opnsense/OPNsense
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: opnsense:13b128f3362982b4da07e1883621f8f50722effe
Branches Tags
opnsense:old opnsense:main
...
compare: opnsense:2acc7bac62d0e104f91b2ba9ca674e9b9a3a7fdd
Branches Tags
opnsense:main opnsense:old

20 Commits
13b128f336 ... 2acc7bac62

Author SHA1 Message Date
System Administrator
2acc7bac62 /firewall_rules.php made changes @ 2025-08-21T01:11:23.310000 (root@10.0.20.24) 2025-08-21 01:11:24 +09:30
System Administrator
859d4d9da5 /firewall_rules.php made changes @ 2025-08-21T01:11:07.250000 (root@10.0.20.24) 2025-08-21 01:11:08 +09:30
System Administrator
93428d8cdf /firewall_rules_edit.php made changes @ 2025-08-21T01:10:50.750000 (root@10.0.20.24) 2025-08-21 01:10:51 +09:30
System Administrator
b7fa5f1b8d /firewall_rules_edit.php made changes @ 2025-08-21T01:10:16.170000 (root@10.0.20.24) 2025-08-21 01:10:17 +09:30
(system)
89c3a22c86 /usr/local/opnsense/mvc/script/run_migrations.php made changes @ 2025-08-20T19:31:01.330000 ((system)) 2025-08-21 01:10:17 +09:30
(system)
3f4e3d3edc /usr/local/opnsense/scripts/firmware/register.php made changes @ 2025-08-20T19:21:58.564500 ((system)) 2025-08-20 19:21:59 +09:30
(system)
637ed543b5 /usr/local/opnsense/mvc/script/run_migrations.php made changes @ 2025-08-20T18:33:56.203900 ((system)) 2025-08-20 18:33:57 +09:30
(system)
651c2caed3 /usr/local/opnsense/mvc/app/library/OPNsense/Zenarmor/CLI.php made changes @ 2025-08-20T18:33:21.110500 ((system)) 2025-08-20 18:33:22 +09:30
(system)
b16a5161be /usr/local/opnsense/mvc/app/library/OPNsense/Zenarmor/CLI.php made changes @ 2025-08-20T18:33:18.624600 ((system)) 2025-08-20 18:33:19 +09:30
(system)
e541eb16ed /usr/local/opnsense/mvc/app/library/OPNsense/Zenarmor/CLI.php made changes @ 2025-08-20T18:33:17.338100 ((system)) 2025-08-20 18:33:18 +09:30
(system)
60bec5f147 /usr/local/opnsense/mvc/app/library/OPNsense/Zenarmor/CLI.php made changes @ 2025-08-20T18:33:16.891800 ((system)) 2025-08-20 18:33:18 +09:30
(system)
4da0ec2455 /usr/local/opnsense/mvc/app/library/OPNsense/Zenarmor/CLI.php made changes @ 2025-08-20T18:33:16.470700 ((system)) 2025-08-20 18:33:18 +09:30
(system)
ffa90759f9 /usr/local/opnsense/mvc/app/library/OPNsense/Zenarmor/CLI.php made changes @ 2025-08-20T18:33:14.654300 ((system)) 2025-08-20 18:33:15 +09:30
(system)
93596391d9 /usr/local/opnsense/mvc/app/library/OPNsense/Zenarmor/CLI.php made changes @ 2025-08-20T18:33:13.887300 ((system)) 2025-08-20 18:33:14 +09:30
(system)
f2067c582f /usr/local/opnsense/mvc/app/library/OPNsense/Zenarmor/CLI.php made changes @ 2025-08-20T18:33:12.667600 ((system)) 2025-08-20 18:33:13 +09:30
(system)
6e6affdaee /usr/local/opnsense/mvc/app/library/OPNsense/Zenarmor/CLI.php made changes @ 2025-08-20T18:33:07.928900 ((system)) 2025-08-20 18:33:08 +09:30
(system)
ccbab42366 /usr/local/opnsense/mvc/app/library/OPNsense/Zenarmor/CLI.php made changes @ 2025-08-20T18:33:07.305300 ((system)) 2025-08-20 18:33:08 +09:30
(system)
b711cf2315 /usr/local/opnsense/mvc/app/library/OPNsense/Zenarmor/CLI.php made changes @ 2025-08-20T18:33:06.390700 ((system)) 2025-08-20 18:33:07 +09:30
(system)
d63c7795f3 /usr/local/opnsense/mvc/app/library/OPNsense/Zenarmor/CLI.php made changes @ 2025-08-20T18:32:55.664700 ((system)) 2025-08-20 18:32:56 +09:30
(system)
a78c4eb1d2 /usr/local/opnsense/mvc/app/library/OPNsense/Zenarmor/CLI.php made changes @ 2025-08-20T18:32:48.659600 ((system)) 2025-08-20 18:32:49 +09:30
1 changed files with 154 additions and 22 deletions
Expand all files Collapse all files

176
config.xml
View File

@@ -214,6 +214,11 @@
<value>1000000</value>
<descr>Automatically added by Zenarmor: Netmap Generic/Native Driver</descr>
</item>
<item>
<tunable>dev.netmap.ring_num</tunable>
<value>1024</value>
<descr>Automatically added by Zenarmor</descr>
</item>
</sysctl>
<system>
<optimization>normal</optimization>
@@ -321,13 +326,13 @@
<enabled>1</enabled>
<url>ssh://docker.dss.mywire.org:222/opnsense/OPNsense.git</url>
<branch>main</branch>
<privkey>-----BEGIN OPENSSH PRIVATE KEY-----&#xD;
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW&#xD;
QyNTUxOQAAACDP5vkf5UfCrx0gxRfPWKyplHvuwDz5hOPh3X8oXMLNTAAAAKAgiKUyIIil&#xD;
MgAAAAtzc2gtZWQyNTUxOQAAACDP5vkf5UfCrx0gxRfPWKyplHvuwDz5hOPh3X8oXMLNTA&#xD;
AAAEDJKcyJaUCgNMTKViAR3qCMCgL5oRU0AbdG0q29IDGpQ8/m+R/lR8KvHSDFF89YrKmU&#xD;
e+7APPmE4+Hdfyhcws1MAAAAG3Jvb3RAZ29uZG9yMi5kc3MubXl3aXJlLm9yZwEC&#xD;
-----END OPENSSH PRIVATE KEY-----&#xD;
<privkey>-----BEGIN OPENSSH PRIVATE KEY-----&#13;
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW&#13;
QyNTUxOQAAACDP5vkf5UfCrx0gxRfPWKyplHvuwDz5hOPh3X8oXMLNTAAAAKAgiKUyIIil&#13;
MgAAAAtzc2gtZWQyNTUxOQAAACDP5vkf5UfCrx0gxRfPWKyplHvuwDz5hOPh3X8oXMLNTA&#13;
AAAEDJKcyJaUCgNMTKViAR3qCMCgL5oRU0AbdG0q29IDGpQ8/m+R/lR8KvHSDFF89YrKmU&#13;
e+7APPmE4+Hdfyhcws1MAAAAG3Jvb3RAZ29uZG9yMi5kc3MubXl3aXJlLm9yZwEC&#13;
-----END OPENSSH PRIVATE KEY-----&#13;
</privkey>
<user>git</user>
<password/>
@@ -352,7 +357,7 @@ e+7APPmE4+Hdfyhcws1MAAAAG3Jvb3RAZ29uZG9yMi5kc3MubXl3aXJlLm9yZwEC&#xD;
<firmware version="1.0.1">
<mirror/>
<flavour/>
<plugins>os-acme-client,os-ddclient,os-git-backup,os-nginx,os-sensei,os-sunnyvalley,os-wol</plugins>
<plugins>os-acme-client,os-ddclient,os-gdrive-backup,os-git-backup,os-nginx,os-sensei,os-sunnyvalley,os-wol</plugins>
<type/>
<subscription/>
</firmware>
@@ -3530,6 +3535,60 @@ e+7APPmE4+Hdfyhcws1MAAAAG3Jvb3RAZ29uZG9yMi5kc3MubXl3aXJlLm9yZwEC&#xD;
<description>/firewall_rules_edit.php made changes</description>
</created>
</rule>
<rule uuid="6bf775da-c6c0-4e7c-aae9-3d7ab7224ac3">
<type>pass</type>
<interface>opt2</interface>
<ipprotocol>inet</ipprotocol>
<statetype>keep state</statetype>
<descr>allow NFS to debian</descr>
<direction>in</direction>
<quick>1</quick>
<protocol>tcp/udp</protocol>
<source>
<address>10.0.20.101/32</address>
</source>
<destination>
<address>TrueNAS</address>
<port>2049</port>
</destination>
<updated>
<username>root@10.0.20.24</username>
<time>1755704450.50</time>
<description>/firewall_rules_edit.php made changes</description>
</updated>
<created>
<username>root@10.0.20.24</username>
<time>1755704450.50</time>
<description>/firewall_rules_edit.php made changes</description>
</created>
</rule>
<rule uuid="f252e56d-17a1-4fe3-809a-50bee17074c7">
<type>pass</type>
<interface>opt2</interface>
<ipprotocol>inet</ipprotocol>
<statetype>keep state</statetype>
<descr>allow NFS to debian</descr>
<direction>in</direction>
<quick>1</quick>
<protocol>tcp/udp</protocol>
<source>
<address>10.0.20.101</address>
</source>
<destination>
<address>TrueNAS</address>
<port>111</port>
</destination>
<updated>
<username>root@10.0.20.24</username>
<time>1755704415.90</time>
<description>/firewall_rules_edit.php made changes</description>
</updated>
<created>
<username>root@10.0.20.24</username>
<time>1755704415.90</time>
<description>/firewall_rules_edit.php made changes</description>
</created>
</rule>
<rule uuid="45556904-9b06-478a-bf1f-606055aead04">
<type>pass</type>
<interface>opt2</interface>
@@ -4857,8 +4916,8 @@ e+7APPmE4+Hdfyhcws1MAAAAG3Jvb3RAZ29uZG9yMi5kc3MubXl3aXJlLm9yZwEC&#xD;
</widgets>
<revision>
<username>root@10.0.20.24</username>
<description>/services_dhcp_edit.php made changes</description>
<time>1754137184.1474</time>
<description>/firewall_rules.php made changes</description>
<time>1755704483.31</time>
</revision>
<OPNsense>
<Firewall>
@@ -5224,7 +5283,7 @@ e+7APPmE4+Hdfyhcws1MAAAAG3Jvb3RAZ29uZG9yMi5kc3MubXl3aXJlLm9yZwEC&#xD;
<onetoone/>
</Filter>
</Firewall>
<captiveportal version="1.0.2">
<captiveportal version="1.0.4">
<zones/>
<templates/>
</captiveportal>
@@ -5269,12 +5328,14 @@ e+7APPmE4+Hdfyhcws1MAAAAG3Jvb3RAZ29uZG9yMi5kc3MubXl3aXJlLm9yZwEC&#xD;
</eveLog>
</general>
</IDS>
<IPsec version="1.0.3">
<IPsec version="1.0.4">
<general>
<enabled/>
<preferred_oldsa>0</preferred_oldsa>
<disablevpnrules>0</disablevpnrules>
<passthrough_networks/>
<user_source/>
<local_group/>
</general>
<charon>
<max_ikev1_exchanges/>
@@ -5283,6 +5344,8 @@ e+7APPmE4+Hdfyhcws1MAAAAG3Jvb3RAZ29uZG9yMi5kc3MubXl3aXJlLm9yZwEC&#xD;
<ikesa_table_segments>4</ikesa_table_segments>
<init_limit_half_open>1000</init_limit_half_open>
<ignore_acquire_ts>1</ignore_acquire_ts>
<install_routes>0</install_routes>
<cisco_unity>0</cisco_unity>
<make_before_break/>
<retransmit_tries/>
<retransmit_timeout/>
@@ -5313,6 +5376,29 @@ e+7APPmE4+Hdfyhcws1MAAAAG3Jvb3RAZ29uZG9yMi5kc3MubXl3aXJlLm9yZwEC&#xD;
<tnc>1</tnc>
</daemon>
</syslog>
<plugins>
<attr>
<subnet/>
<split-include/>
<x_28674/>
<x_28675/>
<x_28672/>
<x_28673>0</x_28673>
<x_28679/>
<dns/>
<nbns/>
</attr>
<eap-radius>
<servers/>
<accounting>0</accounting>
<class_group>0</class_group>
</eap-radius>
<xauth-pam>
<pam_service>ipsec</pam_service>
<session>0</session>
<trim_email>1</trim_email>
</xauth-pam>
</plugins>
</charon>
<keyPairs/>
<preSharedKeys/>
@@ -5854,7 +5940,7 @@ e+7APPmE4+Hdfyhcws1MAAAAG3Jvb3RAZ29uZG9yMi5kc3MubXl3aXJlLm9yZwEC&#xD;
</HAProxy>
<cron version="1.0.4">
<jobs>
<job uuid="276ce20c-5193-4f69-b975-b82e23405c20">
<job uuid="36d736a5-dce6-4e96-a506-52e7ef6ca617">
<origin>Zenarmor</origin>
<enabled>1</enabled>
<minutes>*</minutes>
@@ -5869,7 +5955,7 @@ e+7APPmE4+Hdfyhcws1MAAAAG3Jvb3RAZ29uZG9yMi5kc3MubXl3aXJlLm9yZwEC&#xD;
</job>
</jobs>
</cron>
<AcmeClient version="4.2.0">
<AcmeClient version="4.3.0" persisted_at="1755684060.74">
<settings>
<enabled>0</enabled>
<autoRenewal>0</autoRenewal>
@@ -6154,6 +6240,8 @@ e+7APPmE4+Hdfyhcws1MAAAAG3Jvb3RAZ29uZG9yMi5kc3MubXl3aXJlLm9yZwEC&#xD;
<dns_nic_password/>
<dns_nic_client/>
<dns_nic_secret/>
<dns_websupport_api_key/>
<dns_websupport_api_secret/>
<dns_world4you_username/>
<dns_world4you_password/>
<dns_aurora_key/>
@@ -6174,6 +6262,7 @@ e+7APPmE4+Hdfyhcws1MAAAAG3Jvb3RAZ29uZG9yMi5kc3MubXl3aXJlLm9yZwEC&#xD;
<dns_rackspace_key/>
<dns_rage4_token/>
<dns_rage4_user/>
<dns_scaleway_token/>
</validation>
<validation uuid="f3b8ea57-92f8-4f3a-b83d-60821988f6ef">
<id>60749378bb3d08.12067917</id>
@@ -6406,6 +6495,8 @@ e+7APPmE4+Hdfyhcws1MAAAAG3Jvb3RAZ29uZG9yMi5kc3MubXl3aXJlLm9yZwEC&#xD;
<dns_nic_password/>
<dns_nic_client/>
<dns_nic_secret/>
<dns_websupport_api_key/>
<dns_websupport_api_secret/>
<dns_world4you_username/>
<dns_world4you_password/>
<dns_aurora_key/>
@@ -6426,6 +6517,7 @@ e+7APPmE4+Hdfyhcws1MAAAAG3Jvb3RAZ29uZG9yMi5kc3MubXl3aXJlLm9yZwEC&#xD;
<dns_rackspace_key/>
<dns_rage4_token/>
<dns_rage4_user/>
<dns_scaleway_token/>
</validation>
</validations>
<actions/>
@@ -6583,9 +6675,10 @@ e+7APPmE4+Hdfyhcws1MAAAAG3Jvb3RAZ29uZG9yMi5kc3MubXl3aXJlLm9yZwEC&#xD;
</client>
</wireguard>
<Kea>
<dhcp4 version="1.0.3">
<dhcp4 version="1.0.4" persisted_at="1755684059.72">
<general>
<enabled>0</enabled>
<manual_config>0</manual_config>
<interfaces/>
<valid_lifetime>4000</valid_lifetime>
<fwrules>1</fwrules>
@@ -6607,6 +6700,24 @@ e+7APPmE4+Hdfyhcws1MAAAAG3Jvb3RAZ29uZG9yMi5kc3MubXl3aXJlLm9yZwEC&#xD;
<http_port>8000</http_port>
</general>
</ctrl_agent>
<dhcp6 version="1.0.0">
<general>
<enabled>0</enabled>
<manual_config>0</manual_config>
<interfaces/>
<valid_lifetime>4000</valid_lifetime>
<fwrules>1</fwrules>
</general>
<ha>
<enabled>0</enabled>
<this_server_name/>
<max_unacked_clients>2</max_unacked_clients>
</ha>
<subnets/>
<reservations/>
<pd_pools/>
<ha_peers/>
</dhcp6>
</Kea>
<Zenarmor version="0.0.0">
<zenvpn>
@@ -6621,16 +6732,23 @@ e+7APPmE4+Hdfyhcws1MAAAAG3Jvb3RAZ29uZG9yMi5kc3MubXl3aXJlLm9yZwEC&#xD;
<enabled>false</enabled>
<exemptDeviceCategories/>
<redirectBaseUrl/>
<sessionExpireTimeout>86400</sessionExpireTimeout>
<sessionInactivityTimeout>28800</sessionInactivityTimeout>
</sso>
<cti>
<enabled>false</enabled>
<globalCtiHost>cti.zenarmor.net</globalCtiHost>
<globalCtiPort>2096</globalCtiPort>
</cti>
<general>
<installTimestamp>1741869403</installTimestamp>
<heartbeatTimer>40 1,9,18 * * *</heartbeatTimer>
<installTimestamp>1755680587</installTimestamp>
<heartbeatTimer>45 1,9,18 * * *</heartbeatTimer>
<coreFileEnable>false</coreFileEnable>
<showWanIface>false</showWanIface>
<flavor>100</flavor>
<healthCheck>true</healthCheck>
<healthShare>true</healthShare>
<healthTimer>1,11,21,31,41,51 * * * *</healthTimer>
<healthTimer>6,16,26,36,46,56 * * * *</healthTimer>
<heartbeatMonit>true</heartbeatMonit>
<heartbeatData>true</heartbeatData>
<hwbypass>false</hwbypass>
@@ -6967,9 +7085,7 @@ e+7APPmE4+Hdfyhcws1MAAAAG3Jvb3RAZ29uZG9yMi5kc3MubXl3aXJlLm9yZwEC&#xD;
<virtualip version="1.0.1">
<vip/>
</virtualip>
<bridges>
<bridged/>
</bridges>
<bridges version="1.0.0"/>
<gifs version="1.0.0"/>
<gres version="1.0.0"/>
<dhcpdv6/>
@@ -6992,7 +7108,7 @@ e+7APPmE4+Hdfyhcws1MAAAAG3Jvb3RAZ29uZG9yMi5kc3MubXl3aXJlLm9yZwEC&#xD;
<password/>
<syncitems/>
</hasync>
<dnsmasq version="1.0.0">
<dnsmasq version="1.0.7">
<enable/>
<regdhcp/>
<regdhcpstatic/>
@@ -7000,6 +7116,7 @@ e+7APPmE4+Hdfyhcws1MAAAAG3Jvb3RAZ29uZG9yMi5kc3MubXl3aXJlLm9yZwEC&#xD;
<strict_order/>
<domain_needed/>
<no_private_reverse/>
<no_resolv>0</no_resolv>
<log_queries/>
<no_hosts/>
<strictbind/>
@@ -7010,5 +7127,20 @@ e+7APPmE4+Hdfyhcws1MAAAAG3Jvb3RAZ29uZG9yMi5kc3MubXl3aXJlLm9yZwEC&#xD;
<dns_forward_max/>
<cache_size/>
<local_ttl/>
<add_mac/>
<add_subnet>0</add_subnet>
<strip_subnet>0</strip_subnet>
<dhcp>
<no_interface/>
<fqdn>1</fqdn>
<domain/>
<lease_max/>
<authoritative>0</authoritative>
<default_fw_rules>1</default_fw_rules>
<reply_delay/>
<enable_ra>0</enable_ra>
<nosync>0</nosync>
</dhcp>
<no_ident>1</no_ident>
</dnsmasq>
</opnsense>