GRE Tunnel, Possible Bug.
-
At extraip.nl i have a small test /29 subnet. After the setup the subnet works fine, but after a reboot there is no traffic going trough the GRE tunnel. What am i doing wrong?
I first configure an interface and a static ipv4 address (the first in the /29 subnet)
Then i configure a firewall rule to pass all traffic to and from the interface.
And i enable the DHCP server op the interface to hand out the remaining 5 ip’s
Then i configure the GRE tunnel, and tun the automatic outbound NAT on manual and remove the auto created rules.At this point all the traffic from the /29 subnet goes through the GRE tunnel.
After a reboot no traffic goes though the GRE tunnel, and a system backup does not work.Am i doing this wrong, ore is this a bug?
Thanks in advance and let me know if there more helpful information I can provide about the problem.
<pfsense><version>15.5</version> <lastchange><system><optimization>normal</optimization> <hostname>Omroep_BO_pfSense</hostname> <domain>localdomain</domain> <group><name>all</name> <scope>system</scope> <gid>1998</gid></group> <group><name>admins</name> <scope>system</scope> <gid>1999</gid> <member>0</member> <priv>page-all</priv></group> <user><name>admin</name> <scope>system</scope> <groupname>admins</groupname> <bcrypt-hash>xxxxxxxxxxx/bcrypt-hash> <uid>0</uid> <priv>user-shell-access</priv> <expires><dashboardcolumns>2</dashboardcolumns> <authorizedkeys><ipsecpsk><webguicss>pfSense.css</webguicss></ipsecpsk></authorizedkeys></expires></bcrypt-hash></user> <nextuid>2000</nextuid> <nextgid>2000</nextgid> <timeservers>0.pfsense.pool.ntp.org</timeservers> <webgui><protocol>https</protocol> <loginautocomplete><ssl-certref>57f7a36617876</ssl-certref> <port><max_procs>2</max_procs> <dashboardcolumns>3</dashboardcolumns> <webguicss>pfSense.css</webguicss> <webguileftcolumnhyper><dashboardavailablewidgetspanel><systemlogsfilterpanel><systemlogsmanagelogpanel><statusmonitoringsettingspanel></statusmonitoringsettingspanel></systemlogsmanagelogpanel></systemlogsfilterpanel></dashboardavailablewidgetspanel></webguileftcolumnhyper></port></loginautocomplete></webgui> <disablenatreflection>yes</disablenatreflection> <disablesegmentationoffloading><disablelargereceiveoffloading><powerd_ac_mode>hadp</powerd_ac_mode> <powerd_battery_mode>hadp</powerd_battery_mode> <powerd_normal_mode>hadp</powerd_normal_mode> <bogons><interval>monthly</interval></bogons> <enableserial><disableconsolemenu><serialspeed>115200</serialspeed> <enablesshd>enabled</enablesshd> <use_mfs_tmp_size><use_mfs_var_size><timezone>Europe/Amsterdam</timezone> <language>en_US</language> <dns1gw>WAN_DHCP</dns1gw> <dns2gw>WAN_DHCP</dns2gw> <dns3gw>WAN_DHCP</dns3gw> <dns4gw>WAN_DHCP</dns4gw> <dnsserver>84.116.46.23</dnsserver> <dnsserver>84.116.46.22</dnsserver> <dnsserver>209.244.0.3</dnsserver> <dnsserver>209.244.0.4</dnsserver> <dnsallowoverride><proxyuser>admin</proxyuser> <maximumtableentries>2000000</maximumtableentries> <ipv6allow><powerd_enable><thermal_hardware>amdtemp</thermal_hardware></powerd_enable></ipv6allow></dnsallowoverride></use_mfs_var_size></use_mfs_tmp_size></disableconsolemenu></enableserial></disablelargereceiveoffloading></disablesegmentationoffloading></system> <interfaces><wan><enable><if>re1_vlan128</if> <blockpriv><blockbogons><alias-address><alias-subnet>32</alias-subnet> <spoofmac><ipaddr>dhcp</ipaddr> <dhcphostname><dhcprejectfrom><adv_dhcp_pt_timeout><adv_dhcp_pt_retry><adv_dhcp_pt_select_timeout><adv_dhcp_pt_reboot><adv_dhcp_pt_backoff_cutoff><adv_dhcp_pt_initial_interval><adv_dhcp_pt_values>SavedCfg</adv_dhcp_pt_values> <adv_dhcp_send_options><adv_dhcp_request_options><adv_dhcp_required_options><adv_dhcp_option_modifiers><adv_dhcp_config_advanced><adv_dhcp_config_file_override><adv_dhcp_config_file_override_path></adv_dhcp_config_file_override_path></adv_dhcp_config_file_override></adv_dhcp_config_advanced></adv_dhcp_option_modifiers></adv_dhcp_required_options></adv_dhcp_request_options></adv_dhcp_send_options></adv_dhcp_pt_initial_interval></adv_dhcp_pt_backoff_cutoff></adv_dhcp_pt_reboot></adv_dhcp_pt_select_timeout></adv_dhcp_pt_retry></adv_dhcp_pt_timeout></dhcprejectfrom></dhcphostname></spoofmac></alias-address></blockbogons></blockpriv></enable></wan> <lan><enable><if>re0</if> <ipaddr>192.168.140.1</ipaddr> <subnet>24</subnet> <blockbogons><spoofmac></spoofmac></blockbogons></enable></lan> <opt1><if>re2</if> <enable><ipaddr>192.168.141.1</ipaddr> <subnet>24</subnet> <blockbogons><spoofmac></spoofmac></blockbogons></enable></opt1> <opt2><if>re0_vlan11</if> <enable><spoofmac><ipaddr>192.168.131.95</ipaddr> <subnet>24</subnet></spoofmac></enable></opt2> <opt3><if>re0_vlan229</if> <enable><blockpriv><blockbogons><spoofmac><ipaddr>85.12.42.33</ipaddr> <subnet>29</subnet></spoofmac></blockbogons></blockpriv></enable></opt3></interfaces> <staticroutes><dhcpd><lan><enable><range><from>192.168.140.10</from> <to>192.168.140.100</to></range> <dhcpleaseinlocaltime></dhcpleaseinlocaltime></enable></lan> <opt1><enable><range><from>192.168.141.10</from> <to>192.168.141.100</to></range> <dhcpleaseinlocaltime></dhcpleaseinlocaltime></enable></opt1> <opt3><range><from>85.12.42.34</from> <to>85.12.42.36</to></range> <enable><failover_peerip><defaultleasetime><maxleasetime><netmask><gateway><domain><domainsearchlist><ddnsdomain><ddnsdomainprimary><ddnsdomainkeyname><ddnsdomainkey><mac_allow><mac_deny><tftp><ldap><nextserver><filename><filename32><filename64><rootpath><numberoptions><dhcpleaseinlocaltime></dhcpleaseinlocaltime></numberoptions></rootpath></filename64></filename32></filename></nextserver></ldap></tftp></mac_deny></mac_allow></ddnsdomainkey></ddnsdomainkeyname></ddnsdomainprimary></ddnsdomain></domainsearchlist></domain></gateway></netmask></maxleasetime></defaultleasetime></failover_peerip></enable></opt3></dhcpd> <dhcpdv6><lan><range><from>::1000</from> <to>::2000</to></range> <ramode>assist</ramode> <rapriority>medium</rapriority></lan></dhcpdv6> <snmpd><syslocation>pfsense Trefpunt</syslocation> <syscontact>Roy</syscontact> <rocommunity>Speedconnect</rocommunity> <modules><mibii><netgraph></netgraph></mibii></modules> <enable><pollport>161</pollport> <trapserver><trapserverport>162</trapserverport> <trapstring></trapstring></trapserver></enable></snmpd> <diag><ipv6nat></ipv6nat></diag> <syslog><nentries>500</nentries> <remoteserver>192.168.131.254</remoteserver> <remoteserver2><remoteserver3><sourceip><ipproto>ipv4</ipproto> <logall><enable></enable></logall></sourceip></remoteserver3></remoteserver2></syslog> <nat><outbound><mode>advanced</mode> <rule><interface>wan</interface> <source> <network>127.0.0.0/8</network> <dstport>500</dstport> <target><destination><any></any></destination> <staticnatport><created><time>1478698285</time> <username>Manual Outbound NAT Switch</username></created></staticnatport></target></rule> <rule><interface>wan</interface> <source> <network>127.0.0.0/8</network> <sourceport><target><destination><any></any></destination> <natport><created><time>1478698285</time> <username>Manual Outbound NAT Switch</username></created></natport></target></sourceport></rule> <rule><interface>wan</interface> <source> <network>192.168.140.0/24</network> <dstport>500</dstport> <target><destination><any></any></destination> <staticnatport><created><time>1478698285</time> <username>Manual Outbound NAT Switch</username></created></staticnatport></target></rule> <rule><interface>wan</interface> <source> <network>192.168.140.0/24</network> <sourceport><target><destination><any></any></destination> <natport><created><time>1478698285</time> <username>Manual Outbound NAT Switch</username></created></natport></target></sourceport></rule> <rule><interface>wan</interface> <source> <network>192.168.141.0/24</network> <dstport>500</dstport> <target><destination><any></any></destination> <staticnatport><created><time>1478698285</time> <username>Manual Outbound NAT Switch</username></created></staticnatport></target></rule> <rule><interface>wan</interface> <source> <network>192.168.141.0/24</network> <sourceport><target><destination><any></any></destination> <natport><created><time>1478698285</time> <username>Manual Outbound NAT Switch</username></created></natport></target></sourceport></rule> <rule><interface>wan</interface> <source> <network>192.168.131.0/24</network> <dstport>500</dstport> <target><destination><any></any></destination> <staticnatport><created><time>1478698285</time> <username>Manual Outbound NAT Switch</username></created></staticnatport></target></rule> <rule><interface>wan</interface> <source> <network>192.168.131.0/24</network> <sourceport><target><destination><any></any></destination> <natport><created><time>1478698285</time> <username>Manual Outbound NAT Switch</username></created></natport></target></sourceport></rule></outbound> <rule><source> <any><destination><network>wanip</network> <port>4444</port></destination> <protocol>tcp</protocol> <target>192.168.141.1</target> <local-port>443</local-port> <interface>wan</interface> <descr><associated-rule-id>nat_580bb17677a581.40345029</associated-rule-id> <updated><time>1477161334</time> <username>admin@192.168.140.11</username></updated> <created><time>1477161334</time> <username>admin@192.168.140.11</username></created></descr></any></rule> <separator></separator></nat> <filter><rule><id><tracker>1477160893</tracker> <type>pass</type> <interface>wan</interface> <ipprotocol>inet</ipprotocol> <tag><tagged><max><max-src-nodes><max-src-conn><max-src-states><statetimeout><statetype>keep state</statetype> <os><protocol>tcp</protocol> <source> <any><destination><network>(self)</network> <port>443</port></destination> <updated><time>1477160893</time> <username>admin@192.168.140.11</username></updated> <created><time>1477160893</time> <username>admin@192.168.140.11</username></created> <disabled></disabled></any></os></statetimeout></max-src-states></max-src-conn></max-src-nodes></max></tagged></tag></id></rule> <rule><source> <any><interface>wan</interface> <protocol>tcp</protocol> <destination><address>192.168.141.1</address> <port>443</port></destination> <associated-rule-id>nat_580bb17677a581.40345029</associated-rule-id> <tracker>1477161334</tracker> <created><time>1477161334</time> <username>NAT Port Forward</username></created></any></rule> <rule><id><tracker>1476900591</tracker> <type>pass</type> <interface>lan</interface> <ipprotocol>inet</ipprotocol> <tag><tagged><max><max-src-nodes><max-src-conn><max-src-states><statetimeout><statetype>keep state</statetype> <os><source> <network>lan</network> <destination><any></any></destination> <updated><time>1476900591</time> <username>admin@192.168.140.11</username></updated> <created><time>1476900591</time> <username>admin@192.168.140.11</username></created></os></statetimeout></max-src-states></max-src-conn></max-src-nodes></max></tagged></tag></id></rule> <rule><type>pass</type> <ipprotocol>inet6</ipprotocol> <interface>lan</interface> <tracker>0100000102</tracker> <source> <network>lan</network> <destination><any></any></destination> <disabled></disabled></rule> <rule><id><tracker>1475852368</tracker> <type>pass</type> <interface>opt1</interface> <ipprotocol>inet</ipprotocol> <tag><tagged><max><max-src-nodes><max-src-conn><max-src-states><statetimeout><statetype>keep state</statetype> <os><protocol>tcp</protocol> <source> <network>opt1</network> <destination><network>(self)</network> <port>80</port></destination> <updated><time>1475852368</time> <username>admin@192.168.140.10</username></updated> <created><time>1475852368</time> <username>admin@192.168.140.10</username></created></os></statetimeout></max-src-states></max-src-conn></max-src-nodes></max></tagged></tag></id></rule> <rule><id><tracker>1475852385</tracker> <type>pass</type> <interface>opt1</interface> <ipprotocol>inet</ipprotocol> <tag><tagged><max><max-src-nodes><max-src-conn><max-src-states><statetimeout><statetype>keep state</statetype> <os><protocol>tcp</protocol> <source> <network>opt1</network> <destination><network>(self)</network> <port>443</port></destination> <updated><time>1475852385</time> <username>admin@192.168.140.10</username></updated> <created><time>1475852385</time> <username>admin@192.168.140.10</username></created></os></statetimeout></max-src-states></max-src-conn></max-src-nodes></max></tagged></tag></id></rule> <rule><id><tracker>0100000101</tracker> <type>pass</type> <interface>opt1</interface> <ipprotocol>inet</ipprotocol> <tag><tagged><max><max-src-nodes><max-src-conn><max-src-states><statetimeout><statetype>keep state</statetype> <os><source> <network>opt1</network> <destination><any></any></destination> <updated><time>1475852313</time> <username>admin@192.168.140.10</username></updated></os></statetimeout></max-src-states></max-src-conn></max-src-nodes></max></tagged></tag></id></rule> <rule><id><tracker>1475852293</tracker> <type>pass</type> <interface>opt1</interface> <ipprotocol>inet6</ipprotocol> <tag><tagged><max><max-src-nodes><max-src-conn><max-src-states><statetimeout><statetype>keep state</statetype> <os><source> <network>opt1</network> <destination><any></any></destination> <updated><time>1475852293</time> <username>admin@192.168.140.10</username></updated> <created><time>1475852293</time> <username>admin@192.168.140.10</username></created> <disabled></disabled></os></statetimeout></max-src-states></max-src-conn></max-src-nodes></max></tagged></tag></id></rule> <rule><id><tracker>1478695497</tracker> <type>pass</type> <interface>opt2</interface> <ipprotocol>inet</ipprotocol> <tag><tagged><max><max-src-nodes><max-src-conn><max-src-states><statetimeout><statetype>keep state</statetype> <os><source> <any><destination><network>(self)</network></destination> <updated><time>1478695497</time> <username>admin@192.168.140.11</username></updated> <created><time>1478695497</time> <username>admin@192.168.140.11</username></created></any></os></statetimeout></max-src-states></max-src-conn></max-src-nodes></max></tagged></tag></id></rule> <rule><id><tracker>1478697316</tracker> <type>pass</type> <interface>opt2</interface> <ipprotocol>inet</ipprotocol> <tag><tagged><max><max-src-nodes><max-src-conn><max-src-states><statetimeout><statetype>keep state</statetype> <os><source> <any><destination><any></any></destination> <updated><time>1478697316</time> <username>admin@192.168.140.11</username></updated> <created><time>1478697316</time> <username>admin@192.168.140.11</username></created></any></os></statetimeout></max-src-states></max-src-conn></max-src-nodes></max></tagged></tag></id></rule> <rule><id><tracker>1478697621</tracker> <type>pass</type> <interface>opt3</interface> <ipprotocol>inet46</ipprotocol> <tag><tagged><max><max-src-nodes><max-src-conn><max-src-states><statetimeout><statetype>keep state</statetype> <os><source> <any><destination><any></any></destination> <descr><updated><time>1478697621</time> <username>admin@192.168.140.11</username></updated> <created><time>1478697621</time> <username>admin@192.168.140.11</username></created></descr></any></os></statetimeout></max-src-states></max-src-conn></max-src-nodes></max></tagged></tag></id></rule> <separator><opt1><lan></lan></opt1></separator></filter> <shaper><ipsec><aliases><proxyarp><cron><minute>1,31</minute> <hour>0-5</hour> <mday>*</mday> <month>*</month> <wday>*</wday> <who>root</who> <command></command>/usr/bin/nice -n20 adjkerntz -a <minute>1</minute> <hour>3</hour> <mday>1</mday> <month>*</month> <wday>*</wday> <who>root</who> <command></command>/usr/bin/nice -n20 /etc/rc.update_bogons.sh <minute>*/60</minute> <hour>*</hour> <mday>*</mday> <month>*</month> <wday>*</wday> <who>root</who> <command></command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 sshlockout <minute>*/60</minute> <hour>*</hour> <mday>*</mday> <month>*</month> <wday>*</wday> <who>root</who> <command></command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 webConfiguratorlockout <minute>1</minute> <hour>1</hour> <mday>*</mday> <month>*</month> <wday>*</wday> <who>root</who> <command></command>/usr/bin/nice -n20 /etc/rc.dyndns.update <minute>*/60</minute> <hour>*</hour> <mday>*</mday> <month>*</month> <wday>*</wday> <who>root</who> <command></command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 virusprot <minute>30</minute> <hour>12</hour> <mday>*</mday> <month>*</month> <wday>*</wday> <who>root</who> <command></command>/usr/bin/nice -n20 /etc/rc.update_urltables <minute>0</minute> <hour>21</hour> <mday>1-7</mday> <month>*</month> <wday>*</wday> <who>root</who> <command></command>/usr/local/bin/php /usr/local/www/pfblockerng/pfblockerng.php dcc >> /var/log/pfblockerng/extras.log 2>&1 <minute>0</minute> <hour>*</hour> <mday>*</mday> <month>*</month> <wday>*</wday> <who>root</who> <command></command>/usr/local/bin/php /usr/local/www/pfblockerng/pfblockerng.php cron >> /var/log/pfblockerng/pfblockerng.log 2>&1</cron> <wol><rrd><enable><category>left=system-processor&right=&resolution=300&timePeriod=-1d&startDate=&endDate=&startTime=0&endTime=0&graphtype=line&invert=true</category></enable></rrd> <load_balancer><monitor_type><name>ICMP</name> <type>icmp</type></monitor_type> <monitor_type><name>TCP</name> <type>tcp</type></monitor_type> <monitor_type><name>HTTP</name> <type>http</type> <options><path>/</path> <host>`200`</host></options></monitor_type> <monitor_type><name>HTTPS</name> <type>https</type> <options><path>/</path> <host>`200`</host></options></monitor_type> <monitor_type><name>SMTP</name> <type>send</type> <options><send><expect>220 *</expect></send></options></monitor_type></load_balancer> <widgets><sequence>system_information:col1:open,installed_packages:col1:open,interfaces:col1:open,traffic_graphs:col2:open,dyn_dns_status:col2:open,smart_status:col2:open,openvpn:col2:open,gateways:col3:open,thermal_sensors:col3:open,services_status:col3:open,ntp_status:col3:open,log:col3:open,interface_statistics:col3:open,pfblockerng-container:col2:show</sequence> <trafficgraphs><shown>wan lan opt1 opt2 opt3</shown> <refreshinterval>10</refreshinterval> <scale_type>up</scale_type></trafficgraphs></widgets> <openvpn><dnshaper><unbound><enable><dnssec><active_interface><outgoing_interface></outgoing_interface></active_interface></dnssec></enable></unbound> <revision><time>1478698300</time> <username>admin@192.168.140.11</username></revision> <cert><refid>57f7a36617876</refid> <type>server</type> <crt>LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUZiVENDQkZXZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBRENCdERFTE1Ba0dBMVVFQmhNQ1ZWTXgKRGpBTUJnTlZCQWdUQlZOMFlYUmxNUkV3RHdZRFZRUUhFd2hNYjJOaGJHbDBlVEU0TURZR0ExVUVDaE12Y0daVApaVzV6WlNCM1pXSkRiMjVtYVdkMWNtRjBiM0lnVTJWc1ppMVRhV2R1WldRZ1EyVnlkR2xtYVdOaGRHVXhLREFtCkJna3Foa2lHOXcwQkNRRVdHV0ZrYldsdVFIQm1VMlZ1YzJVdWJHOWpZV3hrYjIxaGFXNHhIakFjQmdOVkJBTVQKRlhCbVUyVnVjMlV0TlRkbU4yRXpOall4TnpnM05qQWVGdzB4TmpFd01EY3hNek13TVRSYUZ3MHlNakF6TXpBeApNek13TVRSYU1JRzBNUXN3Q1FZRFZRUUdFd0pWVXpFT01Bd0dBMVVFQ0JNRlUzUmhkR1V4RVRBUEJnTlZCQWNUCkNFeHZZMkZzYVhSNU1UZ3dOZ1lEVlFRS0V5OXdabE5sYm5ObElIZGxZa052Ym1acFozVnlZWFJ2Y2lCVFpXeG0KTFZOcFoyNWxaQ0JEWlhKMGFXWnBZMkYwWlRFb01DWUdDU3FHU0liM0RRRUpBUllaWVdSdGFXNUFjR1pUWlc1egpaUzVzYjJOaGJHUnZiV0ZwYmpFZU1Cd0dBMVVFQXhNVmNHWlRaVzV6WlMwMU4yWTNZVE0yTmpFM09EYzJNSUlCCklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUF1aGxzUkM3WE5OR1R5SlhaZUFVY1dQWmQKTU5zeFdhS3hRR05XYndmdzU1MlkySmNpNVRKMEhzcGZpbU5oUHV1U0d4OWJheVlPK3c2RVAzbWNCMzFjNUdhVQpsZVVqL2RaTjFmbnYvTkpEVXNSdHR2Z1FrNTgwU0Y1d3BUZ2dUazhRL1pnWmprK3RxRXc1R0xaY0hzd0hzOFV3ClV2b21IbGExRWtuTlYwekJseXg2Ym5lYTdiYkNNQU1ETG1OOEJpV1NRYlRVTmw2M0sxbHduTkVLdVBWK01jbnEKOXRLejBtdlBQamVic2dPanA0cVdCV2xib0x4OENzM3VzLy9YbnV4RmdtZU0vaERGL2VUY2lMVnEyeS9kbVF2Ngp0V3VyWmhMT3FaaEpVeFgveCtyRnFtSXo1STd3ZEE4OE5BeXdlYnJXZnZadTFOYVNrYTFUWlVteTVNM2xHUUlECkFRQUJvNElCaGpDQ0FZSXdDUVlEVlIwVEJBSXdBREFSQmdsZ2hrZ0JodmhDQVFFRUJBTUNCa0F3TXdZSllJWkkKQVliNFFnRU5CQ1lXSkU5d1pXNVRVMHdnUjJWdVpYSmhkR1ZrSUZObGNuWmxjaUJEWlhKMGFXWnBZMkYwWlRBZApCZ05WSFE0RUZnUVVkODBSc3hraTJCcGV5MVQrWDg2V0JqTkNGcDR3Z2VFR0ExVWRJd1NCMlRDQjFvQVVkODBSCnN4a2kyQnBleTFUK1g4NldCak5DRnA2aGdicWtnYmN3Z2JReEN6QUpCZ05WQkFZVEFsVlRNUTR3REFZRFZRUUkKRXdWVGRHRjBaVEVSTUE4R0ExVUVCeE1JVEc5allXeHBkSGt4T0RBMkJnTlZCQW9UTDNCbVUyVnVjMlVnZDJWaQpRMjl1Wm1sbmRYSmhkRzl5SUZObGJHWXRVMmxuYm1Wa0lFTmxjblJwWm1sallYUmxNU2d3SmdZSktvWklodmNOCkFRa0JGaGxoWkcxcGJrQndabE5sYm5ObExteHZZMkZzWkc5dFlXbHVNUjR3SEFZRFZRUURFeFZ3WmxObGJuTmwKTFRVM1pqZGhNelkyTVRjNE56YUNBUUF3SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQ0FJQwpNQXNHQTFVZER3UUVBd0lGb0RBTkJna3Foa2lHOXcwQkFRc0ZBQU9DQVFFQWhESjgxLzdrYkZjRzJIanRwUlVWCnFmNGhoeEcrMlZvSFJIZW0wVk1UNG1pWmIxQk9MUC9qUnF5UG5nbEV0RzZ5a2U1TjJGM0k3UFVob0haNWVaV00KdjVyR0hpVWR2aytodDZIZ3hYU3R1UExxU21NSkVNRzZZanRHSCtjalVkbVNjWElpYXF3ZzZwa1BISnUyMThNcQpMVnY1ZlR3RHRlNm5qcENRMlBnK3pBZ1JBNnQzcjBOU083M2g3TlhlcWx0VHp2TThIdnQ2MlJzdGhQZnB5clNvCmJBTmhYU2ZHWjBiQlFWb3FuK2pwdDlYOEJKV211aldRT1k0eVV1aUxoMHNHS1VGVURrMGdqaEV1dkJiSm1DTVMKYmY4ZElLK2JueFpFd1h2RTZpa2h0VzJDV0pEalVmUkI3NklhZldOcDhBdW1mN3oybjRnVlpiS2lRZmttajB6cgpLQT09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K</crt> <prv>LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2UUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktjd2dnU2pBZ0VBQW9JQkFRQzZHV3hFTHRjMDBaUEkKbGRsNEJSeFk5bDB3MnpGWm9yRkFZMVp2Qi9Ebm5aallseUxsTW5RZXlsK0tZMkUrNjVJYkgxdHJKZzc3RG9RLwplWndIZlZ6a1pwU1Y1U1A5MWszVitlLzgwa05TeEcyMitCQ1RuelJJWG5DbE9DQk9UeEQ5bUJtT1Q2Mm9URGtZCnRsd2V6QWV6eFRCUytpWWVWclVTU2MxWFRNR1hMSHB1ZDVydHRzSXdBd011WTN3R0paSkJ0TlEyWHJjcldYQ2MKMFFxNDlYNHh5ZXIyMHJQU2E4OCtONXV5QTZPbmlwWUZhVnVndkh3S3plNnovOWVlN0VXQ1o0eitFTVg5NU55SQp0V3JiTDkyWkMvcTFhNnRtRXM2cG1FbFRGZi9INnNXcVlqUGtqdkIwRHp3MERMQjV1dForOW03VTFwS1JyVk5sClNiTGt6ZVVaQWdNQkFBRUNnZ0VBYjJJeCs2a3hZMHFnc2lpR0xhQ1pjK0dZcTFvMThsayt6N1BsRXJWbENhdTQKeE1ISXYvZHZxdElqVnRmZVoyTmxZbGhsUmY5VWJnMGxPRHlZRjU5L3pyQmE5RkJlTjFwaDRkVWpQMlcxcDc4cgpqNXh2aDN0OU5tZFg4bnRpVXB4ZUpmbzRLWVlsQVJzRi9YV0FNMnFZblk5RE9oYkFZOTR2cUErR0dGODNhenZNCjhVWksrL2RReFZJRTgvV21RN0l0aHFrUlorcGc2aW9WMTRCay9yRFRwTjJiKzMrNEJ2ZTJFZlhwc3lzUXg3WGYKNzlhd0ZuZjRVc29BdEVGNGM0N2lTOElROU9oZjdISUIxNWRzQ1VIZk5xcTNyRStDekpBcnJtVFM5djlEOVNYcgpySDBHUi90a3VXMk1QRElGS3dhbjB1NnpFVktnV3FXdXRIL3lTVmQ0VVFLQmdRRHAxRGZMOTVlUG9QWjA3V2NqCmc1aVJRMkRuTkg0c3d0aTRGVTdEWEpFeGNST1dDYWpvcU40K0dkc1R6Q203angyOE1WSkdCYzRLdGZqSURVbkgKUEIxQmJmTXAxeWJPb3Qxc2JGR0F3YkVITUw4SEVNVm9DalpvN21Wc0o1OHg4cWEvRG01NWt1ZkRRd1k0Y3laeQp5Y21CUmtvMU16Q0NqZytxY0xQQ3d6elREUUtCZ1FETHZxYjZGSGwwRjk3MEhtcnZXb0lWYkJ5bGR1a3JjNHVxClp2ckNvM0pJcC90YlFhRnAyVFVqek04cDQrMXJ5WjdkaVpFczJFbEVJWGxPdkNmdEprUmh6Vk8zdjM1ZlRiUFcKdU96cmpQRkRRSVczY1dpN0pSSlM1OEJmNXZzRVpEak5MaWN0Wks0RXBvREZUQXhUczJCMEJicjdQcld1dGFHTgowVGJ3dmlOSFBRS0JnSEZuekp2dS9DSGIxa3hGYTdWTXVLMFRPYWRJelQwV1R4ZVF0ZitJSUo4VEVZVytMNTZQCmNDSThWZ1ZYQ3BKOXlkVWhNcDdsWjlYSUJkMjRuQ1MxNGhaK3BlV1FCTEZKU2d5d3lDS2pUaUdIb2M1aWN1dVAKc0czWjJYVElEcXloMi85amwyNzlNY3lBOEQ1bWtxb3ZkYnh1QThXaml3NTJxZUJuQXJnZUNwenRBb0dBYXVxZQpSd2R0Z0oxeU14cXZOUEdDNStqMjAyR21GRllyQ1gzR3cxTHdDdTZUdVp5a0xwNThBMUJidWZqUXcwcG5Zb3ZwCk1lWkI5RTI0a2JldElBWi94ZTd3cXJFRGlOR0d1UHdMMzhQemF6NDFyVUVIRzRYbHFyblF1c0xFSU5iUzgrRHYKVUNQUUtjS1NPbmFnMVYrQkV3RmEwTE5rdGN5OGZXWTNkWGZobldVQ2dZRUFtcmdSQlZ0cGU0S3JUczY4Wjg0WQorSUhVRWtlM1BlYkhxM1I1WlpGY3F5MTNtSjdzcnVndzUwdUpHUjZFT0NhSVVZUi9RTWZEQTZobVlxc085anozCjNlWUc0WUFNaStEMjJVZnJRNGNzTjBWQkxUT3VwVHBJeDhEakZISlJQMVZoYW1SdzZDUkdaWGJBMWdUR3pHTlQKeDlLUklacmNUNXBzZHVwbzBBRTFDOUE9Ci0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0K</prv></cert> <vlans><vlan><if>re1</if> <tag>128</tag> <pcp><vlanif>re1_vlan128</vlanif></pcp></vlan> <vlan><if>re0</if> <tag>11</tag> <pcp><vlanif>re0_vlan11</vlanif></pcp></vlan> <vlan><if>re0</if> <tag>229</tag> <pcp><vlanif>re0_vlan229</vlanif></pcp></vlan></vlans> <ppps><gateways><gateway_item><interface>opt2</interface> <gateway>192.168.131.14</gateway> <name>Leeuwenhorst</name> <weight><ipprotocol>inet</ipprotocol> <disabled></disabled></weight></gateway_item></gateways> <installedpackages><package><name>iperf</name> <website>http://www.freshports.org/benchmarks/iperf/</website> <version>2.0.5.5_1</version> <pkginfolink>https://doc.pfsense.org/index.php/Iperf_package</pkginfolink> <configurationfile>iperf.xml</configurationfile></package> <package><name>OpenVPN Client Export Utility</name> <internal_name>openvpn-client-export</internal_name> <version>1.3.13</version> <configurationfile>openvpn-client-export.xml</configurationfile></package> <package><name>RRD Summary</name> <internal_name>RRD_Summary</internal_name> <version>1.3.1_2</version> <configurationfile>rrd-summary.xml</configurationfile></package> <package><name>pfBlockerNG</name> <descr>Manage IPv4/v6 List Sources into 'Deny, Permit or Match' formats.<br /> GeoIP database by MaxMind Inc. (GeoLite2 Free version).<br /> De-Duplication, Suppression, and Reputation enhancements.<br /> Provision to download from diverse List formats.<br /> Advanced Integration for Proofpoint ET IQRisk IP Reputation Threat Sources.<br /> Domain Name (DNSBL) blocking via Unbound DNS Resolver.]]></descr> <pkginfolink>https://forum.pfsense.org/index.php?topic=102470.0</pkginfolink> <version>2.1.1_4</version> <configurationfile>pfblockerng.xml</configurationfile></package> <menu> <name>iperf</name> Diagnostics <configfile>iperf.xml</configfile> </menu> <menu> <name>RRD Summary</name> <tooltiptext>Display total amount of traffic passed In/Out during this and the previous month.</tooltiptext> Status <url>/status_rrd_summary.php</url> </menu> <menu> <name>pfBlockerNG</name> <configfile>pfblockerng.xml</configfile> Firewall <url>/pkg_edit.php?xml=pfblockerng.xml</url> </menu> <service><name>iperf</name> <executable>iperf</executable> <stopcmd>mwexec("/usr/bin/killall iperf");</stopcmd></service> <service><name>dnsbl</name> <rcfile>dnsbl.sh</rcfile> <executable>lighttpd_pfb</executable></service> <pfblockerngafrica></pfblockerngafrica> <pfblockerngantarctica></pfblockerngantarctica> <pfblockerngasia></pfblockerngasia> <pfblockerngnorthamerica></pfblockerngnorthamerica> <pfblockerngoceania></pfblockerngoceania> <pfblockerngsouthamerica></pfblockerngsouthamerica> <pfblockerngtopspammers><config><countries4>CN,CN_rep,RU,RU_rep,JP,JP_rep,UA,UA_rep,GB,GB_rep,DE,DE_rep,BR,BR_rep,FR,FR_rep,IN,IN_rep,TR,IT,IT_rep,KR,PL,PL_rep,ES,ES_rep,VN,VN_rep,AR,CO,TW,TW_rep,MX,MX_rep,CL,CL_rep</countries4> <countries6>CN,CN_rep,RU,RU_rep,JP,JP_rep,UA,UA_rep,GB,GB_rep,DE,DE_rep,BR,BR_rep,FR,FR_rep,IN,IN_rep,TR,TR_rep,IT,KR,PL,PL_rep,ES,ES_rep,VN,AR,AR_rep,CO,CO_rep,TW,TW_rep,MX,CL,CL_rep</countries6> <action>Disabled</action> <aliaslog>enabled</aliaslog> <autoaddrnot_in><autoports_in><aliasports_in><autoaddr_in><autonot_in><aliasaddr_in><autoproto_in><agateway_in>default</agateway_in> <autoaddrnot_out><autoports_out><aliasports_out><autoaddr_out><autonot_out><aliasaddr_out><autoproto_out><agateway_out>default</agateway_out></autoproto_out></aliasaddr_out></autonot_out></autoaddr_out></aliasports_out></autoports_out></autoaddrnot_out></autoproto_in></aliasaddr_in></autonot_in></autoaddr_in></aliasports_in></autoports_in></autoaddrnot_in></config></pfblockerngtopspammers> <pfblockerngproxyandsatellite></pfblockerngproxyandsatellite> <pfblockerng><config><enable_cb>on</enable_cb> <pfb_keep>on</pfb_keep> <pfb_interval>1</pfb_interval> <pfb_min>0</pfb_min> <pfb_hour>0</pfb_hour> <pfb_dailystart>0</pfb_dailystart> <enable_dup><enable_agg><suppression><enable_log><maxmind_locale>en</maxmind_locale> <database_cc><skipfeed>0</skipfeed> <log_maxlines>20000</log_maxlines> <inbound_interface>wan</inbound_interface> <inbound_deny_action>block</inbound_deny_action> <outbound_interface>lan,opt1</outbound_interface> <outbound_deny_action>reject</outbound_deny_action> <openvpn_action><ipsec_action><enable_float><pass_order>order_0</pass_order> <autorule_suffix>autorule</autorule_suffix> <killstates></killstates></enable_float></ipsec_action></openvpn_action></database_cc></enable_log></suppression></enable_agg></enable_dup></config></pfblockerng> <pfblockerngreputation><config><enable_rep><p24_max_var>5</p24_max_var> <enable_pdup><p24_pmax_var>50</p24_pmax_var> <enable_dedup><p24_dmax_var>5</p24_dmax_var> <ccwhite>ignore</ccwhite> <ccblack>block</ccblack> <ccexclude>NL</ccexclude> <et_header><etblock><etmatch><et_update>disabled</et_update></etmatch></etblock></et_header></enable_dedup></enable_pdup></enable_rep></config></pfblockerngreputation></installedpackages> <gres><gre><if>opt3</if> <tunnel-local-addr>85.243.220.10</tunnel-local-addr> <tunnel-remote-addr>85.12.12.12</tunnel-remote-addr> <tunnel-remote-net>29</tunnel-remote-net> <remote-addr>87.233.64.250</remote-addr> <link1><greif>gre0</greif></link1></gre></gres></ppps></dnshaper></openvpn></wol></proxyarp></aliases></ipsec></shaper></staticroutes></lastchange></pfsense>