kenjreno/OPNSenseBackup
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
OPNSenseBackup/config.xml

5495 lines
200 KiB
XML
Raw Permalink Blame History

<?xml version="1.0"?>
<opnsense>
<theme>opnsense-dark</theme>
<sysctl version="1.0.1">
<item uuid="2bbed4b2-e248-4f91-bae1-7988c8dede3b">
<tunable>vfs.read_max</tunable>
<value/>
<descr>Increase UFS read-ahead speeds to match the state of hard drives and NCQ.</descr>
</item>
<item uuid="888f6cf3-d7ab-4534-8b28-b7d63ffa9206">
<tunable>net.inet.ip.portrange.first</tunable>
<value/>
<descr>Set the ephemeral port range to be lower.</descr>
</item>
<item uuid="e86ae077-e917-449a-852a-f3a6393ce0b4">
<tunable>net.inet.tcp.blackhole</tunable>
<value/>
<descr>Drop packets to closed TCP ports without returning a RST</descr>
</item>
<item uuid="05eb9f20-e8ad-41ab-ae7e-6615a36ddf9f">
<tunable>net.inet.udp.blackhole</tunable>
<value/>
<descr>Do not send ICMP port unreachable messages for closed UDP ports</descr>
</item>
<item uuid="edcd5f19-223a-44df-adbd-e597902ac1ea">
<tunable>net.inet.ip.random_id</tunable>
<value/>
<descr>Randomize the ID field in IP packets</descr>
</item>
<item uuid="e8047d6b-51e4-4e9d-8750-4a53673707f3">
<tunable>net.inet.ip.sourceroute</tunable>
<value/>
<descr>
Source routing is another way for an attacker to try to reach non-routable addresses behind your box.
It can also be used to probe for information about your internal networks. These functions come enabled
as part of the standard FreeBSD core system.
</descr>
</item>
<item uuid="9cca4203-629e-497f-8d01-685105e64c33">
<tunable>net.inet.ip.accept_sourceroute</tunable>
<value/>
<descr>
Source routing is another way for an attacker to try to reach non-routable addresses behind your box.
It can also be used to probe for information about your internal networks. These functions come enabled
as part of the standard FreeBSD core system.
</descr>
</item>
<item uuid="4381fa6d-dcbf-4285-9b4e-885143c7bb50">
<tunable>net.inet.icmp.log_redirect</tunable>
<value/>
<descr>
This option turns off the logging of redirect packets because there is no limit and this could fill
up your logs consuming your whole hard drive.
</descr>
</item>
<item uuid="cc520bc7-9acc-4759-88a6-7df7f208971f">
<tunable>net.inet.tcp.drop_synfin</tunable>
<value/>
<descr>Drop SYN-FIN packets (breaks RFC1379, but nobody uses it anyway)</descr>
</item>
<item uuid="28f0d11f-dbbf-4a29-8be0-da3710fe6664">
<tunable>net.inet6.ip6.redirect</tunable>
<value/>
<descr>Enable sending IPv6 redirects</descr>
</item>
<item uuid="92c7ebc7-32b7-4156-84f0-9ec8e0faf119">
<tunable>net.inet6.ip6.use_tempaddr</tunable>
<value/>
<descr>Enable privacy settings for IPv6 (RFC 4941)</descr>
</item>
<item uuid="a0d196dd-54e8-43a6-b481-09874aae5f89">
<tunable>net.inet6.ip6.prefer_tempaddr</tunable>
<value/>
<descr>Prefer privacy addresses and use them over the normal addresses</descr>
</item>
<item uuid="58f41fd4-889c-438e-bf8f-0dd1fce17204">
<tunable>net.inet.tcp.syncookies</tunable>
<value/>
<descr>Generate SYN cookies for outbound SYN-ACK packets</descr>
</item>
<item uuid="f9268691-2957-4f14-b81a-b8004943ca86">
<tunable>net.inet.tcp.recvspace</tunable>
<value/>
<descr>Maximum incoming/outgoing TCP datagram size (receive)</descr>
</item>
<item uuid="69fa9f58-79b0-4afc-b0da-5d79bad7e9fc">
<tunable>net.inet.tcp.sendspace</tunable>
<value/>
<descr>Maximum incoming/outgoing TCP datagram size (send)</descr>
</item>
<item uuid="05252c7f-0ab5-439b-bf7e-8e46bfade8f5">
<tunable>net.inet.tcp.delayed_ack</tunable>
<value/>
<descr>Do not delay ACK to try and piggyback it onto a data packet</descr>
</item>
<item uuid="21be9c12-ab76-4939-a90e-7e2da4b1738f">
<tunable>net.inet.udp.maxdgram</tunable>
<value/>
<descr>Maximum outgoing UDP datagram size</descr>
</item>
<item uuid="e8626367-847c-4600-876d-94f86b77f4fa">
<tunable>net.link.bridge.pfil_onlyip</tunable>
<value/>
<descr>Handling of non-IP packets which are not passed to pfil (see if_bridge(4))</descr>
</item>
<item uuid="a70caaa2-bb96-4247-a582-7dac36798f23">
<tunable>net.link.bridge.pfil_local_phys</tunable>
<value/>
<descr>Set to 1 to additionally filter on the physical interface for locally destined packets</descr>
</item>
<item uuid="42357d67-29a2-46d8-8c81-ca02c8f442ba">
<tunable>net.link.bridge.pfil_member</tunable>
<value/>
<descr>Set to 0 to disable filtering on the incoming and outgoing member interfaces.</descr>
</item>
<item uuid="a12ad762-3376-4ab8-b570-861c2bdd3bf3">
<tunable>net.link.bridge.pfil_bridge</tunable>
<value/>
<descr>Set to 1 to enable filtering on the bridge interface</descr>
</item>
<item uuid="5e4a19a8-fe41-49de-b041-0db7b01eaae3">
<tunable>net.link.tap.user_open</tunable>
<value/>
<descr>Allow unprivileged access to tap(4) device nodes</descr>
</item>
<item uuid="95ef1209-ce93-4eb5-97d4-f69ecc4f9a1f">
<tunable>kern.randompid</tunable>
<value/>
<descr>Randomize PID's (see src/sys/kern/kern_fork.c: sysctl_kern_randompid())</descr>
</item>
<item uuid="9d138c6f-03b3-4c9a-a9d7-fa2b5ac297a7">
<tunable>hw.syscons.kbd_reboot</tunable>
<value/>
<descr>Disable CTRL+ALT+Delete reboot from keyboard.</descr>
</item>
<item uuid="a586da7a-fd84-40d6-8874-d9d5b4ee8b30">
<tunable>net.inet.tcp.log_debug</tunable>
<value/>
<descr>Enable TCP extended debugging</descr>
</item>
<item uuid="60f5d170-c151-4498-b99f-f2b4f224d4f3">
<tunable>net.inet.icmp.icmplim</tunable>
<value/>
<descr>Set ICMP Limits</descr>
</item>
<item uuid="5efc1e82-feee-4b38-8357-2c024e0b911c">
<tunable>net.inet.tcp.tso</tunable>
<value/>
<descr>TCP Offload Engine</descr>
</item>
<item uuid="d2d251b3-852e-46ee-9117-e2c5ffa55b23">
<tunable>net.inet.udp.checksum</tunable>
<value/>
<descr>UDP Checksums</descr>
</item>
<item uuid="05339cc2-c116-4245-940a-455b573816b6">
<tunable>kern.ipc.maxsockbuf</tunable>
<value/>
<descr>Maximum socket buffer size</descr>
</item>
<item uuid="f0b75f56-7da0-4547-85a9-84bf4c6c4b77">
<tunable>vm.pmap.pti</tunable>
<value>0</value>
<descr>Page Table Isolation (Meltdown mitigation, requires reboot.)</descr>
</item>
<item uuid="3b86305c-332f-4bcf-aa82-7c57c7185322">
<tunable>hw.ibrs_disable</tunable>
<value>1</value>
<descr>Disable Indirect Branch Restricted Speculation (Spectre V2 mitigation)</descr>
</item>
<item uuid="8fe314b8-01b4-45f2-a809-1d927de35162">
<tunable>security.bsd.see_other_gids</tunable>
<value/>
<descr>Hide processes running as other groups</descr>
</item>
<item uuid="8fd2242c-2bd7-4356-85be-73bdc04b7f11">
<tunable>security.bsd.see_other_uids</tunable>
<value/>
<descr>Hide processes running as other users</descr>
</item>
<item uuid="9bdb0d2d-3e97-45d2-8891-a10b55ad60bc">
<tunable>net.inet.ip.redirect</tunable>
<value/>
<descr>Enable/disable sending of ICMP redirects in response to IP packets for which a better,
and for the sender directly reachable, route and next hop is known.
</descr>
</item>
<item uuid="e498141c-b2d0-4bb0-b27c-6c75ee6cd25c">
<tunable>net.local.dgram.maxdgram</tunable>
<value/>
<descr>Maximum outgoing UDP datagram size</descr>
</item>
</sysctl>
<system>
<optimization>conservative</optimization>
<hostname>rno1</hostname>
<domain>home.arpa</domain>
<group uuid="cb76a6ca-948f-4b1d-9272-53e1cf9eb924">
<gid>1999</gid>
<name>admins</name>
<scope>system</scope>
<description>System Administrators</description>
<priv>page-all</priv>
<member>0,2000</member>
</group>
<user uuid="a092b36b-480c-4661-91a7-254bf448c5de">
<uid>0</uid>
<name>root</name>
<disabled>0</disabled>
<scope>system</scope>
<expires/>
<authorizedkeys>c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSVB6eWRlMk1CTEhHVXBZUFpiMnl2V0dvNkV6VTBvei9WTklHVElNSXNDMWIga2Vu</authorizedkeys>
<otp_seed/>
<shell/>
<password>$2y$11$r1zHIfGti8A0TV1wAj0Tq.6xeO2/iHv.vmQy3/AjUv1QkeWNZAv3C</password>
<pwd_changed_at/>
<landing_page/>
<comment/>
<email>ken@blkdoor.com</email>
<apikeys/>
<priv/>
<language/>
<descr>System Administrator</descr>
<dashboard>eyJvcHRpb25zIjpbXSwid2lkZ2V0cyI6W3siaWQiOiJzeXN0ZW1pbmZvcm1hdGlvbiIsIm1pblciOjIsIngiOjAsInkiOjAsImgiOjUxMiwid2lkZ2V0IjpbXSwidyI6Mn0seyJpZCI6Im1lbW9yeSIsIm1pblciOjEsIngiOjIsInkiOjAsImgiOjExMCwid2lkZ2V0IjpbXSwidyI6bnVsbH0seyJpZCI6ImRpc2siLCJtaW5XIjoxLCJ4IjozLCJ5IjowLCJoIjoxNjAsIndpZGdldCI6W10sInciOm51bGx9LHsiaWQiOiJpbnRlcmZhY2VzdGF0aXN0aWNzIiwibWluVyI6MiwieCI6NCwieSI6MCwidyI6NCwic2l6ZVRvQ29udGVudCI6NjUwLCJoIjoyODQsIndpZGdldCI6W119LHsiaWQiOiJ0cmFmZmljIiwibWluVyI6MiwieCI6OCwieSI6MCwidyI6NCwiaCI6NTk0LCJ3aWRnZXQiOnsiaW50ZXJmYWNlcyI6WyJsYW4iLCJ3YW4iXX19LHsiaWQiOiJnYXRld2F5cyIsIm1pblciOjIsIngiOjIsInkiOjE2MCwic2l6ZVRvQ29udGVudCI6NjUwLCJoIjoyOTYsIndpZGdldCI6eyJnYXRld2F5cyI6WyIwN2YyYjAwYy04OWFmLTQ1MmQtOGRiMy1hMzBlZDZlZmNhOTEiLCJMQU5fREhDUCIsIldBTl9ESENQNiJdfSwidyI6Mn0seyJpZCI6ImZpcmV3YWxsIiwibWluVyI6MiwieCI6NCwieSI6Mjg0LCJ3Ijo0LCJoIjoyODQsIndpZGdldCI6W119LHsiaWQiOiJjcHUiLCJtaW5XIjoyLCJ4IjowLCJ5Ijo1MTIsImgiOjE3OCwid2lkZ2V0Ijp7ImdyYXBocyI6WyJ0b3RhbCJdfSwidyI6Mn1dfQ==</dashboard>
</user>
<user uuid="8c2ab192-b6dd-4bfc-93d2-a8048a0bdc70">
<uid>2000</uid>
<name>ken</name>
<disabled>0</disabled>
<scope>user</scope>
<expires/>
<authorizedkeys>c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSVB6eWRlMk1CTEhHVXBZUFpiMnl2V0dvNkV6VTBvei9WTklHVElNSXNDMWIga2Vu</authorizedkeys>
<otp_seed/>
<shell>/usr/local/bin/bash</shell>
<password>$2y$11$pX.BHOUklN0PAGOyembxduWnMNGtEWLyYPiWNYYQ4/SfdQflhllZe</password>
<pwd_changed_at/>
<landing_page/>
<comment/>
<email>ken@blkdoor.com</email>
<apikeys/>
<priv/>
<language/>
<descr>Ken Johnson</descr>
<dashboard>eyJvcHRpb25zIjpbXSwid2lkZ2V0cyI6W3siaWQiOiJzeXN0ZW1pbmZvcm1hdGlvbiIsIm1pblciOjIsIngiOjAsInkiOjAsImgiOjUxMiwid2lkZ2V0IjpbXSwidyI6Mn0seyJpZCI6Im1lbW9yeSIsIm1pblciOjEsIngiOjIsInkiOjAsImgiOjEzMSwid2lkZ2V0IjpbXSwidyI6bnVsbH0seyJpZCI6ImRpc2siLCJtaW5XIjoxLCJ4IjozLCJ5IjowLCJoIjoxMzEsIndpZGdldCI6W10sInciOm51bGx9LHsiaWQiOiJpbnRlcmZhY2VzIiwibWluVyI6Miwic2l6ZVRvQ29udGVudCI6MzAyLCJ4Ijo0LCJ5IjowLCJ3Ijo0LCJoIjozMDIsIndpZGdldCI6W119LHsiaWQiOiJ0cmFmZmljIiwibWluVyI6MiwieCI6OCwieSI6MCwidyI6NCwiaCI6NDQ2LCJ3aWRnZXQiOnsiaW50ZXJmYWNlcyI6WyJsYW4iLCJvcHQzIiwib3B0NSIsIndhbiJdfX0seyJpZCI6ImdhdGV3YXlzIiwibWluVyI6MiwieCI6MiwieSI6MTMxLCJzaXplVG9Db250ZW50Ijo0NTksImgiOjQ1OCwid2lkZ2V0Ijp7ImdhdGV3YXlzIjpbImY0NzMyNzYyLTRiOTgtNDJmYS1hZGE4LTMzMTEzMjE4ODUzOSIsIjA3ZjJiMDBjLTg5YWYtNDUyZC04ZGIzLWEzMGVkNmVmY2E5MSIsImVjNzk4OTQ0LThhZGEtNGFiMC1iMzNiLWE5MTU4MGJmMjliNSJdfSwidyI6Mn0seyJpZCI6ImZpcmV3YWxsIiwibWluVyI6MiwieCI6NCwieSI6MzAyLCJ3Ijo0LCJoIjozNTcsIndpZGdldCI6W119LHsiaWQiOiJUYWlsc2NhbGUiLCJtaW5XIjoyLCJzaXplVG9Db250ZW50Ijo0OTIsIngiOjgsInkiOjQ0NiwiaCI6MzY2LCJ3aWRnZXQiOltdLCJ3Ijo0fSx7ImlkIjoiY3B1IiwibWluVyI6MiwieCI6MCwieSI6NTEyLCJoIjoxNjAsIndpZGdldCI6eyJncmFwaHMiOlsidG90YWwiXX0sInciOjJ9LHsiaWQiOiJXaXJlZ3VhcmQiLCJtaW5XIjoyLCJzaXplVG9Db250ZW50IjoyMTUsIngiOjIsInkiOjU4OSwiaCI6MTk2LCJ3aWRnZXQiOltdLCJ3IjoyfSx7ImlkIjoiaW50ZXJmYWNlc3RhdGlzdGljcyIsIm1pblciOjIsIngiOjYsInkiOjY1OSwic2l6ZVRvQ29udGVudCI6MjE5LCJoIjoyMDYsIndpZGdldCI6W10sInciOjJ9LHsiaWQiOiJ0aGVybWFsc2Vuc29ycyIsIm1pblciOjIsIngiOjAsInkiOjY3MiwiaCI6MTQ2LCJ3aWRnZXQiOnsic2Vuc29ycyI6W119LCJ3IjoyfV19</dashboard>
</user>
<user uuid="768ebc99-3284-46e3-9b20-a522d0fdb28d">
<uid>2001</uid>
<name>HomeAssistant</name>
<disabled>0</disabled>
<scope>user</scope>
<expires/>
<authorizedkeys/>
<otp_seed/>
<shell/>
<password>$2y$11$nAeFuOV8b7S4yZwOyFshy.LJvqqENW4MSHTr3gbsjdml3cxthcHWi</password>
<pwd_changed_at/>
<landing_page/>
<comment>HomeAssistant Integation</comment>
<email/>
<apikeys>O7rmzwnJ55/R3d3IoePl8cC/CLVh83bTKz63cRwQ0GE26KkXdbLKSZ+FeoPZtQ6yUrR3Yqaqtn1OZlIz|$6$$.k6o..NDGhrS2R7UBk4OmfldJcy4f4GQJflJ.RQFfLFzIz6gQkMWzDzyrPOZtnZ50.l/vraPrYDC9xAQXCEzx1</apikeys>
<priv>page-all,page-diagnostics-arptable,page-diagnostics-netflow</priv>
<language/>
<descr>Home Assistant</descr>
<dashboard/>
</user>
<nextuid>2000</nextuid>
<nextgid>2000</nextgid>
<timezone>America/Los_Angeles</timezone>
<timeservers>0.us.pool.ntp.org 1.us.pool.ntp.org 2.us.pool.ntp.org 3.us.pool.ntp.org</timeservers>
<webgui>
<protocol>https</protocol>
<ssl-certref>67a9532677f13</ssl-certref>
<port>10443</port>
<ssl-ciphers/>
<interfaces/>
<compression>5</compression>
<disablehttpredirect>1</disablehttpredirect>
<authmode>Local Database</authmode>
<nodnsrebindcheck>1</nodnsrebindcheck>
<althostnames>rno1.rail-city.net</althostnames>
<ssl-hsts>1</ssl-hsts>
</webgui>
<usevirtualterminal>1</usevirtualterminal>
<disableconsolemenu>1</disableconsolemenu>
<disablevlanhwfilter>1</disablevlanhwfilter>
<disablechecksumoffloading>1</disablechecksumoffloading>
<disablesegmentationoffloading>1</disablesegmentationoffloading>
<disablelargereceiveoffloading>1</disablelargereceiveoffloading>
<ipv6allow>1</ipv6allow>
<powerd_ac_mode>hadp</powerd_ac_mode>
<powerd_battery_mode>hadp</powerd_battery_mode>
<powerd_normal_mode>hadp</powerd_normal_mode>
<bogons>
<interval>weekly</interval>
</bogons>
<pf_share_forward>1</pf_share_forward>
<lb_use_sticky>1</lb_use_sticky>
<ssh>
<group>admins</group>
<noauto>1</noauto>
<interfaces>lan,opt3</interfaces>
<kex/>
<ciphers/>
<macs/>
<keys/>
<keysig/>
<rekeylimit/>
<enabled>enabled</enabled>
<permitrootlogin>1</permitrootlogin>
<passwordauth>1</passwordauth>
</ssh>
<rrdbackup>-1</rrdbackup>
<netflowbackup>-1</netflowbackup>
<backup>
<git version="1.0.0">
<enabled>1</enabled>
<url>ssh://gitea.coldsprings.dev:2222/kenjreno/OPNSenseBackup</url>
<branch>main</branch>
<privkey>-----BEGIN OPENSSH PRIVATE KEY-----&#xD;
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW&#xD;
QyNTUxOQAAACC7cx3TjYZlayN5VeOZXD7Xhh0kl/3Hi6dJXc+PnssKLAAAAJgdsVzbHbFc&#xD;
2wAAAAtzc2gtZWQyNTUxOQAAACC7cx3TjYZlayN5VeOZXD7Xhh0kl/3Hi6dJXc+PnssKLA&#xD;
AAAECtYwZAx6u1ADbu+Vy3IQYHdDSQ2G2exBwQ2WPpOPpXsrtzHdONhmVrI3lV45lcPteG&#xD;
HSSX/ceLp0ldz4+eywosAAAAFWdpdHVzZXJAb3Buc2VzZS5sb2NhbA==&#xD;
-----END OPENSSH PRIVATE KEY-----</privkey>
<user>git</user>
<password/>
</git>
<nextcloud version="1.0.0">
<enabled>1</enabled>
<url>https://railcloud.us</url>
<user>kenjreno</user>
<password>6dEcp-dC5QR-JJJAd-pRbaf-2FbFi</password>
<password_encryption/>
<backupdir>OPNsense-Backup</backupdir>
</nextcloud>
</backup>
<firmware version="1.0.1">
<mirror>https://mirror.sfo12.us.leaseweb.net/opnsense</mirror>
<flavour/>
<plugins>os-acme-client,os-dmidecode,os-frr,os-git-backup,os-haproxy,os-iperf,os-mdns-repeater,os-netdata,os-nextcloud-backup,os-node_exporter,os-qemu-guest-agent,os-rfc2136,os-tailscale</plugins>
<type/>
<subscription/>
<reboot>0</reboot>
</firmware>
<language>en_US</language>
<dnsserver>100.100.100.100</dnsserver>
<dnsserver>127.0.0.1</dnsserver>
<dnsallowoverride_exclude/>
<dns1gw>none</dns1gw>
<dns2gw>none</dns2gw>
<dns3gw>none</dns3gw>
<dns4gw>none</dns4gw>
<dns5gw>none</dns5gw>
<dns6gw>none</dns6gw>
<dns7gw>none</dns7gw>
<dns8gw>none</dns8gw>
<serialspeed>115200</serialspeed>
<primaryconsole>video</primaryconsole>
<sudo_allow_wheel>1</sudo_allow_wheel>
<sudo_allow_group>admins</sudo_allow_group>
<backupcount>50</backupcount>
<dnssearchdomain>home.arpa</dnssearchdomain>
<powerd_enable>1</powerd_enable>
<crypto_hardware>qat</crypto_hardware>
<use_mfs_var>1</use_mfs_var>
<use_mfs_tmp>1</use_mfs_tmp>
<authserver>
<refid>67a9ff977c4fc</refid>
<type>voucher</type>
<name>Captive Vouchers</name>
<simplePasswords/>
<usernameLength/>
<passwordLength/>
</authserver>
<enablenatreflectionhelper>yes</enablenatreflectionhelper>
<maximumstates/>
<maximumfrags/>
<aliasesresolveinterval/>
<maximumtableentries/>
<pfdebug>urgent</pfdebug>
<thermal_hardware>coretemp</thermal_hardware>
<secondaryconsole/>
<serialusb/>
</system>
<interfaces>
<wan>
<if>vtnet0</if>
<descr>Wan</descr>
<enable>1</enable>
<lock>1</lock>
<spoofmac/>
<ipaddr>71.83.99.150</ipaddr>
<subnet>29</subnet>
<gateway>WAN_GW</gateway>
<ipaddrv6>dhcp6</ipaddrv6>
<dhcp6-ia-pd-len>0</dhcp6-ia-pd-len>
<adv_dhcp6_interface_statement_send_options/>
<adv_dhcp6_interface_statement_request_options/>
<adv_dhcp6_interface_statement_information_only_enable/>
<adv_dhcp6_interface_statement_script/>
<adv_dhcp6_id_assoc_statement_address_enable/>
<adv_dhcp6_id_assoc_statement_address/>
<adv_dhcp6_id_assoc_statement_address_id/>
<adv_dhcp6_id_assoc_statement_address_pltime/>
<adv_dhcp6_id_assoc_statement_address_vltime/>
<adv_dhcp6_id_assoc_statement_prefix_enable/>
<adv_dhcp6_id_assoc_statement_prefix/>
<adv_dhcp6_id_assoc_statement_prefix_id/>
<adv_dhcp6_id_assoc_statement_prefix_pltime/>
<adv_dhcp6_id_assoc_statement_prefix_vltime/>
<adv_dhcp6_prefix_interface_statement_sla_len/>
<adv_dhcp6_authentication_statement_authname/>
<adv_dhcp6_authentication_statement_protocol/>
<adv_dhcp6_authentication_statement_algorithm/>
<adv_dhcp6_authentication_statement_rdm/>
<adv_dhcp6_key_info_statement_keyname/>
<adv_dhcp6_key_info_statement_realm/>
<adv_dhcp6_key_info_statement_keyid/>
<adv_dhcp6_key_info_statement_secret/>
<adv_dhcp6_key_info_statement_expire/>
<adv_dhcp6_config_advanced/>
<adv_dhcp6_config_file_override/>
<adv_dhcp6_config_file_override_path/>
</wan>
<lo0>
<internal_dynamic>1</internal_dynamic>
<descr>Loopback</descr>
<enable>1</enable>
<if>lo0</if>
<ipaddr>127.0.0.1</ipaddr>
<ipaddrv6>::1</ipaddrv6>
<subnet>8</subnet>
<subnetv6>128</subnetv6>
<type>none</type>
<virtual>1</virtual>
</lo0>
<opt1>
<if>vtnet2</if>
<descr>ETH3</descr>
</opt1>
<opt2>
<if>vtnet3</if>
<descr>ETH4</descr>
</opt2>
<lan>
<if>vtnet1</if>
<descr/>
<enable>1</enable>
<lock>1</lock>
<spoofmac/>
<mtu>9000</mtu>
<ipaddr>192.168.5.1</ipaddr>
<subnet>24</subnet>
<ipaddrv6>fdcf:39d9:630d::1</ipaddrv6>
<subnetv6>48</subnetv6>
</lan>
<opt3>
<if>vlan00</if>
<descr>Servers</descr>
<enable>1</enable>
<spoofmac/>
<mtu>9000</mtu>
<ipaddr>192.168.10.1</ipaddr>
<subnet>24</subnet>
<ipaddrv6>2001:470:1f05:a::1</ipaddrv6>
<subnetv6>64</subnetv6>
</opt3>
<opt4>
<if>vlan01</if>
<descr>Cameras</descr>
<enable>1</enable>
<spoofmac/>
<mtu>9000</mtu>
<ipaddr>192.168.3.1</ipaddr>
<subnet>24</subnet>
<ipaddrv6>fd04:87b2:9345::1</ipaddrv6>
<subnetv6>48</subnetv6>
</opt4>
<opt5>
<if>tailscale0</if>
<descr>Tailscale</descr>
<enable>1</enable>
<spoofmac/>
</opt5>
<opt6>
<if>vlan02</if>
<descr>Phones</descr>
<enable>1</enable>
<spoofmac/>
<mtu>9000</mtu>
<ipaddr>192.168.2.1</ipaddr>
<subnet>24</subnet>
<ipaddrv6>fd36:94be:70a6::1</ipaddrv6>
<subnetv6>48</subnetv6>
</opt6>
<opt7>
<if>vlan03</if>
<descr>Christmas</descr>
<enable>1</enable>
<spoofmac/>
<mtu>9000</mtu>
<ipaddr>192.168.70.1</ipaddr>
<subnet>24</subnet>
<ipaddrv6>fddb:45f0:de98::1</ipaddrv6>
<subnetv6>48</subnetv6>
</opt7>
<Trust>
<internal_dynamic>1</internal_dynamic>
<enable>1</enable>
<networks/>
<if>Trust</if>
<descr>Trust</descr>
<virtual>1</virtual>
<type>group</type>
</Trust>
<Untrust>
<internal_dynamic>1</internal_dynamic>
<enable>1</enable>
<networks/>
<if>Untrust</if>
<descr>Untrust</descr>
<virtual>1</virtual>
<type>group</type>
</Untrust>
<opt8>
<if>gif0</if>
<descr>TunnelBroker</descr>
<enable>1</enable>
<lock>1</lock>
<spoofmac/>
</opt8>
<opt9>
<descr>Guest</descr>
<if>vlan04</if>
</opt9>
<opt10>
<descr>IoT</descr>
<if>vlan05</if>
</opt10>
<opt11>
<if>vtnet4</if>
<descr>Kubernetes</descr>
<enable>1</enable>
<spoofmac/>
<mtu>9000</mtu>
<ipaddr>192.168.146.1</ipaddr>
<subnet>24</subnet>
<ipaddrv6>fd00:146::1</ipaddrv6>
<subnetv6>64</subnetv6>
</opt11>
<wireguard>
<internal_dynamic>1</internal_dynamic>
<descr>WireGuard (Group)</descr>
<if>wireguard</if>
<virtual>1</virtual>
<enable>1</enable>
<type>group</type>
<networks/>
</wireguard>
</interfaces>
<dhcpd>
<lan>
<enable>1</enable>
<defaultleasetime>7200</defaultleasetime>
<gateway>192.168.5.1</gateway>
<domain>home.arpa</domain>
<domainsearchlist>home.arpa</domainsearchlist>
<ddnsdomainalgorithm>hmac-md5</ddnsdomainalgorithm>
<numberoptions>
<item>
<number>43</number>
<type>string</type>
<value>"http://pbx.internal.rail-city.net:5000/provisioning/s6xyrhxwvxuzli9"</value>
</item>
<item>
<number>66</number>
<type>string</type>
<value>"http://pbx.internal.rail-city.net:5000/provisioning/s6xyrhxwvxuzli9"</value>
</item>
<item>
<number>100</number>
<type>text</type>
<value>PST8PDT,M3.2.0/2:00:00,M11.1.0/2:00:00</value>
</item>
<item>
<number>101</number>
<type>text</type>
<value>America/Los_Angeles</value>
</item>
<item>
<number>120</number>
<type>ip-address</type>
<value>192.168.5.48</value>
</item>
<item>
<number>160</number>
<type>text</type>
<value>http://pbx.internal.rail-city.net:5000/provisioning/s6xyrhxwvxuzli9</value>
</item>
<item>
<number>2</number>
<type>signed integer 32</type>
<value>-28800</value>
</item>
</numberoptions>
<range>
<from>192.168.5.50</from>
<to>192.168.5.229</to>
</range>
<winsserver/>
<dnsserver>192.168.5.1</dnsserver>
<ntpserver>192.168.5.1</ntpserver>
<staticmap>
<mac>0c:c4:7a:36:5a:bc</mac>
<hostname>gizmo-bnc</hostname>
<descr>Supermicro IPMI - Gizmo</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>00:25:90:f3:5a:aa</mac>
<ipaddr>192.168.5.10</ipaddr>
<hostname>zoey</hostname>
<descr>Proxmox - Zoey</descr>
<domain>coldsprings.dev</domain>
<domainsearchlist>coldsprings.dev</domainsearchlist>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>00:25:90:f2:19:68</mac>
<ipaddr>192.168.5.12</ipaddr>
<hostname>roxy</hostname>
<descr>Proxmox - Roxy</descr>
<domain>coldsprings.dev</domain>
<domainsearchlist>coldsprings.dev</domainsearchlist>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>0c:c4:7a:32:f9:20</mac>
<ipaddr>192.168.5.14</ipaddr>
<hostname>gizmo</hostname>
<descr>Proxmox - Gizmo</descr>
<domain>coldsprings.dev</domain>
<domainsearchlist>coldspring.dev</domainsearchlist>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>0c:c4:7a:95:c8:f6</mac>
<ipaddr>192.168.5.16</ipaddr>
<hostname>jonah</hostname>
<descr>Proxmox - Jonah</descr>
<domain>coldsprings.dev</domain>
<domainsearchlist>coldsprings.dev</domainsearchlist>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>0c:c4:7a:63:9a:b8</mac>
<ipaddr>192.168.5.20</ipaddr>
<hostname>lacey</hostname>
<descr>Proxmox - Lacey/pve2</descr>
<domain>coldsprings.dev</domain>
<domainsearchlist>coldsprings.dev</domainsearchlist>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>00:0e:f3:2a:aa:50</mac>
<ipaddr>192.168.5.21</ipaddr>
<hostname>hub-2242</hostname>
<descr>Insteon Hub v1</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>a8:b8:e0:01:18:29</mac>
<ipaddr>192.168.5.22</ipaddr>
<hostname>foggy</hostname>
<descr>Proxmox - Foggy</descr>
<domain>coldsprings.dev</domain>
<domainsearchlist>coldsprings.dev</domainsearchlist>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>00:0e:f3:3c:a2:8f</mac>
<ipaddr>192.168.5.23</ipaddr>
<hostname>hub-2245</hostname>
<descr>Insteon Hub v2</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>0c:c4:7a:d3:54:2a</mac>
<ipaddr>192.168.5.24</ipaddr>
<hostname>joe</hostname>
<descr>Proxmox - Joe/pve1</descr>
<domain>coldsprings.dev</domain>
<domainsearchlist>coldsprings.dev</domainsearchlist>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>d8:9e:f3:47:12:af</mac>
<ipaddr>192.168.5.26</ipaddr>
<hostname>suzie</hostname>
<descr>Proxmox - Suzie</descr>
<domain>coldsprings.dev</domain>
<domainsearchlist>coldsprings.dev</domainsearchlist>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>bc:24:11:9e:4b:e2</mac>
<ipaddr>192.168.5.36</ipaddr>
<hostname>pbs</hostname>
<descr>Proxmox Backup Server</descr>
<domain>coldsprings.dev</domain>
<domainsearchlist>coldsprings.dev</domainsearchlist>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>28:c6:8e:f5:15:0f</mac>
<ipaddr>192.168.5.43</ipaddr>
<hostname>rack01sw02</hostname>
<descr>Netgear Switch GS748T</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>bc:24:11:c1:27:60</mac>
<ipaddr>192.168.5.48</ipaddr>
<hostname>pbx</hostname>
<descr>3CX PBX</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>bc:24:11:e9:44:9a</mac>
<ipaddr>192.168.5.49</ipaddr>
<hostname>haos_5</hostname>
<descr>Home Assistant - Home Network</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>bc:24:11:7a:a6:76</mac>
<ipaddr>192.168.5.195</ipaddr>
<hostname>ollama</hostname>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>0c:c4:7a:d5:6a:17</mac>
<ipaddr>192.168.5.233</ipaddr>
<hostname>joe_bnc</hostname>
<descr>Supermicro IPMI - joe</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<pool/>
</lan>
<opt7>
<enable>1</enable>
<domain>xmascity.net</domain>
<domainsearchlist>xmascity.net</domainsearchlist>
<ddnsdomainalgorithm>hmac-md5</ddnsdomainalgorithm>
<numberoptions>
<item/>
</numberoptions>
<range>
<from>192.168.70.50</from>
<to>192.168.70.127</to>
</range>
<winsserver/>
<dnsserver/>
<ntpserver/>
</opt7>
<opt4>
<enable>1</enable>
<ddnsdomainalgorithm>hmac-md5</ddnsdomainalgorithm>
<numberoptions>
<item/>
</numberoptions>
<range>
<from>192.168.3.50</from>
<to>192.168.3.127</to>
</range>
<winsserver/>
<dnsserver/>
<ntpserver/>
</opt4>
<opt6>
<enable>1</enable>
<ddnsdomainalgorithm>hmac-md5</ddnsdomainalgorithm>
<numberoptions>
<item/>
</numberoptions>
<range>
<from>192.168.2.50</from>
<to>192.168.2.127</to>
</range>
<winsserver/>
<dnsserver/>
<ntpserver/>
</opt6>
<opt3>
<enable>1</enable>
<domain>coldsprings.dev</domain>
<domainsearchlist>coldsprings.dev</domainsearchlist>
<ddnsdomainalgorithm>hmac-md5</ddnsdomainalgorithm>
<numberoptions>
<item/>
</numberoptions>
<range>
<from>192.168.10.64</from>
<to>192.168.10.127</to>
</range>
<winsserver/>
<dnsserver>192.168.10.1</dnsserver>
<dnsserver>192.168.10.13</dnsserver>
<ntpserver/>
<staticmap>
<mac>bc:24:11:72:64:bb</mac>
<ipaddr>192.168.10.7</ipaddr>
<hostname>filesvr</hostname>
<descr>Truenas Scale File Server</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>bc:24:11:2a:4e:d1</mac>
<ipaddr>192.168.10.9</ipaddr>
<hostname>dbsvr01</hostname>
<descr>Production MySQL Database</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>bc:24:11:ae:d9:b4</mac>
<ipaddr>192.168.10.11</ipaddr>
<hostname>dc1</hostname>
<descr>Domain Controller 1</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>bc:24:11:28:ee:dc</mac>
<ipaddr>192.168.10.13</ipaddr>
<hostname>dc2</hostname>
<descr>Domain Controller 2</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>bc:24:11:b1:9e:2b</mac>
<ipaddr>192.168.10.15</ipaddr>
<hostname>lb1</hostname>
<descr>Load Balancer 1</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>bc:24:11:b1:9e:2c</mac>
<ipaddr>192.168.10.17</ipaddr>
<hostname>lb2</hostname>
<descr>Load Balancer 2</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>bc:24:11:b1:9e:2d</mac>
<ipaddr>192.168.10.19</ipaddr>
<hostname>lb3</hostname>
<descr>Load Balancer 3</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>bc:24:11:22:02:8b</mac>
<ipaddr>192.168.10.25</ipaddr>
<hostname>mx</hostname>
<descr>Mail Server</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>02:ff:60:27:9a:c0</mac>
<ipaddr>192.168.10.26</ipaddr>
<hostname>nextcloud</hostname>
<descr>Railcloud/Nextcloud</descr>
<domain>coldsprings.dev</domain>
<domainsearchlist>coldsprings.dev</domainsearchlist>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>bc:24:11:5b:89:02</mac>
<ipaddr>192.168.10.29</ipaddr>
<hostname>dbnp01</hostname>
<descr>Non-Production MySQL Server</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>bc:24:11:ae:ae:c9</mac>
<ipaddr>192.168.10.30</ipaddr>
<hostname>docker</hostname>
<descr>Docker System</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>bc:24:11:ee:08:22</mac>
<ipaddr>192.168.10.31</ipaddr>
<hostname>dbnp02</hostname>
<descr>NonProd MySQL Database 2</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>bc:24:11:27:a6:8d</mac>
<ipaddr>192.168.10.33</ipaddr>
<hostname>dbnp03</hostname>
<descr>Non-Prod MySQL Database 3</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>bc:24:11:2d:30:72</mac>
<ipaddr>192.168.10.44</ipaddr>
<hostname>minio</hostname>
<descr>minio S3 Service</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>bc:24:11:90:c3:e8</mac>
<ipaddr>192.168.10.45</ipaddr>
<hostname>emqx1</hostname>
<descr>Emqx MQTT Server 1</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>bc:24:11:b2:1a:9e</mac>
<ipaddr>192.168.10.57</ipaddr>
<hostname>plexsvr</hostname>
<descr>Plex Media Server</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>bc:24:11:dc:35:76</mac>
<ipaddr>192.168.10.130</ipaddr>
<hostname>gitea</hostname>
<descr>Gitea GIT Hosting</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>bc:24:11:31:20:54</mac>
<ipaddr>192.168.10.131</ipaddr>
<hostname>pgsqlnp</hostname>
<descr>Postgresql NonProd</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>bc:24:11:7a:a6:76</mac>
<ipaddr>192.168.10.195</ipaddr>
<hostname>ollama</hostname>
<descr>Ollama AI</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>bc:24:11:48:28:01</mac>
<ipaddr>192.168.10.241</ipaddr>
<hostname>k8s-control-01</hostname>
<descr>Kubernetes Control 01</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>bc:24:11:48:28:02</mac>
<ipaddr>192.168.10.242</ipaddr>
<hostname>k8s-control-02</hostname>
<descr>Kubernetes Control 02</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>bc:24:11:48:28:03</mac>
<ipaddr>192.168.10.243</ipaddr>
<hostname>k8s-control-03</hostname>
<descr>Kubernetes Control 03</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>bc:24:11:48:29:01</mac>
<ipaddr>192.168.10.244</ipaddr>
<hostname>k8s-worker-01</hostname>
<descr>Kubernetes Worker 01</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>bc:24:11:48:29:02</mac>
<ipaddr>192.168.10.245</ipaddr>
<hostname>k8s-worker-02</hostname>
<descr>Kubernetes Worker 02</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>bc:24:11:48:29:03</mac>
<ipaddr>192.168.10.246</ipaddr>
<hostname>k8s-worker-03</hostname>
<descr>kubernetes Worker 03</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>bc:24:11:48:28:04</mac>
<ipaddr>192.168.10.247</ipaddr>
<hostname>talos-staging</hostname>
<descr>Talos Staging System</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
</opt3>
<opt11>
<enable>1</enable>
<ddnsdomainalgorithm>hmac-md5</ddnsdomainalgorithm>
<numberoptions>
<item/>
</numberoptions>
<range>
<from>192.168.146.50</from>
<to>192.168.146.240</to>
</range>
<winsserver/>
<dnsserver/>
<ntpserver/>
<staticmap>
<mac>bc:24:11:48:28:01</mac>
<ipaddr>192.168.146.21</ipaddr>
<hostname>k8s-control-01</hostname>
<descr>Kubernetes Controller 1</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>bc:24:11:48:28:02</mac>
<ipaddr>192.168.146.23</ipaddr>
<hostname>k8s-control-02</hostname>
<descr>Kubernetes Controller 2</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>bc:24:11:48:28:03</mac>
<ipaddr>192.168.146.25</ipaddr>
<hostname>k8s-control-03</hostname>
<descr>Kubernetes Controller 3</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>bc:24:11:48:29:01</mac>
<ipaddr>192.168.146.51</ipaddr>
<hostname>k8s-worker-01</hostname>
<descr>Kubernetes Worker 1</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>bc:24:11:48:29:02</mac>
<ipaddr>192.168.146.53</ipaddr>
<hostname>k8s-worker-02</hostname>
<descr>Kubernetes Worker 2</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
<staticmap>
<mac>bc:24:11:48:29:03</mac>
<ipaddr>192.168.146.55</ipaddr>
<hostname>k8s-worker-03</hostname>
<descr>Kubernetes Worker 3</descr>
<winsserver/>
<dnsserver/>
<ntpserver/>
</staticmap>
</opt11>
</dhcpd>
<snmpd>
<syslocation/>
<syscontact/>
<rocommunity>public</rocommunity>
</snmpd>
<nat>
<outbound>
<mode>hybrid</mode>
<rule>
<source>
<network>any</network>
</source>
<destination>
<address>192.168.7.0/24</address>
</destination>
<descr>Allow Lan -&gt; Tailscale</descr>
<category/>
<interface>opt5</interface>
<tag/>
<tagged/>
<poolopts/>
<poolopts_sourcehashkey/>
<ipprotocol>inet</ipprotocol>
<created>
<username>kenjreno@192.168.5.122</username>
<time>1739734332.8321</time>
<description>/firewall_nat_out_edit.php made changes</description>
</created>
<target>opt5ip</target>
<sourceport/>
<updated>
<username>kenjreno@192.168.5.122</username>
<time>1740009144.6778</time>
<description>/firewall_nat_out_edit.php made changes</description>
</updated>
</rule>
<rule>
<source>
<network>any</network>
</source>
<destination>
<address>100.64.0.0/10</address>
</destination>
<descr>Allow Server -&gt; Tailscale</descr>
<category/>
<interface>opt5</interface>
<tag/>
<tagged/>
<poolopts/>
<poolopts_sourcehashkey/>
<ipprotocol>inet</ipprotocol>
<created>
<username>kenjreno@192.168.5.122</username>
<time>1740007863.868</time>
<description>/firewall_nat_out_edit.php made changes</description>
</created>
<target>opt5ip</target>
<sourceport/>
<updated>
<username>kenjreno@192.168.5.122</username>
<time>1740007974.2151</time>
<description>/firewall_nat_out_edit.php made changes</description>
</updated>
</rule>
<rule>
<source>
<network>192.168.10.25/32</network>
</source>
<destination>
<any>1</any>
</destination>
<descr>Forward Mailserver to .147</descr>
<category/>
<interface>wan</interface>
<tag/>
<tagged/>
<poolopts/>
<poolopts_sourcehashkey/>
<ipprotocol>inet</ipprotocol>
<target>71.83.99.147</target>
<staticnatport>1</staticnatport>
<sourceport/>
<updated>
<username>kenjreno@192.168.5.122</username>
<time>1739419236.7432</time>
<description>/firewall_nat_out_edit.php made changes</description>
</updated>
<created>
<username>kenjreno@192.168.5.122</username>
<time>1739419236.7432</time>
<description>/firewall_nat_out_edit.php made changes</description>
</created>
</rule>
<rule>
<source>
<network>opt3</network>
</source>
<destination>
<any>1</any>
</destination>
<descr>Redirect Servers Network to .146</descr>
<category/>
<interface>wan</interface>
<tag/>
<tagged/>
<poolopts/>
<poolopts_sourcehashkey/>
<ipprotocol>inet</ipprotocol>
<created>
<username>kenjreno@192.168.5.122</username>
<time>1739419295.4079</time>
<description>/firewall_nat_out_edit.php made changes</description>
</created>
<target>71.83.99.146</target>
<staticnatport>1</staticnatport>
<sourceport/>
<updated>
<username>kenjreno@192.168.5.122</username>
<time>1739419372.3518</time>
<description>/firewall_nat_out_edit.php made changes</description>
</updated>
</rule>
<rule>
<source>
<network>any</network>
</source>
<destination>
<any>1</any>
</destination>
<descr>Allow Network Tailscale</descr>
<category/>
<interface>wan</interface>
<tag/>
<tagged/>
<poolopts/>
<poolopts_sourcehashkey/>
<ipprotocol>inet</ipprotocol>
<target>wanip</target>
<staticnatport>1</staticnatport>
<sourceport/>
<protocol>udp</protocol>
<updated>
<username>kenjreno@192.168.5.122</username>
<time>1739419351.8904</time>
<description>/firewall_nat_out_edit.php made changes</description>
</updated>
<created>
<username>kenjreno@192.168.5.122</username>
<time>1739419351.8904</time>
<description>/firewall_nat_out_edit.php made changes</description>
</created>
</rule>
</outbound>
<rule>
<protocol>tcp/udp</protocol>
<interface>lan</interface>
<category/>
<ipprotocol>inet</ipprotocol>
<descr>Redirect DNS through Firewall</descr>
<tag/>
<tagged/>
<poolopts/>
<associated-rule-id>nat_67ba16b66c8d54.75523749</associated-rule-id>
<target>127.0.0.1</target>
<local-port>53</local-port>
<source>
<any>1</any>
</source>
<destination>
<network>lanip</network>
<not>1</not>
<port>53</port>
</destination>
<natreflection>disable</natreflection>
<updated>
<username>kenjreno@192.168.5.1</username>
<time>1740248957.9596</time>
<description>/firewall_nat_edit.php made changes</description>
</updated>
<created>
<username>kenjreno@192.168.5.1</username>
<time>1740248758.4447</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
<rule>
<protocol>tcp</protocol>
<interface>wan</interface>
<category/>
<ipprotocol>inet</ipprotocol>
<descr>Allow Incoming eMail</descr>
<tag/>
<tagged/>
<poolopts/>
<associated-rule-id>nat_67ad709fc3e844.04299527</associated-rule-id>
<target>Host_Mailserver</target>
<local-port>Ports_eMail</local-port>
<source>
<any>1</any>
</source>
<destination>
<address>71.83.99.147</address>
<port>Ports_eMail</port>
</destination>
<updated>
<username>kenjreno@192.168.5.122</username>
<time>1740010129.2558</time>
<description>/firewall_nat_edit.php made changes</description>
</updated>
<created>
<username>kenjreno@192.168.5.122</username>
<time>1739419807.8025</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
<rule>
<protocol>tcp/udp</protocol>
<interface>wan</interface>
<category/>
<ipprotocol>inet</ipprotocol>
<descr>Allow Access to DNS</descr>
<tag/>
<tagged/>
<poolopts/>
<associated-rule-id>nat_67ad70c9eb5df5.72660733</associated-rule-id>
<target>Host_Docker</target>
<local-port>Ports_DNS</local-port>
<source>
<any>1</any>
</source>
<destination>
<address>71.83.99.146</address>
<port>Ports_DNS</port>
</destination>
<updated>
<username>kenjreno@192.168.5.122</username>
<time>1740010145.3024</time>
<description>/firewall_nat_edit.php made changes</description>
</updated>
<created>
<username>kenjreno@192.168.5.122</username>
<time>1739419849.9641</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
<rule>
<protocol>tcp/udp</protocol>
<interface>wan</interface>
<category/>
<ipprotocol>inet</ipprotocol>
<descr>Allow access to Websites</descr>
<tag/>
<tagged/>
<poolopts/>
<associated-rule-id>nat_67ad70ef6b4af5.38110229</associated-rule-id>
<target>Host_Docker</target>
<local-port>Ports_Websites</local-port>
<source>
<any>1</any>
</source>
<destination>
<address>71.83.99.146</address>
<port>Ports_Websites</port>
</destination>
<updated>
<username>kenjreno@192.168.5.122</username>
<time>1740010174.475</time>
<description>/firewall_nat_edit.php made changes</description>
</updated>
<created>
<username>kenjreno@192.168.5.122</username>
<time>1739419887.4395</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
<rule>
<protocol>tcp</protocol>
<interface>wan</interface>
<category/>
<ipprotocol>inet</ipprotocol>
<descr>Allow access to MQTT</descr>
<tag/>
<tagged/>
<poolopts/>
<associated-rule-id>nat_67ad71168ffc22.83998313</associated-rule-id>
<target>Host_MQTT</target>
<local-port>Ports_MQTT</local-port>
<source>
<any>1</any>
</source>
<destination>
<address>71.83.99.146</address>
<port>Ports_MQTT</port>
</destination>
<updated>
<username>kenjreno@192.168.5.122</username>
<time>1740010188.8011</time>
<description>/firewall_nat_edit.php made changes</description>
</updated>
<created>
<username>kenjreno@192.168.5.122</username>
<time>1739419926.5898</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
<rule>
<protocol>tcp</protocol>
<interface>wan</interface>
<category/>
<ipprotocol>inet</ipprotocol>
<descr>Allow 3CX/PBX Admin</descr>
<tag/>
<tagged/>
<poolopts/>
<associated-rule-id>nat_67ad718f3644f0.76381559</associated-rule-id>
<target>192.168.5.48</target>
<local-port>5001</local-port>
<source>
<any>1</any>
</source>
<destination>
<network>wanip</network>
<port>5001</port>
</destination>
<updated>
<username>kenjreno@192.168.5.237</username>
<time>1739942005.3903</time>
<description>/firewall_nat_edit.php made changes</description>
</updated>
<created>
<username>kenjreno@192.168.5.122</username>
<time>1739420047.2223</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
<rule>
<protocol>udp</protocol>
<interface>wan</interface>
<category/>
<ipprotocol>inet</ipprotocol>
<descr>Wireguard to HA</descr>
<tag/>
<tagged/>
<poolopts/>
<associated-rule-id>nat_67ad71da0b9fd7.03700729</associated-rule-id>
<target>192.168.10.49</target>
<local-port>51830</local-port>
<source>
<any>1</any>
</source>
<destination>
<network>wanip</network>
<port>51830</port>
</destination>
<updated>
<username>kenjreno@192.168.5.122</username>
<time>1739420122.0476</time>
<description>/firewall_nat_edit.php made changes</description>
</updated>
<created>
<username>kenjreno@192.168.5.122</username>
<time>1739420122.0477</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
<rule>
<protocol>tcp</protocol>
<interface>wan</interface>
<category/>
<ipprotocol>inet</ipprotocol>
<descr>Allow SSH to Gitea</descr>
<tag/>
<tagged/>
<poolopts/>
<associated-rule-id>nat_67ad720729fe94.53585994</associated-rule-id>
<target>Host_Docker</target>
<local-port>2222</local-port>
<source>
<any>1</any>
</source>
<destination>
<address>71.83.99.146</address>
<port>2222</port>
</destination>
<updated>
<username>kenjreno@192.168.5.122</username>
<time>1739420167.1721</time>
<description>/firewall_nat_edit.php made changes</description>
</updated>
<created>
<username>kenjreno@192.168.5.122</username>
<time>1739420167.1721</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
<rule>
<protocol>tcp</protocol>
<interface>wan</interface>
<category/>
<ipprotocol>inet</ipprotocol>
<descr>Allow SSH to Filesvr</descr>
<tag/>
<tagged/>
<poolopts/>
<associated-rule-id>nat_67ad72502b3fe2.67681864</associated-rule-id>
<target>192.168.10.7</target>
<local-port>22</local-port>
<source>
<address>Net_AllowExternal</address>
</source>
<destination>
<address>71.83.99.146</address>
<port>10007</port>
</destination>
<updated>
<username>kenjreno@192.168.5.122</username>
<time>1739420240.1772</time>
<description>/firewall_nat_edit.php made changes</description>
</updated>
<created>
<username>kenjreno@192.168.5.122</username>
<time>1739420240.1772</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
<rule>
<protocol>tcp</protocol>
<interface>wan</interface>
<category/>
<ipprotocol>inet</ipprotocol>
<descr>Allow SSH to Ansible</descr>
<tag/>
<tagged/>
<poolopts/>
<associated-rule-id>nat_67ad728a17fd21.09599110</associated-rule-id>
<target>192.168.10.109</target>
<local-port>22</local-port>
<source>
<address>Net_AllowExternal</address>
</source>
<destination>
<address>71.83.99.146</address>
<port>10116</port>
</destination>
<updated>
<username>ken@192.168.5.122</username>
<time>1749133803.5146</time>
<description>/firewall_nat_edit.php made changes</description>
</updated>
<created>
<username>kenjreno@192.168.5.122</username>
<time>1739420298.0983</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
<rule>
<protocol>tcp</protocol>
<interface>wan</interface>
<category/>
<ipprotocol>inet</ipprotocol>
<descr>Allow SSH to Ansible Too</descr>
<tag/>
<tagged/>
<poolopts/>
<associated-rule-id>nat_67ad72c091c571.24304504</associated-rule-id>
<disabled>1</disabled>
<target>192.168.10.120</target>
<local-port>22</local-port>
<source>
<address>Net_AllowExternal</address>
</source>
<destination>
<address>71.83.99.146</address>
<port>10072</port>
</destination>
<updated>
<username>kenjreno@192.168.5.122</username>
<time>1739420352.5971</time>
<description>/firewall_nat_edit.php made changes</description>
</updated>
<created>
<username>kenjreno@192.168.5.122</username>
<time>1739420352.5971</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
<rule>
<protocol>tcp</protocol>
<interface>wan</interface>
<category/>
<ipprotocol>inet</ipprotocol>
<descr>Allow SSH to pve1</descr>
<tag/>
<tagged/>
<poolopts/>
<associated-rule-id>nat_67ad72fc43d419.05197582</associated-rule-id>
<disabled>1</disabled>
<target>192.168.10.122</target>
<local-port>22</local-port>
<source>
<address>Net_AllowExternal</address>
</source>
<destination>
<address>71.83.99.146</address>
<port>10122</port>
</destination>
<updated>
<username>kenjreno@192.168.5.122</username>
<time>1739420412.2779</time>
<description>/firewall_nat_edit.php made changes</description>
</updated>
<created>
<username>kenjreno@192.168.5.122</username>
<time>1739420412.2779</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
<rule>
<protocol>tcp</protocol>
<interface>wan</interface>
<category/>
<ipprotocol>inet</ipprotocol>
<descr>Allow Plex</descr>
<tag/>
<tagged/>
<poolopts/>
<associated-rule-id>nat_67ad7333d67b29.89717724</associated-rule-id>
<target>192.168.10.57</target>
<local-port>32400</local-port>
<source>
<any>1</any>
</source>
<destination>
<address>71.83.99.146</address>
<port>17758</port>
</destination>
<updated>
<username>kenjreno@192.168.5.122</username>
<time>1741044667.4574</time>
<description>/firewall_nat_edit.php made changes</description>
</updated>
<created>
<username>kenjreno@192.168.5.122</username>
<time>1739420467.8785</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
<rule>
<protocol>tcp</protocol>
<interface>wan</interface>
<category/>
<ipprotocol>inet</ipprotocol>
<descr>Allow Plex</descr>
<tag/>
<tagged/>
<poolopts/>
<associated-rule-id>nat_67ad736c89baf8.57850463</associated-rule-id>
<target>192.168.5.102</target>
<local-port>32400</local-port>
<source>
<any>1</any>
</source>
<destination>
<network>wanip</network>
<port>26476</port>
</destination>
<updated>
<username>kenjreno@192.168.5.122</username>
<time>1740973748.6959</time>
<description>/firewall_nat_edit.php made changes</description>
</updated>
<created>
<username>kenjreno@192.168.5.122</username>
<time>1739420524.5642</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
</nat>
<filter>
<rule uuid="bf593e40-ccce-4776-a675-c00a499f01fd">
<type>pass</type>
<interface>wan</interface>
<ipprotocol>inet</ipprotocol>
<statetype>keep state</statetype>
<descr>Allow HE Tunnel Broker</descr>
<direction>in</direction>
<quick>1</quick>
<protocol>igmp</protocol>
<source>
<address>66.220.2.74/32</address>
</source>
<destination>
<any>1</any>
</destination>
<updated>
<username>kenjreno@192.168.5.122</username>
<time>1740784077.2113</time>
<description>/firewall_rules_edit.php made changes</description>
</updated>
<created>
<username>kenjreno@192.168.5.122</username>
<time>1740782583.8294</time>
<description>/firewall_rules_edit.php made changes</description>
</created>
</rule>
<rule uuid="4f390780-c2f1-4b31-85cd-32365badb8d0">
<type>pass</type>
<associated-rule-id>nat_67ad709fc3e844.04299527</associated-rule-id>
<source>
<any>1</any>
</source>
<interface>wan</interface>
<statetype>keep state</statetype>
<protocol>tcp</protocol>
<ipprotocol>inet</ipprotocol>
<destination>
<address>Host_Mailserver</address>
<port>Ports_eMail</port>
</destination>
<descr>Allow Incoming eMail</descr>
<category/>
<created>
<username>kenjreno@192.168.5.122</username>
<time>1739419807.8024</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
<rule uuid="7eb3dfb2-a3a3-4a71-b21c-63d04271a2ba">
<type>pass</type>
<associated-rule-id>nat_67ad70c9eb5df5.72660733</associated-rule-id>
<source>
<any>1</any>
</source>
<interface>wan</interface>
<statetype>keep state</statetype>
<protocol>tcp/udp</protocol>
<ipprotocol>inet</ipprotocol>
<destination>
<address>Host_Docker</address>
<port>Ports_DNS</port>
</destination>
<descr>Allow Access to DNS</descr>
<category/>
<created>
<username>kenjreno@192.168.5.122</username>
<time>1739419849.9641</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
<rule uuid="413c2afe-5c3c-4cb6-a5ac-c92234714c67">
<type>pass</type>
<associated-rule-id>nat_67ad71168ffc22.83998313</associated-rule-id>
<source>
<any>1</any>
</source>
<interface>wan</interface>
<statetype>keep state</statetype>
<protocol>tcp</protocol>
<ipprotocol>inet</ipprotocol>
<destination>
<address>Host_MQTT</address>
<port>Ports_MQTT</port>
</destination>
<descr>Allow access to MQTT</descr>
<category/>
<created>
<username>kenjreno@192.168.5.122</username>
<time>1739419926.5898</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
<rule uuid="dc4abacb-47cb-478e-b010-015ff8ac3fcd">
<type>pass</type>
<associated-rule-id>nat_67ad70ef6b4af5.38110229</associated-rule-id>
<source>
<any>1</any>
</source>
<interface>wan</interface>
<statetype>keep state</statetype>
<protocol>tcp/udp</protocol>
<ipprotocol>inet</ipprotocol>
<destination>
<address>Host_Docker</address>
<port>Ports_Websites</port>
</destination>
<descr>Allow access to Websites</descr>
<category/>
<created>
<username>kenjreno@192.168.5.122</username>
<time>1739419887.4395</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
<rule uuid="052e3cec-0b5d-458a-898f-1ceb55ce0006">
<type>pass</type>
<interface>wan</interface>
<ipprotocol>inet</ipprotocol>
<statetype>keep state</statetype>
<descr>Allow to HAProxy</descr>
<direction>in</direction>
<quick>1</quick>
<protocol>tcp/udp</protocol>
<source>
<any>1</any>
</source>
<destination>
<network>wanip</network>
<port>Ports_Websites</port>
</destination>
<updated>
<username>ken@192.168.5.122</username>
<time>1741275884.5618</time>
<description>/firewall_rules_edit.php made changes</description>
</updated>
<created>
<username>ken@192.168.5.122</username>
<time>1741275884.5618</time>
<description>/firewall_rules_edit.php made changes</description>
</created>
</rule>
<rule uuid="7b58f120-84af-4929-89b5-8d25d959df10">
<type>pass</type>
<interface>wan</interface>
<ipprotocol>inet</ipprotocol>
<statetype>keep state</statetype>
<descr>Allow Wireguard Traffic</descr>
<direction>in</direction>
<quick>1</quick>
<protocol>udp</protocol>
<source>
<any>1</any>
</source>
<destination>
<network>(self)</network>
<port>51820-51821</port>
</destination>
<updated>
<username>kenjreno@192.168.5.122</username>
<time>1739419133.8593</time>
<description>/firewall_rules_edit.php made changes</description>
</updated>
<created>
<username>kenjreno@192.168.5.122</username>
<time>1739419133.8593</time>
<description>/firewall_rules_edit.php made changes</description>
</created>
</rule>
<rule uuid="7754af1f-fb58-4dfc-8f8b-51fe1b8f9d74">
<type>pass</type>
<associated-rule-id>nat_67ad718f3644f0.76381559</associated-rule-id>
<source>
<any>1</any>
</source>
<interface>wan</interface>
<statetype>keep state</statetype>
<protocol>tcp</protocol>
<ipprotocol>inet</ipprotocol>
<destination>
<address>192.168.5.48</address>
<port>5001</port>
</destination>
<descr>Allow 3CX/PBX Admin</descr>
<category/>
<created>
<username>kenjreno@192.168.5.122</username>
<time>1739420047.2223</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
<rule uuid="ca8f582f-ff65-489b-bafd-b7a16e0a8bd6">
<type>pass</type>
<associated-rule-id>nat_67ad71da0b9fd7.03700729</associated-rule-id>
<source>
<any>1</any>
</source>
<interface>wan</interface>
<statetype>keep state</statetype>
<protocol>udp</protocol>
<ipprotocol>inet</ipprotocol>
<destination>
<address>192.168.10.49</address>
<port>51830</port>
</destination>
<descr>Wireguard to HA</descr>
<category/>
<created>
<username>kenjreno@192.168.5.122</username>
<time>1739420122.0476</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
<rule uuid="97e54cf6-c0e4-45b3-936f-c75d8aa5d88e">
<type>pass</type>
<associated-rule-id>nat_67ad720729fe94.53585994</associated-rule-id>
<source>
<any>1</any>
</source>
<interface>wan</interface>
<statetype>keep state</statetype>
<protocol>tcp</protocol>
<ipprotocol>inet</ipprotocol>
<destination>
<address>Host_Docker</address>
<port>2222</port>
</destination>
<descr>Allow SSH to Gitea</descr>
<category/>
<created>
<username>kenjreno@192.168.5.122</username>
<time>1739420167.172</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
<rule uuid="ab753d61-424d-4d4d-bf96-1359ca55a4cd">
<type>pass</type>
<associated-rule-id>nat_67ad72502b3fe2.67681864</associated-rule-id>
<source>
<address>Net_AllowExternal</address>
</source>
<interface>wan</interface>
<statetype>keep state</statetype>
<protocol>tcp</protocol>
<ipprotocol>inet</ipprotocol>
<destination>
<address>192.168.10.7</address>
<port>22</port>
</destination>
<descr>Allow SSH to Filesvr</descr>
<category/>
<created>
<username>kenjreno@192.168.5.122</username>
<time>1739420240.1772</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
<rule uuid="57d6c046-db37-4114-8e51-caa4aa5b4d7e">
<type>pass</type>
<associated-rule-id>nat_67ad728a17fd21.09599110</associated-rule-id>
<source>
<address>Net_AllowExternal</address>
</source>
<interface>wan</interface>
<statetype>keep state</statetype>
<protocol>tcp</protocol>
<ipprotocol>inet</ipprotocol>
<destination>
<address>192.168.10.109</address>
<port>22</port>
</destination>
<descr>Allow SSH to Ansible</descr>
<category/>
<created>
<username>kenjreno@192.168.5.122</username>
<time>1739420298.0983</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
<rule uuid="f0467623-dd45-4e19-bbe4-657971228213">
<type>pass</type>
<associated-rule-id>nat_67ad72c091c571.24304504</associated-rule-id>
<source>
<address>Net_AllowExternal</address>
</source>
<interface>wan</interface>
<statetype>keep state</statetype>
<protocol>tcp</protocol>
<ipprotocol>inet</ipprotocol>
<destination>
<address>192.168.10.120</address>
<port>22</port>
</destination>
<disabled>1</disabled>
<descr>Allow SSH to Ansible Too</descr>
<category/>
<created>
<username>kenjreno@192.168.5.122</username>
<time>1739420352.5971</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
<rule uuid="075e8ea4-5cc9-4d21-b408-c311f8a38ed4">
<type>pass</type>
<associated-rule-id>nat_67ad72fc43d419.05197582</associated-rule-id>
<source>
<address>Net_AllowExternal</address>
</source>
<interface>wan</interface>
<statetype>keep state</statetype>
<protocol>tcp</protocol>
<ipprotocol>inet</ipprotocol>
<destination>
<address>192.168.10.122</address>
<port>22</port>
</destination>
<disabled>1</disabled>
<descr>Allow SSH to pve1</descr>
<category/>
<created>
<username>kenjreno@192.168.5.122</username>
<time>1739420412.2778</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
<rule uuid="a2105c18-befc-42a6-ba98-e72099682a22">
<type>pass</type>
<associated-rule-id>nat_67ad7333d67b29.89717724</associated-rule-id>
<source>
<any>1</any>
</source>
<interface>wan</interface>
<statetype>keep state</statetype>
<protocol>tcp</protocol>
<ipprotocol>inet</ipprotocol>
<destination>
<address>192.168.10.57</address>
<port>32400</port>
</destination>
<descr>Allow Plex</descr>
<category/>
<created>
<username>kenjreno@192.168.5.122</username>
<time>1739420467.8785</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
<rule uuid="0f21c516-aef7-49e3-b32d-01fa81906fe4">
<type>pass</type>
<associated-rule-id>nat_67ad736c89baf8.57850463</associated-rule-id>
<source>
<any>1</any>
</source>
<interface>wan</interface>
<statetype>keep state</statetype>
<protocol>tcp</protocol>
<ipprotocol>inet</ipprotocol>
<destination>
<address>192.168.5.102</address>
<port>32400</port>
</destination>
<descr>Allow Plex</descr>
<category/>
<created>
<username>kenjreno@192.168.5.122</username>
<time>1739420524.5642</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
<rule uuid="68e0e841-f3d3-4c07-8d1f-33ad1947fd58">
<type>pass</type>
<interface>wan</interface>
<ipprotocol>inet</ipprotocol>
<statetype>keep state</statetype>
<descr>Allow Tailscale</descr>
<direction>in</direction>
<quick>1</quick>
<protocol>udp</protocol>
<source>
<any>1</any>
</source>
<destination>
<any>1</any>
</destination>
<updated>
<username>ken@192.168.5.1</username>
<time>1742014945.1588</time>
<description>/firewall_rules_edit.php made changes</description>
</updated>
<created>
<username>ken@192.168.5.1</username>
<time>1742014945.1588</time>
<description>/firewall_rules_edit.php made changes</description>
</created>
</rule>
<rule uuid="9f2a83b1-c552-44d5-b271-318286e739fa">
<type>pass</type>
<ipprotocol>inet</ipprotocol>
<descr>Default allow LAN to any rule</descr>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
</destination>
</rule>
<rule uuid="8683f2a3-e0b6-4d9f-a65d-3a725f86d76f">
<type>pass</type>
<ipprotocol>inet6</ipprotocol>
<descr>Default allow LAN IPv6 to any rule</descr>
<interface>lan</interface>
<source>
<network>lan</network>
</source>
<destination>
<any/>
</destination>
</rule>
<rule uuid="bec2cf86-0af1-4cd5-8628-5215de5b0c23">
<type>pass</type>
<interface>lan</interface>
<ipprotocol>inet</ipprotocol>
<statetype>keep state</statetype>
<descr>Allow to Server Network</descr>
<direction>in</direction>
<quick>1</quick>
<source>
<network>lan</network>
</source>
<destination>
<network>opt3</network>
</destination>
<updated>
<username>kenjreno@192.168.5.237</username>
<time>1739941759.3207</time>
<description>/firewall_rules_edit.php made changes</description>
</updated>
<created>
<username>kenjreno@192.168.5.122</username>
<time>1739418835.7527</time>
<description>/firewall_rules_edit.php made changes</description>
</created>
</rule>
<rule uuid="20bb58f9-5753-4b7d-9fea-e183a9ff89e8">
<type>pass</type>
<associated-rule-id>nat_67ba16b66c8d54.75523749</associated-rule-id>
<source>
<any>1</any>
</source>
<interface>lan</interface>
<statetype>keep state</statetype>
<protocol>tcp/udp</protocol>
<ipprotocol>inet</ipprotocol>
<destination>
<address>127.0.0.1</address>
<port>53</port>
</destination>
<descr>Redirect DNS through Firewall</descr>
<category/>
<created>
<username>kenjreno@192.168.5.1</username>
<time>1740248758.4447</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
<rule uuid="83f1190c-a9b4-40fe-ba5c-c4658d836e53">
<type>pass</type>
<interface>lan</interface>
<ipprotocol>inet</ipprotocol>
<statetype>keep state</statetype>
<descr>Allow MQTT Dashboard</descr>
<direction>in</direction>
<quick>1</quick>
<protocol>tcp</protocol>
<source>
<any>1</any>
</source>
<destination>
<network>(self)</network>
<port>18083</port>
</destination>
<updated>
<username>ken@192.168.5.122</username>
<time>1741278252.5283</time>
<description>/firewall_rules_edit.php made changes</description>
</updated>
<created>
<username>ken@192.168.5.122</username>
<time>1741278252.5283</time>
<description>/firewall_rules_edit.php made changes</description>
</created>
</rule>
<rule uuid="36620700-46dd-4f3c-824f-f6937a6072e6">
<type>pass</type>
<interface>opt3</interface>
<ipprotocol>inet</ipprotocol>
<statetype>keep state</statetype>
<descr>Allow Servers -&gt; LAN Network v4</descr>
<direction>in</direction>
<quick>1</quick>
<source>
<network>opt3</network>
</source>
<destination>
<network>lan</network>
</destination>
<updated>
<username>kenjreno@192.168.5.122</username>
<time>1739418940.9601</time>
<description>/firewall_rules_edit.php made changes</description>
</updated>
<created>
<username>kenjreno@192.168.5.122</username>
<time>1739418940.9601</time>
<description>/firewall_rules_edit.php made changes</description>
</created>
</rule>
<rule uuid="737a95d1-f2c6-48a4-bfa0-0279fbffa72d">
<type>pass</type>
<interface>opt3</interface>
<ipprotocol>inet</ipprotocol>
<statetype>keep state</statetype>
<descr>Allow Servers to Any v4</descr>
<direction>in</direction>
<quick>1</quick>
<source>
<network>opt3</network>
</source>
<destination>
<any>1</any>
</destination>
<updated>
<username>kenjreno@192.168.5.122</username>
<time>1739418979.5863</time>
<description>/firewall_rules_edit.php made changes</description>
</updated>
<created>
<username>kenjreno@192.168.5.122</username>
<time>1739418887.4939</time>
<description>/firewall_rules_edit.php made changes</description>
</created>
</rule>
<rule uuid="96bf87b1-49c9-4546-a888-fc8a5dcde457">
<type>pass</type>
<interface>opt3</interface>
<ipprotocol>inet6</ipprotocol>
<statetype>keep state</statetype>
<descr>Allow IPv6 to Tunnel Broker</descr>
<gateway>TUNNELBROKER_TUNNELV6</gateway>
<direction>in</direction>
<quick>1</quick>
<source>
<any>1</any>
</source>
<destination>
<any>1</any>
</destination>
<updated>
<username>kenjreno@192.168.5.122</username>
<time>1740784756.5174</time>
<description>/firewall_rules_edit.php made changes</description>
</updated>
<created>
<username>kenjreno@192.168.5.122</username>
<time>1740784665.7233</time>
<description>/firewall_rules_edit.php made changes</description>
</created>
</rule>
<rule uuid="8a7aa68a-c541-4237-be77-2da4c8212090">
<type>pass</type>
<interface>opt4</interface>
<ipprotocol>inet</ipprotocol>
<statetype>keep state</statetype>
<descr>Allow DNS Access</descr>
<direction>in</direction>
<quick>1</quick>
<protocol>tcp/udp</protocol>
<source>
<network>opt4</network>
</source>
<destination>
<network>(self)</network>
<port>Ports_DNS</port>
</destination>
<updated>
<username>ken@192.168.5.122</username>
<time>1742387942.3057</time>
<description>/firewall_rules_edit.php made changes</description>
</updated>
<created>
<username>ken@192.168.5.122</username>
<time>1742387942.3057</time>
<description>/firewall_rules_edit.php made changes</description>
</created>
</rule>
<rule uuid="755e3beb-b9dd-408b-8889-3240fa780aec">
<type>pass</type>
<interface>opt5</interface>
<ipprotocol>inet</ipprotocol>
<statetype>keep state</statetype>
<descr>Allow Tailscale</descr>
<direction>in</direction>
<quick>1</quick>
<source>
<network>opt5</network>
</source>
<destination>
<any>1</any>
</destination>
<updated>
<username>kenjreno@192.168.5.223</username>
<time>1739767144.3324</time>
<description>/firewall_rules_edit.php made changes</description>
</updated>
<created>
<username>kenjreno@192.168.5.223</username>
<time>1739767144.3324</time>
<description>/firewall_rules_edit.php made changes</description>
</created>
</rule>
<rule uuid="6125c54c-4212-49e0-ae1f-e44e53683bfc">
<type>pass</type>
<interface>opt7</interface>
<ipprotocol>inet</ipprotocol>
<statetype>keep state</statetype>
<descr>Allow DNS Access</descr>
<direction>in</direction>
<quick>1</quick>
<protocol>tcp/udp</protocol>
<source>
<network>opt7</network>
</source>
<destination>
<network>(self)</network>
<port>Ports_DNS</port>
</destination>
<updated>
<username>ken@192.168.5.122</username>
<time>1742387923.3043</time>
<description>/firewall_rules_edit.php made changes</description>
</updated>
<created>
<username>ken@192.168.5.122</username>
<time>1742387774.5681</time>
<description>/firewall_rules_edit.php made changes</description>
</created>
</rule>
<rule uuid="5f152c0c-b48d-448b-be88-fc89ca819b28">
<type>pass</type>
<interface>opt8</interface>
<ipprotocol>inet46</ipprotocol>
<statetype>keep state</statetype>
<descr>Allow Tunnelbroker</descr>
<direction>in</direction>
<quick>1</quick>
<source>
<network>opt3</network>
</source>
<destination>
<any>1</any>
</destination>
<updated>
<username>kenjreno@192.168.5.122</username>
<time>1740782080.7774</time>
<description>/firewall_rules_edit.php made changes</description>
</updated>
<created>
<username>kenjreno@192.168.5.122</username>
<time>1740782080.7774</time>
<description>/firewall_rules_edit.php made changes</description>
</created>
<disabled>1</disabled>
</rule>
<rule uuid="eff85891-281f-406b-a068-fd24d2a01239">
<type>pass</type>
<interface>opt11</interface>
<ipprotocol>inet</ipprotocol>
<statetype>keep state</statetype>
<descr>Allow Servers to Any v4</descr>
<direction>in</direction>
<quick>1</quick>
<source>
<network>opt11</network>
</source>
<destination>
<any>1</any>
</destination>
<updated>
<username>ken@192.168.5.122</username>
<time>1741720202.7631</time>
<description>/firewall_rules_edit.php made changes</description>
</updated>
<created>
<username>ken@192.168.5.122</username>
<time>1741720202.7631</time>
<description>/firewall_rules_edit.php made changes</description>
</created>
</rule>
<rule uuid="b4dbb237-5dd3-4724-934a-07d1b4d90db9">
<type>block</type>
<interface>opt11</interface>
<ipprotocol>inet</ipprotocol>
<statetype>keep state</statetype>
<descr>Deny LAN/Server Access</descr>
<direction>in</direction>
<quick>1</quick>
<source>
<network>opt11</network>
</source>
<destination>
<address>lan,opt3</address>
</destination>
<updated>
<username>ken@192.168.5.122</username>
<time>1741715969.9093</time>
<description>/firewall_rules_edit.php made changes</description>
</updated>
<created>
<username>ken@192.168.5.122</username>
<time>1741715969.9093</time>
<description>/firewall_rules_edit.php made changes</description>
</created>
<disabled>1</disabled>
</rule>
<rule uuid="9d8629b7-b519-419b-9f07-e011a5c49e3d">
<type>pass</type>
<interface>opt11</interface>
<ipprotocol>inet</ipprotocol>
<statetype>keep state</statetype>
<descr>Allow Kubernetes to Any</descr>
<direction>in</direction>
<quick>1</quick>
<source>
<network>opt11</network>
</source>
<destination>
<any>1</any>
</destination>
<updated>
<username>ken@192.168.5.122</username>
<time>1741715922.8174</time>
<description>/firewall_rules_edit.php made changes</description>
</updated>
<created>
<username>ken@192.168.5.122</username>
<time>1741712905.7074</time>
<description>/firewall_rules_edit.php made changes</description>
</created>
</rule>
<rule uuid="a7eca768-c480-44d5-a0b9-9220d9e912b3">
<type>pass</type>
<interface>opt11</interface>
<ipprotocol>inet6</ipprotocol>
<statetype>keep state</statetype>
<descr>Allow Kubernetes to Any</descr>
<direction>in</direction>
<quick>1</quick>
<source>
<network>opt11</network>
</source>
<destination>
<any>1</any>
</destination>
<updated>
<username>ken@192.168.5.122</username>
<time>1741715904.7922</time>
<description>/firewall_rules_edit.php made changes</description>
</updated>
<created>
<username>ken@192.168.5.122</username>
<time>1741712928.6766</time>
<description>/firewall_rules_edit.php made changes</description>
</created>
</rule>
</filter>
<rrd>
<enable/>
</rrd>
<ntpd>
<prefer>0.us.pool.ntp.org</prefer>
<statsgraph>on</statsgraph>
</ntpd>
<revision>
<username>ken@192.168.5.100</username>
<description>/diag_backup.php made changes</description>
<time>1749963034.788</time>
</revision>
<OPNsense>
<Gateways version="1.0.0">
<gateway_item uuid="07f2b00c-89af-452d-8db3-a30ed6efca91">
<disabled>0</disabled>
<name>WAN_GW</name>
<descr>WAN Gateway</descr>
<interface>wan</interface>
<ipprotocol>inet</ipprotocol>
<gateway>71.83.99.145</gateway>
<defaultgw>1</defaultgw>
<fargw>0</fargw>
<monitor_disable>0</monitor_disable>
<monitor_noroute>0</monitor_noroute>
<monitor>1.1.1.1</monitor>
<force_down>0</force_down>
<priority>255</priority>
<weight>1</weight>
<latencylow/>
<latencyhigh/>
<losslow/>
<losshigh/>
<interval/>
<time_period/>
<loss_interval/>
<data_length/>
</gateway_item>
<gateway_item uuid="f4732762-4b98-42fa-ada8-331132188539">
<disabled>0</disabled>
<name>WAN_DHCP6</name>
<descr>Interface WAN_DHCP6 Gateway</descr>
<interface>wan</interface>
<ipprotocol>inet6</ipprotocol>
<gateway/>
<defaultgw>1</defaultgw>
<fargw>0</fargw>
<monitor_disable>0</monitor_disable>
<monitor_noroute>0</monitor_noroute>
<monitor>2606:4700:4700::1111</monitor>
<force_down>0</force_down>
<priority>254</priority>
<weight>1</weight>
<latencylow/>
<latencyhigh/>
<losslow/>
<losshigh/>
<interval/>
<time_period/>
<loss_interval/>
<data_length/>
</gateway_item>
<gateway_item uuid="44e4b8b4-f3c2-4497-a1c1-4ed155d9ea1a">
<disabled>0</disabled>
<name>TailNet</name>
<descr/>
<interface>opt5</interface>
<ipprotocol>inet</ipprotocol>
<gateway>100.124.217.85</gateway>
<defaultgw>0</defaultgw>
<fargw>0</fargw>
<monitor_disable>1</monitor_disable>
<monitor_noroute>0</monitor_noroute>
<monitor>100.100.100.100</monitor>
<force_down>0</force_down>
<priority>255</priority>
<weight>1</weight>
<latencylow/>
<latencyhigh/>
<losslow/>
<losshigh/>
<interval/>
<time_period/>
<loss_interval/>
<data_length/>
</gateway_item>
<gateway_item uuid="ec798944-8ada-4ab0-b33b-a91580bf29b5">
<disabled>0</disabled>
<name>TUNNELBROKER_TUNNELV6</name>
<descr>Interface TUNNELBROKER_TUNNELV6 Gateway</descr>
<interface>opt8</interface>
<ipprotocol>inet6</ipprotocol>
<gateway/>
<defaultgw>0</defaultgw>
<fargw>0</fargw>
<monitor_disable>0</monitor_disable>
<monitor_noroute>0</monitor_noroute>
<monitor>2001:4860:4860::8888</monitor>
<force_down>0</force_down>
<priority>250</priority>
<weight>1</weight>
<latencylow/>
<latencyhigh/>
<losslow/>
<losshigh/>
<interval/>
<time_period/>
<loss_interval/>
<data_length/>
</gateway_item>
</Gateways>
<trust>
<general version="1.0.1">
<store_intermediate_certs>0</store_intermediate_certs>
<install_crls>0</install_crls>
<fetch_crls>0</fetch_crls>
<enable_legacy_sect>1</enable_legacy_sect>
<enable_config_constraints>0</enable_config_constraints>
<CipherString/>
<Ciphersuites/>
<SignatureAlgorithms/>
<groups/>
<MinProtocol/>
<MinProtocol_DTLS/>
</general>
</trust>
<DHCRelay version="1.0.1"/>
<monit version="1.0.13">
<general>
<enabled>1</enabled>
<interval>120</interval>
<startdelay>120</startdelay>
<mailserver>smtp.rail-city.com</mailserver>
<port>587</port>
<username>no-reply@coldsprings.dev</username>
<password>91JVutYHdKsGMoT.q24c</password>
<ssl>1</ssl>
<sslversion>auto</sslversion>
<sslverify>1</sslverify>
<logfile/>
<statefile/>
<eventqueuePath/>
<eventqueueSlots/>
<httpdEnabled>0</httpdEnabled>
<httpdUsername>root</httpdUsername>
<httpdPassword/>
<httpdPort>2812</httpdPort>
<httpdAllow/>
<mmonitUrl/>
<mmonitTimeout>5</mmonitTimeout>
<mmonitRegisterCredentials>1</mmonitRegisterCredentials>
</general>
<alert uuid="cb7a8a74-7ec5-48a7-b362-78fba1b26807">
<enabled>1</enabled>
<recipient>ken@blkdoor.com</recipient>
<noton>0</noton>
<events/>
<format/>
<reminder/>
<description/>
</alert>
<service uuid="899b9c69-4e94-4b6a-aa3d-951995915557">
<enabled>1</enabled>
<name>$HOST</name>
<description/>
<type>system</type>
<pidfile/>
<match/>
<path/>
<timeout>300</timeout>
<starttimeout>30</starttimeout>
<address/>
<interface/>
<start/>
<stop/>
<tests>25cdb1b0-d08d-466c-9dca-6e600270c781,bf58b664-8857-48b4-b90c-d6614d11902c,3f18dfca-35b0-46e3-916e-4d9f9514305d,0ba94dc4-6478-455c-b8b1-1b0450ef9354</tests>
<depends/>
<polltime/>
</service>
<service uuid="c2ad66e7-07c2-4cc5-8bc6-f5d351617485">
<enabled>1</enabled>
<name>RootFs</name>
<description/>
<type>filesystem</type>
<pidfile/>
<match/>
<path>/</path>
<timeout>300</timeout>
<starttimeout>30</starttimeout>
<address/>
<interface/>
<start/>
<stop/>
<tests>0e9ba43e-ec98-4077-b642-1fa069e54ea7</tests>
<depends/>
<polltime/>
</service>
<service uuid="f3b3490d-ad62-4996-8600-585cbd86e537">
<enabled>0</enabled>
<name>carp_status_change</name>
<description/>
<type>custom</type>
<pidfile/>
<match/>
<path>/usr/local/opnsense/scripts/OPNsense/Monit/carp_status</path>
<timeout>300</timeout>
<starttimeout>30</starttimeout>
<address/>
<interface/>
<start/>
<stop/>
<tests>e2656eba-4fbd-426a-a6cb-a5f268a0521f</tests>
<depends/>
<polltime/>
</service>
<service uuid="6b67b017-87b3-465f-bfae-2ab0a82233f9">
<enabled>0</enabled>
<name>gateway_alert</name>
<description/>
<type>custom</type>
<pidfile/>
<match/>
<path>/usr/local/opnsense/scripts/OPNsense/Monit/gateway_alert</path>
<timeout>300</timeout>
<starttimeout>30</starttimeout>
<address/>
<interface/>
<start/>
<stop/>
<tests>59ce17ee-a315-49de-8d6e-134fd9ba7913</tests>
<depends/>
<polltime/>
</service>
<test uuid="9de33e84-4110-4ae9-87c1-9b306960910b">
<name>Ping</name>
<type>NetworkPing</type>
<condition>failed ping</condition>
<action>alert</action>
<path/>
</test>
<test uuid="7523b83d-1eb3-4da9-9bc3-80df40768943">
<name>NetworkLink</name>
<type>NetworkInterface</type>
<condition>failed link</condition>
<action>alert</action>
<path/>
</test>
<test uuid="1e409078-6969-45fd-bb5c-8cee70be049d">
<name>NetworkSaturation</name>
<type>NetworkInterface</type>
<condition>saturation is greater than 75%</condition>
<action>alert</action>
<path/>
</test>
<test uuid="25cdb1b0-d08d-466c-9dca-6e600270c781">
<name>MemoryUsage</name>
<type>SystemResource</type>
<condition>memory usage is greater than 75%</condition>
<action>alert</action>
<path/>
</test>
<test uuid="bf58b664-8857-48b4-b90c-d6614d11902c">
<name>CPUUsage</name>
<type>SystemResource</type>
<condition>cpu usage is greater than 75%</condition>
<action>alert</action>
<path/>
</test>
<test uuid="3f18dfca-35b0-46e3-916e-4d9f9514305d">
<name>LoadAvg1</name>
<type>SystemResource</type>
<condition>loadavg (1min) is greater than 4</condition>
<action>alert</action>
<path/>
</test>
<test uuid="0ba94dc4-6478-455c-b8b1-1b0450ef9354">
<name>LoadAvg5</name>
<type>SystemResource</type>
<condition>loadavg (5min) is greater than 3</condition>
<action>alert</action>
<path/>
</test>
<test uuid="ad06a4cd-c8b8-46b4-9ddd-76daf351ed88">
<name>LoadAvg15</name>
<type>SystemResource</type>
<condition>loadavg (15min) is greater than 2</condition>
<action>alert</action>
<path/>
</test>
<test uuid="0e9ba43e-ec98-4077-b642-1fa069e54ea7">
<name>SpaceUsage</name>
<type>SpaceUsage</type>
<condition>space usage is greater than 75%</condition>
<action>alert</action>
<path/>
</test>
<test uuid="e2656eba-4fbd-426a-a6cb-a5f268a0521f">
<name>ChangedStatus</name>
<type>ProgramStatus</type>
<condition>changed status</condition>
<action>alert</action>
<path/>
</test>
<test uuid="59ce17ee-a315-49de-8d6e-134fd9ba7913">
<name>NonZeroStatus</name>
<type>ProgramStatus</type>
<condition>status != 0</condition>
<action>alert</action>
<path/>
</test>
</monit>
<netdata>
<general version="0.0.1">
<enabled>1</enabled>
<listen>127.0.0.1</listen>
<port>19999</port>
</general>
</netdata>
<Netflow version="1.0.1">
<capture>
<interfaces>lan,opt1,opt2,wan</interfaces>
<egress_only/>
<version>v9</version>
<targets/>
</capture>
<collect>
<enable>0</enable>
</collect>
<activeTimeout>1800</activeTimeout>
<inactiveTimeout>15</inactiveTimeout>
</Netflow>
<Firewall>
<Lvtemplate version="0.0.1">
<templates/>
</Lvtemplate>
<Alias version="1.0.1">
<geoip>
<url>https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-Country-CSV&amp;license_key=2I5sILOXRtFxiGIG&amp;suffix=zip</url>
</geoip>
<aliases>
<alias uuid="77854fa4-39eb-4280-8fbc-d3e183e23791">
<enabled>1</enabled>
<name>Host_Docker</name>
<type>host</type>
<path_expression/>
<proto/>
<interface/>
<counters>0</counters>
<updatefreq/>
<content>192.168.10.30</content>
<password/>
<username/>
<authtype/>
<categories/>
<description>Docker Host</description>
</alias>
<alias uuid="3d6f827c-7a45-4ff8-bcc4-0bf80fc27c7a">
<enabled>1</enabled>
<name>Host_Mailserver</name>
<type>host</type>
<path_expression/>
<proto/>
<interface/>
<counters>0</counters>
<updatefreq/>
<content>192.168.10.25
2001:470:1f05:a::19</content>
<password/>
<username/>
<authtype/>
<categories/>
<description>Mail Server</description>
</alias>
<alias uuid="5c561afb-d31f-470a-b070-ac61cdc97b3c">
<enabled>1</enabled>
<name>Host_MQTT</name>
<type>host</type>
<path_expression/>
<proto/>
<interface/>
<counters>0</counters>
<updatefreq/>
<content>192.168.5.45</content>
<password/>
<username/>
<authtype/>
<categories/>
<description>MQTT Host</description>
</alias>
<alias uuid="367b56e9-6001-4895-8435-c66c199b5caa">
<enabled>1</enabled>
<name>Net_AllowExternal</name>
<type>network</type>
<path_expression/>
<proto/>
<interface/>
<counters>0</counters>
<updatefreq/>
<content>71.83.99.145/29
167.154.0.0/16</content>
<password/>
<username/>
<authtype/>
<categories/>
<description>Allow External Networks</description>
</alias>
<alias uuid="66667d34-67bb-4c39-bf79-2febcce98fb4">
<enabled>1</enabled>
<name>RFC1918</name>
<type>network</type>
<path_expression/>
<proto/>
<interface/>
<counters>0</counters>
<updatefreq/>
<content>192.168.0.0/16
172.16.0.0/12
10.0.0.0/8</content>
<password/>
<username/>
<authtype/>
<categories/>
<description>Local Subnets</description>
</alias>
<alias uuid="74cc526a-513d-4d0e-bc06-864fcec3a452">
<enabled>1</enabled>
<name>Ports_eMail</name>
<type>port</type>
<path_expression/>
<proto/>
<interface/>
<counters>0</counters>
<updatefreq/>
<content>25
465
587
143
995
110
993
4190</content>
<password/>
<username/>
<authtype/>
<categories/>
<description>Mail Ports</description>
</alias>
<alias uuid="9c259062-6e8e-4426-80e0-d2d4dbcb5ac1">
<enabled>1</enabled>
<name>Ports_MQTT</name>
<type>port</type>
<path_expression/>
<proto/>
<interface/>
<counters>0</counters>
<updatefreq/>
<content>8883
8084</content>
<password/>
<username/>
<authtype/>
<categories/>
<description>MQTT Secure Ports</description>
</alias>
<alias uuid="5cdf7b37-7b26-4129-b058-11db5e5c5d39">
<enabled>1</enabled>
<name>Ports_Websites</name>
<type>port</type>
<path_expression/>
<proto/>
<interface/>
<counters>0</counters>
<updatefreq/>
<content>80
443</content>
<password/>
<username/>
<authtype/>
<categories/>
<description>Allow access Websites</description>
</alias>
<alias uuid="c84d1d8b-45c7-4e11-b666-143c91ee309b">
<enabled>1</enabled>
<name>Ports_DNS</name>
<type>port</type>
<path_expression/>
<proto/>
<interface/>
<counters>0</counters>
<updatefreq/>
<content>53
853</content>
<password/>
<username/>
<authtype/>
<categories/>
<description>Allow Access to DNS</description>
</alias>
</aliases>
</Alias>
<Filter version="1.0.4">
<rules/>
<snatrules/>
<npt/>
<onetoone/>
</Filter>
<Category version="1.0.0">
<categories/>
</Category>
</Firewall>
<ndproxy version="1.0">
<general>
<enabled>0</enabled>
<ndproxy_uplink_interface/>
<ndproxy_downlink_mac_address/>
<ndproxy_exception_ipv6_addresses/>
<ndproxy_uplink_ipv6_addresses/>
</general>
</ndproxy>
<wireguard>
<client version="1.0.0">
<clients>
<client uuid="b4a304b1-860c-4888-a69d-94f3156e3247">
<enabled>1</enabled>
<name>TravelRouter</name>
<pubkey>vita5XJUJiADjeUy2tL8nXoJaYtBy22D4FFEGTUQaAY=</pubkey>
<psk/>
<tunneladdress>192.168.5.0/24,192.168.10.0/24</tunneladdress>
<serveraddress/>
<serverport/>
<keepalive>25</keepalive>
</client>
</clients>
</client>
<general version="0.0.1">
<enabled>1</enabled>
</general>
<server version="1.0.0">
<servers>
<server uuid="5b545aca-a127-4939-8b49-c7693d00fe92">
<enabled>1</enabled>
<name>roadwarrior</name>
<instance>0</instance>
<pubkey>6B5oRTErX9I7n1U/wtI5vuT/XD7wEb6tE11ga0EFUBM=</pubkey>
<privkey>qDqz9Up+GrkdyA7Z/gN9OFkd2NYBAaCRCt2WBI8kj0s=</privkey>
<port>51820</port>
<mtu/>
<dns/>
<tunneladdress/>
<disableroutes>0</disableroutes>
<gateway/>
<carp_depend_on/>
<peers>b4a304b1-860c-4888-a69d-94f3156e3247</peers>
<endpoint/>
<peer_dns/>
</server>
</servers>
</server>
</wireguard>
<MDNSRepeater version="1.0.1">
<enabled>0</enabled>
<enablecarp>0</enablecarp>
<interfaces>lan</interfaces>
<blocklist/>
</MDNSRepeater>
<vnstat>
<general version="0.0.1">
<enabled>1</enabled>
<interface>lan,opt3,opt5</interface>
</general>
</vnstat>
<IDS version="1.1.0">
<rules/>
<policies/>
<userDefinedRules/>
<files>
<file uuid="19fc1938-2edd-4d7c-8f32-a4224d849188">
<filename>abuse.ch.sslblacklist.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="5d4d8d10-7c52-4cc0-88f1-7f1eade32d6b">
<filename>abuse.ch.sslipblacklist.rules</filename>
<enabled>1</enabled>
</file>
<file uuid="5a98c773-5faf-424b-82ac-1570ddf104f2">
<filename>abuse.ch.urlhaus.rules</filename>
<enabled>1</enabled>
</file>
</files>
<fileTags/>
<general>
<enabled>0</enabled>
<ips>0</ips>
<promisc>0</promisc>
<interfaces>wan</interfaces>
<homenet>192.168.0.0/16,10.0.0.0/8,172.16.0.0/12</homenet>
<defaultPacketSize/>
<UpdateCron/>
<AlertLogrotate>W0D23</AlertLogrotate>
<AlertSaveLogs>4</AlertSaveLogs>
<MPMAlgo/>
<detect>
<Profile/>
<toclient_groups/>
<toserver_groups/>
</detect>
<syslog>0</syslog>
<syslog_eve>0</syslog_eve>
<LogPayload>0</LogPayload>
<verbosity/>
<eveLog>
<http>
<enable>0</enable>
<extended>0</extended>
<dumpAllHeaders/>
</http>
<tls>
<enable>0</enable>
<extended>0</extended>
<sessionResumption>0</sessionResumption>
<custom/>
</tls>
</eveLog>
</general>
</IDS>
<Kea>
<ctrl_agent version="0.0.1">
<general>
<enabled>0</enabled>
<http_host>127.0.0.1</http_host>
<http_port>8000</http_port>
</general>
</ctrl_agent>
<dhcp4 version="1.0.3">
<general>
<enabled>0</enabled>
<interfaces>opt4,lan</interfaces>
<valid_lifetime>4000</valid_lifetime>
<fwrules>1</fwrules>
<dhcp_socket_type>raw</dhcp_socket_type>
</general>
<ha>
<enabled>0</enabled>
<this_server_name/>
<max_unacked_clients>2</max_unacked_clients>
</ha>
<subnets>
<subnet4 uuid="4ac08e5c-0a9c-487e-8ef1-0ea444448e77">
<subnet>192.168.5.0/24</subnet>
<next_server/>
<option_data_autocollect>1</option_data_autocollect>
<option_data>
<domain_name_servers>192.168.5.159</domain_name_servers>
<domain_search>home.arpa</domain_search>
<routers>192.168.5.159</routers>
<static_routes>192.168.5.1</static_routes>
<domain_name>home.arpa</domain_name>
<ntp_servers>192.168.5.159</ntp_servers>
<time_servers>192.168.5.1</time_servers>
<tftp_server_name/>
<boot_file_name/>
</option_data>
<match-client-id>1</match-client-id>
<pools>192.168.5.50 - 192.168.5.229</pools>
<description>Home</description>
</subnet4>
<subnet4 uuid="6a36eb1d-1586-4a84-bf9b-b46df1f2d36b">
<subnet>192.168.3.0/24</subnet>
<next_server/>
<option_data_autocollect>1</option_data_autocollect>
<option_data>
<domain_name_servers/>
<domain_search>camera</domain_search>
<routers/>
<static_routes/>
<domain_name>camera</domain_name>
<ntp_servers/>
<time_servers>192.168.3.1</time_servers>
<tftp_server_name/>
<boot_file_name/>
</option_data>
<match-client-id>1</match-client-id>
<pools>192.168.3.50 - 192.168.3.100</pools>
<description>Cameras</description>
</subnet4>
</subnets>
<reservations>
<reservation uuid="2d532966-debd-4e24-a16f-5ca805a19766">
<subnet>4ac08e5c-0a9c-487e-8ef1-0ea444448e77</subnet>
<ip_address>192.168.5.10</ip_address>
<hw_address>00:25:90:f3:5a:aa</hw_address>
<hostname>zoey</hostname>
<description>Proxmox - Zoey</description>
</reservation>
<reservation uuid="9e86e688-48c3-46ee-b4b3-2d5e802a480e">
<subnet>4ac08e5c-0a9c-487e-8ef1-0ea444448e77</subnet>
<ip_address>192.168.5.12</ip_address>
<hw_address>00:25:90:F2:19:68</hw_address>
<hostname>roxy</hostname>
<description>Proxmox - Roxy</description>
</reservation>
<reservation uuid="6295c3a8-1167-4d26-bfdc-77574066ca66">
<subnet>4ac08e5c-0a9c-487e-8ef1-0ea444448e77</subnet>
<ip_address>192.168.5.14</ip_address>
<hw_address>0C:C4:7A:32:F9:20</hw_address>
<hostname>gizmo</hostname>
<description>Proxmox - Gizmo</description>
</reservation>
<reservation uuid="d461a47f-4ab5-4dfb-b6b0-d1937db78bdb">
<subnet>4ac08e5c-0a9c-487e-8ef1-0ea444448e77</subnet>
<ip_address>192.168.5.49</ip_address>
<hw_address>BC:24:11:E9:44:9A</hw_address>
<hostname>haos_5</hostname>
<description>Home Assistant - Home Net</description>
</reservation>
<reservation uuid="bd0a0f65-a525-46ff-97e9-2b3e37530ecc">
<subnet>4ac08e5c-0a9c-487e-8ef1-0ea444448e77</subnet>
<ip_address>192.168.5.48</ip_address>
<hw_address>BC:24:11:C1:27:60</hw_address>
<hostname>pbx</hostname>
<description>3CX PBX</description>
</reservation>
<reservation uuid="1904232b-f1e3-4cb5-bee4-90bee1725869">
<subnet>4ac08e5c-0a9c-487e-8ef1-0ea444448e77</subnet>
<ip_address>192.168.5.16</ip_address>
<hw_address>0C:C4:7A:95:C8:F6</hw_address>
<hostname>jonah</hostname>
<description>Proxmox - Jonah</description>
</reservation>
<reservation uuid="3760511a-41da-4c94-af9d-2c81c0deb383">
<subnet>4ac08e5c-0a9c-487e-8ef1-0ea444448e77</subnet>
<ip_address>192.168.5.24</ip_address>
<hw_address>1C:87:2C:41:19:5F</hw_address>
<hostname>joe</hostname>
<description>Proxmox - Joe/pve1</description>
</reservation>
<reservation uuid="7ee710fc-778d-490b-9f4c-70909ca98d3b">
<subnet>4ac08e5c-0a9c-487e-8ef1-0ea444448e77</subnet>
<ip_address>192.168.5.26</ip_address>
<hw_address>D8:9E:F3:47:12:AF</hw_address>
<hostname>suzie</hostname>
<description>Proxmox - Suzie</description>
</reservation>
<reservation uuid="da650d10-6d0b-4510-a590-543669a063c3">
<subnet>4ac08e5c-0a9c-487e-8ef1-0ea444448e77</subnet>
<ip_address>192.168.5.20</ip_address>
<hw_address>0C:C4:7A:63:9A:B8</hw_address>
<hostname>lacey</hostname>
<description>Proxmox - Lacey/pve2</description>
</reservation>
</reservations>
<ha_peers/>
</dhcp4>
<dhcp6 version="1.0.0">
<general>
<enabled>0</enabled>
<manual_config>0</manual_config>
<interfaces/>
<valid_lifetime>4000</valid_lifetime>
<fwrules>1</fwrules>
</general>
<ha>
<enabled>0</enabled>
<this_server_name/>
<max_unacked_clients>2</max_unacked_clients>
</ha>
<subnets/>
<reservations/>
<pd_pools/>
<ha_peers/>
</dhcp6>
</Kea>
<Syslog version="1.0.2">
<general>
<enabled>1</enabled>
<loglocal>1</loglocal>
<maxpreserve>31</maxpreserve>
<maxfilesize/>
</general>
<destinations/>
</Syslog>
<Swanctl version="1.0.0">
<Connections/>
<locals/>
<remotes/>
<children/>
<Pools/>
<VTIs/>
<SPDs/>
</Swanctl>
<IPsec version="1.0.4">
<general>
<enabled/>
<preferred_oldsa>0</preferred_oldsa>
<disablevpnrules>0</disablevpnrules>
<passthrough_networks/>
<user_source/>
<local_group/>
</general>
<charon>
<max_ikev1_exchanges/>
<threads>16</threads>
<ikesa_table_size>32</ikesa_table_size>
<ikesa_table_segments>4</ikesa_table_segments>
<init_limit_half_open>1000</init_limit_half_open>
<ignore_acquire_ts>1</ignore_acquire_ts>
<install_routes>0</install_routes>
<cisco_unity>0</cisco_unity>
<make_before_break/>
<retransmit_tries/>
<retransmit_timeout/>
<retransmit_base/>
<retransmit_jitter/>
<retransmit_limit/>
<syslog>
<daemon>
<ike_name>1</ike_name>
<log_level>0</log_level>
<app>1</app>
<asn>1</asn>
<cfg>1</cfg>
<chd>1</chd>
<dmn>1</dmn>
<enc>1</enc>
<esp>1</esp>
<ike>1</ike>
<imc>1</imc>
<imv>1</imv>
<job>1</job>
<knl>1</knl>
<lib>1</lib>
<mgr>1</mgr>
<net>1</net>
<pts>1</pts>
<tls>1</tls>
<tnc>1</tnc>
</daemon>
</syslog>
<plugins>
<attr>
<subnet/>
<split-include/>
<x_28674/>
<x_28675/>
<x_25/>
<x_28672/>
<x_28673>0</x_28673>
<x_28679/>
<dns/>
<nbns/>
</attr>
<eap-radius>
<servers/>
<accounting>0</accounting>
<class_group>0</class_group>
</eap-radius>
<xauth-pam>
<pam_service>ipsec</pam_service>
<session>0</session>
<trim_email>1</trim_email>
</xauth-pam>
</plugins>
</charon>
<keyPairs/>
<preSharedKeys/>
</IPsec>
<hwprobe>
<general version="0.0.1">
<enabled>0</enabled>
</general>
</hwprobe>
<tailscale>
<settings version="1.0.0">
<enabled>1</enabled>
<loginTimeout>10</loginTimeout>
<listenPort>41641</listenPort>
<acceptDNS>1</acceptDNS>
<advertiseExitNode>1</advertiseExitNode>
<useExitNode/>
<acceptSubnetRoutes>1</acceptSubnetRoutes>
<enableSSH>0</enableSSH>
<disableSNAT>0</disableSNAT>
<subnets>
<subnet4 uuid="05d86dc3-e897-4769-85ed-7168860b0fcf">
<subnet>192.168.5.0/24</subnet>
<description>Home</description>
</subnet4>
<subnet4 uuid="f9be7625-0bcb-4e22-9334-e8c6f48665ec">
<subnet>192.168.10.0/24</subnet>
<description>Coldsprings</description>
</subnet4>
</subnets>
</settings>
<authentication version="0.0.0">
<loginServer>https://headscale.rail-city.net</loginServer>
<preAuthKey>a9a6571c76c60a47c3613ea57be273536691de956beaa64d</preAuthKey>
</authentication>
</tailscale>
<Interfaces>
<loopbacks version="1.0.0"/>
<vxlans version="1.0.2"/>
<neighbors version="1.0.0"/>
</Interfaces>
<cron version="1.0.4">
<jobs>
<job uuid="b4879549-d595-47bb-bcff-7ec158b94b84">
<origin>AcmeClient</origin>
<enabled>1</enabled>
<minutes>0</minutes>
<hours>0</hours>
<days>*</days>
<months>*</months>
<weekdays>*</weekdays>
<who>root</who>
<command>acmeclient cron-auto-renew</command>
<parameters/>
<description>AcmeClient Cronjob for Certificate AutoRenewal</description>
</job>
<job uuid="4001a2b1-4254-42b1-af0c-959218dc8e4b">
<origin>cron</origin>
<enabled>1</enabled>
<minutes>0</minutes>
<hours>*/2</hours>
<days>*</days>
<months>*</months>
<weekdays>*</weekdays>
<who>root</who>
<command>system remote backup</command>
<parameters/>
<description>Backup Configurations Remotely</description>
</job>
<job uuid="1a3962d2-465c-4f3c-8bc6-1d0f83636f5b">
<origin>cron</origin>
<enabled>1</enabled>
<minutes>0</minutes>
<hours>3</hours>
<days>*</days>
<months>*</months>
<weekdays>4</weekdays>
<who>root</who>
<command>zfs scrub</command>
<parameters>zroot</parameters>
<description>Scrub ZFS</description>
</job>
<job uuid="f5d114f1-3363-4ab5-8a8e-2a620690bd5f">
<origin>cron</origin>
<enabled>1</enabled>
<minutes>42</minutes>
<hours>2</hours>
<days>*</days>
<months>*</months>
<weekdays>3</weekdays>
<who>root</who>
<command>syslog archive</command>
<parameters/>
<description>Rotate Logs</description>
</job>
<job uuid="22b6fa06-0146-47ba-9964-4317fa8d576f">
<origin>cron</origin>
<enabled>1</enabled>
<minutes>24</minutes>
<hours>1</hours>
<days>*</days>
<months>*</months>
<weekdays>*</weekdays>
<who>root</who>
<command>firmware poll</command>
<parameters/>
<description>Firmwarwe Check</description>
</job>
<job uuid="e83c57e6-071f-4a69-95fc-40eb327c0ba0">
<origin>cron</origin>
<enabled>1</enabled>
<minutes>0</minutes>
<hours>0</hours>
<days>3</days>
<months>*</months>
<weekdays>*</weekdays>
<who>root</who>
<command>ids update</command>
<parameters/>
<description>Update Intrusion Rules</description>
</job>
<job uuid="ff489481-0956-4387-b9de-84acf3ac2adf">
<origin>cron</origin>
<enabled>1</enabled>
<minutes>32</minutes>
<hours>5</hours>
<days>*</days>
<months>*</months>
<weekdays>*</weekdays>
<who>root</who>
<command>zfs trim</command>
<parameters>zroot</parameters>
<description>Daily ZFS Trim</description>
</job>
</jobs>
</cron>
<captiveportal version="1.0.4">
<zones/>
<templates/>
</captiveportal>
<QemuGuestAgent version="1.0.0">
<general>
<Enabled>1</Enabled>
<LogDebug>0</LogDebug>
<DisabledRPCs/>
</general>
</QemuGuestAgent>
<unboundplus version="1.0.12">
<general>
<enabled>1</enabled>
<port>53</port>
<stats>1</stats>
<active_interface>opt4,opt7,opt11,lan,opt3</active_interface>
<dnssec>1</dnssec>
<dns64>0</dns64>
<dns64prefix/>
<noarecords>0</noarecords>
<regdhcp>1</regdhcp>
<regdhcpdomain>home.arpa</regdhcpdomain>
<regdhcpstatic>1</regdhcpstatic>
<noreglladdr6>0</noreglladdr6>
<noregrecords>0</noregrecords>
<txtsupport>0</txtsupport>
<cacheflush>0</cacheflush>
<local_zone_type>transparent</local_zone_type>
<outgoing_interface/>
<enable_wpad>0</enable_wpad>
</general>
<advanced>
<hideidentity>1</hideidentity>
<hideversion>1</hideversion>
<prefetch>0</prefetch>
<prefetchkey>0</prefetchkey>
<dnssecstripped>1</dnssecstripped>
<aggressivensec>1</aggressivensec>
<serveexpired>0</serveexpired>
<serveexpiredreplyttl/>
<serveexpiredttl/>
<serveexpiredttlreset>0</serveexpiredttlreset>
<serveexpiredclienttimeout/>
<qnameminstrict>0</qnameminstrict>
<extendedstatistics>0</extendedstatistics>
<logqueries>0</logqueries>
<logreplies>0</logreplies>
<logtagqueryreply>0</logtagqueryreply>
<logservfail>0</logservfail>
<loglocalactions>0</loglocalactions>
<logverbosity>1</logverbosity>
<valloglevel>0</valloglevel>
<privatedomain/>
<privateaddress>0.0.0.0/8,10.0.0.0/8,100.64.0.0/10,169.254.0.0/16,172.16.0.0/12,192.0.2.0/24,192.168.0.0/16,198.18.0.0/15,198.51.100.0/24,203.0.113.0/24,233.252.0.0/24,::1/128,2001:db8::/32,fc00::/8,fd00::/8,fe80::/10</privateaddress>
<insecuredomain/>
<msgcachesize/>
<rrsetcachesize/>
<outgoingnumtcp/>
<incomingnumtcp/>
<numqueriesperthread/>
<outgoingrange/>
<jostletimeout/>
<discardtimeout/>
<cachemaxttl/>
<cachemaxnegativettl/>
<cacheminttl/>
<infrahostttl/>
<infrakeepprobing>0</infrakeepprobing>
<infracachenumhosts/>
<unwantedreplythreshold/>
</advanced>
<acls>
<default_action>allow</default_action>
</acls>
<dnsbl>
<enabled>0</enabled>
<safesearch/>
<type/>
<lists/>
<whitelists/>
<blocklists/>
<wildcards/>
<address/>
<nxdomain/>
</dnsbl>
<forwarding>
<enabled/>
</forwarding>
<dots>
<dot uuid="4866ad8d-cc6d-455d-84a3-5d3dbacc4d62">
<enabled>1</enabled>
<type>forward</type>
<domain>sunvalley.dev</domain>
<server>192.168.10.30</server>
<port>53</port>
<verify/>
<forward_tcp_upstream>0</forward_tcp_upstream>
<forward_first>0</forward_first>
<description>Sunvalley </description>
</dot>
</dots>
<hosts>
<host uuid="330a0b42-e97c-46a7-83e0-763bc2f502b4">
<enabled>1</enabled>
<hostname>filesvr</hostname>
<domain>coldsprings.dev</domain>
<rr>A</rr>
<mxprio/>
<mx/>
<ttl/>
<server>192.168.10.7</server>
<description>TrueNAS Scale File Server</description>
</host>
<host uuid="604b705e-0b30-4956-849b-f62cc0e917c9">
<enabled>1</enabled>
<hostname>pbs</hostname>
<domain>coldsprings.dev</domain>
<rr>A</rr>
<mxprio/>
<mx/>
<ttl/>
<server>192.168.5.36</server>
<description>Proxmox Backup Server</description>
</host>
<host uuid="75635f4f-77bd-472d-baf0-f8d92165c0cc">
<enabled>1</enabled>
<hostname>zoey</hostname>
<domain>coldsprings.dev</domain>
<rr>A</rr>
<mxprio/>
<mx/>
<ttl/>
<server>192.168.5.10</server>
<description/>
</host>
<host uuid="f7c0de31-d953-4e36-a7bc-35fd5dc678a1">
<enabled>1</enabled>
<hostname>roxy</hostname>
<domain>coldsprings.dev</domain>
<rr>A</rr>
<mxprio/>
<mx/>
<ttl/>
<server>192.168.5.12</server>
<description/>
</host>
<host uuid="47ed8e1d-6bec-4d42-8d82-3d729e4b14a7">
<enabled>1</enabled>
<hostname>gizmo</hostname>
<domain>coldsprings.dev</domain>
<rr>A</rr>
<mxprio/>
<mx/>
<ttl/>
<server>192.168.5.14</server>
<description/>
</host>
<host uuid="552ede08-b02d-46aa-ba7d-4b407fc0f86e">
<enabled>1</enabled>
<hostname>jonah</hostname>
<domain>coldasprings.dev</domain>
<rr>A</rr>
<mxprio/>
<mx/>
<ttl/>
<server>192.168.5.16</server>
<description/>
</host>
<host uuid="c0c5f09f-75a5-4502-b628-b88d81afb96f">
<enabled>1</enabled>
<hostname>lacey</hostname>
<domain>coldsprings.dev</domain>
<rr>A</rr>
<mxprio/>
<mx/>
<ttl/>
<server>192.168.5.20</server>
<description/>
</host>
<host uuid="c83d7b34-1918-47ba-97b5-283d193a24a0">
<enabled>1</enabled>
<hostname>pve1</hostname>
<domain>coldsprings.dev</domain>
<rr>A</rr>
<mxprio/>
<mx/>
<ttl/>
<server>192.168.5.24</server>
<description/>
</host>
<host uuid="cd6b0236-e34b-4322-891b-404390f4aa6d">
<enabled>1</enabled>
<hostname>foggy</hostname>
<domain>coldsprings.dev</domain>
<rr>A</rr>
<mxprio/>
<mx/>
<ttl/>
<server>192.168.5.22</server>
<description/>
</host>
<host uuid="3dad142a-1e1d-4fcf-81eb-e2325bbac10b">
<enabled>1</enabled>
<hostname>susie</hostname>
<domain>coldsprings.dev</domain>
<rr>A</rr>
<mxprio/>
<mx/>
<ttl/>
<server>192.168.5.26</server>
<description/>
</host>
<host uuid="aff1b64c-f372-498f-a037-9f58eb924688">
<enabled>1</enabled>
<hostname>rooney</hostname>
<domain>coldsprings.dev</domain>
<rr>A</rr>
<mxprio/>
<mx/>
<ttl/>
<server>192.168.7.28</server>
<description/>
</host>
<host uuid="60ce3107-2b4d-4c3b-80aa-4eac0c23e6df">
<enabled>1</enabled>
<hostname>misty</hostname>
<domain>coldsprings.dev</domain>
<rr>A</rr>
<mxprio/>
<mx/>
<ttl/>
<server>192.168.7.30</server>
<description/>
</host>
<host uuid="4157f96a-a776-4c22-b81f-3f231e1116ce">
<enabled>1</enabled>
<hostname>mqtt</hostname>
<domain>coldsprings.dev</domain>
<rr>A</rr>
<mxprio/>
<mx/>
<ttl/>
<server>192.168.10.49</server>
<description/>
</host>
<host uuid="8a3dbb9a-4f3f-4bfd-ae37-3036955dee46">
<enabled>1</enabled>
<hostname>docker</hostname>
<domain>coldsprings.dev</domain>
<rr>A</rr>
<mxprio/>
<mx/>
<ttl/>
<server>192.168.10.30</server>
<description>Docker Server</description>
</host>
<host uuid="a545b572-9b8a-4525-b4ca-d570a15c2421">
<enabled>1</enabled>
<hostname>fw</hostname>
<domain>coldsprings.dev</domain>
<rr>A</rr>
<mxprio/>
<mx/>
<ttl/>
<server>192.168.10.1</server>
<description>Main Firewall</description>
</host>
<host uuid="16a4c0e2-3a8a-4631-bf5a-ad875284e973">
<enabled>1</enabled>
<hostname>dbnp</hostname>
<domain>coldsprings.dev</domain>
<rr>A</rr>
<mxprio/>
<mx/>
<ttl/>
<server>192.168.10.29</server>
<description>NonProd MySQL Server</description>
</host>
<host uuid="23bb0626-618d-49a5-bdde-1182b1f9532f">
<enabled>1</enabled>
<hostname>dbsvr</hostname>
<domain>coldsprings.dev</domain>
<rr>A</rr>
<mxprio/>
<mx/>
<ttl/>
<server>192.168.10.9</server>
<description>Production MySQL Server</description>
</host>
<host uuid="bf772e1f-09a5-44e9-87c7-567dfac00550">
<enabled>1</enabled>
<hostname>kube</hostname>
<domain>coldsprings.dev</domain>
<rr>A</rr>
<mxprio/>
<mx/>
<ttl/>
<server>192.168.10.240</server>
<description>KubeCtl Channel</description>
</host>
<host uuid="b4201dfb-9365-4b22-b3c1-4526452bb900">
<enabled>1</enabled>
<hostname>office</hostname>
<domain>coldsprings.dev</domain>
<rr>A</rr>
<mxprio/>
<mx/>
<ttl/>
<server>192.168.10.30</server>
<description>Collabora Office</description>
</host>
<host uuid="cee47435-8476-4c6d-bafb-fcca5168809c">
<enabled>1</enabled>
<hostname>haos</hostname>
<domain>coldsprings.dev</domain>
<rr>A</rr>
<mxprio/>
<mx/>
<ttl/>
<server>192.168.10.49</server>
<description>Home Assistant</description>
</host>
<host uuid="846fd7b0-1a71-4881-aac3-67300443130b">
<enabled>1</enabled>
<hostname>docker</hostname>
<domain>sunvalley.dev</domain>
<rr>A</rr>
<mxprio/>
<mx/>
<ttl/>
<server>192.168.7.52</server>
<description>Sun Valley Docker Service</description>
</host>
<host uuid="2484e774-ba7b-40ee-bc87-5210a227b915">
<enabled>1</enabled>
<hostname>zoey</hostname>
<domain>nas</domain>
<rr>A</rr>
<mxprio/>
<mx/>
<ttl/>
<server>192.168.215.10</server>
<description/>
</host>
<host uuid="df051549-a300-4d83-b8ee-16e6559d93dd">
<enabled>1</enabled>
<hostname>roxy</hostname>
<domain>nas</domain>
<rr>A</rr>
<mxprio/>
<mx/>
<ttl/>
<server>192.168.215.12</server>
<description/>
</host>
<host uuid="17ec1ef5-3d5b-4d3c-9f92-f4ae07872063">
<enabled>1</enabled>
<hostname>filesvr</hostname>
<domain>nas</domain>
<rr>A</rr>
<mxprio/>
<mx/>
<ttl/>
<server>192.168.215.7</server>
<description/>
</host>
<host uuid="f760f2a1-7162-4ec3-aee2-b597632d9134">
<enabled>1</enabled>
<hostname>gizmo</hostname>
<domain>nas</domain>
<rr>A</rr>
<mxprio/>
<mx/>
<ttl/>
<server>192.168.215.14</server>
<description/>
</host>
</hosts>
<aliases>
<alias uuid="6dcbdedb-961b-479c-ad86-19c01855fed9">
<enabled>1</enabled>
<host>8a3dbb9a-4f3f-4bfd-ae37-3036955dee46</host>
<hostname>adminer</hostname>
<domain>coldsprings.dev</domain>
<description/>
</alias>
<alias uuid="3c0877c4-276b-49a4-b35c-4c08719f193f">
<enabled>1</enabled>
<host>8a3dbb9a-4f3f-4bfd-ae37-3036955dee46</host>
<hostname>ca</hostname>
<domain>coldsprings.dev</domain>
<description>Smallstep-ca</description>
</alias>
<alias uuid="dbc24ef5-2ec0-4249-b728-7e080b29f4fd">
<enabled>1</enabled>
<host>8a3dbb9a-4f3f-4bfd-ae37-3036955dee46</host>
<hostname>frigate</hostname>
<domain>coldsprings.dev</domain>
<description>Frigate</description>
</alias>
<alias uuid="e7fb7fe5-5162-4306-95e8-0e5627c73813">
<enabled>1</enabled>
<host>8a3dbb9a-4f3f-4bfd-ae37-3036955dee46</host>
<hostname>gitlab</hostname>
<domain>coldsprings.dev</domain>
<description/>
</alias>
<alias uuid="592c230d-2b6c-43f8-9066-6269c1d0fc77">
<enabled>1</enabled>
<host>8a3dbb9a-4f3f-4bfd-ae37-3036955dee46</host>
<hostname>graylog</hostname>
<domain>coldsprings.dev</domain>
<description/>
</alias>
<alias uuid="5109fe6c-754b-4f46-924a-1020902a9f8a">
<enabled>1</enabled>
<host>8a3dbb9a-4f3f-4bfd-ae37-3036955dee46</host>
<hostname>heimdall</hostname>
<domain>coldsprings.dev</domain>
<description/>
</alias>
<alias uuid="4a74c0b2-dd0e-40d5-8fb0-17d1f8b2d5aa">
<enabled>1</enabled>
<host>8a3dbb9a-4f3f-4bfd-ae37-3036955dee46</host>
<hostname>homarr</hostname>
<domain>coldsprings.dev</domain>
<description/>
</alias>
<alias uuid="1ca225ba-ed5f-41cd-b49a-badc730619f4">
<enabled>1</enabled>
<host>8a3dbb9a-4f3f-4bfd-ae37-3036955dee46</host>
<hostname>jellyfin</hostname>
<domain>coldsprings.dev</domain>
<description/>
</alias>
<alias uuid="10798f1a-31c8-4d44-b6b6-8d9976bb7910">
<enabled>1</enabled>
<host>8a3dbb9a-4f3f-4bfd-ae37-3036955dee46</host>
<hostname>portainer</hostname>
<domain>coldsprings.dev</domain>
<description/>
</alias>
<alias uuid="e2f500ed-0a4b-476c-873f-887256d3501e">
<enabled>1</enabled>
<host>8a3dbb9a-4f3f-4bfd-ae37-3036955dee46</host>
<hostname>postfixadmin</hostname>
<domain>coldsprings.dev</domain>
<description/>
</alias>
<alias uuid="99436c95-458b-40cb-aca5-1cf395a18217">
<enabled>1</enabled>
<host>8a3dbb9a-4f3f-4bfd-ae37-3036955dee46</host>
<hostname>pwm</hostname>
<domain>coldsprings.dev</domain>
<description/>
</alias>
<alias uuid="8f30f428-783e-458c-8037-a6fd2ac8ad6f">
<enabled>1</enabled>
<host>8a3dbb9a-4f3f-4bfd-ae37-3036955dee46</host>
<hostname>signallapi</hostname>
<domain>coldsprings.dev</domain>
<description/>
</alias>
<alias uuid="143c322d-c234-4b4a-8965-a9724a54202e">
<enabled>1</enabled>
<host>8a3dbb9a-4f3f-4bfd-ae37-3036955dee46</host>
<hostname>sonarr</hostname>
<domain>coldsprings.dev</domain>
<description/>
</alias>
<alias uuid="3faba734-473d-4100-a252-e11b47829241">
<enabled>1</enabled>
<host>8a3dbb9a-4f3f-4bfd-ae37-3036955dee46</host>
<hostname>tautulli</hostname>
<domain>coldsprings.dev</domain>
<description/>
</alias>
<alias uuid="99c78714-73b4-4f45-98cb-fa4aef359e27">
<enabled>1</enabled>
<host>8a3dbb9a-4f3f-4bfd-ae37-3036955dee46</host>
<hostname>traefik</hostname>
<domain>coldsprings.dev</domain>
<description/>
</alias>
<alias uuid="241df613-79ae-425e-bc59-53e7e0738a46">
<enabled>1</enabled>
<host>8a3dbb9a-4f3f-4bfd-ae37-3036955dee46</host>
<hostname>unifi</hostname>
<domain>coldsprings.dev</domain>
<description/>
</alias>
<alias uuid="71b97131-62f4-4489-9f50-639306137064">
<enabled>1</enabled>
<host>846fd7b0-1a71-4881-aac3-67300443130b</host>
<hostname>myspeedtest</hostname>
<domain>sunvalley.dev</domain>
<description>My Speed Test</description>
</alias>
<alias uuid="3791227a-5d89-4b30-a6d7-73595c16f15e">
<enabled>1</enabled>
<host>846fd7b0-1a71-4881-aac3-67300443130b</host>
<hostname>myspeedtest</hostname>
<domain>sunvalley.dev</domain>
<description>MySpeedTest</description>
</alias>
<alias uuid="88f26411-25f8-4b9c-96c0-6dad54d89da7">
<enabled>1</enabled>
<host>8a3dbb9a-4f3f-4bfd-ae37-3036955dee46</host>
<hostname>railcloud</hostname>
<domain>coldsprings.dev</domain>
<description/>
</alias>
<alias uuid="599c9cdf-dea6-4f9d-b7a4-b6087a6e1caf">
<enabled>1</enabled>
<host>8a3dbb9a-4f3f-4bfd-ae37-3036955dee46</host>
<hostname>minio</hostname>
<domain>coldsprings.dev</domain>
<description>Minio S3 Service</description>
</alias>
</aliases>
</unboundplus>
<OpenVPN version="1.0.1">
<Overwrites/>
<Instances/>
<StaticKeys/>
</OpenVPN>
<OpenVPNExport version="0.0.1">
<servers/>
</OpenVPNExport>
<TrafficShaper version="1.0.3">
<pipes/>
<queues/>
<rules/>
</TrafficShaper>
<AcmeClient version="4.2.0">
<settings>
<enabled>1</enabled>
<autoRenewal>1</autoRenewal>
<UpdateCron>b4879549-d595-47bb-bcff-7ec158b94b84</UpdateCron>
<environment/>
<challengePort>43580</challengePort>
<TLSchallengePort>43581</TLSchallengePort>
<restartTimeout>600</restartTimeout>
<haproxyIntegration>0</haproxyIntegration>
<haproxyAclRef/>
<haproxyActionRef/>
<haproxyServerRef/>
<haproxyBackendRef/>
<logLevel>normal</logLevel>
<showIntro>0</showIntro>
</settings>
<accounts>
<account uuid="5f44d980-1238-4f71-b092-29340ef2a5be">
<id>67a951a8c761b1.57922271</id>
<enabled>1</enabled>
<name>LEProduction</name>
<description>Let's Encrypt Production</description>
<email>letsencrypt@blkdoor.com</email>
<ca>letsencrypt</ca>
<custom_ca/>
<eab_kid/>
<eab_hmac/>
<key>LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlKS1FJQkFBS0NBZ0VBM2VHSk10ZjM2ZDJKL2VsY0RPNDVQQnZhWEN4NmJZK0dGL1V0cE1DMzFyNU5weG5kCk9pZUJNQW9KRmVRTnVtd2gvNGtMS2NTN0NoN1FXc2ptTGNiVW83cTJUK0t2R0piZTlLZ3k1VW81QU5RVzRwTmUKaDR1UVZkQVVhblpWNGFDdlBwSXZnc1p5OS95R1JvWWx0dUhiNGtmdzZ5cFp2RnE0QVlJR2prbkkyRlZJMjRFRwoxMldGNXVMa0kwclphVDNEdXBSbkwzQTVETlRYQXVpbG9yVHp0U0d5Vmg1bFJWYlB5Tzh0a0huUUhPZm43ZnFTClQ3ejhCMTFzcGF3NlpJWnVERDFMaWRsOUxEWkpSdzFEbmhsSFNQWkxoTll6Q0NHN2VLY0d3MkdWcEpuUW5DSFQKTUxEb0lJMUFNclR6ZDlhbTYyZ25CbFVHRkJwbmlIdk1MamlNZzFRQ2ZRRVJqUUZ4TGdJU0Vkc0JSMUYxY2ZubAp2MlNMcUgxNVdMQi9DZWVyRWZNUmptbkU1OWt0bEhKRmQ5UkxITVZ1NUtnR1VnWGZiVkVnN0RNNEtNblRWRG5TCloyRWhuM1hOMnp1bmE3aVdWZk9mVWkwWHdmazJvYVQvRVdmZnpXUUpXczR2MzZCMEh0L09WaWtMTGhOa1pzdkUKcTRXL1pHMVB1N2FrbE9iOGNhcEtVeEtGRU1ubEhFM01DRVJwa1NQU2Q4bEZKMnhnWkwvd0pMb3pYbWR2NHFuZAo0dWVIck40UkZJcWtmY3FKMWVvK1A5cGhxaWVHM0hTQ3VXTzU0Y1ZGN2RYcVlDSVNPR0wxUDRpT0NvSDJvaWQ1CjlEa2pJR1hjMHFzeHJnMHlCS29uL3RTSFYrWWZCWkNKOWFXWENsd1FJYnIrdE50dHRFMEd6QXBZRmc4Q0F3RUEKQVFLQ0FnQkQ0UmM1bEVPMmFyMm9EY2ZJOXVwUW5zN0hTeDRyUFhEUERJVnB0VUdvc3pDTGNnaXhuVnRTNkljTwpDT1pBUll1REl4aGtyMWh2U0swQ1VSckdIMkYzTTR4SjFUWXZCaHp3YVRLazNmZWhic0VQa1BrbTY0WDlFcnJrCk5RNmlCNmdGTXZEUkI4Z3RZTFp0aGVXczFOMFJsV081ZGd2YzZUNEl6QkFZWUs5T3E0eXVCb09peXQ3VG0wOGoKRXVkL1lGTnNWYkZabkhIL29HK2s1cXFobzgwNCtUV1hUaFk2Ujh3cWt5MXoyU2hYWjRVWFU0U0dXM0VaQ2JaTwoydWxFVHJJRkVZMTEvekRob1R2NnZpNlZBL1BBZVFUeWZ4cytuaDg5MG85cG40V0p4VHJDUVVEY1VRcTZ4cXZBCnQ0WVNmL3N4NG51cDNzSU16V1VtSm9WNUVIaS90TU5WS05hbERUSEVBTmxTY0s5QmlaRE96SkEzMysvZUtJOXkKbjBBS0Z1TTZsODJoR0ZieVpGYWxidmkzSWtiYjFNTjBxYW8xTEtEaWNoTkovNUNoK05GYklKS3hYaGwzVDlkWgpta2IrRGNWZnpzVUdzT1ExbnQ4eEZBak1CY29udnZDUTZDeUsyWHJ2QU5sZVJTTyt2RlU0akpUYUJIUG93aWwxCkxDK1B4bGVHaHBEeEtQNnlMdnlDRmRUbmppdHlPMWtaa29mZi9ybHF5U3d6Z2pUdTduaUp3WFdDSE5kS3BRQzAKYnV5U2U2SzI4L2M5N1dMc2ltWnJ3dXpGRjF5aDFvUWpaZnBwcTRNRVRoZ3c1SzU0bGRrcU9UaFdpOUVkKzFXRwpaK2R0aHpGdDV0ZENPV2RlM2tuR2VvaTBtWDM0RHZBY1NBa213cHd0NkJ3WjNodTdGUUtDQVFFQTljUlZJYS9YCmw4cTI2NzNrM3gxVklGVHV5NllybUMrUWxMeGhWZDY1Skdld0I4dXA4NkFZc3h2ZnhyK0crTTkvelU3N2xZbUYKMEEvZnAvTWdwS2FPdGt1V2cxWWxwaEx5UlNUenczOEs1WVEvdWh1VHpuU05BNVFDTlRPaVhIZlNGSVJaU1dUTQp4eDdmaTVHY3ZMTGNrdlRBQlJyS29SMTZjNDdHZlVIZEFQZFozMFN6SWFjM09LS2dmYlBTN1ZEdTlqNzZTNzV4CjBKY0FpTEo5WFJrWHc2SEN3Y25ObDRGQTNqME9DYWdIaWY3VS9FWkdnTEJ6SlNFNmRnRTd2MVJvN0xUdjhzUXMKOXQ2OC9oL3NWSGZIWWdlSUIvb3ZDSERTODBiNVRRM2dxMmlKWFBGVG0wVVJVQVVjTlVlMmllMG94Z1NJUkNLVQpXZWo5dFZtNmcwRm9hd0tDQVFFQTV4NlpnbGRDVlVzYTBrR2VtbnZ6ZFUvdCtpalJobTQxNVluT3E5Nld5UnRwClNUYXpCMjlTbFR5YXBZSGtWT2R2UE5jcmVRVDJRalZIT3hzZE1Zcjh3NDBhd0N3cFRyR3QxTG1wMWEyN3lIL1UKaDRnYXcwckYxY2x3ZWwvM3d0V3Y4MGgxekNac3dlRldDTGE1anFRR0Z5NHUyZk9XMVI2cjJaem9qLzJjdjJ4dgpoNm1tcnZPYTNhblJQNDV4OXJBNzVKei9UaEs0a0NzbkQzWUh3b2QyajVZNHdQOVZiTFhrU3dSUStWREVOcHROCkpmRmNnaEwvQjFBMk5JOTQwNm1CZzRrWWVEa0Jmb2diWGlMbVNtaHBJZGIwd2Y3T1dYMU1EblNhZno1NThGOU8KQ01EMHhpR2tnalp0SmQ4ckhkbzlxUVJad1NkVjM5OExCclcrc0tZQjdRS0NBUUJVZi9XWlNJRkM0bUwwT08wcApQVWVZZnpzL2I5bkxVSWRRYkZpM0VvWHJtMjd0cnp1MjFSUEkrVXQrWlRtOThISUxvQjFtTTh0N1Z3bmFFQURvCk81QVQ0M2RUbnRvQStNQ3R2MS9FbHJpalkwNFo2Z051MTZub1VncFVTbldIZjNjT3NOYVdJbjg1ODBaL0VVaW4KcElPc1QxUjZMTlVBZ2tjbzFpMHV3ZWQvdm92NjlQNzJFaTB0WHRUNWcwdUJadk5TWFNMbnlnb040dTAvRXNlQgpxKy84eG5CVSt0S2lSY0dNNThjYzBOWU92enh4cEtQMitUUU56eGZ2bk1yekpNMlNuVDltNDhabDl2MWFEcFhPCkVRVFBrckZWdE5KWS81bTRKVzN2N1ZhUytMVko3SHVIaGo3R21Zc3lVbjdUZTJRcWVVSjAwc0xaQ3YrNFM2cVMKR0hvVEFvSUJBUUM2ZG51UEp1dERlU2FZZjR5QVFvUjNIeGQyZmp3YzR3bmt1THZlK2VSWk9CNUhqVFAvU1pjdApCQW9ZZ2FVL3dzQ0NLMjdOWW0xem1SeHcyVDFDWFVuMFV3RkVEZHo5dW1mdWVpUkZXcmRuMllvVUZvRFJFcUJ1CkRPa01NaVRvTWhLVWl0OU81NmxTK29PNDRBTHd5L0NGL3lLWmdPY3Q1bUxyWEtaY2xWWkRNaThCR3FSNS9kdngKL2pIdHZ2UysvQXcyTTF2ZkYwZUVPT3g0a3RkTDRKS000YnZFS2J3M3lyLzJyZkxPVXBVYklVeXEwZ0c2aDZ6dApyNDhyOUp5YzErSy94bm5SZE54NXcwR2hQekxnMFVBUXB5WXM1WENCem83d0VxOGEvY0xQWlhURnB6ZFVLb3hZCjZhUkJxNzFUaG1HODNOKzA4QkZlWHNxOGpTRGR6L0U1QW9JQkFRQ1BvSytkR0twOHhmY1B4bU1FdmlHM0FxblgKQmRXUmgzcHF3ZjZmcUpoeDhabENnTUZBTkUwSjVLcDBkVFRxcDdsejJNUnBSRDNhYmZodEVJQTRJNmRwUWswNwpjaEQwdHplWFExNWV1S1IzZXI3UkcyWnpjUVZYWEJqdkRGYkhHa1VLUWhoV1lDbWtySFpJWWx4Vjh3L1ZUL0dQCkp1UUE3VWVranE1a1I5MXg1K2l3bm5taXlGSVVSYUhlZGtiNElkNjNNcUxPRmFyOUVzMTJxZTl1MHlTMzZOR2kKdTdubzNqSkREbzVqb1liTzRwSHZ4MWViRmdnUmpGY09MS2t1UXE3MXhOaGJXVXpsc05DOXNwYkprbzZ4TndlVgo3d0h2VEpIekdJTWRCR3A0eUZXditDSEQ0eEtuZnR6SkFHY2FsZEVtZHF1N3ZITTZsZlFoZTNoN1R0TGYKLS0tLS1FTkQgUlNBIFBSSVZBVEUgS0VZLS0tLS0K</key>
<statusCode>200</statusCode>
<statusLastUpdate>1739149868</statusLastUpdate>
</account>
<account uuid="b3dd5da6-5b9e-4697-aef8-4304e4d5ca0b">
<id>67a95223cb8428.09564898</id>
<enabled>1</enabled>
<name>LEStaging</name>
<description>Let's Encrypt Staging/Dev</description>
<email>letsencrypt@blkdoor.com</email>
<ca>letsencrypt_test</ca>
<custom_ca/>
<eab_kid/>
<eab_hmac/>
<key>LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlKSmdJQkFBS0NBZ0VBdDFLTHRHTlppaHBrZ2RvaGZ4U1ErNmdhdlVOWVRwbThncm5VNXM4THlYVHJaK0krClpUcmpGYVlaTGUrTzlHQW8wWHVBRU5nVmJQeGpRNDQrb2NaWUhPN09OeW5laWZVcHN1b0tjR3pjcXZ5Y1UzZmkKTEZBWkxUTDh0TWI2Z0Z6alVEb1Z6bWpTUklHYnlQZ2RScksveGY2b3ZRM0didVgwY2tlUm9rUTlabU44dG5YYwpQZTZha21yN1JMZW9Mbk15Y3N1bVlySmZYajNPYjR4L0V4OUJOeitPNDdlSWQ4ZGNJS0lPY1VaUTJ2djNwd0RzCnJoZ0hwdjhESWluNEtQaWlTbndpaUsxczRBdlRHeEFDYVdlV3A2QmtZV1paYU5MSTNld1dOb3JIcGxOQm5aQXUKNHZla1o4cXdneEpjcGdpU2diQ2Q4M2tOeW9hRFlYeXN2b1hPUVB4VjJwNEp2OVh3RmdPM2RZMi9vNWJtbWI0bQpJcUZTaW91dHZGajJvNStiQUowS3pHdVVETFQ0SlZQaDg3dzU3K3M2WEtlSjNUYitkSXQxbmxEczdWbzliTnZnClFXSWtqMjdDV0M2L0JpVmgyei9vQWhZNS9NNVNOQ1FZUW9BL0o4OHFkZVNTTVo2eDNvOEM2c0c5VmhiNUtLemQKbmRMSFByZ0JSYTgvelM5TmMydjQxWFlwenFtMUYwUm5KNDlUTDhnVHJzVU9yN3BjTEtrWkM0dS93Q2h5WFhPMwpFR3BuYXFSelZ2NzZQNXJFNXRPSXNOcUlkcSs3anVmQ3Z5MkIwaDM0bWJ4T0t5ZE0xdnQvcGN5NS9kRnc1WjdOCktndkdMeWZHM1IvdDVLdjNvQ3hkdmt6R1pzSUswR1FxbDh2MTczYkc2YVEyWm9ZM0xJMlZGQUtrbDY4Q0F3RUEKQVFLQ0FmOUFGeHZBZFB0WXpPRldoR3d4Z1g4dWZCYmRGQzVMVEhRYlA5eXUxTFBLT3BZU080YVUzWUdHa0FzOQpoQUwyYktmWWxOU3hEdHB1djgzMFVFYVZTRUtGMnZjOVVlWDdWVHErMGhQVU9qcnJqR1VheVU3Skx6ZWVGYlZECmZrMFZrMlBsS0dsM1FDNUN4UTB4dFl5R3F2ZGd3U2M4OFJQdXNYWkVmY0RzZWU3OVhNcTgvM2VBTDJyYXhZd1MKK2lKU0d2UUlMaXA5VnQ4QWs1c1laSVlJcVdTamJCVUloNkd1UG9SMjVERW9hT3pib2p0eXAyQVhmVTh2a3ZnRgplYWJJckNRUTVsVXNjM1VjM3dWdThLbm5MOC83eXBkTmRmck1LdVVPc1BzVEZuRzJOR1U4TUt3enJXQk02US9NCnd4Nmc3VjVLK1BRL3FwS251MTh6TmVNdXVKamloZUhDOEozMUxMVDBkRld5UU9vK25SNmdhQ29iWWJOcU5CYW0KMU1yYWVKUUNiTi9PZE9FOC9RTEFHN3ZUclBmOXBycjUzZjFDdTdhOVJycnNCaXMwbDducStRYjhMc3hjRm9EMApZV25MY29rVFZGWU5SNXBQL2dLUkFxdGM1L3ZMVk5lZksxcDJMQkIwTi8vV2lSWnNvelJlWWgvVW8wWGdZMklCCjJqbUozV1RzY0JtS2grUm9yeVl3QWd0M01lQnFvbUZCN0VBOXp5MkFvNzkvZkhEbEk2Z2hIYlVIanZPT1lTcUcKKzYrZE9MS0pHYUJkUlc1dEFnTGpCUk9zakFRTGJIcmVsNDJURDBBODRsNnBQODBuVTRvd1NtSE9jRnlpMjFTNwp1YTJFL1lhaU51cU9aa1h5SjBOd01KcG4wNGtXVEdQYkZUT2FEalhmcEU4K3B0RkZBb0lCQVFEK2sraTRtRUdZCnl4d0FxcGY2VWtPWjltTFhETnNjUUJaU1AvQ1I4V1NSdC9Sdmp6Qk15bFMwdGRGMDVjMUc4ZnVDcXJyZTZPV1UKelNiZDRnT0xuNnVrU2M3RFVBVzdSaUNiczE3L3JBMjVJZWZ5dFlKVkVlS09RbWlnWHBBQkR0RERmaFVlbFRUVwpMVS9aUTdoQjB5azZic25BSU04MDNoSmc5RHJZejN1bDRJUHh4VmozSnlzaWcvTU45bEV5Z1FnN0F6bHhRamdqCkh6cnMyMTRuN3NIVVhOK1h2Zmx5RFhZN0FldkNYbWhpKzExajN2R3VyMUdGWEYzQ2tnMFludUlaUi9hU3RFL1MKYjdBdkVlc1VOOGdWSGlHdEViaFFTVXk4L1hKVllhS21SWlJwUEhVbzE0SHJvckNYRWgvSnpEcXVVb1ZQYzNvZwo2Q2gxZUppdDNIZWRBb0lCQVFDNFdMcWhKSTZSRGJreGF0TlA1QldKZTY3MS8zOHFGMU9hcTdVZjJkQXRpOXo0CjVqV2gxSnBZTjZJd2pNaFRpckpIQ05UOXBPUm5vTzlRcys1c1h6RTdKeExNNitKaGFRbWJyQ3VTSWpOMVVRd0EKT0k4bnI3UnZ3OVFKZkkvMDV0UC8xMnJBVnJhaDFFbEFtMGZhT21FaVAvdjk2MlFJNEkwaFpKVGtFNnRoa3JtYwpkVldDRDY3QU80VUR1R3ZZUkQvVko2YUVablNPNDJIUGkvRmVSUzFMV3MwckdaRTBlUmM0TG5ldWFZR3NLM3UyCnRVb3d1UjR3UmNBU3M3ZHl2QStucUtYUkp2ZWMzeWxGcjJNajRPRDlqc29tY2pwM3llWVZFaGtjVWxuYXFSdzgKalRRM0ExdkFXdjJjV2Z2SkgvRlRQd2pnd1BjYURBQTU2VkgzcEppN0FvSUJBSDB6Y3VXdUE3eklUeXBJdTl1aApMNXY5bjVpUnV3VEd3L09KZkovWjd4TDNQR0ROTS96Z0dRNlN5TU5MN1V2eDREYmdEbTFvYnRoaW1MWFEzTnVECkdHQUE2STRId2ZuYlFGZ3l2QXJUckNBYmU3NVM1QmxBWllKL1NJTnVYallXK2piYXdEbzlPVElJTU5meVJTRWkKWDRsY1NSNlRSRFNFN3RiOTVoOFEwNGU5eGtaV1B5MjE5ckhQNE81QjhLYjg3SFpSWEtQRjVHUHBqUXBGektXbwo5MnlnakZwTlZPdHhrVzd0dit2a2tFUDF5WFUvaE83YlRDVmhTcjlSSXQyejdoQnU0dVk5aFhCQis0ejZxL2xTCmdiVlpEMGpWaVNiN0ZhRndxQlV6b2xGUnNPNmNqQ1ljN3NsYlJxdlZmd3E0eFRkTVlFRzEwaDl5N2Nyd0YyNlMKR2NVQ2dnRUFCYWpUc2ZiSldiS3VLTkk2d28waURDSjc4Smx6Y2Z0ZFdiWkR6VUtHblo5Wm5WcVQ4dS92L1IxWQpJVjF4R1A5OUVhazN3TUc3TVdORGRaclFpd3N4Rzd2TFcvY3g4QU9sZzkzNVNIYzhWVEd6eUozejV5Z0J4aHlnCitkbVZJZE9rVm9wcWdKVW83amJ5T01XTG95dC9wK21HOXZpdkRZYTNUbnNrQnd5RGltOVN1M2J1dFJ0K0pmQ3QKMkx0a3RETUVNcXNROWFlZmxITnVvVXlPa0hKWFBhVC8vMzY5Y25yMU40aFZyRWtZN2d3M3RCaEV1dEkwRnc5TgpJa1hhTCsrT0czdVYrNkhTb0VKSnBoWUlXU1dpUXFhTGxqcVRpUEh0MmwrLzNacTVuM2pwb1FKRXhCdWFTWUdCCm43Y3pmNjAzWDNMajl1SjFzNXNDdHNSdSs4ZFYyUUtDQVFCSUpYM3ZvL2JvcmxvSVN4V3hBZGlucU85amVYQSsKSDhyOW5ldWNGYmZIUHl3aEJNRnMwVk5ld0hZNmI2QzRFN1hkVDU5OWRoZWg3VVZVRVcxUy9UL3NKcThjb3Q0OApXWWNlUTgyQVMzZTRtNTF0Q3MvWDFXMWl3WURFRjZPVVV5Z0l1RFRDaXpSdlQ4YTdPMGttTHdHTVVZdi9YRStkClRQQ01SSVp2T3F6SEY4SFlReDRENTAyZTBCMUsxWVlFS0ZGVGxSMVdla1ZNQnUzUS9FTkYrdHBDS2lLczZYdjIKR2F0ME93ei96OHZvYzJRZW5hREJjelNNOXpVQ1NGN0M3bWNSRWRBSFVWZW9IZ1hUYmJNWFJZVkE0MWxhRVgzawpWY3JWTjdycGs2MUNuNExuSXhTYms1ckRkamtaUHlLWkpyZDJ5WVNkR0FFZk5NSzExekJwM1J6UQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo=</key>
<statusCode>200</statusCode>
<statusLastUpdate>1739149871</statusLastUpdate>
</account>
</accounts>
<certificates>
<certificate uuid="b044a890-123d-4979-8798-d6db99d2fff5">
<id>67a95302cb4297.16727540</id>
<enabled>1</enabled>
<name>rno1.rail-city.net</name>
<description>Firewall Certificate</description>
<altNames>rno1.rail-city.net</altNames>
<account>5f44d980-1238-4f71-b092-29340ef2a5be</account>
<validationMethod>8200f583-9c30-40ab-ac16-8bc3afdcf99b</validationMethod>
<keyLength>key_ec384</keyLength>
<ocsp>0</ocsp>
<restartActions>9fabe4b7-2d20-437d-94f3-c10d74eabcf1</restartActions>
<autoRenewal>1</autoRenewal>
<renewInterval>60</renewInterval>
<aliasmode>none</aliasmode>
<domainalias/>
<challengealias/>
<certRefId>67a9532677f13</certRefId>
<lastUpdate>1747582234</lastUpdate>
<statusCode>200</statusCode>
<statusLastUpdate>1747582234</statusLastUpdate>
</certificate>
</certificates>
<validations>
<validation uuid="8200f583-9c30-40ab-ac16-8bc3afdcf99b">
<id>67a952c254adc9.13558747</id>
<enabled>1</enabled>
<name>PowerDNS</name>
<description>PowerDNS</description>
<method>dns01</method>
<http_service>opnsense</http_service>
<http_opn_autodiscovery>1</http_opn_autodiscovery>
<http_opn_interface/>
<http_opn_ipaddresses/>
<http_haproxyInject>1</http_haproxyInject>
<http_haproxyFrontends/>
<tlsalpn_service>acme</tlsalpn_service>
<tlsalpn_acme_autodiscovery>1</tlsalpn_acme_autodiscovery>
<tlsalpn_acme_interface/>
<tlsalpn_acme_ipaddresses/>
<dns_service>dns_pdns</dns_service>
<dns_sleep>0</dns_sleep>
<dns_active24_token/>
<dns_ad_key/>
<dns_ali_key/>
<dns_ali_secret/>
<dns_autodns_user/>
<dns_autodns_password/>
<dns_autodns_context/>
<dns_aws_id/>
<dns_aws_secret/>
<dns_azuredns_subscriptionid/>
<dns_azuredns_tenantid/>
<dns_azuredns_appid/>
<dns_azuredns_clientsecret/>
<dns_bunny_api_key/>
<dns_cf_email/>
<dns_cf_key/>
<dns_cf_token/>
<dns_cf_account_id/>
<dns_cf_zone_id/>
<dns_cloudns_auth_id/>
<dns_cloudns_sub_auth_id/>
<dns_cloudns_auth_password/>
<dns_cx_key/>
<dns_cx_secret/>
<dns_cyon_user/>
<dns_cyon_password/>
<dns_da_key/>
<dns_da_insecure>1</dns_da_insecure>
<dns_ddnss_token/>
<dns_dgon_key/>
<dns_dnsexit_auth_user/>
<dns_dnsexit_auth_pass/>
<dns_dnsexit_api/>
<dns_dnshome_password/>
<dns_dnshome_subdomain/>
<dns_dnsimple_token/>
<dns_dnsservices_user/>
<dns_dnsservices_password/>
<dns_doapi_token/>
<dns_do_pid/>
<dns_do_password/>
<dns_domeneshop_token/>
<dns_domeneshop_secret/>
<dns_dp_id/>
<dns_dp_key/>
<dns_dh_key/>
<dns_duckdns_token/>
<dns_dyn_customer/>
<dns_dyn_user/>
<dns_dyn_password/>
<dns_dynu_clientid/>
<dns_dynu_secret/>
<dns_freedns_user/>
<dns_freedns_password/>
<dns_fornex_api_key/>
<dns_gandi_livedns_key/>
<dns_gandi_livedns_token/>
<dns_gcloud_key/>
<dns_googledomains_access_token/>
<dns_googledomains_zone/>
<dns_gd_key/>
<dns_gd_secret/>
<dns_hostingde_server/>
<dns_hostingde_apiKey/>
<dns_he_user/>
<dns_he_password/>
<dns_infoblox_credentials/>
<dns_infoblox_server/>
<dns_inwx_user/>
<dns_inws_password/>
<dns_inwx_password/>
<dns_inwx_shared_secret/>
<dns_ionos_prefix/>
<dns_ionos_secret/>
<dns_ipv64_token/>
<dns_ispconfig_user/>
<dns_ispconfig_password/>
<dns_ispconfig_api/>
<dns_ispconfig_insecure>1</dns_ispconfig_insecure>
<dns_jd_id/>
<dns_jd_region/>
<dns_jd_secret/>
<dns_joker_username/>
<dns_joker_password/>
<dns_kinghost_username/>
<dns_kinghost_password/>
<dns_knot_server/>
<dns_knot_key/>
<dns_lexicon_provider>cloudflare</dns_lexicon_provider>
<dns_lexicon_user/>
<dns_lexicon_token/>
<dns_limacity_apikey/>
<dns_linode_key/>
<dns_linode_v4_key/>
<dns_loopia_api>https://api.loopia.se/RPCSERV</dns_loopia_api>
<dns_loopia_user/>
<dns_loopia_password/>
<dns_lua_email/>
<dns_lua_key/>
<dns_miab_user/>
<dns_miab_password/>
<dns_miab_server/>
<dns_me_key/>
<dns_me_secret/>
<dns_mydnsjp_masterid/>
<dns_mydnsjp_password/>
<dns_mythic_beasts_key/>
<dns_mythic_beasts_secret/>
<dns_namecheap_user/>
<dns_namecheap_api/>
<dns_namecheap_sourceip/>
<dns_namecom_user/>
<dns_namecom_token/>
<dns_namesilo_key/>
<dns_nederhost_key/>
<dns_netcup_cid/>
<dns_netcup_key/>
<dns_netcup_pw/>
<dns_njalla_token/>
<dns_nsone_key/>
<dns_nsupdate_server/>
<dns_nsupdate_zone/>
<dns_nsupdate_key/>
<dns_oci_cli_user/>
<dns_oci_cli_tenancy/>
<dns_oci_cli_region/>
<dns_oci_cli_key/>
<dns_online_key/>
<dns_opnsense_host>localhost</dns_opnsense_host>
<dns_opnsense_port>443</dns_opnsense_port>
<dns_opnsense_key/>
<dns_opnsense_token/>
<dns_opnsense_insecure>0</dns_opnsense_insecure>
<dns_ovh_app_key/>
<dns_ovh_app_secret/>
<dns_ovh_consumer_key/>
<dns_ovh_endpoint/>
<dns_pleskxml_user/>
<dns_pleskxml_pass/>
<dns_pleskxml_uri/>
<dns_pdns_url>http://192.168.10.30:8081</dns_pdns_url>
<dns_pdns_serverid>localhost</dns_pdns_serverid>
<dns_pdns_token>61beccca-d8ea-4e90-817e-8d00e39ca10c</dns_pdns_token>
<dns_porkbun_key/>
<dns_porkbun_secret/>
<dns_sl_key/>
<dns_selfhost_user/>
<dns_selfhost_password/>
<dns_selfhost_map/>
<dns_servercow_username/>
<dns_servercow_password/>
<dns_simply_api_key/>
<dns_simply_account_name/>
<dns_transip_username/>
<dns_transip_key/>
<dns_udr_user/>
<dns_udr_password/>
<dns_uno_key/>
<dns_uno_user/>
<dns_vscale_key/>
<dns_vultr_key/>
<dns_yandex_token/>
<dns_zilore_key/>
<dns_zm_key/>
<dns_gdnsdk_user/>
<dns_gdnsdk_password/>
<dns_acmedns_user/>
<dns_acmedns_password/>
<dns_acmedns_subdomain/>
<dns_acmedns_updateurl/>
<dns_acmedns_baseurl/>
<dns_acmeproxy_endpoint/>
<dns_acmeproxy_username/>
<dns_acmeproxy_password/>
<dns_variomedia_key/>
<dns_schlundtech_user/>
<dns_schlundtech_password/>
<dns_easydns_apitoken/>
<dns_easydns_apikey/>
<dns_euserv_user/>
<dns_euserv_password/>
<dns_leaseweb_key/>
<dns_cn_user/>
<dns_cn_password/>
<dns_arvan_token/>
<dns_artfiles_username/>
<dns_artfiles_password/>
<dns_hetzner_token/>
<dns_hexonet_login/>
<dns_hexonet_password/>
<dns_1984hosting_user/>
<dns_1984hosting_password/>
<dns_kas_login/>
<dns_kas_authdata/>
<dns_kas_authtype>plain</dns_kas_authtype>
<dns_desec_token/>
<dns_desec_name/>
<dns_infomaniak_token/>
<dns_zone_username/>
<dns_zone_key/>
<dns_dynv6_token/>
<dns_cpanel_user/>
<dns_cpanel_token/>
<dns_cpanel_hostname/>
<dns_regru_username/>
<dns_regru_password/>
<dns_nic_username/>
<dns_nic_password/>
<dns_nic_client/>
<dns_nic_secret/>
<dns_world4you_username/>
<dns_world4you_password/>
<dns_aurora_key/>
<dns_aurora_secret/>
<dns_conoha_user/>
<dns_conoha_password/>
<dns_conoha_tenantid/>
<dns_conoha_idapi>https://identity.xxxx.conoha.io/v2.0</dns_conoha_idapi>
<dns_constellix_key/>
<dns_constellix_secret/>
<dns_exoscale_key/>
<dns_exoscale_secret/>
<dns_internetbs_key/>
<dns_internetbs_password/>
<dns_pointhq_key/>
<dns_pointhq_email/>
<dns_rackspace_user/>
<dns_rackspace_key/>
<dns_rage4_token/>
<dns_rage4_user/>
<dns_scaleway_token/>
</validation>
</validations>
<actions>
<action uuid="9fabe4b7-2d20-437d-94f3-c10d74eabcf1">
<id>67a9517633ce87.60895539</id>
<enabled>1</enabled>
<name>Restart UI</name>
<description>Restart Main GUI</description>
<type>configd_restart_gui</type>
<sftp_host/>
<sftp_host_key/>
<sftp_port>22</sftp_port>
<sftp_user/>
<sftp_identity_type/>
<sftp_remote_path/>
<sftp_chgrp/>
<sftp_chmod/>
<sftp_chmod_key/>
<sftp_filename_cert/>
<sftp_filename_key/>
<sftp_filename_ca/>
<sftp_filename_fullchain/>
<remote_ssh_host/>
<remote_ssh_host_key/>
<remote_ssh_port>22</remote_ssh_port>
<remote_ssh_user/>
<remote_ssh_identity_type/>
<remote_ssh_command/>
<configd/>
<configd_generic_command/>
<acme_synology_dsm_hostname/>
<acme_synology_dsm_port>5000</acme_synology_dsm_port>
<acme_synology_dsm_scheme>http</acme_synology_dsm_scheme>
<acme_synology_dsm_username/>
<acme_synology_dsm_password/>
<acme_synology_dsm_create>1</acme_synology_dsm_create>
<acme_synology_dsm_deviceid/>
<acme_synology_dsm_devicename/>
<acme_synology_dsm_otpcode/>
<acme_fritzbox_url/>
<acme_fritzbox_username/>
<acme_fritzbox_password/>
<acme_panos_username/>
<acme_panos_password/>
<acme_panos_host/>
<acme_proxmoxve_user>root</acme_proxmoxve_user>
<acme_proxmoxve_server/>
<acme_proxmoxve_port>8006</acme_proxmoxve_port>
<acme_proxmoxve_nodename/>
<acme_proxmoxve_realm>pam</acme_proxmoxve_realm>
<acme_proxmoxve_tokenid>acme</acme_proxmoxve_tokenid>
<acme_proxmoxve_tokenkey/>
<acme_truenas_apikey/>
<acme_truenas_hostname>localhost</acme_truenas_hostname>
<acme_truenas_scheme>http</acme_truenas_scheme>
<acme_unifi_keystore>/usr/local/share/java/unifi/data/keystore</acme_unifi_keystore>
<acme_vault_url/>
<acme_vault_prefix>acme</acme_vault_prefix>
<acme_vault_token/>
<acme_vault_kvv2>1</acme_vault_kvv2>
</action>
<action uuid="3fff943a-9750-497c-b0c9-e2b2faae6140">
<id>67ab79845c74d1.92930317</id>
<enabled>1</enabled>
<name>Truenas</name>
<description>Truenas Certificate</description>
<type>acme_truenas</type>
<sftp_host/>
<sftp_host_key/>
<sftp_port>22</sftp_port>
<sftp_user/>
<sftp_identity_type/>
<sftp_remote_path/>
<sftp_chgrp/>
<sftp_chmod/>
<sftp_chmod_key/>
<sftp_filename_cert/>
<sftp_filename_key/>
<sftp_filename_ca/>
<sftp_filename_fullchain/>
<remote_ssh_host/>
<remote_ssh_host_key/>
<remote_ssh_port>22</remote_ssh_port>
<remote_ssh_user/>
<remote_ssh_identity_type/>
<remote_ssh_command/>
<configd/>
<configd_generic_command/>
<acme_synology_dsm_hostname/>
<acme_synology_dsm_port>5000</acme_synology_dsm_port>
<acme_synology_dsm_scheme>http</acme_synology_dsm_scheme>
<acme_synology_dsm_username/>
<acme_synology_dsm_password/>
<acme_synology_dsm_create>1</acme_synology_dsm_create>
<acme_synology_dsm_deviceid/>
<acme_synology_dsm_devicename/>
<acme_synology_dsm_otpcode/>
<acme_fritzbox_url/>
<acme_fritzbox_username/>
<acme_fritzbox_password/>
<acme_panos_username/>
<acme_panos_password/>
<acme_panos_host/>
<acme_proxmoxve_user>root</acme_proxmoxve_user>
<acme_proxmoxve_server/>
<acme_proxmoxve_port>8006</acme_proxmoxve_port>
<acme_proxmoxve_nodename/>
<acme_proxmoxve_realm>pam</acme_proxmoxve_realm>
<acme_proxmoxve_tokenid>acme</acme_proxmoxve_tokenid>
<acme_proxmoxve_tokenkey/>
<acme_truenas_apikey>4-iDLtqiAJ9FCcRiAUcP8rQEUZN3C7HMbhn3GNXHvRfyWdtL33j2s5CHNlpdP7Zedg</acme_truenas_apikey>
<acme_truenas_hostname>filesvr.coldsprings.dev</acme_truenas_hostname>
<acme_truenas_scheme>https</acme_truenas_scheme>
<acme_unifi_keystore>/usr/local/share/java/unifi/data/keystore</acme_unifi_keystore>
<acme_vault_url/>
<acme_vault_prefix>acme</acme_vault_prefix>
<acme_vault_token/>
<acme_vault_kvv2>1</acme_vault_kvv2>
</action>
<action uuid="3b37df96-d397-462f-a356-dbb1548d25b0">
<id>67c9c18f4b8be4.95405282</id>
<enabled>1</enabled>
<name>Restart HAProxy</name>
<description>Restart HA Proxy Service</description>
<type>configd_restart_haproxy</type>
<sftp_host/>
<sftp_host_key/>
<sftp_port>22</sftp_port>
<sftp_user/>
<sftp_identity_type/>
<sftp_remote_path/>
<sftp_chgrp/>
<sftp_chmod/>
<sftp_chmod_key/>
<sftp_filename_cert/>
<sftp_filename_key/>
<sftp_filename_ca/>
<sftp_filename_fullchain/>
<remote_ssh_host/>
<remote_ssh_host_key/>
<remote_ssh_port>22</remote_ssh_port>
<remote_ssh_user/>
<remote_ssh_identity_type/>
<remote_ssh_command/>
<configd/>
<configd_generic_command/>
<acme_synology_dsm_hostname/>
<acme_synology_dsm_port>5000</acme_synology_dsm_port>
<acme_synology_dsm_scheme>http</acme_synology_dsm_scheme>
<acme_synology_dsm_username/>
<acme_synology_dsm_password/>
<acme_synology_dsm_create>1</acme_synology_dsm_create>
<acme_synology_dsm_deviceid/>
<acme_synology_dsm_devicename/>
<acme_synology_dsm_otpcode/>
<acme_fritzbox_url/>
<acme_fritzbox_username/>
<acme_fritzbox_password/>
<acme_panos_username/>
<acme_panos_password/>
<acme_panos_host/>
<acme_proxmoxve_user>root</acme_proxmoxve_user>
<acme_proxmoxve_server/>
<acme_proxmoxve_port>8006</acme_proxmoxve_port>
<acme_proxmoxve_nodename/>
<acme_proxmoxve_realm>pam</acme_proxmoxve_realm>
<acme_proxmoxve_tokenid>acme</acme_proxmoxve_tokenid>
<acme_proxmoxve_tokenkey/>
<acme_truenas_apikey/>
<acme_truenas_hostname>localhost</acme_truenas_hostname>
<acme_truenas_scheme>http</acme_truenas_scheme>
<acme_unifi_keystore>/usr/local/share/java/unifi/data/keystore</acme_unifi_keystore>
<acme_vault_url/>
<acme_vault_prefix>acme</acme_vault_prefix>
<acme_vault_token/>
<acme_vault_kvv2>1</acme_vault_kvv2>
</action>
</actions>
</AcmeClient>
<HAProxy version="4.1.0">
<general>
<enabled>0</enabled>
<gracefulStop>0</gracefulStop>
<hardStopAfter>60s</hardStopAfter>
<closeSpreadTime/>
<seamlessReload>0</seamlessReload>
<storeOcsp>0</storeOcsp>
<showIntro>1</showIntro>
<peers>
<enabled>0</enabled>
<name1/>
<listen1/>
<port1>1024</port1>
<name2/>
<listen2/>
<port2>1024</port2>
</peers>
<tuning>
<root>0</root>
<maxConnections>10000</maxConnections>
<nbthread>2</nbthread>
<resolversPrefer>ipv4</resolversPrefer>
<sslServerVerify>ignore</sslServerVerify>
<maxDHSize>4096</maxDHSize>
<bufferSize>16384</bufferSize>
<spreadChecks>2</spreadChecks>
<bogusProxyEnabled>0</bogusProxyEnabled>
<luaMaxMem>0</luaMaxMem>
<customOptions/>
<ocspUpdateEnabled>1</ocspUpdateEnabled>
<ocspUpdateMinDelay>300</ocspUpdateMinDelay>
<ocspUpdateMaxDelay>3600</ocspUpdateMaxDelay>
<ssl_defaultsEnabled>0</ssl_defaultsEnabled>
<ssl_bindOptions>prefer-client-ciphers</ssl_bindOptions>
<ssl_minVersion>TLSv1.2</ssl_minVersion>
<ssl_maxVersion/>
<ssl_cipherList>ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256</ssl_cipherList>
<ssl_cipherSuites>TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256</ssl_cipherSuites>
<h2_initialWindowSize/>
<h2_initialWindowSizeOutgoing/>
<h2_initialWindowSizeIncoming/>
<h2_maxConcurrentStreams/>
<h2_maxConcurrentStreamsOutgoing/>
<h2_maxConcurrentStreamsIncoming/>
</tuning>
<defaults>
<maxConnections>5000</maxConnections>
<maxConnectionsServers/>
<timeoutClient>30s</timeoutClient>
<timeoutConnect>30s</timeoutConnect>
<timeoutCheck/>
<timeoutServer>30s</timeoutServer>
<retries>3</retries>
<redispatch>x-1</redispatch>
<init_addr>last,libc</init_addr>
<customOptions/>
</defaults>
<logging>
<host>127.0.0.1</host>
<facility>local0</facility>
<level>info</level>
<length/>
</logging>
<stats>
<enabled>0</enabled>
<port>8822</port>
<remoteEnabled>0</remoteEnabled>
<remoteBind/>
<authEnabled>0</authEnabled>
<users/>
<allowedUsers/>
<allowedGroups/>
<customOptions/>
<prometheus_enabled>0</prometheus_enabled>
<prometheus_bind>*:8404</prometheus_bind>
<prometheus_path>/metrics</prometheus_path>
</stats>
<cache>
<enabled>0</enabled>
<totalMaxSize>4</totalMaxSize>
<maxAge>60</maxAge>
<maxObjectSize/>
<processVary>0</processVary>
<maxSecondaryEntries>10</maxSecondaryEntries>
</cache>
</general>
<frontends/>
<backends/>
<servers/>
<healthchecks/>
<acls/>
<actions/>
<luas/>
<fcgis/>
<errorfiles/>
<mapfiles/>
<groups/>
<users/>
<cpus/>
<resolvers/>
<mailers/>
<maintenance>
<cronjobs>
<syncCerts>0</syncCerts>
<syncCertsCron/>
<updateOcsp>0</updateOcsp>
<updateOcspCron/>
<reloadService>0</reloadService>
<reloadServiceCron/>
<restartService>0</restartService>
<restartServiceCron/>
</cronjobs>
</maintenance>
</HAProxy>
<NodeExporter version="0.2.0">
<enabled>0</enabled>
<listenaddress>0.0.0.0</listenaddress>
<listenport>9100</listenport>
<cpu>1</cpu>
<exec>1</exec>
<filesystem>1</filesystem>
<loadavg>1</loadavg>
<meminfo>1</meminfo>
<netdev>1</netdev>
<time>1</time>
<devstat>1</devstat>
<interrupts>0</interrupts>
<ntp>1</ntp>
<zfs>1</zfs>
</NodeExporter>
<quagga>
<static version="1.0.0">
<enabled>0</enabled>
<routes/>
</static>
<ospf6 version="1.1.0">
<enabled>0</enabled>
<carp_demote>0</carp_demote>
<routerid/>
<originate>0</originate>
<originatealways>0</originatealways>
<originatemetric/>
<networks/>
<interfaces/>
<prefixlists/>
<routemaps/>
<redistributions>
<redistribution uuid="1dfff28b-591c-4787-8d77-9ddd78ae7432">
<enabled>1</enabled>
<description>Migrated route redistribution (bgp)</description>
<redistribute>connected</redistribute>
<linkedRoutemap/>
</redistribution>
</redistributions>
</ospf6>
<bfd version="1.0.1">
<enabled>0</enabled>
<neighbors>
<neighbor uuid="9f32ca12-25cb-4a39-9223-4aea4a145e71">
<enabled>1</enabled>
<description>Metallb</description>
<address>192.168.10.240</address>
<multihop>0</multihop>
</neighbor>
</neighbors>
</bfd>
<ospf version="1.1.0">
<enabled>0</enabled>
<carp_demote>0</carp_demote>
<routerid/>
<costreference/>
<logadjacencychanges>0</logadjacencychanges>
<originate>0</originate>
<originatealways>0</originatealways>
<originatemetric/>
<passiveinterfaces/>
<networks/>
<interfaces/>
<prefixlists/>
<routemaps/>
<redistributions>
<redistribution uuid="383c4e5d-1b92-4add-8b59-2a330ce67070">
<enabled>1</enabled>
<description>Migrated route redistribution (bgp)</description>
<redistribute>connected</redistribute>
<linkedRoutemap/>
</redistribution>
</redistributions>
</ospf>
<bgp version="1.1.0">
<enabled>0</enabled>
<asnumber>64512</asnumber>
<distance/>
<routerid/>
<graceful>0</graceful>
<networkimportcheck>1</networkimportcheck>
<logneighborchanges>1</logneighborchanges>
<networks>192.168.10.0/24</networks>
<neighbors>
<neighbor uuid="39e3f98d-4d5e-49db-9508-99f259c06750">
<enabled>1</enabled>
<description>MetalLB</description>
<address>192.168.10.230</address>
<remote_as_mode/>
<remoteas>64513</remoteas>
<password/>
<weight/>
<localip/>
<updatesource>opt3</updatesource>
<linklocalinterface/>
<nexthopself>1</nexthopself>
<nexthopselfall>0</nexthopselfall>
<multihop>0</multihop>
<multiprotocol>0</multiprotocol>
<rrclient>0</rrclient>
<soft_reconfiguration_inbound>0</soft_reconfiguration_inbound>
<bfd>1</bfd>
<keepalive/>
<holddown/>
<connecttimer/>
<defaultoriginate>0</defaultoriginate>
<asoverride>0</asoverride>
<allowas_in/>
<disable_connected_check>0</disable_connected_check>
<attributeunchanged/>
<linkedPrefixlistIn/>
<linkedPrefixlistOut/>
<linkedRoutemapIn/>
<linkedRoutemapOut/>
<peergroup/>
</neighbor>
<neighbor uuid="d0cac187-a863-4e1e-9592-aa0ff9ed0583">
<enabled>1</enabled>
<description>k8s-Control-01</description>
<address>192.168.10.241</address>
<remote_as_mode/>
<remoteas>64513</remoteas>
<password/>
<weight/>
<localip/>
<updatesource>opt3</updatesource>
<linklocalinterface/>
<nexthopself>1</nexthopself>
<nexthopselfall>0</nexthopselfall>
<multihop>0</multihop>
<multiprotocol>0</multiprotocol>
<rrclient>0</rrclient>
<soft_reconfiguration_inbound>0</soft_reconfiguration_inbound>
<bfd>1</bfd>
<keepalive/>
<holddown/>
<connecttimer/>
<defaultoriginate>0</defaultoriginate>
<asoverride>0</asoverride>
<allowas_in/>
<disable_connected_check>0</disable_connected_check>
<attributeunchanged/>
<linkedPrefixlistIn/>
<linkedPrefixlistOut/>
<linkedRoutemapIn/>
<linkedRoutemapOut/>
<peergroup/>
</neighbor>
<neighbor uuid="d667cf42-cfa9-443a-86ce-d2716e012c1a">
<enabled>1</enabled>
<description>k8s-Control-02</description>
<address>192.168.10.242</address>
<remote_as_mode/>
<remoteas>64513</remoteas>
<password/>
<weight/>
<localip/>
<updatesource>opt3</updatesource>
<linklocalinterface/>
<nexthopself>1</nexthopself>
<nexthopselfall>0</nexthopselfall>
<multihop>0</multihop>
<multiprotocol>0</multiprotocol>
<rrclient>0</rrclient>
<soft_reconfiguration_inbound>0</soft_reconfiguration_inbound>
<bfd>1</bfd>
<keepalive/>
<holddown/>
<connecttimer/>
<defaultoriginate>0</defaultoriginate>
<asoverride>0</asoverride>
<allowas_in/>
<disable_connected_check>0</disable_connected_check>
<attributeunchanged/>
<linkedPrefixlistIn/>
<linkedPrefixlistOut/>
<linkedRoutemapIn/>
<linkedRoutemapOut/>
<peergroup/>
</neighbor>
<neighbor uuid="baa972a0-be6c-4eca-981f-aac190f887d8">
<enabled>1</enabled>
<description>k8s-Control-03</description>
<address>192.168.10.243</address>
<remote_as_mode/>
<remoteas>64513</remoteas>
<password/>
<weight/>
<localip/>
<updatesource>opt3</updatesource>
<linklocalinterface/>
<nexthopself>1</nexthopself>
<nexthopselfall>0</nexthopselfall>
<multihop>0</multihop>
<multiprotocol>0</multiprotocol>
<rrclient>0</rrclient>
<soft_reconfiguration_inbound>0</soft_reconfiguration_inbound>
<bfd>1</bfd>
<keepalive/>
<holddown/>
<connecttimer/>
<defaultoriginate>0</defaultoriginate>
<asoverride>0</asoverride>
<allowas_in/>
<disable_connected_check>0</disable_connected_check>
<attributeunchanged/>
<linkedPrefixlistIn/>
<linkedPrefixlistOut/>
<linkedRoutemapIn/>
<linkedRoutemapOut/>
<peergroup/>
</neighbor>
<neighbor uuid="6d9c465a-3146-48b6-955b-a834c703353b">
<enabled>1</enabled>
<description>k8s-Worker-01</description>
<address>192.168.10.244</address>
<remote_as_mode/>
<remoteas>64513</remoteas>
<password/>
<weight/>
<localip/>
<updatesource>opt3</updatesource>
<linklocalinterface/>
<nexthopself>1</nexthopself>
<nexthopselfall>0</nexthopselfall>
<multihop>0</multihop>
<multiprotocol>0</multiprotocol>
<rrclient>0</rrclient>
<soft_reconfiguration_inbound>0</soft_reconfiguration_inbound>
<bfd>1</bfd>
<keepalive/>
<holddown/>
<connecttimer/>
<defaultoriginate>0</defaultoriginate>
<asoverride>0</asoverride>
<allowas_in/>
<disable_connected_check>0</disable_connected_check>
<attributeunchanged/>
<linkedPrefixlistIn/>
<linkedPrefixlistOut/>
<linkedRoutemapIn/>
<linkedRoutemapOut/>
<peergroup/>
</neighbor>
<neighbor uuid="ad61d5ef-b831-4d98-82aa-7b7ad64d50e0">
<enabled>1</enabled>
<description>k8s-Worker-02</description>
<address>192.168.10.245</address>
<remote_as_mode/>
<remoteas>64513</remoteas>
<password/>
<weight/>
<localip/>
<updatesource>opt3</updatesource>
<linklocalinterface/>
<nexthopself>1</nexthopself>
<nexthopselfall>0</nexthopselfall>
<multihop>0</multihop>
<multiprotocol>0</multiprotocol>
<rrclient>0</rrclient>
<soft_reconfiguration_inbound>0</soft_reconfiguration_inbound>
<bfd>1</bfd>
<keepalive/>
<holddown/>
<connecttimer/>
<defaultoriginate>0</defaultoriginate>
<asoverride>0</asoverride>
<allowas_in/>
<disable_connected_check>0</disable_connected_check>
<attributeunchanged/>
<linkedPrefixlistIn/>
<linkedPrefixlistOut/>
<linkedRoutemapIn/>
<linkedRoutemapOut/>
<peergroup/>
</neighbor>
<neighbor uuid="5020f6f4-44f5-4dfc-927d-593aa4405911">
<enabled>1</enabled>
<description>k8s-Worker-03</description>
<address>192.168.10.246</address>
<remote_as_mode/>
<remoteas>64513</remoteas>
<password/>
<weight/>
<localip/>
<updatesource>opt3</updatesource>
<linklocalinterface/>
<nexthopself>1</nexthopself>
<nexthopselfall>0</nexthopselfall>
<multihop>0</multihop>
<multiprotocol>0</multiprotocol>
<rrclient>0</rrclient>
<soft_reconfiguration_inbound>0</soft_reconfiguration_inbound>
<bfd>1</bfd>
<keepalive/>
<holddown/>
<connecttimer/>
<defaultoriginate>0</defaultoriginate>
<asoverride>0</asoverride>
<allowas_in/>
<disable_connected_check>0</disable_connected_check>
<attributeunchanged/>
<linkedPrefixlistIn/>
<linkedPrefixlistOut/>
<linkedRoutemapIn/>
<linkedRoutemapOut/>
<peergroup/>
</neighbor>
</neighbors>
<aspaths/>
<prefixlists/>
<communitylists/>
<routemaps/>
<peergroups/>
<redistributions>
<redistribution uuid="7ad51b9f-742e-490e-a850-c547ff070cee">
<enabled>1</enabled>
<description>Migrated route redistribution (bgp)</description>
<redistribute>connected</redistribute>
<linkedRoutemap/>
</redistribution>
</redistributions>
</bgp>
<rip version="1.0.3">
<enabled>0</enabled>
<version>2</version>
<networks/>
<passiveinterfaces/>
<redistribute/>
<defaultmetric/>
</rip>
<general version="1.0.3">
<enabled>1</enabled>
<profile>traditional</profile>
<enablecarp>0</enablecarp>
<enablesyslog>1</enablesyslog>
<enablesnmp>0</enablesnmp>
<sysloglevel>notifications</sysloglevel>
<fwrules>1</fwrules>
</general>
</quagga>
<dnscryptproxy>
<server version="1.0.0">
<servers/>
</server>
<dnsbl version="1.0.0">
<enabled>1</enabled>
<type>ag</type>
</dnsbl>
<whitelist version="0.1.0">
<whitelists/>
</whitelist>
<forward version="0.1.0">
<forwards>
<forward uuid="6e0fd2b3-b156-494c-ba1e-f878d14d87cc">
<enabled>1</enabled>
<domain>coldsprings.dev</domain>
<dnsserver>192.168.10.11</dnsserver>
</forward>
</forwards>
</forward>
<cloak version="0.1.0">
<cloaks/>
</cloak>
<general version="0.1.2">
<enabled>0</enabled>
<listen_addresses>0.0.0.0:5353</listen_addresses>
<allowprivileged>1</allowprivileged>
<max_clients>250</max_clients>
<ipv4_servers>1</ipv4_servers>
<ipv6_servers>0</ipv6_servers>
<dnscrypt_servers>1</dnscrypt_servers>
<doh_servers>1</doh_servers>
<require_dnssec>0</require_dnssec>
<require_nolog>1</require_nolog>
<require_nofilter>0</require_nofilter>
<force_tcp>0</force_tcp>
<proxy/>
<timeout>2500</timeout>
<keepalive>30</keepalive>
<cert_refresh_delay>240</cert_refresh_delay>
<dnscrypt_ephemeral_keys>0</dnscrypt_ephemeral_keys>
<tls_disable_session_tickets>0</tls_disable_session_tickets>
<fallback_resolver>1.1.1.1:53</fallback_resolver>
<block_ipv6>0</block_ipv6>
<cache>1</cache>
<cache_size>512</cache_size>
<cache_min_ttl>600</cache_min_ttl>
<cache_max_ttl>86400</cache_max_ttl>
<cache_neg_min_ttl>60</cache_neg_min_ttl>
<cache_neg_max_ttl>600</cache_neg_max_ttl>
<serverlist/>
<query_logs>1</query_logs>
<disabled_serverlist/>
<relaylist/>
</general>
</dnscryptproxy>
<freeradius>
<eap version="1.9.17">
<default_eap_type>peap</default_eap_type>
<elliptic_curve>secp384r1</elliptic_curve>
<enable_client_cert>0</enable_client_cert>
<ca/>
<certificate>67a9532677f13</certificate>
<crl/>
<check_tls_names>0</check_tls_names>
<tls_min_version>1.2</tls_min_version>
</eap>
<lease version="1.0.0">
<leases/>
</lease>
<general version="1.0.2">
<enabled>0</enabled>
<vlanassign>0</vlanassign>
<fallbackvlan_enabled>0</fallbackvlan_enabled>
<fallbackvlan_id/>
<ldap_enabled>0</ldap_enabled>
<exos>0</exos>
<wispr>0</wispr>
<chillispot>0</chillispot>
<mikrotik>0</mikrotik>
<sqlite>0</sqlite>
<sessionlimit>0</sessionlimit>
<log_destination>files</log_destination>
<log_authentication_request>0</log_authentication_request>
<log_authbadpass>0</log_authbadpass>
<log_authgoodpass>0</log_authgoodpass>
<dhcpenabled>0</dhcpenabled>
<dhcplistenip/>
<mysql>0</mysql>
<mysqlserver>127.0.0.1</mysqlserver>
<mysqlport>3306</mysqlport>
<mysqluser>radius</mysqluser>
<mysqlpassword>radpass</mysqlpassword>
<mysqldb>radius</mysqldb>
<fallbackproxy>0</fallbackproxy>
</general>
<avpair version="1.0.0">
<avpairs/>
</avpair>
<user version="1.0.4">
<users/>
</user>
<ldap version="1.0.1">
<innertunnel>0</innertunnel>
<protocol>LDAPS</protocol>
<server/>
<serverport/>
<ldapcert/>
<ldapstarttls>0</ldapstarttls>
<identity/>
<password/>
<base_dn>dc=example,dc=domain,dc=com</base_dn>
<user_filter>(uid=%{%{Stripped-User-Name}:-%{User-Name}})</user_filter>
<group_filter>(objectClass=posixGroup)</group_filter>
</ldap>
<client version="1.0.3">
<clients/>
</client>
<proxy version="0.1">
<homeservers/>
<homeserverpools/>
<realms/>
</proxy>
<dhcp version="1.0.0">
<dhcps/>
</dhcp>
</freeradius>
</OPNsense>
<laggs version="1.0.0">
<lagg/>
</laggs>
<vlans version="1.0.0">
<vlan uuid="5df414f1-8a63-4572-b475-0b2ba04591c0">
<if>vtnet1</if>
<tag>10</tag>
<pcp>0</pcp>
<proto/>
<descr>Servers</descr>
<vlanif>vlan00</vlanif>
</vlan>
<vlan uuid="4798668b-0582-41b5-8410-52311e5256c6">
<if>vtnet1</if>
<tag>3</tag>
<pcp>4</pcp>
<proto/>
<descr>Cameras</descr>
<vlanif>vlan01</vlanif>
</vlan>
<vlan uuid="53fb1662-1fe6-4fa5-9b0d-3f3510e88310">
<if>vtnet1</if>
<tag>2</tag>
<pcp>5</pcp>
<proto/>
<descr>Phones</descr>
<vlanif>vlan02</vlanif>
</vlan>
<vlan uuid="fe75aea5-4ca6-4c80-972b-054834c5fc04">
<if>vtnet1</if>
<tag>70</tag>
<pcp>0</pcp>
<proto/>
<descr>Christmas</descr>
<vlanif>vlan03</vlanif>
</vlan>
<vlan uuid="154b5269-e714-41a1-b4e3-16527c1754de">
<if>vtnet1</if>
<tag>30</tag>
<pcp>0</pcp>
<proto/>
<descr>Guest</descr>
<vlanif>vlan04</vlanif>
</vlan>
<vlan uuid="cd2c3f29-87aa-44ed-a72f-f6c5b39baefa">
<if>vtnet1</if>
<tag>40</tag>
<pcp>0</pcp>
<proto/>
<descr>IoT</descr>
<vlanif>vlan05</vlanif>
</vlan>
<vlan uuid="64695484-3c74-4810-96e8-8cf09812e63e">
<if>vtnet1</if>
<tag>146</tag>
<pcp>0</pcp>
<proto/>
<descr>Kubernetes Cluster</descr>
<vlanif>vlan06</vlanif>
</vlan>
</vlans>
<virtualip version="1.0.1">
<vip uuid="5f77c9d8-c669-4af0-8761-442a4b27f0cd">
<interface>wan</interface>
<mode>ipalias</mode>
<subnet>71.83.99.148</subnet>
<subnet_bits>29</subnet_bits>
<gateway/>
<noexpand>0</noexpand>
<nobind>0</nobind>
<password/>
<vhid/>
<advbase>1</advbase>
<advskew>0</advskew>
<peer/>
<peer6/>
<nosync>0</nosync>
<descr>71-83-99-148-Spectrum</descr>
</vip>
<vip uuid="1e1cda63-ec83-4b23-bf54-18a0eff888f8">
<interface>wan</interface>
<mode>ipalias</mode>
<subnet>71.83.99.149</subnet>
<subnet_bits>29</subnet_bits>
<gateway/>
<noexpand>0</noexpand>
<nobind>0</nobind>
<password/>
<vhid/>
<advbase>1</advbase>
<advskew>0</advskew>
<peer/>
<peer6/>
<nosync>0</nosync>
<descr>71-83-99-149-Spectrum</descr>
</vip>
<vip uuid="a0a39581-397a-4494-aff3-2882304c5701">
<interface>wan</interface>
<mode>ipalias</mode>
<subnet>71.83.99.146</subnet>
<subnet_bits>29</subnet_bits>
<gateway/>
<noexpand>0</noexpand>
<nobind>0</nobind>
<password/>
<vhid/>
<advbase>1</advbase>
<advskew>0</advskew>
<peer/>
<peer6/>
<nosync>0</nosync>
<descr>71-83-99-146-Spectrum</descr>
</vip>
<vip uuid="6f88d31b-e69d-4b03-9ffa-82cb81d28a30">
<interface>wan</interface>
<mode>ipalias</mode>
<subnet>71.83.99.147</subnet>
<subnet_bits>29</subnet_bits>
<gateway/>
<noexpand>0</noexpand>
<nobind>0</nobind>
<password/>
<vhid/>
<advbase>1</advbase>
<advskew>0</advskew>
<peer/>
<peer6/>
<nosync>0</nosync>
<descr>71-83-99-147-Spectrum</descr>
</vip>
<vip uuid="dc0dd7ff-be96-4c74-a016-0df76518574c">
<interface>lo0</interface>
<mode>ipalias</mode>
<subnet>127.4.4.3</subnet>
<subnet_bits>32</subnet_bits>
<gateway/>
<noexpand>0</noexpand>
<nobind>0</nobind>
<password/>
<vhid/>
<advbase>1</advbase>
<advskew>0</advskew>
<peer/>
<peer6/>
<nosync>0</nosync>
<descr>HAProxy SSL Server</descr>
</vip>
</virtualip>
<gres version="1.0.0">
<gre/>
</gres>
<gifs version="1.0.0">
<gif uuid="9f189983-8c6c-45d5-83a0-352af5df05ac">
<if>wan</if>
<ipaddr/>
<gifif>gif0</gifif>
<remote-addr>72.52.104.74</remote-addr>
<tunnel-local-addr>2001:470:1f04:a::2</tunnel-local-addr>
<tunnel-remote-addr>2001:470:1f04:a::1</tunnel-remote-addr>
<tunnel-remote-net>64</tunnel-remote-net>
<descr>Tunnel Broker</descr>
<link1>0</link1>
<link2>0</link2>
</gif>
</gifs>
<ifgroups version="1.0.0">
<ifgroupentry uuid="93525651-aacc-46f5-8e16-ba2131208c56">
<ifname>Trust</ifname>
<members>lan,opt3</members>
<nogroup>0</nogroup>
<sequence>0</sequence>
<descr>Zone for Trusted Networks</descr>
</ifgroupentry>
<ifgroupentry uuid="998a77ca-250d-4dd6-b056-f65848587dda">
<ifname>Untrust</ifname>
<members>wan,opt4</members>
<nogroup>0</nogroup>
<sequence>0</sequence>
<descr>Zone for Untrusted Networks</descr>
</ifgroupentry>
</ifgroups>
<staticroutes version="1.0.0">
<route/>
</staticroutes>
<openvpn/>
<hasync version="1.0.2">
<disablepreempt>0</disablepreempt>
<disconnectppps>0</disconnectppps>
<pfsyncinterface/>
<pfsyncpeerip/>
<pfsyncversion>1400</pfsyncversion>
<synchronizetoip/>
<verifypeer>0</verifypeer>
<username/>
<password/>
<syncitems/>
</hasync>
<bridges version="1.0.0"/>
<ppps>
<ppp/>
</ppps>
<wireless>
<clone/>
</wireless>
<ca uuid="bb4b1968-93d5-415a-8434-7e870f885b5b">
<refid>67a9532676509</refid>
<descr>E6 (ACME Client)</descr>
<crt>Ci0tLS0tQkVHSU4gQ0VSVElGSUNBVEUtLS0tLQpNSUlFVnpDQ0FqK2dBd0lCQWdJUkFMQlhQcEZ6bHlkdzI3U0h5enBGS3pnd0RRWUpLb1pJaHZjTkFRRUxCUUF3ClR6RUxNQWtHQTFVRUJoTUNWVk14S1RBbkJnTlZCQW9USUVsdWRHVnlibVYwSUZObFkzVnlhWFI1SUZKbGMyVmgKY21Ob0lFZHliM1Z3TVJVd0V3WURWUVFERXd4SlUxSkhJRkp2YjNRZ1dERXdIaGNOTWpRd016RXpNREF3TURBdwpXaGNOTWpjd016RXlNak0xT1RVNVdqQXlNUXN3Q1FZRFZRUUdFd0pWVXpFV01CUUdBMVVFQ2hNTlRHVjBKM01nClJXNWpjbmx3ZERFTE1Ba0dBMVVFQXhNQ1JUWXdkakFRQmdjcWhrak9QUUlCQmdVcmdRUUFJZ05pQUFUWjhaNUcKaC9naGNXQ29KdXVqK3JucTJoMjVFcWZVSnRsUkZMRmhmSFdXdnlJTE9SL1Z2dEVLUnFvdFBFb0poQzYrUUpWVgo2UmxBTjJaMTdUSk9kd1JKK0hCN3d4am56dmR4RVA2c2ROZ0ExTzF0SEhNV014Q2NPckxxYkdMMHZiaWpnZmd3CmdmVXdEZ1lEVlIwUEFRSC9CQVFEQWdHR01CMEdBMVVkSlFRV01CUUdDQ3NHQVFVRkJ3TUNCZ2dyQmdFRkJRY0QKQVRBU0JnTlZIUk1CQWY4RUNEQUdBUUgvQWdFQU1CMEdBMVVkRGdRV0JCU1RKMGFZQTZsUmFJNlkxc1JDU05zagp2MWlVMGpBZkJnTlZIU01FR0RBV2dCUjV0Rm5tZTdibDVBRnpnQWlJeUJwWTl1bWJiakF5QmdnckJnRUZCUWNCCkFRUW1NQ1F3SWdZSUt3WUJCUVVITUFLR0ZtaDBkSEE2THk5NE1TNXBMbXhsYm1OeUxtOXlaeTh3RXdZRFZSMGcKQkF3d0NqQUlCZ1puZ1F3QkFnRXdKd1lEVlIwZkJDQXdIakFjb0JxZ0dJWVdhSFIwY0RvdkwzZ3hMbU11YkdWdQpZM0l1YjNKbkx6QU5CZ2txaGtpRzl3MEJBUXNGQUFPQ0FnRUFmWXQ3U2lBMXNnV0dDSXB1bms0NnI0QUV4SVJjCk14a0tnVWhObHJydjFCMjFoT2FYTi81bWlFK0xPVGJyY21VL005eXZDNk1WWTczMEdORm9MOEloSjhqOHZyT0wKcE1ZMjJPUDZiYVMxazlZTXJ0RFRsd0pIb0dieTA0VGhUVWVCRGtzUzlSaXVIdmljWnFCZWRRZElGNjVwWnVocAplRGNHQmNMaVlhc1FyL0VPNWd4eHRMeVRtZ3NIU09WU0JjRk9uOWxndjdMRUNQcTlpN21mSDNtcHhnclJLU3hICnBPb1owS1hNY0IraEh1dmxrbEhudHZjSTBtTU1RMG1oWWo2cXRNRlN0a0YxUnBDRzNJUGRJd3BWQ1FxdThHVjcKczh1YmtuUnpzKzNDL0JtMTlSRk9vaVBwRGt3dnlOZnZtUTE0WGt5cXFLSzVvWjh6aEQzMmtGUlFreGE4dVpTdQpoNGFUSW1GeGtudTM5d2FCeElSWEU0akt4bEFtUWM0UWpGWm9xMUttUXFRZzBKLzFKRjhSbEZ2SmFzMVZjakx2CllsdlVCMnQ2bnBPNm9RakIzbCtQTmYwRHBRSDdpVXgzV3o1QWpRQ2k2TDI1Rmp5RTA2cTZCWi9RbG10WWRsLzgKWllhbzRTUnFQRXMvNmNBaUYrUWY1emcyVWthV3REcGhsMUxLTXVUTkxvdHZzWDk5SFA2OVYyZmFOeWVnb2RRMApMeVRBcHIvdlQwMVlQRTQ2dk5zRExnSys0Y0w2VHJ6Qy9hNFdjbUY1U1JKOTM4enJ2L2R1SkhMWFFJa3U1djArCkV3T3k1OUhkbTBQVC9Fci84NGREVjBDU2pkUi8yWHVaTTNrcHlzU0tMZ0QxY0tpREErSVJndU9EQ3hmTzljeVkKSWc0NnY5bUZtQnZ5SDA0PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==</crt>
<prv/>
<serial/>
<caref/>
</ca>
<ca uuid="c7c02955-e5f0-4b42-94ad-29a8c18c4249">
<refid>67a9feb38e684</refid>
<descr>Dynaip Root CA</descr>
<crt>LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUhNekNDQlJ1Z0F3SUJBZ0lCQVRBTkJna3Foa2lHOXcwQkFRc0ZBRENCbERFTE1Ba0dBMVVFQmhNQ1ZWTXgKRHpBTkJnTlZCQWdUQms1bGRtRmtZVEVQTUEwR0ExVUVDaE1HUkhsdVlXbHdNUjR3SEFZRFZRUUxFeFZEWlhKMAphV1pwWTJGMFpTQkJkWFJvYjNKcGRIa3hKVEFqQmdOVkJBTVRIRVI1Ym1GcGNDQkRaWEowYVdacFkyRjBaU0JCCmRYUm9iM0pwZEhreEhEQWFCZ2txaGtpRzl3MEJDUUVXRFdOaFFHUjVibUZwY0M1amIyMHdIaGNOTVRVd09USXkKTVRjd05UQXdXaGNOTXpVd09USXlNVGN3TlRBd1dqQ0JsREVMTUFrR0ExVUVCaE1DVlZNeER6QU5CZ05WQkFnVApCazVsZG1Ga1lURVBNQTBHQTFVRUNoTUdSSGx1WVdsd01SNHdIQVlEVlFRTEV4VkRaWEowYVdacFkyRjBaU0JCCmRYUm9iM0pwZEhreEpUQWpCZ05WQkFNVEhFUjVibUZwY0NCRFpYSjBhV1pwWTJGMFpTQkJkWFJvYjNKcGRIa3gKSERBYUJna3Foa2lHOXcwQkNRRVdEV05oUUdSNWJtRnBjQzVqYjIwd2dnSWlNQTBHQ1NxR1NJYjNEUUVCQVFVQQpBNElDRHdBd2dnSUtBb0lDQVFEUjVOSXpmNjcvMXRMNElJZjlMbUZDcE93ajZkOVpxWi9pQjZKNTJEWUdUZkV0CmQzVjBSL2VYT0FFbWJQRXFvMmZjaUUrZWtoUnJFdllycFNrbzRuTCtDK2IzZFFoU3h5bGxKQmIwbVZqUVVRMngKTTMwS0RpRUJ2MnZHd25WdWxYNUxpZHFqSGswNnJOdVlCV29yaEVZcGdLbGNjN3JNUG50bjFzaEg3LzZvUVFkbwp6ZFM3cGdCeFZrYUpiVEh4UkV3bHg2bjdvWFUwSUFDSzJqZE5kRzZsT2pYRkxQYnlpdkFjT1Y0RkFXalo1QUMrClIxRzZYVTJZS0dLSnlhOUNIMng4R20rNXBtQSswRkYxZUJiNGYvMGNlcUpaZ01PdzlmOTZjU2JsZUt5Y3crV0oKcUQxbGx0Sk15VUhGdVdoL2w3M2VWOVlaazdxT0lsTVlUUUFHRkd6dDVSS3NMK3ZDbXNsWk1ldnBPWU1oREdNTgo1NXUxUGpVRzRGVVpXRVd5QkRjRXIyanMxQ01GOS8xK1NCcFNrTWtsTDFmZWd1QnRDUVNQVittNk9yRWx4Y1lIClc1bUN1WjgyWjdBVkd0TUxqRjBOcFVQRzhUR1FiMnlKcDQ3Y2tUbFoyQzdLVVpBYit4QldiQmRMcFBvNUNleFoKa3hUYXg0Q0lxYTYxWFhjSUllOTdpMmEvOW4xZWM3dEw2aTJUT254LzdyaHQyVTBJdzBELzBBNy9wWG1TUU1iTQovZ3BSY1NocDF6djhSY1RyYStGb2p0MVN6QnQ1dVdUUjNITlNKRHhKKzZTd2ZtTEl2UFBSTkJvS05QdlRiME4zCkNjVlVpbmtMVEtMRmtsbmVGSUV5aVJ1NkxsdjlPM1I4UExVN1U3TlZST2hxNUliNHhuTUFEZyt6YTRiaWhRSUQKQVFBQm80SUJqRENDQVlnd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZEJnTlZIUTRFRmdRVTZnZzRlSTVjMUZ2TgpRSXZ5TTBuR29NVHZMUEl3Z2NFR0ExVWRJd1NCdVRDQnRvQVU2Z2c0ZUk1YzFGdk5RSXZ5TTBuR29NVHZMUEtoCmdacWtnWmN3Z1pReEN6QUpCZ05WQkFZVEFsVlRNUTh3RFFZRFZRUUlFd1pPWlhaaFpHRXhEekFOQmdOVkJBb1QKQmtSNWJtRnBjREVlTUJ3R0ExVUVDeE1WUTJWeWRHbG1hV05oZEdVZ1FYVjBhRzl5YVhSNU1TVXdJd1lEVlFRRApFeHhFZVc1aGFYQWdRMlZ5ZEdsbWFXTmhkR1VnUVhWMGFHOXlhWFI1TVJ3d0dnWUpLb1pJaHZjTkFRa0JGZzFqCllVQmtlVzVoYVhBdVkyOXRnZ0VCTUFzR0ExVWREd1FFQXdJQmhqQXhCZ05WSFI4RUtqQW9NQ2FnSktBaWhpQm8KZEhSd09pOHZkM2QzTG1SNWJtRnBjQzVqYjIwdlEwRlNiMjkwTG1OeWJEQXZCZ2xnaGtnQmh2aENBUVFFSWhZZwphSFIwY0RvdkwzZDNkeTVrZVc1aGFYQXVZMjl0TDBOQlVtOXZkQzVqY213d0lRWUpZSVpJQVliNFFnRU5CQlFXCkVrUjVibUZwY0NCRFpYSjBhV1pwWTJGMFpUQU5CZ2txaGtpRzl3MEJBUXNGQUFPQ0FnRUFyMXJ5YUlRODFkVWgKcG5YNElPa3FRcld5cENNYVN4c2RlK1pTeUNsSG03aTBPelV1d0tUNzJibDU1R3daTTRvQk9JMlpoemQ0QmVFMgpwMGhLcDB3NGxsNnBuQ0U0WnN3eXdIZ1IwTEU5d0NsWUV6YlZDVDBYU1FBcWpBV1lIamVzTXR6ZjdlMTVOZUxFCjZNeHUrbUdSY0VydTFERmU5SzhvLzJyN3VxYm5ucTk4TWlCcEw3c2xMU2IySG5Vb1R5UjNXWkkrWnplQTM1M0sKd3hROFdueUd2dFpGS2JXOHZVd3VSNk5PM3RKVTNmMUJPYmtZSE5oODRjdXJNMi9TdzVzZFJqWGN1RXI1eEZGUwpBcmlXL2tkWkFwMzIyZG44c1pmd2JnZFdwUm9qd0JMQlQyZU5xeUc4NzVseUI5d3A4V0MxSGdyS0ZYeUQ3bDlaCkJvajRidTNMaEVqZ3FyMER0VGFDN2RrWkkzczFlT3A0bGx2bm4vQnFGdjJlZWZsd2JCbVlUWkVFdCtQZG9YVEwKSW9kUGEyTFBWMkdIeGgyWkJQSXdJTFdKNVY2RjFUTUJtUU0xRHhTTHdsUzBUNjdYYnJxNWNkUkMrZEdIZGFuZQpzOGxBWE1aS2tjaVZtV0RLemlQR0ZrMExaOUtiRXlaWFR5VWZCK2JPOVVaaC95YStJYzJrTksyREFRaVZVMmI3Ck1xbmU0UFZGYmthMHhudW9ERFVOY21HWUVkb2lqbWJvNUpHYUFSVzNseVNVUlduYUs0NE1rRmkwYzNISkRVNzIKVTdvQlZZTStoRHJUWU03UWNyRW9SWW5zNy8xRkE0a2pIRHliUUVvUVBwMzM0dDFKb2ZZTDFiSEhEZ3JBRDF4bQphLzgzKzBweUVkYWl0ajhYd3JDUWFENFk3MG4ybEl3PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0t</crt>
<prv/>
<serial/>
<caref/>
</ca>
<ca uuid="0ac5d719-7019-4f9b-a589-b3714259cd40">
<refid>67a9fee03f391</refid>
<descr>Dynaip Intermediate CA</descr>
<crt>LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUhsRENDQlh5Z0F3SUJBZ0lCQXpBTkJna3Foa2lHOXcwQkFRc0ZBRENCbERFTE1Ba0dBMVVFQmhNQ1ZWTXgKRHpBTkJnTlZCQWdUQms1bGRtRmtZVEVQTUEwR0ExVUVDaE1HUkhsdVlXbHdNUjR3SEFZRFZRUUxFeFZEWlhKMAphV1pwWTJGMFpTQkJkWFJvYjNKcGRIa3hKVEFqQmdOVkJBTVRIRVI1Ym1GcGNDQkRaWEowYVdacFkyRjBaU0JCCmRYUm9iM0pwZEhreEhEQWFCZ2txaGtpRzl3MEJDUUVXRFdOaFFHUjVibUZwY0M1amIyMHdIaGNOTVRVd09USXkKTVRjeE9EQXdXaGNOTWpVd09USXlNVGN4T0RBd1dqQ0JyakVMTUFrR0ExVUVCaE1DVlZNeER6QU5CZ05WQkFnVApCazVsZG1Ga1lURVBNQTBHQTFVRUNoTUdSSGx1WVdsd01Tc3dLUVlEVlFRTEV5SkpiblJsY20xbFpHbGhkR1VnClEyVnlkR2xtYVdOaGRHVWdRWFYwYUc5eWFYUjVNVEl3TUFZRFZRUURFeWxFZVc1aGFYQWdTVzUwWlhKdFpXUnAKWVhSbElFTmxjblJwWm1sallYUmxJRUYxZEdodmNtbDBlVEVjTUJvR0NTcUdTSWIzRFFFSkFSWU5ZMkZBWkhsdQpZV2x3TG1OdmJUQ0NBaUl3RFFZSktvWklodmNOQVFFQkJRQURnZ0lQQURDQ0Fnb0NnZ0lCQUs5WjQ3a3pocnZNCmNScWZ5Ti9TNmcrTnRtZndYUUZzNzd0bGNESUpkSkJVeHM1OEU1Q1pFZUo0bmppZ2NOSW9FTUNhU3ArRWdNWUoKT3VndDlrbXdtZ096a0NzaG5NMDdiVGIwYXo1NDVUWnRvZDZlKzRaVWtXbmYycTZyWHJ6bzNVK0MzZmJXSjlFSApiMVl2L3RFUFF6WDMvcXpiMGI0eEtSSjZQRHl1RHhPdU1MWDAxN3N5aXc5YWZQVEVFMjZSY1kwUU1MNkl0YUh3CmVZeWJabVdNT09zVXVSWW9vUFgwWDk1UmVXQVpMcm04aC9aRTdvZGlvb0JyODBzUStCdEd6Y0lnVFJOU0c3dksKd2QwQmcwU1A4Z3ZDKzRrQVEzMEpuaS9xTUQ0SG16RklrMVBEU0IwYnVQWHMrcndXb056b1NaTklhVkFYTTgydgpZcmxQbFZQRGFEM3hxbDJSTitqb2g0b21zK0k5bUdMK1RFaEhOd0lwOHNTNlJBSXFwcGRFYS9EaVJWQ2VtYkk1CkhESDMvbTVJcXord050em5LT3UxbUlyd1RLLzFibDVMS2hCRjlDYzdnOEpmNU9TczAzZUFPZWcrcmM2WVNFb1cKT1d1Q3Fwcm1vbnk1UWFoVGEwWnA2Vi9XcjgzYTRnVE03Rm9KRC9Nb2FDUWlSeDhMeVNuV3ZPUFpUdVhNenUrQQovZ3VxL0JNcWhoK2ZqeWpsRzRSVnpmMHBCdDV3Ny9MQklVTjhBK0ZBTTg3dDBPS0RvSU5SeHp4MHBvTUhUSy9rCm43czgyTUFwcE0xNHQxRDJrYUlQeU5BWVVHQjFRU0YwR3dtckV2c3Flb1JXbFdWUVVGcUZPS2QrRUVJNyswT20KZFhXb3k4ZUQrWEhWUUtsMVBlVzlWSVR3eUw0SnNIT1hBZ01CQUFHamdnSFRNSUlCenpBU0JnTlZIUk1CQWY4RQpDREFHQVFIL0FnRUFNQjBHQTFVZERnUVdCQlNLdDNvNDJvUmVKM0ZOcXJvVHI4M0tmQ0lRL1RDQndRWURWUjBqCkJJRzVNSUcyZ0JUcUNEaDRqbHpVVzgxQWkvSXpTY2FneE84czhxR0JtcVNCbHpDQmxERUxNQWtHQTFVRUJoTUMKVlZNeER6QU5CZ05WQkFnVEJrNWxkbUZrWVRFUE1BMEdBMVVFQ2hNR1JIbHVZV2x3TVI0d0hBWURWUVFMRXhWRApaWEowYVdacFkyRjBaU0JCZFhSb2IzSnBkSGt4SlRBakJnTlZCQU1USEVSNWJtRnBjQ0JEWlhKMGFXWnBZMkYwClpTQkJkWFJvYjNKcGRIa3hIREFhQmdrcWhraUc5dzBCQ1FFV0RXTmhRR1I1Ym1GcGNDNWpiMjJDQVFFd0N3WUQKVlIwUEJBUURBZ0VHTURRR0ExVWRId1F0TUNzd0thQW5vQ1dHSTJoMGRIQTZMeTkzZDNjdVpIbHVZV2x3TG1OdgpiUzlEUVZOcFoyNXBibWN1WTNKc01Ed0dDQ3NHQVFVRkJ3RUJCREF3TGpBc0JnZ3JCZ0VGQlFjd0FvWWdhSFIwCmNEb3ZMM2QzZHk1a2VXNWhhWEF1WTI5dEwyUjVibUZwY0M1amNuUXdNZ1lKWUlaSUFZYjRRZ0VFQkNVV0kyaDAKZEhBNkx5OTNkM2N1WkhsdVlXbHdMbU52YlM5RFFWTnBaMjVwYm1jdVkzSnNNQ0VHQ1dDR1NBR0crRUlCRFFRVQpGaEpFZVc1aGFYQWdRMlZ5ZEdsbWFXTmhkR1V3RFFZSktvWklodmNOQVFFTEJRQURnZ0lCQUdpR1NQV2NiWSttCndjOUhvcUlMb1oyQm5XTWhkbHMrSzUvYU05UXRxazhlQmVrMDBpdkpDUWlDTFcwZUlmQnRmcGtWemxwWHNFanMKUUVTT2h5VnlmTjlEMzlreTZhem1wSDV2MWxsTTN3a2VlZ3h2VXRHM2FOQTJGaGpFNWhLTHNlRlA5UXRlYTlrTwpZK3o1ZEJGcmM5UXBwZEZ2VXBDNFIrNnJVZmRVN0FscVdJWlNSRWZyNzI1ckR2aG90bHIrYko3NnV1dlNhU2duClpxN1pnN1VxVGR1bHFXaktSOW16eVJGeGxRemRVZmNaSUxxdWZUNVYyeWVYNkpnNTRoZ0xrN1JVVjBwWmV5MGMKREg2eE9WOHp6MVVkY1NCcDlGd3ZkamRuenlLa2FuY2RYdnV1aWljcjVVdWd6RWQ4bTNqaFk4NXEzWUd6NGZDdwpLeG5qSHpva3czUGw1b3oxNzh3eWJXTTMzVWhyUXNYTWcycXRCZnNvaVZ1Y1NWcURLeHlkU3VYV0RHaXBTN1hWCm02cUdPWWg0dUphNUV1ZmduYitxZjlsaHQ4MzIvZE9CUU1sYzQ4R0xGYXBsNURPWFhoTGFQWDV0T1VTbnlUOWQKZ2Y4Ums2bzgrcUpWVUxxMWF1cVdncHUwcTVBRGN4L2pScldZMmNjN1kxNEt0QkxpTkhVcTRHbGlUMFh4RzNTNwpnUERhRk1ndkRwaHd1OHl1c1RYWitXc2FXdkNkSzJqRDE5KzVrd2hpV1I4R1hOL1MzQkk5Z0EyTXdUMFFHSGwvClN1b3UxeTV6SE1iQW05TVpPRlZmZDh0RFJRcWZ1OC9iNlNLZDRPdlFnYzhNMTJRVVY5NGlNRjdrbUFhUG5ReDAKMXFxZGtmSGM4K0JyYTNJWkpGT1FMSmRaVWZHYVhEMFgKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQ==</crt>
<prv>LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlKS1FJQkFBS0NBZ0VBcjFuanVUT0d1OHh4R3AvSTM5THFENDIyWi9CZEFXenZ1MlZ3TWdsMGtGVEd6bndUCmtKa1I0bmllT0tCdzBpZ1F3SnBLbjRTQXhnazY2QzMyU2JDYUE3T1FLeUdjelR0dE52UnJQbmpsTm0yaDNwNzcKaGxTUmFkL2FycXRldk9qZFQ0TGQ5dFluMFFkdlZpLyswUTlETmZmK3JOdlJ2akVwRW5vOFBLNFBFNjR3dGZUWAp1ektMRDFwODlNUVRicEZ4alJBd3ZvaTFvZkI1akp0bVpZdzQ2eFM1RmlpZzlmUmYzbEY1WUJrdXVieUg5a1R1CmgyS2lnR3Z6U3hENEcwYk53aUJORTFJYnU4ckIzUUdEUkkveUM4TDdpUUJEZlFtZUwrb3dQZ2ViTVVpVFU4TkkKSFJ1NDllejZ2QmFnM09oSmswaHBVQmN6emE5aXVVK1ZVOE5vUGZHcVhaRTM2T2lIaWlhejRqMllZdjVNU0VjMwpBaW55eExwRUFpcW1sMFJyOE9KRlVKNlpzamtjTWZmK2JraXJQN0EyM09jbzY3V1lpdkJNci9WdVhrc3FFRVgwCkp6dUR3bC9rNUt6VGQ0QTU2RDZ0enBoSVNoWTVhNEtxbXVhaWZMbEJxRk5yUm1ucFg5YXZ6ZHJpQk16c1dna1AKOHlob0pDSkhId3ZKS2RhODQ5bE81Y3pPNzREK0M2cjhFeXFHSDUrUEtPVWJoRlhOL1NrRzNuRHY4c0VoUTN3RAo0VUF6enUzUTRvT2dnMUhIUEhTbWd3ZE1yK1NmdXp6WXdDbWt6WGkzVVBhUm9nL0kwQmhRWUhWQklYUWJDYXNTCit5cDZoRmFWWlZCUVdvVTRwMzRRUWp2N1E2WjFkYWpMeDRQNWNkVkFxWFU5NWIxVWhQREl2Z213YzVjQ0F3RUEKQVFLQ0FnRUFvZjA1aVhyWFNpQllrRTd5SkF0VlhSNytWbERQcXFSM1p6Z1RpTFlCYitCUmRLbGM3YVRxeDd2RAo5dTRJcTZ5RnBWZ2ovZTlMZ3ljOXV3WFMwMHFKVFVnUnREYXVBMDZWMjBHNjNSQ1VOMDdhVGEyekVPcUpGelRNCmNiWXdvL1cvbFZlQk5DbXN5TWJFak90enpLLzcyQnlNc2lXMFFxNXBrZjlJTElwanRUdWpGa1RsRXJOamtjQjMKVlNyYUJMZnFIWFhLZ2dvTE9Wbk5BQjhEWG1aR29xMFhPeWczWWwvcVBKZ3B0NlFyN1R3RW9uWVZvUTUycm9xTApURnFWeWFVRUtnVHJEeUU0SzZqb3BRRmp3ZS8wbS9iNXBodVBQVENvYVAxQXFkMGUrazFnaE80UGJZeVJ0dWJBCnp3ZGNmaGM4K1FuWStEc25DU212Mng5eEJOdXRMSnVkd1NwTHFheHJLN0Y5T1ZoTmEyeDBFQm5tRk1ZN09KMUgKQTFzMDdoYjN3cWdnUDVLMkxoVS9oMTg5WlEzbXFSQ3FHby9lYlJJTG1oMWRvWTY0cHFEOTg1Sm5LVmg2RXFFdQpodVliTlJRcDh3dTl4WHdzQjhtMktkS0syU2FnTHdrQ0VCMVp1KzNzR0VQbGJrT1FSc2txdTFqbTV6NzNyODY4CkVDRmFEVTVHT2hZWTFVVExYdUp4b1Jnc3FURHg3SHNKaG1oVDEzS3JNWHB2S3BkeHZsVzcybm1ZL3FNK3MzMHQKVWp4bnZRWlYvUnlIYnNnVlhUbEhSRGlDbC9tL20yNWpsRHpPalpjZXExdk5Sck05S09vK2N3NEV4UkFacjdaSQprNkk1Y1FaeDJQL2ZGUnhYWXZyMTlwYjBYN0YvZk9tUGVIVFJwS2J6dndLazlyQkYvd2tDZ2dFQkFPV1k4ZjRECmppS2ZwWFBGSzB0d2pMaHFaK1BjQmRhVmhWM21TaXVaUm5NMC9qUkV6ZzBIY1Fxd0IvL2lVUzA4OUdRSmhuRjMKVXloK3VOSHVteS9ScW9wOWFiZHRsNWEybUZPdUVFZXBKaTFjTVJuMFZxUDMxb3Rqb0hDbzZoRkRCZm04bEJXaQo0SGRIQ1ZsOTd6eXhZcFpuR0ZjNGJNOG5UZkViUU82TmVBd1B4czE5OE55WU1IMUVsWndKNE1MejcxZXN2VElvCmQ4S0kwc0F5cFZIYVpXZ1lhOGRyYjA5U2pXRVNqU0o5NzNHY3FjQmJSeVFXVnhyZ1lrOWNwc0paNXBQeXliL0QKR0F4cWdWV2ZmWFFSWGlpUEJLMG5XdVdjaThabU1wcmp3OWlta3FGS3FDTVJSOGR2Yjg5N0UxSTJKSzZ4dEh6YwppV1hKOG1NRytYSVF0VDBDZ2dFQkFNT0VBSmVScG01MWZsZnhJQ0l6SHBtc3FmdEFYb2RtSWN4R3gvM01tRFNyCjVQZXNmaldXZG5ZcTI2QlpzZUxwT09rK21OdkJNZG1OUFE0VG1TUDJ1QldDdE94Z1J6ck9iWmRSeExudFp3NWMKbFZzSi8xczlZcm9oUnNDVTZwM21MSFJQRXN3MmZleWMzN3dHb0FWT1FJb1BEKzJRRUhDMVgxRTZOeFVLd0pHTwpoeVhrbzNFVmxZd2pqK2Mza2hsaUd3elg0Yk9icFJNWGpJK0lkV1AwZDBHeFp4TnRsSzlIY2VYWFJWZWZEQmEzCmdnbTN5dVRodzgxTEFtRzVhTEo4N0ZLcDY2SDUrY3o5ZFZlNDhydHJKNEduLzEva3B5L3QyWEU4U1FzL2FEVnQKZEFZU0FEQ3piR2lZUVdmL254L3p2WHgrcTBiR1FLZjJ1Z1VjcjRJcm9XTUNnZ0VBVmY4Q2JOVWlFTC9oTmNxZApHOFdOUDZuRFBlcDBXVnBwdUxFQUNQS0JHN2UybXhkR1lrVHVSMFdGeVljWVJxeDFFVjhyOXlYdGhOWnFIVitVCnlzVnFiakxwUE9ZVWlFUGVMRUdmSVdndXY0Q3ZkM3c0VTNRSjdPMms4MjJoTmxQM1VnSWJLVHQzZmRXaW45MTIKbFRJUHJpdnhSd0lBWjFyZWE3ZDhpNTE3WUhFc1VsMmdzTTlrSWhkbFBpdkkvdHhsUWw2V0FzcDdpT2E4b1hhVwp5MkRVNkxkMDd4M0RkRitFU3Q2cTlFZGRQeDJoeTBXbEVOUTVUZnpMZGRSTE5iSjhsZCt6UjFzb2o4WDRxWHh5CmZkM2ZlYXVQNGRkQ3lZdm9JcWkydmFNZ0FPN3JMdlNLbzQvZVpjbk1oRmNoOW9JSEhWTzhPYVJVNWtaTXZtQ24KWDl6NE5RS0NBUUI5SHp3Vnc4TmtDMU1veW9wSytMWUxtTUZMcHIwWUg1ZGZtS2lpVnMzTlgzaHZ2SGNrcWo3egpqcWZ4TFpXMjVwUmlTSW9na0xuclJRVWV2aElTUHZFOTZ1RUlLUEZNeEJERWR6TFQzZ2RHM0o5RW5OaEx0clE0Cjg5VElxRVNoZWsxV3ZjZ0U0cGFoMXg4andJV2wvNWMwQTBHcFFib1R0eTdoMThTcWRiQVpOc0pzMEs1OFQxamUKVDEvbms5dXUzT2I4eUNlTC92NmNna1NWRXJvMWxweS9jTjNMUkNTVUs3L0xYSUhtK2tVTlFMRTZzT0ZxcXNUWQoyN2tSZTB0eWRwbnlxUVhBS2k3Z0xoQnJiRlFDOXlkWVJZQWNDVU9wVzZqOVc1eFBVMnZJVFZ5a0NkOFBTN1FFCkYvUTdydzVScjNYRGQzajdHU01GbXRNZk5HVnBnNnlMQW9JQkFRQ2JGQitaSnFmOWJKQXdNWUdlODNVOTQxZG8KMldDYU5yNVl3SlFNdi81MnQvUklmak90NkY2K1BERDVDK3E0MjFmQnU3ajVCemFmMVlwNWl5Q240RHpRdlJ2TQpOd2huTWNjSjluVW9nTEhlaUJkaEtEL0FKVXlkejhYUnJ6Tk40ZGRhYSsxNkZlU3hUS2FxOWRaU21GbEZtZ1VYCnM4VUxDVGQ5aDNVbHF3eUVqY2UxNTBQOThEK2w5ZG5Ra2crTzFlWm5zcnRFZ1VSTEJBaUpXYXk1bVdmcU04UVgKUVQvM1VSdWo5MWFwV0dSaGYydEpkV3ZyQU1HczNlUlhYbk1RTThLMG5mbStzVi8rMkxBVUVSTUQwakxBR0dSWgpQTERzN3RRTjRGOVJ3ZlkwRmtBSVRjZnp1cVJxL2c1RW1TZ3g0QnR1ZVZNTXg4TWI4eTF3ckQzeXJsbTEKLS0tLS1FTkQgUlNBIFBSSVZBVEUgS0VZLS0tLS0=</prv>
<serial/>
<caref>67a9feb38e684</caref>
</ca>
<dhcpdv6>
<lan>
<ddnsdomainalgorithm>hmac-md5</ddnsdomainalgorithm>
<range>
<from>fdcf:39d9:630d:284b::0</from>
<to>fdcf:39d9:630d:284b:ffff:ffff:ffff:ffff</to>
</range>
<prefixrange>
<from/>
<to/>
<prefixlength>48</prefixlength>
</prefixrange>
<dnsserver/>
<ntpserver/>
<numberoptions>
<item/>
</numberoptions>
</lan>
<opt6>
<ddnsdomainalgorithm>hmac-md5</ddnsdomainalgorithm>
<range>
<from>fd36:94be:70a6:32a4::0</from>
<to>fd36:94be:70a6:32a4:ffff:ffff:ffff:ffff</to>
</range>
<prefixrange>
<from/>
<to/>
<prefixlength>48</prefixlength>
</prefixrange>
<dnsserver/>
<ntpserver/>
<numberoptions>
<item/>
</numberoptions>
</opt6>
<opt3>
<ddnsdomainalgorithm>hmac-md5</ddnsdomainalgorithm>
<range>
<from>fd93:1100:2856:1234::1000:0</from>
<to>fd93:1100:2856:1234::1fff:ffff</to>
</range>
<prefixrange>
<from/>
<to/>
<prefixlength>64</prefixlength>
</prefixrange>
<dnsserver/>
<ntpserver/>
<numberoptions>
<item/>
</numberoptions>
<ramode>assist</ramode>
<rapriority>medium</rapriority>
<ramininterval>200</ramininterval>
<ramaxinterval>600</ramaxinterval>
<radomainsearchlist/>
<radnsserver/>
</opt3>
</dhcpdv6>
<cert uuid="d7801d42-1381-4ddc-8771-7d5564f0292e">
<refid>67a9532677f13</refid>
<descr>rno1.rail-city.net (ACME Client)</descr>
<caref>67a9532676509</caref>
<crt>LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURxekNDQXpLZ0F3SUJBZ0lTQnJIbDVnZExrK0FGSzJWSUtJTlBlVDNJTUFvR0NDcUdTTTQ5QkFNRE1ESXgKQ3pBSkJnTlZCQVlUQWxWVE1SWXdGQVlEVlFRS0V3MU1aWFFuY3lCRmJtTnllWEIwTVFzd0NRWURWUVFERXdKRgpOakFlRncweU5UQTFNVGd4TkRNeU1ETmFGdzB5TlRBNE1UWXhORE15TURKYU1CMHhHekFaQmdOVkJBTVRFbkp1CmJ6RXVjbUZwYkMxamFYUjVMbTVsZERCMk1CQUdCeXFHU000OUFnRUdCU3VCQkFBaUEySUFCT2p5dVFXMTFZUG0KQXc1Z0lzZWVpMGw1NFk3Nnl0SlpRZGF1ejc3djl1RW1ZbW9vM0dHZGNVU2owN1l2ZStxTW40YXJ5ZUN6MUFpTApmdkt3aWxISkJuemM1azhkbWU3VjZpeit5YVFNbDZxM1NQOHZueXlJb1NXOVlja1hUd01lUzZPQ0FoNHdnZ0lhCk1BNEdBMVVkRHdFQi93UUVBd0lIZ0RBZEJnTlZIU1VFRmpBVUJnZ3JCZ0VGQlFjREFRWUlLd1lCQlFVSEF3SXcKREFZRFZSMFRBUUgvQkFJd0FEQWRCZ05WSFE0RUZnUVVLa3U4aFlWWnY1Z00zNzBIdGNLYnErNEMvU293SHdZRApWUjBqQkJnd0ZvQVVreWRHbUFPcFVXaU9tTmJFUWtqYkk3OVlsTkl3TWdZSUt3WUJCUVVIQVFFRUpqQWtNQ0lHCkNDc0dBUVVGQnpBQ2hoWm9kSFJ3T2k4dlpUWXVhUzVzWlc1amNpNXZjbWN2TUIwR0ExVWRFUVFXTUJTQ0VuSnUKYnpFdWNtRnBiQzFqYVhSNUxtNWxkREFUQmdOVkhTQUVEREFLTUFnR0JtZUJEQUVDQVRBdEJnTlZIUjhFSmpBawpNQ0tnSUtBZWhoeG9kSFJ3T2k4dlpUWXVZeTVzWlc1amNpNXZjbWN2TnpNdVkzSnNNSUlCQWdZS0t3WUJCQUhXCmVRSUVBZ1NCOHdTQjhBRHVBSFVBelBzUGFvVnhDV1grbFp0VHp1bXlmQ0xwaFZ3Tmw0MjJxWDVVd1A1TURiQUEKQUFHVzVBU3NPd0FBQkFNQVJqQkVBaDlDWEtQMzhnakpUV2JXZHFIL0VhaVlmQVRJUEZ4a01pOHFKMDdVTXhyQwpBaUVBZ25nOXhFMENOQUNwbGtYbzNLNWVVbytQOHFBa21oa2pockEvdnEwS3Nsb0FkUUFONGZJd0s5TU53VUJpCkVnbnFWUzc4UjNSOHNkZnBNTzhPUWg2MGZrNnFOQUFBQVpia0JLd3BBQUFFQXdCR01FUUNJRFdsbVM3UVM2ZlMKa0lXUkVwVnlUUGdoVVVwUzZ5bWdnYWRpeDEvOVUzVnFBaUJNVFY5MlJieWlnN2MyczdrRVU0cWRxQWVWWFovNAo3WEd1YWE3T3RyYmNWREFLQmdncWhrak9QUVFEQXdObkFEQmtBakJPam5YcjNSTTJLTnE2Vk9MMmdxb3JQMC9iCjBLRnNpdXFURDFPRjZzMGdwdXIyVjNPR3l4d2Y1Zks5cjdMNm1QRUNNSCtJbXk2emk1djdjVDhaUExERkoxaGsKcC9vMEdMamllWVBHNWJNSzY1UGpqeFp6VVpYSHcyWnhDRmx1TWgvaStBPT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=</crt>
<csr/>
<prv>LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1JR2tBZ0VCQkRCYWFXN011MmpOTCtjQndXZnArbXNKMW1QVzNQaVpldHFBYlE1NVdLeklnMU1LR2NETDJiUm4KNjB2SFhkT2FJYXlnQndZRks0RUVBQ0toWkFOaUFBVG84cmtGdGRXRDVnTU9ZQ0xIbm90SmVlR08rc3JTV1VIVwpycysrNy9iaEptSnFLTnhoblhGRW85TzJMM3ZxakorR3E4bmdzOVFJaTM3eXNJcFJ5UVo4M09aUEhabnUxZW9zCi9zbWtESmVxdDBqL0w1OHNpS0VsdldISkYwOERIa3M9Ci0tLS0tRU5EIEVDIFBSSVZBVEUgS0VZLS0tLS0K</prv>
</cert>
<syslog/>
<dnsmasq version="1.0.6">
<enable>0</enable>
<regdhcp>1</regdhcp>
<regdhcpstatic>1</regdhcpstatic>
<dhcpfirst>1</dhcpfirst>
<strict_order>1</strict_order>
<domain_needed>0</domain_needed>
<no_private_reverse>1</no_private_reverse>
<no_resolv>0</no_resolv>
<log_queries>0</log_queries>
<no_hosts>0</no_hosts>
<strictbind>0</strictbind>
<dnssec>1</dnssec>
<regdhcpdomain/>
<interface>lan</interface>
<port/>
<dns_forward_max/>
<cache_size/>
<local_ttl/>
<add_mac/>
<add_subnet>0</add_subnet>
<strip_subnet>0</strip_subnet>
<dhcp>
<no_interface/>
<fqdn>0</fqdn>
<domain/>
<lease_max/>
<authoritative>0</authoritative>
<default_fw_rules>1</default_fw_rules>
<reply_delay/>
<enable_ra>0</enable_ra>
<nosync>0</nosync>
</dhcp>
<no_ident>1</no_ident>
</dnsmasq>
<Pischem>
<caddy version="1.3.7">
<general>
<enabled>0</enabled>
<EnableLayer4>0</EnableLayer4>
<HttpPort>1080</HttpPort>
<HttpsPort>1443</HttpsPort>
<TlsEmail>letsencrypt@blkdoor.com</TlsEmail>
<TlsAutoHttps/>
<TlsDnsProvider/>
<TlsDnsApiKey/>
<TlsDnsPropagationTimeout>0</TlsDnsPropagationTimeout>
<TlsDnsPropagationTimeoutPeriod/>
<TlsDnsPropagationDelay/>
<TlsDnsPropagationResolvers/>
<TlsDnsEchDomain/>
<accesslist/>
<ClientIpHeaders/>
<DisableSuperuser>1</DisableSuperuser>
<GracePeriod>10</GracePeriod>
<HttpVersions>h1,h2,h3</HttpVersions>
<LogCredentials>0</LogCredentials>
<LogAccessPlain>0</LogAccessPlain>
<LogAccessPlainKeep>10</LogAccessPlainKeep>
<LogLevel/>
<DynDnsSimpleHttp/>
<DynDnsInterface/>
<DynDnsInterval/>
<DynDnsIpVersions/>
<DynDnsTtl/>
<DynDnsUpdateOnly>0</DynDnsUpdateOnly>
<AuthProvider/>
<AuthToDomain/>
<AuthToPort/>
<AuthToTls>0</AuthToTls>
<AuthToUri/>
<CopyHeaders/>
</general>
<reverseproxy/>
</caddy>
</Pischem>
</opnsense>
Reference in New Issue View Git Blame Copy Permalink