config-strider.csolve.local-20100923160001.xml - pfSense - pfSense bugtracker

Bug #729 » config-strider.csolve.local-20100923160001.xml

Derek Buttineau, 09/24/2010 11:07 AM

    
      <?xml version="1.0"?>

      <pfsense>

      	<version>7.0</version>

      	<lastchange/>

      	<theme>pfsense_ng</theme>

      	<sysctl>

      		<item>

      			<desc>Set the ephemeral port range to be lower.</desc>

      			<tunable>net.inet.ip.portrange.first</tunable>

      			<value>default</value>

      		</item>

      		<item>

      			<desc>Drop packets to closed TCP ports without returning a RST</desc>

      			<tunable>net.inet.tcp.blackhole</tunable>

      			<value>default</value>

      		</item>

      		<item>

      			<desc>Do not send ICMP port unreachable messages for closed UDP ports</desc>

      			<tunable>net.inet.udp.blackhole</tunable>

      			<value>default</value>

      		</item>

      		<item>

      			<desc>Randomize the ID field in IP packets (default is 0: sequential IP IDs)</desc>

      			<tunable>net.inet.ip.random_id</tunable>

      			<value>default</value>

      		</item>

      		<item>

      			<desc>Drop SYN-FIN packets (breaks RFC1379, but nobody uses it anyway)</desc>

      			<tunable>net.inet.tcp.drop_synfin</tunable>

      			<value>default</value>

      		</item>

      		<item>

      			<desc>Enable sending IPv4 redirects</desc>

      			<tunable>net.inet.ip.redirect</tunable>

      			<value>default</value>

      		</item>

      		<item>

      			<desc>Enable sending IPv6 redirects</desc>

      			<tunable>net.inet6.ip6.redirect</tunable>

      			<value>default</value>

      		</item>

      		<item>

      			<desc>Generate SYN cookies for outbound SYN-ACK packets</desc>

      			<tunable>net.inet.tcp.syncookies</tunable>

      			<value>default</value>

      		</item>

      		<item>

      			<desc>Maximum incoming/outgoing TCP datagram size (receive)</desc>

      			<tunable>net.inet.tcp.recvspace</tunable>

      			<value>default</value>

      		</item>

      		<item>

      			<desc>Maximum incoming/outgoing TCP datagram size (send)</desc>

      			<tunable>net.inet.tcp.sendspace</tunable>

      			<value>default</value>

      		</item>

      		<item>

      			<desc>IP Fastforwarding</desc>

      			<tunable>net.inet.ip.fastforwarding</tunable>

      			<value>default</value>

      		</item>

      		<item>

      			<desc>Do not delay ACK to try and piggyback it onto a data packet</desc>

      			<tunable>net.inet.tcp.delayed_ack</tunable>

      			<value>default</value>

      		</item>

      		<item>

      			<desc>Maximum outgoing UDP datagram size</desc>

      			<tunable>net.inet.udp.maxdgram</tunable>

      			<value>default</value>

      		</item>

      		<item>

      			<desc>Handling of non-IP packets which are not passed to pfil (see if_bridge(4))</desc>

      			<tunable>net.link.bridge.pfil_onlyip</tunable>

      			<value>default</value>

      		</item>

      		<item>

      			<desc>Set to 0 to disable filtering on the incoming and outgoing member interfaces.</desc>

      			<tunable>net.link.bridge.pfil_member</tunable>

      			<value>default</value>

      		</item>

      		<item>

      			<desc>Set to 1 to enable filtering on the bridge interface</desc>

      			<tunable>net.link.bridge.pfil_bridge</tunable>

      			<value>default</value>

      		</item>

      		<item>

      			<desc>Allow unprivileged access to tap(4) device nodes</desc>

      			<tunable>net.link.tap.user_open</tunable>

      			<value>default</value>

      		</item>

      		<item>

      			<desc>Verbosity of the rndtest driver (0: do not display results on console)</desc>

      			<tunable>kern.rndtest.verbose</tunable>

      			<value>default</value>

      		</item>

      		<item>

      			<desc>Randomize PID's (see src/sys/kern/kern_fork.c: sysctl_kern_randompid())</desc>

      			<tunable>kern.randompid</tunable>

      			<value>default</value>

      		</item>

      		<item>

      			<desc>Maximum size of the IP input queue</desc>

      			<tunable>net.inet.ip.intr_queue_maxlen</tunable>

      			<value>default</value>

      		</item>

      		<item>

      			<desc>Disable CTRL+ALT+Delete reboot from keyboard.</desc>

      			<tunable>hw.syscons.kbd_reboot</tunable>

      			<value>default</value>

      		</item>

      		<item>

      			<desc>Enable TCP Inflight mode</desc>

      			<tunable>net.inet.tcp.inflight.enable</tunable>

      			<value>default</value>

      		</item>

      		<item>

      			<desc>Enable TCP extended debugging</desc>

      			<tunable>net.inet.tcp.log_debug</tunable>

      			<value>default</value>

      		</item>

      		<item>

      			<desc>Set ICMP Limits</desc>

      			<tunable>net.inet.icmp.icmplim</tunable>

      			<value>default</value>

      		</item>

      		<item>

      			<desc>TCP Offload Engine</desc>

      			<tunable>net.inet.tcp.tso</tunable>

      			<value>default</value>

      		</item>

      		<item>

      			<desc>TCP Offload Engine - BCE</desc>

      			<tunable>hw.bce.tso_enable</tunable>

      			<value>default</value>

      		</item>

      	</sysctl>

      	<system>

      		<optimization>normal</optimization>

      		<hostname>strider</hostname>

      		<domain>csolve.local</domain>

      		<group>

      			<name>all</name>

      			<description><![CDATA[All Users]]></description>

      			<scope>system</scope>

      			<gid>1998</gid>

      		</group>

      		<group>

      			<name>admins</name>

      			<description><![CDATA[System Administrators]]></description>

      			<scope>system</scope>

      			<gid>1999</gid>

      			<member>0</member>

      			<priv>page-all</priv>

      		</group>

      		<user>

      			<name>admin</name>

      			<fullname>System Administrator</fullname>

      			<scope>system</scope>

      			<groupname>admins</groupname>

      			<password></password>

      			<uid>0</uid>

      			<priv>user-shell-access</priv>

      			<md5-hash></md5-hash>

      			<nt-hash></nt-hash>

      			<expires/>

      			<authorizedkeys/>

      			<ipsecpsk/>

      		</user>

      		<nextuid>2000</nextuid>

      		<nextgid>2000</nextgid>

      		<timezone>America/Toronto</timezone>

      		<time-update-interval/>

      		<timeservers>10.10.15.1</timeservers>

      		<webgui>

      			<protocol>https</protocol>

      			<ssl-certref>4c7e7496caff7</ssl-certref>

      			<port/>

      			<althostnames>strider-mgmt strider-mgmt.csolve.local</althostnames>

      		</webgui>

      		<disablenatreflection>yes</disablenatreflection>

      		<disablesegmentationoffloading/>

      		<disablelargereceiveoffloading/>

      		<cert>

      			<refid>4c7e7496caff7</refid>

      			<name>webConfigurator default</name>

      			<crt>LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVLRENDQTVHZ0F3SUJBZ0lKQVAxVXRDUmJWVmpITUEwR0NTcUdTSWIzRFFFQkJRVUFNSUcvTVFzd0NRWUQKVlFRR0V3SlZVekVTTUJBR0ExVUVDQk1KVTI5dFpYZG9aWEpsTVJFd0R3WURWUVFIRXdoVGIyMWxZMmwwZVRFVQpNQklHQTFVRUNoTUxRMjl0Y0dGdWVVNWhiV1V4THpBdEJnTlZCQXNUSms5eVoyRnVhWHBoZEdsdmJtRnNJRlZ1CmFYUWdUbUZ0WlNBb1pXY3NJSE5sWTNScGIyNHBNU1F3SWdZRFZRUURFeHREYjIxdGIyNGdUbUZ0WlNBb1pXY3MKSUZsUFZWSWdibUZ0WlNreEhEQWFCZ2txaGtpRzl3MEJDUUVXRFVWdFlXbHNJRUZrWkhKbGMzTXdIaGNOTVRBdwpPVEF4TVRVME16SXhXaGNOTVRZd01qSXlNVFUwTXpJeFdqQ0J2ekVMTUFrR0ExVUVCaE1DVlZNeEVqQVFCZ05WCkJBZ1RDVk52YldWM2FHVnlaVEVSTUE4R0ExVUVCeE1JVTI5dFpXTnBkSGt4RkRBU0JnTlZCQW9UQzBOdmJYQmgKYm5sT1lXMWxNUzh3TFFZRFZRUUxFeVpQY21kaGJtbDZZWFJwYjI1aGJDQlZibWwwSUU1aGJXVWdLR1ZuTENCegpaV04wYVc5dUtURWtNQ0lHQTFVRUF4TWJRMjl0Ylc5dUlFNWhiV1VnS0dWbkxDQlpUMVZTSUc1aGJXVXBNUnd3CkdnWUpLb1pJaHZjTkFRa0JGZzFGYldGcGJDQkJaR1J5WlhOek1JR2ZNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0R04KQURDQmlRS0JnUUR2WE5RaXo1aDNNTGpLcU5mS1RkMUFDK2o5ZEdxeFhjeUJ1RFg5dTAyWjI1cG4xaXk3djhhUApueklJTHE4ZjNYb0JZQXVucXZjOFl3WmxVM0JxSE1GTDFtdy9sMnQ3QzFUVVBaL2IrWm5PNUFtYW9UMHY1ZThJCjcxNzhpSG5FamZkbXdxSlpVVDlaSExEZnVGbW1yK0dndm9xOFNWRFB2RVEyeGcrczUzQlRpUUlEQVFBQm80SUIKS0RDQ0FTUXdIUVlEVlIwT0JCWUVGQk9PTVpseHNjRnUrL1F1c2xUQUxYcVlXQStWTUlIMEJnTlZIU01FZ2V3dwpnZW1BRkJPT01abHhzY0Z1Ky9RdXNsVEFMWHFZV0ErVm9ZSEZwSUhDTUlHL01Rc3dDUVlEVlFRR0V3SlZVekVTCk1CQUdBMVVFQ0JNSlUyOXRaWGRvWlhKbE1SRXdEd1lEVlFRSEV3aFRiMjFsWTJsMGVURVVNQklHQTFVRUNoTUwKUTI5dGNHRnVlVTVoYldVeEx6QXRCZ05WQkFzVEprOXlaMkZ1YVhwaGRHbHZibUZzSUZWdWFYUWdUbUZ0WlNBbwpaV2NzSUhObFkzUnBiMjRwTVNRd0lnWURWUVFERXh0RGIyMXRiMjRnVG1GdFpTQW9aV2NzSUZsUFZWSWdibUZ0ClpTa3hIREFhQmdrcWhraUc5dzBCQ1FFV0RVVnRZV2xzSUVGa1pISmxjM09DQ1FEOVZMUWtXMVZZeHpBTUJnTlYKSFJNRUJUQURBUUgvTUEwR0NTcUdTSWIzRFFFQkJRVUFBNEdCQUlDM0V6VHhHUnJCWTY1a0dpVGZnU1ZadnZmUQo0aVBjK1BwclRIMStDbWJVOUVubTBlVm5hRkVvVWxDSVRkenR4V01SRDZGZjYyajFyTmlwWm1OWFUybUNQZlRjCk84YWlMMDVnbWZBLzN0ZkRkTWp2ekFCN3lZaUx1ZGI4all0RlFueWk2RS9FNDY4RjJNVXRnSlA3dFNYV3FDU0YKR2tZZVp4RXhpUFUzNDZoaQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==</crt>

      			<prv>R2VuZXJhdGluZyBSU0EgcHJpdmF0ZSBrZXksIDEwMjQgYml0IGxvbmcgbW9kdWx1cwouLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLisrKysrKwouLi4uLi4uLi4uLi4uLi4uLi4uKysrKysrCnVuYWJsZSB0byB3cml0ZSAncmFuZG9tIHN0YXRlJwplIGlzIDY1NTM3ICgweDEwMDAxKQotLS0tLUJFR0lOIFJTQSBQUklWQVRFIEtFWS0tLS0tCk1JSUNYUUlCQUFLQmdRRHZYTlFpejVoM01MaktxTmZLVGQxQUMrajlkR3F4WGN5QnVEWDl1MDJaMjVwbjFpeTcKdjhhUG56SUlMcThmM1hvQllBdW5xdmM4WXdabFUzQnFITUZMMW13L2wydDdDMVRVUFovYitabk81QW1hb1Qwdgo1ZThJNzE3OGlIbkVqZmRtd3FKWlVUOVpITERmdUZtbXIrR2d2b3E4U1ZEUHZFUTJ4ZytzNTNCVGlRSURBUUFCCkFvR0JBTXhydVBncDF3b2o0QTJqK1BiYlhOTXYyTUZzeFJuSkE3amRPNjhBWVp1K3dyVmZZa0ROM2FRV3owSFIKck5wSDZjUjI1RDFEYzNadEU2OUJmVVlDWE1qaXhOZUJpWWY3eGhUQzVvTk5pY3EzOVB2NTlwdHlBZjlqaWRMcwptK3BOZzVnazZJRThqSkVFWHRrdXM2KzkrYlpLWXp4ZHIxL2NuT3RveXVsVVN6OEJBa0VBLzRvQ2JEUThQNmd1ClphdnFMSXQyaVkxc3FuOUN6VC9CVjhRcGcwYktPUjJFYjV2WmNiZkd2VmdxeFZvNWdxSHMrOGNCbFFGaEVjZCsKaE9hZktjOG0rUUpCQU8vTFdaa3F4M0t2U2dFMmJmUkNJU0VzL05xMTQxTGsrSG14K2FQaHBtNUtuMk5MMlJZZgowZVBqbEx1Yy9wditmSkpwWkVwWUJpdlM0ZU1sdTRQaTVSRUNRUURHS3JsOFBmbm5CNzZMWEFscTUvQlI5Wm1xCmtxdzBUVmZiZnlVT1IreDA1SDRhcTBxeVZHbEwxcjY4Y3g2Y1BvUndNRUQ2MDZuNlJySEgwS3pubUZ6SkFrQlgKajc2dzhuRVFETGdPUjB6UlE1Q0xaNzBSTkJmRlBqMEpXeGJZWTk1OUtaeVlDcXREcSt6ZHRVMnJVSUdjZnNvSQpRSm5SbCtEeEFibGdVM2ZzaWQ2eEFrQUhvMXVWZ0k1SnpHQzJVKzcyRjlRVXh1bUNHMGNWZk9JQ0RhcUhyeVF1CnNKdlhvVVhkcnA0dkg2QW92U0tCREx1clNGMWdxdGFQZVlSOEpPTlBBZlMrCi0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tCg==</prv>

      		</cert>

      		<dnsserver>10.10.15.2</dnsserver>

      		<dnsserver>10.10.15.3</dnsserver>

      		<dnsserver>10.10.15.1</dnsserver>

      		<dnsallowoverride>on</dnsallowoverride>

      		<dns1gwint>none</dns1gwint>

      		<dns2gwint>none</dns2gwint>

      		<dns3gwint>none</dns3gwint>

      		<dns4gwint>none</dns4gwint>

      		<maximumstates/>

      		<maximumtableentries/>

      		<reflectiontimeout/>

      		<scrubnodf>enabled</scrubnodf>

      		<disablescrub>yes</disablescrub>

      		<firmware>

      			<alturl>

      				<enable/>

      				<firmwareurl>http://snapshots.pfsense.org/FreeBSD_RELENG_8_1/i386/pfSense_HEAD/.updaters</firmwareurl>

      			</alturl>

      		</firmware>

      		<enablesshd>enabled</enablesshd>

      	</system>

      	<interfaces>

      		<wan>

      			<enable/>

      			<if>em0</if>

      			<media/>

      			<mediaopt/>

      			<descr><![CDATA[BRIDGEEXT]]></descr>

      			<alias-address/>

      			<alias-subnet>32</alias-subnet>

      			<spoofmac/>

      		</wan>

      		<lan>

      			<enable/>

      			<if>bge0</if>

      			<media/>

      			<mediaopt/>

      			<descr><![CDATA[Management]]></descr>

      			<spoofmac/>

      			<ipaddr>10.10.15.11</ipaddr>

      			<subnet>24</subnet>

      			<gateway>ManagementGW</gateway>

      		</lan>

      		<opt1>

      			<if>em1</if>

      			<descr><![CDATA[BRIDGEINT]]></descr>

      			<enable/>

      			<spoofmac/>

      		</opt1>

      	</interfaces>

      	<staticroutes/>

      	<dhcpd>

      		<lan>

      			<range>

      				<from>192.168.1.100</from>

      				<to>192.168.1.199</to>

      			</range>

      			<defaultleasetime/>

      			<maxleasetime/>

      			<netmask/>

      			<failover_peerip/>

      			<gateway/>

      			<domain/>

      			<domainsearchlist/>

      			<ddnsdomain/>

      			<tftp/>

      			<ldap/>

      			<next-server/>

      			<filename/>

      			<rootpath/>

      			<numberoptions/>

      		</lan>

      	</dhcpd>

      	<pptpd>

      		<mode/>

      		<redir/>

      		<localip/>

      		<remoteip/>

      	</pptpd>

      	<ovpn/>

      	<dnsmasq/>

      	<snmpd>

      		<syslocation/>

      		<syscontact/>

      		<rocommunity>public</rocommunity>

      	</snmpd>

      	<diag>

      		<ipv6nat>

      			<ipaddr/>

      		</ipv6nat>

      	</diag>

      	<bridge/>

      	<syslog/>

      	<nat>

      		<ipsecpassthru>

      			<enable/>

      		</ipsecpassthru>

      	</nat>

      	<filter>

      		<rule>

      			<id/>

      			<type>reject</type>

      			<interface>wan</interface>

      			<tag/>

      			<tagged/>

      			<max/>

      			<max-src-nodes/>

      			<max-src-conn/>

      			<max-src-states/>

      			<statetimeout/>

      			<statetype>keep state</statetype>

      			<os/>

      			<source>

      				<address>martians</address>

      			</source>

      			<destination>

      				<any/>

      			</destination>

      			<descr><![CDATA[Block from misconfigured networks ]]></descr>

      		</rule>

      		<rule>

      			<id/>

      			<type>pass</type>

      			<interface>wan</interface>

      			<tag/>

      			<tagged/>

      			<max/>

      			<max-src-nodes/>

      			<max-src-conn/>

      			<max-src-states/>

      			<statetimeout/>

      			<statetype>keep state</statetype>

      			<os/>

      			<protocol>icmp</protocol>

      			<icmptype>echoreq</icmptype>

      			<source>

      				<any/>

      			</source>

      			<destination>

      				<any/>

      			</destination>

      			<descr><![CDATA[ICMP - Echo]]></descr>

      		</rule>

      		<rule>

      			<id/>

      			<type>pass</type>

      			<interface>wan</interface>

      			<tag/>

      			<tagged/>

      			<max/>

      			<max-src-nodes/>

      			<max-src-conn/>

      			<max-src-states/>

      			<statetimeout/>

      			<statetype>keep state</statetype>

      			<os/>

      			<protocol>icmp</protocol>

      			<icmptype>unreach</icmptype>

      			<source>

      				<any/>

      			</source>

      			<destination>

      				<any/>

      			</destination>

      			<descr><![CDATA[ICMP - Destination Unreachable]]></descr>

      		</rule>

      		<rule>

      			<id/>

      			<type>pass</type>

      			<interface>wan</interface>

      			<tag/>

      			<tagged/>

      			<max/>

      			<max-src-nodes/>

      			<max-src-conn/>

      			<max-src-states/>

      			<statetimeout/>

      			<statetype>keep state</statetype>

      			<os/>

      			<protocol>tcp</protocol>

      			<source>

      				<any/>

      			</source>

      			<destination>

      				<any/>

      				<port>113</port>

      			</destination>

      			<descr><![CDATA[Allow IDENT to all servers ]]></descr>

      		</rule>

      		<rule>

      			<id/>

      			<type>pass</type>

      			<interface>wan</interface>

      			<tag/>

      			<tagged/>

      			<max/>

      			<max-src-nodes/>

      			<max-src-conn/>

      			<max-src-states/>

      			<statetimeout/>

      			<statetype>keep state</statetype>

      			<os/>

      			<protocol>tcp</protocol>

      			<source>

      				<address>csolvessh</address>

      			</source>

      			<destination>

      				<any/>

      				<port>22</port>

      			</destination>

      			<descr><![CDATA[Allow SSH management from CSOLVE ]]></descr>

      		</rule>

      		<rule>

      			<id/>

      			<type>pass</type>

      			<interface>wan</interface>

      			<tag/>

      			<tagged/>

      			<max/>

      			<max-src-nodes/>

      			<max-src-conn/>

      			<max-src-states/>

      			<statetimeout/>

      			<statetype>keep state</statetype>

      			<os/>

      			<protocol>tcp</protocol>

      			<source>

      				<address>csolverdp</address>

      			</source>

      			<destination>

      				<any/>

      				<port>3389</port>

      			</destination>

      			<descr><![CDATA[Allow RDP to clients from allowed CSOLVE IPs ]]></descr>

      		</rule>

      		<rule>

      			<id/>

      			<type>pass</type>

      			<interface>wan</interface>

      			<tag/>

      			<tagged/>

      			<max/>

      			<max-src-nodes/>

      			<max-src-conn/>

      			<max-src-states/>

      			<statetimeout/>

      			<statetype>keep state</statetype>

      			<os/>

      			<protocol>tcp</protocol>

      			<source>

      				<any/>

      			</source>

      			<destination>

      				<address>blug</address>

      				<port>xmpp</port>

      			</destination>

      			<descr><![CDATA[Allow XMPP to BLUG ]]></descr>

      		</rule>

      		<rule>

      			<id/>

      			<type>pass</type>

      			<interface>wan</interface>

      			<tag/>

      			<tagged/>

      			<max/>

      			<max-src-nodes/>

      			<max-src-conn/>

      			<max-src-states/>

      			<statetimeout/>

      			<statetype>keep state</statetype>

      			<os/>

      			<protocol>tcp</protocol>

      			<source>

      				<any/>

      			</source>

      			<destination>

      				<address>blug</address>

      				<port>blug_access</port>

      			</destination>

      			<descr><![CDATA[Allow access to the BLUG Server ]]></descr>

      		</rule>

      		<rule>

      			<id/>

      			<type>pass</type>

      			<interface>wan</interface>

      			<tag/>

      			<tagged/>

      			<max/>

      			<max-src-nodes/>

      			<max-src-conn/>

      			<max-src-states/>

      			<statetimeout/>

      			<statetype>keep state</statetype>

      			<os/>

      			<protocol>tcp/udp</protocol>

      			<source>

      				<any/>

      			</source>

      			<destination>

      				<address>blug</address>

      				<port>blug_general</port>

      			</destination>

      			<descr><![CDATA[Allow usage ports to BLUG ]]></descr>

      		</rule>

      		<rule>

      			<id/>

      			<type>reject</type>

      			<interface>wan</interface>

      			<tag/>

      			<tagged/>

      			<max/>

      			<max-src-nodes/>

      			<max-src-conn/>

      			<max-src-states/>

      			<statetimeout/>

      			<statetype>keep state</statetype>

      			<os/>

      			<source>

      				<any/>

      			</source>

      			<destination>

      				<address>blug</address>

      			</destination>

      			<descr><![CDATA[Deny Unmatched traffic to BLUG ]]></descr>

      		</rule>

      		<rule>

      			<id/>

      			<type>pass</type>

      			<interface>wan</interface>

      			<tag/>

      			<tagged/>

      			<max/>

      			<max-src-nodes/>

      			<max-src-conn/>

      			<max-src-states/>

      			<statetimeout/>

      			<statetype>keep state</statetype>

      			<os/>

      			<protocol>tcp</protocol>

      			<source>

      				<any/>

      			</source>

      			<destination>

      				<address>ofsc</address>

      				<port>webhosting</port>

      			</destination>

      			<descr><![CDATA[Allow Web Ports to OFSC ]]></descr>

      		</rule>

      		<rule>

      			<id/>

      			<type>pass</type>

      			<interface>wan</interface>

      			<tag/>

      			<tagged/>

      			<max/>

      			<max-src-nodes/>

      			<max-src-conn/>

      			<max-src-states/>

      			<statetimeout/>

      			<statetype>keep state</statetype>

      			<os/>

      			<protocol>tcp</protocol>

      			<source>

      				<any/>

      			</source>

      			<destination>

      				<address>ofsc</address>

      				<port>activeftp</port>

      			</destination>

      			<descr><![CDATA[Allow Active FTP Ports to OFSC ]]></descr>

      		</rule>

      		<rule>

      			<id/>

      			<type>pass</type>

      			<interface>wan</interface>

      			<tag/>

      			<tagged/>

      			<max/>

      			<max-src-nodes/>

      			<max-src-conn/>

      			<max-src-states/>

      			<statetimeout/>

      			<statetype>keep state</statetype>

      			<os/>

      			<protocol>tcp</protocol>

      			<source>

      				<any/>

      			</source>

      			<destination>

      				<address>ofsc</address>

      				<port>passiveftp</port>

      			</destination>

      			<descr><![CDATA[Alllow Passive FTP to OFSC ]]></descr>

      		</rule>

      		<rule>

      			<id/>

      			<type>pass</type>

      			<interface>wan</interface>

      			<tag/>

      			<tagged/>

      			<max/>

      			<max-src-nodes/>

      			<max-src-conn/>

      			<max-src-states/>

      			<statetimeout/>

      			<statetype>keep state</statetype>

      			<os/>

      			<protocol>tcp</protocol>

      			<source>

      				<any/>

      			</source>

      			<destination>

      				<address>ofsc</address>

      				<port>3389</port>

      			</destination>

      			<descr><![CDATA[Allow RDP access to OFSC]]></descr>

      		</rule>

      		<rule>

      			<id/>

      			<type>reject</type>

      			<interface>wan</interface>

      			<tag/>

      			<tagged/>

      			<max/>

      			<max-src-nodes/>

      			<max-src-conn/>

      			<max-src-states/>

      			<statetimeout/>

      			<statetype>keep state</statetype>

      			<os/>

      			<source>

      				<any/>

      			</source>

      			<destination>

      				<address>ofsc</address>

      			</destination>

      			<descr><![CDATA[Deny Unmatched traffic to OFSC ]]></descr>

      		</rule>

      		<rule>

      			<id/>

      			<type>pass</type>

      			<interface>wan</interface>

      			<tag/>

      			<tagged/>

      			<max/>

      			<max-src-nodes/>

      			<max-src-conn/>

      			<max-src-states/>

      			<statetimeout/>

      			<statetype>keep state</statetype>

      			<os/>

      			<protocol>tcp</protocol>

      			<source>

      				<any/>

      			</source>

      			<destination>

      				<address>ufirst</address>

      				<port>webhosting</port>

      			</destination>

      			<descr><![CDATA[Allow Web Ports to UFirst ]]></descr>

      		</rule>

      		<rule>

      			<id/>

      			<type>pass</type>

      			<interface>wan</interface>

      			<tag/>

      			<tagged/>

      			<max/>

      			<max-src-nodes/>

      			<max-src-conn/>

      			<max-src-states/>

      			<statetimeout/>

      			<statetype>keep state</statetype>

      			<os/>

      			<protocol>tcp</protocol>

      			<source>

      				<any/>

      			</source>

      			<destination>

      				<address>ufirst</address>

      				<port>22</port>

      			</destination>

      			<descr><![CDATA[SSH Access to UFirst ]]></descr>

      		</rule>

      		<rule>

      			<id/>

      			<type>pass</type>

      			<interface>wan</interface>

      			<tag/>

      			<tagged/>

      			<max/>

      			<max-src-nodes/>

      			<max-src-conn/>

      			<max-src-states/>

      			<statetimeout/>

      			<statetype>keep state</statetype>

      			<os/>

      			<source>

      				<address>207.164.82.50</address>

      			</source>

      			<destination>

      				<address>ufirst</address>

      			</destination>

      			<descr><![CDATA[Allow traffic from the SNAP server to UFirst ]]></descr>

      		</rule>

      		<rule>

      			<id/>

      			<type>reject</type>

      			<interface>wan</interface>

      			<tag/>

      			<tagged/>

      			<max/>

      			<max-src-nodes/>

      			<max-src-conn/>

      			<max-src-states/>

      			<statetimeout/>

      			<statetype>keep state</statetype>

      			<os/>

      			<source>

      				<any/>

      			</source>

      			<destination>

      				<address>ufirst</address>

      			</destination>

      			<descr><![CDATA[Default to deny traffic to UFirst ]]></descr>

      		</rule>

      		<rule>

      			<id/>

      			<type>pass</type>

      			<interface>wan</interface>

      			<tag/>

      			<tagged/>

      			<max/>

      			<max-src-nodes/>

      			<max-src-conn/>

      			<max-src-states/>

      			<statetimeout/>

      			<statetype>keep state</statetype>

      			<os/>

      			<protocol>tcp</protocol>

      			<source>

      				<address>csolvenat</address>

      			</source>

      			<destination>

      				<address>ABCLSNAP2</address>

      				<port>80</port>

      			</destination>

      			<descr><![CDATA[Access to the Web UI for Monitoring/Admin ]]></descr>

      		</rule>

      		<rule>

      			<id/>

      			<type>pass</type>

      			<interface>wan</interface>

      			<tag/>

      			<tagged/>

      			<max/>

      			<max-src-nodes/>

      			<max-src-conn/>

      			<max-src-states/>

      			<statetimeout/>

      			<statetype>keep state</statetype>

      			<os/>

      			<protocol>tcp</protocol>

      			<source>

      				<address>csolvenat</address>

      			</source>

      			<destination>

      				<address>ABCLSNAP2</address>

      				<port>22</port>

      			</destination>

      			<descr><![CDATA[Access to SSH for Admin/Monitoring ]]></descr>

      		</rule>

      		<rule>

      			<id/>

      			<type>reject</type>

      			<interface>wan</interface>

      			<tag/>

      			<tagged/>

      			<max/>

      			<max-src-nodes/>

      			<max-src-conn/>

      			<max-src-states/>

      			<statetimeout/>

      			<statetype>keep state</statetype>

      			<os/>

      			<source>

      				<any/>

      			</source>

      			<destination>

      				<address>ABCLSNAP2</address>

      			</destination>

      			<descr><![CDATA[Default to deny traffic to Atlas Block SNAP Server ]]></descr>

      		</rule>

      		<rule>

      			<id/>

      			<type>pass</type>

      			<interface>wan</interface>

      			<tag/>

      			<tagged/>

      			<max/>

      			<max-src-nodes/>

      			<max-src-conn/>

      			<max-src-states/>

      			<statetimeout/>

      			<statetype>keep state</statetype>

      			<os/>

      			<protocol>tcp</protocol>

      			<source>

      				<any/>

      			</source>

      			<destination>

      				<address>peg</address>

      				<port>peg_allowed</port>

      			</destination>

      			<descr><![CDATA[Allow necessary ports to PEG colo ]]></descr>

      		</rule>

      		<rule>

      			<id/>

      			<type>reject</type>

      			<interface>wan</interface>

      			<tag/>

      			<tagged/>

      			<max/>

      			<max-src-nodes/>

      			<max-src-conn/>

      			<max-src-states/>

      			<statetimeout/>

      			<statetype>keep state</statetype>

      			<os/>

      			<source>

      				<any/>

      			</source>

      			<destination>

      				<address>peg</address>

      			</destination>

      			<descr><![CDATA[Default to deny traffic to PEG colo ]]></descr>

      		</rule>

      		<rule>

      			<id/>

      			<type>reject</type>

      			<interface>opt1</interface>

      			<tag/>

      			<tagged/>

      			<max/>

      			<max-src-nodes/>

      			<max-src-conn/>

      			<max-src-states/>

      			<statetimeout/>

      			<statetype>keep state</statetype>

      			<os/>

      			<source>

      				<any/>

      			</source>

      			<destination>

      				<address>martians</address>

      			</destination>

      			<descr><![CDATA[Block to misconfigured networks]]></descr>

      		</rule>

      		<rule>

      			<id/>

      			<type>pass</type>

      			<interface>opt1</interface>

      			<tag/>

      			<tagged/>

      			<max/>

      			<max-src-nodes/>

      			<max-src-conn/>

      			<max-src-states/>

      			<statetimeout/>

      			<statetype>keep state</statetype>

      			<os/>

      			<source>

      				<any/>

      			</source>

      			<destination>

      				<any/>

      			</destination>

      			<descr><![CDATA[Allow client traffic unimpeded to the Internet ]]></descr>

      		</rule>

      		<rule>

      			<id/>

      			<type>pass</type>

      			<interface>lan</interface>

      			<tag/>

      			<tagged/>

      			<max/>

      			<max-src-nodes/>

      			<max-src-conn/>

      			<max-src-states/>

      			<statetimeout/>

      			<statetype>keep state</statetype>

      			<os/>

      			<source>

      				<any/>

      			</source>

      			<destination>

      				<network>lanip</network>

      			</destination>

      			<descr><![CDATA[Default allow access to management interface]]></descr>

      		</rule>

      		<rule>

      			<id/>

      			<type>pass</type>

      			<interface>wan</interface>

      			<tag/>

      			<tagged/>

      			<max/>

      			<max-src-nodes/>

      			<max-src-conn/>

      			<max-src-states/>

      			<statetimeout/>

      			<statetype>keep state</statetype>

      			<os/>

      			<source>

      				<any/>

      			</source>

      			<destination>

      				<any/>

      			</destination>

      			<descr><![CDATA[Pass all traffic by default to co-located clients ]]></descr>

      		</rule>

      	</filter>

      	<shaper/>

      	<ipsec>

      		<preferoldsa/>

      	</ipsec>

      	<aliases>

      		<alias>

      			<name>ABCLSNAP2</name>

      			<address>216.208.154.57</address>

      			<descr><![CDATA[Atlas Block SNAP Server | Barrie NOC]]></descr>

      			<type>host</type>

      			<detail>Entry added Thu, 02 Sep 2010 09:52:29 +0000</detail>

      		</alias>

      		<alias>

      			<name>activeftp</name>

      			<address>20 21</address>

      			<descr><![CDATA[Standard FTP ports]]></descr>

      			<type>port</type>

      			<detail>FTP Data Port||FTP Comm Port</detail>

      		</alias>

      		<alias>

      			<name>blug</name>

      			<address>216.208.154.60 216.208.154.61</address>

      			<descr><![CDATA[BLUG IPs]]></descr>

      			<type>host</type>

      			<detail>First IP||Second IP</detail>

      		</alias>

      		<alias>

      			<name>blug_access</name>

      			<address>22</address>

      			<descr><![CDATA[Blug Access Services]]></descr>

      			<type>port</type>

      			<detail>SSH</detail>

      		</alias>

      		<alias>

      			<name>blug_general</name>

      			<address>587 25 80 53 22000 995 110 993 143 51234 14534 8767</address>

      			<descr><![CDATA[BLUG Service Ports]]></descr>

      			<type>port</type>

      			<detail>SMTP Submission||SMTP||HTTP||DNS||Alex Proxy||POP3S||POP3||IMAPS||IMAP||Team Speak TCP Query||Team Speak Web||Team Speak Voice</detail>

      		</alias>

      		<alias>

      			<name>csolvenat</name>

      			<address>66.159.112.2 207.164.82.2 207.164.80.230</address>

      			<descr><![CDATA[CSolve Monitoring/Admin IPs]]></descr>

      			<type>host</type>

      			<detail>Barrie NAT IP||Midland NAT IP||Galadriel</detail>

      		</alias>

      		<alias>

      			<name>csolverdp</name>

      			<address>66.159.112.126 66.159.120.126 66.159.112.2 207.164.82.2</address>

      			<descr><![CDATA[CSOLVE IPs allowed to access RDP on Windows]]></descr>

      			<type>host</type>

      			<detail>Derek Barrie Static||Jason Barrie Static||Barrie NAT||Midland NAT</detail>

      		</alias>

      		<alias>

      			<name>csolvessh</name>

      			<address>66.159.112.126 66.159.120.126 207.164.82.2</address>

      			<descr><![CDATA[IPs allowed to SSH for csolve]]></descr>

      			<type>host</type>

      			<detail>Derek Barrie Static||Jason Barrie Static||Midland NAT</detail>

      		</alias>

      		<alias>

      			<name>martians</name>

      			<address>127.0.0.0/8 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8 169.254.0.0/16 192.0.2.0/24 0.0.0.0/8 240.0.0.0/4</address>

      			<descr><![CDATA[Private Subnets]]></descr>

      			<type>network</type>

      			<detail>Entry added Thu, 02 Sep 2010 10:12:51 +0000||Entry added Thu, 02 Sep 2010 10:12:51 +0000||Entry added Thu, 02 Sep 2010 10:12:51 +0000||Entry added Thu, 02 Sep 2010 10:12:51 +0000||Entry added Thu, 02 Sep 2010 10:12:51 +0000||Entry added Thu, 02 Sep 2010 10:12:51 +0000||Entry added Thu, 02 Sep 2010 10:12:51 +0000||Entry added Thu, 02 Sep 2010 10:12:51 +0000</detail>

      		</alias>

      		<alias>

      			<name>ofsc</name>

      			<address>216.208.154.55</address>

      			<descr><![CDATA[Ontario Federation of Snowmobile Clubs]]></descr>

      			<type>host</type>

      			<detail>Web Server</detail>

      		</alias>

      		<alias>

      			<name>ofscrdp</name>

      			<address>67.70.191.210</address>

      			<descr><![CDATA[OFSC RDP Access Approved IPs]]></descr>

      			<type>host</type>

      			<detail>Entry added Thu, 02 Sep 2010 10:14:16 +0000</detail>

      		</alias>

      		<alias>

      			<name>passiveftp</name>

      			<address>65484:65534</address>

      			<descr><![CDATA[Passive FTP Ports]]></descr>

      			<type>port</type>

      			<detail>Passive FTP Ports</detail>

      		</alias>

      		<alias>

      			<name>peg</name>

      			<address>216.208.154.58</address>

      			<descr><![CDATA[PEG Mining Consultants]]></descr>

      			<type>host</type>

      			<detail>COLO Server</detail>

      		</alias>

      		<alias>

      			<name>peg_allowed</name>

      			<address>25 110 143 3389 389 80 1723 3458 20 21 5500:5600 443 8080 22</address>

      			<descr><![CDATA[Allowed Ports for PEG Colo]]></descr>

      			<type>port</type>

      			<detail>SMTP||POP3||IMAP||RDP||LDAP||HTTP||VPN PPTP||Sharepoint Admin||FTP Data||FTP||FTP Passive||HTTPS||Alternate HTTP||SSH</detail>

      		</alias>

      		<alias>

      			<name>ufirst</name>

      			<address>216.208.154.56</address>

      			<descr><![CDATA[UFirst Web Server]]></descr>

      			<type>host</type>

      			<detail>Entry added Thu, 02 Sep 2010 10:19:44 +0000</detail>

      		</alias>

      		<alias>

      			<name>webhosting</name>

      			<address>80 443</address>

      			<descr><![CDATA[Web Hosting Ports]]></descr>

      			<type>port</type>

      			<detail>HTTP||HTTPS</detail>

      		</alias>

      		<alias>

      			<name>xmpp</name>

      			<address>5280 5269 5222</address>

      			<descr><![CDATA[XMPP ports]]></descr>

      			<type>port</type>

      			<detail>XMPP||XMPP Server||XMPP Client</detail>

      		</alias>

      	</aliases>

      	<proxyarp/>

      	<cron>

      		<item>

      			<minute>0</minute>

      			<hour>*</hour>

      			<mday>*</mday>

      			<month>*</month>

      			<wday>*</wday>

      			<who>root</who>

      			<command>/usr/bin/nice -n20 newsyslog</command>

      		</item>

      		<item>

      			<minute>1,31</minute>

      			<hour>0-5</hour>

      			<mday>*</mday>

      			<month>*</month>

      			<wday>*</wday>

      			<who>root</who>

      			<command>/usr/bin/nice -n20 adjkerntz -a</command>

      		</item>

      		<item>

      			<minute>1</minute>

      			<hour>3</hour>

      			<mday>1</mday>

      			<month>*</month>

      			<wday>*</wday>

      			<who>root</who>

      			<command>/usr/bin/nice -n20 /etc/rc.update_bogons.sh</command>

      		</item>

      		<item>

      			<minute>*/60</minute>

      			<hour>*</hour>

      			<mday>*</mday>

      			<month>*</month>

      			<wday>*</wday>

      			<who>root</who>

      			<command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 sshlockout</command>

      		</item>

      		<item>

      			<minute>1</minute>

      			<hour>1</hour>

      			<mday>*</mday>

      			<month>*</month>

      			<wday>*</wday>

      			<who>root</who>

      			<command>/usr/bin/nice -n20 /etc/rc.dyndns.update</command>

      		</item>

      		<item>

      			<minute>*/60</minute>

      			<hour>*</hour>

      			<mday>*</mday>

      			<month>*</month>

      			<wday>*</wday>

      			<who>root</who>

      			<command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 virusprot</command>

      		</item>

      		<item>

      			<minute>*/5</minute>

      			<hour>*</hour>

      			<mday>*</mday>

      			<month>*</month>

      			<wday>*</wday>

      			<who>root</who>

      			<command>/usr/bin/nice -n20 /usr/local/bin/checkreload.sh</command>

      		</item>

      	</cron>

      	<wol/>

      	<rrd>

      		<enable/>

      	</rrd>

      	<load_balancer>

      		<monitor_type>

      			<name>ICMP</name>

      			<type>icmp</type>

      			<desc>ICMP</desc>

      			<options/>

      		</monitor_type>

      		<monitor_type>

      			<name>TCP</name>

      			<type>tcp</type>

      			<desc>Generic TCP</desc>

      			<options/>

      		</monitor_type>

      		<monitor_type>

      			<name>HTTP</name>

      			<type>http</type>

      			<desc>Generic HTTP</desc>

      			<options>

      				<path>/</path>

      				<host/>

      				<code>200</code>

      			</options>

      		</monitor_type>

      		<monitor_type>

      			<name>HTTPS</name>

      			<type>https</type>

      			<desc>Generic HTTPS</desc>

      			<options>

      				<path>/</path>

      				<host/>

      				<code>200</code>

      			</options>

      		</monitor_type>

      		<monitor_type>

      			<name>SMTP</name>

      			<type>send</type>

      			<desc>Generic SMTP</desc>

      			<options>

      				<send>EHLO nosuchhost</send>

      				<expect>250-</expect>

      			</options>

      		</monitor_type>

      	</load_balancer>

      	<widgets>

      		<sequence>system_information-container:col1:show,captive_portal_status-container:col1:close,carp_status-container:col1:close,cpu_graphs-container:col1:close,gateways-container:col1:close,gmirror_status-container:col1:close,installed_packages-container:col1:close,interfaces-container:col2:show,ipsec-container:col2:close,load_balancer_status-container:col2:close,picture-container:col2:close,rss-container:col2:close,services_status-container:col2:close,traffic_graphs-container:col2:close,openvpn-container:col2:none,interface_statistics-container:col2:show,log-container:col2:show</sequence>

      		<filterlogentries>10</filterlogentries>

      	</widgets>

      	<revision>

      		<time>1285266238</time>

      		<description><![CDATA[admin: /system_advanced_admin.php made unknown change]]></description>

      		<username>admin</username>

      	</revision>

      	<ppps/>

      	<openvpn/>

      	<l7shaper>

      		<container/>

      	</l7shaper>

      	<dnshaper/>

      	<gateways>

      		<gateway_item>

      			<interface>lan</interface>

      			<gateway>10.10.15.1</gateway>

      			<name>ManagementGW</name>

      			<weight/>

      			<descr/>

      			<defaultgw/>

      		</gateway_item>

      	</gateways>

      	<bridges>

      		<bridged>

      			<members>wan,opt1</members>

      			<descr><![CDATA[COLO Bridge]]></descr>

      			<maxaddr/>

      			<timeout/>

      			<maxage/>

      			<fwdelay/>

      			<hellotime/>

      			<priority/>

      			<proto>rstp</proto>

      			<holdcount/>

      			<ifpriority/>

      			<ifpathcost/>

      			<bridgeif>bridge0</bridgeif>

      		</bridged>

      	</bridges>

      	<dhcrelay/>

      	<cert>

      		<refid>4c7e7496caff7</refid>

      		<name>webConfigurator default</name>

      		<crt>LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVLRENDQTVHZ0F3SUJBZ0lKQVAxVXRDUmJWVmpITUEwR0NTcUdTSWIzRFFFQkJRVUFNSUcvTVFzd0NRWUQKVlFRR0V3SlZVekVTTUJBR0ExVUVDQk1KVTI5dFpYZG9aWEpsTVJFd0R3WURWUVFIRXdoVGIyMWxZMmwwZVRFVQpNQklHQTFVRUNoTUxRMjl0Y0dGdWVVNWhiV1V4THpBdEJnTlZCQXNUSms5eVoyRnVhWHBoZEdsdmJtRnNJRlZ1CmFYUWdUbUZ0WlNBb1pXY3NJSE5sWTNScGIyNHBNU1F3SWdZRFZRUURFeHREYjIxdGIyNGdUbUZ0WlNBb1pXY3MKSUZsUFZWSWdibUZ0WlNreEhEQWFCZ2txaGtpRzl3MEJDUUVXRFVWdFlXbHNJRUZrWkhKbGMzTXdIaGNOTVRBdwpPVEF4TVRVME16SXhXaGNOTVRZd01qSXlNVFUwTXpJeFdqQ0J2ekVMTUFrR0ExVUVCaE1DVlZNeEVqQVFCZ05WCkJBZ1RDVk52YldWM2FHVnlaVEVSTUE4R0ExVUVCeE1JVTI5dFpXTnBkSGt4RkRBU0JnTlZCQW9UQzBOdmJYQmgKYm5sT1lXMWxNUzh3TFFZRFZRUUxFeVpQY21kaGJtbDZZWFJwYjI1aGJDQlZibWwwSUU1aGJXVWdLR1ZuTENCegpaV04wYVc5dUtURWtNQ0lHQTFVRUF4TWJRMjl0Ylc5dUlFNWhiV1VnS0dWbkxDQlpUMVZTSUc1aGJXVXBNUnd3CkdnWUpLb1pJaHZjTkFRa0JGZzFGYldGcGJDQkJaR1J5WlhOek1JR2ZNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0R04KQURDQmlRS0JnUUR2WE5RaXo1aDNNTGpLcU5mS1RkMUFDK2o5ZEdxeFhjeUJ1RFg5dTAyWjI1cG4xaXk3djhhUApueklJTHE4ZjNYb0JZQXVucXZjOFl3WmxVM0JxSE1GTDFtdy9sMnQ3QzFUVVBaL2IrWm5PNUFtYW9UMHY1ZThJCjcxNzhpSG5FamZkbXdxSlpVVDlaSExEZnVGbW1yK0dndm9xOFNWRFB2RVEyeGcrczUzQlRpUUlEQVFBQm80SUIKS0RDQ0FTUXdIUVlEVlIwT0JCWUVGQk9PTVpseHNjRnUrL1F1c2xUQUxYcVlXQStWTUlIMEJnTlZIU01FZ2V3dwpnZW1BRkJPT01abHhzY0Z1Ky9RdXNsVEFMWHFZV0ErVm9ZSEZwSUhDTUlHL01Rc3dDUVlEVlFRR0V3SlZVekVTCk1CQUdBMVVFQ0JNSlUyOXRaWGRvWlhKbE1SRXdEd1lEVlFRSEV3aFRiMjFsWTJsMGVURVVNQklHQTFVRUNoTUwKUTI5dGNHRnVlVTVoYldVeEx6QXRCZ05WQkFzVEprOXlaMkZ1YVhwaGRHbHZibUZzSUZWdWFYUWdUbUZ0WlNBbwpaV2NzSUhObFkzUnBiMjRwTVNRd0lnWURWUVFERXh0RGIyMXRiMjRnVG1GdFpTQW9aV2NzSUZsUFZWSWdibUZ0ClpTa3hIREFhQmdrcWhraUc5dzBCQ1FFV0RVVnRZV2xzSUVGa1pISmxjM09DQ1FEOVZMUWtXMVZZeHpBTUJnTlYKSFJNRUJUQURBUUgvTUEwR0NTcUdTSWIzRFFFQkJRVUFBNEdCQUlDM0V6VHhHUnJCWTY1a0dpVGZnU1ZadnZmUQo0aVBjK1BwclRIMStDbWJVOUVubTBlVm5hRkVvVWxDSVRkenR4V01SRDZGZjYyajFyTmlwWm1OWFUybUNQZlRjCk84YWlMMDVnbWZBLzN0ZkRkTWp2ekFCN3lZaUx1ZGI4all0RlFueWk2RS9FNDY4RjJNVXRnSlA3dFNYV3FDU0YKR2tZZVp4RXhpUFUzNDZoaQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==</crt>

      		<prv>R2VuZXJhdGluZyBSU0EgcHJpdmF0ZSBrZXksIDEwMjQgYml0IGxvbmcgbW9kdWx1cwouLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLisrKysrKwouLi4uLi4uLi4uLi4uLi4uLi4uKysrKysrCnVuYWJsZSB0byB3cml0ZSAncmFuZG9tIHN0YXRlJwplIGlzIDY1NTM3ICgweDEwMDAxKQotLS0tLUJFR0lOIFJTQSBQUklWQVRFIEtFWS0tLS0tCk1JSUNYUUlCQUFLQmdRRHZYTlFpejVoM01MaktxTmZLVGQxQUMrajlkR3F4WGN5QnVEWDl1MDJaMjVwbjFpeTcKdjhhUG56SUlMcThmM1hvQllBdW5xdmM4WXdabFUzQnFITUZMMW13L2wydDdDMVRVUFovYitabk81QW1hb1Qwdgo1ZThJNzE3OGlIbkVqZmRtd3FKWlVUOVpITERmdUZtbXIrR2d2b3E4U1ZEUHZFUTJ4ZytzNTNCVGlRSURBUUFCCkFvR0JBTXhydVBncDF3b2o0QTJqK1BiYlhOTXYyTUZzeFJuSkE3amRPNjhBWVp1K3dyVmZZa0ROM2FRV3owSFIKck5wSDZjUjI1RDFEYzNadEU2OUJmVVlDWE1qaXhOZUJpWWY3eGhUQzVvTk5pY3EzOVB2NTlwdHlBZjlqaWRMcwptK3BOZzVnazZJRThqSkVFWHRrdXM2KzkrYlpLWXp4ZHIxL2NuT3RveXVsVVN6OEJBa0VBLzRvQ2JEUThQNmd1ClphdnFMSXQyaVkxc3FuOUN6VC9CVjhRcGcwYktPUjJFYjV2WmNiZkd2VmdxeFZvNWdxSHMrOGNCbFFGaEVjZCsKaE9hZktjOG0rUUpCQU8vTFdaa3F4M0t2U2dFMmJmUkNJU0VzL05xMTQxTGsrSG14K2FQaHBtNUtuMk5MMlJZZgowZVBqbEx1Yy9wditmSkpwWkVwWUJpdlM0ZU1sdTRQaTVSRUNRUURHS3JsOFBmbm5CNzZMWEFscTUvQlI5Wm1xCmtxdzBUVmZiZnlVT1IreDA1SDRhcTBxeVZHbEwxcjY4Y3g2Y1BvUndNRUQ2MDZuNlJySEgwS3pubUZ6SkFrQlgKajc2dzhuRVFETGdPUjB6UlE1Q0xaNzBSTkJmRlBqMEpXeGJZWTk1OUtaeVlDcXREcSt6ZHRVMnJVSUdjZnNvSQpRSm5SbCtEeEFibGdVM2ZzaWQ2eEFrQUhvMXVWZ0k1SnpHQzJVKzcyRjlRVXh1bUNHMGNWZk9JQ0RhcUhyeVF1CnNKdlhvVVhkcnA0dkg2QW92U0tCREx1clNGMWdxdGFQZVlSOEpPTlBBZlMrCi0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tCg==</prv>

      	</cert>

      </pfsense>

(2-2/3)

Project

General

Profile

pfSense

Bug #729 » config-strider.csolve.local-20100923160001.xml