|
1
|
<?xml version="1.0"?>
|
|
2
|
<pfsense>
|
|
3
|
<version>18.7</version>
|
|
4
|
<lastchange></lastchange>
|
|
5
|
<system>
|
|
6
|
<optimization>normal</optimization>
|
|
7
|
<hostname>pfSense</hostname>
|
|
8
|
<domain>localdomain</domain>
|
|
9
|
<dnsserver></dnsserver>
|
|
10
|
<dnsallowoverride></dnsallowoverride>
|
|
11
|
<group>
|
|
12
|
<name>all</name>
|
|
13
|
<description><![CDATA[All Users]]></description>
|
|
14
|
<scope>system</scope>
|
|
15
|
<gid>1998</gid>
|
|
16
|
<member>0</member>
|
|
17
|
</group>
|
|
18
|
<group>
|
|
19
|
<name>admins</name>
|
|
20
|
<description><![CDATA[System Administrators]]></description>
|
|
21
|
<scope>system</scope>
|
|
22
|
<gid>1999</gid>
|
|
23
|
<member>0</member>
|
|
24
|
<priv>page-all</priv>
|
|
25
|
</group>
|
|
26
|
<user>
|
|
27
|
<name>admin</name>
|
|
28
|
<descr><![CDATA[System Administrator]]></descr>
|
|
29
|
<scope>system</scope>
|
|
30
|
<groupname>admins</groupname>
|
|
31
|
<bcrypt-hash>$2b$10$13u6qwCOwODv34GyCMgdWub6oQF3RX0rG7c3d3X4JvzuEmAXLYDd2</bcrypt-hash>
|
|
32
|
<uid>0</uid>
|
|
33
|
<priv>user-shell-access</priv>
|
|
34
|
</user>
|
|
35
|
<nextuid>2000</nextuid>
|
|
36
|
<nextgid>2000</nextgid>
|
|
37
|
<timeservers>0.pfsense.pool.ntp.org</timeservers>
|
|
38
|
<webgui>
|
|
39
|
<protocol>https</protocol>
|
|
40
|
<loginautocomplete></loginautocomplete>
|
|
41
|
<ssl-certref>5b7888397b7f6</ssl-certref>
|
|
42
|
<dashboardcolumns>2</dashboardcolumns>
|
|
43
|
</webgui>
|
|
44
|
<disablenatreflection>yes</disablenatreflection>
|
|
45
|
<disablesegmentationoffloading></disablesegmentationoffloading>
|
|
46
|
<disablelargereceiveoffloading></disablelargereceiveoffloading>
|
|
47
|
<ipv6allow></ipv6allow>
|
|
48
|
<maximumtableentries>400000</maximumtableentries>
|
|
49
|
<powerd_ac_mode>hadp</powerd_ac_mode>
|
|
50
|
<powerd_battery_mode>hadp</powerd_battery_mode>
|
|
51
|
<powerd_normal_mode>hadp</powerd_normal_mode>
|
|
52
|
<bogons>
|
|
53
|
<interval>monthly</interval>
|
|
54
|
</bogons>
|
|
55
|
<enableserial></enableserial>
|
|
56
|
<already_run_config_upgrade></already_run_config_upgrade>
|
|
57
|
<disablefilter>enabled</disablefilter>
|
|
58
|
<maximumstates></maximumstates>
|
|
59
|
<aliasesresolveinterval></aliasesresolveinterval>
|
|
60
|
<maximumfrags></maximumfrags>
|
|
61
|
<reflectiontimeout></reflectiontimeout>
|
|
62
|
</system>
|
|
63
|
<interfaces>
|
|
64
|
<wan>
|
|
65
|
<enable></enable>
|
|
66
|
<if>igb0</if>
|
|
67
|
<mtu></mtu>
|
|
68
|
<ipaddr>dhcp</ipaddr>
|
|
69
|
<ipaddrv6>dhcp6</ipaddrv6>
|
|
70
|
<subnet></subnet>
|
|
71
|
<gateway></gateway>
|
|
72
|
<blockpriv></blockpriv>
|
|
73
|
<blockbogons></blockbogons>
|
|
74
|
<dhcphostname></dhcphostname>
|
|
75
|
<media></media>
|
|
76
|
<mediaopt></mediaopt>
|
|
77
|
<dhcp6-duid></dhcp6-duid>
|
|
78
|
<dhcp6-ia-pd-len>0</dhcp6-ia-pd-len>
|
|
79
|
</wan>
|
|
80
|
<lan>
|
|
81
|
<enable></enable>
|
|
82
|
<if>igb1</if>
|
|
83
|
<ipaddr>192.168.1.1</ipaddr>
|
|
84
|
<subnet>24</subnet>
|
|
85
|
<ipaddrv6>track6</ipaddrv6>
|
|
86
|
<subnetv6>64</subnetv6>
|
|
87
|
<media></media>
|
|
88
|
<mediaopt></mediaopt>
|
|
89
|
<track6-interface>wan</track6-interface>
|
|
90
|
<track6-prefix-id>0</track6-prefix-id>
|
|
91
|
</lan>
|
|
92
|
</interfaces>
|
|
93
|
<staticroutes></staticroutes>
|
|
94
|
<dhcpd>
|
|
95
|
<lan>
|
|
96
|
<enable></enable>
|
|
97
|
<range>
|
|
98
|
<from>192.168.1.100</from>
|
|
99
|
<to>192.168.1.199</to>
|
|
100
|
</range>
|
|
101
|
</lan>
|
|
102
|
</dhcpd>
|
|
103
|
<dhcpdv6>
|
|
104
|
<lan>
|
|
105
|
<enable></enable>
|
|
106
|
<range>
|
|
107
|
<from>::1000</from>
|
|
108
|
<to>::2000</to>
|
|
109
|
</range>
|
|
110
|
<ramode>assist</ramode>
|
|
111
|
<rapriority>medium</rapriority>
|
|
112
|
</lan>
|
|
113
|
</dhcpdv6>
|
|
114
|
<snmpd>
|
|
115
|
<syslocation></syslocation>
|
|
116
|
<syscontact></syscontact>
|
|
117
|
<rocommunity>public</rocommunity>
|
|
118
|
</snmpd>
|
|
119
|
<diag>
|
|
120
|
<ipv6nat>
|
|
121
|
<ipaddr></ipaddr>
|
|
122
|
</ipv6nat>
|
|
123
|
</diag>
|
|
124
|
<syslog>
|
|
125
|
<filterdescriptions>1</filterdescriptions>
|
|
126
|
</syslog>
|
|
127
|
<nat>
|
|
128
|
<outbound>
|
|
129
|
<mode>automatic</mode>
|
|
130
|
</outbound>
|
|
131
|
</nat>
|
|
132
|
<filter>
|
|
133
|
<rule>
|
|
134
|
<type>pass</type>
|
|
135
|
<ipprotocol>inet</ipprotocol>
|
|
136
|
<descr><![CDATA[Default allow LAN to any rule]]></descr>
|
|
137
|
<interface>lan</interface>
|
|
138
|
<tracker>0100000101</tracker>
|
|
139
|
<source>
|
|
140
|
<network>lan</network>
|
|
141
|
</source>
|
|
142
|
<destination>
|
|
143
|
<any></any>
|
|
144
|
</destination>
|
|
145
|
</rule>
|
|
146
|
<rule>
|
|
147
|
<type>pass</type>
|
|
148
|
<ipprotocol>inet6</ipprotocol>
|
|
149
|
<descr><![CDATA[Default allow LAN IPv6 to any rule]]></descr>
|
|
150
|
<interface>lan</interface>
|
|
151
|
<tracker>0100000102</tracker>
|
|
152
|
<source>
|
|
153
|
<network>lan</network>
|
|
154
|
</source>
|
|
155
|
<destination>
|
|
156
|
<any></any>
|
|
157
|
</destination>
|
|
158
|
</rule>
|
|
159
|
</filter>
|
|
160
|
<shaper></shaper>
|
|
161
|
<ipsec></ipsec>
|
|
162
|
<aliases></aliases>
|
|
163
|
<proxyarp></proxyarp>
|
|
164
|
<cron>
|
|
165
|
<item>
|
|
166
|
<minute>1,31</minute>
|
|
167
|
<hour>0-5</hour>
|
|
168
|
<mday>*</mday>
|
|
169
|
<month>*</month>
|
|
170
|
<wday>*</wday>
|
|
171
|
<who>root</who>
|
|
172
|
<command>/usr/bin/nice -n20 adjkerntz -a</command>
|
|
173
|
</item>
|
|
174
|
<item>
|
|
175
|
<minute>1</minute>
|
|
176
|
<hour>3</hour>
|
|
177
|
<mday>1</mday>
|
|
178
|
<month>*</month>
|
|
179
|
<wday>*</wday>
|
|
180
|
<who>root</who>
|
|
181
|
<command>/usr/bin/nice -n20 /etc/rc.update_bogons.sh</command>
|
|
182
|
</item>
|
|
183
|
<item>
|
|
184
|
<minute>*/60</minute>
|
|
185
|
<hour>*</hour>
|
|
186
|
<mday>*</mday>
|
|
187
|
<month>*</month>
|
|
188
|
<wday>*</wday>
|
|
189
|
<who>root</who>
|
|
190
|
<command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 sshlockout</command>
|
|
191
|
</item>
|
|
192
|
<item>
|
|
193
|
<minute>*/60</minute>
|
|
194
|
<hour>*</hour>
|
|
195
|
<mday>*</mday>
|
|
196
|
<month>*</month>
|
|
197
|
<wday>*</wday>
|
|
198
|
<who>root</who>
|
|
199
|
<command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 webConfiguratorlockout</command>
|
|
200
|
</item>
|
|
201
|
<item>
|
|
202
|
<minute>1</minute>
|
|
203
|
<hour>1</hour>
|
|
204
|
<mday>*</mday>
|
|
205
|
<month>*</month>
|
|
206
|
<wday>*</wday>
|
|
207
|
<who>root</who>
|
|
208
|
<command>/usr/bin/nice -n20 /etc/rc.dyndns.update</command>
|
|
209
|
</item>
|
|
210
|
<item>
|
|
211
|
<minute>*/60</minute>
|
|
212
|
<hour>*</hour>
|
|
213
|
<mday>*</mday>
|
|
214
|
<month>*</month>
|
|
215
|
<wday>*</wday>
|
|
216
|
<who>root</who>
|
|
217
|
<command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 virusprot</command>
|
|
218
|
</item>
|
|
219
|
<item>
|
|
220
|
<minute>30</minute>
|
|
221
|
<hour>12</hour>
|
|
222
|
<mday>*</mday>
|
|
223
|
<month>*</month>
|
|
224
|
<wday>*</wday>
|
|
225
|
<who>root</who>
|
|
226
|
<command>/usr/bin/nice -n20 /etc/rc.update_urltables</command>
|
|
227
|
</item>
|
|
228
|
<item>
|
|
229
|
<minute>1</minute>
|
|
230
|
<hour>0</hour>
|
|
231
|
<mday>*</mday>
|
|
232
|
<month>*</month>
|
|
233
|
<wday>*</wday>
|
|
234
|
<who>root</who>
|
|
235
|
<command>/usr/bin/nice -n20 /etc/rc.update_pkg_metadata</command>
|
|
236
|
</item>
|
|
237
|
<item>
|
|
238
|
<minute>0</minute>
|
|
239
|
<hour>0</hour>
|
|
240
|
<mday>8</mday>
|
|
241
|
<month>*</month>
|
|
242
|
<wday>*</wday>
|
|
243
|
<who>root</who>
|
|
244
|
<command>/usr/bin/nice -n20 /usr/local/bin/php-cgi -f /usr/local/pkg/suricata/suricata_geoipupdate.php</command>
|
|
245
|
</item>
|
|
246
|
<item>
|
|
247
|
<minute>*/5</minute>
|
|
248
|
<hour>*</hour>
|
|
249
|
<mday>*</mday>
|
|
250
|
<month>*</month>
|
|
251
|
<wday>*</wday>
|
|
252
|
<who>root</who>
|
|
253
|
<command>/usr/bin/nice -n20 /usr/local/bin/php-cgi -f /usr/local/pkg/suricata/suricata_check_cron_misc.inc</command>
|
|
254
|
</item>
|
|
255
|
</cron>
|
|
256
|
<wol></wol>
|
|
257
|
<rrd>
|
|
258
|
<enable></enable>
|
|
259
|
</rrd>
|
|
260
|
<load_balancer>
|
|
261
|
<monitor_type>
|
|
262
|
<name>ICMP</name>
|
|
263
|
<type>icmp</type>
|
|
264
|
<descr><![CDATA[ICMP]]></descr>
|
|
265
|
<options></options>
|
|
266
|
</monitor_type>
|
|
267
|
<monitor_type>
|
|
268
|
<name>TCP</name>
|
|
269
|
<type>tcp</type>
|
|
270
|
<descr><![CDATA[Generic TCP]]></descr>
|
|
271
|
<options></options>
|
|
272
|
</monitor_type>
|
|
273
|
<monitor_type>
|
|
274
|
<name>HTTP</name>
|
|
275
|
<type>http</type>
|
|
276
|
<descr><![CDATA[Generic HTTP]]></descr>
|
|
277
|
<options>
|
|
278
|
<path>/</path>
|
|
279
|
<host></host>
|
|
280
|
<code>200</code>
|
|
281
|
</options>
|
|
282
|
</monitor_type>
|
|
283
|
<monitor_type>
|
|
284
|
<name>HTTPS</name>
|
|
285
|
<type>https</type>
|
|
286
|
<descr><![CDATA[Generic HTTPS]]></descr>
|
|
287
|
<options>
|
|
288
|
<path>/</path>
|
|
289
|
<host></host>
|
|
290
|
<code>200</code>
|
|
291
|
</options>
|
|
292
|
</monitor_type>
|
|
293
|
<monitor_type>
|
|
294
|
<name>SMTP</name>
|
|
295
|
<type>send</type>
|
|
296
|
<descr><![CDATA[Generic SMTP]]></descr>
|
|
297
|
<options>
|
|
298
|
<send></send>
|
|
299
|
<expect>220 *</expect>
|
|
300
|
</options>
|
|
301
|
</monitor_type>
|
|
302
|
</load_balancer>
|
|
303
|
<widgets>
|
|
304
|
<sequence>system_information:col1:show,netgate_services_and_support:col2:show,interfaces:col2:show</sequence>
|
|
305
|
<period>10</period>
|
|
306
|
</widgets>
|
|
307
|
<openvpn></openvpn>
|
|
308
|
<dnshaper></dnshaper>
|
|
309
|
<unbound>
|
|
310
|
<enable></enable>
|
|
311
|
<dnssec></dnssec>
|
|
312
|
<active_interface></active_interface>
|
|
313
|
<outgoing_interface></outgoing_interface>
|
|
314
|
<custom_options></custom_options>
|
|
315
|
<hideidentity></hideidentity>
|
|
316
|
<hideversion></hideversion>
|
|
317
|
<dnssecstripped></dnssecstripped>
|
|
318
|
</unbound>
|
|
319
|
<revision>
|
|
320
|
<time>1534675243</time>
|
|
321
|
<description><![CDATA[(system): Suricata pkg: updated status for updated rules package(s) check.]]></description>
|
|
322
|
<username>(system)</username>
|
|
323
|
</revision>
|
|
324
|
<cert>
|
|
325
|
<refid>5b7888397b7f6</refid>
|
|
326
|
<descr><![CDATA[webConfigurator default (5b7888397b7f6)]]></descr>
|
|
327
|
<type>server</type>
|
|
328
|
<crt>LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUZqekNDQkhlZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBRENCdERFTE1Ba0dBMVVFQmhNQ1ZWTXgKRGpBTUJnTlZCQWdUQlZOMFlYUmxNUkV3RHdZRFZRUUhFd2hNYjJOaGJHbDBlVEU0TURZR0ExVUVDaE12Y0daVApaVzV6WlNCM1pXSkRiMjVtYVdkMWNtRjBiM0lnVTJWc1ppMVRhV2R1WldRZ1EyVnlkR2xtYVdOaGRHVXhLREFtCkJna3Foa2lHOXcwQkNRRVdHV0ZrYldsdVFIQm1VMlZ1YzJVdWJHOWpZV3hrYjIxaGFXNHhIakFjQmdOVkJBTVQKRlhCbVUyVnVjMlV0TldJM09EZzRNemszWWpkbU5qQWVGdzB4T0RBNE1UZ3lNRFUzTWpsYUZ3MHlOREF5TURneQpNRFUzTWpsYU1JRzBNUXN3Q1FZRFZRUUdFd0pWVXpFT01Bd0dBMVVFQ0JNRlUzUmhkR1V4RVRBUEJnTlZCQWNUCkNFeHZZMkZzYVhSNU1UZ3dOZ1lEVlFRS0V5OXdabE5sYm5ObElIZGxZa052Ym1acFozVnlZWFJ2Y2lCVFpXeG0KTFZOcFoyNWxaQ0JEWlhKMGFXWnBZMkYwWlRFb01DWUdDU3FHU0liM0RRRUpBUllaWVdSdGFXNUFjR1pUWlc1egpaUzVzYjJOaGJHUnZiV0ZwYmpFZU1Cd0dBMVVFQXhNVmNHWlRaVzV6WlMwMVlqYzRPRGd6T1RkaU4yWTJNSUlCCklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUEyZG5SWWhGS1BCR2RoQ01ZakRncGRuYlkKdEJGcTF4amJWekkzV3NkNm4zK2tSQUtua29YTHRha0lIYlhtQkpOSUZnQVBIUkNjQzNoUEVaazJBQVBFTkZVVgpzNVE1WFhFVkhIQ0w2cjhseVViVUxTblFKQlFzTTBVSE1ES3ppUEE5TlFUS0kyeFI2WjRINXREMkNRdFVtTEVSCkxtL0M2cGk2MkQ4Y0I5c0g0Y0Y0aDcwVWJHMjN1QmdrUjhzSm5xMHZnTm40c2tSUHVTTkVGMEVTUjRtNG9KZDIKOXVCK1czWEZHWWk2TFIyNmZLc1pLTGhweDJoVHh5RngxeEJwdnVNSTN1Y0tBZmFZM01KVElEV3N6OHlUbHk5cwpnb3RCWDdZZ2VDYjQxdmFxRk1rMURVM2RWdUN0MTBRSEpRNjJQSW43VitabUFOTjY1c3FZT09IaXZqd3lyd0lECkFRQUJvNElCcURDQ0FhUXdDUVlEVlIwVEJBSXdBREFSQmdsZ2hrZ0JodmhDQVFFRUJBTUNCa0F3Q3dZRFZSMFAKQkFRREFnV2dNRE1HQ1dDR1NBR0crRUlCRFFRbUZpUlBjR1Z1VTFOTUlFZGxibVZ5WVhSbFpDQlRaWEoyWlhJZwpRMlZ5ZEdsbWFXTmhkR1V3SFFZRFZSME9CQllFRkcwT2xaUTJ2KzkvZzkwVko3Uzhqc1l5NE5iZU1JSGhCZ05WCkhTTUVnZGt3Z2RhQUZHME9sWlEydis5L2c5MFZKN1M4anNZeTROYmVvWUc2cElHM01JRzBNUXN3Q1FZRFZRUUcKRXdKVlV6RU9NQXdHQTFVRUNCTUZVM1JoZEdVeEVUQVBCZ05WQkFjVENFeHZZMkZzYVhSNU1UZ3dOZ1lEVlFRSwpFeTl3WmxObGJuTmxJSGRsWWtOdmJtWnBaM1Z5WVhSdmNpQlRaV3htTFZOcFoyNWxaQ0JEWlhKMGFXWnBZMkYwClpURW9NQ1lHQ1NxR1NJYjNEUUVKQVJZWllXUnRhVzVBY0daVFpXNXpaUzVzYjJOaGJHUnZiV0ZwYmpFZU1Cd0cKQTFVRUF4TVZjR1pUWlc1elpTMDFZamM0T0Rnek9UZGlOMlkyZ2dFQU1CMEdBMVVkSlFRV01CUUdDQ3NHQVFVRgpCd01CQmdnckJnRUZCUWdDQWpBZ0JnTlZIUkVFR1RBWGdoVndabE5sYm5ObExUVmlOemc0T0RNNU4ySTNaall3CkRRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFMSDIyZlB2dkxqZEF0N0ZEYmZISEN2a0xHcDI5Y2lBbmUrOGJvK2sKQVJta2kyOEVhSHRidGlmTys5OUVFVEhRR2FEZ1BFaHlrWTEwTlpRWFhUdjRFWFY4NXI2eFpPQlFiVCs3ejNBMQptMUsxZUZwL1JsOWpYT2hnb05xMmVPL2pIaVFjc0JWelJFMHVnckEzbnlaQlN5SXJxaXZScHBGMkdwVnQyZTY1ClpEdnBvdk9oN0FTeHA5V2RtNFJjaGFEalNoYjlGdUQ5djAycCtPZEZHMjdCc3ptLzBRZ3hmV01nRy9SNGFKUncKOUV1cVBCSlREdTZJNTVDRkduWXh0Ky9OR3RoUUtGVjBpZk1vOXpkMTZ5d0dJaVBHZFVyUGF1SnM0VnFNNjl6UQpZQldFS2FUK0FVQXJ2MmdyZFBPY1p2ZWRlTWZ2NGM3WXMwaXM3YWRCTUdPc2tpRT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=</crt>
|
|
329
|
<prv>LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2UUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktjd2dnU2pBZ0VBQW9JQkFRRFoyZEZpRVVvOEVaMkUKSXhpTU9DbDJkdGkwRVdyWEdOdFhNamRheDNxZmY2UkVBcWVTaGN1MXFRZ2R0ZVlFazBnV0FBOGRFSndMZUU4UgptVFlBQThRMFZSV3psRGxkY1JVY2NJdnF2eVhKUnRRdEtkQWtGQ3d6UlFjd01yT0k4RDAxQk1vamJGSHBuZ2ZtCjBQWUpDMVNZc1JFdWI4THFtTHJZUHh3SDJ3Zmh3WGlIdlJSc2JiZTRHQ1JIeXdtZXJTK0EyZml5UkUrNUkwUVgKUVJKSGliaWdsM2IyNEg1YmRjVVppTG90SGJwOHF4a291R25IYUZQSElYSFhFR20rNHdqZTV3b0I5cGpjd2xNZwpOYXpQekpPWEwyeUNpMEZmdGlCNEp2alc5cW9VeVRVTlRkMVc0SzNYUkFjbERyWThpZnRYNW1ZQTAzcm15cGc0CjRlSytQREt2QWdNQkFBRUNnZ0VBRnB0dENDRkZNK0NjR1FkUFY5WElMN3Y3bHd3cnF6Q3dLbWRTcVVBRU1LTWQKVjlWeXNGamtIL0R2bjYydHRoSFdyRG5MVjdmT2liNHRibVVZM24yRmtleTJlTkZMOXE5eWdtWUhqdy9SQ3djbgpvNXd3Tmw1RmkvaUEyM2FYZlFGNVNKUTdxZHRtMExpT2wxeGQrK2hLR2lKZDV4VEFCSHBmQVd2aks4bUdFdDVBCjRobzAreDdBcVNpdFlPQkJGL09YTzI0UGUxYXRyYVhKS041TmJKa2ZqOVZ3aXRRZU8rSUgvYW5QVzJDMnRDalkKUTVKR29QckZBNWI2NGFITVk4a3NJMHcwdjNGbGh6MFgyZDAxbmYxNUFlUVp2b3gxUE1RbHRzSXhScDFCN2RQMwo1dFc1QXZQQ2lLSVRNOVJYaTFnd2dtU0ZUQzNnTEViYnVwYmJYbm5Pb1FLQmdRRDRBa3dUa1FGVFEzS2k0eG93CmpTWXdSVjBHdnJZRmJSM3lpL21ZTER3dmZ5bTR1K2VlMVpoWGt2bFpSdzI5NTlGY0k0TjU1VytGWEVjQUpWbHoKbWxMZ1Z1Z3FrTmJwaFpySkNEekRFV2Z2RmVIc1h2OUhPWjhqbXNMK1l1c3dmM0s4L25RV1lUd3ZTTGV2ZHZpNQpuTHVMaHZiL09rNDNQYTQzOUxqeFB5aHVzUUtCZ1FEZzNzTG9mYUY1cHJKdkZDYmE4VnNQKzJsRERja3kxWUgrCm1GeHVxdGpYUnFmMTJyeE9PZ0hlbkwwSmMwcHczR0xzLzJQQmJHY0ZYRWxIMmZjdFYwaGcrYytFb0VoOVNudkgKSExaK3kvRFIyWFNDeVhhSGp6N29SMGVZWjRjYlhRZW9aYXFLK0ovMWh1SlNhZThxRWNIZXVVdVBRRndTTzBXTwpQMUhjZXRyUFh3S0JnRFliZWpHQ24wRmxJNnQ1MUlybklIL0Rna29vYlZtOXRwem1BT3c4S2wxS1p2WFF1UFdrCkwvcGJMRjlYNngyVlo4MnNTZERjUjNwVzZYNlVwM0ZiSjkyZDJFVUJHSUlXRGZEeUJSK2h1b1VreHdka3Fsa0YKcnp4N1ZUTmVyV1VGU1NrR2NwazNXWVFQWDFPK3B3RUh1cnIwRlFzVjAxNmw3RTUwNjZ4bVZSSGhBb0dBQzBaZwpFM1FwSW9aZkwvNmNyQ0dwNVRVLzQrTFBFY051enlzb2gwdjlyMTJWa2xnelZPREhzemU4cXJxakl1R0ovRVFaCjVscmZGMyszRk9reTRZMGN6ZS80bmJmRHFyU1BYRDV1VUJFOXMrZnBWWjF3V2YrdXNjclJKaTBhc3g2SkFjS0gKT0l5YXlKN0l2a1VkZnNpQkpmKzRjQ2hUOVg0UFVNQ1FCRFFNd0pVQ2dZRUFvcUJNY2xDMXlmYnRCMzBtTTd3dQphaUYxcTV5WTBFekxxSUI3bHhUTEdOcDhJa0ljYVRqdUNRdkZmMk95bEpsY0RnVjdaTDgrelFTTHZFUnlVS3c1CjJ4YTh4YzZ3SVNXV2VoQ1haZWM1K0EvaCsza3ZTdWhTeGJSWG5yb04zTVRFQ1VVZFM5ODJGVlAvQ2JBYy8rS2IKWVBKZUN6OEVoRzRDVE10MzZHTHBUT2c9Ci0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0K</prv>
|
|
330
|
</cert>
|
|
331
|
<installedpackages>
|
|
332
|
<package>
|
|
333
|
<name>suricata</name>
|
|
334
|
<website>http://suricata-ids.org/</website>
|
|
335
|
<descr><![CDATA[High Performance Network IDS, IPS and Security Monitoring engine by OISF.]]></descr>
|
|
336
|
<version>4.0.13_3</version>
|
|
337
|
<configurationfile>suricata.xml</configurationfile>
|
|
338
|
<include_file>/usr/local/pkg/suricata/suricata.inc</include_file>
|
|
339
|
</package>
|
|
340
|
<suricata>
|
|
341
|
<config>
|
|
342
|
<forcekeepsettings>on</forcekeepsettings>
|
|
343
|
<suricata_config_ver>4.0.13_3</suricata_config_ver>
|
|
344
|
<enable_vrt_rules>off</enable_vrt_rules>
|
|
345
|
<snortcommunityrules>on</snortcommunityrules>
|
|
346
|
<enable_etopen_rules>on</enable_etopen_rules>
|
|
347
|
<enable_etpro_rules>off</enable_etpro_rules>
|
|
348
|
<autogeoipupdate>on</autogeoipupdate>
|
|
349
|
<hide_deprecated_rules>off</hide_deprecated_rules>
|
|
350
|
<enable_etopen_custom_url>off</enable_etopen_custom_url>
|
|
351
|
<enable_etpro_custom_url>off</enable_etpro_custom_url>
|
|
352
|
<enable_snort_custom_url>off</enable_snort_custom_url>
|
|
353
|
<enable_gplv2_custom_url>off</enable_gplv2_custom_url>
|
|
354
|
<snort_rules_file></snort_rules_file>
|
|
355
|
<oinkcode></oinkcode>
|
|
356
|
<etprocode></etprocode>
|
|
357
|
<rm_blocked>never_b</rm_blocked>
|
|
358
|
<autoruleupdate>never_up</autoruleupdate>
|
|
359
|
<etopen_custom_rule_url></etopen_custom_rule_url>
|
|
360
|
<etpro_custom_rule_url></etpro_custom_rule_url>
|
|
361
|
<snort_custom_url></snort_custom_url>
|
|
362
|
<gplv2_custom_url></gplv2_custom_url>
|
|
363
|
<log_to_systemlog>off</log_to_systemlog>
|
|
364
|
<log_to_systemlog_facility>local1</log_to_systemlog_facility>
|
|
365
|
<live_swap_updates>off</live_swap_updates>
|
|
366
|
<last_rule_upd_status>success</last_rule_upd_status>
|
|
367
|
<last_rule_upd_time>1534675243</last_rule_upd_time>
|
|
368
|
</config>
|
|
369
|
<rule>
|
|
370
|
<interface>lan</interface>
|
|
371
|
<enable>on</enable>
|
|
372
|
<uuid>38722</uuid>
|
|
373
|
<descr><![CDATA[WAN]]></descr>
|
|
374
|
<max_pcap_log_size>32</max_pcap_log_size>
|
|
375
|
<max_pcap_log_files>1000</max_pcap_log_files>
|
|
376
|
<enable_stats_log>off</enable_stats_log>
|
|
377
|
<append_stats_log>off</append_stats_log>
|
|
378
|
<stats_upd_interval>10</stats_upd_interval>
|
|
379
|
<enable_http_log>on</enable_http_log>
|
|
380
|
<append_http_log>on</append_http_log>
|
|
381
|
<enable_tls_log>off</enable_tls_log>
|
|
382
|
<enable_tls_store>off</enable_tls_store>
|
|
383
|
<http_log_extended>on</http_log_extended>
|
|
384
|
<tls_log_extended>on</tls_log_extended>
|
|
385
|
<enable_pcap_log>off</enable_pcap_log>
|
|
386
|
<enable_json_file_log>off</enable_json_file_log>
|
|
387
|
<append_json_file_log>on</append_json_file_log>
|
|
388
|
<enable_tracked_files_magic>off</enable_tracked_files_magic>
|
|
389
|
<tracked_files_hash>none</tracked_files_hash>
|
|
390
|
<enable_file_store>off</enable_file_store>
|
|
391
|
<enable_eve_log>off</enable_eve_log>
|
|
392
|
<max_pending_packets>1024</max_pending_packets>
|
|
393
|
<inspect_recursion_limit>3000</inspect_recursion_limit>
|
|
394
|
<intf_snaplen>1518</intf_snaplen>
|
|
395
|
<detect_eng_profile>medium</detect_eng_profile>
|
|
396
|
<mpm_algo>auto</mpm_algo>
|
|
397
|
<sgh_mpm_context>auto</sgh_mpm_context>
|
|
398
|
<blockoffenders>off</blockoffenders>
|
|
399
|
<ips_mode>ips_mode_legacy</ips_mode>
|
|
400
|
<blockoffenderskill>on</blockoffenderskill>
|
|
401
|
<block_drops_only>off</block_drops_only>
|
|
402
|
<blockoffendersip>both</blockoffendersip>
|
|
403
|
<passlistname>default</passlistname>
|
|
404
|
<homelistname>default</homelistname>
|
|
405
|
<externallistname>default</externallistname>
|
|
406
|
<suppresslistname>default</suppresslistname>
|
|
407
|
<alertsystemlog>off</alertsystemlog>
|
|
408
|
<alertsystemlog_facility>local1</alertsystemlog_facility>
|
|
409
|
<alertsystemlog_priority>notice</alertsystemlog_priority>
|
|
410
|
<enable_dns_log>off</enable_dns_log>
|
|
411
|
<append_dns_log>on</append_dns_log>
|
|
412
|
<eve_output_type>file</eve_output_type>
|
|
413
|
<eve_log_alerts>on</eve_log_alerts>
|
|
414
|
<eve_log_alerts_payload>on</eve_log_alerts_payload>
|
|
415
|
<eve_log_alerts_packet>on</eve_log_alerts_packet>
|
|
416
|
<eve_log_alerts_http>on</eve_log_alerts_http>
|
|
417
|
<eve_log_alerts_tls>on</eve_log_alerts_tls>
|
|
418
|
<eve_log_alerts_ssh>on</eve_log_alerts_ssh>
|
|
419
|
<eve_log_alerts_smtp>on</eve_log_alerts_smtp>
|
|
420
|
<eve_log_alerts_dnp3>on</eve_log_alerts_dnp3>
|
|
421
|
<eve_log_alerts_xff>off</eve_log_alerts_xff>
|
|
422
|
<eve_log_alerts_xff_mode>extra-data</eve_log_alerts_xff_mode>
|
|
423
|
<eve_log_alerts_xff_deployment>reverse</eve_log_alerts_xff_deployment>
|
|
424
|
<eve_log_alerts_xff_header>X-Forwarded-For</eve_log_alerts_xff_header>
|
|
425
|
<eve_log_http>on</eve_log_http>
|
|
426
|
<eve_log_dns>on</eve_log_dns>
|
|
427
|
<eve_log_tls>on</eve_log_tls>
|
|
428
|
<eve_log_files>on</eve_log_files>
|
|
429
|
<eve_log_ssh>on</eve_log_ssh>
|
|
430
|
<eve_log_smtp>on</eve_log_smtp>
|
|
431
|
<eve_log_stats>off</eve_log_stats>
|
|
432
|
<eve_log_flow>off</eve_log_flow>
|
|
433
|
<eve_log_stats_totals>on</eve_log_stats_totals>
|
|
434
|
<eve_log_stats_deltas>off</eve_log_stats_deltas>
|
|
435
|
<eve_log_stats_threads>off</eve_log_stats_threads>
|
|
436
|
<eve_log_http_extended>on</eve_log_http_extended>
|
|
437
|
<eve_log_tls_extended>on</eve_log_tls_extended>
|
|
438
|
<eve_log_smtp_extended>on</eve_log_smtp_extended>
|
|
439
|
<eve_log_http_extended_headers>accept, accept-charset, accept-datetime, accept-encoding, accept-language, accept-range, age, allow, authorization, cache-control, connection, content-encoding, content-language, content-length, content-location, content-md5, content-range, content-type, cookie, date, dnt, etags, from, last-modified, link, location, max-forwards, origin, pragma, proxy-authenticate, proxy-authorization, range, referrer, refresh, retry-after, server, set-cookie, te, trailer, transfer-encoding, upgrade, vary, via, warning, www-authenticate, x-authenticated-user, x-flash-version, x-forwarded-proto, x-requested-with</eve_log_http_extended_headers>
|
|
440
|
<eve_log_smtp_extended_fields>bcc, received, reply-to, x-mailer, x-originating-ip</eve_log_smtp_extended_fields>
|
|
441
|
<eve_log_files_magic>off</eve_log_files_magic>
|
|
442
|
<eve_log_files_hash>none</eve_log_files_hash>
|
|
443
|
<eve_log_drop>on</eve_log_drop>
|
|
444
|
<delayed_detect>off</delayed_detect>
|
|
445
|
<intf_promisc_mode>on</intf_promisc_mode>
|
|
446
|
<eve_redis_server>127.0.0.1</eve_redis_server>
|
|
447
|
<eve_redis_port>6379</eve_redis_port>
|
|
448
|
<eve_redis_mode>list</eve_redis_mode>
|
|
449
|
<eve_redis_key>suricata</eve_redis_key>
|
|
450
|
<ip_max_frags>65535</ip_max_frags>
|
|
451
|
<ip_frag_timeout>60</ip_frag_timeout>
|
|
452
|
<frag_memcap>33554432</frag_memcap>
|
|
453
|
<ip_max_trackers>65535</ip_max_trackers>
|
|
454
|
<frag_hash_size>65536</frag_hash_size>
|
|
455
|
<flow_memcap>33554432</flow_memcap>
|
|
456
|
<flow_prealloc>10000</flow_prealloc>
|
|
457
|
<flow_hash_size>65536</flow_hash_size>
|
|
458
|
<flow_emerg_recovery>30</flow_emerg_recovery>
|
|
459
|
<flow_prune>5</flow_prune>
|
|
460
|
<flow_tcp_new_timeout>60</flow_tcp_new_timeout>
|
|
461
|
<flow_tcp_established_timeout>3600</flow_tcp_established_timeout>
|
|
462
|
<flow_tcp_closed_timeout>120</flow_tcp_closed_timeout>
|
|
463
|
<flow_tcp_emerg_new_timeout>10</flow_tcp_emerg_new_timeout>
|
|
464
|
<flow_tcp_emerg_established_timeout>300</flow_tcp_emerg_established_timeout>
|
|
465
|
<flow_tcp_emerg_closed_timeout>20</flow_tcp_emerg_closed_timeout>
|
|
466
|
<flow_udp_new_timeout>30</flow_udp_new_timeout>
|
|
467
|
<flow_udp_established_timeout>300</flow_udp_established_timeout>
|
|
468
|
<flow_udp_emerg_new_timeout>10</flow_udp_emerg_new_timeout>
|
|
469
|
<flow_udp_emerg_established_timeout>100</flow_udp_emerg_established_timeout>
|
|
470
|
<flow_icmp_new_timeout>30</flow_icmp_new_timeout>
|
|
471
|
<flow_icmp_established_timeout>300</flow_icmp_established_timeout>
|
|
472
|
<flow_icmp_emerg_new_timeout>10</flow_icmp_emerg_new_timeout>
|
|
473
|
<flow_icmp_emerg_established_timeout>100</flow_icmp_emerg_established_timeout>
|
|
474
|
<stream_memcap>67108864</stream_memcap>
|
|
475
|
<stream_prealloc_sessions>32768</stream_prealloc_sessions>
|
|
476
|
<reassembly_memcap>67108864</reassembly_memcap>
|
|
477
|
<reassembly_depth>1048576</reassembly_depth>
|
|
478
|
<reassembly_to_server_chunk>2560</reassembly_to_server_chunk>
|
|
479
|
<reassembly_to_client_chunk>2560</reassembly_to_client_chunk>
|
|
480
|
<max_synack_queued>5</max_synack_queued>
|
|
481
|
<enable_midstream_sessions>off</enable_midstream_sessions>
|
|
482
|
<enable_async_sessions>off</enable_async_sessions>
|
|
483
|
<asn1_max_frames>256</asn1_max_frames>
|
|
484
|
<dns_global_memcap>16777216</dns_global_memcap>
|
|
485
|
<dns_state_memcap>524288</dns_state_memcap>
|
|
486
|
<dns_request_flood_limit>500</dns_request_flood_limit>
|
|
487
|
<http_parser_memcap>67108864</http_parser_memcap>
|
|
488
|
<dns_parser_udp>yes</dns_parser_udp>
|
|
489
|
<dns_parser_tcp>yes</dns_parser_tcp>
|
|
490
|
<http_parser>yes</http_parser>
|
|
491
|
<tls_parser>yes</tls_parser>
|
|
492
|
<smtp_parser>yes</smtp_parser>
|
|
493
|
<imap_parser>detection-only</imap_parser>
|
|
494
|
<ssh_parser>yes</ssh_parser>
|
|
495
|
<ftp_parser>yes</ftp_parser>
|
|
496
|
<dcerpc_parser>yes</dcerpc_parser>
|
|
497
|
<smb_parser>yes</smb_parser>
|
|
498
|
<msn_parser>detection-only</msn_parser>
|
|
499
|
<enable_iprep>off</enable_iprep>
|
|
500
|
<host_memcap>33554432</host_memcap>
|
|
501
|
<host_hash_size>4096</host_hash_size>
|
|
502
|
<host_prealloc>1000</host_prealloc>
|
|
503
|
<host_os_policy>
|
|
504
|
<item>
|
|
505
|
<name>default</name>
|
|
506
|
<bind_to>all</bind_to>
|
|
507
|
<policy>bsd</policy>
|
|
508
|
</item>
|
|
509
|
</host_os_policy>
|
|
510
|
<libhtp_policy>
|
|
511
|
<item>
|
|
512
|
<name>default</name>
|
|
513
|
<bind_to>all</bind_to>
|
|
514
|
<personality>IDS</personality>
|
|
515
|
<request-body-limit>4096</request-body-limit>
|
|
516
|
<response-body-limit>4096</response-body-limit>
|
|
517
|
<double-decode-path>no</double-decode-path>
|
|
518
|
<double-decode-query>no</double-decode-query>
|
|
519
|
<uri-include-all>no</uri-include-all>
|
|
520
|
</item>
|
|
521
|
</libhtp_policy>
|
|
522
|
<rulesets>decoder-events.rules||dns-events.rules||files.rules||http-events.rules||smtp-events.rules||stream-events.rules||tls-events.rules</rulesets>
|
|
523
|
<ips_policy_enable>off</ips_policy_enable>
|
|
524
|
</rule>
|
|
525
|
</suricata>
|
|
526
|
<menu>
|
|
527
|
<name>Suricata</name>
|
|
528
|
<tooltiptext>Configure Suricata settings</tooltiptext>
|
|
529
|
<section>Services</section>
|
|
530
|
<url>/suricata/suricata_interfaces.php</url>
|
|
531
|
</menu>
|
|
532
|
<service>
|
|
533
|
<name>suricata</name>
|
|
534
|
<rcfile>suricata.sh</rcfile>
|
|
535
|
<executable>suricata</executable>
|
|
536
|
<description><![CDATA[Suricata IDS/IPS Daemon]]></description>
|
|
537
|
</service>
|
|
538
|
</installedpackages>
|
|
539
|
</pfsense>
|
