• hallo werte gemeinde

    ich habe einen rechner mit 2 x 10gbit sfp karten, jeder karte hat 2 sfp ports also insgesammt 4mal 10gbit sfp port

    die jeweiligen 2 ports einer karte habe ich zum lagg gebaut
    also 2mal 10gbit = 20gbit

    bei beiden karten

    also 2 karten mit jeweils 20gbit pro karte

    nun habe ich eine bridge gebaut mit den jeweiligen etherchannel sfp ports
    um somit eine ids zu bauen die 20gbit durchsatzrate/datenrate hat

    das priszip des bridge bauen kann ich bauen da ich bei einderen rechnern es mit copper erfolgreich geschafft habe

    aber bei dieser oben genannten geschichte klapt es nicht........ist das ein pfsense problem? des geht kein traffic über die bridge FW regeln erstellt und lassen alles durch ids auch irgendwann ausgeschaltet ........aber egal was ich mache es geht kein traffic über die bridge............
    daher meine frage an euch draussen......wer weiß warum???????

    1000000 dank

    p.s.
    wenn ich die bridge mit nur 10 gbit baue . funktioniert es

    anbei meine konfig

    <?xml version="1.0"?>

    -<pfsense>

    <version>19.1</version>

    <lastchange/>

    -<system>

    <optimization>normal</optimization>

    <hostname>xxxxxxxx</hostname>

    <domain>xxxxx</domain>

    -<group>

    <name>all</name>

    -<description>

    -<![CDATA[All Users]]>
    </description>

    <scope>system</scope>

    <gid>1998</gid>

    </group>

    -<group>

    <name>admins</name>

    -<description>

    -<![CDATA[System Administrators]]>
    </description>

    <scope>system</scope>

    <gid>1999</gid>

    <member>0</member>

    <priv>page-all</priv>

    </group>

    -<user>

    <name>admin</name>

    -<descr>

    -<![CDATA[System Administrator]]>
    </descr>

    <scope>system</scope>

    <groupname>admins</groupname>

    <bcrypt-hash>$2y$10$oE4tlqafE/iP3Tn3CxvLrOQphmOxURimXn7L5.RP6o9SDGKQ5D.0cm</bcrypt-hash>

    <uid>0</uid>

    <priv>user-shell-access</priv>

    <expires/>

    <dashboardcolumns>2</dashboardcolumns>

    <authorizedkeys/>

    <ipsecpsk/>

    <webguicss>pfSense.css</webguicss>

    </user>

    <nextuid>2000</nextuid>

    <nextgid>2000</nextgid>

    <timeservers>0.pfsense.pool.ntp.org ptbtime1.ptb.de ptbtime2.ptb.de</timeservers>

    -<webgui>

    <protocol>https</protocol>

    <loginautocomplete/>

    <ssl-certref>5e6bc4c6c542b</ssl-certref>

    <port>403</port>

    <max_procs>3</max_procs>

    <disablehttpredirect/>

    <dashboardcolumns>2</dashboardcolumns>

    <webguicss>pfSense.css</webguicss>

    <logincss>333333</logincss>

    <loginshowhost/>

    </webgui>

    <disablenatreflection>yes</disablenatreflection>

    <disablesegmentationoffloading/>

    <disablelargereceiveoffloading/>

    <maximumtableentries>400000</maximumtableentries>

    <powerd_ac_mode>min</powerd_ac_mode>

    <powerd_battery_mode>min</powerd_battery_mode>

    <powerd_normal_mode>min</powerd_normal_mode>

    -<bogons>

    <interval>monthly</interval>

    </bogons>

    <already_run_config_upgrade/>

    -<ssh>

    <enable>enabled</enable>

    <port>404</port>

    </ssh>

    <disableconsolemenu/>

    <serialspeed>115200</serialspeed>

    <primaryconsole>serial</primaryconsole>

    <sshguard_threshold/>

    <sshguard_blocktime/>

    <sshguard_detection_time/>

    <sshguard_whitelist/>

    <language>de_DE</language>

    <timezone>Europe/Berlin</timezone>

    <dns1gw>none</dns1gw>

    <maximumstates/>

    <aliasesresolveinterval/>

    <maximumfrags/>

    <reflectiontimeout/>

    <powerd_enable/>

    <crypto_hardware>aesni_cryptodev</crypto_hardware>

    <thermal_hardware>coretemp</thermal_hardware>

    <pti_disabled/>

    <use_mfs_tmp_size/>

    <use_mfs_var_size/>

    <pkg_repo_conf_path>/usr/local/share/pfSense/pkg/repos/pfSense-repo.conf</pkg_repo_conf_path>

    <dns2gw>WAN_DHCP</dns2gw>

    <dns3gw>WAN_DHCP</dns3gw>

    <disablechecksumoffloading/>

    <mds_disable>0</mds_disable>

    <dnsallowoverride/>

    <dns1host/>

    <scrubnodf>enabled</scrubnodf>

    </system>

    -<interfaces>

    -<wan>

    <enable/>

    <if>bce0</if>

    <blockbogons/>

    -<descr>

    -<![CDATA[WAN]]>
    </descr>

    <ipaddr>dhcp</ipaddr>

    <dhcphostname/>

    <alias-address/>

    <alias-subnet>32</alias-subnet>

    <dhcprejectfrom/>

    <adv_dhcp_pt_timeout/>

    <adv_dhcp_pt_retry/>

    <adv_dhcp_pt_select_timeout/>

    <adv_dhcp_pt_reboot/>

    <adv_dhcp_pt_backoff_cutoff/>

    <adv_dhcp_pt_initial_interval/>

    <adv_dhcp_pt_values>SavedCfg</adv_dhcp_pt_values>

    <adv_dhcp_send_options/>

    <adv_dhcp_request_options/>

    <adv_dhcp_required_options/>

    <adv_dhcp_option_modifiers/>

    <adv_dhcp_config_advanced/>

    <adv_dhcp_config_file_override/>

    <adv_dhcp_config_file_override_path/>

    <ipaddrv6>dhcp6</ipaddrv6>

    <dhcp6-duid/>

    <dhcp6-ia-pd-len>0</dhcp6-ia-pd-len>

    <adv_dhcp6_prefix_selected_interface>wan</adv_dhcp6_prefix_selected_interface>

    <spoofmac/>

    </wan>

    -<lan>

    <enable/>

    <if>bce1</if>

    <ipaddr>172.18.200.224</ipaddr>

    <subnet>24</subnet>

    <ipaddrv6/>

    <subnetv6/>

    <media/>

    <mediaopt/>

    <track6-interface>wan</track6-interface>

    <track6-prefix-id>0</track6-prefix-id>

    <gateway/>

    <gatewayv6/>

    -<descr>

    -<![CDATA[LAN]]>
    </descr>

    </lan>

    -<opt1>

    -<descr>

    -<![CDATA[ether1]]>
    </descr>

    <if>lagg0</if>

    <enable/>

    <spoofmac/>

    </opt1>

    -<opt2>

    -<descr>

    -<![CDATA[ether2]]>
    </descr>

    <if>lagg1</if>

    <enable/>

    <spoofmac/>

    <media>autoselect</media>

    </opt2>

    -<opt3>

    -<descr>

    -<![CDATA[20gbitbridge]]>
    </descr>

    <if>bridge0</if>

    <enable/>

    <spoofmac/>

    </opt3>

    -<opt4>

    -<descr>

    -<![CDATA[bce2]]>
    </descr>

    <if>bce2</if>

    <enable/>

    <spoofmac/>

    </opt4>

    -<opt5>

    -<descr>

    -<![CDATA[bce3]]>
    </descr>

    <if>bce3</if>

    <enable/>

    <spoofmac/>

    </opt5>

    </interfaces>

    <staticroutes/>

    -<dhcpd>

    -<lan>

    -<range>

    <from>192.168.1.100</from>

    <to>192.168.1.199</to>

    </range>

    </lan>

    </dhcpd>

    -<dhcpdv6>

    -<lan>

    -<range>

    <from>::1000</from>

    <to>::2000</to>

    </range>

    <ramode>assist</ramode>

    <rapriority>medium</rapriority>

    </lan>

    </dhcpdv6>

    -<snmpd>

    <syslocation/>

    <syscontact/>

    <rocommunity>public</rocommunity>

    </snmpd>

    -<diag>

    <ipv6nat/>

    </diag>

    -<syslog>

    <filterdescriptions>1</filterdescriptions>

    </syslog>

    -<nat>

    -<outbound>

    <mode>disabled</mode>

    </outbound>

    </nat>

    -<filter>

    -<rule>

    <id/>

    <tracker>1584123274</tracker>

    <type>block</type>

    <interface>wan</interface>

    <ipprotocol>inet46</ipprotocol>

    <tag/>

    <tagged/>

    <max/>

    <max-src-nodes/>

    <max-src-conn/>

    <max-src-states/>

    <statetimeout/>

    -<statetype>

    -<![CDATA[keep state]]>
    </statetype>

    <os/>

    -<source>

    <any/>

    </source>

    -<destination>

    <any/>

    </destination>

    <descr/>

    -<updated>

    <time>1584123274</time>

    -<username>

    -<![CDATA[admin@172.18.200.60 (Local Database)]]>
    </username>

    </updated>

    -<created>

    <time>1584123274</time>

    -<username>

    -<![CDATA[admin@172.18.200.60 (Local Database)]]>
    </username>

    </created>

    </rule>

    -<rule>

    <id/>

    <tracker>1584123342</tracker>

    <type>pass</type>

    <interface>lan</interface>

    <ipprotocol>inet</ipprotocol>

    <tag/>

    <tagged/>

    <max/>

    <max-src-nodes/>

    <max-src-conn/>

    <max-src-states/>

    <statetimeout/>

    -<statetype>

    -<![CDATA[keep state]]>
    </statetype>

    <os/>

    -<source>

    <address>172.18.200.0/24</address>

    </source>

    -<destination>

    <address>172.18.200.0/24</address>

    </destination>

    <descr/>

    -<updated>

    <time>1584123342</time>

    -<username>

    -<![CDATA[admin@172.18.200.60 (Local Database)]]>
    </username>

    </updated>

    -<created>

    <time>1584123342</time>

    -<username>

    -<![CDATA[admin@172.18.200.60 (Local Database)]]>
    </username>

    </created>

    </rule>

    -<rule>

    <id/>

    <tracker>1584123361</tracker>

    <type>block</type>

    <interface>lan</interface>

    <ipprotocol>inet46</ipprotocol>

    <tag/>

    <tagged/>

    <max/>

    <max-src-nodes/>

    <max-src-conn/>

    <max-src-states/>

    <statetimeout/>

    -<statetype>

    -<![CDATA[keep state]]>
    </statetype>

    <os/>

    -<source>

    <any/>

    </source>

    -<destination>

    <any/>

    </destination>

    <descr/>

    -<updated>

    <time>1584123361</time>

    -<username>

    -<![CDATA[admin@172.18.200.60 (Local Database)]]>
    </username>

    </updated>

    -<created>

    <time>1584123361</time>

    -<username>

    -<![CDATA[admin@172.18.200.60 (Local Database)]]>
    </username>

    </created>

    </rule>

    -<rule>

    <id/>

    <tracker>1597672535</tracker>

    <type>pass</type>

    <interface>opt1</interface>

    <ipprotocol>inet</ipprotocol>

    <tag/>

    <tagged/>

    <max/>

    <max-src-nodes/>

    <max-src-conn/>

    <max-src-states/>

    <statetimeout/>

    -<statetype>

    -<![CDATA[keep state]]>
    </statetype>

    <os/>

    -<source>

    <any/>

    </source>

    -<destination>

    <any/>

    </destination>

    <descr/>

    -<updated>

    <time>1597672535</time>

    -<username>

    -<![CDATA[admin@172.18.200.60 (Local Database)]]>
    </username>

    </updated>

    -<created>

    <time>1597672535</time>

    -<username>

    -<![CDATA[admin@172.18.200.60 (Local Database)]]>
    </username>

    </created>

    </rule>

    -<rule>

    <id/>

    <tracker>1597672550</tracker>

    <type>pass</type>

    <interface>opt2</interface>

    <ipprotocol>inet</ipprotocol>

    <tag/>

    <tagged/>

    <max/>

    <max-src-nodes/>

    <max-src-conn/>

    <max-src-states/>

    <statetimeout/>

    -<statetype>

    -<![CDATA[keep state]]>
    </statetype>

    <os/>

    -<source>

    <any/>

    </source>

    -<destination>

    <any/>

    </destination>

    <descr/>

    -<updated>

    <time>1597672550</time>

    -<username>

    -<![CDATA[admin@172.18.200.60 (Local Database)]]>
    </username>

    </updated>

    -<created>

    <time>1597672550</time>

    -<username>

    -<![CDATA[admin@172.18.200.60 (Local Database)]]>
    </username>

    </created>

    </rule>

    -<rule>

    <id/>

    <tracker>1597837806</tracker>

    <type>pass</type>

    <interface>opt3</interface>

    <ipprotocol>inet</ipprotocol>

    <tag/>

    <tagged/>

    <max/>

    <max-src-nodes/>

    <max-src-conn/>

    <max-src-states/>

    <statetimeout/>

    -<statetype>

    -<![CDATA[keep state]]>
    </statetype>

    <os/>

    -<source>

    <any/>

    </source>

    -<destination>

    <any/>

    </destination>

    <descr/>

    -<updated>

    <time>1597837806</time>

    -<username>

    -<![CDATA[admin@172.18.200.60 (Local Database)]]>
    </username>

    </updated>

    -<created>

    <time>1597837806</time>

    -<username>

    -<![CDATA[admin@172.18.200.60 (Local Database)]]>
    </username>

    </created>

    </rule>

    -<rule>

    <id/>

    <tracker>1595943384</tracker>

    <type>pass</type>

    <interface>opt4</interface>

    <ipprotocol>inet</ipprotocol>

    <tag/>

    <tagged/>

    <max/>

    <max-src-nodes/>

    <max-src-conn/>

    <max-src-states/>

    <statetimeout/>

    -<statetype>

    -<![CDATA[keep state]]>
    </statetype>

    <os/>

    -<source>

    <any/>

    </source>

    -<destination>

    <any/>

    </destination>

    <descr/>

    -<updated>

    <time>1595943384</time>

    -<username>

    -<![CDATA[admin@172.18.200.225 (Local Database)]]>
    </username>

    </updated>

    -<created>

    <time>1595943384</time>

    -<username>

    -<![CDATA[admin@172.18.200.225 (Local Database)]]>
    </username>

    </created>

    </rule>

    -<separator>

    <wan/>

    <lan/>

    <opt2/>

    <opt1/>

    <opt3/>

    <opt4/>

    <opt6/>

    <opt7/>

    </separator>

    </filter>

    <shaper/>

    <ipsec/>

    <aliases/>

    <proxyarp/>

    -<cron>

    -<item>

    <minute>1,31</minute>

    <hour>0-5</hour>

    <mday>*</mday>

    <month>*</month>

    <wday>*</wday>

    <who>root</who>

    <command>/usr/bin/nice -n20 adjkerntz -a</command>

    </item>

    -<item>

    <minute>1</minute>

    <hour>3</hour>

    <mday>1</mday>

    <month>*</month>

    <wday>*</wday>

    <who>root</who>

    <command>/usr/bin/nice -n20 /etc/rc.update_bogons.sh</command>

    </item>

    -<item>

    <minute>1</minute>

    <hour>1</hour>

    <mday>*</mday>

    <month>*</month>

    <wday>*</wday>

    <who>root</who>

    <command>/usr/bin/nice -n20 /etc/rc.dyndns.update</command>

    </item>

    -<item>

    <minute>*/60</minute>

    <hour>*</hour>

    <mday>*</mday>

    <month>*</month>

    <wday>*</wday>

    <who>root</who>

    <command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 virusprot</command>

    </item>

    -<item>

    <minute>30</minute>

    <hour>12</hour>

    <mday>*</mday>

    <month>*</month>

    <wday>*</wday>

    <who>root</who>

    <command>/usr/bin/nice -n20 /etc/rc.update_urltables</command>

    </item>

    -<item>

    <minute>1</minute>

    <hour>0</hour>

    <mday>*</mday>

    <month>*</month>

    <wday>*</wday>

    <who>root</who>

    <command>/usr/bin/nice -n20 /etc/rc.update_pkg_metadata</command>

    </item>

    -<item>

    <minute>*/5</minute>

    <hour>*</hour>

    <mday>*</mday>

    <month>*</month>

    <wday>*</wday>

    <who>root</who>

    <command>/usr/bin/nice -n20 /usr/local/bin/php-cgi -f /usr/local/pkg/suricata/suricata_check_cron_misc.inc</command>

    </item>

    -<item>

    <minute>*/5</minute>

    <hour>*</hour>

    <mday>*</mday>

    <month>*</month>

    <wday>*</wday>

    <who>root</who>

    <command>/usr/bin/nice -n20 /sbin/pfctl -q -t snort2c -T expire 604800</command>

    </item>

    -<item>

    <minute>30</minute>

    <hour>0,6,12,18</hour>

    <mday>*</mday>

    <month>*</month>

    <wday>*</wday>

    <who>root</who>

    <command>/usr/bin/nice -n20 /usr/local/bin/php-cgi -f /usr/local/pkg/suricata/suricata_check_for_rule_updates.php</command>

    </item>

    -<item>

    <minute>0</minute>

    <hour>0</hour>

    <mday>8</mday>

    <month>*</month>

    <wday>*</wday>

    <who>root</who>

    <command>/usr/bin/nice -n20 /usr/local/bin/php-cgi -f /usr/local/pkg/suricata/suricata_geoipupdate.php</command>

    </item>

    </cron>

    <wol/>

    -<rrd>

    <enable/>

    </rrd>

    -<load_balancer>

    -<monitor_type>

    <name>ICMP</name>

    <type>icmp</type>

    -<descr>

    -<![CDATA[ICMP]]>
    </descr>

    <options/>

    </monitor_type>

    -<monitor_type>

    <name>TCP</name>

    <type>tcp</type>

    -<descr>

    -<![CDATA[Generic TCP]]>
    </descr>

    <options/>

    </monitor_type>

    -<monitor_type>

    <name>HTTP</name>

    <type>http</type>

    -<descr>

    -<![CDATA[Generic HTTP]]>
    </descr>

    -<options>

    <path>/</path>

    <host/>

    <code>200</code>

    </options>

    </monitor_type>

    -<monitor_type>

    <name>HTTPS</name>

    <type>https</type>

    -<descr>

    -<![CDATA[Generic HTTPS]]>
    </descr>

    -<options>

    <path>/</path>

    <host/>

    <code>200</code>

    </options>

    </monitor_type>

    -<monitor_type>

    <name>SMTP</name>

    <type>send</type>

    -<descr>

    -<![CDATA[Generic SMTP]]>
    </descr>

    -<options>

    <send/>

    <expect>220 *</expect>

    </options>

    </monitor_type>

    </load_balancer>

    -<widgets>

    <sequence>system_information:col1:open:0,netgate_services_and_support:col2:open:0,interfaces:col2:open:0,thermal_sensors:col2:open:0,traffic_graphs:col2:open:0</sequence>

    <period>10</period>

    </widgets>

    <openvpn/>

    <dnshaper/>

    -<unbound>

    <enable/>

    <dnssec/>

    <active_interface/>

    <outgoing_interface/>

    <custom_options/>

    <hideidentity/>

    <hideversion/>

    <dnssecstripped/>

    </unbound>

    -<revision>

    <time>1597837934</time>

    -<description>

    -<![CDATA[admin@172.18.200.60 (Local Database): /interfaces_groups_edit.php machte eine unbekannte Änderung]]>
    </description>

    -<username>

    -<![CDATA[admin@172.18.200.60 (Local Database)]]>
    </username>

    </revision>

    -<cert>

    <refid>5e6bc4c6c542b</refid>

    -<descr>

    -<![CDATA[webConfigurator default (5e6bc4c6c542b)]]>
    </descr>

    <type>server</type>

    <crt>LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVlakNDQTJLZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREJhTVRnd05nWURWUVFLRXk5d1psTmwKYm5ObElIZGxZa052Ym1acFozVnlZWFJ2Y2lCVFpXeG1MVk5wWjI1bFpDQkRaWEowYVdacFkyRjBaVEVlTUJ3RwpBMVVFQXhNVmNHWlRaVzV6WlMwMVpUWmlZelJqTm1NMU5ESmlNQjRYRFRJd01ETXhNekUzTXpjeE1Wb1hEVEkxCk1Ea3dNekUzTXpjeE1Wb3dXakU0TURZR0ExVUVDaE12Y0daVFpXNXpaU0IzWldKRGIyNW1hV2QxY21GMGIzSWcKVTJWc1ppMVRhV2R1WldRZ1EyVnlkR2xtYVdOaGRHVXhIakFjQmdOVkJBTVRGWEJtVTJWdWMyVXROV1UyWW1NMApZelpqTlRReVlqQ0NBU0l3RFFZSktvWklodmNOQVFFQkJRQURnZ0VQQURDQ0FRb0NnZ0VCQU01UXJOMlhJRmN2CmxQRVVJR0NKK0JoV2tBbUVJS0lqS2NHWjlaaEVSTkhvSU9uQXgrZ2dUcXYvRGlwd1QyZ3oxRENTaDRQbUpnMTgKZFl2anp4SStCb2tUTU9jYkNuZlZzSnZISjM5ZFVWVW51eDkwcU8yejg4WjBWRnlWdDlxaWsyRjg4RTZMMnorYgpvRDRNR05SVGpUNmRnek9PZXhkZlpMWHpWSEVSLzM1QXhXVjd0dkVMZElHK3M0NWxuOXRGOCt3Zk8vSzBvRTluCmhHbW5NOWcwdEFURUc1T3VDb0V3dGtOYVdkK0p0UWRaOGJueVBtbkJIblFtbnVhWXZPcENoQzdPY1kxTTlWYXUKb1c5V21NZzA1SlQvYk5KK21vV1kwaGp1eHJEQkhtWG9yb1Zxd1JSU2pOOW5wSjU4VlQ3MjFPOVdRdnRQSVJaWgp0WnF4L3Z1OXNNc0NBd0VBQWFPQ0FVa3dnZ0ZGTUFrR0ExVWRFd1FDTUFBd0VRWUpZSVpJQVliNFFnRUJCQVFECkFnWkFNQXNHQTFVZER3UUVBd0lGb0RBekJnbGdoa2dCaHZoQ0FRMEVKaFlrVDNCbGJsTlRUQ0JIWlc1bGNtRjAKWldRZ1UyVnlkbVZ5SUVObGNuUnBabWxqWVhSbE1CMEdBMVVkRGdRV0JCUytoSjJEbVRPME1POHEvNzVLaUlNTApaVm5tempDQmdnWURWUjBqQkhzd2VZQVV2b1NkZzVrenRERHZLdisrU29pREMyVlo1czZoWHFSY01Gb3hPREEyCkJnTlZCQW9UTDNCbVUyVnVjMlVnZDJWaVEyOXVabWxuZFhKaGRHOXlJRk5sYkdZdFUybG5ibVZrSUVObGNuUnAKWm1sallYUmxNUjR3SEFZRFZRUURFeFZ3WmxObGJuTmxMVFZsTm1Kak5HTTJZelUwTW1LQ0FRQXdIUVlEVlIwbApCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQ0FJQ01DQUdBMVVkRVFRWk1CZUNGWEJtVTJWdWMyVXROV1UyClltTTBZelpqTlRReVlqQU5CZ2txaGtpRzl3MEJBUXNGQUFPQ0FRRUFDamVPUmxEUmlscmkzZlJHMHpkcEtjcHIKMGIyeXZJNE9SZDUvczhCUitVcFpmNTJidWc3cGNBMEhraWl1azJqZkpWNEZNdGZ6N1FHR3ZMT3B4VWhjYnpaSApQZHd0QVZQRVhiMHZYRllOdURXZWhyR2MyaE9aekMrNU5zbklQRXhwd0JOb3pwSnhJVXNsQlRqVEJXUXNTdmduCklDQVBiU3o4aFhFNlVHMTVNbkE4WTNBZ3dTUnM5V3l2SytYTnZleWtHNGR6REJaMEhzVmRiYUNseHpJSEZSZ1kKZk9xemhhbHZVUWw5cnBCVEQ3Z0NMOEFCalRkcXBjT1pZNmY3SFpDM2x5Um1NOXo4REl3V1djTSs0ZktXaitTdAp1NEJBenk2VFpra015N29IeG91SkYxYm1vUWhGTnpMUjFTTTNzeWYwMm1HeW1Lc0VvYWluZTVmeWV6SlU4QT09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K</crt>

    <prv>LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2d0lCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktrd2dnU2xBZ0VBQW9JQkFRRE9VS3pkbHlCWEw1VHgKRkNCZ2lmZ1lWcEFKaENDaUl5bkJtZldZUkVUUjZDRHB3TWZvSUU2ci93NHFjRTlvTTlRd2tvZUQ1aVlOZkhXTAo0ODhTUGdhSkV6RG5Hd3AzMWJDYnh5ZC9YVkZWSjdzZmRLanRzL1BHZEZSY2xiZmFvcE5oZlBCT2k5cy9tNkErCkRCalVVNDArbllNempuc1hYMlMxODFSeEVmOStRTVZsZTdieEMzU0J2ck9PWlovYlJmUHNIenZ5dEtCUFo0UnAKcHpQWU5MUUV4QnVUcmdxQk1MWkRXbG5maWJVSFdmRzU4ajVwd1I1MEpwN21tTHpxUW9RdXpuR05UUFZXcnFGdgpWcGpJTk9TVS8yelNmcHFGbU5JWTdzYXd3UjVsNks2RmFzRVVVb3pmWjZTZWZGVSs5dFR2VmtMN1R5RVdXYldhCnNmNzd2YkRMQWdNQkFBRUNnZ0VBTUJQTXRMYUs2c1pEeHdvUm9XMkZTdWFoR2hhWUpEQmRncWdGK3oydGE5elUKRHFURjhPbldhMjQ4TnRlRktac3FUMGRXSFA1OHo1ZTVMS2doa1BhelB5NGhyemsxNzBiMHFOaDM4ODRqTGR6YwpWakF4VFhNcDA0MDRPM3NJSlFMTnBXSWYvYTNKb2NENlRuc3pMZ2RxV3JVSjVmSEY3V1JsYTZFUWhHalZTTzRUCjlZTllGTU1ZZXUwUFo1Lzc5aStqUE5jcjFLcWJjcU03MmhVeVhBbFRuL0Z5TWNEbkhaZTNkUGVWNnJlOHZPMk0KL1l4VWRHTVFqUHRFY2ZaVmxPeERwVnlHeGRjdnp3L1YrRUtKS0xqQzAzVWVvMGd5NHF5ZVJleUUxYmlxeGVjWAp2c1V5WG5Ea2k2aTJXS1lKTTd3cWJRRzhMaWJ1dGpyNmpIMjhEU09Hd1FLQmdRRG1aRUVPSUNpZUMvOXd3VzhPCkF0bkJDcXRFRnVwV1lIN1hWZkxVR05laXV6WUQxT3pMZ2loK1NNejFDNzVvTUYwblFOL0IzVVVoZ1V5K3hadnkKTm5wekd1WnhVSTlNdDVtK1d3YlJxVHN3OWhTQTh2bTQ5SkdxaUZZVW5CNVB2UW8xbG56dmxDRzhYTWNyWk05awpmN2Jrb2tyMVFCaStiUmsxMWY2Wi9aRWVKUUtCZ1FEbFAxUnlnTVl2cTdKN2NuUnVWdEgxUU1KRnRRK2VENmJiCmhXZTZQdFVZR3UvUkoyK3luZlpNYXZJT1N3ekFPUnlLZEZ0Rkp4eVBIbDYvRFZ5dW50U3BxSHpySk1WWGhQQVAKRUNWZ3Z6SFVyRlFuOGFScysrcE9pN2pWY2lXTVRhWU9GeE9kclRHMEFTRnlHRmhLa01LMzlXZnlyWjJ5T3lCTgpPSTlQNUFnSUx3S0JnUUNGMGFGL3hPb1Nzc0ZTQ3Vpb2FMdDJSdTRuaEcva2IvUDh1MjFxQ0d2bmwzbk9TL1NtCldCbVJFRlFMMlNCbGdBSDdkTkVDMTdUNXV4S0tsRmo2SE82T3dRY3N0akFselZhOW5EMmZ0ZjR0ZUNGOHJLU2oKNjFwWWhRd0t1SXRhb1dDMnM0d3AxQTZzUys5Ym94aGJOVnRUL1hnd2IyUnY1d3FIbko1ZmIwckZDUUtCZ1FDdQpOcTVxUmNwV3Q5aHZUOCtEZXA4Y0RoYVUrci9ma20xdkxiWmlKeFd4dCthL3Y0UjI3T3dicnJvOGVuUTZNQ3lzCld6aHhHUVB2RDFsWlAwSkx3WkJEVGpPQVR2VlpTVUZWY1NPMm5oVzBWVEd2R1Vlbk90b1l6cjJzRjQ3SlRNa0EKdERESUJySmE1UEVSejhacEJCRzEwdDBuNHlDUUxiYWllSFVRZFc1VktRS0JnUUROTkUwNzVxc3hwRFB5S1p1Uwp5L1MxRTAwT1MrYVVpdVkzdXMxZUtINXh6dXFTMzYvWE8yanE0SG5jVy9QUGJ0c0JVdzZzRG9JN3RURTZkbDdWCmRwdys4cFdna2RRY2RlTWNMTHEzY0c1eVJOb0JEZjFydFIyQkVBS3JiQTFDWE9UTXBMcWxBaFdKc1g1UUFxWlkKbVNrd0tJa21yQUdyU0RZZUE2ZlVqbWJ2TkE9PQotLS0tLUVORCBQUklWQVRFIEtFWS0tLS0tCg==</prv>

    </cert>

    -<gateways>

    <defaultgw4>WAN_DHCP</defaultgw4>

    <defaultgw6>-</defaultgw6>

    -<gateway_item>

    <interface>wan</interface>

    <gateway>dynamic</gateway>

    <name>WAN_DHCP</name>

    <weight>1</weight>

    <ipprotocol>inet</ipprotocol>

    -<descr>

    -<![CDATA[Interface WAN_DHCP Gateway]]>
    </descr>

    <monitor_disable/>

    <action_disable/>

    </gateway_item>

    </gateways>

    -<ifgroups>

    -<ifgroupentry>

    <members>opt1</members>

    <descr/>

    <ifname>1ether</ifname>

    </ifgroupentry>

    -<ifgroupentry>

    <members>opt2</members>

    <descr/>

    <ifname>2ether</ifname>

    </ifgroupentry>

    -<ifgroupentry>

    <members>opt3</members>

    <descr/>

    <ifname>20gbit</ifname>

    </ifgroupentry>

    </ifgroups>

    <ppps/>

    -<sysctl>

    -<item>

    <tunable>net.link.bridge.pfil_member</tunable>

    <value>1</value>

    -<descr>

    -<![CDATA[Packet filter on the member interface]]>
    </descr>

    </item>

    -<item>

    <tunable>net.link.bridge.pfil_bridge</tunable>

    <value>1</value>

    -<descr>

    -<![CDATA[Packet filter on the bridge interface]]>
    </descr>

    </item>

    </sysctl>

    -<bridges>

    -<bridged>

    <members>opt1,opt2</members>

    <descr/>

    <maxaddr>2000</maxaddr>

    <timeout/>

    <maxage/>

    <fwdelay/>

    <hellotime/>

    <priority/>

    <proto>rstp</proto>

    <holdcnt/>

    <ifpriority/>

    <ifpathcost/>

    <bridgeif>bridge0</bridgeif>

    </bridged>

    </bridges>

    -<notifications>

    -<smtp>

    <ipaddress/>

    <port/>

    <sslvalidate>enabled</sslvalidate>

    <timeout/>

    <notifyemailaddress/>

    <username/>

    <password/>

    <authentication_mechanism>PLAIN</authentication_mechanism>

    <fromaddress/>

    </smtp>

    -<growl>

    <ipaddress/>

    <password/>

    <name>pfSense-Growl</name>

    <notification_name>pfSense growl alert</notification_name>

    </growl>

    </notifications>

    -<laggs>

    -<lagg>

    <members>ixl0,ixl1</members>

    -<descr>

    -<![CDATA[ether1]]>
    </descr>

    <laggif>lagg0</laggif>

    <proto>lacp</proto>

    </lagg>

    -<lagg>

    <members>oce0,oce1</members>

    -<descr>

    -<![CDATA[ether2]]>
    </descr>

    <laggif>lagg1</laggif>

    <proto>lacp</proto>

    </lagg>

    </laggs>

    </pfsense>