3. Create a **parameter definition** file describing instance-specific
parameters in the template.
- - Once you have a template, use the **Synchronize** button to
+ - Once you have a template, use the **Synchronize Template Parameters** button to
automatically create/update a parameter definition file (and a
parameter name-value pair file) based on the template.
4. Create a **parameter name-value pair file** for those parameters.
- - Once you have a template, use the **Synchronize** button to
+ - Once you have a template, use the **Synchronize Template Parameters** button to
automatically create a parameter name-value pair file (and a
parameter definition file) based on the template.
instance-specific data into the user input spreadsheet used at run
time. The parameter name-value file can also be used to automatically
create a template via the **Merge** function as described in step 2.
+
+ - You can also use the **Synchronize With Name Values** button to update the parameter definitions to match an existing parameter name-values pair file.
5. **Test** the template in your test environment using the **TEST** function of APPC CDT
- - Use the **Save to APP-C** button in the CDT GUI to save the
- artifacts for your VNF to APPC.
+ - Use the **Save All to APP-C** button in the CDT GUI to save the
+ artifacts for your VNF to APPC. This makes the current version of artifacts available to both the APPC CDT and APPC Run Time.
- - Prepare a “user input” excel file on your PC and upload it to the
- **TEST** function in the APPC CDT.
+ - Prepare a “user input” excel file on your PC and upload it to the APPC CDT.
- - Use the **TEST** function in the APPC CDT to execute the on-boarded action on the VNF. Verify the VNF works as expected.
+ - **Execute** the onboarded action on the VNF. View test progress and test results. .
- **NOTE** The **TEST** function is currently being developed as part of Beijing release and screen shots in this document are not yet updated to show this new function yet.
-
The screen shots in following sections illustrate how to use the APPC CDT GUI for each step.
Artifacts used for Onboarding:
OpenStack and REST protocols do not use a template or parameter
definitions or name-value pairs.
-Using the APPC Design Tool for VNF Onboarding
-=============================================
+Using the APPC Controller Design Tool for VNF Onboarding
+========================================================
Go to the APPC CDT GUI in the test environment using a Firefox browser.
|image9|
-Enter the VNF Type (and optional VNFC Type) and click next.
+Enter the VNF Type (and optional VNFC Type) and click next. (The optional VNFC check box is explained later)
Alternatively, you can leave the VNF type blank and choose “PROCEED
ANYWAY” if you want to proceed to the Reference Data screen where you
can drag the pop-up windows if you want to see them all at the same
time.
-|image15|
+|
+
+
+
+|
+
+When using the Mozilla Firefox browser, selecting “Download to PC will display a dialog box giving you a choice of opening or saving the files, and an option to “Do this automatically for files like this for now on”. Choosing “save” and checking this option is a convenient way to easily save multiple downloaded artifacts from APP-C to your PC
+
+|image15a|
+
+Note regarding VNFC Type
+~~~~~~~~~~~~~~~~~~~~~~~~
+
+There are a limited number of VNF’s that are identified by both VNF type and VNFC type. When adding a new VNF of this kind to APP-C, enter the VNF type and check the VNFC box in the pop-up window, and choose NEXT.
+
+Alternatively, you can leave the VNF type blank and choose “PROCEED ANYWAY” if you want to proceed to the Reference Data screen where you can populate the VNF reference data by uploading an existing Reference File or by manually entering it.
+
+|image15b|
+
+On the subsequent Reference screen, you must add the VNFC type(s).
+
+|image15c|
+
+Enter the new VNFC type and click ADD to add it to a drop-down list of VNFC types for this VNF. Repeat for each VNFC type you wish to add.
+
+|image15d|
+
+Choose the desired VNFC Type from the drop-down list of VNFC types.
+
+|image15e|
+
+In the VNFC section, you must re-enter the VNFC type to match what you previously selected.
+
+|image15f|
Populate OpenStack actions for a VM
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The Template and Parameter Definition tabs do not apply to OpenStack
commands.
-REFERENCE DATA SCREEN HELP
+**REFERENCE DATA SCREEN HELP**
+--------------------------+------------------------------------------------------------------------------------------------------------------+
| **Field/Object** | **Description** |
This table shows which actions and protocols are currently available for
on-boarding with the Beijing release.
-+----------------------------------------+--------------+---------------+------------+------------+----------------+
-| **Action** | **Netconf/ | **Ansible** | **Chef** | **REST** | **OpenStack |
-| | Restconf** | | | | (VM Level)** |
-+========================================+==============+===============+============+============+================+
-| **AttachVolume** | | | | | YES |
-+----------------------------------------+--------------+---------------+------------+------------+----------------+
-| **Configure** | YES | YES | YES | | |
-+----------------------------------------+--------------+---------------+------------+------------+----------------+
-| **Config Modify** | YES | YES | YES | | |
-+----------------------------------------+--------------+---------------+------------+------------+----------------+
-| **Config Backup** | | YES | YES | | |
-+----------------------------------------+--------------+---------------+------------+------------+----------------+
-| **Config Restore** | | YES | YES | | |
-+----------------------------------------+--------------+---------------+------------+------------+----------------+
-| **ConfigScaleOut** | YES | YES | YES | | |
-+----------------------------------------+--------------+---------------+------------+------------+----------------+
-| **DetachVolume** | | | | | YES |
-+----------------------------------------+--------------+---------------+------------+------------+----------------+
-| **Evacuate** | | | | | YES |
-+----------------------------------------+--------------+---------------+------------+------------+----------------+
-| **GetRunning Config\*** | YES | YES | YES | | |
-+----------------------------------------+--------------+---------------+------------+------------+----------------+
-| **HealthCheck** | | YES | YES | YES | |
-+----------------------------------------+--------------+---------------+------------+------------+----------------+
-| **Migrate** | | | | | YES |
-+----------------------------------------+--------------+---------------+------------+------------+----------------+
-| **QuiesceTraffic** | | YES | YES | | |
-+----------------------------------------+--------------+---------------+------------+------------+----------------+
-| **Rebuild** | | | | | YES |
-+----------------------------------------+--------------+---------------+------------+------------+----------------+
-| **Restart** | | | | | YES |
-+----------------------------------------+--------------+---------------+------------+------------+----------------+
-| **ResumeTraffic** | | YES | YES | | |
-+----------------------------------------+--------------+---------------+------------+------------+----------------+
-| **Snapshot** | | | | | YES |
-+----------------------------------------+--------------+---------------+------------+------------+----------------+
-| **Start** | | | | | YES |
-+----------------------------------------+--------------+---------------+------------+------------+----------------+
-| **Start Application** | | YES | YES | | |
-+----------------------------------------+--------------+---------------+------------+------------+----------------+
-| **Stop** | | | | | YES |
-+----------------------------------------+--------------+---------------+------------+------------+----------------+
-| **Stop Application** | | YES | YES | | |
-+----------------------------------------+--------------+---------------+------------+------------+----------------+
-| **UpgradeBackout** | | YES | YES | | |
-+----------------------------------------+--------------+---------------+------------+------------+----------------+
-| **UpgradeBackup** | | YES | YES | | |
-+----------------------------------------+--------------+---------------+------------+------------+----------------+
-| **UpgradePostCheck** | | YES | YES | | |
-+----------------------------------------+--------------+---------------+------------+------------+----------------+
-| **UpgradePreCheck** | | YES | YES | | |
-+----------------------------------------+--------------+---------------+------------+------------+----------------+
-| **UpgradeSoftware** | | YES | YES | | |
-+----------------------------------------+--------------+---------------+------------+------------+----------------+
++----------------------------------------+---------------+---------------+------------+------------+----------------+---------------+
+| **Action** |**Netconf-XML**| **Ansible** | **Chef** | **REST** | **OpenStack** |**Protocol is**|
+| |**Restconf** | | | | **(VM Level)** |**Not** |
+| | | | | | |**Applicable** |
++========================================+===============+===============+============+============+================+===============+
+| **ActionStatus** | | | | | | NA |
++----------------------------------------+---------------+---------------+------------+------------+----------------+---------------+
+| **AttachVolume** | | | | | YES | |
++----------------------------------------+---------------+---------------+------------+------------+----------------+---------------+
+| **Audit** | YES | YES | YES | YES | | |
++----------------------------------------+---------------+---------------+------------+------------+----------------+---------------+
+| **CheckLock** | | | | | | NA |
++----------------------------------------+---------------+---------------+------------+------------+----------------+---------------+
+| **Configure** | YES | YES | YES | | | |
++----------------------------------------+---------------+---------------+------------+------------+----------------+---------------+
+| **Config Modify** | YES | YES | YES | | | |
++----------------------------------------+---------------+---------------+------------+------------+----------------+---------------+
+| **Config Backup** | | YES | YES | | | |
++----------------------------------------+---------------+---------------+------------+------------+----------------+---------------+
+| **Config Restore** | | YES | YES | | | |
++----------------------------------------+---------------+---------------+------------+------------+----------------+---------------+
+| **ConfigScaleOut** | YES | YES | YES | | | |
++----------------------------------------+---------------+---------------+------------+------------+----------------+---------------+
+| **DetachVolume** | | | | | YES | |
++----------------------------------------+---------------+---------------+------------+------------+----------------+---------------+
+| **Evacuate** | | | | | YES | |
++----------------------------------------+---------------+---------------+------------+------------+----------------+---------------+
+| **HealthCheck** | | YES | YES | YES | | |
++----------------------------------------+---------------+---------------+------------+------------+----------------+---------------+
+| **Lock** | | | | | | NA |
++----------------------------------------+---------------+---------------+------------+------------+----------------+---------------+
+| **Migrate** | | | | | YES | |
++----------------------------------------+---------------+---------------+------------+------------+----------------+---------------+
+| **QuiesceTraffic** | | YES | YES | | | |
++----------------------------------------+---------------+---------------+------------+------------+----------------+---------------+
+| **Rebuild** | | | | | YES | |
++----------------------------------------+---------------+---------------+------------+------------+----------------+---------------+
+| **Restart** | | | | | YES | |
++----------------------------------------+---------------+---------------+------------+------------+----------------+---------------+
+| **ResumeTraffic** | | YES | YES | | | |
++----------------------------------------+---------------+---------------+------------+------------+----------------+---------------+
+| **Snapshot** | | | | | YES | |
++----------------------------------------+---------------+---------------+------------+------------+----------------+---------------+
+| **Start** | | | | | YES | |
++----------------------------------------+---------------+---------------+------------+------------+----------------+---------------+
+| **Start Application** | | YES | YES | | | |
++----------------------------------------+---------------+---------------+------------+------------+----------------+---------------+
+| **Stop** | | | | | YES | |
++----------------------------------------+---------------+---------------+------------+------------+----------------+---------------+
+| **Stop Application** | | YES | YES | | | |
++----------------------------------------+---------------+---------------+------------+------------+----------------+---------------+
+| **Sync** | YES | YES | YES | YES | | |
++----------------------------------------+---------------+---------------+------------+------------+----------------+---------------+
+| **Unlock** | | | | | | NA |
++----------------------------------------+---------------+---------------+------------+------------+----------------+---------------+
+| **UpgradeBackout** | | YES | YES | | | |
++----------------------------------------+---------------+---------------+------------+------------+----------------+---------------+
+| **UpgradeBackup** | | YES | YES | | | |
++----------------------------------------+---------------+---------------+------------+------------+----------------+---------------+
+| **UpgradePostCheck** | | YES | YES | | | |
++----------------------------------------+---------------+---------------+------------+------------+----------------+---------------+
+| **UpgradePreCheck** | | YES | YES | | | |
++----------------------------------------+---------------+---------------+------------+------------+----------------+---------------+
+| **UpgradeSoftware** | | YES | YES | | | |
++----------------------------------------+---------------+---------------+------------+------------+----------------+---------------+
- \* GetRunningConfig is used internally by APP-C and is not callable by clients via the APP-C API.
-
Create a template from a “golden” configuration file
Next, designate instance-specific values as parameters, using this
procedure:
- 1) Highlight the instance-specific value with the cursor
+ 1) Highlight the instance-specific value (such as “node0 ) with the cursor and then type “CTRL” and “4”
|image19|
- 2) Type “CTRL” and “4” to insert a parameter name.
+ 2) Type the name you want to use for this parameter into the pop-up window and click SUBMIT
|image20|
- 3) Type the parameter name in the parentheses
+ 3) The system will display your parameter name after the value you highlighted
|image21|
- 4) Type “CTRL” and “S” to save the parameter.
-
- |image22|
-
-Repeat for each instance-specific value that you wish to turn into a
-parameter.
+ 4) Repeat for each instance-specific value that you wish to turn into a parameter.
*Summary of editing commands:*
- Do not use parameter names which are sub-strings of other parameter
names. For example, don’t use field1 and field12 as parameter names.
+In the template, the first instance of a parameter will be highlighted in green and subsequent instances of the same parameter will be highlighted in orange.
Synchronizing a Template
~~~~~~~~~~~~~~~~~~~~~~~~
-Once you have named all the parameters (this example shows 2
-parameters), click the “SYNCHRONIZE” button to automatically create a
+Once you have named all the parameters (this example shows 3
+parameters), click the “SYNCHRONIZE TEMPLATE PARAMETERS” button to automatically create a
parameter definition file and a parameter name-value file. The next
sections describe these files.
-It may take a few seconds for the system to SYNCHRONIZE; when it is
+It may take a few seconds for the system to synchronize; when it is
complete, you will be taken to the Parameter Definition screen.
Remember to use the SAVE and/or DOWNLOAD buttons on the Reference Data
template by adding or removing parameter names.
To add a new parameter name, follow the steps in the Create a template from a "golden" configuration file section above.
-SYNCHRONIZE to add the new parameter to the name/value and parameter
+SYNCHRONIZE TEMPLATE PARAMETERS to add the new parameter to the name/value and parameter
definition GUI.
To remove an existing parameter name, remove the parameter name (i.e.,
${name}) using the backspace key and replace with the static value. Then
-SYNCHRONIZE to remove the parameter from the name/value and parameter
+SYNCHRONIZE TEMPLATE PARAMETERS to remove the parameter from the name/value and parameter
definition GUI.
+If the available template has parameter names (as opposed to the golden configuration/ base config typically shared by VNF owners), you can upload that template and manually add the braces around the parameter names. Then click on SYNCHRONIZE TEMPLATE PARAMETERS to generate the PD file with source as Manual.
+
Remember to use the SAVE and/or DOWNLOAD buttons on the Reference Data
screen to preserve your work.
Create a parameter definition file describing instance-specific parameters in the template
------------------------------------------------------------------------------------------
-Clicking the “SYNCHRONIZE” button after creating a template will automatically create/update a parameter definition file for
+Clicking the “SYNCHRONIZE TEMPLATE PARAMETERS” button after creating a template will automatically create/update a parameter definition file for
that template (and a parameter name-value file described in the next
section). Alternatively, you can upload an existing parameter definition
file from your PC.
You can view or edit the definition fields for each parameter via the
Parameter Definition screen. Note that any edits to the parameter names
-would be overwritten by a subsequent SYNCHRONIZE with the template.
+would be overwritten by a subsequent SYNCHRONIZE TEMPLATE PARAMETERS.
|image24|
There are three choices for the source:
-1. External Systems (e.g., INSTAR). APPC will automatically obtain parameter values from
+1. **External Systems**. APPC will automatically obtain parameter values from
an external system (typically IP addresses for VNF’s). First, obtain a
“key file” for your VNF. Then use the
“Upload Key File” button on the Parameter Definition screen. APPC
from an external system.
-2. ***A&AI***. APPC will automatically obtain parameter values from
+2. **A&AI**. APPC will automatically obtain parameter values from
A&AI (typically VNF/VNFC/VM identifiers). After selecting “A&AI”,
select a rule type and APPC will automatically populate the key
names and values. For rule types that include a list, populate the
|image26|
-3. ***Manual.*** APPC will use a manually-created excel to populate
+3. **Manual**. APPC will use a manually-created excel to populate
parameter values. Later section describes this User Input Spreadsheet.
Remember to use the SAVE and/or DOWNLOAD buttons on the Reference Data
Create a file containing name-value pairs for parameters
--------------------------------------------------------
-Clicking the “SYNCHRONIZE” button after creating a template (see section
+Clicking the “SYNCHRONIZE TEMPLATE PARAMETERS” button after creating a template (see section
Synchronizing a Template) will automatically create/update a parameter name-value pair file
for that template (and a parameter definition file described in the
previous section).
Option: Using MERGE to automatically create a template from a parameter name-value pair file
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-The APPC Design Tool also provides a way to create a template from an
+APPC CDT also provides a way to create a template from an
existing parameter name-value pair file. This is useful when the
configuration of the VNF has changed. Rather than manually recreating
the template, you can use the MERGE function to automatically add
|image29|
-Next, click “MERGE”. APPC will automatically add parameters to the
-configuration file using the name-value pairs. Wherever APPC finds a
-matching value, it will add the corresponding parameter name.
+Next, click “MERGE FROM PARAM”. APPC will automatically associate the parameter values in the uploaded configuration with parameter names from the parameter name/value. If duplicate parameter values are found in the configuration, APP-C will highlight the duplicate value & name in orange and let the user edit the parameter name. When the duplicate parameter name has been successfully replaced with a unique name, the highlight will change from orange to green..
-After using the MERGE button to create a template, you can use the
-SYNCHRONIZE button to create/update the parameter definition file and
+After using the MERGE FROM PARAM button to create a template, you can use the
+SYNCHRONIZE TEMPLATE PARAMETERS button to create/update the parameter definition file and
name-value files.
Remember to use the SAVE and/or DOWNLOAD buttons on the Reference Data
|image30|
+
+Option: Synchronize with Name/Values
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+There may be a scenario where you have created or uploaded a template, and SYNCHONIZED TEMPLATE PARAMETERS, and then you want to remove some name-value pairs. APPC provides a SYNCHRONIZE WITH NAME VALUES button that will automatically synchronize the parameter definitions with your updated name value pairs.
+
+
+ - Step 1: Create or upload template
+
+ - Step 2: SYNCHRONIZE TEMPLATE PARAMETERS. (APPC will update Parameter Definition file and Name-Value Pair file to match Template.)
+
+ - Step 3: Manually edit Name-Value Pair file (or upload a changed Name-Value Pair file)
+
+ - Step 4: SYNCHRONIZE WITH NAME VALUES. (see screen shot below)(APPC will update Parameter Definition file to match Name-Value Pair file.)
+
+ - Step 5: Examine Parameter Definitions to confirm they now match updated Name-Value Pair file.
+
+
+|image30a|
+
+
Test the template in a lab using APPC CDT Test Function
-=======================================================================
+=======================================================
+
+The APPC CDT **TEST** action is used to initiate configuration
+and other lifecycle commands
+
+**Prerequisites:**
+ - A. Testing requires an instance of the target VNF to be reachable from your test environment.
+ - B. You have created the on-boarding artifacts (e.g., reference file, template, etc) for the target VNF type and action in CDT and saved them to APPC.
+ - C. You have created a user input spreadsheet for the VNF and action you wish to test.
+
+**Steps to Test a template:**
+ - 1. Choose the TEST function on the APPC CDT home page
+ - 2. Upload the user input spreadsheet
+ - 3. Click on EXECUTE TEST
+ - 4. View test progress; poll for test status if necessary.
+ - 5. View Test Results
+
User Input Spreadsheet
----------------------
The following steps are used to prepare a user input spreadsheet for the
VNF instance and action to be tested.
-1. Start with this generic 1802 user input excel spreadsheet.
+1. Start with this generic user input excel spreadsheet.
:download:`Generic 1802 User Input Spreadsheet v.02.xlsx` (compatible with excel 2013)
-2. Update the user-input sections of the spreadsheet.
+ Update the user-input sections of the spreadsheet.
- a) Upload Data tab: choose action, populate VNF-ID
+ - a) Upload Data tab: choose action, populate VNF-ID
- b) >Action< tab: Select the tab for the action being tested. Choose a
- protocol and enter required action identifiers & request parameter
- values. Enter any payload parameter names and values required for
- this associated template. (copy/paste from a name-value pair file or
- other source).
+ - b) >Action< tab: Select the tab for the action being tested. Choose a protocol and enter required action identifiers & request parameter values. Enter any payload parameter names and values required for this associated template. (copy/paste from a name-value pair file or other source).
- The screen shots on the following pages show the user input sections
- highlighted in yellow.
+ The screen shots on the following pages show the user input sections highlighted in yellow.
-1. Save the spreadsheet with a name for your VNF instance and action.
+2. Save the spreadsheet with a name for your VNF instance and action.
“Upload Data” tab – Select action to be tested and populate any action
identifiers such as vnf-id.
|image32|
-Using APPC CDT TEST action to test a VNF configuration template
------------------------------------------------------------------
-
-The APPC CDT **TEST** action is used to initiate configuration
-and other lifecycle commands.
-
-**Prerequisites**
- - Testing requires an instance of the target VNF to be reachable from your test environment.
- - You have created the on-boarding artifacts (e.g., reference file, template, etc) for the target VNF type and action in CDT and saved them to APPC.
- - You have created a user input spreadsheet for the VNF and action you wish to test.
+Using APPC CDT TEST Function
+----------------------------
**Steps to use the “TEST” function of the APPC Design Tool**
vnf-type using the CDT tool and the Reference Data artifact is loaded to
APPC, an update is made to the APPC run-time southbound properties
file for the vnf-type. The southbound properties are needed for
-connecting to a VNF instance or Ansible server. The southbound
+connecting to a VNF instance or Ansible server. The southbound
properties contain the following information:
``{vnf\_type}.{protocol}.{action}.user = {value}``
``{vnf\_type}.{protocol}.{action}.url = {value}``
The user, port, and url values are contained in the Reference Data
-artifact, if populated by the self-service user. The password value is
-updated by T2 production support using a GUI tool provided. <TO DO: CHECK ON THIS>
+artifact, if populated by the self-service user.
-The current process which creates the southbound properties from the
-Reference Data only updates the southbound properties file only a single
-node in the APPC cluster.
+The current process that creates the southbound properties from the Reference Data only updates the southbound properties file on a single APPC node in the ODL cluster..
APP-C Design Tool - File Descriptions
=====================================
-+--------------------------------------------------------------------------------------------------------------------------------------+-------------------+------------------------------------------------------+
-| **File Description** | **File Format** | **File name / example** |
-+======================================================================================================================================+===================+======================================================+
-| | | |
-| **Pre-template Config file** –contains a ‘golden’ or working configuration (for Netconf) or JSON data block (for Chef or Ansible). | XML, JSON | :download:`simple xml config.txt` |
-| | | |
-+--------------------------------------------------------------------------------------------------------------------------------------+-------------------+------------------------------------------------------+
-| | | |
-| **Reference file** [5]_– describes a VNF in terms of its subtending VM’s and VNFC’s and the actions/protocols being onboarded. | XML, JSON | :download:`reference_AllAction_vPQR_0.0.1V.json` |
-| | | |
-+--------------------------------------------------------------------------------------------------------------------------------------+-------------------+------------------------------------------------------+
-| | | |
-| **Template file** – a configuration file with parameters for instance-specific fields. | XML | :download:`template_Configure_vABC_0.0.1.txt` |
-| | | |
-+--------------------------------------------------------------------------------------------------------------------------------------+-------------------+------------------------------------------------------+
-| | | |
-| **Parameter Definition file** (aka pd\_Configure) contains **parameter definitions** associated with a template. | YAML | :download:`pd_Configure_vABC_0.0.1V.yaml.txt` |
-| | | |
-+--------------------------------------------------------------------------------------------------------------------------------------+-------------------+------------------------------------------------------+
-| | | |
-| **Name-Value file** (aka param\_Configure) contains name-value pairs for parameters associated with a template. | JSON | :download:`param_Configure_vABC_0.0.1V.txt` |
-| | | |
-+--------------------------------------------------------------------------------------------------------------------------------------+-------------------+------------------------------------------------------+
-| | | |
-| **Key data file** – contains external system data to populate a PD configure file. | TXT | <TO DO: Need sample file> |
-| | | |
-+--------------------------------------------------------------------------------------------------------------------------------------+-------------------+------------------------------------------------------+
-
-Note: Do not alter file names because APPC CDT requires a specific file naming format. Note that for yaml files, Sphinx is not able to handle correctly, so we had to add .txt to allow the download. Please remember to remove .txt from pd_Configure_vABC_0.0.1V.yaml.txt when you download it.
++--------------------------------------------------------------------------------------------------------------------------------------+-------------------+
+| **File Description** | **File Format** |
++======================================================================================================================================+===================+
+| | |
+| **Pre-template Config file** –contains a ‘golden’ or working configuration (for Netconf) or JSON data block (for Chef or Ansible). | XML, JSON |
+| | |
++--------------------------------------------------------------------------------------------------------------------------------------+-------------------+
+| | |
+| **Reference file** – describes a VNF in terms of its subtending VM’s and VNFC’s and the actions/protocols being onboarded. | XML, JSON |
+| | |
++--------------------------------------------------------------------------------------------------------------------------------------+-------------------+
+| | |
+| **Template file** – a configuration file with parameters for instance-specific fields. | XML |
+| | |
++--------------------------------------------------------------------------------------------------------------------------------------+-------------------+
+| | |
+| **Parameter Definition file** (aka pd\_Configure) contains **parameter definitions** associated with a template. | YAML |
+| | |
++--------------------------------------------------------------------------------------------------------------------------------------+-------------------+
+| | |
+| **Name-Value file** (aka param\_Configure) contains name-value pairs for parameters associated with a template. | JSON |
+| | |
++--------------------------------------------------------------------------------------------------------------------------------------+-------------------+
+| | |
+| **Key data file** – contains external system data to populate a PD configure file. | TXT |
+| | |
++--------------------------------------------------------------------------------------------------------------------------------------+-------------------+
+
+
.. |image0| image:: media/image0.png
:width: 7.88889in
.. |image15| image:: media/image15.png
:width: 9.05556in
:height: 5.09375in
+.. |image15a| image:: media/image15a.png
+.. |image15b| image:: media/image15b.png
+.. |image15c| image:: media/image15c.png
+.. |image15d| image:: media/image15d.png
+.. |image15e| image:: media/image15e.png
+.. |image15f| image:: media/image15f.png
.. |image16| image:: media/image16.png
:width: 5.79167in
:height: 3.74135in
.. |image21| image:: media/image21.png
:width: 5.32292in
:height: 1.92771in
-.. |image22| image:: media/image22.png
- :width: 5.31153in
- :height: 1.83333in
.. |image23| image:: media/image23.png
:width: 7.54167in
:height: 4.24219in
.. |image30| image:: media/image30.png
:width: 8.07407in
:height: 4.54167in
+.. |image30a| image:: media/image30a.png
.. |image31| image:: media/image31.png
:width: 9.00000in
:height: 5.18958in
+++ /dev/null
-{\r
- "BUrouterIP": "135.69.228.1",\r
- "DestinationSubnet": "0.0.0.0/0"\r
-}
\ No newline at end of file
+++ /dev/null
----\r
-kind: "Property Definition"\r
-version: V1\r
-vnf-parameter-list:\r
-- name: nodename\r
- type: null\r
- description: null\r
- required: null\r
- default: null\r
- source: Manual\r
- rule-type: null\r
- request-keys: null\r
- response-keys: null\r
-- name: BUrouterIP\r
- type: null\r
- description: null\r
- required: null\r
- default: null\r
- source: Manual\r
- rule-type: null\r
- request-keys: null\r
- response-keys: null\r
-- name: DestinationSubnet\r
- type: null\r
- description: null\r
- required: null\r
- default: null\r
- source: Manual\r
- rule-type: null\r
- request-keys: null\r
- response-keys: null\r
+++ /dev/null
-{\r
- "reference_data": [\r
- {\r
- "action": "Configure",\r
- "action-level": "vnf",\r
- "scope": {\r
- "vnf-type": "vPQR",\r
- "vnfc-type": ""\r
- },\r
- "template": "Y",\r
- "vm": [\r
- {\r
- "vm-instance": 1,\r
- "vnfc": [\r
- {\r
- "vnfc-instance": "1",\r
- "vnfc-function-code": "ppp",\r
- "ipaddress-v4-oam-vip": "Y",\r
- "group-notation-type": "first-vnfc-name",\r
- "group-notation-value": "pair",\r
- "vnfc-type": "vPPP"\r
- }\r
- ]\r
- },\r
- {\r
- "vm-instance": 2,\r
- "vnfc": [\r
- {\r
- "vnfc-instance": "1",\r
- "vnfc-function-code": "ppp",\r
- "ipaddress-v4-oam-vip": "Y",\r
- "group-notation-type": "first-vnfc-name",\r
- "group-notation-value": "pair",\r
- "vnfc-type": "vPPP"\r
- }\r
- ]\r
- },\r
- {\r
- "vm-instance": 3,\r
- "vnfc": [\r
- {\r
- "vnfc-instance": "1",\r
- "vnfc-function-code": "rrr",\r
- "ipaddress-v4-oam-vip": "Y",\r
- "group-notation-type": "first-vnfc-name",\r
- "group-notation-value": "pair",\r
- "vnfc-type": "vRRR"\r
- }\r
- ]\r
- },\r
- {\r
- "vm-instance": 4,\r
- "vnfc": [\r
- {\r
- "vnfc-instance": "1",\r
- "vnfc-function-code": "rrr",\r
- "ipaddress-v4-oam-vip": "Y",\r
- "group-notation-type": "first-vnfc-name",\r
- "group-notation-value": "pair",\r
- "vnfc-type": "vRRR"\r
- }\r
- ]\r
- }\r
- ],\r
- "protocol": "NETCONF-XML",\r
- "user-name": "admin",\r
- "port-number": "22",\r
- "artifact-list": [\r
- {\r
- "artifact-name": "template_Configure_vPQR_0.0.1V.xml",\r
- "artifact-type": "config_template"\r
- },\r
- {\r
- "artifact-name": "pd_Configure_vPQR_0.0.1V.yaml",\r
- "artifact-type": "parameter_definitions"\r
- }\r
- ],\r
- "scopeType": "vnf-type",\r
- "device-protocol": "NETCONF-XML"\r
- },\r
- {\r
- "action": "AllAction",\r
- "action-level": "vnf",\r
- "scope": {\r
- "vnf-type": "vPQR",\r
- "vnfc-type": ""\r
- },\r
- "artifact-list": [\r
- {\r
- "artifact-name": "reference_AllAction_vPQR_0.0.1V.json",\r
- "artifact-type": "reference_template"\r
- }\r
- ]\r
- }\r
- ]\r
-}
\ No newline at end of file
+++ /dev/null
-<rpc-reply xmlns:junos="http://xml.juniper.net/junos/15.1X49/junos">\r
- <configuration junos:changed-seconds="1478714723" junos:changed-localtime="2016-11-09 18:05:23 UTC">\r
- <version>15.1X49-D50.3</version>\r
- <groups>\r
- <name>node0</name>\r
- <system>\r
- <host-name>dbqx0001vm001</host-name>\r
- <backup-router>\r
- <address>135.69.228.1</address>\r
- <destination>0.0.0.0/0</destination>\r
- </backup-router>\r
- <services>\r
- <ssh>\r
- <max-sessions-per-connection>32</max-sessions-per-connection>\r
- </ssh>\r
- </services>\r
- <syslog>\r
- <file>\r
- <name>default-log-messages</name>\r
- <contents>\r
- <name>any</name>\r
- <info/>\r
- </contents>\r
- <match>(requested 'commit' operation)|(copying configuration to juniper.save)|(commit complete)|ifAdminStatus|(FRU power)|(FRU removal)|(FRU insertion)|(link UP)|transitioned|Transferred|transfer-file|(license add)|(license delete)|(package -X update)|(package -X delete)|(FRU Online)|(FRU Offline)|(plugged in)|(unplugged)|GRES</match>\r
- <structured-data>\r
- </structured-data>\r
- </file>\r
- </syslog>\r
- </system>\r
- <interfaces>\r
- <interface>\r
- <name>fxp0</name>\r
- <unit>\r
- <name>0</name>\r
- <family>\r
- <inet>\r
- <address>\r
- <name>135.69.228.8/25</name>\r
- </address>\r
- </inet>\r
- </family>\r
- </unit>\r
- </interface>\r
- </interfaces>\r
- </groups>\r
- <groups>\r
- <name>node1</name>\r
- <system>\r
- <host-name>dbqx0001vm002</host-name>\r
- <backup-router>\r
- <address>135.69.228.1</address>\r
- <destination>0.0.0.0/0</destination>\r
- </backup-router>\r
- <services>\r
- <ssh>\r
- <max-sessions-per-connection>32</max-sessions-per-connection>\r
- </ssh>\r
- </services>\r
- <syslog>\r
- <file>\r
- <name>default-log-messages</name>\r
- <contents>\r
- <name>any</name>\r
- <info/>\r
- </contents>\r
- <match>(requested 'commit' operation)|(copying configuration to juniper.save)|(commit complete)|ifAdminStatus|(FRU power)|(FRU removal)|(FRU insertion)|(link UP)|transitioned|Transferred|transfer-file|(license add)|(license delete)|(package -X update)|(package -X delete)|(FRU Online)|(FRU Offline)|(plugged in)|(unplugged)|GRES</match>\r
- <structured-data>\r
- </structured-data>\r
- </file>\r
- </syslog>\r
- </system>\r
- <interfaces>\r
- <interface>\r
- <name>fxp0</name>\r
- <unit>\r
- <name>0</name>\r
- <family>\r
- <inet>\r
- <address>\r
- <name>135.69.228.9/25</name>\r
- </address>\r
- </inet>\r
- </family>\r
- </unit>\r
- </interface>\r
- </interfaces>\r
- </groups>\r
- <apply-groups>groupname</apply-groups>\r
- <system>\r
- <root-authentication>\r
- <encrypted-password>$5$rKyWGmrv$sMeym/XUklUeJX2hKpcp5TzCG5R8jcmJ2901HcNGSeB</encrypted-password>\r
- </root-authentication>\r
- <name-server>\r
- <name>135.188.34.84</name>\r
- </name-server>\r
- <login>\r
- <message>\n\t\tWARNING NOTICE\n\tThis system is restricted solely to AT&T authorized users for\n\tlegitimate business purposes only.The actual or attempted\n\tunauthorized access, use, or modification of this system is\n\tstrictly prohibited by AT&T. Unauthorized users are subject to\n\tCompany disciplinary proceedings and/or criminal and civil\n\tpenalties under state, federal, or other applicable domestic and\n\tforeign laws. The use of this system may be monitored and\n\trecorded for administrative and security reasons. Anyone\n\taccessing this system expressly consents to such monitoring and\n\t is advised that if monitoring reveals possible evidence of\n\tcriminal activity, AT&T may provide the evidence of such\n\tactivity to law enforcement officials. All users must comply\n\twith AT&T company policies regarding the protection of AT&T\n\tinformation assets.\n\n</message>\r
- </login>\r
- <services>\r
- <ssh>\r
- <protocol-version>v2</protocol-version>\r
- </ssh>\r
- <netconf>\r
- <ssh>\r
- </ssh>\r
- </netconf>\r
- </services>\r
- <syslog>\r
- <user>\r
- <name>*</name>\r
- <contents>\r
- <name>any</name>\r
- <emergency/>\r
- </contents>\r
- </user>\r
- <host>\r
- <name>135.144.0.62</name>\r
- <contents>\r
- <name>any</name>\r
- <any/>\r
- </contents>\r
- <structured-data>\r
- </structured-data>\r
- </host>\r
- <file>\r
- <name>messages</name>\r
- <contents>\r
- <name>any</name>\r
- <any/>\r
- </contents>\r
- <contents>\r
- <name>authorization</name>\r
- <info/>\r
- </contents>\r
- </file>\r
- <file>\r
- <name>interactive-commands</name>\r
- <contents>\r
- <name>interactive-commands</name>\r
- <any/>\r
- </contents>\r
- </file>\r
- <file>\r
- <name>session_log</name>\r
- <contents>\r
- <name>any</name>\r
- <info/>\r
- </contents>\r
- <structured-data>\r
- </structured-data>\r
- </file>\r
- <file>\r
- <name>policy_session</name>\r
- <match>RT_FLOW</match>\r
- </file>\r
- </syslog>\r
- <license>\r
- <autoupdate>\r
- <url>\r
- <name>https://ae1.juniper.net/junos/key_retrieval</name>\r
- </url>\r
- </autoupdate>\r
- </license>\r
- <ntp>\r
- <server>\r
- <name>192.20.201.162</name>\r
- </server>\r
- </ntp>\r
- </system>\r
- <chassis>\r
- <cluster>\r
- <control-link-recovery/>\r
- <reth-count>2</reth-count>\r
- <heartbeat-interval>1000</heartbeat-interval>\r
- <heartbeat-threshold>3</heartbeat-threshold>\r
- <redundancy-group>\r
- <name>0</name>\r
- <node>\r
- <name>0</name>\r
- <priority>100</priority>\r
- </node>\r
- <node>\r
- <name>1</name>\r
- <priority>1</priority>\r
- </node>\r
- </redundancy-group>\r
- <redundancy-group>\r
- <name>1</name>\r
- <node>\r
- <name>0</name>\r
- <priority>100</priority>\r
- </node>\r
- <node>\r
- <name>1</name>\r
- <priority>1</priority>\r
- </node>\r
- <interface-monitor>\r
- <name>ge-0/0/1</name>\r
- <weight>255</weight>\r
- </interface-monitor>\r
- <interface-monitor>\r
- <name>ge-7/0/1</name>\r
- <weight>255</weight>\r
- </interface-monitor>\r
- <interface-monitor>\r
- <name>ge-0/0/2</name>\r
- <weight>255</weight>\r
- </interface-monitor>\r
- <interface-monitor>\r
- <name>ge-7/0/2</name>\r
- <weight>255</weight>\r
- </interface-monitor>\r
- <ip-monitoring>\r
- <global-weight>255</global-weight>\r
- <retry-interval>1</retry-interval>\r
- <retry-count>5</retry-count>\r
- <family>\r
- <inet>\r
- <address>\r
- <name>10.68.16.1</name>\r
- <weight>255</weight>\r
- <interface>\r
- <logical-interface-name>reth1.0</logical-interface-name>\r
- <secondary-ip-address>10.68.16.17</secondary-ip-address>\r
- </interface>\r
- </address>\r
- <address>\r
- <name>12.102.197.129</name>\r
- <weight>255</weight>\r
- <interface>\r
- <logical-interface-name>reth0.0</logical-interface-name>\r
- <secondary-ip-address>12.102.197.135</secondary-ip-address>\r
- </interface>\r
- </address>\r
- </inet>\r
- </family>\r
- </ip-monitoring>\r
- </redundancy-group>\r
- </cluster>\r
- </chassis>\r
- <services>\r
- <application-identification>\r
- </application-identification>\r
- </services>\r
- <security>\r
- <idp>\r
- <idp-policy>\r
- <name>Space-IPS-Policy</name>\r
- <rulebase-ips>\r
- <rule>\r
- <name>DBE-Q-IPS-policy-template-1</name>\r
- <match>\r
- <from-zone>any</from-zone>\r
- <to-zone>any</to-zone>\r
- <application>default</application>\r
- <attacks>\r
- <predefined-attacks>APP:ADOBE-COLDFUSION-WEBSOCKET</predefined-attacks>\r
- <predefined-attacks>APP:ADOBE-FLASH-RTMP-RCE</predefined-attacks>\r
- <predefined-attacks>APP:AMANDA:AMANDA-ROOT-OF2</predefined-attacks>\r
- <predefined-attacks>APP:APPLE-MACOSX-ODP-RCE</predefined-attacks>\r
- <predefined-attacks>APP:ASUS-WRT-INFOSVR-COMND-EXEC</predefined-attacks>\r
- <predefined-attacks>APP:CA:ARCSRV:BCK-MESSAGE</predefined-attacks>\r
- <predefined-attacks>APP:CA:ARCSRV:BCKUP-AUTHSRV-DOS</predefined-attacks>\r
- <predefined-attacks>APP:CA:ARCSRV:METHD-EXPOSURE</predefined-attacks>\r
- <predefined-attacks>APP:CA:ARCSRV:RPC-MEMRCORRUPT</predefined-attacks>\r
- <predefined-attacks>APP:CA:ARCSRV:SQLOF-1</predefined-attacks>\r
- <predefined-attacks>APP:CA:ARCSRV:TAPE-ENGNE-DOS</predefined-attacks>\r
- <predefined-attacks>APP:CA:DBA-SVR-POINT</predefined-attacks>\r
- <predefined-attacks>APP:CA:RPC-MSG-BO</predefined-attacks>\r
- <predefined-attacks>APP:CISCO:ASA-IKE-BO</predefined-attacks>\r
- <predefined-attacks>APP:CISCO:CISCO-EPNM-DESERIAL-1</predefined-attacks>\r
- <predefined-attacks>APP:CISCO:VIDEO-SURVEILANCE-XSS</predefined-attacks>\r
- <predefined-attacks>APP:CITRIX:PROVISIONING-OPCODE</predefined-attacks>\r
- <predefined-attacks>APP:CITRIX:STREAMPROCESS-BOF</predefined-attacks>\r
- <predefined-attacks>APP:DIGIUM-ASTERISK-OF</predefined-attacks>\r
- <predefined-attacks>APP:EMC-ALPHASTOR-BOF</predefined-attacks>\r
- <predefined-attacks>APP:EMC-ALPHASTORE-CMDEXEC</predefined-attacks>\r
- <predefined-attacks>APP:EMC-APLHASTORE-FMTSTR</predefined-attacks>\r
- <predefined-attacks>APP:EMC-NETWORKER-NSRD-BO</predefined-attacks>\r
- <predefined-attacks>APP:EMC-NETWORKER-NSRINDEXD-OF</predefined-attacks>\r
- <predefined-attacks>APP:EMC-NSRINDEXD-BO</predefined-attacks>\r
- <predefined-attacks>APP:EMC-REPLICATION-MGR-CMD-EXE</predefined-attacks>\r
- <predefined-attacks>APP:ESIGNAL:OVERFLOW-EXPLOIT</predefined-attacks>\r
- <predefined-attacks>APP:FLEXERA-FLEXNET-BO</predefined-attacks>\r
- <predefined-attacks>APP:FREEBSD-BSPATCH-RCE</predefined-attacks>\r
- <predefined-attacks>APP:HP-DATA-PROTECTOR-OP-DOS</predefined-attacks>\r
- <predefined-attacks>APP:HP-DATA-PRTCTR-EXEC-BAR-CE</predefined-attacks>\r
- <predefined-attacks>APP:HP-DATA-PRTCTR-OP-27</predefined-attacks>\r
- <predefined-attacks>APP:HP-DATA-PRTCTR-OP211-264</predefined-attacks>\r
- <predefined-attacks>APP:HP-DATA-PRTCTR-OP215-263</predefined-attacks>\r
- <predefined-attacks>APP:HP-DATA-PRTCTR-OP227-BO</predefined-attacks>\r
- <predefined-attacks>APP:HP-DATA-PRTCTR-OP234-BO</predefined-attacks>\r
- <predefined-attacks>APP:HP-DATA-PRTCTR-OP235-BO</predefined-attacks>\r
- <predefined-attacks>APP:HP-DATA-PRTCTR-OP259-BO</predefined-attacks>\r
- <predefined-attacks>APP:HP-DATA-PRTCTR-OP260-BO</predefined-attacks>\r
- <predefined-attacks>APP:HP-DATA-PRTCTR-OP28-11</predefined-attacks>\r
- <predefined-attacks>APP:HP-DATA-PRTCTR-OPCODE</predefined-attacks>\r
- <predefined-attacks>APP:HP-DATA-PRTCTR-OPCODES</predefined-attacks>\r
- <predefined-attacks>APP:HP-DATA-PRTCTR-RDS-DOS</predefined-attacks>\r
- <predefined-attacks>APP:HP-LEFTHAND-HYDRA-DIAG-OF</predefined-attacks>\r
- <predefined-attacks>APP:HP-LEFTHAND-HYDRA-PING-OF</predefined-attacks>\r
- <predefined-attacks>APP:HP-LOADRUNNER-BO</predefined-attacks>\r
- <predefined-attacks>APP:HP-LOADRUNNER-RCE</predefined-attacks>\r
- <predefined-attacks>APP:HP-LOADRUNNER-SSL</predefined-attacks>\r
- <predefined-attacks>APP:HP-LOGIN-BOF</predefined-attacks>\r
- <predefined-attacks>APP:HP-MGMT-UAM-BO</predefined-attacks>\r
- <predefined-attacks>APP:HP-NNM-HLEN-BOF</predefined-attacks>\r
- <predefined-attacks>APP:HP-OPENVIEW-DTPRTCTR-BO</predefined-attacks>\r
- <predefined-attacks>APP:HP-OPNVIEWSTORAGE-BOF</predefined-attacks>\r
- <predefined-attacks>APP:HP-OPNVW-STORAGE-DATA-BO</predefined-attacks>\r
- <predefined-attacks>APP:HP-PROCURVE-BYPASS</predefined-attacks>\r
- <predefined-attacks>APP:HP-PROTECTOR-DIR-TRAV</predefined-attacks>\r
- <predefined-attacks>APP:HP-SAN-IQ-CMD-INJ</predefined-attacks>\r
- <predefined-attacks>APP:HP-STORAGEWORKS-OPC22-BO</predefined-attacks>\r
- <predefined-attacks>APP:HP-SYS-IPRANGE-OF</predefined-attacks>\r
- <predefined-attacks>APP:HP-SYS-RCE</predefined-attacks>\r
- <predefined-attacks>APP:HP-VIRTUAL-SAN</predefined-attacks>\r
- <predefined-attacks>APP:HPE-NA-RMI-DESER</predefined-attacks>\r
- <predefined-attacks>APP:HPIM-SOM-EUACCNT-BYPASS</predefined-attacks>\r
- <predefined-attacks>APP:HPLOADRUNNER-XDR-BO</predefined-attacks>\r
- <predefined-attacks>APP:HPOV:CMD-INJ</predefined-attacks>\r
- <predefined-attacks>APP:IBM:DOMINO-BYPASS</predefined-attacks>\r
- <predefined-attacks>APP:IBM:DOMINO-BYPASS-1</predefined-attacks>\r
- <predefined-attacks>APP:IBM:FORMVIEWER-XFDL-BOF</predefined-attacks>\r
- <predefined-attacks>APP:IBM:FXCLI-EXECBO</predefined-attacks>\r
- <predefined-attacks>APP:IBM:LDAP-MODIFYREQUEST-BO</predefined-attacks>\r
- <predefined-attacks>APP:IBM:OPCODE-1330-CMD-INJ</predefined-attacks>\r
- <predefined-attacks>APP:IBM:TIV-OP1329-BOF</predefined-attacks>\r
- <predefined-attacks>APP:IBM:TIV-OP1331-CMDINJ</predefined-attacks>\r
- <predefined-attacks>APP:IBM:TIV-OP1339-CMDINJ</predefined-attacks>\r
- <predefined-attacks>APP:IBM:TIVOLI-FASTBACK-OP-BO</predefined-attacks>\r
- <predefined-attacks>APP:IBM:TIVOLI-OP4115-BO</predefined-attacks>\r
- <predefined-attacks>APP:IBM:TIVOLI-SRV-OP1301</predefined-attacks>\r
- <predefined-attacks>APP:IBM:TIVOLI-SRV-OP1335</predefined-attacks>\r
- <predefined-attacks>APP:IBM:TSM-CVE-2015-0119-BO</predefined-attacks>\r
- <predefined-attacks>APP:IPMI-CIPHER-ZERO</predefined-attacks>\r
- <predefined-attacks>APP:KERBEROS:BLDPRINCIPAL-VA1</predefined-attacks>\r
- <predefined-attacks>APP:KERBEROS:BLDPRINCIPAL-VA2</predefined-attacks>\r
- <predefined-attacks>APP:KERBEROS:CHKSUM-PRIV-ESC</predefined-attacks>\r
- <predefined-attacks>APP:KERBEROS:INV-TOKEN-DOS-TCP</predefined-attacks>\r
- <predefined-attacks>APP:KERBEROS:INV-TOKEN-DOS-UDP</predefined-attacks>\r
- <predefined-attacks>APP:KERBEROS:KRB5-DOS</predefined-attacks>\r
- <predefined-attacks>APP:KERBEROS:MULTI-REALM-DOS</predefined-attacks>\r
- <predefined-attacks>APP:KERBEROS:SPNEGO-5-DOS</predefined-attacks>\r
- <predefined-attacks>APP:KERBEROS:WIN-KERB-FALLBACK</predefined-attacks>\r
- <predefined-attacks>APP:KERBEROS:XREALM-KDC-DOS</predefined-attacks>\r
- <predefined-attacks>APP:MCAFEE-AM-INPUT-SSL</predefined-attacks>\r
- <predefined-attacks>APP:MISC:ACTMQ-SHUTDN-CMD</predefined-attacks>\r
- <predefined-attacks>APP:MISC:ADOBE-RTMP-UAF</predefined-attacks>\r
- <predefined-attacks>APP:MISC:ALIENVALT-BAKUP-COM-RE</predefined-attacks>\r
- <predefined-attacks>APP:MISC:APACHE-QPID-SEQSET-DOS</predefined-attacks>\r
- <predefined-attacks>APP:MISC:APACHE-SVN-IO</predefined-attacks>\r
- <predefined-attacks>APP:MISC:ARCSERVE-BKUP</predefined-attacks>\r
- <predefined-attacks>APP:MISC:BIGANT-DDNF-BO</predefined-attacks>\r
- <predefined-attacks>APP:MISC:CLEARSCADA-OPF-PARSE</predefined-attacks>\r
- <predefined-attacks>APP:MISC:CVE-2014-0549-RTMP-MC</predefined-attacks>\r
- <predefined-attacks>APP:MISC:DIASOFT-EXECCMD-CE</predefined-attacks>\r
- <predefined-attacks>APP:MISC:ENTERASYS-NETSIGHT-BOF</predefined-attacks>\r
- <predefined-attacks>APP:MISC:EZHOMETECH-EZSERVER-BO</predefined-attacks>\r
- <predefined-attacks>APP:MISC:FREEBSD-MBUF-DOS</predefined-attacks>\r
- <predefined-attacks>APP:MISC:GITORIOUS-RCE</predefined-attacks>\r
- <predefined-attacks>APP:MISC:HP-INODE-BO</predefined-attacks>\r
- <predefined-attacks>APP:MISC:HP-OA-HEALTH-BO</predefined-attacks>\r
- <predefined-attacks>APP:MISC:NAGIOS-NRPE-CE</predefined-attacks>\r
- <predefined-attacks>APP:MISC:OBJ-BO</predefined-attacks>\r
- <predefined-attacks>APP:MISC:OBJ-OBJDB-BO</predefined-attacks>\r
- <predefined-attacks>APP:MISC:SAM-ACTQ-MULTI</predefined-attacks>\r
- <predefined-attacks>APP:MISC:SCHNEIDER-INDUSOFT-RCE</predefined-attacks>\r
- <predefined-attacks>APP:MISC:SERCOMM-DEVICE-RCE</predefined-attacks>\r
- <predefined-attacks>APP:MISC:SPREE-SEARCH-CMD-EXE</predefined-attacks>\r
- <predefined-attacks>APP:MISC:WSHARK-ENTTEC-BO</predefined-attacks>\r
- <predefined-attacks>APP:MISC:XEROX-MFP-COMND-EXEC</predefined-attacks>\r
- <predefined-attacks>APP:MISC:ZABBIC-NODE-PROCESS-CE</predefined-attacks>\r
- <predefined-attacks>APP:MISC:ZEND-SERVER-CE</predefined-attacks>\r
- <predefined-attacks>APP:MIT-KERBEROS-5-POLICY-DOS</predefined-attacks>\r
- <predefined-attacks>APP:MS-SNABASE-EXE-DOS</predefined-attacks>\r
- <predefined-attacks>APP:MSDOTNET-CVE-2014-1806</predefined-attacks>\r
- <predefined-attacks>APP:NOVELL:MESSENGER-BOF</predefined-attacks>\r
- <predefined-attacks>APP:NOVELL:MESSENGER-LOGIN</predefined-attacks>\r
- <predefined-attacks>APP:NOVELL:ZENWORKS-DIR-TRAV</predefined-attacks>\r
- <predefined-attacks>APP:NOVELL:ZENWORKS-MGT-UPLOAD</predefined-attacks>\r
- <predefined-attacks>APP:OPENVIEW-STORAGE-BO</predefined-attacks>\r
- <predefined-attacks>APP:ORACLE:WEBLOGIC-FILE-UPLOAD</predefined-attacks>\r
- <predefined-attacks>APP:ORACLE:WEBLOGIC-SRV-RCE</predefined-attacks>\r
- <predefined-attacks>APP:PERSISTENT-COMMAND-EXEC</predefined-attacks>\r
- <predefined-attacks>APP:PROXY:SQUID-SSLBUMP-CERT</predefined-attacks>\r
- <predefined-attacks>APP:QEMU-VNC-SETPIXEL-PTR-DEREF</predefined-attacks>\r
- <predefined-attacks>APP:QUEST-BIG-BRO-FD</predefined-attacks>\r
- <predefined-attacks>APP:RDP-BRUTE-FORCE</predefined-attacks>\r
- <predefined-attacks>APP:REAL:REAL-MPG-WIDTH</predefined-attacks>\r
- <predefined-attacks>APP:REDIS-GETNUM-IO</predefined-attacks>\r
- <predefined-attacks>APP:REMOTE:CVE-2015-2373-RCE</predefined-attacks>\r
- <predefined-attacks>APP:REMOTE:NETTRANSPORT-DM</predefined-attacks>\r
- <predefined-attacks>APP:REMOTE:RDP-HEAP-BO</predefined-attacks>\r
- <predefined-attacks>APP:REMOTE:RDP-MEM-OBJ</predefined-attacks>\r
- <predefined-attacks>APP:SAFENET-VPN-OF</predefined-attacks>\r
- <predefined-attacks>APP:SAP:3DM-FILE-BOF</predefined-attacks>\r
- <predefined-attacks>APP:SAP:3DVIS-FLIC-BO</predefined-attacks>\r
- <predefined-attacks>APP:SAP:INT-GRAPHICS-PARAMS-XSS</predefined-attacks>\r
- <predefined-attacks>APP:SAP:NETWEAVER-BO</predefined-attacks>\r
- <predefined-attacks>APP:SAP:NETWEAVER-DIAGI-DOS</predefined-attacks>\r
- <predefined-attacks>APP:SAP:NETWEAVER-DOS</predefined-attacks>\r
- <predefined-attacks>APP:SAP:NETWEAVER-SOAP-RCE</predefined-attacks>\r
- <predefined-attacks>APP:SNORT:BACKORIFICE-DOS</predefined-attacks>\r
- <predefined-attacks>APP:SQUID-BUMP-DOS</predefined-attacks>\r
- <predefined-attacks>APP:SYMC:ALTIRIS-DS-SQL-INJ</predefined-attacks>\r
- <predefined-attacks>APP:SYMC:ENCRYPTED-CMD-EXEC</predefined-attacks>\r
- <predefined-attacks>APP:TMIC:SP-CREATE-BIND-OF</predefined-attacks>\r
- <predefined-attacks>APP:TMIC:SP-EARTH-AGENT-OF</predefined-attacks>\r
- <predefined-attacks>APP:UPNP:LIBUPNP-DSN-BOF</predefined-attacks>\r
- <predefined-attacks>APP:UPNP:LIBUPNP-ROOT-DSN-BOF</predefined-attacks>\r
- <predefined-attacks>APP:UPNP:LIBUPNP-UUID-BOF</predefined-attacks>\r
- <predefined-attacks>APP:VCENTER-JMX-RCE</predefined-attacks>\r
- <predefined-attacks>APP:VCENTER-JMX-RCE2</predefined-attacks>\r
- <predefined-attacks>APP:VINZANT-ARCHTCTR-AUTHWKNESS</predefined-attacks>\r
- <predefined-attacks>CHAT:IRC:BOTNET:RA1NX-BOT-CE</predefined-attacks>\r
- <predefined-attacks>CHAT:IRC:BOTNET:W3TW0RK-RCE</predefined-attacks>\r
- <predefined-attacks>DB:IBM-SOLIDBD-WHERE-DOS</predefined-attacks>\r
- <predefined-attacks>DB:IBM-SOLIDDB-ROWNUM</predefined-attacks>\r
- <predefined-attacks>DB:MONGODB-NATIVEHELPER-RCE</predefined-attacks>\r
- <predefined-attacks>DB:MYSQL:BENCHMARK-DOS</predefined-attacks>\r
- <predefined-attacks>DB:MYSQL:BRUTE-FORCE</predefined-attacks>\r
- <predefined-attacks>DB:MYSQL:CLIENT-BOF</predefined-attacks>\r
- <predefined-attacks>DB:MYSQL:GRANT-FILE-BO</predefined-attacks>\r
- <predefined-attacks>DB:MYSQL:ORACLE-XPATH-DOS</predefined-attacks>\r
- <predefined-attacks>DB:MYSQL:ROOT-PRIVILEGE</predefined-attacks>\r
- <predefined-attacks>DB:MYSQL:UPDATEXML-DOS</predefined-attacks>\r
- <predefined-attacks>DB:MYSQL:USER-ENUMERATION</predefined-attacks>\r
- <predefined-attacks>DB:MYSQL:WIN-RCE</predefined-attacks>\r
- <predefined-attacks>DB:MYSQL:WINDOWS-REMOTE-ROOT</predefined-attacks>\r
- <predefined-attacks>DB:ORACLE:DBMS:OUTPUT-TO-JAVA</predefined-attacks>\r
- <predefined-attacks>DB:ORACLE:DECLARE-EXEC</predefined-attacks>\r
- <predefined-attacks>DB:ORACLE:EVTDUMP</predefined-attacks>\r
- <predefined-attacks>DB:ORACLE:SYS:LPXFSMSAX-NAME-BO</predefined-attacks>\r
- <predefined-attacks>DB:POSTGRESQL:DBNAME-CLIFLAGINJ</predefined-attacks>\r
- <predefined-attacks>DB:POSTGRESQL:GEO-OPS-PATH-IN</predefined-attacks>\r
- <predefined-attacks>DB:POSTGRESQL:POSTGRE-DBSEC-BP</predefined-attacks>\r
- <predefined-attacks>DDOS:LOIC-WEB</predefined-attacks>\r
- <predefined-attacks>DHCP:SERVER:GNU-BASH-CMD-EXE</predefined-attacks>\r
- <predefined-attacks>DHCP:SERVER:ISC-MAL-CLID</predefined-attacks>\r
- <predefined-attacks>DNS:AUDIT:UNASSIGNED-OPCODE</predefined-attacks>\r
- <predefined-attacks>DNS:AUDIT:Z-RESERVED-OPT</predefined-attacks>\r
- <predefined-attacks>DNS:BIND-DBC-ASSERT-DOS</predefined-attacks>\r
- <predefined-attacks>DNS:EXPLOIT:BIND-KEYPARSE-DOS</predefined-attacks>\r
- <predefined-attacks>DNS:EXPLOIT:CLIBCVE-2015-7547BO</predefined-attacks>\r
- <predefined-attacks>DNS:EXPLOIT:LIBCVE-2015-7547BO2</predefined-attacks>\r
- <predefined-attacks>DNS:GNUTLS-DANE-BOF</predefined-attacks>\r
- <predefined-attacks>DNS:ISC-ASSERTION-DOS</predefined-attacks>\r
- <predefined-attacks>DNS:ISC-BIND-DNSSEC-DOS</predefined-attacks>\r
- <predefined-attacks>DNS:ISC-BIND-DOS</predefined-attacks>\r
- <predefined-attacks>DNS:ISC-BIND-EDNS-OPT-DOS</predefined-attacks>\r
- <predefined-attacks>DNS:ISC-BIND-PACKAGE-DOS</predefined-attacks>\r
- <predefined-attacks>DNS:MS-ISA-CE</predefined-attacks>\r
- <predefined-attacks>DNS:NGINX-RESOLVER-DOS</predefined-attacks>\r
- <predefined-attacks>DNS:OVERFLOW:GNU-C-GLIBC</predefined-attacks>\r
- <predefined-attacks>DNS:OVERFLOW:TFTPD32</predefined-attacks>\r
- <predefined-attacks>DNS:PDNS-AUTHSERV-DOS</predefined-attacks>\r
- <predefined-attacks>DNS:POWERDNS-NAMESRVR-UDP-DOS</predefined-attacks>\r
- <predefined-attacks>DNS:POWERDNS-NAMSRVR-TCP-DOS</predefined-attacks>\r
- <predefined-attacks>DNS:REPERR:NULL-RDATA-LEN</predefined-attacks>\r
- <predefined-attacks>DNS:RRSIG-QUERY</predefined-attacks>\r
- <predefined-attacks>DNS:SQUID-DNS-DOS-1</predefined-attacks>\r
- <predefined-attacks>DNS:TUNNEL:I2P-DNS-QUERY</predefined-attacks>\r
- <predefined-attacks>DNS:TUNNEL:NULL-RECORD</predefined-attacks>\r
- <predefined-attacks>DNS:WORDPRESS-SOAK-SOAK-MALWARE</predefined-attacks>\r
- <predefined-attacks>DOS:DELL-NETVAULT-DOS</predefined-attacks>\r
- <predefined-attacks>DOS:FREEBSD-ROUTED-DAEMON</predefined-attacks>\r
- <predefined-attacks>DOS:SLOWHTTPTEST-TOOL</predefined-attacks>\r
- <predefined-attacks>DOS:WINDOWS:HTTP-SYS</predefined-attacks>\r
- <predefined-attacks>DOS:WINDOWS:ISCSI-TARGET</predefined-attacks>\r
- <predefined-attacks>HTTP:ADOBE-FLASH-PLAYER-BO</predefined-attacks>\r
- <predefined-attacks>HTTP:ADOBE-FLASHPLYR-PRIV-ESC</predefined-attacks>\r
- <predefined-attacks>HTTP:ANGLER-EXPKIT-URI</predefined-attacks>\r
- <predefined-attacks>HTTP:APACHE:APACHE-CHUNKREQ-DOS</predefined-attacks>\r
- <predefined-attacks>HTTP:APACHE:APR-UTIL-LIB-DOS</predefined-attacks>\r
- <predefined-attacks>HTTP:APACHE:COUCHDB-UUID-DOS</predefined-attacks>\r
- <predefined-attacks>HTTP:APACHE:HTTPD-ERROR-400</predefined-attacks>\r
- <predefined-attacks>HTTP:APACHE:HTTPD-MODLOG-COOKIE</predefined-attacks>\r
- <predefined-attacks>HTTP:APACHE:MOD-LOG-CONFIG-DOS</predefined-attacks>\r
- <predefined-attacks>HTTP:APACHE:MOD-REWRITE-CMD-EXE</predefined-attacks>\r
- <predefined-attacks>HTTP:APACHE:REST-RCE</predefined-attacks>\r
- <predefined-attacks>HTTP:APACHE:REV-PROXY-EXPLOIT</predefined-attacks>\r
- <predefined-attacks>HTTP:APACHE:STRUTS-CI-SECBYPASS</predefined-attacks>\r
- <predefined-attacks>HTTP:APACHE:STRUTS-OGNL-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:APACHE:STRUTS-RST-DMI-EXEC</predefined-attacks>\r
- <predefined-attacks>HTTP:APACHE:STRUTS-URL-DOS</predefined-attacks>\r
- <predefined-attacks>HTTP:APACHE:STRUTS-XSLT-FI</predefined-attacks>\r
- <predefined-attacks>HTTP:BACKDOOR-UPATRE-UA</predefined-attacks>\r
- <predefined-attacks>HTTP:C99-SHELL-BACKDOOR</predefined-attacks>\r
- <predefined-attacks>HTTP:CARBERP-BACKDOOR-RCE</predefined-attacks>\r
- <predefined-attacks>HTTP:CGI:BASH-INJECTION-HEADER</predefined-attacks>\r
- <predefined-attacks>HTTP:CGI:MS-OFFICE-URL-BOF</predefined-attacks>\r
- <predefined-attacks>HTTP:CISCO:DOWNLOADSERVLET-FU</predefined-attacks>\r
- <predefined-attacks>HTTP:CLAMAV-ENCRYPT-PDF-MC2</predefined-attacks>\r
- <predefined-attacks>HTTP:CLANSPHERE-COOKIE-LFI</predefined-attacks>\r
- <predefined-attacks>HTTP:DIR:HTTP-ACCEPT-ENCODING</predefined-attacks>\r
- <predefined-attacks>HTTP:DIR:HTTP-ACCEPT-HDR</predefined-attacks>\r
- <predefined-attacks>HTTP:DIR:HTTP-ACCEPT-LANG</predefined-attacks>\r
- <predefined-attacks>HTTP:DIR:HTTP-AUTH-HDR</predefined-attacks>\r
- <predefined-attacks>HTTP:DIR:HTTP-CONT-TYPE</predefined-attacks>\r
- <predefined-attacks>HTTP:DIR:HTTP-CONTENT-MD5</predefined-attacks>\r
- <predefined-attacks>HTTP:DIR:HTTP-HOST-HDR</predefined-attacks>\r
- <predefined-attacks>HTTP:DIR:HTTP-REFERER-HDR</predefined-attacks>\r
- <predefined-attacks>HTTP:DIR:ZIMBRA-SERVER-LDAP</predefined-attacks>\r
- <predefined-attacks>HTTP:DLINK-AUTHENTICATION-BO</predefined-attacks>\r
- <predefined-attacks>HTTP:DOS:APACHE-TOMCAT-CHUNKED2</predefined-attacks>\r
- <predefined-attacks>HTTP:DOS:HAPROXY-REQDENY</predefined-attacks>\r
- <predefined-attacks>HTTP:DOS:MIT-KERBEROS-5-POLICY</predefined-attacks>\r
- <predefined-attacks>HTTP:DOS:PHP-UPLOAD</predefined-attacks>\r
- <predefined-attacks>HTTP:DOS:SCHNEIDER-EXPRT-SCADA</predefined-attacks>\r
- <predefined-attacks>HTTP:DOS:SQUID-HDR-RANGE</predefined-attacks>\r
- <predefined-attacks>HTTP:DRUPAL-CODER-RCE</predefined-attacks>\r
- <predefined-attacks>HTTP:EK-ANGLER-JAVA</predefined-attacks>\r
- <predefined-attacks>HTTP:EXPLOIT:ILLEGAL-HOST-CHAR</predefined-attacks>\r
- <predefined-attacks>HTTP:FORTINET-HELLO-MSG-DOS</predefined-attacks>\r
- <predefined-attacks>HTTP:HTTP-INVALID-PORT-VALUE</predefined-attacks>\r
- <predefined-attacks>HTTP:HTTP_PROXY-ATTACK</predefined-attacks>\r
- <predefined-attacks>HTTP:IIS:ASP-NET-MVC-SEC-BYPASS</predefined-attacks>\r
- <predefined-attacks>HTTP:IIS:ASPX-URL</predefined-attacks>\r
- <predefined-attacks>HTTP:IIS:ASPX-URL-1</predefined-attacks>\r
- <predefined-attacks>HTTP:IIS:ENCODING:SINGLE-DIG-1</predefined-attacks>\r
- <predefined-attacks>HTTP:IIS:ENCODING:SINGLE-DIG-2</predefined-attacks>\r
- <predefined-attacks>HTTP:IIS:IIS-6-7-AUTH-BYPASS</predefined-attacks>\r
- <predefined-attacks>HTTP:IIS:INT-OVERFLOW-DOS</predefined-attacks>\r
- <predefined-attacks>HTTP:IIS:WEB-CONFIG-INFO-LEAK</predefined-attacks>\r
- <predefined-attacks>HTTP:IIS:WEBDAV:WINDOWS-SHELL</predefined-attacks>\r
- <predefined-attacks>HTTP:INFO-LEAK:BOOT-INI</predefined-attacks>\r
- <predefined-attacks>HTTP:INFO-LEAK:BOOT-INI-TCP</predefined-attacks>\r
- <predefined-attacks>HTTP:INVALID:EXPECT</predefined-attacks>\r
- <predefined-attacks>HTTP:JAVA-UPDATE-RCE</predefined-attacks>\r
- <predefined-attacks>HTTP:JENKINS-CI-SERVER-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:LIBGD-GD2GETHEADER-IO</predefined-attacks>\r
- <predefined-attacks>HTTP:LIBGD-HEAP-BO</predefined-attacks>\r
- <predefined-attacks>HTTP:LIBREOFFICE-INTEGR-UNDRFLW</predefined-attacks>\r
- <predefined-attacks>HTTP:MALICIOUS-SESSION-COOKIE</predefined-attacks>\r
- <predefined-attacks>HTTP:MAMBO-MYSQL-INF-DISCLOSURE</predefined-attacks>\r
- <predefined-attacks>HTTP:MANAGENGINE-EVTLG-INF-DISC</predefined-attacks>\r
- <predefined-attacks>HTTP:MAXTHON-HISTORY-XSS</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:AVIRA-MGNT-HEADER-BOF</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:CHASYS-BO</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:COOL-EXKIT-JAR-DL</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:CUTEZIP-BO</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:CVE-2014-6332-RCE</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:DAZ-STUDIO-SCRIPT-RCE</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:ERS-VIEWER-BO</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:GITLIST-URI-REQ-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:GRAPHITE-RCE</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:GSM-SIMEDIT-BO</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:IRFVIEW-JP2-BO</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:JBOSS-SEAM-EL-RCE</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:JOOMLA-UNSER-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:MAPLE-MAPLET-CMD-EXEC</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:MINIUPNPD-SOAP-ACTION</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:MS-FOREFRONT-DOS</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:MS-OWA-URL-REDIR</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:RUBY-RAILS-SECRET-RCE</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:SPLUNK-CUSTOM-APP-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:WESTERN-DIGITAL-LFI</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:WINRAR-FILENM-SPOOF</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:WIRESHARK-LUA-RCE</predefined-attacks>\r
- <predefined-attacks>HTTP:MONKEY-HTTPD-BO</predefined-attacks>\r
- <predefined-attacks>HTTP:MS-VBSCRIPT-UAF-RCE</predefined-attacks>\r
- <predefined-attacks>HTTP:MS-WIN-FOLDER-GUID-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:NAGIOS-CONFMGR-SQLINJ</predefined-attacks>\r
- <predefined-attacks>HTTP:NEUTRINO-EK-SB</predefined-attacks>\r
- <predefined-attacks>HTTP:NGINX-RQST-URI-SECBYPASS</predefined-attacks>\r
- <predefined-attacks>HTTP:NODEJS-DOS</predefined-attacks>\r
- <predefined-attacks>HTTP:NOVELL:GROUPWISE-NETAGT-BO</predefined-attacks>\r
- <predefined-attacks>HTTP:ORACLE:CONF-ACCESS</predefined-attacks>\r
- <predefined-attacks>HTTP:ORACLE:GENERIC-SIGNATUR-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:ORACLE:OUTSIDE-PRDOX-BO2</predefined-attacks>\r
- <predefined-attacks>HTTP:ORACLE:SSO-ACCESS</predefined-attacks>\r
- <predefined-attacks>HTTP:PHP:CDF-INFINITE-LOOP-DOS</predefined-attacks>\r
- <predefined-attacks>HTTP:PHP:CORE-INT-OF-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:PHP:DATEINTERVAL-DOS</predefined-attacks>\r
- <predefined-attacks>HTTP:PHP:EXIF-NULL-PTR-DEREF</predefined-attacks>\r
- <predefined-attacks>HTTP:PHP:INVISION-IPS-COMM</predefined-attacks>\r
- <predefined-attacks>HTTP:PHP:JOOMLA-ADMIN-SCAN</predefined-attacks>\r
- <predefined-attacks>HTTP:PHP:OPENEMR-GLOBALS-AB</predefined-attacks>\r
- <predefined-attacks>HTTP:PHP:PHAR-PARSE-TARFILE-ID</predefined-attacks>\r
- <predefined-attacks>HTTP:PHP:PHPMYADMIN:SETUP-SCAN</predefined-attacks>\r
- <predefined-attacks>HTTP:PHP:PHPSPLOIT-POSTEXP</predefined-attacks>\r
- <predefined-attacks>HTTP:PHP:SPL-OBJECT-UNSERIALIZE</predefined-attacks>\r
- <predefined-attacks>HTTP:PHP:TAR-FILE-PTR</predefined-attacks>\r
- <predefined-attacks>HTTP:PHP:WP-BRUTE-FORCE-LOGIN</predefined-attacks>\r
- <predefined-attacks>HTTP:PHP:WP-INCLUDES-ACCESS</predefined-attacks>\r
- <predefined-attacks>HTTP:PHP:WP-README-SCAN</predefined-attacks>\r
- <predefined-attacks>HTTP:PHP:XAMPP-FILE-WRITE</predefined-attacks>\r
- <predefined-attacks>HTTP:PHP:ZIPARCHIVE-IO</predefined-attacks>\r
- <predefined-attacks>HTTP:PROXY:SQUID-DOS</predefined-attacks>\r
- <predefined-attacks>HTTP:REGIN-CNC-TRAFFIC</predefined-attacks>\r
- <predefined-attacks>HTTP:REQERR:INV-IPV6-HOST-HDR</predefined-attacks>\r
- <predefined-attacks>HTTP:REQERR:NULL-IN-HEADER</predefined-attacks>\r
- <predefined-attacks>HTTP:SOLARWINDS-AUTH-BYPASS</predefined-attacks>\r
- <predefined-attacks>HTTP:SOLARWINDS-POLICYBYPASS</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:ACCEPT-HDR-1</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:ACCEPT-HDR-3</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:ACCEPT-LANG-HDR-1</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:ACCEPT-LANG-HDR-3</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:AND-NUMBER-EQUALS</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:CHAR</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:CHAR-ENCODE</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:COMMENT</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:COMPARISON</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:CONCAT</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:CONT-MD5-HDR-1</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:CONT-MD5-HDR-3</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:CONT-TYPE-HDR-1</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:CONT-TYPE-HDR-3</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:CONVERT</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:CONVERT-INJ-OF</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:HAVIJ-UA</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:HTTP-AUTH-HDR-1</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:HTTP-AUTH-HDR-3</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:HTTP-HOST-HDR-1</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:HTTP-HOST-HDR-3</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:HTTP-REQ-HDR-3</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:INSERT-VALUES</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:INTO-OUTFILE</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:IS_SRVROLEMEMBER</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:MS-SQL-FUNCTIONS</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:MS-SQL-TABLE-NAME</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:MYSQL-TABLE-NAME</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:NULLBYTE-COMMENT</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:PL-SQL</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:PROC-GENERIC</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:REFERER-HDR-1</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:REFERER-HDR-3</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:SLASH-STAR</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:SQLMAP-ACTIVITY</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:SYSOBJECTS</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:UA-HDR-1</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:UA-HDR-3</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:UNION-SELECT</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:USER-ADD</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:VERSION-DETECT</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:WAITFOR-DELAY</predefined-attacks>\r
- <predefined-attacks>HTTP:SQUID-BUMP-DOS</predefined-attacks>\r
- <predefined-attacks>HTTP:STATIC-SERVER-BOF</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ACTIVEX:KVIEW-KCHARTXY</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:2013-5065-PDF</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:ACROFORM-NULL-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CONVFILTER-UAF</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2009-2985-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2009-3791-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2009-3959-OF</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2010-2202-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2013-0622-SB</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2013-3353</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2013-3355-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2013-5324-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2013-5325-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2013-5329-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0511-BO</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0512-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0517-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0521</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0522-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0523-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0524-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0531-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0537-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0538-UF</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0539-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0545-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0547-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0548-PB</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0550-BO</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0553-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0554</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0555-BO</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0559-BO</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0564-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0565-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0567-OF</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0568-SE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0574-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0574-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0576-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0577-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0578-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0580-SB</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0584-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0586-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-4671</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-8440-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-8441-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-8447-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-8449-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-8450-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-8451-ID</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-8455-UF</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-8459-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-8460-BO</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-8461-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-9159-BO</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-9160-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-9162-ID</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0087-ID</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0089-ID</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0090-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0093-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0301-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0302-ID</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0303-SB</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0305-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0306-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0307-DS</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0313-ID</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0314-BO</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0315-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0317-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0319-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0320-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0321-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0322-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0323-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0324-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0325-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0326-DS</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0328-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0329-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0330-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0333-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0334-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0335-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0337-PB</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0338-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0339-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0340-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0341-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0342-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0346-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0347-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0348-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0349-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0350-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0351-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0352-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0353-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0354-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0355-MC</predefined-attacks>\r
- </attacks>\r
- </match>\r
- <then>\r
- <action>\r
- <no-action/>\r
- </action>\r
- <ip-action>\r
- <ip-notify/>\r
- <target>source-address</target>\r
- <log/>\r
- <log-create/>\r
- </ip-action>\r
- <notification>\r
- <log-attacks>\r
- <alert/>\r
- </log-attacks>\r
- </notification>\r
- </then>\r
- </rule>\r
- <rule>\r
- <name>DBE-Q-IPS-policy-template-2</name>\r
- <match>\r
- <from-zone>any</from-zone>\r
- <to-zone>any</to-zone>\r
- <application>default</application>\r
- <attacks>\r
- <predefined-attack-groups>[Recommended]Critical - ICMP</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]ICMP - All</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]ICMP - Critical</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]ICMP - Info</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]ICMP - Major</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]ICMP - Minor</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]ICMP - Warning</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Info - ICMP</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Major - ICMP</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Minor - ICMP</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Misc_Critical - ICMP</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Misc_ICMP - All</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Misc_ICMP - Critical</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Misc_ICMP - Info</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Misc_ICMP - Major</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Misc_ICMP - Minor</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Misc_ICMP - Warning</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Misc_Info - ICMP</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Misc_Major - ICMP</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Misc_Minor - ICMP</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Misc_Warning - ICMP</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Response_Critical - ICMP</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Response_ICMP - All</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Response_ICMP - Critical</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Response_ICMP - Info</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Response_ICMP - Major</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Response_ICMP - Minor</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Response_ICMP - Warning</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Response_Info - ICMP</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Response_Major - ICMP</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Response_Minor - ICMP</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Response_Warning - ICMP</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Warning - ICMP</predefined-attack-groups>\r
- </attacks>\r
- </match>\r
- <then>\r
- <action>\r
- <recommended/>\r
- </action>\r
- <ip-action>\r
- <ip-notify/>\r
- <target>source-address</target>\r
- </ip-action>\r
- <notification>\r
- <log-attacks>\r
- <alert/>\r
- </log-attacks>\r
- </notification>\r
- </then>\r
- </rule>\r
- </rulebase-ips>\r
- </idp-policy>\r
- <active-policy>Space-IPS-Policy</active-policy>\r
- </idp>\r
- <forwarding-options>\r
- <family>\r
- <inet6>\r
- <mode>flow-based</mode>\r
- </inet6>\r
- </family>\r
- </forwarding-options>\r
- <screen>\r
- <ids-option>\r
- <name>untrust-screen</name>\r
- <alarm-without-drop/>\r
- <icmp>\r
- <ip-sweep>\r
- <threshold>5000</threshold>\r
- </ip-sweep>\r
- <fragment/>\r
- <large/>\r
- <ping-death/>\r
- </icmp>\r
- <ip>\r
- <bad-option/>\r
- <record-route-option/>\r
- <timestamp-option/>\r
- <security-option/>\r
- <stream-option/>\r
- <spoofing/>\r
- <source-route-option/>\r
- <loose-source-route-option/>\r
- <strict-source-route-option/>\r
- <unknown-protocol/>\r
- <tear-drop/>\r
- </ip>\r
- <tcp>\r
- <syn-fin/>\r
- <fin-no-ack/>\r
- <tcp-no-flag/>\r
- <syn-frag/>\r
- <port-scan>\r
- <threshold>5000</threshold>\r
- </port-scan>\r
- <syn-ack-ack-proxy>\r
- </syn-ack-ack-proxy>\r
- <syn-flood>\r
- <alarm-threshold>1024</alarm-threshold>\r
- <attack-threshold>200</attack-threshold>\r
- <source-threshold>1024</source-threshold>\r
- <destination-threshold>2048</destination-threshold>\r
- <undocumented><queue-size>2000</queue-size></undocumented>\r
- <timeout>20</timeout>\r
- </syn-flood>\r
- <land/>\r
- </tcp>\r
- </ids-option>\r
- </screen>\r
- <nat>\r
- <source>\r
- <pool>\r
- <name>sp_dmzpfsnat</name>\r
- <address>\r
- <name>10.68.16.13/32</name>\r
- </address>\r
- <address>\r
- <name>10.68.16.14/32</name>\r
- </address>\r
- <address>\r
- <name>10.68.16.15/32</name>\r
- </address>\r
- <address>\r
- <name>10.68.16.16/32</name>\r
- </address>\r
- <port>\r
- <range>\r
- <low>1024</low>\r
- <to>\r
- <high>63486</high>\r
- </to>\r
- </range>\r
- </port>\r
- <pool-utilization-alarm>\r
- <raise-threshold>80</raise-threshold>\r
- <clear-threshold>70</clear-threshold>\r
- </pool-utilization-alarm>\r
- </pool>\r
- <rule-set>\r
- <name>rs_mis2dmzpfsnat</name>\r
- <from>\r
- <zone>sz_dbemis</zone>\r
- </from>\r
- <to>\r
- <zone>trust</zone>\r
- </to>\r
- <rule>\r
- <name>nr_dmzpsnat</name>\r
- <src-nat-rule-match>\r
- <destination-address>10.68.16.4/32</destination-address>\r
- <destination-address>10.68.16.5/32</destination-address>\r
- </src-nat-rule-match>\r
- <then>\r
- <source-nat>\r
- <pool>\r
- <pool-name>sp_dmzpfsnat</pool-name>\r
- </pool>\r
- </source-nat>\r
- </then>\r
- </rule>\r
- </rule-set>\r
- </source>\r
- <destination>\r
- <pool>\r
- <name>dp_dmzpf01ap1dnat</name>\r
- <address>\r
- <ipaddr>10.68.16.4/32</ipaddr>\r
- </address>\r
- </pool>\r
- <pool>\r
- <name>dp_dmzpf02ap1dnat</name>\r
- <address>\r
- <ipaddr>10.68.16.5/32</ipaddr>\r
- </address>\r
- </pool>\r
- <rule-set>\r
- <name>rs_mis2dmzpfdnat</name>\r
- <from>\r
- <zone>sz_dbemis</zone>\r
- </from>\r
- <rule>\r
- <name>nr_p01ap1dnat</name>\r
- <dest-nat-rule-match>\r
- <destination-address>\r
- <dst-addr>12.102.197.133/32</dst-addr>\r
- </destination-address>\r
- </dest-nat-rule-match>\r
- <then>\r
- <destination-nat>\r
- <pool>\r
- <pool-name>dp_dmzpf01ap1dnat</pool-name>\r
- </pool>\r
- </destination-nat>\r
- </then>\r
- </rule>\r
- <rule>\r
- <name>nr_p02ap1dnat</name>\r
- <dest-nat-rule-match>\r
- <destination-address>\r
- <dst-addr>12.102.197.134/32</dst-addr>\r
- </destination-address>\r
- </dest-nat-rule-match>\r
- <then>\r
- <destination-nat>\r
- <pool>\r
- <pool-name>dp_dmzpf02ap1dnat</pool-name>\r
- </pool>\r
- </destination-nat>\r
- </then>\r
- </rule>\r
- </rule-set>\r
- </destination>\r
- <proxy-arp>\r
- <interface>\r
- <name>reth0.0</name>\r
- <address>\r
- <name>12.102.197.133/32</name>\r
- </address>\r
- <address>\r
- <name>12.102.197.134/32</name>\r
- </address>\r
- </interface>\r
- <interface>\r
- <name>reth1.0</name>\r
- <address>\r
- <name>10.68.16.13/32</name>\r
- </address>\r
- <address>\r
- <name>10.68.16.14/32</name>\r
- </address>\r
- <address>\r
- <name>10.68.16.15/32</name>\r
- </address>\r
- <address>\r
- <name>10.68.16.16/32</name>\r
- </address>\r
- </interface>\r
- </proxy-arp>\r
- </nat>\r
- <policies>\r
- <policy>\r
- <from-zone-name>trust</from-zone-name>\r
- <to-zone-name>trust</to-zone-name>\r
- <policy>\r
- <name>default-permit</name>\r
- <match>\r
- <source-address>any</source-address>\r
- <destination-address>any</destination-address>\r
- <application>any</application>\r
- </match>\r
- <then>\r
- <permit>\r
- </permit>\r
- <log>\r
- <session-init/>\r
- <session-close/>\r
- </log>\r
- </then>\r
- </policy>\r
- </policy>\r
- <policy>\r
- <from-zone-name>trust</from-zone-name>\r
- <to-zone-name>untrust</to-zone-name>\r
- <policy>\r
- <name>default-permit</name>\r
- <match>\r
- <source-address>any</source-address>\r
- <destination-address>any</destination-address>\r
- <application>any</application>\r
- </match>\r
- <then>\r
- <permit>\r
- </permit>\r
- <log>\r
- <session-init/>\r
- <session-close/>\r
- </log>\r
- </then>\r
- </policy>\r
- </policy>\r
- <policy>\r
- <from-zone-name>sz_dbemis</from-zone-name>\r
- <to-zone-name>trust</to-zone-name>\r
- <policy>\r
- <name>sp_bwxspapi</name>\r
- <match>\r
- <source-address>any</source-address>\r
- <destination-address>as_bwdmzpxspapsrvrs_2</destination-address>\r
- <application>ps_bwapi_3</application>\r
- </match>\r
- <then>\r
- <permit>\r
- </permit>\r
- <log>\r
- <session-init/>\r
- <session-close/>\r
- </log>\r
- <count>\r
- </count>\r
- </then>\r
- </policy>\r
- <policy>\r
- <name>sp_bwpdeny</name>\r
- <match>\r
- <source-address>any</source-address>\r
- <destination-address>any</destination-address>\r
- <application>any</application>\r
- </match>\r
- <then>\r
- <deny/>\r
- <log>\r
- <session-init/>\r
- </log>\r
- <count>\r
- </count>\r
- </then>\r
- </policy>\r
- </policy>\r
- <policy>\r
- <from-zone-name>trust</from-zone-name>\r
- <to-zone-name>sz_dbemis</to-zone-name>\r
- <policy>\r
- <name>sp_bwzdeny</name>\r
- <match>\r
- <source-address>any</source-address>\r
- <destination-address>any</destination-address>\r
- <application>any</application>\r
- </match>\r
- <then>\r
- <deny/>\r
- <log>\r
- <session-init/>\r
- </log>\r
- <count>\r
- </count>\r
- </then>\r
- </policy>\r
- </policy>\r
- <policy>\r
- <from-zone-name>untrust</from-zone-name>\r
- <to-zone-name>trust</to-zone-name>\r
- <policy>\r
- <name>default-deny</name>\r
- <match>\r
- <source-address>any</source-address>\r
- <destination-address>any</destination-address>\r
- <application>any</application>\r
- </match>\r
- <then>\r
- <deny/>\r
- <log>\r
- <session-init/>\r
- <session-close/>\r
- </log>\r
- </then>\r
- </policy>\r
- </policy>\r
- </policies>\r
- <zones>\r
- <security-zone>\r
- <name>trust</name>\r
- <tcp-rst/>\r
- <address-book>\r
- <address>\r
- <name>ad_bwxsp02ap1pf</name>\r
- <ip-prefix>10.68.16.5/32</ip-prefix>\r
- </address>\r
- <address>\r
- <name>ad_bwxsp01ap1pf_1</name>\r
- <ip-prefix>10.68.16.4/32</ip-prefix>\r
- </address>\r
- <address-set>\r
- <name>as_bwdmzpxspapsrvrs_2</name>\r
- <address>\r
- <name>ad_bwxsp01ap1pf_1</name>\r
- </address>\r
- <address>\r
- <name>ad_bwxsp02ap1pf</name>\r
- </address>\r
- </address-set>\r
- </address-book>\r
- <host-inbound-traffic>\r
- <system-services>\r
- <name>all</name>\r
- </system-services>\r
- <protocols>\r
- <name>all</name>\r
- </protocols>\r
- </host-inbound-traffic>\r
- <interfaces>\r
- <name>reth1.0</name>\r
- </interfaces>\r
- </security-zone>\r
- <security-zone>\r
- <name>untrust</name>\r
- <screen>untrust-screen</screen>\r
- </security-zone>\r
- <security-zone>\r
- <name>sz_dbemis</name>\r
- <screen>untrust-screen</screen>\r
- <interfaces>\r
- <name>reth0.0</name>\r
- </interfaces>\r
- </security-zone>\r
- </zones>\r
- </security>\r
- <interfaces>\r
- <interface>\r
- <name>ge-0/0/1</name>\r
- <gigether-options>\r
- <redundant-parent>\r
- <parent>reth0</parent>\r
- </redundant-parent>\r
- </gigether-options>\r
- </interface>\r
- <interface>\r
- <name>ge-0/0/2</name>\r
- <gigether-options>\r
- <redundant-parent>\r
- <parent>reth1</parent>\r
- </redundant-parent>\r
- </gigether-options>\r
- </interface>\r
- <interface>\r
- <name>ge-7/0/1</name>\r
- <gigether-options>\r
- <redundant-parent>\r
- <parent>reth0</parent>\r
- </redundant-parent>\r
- </gigether-options>\r
- </interface>\r
- <interface>\r
- <name>ge-7/0/2</name>\r
- <gigether-options>\r
- <redundant-parent>\r
- <parent>reth1</parent>\r
- </redundant-parent>\r
- </gigether-options>\r
- </interface>\r
- <interface>\r
- <name>fab0</name>\r
- <fabric-options>\r
- <member-interfaces>\r
- <name>ge-0/0/0</name>\r
- </member-interfaces>\r
- </fabric-options>\r
- </interface>\r
- <interface>\r
- <name>fab1</name>\r
- <fabric-options>\r
- <member-interfaces>\r
- <name>ge-7/0/0</name>\r
- </member-interfaces>\r
- </fabric-options>\r
- </interface>\r
- <interface>\r
- <name>fxp0</name>\r
- <unit>\r
- <name>0</name>\r
- </unit>\r
- </interface>\r
- <interface>\r
- <name>reth0</name>\r
- <redundant-ether-options>\r
- <redundancy-group>1</redundancy-group>\r
- </redundant-ether-options>\r
- <unit>\r
- <name>0</name>\r
- <family>\r
- <inet>\r
- <filter>\r
- <input>\r
- <filter-name>ff_pdscp</filter-name>\r
- </input>\r
- </filter>\r
- <address>\r
- <name>12.102.197.132/25</name>\r
- </address>\r
- </inet>\r
- <inet6>\r
- <filter>\r
- <input>\r
- <filter-name>ff_v6pdscp</filter-name>\r
- </input>\r
- </filter>\r
- <address>\r
- <name>2001:1890:1001:23ed::3:1/64</name>\r
- </address>\r
- <address>\r
- <name>2001:1890:1001:23ed::3:2/64</name>\r
- </address>\r
- <address>\r
- <name>2001:1890:1001:23ed::3:3/64</name>\r
- </address>\r
- </inet6>\r
- </family>\r
- </unit>\r
- </interface>\r
- <interface>\r
- <name>reth1</name>\r
- <redundant-ether-options>\r
- <redundancy-group>1</redundancy-group>\r
- </redundant-ether-options>\r
- <unit>\r
- <name>0</name>\r
- <family>\r
- <inet>\r
- <filter>\r
- <input>\r
- <filter-name>ff_pdscp</filter-name>\r
- </input>\r
- </filter>\r
- <address>\r
- <name>10.68.16.12/22</name>\r
- </address>\r
- </inet>\r
- <inet6>\r
- <filter>\r
- <input>\r
- <filter-name>ff_v6pdscp</filter-name>\r
- </input>\r
- </filter>\r
- <address>\r
- <name>2001:1890:1001:23ec::3:1/64</name>\r
- </address>\r
- <address>\r
- <name>2001:1890:1001:23ec::3:2/64</name>\r
- </address>\r
- <address>\r
- <name>2001:1890:1001:23ec::3:3/64</name>\r
- </address>\r
- <address>\r
- <name>2001:1890:1001:23ec::3:4/64</name>\r
- </address>\r
- <address>\r
- <name>2001:1890:1001:23ec::3:5/64</name>\r
- </address>\r
- </inet6>\r
- </family>\r
- </unit>\r
- </interface>\r
- </interfaces>\r
- <snmp>\r
- <community>\r
- <name>vsbk68</name>\r
- <authorization>read-only</authorization>\r
- <clients>\r
- <name>130.6.45.42/32</name>\r
- </clients>\r
- <clients>\r
- <name>130.6.45.41/32</name>\r
- </clients>\r
- <clients>\r
- <name>130.6.44.254/32</name>\r
- </clients>\r
- <clients>\r
- <name>130.6.44.253/32</name>\r
- </clients>\r
- <clients>\r
- <name>135.25.175.114/32</name>\r
- </clients>\r
- <clients>\r
- <name>135.21.235.37/32</name>\r
- </clients>\r
- </community>\r
- <community>\r
- <name>space15</name>\r
- <authorization>read-write</authorization>\r
- <clients>\r
- <name>135.144.0.60/32</name>\r
- </clients>\r
- <clients>\r
- <name>135.144.0.59/32</name>\r
- </clients>\r
- <clients>\r
- <name>135.144.0.61/32</name>\r
- </clients>\r
- </community>\r
- <trap-group>\r
- <name>GFP</name>\r
- <version>v2</version>\r
- <destination-port>162</destination-port>\r
- <targets>\r
- <name>135.89.33.175</name>\r
- </targets>\r
- <targets>\r
- <name>199.37.245.24</name>\r
- </targets>\r
- </trap-group>\r
- <trap-group>\r
- <name>space</name>\r
- <targets>\r
- <name>135.144.0.60</name>\r
- </targets>\r
- </trap-group>\r
- <health-monitor>\r
- <idp>\r
- </idp>\r
- </health-monitor>\r
- </snmp>\r
- <routing-options>\r
- <interface-routes>\r
- <rib-group>\r
- <inet>rg_mis2dmzp</inet>\r
- <inet6>rg_v6mis2dmzp</inet6>\r
- </rib-group>\r
- </interface-routes>\r
- <static>\r
- <route>\r
- <name>0.0.0.0/0</name>\r
- <next-hop>135.69.228.1</next-hop>\r
- </route>\r
- </static>\r
- <rib-groups>\r
- <name>rg_mis2dmzp</name>\r
- <import-rib>vrf-untrust.inet.0</import-rib>\r
- <import-rib>inet.0</import-rib>\r
- </rib-groups>\r
- <rib-groups>\r
- <name>rg_v6mis2dmzp</name>\r
- <import-rib>vrf-untrust.inet6.0</import-rib>\r
- <import-rib>inet6.0</import-rib>\r
- </rib-groups>\r
- </routing-options>\r
- <class-of-service>\r
- <interfaces>\r
- <interface>\r
- <name>reth0</name>\r
- <unit>\r
- <name>0</name>\r
- <rewrite-rules>\r
- <dscp>\r
- <name>cr_pdscpaf</name>\r
- </dscp>\r
- <dscp-ipv6>\r
- <name>cr_v6pdscpaf</name>\r
- </dscp-ipv6>\r
- </rewrite-rules>\r
- </unit>\r
- </interface>\r
- <interface>\r
- <name>reth1</name>\r
- <unit>\r
- <name>0</name>\r
- <rewrite-rules>\r
- <dscp>\r
- <name>cr_pdscpaf</name>\r
- </dscp>\r
- <dscp-ipv6>\r
- <name>cr_v6pdscpaf</name>\r
- </dscp-ipv6>\r
- </rewrite-rules>\r
- </unit>\r
- </interface>\r
- </interfaces>\r
- <rewrite-rules>\r
- <dscp>\r
- <name>cr_pdscpaf</name>\r
- <forwarding-class>\r
- <name>assured-forwarding</name>\r
- <loss-priority>\r
- <name>low</name>\r
- <code-point>011010</code-point>\r
- </loss-priority>\r
- </forwarding-class>\r
- </dscp>\r
- <dscp-ipv6>\r
- <name>cr_v6pdscpaf</name>\r
- <forwarding-class>\r
- <name>assured-forwarding</name>\r
- <loss-priority>\r
- <name>low</name>\r
- <code-point>011010</code-point>\r
- </loss-priority>\r
- </forwarding-class>\r
- </dscp-ipv6>\r
- </rewrite-rules>\r
- </class-of-service>\r
- <firewall>\r
- <family>\r
- <inet>\r
- <filter>\r
- <name>ff_pdscp</name>\r
- <term>\r
- <name>fr_pdscp</name>\r
- <from>\r
- <interface>\r
- <name>reth0</name>\r
- </interface>\r
- <interface>\r
- <name>reth1</name>\r
- </interface>\r
- </from>\r
- <then>\r
- <forwarding-class>assured-forwarding</forwarding-class>\r
- <accept/>\r
- </then>\r
- </term>\r
- </filter>\r
- </inet>\r
- <inet6>\r
- <filter>\r
- <name>ff_v6pdscp</name>\r
- <term>\r
- <name>fr_v6pdscp</name>\r
- <from>\r
- <interface>\r
- <name>reth0</name>\r
- </interface>\r
- <interface>\r
- <name>reth1</name>\r
- </interface>\r
- </from>\r
- <then>\r
- <forwarding-class>assured-forwarding</forwarding-class>\r
- <accept/>\r
- </then>\r
- </term>\r
- </filter>\r
- </inet6>\r
- </family>\r
- </firewall>\r
- <routing-instances>\r
- <instance>\r
- <name>vrf-untrust</name>\r
- <instance-type>virtual-router</instance-type>\r
- <interface>\r
- <name>reth0.0</name>\r
- </interface>\r
- <routing-options>\r
- <interface-routes>\r
- <rib-group>\r
- <inet>rg_mis2dmzp</inet>\r
- <inet6>rg_v6mis2dmzp</inet6>\r
- </rib-group>\r
- </interface-routes>\r
- <rib>\r
- <name>vrf-untrust.inet6.0</name>\r
- <static>\r
- <route>\r
- <name>0::/0</name>\r
- <next-hop>2001:1890:1001:23ed::1</next-hop>\r
- </route>\r
- </static>\r
- </rib>\r
- <static>\r
- <route>\r
- <name>0.0.0.0/0</name>\r
- <next-hop>12.102.197.129</next-hop>\r
- </route>\r
- </static>\r
- </routing-options>\r
- </instance>\r
- </routing-instances>\r
- <applications>\r
- <application>\r
- <name>ap_xsi-xml-https</name>\r
- <protocol>tcp</protocol>\r
- <destination-port>443</destination-port>\r
- </application>\r
- <application-set>\r
- <name>ps_bwapi_3</name>\r
- <application>\r
- <name>ap_xsi-xml-https</name>\r
- </application>\r
- </application-set>\r
- </applications>\r
- </configuration>
\ No newline at end of file
+++ /dev/null
-<rpc-reply xmlns:junos="http://xml.juniper.net/junos/15.1X49/junos">\r
- <configuration junos:changed-seconds="1478714723" junos:changed-localtime="2016-11-09 18:05:23 UTC">\r
- <version>15.1X49-D50.3</version>\r
- <groups>\r
- <name>${nodename}</name>\r
- <system>\r
- <host-name>dbqx0001vm001</host-name>\r
- <backup-router>\r
- <address>${BUrouterIP}</address>\r
- <destination>${DestinationSubnet}</destination>\r
- </backup-router>\r
- <services>\r
- <ssh>\r
- <max-sessions-per-connection>32</max-sessions-per-connection>\r
- </ssh>\r
- </services>\r
- <syslog>\r
- <file>\r
- <name>default-log-messages</name>\r
- <contents>\r
- <name>any</name>\r
- <info/>\r
- </contents>\r
- <match>(requested 'commit' operation)|(copying configuration to juniper.save)|(commit complete)|ifAdminStatus|(FRU power)|(FRU removal)|(FRU insertion)|(link UP)|transitioned|Transferred|transfer-file|(license add)|(license delete)|(package -X update)|(package -X delete)|(FRU Online)|(FRU Offline)|(plugged in)|(unplugged)|GRES</match>\r
- <structured-data>\r
- </structured-data>\r
- </file>\r
- </syslog>\r
- </system>\r
- <interfaces>\r
- <interface>\r
- <name>fxp0</name>\r
- <unit>\r
- <name>0</name>\r
- <family>\r
- <inet>\r
- <address>\r
- <name>135.69.228.8/25</name>\r
- </address>\r
- </inet>\r
- </family>\r
- </unit>\r
- </interface>\r
- </interfaces>\r
- </groups>\r
- <groups>\r
- <name>node1</name>\r
- <system>\r
- <host-name>dbqx0001vm002</host-name>\r
- <backup-router>\r
- <address>135.69.228.1</address>\r
- <destination>0.0.0.0/0</destination>\r
- </backup-router>\r
- <services>\r
- <ssh>\r
- <max-sessions-per-connection>32</max-sessions-per-connection>\r
- </ssh>\r
- </services>\r
- <syslog>\r
- <file>\r
- <name>default-log-messages</name>\r
- <contents>\r
- <name>any</name>\r
- <info/>\r
- </contents>\r
- <match>(requested 'commit' operation)|(copying configuration to juniper.save)|(commit complete)|ifAdminStatus|(FRU power)|(FRU removal)|(FRU insertion)|(link UP)|transitioned|Transferred|transfer-file|(license add)|(license delete)|(package -X update)|(package -X delete)|(FRU Online)|(FRU Offline)|(plugged in)|(unplugged)|GRES</match>\r
- <structured-data>\r
- </structured-data>\r
- </file>\r
- </syslog>\r
- </system>\r
- <interfaces>\r
- <interface>\r
- <name>fxp0</name>\r
- <unit>\r
- <name>0</name>\r
- <family>\r
- <inet>\r
- <address>\r
- <name>135.69.228.9/25</name>\r
- </address>\r
- </inet>\r
- </family>\r
- </unit>\r
- </interface>\r
- </interfaces>\r
- </groups>\r
- <apply-groups>groupname</apply-groups>\r
- <system>\r
- <root-authentication>\r
- <encrypted-password>$5$rKyWGmrv$sMeym/XUklUeJX2hKpcp5TzCG5R8jcmJ2901HcNGSeB</encrypted-password>\r
- </root-authentication>\r
- <name-server>\r
- <name>135.188.34.84</name>\r
- </name-server>\r
- <login>\r
- <message>\n\t\tWARNING NOTICE\n\tThis system is restricted solely to AT&T authorized users for\n\tlegitimate business purposes only.The actual or attempted\n\tunauthorized access, use, or modification of this system is\n\tstrictly prohibited by AT&T. Unauthorized users are subject to\n\tCompany disciplinary proceedings and/or criminal and civil\n\tpenalties under state, federal, or other applicable domestic and\n\tforeign laws. The use of this system may be monitored and\n\trecorded for administrative and security reasons. Anyone\n\taccessing this system expressly consents to such monitoring and\n\t is advised that if monitoring reveals possible evidence of\n\tcriminal activity, AT&T may provide the evidence of such\n\tactivity to law enforcement officials. All users must comply\n\twith AT&T company policies regarding the protection of AT&T\n\tinformation assets.\n\n</message>\r
- </login>\r
- <services>\r
- <ssh>\r
- <protocol-version>v2</protocol-version>\r
- </ssh>\r
- <netconf>\r
- <ssh>\r
- </ssh>\r
- </netconf>\r
- </services>\r
- <syslog>\r
- <user>\r
- <name>*</name>\r
- <contents>\r
- <name>any</name>\r
- <emergency/>\r
- </contents>\r
- </user>\r
- <host>\r
- <name>135.144.0.62</name>\r
- <contents>\r
- <name>any</name>\r
- <any/>\r
- </contents>\r
- <structured-data>\r
- </structured-data>\r
- </host>\r
- <file>\r
- <name>messages</name>\r
- <contents>\r
- <name>any</name>\r
- <any/>\r
- </contents>\r
- <contents>\r
- <name>authorization</name>\r
- <info/>\r
- </contents>\r
- </file>\r
- <file>\r
- <name>interactive-commands</name>\r
- <contents>\r
- <name>interactive-commands</name>\r
- <any/>\r
- </contents>\r
- </file>\r
- <file>\r
- <name>session_log</name>\r
- <contents>\r
- <name>any</name>\r
- <info/>\r
- </contents>\r
- <structured-data>\r
- </structured-data>\r
- </file>\r
- <file>\r
- <name>policy_session</name>\r
- <match>RT_FLOW</match>\r
- </file>\r
- </syslog>\r
- <license>\r
- <autoupdate>\r
- <url>\r
- <name>https://ae1.juniper.net/junos/key_retrieval</name>\r
- </url>\r
- </autoupdate>\r
- </license>\r
- <ntp>\r
- <server>\r
- <name>192.20.201.162</name>\r
- </server>\r
- </ntp>\r
- </system>\r
- <chassis>\r
- <cluster>\r
- <control-link-recovery/>\r
- <reth-count>2</reth-count>\r
- <heartbeat-interval>1000</heartbeat-interval>\r
- <heartbeat-threshold>3</heartbeat-threshold>\r
- <redundancy-group>\r
- <name>0</name>\r
- <node>\r
- <name>0</name>\r
- <priority>100</priority>\r
- </node>\r
- <node>\r
- <name>1</name>\r
- <priority>1</priority>\r
- </node>\r
- </redundancy-group>\r
- <redundancy-group>\r
- <name>1</name>\r
- <node>\r
- <name>0</name>\r
- <priority>100</priority>\r
- </node>\r
- <node>\r
- <name>1</name>\r
- <priority>1</priority>\r
- </node>\r
- <interface-monitor>\r
- <name>ge-0/0/1</name>\r
- <weight>255</weight>\r
- </interface-monitor>\r
- <interface-monitor>\r
- <name>ge-7/0/1</name>\r
- <weight>255</weight>\r
- </interface-monitor>\r
- <interface-monitor>\r
- <name>ge-0/0/2</name>\r
- <weight>255</weight>\r
- </interface-monitor>\r
- <interface-monitor>\r
- <name>ge-7/0/2</name>\r
- <weight>255</weight>\r
- </interface-monitor>\r
- <ip-monitoring>\r
- <global-weight>255</global-weight>\r
- <retry-interval>1</retry-interval>\r
- <retry-count>5</retry-count>\r
- <family>\r
- <inet>\r
- <address>\r
- <name>10.68.16.1</name>\r
- <weight>255</weight>\r
- <interface>\r
- <logical-interface-name>reth1.0</logical-interface-name>\r
- <secondary-ip-address>10.68.16.17</secondary-ip-address>\r
- </interface>\r
- </address>\r
- <address>\r
- <name>12.102.197.129</name>\r
- <weight>255</weight>\r
- <interface>\r
- <logical-interface-name>reth0.0</logical-interface-name>\r
- <secondary-ip-address>12.102.197.135</secondary-ip-address>\r
- </interface>\r
- </address>\r
- </inet>\r
- </family>\r
- </ip-monitoring>\r
- </redundancy-group>\r
- </cluster>\r
- </chassis>\r
- <services>\r
- <application-identification>\r
- </application-identification>\r
- </services>\r
- <security>\r
- <idp>\r
- <idp-policy>\r
- <name>Space-IPS-Policy</name>\r
- <rulebase-ips>\r
- <rule>\r
- <name>DBE-Q-IPS-policy-template-1</name>\r
- <match>\r
- <from-zone>any</from-zone>\r
- <to-zone>any</to-zone>\r
- <application>default</application>\r
- <attacks>\r
- <predefined-attacks>APP:ADOBE-COLDFUSION-WEBSOCKET</predefined-attacks>\r
- <predefined-attacks>APP:ADOBE-FLASH-RTMP-RCE</predefined-attacks>\r
- <predefined-attacks>APP:AMANDA:AMANDA-ROOT-OF2</predefined-attacks>\r
- <predefined-attacks>APP:APPLE-MACOSX-ODP-RCE</predefined-attacks>\r
- <predefined-attacks>APP:ASUS-WRT-INFOSVR-COMND-EXEC</predefined-attacks>\r
- <predefined-attacks>APP:CA:ARCSRV:BCK-MESSAGE</predefined-attacks>\r
- <predefined-attacks>APP:CA:ARCSRV:BCKUP-AUTHSRV-DOS</predefined-attacks>\r
- <predefined-attacks>APP:CA:ARCSRV:METHD-EXPOSURE</predefined-attacks>\r
- <predefined-attacks>APP:CA:ARCSRV:RPC-MEMRCORRUPT</predefined-attacks>\r
- <predefined-attacks>APP:CA:ARCSRV:SQLOF-1</predefined-attacks>\r
- <predefined-attacks>APP:CA:ARCSRV:TAPE-ENGNE-DOS</predefined-attacks>\r
- <predefined-attacks>APP:CA:DBA-SVR-POINT</predefined-attacks>\r
- <predefined-attacks>APP:CA:RPC-MSG-BO</predefined-attacks>\r
- <predefined-attacks>APP:CISCO:ASA-IKE-BO</predefined-attacks>\r
- <predefined-attacks>APP:CISCO:CISCO-EPNM-DESERIAL-1</predefined-attacks>\r
- <predefined-attacks>APP:CISCO:VIDEO-SURVEILANCE-XSS</predefined-attacks>\r
- <predefined-attacks>APP:CITRIX:PROVISIONING-OPCODE</predefined-attacks>\r
- <predefined-attacks>APP:CITRIX:STREAMPROCESS-BOF</predefined-attacks>\r
- <predefined-attacks>APP:DIGIUM-ASTERISK-OF</predefined-attacks>\r
- <predefined-attacks>APP:EMC-ALPHASTOR-BOF</predefined-attacks>\r
- <predefined-attacks>APP:EMC-ALPHASTORE-CMDEXEC</predefined-attacks>\r
- <predefined-attacks>APP:EMC-APLHASTORE-FMTSTR</predefined-attacks>\r
- <predefined-attacks>APP:EMC-NETWORKER-NSRD-BO</predefined-attacks>\r
- <predefined-attacks>APP:EMC-NETWORKER-NSRINDEXD-OF</predefined-attacks>\r
- <predefined-attacks>APP:EMC-NSRINDEXD-BO</predefined-attacks>\r
- <predefined-attacks>APP:EMC-REPLICATION-MGR-CMD-EXE</predefined-attacks>\r
- <predefined-attacks>APP:ESIGNAL:OVERFLOW-EXPLOIT</predefined-attacks>\r
- <predefined-attacks>APP:FLEXERA-FLEXNET-BO</predefined-attacks>\r
- <predefined-attacks>APP:FREEBSD-BSPATCH-RCE</predefined-attacks>\r
- <predefined-attacks>APP:HP-DATA-PROTECTOR-OP-DOS</predefined-attacks>\r
- <predefined-attacks>APP:HP-DATA-PRTCTR-EXEC-BAR-CE</predefined-attacks>\r
- <predefined-attacks>APP:HP-DATA-PRTCTR-OP-27</predefined-attacks>\r
- <predefined-attacks>APP:HP-DATA-PRTCTR-OP211-264</predefined-attacks>\r
- <predefined-attacks>APP:HP-DATA-PRTCTR-OP215-263</predefined-attacks>\r
- <predefined-attacks>APP:HP-DATA-PRTCTR-OP227-BO</predefined-attacks>\r
- <predefined-attacks>APP:HP-DATA-PRTCTR-OP234-BO</predefined-attacks>\r
- <predefined-attacks>APP:HP-DATA-PRTCTR-OP235-BO</predefined-attacks>\r
- <predefined-attacks>APP:HP-DATA-PRTCTR-OP259-BO</predefined-attacks>\r
- <predefined-attacks>APP:HP-DATA-PRTCTR-OP260-BO</predefined-attacks>\r
- <predefined-attacks>APP:HP-DATA-PRTCTR-OP28-11</predefined-attacks>\r
- <predefined-attacks>APP:HP-DATA-PRTCTR-OPCODE</predefined-attacks>\r
- <predefined-attacks>APP:HP-DATA-PRTCTR-OPCODES</predefined-attacks>\r
- <predefined-attacks>APP:HP-DATA-PRTCTR-RDS-DOS</predefined-attacks>\r
- <predefined-attacks>APP:HP-LEFTHAND-HYDRA-DIAG-OF</predefined-attacks>\r
- <predefined-attacks>APP:HP-LEFTHAND-HYDRA-PING-OF</predefined-attacks>\r
- <predefined-attacks>APP:HP-LOADRUNNER-BO</predefined-attacks>\r
- <predefined-attacks>APP:HP-LOADRUNNER-RCE</predefined-attacks>\r
- <predefined-attacks>APP:HP-LOADRUNNER-SSL</predefined-attacks>\r
- <predefined-attacks>APP:HP-LOGIN-BOF</predefined-attacks>\r
- <predefined-attacks>APP:HP-MGMT-UAM-BO</predefined-attacks>\r
- <predefined-attacks>APP:HP-NNM-HLEN-BOF</predefined-attacks>\r
- <predefined-attacks>APP:HP-OPENVIEW-DTPRTCTR-BO</predefined-attacks>\r
- <predefined-attacks>APP:HP-OPNVIEWSTORAGE-BOF</predefined-attacks>\r
- <predefined-attacks>APP:HP-OPNVW-STORAGE-DATA-BO</predefined-attacks>\r
- <predefined-attacks>APP:HP-PROCURVE-BYPASS</predefined-attacks>\r
- <predefined-attacks>APP:HP-PROTECTOR-DIR-TRAV</predefined-attacks>\r
- <predefined-attacks>APP:HP-SAN-IQ-CMD-INJ</predefined-attacks>\r
- <predefined-attacks>APP:HP-STORAGEWORKS-OPC22-BO</predefined-attacks>\r
- <predefined-attacks>APP:HP-SYS-IPRANGE-OF</predefined-attacks>\r
- <predefined-attacks>APP:HP-SYS-RCE</predefined-attacks>\r
- <predefined-attacks>APP:HP-VIRTUAL-SAN</predefined-attacks>\r
- <predefined-attacks>APP:HPE-NA-RMI-DESER</predefined-attacks>\r
- <predefined-attacks>APP:HPIM-SOM-EUACCNT-BYPASS</predefined-attacks>\r
- <predefined-attacks>APP:HPLOADRUNNER-XDR-BO</predefined-attacks>\r
- <predefined-attacks>APP:HPOV:CMD-INJ</predefined-attacks>\r
- <predefined-attacks>APP:IBM:DOMINO-BYPASS</predefined-attacks>\r
- <predefined-attacks>APP:IBM:DOMINO-BYPASS-1</predefined-attacks>\r
- <predefined-attacks>APP:IBM:FORMVIEWER-XFDL-BOF</predefined-attacks>\r
- <predefined-attacks>APP:IBM:FXCLI-EXECBO</predefined-attacks>\r
- <predefined-attacks>APP:IBM:LDAP-MODIFYREQUEST-BO</predefined-attacks>\r
- <predefined-attacks>APP:IBM:OPCODE-1330-CMD-INJ</predefined-attacks>\r
- <predefined-attacks>APP:IBM:TIV-OP1329-BOF</predefined-attacks>\r
- <predefined-attacks>APP:IBM:TIV-OP1331-CMDINJ</predefined-attacks>\r
- <predefined-attacks>APP:IBM:TIV-OP1339-CMDINJ</predefined-attacks>\r
- <predefined-attacks>APP:IBM:TIVOLI-FASTBACK-OP-BO</predefined-attacks>\r
- <predefined-attacks>APP:IBM:TIVOLI-OP4115-BO</predefined-attacks>\r
- <predefined-attacks>APP:IBM:TIVOLI-SRV-OP1301</predefined-attacks>\r
- <predefined-attacks>APP:IBM:TIVOLI-SRV-OP1335</predefined-attacks>\r
- <predefined-attacks>APP:IBM:TSM-CVE-2015-0119-BO</predefined-attacks>\r
- <predefined-attacks>APP:IPMI-CIPHER-ZERO</predefined-attacks>\r
- <predefined-attacks>APP:KERBEROS:BLDPRINCIPAL-VA1</predefined-attacks>\r
- <predefined-attacks>APP:KERBEROS:BLDPRINCIPAL-VA2</predefined-attacks>\r
- <predefined-attacks>APP:KERBEROS:CHKSUM-PRIV-ESC</predefined-attacks>\r
- <predefined-attacks>APP:KERBEROS:INV-TOKEN-DOS-TCP</predefined-attacks>\r
- <predefined-attacks>APP:KERBEROS:INV-TOKEN-DOS-UDP</predefined-attacks>\r
- <predefined-attacks>APP:KERBEROS:KRB5-DOS</predefined-attacks>\r
- <predefined-attacks>APP:KERBEROS:MULTI-REALM-DOS</predefined-attacks>\r
- <predefined-attacks>APP:KERBEROS:SPNEGO-5-DOS</predefined-attacks>\r
- <predefined-attacks>APP:KERBEROS:WIN-KERB-FALLBACK</predefined-attacks>\r
- <predefined-attacks>APP:KERBEROS:XREALM-KDC-DOS</predefined-attacks>\r
- <predefined-attacks>APP:MCAFEE-AM-INPUT-SSL</predefined-attacks>\r
- <predefined-attacks>APP:MISC:ACTMQ-SHUTDN-CMD</predefined-attacks>\r
- <predefined-attacks>APP:MISC:ADOBE-RTMP-UAF</predefined-attacks>\r
- <predefined-attacks>APP:MISC:ALIENVALT-BAKUP-COM-RE</predefined-attacks>\r
- <predefined-attacks>APP:MISC:APACHE-QPID-SEQSET-DOS</predefined-attacks>\r
- <predefined-attacks>APP:MISC:APACHE-SVN-IO</predefined-attacks>\r
- <predefined-attacks>APP:MISC:ARCSERVE-BKUP</predefined-attacks>\r
- <predefined-attacks>APP:MISC:BIGANT-DDNF-BO</predefined-attacks>\r
- <predefined-attacks>APP:MISC:CLEARSCADA-OPF-PARSE</predefined-attacks>\r
- <predefined-attacks>APP:MISC:CVE-2014-0549-RTMP-MC</predefined-attacks>\r
- <predefined-attacks>APP:MISC:DIASOFT-EXECCMD-CE</predefined-attacks>\r
- <predefined-attacks>APP:MISC:ENTERASYS-NETSIGHT-BOF</predefined-attacks>\r
- <predefined-attacks>APP:MISC:EZHOMETECH-EZSERVER-BO</predefined-attacks>\r
- <predefined-attacks>APP:MISC:FREEBSD-MBUF-DOS</predefined-attacks>\r
- <predefined-attacks>APP:MISC:GITORIOUS-RCE</predefined-attacks>\r
- <predefined-attacks>APP:MISC:HP-INODE-BO</predefined-attacks>\r
- <predefined-attacks>APP:MISC:HP-OA-HEALTH-BO</predefined-attacks>\r
- <predefined-attacks>APP:MISC:NAGIOS-NRPE-CE</predefined-attacks>\r
- <predefined-attacks>APP:MISC:OBJ-BO</predefined-attacks>\r
- <predefined-attacks>APP:MISC:OBJ-OBJDB-BO</predefined-attacks>\r
- <predefined-attacks>APP:MISC:SAM-ACTQ-MULTI</predefined-attacks>\r
- <predefined-attacks>APP:MISC:SCHNEIDER-INDUSOFT-RCE</predefined-attacks>\r
- <predefined-attacks>APP:MISC:SERCOMM-DEVICE-RCE</predefined-attacks>\r
- <predefined-attacks>APP:MISC:SPREE-SEARCH-CMD-EXE</predefined-attacks>\r
- <predefined-attacks>APP:MISC:WSHARK-ENTTEC-BO</predefined-attacks>\r
- <predefined-attacks>APP:MISC:XEROX-MFP-COMND-EXEC</predefined-attacks>\r
- <predefined-attacks>APP:MISC:ZABBIC-NODE-PROCESS-CE</predefined-attacks>\r
- <predefined-attacks>APP:MISC:ZEND-SERVER-CE</predefined-attacks>\r
- <predefined-attacks>APP:MIT-KERBEROS-5-POLICY-DOS</predefined-attacks>\r
- <predefined-attacks>APP:MS-SNABASE-EXE-DOS</predefined-attacks>\r
- <predefined-attacks>APP:MSDOTNET-CVE-2014-1806</predefined-attacks>\r
- <predefined-attacks>APP:NOVELL:MESSENGER-BOF</predefined-attacks>\r
- <predefined-attacks>APP:NOVELL:MESSENGER-LOGIN</predefined-attacks>\r
- <predefined-attacks>APP:NOVELL:ZENWORKS-DIR-TRAV</predefined-attacks>\r
- <predefined-attacks>APP:NOVELL:ZENWORKS-MGT-UPLOAD</predefined-attacks>\r
- <predefined-attacks>APP:OPENVIEW-STORAGE-BO</predefined-attacks>\r
- <predefined-attacks>APP:ORACLE:WEBLOGIC-FILE-UPLOAD</predefined-attacks>\r
- <predefined-attacks>APP:ORACLE:WEBLOGIC-SRV-RCE</predefined-attacks>\r
- <predefined-attacks>APP:PERSISTENT-COMMAND-EXEC</predefined-attacks>\r
- <predefined-attacks>APP:PROXY:SQUID-SSLBUMP-CERT</predefined-attacks>\r
- <predefined-attacks>APP:QEMU-VNC-SETPIXEL-PTR-DEREF</predefined-attacks>\r
- <predefined-attacks>APP:QUEST-BIG-BRO-FD</predefined-attacks>\r
- <predefined-attacks>APP:RDP-BRUTE-FORCE</predefined-attacks>\r
- <predefined-attacks>APP:REAL:REAL-MPG-WIDTH</predefined-attacks>\r
- <predefined-attacks>APP:REDIS-GETNUM-IO</predefined-attacks>\r
- <predefined-attacks>APP:REMOTE:CVE-2015-2373-RCE</predefined-attacks>\r
- <predefined-attacks>APP:REMOTE:NETTRANSPORT-DM</predefined-attacks>\r
- <predefined-attacks>APP:REMOTE:RDP-HEAP-BO</predefined-attacks>\r
- <predefined-attacks>APP:REMOTE:RDP-MEM-OBJ</predefined-attacks>\r
- <predefined-attacks>APP:SAFENET-VPN-OF</predefined-attacks>\r
- <predefined-attacks>APP:SAP:3DM-FILE-BOF</predefined-attacks>\r
- <predefined-attacks>APP:SAP:3DVIS-FLIC-BO</predefined-attacks>\r
- <predefined-attacks>APP:SAP:INT-GRAPHICS-PARAMS-XSS</predefined-attacks>\r
- <predefined-attacks>APP:SAP:NETWEAVER-BO</predefined-attacks>\r
- <predefined-attacks>APP:SAP:NETWEAVER-DIAGI-DOS</predefined-attacks>\r
- <predefined-attacks>APP:SAP:NETWEAVER-DOS</predefined-attacks>\r
- <predefined-attacks>APP:SAP:NETWEAVER-SOAP-RCE</predefined-attacks>\r
- <predefined-attacks>APP:SNORT:BACKORIFICE-DOS</predefined-attacks>\r
- <predefined-attacks>APP:SQUID-BUMP-DOS</predefined-attacks>\r
- <predefined-attacks>APP:SYMC:ALTIRIS-DS-SQL-INJ</predefined-attacks>\r
- <predefined-attacks>APP:SYMC:ENCRYPTED-CMD-EXEC</predefined-attacks>\r
- <predefined-attacks>APP:TMIC:SP-CREATE-BIND-OF</predefined-attacks>\r
- <predefined-attacks>APP:TMIC:SP-EARTH-AGENT-OF</predefined-attacks>\r
- <predefined-attacks>APP:UPNP:LIBUPNP-DSN-BOF</predefined-attacks>\r
- <predefined-attacks>APP:UPNP:LIBUPNP-ROOT-DSN-BOF</predefined-attacks>\r
- <predefined-attacks>APP:UPNP:LIBUPNP-UUID-BOF</predefined-attacks>\r
- <predefined-attacks>APP:VCENTER-JMX-RCE</predefined-attacks>\r
- <predefined-attacks>APP:VCENTER-JMX-RCE2</predefined-attacks>\r
- <predefined-attacks>APP:VINZANT-ARCHTCTR-AUTHWKNESS</predefined-attacks>\r
- <predefined-attacks>CHAT:IRC:BOTNET:RA1NX-BOT-CE</predefined-attacks>\r
- <predefined-attacks>CHAT:IRC:BOTNET:W3TW0RK-RCE</predefined-attacks>\r
- <predefined-attacks>DB:IBM-SOLIDBD-WHERE-DOS</predefined-attacks>\r
- <predefined-attacks>DB:IBM-SOLIDDB-ROWNUM</predefined-attacks>\r
- <predefined-attacks>DB:MONGODB-NATIVEHELPER-RCE</predefined-attacks>\r
- <predefined-attacks>DB:MYSQL:BENCHMARK-DOS</predefined-attacks>\r
- <predefined-attacks>DB:MYSQL:BRUTE-FORCE</predefined-attacks>\r
- <predefined-attacks>DB:MYSQL:CLIENT-BOF</predefined-attacks>\r
- <predefined-attacks>DB:MYSQL:GRANT-FILE-BO</predefined-attacks>\r
- <predefined-attacks>DB:MYSQL:ORACLE-XPATH-DOS</predefined-attacks>\r
- <predefined-attacks>DB:MYSQL:ROOT-PRIVILEGE</predefined-attacks>\r
- <predefined-attacks>DB:MYSQL:UPDATEXML-DOS</predefined-attacks>\r
- <predefined-attacks>DB:MYSQL:USER-ENUMERATION</predefined-attacks>\r
- <predefined-attacks>DB:MYSQL:WIN-RCE</predefined-attacks>\r
- <predefined-attacks>DB:MYSQL:WINDOWS-REMOTE-ROOT</predefined-attacks>\r
- <predefined-attacks>DB:ORACLE:DBMS:OUTPUT-TO-JAVA</predefined-attacks>\r
- <predefined-attacks>DB:ORACLE:DECLARE-EXEC</predefined-attacks>\r
- <predefined-attacks>DB:ORACLE:EVTDUMP</predefined-attacks>\r
- <predefined-attacks>DB:ORACLE:SYS:LPXFSMSAX-NAME-BO</predefined-attacks>\r
- <predefined-attacks>DB:POSTGRESQL:DBNAME-CLIFLAGINJ</predefined-attacks>\r
- <predefined-attacks>DB:POSTGRESQL:GEO-OPS-PATH-IN</predefined-attacks>\r
- <predefined-attacks>DB:POSTGRESQL:POSTGRE-DBSEC-BP</predefined-attacks>\r
- <predefined-attacks>DDOS:LOIC-WEB</predefined-attacks>\r
- <predefined-attacks>DHCP:SERVER:GNU-BASH-CMD-EXE</predefined-attacks>\r
- <predefined-attacks>DHCP:SERVER:ISC-MAL-CLID</predefined-attacks>\r
- <predefined-attacks>DNS:AUDIT:UNASSIGNED-OPCODE</predefined-attacks>\r
- <predefined-attacks>DNS:AUDIT:Z-RESERVED-OPT</predefined-attacks>\r
- <predefined-attacks>DNS:BIND-DBC-ASSERT-DOS</predefined-attacks>\r
- <predefined-attacks>DNS:EXPLOIT:BIND-KEYPARSE-DOS</predefined-attacks>\r
- <predefined-attacks>DNS:EXPLOIT:CLIBCVE-2015-7547BO</predefined-attacks>\r
- <predefined-attacks>DNS:EXPLOIT:LIBCVE-2015-7547BO2</predefined-attacks>\r
- <predefined-attacks>DNS:GNUTLS-DANE-BOF</predefined-attacks>\r
- <predefined-attacks>DNS:ISC-ASSERTION-DOS</predefined-attacks>\r
- <predefined-attacks>DNS:ISC-BIND-DNSSEC-DOS</predefined-attacks>\r
- <predefined-attacks>DNS:ISC-BIND-DOS</predefined-attacks>\r
- <predefined-attacks>DNS:ISC-BIND-EDNS-OPT-DOS</predefined-attacks>\r
- <predefined-attacks>DNS:ISC-BIND-PACKAGE-DOS</predefined-attacks>\r
- <predefined-attacks>DNS:MS-ISA-CE</predefined-attacks>\r
- <predefined-attacks>DNS:NGINX-RESOLVER-DOS</predefined-attacks>\r
- <predefined-attacks>DNS:OVERFLOW:GNU-C-GLIBC</predefined-attacks>\r
- <predefined-attacks>DNS:OVERFLOW:TFTPD32</predefined-attacks>\r
- <predefined-attacks>DNS:PDNS-AUTHSERV-DOS</predefined-attacks>\r
- <predefined-attacks>DNS:POWERDNS-NAMESRVR-UDP-DOS</predefined-attacks>\r
- <predefined-attacks>DNS:POWERDNS-NAMSRVR-TCP-DOS</predefined-attacks>\r
- <predefined-attacks>DNS:REPERR:NULL-RDATA-LEN</predefined-attacks>\r
- <predefined-attacks>DNS:RRSIG-QUERY</predefined-attacks>\r
- <predefined-attacks>DNS:SQUID-DNS-DOS-1</predefined-attacks>\r
- <predefined-attacks>DNS:TUNNEL:I2P-DNS-QUERY</predefined-attacks>\r
- <predefined-attacks>DNS:TUNNEL:NULL-RECORD</predefined-attacks>\r
- <predefined-attacks>DNS:WORDPRESS-SOAK-SOAK-MALWARE</predefined-attacks>\r
- <predefined-attacks>DOS:DELL-NETVAULT-DOS</predefined-attacks>\r
- <predefined-attacks>DOS:FREEBSD-ROUTED-DAEMON</predefined-attacks>\r
- <predefined-attacks>DOS:SLOWHTTPTEST-TOOL</predefined-attacks>\r
- <predefined-attacks>DOS:WINDOWS:HTTP-SYS</predefined-attacks>\r
- <predefined-attacks>DOS:WINDOWS:ISCSI-TARGET</predefined-attacks>\r
- <predefined-attacks>HTTP:ADOBE-FLASH-PLAYER-BO</predefined-attacks>\r
- <predefined-attacks>HTTP:ADOBE-FLASHPLYR-PRIV-ESC</predefined-attacks>\r
- <predefined-attacks>HTTP:ANGLER-EXPKIT-URI</predefined-attacks>\r
- <predefined-attacks>HTTP:APACHE:APACHE-CHUNKREQ-DOS</predefined-attacks>\r
- <predefined-attacks>HTTP:APACHE:APR-UTIL-LIB-DOS</predefined-attacks>\r
- <predefined-attacks>HTTP:APACHE:COUCHDB-UUID-DOS</predefined-attacks>\r
- <predefined-attacks>HTTP:APACHE:HTTPD-ERROR-400</predefined-attacks>\r
- <predefined-attacks>HTTP:APACHE:HTTPD-MODLOG-COOKIE</predefined-attacks>\r
- <predefined-attacks>HTTP:APACHE:MOD-LOG-CONFIG-DOS</predefined-attacks>\r
- <predefined-attacks>HTTP:APACHE:MOD-REWRITE-CMD-EXE</predefined-attacks>\r
- <predefined-attacks>HTTP:APACHE:REST-RCE</predefined-attacks>\r
- <predefined-attacks>HTTP:APACHE:REV-PROXY-EXPLOIT</predefined-attacks>\r
- <predefined-attacks>HTTP:APACHE:STRUTS-CI-SECBYPASS</predefined-attacks>\r
- <predefined-attacks>HTTP:APACHE:STRUTS-OGNL-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:APACHE:STRUTS-RST-DMI-EXEC</predefined-attacks>\r
- <predefined-attacks>HTTP:APACHE:STRUTS-URL-DOS</predefined-attacks>\r
- <predefined-attacks>HTTP:APACHE:STRUTS-XSLT-FI</predefined-attacks>\r
- <predefined-attacks>HTTP:BACKDOOR-UPATRE-UA</predefined-attacks>\r
- <predefined-attacks>HTTP:C99-SHELL-BACKDOOR</predefined-attacks>\r
- <predefined-attacks>HTTP:CARBERP-BACKDOOR-RCE</predefined-attacks>\r
- <predefined-attacks>HTTP:CGI:BASH-INJECTION-HEADER</predefined-attacks>\r
- <predefined-attacks>HTTP:CGI:MS-OFFICE-URL-BOF</predefined-attacks>\r
- <predefined-attacks>HTTP:CISCO:DOWNLOADSERVLET-FU</predefined-attacks>\r
- <predefined-attacks>HTTP:CLAMAV-ENCRYPT-PDF-MC2</predefined-attacks>\r
- <predefined-attacks>HTTP:CLANSPHERE-COOKIE-LFI</predefined-attacks>\r
- <predefined-attacks>HTTP:DIR:HTTP-ACCEPT-ENCODING</predefined-attacks>\r
- <predefined-attacks>HTTP:DIR:HTTP-ACCEPT-HDR</predefined-attacks>\r
- <predefined-attacks>HTTP:DIR:HTTP-ACCEPT-LANG</predefined-attacks>\r
- <predefined-attacks>HTTP:DIR:HTTP-AUTH-HDR</predefined-attacks>\r
- <predefined-attacks>HTTP:DIR:HTTP-CONT-TYPE</predefined-attacks>\r
- <predefined-attacks>HTTP:DIR:HTTP-CONTENT-MD5</predefined-attacks>\r
- <predefined-attacks>HTTP:DIR:HTTP-HOST-HDR</predefined-attacks>\r
- <predefined-attacks>HTTP:DIR:HTTP-REFERER-HDR</predefined-attacks>\r
- <predefined-attacks>HTTP:DIR:ZIMBRA-SERVER-LDAP</predefined-attacks>\r
- <predefined-attacks>HTTP:DLINK-AUTHENTICATION-BO</predefined-attacks>\r
- <predefined-attacks>HTTP:DOS:APACHE-TOMCAT-CHUNKED2</predefined-attacks>\r
- <predefined-attacks>HTTP:DOS:HAPROXY-REQDENY</predefined-attacks>\r
- <predefined-attacks>HTTP:DOS:MIT-KERBEROS-5-POLICY</predefined-attacks>\r
- <predefined-attacks>HTTP:DOS:PHP-UPLOAD</predefined-attacks>\r
- <predefined-attacks>HTTP:DOS:SCHNEIDER-EXPRT-SCADA</predefined-attacks>\r
- <predefined-attacks>HTTP:DOS:SQUID-HDR-RANGE</predefined-attacks>\r
- <predefined-attacks>HTTP:DRUPAL-CODER-RCE</predefined-attacks>\r
- <predefined-attacks>HTTP:EK-ANGLER-JAVA</predefined-attacks>\r
- <predefined-attacks>HTTP:EXPLOIT:ILLEGAL-HOST-CHAR</predefined-attacks>\r
- <predefined-attacks>HTTP:FORTINET-HELLO-MSG-DOS</predefined-attacks>\r
- <predefined-attacks>HTTP:HTTP-INVALID-PORT-VALUE</predefined-attacks>\r
- <predefined-attacks>HTTP:HTTP_PROXY-ATTACK</predefined-attacks>\r
- <predefined-attacks>HTTP:IIS:ASP-NET-MVC-SEC-BYPASS</predefined-attacks>\r
- <predefined-attacks>HTTP:IIS:ASPX-URL</predefined-attacks>\r
- <predefined-attacks>HTTP:IIS:ASPX-URL-1</predefined-attacks>\r
- <predefined-attacks>HTTP:IIS:ENCODING:SINGLE-DIG-1</predefined-attacks>\r
- <predefined-attacks>HTTP:IIS:ENCODING:SINGLE-DIG-2</predefined-attacks>\r
- <predefined-attacks>HTTP:IIS:IIS-6-7-AUTH-BYPASS</predefined-attacks>\r
- <predefined-attacks>HTTP:IIS:INT-OVERFLOW-DOS</predefined-attacks>\r
- <predefined-attacks>HTTP:IIS:WEB-CONFIG-INFO-LEAK</predefined-attacks>\r
- <predefined-attacks>HTTP:IIS:WEBDAV:WINDOWS-SHELL</predefined-attacks>\r
- <predefined-attacks>HTTP:INFO-LEAK:BOOT-INI</predefined-attacks>\r
- <predefined-attacks>HTTP:INFO-LEAK:BOOT-INI-TCP</predefined-attacks>\r
- <predefined-attacks>HTTP:INVALID:EXPECT</predefined-attacks>\r
- <predefined-attacks>HTTP:JAVA-UPDATE-RCE</predefined-attacks>\r
- <predefined-attacks>HTTP:JENKINS-CI-SERVER-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:LIBGD-GD2GETHEADER-IO</predefined-attacks>\r
- <predefined-attacks>HTTP:LIBGD-HEAP-BO</predefined-attacks>\r
- <predefined-attacks>HTTP:LIBREOFFICE-INTEGR-UNDRFLW</predefined-attacks>\r
- <predefined-attacks>HTTP:MALICIOUS-SESSION-COOKIE</predefined-attacks>\r
- <predefined-attacks>HTTP:MAMBO-MYSQL-INF-DISCLOSURE</predefined-attacks>\r
- <predefined-attacks>HTTP:MANAGENGINE-EVTLG-INF-DISC</predefined-attacks>\r
- <predefined-attacks>HTTP:MAXTHON-HISTORY-XSS</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:AVIRA-MGNT-HEADER-BOF</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:CHASYS-BO</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:COOL-EXKIT-JAR-DL</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:CUTEZIP-BO</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:CVE-2014-6332-RCE</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:DAZ-STUDIO-SCRIPT-RCE</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:ERS-VIEWER-BO</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:GITLIST-URI-REQ-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:GRAPHITE-RCE</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:GSM-SIMEDIT-BO</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:IRFVIEW-JP2-BO</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:JBOSS-SEAM-EL-RCE</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:JOOMLA-UNSER-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:MAPLE-MAPLET-CMD-EXEC</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:MINIUPNPD-SOAP-ACTION</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:MS-FOREFRONT-DOS</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:MS-OWA-URL-REDIR</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:RUBY-RAILS-SECRET-RCE</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:SPLUNK-CUSTOM-APP-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:WESTERN-DIGITAL-LFI</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:WINRAR-FILENM-SPOOF</predefined-attacks>\r
- <predefined-attacks>HTTP:MISC:WIRESHARK-LUA-RCE</predefined-attacks>\r
- <predefined-attacks>HTTP:MONKEY-HTTPD-BO</predefined-attacks>\r
- <predefined-attacks>HTTP:MS-VBSCRIPT-UAF-RCE</predefined-attacks>\r
- <predefined-attacks>HTTP:MS-WIN-FOLDER-GUID-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:NAGIOS-CONFMGR-SQLINJ</predefined-attacks>\r
- <predefined-attacks>HTTP:NEUTRINO-EK-SB</predefined-attacks>\r
- <predefined-attacks>HTTP:NGINX-RQST-URI-SECBYPASS</predefined-attacks>\r
- <predefined-attacks>HTTP:NODEJS-DOS</predefined-attacks>\r
- <predefined-attacks>HTTP:NOVELL:GROUPWISE-NETAGT-BO</predefined-attacks>\r
- <predefined-attacks>HTTP:ORACLE:CONF-ACCESS</predefined-attacks>\r
- <predefined-attacks>HTTP:ORACLE:GENERIC-SIGNATUR-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:ORACLE:OUTSIDE-PRDOX-BO2</predefined-attacks>\r
- <predefined-attacks>HTTP:ORACLE:SSO-ACCESS</predefined-attacks>\r
- <predefined-attacks>HTTP:PHP:CDF-INFINITE-LOOP-DOS</predefined-attacks>\r
- <predefined-attacks>HTTP:PHP:CORE-INT-OF-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:PHP:DATEINTERVAL-DOS</predefined-attacks>\r
- <predefined-attacks>HTTP:PHP:EXIF-NULL-PTR-DEREF</predefined-attacks>\r
- <predefined-attacks>HTTP:PHP:INVISION-IPS-COMM</predefined-attacks>\r
- <predefined-attacks>HTTP:PHP:JOOMLA-ADMIN-SCAN</predefined-attacks>\r
- <predefined-attacks>HTTP:PHP:OPENEMR-GLOBALS-AB</predefined-attacks>\r
- <predefined-attacks>HTTP:PHP:PHAR-PARSE-TARFILE-ID</predefined-attacks>\r
- <predefined-attacks>HTTP:PHP:PHPMYADMIN:SETUP-SCAN</predefined-attacks>\r
- <predefined-attacks>HTTP:PHP:PHPSPLOIT-POSTEXP</predefined-attacks>\r
- <predefined-attacks>HTTP:PHP:SPL-OBJECT-UNSERIALIZE</predefined-attacks>\r
- <predefined-attacks>HTTP:PHP:TAR-FILE-PTR</predefined-attacks>\r
- <predefined-attacks>HTTP:PHP:WP-BRUTE-FORCE-LOGIN</predefined-attacks>\r
- <predefined-attacks>HTTP:PHP:WP-INCLUDES-ACCESS</predefined-attacks>\r
- <predefined-attacks>HTTP:PHP:WP-README-SCAN</predefined-attacks>\r
- <predefined-attacks>HTTP:PHP:XAMPP-FILE-WRITE</predefined-attacks>\r
- <predefined-attacks>HTTP:PHP:ZIPARCHIVE-IO</predefined-attacks>\r
- <predefined-attacks>HTTP:PROXY:SQUID-DOS</predefined-attacks>\r
- <predefined-attacks>HTTP:REGIN-CNC-TRAFFIC</predefined-attacks>\r
- <predefined-attacks>HTTP:REQERR:INV-IPV6-HOST-HDR</predefined-attacks>\r
- <predefined-attacks>HTTP:REQERR:NULL-IN-HEADER</predefined-attacks>\r
- <predefined-attacks>HTTP:SOLARWINDS-AUTH-BYPASS</predefined-attacks>\r
- <predefined-attacks>HTTP:SOLARWINDS-POLICYBYPASS</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:ACCEPT-HDR-1</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:ACCEPT-HDR-3</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:ACCEPT-LANG-HDR-1</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:ACCEPT-LANG-HDR-3</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:AND-NUMBER-EQUALS</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:CHAR</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:CHAR-ENCODE</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:COMMENT</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:COMPARISON</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:CONCAT</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:CONT-MD5-HDR-1</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:CONT-MD5-HDR-3</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:CONT-TYPE-HDR-1</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:CONT-TYPE-HDR-3</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:CONVERT</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:CONVERT-INJ-OF</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:HAVIJ-UA</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:HTTP-AUTH-HDR-1</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:HTTP-AUTH-HDR-3</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:HTTP-HOST-HDR-1</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:HTTP-HOST-HDR-3</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:HTTP-REQ-HDR-3</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:INSERT-VALUES</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:INTO-OUTFILE</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:IS_SRVROLEMEMBER</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:MS-SQL-FUNCTIONS</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:MS-SQL-TABLE-NAME</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:MYSQL-TABLE-NAME</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:NULLBYTE-COMMENT</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:PL-SQL</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:PROC-GENERIC</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:REFERER-HDR-1</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:REFERER-HDR-3</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:SLASH-STAR</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:SQLMAP-ACTIVITY</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:SYSOBJECTS</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:UA-HDR-1</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:UA-HDR-3</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:UNION-SELECT</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:USER-ADD</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:VERSION-DETECT</predefined-attacks>\r
- <predefined-attacks>HTTP:SQL:INJ:WAITFOR-DELAY</predefined-attacks>\r
- <predefined-attacks>HTTP:SQUID-BUMP-DOS</predefined-attacks>\r
- <predefined-attacks>HTTP:STATIC-SERVER-BOF</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ACTIVEX:KVIEW-KCHARTXY</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:2013-5065-PDF</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:ACROFORM-NULL-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CONVFILTER-UAF</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2009-2985-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2009-3791-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2009-3959-OF</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2010-2202-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2013-0622-SB</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2013-3353</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2013-3355-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2013-5324-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2013-5325-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2013-5329-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0511-BO</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0512-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0517-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0521</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0522-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0523-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0524-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0531-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0537-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0538-UF</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0539-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0545-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0547-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0548-PB</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0550-BO</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0553-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0554</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0555-BO</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0559-BO</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0564-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0565-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0567-OF</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0568-SE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0574-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0574-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0576-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0577-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0578-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0580-SB</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0584-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-0586-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-4671</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-8440-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-8441-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-8447-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-8449-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-8450-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-8451-ID</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-8455-UF</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-8459-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-8460-BO</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-8461-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-9159-BO</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-9160-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2014-9162-ID</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0087-ID</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0089-ID</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0090-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0093-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0301-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0302-ID</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0303-SB</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0305-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0306-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0307-DS</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0313-ID</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0314-BO</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0315-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0317-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0319-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0320-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0321-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0322-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0323-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0324-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0325-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0326-DS</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0328-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0329-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0330-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0333-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0334-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0335-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0337-PB</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0338-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0339-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0340-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0341-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0342-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0346-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0347-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0348-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0349-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0350-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0351-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0352-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0353-CE</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0354-MC</predefined-attacks>\r
- <predefined-attacks>HTTP:STC:ADOBE:CVE-2015-0355-MC</predefined-attacks>\r
- </attacks>\r
- </match>\r
- <then>\r
- <action>\r
- <no-action/>\r
- </action>\r
- <ip-action>\r
- <ip-notify/>\r
- <target>source-address</target>\r
- <log/>\r
- <log-create/>\r
- </ip-action>\r
- <notification>\r
- <log-attacks>\r
- <alert/>\r
- </log-attacks>\r
- </notification>\r
- </then>\r
- </rule>\r
- <rule>\r
- <name>DBE-Q-IPS-policy-template-2</name>\r
- <match>\r
- <from-zone>any</from-zone>\r
- <to-zone>any</to-zone>\r
- <application>default</application>\r
- <attacks>\r
- <predefined-attack-groups>[Recommended]Critical - ICMP</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]ICMP - All</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]ICMP - Critical</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]ICMP - Info</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]ICMP - Major</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]ICMP - Minor</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]ICMP - Warning</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Info - ICMP</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Major - ICMP</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Minor - ICMP</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Misc_Critical - ICMP</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Misc_ICMP - All</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Misc_ICMP - Critical</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Misc_ICMP - Info</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Misc_ICMP - Major</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Misc_ICMP - Minor</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Misc_ICMP - Warning</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Misc_Info - ICMP</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Misc_Major - ICMP</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Misc_Minor - ICMP</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Misc_Warning - ICMP</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Response_Critical - ICMP</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Response_ICMP - All</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Response_ICMP - Critical</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Response_ICMP - Info</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Response_ICMP - Major</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Response_ICMP - Minor</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Response_ICMP - Warning</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Response_Info - ICMP</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Response_Major - ICMP</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Response_Minor - ICMP</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Response_Warning - ICMP</predefined-attack-groups>\r
- <predefined-attack-groups>[Recommended]Warning - ICMP</predefined-attack-groups>\r
- </attacks>\r
- </match>\r
- <then>\r
- <action>\r
- <recommended/>\r
- </action>\r
- <ip-action>\r
- <ip-notify/>\r
- <target>source-address</target>\r
- </ip-action>\r
- <notification>\r
- <log-attacks>\r
- <alert/>\r
- </log-attacks>\r
- </notification>\r
- </then>\r
- </rule>\r
- </rulebase-ips>\r
- </idp-policy>\r
- <active-policy>Space-IPS-Policy</active-policy>\r
- </idp>\r
- <forwarding-options>\r
- <family>\r
- <inet6>\r
- <mode>flow-based</mode>\r
- </inet6>\r
- </family>\r
- </forwarding-options>\r
- <screen>\r
- <ids-option>\r
- <name>untrust-screen</name>\r
- <alarm-without-drop/>\r
- <icmp>\r
- <ip-sweep>\r
- <threshold>5000</threshold>\r
- </ip-sweep>\r
- <fragment/>\r
- <large/>\r
- <ping-death/>\r
- </icmp>\r
- <ip>\r
- <bad-option/>\r
- <record-route-option/>\r
- <timestamp-option/>\r
- <security-option/>\r
- <stream-option/>\r
- <spoofing/>\r
- <source-route-option/>\r
- <loose-source-route-option/>\r
- <strict-source-route-option/>\r
- <unknown-protocol/>\r
- <tear-drop/>\r
- </ip>\r
- <tcp>\r
- <syn-fin/>\r
- <fin-no-ack/>\r
- <tcp-no-flag/>\r
- <syn-frag/>\r
- <port-scan>\r
- <threshold>5000</threshold>\r
- </port-scan>\r
- <syn-ack-ack-proxy>\r
- </syn-ack-ack-proxy>\r
- <syn-flood>\r
- <alarm-threshold>1024</alarm-threshold>\r
- <attack-threshold>200</attack-threshold>\r
- <source-threshold>1024</source-threshold>\r
- <destination-threshold>2048</destination-threshold>\r
- <undocumented><queue-size>2000</queue-size></undocumented>\r
- <timeout>20</timeout>\r
- </syn-flood>\r
- <land/>\r
- </tcp>\r
- </ids-option>\r
- </screen>\r
- <nat>\r
- <source>\r
- <pool>\r
- <name>sp_dmzpfsnat</name>\r
- <address>\r
- <name>10.68.16.13/32</name>\r
- </address>\r
- <address>\r
- <name>10.68.16.14/32</name>\r
- </address>\r
- <address>\r
- <name>10.68.16.15/32</name>\r
- </address>\r
- <address>\r
- <name>10.68.16.16/32</name>\r
- </address>\r
- <port>\r
- <range>\r
- <low>1024</low>\r
- <to>\r
- <high>63486</high>\r
- </to>\r
- </range>\r
- </port>\r
- <pool-utilization-alarm>\r
- <raise-threshold>80</raise-threshold>\r
- <clear-threshold>70</clear-threshold>\r
- </pool-utilization-alarm>\r
- </pool>\r
- <rule-set>\r
- <name>rs_mis2dmzpfsnat</name>\r
- <from>\r
- <zone>sz_dbemis</zone>\r
- </from>\r
- <to>\r
- <zone>trust</zone>\r
- </to>\r
- <rule>\r
- <name>nr_dmzpsnat</name>\r
- <src-nat-rule-match>\r
- <destination-address>10.68.16.4/32</destination-address>\r
- <destination-address>10.68.16.5/32</destination-address>\r
- </src-nat-rule-match>\r
- <then>\r
- <source-nat>\r
- <pool>\r
- <pool-name>sp_dmzpfsnat</pool-name>\r
- </pool>\r
- </source-nat>\r
- </then>\r
- </rule>\r
- </rule-set>\r
- </source>\r
- <destination>\r
- <pool>\r
- <name>dp_dmzpf01ap1dnat</name>\r
- <address>\r
- <ipaddr>10.68.16.4/32</ipaddr>\r
- </address>\r
- </pool>\r
- <pool>\r
- <name>dp_dmzpf02ap1dnat</name>\r
- <address>\r
- <ipaddr>10.68.16.5/32</ipaddr>\r
- </address>\r
- </pool>\r
- <rule-set>\r
- <name>rs_mis2dmzpfdnat</name>\r
- <from>\r
- <zone>sz_dbemis</zone>\r
- </from>\r
- <rule>\r
- <name>nr_p01ap1dnat</name>\r
- <dest-nat-rule-match>\r
- <destination-address>\r
- <dst-addr>12.102.197.133/32</dst-addr>\r
- </destination-address>\r
- </dest-nat-rule-match>\r
- <then>\r
- <destination-nat>\r
- <pool>\r
- <pool-name>dp_dmzpf01ap1dnat</pool-name>\r
- </pool>\r
- </destination-nat>\r
- </then>\r
- </rule>\r
- <rule>\r
- <name>nr_p02ap1dnat</name>\r
- <dest-nat-rule-match>\r
- <destination-address>\r
- <dst-addr>12.102.197.134/32</dst-addr>\r
- </destination-address>\r
- </dest-nat-rule-match>\r
- <then>\r
- <destination-nat>\r
- <pool>\r
- <pool-name>dp_dmzpf02ap1dnat</pool-name>\r
- </pool>\r
- </destination-nat>\r
- </then>\r
- </rule>\r
- </rule-set>\r
- </destination>\r
- <proxy-arp>\r
- <interface>\r
- <name>reth0.0</name>\r
- <address>\r
- <name>12.102.197.133/32</name>\r
- </address>\r
- <address>\r
- <name>12.102.197.134/32</name>\r
- </address>\r
- </interface>\r
- <interface>\r
- <name>reth1.0</name>\r
- <address>\r
- <name>10.68.16.13/32</name>\r
- </address>\r
- <address>\r
- <name>10.68.16.14/32</name>\r
- </address>\r
- <address>\r
- <name>10.68.16.15/32</name>\r
- </address>\r
- <address>\r
- <name>10.68.16.16/32</name>\r
- </address>\r
- </interface>\r
- </proxy-arp>\r
- </nat>\r
- <policies>\r
- <policy>\r
- <from-zone-name>trust</from-zone-name>\r
- <to-zone-name>trust</to-zone-name>\r
- <policy>\r
- <name>default-permit</name>\r
- <match>\r
- <source-address>any</source-address>\r
- <destination-address>any</destination-address>\r
- <application>any</application>\r
- </match>\r
- <then>\r
- <permit>\r
- </permit>\r
- <log>\r
- <session-init/>\r
- <session-close/>\r
- </log>\r
- </then>\r
- </policy>\r
- </policy>\r
- <policy>\r
- <from-zone-name>trust</from-zone-name>\r
- <to-zone-name>untrust</to-zone-name>\r
- <policy>\r
- <name>default-permit</name>\r
- <match>\r
- <source-address>any</source-address>\r
- <destination-address>any</destination-address>\r
- <application>any</application>\r
- </match>\r
- <then>\r
- <permit>\r
- </permit>\r
- <log>\r
- <session-init/>\r
- <session-close/>\r
- </log>\r
- </then>\r
- </policy>\r
- </policy>\r
- <policy>\r
- <from-zone-name>sz_dbemis</from-zone-name>\r
- <to-zone-name>trust</to-zone-name>\r
- <policy>\r
- <name>sp_bwxspapi</name>\r
- <match>\r
- <source-address>any</source-address>\r
- <destination-address>as_bwdmzpxspapsrvrs_2</destination-address>\r
- <application>ps_bwapi_3</application>\r
- </match>\r
- <then>\r
- <permit>\r
- </permit>\r
- <log>\r
- <session-init/>\r
- <session-close/>\r
- </log>\r
- <count>\r
- </count>\r
- </then>\r
- </policy>\r
- <policy>\r
- <name>sp_bwpdeny</name>\r
- <match>\r
- <source-address>any</source-address>\r
- <destination-address>any</destination-address>\r
- <application>any</application>\r
- </match>\r
- <then>\r
- <deny/>\r
- <log>\r
- <session-init/>\r
- </log>\r
- <count>\r
- </count>\r
- </then>\r
- </policy>\r
- </policy>\r
- <policy>\r
- <from-zone-name>trust</from-zone-name>\r
- <to-zone-name>sz_dbemis</to-zone-name>\r
- <policy>\r
- <name>sp_bwzdeny</name>\r
- <match>\r
- <source-address>any</source-address>\r
- <destination-address>any</destination-address>\r
- <application>any</application>\r
- </match>\r
- <then>\r
- <deny/>\r
- <log>\r
- <session-init/>\r
- </log>\r
- <count>\r
- </count>\r
- </then>\r
- </policy>\r
- </policy>\r
- <policy>\r
- <from-zone-name>untrust</from-zone-name>\r
- <to-zone-name>trust</to-zone-name>\r
- <policy>\r
- <name>default-deny</name>\r
- <match>\r
- <source-address>any</source-address>\r
- <destination-address>any</destination-address>\r
- <application>any</application>\r
- </match>\r
- <then>\r
- <deny/>\r
- <log>\r
- <session-init/>\r
- <session-close/>\r
- </log>\r
- </then>\r
- </policy>\r
- </policy>\r
- </policies>\r
- <zones>\r
- <security-zone>\r
- <name>trust</name>\r
- <tcp-rst/>\r
- <address-book>\r
- <address>\r
- <name>ad_bwxsp02ap1pf</name>\r
- <ip-prefix>10.68.16.5/32</ip-prefix>\r
- </address>\r
- <address>\r
- <name>ad_bwxsp01ap1pf_1</name>\r
- <ip-prefix>10.68.16.4/32</ip-prefix>\r
- </address>\r
- <address-set>\r
- <name>as_bwdmzpxspapsrvrs_2</name>\r
- <address>\r
- <name>ad_bwxsp01ap1pf_1</name>\r
- </address>\r
- <address>\r
- <name>ad_bwxsp02ap1pf</name>\r
- </address>\r
- </address-set>\r
- </address-book>\r
- <host-inbound-traffic>\r
- <system-services>\r
- <name>all</name>\r
- </system-services>\r
- <protocols>\r
- <name>all</name>\r
- </protocols>\r
- </host-inbound-traffic>\r
- <interfaces>\r
- <name>reth1.0</name>\r
- </interfaces>\r
- </security-zone>\r
- <security-zone>\r
- <name>untrust</name>\r
- <screen>untrust-screen</screen>\r
- </security-zone>\r
- <security-zone>\r
- <name>sz_dbemis</name>\r
- <screen>untrust-screen</screen>\r
- <interfaces>\r
- <name>reth0.0</name>\r
- </interfaces>\r
- </security-zone>\r
- </zones>\r
- </security>\r
- <interfaces>\r
- <interface>\r
- <name>ge-0/0/1</name>\r
- <gigether-options>\r
- <redundant-parent>\r
- <parent>reth0</parent>\r
- </redundant-parent>\r
- </gigether-options>\r
- </interface>\r
- <interface>\r
- <name>ge-0/0/2</name>\r
- <gigether-options>\r
- <redundant-parent>\r
- <parent>reth1</parent>\r
- </redundant-parent>\r
- </gigether-options>\r
- </interface>\r
- <interface>\r
- <name>ge-7/0/1</name>\r
- <gigether-options>\r
- <redundant-parent>\r
- <parent>reth0</parent>\r
- </redundant-parent>\r
- </gigether-options>\r
- </interface>\r
- <interface>\r
- <name>ge-7/0/2</name>\r
- <gigether-options>\r
- <redundant-parent>\r
- <parent>reth1</parent>\r
- </redundant-parent>\r
- </gigether-options>\r
- </interface>\r
- <interface>\r
- <name>fab0</name>\r
- <fabric-options>\r
- <member-interfaces>\r
- <name>ge-0/0/0</name>\r
- </member-interfaces>\r
- </fabric-options>\r
- </interface>\r
- <interface>\r
- <name>fab1</name>\r
- <fabric-options>\r
- <member-interfaces>\r
- <name>ge-7/0/0</name>\r
- </member-interfaces>\r
- </fabric-options>\r
- </interface>\r
- <interface>\r
- <name>fxp0</name>\r
- <unit>\r
- <name>0</name>\r
- </unit>\r
- </interface>\r
- <interface>\r
- <name>reth0</name>\r
- <redundant-ether-options>\r
- <redundancy-group>1</redundancy-group>\r
- </redundant-ether-options>\r
- <unit>\r
- <name>0</name>\r
- <family>\r
- <inet>\r
- <filter>\r
- <input>\r
- <filter-name>ff_pdscp</filter-name>\r
- </input>\r
- </filter>\r
- <address>\r
- <name>12.102.197.132/25</name>\r
- </address>\r
- </inet>\r
- <inet6>\r
- <filter>\r
- <input>\r
- <filter-name>ff_v6pdscp</filter-name>\r
- </input>\r
- </filter>\r
- <address>\r
- <name>2001:1890:1001:23ed::3:1/64</name>\r
- </address>\r
- <address>\r
- <name>2001:1890:1001:23ed::3:2/64</name>\r
- </address>\r
- <address>\r
- <name>2001:1890:1001:23ed::3:3/64</name>\r
- </address>\r
- </inet6>\r
- </family>\r
- </unit>\r
- </interface>\r
- <interface>\r
- <name>reth1</name>\r
- <redundant-ether-options>\r
- <redundancy-group>1</redundancy-group>\r
- </redundant-ether-options>\r
- <unit>\r
- <name>0</name>\r
- <family>\r
- <inet>\r
- <filter>\r
- <input>\r
- <filter-name>ff_pdscp</filter-name>\r
- </input>\r
- </filter>\r
- <address>\r
- <name>10.68.16.12/22</name>\r
- </address>\r
- </inet>\r
- <inet6>\r
- <filter>\r
- <input>\r
- <filter-name>ff_v6pdscp</filter-name>\r
- </input>\r
- </filter>\r
- <address>\r
- <name>2001:1890:1001:23ec::3:1/64</name>\r
- </address>\r
- <address>\r
- <name>2001:1890:1001:23ec::3:2/64</name>\r
- </address>\r
- <address>\r
- <name>2001:1890:1001:23ec::3:3/64</name>\r
- </address>\r
- <address>\r
- <name>2001:1890:1001:23ec::3:4/64</name>\r
- </address>\r
- <address>\r
- <name>2001:1890:1001:23ec::3:5/64</name>\r
- </address>\r
- </inet6>\r
- </family>\r
- </unit>\r
- </interface>\r
- </interfaces>\r
- <snmp>\r
- <community>\r
- <name>vsbk68</name>\r
- <authorization>read-only</authorization>\r
- <clients>\r
- <name>130.6.45.42/32</name>\r
- </clients>\r
- <clients>\r
- <name>130.6.45.41/32</name>\r
- </clients>\r
- <clients>\r
- <name>130.6.44.254/32</name>\r
- </clients>\r
- <clients>\r
- <name>130.6.44.253/32</name>\r
- </clients>\r
- <clients>\r
- <name>135.25.175.114/32</name>\r
- </clients>\r
- <clients>\r
- <name>135.21.235.37/32</name>\r
- </clients>\r
- </community>\r
- <community>\r
- <name>space15</name>\r
- <authorization>read-write</authorization>\r
- <clients>\r
- <name>135.144.0.60/32</name>\r
- </clients>\r
- <clients>\r
- <name>135.144.0.59/32</name>\r
- </clients>\r
- <clients>\r
- <name>135.144.0.61/32</name>\r
- </clients>\r
- </community>\r
- <trap-group>\r
- <name>GFP</name>\r
- <version>v2</version>\r
- <destination-port>162</destination-port>\r
- <targets>\r
- <name>135.89.33.175</name>\r
- </targets>\r
- <targets>\r
- <name>199.37.245.24</name>\r
- </targets>\r
- </trap-group>\r
- <trap-group>\r
- <name>space</name>\r
- <targets>\r
- <name>135.144.0.60</name>\r
- </targets>\r
- </trap-group>\r
- <health-monitor>\r
- <idp>\r
- </idp>\r
- </health-monitor>\r
- </snmp>\r
- <routing-options>\r
- <interface-routes>\r
- <rib-group>\r
- <inet>rg_mis2dmzp</inet>\r
- <inet6>rg_v6mis2dmzp</inet6>\r
- </rib-group>\r
- </interface-routes>\r
- <static>\r
- <route>\r
- <name>0.0.0.0/0</name>\r
- <next-hop>135.69.228.1</next-hop>\r
- </route>\r
- </static>\r
- <rib-groups>\r
- <name>rg_mis2dmzp</name>\r
- <import-rib>vrf-untrust.inet.0</import-rib>\r
- <import-rib>inet.0</import-rib>\r
- </rib-groups>\r
- <rib-groups>\r
- <name>rg_v6mis2dmzp</name>\r
- <import-rib>vrf-untrust.inet6.0</import-rib>\r
- <import-rib>inet6.0</import-rib>\r
- </rib-groups>\r
- </routing-options>\r
- <class-of-service>\r
- <interfaces>\r
- <interface>\r
- <name>reth0</name>\r
- <unit>\r
- <name>0</name>\r
- <rewrite-rules>\r
- <dscp>\r
- <name>cr_pdscpaf</name>\r
- </dscp>\r
- <dscp-ipv6>\r
- <name>cr_v6pdscpaf</name>\r
- </dscp-ipv6>\r
- </rewrite-rules>\r
- </unit>\r
- </interface>\r
- <interface>\r
- <name>reth1</name>\r
- <unit>\r
- <name>0</name>\r
- <rewrite-rules>\r
- <dscp>\r
- <name>cr_pdscpaf</name>\r
- </dscp>\r
- <dscp-ipv6>\r
- <name>cr_v6pdscpaf</name>\r
- </dscp-ipv6>\r
- </rewrite-rules>\r
- </unit>\r
- </interface>\r
- </interfaces>\r
- <rewrite-rules>\r
- <dscp>\r
- <name>cr_pdscpaf</name>\r
- <forwarding-class>\r
- <name>assured-forwarding</name>\r
- <loss-priority>\r
- <name>low</name>\r
- <code-point>011010</code-point>\r
- </loss-priority>\r
- </forwarding-class>\r
- </dscp>\r
- <dscp-ipv6>\r
- <name>cr_v6pdscpaf</name>\r
- <forwarding-class>\r
- <name>assured-forwarding</name>\r
- <loss-priority>\r
- <name>low</name>\r
- <code-point>011010</code-point>\r
- </loss-priority>\r
- </forwarding-class>\r
- </dscp-ipv6>\r
- </rewrite-rules>\r
- </class-of-service>\r
- <firewall>\r
- <family>\r
- <inet>\r
- <filter>\r
- <name>ff_pdscp</name>\r
- <term>\r
- <name>fr_pdscp</name>\r
- <from>\r
- <interface>\r
- <name>reth0</name>\r
- </interface>\r
- <interface>\r
- <name>reth1</name>\r
- </interface>\r
- </from>\r
- <then>\r
- <forwarding-class>assured-forwarding</forwarding-class>\r
- <accept/>\r
- </then>\r
- </term>\r
- </filter>\r
- </inet>\r
- <inet6>\r
- <filter>\r
- <name>ff_v6pdscp</name>\r
- <term>\r
- <name>fr_v6pdscp</name>\r
- <from>\r
- <interface>\r
- <name>reth0</name>\r
- </interface>\r
- <interface>\r
- <name>reth1</name>\r
- </interface>\r
- </from>\r
- <then>\r
- <forwarding-class>assured-forwarding</forwarding-class>\r
- <accept/>\r
- </then>\r
- </term>\r
- </filter>\r
- </inet6>\r
- </family>\r
- </firewall>\r
- <routing-instances>\r
- <instance>\r
- <name>vrf-untrust</name>\r
- <instance-type>virtual-router</instance-type>\r
- <interface>\r
- <name>reth0.0</name>\r
- </interface>\r
- <routing-options>\r
- <interface-routes>\r
- <rib-group>\r
- <inet>rg_mis2dmzp</inet>\r
- <inet6>rg_v6mis2dmzp</inet6>\r
- </rib-group>\r
- </interface-routes>\r
- <rib>\r
- <name>vrf-untrust.inet6.0</name>\r
- <static>\r
- <route>\r
- <name>0::/0</name>\r
- <next-hop>2001:1890:1001:23ed::1</next-hop>\r
- </route>\r
- </static>\r
- </rib>\r
- <static>\r
- <route>\r
- <name>0.0.0.0/0</name>\r
- <next-hop>12.102.197.129</next-hop>\r
- </route>\r
- </static>\r
- </routing-options>\r
- </instance>\r
- </routing-instances>\r
- <applications>\r
- <application>\r
- <name>ap_xsi-xml-https</name>\r
- <protocol>tcp</protocol>\r
- <destination-port>443</destination-port>\r
- </application>\r
- <application-set>\r
- <name>ps_bwapi_3</name>\r
- <application>\r
- <name>ap_xsi-xml-https</name>\r
- </application>\r
- </application-set>\r
- </applications>\r
- </configuration>
\ No newline at end of file
-.. ============LICENSE_START==========================================
+.. ============LICENSE_START==========================================
.. ===================================================================
-.. Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+.. Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
.. ===================================================================
.. Licensed under the Creative Commons License, Attribution 4.0 Intl. (the "License");
.. you may not use this documentation except in compliance with the License.
.. See the License for the specific language governing permissions and
.. limitations under the License.
.. ============LICENSE_END============================================
-.. ECOMP is a trademark and service mark of AT&T Intellectual Property.
Release Notes
=============
.. * This note must be removed after content has been added.
-Version: 1.2.0
+Version: 1.3.0
--------------
-:Release Date: 2017-11-16
+:Release Date: 2018-06-07
**New Features**
-The Amsterdam release continued evolving the design driven architecture of and functionality for APPC.
-APPC aims to be completely agnostic and make no assumption about the network.
-
-The main goal of the Amsterdam release was to:
- - Support the vCPE use case as part of the closed loop action to perform a Restart on the vGMUX
- - Demonstrate integration with MultiCloud as a proxy to OpenStack
- - Continue supporting the vFW closed loop use case as part of regression from the seed contribution.
+The Beijing release added the following functionality:
+
+ - Added support for the following LCM actions:
+
+ - To support in-place software upgrade:
+
+ - QuiesceTraffic
+ - ResumeTraffic
+ - UpgradeSoftware
+ - UpgradePreCheck
+ - UpgradePostCheck
+ - UpgradeBackup
+ - UpgradeBackout
+
+ - To support storage management in OpenStack
+
+ - AttachVolume
+ - DetachVolume
+
+ - To support Manual Scale Out use case
+
+ - ConfigScaleOut (more details can be found in teh APPC Epic: `APPC-431 <https://jira.onap.org/browse/APPC-431>`)
+
+ - To support general operations
+
+ - ActionStatus
+
+ - A desciption of all of the above LCM actions can be found in the APPC LCM API Guide on readthedoc:
-Other key features added in this release include:
+ - Contributed the APPC Controller Design Tool (CDT), which enables self-serve capabilities by allowing users to model their VNF/VNFC for consumption by APPC to use in the execution of requests to perform life cycle management activities.
+
+ - More details on the APPC CDT can be found in the APPC CDT User Guide in readthedocs.
+ - Additional information on how the APPC CDT tool was used to model the vLB and build teh artifacts needed by APPC to execute teh ConfigScaleOut action can be found at the following wiki pages: https://wiki.onap.org/pages/viewpage.action?pageId=33065185
+
+ - Additional contributions as part of Beijing include:
+
+ - Support for Platform Maturity requirements, including:
+
+ - Increased security
+
+ - Added security to ODL web-based API access via AAF (see `APPC-404 <https://jira.onap.org/browse/APPC-404>` for additional details)
+ - Addressed critical alerts reported via Nexus IQ to the extent possible (see `APPC-656 <https://jira.onap.org/browse/APPC-656>`)
+
+ - Stability
+
+ - Executed 72 hour stability test on both Heat and OOM deployed environments using JMeter to drive a steady set of transactions over the 72 hour period (see the following wiki page for more details: https://wiki.onap.org/display/DW/ONAP+APPC+72+Hour+Stability+Test+Results )
+
+ - Resiliency
+
+ - Support for OOM deployment, which enables resiliency via use of Kubernetes (see `APPC-414 <https://jira.onap.org/browse/APPC-414>` for additional details)
+
+ - Upgraded OpenDaylight (ODL) version to Nitrogen
+
+
- - Support for Ansible
- - The Ansible Extension for APP-C allows management of VNFs that support Ansible. Ansible is a an open-source VNF management framework that provides an almost cli like set of tools in a structured form. APPC supports Ansible through the following three additions: An Ansible server interface, Ansible Adapter, and Ansible Directed Graph.
- - Support for Chef
- - The Chef Extension for APPC allows management of VNFs that support Chef through the following two additions: a Chef Adapter and Chef Directed Graph.
- - LifeCycle Management (LCM) APIs via standalone DGs or via the DGOrchestrator architecture to trigger actions on VMs, VNFs, or VNFCs
- - OAM APIs to manage the APPC application itself
- - Upgrade of OpenDaylight to Carbon version
+**Bug Fixes**
+ - The following defects that were documented as known issues in Amsterdam have been fixed in Beijing release:
+
+ - `APPC-316 <https://jira.onap.org/browse/APPC-316>`_ - Null payload issue for Stop Application
+
+ - `APPC-315 <https://jira.onap.org/browse/APPC-315>`_ - appc-request-handler is giving error java.lang.NoClassDefFoundError
-**Bug Fixes**
- - This is technically the first release of APPC, previous release was the seed code contribution. As such, the defects fixed in this release were raised during the course of the release. Anything not closed is captured below under Known Issues. If you want to review the defects fixed in the Amsterdam release, refer to `Jira <https://jira.onap.org/issues/?filter=10570&jql=project%20%3D%20APPC%20AND%20issuetype%20%3D%20Bug%20AND%20status%20%3D%20Closed%20AND%20fixVersion%20%3D%20%22Amsterdam%20Release%22>`_.
+ - `APPC-312 <https://jira.onap.org/browse/APPC-312>`_ - APPC request is going to wrong request handler and rejecting request.
+
+ - `APPC-311 <https://jira.onap.org/browse/APPC-311>`_ - The APPC LCM Provider Healthcheck
+
+ - `APPC-309 <https://jira.onap.org/browse/APPC-309>`_ - APPC LCM Provider URL missing in appc.properties.
+
+ - `APPC-307 <https://jira.onap.org/browse/APPC-307>`_ - Embed jackson-annotations dependency in appc-dg-common during run-time
+
+ - `APPC-276 <https://jira.onap.org/browse/APPC-276>`_ - Some Junit are breaking convention causing excessively long build
+
+ - `APPC-248 <https://jira.onap.org/browse/APPC-248>`_ - There is an compatibility issue between PowerMock and Jacoco which causes Sonar coverage not to be captured. Fix is to move to Mockito.
- - Please also refer to the notes below. Given the timeframe and resource limitations, not all functions of the release could be validated. Items that were validated are documented on the wiki at the link provide below. If you find issues in the course of your work with APPC, please open a defect in the Application Controller project of Jira (jira.onpa.org)
**Known Issues**
- - `APPC-316 <https://jira.onap.org/browse/APPC-316>`_ - Null payload issue for Stop Application; Stop action will not work with a null payload. Ensure when testing Stop action that payload is included.
+ - `APPC-912 <https://jira.onap.org/browse/APPC-912>`_ - MalformedChunkCodingException in MDSALStoreImpl.getNodeName
- - `APPC-315 <https://jira.onap.org/browse/APPC-315>`_ - appc-request-handler is giving error java.lang.NoClassDefFoundError - This error results in vnf state and lock not being released. The workaround is to manually remove the entries from the VNF_LOCK_MANAGEMENT and VNF_STATE_MANAGEMENT tables.
- - ``DELETE FROM VNF_LOCK_MANAGEMENT where RESOURCE_ID="vnf-id"``
- - ``DELETE FROM VNF_STATE_MANAGEMENT where VNF_ID="vnf-id"``
+ - `APPC-892 <https://jira.onap.org/browse/APPC-892>`_ - Cntl+4 to highlight and replace feature- Textbox is accepting space and able to submit without giving any value
- - `APPC-312 <https://jira.onap.org/browse/APPC-312>`_ - APPC request is going to wrong request handler and rejecting request. Configure request failing with following error: ``REJECTED Action Configure is not supported on VM level``.
+ - `APPC-869 <https://jira.onap.org/browse/APPC-869>`_ - VM Snapshot error occurs during image validation.
- - `APPC-311 <https://jira.onap.org/browse/APPC-311>`_ - The APPC LCM Provider Healthcheck, which does a healthceck on a VNF, is failing. No known workaround at this time.
+ - `APPC-814 <https://jira.onap.org/browse/APPC-814>`_ - Update openecomp-tosca-datatype namespace
- - `APPC-309 <https://jira.onap.org/browse/APPC-309>`_ - The property: ``appc.LCM.provider.url=http://127.0.0.1:8181/restconf/operations/appc-provider-lcm`` is missing from appc.properties in the appc deployment. The property can be manually added as a workaround, then bounce the appc container.
-
- - `APPC-307 <https://jira.onap.org/browse/APPC-307>`_ - Missing jackson-annotations dependency in appc-dg-common - This issue results in Rebuild operation via the APPC Provider not to work. Use instead Rebuild via the APPC LCM Provider using DGOrchestrator.
-
- - `APPC-276 <https://jira.onap.org/browse/APPC-276>`_ - A number of junit testcases need to be reworked because they are causing APPC builds to take much longer to complete. This issue does not cause the build to fail, just take longer. You can comment out these junit in your local build if this is a problem.
-
- - `APPC-248 <https://jira.onap.org/browse/APPC-248>`_ - There is an compatibility issue between PowerMock and Jacoco which causes Sonar coverage not to be captured. There is no functional impact on APPC.
+ - `APPC-340 <https://jira.onap.org/browse/APPC-340>`_ - APPC rejecting request even for decimal of millisecond timestamp difference
- `APPC-154 <https://jira.onap.org/browse/APPC-154>`_ - Logging issue - Request REST API of APPC has RequestID (MDC) in Body or Payload section instead of Header.
**Security Issues**
- - Communication over DMaaP currently does not use secure topics in this release.
- - AAF is deactivated by default in this release and was not validated or committed as part of the Amsterdam Release.
-
+ - Communication over DMaaP currently does not use secure topics in this release. This has dependency on DMaaP to enable.
+ - The following Nexus IQ issues are currently open on the Beijing release:
+
+ - Critical Threat Level per Nexus IQ Report (Note that these have been assessed for Beijing and determined not to be a risk for APPC based on usage)
+
+ - CVE-2017-7525 - Component: org.codehaus.jackson : jackson-mapper-asl : 1.9.13 - Filename: jackson-mapper-asl-1.9.13.jar
+ - CVE-2017-7525 - Component: org.codehaus.jackson : jackson-mapper-asl : 1.9.2 - Filename: jackson-mapper-asl-1.9.2.jar
+ - CVE-2017-7525 - Component: com.fasterxml.jackson.core : jackson-databind : 2.8.1 - Filename: jackson-databind-2.8.1.jar
+ - CVE-2017-7525 - Component: com.fasterxml.jackson.core : jackson-databind : 2.3.2 - Filename: jackson-databind-2.3.2.jar
+ - SONATYPE-2017-0355 - Component: com.fasterxml.jackson.core : jackson-core : 2.3.2 - Filename: jackson-core-2.3.2.jar
+ - SONATYPE-2017-0359 - Component: oorg.apache.karaf.jaas : org.apache.karaf.jaas.modules : 4.0.10 - 4.0.10 - Filename: org.apache.karaf.jaas.modules-4.0.10.jar
+ - SONATYPE-2017-0359 - Component: org.apache.httpcomponents : httpclient : 4.5.2 - Filename: httpclient-4.5.2.jar
+ - CVE-2017-1000028 - Component: org.glassfish.grizzly : grizzly-http : 2.3.28 - Filename: grizzly-http-2.3.28.jar
+ - SONATYPE-2017-0355 - Component: com.fasterxml.jackson.core : jackson-core : 2.8.1 - Filename: jackson-core-2.8.1.jar
+
+ - Severe Threat Level per Nexus IQ Report
+
+ - CVE-2018-10237 - Component: com.google.guava : guava : 22.0 - Filename: guava-22.0.jar
+ - CVE-2018-10237 - Component: com.google.guava : guava : 18.0 - Filename: guava-18.0.jar
+ - SONATYPE-2016-0397 - Component: com.fasterxml.jackson.core : jackson-core : 2.3.2 - Filename: jackson-core-2.3.2.jar
+ - SONATYPE-2017-0356 - Component: io.netty : netty-handler : 4.1.8.Final - Filename: netty-handler-4.1.8.Final.jar
+ - CVE-2016-5725 - Component: com.jcraft : jsch : 0.1.52 - Filename: jsch-0.1.52.jar
+ - CVE-2015-5262 - Component: org.apache.karaf.jaas : org.apache.karaf.jaas.modules : 4.0.10 - Filename: org.apache.karaf.jaas.modules-4.0.10.jar
+ - CVE-2016-5725 - Component: com.jcraft : jsch : 0.1.51 - Filename: jsch-0.1.51.jar
+
+
+ Full report from Nexus IQ - :download:`appc-Build-20180518-NexusIQ Report.pdf` Copy of full Nexus IQ Report
+
**Other**
- Limitations, Constraints and other worthy notes
- - LCM Healthcheck and Configure actions do not work.
- - The APPC actions validated in this release are captured here: https://wiki.onap.org/display/DW/APPC+Testing+Scope+and+Status
+ - It is impossible for us to test all aspect of the application. Scope of testing done in Beijing is captured on the following wiki: https://wiki.onap.org/display/DW/APPC+Beijing+Testing+Scope+and+Status
- Currently APPC only supports OpenStack
- OpenStack Hypervisorcheck is turned off by default. If you want to invoke this functionality via the appc.properties, you need to enable it and ensure you have Admin level access to OpenStack.
- Integration with MultiCloud is supported for Standalone Restart (i.e., not via DGOrchestrator). For any other action, such as Stop, Start, etc.. via MultiCloud requires the MultiCloud identity URL to be either passed in the payload or defined in appc.properties.
- APPC needs Admin level access for Tenant level operations.
- - Currently, if DGs are modified in appc.git repo, they must be manually moved to the appc/deployment repo.
- Currently, the "ModifyConfig" API and the implementation in the Master Directed Graph is only designed to work with the vFW Closed-Loop Demo.
Code Review / appc.git / commitdiff
