TRANSLATION RULES: no nat proto carp all nat-anchor "natearly/*" all nat-anchor "natrules/*" all nat on pppoe0 inet from 192.168.64.0/24 to any port = isakmp -> 214.123.45.67 static-port nat on pppoe0 inet from 192.168.64.0/24 to any -> 214.123.45.67 port 1024:65535 nat on pppoe0 inet from 172.16.23.0/24 to any -> 214.123.45.67 port 1024:65535 nat on pppoe0 inet from 10.7.4.0/24 to any -> 214.123.45.67 port 1024:65535 nat on lagg0.2222 inet from 192.168.64.0/24 to any -> (lagg0.2222) port 1024:65535 round-robin nat on re0 inet from 192.168.64.0/24 to 192.168.100.0/24 -> 192.168.100.254 port 1024:65535 nat on pppoe0 inet from 192.168.97.0/24 to any -> 214.123.45.67 port 1024:65535 nat on pppoe0 inet from 192.168.147.0/24 to any -> 214.123.45.67 port 1024:65535 nat on pppoe0 inet from 192.168.96.0/24 to any -> 214.123.45.67 port 1024:65535 nat on lagg0.30 inet from 192.168.96.0/24 to any -> 192.168.49.250 port 1024:65535 nat on pppoe0 inet from 127.0.0.0/8 to any -> 214.123.45.67 port 1024:65535 nat on pppoe0 inet from 10.6.8.0/24 to any -> 214.123.45.67 port 1024:65535 nat on pppoe0 inet from 192.168.198.0/24 to any -> 214.123.45.67 port 1024:65535 nat on ovpnc3 inet from 192.168.64.0/24 to any -> 10.18.23.2 port 1024:65535 nat on ovpnc4 inet from 192.168.64.0/24 to any -> 10.19.23.2 port 1024:65535 nat on ovpnc7 inet from 192.168.64.0/24 to any -> 172.21.21.6 port 1024:65535 nat on ovpnc8 inet from 192.168.64.0/24 to any -> 172.17.23.41 port 1024:65535 nat on ovpnc3 inet from 172.16.55.0/24 to any -> 10.18.23.2 port 1024:65535 nat on ovpnc4 inet from 172.16.55.0/24 to any -> 10.19.23.2 port 1024:65535 nat on ovpnc7 inet from 172.16.55.0/24 to any -> 172.21.21.6 port 1024:65535 nat on pppoe0 inet from 127.0.0.0/8 to any port = isakmp -> 214.123.45.67 static-port nat on pppoe0 inet from 127.0.0.0/8 to any -> 214.123.45.67 port 1024:65535 nat on lagg0.30 inet from 127.0.0.0/8 to any port = isakmp -> 192.168.49.250 static-port nat on lagg0.30 inet from 127.0.0.0/8 to any -> 192.168.49.250 port 1024:65535 nat on lagg0.60 inet from 127.0.0.0/8 to any port = isakmp -> 192.168.19.19 static-port nat on lagg0.60 inet from 127.0.0.0/8 to any -> 192.168.19.19 port 1024:65535 nat on pppoe0 inet from 192.168.64.0/24 to any -> 214.123.45.67 port 1024:65535 nat on lagg0.30 inet from 192.168.64.0/24 to any port = isakmp -> 192.168.49.250 static-port nat on lagg0.30 inet from 192.168.64.0/24 to any -> 192.168.49.250 port 1024:65535 nat on lagg0.60 inet from 192.168.64.0/24 to any port = isakmp -> 192.168.19.19 static-port nat on lagg0.60 inet from 192.168.64.0/24 to any -> 192.168.19.19 port 1024:65535 nat on pppoe0 inet from 192.168.65.0/24 to any port = isakmp -> 214.123.45.67 static-port nat on pppoe0 inet from 192.168.65.0/24 to any -> 214.123.45.67 port 1024:65535 nat on lagg0.30 inet from 192.168.65.0/24 to any port = isakmp -> 192.168.49.250 static-port nat on lagg0.30 inet from 192.168.65.0/24 to any -> 192.168.49.250 port 1024:65535 nat on lagg0.60 inet from 192.168.65.0/24 to any port = isakmp -> 192.168.19.19 static-port nat on lagg0.60 inet from 192.168.65.0/24 to any -> 192.168.19.19 port 1024:65535 nat on pppoe0 inet from 192.168.6.0/24 to any port = isakmp -> 214.123.45.67 static-port nat on pppoe0 inet from 192.168.6.0/24 to any -> 214.123.45.67 port 1024:65535 nat on lagg0.30 inet from 192.168.6.0/24 to any port = isakmp -> 192.168.49.250 static-port nat on lagg0.30 inet from 192.168.6.0/24 to any -> 192.168.49.250 port 1024:65535 nat on lagg0.60 inet from 192.168.6.0/24 to any port = isakmp -> 192.168.19.19 static-port nat on lagg0.60 inet from 192.168.6.0/24 to any -> 192.168.19.19 port 1024:65535 nat on pppoe0 inet from 10.6.8.0/24 to any port = isakmp -> 214.123.45.67 static-port nat on pppoe0 inet from 10.6.8.0/24 to any -> 214.123.45.67 port 1024:65535 nat on lagg0.30 inet from 10.6.8.0/24 to any port = isakmp -> 192.168.49.250 static-port nat on lagg0.30 inet from 10.6.8.0/24 to any -> 192.168.49.250 port 1024:65535 nat on lagg0.60 inet from 10.6.8.0/24 to any port = isakmp -> 192.168.19.19 static-port nat on lagg0.60 inet from 10.6.8.0/24 to any -> 192.168.19.19 port 1024:65535 nat on pppoe0 inet from 192.168.114.0/24 to any port = isakmp -> 214.123.45.67 static-port nat on pppoe0 inet from 192.168.114.0/24 to any -> 214.123.45.67 port 1024:65535 nat on lagg0.30 inet from 192.168.114.0/24 to any port = isakmp -> 192.168.49.250 static-port nat on lagg0.30 inet from 192.168.114.0/24 to any -> 192.168.49.250 port 1024:65535 nat on lagg0.60 inet from 192.168.114.0/24 to any port = isakmp -> 192.168.19.19 static-port nat on lagg0.60 inet from 192.168.114.0/24 to any -> 192.168.19.19 port 1024:65535 nat on pppoe0 inet from 172.22.1.0/24 to any -> 214.123.45.67 port 1024:65535 nat on pppoe0 inet from 172.22.2.0/24 to any -> 214.123.45.67 port 1024:65535 nat on pppoe0 inet from 172.26.1.0/24 to any -> 214.123.45.67 port 1024:65535 nat on pppoe0 inet from 172.27.1.0/24 to any -> 214.123.45.67 port 1024:65535 nat on pppoe0 inet from 172.29.1.0/24 to any -> 214.123.45.67 port 1024:65535 nat on lagg0.30 inet from 172.16.6.0/24 to any -> 192.168.49.250 port 1024:65535 nat on lagg0.30 inet from 172.16.7.0/24 to any -> 192.168.49.250 port 1024:65535 nat on lagg0.30 inet from 172.16.8.0/24 to any -> 192.168.49.250 port 1024:65535 nat on lagg0.30 inet from 172.16.9.0/24 to any -> 192.168.49.250 port 1024:65535 nat on pppoe0 inet from 192.168.16.0/24 to any -> 214.123.45.67 port 1024:65535 nat on lagg0.30 inet from 192.168.32.0/24 to any -> 192.168.49.250 port 1024:65535 no rdr proto carp all rdr-anchor "relayd/*" all rdr-anchor "tftp-proxy/*" all rdr pass on lagg0.10 inet proto udp from any to any port = tftp -> 127.0.0.1 port 6969 rdr pass on lagg0.20 inet proto udp from any to any port = tftp -> 127.0.0.1 port 6969 rdr on pppoe0 inet proto tcp from any to 214.123.45.67 port = 18888 -> 192.168.65.65 port 34567 rdr on pppoe0 inet proto udp from any to 214.123.45.67 port = 18888 -> 192.168.65.65 port 34567 rdr on pppoe0 inet proto udp from any to 214.123.45.67 port = 9995 -> 192.168.64.132 port 1194 rdr on pppoe0 inet proto tcp from any to 192.168.49.250 port = http -> 127.0.0.1 port 32333 rdr on pppoe0 inet proto tcp from any to 214.123.45.67 port = https -> 127.0.0.1 rdr on lagg0.30 inet proto tcp from any to 192.168.49.250 port = 32333 -> 127.0.0.1 rdr on lagg0.30 inet proto tcp from any to any port = https -> 127.0.0.1 rdr on lagg0.30 inet proto tcp from any to any port = vat -> 192.168.64.141 port 6875 rdr on lagg0.30 inet proto tcp from 192.168.49.0/24 to any port 9981:9982 -> 192.168.64.40 rdr pass on lagg0.10 inet proto tcp from any to 10.10.10.1 port = http -> 127.0.0.1 port 8081 rdr pass on lagg0.20 inet proto tcp from any to 10.10.10.1 port = http -> 127.0.0.1 port 8081 rdr pass on re0 inet proto tcp from any to 10.10.10.1 port = http -> 127.0.0.1 port 8081 rdr pass on gif0 inet proto tcp from any to 10.10.10.1 port = http -> 127.0.0.1 port 8081 rdr pass on lagg0.40 inet proto tcp from any to 10.10.10.1 port = http -> 127.0.0.1 port 8081 rdr pass on lagg0.2222 inet proto tcp from any to 10.10.10.1 port = http -> 127.0.0.1 port 8081 rdr pass on lagg0.70 inet proto tcp from any to 10.10.10.1 port = http -> 127.0.0.1 port 8081 rdr pass on lagg0.99 inet proto tcp from any to 10.10.10.1 port = http -> 127.0.0.1 port 8081 rdr pass on lagg0.1 inet proto tcp from any to 10.10.10.1 port = http -> 127.0.0.1 port 8081 rdr pass on lagg0.90 inet proto tcp from any to 10.10.10.1 port = http -> 127.0.0.1 port 8081 rdr pass on re0.23 inet proto tcp from any to 10.10.10.1 port = http -> 127.0.0.1 port 8081 rdr pass on lagg0.50 inet proto tcp from any to 10.10.10.1 port = http -> 127.0.0.1 port 8081 rdr pass on re0.24 inet proto tcp from any to 10.10.10.1 port = http -> 127.0.0.1 port 8081 rdr pass on lagg0.23 inet proto tcp from any to 10.10.10.1 port = http -> 127.0.0.1 port 8081 rdr pass on enc0 inet proto tcp from any to 10.10.10.1 port = http -> 127.0.0.1 port 8081 rdr pass on openvpn inet proto tcp from any to 10.10.10.1 port = http -> 127.0.0.1 port 8081 rdr pass on lagg0.10 inet proto tcp from any to 10.10.10.1 port = https -> 127.0.0.1 port 8443 rdr pass on lagg0.20 inet proto tcp from any to 10.10.10.1 port = https -> 127.0.0.1 port 8443 rdr pass on re0 inet proto tcp from any to 10.10.10.1 port = https -> 127.0.0.1 port 8443 rdr pass on gif0 inet proto tcp from any to 10.10.10.1 port = https -> 127.0.0.1 port 8443 rdr pass on lagg0.40 inet proto tcp from any to 10.10.10.1 port = https -> 127.0.0.1 port 8443 rdr pass on lagg0.2222 inet proto tcp from any to 10.10.10.1 port = https -> 127.0.0.1 port 8443 rdr pass on lagg0.70 inet proto tcp from any to 10.10.10.1 port = https -> 127.0.0.1 port 8443 rdr pass on lagg0.99 inet proto tcp from any to 10.10.10.1 port = https -> 127.0.0.1 port 8443 rdr pass on lagg0.1 inet proto tcp from any to 10.10.10.1 port = https -> 127.0.0.1 port 8443 rdr pass on lagg0.90 inet proto tcp from any to 10.10.10.1 port = https -> 127.0.0.1 port 8443 rdr pass on re0.23 inet proto tcp from any to 10.10.10.1 port = https -> 127.0.0.1 port 8443 rdr pass on lagg0.50 inet proto tcp from any to 10.10.10.1 port = https -> 127.0.0.1 port 8443 rdr pass on re0.24 inet proto tcp from any to 10.10.10.1 port = https -> 127.0.0.1 port 8443 rdr pass on lagg0.23 inet proto tcp from any to 10.10.10.1 port = https -> 127.0.0.1 port 8443 rdr pass on enc0 inet proto tcp from any to 10.10.10.1 port = https -> 127.0.0.1 port 8443 rdr pass on openvpn inet proto tcp from any to 10.10.10.1 port = https -> 127.0.0.1 port 8443 rdr-anchor "miniupnpd" all FILTER RULES: scrub from any to max-mss 1380 fragment reassemble scrub from to any max-mss 1380 fragment reassemble scrub on pppoe0 all max-mss 1420 fragment reassemble scrub on lagg0.10 all fragment reassemble scrub on lagg0.20 all fragment reassemble scrub on lagg0.30 all fragment reassemble scrub on re0 all fragment reassemble scrub on gif0 all fragment reassemble scrub on lagg0.40 all fragment reassemble scrub on lagg0.60 all fragment reassemble scrub on lagg0.2222 all fragment reassemble scrub on lagg0.70 all fragment reassemble scrub on ovpnc3 all fragment reassemble scrub on lagg0.99 all fragment reassemble scrub on ovpnc4 all fragment reassemble scrub on lagg0.1 all fragment reassemble scrub on lagg0.90 all fragment reassemble scrub on ovpnc7 all fragment reassemble scrub on ovpnc8 all fragment reassemble scrub on re0.23 all fragment reassemble scrub on lagg0.50 all fragment reassemble scrub on re0.24 all fragment reassemble scrub on lagg0.23 all fragment reassemble scrub on ovpns9 all fragment reassemble anchor "relayd/*" all anchor "openvpn/*" all anchor "ipsec/*" all block drop in log quick inet from 169.254.0.0/16 to any label "Block IPv4 link-local" block drop in log quick inet from any to 169.254.0.0/16 label "Block IPv4 link-local" block drop in log inet all label "Default deny rule IPv4" block drop out log inet all label "Default deny rule IPv4" block drop in log inet6 all label "Default deny rule IPv6" block drop out log inet6 all label "Default deny rule IPv6" pass quick inet6 proto ipv6-icmp all icmp6-type unreach keep state pass quick inet6 proto ipv6-icmp all icmp6-type toobig keep state pass quick inet6 proto ipv6-icmp all icmp6-type neighbrsol keep state pass quick inet6 proto ipv6-icmp all icmp6-type neighbradv keep state pass out quick inet6 proto ipv6-icmp from fe80::/10 to fe80::/10 icmp6-type echorep keep state pass out quick inet6 proto ipv6-icmp from fe80::/10 to fe80::/10 icmp6-type routersol keep state pass out quick inet6 proto ipv6-icmp from fe80::/10 to fe80::/10 icmp6-type routeradv keep state pass out quick inet6 proto ipv6-icmp from fe80::/10 to fe80::/10 icmp6-type neighbrsol keep state pass out quick inet6 proto ipv6-icmp from fe80::/10 to fe80::/10 icmp6-type neighbradv keep state pass out quick inet6 proto ipv6-icmp from fe80::/10 to ff02::/16 icmp6-type echorep keep state pass out quick inet6 proto ipv6-icmp from fe80::/10 to ff02::/16 icmp6-type routersol keep state pass out quick inet6 proto ipv6-icmp from fe80::/10 to ff02::/16 icmp6-type routeradv keep state pass out quick inet6 proto ipv6-icmp from fe80::/10 to ff02::/16 icmp6-type neighbrsol keep state pass out quick inet6 proto ipv6-icmp from fe80::/10 to ff02::/16 icmp6-type neighbradv keep state pass in quick inet6 proto ipv6-icmp from fe80::/10 to fe80::/10 icmp6-type echoreq keep state pass in quick inet6 proto ipv6-icmp from fe80::/10 to fe80::/10 icmp6-type routersol keep state pass in quick inet6 proto ipv6-icmp from fe80::/10 to fe80::/10 icmp6-type routeradv keep state pass in quick inet6 proto ipv6-icmp from fe80::/10 to fe80::/10 icmp6-type neighbrsol keep state pass in quick inet6 proto ipv6-icmp from fe80::/10 to fe80::/10 icmp6-type neighbradv keep state pass in quick inet6 proto ipv6-icmp from ff02::/16 to fe80::/10 icmp6-type echoreq keep state pass in quick inet6 proto ipv6-icmp from ff02::/16 to fe80::/10 icmp6-type routersol keep state pass in quick inet6 proto ipv6-icmp from ff02::/16 to fe80::/10 icmp6-type routeradv keep state pass in quick inet6 proto ipv6-icmp from ff02::/16 to fe80::/10 icmp6-type neighbrsol keep state pass in quick inet6 proto ipv6-icmp from ff02::/16 to fe80::/10 icmp6-type neighbradv keep state pass in quick inet6 proto ipv6-icmp from fe80::/10 to ff02::/16 icmp6-type echoreq keep state pass in quick inet6 proto ipv6-icmp from fe80::/10 to ff02::/16 icmp6-type routersol keep state pass in quick inet6 proto ipv6-icmp from fe80::/10 to ff02::/16 icmp6-type routeradv keep state pass in quick inet6 proto ipv6-icmp from fe80::/10 to ff02::/16 icmp6-type neighbrsol keep state pass in quick inet6 proto ipv6-icmp from fe80::/10 to ff02::/16 icmp6-type neighbradv keep state pass in quick inet6 proto ipv6-icmp from :: to ff02::/16 icmp6-type echoreq keep state pass in quick inet6 proto ipv6-icmp from :: to ff02::/16 icmp6-type routersol keep state pass in quick inet6 proto ipv6-icmp from :: to ff02::/16 icmp6-type routeradv keep state pass in quick inet6 proto ipv6-icmp from :: to ff02::/16 icmp6-type neighbrsol keep state pass in quick inet6 proto ipv6-icmp from :: to ff02::/16 icmp6-type neighbradv keep state block drop log quick inet proto tcp from any port = 0 to any label "Block traffic from port 0" block drop log quick inet proto udp from any port = 0 to any label "Block traffic from port 0" block drop log quick inet proto tcp from any to any port = 0 label "Block traffic to port 0" block drop log quick inet proto udp from any to any port = 0 label "Block traffic to port 0" block drop log quick inet6 proto tcp from any port = 0 to any label "Block traffic from port 0" block drop log quick inet6 proto udp from any port = 0 to any label "Block traffic from port 0" block drop log quick inet6 proto tcp from any to any port = 0 label "Block traffic to port 0" block drop log quick inet6 proto udp from any to any port = 0 label "Block traffic to port 0" block drop log quick from to any label "Block snort2c hosts" block drop log quick from any to label "Block snort2c hosts" block drop in log quick proto carp from (self) to any pass quick proto carp all no state block drop in log quick proto tcp from to (self) port = ssh label "sshguard" block drop in log quick proto tcp from to (self) port = https label "webConfiguratorlockout" block drop in log quick from to any label "virusprot overload table" pass in quick on pppoe0 inet6 proto udp from fe80::/10 port = dhcpv6-client to fe80::/10 port = dhcpv6-client keep state label "allow dhcpv6 client in WAN" pass in quick on pppoe0 proto udp from any port = dhcpv6-server to any port = dhcpv6-client keep state label "allow dhcpv6 client in WAN" pass out quick on pppoe0 proto udp from any port = dhcpv6-client to any port = dhcpv6-server keep state label "allow dhcpv6 client out WAN" block drop in log on ! pppoe0 inet6 from 2003:ac:1234:5678::/64 to any block drop in log on pppoe0 inet6 from fe80::329c:23ff:feff:abe1 to any block drop in log inet6 from 2003:ab:deff:1234:5678:23ff:feff:abe1 to any block drop in log on ! pppoe0 inet from 214.123.45.67 to any block drop in log inet from 214.123.45.67 to any block drop in log on ! lagg0.10 inet6 from 2001:abc:1234:babe::/64 to any block drop in log on lagg0.10 inet6 from fe80::219:99ff:fe97:dcaf to any block drop in log inet6 from 2001:abc:1234:babe::254 to any block drop in log inet6 from 2001:abc:1234:babe:face::f000 to any block drop in log inet6 from 2001:abc:1234:babe:1:5ee:bad:c0de to any block drop in log on ! lagg0.10 inet from 192.168.64.0/24 to any block drop in log on ! lagg0.10 inet from 10.10.10.1 to any block drop in log inet from 192.168.64.254 to any block drop in log inet from 10.10.10.1 to any pass in quick on lagg0.10 inet proto udp from any port = bootpc to 255.255.255.255 port = bootps keep state label "allow access to DHCP server" pass in quick on lagg0.10 inet proto udp from any port = bootpc to 192.168.64.254 port = bootps keep state label "allow access to DHCP server" pass out quick on lagg0.10 inet proto udp from 192.168.64.254 port = bootps to any port = bootpc keep state label "allow access to DHCP server" pass quick on lagg0.10 inet6 proto udp from fe80::/10 to fe80::/10 port = dhcpv6-client keep state label "allow access to DHCPv6 server" pass quick on lagg0.10 inet6 proto udp from fe80::/10 to ff02::/16 port = dhcpv6-client keep state label "allow access to DHCPv6 server" pass quick on lagg0.10 inet6 proto udp from fe80::/10 to ff02::/16 port = dhcpv6-server keep state label "allow access to DHCPv6 server" pass quick on lagg0.10 inet6 proto udp from ff02::/16 to fe80::/10 port = dhcpv6-server keep state label "allow access to DHCPv6 server" pass in quick on lagg0.10 inet6 proto udp from fe80::/10 to 2001:abc:1234:babe::254 port = dhcpv6-client keep state label "allow access to DHCPv6 server" pass out quick on lagg0.10 inet6 proto udp from 2001:abc:1234:babe::254 port = dhcpv6-server to fe80::/10 keep state label "allow access to DHCPv6 server" block drop in log on ! lagg0.20 inet from 192.168.65.0/24 to any block drop in log inet from 192.168.65.254 to any block drop in log inet from 192.168.65.67 to any block drop in log inet from 192.168.65.253 to any block drop in log on ! lagg0.20 inet6 from 2001:abc:1234:face::/64 to any block drop in log on lagg0.20 inet6 from fe80::219:99ff:fe97:dcaf to any block drop in log inet6 from 2001:abc:1234:face::254 to any pass in quick on lagg0.20 inet proto udp from any port = bootpc to 255.255.255.255 port = bootps keep state label "allow access to DHCP server" pass in quick on lagg0.20 inet proto udp from any port = bootpc to 192.168.65.254 port = bootps keep state label "allow access to DHCP server" pass out quick on lagg0.20 inet proto udp from 192.168.65.254 port = bootps to any port = bootpc keep state label "allow access to DHCP server" pass in quick on lagg0.30 inet6 proto udp from fe80::/10 port = dhcpv6-client to fe80::/10 port = dhcpv6-client keep state label "allow dhcpv6 client in 2ND-UPLINK" pass in quick on lagg0.30 proto udp from any port = dhcpv6-server to any port = dhcpv6-client keep state label "allow dhcpv6 client in 2ND-UPLINK" pass out quick on lagg0.30 proto udp from any port = dhcpv6-client to any port = dhcpv6-server keep state label "allow dhcpv6 client out 2ND-UPLINK" block drop in log on ! lagg0.30 inet6 from 2003:d0:d730:8600::/64 to any block drop in log on lagg0.30 inet6 from fe80::219:99ff:fe97:dcaf to any block drop in log inet6 from 2003:d0:d730:8600:219:99ff:fe97:dcaf to any block drop in log on ! lagg0.30 inet from 192.168.49.0/24 to any block drop in log inet from 192.168.49.250 to any block drop in log on ! re0 inet from 192.168.100.0/24 to any block drop in log on ! re0 inet from 192.168.200.0/24 to any block drop in log inet from 192.168.100.254 to any block drop in log inet from 192.168.200.254 to any block drop in log on re0 inet6 from fe80::329c:23ff:feff:abe1 to any block drop in log on ! lagg0.40 inet6 from 2001:3456:7899:1100::/56 to any block drop in log on lagg0.40 inet6 from fe80::219:99ff:fe97:dcaf to any block drop in log inet6 from 2001:3456:7899:1100::254 to any block drop in log on ! lagg0.40 inet from 192.168.6.0/24 to any block drop in log inet from 192.168.6.2 to any pass in quick on lagg0.60 inet6 proto udp from fe80::/10 port = dhcpv6-client to fe80::/10 port = dhcpv6-client keep state label "allow dhcpv6 client in LTEBACKUP" pass in quick on lagg0.60 proto udp from any port = dhcpv6-server to any port = dhcpv6-client keep state label "allow dhcpv6 client in LTEBACKUP" pass out quick on lagg0.60 proto udp from any port = dhcpv6-client to any port = dhcpv6-server keep state label "allow dhcpv6 client out LTEBACKUP" block drop in log on ! lagg0.60 inet6 from 2002:1234:5678::/64 to any block drop in log on lagg0.60 inet6 from fe80::219:99ff:fe97:dcaf to any block drop in log inet6 from 2002:2552:217f:0:219:99ff:fe97:dcaf to any block drop in log on ! lagg0.60 inet from 192.168.19.0/24 to any block drop in log inet from 192.168.19.19 to any block drop in log on ! lagg0.70 inet from 192.168.147.0/24 to any block drop in log inet from 192.168.147.254 to any block drop in log on lagg0.70 inet6 from fe80::1:1 to any pass in quick on lagg0.70 inet proto udp from any port = bootpc to 255.255.255.255 port = bootps keep state label "allow access to DHCP server" pass in quick on lagg0.70 inet proto udp from any port = bootpc to 192.168.147.254 port = bootps keep state label "allow access to DHCP server" pass out quick on lagg0.70 inet proto udp from 192.168.147.254 port = bootps to any port = bootpc keep state label "allow access to DHCP server" pass quick on lagg0.70 inet6 proto udp from fe80::/10 to fe80::/10 port = dhcpv6-client keep state label "allow access to DHCPv6 server" pass quick on lagg0.70 inet6 proto udp from fe80::/10 to ff02::/16 port = dhcpv6-client keep state label "allow access to DHCPv6 server" pass quick on lagg0.70 inet6 proto udp from fe80::/10 to ff02::/16 port = dhcpv6-server keep state label "allow access to DHCPv6 server" pass quick on lagg0.70 inet6 proto udp from ff02::/16 to fe80::/10 port = dhcpv6-server keep state label "allow access to DHCPv6 server" block drop in log on ! ovpnc3 inet from 10.18.23.2 to any block drop in log inet from 10.18.23.2 to any block drop in log on ovpnc3 inet6 from fe80::329c:23ff:feff:abe1 to any block drop in log on ! lagg0.99 inet from 172.16.55.0/24 to any block drop in log on ! lagg0.99 inet from 10.0.0.0/24 to any block drop in log inet from 172.16.55.254 to any block drop in log inet from 10.0.0.254 to any block drop in log on lagg0.99 inet6 from fe80::219:99ff:fe97:dcaf to any pass in quick on lagg0.99 inet proto udp from any port = bootpc to 255.255.255.255 port = bootps keep state label "allow access to DHCP server" pass in quick on lagg0.99 inet proto udp from any port = bootpc to 172.16.55.254 port = bootps keep state label "allow access to DHCP server" pass out quick on lagg0.99 inet proto udp from 172.16.55.254 port = bootps to any port = bootpc keep state label "allow access to DHCP server" block drop in log on ! ovpnc4 inet from 10.19.23.2 to any block drop in log inet from 10.19.23.2 to any block drop in log on ovpnc4 inet6 from fe80::329c:23ff:feff:abe1 to any block drop in log on ! lagg0.1 inet from 192.168.0.0/24 to any block drop in log inet from 192.168.0.254 to any block drop in log on lagg0.1 inet6 from fe80::219:99ff:fe97:dcaf to any block drop in log on ! lagg0.90 inet from 192.168.90.0/24 to any block drop in log inet from 192.168.90.254 to any block drop in log on lagg0.90 inet6 from fe80::219:99ff:fe97:dcaf to any pass in quick on lagg0.90 inet proto udp from any port = bootpc to 255.255.255.255 port = bootps keep state label "allow access to DHCP server" pass in quick on lagg0.90 inet proto udp from any port = bootpc to 192.168.90.254 port = bootps keep state label "allow access to DHCP server" pass out quick on lagg0.90 inet proto udp from 192.168.90.254 port = bootps to any port = bootpc keep state label "allow access to DHCP server" block drop in log on ! ovpnc7 inet from 172.21.21.6 to any block drop in log inet from 172.21.21.6 to any block drop in log on ovpnc7 inet6 from fe80::329c:23ff:feff:abe1 to any block drop in log on ! ovpnc8 inet from 172.17.23.41 to any block drop in log inet from 172.17.23.41 to any block drop in log on ovpnc8 inet6 from fe80::329c:23ff:feff:abe1 to any block drop in log on ! re0.23 inet from 172.16.23.0/24 to any block drop in log inet from 172.16.23.254 to any block drop in log on re0.23 inet6 from fe80::329c:23ff:feff:abe1 to any pass in quick on re0.23 inet proto udp from any port = bootpc to 255.255.255.255 port = bootps keep state label "allow access to DHCP server" pass in quick on re0.23 inet proto udp from any port = bootpc to 172.16.23.254 port = bootps keep state label "allow access to DHCP server" pass out quick on re0.23 inet proto udp from 172.16.23.254 port = bootps to any port = bootpc keep state label "allow access to DHCP server" block drop in log on ! lagg0.23 inet6 from 2001:abc:1234:ca00::/56 to any block drop in log on lagg0.23 inet6 from fe80::219:99ff:fe97:dcaf to any block drop in log inet6 from 2001:abc:1234:ca00::1 to any block drop in log on ! lagg0.23 inet from 100.64.23.0/24 to any block drop in log inet from 100.64.23.254 to any pass in quick on lagg0.23 inet proto udp from any port = bootpc to 255.255.255.255 port = bootps keep state label "allow access to DHCP server" pass in quick on lagg0.23 inet proto udp from any port = bootpc to 100.64.23.254 port = bootps keep state label "allow access to DHCP server" pass out quick on lagg0.23 inet proto udp from 100.64.23.254 port = bootps to any port = bootpc keep state label "allow access to DHCP server" block drop in log on ! ovpns9 inet6 from fd4b:abaa:fcaa:5d5e::/64 to any block drop in log on ovpns9 inet6 from fe80::2bd:cfff:fe73:f709 to any block drop in log inet6 from fd4b:abaa:fcaa:5d5e::1 to any block drop in log on ! ovpns9 inet from 100.64.24.0/24 to any block drop in log inet from 100.64.24.1 to any pass in on lo0 inet all flags S/SA keep state label "pass IPv4 loopback" pass out on lo0 inet all flags S/SA keep state label "pass IPv4 loopback" pass in on lo0 inet6 all flags S/SA keep state label "pass IPv6 loopback" pass out on lo0 inet6 all flags S/SA keep state label "pass IPv6 loopback" pass out inet all flags S/SA keep state allow-opts label "let out anything IPv4 from firewall host itself" pass out inet6 all flags S/SA keep state allow-opts label "let out anything IPv6 from firewall host itself" pass out route-to (pppoe0 62.123.45.67) inet from 214.123.45.67 to ! 214.123.45.67 flags S/SA keep state allow-opts label "let out anything from firewall host itself" pass out route-to (pppoe0 fe80::103:103:3e9b:f333) inet6 from 2003:ab:deff:1234:5678:23ff:feff:abe1 to ! 2003:d0:d7ff:2200::/56 flags S/SA keep state allow-opts label "let out anything from firewall host itself" pass out route-to (lagg0.30 192.168.49.1) inet from 192.168.49.250 to ! 192.168.49.0/24 flags S/SA keep state allow-opts label "let out anything from firewall host itself" pass out route-to (gif0 2001:111:3333:367::1) inet6 from 2001:111:3333:367::2 to ! 2001:111:3333:367::/64 flags S/SA keep state allow-opts label "let out anything from firewall host itself" pass out route-to (lagg0.60 192.168.19.1) inet from 192.168.19.19 to ! 192.168.19.0/24 flags S/SA keep state allow-opts label "let out anything from firewall host itself" pass out route-to (lagg0.60 fe80::92ef:68ff:fed4:f539) inet6 from 2002:2552:217f:0:219:99ff:fe97:dcaf to ! 2002:1234:5678::/64 flags S/SA keep state allow-opts label "let out anything from firewall host itself" pass out route-to (ovpnc3 10.18.23.1) inet from 10.18.23.2 to ! 10.18.23.2 flags S/SA keep state allow-opts label "let out anything from firewall host itself" pass out route-to (ovpnc4 10.19.23.1) inet from 10.19.23.2 to ! 10.19.23.2 flags S/SA keep state allow-opts label "let out anything from firewall host itself" pass out route-to (ovpnc7 172.21.21.5) inet from 172.21.21.6 to ! 172.21.21.6 flags S/SA keep state allow-opts label "let out anything from firewall host itself" pass out route-to (ovpnc8 172.17.23.42) inet from 172.17.23.41 to ! 172.17.23.41 flags S/SA keep state allow-opts label "let out anything from firewall host itself" pass out on enc0 all flags S/SA keep state label "IPsec internal host to host" pass in quick on lagg0.10 proto tcp from any to (lagg0.10) port = https flags S/SA keep state label "anti-lockout rule" pass in quick on lagg0.10 proto tcp from any to (lagg0.10) port = http flags S/SA keep state label "anti-lockout rule" pass in quick on lagg0.10 proto tcp from any to (lagg0.10) port = ssh flags S/SA keep state label "anti-lockout rule" anchor "userrules/*" all pass quick on lagg0.10 inet proto icmp from any to 10.10.10.1 icmp-type echoreq keep state label "USER_RULE: pfB_DNSBL_Ping" pass quick on lagg0.10 inet proto tcp from any to 10.10.10.1 port = 8081 flags S/SA keep state label "USER_RULE: pfB_DNSBL_Permit" pass quick on lagg0.10 inet proto tcp from any to 10.10.10.1 port = 8443 flags S/SA keep state label "USER_RULE: pfB_DNSBL_Permit" pass quick on lagg0.10 inet proto udp from any to 10.10.10.1 port = 8081 keep state label "USER_RULE: pfB_DNSBL_Permit" pass quick on lagg0.10 inet proto udp from any to 10.10.10.1 port = 8443 keep state label "USER_RULE: pfB_DNSBL_Permit" block drop in log quick inet from 172.17.23.0/24 to any label "USER_RULE: Block all from vpn.ug0.de" pass out quick inet6 from 2001:abc:1234:face::/64 to flags S/SA keep state label "NEGATE_ROUTE: Negate policy routing for destination" pass out quick route-to (gif0 2001:111:3333:367::1) inet6 from 2001:abc:1234:face::/64 to any flags S/SA keep state label "USER_RULE: lan" pass in quick inet6 from 2001:abc:1234:face::/64 to flags S/SA keep state label "NEGATE_ROUTE: Negate policy routing for destination" pass in quick route-to (gif0 2001:111:3333:367::1) inet6 from 2001:abc:1234:face::/64 to any flags S/SA keep state label "USER_RULE: lan" pass out quick inet6 from 2001:abc:1234:babe::/64 to flags S/SA keep state label "NEGATE_ROUTE: Negate policy routing for destination" pass out quick route-to (gif0 2001:111:3333:367::1) inet6 from 2001:abc:1234:babe::/64 to any flags S/SA keep state label "USER_RULE: lan" pass in quick inet6 from 2001:abc:1234:babe::/64 to flags S/SA keep state label "NEGATE_ROUTE: Negate policy routing for destination" pass in quick route-to (gif0 2001:111:3333:367::1) inet6 from 2001:abc:1234:babe::/64 to any flags S/SA keep state label "USER_RULE: lan" pass in quick inet6 proto tcp from any to 2001:abc:1234:babe:236:76ff:fe21:420 port = ssh flags S/SA keep state label "USER_RULE: Garagecam RaspberryPi" pass in quick inet6 proto tcp from any to 2001:abc:1234:babe:a00:27ff:fe89:2c1b port = ssh flags S/SA keep state label "USER_RULE: cacti" pass in quick inet6 proto tcp from any to 2001:abc:1234:babe::baff port = ssh flags S/SA keep state label "USER_RULE: login.domain.com" queue qInternet pass in quick inet6 proto tcp from to 2001:abc:1234:babe::baff port = 5201 flags S/SA keep state label "USER_RULE: login.domain.com" pass in quick inet6 proto tcp from any to 2001:abc:1234:face::666 port = smtp flags S/SA keep state label "USER_RULE: mailserver sophos" pass in quick inet6 proto tcp from any to 2001:abc:1234:face::666 port = smtps flags S/SA keep state label "USER_RULE: mailserver sophos" pass in quick inet6 proto tcp from any to 2001:abc:1234:face::666 port = submission flags S/SA keep state label "USER_RULE: mailserver sophos" pass in quick inet6 proto tcp from any to 2001:abc:1234:babe:260:2fff:fea6:7784 port = 8088 flags S/SA keep state label "USER_RULE: orange pi camera" pass in quick inet6 proto tcp from any to 2001:abc:1234:face::666 port = https flags S/SA keep state label "USER_RULE: utm.domain.com" pass in quick inet6 proto tcp from any to 2001:abc:1234:babe:8639:beff:fe61:8f31 port = isakmp flags S/SA keep state label "USER_RULE: zabc.domain.com" pass in quick inet6 proto udp from any to 2001:abc:1234:babe:8639:beff:fe61:8f31 port = isakmp keep state label "USER_RULE: zabc.domain.com" pass in quick inet6 proto tcp from any to 2001:abc:1234:babe:8639:beff:fe61:8f31 port = sae-urn flags S/SA keep state label "USER_RULE: zabc.domain.com" pass in quick inet6 proto udp from any to 2001:abc:1234:babe:8639:beff:fe61:8f31 port = sae-urn keep state label "USER_RULE: zabc.domain.com" pass in quick inet6 from to 2001:abc:1234:face::666 flags S/SA keep state label "USER_RULE: utm.domain.com" pass in quick inet6 from to flags S/SA keep state label "USER_RULE: login.domain.com" pass in quick inet6 proto tcp from to flags S/SA keep state label "USER_RULE: tvheadend_usa_test" pass in quick inet6 proto tcp from to port = ssh flags S/SA keep state label "USER_RULE: login.domain.com" pass in quick inet6 proto tcp from 2a00:f88:0:3001:b764:bd4:1678:eff2 to 2001:abc:1234:babe:ba09:4c81:3f48:f38b flags S/SA keep state label "USER_RULE: orange pi camera" pass log quick on lagg0.10 inet proto tcp from any to (self) port = 31268 flags S/SA keep state label "USER_RULE" pass log quick on lagg0.20 inet proto tcp from any to (self) port = 31268 flags S/SA keep state label "USER_RULE" pass in quick on enc0 inet6 from 2001:abc:1234:f001::/64 to any flags S/SA keep state label "USER_RULE" pass quick on openvpn inet6 proto ipv6-icmp from 2001:abc:1234:6875::/64 to any keep state label "USER_RULE" pass quick on openvpn inet6 proto tcp from 2001:abc:1234:6875::/64 to any flags S/SA keep state label "USER_RULE" pass quick on openvpn inet6 proto udp from 2001:abc:1234:6875::/64 to any keep state label "USER_RULE" pass quick on lagg0.20 inet6 proto tcp from 2001:abc:1234:1::/64 to any flags S/SA keep state label "USER_RULE" pass quick on lagg0.20 inet6 proto udp from 2001:abc:1234:1::/64 to any keep state label "USER_RULE" pass quick on lagg0.20 inet6 proto ipv6-icmp from 2001:abc:1234:1::/64 to any keep state label "USER_RULE" pass in log quick on enc0 inet from to any flags S/SA keep state label "USER_RULE" pass in log quick on enc0 inet6 from to any flags S/SA keep state label "USER_RULE" block return in log quick on enc0 inet from to any label "USER_RULE" pass in log quick on enc0 inet proto icmp all keep state label "USER_RULE" pass in log quick on enc0 inet6 proto ipv6-icmp all keep state label "USER_RULE" block drop in log quick on enc0 inet all label "USER_RULE" pass in log quick on enc0 inet all flags S/SA keep state label "USER_RULE: alfred" pass in log quick on enc0 inet6 all flags S/SA keep state label "USER_RULE: alfred" pass in quick on openvpn inet proto icmp all keep state label "USER_RULE: OpenVPN wizard" pass in log quick on openvpn inet proto icmp from 10.18.23.0/24 to any keep state label "USER_RULE" pass in log quick on openvpn inet proto icmp from 10.19.23.0/24 to any keep state label "USER_RULE" block drop in log quick on openvpn inet from 10.18.23.0/24 to any label "USER_RULE" block drop in log quick on openvpn inet from 10.19.23.0/24 to any label "USER_RULE" pass in quick on openvpn inet proto tcp from any to 214.123.45.67 flags S/SA keep state label "USER_RULE" pass in quick on openvpn inet proto udp from any to 214.123.45.67 keep state label "USER_RULE" pass in quick on openvpn inet proto tcp all flags S/SA keep state label "USER_RULE" pass in quick on openvpn inet proto udp all keep state label "USER_RULE" pass in quick on openvpn route-to (lagg0.30 192.168.49.1) inet from any to 192.168.179.0/24 flags S/SA keep state label "USER_RULE" pass in quick on openvpn inet6 proto tcp all flags S/SA keep state label "USER_RULE" pass in quick on openvpn inet6 proto udp all keep state label "USER_RULE" pass in quick on openvpn inet6 proto ipv6-icmp all keep state label "USER_RULE: OpenVPN wizard" pass in quick on pppoe inet proto icmp from any to keep state label "NEGATE_ROUTE: Negate policy routing for destination" pass in quick on pppoe route-to (pppoe0 62.123.45.67) inet proto icmp all keep state label "USER_RULE" block return in quick on pppoe inet from any to 192.168.64.0/24 label "USER_RULE: rrr" block return in quick on pppoe inet from any to 10.10.10.1 label "USER_RULE: rrr" pass in quick on pppoe inet from any to flags S/SA keep state label "NEGATE_ROUTE: Negate policy routing for destination" pass in quick on pppoe route-to (pppoe0 62.123.45.67) inet all flags S/SA keep state label "USER_RULE" block drop in quick on pppoe0 reply-to (pppoe0 62.123.45.67) inet from to any label "USER_RULE: Easy Rule: Blocked from Firewall Log View" pass in quick on pppoe0 reply-to (pppoe0 62.123.45.67) inet proto icmp from any to (self) keep state label "USER_RULE" pass in quick on pppoe0 reply-to (pppoe0 62.123.45.67) inet proto tcp from any to (self) port = http flags S/SA keep state label "USER_RULE" pass in quick on pppoe0 reply-to (pppoe0 fe80::103:103:3e9b:f333) inet6 proto tcp from any to (self) port = http flags S/SA keep state label "USER_RULE" pass in quick on pppoe0 reply-to (pppoe0 62.123.45.67) inet proto tcp from any to (self) port = https flags S/SA keep state label "USER_RULE" pass in quick on pppoe0 reply-to (pppoe0 fe80::103:103:3e9b:f333) inet6 proto tcp from any to (self) port = https flags S/SA keep state label "USER_RULE" pass in quick on pppoe0 reply-to (pppoe0 62.123.45.67) inet proto udp from any to 214.123.45.67 port = http keep state label "USER_RULE: OpenVPN wizard" pass in quick on pppoe0 reply-to (pppoe0 62.123.45.67) inet proto udp from any to 214.123.45.67 port = https keep state label "USER_RULE: OpenVPN wizard" pass in quick on pppoe0 reply-to (pppoe0 62.123.45.67) inet proto udp from any to 214.123.45.67 port = 1195 keep state label "USER_RULE: OpenVPN OSPF Test" pass in quick on pppoe0 reply-to (pppoe0 fe80::103:103:3e9b:f333) inet6 proto udp from any to 2003:ab:deff:1234:5678:23ff:feff:abe1 port = 1195 keep state label "USER_RULE: OpenVPN OSPF Test" pass in quick on pppoe0 reply-to (pppoe0 62.123.45.67) inet proto udp from any to 214.123.45.67 port = openvpn keep state label "USER_RULE: OpenVPN wizard" pass in log quick on pppoe0 inet6 proto ipv6-icmp from any to (self) keep state label "USER_RULE" pass in quick on pppoe0 reply-to (pppoe0 62.123.45.67) inet proto icmp from 66.220.2.74 to any keep state label "USER_RULE: HurricaneElectics" pass in quick on pppoe0 reply-to (pppoe0 62.123.45.67) inet proto icmp from 216.66.80.30 to any keep state label "USER_RULE: HurricaneElectics" pass in quick on pppoe0 reply-to (pppoe0 62.123.45.67) inet from 217.12.34.56 to any flags S/SA keep state label "USER_RULE: manitu / alfred" pass in quick on pppoe0 reply-to (pppoe0 62.123.45.67) inet proto tcp from any to 127.0.0.1 port = 32333 flags S/SA keep state label "USER_RULE: NAT test" pass in quick on pppoe0 reply-to (pppoe0 62.123.45.67) inet proto tcp from any to 192.168.64.1 port = ssh flags S/SA keep state label "USER_RULE: NAT " pass in quick on pppoe0 reply-to (pppoe0 62.123.45.67) inet proto tcp from any to 192.168.65.65 port = 12345 flags S/SA keep state label "USER_RULE: NAT Colonel Portforwarding" pass in quick on pppoe0 reply-to (pppoe0 62.123.45.67) inet proto udp from any to 192.168.65.65 port = 12345 keep state label "USER_RULE: NAT Colonel Portforwarding" pass in quick on pppoe0 reply-to (pppoe0 62.123.45.67) inet proto tcp from any to 192.168.65.65 port = 34567 flags S/SA keep state label "USER_RULE: NAT Colonel Portforwarding" pass in quick on pppoe0 reply-to (pppoe0 62.123.45.67) inet proto udp from any to 192.168.65.65 port = 34567 keep state label "USER_RULE: NAT Colonel Portforwarding" pass in quick on lagg0.10 route-to (lagg0.60 192.168.19.1) inet from any to 192.168.19.0/24 flags S/SA keep state allow-opts label "USER_RULE" pass in quick on lagg0.10 route-to (lagg0.60 192.168.19.1) inet from any to 192.168.8.0/24 flags S/SA keep state allow-opts label "USER_RULE" pass in quick on lagg0.10 route-to (lagg0.60 192.168.19.1) inet proto tcp from any to 109.237.176.33 flags S/SA keep state label "USER_RULE" pass in quick on lagg0.10 route-to { (ovpnc3 10.18.23.1), (ovpnc4 10.19.23.1), (ovpnc7 172.21.21.5) } round-robin inet from 192.168.64.0/24 to flags S/SA keep state label "USER_RULE" pass in quick on lagg0.10 route-to { (ovpnc3 10.18.23.1), (ovpnc4 10.19.23.1), (ovpnc7 172.21.21.5) } round-robin inet from 10.10.10.1 to flags S/SA keep state label "USER_RULE" pass in quick on lagg0.10 route-to { (ovpnc3 10.18.23.1), (ovpnc4 10.19.23.1), (ovpnc7 172.21.21.5) } round-robin inet from 192.168.64.111 to flags S/SA keep state label "USER_RULE" pass in quick on lagg0.10 inet proto tcp from to flags S/SA keep state label "NEGATE_ROUTE: Negate policy routing for destination" pass in quick on lagg0.10 route-to { (ovpnc3 10.18.23.1), (ovpnc4 10.19.23.1), (ovpnc7 172.21.21.5) } round-robin inet proto tcp from to any flags S/SA keep state label "USER_RULE" pass in quick on lagg0.10 route-to (lagg0.30 192.168.49.1) inet from any to 192.168.49.0/24 flags S/SA keep state allow-opts label "USER_RULE" pass in quick on lagg0.10 route-to (lagg0.30 192.168.49.1) inet from any to 192.168.179.0/24 flags S/SA keep state label "USER_RULE" pass in quick on lagg0.10 inet from to flags S/SA keep state label "NEGATE_ROUTE: Negate policy routing for destination" pass in quick on lagg0.10 route-to { (pppoe0 62.123.45.67), (lagg0.30 192.168.49.1) } round-robin inet from to any flags S/SA keep state label "USER_RULE: test" pass in quick on lagg0.10 inet proto tcp from 192.168.64.1 to flags S/SA keep state label "NEGATE_ROUTE: Negate policy routing for destination" pass in quick on lagg0.10 route-to { (pppoe0 62.123.45.67), (lagg0.30 192.168.49.1) } round-robin inet proto tcp from 192.168.64.1 to any flags S/SA keep state label "USER_RULE: test" pass in quick on lagg0.10 inet proto tcp from 192.168.64.121 to port = http flags S/SA keep state label "NEGATE_ROUTE: Negate policy routing for destination" pass in quick on lagg0.10 route-to { (pppoe0 62.123.45.67), (lagg0.30 192.168.49.1) } round-robin inet proto tcp from 192.168.64.121 to any port = http flags S/SA keep state label "USER_RULE" pass in quick on lagg0.10 inet proto tcp from 192.168.64.130 to port = nntps flags S/SA keep state label "NEGATE_ROUTE: Negate policy routing for destination" pass in quick on lagg0.10 route-to { (pppoe0 62.123.45.67), (lagg0.30 192.168.49.1) } round-robin inet proto tcp from 192.168.64.130 to any port = nntps flags S/SA keep state label "USER_RULE" pass in quick on lagg0.10 inet from 192.168.64.158 to flags S/SA keep state label "NEGATE_ROUTE: Negate policy routing for destination" pass in quick on lagg0.10 route-to { (pppoe0 62.123.45.67), (lagg0.30 192.168.49.1) } round-robin inet from 192.168.64.158 to any flags S/SA keep state label "USER_RULE: test" pass in quick on lagg0.10 inet proto tcp from 192.168.64.121 to port = https flags S/SA keep state label "NEGATE_ROUTE: Negate policy routing for destination" pass in quick on lagg0.10 route-to { (pppoe0 62.123.45.67), (lagg0.30 192.168.49.1) } round-robin inet proto tcp from 192.168.64.121 to any port = https flags S/SA keep state label "USER_RULE" pass in quick on lagg0.10 inet proto tcp from 192.168.64.130 to port = https flags S/SA keep state label "NEGATE_ROUTE: Negate policy routing for destination" pass in quick on lagg0.10 route-to { (pppoe0 62.123.45.67), (lagg0.30 192.168.49.1) } round-robin inet proto tcp from 192.168.64.130 to any port = https flags S/SA keep state label "USER_RULE" pass in quick on lagg0.10 inet from to flags S/SA keep state label "NEGATE_ROUTE: Negate policy routing for destination" pass in quick on lagg0.10 route-to { (lagg0.30 192.168.49.1), (pppoe0 62.123.45.67) } round-robin inet from to any flags S/SA keep state label "USER_RULE: test" pass in quick on lagg0.10 inet from 192.168.64.0/24 to any flags S/SA keep state label "USER_RULE" pass in quick on lagg0.10 inet from 10.10.10.1 to any flags S/SA keep state label "USER_RULE" pass in quick on lagg0.10 inet from 192.168.64.0/24 to 136.243.25.152/29 flags S/SA keep state label "USER_RULE" pass in quick on lagg0.10 inet from 10.10.10.1 to 136.243.25.152/29 flags S/SA keep state label "USER_RULE" pass in quick on lagg0.10 inet proto tcp from 192.168.64.0/24 to 192.168.64.254 flags S/SA keep state label "USER_RULE" pass in quick on lagg0.10 inet proto tcp from 10.10.10.1 to 192.168.64.254 flags S/SA keep state label "USER_RULE" pass in quick on lagg0.10 inet from 192.168.64.0/24 to 192.168.100.0/24 flags S/SA keep state label "USER_RULE" pass in quick on lagg0.10 inet from 192.168.64.0/24 to 192.168.200.0/24 flags S/SA keep state label "USER_RULE" pass in quick on lagg0.10 inet from 10.10.10.1 to 192.168.100.0/24 flags S/SA keep state label "USER_RULE" pass in quick on lagg0.10 inet from 10.10.10.1 to 192.168.200.0/24 flags S/SA keep state label "USER_RULE" pass in quick on lagg0.10 inet from 192.168.64.0/24 to 10.18.23.0/24 flags S/SA keep state label "USER_RULE" pass in quick on lagg0.10 inet from 10.10.10.1 to 10.18.23.0/24 flags S/SA keep state label "USER_RULE" pass in quick on lagg0.10 inet from 192.168.64.0/24 to 10.19.23.0/24 flags S/SA keep state label "USER_RULE" pass in quick on lagg0.10 inet from 10.10.10.1 to 10.19.23.0/24 flags S/SA keep state label "USER_RULE" pass in quick on lagg0.10 inet from 192.168.64.0/24 to 192.168.0.0/24 flags S/SA keep state label "USER_RULE" pass in quick on lagg0.10 inet from 10.10.10.1 to 192.168.0.0/24 flags S/SA keep state label "USER_RULE" pass in quick on lagg0.10 inet from 192.168.64.0/24 to 192.168.6.0/24 flags S/SA keep state label "USER_RULE" pass in quick on lagg0.10 inet from 10.10.10.1 to 192.168.6.0/24 flags S/SA keep state label "USER_RULE" pass in quick on lagg0.10 inet6 from 2001:abc:1234:babe::/64 to 2001:3456:7899:1100::/56 flags S/SA keep state label "USER_RULE" pass in quick on lagg0.10 inet6 from 2001:abc:1234:babe::/64 to flags S/SA keep state label "NEGATE_ROUTE: Negate policy routing for destination" pass in quick on lagg0.10 route-to (gif0 2001:111:3333:367::1) inet6 from 2001:abc:1234:babe::/64 to any flags S/SA keep state label "USER_RULE" pass in quick on lagg0.10 inet from any to flags S/SA keep state label "USER_RULE" pass in quick on lagg0.10 inet from any to 172.16.0.0/12 flags S/SA keep state label "USER_RULE" pass in quick on lagg0.10 inet from any to 172.16.55.0/24 flags S/SA keep state label "USER_RULE" pass in quick on lagg0.10 inet from any to 10.0.0.0/24 flags S/SA keep state label "USER_RULE" pass in quick on lagg0.10 inet proto icmp from any to 192.168.96.0/24 icmp-type echoreq keep state label "USER_RULE" pass in quick on lagg0.10 inet proto tcp from any to 192.168.0.0/24 flags S/SA keep state label "USER_RULE" pass in quick on lagg0.10 inet proto udp from any to 192.168.0.0/24 keep state label "USER_RULE" pass in quick on lagg0.10 inet proto tcp from any to 192.168.6.0/24 flags S/SA keep state label "USER_RULE: Sophos" pass in quick on lagg0.10 inet proto udp from any to 192.168.6.0/24 keep state label "USER_RULE: Sophos" pass in quick on lagg0.10 inet proto tcp from any to 192.168.100.0/24 flags S/SA keep state label "USER_RULE" pass in quick on lagg0.10 inet proto udp from any to 192.168.100.0/24 keep state label "USER_RULE" pass in quick on lagg0.10 inet from any to 192.168.65.0/24 flags S/SA keep state label "USER_RULE" pass in quick on lagg0.10 inet6 from any to 2001:abc:1234:face::/64 flags S/SA keep state label "USER_RULE" pass in log quick on lagg0.10 inet6 from any to flags S/SA keep state label "NEGATE_ROUTE: Negate policy routing for destination" pass in log quick on lagg0.10 route-to (gif0 2001:111:3333:367::1) inet6 all flags S/SA keep state label "USER_RULE" pass in quick on lagg0.20 inet from 192.168.65.0/24 to any flags S/SA keep state label "USER_RULE" pass in quick on lagg0.20 inet proto tcp from 192.168.65.253 to flags S/SA keep state label "NEGATE_ROUTE: Negate policy routing for destination" pass in quick on lagg0.20 route-to { (pppoe0 62.123.45.67), (lagg0.30 192.168.49.1) } round-robin inet proto tcp from 192.168.65.253 to any flags S/SA keep state label "USER_RULE" pass in quick on lagg0.20 route-to { (pppoe0 62.123.45.67), (lagg0.30 192.168.49.1) } round-robin inet proto tcp from 192.168.65.0/24 to flags S/SA keep state label "USER_RULE" pass in quick on lagg0.20 inet from 192.168.65.0/24 to any flags S/SA keep state label "USER_RULE" pass in quick on lagg0.20 inet6 from 2001:abc:1234:face::/64 to flags S/SA keep state label "NEGATE_ROUTE: Negate policy routing for destination" pass in quick on lagg0.20 route-to (gif0 2001:111:3333:367::1) inet6 from 2001:abc:1234:face::/64 to any flags S/SA keep state label "USER_RULE" pass in quick on lagg0.30 reply-to (lagg0.30 192.168.49.1) inet proto tcp from any to 127.0.0.1 port = 32333 flags S/SA keep state label "USER_RULE: Let's Encrypt" pass in quick on lagg0.30 reply-to (lagg0.30 192.168.49.1) inet proto tcp from any to 127.0.0.1 port = https flags S/SA keep state label "USER_RULE: NAT pfsense-from-g.domain.com" pass in quick on lagg0.30 reply-to (lagg0.30 192.168.49.1) inet proto tcp from any to 127.0.0.1 port = https flags S/SA keep state label "USER_RULE: rotorouter-3 - admin interface via 2ND-UPLINK" pass in quick on lagg0.30 reply-to (lagg0.30 192.168.49.1) inet proto tcp from 192.168.49.0/24 to (self) port = http flags S/SA keep state label "USER_RULE" pass in quick on lagg0.30 reply-to (lagg0.30 192.168.49.1) inet proto tcp from 192.168.49.0/24 to 192.168.64.40 port 9980 >< 9983 flags S/SA keep state label "USER_RULE: NAT TVHEadend-test" pass in quick on lagg0.30 reply-to (lagg0.30 192.168.49.1) inet proto tcp from 192.168.49.0/24 to (self) port = 32333 flags S/SA keep state label "USER_RULE" pass in quick on lagg0.30 reply-to (lagg0.30 192.168.49.1) inet proto tcp from 192.168.49.0/24 to 192.168.64.5 port = ssh flags S/SA keep state label "USER_RULE: StreamingGaragecamSSH" pass in quick on lagg0.30 reply-to (lagg0.30 192.168.49.1) inet proto tcp from 192.168.49.0/24 to 192.168.64.5 port = 8081 flags S/SA keep state label "USER_RULE: StreamingGaragecamMJPG" pass in quick on lagg0.30 reply-to (lagg0.30 192.168.49.1) inet proto tcp from 192.168.49.0/24 to 192.168.64.5 port = http flags S/SA keep state label "USER_RULE: StreamingGaragecam" pass in quick on re0 inet proto icmp from 192.168.100.3 to 192.168.100.254 keep state label "USER_RULE" pass in quick on re0 inet proto tcp from 192.168.100.3 to 192.168.6.1 port 24 >< 466 flags S/SA keep state label "USER_RULE" pass in quick on re0 inet proto udp from 192.168.100.3 to 192.168.100.254 port = ntp keep state label "USER_RULE" block return in quick on re0 inet from 192.168.100.0/24 to any label "USER_RULE" block return in quick on re0 inet from 192.168.200.0/24 to any label "USER_RULE" pass in quick on gif0 reply-to (gif0 2001:111:3333:367::1) inet6 proto ipv6-icmp all keep state label "USER_RULE" pass in quick on lagg0.40 inet6 proto ipv6-icmp from any to 2001:3456:7899:1100::254 keep state label "USER_RULE: Ping Experimental ::254" pass in quick on lagg0.40 inet proto tcp from any to 192.168.6.1 flags S/SA keep state label "USER_RULE" pass in quick on lagg0.40 inet proto icmp from 192.168.6.0/24 to any keep state label "USER_RULE" pass in quick on lagg0.40 inet6 proto ipv6-icmp from 2001:3456:7899:1100::/56 to any keep state label "USER_RULE" block return in quick on lagg0.40 inet proto tcp from 192.168.6.0/24 to any label "USER_RULE" block return in quick on lagg0.40 inet proto udp from 192.168.6.0/24 to any label "USER_RULE" block return in quick on lagg0.40 inet6 proto tcp from 2001:3456:7899:1100::/56 to any label "USER_RULE" block return in quick on lagg0.40 inet6 proto udp from 2001:3456:7899:1100::/56 to any label "USER_RULE" pass in quick on lagg0.60 reply-to (lagg0.60 192.168.19.1) inet from 192.168.19.0/24 to any flags S/SA keep state label "USER_RULE" pass in quick on lagg0.60 reply-to (lagg0.60 fe80::92ef:68ff:fed4:f539) inet6 from 2002:1234:5678::/64 to any flags S/SA keep state label "USER_RULE" pass in quick on ovpnc3 reply-to (ovpnc3 10.18.23.1) inet proto icmp from 10.18.23.2 to any keep state label "USER_RULE" pass in quick on lagg0.99 inet proto icmp from 172.16.55.0/24 to 192.168.64.0/24 icmp-type echorep keep state label "USER_RULE" pass in quick on lagg0.99 inet proto icmp from 172.16.55.0/24 to 10.10.10.1 icmp-type echorep keep state label "USER_RULE" pass in quick on lagg0.99 inet proto icmp from 10.0.0.0/24 to 192.168.64.0/24 icmp-type echorep keep state label "USER_RULE" pass in quick on lagg0.99 inet proto icmp from 10.0.0.0/24 to 10.10.10.1 icmp-type echorep keep state label "USER_RULE" pass in quick on lagg0.99 inet proto tcp from 172.16.55.0/24 to 192.168.64.226 port 9980 >< 9983 flags S/SA keep state label "USER_RULE: TVHeadend-server-allowed" pass in quick on lagg0.99 inet proto tcp from 10.0.0.0/24 to 192.168.64.226 port 9980 >< 9983 flags S/SA keep state label "USER_RULE: TVHeadend-server-allowed" pass in quick on lagg0.99 inet from 172.16.55.0/24 to 10.18.23.0/24 flags S/SA keep state label "USER_RULE" pass in quick on lagg0.99 inet proto icmp from 10.18.23.0/24 to 172.16.55.0/24 keep state label "USER_RULE" pass in quick on lagg0.99 inet from 172.16.55.134 to flags S/SA keep state label "NEGATE_ROUTE: Negate policy routing for destination" pass in quick on lagg0.99 route-to (ovpnc3 10.18.23.1) inet from 172.16.55.134 to any flags S/SA keep state label "USER_RULE" pass in quick on lagg0.99 inet from any to flags S/SA keep state label "NEGATE_ROUTE: Negate policy routing for destination" pass in quick on lagg0.99 route-to { (ovpnc3 10.18.23.1), (ovpnc4 10.19.23.1), (ovpnc7 172.21.21.5) } round-robin inet all flags S/SA keep state label "USER_RULE" pass in quick on ovpnc4 reply-to (ovpnc4 10.19.23.1) inet proto icmp from 10.19.23.2 to any keep state label "USER_RULE" pass in quick on lagg0.1 inet from any to 192.168.0.0/24 flags S/SA keep state label "USER_RULE" block return in quick on lagg0.1 inet from 192.168.0.0/24 to any label "USER_RULE" pass in quick on ovpnc7 reply-to (ovpnc7 172.21.21.5) inet proto icmp from 172.21.21.6 to any keep state label "USER_RULE" pass in quick on ovpnc8 reply-to (ovpnc8 172.17.23.42) inet proto icmp from 172.17.23.41 to any keep state label "USER_RULE" pass in quick on re0.23 route-to (pppoe0 62.123.45.67) inet from 172.16.23.0/24 to ! flags S/SA keep state label "USER_RULE" pass in quick on lagg0.23 inet proto ospf all keep state label "USER_RULE" pass in quick on lagg0.23 inet6 proto ospf all keep state label "USER_RULE" block return in quick on lagg0.23 inet from any to 192.168.64.0/24 label "USER_RULE" pass in quick on lagg0.23 inet proto icmp all keep state label "USER_RULE" pass in quick on lagg0.23 inet6 proto ipv6-icmp all keep state label "USER_RULE" pass in quick on lagg0.23 inet from to flags S/SA keep state label "NEGATE_ROUTE: Negate policy routing for destination" pass in quick on lagg0.23 route-to (pppoe0 62.123.45.67) inet from to any flags S/SA keep state label "USER_RULE" pass in quick on ovpns9 inet all flags S/SA keep state label "USER_RULE" pass in quick on ovpns9 inet6 all flags S/SA keep state label "USER_RULE" pass out inet proto udp from (self) to 192.168.65.12 port = isakmp keep state label "IPsec: PALOALTO - outbound isakmp" pass in on lagg0.20 inet proto udp from 192.168.65.12 to (self) port = isakmp keep state label "IPsec: PALOALTO - inbound isakmp" pass out inet proto udp from (self) to 192.168.65.12 port = sae-urn keep state label "IPsec: PALOALTO - outbound nat-t" pass in on lagg0.20 inet proto udp from 192.168.65.12 to (self) port = sae-urn keep state label "IPsec: PALOALTO - inbound nat-t" pass out inet proto esp from (self) to 192.168.65.12 keep state label "IPsec: PALOALTO - outbound esp proto" pass in on lagg0.20 inet proto esp from 192.168.65.12 to (self) keep state label "IPsec: PALOALTO - inbound esp proto" pass out route-to (pppoe0 62.123.45.67) inet proto udp from (self) to 148.251.176.27 port = isakmp keep state label "IPsec: acmeboom2.domain.com - outbound isakmp" pass in on pppoe0 reply-to (pppoe0 62.123.45.67) inet proto udp from 148.251.176.27 to (self) port = isakmp keep state label "IPsec: acmeboom2.domain.com - inbound isakmp" pass out route-to (pppoe0 62.123.45.67) inet proto udp from (self) to 148.251.176.27 port = sae-urn keep state label "IPsec: acmeboom2.domain.com - outbound nat-t" pass in on pppoe0 reply-to (pppoe0 62.123.45.67) inet proto udp from 148.251.176.27 to (self) port = sae-urn keep state label "IPsec: acmeboom2.domain.com - inbound nat-t" pass out route-to (pppoe0 62.123.45.67) inet proto esp from (self) to 148.251.176.27 keep state label "IPsec: acmeboom2.domain.com - outbound esp proto" pass in on pppoe0 reply-to (pppoe0 62.123.45.67) inet proto esp from 148.251.176.27 to (self) keep state label "IPsec: acmeboom2.domain.com - inbound esp proto" pass in on pppoe0 reply-to (pppoe0 62.123.45.67) inet proto udp from any to (self) port = isakmp keep state label "IPsec: Client Mobile IPSec ac.domain.com - inbound isakmp" pass in on pppoe0 reply-to (pppoe0 62.123.45.67) inet proto udp from any to (self) port = sae-urn keep state label "IPsec: Client Mobile IPSec ac.domain.com - inbound nat-t" pass in on pppoe0 reply-to (pppoe0 62.123.45.67) inet proto esp from any to (self) keep state label "IPsec: Client Mobile IPSec ac.domain.com - inbound esp proto" anchor "tftp-proxy/*" all No queue in use STATES: lagg0.99 tcp 74.125.138.188:5228 <- 172.16.55.153:37614 ESTABLISHED:ESTABLISHED ovpnc3 tcp 10.18.23.2:48626 (172.16.55.153:37614) -> 74.125.138.188:5228 ESTABLISHED:ESTABLISHED lagg0.10 tcp 2a00:1450:400c:c09::bc[5228] <- 2001:abc:1234:babe:307c:56b1:22e2:96e[35904] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe:307c:56b1:22e2:96e[35904] -> 2a00:1450:400c:c09::bc[5228] ESTABLISHED:ESTABLISHED enc0 tcp 92.223.127.149:443 <- 10.7.4.2:36966 ESTABLISHED:ESTABLISHED pppoe0 tcp 214.123.45.67:34291 (10.7.4.2:45890) -> 92.223.69.11:443 ESTABLISHED:ESTABLISHED lagg0.10 tcp 2a00:1450:4001:808::200e[443] <- 2001:abc:1234:babe:a108:ead3:174b:173c[58321] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe:a108:ead3:174b:173c[58321] -> 2a00:1450:4001:808::200e[443] ESTABLISHED:ESTABLISHED lagg0.10 tcp 192.30.253.124:443 <- 192.168.64.147:41446 ESTABLISHED:ESTABLISHED pppoe0 tcp 214.123.45.67:5989 (192.168.64.147:41446) -> 192.30.253.124:443 ESTABLISHED:ESTABLISHED lagg0.20 udp 193.141.27.6:123 <- 192.168.65.65:46667 MULTIPLE:MULTIPLE pppoe0 udp 214.123.45.67:17434 (192.168.65.65:46667) -> 193.141.27.6:123 MULTIPLE:MULTIPLE lagg0.23 ospf 224.0.0.5 <- 100.64.23.12 NO_TRAFFIC:SINGLE lagg0.23 ospf 224.0.0.5 <- 100.64.23.101 NO_TRAFFIC:SINGLE lagg0.10 tcp 2a00:3456:7777:888::99[5228] <- 2001:abc:1234:babe:8dbf:a2bc:a16:f015[51828] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe:8dbf:a2bc:a16:f015[51828] -> 2a00:3456:7777:888::99[5228] ESTABLISHED:ESTABLISHED lagg0.10 tcp 2a00:3456:7777:888::99[5228] <- 2001:abc:1234:babe:8dbf:a2bc:a16:f015[51829] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe:8dbf:a2bc:a16:f015[51829] -> 2a00:3456:7777:888::99[5228] ESTABLISHED:ESTABLISHED lagg0.20 udp 5.9.37.140:123 <- 192.168.65.65:49934 MULTIPLE:MULTIPLE pppoe0 udp 214.123.45.67:14476 (192.168.65.65:49934) -> 5.9.37.140:123 MULTIPLE:MULTIPLE lagg0.10 esp 2a00:aaaa:eeee:722::75 <- 2001:abc:1234:babe:8639:beff:fe61:8f31 MULTIPLE:MULTIPLE gif0 esp 2001:abc:1234:babe:8639:beff:fe61:8f31 -> 2a00:aaaa:eeee:722::75 MULTIPLE:MULTIPLE lagg0.99 tcp 193.46.63.75:443 <- 172.16.55.153:53107 ESTABLISHED:ESTABLISHED ovpnc4 tcp 10.19.23.2:42087 (172.16.55.153:53107) -> 193.46.63.75:443 ESTABLISHED:ESTABLISHED lagg0.10 tcp 2a00:1450:400c:c06::bc[5228] <- 2001:abc:1234:babe:c81:e940:e437:c0c7[48314] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe:c81:e940:e437:c0c7[48314] -> 2a00:1450:400c:c06::bc[5228] ESTABLISHED:ESTABLISHED lagg0.10 tcp 2a00:1450:4001:818::200e[443] <- 2001:abc:1234:babe:16c9:13ff:fe8d:ab3a[37186] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe:16c9:13ff:fe8d:ab3a[37186] -> 2a00:1450:4001:818::200e[443] ESTABLISHED:ESTABLISHED lagg0.10 tcp 2a00:1450:4001:81d::2001[443] <- 2001:abc:1234:babe:edb2:6d0d:2929:1228[52303] FIN_WAIT_2:FIN_WAIT_2 gif0 tcp 2001:abc:1234:babe:edb2:6d0d:2929:1228[52303] -> 2a00:1450:4001:81d::2001[443] FIN_WAIT_2:FIN_WAIT_2 lagg0.10 tcp 2a00:1450:400e:80c::2003[443] <- 2001:abc:1234:babe:697e:2d6b:a481:75a7[52959] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe:697e:2d6b:a481:75a7[52959] -> 2a00:1450:400e:80c::2003[443] ESTABLISHED:ESTABLISHED lagg0.20 udp 85.10.240.253:123 <- 192.168.65.65:39915 MULTIPLE:MULTIPLE pppoe0 udp 214.123.45.67:64686 (192.168.65.65:39915) -> 85.10.240.253:123 MULTIPLE:MULTIPLE lagg0.20 udp 80.151.151.109:123 <- 192.168.65.65:38580 MULTIPLE:MULTIPLE pppoe0 udp 214.123.45.67:33916 (192.168.65.65:38580) -> 80.151.151.109:123 MULTIPLE:MULTIPLE lagg0.10 tcp 71.125.37.66:8000 <- 192.168.64.152:3579 ESTABLISHED:ESTABLISHED pppoe0 tcp 214.123.45.67:32780 (192.168.64.152:3579) -> 71.125.37.66:8000 ESTABLISHED:ESTABLISHED lagg0.10 tcp 2a00:1450:4001:809::200e[443] <- 2001:abc:1234:babe:697e:2d6b:a481:75a7[33463] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe:697e:2d6b:a481:75a7[33463] -> 2a00:1450:4001:809::200e[443] ESTABLISHED:ESTABLISHED lagg0.10 tcp 2a00:1450:4001:81b::200e[443] <- 2001:abc:1234:babe:edb2:6d0d:2929:1228[37323] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe:edb2:6d0d:2929:1228[37323] -> 2a00:1450:4001:81b::200e[443] ESTABLISHED:ESTABLISHED lagg0.20 udp 185.194.140.199:123 <- 192.168.65.65:38646 MULTIPLE:MULTIPLE pppoe0 udp 214.123.45.67:54699 (192.168.65.65:38646) -> 185.194.140.199:123 MULTIPLE:MULTIPLE lagg0.10 tcp 192.30.253.124:443 <- 192.168.64.147:39654 ESTABLISHED:ESTABLISHED pppoe0 tcp 214.123.45.67:11241 (192.168.64.147:39654) -> 192.30.253.124:443 ESTABLISHED:ESTABLISHED lagg0.10 tcp 159.12.34.3:443 <- 192.168.64.147:43732 ESTABLISHED:ESTABLISHED pppoe0 tcp 214.123.45.67:1302 (192.168.64.147:43732) -> 159.12.34.3:443 ESTABLISHED:ESTABLISHED lagg0.20 udp 131.188.3.221:123 <- 192.168.65.65:35876 MULTIPLE:MULTIPLE pppoe0 udp 214.123.45.67:13979 (192.168.65.65:35876) -> 131.188.3.221:123 MULTIPLE:MULTIPLE lagg0.10 tcp 2a00:aaaa:eeee:722::230[993] <- 2001:abc:1234:babe::75[54204] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe::75[54204] -> 2a00:aaaa:eeee:722::230[993] ESTABLISHED:ESTABLISHED lagg0.20 udp 2001:1640:3::3[123] <- 2001:abc:1234:face:c00:42ff:fe0a:79d6[59465] MULTIPLE:MULTIPLE gif0 udp 2001:abc:1234:face:c00:42ff:fe0a:79d6[59465] -> 2001:1640:3::3[123] MULTIPLE:MULTIPLE lagg0.10 tcp 2a00:aaaa:eeee:722::230[993] <- 2001:abc:1234:babe::75[54208] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe::75[54208] -> 2a00:aaaa:eeee:722::230[993] ESTABLISHED:ESTABLISHED lagg0.10 tcp 2a00:aaaa:eeee:722::230[993] <- 2001:abc:1234:babe::baff[36290] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe::baff[36290] -> 2a00:aaaa:eeee:722::230[993] ESTABLISHED:ESTABLISHED lagg0.10 tcp 2a00:aaaa:eeee:722::230[993] <- 2001:abc:1234:babe::baff[36292] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe::baff[36292] -> 2a00:aaaa:eeee:722::230[993] ESTABLISHED:ESTABLISHED lagg0.20 udp 94.16.116.137:123 <- 192.168.65.65:33142 MULTIPLE:MULTIPLE pppoe0 udp 214.123.45.67:52370 (192.168.65.65:33142) -> 94.16.116.137:123 MULTIPLE:MULTIPLE lagg0.99 tcp 173.194.219.188:5228 <- 172.16.55.153:54094 ESTABLISHED:ESTABLISHED ovpnc4 tcp 10.19.23.2:12893 (172.16.55.153:54094) -> 173.194.219.188:5228 ESTABLISHED:ESTABLISHED pppoe0 tcp 214.123.45.67:16404 (10.7.4.2:36966) -> 92.223.127.149:443 ESTABLISHED:ESTABLISHED lagg0.10 tcp 37.50.8.97:5061 <- 192.168.64.77:40151 ESTABLISHED:ESTABLISHED pppoe0 tcp 214.123.45.67:63885 (192.168.64.77:40151) -> 37.50.8.97:5061 ESTABLISHED:ESTABLISHED lagg0.20 udp 87.118.124.35:123 <- 192.168.65.65:57243 MULTIPLE:MULTIPLE pppoe0 udp 214.123.45.67:39923 (192.168.65.65:57243) -> 87.118.124.35:123 MULTIPLE:MULTIPLE enc0 tcp 92.223.69.11:443 <- 10.7.4.2:45890 ESTABLISHED:ESTABLISHED lagg0.10 udp 239.255.255.250:1900 <- 192.168.64.66:58389 NO_TRAFFIC:SINGLE lagg0.10 tcp 2a00:3456:7777:888::99[5228] <- 2001:abc:1234:babe:4555:2daf:a9a7:2b73[55090] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe:4555:2daf:a9a7:2b73[55090] -> 2a00:3456:7777:888::99[5228] ESTABLISHED:ESTABLISHED lagg0.10 tcp 2a00:1450:4001:808::2003[443] <- 2001:abc:1234:babe:68df:fcc5:2553:b74b[44419] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe:68df:fcc5:2553:b74b[44419] -> 2a00:1450:4001:808::2003[443] ESTABLISHED:ESTABLISHED lagg0.99 tcp 74.125.138.188:5228 <- 172.16.55.153:37922 ESTABLISHED:ESTABLISHED ovpnc3 tcp 10.18.23.2:32220 (172.16.55.153:37922) -> 74.125.138.188:5228 ESTABLISHED:ESTABLISHED pppoe0 udp 192.168.49.250:5817 -> 198.23.230.229:1194 MULTIPLE:MULTIPLE lagg0.10 tcp 198.252.206.25:443 <- 192.168.64.147:37992 ESTABLISHED:ESTABLISHED pppoe0 tcp 214.123.45.67:32945 (192.168.64.147:37992) -> 198.252.206.25:443 ESTABLISHED:ESTABLISHED lagg0.10 tcp 2a00:1450:400c:c07::bc[5228] <- 2001:abc:1234:babe:697e:2d6b:a481:75a7[39385] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe:697e:2d6b:a481:75a7[39385] -> 2a00:1450:400c:c07::bc[5228] ESTABLISHED:ESTABLISHED lagg0.10 tcp 2a00:1450:4013:c07::10[993] <- 2001:abc:1234:babe::75[43786] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe::75[43786] -> 2a00:1450:4013:c07::10[993] ESTABLISHED:ESTABLISHED gif0 esp 2001:111:3333:367::2 -> 2a00:aaaa:eeee:722::75 MULTIPLE:MULTIPLE lagg0.10 tcp 143.204.205.221:443 <- 192.168.64.157:50158 ESTABLISHED:ESTABLISHED pppoe0 tcp 214.123.45.67:12226 (192.168.64.157:50158) -> 143.204.205.221:443 ESTABLISHED:ESTABLISHED lagg0.10 tcp 159.12.34.3:443 <- 192.168.64.157:38158 ESTABLISHED:ESTABLISHED pppoe0 tcp 214.123.45.67:50133 (192.168.64.157:38158) -> 159.12.34.3:443 ESTABLISHED:ESTABLISHED lagg0.10 udp 224.0.0.251:5353 <- 192.168.64.128:5353 NO_TRAFFIC:SINGLE lagg0.10 tcp 2a00:1450:400c:c0a::bd[443] <- 2001:abc:1234:babe::75[38738] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe::75[38738] -> 2a00:1450:400c:c0a::bd[443] ESTABLISHED:ESTABLISHED lagg0.10 tcp 2a00:1450:400e:805::200a[443] <- 2001:abc:1234:babe:584e:2731:6677:ed98[47898] TIME_WAIT:TIME_WAIT gif0 tcp 2001:abc:1234:babe:584e:2731:6677:ed98[47898] -> 2a00:1450:400e:805::200a[443] TIME_WAIT:TIME_WAIT lagg0.10 tcp 2a00:1450:400e:804::200e[443] <- 2001:abc:1234:babe:68df:fcc5:2553:b74b[60405] FIN_WAIT_2:FIN_WAIT_2 gif0 tcp 2001:abc:1234:babe:68df:fcc5:2553:b74b[60405] -> 2a00:1450:400e:804::200e[443] FIN_WAIT_2:FIN_WAIT_2 lagg0.10 tcp 2a00:1450:4001:81d::2001[443] <- 2001:abc:1234:babe:68df:fcc5:2553:b74b[41342] FIN_WAIT_2:FIN_WAIT_2 gif0 tcp 2001:abc:1234:babe:68df:fcc5:2553:b74b[41342] -> 2a00:1450:4001:81d::2001[443] FIN_WAIT_2:FIN_WAIT_2 lagg0.10 tcp 2a00:1450:400e:808::200e[443] <- 2001:abc:1234:babe:697e:2d6b:a481:75a7[53943] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe:697e:2d6b:a481:75a7[53943] -> 2a00:1450:400e:808::200e[443] ESTABLISHED:ESTABLISHED lagg0.10 udp 239.255.255.250:1900 <- 192.168.64.152:2109 NO_TRAFFIC:SINGLE gif0 ipv6-icmp 2001:111:3333:367::2[8110] -> 2001:111:3333:367::1[8110] NO_TRAFFIC:NO_TRAFFIC lagg0.60 icmp 192.168.19.19:8765 -> 192.168.19.1:8765 0:0 ovpnc3 icmp 10.18.23.2:9111 -> 10.18.23.1:9111 0:0 ovpns9 icmp 100.64.24.1:11094 -> 100.64.24.254:11094 0:0 pppoe0 ipv6 214.123.45.67 -> 216.66.80.30 MULTIPLE:MULTIPLE lagg0.10 tcp 2a00:1450:400e:80b::200e[443] <- 2001:abc:1234:babe:697e:2d6b:a481:75a7[42236] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe:697e:2d6b:a481:75a7[42236] -> 2a00:1450:400e:80b::200e[443] ESTABLISHED:ESTABLISHED lagg0.10 tcp 2a00:1450:400e:80b::2001[443] <- 2001:abc:1234:babe:68df:fcc5:2553:b74b[39951] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe:68df:fcc5:2553:b74b[39951] -> 2a00:1450:400e:80b::2001[443] ESTABLISHED:ESTABLISHED lagg0.10 udp 2a00:aaaa:eeee:722::75[500] <- 2001:abc:1234:babe:8639:beff:fe61:8f31[500] MULTIPLE:MULTIPLE gif0 udp 2001:abc:1234:babe:8639:beff:fe61:8f31[500] -> 2a00:aaaa:eeee:722::75[500] MULTIPLE:MULTIPLE lo0 ipv6-icmp ff02::1[16584] <- fe80::219:99ff:fe97:dcaf[16584] NO_TRAFFIC:NO_TRAFFIC lo0 tcp 127.0.0.1:953 <- 127.0.0.1:41082 FIN_WAIT_2:FIN_WAIT_2 lo0 tcp 127.0.0.1:953 <- 127.0.0.1:9743 FIN_WAIT_2:FIN_WAIT_2 lagg0.10 tcp 2a00:1450:4001:817::200e[443] <- 2001:abc:1234:babe::75[59142] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe::75[59142] -> 2a00:1450:4001:817::200e[443] ESTABLISHED:ESTABLISHED lo0 tcp 127.0.0.1:953 <- 127.0.0.1:32605 FIN_WAIT_2:FIN_WAIT_2 lagg0.10 tcp 54.217.228.91:443 <- 192.168.64.12:44572 FIN_WAIT_2:ESTABLISHED pppoe0 tcp 214.123.45.67:36158 (192.168.64.12:44572) -> 54.217.228.91:443 ESTABLISHED:FIN_WAIT_2 lagg0.10 tcp 217.12.34.56:80 <- 192.168.64.143:50893 TIME_WAIT:TIME_WAIT pppoe0 tcp 214.123.45.67:34858 (192.168.64.143:50893) -> 217.12.34.56:80 TIME_WAIT:TIME_WAIT lagg0.10 ipv6-icmp fe80::219:99ff:fe97:dcaf[16584] -> ff02::1[16584] NO_TRAFFIC:NO_TRAFFIC lagg0.10 tcp 2a00:1450:400e:804::200e[443] <- 2001:abc:1234:babe::75[53624] TIME_WAIT:TIME_WAIT gif0 tcp 2001:abc:1234:babe::75[53624] -> 2a00:1450:400e:804::200e[443] TIME_WAIT:TIME_WAIT lagg0.10 tcp 2606:4700::6811:b949[443] <- 2001:abc:1234:babe::75[35838] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe::75[35838] -> 2606:4700::6811:b949[443] ESTABLISHED:ESTABLISHED lo0 tcp 127.0.0.1:57969 -> 127.0.0.1:953 FIN_WAIT_2:FIN_WAIT_2 lo0 tcp 127.0.0.1:953 <- 127.0.0.1:53787 FIN_WAIT_2:FIN_WAIT_2 lo0 tcp 127.0.0.1:953 <- 127.0.0.1:50095 FIN_WAIT_2:FIN_WAIT_2 lagg0.10 tcp 2a00:1450:4016:80d::200e[443] <- 2001:abc:1234:babe::75[38062] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe::75[38062] -> 2a00:1450:4016:80d::200e[443] ESTABLISHED:ESTABLISHED lagg0.10 tcp 2a00:1450:4001:81f::200e[443] <- 2001:abc:1234:babe::75[35680] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe::75[35680] -> 2a00:1450:4001:81f::200e[443] ESTABLISHED:ESTABLISHED lagg0.10 tcp 2a00:1450:4001:825::200e[443] <- 2001:abc:1234:babe:68df:fcc5:2553:b74b[35976] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe:68df:fcc5:2553:b74b[35976] -> 2a00:1450:4001:825::200e[443] ESTABLISHED:ESTABLISHED lagg0.10 tcp 217.12.34.56:80 <- 192.168.64.143:50896 TIME_WAIT:TIME_WAIT pppoe0 tcp 214.123.45.67:14776 (192.168.64.143:50896) -> 217.12.34.56:80 TIME_WAIT:TIME_WAIT lo0 tcp 127.0.0.1:953 <- 127.0.0.1:22641 FIN_WAIT_2:FIN_WAIT_2 lagg0.10 tcp 136.243.25.156:443 <- 192.168.64.77:47975 FIN_WAIT_2:ESTABLISHED enc0 tcp 192.168.64.77:47975 -> 136.243.25.156:443 ESTABLISHED:FIN_WAIT_2 pppoe0 esp 214.123.45.67 -> 148.251.176.27 MULTIPLE:MULTIPLE lagg0.10 udp 224.0.0.251:5353 <- 192.168.64.61:5353 NO_TRAFFIC:SINGLE lagg0.10 udp 224.0.0.251:5353 <- 192.168.64.62:5353 NO_TRAFFIC:SINGLE lo0 tcp 127.0.0.1:953 <- 127.0.0.1:54156 FIN_WAIT_2:FIN_WAIT_2 lagg0.10 tcp 2a00:1450:4016:80d::200e[443] <- 2001:abc:1234:babe:4555:2daf:a9a7:2b73[48618] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe:4555:2daf:a9a7:2b73[48618] -> 2a00:1450:4016:80d::200e[443] ESTABLISHED:ESTABLISHED lo0 tcp 127.0.0.1:13290 -> 127.0.0.1:953 FIN_WAIT_2:FIN_WAIT_2 lagg0.10 ipv6-icmp fe80::219:99ff:fe97:dcaf -> ff02::16 NO_TRAFFIC:NO_TRAFFIC lo0 tcp 127.0.0.1:39499 -> 127.0.0.1:953 FIN_WAIT_2:FIN_WAIT_2 lagg0.70 ipv6-icmp fe80::1:1 -> ff02::16 NO_TRAFFIC:NO_TRAFFIC pppoe0 udp fe80::329c:23ff:feff:abe1[546] -> ff02::1:2[547] SINGLE:NO_TRAFFIC lo0 tcp 127.0.0.1:953 <- 127.0.0.1:24971 FIN_WAIT_2:FIN_WAIT_2 lo0 tcp 127.0.0.1:953 <- 127.0.0.1:26363 FIN_WAIT_2:FIN_WAIT_2 lagg0.10 udp 239.255.255.250:1900 <- 192.168.64.147:44566 NO_TRAFFIC:SINGLE lagg0.10 udp 85.21.78.91:123 <- 192.168.64.3:57504 SINGLE:MULTIPLE pppoe0 udp 214.123.45.67:48677 (192.168.64.3:57504) -> 85.21.78.91:123 MULTIPLE:SINGLE lo0 tcp 127.0.0.1:953 <- 127.0.0.1:36966 FIN_WAIT_2:FIN_WAIT_2 pppoe0 udp 214.123.45.67:27307 (192.168.65.254:123) -> 85.199.214.98:123 MULTIPLE:SINGLE lagg0.20 udp 192.168.65.255:65001 <- 192.168.65.40:49751 NO_TRAFFIC:SINGLE lagg0.10 ipv6-icmp fe80::219:99ff:fe97:dcaf[16384] <- fe80::f6f5:d8ff:fed8:9e9e[16384] NO_TRAFFIC:NO_TRAFFIC lo0 tcp 127.0.0.1:11327 -> 127.0.0.1:953 FIN_WAIT_2:FIN_WAIT_2 lagg0.10 ipv6-icmp 2001:abc:1234:babe::254 <- fe80::e6f0:42ff:fe22:7ef4 NO_TRAFFIC:NO_TRAFFIC lagg0.10 ipv6-icmp fe80::219:99ff:fe97:dcaf[49152] -> fe80::e6f0:42ff:fe22:7ef4[49152] NO_TRAFFIC:NO_TRAFFIC lagg0.10 tcp 217.12.34.56:80 <- 192.168.64.143:50903 TIME_WAIT:TIME_WAIT pppoe0 tcp 214.123.45.67:54812 (192.168.64.143:50903) -> 217.12.34.56:80 TIME_WAIT:TIME_WAIT lagg0.10 ipv6-icmp fe80::219:99ff:fe97:dcaf -> fe80::e6f0:42ff:fe22:7ef4 NO_TRAFFIC:NO_TRAFFIC lagg0.10 ipv6-icmp fe80::219:99ff:fe97:dcaf[16384] <- fe80::e6f0:42ff:fe22:7ef4[16384] NO_TRAFFIC:NO_TRAFFIC lo0 tcp 127.0.0.1:46874 -> 127.0.0.1:953 FIN_WAIT_2:FIN_WAIT_2 lo0 udp 127.0.0.1:14256 -> 127.0.0.1:53 MULTIPLE:SINGLE lo0 udp 127.0.0.1:53 <- 127.0.0.1:14256 SINGLE:MULTIPLE lo0 udp 127.0.0.1:53 <- 127.0.0.1:34898 SINGLE:MULTIPLE lagg0.30 udp 214.123.45.67:36259 -> 9.9.9.9:53 MULTIPLE:SINGLE lagg0.30 udp 214.123.45.67:41595 -> 9.9.9.9:53 MULTIPLE:SINGLE lagg0.10 ipv6-icmp ff02::16 <- fe80::b367:a1ec:b71:b46c NO_TRAFFIC:NO_TRAFFIC lagg0.10 udp 8.8.8.8:53 <- 192.168.64.62:42215 MULTIPLE:MULTIPLE pppoe0 udp 214.123.45.67:52331 (192.168.64.62:42215) -> 8.8.8.8:53 MULTIPLE:MULTIPLE lagg0.10 tcp 2a00:1450:4001:815::200e[443] <- 2001:abc:1234:babe:68df:fcc5:2553:b74b[44843] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe:68df:fcc5:2553:b74b[44843] -> 2a00:1450:4001:815::200e[443] ESTABLISHED:ESTABLISHED lagg0.10 icmp 192.168.64.254:1476 <- 192.168.64.61:1476 0:0 lagg0.10 tcp 2a00:1450:400e:803::2001[443] <- 2001:abc:1234:babe:68df:fcc5:2553:b74b[43082] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe:68df:fcc5:2553:b74b[43082] -> 2a00:1450:400e:803::2001[443] ESTABLISHED:ESTABLISHED lagg0.10 ipv6-icmp 2001:abc:1234:babe::254[16384] <- 2001:abc:1234:babe:68df:fcc5:2553:b74b[16384] NO_TRAFFIC:NO_TRAFFIC lagg0.10 ipv6-icmp fe80::219:99ff:fe97:dcaf -> fe80::8639:beff:fe61:8f31 NO_TRAFFIC:NO_TRAFFIC lagg0.10 ipv6-icmp fe80::219:99ff:fe97:dcaf[16384] <- fe80::8639:beff:fe61:8f31[16384] NO_TRAFFIC:NO_TRAFFIC lagg0.10 udp 8.8.8.8:53 <- 192.168.64.61:55929 MULTIPLE:MULTIPLE pppoe0 udp 214.123.45.67:54078 (192.168.64.61:55929) -> 8.8.8.8:53 MULTIPLE:MULTIPLE lagg0.10 ipv6-icmp 2001:abc:1234:babe::254 -> 2001:abc:1234:babe::75 NO_TRAFFIC:NO_TRAFFIC lagg0.10 ipv6-icmp 2001:abc:1234:babe::254[16384] <- 2001:abc:1234:babe::75[16384] NO_TRAFFIC:NO_TRAFFIC lagg0.20 ipv6-icmp fe80::219:99ff:fe97:dcaf <- fe80::c00:42ff:fe0a:79d6 NO_TRAFFIC:NO_TRAFFIC lagg0.20 ipv6-icmp fe80::219:99ff:fe97:dcaf[49152] -> fe80::c00:42ff:fe0a:79d6[49152] NO_TRAFFIC:NO_TRAFFIC lagg0.20 tcp 54.225.188.66:80 <- 192.168.65.90:54604 ESTABLISHED:ESTABLISHED pppoe0 tcp 214.123.45.67:63243 (192.168.65.90:54604) -> 54.225.188.66:80 ESTABLISHED:ESTABLISHED lagg0.20 udp 192.168.65.254:4500 -> 192.168.65.12:4500 MULTIPLE:MULTIPLE pppoe0 udp 214.123.45.67:13841 -> 104.168.35.206:1194 MULTIPLE:MULTIPLE lagg0.10 udp 255.255.255.255:67 <- 0.0.0.0:68 NO_TRAFFIC:SINGLE lagg0.23 ospf 100.64.23.254 -> 224.0.0.5 SINGLE:NO_TRAFFIC ovpns9 ospf 100.64.24.1 -> 224.0.0.5 SINGLE:NO_TRAFFIC lagg0.23 udp 46.38.235.127:1244 <- 172.29.1.107:34224 MULTIPLE:MULTIPLE pppoe0 udp 214.123.45.67:36302 (172.29.1.107:34224) -> 46.38.235.127:1244 MULTIPLE:MULTIPLE lagg0.10 tcp 185.102.218.3:80 <- 192.168.64.40:38054 ESTABLISHED:ESTABLISHED lagg0.30 tcp 192.168.49.250:47861 (192.168.64.40:38054) -> 185.102.218.3:80 ESTABLISHED:ESTABLISHED lagg0.99 tcp 173.194.66.188:5228 <- 172.16.55.153:57801 ESTABLISHED:ESTABLISHED ovpnc7 tcp 172.21.21.6:44324 (172.16.55.153:57801) -> 173.194.66.188:5228 ESTABLISHED:ESTABLISHED lagg0.10 tcp 2a00:1450:400e:805::2003[443] <- 2001:abc:1234:babe:b0df:34f7:ed9c:9e05[42431] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe:b0df:34f7:ed9c:9e05[42431] -> 2a00:1450:400e:805::2003[443] ESTABLISHED:ESTABLISHED lagg0.10 tcp 217.12.34.56:22 <- 192.168.64.5:33191 ESTABLISHED:ESTABLISHED pppoe0 tcp 214.123.45.67:43413 (192.168.64.5:33191) -> 217.12.34.56:22 ESTABLISHED:ESTABLISHED lagg0.10 tcp 108.177.119.188:443 <- 192.168.64.182:39186 ESTABLISHED:ESTABLISHED pppoe0 tcp 214.123.45.67:58652 (192.168.64.182:39186) -> 108.177.119.188:443 ESTABLISHED:ESTABLISHED lagg0.10 tcp 2a00:1450:4001:817::200e[443] <- 2001:abc:1234:babe:68df:fcc5:2553:b74b[59035] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe:68df:fcc5:2553:b74b[59035] -> 2a00:1450:4001:817::200e[443] ESTABLISHED:ESTABLISHED lagg0.10 tcp 2a00:1450:400c:c04::be[443] <- 2001:abc:1234:babe:b0df:34f7:ed9c:9e05[37233] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe:b0df:34f7:ed9c:9e05[37233] -> 2a00:1450:400c:c04::be[443] ESTABLISHED:ESTABLISHED lagg0.20 udp 85.10.240.253:123 <- 192.168.65.65:48586 MULTIPLE:MULTIPLE pppoe0 udp 214.123.45.67:49459 (192.168.65.65:48586) -> 85.10.240.253:123 MULTIPLE:MULTIPLE enc0 ipv6-icmp 2001:3456:7899:1100::254[5027] -> 2a00:aaaa:eeee:722::75[5027] NO_TRAFFIC:NO_TRAFFIC lagg0.10 tcp 159.12.34.3:443 <- 192.168.64.182:39973 ESTABLISHED:ESTABLISHED pppoe0 tcp 214.123.45.67:20595 (192.168.64.182:39973) -> 159.12.34.3:443 ESTABLISHED:ESTABLISHED lagg0.10 tcp 2a00:1450:400c:c0b::bc[5228] <- 2001:abc:1234:babe:7c46:62a:3e0d:eef4[40379] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe:7c46:62a:3e0d:eef4[40379] -> 2a00:1450:400c:c0b::bc[5228] ESTABLISHED:ESTABLISHED lagg0.10 tcp 2a00:1450:4013:c01::bd[443] <- 2001:abc:1234:babe:4555:2daf:a9a7:2b73[59588] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe:4555:2daf:a9a7:2b73[59588] -> 2a00:1450:4013:c01::bd[443] ESTABLISHED:ESTABLISHED pppoe0 udp 214.123.45.67:1194 <- 214.12.150.69:42546 MULTIPLE:MULTIPLE pppoe0 udp 214.123.45.67:500 <- 148.251.176.27:500 MULTIPLE:MULTIPLE lagg0.20 udp 91.205.174.83:123 <- 192.168.65.65:43446 MULTIPLE:MULTIPLE pppoe0 udp 214.123.45.67:51195 (192.168.65.65:43446) -> 91.205.174.83:123 MULTIPLE:MULTIPLE lagg0.10 tcp 2a00:1450:400c:c09::bc[443] <- 2001:abc:1234:babe:b0df:34f7:ed9c:9e05[50425] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe:b0df:34f7:ed9c:9e05[50425] -> 2a00:1450:400c:c09::bc[443] ESTABLISHED:ESTABLISHED lagg0.10 tcp 2a00:1450:400c:c09::bc[5228] <- 2001:abc:1234:babe:b0df:34f7:ed9c:9e05[53618] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe:b0df:34f7:ed9c:9e05[53618] -> 2a00:1450:400c:c09::bc[5228] ESTABLISHED:ESTABLISHED lagg0.10 tcp 2a00:aaaa:eeee:722::230[993] <- 2001:abc:1234:babe:584e:2731:6677:ed98[43033] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe:584e:2731:6677:ed98[43033] -> 2a00:aaaa:eeee:722::230[993] ESTABLISHED:ESTABLISHED lagg0.10 tcp 54.230.92.81:443 <- 192.168.64.147:52830 ESTABLISHED:ESTABLISHED pppoe0 tcp 214.123.45.67:15716 (192.168.64.147:52830) -> 54.230.92.81:443 ESTABLISHED:ESTABLISHED lagg0.10 tcp 2a00:aaaa:eeee:722::230[993] <- 2001:abc:1234:babe::75[54206] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe::75[54206] -> 2a00:aaaa:eeee:722::230[993] ESTABLISHED:ESTABLISHED lagg0.10 tcp 2a00:aaaa:eeee:722::230[993] <- 2001:abc:1234:babe::75[54210] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe::75[54210] -> 2a00:aaaa:eeee:722::230[993] ESTABLISHED:ESTABLISHED lagg0.10 tcp 172.217.22.100:80 <- 192.168.64.152:2452 FIN_WAIT_2:ESTABLISHED pppoe0 tcp 214.123.45.67:30275 (192.168.64.152:2452) -> 172.217.22.100:80 ESTABLISHED:FIN_WAIT_2 lagg0.10 tcp 136.243.25.156:443 <- 192.168.64.77:42139 TIME_WAIT:TIME_WAIT enc0 tcp 192.168.64.77:42139 -> 136.243.25.156:443 TIME_WAIT:TIME_WAIT lo0 ipv6-icmp ff02::1[16448] <- fe80::1:1[16448] NO_TRAFFIC:NO_TRAFFIC lagg0.70 ipv6-icmp fe80::1:1[16448] -> ff02::1[16448] NO_TRAFFIC:NO_TRAFFIC lagg0.10 tcp 214.123.45.67:443 <- 192.168.64.147:41482 ESTABLISHED:ESTABLISHED lagg0.10 tcp 2a00:1450:4001:824::200a[443] <- 2001:abc:1234:babe:4555:2daf:a9a7:2b73[42202] FIN_WAIT_2:FIN_WAIT_2 gif0 tcp 2001:abc:1234:babe:4555:2daf:a9a7:2b73[42202] -> 2a00:1450:4001:824::200a[443] FIN_WAIT_2:FIN_WAIT_2 lagg0.10 tcp 2a00:1450:400e:804::200e[443] <- 2001:abc:1234:babe:edb2:6d0d:2929:1228[57179] FIN_WAIT_2:FIN_WAIT_2 gif0 tcp 2001:abc:1234:babe:edb2:6d0d:2929:1228[57179] -> 2a00:1450:400e:804::200e[443] FIN_WAIT_2:FIN_WAIT_2 lagg0.10 tcp 54.217.228.91:443 <- 192.168.64.12:58212 TIME_WAIT:TIME_WAIT pppoe0 tcp 214.123.45.67:49262 (192.168.64.12:58212) -> 54.217.228.91:443 TIME_WAIT:TIME_WAIT lagg0.10 tcp 108.177.96.188:5228 <- 192.168.64.77:37572 ESTABLISHED:ESTABLISHED pppoe0 tcp 214.123.45.67:17024 (192.168.64.77:37572) -> 108.177.96.188:5228 ESTABLISHED:ESTABLISHED lo0 tcp 127.0.0.1:953 <- 127.0.0.1:28348 FIN_WAIT_2:FIN_WAIT_2 lagg0.10 tcp 2a00:1450:4013:c00::64[443] <- 2001:abc:1234:babe::75[34504] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe::75[34504] -> 2a00:1450:4013:c00::64[443] ESTABLISHED:ESTABLISHED lagg0.10 udp 255.255.255.255:5678 <- 192.168.64.98:5678 NO_TRAFFIC:SINGLE lagg0.10 tcp 2a00:1450:400e:805::2003[443] <- 2001:abc:1234:babe::75[35374] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe::75[35374] -> 2a00:1450:400e:805::2003[443] ESTABLISHED:ESTABLISHED lo0 tcp 127.0.0.1:41082 -> 127.0.0.1:953 FIN_WAIT_2:FIN_WAIT_2 lagg0.10 tcp 2a00:1450:4013:c00::64[443] <- 2001:abc:1234:babe::75[34508] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe::75[34508] -> 2a00:1450:4013:c00::64[443] ESTABLISHED:ESTABLISHED lo0 tcp 127.0.0.1:9743 -> 127.0.0.1:953 FIN_WAIT_2:FIN_WAIT_2 lagg0.10 udp 224.0.0.251:5353 <- 192.168.64.65:5353 NO_TRAFFIC:SINGLE lagg0.10 tcp 2a00:1450:4013:c01::5e[443] <- 2001:abc:1234:babe::75[49468] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe::75[49468] -> 2a00:1450:4013:c01::5e[443] ESTABLISHED:ESTABLISHED lo0 tcp 127.0.0.1:32605 -> 127.0.0.1:953 FIN_WAIT_2:FIN_WAIT_2 lagg0.10 tcp 2606:4700::6810:5605[443] <- 2001:abc:1234:babe::75[35246] TIME_WAIT:TIME_WAIT gif0 tcp 2001:abc:1234:babe::75[35246] -> 2606:4700::6810:5605[443] TIME_WAIT:TIME_WAIT lagg0.10 tcp 2606:4700::6811:b949[443] <- 2001:abc:1234:babe::75[35836] TIME_WAIT:TIME_WAIT gif0 tcp 2001:abc:1234:babe::75[35836] -> 2606:4700::6811:b949[443] TIME_WAIT:TIME_WAIT lo0 tcp 127.0.0.1:953 <- 127.0.0.1:57969 FIN_WAIT_2:FIN_WAIT_2 lagg0.10 tcp 217.12.34.56:80 <- 192.168.64.143:50894 TIME_WAIT:TIME_WAIT pppoe0 tcp 214.123.45.67:43829 (192.168.64.143:50894) -> 217.12.34.56:80 TIME_WAIT:TIME_WAIT lo0 tcp 127.0.0.1:53787 -> 127.0.0.1:953 FIN_WAIT_2:FIN_WAIT_2 lagg0.10 udp 8.8.8.8:53 <- 192.168.64.61:38587 MULTIPLE:MULTIPLE pppoe0 udp 214.123.45.67:15051 (192.168.64.61:38587) -> 8.8.8.8:53 MULTIPLE:MULTIPLE lo0 tcp 127.0.0.1:50095 -> 127.0.0.1:953 FIN_WAIT_2:FIN_WAIT_2 lagg0.10 tcp 217.12.34.56:80 <- 192.168.64.143:50895 TIME_WAIT:TIME_WAIT pppoe0 tcp 214.123.45.67:57186 (192.168.64.143:50895) -> 217.12.34.56:80 TIME_WAIT:TIME_WAIT lo0 tcp 127.0.0.1:1068 -> 127.0.0.1:953 FIN_WAIT_2:FIN_WAIT_2 lo0 tcp 127.0.0.1:953 <- 127.0.0.1:1068 FIN_WAIT_2:FIN_WAIT_2 lagg0.10 udp 2a00:1450:4001:81f::200e[443] <- 2001:abc:1234:babe::75[38985] NO_TRAFFIC:SINGLE gif0 udp 2001:abc:1234:babe::75[38985] -> 2a00:1450:4001:81f::200e[443] SINGLE:NO_TRAFFIC lagg0.10 tcp 2a00:1450:400e:80a::200d[443] <- 2001:abc:1234:babe::75[46816] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe::75[46816] -> 2a00:1450:400e:80a::200d[443] ESTABLISHED:ESTABLISHED lagg0.10 udp 8.8.8.8:53 <- 192.168.64.62:32870 MULTIPLE:MULTIPLE pppoe0 udp 214.123.45.67:24506 (192.168.64.62:32870) -> 8.8.8.8:53 MULTIPLE:MULTIPLE lo0 tcp 127.0.0.1:22641 -> 127.0.0.1:953 FIN_WAIT_2:FIN_WAIT_2 lagg0.10 udp 8.8.8.8:53 <- 192.168.64.62:58588 MULTIPLE:MULTIPLE pppoe0 udp 214.123.45.67:2959 (192.168.64.62:58588) -> 8.8.8.8:53 MULTIPLE:MULTIPLE lo0 tcp 127.0.0.1:54156 -> 127.0.0.1:953 FIN_WAIT_2:FIN_WAIT_2 lo0 ipv6-icmp ff02::1[16384] <- fe80::219:99ff:fe97:dcaf[16384] NO_TRAFFIC:NO_TRAFFIC lo0 tcp 127.0.0.1:953 <- 127.0.0.1:13290 FIN_WAIT_2:FIN_WAIT_2 pppoe0 udp 192.168.49.250:49960 -> 172.245.77.140:1194 MULTIPLE:MULTIPLE lagg0.23 udp 8.8.8.8:53 <- 100.64.23.101:43117 NO_TRAFFIC:SINGLE pppoe0 udp 100.64.23.101:43117 -> 8.8.8.8:53 SINGLE:NO_TRAFFIC lagg0.23 udp 8.8.4.4:53 <- 100.64.23.101:43117 NO_TRAFFIC:SINGLE pppoe0 udp 100.64.23.101:43117 -> 8.8.4.4:53 SINGLE:NO_TRAFFIC lagg0.23 udp 1.1.1.1:53 <- 100.64.23.101:43117 NO_TRAFFIC:SINGLE pppoe0 udp 100.64.23.101:43117 -> 1.1.1.1:53 SINGLE:NO_TRAFFIC lo0 tcp 127.0.0.1:953 <- 127.0.0.1:39499 FIN_WAIT_2:FIN_WAIT_2 pppoe0 tcp 214.123.45.67:80 <- 218.211.168.178:53057 TIME_WAIT:TIME_WAIT lagg0.10 udp 239.255.255.250:1900 <- 192.168.64.128:10400 NO_TRAFFIC:SINGLE lo0 udp ff02::1:2[547] <- fe80::329c:23ff:feff:abe1[546] NO_TRAFFIC:SINGLE lo0 tcp 127.0.0.1:24971 -> 127.0.0.1:953 FIN_WAIT_2:FIN_WAIT_2 lagg0.10 tcp 217.12.34.56:80 <- 192.168.64.143:50901 TIME_WAIT:TIME_WAIT pppoe0 tcp 214.123.45.67:14777 (192.168.64.143:50901) -> 217.12.34.56:80 TIME_WAIT:TIME_WAIT lo0 tcp 127.0.0.1:26363 -> 127.0.0.1:953 FIN_WAIT_2:FIN_WAIT_2 lagg0.10 ipv6-icmp ff02::16 <- fe80::ea40:f2ff:fe05:ef24 NO_TRAFFIC:NO_TRAFFIC lagg0.10 ipv6-icmp ff02::16 <- fe80::5054:ff:fead:133a NO_TRAFFIC:NO_TRAFFIC lagg0.10 ipv6-icmp ff02::16 <- fe80::f0dd:b7fa:15f1:8421 NO_TRAFFIC:NO_TRAFFIC lagg0.10 ipv6-icmp ff02::16 <- fe80::871c:aa06:53b0:9341 NO_TRAFFIC:NO_TRAFFIC lo0 tcp 127.0.0.1:36966 -> 127.0.0.1:953 FIN_WAIT_2:FIN_WAIT_2 lagg0.10 tcp 217.12.34.56:80 <- 192.168.64.143:50902 TIME_WAIT:TIME_WAIT pppoe0 tcp 214.123.45.67:35327 (192.168.64.143:50902) -> 217.12.34.56:80 TIME_WAIT:TIME_WAIT lagg0.10 ipv6-icmp 2001:abc:1234:babe::254 -> 2001:abc:1234:babe:697e:2d6b:a481:75a7 NO_TRAFFIC:NO_TRAFFIC lagg0.10 ipv6-icmp 2001:abc:1234:babe::254[16384] <- 2001:abc:1234:babe:697e:2d6b:a481:75a7[16384] NO_TRAFFIC:NO_TRAFFIC lagg0.10 udp 148.251.69.45:123 <- 192.168.64.40:54683 SINGLE:MULTIPLE lagg0.30 udp 192.168.49.250:5524 (192.168.64.40:54683) -> 148.251.69.45:123 MULTIPLE:SINGLE lagg0.10 udp 192.168.64.255:65001 <- 192.168.64.40:41323 NO_TRAFFIC:SINGLE lagg0.10 ipv6-icmp 2001:abc:1234:babe:face::f000 <- fe80::f6f5:d8ff:fed8:9e9e NO_TRAFFIC:NO_TRAFFIC lo0 tcp 127.0.0.1:953 <- 127.0.0.1:11327 FIN_WAIT_2:FIN_WAIT_2 lagg0.10 ipv6-icmp fe80::219:99ff:fe97:dcaf[16384] <- fe80::2e0:4cff:fe36:263e[16384] NO_TRAFFIC:NO_TRAFFIC lagg0.20 ipv6-icmp 2001:abc:1234:face::254 -> 2001:abc:1234:face:c00:42ff:fe0a:79d6 NO_TRAFFIC:NO_TRAFFIC lagg0.20 ipv6-icmp 2001:abc:1234:face::254[16384] <- 2001:abc:1234:face:c00:42ff:fe0a:79d6[16384] NO_TRAFFIC:NO_TRAFFIC lagg0.10 icmp 8.8.8.8:1597 <- 192.168.64.65:1597 0:0 pppoe0 icmp 214.123.45.67:21898 (192.168.64.65:1597) -> 8.8.8.8:21898 0:0 lo0 tcp 127.0.0.1:953 <- 127.0.0.1:46874 FIN_WAIT_2:FIN_WAIT_2 lagg0.10 udp 8.8.8.8:53 <- 192.168.64.65:58042 SINGLE:MULTIPLE pppoe0 udp 214.123.45.67:10653 (192.168.64.65:58042) -> 8.8.8.8:53 MULTIPLE:SINGLE lagg0.10 ipv6-icmp 2001:abc:1234:babe:face::f000 -> 2001:abc:1234:babe:8639:beff:fe61:8f31 NO_TRAFFIC:NO_TRAFFIC lagg0.10 ipv6-icmp 2001:abc:1234:babe:face::f000[16384] <- 2001:abc:1234:babe:8639:beff:fe61:8f31[16384] NO_TRAFFIC:NO_TRAFFIC lo0 udp 127.0.0.1:34898 -> 127.0.0.1:53 MULTIPLE:SINGLE lagg0.10 udp 224.0.0.251:5353 <- 192.168.64.93:5353 NO_TRAFFIC:SINGLE lagg0.60 ipv6-icmp fe80::219:99ff:fe97:dcaf <- fe80::92ef:68ff:fed4:f539 NO_TRAFFIC:NO_TRAFFIC lagg0.60 ipv6-icmp fe80::219:99ff:fe97:dcaf[49152] -> fe80::92ef:68ff:fed4:f539[49152] NO_TRAFFIC:NO_TRAFFIC lagg0.10 tcp 217.12.34.56:80 <- 192.168.64.143:50904 TIME_WAIT:TIME_WAIT pppoe0 tcp 214.123.45.67:35647 (192.168.64.143:50904) -> 217.12.34.56:80 TIME_WAIT:TIME_WAIT lo0 tcp 127.0.0.1:8117 -> 127.0.0.1:953 FIN_WAIT_2:FIN_WAIT_2 lo0 tcp 127.0.0.1:953 <- 127.0.0.1:8117 FIN_WAIT_2:FIN_WAIT_2 lagg0.10 ipv6-icmp 2001:abc:1234:babe:face::f000 <- fe80::8639:beff:fe61:8f31 NO_TRAFFIC:NO_TRAFFIC lagg0.10 ipv6-icmp fe80::219:99ff:fe97:dcaf[49152] -> fe80::8639:beff:fe61:8f31[49152] NO_TRAFFIC:NO_TRAFFIC lagg0.10 udp 192.168.64.255:65001 <- 192.168.64.40:52817 NO_TRAFFIC:SINGLE lagg0.20 udp 192.168.65.255:65001 <- 192.168.65.40:41657 NO_TRAFFIC:SINGLE lo0 tcp 127.0.0.1:34294 -> 127.0.0.1:953 FIN_WAIT_2:FIN_WAIT_2 lo0 tcp 127.0.0.1:953 <- 127.0.0.1:34294 FIN_WAIT_2:FIN_WAIT_2 lagg0.10 udp 8.8.8.8:53 <- 192.168.64.62:58678 MULTIPLE:MULTIPLE pppoe0 udp 214.123.45.67:9417 (192.168.64.62:58678) -> 8.8.8.8:53 MULTIPLE:MULTIPLE lagg0.10 ipv6-icmp 2001:abc:1234:babe::254 -> 2001:abc:1234:babe:68df:fcc5:2553:b74b NO_TRAFFIC:NO_TRAFFIC lagg0.10 icmp 8.8.8.8:1487 <- 192.168.64.61:1487 0:0 pppoe0 icmp 214.123.45.67:22968 (192.168.64.61:1487) -> 8.8.8.8:22968 0:0 lagg0.99 tcp 173.194.204.188:5228 <- 172.16.55.153:46440 ESTABLISHED:ESTABLISHED ovpnc7 tcp 172.21.21.6:63814 (172.16.55.153:46440) -> 173.194.204.188:5228 ESTABLISHED:ESTABLISHED lagg0.10 tcp 2a00:3456:7777:888::99[5228] <- 2001:abc:1234:babe:8d3f:e6a6:f657:adc0[45964] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe:8d3f:e6a6:f657:adc0[45964] -> 2a00:3456:7777:888::99[5228] ESTABLISHED:ESTABLISHED pppoe0 icmp 214.123.45.67:7564 -> 87.17.56.78:7564 0:0 lagg0.30 icmp 192.168.49.250:7753 -> 217.56.78.90:7753 0:0 ovpnc4 icmp 10.19.23.2:9638 -> 10.19.23.1:9638 0:0 ovpnc7 icmp 172.21.21.6:9976 -> 172.21.21.1:9976 0:0 lagg0.10 icmp 192.168.64.254:10436 -> 192.168.64.40:10436 0:0 ovpnc8 icmp 172.17.23.41:11043 -> 172.17.23.1:11043 0:0 lagg0.60 ipv6-icmp fe80::219:99ff:fe97:dcaf[11450] -> fe80::92ef:68ff:fed4:f539[11450] NO_TRAFFIC:NO_TRAFFIC lagg0.10 tcp 192.168.64.254:22 <- 192.168.64.147:47394 ESTABLISHED:ESTABLISHED lagg0.10 tcp 192.30.253.124:443 <- 192.168.64.147:34000 ESTABLISHED:ESTABLISHED pppoe0 tcp 214.123.45.67:8229 (192.168.64.147:34000) -> 192.30.253.124:443 ESTABLISHED:ESTABLISHED lagg0.99 tcp 172.217.7.138:443 <- 172.16.55.153:44518 ESTABLISHED:ESTABLISHED ovpnc7 tcp 172.21.21.6:56255 (172.16.55.153:44518) -> 172.217.7.138:443 ESTABLISHED:ESTABLISHED lagg0.99 tcp 172.217.6.10:443 <- 172.16.55.153:59122 ESTABLISHED:ESTABLISHED ovpnc3 tcp 10.18.23.2:61690 (172.16.55.153:59122) -> 172.217.6.10:443 ESTABLISHED:ESTABLISHED lagg0.10 tcp 192.30.253.125:443 <- 192.168.64.147:46156 ESTABLISHED:ESTABLISHED pppoe0 tcp 214.123.45.67:19089 (192.168.64.147:46156) -> 192.30.253.125:443 ESTABLISHED:ESTABLISHED lagg0.10 tcp 52.20.247.134:443 <- 192.168.64.147:59308 ESTABLISHED:ESTABLISHED pppoe0 tcp 214.123.45.67:5683 (192.168.64.147:59308) -> 52.20.247.134:443 ESTABLISHED:ESTABLISHED lagg0.20 udp 129.70.132.33:123 <- 192.168.65.65:40300 MULTIPLE:MULTIPLE pppoe0 udp 214.123.45.67:14207 (192.168.65.65:40300) -> 129.70.132.33:123 MULTIPLE:MULTIPLE lagg0.20 udp 213.202.247.29:123 <- 192.168.65.65:52708 MULTIPLE:MULTIPLE pppoe0 udp 214.123.45.67:41538 (192.168.65.65:52708) -> 213.202.247.29:123 MULTIPLE:MULTIPLE lagg0.10 tcp 217.12.34.56:22 <- 192.168.64.5:34682 ESTABLISHED:ESTABLISHED pppoe0 tcp 214.123.45.67:30339 (192.168.64.5:34682) -> 217.12.34.56:22 ESTABLISHED:ESTABLISHED lagg0.10 tcp 2a00:1450:4001:821::200e[443] <- 2001:abc:1234:babe:59a8:3f13:c0e3:9997[56583] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe:59a8:3f13:c0e3:9997[56583] -> 2a00:1450:4001:821::200e[443] ESTABLISHED:ESTABLISHED lagg0.20 udp 192.168.65.254:123 <- 192.168.65.65:58634 MULTIPLE:MULTIPLE lagg0.10 tcp 2a00:1450:400c:c06::bc[5228] <- 2001:abc:1234:babe:c81:e940:e437:c0c7[48315] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe:c81:e940:e437:c0c7[48315] -> 2a00:1450:400c:c06::bc[5228] ESTABLISHED:ESTABLISHED lagg0.10 tcp 2610:123:45:18::199[443] <- 2001:abc:1234:babe::75[57720] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe::75[57720] -> 2610:123:45:18::199[443] ESTABLISHED:ESTABLISHED lagg0.10 tcp 2a00:1450:4013:c05::bc[5228] <- 2001:abc:1234:babe:48ec:3b2:2f11:e92[45193] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe:48ec:3b2:2f11:e92[45193] -> 2a00:1450:4013:c05::bc[5228] ESTABLISHED:ESTABLISHED lagg0.10 tcp 2a00:1450:400c:c06::bd[443] <- 2001:abc:1234:babe:48ec:3b2:2f11:e92[36277] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe:48ec:3b2:2f11:e92[36277] -> 2a00:1450:400c:c06::bd[443] ESTABLISHED:ESTABLISHED lagg0.10 tcp 159.12.34.3:443 <- 192.168.64.182:36252 ESTABLISHED:ESTABLISHED pppoe0 tcp 214.123.45.67:51102 (192.168.64.182:36252) -> 159.12.34.3:443 ESTABLISHED:ESTABLISHED lagg0.10 tcp 2a00:1450:400c:c07::bc[5228] <- 2001:abc:1234:babe:edb2:6d0d:2929:1228[56935] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe:edb2:6d0d:2929:1228[56935] -> 2a00:1450:400c:c07::bc[5228] ESTABLISHED:ESTABLISHED lagg0.20 udp 2a03:4000:2b:342::4d:2b4a[123] <- 2001:abc:1234:face:c00:42ff:fe0a:79d6[46116] MULTIPLE:MULTIPLE gif0 udp 2001:abc:1234:face:c00:42ff:fe0a:79d6[46116] -> 2a03:4000:2b:342::4d:2b4a[123] MULTIPLE:MULTIPLE lagg0.20 udp 2a01:4f8:171:1e68::2[123] <- 2001:abc:1234:face:c00:42ff:fe0a:79d6[44069] MULTIPLE:MULTIPLE gif0 udp 2001:abc:1234:face:c00:42ff:fe0a:79d6[44069] -> 2a01:4f8:171:1e68::2[123] MULTIPLE:MULTIPLE lagg0.10 tcp 2a00:3456:7777:888::99[5228] <- 2001:abc:1234:babe:68df:fcc5:2553:b74b[37361] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe:68df:fcc5:2553:b74b[37361] -> 2a00:3456:7777:888::99[5228] ESTABLISHED:ESTABLISHED lagg0.20 udp 136.243.177.133:123 <- 192.168.65.65:34129 MULTIPLE:MULTIPLE pppoe0 udp 214.123.45.67:13026 (192.168.65.65:34129) -> 136.243.177.133:123 MULTIPLE:MULTIPLE lagg0.20 udp 144.76.43.40:123 <- 192.168.65.65:54000 MULTIPLE:MULTIPLE pppoe0 udp 214.123.45.67:4162 (192.168.65.65:54000) -> 144.76.43.40:123 MULTIPLE:MULTIPLE lagg0.10 tcp 62.111.222.33:993 <- 192.168.64.147:42178 ESTABLISHED:ESTABLISHED lagg0.20 udp 87.106.180.117:123 <- 192.168.65.65:52672 MULTIPLE:MULTIPLE pppoe0 tcp 214.123.45.67:35732 (192.168.64.147:42178) -> 62.111.222.33:993 ESTABLISHED:ESTABLISHED pppoe0 udp 214.123.45.67:45295 (192.168.65.65:52672) -> 87.106.180.117:123 MULTIPLE:MULTIPLE gif0 udp 2003:ab:deff:1234:5678:23ff:feff:abe1[23506] -> 2a00:aaaa:eeee:722::228[1194] MULTIPLE:MULTIPLE lagg0.10 tcp 2a00:1450:400c:c07::bc[5228] <- 2001:abc:1234:babe:697e:2d6b:a481:75a7[39378] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe:697e:2d6b:a481:75a7[39378] -> 2a00:1450:400c:c07::bc[5228] ESTABLISHED:ESTABLISHED lagg0.10 tcp 2a00:1450:400c:c08::bc[5228] <- 2001:abc:1234:babe::75[41024] ESTABLISHED:ESTABLISHED gif0 tcp 2001:abc:1234:babe::75[41024] -> 2a00:1450:400c:c08::bc[5228] ESTABLISHED:ESTABLISHED INFO: Status: Enabled for 13 days 07:32:33 Debug: Urgent Interface Stats for lagg0.10 IPv4 IPv6 Bytes In 8757634766 79434176086 Bytes Out 517895990838 1134061635473 Packets In Passed 109631841 431419991 Blocked 78407 5234 Packets Out Passed 381650882 916327473 Blocked 128 57 State Table Total Rate current entries 415 searches 5323172533 4627.4/s inserts 10134244 8.8/s removals 10133829 8.8/s Counters match 11117654 9.7/s bad-offset 0 0.0/s fragment 14 0.0/s short 0 0.0/s normalize 0 0.0/s memory 0 0.0/s bad-timestamp 0 0.0/s congestion 0 0.0/s ip-option 2387 0.0/s proto-cksum 0 0.0/s state-mismatch 913 0.0/s state-insert 65 0.0/s state-limit 0 0.0/s src-limit 0 0.0/s synproxy 0 0.0/s map-failed 0 0.0/s LABEL COUNTERS: Block IPv4 link-local 11110079 24 4887 24 4887 0 0 0 Block IPv4 link-local 4845140 0 0 0 0 0 0 0 Default deny rule IPv4 4845163 486623 49820606 486623 49820606 0 0 0 Default deny rule IPv4 9008494 87 10605 0 0 87 10605 0 Default deny rule IPv6 11110012 466684 109388344 466684 109388344 0 0 0 Default deny rule IPv6 6264960 0 0 0 0 0 0 0 Block traffic from port 0 9470362 10 400 10 400 0 0 0 Block traffic from port 0 9349657 10 400 10 400 0 0 0 Block traffic to port 0 7615978 1 40 1 40 0 0 0 Block traffic to port 0 7564532 1 40 1 40 0 0 0 Block traffic from port 0 9470266 0 0 0 0 0 0 0 Block traffic from port 0 9243377 0 0 0 0 0 0 0 Block traffic to port 0 1854346 0 0 0 0 0 0 0 Block traffic to port 0 1845012 0 0 0 0 0 0 0 Block snort2c hosts 9470310 0 0 0 0 0 0 0 Block snort2c hosts 9470300 0 0 0 0 0 0 0 sshguard 9470275 0 0 0 0 0 0 0 webConfiguratorlockout 1613895 0 0 0 0 0 0 0 virusprot overload table 6046009 0 0 0 0 0 0 0 allow dhcpv6 client in WAN 6044525 0 0 0 0 0 0 0 allow dhcpv6 client in WAN 100454 0 0 0 0 0 0 0 allow dhcpv6 client out WAN 3432989 9590 728840 0 0 9590 728840 541 allow access to DHCP server 4844961 4266 1400381 4266 1400381 0 0 0 allow access to DHCP server 1009 2184 754769 1151 406447 1033 348322 55 allow access to DHCP server 5676854 6 2062 3 1073 3 989 0 allow access to DHCPv6 server 3466114 13699 2041040 2444 388596 11255 1652444 242 allow access to DHCPv6 server 14485 0 0 0 0 0 0 0 allow access to DHCPv6 server 14403 20192 2272138 20192 2272138 0 0 245 allow access to DHCPv6 server 82406 0 0 0 0 0 0 0 allow access to DHCPv6 server 82905 0 0 0 0 0 0 0 allow access to DHCPv6 server 82905 0 0 0 0 0 0 0 allow access to DHCP server 6029555 0 0 0 0 0 0 0 allow access to DHCP server 318 636 208608 318 104304 318 104304 18 allow access to DHCP server 3653812 0 0 0 0 0 0 0 allow dhcpv6 client in 2ND-UPLINK 9374615 0 0 0 0 0 0 0 allow dhcpv6 client in 2ND-UPLINK 451238 0 0 0 0 0 0 0 allow dhcpv6 client out 2ND-UPLINK 1154840 0 0 0 0 0 0 0 allow dhcpv6 client in LTEBACKUP 6029140 0 0 0 0 0 0 0 allow dhcpv6 client in LTEBACKUP 26 26 3016 26 3016 0 0 1 allow dhcpv6 client out LTEBACKUP 3412761 26 2184 0 0 26 2184 1 allow access to DHCP server 0 0 0 0 0 0 0 0 allow access to DHCP server 0 0 0 0 0 0 0 0 allow access to DHCP server 3412757 0 0 0 0 0 0 0 allow access to DHCPv6 server 31713 0 0 0 0 0 0 0 allow access to DHCPv6 server 0 0 0 0 0 0 0 0 allow access to DHCPv6 server 0 0 0 0 0 0 0 0 allow access to DHCPv6 server 0 0 0 0 0 0 0 0 allow access to DHCP server 24367 2 656 2 656 0 0 0 allow access to DHCP server 426 855 294832 428 154776 427 140056 27 allow access to DHCP server 3420344 2 684 1 356 1 328 0 allow access to DHCP server 0 0 0 0 0 0 0 0 allow access to DHCP server 0 0 0 0 0 0 0 0 allow access to DHCP server 3412753 0 0 0 0 0 0 0 allow access to DHCP server 49 0 0 0 0 0 0 0 allow access to DHCP server 0 0 0 0 0 0 0 0 allow access to DHCP server 3412771 0 0 0 0 0 0 0 allow access to DHCP server 4843136 0 0 0 0 0 0 0 allow access to DHCP server 638 1276 435896 638 209264 638 226632 36 allow access to DHCP server 3584684 0 0 0 0 0 0 0 pass IPv4 loopback 4842558 35112179 4960226751 17670261 1574518510 17441918 3385708241 23033 pass IPv4 loopback 3761163 0 0 0 0 0 0 0 pass IPv6 loopback 1901778 63000 13824972 33862 2192610 29138 11632362 2190 pass IPv6 loopback 396699 0 0 0 0 0 0 0 let out anything IPv4 from firewall host itself 9411732 40323181 6616798358 19868823 4469917927 20454358 2146880431 32607 let out anything IPv6 from firewall host itself 3412724 6328712 4154685317 3483896 3542004628 2844816 612680689 4097 let out anything from firewall host itself 3412673 274248630 290508895238 215097279 286177875067 59151351 4331020171 37131 let out anything from firewall host itself 3412727 1253431 172532818 416398 65523256 837033 107009562 2238 let out anything from firewall host itself 3412741 205080078 233274413335 165032980 230988350820 40047098 2286062515 247 let out anything from firewall host itself 3412706 576417 89374853 286374 53055933 290043 36318920 2264 let out anything from firewall host itself 3412730 104 35094 51 25701 53 9393 0 let out anything from firewall host itself 3412729 0 0 0 0 0 0 0 let out anything from firewall host itself 3412735 2127446 1516300150 1192531 1429385088 934915 86915062 788 let out anything from firewall host itself 2770921 1625476 1103887603 922676 1048638908 702800 55248695 788 let out anything from firewall host itself 2770910 2214200 1613989276 1239963 1476138443 974237 137850833 783 let out anything from firewall host itself 2679963 23505 4335795 11915 3181349 11590 1154446 37 IPsec internal host to host 3412621 1079336 475216445 459356 94371441 619980 380845004 718 anti-lockout rule 9442940 0 0 0 0 0 0 0 anti-lockout rule 9157296 0 0 0 0 0 0 0 anti-lockout rule 9157296 0 0 0 0 0 0 0 USER_RULE: pfB_DNSBL_Ping 9442850 0 0 0 0 0 0 0 USER_RULE: pfB_DNSBL_Permit 3232888 0 0 0 0 0 0 0 USER_RULE: pfB_DNSBL_Permit 3190016 0 0 0 0 0 0 0 USER_RULE: pfB_DNSBL_Permit 3223406 0 0 0 0 0 0 0 USER_RULE: pfB_DNSBL_Permit 3190016 0 0 0 0 0 0 0 USER_RULE: Block all from vpn.ug0.de 9048969 18701 602968 18701 602968 0 0 0 NEGATE_ROUTE: Negate policy routing for destination 9421950 713704 118387753 328176 82308382 385528 36079371 220 USER_RULE: lan 0 0 0 0 0 0 0 0 NEGATE_ROUTE: Negate policy routing for destination 6009489 713703 118387645 385527 36079263 328176 82308382 220 USER_RULE: lan 0 0 0 0 0 0 0 0 NEGATE_ROUTE: Negate policy routing for destination 1442968 1122835109 1024803898830 781861633 992715847843 340973476 32088050987 6320 USER_RULE: lan 0 0 0 0 0 0 0 0 NEGATE_ROUTE: Negate policy routing for destination 993355 1123118688 1024927150218 341083654 32099156069 782035034 992827994149 7338 USER_RULE: lan 5231 0 0 0 0 0 0 0 USER_RULE: Garagecam RaspberryPi 773714 0 0 0 0 0 0 0 USER_RULE: cacti 94896 0 0 0 0 0 0 0 USER_RULE: login.domain.com 94895 5147432 3594868431 1937187 199235648 3210245 3395632783 0 USER_RULE: login.domain.com 185 497396 438885518 308084 362121644 189312 76763874 0 USER_RULE: mailserver sophos 94762 0 0 0 0 0 0 0 USER_RULE: mailserver sophos 94715 0 0 0 0 0 0 0 USER_RULE: mailserver sophos 94715 0 0 0 0 0 0 0 USER_RULE: orange pi camera 94764 35524 28706686 13641 983710 21883 27722976 0 USER_RULE: utm.domain.com 94760 0 0 0 0 0 0 0 USER_RULE: zabc.domain.com 94761 0 0 0 0 0 0 0 USER_RULE: zabc.domain.com 139984 0 0 0 0 0 0 0 USER_RULE: zabc.domain.com 337798 0 0 0 0 0 0 0 USER_RULE: zabc.domain.com 337798 0 0 0 0 0 0 0 USER_RULE: utm.domain.com 679124 4214 433360 2209 176720 2005 256640 108 USER_RULE: login.domain.com 472 0 0 0 0 0 0 0 USER_RULE: tvheadend_usa_test 472 36996 28549354 13284 1262117 23712 27287237 0 USER_RULE: login.domain.com 0 0 0 0 0 0 0 0 USER_RULE: orange pi camera 676752 0 0 0 0 0 0 0 USER_RULE 7880194 0 0 0 0 0 0 0 USER_RULE 7830720 0 0 0 0 0 0 0 USER_RULE 8464464 18358 9280368 10936 6583044 7422 2697324 0 USER_RULE 8462972 0 0 0 0 0 0 0 USER_RULE 0 0 0 0 0 0 0 0 USER_RULE 0 0 0 0 0 0 0 0 USER_RULE 8424094 0 0 0 0 0 0 0 USER_RULE 8156487 0 0 0 0 0 0 0 USER_RULE 2698 0 0 0 0 0 0 0 USER_RULE 8463910 306582 287325123 185357 224002901 121225 63322222 213 USER_RULE 8193549 299007 282299269 182789 223703066 116218 58596203 0 USER_RULE 110 0 0 0 0 0 0 0 USER_RULE 82 0 0 0 0 0 0 0 USER_RULE 82 0 0 0 0 0 0 0 USER_RULE 110 82 5656 82 5656 0 0 0 USER_RULE: alfred 0 0 0 0 0 0 0 0 USER_RULE: alfred 0 0 0 0 0 0 0 0 USER_RULE: OpenVPN wizard 8403258 38 3192 21 1764 17 1428 0 USER_RULE 0 0 0 0 0 0 0 0 USER_RULE 0 0 0 0 0 0 0 0 USER_RULE 1614 0 0 0 0 0 0 0 USER_RULE 1614 0 0 0 0 0 0 0 USER_RULE 1614 0 0 0 0 0 0 0 USER_RULE 1614 0 0 0 0 0 0 0 USER_RULE 1614 1224080 700943885 505274 87340256 718806 613603629 0 USER_RULE 1614 1224080 700943885 505274 87340256 718806 613603629 0 USER_RULE 125 0 0 0 0 0 0 0 USER_RULE 125 0 0 0 0 0 0 0 USER_RULE 125 0 0 0 0 0 0 0 USER_RULE: OpenVPN wizard 0 0 0 0 0 0 0 0 NEGATE_ROUTE: Negate policy routing for destination 4051030 0 0 0 0 0 0 0 USER_RULE 0 0 0 0 0 0 0 0 USER_RULE: rrr 0 0 0 0 0 0 0 0 USER_RULE: rrr 0 0 0 0 0 0 0 0 NEGATE_ROUTE: Negate policy routing for destination 4397568 0 0 0 0 0 0 0 USER_RULE 0 0 0 0 0 0 0 0 USER_RULE: Easy Rule: Blocked from Firewall Log View 8364574 394 15760 394 15760 0 0 0 USER_RULE 99540 4809 182186 2462 95370 2347 86816 255 USER_RULE 97142 17413 2969414 8743 1242413 8670 1727001 62 USER_RULE 92353 16983 2935192 8513 1227350 8470 1707842 0 USER_RULE 70427 7240 1976336 3635 318078 3605 1658258 14 USER_RULE 66840 7118 1953112 3567 313402 3551 1639710 0 USER_RULE: OpenVPN wizard 96714 3 116 3 116 0 0 1 USER_RULE: OpenVPN wizard 6639 26 5912 26 5912 0 0 2 USER_RULE: OpenVPN OSPF Test 6613 0 0 0 0 0 0 0 USER_RULE: OpenVPN OSPF Test 6563 0 0 0 0 0 0 0 USER_RULE: OpenVPN wizard 7131 6282 557161 3161 276306 3121 280855 2 USER_RULE 55307 42 4368 21 2184 21 2184 3 USER_RULE: HurricaneElectics 96654 0 0 0 0 0 0 0 USER_RULE: HurricaneElectics 0 0 0 0 0 0 0 0 USER_RULE: manitu / alfred 95684 264 50388 121 23955 143 26433 30 USER_RULE: NAT test 95621 324 15732 324 15732 0 0 0 USER_RULE: NAT 69617 0 0 0 0 0 0 0 USER_RULE: NAT Colonel Portforwarding 69617 0 0 0 0 0 0 0 USER_RULE: NAT Colonel Portforwarding 67316 0 0 0 0 0 0 0 USER_RULE: NAT Colonel Portforwarding 19245 48 2286 30 1434 18 852 0 USER_RULE: NAT Colonel Portforwarding 19245 48 2286 30 1434 18 852 0 USER_RULE 6847863 0 0 0 0 0 0 0 USER_RULE 3537899 0 0 0 0 0 0 0 USER_RULE 3537890 104 35094 53 9393 51 25701 0 USER_RULE 3537689 0 0 0 0 0 0 0 USER_RULE 3491981 0 0 0 0 0 0 0 USER_RULE 3537671 0 0 0 0 0 0 0 NEGATE_ROUTE: Negate policy routing for destination 1632135 1202 125008 601 62504 601 62504 0 USER_RULE 1301 121879 64003024 54997 8064651 66882 55938373 110 USER_RULE 3536344 1560583 366313348 814050 156479015 746533 209834333 0 USER_RULE 3396114 2 168 1 84 1 84 0 NEGATE_ROUTE: Negate policy routing for destination 3465885 907255 89426290 453630 34853573 453625 54572717 31 USER_RULE: test 231063 466640 40476603 235450 20189052 231190 20287551 0 NEGATE_ROUTE: Negate policy routing for destination 2980438 901678 88835589 450848 34639588 450830 54196001 0 USER_RULE: test 13009 759725 719029159 243739 11477182 515986 707551977 0 NEGATE_ROUTE: Negate policy routing for destination 1667837 0 0 0 0 0 0 0 USER_RULE 0 0 0 0 0 0 0 0 NEGATE_ROUTE: Negate policy routing for destination 814226 0 0 0 0 0 0 0 USER_RULE 0 0 0 0 0 0 0 0 NEGATE_ROUTE: Negate policy routing for destination 1707884 0 0 0 0 0 0 0 USER_RULE: test 0 0 0 0 0 0 0 0 NEGATE_ROUTE: Negate policy routing for destination 2555412 0 0 0 0 0 0 0 USER_RULE 0 0 0 0 0 0 0 0 NEGATE_ROUTE: Negate policy routing for destination 1661771 0 0 0 0 0 0 0 USER_RULE 0 0 0 0 0 0 0 0 NEGATE_ROUTE: Negate policy routing for destination 1707946 489869 276137885 330557 250165327 159312 25972558 4938 USER_RULE: test 481723 416099342 476751906216 78781447 4696529622 337317895 472055376594 586 USER_RULE 1953326 58203789 44961247977 21919427 2309940735 36284362 42651307242 40024 USER_RULE 1913303 54781395 42265983307 20637918 2196415829 34143477 40069567478 0 USER_RULE 76113 0 0 0 0 0 0 0 USER_RULE 76098 0 0 0 0 0 0 0 USER_RULE 76113 0 0 0 0 0 0 0 USER_RULE 72587 0 0 0 0 0 0 0 USER_RULE 76113 0 0 0 0 0 0 0 USER_RULE 72608 0 0 0 0 0 0 0 USER_RULE 76113 0 0 0 0 0 0 0 USER_RULE 72587 0 0 0 0 0 0 0 USER_RULE 76113 0 0 0 0 0 0 0 USER_RULE 76092 0 0 0 0 0 0 0 USER_RULE 76113 0 0 0 0 0 0 0 USER_RULE 76092 0 0 0 0 0 0 0 USER_RULE 76114 0 0 0 0 0 0 0 USER_RULE 76093 0 0 0 0 0 0 0 USER_RULE 76113 0 0 0 0 0 0 0 USER_RULE 76092 0 0 0 0 0 0 0 USER_RULE 82125 0 0 0 0 0 0 0 NEGATE_ROUTE: Negate policy routing for destination 1459233 325273 135573433 217722 111075594 107551 24497839 0 USER_RULE 5227 0 0 0 0 0 0 0 USER_RULE 153207 0 0 0 0 0 0 0 USER_RULE 76114 0 0 0 0 0 0 0 USER_RULE 76115 0 0 0 0 0 0 0 USER_RULE 76115 0 0 0 0 0 0 0 USER_RULE 76115 0 0 0 0 0 0 0 USER_RULE 76115 0 0 0 0 0 0 0 USER_RULE 76094 0 0 0 0 0 0 0 USER_RULE: Sophos 76115 0 0 0 0 0 0 0 USER_RULE: Sophos 76094 0 0 0 0 0 0 0 USER_RULE 76114 0 0 0 0 0 0 0 USER_RULE 76093 0 0 0 0 0 0 0 USER_RULE 76113 0 0 0 0 0 0 0 USER_RULE 81961 0 0 0 0 0 0 0 NEGATE_ROUTE: Negate policy routing for destination 67343 688173 168294883 688113 168290557 60 4326 5801 USER_RULE 5231 0 0 0 0 0 0 0 USER_RULE 3310140 2705534 1281160332 1282357 136489528 1423177 1144670804 4713 NEGATE_ROUTE: Negate policy routing for destination 13666 1059248 301935759 1059220 301933872 28 1887 0 USER_RULE 0 0 0 0 0 0 0 0 USER_RULE 408 0 0 0 0 0 0 0 USER_RULE 408 0 0 0 0 0 0 0 NEGATE_ROUTE: Negate policy routing for destination 400 0 0 0 0 0 0 0 USER_RULE 0 0 0 0 0 0 0 0 USER_RULE: Let's Encrypt 1905291 467 23969 452 22139 15 1830 37 USER_RULE: NAT pfsense-from-g.domain.com 1091908 11441 7996171 4608 363462 6833 7632709 0 USER_RULE: rotorouter-3 - admin interface via 2ND-UPLINK 0 0 0 0 0 0 0 0 USER_RULE 468 7 380 4 216 3 164 0 USER_RULE: NAT TVHEadend-test 179 0 0 0 0 0 0 0 USER_RULE 179 0 0 0 0 0 0 0 USER_RULE: StreamingGaragecamSSH 179 0 0 0 0 0 0 0 USER_RULE: StreamingGaragecamMJPG 0 0 0 0 0 0 0 0 USER_RULE: StreamingGaragecam 0 0 0 0 0 0 0 0 USER_RULE 1873719 0 0 0 0 0 0 0 USER_RULE 10157 0 0 0 0 0 0 0 USER_RULE 10157 0 0 0 0 0 0 0 USER_RULE 10157 9202 294464 9202 294464 0 0 0 USER_RULE 9638 8683 277856 8683 277856 0 0 0 USER_RULE 2091113 734 62212 367 23402 367 38810 1 USER_RULE: Ping Experimental ::254 1887961 0 0 0 0 0 0 0 USER_RULE 87872 0 0 0 0 0 0 0 USER_RULE 15 0 0 0 0 0 0 0 USER_RULE 15 0 0 0 0 0 0 0 USER_RULE 15 1 60 1 60 0 0 0 USER_RULE 15 13 3996 13 3996 0 0 0 USER_RULE 3 1 60 1 60 0 0 0 USER_RULE 3 1 60 1 60 0 0 0 USER_RULE 1968185 0 0 0 0 0 0 0 USER_RULE 1810648 0 0 0 0 0 0 0 USER_RULE 1965551 0 0 0 0 0 0 0 USER_RULE 1965464 0 0 0 0 0 0 0 USER_RULE 1808068 0 0 0 0 0 0 0 USER_RULE 1808068 0 0 0 0 0 0 0 USER_RULE 1808068 0 0 0 0 0 0 0 USER_RULE: TVHeadend-server-allowed 24013 0 0 0 0 0 0 0 USER_RULE: TVHeadend-server-allowed 21522 0 0 0 0 0 0 0 USER_RULE 23896 0 0 0 0 0 0 0 USER_RULE 23898 0 0 0 0 0 0 0 NEGATE_ROUTE: Negate policy routing for destination 23649 0 0 0 0 0 0 0 USER_RULE 0 0 0 0 0 0 0 0 NEGATE_ROUTE: Negate policy routing for destination 23889 16591 3447566 8911 1161028 7680 2286538 61 USER_RULE 23196 5706672 4167615168 2524172 278978525 3182500 3888636643 2365 USER_RULE 1942127 0 0 0 0 0 0 0 USER_RULE 1942155 0 0 0 0 0 0 0 USER_RULE 0 0 0 0 0 0 0 0 USER_RULE 1942110 0 0 0 0 0 0 0 USER_RULE 1901060 0 0 0 0 0 0 0 USER_RULE 1942152 10546 9759068 6928 9153377 3618 605691 0 USER_RULE 1942106 26303 2349248 26128 2331548 175 17700 461 USER_RULE 1787679 24662 2207712 24500 2191152 162 16560 0 USER_RULE 181535 0 0 0 0 0 0 0 USER_RULE 171958 0 0 0 0 0 0 0 USER_RULE 172499 0 0 0 0 0 0 0 NEGATE_ROUTE: Negate policy routing for destination 96195 0 0 0 0 0 0 0 USER_RULE 166425 8696307 1604650328 1768136 396422741 6928171 1208227587 9288 USER_RULE 1724683 0 0 0 0 0 0 0 USER_RULE 1580546 0 0 0 0 0 0 0 IPsec: PALOALTO - outbound isakmp 4296208 0 0 0 0 0 0 0 IPsec: PALOALTO - inbound isakmp 2622454 0 0 0 0 0 0 0 IPsec: PALOALTO - outbound nat-t 2622047 0 0 0 0 0 0 0 IPsec: PALOALTO - inbound nat-t 2622057 0 0 0 0 0 0 0 IPsec: PALOALTO - outbound esp proto 4105432 0 0 0 0 0 0 0 IPsec: PALOALTO - inbound esp proto 1338640 0 0 0 0 0 0 0 IPsec: acmeboom2.domain.com - outbound isakmp 4105445 25443 2290435 12719 1139949 12724 1150486 16 IPsec: acmeboom2.domain.com - inbound isakmp 2622458 0 0 0 0 0 0 0 IPsec: acmeboom2.domain.com - outbound nat-t 2532661 0 0 0 0 0 0 0 IPsec: acmeboom2.domain.com - inbound nat-t 2528698 0 0 0 0 0 0 0 IPsec: acmeboom2.domain.com - outbound esp proto 4104480 900411 513274744 370386 108453612 530025 404821132 337 IPsec: acmeboom2.domain.com - inbound esp proto 1337675 0 0 0 0 0 0 0 IPsec: Client Mobile IPSec ac.domain.com - inbound isakmp 2862180 23714 2101871 11862 1049263 11852 1052608 11 IPsec: Client Mobile IPSec ac.domain.com - inbound nat-t 6525 228534 228091722 134601 162261342 93933 65830380 0 IPsec: Client Mobile IPSec ac.domain.com - inbound esp proto 95362 209 66288 103 45484 106 20804 0 TIMEOUTS: tcp.first 120s tcp.opening 30s tcp.established 86400s tcp.closing 900s tcp.finwait 45s tcp.closed 90s tcp.tsdiff 30s udp.first 60s udp.single 30s udp.multiple 60s icmp.first 20s icmp.error 10s other.first 60s other.single 30s other.multiple 60s frag 30s interval 10s adaptive.start 975000 states adaptive.end 1950000 states src.track 0s LIMITS: states hard limit 1625000 src-nodes hard limit 1625000 frags hard limit 5000 table-entries hard limit 2000000 TABLES: Allowed_for_JonDoe EasyRuleBlockHostsWAN IPSecMobileClients LANTRUSTED LoadBalancing OSPF_NETS OrangePiZeroFarm TelekomWWWProxyNET This_IPs_to_LB_USA US_Zones JonDoe_IPv6_ACME bogons forbidden_ips_incoming negate_networks route_to_USA snort2c sshguard tauceti_ipv6 tvheadend_local virusprot vpn_networks webConfiguratorlockout OS FINGERPRINTS: 762 fingerprints loaded