub maxConnections: Option<String>,
+    pub nbthread: i32,
+    pub sslServerVerify: String,
+    pub maxDHSize: i32,
+    pub bufferSize: i32,
+    pub spreadChecks: i32,
+    pub bogusProxyEnabled: i32,
+    pub luaMaxMem: i32,
+    pub customOptions: Option<String>,
+    #[yaserde(rename = "ssl_defaultsEnabled")]
+    pub ssl_defaults_enabled: i32,
+    pub ssl_bindOptions: String,
+    pub ssl_minVersion: String,
+    pub ssl_maxVersion: Option<String>,
+    pub ssl_cipherList: String,
+    pub ssl_cipherSuites: String,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct HaProxyDefaults {
+    pub maxConnections: Option<String>,
+    pub maxConnectionsServers: Option<String>,
+    pub timeoutClient: String,
+    pub timeoutConnect: String,
+    pub timeoutCheck: Option<String>,
+    pub timeoutServer: String,
+    pub retries: i32,
+    pub redispatch: String,
+    pub init_addr: String,
+    pub customOptions: Option<String>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct HaProxyLogging {
+    pub host: String,
+    pub facility: String,
+    pub level: String,
+    pub length: Option<String>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Stats {
+    pub enabled: i32,
+    pub port: i32,
+    pub remoteEnabled: i32,
+    pub remoteBind: Option<String>,
+    pub authEnabled: i32,
+    pub users: Option<String>,
+    pub allowedUsers: Option<String>,
+    pub allowedGroups: Option<String>,
+    pub customOptions: Option<String>,
+    pub prometheus_enabled: i32,
+    pub prometheus_bind: String,
+    pub prometheus_path: String,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct HaProxyCache {
+    pub enabled: i32,
+    pub totalMaxSize: i32,
+    pub maxAge: i32,
+    pub maxObjectSize: Option<String>,
+    pub processVary: i32,
+    pub maxSecondaryEntries: i32,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct HAProxyFrontends {
+    #[yaserde(rename = "frontend")]
+    pub frontend: Vec<Frontend>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Frontend {
+    #[yaserde(attribute)]
+    pub uuid: String,
+    pub id: String,
+    pub enabled: i32,
+    pub name: String,
+    pub description: String,
+    pub bind: String,
+    pub bindOptions: Option<String>,
+    pub mode: String,
+    pub defaultBackend: String,
+    pub ssl_enabled: i32,
+    pub ssl_certificates: Option<String>,
+    pub ssl_default_certificate: Option<String>,
+    pub ssl_customOptions: Option<String>,
+    pub ssl_advancedEnabled: i32,
+    pub ssl_bindOptions: String,
+    pub ssl_minVersion: String,
+    pub ssl_maxVersion: Option<String>,
+    pub ssl_cipherList: String,
+    pub ssl_cipherSuites: String,
+    pub ssl_hstsEnabled: i32,
+    pub ssl_hstsIncludeSubDomains: i32,
+    pub ssl_hstsPreload: i32,
+    pub ssl_hstsMaxAge: i32,
+    pub ssl_clientAuthEnabled: i32,
+    pub ssl_clientAuthVerify: String,
+    pub ssl_clientAuthCAs: Option<String>,
+    pub ssl_clientAuthCRLs: Option<String>,
+    pub basicAuthEnabled: i32,
+    pub basicAuthUsers: Option<String>,
+    pub basicAuthGroups: Option<String>,
+    pub tuning_maxConnections: Option<String>,
+    pub tuning_timeoutClient: Option<String>,
+    pub tuning_timeoutHttpReq: Option<String>,
+    pub tuning_timeoutHttpKeepAlive: Option<String>,
+    pub linkedCpuAffinityRules: Option<String>,
+    pub tuning_shards: Option<String>,
+    pub logging_dontLogNull: i32,
+    pub logging_dontLogNormal: i32,
+    pub logging_logSeparateErrors: i32,
+    pub logging_detailedLog: i32,
+    pub logging_socketStats: i32,
+    pub stickiness_pattern: Option<String>,
+    pub stickiness_dataTypes: Option<String>,
+    pub stickiness_expire: String,
+    pub stickiness_size: String,
+    pub stickiness_counter: i32,
+    pub stickiness_counter_key: String,
+    pub stickiness_length: Option<String>,
+    pub stickiness_connRatePeriod: String,
+    pub stickiness_sessRatePeriod: String,
+    pub stickiness_httpReqRatePeriod: String,
+    pub stickiness_httpErrRatePeriod: String,
+    pub stickiness_bytesInRatePeriod: String,
+    pub stickiness_bytesOutRatePeriod: String,
+    pub http2Enabled: i32,
+    pub http2Enabled_nontls: i32,
+    pub advertised_protocols: String,
+    pub forwardFor: i32,
+    pub prometheus_enabled: i32,
+    pub prometheus_path: String,
+    pub connectionBehaviour: String,
+    pub customOptions: Option<String>,
+    pub linkedActions: Option<String>,
+    pub linkedErrorfiles: Option<String>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct HAProxyBackends {
+    #[yaserde(rename = "backend")]
+    pub backends: Vec<Backend>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Backend {
+    #[yaserde(attribute, rename = "uuid")]
+    pub uuid: String,
+    #[yaserde(rename = "id")]
+    pub id: String,
+    #[yaserde(rename = "enabled")]
+    pub enabled: bool,
+    #[yaserde(rename = "name")]
+    pub name: String,
+    #[yaserde(rename = "description")]
+    pub description: Option<String>,
+    #[yaserde(rename = "mode")]
+    pub mode: String,
+    #[yaserde(rename = "algorithm")]
+    pub algorithm: String,
+    #[yaserde(rename = "random_draws")]
+    pub random_draws: Option<u32>,
+    #[yaserde(rename = "proxyProtocol")]
+    pub proxy_protocol: Option<String>,
+    #[yaserde(rename = "linkedServers")]
+    pub linked_servers: Option<String>,
+    #[yaserde(rename = "linkedFcgi")]
+    pub linked_fcgi: Option<String>,
+    #[yaserde(rename = "linkedResolver")]
+    pub linked_resolver: Option<String>,
+    #[yaserde(rename = "resolverOpts")]
+    pub resolver_opts: Option<String>,
+    #[yaserde(rename = "resolvePrefer")]
+    pub resolve_prefer: Option<String>,
+    #[yaserde(rename = "source")]
+    pub source: Option<String>,
+    #[yaserde(rename = "healthCheckEnabled")]
+    pub health_check_enabled: bool,
+    #[yaserde(rename = "healthCheck")]
+    pub health_check: Option<String>,
+    #[yaserde(rename = "healthCheckLogStatus")]
+    pub health_check_log_status: bool,
+    #[yaserde(rename = "checkInterval")]
+    pub check_interval: Option<String>,
+    #[yaserde(rename = "checkDownInterval")]
+    pub check_down_interval: Option<String>,
+    #[yaserde(rename = "healthCheckFall")]
+    pub health_check_fall: Option<String>,
+    #[yaserde(rename = "healthCheckRise")]
+    pub health_check_rise: Option<String>,
+    #[yaserde(rename = "linkedMailer")]
+    pub linked_mailer: Option<String>,
+    #[yaserde(rename = "http2Enabled")]
+    pub http2_enabled: bool,
+    #[yaserde(rename = "http2Enabled_nontls")]
+    pub http2_enabled_nontls: bool,
+    #[yaserde(rename = "ba_advertised_protocols")]
+    pub ba_advertised_protocols: String,
+    #[yaserde(rename = "persistence")]
+    pub persistence: String,
+    #[yaserde(rename = "persistence_cookiemode")]
+    pub persistence_cookiemode: String,
+    #[yaserde(rename = "persistence_cookiename")]
+    pub persistence_cookiename: Option<String>,
+    #[yaserde(rename = "persistence_stripquotes")]
+    pub persistence_stripquotes: bool,
+    #[yaserde(rename = "stickiness_pattern")]
+    pub stickiness_pattern: String,
+    #[yaserde(rename = "stickiness_dataTypes")]
+    pub stickiness_data_types: Option<String>,
+    #[yaserde(rename = "stickiness_expire")]
+    pub stickiness_expire: String,
+    #[yaserde(rename = "stickiness_size")]
+    pub stickiness_size: String,
+    #[yaserde(rename = "stickiness_cookiename")]
+    pub stickiness_cookiename: Option<String>,
+    #[yaserde(rename = "stickiness_cookielength")]
+    pub stickiness_cookielength: Option<String>,
+    #[yaserde(rename = "stickiness_connRatePeriod")]
+    pub stickiness_conn_rate_period: String,
+    #[yaserde(rename = "stickiness_sessRatePeriod")]
+    pub stickiness_sess_rate_period: String,
+    #[yaserde(rename = "stickiness_httpReqRatePeriod")]
+    pub stickiness_http_req_rate_period: String,
+    #[yaserde(rename = "stickiness_httpErrRatePeriod")]
+    pub stickiness_http_err_rate_period: String,
+    #[yaserde(rename = "stickiness_bytesInRatePeriod")]
+    pub stickiness_bytes_in_rate_period: String,
+    #[yaserde(rename = "stickiness_bytesOutRatePeriod")]
+    pub stickiness_bytes_out_rate_period: String,
+    #[yaserde(rename = "basicAuthEnabled")]
+    pub basic_auth_enabled: bool,
+    #[yaserde(rename = "basicAuthUsers")]
+    pub basic_auth_users: Option<String>,
+    #[yaserde(rename = "basicAuthGroups")]
+    pub basic_auth_groups: Option<String>,
+    #[yaserde(rename = "tuning_timeoutConnect")]
+    pub tuning_timeout_connect: Option<String>,
+    #[yaserde(rename = "tuning_timeoutCheck")]
+    pub tuning_timeout_check: Option<String>,
+    #[yaserde(rename = "tuning_timeoutServer")]
+    pub tuning_timeout_server: Option<String>,
+    #[yaserde(rename = "tuning_retries")]
+    pub tuning_retries: Option<String>,
+    #[yaserde(rename = "customOptions")]
+    pub custom_options: Option<String>,
+    #[yaserde(rename = "tuning_defaultserver")]
+    pub tuning_defaultserver: Option<String>,
+    #[yaserde(rename = "tuning_noport")]
+    pub tuning_noport: bool,
+    #[yaserde(rename = "tuning_httpreuse")]
+    pub tuning_httpreuse: Option<String>,
+    #[yaserde(rename = "tuning_caching")]
+    pub tuning_caching: bool,
+    #[yaserde(rename = "linkedActions")]
+    pub linked_actions: Option<String>,
+    #[yaserde(rename = "linkedErrorfiles")]
+    pub linked_errorfiles: Option<String>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct HAProxyServers {
+    #[yaserde(rename = "server")]
+    pub servers: Vec<HAProxyServer>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct HAProxyServer {
+    #[yaserde(attribute, rename = "uuid")]
+    pub uuid: String,
+    #[yaserde(rename = "id")]
+    pub id: String,
+    #[yaserde(rename = "enabled")]
+    pub enabled: bool,
+    #[yaserde(rename = "name")]
+    pub name: String,
+    #[yaserde(rename = "description")]
+    pub description: Option<String>,
+    #[yaserde(rename = "address")]
+    pub address: String,
+    #[yaserde(rename = "port")]
+    pub port: u16,
+    #[yaserde(rename = "checkport")]
+    pub checkport: Option<String>,
+    #[yaserde(rename = "mode")]
+    pub mode: String,
+    #[yaserde(rename = "multiplexer_protocol")]
+    pub multiplexer_protocol: String,
+    #[yaserde(rename = "type")]
+    pub server_type: String,
+    #[yaserde(rename = "serviceName")]
+    pub service_name: Option<String>,
+    #[yaserde(rename = "number")]
+    pub number: Option<String>,
+    #[yaserde(rename = "linkedResolver")]
+    pub linked_resolver: Option<String>,
+    #[yaserde(rename = "resolverOpts")]
+    pub resolver_opts: Option<String>,
+    #[yaserde(rename = "resolvePrefer")]
+    pub resolve_prefer: Option<String>,
+    #[yaserde(rename = "ssl")]
+    pub ssl: bool,
+    #[yaserde(rename = "sslSNI")]
+    pub ssl_sni: Option<String>,
+    #[yaserde(rename = "sslVerify")]
+    pub ssl_verify: bool,
+    #[yaserde(rename = "sslCA")]
+    pub ssl_ca: Option<String>,
+    #[yaserde(rename = "sslCRL")]
+    pub ssl_crl: Option<String>,
+    #[yaserde(rename = "sslClientCertificate")]
+    pub ssl_client_certificate: Option<String>,
+    #[yaserde(rename = "maxConnections")]
+    pub max_connections: Option<String>,
+    #[yaserde(rename = "weight")]
+    pub weight: u32,
+    #[yaserde(rename = "checkInterval")]
+    pub check_interval: Option<String>,
+    #[yaserde(rename = "checkDownInterval")]
+    pub check_down_interval: Option<String>,
+    #[yaserde(rename = "source")]
+    pub source: Option<String>,
+    #[yaserde(rename = "advanced")]
+    pub advanced: Option<String>,
+    #[yaserde(rename = "unix_socket")]
+    pub unix_socket: Option<String>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct HAProxyHealthChecks {
+    #[yaserde(rename = "healthcheck")]
+    pub healthchecks: Vec<HAProxyHealthCheck>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct HAProxyHealthCheck {
+    #[yaserde(attribute)]
+    pub uuid: String,
+    pub name: String,
+    pub description: Option<String>,
+    #[yaserde(rename = "type")]
+    pub health_check_type: String,
+    pub interval: String,
+    pub ssl: String,
+    #[yaserde(rename = "sslSNI")]
+    pub ssl_sni: Option<String>,
+    pub force_ssl: bool,
+    pub checkport: Option<String>,
+    pub http_method: String,
+    pub http_uri: String,
+    pub http_version: Option<String>,
+    #[yaserde(rename = "http_host")]
+    pub http_host: Option<String>,
+    #[yaserde(rename = "http_expressionEnabled")]
+    pub http_expression_enabled: Option<u8>,
+    pub http_expression: Option<String>,
+    pub http_negate: Option<String>,
+    pub http_value: Option<String>,
+    pub tcp_enabled: Option<String>,
+    #[yaserde(rename = "tcp_sendValue")]
+    pub tcp_send_value: Option<String>,
+    #[yaserde(rename = "tcp_matchType")]
+    pub tcp_match_type: Option<String>,
+    #[yaserde(rename = "tcp_matchValue")]
+    pub tcp_match_value: Option<String>,
+    pub tcp_negate: Option<String>,
+    #[yaserde(rename = "agentPort")]
+    pub agent_port: Option<String>,
+    pub mysql_user: Option<String>,
+    pub mysql_post41: Option<String>,
+    pub pgsql_user: Option<String>,
+    #[yaserde(alias = "smtpDomain")]
+    pub smtp_domain: Option<String>,
+    pub esmtp_domain: Option<String>,
+    #[yaserde(rename = "dbUser")]
+    pub db_user: Option<String>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct StaticRoutes {
+    #[yaserde(attribute)]
+    pub version: String,
+    #[yaserde(rename = "route")]
+    pub route: Option<String>, // Assuming it can be empty, use Option
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Ca {} // Empty struct for <ca/>
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Gateways {
+    #[yaserde(rename = "gateway_item")]
+    pub gateway_item: Option<String>, // Assuming it can be empty, use Option
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Cert {
+    #[yaserde(rename = "refid")]
+    pub refid: String,
+    #[yaserde(rename = "descr")]
+    pub descr: String,
+    #[yaserde(rename = "crt")]
+    pub crt: String,
+    #[yaserde(rename = "prv")]
+    pub prv: String,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct DhcpDv6 {} // Empty struct for <dhcpdv6/>
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct VirtualIp {
+    #[yaserde(attribute)]
+    pub version: String,
+    #[yaserde(rename = "vip")]
+    pub vip: Vip,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Vip {
+    #[yaserde(attribute)]
+    pub uuid: String,
+    pub interface: String,
+    pub mode: String,
+    pub subnet: String,
+    pub subnet_bits: u32,
+    pub gateway: String,
+    pub noexpand: u32,
+    pub nobind: u32,
+    pub password: Option<String>,
+    pub vhid: Option<String>,
+    pub advbase: u32,
+    pub advskew: u32,
+    pub descr: String,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct OpenVpn {
+    #[yaserde(rename = "openvpn-server")]
+    pub openvpn_server: Option<String>,
+    #[yaserde(rename = "openvpn-client")]
+    pub openvpn_client: Option<String>,
+}
+
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Ppps {
+    pub ppp: Ppp,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Ppp {
+    pub ptpid: u32,
+    #[yaserde(rename = "type")]
+    pub r#type: String,
+    #[yaserde(rename = "if")]
+    pub r#if: String,
+    pub ports: String,
+    pub username: String,
+    pub password: String,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Dyndnses {
+    pub dyndns: Dyndns,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Dyndns {
+    #[yaserde(rename = "type")]
+    pub r#type: String,
+    pub username: Option<String>,
+    pub password: String,
+    pub host: String,
+    pub mx: Option<String>,
+    pub interface: String,
+    pub zoneid: Option<String>,
+    pub resourceid: Option<String>,
+    pub ttl: Option<String>,
+    pub updateurl: Option<String>,
+    pub resultmatch: Option<String>,
+    pub requestif: String,
+    pub descr: Option<String>,
+    pub id: u32,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Vlans {
+    #[yaserde(attribute)]
+    pub version: String,
+    pub vlan: Option<String>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Bridges {
+    pub bridged: Option<String>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Gifs {
+    pub gif: Option<String>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Gres {
+    pub gre: Option<String>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Laggs {
+    #[yaserde(attribute)]
+    pub version: String,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Wireless {
+    pub clone: Option<String>,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Hasync {
+    pub synchronizealiases: String,
+    pub synchronizeauthservers: String,
+    pub synchronizecerts: String,
+    pub synchronizedhcpd: String,
+    pub synchronizenat: String,
+    pub synchronizerules: String,
+    pub synchronizeschedules: String,
+    pub synchronizestaticroutes: String,
+    pub synchronizeusers: String,
+    pub synchronizevirtualip: String,
+    pub synchronizewidgets: String,
+    pub synchronizedhcrelay: String,
+    pub synchronizedhcpdv6: String,
+    pub synchronizedhcrelay6: String,
+    pub synchronizentpd: String,
+    pub synchronizesyslog: String,
+    pub synchronizecron: String,
+    pub synchronizesysctl: String,
+    pub synchronizewebgui: String,
+    pub synchronizednsforwarder: String,
+    pub synchronizeshaper: String,
+    pub synchronizecaptiveportal: String,
+    pub synchronizeipsec: String,
+    pub synchronizemonit: String,
+    pub synchronizessh: String,
+    pub synchronizeopenvpn: String,
+    pub synchronizeifgroups: String,
+    pub synchronizecategories: String,
+    pub synchronizelvtemplate: String,
+    pub synchronizesquid: String,
+    pub synchronizesuricata: String,
+    pub synchronizednsresolver: String,
+    pub pfsyncinterface: String,
+    pub synchronizetoip: String,
+    pub username: String,
+    pub password: String,
+    pub pfsyncenabled: String,
+    pub disablepreempt: String,
+    pub disconnectppps: String,
+}
+
+#[derive(Default, PartialEq, Debug, YaSerialize, YaDeserialize)]
+pub struct Ifgroups {
+    #[yaserde(attribute)]
+    pub version: String,
 }
diff --git a/harmony-rs/opnsense-config/src/tests/data/config-structure.xml b/harmony-rs/opnsense-config/src/tests/data/config-structure.xml
new file mode 100644
index 0000000..b67feaa
--- /dev/null
+++ b/harmony-rs/opnsense-config/src/tests/data/config-structure.xml
@@ -0,0 +1,1421 @@
+<?xml version="1.0"?>
+<opnsense>
+  <theme>opnsense</theme>
+  <sysctl>
+    <item>
+      <descr>Increase UFS read-ahead speeds to match the state of hard drives and NCQ.</descr>
+      <tunable>vfs.read_max</tunable>
+      <value>default</value>
+    </item>
+    <item>
+      <descr>Set the ephemeral port range to be lower.</descr>
+      <tunable>net.inet.ip.portrange.first</tunable>
+      <value>default</value>
+    </item>
+  </sysctl>
+  <system>
+    <use_mfs_tmp/>
+    <use_mfs_var/>
+    <serialspeed>115200</serialspeed>
+    <primaryconsole>serial</primaryconsole>
+    <secondaryconsole>video</secondaryconsole>
+    <optimization>normal</optimization>
+    <hostname>OPN1</hostname>
+    <domain>somedomain.yourlocal.mcd</domain>
+    <group>
+      <name>admins</name>
+      <description>System Administrators</description>
+      <scope>system</scope>
+      <gid>1999</gid>
+      <member>0</member>
+      <member>2000</member>
+      <priv>page-all</priv>
+    </group>
+    <user>
+      <name>root</name>
+      <descr>System Administrator</descr>
+      <scope>system</scope>
+      <groupname>admins</groupname>
+      <password>$2y$10$5555555555o8dj21980j1doiOIJDIOASJOID!jidjeue19812y</password>
+      <uid>0</uid>
+      <expires/>
+      <authorizedkeys/>
+      <ipsecpsk/>
+      <otp_seed/>
+    </user>
+    <user>
+      <password>$2y$11$55555555556D8198uOASIDJaiojdjd1oijdijosaoijdaoidOIASJDoijdoiadOASdoiK</password>
+      <scope>user</scope>
+      <name>someuser</name>
+      <descr/>
+      <expires/>
+      <authorizedkeys/>
+      <ipsecpsk/>
+      <otp_seed/>
+      <shell>/bin/sh</shell>
+      <uid>2000</uid>
+    </user>
+    <nextuid>2001</nextuid>
+    <nextgid>2000</nextgid>
+    <timezone>Etc/UTC</timezone>
+    <timeservers>0.opnsense.pool.ntp.org 1.opnsense.pool.ntp.org 2.opnsense.pool.ntp.org 3.opnsense.pool.ntp.org</timeservers>
+    <webgui>
+      <protocol>https</protocol>
+      <ssl-certref>6155aba4c9375</ssl-certref>
+      <port/>
+      <ssl-ciphers/>
+      <interfaces/>
+      <compression/>
+    </webgui>
+    <usevirtualterminal>1</usevirtualterminal>
+    <disableconsolemenu>1</disableconsolemenu>
+    <disablevlanhwfilter>1</disablevlanhwfilter>
+    <disablechecksumoffloading>1</disablechecksumoffloading>
+    <disablesegmentationoffloading>1</disablesegmentationoffloading>
+    <disablelargereceiveoffloading>1</disablelargereceiveoffloading>
+    <ipv6allow>1</ipv6allow>
+    <powerd_ac_mode>hadp</powerd_ac_mode>
+    <powerd_battery_mode>hadp</powerd_battery_mode>
+    <powerd_normal_mode>hadp</powerd_normal_mode>
+    <bogons>
+      <interval>monthly</interval>
+    </bogons>
+    <crypto_hardware>aesni</crypto_hardware>
+    <pf_share_forward>1</pf_share_forward>
+    <lb_use_sticky>1</lb_use_sticky>
+    <kill_states>1</kill_states>
+    <ssh>
+      <group>admins</group>
+      <noauto>1</noauto>
+      <interfaces/>
+      <kex/>
+      <ciphers/>
+      <macs/>
+      <keys/>
+      <enabled>enabled</enabled>
+      <passwordauth>1</passwordauth>
+      <keysig/>
+      <permitrootlogin>1</permitrootlogin>
+    </ssh>
+    <firmware version="1.0.1">
+      <mirror/>
+      <flavour/>
+      <plugins>os-ddclient,os-dyndns,os-haproxy,os-wireguard</plugins>
+      <type/>
+      <subscription/>
+    </firmware>
+    <sudo_allow_wheel>1</sudo_allow_wheel>
+    <sudo_allow_group>admins</sudo_allow_group>
+    <enablenatreflectionhelper>yes</enablenatreflectionhelper>
+    <rulesetoptimization>basic</rulesetoptimization>
+    <maximumstates/>
+    <maximumfrags/>
+    <aliasesresolveinterval/>
+    <maximumtableentries/>
+    <language>en_US</language>
+    <dnsserver/>
+    <dns1gw>none</dns1gw>
+    <dns2gw>none</dns2gw>
+    <dns3gw>none</dns3gw>
+    <dns4gw>none</dns4gw>
+    <dns5gw>none</dns5gw>
+    <dns6gw>none</dns6gw>
+    <dns7gw>none</dns7gw>
+    <dns8gw>none</dns8gw>
+    <dnsallowoverride>1</dnsallowoverride>
+    <dnsallowoverride_exclude/>
+  </system>
+  <interfaces>
+    <wan>
+      <if>pppoe0</if>
+      <descr>WAN</descr>
+      <enable>1</enable>
+      <lock>1</lock>
+      <spoofmac/>
+      <blockpriv>1</blockpriv>
+      <blockbogons>1</blockbogons>
+      <ipaddr>pppoe</ipaddr>
+    </wan>
+    <lan>
+      <if>em1</if>
+      <descr>LAN</descr>
+      <enable>1</enable>
+      <spoofmac/>
+      <ipaddr>192.168.20.1</ipaddr>
+      <subnet>24</subnet>
+      <ipaddrv6>track6</ipaddrv6>
+      <track6-interface/>
+      <track6-prefix-id>0</track6-prefix-id>
+    </lan>
+    <lo0>
+      <internal_dynamic>1</internal_dynamic>
+      <descr>Loopback</descr>
+      <enable>1</enable>
+      <if>lo0</if>
+      <ipaddr>127.0.0.1</ipaddr>
+      <ipaddrv6>::1</ipaddrv6>
+      <subnet>8</subnet>
+      <subnetv6>128</subnetv6>
+      <type>none</type>
+      <virtual>1</virtual>
+    </lo0>
+    <opt1>
+      <if>em5</if>
+      <descr>backup_sync</descr>
+      <enable>1</enable>
+      <lock>1</lock>
+      <spoofmac/>
+      <ipaddr>10.10.5.1</ipaddr>
+      <subnet>24</subnet>
+    </opt1>
+    <wireguard>
+      <internal_dynamic>1</internal_dynamic>
+      <descr>WireGuard (Group)</descr>
+      <if>wireguard</if>
+      <virtual>1</virtual>
+      <enable>1</enable>
+      <type>group</type>
+      <networks/>
+    </wireguard>
+    <openvpn>
+      <internal_dynamic>1</internal_dynamic>
+      <enable>1</enable>
+      <if>openvpn</if>
+      <descr>OpenVPN</descr>
+      <type>group</type>
+      <virtual>1</virtual>
+      <networks/>
+    </openvpn>
+  </interfaces>
+  <dhcpd>
+    <lan>
+      <enable>1</enable>
+      <gateway>192.168.20.1</gateway>
+      <domain>somedomain.yourlocal.mcd</domain>
+      <ddnsdomainalgorithm>hmac-md5</ddnsdomainalgorithm>
+      <numberoptions>
+        <item/>
+      </numberoptions>
+      <range>
+        <from>192.168.20.50</from>
+        <to>192.168.20.200</to>
+      </range>
+      <winsserver/>
+      <dnsserver>192.168.20.1</dnsserver>
+      <ntpserver/>
+      <staticmap>
+        <mac>55:55:55:55:55:1c</mac>
+        <ipaddr>192.168.20.160</ipaddr>
+        <hostname>somehost983</hostname>
+        <descr>someservire8</descr>
+        <winsserver/>
+        <dnsserver/>
+        <ntpserver/>
+      </staticmap>
+      <staticmap>
+        <mac>55:55:55:55:55:1c</mac>
+        <ipaddr>192.168.20.155</ipaddr>
+        <hostname>somehost893</hostname>
+        <winsserver/>
+        <dnsserver/>
+        <ntpserver/>
+      </staticmap>
+      <staticmap>
+        <mac>55:55:55:55:55:1c</mac>
+        <ipaddr>192.168.20.50</ipaddr>
+        <hostname>hostswitch2</hostname>
+        <descr>switch-2 (bottom)</descr>
+        <winsserver/>
+        <dnsserver/>
+        <ntpserver/>
+      </staticmap>
+      <pool/>
+    </lan>
+  </dhcpd>
+  <snmpd>
+    <syslocation/>
+    <syscontact/>
+    <rocommunity>public</rocommunity>
+  </snmpd>
+  <syslog>
+    <reverse/>
+    <preservelogs>3</preservelogs>
+  </syslog>
+  <nat>
+    <outbound>
+      <mode>automatic</mode>
+    </outbound>
+    <rule>
+      <protocol>tcp</protocol>
+      <interface>wan</interface>
+      <category/>
+      <ipprotocol>inet</ipprotocol>
+      <descr/>
+      <tag/>
+      <tagged/>
+      <poolopts/>
+      <associated-rule-id>nat_618812d37b8193.31302503</associated-rule-id>
+      <target>host_3</target>
+      <local-port>22</local-port>
+      <source>
+        <any>1</any>
+      </source>
+      <destination>
+        <network>wanip</network>
+        <port>55555</port>
+      </destination>
+      <updated>
+        <username>root@192.168.1.118</username>
+        <time>1636307667.506</time>
+        <description>/firewall_nat_edit.php made changes</description>
+      </updated>
+      <created>
+        <username>root@192.168.1.118</username>
+        <time>1636307667.506</time>
+        <description>/firewall_nat_edit.php made changes</description>
+      </created>
+    </rule>
+    <rule>
+      <protocol>tcp</protocol>
+      <interface>wan</interface>
+      <category/>
+      <ipprotocol>inet</ipprotocol>
+      <descr/>
+      <tag/>
+      <tagged/>
+      <poolopts/>
+      <associated-rule-id>nat_651ffc35e573d9.09092618</associated-rule-id>
+      <target>192.168.20.140</target>
+      <local-port>22</local-port>
+      <source>
+        <any>1</any>
+      </source>
+      <destination>
+        <network>wanip</network>
+        <port>30140</port>
+      </destination>
+      <updated>
+        <username>root@172.12.0.11</username>
+        <time>1696594997.9399</time>
+        <description>/firewall_nat_edit.php made changes</description>
+      </updated>
+      <created>
+        <username>root@172.12.0.11</username>
+        <time>1696594997.9399</time>
+        <description>/firewall_nat_edit.php made changes</description>
+      </created>
+    </rule>
+  </nat>
+  <filter>
+    <rule uuid="36bf9a49-7705-40d4-9ea8-815a215ce007">
+      <type>pass</type>
+      <interface>wan</interface>
+      <ipprotocol>inet</ipprotocol>
+      <statetype>keep state</statetype>
+      <descr>allow public connections to vpn</descr>
+      <direction>in</direction>
+      <category>wireguard</category>
+      <quick>1</quick>
+      <protocol>udp</protocol>
+      <source>
+        <any>1</any>
+      </source>
+      <destination>
+        <network>wanip</network>
+        <port>51820</port>
+      </destination>
+      <updated>
+        <username>root@192.168.1.118</username>
+        <time>1636306863.2747</time>
+        <description>/firewall_rules_edit.php made changes</description>
+      </updated>
+      <created>
+        <username>root@192.168.1.118</username>
+        <time>1636305029.8036</time>
+        <description>/firewall_rules_edit.php made changes</description>
+      </created>
+    </rule>
+    <rule>
+      <associated-rule-id>nat_670979b3279551.73601303</associated-rule-id>
+      <source>
+        <any>1</any>
+      </source>
+      <interface>wan</interface>
+      <statetype>keep state</statetype>
+      <protocol>tcp</protocol>
+      <ipprotocol>inet</ipprotocol>
+      <destination>
+        <address>192.168.20.1</address>
+        <port>55555</port>
+      </destination>
+      <descr>port forwarding for virtual ip for someservice2 servers</descr>
+      <category/>
+      <created>
+        <username>root@172.12.0.12</username>
+        <time>1728674227.1622</time>
+        <description>/firewall_nat_edit.php made changes</description>
+      </created>
+      <disabled>1</disabled>
+    </rule>
+  </filter>
+  <load_balancer>
+    <monitor_type>
+      <name>ICMP</name>
+      <type>icmp</type>
+      <descr>ICMP</descr>
+      <options/>
+    </monitor_type>
+    <monitor_type>
+      <name>TCP</name>
+      <type>tcp</type>
+      <descr>Generic TCP</descr>
+      <options/>
+    </monitor_type>
+    <monitor_type>
+      <name>HTTP</name>
+      <type>http</type>
+      <descr>Generic HTTP</descr>
+      <options>
+        <path>/</path>
+        <host/>
+        <code>200</code>
+      </options>
+    </monitor_type>
+  </load_balancer>
+  <ntpd>
+    <prefer>0.opnsense.pool.ntp.org</prefer>
+  </ntpd>
+  <widgets>
+    <sequence>system_information-container:00000000-col3:show,traffic_graphs-container:00000001-col3:show,thermal_sensors-container:00000002-col3:show,log-container:00000003-col3:show,services_status-container:00000004-col4:show,gateways-container:00000005-col4:show,interface_list-container:00000006-col4:show,carp_status-container:00000007-col4:show,wireguard-container:00000008-col4:show,dyn_dns_status-container:00000009-col4:show,system_log-container:00000010-col4:show</sequence>
+    <column_count>2</column_count>
+  </widgets>
+  <revision>
+    <username>root@172.12.0.12</username>
+    <time>1728676391.9878</time>
+    <description>/firewall_nat.php made changes</description>
+  </revision>
+  <OPNsense>
+    <captiveportal version="1.0.1">
+      <zones/>
+      <templates/>
+    </captiveportal>
+    <cron version="1.0.4">
+      <jobs/>
+    </cron>
+    <Netflow version="1.0.1">
+      <capture>
+        <interfaces/>
+        <egress_only/>
+        <version>v9</version>
+        <targets/>
+      </capture>
+      <collect>
+        <enable>0</enable>
+      </collect>
+      <activeTimeout>1800</activeTimeout>
+      <inactiveTimeout>15</inactiveTimeout>
+    </Netflow>
+    <Firewall>
+      <Lvtemplate version="0.0.1">
+        <templates/>
+      </Lvtemplate>
+      <Category version="1.0.0">
+        <categories>
+          <category uuid="1d91d52b-7588-40c5-8c2c-05acdfcf8c1e">
+            <name>wireguard</name>
+            <auto>1</auto>
+            <color/>
+          </category>
+        </categories>
+      </Category>
+      <Alias version="1.0.1">
+        <geoip>
+          <url/>
+        </geoip>
+        <aliases>
+          <alias uuid="298089ad-f84a-4dda-9c10-6653a7464294">
+            <enabled>1</enabled>
+            <name>x3690_3</name>
+            <type>host</type>
+            <proto/>
+            <interface/>
+            <counters>0</counters>
+            <updatefreq/>
+            <content>192.168.1.136</content>
+            <categories/>
+            <description/>
+          </alias>
+          <alias uuid="e80d6d23-a0b0-4432-aff5-b5be0557eb01">
+            <enabled>1</enabled>
+            <name>someservice2_vip</name>
+            <type>host</type>
+            <proto/>
+            <interface/>
+            <counters>0</counters>
+            <updatefreq/>
+            <content>192.168.20.225</content>
+            <categories/>
+            <description>alias for someservice2 vip</description>
+          </alias>
+        </aliases>
+      </Alias>
+    </Firewall>
+    <IDS version="1.0.9">
+      <rules/>
+      <policies/>
+      <userDefinedRules/>
+      <files/>
+      <fileTags/>
+      <general>
+        <enabled>0</enabled>
+        <ips>0</ips>
+        <promisc>0</promisc>
+        <interfaces>wan</interfaces>
+        <homenet>192.168.0.0/16,10.0.0.0/8,172.16.0.0/12</homenet>
+        <defaultPacketSize/>
+        <UpdateCron/>
+        <AlertLogrotate>W0D23</AlertLogrotate>
+        <AlertSaveLogs>4</AlertSaveLogs>
+        <MPMAlgo>ac</MPMAlgo>
+        <detect>
+          <Profile>medium</Profile>
+          <toclient_groups/>
+          <toserver_groups/>
+        </detect>
+        <syslog>0</syslog>
+        <syslog_eve>0</syslog_eve>
+        <LogPayload>0</LogPayload>
+        <verbosity/>
+      </general>
+    </IDS>
+    <IPsec version="1.0.1">
+      <general>
+        <enabled/>
+      </general>
+      <keyPairs/>
+      <preSharedKeys/>
+    </IPsec>
+    <Interfaces>
+      <vxlans version="1.0.1"/>
+      <loopbacks version="1.0.0"/>
+    </Interfaces>
+    <monit version="1.0.12">
+      <general>
+        <enabled>0</enabled>
+        <interval>120</interval>
+        <startdelay>120</startdelay>
+        <mailserver>127.0.0.1</mailserver>
+        <port>25</port>
+        <username/>
+        <password/>
+        <ssl>0</ssl>
+        <sslversion>auto</sslversion>
+        <sslverify>1</sslverify>
+        <logfile>syslog facility log_daemon</logfile>
+        <statefile/>
+        <eventqueuePath/>
+        <eventqueueSlots/>
+        <httpdEnabled>0</httpdEnabled>
+        <httpdUsername>root</httpdUsername>
+        <httpdPassword>oiujds9889DSIJSDIJSDIjdj</httpdPassword>
+        <httpdPort>2812</httpdPort>
+        <httpdAllow/>
+        <mmonitUrl/>
+        <mmonitTimeout>5</mmonitTimeout>
+        <mmonitRegisterCredentials>1</mmonitRegisterCredentials>
+      </general>
+      <alert uuid="d307f1df-e759-4262-a4cd-7b9673f0ad36">
+        <enabled>0</enabled>
+        <recipient>root@localhost.local</recipient>
+        <noton>0</noton>
+        <events/>
+        <format/>
+        <reminder>10</reminder>
+        <description/>
+      </alert>
+      <service uuid="9f01617b-08c1-487d-9c8a-fa1340add37e">
+        <enabled>1</enabled>
+        <name>$HOST</name>
+        <description/>
+        <type>system</type>
+        <pidfile/>
+        <match/>
+        <path/>
+        <timeout>300</timeout>
+        <starttimeout>30</starttimeout>
+        <address/>
+        <interface/>
+        <start/>
+        <stop/>
+        <tests>da6083fd-852c-44af-9ae7-8c9de443bbc9,4f18b847-c2ab-4707-9686-bf656e187ab8,62ea6632-3554-43be-bb0b-ceceab685338,f543f50a-4e52-4afd-85ce-95fe6d61dc54</tests>
+        <depends/>
+        <polltime/>
+      </service>
+      <test uuid="93365006-3a70-4d80-bab8-72fb9214a51b">
+        <name>Ping</name>
+        <type>NetworkPing</type>
+        <condition>failed ping</condition>
+        <action>alert</action>
+        <path/>
+      </test>
+      <test uuid="48a4ae66-c879-40fe-a554-0f354ee67770">
+        <name>NetworkLink</name>
+        <type>NetworkInterface</type>
+        <condition>failed link</condition>
+        <action>alert</action>
+        <path/>
+      </test>
+    </monit>
+    <OpenVPNExport version="0.0.1">
+      <servers/>
+    </OpenVPNExport>
+    <proxy version="1.0.6">
+      <general>
+        <enabled>0</enabled>
+        <error_pages>opnsense</error_pages>
+        <icpPort/>
+        <logging>
+          <enable>
+            <accessLog>1</accessLog>
+            <storeLog>1</storeLog>
+          </enable>
+          <ignoreLogACL/>
+          <target/>
+        </logging>
+        <alternateDNSservers/>
+        <dnsV4First>0</dnsV4First>
+        <forwardedForHandling>on</forwardedForHandling>
+        <uriWhitespaceHandling>strip</uriWhitespaceHandling>
+        <enablePinger>1</enablePinger>
+        <useViaHeader>1</useViaHeader>
+        <suppressVersion>0</suppressVersion>
+        <connecttimeout/>
+        <VisibleEmail>admin@localhost.local</VisibleEmail>
+        <VisibleHostname/>
+        <cache>
+          <local>
+            <enabled>0</enabled>
+            <directory>/var/squid/cache</directory>
+            <cache_mem>256</cache_mem>
+            <maximum_object_size/>
+            <maximum_object_size_in_memory/>
+            <memory_cache_mode>always</memory_cache_mode>
+            <size>100</size>
+            <l1>16</l1>
+            <l2>256</l2>
+            <cache_linux_packages>0</cache_linux_packages>
+            <cache_windows_updates>0</cache_windows_updates>
+          </local>
+        </cache>
+        <traffic>
+          <enabled>0</enabled>
+          <maxDownloadSize>2048</maxDownloadSize>
+          <maxUploadSize>1024</maxUploadSize>
+          <OverallBandwidthTrotteling>1024</OverallBandwidthTrotteling>
+          <perHostTrotteling>256</perHostTrotteling>
+        </traffic>
+        <parentproxy>
+          <enabled>0</enabled>
+          <host/>
+          <enableauth>0</enableauth>
+          <user>username</user>
+          <password>password</password>
+          <port/>
+          <localdomains/>
+          <localips/>
+        </parentproxy>
+      </general>
+      <forward>
+        <interfaces>lan</interfaces>
+        <port>3128</port>
+        <sslbumpport>3129</sslbumpport>
+        <sslbump>0</sslbump>
+        <sslurlonly>0</sslurlonly>
+        <sslcertificate/>
+        <sslnobumpsites/>
+        <ssl_crtd_storage_max_size>4</ssl_crtd_storage_max_size>
+        <sslcrtd_children>5</sslcrtd_children>
+        <snmp_enable>0</snmp_enable>
+        <snmp_port>3401</snmp_port>
+        <snmp_password>public</snmp_password>
+        <ftpInterfaces/>
+        <ftpPort>2121</ftpPort>
+        <ftpTransparentMode>0</ftpTransparentMode>
+        <addACLforInterfaceSubnets>1</addACLforInterfaceSubnets>
+        <transparentMode>0</transparentMode>
+        <acl>
+          <allowedSubnets/>
+          <unrestricted/>
+          <bannedHosts/>
+          <whiteList/>
+          <blackList/>
+          <browser/>
+          <mimeType/>
+          <googleapps/>
+          <youtube/>
+          <safePorts>80:http,21:ftp,443:https,70:gopher,210:wais,1025-65535:unregistered ports,280:http-mgmt,488:gss-http,591:filemaker,777:multiling http</safePorts>
+          <sslPorts>443:https</sslPorts>
+          <remoteACLs>
+            <blacklists/>
+            <UpdateCron/>
+          </remoteACLs>
+        </acl>
+        <icap>
+          <enable>0</enable>
+          <RequestURL>icap://[::1]:1344/avscan</RequestURL>
+          <ResponseURL>icap://[::1]:1344/avscan</ResponseURL>
+          <SendClientIP>1</SendClientIP>
+          <SendUsername>0</SendUsername>
+          <EncodeUsername>0</EncodeUsername>
+          <UsernameHeader>X-Username</UsernameHeader>
+          <EnablePreview>1</EnablePreview>
+          <PreviewSize>1024</PreviewSize>
+          <OptionsTTL>60</OptionsTTL>
+          <exclude/>
+        </icap>
+        <authentication>
+          <method/>
+          <authEnforceGroup/>
+          <realm>OPNsense proxy authentication</realm>
+          <credentialsttl>2</credentialsttl>
+          <children>5</children>
+        </authentication>
+      </forward>
+      <pac/>
+      <error_pages>
+        <template/>
+      </error_pages>
+    </proxy>
+    <Syslog version="1.0.1">
+      <general>
+        <enabled>1</enabled>
+      </general>
+      <destinations/>
+    </Syslog>
+    <TrafficShaper version="1.0.3">
+      <pipes/>
+      <queues/>
+      <rules/>
+    </TrafficShaper>
+    <unboundplus version="1.0.8">
+      <general>
+        <enabled>1</enabled>
+        <port>53</port>
+        <stats/>
+        <active_interface/>
+        <dnssec/>
+        <dns64/>
+        <dns64prefix/>
+        <noarecords/>
+        <regdhcp>1</regdhcp>
+        <regdhcpdomain/>
+        <regdhcpstatic>1</regdhcpstatic>
+        <noreglladdr6/>
+        <noregrecords/>
+        <txtsupport/>
+        <cacheflush/>
+        <local_zone_type>transparent</local_zone_type>
+        <outgoing_interface/>
+        <enable_wpad/>
+      </general>
+      <advanced>
+        <hideidentity>0</hideidentity>
+        <hideversion>0</hideversion>
+        <prefetch>0</prefetch>
+        <prefetchkey>0</prefetchkey>
+        <dnssecstripped>0</dnssecstripped>
+        <serveexpired>0</serveexpired>
+        <serveexpiredreplyttl/>
+        <serveexpiredttl/>
+        <serveexpiredttlreset>0</serveexpiredttlreset>
+        <serveexpiredclienttimeout/>
+        <qnameminstrict>0</qnameminstrict>
+        <extendedstatistics>0</extendedstatistics>
+        <logqueries>0</logqueries>
+        <logreplies>0</logreplies>
+        <logtagqueryreply>0</logtagqueryreply>
+        <logservfail/>
+        <loglocalactions/>
+        <logverbosity>1</logverbosity>
+        <valloglevel>0</valloglevel>
+        <privatedomain/>
+        <privateaddress>0.0.0.0/8,10.0.0.0/8,100.64.0.0/10,169.254.0.0/16,172.16.0.0/12,192.0.2.0/24,192.168.0.0/16,198.18.0.0/15,198.51.100.0/24,203.0.113.0/24,233.252.0.0/24,::1/128,2001:db8::/32,fc00::/8,fd00::/8,fe80::/10</privateaddress>
+        <insecuredomain/>
+        <msgcachesize/>
+        <rrsetcachesize/>
+        <outgoingnumtcp/>
+        <incomingnumtcp/>
+        <numqueriesperthread/>
+        <outgoingrange/>
+        <jostletimeout/>
+        <cachemaxttl/>
+        <cachemaxnegativettl/>
+        <cacheminttl/>
+        <infrahostttl/>
+        <infrakeepprobing/>
+        <infracachenumhosts/>
+        <unwantedreplythreshold/>
+      </advanced>
+      <acls>
+        <default_action>allow</default_action>
+      </acls>
+      <dnsbl>
+        <enabled>0</enabled>
+        <safesearch/>
+        <type/>
+        <lists/>
+        <whitelists/>
+        <blocklists/>
+        <wildcards/>
+        <address/>
+        <nxdomain>0</nxdomain>
+      </dnsbl>
+      <forwarding>
+        <enabled>0</enabled>
+      </forwarding>
+      <dots/>
+      <hosts>
+        <host uuid="a681fc39-70fa-4cf1-9331-79f5cbf9048f">
+          <enabled>1</enabled>
+          <hostname>api</hostname>
+          <domain>someapp.yourdomain.local.mcd</domain>
+          <rr>A</rr>
+          <mxprio/>
+          <mx/>
+          <server>192.168.20.161</server>
+          <description>Some app local</description>
+        </host>
+        <host uuid="dd593e95-02bc-476f-8610-fa1ee454e950">
+          <enabled>1</enabled>
+          <hostname>api-int</hostname>
+          <domain>someapp.yourdomain.local.mcd</domain>
+          <rr>A</rr>
+          <mxprio/>
+          <mx/>
+          <server>192.168.20.161</server>
+          <description>Some app local</description>
+        </host>
+        <host uuid="e1606f96-dd38-471f-a3d7-ad25e41e810d">
+          <enabled>1</enabled>
+          <hostname>*</hostname>
+          <domain>someapp.yourdomain.local.mcd</domain>
+          <rr>A</rr>
+          <mxprio/>
+          <mx/>
+          <server>192.168.20.161</server>
+          <description>Some app local</description>
+        </host>
+      </hosts>
+      <aliases/>
+      <domains/>
+    </unboundplus>
+    <wireguard>
+      <general version="0.0.1">
+        <enabled>1</enabled>
+      </general>
+      <server version="0.0.4">
+        <servers>
+          <server uuid="3ec7bf83-b3b7-4fba-b4f2-a96dafbfb162">
+            <enabled>1</enabled>
+            <name>publicwg</name>
+            <instance>0</instance>
+            <pubkey>89udsjiuod109jadsSUIDSAUIduhashuiauas/asdkj=</pubkey>
+            <privkey>eH555555555555555+892jdjiodsjiodsoijsdjiodj=</privkey>
+            <port>51820</port>
+            <mtu/>
+            <dns/>
+            <tunneladdress>172.12.0.1/24</tunneladdress>
+            <disableroutes>0</disableroutes>
+            <gateway/>
+            <carp_depend_on/>
+            <peers>03031aec-2e84-462e-9eab-57762dde667a,98e6ca3d-1de9-449b-be80-77022221b509,67c0ace5-e802-4d2b-a536-f8b7a2db6f99,74b60fff-7844-4097-9966-f1c2b1ad29ff,3de82ad5-bc1b-4b91-9598-f906e58ac937,a95e6b5e-24a4-40b5-bb41-b79e784f6f1c,6c9a12c6-c1ca-4c14-866b-975406a30590,c33b308b-7125-4688-9561-989ace8787b5,e43f004a-23bf-4027-8fb0-953fbb40479f</peers>
+          </server>
+        </servers>
+      </server>
+      <client version="0.0.7">
+        <clients>
+          <client uuid="98e6ca3d-1de9-449b-be80-77022221b509">
+            <enabled>1</enabled>
+            <name>some-laptop</name>
+            <pubkey>95555555555555555555555555555FN2aCHemL3RjA8=</pubkey>
+            <psk/>
+            <tunneladdress>172.12.0.8/32</tunneladdress>
+            <serveraddress/>
+            <serverport/>
+            <keepalive/>
+          </client>
+          <client uuid="74b60fff-7844-4097-9966-f1c2b1ad29ff">
+            <enabled>1</enabled>
+            <name>user2</name>
+            <pubkey>pJ555555555555555555xiUxuJof78XXugx1KUrrYg8=</pubkey>
+            <psk/>
+            <tunneladdress>172.12.0.6/32</tunneladdress>
+            <serveraddress/>
+            <serverport/>
+            <keepalive/>
+          </client>
+          <client uuid="67c0ace5-e802-4d2b-a536-f8b7a2db6f99">
+            <enabled>1</enabled>
+            <name>some-phone</name>
+            <pubkey>SLQXdM/555555555555555555MWhR2WSEkaSXh1ZpXU=</pubkey>
+            <psk/>
+            <tunneladdress>172.12.0.9/32</tunneladdress>
+            <serveraddress/>
+            <serverport/>
+            <keepalive/>
+          </client>
+        </clients>
+      </client>
+    </wireguard>
+    <Swanctl version="1.0.0">
+      <Connections/>
+      <locals/>
+      <remotes/>
+      <children/>
+      <Pools/>
+      <VTIs/>
+      <SPDs/>
+    </Swanctl>
+    <DynDNS version="1.5.1">
+      <general>
+        <enabled>1</enabled>
+        <verbose>0</verbose>
+        <allowipv6>0</allowipv6>
+        <daemon_delay>300</daemon_delay>
+        <backend>ddclient</backend>
+      </general>
+      <accounts>
+        <account uuid="5be8a905-3cde-4e34-b16c-e53623146c95">
+          <enabled>1</enabled>
+          <service>someddnsprovider</service>
+          <protocol/>
+          <server/>
+          <username>someusername.com</username>
+          <password>55555555555555555555555555555dsi</password>
+          <resourceId/>
+          <hostnames>yourpublic.host.com</hostnames>
+          <wildcard>0</wildcard>
+          <zone/>
+          <checkip>if</checkip>
+          <checkip_timeout>10</checkip_timeout>
+          <force_ssl>1</force_ssl>
+          <ttl>300</ttl>
+          <interface>wan</interface>
+          <description>yourpublic.host.com</description>
+        </account>
+      </accounts>
+    </DynDNS>
+    <OpenVPN version="1.0.0">
+      <Overwrites/>
+      <Instances/>
+      <StaticKeys/>
+    </OpenVPN>
+    <Gateways version="0.0.1"/>
+    <HAProxy version="4.0.0">
+      <general>
+        <enabled>1</enabled>
+        <gracefulStop>0</gracefulStop>
+        <hardStopAfter>60s</hardStopAfter>
+        <closeSpreadTime/>
+        <seamlessReload>0</seamlessReload>
+        <storeOcsp>0</storeOcsp>
+        <showIntro>1</showIntro>
+        <peers>
+          <enabled>0</enabled>
+          <name1/>
+          <listen1/>
+          <port1>1024</port1>
+          <name2/>
+          <listen2/>
+          <port2>1024</port2>
+        </peers>
+        <tuning>
+          <root>0</root>
+          <maxConnections/>
+          <nbthread>1</nbthread>
+          <sslServerVerify>ignore</sslServerVerify>
+          <maxDHSize>2048</maxDHSize>
+          <bufferSize>16384</bufferSize>
+          <spreadChecks>2</spreadChecks>
+          <bogusProxyEnabled>0</bogusProxyEnabled>
+          <luaMaxMem>0</luaMaxMem>
+          <customOptions/>
+          <ssl_defaultsEnabled>0</ssl_defaultsEnabled>
+          <ssl_bindOptions>prefer-client-ciphers</ssl_bindOptions>
+          <ssl_minVersion>TLSv1.2</ssl_minVersion>
+          <ssl_maxVersion/>
+          <ssl_cipherList>ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256</ssl_cipherList>
+          <ssl_cipherSuites>TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256</ssl_cipherSuites>
+        </tuning>
+        <defaults>
+          <maxConnections/>
+          <maxConnectionsServers/>
+          <timeoutClient>30s</timeoutClient>
+          <timeoutConnect>30s</timeoutConnect>
+          <timeoutCheck/>
+          <timeoutServer>30s</timeoutServer>
+          <retries>3</retries>
+          <redispatch>x-1</redispatch>
+          <init_addr>last,libc</init_addr>
+          <customOptions/>
+        </defaults>
+        <logging>
+          <host>127.0.0.1</host>
+          <facility>local0</facility>
+          <level>info</level>
+          <length/>
+        </logging>
+        <stats>
+          <enabled>0</enabled>
+          <port>8822</port>
+          <remoteEnabled>0</remoteEnabled>
+          <remoteBind/>
+          <authEnabled>0</authEnabled>
+          <users/>
+          <allowedUsers/>
+          <allowedGroups/>
+          <customOptions/>
+          <prometheus_enabled>0</prometheus_enabled>
+          <prometheus_bind>*:8404</prometheus_bind>
+          <prometheus_path>/metrics</prometheus_path>
+        </stats>
+        <cache>
+          <enabled>0</enabled>
+          <totalMaxSize>4</totalMaxSize>
+          <maxAge>60</maxAge>
+          <maxObjectSize/>
+          <processVary>0</processVary>
+          <maxSecondaryEntries>10</maxSecondaryEntries>
+        </cache>
+      </general>
+      <frontends>
+        <frontend uuid="379ce7bf-4df6-4b12-8aee-a32cff084d92">
+          <id>6707fe74642f67.52019899</id>
+          <enabled>1</enabled>
+          <name>some-ingress</name>
+          <description>public service redirecting traffic</description>
+          <bind>192.168.20.55:55555</bind>
+          <bindOptions/>
+          <mode>tcp</mode>
+          <defaultBackend>f0c76bef-8623-4fa8-a992-61f83d504b87</defaultBackend>
+          <ssl_enabled>0</ssl_enabled>
+          <ssl_certificates/>
+          <ssl_default_certificate/>
+          <ssl_customOptions/>
+          <ssl_advancedEnabled>0</ssl_advancedEnabled>
+          <ssl_bindOptions>prefer-client-ciphers</ssl_bindOptions>
+          <ssl_minVersion>TLSv1.2</ssl_minVersion>
+          <ssl_maxVersion/>
+          <ssl_cipherList>ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256</ssl_cipherList>
+          <ssl_cipherSuites>TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256</ssl_cipherSuites>
+          <ssl_hstsEnabled>1</ssl_hstsEnabled>
+          <ssl_hstsIncludeSubDomains>0</ssl_hstsIncludeSubDomains>
+          <ssl_hstsPreload>0</ssl_hstsPreload>
+          <ssl_hstsMaxAge>15768000</ssl_hstsMaxAge>
+          <ssl_clientAuthEnabled>0</ssl_clientAuthEnabled>
+          <ssl_clientAuthVerify>required</ssl_clientAuthVerify>
+          <ssl_clientAuthCAs/>
+          <ssl_clientAuthCRLs/>
+          <basicAuthEnabled>0</basicAuthEnabled>
+          <basicAuthUsers/>
+          <basicAuthGroups/>
+          <tuning_maxConnections/>
+          <tuning_timeoutClient/>
+          <tuning_timeoutHttpReq/>
+          <tuning_timeoutHttpKeepAlive/>
+          <linkedCpuAffinityRules/>
+          <tuning_shards/>
+          <logging_dontLogNull>0</logging_dontLogNull>
+          <logging_dontLogNormal>0</logging_dontLogNormal>
+          <logging_logSeparateErrors>0</logging_logSeparateErrors>
+          <logging_detailedLog>0</logging_detailedLog>
+          <logging_socketStats>0</logging_socketStats>
+          <stickiness_pattern/>
+          <stickiness_dataTypes/>
+          <stickiness_expire>30m</stickiness_expire>
+          <stickiness_size>50k</stickiness_size>
+          <stickiness_counter>1</stickiness_counter>
+          <stickiness_counter_key>src</stickiness_counter_key>
+          <stickiness_length/>
+          <stickiness_connRatePeriod>10s</stickiness_connRatePeriod>
+          <stickiness_sessRatePeriod>10s</stickiness_sessRatePeriod>
+          <stickiness_httpReqRatePeriod>10s</stickiness_httpReqRatePeriod>
+          <stickiness_httpErrRatePeriod>10s</stickiness_httpErrRatePeriod>
+          <stickiness_bytesInRatePeriod>1m</stickiness_bytesInRatePeriod>
+          <stickiness_bytesOutRatePeriod>1m</stickiness_bytesOutRatePeriod>
+          <http2Enabled>0</http2Enabled>
+          <http2Enabled_nontls>0</http2Enabled_nontls>
+          <advertised_protocols>h2,http11</advertised_protocols>
+          <forwardFor>0</forwardFor>
+          <prometheus_enabled>0</prometheus_enabled>
+          <prometheus_path>/metrics</prometheus_path>
+          <connectionBehaviour>http-keep-alive</connectionBehaviour>
+          <customOptions/>
+          <linkedActions/>
+          <linkedErrorfiles/>
+        </frontend>
+        <frontend uuid="e5cdd687-92a0-46a1-93c0-7b26431fea92">
+          <id>670979396dea69.72299427</id>
+          <enabled>0</enabled>
+          <name>another-ingress</name>
+          <description>public service redirecting traffic with non descriptive description</description>
+          <bind>192.168.20.1:55555</bind>
+          <bindOptions/>
+          <mode>tcp</mode>
+          <defaultBackend>f0c76bef-8623-4fa8-a992-61f83d504b87</defaultBackend>
+          <ssl_enabled>0</ssl_enabled>
+          <ssl_certificates/>
+          <ssl_default_certificate/>
+          <ssl_customOptions/>
+          <ssl_advancedEnabled>0</ssl_advancedEnabled>
+          <ssl_bindOptions>prefer-client-ciphers</ssl_bindOptions>
+          <ssl_minVersion>TLSv1.2</ssl_minVersion>
+          <ssl_maxVersion/>
+          <ssl_cipherList>ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256</ssl_cipherList>
+          <ssl_cipherSuites>TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256</ssl_cipherSuites>
+          <ssl_hstsEnabled>1</ssl_hstsEnabled>
+          <ssl_hstsIncludeSubDomains>0</ssl_hstsIncludeSubDomains>
+          <ssl_hstsPreload>0</ssl_hstsPreload>
+          <ssl_hstsMaxAge>15768000</ssl_hstsMaxAge>
+          <ssl_clientAuthEnabled>0</ssl_clientAuthEnabled>
+          <ssl_clientAuthVerify>required</ssl_clientAuthVerify>
+          <ssl_clientAuthCAs/>
+          <ssl_clientAuthCRLs/>
+          <basicAuthEnabled>0</basicAuthEnabled>
+          <basicAuthUsers/>
+          <basicAuthGroups/>
+          <tuning_maxConnections/>
+          <tuning_timeoutClient/>
+          <tuning_timeoutHttpReq/>
+          <tuning_timeoutHttpKeepAlive/>
+          <linkedCpuAffinityRules/>
+          <tuning_shards/>
+          <logging_dontLogNull>0</logging_dontLogNull>
+          <logging_dontLogNormal>0</logging_dontLogNormal>
+          <logging_logSeparateErrors>0</logging_logSeparateErrors>
+          <logging_detailedLog>0</logging_detailedLog>
+          <logging_socketStats>0</logging_socketStats>
+          <stickiness_pattern/>
+          <stickiness_dataTypes/>
+          <stickiness_expire>30m</stickiness_expire>
+          <stickiness_size>50k</stickiness_size>
+          <stickiness_counter>1</stickiness_counter>
+          <stickiness_counter_key>src</stickiness_counter_key>
+          <stickiness_length/>
+          <stickiness_connRatePeriod>10s</stickiness_connRatePeriod>
+          <stickiness_sessRatePeriod>10s</stickiness_sessRatePeriod>
+          <stickiness_httpReqRatePeriod>10s</stickiness_httpReqRatePeriod>
+          <stickiness_httpErrRatePeriod>10s</stickiness_httpErrRatePeriod>
+          <stickiness_bytesInRatePeriod>1m</stickiness_bytesInRatePeriod>
+          <stickiness_bytesOutRatePeriod>1m</stickiness_bytesOutRatePeriod>
+          <http2Enabled>0</http2Enabled>
+          <http2Enabled_nontls>0</http2Enabled_nontls>
+          <advertised_protocols>h2,http11</advertised_protocols>
+          <forwardFor>0</forwardFor>
+          <prometheus_enabled>0</prometheus_enabled>
+          <prometheus_path>/metrics</prometheus_path>
+          <connectionBehaviour>http-keep-alive</connectionBehaviour>
+          <customOptions/>
+          <linkedActions/>
+          <linkedErrorfiles/>
+        </frontend>
+      </frontends>
+      <backends>
+        <backend uuid="f0c76bef-8623-4fa8-a992-61f83d504b87">
+          <id>6707fa71c3cb99.64451664</id>
+          <enabled>1</enabled>
+          <name>some_servers</name>
+          <description/>
+          <mode>tcp</mode>
+          <algorithm>roundrobin</algorithm>
+          <random_draws>2</random_draws>
+          <proxyProtocol/>
+          <linkedServers>c0364e69-459d-48b2-a1d1-808324fea9cb,187d8b79-4376-45fc-9fd7-476074a7a577</linkedServers>
+          <linkedFcgi/>
+          <linkedResolver/>
+          <resolverOpts/>
+          <resolvePrefer/>
+          <source/>
+          <healthCheckEnabled>1</healthCheckEnabled>
+          <healthCheck>5110db0c-afa9-4bad-bbbe-5bbeb52262bb</healthCheck>
+          <healthCheckLogStatus>0</healthCheckLogStatus>
+          <checkInterval/>
+          <checkDownInterval/>
+          <healthCheckFall/>
+          <healthCheckRise/>
+          <linkedMailer/>
+          <http2Enabled>0</http2Enabled>
+          <http2Enabled_nontls>0</http2Enabled_nontls>
+          <ba_advertised_protocols>h2,http11</ba_advertised_protocols>
+          <persistence>sticktable</persistence>
+          <persistence_cookiemode>piggyback</persistence_cookiemode>
+          <persistence_cookiename>SRVCOOKIE</persistence_cookiename>
+          <persistence_stripquotes>1</persistence_stripquotes>
+          <stickiness_pattern>sourceipv4</stickiness_pattern>
+          <stickiness_dataTypes/>
+          <stickiness_expire>30m</stickiness_expire>
+          <stickiness_size>50k</stickiness_size>
+          <stickiness_cookiename/>
+          <stickiness_cookielength/>
+          <stickiness_connRatePeriod>10s</stickiness_connRatePeriod>
+          <stickiness_sessRatePeriod>10s</stickiness_sessRatePeriod>
+          <stickiness_httpReqRatePeriod>10s</stickiness_httpReqRatePeriod>
+          <stickiness_httpErrRatePeriod>10s</stickiness_httpErrRatePeriod>
+          <stickiness_bytesInRatePeriod>1m</stickiness_bytesInRatePeriod>
+          <stickiness_bytesOutRatePeriod>1m</stickiness_bytesOutRatePeriod>
+          <basicAuthEnabled>0</basicAuthEnabled>
+          <basicAuthUsers/>
+          <basicAuthGroups/>
+          <tuning_timeoutConnect/>
+          <tuning_timeoutCheck/>
+          <tuning_timeoutServer/>
+          <tuning_retries/>
+          <customOptions/>
+          <tuning_defaultserver/>
+          <tuning_noport>0</tuning_noport>
+          <tuning_httpreuse>safe</tuning_httpreuse>
+          <tuning_caching>0</tuning_caching>
+          <linkedActions/>
+          <linkedErrorfiles/>
+        </backend>
+      </backends>
+      <servers>
+        <server uuid="c0364e69-459d-48b2-a1d1-808324fea9cb">
+          <id>6707f9a980b271.59222580</id>
+          <enabled>1</enabled>
+          <name>server1</name>
+          <description>server running on host</description>
+          <address>192.168.20.55</address>
+          <port>55555</port>
+          <checkport/>
+          <mode>active</mode>
+          <multiplexer_protocol>unspecified</multiplexer_protocol>
+          <type>static</type>
+          <serviceName/>
+          <number/>
+          <linkedResolver/>
+          <resolverOpts/>
+          <resolvePrefer/>
+          <ssl>0</ssl>
+          <sslSNI/>
+          <sslVerify>1</sslVerify>
+          <sslCA/>
+          <sslCRL/>
+          <sslClientCertificate/>
+          <maxConnections/>
+          <weight>33</weight>
+          <checkInterval/>
+          <checkDownInterval/>
+          <source/>
+          <advanced/>
+          <unix_socket/>
+        </server>
+        <server uuid="187d8b79-4376-45fc-9fd7-476074a7a577">
+          <id>6707faa46d5f57.14318783</id>
+          <enabled>1</enabled>
+          <name>server2</name>
+          <description>server running something</description>
+          <address>192.168.20.155</address>
+          <port>55555</port>
+          <checkport/>
+          <mode>active</mode>
+          <multiplexer_protocol>unspecified</multiplexer_protocol>
+          <type>static</type>
+          <serviceName/>
+          <number/>
+          <linkedResolver/>
+          <resolverOpts/>
+          <resolvePrefer/>
+          <ssl>0</ssl>
+          <sslSNI/>
+          <sslVerify>1</sslVerify>
+          <sslCA/>
+          <sslCRL/>
+          <sslClientCertificate/>
+          <maxConnections/>
+          <weight>67</weight>
+          <checkInterval/>
+          <checkDownInterval/>
+          <source/>
+          <advanced/>
+          <unix_socket/>
+        </server>
+      </servers>
+      <healthchecks>
+        <healthcheck uuid="5110db0c-afa9-4bad-bbbe-5bbeb52262bb">
+          <name>server-loadbalancer-monitor</name>
+          <description/>
+          <type>tcp</type>
+          <interval>2s</interval>
+          <ssl>nopref</ssl>
+          <sslSNI/>
+          <force_ssl>0</force_ssl>
+          <checkport/>
+          <http_method>options</http_method>
+          <http_uri>/</http_uri>
+          <http_version>http10</http_version>
+          <http_host>localhost</http_host>
+          <http_expressionEnabled>0</http_expressionEnabled>
+          <http_expression/>
+          <http_negate>0</http_negate>
+          <http_value/>
+          <tcp_enabled>0</tcp_enabled>
+          <tcp_sendValue/>
+          <tcp_matchType>string</tcp_matchType>
+          <tcp_negate>0</tcp_negate>
+          <tcp_matchValue/>
+          <agentPort/>
+          <mysql_user/>
+          <mysql_post41>0</mysql_post41>
+          <pgsql_user/>
+          <smtp_domain/>
+          <esmtp_domain/>
+          <dbUser/>
+        </healthcheck>
+      </healthchecks>
+      <acls/>
+      <actions/>
+      <luas/>
+      <fcgis/>
+      <errorfiles/>
+      <mapfiles/>
+      <groups/>
+      <users/>
+      <cpus/>
+      <resolvers/>
+      <mailers/>
+      <maintenance>
+        <cronjobs>
+          <syncCerts>0</syncCerts>
+          <syncCertsCron/>
+          <updateOcsp>0</updateOcsp>
+          <updateOcspCron/>
+          <reloadService>0</reloadService>
+          <reloadServiceCron/>
+          <restartService>0</restartService>
+          <restartServiceCron/>
+        </cronjobs>
+      </maintenance>
+    </HAProxy>
+  </OPNsense>
+  <staticroutes version="1.0.0">
+    <route/>
+  </staticroutes>
+  <ca/>
+  <gateways>
+    <gateway_item/>
+  </gateways>
+  <cert>
+    <refid>6155aba4c9375</refid>
+    <descr>Web GUI TLS certificate</descr>
+    <crt>LtCg==</crt>
+    <prv>L22o=</prv>
+  </cert>
+  <dhcpdv6/>
+  <virtualip version="1.0.0">
+    <vip uuid="756c3b4a-f61a-4406-8776-383bc429a5b3">
+      <interface>wan</interface>
+      <mode>ipalias</mode>
+      <subnet>192.168.20.155</subnet>
+      <subnet_bits>32</subnet_bits>
+      <gateway>10.11.16.17</gateway>
+      <noexpand>0</noexpand>
+      <nobind>0</nobind>
+      <password/>
+      <vhid/>
+      <advbase>1</advbase>
+      <advskew>0</advskew>
+      <descr>virtual ip for service</descr>
+    </vip>
+  </virtualip>
+  <openvpn>
+    <openvpn-server/>
+    <openvpn-client/>
+  </openvpn>
+  <ppps>
+    <ppp>
+      <ptpid>0</ptpid>
+      <type>pppoe</type>
+      <if>pppoe0</if>
+      <ports>em0</ports>
+      <username>someuser@ppoeserver.com</username>
+      <password>5555555555AyNA==</password>
+    </ppp>
+  </ppps>
+  <dyndnses>
+    <dyndns>
+      <type>someddnsprovider</type>
+      <username/>
+      <password>5555555555ee479874398u1298e98u18</password>
+      <host>yourpublic.host.com</host>
+      <mx/>
+      <interface>wan</interface>
+      <zoneid/>
+      <resourceid/>
+      <ttl/>
+      <updateurl/>
+      <resultmatch/>
+      <requestif>wan</requestif>
+      <descr/>
+      <id>0</id>
+    </dyndns>
+  </dyndnses>
+  <vlans version="1.0.0">
+    <vlan/>
+  </vlans>
+  <bridges>
+    <bridged/>
+  </bridges>
+  <gifs>
+    <gif/>
+  </gifs>
+  <gres>
+    <gre/>
+  </gres>
+  <laggs version="1.0.0"/>
+  <wireless>
+    <clone/>
+  </wireless>
+  <hasync>
+    <synchronizealiases>on</synchronizealiases>
+    <synchronizeauthservers>on</synchronizeauthservers>
+    <synchronizecerts>on</synchronizecerts>
+    <synchronizedhcpd>on</synchronizedhcpd>
+    <synchronizenat>on</synchronizenat>
+    <synchronizerules>on</synchronizerules>
+    <synchronizeschedules>on</synchronizeschedules>
+    <synchronizestaticroutes>on</synchronizestaticroutes>
+    <synchronizeusers>on</synchronizeusers>
+    <synchronizevirtualip>on</synchronizevirtualip>
+    <synchronizewidgets>on</synchronizewidgets>
+    <synchronizedhcrelay>on</synchronizedhcrelay>
+    <synchronizedhcpdv6>on</synchronizedhcpdv6>
+    <synchronizedhcrelay6>on</synchronizedhcrelay6>
+    <synchronizentpd>on</synchronizentpd>
+    <synchronizesyslog>on</synchronizesyslog>
+    <synchronizecron>on</synchronizecron>
+    <synchronizesysctl>on</synchronizesysctl>
+    <synchronizewebgui>on</synchronizewebgui>
+    <synchronizednsforwarder>on</synchronizednsforwarder>
+    <synchronizeshaper>on</synchronizeshaper>
+    <synchronizecaptiveportal>on</synchronizecaptiveportal>
+    <synchronizeipsec>on</synchronizeipsec>
+    <synchronizemonit>on</synchronizemonit>
+    <synchronizessh>on</synchronizessh>
+    <synchronizeopenvpn>on</synchronizeopenvpn>
+    <synchronizeifgroups>on</synchronizeifgroups>
+    <synchronizecategories>on</synchronizecategories>
+    <synchronizelvtemplate>on</synchronizelvtemplate>
+    <synchronizesquid>on</synchronizesquid>
+    <synchronizesuricata>on</synchronizesuricata>
+    <synchronizednsresolver>on</synchronizednsresolver>
+    <pfsyncinterface>opt1</pfsyncinterface>
+    <synchronizetoip>10.10.5.2</synchronizetoip>
+    <username>root</username>
+    <password>555555555</password>
+    <pfsyncenabled>on</pfsyncenabled>
+    <disablepreempt>on</disablepreempt>
+    <disconnectppps>on</disconnectppps>
+  </hasync>
+  <ifgroups version="1.0.0"/>
+</opnsense>