%PDF-
%PDF-
Mini Shell
Mini Shell
<model>
<mount>//OPNsense/unboundplus</mount>
<description>Unbound configuration</description>
<version>1.0.11</version>
<items>
<general>
<enabled type="BooleanField">
<Default>0</Default>
<Required>Y</Required>
</enabled>
<port type="PortField">
<Default>53</Default>
<Required>Y</Required>
</port>
<stats type="BooleanField"/>
<active_interface type=".\UnboundInterfaceField">
<Multiple>Y</Multiple>
</active_interface>
<dnssec type="BooleanField"/>
<dns64 type="BooleanField"/>
<dns64prefix type="NetworkField">
<NetMaskRequired>Y</NetMaskRequired>
<AddressFamily>ipv6</AddressFamily>
</dns64prefix>
<noarecords type="BooleanField"/>
<regdhcp type="BooleanField"/>
<regdhcpdomain type="TextField">
<Mask>/^(?:(?:[a-z0-9]|[a-z0-9][a-z0-9\-]*[a-z0-9])\.)*(?:[a-z0-9]|[a-z0-9][a-z0-9\-]*[a-z0-9])$/i</Mask>
<ValidationMessage>A valid domain must be specified.</ValidationMessage>
</regdhcpdomain>
<regdhcpstatic type="BooleanField"/>
<noreglladdr6 type="BooleanField"/>
<noregrecords type="BooleanField"/>
<txtsupport type="BooleanField"/>
<cacheflush type="BooleanField"/>
<local_zone_type type="OptionField">
<Default>transparent</Default>
<Required>Y</Required>
<OptionValues>
<opt1 value="transparent">transparent</opt1>
<opt2 value="always_nxdomain">always_nxdomain</opt2>
<opt3 value="always_refuse">always_refuse</opt3>
<opt4 value="always_transparent">always_transparent</opt4>
<opt5 value="deny">deny</opt5>
<opt6 value="inform">inform</opt6>
<opt7 value="inform_deny">inform_deny</opt7>
<opt8 value="nodefault">nodefault</opt8>
<opt9 value="refuse">refuse</opt9>
<opt10 value="static">static</opt10>
<opt11 value="typetransparent">typetransparent</opt11>
</OptionValues>
</local_zone_type>
<outgoing_interface type=".\UnboundInterfaceField">
<Multiple>Y</Multiple>
</outgoing_interface>
<enable_wpad type="BooleanField"/>
</general>
<advanced>
<hideidentity type="BooleanField"/>
<hideversion type="BooleanField"/>
<prefetch type="BooleanField"/>
<prefetchkey type="BooleanField"/>
<dnssecstripped type="BooleanField"/>
<aggressivensec type="BooleanField">
<Required>Y</Required>
<Default>1</Default>
</aggressivensec>
<serveexpired type="BooleanField"/>
<serveexpiredreplyttl type="NumericField"/>
<serveexpiredttl type="NumericField"/>
<serveexpiredttlreset type="BooleanField"/>
<serveexpiredclienttimeout type="NumericField"/>
<qnameminstrict type="BooleanField"/>
<extendedstatistics type="BooleanField"/>
<logqueries type="BooleanField"/>
<logreplies type="BooleanField"/>
<logtagqueryreply type="BooleanField"/>
<logservfail type="BooleanField"/>
<loglocalactions type="BooleanField"/>
<logverbosity type="OptionField">
<Default>1</Default>
<Required>Y</Required>
<OptionValues>
<opt1 value="0">Level 0</opt1>
<opt2 value="1">Level 1 (Default)</opt2>
<opt3 value="2">Level 2</opt3>
<opt4 value="3">Level 3</opt4>
<opt5 value="4">Level 4</opt5>
<opt6 value="5">Level 5</opt6>
</OptionValues>
</logverbosity>
<valloglevel type="OptionField">
<Default>0</Default>
<Required>Y</Required>
<OptionValues>
<opt1 value="0">Level 0 (Default)</opt1>
<opt2 value="1">Level 1</opt2>
<opt3 value="2">Level 2</opt3>
</OptionValues>
</valloglevel>
<privatedomain type="CSVListField"/>
<privateaddress type="NetworkField">
<Required>Y</Required>
<FieldSeparator>,</FieldSeparator>
<WildcardEnabled>N</WildcardEnabled>
<Default>0.0.0.0/8,10.0.0.0/8,100.64.0.0/10,169.254.0.0/16,172.16.0.0/12,192.0.2.0/24,192.168.0.0/16,198.18.0.0/15,198.51.100.0/24,203.0.113.0/24,233.252.0.0/24,::1/128,2001:db8::/32,fc00::/8,fd00::/8,fe80::/10</Default>
<asList>Y</asList>
</privateaddress>
<insecuredomain type="CSVListField"/>
<msgcachesize type="TextField">
<Mask>/[0-9]+[kmg]?/i</Mask>
<ValidationMessage>The cache size should be numeric, optionally appended with 'k', 'm', or 'g'</ValidationMessage>
</msgcachesize>
<rrsetcachesize type="TextField">
<Mask>/[0-9]+[kmg]?/i</Mask>
<ValidationMessage>The cache size should be numeric, optionally appended with 'k', 'm', or 'g'</ValidationMessage>
</rrsetcachesize>
<outgoingnumtcp type="NumericField"/>
<incomingnumtcp type="NumericField"/>
<numqueriesperthread type="NumericField"/>
<outgoingrange type="NumericField"/>
<jostletimeout type="NumericField"/>
<discardtimeout type="NumericField"/>
<cachemaxttl type="NumericField"/>
<cachemaxnegativettl type="NumericField"/>
<cacheminttl type="NumericField"/>
<infrahostttl type="NumericField"/>
<infrakeepprobing type="BooleanField"/>
<infracachenumhosts type="NumericField"/>
<unwantedreplythreshold type="NumericField"/>
</advanced>
<acls>
<default_action type="OptionField">
<Default>allow</Default>
<Required>Y</Required>
<OptionValues>
<opt1 value="allow">Allow</opt1>
<opt2 value="deny">Deny</opt2>
<opt3 value="refuse">Refuse</opt3>
</OptionValues>
</default_action>
<acl type="ArrayField">
<enabled type="BooleanField">
<Default>1</Default>
<Required>Y</Required>
</enabled>
<name type="TextField">
<Required>Y</Required>
<ValidationMessage>An Access list name is required</ValidationMessage>
</name>
<action type="OptionField">
<Default>allow</Default>
<Required>Y</Required>
<OptionValues>
<opt1 value="allow">Allow</opt1>
<opt2 value="deny">Deny</opt2>
<opt3 value="refuse">Refuse</opt3>
<opt4 value="allow_snoop">Allow Snoop</opt4>
<opt5 value="deny_non_local">Deny Non-local</opt5>
<opt6 value="refuse_non_local">Refuse Non-local</opt6>
</OptionValues>
</action>
<networks type="NetworkField">
<Multiple>Y</Multiple>
<Required>Y</Required>
<ValidationMessage>Please specify a one or more valid network segment in CIDR notation (Ipv4/IPv6).</ValidationMessage>
<WildcardEnabled>N</WildcardEnabled>
<FieldSeparator>,</FieldSeparator>
<NetMaskRequired>Y</NetMaskRequired>
<asList>Y</asList>
</networks>
<description type="DescriptionField"/>
</acl>
</acls>
<dnsbl>
<enabled type="BooleanField">
<Default>0</Default>
<Required>Y</Required>
</enabled>
<safesearch type="BooleanField"/>
<type type="OptionField">
<Multiple>Y</Multiple>
<OptionValues>
<atf>Abuse.ch - ThreatFox IOC database</atf>
<aa>AdAway List</aa>
<ag>AdGuard List</ag>
<bla0>Blocklist.site Abuse</bla0>
<bla>Blocklist.site Ads</bla>
<blc>Blocklist.site Crypto</blc>
<bld>Blocklist.site Drugs</bld>
<blf>Blocklist.site Fraud</blf>
<blf0>Blocklist.site Facebook</blf0>
<blg>Blocklist.site Gambling</blg>
<blm>Blocklist.site Malware</blm>
<blp>Blocklist.site Phishing</blp>
<blp0>Blocklist.site Piracy</blp0>
<blp1>Blocklist.site Porn</blp1>
<blr>Blocklist.site Ransomware</blr>
<blr0>Blocklist.site Redirect</blr0>
<bls>Blocklist.site Scam</bls>
<blt>Blocklist.site Tiktok</blt>
<blt0>Blocklist.site Torrent</blt0>
<blt1>Blocklist.site Tracking</blt1>
<bly>Blocklist.site Youtube</bly>
<el>EasyList</el>
<ep>EasyPrivacy</ep>
<hgz001>[hagezi] Multi LIGHT - Basic protection</hgz001>
<hgz002>[hagezi] Multi NORMAL - All-round protection</hgz002>
<hgz003>[hagezi] Multi PRO - Extended protection</hgz003>
<hgz004>[hagezi] Multi PRO mini </hgz004>
<hgz005>[hagezi] Multi PRO++ - Maximum protection</hgz005>
<hgz006>[hagezi] Multi PRO++ mini</hgz006>
<hgz007>[hagezi] Multi ULTIMATE - Aggressive protection</hgz007>
<hgz008>[hagezi] Multi ULTIMATE mini</hgz008>
<hgz009>[hagezi] Fake - scams / fakes</hgz009>
<hgz010>[hagezi] Pop-Up Ads</hgz010>
<hgz011>[hagezi] Threat Intelligence Feeds</hgz011>
<hgz012>[hagezi] Threat Intelligence Feeds - Medium</hgz012>
<hgz013>[hagezi] Threat Intelligence Feeds - Mini</hgz013>
<hgz014>[hagezi] DoH/VPN/TOR/Proxy Bypass</hgz014>
<hgz015>[hagezi] Safesearch not supported</hgz015>
<hgz016>[hagezi] Dynamic DNS blocking</hgz016>
<hgz017>[hagezi] Badware Hoster blocking</hgz017>
<hgz018>[hagezi] Anti Piracy</hgz018>
<hgz019>[hagezi] Gambling</hgz019>
<hgz020>[hagezi] Gambling - Medium</hgz020>
<hgz021>[hagezi] Gambling - Mini</hgz021>
<oisd0>OISD - Domain Blocklist Ads</oisd0>
<oisd1>OISD - Domain Blocklist Big</oisd1>
<oisd2>OISD - Domain Blocklist NSFW</oisd2>
<sb>Steven Black List</sb>
<yy>YoYo List</yy>
</OptionValues>
</type>
<lists type="CSVListField"/>
<whitelists type="CSVListField"/>
<blocklists type="CSVListField"/>
<wildcards type="CSVListField">
<Mask>/^((?:(?:[a-z0-9]|[a-z0-9][a-z0-9\-]*[a-z0-9])\.){1,})(?:[a-z0-9]|[a-z0-9][a-z0-9\-]*[a-z0-9])$/i</Mask>
<ValidationMessage>A valid domain must be specified.</ValidationMessage>
<MaskPerItem>Y</MaskPerItem>
</wildcards>
<address type="NetworkField">
<NetMaskAllowed>N</NetMaskAllowed>
<AddressFamily>ipv4</AddressFamily>
</address>
<nxdomain type="BooleanField"/>
</dnsbl>
<forwarding>
<enabled type="BooleanField"/>
</forwarding>
<dots>
<dot type="ArrayField">
<enabled type="BooleanField">
<Required>Y</Required>
<Default>1</Default>
</enabled>
<type type="OptionField">
<Required>Y</Required>
<Default>dot</Default>
<OptionValues>
<dot>DNS over TLS</dot>
<forward>Forward</forward>
</OptionValues>
</type>
<domain type="HostnameField">
<IsDNSName>Y</IsDNSName>
<IpAllowed>N</IpAllowed>
<ValidationMessage>A valid domain must be specified.</ValidationMessage>
</domain>
<server type="NetworkField">
<Required>Y</Required>
</server>
<port type="PortField"/>
<verify type="HostnameField"/>
<forward_tcp_upstream type="BooleanField">
<Default>0</Default>
<Required>Y</Required>
</forward_tcp_upstream>
<description type="DescriptionField"/>
</dot>
</dots>
<hosts>
<host type="ArrayField">
<enabled type="BooleanField">
<Default>1</Default>
<Required>Y</Required>
</enabled>
<hostname type="HostnameField">
<HostWildcardAllowed>Y</HostWildcardAllowed>
<IsDNSName>Y</IsDNSName>
<IpAllowed>N</IpAllowed>
</hostname>
<domain type="TextField">
<Required>Y</Required>
<Mask>/^(?:(?:[a-z0-9]|[a-z0-9][a-z0-9\-]*[a-z0-9])\.)*(?:[a-z0-9]|[a-z0-9][a-z0-9\-]*[a-z0-9])$/i</Mask>
<ValidationMessage>A valid domain must be specified.</ValidationMessage>
</domain>
<rr type="OptionField">
<Required>Y</Required>
<Default>A</Default>
<OptionValues>
<A>A (IPv4 address)</A>
<AAAA>AAAA (IPv6 address)</AAAA>
<MX>MX (Mail server)</MX>
</OptionValues>
<Constraints>
<check001>
<reference>mxprio.check001</reference>
</check001>
<check002>
<reference>mx.check001</reference>
</check002>
<check003>
<reference>server.check001</reference>
</check003>
<check004>
<reference>server.check002</reference>
</check004>
</Constraints>
</rr>
<mxprio type="IntegerField">
<Constraints>
<check001>
<ValidationMessage>The field MX Priority is required.</ValidationMessage>
<type>SetIfConstraint</type>
<field>rr</field>
<check>MX</check>
</check001>
</Constraints>
</mxprio>
<mx type="HostnameField">
<Constraints>
<check001>
<ValidationMessage>The field MX Host is required.</ValidationMessage>
<type>SetIfConstraint</type>
<field>rr</field>
<check>MX</check>
</check001>
</Constraints>
</mx>
<server type="NetworkField">
<Constraints>
<check001>
<ValidationMessage>The field IP address is required.</ValidationMessage>
<type>SetIfConstraint</type>
<field>rr</field>
<check>A</check>
</check001>
<check002>
<ValidationMessage>The field IP address is required.</ValidationMessage>
<type>SetIfConstraint</type>
<field>rr</field>
<check>AAAA</check>
</check002>
</Constraints>
</server>
<description type="DescriptionField"/>
</host>
</hosts>
<aliases>
<alias type="ArrayField">
<enabled type="BooleanField">
<Default>1</Default>
<Required>Y</Required>
</enabled>
<host type="ModelRelationField">
<Model>
<host>
<source>OPNsense.Unbound.Unbound</source>
<items>hosts.host</items>
<display>hostname,domain</display>
<display_format>%s.%s</display_format>
</host>
</Model>
<Required>Y</Required>
</host>
<hostname type="HostnameField">
<Constraints>
<check001>
<ValidationMessage>The host field is required if a domain has not been specified.</ValidationMessage>
<type>SetIfConstraint</type>
<field>domain</field>
<check></check>
</check001>
</Constraints>
<HostWildcardAllowed>Y</HostWildcardAllowed>
<IsDNSName>Y</IsDNSName>
<IpAllowed>N</IpAllowed>
</hostname>
<domain type="TextField">
<Constraints>
<check001>
<ValidationMessage>The domain field is required if a host has not been specified.</ValidationMessage>
<type>SetIfConstraint</type>
<field>hostname</field>
<check></check>
</check001>
</Constraints>
<Mask>/^(?:(?:[a-z0-9]|[a-z0-9][a-z0-9\-]*[a-z0-9])\.)*(?:[a-z0-9]|[a-z0-9][a-z0-9\-]*[a-z0-9])$/i</Mask>
<ValidationMessage>A valid domain must be specified.</ValidationMessage>
</domain>
<description type="DescriptionField"/>
</alias>
</aliases>
</items>
</model>
Zerion Mini Shell 1.0