Skip to content

Instantly share code, notes, and snippets.

@paigeadelethompson

paigeadelethompson/pf.conf

Created October 26, 2025 00:57
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save paigeadelethompson/dea5156934c9aeb8ea69c71c2ce21d2c to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save paigeadelethompson/dea5156934c9aeb8ea69c71c2ce21d2c to your computer and use it in GitHub Desktop.
Download ZIP
Raw
pf.conf
table <resvd_networks> { 0.0.0.0/8 10.0.0.0/8 100.64.0.0/10 127.0.0.0/8 169.254.0.0/16
172.16.0.0/12 192.0.0.0/24 192.0.2.0/24 192.88.99.0/24
192.168.0.0/16 198.18.0.0/15 198.51.100.0/24 203.0.113.0/24
224.0.0.0/4 233.252.0.0/24 240.0.0.0/4 255.255.255.255/32 }
nat on wlan0 inet from 192.0.0.30/32 to !<resvd_networks> -> wlan0
nat on wlan0 inet from 203.0.113.53/32 to !<resvd_networks> -> wlan0
nat on wlan0 inet from 192.88.99.2/32 to !<resvd_networks> -> wlan0
Raw
proxy_egr.conf
access_log syslog:local2 squid
cache_log syslog:local2 squid
forwarded_for off
pinger_enable off
dns_nameservers 203.0.113.53
visible_hostname proxy-egr.sttl.wa.us.clandestine.network
nonhierarchical_direct off
acl localnet src 192.88.99.0/24
tcp_outgoing_address 192.88.99.2
tcp_outgoing_address 2001:470:e845::3128
http_port 192.88.99.2:3128 name=general
http_port [fcff:80::192:88:99:2]:3128 name=general
http_port 192.88.99.2:8080 name=tor
http_port [fcff:80::192:88:99:2]:8080 name=tor
acl general_acl myportname general
acl tor_acl myportname tor
always_direct deny tor_acl
always_direct allow general_acl
never_direct allow tor_acl
cache_peer fcff:48::192:88:99:255 parent \
8080 0 \
proxy-only no-query \
no-digest no-delay \
name=tor_8080
cache_peer_access tor_8080 allow tor_acl
cache_peer_access tor_8080 deny all
http_access allow localnet
http_access deny all
cache deny all
coredump_dir /var/squid/cache
Raw
proxy_ingr.conf
http_port 192.88.99.0:3128
snmp_port 3401
forwarded_for off
dns_nameservers 203.0.113.53
visible_hostname proxy-ingr.netcrave.local
coredump_dir /var/squid/cache
access_log syslog:local2 squid
cache_log syslog:local2 squid
pinger_enable off
acl snmp_server src 10.255.255.254/32
acl local_rtr src 192.0.0.0/24
acl snmp_com snmp_community public
#acl blocknet_ru dst "/usr/local/etc/squid/blocknet.ru.txt"
acl ads dstdomain "/usr/local/etc/squid/ad_domains.txt"
acl weirdos dstdomain "/usr/local/etc/squid/weirdos.txt"
acl pypi_pkg dstdomain pypi.org files.pythonhosted.org
acl opensuse_pkg dstdomain download.opensuse.org \
mirror.sfo12.us.leaseweb.net \
mirror.umd.edu \
mirror.xenyth.net \
slc-mirror.opensuse.org \
rsync.opensuse.org \
codecs.opensuse.org
acl ubuntu_pkg dstdomain security.ubuntu.com \
archive.ubuntu.com
acl debian_pkg dstdomain deb.debian.org
acl void_pkg dstdomain repo-default.voidlinux.org
acl freebsd_pkg dstdomain pkg.FreeBSD.org \
pkgmir.geo.freebsd.org \
ftp.freebsd.org \
git.freebsd.org \
dualstack.aws.update.freebsd.org \
update2.freebsd.org \
update1.freebsd.org
acl docker_hub dstdomain auth.docker.io hub.docker.io
acl letsencrypt dstdomain acme-v02.api.letsencrypt.org
acl github_api dstdomain api.github_api.com \
codeload.github.com \
github.com \
objects.githubusercontent.com \
api.github.com \
pipelinesghubeus14.actions.githubusercontent.com \
tokenghub.actions.githubusercontent.com \
broker.actions.githubusercontent.com \
run-actions-2-azure-eastus.actions.githubusercontent.com \
run-actions-1-azure-eastus.actions.githubusercontent.com \
run-actions-3-azure-eastus.actions.githubusercontent.com \
launch.actions.githubusercontent.com \
results-receiver.actions.githubusercontent.com \
.blob.core.windows.net
acl netcrave dstdomain .netcrave.network .netcrave.io .netcrave.chat
acl dns src 203.0.113.53/32
acl ntp src 203.0.113.123/32
acl rev_web src 198.51.100.0/32
acl management src 10.255.255.0/24
acl wave src 192.168.32.128/25
acl tailscale src 100.64.0.0/10
acl link_local src 169.254.0.0/16
acl dmz src 192.168.1.0/24
acl lan src 10.1.0.0/18
acl wifi src 10.1.64.0/18
acl live_servers src 192.168.72.128/25
acl traefik src 192.168.72.250/32
acl docker src 192.168.72.250/32
acl home_servers src 192.168.64.128/25
acl link_local_ipv6 src fe80::/10
acl Safe_ports port 80
acl Safe_ports port 21
acl HTTPS port 443
acl resvd4 dst 0.0.0.0/8 \
10.0.0.0/8 \
100.64.0.0/10 \
127.0.0.0/8 \
169.254.0.0/16 \
172.16.0.0/12 \
192.0.0.0/24 \
192.0.2.0/24 \
192.88.99.0/24 \
192.168.0.0/16 \
198.18.0.0/15 \
198.51.100.0/24 \
203.0.113.0/24 \
224.0.0.0/4 \
240.0.0.0/4
acl internet6 dst 2000::/3
snmp_access allow snmp_com snmp_server
snmp_access allow snmp_com local_rtr
snmp_access deny all
http_access deny ads
#http_access deny blocknet_ru
http_access deny weirdos
http_access allow CONNECT !Safe_ports lan
http_access allow lan
http_access allow CONNECT HTTPS wifi
http_access allow wifi
http_access allow CONNECT !Safe_ports docker
http_access allow docker
http_access allow Safe_ports docker
http_access allow CONNECT Safe_ports management freebsd_pkg
http_access allow CONNECT HTTPS management freebsd_pkg
http_access allow management freebsd_pkg
http_access allow CONNECT HTTPS live_servers freebsd_pkg
http_access allow live_servers freebsd_pkg
http_access allow CONNECT HTTPS live_servers void_pkg
http_access allow live_servers void_pkg
http_access allow CONNECT HTTPS live_servers debian_pkg
http_access allow live_servers debian_pkg
http_access allow CONNECT HTTPS live_servers ubuntu_pkg
http_access allow live_servers ubuntu_pkg
http_access allow CONNECT HTTPS live_servers pypi_pkg
http_access allow live_servers pypi_pkg
http_access allow CONNECT HTTPS live_servers opensuse_pkg
http_access allow live_servers opensuse_pkg
http_access allow CONNECT HTTPS home_servers opensuse_pkg
http_access allow home_servers opensuse_pkg
http_access allow CONNECT HTTPS live_servers docker_hub
http_access allow live_servers docker_hub
http_access allow CONNECT HTTPS live_servers github_api
http_access allow live_servers github_api
http_access allow CONNECT HTTPS wave github_api
http_access allow wave github_api
http_access allow CONNECT HTTPS wave opensuse_pkg
http_access allow wave opensuse_pkg
http_access allow CONNECT HTTPS wave freebsd_pkg
http_access allow wave freebsd_pkg
http_access allow CONNECT HTTPS ntp freebsd_pkg
http_access allow ntp freebsd_pkg
http_access allow CONNECT HTTPS dns freebsd_pkg
http_access allow dns freebsd_pkg
http_access allow CONNECT HTTPS rev_web freebsd_pkg
http_access allow rev_web freebsd_pkg
http_access allow CONNECT HTTPS docker github_api
http_access allow docker github_api
http_access allow CONNECT HTTPS docker ubuntu_pkg
http_access allow docker ubuntu_pkg
http_access allow CONNECT HTTPS traefik letsencrypt
http_access allow traefik letsencrypt
http_access allow CONNECT HTTPS traefik netcrave
http_access allow traefik netcrave
http_access deny all
cache_peer 192.0.2.2 parent \
3128 0 \
proxy-only no-query \
no-digest no-delay \
name=kama \
connect_timeout=8s
cache_peer 192.88.99.2 parent \
3128 0 \
proxy-only no-query \
no-digest no-delay \
name=general default \
connect_timeout=8s
cache_peer_access general allow docker github_api
cache_peer_access general allow docker ubuntu_pkg
cache_peer_access kama allow docker !resvd4
cache_peer_access general allow docker internet6
cache_peer_access kama deny all
cache_peer_access general deny docker
never_direct allow all
always_direct deny all
cache deny all
Raw
rc.conf
snmpd_enable="NO"
snmpd_flags="-a -r"
snmpd_conffile="/usr/local/etc/snmpd.conf"
wireguard_enable=NO
linux_enable=YES
ipv6_activate_all_interfaces=YES
vm_dir="zfs:zroot/vm"
vm_enable=YES
hostname=zima.netcrave.local
pf_enable=YES
clear_tmp_enable=YES
wpa_supplicant_enable=YES
local_unbound_enable=NO
sshd_enable=YES
moused_enable=NO
#ntpd_enable=YES
#ntpd_flags="-4"
#ntpd_fib=123
gpsd_enable=YES
gpsd_flags="/dev/ttyU0 -F /var/run/gpsd.sock"
chronyd_enable=YES
chronyd_fib=123
ntpdate_enable=NO
powerd_enable=YES
dumpdev=AUTO
zfs_enable=YES
lldpd_enable=YES
lldpd_flags="-c"
ipsec_enable=NO
ipsec_program="/usr/local/sbin/setkey"
ipsec_file="/usr/local/etc/racoon/setkey.conf"
ezjail_enable=YES
syslogd_enable=YES
syslogd_flags="-b 192.0.0.16:514 -b 192.0.0.10:514 -b 10.255.255.254:514 -b 192.0.0.32:514 -b 192.0.0.22:514 -b 192.0.0.20:514 -b 192.0.0.18:514 -b 192.0.0.36:514 -b [fcfc:48::192:0:0:28]:514 -b 192.0.0.40:514 -f /etc/syslog.conf"
wlans_rtwn0="wlan0"
frr_enable=NO
frr_daemons="zebra ospfd"
vlans_lagg0="16 18 20 24 25 26 27 28 30 123 180 255"
cloned_interfaces="epair0 epair1 epair10 epair11 epair12 epair2 epair3 epair4
epair5 epair6 epair7 epair9 gif1 lo1 lo20 lo24 lo25 lo123
lagg0 bridge0 bridge1 bridge2 epair13 epair14 epair15
epair16 epair17 epair18 vlan48 vlan53 vlan80 vlan81
bridge3 epair18 lo255 lo48 lo53 lo81 lo80 vlan180
lo180 epair19 epair20 bridge4 lo16 lo26 vlan26 lo27 vlan27
vlan28 epair21 epair22 wg0 lo128 vlan128 epair128"
#
# Kamatera
#
ifconfig_wg0="192.0.2.1/31 fib 56 tunnelfib 255"
ifconfig_wg0_ipv6="inet6 fcff:56::192:0:2:1/64 fib 56 tunnelfib 255"
#
# Internet FIB 255
#
ifconfig_wlan0="WPA inet 192.168.1.156/24 fib 255"
ifconfig_wlan0_ipv6="inet6 accept_rtadv fib 255"
#
# Host interfaces FIB 1/PVID 1
#
ifconfig_re0="up fib 1"
ifconfig_re1="up fib 1"
#
# Management FIB 1/VLAN 1
#
ifconfig_lagg0="laggproto lacp laggport re0 laggport re1 10.255.255.254/24 fib 1"
ifconfig_lagg0_ipv6="inet6 fcff:ffff::10:255:255:254/64 fib 1"
#
# metal management network FIB 16/VLAN 16
#
ifconfig_lagg0_16="inet 192.168.32.129/25 fib 16"
ifconfig_lagg0_16_ipv6="inet6 fcff:16::192:168:32:129/64 fib 16"
#
# Home servers FIB 18/VLAN 18
#
ifconfig_lagg0_18="inet 192.168.64.129/25 fib 18"
ifconfig_lagg0_18_ipv6="inet6 fcff:18::192:168:64:129/112 fib 18"
#
# WiFi FIB 20/VLAN 20 (dominion)
#
ifconfig_lagg0_20="inet 10.1.64.1/18 fib 20"
ifconfig_lagg0_20_ipv6="inet6 fcff:20::10:1:64:1/64 fib 20"
#
# LAN FIB 25/VLAN 25
#
ifconfig_lagg0_25="inet 10.1.0.1/18 fib 25"
ifconfig_lagg0_25_ipv6="inet6 fcff:25::10:1:0:1/64 fib 25"
#
# VoIP FIB 24/VLAN 24
#
ifconfig_lagg0_24="inet 10.1.128.1/18 fib 24"
ifconfig_lagg0_24_ipv6="inet6 fcff:24::10:1:128:1/64 fib 24"
#
# Live servers FIB 30/VLAN 30
#
ifconfig_lagg0_30="inet 192.168.72.129/25 fib 30 fib 30"
ifconfig_lagg0_30_ipv6="inet6 fcff:30::192:168:72:129/64 fib 30"
#
# NTPd FIB 123/VLAN 123
#
ifconfig_lagg0_123="inet 203.0.113.123/32 fib 123"
ifconfig_lagg0_123_ipv6="inet6 fcff::123/64 fib 123"
#
# LDAP FIB 28/VLAN 28
#
ifconfig_lagg0_28="inet 203.0.113.89/24 fib 28"
#
# FIB 0 <-> FIB 16 core/metal management
#
ifconfig_epair0a="inet 192.0.0.10/31"
ifconfig_epair0a_ipv6="inet6 fcfc:16::192:0:0:10/64"
ifconfig_epair0b="inet 192.0.0.11/31 fib 16"
ifconfig_epair0b_ipv6="inet6 fcfc:16::192:0:0:11/64 fib 16"
#
# FIB 0 <-> FIB 18 core/home servers
#
ifconfig_epair1a="inet 192.0.0.12/31"
ifconfig_epair1a_ipv6="inet6 fcfc:18::192:0:0:12/64"
ifconfig_epair1b="inet 192.0.0.13/31 fib 18"
ifconfig_epair1b_ipv6="inet6 fcfc:18::192:0:0:13/64 fib 18"
#
# FIB 0 <-> FIB 25 core/LAN
#
ifconfig_epair2a="inet 192.0.0.14/31"
ifconfig_epair2a_ipv6="inet6 fcfc:25::192:0:0:14/64"
ifconfig_epair2b="inet 192.0.0.15/31 fib 25"
ifconfig_epair2b_ipv6="inet6 fcfc:25::192:0:0:15/64 fib 25"
#
# FIB 0 <-> FIB 30 core/Live servers
#
ifconfig_epair3a="inet 192.0.0.16/31"
ifconfig_epair3a_ipv6="inet6 fcfc:30::192:0:0:16/64"
ifconfig_epair3b="inet 192.0.0.17/31 fib 30"
ifconfig_epair3b_ipv6="inet6 fcfc:30::192:0:0:17/64 fib 30"
#
# FIB 0 <-> FIB 53 core/DNS resolvers (ns1)
#
ifconfig_epair4a="inet 192.0.0.18/31"
ifconfig_epair4a_ipv6="inet6 fcfc:53::192:0:0:18/64"
ifconfig_epair4b="inet 192.0.0.19/31 fib 53"
ifconfig_epair4b_ipv6="inet6 fcfc:53::192:0:0:19/64 fib 53"
#
# FIB 0 <-> FIB 80 core/Squid proxy ingres (proxy-ingr)
#
ifconfig_epair5a="inet 192.0.0.20/31"
ifconfig_epair5a_ipv6="inet6 fcfc:80::192:0:0:20/64"
ifconfig_epair5b="inet 192.0.0.21/31 fib 80"
ifconfig_epair5b_ipv6="inet6 fcfc:80::192:0:0:21/64 fib 80"
#
# FIB 0 <-> FIB 81 core/Squid proxy egres (proxy-egr)
#
ifconfig_epair6a="inet 192.0.0.22/31"
ifconfig_epair6a_ipv6="inet6 fcfc:81::192:0:0:22/64"
ifconfig_epair6b="inet 192.0.0.23/31 fib 81"
ifconfig_epair6b_ipv6="inet6 fcfc:81::192:0:0:23/64 fib 81"
#
# FIB 0 <-> FIB 123 core/NTP server
#
ifconfig_epair7a="inet 192.0.0.24/31"
ifconfig_epair7a_ipv6="inet6 fcfc:123::192:0:0:24/64"
ifconfig_epair7b="inet 192.0.0.25/31 fib 123"
ifconfig_epair7b_ipv6="inet6 fcfc:123::192:0:0:25/64 fib 123"
#
# FIB 0 <-> FIB 48 core/Hurricane Electric
#
ifconfig_epair9a="inet 192.0.0.28/31"
ifconfig_epair9a_ipv6="inet6 fcfc:48::192:0:0:28/64"
ifconfig_epair9b="inet 192.0.0.29/31 fib 48"
ifconfig_epair9b_ipv6="inet6 fcfc:48::192:0:0:29/64 fib 48"
#
# FIB 0 <-> FIB 255 core/Internet
#
ifconfig_epair10a="inet 192.0.0.30/31"
ifconfig_epair10a_ipv6="inet6 fcfc:255::192:0:0:30/64"
ifconfig_epair10b="inet 192.0.0.31/31 fib 255"
ifconfig_epair10b_ipv6="inet6 fcfc:255::192:0:0:31/64 fib 255"
#
# FIB 0 <-> FIB 1 core/Management
#
ifconfig_epair11a="inet 192.0.0.32/31"
ifconfig_epair11a_ipv6="inet6 fcfc:1::192:0:0:32/64"
ifconfig_epair11b="inet 192.0.0.33/31 fib 1"
ifconfig_epair11b_ipv6="inet6 fcfc:1::192:0:0:33/64 fib 1"
#
# FIB 0 <-> FIB 20 core/WiFi
#
ifconfig_epair12a="inet 192.0.0.34/31"
ifconfig_epair12a_ipv6="inet6 fcfc:20::192:0:0:34/64"
ifconfig_epair12b="inet 192.0.0.35/31 fib 20"
ifconfig_epair12b_ipv6="inet6 fcfc:20::192:0:0:35/64 fib 20"
#
# FIB 0 <-> FIB 180 core/haproxy
#
ifconfig_epair19a="inet 192.0.0.36/31"
ifconfig_epair19a_ipv6="inet6 fcfc:180::192:0:0:36/64"
ifconfig_epair19b="inet 192.0.0.37/31 fib 180"
ifconfig_epair19b_ipv6="inet6 fcfc:180::192:0:0:37/64 fib 180"
#
# FIB 0 <-> FIB 28 core/LDAP
#
ifconfig_epair21a="inet 192.0.0.38/31"
ifconfig_epair21a_ipv6="inet6 fcfc:180::192:0:0:38/64"
ifconfig_epair21b="inet 192.0.0.39/31 fib 28"
ifconfig_epair21b_ipv6="inet6 fcfc:180::192:0:0:39/64 fib 28"
#
# FIB 0 <-> FIB 56 core/Kamatera
#
ifconfig_epair22a="inet 192.0.0.40/31"
ifconfig_epair22a_ipv6="inet6 fcfc:180::192:0:0:40/64"
ifconfig_epair22b="inet 192.0.0.41/31 fib 56"
ifconfig_epair22b_ipv6="inet6 fcfc:180::192:0:0:41/64 fib 56"
#
# FIB 1 (Networking for management dhcpd jail)
#
ifconfig_lo1="up fib 1"
ifconfig_epair13a="up fib 1"
ifconfig_epair13b="up fib 1"
ifconfig_bridge0="up addm lagg0 addm epair13b fib 1"
# ifconfig_bridge0_aliases="addm lagg0.1 addm epair13b fib 1"
#
# FIB 20 (Networking for WiFi dhcpd jail)
#
ifconfig_lo20="up fib 20"
ifconfig_epair14a="up fib 20"
ifconfig_epair14b="up fib 20"
ifconfig_bridge1="up addm lagg0.20 addm epair14b fib 20"
#
# FIB 25 (Networking for LAN dhcpd jail)
#
ifconfig_lo25="up fib 25"
ifconfig_epair15a="up fib 25"
ifconfig_epair15b="up fib 25"
ifconfig_bridge2="up addm lagg0.25 addm epair15b fib 25"
#
# FIB 48 (Networking for Tor/Public DNS jails)
#
ifconfig_lo48="up fib 48"
ifconfig_lagg0_48="up fib 48"
ifconfig_vlan48="up vlandev lagg0 vlan 48 vlanproto 802.1ad fib 48"
vlans_vlan48="1 2 3 4 5"
# Tor
ifconfig_vlan48_1="up fib 48"
ifconfig_vlan48_2="up fib 48"
ifconfig_vlan48_3="up fib 48"
# DNS
ifconfig_vlan48_4="up fib 48"
ifconfig_vlan48_5="up fib 48"
#
# FIB 53 (Networking for ns1 jail)
#
ifconfig_lo53="up fib 53"
ifconfig_lagg0_53="up fib 53"
ifconfig_vlan53="up vlandev lagg0 vlan 53 vlanproto 802.1ad fib 53"
vlans_vlan53="1 2 3 4"
ifconfig_vlan53_1="up fib 53"
ifconfig_vlan53_2="up fib 53"
ifconfig_vlan53_3="up fib 53"
ifconfig_vlan53_4="up fib 53"
#
# FIB 81 (Networking for Squid ingress jail)
#
ifconfig_lo81="up fib 81"
ifconfig_lagg0_81="up fib 81"
ifconfig_vlan81="up vlandev lagg0 vlan 81 vlanproto 802.1ad fib 81"
vlans_vlan81="1 2 3"
ifconfig_vlan81_1="up fib 81"
ifconfig_vlan81_2="up fib 81"
ifconfig_vlan81_3="up fib 81"
#
# FIB 80 (Networking for Squid egress jail)
#
ifconfig_lo80="up fib 80"
ifconfig_lagg0_80="up fib 80"
ifconfig_vlan80="up vlandev lagg0 vlan 80 vlanproto 802.1ad fib 80"
vlans_vlan80="1 2 3 4"
ifconfig_vlan80_1="up fib 80"
ifconfig_vlan80_2="up fib 80"
ifconfig_vlan80_3="up fib 80"
ifconfig_vlan80_4="up fib 80"
#
# FIB 255 (Networking for vlmcsd jail)
#
ifconfig_lo255="up fib 255"
ifconfig_epair18a="up fib 255"
ifconfig_epair18b="up fib 255"
ifconfig_bridge3="up fib 255"
ifconfig_bridge3_aliases="addm lagg0.255 addm epair18b fib 255"
#
# FIB 180 (Networking for haproxy jail)
#
ifconfig_lo180="up fib 180"
ifconfig_lagg0_180="up fib 180"
ifconfig_vlan180="up vlandev lagg0 vlan 180 vlanproto 802.1ad fib 180"
vlans_vlan180="1 2 3 4 5 6 7"
ifconfig_vlan180_1="up fib 180"
ifconfig_vlan180_2="up fib 180"
ifconfig_vlan180_3="up fib 180"
ifconfig_vlan180_4="up fib 180"
ifconfig_vlan180_5="up fib 180"
ifconfig_vlan180_6="up fib 180"
ifconfig_vlan180_7="up fib 180"
#
# FIB 16 (Networking for metal dhcpd jail)
#
ifconfig_lo16="up fib 16"
ifconfig_epair20a="up fib 16"
ifconfig_epair20b="up fib 16"
ifconfig_bridge4="up addm lagg0.16 addm epair20b fib 16"
#
# FIB 26 (Networking for SMTP forwarder jail)
#
ifconfig_lo26="up fib 26"
ifconfig_lagg0_26="up fib 26"
ifconfig_vlan26="up vlandev lagg0 vlan 26 vlanproto 802.1ad fib 26"
vlans_vlan26="1 2 3"
ifconfig_vlan26_1="up fib 26"
#
# FIB 27 (Networking for RADIUS jail)
#
ifconfig_lo27="up fib 27"
ifconfig_lagg0_27="up fib 27"
ifconfig_vlan27="up vlandev lagg0 vlan 27 vlanproto 802.1ad fib 27"
vlans_vlan27="1"
ifconfig_vlan27_1="up fib 27"
#
# FIB 128 (Networking for Tailscale jail)
#
ifconfig_lo128="up fib 128"
ifconfig_lagg0_128="up fib 128"
ifconfig_vlan128="up vlandev lagg0 vlan 128 vlanproto 802.1ad fib 128"
vlans_vlan128="1"
ifconfig_vlan128_1="up fib 128"
#
# Hurricane Electric Tunnel FIB 48
#
ifconfig_gif1="tunnel 192.168.1.156 216.218.226.238 mtu 1480 fib 48 tunnelfib 255"
ifconfig_gif1_ipv6="inet6 2001:470:a:56f::2 2001:470:a:56f::1 prefixlen 128 fib 48 tunnelfib 0"
##########
########## Routing tables section
##########
#
# FIB 0 IPv6
#
ipv6_route_fib0_global_default="-inet6 2000::/3 fcfc:48::192:0:0:29 -fib 0"
ipv6_route_fib0_dmz="-inet6 fdb8:3260:d80f:a056::/64 fcfc:255::192:0:0:31 -fib 0"
ipv6_route_fib0_management="-inet6 fcff:ffff::/32 fcff:1::192:0:0:17 -fib 0"
ipv6_route_fib0_ntpd="-inet6 fcff::123/128 fcfc:123::192:0:0:25 -fib 0"
ipv6_route_fib0_lan="-inet6 fcff:25::/32 fcfc:25::192:0:0:15 -fib 0"
ipv6_route_fib0_wifi="-inet6 fcff:20::/32 fcfc:20::192:0:0:35 -fib 0"
ipv6_route_fib0_squid_site_local_egress="-inet6 fcff:80::192:88:99:2/128 fcfc:80::192:0:0:21 -fib 0"
ipv6_route_fib0_squid_site_local_ingress="-inet6 fcff::3128/128 fcfc:81::192:0:0:23 -fib 0"
ipv6_route_fib0_dns="-inet6 fcff::53/128 fcfc:53::192:0:0:19 -fib 0"
ipv6_route_fib0_dns_global="-inet6 2001:470:e845::53/128 fcfc:53::192:0:0:19 -fib 0"
ipv6_route_fib0_metal="-inet6 fcff:16::/32 fcfc:16::192:0:0:11 -fib 0"
ipv6_route_fib0_live="-inet6 fcff:30::/32 fcfc:30::192:0:0:17 -fib 0"
ipv6_route_fib0_home_servers="-inet6 fcff:18::/32 fcfc:18::192:0:0:13 -fib 0"
ipv6_route_fib0_tor="-inet6 fcff:48::192:88:99:255/128 fcfc:48::192:0:0:29 -fib 0"
ipv6_route_fib0_squid_global_egress="-inet6 2001:470:e845::3128/128 fcfc:80::192:0:0:21 -fib 0"
ipv6_route_fib0_pbx="-inet6 2001:470:e845::555:1212/128 fcfc:30::192:0:0:17 -fib 0"
ipv6_route_fib0_live_docker="-inet6 2001:470:e845:f::/64 fcfc:30::192:0:0:17 -fib 0"
ipv6_route_fib0_no_reserved10="-inet6 2001:db8::/32 -reject -fib 0"
ipv6_route_fib0_no_reserved11="-inet6 2002::/16 -reject -fib 0"
ipv6_route_fib0_no_reserved12="-inet6 3fff::/20 -reject -fib 0"
ipv6_route_fib0_no_reserved13="-inet6 5f00::/16 -reject -fib 0"
ipv6_route_fib0_no_reserved14="-inet6 fc00::/7 -reject -fib 0"
ipv6_route_fib0_no_reserved15="-inet6 fe80::/10 -reject -fib 0"
ipv6_route_fib0_no_reserved1="-inet6 ::/128 -reject -fib 0"
ipv6_route_fib0_no_reserved2="-inet6 ::1/128 -reject -fib 0"
ipv6_route_fib0_no_reserved3="-inet6 ::ffff:0:0/96 -reject -fib 0"
ipv6_route_fib0_no_reserved4="-inet6 ::ffff:0:0:0/96 -reject -fib 0"
ipv6_route_fib0_no_reserved5="-inet6 64:ff9b::/96 -reject -fib 0"
ipv6_route_fib0_no_reserved6="-inet6 64:ff9b:1::/48 -reject -fib 0"
ipv6_route_fib0_no_reserved7="-inet6 100::/64 -reject -fib 0"
ipv6_route_fib0_no_reserved8="-inet6 2001::/32 -reject -fib 0"
ipv6_route_fib0_no_reserved9="-inet6 2001:20::/28 -reject -fib 0"
ipv6_route_fib0_haproxy1="-inet6 fcff:180::198:51:100:0/128 fcfc:180::192:0:0:37 -fib 0"
ipv6_route_fib0_haproxy2="-inet6 2001:470:e845::80:443/128 fcfc:180::192:0:0:37 -fib 0"
ipv6_route_fib0_haproxy3="-inet6 2001:470:e845::80/128 fcfc:180::192:0:0:37 -fib 0"
ipv6_route_fib0_haproxy4="-inet6 2001:470:e845::443/128 fcfc:180::192:0:0:37 -fib 0"
ipv6_route_fib0_haproxy6="-inet6 2001:470:e845::23/128 fcfc:180::192:0:0:37 -fib 0"
#
# FIB 0 IPv4 (core)
# Note: next-hop gateways from this plane are always odd, the epair
# peer assigned to FIB 0 always uses the even address of a /31
#
route_fib0_default="default 192.0.0.31 -fib 0"
route_fib0_home_servers="192.168.64.128/25 192.0.0.13 -fib 0"
route_fib0_management="10.255.255.0/24 192.0.0.33 -fib 0"
route_fib0_ntpd="203.0.113.123/32 192.0.0.25 -fib 0"
route_fib0_lan="10.1.0.0/18 192.0.0.15 -fib 0"
route_fib0_wifi="10.1.64.0/18 192.0.0.35 -fib 0"
route_fib0_squid_egress="192.88.99.2/32 192.0.0.21 -fib 0"
route_fib0_squid_ingress="192.88.99.0/32 192.0.0.23 -fib 0"
route_fib0_dns_resolver="203.0.113.53/32 192.0.0.19 -fib 0"
route_fib0_metal="192.168.32.128/25 192.0.0.11 -fib 0"
route_fib0_live="192.168.72.128/25 192.0.0.17 -fib 0"
route_fib0_haproxy="198.51.100.0/32 192.0.0.37 -fib 0"
route_fib0_ldap="203.0.113.89/32 192.0.0.39 -fib 0"
route_fib0_kamatera="192.0.2.2 192.0.0.41 -fib 0"
route_fib0_no_privnet10="198.51.100.0/24 -reject -fib 0"
route_fib0_no_privnet11="203.0.113.0/24 -reject -fib 0"
route_fib0_no_privnet12="198.18.0.0/15 -reject -fib 0"
route_fib0_no_privnet14="223.252.0.0/24 -reject -fib 0"
route_fib0_no_privnet15="240.0.0.0/4 -reject -fib 0"
route_fib0_no_privnet17="0.0.0.0/8 -reject -fib 0"
route_fib0_no_privnet1="192.0.0.0/24 -reject -fib 0"
route_fib0_no_privnet2="192.168.0.0/16 -reject -fib 0"
route_fib0_no_privnet3="10.0.0.0/8 -reject -fib -fib 0"
route_fib0_no_privnet4="172.16.0.0/12 -reject -fib 0"
route_fib0_no_privnet5="10.255.255.0/24 -reject -fib 0"
route_fib0_no_privnet6="169.254.0.0/16 -reject -fib 0"
route_fib0_no_privnet7="127.0.0.0/8 -reject -fib 0"
route_fib0_no_privnet8="100.64.0.0/10 -reject -fib 0"
route_fib0_no_privnet9="192.88.99.0/24 -reject -fib 0"
#
# FIB 123 IPv6
#
ipv6_route_fib123_global_default="-inet6 2000::/3 fcfc:123::192:0:0:25 -fib 123"
ipv6_route_fib123_site_local_default="-inet6 fcff::/16 fcfc:123::192:0:0:25 -fib 123"
ipv6_route_fib123_ntp1="-inet6 2607:5600:182:500::1/128 fcfc:123::192:0:0:25 -fib 123"
ipv6_route_fib123_ntp2="-inet6 2001:470:b:22d::123/128 fcfc:123::192:0:0:25 -fib 123"
ipv6_route_fib123_ntp3="-inet6 2605:4840:3:fb19::1/128 fcfc:123::192:0:0:25 -fib 123"
ipv6_route_fib123_ntp3="-inet6 2001:470:e8dc:10::123/128 fcfc:123::192:0:0:25 -fib 123"
#
# FIB 123 IPv4
#
route_fib123_default="default 192.0.0.24 -fib 123"
route_fib123_homeservers="192.168.64.128/25 192.0.0.24 -fib 123"
route_fib123_lan="10.1.0.0/18 192.0.0.24 -fib 123"
route_fib123_live="192.168.72.128/25 192.0.0.24 -fib 123"
route_fib123_management="10.255.255.0/24 192.0.0.24 -fib 123"
route_fib123_proxy="192.88.99.0/32 192.0.0.24 -fib 123"
route_fib123_services="203.0.113.0/24 192.0.0.24 -fib 123"
route_fib123_wifi="10.1.64.0/18 192.0.0.24 -fib 123"
#
# FIB 16 IPv6
#
ipv6_route_fib16_lan="-inet6 fcff:25::/32 fcfc:16::192:0:0:10 -fib 16"
ipv6_route_fib16_ntp="-inet6 fcff::123/128 fcfc:16::192:0:0:10 -fib 16"
ipv6_route_fib16_dns="-inet6 fcff::53/128 fcfc:16::192:0:0:10 -fib 16"
ipv6_route_fib16_squid="-inet6 fcff::3128/128 fcfc:16::192:0:0:10 -fib 16"
#
# FIB 16 IPv4
#
route_fib16_lan="10.1.0.0/18 192.0.0.10 -fib 16"
route_fib16_ntp="203.0.113.123/32 192.0.0.10 -fib 16"
route_fib16_dns="203.0.113.53/32 192.0.0.10 -fib 16"
route_fib16_squid="192.88.99.0/32 192.0.0.10 -fib 16"
#
# FIB 18 IPv6
#
ipv6_route_fib18_lan="-inet6 fcff:25::/32 fcfc:18::192:0:0:12 -fib 18"
ipv6_route_fib18_wifi="-inet6 fcff:20::/32 fcfc:18::192:0:0:12 -fib 18"
ipv6_route_fib18_ntp="-inet6 fcff::123/128 fcfc:18::192:0:0:12 -fib 18"
ipv6_route_fib18_dns="-inet6 fcff::53/128 fcfc:18::192:0:0:12 -fib 18"
ipv6_route_fib18_squid="-inet6 fcff::3128/128 fcfc:18::192:0:0:12 -fib 18"
#
# FIB 18 IPv4
#
route_fib18_lan="10.1.0.0/18 192.0.0.12 -fib 18"
route_fib18_wifi="10.1.64.0/18 192.0.0.12 -fib 18"
route_fib18_ntp="203.0.113.123/32 192.0.0.12 -fib 18"
route_fib18_dns="203.0.113.53/32 192.0.0.12 -fib 18"
route_fib18_squid="192.88.99.0/32 192.0.0.12 -fib 18"
#
# FIB 1 IPv6
#
ipv6_route_fib1_ntp="-inet6 fcff::123/128 fcfc:1::192:0:0:32 -fib 1"
ipv6_route_fib1_dns="-inet6 fcff::53/128 fcfc:1::192:0:0:32 -fib 1"
ipv6_route_fib1_squid="-inet6 fcff::3128/128 fcfc:1::192:0:0:32 -fib 1"
#
# FIB 1 IPv4
#
route_fib1_ntp="203.0.113.123/32 192.0.0.32 -fib 1"
route_fib1_dns="203.0.113.53/32 192.0.0.32 -fib 1"
route_fib1_squid="192.88.99.0/32 192.0.0.32 -fib 1"
#
# FIB 255 IPv6
#
ipv6_route_fib255_home_servers="-inet6 fcff:18::/32 fcfc:255::192:0:0:30 -fib 255"
ipv6_route_fib255_ntp="-inet6 fcff::123/128 fcfc:255::192:0:0:30 -fib 255"
ipv6_route_fib255_dns="-inet6 fcff::53/128 fcfc:255::192:0:0:30 -fib 255"
ipv6_route_fib255_squid="-inet6 fcff::3128/128 fcfc:255::192:0:0:30 -fib 255"
#
# FIB 255 IPv4
#
route_fib255_default="default 192.168.1.1 -fib 255"
route_fib255_dns="203.0.113.53/32 192.0.0.30 -fib 255"
route_fib255_home_services="192.168.64.128/24 192.0.0.30 -fib 255"
route_fib255_ntp="203.0.113.123/32 192.0.0.30 -fib 255"
route_fib255_lan="10.1.0.0/18 192.0.0.30 -fib 255"
route_fib255_squid="192.88.99.2/32 192.0.0.30 -fib 255"
route_fib255_wifi="10.1.64.0/18 192.0.0.30 -fib 255"
#
# FIB 30 IPv6
#
ipv6_route_fib30_signal1="-inet6 2600:9000:20be:1a00:1d:4f32:50c0:93a1 fcfc:30::192:0:0:16 -fib 30"
ipv6_route_fib30_signal2="-inet6 2600:9000:20be:2a00:1d:4f32:50c0:93a1 fcfc:30::192:0:0:16 -fib 30"
ipv6_route_fib30_signal3="-inet6 2600:9000:20be:5c00:1d:4f32:50c0:93a1 fcfc:30::192:0:0:16 -fib 30"
ipv6_route_fib30_signal4="-inet6 2600:9000:20be:7200:1d:4f32:50c0:93a1 fcfc:30::192:0:0:16 -fib 30"
ipv6_route_fib30_signal5="-inet6 2600:9000:20be:7e00:1d:4f32:50c0:93a1 fcfc:30::192:0:0:16 -fib 30"
ipv6_route_fib30_signal6="-inet6 2600:9000:20be:8000:1d:4f32:50c0:93a1 fcfc:30::192:0:0:16 -fib 30"
ipv6_route_fib30_signal7="-inet6 2600:9000:20be:8400:1d:4f32:50c0:93a1 fcfc:30::192:0:0:16 -fib 30"
ipv6_route_fib30_signal8="-inet6 2600:9000:20be:9800:1d:4f32:50c0:93a1 fcfc:30::192:0:0:16 -fib 30"
ipv6_route_fib30_signal9="-inet6 2600:9000:20be:9e00:1d:4f32:50c0:93a1 fcfc:30::192:0:0:16 -fib 30"
ipv6_route_fib30_signal10="-inet6 2600:9000:20be:a800:1d:4f32:50c0:93a1 fcfc:30::192:0:0:16 -fib 30"
ipv6_route_fib30_signal11="-inet6 2600:9000:20be:ac00:1d:4f32:50c0:93a1 fcfc:30::192:0:0:16 -fib 30"
ipv6_route_fib30_signal12="-inet6 2600:9000:20be:b800:1d:4f32:50c0:93a1 fcfc:30::192:0:0:16 -fib 30"
ipv6_route_fib30_signal13="-inet6 2600:9000:20be:d800:1d:4f32:50c0:93a1 fcfc:30::192:0:0:16 -fib 30"
ipv6_route_fib30_signal14="-inet6 2600:9000:20be:e400:1d:4f32:50c0:93a1 fcfc:30::192:0:0:16 -fib 30"
ipv6_route_fib30_signal15="-inet6 2600:9000:20be:fa00:1d:4f32:50c0:93a1 fcfc:30::192:0:0:16 -fib 30"
ipv6_route_fib30_signal16="-inet6 2600:9000:a507:ab6d:4ce3:2f58:25d7:9cbf fcfc:30::192:0:0:16 -fib 30"
ipv6_route_fib30_signal17="-inet6 2600:9000:a61f:527c:d5eb:a431:5239:3232 fcfc:30::192:0:0:16 -fib 30"
ipv6_route_fib30_signal18="-inet6 2606:4700::6812:a2f fcfc:30::192:0:0:16 -fib 30"
ipv6_route_fib30_signal19="-inet6 2606:4700::6812:b2f fcfc:30::192:0:0:16 -fib 30"
ipv6_route_fib30_signal20="-inet6 2607:f8b0:4004:c23::79 fcfc:30::192:0:0:16 -fib 30"
ipv6_route_fib30_signal21="-inet6 2607:f8b0:400a:800::2013 fcfc:30::192:0:0:16 -fib 30"
ipv6_route_fib30_signal22="-inet6 2607:f8b0:400a:806::2013 fcfc:30::192:0:0:16 -fib 30"
ipv6_route_fib30_signal23="-inet6 2607:f8b0:400a:808::2013 fcfc:30::192:0:0:16 -fib 30"
ipv6_route_fib30_signal24="-inet6 2607:f8b0:400a:809::2013 fcfc:30::192:0:0:16 -fib 30"
ipv6_route_fib30_signal25="-inet6 2607:f8b0:400a:80a::2013 fcfc:30::192:0:0:16 -fib 30"
ipv6_route_fib30_signal26="-inet6 2607:f8b0:400a:80b::2013 fcfc:30::192:0:0:16 -fib 30"
ipv6_route_fib30_signal27="-inet6 2607:f8b0:400a:80c::2013 fcfc:30::192:0:0:16 -fib 30"
ipv6_route_fib30_signal28="-inet6 2607:f8b0:400e:c01::79 fcfc:30::192:0:0:16 -fib 30"
ipv6_route_fib30_signal29="-inet6 2607:f8b0:400e:c02::79 fcfc:30::192:0:0:16 -fib 30"
ipv6_route_fib30_signal30="-inet6 2607:f8b0:400e:c07::79 fcfc:30::192:0:0:16 -fib 30"
ipv6_route_fib30_signal31="-inet6 2607:f8b0:400e:c09::79 fcfc:30::192:0:0:16 -fib 30"
ipv6_route_fib30_signal32="-inet6 2607:f8b0:4023:1006::79 fcfc:30::192:0:0:16 -fib 30"
ipv6_route_fib30_ntp="-inet6 fcff::123/128 fcfc:30::192:0:0:16 -fib 30"
ipv6_route_fib30_dns="-inet6 fcff::53/128 fcfc:30::192:0:0:16 -fib 30"
ipv6_route_fib30_squid="-inet6 fcff::3128/128 fcfc:30::192:0:0:16 -fib 30"
ipv6_route_fib30_pbx="-inet6 2001:470:e845::555:1212/128 fcff:30::192:168:72:150 -fib 30"
ipv6_route_fib30_docker="-inet6 2001:470:e845:f::/64 fcff:30::192:168:72:250 -fib 30"
ipv6_route_fib30_haproxy="-inet6 fcff:180::198:51:100:0/128 fcfc:30::192:0:0:16 -fib 30"
#
# FIB 30 IPv4
#
route_fib30_ntp="203.0.113.123/32 192.0.0.16 -fib 30"
route_fib30_dns="203.0.113.53/32 192.0.0.16 -fib 30"
route_fib30_squid="192.88.99.0/32 192.0.0.16 -fib 30"
route_fib30_haproxy="198.51.100.0/32 192.0.0.16 -fib 30"
#
# FIB 48 IPv6
#
ipv6_route_fib48_global_default="-inet6 2000::/3 2001:470:a:56f::1 -fib 48"
ipv6_route_fib48_squid_egress="-inet6 2001:470:e845::3128/128 fcfc:48::192:0:0:28 -fib 48"
ipv6_route_fib48_pbx="-inet6 2001:470:e845::555:1212/128 fcfc:48::192:0:0:28 -fib 48"
ipv6_route_fib48_docker="-inet6 2001:470:e845:f::/64 fcfc:48::192:0:0:28 -fib 48"
ipv6_route_fib48_dns="-inet6 fcff::53/128 fcfc:48::192:0:0:28 -fib 48"
ipv6_route_fib48_dns_global="-inet6 2001:470:e845::53/128 fcfc:48::192:0:0:28 -fib 48"
ipv6_route_fib48_haproxy1="-inet6 2001:470:e845::80:443/128 fcfc:48::192:0:0:28 -fib 48"
ipv6_route_fib48_haproxy2="-inet6 2001:470:e845::80/128 fcfc:48::192:0:0:28 -fib 48"
ipv6_route_fib48_haproxy3="-inet6 2001:470:e845::443/128 fcfc:48::192:0:0:28 -fib 48"
ipv6_route_fib48_haproxy4="-inet6 2001:470:e845::23 fcfc:48::192:0:0:28 -fib 48"
#
# FIB 48 IPv4
#
#
# FIB 53 IPv6
#
ipv6_route_fib53_site_local_default="-inet6 fcff::/16 fcfc:53::192:0:0:18 -fib 53"
ipv6_route_fib53_dmz="-inet6 fdb8:3260:d80f:a056::/64 fcff:53::192:0:0 -fib 53"
ipv6_route_fib53_dns1="-inet6 2606:4700:4700::1111 fcfc:53::192:0:0:18 -fib 53"
ipv6_route_fib53_dns2="-inet6 2606:4700:4700::1001 fcfc:53::192:0:0:18 -fib 53"
ipv6_route_fib53_dns3="-inet6 2606:4700:4700::1112 fcfc:53::192:0:0:18 -fib 53"
ipv6_route_fib53_dns4="-inet6 2606:4700:4700::1002 fcfc:53::192:0:0:18 -fib 53"
ipv6_route_fib53_dns5="-inet6 2606:4700:4700::1113 fcfc:53::192:0:0:18 -fib 53"
ipv6_route_fib53_dns6="-inet6 2606:4700:4700::1003 fcfc:53::192:0:0:18 -fib 53"
ipv6_route_fib53_dns7="-inet6 2001:4860:4860::8888 fcfc:53::192:0:0:18 -fib 53"
ipv6_route_fib53_dns8="-inet6 2001:4860:4860::8844 fcfc:53::192:0:0:18 -fib 53"
ipv6_route_fib53_dns9="-inet6 2001:470:20::2 fcfc:53::192:0:0:18 -fib 53"
ipv6_route_fib53_root1="-inet6 2001:503:ba3e::2:30 fcfc:53::192:0:0:18 -fib 53"
ipv6_route_fib53_root2="-inet6 2801:1b8:10::b fcfc:53::192:0:0:18 -fib 53"
ipv6_route_fib53_root3="-inet6 2001:500:2::c fcfc:53::192:0:0:18 -fib 53"
ipv6_route_fib53_root4="-inet6 2001:500:2d::d fcfc:53::192:0:0:18 -fib 53"
ipv6_route_fib53_root5="-inet6 2001:500:a8::e fcfc:53::192:0:0:18 -fib 53"
ipv6_route_fib53_root6="-inet6 2001:500:2f::f fcfc:53::192:0:0:18 -fib 53"
ipv6_route_fib53_root7="-inet6 2001:500:12::d0d fcfc:53::192:0:0:18 -fib 53"
ipv6_route_fib53_root8="-inet6 2001:500:1::53 fcfc:53::192:0:0:18 -fib 53"
ipv6_route_fib53_root9="-inet6 2001:7fe::53 fcfc:53::192:0:0:18 -fib 53"
ipv6_route_fib53_root10="-inet6 2001:503:c27::2:30 fcfc:53::192:0:0:18 -fib 53"
ipv6_route_fib53_root11="-inet6 2001:7fd::1 fcfc:53::192:0:0:18 -fib 53"
ipv6_route_fib53_root12="-inet6 2001:500:9f::42 fcfc:53::192:0:0:18 -fib 53"
ipv6_route_fib53_root13="-inet6 2001:dc3::35 fcfc:53::192:0:0:18 -fib 53"
#
# FIB 53 IPv4
#
route_fib53_dns1="1.1.1.1 192.0.0.18 -fib 53"
route_fib53_dns2="1.0.0.1 192.0.0.18 -fib 53"
route_fib53_dns3="1.1.1.2 192.0.0.18 -fib 53"
route_fib53_dns4="1.0.0.2 192.0.0.18 -fib 53"
route_fib53_dns5="1.1.1.3 192.0.0.18 -fib 53"
route_fib53_dns6="1.0.0.3 192.0.0.18 -fib 53"
route_fib53_dns7="8.8.8.8 192.0.0.18 -fib 53"
route_fib53_dns8="8.8.4.4 192.0.0.18 -fib 53"
route_fib53_dns9="4.2.2.1 192.0.0.18 -fib 53"
route_fib53_dns10="4.2.2.2 192.0.0.18 -fib 53"
route_fib53_lan="10.1.0.0/18 192.0.0.18 -fib 53"
route_fib53_wifi="10.1.64.0/18 192.0.0.18 -fib 53"
route_fib53_metal="192.168.32.128/25 192.0.0.18 -fib 53"
route_fib53_home_servers="192.168.64.128/25 192.0.0.18 -fib 53"
route_fib53_live_servers="192.168.72.128/25 192.0.0.18 -fib 53"
route_fib53_management="10.255.255.0/24 192.0.0.18 -fib 53"
route_fib53_ntp="192.0.0.0/24 192.0.0.18 -fib 53"
route_fib53_squid_ingress="192.88.99.0/24 192.0.0.18 -fib 53"
route_fib53_dmz="192.168.1.0/24 192.0.0.18 -fib 53"
route_fib53_haproxy="198.51.100.0/32 192.0.0.18 -fib 53"
route_fib53_root1="198.41.0.4 192.0.0.18 -fib 53"
route_fib53_root2="170.247.170.2 192.0.0.18 -fib 53"
route_fib53_root3="192.33.4.12 192.0.0.18 -fib 53"
route_fib53_root4="199.7.91.13 192.0.0.18 -fib 53"
route_fib53_root5="192.203.230.10 192.0.0.18 -fib 53"
route_fib53_root6="192.5.5.241 192.0.0.18 -fib 53"
route_fib53_root7="192.112.36.4 192.0.0.18 -fib 53"
route_fib53_root8="198.97.190.53 192.0.0.18 -fib 53"
route_fib53_root9="192.36.148.17 192.0.0.18 -fib 53"
route_fib53_root10="192.58.128.30 192.0.0.18 -fib 53"
route_fib53_root11="193.0.14.129 192.0.0.18 -fib 53"
route_fib53_root12="199.7.83.42 192.0.0.18 -fib 53"
route_fib53_root13="202.12.27.33 192.0.0.18 -fib 53"
route_fib53_kamatera="192.0.2.0/24 192.0.0.18 -fib 53"
#
# FIB 80 IPv6
#
ipv6_route_fib80_global_default="-inet6 2000::/3 fcfc:80::192:0:0:20 -fib 80"
ipv6_route_fib80_dns="-inet6 fcff::53/128 fcfc:80::192:0:0:20 -fib 80"
ipv6_route_fib80_tor="-inet6 fcff:48::192:88:99:255/128 fcfc:80::192:0:0:20 -fib 80"
#
# FIB 80 IPv4
#
route_fib80_default="default 192.0.0.20 -fib 80"
route_fib80_dns="203.0.113.53/32 192.0.0.20 -fib 80"
route_fib80_squid_ingress="192.88.99.0/32 192.0.0.20 -fib 80"
#
# FIB 81 IPv6
#
ipv6_route_fib81_site_local_default="-inet6 fcff::/16 fcff:81::192:0:0:2 -fib 81"
ipv6_route_fib81_dmz="-inet6 fdb8:3260:d80f:a056::/64 fcff:81::192:0:0:2 -fib 81"
#
# FIB 81 IPv4
#
route_fib81_metal="192.168.32.128/25 192.0.0.22 -fib 81"
route_fib81_live="192.168.72.128/25 192.0.0.22 -fib 81"
route_fib81_home_servers="192.168.64.128/25 192.0.0.22 -fib 81"
route_fib81_lan="10.1.0.0/18 192.0.0.22 -fib 81"
route_fib81_wifi="10.1.64.0/18 192.0.0.22 -fib 81"
route_fib81_dmz="192.168.1.0/24 192.0.0.22 -fib 81"
route_fib81_management="10.255.255.0/24 192.0.0.22 -fib 81"
route_fib81_squid_egress="192.88.99.2/32 192.0.0.22 -fib 81"
route_fib81_squid_upstream="192.0.2.2/32 192.0.0.22 -fib 81"
route_fib81_dns="203.0.113.53/32 192.0.0.22 -fib 81"
#
# FIB 20 IPv6
#
ipv6_route_fib20_home_servers="-inet6 fcff:18::/32 fcfc:20::192:0:0:34 -fib 20"
ipv6_route_fib20_ntp="-inet6 fcff::123/128 fcfc:20::192:0:0:34 -fib 20"
ipv6_route_fib20_dns="-inet6 fcff::53/128 fcfc:20::192:0:0:34 -fib 20"
ipv6_route_fib20_squid="-inet6 fcff::3128/128 fcfc:20::192:0:0:34 -fib 20"
#
# FIB 20 IPv4
#
route_fib20_home_servers="192.168.64.128/25 192.0.0.34 -fib 20"
route_fib20_ntp="203.0.113.123/32 192.0.0.34 -fib 20"
route_fib20_dns="203.0.113.53/32 192.0.0.34 -fib 20"
route_fib20_squid="192.88.99.0/32 192.0.0.34 -fib 20"
#
# FIB 25 IPv6
#
ipv6_route_fib25_home_servers="-inet6 fcff:18::/32 fcfc:25::192:0:0:14 -fib 25"
ipv6_route_fib25_ntp="-inet6 fcff::123/128 fcfc:25::192:0:0:14 -fib 25"
ipv6_route_fib25_dns="-inet6 fcff::53/128 fcfc:25::192:0:0:14 -fib 25"
ipv6_route_fib25_squid="-inet6 fcff::3128/128 fcfc:25::192:0:0:14 -fib 25"
#
# FIB 25 IPv4
#
route_fib25_home_servers="192.168.64.128/25 192.0.0.14 -fib 25"
route_fib25_ntp="203.0.113.123/32 192.0.0.14 -fib 25"
route_fib25_dns="203.0.113.53/32 192.0.0.14 -fib 25"
route_fib25_squid="192.88.99.0/32 192.0.0.14 -fib 25"
route_fib25_hardchats="45.61.188.232/32 192.0.0.14 -fib 25"
#
# FIB 180 IPv6
#
ipv6_route_fib180_default_global="-inet6 2000::/3 fcfc:180::192:0:0:36 -fib 180"
ipv6_route_fib180_dns="-inet6 fcff::53/128 fcfc:180::192:0:0:36 -fib 180"
ipv6_route_fib180_squid="-inet6 fcff::3128/128 fcfc:180::192:0:0:36 -fib 180"
ipv6_route_fib180_live_servers="-inet6 fcff:30::/32 fcfc:180::192:0:0:36 -fib 180"
#
# FIB 180 IPv4
#
route_fib180_kamatera="192.0.2.2/32 192.0.0.36 -fib 180"
route_fib180_dns="203.0.113.53/32 192.0.0.36 -fib 180"
route_fib180_squid="192.88.99.0/32 192.0.0.36 -fib 180"
route_fib180_live_servers="192.168.72.128/25 192.0.0.36 -fib 180"
#
# FIB 28 IPv6
#
ipv6_route_fib28_dns="-inet6 fcff::53/128 fcfc:180::192:0:0:36 -fib 28"
ipv6_route_fib28_squid="-inet6 fcff::3128/128 fcfc:180::192:0:0:36 -fib 28"
#
# FIB 28 IPv4
#
route_fib28_dns="203.0.113.53/32 192.0.0.36 -fib 28"
route_fib28_squid="192.88.99.0/32 192.0.0.36 -fib 28"
#
# FIB 56 IPv6
#
ipv6_route_fib56_dns="-inet6 fcff::53/128 fcff:56::192:0:0:40 -fib 56"
ipv6_route_fib56_squid="-inet6 fcff::3128/128 fcff:56::192:0:0:40 -fib 56"
#
# FIB 56 IPv4
#
route_fib56_haproxy="198.51.100.0 192.0.0.40 -fib 56"
route_fib56_dns="203.0.113.53/32 192.0.0.40 -fib 56"
route_fib56_squid_local="192.88.99.0 192.0.0.40 -fib 56"
route_fib56_haproxy_remote="192.0.2.2 192.0.2.0 -fib 56"
static_routes="fib0_default fib0_dns_resolver fib0_haproxy fib0_home_servers fib0_kamatera
fib0_lan fib0_ldap fib0_live fib0_management fib0_metal fib0_no_privnet1
fib0_no_privnet10 fib0_no_privnet11 fib0_no_privnet12 fib0_no_privnet14
fib0_no_privnet15 fib0_no_privnet17 fib0_no_privnet2 fib0_no_privnet3
fib0_no_privnet4 fib0_no_privnet5 fib0_no_privnet6 fib0_no_privnet7
fib0_no_privnet8 fib0_no_privnet9 fib0_ntpd fib0_squid_egress
fib0_squid_ingress fib0_wifi fib123_default fib123_homeservers fib123_lan
fib123_live fib123_management fib123_proxy fib123_services fib123_wifi
fib16_dns fib16_lan fib16_ntp fib16_squid fib180_dns fib180_kamatera
fib180_live_servers fib180_squid fib18_dns fib18_lan fib18_ntp fib18_squid
fib18_wifi fib1_dns fib1_ntp fib1_squid fib20_dns fib20_home_servers fib20_ntp
fib20_squid fib255_default fib255_dns fib255_home_services fib255_ntp
fib255_lan fib255_squid fib255_wifi fib25_dns fib25_hardchats
fib25_home_servers fib25_ntp fib25_squid fib28_dns fib28_squid fib30_dns
fib30_haproxy fib30_ntp fib30_squid fib53_dmz fib53_dns1 fib53_dns10 fib53_dns2
fib53_dns3 fib53_dns4 fib53_dns5 fib53_dns6 fib53_dns7 fib53_dns8 fib53_dns9
fib53_haproxy fib53_home_servers fib53_kamatera fib53_lan fib53_live_servers
fib53_management fib53_management2 fib53_metal fib53_ntp fib53_root1
fib53_root10 fib53_root11 fib53_root12 fib53_root13 fib53_root2 fib53_root3
fib53_root4 fib53_root5 fib53_root6 fib53_root7 fib53_root8 fib53_root9
fib53_squid_egress fib53_squid_ingress fib53_wifi fib56_dns fib56_haproxy
fib56_haproxy_remote fib80_default fib80_dns fib80_squid_ingress fib81_dmz
fib81_dns fib81_home_servers fib81_lan fib81_live fib81_management
fib81_metal fib81_squid_egress fib81_wifi fib81_squid_upstream fib56_squid_local"
ipv6_static_routes="fib0_dmz fib0_dns fib0_dns_global fib0_global_default
fib0_haproxy1 fib0_haproxy2 fib0_haproxy3 fib0_haproxy4
fib0_haproxy6 fib0_home_servers fib0_lan fib0_live
fib0_live_docker fib0_management fib0_metal
fib0_no_reserved1 fib0_no_reserved10 fib0_no_reserved11
fib0_no_reserved12 fib0_no_reserved13 fib0_no_reserved14
fib0_no_reserved15 fib0_no_reserved2 fib0_no_reserved3
fib0_no_reserved4 fib0_no_reserved5 fib0_no_reserved6
fib0_no_reserved7 fib0_no_reserved8 fib0_no_reserved9
fib0_ntpd fib0_pbx fib0_squid_global_egress
fib0_squid_site_local_egress fib0_squid_site_local_ingress
fib0_tor fib0_wifi fib123_global_default fib123_ntp1
fib123_ntp2 fib123_ntp3 fib123_site_local_default fib16_dns
fib16_lan fib16_ntp fib16_squid fib180_default_global
fib180_dns fib180_live_servers fib180_squid fib18_dns
fib18_lan fib18_ntp fib18_squid fib18_wifi fib1_dns
fib1_ntp fib1_squid fib20_dns fib20_home_servers
fib20_ntp fib20_squid fib255_dns fib255_home_servers
fib255_ntp fib255_squid fib25_dns fib25_home_servers
fib25_ntp fib25_squid fib28_dns fib28_squid fib30_dns
fib30_docker fib30_haproxy fib30_ntp fib30_pbx
fib30_signal1 fib30_signal10 fib30_signal11 fib30_signal12
fib30_signal2 fib30_signal3 fib30_signal4 fib30_signal5
fib30_signal6 fib30_signal7 fib30_signal8 fib30_signal9
fib30_signal13 fib30_signal14 fib30_signal15 fib30_signal16 fib30_signal17
fib30_signal18 fib30_signal19 fib30_signal20 fib30_signal21 fib30_signal22
fib30_signal23 fib30_signal24 fib30_signal25 fib30_signal26 fib30_signal27
fib30_signal28 fib30_signal29 fib30_signal30 fib30_signal31 fib30_signal32
fib30_squid fib48_dns fib48_dns_global fib48_docker
fib48_global_default fib48_haproxy1 fib48_haproxy2
fib48_haproxy3 fib48_haproxy4 fib48_pbx fib48_squid_egress
fib53_dmz fib53_dns1 fib53_dns2 fib53_dns3 fib53_dns4
fib53_dns5 fib53_dns6 fib53_dns7 fib53_dns8 fib53_dns9
fib53_root1 fib53_root10 fib53_root11 fib53_root12
fib53_root13 fib53_root2 fib53_root3 fib53_root4
fib53_root5 fib53_root6 fib53_root7 fib53_root8
fib53_root9 fib53_site_local_default fib56_dns fib56_squid
fib80_dns fib80_global_default fib80_tor fib81_dmz
fib81_site_local_default"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment