reinsle/config
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

update opnsense/fw01.ke.einsle.de

Browse Source
This commit is contained in:
oxidized 2019-07-17 13:31:43 +02:00
parent e078952e06
commit 31fe03b281
1 changed files with 171 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

199
opnsense/fw01.ke.einsle.de
View File

@ -349,7 +349,8 @@
<dnsserver>2620:0:ccc::2</dnsserver> <dnsserver>2620:0:ccc::2</dnsserver>
<dnsserver>2620:0:ccd::2</dnsserver> <dnsserver>2620:0:ccd::2</dnsserver>
<firmware> <firmware>
<plugins>os-zerotier,os-net-snmp</plugins> <plugins>os-zerotier,os-net-snmp,os-freeradius,os-smart,os-etpro-telemetry</plugins>
<mirror>https://pkg.opnsense.org</mirror>
</firmware> </firmware>
<serialspeed>115200</serialspeed> <serialspeed>115200</serialspeed>
<primaryconsole>video</primaryconsole> <primaryconsole>video</primaryconsole>
@ -1377,13 +1378,13 @@
<prefer>0.opnsense.pool.ntp.org</prefer> <prefer>0.opnsense.pool.ntp.org</prefer>
</ntpd> </ntpd>
<widgets> <widgets>
<sequence>system_information-container:00000000-col3:show,traffic_graphs-container:00000001-col3:show,cpu_usage-container:00000002-col3:show,log-container:00000003-col3:show,services_status-container:00000004-col4:show,gateways-container:00000005-col4:show,interface_list-container:00000006-col4:show,openvpn-container:00000007-col4:show,carp_status-container:00000008-col4:show</sequence> <sequence>system_information-container:00000000-col3:show,traffic_graphs-container:00000001-col3:show,proofpoint_et-container:00000002-col3:show,cpu_usage-container:00000003-col3:show,log-container:00000004-col3:show,services_status-container:00000005-col4:show,gateways-container:00000006-col4:show,interface_list-container:00000007-col4:show,openvpn-container:00000008-col4:show,carp_status-container:00000009-col4:show</sequence>
<column_count>2</column_count> <column_count>2</column_count>
</widgets> </widgets>
<revision> <revision>
<username>root@172.24.42.167</username> <username>(system)</username>
<time>1562307857.1269</time> <time>1563362806.833</time>
<description>/system_certmanager.php made changes</description> <description>/usr/local/opnsense/mvc/script/run_migrations.php made changes</description>
</revision> </revision>
<OPNsense> <OPNsense>
<Firewall> <Firewall>
@ -1604,29 +1605,6 @@ PORT_mail</content>
</aliases> </aliases>
</Alias> </Alias>
</Firewall> </Firewall>
<cron version="1.0.1">
<jobs/>
</cron>
<IDS version="1.0.2">
<rules/>
<userDefinedRules/>
<files/>
<fileTags/>
<general>
<enabled>0</enabled>
<ips>0</ips>
<promisc>0</promisc>
<interfaces>wan</interfaces>
<homenet>192.168.0.0/16,10.0.0.0/8,172.16.0.0/12</homenet>
<defaultPacketSize/>
<UpdateCron/>
<AlertLogrotate>W0D23</AlertLogrotate>
<AlertSaveLogs>4</AlertSaveLogs>
<MPMAlgo>ac</MPMAlgo>
<syslog>0</syslog>
<LogPayload>0</LogPayload>
</general>
</IDS>
<proxy version="1.0.3"> <proxy version="1.0.3">
<general> <general>
<enabled>0</enabled> <enabled>0</enabled>
@ -1820,6 +1798,170 @@ PORT_mail</content>
</server> </server>
</servers> </servers>
</OpenVPNExport> </OpenVPNExport>
<freeradius>
<user version="1.0.2">
<users/>
</user>
<dhcp version="1.0.0">
<dhcps/>
</dhcp>
<lease version="1.0.0">
<leases/>
</lease>
<client version="1.0.0">
<clients>
<client uuid="9c27fb4b-088f-44a9-9eb0-5f4c3a6b277e">
<enabled>1</enabled>
<name>mt-kg2</name>
<secret>asdfaodfadfzasdf33</secret>
<ip>172.24.10.90</ip>
</client>
</clients>
</client>
<eap version="1.0.0">
<default_eap_type>mschapv2</default_eap_type>
<enable_client_cert>1</enable_client_cert>
<ca>5d1dfed836986</ca>
<certificate>5d1e21b2c1e63</certificate>
<crl>5d1dff4d164f2</crl>
</eap>
<ldap version="1.0.0">
<protocol>LDAP</protocol>
<server>172.24.10.11:7389</server>
<identity>uid=sec_fw,cn=users,dc=ke,dc=einsle,dc=de</identity>
<password>b7G77HydYn9qUmLUqsnu</password>
<base_dn>dc=ke,dc=einsle,dc=de</base_dn>
<user_filter>(uid=%{%{Stripped-User-Name}:-%{User-Name}})</user_filter>
<group_filter>(objectClass=posixGroup)</group_filter>
</ldap>
<general version="1.0.0">
<enabled>1</enabled>
<vlanassign>1</vlanassign>
<ldap_enabled>1</ldap_enabled>
<wispr>0</wispr>
<chillispot>0</chillispot>
<mikrotik>1</mikrotik>
<sqlite>0</sqlite>
<sessionlimit>0</sessionlimit>
<log_destination>files</log_destination>
<log_authentication_request>1</log_authentication_request>
<log_authbadpass>1</log_authbadpass>
<log_authgoodpass>0</log_authgoodpass>
<dhcpenabled>0</dhcpenabled>
<dhcplistenip/>
<mysql>0</mysql>
<mysqlserver>127.0.0.1</mysqlserver>
<mysqlport>3306</mysqlport>
<mysqluser>radius</mysqluser>
<mysqlpassword>radpass</mysqlpassword>
<mysqldb>radius</mysqldb>
</general>
</freeradius>
<cron version="1.0.1">
<jobs>
<job uuid="0f0dab29-da17-4593-bbcc-7cd0437ab0d7">
<origin>IDS</origin>
<enabled>0</enabled>
<minutes>0</minutes>
<hours>0</hours>
<days>*</days>
<months>*</months>
<weekdays>*</weekdays>
<who>root</who>
<command>ids update</command>
<parameters/>
<description>ids rule updates</description>
</job>
</jobs>
</cron>
<IDS version="1.0.3">
<rules/>
<userDefinedRules/>
<files>
<file uuid="e4ce13f1-05b6-47a7-82e2-8e2602706fa6">
<filename>botcc.rules</filename>
<filter>drop</filter>
<enabled>1</enabled>
</file>
<file uuid="73392c2b-027b-448b-b5c0-3bf2803c6a56">
<filename>botcc.portgrouped.rules</filename>
<filter>drop</filter>
<enabled>1</enabled>
</file>
<file uuid="19460b38-85a1-464b-bb25-1662685a1226">
<filename>emerging-worm.rules</filename>
<filter>drop</filter>
<enabled>1</enabled>
</file>
<file uuid="f5fb3421-e116-43dd-aede-43afd9b1cda0">
<filename>emerging-trojan.rules</filename>
<filter/>
<enabled>1</enabled>
</file>
<file uuid="3d5e2442-d927-4d97-9371-e5a95c920924">
<filename>emerging-telnet.rules</filename>
<filter/>
<enabled>1</enabled>
</file>
<file uuid="1c3f3064-3c9e-403e-a6a3-20c5f23d3db7">
<filename>emerging-sql.rules</filename>
<filter/>
<enabled>1</enabled>
</file>
<file uuid="00c6ddcc-6ff7-4ef5-9189-22413edaf9aa">
<filename>emerging-shellcode.rules</filename>
<filter/>
<enabled>1</enabled>
</file>
<file uuid="cc0b6714-deb5-4b41-842a-b671259275e6">
<filename>emerging-scada.rules</filename>
<filter/>
<enabled>1</enabled>
</file>
<file uuid="103b3eff-8e54-4a6e-a6e6-a225746c14d4">
<filename>emerging-mobile_malware.rules</filename>
<filter/>
<enabled>1</enabled>
</file>
<file uuid="70aef7d2-c35b-4d72-bd58-48f8bfa90176">
<filename>emerging-malware.rules</filename>
<filter>drop</filter>
<enabled>1</enabled>
</file>
<file uuid="2c1ee318-f744-457f-8284-eac4d55b576c">
<filename>emerging-exploit.rules</filename>
<filter/>
<enabled>1</enabled>
</file>
</files>
<fileTags>
<tag uuid="fa8a8581-ab8a-4cfe-ba87-7bb5270d1c17">
<property>et_telemetry.token</property>
<value>70f54c02d81c3a1968c71c10b2f14592cbd6a8d148e7069ff824b5617b6d6f63</value>
</tag>
</fileTags>
<general>
<enabled>1</enabled>
<ips>0</ips>
<promisc>0</promisc>
<interfaces>wan</interfaces>
<homenet>192.168.0.0/16,10.0.0.0/8,172.16.0.0/12</homenet>
<defaultPacketSize/>
<UpdateCron>0f0dab29-da17-4593-bbcc-7cd0437ab0d7</UpdateCron>
<AlertLogrotate>W0D23</AlertLogrotate>
<AlertSaveLogs>4</AlertSaveLogs>
<MPMAlgo/>
<syslog>0</syslog>
<syslog_eve>0</syslog_eve>
<LogPayload>0</LogPayload>
</general>
</IDS>
<Syslog version="1.0.0">
<general>
<enabled>1</enabled>
</general>
<destinations/>
</Syslog>
</OPNsense> </OPNsense>
<gateways> <gateways>
<gateway_item> <gateway_item>
@ -2157,6 +2299,7 @@ PORT_mail</content>
<synchronizeopenvpn>on</synchronizeopenvpn> <synchronizeopenvpn>on</synchronizeopenvpn>
<synchronizesquid>on</synchronizesquid> <synchronizesquid>on</synchronizesquid>
<synchronizednsresolver>on</synchronizednsresolver> <synchronizednsresolver>on</synchronizednsresolver>
<synchronizewidgets>on</synchronizewidgets>
</hasync> </hasync>
<dhcrelay6> <dhcrelay6>
<interface>wan</interface> <interface>wan</interface>