Project

General

Profile

config-FW3-20130714094321.xml

configuration file - Zeev Zalessky, 07/14/2013 02:18 PM

 
1
<?xml version="1.0"?>
2
<pfsense>
3
        <version>9.7</version>
4
        <lastchange/>
5
        <theme>pfsense_ng</theme>
6
        <sysctl>
7
                <item>
8
                        <descr><![CDATA[Disable the pf ftp proxy handler.]]></descr>
9
                        <tunable>debug.pfftpproxy</tunable>
10
                        <value>default</value>
11
                </item>
12
                <item>
13
                        <descr><![CDATA[Increase UFS read-ahead speeds to match current state of hard drives and NCQ. More information here: http://ivoras.sharanet.org/blog/tree/2010-11-19.ufs-read-ahead.html]]></descr>
14
                        <tunable>vfs.read_max</tunable>
15
                        <value>default</value>
16
                </item>
17
                <item>
18
                        <descr><![CDATA[Set the ephemeral port range to be lower.]]></descr>
19
                        <tunable>net.inet.ip.portrange.first</tunable>
20
                        <value>default</value>
21
                </item>
22
                <item>
23
                        <descr><![CDATA[Drop packets to closed TCP ports without returning a RST]]></descr>
24
                        <tunable>net.inet.tcp.blackhole</tunable>
25
                        <value>default</value>
26
                </item>
27
                <item>
28
                        <descr><![CDATA[Do not send ICMP port unreachable messages for closed UDP ports]]></descr>
29
                        <tunable>net.inet.udp.blackhole</tunable>
30
                        <value>default</value>
31
                </item>
32
                <item>
33
                        <descr><![CDATA[Randomize the ID field in IP packets (default is 0: sequential IP IDs)]]></descr>
34
                        <tunable>net.inet.ip.random_id</tunable>
35
                        <value>default</value>
36
                </item>
37
                <item>
38
                        <descr><![CDATA[Drop SYN-FIN packets (breaks RFC1379, but nobody uses it anyway)]]></descr>
39
                        <tunable>net.inet.tcp.drop_synfin</tunable>
40
                        <value>default</value>
41
                </item>
42
                <item>
43
                        <descr><![CDATA[Enable sending IPv4 redirects]]></descr>
44
                        <tunable>net.inet.ip.redirect</tunable>
45
                        <value>default</value>
46
                </item>
47
                <item>
48
                        <descr><![CDATA[Enable sending IPv6 redirects]]></descr>
49
                        <tunable>net.inet6.ip6.redirect</tunable>
50
                        <value>default</value>
51
                </item>
52
                <item>
53
                        <descr><![CDATA[Generate SYN cookies for outbound SYN-ACK packets]]></descr>
54
                        <tunable>net.inet.tcp.syncookies</tunable>
55
                        <value>default</value>
56
                </item>
57
                <item>
58
                        <tunable>net.inet.tcp.recvspace</tunable>
59
                        <value>1048576</value>
60
                        <descr><![CDATA[Maximum incoming/outgoing TCP datagram size (receive)]]></descr>
61
                </item>
62
                <item>
63
                        <tunable>net.inet.tcp.sendspace</tunable>
64
                        <value>1048576</value>
65
                        <descr><![CDATA[Maximum incoming/outgoing TCP datagram size (send)]]></descr>
66
                </item>
67
                <item>
68
                        <tunable>net.inet.ip.fastforwarding</tunable>
69
                        <value>default</value>
70
                        <descr><![CDATA[IP Fastforwarding]]></descr>
71
                </item>
72
                <item>
73
                        <descr><![CDATA[Do not delay ACK to try and piggyback it onto a data packet]]></descr>
74
                        <tunable>net.inet.tcp.delayed_ack</tunable>
75
                        <value>default</value>
76
                </item>
77
                <item>
78
                        <descr><![CDATA[Maximum outgoing UDP datagram size]]></descr>
79
                        <tunable>net.inet.udp.maxdgram</tunable>
80
                        <value>default</value>
81
                </item>
82
                <item>
83
                        <descr><![CDATA[Handling of non-IP packets which are not passed to pfil (see if_bridge(4))]]></descr>
84
                        <tunable>net.link.bridge.pfil_onlyip</tunable>
85
                        <value>default</value>
86
                </item>
87
                <item>
88
                        <descr><![CDATA[Set to 0 to disable filtering on the incoming and outgoing member interfaces.]]></descr>
89
                        <tunable>net.link.bridge.pfil_member</tunable>
90
                        <value>default</value>
91
                </item>
92
                <item>
93
                        <descr><![CDATA[Set to 1 to enable filtering on the bridge interface]]></descr>
94
                        <tunable>net.link.bridge.pfil_bridge</tunable>
95
                        <value>default</value>
96
                </item>
97
                <item>
98
                        <descr><![CDATA[Allow unprivileged access to tap(4) device nodes]]></descr>
99
                        <tunable>net.link.tap.user_open</tunable>
100
                        <value>default</value>
101
                </item>
102
                <item>
103
                        <descr><![CDATA[Randomize PID's (see src/sys/kern/kern_fork.c: sysctl_kern_randompid())]]></descr>
104
                        <tunable>kern.randompid</tunable>
105
                        <value>default</value>
106
                </item>
107
                <item>
108
                        <descr><![CDATA[Maximum size of the IP input queue]]></descr>
109
                        <tunable>net.inet.ip.intr_queue_maxlen</tunable>
110
                        <value>default</value>
111
                </item>
112
                <item>
113
                        <descr><![CDATA[Disable CTRL+ALT+Delete reboot from keyboard.]]></descr>
114
                        <tunable>hw.syscons.kbd_reboot</tunable>
115
                        <value>default</value>
116
                </item>
117
                <item>
118
                        <tunable>net.inet.tcp.inflight.enable</tunable>
119
                        <value>0</value>
120
                        <descr><![CDATA[Enable TCP Inflight mode]]></descr>
121
                </item>
122
                <item>
123
                        <descr><![CDATA[Enable TCP extended debugging]]></descr>
124
                        <tunable>net.inet.tcp.log_debug</tunable>
125
                        <value>default</value>
126
                </item>
127
                <item>
128
                        <descr><![CDATA[Set ICMP Limits]]></descr>
129
                        <tunable>net.inet.icmp.icmplim</tunable>
130
                        <value>default</value>
131
                </item>
132
                <item>
133
                        <descr><![CDATA[TCP Offload Engine]]></descr>
134
                        <tunable>net.inet.tcp.tso</tunable>
135
                        <value>default</value>
136
                </item>
137
                <item>
138
                        <tunable>kern.ipc.maxsockbuf</tunable>
139
                        <value>16777216</value>
140
                        <descr><![CDATA[Maximum socket buffer size]]></descr>
141
                </item>
142
                <item>
143
                        <tunable>hw.intr_storm_threshold</tunable>
144
                        <value>0</value>
145
                        <descr/>
146
                </item>
147
                <item>
148
                        <tunable>kern.ipc.nmbjumbop</tunable>
149
                        <value>262144</value>
150
                        <descr/>
151
                </item>
152
                <item>
153
                        <tunable>net.inet.tcp.sendbuf_max</tunable>
154
                        <value>16777216</value>
155
                        <descr/>
156
                </item>
157
                <item>
158
                        <tunable>net.inet.tcp.recvbuf_max</tunable>
159
                        <value>16777216</value>
160
                        <descr/>
161
                </item>
162
                <item>
163
                        <tunable>net.inet.tcp.sendbuf_auto</tunable>
164
                        <value>1</value>
165
                        <descr/>
166
                </item>
167
                <item>
168
                        <tunable>net.inet.tcp.recvbuf_auto</tunable>
169
                        <value>1</value>
170
                        <descr/>
171
                </item>
172
                <item>
173
                        <tunable>net.inet.tcp.sendbuf_inc</tunable>
174
                        <value>16384</value>
175
                        <descr/>
176
                </item>
177
                <item>
178
                        <tunable>net.inet.tcp.recvbuf_inc</tunable>
179
                        <value>524288</value>
180
                        <descr/>
181
                </item>
182
        </sysctl>
183
        <system>
184
                <optimization>normal</optimization>
185
                <hostname>************-FW3</hostname>
186
                <domain>****************</domain>
187
                <dnsserver>10.165.200.100</dnsserver>
188
                <dnsserver>10.165.200.101</dnsserver>
189
                <dnsallowoverride>on</dnsallowoverride>
190
                <group>
191
                        <name>all</name>
192
                        <description><![CDATA[All Users]]></description>
193
                        <scope>system</scope>
194
                        <gid>1998</gid>
195
                </group>
196
                <group>
197
                        <name>admins</name>
198
                        <description><![CDATA[System Administrators]]></description>
199
                        <scope>system</scope>
200
                        <gid>1999</gid>
201
                        <member>0</member>
202
                        <priv>page-all</priv>
203
                </group>
204
                <user>
205
                        <name>admin</name>
206
                        <descr><![CDATA[System Administrator]]></descr>
207
                        <scope>system</scope>
208
                        <groupname>admins</groupname>
209
                        <password>$1$rjK8yu1K$S2viNI/Wn2qkAXy4DXbfU1</password>
210
                        <uid>0</uid>
211
                        <priv>user-shell-access</priv>
212
                        <md5-hash>9132f164344106689f370606a5beadcb</md5-hash>
213
                        <nt-hash>2fbac3ca08d276bd1ac8ed01f36059cf</nt-hash>
214
                </user>
215
                <nextuid>2001</nextuid>
216
                <nextgid>2000</nextgid>
217
                <timezone>Asia/Jerusalem</timezone>
218
                <time-update-interval>300</time-update-interval>
219
                <timeservers>10.61.240.190</timeservers>
220
                <webgui>
221
                        <protocol>http</protocol>
222
                        <ssl-certref>4fb89e8447e7f</ssl-certref>
223
                        <port/>
224
                        <max_procs>2</max_procs>
225
                        <nohttpreferercheck/>
226
                </webgui>
227
                <gitsync>
228
                        <repositoryurl/>
229
                        <branch/>
230
                </gitsync>
231
                <enablesshd>enabled</enablesshd>
232
                <scrubnodf>enabled</scrubnodf>
233
                <maximumstates/>
234
                <maximumtables/>
235
                <maximumtableentries/>
236
                <enablebinatreflection>yes</enablebinatreflection>
237
                <enablenatreflectionhelper>yes</enablenatreflectionhelper>
238
                <reflectiontimeout/>
239
                <disablescrub>yes</disablescrub>
240
                <sharednet/>
241
                <proxyuser>admin</proxyuser>
242
                <proxypass>*************</proxypass>
243
                <lb_use_sticky/>
244
                <schedule_states/>
245
                <disablesegmentationoffloading/>
246
                <powerd_ac_mode>hadp</powerd_ac_mode>
247
                <powerd_battery_mode>hadp</powerd_battery_mode>
248
                <thermal_hardware>coretemp</thermal_hardware>
249
                <use_mfs_tmp_size/>
250
                <use_mfs_var_size/>
251
                <firmware>
252
                        <alturl>
253
                                <enable/>
254
                                <firmwareurl>http://snapshots.pfsense.org/FreeBSD_RELENG_8_3/amd64/pfSense_RELENG_2_1/.updaters</firmwareurl>
255
                        </alturl>
256
                        <allowinvalidsig/>
257
                </firmware>
258
                <disablelargereceiveoffloading/>
259
        </system>
260
        <interfaces>
261
                <wan>
262
                        <enable/>
263
                        <if>lagg1</if>
264
                        <descr><![CDATA[WAN]]></descr>
265
                        <spoofmac/>
266
                        <ipaddr>10.165.128.213</ipaddr>
267
                        <subnet>24</subnet>
268
                        <gateway>WANGW</gateway>
269
                </wan>
270
                <lan>
271
                        <descr><![CDATA[MNG]]></descr>
272
                        <if>igb0</if>
273
                        <enable/>
274
                        <spoofmac/>
275
                        <ipaddr>192.168.100.3</ipaddr>
276
                        <subnet>24</subnet>
277
                </lan>
278
                <opt1>
279
                        <descr><![CDATA[165_240]]></descr>
280
                        <if>lagg0_vlan640</if>
281
                        <enable/>
282
                        <spoofmac/>
283
                        <ipaddr>10.165.240.212</ipaddr>
284
                        <subnet>24</subnet>
285
                </opt1>
286
                <opt2>
287
                        <descr><![CDATA[165_241]]></descr>
288
                        <if>lagg0_vlan641</if>
289
                        <enable/>
290
                        <spoofmac/>
291
                        <ipaddr>10.165.241.212</ipaddr>
292
                        <subnet>24</subnet>
293
                </opt2>
294
                <opt3>
295
                        <descr><![CDATA[165_242]]></descr>
296
                        <if>lagg0_vlan642</if>
297
                        <enable/>
298
                        <spoofmac/>
299
                        <ipaddr>10.165.242.212</ipaddr>
300
                        <subnet>24</subnet>
301
                </opt3>
302
                <opt4>
303
                        <descr><![CDATA[165_243]]></descr>
304
                        <if>lagg0_vlan643</if>
305
                        <enable/>
306
                        <spoofmac/>
307
                        <ipaddr>10.165.243.212</ipaddr>
308
                        <subnet>24</subnet>
309
                </opt4>
310
                <opt5>
311
                        <descr><![CDATA[165_244]]></descr>
312
                        <if>lagg0_vlan644</if>
313
                        <enable/>
314
                        <spoofmac/>
315
                        <ipaddr>10.165.244.212</ipaddr>
316
                        <subnet>24</subnet>
317
                </opt5>
318
                <opt6>
319
                        <descr><![CDATA[165_245]]></descr>
320
                        <if>lagg0_vlan645</if>
321
                        <enable/>
322
                        <spoofmac/>
323
                        <ipaddr>10.165.245.212</ipaddr>
324
                        <subnet>24</subnet>
325
                </opt6>
326
                <opt7>
327
                        <descr><![CDATA[165_246]]></descr>
328
                        <if>lagg0_vlan646</if>
329
                        <enable/>
330
                        <spoofmac/>
331
                        <ipaddr>10.165.246.212</ipaddr>
332
                        <subnet>24</subnet>
333
                </opt7>
334
                <opt8>
335
                        <descr><![CDATA[165_247]]></descr>
336
                        <if>lagg0_vlan647</if>
337
                        <enable/>
338
                        <spoofmac/>
339
                        <ipaddr>10.165.247.212</ipaddr>
340
                        <subnet>24</subnet>
341
                </opt8>
342
                <opt9>
343
                        <descr><![CDATA[LAB_INFRA]]></descr>
344
                        <if>lagg0_vlan600</if>
345
                        <enable/>
346
                        <ipaddr>10.165.200.213</ipaddr>
347
                        <subnet>24</subnet>
348
                        <spoofmac/>
349
                </opt9>
350
                <opt10>
351
                        <descr><![CDATA[165_140]]></descr>
352
                        <if>lagg0_vlan540</if>
353
                        <enable/>
354
                        <ipaddr>10.165.140.212</ipaddr>
355
                        <subnet>24</subnet>
356
                        <spoofmac/>
357
                </opt10>
358
                <opt11>
359
                        <descr><![CDATA[165_141]]></descr>
360
                        <if>lagg0_vlan541</if>
361
                        <enable/>
362
                        <ipaddr>10.165.141.212</ipaddr>
363
                        <subnet>24</subnet>
364
                        <spoofmac/>
365
                </opt11>
366
                <opt12>
367
                        <descr><![CDATA[165_130]]></descr>
368
                        <if>lagg0_vlan530</if>
369
                        <enable/>
370
                        <spoofmac/>
371
                        <ipaddr>10.165.130.212</ipaddr>
372
                        <subnet>24</subnet>
373
                </opt12>
374
                <opt13>
375
                        <descr><![CDATA[vlan60]]></descr>
376
                        <if>lagg0_vlan60</if>
377
                        <enable/>
378
                        <spoofmac/>
379
                        <ipaddr>10.161.60.254</ipaddr>
380
                        <subnet>24</subnet>
381
                </opt13>
382
                <opt14>
383
                        <descr><![CDATA[165_223]]></descr>
384
                        <if>lagg0_vlan623</if>
385
                        <enable/>
386
                        <ipaddr>10.165.223.212</ipaddr>
387
                        <subnet>24</subnet>
388
                        <spoofmac/>
389
                </opt14>
390
                <opt15>
391
                        <descr><![CDATA[165_142]]></descr>
392
                        <if>lagg0_vlan542</if>
393
                        <enable/>
394
                        <ipaddr>10.165.142.212</ipaddr>
395
                        <subnet>24</subnet>
396
                        <spoofmac/>
397
                </opt15>
398
                <opt16>
399
                        <descr><![CDATA[161_134]]></descr>
400
                        <if>lagg0_vlan134</if>
401
                        <enable/>
402
                        <spoofmac/>
403
                        <ipaddr>10.161.134.212</ipaddr>
404
                        <subnet>24</subnet>
405
                </opt16>
406
                <opt17>
407
                        <descr><![CDATA[161_135]]></descr>
408
                        <if>lagg0_vlan135</if>
409
                        <enable/>
410
                        <ipaddr>10.161.135.212</ipaddr>
411
                        <subnet>24</subnet>
412
                        <spoofmac/>
413
                </opt17>
414
                <opt18>
415
                        <descr><![CDATA[VLAN20]]></descr>
416
                        <if>lagg0_vlan20</if>
417
                        <enable/>
418
                        <spoofmac/>
419
                        <ipaddr>10.161.20.254</ipaddr>
420
                        <subnet>24</subnet>
421
                </opt18>
422
                <opt19>
423
                        <descr><![CDATA[165_143]]></descr>
424
                        <if>lagg0_vlan543</if>
425
                        <enable/>
426
                        <spoofmac/>
427
                        <ipaddr>10.165.143.212</ipaddr>
428
                        <subnet>24</subnet>
429
                </opt19>
430
                <opt20>
431
                        <descr><![CDATA[165_144]]></descr>
432
                        <if>lagg0_vlan544</if>
433
                        <enable/>
434
                        <ipaddr>10.165.144.212</ipaddr>
435
                        <subnet>24</subnet>
436
                        <spoofmac/>
437
                </opt20>
438
                <opt21>
439
                        <descr><![CDATA[165_145]]></descr>
440
                        <if>lagg0_vlan545</if>
441
                        <enable/>
442
                        <ipaddr>10.165.145.212</ipaddr>
443
                        <subnet>24</subnet>
444
                        <spoofmac/>
445
                </opt21>
446
                <opt22>
447
                        <descr><![CDATA[165_146]]></descr>
448
                        <if>lagg0_vlan546</if>
449
                        <enable/>
450
                        <spoofmac/>
451
                        <ipaddr>10.165.146.212</ipaddr>
452
                        <subnet>24</subnet>
453
                </opt22>
454
        </interfaces>
455
        <staticroutes/>
456
        <dhcpd>
457
                <opt13>
458
                        <range>
459
                                <from>10.161.60.1</from>
460
                                <to>10.161.60.50</to>
461
                        </range>
462
                        <defaultleasetime/>
463
                        <maxleasetime/>
464
                        <netmask/>
465
                        <failover_peerip/>
466
                        <gateway>10.161.60.245</gateway>
467
                        <domain>************************</domain>
468
                        <domainsearchlist/>
469
                        <ddnsdomain/>
470
                        <tftp/>
471
                        <ldap/>
472
                        <next-server/>
473
                        <filename/>
474
                        <rootpath/>
475
                        <numberoptions/>
476
                        <dnsserver>10.61.240.131</dnsserver>
477
                        <dnsserver>10.61.240.121</dnsserver>
478
                        <enable/>
479
                        <ntpserver>10.61.240.190</ntpserver>
480
                </opt13>
481
                <lan>
482
                        <range>
483
                                <from>10.161.223.10</from>
484
                                <to>10.161.223.245</to>
485
                        </range>
486
                </lan>
487
                <opt18>
488
                        <range>
489
                                <from>10.161.20.1</from>
490
                                <to>10.161.20.199</to>
491
                        </range>
492
                        <defaultleasetime/>
493
                        <maxleasetime/>
494
                        <netmask/>
495
                        <failover_peerip/>
496
                        <dnsserver>10.61.240.121</dnsserver>
497
                        <dnsserver>10.61.240.131</dnsserver>
498
                        <gateway>10.161.20.210</gateway>
499
                        <domain>****************************</domain>
500
                        <domainsearchlist/>
501
                        <enable/>
502
                        <ddnsdomain/>
503
                        <ntpserver>10.61.240.121</ntpserver>
504
                        <ntpserver>10.61.240.131</ntpserver>
505
                        <tftp/>
506
                        <ldap/>
507
                        <next-server/>
508
                        <filename/>
509
                        <rootpath/>
510
                        <numberoptions/>
511
                </opt18>
512
                <wan>
513
                        <range>
514
                                <from>10.165.128.220</from>
515
                                <to>10.165.128.240</to>
516
                        </range>
517
                        <defaultleasetime/>
518
                        <maxleasetime/>
519
                        <netmask/>
520
                        <failover_peerip/>
521
                        <dnsserver>10.165.200.100</dnsserver>
522
                        <dnsserver>10.165.200.101</dnsserver>
523
                        <gateway>10.165.128.210</gateway>
524
                        <domain/>
525
                        <domainsearchlist/>
526
                        <enable/>
527
                        <ddnsdomain/>
528
                        <tftp/>
529
                        <ldap/>
530
                        <next-server/>
531
                        <filename/>
532
                        <rootpath/>
533
                        <numberoptions/>
534
                </wan>
535
                <opt19>
536
                        <range>
537
                                <from>10.165.143.100</from>
538
                                <to>10.165.143.110</to>
539
                        </range>
540
                        <defaultleasetime/>
541
                        <maxleasetime/>
542
                        <netmask/>
543
                        <failover_peerip/>
544
                        <dnsserver>10.165.200.100</dnsserver>
545
                        <dnsserver>10.165.200.101</dnsserver>
546
                        <gateway>10.165.143.210</gateway>
547
                        <domain/>
548
                        <domainsearchlist/>
549
                        <enable/>
550
                        <ddnsdomain/>
551
                        <tftp/>
552
                        <ldap/>
553
                        <next-server/>
554
                        <filename/>
555
                        <rootpath/>
556
                        <numberoptions/>
557
                </opt19>
558
        </dhcpd>
559
        <pptpd>
560
                <mode/>
561
                <redir/>
562
                <localip/>
563
                <remoteip/>
564
        </pptpd>
565
        <dnsmasq>
566
                <enable/>
567
                <domainoverrides>
568
                        <domain>****************************</domain>
569
                        <ip>10.61.240.121</ip>
570
                        <descr/>
571
                </domainoverrides>
572
        </dnsmasq>
573
        <snmpd>
574
                <syslocation>Floor 0, Black Rack</syslocation>
575
                <syscontact/>
576
                <rocommunity>public</rocommunity>
577
                <modules>
578
                        <mibii/>
579
                        <netgraph/>
580
                        <pf/>
581
                        <hostres/>
582
                </modules>
583
                <enable/>
584
                <pollport>161</pollport>
585
                <trapserver/>
586
                <trapserverport/>
587
                <trapstring/>
588
                <bindip/>
589
        </snmpd>
590
        <diag>
591
                <ipv6nat/>
592
        </diag>
593
        <bridge/>
594
        <syslog>
595
                <reverse/>
596
                <nentries>2000</nentries>
597
                <nologdefaultblock/>
598
                <remoteserver>10.165.200.84</remoteserver>
599
                <remoteserver2/>
600
                <remoteserver3/>
601
                <apinger/>
602
                <system/>
603
                <enable/>
604
                <nologbogons/>
605
                <nologprivatenets/>
606
        </syslog>
607
        <nat>
608
                <ipsecpassthru>
609
                        <enable/>
610
                </ipsecpassthru>
611
                <advancedoutbound>
612
                        <rule>
613
                                <source>
614
                                        <network>any</network>
615
                                </source>
616
                                <sourceport/>
617
                                <descr><![CDATA[Auto created rule for MNG to WAN]]></descr>
618
                                <target/>
619
                                <targetip/>
620
                                <targetip_subnet/>
621
                                <interface>wan</interface>
622
                                <poolopts/>
623
                                <nonat/>
624
                                <destination>
625
                                        <address>10.0.0.0/8</address>
626
                                </destination>
627
                        </rule>
628
                        <rule>
629
                                <source>
630
                                        <network>127.0.0.0/8</network>
631
                                </source>
632
                                <dstport/>
633
                                <descr><![CDATA[Auto created rule for localhost to WAN]]></descr>
634
                                <target/>
635
                                <interface>wan</interface>
636
                                <destination>
637
                                        <any/>
638
                                </destination>
639
                                <natport>1024:65535</natport>
640
                        </rule>
641
                        <rule>
642
                                <source>
643
                                        <network>Internet_Access_Net</network>
644
                                </source>
645
                                <sourceport/>
646
                                <descr/>
647
                                <target/>
648
                                <targetip/>
649
                                <targetip_subnet>0</targetip_subnet>
650
                                <interface>wan</interface>
651
                                <poolopts/>
652
                                <destination>
653
                                        <any/>
654
                                </destination>
655
                        </rule>
656
                        <rule>
657
                                <source>
658
                                        <network>Internet_Access_hosts</network>
659
                                </source>
660
                                <sourceport/>
661
                                <descr/>
662
                                <target/>
663
                                <targetip/>
664
                                <targetip_subnet>0</targetip_subnet>
665
                                <interface>wan</interface>
666
                                <poolopts/>
667
                                <destination>
668
                                        <any/>
669
                                </destination>
670
                        </rule>
671
                        <rule>
672
                                <source>
673
                                        <network>any</network>
674
                                </source>
675
                                <sourceport/>
676
                                <descr/>
677
                                <target/>
678
                                <targetip/>
679
                                <targetip_subnet>0</targetip_subnet>
680
                                <interface>wan</interface>
681
                                <poolopts/>
682
                                <destination>
683
                                        <any/>
684
                                </destination>
685
                                <dstport>3218</dstport>
686
                        </rule>
687
                        <rule>
688
                                <source>
689
                                        <network>any</network>
690
                                </source>
691
                                <sourceport/>
692
                                <descr/>
693
                                <target/>
694
                                <targetip/>
695
                                <targetip_subnet/>
696
                                <interface>wan</interface>
697
                                <poolopts/>
698
                                <nonat/>
699
                                <destination>
700
                                        <any/>
701
                                </destination>
702
                        </rule>
703
                        <rule>
704
                                <source>
705
                                        <network>any</network>
706
                                </source>
707
                                <sourceport/>
708
                                <descr/>
709
                                <target/>
710
                                <targetip/>
711
                                <targetip_subnet>0</targetip_subnet>
712
                                <interface>wan</interface>
713
                                <poolopts/>
714
                                <destination>
715
                                        <address>10.165.128.0/24</address>
716
                                </destination>
717
                        </rule>
718
                        <enable/>
719
                </advancedoutbound>
720
        </nat>
721
        <filter>
722
                <rule>
723
                        <id/>
724
                        <type>pass</type>
725
                        <interface>ADomains,Desktops,Recorders,DataCenter,wan,lan,opt1,opt2,opt3,opt4,opt5,opt6,opt7,opt8,opt9,opt10,opt11,opt12,opt13,opt14</interface>
726
                        <tag/>
727
                        <tagged/>
728
                        <direction>any</direction>
729
                        <floating>yes</floating>
730
                        <max/>
731
                        <max-src-nodes/>
732
                        <max-src-conn/>
733
                        <max-src-states/>
734
                        <statetimeout/>
735
                        <statetype>keep state</statetype>
736
                        <os/>
737
                        <source>
738
                                <any/>
739
                        </source>
740
                        <destination>
741
                                <address>224.0.0.18</address>
742
                        </destination>
743
                        <descr/>
744
                </rule>
745
                <rule>
746
                        <id/>
747
                        <type>pass</type>
748
                        <interface>wan</interface>
749
                        <tag/>
750
                        <tagged/>
751
                        <max/>
752
                        <max-src-nodes/>
753
                        <max-src-conn/>
754
                        <max-src-states/>
755
                        <statetimeout/>
756
                        <statetype>keep state</statetype>
757
                        <os/>
758
                        <source>
759
                                <any/>
760
                        </source>
761
                        <destination>
762
                                <any/>
763
                        </destination>
764
                        <descr/>
765
                </rule>
766
                <rule>
767
                        <id/>
768
                        <type>pass</type>
769
                        <interface>lan</interface>
770
                        <tag/>
771
                        <tagged/>
772
                        <max/>
773
                        <max-src-nodes/>
774
                        <max-src-conn/>
775
                        <max-src-states/>
776
                        <statetimeout/>
777
                        <statetype>keep state</statetype>
778
                        <os/>
779
                        <source>
780
                                <any/>
781
                        </source>
782
                        <destination>
783
                                <any/>
784
                        </destination>
785
                        <descr><![CDATA[Default allow LAN to any rule]]></descr>
786
                </rule>
787
                <rule>
788
                        <id/>
789
                        <type>block</type>
790
                        <interface>ADomains</interface>
791
                        <tag/>
792
                        <tagged/>
793
                        <max/>
794
                        <max-src-nodes/>
795
                        <max-src-conn/>
796
                        <max-src-states/>
797
                        <statetimeout/>
798
                        <statetype>keep state</statetype>
799
                        <os/>
800
                        <protocol>tcp/udp</protocol>
801
                        <source>
802
                                <address>DC_DOMAINS</address>
803
                        </source>
804
                        <destination>
805
                                <address>DC_DOMAINS</address>
806
                                <port>DC_PORTS_Blocked</port>
807
                        </destination>
808
                        <log/>
809
                        <descr/>
810
                </rule>
811
                <rule>
812
                        <id/>
813
                        <type>pass</type>
814
                        <interface>ADomains</interface>
815
                        <tag/>
816
                        <tagged/>
817
                        <max/>
818
                        <max-src-nodes/>
819
                        <max-src-conn/>
820
                        <max-src-states/>
821
                        <statetimeout/>
822
                        <statetype>keep state</statetype>
823
                        <os/>
824
                        <protocol>icmp</protocol>
825
                        <source>
826
                                <address>DC_DOMAINS</address>
827
                        </source>
828
                        <destination>
829
                                <address>DC_DOMAINS</address>
830
                        </destination>
831
                        <descr/>
832
                </rule>
833
                <rule>
834
                        <id/>
835
                        <type>pass</type>
836
                        <interface>ADomains</interface>
837
                        <tag/>
838
                        <tagged/>
839
                        <max/>
840
                        <max-src-nodes/>
841
                        <max-src-conn/>
842
                        <max-src-states/>
843
                        <statetimeout/>
844
                        <statetype>keep state</statetype>
845
                        <os/>
846
                        <protocol>tcp</protocol>
847
                        <source>
848
                                <address>DC_DOMAINS</address>
849
                        </source>
850
                        <destination>
851
                                <address>DC_DOMAINS</address>
852
                                <port>DC_PORTS_TCP</port>
853
                        </destination>
854
                        <descr/>
855
                </rule>
856
                <rule>
857
                        <id/>
858
                        <type>pass</type>
859
                        <interface>ADomains</interface>
860
                        <tag/>
861
                        <tagged/>
862
                        <max/>
863
                        <max-src-nodes/>
864
                        <max-src-conn/>
865
                        <max-src-states/>
866
                        <statetimeout/>
867
                        <statetype>keep state</statetype>
868
                        <os/>
869
                        <protocol>udp</protocol>
870
                        <source>
871
                                <address>DC_DOMAINS</address>
872
                        </source>
873
                        <destination>
874
                                <address>DC_DOMAINS</address>
875
                                <port>DC_PORTS_UDP</port>
876
                        </destination>
877
                        <descr/>
878
                </rule>
879
                <rule>
880
                        <id/>
881
                        <type>pass</type>
882
                        <interface>ADomains</interface>
883
                        <tag/>
884
                        <tagged/>
885
                        <max/>
886
                        <max-src-nodes/>
887
                        <max-src-conn/>
888
                        <max-src-states/>
889
                        <statetimeout/>
890
                        <statetype>keep state</statetype>
891
                        <os/>
892
                        <protocol>udp</protocol>
893
                        <source>
894
                                <address>DC_DOMAINS</address>
895
                                <port>DC_PORTS_UDP</port>
896
                        </source>
897
                        <destination>
898
                                <address>DC_DOMAINS</address>
899
                        </destination>
900
                        <descr/>
901
                </rule>
902
                <rule>
903
                        <id/>
904
                        <type>pass</type>
905
                        <interface>ADomains</interface>
906
                        <tag/>
907
                        <tagged/>
908
                        <max/>
909
                        <max-src-nodes/>
910
                        <max-src-conn/>
911
                        <max-src-states/>
912
                        <statetimeout/>
913
                        <statetype>keep state</statetype>
914
                        <os/>
915
                        <protocol>tcp/udp</protocol>
916
                        <source>
917
                                <address>DC_DOMAINS</address>
918
                        </source>
919
                        <destination>
920
                                <address>DC_DOMAINS</address>
921
                                <port>DC_PORTS_TCP_UDP</port>
922
                        </destination>
923
                        <descr/>
924
                </rule>
925
                <rule>
926
                        <id/>
927
                        <type>block</type>
928
                        <interface>ADomains</interface>
929
                        <tag/>
930
                        <tagged/>
931
                        <max/>
932
                        <max-src-nodes/>
933
                        <max-src-conn/>
934
                        <max-src-states/>
935
                        <statetimeout/>
936
                        <statetype>keep state</statetype>
937
                        <os/>
938
                        <source>
939
                                <address>DC_DOMAINS</address>
940
                        </source>
941
                        <destination>
942
                                <address>DC_DOMAINS</address>
943
                        </destination>
944
                        <log/>
945
                        <descr/>
946
                </rule>
947
                <rule>
948
                        <id/>
949
                        <type>pass</type>
950
                        <interface>DataCenter</interface>
951
                        <tag/>
952
                        <tagged/>
953
                        <max/>
954
                        <max-src-nodes/>
955
                        <max-src-conn/>
956
                        <max-src-states/>
957
                        <statetimeout/>
958
                        <statetype>keep state</statetype>
959
                        <os/>
960
                        <protocol>icmp</protocol>
961
                        <source>
962
                                <address>DataCenter_net</address>
963
                        </source>
964
                        <destination>
965
                                <address>DC_DOMAINS</address>
966
                        </destination>
967
                        <descr/>
968
                </rule>
969
                <rule>
970
                        <id/>
971
                        <type>block</type>
972
                        <interface>DataCenter</interface>
973
                        <tag/>
974
                        <tagged/>
975
                        <max/>
976
                        <max-src-nodes/>
977
                        <max-src-conn/>
978
                        <max-src-states/>
979
                        <statetimeout/>
980
                        <statetype>keep state</statetype>
981
                        <os/>
982
                        <protocol>tcp/udp</protocol>
983
                        <source>
984
                                <address>DataCenter_net</address>
985
                        </source>
986
                        <destination>
987
                                <address>DC_DOMAINS</address>
988
                                <port>DC_PORTS_Blocked</port>
989
                        </destination>
990
                        <log/>
991
                        <descr/>
992
                </rule>
993
                <rule>
994
                        <id/>
995
                        <type>pass</type>
996
                        <interface>DataCenter</interface>
997
                        <tag/>
998
                        <tagged/>
999
                        <max/>
1000
                        <max-src-nodes/>
1001
                        <max-src-conn/>
1002
                        <max-src-states/>
1003
                        <statetimeout/>
1004
                        <statetype>keep state</statetype>
1005
                        <os/>
1006
                        <protocol>tcp</protocol>
1007
                        <source>
1008
                                <address>DataCenter_net</address>
1009
                        </source>
1010
                        <destination>
1011
                                <address>DC_DOMAINS</address>
1012
                                <port>DC_PORTS_TCP</port>
1013
                        </destination>
1014
                        <descr/>
1015
                </rule>
1016
                <rule>
1017
                        <id/>
1018
                        <type>pass</type>
1019
                        <interface>DataCenter</interface>
1020
                        <tag/>
1021
                        <tagged/>
1022
                        <max/>
1023
                        <max-src-nodes/>
1024
                        <max-src-conn/>
1025
                        <max-src-states/>
1026
                        <statetimeout/>
1027
                        <statetype>keep state</statetype>
1028
                        <os/>
1029
                        <protocol>udp</protocol>
1030
                        <source>
1031
                                <address>DataCenter_net</address>
1032
                        </source>
1033
                        <destination>
1034
                                <address>DC_DOMAINS</address>
1035
                                <port>DC_PORTS_UDP</port>
1036
                        </destination>
1037
                        <descr/>
1038
                </rule>
1039
                <rule>
1040
                        <id/>
1041
                        <type>pass</type>
1042
                        <interface>DataCenter</interface>
1043
                        <tag/>
1044
                        <tagged/>
1045
                        <max/>
1046
                        <max-src-nodes/>
1047
                        <max-src-conn/>
1048
                        <max-src-states/>
1049
                        <statetimeout/>
1050
                        <statetype>keep state</statetype>
1051
                        <os/>
1052
                        <protocol>tcp/udp</protocol>
1053
                        <source>
1054
                                <address>DataCenter_net</address>
1055
                        </source>
1056
                        <destination>
1057
                                <address>DC_DOMAINS</address>
1058
                                <port>DC_PORTS_TCP_UDP</port>
1059
                        </destination>
1060
                        <descr/>
1061
                </rule>
1062
                <rule>
1063
                        <id/>
1064
                        <type>block</type>
1065
                        <interface>DataCenter</interface>
1066
                        <tag/>
1067
                        <tagged/>
1068
                        <max/>
1069
                        <max-src-nodes/>
1070
                        <max-src-conn/>
1071
                        <max-src-states/>
1072
                        <statetimeout/>
1073
                        <statetype>keep state</statetype>
1074
                        <os/>
1075
                        <source>
1076
                                <address>DataCenter_net</address>
1077
                        </source>
1078
                        <destination>
1079
                                <address>DC_DOMAINS</address>
1080
                        </destination>
1081
                        <log/>
1082
                        <descr/>
1083
                </rule>
1084
                <rule>
1085
                        <id/>
1086
                        <type>pass</type>
1087
                        <interface>DataCenter</interface>
1088
                        <tag/>
1089
                        <tagged/>
1090
                        <max/>
1091
                        <max-src-nodes/>
1092
                        <max-src-conn/>
1093
                        <max-src-states/>
1094
                        <statetimeout/>
1095
                        <statetype>keep state</statetype>
1096
                        <os/>
1097
                        <protocol>icmp</protocol>
1098
                        <source>
1099
                                <address>DataCenter_net</address>
1100
                        </source>
1101
                        <destination>
1102
                                <address>Desktop_Net</address>
1103
                        </destination>
1104
                        <descr/>
1105
                </rule>
1106
                <rule>
1107
                        <id/>
1108
                        <type>pass</type>
1109
                        <interface>DataCenter</interface>
1110
                        <tag/>
1111
                        <tagged/>
1112
                        <max/>
1113
                        <max-src-nodes/>
1114
                        <max-src-conn/>
1115
                        <max-src-states/>
1116
                        <statetimeout/>
1117
                        <statetype>keep state</statetype>
1118
                        <os/>
1119
                        <protocol>udp</protocol>
1120
                        <source>
1121
                                <address>DataCenter_net</address>
1122
                        </source>
1123
                        <destination>
1124
                                <address>Desktop_Net</address>
1125
                                <port>DC_2_DESK_UDP</port>
1126
                        </destination>
1127
                        <descr/>
1128
                </rule>
1129
                <rule>
1130
                        <id/>
1131
                        <type>block</type>
1132
                        <interface>DataCenter</interface>
1133
                        <tag/>
1134
                        <tagged/>
1135
                        <max/>
1136
                        <max-src-nodes/>
1137
                        <max-src-conn/>
1138
                        <max-src-states/>
1139
                        <statetimeout/>
1140
                        <statetype>keep state</statetype>
1141
                        <os/>
1142
                        <source>
1143
                                <address>DataCenter_net</address>
1144
                        </source>
1145
                        <destination>
1146
                                <address>Desktop_Net</address>
1147
                        </destination>
1148
                        <log/>
1149
                        <descr/>
1150
                </rule>
1151
                <rule>
1152
                        <id/>
1153
                        <type>pass</type>
1154
                        <interface>DataCenter</interface>
1155
                        <tag/>
1156
                        <tagged/>
1157
                        <max/>
1158
                        <max-src-nodes/>
1159
                        <max-src-conn/>
1160
                        <max-src-states/>
1161
                        <statetimeout/>
1162
                        <statetype>keep state</statetype>
1163
                        <os/>
1164
                        <protocol>icmp</protocol>
1165
                        <source>
1166
                                <address>DataCenter_net</address>
1167
                        </source>
1168
                        <destination>
1169
                                <address>Recorder_Net</address>
1170
                        </destination>
1171
                        <descr/>
1172
                </rule>
1173
                <rule>
1174
                        <id/>
1175
                        <type>pass</type>
1176
                        <interface>DataCenter</interface>
1177
                        <tag/>
1178
                        <tagged/>
1179
                        <max/>
1180
                        <max-src-nodes/>
1181
                        <max-src-conn/>
1182
                        <max-src-states/>
1183
                        <statetimeout/>
1184
                        <statetype>keep state</statetype>
1185
                        <os/>
1186
                        <protocol>tcp</protocol>
1187
                        <source>
1188
                                <address>DataCenter_net</address>
1189
                        </source>
1190
                        <destination>
1191
                                <address>Recorder_Net</address>
1192
                                <port>DC_2_REC_TCP</port>
1193
                        </destination>
1194
                        <descr/>
1195
                </rule>
1196
                <rule>
1197
                        <id/>
1198
                        <type>block</type>
1199
                        <interface>DataCenter</interface>
1200
                        <tag/>
1201
                        <tagged/>
1202
                        <max/>
1203
                        <max-src-nodes/>
1204
                        <max-src-conn/>
1205
                        <max-src-states/>
1206
                        <statetimeout/>
1207
                        <statetype>keep state</statetype>
1208
                        <os/>
1209
                        <source>
1210
                                <address>DataCenter_net</address>
1211
                        </source>
1212
                        <destination>
1213
                                <address>Recorder_Net</address>
1214
                        </destination>
1215
                        <log/>
1216
                        <descr/>
1217
                </rule>
1218
                <rule>
1219
                        <id/>
1220
                        <type>pass</type>
1221
                        <interface>Desktops</interface>
1222
                        <tag/>
1223
                        <tagged/>
1224
                        <max/>
1225
                        <max-src-nodes/>
1226
                        <max-src-conn/>
1227
                        <max-src-states/>
1228
                        <statetimeout/>
1229
                        <statetype>keep state</statetype>
1230
                        <os/>
1231
                        <protocol>icmp</protocol>
1232
                        <source>
1233
                                <address>Desktop_Net</address>
1234
                        </source>
1235
                        <destination>
1236
                                <any/>
1237
                        </destination>
1238
                        <descr/>
1239
                </rule>
1240
                <rule>
1241
                        <id/>
1242
                        <type>block</type>
1243
                        <interface>Desktops</interface>
1244
                        <tag/>
1245
                        <tagged/>
1246
                        <max/>
1247
                        <max-src-nodes/>
1248
                        <max-src-conn/>
1249
                        <max-src-states/>
1250
                        <statetimeout/>
1251
                        <statetype>keep state</statetype>
1252
                        <os/>
1253
                        <protocol>tcp/udp</protocol>
1254
                        <source>
1255
                                <address>Desktop_Net</address>
1256
                        </source>
1257
                        <destination>
1258
                                <address>DC_DOMAINS</address>
1259
                                <port>DC_PORTS_Blocked</port>
1260
                        </destination>
1261
                        <log/>
1262
                        <descr/>
1263
                </rule>
1264
                <rule>
1265
                        <id/>
1266
                        <type>pass</type>
1267
                        <interface>Desktops</interface>
1268
                        <tag/>
1269
                        <tagged/>
1270
                        <max/>
1271
                        <max-src-nodes/>
1272
                        <max-src-conn/>
1273
                        <max-src-states/>
1274
                        <statetimeout/>
1275
                        <statetype>keep state</statetype>
1276
                        <os/>
1277
                        <protocol>tcp</protocol>
1278
                        <source>
1279
                                <address>Desktop_Net</address>
1280
                        </source>
1281
                        <destination>
1282
                                <address>DC_DOMAINS</address>
1283
                                <port>DC_PORTS_TCP</port>
1284
                        </destination>
1285
                        <descr/>
1286
                </rule>
1287
                <rule>
1288
                        <id/>
1289
                        <type>pass</type>
1290
                        <interface>Desktops</interface>
1291
                        <tag/>
1292
                        <tagged/>
1293
                        <max/>
1294
                        <max-src-nodes/>
1295
                        <max-src-conn/>
1296
                        <max-src-states/>
1297
                        <statetimeout/>
1298
                        <statetype>keep state</statetype>
1299
                        <os/>
1300
                        <protocol>udp</protocol>
1301
                        <source>
1302
                                <address>Desktop_Net</address>
1303
                        </source>
1304
                        <destination>
1305
                                <address>DC_DOMAINS</address>
1306
                                <port>DC_PORTS_UDP</port>
1307
                        </destination>
1308
                        <descr/>
1309
                </rule>
1310
                <rule>
1311
                        <id/>
1312
                        <type>pass</type>
1313
                        <interface>Desktops</interface>
1314
                        <tag/>
1315
                        <tagged/>
1316
                        <max/>
1317
                        <max-src-nodes/>
1318
                        <max-src-conn/>
1319
                        <max-src-states/>
1320
                        <statetimeout/>
1321
                        <statetype>keep state</statetype>
1322
                        <os/>
1323
                        <protocol>tcp/udp</protocol>
1324
                        <source>
1325
                                <address>Desktop_Net</address>
1326
                        </source>
1327
                        <destination>
1328
                                <address>DC_DOMAINS</address>
1329
                                <port>DC_PORTS_TCP_UDP</port>
1330
                        </destination>
1331
                        <descr/>
1332
                </rule>
1333
                <rule>
1334
                        <id/>
1335
                        <type>block</type>
1336
                        <interface>Desktops</interface>
1337
                        <tag/>
1338
                        <tagged/>
1339
                        <max/>
1340
                        <max-src-nodes/>
1341
                        <max-src-conn/>
1342
                        <max-src-states/>
1343
                        <statetimeout/>
1344
                        <statetype>keep state</statetype>
1345
                        <os/>
1346
                        <source>
1347
                                <address>Desktop_Net</address>
1348
                        </source>
1349
                        <destination>
1350
                                <address>DC_DOMAINS</address>
1351
                        </destination>
1352
                        <log/>
1353
                        <descr/>
1354
                </rule>
1355
                <rule>
1356
                        <id/>
1357
                        <type>pass</type>
1358
                        <interface>Desktops</interface>
1359
                        <tag/>
1360
                        <tagged/>
1361
                        <max/>
1362
                        <max-src-nodes/>
1363
                        <max-src-conn/>
1364
                        <max-src-states/>
1365
                        <statetimeout/>
1366
                        <statetype>keep state</statetype>
1367
                        <os/>
1368
                        <protocol>tcp</protocol>
1369
                        <source>
1370
                                <address>Desktop_Net</address>
1371
                        </source>
1372
                        <destination>
1373
                                <address>Recorder_Net</address>
1374
                                <port>Desk_2_Rec_TCP</port>
1375
                        </destination>
1376
                        <descr/>
1377
                </rule>
1378
                <rule>
1379
                        <id/>
1380
                        <type>block</type>
1381
                        <interface>Desktops</interface>
1382
                        <tag/>
1383
                        <tagged/>
1384
                        <max/>
1385
                        <max-src-nodes/>
1386
                        <max-src-conn/>
1387
                        <max-src-states/>
1388
                        <statetimeout/>
1389
                        <statetype>keep state</statetype>
1390
                        <os/>
1391
                        <source>
1392
                                <address>Desktop_Net</address>
1393
                        </source>
1394
                        <destination>
1395
                                <address>Recorder_Net</address>
1396
                        </destination>
1397
                        <log/>
1398
                        <descr/>
1399
                </rule>
1400
                <rule>
1401
                        <id/>
1402
                        <type>pass</type>
1403
                        <interface>Desktops</interface>
1404
                        <tag/>
1405
                        <tagged/>
1406
                        <max/>
1407
                        <max-src-nodes/>
1408
                        <max-src-conn/>
1409
                        <max-src-states/>
1410
                        <statetimeout/>
1411
                        <statetype>keep state</statetype>
1412
                        <os/>
1413
                        <protocol>icmp</protocol>
1414
                        <source>
1415
                                <address>Desktop_Net</address>
1416
                        </source>
1417
                        <destination>
1418
                                <address>DataCenter_net</address>
1419
                        </destination>
1420
                        <descr/>
1421
                </rule>
1422
                <rule>
1423
                        <id/>
1424
                        <type>pass</type>
1425
                        <interface>Desktops</interface>
1426
                        <tag/>
1427
                        <tagged/>
1428
                        <max/>
1429
                        <max-src-nodes/>
1430
                        <max-src-conn/>
1431
                        <max-src-states/>
1432
                        <statetimeout/>
1433
                        <statetype>keep state</statetype>
1434
                        <os/>
1435
                        <protocol>tcp</protocol>
1436
                        <source>
1437
                                <address>Desktop_Net</address>
1438
                        </source>
1439
                        <destination>
1440
                                <address>DataCenter_net</address>
1441
                                <port>Desk_2_DC_TCP</port>
1442
                        </destination>
1443
                        <descr/>
1444
                </rule>
1445
                <rule>
1446
                        <id/>
1447
                        <type>pass</type>
1448
                        <interface>Desktops</interface>
1449
                        <tag/>
1450
                        <tagged/>
1451
                        <max/>
1452
                        <max-src-nodes/>
1453
                        <max-src-conn/>
1454
                        <max-src-states/>
1455
                        <statetimeout/>
1456
                        <statetype>keep state</statetype>
1457
                        <os/>
1458
                        <protocol>udp</protocol>
1459
                        <source>
1460
                                <address>Desktop_Net</address>
1461
                        </source>
1462
                        <destination>
1463
                                <address>DataCenter_net</address>
1464
                                <port>Desk_2_DC_UDP</port>
1465
                        </destination>
1466
                        <descr/>
1467
                </rule>
1468
                <rule>
1469
                        <id/>
1470
                        <type>block</type>
1471
                        <interface>Desktops</interface>
1472
                        <tag/>
1473
                        <tagged/>
1474
                        <max/>
1475
                        <max-src-nodes/>
1476
                        <max-src-conn/>
1477
                        <max-src-states/>
1478
                        <statetimeout/>
1479
                        <statetype>keep state</statetype>
1480
                        <os/>
1481
                        <source>
1482
                                <address>Desktop_Net</address>
1483
                        </source>
1484
                        <destination>
1485
                                <address>DataCenter_net</address>
1486
                        </destination>
1487
                        <descr/>
1488
                </rule>
1489
                <rule>
1490
                        <id/>
1491
                        <type>pass</type>
1492
                        <interface>Recorders</interface>
1493
                        <tag/>
1494
                        <tagged/>
1495
                        <max/>
1496
                        <max-src-nodes/>
1497
                        <max-src-conn/>
1498
                        <max-src-states/>
1499
                        <statetimeout/>
1500
                        <statetype>keep state</statetype>
1501
                        <os/>
1502
                        <protocol>icmp</protocol>
1503
                        <source>
1504
                                <address>Recorder_Net</address>
1505
                        </source>
1506
                        <destination>
1507
                                <address>DC_DOMAINS</address>
1508
                        </destination>
1509
                        <descr/>
1510
                </rule>
1511
                <rule>
1512
                        <id/>
1513
                        <type>block</type>
1514
                        <interface>Recorders</interface>
1515
                        <tag/>
1516
                        <tagged/>
1517
                        <max/>
1518
                        <max-src-nodes/>
1519
                        <max-src-conn/>
1520
                        <max-src-states/>
1521
                        <statetimeout/>
1522
                        <statetype>keep state</statetype>
1523
                        <os/>
1524
                        <protocol>tcp/udp</protocol>
1525
                        <source>
1526
                                <address>Recorder_Net</address>
1527
                        </source>
1528
                        <destination>
1529
                                <address>DC_DOMAINS</address>
1530
                                <port>DC_PORTS_Blocked</port>
1531
                        </destination>
1532
                        <log/>
1533
                        <descr/>
1534
                </rule>
1535
                <rule>
1536
                        <id/>
1537
                        <type>pass</type>
1538
                        <interface>Recorders</interface>
1539
                        <tag/>
1540
                        <tagged/>
1541
                        <max/>
1542
                        <max-src-nodes/>
1543
                        <max-src-conn/>
1544
                        <max-src-states/>
1545
                        <statetimeout/>
1546
                        <statetype>keep state</statetype>
1547
                        <os/>
1548
                        <protocol>tcp</protocol>
1549
                        <source>
1550
                                <address>Recorder_Net</address>
1551
                        </source>
1552
                        <destination>
1553
                                <address>DC_DOMAINS</address>
1554
                                <port>DC_PORTS_TCP</port>
1555
                        </destination>
1556
                        <descr/>
1557
                </rule>
1558
                <rule>
1559
                        <id/>
1560
                        <type>pass</type>
1561
                        <interface>Recorders</interface>
1562
                        <tag/>
1563
                        <tagged/>
1564
                        <max/>
1565
                        <max-src-nodes/>
1566
                        <max-src-conn/>
1567
                        <max-src-states/>
1568
                        <statetimeout/>
1569
                        <statetype>keep state</statetype>
1570
                        <os/>
1571
                        <protocol>udp</protocol>
1572
                        <source>
1573
                                <address>Recorder_Net</address>
1574
                        </source>
1575
                        <destination>
1576
                                <address>DC_DOMAINS</address>
1577
                                <port>DC_PORTS_UDP</port>
1578
                        </destination>
1579
                        <descr/>
1580
                </rule>
1581
                <rule>
1582
                        <id/>
1583
                        <type>pass</type>
1584
                        <interface>Recorders</interface>
1585
                        <tag/>
1586
                        <tagged/>
1587
                        <max/>
1588
                        <max-src-nodes/>
1589
                        <max-src-conn/>
1590
                        <max-src-states/>
1591
                        <statetimeout/>
1592
                        <statetype>keep state</statetype>
1593
                        <os/>
1594
                        <protocol>tcp/udp</protocol>
1595
                        <source>
1596
                                <address>Recorder_Net</address>
1597
                        </source>
1598
                        <destination>
1599
                                <address>DC_DOMAINS</address>
1600
                                <port>DC_PORTS_TCP_UDP</port>
1601
                        </destination>
1602
                        <descr/>
1603
                </rule>
1604
                <rule>
1605
                        <id/>
1606
                        <type>block</type>
1607
                        <interface>Recorders</interface>
1608
                        <tag/>
1609
                        <tagged/>
1610
                        <max/>
1611
                        <max-src-nodes/>
1612
                        <max-src-conn/>
1613
                        <max-src-states/>
1614
                        <statetimeout/>
1615
                        <statetype>keep state</statetype>
1616
                        <os/>
1617
                        <source>
1618
                                <address>Recorder_Net</address>
1619
                        </source>
1620
                        <destination>
1621
                                <address>DC_DOMAINS</address>
1622
                        </destination>
1623
                        <log/>
1624
                        <descr/>
1625
                </rule>
1626
                <rule>
1627
                        <id/>
1628
                        <type>pass</type>
1629
                        <interface>Recorders</interface>
1630
                        <tag/>
1631
                        <tagged/>
1632
                        <max/>
1633
                        <max-src-nodes/>
1634
                        <max-src-conn/>
1635
                        <max-src-states/>
1636
                        <statetimeout/>
1637
                        <statetype>keep state</statetype>
1638
                        <os/>
1639
                        <protocol>icmp</protocol>
1640
                        <source>
1641
                                <address>Recorder_Net</address>
1642
                        </source>
1643
                        <destination>
1644
                                <address>Desktop_Net</address>
1645
                        </destination>
1646
                        <descr/>
1647
                </rule>
1648
                <rule>
1649
                        <id/>
1650
                        <type>pass</type>
1651
                        <interface>Recorders</interface>
1652
                        <tag/>
1653
                        <tagged/>
1654
                        <max/>
1655
                        <max-src-nodes/>
1656
                        <max-src-conn/>
1657
                        <max-src-states/>
1658
                        <statetimeout/>
1659
                        <statetype>keep state</statetype>
1660
                        <os/>
1661
                        <protocol>tcp</protocol>
1662
                        <source>
1663
                                <address>Recorder_Net</address>
1664
                        </source>
1665
                        <destination>
1666
                                <address>Desktop_Net</address>
1667
                                <port>Rec_2_Desk_TCP</port>
1668
                        </destination>
1669
                        <descr/>
1670
                </rule>
1671
                <rule>
1672
                        <id/>
1673
                        <type>pass</type>
1674
                        <interface>Recorders</interface>
1675
                        <tag/>
1676
                        <tagged/>
1677
                        <max/>
1678
                        <max-src-nodes/>
1679
                        <max-src-conn/>
1680
                        <max-src-states/>
1681
                        <statetimeout/>
1682
                        <statetype>keep state</statetype>
1683
                        <os/>
1684
                        <protocol>udp</protocol>
1685
                        <source>
1686
                                <address>Recorder_Net</address>
1687
                        </source>
1688
                        <destination>
1689
                                <address>Desktop_Net</address>
1690
                                <port>Rec_2_Desk_UDP</port>
1691
                        </destination>
1692
                        <descr/>
1693
                </rule>
1694
                <rule>
1695
                        <id/>
1696
                        <type>block</type>
1697
                        <interface>Recorders</interface>
1698
                        <tag/>
1699
                        <tagged/>
1700
                        <max/>
1701
                        <max-src-nodes/>
1702
                        <max-src-conn/>
1703
                        <max-src-states/>
1704
                        <statetimeout/>
1705
                        <statetype>keep state</statetype>
1706
                        <os/>
1707
                        <source>
1708
                                <address>Recorder_Net</address>
1709
                        </source>
1710
                        <destination>
1711
                                <address>Desktop_Net</address>
1712
                        </destination>
1713
                        <log/>
1714
                        <descr/>
1715
                </rule>
1716
                <rule>
1717
                        <id/>
1718
                        <type>pass</type>
1719
                        <interface>Recorders</interface>
1720
                        <tag/>
1721
                        <tagged/>
1722
                        <max/>
1723
                        <max-src-nodes/>
1724
                        <max-src-conn/>
1725
                        <max-src-states/>
1726
                        <statetimeout/>
1727
                        <statetype>keep state</statetype>
1728
                        <os/>
1729
                        <protocol>icmp</protocol>
1730
                        <source>
1731
                                <address>Recorder_Net</address>
1732
                        </source>
1733
                        <destination>
1734
                                <address>DataCenter_net</address>
1735
                        </destination>
1736
                        <descr/>
1737
                </rule>
1738
                <rule>
1739
                        <id/>
1740
                        <type>pass</type>
1741
                        <interface>Recorders</interface>
1742
                        <tag/>
1743
                        <tagged/>
1744
                        <max/>
1745
                        <max-src-nodes/>
1746
                        <max-src-conn/>
1747
                        <max-src-states/>
1748
                        <statetimeout/>
1749
                        <statetype>keep state</statetype>
1750
                        <os/>
1751
                        <protocol>tcp</protocol>
1752
                        <source>
1753
                                <address>Recorder_Net</address>
1754
                        </source>
1755
                        <destination>
1756
                                <address>DataCenter_net</address>
1757
                                <port>REC_2_DC_TCP</port>
1758
                        </destination>
1759
                        <descr/>
1760
                </rule>
1761
                <rule>
1762
                        <id/>
1763
                        <type>block</type>
1764
                        <interface>Recorders</interface>
1765
                        <tag/>
1766
                        <tagged/>
1767
                        <max/>
1768
                        <max-src-nodes/>
1769
                        <max-src-conn/>
1770
                        <max-src-states/>
1771
                        <statetimeout/>
1772
                        <statetype>keep state</statetype>
1773
                        <os/>
1774
                        <source>
1775
                                <address>Recorder_Net</address>
1776
                        </source>
1777
                        <destination>
1778
                                <address>DataCenter_net</address>
1779
                        </destination>
1780
                        <log/>
1781
                        <descr/>
1782
                </rule>
1783
                <rule>
1784
                        <id/>
1785
                        <type>pass</type>
1786
                        <interface>opt1</interface>
1787
                        <tag/>
1788
                        <tagged/>
1789
                        <max/>
1790
                        <max-src-nodes/>
1791
                        <max-src-conn/>
1792
                        <max-src-states/>
1793
                        <statetimeout/>
1794
                        <statetype>keep state</statetype>
1795
                        <os/>
1796
                        <source>
1797
                                <any/>
1798
                        </source>
1799
                        <destination>
1800
                                <any/>
1801
                        </destination>
1802
                        <descr/>
1803
                </rule>
1804
                <rule>
1805
                        <id/>
1806
                        <type>pass</type>
1807
                        <interface>opt2</interface>
1808
                        <tag/>
1809
                        <tagged/>
1810
                        <max/>
1811
                        <max-src-nodes/>
1812
                        <max-src-conn/>
1813
                        <max-src-states/>
1814
                        <statetimeout/>
1815
                        <statetype>keep state</statetype>
1816
                        <os/>
1817
                        <source>
1818
                                <any/>
1819
                        </source>
1820
                        <destination>
1821
                                <any/>
1822
                        </destination>
1823
                        <descr/>
1824
                </rule>
1825
                <rule>
1826
                        <id/>
1827
                        <type>pass</type>
1828
                        <interface>opt3</interface>
1829
                        <tag/>
1830
                        <tagged/>
1831
                        <max/>
1832
                        <max-src-nodes/>
1833
                        <max-src-conn/>
1834
                        <max-src-states/>
1835
                        <statetimeout/>
1836
                        <statetype>keep state</statetype>
1837
                        <os/>
1838
                        <source>
1839
                                <any/>
1840
                        </source>
1841
                        <destination>
1842
                                <any/>
1843
                        </destination>
1844
                        <descr/>
1845
                </rule>
1846
                <rule>
1847
                        <id/>
1848
                        <type>pass</type>
1849
                        <interface>opt4</interface>
1850
                        <tag/>
1851
                        <tagged/>
1852
                        <max/>
1853
                        <max-src-nodes/>
1854
                        <max-src-conn/>
1855
                        <max-src-states/>
1856
                        <statetimeout/>
1857
                        <statetype>keep state</statetype>
1858
                        <os/>
1859
                        <source>
1860
                                <any/>
1861
                        </source>
1862
                        <destination>
1863
                                <any/>
1864
                        </destination>
1865
                        <descr/>
1866
                </rule>
1867
                <rule>
1868
                        <id/>
1869
                        <type>pass</type>
1870
                        <interface>opt5</interface>
1871
                        <tag/>
1872
                        <tagged/>
1873
                        <max/>
1874
                        <max-src-nodes/>
1875
                        <max-src-conn/>
1876
                        <max-src-states/>
1877
                        <statetimeout/>
1878
                        <statetype>keep state</statetype>
1879
                        <os/>
1880
                        <source>
1881
                                <any/>
1882
                        </source>
1883
                        <destination>
1884
                                <any/>
1885
                        </destination>
1886
                        <descr/>
1887
                </rule>
1888
                <rule>
1889
                        <id/>
1890
                        <type>pass</type>
1891
                        <interface>opt6</interface>
1892
                        <tag/>
1893
                        <tagged/>
1894
                        <max/>
1895
                        <max-src-nodes/>
1896
                        <max-src-conn/>
1897
                        <max-src-states/>
1898
                        <statetimeout/>
1899
                        <statetype>keep state</statetype>
1900
                        <os/>
1901
                        <source>
1902
                                <any/>
1903
                        </source>
1904
                        <destination>
1905
                                <any/>
1906
                        </destination>
1907
                        <descr/>
1908
                </rule>
1909
                <rule>
1910
                        <id/>
1911
                        <type>pass</type>
1912
                        <interface>opt7</interface>
1913
                        <tag/>
1914
                        <tagged/>
1915
                        <max/>
1916
                        <max-src-nodes/>
1917
                        <max-src-conn/>
1918
                        <max-src-states/>
1919
                        <statetimeout/>
1920
                        <statetype>keep state</statetype>
1921
                        <os/>
1922
                        <source>
1923
                                <any/>
1924
                        </source>
1925
                        <destination>
1926
                                <any/>
1927
                        </destination>
1928
                        <descr/>
1929
                </rule>
1930
                <rule>
1931
                        <id/>
1932
                        <type>pass</type>
1933
                        <interface>opt8</interface>
1934
                        <tag/>
1935
                        <tagged/>
1936
                        <max/>
1937
                        <max-src-nodes/>
1938
                        <max-src-conn/>
1939
                        <max-src-states/>
1940
                        <statetimeout/>
1941
                        <statetype>keep state</statetype>
1942
                        <os/>
1943
                        <source>
1944
                                <any/>
1945
                        </source>
1946
                        <destination>
1947
                                <any/>
1948
                        </destination>
1949
                        <descr/>
1950
                </rule>
1951
                <rule>
1952
                        <id/>
1953
                        <type>pass</type>
1954
                        <interface>opt9</interface>
1955
                        <tag/>
1956
                        <tagged/>
1957
                        <max/>
1958
                        <max-src-nodes/>
1959
                        <max-src-conn/>
1960
                        <max-src-states/>
1961
                        <statetimeout/>
1962
                        <statetype>keep state</statetype>
1963
                        <os/>
1964
                        <source>
1965
                                <any/>
1966
                        </source>
1967
                        <destination>
1968
                                <any/>
1969
                        </destination>
1970
                        <descr/>
1971
                </rule>
1972
                <rule>
1973
                        <id/>
1974
                        <type>pass</type>
1975
                        <interface>opt10</interface>
1976
                        <tag/>
1977
                        <tagged/>
1978
                        <max/>
1979
                        <max-src-nodes/>
1980
                        <max-src-conn/>
1981
                        <max-src-states/>
1982
                        <statetimeout/>
1983
                        <statetype>keep state</statetype>
1984
                        <os/>
1985
                        <source>
1986
                                <any/>
1987
                        </source>
1988
                        <destination>
1989
                                <any/>
1990
                        </destination>
1991
                        <descr/>
1992
                </rule>
1993
                <rule>
1994
                        <id/>
1995
                        <type>pass</type>
1996
                        <interface>opt11</interface>
1997
                        <tag/>
1998
                        <tagged/>
1999
                        <max/>
2000
                        <max-src-nodes/>
2001
                        <max-src-conn/>
2002
                        <max-src-states/>
2003
                        <statetimeout/>
2004
                        <statetype>keep state</statetype>
2005
                        <os/>
2006
                        <source>
2007
                                <any/>
2008
                        </source>
2009
                        <destination>
2010
                                <any/>
2011
                        </destination>
2012
                        <descr/>
2013
                </rule>
2014
                <rule>
2015
                        <id/>
2016
                        <type>pass</type>
2017
                        <interface>opt12</interface>
2018
                        <tag/>
2019
                        <tagged/>
2020
                        <max/>
2021
                        <max-src-nodes/>
2022
                        <max-src-conn/>
2023
                        <max-src-states/>
2024
                        <statetimeout/>
2025
                        <statetype>keep state</statetype>
2026
                        <os/>
2027
                        <source>
2028
                                <any/>
2029
                        </source>
2030
                        <destination>
2031
                                <any/>
2032
                        </destination>
2033
                        <descr/>
2034
                </rule>
2035
                <rule>
2036
                        <id/>
2037
                        <type>pass</type>
2038
                        <interface>opt13</interface>
2039
                        <tag/>
2040
                        <tagged/>
2041
                        <max/>
2042
                        <max-src-nodes/>
2043
                        <max-src-conn/>
2044
                        <max-src-states/>
2045
                        <statetimeout/>
2046
                        <statetype>keep state</statetype>
2047
                        <os/>
2048
                        <source>
2049
                                <any/>
2050
                        </source>
2051
                        <destination>
2052
                                <any/>
2053
                        </destination>
2054
                        <descr/>
2055
                </rule>
2056
                <rule>
2057
                        <id/>
2058
                        <type>pass</type>
2059
                        <interface>opt14</interface>
2060
                        <tag/>
2061
                        <tagged/>
2062
                        <max/>
2063
                        <max-src-nodes/>
2064
                        <max-src-conn/>
2065
                        <max-src-states/>
2066
                        <statetimeout/>
2067
                        <statetype>keep state</statetype>
2068
                        <os/>
2069
                        <source>
2070
                                <any/>
2071
                        </source>
2072
                        <destination>
2073
                                <any/>
2074
                        </destination>
2075
                        <descr/>
2076
                </rule>
2077
                <rule>
2078
                        <id/>
2079
                        <type>pass</type>
2080
                        <interface>opt15</interface>
2081
                        <tag/>
2082
                        <tagged/>
2083
                        <max/>
2084
                        <max-src-nodes/>
2085
                        <max-src-conn/>
2086
                        <max-src-states/>
2087
                        <statetimeout/>
2088
                        <statetype>keep state</statetype>
2089
                        <os/>
2090
                        <source>
2091
                                <any/>
2092
                        </source>
2093
                        <destination>
2094
                                <any/>
2095
                        </destination>
2096
                        <descr/>
2097
                </rule>
2098
                <rule>
2099
                        <id/>
2100
                        <type>pass</type>
2101
                        <interface>opt16</interface>
2102
                        <tag/>
2103
                        <tagged/>
2104
                        <max/>
2105
                        <max-src-nodes/>
2106
                        <max-src-conn/>
2107
                        <max-src-states/>
2108
                        <statetimeout/>
2109
                        <statetype>keep state</statetype>
2110
                        <os/>
2111
                        <source>
2112
                                <address>monitoring_server</address>
2113
                        </source>
2114
                        <destination>
2115
                                <any/>
2116
                        </destination>
2117
                        <descr/>
2118
                </rule>
2119
                <rule>
2120
                        <id/>
2121
                        <type>pass</type>
2122
                        <interface>opt16</interface>
2123
                        <tag/>
2124
                        <tagged/>
2125
                        <max/>
2126
                        <max-src-nodes/>
2127
                        <max-src-conn/>
2128
                        <max-src-states/>
2129
                        <statetimeout/>
2130
                        <statetype>keep state</statetype>
2131
                        <os/>
2132
                        <source>
2133
                                <network>opt16</network>
2134
                        </source>
2135
                        <destination>
2136
                                <any/>
2137
                        </destination>
2138
                        <descr/>
2139
                </rule>
2140
                <rule>
2141
                        <id/>
2142
                        <type>block</type>
2143
                        <interface>opt16</interface>
2144
                        <tag/>
2145
                        <tagged/>
2146
                        <max/>
2147
                        <max-src-nodes/>
2148
                        <max-src-conn/>
2149
                        <max-src-states/>
2150
                        <statetimeout/>
2151
                        <statetype>keep state</statetype>
2152
                        <os/>
2153
                        <source>
2154
                                <any/>
2155
                        </source>
2156
                        <destination>
2157
                                <any/>
2158
                        </destination>
2159
                        <log/>
2160
                        <descr/>
2161
                </rule>
2162
                <rule>
2163
                        <id/>
2164
                        <type>pass</type>
2165
                        <interface>opt17</interface>
2166
                        <tag/>
2167
                        <tagged/>
2168
                        <max/>
2169
                        <max-src-nodes/>
2170
                        <max-src-conn/>
2171
                        <max-src-states/>
2172
                        <statetimeout/>
2173
                        <statetype>keep state</statetype>
2174
                        <os/>
2175
                        <source>
2176
                                <address>monitoring_server</address>
2177
                        </source>
2178
                        <destination>
2179
                                <any/>
2180
                        </destination>
2181
                        <descr/>
2182
                </rule>
2183
                <rule>
2184
                        <id/>
2185
                        <type>pass</type>
2186
                        <interface>opt17</interface>
2187
                        <tag/>
2188
                        <tagged/>
2189
                        <max/>
2190
                        <max-src-nodes/>
2191
                        <max-src-conn/>
2192
                        <max-src-states/>
2193
                        <statetimeout/>
2194
                        <statetype>keep state</statetype>
2195
                        <os/>
2196
                        <source>
2197
                                <network>opt17</network>
2198
                        </source>
2199
                        <destination>
2200
                                <any/>
2201
                        </destination>
2202
                        <descr/>
2203
                </rule>
2204
                <rule>
2205
                        <id/>
2206
                        <type>block</type>
2207
                        <interface>opt17</interface>
2208
                        <tag/>
2209
                        <tagged/>
2210
                        <max/>
2211
                        <max-src-nodes/>
2212
                        <max-src-conn/>
2213
                        <max-src-states/>
2214
                        <statetimeout/>
2215
                        <statetype>keep state</statetype>
2216
                        <os/>
2217
                        <source>
2218
                                <any/>
2219
                        </source>
2220
                        <destination>
2221
                                <any/>
2222
                        </destination>
2223
                        <log/>
2224
                        <descr/>
2225
                </rule>
2226
                <rule>
2227
                        <id/>
2228
                        <type>pass</type>
2229
                        <interface>opt18</interface>
2230
                        <tag/>
2231
                        <tagged/>
2232
                        <max/>
2233
                        <max-src-nodes/>
2234
                        <max-src-conn/>
2235
                        <max-src-states/>
2236
                        <statetimeout/>
2237
                        <statetype>keep state</statetype>
2238
                        <os/>
2239
                        <source>
2240
                                <any/>
2241
                        </source>
2242
                        <destination>
2243
                                <any/>
2244
                        </destination>
2245
                        <descr/>
2246
                </rule>
2247
                <rule>
2248
                        <id/>
2249
                        <type>pass</type>
2250
                        <interface>opt19</interface>
2251
                        <tag/>
2252
                        <tagged/>
2253
                        <max/>
2254
                        <max-src-nodes/>
2255
                        <max-src-conn/>
2256
                        <max-src-states/>
2257
                        <statetimeout/>
2258
                        <statetype>keep state</statetype>
2259
                        <os/>
2260
                        <source>
2261
                                <any/>
2262
                        </source>
2263
                        <destination>
2264
                                <any/>
2265
                        </destination>
2266
                        <descr/>
2267
                </rule>
2268
                <rule>
2269
                        <id/>
2270
                        <type>pass</type>
2271
                        <interface>opt20</interface>
2272
                        <tag/>
2273
                        <tagged/>
2274
                        <max/>
2275
                        <max-src-nodes/>
2276
                        <max-src-conn/>
2277
                        <max-src-states/>
2278
                        <statetimeout/>
2279
                        <statetype>keep state</statetype>
2280
                        <os/>
2281
                        <source>
2282
                                <any/>
2283
                        </source>
2284
                        <destination>
2285
                                <any/>
2286
                        </destination>
2287
                        <descr/>
2288
                </rule>
2289
                <rule>
2290
                        <id/>
2291
                        <type>pass</type>
2292
                        <interface>opt21</interface>
2293
                        <tag/>
2294
                        <tagged/>
2295
                        <max/>
2296
                        <max-src-nodes/>
2297
                        <max-src-conn/>
2298
                        <max-src-states/>
2299
                        <statetimeout/>
2300
                        <statetype>keep state</statetype>
2301
                        <os/>
2302
                        <source>
2303
                                <any/>
2304
                        </source>
2305
                        <destination>
2306
                                <any/>
2307
                        </destination>
2308
                        <descr/>
2309
                </rule>
2310
                <rule>
2311
                        <id/>
2312
                        <type>pass</type>
2313
                        <interface>opt22</interface>
2314
                        <tag/>
2315
                        <tagged/>
2316
                        <max/>
2317
                        <max-src-nodes/>
2318
                        <max-src-conn/>
2319
                        <max-src-states/>
2320
                        <statetimeout/>
2321
                        <statetype>keep state</statetype>
2322
                        <os/>
2323
                        <source>
2324
                                <any/>
2325
                        </source>
2326
                        <destination>
2327
                                <any/>
2328
                        </destination>
2329
                        <descr/>
2330
                </rule>
2331
        </filter>
2332
        <shaper/>
2333
        <ipsec>
2334
                <preferoldsa/>
2335
        </ipsec>
2336
        <aliases>
2337
                <alias>
2338
                        <name>DataCenter_net</name>
2339
                        <address>10.165.245.0/24</address>
2340
                        <descr/>
2341
                        <type>network</type>
2342
                        <detail><![CDATA[Entry added Wed, 20 Jun 2012 15:08:04 +0300]]></detail>
2343
                </alias>
2344
                <alias>
2345
                        <name>DC_2_DESK_UDP</name>
2346
                        <address>2701</address>
2347
                        <descr/>
2348
                        <type>port</type>
2349
                        <detail><![CDATA[SIP]]></detail>
2350
                </alias>
2351
                <alias>
2352
                        <name>DC_2_REC_TCP</name>
2353
                        <address>8080 8443 29500:29504 29510 29520</address>
2354
                        <descr/>
2355
                        <type>port</type>
2356
                        <detail><![CDATA[HTTP||HTTPS||Entry added Wed, 20 Jun 2012 16:23:30 +0300||Entry added Wed, 20 Jun 2012 16:23:30 +0300||Entry added Wed, 20 Jun 2012 16:23:30 +0300]]></detail>
2357
                </alias>
2358
                <alias>
2359
                        <name>DC_DOMAINS</name>
2360
                        <address>10.165.245.200 10.165.246.200 10.165.243.200 10.165.241.200 10.165.240.200</address>
2361
                        <descr/>
2362
                        <type>host</type>
2363
                        <detail><![CDATA[DC_MAIN||DC_TLV_MAIN||DC_HAIFA_MAIN||DC_HERTZ_SUBMAIN||DC Submain]]></detail>
2364
                </alias>
2365
                <alias>
2366
                        <name>DC_HAIFA_MAIN</name>
2367
                        <address>10.165.243.200</address>
2368
                        <descr/>
2369
                        <type>host</type>
2370
                        <detail><![CDATA[Entry added Thu, 31 May 2012 15:42:09 +0300]]></detail>
2371
                </alias>
2372
                <alias>
2373
                        <name>DC_HERTZ_SUBMAIN</name>
2374
                        <address>10.165.241.200</address>
2375
                        <descr/>
2376
                        <type>host</type>
2377
                        <detail><![CDATA[Entry added Thu, 31 May 2012 15:43:14 +0300]]></detail>
2378
                </alias>
2379
                <alias>
2380
                        <name>DC_MAIN</name>
2381
                        <address>10.165.254.200</address>
2382
                        <descr/>
2383
                        <type>host</type>
2384
                        <detail><![CDATA[Entry added Thu, 31 May 2012 15:40:22 +0300]]></detail>
2385
                </alias>
2386
                <alias>
2387
                        <name>DC_MAIN_Domains</name>
2388
                        <address>10.165.245.200 10.165.246.200 10.165.243.200</address>
2389
                        <descr/>
2390
                        <type>host</type>
2391
                        <detail><![CDATA[DC_MAIN||DC_TLV_MAIN||DC_HAIFA_MAIN]]></detail>
2392
                </alias>
2393
                <alias>
2394
                        <name>DC_PORTS_Blocked</name>
2395
                        <address>3389</address>
2396
                        <descr/>
2397
                        <type>port</type>
2398
                        <detail><![CDATA[MS RDP]]></detail>
2399
                </alias>
2400
                <alias>
2401
                        <name>DC_PORTS_TCP</name>
2402
                        <address>445 6892 6893 6894</address>
2403
                        <descr/>
2404
                        <type>port</type>
2405
                        <detail><![CDATA[Microsoft SMB||LSA RPC ||Net Logon RPC||FRS Replication]]></detail>
2406
                </alias>
2407
                <alias>
2408
                        <name>DC_PORTS_TCP_UDP</name>
2409
                        <address>53 88 135 138 139 389 464 3268 3269 137</address>
2410
                        <descr/>
2411
                        <type>port</type>
2412
                        <detail><![CDATA[DNS||Kerberos authentication system||Portmapper||NetBIOS Datagram Service||NetBIOS Session Service||LDAP||Kerberos Change/Set password||MS GC||MS GC over SSL||NetBIOS Name Service]]></detail>
2413
                </alias>
2414
                <alias>
2415
                        <name>DC_PORTS_UDP</name>
2416
                        <address>123 53</address>
2417
                        <descr/>
2418
                        <type>port</type>
2419
                        <detail><![CDATA[NTP||DNS]]></detail>
2420
                </alias>
2421
                <alias>
2422
                        <name>DC_SUBMAIN</name>
2423
                        <address>10.165.240.200</address>
2424
                        <descr/>
2425
                        <type>host</type>
2426
                        <detail><![CDATA[Entry added Thu, 31 May 2012 15:42:34 +0300]]></detail>
2427
                </alias>
2428
                <alias>
2429
                        <name>DC_SUBMAIN_Domains</name>
2430
                        <address>10.165.241.200 10.165.240.200</address>
2431
                        <descr/>
2432
                        <type>host</type>
2433
                        <detail><![CDATA[DC_HERTZ_SUBMAIN||DC Submain]]></detail>
2434
                </alias>
2435
                <alias>
2436
                        <name>DC_TLV_MAIN</name>
2437
                        <address>10.165.246.200</address>
2438
                        <descr/>
2439
                        <type>host</type>
2440
                        <detail><![CDATA[Entry added Thu, 31 May 2012 15:41:00 +0300]]></detail>
2441
                </alias>
2442
                <alias>
2443
                        <name>Desk_2_DC_TCP</name>
2444
                        <address>80 443 1433 4715 5080 6400:6402 7001:7002 8383 8387 9300 9443</address>
2445
                        <descr/>
2446
                        <type>port</type>
2447
                        <detail><![CDATA[HTTP||HTTPS||MSSQL||Entry added Tue, 19 Jun 2012 15:17:48 +0300||Entry added Tue, 19 Jun 2012 15:17:48 +0300||Entry added Tue, 19 Jun 2012 15:17:48 +0300||Entry added Tue, 19 Jun 2012 15:17:48 +0300||Entry added Tue, 19 Jun 2012 15:17:48 +0300||Entry added Tue, 19 Jun 2012 15:17:48 +0300||Entry added Tue, 19 Jun 2012 15:17:48 +0300||Entry added Tue, 19 Jun 2012 15:17:48 +0300]]></detail>
2448
                </alias>
2449
                <alias>
2450
                        <name>Desk_2_DC_UDP</name>
2451
                        <address>5060</address>
2452
                        <descr/>
2453
                        <type>port</type>
2454
                        <detail><![CDATA[SIP]]></detail>
2455
                </alias>
2456
                <alias>
2457
                        <name>Desk_2_Rec_TCP</name>
2458
                        <address>3020 29500:29501 29520 29522 3389</address>
2459
                        <descr/>
2460
                        <type>port</type>
2461
                        <detail><![CDATA[Entry added Thu, 14 Jun 2012 10:45:51 +0300||Entry added Thu, 14 Jun 2012 10:45:51 +0300||Entry added Thu, 14 Jun 2012 10:45:51 +0300||Entry added Thu, 14 Jun 2012 10:45:51 +0300||MS RDP]]></detail>
2462
                </alias>
2463
                <alias>
2464
                        <name>Desktop_Net</name>
2465
                        <address>10.165.242.0/24 10.165.244.0/24 10.165.247.0/24</address>
2466
                        <descr/>
2467
                        <type>network</type>
2468
                        <detail><![CDATA[Site B||Site A||DataCenter]]></detail>
2469
                </alias>
2470
                <alias>
2471
                        <name>*********_LAB_FLOOR2</name>
2472
                        <address>10.161.62.0/24 10.161.134.0/24 10.161.135.0/24 10.161.60.0/24 10.161.61.0/24 10.161.63.0/24 10.161.64.0/24</address>
2473
                        <descr/>
2474
                        <type>network</type>
2475
                        <detail><![CDATA[Entry added Wed, 26 Dec 2012 23:00:22 +0200||Entry added Wed, 26 Dec 2012 23:00:22 +0200||Entry added Wed, 26 Dec 2012 23:00:22 +0200||Entry added Thu, 27 Dec 2012 11:20:47 +0200||Entry added Thu, 27 Dec 2012 11:20:47 +0200||Entry added Thu, 27 Dec 2012 11:20:47 +0200||Entry added Thu, 27 Dec 2012 11:20:47 +0200]]></detail>
2476
                </alias>
2477
                <alias>
2478
                        <name>Internet_Access_hosts</name>
2479
                        <address>10.161.245.51 10.161.222.32 10.161.111.3 10.161.111.4 10.161.245.47 10.161.207.95 10.161.207.96 10.161.222.51 10.161.222.8 10.161.207.173 10.161.207.175 10.161.222.102 10.161.222.253 10.161.111.11 10.161.111.126 10.161.111.4 10.161.111.9 10.161.207.192 10.161.207.193 10.161.207.194 10.161.207.195 10.161.207.196 10.161.125.17 10.161.125.27 10.161.125.18 10.161.125.28 10.161.125.29 10.161.125.34 10.161.125.35 10.161.125.46 10.161.125.47 10.161.125.48 10.161.125.49 10.161.125.50 10.161.204.138 10.165.205.198 10.165.205.197 10.165.142.134 10.165.142.173</address>
2480
                        <descr/>
2481
                        <type>host</type>
2482
                        <detail><![CDATA[Entry added Fri, 01 Mar 2013 07:22:36 +0200||Entry added Fri, 01 Mar 2013 07:22:36 +0200||Entry added Fri, 01 Mar 2013 07:22:36 +0200||Entry added Fri, 01 Mar 2013 07:22:36 +0200||Entry added Fri, 01 Mar 2013 07:22:36 +0200||Entry added Fri, 01 Mar 2013 07:22:36 +0200||Entry added Fri, 01 Mar 2013 07:22:36 +0200||Entry added Fri, 01 Mar 2013 07:22:36 +0200||Entry added Fri, 01 Mar 2013 07:22:36 +0200||Entry added Fri, 01 Mar 2013 07:22:36 +0200||Entry added Fri, 01 Mar 2013 07:22:36 +0200||Entry added Fri, 01 Mar 2013 07:22:36 +0200||Entry added Fri, 01 Mar 2013 07:22:36 +0200||Entry added Fri, 01 Mar 2013 07:22:36 +0200||Entry added Fri, 01 Mar 2013 07:22:36 +0200||Entry added Fri, 01 Mar 2013 07:22:36 +0200||Entry added Fri, 01 Mar 2013 07:22:36 +0200||Entry added Fri, 01 Mar 2013 07:22:36 +0200||Entry added Fri, 01 Mar 2013 07:22:36 +0200||Entry added Fri, 01 Mar 2013 07:22:36 +0200||Entry added Fri, 01 Mar 2013 07:22:36 +0200||Entry added Fri, 01 Mar 2013 07:22:36 +0200||Entry added Fri, 01 Mar 2013 07:22:36 +0200||Entry added Fri, 01 Mar 2013 07:22:36 +0200||Entry added Fri, 01 Mar 2013 07:22:36 +0200||Entry added Fri, 01 Mar 2013 07:22:36 +0200||Entry added Fri, 01 Mar 2013 07:22:36 +0200||Entry added Fri, 01 Mar 2013 07:22:36 +0200||Entry added Fri, 01 Mar 2013 07:22:36 +0200||Entry added Fri, 01 Mar 2013 07:22:36 +0200||Entry added Fri, 01 Mar 2013 07:22:36 +0200||Entry added Fri, 01 Mar 2013 07:22:36 +0200||Entry added Fri, 01 Mar 2013 07:22:36 +0200||Entry added Fri, 01 Mar 2013 07:22:36 +0200||IICMBUIL2||Entry added Thu, 28 Mar 2013 13:10:32 +0200||Entry added Thu, 28 Mar 2013 13:16:06 +0200||Omer Shwartz||zztest]]></detail>
2483
                </alias>
2484
                <alias>
2485
                        <name>Internet_Access_Net</name>
2486
                        <address>10.161.133.0/24 10.161.141.0/24 10.165.140.0/24 10.165.200.0/24 10.161.63.0/24</address>
2487
                        <descr/>
2488
                        <type>network</type>
2489
                        <detail><![CDATA[Entry added Fri, 01 Mar 2013 07:08:36 +0200||Entry added Fri, 01 Mar 2013 07:08:36 +0200||Entry added Fri, 01 Mar 2013 07:26:00 +0200||Entry added Fri, 01 Mar 2013 07:26:00 +0200||Entry added Sun, 03 Mar 2013 10:03:16 +0200]]></detail>
2490
                </alias>
2491
                <alias>
2492
                        <name>monitoring_server</name>
2493
                        <address>10.165.200.84</address>
2494
                        <descr/>
2495
                        <type>host</type>
2496
                        <detail><![CDATA[Entry added Sun, 12 May 2013 11:08:18 +0300]]></detail>
2497
                </alias>
2498
                <alias>
2499
                        <name>REC_2_DC_TCP</name>
2500
                        <address>80 443 7001:7002</address>
2501
                        <descr/>
2502
                        <type>port</type>
2503
                        <detail><![CDATA[HTTP||HTTPS||Entry added Wed, 20 Jun 2012 16:26:54 +0300]]></detail>
2504
                </alias>
2505
                <alias>
2506
                        <name>Rec_2_Desk_TCP</name>
2507
                        <address>4001 29500:29504 29510</address>
2508
                        <descr/>
2509
                        <type>port</type>
2510
                        <detail><![CDATA[Entry added Thu, 14 Jun 2012 10:35:05 +0300||Entry added Thu, 14 Jun 2012 10:35:05 +0300||Entry added Thu, 14 Jun 2012 10:35:05 +0300]]></detail>
2511
                </alias>
2512
                <alias>
2513
                        <name>Rec_2_Desk_UDP</name>
2514
                        <address>8500:8503</address>
2515
                        <descr/>
2516
                        <type>port</type>
2517
                        <detail><![CDATA[Entry added Thu, 14 Jun 2012 10:36:42 +0300]]></detail>
2518
                </alias>
2519
                <alias>
2520
                        <name>Recorder_Net</name>
2521
                        <address>10.165.241.0/24 10.165.243.0/24 10.165.246.0/24</address>
2522
                        <descr/>
2523
                        <type>network</type>
2524
                        <detail><![CDATA[Site B||Site A||DataCenter]]></detail>
2525
                </alias>
2526
                <alias>
2527
                        <name>***************_LAB_FL0</name>
2528
                        <address>10.161.0.0/16</address>
2529
                        <descr/>
2530
                        <type>network</type>
2531
                        <detail><![CDATA[**********-LAB-FL0]]></detail>
2532
                </alias>
2533
        </aliases>
2534
        <proxyarp/>
2535
        <cron>
2536
                <item>
2537
                        <minute>0</minute>
2538
                        <hour>*</hour>
2539
                        <mday>*</mday>
2540
                        <month>*</month>
2541
                        <wday>*</wday>
2542
                        <who>root</who>
2543
                        <command>/usr/bin/nice -n20 newsyslog</command>
2544
                </item>
2545
                <item>
2546
                        <minute>1,31</minute>
2547
                        <hour>0-5</hour>
2548
                        <mday>*</mday>
2549
                        <month>*</month>
2550
                        <wday>*</wday>
2551
                        <who>root</who>
2552
                        <command>/usr/bin/nice -n20 adjkerntz -a</command>
2553
                </item>
2554
                <item>
2555
                        <minute>1</minute>
2556
                        <hour>3</hour>
2557
                        <mday>1</mday>
2558
                        <month>*</month>
2559
                        <wday>*</wday>
2560
                        <who>root</who>
2561
                        <command>/usr/bin/nice -n20 /etc/rc.update_bogons.sh</command>
2562
                </item>
2563
                <item>
2564
                        <minute>*/60</minute>
2565
                        <hour>*</hour>
2566
                        <mday>*</mday>
2567
                        <month>*</month>
2568
                        <wday>*</wday>
2569
                        <who>root</who>
2570
                        <command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 sshlockout</command>
2571
                </item>
2572
                <item>
2573
                        <minute>1</minute>
2574
                        <hour>1</hour>
2575
                        <mday>*</mday>
2576
                        <month>*</month>
2577
                        <wday>*</wday>
2578
                        <who>root</who>
2579
                        <command>/usr/bin/nice -n20 /etc/rc.dyndns.update</command>
2580
                </item>
2581
                <item>
2582
                        <minute>*/60</minute>
2583
                        <hour>*</hour>
2584
                        <mday>*</mday>
2585
                        <month>*</month>
2586
                        <wday>*</wday>
2587
                        <who>root</who>
2588
                        <command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 virusprot</command>
2589
                </item>
2590
                <item>
2591
                        <minute>30</minute>
2592
                        <hour>12</hour>
2593
                        <mday>*</mday>
2594
                        <month>*</month>
2595
                        <wday>*</wday>
2596
                        <who>root</who>
2597
                        <command>/usr/bin/nice -n20 /etc/rc.update_urltables</command>
2598
                </item>
2599
        </cron>
2600
        <rrd>
2601
                <enable/>
2602
        </rrd>
2603
        <load_balancer>
2604
                <monitor_type>
2605
                        <name>ICMP</name>
2606
                        <type>icmp</type>
2607
                        <descr><![CDATA[ICMP]]></descr>
2608
                        <options/>
2609
                </monitor_type>
2610
                <monitor_type>
2611
                        <name>TCP</name>
2612
                        <type>tcp</type>
2613
                        <descr><![CDATA[Generic TCP]]></descr>
2614
                        <options/>
2615
                </monitor_type>
2616
                <monitor_type>
2617
                        <name>HTTP</name>
2618
                        <type>http</type>
2619
                        <descr><![CDATA[Generic HTTP]]></descr>
2620
                        <options>
2621
                                <path>/</path>
2622
                                <host/>
2623
                                <code>200</code>
2624
                        </options>
2625
                </monitor_type>
2626
                <monitor_type>
2627
                        <name>HTTPS</name>
2628
                        <type>https</type>
2629
                        <descr><![CDATA[Generic HTTPS]]></descr>
2630
                        <options>
2631
                                <path>/</path>
2632
                                <host/>
2633
                                <code>200</code>
2634
                        </options>
2635
                </monitor_type>
2636
                <monitor_type>
2637
                        <name>SMTP</name>
2638
                        <type>send</type>
2639
                        <descr><![CDATA[Generic SMTP]]></descr>
2640
                        <options>
2641
                                <send/>
2642
                                <expect>220 *</expect>
2643
                        </options>
2644
                </monitor_type>
2645
        </load_balancer>
2646
        <widgets>
2647
                <sequence>system_information-container:col1:show,thermal_sensors-container:col1:show,captive_portal_status-container:col1:close,carp_status-container:col1:show,cpu_graphs-container:col1:close,gmirror_status-container:col1:close,installed_packages-container:col1:close,interface_statistics-container:col1:show,interfaces-container:col2:show,gateways-container:col2:show,ipsec-container:col2:close,load_balancer_status-container:col2:close,log-container:col2:close,picture-container:col2:close,rss-container:col2:close,services_status-container:col2:close,traffic_graphs-container:col2:show,openvpn-container:col2:none,wake_on_lan-container:col2:none,dyn_dns_status-container:col2:none,smart_status-container:col2:none</sequence>
2648
                <thermal_sensors_widget>
2649
                        <thermal_sensors_widget_zone_warning_threshold>66</thermal_sensors_widget_zone_warning_threshold>
2650
                        <thermal_sensors_widget_zone_critical_threshold>70</thermal_sensors_widget_zone_critical_threshold>
2651
                        <thermal_sensors_widget_core_warning_threshold>66</thermal_sensors_widget_core_warning_threshold>
2652
                        <thermal_sensors_widget_core_critical_threshold>70</thermal_sensors_widget_core_critical_threshold>
2653
                        <thermal_sensors_widget_show_raw_output>0</thermal_sensors_widget_show_raw_output>
2654
                        <thermal_sensors_widget_show_full_sensor_name>0</thermal_sensors_widget_show_full_sensor_name>
2655
                        <thermal_sensors_widget_pulsate_warning>1</thermal_sensors_widget_pulsate_warning>
2656
                        <thermal_sensors_widget_pulsate_critical>1</thermal_sensors_widget_pulsate_critical>
2657
                </thermal_sensors_widget>
2658
        </widgets>
2659
        <revision>
2660
                <time>1373781446</time>
2661
                <description><![CDATA[admin@10.61.21.63: /system_advanced_network.php made unknown change]]></description>
2662
                <username>admin@10.61.21.63</username>
2663
        </revision>
2664
        <l7shaper>
2665
                <container/>
2666
        </l7shaper>
2667
        <dnshaper/>
2668
        <cert>
2669
                <refid>4fb89e8447e7f</refid>
2670
                <descr><![CDATA[webConfigurator default]]></descr>
2671
                <crt>LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVLRENDQTVHZ0F3SUJBZ0lKQU51Y2IrNzJrS1NjTUEwR0NTcUdTSWIzRFFFQkJRVUFNSUcvTVFzd0NRWUQKVlFRR0V3SlZVekVTTUJBR0ExVUVDQk1KVTI5dFpYZG9aWEpsTVJFd0R3WURWUVFIRXdoVGIyMWxZMmwwZVRFVQpNQklHQTFVRUNoTUxRMjl0Y0dGdWVVNWhiV1V4THpBdEJnTlZCQXNUSms5eVoyRnVhWHBoZEdsdmJtRnNJRlZ1CmFYUWdUbUZ0WlNBb1pXY3NJSE5sWTNScGIyNHBNU1F3SWdZRFZRUURFeHREYjIxdGIyNGdUbUZ0WlNBb1pXY3MKSUZsUFZWSWdibUZ0WlNreEhEQWFCZ2txaGtpRzl3MEJDUUVXRFVWdFlXbHNJRUZrWkhKbGMzTXdIaGNOTVRJdwpOVEl3TURjek5ESTRXaGNOTVRjeE1URXdNRGN6TkRJNFdqQ0J2ekVMTUFrR0ExVUVCaE1DVlZNeEVqQVFCZ05WCkJBZ1RDVk52YldWM2FHVnlaVEVSTUE4R0ExVUVCeE1JVTI5dFpXTnBkSGt4RkRBU0JnTlZCQW9UQzBOdmJYQmgKYm5sT1lXMWxNUzh3TFFZRFZRUUxFeVpQY21kaGJtbDZZWFJwYjI1aGJDQlZibWwwSUU1aGJXVWdLR1ZuTENCegpaV04wYVc5dUtURWtNQ0lHQTFVRUF4TWJRMjl0Ylc5dUlFNWhiV1VnS0dWbkxDQlpUMVZTSUc1aGJXVXBNUnd3CkdnWUpLb1pJaHZjTkFRa0JGZzFGYldGcGJDQkJaR1J5WlhOek1JR2ZNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0R04KQURDQmlRS0JnUUN6MUVESnBTQ0hFMk85LzhzVW5nd21HbjA3T2UrOXplSXhJSllXcUJKTlVrZzhCdS9jUGtaaQo5NGFvWjFReElZd0R2N2xoRStVMURVVWN0elRtcStFeGhIM0JGTy9qVnF2SDc0a3JGbW9NUFFRNWtNeVRDNGcvCk13MXYyUENRNU4xazl1MXlFT3dqaXF0NG1zZVRudzlZYmllRkNkYnNIdEtIM0dFWjNZc2Qxd0lEQVFBQm80SUIKS0RDQ0FTUXdIUVlEVlIwT0JCWUVGQnc5QWFiSmNWbWtyOUFMbjBRSndDdGVSaTFNTUlIMEJnTlZIU01FZ2V3dwpnZW1BRkJ3OUFhYkpjVm1rcjlBTG4wUUp3Q3RlUmkxTW9ZSEZwSUhDTUlHL01Rc3dDUVlEVlFRR0V3SlZVekVTCk1CQUdBMVVFQ0JNSlUyOXRaWGRvWlhKbE1SRXdEd1lEVlFRSEV3aFRiMjFsWTJsMGVURVVNQklHQTFVRUNoTUwKUTI5dGNHRnVlVTVoYldVeEx6QXRCZ05WQkFzVEprOXlaMkZ1YVhwaGRHbHZibUZzSUZWdWFYUWdUbUZ0WlNBbwpaV2NzSUhObFkzUnBiMjRwTVNRd0lnWURWUVFERXh0RGIyMXRiMjRnVG1GdFpTQW9aV2NzSUZsUFZWSWdibUZ0ClpTa3hIREFhQmdrcWhraUc5dzBCQ1FFV0RVVnRZV2xzSUVGa1pISmxjM09DQ1FEYm5HL3U5cENrbkRBTUJnTlYKSFJNRUJUQURBUUgvTUEwR0NTcUdTSWIzRFFFQkJRVUFBNEdCQUh1Wk9PTExHSWNJVFJmMmZBbGlZNUdkbmZoYgpCbkNLcU4rQ2NhNDdhRDMrZ1B6MmF0NDZuWEZUUCtaak5PVjRHQ2d6SnBlcGRKeG55RloweURRMWx3VG1lbnZvCmYraVRxVlpyVXN5SXFUTGRMUDR2Q3R3MFRuUDRWZnkxcTdaS29TK1drZXhUd2hQYW0xZjdvOTFFQ01hNWZIUm4KQU56TXlXOUFEaFBLUWtMeQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==</crt>
2672
                <prv>R2VuZXJhdGluZyBSU0EgcHJpdmF0ZSBrZXksIDEwMjQgYml0IGxvbmcgbW9kdWx1cwouKysrKysrCi4uLi4uLi4uLi4uLi4uLi4uKysrKysrCmUgaXMgNjU1MzcgKDB4MTAwMDEpCi0tLS0tQkVHSU4gUlNBIFBSSVZBVEUgS0VZLS0tLS0KTUlJQ1hBSUJBQUtCZ1FDejFFREpwU0NIRTJPOS84c1VuZ3dtR24wN09lKzl6ZUl4SUpZV3FCSk5Va2c4QnUvYwpQa1ppOTRhb1oxUXhJWXdEdjdsaEUrVTFEVVVjdHpUbXErRXhoSDNCRk8valZxdkg3NGtyRm1vTVBRUTVrTXlUCkM0Zy9NdzF2MlBDUTVOMWs5dTF5RU93amlxdDRtc2VUbnc5WWJpZUZDZGJzSHRLSDNHRVozWXNkMXdJREFRQUIKQW9HQUlhTkxkeXluTi8wZGhEWHI0L0JvYjF3M0hyUUlyMlZxc1N2YVIyU3EvOEdyZDJjSXlSYnhEYVFsa1N5Ngo1L0hSZ2dZRUJDKzNpVVB4TUp6b2pWbUxadXBONkN5NmhtY1lwQVp6cTZLZCtTZWtXUzFUejJuU3ZYbDBVS1NwCnVBWEZsQWhRYnVDdEM2RHdCUWFFZVU3dlZHRVRNWWlGR1lUTW53eHRlSGZwVkxFQ1FRRG9aU3l0aEx4Vm43QzUKVHNwYk5TckRIckpvUlluaHZWVysxd3laTjl5VFNwdTZkZW56U29KcTE3UVpJSHpBZkFvVGhhSDZqcjRpeE52egpBbTlzeUc3NUFrRUF4aGc4VHMzaDlBUDhWWDdrVTlpRmp4VDZIN2NjN1FWZ2hjZDFDcGFzR2Y0QVk3SVZJajkrCjRJOXJhUFdCMTdFVC8rS3NTbU11RjFLN3lBZkJKeHlYVHdKQU5xTVN6ZmpYRG9wczBpUmtEdTJCRUQ2M1V5eUcKTGp5RlhFalMvWExVdVF4aGNJVW9hN3FvenRYSDBlQ0JjLysxbnNGY1E3d3JsNkVRMVNGTmNSWHVnUUpBSGhHMwp0YzZTcWRPaERlbEJCMmtxZk5tV1RoSWhsZWpuQ2VlSTRKNldhU3VoSzREd3JFNHZHQzh0QXJXaGkvZ1pMUkpmClRMdFpWN2o3UUJYTlAvNmJDUUpCQUpoeTBzelJ1SnN5emhVS1lkaFVDZG1hNnQrZTExV3Jjclc2WS9VWEhOYjYKbGNCVjhrdUdMZUphWWxKQUZYcEhlY1dDUXYzdGhJazl3Z3NWdXllQXQ0VT0KLS0tLS1FTkQgUlNBIFBSSVZBVEUgS0VZLS0tLS0K</prv>
2673
        </cert>
2674
        <ppps/>
2675
        <gateways>
2676
                <gateway_item>
2677
                        <interface>wan</interface>
2678
                        <gateway>10.165.128.250</gateway>
2679
                        <name>WANGW</name>
2680
                        <weight/>
2681
                        <interval/>
2682
                        <descr/>
2683
                        <defaultgw/>
2684
                        <ipprotocol>inet</ipprotocol>
2685
                </gateway_item>
2686
        </gateways>
2687
        <laggs>
2688
                <lagg>
2689
                        <members>ix0,ix1</members>
2690
                        <descr><![CDATA[LAN]]></descr>
2691
                        <laggif>lagg0</laggif>
2692
                        <proto>lacp</proto>
2693
                </lagg>
2694
                <lagg>
2695
                        <members>ix2,ix3</members>
2696
                        <descr><![CDATA[WAN]]></descr>
2697
                        <laggif>lagg1</laggif>
2698
                        <proto>lacp</proto>
2699
                </lagg>
2700
        </laggs>
2701
        <virtualip>
2702
                <vip>
2703
                        <mode>ipalias</mode>
2704
                        <interface>opt18</interface>
2705
                        <descr/>
2706
                        <type>single</type>
2707
                        <subnet_bits>24</subnet_bits>
2708
                        <subnet>10.161.124.254</subnet>
2709
                </vip>
2710
                <vip>
2711
                        <mode>ipalias</mode>
2712
                        <interface>opt18</interface>
2713
                        <descr/>
2714
                        <type>single</type>
2715
                        <subnet_bits>24</subnet_bits>
2716
                        <subnet>10.161.20.212</subnet>
2717
                </vip>
2718
                <vip>
2719
                        <mode>ipalias</mode>
2720
                        <interface>opt13</interface>
2721
                        <descr/>
2722
                        <type>single</type>
2723
                        <subnet_bits>24</subnet_bits>
2724
                        <subnet>10.161.61.2</subnet>
2725
                </vip>
2726
                <vip>
2727
                        <mode>ipalias</mode>
2728
                        <interface>opt13</interface>
2729
                        <descr/>
2730
                        <type>single</type>
2731
                        <subnet_bits>24</subnet_bits>
2732
                        <subnet>10.161.62.254</subnet>
2733
                </vip>
2734
                <vip>
2735
                        <mode>ipalias</mode>
2736
                        <interface>opt13</interface>
2737
                        <descr/>
2738
                        <type>single</type>
2739
                        <subnet_bits>24</subnet_bits>
2740
                        <subnet>10.161.63.254</subnet>
2741
                </vip>
2742
                <vip>
2743
                        <mode>ipalias</mode>
2744
                        <interface>opt13</interface>
2745
                        <descr/>
2746
                        <type>single</type>
2747
                        <subnet_bits>24</subnet_bits>
2748
                        <subnet>10.161.64.254</subnet>
2749
                </vip>
2750
                <vip>
2751
                        <mode>ipalias</mode>
2752
                        <interface>opt13</interface>
2753
                        <descr/>
2754
                        <type>single</type>
2755
                        <subnet_bits>24</subnet_bits>
2756
                        <subnet>10.161.70.254</subnet>
2757
                </vip>
2758
                <vip>
2759
                        <mode>ipalias</mode>
2760
                        <interface>opt18</interface>
2761
                        <descr/>
2762
                        <type>single</type>
2763
                        <subnet_bits>24</subnet_bits>
2764
                        <subnet>10.161.111.254</subnet>
2765
                </vip>
2766
                <vip>
2767
                        <mode>ipalias</mode>
2768
                        <interface>opt18</interface>
2769
                        <descr/>
2770
                        <type>single</type>
2771
                        <subnet_bits>24</subnet_bits>
2772
                        <subnet>10.161.125.254</subnet>
2773
                </vip>
2774
                <vip>
2775
                        <mode>ipalias</mode>
2776
                        <interface>opt18</interface>
2777
                        <descr/>
2778
                        <type>single</type>
2779
                        <subnet_bits>24</subnet_bits>
2780
                        <subnet>10.161.133.254</subnet>
2781
                </vip>
2782
                <vip>
2783
                        <mode>ipalias</mode>
2784
                        <interface>opt18</interface>
2785
                        <descr/>
2786
                        <type>single</type>
2787
                        <subnet_bits>24</subnet_bits>
2788
                        <subnet>10.161.134.254</subnet>
2789
                </vip>
2790
                <vip>
2791
                        <mode>ipalias</mode>
2792
                        <interface>opt18</interface>
2793
                        <descr/>
2794
                        <type>single</type>
2795
                        <subnet_bits>24</subnet_bits>
2796
                        <subnet>10.161.135.254</subnet>
2797
                </vip>
2798
                <vip>
2799
                        <mode>ipalias</mode>
2800
                        <interface>opt18</interface>
2801
                        <descr/>
2802
                        <type>single</type>
2803
                        <subnet_bits>24</subnet_bits>
2804
                        <subnet>10.161.141.254</subnet>
2805
                </vip>
2806
                <vip>
2807
                        <mode>ipalias</mode>
2808
                        <interface>opt18</interface>
2809
                        <descr/>
2810
                        <type>single</type>
2811
                        <subnet_bits>24</subnet_bits>
2812
                        <subnet>10.161.201.14</subnet>
2813
                </vip>
2814
                <vip>
2815
                        <mode>ipalias</mode>
2816
                        <interface>opt18</interface>
2817
                        <descr/>
2818
                        <type>single</type>
2819
                        <subnet_bits>24</subnet_bits>
2820
                        <subnet>10.161.202.254</subnet>
2821
                </vip>
2822
                <vip>
2823
                        <mode>ipalias</mode>
2824
                        <interface>opt18</interface>
2825
                        <descr/>
2826
                        <type>single</type>
2827
                        <subnet_bits>24</subnet_bits>
2828
                        <subnet>10.161.203.254</subnet>
2829
                </vip>
2830
                <vip>
2831
                        <mode>ipalias</mode>
2832
                        <interface>opt18</interface>
2833
                        <descr/>
2834
                        <type>single</type>
2835
                        <subnet_bits>24</subnet_bits>
2836
                        <subnet>10.161.204.254</subnet>
2837
                </vip>
2838
                <vip>
2839
                        <mode>ipalias</mode>
2840
                        <interface>opt18</interface>
2841
                        <descr/>
2842
                        <type>single</type>
2843
                        <subnet_bits>24</subnet_bits>
2844
                        <subnet>10.161.205.14</subnet>
2845
                </vip>
2846
                <vip>
2847
                        <mode>ipalias</mode>
2848
                        <interface>opt18</interface>
2849
                        <descr/>
2850
                        <type>single</type>
2851
                        <subnet_bits>24</subnet_bits>
2852
                        <subnet>10.161.206.14</subnet>
2853
                </vip>
2854
                <vip>
2855
                        <mode>ipalias</mode>
2856
                        <interface>opt18</interface>
2857
                        <descr/>
2858
                        <type>single</type>
2859
                        <subnet_bits>24</subnet_bits>
2860
                        <subnet>10.161.207.14</subnet>
2861
                </vip>
2862
                <vip>
2863
                        <mode>ipalias</mode>
2864
                        <interface>opt18</interface>
2865
                        <descr/>
2866
                        <type>single</type>
2867
                        <subnet_bits>24</subnet_bits>
2868
                        <subnet>10.161.222.14</subnet>
2869
                </vip>
2870
                <vip>
2871
                        <mode>ipalias</mode>
2872
                        <interface>opt18</interface>
2873
                        <descr/>
2874
                        <type>single</type>
2875
                        <subnet_bits>24</subnet_bits>
2876
                        <subnet>10.161.223.254</subnet>
2877
                </vip>
2878
                <vip>
2879
                        <mode>ipalias</mode>
2880
                        <interface>opt18</interface>
2881
                        <descr/>
2882
                        <type>single</type>
2883
                        <subnet_bits>24</subnet_bits>
2884
                        <subnet>10.161.245.254</subnet>
2885
                </vip>
2886
                <vip>
2887
                        <mode>carp</mode>
2888
                        <interface>opt1</interface>
2889
                        <vhid>2</vhid>
2890
                        <advskew>200</advskew>
2891
                        <advbase>1</advbase>
2892
                        <password>*************</password>
2893
                        <descr><![CDATA[240_210]]></descr>
2894
                        <type>single</type>
2895
                        <subnet_bits>24</subnet_bits>
2896
                        <subnet>10.165.240.210</subnet>
2897
                </vip>
2898
                <vip>
2899
                        <mode>carp</mode>
2900
                        <interface>opt2</interface>
2901
                        <vhid>3</vhid>
2902
                        <advskew>200</advskew>
2903
                        <advbase>1</advbase>
2904
                        <password>*************</password>
2905
                        <descr/>
2906
                        <type>single</type>
2907
                        <subnet_bits>24</subnet_bits>
2908
                        <subnet>10.165.241.210</subnet>
2909
                </vip>
2910
                <vip>
2911
                        <mode>carp</mode>
2912
                        <interface>opt3</interface>
2913
                        <vhid>4</vhid>
2914
                        <advskew>200</advskew>
2915
                        <advbase>1</advbase>
2916
                        <password>*************</password>
2917
                        <descr/>
2918
                        <type>single</type>
2919
                        <subnet_bits>24</subnet_bits>
2920
                        <subnet>10.165.242.210</subnet>
2921
                </vip>
2922
                <vip>
2923
                        <mode>carp</mode>
2924
                        <interface>opt4</interface>
2925
                        <vhid>5</vhid>
2926
                        <advskew>200</advskew>
2927
                        <advbase>1</advbase>
2928
                        <password>*************</password>
2929
                        <descr/>
2930
                        <type>single</type>
2931
                        <subnet_bits>24</subnet_bits>
2932
                        <subnet>10.165.243.210</subnet>
2933
                </vip>
2934
                <vip>
2935
                        <mode>carp</mode>
2936
                        <interface>opt5</interface>
2937
                        <vhid>6</vhid>
2938
                        <advskew>200</advskew>
2939
                        <advbase>1</advbase>
2940
                        <password>*************</password>
2941
                        <descr/>
2942
                        <type>single</type>
2943
                        <subnet_bits>24</subnet_bits>
2944
                        <subnet>10.165.244.210</subnet>
2945
                </vip>
2946
                <vip>
2947
                        <mode>carp</mode>
2948
                        <interface>opt6</interface>
2949
                        <vhid>7</vhid>
2950
                        <advskew>200</advskew>
2951
                        <advbase>1</advbase>
2952
                        <password>*************</password>
2953
                        <descr/>
2954
                        <type>single</type>
2955
                        <subnet_bits>24</subnet_bits>
2956
                        <subnet>10.165.245.210</subnet>
2957
                </vip>
2958
                <vip>
2959
                        <mode>carp</mode>
2960
                        <interface>opt7</interface>
2961
                        <vhid>8</vhid>
2962
                        <advskew>200</advskew>
2963
                        <advbase>1</advbase>
2964
                        <password>*************</password>
2965
                        <descr/>
2966
                        <type>single</type>
2967
                        <subnet_bits>24</subnet_bits>
2968
                        <subnet>10.165.246.210</subnet>
2969
                </vip>
2970
                <vip>
2971
                        <mode>carp</mode>
2972
                        <interface>opt8</interface>
2973
                        <vhid>9</vhid>
2974
                        <advskew>200</advskew>
2975
                        <advbase>1</advbase>
2976
                        <password>*************</password>
2977
                        <descr/>
2978
                        <type>single</type>
2979
                        <subnet_bits>24</subnet_bits>
2980
                        <subnet>10.165.247.210</subnet>
2981
                </vip>
2982
                <vip>
2983
                        <mode>carp</mode>
2984
                        <interface>opt9</interface>
2985
                        <vhid>10</vhid>
2986
                        <advskew>200</advskew>
2987
                        <advbase>1</advbase>
2988
                        <password>*************</password>
2989
                        <descr/>
2990
                        <type>single</type>
2991
                        <subnet_bits>24</subnet_bits>
2992
                        <subnet>10.165.200.210</subnet>
2993
                </vip>
2994
                <vip>
2995
                        <mode>carp</mode>
2996
                        <interface>opt10</interface>
2997
                        <vhid>11</vhid>
2998
                        <advskew>200</advskew>
2999
                        <advbase>1</advbase>
3000
                        <password>*************</password>
3001
                        <descr/>
3002
                        <type>single</type>
3003
                        <subnet_bits>24</subnet_bits>
3004
                        <subnet>10.165.140.210</subnet>
3005
                </vip>
3006
                <vip>
3007
                        <mode>carp</mode>
3008
                        <interface>opt11</interface>
3009
                        <vhid>12</vhid>
3010
                        <advskew>200</advskew>
3011
                        <advbase>1</advbase>
3012
                        <password>*************</password>
3013
                        <descr/>
3014
                        <type>single</type>
3015
                        <subnet_bits>24</subnet_bits>
3016
                        <subnet>10.165.141.210</subnet>
3017
                </vip>
3018
                <vip>
3019
                        <mode>carp</mode>
3020
                        <interface>opt12</interface>
3021
                        <vhid>13</vhid>
3022
                        <advskew>200</advskew>
3023
                        <advbase>1</advbase>
3024
                        <password>*************</password>
3025
                        <descr/>
3026
                        <type>single</type>
3027
                        <subnet_bits>24</subnet_bits>
3028
                        <subnet>10.165.130.210</subnet>
3029
                </vip>
3030
                <vip>
3031
                        <mode>carp</mode>
3032
                        <interface>wan</interface>
3033
                        <vhid>14</vhid>
3034
                        <advskew>200</advskew>
3035
                        <advbase>1</advbase>
3036
                        <password>*************</password>
3037
                        <descr><![CDATA[ILO]]></descr>
3038
                        <type>single</type>
3039
                        <subnet_bits>24</subnet_bits>
3040
                        <subnet>10.165.128.254</subnet>
3041
                </vip>
3042
                <vip>
3043
                        <mode>carp</mode>
3044
                        <interface>opt14</interface>
3045
                        <vhid>15</vhid>
3046
                        <advskew>200</advskew>
3047
                        <advbase>1</advbase>
3048
                        <password>*************</password>
3049
                        <descr><![CDATA[Virtual Servers]]></descr>
3050
                        <type>single</type>
3051
                        <subnet_bits>24</subnet_bits>
3052
                        <subnet>10.165.223.210</subnet>
3053
                </vip>
3054
                <vip>
3055
                        <mode>carp</mode>
3056
                        <interface>opt17</interface>
3057
                        <vhid>17</vhid>
3058
                        <advskew>100</advskew>
3059
                        <advbase>1</advbase>
3060
                        <password>*************</password>
3061
                        <descr/>
3062
                        <type>single</type>
3063
                        <subnet_bits>26</subnet_bits>
3064
                        <subnet>10.161.135.65</subnet>
3065
                </vip>
3066
                <vip>
3067
                        <mode>carp</mode>
3068
                        <interface>opt17</interface>
3069
                        <vhid>18</vhid>
3070
                        <advskew>100</advskew>
3071
                        <advbase>1</advbase>
3072
                        <password>*************</password>
3073
                        <descr/>
3074
                        <type>single</type>
3075
                        <subnet_bits>26</subnet_bits>
3076
                        <subnet>10.161.135.129</subnet>
3077
                </vip>
3078
                <vip>
3079
                        <mode>carp</mode>
3080
                        <interface>opt17</interface>
3081
                        <vhid>19</vhid>
3082
                        <advskew>100</advskew>
3083
                        <advbase>1</advbase>
3084
                        <password>*************</password>
3085
                        <descr/>
3086
                        <type>single</type>
3087
                        <subnet_bits>26</subnet_bits>
3088
                        <subnet>10.161.135.193</subnet>
3089
                </vip>
3090
                <vip>
3091
                        <mode>carp</mode>
3092
                        <interface>opt17</interface>
3093
                        <vhid>20</vhid>
3094
                        <advskew>100</advskew>
3095
                        <advbase>1</advbase>
3096
                        <password>*************</password>
3097
                        <descr/>
3098
                        <type>single</type>
3099
                        <subnet_bits>26</subnet_bits>
3100
                        <subnet>10.161.135.1</subnet>
3101
                </vip>
3102
                <vip>
3103
                        <mode>carp</mode>
3104
                        <interface>opt16</interface>
3105
                        <vhid>21</vhid>
3106
                        <advskew>100</advskew>
3107
                        <advbase>1</advbase>
3108
                        <password>*************</password>
3109
                        <descr/>
3110
                        <type>single</type>
3111
                        <subnet_bits>27</subnet_bits>
3112
                        <subnet>10.161.134.1</subnet>
3113
                </vip>
3114
                <vip>
3115
                        <mode>carp</mode>
3116
                        <interface>opt16</interface>
3117
                        <vhid>22</vhid>
3118
                        <advskew>100</advskew>
3119
                        <advbase>1</advbase>
3120
                        <password>*************</password>
3121
                        <descr/>
3122
                        <type>single</type>
3123
                        <subnet_bits>27</subnet_bits>
3124
                        <subnet>10.161.134.33</subnet>
3125
                </vip>
3126
                <vip>
3127
                        <mode>carp</mode>
3128
                        <interface>opt16</interface>
3129
                        <vhid>23</vhid>
3130
                        <advskew>100</advskew>
3131
                        <advbase>1</advbase>
3132
                        <password>*************</password>
3133
                        <descr/>
3134
                        <type>single</type>
3135
                        <subnet_bits>27</subnet_bits>
3136
                        <subnet>10.161.134.65</subnet>
3137
                </vip>
3138
                <vip>
3139
                        <mode>carp</mode>
3140
                        <interface>opt16</interface>
3141
                        <vhid>24</vhid>
3142
                        <advskew>100</advskew>
3143
                        <advbase>1</advbase>
3144
                        <password>*************</password>
3145
                        <descr/>
3146
                        <type>single</type>
3147
                        <subnet_bits>27</subnet_bits>
3148
                        <subnet>10.161.134.97</subnet>
3149
                </vip>
3150
                <vip>
3151
                        <mode>carp</mode>
3152
                        <interface>opt16</interface>
3153
                        <vhid>25</vhid>
3154
                        <advskew>100</advskew>
3155
                        <advbase>1</advbase>
3156
                        <password>*************</password>
3157
                        <descr/>
3158
                        <type>single</type>
3159
                        <subnet_bits>27</subnet_bits>
3160
                        <subnet>10.161.134.129</subnet>
3161
                </vip>
3162
                <vip>
3163
                        <mode>carp</mode>
3164
                        <interface>opt16</interface>
3165
                        <vhid>26</vhid>
3166
                        <advskew>100</advskew>
3167
                        <advbase>1</advbase>
3168
                        <password>*************</password>
3169
                        <descr/>
3170
                        <type>single</type>
3171
                        <subnet_bits>27</subnet_bits>
3172
                        <subnet>10.161.134.161</subnet>
3173
                </vip>
3174
                <vip>
3175
                        <mode>carp</mode>
3176
                        <interface>opt16</interface>
3177
                        <vhid>27</vhid>
3178
                        <advskew>100</advskew>
3179
                        <advbase>1</advbase>
3180
                        <password>*************</password>
3181
                        <descr/>
3182
                        <type>single</type>
3183
                        <subnet_bits>27</subnet_bits>
3184
                        <subnet>10.161.134.193</subnet>
3185
                </vip>
3186
                <vip>
3187
                        <mode>carp</mode>
3188
                        <interface>opt16</interface>
3189
                        <vhid>28</vhid>
3190
                        <advskew>100</advskew>
3191
                        <advbase>1</advbase>
3192
                        <password>*************</password>
3193
                        <descr/>
3194
                        <type>single</type>
3195
                        <subnet_bits>27</subnet_bits>
3196
                        <subnet>10.161.134.225</subnet>
3197
                </vip>
3198
                <vip>
3199
                        <mode>carp</mode>
3200
                        <interface>opt15</interface>
3201
                        <vhid>29</vhid>
3202
                        <advskew>100</advskew>
3203
                        <advbase>1</advbase>
3204
                        <password>*************</password>
3205
                        <descr><![CDATA[165.142]]></descr>
3206
                        <type>single</type>
3207
                        <subnet_bits>24</subnet_bits>
3208
                        <subnet>10.165.142.210</subnet>
3209
                </vip>
3210
                <vip>
3211
                        <mode>carp</mode>
3212
                        <interface>opt13</interface>
3213
                        <vhid>30</vhid>
3214
                        <advskew>100</advskew>
3215
                        <advbase>1</advbase>
3216
                        <password>*************</password>
3217
                        <descr/>
3218
                        <type>single</type>
3219
                        <subnet_bits>24</subnet_bits>
3220
                        <subnet>10.161.60.245</subnet>
3221
                </vip>
3222
                <vip>
3223
                        <mode>carp</mode>
3224
                        <interface>opt13</interface>
3225
                        <vhid>31</vhid>
3226
                        <advskew>100</advskew>
3227
                        <advbase>1</advbase>
3228
                        <password>*************</password>
3229
                        <descr/>
3230
                        <type>single</type>
3231
                        <subnet_bits>24</subnet_bits>
3232
                        <subnet>10.161.61.245</subnet>
3233
                </vip>
3234
                <vip>
3235
                        <mode>carp</mode>
3236
                        <interface>opt13</interface>
3237
                        <vhid>32</vhid>
3238
                        <advskew>100</advskew>
3239
                        <advbase>1</advbase>
3240
                        <password>*************</password>
3241
                        <descr/>
3242
                        <type>single</type>
3243
                        <subnet_bits>24</subnet_bits>
3244
                        <subnet>10.161.62.245</subnet>
3245
                </vip>
3246
                <vip>
3247
                        <mode>carp</mode>
3248
                        <interface>opt13</interface>
3249
                        <vhid>33</vhid>
3250
                        <advskew>100</advskew>
3251
                        <advbase>1</advbase>
3252
                        <password>*************</password>
3253
                        <descr/>
3254
                        <type>single</type>
3255
                        <subnet_bits>24</subnet_bits>
3256
                        <subnet>10.161.63.245</subnet>
3257
                </vip>
3258
                <vip>
3259
                        <mode>carp</mode>
3260
                        <interface>opt13</interface>
3261
                        <vhid>34</vhid>
3262
                        <advskew>100</advskew>
3263
                        <advbase>1</advbase>
3264
                        <password>*************</password>
3265
                        <descr/>
3266
                        <type>single</type>
3267
                        <subnet_bits>24</subnet_bits>
3268
                        <subnet>10.161.64.245</subnet>
3269
                </vip>
3270
                <vip>
3271
                        <mode>carp</mode>
3272
                        <interface>opt13</interface>
3273
                        <vhid>35</vhid>
3274
                        <advskew>100</advskew>
3275
                        <advbase>1</advbase>
3276
                        <password>*************</password>
3277
                        <descr/>
3278
                        <type>single</type>
3279
                        <subnet_bits>24</subnet_bits>
3280
                        <subnet>10.161.70.245</subnet>
3281
                </vip>
3282
                <vip>
3283
                        <mode>carp</mode>
3284
                        <interface>opt18</interface>
3285
                        <vhid>37</vhid>
3286
                        <advskew>100</advskew>
3287
                        <advbase>1</advbase>
3288
                        <password>*************</password>
3289
                        <descr/>
3290
                        <type>single</type>
3291
                        <subnet_bits>24</subnet_bits>
3292
                        <subnet>10.161.111.210</subnet>
3293
                </vip>
3294
                <vip>
3295
                        <mode>carp</mode>
3296
                        <interface>opt18</interface>
3297
                        <vhid>38</vhid>
3298
                        <advskew>100</advskew>
3299
                        <advbase>1</advbase>
3300
                        <password>*************</password>
3301
                        <descr/>
3302
                        <type>single</type>
3303
                        <subnet_bits>24</subnet_bits>
3304
                        <subnet>10.161.125.210</subnet>
3305
                </vip>
3306
                <vip>
3307
                        <mode>carp</mode>
3308
                        <interface>opt18</interface>
3309
                        <vhid>39</vhid>
3310
                        <advskew>100</advskew>
3311
                        <advbase>1</advbase>
3312
                        <password>*************</password>
3313
                        <descr/>
3314
                        <type>single</type>
3315
                        <subnet_bits>24</subnet_bits>
3316
                        <subnet>10.161.133.210</subnet>
3317
                </vip>
3318
                <vip>
3319
                        <mode>carp</mode>
3320
                        <interface>opt18</interface>
3321
                        <vhid>40</vhid>
3322
                        <advskew>100</advskew>
3323
                        <advbase>1</advbase>
3324
                        <password>*************</password>
3325
                        <descr/>
3326
                        <type>single</type>
3327
                        <subnet_bits>24</subnet_bits>
3328
                        <subnet>10.161.134.210</subnet>
3329
                </vip>
3330
                <vip>
3331
                        <mode>carp</mode>
3332
                        <interface>opt18</interface>
3333
                        <vhid>41</vhid>
3334
                        <advskew>100</advskew>
3335
                        <advbase>1</advbase>
3336
                        <password>*************</password>
3337
                        <descr/>
3338
                        <type>single</type>
3339
                        <subnet_bits>24</subnet_bits>
3340
                        <subnet>10.161.135.210</subnet>
3341
                </vip>
3342
                <vip>
3343
                        <mode>carp</mode>
3344
                        <interface>opt18</interface>
3345
                        <vhid>42</vhid>
3346
                        <advskew>100</advskew>
3347
                        <advbase>1</advbase>
3348
                        <password>*************</password>
3349
                        <descr/>
3350
                        <type>single</type>
3351
                        <subnet_bits>24</subnet_bits>
3352
                        <subnet>10.161.141.210</subnet>
3353
                </vip>
3354
                <vip>
3355
                        <mode>carp</mode>
3356
                        <interface>opt18</interface>
3357
                        <vhid>43</vhid>
3358
                        <advskew>100</advskew>
3359
                        <advbase>1</advbase>
3360
                        <password>*************</password>
3361
                        <descr/>
3362
                        <type>single</type>
3363
                        <subnet_bits>24</subnet_bits>
3364
                        <subnet>10.161.201.210</subnet>
3365
                </vip>
3366
                <vip>
3367
                        <mode>carp</mode>
3368
                        <interface>opt18</interface>
3369
                        <vhid>44</vhid>
3370
                        <advskew>100</advskew>
3371
                        <advbase>1</advbase>
3372
                        <password>*************</password>
3373
                        <descr/>
3374
                        <type>single</type>
3375
                        <subnet_bits>24</subnet_bits>
3376
                        <subnet>10.161.202.210</subnet>
3377
                </vip>
3378
                <vip>
3379
                        <mode>carp</mode>
3380
                        <interface>opt18</interface>
3381
                        <vhid>45</vhid>
3382
                        <advskew>100</advskew>
3383
                        <advbase>1</advbase>
3384
                        <password>*************</password>
3385
                        <descr/>
3386
                        <type>single</type>
3387
                        <subnet_bits>24</subnet_bits>
3388
                        <subnet>10.161.203.210</subnet>
3389
                </vip>
3390
                <vip>
3391
                        <mode>carp</mode>
3392
                        <interface>opt18</interface>
3393
                        <vhid>46</vhid>
3394
                        <advskew>100</advskew>
3395
                        <advbase>1</advbase>
3396
                        <password>*************</password>
3397
                        <descr/>
3398
                        <type>single</type>
3399
                        <subnet_bits>24</subnet_bits>
3400
                        <subnet>10.161.204.210</subnet>
3401
                </vip>
3402
                <vip>
3403
                        <mode>carp</mode>
3404
                        <interface>opt18</interface>
3405
                        <vhid>47</vhid>
3406
                        <advskew>100</advskew>
3407
                        <advbase>1</advbase>
3408
                        <password>*************</password>
3409
                        <descr/>
3410
                        <type>single</type>
3411
                        <subnet_bits>24</subnet_bits>
3412
                        <subnet>10.161.205.210</subnet>
3413
                </vip>
3414
                <vip>
3415
                        <mode>carp</mode>
3416
                        <interface>opt18</interface>
3417
                        <vhid>48</vhid>
3418
                        <advskew>100</advskew>
3419
                        <advbase>1</advbase>
3420
                        <password>*************</password>
3421
                        <descr/>
3422
                        <type>single</type>
3423
                        <subnet_bits>24</subnet_bits>
3424
                        <subnet>10.161.206.210</subnet>
3425
                </vip>
3426
                <vip>
3427
                        <mode>carp</mode>
3428
                        <interface>opt18</interface>
3429
                        <vhid>49</vhid>
3430
                        <advskew>100</advskew>
3431
                        <advbase>1</advbase>
3432
                        <password>*************</password>
3433
                        <descr/>
3434
                        <type>single</type>
3435
                        <subnet_bits>24</subnet_bits>
3436
                        <subnet>10.161.207.210</subnet>
3437
                </vip>
3438
                <vip>
3439
                        <mode>carp</mode>
3440
                        <interface>opt18</interface>
3441
                        <vhid>50</vhid>
3442
                        <advskew>100</advskew>
3443
                        <advbase>1</advbase>
3444
                        <password>*************</password>
3445
                        <descr/>
3446
                        <type>single</type>
3447
                        <subnet_bits>24</subnet_bits>
3448
                        <subnet>10.161.222.210</subnet>
3449
                </vip>
3450
                <vip>
3451
                        <mode>carp</mode>
3452
                        <interface>opt18</interface>
3453
                        <vhid>51</vhid>
3454
                        <advskew>100</advskew>
3455
                        <advbase>1</advbase>
3456
                        <password>*************</password>
3457
                        <descr/>
3458
                        <type>single</type>
3459
                        <subnet_bits>24</subnet_bits>
3460
                        <subnet>10.161.223.210</subnet>
3461
                </vip>
3462
                <vip>
3463
                        <mode>carp</mode>
3464
                        <interface>opt18</interface>
3465
                        <vhid>52</vhid>
3466
                        <advskew>100</advskew>
3467
                        <advbase>1</advbase>
3468
                        <password>*************</password>
3469
                        <descr/>
3470
                        <type>single</type>
3471
                        <subnet_bits>24</subnet_bits>
3472
                        <subnet>10.161.245.210</subnet>
3473
                </vip>
3474
                <vip>
3475
                        <mode>carp</mode>
3476
                        <interface>opt18</interface>
3477
                        <vhid>53</vhid>
3478
                        <advskew>100</advskew>
3479
                        <advbase>1</advbase>
3480
                        <password>*************</password>
3481
                        <descr/>
3482
                        <type>single</type>
3483
                        <subnet_bits>24</subnet_bits>
3484
                        <subnet>10.161.20.210</subnet>
3485
                </vip>
3486
                <vip>
3487
                        <mode>carp</mode>
3488
                        <interface>opt18</interface>
3489
                        <vhid>54</vhid>
3490
                        <advskew>100</advskew>
3491
                        <advbase>1</advbase>
3492
                        <password>*************</password>
3493
                        <descr/>
3494
                        <type>single</type>
3495
                        <subnet_bits>24</subnet_bits>
3496
                        <subnet>10.161.124.210</subnet>
3497
                </vip>
3498
                <vip>
3499
                        <mode>carp</mode>
3500
                        <interface>opt19</interface>
3501
                        <vhid>55</vhid>
3502
                        <advskew>100</advskew>
3503
                        <advbase>1</advbase>
3504
                        <password>*************</password>
3505
                        <descr/>
3506
                        <type>single</type>
3507
                        <subnet_bits>24</subnet_bits>
3508
                        <subnet>10.165.143.210</subnet>
3509
                </vip>
3510
                <vip>
3511
                        <mode>carp</mode>
3512
                        <interface>opt20</interface>
3513
                        <vhid>56</vhid>
3514
                        <advskew>100</advskew>
3515
                        <advbase>1</advbase>
3516
                        <password>*************</password>
3517
                        <descr><![CDATA[165_144]]></descr>
3518
                        <type>single</type>
3519
                        <subnet_bits>24</subnet_bits>
3520
                        <subnet>10.165.144.210</subnet>
3521
                </vip>
3522
                <vip>
3523
                        <mode>carp</mode>
3524
                        <interface>opt21</interface>
3525
                        <vhid>57</vhid>
3526
                        <advskew>100</advskew>
3527
                        <advbase>1</advbase>
3528
                        <password>*************</password>
3529
                        <descr/>
3530
                        <type>single</type>
3531
                        <subnet_bits>24</subnet_bits>
3532
                        <subnet>10.165.145.210</subnet>
3533
                </vip>
3534
                <vip>
3535
                        <mode>carp</mode>
3536
                        <interface>opt22</interface>
3537
                        <vhid>58</vhid>
3538
                        <advskew>100</advskew>
3539
                        <advbase>1</advbase>
3540
                        <password>*************</password>
3541
                        <descr/>
3542
                        <type>single</type>
3543
                        <subnet_bits>24</subnet_bits>
3544
                        <subnet>10.165.146.210</subnet>
3545
                </vip>
3546
        </virtualip>
3547
        <vlans>
3548
                <vlan>
3549
                        <if>lagg0</if>
3550
                        <tag>640</tag>
3551
                        <descr><![CDATA[165.240]]></descr>
3552
                        <vlanif>lagg0_vlan640</vlanif>
3553
                </vlan>
3554
                <vlan>
3555
                        <if>lagg0</if>
3556
                        <tag>641</tag>
3557
                        <descr><![CDATA[165.241]]></descr>
3558
                        <vlanif>lagg0_vlan641</vlanif>
3559
                </vlan>
3560
                <vlan>
3561
                        <if>lagg0</if>
3562
                        <tag>642</tag>
3563
                        <descr><![CDATA[165.242]]></descr>
3564
                        <vlanif>lagg0_vlan642</vlanif>
3565
                </vlan>
3566
                <vlan>
3567
                        <if>lagg0</if>
3568
                        <tag>643</tag>
3569
                        <descr><![CDATA[165.243]]></descr>
3570
                        <vlanif>lagg0_vlan643</vlanif>
3571
                </vlan>
3572
                <vlan>
3573
                        <if>lagg0</if>
3574
                        <tag>644</tag>
3575
                        <descr><![CDATA[165.244]]></descr>
3576
                        <vlanif>lagg0_vlan644</vlanif>
3577
                </vlan>
3578
                <vlan>
3579
                        <if>lagg0</if>
3580
                        <tag>645</tag>
3581
                        <descr><![CDATA[165.245]]></descr>
3582
                        <vlanif>lagg0_vlan645</vlanif>
3583
                </vlan>
3584
                <vlan>
3585
                        <if>lagg0</if>
3586
                        <tag>646</tag>
3587
                        <descr><![CDATA[165.246]]></descr>
3588
                        <vlanif>lagg0_vlan646</vlanif>
3589
                </vlan>
3590
                <vlan>
3591
                        <if>lagg0</if>
3592
                        <tag>647</tag>
3593
                        <descr><![CDATA[165.247]]></descr>
3594
                        <vlanif>lagg0_vlan647</vlanif>
3595
                </vlan>
3596
                <vlan>
3597
                        <if>lagg0</if>
3598
                        <tag>600</tag>
3599
                        <descr><![CDATA[165.200]]></descr>
3600
                        <vlanif>lagg0_vlan600</vlanif>
3601
                </vlan>
3602
                <vlan>
3603
                        <if>lagg0</if>
3604
                        <tag>540</tag>
3605
                        <descr><![CDATA[165.140]]></descr>
3606
                        <vlanif>lagg0_vlan540</vlanif>
3607
                </vlan>
3608
                <vlan>
3609
                        <if>lagg0</if>
3610
                        <tag>541</tag>
3611
                        <descr><![CDATA[165.141]]></descr>
3612
                        <vlanif>lagg0_vlan541</vlanif>
3613
                </vlan>
3614
                <vlan>
3615
                        <if>lagg0</if>
3616
                        <tag>530</tag>
3617
                        <descr><![CDATA[165.130]]></descr>
3618
                        <vlanif>lagg0_vlan530</vlanif>
3619
                </vlan>
3620
                <vlan>
3621
                        <if>lagg0</if>
3622
                        <tag>623</tag>
3623
                        <descr><![CDATA[165.223]]></descr>
3624
                        <vlanif>lagg0_vlan623</vlanif>
3625
                </vlan>
3626
                <vlan>
3627
                        <if>lagg0</if>
3628
                        <tag>134</tag>
3629
                        <descr><![CDATA[161.134]]></descr>
3630
                        <vlanif>lagg0_vlan134</vlanif>
3631
                </vlan>
3632
                <vlan>
3633
                        <if>lagg0</if>
3634
                        <tag>135</tag>
3635
                        <descr><![CDATA[161.135]]></descr>
3636
                        <vlanif>lagg0_vlan135</vlanif>
3637
                </vlan>
3638
                <vlan>
3639
                        <if>lagg0</if>
3640
                        <tag>542</tag>
3641
                        <descr><![CDATA[165.142]]></descr>
3642
                        <vlanif>lagg0_vlan542</vlanif>
3643
                </vlan>
3644
                <vlan>
3645
                        <if>lagg0</if>
3646
                        <tag>60</tag>
3647
                        <descr><![CDATA[Floor2]]></descr>
3648
                        <vlanif>lagg0_vlan60</vlanif>
3649
                </vlan>
3650
                <vlan>
3651
                        <if>lagg0</if>
3652
                        <tag>20</tag>
3653
                        <descr><![CDATA[OLD VLAN20]]></descr>
3654
                        <vlanif>lagg0_vlan20</vlanif>
3655
                </vlan>
3656
                <vlan>
3657
                        <if>lagg0</if>
3658
                        <tag>543</tag>
3659
                        <descr><![CDATA[165_143]]></descr>
3660
                        <vlanif>lagg0_vlan543</vlanif>
3661
                </vlan>
3662
                <vlan>
3663
                        <if>lagg0</if>
3664
                        <tag>544</tag>
3665
                        <descr><![CDATA[165_144]]></descr>
3666
                        <vlanif>lagg0_vlan544</vlanif>
3667
                </vlan>
3668
                <vlan>
3669
                        <if>lagg0</if>
3670
                        <tag>545</tag>
3671
                        <descr><![CDATA[165_145]]></descr>
3672
                        <vlanif>lagg0_vlan545</vlanif>
3673
                </vlan>
3674
                <vlan>
3675
                        <if>lagg0</if>
3676
                        <tag>546</tag>
3677
                        <descr><![CDATA[165_146]]></descr>
3678
                        <vlanif>lagg0_vlan546</vlanif>
3679
                </vlan>
3680
        </vlans>
3681
        <ifgroups>
3682
                <ifgroupentry>
3683
                        <members>opt1 opt2 opt4 opt6 opt7</members>
3684
                        <descr/>
3685
                        <ifname>ADomains</ifname>
3686
                </ifgroupentry>
3687
                <ifgroupentry>
3688
                        <members>opt3 opt5 opt8</members>
3689
                        <descr/>
3690
                        <ifname>Desktops</ifname>
3691
                </ifgroupentry>
3692
                <ifgroupentry>
3693
                        <members>opt2 opt4 opt7</members>
3694
                        <descr/>
3695
                        <ifname>Recorders</ifname>
3696
                </ifgroupentry>
3697
                <ifgroupentry>
3698
                        <members>opt6</members>
3699
                        <descr/>
3700
                        <ifname>DataCenter</ifname>
3701
                </ifgroupentry>
3702
        </ifgroups>
3703
        <notifications>
3704
                <growl>
3705
                        <ipaddress>admin</ipaddress>
3706
                        <password>*************</password>
3707
                        <name>PHP-Growl</name>
3708
                        <notification_name>pfSense growl alert</notification_name>
3709
                        <disable/>
3710
                </growl>
3711
                <smtp>
3712
                        <ipaddress>****************************</ipaddress>
3713
                        <port>25</port>
3714
                        <ssl>unchecked</ssl>
3715
                        <notifyemailaddress>***********************</notifyemailaddress>
3716
                        <username/>
3717
                        <password/>
3718
                        <fromaddress>***********************</fromaddress>
3719
                </smtp>
3720
        </notifications>
3721
        <ntpd>
3722
                <interface>wan,lan,opt1,opt2,opt3,opt4,opt5,opt6,opt7,opt8,opt9,opt10,opt11,opt12,opt13,opt14,opt15,opt16,opt17,opt18</interface>
3723
        </ntpd>
3724
        <hasync>
3725
                <pfsyncenabled>on</pfsyncenabled>
3726
                <pfsyncinterface>lan</pfsyncinterface>
3727
                <pfsyncpeerip/>
3728
                <synchronizetoip/>
3729
                <username>admin</username>
3730
                <password>*************</password>
3731
        </hasync>
3732
        <dhcpdv6/>
3733
</pfsense>