Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?xml version="1.0"?>
- <pfsense>
- <version>23.3</version>
- <lastchange></lastchange>
- <disablechecksumoffloading></disablechecksumoffloading>
- <no_apipa_block>enabled</no_apipa_block>
- <prefer_ipv4></prefer_ipv4>
- <enablenatreflectionpurenat>yes</enablenatreflectionpurenat>
- <earlyshellcmd>service wireguardd start</earlyshellcmd>
- </system>
- <interfaces>
- <wan>
- <enable></enable>
- <if>mvneta0.4090</if>
- <blockbogons></blockbogons>
- <switchif>switch0.port3</switchif>
- <descr><![CDATA[WAN]]></descr>
- <spoofmac></spoofmac>
- <ipaddr>192.168.62.2</ipaddr>
- <subnet>24</subnet>
- <gateway>WAN_DHCP</gateway>
- </wan>
- <lan>
- <enable></enable>
- <if>mvneta0.4091</if>
- <switchif>switch0.port2</switchif>
- <descr><![CDATA[LAN]]></descr>
- <ipaddr>172.16.43.1</ipaddr>
- <subnet>24</subnet>
- <ipaddrv6>track6</ipaddrv6>
- <track6-interface>wan</track6-interface>
- <track6-prefix-id>0</track6-prefix-id>
- <spoofmac></spoofmac>
- </lan>
- <opt1>
- <if>mvneta0.4092</if>
- <descr><![CDATA[OPT]]></descr>
- <switchif>switch0.port1</switchif>
- <ipaddr>dhcp</ipaddr>
- <subnet></subnet>
- <gateway></gateway>
- <ipaddrv6></ipaddrv6>
- <subnetv6></subnetv6>
- <gatewayv6></gatewayv6>
- <enable></enable>
- </opt1>
- </interfaces>
- <staticroutes>
- <route>
- <network>10.62.4.0/24</network>
- <gateway>connect_for_virus</gateway>
- <descr><![CDATA[ASUS_connect_for_virus]]></descr>
- </route>
- <route>
- <network>10.62.3.0/24</network>
- <gateway>GoogleTV_SuperBox</gateway>
- <descr><![CDATA[GoogleTV_SuperBox]]></descr>
- </route>
- </staticroutes>
- <lan>
- <range>
- <from>::1000</from>
- <to>::2000</to>
- </range>
- <ramode>assist</ramode>
- <rapriority>medium</rapriority>
- <prefixrange>
- <from></from>
- <to></to>
- <prefixlength></prefixlength>
- </prefixrange>
- <defaultleasetime></defaultleasetime>
- <maxleasetime></maxleasetime>
- <netmask></netmask>
- <dhcp6c-dns>enabled</dhcp6c-dns>
- <domain></domain>
- <domainsearchlist></domainsearchlist>
- <ddnsdomain></ddnsdomain>
- <ddnsdomainprimary></ddnsdomainprimary>
- <ddnsdomainsecondary></ddnsdomainsecondary>
- <ddnsdomainkeyname></ddnsdomainkeyname>
- <ddnsdomainkeyalgorithm></ddnsdomainkeyalgorithm>
- <ddnsdomainkey></ddnsdomainkey>
- <ddnsclientupdates></ddnsclientupdates>
- <tftp></tftp>
- <ldap></ldap>
- <bootfile_url></bootfile_url>
- <dhcpv6leaseinlocaltime></dhcpv6leaseinlocaltime>
- <numberoptions></numberoptions>
- </lan>
- <snmpd>
- <syslocation></syslocation>
- <syscontact></syscontact>
- <rocommunity>public</rocommunity>
- </snmpd>
- <diag>
- <ipv6nat></ipv6nat>
- </diag>
- <syslog>
- <filterdescriptions>1</filterdescriptions>
- </syslog>
- <nat>
- <outbound>
- <mode>automatic</mode>
- </outbound>
- </nat>
- <filter>
- <rule>
- <type>pass</type>
- <ipprotocol>inet</ipprotocol>
- <descr><![CDATA[Default allow LAN to any rule]]></descr>
- <interface>lan</interface>
- <tracker>0100000101</tracker>
- <source>
- <network>lan</network>
- </source>
- <destination>
- <any></any>
- </destination>
- </rule>
- <rule>
- <type>pass</type>
- <ipprotocol>inet6</ipprotocol>
- <descr><![CDATA[Default allow LAN IPv6 to any rule]]></descr>
- <interface>lan</interface>
- <tracker>0100000102</tracker>
- <source>
- <network>lan</network>
- </source>
- <destination>
- <any></any>
- </destination>
- </rule>
- <!--- new rules -->
- <rule>
- <type>pass</type>
- <interface>lan</interface>
- <ipprotocol>inet</ipprotocol>
- <source>
- <network>172.16.43.32/29</network>
- </source>
- <gateway>WAN_OptFailover</gateway>
- <descr>WAN_OptFailover for 172.16.43.32/29</descr>
- </rule>
- <rule>
- <type>pass</type>
- <interface>lan</interface>
- <ipprotocol>inet</ipprotocol>
- <source>
- <network>172.16.43.80/28</network>
- </source>
- <gateway>WAN_OptFailover</gateway>
- <descr>WAN_OptFailover for 172.16.43.80/28</descr>
- </rule>
- <rule>
- <type>pass</type>
- <interface>lan</interface>
- <ipprotocol>inet</ipprotocol>
- <source>
- <network>172.16.43.112/28</network>
- </source>
- <gateway>OPT_WanFailover</gateway>
- <descr>OPT_WanFailover for 172.16.43.112/28</descr>
- </rule>
- <!-- Default allow LAN to any (no gateway = system default routing) -->
- <rule>
- <type>pass</type>
- <interface>lan</interface>
- <ipprotocol>inet</ipprotocol>
- <source>
- <network>lan</network>
- </source>
- <descr>Default allow LAN to any rule</descr>
- </rule>
- <!-- end Default allow LAN -->
- <!--- end new rules -->
- </filter>
- <shaper></shaper>
- <ipsec>
- <client></client>
- </ipsec>
- <proxyarp></proxyarp>
- <openvpn></openvpn>
- <dnshaper>
- <queue>
- <name>5</name>
- <number>1</number>
- <qlimit></qlimit>
- <plr></plr>
- <description><![CDATA[5]]></description>
- <enabled>on</enabled>
- <buckets></buckets>
- <mask>srcaddress</mask>
- <maskbits>32</maskbits>
- <maskbitsv6>128</maskbitsv6>
- <delay>0</delay>
- <sched>wf2q+</sched>
- <aqm>droptail</aqm>
- <ecn></ecn>
- </queue>
- </dnshaper>
- <vlans>
- <vlan>
- <if>mvneta0</if>
- <tag>4090</tag>
- <descr><![CDATA[WAN]]></descr>
- <vlanif>mvneta0.4090</vlanif>
- </vlan>
- <vlan>
- <if>mvneta0</if>
- <tag>4091</tag>
- <descr><![CDATA[LAN]]></descr>
- <vlanif>mvneta0.4091</vlanif>
- </vlan>
- <vlan>
- <if>mvneta0</if>
- <tag>4092</tag>
- <descr><![CDATA[OPT]]></descr>
- <vlanif>mvneta0.4092</vlanif>
- </vlan>
- </vlans>
- <qinqs></qinqs>
- <laggs></laggs>
- <sysctl>
- <item>
- <tunable>kern.crypto.iimb.enable_aescbc</tunable>
- <value>0</value>
- </item>
- </sysctl>
- <revision>
- <time>1754513534</time>
- <description><![CDATA[(system): pfBlockerNG: saving DNSBL changes]]></description>
- <username><![CDATA[(system)]]></username>
- </revision>
- <switches>
- <switch>
- <device>/dev/etherswitch0</device>
- <vlanmode>DOT1Q</vlanmode>
- <vlangroups>
- <vlangroup>
- <vgroup>0</vgroup>
- <vlanid>1</vlanid>
- <members>0</members>
- </vlangroup>
- <vlangroup>
- <vgroup>1</vgroup>
- <vlanid>4090</vlanid>
- <descr><![CDATA[WAN]]></descr>
- <members>0t 3</members>
- </vlangroup>
- <vlangroup>
- <vgroup>2</vgroup>
- <vlanid>4091</vlanid>
- <descr><![CDATA[LAN]]></descr>
- <members>0t 2</members>
- </vlangroup>
- <vlangroup>
- <vgroup>3</vgroup>
- <vlanid>4092</vlanid>
- <descr><![CDATA[OPT]]></descr>
- <members>0t 1</members>
- </vlangroup>
- </vlangroups>
- <swports>
- <swport>
- <port>0</port>
- <state><![CDATA[forwarding]]></state>
- </swport>
- <swport>
- <port>1</port>
- <pvid>4092</pvid>
- <state><![CDATA[forwarding]]></state>
- </swport>
- <swport>
- <port>2</port>
- <pvid>4091</pvid>
- <state><![CDATA[forwarding]]></state>
- </swport>
- <swport>
- <port>3</port>
- <pvid>4090</pvid>
- <state><![CDATA[forwarding]]></state>
- </swport>
- </swports>
- </switch>
- </switches>
- <captiveportal></captiveportal>
- <gateways>
- <gateway_item>
- <interface>wan</interface>
- <gateway>dynamic</gateway>
- <name>WAN1DHCP</name>
- <weight>1</weight>
- <ipprotocol>inet</ipprotocol>
- <descr><![CDATA[Interface WAN1DHCP Gateway]]></descr>
- <gw_down_kill_states></gw_down_kill_states>
- <monitorip>64.68.196.10</monitorip>
- <dynamic>true</dynamic>
- </gateway_item>
- <gateway_item>
- <interface>lan</interface>
- <gateway>172.16.43.50</gateway>
- <name>IoT AP</name>
- <weight>21</weight>
- <ipprotocol>inet</ipprotocol>
- <descr><![CDATA[connect_for_virus]]></descr>
- <monitor_disable></monitor_disable>
- <action_disable></action_disable>
- <gw_down_kill_states></gw_down_kill_states>
- </gateway_item>
- <gateway_item>
- <interface>lan</interface>
- <gateway>172.16.43.56</gateway>
- <name>GoogleTV_SuperBox</name>
- <weight>22</weight>
- <ipprotocol>inet</ipprotocol>
- <descr><![CDATA[GoogleTV_SuperBox]]></descr>
- <monitor_disable></monitor_disable>
- <action_disable></action_disable>
- <gw_down_kill_states></gw_down_kill_states>
- </gateway_item>
- <!-- new rules -->
- <gateway_item>
- <interface>wan</interface>
- <gateway>Camera RouterAP</gateway>
- <name>WAN_DHCP</name>
- <weight>1</weight>
- <ipprotocol>inet</ipprotocol>
- <descr><![CDATA[Interface WAN_DHCP Gateway]]></descr>
- <nonlocalgateway></nonlocalgateway>
- <monitorip>64.68.196.10</monitorip>
- <gw_down_kill_states></gw_down_kill_states>
- </gateway_item>
- <gateway_item>
- <interface>opt1</interface>
- <gateway>dynamic</gateway>
- <name>OPT_DHCP</name>
- <weight>1</weight>
- <ipprotocol>inet</ipprotocol>
- <descr>OPT DHCP Gateway</descr>
- <monitorip>208.94.148.2</monitorip>
- <dynamic>true</dynamic>
- </gateway_item>
- <!-- end new rules -->
- <defaultgw4>WAN_DHCP</defaultgw4>
- <defaultgw6>-</defaultgw6>
- <!--new rules -->
- <gateway_groups>
- <gateway_group>
- <name>WAN_OptFailover</name>
- <item>
- <name>WAN_DHCP</name>
- <tier>1</tier>
- </item>
- <item>
- <name>OPT_DHCP</name>
- <tier>2</tier>
- </item>
- <trigger>memberdown</trigger>
- <descr>WAN primary, OPT failover</descr>
- </gateway_group>
- <gateway_group>
- <name>OPT_WanFailover</name>
- <item>
- <name>OPT_DHCP</name>
- <tier>1</tier>
- </item>
- <item>
- <name>WAN_DHCP</name>
- <tier>2</tier>
- </item>
- <trigger>memberdown</trigger>
- <descr>OPT primary, WAN failover</descr>
- </gateway_group>
- <!--end new rules -->
- </gateway_groups>
- </gateways>
- <dnsmasq></dnsmasq>
- <ntpd>
- <gps></gps>
- </ntpd>
- <dhcrelay></dhcrelay>
- <dhcrelay6></dhcrelay6>
- <wizardtemp>
- <system>
- <hostname>pfSense</hostname>
- <domain>home.arpa</domain>
- </system>
- </wizardtemp>
- <ppps></ppps>
- <dhcpbackend>kea</dhcpbackend>
- <virtualip>
- <vip>
- <mode>ipalias</mode>
- <interface>lan</interface>
- <uniqid>6890580f35937</uniqid>
- <descr></descr>
- <type>single</type>
- <subnet_bits>24</subnet_bits>
- <subnet>172.16.43.8</subnet>
- </vip>
- </virtualip>
- <ifgroups>
- <ifgroupentry>
- <ifname>WireGuard</ifname>
- <descr><![CDATA[WireGuard Interface Group (DO NOT EDIT/DELETE!)]]></descr>
- <members></members>
- </ifgroupentry>
- </ifgroups>
- </pfsense>
Advertisement
Add Comment
Please, Sign In to add comment
