Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    GRE Tunnel, Possible Bug.

    Scheduled Pinned Locked Moved General pfSense Questions
    1 Posts 1 Posters 778 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rvanswol
      last edited by

      At extraip.nl i have a small test /29 subnet. After the setup the subnet works fine, but after a reboot there is no traffic going trough the GRE tunnel. What am i doing wrong?

      I first configure an interface and a static ipv4 address (the first in the /29 subnet)
      Then i configure a firewall rule to pass all traffic to and from the interface.
      And i enable the DHCP server op the interface to hand out the remaining 5 ip’s
      Then i configure the GRE tunnel, and tun the automatic outbound NAT on manual and remove the auto created rules.

      At this point all the traffic from the /29 subnet goes through the GRE tunnel.
      After a reboot no traffic goes though the GRE tunnel, and a system backup does not work.

      Am i doing this wrong, ore is this a bug?

      Thanks in advance and let me know if there more helpful information I can provide about the problem.

      
       <pfsense><version>15.5</version>
      	 <lastchange><system><optimization>normal</optimization>
      		<hostname>Omroep_BO_pfSense</hostname>
      		<domain>localdomain</domain>
      		 <group><name>all</name>
      
      			<scope>system</scope>
      			<gid>1998</gid></group> 
      		 <group><name>admins</name>
      
      			<scope>system</scope>
      			<gid>1999</gid>
      			<member>0</member>
      			<priv>page-all</priv></group> 
      		 <user><name>admin</name>
      
      			<scope>system</scope>
      			<groupname>admins</groupname>
      			<bcrypt-hash>xxxxxxxxxxx/bcrypt-hash>
      			<uid>0</uid>
      			<priv>user-shell-access</priv>
      			 <expires><dashboardcolumns>2</dashboardcolumns>
      			 <authorizedkeys><ipsecpsk><webguicss>pfSense.css</webguicss></ipsecpsk></authorizedkeys></expires></bcrypt-hash></user> 
      		<nextuid>2000</nextuid>
      		<nextgid>2000</nextgid>
      		<timeservers>0.pfsense.pool.ntp.org</timeservers>
      		 <webgui><protocol>https</protocol>
      			 <loginautocomplete><ssl-certref>57f7a36617876</ssl-certref>
      			 <port><max_procs>2</max_procs>
      			<dashboardcolumns>3</dashboardcolumns>
      			<webguicss>pfSense.css</webguicss>
      			 <webguileftcolumnhyper><dashboardavailablewidgetspanel><systemlogsfilterpanel><systemlogsmanagelogpanel><statusmonitoringsettingspanel></statusmonitoringsettingspanel></systemlogsmanagelogpanel></systemlogsfilterpanel></dashboardavailablewidgetspanel></webguileftcolumnhyper></port></loginautocomplete></webgui> 
      		<disablenatreflection>yes</disablenatreflection>
      		 <disablesegmentationoffloading><disablelargereceiveoffloading><powerd_ac_mode>hadp</powerd_ac_mode>
      		<powerd_battery_mode>hadp</powerd_battery_mode>
      		<powerd_normal_mode>hadp</powerd_normal_mode>
      		 <bogons><interval>monthly</interval></bogons> 
      		 <enableserial><disableconsolemenu><serialspeed>115200</serialspeed>
      		<enablesshd>enabled</enablesshd>
      		 <use_mfs_tmp_size><use_mfs_var_size><timezone>Europe/Amsterdam</timezone>
      		<language>en_US</language>
      		<dns1gw>WAN_DHCP</dns1gw>
      		<dns2gw>WAN_DHCP</dns2gw>
      		<dns3gw>WAN_DHCP</dns3gw>
      		<dns4gw>WAN_DHCP</dns4gw>
      		<dnsserver>84.116.46.23</dnsserver>
      		<dnsserver>84.116.46.22</dnsserver>
      		<dnsserver>209.244.0.3</dnsserver>
      		<dnsserver>209.244.0.4</dnsserver>
      		 <dnsallowoverride><proxyuser>admin</proxyuser>
      		<maximumtableentries>2000000</maximumtableentries>
      		 <ipv6allow><powerd_enable><thermal_hardware>amdtemp</thermal_hardware></powerd_enable></ipv6allow></dnsallowoverride></use_mfs_var_size></use_mfs_tmp_size></disableconsolemenu></enableserial></disablelargereceiveoffloading></disablesegmentationoffloading></system> 
      	 <interfaces><wan><enable><if>re1_vlan128</if>
      			 <blockpriv><blockbogons><alias-address><alias-subnet>32</alias-subnet>
      			 <spoofmac><ipaddr>dhcp</ipaddr>
      			 <dhcphostname><dhcprejectfrom><adv_dhcp_pt_timeout><adv_dhcp_pt_retry><adv_dhcp_pt_select_timeout><adv_dhcp_pt_reboot><adv_dhcp_pt_backoff_cutoff><adv_dhcp_pt_initial_interval><adv_dhcp_pt_values>SavedCfg</adv_dhcp_pt_values>
      			 <adv_dhcp_send_options><adv_dhcp_request_options><adv_dhcp_required_options><adv_dhcp_option_modifiers><adv_dhcp_config_advanced><adv_dhcp_config_file_override><adv_dhcp_config_file_override_path></adv_dhcp_config_file_override_path></adv_dhcp_config_file_override></adv_dhcp_config_advanced></adv_dhcp_option_modifiers></adv_dhcp_required_options></adv_dhcp_request_options></adv_dhcp_send_options></adv_dhcp_pt_initial_interval></adv_dhcp_pt_backoff_cutoff></adv_dhcp_pt_reboot></adv_dhcp_pt_select_timeout></adv_dhcp_pt_retry></adv_dhcp_pt_timeout></dhcprejectfrom></dhcphostname></spoofmac></alias-address></blockbogons></blockpriv></enable></wan> 
      		 <lan><enable><if>re0</if>
      
      			<ipaddr>192.168.140.1</ipaddr>
      			<subnet>24</subnet>
      			 <blockbogons><spoofmac></spoofmac></blockbogons></enable></lan> 
      		 <opt1><if>re2</if>
      
      			 <enable><ipaddr>192.168.141.1</ipaddr>
      			<subnet>24</subnet>
      			 <blockbogons><spoofmac></spoofmac></blockbogons></enable></opt1> 
      		 <opt2><if>re0_vlan11</if>
      			 <enable><spoofmac><ipaddr>192.168.131.95</ipaddr>
      			<subnet>24</subnet></spoofmac></enable></opt2> 
      		 <opt3><if>re0_vlan229</if>
      			 <enable><blockpriv><blockbogons><spoofmac><ipaddr>85.12.42.33</ipaddr>
      			<subnet>29</subnet></spoofmac></blockbogons></blockpriv></enable></opt3></interfaces> 
      	 <staticroutes><dhcpd><lan><enable><range><from>192.168.140.10</from>
      				<to>192.168.140.100</to></range> 
      			 <dhcpleaseinlocaltime></dhcpleaseinlocaltime></enable></lan> 
      		 <opt1><enable><range><from>192.168.141.10</from>
      				<to>192.168.141.100</to></range> 
      			 <dhcpleaseinlocaltime></dhcpleaseinlocaltime></enable></opt1> 
      		 <opt3><range><from>85.12.42.34</from>
      				<to>85.12.42.36</to></range> 
      			 <enable><failover_peerip><defaultleasetime><maxleasetime><netmask><gateway><domain><domainsearchlist><ddnsdomain><ddnsdomainprimary><ddnsdomainkeyname><ddnsdomainkey><mac_allow><mac_deny><tftp><ldap><nextserver><filename><filename32><filename64><rootpath><numberoptions><dhcpleaseinlocaltime></dhcpleaseinlocaltime></numberoptions></rootpath></filename64></filename32></filename></nextserver></ldap></tftp></mac_deny></mac_allow></ddnsdomainkey></ddnsdomainkeyname></ddnsdomainprimary></ddnsdomain></domainsearchlist></domain></gateway></netmask></maxleasetime></defaultleasetime></failover_peerip></enable></opt3></dhcpd> 
      	 <dhcpdv6><lan><range><from>::1000</from>
      				<to>::2000</to></range> 
      			<ramode>assist</ramode>
      			<rapriority>medium</rapriority></lan></dhcpdv6> 
      	 <snmpd><syslocation>pfsense Trefpunt</syslocation>
      		<syscontact>Roy</syscontact>
      		<rocommunity>Speedconnect</rocommunity>
      		 <modules><mibii><netgraph></netgraph></mibii></modules> 
      		 <enable><pollport>161</pollport>
      		 <trapserver><trapserverport>162</trapserverport>
      		 <trapstring></trapstring></trapserver></enable></snmpd> 
      	 <diag><ipv6nat></ipv6nat></diag> 
      	 <syslog><nentries>500</nentries>
      		<remoteserver>192.168.131.254</remoteserver>
      		 <remoteserver2><remoteserver3><sourceip><ipproto>ipv4</ipproto>
      		 <logall><enable></enable></logall></sourceip></remoteserver3></remoteserver2></syslog> 
      	 <nat><outbound><mode>advanced</mode>
      			 <rule><interface>wan</interface>
      				<source>
      					<network>127.0.0.0/8</network>
      
      				<dstport>500</dstport>
      				 <target><destination><any></any></destination> 
      				 <staticnatport><created><time>1478698285</time>
      					<username>Manual Outbound NAT Switch</username></created></staticnatport></target></rule> 
      			 <rule><interface>wan</interface>
      				<source>
      					<network>127.0.0.0/8</network>
      
      				 <sourceport><target><destination><any></any></destination> 
      				 <natport><created><time>1478698285</time>
      					<username>Manual Outbound NAT Switch</username></created></natport></target></sourceport></rule> 
      			 <rule><interface>wan</interface>
      				<source>
      					<network>192.168.140.0/24</network>
      
      				<dstport>500</dstport>
      				 <target><destination><any></any></destination> 
      				 <staticnatport><created><time>1478698285</time>
      					<username>Manual Outbound NAT Switch</username></created></staticnatport></target></rule> 
      			 <rule><interface>wan</interface>
      				<source>
      					<network>192.168.140.0/24</network>
      
      				 <sourceport><target><destination><any></any></destination> 
      				 <natport><created><time>1478698285</time>
      					<username>Manual Outbound NAT Switch</username></created></natport></target></sourceport></rule> 
      			 <rule><interface>wan</interface>
      				<source>
      					<network>192.168.141.0/24</network>
      
      				<dstport>500</dstport>
      				 <target><destination><any></any></destination> 
      				 <staticnatport><created><time>1478698285</time>
      					<username>Manual Outbound NAT Switch</username></created></staticnatport></target></rule> 
      			 <rule><interface>wan</interface>
      				<source>
      					<network>192.168.141.0/24</network>
      
      				 <sourceport><target><destination><any></any></destination> 
      				 <natport><created><time>1478698285</time>
      					<username>Manual Outbound NAT Switch</username></created></natport></target></sourceport></rule> 
      			 <rule><interface>wan</interface>
      				<source>
      					<network>192.168.131.0/24</network>
      
      				<dstport>500</dstport>
      				 <target><destination><any></any></destination> 
      				 <staticnatport><created><time>1478698285</time>
      					<username>Manual Outbound NAT Switch</username></created></staticnatport></target></rule> 
      			 <rule><interface>wan</interface>
      				<source>
      					<network>192.168.131.0/24</network>
      
      				 <sourceport><target><destination><any></any></destination> 
      				 <natport><created><time>1478698285</time>
      					<username>Manual Outbound NAT Switch</username></created></natport></target></sourceport></rule></outbound> 
      		 <rule><source>
      				 <any><destination><network>wanip</network>
      				<port>4444</port></destination> 
      			<protocol>tcp</protocol>
      			<target>192.168.141.1</target>
      			<local-port>443</local-port>
      			<interface>wan</interface>
      			 <descr><associated-rule-id>nat_580bb17677a581.40345029</associated-rule-id>
      			 <updated><time>1477161334</time>
      				<username>admin@192.168.140.11</username></updated> 
      			 <created><time>1477161334</time>
      				<username>admin@192.168.140.11</username></created></descr></any></rule> 
      		 <separator></separator></nat> 
      	 <filter><rule><id><tracker>1477160893</tracker>
      			<type>pass</type>
      			<interface>wan</interface>
      			<ipprotocol>inet</ipprotocol>
      			 <tag><tagged><max><max-src-nodes><max-src-conn><max-src-states><statetimeout><statetype>keep state</statetype>
      			 <os><protocol>tcp</protocol>
      			<source>
      				 <any><destination><network>(self)</network>
      				<port>443</port></destination> 
      
      			 <updated><time>1477160893</time>
      				<username>admin@192.168.140.11</username></updated> 
      			 <created><time>1477160893</time>
      				<username>admin@192.168.140.11</username></created> 
      			 <disabled></disabled></any></os></statetimeout></max-src-states></max-src-conn></max-src-nodes></max></tagged></tag></id></rule> 
      		 <rule><source>
      				 <any><interface>wan</interface>
      			<protocol>tcp</protocol>
      			 <destination><address>192.168.141.1</address>
      
      				<port>443</port></destination> 
      
      			<associated-rule-id>nat_580bb17677a581.40345029</associated-rule-id>
      			<tracker>1477161334</tracker>
      			 <created><time>1477161334</time>
      				<username>NAT Port Forward</username></created></any></rule> 
      		 <rule><id><tracker>1476900591</tracker>
      			<type>pass</type>
      			<interface>lan</interface>
      			<ipprotocol>inet</ipprotocol>
      			 <tag><tagged><max><max-src-nodes><max-src-conn><max-src-states><statetimeout><statetype>keep state</statetype>
      			 <os><source>
      				<network>lan</network>
      
      			 <destination><any></any></destination> 
      
      			 <updated><time>1476900591</time>
      				<username>admin@192.168.140.11</username></updated> 
      			 <created><time>1476900591</time>
      				<username>admin@192.168.140.11</username></created></os></statetimeout></max-src-states></max-src-conn></max-src-nodes></max></tagged></tag></id></rule> 
      		 <rule><type>pass</type>
      			<ipprotocol>inet6</ipprotocol>
      
      			<interface>lan</interface>
      			<tracker>0100000102</tracker>
      			<source>
      				<network>lan</network>
      
      			 <destination><any></any></destination> 
      			 <disabled></disabled></rule> 
      		 <rule><id><tracker>1475852368</tracker>
      			<type>pass</type>
      			<interface>opt1</interface>
      			<ipprotocol>inet</ipprotocol>
      			 <tag><tagged><max><max-src-nodes><max-src-conn><max-src-states><statetimeout><statetype>keep state</statetype>
      			 <os><protocol>tcp</protocol>
      			<source>
      				<network>opt1</network>
      
      			 <destination><network>(self)</network>
      				<port>80</port></destination> 
      
      			 <updated><time>1475852368</time>
      				<username>admin@192.168.140.10</username></updated> 
      			 <created><time>1475852368</time>
      				<username>admin@192.168.140.10</username></created></os></statetimeout></max-src-states></max-src-conn></max-src-nodes></max></tagged></tag></id></rule> 
      		 <rule><id><tracker>1475852385</tracker>
      			<type>pass</type>
      			<interface>opt1</interface>
      			<ipprotocol>inet</ipprotocol>
      			 <tag><tagged><max><max-src-nodes><max-src-conn><max-src-states><statetimeout><statetype>keep state</statetype>
      			 <os><protocol>tcp</protocol>
      			<source>
      				<network>opt1</network>
      
      			 <destination><network>(self)</network>
      				<port>443</port></destination> 
      
      			 <updated><time>1475852385</time>
      				<username>admin@192.168.140.10</username></updated> 
      			 <created><time>1475852385</time>
      				<username>admin@192.168.140.10</username></created></os></statetimeout></max-src-states></max-src-conn></max-src-nodes></max></tagged></tag></id></rule> 
      		 <rule><id><tracker>0100000101</tracker>
      			<type>pass</type>
      			<interface>opt1</interface>
      			<ipprotocol>inet</ipprotocol>
      			 <tag><tagged><max><max-src-nodes><max-src-conn><max-src-states><statetimeout><statetype>keep state</statetype>
      			 <os><source>
      				<network>opt1</network>
      
      			 <destination><any></any></destination> 
      
      			 <updated><time>1475852313</time>
      				<username>admin@192.168.140.10</username></updated></os></statetimeout></max-src-states></max-src-conn></max-src-nodes></max></tagged></tag></id></rule> 
      		 <rule><id><tracker>1475852293</tracker>
      			<type>pass</type>
      			<interface>opt1</interface>
      			<ipprotocol>inet6</ipprotocol>
      			 <tag><tagged><max><max-src-nodes><max-src-conn><max-src-states><statetimeout><statetype>keep state</statetype>
      			 <os><source>
      				<network>opt1</network>
      
      			 <destination><any></any></destination> 
      
      			 <updated><time>1475852293</time>
      				<username>admin@192.168.140.10</username></updated> 
      			 <created><time>1475852293</time>
      				<username>admin@192.168.140.10</username></created> 
      			 <disabled></disabled></os></statetimeout></max-src-states></max-src-conn></max-src-nodes></max></tagged></tag></id></rule> 
      		 <rule><id><tracker>1478695497</tracker>
      			<type>pass</type>
      			<interface>opt2</interface>
      			<ipprotocol>inet</ipprotocol>
      			 <tag><tagged><max><max-src-nodes><max-src-conn><max-src-states><statetimeout><statetype>keep state</statetype>
      			 <os><source>
      				 <any><destination><network>(self)</network></destination> 
      
      			 <updated><time>1478695497</time>
      				<username>admin@192.168.140.11</username></updated> 
      			 <created><time>1478695497</time>
      				<username>admin@192.168.140.11</username></created></any></os></statetimeout></max-src-states></max-src-conn></max-src-nodes></max></tagged></tag></id></rule> 
      		 <rule><id><tracker>1478697316</tracker>
      			<type>pass</type>
      			<interface>opt2</interface>
      			<ipprotocol>inet</ipprotocol>
      			 <tag><tagged><max><max-src-nodes><max-src-conn><max-src-states><statetimeout><statetype>keep state</statetype>
      			 <os><source>
      				 <any><destination><any></any></destination> 
      
      			 <updated><time>1478697316</time>
      				<username>admin@192.168.140.11</username></updated> 
      			 <created><time>1478697316</time>
      				<username>admin@192.168.140.11</username></created></any></os></statetimeout></max-src-states></max-src-conn></max-src-nodes></max></tagged></tag></id></rule> 
      		 <rule><id><tracker>1478697621</tracker>
      			<type>pass</type>
      			<interface>opt3</interface>
      			<ipprotocol>inet46</ipprotocol>
      			 <tag><tagged><max><max-src-nodes><max-src-conn><max-src-states><statetimeout><statetype>keep state</statetype>
      			 <os><source>
      				 <any><destination><any></any></destination> 
      			 <descr><updated><time>1478697621</time>
      				<username>admin@192.168.140.11</username></updated> 
      			 <created><time>1478697621</time>
      				<username>admin@192.168.140.11</username></created></descr></any></os></statetimeout></max-src-states></max-src-conn></max-src-nodes></max></tagged></tag></id></rule> 
      		 <separator><opt1><lan></lan></opt1></separator></filter> 
      	 <shaper><ipsec><aliases><proxyarp><cron><minute>1,31</minute>
      			<hour>0-5</hour>
      			<mday>*</mday>
      			<month>*</month>
      			<wday>*</wday>
      			<who>root</who>
      			<command></command>/usr/bin/nice -n20 adjkerntz -a 
      		 <minute>1</minute>
      			<hour>3</hour>
      			<mday>1</mday>
      			<month>*</month>
      			<wday>*</wday>
      			<who>root</who>
      			<command></command>/usr/bin/nice -n20 /etc/rc.update_bogons.sh 
      		 <minute>*/60</minute>
      			<hour>*</hour>
      			<mday>*</mday>
      			<month>*</month>
      			<wday>*</wday>
      			<who>root</who>
      			<command></command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 sshlockout 
      		 <minute>*/60</minute>
      			<hour>*</hour>
      			<mday>*</mday>
      			<month>*</month>
      			<wday>*</wday>
      			<who>root</who>
      			<command></command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 webConfiguratorlockout 
      		 <minute>1</minute>
      			<hour>1</hour>
      			<mday>*</mday>
      			<month>*</month>
      			<wday>*</wday>
      			<who>root</who>
      			<command></command>/usr/bin/nice -n20 /etc/rc.dyndns.update 
      		 <minute>*/60</minute>
      			<hour>*</hour>
      			<mday>*</mday>
      			<month>*</month>
      			<wday>*</wday>
      			<who>root</who>
      			<command></command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 virusprot 
      		 <minute>30</minute>
      			<hour>12</hour>
      			<mday>*</mday>
      			<month>*</month>
      			<wday>*</wday>
      			<who>root</who>
      			<command></command>/usr/bin/nice -n20 /etc/rc.update_urltables 
      		 <minute>0</minute>
      			<hour>21</hour>
      			<mday>1-7</mday>
      			<month>*</month>
      			<wday>*</wday>
      			<who>root</who>
      			<command></command>/usr/local/bin/php /usr/local/www/pfblockerng/pfblockerng.php dcc >> /var/log/pfblockerng/extras.log 2>&1 
      		 <minute>0</minute>
      			<hour>*</hour>
      			<mday>*</mday>
      			<month>*</month>
      			<wday>*</wday>
      			<who>root</who>
      			<command></command>/usr/local/bin/php /usr/local/www/pfblockerng/pfblockerng.php cron >> /var/log/pfblockerng/pfblockerng.log 2>&1</cron> 
      	 <wol><rrd><enable><category>left=system-processor&right=&resolution=300&timePeriod=-1d&startDate=&endDate=&startTime=0&endTime=0&graphtype=line&invert=true</category></enable></rrd> 
      	 <load_balancer><monitor_type><name>ICMP</name>
      			<type>icmp</type></monitor_type> 
      		 <monitor_type><name>TCP</name>
      			<type>tcp</type></monitor_type> 
      		 <monitor_type><name>HTTP</name>
      			<type>http</type>
      
      			 <options><path>/</path>
      				 <host>`200`</host></options></monitor_type> 
      		 <monitor_type><name>HTTPS</name>
      			<type>https</type>
      
      			 <options><path>/</path>
      				 <host>`200`</host></options></monitor_type> 
      		 <monitor_type><name>SMTP</name>
      			<type>send</type>
      
      			 <options><send><expect>220 *</expect></send></options></monitor_type></load_balancer> 
      	 <widgets><sequence>system_information:col1:open,installed_packages:col1:open,interfaces:col1:open,traffic_graphs:col2:open,dyn_dns_status:col2:open,smart_status:col2:open,openvpn:col2:open,gateways:col3:open,thermal_sensors:col3:open,services_status:col3:open,ntp_status:col3:open,log:col3:open,interface_statistics:col3:open,pfblockerng-container:col2:show</sequence>
      		 <trafficgraphs><shown>wan
      				lan
      				opt1
      				opt2
      				opt3</shown> 
      			<refreshinterval>10</refreshinterval>
      			<scale_type>up</scale_type></trafficgraphs></widgets> 
      	 <openvpn><dnshaper><unbound><enable><dnssec><active_interface><outgoing_interface></outgoing_interface></active_interface></dnssec></enable></unbound> 
      	 <revision><time>1478698300</time>
      
      		<username>admin@192.168.140.11</username></revision> 
      	 <cert><refid>57f7a36617876</refid>
      
      		<type>server</type>
      		<crt>LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUZiVENDQkZXZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBRENCdERFTE1Ba0dBMVVFQmhNQ1ZWTXgKRGpBTUJnTlZCQWdUQlZOMFlYUmxNUkV3RHdZRFZRUUhFd2hNYjJOaGJHbDBlVEU0TURZR0ExVUVDaE12Y0daVApaVzV6WlNCM1pXSkRiMjVtYVdkMWNtRjBiM0lnVTJWc1ppMVRhV2R1WldRZ1EyVnlkR2xtYVdOaGRHVXhLREFtCkJna3Foa2lHOXcwQkNRRVdHV0ZrYldsdVFIQm1VMlZ1YzJVdWJHOWpZV3hrYjIxaGFXNHhIakFjQmdOVkJBTVQKRlhCbVUyVnVjMlV0TlRkbU4yRXpOall4TnpnM05qQWVGdzB4TmpFd01EY3hNek13TVRSYUZ3MHlNakF6TXpBeApNek13TVRSYU1JRzBNUXN3Q1FZRFZRUUdFd0pWVXpFT01Bd0dBMVVFQ0JNRlUzUmhkR1V4RVRBUEJnTlZCQWNUCkNFeHZZMkZzYVhSNU1UZ3dOZ1lEVlFRS0V5OXdabE5sYm5ObElIZGxZa052Ym1acFozVnlZWFJ2Y2lCVFpXeG0KTFZOcFoyNWxaQ0JEWlhKMGFXWnBZMkYwWlRFb01DWUdDU3FHU0liM0RRRUpBUllaWVdSdGFXNUFjR1pUWlc1egpaUzVzYjJOaGJHUnZiV0ZwYmpFZU1Cd0dBMVVFQXhNVmNHWlRaVzV6WlMwMU4yWTNZVE0yTmpFM09EYzJNSUlCCklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUF1aGxzUkM3WE5OR1R5SlhaZUFVY1dQWmQKTU5zeFdhS3hRR05XYndmdzU1MlkySmNpNVRKMEhzcGZpbU5oUHV1U0d4OWJheVlPK3c2RVAzbWNCMzFjNUdhVQpsZVVqL2RaTjFmbnYvTkpEVXNSdHR2Z1FrNTgwU0Y1d3BUZ2dUazhRL1pnWmprK3RxRXc1R0xaY0hzd0hzOFV3ClV2b21IbGExRWtuTlYwekJseXg2Ym5lYTdiYkNNQU1ETG1OOEJpV1NRYlRVTmw2M0sxbHduTkVLdVBWK01jbnEKOXRLejBtdlBQamVic2dPanA0cVdCV2xib0x4OENzM3VzLy9YbnV4RmdtZU0vaERGL2VUY2lMVnEyeS9kbVF2Ngp0V3VyWmhMT3FaaEpVeFgveCtyRnFtSXo1STd3ZEE4OE5BeXdlYnJXZnZadTFOYVNrYTFUWlVteTVNM2xHUUlECkFRQUJvNElCaGpDQ0FZSXdDUVlEVlIwVEJBSXdBREFSQmdsZ2hrZ0JodmhDQVFFRUJBTUNCa0F3TXdZSllJWkkKQVliNFFnRU5CQ1lXSkU5d1pXNVRVMHdnUjJWdVpYSmhkR1ZrSUZObGNuWmxjaUJEWlhKMGFXWnBZMkYwWlRBZApCZ05WSFE0RUZnUVVkODBSc3hraTJCcGV5MVQrWDg2V0JqTkNGcDR3Z2VFR0ExVWRJd1NCMlRDQjFvQVVkODBSCnN4a2kyQnBleTFUK1g4NldCak5DRnA2aGdicWtnYmN3Z2JReEN6QUpCZ05WQkFZVEFsVlRNUTR3REFZRFZRUUkKRXdWVGRHRjBaVEVSTUE4R0ExVUVCeE1JVEc5allXeHBkSGt4T0RBMkJnTlZCQW9UTDNCbVUyVnVjMlVnZDJWaQpRMjl1Wm1sbmRYSmhkRzl5SUZObGJHWXRVMmxuYm1Wa0lFTmxjblJwWm1sallYUmxNU2d3SmdZSktvWklodmNOCkFRa0JGaGxoWkcxcGJrQndabE5sYm5ObExteHZZMkZzWkc5dFlXbHVNUjR3SEFZRFZRUURFeFZ3WmxObGJuTmwKTFRVM1pqZGhNelkyTVRjNE56YUNBUUF3SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQ0FJQwpNQXNHQTFVZER3UUVBd0lGb0RBTkJna3Foa2lHOXcwQkFRc0ZBQU9DQVFFQWhESjgxLzdrYkZjRzJIanRwUlVWCnFmNGhoeEcrMlZvSFJIZW0wVk1UNG1pWmIxQk9MUC9qUnF5UG5nbEV0RzZ5a2U1TjJGM0k3UFVob0haNWVaV00KdjVyR0hpVWR2aytodDZIZ3hYU3R1UExxU21NSkVNRzZZanRHSCtjalVkbVNjWElpYXF3ZzZwa1BISnUyMThNcQpMVnY1ZlR3RHRlNm5qcENRMlBnK3pBZ1JBNnQzcjBOU083M2g3TlhlcWx0VHp2TThIdnQ2MlJzdGhQZnB5clNvCmJBTmhYU2ZHWjBiQlFWb3FuK2pwdDlYOEJKV211aldRT1k0eVV1aUxoMHNHS1VGVURrMGdqaEV1dkJiSm1DTVMKYmY4ZElLK2JueFpFd1h2RTZpa2h0VzJDV0pEalVmUkI3NklhZldOcDhBdW1mN3oybjRnVlpiS2lRZmttajB6cgpLQT09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K</crt>
      		<prv>LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2UUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktjd2dnU2pBZ0VBQW9JQkFRQzZHV3hFTHRjMDBaUEkKbGRsNEJSeFk5bDB3MnpGWm9yRkFZMVp2Qi9Ebm5aallseUxsTW5RZXlsK0tZMkUrNjVJYkgxdHJKZzc3RG9RLwplWndIZlZ6a1pwU1Y1U1A5MWszVitlLzgwa05TeEcyMitCQ1RuelJJWG5DbE9DQk9UeEQ5bUJtT1Q2Mm9URGtZCnRsd2V6QWV6eFRCUytpWWVWclVTU2MxWFRNR1hMSHB1ZDVydHRzSXdBd011WTN3R0paSkJ0TlEyWHJjcldYQ2MKMFFxNDlYNHh5ZXIyMHJQU2E4OCtONXV5QTZPbmlwWUZhVnVndkh3S3plNnovOWVlN0VXQ1o0eitFTVg5NU55SQp0V3JiTDkyWkMvcTFhNnRtRXM2cG1FbFRGZi9INnNXcVlqUGtqdkIwRHp3MERMQjV1dForOW03VTFwS1JyVk5sClNiTGt6ZVVaQWdNQkFBRUNnZ0VBYjJJeCs2a3hZMHFnc2lpR0xhQ1pjK0dZcTFvMThsayt6N1BsRXJWbENhdTQKeE1ISXYvZHZxdElqVnRmZVoyTmxZbGhsUmY5VWJnMGxPRHlZRjU5L3pyQmE5RkJlTjFwaDRkVWpQMlcxcDc4cgpqNXh2aDN0OU5tZFg4bnRpVXB4ZUpmbzRLWVlsQVJzRi9YV0FNMnFZblk5RE9oYkFZOTR2cUErR0dGODNhenZNCjhVWksrL2RReFZJRTgvV21RN0l0aHFrUlorcGc2aW9WMTRCay9yRFRwTjJiKzMrNEJ2ZTJFZlhwc3lzUXg3WGYKNzlhd0ZuZjRVc29BdEVGNGM0N2lTOElROU9oZjdISUIxNWRzQ1VIZk5xcTNyRStDekpBcnJtVFM5djlEOVNYcgpySDBHUi90a3VXMk1QRElGS3dhbjB1NnpFVktnV3FXdXRIL3lTVmQ0VVFLQmdRRHAxRGZMOTVlUG9QWjA3V2NqCmc1aVJRMkRuTkg0c3d0aTRGVTdEWEpFeGNST1dDYWpvcU40K0dkc1R6Q203angyOE1WSkdCYzRLdGZqSURVbkgKUEIxQmJmTXAxeWJPb3Qxc2JGR0F3YkVITUw4SEVNVm9DalpvN21Wc0o1OHg4cWEvRG01NWt1ZkRRd1k0Y3laeQp5Y21CUmtvMU16Q0NqZytxY0xQQ3d6elREUUtCZ1FETHZxYjZGSGwwRjk3MEhtcnZXb0lWYkJ5bGR1a3JjNHVxClp2ckNvM0pJcC90YlFhRnAyVFVqek04cDQrMXJ5WjdkaVpFczJFbEVJWGxPdkNmdEprUmh6Vk8zdjM1ZlRiUFcKdU96cmpQRkRRSVczY1dpN0pSSlM1OEJmNXZzRVpEak5MaWN0Wks0RXBvREZUQXhUczJCMEJicjdQcld1dGFHTgowVGJ3dmlOSFBRS0JnSEZuekp2dS9DSGIxa3hGYTdWTXVLMFRPYWRJelQwV1R4ZVF0ZitJSUo4VEVZVytMNTZQCmNDSThWZ1ZYQ3BKOXlkVWhNcDdsWjlYSUJkMjRuQ1MxNGhaK3BlV1FCTEZKU2d5d3lDS2pUaUdIb2M1aWN1dVAKc0czWjJYVElEcXloMi85amwyNzlNY3lBOEQ1bWtxb3ZkYnh1QThXaml3NTJxZUJuQXJnZUNwenRBb0dBYXVxZQpSd2R0Z0oxeU14cXZOUEdDNStqMjAyR21GRllyQ1gzR3cxTHdDdTZUdVp5a0xwNThBMUJidWZqUXcwcG5Zb3ZwCk1lWkI5RTI0a2JldElBWi94ZTd3cXJFRGlOR0d1UHdMMzhQemF6NDFyVUVIRzRYbHFyblF1c0xFSU5iUzgrRHYKVUNQUUtjS1NPbmFnMVYrQkV3RmEwTE5rdGN5OGZXWTNkWGZobldVQ2dZRUFtcmdSQlZ0cGU0S3JUczY4Wjg0WQorSUhVRWtlM1BlYkhxM1I1WlpGY3F5MTNtSjdzcnVndzUwdUpHUjZFT0NhSVVZUi9RTWZEQTZobVlxc085anozCjNlWUc0WUFNaStEMjJVZnJRNGNzTjBWQkxUT3VwVHBJeDhEakZISlJQMVZoYW1SdzZDUkdaWGJBMWdUR3pHTlQKeDlLUklacmNUNXBzZHVwbzBBRTFDOUE9Ci0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0K</prv></cert> 
      	 <vlans><vlan><if>re1</if>
      			<tag>128</tag>
      			 <pcp><vlanif>re1_vlan128</vlanif></pcp></vlan> 
      		 <vlan><if>re0</if>
      			<tag>11</tag>
      			 <pcp><vlanif>re0_vlan11</vlanif></pcp></vlan> 
      		 <vlan><if>re0</if>
      			<tag>229</tag>
      			 <pcp><vlanif>re0_vlan229</vlanif></pcp></vlan></vlans> 
      	 <ppps><gateways><gateway_item><interface>opt2</interface>
      			<gateway>192.168.131.14</gateway>
      			<name>Leeuwenhorst</name>
      			 <weight><ipprotocol>inet</ipprotocol>
      
      			 <disabled></disabled></weight></gateway_item></gateways> 
      	 <installedpackages><package><name>iperf</name>
      			<website>http://www.freshports.org/benchmarks/iperf/</website>
      
      			<version>2.0.5.5_1</version>
      			<pkginfolink>https://doc.pfsense.org/index.php/Iperf_package</pkginfolink>
      			<configurationfile>iperf.xml</configurationfile></package> 
      		 <package><name>OpenVPN Client Export Utility</name>
      			<internal_name>openvpn-client-export</internal_name>
      
      			<version>1.3.13</version>
      			<configurationfile>openvpn-client-export.xml</configurationfile></package> 
      		 <package><name>RRD Summary</name>
      			<internal_name>RRD_Summary</internal_name>
      
      			<version>1.3.1_2</version>
      			<configurationfile>rrd-summary.xml</configurationfile></package> 
      		 <package><name>pfBlockerNG</name>
      			 <descr>Manage IPv4/v6 List Sources into 'Deny, Permit or Match' formats.<br />
      			GeoIP database by MaxMind Inc. (GeoLite2 Free version).<br />
      			De-Duplication, Suppression, and Reputation enhancements.<br />
      			Provision to download from diverse List formats.<br />
      			Advanced Integration for Proofpoint ET IQRisk IP Reputation Threat Sources.<br />
      			Domain Name (DNSBL) blocking via Unbound DNS Resolver.]]></descr>
      			<pkginfolink>https://forum.pfsense.org/index.php?topic=102470.0</pkginfolink>
      			<version>2.1.1_4</version>
      			<configurationfile>pfblockerng.xml</configurationfile></package> 
      
      <menu>
      			<name>iperf</name>
      			Diagnostics
      			<configfile>iperf.xml</configfile>
      		</menu>
      
      <menu>
      			<name>RRD Summary</name>
      			<tooltiptext>Display total amount of traffic passed In/Out during this and the previous month.</tooltiptext>
      			Status
      			<url>/status_rrd_summary.php</url>
      		</menu>
      
      <menu>
      			<name>pfBlockerNG</name>
      			<configfile>pfblockerng.xml</configfile>
      			Firewall
      			<url>/pkg_edit.php?xml=pfblockerng.xml</url>
      		</menu>
      
      		 <service><name>iperf</name>
      			<executable>iperf</executable>
      
      			<stopcmd>mwexec("/usr/bin/killall iperf");</stopcmd></service> 
      		 <service><name>dnsbl</name>
      			<rcfile>dnsbl.sh</rcfile>
      			<executable>lighttpd_pfb</executable></service> 
      
      		 <pfblockerngafrica></pfblockerngafrica> 
      		 <pfblockerngantarctica></pfblockerngantarctica> 
      		 <pfblockerngasia></pfblockerngasia> 
      
      		 <pfblockerngnorthamerica></pfblockerngnorthamerica> 
      		 <pfblockerngoceania></pfblockerngoceania> 
      		 <pfblockerngsouthamerica></pfblockerngsouthamerica> 
      		 <pfblockerngtopspammers><config><countries4>CN,CN_rep,RU,RU_rep,JP,JP_rep,UA,UA_rep,GB,GB_rep,DE,DE_rep,BR,BR_rep,FR,FR_rep,IN,IN_rep,TR,IT,IT_rep,KR,PL,PL_rep,ES,ES_rep,VN,VN_rep,AR,CO,TW,TW_rep,MX,MX_rep,CL,CL_rep</countries4>
      				<countries6>CN,CN_rep,RU,RU_rep,JP,JP_rep,UA,UA_rep,GB,GB_rep,DE,DE_rep,BR,BR_rep,FR,FR_rep,IN,IN_rep,TR,TR_rep,IT,KR,PL,PL_rep,ES,ES_rep,VN,AR,AR_rep,CO,CO_rep,TW,TW_rep,MX,CL,CL_rep</countries6>
      				<action>Disabled</action>
      				<aliaslog>enabled</aliaslog>
      				 <autoaddrnot_in><autoports_in><aliasports_in><autoaddr_in><autonot_in><aliasaddr_in><autoproto_in><agateway_in>default</agateway_in>
      				 <autoaddrnot_out><autoports_out><aliasports_out><autoaddr_out><autonot_out><aliasaddr_out><autoproto_out><agateway_out>default</agateway_out></autoproto_out></aliasaddr_out></autonot_out></autoaddr_out></aliasports_out></autoports_out></autoaddrnot_out></autoproto_in></aliasaddr_in></autonot_in></autoaddr_in></aliasports_in></autoports_in></autoaddrnot_in></config></pfblockerngtopspammers> 
      		 <pfblockerngproxyandsatellite></pfblockerngproxyandsatellite> 
      		 <pfblockerng><config><enable_cb>on</enable_cb>
      				<pfb_keep>on</pfb_keep>
      				<pfb_interval>1</pfb_interval>
      				<pfb_min>0</pfb_min>
      				<pfb_hour>0</pfb_hour>
      				<pfb_dailystart>0</pfb_dailystart>
      				 <enable_dup><enable_agg><suppression><enable_log><maxmind_locale>en</maxmind_locale>
      				 <database_cc><skipfeed>0</skipfeed>
      				<log_maxlines>20000</log_maxlines>
      				<inbound_interface>wan</inbound_interface>
      				<inbound_deny_action>block</inbound_deny_action>
      				<outbound_interface>lan,opt1</outbound_interface>
      				<outbound_deny_action>reject</outbound_deny_action>
      				 <openvpn_action><ipsec_action><enable_float><pass_order>order_0</pass_order>
      				<autorule_suffix>autorule</autorule_suffix>
      				 <killstates></killstates></enable_float></ipsec_action></openvpn_action></database_cc></enable_log></suppression></enable_agg></enable_dup></config></pfblockerng> 
      		 <pfblockerngreputation><config><enable_rep><p24_max_var>5</p24_max_var>
      				 <enable_pdup><p24_pmax_var>50</p24_pmax_var>
      				 <enable_dedup><p24_dmax_var>5</p24_dmax_var>
      				<ccwhite>ignore</ccwhite>
      				<ccblack>block</ccblack>
      				<ccexclude>NL</ccexclude>
      				 <et_header><etblock><etmatch><et_update>disabled</et_update></etmatch></etblock></et_header></enable_dedup></enable_pdup></enable_rep></config></pfblockerngreputation></installedpackages> 
      	 <gres><gre><if>opt3</if>
      			<tunnel-local-addr>85.243.220.10</tunnel-local-addr>
      			<tunnel-remote-addr>85.12.12.12</tunnel-remote-addr>
      			<tunnel-remote-net>29</tunnel-remote-net>
      			<remote-addr>87.233.64.250</remote-addr>
      
      			 <link1><greif>gre0</greif></link1></gre></gres></ppps></dnshaper></openvpn></wol></proxyarp></aliases></ipsec></shaper></staticroutes></lastchange></pfsense> 
      
      
      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.