opnsense Increase UFS read-ahead speeds to match the state of hard drives and NCQ. vfs.read_max default Set the ephemeral port range to be lower. net.inet.ip.portrange.first default Drop packets to closed TCP ports without returning a RST net.inet.tcp.blackhole default Do not send ICMP port unreachable messages for closed UDP ports net.inet.udp.blackhole default Randomize the ID field in IP packets net.inet.ip.random_id default Source routing is another way for an attacker to try to reach non-routable addresses behind your box. It can also be used to probe for information about your internal networks. These functions come enabled as part of the standard FreeBSD core system. net.inet.ip.sourceroute default Source routing is another way for an attacker to try to reach non-routable addresses behind your box. It can also be used to probe for information about your internal networks. These functions come enabled as part of the standard FreeBSD core system. net.inet.ip.accept_sourceroute default This option turns off the logging of redirect packets because there is no limit and this could fill up your logs consuming your whole hard drive. net.inet.icmp.log_redirect default Drop SYN-FIN packets (breaks RFC1379, but nobody uses it anyway) net.inet.tcp.drop_synfin default Enable sending IPv6 redirects net.inet6.ip6.redirect default Enable privacy settings for IPv6 (RFC 4941) net.inet6.ip6.use_tempaddr default Prefer privacy addresses and use them over the normal addresses net.inet6.ip6.prefer_tempaddr default Generate SYN cookies for outbound SYN-ACK packets net.inet.tcp.syncookies default Maximum incoming/outgoing TCP datagram size (receive) net.inet.tcp.recvspace default Maximum incoming/outgoing TCP datagram size (send) net.inet.tcp.sendspace default Do not delay ACK to try and piggyback it onto a data packet net.inet.tcp.delayed_ack default Maximum outgoing UDP datagram size net.inet.udp.maxdgram default Handling of non-IP packets which are not passed to pfil (see if_bridge(4)) net.link.bridge.pfil_onlyip default Set to 1 to additionally filter on the physical interface for locally destined packets net.link.bridge.pfil_local_phys default Set to 0 to disable filtering on the incoming and outgoing member interfaces. net.link.bridge.pfil_member default Set to 1 to enable filtering on the bridge interface net.link.bridge.pfil_bridge default Allow unprivileged access to tap(4) device nodes net.link.tap.user_open default Randomize PID's (see src/sys/kern/kern_fork.c: sysctl_kern_randompid()) kern.randompid default Disable CTRL+ALT+Delete reboot from keyboard. hw.syscons.kbd_reboot default Enable TCP extended debugging net.inet.tcp.log_debug default Set ICMP Limits net.inet.icmp.icmplim default TCP Offload Engine net.inet.tcp.tso default UDP Checksums net.inet.udp.checksum default Maximum socket buffer size kern.ipc.maxsockbuf default Page Table Isolation (Meltdown mitigation, requires reboot.) vm.pmap.pti default Disable Indirect Branch Restricted Speculation (Spectre V2 mitigation) hw.ibrs_disable default Hide processes running as other groups security.bsd.see_other_gids default Hide processes running as other users security.bsd.see_other_uids default Enable/disable sending of ICMP redirects in response to IP packets for which a better, and for the sender directly reachable, route and next hop is known. net.inet.ip.redirect default Redirect attacks are the purposeful mass-issuing of ICMP type 5 packets. In a normal network, redirects to the end stations should not be required. This option enables the NIC to drop all inbound ICMP redirect packets without returning a response. net.inet.icmp.drop_redirect 1 Maximum outgoing UDP datagram size net.local.dgram.maxdgram default normal fw3 vision4it.de 1 admins System Administrators system 1999 0 2000 page-all OpenVPN OpenVPN 2000 page-status-openvpn root System Administrator system admins $2y$10$r4ebfdzCRPtX3G/E7oZMp.aVyNNlL.GkC2WV/61ZUGcEdEa.JaxiC 0 eyJvcHRpb25zIjp7ImdyaWRMb2NrZWQiOnRydWV9LCJ3aWRnZXRzIjpbeyJpZCI6InN5c3RlbWluZm9ybWF0aW9uIiwibWluVyI6MiwieCI6MCwieSI6MCwiaCI6NTM0LCJ3aWRnZXQiOnt9LCJ3IjoyfSx7ImlkIjoibWVtb3J5IiwibWluVyI6MSwieCI6MiwieSI6MCwiaCI6MTU4LCJ3aWRnZXQiOnt9LCJ3IjpudWxsfSx7ImlkIjoiZGlzayIsIm1pblciOjEsIngiOjMsInkiOjAsImgiOjE1OCwid2lkZ2V0Ijp7fSwidyI6bnVsbH0seyJpZCI6ImludGVyZmFjZXN0YXRpc3RpY3MiLCJtaW5XIjoyLCJ4Ijo0LCJ5IjowLCJ3Ijo0LCJoIjo0NzYsIndpZGdldCI6e319LHsiaWQiOiJjcHUiLCJtaW5XIjoyLCJ4Ijo4LCJ5IjowLCJoIjozOTEsIndpZGdldCI6e30sInciOjJ9LHsiaWQiOiJnYXRld2F5cyIsIm1pblciOjIsIngiOjEwLCJ5IjowLCJzaXplVG9Db250ZW50Ijo0MjcsImgiOjQyNywid2lkZ2V0Ijp7fSwidyI6Mn0seyJpZCI6InRyYWZmaWMiLCJtaW5XIjoyLCJ4IjoyLCJ5IjoxNTgsImgiOjQ1MSwid2lkZ2V0Ijp7ImludGVyZmFjZXMiOlsiTEFOX0lOVCIsIldBTiJdfSwidyI6Mn0seyJpZCI6ImFubm91bmNlbWVudHMiLCJtaW5XIjoyLCJ4Ijo4LCJ5IjozOTEsInNpemVUb0NvbnRlbnQiOjM1MCwiaCI6MzUwLCJ3aWRnZXQiOnt9LCJ3IjoyfSx7ImlkIjoiaW50ZXJmYWNlcyIsIm1pblciOjIsInNpemVUb0NvbnRlbnQiOjMwMCwieCI6MTAsInkiOjQyNywiaCI6MjIwLCJ3aWRnZXQiOnt9LCJ3IjoyfSx7ImlkIjoiZmlyZXdhbGwiLCJtaW5XIjoyLCJ4Ijo0LCJ5Ijo0NzYsInciOjQsImgiOjQ0OCwid2lkZ2V0Ijp7fX0seyJpZCI6Imlwc2VjdHVubmVscyIsIm1pblciOjIsInNpemVUb0NvbnRlbnQiOjY1MCwieCI6MCwieSI6NTM0LCJoIjo2NTAsIndpZGdldCI6e30sInciOjJ9LHsiaWQiOiJvcGVudnBuY2xpZW50cyIsIm1pblciOjIsInNpemVUb0NvbnRlbnQiOjY1MCwieCI6MiwieSI6NjA5LCJoIjo0OTUsIndpZGdldCI6e30sInciOjJ9LHsiaWQiOiJzZXJ2aWNlcyIsIm1pblciOjIsInNpemVUb0NvbnRlbnQiOjY1MCwieCI6MTAsInkiOjY0NywiaCI6NjUwLCJ3aWRnZXQiOnt9LCJ3IjoyfV19 $2y$10$wRHJ8PGlxzIS5Ta0w4K2D.nHd/EOO1ms6LDqBXjSLoqSllE6GRDyq user vadmin vadmin tecteam@vision4it.de 2000 /usr/local/bin/bash eyJvcHRpb25zIjp7ImdyaWRMb2NrZWQiOmZhbHNlfSwid2lkZ2V0cyI6W3siaWQiOiJzeXN0ZW1pbmZvcm1hdGlvbiIsIm1pblciOjIsIngiOjAsInkiOjAsImgiOjU1NSwid2lkZ2V0Ijp7fSwidyI6Mn0seyJpZCI6Im1lbW9yeSIsIm1pblciOjEsIngiOjIsInkiOjAsImgiOjExNywid2lkZ2V0Ijp7fSwidyI6bnVsbH0seyJpZCI6ImRpc2siLCJtaW5XIjoxLCJ4IjozLCJ5IjowLCJoIjoxMTcsIndpZGdldCI6e30sInciOm51bGx9LHsiaWQiOiJpbnRlcmZhY2VzdGF0aXN0aWNzIiwibWluVyI6MiwieCI6NCwieSI6MCwidyI6NCwiaCI6MzExLCJ3aWRnZXQiOnt9fSx7ImlkIjoiY3B1IiwibWluVyI6MiwieCI6OCwieSI6MCwiaCI6NDExLCJ3aWRnZXQiOnt9LCJ3IjoyfSx7ImlkIjoiZ2F0ZXdheXMiLCJtaW5XIjoyLCJ4IjoxMCwieSI6MCwic2l6ZVRvQ29udGVudCI6NDI3LCJoIjo0MjcsIndpZGdldCI6e30sInciOjJ9LHsiaWQiOiJ0cmFmZmljIiwibWluVyI6MiwieCI6MiwieSI6MTE3LCJoIjo0NTEsIndpZGdldCI6eyJpbnRlcmZhY2VzIjpbIkxBTl9JTlQiLCJXQU4iXX0sInciOjJ9LHsiaWQiOiJmaXJld2FsbCIsIm1pblciOjIsIngiOjQsInkiOjMxMSwidyI6NCwiaCI6MzExLCJ3aWRnZXQiOnt9fSx7ImlkIjoiZmlyZXdhbGxzdGF0ZXMiLCJtaW5XIjoxLCJ4Ijo4LCJ5Ijo0MTEsImgiOjEzNywid2lkZ2V0Ijp7fSwidyI6bnVsbH0seyJpZCI6InNlcnZpY2VzIiwibWluVyI6Miwic2l6ZVRvQ29udGVudCI6NzE4LCJ4IjoxMCwieSI6NDI3LCJoIjo3MTgsIndpZGdldCI6e30sInciOjJ9LHsiaWQiOiJvcGVudnBuY2xpZW50cyIsIm1pblciOjIsInNpemVUb0NvbnRlbnQiOjU4MiwieCI6MCwieSI6NTU1LCJoIjo1ODIsIndpZGdldCI6e30sInciOjJ9XX0= NXIQ+y9HSpIi9r13a9hIdqvVk4XUY9qIBpAq+2XMS9L0JRVPw/YwaT0a1g+aalsA9lsz3Zsxx1m7BPr3 $6$$5VSvMFiJEEmtDapnyBGN84suw2odtAzybpc7msRfi32Yg588IU5avtRz3x0cg0uri2l6GjFCbjOHD8BVTmGKo. $2y$10$qxktsz96VtD4JdB6Fy3ge.01WKWq6Zuz8Q/hLTZR/1GH9MutIvqMu user lk Lena Kraan lk@medius-rheinland.de 2004 $2y$10$HBIOg1GjWcKn2SPWXwM3duZ7P4OkH4EwPFzXOW0DRxbnJ5KQgXpla user mk Mechtild Kraan mk@medius-rheinland.de 2005 $2y$10$lo2RPwaGh2CDNnnVxZzoGeBRlEY6e9BHeYK0/eQxqSMH33vVF5K4G user medius Medius Rheinland info@medius-rheinland.de 2006 $2y$11$Ndd0IqZQ3KfbA2URMXPb4OK3y0kvAux8kiujEuLu0soDxXxnrm33O user a.koehler Alex Köhler 2008 $2y$11$YVrh4rZYpfNHYRDzUnmXWOPov3KIOl2QCcPCKo4JKEP712G.JkolC user ds Daniel Stark ds@medius-rheinland.de 2009 user andreas.schiefer CN=Andreas Schiefer,OU=Technikleitung,OU=vision4it,DC=ad,DC=vision4it,DC=de Andreas Schiefer Andreas.Schiefer@vision4it.de $2y$11$vqx8tCHjqPf4JiuBrpvI8uYR5JzKslCtJPPQHkR50LH9u78IU0KIy 2010 XWJJVA7D7IX5K22J3IFJKYMWZ6QDOF7Y 2011 2001 Europe/Berlin 0.opnsense.pool.ntp.org 1.opnsense.pool.ntp.org 2.opnsense.pool.ntp.org 3.opnsense.pool.ntp.org https 650eb9bb75116 444 lan,wan 1 ad.vision4it.de,Local Database yes 1 1 1 1 hadp hadp hadp monthly 1 1 admins 1 lan 1 enabled 1 -1 -1 https://opnsense-update.deciso.com os-OPNcentral,os-acme-client,os-cache,os-chrony,os-clamav,os-dmidecode,os-haproxy,os-iperf,os-maltrail,os-net-snmp,os-netdata,os-nextcloud-backup,os-nginx,os-postfix,os-qemu-guest-agent,os-redis,os-rspamd,os-squid,os-vnstat,os-wazuh-agent,os-zabbix7-agent,os-zabbix7-proxy business 9440b411-7b09-44df-8ac9-a2ce6b245b60 en_US 192.168.123.24 8.8.8.8 1.1.1.1 650f1330c1cb2 ldap ad.vision4it.de 10.7.20.10 389 TCP - Standard 3 subtree DC=ad,DC=vision4it,DC=de OU=vision4it,DC=ad,DC=vision4it,DC=de &(memberOf=CN=GG-VPN,OU=Gruppen,OU=vision4it,DC=ad,DC=vision4it,DC=de) sAMAccountName CN=fw3-adsync,OU=Service,OU=vision4it,DC=ad,DC=vision4it,DC=de 0vQ,k1wGn)Km3*W*i,pb 1 1 1 654b632f8d24d ldap tvisiongmbh.local 10.7.40.70 389 TCP - Standard 3 subtree DC=tvisiongmbh,DC=local OU=tvision,DC=tvisiongmbh,DC=local sAMAccountName CN=fw3-sync,OU=service,DC=tvisiongmbh,DC=local !Vision5it.de? 1 1 1 1 66546e3845b22 ldap-totp ad.vision4it.de_2FA 10.7.20.10 389 TCP - Standard 3 subtree DC=ad,DC=vision4it,DC=de OU=vision4it,DC=ad,DC=vision4it,DC=de &(memberOf=CN=GG-VPN,OU=Gruppen,OU=vision4it,DC=ad,DC=vision4it,DC=de) sAMAccountName CN=fw3-adsync,OU=Service,OU=vision4it,DC=ad,DC=vision4it,DC=de 0vQ,k1wGn)Km3*W*i,pb 1 6 66548ba316824 totp Local TOTP 6 115200 video 2 admins 1 https://cloud.vision4it.de admin MyPdX-5RNp9-SL2iR-HFJCn-qrBbx OPNsense-Backup 7 1 1 1 none WAN_GW WAN_GW none none none none none 1 vtnet1 89.163.230.195 dhcp6 28 WAN_GW 1 1 0 vtnet0 LAN_INT 1 192.168.123.1 24 1 Loopback 1 lo0 127.0.0.1 ::1 8 128 none 1 1 1 openvpn OpenVPN group 1 1 1 enc0 IPsec none 1 192.168.123.10 192.168.123.245 public hybrid 10.123.20.0/24
192.168.12.0/22
 enc0 inet vadmin@10.7.200.111 /firewall_nat_out_edit.php made changes other-subnet 192.168.123.188 32 root@192.168.7.50 /firewall_nat_out_edit.php made changes 10.7.200.0/24
192.168.12.0/22
 enc0 inet other-subnet 192.168.123.188 32 vadmin@10.7.200.22 /firewall_nat_out_edit.php made changes vadmin@10.7.200.22 /firewall_nat_out_edit.php made changes 10.123.20.0/24
10.7.200.0/22
 enc0 inet other-subnet 192.168.123.188 32 root@10.123.20.3 /firewall_nat_out_edit.php made changes root@10.123.20.3 /firewall_nat_out_edit.php made changes 192.168.7.0/24
192.168.12.0/22
 enc0 inet other-subnet 192.168.123.188 32 root@192.168.7.49 /firewall_nat_out_edit.php made changes root@192.168.7.49 /firewall_nat_out_edit.php made changes 10.123.10.0/24
192.168.125.0/24
 enc0 inet root@192.168.7.15 /firewall_nat_out_edit.php made changes other-subnet 192.168.123.188 32 root@192.168.7.15 /firewall_nat_out_edit.php made changes any
10.80.2.0/24
 enc0 inet root@10.123.20.3 /firewall_nat_out_edit.php made changes other-subnet 192.168.123.188 32 root@192.168.7.50 /firewall_nat_out_edit.php made changes any
10.123.58.0/24
 lan inet root@192.168.7.50 /firewall_nat_out_edit.php made changes other-subnet 192.168.123.188 32 1 root@10.123.20.4 /firewall_nat_out_edit.php made changes tcp lan,openvpn inet nat_65ddeab1dfde29.59940640 127.0.0.1 11333 1 lanip 11333-11334 root@10.123.20.2 /firewall_nat_edit.php made changes vadmin@192.168.7.29 /firewall_nat_edit.php made changes pass lan,wan inet keep state S3 any S3 yes 1 1 tcp 1 (self) 7480 vadmin@192.168.7.27 /firewall_rules_edit.php made changes vadmin@192.168.7.27 /firewall_rules_edit.php made changes pass lan,wan inet keep state in yes 1 tcp 1 (self) 25 root@192.168.123.252 /firewall_rules_edit.php made changes root@192.168.123.252 /firewall_rules_edit.php made changes pass wan inet keep state OPNVPN_IN in yes 1 tcp/udp 1 wanip OPNVPN_Port vadmin@192.168.7.15 /firewall_rules_edit.php made changes vadmin@192.168.7.15 /firewall_rules_edit.php made changes pass lan inet keep state OPNVPN_IN in yes 1 tcp/udp 1 lanip OPNVPN_Port vadmin@192.168.7.15 /firewall_rules_edit.php made changes vadmin@192.168.7.15 /firewall_rules_edit.php made changes pass wan inet keep state in yes 1 tcp/udp
OPNVPN_Network
1 vadmin@192.168.7.29 /firewall_rules_edit.php made changes vadmin@192.168.7.15 /firewall_rules_edit.php made changes nat_65ddeab1dfde29.59940640 1 lan,openvpn keep state tcp inet
127.0.0.1
11333-11334 vadmin@192.168.7.29 /firewall_nat_edit.php made changes 1 yes block wan inet keep state GeoIP in GeoIP 1 1
GeoIP
1 vadmin@10.7.200.113 /firewall_rules_edit.php made changes vadmin@10.7.200.113 /firewall_rules_edit.php made changes block wan inet keep state in spamhaus 1 1
Spamhaus_drop
1 vadmin@10.7.200.113 /firewall_rules_edit.php made changes vadmin@10.7.200.113 /firewall_rules_edit.php made changes pass wan inet keep state in 1 tcp 1 (self) 25 root@192.168.123.252 /firewall_rules_edit.php made changes root@192.168.123.252 /firewall_rules_edit.php made changes 1 pass wan inet keep state in 1 tcp 1 (self) 465 vadmin@192.168.7.29 /firewall_rules_edit.php made changes vadmin@192.168.7.29 /firewall_rules_edit.php made changes 1 pass wan inet keep state in 1 tcp 1 (self) 587 vadmin@192.168.7.29 /firewall_rules_edit.php made changes vadmin@192.168.7.29 /firewall_rules_edit.php made changes 1 pass wan inet keep state IPsec ESP in 1 esp 1 1 vadmin@192.168.123.252 /firewall_rules_edit.php made changes vadmin@192.168.123.252 /firewall_rules_edit.php made changes pass wan inet keep state IPsec ISAKMP in 1 udp 1 1 500 vadmin@192.168.123.252 /firewall_rules_edit.php made changes vadmin@192.168.123.252 /firewall_rules_edit.php made changes pass wan inet keep state IPsec NAT-T in 1 udp 1 1 4500 vadmin@192.168.123.252 /firewall_rules_edit.php made changes vadmin@192.168.123.252 /firewall_rules_edit.php made changes pass wan inet keep state in 1 icmp 1 wanip root@192.168.7.15 /firewall_rules_edit.php made changes root@192.168.7.15 /firewall_rules_edit.php made changes pass wan inet keep state in 1 tcp 1 wanip 444 root@10.123.20.2 /firewall_rules_edit.php made changes root@10.123.20.2 /firewall_rules_edit.php made changes pass lan inet keep state Default allow LAN to any rule in 1 1 1 root@192.168.7.25 /firewall_rules_edit.php made changes pass inet6 Default allow LAN IPv6 to any rule lan lan pass enc0 inet keep state in 1 1 1 vadmin@192.168.123.252 /firewall_rules_edit.php made changes vadmin@192.168.123.252 /firewall_rules_edit.php made changes pass openvpn inet keep state in 1 1 1 1 vadmin@109.90.216.125 /firewall_rules_edit.php made changes vadmin@192.168.7.15 /firewall_rules_edit.php made changes ICMP icmp ICMP TCP tcp Generic TCP HTTP http Generic HTTP / 200 HTTPS https Generic HTTPS / 200 SMTP send Generic SMTP 220 * 0.opnsense.pool.ntp.org system_information-container:00000000-col1:show,monit-container:00000001-col1:show,gateways-container:00000002-col4:show,interface_list-container:00000003-col4:show,traffic_graphs-container:00000004-col4:show,thermal_sensors-container:00000005-col4:show,openvpn-container:00000006-col4:show,services_status-container:00000007-col6:show 3 lan,wan 9 root@192.168.7.14 /api/unbound/settings/addForward/ made changes 0 0 16 32 4 1000 1 1 0 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 89.163.230.195 1194 1 1 0 1 dabef160-7324-4d70-b92b-c17244126d3c fw3.vision4it.de 1194 1 0 0 0 2 fw3.vision4it.de 1194 1 1 0 0 598f81b2-82f6-4dd5-b6d3-0726828544a3 fw3.vision4it.de 1195 1 0 0 0 a8558b11-f502-4831-81e3-2eaeb362650b fw3.vision4it.de 1195 1 1 0 0 1 1 tun 3 tcp4 1194 subnet server 10.123.10.0/24 192.168.123.0/24,10.7.40.0/24,192.168.28.0/24,10.7.50.0/24,192.168.125.0/24 653a73dadaab7 653a7338bd8b6 1 0 none 0 AES-256-GCM,AES-128-GCM,CHACHA20-POLY1305 ad.vision4it.de,Local Database,tvisiongmbh.local 1 0 10 120 0 0 10.7.40.70 1 VPN_Server 2 1 tun 3 udp 1195 subnet server 10.123.20.0/24 192.168.123.0/24,10.7.20.0/24,10.7.40.0/24,10.7.240.0/24,10.7.50.0/24,192.168.7.0/24,192.168.1.0/24,192.168.20.0/24,192.168.12.0/22,10.80.2.0/24,10.123.58.0/24,10.7.200.0/24 653a73dadaab7 1 0 none 0 AES-256-GCM,AES-128-GCM,CHACHA20-POLY1305 ad.vision4it.de_2FA,Local Database 1 0 10 120 0 1 innocurity.de ad.vision4it.de,innocurity.de,vision4it.de 192.168.123.24 1 VPN_Server_vision4it 3 0 tun 3 udp 1196 subnet server 10.123.30.0/24 192.168.123.0/24,10.7.20.0/24,10.7.40.0/24,10.7.240.0/24,10.7.50.0/24,192.168.7.0/24 653a73dadaab7 653a7338bd8b6 1 0 none 0 AES-256-GCM,AES-128-GCM,CHACHA20-POLY1305 ad.vision4it.de,Local Database client-to-client 1 0 10 120 0 1 innocurity.de ad.vision4it.de,innocurity.de,vision4it.de 192.168.123.24 1 VPN_Server_Mitarbeiter_v4it AcmeClient 1 0 0 * * * root acmeclient cron-auto-renew AcmeClient Cronjob for Certificate AutoRenewal IDS 1 0 */3 * * * root ids update ids rule updates https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-Country-CSV&license_key=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&suffix=zip 1 OPNVPN_Port port 0 1194 1195 1196 1 OPNVPN_Network network 0 10.123.10.0/24 10.123.20.0/24 10.123.30.0/24 1 Spamhaus_drop urltable 0 1 https://www.spamhaus.org/drop/drop.txt spamhaus Drop 1 GeoIP geoip 0 CN RU UA KP BY Geo_IP 1 HQ_NET network 0 192.168.7.0/24 S3 1 spamhaus 1 GeoIP 1 lan,wan wan v9 127.0.0.1:2056 1 1800 15 opnsense.uncategorized.rules 1 opnsense.test.rules 1 opnsense.social_media.rules 1 opnsense.messaging.rules 1 opnsense.media_streaming.rules 1 opnsense.mail.rules 1 opnsense.file_transfer.rules 1 tor.rules 1 emerging-worm.rules 1 emerging-web_specific_apps.rules 1 emerging-web_server.rules 1 emerging-web_client.rules 1 emerging-voip.rules 1 emerging-user_agents.rules 1 emerging-tftp.rules 1 emerging-telnet.rules 1 emerging-sql.rules 1 emerging-snmp.rules 1 emerging-smtp.rules 1 emerging-shellcode.rules 1 emerging-scan.rules 1 emerging-scada.rules 1 emerging-rpc.rules 1 emerging-pop3.rules 1 emerging-policy.rules 1 emerging-phishing.rules 1 emerging-p2p.rules 1 emerging-netbios.rules 1 emerging-mobile_malware.rules 1 emerging-misc.rules 1 emerging-malware.rules 1 emerging-ja3.rules 1 emerging-info.rules 1 emerging-inappropriate.rules 1 emerging-imap.rules 1 emerging-icmp_info.rules 1 emerging-icmp.rules 1 emerging-hunting.rules 1 emerging-games.rules 1 emerging-ftp.rules 1 emerging-exploit_kit.rules 1 emerging-exploit.rules 1 emerging-dos.rules 1 emerging-dns.rules 1 emerging-deleted.rules 1 emerging-current_events.rules 1 emerging-coinminer.rules 1 emerging-chat.rules 1 emerging-attack_response.rules 1 emerging-adware_pup.rules 1 emerging-activex.rules 1 dshield.rules 1 drop.rules 1 compromised.rules 1 ciarmy.rules 1 botcc.portgrouped.rules 1 botcc.rules 1 abuse.ch.urlhaus.rules 1 abuse.ch.threatfox.rules 1 abuse.ch.sslipblacklist.rules 1 abuse.ch.sslblacklist.rules 1 abuse.ch.feodotracker.rules 1 1 1 0 wan 192.168.0.0/16,10.0.0.0/8,172.16.0.0/12 d28d9e18-1890-4b96-b665-84d1f663cb76 W0D23 4 ac medium 1 0 0 0 0 0 0 0 1 120 120 127.0.0.1 25 0 auto 1 syslog facility log_daemon 0 root sEvAYujF36HUF3qY5y 2812 5 1 1 mg@vision4it.de 0 icmp,link,uptime 10 1 as@vision4it.de 0 icmp,uptime 10 1 $HOST system 300 30
a2c0d34f-b75f-4fd5-9f13-e2f900c48d17,9860ca3c-83aa-4786-8c0b-818006516c06,30ff75ef-d943-4a13-9acb-6a8e47d6ed53,78909826-a791-45c5-bc2e-fa30d79ff4d2 1 RootFs filesystem / 300 30
611863fd-5e49-4c8d-92b7-36cead8ef197 0 carp_status_change custom /usr/local/opnsense/scripts/OPNsense/Monit/carp_status 300 30
b03d33b1-c2c4-4357-9298-1b5c42376587 0 gateway_alert custom /usr/local/opnsense/scripts/OPNsense/Monit/gateway_alert 300 30
85ea70eb-211c-4fb4-b845-2410d3897b5e Ping NetworkPing failed ping alert NetworkLink NetworkInterface failed link alert NetworkSaturation NetworkInterface saturation is greater than 75% alert MemoryUsage SystemResource memory usage is greater than 75% alert CPUUsage SystemResource cpu usage is greater than 75% alert LoadAvg1 SystemResource loadavg (1min) is greater than 8 alert LoadAvg5 SystemResource loadavg (5min) is greater than 6 alert LoadAvg15 SystemResource loadavg (15min) is greater than 4 alert SpaceUsage SpaceUsage space usage is greater than 75% alert ChangedStatus ProgramStatus changed status alert NonZeroStatus ProgramStatus status != 0 alert 1 opnsense 1 1 on strip 1 1 0 admin@localhost.local 0 /var/squid/cache 256 always 100 16 256 0 0 0 2048 1024 1024 256 0 0 username password lan 3128 3129 0 0 4 5 0 3401 public 2121 0 1 0 80:http,21:ftp,443:https,70:gopher,210:wais,1025-65535:unregistered ports,280:http-mgmt,488:gss-http,591:filemaker,777:multiling http 443:https 0 icap://[::1]:1344/avscan icap://[::1]:1344/avscan 1 0 0 X-Username 1 1024 60 OPNsense proxy authentication 2 5