diff --git a/config.xml b/config.xml
index f144fd1..c02c4bb 100644
--- a/config.xml
+++ b/config.xml
@@ -1,205 +1,205 @@
 <?xml version="1.0"?>
 <opnsense>
   <theme>opnsense</theme>
-  <sysctl>
-    <item>
-      <descr>Increase UFS read-ahead speeds to match the state of hard drives and NCQ.</descr>
+  <sysctl version="1.0.1">
+    <item uuid="1ebdf403-87a7-4aa1-a44e-2b3faaf29ed0">
       <tunable>vfs.read_max</tunable>
-      <value>default</value>
+      <value/>
+      <descr>Increase UFS read-ahead speeds to match the state of hard drives and NCQ.</descr>
     </item>
-    <item>
-      <descr>Set the ephemeral port range to be lower.</descr>
+    <item uuid="37e39ab1-91f9-4a8e-a025-32b623ccd134">
       <tunable>net.inet.ip.portrange.first</tunable>
-      <value>default</value>
+      <value/>
+      <descr>Set the ephemeral port range to be lower.</descr>
     </item>
-    <item>
-      <descr>Drop packets to closed TCP ports without returning a RST</descr>
+    <item uuid="964634ad-ae4c-44d7-8bf1-06dedebcfc4b">
       <tunable>net.inet.tcp.blackhole</tunable>
-      <value>default</value>
+      <value/>
+      <descr>Drop packets to closed TCP ports without returning a RST</descr>
     </item>
-    <item>
-      <descr>Do not send ICMP port unreachable messages for closed UDP ports</descr>
+    <item uuid="1e5dfceb-08e1-491c-9a30-6fdfd19aa956">
       <tunable>net.inet.udp.blackhole</tunable>
-      <value>default</value>
+      <value/>
+      <descr>Do not send ICMP port unreachable messages for closed UDP ports</descr>
     </item>
-    <item>
-      <descr>Randomize the ID field in IP packets</descr>
+    <item uuid="35f4cbda-5f57-4a06-8c25-8f7f61dcee2d">
       <tunable>net.inet.ip.random_id</tunable>
-      <value>default</value>
+      <value/>
+      <descr>Randomize the ID field in IP packets</descr>
     </item>
-    <item>
-      <descr>
-        Source routing is another way for an attacker to try to reach non-routable addresses behind your box.
-        It can also be used to probe for information about your internal networks. These functions come enabled
-        as part of the standard FreeBSD core system.
-      </descr>
+    <item uuid="f90b5f7a-e3a3-45b2-b5cc-14068ab249a7">
       <tunable>net.inet.ip.sourceroute</tunable>
-      <value>default</value>
-    </item>
-    <item>
+      <value/>
       <descr>
         Source routing is another way for an attacker to try to reach non-routable addresses behind your box.
         It can also be used to probe for information about your internal networks. These functions come enabled
         as part of the standard FreeBSD core system.
       </descr>
-      <tunable>net.inet.ip.accept_sourceroute</tunable>
-      <value>default</value>
     </item>
-    <item>
+    <item uuid="07e9c9ea-3ccd-42df-9fe5-dcad7e6a8938">
+      <tunable>net.inet.ip.accept_sourceroute</tunable>
+      <value/>
+      <descr>
+        Source routing is another way for an attacker to try to reach non-routable addresses behind your box.
+        It can also be used to probe for information about your internal networks. These functions come enabled
+        as part of the standard FreeBSD core system.
+      </descr>
+    </item>
+    <item uuid="5478d495-4fac-4763-9ad9-a8216c5d423a">
+      <tunable>net.inet.icmp.log_redirect</tunable>
+      <value/>
       <descr>
         This option turns off the logging of redirect packets because there is no limit and this could fill
         up your logs consuming your whole hard drive.
       </descr>
-      <tunable>net.inet.icmp.log_redirect</tunable>
-      <value>default</value>
     </item>
-    <item>
-      <descr>Drop SYN-FIN packets (breaks RFC1379, but nobody uses it anyway)</descr>
+    <item uuid="05d38280-35d7-46ab-b695-2082f3abdcfb">
       <tunable>net.inet.tcp.drop_synfin</tunable>
-      <value>default</value>
+      <value/>
+      <descr>Drop SYN-FIN packets (breaks RFC1379, but nobody uses it anyway)</descr>
     </item>
-    <item>
-      <descr>Enable sending IPv6 redirects</descr>
+    <item uuid="6a75a9d8-5ed4-41c2-b7c1-82b90b3e277a">
       <tunable>net.inet6.ip6.redirect</tunable>
-      <value>default</value>
+      <value/>
+      <descr>Enable sending IPv6 redirects</descr>
     </item>
-    <item>
-      <descr>Enable privacy settings for IPv6 (RFC 4941)</descr>
+    <item uuid="301000bb-72ff-406f-ba60-8a3235068949">
       <tunable>net.inet6.ip6.use_tempaddr</tunable>
-      <value>default</value>
+      <value/>
+      <descr>Enable privacy settings for IPv6 (RFC 4941)</descr>
     </item>
-    <item>
-      <descr>Prefer privacy addresses and use them over the normal addresses</descr>
+    <item uuid="2dc02b02-6d68-4cdf-b514-a766d10e783b">
       <tunable>net.inet6.ip6.prefer_tempaddr</tunable>
-      <value>default</value>
+      <value/>
+      <descr>Prefer privacy addresses and use them over the normal addresses</descr>
     </item>
-    <item>
-      <descr>Generate SYN cookies for outbound SYN-ACK packets</descr>
+    <item uuid="1f6f133b-e3b9-4e77-9893-8c356eaa0569">
       <tunable>net.inet.tcp.syncookies</tunable>
-      <value>default</value>
+      <value/>
+      <descr>Generate SYN cookies for outbound SYN-ACK packets</descr>
     </item>
-    <item>
-      <descr>Maximum incoming/outgoing TCP datagram size (receive)</descr>
+    <item uuid="1489a862-f96b-4d85-86ba-40f625daa8b5">
       <tunable>net.inet.tcp.recvspace</tunable>
-      <value>default</value>
+      <value/>
+      <descr>Maximum incoming/outgoing TCP datagram size (receive)</descr>
     </item>
-    <item>
-      <descr>Maximum incoming/outgoing TCP datagram size (send)</descr>
+    <item uuid="2cf31a29-0023-490c-bf3b-1e4aaeacc4eb">
       <tunable>net.inet.tcp.sendspace</tunable>
-      <value>default</value>
+      <value/>
+      <descr>Maximum incoming/outgoing TCP datagram size (send)</descr>
     </item>
-    <item>
-      <descr>Do not delay ACK to try and piggyback it onto a data packet</descr>
+    <item uuid="409d6f34-0514-40e5-921b-178b3fc11088">
       <tunable>net.inet.tcp.delayed_ack</tunable>
-      <value>default</value>
+      <value/>
+      <descr>Do not delay ACK to try and piggyback it onto a data packet</descr>
     </item>
-    <item>
-      <descr>Maximum outgoing UDP datagram size</descr>
+    <item uuid="0420a8f0-2760-45b5-bdb3-952124f5dd7c">
       <tunable>net.inet.udp.maxdgram</tunable>
-      <value>default</value>
+      <value/>
+      <descr>Maximum outgoing UDP datagram size</descr>
     </item>
-    <item>
-      <descr>Handling of non-IP packets which are not passed to pfil (see if_bridge(4))</descr>
+    <item uuid="c51c8085-8ecd-4925-aab3-0027d3e35666">
       <tunable>net.link.bridge.pfil_onlyip</tunable>
-      <value>default</value>
+      <value/>
+      <descr>Handling of non-IP packets which are not passed to pfil (see if_bridge(4))</descr>
     </item>
-    <item>
-      <descr>Set to 1 to additionally filter on the physical interface for locally destined packets</descr>
+    <item uuid="e71b86ad-1b3c-4a0d-ad3a-75c6bb7a3425">
       <tunable>net.link.bridge.pfil_local_phys</tunable>
-      <value>default</value>
+      <value/>
+      <descr>Set to 1 to additionally filter on the physical interface for locally destined packets</descr>
     </item>
-    <item>
+    <item uuid="f5e09ae6-c7fa-459a-a702-e463ed2ef2c5">
       <tunable>net.link.bridge.pfil_member</tunable>
       <value>0</value>
       <descr>Set to 0 to disable filtering on the incoming and outgoing member interfaces.</descr>
     </item>
-    <item>
+    <item uuid="27a35d74-6003-4590-a75d-a83499d6182d">
       <tunable>net.link.bridge.pfil_bridge</tunable>
       <value>1</value>
       <descr>Set to 1 to enable filtering on the bridge interface</descr>
     </item>
-    <item>
-      <descr>Allow unprivileged access to tap(4) device nodes</descr>
+    <item uuid="6b967101-9ba8-4133-a123-f965d4ddc5a8">
       <tunable>net.link.tap.user_open</tunable>
-      <value>default</value>
+      <value/>
+      <descr>Allow unprivileged access to tap(4) device nodes</descr>
     </item>
-    <item>
-      <descr>Randomize PID's (see src/sys/kern/kern_fork.c: sysctl_kern_randompid())</descr>
+    <item uuid="6b3f6a9c-b049-4aaf-a46e-1cb2c1f9e1d7">
       <tunable>kern.randompid</tunable>
-      <value>default</value>
+      <value/>
+      <descr>Randomize PID's (see src/sys/kern/kern_fork.c: sysctl_kern_randompid())</descr>
     </item>
-    <item>
-      <descr>Disable CTRL+ALT+Delete reboot from keyboard.</descr>
+    <item uuid="cee22c27-8be0-4edc-aaf3-e26c7aee4037">
       <tunable>hw.syscons.kbd_reboot</tunable>
-      <value>default</value>
+      <value/>
+      <descr>Disable CTRL+ALT+Delete reboot from keyboard.</descr>
     </item>
-    <item>
-      <descr>Enable TCP extended debugging</descr>
+    <item uuid="52f7742e-97ed-40fc-b822-27a16c28e51f">
       <tunable>net.inet.tcp.log_debug</tunable>
-      <value>default</value>
+      <value/>
+      <descr>Enable TCP extended debugging</descr>
     </item>
-    <item>
-      <descr>Set ICMP Limits</descr>
+    <item uuid="25809502-da7c-4eb5-be80-a1eba2f2b7b1">
       <tunable>net.inet.icmp.icmplim</tunable>
-      <value>default</value>
+      <value/>
+      <descr>Set ICMP Limits</descr>
     </item>
-    <item>
-      <descr>TCP Offload Engine</descr>
+    <item uuid="a37048c5-cee5-44e8-8f62-06404f3df314">
       <tunable>net.inet.tcp.tso</tunable>
-      <value>default</value>
+      <value/>
+      <descr>TCP Offload Engine</descr>
     </item>
-    <item>
-      <descr>UDP Checksums</descr>
+    <item uuid="63b43df0-0aee-44e2-8e56-5de033d861b1">
       <tunable>net.inet.udp.checksum</tunable>
-      <value>default</value>
+      <value/>
+      <descr>UDP Checksums</descr>
     </item>
-    <item>
-      <descr>Maximum socket buffer size</descr>
+    <item uuid="19041985-ef43-4f39-9e71-c17571ce3e38">
       <tunable>kern.ipc.maxsockbuf</tunable>
-      <value>default</value>
+      <value/>
+      <descr>Maximum socket buffer size</descr>
     </item>
-    <item>
-      <descr>Page Table Isolation (Meltdown mitigation, requires reboot.)</descr>
+    <item uuid="a4d8eac7-9918-40ce-a68c-3af464b38e55">
       <tunable>vm.pmap.pti</tunable>
-      <value>default</value>
+      <value/>
+      <descr>Page Table Isolation (Meltdown mitigation, requires reboot.)</descr>
     </item>
-    <item>
-      <descr>Disable Indirect Branch Restricted Speculation (Spectre V2 mitigation)</descr>
+    <item uuid="889f4517-12c4-4576-b1c4-b5a4acf9a79a">
       <tunable>hw.ibrs_disable</tunable>
-      <value>default</value>
+      <value/>
+      <descr>Disable Indirect Branch Restricted Speculation (Spectre V2 mitigation)</descr>
     </item>
-    <item>
-      <descr>Hide processes running as other groups</descr>
+    <item uuid="a5a28c0d-2630-4944-8654-b6881665f238">
       <tunable>security.bsd.see_other_gids</tunable>
-      <value>default</value>
+      <value/>
+      <descr>Hide processes running as other groups</descr>
     </item>
-    <item>
-      <descr>Hide processes running as other users</descr>
+    <item uuid="96861863-dcb9-4a2f-9249-a6d141cf58e3">
       <tunable>security.bsd.see_other_uids</tunable>
-      <value>default</value>
+      <value/>
+      <descr>Hide processes running as other users</descr>
     </item>
-    <item>
+    <item uuid="f591135f-ea64-42ac-85c8-eb85f8d15498">
+      <tunable>net.inet.ip.redirect</tunable>
+      <value/>
       <descr>Enable/disable sending of ICMP redirects in response to IP packets for which a better,
         and for the sender directly reachable, route and next hop is known.
       </descr>
-      <tunable>net.inet.ip.redirect</tunable>
-      <value>default</value>
     </item>
-    <item>
+    <item uuid="6b1d6efb-ca7f-4170-9be5-350d2942cb42">
+      <tunable>net.inet.icmp.drop_redirect</tunable>
+      <value>1</value>
       <descr>
         Redirect attacks are the purposeful mass-issuing of ICMP type 5 packets. In a normal network, redirects
         to the end stations should not be required. This option enables the NIC to drop all inbound ICMP redirect
         packets without returning a response.
       </descr>
-      <tunable>net.inet.icmp.drop_redirect</tunable>
-      <value>1</value>
     </item>
-    <item>
-      <descr>Maximum outgoing UDP datagram size</descr>
+    <item uuid="1df8e456-219b-4b1b-bae3-1c7b4ee591e3">
       <tunable>net.local.dgram.maxdgram</tunable>
-      <value>default</value>
+      <value/>
+      <descr>Maximum outgoing UDP datagram size</descr>
     </item>
-    <item>
+    <item uuid="e711e801-9a3d-4db1-a839-ba16a8619d9e">
       <tunable>net.inet.tcp.mss_ifmtu</tunable>
       <value>1</value>
       <descr>Enable TCP MSS auto-adjust based on interface MTU</descr>
@@ -210,21 +210,31 @@
     <hostname>gate</hostname>
     <domain>waw.eldorado.city</domain>
     <dnsallowoverride>1</dnsallowoverride>
-    <group>
-      <name>admins</name>
-      <description>System Administrators</description>
-      <scope>system</scope>
+    <group uuid="3fc732e2-69ee-404d-abcc-58a09623c6b4">
       <gid>1999</gid>
-      <member>0</member>
-      <priv>page-all</priv>
-    </group>
-    <user>
-      <name>root</name>
-      <descr>System Administrator</descr>
+      <name>admins</name>
       <scope>system</scope>
-      <groupname>admins</groupname>
-      <password>$2y$11$bze9aco9zESP42qWhxo7yORRiK1mRvoa5aa7lzXetRg4NDULMOyOu</password>
+      <description>System Administrators</description>
+      <priv>page-all</priv>
+      <member>0</member>
+    </group>
+    <user uuid="400087b3-ddee-42be-be34-a4047af1de21">
       <uid>0</uid>
+      <name>root</name>
+      <disabled>0</disabled>
+      <scope>system</scope>
+      <expires/>
+      <authorizedkeys/>
+      <otp_seed/>
+      <shell/>
+      <password>$2y$11$bze9aco9zESP42qWhxo7yORRiK1mRvoa5aa7lzXetRg4NDULMOyOu</password>
+      <landing_page/>
+      <comment/>
+      <email/>
+      <apikeys/>
+      <priv/>
+      <language/>
+      <descr>System Administrator</descr>
       <dashboard/>
     </user>
     <nextuid>2000</nextuid>
@@ -286,44 +296,44 @@
         <enabled>1</enabled>
         <url>ssh://projects-gate.radziel.com:40294/radziel/gate-config.git</url>
         <branch>master</branch>
-        <privkey>-----BEGIN OPENSSH PRIVATE KEY-----&#xD;
-b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn&#xD;
-NhAAAAAwEAAQAAAYEA0HPzKFtIswRQ5v5riYE/Z0WiKhpLVnXVwxkhTTV3JQ59pmW5fs3b&#xD;
-dWqf2qyNnmCu6ITv1deKBTolihh8OLaGvis+DA8U1yPUxjFB/OPv16gIEF1erryOJfx2Q1&#xD;
-ikGkWja+Bs/MSI7RY/uKkJyc/w1+plAJQMxy3Q37CSE1m3luGLLvz7tbIkE6ZpJdkXo8mL&#xD;
-CF65YyofP9Q67WQ5AWZ5L7pryYUBgpPs4CPzkNESKcsx8S19LyubDpd8tw8IgJB+w0vkre&#xD;
-/ikzhIA49kxeyNOcWk+j6nFLSBFT9k36T4BkKbBBJj6KBBzI8j+qhs6WYl4BbVb/ETufmw&#xD;
-YzPj5+FZi9six59lPGdqVz8ZsHLbq553HlIlFWWkWpa/qK0ON/K2DmKgqeb9L7AvVQle7C&#xD;
-hmkEenIz5Edkl+URW/fGEGaM4/9si3KpwQSegk05aS0DiMQeJNIw7S5aKerymKFOUwAbav&#xD;
-LgF5eHeAu6aSXtaIDmLVIYx5YlCfVnz9WrOoKdsvAAAFiAucWlULnFpVAAAAB3NzaC1yc2&#xD;
-EAAAGBANBz8yhbSLMEUOb+a4mBP2dFoioaS1Z11cMZIU01dyUOfaZluX7N23Vqn9qsjZ5g&#xD;
-ruiE79XXigU6JYoYfDi2hr4rPgwPFNcj1MYxQfzj79eoCBBdXq68jiX8dkNYpBpFo2vgbP&#xD;
-zEiO0WP7ipCcnP8NfqZQCUDMct0N+wkhNZt5bhiy78+7WyJBOmaSXZF6PJiwheuWMqHz/U&#xD;
-Ou1kOQFmeS+6a8mFAYKT7OAj85DREinLMfEtfS8rmw6XfLcPCICQfsNL5K3v4pM4SAOPZM&#xD;
-XsjTnFpPo+pxS0gRU/ZN+k+AZCmwQSY+igQcyPI/qobOlmJeAW1W/xE7n5sGMz4+fhWYvb&#xD;
-IsefZTxnalc/GbBy26uedx5SJRVlpFqWv6itDjfytg5ioKnm/S+wL1UJXuwoZpBHpyM+RH&#xD;
-ZJflEVv3xhBmjOP/bItyqcEEnoJNOWktA4jEHiTSMO0uWinq8pihTlMAG2ry4BeXh3gLum&#xD;
-kl7WiA5i1SGMeWJQn1Z8/VqzqCnbLwAAAAMBAAEAAAGAA0j92TIjFwB86T8I4ShidZVb2m&#xD;
-UCsJtNIfTTQ7Jm18nULMX9TTnKTnM+j1rZJS3/OQE1/xKVWsK7/7f7ZoYTNouw6ni8X9hG&#xD;
-jKm5vAC4RsJKVOkGdSOElqWqvsyhUsar2NHhyylVF8Nvf/tYq6UKyyRRsNd5zL50mb81y3&#xD;
-dGVOrmCiNeMNKyDds5XKmAsrSaQSiuVu6S19XXkzvZSCPeH2Sajpj5g/N32rUbrA8XcFrY&#xD;
-RSWYi6CYzNCSBxfbZEdNU3rntvXF37mZZF9CDo/If23D1CLA2PjGqKt9FR+lJu0y6+nKqU&#xD;
-9MxoWhZuWpxz6icSL0E5oweWdb/oRYjDTwOm5AF/jEofAVh4mivuOPDFVpFyDDNuTJ5jzS&#xD;
-KOGkqOj5SE00RkoCmdUmnt7fxB4T+ZAQ+ZcPzXSBtVdzQolrGLijsSCAVKXR6tgXyKDeRU&#xD;
-Ck6RVKlxnu5RrLBp2uzhVU8h5FqaEoWha7lFTeH/TGPvayMaGSfU4FL7RoNfmZrNHZAAAA&#xD;
-wQCHDwFjTLSTq6oFNmJtojw83Lz3ObsVFvom27saZlb6iCUq7O972uEnG1iQUpQpGmI99L&#xD;
-UlZ3K25v7ePbtjOpuKSv+cR7kOXa3EnvOyz0TwofnUYRRD3nk8dEJ9e1A0dbi76RUxVdmx&#xD;
-ygc157MaxI1wClw+CKwsluFvUSigfv9IcyWRtH1bS0GHRVh8vfq0jmLV6g/zQGFGgFomB1&#xD;
-sBiZmwdQzk+lkBYgOuqxdJWSVqmrvlIqcwUxSIuOohzNW+LqEAAADBANNcXSwb2TP+ljbu&#xD;
-CqdgIvDeB6WEoIqQ/dTYAPZWiKh+T31mzBRqWC+vTHyh/MuhnRy4YCpq7Y9eT970xu+PWA&#xD;
-Z3wCpXnXAwt/AU8yqMxA+KAtmX3f9DRBHEWysuDs4LRGBfC8Y5xyPNX1j1nt4WZTxq8jQ7&#xD;
-A9KlK61sjcwTnxC0745S1QjGiOq1PookR/fw1gl+zgASMy+wOIkQi/ioSklEJNfYDFPGtG&#xD;
-uljSlpIeI5J37mA0X7Jc3oRJrflvPF+QAAAMEA/Hpdxpztsc+0XiEZ4psGOFDEpEUfGtFw&#xD;
-I2imT340O8OWzpR7bHLdjZJSN+fIlaFqX8u2XOGMwhd/nNMSF6MSp+3PXuUQc+vPNRjQA1&#xD;
-2JMspHmjwyRMXZ2qzd7wY8yaDWnX5BHRwoFMm1FhqdevYuMm6QavnRrPFTdji45oo4gUSg&#xD;
-+tD7qpNAPHRNrE5A5oMTXCeYUj1w0Gvmz8o7ww5qgRQzXIbf91orhFDiTci6OKcj018r0u&#xD;
-xNByHw9ei5+9RnAAAADnJhZHppZWxAaGVybWVzAQIDBA==&#xD;
------END OPENSSH PRIVATE KEY-----&#xD;
+        <privkey>-----BEGIN OPENSSH PRIVATE KEY-----&#13;
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn&#13;
+NhAAAAAwEAAQAAAYEA0HPzKFtIswRQ5v5riYE/Z0WiKhpLVnXVwxkhTTV3JQ59pmW5fs3b&#13;
+dWqf2qyNnmCu6ITv1deKBTolihh8OLaGvis+DA8U1yPUxjFB/OPv16gIEF1erryOJfx2Q1&#13;
+ikGkWja+Bs/MSI7RY/uKkJyc/w1+plAJQMxy3Q37CSE1m3luGLLvz7tbIkE6ZpJdkXo8mL&#13;
+CF65YyofP9Q67WQ5AWZ5L7pryYUBgpPs4CPzkNESKcsx8S19LyubDpd8tw8IgJB+w0vkre&#13;
+/ikzhIA49kxeyNOcWk+j6nFLSBFT9k36T4BkKbBBJj6KBBzI8j+qhs6WYl4BbVb/ETufmw&#13;
+YzPj5+FZi9six59lPGdqVz8ZsHLbq553HlIlFWWkWpa/qK0ON/K2DmKgqeb9L7AvVQle7C&#13;
+hmkEenIz5Edkl+URW/fGEGaM4/9si3KpwQSegk05aS0DiMQeJNIw7S5aKerymKFOUwAbav&#13;
+LgF5eHeAu6aSXtaIDmLVIYx5YlCfVnz9WrOoKdsvAAAFiAucWlULnFpVAAAAB3NzaC1yc2&#13;
+EAAAGBANBz8yhbSLMEUOb+a4mBP2dFoioaS1Z11cMZIU01dyUOfaZluX7N23Vqn9qsjZ5g&#13;
+ruiE79XXigU6JYoYfDi2hr4rPgwPFNcj1MYxQfzj79eoCBBdXq68jiX8dkNYpBpFo2vgbP&#13;
+zEiO0WP7ipCcnP8NfqZQCUDMct0N+wkhNZt5bhiy78+7WyJBOmaSXZF6PJiwheuWMqHz/U&#13;
+Ou1kOQFmeS+6a8mFAYKT7OAj85DREinLMfEtfS8rmw6XfLcPCICQfsNL5K3v4pM4SAOPZM&#13;
+XsjTnFpPo+pxS0gRU/ZN+k+AZCmwQSY+igQcyPI/qobOlmJeAW1W/xE7n5sGMz4+fhWYvb&#13;
+IsefZTxnalc/GbBy26uedx5SJRVlpFqWv6itDjfytg5ioKnm/S+wL1UJXuwoZpBHpyM+RH&#13;
+ZJflEVv3xhBmjOP/bItyqcEEnoJNOWktA4jEHiTSMO0uWinq8pihTlMAG2ry4BeXh3gLum&#13;
+kl7WiA5i1SGMeWJQn1Z8/VqzqCnbLwAAAAMBAAEAAAGAA0j92TIjFwB86T8I4ShidZVb2m&#13;
+UCsJtNIfTTQ7Jm18nULMX9TTnKTnM+j1rZJS3/OQE1/xKVWsK7/7f7ZoYTNouw6ni8X9hG&#13;
+jKm5vAC4RsJKVOkGdSOElqWqvsyhUsar2NHhyylVF8Nvf/tYq6UKyyRRsNd5zL50mb81y3&#13;
+dGVOrmCiNeMNKyDds5XKmAsrSaQSiuVu6S19XXkzvZSCPeH2Sajpj5g/N32rUbrA8XcFrY&#13;
+RSWYi6CYzNCSBxfbZEdNU3rntvXF37mZZF9CDo/If23D1CLA2PjGqKt9FR+lJu0y6+nKqU&#13;
+9MxoWhZuWpxz6icSL0E5oweWdb/oRYjDTwOm5AF/jEofAVh4mivuOPDFVpFyDDNuTJ5jzS&#13;
+KOGkqOj5SE00RkoCmdUmnt7fxB4T+ZAQ+ZcPzXSBtVdzQolrGLijsSCAVKXR6tgXyKDeRU&#13;
+Ck6RVKlxnu5RrLBp2uzhVU8h5FqaEoWha7lFTeH/TGPvayMaGSfU4FL7RoNfmZrNHZAAAA&#13;
+wQCHDwFjTLSTq6oFNmJtojw83Lz3ObsVFvom27saZlb6iCUq7O972uEnG1iQUpQpGmI99L&#13;
+UlZ3K25v7ePbtjOpuKSv+cR7kOXa3EnvOyz0TwofnUYRRD3nk8dEJ9e1A0dbi76RUxVdmx&#13;
+ygc157MaxI1wClw+CKwsluFvUSigfv9IcyWRtH1bS0GHRVh8vfq0jmLV6g/zQGFGgFomB1&#13;
+sBiZmwdQzk+lkBYgOuqxdJWSVqmrvlIqcwUxSIuOohzNW+LqEAAADBANNcXSwb2TP+ljbu&#13;
+CqdgIvDeB6WEoIqQ/dTYAPZWiKh+T31mzBRqWC+vTHyh/MuhnRy4YCpq7Y9eT970xu+PWA&#13;
+Z3wCpXnXAwt/AU8yqMxA+KAtmX3f9DRBHEWysuDs4LRGBfC8Y5xyPNX1j1nt4WZTxq8jQ7&#13;
+A9KlK61sjcwTnxC0745S1QjGiOq1PookR/fw1gl+zgASMy+wOIkQi/ioSklEJNfYDFPGtG&#13;
+uljSlpIeI5J37mA0X7Jc3oRJrflvPF+QAAAMEA/Hpdxpztsc+0XiEZ4psGOFDEpEUfGtFw&#13;
+I2imT340O8OWzpR7bHLdjZJSN+fIlaFqX8u2XOGMwhd/nNMSF6MSp+3PXuUQc+vPNRjQA1&#13;
+2JMspHmjwyRMXZ2qzd7wY8yaDWnX5BHRwoFMm1FhqdevYuMm6QavnRrPFTdji45oo4gUSg&#13;
++tD7qpNAPHRNrE5A5oMTXCeYUj1w0Gvmz8o7ww5qgRQzXIbf91orhFDiTci6OKcj018r0u&#13;
+xNByHw9ei5+9RnAAAADnJhZHppZWxAaGVybWVzAQIDBA==&#13;
+-----END OPENSSH PRIVATE KEY-----&#13;
 </privkey>
         <user>git</user>
         <password/>
@@ -1291,8 +1301,8 @@ xNByHw9ei5+9RnAAAADnJhZHppZWxAaGVybWVzAQIDBA==&#xD;
   </widgets>
   <revision>
     <username>(system)</username>
-    <description>/usr/local/opnsense/scripts/OPNsense/AcmeClient/lecert.php made changes</description>
-    <time>1764717021.9334</time>
+    <description>/usr/local/opnsense/mvc/script/run_migrations.php made changes</description>
+    <time>1767005844.7902</time>
   </revision>
   <OPNsense>
     <wireguard>
@@ -1335,12 +1345,14 @@ xNByHw9ei5+9RnAAAADnJhZHppZWxAaGVybWVzAQIDBA==&#xD;
         </servers>
       </server>
     </wireguard>
-    <IPsec version="1.0.3">
+    <IPsec version="1.0.4">
       <general>
         <enabled/>
         <preferred_oldsa>0</preferred_oldsa>
         <disablevpnrules>0</disablevpnrules>
         <passthrough_networks/>
+        <user_source/>
+        <local_group/>
       </general>
       <charon>
         <max_ikev1_exchanges/>
@@ -1349,6 +1361,8 @@ xNByHw9ei5+9RnAAAADnJhZHppZWxAaGVybWVzAQIDBA==&#xD;
         <ikesa_table_segments>4</ikesa_table_segments>
         <init_limit_half_open>1000</init_limit_half_open>
         <ignore_acquire_ts>1</ignore_acquire_ts>
+        <install_routes>0</install_routes>
+        <cisco_unity>0</cisco_unity>
         <make_before_break/>
         <retransmit_tries/>
         <retransmit_timeout/>
@@ -1379,6 +1393,29 @@ xNByHw9ei5+9RnAAAADnJhZHppZWxAaGVybWVzAQIDBA==&#xD;
             <tnc>1</tnc>
           </daemon>
         </syslog>
+        <plugins>
+          <attr>
+            <subnet/>
+            <split-include/>
+            <x_28674/>
+            <x_28675/>
+            <x_28672/>
+            <x_28673>0</x_28673>
+            <x_28679/>
+            <dns/>
+            <nbns/>
+          </attr>
+          <eap-radius>
+            <servers/>
+            <accounting>0</accounting>
+            <class_group>0</class_group>
+          </eap-radius>
+          <xauth-pam>
+            <pam_service>ipsec</pam_service>
+            <session>0</session>
+            <trim_email>1</trim_email>
+          </xauth-pam>
+        </plugins>
       </charon>
       <keyPairs/>
       <preSharedKeys/>
@@ -1400,7 +1437,7 @@ xNByHw9ei5+9RnAAAADnJhZHppZWxAaGVybWVzAQIDBA==&#xD;
       <Instances/>
       <StaticKeys/>
     </OpenVPN>
-    <captiveportal version="1.0.2">
+    <captiveportal version="1.0.4">
       <zones/>
       <templates/>
     </captiveportal>
@@ -1580,7 +1617,7 @@ xNByHw9ei5+9RnAAAADnJhZHppZWxAaGVybWVzAQIDBA==&#xD;
           <http_port>8000</http_port>
         </general>
       </ctrl_agent>
-      <dhcp4 version="1.0.2">
+      <dhcp4 version="1.0.3">
         <general>
           <enabled>0</enabled>
           <interfaces/>
@@ -1597,6 +1634,24 @@ xNByHw9ei5+9RnAAAADnJhZHppZWxAaGVybWVzAQIDBA==&#xD;
         <reservations/>
         <ha_peers/>
       </dhcp4>
+      <dhcp6 version="1.0.0">
+        <general>
+          <enabled>0</enabled>
+          <manual_config>0</manual_config>
+          <interfaces/>
+          <valid_lifetime>4000</valid_lifetime>
+          <fwrules>1</fwrules>
+        </general>
+        <ha>
+          <enabled>0</enabled>
+          <this_server_name/>
+          <max_unacked_clients>2</max_unacked_clients>
+        </ha>
+        <subnets/>
+        <reservations/>
+        <pd_pools/>
+        <ha_peers/>
+      </dhcp6>
     </Kea>
     <monit version="1.0.13">
       <general>
@@ -1918,7 +1973,7 @@ xNByHw9ei5+9RnAAAADnJhZHppZWxAaGVybWVzAQIDBA==&#xD;
       <queues/>
       <rules/>
     </TrafficShaper>
-    <unboundplus version="1.0.11">
+    <unboundplus version="1.0.12">
       <general>
         <enabled>1</enabled>
         <port>53</port>
@@ -2005,6 +2060,7 @@ xNByHw9ei5+9RnAAAADnJhZHppZWxAaGVybWVzAQIDBA==&#xD;
           <port/>
           <verify/>
           <forward_tcp_upstream>0</forward_tcp_upstream>
+          <forward_first>0</forward_first>
           <description/>
         </dot>
       </dots>
@@ -2016,6 +2072,7 @@ xNByHw9ei5+9RnAAAADnJhZHppZWxAaGVybWVzAQIDBA==&#xD;
           <rr>A</rr>
           <mxprio/>
           <mx/>
+          <ttl/>
           <server>192.168.2.253</server>
           <description/>
         </host>
@@ -2026,6 +2083,7 @@ xNByHw9ei5+9RnAAAADnJhZHppZWxAaGVybWVzAQIDBA==&#xD;
           <rr>A</rr>
           <mxprio/>
           <mx/>
+          <ttl/>
           <server>192.168.2.20</server>
           <description/>
         </host>
@@ -2036,6 +2094,7 @@ xNByHw9ei5+9RnAAAADnJhZHppZWxAaGVybWVzAQIDBA==&#xD;
           <rr>A</rr>
           <mxprio/>
           <mx/>
+          <ttl/>
           <server>172.27.72.254</server>
           <description/>
         </host>
@@ -2046,6 +2105,7 @@ xNByHw9ei5+9RnAAAADnJhZHppZWxAaGVybWVzAQIDBA==&#xD;
           <rr>A</rr>
           <mxprio/>
           <mx/>
+          <ttl/>
           <server>172.27.72.1</server>
           <description/>
         </host>
@@ -2056,6 +2116,7 @@ xNByHw9ei5+9RnAAAADnJhZHppZWxAaGVybWVzAQIDBA==&#xD;
           <rr>A</rr>
           <mxprio/>
           <mx/>
+          <ttl/>
           <server>172.27.72.5</server>
           <description/>
         </host>
@@ -2563,7 +2624,7 @@ xNByHw9ei5+9RnAAAADnJhZHppZWxAaGVybWVzAQIDBA==&#xD;
   <laggs version="1.0.0">
     <lagg/>
   </laggs>
-  <virtualip version="1.0.0"/>
+  <virtualip version="1.0.1"/>
   <vlans version="1.0.0">
     <vlan uuid="dfff563c-29ee-424e-8b56-f735b38e9b64">
       <if>vtnet5</if>
@@ -2626,21 +2687,27 @@ xNByHw9ei5+9RnAAAADnJhZHppZWxAaGVybWVzAQIDBA==&#xD;
       <disabled>0</disabled>
     </route>
   </staticroutes>
-  <bridges>
-    <bridged>
-      <descr>LAN_BRIDGE</descr>
-      <maxaddr/>
-      <timeout/>
+  <bridges version="1.0.0">
+    <bridged uuid="e6c8b326-966c-47d8-a72d-e0dd8d193b82">
       <bridgeif>bridge0</bridgeif>
+      <members>opt12,opt1,opt2,opt3,opt4,opt5</members>
+      <linklocal>0</linklocal>
+      <enablestp>0</enablestp>
+      <proto>rstp</proto>
+      <stp/>
       <maxage/>
       <fwdelay/>
-      <hellotime/>
-      <priority/>
-      <proto>rstp</proto>
       <holdcnt/>
-      <members>opt12,opt1,opt2,opt3,opt4,opt5</members>
-      <ifpriority/>
-      <ifpathcost/>
+      <maxaddr/>
+      <timeout/>
+      <span/>
+      <edge/>
+      <autoedge/>
+      <ptp/>
+      <autoptp/>
+      <static/>
+      <private/>
+      <descr>LAN_BRIDGE</descr>
     </bridged>
   </bridges>
   <gifs version="1.0.0">
@@ -2705,13 +2772,14 @@ xNByHw9ei5+9RnAAAADnJhZHppZWxAaGVybWVzAQIDBA==&#xD;
     <nologbogons>1</nologbogons>
     <nologprivatenets>1</nologprivatenets>
   </syslog>
-  <hasync version="1.0.1">
+  <hasync version="1.0.2">
     <disablepreempt>0</disablepreempt>
     <disconnectppps>0</disconnectppps>
     <pfsyncinterface/>
     <pfsyncpeerip/>
     <pfsyncversion>1400</pfsyncversion>
     <synchronizetoip/>
+    <verifypeer>0</verifypeer>
     <username/>
     <password/>
     <syncitems/>
@@ -2732,4 +2800,39 @@ xNByHw9ei5+9RnAAAADnJhZHppZWxAaGVybWVzAQIDBA==&#xD;
     <serial/>
     <caref/>
   </ca>
+  <dnsmasq version="1.0.7">
+    <enable>0</enable>
+    <regdhcp>0</regdhcp>
+    <regdhcpstatic>0</regdhcpstatic>
+    <dhcpfirst>0</dhcpfirst>
+    <strict_order>0</strict_order>
+    <domain_needed>0</domain_needed>
+    <no_private_reverse>0</no_private_reverse>
+    <no_resolv>0</no_resolv>
+    <log_queries>0</log_queries>
+    <no_hosts>0</no_hosts>
+    <strictbind>0</strictbind>
+    <dnssec>0</dnssec>
+    <regdhcpdomain/>
+    <interface/>
+    <port/>
+    <dns_forward_max/>
+    <cache_size/>
+    <local_ttl/>
+    <add_mac/>
+    <add_subnet>0</add_subnet>
+    <strip_subnet>0</strip_subnet>
+    <dhcp>
+      <no_interface/>
+      <fqdn>1</fqdn>
+      <domain/>
+      <lease_max/>
+      <authoritative>0</authoritative>
+      <default_fw_rules>1</default_fw_rules>
+      <reply_delay/>
+      <enable_ra>0</enable_ra>
+      <nosync>0</nosync>
+    </dhcp>
+    <no_ident>1</no_ident>
+  </dnsmasq>
 </opnsense>