Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?xml version="1.0"?>
- <pfsense>
- <version>9.8</version>
- <lastchange/>
- <theme>pfsense_ng</theme>
- <sysctl>
- <item>
- <descr><![CDATA[Disable the pf ftp proxy handler.]]></descr>
- <tunable>debug.pfftpproxy</tunable>
- <value>default</value>
- </item>
- <item>
- <descr><![CDATA[Increase UFS read-ahead speeds to match current state of hard drives and NCQ. More information here: http://ivoras.sharanet.org/blog/tree/2010-11-19.ufs-read-ahead.html]]></descr>
- <tunable>vfs.read_max</tunable>
- <value>default</value>
- </item>
- <item>
- <descr><![CDATA[Set the ephemeral port range to be lower.]]></descr>
- <tunable>net.inet.ip.portrange.first</tunable>
- <value>default</value>
- </item>
- <item>
- <descr><![CDATA[Drop packets to closed TCP ports without returning a RST]]></descr>
- <tunable>net.inet.tcp.blackhole</tunable>
- <value>default</value>
- </item>
- <item>
- <descr><![CDATA[Do not send ICMP port unreachable messages for closed UDP ports]]></descr>
- <tunable>net.inet.udp.blackhole</tunable>
- <value>default</value>
- </item>
- <item>
- <descr><![CDATA[Randomize the ID field in IP packets (default is 0: sequential IP IDs)]]></descr>
- <tunable>net.inet.ip.random_id</tunable>
- <value>default</value>
- </item>
- <item>
- <descr><![CDATA[Drop SYN-FIN packets (breaks RFC1379, but nobody uses it anyway)]]></descr>
- <tunable>net.inet.tcp.drop_synfin</tunable>
- <value>default</value>
- </item>
- <item>
- <descr><![CDATA[Enable sending IPv4 redirects]]></descr>
- <tunable>net.inet.ip.redirect</tunable>
- <value>default</value>
- </item>
- <item>
- <descr><![CDATA[Enable sending IPv6 redirects]]></descr>
- <tunable>net.inet6.ip6.redirect</tunable>
- <value>default</value>
- </item>
- <item>
- <descr><![CDATA[Generate SYN cookies for outbound SYN-ACK packets]]></descr>
- <tunable>net.inet.tcp.syncookies</tunable>
- <value>default</value>
- </item>
- <item>
- <descr><![CDATA[Maximum incoming/outgoing TCP datagram size (receive)]]></descr>
- <tunable>net.inet.tcp.recvspace</tunable>
- <value>default</value>
- </item>
- <item>
- <descr><![CDATA[Maximum incoming/outgoing TCP datagram size (send)]]></descr>
- <tunable>net.inet.tcp.sendspace</tunable>
- <value>default</value>
- </item>
- <item>
- <descr><![CDATA[IP Fastforwarding]]></descr>
- <tunable>net.inet.ip.fastforwarding</tunable>
- <value>default</value>
- </item>
- <item>
- <descr><![CDATA[Do not delay ACK to try and piggyback it onto a data packet]]></descr>
- <tunable>net.inet.tcp.delayed_ack</tunable>
- <value>default</value>
- </item>
- <item>
- <descr><![CDATA[Maximum outgoing UDP datagram size]]></descr>
- <tunable>net.inet.udp.maxdgram</tunable>
- <value>default</value>
- </item>
- <item>
- <descr><![CDATA[Handling of non-IP packets which are not passed to pfil (see if_bridge(4))]]></descr>
- <tunable>net.link.bridge.pfil_onlyip</tunable>
- <value>default</value>
- </item>
- <item>
- <descr><![CDATA[Set to 0 to disable filtering on the incoming and outgoing member interfaces.]]></descr>
- <tunable>net.link.bridge.pfil_member</tunable>
- <value>default</value>
- </item>
- <item>
- <descr><![CDATA[Set to 1 to enable filtering on the bridge interface]]></descr>
- <tunable>net.link.bridge.pfil_bridge</tunable>
- <value>default</value>
- </item>
- <item>
- <descr><![CDATA[Allow unprivileged access to tap(4) device nodes]]></descr>
- <tunable>net.link.tap.user_open</tunable>
- <value>default</value>
- </item>
- <item>
- <descr><![CDATA[Randomize PID's (see src/sys/kern/kern_fork.c: sysctl_kern_randompid())]]></descr>
- <tunable>kern.randompid</tunable>
- <value>default</value>
- </item>
- <item>
- <descr><![CDATA[Maximum size of the IP input queue]]></descr>
- <tunable>net.inet.ip.intr_queue_maxlen</tunable>
- <value>default</value>
- </item>
- <item>
- <descr><![CDATA[Disable CTRL+ALT+Delete reboot from keyboard.]]></descr>
- <tunable>hw.syscons.kbd_reboot</tunable>
- <value>default</value>
- </item>
- <item>
- <descr><![CDATA[Enable TCP Inflight mode]]></descr>
- <tunable>net.inet.tcp.inflight.enable</tunable>
- <value>default</value>
- </item>
- <item>
- <descr><![CDATA[Enable TCP extended debugging]]></descr>
- <tunable>net.inet.tcp.log_debug</tunable>
- <value>default</value>
- </item>
- <item>
- <descr><![CDATA[Set ICMP Limits]]></descr>
- <tunable>net.inet.icmp.icmplim</tunable>
- <value>default</value>
- </item>
- <item>
- <descr><![CDATA[TCP Offload Engine]]></descr>
- <tunable>net.inet.tcp.tso</tunable>
- <value>default</value>
- </item>
- <item>
- <descr><![CDATA[Maximum socket buffer size]]></descr>
- <tunable>kern.ipc.maxsockbuf</tunable>
- <value>default</value>
- </item>
- </sysctl>
- <system>
- <optimization>normal</optimization>
- <hostname>****</hostname>
- <domain>****.lan</domain>
- <group>
- <name>all</name>
- <description><![CDATA[All Users]]></description>
- <scope>system</scope>
- <gid>1998</gid>
- </group>
- <group>
- <name>****</name>
- <description><![CDATA[System Administrators]]></description>
- <scope>system</scope>
- <gid>1999</gid>
- <member>0</member>
- <priv>page-all</priv>
- </group>
- <user>
- <name>****</name>
- <descr><![CDATA[System Administrator]]></descr>
- <scope>system</scope>
- <groupname>****</groupname>
- <password>****</password>
- <uid>0</uid>
- <priv>user-shell-access</priv>
- <md5-hash>****</md5-hash>
- <nt-hash>****</nt-hash>
- <expires/>
- <authorizedkeys>****</authorizedkeys>
- <ipsecpsk/>
- </user>
- <nextuid>2000</nextuid>
- <nextgid>2000</nextgid>
- <timezone>CST6CDT</timezone>
- <time-update-interval/>
- <timeservers>****</timeservers>
- <webgui>
- <protocol>https</protocol>
- <ssl-certref>****</ssl-certref>
- <port>443</port>
- <max_procs>2</max_procs>
- <nohttpreferercheck/>
- <althostnames>****</althostnames>
- <disablehttpredirect/>
- </webgui>
- <disablenatreflection>yes</disablenatreflection>
- <disablesegmentationoffloading/>
- <disablelargereceiveoffloading/>
- <enablesshd>enabled</enablesshd>
- <dns1gwint>none</dns1gwint>
- <dns2gwint>none</dns2gwint>
- <dns3gwint>none</dns3gwint>
- <dns4gwint>none</dns4gwint>
- <ssh>
- <sshdkeyonly>enabled</sshdkeyonly>
- <port>22</port>
- </ssh>
- <sshdkeyonly/>
- <kill_states/>
- <language>en_US</language>
- <dns1gw>none</dns1gw>
- <dns2gw>none</dns2gw>
- <dns3gw>none</dns3gw>
- <dns4gw>none</dns4gw>
- <dnsserver>****</dnsserver>
- </system>
- <interfaces>
- <wan>
- <enable/>
- <if>dc0</if>
- <descr><![CDATA[WAN]]></descr>
- <spoofmac/>
- <alias-address/>
- <alias-subnet>32</alias-subnet>
- <ipaddr>****</ipaddr>
- <subnet>24</subnet>
- <gateway>****</gateway>
- </wan>
- <lan>
- <enable/>
- <if>nfe0</if>
- <ipaddr>****</ipaddr>
- <subnet>24</subnet>
- <media/>
- <mediaopt/>
- <descr><![CDATA[LAN]]></descr>
- </lan>
- <opt1>
- <descr><![CDATA[DMZ]]></descr>
- <if>sk0_vlan1</if>
- <enable/>
- <spoofmac/>
- <ipaddr>10.1.1.1</ipaddr>
- <subnet>24</subnet>
- </opt1>
- <opt2>
- <descr><![CDATA[Lab]]></descr>
- <if>sk0_vlan2</if>
- <enable/>
- <ipaddr>10.2.2.1</ipaddr>
- <subnet>24</subnet>
- <spoofmac/>
- </opt2>
- </interfaces>
- <staticroutes/>
- <dhcpd>
- <lan>
- <range>
- <from>****</from>
- <to>****</to>
- </range>
- <defaultleasetime/>
- <maxleasetime/>
- <netmask/>
- <failover_peerip/>
- <gateway/>
- <domain/>
- <domainsearchlist></domainsearchlist>
- <ddnsdomain/>
- <tftp/>
- <ldap/>
- <next-server/>
- <filename/>
- <rootpath/>
- <numberoptions/>
- <dnsserver></dnsserver>
- </lan>
- </dhcpd>
- <pptpd>
- <mode/>
- <redir/>
- <localip/>
- <remoteip/>
- </pptpd>
- <dnsmasq>
- <custom_options/>
- </dnsmasq>
- <snmpd>
- <syslocation/>
- <syscontact/>
- <rocommunity>public</rocommunity>
- </snmpd>
- <diag>
- <ipv6nat>
- <ipaddr/>
- </ipv6nat>
- </diag>
- <bridge/>
- <syslog>
- <nentries>50</nentries>
- <remoteserver>****</remoteserver>
- <remoteserver2/>
- <remoteserver3/>
- <enable/>
- </syslog>
- <nat>
- <ipsecpassthru>
- <enable/>
- </ipsecpassthru>
- <advancedoutbound>
- <rule>
- <source>
- <network>****</network>
- </source>
- <dstport>500</dstport>
- <descr><![CDATA[Auto created rule for ISAKMP - LAN to WAN]]></descr>
- <target/>
- <interface>wan</interface>
- <destination>
- <any/>
- </destination>
- <staticnatport/>
- </rule>
- <rule>
- <source>
- <network>****</network>
- </source>
- <sourceport/>
- <descr><![CDATA[Auto created rule for LAN to WAN]]></descr>
- <target/>
- <targetip/>
- <targetip_subnet>0</targetip_subnet>
- <interface>wan</interface>
- <poolopts/>
- <staticnatport/>
- <destination>
- <any/>
- </destination>
- </rule>
- <rule>
- <source>
- <network>10.1.1.0/24</network>
- </source>
- <sourceport/>
- <descr><![CDATA[DMZ Core Hide NAT]]></descr>
- <target/>
- <targetip/>
- <targetip_subnet>0</targetip_subnet>
- <interface>wan</interface>
- <poolopts/>
- <staticnatport/>
- <destination>
- <any/>
- </destination>
- <created>
- <time>1388448511</time>
- <username>****</username>
- </created>
- <updated>
- <time>1389385970</time>
- <username>****</username>
- </updated>
- </rule>
- <rule>
- <source>
- <network>****</network>
- </source>
- <sourceport/>
- <descr><![CDATA[Lab 30 Hide NAT]]></descr>
- <target/>
- <targetip/>
- <targetip_subnet>0</targetip_subnet>
- <interface>wan</interface>
- <poolopts/>
- <staticnatport/>
- <destination>
- <any/>
- </destination>
- <updated>
- <time>1389385989</time>
- <username>****</username>
- </updated>
- <created>
- <time>1389385989</time>
- <username>****</username>
- </created>
- </rule>
- <rule>
- <source>
- <network>127.0.0.0/8</network>
- </source>
- <dstport/>
- <descr><![CDATA[Auto created rule for localhost to WAN]]></descr>
- <target/>
- <interface>wan</interface>
- <destination>
- <any/>
- </destination>
- <natport>****</natport>
- </rule>
- <enable/>
- </advancedoutbound>
- <rule>
- <source>
- <any/>
- </source>
- <destination>
- <network>wanip</network>
- <port>****</port>
- </destination>
- <protocol>tcp</protocol>
- <target>****</target>
- <local-port>****</local-port>
- <interface>wan</interface>
- <descr><![CDATA[****]]></descr>
- <associated-rule-id>nat_51f801adb55361.70017646</associated-rule-id>
- </rule>
- <rule>
- <source>
- <any/>
- </source>
- <destination>
- <network>wanip</network>
- <port>****</port>
- </destination>
- <protocol>tcp</protocol>
- <target>****</target>
- <local-port>****</local-port>
- <interface>wan</interface>
- <descr><![CDATA[****]]></descr>
- <associated-rule-id>nat_51faabf192da14.73966956</associated-rule-id>
- </rule>
- <rule>
- <source>
- <any/>
- </source>
- <destination>
- <network>wanip</network>
- <port>****</port>
- </destination>
- <protocol>tcp</protocol>
- <target>****</target>
- <local-port/>
- <interface>wan</interface>
- <descr><![CDATA[****]]></descr>
- <associated-rule-id>nat_5220d2282da166.18595791</associated-rule-id>
- </rule>
- <rule>
- <source>
- <any/>
- </source>
- <destination>
- <network>wanip</network>
- <port>****</port>
- </destination>
- <protocol>tcp/udp</protocol>
- <target>****</target>
- <local-port/>
- <interface>wan</interface>
- <descr><![CDATA[****]]></descr>
- <associated-rule-id>nat_5220d255b5b665.36759894</associated-rule-id>
- </rule>
- <rule>
- <source>
- <any/>
- </source>
- <destination>
- <network>wanip</network>
- <port>****</port>
- </destination>
- <protocol>udp</protocol>
- <target>****</target>
- <local-port/>
- <interface>wan</interface>
- <descr><![CDATA[****]]></descr>
- <associated-rule-id/>
- </rule>
- <rule>
- <source>
- <any/>
- </source>
- <destination>
- <network>wanip</network>
- <port>****</port>
- </destination>
- <protocol>tcp</protocol>
- <target>****</target>
- <local-port/>
- <interface>wan</interface>
- <descr><![CDATA[****]]></descr>
- <associated-rule-id/>
- </rule>
- <rule>
- <source>
- <any/>
- </source>
- <destination>
- <network>wanip</network>
- <port>****</port>
- </destination>
- <protocol>tcp</protocol>
- <target>****</target>
- <local-port/>
- <interface>wan</interface>
- <descr><![CDATA[****]]></descr>
- <associated-rule-id/>
- </rule>
- <rule>
- <source>
- <any/>
- </source>
- <destination>
- <network>wanip</network>
- <port>****</port>
- </destination>
- <protocol>tcp</protocol>
- <target>****</target>
- <local-port/>
- <interface>wan</interface>
- <descr><![CDATA[****]]></descr>
- <associated-rule-id/>
- </rule>
- <rule>
- <source>
- <any/>
- </source>
- <destination>
- <network>wanip</network>
- <port>****</port>
- </destination>
- <protocol>udp</protocol>
- <target>****</target>
- <local-port/>
- <interface>wan</interface>
- <descr><![CDATA[****]]></descr>
- <associated-rule-id/>
- </rule>
- <rule>
- <source>
- <any/>
- </source>
- <destination>
- <network>wanip</network>
- <port>****</port>
- </destination>
- <protocol>udp</protocol>
- <target>****</target>
- <local-port/>
- <interface>wan</interface>
- <descr><![CDATA[****]]></descr>
- <associated-rule-id/>
- </rule>
- <rule>
- <source>
- <any/>
- </source>
- <destination>
- <network>wanip</network>
- <port>****</port>
- </destination>
- <protocol>udp</protocol>
- <target>****</target>
- <local-port/>
- <interface>wan</interface>
- <descr><![CDATA[****]]></descr>
- <associated-rule-id/>
- </rule>
- </nat>
- <filter>
- <rule>
- <id/>
- <type>block</type>
- <interface>wan</interface>
- <tag/>
- <tagged/>
- <max/>
- <max-src-nodes/>
- <max-src-conn/>
- <max-src-states/>
- <statetimeout/>
- <statetype>keep state</statetype>
- <os/>
- <source>
- <address>169.254.1.0/24</address>
- </source>
- <destination>
- <any/>
- </destination>
- <descr><![CDATA[****]]></descr>
- </rule>
- <rule>
- <id/>
- <type>pass</type>
- <interface>wan</interface>
- <tag/>
- <tagged/>
- <max/>
- <max-src-nodes/>
- <max-src-conn/>
- <max-src-states/>
- <statetimeout/>
- <statetype>keep state</statetype>
- <os/>
- <protocol>tcp</protocol>
- <source>
- <any/>
- </source>
- <destination>
- <address>****</address>
- <port/>
- </destination>
- <log/>
- <descr><![CDATA[****]]></descr>
- <associated-rule-id>nat_5220d2282da166.18595791</associated-rule-id>
- </rule>
- <rule>
- <id/>
- <type>pass</type>
- <interface>wan</interface>
- <tag/>
- <tagged/>
- <max/>
- <max-src-nodes/>
- <max-src-conn/>
- <max-src-states/>
- <statetimeout/>
- <statetype>keep state</statetype>
- <os/>
- <protocol>tcp/udp</protocol>
- <source>
- <any/>
- </source>
- <destination>
- <address>****</address>
- <port>-100</port>
- </destination>
- <log/>
- <descr><![CDATA[****]]></descr>
- <associated-rule-id>nat_5220d255b5b665.36759894</associated-rule-id>
- </rule>
- <rule>
- <id/>
- <type>pass</type>
- <interface>wan</interface>
- <tag/>
- <tagged/>
- <max/>
- <max-src-nodes/>
- <max-src-conn/>
- <max-src-states/>
- <statetimeout/>
- <statetype>keep state</statetype>
- <os/>
- <protocol>tcp</protocol>
- <source>
- <any/>
- </source>
- <destination>
- <address>****</address>
- <port>3389</port>
- </destination>
- <log/>
- <descr><![CDATA[****]]></descr>
- <associated-rule-id>nat_51f801adb55361.70017646</associated-rule-id>
- </rule>
- <rule>
- <id/>
- <type>pass</type>
- <interface>wan</interface>
- <tag/>
- <tagged/>
- <max/>
- <max-src-nodes/>
- <max-src-conn/>
- <max-src-states/>
- <statetimeout/>
- <statetype>keep state</statetype>
- <os/>
- <protocol>tcp</protocol>
- <source>
- <any/>
- </source>
- <destination>
- <address>****</address>
- <port>****</port>
- </destination>
- <log/>
- <descr><![CDATA[****]]></descr>
- <associated-rule-id>nat_51faabf192da14.73966956</associated-rule-id>
- </rule>
- <rule>
- <id/>
- <type>pass</type>
- <interface>wan</interface>
- <tag/>
- <tagged/>
- <max/>
- <max-src-nodes/>
- <max-src-conn/>
- <max-src-states/>
- <statetimeout/>
- <statetype>keep state</statetype>
- <os/>
- <protocol>tcp</protocol>
- <source>
- <any/>
- </source>
- <destination>
- <network>wanip</network>
- <port>****</port>
- </destination>
- <log/>
- <descr><![CDATA[Web UI Access]]></descr>
- </rule>
- <rule>
- <id/>
- <type>pass</type>
- <interface>wan</interface>
- <tag/>
- <tagged/>
- <max/>
- <max-src-nodes/>
- <max-src-conn/>
- <max-src-states/>
- <statetimeout/>
- <statetype>keep state</statetype>
- <os/>
- <protocol>tcp</protocol>
- <source>
- <any/>
- </source>
- <destination>
- <network>wanip</network>
- <port>****</port>
- </destination>
- <log/>
- <descr><![CDATA[****]]></descr>
- </rule>
- <rule>
- <id/>
- <type>pass</type>
- <interface>wan</interface>
- <tag/>
- <tagged/>
- <max/>
- <max-src-nodes/>
- <max-src-conn/>
- <max-src-states/>
- <statetimeout/>
- <statetype>keep state</statetype>
- <os/>
- <source>
- <any/>
- </source>
- <destination>
- <address>****</address>
- </destination>
- <descr><![CDATA[****]]></descr>
- </rule>
- <rule>
- <id/>
- <type>block</type>
- <interface>wan</interface>
- <tag/>
- <tagged/>
- <max/>
- <max-src-nodes/>
- <max-src-conn/>
- <max-src-states/>
- <statetimeout/>
- <statetype>keep state</statetype>
- <os/>
- <source>
- <any/>
- </source>
- <destination>
- <any/>
- </destination>
- <descr><![CDATA[Clean Up]]></descr>
- </rule>
- <rule>
- <id/>
- <type>pass</type>
- <interface>lan</interface>
- <tag/>
- <tagged/>
- <max/>
- <max-src-nodes/>
- <max-src-conn/>
- <max-src-states/>
- <statetimeout/>
- <statetype>keep state</statetype>
- <os/>
- <source>
- <network>lan</network>
- </source>
- <destination>
- <any/>
- </destination>
- <log/>
- <descr><![CDATA[LAN -> Any]]></descr>
- </rule>
- <rule>
- <id/>
- <type>pass</type>
- <interface>enc0</interface>
- <tag/>
- <tagged/>
- <max/>
- <max-src-nodes/>
- <max-src-conn/>
- <max-src-states/>
- <statetimeout/>
- <statetype>keep state</statetype>
- <os/>
- <source>
- <network>lan</network>
- </source>
- <destination>
- <address>****</address>
- </destination>
- <log/>
- <descr><![CDATA[****]]></descr>
- </rule>
- <rule>
- <id/>
- <type>pass</type>
- <interface>opt1</interface>
- <ipprotocol>inet</ipprotocol>
- <tag/>
- <tagged/>
- <max/>
- <max-src-nodes/>
- <max-src-conn/>
- <max-src-states/>
- <statetimeout/>
- <statetype>keep state</statetype>
- <os/>
- <source>
- <network>opt1</network>
- </source>
- <destination>
- <any/>
- </destination>
- <log/>
- <descr><![CDATA[DMZ -> Any]]></descr>
- <created>
- <time>1388276105</time>
- <username>****@****</username>
- </created>
- <updated>
- <time>1388448392</time>
- <username>****@****</username>
- </updated>
- </rule>
- <rule>
- <id/>
- <type>pass</type>
- <interface>opt2</interface>
- <ipprotocol>inet</ipprotocol>
- <tag/>
- <tagged/>
- <max/>
- <max-src-nodes/>
- <max-src-conn/>
- <max-src-states/>
- <statetimeout/>
- <statetype>keep state</statetype>
- <os/>
- <source>
- <network>opt2</network>
- </source>
- <destination>
- <any/>
- </destination>
- <descr><![CDATA[Lab -> Any]]></descr>
- <updated>
- <time>1389508052</time>
- <username>****@****</username>
- </updated>
- <created>
- <time>1389508052</time>
- <username>****@****</username>
- </created>
- </rule>
- </filter>
- <shaper/>
- <ipsec>
- <preferoldsa/>
- <phase1>
- <ikeid>2</ikeid>
- <disabled/>
- <interface>wan</interface>
- <remote-gateway>****</remote-gateway>
- <mode>main</mode>
- <myid_type>dyn_dns</myid_type>
- <myid_data>****</myid_data>
- <peerid_type>peeraddress</peerid_type>
- <peerid_data/>
- <encryption-algorithm>
- <name>aes</name>
- <keylen>128</keylen>
- </encryption-algorithm>
- <hash-algorithm>md5</hash-algorithm>
- <dhgroup>2</dhgroup>
- <lifetime>28800</lifetime>
- <pre-shared-key>class</pre-shared-key>
- <private-key/>
- <certref/>
- <caref/>
- <authentication_method>pre_shared_key</authentication_method>
- <generate_policy/>
- <proposal_check/>
- <descr><![CDATA[****]]></descr>
- <nat_traversal>off</nat_traversal>
- </phase1>
- <client/>
- <phase2>
- <ikeid>2</ikeid>
- <mode>tunnel</mode>
- <localid>
- <type>network</type>
- <address>****</address>
- <netbits>24</netbits>
- </localid>
- <remoteid>
- <type>network</type>
- <address>****</address>
- <netbits>24</netbits>
- </remoteid>
- <protocol>esp</protocol>
- <encryption-algorithm-option>
- <name>aes</name>
- <keylen>128</keylen>
- </encryption-algorithm-option>
- <hash-algorithm-option>hmac_md5</hash-algorithm-option>
- <pfsgroup>0</pfsgroup>
- <lifetime>3600</lifetime>
- <pinghost/>
- <descr><![CDATA[****]]></descr>
- </phase2>
- </ipsec>
- <aliases>
- <alias>
- <name>****_TCP</name>
- <address>80 443 5223</address>
- <descr><![CDATA[****]]></descr>
- <type>port</type>
- <detail><![CDATA[Entry added Fri, 22 Nov 2013 14:40:14 -0600||Entry added Fri, 22 Nov 2013 14:40:14 -0600||Entry added Fri, 22 Nov 2013 14:40:14 -0600]]></detail>
- </alias>
- <alias>
- <name>****_UDP</name>
- <address>3478 3479 3658</address>
- <descr><![CDATA[****]]></descr>
- <type>port</type>
- <detail><![CDATA[Entry added Fri, 22 Nov 2013 14:41:12 -0600||Entry added Fri, 22 Nov 2013 14:41:12 -0600||Entry added Fri, 22 Nov 2013 14:41:12 -0600]]></detail>
- </alias>
- </aliases>
- <proxyarp/>
- <cron>
- <item>
- <minute>0</minute>
- <hour>*</hour>
- <mday>*</mday>
- <month>*</month>
- <wday>*</wday>
- <who>root</who>
- <command>/usr/bin/nice -n20 newsyslog</command>
- </item>
- <item>
- <minute>1,31</minute>
- <hour>0-5</hour>
- <mday>*</mday>
- <month>*</month>
- <wday>*</wday>
- <who>root</who>
- <command>/usr/bin/nice -n20 adjkerntz -a</command>
- </item>
- <item>
- <minute>1</minute>
- <hour>3</hour>
- <mday>1</mday>
- <month>*</month>
- <wday>*</wday>
- <who>root</who>
- <command>/usr/bin/nice -n20 /etc/rc.update_bogons.sh</command>
- </item>
- <item>
- <minute>*/60</minute>
- <hour>*</hour>
- <mday>*</mday>
- <month>*</month>
- <wday>*</wday>
- <who>root</who>
- <command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 sshlockout</command>
- </item>
- <item>
- <minute>1</minute>
- <hour>1</hour>
- <mday>*</mday>
- <month>*</month>
- <wday>*</wday>
- <who>root</who>
- <command>/usr/bin/nice -n20 /etc/rc.dyndns.update</command>
- </item>
- <item>
- <minute>*/60</minute>
- <hour>*</hour>
- <mday>*</mday>
- <month>*</month>
- <wday>*</wday>
- <who>root</who>
- <command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 virusprot</command>
- </item>
- <item>
- <minute>30</minute>
- <hour>12</hour>
- <mday>*</mday>
- <month>*</month>
- <wday>*</wday>
- <who>root</who>
- <command>/usr/bin/nice -n20 /etc/rc.update_urltables</command>
- </item>
- </cron>
- <wol>
- <wolentry>
- <interface>lan</interface>
- <mac>****</mac>
- <descr><![CDATA[****]]></descr>
- </wolentry>
- <wolentry>
- <interface>lan</interface>
- <mac>****</mac>
- <descr><![CDATA[****]]></descr>
- </wolentry>
- <wolentry>
- <interface>lan</interface>
- <mac>****</mac>
- <descr><![CDATA[****]]></descr>
- </wolentry>
- <wolentry>
- <interface>lan</interface>
- <mac>****</mac>
- <descr><![CDATA[****]]></descr>
- </wolentry>
- <wolentry>
- <interface>lan</interface>
- <mac>****</mac>
- <descr><![CDATA[****]]></descr>
- </wolentry>
- <wolentry>
- <interface>lan</interface>
- <mac>****</mac>
- <descr><![CDATA[********]]></descr>
- </wolentry>
- </wol>
- <rrd>
- <enable/>
- </rrd>
- <load_balancer>
- <monitor_type>
- <name>ICMP</name>
- <type>icmp</type>
- <descr><![CDATA[ICMP]]></descr>
- <options/>
- </monitor_type>
- <monitor_type>
- <name>TCP</name>
- <type>tcp</type>
- <descr><![CDATA[Generic TCP]]></descr>
- <options/>
- </monitor_type>
- <monitor_type>
- <name>HTTP</name>
- <type>http</type>
- <descr><![CDATA[Generic HTTP]]></descr>
- <options>
- <path>/</path>
- <host/>
- <code>200</code>
- </options>
- </monitor_type>
- <monitor_type>
- <name>HTTPS</name>
- <type>https</type>
- <descr><![CDATA[Generic HTTPS]]></descr>
- <options>
- <path>/</path>
- <host/>
- <code>200</code>
- </options>
- </monitor_type>
- <monitor_type>
- <name>SMTP</name>
- <type>send</type>
- <descr><![CDATA[Generic SMTP]]></descr>
- <options>
- <send>EHLO nosuchhost</send>
- <expect>250-</expect>
- </options>
- </monitor_type>
- </load_balancer>
- <widgets>
- <sequence>system_information-container:col1:show,traffic_graphs-container:col1:show,ipsec-container:col1:close,captive_portal_status-container:col1:close,carp_status-container:col1:close,cpu_graphs-container:col1:close,gateways-container:col1:close,gmirror_status-container:col1:close,installed_packages-container:col1:close,interface_statistics-container:col1:close,services_status-container:col2:show,load_balancer_status-container:col2:close,interfaces-container:col2:show,log-container:col2:show,picture-container:col2:close,rss-container:col2:close,openvpn-container:col2:none,wake_on_lan-container:col2:none</sequence>
- <filterlogentries>15</filterlogentries>
- <traffic_graphs-config>WAN_graph-config:show,LAN_graph-config:hide,refreshInterval=2</traffic_graphs-config>
- <servicestatusfilter>apinger</servicestatusfilter>
- </widgets>
- <revision>
- <time>1389513830</time>
- <description><![CDATA[****@****: /interfaces.php made unknown change]]></description>
- <username>****@****</username>
- </revision>
- <openvpn/>
- <l7shaper>
- <container/>
- </l7shaper>
- <dnshaper/>
- <cert>
- <refid>505f63ddefaf7</refid>
- <descr><![CDATA[webConfigurator default]]></descr>
- <crt>****</crt>
- <prv>****</prv>
- </cert>
- <gateways>
- <gateway_item>
- <interface>wan</interface>
- <gateway>****</gateway>
- <name>****</name>
- <weight>1</weight>
- <interval/>
- <descr/>
- <monitor_disable/>
- <defaultgw/>
- <ipprotocol>inet</ipprotocol>
- </gateway_item>
- </gateways>
- <ppps>
- </ppps>
- <dhcrelay>
- <enable/>
- <interface>opt1</interface>
- <server>****</server>
- </dhcrelay>
- <dhcpdv6/>
- <installedpackages>
- <package>
- <name>Quagga OSPF</name>
- <descr><![CDATA[OSPF routing protocol using Quagga -- WARNING! Installs files to the same place as OpenOSPFD and OpenBGPD. Installing both will break things.]]></descr>
- <maintainer>jimp@pfsense.org</maintainer>
- <version>0.99.22.3 v0.6.1</version>
- <category>Routing</category>
- <status>BETA</status>
- <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url>
- <depends_on_package>quagga-0.99.22.3.tbz</depends_on_package>
- <depends_on_package_pbi>quagga-0.99.22.3-amd64.pbi</depends_on_package_pbi>
- <config_file>http://www.pfsense.com/packages/config/quagga_ospfd/quagga_ospfd.xml</config_file>
- <build_port_path>/usr/ports/net/quagga</build_port_path>
- <pkginfolink/>
- <required_version>2.0</required_version>
- <configurationfile>quagga_ospfd.xml</configurationfile>
- </package>
- <menu>
- <name>Quagga OSPFd</name>
- <tooltiptext>Modify Quagga ospfd settings.</tooltiptext>
- <section>Services</section>
- <configfile>quagga_ospfd.xml</configfile>
- <url>/pkg_edit.php?xml=quagga_ospfd.xml&id=0</url>
- </menu>
- <tab>
- <text>Global Settings</text>
- <url>pkg_edit.php?xml=quagga_ospfd.xml&id=0</url>
- <active/>
- </tab>
- <service>
- <name>Quagga OSPFd</name>
- <rcfile>quagga.sh</rcfile>
- <executable>ospfd</executable>
- <description><![CDATA[OSPF routing daemon]]></description>
- </service>
- <service>
- <name>Quagga Zebra</name>
- <rcfile>quagga.sh</rcfile>
- <executable>zebra</executable>
- <description><![CDATA[Quagga core/abstraction daemon]]></description>
- </service>
- <quaggaospfdinterfaces>
- <config>
- <interface>opt1</interface>
- <metric/>
- <interfacearea>0.0.0.0</interfacearea>
- <descr/>
- <passive/>
- <acceptfilter/>
- <md5password/>
- <password/>
- <routerpriorityelections/>
- <hellointervalinseconds/>
- <retransmitinterval/>
- <deadtimer/>
- </config>
- <config>
- <interface>opt2</interface>
- <metric/>
- <interfacearea>0.0.0.0</interfacearea>
- <descr/>
- <passive/>
- <acceptfilter/>
- <md5password/>
- <password/>
- <routerpriorityelections/>
- <hellointervalinseconds/>
- <retransmitinterval/>
- <deadtimer/>
- </config>
- </quaggaospfdinterfaces>
- <quaggaospfd>
- <config>
- <password>class</password>
- <logging/>
- <adjacencylog/>
- <routerid>10.1.1.1</routerid>
- <area>0.0.0.0</area>
- <updatefib/>
- <redistributeconnectedsubnets/>
- <redistributedefaultroute>on</redistributedefaultroute>
- <redistributestatic/>
- <redistributekernel/>
- <spfholdtime/>
- <spfdelay/>
- <rfc1583/>
- <row>
- <routevalue/>
- <routearea/>
- </row>
- <carpstatusip/>
- </config>
- </quaggaospfd>
- </installedpackages>
- <vlans>
- <vlan>
- <if>sk0</if>
- <tag>1</tag>
- <descr><![CDATA[DMZ]]></descr>
- <vlanif>sk0_vlan1</vlanif>
- </vlan>
- <vlan>
- <if>sk0</if>
- <tag>2</tag>
- <descr><![CDATA[Lab]]></descr>
- <vlanif>sk0_vlan2</vlanif>
- </vlan>
- </vlans>
- </pfsense>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement