opnsense Increase UFS read-ahead speeds to match the state of hard drives and NCQ. vfs.read_max default Set the ephemeral port range to be lower. net.inet.ip.portrange.first default Drop packets to closed TCP ports without returning a RST net.inet.tcp.blackhole default Do not send ICMP port unreachable messages for closed UDP ports net.inet.udp.blackhole default Randomize the ID field in IP packets net.inet.ip.random_id default Source routing is another way for an attacker to try to reach non-routable addresses behind your box. It can also be used to probe for information about your internal networks. These functions come enabled as part of the standard FreeBSD core system. net.inet.ip.sourceroute default Source routing is another way for an attacker to try to reach non-routable addresses behind your box. It can also be used to probe for information about your internal networks. These functions come enabled as part of the standard FreeBSD core system. net.inet.ip.accept_sourceroute default This option turns off the logging of redirect packets because there is no limit and this could fill up your logs consuming your whole hard drive. net.inet.icmp.log_redirect default Drop SYN-FIN packets (breaks RFC1379, but nobody uses it anyway) net.inet.tcp.drop_synfin default Enable sending IPv6 redirects net.inet6.ip6.redirect default Enable privacy settings for IPv6 (RFC 4941) net.inet6.ip6.use_tempaddr default Prefer privacy addresses and use them over the normal addresses net.inet6.ip6.prefer_tempaddr default Generate SYN cookies for outbound SYN-ACK packets net.inet.tcp.syncookies default Maximum incoming/outgoing TCP datagram size (receive) net.inet.tcp.recvspace default Maximum incoming/outgoing TCP datagram size (send) net.inet.tcp.sendspace default Do not delay ACK to try and piggyback it onto a data packet net.inet.tcp.delayed_ack default Maximum outgoing UDP datagram size net.inet.udp.maxdgram default Handling of non-IP packets which are not passed to pfil (see if_bridge(4)) net.link.bridge.pfil_onlyip default Set to 1 to additionally filter on the physical interface for locally destined packets net.link.bridge.pfil_local_phys default Set to 0 to disable filtering on the incoming and outgoing member interfaces. net.link.bridge.pfil_member default Set to 1 to enable filtering on the bridge interface net.link.bridge.pfil_bridge default Allow unprivileged access to tap(4) device nodes net.link.tap.user_open default Randomize PID's (see src/sys/kern/kern_fork.c: sysctl_kern_randompid()) kern.randompid default Maximum size of the IP input queue net.inet.ip.intr_queue_maxlen default Disable CTRL+ALT+Delete reboot from keyboard. hw.syscons.kbd_reboot default Hint at default settings for serial console in case the autodetect is not working hw.uart.console default Enable TCP extended debugging net.inet.tcp.log_debug default Set ICMP Limits net.inet.icmp.icmplim default TCP Offload Engine net.inet.tcp.tso default UDP Checksums net.inet.udp.checksum default Maximum socket buffer size kern.ipc.maxsockbuf default Page Table Isolation (Meltdown mitigation, requires reboot.) vm.pmap.pti default Disable Indirect Branch Restricted Speculation (Spectre V2 mitigation) hw.ibrs_disable default Hide processes running as other groups security.bsd.see_other_gids default Hide processes running as other users security.bsd.see_other_uids default Enable/disable sending of ICMP redirects in response to IP packets for which a better, and for the sender directly reachable, route and next hop is known. net.inet.ip.redirect 0 Redirect attacks are the purposeful mass-issuing of ICMP type 5 packets. In a normal network, redirects to the end stations should not be required. This option enables the NIC to drop all inbound ICMP redirect packets without returning a response. net.inet.icmp.drop_redirect 1 Maximum outgoing UDP datagram size net.local.dgram.maxdgram default normal gondor2 dss.mywire.org 1 admins System Administrators system 1999 0 2000 page-all root System Administrator system admins $2y$10$V5R3OFK0X8dz/shqsIj3AuuhVvT/TR8gA6u9s.j0gknxplOMg4tyC 0 $2y$11$77rIEmn8xjecWoKfve.cZ.Fb5PIDN6PR8mM4MdlHubJiuBMiWacqW user dion Dion LYA2AG53OBHL35L6NMGE4KEM4ZPHYAWI dionscarman@gmail.com 2000 65b4a1c0bffcf 2001 2000 Australia/Adelaide 0.opnsense.pool.ntp.org 1.opnsense.pool.ntp.org 2.opnsense.pool.ntp.org 3.opnsense.pool.ntp.org http 60132b5e4fc3d 8004 1 yes 1 1 1 1 1 hadp hadp hadp monthly aesni 1 1 admins 1 enabled 1 1 0 OPNsense-Backup 1 ssh://omv.dss.mywire.org:222/opnsense/OPNsense.git main -----BEGIN OPENSSH PRIVATE KEY----- b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW QyNTUxOQAAACDP5vkf5UfCrx0gxRfPWKyplHvuwDz5hOPh3X8oXMLNTAAAAKAgiKUyIIil MgAAAAtzc2gtZWQyNTUxOQAAACDP5vkf5UfCrx0gxRfPWKyplHvuwDz5hOPh3X8oXMLNTA AAAEDJKcyJaUCgNMTKViAR3qCMCgL5oRU0AbdG0q29IDGpQ8/m+R/lR8KvHSDFF89YrKmU e+7APPmE4+Hdfyhcws1MAAAAG3Jvb3RAZ29uZG9yMi5kc3MubXl3aXJlLm9yZwEC -----END OPENSSH PRIVATE KEY----- git en_US none none none none none none none none 1 os-acme-client,os-ddclient,os-git-backup,os-nginx,os-wol 5 on 111886561813089399264 MIIJqwIBAzCCCWQGCSqGSIb3DQEHAaCCCVUEgglRMIIJTTCCBXEGCSqGSIb3DQEHAaCCBWIEggVeMIIFWjCCBVYGCyqGSIb3DQEMCgECoIIE+zCCBPcwKQYKKoZIhvcNAQwBAzAbBBRiGwbZITGFKChy8NvSZlOi7IrsNgIDAMNQBIIEyPsBv2zebWc1uCSr8XP+yEa6QHnFez9TU13S2x61/NN2bVWqyRrLdbNjykZU4xYpVe94cMSxOYD7nUJMdJ8HmSXaVji555vrMB+5ZtiM2Lk6Hj72vVnShZUO+vYTp0+pCO+vYLdJMDoeAIFpFMClpIAEqBfgSY0tHBRiX3QJ4nFL0T82fMgaLef1hTl5tuyhGUcLA37Eoo3kgXHESyvrsbw6ZU5ud0VXpxey7pFKKHl7CFeXNWBSiNbBFp/qpT0sHrDyeXllLiSg/cC9iofyqdo9L90tYKdCtdRg5NHWuxXbjDoztSvBndDE9VwtQ7YkPytk/sL/v7nrUzHImxJ3I0W49N6yto0FGrM0oLWq0VnfeN42n3eqqzhfqcki65q7uwOQa+B/oV3eihOsROJbYXSO5UFwEsxLxZLB3EDPkVpblcG5/1tsEz5JZcTz/3ivtUHajRC/XsXLCyuNFl9ypN0xVyVt9KpmJaabZAtaH/6YOp3OzCMGwbABHAKiuSuZ5UJaB7wUQgzB8bwMCmGkKQz+Z1rADiciTNkpPqHE5sdpgpox7c55T6KWMPXXCjqkHbhpGZFTN03BVekTlpH+cEq4MxUbliDHW1jT2a1XXkfoHO8fUXOoHw7snUV2Wuw96H9Xtpr8fuftfV/qvZcWNla/Uq9aOL85MaFWEJ8HEAt8uoiT0yJkMuyIVPS5ZOWKbYV2zYx39YueRgzzxX4hZ6OY+L3Pb9G2uqfUJG1R8gL6/yvZqPp8XhAr7Cmua0MuO48b65DN6q+42TupOQZlYI0nhIRhlHae0qI/sdVaifOI7Qv2R8Adi+0CRjOYVDiDDE3b8o8goa8QMS3eJB1tuYd9IO/3hPfmvZutrAJkkj8U7+EapHflUZDw1sRIYa7xnSGbhAQSZHOPqEJkBL2S54lzCAhEczKG+NZx/Lmc+1/5D9BF6zEhXFn3miIl41YXu4ylqMekZv5iAVYYZStJ4IABzS6dwETGz4o7f0RrJmTx/mTbWSK3BpUg+h1gBepKXDymwZ+BjjRPkmWnKelq/XQwMu9s8n2fFRgPOQJRUwNjW1pyTokBcikZV9pCcaeC0I0G6f0c623V1ZyPSQfw+liEi4xX4ksAlwoW6s2aUGaVcBh8c7f6hsuMZYZNBsduLAbALyMMO5cQpYV2KZB0lbDcbZSWYdekoXqmmOJmOTu3Jxsr7/BEeimOy3ni4y8UAmWY40G8y4G7ECEwEnhqq6lwumbi4Iic1krRppKjmK3CktoXWMwqvUEvtTr729AIV5enKJVnLmOfoeIFdW2MPy7IOSIcJJYMJPWChmyx6ucbKpq/LheG7EI5X5lYIn13pqnC3B5IW5Lw65thcBpHgOZyZ3IX8Y9DJ8AkeDGQeSChv+N4rjAGG4LEeQSKTSZfy6jVGdhqgxIfZGVvC96ZSVaRCDa0pkHjWNm64rulb5ptQVlc+yi+UDOzCzZdulRMEVDh6fIA+F9iDoK7imLsRwo4Fiz/s7SqoHsaD+1yu6KD9gwkCOMl01/o6hlt6GQE/UXRQFl/QGGbV6l/FF6yuqgJpR2VzH+VHnKtscESvR40bVf9OyRVMCaitgMuI5tx5yNwolSI3OShrQRQfU6FTF8gZwEFfyp1lDFIMCMGCSqGSIb3DQEJFDEWHhQAcAByAGkAdgBhAHQAZQBrAGUAeTAhBgkqhkiG9w0BCRUxFAQSVGltZSAxNzA2NTEwMTcxMjE0MIID1AYJKoZIhvcNAQcGoIIDxTCCA8ECAQAwggO6BgkqhkiG9w0BBwEwKQYKKoZIhvcNAQwBBjAbBBSbVNl6gddLNCPG4nPmr7z60ft8bAIDAMNQgIIDgKqgPYiykK+RjbqxXAgctRl5byM+gRlsZHxrnB5Zoap4cprSm28RZ5lIuoS4N4kjbs2MjbnCaXC3LjFnSLpiqWuzU8XVAE3Us9owKsnOJzoAyJ2c+/7NXHqaxAXnFuCEuhSpgca9Rnjoz2FP3Wlgr44jFs4tiroWwOLHnnPRUj/WX5OoDIw6Rmn3bFF+Zy63ymauF9W2pW1e32PMUzV18FgcZsr+Su3lsKz0EVi1HTs6qid0bXhF7Tk8FThCtJlB/Q3SzwsJ3rh2A7JimlWrHqocK366WyHD+h0Kcj6UBTzxzgwFoZe3f2EBnoxh/uI6CNG9cIwWbemGrMctf85jPpUq3/C1z/DP3o1KzUydXuFekCH3j/wRniDc9B4/hZq2wPbR4sCFFb0T7wwIXrMkoFXdLnyg0Em4AS6zbzugiOunOlpBLKvFZSayw+1JR52vBwCYsmtwCRwkftXkCJzgX+wORjj/8SHZrUis3EBsgld6Ziuf+o8tdVKrXCIpkRehsvHcKPWRGK3RrPwabYrmXkFGrP+sZsDjkCBGD9kULSlY3DZ1yJrM84ENUMQdxV8t5UMMeCpzKaKJD7uEA2G+LcGSIuRDP+FNfrMVlm5/fQQ2O6YD8pqH6qOWsmLLmesn8+F69vluXB28MddcC2Lxz7aH+1v3QQqju2C2E9L8Zncl5mcTru+AlNTn8gA3IB9Z5OnK41IXCr4VzkAG1WyQ5lSzWZZ8G0cgc8+kUq3j8DYfy76RqC6xVlSrLkypL8gVzmEDIXplvO1fJAn7X+liyaIlthzy/znGWcGcMMkzpA7/DubvmwOKibqx6DAob6390GK6Ala17w+/Qt5ZYHkCClqDcC3FJhFBX7TzoleJZ7l3cITt2vvuPQM7xMk8Gwvb8Pu9hJqqj3gvgCM3Nv/4FRIZxcl5xHMx1AfKgmorx/ZeQ1wMGAk2GDLiOlV6n4BEHr3zrFr7MYR0YjchIxTPsYA/DKylXy6Jy4bJJoGwzo7fK9SmatEFWYJAR/F0R9doBJCUtaPnZKwe+VoQ1QnHThd6LF14SIdeVi+XpIYYjHSCCX8bB18wQOJbd9Eadc441xmTJ64KqPZHDP89AE0ZijZlhPbCUIokJQCt8eTjh+mQAtjb6kDLcve7vqWpRrK9UJ2dNPqr/qvlpQi1UNiDIdsJXtigUs8JAA73BpoW3Kv5MD4wITAJBgUrDgMCGgUABBQE5BctNk/Q49nQSwbxKl2rv9XjOQQU0QcfBgrYmUNhr/047aDhddePCtMCAwGGoA== 1rq_I9W6E96oWuB5tfzLYR2M6Zc_2bgpc on 10 tQ;ELd8"%YW=@VB pppoe0 InternodeNBN 1 1 1 1 pppoe vtnet1 1 10.0.1.1 24 1 Loopback 1 lo0 127.0.0.1 ::1 8 128 none 1 1 1 openvpn OpenVPN group 1 vlan01 Servers 1 10.0.10.1 24 vlan02 General 1 10.0.20.1 24 vlan03 IOTnetwork 1 10.0.30.1 24 vlan04 Guest 1 10.0.40.1 24 1 WireGuard (Group) wireguard 1 1 group wg0 WireGuardVPN 1 1 1 hmac-md5 10.0.1.200 10.0.1.245 10.0.1.4 bc:24:11:a7:1a:ea 10.0.1.4 shelob Pi-Hole server 10.0.1.1 e0:3f:49:b2:12:35 10.0.1.11 omv OpenMediaVault 86400 00:26:6c:28:0a:a1 10.0.1.12 proxmox bc:24:11:cb:c8:85 10.0.1.13 docker debian ct for docker ba:f3:5a:9e:b7:33 10.0.1.15 nginx nginx reverse proxy server 3a:2f:5c:14:f2:0b 10.0.1.21 nextcloud Nextcloud turnkey VM 3a:eb:61:8d:27:08 10.0.1.22 seafile 86:fa:fd:13:d4:25 10.0.1.23 heimdall heimdall application dashboard de:f9:0c:c1:d5:5c 10.0.1.24 jellyfin 52:81:b4:45:f0:0a 10.0.1.25 elrond 4a:91:89:08:73:d8 10.0.1.26 boromir e2:8b:aa:80:6b:a6 10.0.1.27 ansible debian ct on rohan d2:40:37:56:ef:6b 10.0.1.31 mc1 minecraft on debian d2:17:2f:bc:1b:16 10.0.1.32 mc2 06:98:19:95:51:21 10.0.1.33 minecraft3 minecraft server harry potter c2:ec:33:bb:bb:f8 10.0.1.34 minecraft4 minecraft server for HTTYD 8e:61:fc:24:89:85 10.0.1.41 certbot-vm certbot vm for testing de:24:76:34:28:8f 10.0.1.43 tvheadend tvheadend server on (rohan) ea:e6:3f:bc:dd:36 10.0.1.51 mc1-test minecraft server 1 dc:a6:32:e0:85:2a 10.0.1.61 kodi 7a:72:1a:bd:a1:98 10.0.1.81 web1 test web server #1 ca:c0:3e:24:99:03 10.0.1.82 web2 test web server #2 4a:02:45:30:ea:02 10.0.1.100 debian 18:c0:4d:db:2a:7c 10.0.1.101 SimRig Sim Racing PC f4:8c:50:1a:36:9b 10.0.1.102 dion-latitude 66:a3:f0:c7:5e:89 10.0.1.103 debian2 debian2 vm 7a:3b:72:16:fd:b3 10.0.1.104 vm-desktop alpine linux with wm 8c:88:2b:00:10:8d 10.0.1.105 games2 Gaming PC for the boys. GTX 570Ti 08:d4:0c:64:98:ad 10.0.1.106 Logan-Archie-Harry Laptop for the boys 26:50:b1:d7:14:7b 10.0.1.111 pocof3 poco F3 android 52:fe:2b:0e:1c:89 10.0.1.112 pocof1 Poco F1 android ec:71:db:49:8e:24 10.0.1.121 Camera1 ec:71:db:8c:07:4e 10.0.1.122 Camera2 16:e9:1e:ab:33:e2 10.0.1.131 Trading1 Win10 Virtual PC for trading 66:1f:7a:58:86:ba 10.0.1.132 trading2 Win11 PC for trading bc:24:11:df:76:99 10.0.1.135 macos Mac OS virtual machine c6:19:1e:a6:d6:fc 10.0.1.151 hass 08:d4:2b:13:8d:d8 10.0.1.152 nexus10 Nexus 10 Android Tablet dc:a6:32:e0:85:29 10.0.1.161 Legolas Legolas ethernet fc:aa:14:c1:5a:9b 10.0.1.165 games2-lan Boys Gaming PC ethernet connection 40:55:39:cc:77:00 10.0.1.250 anduin Cisco router 1 hmac-md5 10.0.20.100 10.0.20.199 10.0.1.4 16:e9:1e:ab:33:e2 10.0.20.31 trading1 66:1f:7a:58:86:ba 10.0.20.32 trading2 1 hmac-md5 10.0.10.100 10.0.10.199 10.0.1.4 bc:24:11:2c:3e:09 10.0.10.31 minecraft1 bc:24:11:7e:10:ae 10.0.10.32 minecraft2 minecraft 'scarman' server 1 hmac-md5 10.0.40.100 10.0.40.199 10.0.1.4 1 hmac-md5 10.0.30.100 10.0.30.199 10.0.1.4 public automatic tcp wan inet HASS.io nat_603a219d254010.34486638 hass 8123 1 wanip 8123 root@10.0.1.131 /firewall_nat_edit.php made changes root@10.0.1.201 /firewall_nat_edit.php made changes tcp wan inet debian vm nat_603a31025c4875.51279624 10.0.1.100 22 1 wanip 22 root@10.0.1.100 /firewall_nat_edit.php made changes root@10.0.1.201 /firewall_nat_edit.php made changes tcp wan inet debian2 vm nat_61fe6823a62ff9.38653503 10.0.1.103 22 1 wanip 22 root@10.0.1.102 /firewall_nat_edit.php made changes root@10.0.1.100 /firewall_nat_edit.php made changes 1 tcp wan inet nginx reverse proxy ssl nat_609ab30d1bcb08.88985266 nginx 443 1 wanip 443 root@10.0.1.131 /firewall_nat_edit.php made changes root@10.0.8.6 /firewall_nat_edit.php made changes tcp wan inet nginx reverse proxy server nat_61d69bc2d88db3.30171087 nginx 80 1 wanip 80 root@10.0.1.131 /firewall_nat_edit.php made changes root@10.0.1.100 /firewall_nat_edit.php made changes tcp wan inet minecraft1 java nat_6189c4e0d85e51.54054052 minecraft1 25565 1 wanip 25565 root@10.0.1.131 /firewall_nat_edit.php made changes root@10.0.1.201 /firewall_nat_edit.php made changes udp wan inet minecraft1 bedrock pass minecraft1 19132 1 wanip 19132 root@10.0.1.131 /firewall_nat_edit.php made changes root@10.0.1.201 /firewall_nat_edit.php made changes tcp wan inet minecraft2 javA nat_61eca513f3ab54.12999814 minecraft2 25566 1 wanip 25566 root@10.0.1.131 /firewall_nat_edit.php made changes root@10.0.1.201 /firewall_nat_edit.php made changes udp wan inet minecraft2 bedrock nat_61eca544a8b730.21185118 minecraft2 19133 1 wanip 19133 root@10.0.1.131 /firewall_nat_edit.php made changes root@10.0.1.201 /firewall_nat_edit.php made changes tcp wan inet minecraft3 java nat_61f372df8b6171.53361896 1 minecraft3 25567 1 wanip 25567 root@10.0.1.131 /firewall_nat_edit.php made changes root@10.0.1.201 /firewall_nat_edit.php made changes udp wan inet minecraft3 bedrock nat_61f3734f494c02.95558635 1 minecraft3 19134 1 wanip 19134 root@10.0.1.131 /firewall_nat_edit.php made changes root@10.0.1.201 /firewall_nat_edit.php made changes tcp wan inet minecraft4 java nat_61f373074cc973.44719320 1 minecraft4 25568 1 wanip 25568 root@10.0.1.131 /firewall_nat_edit.php made changes root@10.0.1.201 /firewall_nat_edit.php made changes udp wan inet minecraft4 bedrock nat_61f3736fb310c2.90636878 1 minecraft4 19135 1 wanip 19135 root@10.0.1.131 /firewall_nat_edit.php made changes root@10.0.1.201 /firewall_nat_edit.php made changes tcp wan inet Jellyfin services nat_61f140996d6708.06843852 jellyfin 8096 1 wanip 8096 root@10.0.1.131 /firewall_nat_edit.php made changes root@10.0.1.100 /firewall_nat_edit.php made changes tcp wan inet bitwarden nat_62261aed26de09.52732628 10.0.1.11 18080 1 wanip 18080 root@10.0.1.201 /firewall_nat_edit.php made changes root@10.0.1.201 /firewall_nat_edit.php made changes 1 udp wan inet nat_62cc09e3b73e87.61248567 10.0.1.102 3478 1 wanip 3478 root@10.0.1.102 /firewall_nat_edit.php made changes root@10.0.1.102 /firewall_nat_edit.php made changes 1 udp wan inet nat_62cc0a1f5e00c2.77730298 10.0.1.102 4379 1 wanip 4379-4380 root@10.0.1.102 /firewall_nat_edit.php made changes root@10.0.1.102 /firewall_nat_edit.php made changes 1 tcp/udp wan inet Stick Fight the Game nat_62cc0abca222d4.02229027 10.0.1.101 27015 1 wanip 27015 root@10.0.1.101 /firewall_nat_edit.php made changes root@10.0.1.102 /firewall_nat_edit.php made changes 1 tcp/udp wan inet nat_62dfdf81c63009.25391203 10.0.1.11 6881 1 wanip 6881 root@10.0.1.102 /firewall_nat_edit.php made changes root@10.0.1.102 /firewall_nat_edit.php made changes tcp/udp wan inet nat_62e3ed166f0e56.88516001 10.0.1.101 24642 1 wanip 24642 root@10.0.1.101 /firewall_nat_edit.php made changes root@10.0.1.101 /firewall_nat_edit.php made changes 1 tcp wan inet nat_65b268fb447592.11055352 10.0.1.11 2283 1 wanip 2283 root@10.0.1.131 /firewall_nat_edit.php made changes root@10.0.1.131 /firewall_nat_edit.php made changes 1 wan keep state tcp inet
hass
8123 HASS.io nat_603a219d254010.34486638 root@10.0.1.201 /firewall_nat_edit.php made changes 1 wan keep state tcp inet
10.0.1.100
22 debian vm nat_603a31025c4875.51279624 root@10.0.1.201 /firewall_nat_edit.php made changes pass wan inet keep state Allow VPN Traffic in 1 1 udp 1 1 1194 root@10.0.1.100 /firewall_rules_edit.php made changes root@10.0.1.100 /firewall_rules_edit.php made changes 1 wan keep state tcp inet
nginx
443 nginx reverse proxy ssl nat_609ab30d1bcb08.88985266 root@10.0.8.6 /firewall_nat_edit.php made changes 1 wan keep state tcp inet
nginx
80 nginx reverse proxy server nat_61d69bc2d88db3.30171087 root@10.0.1.100 /firewall_nat_edit.php made changes 1 wan keep state tcp inet
minecraft1
25565 minecraft1 java nat_6189c4e0d85e51.54054052 root@10.0.1.201 /firewall_nat_edit.php made changes 1 wan keep state tcp inet
minecraft2
25566 minecraft2 javA nat_61eca513f3ab54.12999814 root@10.0.1.201 /firewall_nat_edit.php made changes 1 wan keep state udp inet
minecraft2
19133 minecraft2 bedrock nat_61eca544a8b730.21185118 root@10.0.1.201 /firewall_nat_edit.php made changes 1 wan keep state tcp inet
jellyfin
8096 Jellyfin services nat_61f140996d6708.06843852 root@10.0.1.100 /firewall_nat_edit.php made changes 1 wan keep state tcp inet
minecraft3
25567 minecraft3 java nat_61f372df8b6171.53361896 root@10.0.1.201 /firewall_nat_edit.php made changes 1 1 wan keep state tcp inet
minecraft4
25568 minecraft4 java nat_61f373074cc973.44719320 root@10.0.1.201 /firewall_nat_edit.php made changes 1 1 wan keep state udp inet
minecraft3
19134 minecraft3 bedrock nat_61f3734f494c02.95558635 root@10.0.1.201 /firewall_nat_edit.php made changes 1 1 wan keep state udp inet
minecraft4
19135 minecraft4 bedrock nat_61f3736fb310c2.90636878 root@10.0.1.201 /firewall_nat_edit.php made changes 1 1 wan keep state tcp inet
10.0.1.103
22 debian2 vm nat_61fe6823a62ff9.38653503 root@10.0.1.100 /firewall_nat_edit.php made changes 1 wan keep state tcp inet
10.0.1.11
18080 bitwarden nat_62261aed26de09.52732628 root@10.0.1.201 /firewall_nat_edit.php made changes 1 1 wan keep state udp inet
10.0.1.102
3478 nat_62cc09e3b73e87.61248567 root@10.0.1.102 /firewall_nat_edit.php made changes 1 wan keep state udp inet
10.0.1.102
4379-4380 nat_62cc0a1f5e00c2.77730298 root@10.0.1.102 /firewall_nat_edit.php made changes 1 wan keep state tcp/udp inet
10.0.1.101
27015 Stick Fight the Game nat_62cc0abca222d4.02229027 root@10.0.1.102 /firewall_nat_edit.php made changes 1 wan keep state tcp/udp inet
10.0.1.11
6881 nat_62dfdf81c63009.25391203 root@10.0.1.102 /firewall_nat_edit.php made changes 1 wan keep state tcp/udp inet
10.0.1.101
24642 nat_62e3ed166f0e56.88516001 root@10.0.1.101 /firewall_nat_edit.php made changes nat_65b268fb447592.11055352 1 wan keep state tcp inet
10.0.1.11
2283 root@10.0.1.131 /firewall_nat_edit.php made changes pass wan inet keep state Allow WireGuard VPN service in 1 udp 1 wanip 51820 root@10.0.1.131 /firewall_rules_edit.php made changes root@10.0.1.131 /firewall_rules_edit.php made changes pass inet Default allow LAN to any rule lan lan pass inet6 Default allow LAN IPv6 to any rule lan lan pass lan inet keep state Allow OpenVPN traffic in 1 openvpn 1 root@10.0.1.131 /firewall_rules_edit.php made changes root@10.0.1.131 /firewall_rules_edit.php made changes pass lan inet keep state in 1 icmp lan 1 root@10.0.1.131 /firewall_rules_edit.php made changes root@10.0.1.131 /firewall_rules_edit.php made changes pass lan inet keep state in 1 tcp/udp
terminal
opt2 root@10.0.1.131 /firewall_rules_edit.php made changes root@10.0.1.131 /firewall_rules_edit.php made changes OpenVPN wizard in 1 anyip 1194 any udp pass on root@10.0.1.100 /wizard.php made changes pass openvpn inet keep state OpenVPN wizard in 1
10.0.8.0/24
1 root@10.0.1.100 /firewall_rules_edit.php made changes root@10.0.1.100 /wizard.php made changes pass opt1 inet keep state in 1 tcp/udp opt1 opt1ip 53 root@10.0.1.131 /firewall_rules_edit.php made changes root@10.0.1.131 /firewall_rules_edit.php made changes pass opt1 inet keep state in 1 opt1 opt1ip root@10.0.1.131 /firewall_rules_edit.php made changes root@10.0.1.131 /firewall_rules_edit.php made changes pass opt1 inet keep state in 1 opt1
OMV
 root@10.0.1.131 /firewall_rules_edit.php made changes root@10.0.1.131 /firewall_rules_edit.php made changes pass opt1 inet keep state in 1 tcp
10.0.20.101
10.0.1.1
 root@10.0.1.131 /firewall_rules_edit.php made changes root@10.0.1.131 /firewall_rules_edit.php made changes pass opt1 inet keep state Allow internet in 1 opt1
PrivateNet
1 root@10.0.1.131 /firewall_rules_edit.php made changes root@10.0.1.131 /firewall_rules_edit.php made changes pass opt2 inet46 keep state Allow DNS in 1 tcp/udp opt2 opt2ip 53 root@10.0.1.131 /firewall_rules_edit.php made changes root@10.0.1.131 /firewall_rules_edit.php made changes pass opt2 inet keep state Allow ICMPv4 to all networks in 1 icmp opt2 1 root@10.0.1.131 /firewall_rules_edit.php made changes root@10.0.1.131 /firewall_rules_edit.php made changes pass opt2 inet keep state Allow nginx access in 1 tcp/udp opt2
nginx
 root@10.0.1.131 /firewall_rules_edit.php made changes root@10.0.1.131 /firewall_rules_edit.php made changes pass opt2 inet keep state in 1 opt2
PiHole
 root@10.0.1.131 /firewall_rules_edit.php made changes root@10.0.1.131 /firewall_rules_edit.php made changes pass opt2 inet46 keep state Allow only internet in 1 opt2
PrivateNet
1 root@10.0.1.131 /firewall_rules_edit.php made changes root@10.0.1.131 /firewall_rules_edit.php made changes pass opt3 inet keep state Allow HASS server internet access in 1
hass
opt3ip root@10.0.1.131 /firewall_rules_edit.php made changes root@10.0.1.131 /firewall_rules_edit.php made changes block opt3 inet46 keep state Block everything in 1 opt3 1 root@10.0.1.131 /firewall_rules_edit.php made changes root@10.0.1.131 /firewall_rules_edit.php made changes pass opt4 inet46 keep state Allow DNS in 1 tcp/udp opt4 opt4ip 53 root@10.0.1.131 /firewall_rules_edit.php made changes root@10.0.1.131 /firewall_rules_edit.php made changes pass opt4 inet46 keep state in 1 opt4
PrivateNet
1 root@10.0.1.131 /firewall_rules_edit.php made changes root@10.0.1.131 /firewall_rules_edit.php made changes pass opt5 inet46 keep state Allow DNS in 1 tcp/udp opt5 opt5ip 53 root@10.0.1.131 /firewall_rules_edit.php made changes root@10.0.1.131 /firewall_rules_edit.php made changes pass opt5 inet keep state in 1 opt5
PiHole
 root@10.0.1.131 /firewall_rules_edit.php made changes root@10.0.1.131 /firewall_rules_edit.php made changes pass opt5 inet keep state in 1 opt5
hass
 root@10.0.1.131 /firewall_rules_edit.php made changes root@10.0.1.131 /firewall_rules_edit.php made changes pass opt5 inet keep state in 1 opt5
jellyfin
 root@10.0.1.131 /firewall_rules_edit.php made changes root@10.0.1.131 /firewall_rules_edit.php made changes pass opt5 inet46 keep state in 1 opt5
PrivateNet
1 root@10.0.1.131 /firewall_rules_edit.php made changes root@10.0.1.131 /firewall_rules_edit.php made changes ICMP icmp ICMP TCP tcp Generic TCP HTTP http Generic HTTP / 200 HTTPS https Generic HTTPS / 200 SMTP send Generic SMTP 220 * 0.opnsense.pool.ntp.org system_information-container:00000000-col3:show,services_status-container:00000001-col4:show,gateways-container:00000002-col4:show,interface_list-container:00000003-col4:show 2 root@10.0.1.131 /api/firewall/alias/set made changes 1 PrivateNet network 0 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 All local networks 1 OMV host 0 10.0.1.11 10.0.10.11 OMV Server 1 Proxmox_Dell host 0 10.0.1.6 Dell R630 1 nginx host 0 10.0.1.15 10.0.10.15 nginx instance 1 Trading1 host 0 10.0.20.31 VM for trading 1 Trading2 host 0 10.0.20.32 VM for trading 1 terminal host 0 10.0.1.100 10.0.20.100 vm for shell access (debian) 1 minecraft1 host 0 10.0.10.31 1 minecraft2 host 0 10.0.10.32 1 minecraft3 host 0 10.0.10.33 1 minecraft4 host 0 10.0.10.34 1 PiHole host 0 10.0.1.4 10.0.10.53 1 hass host 0 10.0.1.151 10.0.30.11 1 jellyfin host 0 10.0.1.24 10.0.10.24 jellyfin server 0 0 0 wan 192.168.0.0/16,10.0.0.0/8,172.16.0.0/12 W0D23 4 ac medium 0 0 0 0 opnsense 1 1 0 on strip 1 1 0 admin@localhost.local 0 /var/squid/cache 256 always 100 16 256 0 0 0 2048 1024 1024 256 0 0 username password lan 3128 3129 0 0 4 5 0 3401 public 2121 0 1 0 80:http,21:ftp,443:https,70:gopher,210:wais,1025-65535:unregistered ports,280:http-mgmt,488:gss-http,591:filemaker,777:multiling http 443:https 0 icap://[::1]:1344/avscan icap://[::1]:1344/avscan 1 0 0 X-Username 1 1024 60 OPNsense proxy authentication 2 5