steini/Opnsense
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Opnsense/config.xml

1954 lines
65 KiB
XML
Raw Blame History

<?xml version="1.0"?>
<opnsense>
<theme>opnsense</theme>
<sysctl version="1.0.1">
<item uuid="3e6aaa97-52d5-4c00-abaf-9c571b1c128a">
<tunable>vfs.read_max</tunable>
<value/>
<descr>Increase UFS read-ahead speeds to match the state of hard drives and NCQ.</descr>
</item>
<item uuid="ae8d1d50-dc6d-49ce-9772-219a08816731">
<tunable>net.inet.ip.portrange.first</tunable>
<value/>
<descr>Set the ephemeral port range to be lower.</descr>
</item>
<item uuid="e0cb18b9-4029-41d0-a327-2e12ea7e02d8">
<tunable>net.inet.tcp.blackhole</tunable>
<value/>
<descr>Drop packets to closed TCP ports without returning a RST</descr>
</item>
<item uuid="56718c77-8222-46c7-97aa-216cfe68a73b">
<tunable>net.inet.udp.blackhole</tunable>
<value/>
<descr>Do not send ICMP port unreachable messages for closed UDP ports</descr>
</item>
<item uuid="1de7ad00-090f-4ce2-81ff-0650b0857a5d">
<tunable>net.inet.ip.random_id</tunable>
<value/>
<descr>Randomize the ID field in IP packets</descr>
</item>
<item uuid="79ce9844-d41c-4dff-adb5-f8ae3a0bcbdc">
<tunable>net.inet.ip.sourceroute</tunable>
<value/>
<descr>
Source routing is another way for an attacker to try to reach non-routable addresses behind your box.
It can also be used to probe for information about your internal networks. These functions come enabled
as part of the standard FreeBSD core system.
</descr>
</item>
<item uuid="7c341be1-a50b-4fb3-9321-cbfee546c372">
<tunable>net.inet.ip.accept_sourceroute</tunable>
<value/>
<descr>
Source routing is another way for an attacker to try to reach non-routable addresses behind your box.
It can also be used to probe for information about your internal networks. These functions come enabled
as part of the standard FreeBSD core system.
</descr>
</item>
<item uuid="7bfbc692-e8b4-46fa-96f5-eb21883e7297">
<tunable>net.inet.icmp.log_redirect</tunable>
<value/>
<descr>
This option turns off the logging of redirect packets because there is no limit and this could fill
up your logs consuming your whole hard drive.
</descr>
</item>
<item uuid="14a58970-1cfc-43f3-a7f8-c2ce13fdb617">
<tunable>net.inet.tcp.drop_synfin</tunable>
<value/>
<descr>Drop SYN-FIN packets (breaks RFC1379, but nobody uses it anyway)</descr>
</item>
<item uuid="189b1f7b-6097-4e25-9976-c8d3a65ff489">
<tunable>net.inet6.ip6.redirect</tunable>
<value/>
<descr>Enable sending IPv6 redirects</descr>
</item>
<item uuid="c3a10277-b4ec-4b75-9550-a0378c4d2bb4">
<tunable>net.inet6.ip6.use_tempaddr</tunable>
<value/>
<descr>Enable privacy settings for IPv6 (RFC 4941)</descr>
</item>
<item uuid="799d08de-e567-413b-abb0-42cecf7fa784">
<tunable>net.inet6.ip6.prefer_tempaddr</tunable>
<value/>
<descr>Prefer privacy addresses and use them over the normal addresses</descr>
</item>
<item uuid="34c2769b-287a-4ca0-9ffd-4f33718a45b7">
<tunable>net.inet.tcp.syncookies</tunable>
<value/>
<descr>Generate SYN cookies for outbound SYN-ACK packets</descr>
</item>
<item uuid="b11f856f-ef08-4a2a-a00e-9ade0b8f6046">
<tunable>net.inet.tcp.recvspace</tunable>
<value/>
<descr>Maximum incoming/outgoing TCP datagram size (receive)</descr>
</item>
<item uuid="63523e71-e760-4bff-93d1-342e255eb199">
<tunable>net.inet.tcp.sendspace</tunable>
<value/>
<descr>Maximum incoming/outgoing TCP datagram size (send)</descr>
</item>
<item uuid="8346d8e1-f503-4051-8a6a-434690856edc">
<tunable>net.inet.tcp.delayed_ack</tunable>
<value/>
<descr>Do not delay ACK to try and piggyback it onto a data packet</descr>
</item>
<item uuid="66722d67-259b-40e2-93cb-61ced4cf79cb">
<tunable>net.inet.udp.maxdgram</tunable>
<value/>
<descr>Maximum outgoing UDP datagram size</descr>
</item>
<item uuid="7ae77c54-1693-45dd-82ac-9a5d9bf6e515">
<tunable>net.link.bridge.pfil_onlyip</tunable>
<value/>
<descr>Handling of non-IP packets which are not passed to pfil (see if_bridge(4))</descr>
</item>
<item uuid="91a783d4-817b-4ace-9700-65356a82072b">
<tunable>net.link.bridge.pfil_local_phys</tunable>
<value/>
<descr>Set to 1 to additionally filter on the physical interface for locally destined packets</descr>
</item>
<item uuid="1fc3262a-960b-4f49-b201-edd77a1e2b31">
<tunable>net.link.bridge.pfil_member</tunable>
<value/>
<descr>Set to 0 to disable filtering on the incoming and outgoing member interfaces.</descr>
</item>
<item uuid="174014af-fc1f-4688-8bcb-13225678595e">
<tunable>net.link.bridge.pfil_bridge</tunable>
<value/>
<descr>Set to 1 to enable filtering on the bridge interface</descr>
</item>
<item uuid="154c3822-97de-424c-beb0-fd4245d9a6c2">
<tunable>net.link.tap.user_open</tunable>
<value/>
<descr>Allow unprivileged access to tap(4) device nodes</descr>
</item>
<item uuid="e5bddcc7-0035-4a1d-b460-d2eba1a95452">
<tunable>kern.randompid</tunable>
<value/>
<descr>Randomize PID's (see src/sys/kern/kern_fork.c: sysctl_kern_randompid())</descr>
</item>
<item uuid="5661389c-894a-4fd4-a679-fbbbc0de2b31">
<tunable>hw.syscons.kbd_reboot</tunable>
<value/>
<descr>Disable CTRL+ALT+Delete reboot from keyboard.</descr>
</item>
<item uuid="b30dfecf-6bcb-42ff-8083-f57ee708007f">
<tunable>net.inet.tcp.log_debug</tunable>
<value/>
<descr>Enable TCP extended debugging</descr>
</item>
<item uuid="f9354f0f-0a41-4b18-b555-e8a21340f18f">
<tunable>net.inet.icmp.icmplim</tunable>
<value/>
<descr>Set ICMP Limits</descr>
</item>
<item uuid="abd3bf28-643c-4461-a79f-da011acd5b0f">
<tunable>net.inet.tcp.tso</tunable>
<value/>
<descr>TCP Offload Engine</descr>
</item>
<item uuid="e76f5d08-35ee-4419-89f1-7ff2c05f59c5">
<tunable>net.inet.udp.checksum</tunable>
<value/>
<descr>UDP Checksums</descr>
</item>
<item uuid="2db68529-e007-464f-91bf-c83630e777d4">
<tunable>kern.ipc.maxsockbuf</tunable>
<value/>
<descr>Maximum socket buffer size</descr>
</item>
<item uuid="ea141674-53d8-4ec1-a579-6a787047e744">
<tunable>vm.pmap.pti</tunable>
<value/>
<descr>Page Table Isolation (Meltdown mitigation, requires reboot.)</descr>
</item>
<item uuid="e8fcbef7-703d-4b40-9caf-f4fb9297e4fe">
<tunable>hw.ibrs_disable</tunable>
<value/>
<descr>Disable Indirect Branch Restricted Speculation (Spectre V2 mitigation)</descr>
</item>
<item uuid="8d9f827c-1873-4b1d-b243-4d68b70377ca">
<tunable>security.bsd.see_other_gids</tunable>
<value/>
<descr>Hide processes running as other groups</descr>
</item>
<item uuid="231d927d-5270-4752-bb23-bfe9d7f9f978">
<tunable>security.bsd.see_other_uids</tunable>
<value/>
<descr>Hide processes running as other users</descr>
</item>
<item uuid="128fb208-8e18-4c7d-8647-dbb14e6874ee">
<tunable>net.inet.ip.redirect</tunable>
<value/>
<descr>Enable/disable sending of ICMP redirects in response to IP packets for which a better,
and for the sender directly reachable, route and next hop is known.
</descr>
</item>
<item uuid="1d872b5b-26ba-48d4-ba7b-13ab223555cf">
<tunable>net.inet.icmp.drop_redirect</tunable>
<value>1</value>
<descr>
Redirect attacks are the purposeful mass-issuing of ICMP type 5 packets. In a normal network, redirects
to the end stations should not be required. This option enables the NIC to drop all inbound ICMP redirect
packets without returning a response.
</descr>
</item>
<item uuid="8e0b3bbf-56b2-4a1b-9326-cbd8fa5804ad">
<tunable>net.local.dgram.maxdgram</tunable>
<value/>
<descr>Maximum outgoing UDP datagram size</descr>
</item>
</sysctl>
<system>
<optimization>normal</optimization>
<hostname>OPNsense</hostname>
<domain>localdomain</domain>
<dnsallowoverride>1</dnsallowoverride>
<group uuid="6638cd79-dba3-41ef-adaf-f71ad552c7ce">
<gid>1999</gid>
<name>admins</name>
<scope>system</scope>
<description>System Administrators</description>
<priv>page-all</priv>
<member>0</member>
</group>
<user uuid="fa6a80c6-0ff6-4b00-9b75-1b2ee49f962f">
<uid>0</uid>
<name>root</name>
<disabled>0</disabled>
<scope>system</scope>
<expires/>
<authorizedkeys/>
<otp_seed/>
<shell/>
<password>$2y$11$F5yOtLTn8aI21fKZTdsnueJjedH0PXTTPpD89Ha6ps3VfC/Ixgojq</password>
<landing_page/>
<comment/>
<email/>
<apikeys/>
<priv/>
<language/>
<descr>System Administrator</descr>
<dashboard/>
</user>
<nextuid>2000</nextuid>
<nextgid>2000</nextgid>
<timezone>Europe/Berlin</timezone>
<timeservers>0.opnsense.pool.ntp.org 1.opnsense.pool.ntp.org 2.opnsense.pool.ntp.org 3.opnsense.pool.ntp.org</timeservers>
<webgui>
<protocol>https</protocol>
<ssl-certref>65fda728512c3</ssl-certref>
<port/>
<ssl-ciphers/>
<interfaces/>
<compression/>
</webgui>
<disablenatreflection>yes</disablenatreflection>
<usevirtualterminal>1</usevirtualterminal>
<disableconsolemenu>1</disableconsolemenu>
<disablevlanhwfilter>1</disablevlanhwfilter>
<disablechecksumoffloading>1</disablechecksumoffloading>
<disablesegmentationoffloading>1</disablesegmentationoffloading>
<disablelargereceiveoffloading>1</disablelargereceiveoffloading>
<powerd_ac_mode>hadp</powerd_ac_mode>
<powerd_battery_mode>hadp</powerd_battery_mode>
<powerd_normal_mode>hadp</powerd_normal_mode>
<bogons>
<interval>monthly</interval>
</bogons>
<pf_share_forward>1</pf_share_forward>
<lb_use_sticky>1</lb_use_sticky>
<ssh>
<group>admins</group>
<noauto>1</noauto>
<interfaces/>
<kex/>
<ciphers/>
<macs/>
<keys/>
<keysig/>
<rekeylimit/>
<enabled>enabled</enabled>
</ssh>
<rrdbackup>-1</rrdbackup>
<netflowbackup>-1</netflowbackup>
<firmware version="1.0.1">
<mirror/>
<flavour/>
<plugins>os-adguardhome-maxit,os-ddclient,os-git-backup</plugins>
<type/>
<subscription/>
<reboot/>
</firmware>
<language>de_DE</language>
<serialspeed>115200</serialspeed>
<primaryconsole>serial</primaryconsole>
<secondaryconsole>video</secondaryconsole>
<maximumstates/>
<maximumfrags/>
<aliasesresolveinterval/>
<maximumtableentries/>
<pfdebug>urgent</pfdebug>
<ipv6allow>1</ipv6allow>
<dnsallowoverride_exclude/>
<dnsserver/>
<dns1gw>none</dns1gw>
<dns2gw>none</dns2gw>
<dns3gw>none</dns3gw>
<dns4gw>none</dns4gw>
<dns5gw>none</dns5gw>
<dns6gw>none</dns6gw>
<dns7gw>none</dns7gw>
<dns8gw>none</dns8gw>
<pf_disable_force_gw>1</pf_disable_force_gw>
<backup>
<git version="1.0.0">
<enabled>1</enabled>
<url>https://git.steini12.ddnss.de/steini/Opnsense.git</url>
<branch>master</branch>
<privkey/>
<user>steini</user>
<password>$teini1972@git</password>
</git>
</backup>
</system>
<interfaces>
<wan>
<if>igc0</if>
<descr>WAN</descr>
<enable>1</enable>
<spoofmac/>
<ipaddr>dhcp</ipaddr>
<dhcphostname/>
<alias-address/>
<alias-subnet>32</alias-subnet>
<dhcprejectfrom/>
<adv_dhcp_pt_timeout/>
<adv_dhcp_pt_retry/>
<adv_dhcp_pt_select_timeout/>
<adv_dhcp_pt_reboot/>
<adv_dhcp_pt_backoff_cutoff/>
<adv_dhcp_pt_initial_interval/>
<adv_dhcp_pt_values>SavedCfg</adv_dhcp_pt_values>
<adv_dhcp_send_options/>
<adv_dhcp_request_options/>
<adv_dhcp_required_options/>
<adv_dhcp_option_modifiers/>
<adv_dhcp_config_advanced/>
<adv_dhcp_config_file_override/>
<adv_dhcp_config_file_override_path/>
</wan>
<lan>
<enable>1</enable>
<if>igc3</if>
<ipaddr>192.168.1.1</ipaddr>
<subnet>24</subnet>
<ipaddrv6>track6</ipaddrv6>
<subnetv6>64</subnetv6>
<media/>
<mediaopt/>
<track6-interface>wan</track6-interface>
<track6-prefix-id>0</track6-prefix-id>
<descr>LAN</descr>
</lan>
<lo0>
<internal_dynamic>1</internal_dynamic>
<descr>Loopback</descr>
<enable>1</enable>
<if>lo0</if>
<ipaddr>127.0.0.1</ipaddr>
<ipaddrv6>::1</ipaddrv6>
<subnet>8</subnet>
<subnetv6>128</subnetv6>
<type>none</type>
<virtual>1</virtual>
</lo0>
<opt1>
<if>igc1</if>
<descr>WAN2</descr>
<enable>1</enable>
<spoofmac/>
<ipaddr>dhcp</ipaddr>
<dhcphostname/>
<alias-address/>
<alias-subnet>32</alias-subnet>
<dhcprejectfrom/>
<adv_dhcp_pt_timeout/>
<adv_dhcp_pt_retry/>
<adv_dhcp_pt_select_timeout/>
<adv_dhcp_pt_reboot/>
<adv_dhcp_pt_backoff_cutoff/>
<adv_dhcp_pt_initial_interval/>
<adv_dhcp_pt_values>SavedCfg</adv_dhcp_pt_values>
<adv_dhcp_send_options/>
<adv_dhcp_request_options/>
<adv_dhcp_required_options/>
<adv_dhcp_option_modifiers/>
<adv_dhcp_config_advanced/>
<adv_dhcp_config_file_override/>
<adv_dhcp_config_file_override_path/>
</opt1>
<opt2>
<if>igc2</if>
<descr>LAN2</descr>
<enable>1</enable>
<spoofmac/>
<ipaddr>192.168.201.1</ipaddr>
<subnet>24</subnet>
</opt2>
<opt3>
<if>vlan0.10</if>
<descr>Buero</descr>
<enable>1</enable>
<lock>1</lock>
<spoofmac/>
<ipaddr>192.168.10.1</ipaddr>
<subnet>24</subnet>
</opt3>
<opt4>
<if>vlan0.50</if>
<descr>Steini</descr>
<enable>1</enable>
<spoofmac/>
<ipaddr>192.168.50.1</ipaddr>
<subnet>24</subnet>
</opt4>
<opt5>
<if>vlan0.2</if>
<descr>Bruecke</descr>
<enable>1</enable>
<spoofmac/>
<ipaddr>10.10.10.1</ipaddr>
<subnet>24</subnet>
</opt5>
<opt6>
<if>wg0</if>
<descr>MobileClients</descr>
<enable>1</enable>
<spoofmac/>
<mss>1300</mss>
</opt6>
<wireguard>
<internal_dynamic>1</internal_dynamic>
<descr>WireGuard (Gruppe)</descr>
<if>wireguard</if>
<virtual>1</virtual>
<enable>1</enable>
<type>group</type>
<networks/>
</wireguard>
</interfaces>
<dhcpd>
<lan>
<enable/>
<range>
<from>192.168.1.10</from>
<to>192.168.1.245</to>
</range>
</lan>
<opt3>
<enable>1</enable>
<ddnsdomainalgorithm>hmac-md5</ddnsdomainalgorithm>
<numberoptions>
<item/>
</numberoptions>
<range>
<from>192.168.10.10</from>
<to>192.168.10.200</to>
</range>
<winsserver/>
<dnsserver/>
<ntpserver/>
</opt3>
<opt4>
<enable>1</enable>
<ddnsdomainalgorithm>hmac-md5</ddnsdomainalgorithm>
<numberoptions>
<item/>
</numberoptions>
<range>
<from>192.168.50.20</from>
<to>192.168.50.200</to>
</range>
<winsserver/>
<dnsserver/>
<ntpserver/>
</opt4>
<opt5>
<enable>1</enable>
<ddnsdomainalgorithm>hmac-md5</ddnsdomainalgorithm>
<numberoptions>
<item/>
</numberoptions>
<range>
<from>10.10.10.2</from>
<to>10.10.10.100</to>
</range>
<winsserver/>
<dnsserver/>
<ntpserver/>
<staticmap>
<mac>00:f4:21:68:3f:71</mac>
<ipaddr>10.10.10.6</ipaddr>
<hostname>OPNsense</hostname>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
</opt5>
<opt2>
<enable>1</enable>
<ddnsdomainalgorithm>hmac-md5</ddnsdomainalgorithm>
<numberoptions>
<item/>
</numberoptions>
<range>
<from>192.168.201.10</from>
<to>192.168.201.100</to>
</range>
<winsserver/>
<dnsserver/>
<ntpserver/>
</opt2>
</dhcpd>
<snmpd>
<syslocation/>
<syscontact/>
<rocommunity>public</rocommunity>
</snmpd>
<nat>
<outbound>
<mode>hybrid</mode>
<rule>
<source>
<network>any</network>
</source>
<destination>
<any>1</any>
</destination>
<descr/>
<category/>
<interface>opt5</interface>
<tag/>
<tagged/>
<poolopts/>
<poolopts_sourcehashkey/>
<ipprotocol>inet</ipprotocol>
<target/>
<targetip_subnet>0</targetip_subnet>
<sourceport/>
<updated>
<username>root@192.168.50.82</username>
<time>1713375310.6635</time>
<description>/firewall_nat_out_edit.php made changes</description>
</updated>
<created>
<username>root@192.168.50.82</username>
<time>1713375310.6635</time>
<description>/firewall_nat_out_edit.php made changes</description>
</created>
<disabled>1</disabled>
</rule>
<rule>
<source>
<network>wireguard</network>
</source>
<destination>
<any>1</any>
</destination>
<descr/>
<category/>
<interface>wan</interface>
<tag/>
<tagged/>
<poolopts/>
<poolopts_sourcehashkey/>
<ipprotocol>inet</ipprotocol>
<target/>
<targetip_subnet>0</targetip_subnet>
<sourceport/>
<updated>
<username>root@192.168.50.82</username>
<time>1732827618.4489</time>
<description>/firewall_nat_out_edit.php made changes</description>
</updated>
<created>
<username>root@192.168.50.82</username>
<time>1732827618.4489</time>
<description>/firewall_nat_out_edit.php made changes</description>
</created>
<disabled>1</disabled>
</rule>
</outbound>
<rule>
<protocol>tcp</protocol>
<interface>wan</interface>
<category/>
<ipprotocol>inet</ipprotocol>
<descr/>
<tag/>
<tagged/>
<poolopts/>
<associated-rule-id>nat_66096249452fb6.41739810</associated-rule-id>
<target>192.168.50.101</target>
<local-port>Server_Keller</local-port>
<source>
<any>1</any>
</source>
<destination>
<network>wanip</network>
<port>Server_Keller</port>
</destination>
<updated>
<username>root@192.168.50.82</username>
<time>1713379859.521</time>
<description>/firewall_nat_edit.php made changes</description>
</updated>
<created>
<username>root@192.168.50.82</username>
<time>1711891017.2834</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
<rule>
<protocol>udp</protocol>
<interface>wan</interface>
<category/>
<ipprotocol>inet</ipprotocol>
<descr/>
<tag/>
<tagged/>
<poolopts/>
<associated-rule-id>nat_66201a35577007.13363244</associated-rule-id>
<target>192.168.50.101</target>
<local-port>WG_UDP</local-port>
<source>
<any>1</any>
</source>
<destination>
<network>wanip</network>
<port>WG_UDP</port>
</destination>
<updated>
<username>root@192.168.50.82</username>
<time>1713380185.5268</time>
<description>/firewall_nat_edit.php made changes</description>
</updated>
<created>
<username>root@192.168.50.82</username>
<time>1713379893.3582</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
</nat>
<filter>
<rule uuid="c0264820-c71b-4c3d-b815-2fdd5f21939b">
<associated-rule-id>nat_66096249452fb6.41739810</associated-rule-id>
<source>
<any>1</any>
</source>
<interface>wan</interface>
<statetype>keep state</statetype>
<protocol>tcp</protocol>
<ipprotocol>inet</ipprotocol>
<destination>
<address>192.168.50.101</address>
<port>Server_Keller</port>
</destination>
<descr/>
<category/>
<created>
<username>root@192.168.50.82</username>
<time>1711891017.2834</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
<rule uuid="636ac810-e7b2-40a4-8a4f-5f3c2e4ce0e3">
<type>pass</type>
<interface>wan</interface>
<ipprotocol>inet</ipprotocol>
<statetype>keep state</statetype>
<direction>in</direction>
<quick>1</quick>
<source>
<any>1</any>
</source>
<destination>
<any>1</any>
</destination>
<updated>
<username>root@192.168.1.100</username>
<time>1711134940.6336</time>
<description>/firewall_rules_edit.php made changes</description>
</updated>
<created>
<username>root@192.168.1.100</username>
<time>1711134940.6336</time>
<description>/firewall_rules_edit.php made changes</description>
</created>
<log>1</log>
</rule>
<rule uuid="27a7af0a-e124-40b0-9bd5-36b37735f428">
<type>pass</type>
<interface>wan</interface>
<ipprotocol>inet</ipprotocol>
<statetype>keep state</statetype>
<direction>in</direction>
<quick>1</quick>
<protocol>udp</protocol>
<source>
<any>1</any>
</source>
<destination>
<network>wanip</network>
<port>51888</port>
</destination>
<updated>
<username>root@192.168.50.82</username>
<time>1732826769.8078</time>
<description>/firewall_rules_edit.php made changes</description>
</updated>
<created>
<username>root@192.168.50.82</username>
<time>1732826685.6932</time>
<description>/firewall_rules_edit.php made changes</description>
</created>
<log>1</log>
</rule>
<rule uuid="970e6207-df41-417f-82d6-f3a6c0ad4f71">
<associated-rule-id>nat_66201a35577007.13363244</associated-rule-id>
<source>
<any>1</any>
</source>
<interface>wan</interface>
<statetype>keep state</statetype>
<protocol>udp</protocol>
<ipprotocol>inet</ipprotocol>
<destination>
<address>192.168.50.101</address>
<port>WG_UDP</port>
</destination>
<descr/>
<category/>
<created>
<username>root@192.168.50.82</username>
<time>1713379893.3582</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
<rule uuid="27c09585-4bed-4a22-ac6c-af76a00c7660">
<type>pass</type>
<ipprotocol>inet</ipprotocol>
<descr>Default allow LAN to any rule</descr>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
</destination>
</rule>
<rule uuid="35a0bf64-38c7-4119-b56b-3cb3f67b5f90">
<type>pass</type>
<ipprotocol>inet6</ipprotocol>
<descr>Default allow LAN IPv6 to any rule</descr>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
</destination>
</rule>
<rule uuid="25ea84a0-13c5-4ae1-830f-fd70a5b999fe">
<type>pass</type>
<interface>opt2</interface>
<ipprotocol>inet</ipprotocol>
<statetype>keep state</statetype>
<direction>in</direction>
<quick>1</quick>
<source>
<any>1</any>
</source>
<destination>
<any>1</any>
</destination>
<updated>
<username>root@192.168.1.100</username>
<time>1711138132.316</time>
<description>/firewall_rules_edit.php made changes</description>
</updated>
<created>
<username>root@192.168.1.100</username>
<time>1711138132.316</time>
<description>/firewall_rules_edit.php made changes</description>
</created>
</rule>
<rule uuid="dbb16a82-f864-4cc3-bea2-246d82c8b98c">
<type>pass</type>
<interface>opt3</interface>
<ipprotocol>inet</ipprotocol>
<statetype>keep state</statetype>
<direction>in</direction>
<quick>1</quick>
<source>
<any>1</any>
</source>
<destination>
<any>1</any>
</destination>
<updated>
<username>root@192.168.1.100</username>
<time>1711134905.0099</time>
<description>/firewall_rules_edit.php made changes</description>
</updated>
<created>
<username>root@192.168.1.100</username>
<time>1711134905.0099</time>
<description>/firewall_rules_edit.php made changes</description>
</created>
<log>1</log>
</rule>
<rule uuid="fd2ed243-e5d8-4ab4-b79c-957e29a7aa74">
<type>pass</type>
<interface>opt4</interface>
<ipprotocol>inet</ipprotocol>
<statetype>keep state</statetype>
<direction>in</direction>
<quick>1</quick>
<source>
<network>opt4</network>
</source>
<destination>
<network>(self)</network>
</destination>
<updated>
<username>root@192.168.50.82</username>
<time>1732823791.3852</time>
<description>/firewall_rules_edit.php made changes</description>
</updated>
<created>
<username>root@192.168.50.82</username>
<time>1732823791.3852</time>
<description>/firewall_rules_edit.php made changes</description>
</created>
<log>1</log>
</rule>
<rule uuid="f94fd877-0edf-4c5e-924b-34352a4a8c1c">
<type>pass</type>
<interface>opt4</interface>
<ipprotocol>inet</ipprotocol>
<statetype>keep state</statetype>
<gateway>WAN2_DHCP</gateway>
<direction>in</direction>
<quick>1</quick>
<source>
<address>192.168.50.82</address>
</source>
<destination>
<address>RF</address>
<not>1</not>
</destination>
<updated>
<username>root@192.168.50.82</username>
<time>1732823752.5744</time>
<description>/firewall_rules_edit.php made changes</description>
</updated>
<created>
<username>root@192.168.50.82</username>
<time>1713378869.8097</time>
<description>/firewall_rules_edit.php made changes</description>
</created>
<disabled>1</disabled>
</rule>
<rule uuid="05737e36-2a5e-4089-b064-edcb8cebb454">
<type>pass</type>
<interface>opt4</interface>
<ipprotocol>inet</ipprotocol>
<statetype>keep state</statetype>
<direction>in</direction>
<quick>1</quick>
<source>
<any>1</any>
</source>
<destination>
<any>1</any>
</destination>
<updated>
<username>root@192.168.1.100</username>
<time>1711134916.6035</time>
<description>/firewall_rules_edit.php made changes</description>
</updated>
<created>
<username>root@192.168.1.100</username>
<time>1711134916.6035</time>
<description>/firewall_rules_edit.php made changes</description>
</created>
<log>1</log>
</rule>
<rule uuid="62d15d60-0657-4a99-bfeb-a1a5646cfc07">
<type>reject</type>
<interface>opt5</interface>
<ipprotocol>inet</ipprotocol>
<statetype>keep state</statetype>
<direction>in</direction>
<quick>1</quick>
<source>
<network>opt3</network>
</source>
<destination>
<any>1</any>
</destination>
<updated>
<username>root@10.10.10.6</username>
<time>1713417962.4404</time>
<description>/firewall_rules_edit.php made changes</description>
</updated>
<created>
<username>root@10.10.10.6</username>
<time>1713417962.4404</time>
<description>/firewall_rules_edit.php made changes</description>
</created>
</rule>
<rule uuid="146712f6-950b-4ed8-8154-742c5cbc7084">
<type>pass</type>
<interface>opt5</interface>
<ipprotocol>inet</ipprotocol>
<statetype>keep state</statetype>
<direction>in</direction>
<quick>1</quick>
<source>
<any>1</any>
</source>
<destination>
<any>1</any>
</destination>
<updated>
<username>root@192.168.50.82</username>
<time>1713374459.5231</time>
<description>/firewall_rules_edit.php made changes</description>
</updated>
<created>
<username>root@192.168.50.82</username>
<time>1713374459.5231</time>
<description>/firewall_rules_edit.php made changes</description>
</created>
</rule>
<rule uuid="441e0748-3957-4111-bf79-7ffe23ea05a3">
<type>pass</type>
<interface>opt6</interface>
<ipprotocol>inet</ipprotocol>
<statetype>keep state</statetype>
<direction>in</direction>
<quick>1</quick>
<source>
<any>1</any>
</source>
<destination>
<any>1</any>
</destination>
<updated>
<username>root@192.168.50.82</username>
<time>1732825524.9166</time>
<description>/firewall_rules_edit.php made changes</description>
</updated>
<created>
<username>root@192.168.50.82</username>
<time>1732825524.9166</time>
<description>/firewall_rules_edit.php made changes</description>
</created>
<log>1</log>
</rule>
</filter>
<rrd>
<enable/>
</rrd>
<load_balancer>
<monitor_type>
<name>ICMP</name>
<type>icmp</type>
<descr>ICMP</descr>
<options/>
</monitor_type>
<monitor_type>
<name>TCP</name>
<type>tcp</type>
<descr>Generic TCP</descr>
<options/>
</monitor_type>
<monitor_type>
<name>HTTP</name>
<type>http</type>
<descr>Generic HTTP</descr>
<options>
<path>/</path>
<host/>
<code>200</code>
</options>
</monitor_type>
<monitor_type>
<name>HTTPS</name>
<type>https</type>
<descr>Generic HTTPS</descr>
<options>
<path>/</path>
<host/>
<code>200</code>
</options>
</monitor_type>
<monitor_type>
<name>SMTP</name>
<type>send</type>
<descr>Generic SMTP</descr>
<options>
<send/>
<expect>220 *</expect>
</options>
</monitor_type>
</load_balancer>
<ntpd>
<prefer>0.opnsense.pool.ntp.org</prefer>
</ntpd>
<widgets>
<sequence>traffic_graphs-container:00000000-col3:show,system_information-container:00000001-col3:show,services_status-container:00000002-col4:hide,gateways-container:00000003-col4:show,interface_list-container:00000004-col4:show,thermal_sensors-container:00000005-col4:show,wireguard-container:00000006-col4:show,interface_statistics-container:00000007-col4:show</sequence>
<column_count>2</column_count>
<traffic_graphs_interfaces>wan,opt1</traffic_graphs_interfaces>
<interfacesstatisticsfilter>opt2</interfacesstatisticsfilter>
</widgets>
<revision>
<username>root@192.168.50.82</username>
<description>/api/adguardhome/general/set machte &#xC4;nderungen</description>
<time>1757861532.15</time>
</revision>
<OPNsense>
<wireguard>
<client version="1.0.0">
<clients>
<client uuid="de8b1c52-da7f-4997-b560-ba1e41def08f">
<enabled>1</enabled>
<name>Iphone</name>
<pubkey>KtQnq1p3Q/cpILxq7NRBosj0de8wORBCDElewYoNc18=</pubkey>
<psk/>
<tunneladdress>10.9.0.2/32</tunneladdress>
<serveraddress/>
<serverport/>
<keepalive>25</keepalive>
</client>
<client uuid="f2cec977-08ca-4d6d-ab6a-abb636da2777">
<enabled>1</enabled>
<name>Sven</name>
<pubkey>CL1zITckQCuVysIx7aC/xnF5Q3Q6nVbm1xy+klx102g=</pubkey>
<psk/>
<tunneladdress>10.9.0.3/32</tunneladdress>
<serveraddress/>
<serverport/>
<keepalive/>
</client>
<client uuid="552f0a94-2027-4b89-9560-e10b4f041f23">
<enabled>1</enabled>
<name>sven</name>
<pubkey>WSxVOBWE29aKCqrmkSz5bK3OGjn+vfrZ+Dfzw8Ub/DM=</pubkey>
<psk/>
<tunneladdress>10.9.0.4/32</tunneladdress>
<serveraddress/>
<serverport/>
<keepalive/>
</client>
</clients>
</client>
<general version="0.0.1">
<enabled>1</enabled>
</general>
<server version="1.0.0">
<servers>
<server uuid="009798c4-fb54-4e72-a790-3d66a8feb7cc">
<enabled>1</enabled>
<name>MobileClients</name>
<instance>0</instance>
<pubkey>TT+xJplbhdJ+p+QcyOxhnSBNgxm8gCIoT8NTeMt0EwU=</pubkey>
<privkey>MOQxv6uu6PJOoDHXgQD7Jfgs1XTn8QUJ6u8KKtw6dlQ=</privkey>
<port>51888</port>
<mtu/>
<dns/>
<tunneladdress>10.9.0.1/24</tunneladdress>
<disableroutes>0</disableroutes>
<gateway/>
<carp_depend_on/>
<peers>de8b1c52-da7f-4997-b560-ba1e41def08f,f2cec977-08ca-4d6d-ab6a-abb636da2777,552f0a94-2027-4b89-9560-e10b4f041f23</peers>
<endpoint>steini12.ddnss.de:51888</endpoint>
<peer_dns>192.168.50.1</peer_dns>
</server>
</servers>
</server>
</wireguard>
<IPsec version="1.0.5" persisted_at="1757722956.31">
<general>
<enabled/>
<preferred_oldsa>0</preferred_oldsa>
<disablevpnrules>0</disablevpnrules>
<passthrough_networks/>
<user_source/>
<local_group/>
</general>
<charon>
<max_ikev1_exchanges/>
<threads>16</threads>
<ikesa_table_size>32</ikesa_table_size>
<ikesa_table_segments>4</ikesa_table_segments>
<init_limit_half_open>1000</init_limit_half_open>
<ignore_acquire_ts>1</ignore_acquire_ts>
<install_routes>0</install_routes>
<cisco_unity>0</cisco_unity>
<make_before_break>0</make_before_break>
<retransmit_tries/>
<retransmit_timeout/>
<retransmit_base/>
<retransmit_jitter/>
<retransmit_limit/>
<syslog>
<daemon>
<ike_name>1</ike_name>
<log_level>0</log_level>
<app>1</app>
<asn>1</asn>
<cfg>1</cfg>
<chd>1</chd>
<dmn>1</dmn>
<enc>1</enc>
<esp>1</esp>
<ike>1</ike>
<imc>1</imc>
<imv>1</imv>
<job>1</job>
<knl>1</knl>
<lib>1</lib>
<mgr>1</mgr>
<net>1</net>
<pts>1</pts>
<tls>1</tls>
<tnc>1</tnc>
</daemon>
</syslog>
<plugins>
<attr>
<subnet/>
<split-include/>
<x_28674/>
<x_28675/>
<x_28672/>
<x_28673>0</x_28673>
<x_28679/>
<dns/>
<nbns/>
</attr>
<eap-radius>
<servers/>
<accounting>0</accounting>
<class_group>0</class_group>
</eap-radius>
<xauth-pam>
<pam_service>ipsec</pam_service>
<session>0</session>
<trim_email>1</trim_email>
</xauth-pam>
</plugins>
</charon>
<keyPairs/>
<preSharedKeys/>
</IPsec>
<Swanctl version="1.0.0">
<Connections/>
<locals/>
<remotes/>
<children/>
<Pools/>
<VTIs/>
<SPDs/>
</Swanctl>
<OpenVPNExport version="0.0.1">
<servers/>
</OpenVPNExport>
<OpenVPN version="1.0.1">
<Overwrites/>
<Instances/>
<StaticKeys/>
</OpenVPN>
<captiveportal version="1.0.4">
<zones/>
<templates/>
</captiveportal>
<cron version="1.0.4">
<jobs>
<job uuid="a64b1a9d-3dd0-4af7-84aa-a910eab6ab1f">
<origin>cron</origin>
<enabled>1</enabled>
<minutes>0</minutes>
<hours>2</hours>
<days>*</days>
<months>*</months>
<weekdays>*</weekdays>
<who>root</who>
<command>firmware poll</command>
<parameters/>
<description>Firmware Update check</description>
</job>
<job uuid="3685acf8-370d-4fcd-a378-103fda413e45">
<origin>cron</origin>
<enabled>1</enabled>
<minutes>15</minutes>
<hours>2</hours>
<days>*</days>
<months>*</months>
<weekdays>6</weekdays>
<who>root</who>
<command>firmware auto-update</command>
<parameters/>
<description>Firmwareupdate</description>
</job>
<job uuid="d0e336c9-d3e8-4465-a60a-491fa5fed555">
<origin>cron</origin>
<enabled>1</enabled>
<minutes>0</minutes>
<hours>20</hours>
<days>*</days>
<months>*</months>
<weekdays>*</weekdays>
<who>root</who>
<command>system remote backup</command>
<parameters/>
<description>Backup</description>
</job>
</jobs>
</cron>
<Firewall>
<Lvtemplate version="0.0.1">
<templates/>
</Lvtemplate>
<Alias version="1.0.1">
<geoip>
<url/>
</geoip>
<aliases>
<alias uuid="cf005531-812a-42c1-a01a-a7ca87650e22">
<enabled>1</enabled>
<name>Server_Keller</name>
<type>port</type>
<proto/>
<interface/>
<counters>0</counters>
<updatefreq/>
<content>80
443</content>
<categories/>
<description>Server_Keller</description>
</alias>
<alias uuid="d33c6f24-e93f-4f50-b077-e8731dda9266">
<enabled>1</enabled>
<name>WG_UDP</name>
<type>port</type>
<proto/>
<interface/>
<counters>0</counters>
<updatefreq/>
<content>51820</content>
<categories/>
<description>WG_UDP</description>
</alias>
<alias uuid="85456984-cb9c-4138-ab4e-0c7bbacd4155">
<enabled>1</enabled>
<name>RF</name>
<type>network</type>
<proto/>
<interface/>
<counters>0</counters>
<updatefreq/>
<content>192.168.50.0/24
192.168.10.0/24
192.168.0.0/24</content>
<categories/>
<description/>
</alias>
</aliases>
</Alias>
<Category version="1.0.0">
<categories/>
</Category>
<Filter version="1.0.4">
<rules/>
<snatrules/>
<npt/>
<onetoone/>
</Filter>
</Firewall>
<Netflow version="1.0.1">
<capture>
<interfaces/>
<egress_only/>
<version>v9</version>
<targets/>
</capture>
<collect>
<enable>0</enable>
</collect>
<activeTimeout>1800</activeTimeout>
<inactiveTimeout>15</inactiveTimeout>
</Netflow>
<IDS version="1.1.0">
<rules/>
<policies/>
<userDefinedRules/>
<files/>
<fileTags/>
<general>
<enabled>0</enabled>
<ips>0</ips>
<promisc>0</promisc>
<interfaces>wan</interfaces>
<homenet>192.168.0.0/16,10.0.0.0/8,172.16.0.0/12</homenet>
<defaultPacketSize/>
<UpdateCron/>
<AlertLogrotate>W0D23</AlertLogrotate>
<AlertSaveLogs>4</AlertSaveLogs>
<MPMAlgo/>
<detect>
<Profile/>
<toclient_groups/>
<toserver_groups/>
</detect>
<syslog>0</syslog>
<syslog_eve>0</syslog_eve>
<LogPayload>0</LogPayload>
<verbosity/>
<eveLog>
<http>
<enable>0</enable>
<extended>0</extended>
<dumpAllHeaders/>
</http>
<tls>
<enable>0</enable>
<extended>0</extended>
<sessionResumption>0</sessionResumption>
<custom/>
</tls>
</eveLog>
</general>
</IDS>
<Interfaces>
<loopbacks version="1.0.0"/>
<neighbors version="1.0.0"/>
<vxlans version="1.0.2"/>
</Interfaces>
<Kea>
<ctrl_agent version="0.0.1">
<general>
<enabled>0</enabled>
<http_host>127.0.0.1</http_host>
<http_port>8000</http_port>
</general>
</ctrl_agent>
<dhcp4 version="1.0.4" persisted_at="1756743930.02">
<general>
<enabled>0</enabled>
<manual_config>0</manual_config>
<interfaces/>
<valid_lifetime>4000</valid_lifetime>
<fwrules>1</fwrules>
<dhcp_socket_type>raw</dhcp_socket_type>
</general>
<ha>
<enabled>0</enabled>
<this_server_name/>
<max_unacked_clients>2</max_unacked_clients>
</ha>
<subnets/>
<reservations/>
<ha_peers/>
</dhcp4>
<dhcp6 version="1.0.0">
<general>
<enabled>0</enabled>
<manual_config>0</manual_config>
<interfaces/>
<valid_lifetime>4000</valid_lifetime>
<fwrules>1</fwrules>
</general>
<ha>
<enabled>0</enabled>
<this_server_name/>
<max_unacked_clients>2</max_unacked_clients>
</ha>
<subnets/>
<reservations/>
<pd_pools/>
<ha_peers/>
</dhcp6>
</Kea>
<monit version="1.0.14" persisted_at="1757722955.88">
<general>
<enabled>0</enabled>
<interval>120</interval>
<startdelay>120</startdelay>
<mailserver>127.0.0.1</mailserver>
<port>25</port>
<username/>
<password/>
<ssl>0</ssl>
<sslversion>auto</sslversion>
<sslverify>1</sslverify>
<logfile/>
<statefile/>
<eventqueuePath/>
<eventqueueSlots/>
<httpdEnabled>0</httpdEnabled>
<httpdUsername>root</httpdUsername>
<httpdPassword>Es1qpnWtrF33up9r7pewpRdSj</httpdPassword>
<httpdPort>2812</httpdPort>
<httpdAllow/>
<mmonitUrl/>
<mmonitTimeout>5</mmonitTimeout>
<mmonitRegisterCredentials>1</mmonitRegisterCredentials>
</general>
<alert uuid="a287397b-7db2-4dfb-8966-d718abdee40e">
<enabled>0</enabled>
<recipient>root@localhost.local</recipient>
<noton>0</noton>
<events/>
<format/>
<reminder/>
<description/>
</alert>
<service uuid="ace6ec69-a18c-40f3-aa5a-5e873d1ae514">
<enabled>1</enabled>
<name>$HOST</name>
<description/>
<type>system</type>
<pidfile/>
<match/>
<path/>
<timeout>300</timeout>
<starttimeout>30</starttimeout>
<address/>
<interface/>
<start/>
<stop/>
<tests>118792c7-270e-4c39-ab7f-14478485217c,b6402613-1e49-4ff7-86dd-e8444a248070,79ee91db-84b0-48fa-9a9c-5578c914a301,0d968211-9492-498e-9452-c6c27f4c7468</tests>
<depends/>
<polltime/>
</service>
<service uuid="df8ba512-da7f-4fc1-be84-d4c05da45df9">
<enabled>1</enabled>
<name>RootFs</name>
<description/>
<type>filesystem</type>
<pidfile/>
<match/>
<path>/</path>
<timeout>300</timeout>
<starttimeout>30</starttimeout>
<address/>
<interface/>
<start/>
<stop/>
<tests>e5d81bf1-1a2d-4f88-9ba0-123ae0a8651f</tests>
<depends/>
<polltime/>
</service>
<service uuid="7d643455-fe02-40ea-bbef-212b70c4240d">
<enabled>0</enabled>
<name>carp_status_change</name>
<description/>
<type>custom</type>
<pidfile/>
<match/>
<path>/usr/local/opnsense/scripts/monit/carp_status.php</path>
<timeout>300</timeout>
<starttimeout>30</starttimeout>
<address/>
<interface/>
<start/>
<stop/>
<tests>8bddf11e-a9eb-41b2-92ab-8c038cc9adaa</tests>
<depends/>
<polltime/>
</service>
<service uuid="2800f64f-0736-4d97-be17-9f50cbb0d58b">
<enabled>0</enabled>
<name>gateway_alert</name>
<description/>
<type>custom</type>
<pidfile/>
<match/>
<path>/usr/local/opnsense/scripts/monit/gateway_alert.php</path>
<timeout>300</timeout>
<starttimeout>30</starttimeout>
<address/>
<interface/>
<start/>
<stop/>
<tests>267d77f9-0124-499f-b80e-166c23b6ff54</tests>
<depends/>
<polltime/>
</service>
<test uuid="d4d39ee2-97af-4632-8575-aa3ed0adea08">
<name>Ping</name>
<type>NetworkPing</type>
<condition>failed ping</condition>
<action>alert</action>
<path/>
</test>
<test uuid="2f029411-8fa0-4da0-8b0c-09c91033929e">
<name>NetworkLink</name>
<type>NetworkInterface</type>
<condition>failed link</condition>
<action>alert</action>
<path/>
</test>
<test uuid="70bed688-32b9-4f59-b9a7-ed75be3cff38">
<name>NetworkSaturation</name>
<type>NetworkInterface</type>
<condition>saturation is greater than 75%</condition>
<action>alert</action>
<path/>
</test>
<test uuid="118792c7-270e-4c39-ab7f-14478485217c">
<name>MemoryUsage</name>
<type>SystemResource</type>
<condition>memory usage is greater than 75%</condition>
<action>alert</action>
<path/>
</test>
<test uuid="b6402613-1e49-4ff7-86dd-e8444a248070">
<name>CPUUsage</name>
<type>SystemResource</type>
<condition>cpu usage is greater than 75%</condition>
<action>alert</action>
<path/>
</test>
<test uuid="79ee91db-84b0-48fa-9a9c-5578c914a301">
<name>LoadAvg1</name>
<type>SystemResource</type>
<condition>loadavg (1min) is greater than 8</condition>
<action>alert</action>
<path/>
</test>
<test uuid="0d968211-9492-498e-9452-c6c27f4c7468">
<name>LoadAvg5</name>
<type>SystemResource</type>
<condition>loadavg (5min) is greater than 6</condition>
<action>alert</action>
<path/>
</test>
<test uuid="14f9f82b-e3c5-433b-a247-c819a8140a8c">
<name>LoadAvg15</name>
<type>SystemResource</type>
<condition>loadavg (15min) is greater than 4</condition>
<action>alert</action>
<path/>
</test>
<test uuid="e5d81bf1-1a2d-4f88-9ba0-123ae0a8651f">
<name>SpaceUsage</name>
<type>SpaceUsage</type>
<condition>space usage is greater than 75%</condition>
<action>alert</action>
<path/>
</test>
<test uuid="8bddf11e-a9eb-41b2-92ab-8c038cc9adaa">
<name>ChangedStatus</name>
<type>ProgramStatus</type>
<condition>changed status</condition>
<action>alert</action>
<path/>
</test>
<test uuid="267d77f9-0124-499f-b80e-166c23b6ff54">
<name>NonZeroStatus</name>
<type>ProgramStatus</type>
<condition>status != 0</condition>
<action>alert</action>
<path/>
</test>
</monit>
<Gateways version="1.0.0">
<gateway_item uuid="74c9241e-29c7-4128-b596-2211bbe54723">
<disabled>0</disabled>
<name>WAN_GW</name>
<descr>WAN Gateway</descr>
<interface>wan</interface>
<ipprotocol>inet</ipprotocol>
<gateway/>
<defaultgw>1</defaultgw>
<fargw>0</fargw>
<monitor_disable>0</monitor_disable>
<monitor_noroute>0</monitor_noroute>
<monitor>1.1.1.1</monitor>
<force_down>0</force_down>
<priority>250</priority>
<weight>1</weight>
<latencylow/>
<latencyhigh/>
<losslow/>
<losshigh/>
<interval/>
<time_period/>
<loss_interval/>
<data_length/>
</gateway_item>
<gateway_item uuid="83302fb3-99fb-457e-a666-80a8c589490b">
<disabled>0</disabled>
<name>Sven</name>
<descr/>
<interface>opt5</interface>
<ipprotocol>inet</ipprotocol>
<gateway>10.10.10.6</gateway>
<defaultgw>0</defaultgw>
<fargw>0</fargw>
<monitor_disable>1</monitor_disable>
<monitor_noroute>0</monitor_noroute>
<monitor/>
<force_down>0</force_down>
<priority>255</priority>
<weight>1</weight>
<latencylow/>
<latencyhigh/>
<losslow/>
<losshigh/>
<interval/>
<time_period/>
<loss_interval/>
<data_length/>
</gateway_item>
<gateway_item uuid="c96d17d4-26e5-48af-bee2-5301b38f83c6">
<disabled>0</disabled>
<name>WAN2_DHCP</name>
<descr>Interface WAN2_DHCP Gateway</descr>
<interface>opt1</interface>
<ipprotocol>inet</ipprotocol>
<gateway/>
<defaultgw>0</defaultgw>
<fargw>0</fargw>
<monitor_disable>0</monitor_disable>
<monitor_noroute>0</monitor_noroute>
<monitor>192.168.30.1</monitor>
<force_down>0</force_down>
<priority>255</priority>
<weight>1</weight>
<latencylow/>
<latencyhigh/>
<losslow/>
<losshigh/>
<interval/>
<time_period/>
<loss_interval/>
<data_length/>
</gateway_item>
</Gateways>
<Syslog version="1.0.2">
<general>
<enabled>1</enabled>
<loglocal>1</loglocal>
<maxpreserve>31</maxpreserve>
<maxfilesize>200</maxfilesize>
</general>
<destinations/>
</Syslog>
<TrafficShaper version="1.0.3">
<pipes/>
<queues/>
<rules/>
</TrafficShaper>
<unboundplus version="1.0.12">
<general>
<enabled>1</enabled>
<port>5353</port>
<stats/>
<active_interface/>
<dnssec>0</dnssec>
<dns64>0</dns64>
<dns64prefix/>
<noarecords>0</noarecords>
<regdhcp>0</regdhcp>
<regdhcpdomain/>
<regdhcpstatic>0</regdhcpstatic>
<noreglladdr6>0</noreglladdr6>
<noregrecords>0</noregrecords>
<txtsupport>0</txtsupport>
<cacheflush>0</cacheflush>
<local_zone_type>transparent</local_zone_type>
<outgoing_interface/>
<enable_wpad>0</enable_wpad>
</general>
<advanced>
<hideidentity/>
<hideversion/>
<prefetch/>
<prefetchkey/>
<dnssecstripped/>
<aggressivensec>1</aggressivensec>
<serveexpired/>
<serveexpiredreplyttl/>
<serveexpiredttl/>
<serveexpiredttlreset/>
<serveexpiredclienttimeout/>
<qnameminstrict/>
<extendedstatistics/>
<logqueries/>
<logreplies/>
<logtagqueryreply/>
<logservfail/>
<loglocalactions/>
<logverbosity>1</logverbosity>
<valloglevel>0</valloglevel>
<privatedomain/>
<privateaddress>0.0.0.0/8,10.0.0.0/8,100.64.0.0/10,169.254.0.0/16,172.16.0.0/12,192.0.2.0/24,192.168.0.0/16,198.18.0.0/15,198.51.100.0/24,203.0.113.0/24,233.252.0.0/24,::1/128,2001:db8::/32,fc00::/8,fd00::/8,fe80::/10</privateaddress>
<insecuredomain/>
<msgcachesize/>
<rrsetcachesize/>
<outgoingnumtcp/>
<incomingnumtcp/>
<numqueriesperthread/>
<outgoingrange/>
<jostletimeout/>
<discardtimeout/>
<cachemaxttl/>
<cachemaxnegativettl/>
<cacheminttl/>
<infrahostttl/>
<infrakeepprobing/>
<infracachenumhosts/>
<unwantedreplythreshold/>
</advanced>
<acls>
<default_action>allow</default_action>
</acls>
<dnsbl>
<enabled>0</enabled>
<safesearch/>
<type/>
<lists/>
<whitelists/>
<blocklists/>
<wildcards/>
<address/>
<nxdomain/>
</dnsbl>
<forwarding>
<enabled/>
</forwarding>
<dots/>
<hosts>
<host uuid="51cf5f74-c57c-4c15-9614-357bfb5574c9">
<enabled>0</enabled>
<hostname>git</hostname>
<domain>steini12.ddnss.de</domain>
<rr>A</rr>
<mxprio/>
<mx/>
<server>192.168.50.101</server>
<description>git</description>
</host>
</hosts>
<aliases/>
</unboundplus>
<DHCRelay version="1.0.1"/>
<trust>
<general version="1.0.1">
<store_intermediate_certs>0</store_intermediate_certs>
<install_crls>0</install_crls>
<fetch_crls>0</fetch_crls>
<enable_legacy_sect>1</enable_legacy_sect>
<enable_config_constraints>0</enable_config_constraints>
<CipherString/>
<Ciphersuites/>
<groups/>
<MinProtocol/>
<MinProtocol_DTLS/>
</general>
</trust>
<adguardhome>
<general version="0.0.1" persisted_at="1757861532.15">
<enabled>1</enabled>
<primarydns>1</primarydns>
</general>
</adguardhome>
<DynDNS version="1.5.1">
<general>
<enabled>1</enabled>
<verbose>0</verbose>
<allowipv6>0</allowipv6>
<daemon_delay>300</daemon_delay>
<backend>opnsense</backend>
</general>
<accounts>
<account uuid="d66a43e3-a05e-40bd-b5bd-bb9b40cb2ba7">
<enabled>1</enabled>
<service>custom</service>
<protocol>dyndns1</protocol>
<server>ddnss.de</server>
<username>steini12</username>
<password>Sidolin7219</password>
<resourceId/>
<hostnames>steini12.ddnss.de</hostnames>
<wildcard>0</wildcard>
<zone/>
<checkip>cloudflare-ipv4</checkip>
<dynipv6host/>
<checkip_timeout>10</checkip_timeout>
<force_ssl>1</force_ssl>
<ttl>300</ttl>
<interface/>
<description/>
</account>
</accounts>
</DynDNS>
</OPNsense>
<openvpn/>
<ifgroups version="1.0.0"/>
<laggs version="1.0.0">
<lagg/>
</laggs>
<virtualip version="1.0.1"/>
<vlans version="1.0.0">
<vlan uuid="a65c8ffb-64e8-485b-a7b2-9b61b724368d">
<if>igc3</if>
<tag>50</tag>
<pcp>0</pcp>
<proto/>
<descr>Steini</descr>
<vlanif>vlan0.50</vlanif>
</vlan>
<vlan uuid="ffb5e0be-8ac7-4ef8-be13-13a948acd540">
<if>igc3</if>
<tag>10</tag>
<pcp>0</pcp>
<proto/>
<descr>B&#xFC;ro</descr>
<vlanif>vlan0.10</vlanif>
</vlan>
<vlan uuid="3079fe5d-8c62-4818-94e5-134f711d3276">
<if>igc3</if>
<tag>2</tag>
<pcp>0</pcp>
<proto/>
<descr>Br&#xFC;cke</descr>
<vlanif>vlan0.2</vlanif>
</vlan>
<vlan uuid="6f8c8bb7-aee4-4517-b1a2-8bb5303cc21c">
<if>igc3</if>
<tag>70</tag>
<pcp>0</pcp>
<proto/>
<descr>WAN2</descr>
<vlanif>vlan0.70</vlanif>
</vlan>
</vlans>
<staticroutes version="1.0.0">
<route uuid="6fa0570e-e0e9-4190-a906-10ff67e627b3">
<network>192.168.30.0/24</network>
<gateway>Sven</gateway>
<descr>Sven</descr>
<disabled>0</disabled>
</route>
<route uuid="6dd8b824-80f3-456b-a2c5-a8170d87dda3">
<network>192.168.6.0/24</network>
<gateway>Sven</gateway>
<descr>Sven Groitzsch</descr>
<disabled>0</disabled>
</route>
<route uuid="1a797381-ea9c-4288-b436-f0d953b62a54">
<network>10.30.0.0/24</network>
<gateway>Sven</gateway>
<descr>Sven Groitzsch</descr>
<disabled>0</disabled>
</route>
<route uuid="dac57796-b416-4912-8777-3176749446b9">
<network>10.19.0.0/24</network>
<gateway>Sven</gateway>
<descr>Sven Groitzsch</descr>
<disabled>0</disabled>
</route>
</staticroutes>
<bridges version="1.0.0"/>
<gifs version="1.0.0">
<gif/>
</gifs>
<gres version="1.0.0">
<gre/>
</gres>
<ppps>
<ppp/>
</ppps>
<wireless>
<clone/>
</wireless>
<ca/>
<dhcpdv6/>
<cert uuid="50bc27d6-8505-4798-aaf0-948e3e9b9a37">
<refid>65fda728512c3</refid>
<descr>Web GUI TLS certificate</descr>
<caref/>
<crt>LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUhIakNDQlFhZ0F3SUJBZ0lVTHZvVEE2a2RzcTRoTmFqMGxxbDl1MEs1N0d3d0RRWUpLb1pJaHZjTkFRRUwKQlFBd2dZa3hIVEFiQmdOVkJBTU1GRTlRVG5ObGJuTmxMbXh2WTJGc1pHOXRZV2x1TVFzd0NRWURWUVFHRXdKTwpUREVWTUJNR0ExVUVDQXdNV25WcFpDMUliMnhzWVc1a01SVXdFd1lEVlFRSERBeE5hV1JrWld4b1lYSnVhWE14CkxUQXJCZ05WQkFvTUpFOVFUbk5sYm5ObElITmxiR1l0YzJsbmJtVmtJSGRsWWlCalpYSjBhV1pwWTJGMFpUQWUKRncweU5EQXpNakl4TlRRek16bGFGdzB5TlRBME1qTXhOVFF6TXpsYU1JR0pNUjB3R3dZRFZRUUREQlJQVUU1egpaVzV6WlM1c2IyTmhiR1J2YldGcGJqRUxNQWtHQTFVRUJoTUNUa3d4RlRBVEJnTlZCQWdNREZwMWFXUXRTRzlzCmJHRnVaREVWTUJNR0ExVUVCd3dNVFdsa1pHVnNhR0Z5Ym1sek1TMHdLd1lEVlFRS0RDUlBVRTV6Wlc1elpTQnoKWld4bUxYTnBaMjVsWkNCM1pXSWdZMlZ5ZEdsbWFXTmhkR1V3Z2dJaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQwpEd0F3Z2dJS0FvSUNBUUNyWkthU01kKzE1bi9VbFE5VitYM1BhRkpaS2sxQmxrZEJsdGgvQTZxOEVhSHhxWWk2CjA5d002a3l6SkFsWlFyZnRTK3hRZGNGbzE0UlFObGprREZ1clBtbDdROXZsSWdpcHhUVE9PajFnRkZ2TThRRWYKbFA1bDl0ZnlvUnlWeHVMWFR2OTQyVysvS24zRnR1TGdRZnNhRDA1YldYdDl2Z0g0N096VnQ1ak5GY3JqNWVkRQpiUk9RcFp3YUI2dHpicjRnYlhGWW1RYW1WMVFRMFNpb1N2cE5uM0NkMlJTL1lxN1FiRElwdkhESG8vUitXUHdMCnc3VFNsUXNQMGV2MTV3ZGJOV3d2VEtzdytEUU5rUURyTXZSN3ZqSmFLbXFrNE1QbzllS3RwbXUwK0Jua3BSeDAKanFHVGlrOHM3TG02aHY0UktHb2VhbzdYeVBUblZ3UGNTazFCT0ppdGNnY2wrMWNaZW04QXJlWWprUEc1NWpjLwpzTk9RLzN4VzRUa3dOWVdTdE1jcVdheEJJK0RROEw2N1JuNVBwWmtPRi83SE1xY2hEdXd0Nk1sUTB1WTM1YXQvCmxrRkowMUFIMkpSMXZLNURPKzBIMXZWTW9VaDIvMTEydmRJbGZ6Tnllc052Wmg1Ly9IcVJQdU1Qdk9MLzhKU2kKQlFOSWQxNU45eklkVDgyZVljUFlJU0tEZE1vQjZiVFBkQ2p3RkJ6M1JtOEt4MjBha2lVcWpvalc2RkFNYWR2VwpWR2JEeDZCdnQzM0lzYWFTcnM4dzVXUlkrSWtiL0VJZm9BMC8xZVZRM2N2RjdMd2tZbnQwN3BEUUhJcVhlSlAxCnRFUThYMERJTlBPQmZhbzFBc2kvY3M0cHpodDVmTkNmMnl0Zk9PYzFhaEdYWFJYTTlaWmJGYmtmL3dJREFRQUIKbzRJQmVqQ0NBWFl3Q1FZRFZSMFRCQUl3QURBUkJnbGdoa2dCaHZoQ0FRRUVCQU1DQmtBd05BWUpZSVpJQVliNApRZ0VOQkNjV0pVOVFUbk5sYm5ObElFZGxibVZ5WVhSbFpDQlRaWEoyWlhJZ1EyVnlkR2xtYVdOaGRHVXdIUVlEClZSME9CQllFRkVhTTRPTEhPZ2tWQXpMUzNOZ2dQSTgwcy9SV01JR3pCZ05WSFNNRWdhc3dnYWloZ1kra2dZd3cKZ1lreEhUQWJCZ05WQkFNTUZFOVFUbk5sYm5ObExteHZZMkZzWkc5dFlXbHVNUXN3Q1FZRFZRUUdFd0pPVERFVgpNQk1HQTFVRUNBd01XblZwWkMxSWIyeHNZVzVrTVJVd0V3WURWUVFIREF4TmFXUmtaV3hvWVhKdWFYTXhMVEFyCkJnTlZCQW9NSkU5UVRuTmxibk5sSUhObGJHWXRjMmxuYm1Wa0lIZGxZaUJqWlhKMGFXWnBZMkYwWllJVUx2b1QKQTZrZHNxNGhOYWowbHFsOXUwSzU3R3d3SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQ0FJQwpNQXNHQTFVZER3UUVBd0lGb0RBZkJnTlZIUkVFR0RBV2doUlBVRTV6Wlc1elpTNXNiMk5oYkdSdmJXRnBiakFOCkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQU1zcDdla1lIem1UamZGeHR6RERGdWFQSkIzcDZMa3JkMVZGS1IrS0sKSDZUWmlhMWlpbzltNnNQdEUrTWZVU3AwdnRXYm5XU0tDRCtJc1FlWXdmRDBYQkJwV3BTVVFxb0VDOUZxak96QwpVUmJUM0FrTjVSanl1ekFuN1N5QXpaY1RiemtQUTRJYWF0S2wxL2IyaTlnZFh5MXFycTNTMUpnRGtKT0wzY01lCkcrR0lpKzlzbHdHcFZiSEgvVTNyaDJiUFAxUisycHl1Wi9ZK0szbVEzVFBhUHU3VkR1VzVjLzRUbWRrNlZIZ2IKRkdCWVdtZml2dyttd0tGR2RvdHg2MGs4ZEJ2MVVoTjdzMnlwczlNWnFFZXVwVE5BdGtwSHFtdkx4UDNqZVpRawpOMWVsU0FsNGN3ZTFpdzJ2RFh3ZHJWdmE2RUlHZHJtc2QwcmpDVWV1M2Z2RUtnUXVkMFZoMkFQR3hSeGNFNjlTCmRBbE9uTWIyM1VIaVdadEcwZVExaWpWRDdab0gvTFN3ZldmZTF5aVhwRmNRaE9QaW5MRldCcURuS21TQTNjTEwKWUpkbGdJTjMvaXNONlNrMmljREJXT0FlUVRpaHpTR2dDOVVOWkx5bHV1bGlBNlBjNFBxc29ZdTE0YjRKVzZaVApIVXdjZ3RPTjNiRUwrYTRocmtKci9MMVkvWGxoWWNKY2lkTVM2Y2Z6bXlxNXB4TGlLc2gwK0VOQ1FJZzhzcXJGCm1rL0NKa0ppcUdyUEUxbnd6TlZjM2ZYeXFqMVJYUFdUL3E2NEdpVm9reERFM1hKOUNhQjdyM0R3OXNiVVd4eCsKMUpDOEVaendodFBxTFdVdnp2ZmtTTERQUk9jdFR6RnFUclV0aU4zT2oydjZUQjlsa3J0MVJoS2lZYUZLK1BvaQovRk09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K</crt>
<csr/>
<prv>LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUpRUUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQ1Nzd2dna25BZ0VBQW9JQ0FRQ3JaS2FTTWQrMTVuL1UKbFE5VitYM1BhRkpaS2sxQmxrZEJsdGgvQTZxOEVhSHhxWWk2MDl3TTZreXpKQWxaUXJmdFMreFFkY0ZvMTRSUQpObGprREZ1clBtbDdROXZsSWdpcHhUVE9PajFnRkZ2TThRRWZsUDVsOXRmeW9SeVZ4dUxYVHY5NDJXKy9LbjNGCnR1TGdRZnNhRDA1YldYdDl2Z0g0N096VnQ1ak5GY3JqNWVkRWJST1FwWndhQjZ0emJyNGdiWEZZbVFhbVYxUVEKMFNpb1N2cE5uM0NkMlJTL1lxN1FiRElwdkhESG8vUitXUHdMdzdUU2xRc1AwZXYxNXdkYk5Xd3ZUS3N3K0RRTgprUURyTXZSN3ZqSmFLbXFrNE1QbzllS3RwbXUwK0Jua3BSeDBqcUdUaWs4czdMbTZodjRSS0dvZWFvN1h5UFRuClZ3UGNTazFCT0ppdGNnY2wrMWNaZW04QXJlWWprUEc1NWpjL3NOT1EvM3hXNFRrd05ZV1N0TWNxV2F4QkkrRFEKOEw2N1JuNVBwWmtPRi83SE1xY2hEdXd0Nk1sUTB1WTM1YXQvbGtGSjAxQUgySlIxdks1RE8rMEgxdlZNb1VoMgovMTEydmRJbGZ6Tnllc052Wmg1Ly9IcVJQdU1Qdk9MLzhKU2lCUU5JZDE1Tjl6SWRUODJlWWNQWUlTS0RkTW9CCjZiVFBkQ2p3RkJ6M1JtOEt4MjBha2lVcWpvalc2RkFNYWR2V1ZHYkR4NkJ2dDMzSXNhYVNyczh3NVdSWStJa2IKL0VJZm9BMC8xZVZRM2N2RjdMd2tZbnQwN3BEUUhJcVhlSlAxdEVROFgwRElOUE9CZmFvMUFzaS9jczRwemh0NQpmTkNmMnl0Zk9PYzFhaEdYWFJYTTlaWmJGYmtmL3dJREFRQUJBb0lCLzNXUFhWeGpxSFozenNqakxDM3JCZUNsCmd4Tm85cTA4OHgwMHRnSFcwVXQzMk92OEdsa3dRWHlCL0c5MkhiYURwVSszTjlSQnRCamFOTWpvZmpUaHl6dkkKMW9VRmVuL09vWVFhZlZUR2VVYU1Uc3owc3dkcWJqbEZRZktHQ2RKUXc4MkoxZTdMbDR0ZG4vL0cyY3RPSVVtVQpCVlc3bHlPS0hwOTAxMGRlNm1vakZMZzlHQzE3c0FJZnJvdHBKUkpYbEU2MS85NWQyMUJKbGlrWFpwVDhwL3lLCkJPdkdodEFVNWtGWTZTZmNFMDdFT1Q3cXNmZGYwZXJRRTROR1o3R2ZDUGppUkVBdFVHT2gyN0RnT04rVTNRVGYKRlZVeERCbTJXeVJwZytkenB0cmlGWXRMblE1VjB6VVE3RzZ0Um9jR05aUVZXMTlFbjJ6RTZrTXhveGpTUDd4NwpzdDcvdUhyT2lIeWpCb1ZqcE5RMXhtaHFHcSswVjFBWncrNWU2V2FwbVJaZWdxdVFvMVRQUDczTHJEdUt1NTdUCitZU2x3ZWZURUprcWgvNmZwYmhJWmFjOVhaT01EYUJtY0lpaCtVaUVNWGZMcTkvMVo0bEg4NC94Nk41WVlzaGwKYWI1M0tHK3RRRTc4OGcxWGM5dnIwbFBKclZsVlhON0UranB2bkdIelptRTJ0aDB1aVVkdElJWmY4SFRoWDdGWgpDcDc0d0YxKzhqN3JEQm1SU0JlNUxtSTJOaXdXTDBzQ1krQ2ZNSGNZb1Q1empEVENBWms2TDVHekxuZ3kyeVI1Cmd1YUwxL1BzZ29Jc1krako0K1Q5SzlIU0hDUUFLakcrcGliYmVXSUhrdWx0S293a3NGTjB5WEFzdHhvYVJoV2MKMlFLVVhxcUNKeERkWkVkTytJa0NnZ0VCQU5sZENISCtNMjN0ZXRTTytrYTJPYlJma1FIeTUvV20xbUNtTWpMVAplaWlPYm90aWliRzJVVXJzWTNxY1ZodzFZQ3R2NUxFZEkydVN4TVNIVUpBbFlJMXJJeFlTQi9XL3Y5SHlJL01hClpVU1BCZVdyUHFmVGsrckF2SzgzZ3VoK1JLT1ZNOEJvRG5RWHdJbU5uVWZBTkl1QVVMTGF3TTlTUXVpU3ZvOW8KWndxRi9MWGE5RU9zRUlhcmpSN1g5ZkxXMjRlVW1mWFBJUUptaUtldzNqaFJ0REFJYnRjTEx0M0RQY2xqcWJJSwpJNnV0Rm5GdTNMK3pySlZXLzE1TVA3eHE4Smd1S3ErK1VIcnM5NE5aVnI2MGxDd3BueGxSakhGK3Uwc0pTai9CCk50STdJT3IvMlc5Q01UUTBZWUNFVXMvWitLQ0VIL2Z2ZjN1RG5FZy9lRWRoam9jQ2dnRUJBTW5ieGtkRTBtZHIKUmp0bFZOWmZMM2F0eXNFbjFneC8xcTdsN1BHZXpEbzdLTXFnUFdpM3RmMWpySnRVN2VVRUFRV2lIU1RmeXNkTAoxcWtKdUVxTWRXT2RIMmdxV0ZjVE52QTZEMUhXR3BXeU1xQ1VpSkhCN0oxUUNRMUR3NkQxV0VXbnNNdHdkQWp3CnkvR0gvSzBONEJrSU5kVkZpTkZndjZuaVhvUzZxeVJ5YjNPTExSL0FhRnpxMTJmOGNMcmdrZXJpbDJkRTdadjEKYXNqeVdHdzR6NjZMQWtGUHc3dzhnQjhleGlTR2t4UGNDaW1NRkQrZmJEWSs4SWFtaE9rWVdtd1RFeExtS3BBaAo3RCtzKzgzcS8xV3RLZ1dZNW1qU1YxQkoxUGlmZFJVRlhMV3Q3a1o1VjBIaDV1eWdxZjJMZzI3TURBcHpUdDVtCkl2bXB4dlAwQ01rQ2dnRUJBTFVSdlBGSTh3ckY0NmFpSEhjL1liNlNSYmU3NCtOTlFoUnRIakFjM3d4ZDZsU08KbDJuRkdOOHpJSU9KTEdwL1JFZXJCSFZPY3Ewd0xGNFM0dGZSYXljamNxejJCRStCbG9lTUVNcDQySmRPRlhtSApOOENTamd2bTFzZVhsS09jWEExeFF4VXJHYTg0QWhvVU1Fc1BJRFo5Zzd3YVlyZlNMUTZVLzgxekNUTkkvb1YzCmlqZTlaRjdyRmJuMTZWcU1CWUJpR0FjZXJyN1RMMCtTRk93UmsrclhlNDRFTU54bndsYTdnU2RoTHVuYVhISE8KQ25KZmVJdEhWNS8wSUx3UzBhM1Q5NWRERU1QMkZ4SUNJRExwTnUyN0ZsLy9BT0dpMHQ3bE5FYjc2M0VoOUlBTwo5ZENxOFZZdHRITmN4NmVDU28xY3cwekU1QXUrVFRnYU4xWXZQSTBDZ2dFQVdsbkt1Qit2NWFaNGV5RnlCYm41CkxxKy9ieEY3bDRDcEFRUGRPSkVSYkljS1RSZklKTlVGMm5NQTBVNEVaVnVUY1lnTWIzTFQrcnlSU253VlJ4anoKZWpEYjIrNElPSUZiTjg5bENBWkRRL25NKzE5QWVhMUpVV2gvaExadUc5OTFNVWhMcytPVHJHVExoRUtQOEkyagpYdER6OTQvMkczR29tRXZBYnJ4MjJndDJvMHNLV1ludnJKZFk3eXhvOE55UHM0alVwOTZNVkNCWE9iWnZxWkVNCk5GMzRGbSt6ZHMvRnNTZy9IQjQ0T3Mxa3B4QVNDQ0E5ZVZKV3FvNWlNMHM1UGVLVHlRUEl6VmJCdmdhWmRxUFcKd2V5T1FJOGRvcEZ6ajNaY295UU1iZXBHZ3ZObEVacENXalRZL2RVMEFVNnU5NnJSUU9RM3l3Z0FZNnVBWjdVMQpNUUtDQVFCMkRDRzNrLzRzZUR3NXF3MW9YZDJXaTB4aFQ1NjJ0MnlOUTdvVlVUUndZVGx5UGlVQWJGOVZFSFo5ClJSK3QyekFxU1VudVBJOEVwZHF5TDRSNEZLaGlFTU9IYzVVeVVPVXNsMUM0TWhpREdqY0hMSWtDeDVqYWdGWDgKTzBpK1k5Vm5nTTk4RkRFYW1rUWcxU2N1ZkVnL3YvTGRiZ1RTZWNkYkZPcjlEZUN0NTA3NS9PLzdHanVSUnRRYgpGeTdsdDZjTHJ5anhCM2xvL0xYa2VPbWsyVXQxSmYyelN3K2Y1YklYVnpKbnVwM0t3eThUdU5yR3gySzN5OEtwCnFveUtrSC92TlhBK3o5OEF1OWluOGdqRkQ2VVhJc1JzOEFXWDNsNmJTaEU4S3kyMjRBN25WeVFDZjMrL0lUL20KU2E2Z3hUVm5xQm95MU83bzJSdDh0SU5uMHB2agotLS0tLUVORCBQUklWQVRFIEtFWS0tLS0tCg==</prv>
</cert>
<gateways>
<gateway_group>
<name>Loadbalancing</name>
<item>WAN_GW|1</item>
<item>Sven|1</item>
<trigger>downlosslatency</trigger>
<poolopts/>
<descr>Load</descr>
</gateway_group>
</gateways>
<hasync version="1.0.2">
<disablepreempt>0</disablepreempt>
<disconnectppps>0</disconnectppps>
<pfsyncinterface/>
<pfsyncpeerip/>
<pfsyncversion>1400</pfsyncversion>
<synchronizetoip/>
<verifypeer>0</verifypeer>
<username/>
<password/>
<syncitems/>
</hasync>
<syslog/>
<dnsmasq version="1.0.8" persisted_at="1757119053.52">
<enable/>
<regdhcp/>
<regdhcpstatic/>
<dhcpfirst/>
<strict_order/>
<domain_needed/>
<no_private_reverse/>
<no_resolv>0</no_resolv>
<log_queries/>
<no_hosts/>
<strictbind/>
<dnssec/>
<regdhcpdomain/>
<interface/>
<port/>
<dns_forward_max/>
<cache_size/>
<local_ttl/>
<add_mac/>
<add_subnet>0</add_subnet>
<strip_subnet>0</strip_subnet>
<dhcp>
<no_interface/>
<fqdn>0</fqdn>
<domain/>
<local>1</local>
<lease_max/>
<authoritative>0</authoritative>
<default_fw_rules>1</default_fw_rules>
<reply_delay/>
<enable_ra>0</enable_ra>
<nosync>0</nosync>
</dhcp>
<no_ident>1</no_ident>
</dnsmasq>
</opnsense>
Reference in New Issue View Git Blame Copy Permalink