Project

General

Profile

Download (17 KB) Statistics
| Branch: | Tag: | Revision:
1
<?xml version="1.0"?>
2
<!-- pfSense default system configuration -->
3
<pfsense>
4
	<version>5.8</version>
5
	<lastchange></lastchange>
6
	<theme>pfsense_ng</theme>
7
	<sysctl>
8
		<item>
9
			<desc>Set the ephemeral port range to be lower.</desc>
10
			<tunable>net.inet.ip.portrange.first</tunable>
11
			<value>1024</value>
12
		</item>
13
		<item>
14
			<desc>Drop packets to closed TCP ports without returning a RST</desc>
15
			<tunable>net.inet.tcp.blackhole</tunable>
16
			<value>2</value>
17
		</item>
18
		<item>
19
			<desc>Do not send ICMP port unreachable messages for closed UDP ports</desc>
20
			<tunable>net.inet.udp.blackhole</tunable>
21
			<value>1</value>
22
		</item>
23
		<item>
24
			<desc>Randomize the ID field in IP packets (default is 0: sequential IP IDs)</desc>
25
			<tunable>net.inet.ip.random_id</tunable>
26
			<value>1</value>
27
		</item>
28
		<item>
29
			<desc>Drop SYN-FIN packets (breaks RFC1379, but nobody uses it anyway)</desc>
30
			<tunable>net.inet.tcp.drop_synfin</tunable>
31
			<value>1</value>
32
		</item>
33
		<item>
34
			<desc>Enable sending IPv4 redirects</desc>
35
			<tunable>net.inet.ip.redirect</tunable>
36
			<value>1</value>
37
		</item>
38
		<item>
39
			<desc>Enable sending IPv6 redirects</desc>
40
			<tunable>net.inet6.ip6.redirect</tunable>
41
			<value>1</value>
42
		</item>
43
		<item>
44
			<desc>Generate SYN cookies for outbound SYN-ACK packets</desc>
45
			<tunable>net.inet.tcp.syncookies</tunable>
46
			<value>1</value>
47
		</item>
48
		<item>
49
			<desc>Maximum incoming/outgoing TCP datagram size (receive)</desc>
50
			<tunable>net.inet.tcp.recvspace</tunable>
51
			<value>65228</value>
52
		</item>
53
		<item>
54
			<desc>Maximum incoming/outgoing TCP datagram size (send)</desc>
55
			<tunable>net.inet.tcp.sendspace</tunable>
56
			<value>65228</value>
57
		</item>
58
		<item>
59
			<desc>IP Fastforwarding</desc>
60
			<tunable>net.inet.ip.fastforwarding</tunable>
61
			<value>1</value>
62
		</item>
63
		<item>
64
			<desc>Do not delay ACK to try and piggyback it onto a data packet</desc>
65
			<tunable>net.inet.tcp.delayed_ack</tunable>
66
			<value>0</value>
67
		</item>
68
		<item>
69
			<desc>Maximum outgoing UDP datagram size</desc>
70
			<tunable>net.inet.udp.maxdgram</tunable>
71
			<value>57344</value>
72
		</item>
73
		<item>
74
			<desc>Handling of non-IP packets which are not passed to pfil (see if_bridge(4))</desc>
75
			<tunable>net.link.bridge.pfil_onlyip</tunable>
76
			<value>0</value>
77
		</item>
78
		<item>
79
		        <desc>Set to 0 to disable filtering on the incoming and outgoing member interfaces.</desc>
80
		        <tunable>net.link.bridge.pfil_member</tunable>
81
		        <value>1</value>
82
		</item>
83
		<item>
84
		        <desc>Set to 1 to enable filtering on the bridge interface</desc>
85
		        <tunable>net.link.bridge.pfil_bridge</tunable>
86
		        <value>0</value>
87
		</item>
88
		<item>
89
			<desc>Allow unprivileged access to tap(4) device nodes</desc>
90
			<tunable>net.link.tap.user_open</tunable>
91
			<value>1</value>
92
		</item>
93
		<item>
94
			<desc>Verbosity of the rndtest driver (0: do not display results on console)</desc>
95
			<tunable>kern.rndtest.verbose</tunable>
96
			<value>0</value>
97
		</item>
98
		<item>
99
			<desc>Randomize PID's (see src/sys/kern/kern_fork.c: sysctl_kern_randompid())</desc>
100
			<tunable>kern.randompid</tunable>
101
			<value>347</value>
102
		</item>
103
		<item>
104
			<desc>Maximum size of the IP input queue</desc>
105
			<tunable>net.inet.ip.intr_queue_maxlen</tunable>
106
			<value>1000</value>
107
		</item>
108
		<item>
109
			<desc>Disable CTRL+ALT+Delete reboot from keyboard.</desc>
110
			<tunable>hw.syscons.kbd_reboot</tunable>
111
			<value>0</value>
112
		</item>
113
		<item>
114
			<desc>Enable TCP Inflight mode</desc>
115
			<tunable>net.inet.tcp.inflight.enable</tunable>
116
			<value>1</value>
117
		</item>
118
		<item>
119
			<desc>Enable TCP extended debugging</desc>
120
			<tunable>net.inet.tcp.log_debug</tunable>
121
			<value>0</value>
122
		</item>
123
		<item>
124
			<desc>Set ICMP Limits</desc>
125
			<tunable>net.inet.icmp.icmplim</tunable>
126
			<value>750</value>
127
		</item>
128
		<item>
129
			<desc>TCP Offload Engine</desc>
130
			<tunable>net.inet.tcp.tso</tunable>
131
			<value>0</value>
132
		</item>
133
		<item>
134
			<desc>TCP Offload Engine - BCE</desc>
135
			<tunable>hw.bce.tso_enable</tunable>
136
			<value>0</value>
137
		</item>
138
	</sysctl>
139
	<system>
140
		<optimization>normal</optimization>
141
		<hostname>pfSense</hostname>
142
		<domain>local</domain>
143
		<dnsserver></dnsserver>
144
		<dnsallowoverride/>
145
		<group>
146
			<name>all</name>
147
			<description>All Users</description>
148
			<scope>system</scope>
149
			<gid>1998</gid>
150
			<member>0</member>
151
		</group>
152
		<group>
153
			<name>admins</name>
154
			<description>System Administrators</description>
155
			<scope>system</scope>
156
			<gid>1999</gid>
157
			<member>0</member>
158
			<priv>page-all</priv>
159
		</group>
160
		<user>
161
			<name>admin</name>
162
			<fullname>System Administrator</fullname>
163
			<scope>system</scope>
164
			<groupname>admins</groupname>
165
			<password>$1$dSJImFph$GvZ7.1UbuWu.Yb8etC0re.</password>
166
			<uid>0</uid>
167
			<priv>user-shell-access</priv>
168
		</user>
169
		<nextuid>2000</nextuid>
170
		<nextgid>2000</nextgid>
171
		<timezone>Etc/UTC</timezone>
172
		<time-update-interval>300</time-update-interval>
173
		<timeservers>0.pfsense.pool.ntp.org</timeservers>
174
		<webgui>
175
			<protocol>http</protocol>
176
			<!--
177
			<port></port>
178
			<certificate></certificate>
179
			<private-key></private-key>
180
			<noassigninterfaces/>
181
			<expanddiags/>
182
			<noantilockout></noantilockout>
183
			-->
184
		</webgui>
185
                <disablenatreflection>yes</disablenatreflection>
186
		<!-- <disableconsolemenu/> -->
187
		<!-- <disablefirmwarecheck/> -->
188
		<!-- <shellcmd></shellcmd> -->
189
		<!-- <earlyshellcmd></earlyshellcmd> -->
190
		<!-- <harddiskstandby></harddiskstandby> -->
191
	</system>
192
	<interfaces>
193
		<wan>
194
			<if>vr1</if>
195
			<mtu></mtu>
196
			<ipaddr>dhcp</ipaddr>
197
			<!-- *or* ipv4-address *or* 'pppoe' *or* 'pptp' *or* 'bigpond' -->
198
			<subnet></subnet>
199
			<gateway></gateway>
200
			<blockpriv/>
201
			<blockbogons/>
202
			<dhcphostname></dhcphostname>
203
			<media></media>
204
			<mediaopt></mediaopt>
205
			<bandwidth>100</bandwidth>
206
			<bandwidthtype>Mb</bandwidthtype>
207
			<!--
208
			<wireless>
209
				*see below (opt[n])*
210
			</wireless>
211
			-->
212
		</wan>
213
		<lan>
214
			<if>vr0</if>
215
			<ipaddr>192.168.1.1</ipaddr>
216
			<subnet>24</subnet>
217
			<media></media>
218
			<mediaopt></mediaopt>
219
			<bandwidth>100</bandwidth>
220
			<bandwidthtype>Mb</bandwidthtype>
221
			<!--
222
			<wireless>
223
				*see below (opt[n])*
224
			</wireless>
225
			-->
226
		</lan>
227
		<!--
228
		<opt[n]>
229
			<enable/>
230
			<descr></descr>
231
			<if></if>
232
			<ipaddr></ipaddr>
233
			<subnet></subnet>
234
			<media></media>
235
			<mediaopt></mediaopt>
236
			<bridge>lan|wan|opt[n]</bridge>
237
			<wireless>
238
				<mode>hostap *or* bss *or* ibss</mode>
239
				<ssid></ssid>
240
				<channel></channel>
241
				<wep>
242
					<enable/>
243
					<key>
244
						<txkey/>
245
						<value></value>
246
					</key>
247
				</wep>
248
			</wireless>
249
		</opt[n]>
250
		-->
251
	</interfaces>
252
	<!--
253
	<vlans>
254
		<vlan>
255
			<tag></tag>
256
			<if></if>
257
			<descr></descr>
258
		</vlan>
259
	</vlans>
260
	-->
261
	<staticroutes>
262
		<!--
263
		<route>
264
			<interface>lan|opt[n]|pptp</interface>
265
			<network>xxx.xxx.xxx.xxx/xx</network>
266
			<gateway>xxx.xxx.xxx.xxx</gateway>
267
			<descr></descr>
268
		</route>
269
		-->
270
	</staticroutes>
271
	<pppoe>
272
		<username></username>
273
		<password></password>
274
		<provider></provider>
275
		<!--
276
		<ondemand/>
277
		<timeout></timeout>
278
		-->
279
	</pppoe>
280
	<pptp>
281
		<username></username>
282
		<password></password>
283
		<local></local>
284
		<subnet></subnet>
285
		<remote></remote>
286
		<!--
287
		<ondemand/>
288
		<timeout></timeout>
289
		-->
290
	</pptp>
291
	<dhcpd>
292
		<lan>
293
			<enable/>
294
			<range>
295
				<from>192.168.1.100</from>
296
				<to>192.168.1.199</to>
297
			</range>
298
			<!--
299
			<winsserver>xxx.xxx.xxx.xxx</winsserver>
300
			<defaultleasetime></defaultleasetime>
301
			<maxleasetime></maxleasetime>
302
			<gateway>xxx.xxx.xxx.xxx</gateway>
303
			<domain></domain>
304
			<dnsserver></dnsserver>
305
			<ntpserver>xxx.xxx.xxx.xxx</ntpserver>
306
			<next-server></next-server>
307
			<filename></filename>
308
			-->
309
		</lan>
310
		<!--
311
		<opt[n]>
312
			...
313
		</opt[n]>
314
		-->
315
		<!--
316
		<staticmap>
317
			<mac>xx:xx:xx:xx:xx:xx</mac>
318
			<ipaddr>xxx.xxx.xxx.xxx</ipaddr>
319
			<descr></descr>
320
		</staticmap>
321
		-->
322
	</dhcpd>
323
	<pptpd>
324
		<mode><!-- off *or* server *or* redir --></mode>
325
		<redir></redir>
326
		<localip></localip>
327
		<remoteip></remoteip>
328
		<!-- <accounting/> -->
329
		<!--
330
		<user>
331
			<name></name>
332
			<password></password>
333
		</user>
334
		-->
335
	</pptpd>
336
	<ovpn>
337
		<!--
338
		<server>
339
			<enable/>
340
			<ca_cert></ca_cert>
341
			<srv_cert></srv_cert>
342
			<srv_key></srv_key>
343
			<dh_param></dh_param>
344
			<verb></verb>
345
			<tun_iface></tun_iface>
346
			<port></port>
347
			<bind_iface></bind_iface>
348
			<cli2cli/>
349
			<maxcli></maxcli>
350
			<prefix></prefix>
351
			<ipblock></ipblock>
352
			<crypto></crypto>
353
			<dupcn/>
354
			<psh_options>
355
				<redir></redir>
356
				<redir_loc></redir_loc>
357
				<rte_delay></rte_delay>
358
				<ping></ping>
359
				<pingrst></pingrst>
360
				<pingexit></pingexit>
361
				<inact></inact>
362
			</psh_options>
363
		</server>
364
		<client>
365
			<tunnel></tunnel>
366
			<ca_cert></ca_cert>
367
			<cli_cert></cli_cert>
368
			<cli_key></cli_key>
369
			<type></type>
370
			<tunnel>
371
				<if></if>
372
				<proto></proto>
373
				<cport></cport>
374
				<saddr></saddr>
375
				<sport></sport>
376
				<crypto></crypto>
377
			</tunnel>
378
		</client>
379
		-->
380
	</ovpn>
381
	<dnsmasq>
382
		<enable/>
383
		<!--
384
		<hosts>
385
			<host></host>
386
			<domain></domain>
387
			<ip></ip>
388
			<descr></descr>
389
		</hosts>
390
		-->
391
	</dnsmasq>
392
	<snmpd>
393
		<!-- <enable/> -->
394
		<syslocation></syslocation>
395
		<syscontact></syscontact>
396
		<rocommunity>public</rocommunity>
397
	</snmpd>
398
	<diag>
399
		<ipv6nat>
400
			<!-- <enable/> -->
401
			<ipaddr></ipaddr>
402
		</ipv6nat>
403
	</diag>
404
	<bridge>
405
		<!-- <filteringbridge/> -->
406
	</bridge>
407
	<syslog>
408
		<!--
409
		<reverse/>
410
		<enable/>
411
		<remoteserver>xxx.xxx.xxx.xxx</remoteserver>
412
		<filter/>
413
		<dhcp/>
414
		<system/>
415
		<nologdefaultblock/>
416
		-->
417
	</syslog>
418
	<!--
419
	<captiveportal>
420
		<enable/>
421
		<interface>lan|opt[n]</interface>
422
		<idletimeout>minutes</idletimeout>
423
		<timeout>minutes</timeout>
424
		<page>
425
			<htmltext></htmltext>
426
			<errtext></errtext>
427
		</page>
428
		<httpslogin/>
429
		<httpsname></httpsname>
430
		<certificate></certificate>
431
		<private-key></private-key>
432
		<redirurl></redirurl>
433
		<radiusip></radiusip>
434
		<radiusport></radiusport>
435
		<radiuskey></radiuskey>
436
		<nomacfilter/>
437
	</captiveportal>
438
	-->
439
	<nat>
440
		<ipsecpassthru>
441
			<enable/>
442
		</ipsecpassthru>
443
		<!--
444
		<rule>
445
			<interface></interface>
446
			<external-address></external-address>
447
			<protocol></protocol>
448
			<external-port></external-port>
449
			<target></target>
450
			<local-port></local-port>
451
			<descr></descr>
452
			<associated-filter-rule-id></associated-filter-rule-id>
453
		</rule>
454
		-->
455
		<!--
456
		<onetoone>
457
			<interface></interface>
458
			<external>xxx.xxx.xxx.xxx</external>
459
			<internal>xxx.xxx.xxx.xxx</internal>
460
			<subnet></subnet>
461
			<descr></descr>
462
		</onetoone>
463
		-->
464
		<!--
465
		<advancedoutbound>
466
			<enable/>
467
			<rule>
468
				<interface></interface>
469
				<source>
470
					<network>xxx.xxx.xxx.xxx/xx</network>
471
				</source>
472
				<destination>
473
					<not/>
474
					<any/>
475
					*or*
476
					<network>xxx.xxx.xxx.xxx/xx</network>
477
				</destination>
478
				<target>xxx.xxx.xxx.xxx</target>
479
				<descr></descr>
480
			</rule>
481
		</advancedoutbound>
482
		-->
483
		<!--
484
		<servernat>
485
			<ipaddr></ipaddr>
486
			<descr></descr>
487
		</servernat>
488
		-->
489
	</nat>
490
	<filter>
491
		<!-- <tcpidletimeout></tcpidletimeout> -->
492
		<rule>
493
			<type>pass</type>
494
			<descr>Default allow LAN to any rule</descr>
495
			<interface>lan</interface>
496
			<source>
497
				<network>lan</network>
498
			</source>
499
			<destination>
500
				<any/>
501
			</destination>
502
		</rule>
503
		<!-- rule syntax:
504
		<rule>
505
			<disabled/>
506
			<id>[0-9]*</id>
507
			<type>pass|block|reject</type>
508
			<descr>...</descr>
509
			<interface>lan|opt[n]|wan|pptp</interface>
510
			<protocol>tcp|udp|tcp/udp|...</protocol>
511
			<icmptype></icmptype>
512
			<source>
513
				<not/>
514

    
515
				<address>xxx.xxx.xxx.xxx(/xx) or alias</address>
516
				*or*
517
				<network>lan|opt[n]|pptp</network>
518
				*or*
519
				<any/>
520

    
521
				<port>a[-b]</port>
522
			</source>
523
			<destination>
524
				*same as for source*
525
			</destination>
526
			<frags/>
527
			<log/>
528
		</rule>
529
		-->
530
	</filter>
531
	<shaper>
532
		<!-- <enable/> -->
533
		<!-- <schedulertype>hfsc</schedulertype> -->
534
		<!-- rule syntax:
535
		<rule>
536
			<disabled/>
537
			<descr></descr>
538

    
539
			<targetpipe>number (zero based)</targetpipe>
540
			*or*
541
			<targetqueue>number (zero based)</targetqueue>
542

    
543
			<interface>lan|wan|opt[n]|pptp</interface>
544
			<protocol>tcp|udp</protocol>
545
			<direction>in|out</direction>
546
			<source>
547
				<not/>
548

    
549
				<address>xxx.xxx.xxx.xxx(/xx)</address>
550
				*or*
551
				<network>lan|opt[n]|pptp</network>
552
				*or*
553
				<any/>
554

    
555
				<port>a[-b]</port>
556
			</source>
557
			<destination>
558
				*same as for source*
559
			</destination>
560

    
561
			<iplen>from[-to]</iplen>
562
			<iptos>(!)lowdelay,throughput,reliability,mincost,congestion</iptos>
563
			<tcpflags>(!)fin,syn,rst,psh,ack,urg</tcpflags>
564
		</rule>
565
		<pipe>
566
			<descr></descr>
567
			<bandwidth></bandwidth>
568
			<delay></delay>
569
			<mask>source|destination</mask>
570
		</pipe>
571
		<queue>
572
			<descr></descr>
573
			<targetpipe>number (zero based)</targetpipe>
574
			<weight></weight>
575
			<mask>source|destination</mask>
576
		</queue>
577
		-->
578
	</shaper>
579
	<ipsec>
580
                <preferredoldsa/>
581
		<!-- <enable/> -->
582
		<!-- syntax:
583
		<tunnel>
584
			<disabled/>
585
			<auto/>
586
			<descr></descr>
587
			<interface>lan|wan|opt[n]</interface>
588
			<local-subnet>
589
				<address>xxx.xxx.xxx.xxx(/xx)</address>
590
				*or*
591
				<network>lan|opt[n]</network>
592
			</local-subnet>
593
			<remote-subnet>xxx.xxx.xxx.xxx/xx</remote-subnet>
594
			<remote-gateway></remote-gateway>
595
			<p1>
596
				<mode></mode>
597
				<myident>
598
					<myaddress/>
599
					*or*
600
					<address>xxx.xxx.xxx.xxx</address>
601
					*or*
602
					<fqdn>the.fq.dn</fqdn>
603
				</myident>
604
				<encryption-algorithm></encryption-algorithm>
605
				<hash-algorithm></hash-algorithm>
606
				<dhgroup></dhgroup>
607
				<lifetime></lifetime>
608
				<pre-shared-key></pre-shared-key>
609
			</p1>
610
			<p2>
611
				<protocol></protocol>
612
				<encryption-algorithm-option></encryption-algorithm-option>
613
				<hash-algorithm-option></hash-algorithm-option>
614
				<pfsgroup></pfsgroup>
615
				<lifetime></lifetime>
616
			</p2>
617
		</tunnel>
618
		<mobileclients>
619
			<enable/>
620
			<p1>
621
				<mode></mode>
622
				<myident>
623
					<myaddress/>
624
					*or*
625
					<address>xxx.xxx.xxx.xxx</address>
626
					*or*
627
					<fqdn>the.fq.dn</fqdn>
628
				</myident>
629
				<encryption-algorithm></encryption-algorithm>
630
				<hash-algorithm></hash-algorithm>
631
				<dhgroup></dhgroup>
632
				<lifetime></lifetime>
633
			</p1>
634
			<p2>
635
				<protocol></protocol>
636
				<encryption-algorithm-option></encryption-algorithm-option>
637
				<hash-algorithm-option></hash-algorithm-option>
638
				<pfsgroup></pfsgroup>
639
				<lifetime></lifetime>
640
			</p2>
641
		</mobileclients>
642
		<mobilekey>
643
			<ident></ident>
644
			<pre-shared-key></pre-shared-key>
645
		</mobilekey>
646
		-->
647
	</ipsec>
648
	<aliases>
649
		<!--
650
		<alias>
651
			<name></name>
652
			<address>xxx.xxx.xxx.xxx(/xx)</address>
653
			<descr></descr>
654
		</alias>
655
		-->
656
	</aliases>
657
	<proxyarp>
658
		<!--
659
		<proxyarpnet>
660
			<network>xxx.xxx.xxx.xxx/xx</network>
661
			*or*
662
			<range>
663
				<from>xxx.xxx.xxx.xxx</from>
664
				<to>xxx.xxx.xxx.xxx</to>
665
			</range>
666
		</proxyarpnet>
667
		-->
668
	</proxyarp>
669
	<cron>
670
		<item>
671
			<minute>0</minute>
672
			<hour>*</hour>
673
			<mday>*</mday>
674
			<month>*</month>
675
			<wday>*</wday>
676
			<who>root</who>
677
			<command>/usr/bin/nice -n20 newsyslog</command>
678
		</item>
679
		<item>
680
			<minute>1,31</minute>
681
			<hour>0-5</hour>
682
			<mday>*</mday>
683
			<month>*</month>
684
			<wday>*</wday>
685
			<who>root</who>
686
			<command>/usr/bin/nice -n20 adjkerntz -a</command>
687
		</item>
688
		<item>
689
			<minute>1</minute>
690
			<hour>3</hour>
691
			<mday>1</mday>
692
			<month>*</month>
693
			<wday>*</wday>
694
			<who>root</who>
695
			<command>/usr/bin/nice -n20 /etc/rc.update_bogons.sh</command>
696
		</item>
697
		<item>
698
			<minute>*/60</minute>
699
			<hour>*</hour>
700
			<mday>*</mday>
701
			<month>*</month>
702
			<wday>*</wday>
703
			<who>root</who>
704
			<command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 sshlockout</command>
705
		</item>
706
		<item>
707
			<minute>1</minute>
708
			<hour>1</hour>
709
			<mday>*</mday>
710
			<month>*</month>
711
			<wday>*</wday>
712
			<who>root</who>
713
			<command>/usr/bin/nice -n20 /etc/rc.dyndns.update</command>
714
		</item>
715
		<item>
716
			<minute>*/60</minute>
717
			<hour>*</hour>
718
			<mday>*</mday>
719
			<month>*</month>
720
			<wday>*</wday>
721
			<who>root</who>
722
			<command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 virusprot</command>
723
		</item>
724
		<item>
725
			<minute>*/5</minute>
726
			<hour>*</hour>
727
			<mday>*</mday>
728
			<month>*</month>
729
			<wday>*</wday>
730
			<who>root</who>
731
			<command>/usr/bin/nice -n20 /usr/local/bin/checkreload.sh</command>
732
		</item>
733
		<item>
734
			<minute>*/5</minute>
735
			<hour>*</hour>
736
			<mday>*</mday>
737
			<month>*</month>
738
			<wday>*</wday>
739
			<who>root</who>
740
			<command>/usr/bin/nice -n20 /etc/ping_hosts.sh</command>
741
		</item>
742
	</cron>
743
	<wol>
744
		<!--
745
		<wolentry>
746
			<interface>lan|opt[n]</interface>
747
			<mac>xx:xx:xx:xx:xx:xx</mac>
748
			<descr></descr>
749
		</wolentry>
750
		-->
751
	</wol>
752
	<rrd>
753
		<enable/>
754
	</rrd>
755
	<load_balancer>
756
		<monitor_type>
757
			<name>ICMP</name>
758
			<type>icmp</type>
759
			<desc>ICMP</desc>
760
			<options>
761
			</options>
762
		</monitor_type>
763
		<monitor_type>
764
			<name>TCP</name>
765
			<type>tcp</type>
766
			<desc>Generic TCP</desc>
767
			<options>
768
			</options>
769
		</monitor_type>
770
		<monitor_type>
771
			<name>HTTP</name>
772
			<type>http</type>
773
			<desc>Generic HTTP</desc>
774
			<options>
775
				<path>/</path>
776
				<host/>
777
				<code>200</code>
778
			</options>
779
		</monitor_type>
780
		<monitor_type>
781
			<name>HTTPS</name>
782
			<type>https</type>
783
			<desc>Generic HTTPS</desc>
784
			<options>
785
				<path>/</path>
786
				<host/>
787
				<code>200</code>
788
			</options>
789
		</monitor_type>
790
		<monitor_type>
791
			<name>SMTP</name>
792
			<type>send</type>
793
			<desc>Generic SMTP</desc>
794
			<options>
795
				<send>EHLO nosuchhost</send>
796
				<expect>250-</expect>
797
			</options>
798
		</monitor_type>
799
	</load_balancer>
800
</pfsense>
    (1-1/1)