--- /dev/null
+.. ============LICENSE_START==========================================\r
+.. ===================================================================\r
+.. Copyright © 2018 AT&T Intellectual Property. All rights reserved.\r
+.. ===================================================================\r
+.. Licensed under the Creative Commons License, Attribution 4.0 Intl. (the "License");\r
+.. you may not use this documentation except in compliance with the License.\r
+.. You may obtain a copy of the License at\r
+.. \r
+.. https://creativecommons.org/licenses/by/4.0/\r
+.. \r
+.. Unless required by applicable law or agreed to in writing, software\r
+.. distributed under the License is distributed on an "AS IS" BASIS,\r
+.. WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
+.. See the License for the specific language governing permissions and\r
+.. limitations under the License.\r
+.. ============LICENSE_END============================================\r
+.. ECOMP is a trademark and service mark of AT&T Intellectual Property.\r
+\r
+.. _appc_cdt_guide:\r
+\r
+===================\r
+APPC CDT User Guide\r
+===================\r
+\r
+Introduction\r
+============\r
+\r
+This document is the APPC Controller Design Tool (CDT) User Guide for self-service\r
+onboarding of VNF’s. VNF owners can create templates and other artifacts\r
+for APPC Configure command (used to apply a post-instantiation\r
+configuration) as well as other life cycle commands.\r
+\r
+A complete list of all APPC supported commands is contained in the\r
+APPC LCM API Guide available on onap.readthedocs.io.\r
+\r
+Overview of APPC Support for VNF Configuration and Lifecycle Commands\r
+======================================================================\r
+\r
+APPC is an ONAP component that performs functions to manage the\r
+lifecycle of VNF’s and their component. The picture below summarizes the\r
+APP-C design intent.\r
+\r
+|image0|\r
+\r
+Some lifecycle commands are supported on any VNF type, such as commands\r
+executed using OpenStack or for generic REST calls such as for\r
+HealthCheck. Other commands require models called templates to be\r
+created in the APPC Controller Design Tool(CDT) by the VNF owner.\r
+\r
+Templates are needed for lifecycle commands such as for\r
+post-instantiation configuration and for passing payloads to a Chef or\r
+Ansible server. Templates contain static and instance-specific\r
+parameters in a structured language (currently limited to xml and JSON).\r
+The APPC CDT allows a VNF technology owner to identify the\r
+instance specific parameters with a unique name.\r
+\r
+At run time, the instance specific parameter values are populated in the\r
+template to replace the parameter name.\r
+\r
+|image1|\r
+\r
+|image2|\r
+\r
+|image3|\r
+\r
+Overview of the Onboarding Process\r
+==================================\r
+\r
+Pre-Requisites for Onboarding:\r
+------------------------------\r
+\r
+- The VNF must support the below listed device protocols along with OpenStack for VM-level commands:\r
+ - Netconf, \r
+ - Chef, \r
+ - Ansible,\r
+ - REST - The REST protocol is used for REST interfaces to a VNF. Currently, the only action that can use REST is HealthCheck.\r
+ - RESTCONF - The RESTCONF protocal is used only for VNFs that support Netconf and are able to be mounted in OpenDayLight (ODL). Use the protocal NETCONF-XML if the VNF is not ODL mountable.\r
+ \r
+- In order to build the templates needed for lifecycle commands, the\r
+ VNF owner will be asked to upload either an xml file (for Netconf) or\r
+ a JSON file (for Chef or Ansible). This file contains the parameter\r
+ values in a valid schema that would be sent to either the VNF or the\r
+ Chef/Ansible server to execute the action. For more detail on\r
+ Netconf, Chef, or Ansible, see the ONAP vendor guidelines at:\r
+\r
+ https://wiki.onap.org/pages/viewpage.action?pageId=1015852&preview=/1015849/1017888/VNF%20Management%20Requirements%20for%20OpenECOMP.pdf\r
+\r
+- The VNF related key identifiers (vnf-type, vnfc-type,\r
+ vnfc-function-code) that will be stored in A&AI have been defined.\r
+\r
+Onboarding Process Steps:\r
+-------------------------\r
+\r
+1. Use the APPC CDT GUI to populate **reference data**\r
+ describing the VNF and action to be onboarded.\r
+\r
+ - Select the VNF, action, and protocol to be on-boarded.\r
+\r
+ - Describe the VM/VNFC components that comprise the VNF’s. APPC\r
+ will use this VM/VNFC data to update A&AI when configuring the VNF\r
+ at run time.\r
+\r
+2. Create a **template** from a “golden” configuration file.\r
+\r
+ - Upload a “golden configuration” file (described later) into the APPC CDT GUI.\r
+\r
+ - Manually edit the configuration file to associate parameter names\r
+ with instance-specific values you wish to parameterize (e.g., IP addresses).\r
+\r
+ - This creates a template file, which will be used at run-time to\r
+ create the payload that APPC sends to the VNF or to Ansible/Chef.\r
+\r
+ - Alternative: If the golden configuration changes, rather than\r
+ manually re-creating an updated template, you can *automatically*\r
+ create an updated template by **Merging** a current parameter\r
+ name-value pairs file with the new configuration file. APPC will\r
+ scan the new configuration file, and automatically replace values\r
+ with parameter names.\r
+\r
+3. Create a **parameter definition** file describing instance-specific\r
+ parameters in the template.\r
+\r
+ - Once you have a template, use the **Synchronize** button to\r
+ automatically create/update a parameter definition file (and a\r
+ parameter name-value pair file) based on the template.\r
+\r
+ - You can then populate/update the fields describing each parameter.\r
+\r
+ - If the parameters will be populated from external systems (such as INSTAR), you can upload\r
+ a “key file” that automatically populates key fields used to retrieve\r
+ data from the external system.\r
+\r
+ - If the parameters will be populated from A&AI, you can select the\r
+ rules and key fields used to retrieve data from A&AI.\r
+\r
+ - The parameter definition file will be used at run time to\r
+ automatically obtain parameter values from external system, A&AI, or a user\r
+ input spreadsheet for insertion into the template.\r
+\r
+4. Create a **parameter name-value pair file** for those parameters.\r
+\r
+ - Once you have a template, use the **Synchronize** button to\r
+ automatically create a parameter name-value pair file (and a\r
+ parameter definition file) based on the template.\r
+\r
+ - The parameter name-value file serves as a guide for populating\r
+ instance-specific data into the user input spreadsheet used at run\r
+ time. The parameter name-value file can also be used to automatically\r
+ create a template via the **Merge** function as described in step 2.\r
+\r
+5. **Test** the template in your test environment using the **TEST** function of APPC CDT\r
+\r
+ - Use the **Save to APP-C** button in the CDT GUI to save the\r
+ artifacts for your VNF to APPC. \r
+\r
+ - Prepare a “user input” excel file on your PC and upload it to the\r
+ **TEST** function in the APPC CDT.\r
+\r
+ - Use the **TEST** function in the APPC CDT to execute the on-boarded action on the VNF. Verify the VNF works as expected. \r
+ \r
+ **NOTE** The **TEST** function is currently being developed as part of Beijing release and screen shots in this document are not yet updated to show this new function yet. \r
+\r
+The screen shots in following sections illustrate how to use the APPC CDT GUI for each step.\r
+\r
+Artifacts used for Onboarding:\r
+------------------------------\r
+\r
+For a given VNF, each action must be on-boarded separately. Actions can\r
+be on-boarded in any order; it is not required that “Configure” be the first action onboarded.\r
+\r
+You will create 1 Reference Data file for each VNF, and a set of up to 3\r
+files for each action you are onboarding:\r
+\r
+ 1. Template\r
+ 2. Parameter definition file (pd\_configure)\r
+ 3. Parameter name-value pair file (param\_configure)\r
+\r
+For example, onboarding the “vABC” VNF for 2 actions (Configure and\r
+ConfigModify) may result in these 7 files:\r
+\r
+ 1. reference\_AllAction\_vABC\_0.0.1V\r
+ 2. template\_Configure\_vABC\_0.0.1V\r
+ 3. pd\_Configure\_vABC\_0.0.1V\r
+ 4. param\_Configure\_vABC\_0.0.1V\r
+ 5. template\_ConfigModify\_vABC\_0.0.1V\r
+ 6. pd\_ConfigModify\_vABC\_0.0.1V\r
+ 7. param\_ConfigModify\_vABC\_0.0.1V\r
+\r
+A **Template** is required for the Ansible, Chef and Netconf protocols.\r
+\r
+The **Parameter Definition** and **Parameter Name-Value Pair** artifacts\r
+are typically used with the Configure and ConfigModify templates and are\r
+optional for templates of other actions.\r
+\r
+OpenStack and REST protocols do not use a template or parameter\r
+definitions or name-value pairs.\r
+\r
+Using the APPC Design Tool for VNF Onboarding\r
+=============================================\r
+\r
+Go to the APPC CDT GUI in the test environment using a Firefox browser.\r
+\r
+http://<server>:8080/config-design-tool/index.html#/home\r
+\r
+|image4|\r
+\r
+Clicking on “About Us” will display the current software version and who to contact for support. The contact information is configurable. What is display in diagram is just an example.\r
+\r
+|image5|\r
+\r
+Choose “My VNF’s”.\r
+\r
+If you have not used APPC CDT previously, you will be asked to\r
+enter your user id. Your work will be stored under this user id. There\r
+is no password required at this time.\r
+\r
+Note: If multiple self-service users will be working on a set of VNF’s,\r
+it is suggested that you enter a group\_name rather than your user\_id.\r
+This group name would be used by all users in the group so that all\r
+users can view/edit the same set of artifacts.\r
+\r
+If you have previously used APPC CDT, you user id will\r
+automatically be selected.\r
+\r
+|image6|\r
+\r
+The “My VNFs” GUI displays a list of the vnf-type/vnfc-types which are\r
+stored under your userid in the APPC database. You can choose either\r
+“Create New VNF” or “View/Edit” for one of your existing VNF’s.\r
+\r
+|image7|\r
+\r
+If you have not created any VNF artifacts in the current release of the\r
+APPC CDT, you will see a screen like this; click “Create new\r
+VNF” to begin.\r
+\r
+VNF artifacts created using earlier versions of the APPC CDT\r
+can be uploaded and then edited/saved, as shown on later screens. You\r
+should not have to re-create these VNF artifacts.\r
+\r
+|image8|\r
+\r
+If you choose to create a new VNF, you will see a pop-up box like this.\r
+\r
+|image9|\r
+\r
+Enter the VNF Type (and optional VNFC Type) and click next.\r
+\r
+Alternatively, you can leave the VNF type blank and choose “PROCEED\r
+ANYWAY” if you want to proceed to the Reference Data screen where you\r
+can populate the VNF reference data by uploading an existing Reference\r
+File or by manually entering it.\r
+\r
+You must populate the VNF field if uploading the existing file does not\r
+populate it.\r
+\r
+Populate reference data describing the VNF and action to be onboarded\r
+---------------------------------------------------------------------\r
+\r
+|image10|\r
+\r
+|image11|\r
+\r
+|image12|\r
+\r
+|image13|\r
+\r
+|image14|\r
+\r
+Note 1: When downloading your work to APPC; the system will download\r
+only the artifacts that have been updated in the current session. You\r
+may not see all 4 artifacts unless you visit/edit the reference,\r
+template, parameter and parameter definition screens.\r
+\r
+Note 2: When downloading files, the system will display a pop-up window\r
+for each file, but the windows are all placed on top of each other. You\r
+can drag the pop-up windows if you want to see them all at the same\r
+time.\r
+\r
+|image15|\r
+\r
+Populate OpenStack actions for a VM\r
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\r
+\r
+You can also onboard OpenStack commands for the VM level components of\r
+the VNF\r
+\r
+Under ‘Action’, select “OpenStack Actions” and then under ‘Protocol’\r
+select “OpenStack”.\r
+\r
+You must populate the ‘VNF type’ if it is not already populated.\r
+\r
+|image16|\r
+\r
+Next, upload an excel file of VM capabilities for your VNF. The excel\r
+must list OpenStack actions in the first column, and then have a column\r
+for each VM type (i.e., VNFC Function Code) showing which actions are\r
+applicable for that VM type, as shown Excel sample below:\r
+\r
+|imageA|\r
+\r
+APPC will import the data from the excel and display the results.\r
+\r
+|image17|\r
+\r
+The Template and Parameter Definition tabs do not apply to OpenStack\r
+commands.\r
+\r
+REFERENCE DATA SCREEN HELP\r
+\r
++--------------------------+------------------------------------------------------------------------------------------------------------------+\r
+| **Field/Object** | **Description** |\r
++==========================+==================================================================================================================+\r
+| **VNF Reference Data** |\r
++--------------------------+------------------------------------------------------------------------------------------------------------------+\r
+| Action | The action to be executed on the VNF, e.g., “CONFIGURE” (see table below). |\r
++--------------------------+------------------------------------------------------------------------------------------------------------------+\r
+| VNF Type | The name of the VNF, e.g. vDBE. |\r
++--------------------------+------------------------------------------------------------------------------------------------------------------+\r
+| VNFC Type | NA when describing a VNF; When describing a VNFC, enter the VNFC name e.g.,MSC, SSC, MMC, etc. |\r
++--------------------------+------------------------------------------------------------------------------------------------------------------+\r
+| Device Protocol | Choose desired protocol e.g., NETCONF-XML (see table below). |\r
++--------------------------+------------------------------------------------------------------------------------------------------------------+\r
+| Template | Will there be a template created for this VNF and action? Yes/No. |\r
++--------------------------+------------------------------------------------------------------------------------------------------------------+\r
+| User Name | Enter the user name used to configure the VNF e.g., “admin” or “root”. |\r
++--------------------------+------------------------------------------------------------------------------------------------------------------+\r
+| Port Number | Enter the port number used to configure the VNF, e.g., 22. |\r
++--------------------------+------------------------------------------------------------------------------------------------------------------+\r
+| Context URL | Enter the context portion of the REST URL (Currently used only for the HealthCheck action with REST protocol). |\r
++--------------------------+------------------------------------------------------------------------------------------------------------------+\r
+| **VNFC information** |\r
++--------------------------+------------------------------------------------------------------------------------------------------------------+\r
+| VNFC Type | Enter the VNFC name e.g. MSC, SSC, MMC, etc. |\r
++--------------------------+------------------------------------------------------------------------------------------------------------------+\r
+| VNFC Function Code | Enter the standard 3 character value for the VNFC. |\r
++--------------------------+------------------------------------------------------------------------------------------------------------------+\r
+| IP Address V4 OAM VIP | Select Y to store the O&AM VIP address with the VNFC record; otherwise select N. |\r
++--------------------------+------------------------------------------------------------------------------------------------------------------+\r
+| Group Notation Type | Select the naming scheme for VNFC/VM instances (first-vnfc-name, fixed value, relative value) |\r
++--------------------------+------------------------------------------------------------------------------------------------------------------+\r
+| Group Notation Value | For first-vnfc-name type, enter text such as “pair” or “group”. |\r
+| | |\r
+| | For fixed value type, enter any alpha-numeric text “1”, “test” etc. |\r
+| | |\r
+| | For relative value type, enter a number “1”, “2”, “4”, etc |\r
++--------------------------+------------------------------------------------------------------------------------------------------------------+\r
+| Number of VM’s | Enter the # of VM’s for this VNFC. |\r
++--------------------------+------------------------------------------------------------------------------------------------------------------+\r
+\r
+|\r
+\r
+This table shows which actions and protocols are currently available for\r
+on-boarding with the Beijing release.\r
+\r
++----------------------------------------+--------------+---------------+------------+------------+----------------+\r
+| **Action** | **Netconf/ | **Ansible** | **Chef** | **REST** | **OpenStack |\r
+| | Restconf** | | | | (VM Level)** |\r
++========================================+==============+===============+============+============+================+\r
+| **AttachVolume** | | | | | YES |\r
++----------------------------------------+--------------+---------------+------------+------------+----------------+\r
+| **Configure** | YES | YES | YES | | |\r
++----------------------------------------+--------------+---------------+------------+------------+----------------+\r
+| **Config Modify** | YES | YES | YES | | |\r
++----------------------------------------+--------------+---------------+------------+------------+----------------+\r
+| **Config Backup** | | YES | YES | | |\r
++----------------------------------------+--------------+---------------+------------+------------+----------------+\r
+| **Config Restore** | | YES | YES | | |\r
++----------------------------------------+--------------+---------------+------------+------------+----------------+\r
+| **ConfigScaleOut** | YES | YES | YES | | |\r
++----------------------------------------+--------------+---------------+------------+------------+----------------+\r
+| **DetachVolume** | | | | | YES |\r
++----------------------------------------+--------------+---------------+------------+------------+----------------+\r
+| **Evacuate** | | | | | YES |\r
++----------------------------------------+--------------+---------------+------------+------------+----------------+\r
+| **GetRunning Config\*** | YES | YES | YES | | |\r
++----------------------------------------+--------------+---------------+------------+------------+----------------+\r
+| **HealthCheck** | | YES | YES | YES | |\r
++----------------------------------------+--------------+---------------+------------+------------+----------------+\r
+| **Migrate** | | | | | YES |\r
++----------------------------------------+--------------+---------------+------------+------------+----------------+\r
+| **QuiesceTraffic** | | YES | YES | | |\r
++----------------------------------------+--------------+---------------+------------+------------+----------------+\r
+| **Rebuild** | | | | | YES |\r
++----------------------------------------+--------------+---------------+------------+------------+----------------+\r
+| **Restart** | | | | | YES |\r
++----------------------------------------+--------------+---------------+------------+------------+----------------+\r
+| **ResumeTraffic** | | YES | YES | | |\r
++----------------------------------------+--------------+---------------+------------+------------+----------------+\r
+| **Snapshot** | | | | | YES |\r
++----------------------------------------+--------------+---------------+------------+------------+----------------+\r
+| **Start** | | | | | YES |\r
++----------------------------------------+--------------+---------------+------------+------------+----------------+\r
+| **Start Application** | | YES | YES | | |\r
++----------------------------------------+--------------+---------------+------------+------------+----------------+\r
+| **Stop** | | | | | YES |\r
++----------------------------------------+--------------+---------------+------------+------------+----------------+\r
+| **Stop Application** | | YES | YES | | |\r
++----------------------------------------+--------------+---------------+------------+------------+----------------+\r
+| **UpgradeBackout** | | YES | YES | | |\r
++----------------------------------------+--------------+---------------+------------+------------+----------------+\r
+| **UpgradeBackup** | | YES | YES | | |\r
++----------------------------------------+--------------+---------------+------------+------------+----------------+\r
+| **UpgradePostCheck** | | YES | YES | | |\r
++----------------------------------------+--------------+---------------+------------+------------+----------------+\r
+| **UpgradePreCheck** | | YES | YES | | |\r
++----------------------------------------+--------------+---------------+------------+------------+----------------+\r
+| **UpgradeSoftware** | | YES | YES | | |\r
++----------------------------------------+--------------+---------------+------------+------------+----------------+\r
+ \r
+ \* GetRunningConfig is used internally by APP-C and is not callable by clients via the APP-C API. \r
+\r
+\r
+\r
+Create a template from a “golden” configuration file\r
+----------------------------------------------------\r
+\r
+There are several ways to create a template in APPC CDT:\r
+\r
+- Start from golden instance config file; manually add parameters\r
+ (described in this section)\r
+\r
+- Start with a template file, manually add more parameters. (described\r
+ in section Synchronizing a Template)\r
+\r
+- Start with config file; create updated template by **merging**\r
+ name-value pairs. (described in Create a file containing name-value pairs for parameters section)\r
+\r
+Start with a working configuration for a “golden instance” of the VNF\r
+(xml if Netconf) or the payload to be downloaded to the Chef or Ansible\r
+server (JSON).\r
+\r
+Open the XML or JSON file in Notepad ++ and verify that the format is\r
+schema compliant. If the xml file is for a post-instantiation\r
+configuration, then modify the config to include only statements that\r
+are to be added (merged) with any configuration that is on the VNF\r
+instance after instantiation. For example, remove statements that might\r
+change root passwords, etc.\r
+\r
+Optionally, add Velocity statements to the file, if desired, to handle\r
+special constructs such as variable lists, template defined constants,\r
+conditional statements, etc.\r
+\r
+Here are links with more information about the Velocity java-based\r
+template engine:\r
+\r
+ http://velocity.apache.org/engine/2.0/vtl-reference.html\r
+\r
+ http://velocity.apache.org/engine/2.0/user-guide.html\r
+\r
+This screen shows a sample Golden Configuration file that has been\r
+uploaded to APP-C CDT.\r
+\r
+|image18|\r
+\r
+Next, designate instance-specific values as parameters, using this\r
+procedure:\r
+\r
+ 1) Highlight the instance-specific value with the cursor\r
+\r
+ |image19|\r
+\r
+ 2) Type “CTRL” and “4” to insert a parameter name.\r
+\r
+ |image20|\r
+\r
+ 3) Type the parameter name in the parentheses\r
+\r
+ |image21|\r
+\r
+ 4) Type “CTRL” and “S” to save the parameter.\r
+\r
+ |image22|\r
+\r
+Repeat for each instance-specific value that you wish to turn into a\r
+parameter.\r
+\r
+*Summary of editing commands:*\r
+\r
+ - CTRL+4 to add a parameter (also saves previous unsaved parameter)\r
+ - CTRL+S to save a parameter\r
+ - CTRL+Z to undo the last edit\r
+\r
+Notes on naming Parameters:\r
+\r
+- Choose meaningful, unique parameter names for each parameter. If the\r
+ same parameter value appears in multiple places in the config, the\r
+ parameter name which is assigned to the first instance will be\r
+ automatically assigned to all instances. However, you may choose a\r
+ different parameter name for each instance of the parameter value\r
+ (except when using the MERGE function).\r
+\r
+- Use only dash (-) or underline (\_) as separators between words in\r
+ the name.\r
+\r
+- The name should not contain spaces or any other special characters.\r
+\r
+- Do not use parameter names which are sub-strings of other parameter\r
+ names. For example, don’t use field1 and field12 as parameter names.\r
+\r
+\r
+Synchronizing a Template\r
+~~~~~~~~~~~~~~~~~~~~~~~~\r
+\r
+Once you have named all the parameters (this example shows 2\r
+parameters), click the “SYNCHRONIZE” button to automatically create a\r
+parameter definition file and a parameter name-value file. The next\r
+sections describe these files.\r
+\r
+It may take a few seconds for the system to SYNCHRONIZE; when it is\r
+complete, you will be taken to the Parameter Definition screen.\r
+\r
+Remember to use the SAVE and/or DOWNLOAD buttons on the Reference Data\r
+screen to preserve your work.\r
+\r
+|image23|\r
+\r
+Modifying an Existing Template\r
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\r
+\r
+In addition to creating new templates, you can also modify an existing\r
+template by adding or removing parameter names.\r
+\r
+To add a new parameter name, follow the steps in the Create a template from a "golden" configuration file section above.\r
+SYNCHRONIZE to add the new parameter to the name/value and parameter\r
+definition GUI.\r
+\r
+To remove an existing parameter name, remove the parameter name (i.e.,\r
+${name}) using the backspace key and replace with the static value. Then\r
+SYNCHRONIZE to remove the parameter from the name/value and parameter\r
+definition GUI.\r
+\r
+Remember to use the SAVE and/or DOWNLOAD buttons on the Reference Data\r
+screen to preserve your work.\r
+\r
+Create a parameter definition file describing instance-specific parameters in the template \r
+------------------------------------------------------------------------------------------\r
+\r
+Clicking the “SYNCHRONIZE” button after creating a template will automatically create/update a parameter definition file for\r
+that template (and a parameter name-value file described in the next\r
+section). Alternatively, you can upload an existing parameter definition\r
+file from your PC.\r
+\r
+You can view or edit the definition fields for each parameter via the\r
+Parameter Definition screen. Note that any edits to the parameter names\r
+would be overwritten by a subsequent SYNCHRONIZE with the template.\r
+\r
+|image24|\r
+\r
+Select a Source for each parameter\r
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\r
+\r
+There are three choices for the source:\r
+\r
+1. External Systems (e.g., INSTAR). APPC will automatically obtain parameter values from\r
+ an external system (typically IP addresses for VNF’s). First, obtain a\r
+ “key file” for your VNF. Then use the\r
+ “Upload Key File” button on the Parameter Definition screen. APPC\r
+ will automatically populate key names and values used to retrieve data\r
+ from an external system.\r
+\r
+\r
+2. ***A&AI***. APPC will automatically obtain parameter values from\r
+ A&AI (typically VNF/VNFC/VM identifiers). After selecting “A&AI”,\r
+ select a rule type and APPC will automatically populate the key\r
+ names and values. For rule types that include a list, populate the\r
+ ‘Filter By Field’ and ‘Filter By Value’.\r
+\r
+ |image26|\r
+\r
+3. ***Manual.*** APPC will use a manually-created excel to populate\r
+ parameter values. Later section describes this User Input Spreadsheet.\r
+\r
+Remember to use the SAVE and/or DOWNLOAD buttons on the Reference Data\r
+screen to preserve your work.\r
+\r
+Create a file containing name-value pairs for parameters\r
+--------------------------------------------------------\r
+\r
+Clicking the “SYNCHRONIZE” button after creating a template (see section\r
+Synchronizing a Template) will automatically create/update a parameter name-value pair file\r
+for that template (and a parameter definition file described in the\r
+previous section).\r
+\r
+Navigate to the Template tab and “Param Values” subtab to view/edit\r
+parameter name-value pairs.\r
+\r
+If you make any edits, remember to use the SAVE and/or DOWNLOAD buttons\r
+on the Reference Data screen to preserve your work.\r
+\r
+|image27|\r
+\r
+Option: Using MERGE to automatically create a template from a parameter name-value pair file\r
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\r
+\r
+The APPC Design Tool also provides a way to create a template from an\r
+existing parameter name-value pair file. This is useful when the\r
+configuration of the VNF has changed. Rather than manually recreating\r
+the template, you can use the MERGE function to automatically add\r
+parameter names based on a valid name-value pairs file from a previous\r
+template.\r
+\r
+First, navigate to the Template tab and “Param Values” subtab and click\r
+on UPLOAD PARAM FILE\r
+\r
+|image28|\r
+\r
+Then navigate to the Template configuration screen. Upload a\r
+configuration file that contains values you wish to turn into\r
+parameters.\r
+\r
+|image29|\r
+\r
+Next, click “MERGE”. APPC will automatically add parameters to the\r
+configuration file using the name-value pairs. Wherever APPC finds a\r
+matching value, it will add the corresponding parameter name.\r
+\r
+After using the MERGE button to create a template, you can use the\r
+SYNCHRONIZE button to create/update the parameter definition file and\r
+name-value files.\r
+\r
+Remember to use the SAVE and/or DOWNLOAD buttons on the Reference Data\r
+screen to preserve your work.\r
+\r
+|image30|\r
+\r
+Test the template in a lab using APPC CDT Test Function\r
+=======================================================================\r
+\r
+User Input Spreadsheet\r
+----------------------\r
+\r
+The following steps are used to prepare a user input spreadsheet for the\r
+VNF instance and action to be tested.\r
+\r
+1. Start with this generic 1802 user input excel spreadsheet.\r
+\r
+ :download:`Generic 1802 User Input Spreadsheet v.02.xlsx` (compatible with excel 2013)\r
+\r
+2. Update the user-input sections of the spreadsheet.\r
+\r
+ a) Upload Data tab: choose action, populate VNF-ID\r
+\r
+ b) >Action< tab: Select the tab for the action being tested. Choose a\r
+ protocol and enter required action identifiers & request parameter\r
+ values. Enter any payload parameter names and values required for\r
+ this associated template. (copy/paste from a name-value pair file or\r
+ other source).\r
+\r
+ The screen shots on the following pages show the user input sections\r
+ highlighted in yellow.\r
+\r
+1. Save the spreadsheet with a name for your VNF instance and action.\r
+\r
+“Upload Data” tab – Select action to be tested and populate any action\r
+identifiers such as vnf-id.\r
+\r
+|image31|\r
+\r
+Action tab: This example is for the ConfigModify action, so the\r
+“ConfigModify” tab is shown. Choose a protocol and enter required action\r
+identifiers & request parameter values. Enter any payload parameter\r
+names and values required for this associated template. (You may\r
+copy/paste from a name-value pair file or other source).\r
+\r
+|image32|\r
+\r
+Using APPC CDT TEST action to test a VNF configuration template\r
+-----------------------------------------------------------------\r
+\r
+The APPC CDT **TEST** action is used to initiate configuration\r
+and other lifecycle commands.\r
+\r
+ ** DETAIL COMING SOON **\r
+\r
+Note on populating southbound properties:\r
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\r
+\r
+When a new vnf-type is created or a new action is added to an existing\r
+vnf-type using the CDT tool and the Reference Data artifact is loaded to\r
+APPC, an update is made to the APPC run-time southbound properties\r
+file for the vnf-type. The southbound properties are needed for\r
+connecting to a VNF instance or Ansible server. The southbound\r
+properties contain the following information:\r
+\r
+``{vnf\_type}.{protocol}.{action}.user = {value}``\r
+\r
+``{vnf\_type}.{protocol}.{action}.port = {value}``\r
+\r
+``{vnf\_type}.{protocol}.{action}.password = {value}``\r
+\r
+``{vnf\_type}.{protocol}.{action}.url = {value}``\r
+\r
+The user, port, and url values are contained in the Reference Data\r
+artifact, if populated by the self-service user. The password value is\r
+updated by T2 production support using a GUI tool provided. <TO DO: CHECK ON THIS>\r
+\r
+The current process which creates the southbound properties from the\r
+Reference Data only updates the southbound properties file only a single\r
+node in the APPC cluster. \r
+\r
+\r
+APP-C Design Tool - File Descriptions\r
+=====================================\r
+\r
++--------------------------------------------------------------------------------------------------------------------------------------+-------------------+------------------------------------------------------+\r
+| **File Description** | **File Format** | **File name / example** |\r
++======================================================================================================================================+===================+======================================================+\r
+| | | |\r
+| **Pre-template Config file** –contains a ‘golden’ or working configuration (for Netconf) or JSON data block (for Chef or Ansible). | XML, JSON | :download:`simple xml config.txt` |\r
+| | | |\r
++--------------------------------------------------------------------------------------------------------------------------------------+-------------------+------------------------------------------------------+\r
+| | | |\r
+| **Reference file** [5]_– describes a VNF in terms of its subtending VM’s and VNFC’s and the actions/protocols being onboarded. | XML, JSON | :download:`reference_AllAction_vPQR_0.0.1V.json` |\r
+| | | |\r
++--------------------------------------------------------------------------------------------------------------------------------------+-------------------+------------------------------------------------------+\r
+| | | |\r
+| **Template file** – a configuration file with parameters for instance-specific fields. | XML | :download:`template_Configure_vABC_0.0.1.txt` |\r
+| | | |\r
++--------------------------------------------------------------------------------------------------------------------------------------+-------------------+------------------------------------------------------+\r
+| | | |\r
+| **Parameter Definition file** (aka pd\_Configure) contains **parameter definitions** associated with a template. | YAML | :download:`pd_Configure_vABC_0.0.1V.yaml.txt` |\r
+| | | |\r
++--------------------------------------------------------------------------------------------------------------------------------------+-------------------+------------------------------------------------------+\r
+| | | |\r
+| **Name-Value file** (aka param\_Configure) contains name-value pairs for parameters associated with a template. | JSON | :download:`param_Configure_vABC_0.0.1V.txt` |\r
+| | | |\r
++--------------------------------------------------------------------------------------------------------------------------------------+-------------------+------------------------------------------------------+\r
+| | | |\r
+| **Key data file** – contains external system data to populate a PD configure file. | TXT | <TO DO: Need sample file> |\r
+| | | |\r
++--------------------------------------------------------------------------------------------------------------------------------------+-------------------+------------------------------------------------------+\r
+\r
+Note: Do not alter file names because APPC CDT requires a specific file naming format. Note that for yaml files, Sphinx is not able to handle correctly, so we had to add .txt to allow the download. Please remember to remove .txt from pd_Configure_vABC_0.0.1V.yaml.txt when you download it.\r
+\r
+.. |image0| image:: media/image0.png\r
+ :width: 7.88889in \r
+ :height: 4.43750in \r
+.. |image1| image:: media/image1.png\r
+ :width: 8.72292in\r
+ :height: 4.51788in\r
+.. |image2| image:: media/image2.png\r
+ :width: 8.75000in\r
+ :height: 4.58908in\r
+.. |image3| image:: media/image3.png\r
+ :width: 8.70833in\r
+ :height: 4.89844in\r
+.. |image4| image:: media/image4.png\r
+ :width: 7.46875in\r
+ :height: 4.19310in\r
+.. |image5| image:: media/image5.png\r
+ :width: 7.23958in\r
+ :height: 3.87172in\r
+.. |image6| image:: media/image6.png\r
+ :width: 7.58491in\r
+ :height: 4.26651in\r
+.. |image7| image:: media/image7.png\r
+ :width: 9.43750in\r
+ :height: 5.30859in\r
+.. |image8| image:: media/image8.png\r
+ :width: 7.86980in\r
+ :height: 4.72917in\r
+.. |image9| image:: media/image9.png\r
+ :width: 7.56250in\r
+ :height: 4.54450in\r
+.. |image10| image:: media/image10.png\r
+ :width: 9.01042in\r
+ :height: 5.06836in\r
+.. |image11| image:: media/image11.png\r
+ :width: 9.44792in\r
+ :height: 5.31445in\r
+.. |image12| image:: media/image12.png\r
+ :width: 9.48958in\r
+ :height: 5.33789in\r
+.. |image13| image:: media/image13.png\r
+ :width: 9.48125in\r
+ :height: 5.33320in\r
+.. |image14| image:: media/image14.png\r
+ :width: 9.25926in\r
+ :height: 5.20833in\r
+.. |image15| image:: media/image15.png\r
+ :width: 9.05556in\r
+ :height: 5.09375in\r
+.. |image16| image:: media/image16.png\r
+ :width: 5.79167in\r
+ :height: 3.74135in\r
+.. |imageA| image:: media/imageA.png\r
+ :width: 5.79167in\r
+ :height: 3.74135in \r
+.. |image17| image:: media/image17.png\r
+ :width: 6.13542in\r
+ :height: 4.97745in\r
+.. |image18| image:: media/image18.png\r
+ :width: 9.00000in\r
+ :height: 5.27639in\r
+.. |image19| image:: media/image19.png\r
+ :width: 5.43423in\r
+ :height: 1.83333in\r
+.. |image20| image:: media/image20.png\r
+ :width: 5.44473in\r
+ :height: 1.93750in\r
+.. |image21| image:: media/image21.png\r
+ :width: 5.32292in\r
+ :height: 1.92771in\r
+.. |image22| image:: media/image22.png\r
+ :width: 5.31153in\r
+ :height: 1.83333in\r
+.. |image23| image:: media/image23.png\r
+ :width: 7.54167in\r
+ :height: 4.24219in\r
+.. |image24| image:: media/image24.png\r
+ :width: 7.48148in\r
+ :height: 4.20833in\r
+.. |image26| image:: media/image26.png\r
+ :width: 6.87789in\r
+ :height: 3.78125in\r
+.. |image27| image:: media/image27.png\r
+ :width: 7.97170in\r
+ :height: 4.48408in\r
+.. |image28| image:: media/image28.png\r
+ :width: 8.56604in\r
+ :height: 4.81840in\r
+.. |image29| image:: media/image29.png\r
+ :width: 9.00943in\r
+ :height: 5.06781in\r
+.. |image30| image:: media/image30.png\r
+ :width: 8.07407in\r
+ :height: 4.54167in\r
+.. |image31| image:: media/image31.png\r
+ :width: 9.00000in\r
+ :height: 5.18958in\r
+.. |image32| image:: media/image32.png\r
+ :width: 9.00000in\r
+ :height: 5.18958in\r
+\r
--- /dev/null
+{\r
+ "BUrouterIP": "135.69.228.1",\r
+ "DestinationSubnet": "0.0.0.0/0"\r
+}
\ No newline at end of file
--- /dev/null
+---\r
+kind: "Property Definition"\r
+version: V1\r
+vnf-parameter-list:\r
+- name: nodename\r
+ type: null\r
+ description: null\r
+ required: null\r
+ default: null\r
+ source: Manual\r
+ rule-type: null\r
+ request-keys: null\r
+ response-keys: null\r
+- name: BUrouterIP\r
+ type: null\r
+ description: null\r
+ required: null\r
+ default: null\r
+ source: Manual\r
+ rule-type: null\r
+ request-keys: null\r
+ response-keys: null\r
+- name: DestinationSubnet\r
+ type: null\r
+ description: null\r
+ required: null\r
+ default: null\r
+ source: Manual\r
+ rule-type: null\r
+ request-keys: null\r
+ response-keys: null\r
--- /dev/null
+{\r
+ "reference_data": [\r
+ {\r
+ "action": "Configure",\r
+ "action-level": "vnf",\r
+ "scope": {\r
+ "vnf-type": "vPQR",\r
+ "vnfc-type": ""\r
+ },\r
+ "template": "Y",\r
+ "vm": [\r
+ {\r
+ "vm-instance": 1,\r
+ "vnfc": [\r
+ {\r
+ "vnfc-instance": "1",\r
+ "vnfc-function-code": "ppp",\r
+ "ipaddress-v4-oam-vip": "Y",\r
+ "group-notation-type": "first-vnfc-name",\r
+ "group-notation-value": "pair",\r
+ "vnfc-type": "vPPP"\r
+ }\r
+ ]\r
+ },\r
+ {\r
+ "vm-instance": 2,\r
+ "vnfc": [\r
+ {\r
+ "vnfc-instance": "1",\r
+ "vnfc-function-code": "ppp",\r
+ "ipaddress-v4-oam-vip": "Y",\r
+ "group-notation-type": "first-vnfc-name",\r
+ "group-notation-value": "pair",\r
+ "vnfc-type": "vPPP"\r
+ }\r
+ ]\r
+ },\r
+ {\r
+ "vm-instance": 3,\r
+ "vnfc": [\r
+ {\r
+ "vnfc-instance": "1",\r
+ "vnfc-function-code": "rrr",\r
+ "ipaddress-v4-oam-vip": "Y",\r
+ "group-notation-type": "first-vnfc-name",\r
+ "group-notation-value": "pair",\r
+ "vnfc-type": "vRRR"\r
+ }\r
+ ]\r
+ },\r
+ {\r
+ "vm-instance": 4,\r
+ "vnfc": [\r
+ {\r
+ "vnfc-instance": "1",\r
+ "vnfc-function-code": "rrr",\r
+ "ipaddress-v4-oam-vip": "Y",\r
+ "group-notation-type": "first-vnfc-name",\r
+ "group-notation-value": "pair",\r
+ "vnfc-type": "vRRR"\r
+ }\r
+ ]\r
+ }\r
+ ],\r
+ "protocol": "NETCONF-XML",\r
+ "user-name": "admin",\r
+ "port-number": "22",\r
+ "artifact-list": [\r
+ {\r
+ "artifact-name": "template_Configure_vPQR_0.0.1V.xml",\r
+ "artifact-type": "config_template"\r
+ },\r
+ {\r
+ "artifact-name": "pd_Configure_vPQR_0.0.1V.yaml",\r
+ "artifact-type": "parameter_definitions"\r
+ }\r
+ ],\r
+ "scopeType": "vnf-type",\r
+ "device-protocol": "NETCONF-XML"\r
+ },\r
+ {\r
+ "action": "AllAction",\r
+ "action-level": "vnf",\r
+ "scope": {\r
+ "vnf-type": "vPQR",\r
+ "vnfc-type": ""\r
+ },\r
+ "artifact-list": [\r
+ {\r
+ "artifact-name": "reference_AllAction_vPQR_0.0.1V.json",\r
+ "artifact-type": "reference_template"\r
+ }\r
+ ]\r
+ }\r
+ ]\r
+}
\ No newline at end of file
--- /dev/null
+<rpc-reply xmlns:junos="http://xml.juniper.net/junos/15.1X49/junos">\r
+ <configuration junos:changed-seconds="1478714723" junos:changed-localtime="2016-11-09 18:05:23 UTC">\r
+ <version>15.1X49-D50.3</version>\r
+ <groups>\r
+ <name>node0</name>\r
+ <system>\r
+ <host-name>dbqx0001vm001</host-name>\r
+ <backup-router>\r
+ <address>135.69.228.1</address>\r
+ <destination>0.0.0.0/0</destination>\r
+ </backup-router>\r
+ <services>\r
+ <ssh>\r
+ <max-sessions-per-connection>32</max-sessions-per-connection>\r
+ </ssh>\r
+ </services>\r
+ <syslog>\r
+ <file>\r
+ <name>default-log-messages</name>\r
+ <contents>\r
+ <name>any</name>\r
+ <info/>\r
+ </contents>\r
+ <match>(requested 'commit' operation)|(copying configuration to juniper.save)|(commit complete)|ifAdminStatus|(FRU power)|(FRU removal)|(FRU insertion)|(link UP)|transitioned|Transferred|transfer-file|(license add)|(license delete)|(package -X update)|(package -X delete)|(FRU Online)|(FRU Offline)|(plugged in)|(unplugged)|GRES</match>\r
+ <structured-data>\r
+ </structured-data>\r
+ </file>\r
+ </syslog>\r
+ </system>\r
+ <interfaces>\r
+ <interface>\r
+ <name>fxp0</name>\r
+ <unit>\r
+ <name>0</name>\r
+ <family>\r
+ <inet>\r
+ <address>\r
+ <name>135.69.228.8/25</name>\r
+ </address>\r
+ </inet>\r
+ </family>\r
+ </unit>\r
+ </interface>\r
+ </interfaces>\r
+ </groups>\r
+ <groups>\r
+ <name>node1</name>\r
+ <system>\r
+ <host-name>dbqx0001vm002</host-name>\r
+ <backup-router>\r
+ <address>135.69.228.1</address>\r
+ <destination>0.0.0.0/0</destination>\r
+ </backup-router>\r
+ <services>\r
+ <ssh>\r
+ <max-sessions-per-connection>32</max-sessions-per-connection>\r
+ </ssh>\r
+ </services>\r
+ <syslog>\r
+ <file>\r
+ <name>default-log-messages</name>\r
+ <contents>\r
+ <name>any</name>\r
+ <info/>\r
+ </contents>\r
+ <match>(requested 'commit' operation)|(copying configuration to juniper.save)|(commit complete)|ifAdminStatus|(FRU power)|(FRU removal)|(FRU insertion)|(link UP)|transitioned|Transferred|transfer-file|(license add)|(license delete)|(package -X update)|(package -X delete)|(FRU Online)|(FRU Offline)|(plugged in)|(unplugged)|GRES</match>\r
+ <structured-data>\r
+ </structured-data>\r
+ </file>\r
+ </syslog>\r
+ </system>\r
+ <interfaces>\r
+ <interface>\r
+ <name>fxp0</name>\r
+ <unit>\r
+ <name>0</name>\r
+ <family>\r
+ <inet>\r
+ <address>\r
+ <name>135.69.228.9/25</name>\r
+ </address>\r
+ </inet>\r
+ </family>\r
+ </unit>\r
+ </interface>\r
+ </interfaces>\r
+ </groups>\r
+ <apply-groups>groupname</apply-groups>\r
+ <system>\r
+ <root-authentication>\r
+ <encrypted-password>$5$rKyWGmrv$sMeym/XUklUeJX2hKpcp5TzCG5R8jcmJ2901HcNGSeB</encrypted-password>\r
+ </root-authentication>\r
+ <name-server>\r
+ <name>135.188.34.84</name>\r
+ </name-server>\r
+ <login>\r
+ <message>\n\t\tWARNING NOTICE\n\tThis system is restricted solely to AT&T authorized users for\n\tlegitimate business purposes only.The actual or attempted\n\tunauthorized access, use, or modification of this system is\n\tstrictly prohibited by AT&T. Unauthorized users are subject to\n\tCompany disciplinary proceedings and/or criminal and civil\n\tpenalties under state, federal, or other applicable domestic and\n\tforeign laws. The use of this system may be monitored and\n\trecorded for administrative and security reasons. Anyone\n\taccessing this system expressly consents to such monitoring and\n\t is advised that if monitoring reveals possible evidence of\n\tcriminal activity, AT&T may provide the evidence of such\n\tactivity to law enforcement officials. All users must comply\n\twith AT&T company policies regarding the protection of AT&T\n\tinformation assets.\n\n</message>\r
+ </login>\r
+ <services>\r
+ <ssh>\r
+ <protocol-version>v2</protocol-version>\r
+ </ssh>\r
+ <netconf>\r
+ <ssh>\r
+ </ssh>\r
+ </netconf>\r
+ </services>\r
+ <syslog>\r
+ <user>\r
+ <name>*</name>\r
+ <contents>\r
+ <name>any</name>\r
+ <emergency/>\r
+ </contents>\r
+ </user>\r
+ <host>\r
+ <name>135.144.0.62</name>\r
+ <contents>\r
+ <name>any</name>\r
+ <any/>\r
+ </contents>\r
+ <structured-data>\r
+ </structured-data>\r
+ </host>\r
+ <file>\r
+ <name>messages</name>\r
+ <contents>\r
+ <name>any</name>\r
+ <any/>\r
+ </contents>\r
+ <contents>\r
+ <name>authorization</name>\r
+ <info/>\r
+ </contents>\r
+ </file>\r
+ <file>\r
+ <name>interactive-commands</name>\r
+ <contents>\r
+ <name>interactive-commands</name>\r
+ <any/>\r
+ </contents>\r
+ </file>\r
+ <file>\r
+ <name>session_log</name>\r
+ <contents>\r
+ <name>any</name>\r
+ <info/>\r
+ </contents>\r
+ <structured-data>\r
+ </structured-data>\r
+ </file>\r
+ <file>\r
+ <name>policy_session</name>\r
+ <match>RT_FLOW</match>\r
+ </file>\r
+ </syslog>\r
+ <license>\r
+ <autoupdate>\r
+ <url>\r
+ <name>https://ae1.juniper.net/junos/key_retrieval</name>\r
+ </url>\r
+ </autoupdate>\r
+ </license>\r
+ <ntp>\r
+ <server>\r
+ <name>192.20.201.162</name>\r
+ </server>\r
+ </ntp>\r
+ </system>\r
+ <chassis>\r
+ <cluster>\r
+ <control-link-recovery/>\r
+ <reth-count>2</reth-count>\r
+ <heartbeat-interval>1000</heartbeat-interval>\r
+ <heartbeat-threshold>3</heartbeat-threshold>\r
+ <redundancy-group>\r
+ <name>0</name>\r
+ <node>\r
+ <name>0</name>\r
+ <priority>100</priority>\r
+ </node>\r
+ <node>\r
+ <name>1</name>\r
+ <priority>1</priority>\r
+ </node>\r
+ </redundancy-group>\r
+ <redundancy-group>\r
+ <name>1</name>\r
+ <node>\r
+ <name>0</name>\r
+ <priority>100</priority>\r
+ </node>\r
+ <node>\r
+ <name>1</name>\r
+ <priority>1</priority>\r
+ </node>\r
+ <interface-monitor>\r
+ <name>ge-0/0/1</name>\r
+ <weight>255</weight>\r
+ </interface-monitor>\r
+ <interface-monitor>\r
+ <name>ge-7/0/1</name>\r
+ <weight>255</weight>\r
+ </interface-monitor>\r
+ <interface-monitor>\r
+ <name>ge-0/0/2</name>\r
+ <weight>255</weight>\r
+ </interface-monitor>\r
+ <interface-monitor>\r
+ <name>ge-7/0/2</name>\r
+ <weight>255</weight>\r
+ </interface-monitor>\r
+ <ip-monitoring>\r
+ <global-weight>255</global-weight>\r
+ <retry-interval>1</retry-interval>\r
+ <retry-count>5</retry-count>\r
+ <family>\r
+ <inet>\r
+ <address>\r
+ <name>10.68.16.1</name>\r
+ <weight>255</weight>\r
+ <interface>\r
+ <logical-interface-name>reth1.0</logical-interface-name>\r
+ <secondary-ip-address>10.68.16.17</secondary-ip-address>\r
+ </interface>\r
+ </address>\r
+ <address>\r
+ <name>12.102.197.129</name>\r
+ <weight>255</weight>\r
+ <interface>\r
+ <logical-interface-name>reth0.0</logical-interface-name>\r
+ <secondary-ip-address>12.102.197.135</secondary-ip-address>\r
+ </interface>\r
+ </address>\r
+ </inet>\r
+ </family>\r
+ </ip-monitoring>\r
+ </redundancy-group>\r
+ </cluster>\r
+ </chassis>\r
+ <services>\r
+ <application-identification>\r
+ </application-identification>\r
+ </services>\r
+ <security>\r
+ <idp>\r
+ <idp-policy>\r
+ <name>Space-IPS-Policy</name>\r
+ <rulebase-ips>\r
+ <rule>\r
+ <name>DBE-Q-IPS-policy-template-1</name>\r
+ <match>\r
+ <from-zone>any</from-zone>\r
+ <to-zone>any</to-zone>\r
+ <application>default</application>\r
+ <attacks>\r
+ <predefined-attacks>APP:ADOBE-COLDFUSION-WEBSOCKET</predefined-attacks>\r
+ <predefined-attacks>APP:ADOBE-FLASH-RTMP-RCE</predefined-attacks>\r
+ <predefined-attacks>APP:AMANDA:AMANDA-ROOT-OF2</predefined-attacks>\r
+ <predefined-attacks>APP:APPLE-MACOSX-ODP-RCE</predefined-attacks>\r
+ <predefined-attacks>APP:ASUS-WRT-INFOSVR-COMND-EXEC</predefined-attacks>\r
+ <predefined-attacks>APP:CA:ARCSRV:BCK-MESSAGE</predefined-attacks>\r
+ <predefined-attacks>APP:CA:ARCSRV:BCKUP-AUTHSRV-DOS</predefined-attacks>\r
+ <predefined-attacks>APP:CA:ARCSRV:METHD-EXPOSURE</predefined-attacks>\r
+ <predefined-attacks>APP:CA:ARCSRV:RPC-MEMRCORRUPT</predefined-attacks>\r
+ <predefined-attacks>APP:CA:ARCSRV:SQLOF-1</predefined-attacks>\r
+ <predefined-attacks>APP:CA:ARCSRV:TAPE-ENGNE-DOS</predefined-attacks>\r
+ <predefined-attacks>APP:CA:DBA-SVR-POINT</predefined-attacks>\r
+ <predefined-attacks>APP:CA:RPC-MSG-BO</predefined-attacks>\r
+ <predefined-attacks>APP:CISCO:ASA-IKE-BO</predefined-attacks>\r
+ <predefined-attacks>APP:CISCO:CISCO-EPNM-DESERIAL-1</predefined-attacks>\r
+ <predefined-attacks>APP:CISCO:VIDEO-SURVEILANCE-XSS</predefined-attacks>\r
+ <predefined-attacks>APP:CITRIX:PROVISIONING-OPCODE</predefined-attacks>\r
+ <predefined-attacks>APP:CITRIX:STREAMPROCESS-BOF</predefined-attacks>\r
+ <predefined-attacks>APP:DIGIUM-ASTERISK-OF</predefined-attacks>\r
+ <predefined-attacks>APP:EMC-ALPHASTOR-BOF</predefined-attacks>\r
+ <predefined-attacks>APP:EMC-ALPHASTORE-CMDEXEC</predefined-attacks>\r
+ <predefined-attacks>APP:EMC-APLHASTORE-FMTSTR</predefined-attacks>\r
+ <predefined-attacks>APP:EMC-NETWORKER-NSRD-BO</predefined-attacks>\r
+ <predefined-attacks>APP:EMC-NETWORKER-NSRINDEXD-OF</predefined-attacks>\r
+ <predefined-attacks>APP:EMC-NSRINDEXD-BO</predefined-attacks>\r
+ <predefined-attacks>APP:EMC-REPLICATION-MGR-CMD-EXE</predefined-attacks>\r
+ <predefined-attacks>APP:ESIGNAL:OVERFLOW-EXPLOIT</predefined-attacks>\r
+ <predefined-attacks>APP:FLEXERA-FLEXNET-BO</predefined-attacks>\r
+ <predefined-attacks>APP:FREEBSD-BSPATCH-RCE</predefined-attacks>\r
+ <predefined-attacks>APP:HP-DATA-PROTECTOR-OP-DOS</predefined-attacks>\r
+ <predefined-attacks>APP:HP-DATA-PRTCTR-EXEC-BAR-CE</predefined-attacks>\r
+ <predefined-attacks>APP:HP-DATA-PRTCTR-OP-27</predefined-attacks>\r
+ <predefined-attacks>APP:HP-DATA-PRTCTR-OP211-264</predefined-attacks>\r
+ <predefined-attacks>APP:HP-DATA-PRTCTR-OP215-263</predefined-attacks>\r
+ <predefined-attacks>APP:HP-DATA-PRTCTR-OP227-BO</predefined-attacks>\r
+ <predefined-attacks>APP:HP-DATA-PRTCTR-OP234-BO</predefined-attacks>\r
+ <predefined-attacks>APP:HP-DATA-PRTCTR-OP235-BO</predefined-attacks>\r
+ <predefined-attacks>APP:HP-DATA-PRTCTR-OP259-BO</predefined-attacks>\r
+ <predefined-attacks>APP:HP-DATA-PRTCTR-OP260-BO</predefined-attacks>\r
+ <predefined-attacks>APP:HP-DATA-PRTCTR-OP28-11</predefined-attacks>\r
+ <predefined-attacks>APP:HP-DATA-PRTCTR-OPCODE</predefined-attacks>\r
+ <predefined-attacks>APP:HP-DATA-PRTCTR-OPCODES</predefined-attacks>\r
+ <predefined-attacks>APP:HP-DATA-PRTCTR-RDS-DOS</predefined-attacks>\r
+ <predefined-attacks>APP:HP-LEFTHAND-HYDRA-DIAG-OF</predefined-attacks>\r
+ <predefined-attacks>APP:HP-LEFTHAND-HYDRA-PING-OF</predefined-attacks>\r
+ <predefined-attacks>APP:HP-LOADRUNNER-BO</predefined-attacks>\r
+ <predefined-attacks>APP:HP-LOADRUNNER-RCE</predefined-attacks>\r
+ <predefined-attacks>APP:HP-LOADRUNNER-SSL</predefined-attacks>\r
+ <predefined-attacks>APP:HP-LOGIN-BOF</predefined-attacks>\r
+ <predefined-attacks>APP:HP-MGMT-UAM-BO</predefined-attacks>\r
+ <predefined-attacks>APP:HP-NNM-HLEN-BOF</predefined-attacks>\r
+ <predefined-attacks>APP:HP-OPENVIEW-DTPRTCTR-BO</predefined-attacks>\r
+ <predefined-attacks>APP:HP-OPNVIEWSTORAGE-BOF</predefined-attacks>\r
+ <predefined-attacks>APP:HP-OPNVW-STORAGE-DATA-BO</predefined-attacks>\r
+ <predefined-attacks>APP:HP-PROCURVE-BYPASS</predefined-attacks>\r
+ <predefined-attacks>APP:HP-PROTECTOR-DIR-TRAV</predefined-attacks>\r
+ <predefined-attacks>APP:HP-SAN-IQ-CMD-INJ</predefined-attacks>\r
+ <predefined-attacks>APP:HP-STORAGEWORKS-OPC22-BO</predefined-attacks>\r
+ <predefined-attacks>APP:HP-SYS-IPRANGE-OF</predefined-attacks>\r
+ <predefined-attacks>APP:HP-SYS-RCE</predefined-attacks>\r
+ <predefined-attacks>APP:HP-VIRTUAL-SAN</predefined-attacks>\r
+ <predefined-attacks>APP:HPE-NA-RMI-DESER</predefined-attacks>\r
+ <predefined-attacks>APP:HPIM-SOM-EUACCNT-BYPASS</predefined-attacks>\r
+ <predefined-attacks>APP:HPLOADRUNNER-XDR-BO</predefined-attacks>\r
+ <predefined-attacks>APP:HPOV:CMD-INJ</predefined-attacks>\r
+ <predefined-attacks>APP:IBM:DOMINO-BYPASS</predefined-attacks>\r
+ <predefined-attacks>APP:IBM:DOMINO-BYPASS-1</predefined-attacks>\r
+ <predefined-attacks>APP:IBM:FORMVIEWER-XFDL-BOF</predefined-attacks>\r
+ <predefined-attacks>APP:IBM:FXCLI-EXECBO</predefined-attacks>\r
+ <predefined-attacks>APP:IBM:LDAP-MODIFYREQUEST-BO</predefined-attacks>\r
+ <predefined-attacks>APP:IBM:OPCODE-1330-CMD-INJ</predefined-attacks>\r
+ <predefined-attacks>APP:IBM:TIV-OP1329-BOF</predefined-attacks>\r
+ <predefined-attacks>APP:IBM:TIV-OP1331-CMDINJ</predefined-attacks>\r
+ <predefined-attacks>APP:IBM:TIV-OP1339-CMDINJ</predefined-attacks>\r
+ <predefined-attacks>APP:IBM:TIVOLI-FASTBACK-OP-BO</predefined-attacks>\r
+ <predefined-attacks>APP:IBM:TIVOLI-OP4115-BO</predefined-attacks>\r
+ <predefined-attacks>APP:IBM:TIVOLI-SRV-OP1301</predefined-attacks>\r
+ <predefined-attacks>APP:IBM:TIVOLI-SRV-OP1335</predefined-attacks>\r
+ <predefined-attacks>APP:IBM:TSM-CVE-2015-0119-BO</predefined-attacks>\r
+ <predefined-attacks>APP:IPMI-CIPHER-ZERO</predefined-attacks>\r
+ <predefined-attacks>APP:KERBEROS:BLDPRINCIPAL-VA1</predefined-attacks>\r
+ <predefined-attacks>APP:KERBEROS:BLDPRINCIPAL-VA2</predefined-attacks>\r
+ <predefined-attacks>APP:KERBEROS:CHKSUM-PRIV-ESC</predefined-attacks>\r
+ <predefined-attacks>APP:KERBEROS:INV-TOKEN-DOS-TCP</predefined-attacks>\r
+ <predefined-attacks>APP:KERBEROS:INV-TOKEN-DOS-UDP</predefined-attacks>\r
+ <predefined-attacks>APP:KERBEROS:KRB5-DOS</predefined-attacks>\r
+ <predefined-attacks>APP:KERBEROS:MULTI-REALM-DOS</predefined-attacks>\r
+ <predefined-attacks>APP:KERBEROS:SPNEGO-5-DOS</predefined-attacks>\r
+ <predefined-attacks>APP:KERBEROS:WIN-KERB-FALLBACK</predefined-attacks>\r
+ <predefined-attacks>APP:KERBEROS:XREALM-KDC-DOS</predefined-attacks>\r
+ <predefined-attacks>APP:MCAFEE-AM-INPUT-SSL</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:ACTMQ-SHUTDN-CMD</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:ADOBE-RTMP-UAF</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:ALIENVALT-BAKUP-COM-RE</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:APACHE-QPID-SEQSET-DOS</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:APACHE-SVN-IO</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:ARCSERVE-BKUP</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:BIGANT-DDNF-BO</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:CLEARSCADA-OPF-PARSE</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:CVE-2014-0549-RTMP-MC</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:DIASOFT-EXECCMD-CE</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:ENTERASYS-NETSIGHT-BOF</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:EZHOMETECH-EZSERVER-BO</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:FREEBSD-MBUF-DOS</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:GITORIOUS-RCE</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:HP-INODE-BO</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:HP-OA-HEALTH-BO</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:NAGIOS-NRPE-CE</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:OBJ-BO</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:OBJ-OBJDB-BO</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:SAM-ACTQ-MULTI</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:SCHNEIDER-INDUSOFT-RCE</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:SERCOMM-DEVICE-RCE</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:SPREE-SEARCH-CMD-EXE</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:WSHARK-ENTTEC-BO</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:XEROX-MFP-COMND-EXEC</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:ZABBIC-NODE-PROCESS-CE</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:ZEND-SERVER-CE</predefined-attacks>\r
+ <predefined-attacks>APP:MIT-KERBEROS-5-POLICY-DOS</predefined-attacks>\r
+ <predefined-attacks>APP:MS-SNABASE-EXE-DOS</predefined-attacks>\r
+ <predefined-attacks>APP:MSDOTNET-CVE-2014-1806</predefined-attacks>\r
+ <predefined-attacks>APP:NOVELL:MESSENGER-BOF</predefined-attacks>\r
+ <predefined-attacks>APP:NOVELL:MESSENGER-LOGIN</predefined-attacks>\r
+ <predefined-attacks>APP:NOVELL:ZENWORKS-DIR-TRAV</predefined-attacks>\r
+ <predefined-attacks>APP:NOVELL:ZENWORKS-MGT-UPLOAD</predefined-attacks>\r
+ <predefined-attacks>APP:OPENVIEW-STORAGE-BO</predefined-attacks>\r
+ <predefined-attacks>APP:ORACLE:WEBLOGIC-FILE-UPLOAD</predefined-attacks>\r
+ <predefined-attacks>APP:ORACLE:WEBLOGIC-SRV-RCE</predefined-attacks>\r
+ <predefined-attacks>APP:PERSISTENT-COMMAND-EXEC</predefined-attacks>\r
+ <predefined-attacks>APP:PROXY:SQUID-SSLBUMP-CERT</predefined-attacks>\r
+ <predefined-attacks>APP:QEMU-VNC-SETPIXEL-PTR-DEREF</predefined-attacks>\r
+ <predefined-attacks>APP:QUEST-BIG-BRO-FD</predefined-attacks>\r
+ <predefined-attacks>APP:RDP-BRUTE-FORCE</predefined-attacks>\r
+ <predefined-attacks>APP:REAL:REAL-MPG-WIDTH</predefined-attacks>\r
+ <predefined-attacks>APP:REDIS-GETNUM-IO</predefined-attacks>\r
+ <predefined-attacks>APP:REMOTE:CVE-2015-2373-RCE</predefined-attacks>\r
+ <predefined-attacks>APP:REMOTE:NETTRANSPORT-DM</predefined-attacks>\r
+ <predefined-attacks>APP:REMOTE:RDP-HEAP-BO</predefined-attacks>\r
+ <predefined-attacks>APP:REMOTE:RDP-MEM-OBJ</predefined-attacks>\r
+ <predefined-attacks>APP:SAFENET-VPN-OF</predefined-attacks>\r
+ <predefined-attacks>APP:SAP:3DM-FILE-BOF</predefined-attacks>\r
+ <predefined-attacks>APP:SAP:3DVIS-FLIC-BO</predefined-attacks>\r
+ <predefined-attacks>APP:SAP:INT-GRAPHICS-PARAMS-XSS</predefined-attacks>\r
+ <predefined-attacks>APP:SAP:NETWEAVER-BO</predefined-attacks>\r
+ <predefined-attacks>APP:SAP:NETWEAVER-DIAGI-DOS</predefined-attacks>\r
+ <predefined-attacks>APP:SAP:NETWEAVER-DOS</predefined-attacks>\r
+ <predefined-attacks>APP:SAP:NETWEAVER-SOAP-RCE</predefined-attacks>\r
+ <predefined-attacks>APP:SNORT:BACKORIFICE-DOS</predefined-attacks>\r
+ <predefined-attacks>APP:SQUID-BUMP-DOS</predefined-attacks>\r
+ <predefined-attacks>APP:SYMC:ALTIRIS-DS-SQL-INJ</predefined-attacks>\r
+ <predefined-attacks>APP:SYMC:ENCRYPTED-CMD-EXEC</predefined-attacks>\r
+ <predefined-attacks>APP:TMIC:SP-CREATE-BIND-OF</predefined-attacks>\r
+ <predefined-attacks>APP:TMIC:SP-EARTH-AGENT-OF</predefined-attacks>\r
+ <predefined-attacks>APP:UPNP:LIBUPNP-DSN-BOF</predefined-attacks>\r
+ <predefined-attacks>APP:UPNP:LIBUPNP-ROOT-DSN-BOF</predefined-attacks>\r
+ <predefined-attacks>APP:UPNP:LIBUPNP-UUID-BOF</predefined-attacks>\r
+ <predefined-attacks>APP:VCENTER-JMX-RCE</predefined-attacks>\r
+ <predefined-attacks>APP:VCENTER-JMX-RCE2</predefined-attacks>\r
+ <predefined-attacks>APP:VINZANT-ARCHTCTR-AUTHWKNESS</predefined-attacks>\r
+ <predefined-attacks>CHAT:IRC:BOTNET:RA1NX-BOT-CE</predefined-attacks>\r
+ <predefined-attacks>CHAT:IRC:BOTNET:W3TW0RK-RCE</predefined-attacks>\r
+ <predefined-attacks>DB:IBM-SOLIDBD-WHERE-DOS</predefined-attacks>\r
+ <predefined-attacks>DB:IBM-SOLIDDB-ROWNUM</predefined-attacks>\r
+ <predefined-attacks>DB:MONGODB-NATIVEHELPER-RCE</predefined-attacks>\r
+ <predefined-attacks>DB:MYSQL:BENCHMARK-DOS</predefined-attacks>\r
+ <predefined-attacks>DB:MYSQL:BRUTE-FORCE</predefined-attacks>\r
+ <predefined-attacks>DB:MYSQL:CLIENT-BOF</predefined-attacks>\r
+ <predefined-attacks>DB:MYSQL:GRANT-FILE-BO</predefined-attacks>\r
+ <predefined-attacks>DB:MYSQL:ORACLE-XPATH-DOS</predefined-attacks>\r
+ <predefined-attacks>DB:MYSQL:ROOT-PRIVILEGE</predefined-attacks>\r
+ <predefined-attacks>DB:MYSQL:UPDATEXML-DOS</predefined-attacks>\r
+ <predefined-attacks>DB:MYSQL:USER-ENUMERATION</predefined-attacks>\r
+ <predefined-attacks>DB:MYSQL:WIN-RCE</predefined-attacks>\r
+ <predefined-attacks>DB:MYSQL:WINDOWS-REMOTE-ROOT</predefined-attacks>\r
+ <predefined-attacks>DB:ORACLE:DBMS:OUTPUT-TO-JAVA</predefined-attacks>\r
+ <predefined-attacks>DB:ORACLE:DECLARE-EXEC</predefined-attacks>\r
+ <predefined-attacks>DB:ORACLE:EVTDUMP</predefined-attacks>\r
+ <predefined-attacks>DB:ORACLE:SYS:LPXFSMSAX-NAME-BO</predefined-attacks>\r
+ <predefined-attacks>DB:POSTGRESQL:DBNAME-CLIFLAGINJ</predefined-attacks>\r
+ <predefined-attacks>DB:POSTGRESQL:GEO-OPS-PATH-IN</predefined-attacks>\r
+ <predefined-attacks>DB:POSTGRESQL:POSTGRE-DBSEC-BP</predefined-attacks>\r
+ <predefined-attacks>DDOS:LOIC-WEB</predefined-attacks>\r
+ <predefined-attacks>DHCP:SERVER:GNU-BASH-CMD-EXE</predefined-attacks>\r
+ <predefined-attacks>DHCP:SERVER:ISC-MAL-CLID</predefined-attacks>\r
+ <predefined-attacks>DNS:AUDIT:UNASSIGNED-OPCODE</predefined-attacks>\r
+ <predefined-attacks>DNS:AUDIT:Z-RESERVED-OPT</predefined-attacks>\r
+ <predefined-attacks>DNS:BIND-DBC-ASSERT-DOS</predefined-attacks>\r
+ <predefined-attacks>DNS:EXPLOIT:BIND-KEYPARSE-DOS</predefined-attacks>\r
+ <predefined-attacks>DNS:EXPLOIT:CLIBCVE-2015-7547BO</predefined-attacks>\r
+ <predefined-attacks>DNS:EXPLOIT:LIBCVE-2015-7547BO2</predefined-attacks>\r
+ <predefined-attacks>DNS:GNUTLS-DANE-BOF</predefined-attacks>\r
+ <predefined-attacks>DNS:ISC-ASSERTION-DOS</predefined-attacks>\r
+ <predefined-attacks>DNS:ISC-BIND-DNSSEC-DOS</predefined-attacks>\r
+ <predefined-attacks>DNS:ISC-BIND-DOS</predefined-attacks>\r
+ <predefined-attacks>DNS:ISC-BIND-EDNS-OPT-DOS</predefined-attacks>\r
+ <predefined-attacks>DNS:ISC-BIND-PACKAGE-DOS</predefined-attacks>\r
+ <predefined-attacks>DNS:MS-ISA-CE</predefined-attacks>\r
+ <predefined-attacks>DNS:NGINX-RESOLVER-DOS</predefined-attacks>\r
+ <predefined-attacks>DNS:OVERFLOW:GNU-C-GLIBC</predefined-attacks>\r
+ <predefined-attacks>DNS:OVERFLOW:TFTPD32</predefined-attacks>\r
+ <predefined-attacks>DNS:PDNS-AUTHSERV-DOS</predefined-attacks>\r
+ <predefined-attacks>DNS:POWERDNS-NAMESRVR-UDP-DOS</predefined-attacks>\r
+ <predefined-attacks>DNS:POWERDNS-NAMSRVR-TCP-DOS</predefined-attacks>\r
+ <predefined-attacks>DNS:REPERR:NULL-RDATA-LEN</predefined-attacks>\r
+ <predefined-attacks>DNS:RRSIG-QUERY</predefined-attacks>\r
+ <predefined-attacks>DNS:SQUID-DNS-DOS-1</predefined-attacks>\r
+ <predefined-attacks>DNS:TUNNEL:I2P-DNS-QUERY</predefined-attacks>\r
+ <predefined-attacks>DNS:TUNNEL:NULL-RECORD</predefined-attacks>\r
+ <predefined-attacks>DNS:WORDPRESS-SOAK-SOAK-MALWARE</predefined-attacks>\r
+ <predefined-attacks>DOS:DELL-NETVAULT-DOS</predefined-attacks>\r
+ <predefined-attacks>DOS:FREEBSD-ROUTED-DAEMON</predefined-attacks>\r
+ <predefined-attacks>DOS:SLOWHTTPTEST-TOOL</predefined-attacks>\r
+ <predefined-attacks>DOS:WINDOWS:HTTP-SYS</predefined-attacks>\r
+ <predefined-attacks>DOS:WINDOWS:ISCSI-TARGET</predefined-attacks>\r
+ <predefined-attacks>HTTP:ADOBE-FLASH-PLAYER-BO</predefined-attacks>\r
+ <predefined-attacks>HTTP:ADOBE-FLASHPLYR-PRIV-ESC</predefined-attacks>\r
+ <predefined-attacks>HTTP:ANGLER-EXPKIT-URI</predefined-attacks>\r
+ <predefined-attacks>HTTP:APACHE:APACHE-CHUNKREQ-DOS</predefined-attacks>\r
+ <predefined-attacks>HTTP:APACHE:APR-UTIL-LIB-DOS</predefined-attacks>\r
+ <predefined-attacks>HTTP:APACHE:COUCHDB-UUID-DOS</predefined-attacks>\r
+ <predefined-attacks>HTTP:APACHE:HTTPD-ERROR-400</predefined-attacks>\r
+ <predefined-attacks>HTTP:APACHE:HTTPD-MODLOG-COOKIE</predefined-attacks>\r
+ <predefined-attacks>HTTP:APACHE:MOD-LOG-CONFIG-DOS</predefined-attacks>\r
+ <predefined-attacks>HTTP:APACHE:MOD-REWRITE-CMD-EXE</predefined-attacks>\r
+ <predefined-attacks>HTTP:APACHE:REST-RCE</predefined-attacks>\r
+ <predefined-attacks>HTTP:APACHE:REV-PROXY-EXPLOIT</predefined-attacks>\r
+ <predefined-attacks>HTTP:APACHE:STRUTS-CI-SECBYPASS</predefined-attacks>\r
+ <predefined-attacks>HTTP:APACHE:STRUTS-OGNL-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:APACHE:STRUTS-RST-DMI-EXEC</predefined-attacks>\r
+ <predefined-attacks>HTTP:APACHE:STRUTS-URL-DOS</predefined-attacks>\r
+ <predefined-attacks>HTTP:APACHE:STRUTS-XSLT-FI</predefined-attacks>\r
+ <predefined-attacks>HTTP:BACKDOOR-UPATRE-UA</predefined-attacks>\r
+ <predefined-attacks>HTTP:C99-SHELL-BACKDOOR</predefined-attacks>\r
+ <predefined-attacks>HTTP:CARBERP-BACKDOOR-RCE</predefined-attacks>\r
+ <predefined-attacks>HTTP:CGI:BASH-INJECTION-HEADER</predefined-attacks>\r
+ <predefined-attacks>HTTP:CGI:MS-OFFICE-URL-BOF</predefined-attacks>\r
+ <predefined-attacks>HTTP:CISCO:DOWNLOADSERVLET-FU</predefined-attacks>\r
+ <predefined-attacks>HTTP:CLAMAV-ENCRYPT-PDF-MC2</predefined-attacks>\r
+ <predefined-attacks>HTTP:CLANSPHERE-COOKIE-LFI</predefined-attacks>\r
+ <predefined-attacks>HTTP:DIR:HTTP-ACCEPT-ENCODING</predefined-attacks>\r
+ <predefined-attacks>HTTP:DIR:HTTP-ACCEPT-HDR</predefined-attacks>\r
+ <predefined-attacks>HTTP:DIR:HTTP-ACCEPT-LANG</predefined-attacks>\r
+ <predefined-attacks>HTTP:DIR:HTTP-AUTH-HDR</predefined-attacks>\r
+ <predefined-attacks>HTTP:DIR:HTTP-CONT-TYPE</predefined-attacks>\r
+ <predefined-attacks>HTTP:DIR:HTTP-CONTENT-MD5</predefined-attacks>\r
+ <predefined-attacks>HTTP:DIR:HTTP-HOST-HDR</predefined-attacks>\r
+ <predefined-attacks>HTTP:DIR:HTTP-REFERER-HDR</predefined-attacks>\r
+ <predefined-attacks>HTTP:DIR:ZIMBRA-SERVER-LDAP</predefined-attacks>\r
+ <predefined-attacks>HTTP:DLINK-AUTHENTICATION-BO</predefined-attacks>\r
+ <predefined-attacks>HTTP:DOS:APACHE-TOMCAT-CHUNKED2</predefined-attacks>\r
+ <predefined-attacks>HTTP:DOS:HAPROXY-REQDENY</predefined-attacks>\r
+ <predefined-attacks>HTTP:DOS:MIT-KERBEROS-5-POLICY</predefined-attacks>\r
+ <predefined-attacks>HTTP:DOS:PHP-UPLOAD</predefined-attacks>\r
+ <predefined-attacks>HTTP:DOS:SCHNEIDER-EXPRT-SCADA</predefined-attacks>\r
+ <predefined-attacks>HTTP:DOS:SQUID-HDR-RANGE</predefined-attacks>\r
+ <predefined-attacks>HTTP:DRUPAL-CODER-RCE</predefined-attacks>\r
+ <predefined-attacks>HTTP:EK-ANGLER-JAVA</predefined-attacks>\r
+ <predefined-attacks>HTTP:EXPLOIT:ILLEGAL-HOST-CHAR</predefined-attacks>\r
+ <predefined-attacks>HTTP:FORTINET-HELLO-MSG-DOS</predefined-attacks>\r
+ <predefined-attacks>HTTP:HTTP-INVALID-PORT-VALUE</predefined-attacks>\r
+ <predefined-attacks>HTTP:HTTP_PROXY-ATTACK</predefined-attacks>\r
+ <predefined-attacks>HTTP:IIS:ASP-NET-MVC-SEC-BYPASS</predefined-attacks>\r
+ <predefined-attacks>HTTP:IIS:ASPX-URL</predefined-attacks>\r
+ <predefined-attacks>HTTP:IIS:ASPX-URL-1</predefined-attacks>\r
+ <predefined-attacks>HTTP:IIS:ENCODING:SINGLE-DIG-1</predefined-attacks>\r
+ <predefined-attacks>HTTP:IIS:ENCODING:SINGLE-DIG-2</predefined-attacks>\r
+ <predefined-attacks>HTTP:IIS:IIS-6-7-AUTH-BYPASS</predefined-attacks>\r
+ <predefined-attacks>HTTP:IIS:INT-OVERFLOW-DOS</predefined-attacks>\r
+ <predefined-attacks>HTTP:IIS:WEB-CONFIG-INFO-LEAK</predefined-attacks>\r
+ <predefined-attacks>HTTP:IIS:WEBDAV:WINDOWS-SHELL</predefined-attacks>\r
+ <predefined-attacks>HTTP:INFO-LEAK:BOOT-INI</predefined-attacks>\r
+ <predefined-attacks>HTTP:INFO-LEAK:BOOT-INI-TCP</predefined-attacks>\r
+ <predefined-attacks>HTTP:INVALID:EXPECT</predefined-attacks>\r
+ <predefined-attacks>HTTP:JAVA-UPDATE-RCE</predefined-attacks>\r
+ <predefined-attacks>HTTP:JENKINS-CI-SERVER-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:LIBGD-GD2GETHEADER-IO</predefined-attacks>\r
+ <predefined-attacks>HTTP:LIBGD-HEAP-BO</predefined-attacks>\r
+ <predefined-attacks>HTTP:LIBREOFFICE-INTEGR-UNDRFLW</predefined-attacks>\r
+ <predefined-attacks>HTTP:MALICIOUS-SESSION-COOKIE</predefined-attacks>\r
+ <predefined-attacks>HTTP:MAMBO-MYSQL-INF-DISCLOSURE</predefined-attacks>\r
+ <predefined-attacks>HTTP:MANAGENGINE-EVTLG-INF-DISC</predefined-attacks>\r
+ <predefined-attacks>HTTP:MAXTHON-HISTORY-XSS</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:AVIRA-MGNT-HEADER-BOF</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:CHASYS-BO</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:COOL-EXKIT-JAR-DL</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:CUTEZIP-BO</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:CVE-2014-6332-RCE</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:DAZ-STUDIO-SCRIPT-RCE</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:ERS-VIEWER-BO</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:GITLIST-URI-REQ-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:GRAPHITE-RCE</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:GSM-SIMEDIT-BO</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:IRFVIEW-JP2-BO</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:JBOSS-SEAM-EL-RCE</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:JOOMLA-UNSER-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:MAPLE-MAPLET-CMD-EXEC</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:MINIUPNPD-SOAP-ACTION</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:MS-FOREFRONT-DOS</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:MS-OWA-URL-REDIR</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:RUBY-RAILS-SECRET-RCE</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:SPLUNK-CUSTOM-APP-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:WESTERN-DIGITAL-LFI</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:WINRAR-FILENM-SPOOF</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:WIRESHARK-LUA-RCE</predefined-attacks>\r
+ <predefined-attacks>HTTP:MONKEY-HTTPD-BO</predefined-attacks>\r
+ <predefined-attacks>HTTP:MS-VBSCRIPT-UAF-RCE</predefined-attacks>\r
+ <predefined-attacks>HTTP:MS-WIN-FOLDER-GUID-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:NAGIOS-CONFMGR-SQLINJ</predefined-attacks>\r
+ <predefined-attacks>HTTP:NEUTRINO-EK-SB</predefined-attacks>\r
+ <predefined-attacks>HTTP:NGINX-RQST-URI-SECBYPASS</predefined-attacks>\r
+ <predefined-attacks>HTTP:NODEJS-DOS</predefined-attacks>\r
+ <predefined-attacks>HTTP:NOVELL:GROUPWISE-NETAGT-BO</predefined-attacks>\r
+ <predefined-attacks>HTTP:ORACLE:CONF-ACCESS</predefined-attacks>\r
+ <predefined-attacks>HTTP:ORACLE:GENERIC-SIGNATUR-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:ORACLE:OUTSIDE-PRDOX-BO2</predefined-attacks>\r
+ <predefined-attacks>HTTP:ORACLE:SSO-ACCESS</predefined-attacks>\r
+ <predefined-attacks>HTTP:PHP:CDF-INFINITE-LOOP-DOS</predefined-attacks>\r
+ <predefined-attacks>HTTP:PHP:CORE-INT-OF-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:PHP:DATEINTERVAL-DOS</predefined-attacks>\r
+ <predefined-attacks>HTTP:PHP:EXIF-NULL-PTR-DEREF</predefined-attacks>\r
+ <predefined-attacks>HTTP:PHP:INVISION-IPS-COMM</predefined-attacks>\r
+ <predefined-attacks>HTTP:PHP:JOOMLA-ADMIN-SCAN</predefined-attacks>\r
+ <predefined-attacks>HTTP:PHP:OPENEMR-GLOBALS-AB</predefined-attacks>\r
+ <predefined-attacks>HTTP:PHP:PHAR-PARSE-TARFILE-ID</predefined-attacks>\r
+ <predefined-attacks>HTTP:PHP:PHPMYADMIN:SETUP-SCAN</predefined-attacks>\r
+ <predefined-attacks>HTTP:PHP:PHPSPLOIT-POSTEXP</predefined-attacks>\r
+ <predefined-attacks>HTTP:PHP:SPL-OBJECT-UNSERIALIZE</predefined-attacks>\r
+ <predefined-attacks>HTTP:PHP:TAR-FILE-PTR</predefined-attacks>\r
+ <predefined-attacks>HTTP:PHP:WP-BRUTE-FORCE-LOGIN</predefined-attacks>\r
+ <predefined-attacks>HTTP:PHP:WP-INCLUDES-ACCESS</predefined-attacks>\r
+ <predefined-attacks>HTTP:PHP:WP-README-SCAN</predefined-attacks>\r
+ <predefined-attacks>HTTP:PHP:XAMPP-FILE-WRITE</predefined-attacks>\r
+ <predefined-attacks>HTTP:PHP:ZIPARCHIVE-IO</predefined-attacks>\r
+ <predefined-attacks>HTTP:PROXY:SQUID-DOS</predefined-attacks>\r
+ <predefined-attacks>HTTP:REGIN-CNC-TRAFFIC</predefined-attacks>\r
+ <predefined-attacks>HTTP:REQERR:INV-IPV6-HOST-HDR</predefined-attacks>\r
+ <predefined-attacks>HTTP:REQERR:NULL-IN-HEADER</predefined-attacks>\r
+ <predefined-attacks>HTTP:SOLARWINDS-AUTH-BYPASS</predefined-attacks>\r
+ <predefined-attacks>HTTP:SOLARWINDS-POLICYBYPASS</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:ACCEPT-HDR-1</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:ACCEPT-HDR-3</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:ACCEPT-LANG-HDR-1</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:ACCEPT-LANG-HDR-3</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:AND-NUMBER-EQUALS</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:CHAR</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:CHAR-ENCODE</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:COMMENT</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:COMPARISON</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:CONCAT</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:CONT-MD5-HDR-1</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:CONT-MD5-HDR-3</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:CONT-TYPE-HDR-1</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:CONT-TYPE-HDR-3</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:CONVERT</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:CONVERT-INJ-OF</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:HAVIJ-UA</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:HTTP-AUTH-HDR-1</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:HTTP-AUTH-HDR-3</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:HTTP-HOST-HDR-1</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:HTTP-HOST-HDR-3</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:HTTP-REQ-HDR-3</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:INSERT-VALUES</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:INTO-OUTFILE</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:IS_SRVROLEMEMBER</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:MS-SQL-FUNCTIONS</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:MS-SQL-TABLE-NAME</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:MYSQL-TABLE-NAME</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:NULLBYTE-COMMENT</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:PL-SQL</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:PROC-GENERIC</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:REFERER-HDR-1</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:REFERER-HDR-3</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:SLASH-STAR</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:SQLMAP-ACTIVITY</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:SYSOBJECTS</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:UA-HDR-1</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:UA-HDR-3</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:UNION-SELECT</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:USER-ADD</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:VERSION-DETECT</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:WAITFOR-DELAY</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQUID-BUMP-DOS</predefined-attacks>\r
+ <predefined-attacks>HTTP:STATIC-SERVER-BOF</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ACTIVEX:KVIEW-KCHARTXY</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:2013-5065-PDF</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:ACROFORM-NULL-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CONVFILTER-UAF</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2009-2985-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2009-3791-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2009-3959-OF</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2010-2202-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2013-0622-SB</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2013-3353</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2013-3355-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2013-5324-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2013-5325-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2013-5329-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0511-BO</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0512-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0517-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0521</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0522-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0523-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0524-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0531-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0537-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0538-UF</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0539-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0545-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0547-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0548-PB</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0550-BO</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0553-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0554</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0555-BO</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0559-BO</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0564-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0565-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0567-OF</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0568-SE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0574-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0574-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0576-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0577-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0578-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0580-SB</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0584-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0586-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-4671</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-8440-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-8441-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-8447-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-8449-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-8450-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-8451-ID</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-8455-UF</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-8459-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-8460-BO</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-8461-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-9159-BO</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-9160-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-9162-ID</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0087-ID</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0089-ID</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0090-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0093-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0301-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0302-ID</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0303-SB</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0305-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0306-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0307-DS</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0313-ID</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0314-BO</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0315-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0317-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0319-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0320-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0321-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0322-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0323-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0324-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0325-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0326-DS</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0328-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0329-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0330-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0333-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0334-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0335-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0337-PB</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0338-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0339-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0340-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0341-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0342-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0346-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0347-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0348-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0349-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0350-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0351-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0352-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0353-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0354-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0355-MC</predefined-attacks>\r
+ </attacks>\r
+ </match>\r
+ <then>\r
+ <action>\r
+ <no-action/>\r
+ </action>\r
+ <ip-action>\r
+ <ip-notify/>\r
+ <target>source-address</target>\r
+ <log/>\r
+ <log-create/>\r
+ </ip-action>\r
+ <notification>\r
+ <log-attacks>\r
+ <alert/>\r
+ </log-attacks>\r
+ </notification>\r
+ </then>\r
+ </rule>\r
+ <rule>\r
+ <name>DBE-Q-IPS-policy-template-2</name>\r
+ <match>\r
+ <from-zone>any</from-zone>\r
+ <to-zone>any</to-zone>\r
+ <application>default</application>\r
+ <attacks>\r
+ <predefined-attack-groups>[Recommended]Critical - ICMP</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]ICMP - All</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]ICMP - Critical</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]ICMP - Info</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]ICMP - Major</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]ICMP - Minor</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]ICMP - Warning</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Info - ICMP</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Major - ICMP</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Minor - ICMP</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Misc_Critical - ICMP</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Misc_ICMP - All</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Misc_ICMP - Critical</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Misc_ICMP - Info</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Misc_ICMP - Major</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Misc_ICMP - Minor</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Misc_ICMP - Warning</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Misc_Info - ICMP</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Misc_Major - ICMP</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Misc_Minor - ICMP</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Misc_Warning - ICMP</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Response_Critical - ICMP</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Response_ICMP - All</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Response_ICMP - Critical</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Response_ICMP - Info</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Response_ICMP - Major</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Response_ICMP - Minor</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Response_ICMP - Warning</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Response_Info - ICMP</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Response_Major - ICMP</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Response_Minor - ICMP</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Response_Warning - ICMP</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Warning - ICMP</predefined-attack-groups>\r
+ </attacks>\r
+ </match>\r
+ <then>\r
+ <action>\r
+ <recommended/>\r
+ </action>\r
+ <ip-action>\r
+ <ip-notify/>\r
+ <target>source-address</target>\r
+ </ip-action>\r
+ <notification>\r
+ <log-attacks>\r
+ <alert/>\r
+ </log-attacks>\r
+ </notification>\r
+ </then>\r
+ </rule>\r
+ </rulebase-ips>\r
+ </idp-policy>\r
+ <active-policy>Space-IPS-Policy</active-policy>\r
+ </idp>\r
+ <forwarding-options>\r
+ <family>\r
+ <inet6>\r
+ <mode>flow-based</mode>\r
+ </inet6>\r
+ </family>\r
+ </forwarding-options>\r
+ <screen>\r
+ <ids-option>\r
+ <name>untrust-screen</name>\r
+ <alarm-without-drop/>\r
+ <icmp>\r
+ <ip-sweep>\r
+ <threshold>5000</threshold>\r
+ </ip-sweep>\r
+ <fragment/>\r
+ <large/>\r
+ <ping-death/>\r
+ </icmp>\r
+ <ip>\r
+ <bad-option/>\r
+ <record-route-option/>\r
+ <timestamp-option/>\r
+ <security-option/>\r
+ <stream-option/>\r
+ <spoofing/>\r
+ <source-route-option/>\r
+ <loose-source-route-option/>\r
+ <strict-source-route-option/>\r
+ <unknown-protocol/>\r
+ <tear-drop/>\r
+ </ip>\r
+ <tcp>\r
+ <syn-fin/>\r
+ <fin-no-ack/>\r
+ <tcp-no-flag/>\r
+ <syn-frag/>\r
+ <port-scan>\r
+ <threshold>5000</threshold>\r
+ </port-scan>\r
+ <syn-ack-ack-proxy>\r
+ </syn-ack-ack-proxy>\r
+ <syn-flood>\r
+ <alarm-threshold>1024</alarm-threshold>\r
+ <attack-threshold>200</attack-threshold>\r
+ <source-threshold>1024</source-threshold>\r
+ <destination-threshold>2048</destination-threshold>\r
+ <undocumented><queue-size>2000</queue-size></undocumented>\r
+ <timeout>20</timeout>\r
+ </syn-flood>\r
+ <land/>\r
+ </tcp>\r
+ </ids-option>\r
+ </screen>\r
+ <nat>\r
+ <source>\r
+ <pool>\r
+ <name>sp_dmzpfsnat</name>\r
+ <address>\r
+ <name>10.68.16.13/32</name>\r
+ </address>\r
+ <address>\r
+ <name>10.68.16.14/32</name>\r
+ </address>\r
+ <address>\r
+ <name>10.68.16.15/32</name>\r
+ </address>\r
+ <address>\r
+ <name>10.68.16.16/32</name>\r
+ </address>\r
+ <port>\r
+ <range>\r
+ <low>1024</low>\r
+ <to>\r
+ <high>63486</high>\r
+ </to>\r
+ </range>\r
+ </port>\r
+ <pool-utilization-alarm>\r
+ <raise-threshold>80</raise-threshold>\r
+ <clear-threshold>70</clear-threshold>\r
+ </pool-utilization-alarm>\r
+ </pool>\r
+ <rule-set>\r
+ <name>rs_mis2dmzpfsnat</name>\r
+ <from>\r
+ <zone>sz_dbemis</zone>\r
+ </from>\r
+ <to>\r
+ <zone>trust</zone>\r
+ </to>\r
+ <rule>\r
+ <name>nr_dmzpsnat</name>\r
+ <src-nat-rule-match>\r
+ <destination-address>10.68.16.4/32</destination-address>\r
+ <destination-address>10.68.16.5/32</destination-address>\r
+ </src-nat-rule-match>\r
+ <then>\r
+ <source-nat>\r
+ <pool>\r
+ <pool-name>sp_dmzpfsnat</pool-name>\r
+ </pool>\r
+ </source-nat>\r
+ </then>\r
+ </rule>\r
+ </rule-set>\r
+ </source>\r
+ <destination>\r
+ <pool>\r
+ <name>dp_dmzpf01ap1dnat</name>\r
+ <address>\r
+ <ipaddr>10.68.16.4/32</ipaddr>\r
+ </address>\r
+ </pool>\r
+ <pool>\r
+ <name>dp_dmzpf02ap1dnat</name>\r
+ <address>\r
+ <ipaddr>10.68.16.5/32</ipaddr>\r
+ </address>\r
+ </pool>\r
+ <rule-set>\r
+ <name>rs_mis2dmzpfdnat</name>\r
+ <from>\r
+ <zone>sz_dbemis</zone>\r
+ </from>\r
+ <rule>\r
+ <name>nr_p01ap1dnat</name>\r
+ <dest-nat-rule-match>\r
+ <destination-address>\r
+ <dst-addr>12.102.197.133/32</dst-addr>\r
+ </destination-address>\r
+ </dest-nat-rule-match>\r
+ <then>\r
+ <destination-nat>\r
+ <pool>\r
+ <pool-name>dp_dmzpf01ap1dnat</pool-name>\r
+ </pool>\r
+ </destination-nat>\r
+ </then>\r
+ </rule>\r
+ <rule>\r
+ <name>nr_p02ap1dnat</name>\r
+ <dest-nat-rule-match>\r
+ <destination-address>\r
+ <dst-addr>12.102.197.134/32</dst-addr>\r
+ </destination-address>\r
+ </dest-nat-rule-match>\r
+ <then>\r
+ <destination-nat>\r
+ <pool>\r
+ <pool-name>dp_dmzpf02ap1dnat</pool-name>\r
+ </pool>\r
+ </destination-nat>\r
+ </then>\r
+ </rule>\r
+ </rule-set>\r
+ </destination>\r
+ <proxy-arp>\r
+ <interface>\r
+ <name>reth0.0</name>\r
+ <address>\r
+ <name>12.102.197.133/32</name>\r
+ </address>\r
+ <address>\r
+ <name>12.102.197.134/32</name>\r
+ </address>\r
+ </interface>\r
+ <interface>\r
+ <name>reth1.0</name>\r
+ <address>\r
+ <name>10.68.16.13/32</name>\r
+ </address>\r
+ <address>\r
+ <name>10.68.16.14/32</name>\r
+ </address>\r
+ <address>\r
+ <name>10.68.16.15/32</name>\r
+ </address>\r
+ <address>\r
+ <name>10.68.16.16/32</name>\r
+ </address>\r
+ </interface>\r
+ </proxy-arp>\r
+ </nat>\r
+ <policies>\r
+ <policy>\r
+ <from-zone-name>trust</from-zone-name>\r
+ <to-zone-name>trust</to-zone-name>\r
+ <policy>\r
+ <name>default-permit</name>\r
+ <match>\r
+ <source-address>any</source-address>\r
+ <destination-address>any</destination-address>\r
+ <application>any</application>\r
+ </match>\r
+ <then>\r
+ <permit>\r
+ </permit>\r
+ <log>\r
+ <session-init/>\r
+ <session-close/>\r
+ </log>\r
+ </then>\r
+ </policy>\r
+ </policy>\r
+ <policy>\r
+ <from-zone-name>trust</from-zone-name>\r
+ <to-zone-name>untrust</to-zone-name>\r
+ <policy>\r
+ <name>default-permit</name>\r
+ <match>\r
+ <source-address>any</source-address>\r
+ <destination-address>any</destination-address>\r
+ <application>any</application>\r
+ </match>\r
+ <then>\r
+ <permit>\r
+ </permit>\r
+ <log>\r
+ <session-init/>\r
+ <session-close/>\r
+ </log>\r
+ </then>\r
+ </policy>\r
+ </policy>\r
+ <policy>\r
+ <from-zone-name>sz_dbemis</from-zone-name>\r
+ <to-zone-name>trust</to-zone-name>\r
+ <policy>\r
+ <name>sp_bwxspapi</name>\r
+ <match>\r
+ <source-address>any</source-address>\r
+ <destination-address>as_bwdmzpxspapsrvrs_2</destination-address>\r
+ <application>ps_bwapi_3</application>\r
+ </match>\r
+ <then>\r
+ <permit>\r
+ </permit>\r
+ <log>\r
+ <session-init/>\r
+ <session-close/>\r
+ </log>\r
+ <count>\r
+ </count>\r
+ </then>\r
+ </policy>\r
+ <policy>\r
+ <name>sp_bwpdeny</name>\r
+ <match>\r
+ <source-address>any</source-address>\r
+ <destination-address>any</destination-address>\r
+ <application>any</application>\r
+ </match>\r
+ <then>\r
+ <deny/>\r
+ <log>\r
+ <session-init/>\r
+ </log>\r
+ <count>\r
+ </count>\r
+ </then>\r
+ </policy>\r
+ </policy>\r
+ <policy>\r
+ <from-zone-name>trust</from-zone-name>\r
+ <to-zone-name>sz_dbemis</to-zone-name>\r
+ <policy>\r
+ <name>sp_bwzdeny</name>\r
+ <match>\r
+ <source-address>any</source-address>\r
+ <destination-address>any</destination-address>\r
+ <application>any</application>\r
+ </match>\r
+ <then>\r
+ <deny/>\r
+ <log>\r
+ <session-init/>\r
+ </log>\r
+ <count>\r
+ </count>\r
+ </then>\r
+ </policy>\r
+ </policy>\r
+ <policy>\r
+ <from-zone-name>untrust</from-zone-name>\r
+ <to-zone-name>trust</to-zone-name>\r
+ <policy>\r
+ <name>default-deny</name>\r
+ <match>\r
+ <source-address>any</source-address>\r
+ <destination-address>any</destination-address>\r
+ <application>any</application>\r
+ </match>\r
+ <then>\r
+ <deny/>\r
+ <log>\r
+ <session-init/>\r
+ <session-close/>\r
+ </log>\r
+ </then>\r
+ </policy>\r
+ </policy>\r
+ </policies>\r
+ <zones>\r
+ <security-zone>\r
+ <name>trust</name>\r
+ <tcp-rst/>\r
+ <address-book>\r
+ <address>\r
+ <name>ad_bwxsp02ap1pf</name>\r
+ <ip-prefix>10.68.16.5/32</ip-prefix>\r
+ </address>\r
+ <address>\r
+ <name>ad_bwxsp01ap1pf_1</name>\r
+ <ip-prefix>10.68.16.4/32</ip-prefix>\r
+ </address>\r
+ <address-set>\r
+ <name>as_bwdmzpxspapsrvrs_2</name>\r
+ <address>\r
+ <name>ad_bwxsp01ap1pf_1</name>\r
+ </address>\r
+ <address>\r
+ <name>ad_bwxsp02ap1pf</name>\r
+ </address>\r
+ </address-set>\r
+ </address-book>\r
+ <host-inbound-traffic>\r
+ <system-services>\r
+ <name>all</name>\r
+ </system-services>\r
+ <protocols>\r
+ <name>all</name>\r
+ </protocols>\r
+ </host-inbound-traffic>\r
+ <interfaces>\r
+ <name>reth1.0</name>\r
+ </interfaces>\r
+ </security-zone>\r
+ <security-zone>\r
+ <name>untrust</name>\r
+ <screen>untrust-screen</screen>\r
+ </security-zone>\r
+ <security-zone>\r
+ <name>sz_dbemis</name>\r
+ <screen>untrust-screen</screen>\r
+ <interfaces>\r
+ <name>reth0.0</name>\r
+ </interfaces>\r
+ </security-zone>\r
+ </zones>\r
+ </security>\r
+ <interfaces>\r
+ <interface>\r
+ <name>ge-0/0/1</name>\r
+ <gigether-options>\r
+ <redundant-parent>\r
+ <parent>reth0</parent>\r
+ </redundant-parent>\r
+ </gigether-options>\r
+ </interface>\r
+ <interface>\r
+ <name>ge-0/0/2</name>\r
+ <gigether-options>\r
+ <redundant-parent>\r
+ <parent>reth1</parent>\r
+ </redundant-parent>\r
+ </gigether-options>\r
+ </interface>\r
+ <interface>\r
+ <name>ge-7/0/1</name>\r
+ <gigether-options>\r
+ <redundant-parent>\r
+ <parent>reth0</parent>\r
+ </redundant-parent>\r
+ </gigether-options>\r
+ </interface>\r
+ <interface>\r
+ <name>ge-7/0/2</name>\r
+ <gigether-options>\r
+ <redundant-parent>\r
+ <parent>reth1</parent>\r
+ </redundant-parent>\r
+ </gigether-options>\r
+ </interface>\r
+ <interface>\r
+ <name>fab0</name>\r
+ <fabric-options>\r
+ <member-interfaces>\r
+ <name>ge-0/0/0</name>\r
+ </member-interfaces>\r
+ </fabric-options>\r
+ </interface>\r
+ <interface>\r
+ <name>fab1</name>\r
+ <fabric-options>\r
+ <member-interfaces>\r
+ <name>ge-7/0/0</name>\r
+ </member-interfaces>\r
+ </fabric-options>\r
+ </interface>\r
+ <interface>\r
+ <name>fxp0</name>\r
+ <unit>\r
+ <name>0</name>\r
+ </unit>\r
+ </interface>\r
+ <interface>\r
+ <name>reth0</name>\r
+ <redundant-ether-options>\r
+ <redundancy-group>1</redundancy-group>\r
+ </redundant-ether-options>\r
+ <unit>\r
+ <name>0</name>\r
+ <family>\r
+ <inet>\r
+ <filter>\r
+ <input>\r
+ <filter-name>ff_pdscp</filter-name>\r
+ </input>\r
+ </filter>\r
+ <address>\r
+ <name>12.102.197.132/25</name>\r
+ </address>\r
+ </inet>\r
+ <inet6>\r
+ <filter>\r
+ <input>\r
+ <filter-name>ff_v6pdscp</filter-name>\r
+ </input>\r
+ </filter>\r
+ <address>\r
+ <name>2001:1890:1001:23ed::3:1/64</name>\r
+ </address>\r
+ <address>\r
+ <name>2001:1890:1001:23ed::3:2/64</name>\r
+ </address>\r
+ <address>\r
+ <name>2001:1890:1001:23ed::3:3/64</name>\r
+ </address>\r
+ </inet6>\r
+ </family>\r
+ </unit>\r
+ </interface>\r
+ <interface>\r
+ <name>reth1</name>\r
+ <redundant-ether-options>\r
+ <redundancy-group>1</redundancy-group>\r
+ </redundant-ether-options>\r
+ <unit>\r
+ <name>0</name>\r
+ <family>\r
+ <inet>\r
+ <filter>\r
+ <input>\r
+ <filter-name>ff_pdscp</filter-name>\r
+ </input>\r
+ </filter>\r
+ <address>\r
+ <name>10.68.16.12/22</name>\r
+ </address>\r
+ </inet>\r
+ <inet6>\r
+ <filter>\r
+ <input>\r
+ <filter-name>ff_v6pdscp</filter-name>\r
+ </input>\r
+ </filter>\r
+ <address>\r
+ <name>2001:1890:1001:23ec::3:1/64</name>\r
+ </address>\r
+ <address>\r
+ <name>2001:1890:1001:23ec::3:2/64</name>\r
+ </address>\r
+ <address>\r
+ <name>2001:1890:1001:23ec::3:3/64</name>\r
+ </address>\r
+ <address>\r
+ <name>2001:1890:1001:23ec::3:4/64</name>\r
+ </address>\r
+ <address>\r
+ <name>2001:1890:1001:23ec::3:5/64</name>\r
+ </address>\r
+ </inet6>\r
+ </family>\r
+ </unit>\r
+ </interface>\r
+ </interfaces>\r
+ <snmp>\r
+ <community>\r
+ <name>vsbk68</name>\r
+ <authorization>read-only</authorization>\r
+ <clients>\r
+ <name>130.6.45.42/32</name>\r
+ </clients>\r
+ <clients>\r
+ <name>130.6.45.41/32</name>\r
+ </clients>\r
+ <clients>\r
+ <name>130.6.44.254/32</name>\r
+ </clients>\r
+ <clients>\r
+ <name>130.6.44.253/32</name>\r
+ </clients>\r
+ <clients>\r
+ <name>135.25.175.114/32</name>\r
+ </clients>\r
+ <clients>\r
+ <name>135.21.235.37/32</name>\r
+ </clients>\r
+ </community>\r
+ <community>\r
+ <name>space15</name>\r
+ <authorization>read-write</authorization>\r
+ <clients>\r
+ <name>135.144.0.60/32</name>\r
+ </clients>\r
+ <clients>\r
+ <name>135.144.0.59/32</name>\r
+ </clients>\r
+ <clients>\r
+ <name>135.144.0.61/32</name>\r
+ </clients>\r
+ </community>\r
+ <trap-group>\r
+ <name>GFP</name>\r
+ <version>v2</version>\r
+ <destination-port>162</destination-port>\r
+ <targets>\r
+ <name>135.89.33.175</name>\r
+ </targets>\r
+ <targets>\r
+ <name>199.37.245.24</name>\r
+ </targets>\r
+ </trap-group>\r
+ <trap-group>\r
+ <name>space</name>\r
+ <targets>\r
+ <name>135.144.0.60</name>\r
+ </targets>\r
+ </trap-group>\r
+ <health-monitor>\r
+ <idp>\r
+ </idp>\r
+ </health-monitor>\r
+ </snmp>\r
+ <routing-options>\r
+ <interface-routes>\r
+ <rib-group>\r
+ <inet>rg_mis2dmzp</inet>\r
+ <inet6>rg_v6mis2dmzp</inet6>\r
+ </rib-group>\r
+ </interface-routes>\r
+ <static>\r
+ <route>\r
+ <name>0.0.0.0/0</name>\r
+ <next-hop>135.69.228.1</next-hop>\r
+ </route>\r
+ </static>\r
+ <rib-groups>\r
+ <name>rg_mis2dmzp</name>\r
+ <import-rib>vrf-untrust.inet.0</import-rib>\r
+ <import-rib>inet.0</import-rib>\r
+ </rib-groups>\r
+ <rib-groups>\r
+ <name>rg_v6mis2dmzp</name>\r
+ <import-rib>vrf-untrust.inet6.0</import-rib>\r
+ <import-rib>inet6.0</import-rib>\r
+ </rib-groups>\r
+ </routing-options>\r
+ <class-of-service>\r
+ <interfaces>\r
+ <interface>\r
+ <name>reth0</name>\r
+ <unit>\r
+ <name>0</name>\r
+ <rewrite-rules>\r
+ <dscp>\r
+ <name>cr_pdscpaf</name>\r
+ </dscp>\r
+ <dscp-ipv6>\r
+ <name>cr_v6pdscpaf</name>\r
+ </dscp-ipv6>\r
+ </rewrite-rules>\r
+ </unit>\r
+ </interface>\r
+ <interface>\r
+ <name>reth1</name>\r
+ <unit>\r
+ <name>0</name>\r
+ <rewrite-rules>\r
+ <dscp>\r
+ <name>cr_pdscpaf</name>\r
+ </dscp>\r
+ <dscp-ipv6>\r
+ <name>cr_v6pdscpaf</name>\r
+ </dscp-ipv6>\r
+ </rewrite-rules>\r
+ </unit>\r
+ </interface>\r
+ </interfaces>\r
+ <rewrite-rules>\r
+ <dscp>\r
+ <name>cr_pdscpaf</name>\r
+ <forwarding-class>\r
+ <name>assured-forwarding</name>\r
+ <loss-priority>\r
+ <name>low</name>\r
+ <code-point>011010</code-point>\r
+ </loss-priority>\r
+ </forwarding-class>\r
+ </dscp>\r
+ <dscp-ipv6>\r
+ <name>cr_v6pdscpaf</name>\r
+ <forwarding-class>\r
+ <name>assured-forwarding</name>\r
+ <loss-priority>\r
+ <name>low</name>\r
+ <code-point>011010</code-point>\r
+ </loss-priority>\r
+ </forwarding-class>\r
+ </dscp-ipv6>\r
+ </rewrite-rules>\r
+ </class-of-service>\r
+ <firewall>\r
+ <family>\r
+ <inet>\r
+ <filter>\r
+ <name>ff_pdscp</name>\r
+ <term>\r
+ <name>fr_pdscp</name>\r
+ <from>\r
+ <interface>\r
+ <name>reth0</name>\r
+ </interface>\r
+ <interface>\r
+ <name>reth1</name>\r
+ </interface>\r
+ </from>\r
+ <then>\r
+ <forwarding-class>assured-forwarding</forwarding-class>\r
+ <accept/>\r
+ </then>\r
+ </term>\r
+ </filter>\r
+ </inet>\r
+ <inet6>\r
+ <filter>\r
+ <name>ff_v6pdscp</name>\r
+ <term>\r
+ <name>fr_v6pdscp</name>\r
+ <from>\r
+ <interface>\r
+ <name>reth0</name>\r
+ </interface>\r
+ <interface>\r
+ <name>reth1</name>\r
+ </interface>\r
+ </from>\r
+ <then>\r
+ <forwarding-class>assured-forwarding</forwarding-class>\r
+ <accept/>\r
+ </then>\r
+ </term>\r
+ </filter>\r
+ </inet6>\r
+ </family>\r
+ </firewall>\r
+ <routing-instances>\r
+ <instance>\r
+ <name>vrf-untrust</name>\r
+ <instance-type>virtual-router</instance-type>\r
+ <interface>\r
+ <name>reth0.0</name>\r
+ </interface>\r
+ <routing-options>\r
+ <interface-routes>\r
+ <rib-group>\r
+ <inet>rg_mis2dmzp</inet>\r
+ <inet6>rg_v6mis2dmzp</inet6>\r
+ </rib-group>\r
+ </interface-routes>\r
+ <rib>\r
+ <name>vrf-untrust.inet6.0</name>\r
+ <static>\r
+ <route>\r
+ <name>0::/0</name>\r
+ <next-hop>2001:1890:1001:23ed::1</next-hop>\r
+ </route>\r
+ </static>\r
+ </rib>\r
+ <static>\r
+ <route>\r
+ <name>0.0.0.0/0</name>\r
+ <next-hop>12.102.197.129</next-hop>\r
+ </route>\r
+ </static>\r
+ </routing-options>\r
+ </instance>\r
+ </routing-instances>\r
+ <applications>\r
+ <application>\r
+ <name>ap_xsi-xml-https</name>\r
+ <protocol>tcp</protocol>\r
+ <destination-port>443</destination-port>\r
+ </application>\r
+ <application-set>\r
+ <name>ps_bwapi_3</name>\r
+ <application>\r
+ <name>ap_xsi-xml-https</name>\r
+ </application>\r
+ </application-set>\r
+ </applications>\r
+ </configuration>
\ No newline at end of file
--- /dev/null
+<rpc-reply xmlns:junos="http://xml.juniper.net/junos/15.1X49/junos">\r
+ <configuration junos:changed-seconds="1478714723" junos:changed-localtime="2016-11-09 18:05:23 UTC">\r
+ <version>15.1X49-D50.3</version>\r
+ <groups>\r
+ <name>${nodename}</name>\r
+ <system>\r
+ <host-name>dbqx0001vm001</host-name>\r
+ <backup-router>\r
+ <address>${BUrouterIP}</address>\r
+ <destination>${DestinationSubnet}</destination>\r
+ </backup-router>\r
+ <services>\r
+ <ssh>\r
+ <max-sessions-per-connection>32</max-sessions-per-connection>\r
+ </ssh>\r
+ </services>\r
+ <syslog>\r
+ <file>\r
+ <name>default-log-messages</name>\r
+ <contents>\r
+ <name>any</name>\r
+ <info/>\r
+ </contents>\r
+ <match>(requested 'commit' operation)|(copying configuration to juniper.save)|(commit complete)|ifAdminStatus|(FRU power)|(FRU removal)|(FRU insertion)|(link UP)|transitioned|Transferred|transfer-file|(license add)|(license delete)|(package -X update)|(package -X delete)|(FRU Online)|(FRU Offline)|(plugged in)|(unplugged)|GRES</match>\r
+ <structured-data>\r
+ </structured-data>\r
+ </file>\r
+ </syslog>\r
+ </system>\r
+ <interfaces>\r
+ <interface>\r
+ <name>fxp0</name>\r
+ <unit>\r
+ <name>0</name>\r
+ <family>\r
+ <inet>\r
+ <address>\r
+ <name>135.69.228.8/25</name>\r
+ </address>\r
+ </inet>\r
+ </family>\r
+ </unit>\r
+ </interface>\r
+ </interfaces>\r
+ </groups>\r
+ <groups>\r
+ <name>node1</name>\r
+ <system>\r
+ <host-name>dbqx0001vm002</host-name>\r
+ <backup-router>\r
+ <address>135.69.228.1</address>\r
+ <destination>0.0.0.0/0</destination>\r
+ </backup-router>\r
+ <services>\r
+ <ssh>\r
+ <max-sessions-per-connection>32</max-sessions-per-connection>\r
+ </ssh>\r
+ </services>\r
+ <syslog>\r
+ <file>\r
+ <name>default-log-messages</name>\r
+ <contents>\r
+ <name>any</name>\r
+ <info/>\r
+ </contents>\r
+ <match>(requested 'commit' operation)|(copying configuration to juniper.save)|(commit complete)|ifAdminStatus|(FRU power)|(FRU removal)|(FRU insertion)|(link UP)|transitioned|Transferred|transfer-file|(license add)|(license delete)|(package -X update)|(package -X delete)|(FRU Online)|(FRU Offline)|(plugged in)|(unplugged)|GRES</match>\r
+ <structured-data>\r
+ </structured-data>\r
+ </file>\r
+ </syslog>\r
+ </system>\r
+ <interfaces>\r
+ <interface>\r
+ <name>fxp0</name>\r
+ <unit>\r
+ <name>0</name>\r
+ <family>\r
+ <inet>\r
+ <address>\r
+ <name>135.69.228.9/25</name>\r
+ </address>\r
+ </inet>\r
+ </family>\r
+ </unit>\r
+ </interface>\r
+ </interfaces>\r
+ </groups>\r
+ <apply-groups>groupname</apply-groups>\r
+ <system>\r
+ <root-authentication>\r
+ <encrypted-password>$5$rKyWGmrv$sMeym/XUklUeJX2hKpcp5TzCG5R8jcmJ2901HcNGSeB</encrypted-password>\r
+ </root-authentication>\r
+ <name-server>\r
+ <name>135.188.34.84</name>\r
+ </name-server>\r
+ <login>\r
+ <message>\n\t\tWARNING NOTICE\n\tThis system is restricted solely to AT&T authorized users for\n\tlegitimate business purposes only.The actual or attempted\n\tunauthorized access, use, or modification of this system is\n\tstrictly prohibited by AT&T. Unauthorized users are subject to\n\tCompany disciplinary proceedings and/or criminal and civil\n\tpenalties under state, federal, or other applicable domestic and\n\tforeign laws. The use of this system may be monitored and\n\trecorded for administrative and security reasons. Anyone\n\taccessing this system expressly consents to such monitoring and\n\t is advised that if monitoring reveals possible evidence of\n\tcriminal activity, AT&T may provide the evidence of such\n\tactivity to law enforcement officials. All users must comply\n\twith AT&T company policies regarding the protection of AT&T\n\tinformation assets.\n\n</message>\r
+ </login>\r
+ <services>\r
+ <ssh>\r
+ <protocol-version>v2</protocol-version>\r
+ </ssh>\r
+ <netconf>\r
+ <ssh>\r
+ </ssh>\r
+ </netconf>\r
+ </services>\r
+ <syslog>\r
+ <user>\r
+ <name>*</name>\r
+ <contents>\r
+ <name>any</name>\r
+ <emergency/>\r
+ </contents>\r
+ </user>\r
+ <host>\r
+ <name>135.144.0.62</name>\r
+ <contents>\r
+ <name>any</name>\r
+ <any/>\r
+ </contents>\r
+ <structured-data>\r
+ </structured-data>\r
+ </host>\r
+ <file>\r
+ <name>messages</name>\r
+ <contents>\r
+ <name>any</name>\r
+ <any/>\r
+ </contents>\r
+ <contents>\r
+ <name>authorization</name>\r
+ <info/>\r
+ </contents>\r
+ </file>\r
+ <file>\r
+ <name>interactive-commands</name>\r
+ <contents>\r
+ <name>interactive-commands</name>\r
+ <any/>\r
+ </contents>\r
+ </file>\r
+ <file>\r
+ <name>session_log</name>\r
+ <contents>\r
+ <name>any</name>\r
+ <info/>\r
+ </contents>\r
+ <structured-data>\r
+ </structured-data>\r
+ </file>\r
+ <file>\r
+ <name>policy_session</name>\r
+ <match>RT_FLOW</match>\r
+ </file>\r
+ </syslog>\r
+ <license>\r
+ <autoupdate>\r
+ <url>\r
+ <name>https://ae1.juniper.net/junos/key_retrieval</name>\r
+ </url>\r
+ </autoupdate>\r
+ </license>\r
+ <ntp>\r
+ <server>\r
+ <name>192.20.201.162</name>\r
+ </server>\r
+ </ntp>\r
+ </system>\r
+ <chassis>\r
+ <cluster>\r
+ <control-link-recovery/>\r
+ <reth-count>2</reth-count>\r
+ <heartbeat-interval>1000</heartbeat-interval>\r
+ <heartbeat-threshold>3</heartbeat-threshold>\r
+ <redundancy-group>\r
+ <name>0</name>\r
+ <node>\r
+ <name>0</name>\r
+ <priority>100</priority>\r
+ </node>\r
+ <node>\r
+ <name>1</name>\r
+ <priority>1</priority>\r
+ </node>\r
+ </redundancy-group>\r
+ <redundancy-group>\r
+ <name>1</name>\r
+ <node>\r
+ <name>0</name>\r
+ <priority>100</priority>\r
+ </node>\r
+ <node>\r
+ <name>1</name>\r
+ <priority>1</priority>\r
+ </node>\r
+ <interface-monitor>\r
+ <name>ge-0/0/1</name>\r
+ <weight>255</weight>\r
+ </interface-monitor>\r
+ <interface-monitor>\r
+ <name>ge-7/0/1</name>\r
+ <weight>255</weight>\r
+ </interface-monitor>\r
+ <interface-monitor>\r
+ <name>ge-0/0/2</name>\r
+ <weight>255</weight>\r
+ </interface-monitor>\r
+ <interface-monitor>\r
+ <name>ge-7/0/2</name>\r
+ <weight>255</weight>\r
+ </interface-monitor>\r
+ <ip-monitoring>\r
+ <global-weight>255</global-weight>\r
+ <retry-interval>1</retry-interval>\r
+ <retry-count>5</retry-count>\r
+ <family>\r
+ <inet>\r
+ <address>\r
+ <name>10.68.16.1</name>\r
+ <weight>255</weight>\r
+ <interface>\r
+ <logical-interface-name>reth1.0</logical-interface-name>\r
+ <secondary-ip-address>10.68.16.17</secondary-ip-address>\r
+ </interface>\r
+ </address>\r
+ <address>\r
+ <name>12.102.197.129</name>\r
+ <weight>255</weight>\r
+ <interface>\r
+ <logical-interface-name>reth0.0</logical-interface-name>\r
+ <secondary-ip-address>12.102.197.135</secondary-ip-address>\r
+ </interface>\r
+ </address>\r
+ </inet>\r
+ </family>\r
+ </ip-monitoring>\r
+ </redundancy-group>\r
+ </cluster>\r
+ </chassis>\r
+ <services>\r
+ <application-identification>\r
+ </application-identification>\r
+ </services>\r
+ <security>\r
+ <idp>\r
+ <idp-policy>\r
+ <name>Space-IPS-Policy</name>\r
+ <rulebase-ips>\r
+ <rule>\r
+ <name>DBE-Q-IPS-policy-template-1</name>\r
+ <match>\r
+ <from-zone>any</from-zone>\r
+ <to-zone>any</to-zone>\r
+ <application>default</application>\r
+ <attacks>\r
+ <predefined-attacks>APP:ADOBE-COLDFUSION-WEBSOCKET</predefined-attacks>\r
+ <predefined-attacks>APP:ADOBE-FLASH-RTMP-RCE</predefined-attacks>\r
+ <predefined-attacks>APP:AMANDA:AMANDA-ROOT-OF2</predefined-attacks>\r
+ <predefined-attacks>APP:APPLE-MACOSX-ODP-RCE</predefined-attacks>\r
+ <predefined-attacks>APP:ASUS-WRT-INFOSVR-COMND-EXEC</predefined-attacks>\r
+ <predefined-attacks>APP:CA:ARCSRV:BCK-MESSAGE</predefined-attacks>\r
+ <predefined-attacks>APP:CA:ARCSRV:BCKUP-AUTHSRV-DOS</predefined-attacks>\r
+ <predefined-attacks>APP:CA:ARCSRV:METHD-EXPOSURE</predefined-attacks>\r
+ <predefined-attacks>APP:CA:ARCSRV:RPC-MEMRCORRUPT</predefined-attacks>\r
+ <predefined-attacks>APP:CA:ARCSRV:SQLOF-1</predefined-attacks>\r
+ <predefined-attacks>APP:CA:ARCSRV:TAPE-ENGNE-DOS</predefined-attacks>\r
+ <predefined-attacks>APP:CA:DBA-SVR-POINT</predefined-attacks>\r
+ <predefined-attacks>APP:CA:RPC-MSG-BO</predefined-attacks>\r
+ <predefined-attacks>APP:CISCO:ASA-IKE-BO</predefined-attacks>\r
+ <predefined-attacks>APP:CISCO:CISCO-EPNM-DESERIAL-1</predefined-attacks>\r
+ <predefined-attacks>APP:CISCO:VIDEO-SURVEILANCE-XSS</predefined-attacks>\r
+ <predefined-attacks>APP:CITRIX:PROVISIONING-OPCODE</predefined-attacks>\r
+ <predefined-attacks>APP:CITRIX:STREAMPROCESS-BOF</predefined-attacks>\r
+ <predefined-attacks>APP:DIGIUM-ASTERISK-OF</predefined-attacks>\r
+ <predefined-attacks>APP:EMC-ALPHASTOR-BOF</predefined-attacks>\r
+ <predefined-attacks>APP:EMC-ALPHASTORE-CMDEXEC</predefined-attacks>\r
+ <predefined-attacks>APP:EMC-APLHASTORE-FMTSTR</predefined-attacks>\r
+ <predefined-attacks>APP:EMC-NETWORKER-NSRD-BO</predefined-attacks>\r
+ <predefined-attacks>APP:EMC-NETWORKER-NSRINDEXD-OF</predefined-attacks>\r
+ <predefined-attacks>APP:EMC-NSRINDEXD-BO</predefined-attacks>\r
+ <predefined-attacks>APP:EMC-REPLICATION-MGR-CMD-EXE</predefined-attacks>\r
+ <predefined-attacks>APP:ESIGNAL:OVERFLOW-EXPLOIT</predefined-attacks>\r
+ <predefined-attacks>APP:FLEXERA-FLEXNET-BO</predefined-attacks>\r
+ <predefined-attacks>APP:FREEBSD-BSPATCH-RCE</predefined-attacks>\r
+ <predefined-attacks>APP:HP-DATA-PROTECTOR-OP-DOS</predefined-attacks>\r
+ <predefined-attacks>APP:HP-DATA-PRTCTR-EXEC-BAR-CE</predefined-attacks>\r
+ <predefined-attacks>APP:HP-DATA-PRTCTR-OP-27</predefined-attacks>\r
+ <predefined-attacks>APP:HP-DATA-PRTCTR-OP211-264</predefined-attacks>\r
+ <predefined-attacks>APP:HP-DATA-PRTCTR-OP215-263</predefined-attacks>\r
+ <predefined-attacks>APP:HP-DATA-PRTCTR-OP227-BO</predefined-attacks>\r
+ <predefined-attacks>APP:HP-DATA-PRTCTR-OP234-BO</predefined-attacks>\r
+ <predefined-attacks>APP:HP-DATA-PRTCTR-OP235-BO</predefined-attacks>\r
+ <predefined-attacks>APP:HP-DATA-PRTCTR-OP259-BO</predefined-attacks>\r
+ <predefined-attacks>APP:HP-DATA-PRTCTR-OP260-BO</predefined-attacks>\r
+ <predefined-attacks>APP:HP-DATA-PRTCTR-OP28-11</predefined-attacks>\r
+ <predefined-attacks>APP:HP-DATA-PRTCTR-OPCODE</predefined-attacks>\r
+ <predefined-attacks>APP:HP-DATA-PRTCTR-OPCODES</predefined-attacks>\r
+ <predefined-attacks>APP:HP-DATA-PRTCTR-RDS-DOS</predefined-attacks>\r
+ <predefined-attacks>APP:HP-LEFTHAND-HYDRA-DIAG-OF</predefined-attacks>\r
+ <predefined-attacks>APP:HP-LEFTHAND-HYDRA-PING-OF</predefined-attacks>\r
+ <predefined-attacks>APP:HP-LOADRUNNER-BO</predefined-attacks>\r
+ <predefined-attacks>APP:HP-LOADRUNNER-RCE</predefined-attacks>\r
+ <predefined-attacks>APP:HP-LOADRUNNER-SSL</predefined-attacks>\r
+ <predefined-attacks>APP:HP-LOGIN-BOF</predefined-attacks>\r
+ <predefined-attacks>APP:HP-MGMT-UAM-BO</predefined-attacks>\r
+ <predefined-attacks>APP:HP-NNM-HLEN-BOF</predefined-attacks>\r
+ <predefined-attacks>APP:HP-OPENVIEW-DTPRTCTR-BO</predefined-attacks>\r
+ <predefined-attacks>APP:HP-OPNVIEWSTORAGE-BOF</predefined-attacks>\r
+ <predefined-attacks>APP:HP-OPNVW-STORAGE-DATA-BO</predefined-attacks>\r
+ <predefined-attacks>APP:HP-PROCURVE-BYPASS</predefined-attacks>\r
+ <predefined-attacks>APP:HP-PROTECTOR-DIR-TRAV</predefined-attacks>\r
+ <predefined-attacks>APP:HP-SAN-IQ-CMD-INJ</predefined-attacks>\r
+ <predefined-attacks>APP:HP-STORAGEWORKS-OPC22-BO</predefined-attacks>\r
+ <predefined-attacks>APP:HP-SYS-IPRANGE-OF</predefined-attacks>\r
+ <predefined-attacks>APP:HP-SYS-RCE</predefined-attacks>\r
+ <predefined-attacks>APP:HP-VIRTUAL-SAN</predefined-attacks>\r
+ <predefined-attacks>APP:HPE-NA-RMI-DESER</predefined-attacks>\r
+ <predefined-attacks>APP:HPIM-SOM-EUACCNT-BYPASS</predefined-attacks>\r
+ <predefined-attacks>APP:HPLOADRUNNER-XDR-BO</predefined-attacks>\r
+ <predefined-attacks>APP:HPOV:CMD-INJ</predefined-attacks>\r
+ <predefined-attacks>APP:IBM:DOMINO-BYPASS</predefined-attacks>\r
+ <predefined-attacks>APP:IBM:DOMINO-BYPASS-1</predefined-attacks>\r
+ <predefined-attacks>APP:IBM:FORMVIEWER-XFDL-BOF</predefined-attacks>\r
+ <predefined-attacks>APP:IBM:FXCLI-EXECBO</predefined-attacks>\r
+ <predefined-attacks>APP:IBM:LDAP-MODIFYREQUEST-BO</predefined-attacks>\r
+ <predefined-attacks>APP:IBM:OPCODE-1330-CMD-INJ</predefined-attacks>\r
+ <predefined-attacks>APP:IBM:TIV-OP1329-BOF</predefined-attacks>\r
+ <predefined-attacks>APP:IBM:TIV-OP1331-CMDINJ</predefined-attacks>\r
+ <predefined-attacks>APP:IBM:TIV-OP1339-CMDINJ</predefined-attacks>\r
+ <predefined-attacks>APP:IBM:TIVOLI-FASTBACK-OP-BO</predefined-attacks>\r
+ <predefined-attacks>APP:IBM:TIVOLI-OP4115-BO</predefined-attacks>\r
+ <predefined-attacks>APP:IBM:TIVOLI-SRV-OP1301</predefined-attacks>\r
+ <predefined-attacks>APP:IBM:TIVOLI-SRV-OP1335</predefined-attacks>\r
+ <predefined-attacks>APP:IBM:TSM-CVE-2015-0119-BO</predefined-attacks>\r
+ <predefined-attacks>APP:IPMI-CIPHER-ZERO</predefined-attacks>\r
+ <predefined-attacks>APP:KERBEROS:BLDPRINCIPAL-VA1</predefined-attacks>\r
+ <predefined-attacks>APP:KERBEROS:BLDPRINCIPAL-VA2</predefined-attacks>\r
+ <predefined-attacks>APP:KERBEROS:CHKSUM-PRIV-ESC</predefined-attacks>\r
+ <predefined-attacks>APP:KERBEROS:INV-TOKEN-DOS-TCP</predefined-attacks>\r
+ <predefined-attacks>APP:KERBEROS:INV-TOKEN-DOS-UDP</predefined-attacks>\r
+ <predefined-attacks>APP:KERBEROS:KRB5-DOS</predefined-attacks>\r
+ <predefined-attacks>APP:KERBEROS:MULTI-REALM-DOS</predefined-attacks>\r
+ <predefined-attacks>APP:KERBEROS:SPNEGO-5-DOS</predefined-attacks>\r
+ <predefined-attacks>APP:KERBEROS:WIN-KERB-FALLBACK</predefined-attacks>\r
+ <predefined-attacks>APP:KERBEROS:XREALM-KDC-DOS</predefined-attacks>\r
+ <predefined-attacks>APP:MCAFEE-AM-INPUT-SSL</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:ACTMQ-SHUTDN-CMD</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:ADOBE-RTMP-UAF</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:ALIENVALT-BAKUP-COM-RE</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:APACHE-QPID-SEQSET-DOS</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:APACHE-SVN-IO</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:ARCSERVE-BKUP</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:BIGANT-DDNF-BO</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:CLEARSCADA-OPF-PARSE</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:CVE-2014-0549-RTMP-MC</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:DIASOFT-EXECCMD-CE</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:ENTERASYS-NETSIGHT-BOF</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:EZHOMETECH-EZSERVER-BO</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:FREEBSD-MBUF-DOS</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:GITORIOUS-RCE</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:HP-INODE-BO</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:HP-OA-HEALTH-BO</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:NAGIOS-NRPE-CE</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:OBJ-BO</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:OBJ-OBJDB-BO</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:SAM-ACTQ-MULTI</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:SCHNEIDER-INDUSOFT-RCE</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:SERCOMM-DEVICE-RCE</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:SPREE-SEARCH-CMD-EXE</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:WSHARK-ENTTEC-BO</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:XEROX-MFP-COMND-EXEC</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:ZABBIC-NODE-PROCESS-CE</predefined-attacks>\r
+ <predefined-attacks>APP:MISC:ZEND-SERVER-CE</predefined-attacks>\r
+ <predefined-attacks>APP:MIT-KERBEROS-5-POLICY-DOS</predefined-attacks>\r
+ <predefined-attacks>APP:MS-SNABASE-EXE-DOS</predefined-attacks>\r
+ <predefined-attacks>APP:MSDOTNET-CVE-2014-1806</predefined-attacks>\r
+ <predefined-attacks>APP:NOVELL:MESSENGER-BOF</predefined-attacks>\r
+ <predefined-attacks>APP:NOVELL:MESSENGER-LOGIN</predefined-attacks>\r
+ <predefined-attacks>APP:NOVELL:ZENWORKS-DIR-TRAV</predefined-attacks>\r
+ <predefined-attacks>APP:NOVELL:ZENWORKS-MGT-UPLOAD</predefined-attacks>\r
+ <predefined-attacks>APP:OPENVIEW-STORAGE-BO</predefined-attacks>\r
+ <predefined-attacks>APP:ORACLE:WEBLOGIC-FILE-UPLOAD</predefined-attacks>\r
+ <predefined-attacks>APP:ORACLE:WEBLOGIC-SRV-RCE</predefined-attacks>\r
+ <predefined-attacks>APP:PERSISTENT-COMMAND-EXEC</predefined-attacks>\r
+ <predefined-attacks>APP:PROXY:SQUID-SSLBUMP-CERT</predefined-attacks>\r
+ <predefined-attacks>APP:QEMU-VNC-SETPIXEL-PTR-DEREF</predefined-attacks>\r
+ <predefined-attacks>APP:QUEST-BIG-BRO-FD</predefined-attacks>\r
+ <predefined-attacks>APP:RDP-BRUTE-FORCE</predefined-attacks>\r
+ <predefined-attacks>APP:REAL:REAL-MPG-WIDTH</predefined-attacks>\r
+ <predefined-attacks>APP:REDIS-GETNUM-IO</predefined-attacks>\r
+ <predefined-attacks>APP:REMOTE:CVE-2015-2373-RCE</predefined-attacks>\r
+ <predefined-attacks>APP:REMOTE:NETTRANSPORT-DM</predefined-attacks>\r
+ <predefined-attacks>APP:REMOTE:RDP-HEAP-BO</predefined-attacks>\r
+ <predefined-attacks>APP:REMOTE:RDP-MEM-OBJ</predefined-attacks>\r
+ <predefined-attacks>APP:SAFENET-VPN-OF</predefined-attacks>\r
+ <predefined-attacks>APP:SAP:3DM-FILE-BOF</predefined-attacks>\r
+ <predefined-attacks>APP:SAP:3DVIS-FLIC-BO</predefined-attacks>\r
+ <predefined-attacks>APP:SAP:INT-GRAPHICS-PARAMS-XSS</predefined-attacks>\r
+ <predefined-attacks>APP:SAP:NETWEAVER-BO</predefined-attacks>\r
+ <predefined-attacks>APP:SAP:NETWEAVER-DIAGI-DOS</predefined-attacks>\r
+ <predefined-attacks>APP:SAP:NETWEAVER-DOS</predefined-attacks>\r
+ <predefined-attacks>APP:SAP:NETWEAVER-SOAP-RCE</predefined-attacks>\r
+ <predefined-attacks>APP:SNORT:BACKORIFICE-DOS</predefined-attacks>\r
+ <predefined-attacks>APP:SQUID-BUMP-DOS</predefined-attacks>\r
+ <predefined-attacks>APP:SYMC:ALTIRIS-DS-SQL-INJ</predefined-attacks>\r
+ <predefined-attacks>APP:SYMC:ENCRYPTED-CMD-EXEC</predefined-attacks>\r
+ <predefined-attacks>APP:TMIC:SP-CREATE-BIND-OF</predefined-attacks>\r
+ <predefined-attacks>APP:TMIC:SP-EARTH-AGENT-OF</predefined-attacks>\r
+ <predefined-attacks>APP:UPNP:LIBUPNP-DSN-BOF</predefined-attacks>\r
+ <predefined-attacks>APP:UPNP:LIBUPNP-ROOT-DSN-BOF</predefined-attacks>\r
+ <predefined-attacks>APP:UPNP:LIBUPNP-UUID-BOF</predefined-attacks>\r
+ <predefined-attacks>APP:VCENTER-JMX-RCE</predefined-attacks>\r
+ <predefined-attacks>APP:VCENTER-JMX-RCE2</predefined-attacks>\r
+ <predefined-attacks>APP:VINZANT-ARCHTCTR-AUTHWKNESS</predefined-attacks>\r
+ <predefined-attacks>CHAT:IRC:BOTNET:RA1NX-BOT-CE</predefined-attacks>\r
+ <predefined-attacks>CHAT:IRC:BOTNET:W3TW0RK-RCE</predefined-attacks>\r
+ <predefined-attacks>DB:IBM-SOLIDBD-WHERE-DOS</predefined-attacks>\r
+ <predefined-attacks>DB:IBM-SOLIDDB-ROWNUM</predefined-attacks>\r
+ <predefined-attacks>DB:MONGODB-NATIVEHELPER-RCE</predefined-attacks>\r
+ <predefined-attacks>DB:MYSQL:BENCHMARK-DOS</predefined-attacks>\r
+ <predefined-attacks>DB:MYSQL:BRUTE-FORCE</predefined-attacks>\r
+ <predefined-attacks>DB:MYSQL:CLIENT-BOF</predefined-attacks>\r
+ <predefined-attacks>DB:MYSQL:GRANT-FILE-BO</predefined-attacks>\r
+ <predefined-attacks>DB:MYSQL:ORACLE-XPATH-DOS</predefined-attacks>\r
+ <predefined-attacks>DB:MYSQL:ROOT-PRIVILEGE</predefined-attacks>\r
+ <predefined-attacks>DB:MYSQL:UPDATEXML-DOS</predefined-attacks>\r
+ <predefined-attacks>DB:MYSQL:USER-ENUMERATION</predefined-attacks>\r
+ <predefined-attacks>DB:MYSQL:WIN-RCE</predefined-attacks>\r
+ <predefined-attacks>DB:MYSQL:WINDOWS-REMOTE-ROOT</predefined-attacks>\r
+ <predefined-attacks>DB:ORACLE:DBMS:OUTPUT-TO-JAVA</predefined-attacks>\r
+ <predefined-attacks>DB:ORACLE:DECLARE-EXEC</predefined-attacks>\r
+ <predefined-attacks>DB:ORACLE:EVTDUMP</predefined-attacks>\r
+ <predefined-attacks>DB:ORACLE:SYS:LPXFSMSAX-NAME-BO</predefined-attacks>\r
+ <predefined-attacks>DB:POSTGRESQL:DBNAME-CLIFLAGINJ</predefined-attacks>\r
+ <predefined-attacks>DB:POSTGRESQL:GEO-OPS-PATH-IN</predefined-attacks>\r
+ <predefined-attacks>DB:POSTGRESQL:POSTGRE-DBSEC-BP</predefined-attacks>\r
+ <predefined-attacks>DDOS:LOIC-WEB</predefined-attacks>\r
+ <predefined-attacks>DHCP:SERVER:GNU-BASH-CMD-EXE</predefined-attacks>\r
+ <predefined-attacks>DHCP:SERVER:ISC-MAL-CLID</predefined-attacks>\r
+ <predefined-attacks>DNS:AUDIT:UNASSIGNED-OPCODE</predefined-attacks>\r
+ <predefined-attacks>DNS:AUDIT:Z-RESERVED-OPT</predefined-attacks>\r
+ <predefined-attacks>DNS:BIND-DBC-ASSERT-DOS</predefined-attacks>\r
+ <predefined-attacks>DNS:EXPLOIT:BIND-KEYPARSE-DOS</predefined-attacks>\r
+ <predefined-attacks>DNS:EXPLOIT:CLIBCVE-2015-7547BO</predefined-attacks>\r
+ <predefined-attacks>DNS:EXPLOIT:LIBCVE-2015-7547BO2</predefined-attacks>\r
+ <predefined-attacks>DNS:GNUTLS-DANE-BOF</predefined-attacks>\r
+ <predefined-attacks>DNS:ISC-ASSERTION-DOS</predefined-attacks>\r
+ <predefined-attacks>DNS:ISC-BIND-DNSSEC-DOS</predefined-attacks>\r
+ <predefined-attacks>DNS:ISC-BIND-DOS</predefined-attacks>\r
+ <predefined-attacks>DNS:ISC-BIND-EDNS-OPT-DOS</predefined-attacks>\r
+ <predefined-attacks>DNS:ISC-BIND-PACKAGE-DOS</predefined-attacks>\r
+ <predefined-attacks>DNS:MS-ISA-CE</predefined-attacks>\r
+ <predefined-attacks>DNS:NGINX-RESOLVER-DOS</predefined-attacks>\r
+ <predefined-attacks>DNS:OVERFLOW:GNU-C-GLIBC</predefined-attacks>\r
+ <predefined-attacks>DNS:OVERFLOW:TFTPD32</predefined-attacks>\r
+ <predefined-attacks>DNS:PDNS-AUTHSERV-DOS</predefined-attacks>\r
+ <predefined-attacks>DNS:POWERDNS-NAMESRVR-UDP-DOS</predefined-attacks>\r
+ <predefined-attacks>DNS:POWERDNS-NAMSRVR-TCP-DOS</predefined-attacks>\r
+ <predefined-attacks>DNS:REPERR:NULL-RDATA-LEN</predefined-attacks>\r
+ <predefined-attacks>DNS:RRSIG-QUERY</predefined-attacks>\r
+ <predefined-attacks>DNS:SQUID-DNS-DOS-1</predefined-attacks>\r
+ <predefined-attacks>DNS:TUNNEL:I2P-DNS-QUERY</predefined-attacks>\r
+ <predefined-attacks>DNS:TUNNEL:NULL-RECORD</predefined-attacks>\r
+ <predefined-attacks>DNS:WORDPRESS-SOAK-SOAK-MALWARE</predefined-attacks>\r
+ <predefined-attacks>DOS:DELL-NETVAULT-DOS</predefined-attacks>\r
+ <predefined-attacks>DOS:FREEBSD-ROUTED-DAEMON</predefined-attacks>\r
+ <predefined-attacks>DOS:SLOWHTTPTEST-TOOL</predefined-attacks>\r
+ <predefined-attacks>DOS:WINDOWS:HTTP-SYS</predefined-attacks>\r
+ <predefined-attacks>DOS:WINDOWS:ISCSI-TARGET</predefined-attacks>\r
+ <predefined-attacks>HTTP:ADOBE-FLASH-PLAYER-BO</predefined-attacks>\r
+ <predefined-attacks>HTTP:ADOBE-FLASHPLYR-PRIV-ESC</predefined-attacks>\r
+ <predefined-attacks>HTTP:ANGLER-EXPKIT-URI</predefined-attacks>\r
+ <predefined-attacks>HTTP:APACHE:APACHE-CHUNKREQ-DOS</predefined-attacks>\r
+ <predefined-attacks>HTTP:APACHE:APR-UTIL-LIB-DOS</predefined-attacks>\r
+ <predefined-attacks>HTTP:APACHE:COUCHDB-UUID-DOS</predefined-attacks>\r
+ <predefined-attacks>HTTP:APACHE:HTTPD-ERROR-400</predefined-attacks>\r
+ <predefined-attacks>HTTP:APACHE:HTTPD-MODLOG-COOKIE</predefined-attacks>\r
+ <predefined-attacks>HTTP:APACHE:MOD-LOG-CONFIG-DOS</predefined-attacks>\r
+ <predefined-attacks>HTTP:APACHE:MOD-REWRITE-CMD-EXE</predefined-attacks>\r
+ <predefined-attacks>HTTP:APACHE:REST-RCE</predefined-attacks>\r
+ <predefined-attacks>HTTP:APACHE:REV-PROXY-EXPLOIT</predefined-attacks>\r
+ <predefined-attacks>HTTP:APACHE:STRUTS-CI-SECBYPASS</predefined-attacks>\r
+ <predefined-attacks>HTTP:APACHE:STRUTS-OGNL-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:APACHE:STRUTS-RST-DMI-EXEC</predefined-attacks>\r
+ <predefined-attacks>HTTP:APACHE:STRUTS-URL-DOS</predefined-attacks>\r
+ <predefined-attacks>HTTP:APACHE:STRUTS-XSLT-FI</predefined-attacks>\r
+ <predefined-attacks>HTTP:BACKDOOR-UPATRE-UA</predefined-attacks>\r
+ <predefined-attacks>HTTP:C99-SHELL-BACKDOOR</predefined-attacks>\r
+ <predefined-attacks>HTTP:CARBERP-BACKDOOR-RCE</predefined-attacks>\r
+ <predefined-attacks>HTTP:CGI:BASH-INJECTION-HEADER</predefined-attacks>\r
+ <predefined-attacks>HTTP:CGI:MS-OFFICE-URL-BOF</predefined-attacks>\r
+ <predefined-attacks>HTTP:CISCO:DOWNLOADSERVLET-FU</predefined-attacks>\r
+ <predefined-attacks>HTTP:CLAMAV-ENCRYPT-PDF-MC2</predefined-attacks>\r
+ <predefined-attacks>HTTP:CLANSPHERE-COOKIE-LFI</predefined-attacks>\r
+ <predefined-attacks>HTTP:DIR:HTTP-ACCEPT-ENCODING</predefined-attacks>\r
+ <predefined-attacks>HTTP:DIR:HTTP-ACCEPT-HDR</predefined-attacks>\r
+ <predefined-attacks>HTTP:DIR:HTTP-ACCEPT-LANG</predefined-attacks>\r
+ <predefined-attacks>HTTP:DIR:HTTP-AUTH-HDR</predefined-attacks>\r
+ <predefined-attacks>HTTP:DIR:HTTP-CONT-TYPE</predefined-attacks>\r
+ <predefined-attacks>HTTP:DIR:HTTP-CONTENT-MD5</predefined-attacks>\r
+ <predefined-attacks>HTTP:DIR:HTTP-HOST-HDR</predefined-attacks>\r
+ <predefined-attacks>HTTP:DIR:HTTP-REFERER-HDR</predefined-attacks>\r
+ <predefined-attacks>HTTP:DIR:ZIMBRA-SERVER-LDAP</predefined-attacks>\r
+ <predefined-attacks>HTTP:DLINK-AUTHENTICATION-BO</predefined-attacks>\r
+ <predefined-attacks>HTTP:DOS:APACHE-TOMCAT-CHUNKED2</predefined-attacks>\r
+ <predefined-attacks>HTTP:DOS:HAPROXY-REQDENY</predefined-attacks>\r
+ <predefined-attacks>HTTP:DOS:MIT-KERBEROS-5-POLICY</predefined-attacks>\r
+ <predefined-attacks>HTTP:DOS:PHP-UPLOAD</predefined-attacks>\r
+ <predefined-attacks>HTTP:DOS:SCHNEIDER-EXPRT-SCADA</predefined-attacks>\r
+ <predefined-attacks>HTTP:DOS:SQUID-HDR-RANGE</predefined-attacks>\r
+ <predefined-attacks>HTTP:DRUPAL-CODER-RCE</predefined-attacks>\r
+ <predefined-attacks>HTTP:EK-ANGLER-JAVA</predefined-attacks>\r
+ <predefined-attacks>HTTP:EXPLOIT:ILLEGAL-HOST-CHAR</predefined-attacks>\r
+ <predefined-attacks>HTTP:FORTINET-HELLO-MSG-DOS</predefined-attacks>\r
+ <predefined-attacks>HTTP:HTTP-INVALID-PORT-VALUE</predefined-attacks>\r
+ <predefined-attacks>HTTP:HTTP_PROXY-ATTACK</predefined-attacks>\r
+ <predefined-attacks>HTTP:IIS:ASP-NET-MVC-SEC-BYPASS</predefined-attacks>\r
+ <predefined-attacks>HTTP:IIS:ASPX-URL</predefined-attacks>\r
+ <predefined-attacks>HTTP:IIS:ASPX-URL-1</predefined-attacks>\r
+ <predefined-attacks>HTTP:IIS:ENCODING:SINGLE-DIG-1</predefined-attacks>\r
+ <predefined-attacks>HTTP:IIS:ENCODING:SINGLE-DIG-2</predefined-attacks>\r
+ <predefined-attacks>HTTP:IIS:IIS-6-7-AUTH-BYPASS</predefined-attacks>\r
+ <predefined-attacks>HTTP:IIS:INT-OVERFLOW-DOS</predefined-attacks>\r
+ <predefined-attacks>HTTP:IIS:WEB-CONFIG-INFO-LEAK</predefined-attacks>\r
+ <predefined-attacks>HTTP:IIS:WEBDAV:WINDOWS-SHELL</predefined-attacks>\r
+ <predefined-attacks>HTTP:INFO-LEAK:BOOT-INI</predefined-attacks>\r
+ <predefined-attacks>HTTP:INFO-LEAK:BOOT-INI-TCP</predefined-attacks>\r
+ <predefined-attacks>HTTP:INVALID:EXPECT</predefined-attacks>\r
+ <predefined-attacks>HTTP:JAVA-UPDATE-RCE</predefined-attacks>\r
+ <predefined-attacks>HTTP:JENKINS-CI-SERVER-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:LIBGD-GD2GETHEADER-IO</predefined-attacks>\r
+ <predefined-attacks>HTTP:LIBGD-HEAP-BO</predefined-attacks>\r
+ <predefined-attacks>HTTP:LIBREOFFICE-INTEGR-UNDRFLW</predefined-attacks>\r
+ <predefined-attacks>HTTP:MALICIOUS-SESSION-COOKIE</predefined-attacks>\r
+ <predefined-attacks>HTTP:MAMBO-MYSQL-INF-DISCLOSURE</predefined-attacks>\r
+ <predefined-attacks>HTTP:MANAGENGINE-EVTLG-INF-DISC</predefined-attacks>\r
+ <predefined-attacks>HTTP:MAXTHON-HISTORY-XSS</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:AVIRA-MGNT-HEADER-BOF</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:CHASYS-BO</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:COOL-EXKIT-JAR-DL</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:CUTEZIP-BO</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:CVE-2014-6332-RCE</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:DAZ-STUDIO-SCRIPT-RCE</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:ERS-VIEWER-BO</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:GITLIST-URI-REQ-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:GRAPHITE-RCE</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:GSM-SIMEDIT-BO</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:IRFVIEW-JP2-BO</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:JBOSS-SEAM-EL-RCE</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:JOOMLA-UNSER-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:MAPLE-MAPLET-CMD-EXEC</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:MINIUPNPD-SOAP-ACTION</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:MS-FOREFRONT-DOS</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:MS-OWA-URL-REDIR</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:RUBY-RAILS-SECRET-RCE</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:SPLUNK-CUSTOM-APP-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:WESTERN-DIGITAL-LFI</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:WINRAR-FILENM-SPOOF</predefined-attacks>\r
+ <predefined-attacks>HTTP:MISC:WIRESHARK-LUA-RCE</predefined-attacks>\r
+ <predefined-attacks>HTTP:MONKEY-HTTPD-BO</predefined-attacks>\r
+ <predefined-attacks>HTTP:MS-VBSCRIPT-UAF-RCE</predefined-attacks>\r
+ <predefined-attacks>HTTP:MS-WIN-FOLDER-GUID-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:NAGIOS-CONFMGR-SQLINJ</predefined-attacks>\r
+ <predefined-attacks>HTTP:NEUTRINO-EK-SB</predefined-attacks>\r
+ <predefined-attacks>HTTP:NGINX-RQST-URI-SECBYPASS</predefined-attacks>\r
+ <predefined-attacks>HTTP:NODEJS-DOS</predefined-attacks>\r
+ <predefined-attacks>HTTP:NOVELL:GROUPWISE-NETAGT-BO</predefined-attacks>\r
+ <predefined-attacks>HTTP:ORACLE:CONF-ACCESS</predefined-attacks>\r
+ <predefined-attacks>HTTP:ORACLE:GENERIC-SIGNATUR-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:ORACLE:OUTSIDE-PRDOX-BO2</predefined-attacks>\r
+ <predefined-attacks>HTTP:ORACLE:SSO-ACCESS</predefined-attacks>\r
+ <predefined-attacks>HTTP:PHP:CDF-INFINITE-LOOP-DOS</predefined-attacks>\r
+ <predefined-attacks>HTTP:PHP:CORE-INT-OF-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:PHP:DATEINTERVAL-DOS</predefined-attacks>\r
+ <predefined-attacks>HTTP:PHP:EXIF-NULL-PTR-DEREF</predefined-attacks>\r
+ <predefined-attacks>HTTP:PHP:INVISION-IPS-COMM</predefined-attacks>\r
+ <predefined-attacks>HTTP:PHP:JOOMLA-ADMIN-SCAN</predefined-attacks>\r
+ <predefined-attacks>HTTP:PHP:OPENEMR-GLOBALS-AB</predefined-attacks>\r
+ <predefined-attacks>HTTP:PHP:PHAR-PARSE-TARFILE-ID</predefined-attacks>\r
+ <predefined-attacks>HTTP:PHP:PHPMYADMIN:SETUP-SCAN</predefined-attacks>\r
+ <predefined-attacks>HTTP:PHP:PHPSPLOIT-POSTEXP</predefined-attacks>\r
+ <predefined-attacks>HTTP:PHP:SPL-OBJECT-UNSERIALIZE</predefined-attacks>\r
+ <predefined-attacks>HTTP:PHP:TAR-FILE-PTR</predefined-attacks>\r
+ <predefined-attacks>HTTP:PHP:WP-BRUTE-FORCE-LOGIN</predefined-attacks>\r
+ <predefined-attacks>HTTP:PHP:WP-INCLUDES-ACCESS</predefined-attacks>\r
+ <predefined-attacks>HTTP:PHP:WP-README-SCAN</predefined-attacks>\r
+ <predefined-attacks>HTTP:PHP:XAMPP-FILE-WRITE</predefined-attacks>\r
+ <predefined-attacks>HTTP:PHP:ZIPARCHIVE-IO</predefined-attacks>\r
+ <predefined-attacks>HTTP:PROXY:SQUID-DOS</predefined-attacks>\r
+ <predefined-attacks>HTTP:REGIN-CNC-TRAFFIC</predefined-attacks>\r
+ <predefined-attacks>HTTP:REQERR:INV-IPV6-HOST-HDR</predefined-attacks>\r
+ <predefined-attacks>HTTP:REQERR:NULL-IN-HEADER</predefined-attacks>\r
+ <predefined-attacks>HTTP:SOLARWINDS-AUTH-BYPASS</predefined-attacks>\r
+ <predefined-attacks>HTTP:SOLARWINDS-POLICYBYPASS</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:ACCEPT-HDR-1</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:ACCEPT-HDR-3</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:ACCEPT-LANG-HDR-1</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:ACCEPT-LANG-HDR-3</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:AND-NUMBER-EQUALS</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:CHAR</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:CHAR-ENCODE</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:COMMENT</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:COMPARISON</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:CONCAT</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:CONT-MD5-HDR-1</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:CONT-MD5-HDR-3</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:CONT-TYPE-HDR-1</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:CONT-TYPE-HDR-3</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:CONVERT</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:CONVERT-INJ-OF</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:HAVIJ-UA</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:HTTP-AUTH-HDR-1</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:HTTP-AUTH-HDR-3</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:HTTP-HOST-HDR-1</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:HTTP-HOST-HDR-3</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:HTTP-REQ-HDR-3</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:INSERT-VALUES</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:INTO-OUTFILE</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:IS_SRVROLEMEMBER</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:MS-SQL-FUNCTIONS</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:MS-SQL-TABLE-NAME</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:MYSQL-TABLE-NAME</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:NULLBYTE-COMMENT</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:PL-SQL</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:PROC-GENERIC</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:REFERER-HDR-1</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:REFERER-HDR-3</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:SLASH-STAR</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:SQLMAP-ACTIVITY</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:SYSOBJECTS</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:UA-HDR-1</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:UA-HDR-3</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:UNION-SELECT</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:USER-ADD</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:VERSION-DETECT</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQL:INJ:WAITFOR-DELAY</predefined-attacks>\r
+ <predefined-attacks>HTTP:SQUID-BUMP-DOS</predefined-attacks>\r
+ <predefined-attacks>HTTP:STATIC-SERVER-BOF</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ACTIVEX:KVIEW-KCHARTXY</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:2013-5065-PDF</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:ACROFORM-NULL-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CONVFILTER-UAF</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2009-2985-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2009-3791-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2009-3959-OF</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2010-2202-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2013-0622-SB</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2013-3353</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2013-3355-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2013-5324-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2013-5325-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2013-5329-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0511-BO</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0512-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0517-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0521</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0522-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0523-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0524-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0531-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0537-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0538-UF</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0539-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0545-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0547-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0548-PB</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0550-BO</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0553-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0554</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0555-BO</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0559-BO</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0564-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0565-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0567-OF</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0568-SE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0574-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0574-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0576-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0577-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0578-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0580-SB</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0584-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0586-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-4671</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-8440-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-8441-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-8447-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-8449-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-8450-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-8451-ID</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-8455-UF</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-8459-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-8460-BO</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-8461-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-9159-BO</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-9160-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-9162-ID</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0087-ID</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0089-ID</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0090-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0093-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0301-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0302-ID</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0303-SB</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0305-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0306-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0307-DS</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0313-ID</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0314-BO</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0315-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0317-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0319-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0320-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0321-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0322-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0323-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0324-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0325-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0326-DS</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0328-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0329-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0330-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0333-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0334-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0335-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0337-PB</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0338-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0339-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0340-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0341-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0342-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0346-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0347-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0348-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0349-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0350-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0351-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0352-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0353-CE</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0354-MC</predefined-attacks>\r
+ <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0355-MC</predefined-attacks>\r
+ </attacks>\r
+ </match>\r
+ <then>\r
+ <action>\r
+ <no-action/>\r
+ </action>\r
+ <ip-action>\r
+ <ip-notify/>\r
+ <target>source-address</target>\r
+ <log/>\r
+ <log-create/>\r
+ </ip-action>\r
+ <notification>\r
+ <log-attacks>\r
+ <alert/>\r
+ </log-attacks>\r
+ </notification>\r
+ </then>\r
+ </rule>\r
+ <rule>\r
+ <name>DBE-Q-IPS-policy-template-2</name>\r
+ <match>\r
+ <from-zone>any</from-zone>\r
+ <to-zone>any</to-zone>\r
+ <application>default</application>\r
+ <attacks>\r
+ <predefined-attack-groups>[Recommended]Critical - ICMP</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]ICMP - All</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]ICMP - Critical</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]ICMP - Info</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]ICMP - Major</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]ICMP - Minor</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]ICMP - Warning</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Info - ICMP</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Major - ICMP</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Minor - ICMP</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Misc_Critical - ICMP</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Misc_ICMP - All</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Misc_ICMP - Critical</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Misc_ICMP - Info</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Misc_ICMP - Major</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Misc_ICMP - Minor</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Misc_ICMP - Warning</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Misc_Info - ICMP</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Misc_Major - ICMP</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Misc_Minor - ICMP</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Misc_Warning - ICMP</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Response_Critical - ICMP</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Response_ICMP - All</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Response_ICMP - Critical</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Response_ICMP - Info</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Response_ICMP - Major</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Response_ICMP - Minor</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Response_ICMP - Warning</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Response_Info - ICMP</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Response_Major - ICMP</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Response_Minor - ICMP</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Response_Warning - ICMP</predefined-attack-groups>\r
+ <predefined-attack-groups>[Recommended]Warning - ICMP</predefined-attack-groups>\r
+ </attacks>\r
+ </match>\r
+ <then>\r
+ <action>\r
+ <recommended/>\r
+ </action>\r
+ <ip-action>\r
+ <ip-notify/>\r
+ <target>source-address</target>\r
+ </ip-action>\r
+ <notification>\r
+ <log-attacks>\r
+ <alert/>\r
+ </log-attacks>\r
+ </notification>\r
+ </then>\r
+ </rule>\r
+ </rulebase-ips>\r
+ </idp-policy>\r
+ <active-policy>Space-IPS-Policy</active-policy>\r
+ </idp>\r
+ <forwarding-options>\r
+ <family>\r
+ <inet6>\r
+ <mode>flow-based</mode>\r
+ </inet6>\r
+ </family>\r
+ </forwarding-options>\r
+ <screen>\r
+ <ids-option>\r
+ <name>untrust-screen</name>\r
+ <alarm-without-drop/>\r
+ <icmp>\r
+ <ip-sweep>\r
+ <threshold>5000</threshold>\r
+ </ip-sweep>\r
+ <fragment/>\r
+ <large/>\r
+ <ping-death/>\r
+ </icmp>\r
+ <ip>\r
+ <bad-option/>\r
+ <record-route-option/>\r
+ <timestamp-option/>\r
+ <security-option/>\r
+ <stream-option/>\r
+ <spoofing/>\r
+ <source-route-option/>\r
+ <loose-source-route-option/>\r
+ <strict-source-route-option/>\r
+ <unknown-protocol/>\r
+ <tear-drop/>\r
+ </ip>\r
+ <tcp>\r
+ <syn-fin/>\r
+ <fin-no-ack/>\r
+ <tcp-no-flag/>\r
+ <syn-frag/>\r
+ <port-scan>\r
+ <threshold>5000</threshold>\r
+ </port-scan>\r
+ <syn-ack-ack-proxy>\r
+ </syn-ack-ack-proxy>\r
+ <syn-flood>\r
+ <alarm-threshold>1024</alarm-threshold>\r
+ <attack-threshold>200</attack-threshold>\r
+ <source-threshold>1024</source-threshold>\r
+ <destination-threshold>2048</destination-threshold>\r
+ <undocumented><queue-size>2000</queue-size></undocumented>\r
+ <timeout>20</timeout>\r
+ </syn-flood>\r
+ <land/>\r
+ </tcp>\r
+ </ids-option>\r
+ </screen>\r
+ <nat>\r
+ <source>\r
+ <pool>\r
+ <name>sp_dmzpfsnat</name>\r
+ <address>\r
+ <name>10.68.16.13/32</name>\r
+ </address>\r
+ <address>\r
+ <name>10.68.16.14/32</name>\r
+ </address>\r
+ <address>\r
+ <name>10.68.16.15/32</name>\r
+ </address>\r
+ <address>\r
+ <name>10.68.16.16/32</name>\r
+ </address>\r
+ <port>\r
+ <range>\r
+ <low>1024</low>\r
+ <to>\r
+ <high>63486</high>\r
+ </to>\r
+ </range>\r
+ </port>\r
+ <pool-utilization-alarm>\r
+ <raise-threshold>80</raise-threshold>\r
+ <clear-threshold>70</clear-threshold>\r
+ </pool-utilization-alarm>\r
+ </pool>\r
+ <rule-set>\r
+ <name>rs_mis2dmzpfsnat</name>\r
+ <from>\r
+ <zone>sz_dbemis</zone>\r
+ </from>\r
+ <to>\r
+ <zone>trust</zone>\r
+ </to>\r
+ <rule>\r
+ <name>nr_dmzpsnat</name>\r
+ <src-nat-rule-match>\r
+ <destination-address>10.68.16.4/32</destination-address>\r
+ <destination-address>10.68.16.5/32</destination-address>\r
+ </src-nat-rule-match>\r
+ <then>\r
+ <source-nat>\r
+ <pool>\r
+ <pool-name>sp_dmzpfsnat</pool-name>\r
+ </pool>\r
+ </source-nat>\r
+ </then>\r
+ </rule>\r
+ </rule-set>\r
+ </source>\r
+ <destination>\r
+ <pool>\r
+ <name>dp_dmzpf01ap1dnat</name>\r
+ <address>\r
+ <ipaddr>10.68.16.4/32</ipaddr>\r
+ </address>\r
+ </pool>\r
+ <pool>\r
+ <name>dp_dmzpf02ap1dnat</name>\r
+ <address>\r
+ <ipaddr>10.68.16.5/32</ipaddr>\r
+ </address>\r
+ </pool>\r
+ <rule-set>\r
+ <name>rs_mis2dmzpfdnat</name>\r
+ <from>\r
+ <zone>sz_dbemis</zone>\r
+ </from>\r
+ <rule>\r
+ <name>nr_p01ap1dnat</name>\r
+ <dest-nat-rule-match>\r
+ <destination-address>\r
+ <dst-addr>12.102.197.133/32</dst-addr>\r
+ </destination-address>\r
+ </dest-nat-rule-match>\r
+ <then>\r
+ <destination-nat>\r
+ <pool>\r
+ <pool-name>dp_dmzpf01ap1dnat</pool-name>\r
+ </pool>\r
+ </destination-nat>\r
+ </then>\r
+ </rule>\r
+ <rule>\r
+ <name>nr_p02ap1dnat</name>\r
+ <dest-nat-rule-match>\r
+ <destination-address>\r
+ <dst-addr>12.102.197.134/32</dst-addr>\r
+ </destination-address>\r
+ </dest-nat-rule-match>\r
+ <then>\r
+ <destination-nat>\r
+ <pool>\r
+ <pool-name>dp_dmzpf02ap1dnat</pool-name>\r
+ </pool>\r
+ </destination-nat>\r
+ </then>\r
+ </rule>\r
+ </rule-set>\r
+ </destination>\r
+ <proxy-arp>\r
+ <interface>\r
+ <name>reth0.0</name>\r
+ <address>\r
+ <name>12.102.197.133/32</name>\r
+ </address>\r
+ <address>\r
+ <name>12.102.197.134/32</name>\r
+ </address>\r
+ </interface>\r
+ <interface>\r
+ <name>reth1.0</name>\r
+ <address>\r
+ <name>10.68.16.13/32</name>\r
+ </address>\r
+ <address>\r
+ <name>10.68.16.14/32</name>\r
+ </address>\r
+ <address>\r
+ <name>10.68.16.15/32</name>\r
+ </address>\r
+ <address>\r
+ <name>10.68.16.16/32</name>\r
+ </address>\r
+ </interface>\r
+ </proxy-arp>\r
+ </nat>\r
+ <policies>\r
+ <policy>\r
+ <from-zone-name>trust</from-zone-name>\r
+ <to-zone-name>trust</to-zone-name>\r
+ <policy>\r
+ <name>default-permit</name>\r
+ <match>\r
+ <source-address>any</source-address>\r
+ <destination-address>any</destination-address>\r
+ <application>any</application>\r
+ </match>\r
+ <then>\r
+ <permit>\r
+ </permit>\r
+ <log>\r
+ <session-init/>\r
+ <session-close/>\r
+ </log>\r
+ </then>\r
+ </policy>\r
+ </policy>\r
+ <policy>\r
+ <from-zone-name>trust</from-zone-name>\r
+ <to-zone-name>untrust</to-zone-name>\r
+ <policy>\r
+ <name>default-permit</name>\r
+ <match>\r
+ <source-address>any</source-address>\r
+ <destination-address>any</destination-address>\r
+ <application>any</application>\r
+ </match>\r
+ <then>\r
+ <permit>\r
+ </permit>\r
+ <log>\r
+ <session-init/>\r
+ <session-close/>\r
+ </log>\r
+ </then>\r
+ </policy>\r
+ </policy>\r
+ <policy>\r
+ <from-zone-name>sz_dbemis</from-zone-name>\r
+ <to-zone-name>trust</to-zone-name>\r
+ <policy>\r
+ <name>sp_bwxspapi</name>\r
+ <match>\r
+ <source-address>any</source-address>\r
+ <destination-address>as_bwdmzpxspapsrvrs_2</destination-address>\r
+ <application>ps_bwapi_3</application>\r
+ </match>\r
+ <then>\r
+ <permit>\r
+ </permit>\r
+ <log>\r
+ <session-init/>\r
+ <session-close/>\r
+ </log>\r
+ <count>\r
+ </count>\r
+ </then>\r
+ </policy>\r
+ <policy>\r
+ <name>sp_bwpdeny</name>\r
+ <match>\r
+ <source-address>any</source-address>\r
+ <destination-address>any</destination-address>\r
+ <application>any</application>\r
+ </match>\r
+ <then>\r
+ <deny/>\r
+ <log>\r
+ <session-init/>\r
+ </log>\r
+ <count>\r
+ </count>\r
+ </then>\r
+ </policy>\r
+ </policy>\r
+ <policy>\r
+ <from-zone-name>trust</from-zone-name>\r
+ <to-zone-name>sz_dbemis</to-zone-name>\r
+ <policy>\r
+ <name>sp_bwzdeny</name>\r
+ <match>\r
+ <source-address>any</source-address>\r
+ <destination-address>any</destination-address>\r
+ <application>any</application>\r
+ </match>\r
+ <then>\r
+ <deny/>\r
+ <log>\r
+ <session-init/>\r
+ </log>\r
+ <count>\r
+ </count>\r
+ </then>\r
+ </policy>\r
+ </policy>\r
+ <policy>\r
+ <from-zone-name>untrust</from-zone-name>\r
+ <to-zone-name>trust</to-zone-name>\r
+ <policy>\r
+ <name>default-deny</name>\r
+ <match>\r
+ <source-address>any</source-address>\r
+ <destination-address>any</destination-address>\r
+ <application>any</application>\r
+ </match>\r
+ <then>\r
+ <deny/>\r
+ <log>\r
+ <session-init/>\r
+ <session-close/>\r
+ </log>\r
+ </then>\r
+ </policy>\r
+ </policy>\r
+ </policies>\r
+ <zones>\r
+ <security-zone>\r
+ <name>trust</name>\r
+ <tcp-rst/>\r
+ <address-book>\r
+ <address>\r
+ <name>ad_bwxsp02ap1pf</name>\r
+ <ip-prefix>10.68.16.5/32</ip-prefix>\r
+ </address>\r
+ <address>\r
+ <name>ad_bwxsp01ap1pf_1</name>\r
+ <ip-prefix>10.68.16.4/32</ip-prefix>\r
+ </address>\r
+ <address-set>\r
+ <name>as_bwdmzpxspapsrvrs_2</name>\r
+ <address>\r
+ <name>ad_bwxsp01ap1pf_1</name>\r
+ </address>\r
+ <address>\r
+ <name>ad_bwxsp02ap1pf</name>\r
+ </address>\r
+ </address-set>\r
+ </address-book>\r
+ <host-inbound-traffic>\r
+ <system-services>\r
+ <name>all</name>\r
+ </system-services>\r
+ <protocols>\r
+ <name>all</name>\r
+ </protocols>\r
+ </host-inbound-traffic>\r
+ <interfaces>\r
+ <name>reth1.0</name>\r
+ </interfaces>\r
+ </security-zone>\r
+ <security-zone>\r
+ <name>untrust</name>\r
+ <screen>untrust-screen</screen>\r
+ </security-zone>\r
+ <security-zone>\r
+ <name>sz_dbemis</name>\r
+ <screen>untrust-screen</screen>\r
+ <interfaces>\r
+ <name>reth0.0</name>\r
+ </interfaces>\r
+ </security-zone>\r
+ </zones>\r
+ </security>\r
+ <interfaces>\r
+ <interface>\r
+ <name>ge-0/0/1</name>\r
+ <gigether-options>\r
+ <redundant-parent>\r
+ <parent>reth0</parent>\r
+ </redundant-parent>\r
+ </gigether-options>\r
+ </interface>\r
+ <interface>\r
+ <name>ge-0/0/2</name>\r
+ <gigether-options>\r
+ <redundant-parent>\r
+ <parent>reth1</parent>\r
+ </redundant-parent>\r
+ </gigether-options>\r
+ </interface>\r
+ <interface>\r
+ <name>ge-7/0/1</name>\r
+ <gigether-options>\r
+ <redundant-parent>\r
+ <parent>reth0</parent>\r
+ </redundant-parent>\r
+ </gigether-options>\r
+ </interface>\r
+ <interface>\r
+ <name>ge-7/0/2</name>\r
+ <gigether-options>\r
+ <redundant-parent>\r
+ <parent>reth1</parent>\r
+ </redundant-parent>\r
+ </gigether-options>\r
+ </interface>\r
+ <interface>\r
+ <name>fab0</name>\r
+ <fabric-options>\r
+ <member-interfaces>\r
+ <name>ge-0/0/0</name>\r
+ </member-interfaces>\r
+ </fabric-options>\r
+ </interface>\r
+ <interface>\r
+ <name>fab1</name>\r
+ <fabric-options>\r
+ <member-interfaces>\r
+ <name>ge-7/0/0</name>\r
+ </member-interfaces>\r
+ </fabric-options>\r
+ </interface>\r
+ <interface>\r
+ <name>fxp0</name>\r
+ <unit>\r
+ <name>0</name>\r
+ </unit>\r
+ </interface>\r
+ <interface>\r
+ <name>reth0</name>\r
+ <redundant-ether-options>\r
+ <redundancy-group>1</redundancy-group>\r
+ </redundant-ether-options>\r
+ <unit>\r
+ <name>0</name>\r
+ <family>\r
+ <inet>\r
+ <filter>\r
+ <input>\r
+ <filter-name>ff_pdscp</filter-name>\r
+ </input>\r
+ </filter>\r
+ <address>\r
+ <name>12.102.197.132/25</name>\r
+ </address>\r
+ </inet>\r
+ <inet6>\r
+ <filter>\r
+ <input>\r
+ <filter-name>ff_v6pdscp</filter-name>\r
+ </input>\r
+ </filter>\r
+ <address>\r
+ <name>2001:1890:1001:23ed::3:1/64</name>\r
+ </address>\r
+ <address>\r
+ <name>2001:1890:1001:23ed::3:2/64</name>\r
+ </address>\r
+ <address>\r
+ <name>2001:1890:1001:23ed::3:3/64</name>\r
+ </address>\r
+ </inet6>\r
+ </family>\r
+ </unit>\r
+ </interface>\r
+ <interface>\r
+ <name>reth1</name>\r
+ <redundant-ether-options>\r
+ <redundancy-group>1</redundancy-group>\r
+ </redundant-ether-options>\r
+ <unit>\r
+ <name>0</name>\r
+ <family>\r
+ <inet>\r
+ <filter>\r
+ <input>\r
+ <filter-name>ff_pdscp</filter-name>\r
+ </input>\r
+ </filter>\r
+ <address>\r
+ <name>10.68.16.12/22</name>\r
+ </address>\r
+ </inet>\r
+ <inet6>\r
+ <filter>\r
+ <input>\r
+ <filter-name>ff_v6pdscp</filter-name>\r
+ </input>\r
+ </filter>\r
+ <address>\r
+ <name>2001:1890:1001:23ec::3:1/64</name>\r
+ </address>\r
+ <address>\r
+ <name>2001:1890:1001:23ec::3:2/64</name>\r
+ </address>\r
+ <address>\r
+ <name>2001:1890:1001:23ec::3:3/64</name>\r
+ </address>\r
+ <address>\r
+ <name>2001:1890:1001:23ec::3:4/64</name>\r
+ </address>\r
+ <address>\r
+ <name>2001:1890:1001:23ec::3:5/64</name>\r
+ </address>\r
+ </inet6>\r
+ </family>\r
+ </unit>\r
+ </interface>\r
+ </interfaces>\r
+ <snmp>\r
+ <community>\r
+ <name>vsbk68</name>\r
+ <authorization>read-only</authorization>\r
+ <clients>\r
+ <name>130.6.45.42/32</name>\r
+ </clients>\r
+ <clients>\r
+ <name>130.6.45.41/32</name>\r
+ </clients>\r
+ <clients>\r
+ <name>130.6.44.254/32</name>\r
+ </clients>\r
+ <clients>\r
+ <name>130.6.44.253/32</name>\r
+ </clients>\r
+ <clients>\r
+ <name>135.25.175.114/32</name>\r
+ </clients>\r
+ <clients>\r
+ <name>135.21.235.37/32</name>\r
+ </clients>\r
+ </community>\r
+ <community>\r
+ <name>space15</name>\r
+ <authorization>read-write</authorization>\r
+ <clients>\r
+ <name>135.144.0.60/32</name>\r
+ </clients>\r
+ <clients>\r
+ <name>135.144.0.59/32</name>\r
+ </clients>\r
+ <clients>\r
+ <name>135.144.0.61/32</name>\r
+ </clients>\r
+ </community>\r
+ <trap-group>\r
+ <name>GFP</name>\r
+ <version>v2</version>\r
+ <destination-port>162</destination-port>\r
+ <targets>\r
+ <name>135.89.33.175</name>\r
+ </targets>\r
+ <targets>\r
+ <name>199.37.245.24</name>\r
+ </targets>\r
+ </trap-group>\r
+ <trap-group>\r
+ <name>space</name>\r
+ <targets>\r
+ <name>135.144.0.60</name>\r
+ </targets>\r
+ </trap-group>\r
+ <health-monitor>\r
+ <idp>\r
+ </idp>\r
+ </health-monitor>\r
+ </snmp>\r
+ <routing-options>\r
+ <interface-routes>\r
+ <rib-group>\r
+ <inet>rg_mis2dmzp</inet>\r
+ <inet6>rg_v6mis2dmzp</inet6>\r
+ </rib-group>\r
+ </interface-routes>\r
+ <static>\r
+ <route>\r
+ <name>0.0.0.0/0</name>\r
+ <next-hop>135.69.228.1</next-hop>\r
+ </route>\r
+ </static>\r
+ <rib-groups>\r
+ <name>rg_mis2dmzp</name>\r
+ <import-rib>vrf-untrust.inet.0</import-rib>\r
+ <import-rib>inet.0</import-rib>\r
+ </rib-groups>\r
+ <rib-groups>\r
+ <name>rg_v6mis2dmzp</name>\r
+ <import-rib>vrf-untrust.inet6.0</import-rib>\r
+ <import-rib>inet6.0</import-rib>\r
+ </rib-groups>\r
+ </routing-options>\r
+ <class-of-service>\r
+ <interfaces>\r
+ <interface>\r
+ <name>reth0</name>\r
+ <unit>\r
+ <name>0</name>\r
+ <rewrite-rules>\r
+ <dscp>\r
+ <name>cr_pdscpaf</name>\r
+ </dscp>\r
+ <dscp-ipv6>\r
+ <name>cr_v6pdscpaf</name>\r
+ </dscp-ipv6>\r
+ </rewrite-rules>\r
+ </unit>\r
+ </interface>\r
+ <interface>\r
+ <name>reth1</name>\r
+ <unit>\r
+ <name>0</name>\r
+ <rewrite-rules>\r
+ <dscp>\r
+ <name>cr_pdscpaf</name>\r
+ </dscp>\r
+ <dscp-ipv6>\r
+ <name>cr_v6pdscpaf</name>\r
+ </dscp-ipv6>\r
+ </rewrite-rules>\r
+ </unit>\r
+ </interface>\r
+ </interfaces>\r
+ <rewrite-rules>\r
+ <dscp>\r
+ <name>cr_pdscpaf</name>\r
+ <forwarding-class>\r
+ <name>assured-forwarding</name>\r
+ <loss-priority>\r
+ <name>low</name>\r
+ <code-point>011010</code-point>\r
+ </loss-priority>\r
+ </forwarding-class>\r
+ </dscp>\r
+ <dscp-ipv6>\r
+ <name>cr_v6pdscpaf</name>\r
+ <forwarding-class>\r
+ <name>assured-forwarding</name>\r
+ <loss-priority>\r
+ <name>low</name>\r
+ <code-point>011010</code-point>\r
+ </loss-priority>\r
+ </forwarding-class>\r
+ </dscp-ipv6>\r
+ </rewrite-rules>\r
+ </class-of-service>\r
+ <firewall>\r
+ <family>\r
+ <inet>\r
+ <filter>\r
+ <name>ff_pdscp</name>\r
+ <term>\r
+ <name>fr_pdscp</name>\r
+ <from>\r
+ <interface>\r
+ <name>reth0</name>\r
+ </interface>\r
+ <interface>\r
+ <name>reth1</name>\r
+ </interface>\r
+ </from>\r
+ <then>\r
+ <forwarding-class>assured-forwarding</forwarding-class>\r
+ <accept/>\r
+ </then>\r
+ </term>\r
+ </filter>\r
+ </inet>\r
+ <inet6>\r
+ <filter>\r
+ <name>ff_v6pdscp</name>\r
+ <term>\r
+ <name>fr_v6pdscp</name>\r
+ <from>\r
+ <interface>\r
+ <name>reth0</name>\r
+ </interface>\r
+ <interface>\r
+ <name>reth1</name>\r
+ </interface>\r
+ </from>\r
+ <then>\r
+ <forwarding-class>assured-forwarding</forwarding-class>\r
+ <accept/>\r
+ </then>\r
+ </term>\r
+ </filter>\r
+ </inet6>\r
+ </family>\r
+ </firewall>\r
+ <routing-instances>\r
+ <instance>\r
+ <name>vrf-untrust</name>\r
+ <instance-type>virtual-router</instance-type>\r
+ <interface>\r
+ <name>reth0.0</name>\r
+ </interface>\r
+ <routing-options>\r
+ <interface-routes>\r
+ <rib-group>\r
+ <inet>rg_mis2dmzp</inet>\r
+ <inet6>rg_v6mis2dmzp</inet6>\r
+ </rib-group>\r
+ </interface-routes>\r
+ <rib>\r
+ <name>vrf-untrust.inet6.0</name>\r
+ <static>\r
+ <route>\r
+ <name>0::/0</name>\r
+ <next-hop>2001:1890:1001:23ed::1</next-hop>\r
+ </route>\r
+ </static>\r
+ </rib>\r
+ <static>\r
+ <route>\r
+ <name>0.0.0.0/0</name>\r
+ <next-hop>12.102.197.129</next-hop>\r
+ </route>\r
+ </static>\r
+ </routing-options>\r
+ </instance>\r
+ </routing-instances>\r
+ <applications>\r
+ <application>\r
+ <name>ap_xsi-xml-https</name>\r
+ <protocol>tcp</protocol>\r
+ <destination-port>443</destination-port>\r
+ </application>\r
+ <application-set>\r
+ <name>ps_bwapi_3</name>\r
+ <application>\r
+ <name>ap_xsi-xml-https</name>\r
+ </application>\r
+ </application-set>\r
+ </applications>\r
+ </configuration>
\ No newline at end of file
APPC Logging Guide/APPC Logging Guide
APPC User Guide/APPC User Guide
APPC OAM API Guide/APPC OAM API Guide
+ APPC CDT Guide/APPC CDT Guide
Code Review / appc.git / commitdiff
