summaryrefslogtreecommitdiff
path: root/smoketest
diff options
context:
space:
mode:
Diffstat (limited to 'smoketest')
-rw-r--r--smoketest/configs.no-load/firewall-big43440
-rw-r--r--smoketest/configs/basic-vyos140
-rw-r--r--smoketest/configs/bgp-big-as-cloud10
-rw-r--r--smoketest/configs/dialup-router-complex19
-rw-r--r--smoketest/configs/dialup-router-medium-vpn33
-rw-r--r--smoketest/configs/ipv6-disable83
-rw-r--r--smoketest/configs/qos-basic205
-rw-r--r--smoketest/scripts/cli/base_interfaces_test.py103
-rw-r--r--smoketest/scripts/cli/base_vyostest_shim.py17
-rwxr-xr-xsmoketest/scripts/cli/test_component_version.py36
-rwxr-xr-xsmoketest/scripts/cli/test_configd_init.py38
-rwxr-xr-xsmoketest/scripts/cli/test_firewall.py233
-rwxr-xr-xsmoketest/scripts/cli/test_ha_virtual_server.py146
-rwxr-xr-xsmoketest/scripts/cli/test_ha_vrrp.py46
-rwxr-xr-xsmoketest/scripts/cli/test_interfaces_bonding.py43
-rwxr-xr-xsmoketest/scripts/cli/test_interfaces_bridge.py5
-rwxr-xr-xsmoketest/scripts/cli/test_interfaces_dummy.py2
-rwxr-xr-xsmoketest/scripts/cli/test_interfaces_ethernet.py152
-rwxr-xr-xsmoketest/scripts/cli/test_interfaces_geneve.py6
-rwxr-xr-xsmoketest/scripts/cli/test_interfaces_l2tpv3.py2
-rwxr-xr-xsmoketest/scripts/cli/test_interfaces_loopback.py2
-rwxr-xr-xsmoketest/scripts/cli/test_interfaces_macsec.py5
-rwxr-xr-xsmoketest/scripts/cli/test_interfaces_netns.py83
-rwxr-xr-xsmoketest/scripts/cli/test_interfaces_openvpn.py114
-rwxr-xr-xsmoketest/scripts/cli/test_interfaces_pppoe.py14
-rwxr-xr-xsmoketest/scripts/cli/test_interfaces_pseudo_ethernet.py5
-rwxr-xr-xsmoketest/scripts/cli/test_interfaces_tunnel.py108
-rwxr-xr-xsmoketest/scripts/cli/test_interfaces_vxlan.py75
-rwxr-xr-xsmoketest/scripts/cli/test_interfaces_wireguard.py9
-rwxr-xr-xsmoketest/scripts/cli/test_interfaces_wireless.py2
-rwxr-xr-xsmoketest/scripts/cli/test_nat.py119
-rwxr-xr-xsmoketest/scripts/cli/test_nat66.py4
-rwxr-xr-xsmoketest/scripts/cli/test_pki.py9
-rwxr-xr-xsmoketest/scripts/cli/test_policy.py433
-rwxr-xr-xsmoketest/scripts/cli/test_policy_route.py145
-rwxr-xr-xsmoketest/scripts/cli/test_protocols_bfd.py85
-rwxr-xr-xsmoketest/scripts/cli/test_protocols_bgp.py335
-rwxr-xr-xsmoketest/scripts/cli/test_protocols_isis.py51
-rwxr-xr-xsmoketest/scripts/cli/test_protocols_mpls.py116
-rwxr-xr-xsmoketest/scripts/cli/test_protocols_nhrp.py9
-rwxr-xr-xsmoketest/scripts/cli/test_protocols_ospf.py171
-rwxr-xr-xsmoketest/scripts/cli/test_protocols_ospfv3.py135
-rwxr-xr-xsmoketest/scripts/cli/test_protocols_ripng.py22
-rwxr-xr-xsmoketest/scripts/cli/test_protocols_rpki.py2
-rwxr-xr-xsmoketest/scripts/cli/test_protocols_static.py57
-rwxr-xr-xsmoketest/scripts/cli/test_protocols_static_arp.py88
-rwxr-xr-xsmoketest/scripts/cli/test_service_dhcp-server.py9
-rwxr-xr-xsmoketest/scripts/cli/test_service_dhcpv6-server.py20
-rwxr-xr-xsmoketest/scripts/cli/test_service_https.py78
-rwxr-xr-xsmoketest/scripts/cli/test_service_ids.py94
-rwxr-xr-xsmoketest/scripts/cli/test_service_lldp.py127
-rwxr-xr-xsmoketest/scripts/cli/test_service_monitoring_telegraf.py65
-rwxr-xr-xsmoketest/scripts/cli/test_service_salt.py105
-rwxr-xr-xsmoketest/scripts/cli/test_service_snmp.py104
-rwxr-xr-xsmoketest/scripts/cli/test_service_ssh.py123
-rwxr-xr-xsmoketest/scripts/cli/test_service_tftp-server.py39
-rwxr-xr-xsmoketest/scripts/cli/test_service_upnp.py105
-rwxr-xr-xsmoketest/scripts/cli/test_service_webproxy.py16
-rwxr-xr-xsmoketest/scripts/cli/test_system_conntrack.py24
-rwxr-xr-xsmoketest/scripts/cli/test_system_flow-accounting.py230
-rwxr-xr-xsmoketest/scripts/cli/test_system_ipv6.py17
-rwxr-xr-xsmoketest/scripts/cli/test_system_login.py10
-rwxr-xr-xsmoketest/scripts/cli/test_system_logs.py117
-rwxr-xr-xsmoketest/scripts/cli/test_system_ntp.py60
-rwxr-xr-xsmoketest/scripts/cli/test_vpn_ipsec.py111
-rwxr-xr-xsmoketest/scripts/cli/test_vpn_openconnect.py42
-rwxr-xr-xsmoketest/scripts/cli/test_vrf.py93
-rwxr-xr-xsmoketest/scripts/cli/test_zone_policy.py69
68 files changed, 48005 insertions, 610 deletions
diff --git a/smoketest/configs.no-load/firewall-big b/smoketest/configs.no-load/firewall-big
new file mode 100644
index 000000000..94b0c6dd5
--- /dev/null
+++ b/smoketest/configs.no-load/firewall-big
@@ -0,0 +1,43440 @@
+firewall {
+ all-ping enable
+ broadcast-ping disable
+ config-trap disable
+ group {
+ address-group CENTREON_SERVERS {
+ address 109.228.63.82
+ }
+ address-group CLUSTER_ADDRESSES {
+ address 10.255.255.4
+ address 10.255.255.5
+ address 77.68.76.16
+ address 77.68.77.16
+ address 172.16.255.254
+ address 77.68.76.14
+ address 77.68.77.14
+ address 77.68.76.13
+ address 77.68.77.13
+ address 77.68.76.12
+ address 77.68.77.12
+ address 77.68.77.67
+ address 77.68.77.103
+ address 77.68.77.130
+ address 77.68.76.245
+ address 77.68.77.85
+ address 77.68.76.45
+ address 77.68.77.144
+ address 77.68.77.105
+ address 77.68.76.122
+ address 77.68.76.104
+ address 77.68.77.115
+ address 77.68.77.178
+ address 77.68.76.239
+ address 77.68.76.30
+ address 77.68.77.249
+ address 77.68.76.59
+ address 77.68.77.44
+ address 77.68.77.200
+ address 77.68.77.228
+ address 77.68.76.191
+ address 77.68.76.102
+ address 77.68.77.26
+ address 77.68.76.152
+ address 77.68.77.212
+ address 77.68.76.142
+ address 77.68.76.60
+ address 77.68.77.253
+ address 77.68.76.54
+ address 77.68.76.33
+ address 77.68.77.114
+ address 77.68.77.176
+ address 77.68.77.219
+ address 77.68.77.19
+ address 77.68.77.22
+ address 77.68.77.248
+ address 77.68.76.161
+ address 77.68.77.56
+ address 77.68.77.129
+ address 77.68.77.140
+ address 77.68.76.177
+ address 77.68.77.117
+ address 77.68.77.108
+ address 77.68.76.50
+ address 77.68.76.217
+ address 77.68.77.160
+ address 77.68.77.30
+ address 77.68.77.21
+ address 77.68.76.29
+ address 77.68.76.158
+ address 77.68.76.203
+ address 77.68.77.243
+ address 77.68.77.54
+ address 77.68.76.22
+ address 77.68.76.25
+ address 77.68.76.21
+ address 77.68.77.221
+ address 77.68.77.76
+ address 77.68.76.127
+ address 77.68.77.139
+ address 77.68.77.240
+ address 77.68.76.39
+ address 77.68.76.149
+ address 77.68.77.57
+ address 77.68.77.185
+ address 77.68.76.116
+ address 77.68.76.160
+ address 77.68.77.70
+ address 77.68.77.149
+ address 77.68.76.57
+ address 77.68.76.115
+ address 77.68.76.200
+ address 77.68.76.23
+ address 77.68.77.46
+ address 77.68.76.198
+ address 77.68.77.141
+ address 77.68.77.50
+ address 77.68.77.128
+ address 77.68.77.88
+ address 77.68.76.80
+ address 77.68.76.35
+ address 77.68.77.204
+ address 77.68.77.201
+ address 77.68.77.97
+ address 77.68.76.195
+ address 77.68.76.202
+ address 77.68.76.157
+ address 77.68.77.159
+ address 77.68.76.118
+ address 77.68.76.38
+ address 77.68.77.203
+ address 77.68.77.233
+ address 77.68.77.163
+ address 77.68.77.49
+ address 77.68.76.58
+ address 77.68.77.171
+ address 77.68.77.150
+ address 77.68.77.199
+ address 77.68.76.220
+ address 77.68.77.156
+ address 77.68.76.248
+ address 77.68.76.171
+ address 77.68.76.212
+ address 77.68.77.132
+ address 77.68.77.81
+ address 77.68.76.37
+ address 77.68.76.197
+ address 77.68.76.20
+ address 77.68.76.99
+ address 77.68.77.211
+ address 77.68.77.236
+ address 77.68.76.252
+ address 77.68.77.32
+ address 77.68.77.247
+ address 77.68.76.209
+ address 77.68.77.202
+ address 77.68.76.247
+ address 77.68.77.99
+ address 77.68.76.169
+ address 77.68.76.95
+ address 77.68.76.187
+ address 77.68.77.222
+ address 77.68.77.53
+ address 77.68.77.124
+ address 77.68.76.61
+ address 77.68.77.43
+ address 77.68.76.94
+ address 77.68.77.165
+ address 77.68.77.152
+ address 77.68.76.44
+ address 77.68.76.47
+ address 77.68.76.74
+ address 77.68.76.55
+ address 77.68.77.75
+ address 77.68.77.239
+ address 77.68.76.75
+ address 77.68.77.71
+ address 77.68.76.145
+ address 77.68.77.145
+ address 77.68.77.68
+ address 77.68.76.126
+ address 77.68.76.88
+ address 77.68.77.181
+ address 77.68.76.112
+ address 77.68.77.33
+ address 77.68.77.137
+ address 77.68.77.92
+ address 77.68.76.111
+ address 77.68.76.185
+ address 77.68.76.208
+ address 77.68.76.150
+ address 77.68.77.208
+ address 77.68.76.42
+ address 77.68.76.164
+ address 77.68.77.207
+ address 77.68.76.49
+ address 77.68.77.227
+ address 77.68.76.136
+ address 77.68.76.77
+ address 77.68.76.123
+ address 77.68.76.31
+ address 77.68.76.148
+ address 77.68.77.120
+ address 77.68.76.183
+ address 77.68.77.107
+ address 77.68.76.141
+ address 77.68.76.105
+ address 77.68.76.251
+ address 77.68.76.249
+ address 77.68.77.59
+ address 77.68.77.37
+ address 77.68.77.65
+ address 77.68.76.231
+ address 77.68.77.24
+ address 77.68.77.63
+ address 77.68.76.234
+ address 77.68.76.93
+ address 77.68.77.77
+ address 77.68.77.151
+ address 77.68.76.235
+ address 77.68.77.95
+ address 77.68.77.190
+ address 77.68.76.91
+ address 77.68.77.79
+ address 77.68.77.100
+ address 77.68.76.241
+ address 77.68.77.209
+ address 77.68.76.110
+ address 77.68.76.40
+ address 77.68.76.76
+ address 77.68.76.124
+ address 77.68.77.234
+ address 77.68.76.219
+ address 77.68.77.90
+ address 77.68.76.107
+ address 77.68.76.26
+ address 77.68.76.211
+ address 77.68.76.19
+ address 77.68.77.231
+ address 77.68.76.254
+ address 77.68.77.251
+ address 77.68.77.74
+ address 77.68.77.192
+ address 77.68.76.253
+ address 77.68.77.214
+ address 77.68.76.92
+ address 77.68.76.250
+ address 77.68.77.215
+ address 77.68.76.165
+ address 77.68.77.254
+ address 77.68.76.120
+ address 77.68.76.228
+ address 77.68.77.157
+ address 77.68.77.205
+ address 77.68.76.138
+ address 77.68.77.102
+ address 77.68.76.181
+ address 77.68.76.139
+ address 77.68.76.243
+ address 77.68.76.244
+ address 77.68.76.114
+ address 77.68.77.72
+ address 77.68.77.161
+ address 77.68.77.38
+ address 77.68.77.62
+ address 77.68.92.186
+ address 77.68.91.195
+ address 77.68.23.35
+ address 77.68.84.155
+ address 77.68.17.26
+ address 77.68.76.96
+ address 77.68.28.145
+ address 77.68.76.48
+ address 109.228.56.185
+ address 77.68.84.147
+ address 77.68.23.64
+ address 77.68.26.166
+ address 77.68.29.178
+ address 77.68.12.195
+ address 77.68.21.78
+ address 77.68.5.166
+ address 77.68.5.187
+ address 77.68.4.111
+ address 77.68.4.22
+ address 77.68.7.227
+ address 77.68.4.24
+ address 77.68.4.74
+ address 77.68.6.202
+ address 77.68.5.241
+ address 77.68.7.222
+ address 77.68.4.39
+ address 77.68.4.25
+ address 77.68.7.160
+ address 77.68.27.211
+ address 77.68.89.183
+ address 77.68.24.59
+ address 77.68.7.114
+ address 77.68.75.113
+ address 77.68.81.44
+ address 77.68.90.106
+ address 77.68.94.181
+ address 77.68.30.164
+ address 77.68.30.133
+ address 77.68.7.67
+ address 77.68.77.174
+ address 77.68.27.54
+ address 77.68.4.136
+ address 77.68.72.202
+ address 77.68.112.83
+ address 77.68.85.172
+ address 77.68.23.158
+ address 77.68.112.75
+ address 77.68.24.112
+ address 77.68.112.213
+ address 77.68.72.254
+ address 77.68.20.161
+ address 77.68.26.216
+ address 77.68.112.184
+ address 77.68.79.82
+ address 77.68.27.57
+ address 77.68.20.231
+ address 77.68.118.17
+ address 77.68.118.120
+ address 77.68.117.51
+ address 77.68.118.102
+ address 77.68.116.119
+ address 77.68.117.45
+ address 77.68.116.220
+ address 77.68.116.232
+ address 77.68.117.222
+ address 77.68.118.15
+ address 77.68.116.221
+ address 77.68.116.183
+ address 77.68.119.14
+ address 77.68.112.91
+ address 77.68.117.202
+ address 77.68.118.104
+ address 77.68.7.172
+ address 77.68.83.41
+ address 77.68.15.95
+ address 77.68.4.57
+ address 77.68.85.27
+ address 77.68.86.40
+ address 77.68.88.164
+ address 109.228.56.26
+ address 77.68.7.123
+ address 77.68.112.248
+ address 109.228.60.215
+ address 109.228.55.82
+ address 77.68.7.186
+ address 77.68.6.210
+ address 77.68.77.238
+ address 77.68.10.142
+ address 77.68.31.144
+ address 77.68.93.246
+ address 77.68.121.127
+ address 77.68.121.94
+ address 77.68.120.241
+ address 77.68.121.106
+ address 77.68.122.195
+ address 77.68.122.89
+ address 77.68.120.146
+ address 77.68.120.249
+ address 77.68.122.241
+ address 77.68.119.92
+ address 77.68.120.26
+ address 77.68.81.141
+ address 77.68.79.206
+ address 77.68.116.52
+ address 77.68.88.100
+ address 77.68.6.105
+ address 77.68.78.229
+ address 77.68.6.32
+ address 77.68.10.170
+ address 77.68.76.229
+ address 77.68.95.42
+ address 77.68.28.207
+ address 77.68.17.186
+ address 77.68.4.252
+ address 77.68.24.220
+ address 77.68.2.215
+ address 77.68.91.128
+ address 77.68.22.146
+ address 77.68.23.112
+ address 77.68.75.245
+ address 77.68.125.218
+ address 77.68.125.32
+ address 77.68.12.250
+ address 109.228.37.174
+ address 77.68.127.151
+ address 109.228.37.114
+ address 109.228.36.229
+ address 109.228.37.240
+ address 109.228.61.31
+ address 109.228.35.110
+ address 109.228.39.157
+ address 109.228.39.249
+ address 109.228.38.171
+ address 109.228.40.226
+ address 109.228.40.207
+ address 109.228.40.247
+ address 77.68.126.51
+ address 77.68.117.214
+ address 77.68.113.117
+ address 77.68.117.142
+ address 77.68.17.200
+ address 77.68.4.242
+ address 77.68.86.148
+ address 109.228.39.151
+ address 109.228.40.194
+ address 77.68.114.183
+ address 77.68.90.132
+ address 77.68.16.247
+ address 77.68.6.110
+ address 109.228.36.37
+ address 77.68.127.172
+ address 77.68.14.88
+ address 77.68.120.229
+ address 213.171.212.203
+ address 213.171.213.41
+ address 213.171.213.175
+ address 213.171.213.97
+ address 213.171.212.171
+ address 213.171.212.89
+ address 213.171.214.96
+ address 213.171.212.172
+ address 213.171.215.252
+ address 213.171.213.242
+ address 213.171.213.31
+ address 213.171.212.71
+ address 213.171.208.58
+ address 77.68.25.130
+ address 213.171.215.184
+ address 77.68.13.76
+ address 109.228.56.242
+ address 77.68.25.146
+ address 109.228.46.81
+ address 77.68.77.69
+ address 213.171.210.19
+ address 77.68.120.45
+ address 77.68.116.36
+ address 213.171.211.128
+ address 77.68.25.124
+ address 109.228.48.249
+ address 213.171.210.59
+ address 213.171.215.43
+ address 109.228.40.195
+ address 109.228.52.186
+ address 77.68.113.164
+ address 77.68.114.93
+ address 77.68.75.253
+ address 109.228.53.243
+ address 109.228.36.194
+ address 77.68.28.147
+ address 77.68.123.250
+ address 185.132.36.24
+ address 185.132.39.129
+ address 185.132.36.142
+ address 185.132.39.68
+ address 185.132.36.17
+ address 185.132.36.148
+ address 185.132.37.101
+ address 185.132.39.44
+ address 185.132.39.37
+ address 185.132.37.102
+ address 185.132.38.142
+ address 185.132.38.114
+ address 185.132.38.95
+ address 185.132.37.83
+ address 185.132.36.7
+ address 109.228.40.222
+ address 77.68.119.188
+ address 77.68.74.85
+ address 77.68.91.22
+ address 213.171.212.136
+ address 185.132.38.216
+ address 77.68.120.31
+ address 77.68.95.212
+ address 109.228.42.232
+ address 77.68.13.137
+ address 77.68.85.73
+ address 77.68.85.115
+ address 109.228.36.174
+ address 77.68.9.186
+ address 77.68.27.18
+ address 77.68.27.27
+ address 77.68.27.28
+ address 77.68.3.80
+ address 77.68.3.121
+ address 77.68.3.144
+ address 77.68.3.161
+ address 77.68.3.194
+ address 77.68.3.247
+ address 77.68.28.139
+ address 77.68.81.218
+ address 77.68.93.125
+ address 77.68.74.39
+ address 77.68.78.73
+ address 77.68.5.95
+ address 77.68.74.152
+ address 77.68.87.212
+ address 77.68.3.52
+ address 77.68.114.136
+ address 77.68.125.60
+ address 213.171.214.167
+ address 77.68.114.234
+ address 213.171.213.42
+ address 109.228.59.247
+ address 185.132.39.99
+ address 185.132.39.145
+ address 109.228.35.84
+ address 185.132.36.60
+ address 185.132.40.11
+ address 185.132.39.219
+ address 77.68.26.221
+ address 185.132.40.56
+ address 77.68.117.29
+ address 185.132.40.90
+ address 109.228.38.201
+ address 185.132.40.244
+ address 77.68.11.140
+ address 213.171.210.155
+ address 185.132.37.23
+ address 213.171.214.234
+ address 77.68.77.29
+ address 77.68.20.217
+ address 185.132.40.152
+ address 77.68.9.75
+ address 213.171.210.177
+ address 185.132.41.72
+ address 185.132.41.73
+ address 77.68.5.155
+ address 185.132.43.6
+ address 77.68.75.45
+ address 109.228.46.196
+ address 185.132.43.28
+ address 77.68.89.72
+ address 185.132.43.98
+ address 77.68.76.176
+ address 185.132.43.164
+ address 185.132.43.157
+ address 77.68.6.119
+ address 77.68.92.92
+ address 77.68.10.152
+ address 77.68.73.73
+ address 77.68.32.43
+ address 185.132.38.248
+ address 77.68.120.218
+ address 77.68.32.31
+ address 77.68.32.254
+ address 77.68.32.118
+ address 77.68.82.157
+ address 77.68.121.119
+ address 77.68.74.209
+ address 77.68.33.68
+ address 77.68.24.172
+ address 77.68.33.197
+ address 77.68.33.48
+ address 77.68.34.26
+ address 77.68.34.28
+ address 77.68.79.89
+ address 77.68.76.137
+ address 77.68.33.216
+ address 77.68.32.83
+ address 77.68.32.86
+ address 77.68.32.89
+ address 77.68.34.138
+ address 77.68.34.139
+ address 77.68.123.177
+ address 77.68.35.116
+ address 77.68.33.171
+ address 213.171.208.40
+ address 77.68.118.86
+ address 77.68.48.81
+ address 77.68.48.89
+ address 77.68.48.105
+ address 77.68.85.18
+ address 77.68.26.228
+ address 77.68.49.4
+ address 77.68.80.26
+ address 77.68.80.97
+ address 77.68.126.101
+ address 77.68.126.14
+ address 77.68.49.12
+ address 77.68.117.173
+ address 77.68.8.144
+ address 77.68.82.147
+ address 77.68.24.134
+ address 77.68.112.167
+ address 77.68.49.126
+ address 77.68.49.178
+ address 77.68.50.91
+ address 77.68.50.90
+ address 77.68.24.63
+ address 109.228.37.187
+ address 77.68.50.193
+ address 77.68.50.198
+ address 77.68.50.142
+ address 77.68.114.237
+ address 77.68.115.17
+ address 77.68.49.159
+ address 77.68.49.160
+ address 213.171.208.176
+ address 77.68.116.84
+ address 77.68.126.160
+ address 185.132.36.56
+ address 77.68.49.161
+ address 77.68.34.50
+ address 185.132.41.240
+ address 77.68.51.214
+ address 77.68.51.202
+ address 185.132.37.133
+ address 77.68.77.42
+ address 77.68.100.132
+ address 77.68.100.134
+ address 77.68.100.150
+ address 185.132.41.148
+ address 77.68.101.64
+ address 213.171.210.25
+ address 77.68.101.124
+ address 77.68.101.125
+ address 77.68.89.247
+ address 185.132.39.109
+ address 77.68.100.167
+ address 77.68.5.125
+ address 77.68.4.80
+ address 77.68.49.152
+ address 77.68.12.45
+ address 77.68.4.180
+ address 213.171.214.102
+ address 77.68.126.22
+ address 77.68.114.205
+ address 109.228.36.119
+ address 213.171.212.90
+ address 77.68.33.37
+ address 185.132.43.71
+ address 185.132.43.113
+ address 77.68.48.202
+ address 185.132.40.166
+ address 77.68.112.90
+ address 77.68.112.175
+ address 77.68.103.19
+ address 77.68.103.120
+ address 77.68.33.24
+ address 77.68.103.147
+ address 109.228.47.223
+ address 109.228.58.134
+ address 109.228.56.97
+ address 77.68.31.96
+ address 77.68.103.227
+ address 88.208.196.91
+ address 88.208.196.92
+ address 88.208.196.154
+ address 88.208.197.10
+ address 77.68.87.164
+ address 77.68.93.164
+ address 185.132.37.47
+ address 77.68.75.64
+ address 88.208.197.118
+ address 88.208.197.135
+ address 88.208.197.150
+ address 88.208.197.155
+ address 88.208.197.160
+ address 88.208.197.60
+ address 109.228.37.10
+ address 88.208.215.61
+ address 77.68.102.129
+ address 88.208.196.123
+ address 109.228.36.79
+ address 185.132.38.182
+ address 88.208.215.62
+ address 88.208.215.157
+ address 88.208.198.251
+ address 88.208.215.19
+ address 88.208.198.39
+ address 109.228.38.117
+ address 77.68.29.65
+ address 88.208.215.121
+ address 77.68.115.142
+ address 77.68.76.108
+ address 88.208.198.64
+ address 88.208.198.66
+ address 77.68.3.61
+ address 88.208.198.92
+ address 77.68.74.232
+ address 77.68.118.88
+ address 77.68.100.77
+ address 77.68.48.14
+ address 88.208.198.69
+ address 88.208.197.23
+ address 88.208.199.249
+ address 213.171.212.114
+ address 109.228.39.41
+ address 88.208.199.141
+ address 77.68.21.171
+ address 88.208.199.233
+ address 88.208.212.31
+ address 77.68.102.5
+ address 88.208.212.94
+ address 109.228.61.37
+ address 88.208.199.46
+ address 77.68.78.113
+ address 88.208.212.182
+ address 88.208.212.188
+ address 185.132.40.124
+ address 213.171.209.217
+ address 77.68.103.56
+ address 88.208.197.208
+ address 88.208.197.129
+ }
+ address-group CMK_SATELLITES {
+ address 82.223.144.252
+ address 109.228.63.67
+ address 109.228.63.66
+ address 82.223.200.61
+ address 195.20.253.14
+ address 217.72.206.27
+ }
+ address-group DHCP_SERVERS {
+ address 10.255.241.13
+ address 10.255.241.14
+ address 10.255.242.13
+ address 10.255.242.14
+ address 10.255.243.13
+ address 10.255.243.14
+ address 10.255.244.13
+ address 10.255.244.14
+ address 10.255.245.13
+ address 10.255.245.14
+ address 10.255.246.13
+ address 10.255.246.14
+ address 10.255.247.13
+ address 10.255.247.14
+ address 10.255.248.13
+ address 10.255.248.14
+ address 10.255.249.13
+ address 10.255.249.14
+ address 77.68.76.14
+ address 77.68.77.14
+ address 77.68.76.13
+ address 77.68.77.13
+ }
+ address-group DNSCACHE_SERVERS {
+ address 10.255.255.4
+ address 10.255.255.5
+ address 77.68.76.12
+ address 77.68.77.12
+ }
+ address-group DT_BLOCKED {
+ address 172.16.255.254
+ }
+ address-group DT_FW0A5C4_1 {
+ address 185.132.40.56
+ }
+ address-group DT_FW0B352_1 {
+ address 77.68.77.238
+ }
+ address-group DT_FW0BB22_1 {
+ address 77.68.16.247
+ }
+ address-group DT_FW0BD92_3 {
+ address 109.228.36.79
+ }
+ address-group DT_FW0C2E6_4 {
+ address 77.68.76.110
+ }
+ address-group DT_FW0C8E1_1 {
+ address 77.68.77.103
+ }
+ address-group DT_FW0C25B_1 {
+ address 77.68.86.148
+ }
+ address-group DT_FW00D98_1 {
+ address 77.68.76.88
+ }
+ address-group DT_FW0E2EE_1 {
+ address 213.171.211.128
+ }
+ address-group DT_FW0E383_9 {
+ address 77.68.77.114
+ }
+ address-group DT_FW0EA3F_1 {
+ address 77.68.49.159
+ }
+ address-group DT_FW1ACD9_2 {
+ address 77.68.76.108
+ }
+ address-group DT_FW1C8F2_1 {
+ address 185.132.37.83
+ }
+ address-group DT_FW1CB16_1 {
+ address 77.68.29.178
+ }
+ address-group DT_FW1CC15_2 {
+ address 77.68.77.248
+ }
+ address-group DT_FW1D511_2 {
+ address 213.171.213.175
+ }
+ address-group DT_FW1F3D0_6 {
+ address 77.68.76.250
+ }
+ address-group DT_FW1F126_1 {
+ address 77.68.76.137
+ }
+ address-group DT_FW1FA8E_1 {
+ address 185.132.37.101
+ }
+ address-group DT_FW1FA9E_1 {
+ address 77.68.118.104
+ }
+ address-group DT_FW2ACFF_1 {
+ address 77.68.24.220
+ }
+ address-group DT_FW2B4BA_1 {
+ address 77.68.33.68
+ }
+ address-group DT_FW2B279_4 {
+ address 77.68.77.204
+ }
+ address-group DT_FW2BB8D_1 {
+ address 77.68.77.181
+ }
+ address-group DT_FW2BF20_3 {
+ address 77.68.76.187
+ }
+ address-group DT_FW2C5AE_1 {
+ address 77.68.76.228
+ }
+ address-group DT_FW2E8D4_1 {
+ address 77.68.77.249
+ }
+ address-group DT_FW2E060_1 {
+ address 77.68.77.215
+ }
+ address-group DT_FW2ED4D_2 {
+ address 109.228.39.151
+ }
+ address-group DT_FW2EF2C_1 {
+ address 77.68.11.140
+ }
+ address-group DT_FW2F868_6 {
+ address 77.68.76.254
+ }
+ address-group DT_FW2FB61_1 {
+ address 109.228.38.117
+ }
+ address-group DT_FW3A12F_1 {
+ address 77.68.5.95
+ }
+ address-group DT_FW3AD6F_1 {
+ address 77.68.120.241
+ }
+ address-group DT_FW03B35_1 {
+ address 77.68.125.60
+ }
+ address-group DT_FW3B068_2 {
+ address 77.68.77.63
+ }
+ address-group DT_FW3CAAB_1 {
+ address 77.68.76.234
+ }
+ address-group DT_FW3DBF8_9 {
+ address 77.68.76.198
+ }
+ address-group DT_FW3EBC8_1 {
+ address 77.68.13.76
+ }
+ address-group DT_FW03F2E_1 {
+ address 77.68.102.5
+ }
+ address-group DT_FW3F465_1 {
+ address 109.228.36.119
+ }
+ address-group DT_FW4AE7D_1 {
+ address 77.68.76.60
+ }
+ address-group DT_FW4C136_1 {
+ address 77.68.76.50
+ }
+ address-group DT_FW4D3E6_1 {
+ address 77.68.100.77
+ }
+ address-group DT_FW4DB0A_1 {
+ address 77.68.49.161
+ }
+ address-group DT_FW4E314_1 {
+ address 109.228.40.222
+ }
+ address-group DT_FW4E399_1 {
+ address 213.171.214.96
+ }
+ address-group DT_FW4F5EE_10 {
+ address 77.68.116.220
+ }
+ address-group DT_FW4F81F_4 {
+ address 77.68.77.43
+ }
+ address-group DT_FW5A5D7_3 {
+ address 77.68.77.205
+ }
+ address-group DT_FW5A77C_16 {
+ address 77.68.76.202
+ }
+ address-group DT_FW5A521_3 {
+ address 77.68.79.89
+ }
+ address-group DT_FW05AD0_2 {
+ address 77.68.77.72
+ }
+ address-group DT_FW5AE10_1 {
+ address 109.228.37.114
+ }
+ address-group DT_FW5CBB2_1 {
+ address 77.68.77.150
+ }
+ address-group DT_FW5D0FA_1 {
+ address 185.132.43.157
+ }
+ address-group DT_FW6A684_1 {
+ address 77.68.116.119
+ }
+ address-group DT_FW6B9B9_1 {
+ address 185.132.41.72
+ }
+ address-group DT_FW6B39D_1 {
+ address 77.68.4.111
+ address 77.68.77.174
+ }
+ address-group DT_FW6C992_1 {
+ address 77.68.85.27
+ }
+ address-group DT_FW6CD7E_2 {
+ address 77.68.76.148
+ }
+ address-group DT_FW6D0CD_1 {
+ address 77.68.76.241
+ }
+ address-group DT_FW6ECA4_1 {
+ address 77.68.117.51
+ }
+ address-group DT_FW6EFD7_1 {
+ address 77.68.84.147
+ }
+ address-group DT_FW6F539_1 {
+ address 77.68.76.217
+ }
+ address-group DT_FW7A9B0_9 {
+ address 77.68.76.47
+ }
+ address-group DT_FW7C4D9_14 {
+ address 109.228.36.37
+ }
+ address-group DT_FW7DAE2_3 {
+ address 185.132.38.216
+ }
+ address-group DT_FW7F28A_1 {
+ address 77.68.76.31
+ }
+ address-group DT_FW8A3FC_3 {
+ address 77.68.77.132
+ address 77.68.76.185
+ address 77.68.77.90
+ }
+ address-group DT_FW8A49A_1 {
+ address 77.68.77.85
+ }
+ address-group DT_FW8A57A_1 {
+ address 77.68.77.222
+ address 77.68.112.83
+ }
+ address-group DT_FW8AFF1_7 {
+ address 77.68.76.118
+ }
+ address-group DT_FW8B21D_1 {
+ address 77.68.23.64
+ }
+ address-group DT_FW8C72E_1 {
+ address 77.68.27.54
+ }
+ address-group DT_FW8C927_1 {
+ address 77.68.7.160
+ }
+ address-group DT_FW8EA04_1 {
+ address 77.68.20.161
+ }
+ address-group DT_FW8ECF4_1 {
+ address 77.68.2.215
+ }
+ address-group DT_FW9B6FB_1 {
+ address 77.68.4.242
+ }
+ address-group DT_FW9C682_3 {
+ address 213.171.212.203
+ }
+ address-group DT_FW9D5C7_1 {
+ address 77.68.115.17
+ }
+ address-group DT_FW9E550_1 {
+ address 213.171.212.71
+ }
+ address-group DT_FW9EEDD_1 {
+ address 77.68.4.80
+ address 77.68.49.152
+ }
+ address-group DT_FW10C3D_19 {
+ address 77.68.25.124
+ }
+ address-group DT_FW10FEE_1 {
+ address 77.68.122.89
+ }
+ address-group DT_FW12C32_1 {
+ address 77.68.4.25
+ address 77.68.7.114
+ }
+ address-group DT_FW013EF_2 {
+ address 77.68.77.26
+ }
+ address-group DT_FW15C99_6 {
+ address 77.68.114.237
+ }
+ address-group DT_FW18E6E_3 {
+ address 77.68.76.112
+ }
+ address-group DT_FW21A75_2 {
+ address 88.208.198.66
+ }
+ address-group DT_FW24AB7_1 {
+ address 213.171.213.242
+ }
+ address-group DT_FW26F0A_1 {
+ address 77.68.78.73
+ }
+ address-group DT_FW27A8F_1 {
+ address 77.68.76.219
+ }
+ address-group DT_FW028C0_2 {
+ address 77.68.26.221
+ }
+ address-group DT_FW28EC8_1 {
+ address 77.68.76.93
+ }
+ address-group DT_FW30D21_1 {
+ address 77.68.95.42
+ }
+ address-group DT_FW32EFF_16 {
+ address 77.68.118.120
+ }
+ address-group DT_FW32EFF_25 {
+ address 77.68.27.211
+ }
+ address-group DT_FW32EFF_49 {
+ address 109.228.37.187
+ }
+ address-group DT_FW34C91_3 {
+ address 77.68.76.142
+ }
+ address-group DT_FW35F7B_1 {
+ address 77.68.30.164
+ }
+ address-group DT_FW37E59_5 {
+ address 77.68.76.37
+ }
+ address-group DT_FW40AE4_1 {
+ address 77.68.79.206
+ }
+ address-group DT_FW42BC7_1 {
+ address 77.68.76.95
+ }
+ address-group DT_FW44BF9_1 {
+ address 77.68.77.200
+ }
+ address-group DT_FW45BEB_1 {
+ address 77.68.75.245
+ }
+ address-group DT_FW45F3D_1 {
+ address 109.228.40.247
+ }
+ address-group DT_FW45F87_1 {
+ address 77.68.77.207
+ }
+ address-group DT_FW46F4A_1 {
+ address 88.208.197.135
+ }
+ address-group DT_FW48A55_2 {
+ address 109.228.39.157
+ }
+ address-group DT_FW49C3D_4 {
+ address 77.68.76.149
+ }
+ address-group DT_FW49C3D_6 {
+ address 77.68.76.160
+ }
+ address-group DT_FW050AC_1 {
+ address 77.68.77.214
+ }
+ address-group DT_FW52F6F_1 {
+ address 77.68.82.147
+ }
+ address-group DT_FW53C72_1 {
+ address 88.208.197.118
+ }
+ address-group DT_FW58C69_4 {
+ address 77.68.76.141
+ }
+ address-group DT_FW59F39_1 {
+ address 77.68.87.212
+ }
+ address-group DT_FW60FD6_5 {
+ address 77.68.92.92
+ }
+ address-group DT_FW69D6D_2 {
+ address 77.68.77.221
+ }
+ address-group DT_FW72F37_1 {
+ address 77.68.77.100
+ }
+ address-group DT_FW73A64_1 {
+ address 77.68.118.15
+ }
+ address-group DT_FW75CA4_6 {
+ address 77.68.4.22
+ }
+ address-group DT_FW85A7C_1 {
+ address 77.68.6.210
+ }
+ address-group DT_FW85E02_11 {
+ address 77.68.77.233
+ }
+ address-group DT_FW90AE3_1 {
+ address 77.68.88.100
+ }
+ address-group DT_FW91B7A_1 {
+ address 77.68.76.40
+ }
+ address-group DT_FW138F8_1 {
+ address 77.68.50.193
+ }
+ address-group DT_FW0192C_1 {
+ address 185.132.39.68
+ }
+ address-group DT_FW197DB_1 {
+ address 77.68.77.240
+ }
+ address-group DT_FW210E2_8 {
+ address 77.68.94.181
+ }
+ address-group DT_FW274FD_1 {
+ address 185.132.36.24
+ }
+ address-group DT_FW310C6_3 {
+ address 88.208.198.39
+ }
+ address-group DT_FW364CF_1 {
+ address 77.68.76.203
+ address 77.68.77.97
+ }
+ address-group DT_FW406AB_1 {
+ address 109.228.47.223
+ }
+ address-group DT_FW444AF_1 {
+ address 185.132.37.102
+ }
+ address-group DT_FW481D7_1 {
+ address 77.68.76.243
+ }
+ address-group DT_FW539FB_1 {
+ address 77.68.21.171
+ }
+ address-group DT_FW578BE_1 {
+ address 109.228.56.185
+ }
+ address-group DT_FW597A6_1 {
+ address 77.68.5.125
+ address 88.208.196.123
+ address 88.208.212.31
+ }
+ address-group DT_FW608FA_1 {
+ address 77.68.74.232
+ }
+ address-group DT_FW633DD_1 {
+ address 77.68.121.119
+ }
+ address-group DT_FW672AB_1 {
+ address 213.171.213.41
+ }
+ address-group DT_FW0745F_5 {
+ address 77.68.117.222
+ }
+ address-group DT_FW748B7_1 {
+ address 77.68.120.249
+ }
+ address-group DT_FW825C8_19 {
+ address 77.68.76.111
+ address 77.68.76.42
+ }
+ address-group DT_FW825C8_24 {
+ address 77.68.77.120
+ address 77.68.76.183
+ }
+ address-group DT_FW826BA_3 {
+ address 77.68.77.152
+ }
+ address-group DT_FW856FA_1 {
+ address 77.68.77.151
+ }
+ address-group DT_FW883EB_1 {
+ address 77.68.76.152
+ }
+ address-group DT_FW930F3_1 {
+ address 77.68.85.73
+ }
+ address-group DT_FW930F3_3 {
+ address 77.68.114.234
+ }
+ address-group DT_FW934AE_1 {
+ address 77.68.5.166
+ }
+ address-group DT_FW0937A_1 {
+ address 77.68.6.119
+ }
+ address-group DT_FW0952B_1 {
+ address 77.68.93.125
+ }
+ address-group DT_FW996B4_2 {
+ address 77.68.76.157
+ }
+ address-group DT_FW1208C_1 {
+ address 77.68.77.33
+ }
+ address-group DT_FW1226C_3 {
+ address 77.68.117.45
+ }
+ address-group DT_FW1271A_2 {
+ address 77.68.76.102
+ }
+ address-group DT_FW2379F_14 {
+ address 213.171.212.89
+ address 77.68.76.44
+ address 77.68.77.239
+ address 213.171.212.114
+ address 77.68.103.56
+ }
+ address-group DT_FW4293B_1 {
+ address 77.68.76.57
+ }
+ address-group DT_FW4513E_1 {
+ address 77.68.77.75
+ }
+ address-group DT_FW4735F_1 {
+ address 77.68.77.74
+ }
+ address-group DT_FW05064_1 {
+ address 213.171.210.19
+ }
+ address-group DT_FW05339_1 {
+ address 185.132.40.152
+ }
+ address-group DT_FW5658C_1 {
+ address 77.68.77.185
+ }
+ address-group DT_FW5858F_1 {
+ address 77.68.121.127
+ }
+ address-group DT_FW06176_1 {
+ address 77.68.77.38
+ }
+ address-group DT_FW6187E_1 {
+ address 77.68.103.147
+ }
+ address-group DT_FW6863A_4 {
+ address 77.68.7.222
+ }
+ address-group DT_FW6906B_1 {
+ address 185.132.43.28
+ }
+ address-group DT_FW06940_3 {
+ address 77.68.33.216
+ address 77.68.33.37
+ address 77.68.50.90
+ }
+ address-group DT_FW7648D_1 {
+ address 77.68.76.77
+ }
+ address-group DT_FW08061_1 {
+ address 77.68.76.45
+ }
+ address-group DT_FW8428B_1 {
+ address 77.68.33.24
+ }
+ address-group DT_FW8871B_1 {
+ address 77.68.78.113
+ }
+ address-group DT_FW11082_1 {
+ address 77.68.113.117
+ }
+ address-group DT_FW16375_5 {
+ address 77.68.77.171
+ }
+ address-group DT_FW19987_4 {
+ address 77.68.77.54
+ }
+ address-group DT_FW20449_2 {
+ address 77.68.126.101
+ }
+ address-group DT_FW25843_1 {
+ address 77.68.24.59
+ }
+ address-group DT_FW26846_1 {
+ address 88.208.197.10
+ }
+ address-group DT_FW27947_1 {
+ address 77.68.77.102
+ }
+ address-group DT_FW27949_2 {
+ address 77.68.117.214
+ }
+ address-group DT_FW28892_1 {
+ address 77.68.77.144
+ }
+ address-group DT_FW31525_6 {
+ address 77.68.77.46
+ }
+ address-group DT_FW36425_1 {
+ address 77.68.119.14
+ }
+ address-group DT_FW40416_1 {
+ address 77.68.121.94
+ }
+ address-group DT_FW42661_3 {
+ address 77.68.77.202
+ }
+ address-group DT_FW44217_2 {
+ address 77.68.89.247
+ }
+ address-group DT_FW45000_1 {
+ address 77.68.24.172
+ }
+ address-group DT_FW48814_3 {
+ address 77.68.77.219
+ }
+ address-group DT_FW49897_1 {
+ address 185.132.36.7
+ }
+ address-group DT_FW56335_2 {
+ address 88.208.198.92
+ }
+ address-group DT_FW56496_1 {
+ address 77.68.51.202
+ address 77.68.101.64
+ }
+ address-group DT_FW62858_12 {
+ address 77.68.77.145
+ }
+ address-group DT_FW63230_1 {
+ address 77.68.76.220
+ }
+ address-group DT_FW66347_1 {
+ address 77.68.92.186
+ }
+ address-group DT_FW73215_1 {
+ address 213.171.209.217
+ }
+ address-group DT_FW73573_1 {
+ address 77.68.76.249
+ }
+ address-group DT_FW73573_2 {
+ address 77.68.77.62
+ }
+ address-group DT_FW78137_1 {
+ address 77.68.34.50
+ }
+ address-group DT_FW81138_1 {
+ address 77.68.77.59
+ }
+ address-group DT_FW81286_1 {
+ address 77.68.77.243
+ }
+ address-group DT_FW85040_1 {
+ address 77.68.5.187
+ }
+ address-group DT_FW85619_1 {
+ address 77.68.127.172
+ }
+ address-group DT_FW89619_1 {
+ address 77.68.76.253
+ }
+ address-group DT_FW98818_1 {
+ address 88.208.197.129
+ }
+ address-group DT_FWA0AA0_1 {
+ address 77.68.113.164
+ }
+ address-group DT_FWA0B7F_1 {
+ address 185.132.39.44
+ }
+ address-group DT_FWA2FF8_4 {
+ address 77.68.76.231
+ }
+ address-group DT_FWA3EA3_1 {
+ address 77.68.77.42
+ }
+ address-group DT_FWA4BC8_1 {
+ address 77.68.112.75
+ }
+ address-group DT_FWA5D67_1 {
+ address 185.132.37.133
+ }
+ address-group DT_FWA7A50_1 {
+ address 77.68.27.57
+ address 77.68.118.102
+ }
+ address-group DT_FWA69A0_1 {
+ address 213.171.212.90
+ }
+ address-group DT_FWA076E_1 {
+ address 77.68.76.19
+ }
+ address-group DT_FWA83DF_1 {
+ address 77.68.7.123
+ }
+ address-group DT_FWA86A4_1 {
+ address 109.228.56.97
+ }
+ address-group DT_FWA86ED_101 {
+ address 77.68.85.172
+ address 109.228.38.171
+ address 88.208.199.233
+ }
+ address-group DT_FWA373F_1 {
+ address 77.68.76.171
+ }
+ address-group DT_FWA0531_1 {
+ address 213.171.215.252
+ }
+ address-group DT_FWA884B_5 {
+ address 88.208.199.249
+ }
+ address-group DT_FWA7625_1 {
+ address 213.171.215.43
+ }
+ address-group DT_FWAA38E_1 {
+ address 77.68.93.164
+ }
+ address-group DT_FWAB44B_1 {
+ address 185.132.37.47
+ }
+ address-group DT_FWAE88B_1 {
+ address 77.68.125.218
+ }
+ address-group DT_FWAF6E8_1 {
+ address 77.68.76.115
+ }
+ address-group DT_FWAFF0A_1 {
+ address 77.68.91.195
+ }
+ address-group DT_FWB2CD2_1 {
+ address 77.68.72.254
+ }
+ address-group DT_FWB28B6_5 {
+ address 77.68.77.209
+ }
+ address-group DT_FWB36A0_1 {
+ address 77.68.77.108
+ }
+ address-group DT_FWB118A_1 {
+ address 77.68.48.14
+ }
+ address-group DT_FWB4438_2 {
+ address 88.208.215.61
+ }
+ address-group DT_FWB6101_1 {
+ address 88.208.215.62
+ }
+ address-group DT_FWB9699_7 {
+ address 77.68.76.123
+ }
+ address-group DT_FWB9699_11 {
+ address 77.68.77.165
+ }
+ address-group DT_FWBB718_1 {
+ address 77.68.77.71
+ }
+ address-group DT_FWBC8A6_1 {
+ address 77.68.112.175
+ }
+ address-group DT_FWBC280_1 {
+ address 77.68.100.167
+ }
+ address-group DT_FWBD9D0_1 {
+ address 77.68.120.31
+ }
+ address-group DT_FWBE878_1 {
+ address 213.171.212.172
+ }
+ address-group DT_FWBED52_1 {
+ address 77.68.112.213
+ }
+ address-group DT_FWBF494_1 {
+ address 77.68.76.209
+ }
+ address-group DT_FWBFC02_1 {
+ address 77.68.112.90
+ }
+ address-group DT_FWBFDED_1 {
+ address 77.68.76.30
+ }
+ address-group DT_FWC0CE0_1 {
+ address 77.68.112.184
+ }
+ address-group DT_FWC1ACD_1 {
+ address 77.68.85.18
+ }
+ address-group DT_FWC2D30_1 {
+ address 77.68.76.48
+ }
+ address-group DT_FWC2EF2_1 {
+ address 77.68.17.200
+ }
+ address-group DT_FWC2EF2_2 {
+ address 77.68.17.200
+ }
+ address-group DT_FWC7D36_1 {
+ address 77.68.76.126
+ }
+ address-group DT_FWC8E8E_1 {
+ address 77.68.28.207
+ }
+ address-group DT_FWC32BE_1 {
+ address 77.68.117.173
+ }
+ address-group DT_FWC37B9_1 {
+ address 77.68.28.139
+ }
+ address-group DT_FWC055A_1 {
+ address 77.68.77.30
+ }
+ address-group DT_FWC72E5_1 {
+ address 77.68.103.227
+ }
+ address-group DT_FWC96A1_1 {
+ address 77.68.75.253
+ }
+ address-group DT_FWC1315_1 {
+ address 77.68.4.57
+ }
+ address-group DT_FWC3921_1 {
+ address 77.68.76.164
+ }
+ address-group DT_FWC6301_1 {
+ address 77.68.34.26
+ }
+ address-group DT_FWCA628_1 {
+ address 185.132.39.99
+ }
+ address-group DT_FWCB0CF_7 {
+ address 77.68.77.163
+ }
+ address-group DT_FWCB29D_1 {
+ address 88.208.197.23
+ }
+ address-group DT_FWCC18F_2 {
+ address 77.68.76.59
+ }
+ address-group DT_FWCD7CE_1 {
+ address 77.68.77.56
+ }
+ address-group DT_FWCDBC7_1 {
+ address 77.68.77.141
+ }
+ address-group DT_FWCDD8B_1 {
+ address 185.132.37.23
+ }
+ address-group DT_FWCE020_1 {
+ address 77.68.48.202
+ }
+ address-group DT_FWD0E22_4 {
+ address 77.68.77.99
+ }
+ address-group DT_FWD4A27_1 {
+ address 77.68.76.244
+ }
+ address-group DT_FWD7EAB_1 {
+ address 77.68.7.67
+ }
+ address-group DT_FWD8DD1_2 {
+ address 213.171.210.155
+ }
+ address-group DT_FWD42CF_1 {
+ address 185.132.38.114
+ }
+ address-group DT_FWD56A2_1 {
+ address 213.171.213.31
+ }
+ address-group DT_FWD61BF_1 {
+ address 88.208.199.46
+ }
+ address-group DT_FWD338A_1 {
+ address 77.68.77.69
+ }
+ address-group DT_FWD498E_1 {
+ address 109.228.39.41
+ }
+ address-group DT_FWD2082_1 {
+ address 77.68.76.94
+ }
+ address-group DT_FWD2440_1 {
+ address 77.68.114.136
+ }
+ address-group DT_FWD3431_2 {
+ address 77.68.77.105
+ }
+ address-group DT_FWD7382_1 {
+ address 185.132.40.11
+ }
+ address-group DT_FWDA443_6 {
+ address 77.68.34.28
+ }
+ address-group DT_FWDAA4F_1 {
+ address 77.68.76.124
+ }
+ address-group DT_FWDAF47_1 {
+ address 77.68.23.35
+ }
+ address-group DT_FWDCA36_3 {
+ address 77.68.77.81
+ }
+ address-group DT_FWDD089_5 {
+ address 77.68.77.21
+ }
+ address-group DT_FWDEDB9_1 {
+ address 77.68.22.146
+ }
+ address-group DT_FWE2AB5_8 {
+ address 77.68.26.166
+ }
+ address-group DT_FWE3E77_1 {
+ address 77.68.76.49
+ }
+ address-group DT_FWE6AB2_1 {
+ address 185.132.40.166
+ }
+ address-group DT_FWE9F7D_1 {
+ address 77.68.32.118
+ }
+ address-group DT_FWE012D_1 {
+ address 77.68.77.190
+ }
+ address-group DT_FWE30A1_4 {
+ address 77.68.33.48
+ }
+ address-group DT_FWE32F2_8 {
+ address 77.68.82.157
+ }
+ address-group DT_FWE47DA_1 {
+ address 77.68.91.128
+ }
+ address-group DT_FWE57AD_1 {
+ address 109.228.56.26
+ }
+ address-group DT_FWE928F_1 {
+ address 77.68.77.129
+ }
+ address-group DT_FWE7180_1 {
+ address 77.68.123.177
+ }
+ address-group DT_FWEAE53_1 {
+ address 77.68.26.216
+ }
+ address-group DT_FWEB321_1 {
+ address 77.68.4.74
+ }
+ address-group DT_FWECBFB_14 {
+ address 77.68.77.44
+ }
+ address-group DT_FWEE03C_1 {
+ address 77.68.116.232
+ }
+ address-group DT_FWEEC75_1 {
+ address 77.68.76.29
+ }
+ address-group DT_FWEF92E_5 {
+ address 77.68.77.57
+ }
+ address-group DT_FWEF92E_6 {
+ address 77.68.77.70
+ }
+ address-group DT_FWEF92E_7 {
+ address 77.68.77.149
+ }
+ address-group DT_FWF3A1B_1 {
+ address 109.228.52.186
+ }
+ address-group DT_FWF7B68_1 {
+ address 77.68.77.231
+ }
+ address-group DT_FWF7BFA_1 {
+ address 77.68.120.45
+ }
+ address-group DT_FWF8E67_1 {
+ address 77.68.85.115
+ }
+ address-group DT_FWF8F85_1 {
+ address 109.228.36.229
+ }
+ address-group DT_FWF9C28_2 {
+ address 77.68.84.155
+ }
+ address-group DT_FWF9C28_4 {
+ address 77.68.28.145
+ }
+ address-group DT_FWF19FB_2 {
+ address 77.68.76.212
+ }
+ address-group DT_FWF30BD_1 {
+ address 77.68.14.88
+ }
+ address-group DT_FWF48EB_1 {
+ address 77.68.76.21
+ }
+ address-group DT_FWF0221_1 {
+ address 185.132.36.60
+ address 185.132.40.244
+ }
+ address-group DT_FWF323F_1 {
+ address 185.132.39.109
+ }
+ address-group DT_FWF699D_4 {
+ address 185.132.40.90
+ }
+ address-group DT_FWF791C_1 {
+ address 77.68.90.132
+ }
+ address-group DT_FWF879C_1 {
+ address 77.68.76.169
+ }
+ address-group DT_FWF3574_1 {
+ address 77.68.76.191
+ }
+ address-group DT_FWF4063_1 {
+ address 77.68.32.254
+ }
+ address-group DT_FWFD9AF_9 {
+ address 77.68.77.24
+ }
+ address-group DT_FWFDCC7_1 {
+ address 109.228.59.247
+ }
+ address-group DT_FWFDD94_15 {
+ address 77.68.76.161
+ }
+ address-group DT_FWFDE34_1 {
+ address 185.132.38.182
+ }
+ address-group DT_FWFEF05_1 {
+ address 88.208.197.150
+ }
+ address-group DT_H71F96 {
+ address 77.68.23.112
+ }
+ address-group DT_SMTP_BLOCKED {
+ address 172.16.255.254
+ address 77.68.77.209
+ address 77.68.76.148
+ address 77.68.77.211
+ address 77.68.21.78
+ address 77.68.77.247
+ address 77.68.77.203
+ address 77.68.77.68
+ address 77.68.77.43
+ address 77.68.77.165
+ address 77.68.76.145
+ address 77.68.76.239
+ address 77.68.77.67
+ address 77.68.76.177
+ address 77.68.77.117
+ address 77.68.76.50
+ address 77.68.76.158
+ address 77.68.76.22
+ address 77.68.76.123
+ address 77.68.76.251
+ address 77.68.77.63
+ address 77.68.7.186
+ address 77.68.93.246
+ address 77.68.4.252
+ address 77.68.76.30
+ address 77.68.76.77
+ address 77.68.76.31
+ address 77.68.77.248
+ address 77.68.3.52
+ address 77.68.76.88
+ address 213.171.214.234
+ address 185.132.39.219
+ address 77.68.5.155
+ address 77.68.80.97
+ address 77.68.101.124
+ address 77.68.76.111
+ address 77.68.76.42
+ address 77.68.77.120
+ address 77.68.76.183
+ address 88.208.197.160
+ address 88.208.197.10
+ address 77.68.76.250
+ address 77.68.77.219
+ address 77.68.77.152
+ address 77.68.76.60
+ }
+ address-group DT_VPN-2661 {
+ address 185.132.40.90
+ }
+ address-group DT_VPN-3575 {
+ address 77.68.77.202
+ }
+ address-group DT_VPN-6103 {
+ address 77.68.77.21
+ }
+ address-group DT_VPN-7030 {
+ address 77.68.77.44
+ }
+ address-group DT_VPN-7902 {
+ address 77.68.77.43
+ }
+ address-group DT_VPN-8159 {
+ address 77.68.77.163
+ }
+ address-group DT_VPN-8203 {
+ address 77.68.77.202
+ }
+ address-group DT_VPN-8625 {
+ address 77.68.94.181
+ }
+ address-group DT_VPN-9415 {
+ address 77.68.76.114
+ }
+ address-group DT_VPN-9484 {
+ address 77.68.77.76
+ address 77.68.76.120
+ }
+ address-group DT_VPN-9727 {
+ address 185.132.40.90
+ }
+ address-group DT_VPN-9749 {
+ address 213.171.212.89
+ address 77.68.76.44
+ address 77.68.77.239
+ address 213.171.212.114
+ address 77.68.103.56
+ }
+ address-group DT_VPN-9765 {
+ address 77.68.76.50
+ }
+ address-group DT_VPN-10131 {
+ address 77.68.76.110
+ }
+ address-group DT_VPN-11083 {
+ address 213.171.212.89
+ address 77.68.76.44
+ address 77.68.77.239
+ address 213.171.212.114
+ address 77.68.103.56
+ }
+ address-group DT_VPN-11913 {
+ address 77.68.76.60
+ }
+ address-group DT_VPN-12870 {
+ address 77.68.77.163
+ }
+ address-group DT_VPN-12899 {
+ address 77.68.77.95
+ }
+ address-group DT_VPN-13261 {
+ address 77.68.77.76
+ address 77.68.76.120
+ }
+ address-group DT_VPN-13983 {
+ address 77.68.3.52
+ }
+ address-group DT_VPN-14649 {
+ address 77.68.76.161
+ }
+ address-group DT_VPN-14657 {
+ address 77.68.76.161
+ }
+ address-group DT_VPN-14658 {
+ address 77.68.76.161
+ }
+ address-group DT_VPN-14673 {
+ address 77.68.76.161
+ }
+ address-group DT_VPN-15625 {
+ address 77.68.77.44
+ }
+ address-group DT_VPN-15950 {
+ address 77.68.101.124
+ }
+ address-group DT_VPN-15951 {
+ address 77.68.118.120
+ address 77.68.27.211
+ address 109.228.37.187
+ }
+ address-group DT_VPN-15960 {
+ address 77.68.101.124
+ }
+ address-group DT_VPN-16402 {
+ address 109.228.39.151
+ }
+ address-group DT_VPN-16450 {
+ address 77.68.77.163
+ }
+ address-group DT_VPN-17207 {
+ address 77.68.77.163
+ }
+ address-group DT_VPN-17558 {
+ address 77.68.77.163
+ }
+ address-group DT_VPN-18646 {
+ address 77.68.77.163
+ }
+ address-group DT_VPN-18647 {
+ address 77.68.77.163
+ }
+ address-group DT_VPN-18830 {
+ address 77.68.118.120
+ address 77.68.27.211
+ address 109.228.37.187
+ }
+ address-group DT_VPN-19135 {
+ address 109.228.39.151
+ }
+ address-group DT_VPN-19474 {
+ address 77.68.118.120
+ address 77.68.27.211
+ address 109.228.37.187
+ }
+ address-group DT_VPN-19807 {
+ address 77.68.76.198
+ }
+ address-group DT_VPN-19992 {
+ address 77.68.25.124
+ }
+ address-group DT_VPN-20306 {
+ address 77.68.77.248
+ }
+ address-group DT_VPN-21673 {
+ address 77.68.15.95
+ address 77.68.75.64
+ }
+ address-group DT_VPN-21821 {
+ address 77.68.15.95
+ address 77.68.75.64
+ }
+ address-group DT_VPN-21822 {
+ address 77.68.15.95
+ address 77.68.75.64
+ }
+ address-group DT_VPN-21876 {
+ address 77.68.77.163
+ }
+ address-group DT_VPN-21982 {
+ address 77.68.15.95
+ address 77.68.75.64
+ }
+ address-group DT_VPN-23209 {
+ address 77.68.77.24
+ }
+ address-group DT_VPN-23729 {
+ address 77.68.118.120
+ address 77.68.27.211
+ address 109.228.37.187
+ }
+ address-group DT_VPN-23733 {
+ address 77.68.118.120
+ address 77.68.27.211
+ address 109.228.37.187
+ }
+ address-group DT_VPN-23734 {
+ address 77.68.118.120
+ address 77.68.27.211
+ address 109.228.37.187
+ }
+ address-group DT_VPN-23738 {
+ address 77.68.118.120
+ address 77.68.27.211
+ address 109.228.37.187
+ }
+ address-group DT_VPN-23946 {
+ address 77.68.77.44
+ }
+ address-group DT_VPN-24398 {
+ address 77.68.76.118
+ }
+ address-group DT_VPN-24589 {
+ address 77.68.76.118
+ }
+ address-group DT_VPN-24591 {
+ address 77.68.76.118
+ }
+ address-group DT_VPN-24592 {
+ address 77.68.76.118
+ }
+ address-group DT_VPN-24593 {
+ address 77.68.76.118
+ }
+ address-group DT_VPN-24594 {
+ address 77.68.76.118
+ }
+ address-group DT_VPN-24595 {
+ address 77.68.76.118
+ }
+ address-group DT_VPN-25822 {
+ address 77.68.15.95
+ address 77.68.75.64
+ }
+ address-group DT_VPN-26124 {
+ address 77.68.77.163
+ }
+ address-group DT_VPN-26157 {
+ address 77.68.77.205
+ }
+ address-group DT_VPN-26772 {
+ address 185.132.40.90
+ }
+ address-group DT_VPN-28031 {
+ address 77.68.77.44
+ }
+ address-group DT_VPN-28484 {
+ address 77.68.118.120
+ address 77.68.27.211
+ address 109.228.37.187
+ }
+ address-group DT_VPN-28515 {
+ address 77.68.82.157
+ }
+ address-group DT_VPN-29631 {
+ address 77.68.77.44
+ }
+ address-group DT_VPN-30261 {
+ address 77.68.77.163
+ }
+ address-group DT_VPN-30262 {
+ address 77.68.77.163
+ }
+ address-group DT_VPN-30679 {
+ address 77.68.77.163
+ }
+ address-group DT_VPN-30791 {
+ address 77.68.118.120
+ address 77.68.27.211
+ address 109.228.37.187
+ }
+ address-group DT_VPN-31002 {
+ address 109.228.36.119
+ }
+ address-group DT_VPN-31301 {
+ address 88.208.197.10
+ }
+ address-group DT_VPN-32528 {
+ address 77.68.76.118
+ }
+ address-group DT_VPN-33204 {
+ address 77.68.77.163
+ }
+ address-group DT_VPN-34006 {
+ address 77.68.33.216
+ address 77.68.33.37
+ address 77.68.50.90
+ }
+ address-group DT_VPN-34122 {
+ address 77.68.114.237
+ }
+ address-group DT_VPN-34309 {
+ address 77.68.77.44
+ }
+ address-group DT_VPN-34501 {
+ address 77.68.50.142
+ }
+ address-group DT_VPN-34583 {
+ address 77.68.77.145
+ }
+ address-group G-ALL_OPEN {
+ address 172.16.255.254
+ address 77.68.76.208
+ address 77.68.77.251
+ address 109.228.36.174
+ address 77.68.89.72
+ address 77.68.77.29
+ address 185.132.43.6
+ address 109.228.46.196
+ address 185.132.43.98
+ address 185.132.41.148
+ address 77.68.49.126
+ address 77.68.49.178
+ address 77.68.116.84
+ address 185.132.36.56
+ address 77.68.126.160
+ address 213.171.208.176
+ address 88.208.197.155
+ address 88.208.198.69
+ address 77.68.29.65
+ }
+ address-group G-ICMP {
+ address 172.16.255.254
+ address 77.68.76.141
+ address 77.68.76.16
+ address 77.68.76.22
+ address 77.68.76.241
+ address 77.68.77.128
+ address 77.68.77.130
+ address 77.68.77.16
+ address 77.68.77.201
+ address 77.68.77.22
+ address 77.68.77.71
+ address 77.68.76.254
+ address 77.68.5.187
+ address 77.68.94.181
+ address 77.68.76.243
+ address 77.68.92.186
+ address 77.68.76.23
+ address 77.68.26.216
+ address 77.68.76.157
+ address 77.68.76.102
+ address 77.68.76.169
+ address 77.68.76.30
+ address 109.228.39.157
+ address 77.68.76.77
+ address 77.68.7.67
+ address 109.228.55.82
+ address 77.68.95.212
+ address 77.68.85.73
+ address 77.68.117.222
+ address 77.68.125.60
+ address 185.132.43.157
+ address 77.68.114.136
+ address 77.68.77.105
+ address 77.68.33.197
+ address 77.68.23.64
+ address 77.68.112.184
+ address 77.68.49.161
+ address 77.68.76.191
+ address 109.228.56.97
+ address 185.132.37.101
+ address 77.68.76.112
+ address 77.68.117.173
+ address 77.68.33.216
+ address 77.68.33.37
+ address 77.68.50.90
+ address 77.68.16.247
+ address 77.68.76.212
+ address 77.68.77.185
+ address 77.68.77.238
+ }
+ address-group G-20-TCP {
+ address 172.16.255.254
+ address 77.68.76.80
+ address 77.68.77.253
+ address 77.68.86.148
+ address 77.68.77.248
+ address 77.68.79.206
+ address 109.228.40.222
+ address 77.68.24.172
+ address 77.68.77.144
+ address 77.68.76.112
+ }
+ address-group G-21-TCP {
+ address 172.16.255.254
+ address 77.68.76.104
+ address 77.68.76.127
+ address 77.68.76.136
+ address 77.68.76.141
+ address 77.68.76.187
+ address 77.68.76.195
+ address 77.68.76.203
+ address 77.68.76.209
+ address 77.68.76.217
+ address 77.68.76.22
+ address 77.68.76.220
+ address 77.68.76.235
+ address 77.68.76.245
+ address 77.68.76.38
+ address 77.68.76.54
+ address 77.68.76.75
+ address 77.68.76.80
+ address 77.68.76.91
+ address 77.68.76.94
+ address 77.68.77.107
+ address 77.68.77.128
+ address 77.68.77.137
+ address 77.68.77.150
+ address 77.68.77.151
+ address 77.68.77.171
+ address 77.68.77.200
+ address 77.68.77.201
+ address 77.68.77.207
+ address 77.68.77.22
+ address 77.68.77.236
+ address 77.68.77.240
+ address 77.68.77.253
+ address 77.68.77.32
+ address 77.68.77.49
+ address 77.68.77.50
+ address 77.68.77.56
+ address 77.68.77.63
+ address 77.68.77.71
+ address 77.68.77.81
+ address 77.68.77.85
+ address 77.68.77.92
+ address 77.68.77.97
+ address 77.68.77.99
+ address 77.68.77.190
+ address 77.68.77.103
+ address 77.68.76.26
+ address 77.68.76.107
+ address 77.68.76.148
+ address 77.68.76.19
+ address 77.68.77.192
+ address 77.68.77.157
+ address 77.68.91.195
+ address 77.68.77.211
+ address 109.228.56.185
+ address 77.68.84.147
+ address 77.68.77.74
+ address 77.68.4.74
+ address 77.68.30.133
+ address 77.68.28.145
+ address 77.68.26.216
+ address 77.68.77.130
+ address 77.68.116.119
+ address 77.68.116.220
+ address 109.228.56.26
+ address 77.68.7.123
+ address 77.68.84.155
+ address 77.68.86.40
+ address 77.68.120.241
+ address 77.68.122.89
+ address 77.68.10.142
+ address 77.68.122.241
+ address 77.68.6.105
+ address 77.68.17.186
+ address 77.68.95.42
+ address 77.68.22.146
+ address 77.68.4.252
+ address 109.228.36.229
+ address 109.228.40.207
+ address 77.68.31.144
+ address 109.228.37.174
+ address 109.228.37.114
+ address 77.68.112.75
+ address 77.68.77.160
+ address 77.68.76.152
+ address 77.68.7.67
+ address 77.68.113.117
+ address 77.68.86.148
+ address 77.68.23.35
+ address 109.228.40.194
+ address 77.68.90.132
+ address 77.68.77.26
+ address 77.68.76.95
+ address 77.68.120.26
+ address 109.228.61.31
+ address 77.68.120.249
+ address 77.68.6.210
+ address 213.171.213.41
+ address 77.68.77.248
+ address 213.171.215.184
+ address 77.68.25.146
+ address 213.171.210.19
+ address 213.171.213.242
+ address 109.228.48.249
+ address 109.228.40.195
+ address 77.68.127.172
+ address 77.68.79.206
+ address 77.68.28.147
+ address 185.132.36.148
+ address 185.132.37.83
+ address 77.68.117.51
+ address 77.68.25.124
+ address 77.68.13.137
+ address 109.228.52.186
+ address 185.132.36.24
+ address 77.68.77.69
+ address 109.228.40.222
+ address 77.68.87.212
+ address 185.132.39.99
+ address 109.228.38.201
+ address 185.132.39.219
+ address 77.68.28.139
+ address 77.68.81.218
+ address 77.68.4.111
+ address 77.68.77.174
+ address 77.68.117.222
+ address 185.132.41.73
+ address 77.68.76.45
+ address 77.68.77.215
+ address 77.68.77.214
+ address 77.68.79.89
+ address 77.68.76.21
+ address 77.68.33.68
+ address 77.68.80.97
+ address 77.68.77.65
+ address 185.132.41.148
+ address 77.68.24.172
+ address 77.68.5.95
+ address 77.68.5.125
+ address 213.171.208.40
+ address 77.68.76.40
+ address 77.68.113.164
+ address 77.68.114.93
+ address 185.132.36.60
+ address 185.132.40.244
+ address 213.171.214.102
+ address 88.208.197.160
+ address 88.208.196.123
+ address 77.68.77.144
+ address 77.68.126.14
+ address 77.68.76.171
+ address 88.208.198.69
+ address 77.68.34.139
+ address 88.208.212.31
+ address 77.68.76.112
+ address 77.68.76.228
+ address 77.68.77.75
+ address 88.208.198.66
+ address 77.68.77.219
+ address 77.68.77.204
+ address 77.68.4.25
+ address 77.68.7.114
+ address 77.68.123.177
+ address 77.68.114.237
+ address 77.68.77.222
+ address 77.68.112.83
+ address 185.132.37.47
+ address 77.68.77.238
+ }
+ address-group G-22-TCP {
+ address 172.16.255.254
+ address 77.68.76.104
+ address 77.68.76.105
+ address 77.68.76.115
+ address 77.68.76.122
+ address 77.68.76.126
+ address 77.68.76.127
+ address 77.68.76.136
+ address 77.68.76.141
+ address 77.68.76.145
+ address 77.68.76.148
+ address 77.68.76.158
+ address 77.68.76.164
+ address 77.68.76.177
+ address 77.68.76.187
+ address 77.68.76.195
+ address 77.68.76.197
+ address 77.68.76.20
+ address 77.68.76.200
+ address 77.68.76.209
+ address 77.68.76.217
+ address 77.68.76.22
+ address 77.68.76.235
+ address 77.68.76.239
+ address 77.68.76.245
+ address 77.68.76.247
+ address 77.68.76.25
+ address 77.68.76.251
+ address 77.68.76.252
+ address 77.68.76.33
+ address 77.68.76.37
+ address 77.68.76.38
+ address 77.68.76.49
+ address 77.68.76.54
+ address 77.68.76.55
+ address 77.68.76.57
+ address 77.68.76.61
+ address 77.68.76.74
+ address 77.68.76.80
+ address 77.68.76.99
+ address 77.68.77.100
+ address 77.68.77.103
+ address 77.68.77.107
+ address 77.68.77.108
+ address 77.68.77.117
+ address 77.68.77.124
+ address 77.68.77.128
+ address 77.68.77.129
+ address 77.68.77.130
+ address 77.68.77.137
+ address 77.68.77.139
+ address 77.68.77.140
+ address 77.68.77.141
+ address 77.68.77.150
+ address 77.68.77.151
+ address 77.68.77.159
+ address 77.68.77.171
+ address 77.68.77.176
+ address 77.68.77.19
+ address 77.68.77.190
+ address 77.68.77.200
+ address 77.68.77.201
+ address 77.68.77.203
+ address 77.68.77.207
+ address 77.68.77.211
+ address 77.68.77.212
+ address 77.68.77.22
+ address 77.68.77.221
+ address 77.68.77.227
+ address 77.68.77.240
+ address 77.68.77.243
+ address 77.68.77.247
+ address 77.68.77.253
+ address 77.68.77.32
+ address 77.68.77.33
+ address 77.68.77.37
+ address 77.68.77.43
+ address 77.68.77.49
+ address 77.68.77.50
+ address 77.68.77.53
+ address 77.68.77.56
+ address 77.68.77.67
+ address 77.68.77.68
+ address 77.68.77.77
+ address 77.68.77.79
+ address 77.68.77.81
+ address 77.68.77.85
+ address 77.68.77.88
+ address 77.68.77.92
+ address 77.68.77.99
+ address 77.68.76.110
+ address 77.68.76.76
+ address 77.68.76.211
+ address 77.68.76.19
+ address 77.68.77.74
+ address 77.68.76.165
+ address 77.68.77.254
+ address 77.68.77.157
+ address 77.68.76.138
+ address 77.68.76.139
+ address 77.68.76.124
+ address 77.68.76.243
+ address 77.68.76.114
+ address 77.68.76.244
+ address 77.68.77.192
+ address 77.68.77.161
+ address 77.68.91.195
+ address 77.68.17.26
+ address 77.68.28.145
+ address 77.68.84.147
+ address 109.228.56.185
+ address 77.68.26.166
+ address 77.68.12.195
+ address 77.68.29.178
+ address 77.68.5.187
+ address 77.68.7.227
+ address 77.68.4.24
+ address 77.68.4.74
+ address 77.68.6.202
+ address 77.68.5.241
+ address 77.68.4.39
+ address 77.68.81.44
+ address 77.68.90.106
+ address 77.68.27.54
+ address 77.68.30.133
+ address 77.68.4.136
+ address 77.68.24.112
+ address 77.68.92.186
+ address 77.68.20.161
+ address 77.68.26.216
+ address 77.68.20.231
+ address 77.68.118.17
+ address 77.68.116.119
+ address 77.68.116.232
+ address 77.68.7.172
+ address 77.68.116.221
+ address 77.68.89.183
+ address 77.68.83.41
+ address 77.68.86.40
+ address 77.68.88.164
+ address 109.228.56.26
+ address 77.68.7.123
+ address 77.68.112.248
+ address 109.228.60.215
+ address 77.68.7.186
+ address 77.68.93.246
+ address 77.68.120.241
+ address 77.68.121.106
+ address 77.68.122.195
+ address 77.68.122.89
+ address 77.68.122.241
+ address 77.68.81.141
+ address 77.68.116.52
+ address 77.68.6.32
+ address 77.68.76.229
+ address 77.68.28.207
+ address 77.68.4.252
+ address 77.68.17.186
+ address 77.68.24.220
+ address 77.68.22.146
+ address 77.68.23.112
+ address 77.68.125.32
+ address 77.68.72.202
+ address 109.228.36.229
+ address 77.68.31.144
+ address 77.68.2.215
+ address 77.68.117.142
+ address 77.68.5.166
+ address 77.68.76.102
+ address 109.228.37.174
+ address 109.228.37.114
+ address 77.68.76.169
+ address 109.228.37.240
+ address 77.68.112.75
+ address 77.68.77.160
+ address 109.228.39.249
+ address 77.68.76.77
+ address 109.228.40.226
+ address 77.68.7.67
+ address 77.68.126.51
+ address 77.68.75.113
+ address 77.68.86.148
+ address 77.68.23.35
+ address 77.68.114.183
+ address 109.228.40.194
+ address 77.68.76.31
+ address 77.68.90.132
+ address 77.68.77.26
+ address 77.68.76.96
+ address 77.68.77.30
+ address 77.68.76.95
+ address 77.68.10.170
+ address 77.68.120.26
+ address 109.228.61.31
+ address 77.68.76.59
+ address 213.171.213.41
+ address 77.68.77.248
+ address 213.171.212.171
+ address 77.68.4.22
+ address 77.68.119.14
+ address 213.171.215.184
+ address 77.68.77.202
+ address 77.68.25.146
+ address 213.171.213.31
+ address 77.68.78.229
+ address 77.68.77.102
+ address 213.171.210.19
+ address 77.68.24.59
+ address 213.171.213.97
+ address 213.171.213.242
+ address 109.228.48.249
+ address 109.228.40.195
+ address 77.68.120.229
+ address 77.68.79.206
+ address 77.68.123.250
+ address 77.68.28.147
+ address 185.132.36.142
+ address 213.171.212.172
+ address 185.132.36.148
+ address 213.171.208.58
+ address 77.68.25.130
+ address 185.132.38.142
+ address 109.228.56.242
+ address 109.228.46.81
+ address 185.132.38.95
+ address 185.132.37.83
+ address 77.68.117.51
+ address 77.68.116.36
+ address 77.68.120.45
+ address 213.171.210.59
+ address 213.171.215.43
+ address 185.132.37.102
+ address 109.228.42.232
+ address 109.228.52.186
+ address 77.68.9.186
+ address 77.68.13.76
+ address 109.228.36.194
+ address 185.132.36.24
+ address 77.68.77.69
+ address 185.132.39.129
+ address 185.132.36.17
+ address 109.228.40.222
+ address 77.68.74.39
+ address 77.68.118.104
+ address 213.171.212.136
+ address 77.68.120.31
+ address 77.68.74.152
+ address 185.132.39.37
+ address 77.68.87.212
+ address 77.68.119.188
+ address 77.68.74.85
+ address 77.68.91.22
+ address 77.68.76.88
+ address 77.68.4.242
+ address 77.68.76.181
+ address 77.68.76.161
+ address 109.228.35.84
+ address 185.132.39.99
+ address 77.68.95.212
+ address 77.68.85.73
+ address 77.68.76.219
+ address 77.68.27.27
+ address 77.68.3.194
+ address 77.68.3.144
+ address 77.68.3.80
+ address 77.68.27.28
+ address 77.68.3.247
+ address 77.68.3.161
+ address 77.68.27.18
+ address 77.68.3.121
+ address 213.171.214.234
+ address 185.132.39.219
+ address 77.68.28.139
+ address 77.68.81.218
+ address 77.68.4.111
+ address 77.68.77.174
+ address 77.68.117.222
+ address 213.171.211.128
+ address 77.68.5.155
+ address 185.132.41.73
+ address 213.171.214.167
+ address 185.132.43.28
+ address 213.171.213.42
+ address 77.68.76.45
+ address 185.132.41.72
+ address 185.132.43.157
+ address 185.132.40.56
+ address 185.132.37.23
+ address 77.68.117.29
+ address 77.68.75.253
+ address 77.68.11.140
+ address 77.68.77.215
+ address 77.68.20.217
+ address 77.68.76.198
+ address 77.68.77.214
+ address 213.171.210.177
+ address 185.132.38.114
+ address 77.68.33.48
+ address 77.68.32.89
+ address 77.68.32.86
+ address 77.68.34.138
+ address 77.68.32.83
+ address 77.68.75.45
+ address 77.68.76.176
+ address 185.132.43.164
+ address 77.68.76.137
+ address 185.132.40.152
+ address 77.68.33.68
+ address 77.68.93.125
+ address 77.68.24.134
+ address 185.132.38.248
+ address 77.68.32.43
+ address 77.68.120.218
+ address 77.68.112.167
+ address 77.68.32.31
+ address 77.68.32.254
+ address 77.68.80.26
+ address 77.68.80.97
+ address 77.68.121.119
+ address 77.68.74.209
+ address 77.68.77.65
+ address 185.132.43.6
+ address 109.228.46.196
+ address 185.132.43.98
+ address 185.132.41.148
+ address 77.68.24.172
+ address 77.68.33.197
+ address 213.171.210.25
+ address 77.68.5.95
+ address 77.68.23.64
+ address 77.68.101.125
+ address 77.68.5.125
+ address 77.68.100.167
+ address 109.228.59.247
+ address 77.68.35.116
+ address 77.68.33.171
+ address 77.68.48.105
+ address 77.68.48.81
+ address 77.68.49.4
+ address 109.228.36.119
+ address 77.68.121.127
+ address 77.68.82.147
+ address 77.68.49.12
+ address 77.68.8.144
+ address 77.68.116.183
+ address 77.68.103.19
+ address 77.68.50.91
+ address 77.68.24.63
+ address 77.68.118.15
+ address 77.68.50.198
+ address 77.68.49.160
+ address 77.68.49.161
+ address 77.68.76.191
+ address 77.68.76.40
+ address 77.68.113.164
+ address 77.68.77.42
+ address 77.68.100.134
+ address 77.68.100.132
+ address 77.68.114.93
+ address 185.132.36.60
+ address 185.132.40.244
+ address 77.68.85.18
+ address 77.68.50.193
+ address 77.68.89.247
+ address 88.208.197.10
+ address 77.68.102.129
+ address 109.228.36.79
+ address 185.132.38.182
+ address 185.132.41.240
+ address 77.68.51.214
+ address 88.208.196.123
+ address 77.68.126.22
+ address 213.171.212.90
+ address 77.68.114.205
+ address 77.68.48.202
+ address 77.68.112.175
+ address 77.68.112.90
+ address 185.132.40.166
+ address 77.68.103.120
+ address 77.68.103.147
+ address 77.68.33.24
+ address 109.228.58.134
+ address 109.228.47.223
+ address 109.228.56.97
+ address 77.68.103.227
+ address 88.208.196.92
+ address 88.208.196.154
+ address 185.132.39.44
+ address 77.68.76.248
+ address 88.208.198.92
+ address 77.68.77.144
+ address 77.68.126.14
+ address 88.208.196.91
+ address 77.68.100.77
+ address 185.132.37.101
+ address 77.68.87.164
+ address 77.68.76.120
+ address 77.68.93.164
+ address 77.68.76.171
+ address 88.208.197.135
+ address 88.208.197.118
+ address 88.208.197.150
+ address 77.68.34.139
+ address 213.171.213.175
+ address 77.68.21.171
+ address 88.208.197.60
+ address 109.228.37.10
+ address 88.208.215.61
+ address 88.208.212.31
+ address 109.228.53.243
+ address 77.68.48.89
+ address 88.208.212.188
+ address 88.208.198.251
+ address 88.208.215.19
+ address 77.68.76.228
+ address 109.228.39.41
+ address 77.68.115.142
+ address 77.68.78.73
+ address 213.171.214.96
+ address 88.208.198.66
+ address 77.68.3.61
+ address 77.68.77.219
+ address 77.68.26.228
+ address 77.68.4.25
+ address 77.68.7.114
+ address 77.68.123.177
+ address 77.68.77.222
+ address 77.68.112.83
+ address 77.68.117.214
+ address 88.208.199.141
+ address 185.132.39.109
+ address 185.132.37.47
+ address 77.68.102.5
+ address 77.68.16.247
+ address 88.208.212.94
+ address 77.68.72.254
+ address 109.228.61.37
+ address 77.68.50.142
+ address 77.68.78.113
+ address 88.208.212.182
+ address 185.132.40.124
+ address 88.208.197.208
+ address 88.208.197.129
+ address 77.68.77.238
+ address 77.68.79.82
+ address 185.132.38.216
+ }
+ address-group G-25-TCP {
+ address 172.16.255.254
+ address 77.68.76.115
+ address 77.68.76.141
+ address 77.68.76.187
+ address 77.68.76.195
+ address 77.68.76.197
+ address 77.68.76.203
+ address 77.68.76.209
+ address 77.68.76.55
+ address 77.68.76.57
+ address 77.68.76.75
+ address 77.68.76.91
+ address 77.68.76.99
+ address 77.68.77.107
+ address 77.68.77.129
+ address 77.68.77.130
+ address 77.68.77.141
+ address 77.68.77.150
+ address 77.68.77.159
+ address 77.68.77.171
+ address 77.68.77.176
+ address 77.68.77.207
+ address 77.68.77.22
+ address 77.68.77.236
+ address 77.68.77.240
+ address 77.68.77.243
+ address 77.68.77.32
+ address 77.68.77.33
+ address 77.68.77.49
+ address 77.68.77.50
+ address 77.68.77.56
+ address 77.68.77.63
+ address 77.68.77.81
+ address 77.68.77.85
+ address 77.68.77.92
+ address 77.68.77.97
+ address 77.68.77.99
+ address 77.68.77.77
+ address 77.68.76.19
+ address 77.68.77.192
+ address 77.68.77.254
+ address 77.68.76.139
+ address 77.68.84.147
+ address 77.68.4.74
+ address 77.68.6.202
+ address 77.68.81.44
+ address 77.68.30.133
+ address 77.68.77.74
+ address 77.68.77.100
+ address 77.68.92.186
+ address 77.68.76.114
+ address 77.68.116.119
+ address 77.68.116.221
+ address 77.68.116.220
+ address 109.228.56.26
+ address 77.68.7.123
+ address 77.68.120.241
+ address 109.228.60.215
+ address 77.68.7.172
+ address 77.68.116.52
+ address 77.68.91.128
+ address 77.68.24.112
+ address 77.68.76.94
+ address 109.228.37.114
+ address 77.68.112.75
+ address 77.68.77.160
+ address 77.68.7.67
+ address 77.68.113.117
+ address 77.68.126.51
+ address 77.68.86.148
+ address 77.68.23.35
+ address 77.68.77.30
+ address 77.68.76.95
+ address 77.68.10.170
+ address 213.171.213.41
+ address 213.171.215.184
+ address 77.68.25.146
+ address 213.171.213.31
+ address 77.68.78.229
+ address 213.171.210.19
+ address 77.68.79.206
+ address 213.171.215.252
+ address 109.228.52.186
+ address 77.68.77.69
+ address 109.228.40.222
+ address 77.68.87.212
+ address 185.132.39.99
+ address 77.68.85.73
+ address 77.68.28.139
+ address 77.68.4.111
+ address 77.68.77.174
+ address 77.68.117.222
+ address 185.132.43.28
+ address 185.132.37.23
+ address 77.68.77.215
+ address 77.68.77.214
+ address 185.132.38.114
+ address 77.68.33.48
+ address 77.68.79.89
+ address 77.68.76.21
+ address 77.68.76.137
+ address 77.68.80.26
+ address 77.68.5.95
+ address 77.68.100.167
+ address 77.68.4.80
+ address 77.68.49.152
+ address 213.171.208.40
+ address 77.68.112.184
+ address 77.68.115.17
+ address 77.68.82.147
+ address 77.68.118.15
+ address 77.68.76.191
+ address 77.68.50.193
+ address 77.68.102.129
+ address 77.68.76.118
+ address 88.208.198.69
+ address 77.68.34.139
+ address 88.208.197.60
+ address 88.208.212.188
+ address 77.68.76.112
+ address 77.68.77.75
+ address 213.171.214.96
+ address 88.208.198.66
+ address 77.68.77.219
+ address 77.68.77.204
+ address 77.68.76.202
+ address 77.68.123.177
+ address 77.68.77.222
+ address 77.68.112.83
+ address 185.132.37.47
+ address 77.68.77.152
+ address 77.68.77.181
+ address 77.68.77.185
+ address 77.68.77.238
+ address 77.68.79.82
+ }
+ address-group G-53-TCP {
+ address 172.16.255.254
+ address 77.68.94.181
+ address 77.68.28.145
+ address 77.68.84.155
+ address 77.68.78.229
+ address 185.132.39.99
+ address 185.132.43.28
+ address 77.68.77.215
+ address 185.132.40.152
+ address 77.68.49.161
+ address 77.68.76.118
+ }
+ address-group G-53-UDP {
+ address 172.16.255.254
+ address 77.68.76.235
+ address 77.68.76.93
+ address 77.68.77.107
+ address 77.68.77.151
+ address 77.68.77.37
+ address 77.68.76.139
+ address 77.68.81.44
+ address 77.68.94.181
+ address 77.68.28.145
+ address 77.68.81.141
+ address 77.68.4.252
+ address 77.68.125.32
+ address 77.68.86.148
+ address 77.68.78.229
+ address 185.132.43.28
+ address 77.68.75.45
+ address 185.132.40.152
+ address 77.68.4.80
+ address 77.68.49.152
+ address 77.68.49.161
+ address 77.68.34.50
+ }
+ address-group G-80-TCP {
+ address 172.16.255.254
+ address 77.68.76.104
+ address 77.68.76.105
+ address 77.68.76.115
+ address 77.68.76.116
+ address 77.68.76.122
+ address 77.68.76.126
+ address 77.68.76.127
+ address 77.68.76.136
+ address 77.68.76.141
+ address 77.68.76.145
+ address 77.68.76.148
+ address 77.68.76.150
+ address 77.68.76.158
+ address 77.68.76.164
+ address 77.68.76.177
+ address 77.68.76.187
+ address 77.68.76.195
+ address 77.68.76.197
+ address 77.68.76.20
+ address 77.68.76.200
+ address 77.68.76.203
+ address 77.68.76.209
+ address 77.68.76.217
+ address 77.68.76.22
+ address 77.68.76.220
+ address 77.68.76.23
+ address 77.68.76.231
+ address 77.68.76.235
+ address 77.68.76.239
+ address 77.68.76.241
+ address 77.68.76.245
+ address 77.68.76.247
+ address 77.68.76.25
+ address 77.68.76.251
+ address 77.68.76.252
+ address 77.68.76.33
+ address 77.68.76.35
+ address 77.68.76.37
+ address 77.68.76.38
+ address 77.68.76.39
+ address 77.68.76.49
+ address 77.68.76.50
+ address 77.68.76.54
+ address 77.68.76.55
+ address 77.68.76.57
+ address 77.68.76.58
+ address 77.68.76.61
+ address 77.68.76.74
+ address 77.68.76.75
+ address 77.68.76.80
+ address 77.68.76.91
+ address 77.68.76.93
+ address 77.68.76.94
+ address 77.68.76.99
+ address 77.68.77.100
+ address 77.68.77.103
+ address 77.68.77.107
+ address 77.68.77.108
+ address 77.68.77.115
+ address 77.68.77.117
+ address 77.68.77.124
+ address 77.68.77.128
+ address 77.68.77.129
+ address 77.68.77.130
+ address 77.68.77.137
+ address 77.68.77.139
+ address 77.68.77.140
+ address 77.68.77.141
+ address 77.68.77.150
+ address 77.68.77.151
+ address 77.68.77.156
+ address 77.68.77.159
+ address 77.68.77.171
+ address 77.68.77.176
+ address 77.68.77.178
+ address 77.68.77.19
+ address 77.68.77.190
+ address 77.68.77.199
+ address 77.68.77.200
+ address 77.68.77.201
+ address 77.68.77.203
+ address 77.68.77.207
+ address 77.68.77.211
+ address 77.68.77.212
+ address 77.68.77.22
+ address 77.68.77.227
+ address 77.68.77.228
+ address 77.68.77.236
+ address 77.68.77.240
+ address 77.68.77.243
+ address 77.68.77.247
+ address 77.68.77.253
+ address 77.68.77.32
+ address 77.68.77.33
+ address 77.68.77.37
+ address 77.68.77.49
+ address 77.68.77.50
+ address 77.68.77.53
+ address 77.68.77.56
+ address 77.68.77.63
+ address 77.68.77.67
+ address 77.68.77.68
+ address 77.68.77.71
+ address 77.68.77.77
+ address 77.68.77.79
+ address 77.68.77.81
+ address 77.68.77.85
+ address 77.68.77.88
+ address 77.68.77.92
+ address 77.68.77.97
+ address 77.68.77.99
+ address 77.68.76.76
+ address 77.68.76.124
+ address 77.68.76.211
+ address 77.68.76.19
+ address 77.68.77.74
+ address 77.68.77.192
+ address 77.68.76.92
+ address 77.68.76.165
+ address 77.68.77.254
+ address 77.68.77.157
+ address 77.68.76.138
+ address 77.68.76.139
+ address 77.68.76.114
+ address 77.68.76.244
+ address 77.68.77.161
+ address 77.68.77.62
+ address 77.68.77.38
+ address 77.68.91.195
+ address 77.68.17.26
+ address 77.68.28.145
+ address 109.228.56.185
+ address 77.68.84.147
+ address 77.68.12.195
+ address 77.68.21.78
+ address 77.68.5.187
+ address 77.68.7.227
+ address 77.68.4.24
+ address 77.68.4.74
+ address 77.68.6.202
+ address 77.68.5.241
+ address 77.68.4.39
+ address 77.68.81.44
+ address 77.68.90.106
+ address 77.68.94.181
+ address 77.68.30.164
+ address 77.68.30.133
+ address 77.68.4.136
+ address 77.68.23.158
+ address 77.68.92.186
+ address 77.68.24.112
+ address 77.68.112.213
+ address 77.68.20.161
+ address 77.68.26.216
+ address 77.68.20.231
+ address 77.68.118.17
+ address 77.68.116.119
+ address 77.68.116.220
+ address 77.68.116.232
+ address 77.68.76.142
+ address 77.68.117.202
+ address 77.68.7.172
+ address 77.68.116.221
+ address 77.68.89.183
+ address 77.68.83.41
+ address 77.68.86.40
+ address 77.68.88.164
+ address 109.228.56.26
+ address 77.68.7.123
+ address 77.68.112.248
+ address 109.228.60.215
+ address 77.68.7.186
+ address 77.68.93.246
+ address 77.68.84.155
+ address 77.68.120.241
+ address 77.68.121.106
+ address 77.68.122.195
+ address 77.68.122.89
+ address 77.68.120.146
+ address 77.68.122.241
+ address 77.68.119.92
+ address 77.68.81.141
+ address 77.68.10.142
+ address 77.68.116.52
+ address 77.68.6.105
+ address 77.68.76.229
+ address 77.68.95.42
+ address 77.68.28.207
+ address 77.68.4.252
+ address 77.68.17.186
+ address 77.68.91.128
+ address 77.68.22.146
+ address 77.68.23.112
+ address 77.68.24.220
+ address 77.68.125.32
+ address 77.68.76.243
+ address 77.68.12.250
+ address 77.68.72.202
+ address 109.228.36.229
+ address 109.228.40.207
+ address 77.68.31.144
+ address 77.68.2.215
+ address 77.68.117.142
+ address 77.68.5.166
+ address 109.228.37.174
+ address 109.228.37.114
+ address 77.68.76.169
+ address 109.228.37.240
+ address 77.68.112.75
+ address 77.68.76.30
+ address 109.228.35.110
+ address 77.68.77.160
+ address 77.68.77.208
+ address 77.68.76.152
+ address 109.228.39.249
+ address 77.68.76.77
+ address 109.228.40.226
+ address 77.68.7.67
+ address 77.68.113.117
+ address 77.68.126.51
+ address 77.68.75.113
+ address 77.68.86.148
+ address 77.68.23.35
+ address 77.68.114.183
+ address 109.228.40.194
+ address 77.68.76.31
+ address 77.68.77.72
+ address 77.68.90.132
+ address 77.68.6.110
+ address 77.68.76.96
+ address 77.68.77.30
+ address 77.68.76.95
+ address 77.68.10.170
+ address 77.68.120.26
+ address 109.228.61.31
+ address 77.68.76.59
+ address 77.68.120.249
+ address 77.68.6.210
+ address 213.171.213.41
+ address 77.68.77.248
+ address 213.171.212.171
+ address 77.68.4.22
+ address 77.68.119.14
+ address 213.171.215.184
+ address 77.68.77.202
+ address 77.68.25.146
+ address 213.171.213.31
+ address 77.68.78.229
+ address 77.68.77.102
+ address 213.171.210.19
+ address 77.68.24.59
+ address 213.171.213.97
+ address 213.171.213.242
+ address 77.68.77.205
+ address 109.228.48.249
+ address 109.228.40.195
+ address 77.68.120.229
+ address 77.68.127.172
+ address 77.68.79.206
+ address 77.68.123.250
+ address 77.68.28.147
+ address 213.171.212.172
+ address 185.132.36.148
+ address 213.171.208.58
+ address 77.68.25.130
+ address 109.228.56.242
+ address 109.228.46.81
+ address 185.132.38.95
+ address 185.132.37.83
+ address 77.68.117.51
+ address 77.68.116.36
+ address 77.68.120.45
+ address 77.68.25.124
+ address 213.171.210.59
+ address 213.171.215.43
+ address 213.171.215.252
+ address 185.132.37.102
+ address 109.228.42.232
+ address 109.228.52.186
+ address 77.68.9.186
+ address 77.68.13.76
+ address 109.228.36.194
+ address 185.132.36.7
+ address 185.132.36.24
+ address 77.68.77.69
+ address 185.132.39.129
+ address 185.132.36.17
+ address 109.228.40.222
+ address 77.68.118.104
+ address 77.68.120.31
+ address 77.68.74.152
+ address 185.132.39.37
+ address 77.68.3.52
+ address 77.68.87.212
+ address 77.68.76.29
+ address 77.68.119.188
+ address 77.68.74.85
+ address 77.68.91.22
+ address 77.68.76.88
+ address 77.68.4.242
+ address 77.68.76.181
+ address 77.68.76.161
+ address 185.132.39.99
+ address 77.68.95.212
+ address 77.68.85.73
+ address 77.68.76.219
+ address 77.68.27.27
+ address 77.68.3.194
+ address 77.68.3.144
+ address 77.68.3.80
+ address 77.68.27.28
+ address 77.68.3.247
+ address 77.68.3.161
+ address 77.68.27.18
+ address 77.68.3.121
+ address 213.171.214.234
+ address 109.228.38.201
+ address 185.132.39.219
+ address 77.68.28.139
+ address 77.68.81.218
+ address 77.68.4.111
+ address 77.68.77.174
+ address 77.68.117.222
+ address 213.171.211.128
+ address 77.68.5.155
+ address 185.132.41.73
+ address 77.68.77.231
+ address 213.171.214.167
+ address 185.132.43.28
+ address 213.171.213.42
+ address 77.68.76.45
+ address 185.132.41.72
+ address 77.68.92.92
+ address 185.132.40.56
+ address 185.132.37.23
+ address 77.68.117.29
+ address 77.68.75.253
+ address 77.68.11.140
+ address 77.68.77.215
+ address 77.68.20.217
+ address 77.68.10.152
+ address 77.68.73.73
+ address 77.68.76.198
+ address 77.68.77.214
+ address 77.68.9.75
+ address 213.171.210.177
+ address 77.68.76.160
+ address 185.132.38.114
+ address 77.68.33.48
+ address 185.132.40.90
+ address 77.68.79.89
+ address 77.68.34.28
+ address 77.68.76.21
+ address 77.68.75.45
+ address 77.68.76.176
+ address 77.68.77.95
+ address 185.132.39.68
+ address 185.132.43.164
+ address 77.68.76.137
+ address 185.132.40.152
+ address 77.68.77.249
+ address 77.68.33.68
+ address 77.68.24.134
+ address 185.132.38.248
+ address 77.68.32.43
+ address 77.68.120.218
+ address 77.68.112.167
+ address 77.68.32.31
+ address 77.68.32.118
+ address 77.68.32.254
+ address 77.68.80.26
+ address 77.68.17.200
+ address 77.68.80.97
+ address 77.68.121.119
+ address 77.68.74.209
+ address 77.68.77.65
+ address 185.132.43.6
+ address 109.228.46.196
+ address 185.132.43.98
+ address 77.68.100.150
+ address 185.132.41.148
+ address 77.68.24.172
+ address 77.68.33.197
+ address 77.68.5.95
+ address 77.68.23.64
+ address 77.68.101.124
+ address 77.68.5.125
+ address 77.68.100.167
+ address 77.68.4.80
+ address 77.68.49.152
+ address 109.228.59.247
+ address 213.171.208.40
+ address 77.68.112.184
+ address 77.68.35.116
+ address 77.68.33.171
+ address 77.68.76.111
+ address 77.68.76.42
+ address 77.68.77.120
+ address 77.68.76.183
+ address 77.68.118.86
+ address 77.68.48.105
+ address 77.68.48.81
+ address 77.68.49.4
+ address 109.228.36.119
+ address 77.68.34.26
+ address 77.68.115.17
+ address 77.68.121.127
+ address 77.68.82.147
+ address 77.68.49.12
+ address 77.68.8.144
+ address 77.68.116.183
+ address 213.171.212.89
+ address 77.68.76.44
+ address 77.68.77.239
+ address 77.68.51.202
+ address 77.68.101.64
+ address 77.68.103.19
+ address 77.68.50.91
+ address 77.68.24.63
+ address 77.68.118.15
+ address 77.68.50.198
+ address 77.68.77.59
+ address 77.68.49.160
+ address 77.68.76.191
+ address 77.68.126.101
+ address 77.68.113.164
+ address 77.68.77.42
+ address 77.68.100.134
+ address 77.68.100.132
+ address 77.68.114.93
+ address 185.132.36.60
+ address 185.132.40.244
+ address 77.68.85.18
+ address 213.171.214.102
+ address 77.68.50.193
+ address 88.208.197.160
+ address 88.208.197.10
+ address 77.68.102.129
+ address 109.228.36.79
+ address 185.132.38.182
+ address 185.132.41.240
+ address 77.68.51.214
+ address 88.208.196.123
+ address 88.208.215.157
+ address 77.68.126.22
+ address 77.68.4.180
+ address 213.171.212.90
+ address 77.68.114.205
+ address 185.132.43.71
+ address 77.68.77.114
+ address 77.68.48.202
+ address 77.68.112.175
+ address 77.68.112.90
+ address 185.132.40.166
+ address 77.68.76.118
+ address 77.68.103.120
+ address 77.68.33.24
+ address 109.228.58.134
+ address 109.228.47.223
+ address 77.68.31.96
+ address 77.68.103.227
+ address 77.68.76.250
+ address 213.171.212.203
+ address 88.208.196.92
+ address 88.208.196.154
+ address 185.132.39.44
+ address 77.68.76.248
+ address 88.208.198.92
+ address 109.228.36.37
+ address 77.68.77.144
+ address 77.68.126.14
+ address 88.208.196.91
+ address 77.68.100.77
+ address 185.132.37.101
+ address 77.68.87.164
+ address 77.68.77.76
+ address 77.68.76.120
+ address 77.68.82.157
+ address 77.68.93.164
+ address 77.68.76.171
+ address 88.208.197.135
+ address 88.208.197.118
+ address 88.208.197.150
+ address 213.171.212.114
+ address 88.208.198.69
+ address 77.68.34.139
+ address 77.68.21.171
+ address 88.208.197.60
+ address 77.68.85.27
+ address 109.228.37.10
+ address 88.208.215.61
+ address 88.208.199.249
+ address 88.208.212.31
+ address 109.228.53.243
+ address 77.68.48.89
+ address 88.208.212.188
+ address 88.208.198.251
+ address 77.68.76.112
+ address 77.68.48.14
+ address 88.208.215.19
+ address 77.68.103.56
+ address 77.68.76.228
+ address 77.68.77.75
+ address 77.68.117.173
+ address 88.208.215.121
+ address 109.228.39.41
+ address 77.68.88.100
+ address 77.68.76.108
+ address 77.68.115.142
+ address 213.171.214.96
+ address 88.208.198.66
+ address 88.208.198.64
+ address 77.68.3.61
+ address 77.68.77.219
+ address 77.68.77.204
+ address 77.68.26.228
+ address 77.68.74.232
+ address 77.68.118.88
+ address 77.68.76.48
+ address 77.68.76.202
+ address 77.68.4.25
+ address 77.68.7.114
+ address 77.68.123.177
+ address 88.208.197.23
+ address 77.68.114.237
+ address 77.68.77.222
+ address 77.68.112.83
+ address 88.208.199.141
+ address 77.68.77.163
+ address 185.132.39.109
+ address 77.68.77.44
+ address 185.132.37.47
+ address 77.68.102.5
+ address 77.68.16.247
+ address 88.208.212.94
+ address 77.68.72.254
+ address 77.68.77.152
+ address 77.68.50.142
+ address 88.208.199.46
+ address 77.68.78.113
+ address 88.208.212.182
+ address 77.68.77.181
+ address 77.68.15.95
+ address 77.68.75.64
+ address 213.171.212.71
+ address 185.132.40.124
+ address 88.208.197.208
+ address 88.208.197.129
+ address 77.68.76.60
+ address 77.68.6.119
+ address 77.68.77.185
+ address 77.68.77.238
+ address 77.68.79.82
+ address 109.228.39.151
+ }
+ address-group G-110-TCP {
+ address 172.16.255.254
+ address 77.68.76.187
+ address 77.68.77.107
+ address 77.68.77.128
+ address 77.68.77.129
+ address 77.68.77.171
+ address 77.68.77.176
+ address 77.68.77.190
+ address 77.68.77.207
+ address 77.68.77.22
+ address 77.68.77.33
+ address 77.68.77.49
+ address 77.68.77.92
+ address 77.68.77.77
+ address 77.68.76.19
+ address 77.68.77.192
+ address 77.68.84.147
+ address 77.68.4.74
+ address 77.68.6.202
+ address 77.68.116.119
+ address 77.68.116.221
+ address 77.68.120.241
+ address 109.228.60.215
+ address 77.68.116.52
+ address 77.68.126.51
+ address 77.68.23.35
+ address 77.68.76.95
+ address 213.171.215.184
+ address 77.68.25.146
+ address 77.68.79.206
+ address 213.171.215.252
+ address 109.228.52.186
+ address 109.228.40.222
+ address 185.132.39.99
+ address 77.68.77.214
+ address 185.132.38.114
+ address 77.68.79.89
+ address 77.68.5.95
+ address 77.68.100.167
+ address 77.68.4.80
+ address 77.68.49.152
+ address 213.171.208.40
+ address 77.68.50.193
+ address 77.68.102.129
+ address 88.208.198.69
+ address 88.208.212.188
+ address 88.208.198.66
+ address 77.68.4.25
+ address 77.68.7.114
+ address 77.68.123.177
+ address 77.68.77.185
+ address 77.68.77.238
+ }
+ address-group G-143-TCP {
+ address 172.16.255.254
+ address 77.68.76.115
+ address 77.68.76.123
+ address 77.68.76.187
+ address 77.68.77.129
+ address 77.68.77.130
+ address 77.68.77.141
+ address 77.68.77.171
+ address 77.68.77.176
+ address 77.68.77.207
+ address 77.68.77.22
+ address 77.68.77.33
+ address 77.68.77.49
+ address 77.68.77.50
+ address 77.68.77.92
+ address 77.68.77.77
+ address 77.68.77.192
+ address 77.68.84.147
+ address 77.68.4.74
+ address 77.68.6.202
+ address 77.68.81.44
+ address 77.68.92.186
+ address 77.68.116.119
+ address 77.68.116.221
+ address 109.228.60.215
+ address 77.68.7.172
+ address 77.68.116.52
+ address 77.68.24.112
+ address 77.68.77.107
+ address 77.68.112.75
+ address 77.68.7.67
+ address 77.68.126.51
+ address 77.68.23.35
+ address 77.68.76.95
+ address 213.171.215.184
+ address 77.68.25.146
+ address 213.171.213.31
+ address 213.171.210.19
+ address 77.68.79.206
+ address 77.68.77.69
+ address 109.228.40.222
+ address 185.132.39.99
+ address 77.68.117.222
+ address 77.68.33.48
+ address 77.68.79.89
+ address 77.68.5.95
+ address 77.68.100.167
+ address 77.68.4.80
+ address 77.68.49.152
+ address 213.171.208.40
+ address 77.68.115.17
+ address 77.68.102.129
+ address 88.208.198.69
+ address 77.68.34.139
+ address 88.208.212.188
+ address 88.208.198.66
+ address 77.68.77.204
+ address 77.68.4.25
+ address 77.68.7.114
+ address 77.68.123.177
+ address 77.68.77.222
+ address 77.68.112.83
+ }
+ address-group G-443-TCP {
+ address 172.16.255.254
+ address 77.68.76.104
+ address 77.68.76.105
+ address 77.68.76.115
+ address 77.68.76.116
+ address 77.68.76.122
+ address 77.68.76.126
+ address 77.68.76.127
+ address 77.68.76.136
+ address 77.68.76.141
+ address 77.68.76.145
+ address 77.68.76.148
+ address 77.68.76.150
+ address 77.68.76.158
+ address 77.68.76.164
+ address 77.68.76.177
+ address 77.68.76.187
+ address 77.68.76.195
+ address 77.68.76.197
+ address 77.68.76.20
+ address 77.68.76.200
+ address 77.68.76.203
+ address 77.68.76.209
+ address 77.68.76.217
+ address 77.68.76.22
+ address 77.68.76.220
+ address 77.68.76.23
+ address 77.68.76.231
+ address 77.68.76.235
+ address 77.68.76.239
+ address 77.68.76.241
+ address 77.68.76.245
+ address 77.68.76.25
+ address 77.68.76.252
+ address 77.68.76.33
+ address 77.68.76.35
+ address 77.68.76.37
+ address 77.68.76.38
+ address 77.68.76.39
+ address 77.68.76.49
+ address 77.68.76.50
+ address 77.68.76.54
+ address 77.68.76.55
+ address 77.68.76.57
+ address 77.68.76.58
+ address 77.68.76.61
+ address 77.68.76.74
+ address 77.68.76.75
+ address 77.68.76.80
+ address 77.68.76.91
+ address 77.68.76.93
+ address 77.68.76.94
+ address 77.68.76.99
+ address 77.68.77.100
+ address 77.68.77.103
+ address 77.68.77.107
+ address 77.68.77.108
+ address 77.68.77.117
+ address 77.68.77.124
+ address 77.68.77.128
+ address 77.68.77.129
+ address 77.68.77.130
+ address 77.68.77.137
+ address 77.68.77.139
+ address 77.68.77.140
+ address 77.68.77.141
+ address 77.68.77.150
+ address 77.68.77.151
+ address 77.68.77.156
+ address 77.68.77.159
+ address 77.68.77.171
+ address 77.68.77.176
+ address 77.68.77.178
+ address 77.68.77.19
+ address 77.68.77.190
+ address 77.68.77.199
+ address 77.68.77.200
+ address 77.68.77.201
+ address 77.68.77.203
+ address 77.68.77.207
+ address 77.68.77.211
+ address 77.68.77.212
+ address 77.68.77.22
+ address 77.68.77.221
+ address 77.68.77.227
+ address 77.68.77.228
+ address 77.68.77.236
+ address 77.68.77.240
+ address 77.68.77.243
+ address 77.68.77.247
+ address 77.68.77.253
+ address 77.68.77.32
+ address 77.68.77.33
+ address 77.68.77.37
+ address 77.68.77.49
+ address 77.68.77.50
+ address 77.68.77.53
+ address 77.68.77.56
+ address 77.68.77.63
+ address 77.68.77.67
+ address 77.68.77.68
+ address 77.68.77.71
+ address 77.68.77.77
+ address 77.68.77.79
+ address 77.68.77.81
+ address 77.68.77.85
+ address 77.68.77.88
+ address 77.68.77.92
+ address 77.68.77.97
+ address 77.68.77.99
+ address 77.68.76.76
+ address 77.68.76.124
+ address 77.68.76.211
+ address 77.68.76.19
+ address 77.68.76.110
+ address 77.68.77.74
+ address 77.68.77.192
+ address 77.68.76.92
+ address 77.68.76.165
+ address 77.68.77.254
+ address 77.68.77.157
+ address 77.68.76.138
+ address 77.68.76.139
+ address 77.68.76.114
+ address 77.68.76.244
+ address 77.68.77.161
+ address 77.68.77.38
+ address 77.68.91.195
+ address 77.68.17.26
+ address 77.68.28.145
+ address 109.228.56.185
+ address 77.68.84.147
+ address 77.68.12.195
+ address 77.68.21.78
+ address 77.68.5.187
+ address 77.68.7.227
+ address 77.68.4.24
+ address 77.68.4.74
+ address 77.68.6.202
+ address 77.68.5.241
+ address 77.68.4.39
+ address 77.68.81.44
+ address 77.68.90.106
+ address 77.68.94.181
+ address 77.68.30.164
+ address 77.68.30.133
+ address 77.68.4.136
+ address 77.68.23.158
+ address 77.68.24.112
+ address 77.68.92.186
+ address 77.68.20.161
+ address 77.68.112.213
+ address 77.68.26.216
+ address 77.68.20.231
+ address 77.68.118.17
+ address 77.68.116.119
+ address 77.68.116.220
+ address 77.68.116.232
+ address 77.68.76.142
+ address 77.68.117.202
+ address 77.68.7.172
+ address 77.68.116.221
+ address 77.68.89.183
+ address 77.68.83.41
+ address 77.68.86.40
+ address 77.68.88.164
+ address 109.228.56.26
+ address 77.68.7.123
+ address 77.68.112.248
+ address 109.228.60.215
+ address 77.68.7.186
+ address 77.68.93.246
+ address 77.68.84.155
+ address 77.68.120.241
+ address 77.68.121.106
+ address 77.68.122.195
+ address 77.68.122.89
+ address 77.68.120.146
+ address 77.68.122.241
+ address 77.68.81.141
+ address 77.68.116.52
+ address 77.68.6.105
+ address 77.68.76.229
+ address 77.68.95.42
+ address 77.68.28.207
+ address 77.68.4.252
+ address 77.68.17.186
+ address 77.68.91.128
+ address 77.68.22.146
+ address 77.68.23.112
+ address 77.68.24.220
+ address 77.68.125.32
+ address 77.68.12.250
+ address 77.68.76.243
+ address 77.68.72.202
+ address 109.228.36.229
+ address 109.228.40.207
+ address 77.68.31.144
+ address 77.68.2.215
+ address 77.68.117.142
+ address 77.68.5.166
+ address 77.68.76.102
+ address 109.228.37.174
+ address 109.228.37.114
+ address 109.228.37.240
+ address 77.68.112.75
+ address 77.68.76.30
+ address 109.228.35.110
+ address 77.68.77.160
+ address 77.68.77.208
+ address 77.68.76.152
+ address 109.228.39.249
+ address 77.68.76.77
+ address 77.68.7.160
+ address 109.228.40.226
+ address 77.68.7.67
+ address 77.68.113.117
+ address 77.68.126.51
+ address 77.68.75.113
+ address 77.68.86.148
+ address 77.68.114.183
+ address 109.228.40.194
+ address 77.68.76.31
+ address 77.68.77.72
+ address 77.68.90.132
+ address 77.68.6.110
+ address 77.68.77.26
+ address 77.68.76.96
+ address 77.68.77.30
+ address 77.68.76.95
+ address 77.68.10.170
+ address 77.68.76.234
+ address 77.68.120.26
+ address 109.228.61.31
+ address 77.68.76.59
+ address 77.68.120.249
+ address 77.68.6.210
+ address 213.171.213.41
+ address 77.68.77.248
+ address 213.171.212.171
+ address 77.68.4.22
+ address 77.68.119.14
+ address 213.171.215.184
+ address 77.68.77.202
+ address 77.68.25.146
+ address 213.171.213.31
+ address 77.68.78.229
+ address 77.68.77.102
+ address 213.171.210.19
+ address 77.68.24.59
+ address 213.171.213.97
+ address 213.171.213.242
+ address 77.68.77.205
+ address 109.228.48.249
+ address 109.228.40.195
+ address 77.68.120.229
+ address 77.68.127.172
+ address 77.68.79.206
+ address 77.68.123.250
+ address 77.68.28.147
+ address 213.171.212.172
+ address 185.132.36.148
+ address 213.171.208.58
+ address 77.68.25.130
+ address 109.228.56.242
+ address 109.228.46.81
+ address 185.132.38.95
+ address 185.132.37.83
+ address 77.68.117.51
+ address 77.68.116.36
+ address 77.68.120.45
+ address 77.68.25.124
+ address 213.171.210.59
+ address 213.171.215.43
+ address 213.171.215.252
+ address 185.132.37.102
+ address 109.228.42.232
+ address 109.228.52.186
+ address 77.68.9.186
+ address 77.68.13.76
+ address 109.228.36.194
+ address 185.132.36.7
+ address 185.132.36.24
+ address 77.68.77.69
+ address 185.132.39.129
+ address 185.132.36.17
+ address 109.228.40.222
+ address 77.68.118.104
+ address 77.68.120.31
+ address 77.68.74.152
+ address 185.132.39.37
+ address 77.68.3.52
+ address 77.68.87.212
+ address 77.68.76.29
+ address 77.68.119.188
+ address 77.68.74.85
+ address 77.68.91.22
+ address 77.68.76.88
+ address 77.68.4.242
+ address 77.68.76.181
+ address 77.68.76.161
+ address 185.132.39.99
+ address 77.68.95.212
+ address 77.68.76.219
+ address 77.68.27.27
+ address 77.68.3.194
+ address 77.68.3.144
+ address 77.68.3.80
+ address 77.68.27.28
+ address 77.68.3.247
+ address 77.68.3.161
+ address 77.68.27.18
+ address 77.68.3.121
+ address 213.171.214.234
+ address 109.228.38.201
+ address 185.132.39.219
+ address 77.68.28.139
+ address 77.68.81.218
+ address 77.68.4.111
+ address 77.68.77.174
+ address 77.68.117.222
+ address 213.171.211.128
+ address 77.68.5.155
+ address 77.68.77.231
+ address 213.171.214.167
+ address 185.132.43.28
+ address 213.171.213.42
+ address 77.68.76.45
+ address 77.68.92.92
+ address 77.68.77.233
+ address 185.132.40.56
+ address 185.132.37.23
+ address 77.68.117.29
+ address 77.68.75.253
+ address 77.68.11.140
+ address 77.68.77.215
+ address 77.68.20.217
+ address 77.68.10.152
+ address 77.68.73.73
+ address 77.68.76.198
+ address 77.68.77.214
+ address 77.68.9.75
+ address 213.171.210.177
+ address 77.68.77.70
+ address 77.68.77.149
+ address 77.68.76.160
+ address 185.132.38.114
+ address 77.68.33.48
+ address 185.132.40.90
+ address 77.68.79.89
+ address 77.68.34.28
+ address 77.68.76.21
+ address 77.68.75.45
+ address 77.68.76.176
+ address 77.68.77.95
+ address 185.132.39.68
+ address 185.132.43.164
+ address 77.68.76.137
+ address 185.132.40.152
+ address 77.68.77.249
+ address 77.68.24.134
+ address 185.132.38.248
+ address 77.68.32.43
+ address 77.68.120.218
+ address 77.68.112.167
+ address 77.68.32.31
+ address 77.68.32.118
+ address 77.68.32.254
+ address 77.68.80.26
+ address 77.68.17.200
+ address 77.68.80.97
+ address 77.68.121.119
+ address 77.68.74.209
+ address 77.68.77.65
+ address 185.132.43.6
+ address 109.228.46.196
+ address 185.132.43.98
+ address 77.68.100.150
+ address 185.132.41.148
+ address 77.68.24.172
+ address 77.68.33.197
+ address 77.68.5.95
+ address 77.68.23.64
+ address 77.68.101.124
+ address 77.68.5.125
+ address 77.68.100.167
+ address 77.68.4.80
+ address 77.68.49.152
+ address 109.228.59.247
+ address 213.171.208.40
+ address 77.68.112.184
+ address 77.68.35.116
+ address 185.132.40.11
+ address 77.68.33.171
+ address 77.68.76.111
+ address 77.68.76.42
+ address 77.68.77.120
+ address 77.68.76.183
+ address 77.68.118.86
+ address 77.68.48.105
+ address 77.68.48.81
+ address 77.68.49.4
+ address 109.228.36.119
+ address 77.68.34.26
+ address 77.68.115.17
+ address 77.68.82.147
+ address 77.68.49.12
+ address 77.68.8.144
+ address 77.68.51.202
+ address 77.68.101.64
+ address 77.68.103.19
+ address 77.68.50.91
+ address 77.68.24.63
+ address 77.68.118.15
+ address 77.68.50.198
+ address 77.68.77.59
+ address 77.68.49.160
+ address 77.68.76.191
+ address 77.68.126.101
+ address 77.68.76.40
+ address 77.68.77.42
+ address 77.68.100.134
+ address 77.68.100.132
+ address 77.68.114.93
+ address 185.132.36.60
+ address 185.132.40.244
+ address 77.68.85.18
+ address 213.171.214.102
+ address 77.68.50.193
+ address 88.208.197.160
+ address 88.208.197.10
+ address 77.68.102.129
+ address 109.228.36.79
+ address 185.132.38.182
+ address 185.132.41.240
+ address 77.68.51.214
+ address 88.208.196.123
+ address 88.208.215.157
+ address 77.68.126.22
+ address 77.68.4.180
+ address 213.171.212.90
+ address 77.68.114.205
+ address 185.132.43.71
+ address 88.208.215.62
+ address 77.68.77.114
+ address 77.68.48.202
+ address 77.68.112.175
+ address 77.68.112.90
+ address 185.132.40.166
+ address 77.68.76.118
+ address 77.68.103.120
+ address 77.68.33.24
+ address 109.228.58.134
+ address 109.228.47.223
+ address 77.68.31.96
+ address 77.68.103.227
+ address 213.171.212.203
+ address 88.208.196.92
+ address 88.208.196.154
+ address 185.132.39.44
+ address 77.68.76.248
+ address 88.208.198.92
+ address 109.228.36.37
+ address 77.68.77.144
+ address 77.68.126.14
+ address 88.208.196.91
+ address 77.68.100.77
+ address 185.132.37.101
+ address 77.68.87.164
+ address 77.68.77.76
+ address 77.68.76.120
+ address 77.68.82.157
+ address 77.68.93.164
+ address 77.68.76.171
+ address 88.208.197.135
+ address 88.208.197.118
+ address 88.208.197.150
+ address 88.208.198.69
+ address 77.68.34.139
+ address 77.68.21.171
+ address 88.208.197.60
+ address 77.68.85.27
+ address 109.228.37.10
+ address 88.208.215.61
+ address 88.208.199.249
+ address 88.208.212.31
+ address 109.228.53.243
+ address 77.68.48.89
+ address 88.208.212.188
+ address 88.208.198.251
+ address 77.68.76.112
+ address 77.68.48.14
+ address 88.208.215.19
+ address 77.68.77.75
+ address 77.68.117.173
+ address 88.208.215.121
+ address 109.228.39.41
+ address 77.68.88.100
+ address 77.68.76.108
+ address 77.68.115.142
+ address 77.68.33.216
+ address 77.68.33.37
+ address 77.68.50.90
+ address 213.171.214.96
+ address 88.208.198.66
+ address 88.208.198.64
+ address 77.68.3.61
+ address 77.68.77.219
+ address 77.68.77.204
+ address 77.68.26.228
+ address 77.68.74.232
+ address 77.68.118.88
+ address 77.68.77.46
+ address 77.68.76.48
+ address 77.68.76.202
+ address 77.68.4.25
+ address 77.68.7.114
+ address 88.208.197.23
+ address 77.68.114.237
+ address 77.68.77.222
+ address 77.68.112.83
+ address 77.68.117.214
+ address 88.208.199.141
+ address 77.68.77.163
+ address 185.132.39.109
+ address 77.68.77.44
+ address 185.132.37.47
+ address 77.68.102.5
+ address 77.68.16.247
+ address 88.208.212.94
+ address 77.68.72.254
+ address 77.68.76.212
+ address 77.68.77.152
+ address 77.68.50.142
+ address 88.208.199.46
+ address 77.68.78.113
+ address 88.208.212.182
+ address 77.68.77.181
+ address 77.68.15.95
+ address 77.68.75.64
+ address 213.171.212.71
+ address 185.132.40.124
+ address 88.208.197.208
+ address 88.208.197.129
+ address 77.68.76.60
+ address 77.68.6.119
+ address 77.68.77.185
+ address 77.68.77.238
+ address 77.68.27.57
+ address 77.68.118.102
+ address 77.68.79.82
+ address 109.228.39.151
+ }
+ address-group G-465-TCP {
+ address 172.16.255.254
+ address 77.68.76.115
+ address 77.68.76.141
+ address 77.68.76.187
+ address 77.68.76.197
+ address 77.68.76.209
+ address 77.68.76.99
+ address 77.68.77.107
+ address 77.68.77.129
+ address 77.68.77.130
+ address 77.68.77.141
+ address 77.68.77.150
+ address 77.68.77.171
+ address 77.68.77.176
+ address 77.68.77.190
+ address 77.68.77.207
+ address 77.68.77.22
+ address 77.68.77.32
+ address 77.68.77.33
+ address 77.68.77.63
+ address 77.68.77.92
+ address 77.68.77.99
+ address 77.68.77.77
+ address 77.68.77.192
+ address 77.68.84.147
+ address 77.68.4.74
+ address 77.68.6.202
+ address 77.68.77.74
+ address 77.68.77.100
+ address 77.68.116.221
+ address 109.228.60.215
+ address 77.68.116.52
+ address 77.68.7.172
+ address 77.68.95.42
+ address 77.68.91.128
+ address 77.68.24.112
+ address 109.228.37.114
+ address 77.68.112.75
+ address 77.68.7.67
+ address 77.68.113.117
+ address 77.68.126.51
+ address 77.68.23.35
+ address 77.68.10.170
+ address 77.68.76.234
+ address 213.171.213.31
+ address 77.68.78.229
+ address 213.171.210.19
+ address 109.228.52.186
+ address 77.68.77.69
+ address 109.228.40.222
+ address 77.68.87.212
+ address 77.68.28.139
+ address 77.68.4.111
+ address 77.68.77.174
+ address 77.68.117.222
+ address 185.132.43.28
+ address 77.68.77.214
+ address 185.132.38.114
+ address 77.68.33.48
+ address 77.68.79.89
+ address 77.68.76.21
+ address 77.68.80.26
+ address 77.68.5.95
+ address 77.68.100.167
+ address 77.68.4.80
+ address 77.68.49.152
+ address 77.68.112.184
+ address 77.68.115.17
+ address 77.68.82.147
+ address 77.68.50.193
+ address 88.208.215.61
+ address 213.171.214.96
+ address 88.208.198.66
+ address 77.68.77.204
+ address 77.68.123.177
+ address 77.68.77.222
+ address 77.68.112.83
+ address 77.68.77.185
+ address 77.68.79.82
+ }
+ address-group G-587-TCP {
+ address 172.16.255.254
+ address 77.68.76.141
+ address 77.68.76.187
+ address 77.68.76.197
+ address 77.68.76.209
+ address 77.68.77.128
+ address 77.68.77.129
+ address 77.68.77.141
+ address 77.68.77.171
+ address 77.68.77.190
+ address 77.68.77.207
+ address 77.68.77.32
+ address 77.68.77.33
+ address 77.68.77.63
+ address 77.68.77.85
+ address 77.68.77.92
+ address 77.68.77.99
+ address 77.68.77.77
+ address 77.68.4.74
+ address 77.68.6.202
+ address 77.68.81.44
+ address 77.68.77.100
+ address 77.68.92.186
+ address 77.68.116.119
+ address 77.68.116.221
+ address 77.68.120.241
+ address 109.228.60.215
+ address 77.68.122.241
+ address 77.68.116.52
+ address 77.68.91.128
+ address 77.68.24.112
+ address 77.68.77.107
+ address 109.228.37.114
+ address 77.68.112.75
+ address 77.68.77.160
+ address 77.68.113.117
+ address 77.68.126.51
+ address 77.68.23.35
+ address 77.68.76.95
+ address 77.68.10.170
+ address 77.68.76.234
+ address 213.171.213.41
+ address 213.171.213.31
+ address 77.68.78.229
+ address 213.171.210.19
+ address 109.228.52.186
+ address 109.228.40.222
+ address 77.68.87.212
+ address 185.132.39.219
+ address 77.68.28.139
+ address 77.68.4.111
+ address 77.68.77.174
+ address 77.68.117.222
+ address 185.132.43.28
+ address 77.68.77.215
+ address 77.68.77.214
+ address 185.132.38.114
+ address 77.68.33.48
+ address 77.68.76.21
+ address 77.68.100.167
+ address 77.68.4.80
+ address 77.68.49.152
+ address 77.68.112.184
+ address 77.68.115.17
+ address 77.68.82.147
+ address 77.68.76.191
+ address 77.68.50.193
+ address 77.68.77.114
+ address 88.208.215.61
+ address 77.68.76.112
+ address 77.68.33.216
+ address 77.68.33.37
+ address 77.68.50.90
+ address 88.208.198.66
+ address 77.68.77.219
+ address 77.68.123.177
+ address 77.68.77.222
+ address 77.68.112.83
+ address 77.68.77.152
+ address 77.68.79.82
+ }
+ address-group G-993-TCP {
+ address 172.16.255.254
+ address 77.68.76.115
+ address 77.68.77.129
+ address 77.68.77.130
+ address 77.68.77.141
+ address 77.68.77.150
+ address 77.68.77.171
+ address 77.68.77.176
+ address 77.68.77.190
+ address 77.68.77.207
+ address 77.68.77.22
+ address 77.68.77.33
+ address 77.68.77.49
+ address 77.68.77.56
+ address 77.68.77.77
+ address 77.68.77.192
+ address 77.68.84.147
+ address 77.68.4.74
+ address 77.68.6.202
+ address 77.68.81.44
+ address 77.68.77.74
+ address 77.68.77.100
+ address 77.68.92.186
+ address 77.68.116.119
+ address 77.68.116.221
+ address 77.68.120.241
+ address 77.68.7.172
+ address 77.68.91.128
+ address 77.68.23.112
+ address 77.68.24.112
+ address 77.68.77.107
+ address 109.228.37.114
+ address 77.68.112.75
+ address 77.68.7.67
+ address 77.68.113.117
+ address 77.68.126.51
+ address 77.68.86.148
+ address 77.68.23.35
+ address 77.68.76.95
+ address 213.171.215.184
+ address 77.68.25.146
+ address 213.171.213.31
+ address 213.171.210.19
+ address 77.68.79.206
+ address 77.68.123.250
+ address 77.68.77.69
+ address 109.228.40.222
+ address 77.68.87.212
+ address 77.68.91.22
+ address 185.132.39.99
+ address 77.68.28.139
+ address 77.68.4.111
+ address 77.68.77.174
+ address 77.68.117.222
+ address 77.68.5.155
+ address 185.132.43.28
+ address 77.68.77.215
+ address 77.68.10.152
+ address 77.68.73.73
+ address 77.68.77.214
+ address 185.132.38.114
+ address 77.68.33.48
+ address 77.68.79.89
+ address 77.68.5.95
+ address 77.68.4.80
+ address 77.68.49.152
+ address 213.171.208.40
+ address 77.68.115.17
+ address 77.68.103.19
+ address 185.132.36.60
+ address 185.132.40.244
+ address 88.208.197.10
+ address 77.68.102.129
+ address 88.208.215.157
+ address 88.208.198.69
+ address 88.208.212.188
+ address 213.171.214.96
+ address 88.208.198.66
+ address 77.68.77.204
+ address 77.68.74.232
+ address 77.68.4.25
+ address 77.68.7.114
+ address 77.68.123.177
+ address 77.68.77.222
+ address 77.68.112.83
+ address 77.68.79.82
+ }
+ address-group G-995-TCP {
+ address 172.16.255.254
+ address 77.68.76.115
+ address 77.68.77.129
+ address 77.68.77.171
+ address 77.68.77.176
+ address 77.68.77.190
+ address 77.68.77.22
+ address 77.68.77.33
+ address 77.68.77.92
+ address 77.68.77.77
+ address 77.68.84.147
+ address 77.68.4.74
+ address 77.68.6.202
+ address 77.68.77.74
+ address 77.68.77.100
+ address 77.68.116.221
+ address 77.68.120.241
+ address 77.68.7.172
+ address 77.68.95.42
+ address 77.68.91.128
+ address 77.68.23.112
+ address 77.68.24.112
+ address 77.68.77.107
+ address 109.228.37.114
+ address 77.68.7.67
+ address 77.68.126.51
+ address 77.68.79.206
+ address 77.68.123.250
+ address 109.228.52.186
+ address 109.228.40.222
+ address 77.68.91.22
+ address 77.68.4.111
+ address 77.68.77.174
+ address 77.68.5.155
+ address 185.132.43.28
+ address 77.68.77.214
+ address 185.132.38.114
+ address 77.68.79.89
+ address 77.68.80.26
+ address 77.68.4.80
+ address 77.68.49.152
+ address 77.68.103.19
+ address 77.68.50.193
+ address 88.208.197.10
+ address 213.171.214.96
+ address 88.208.198.66
+ address 77.68.74.232
+ address 77.68.4.25
+ address 77.68.7.114
+ address 77.68.77.185
+ }
+ address-group G-1433-TCP {
+ address 172.16.255.254
+ address 77.68.76.94
+ address 77.68.30.164
+ address 77.68.10.142
+ address 77.68.77.95
+ address 77.68.126.101
+ address 77.68.76.118
+ address 77.68.77.75
+ }
+ address-group G-3306-TCP {
+ address 172.16.255.254
+ address 77.68.76.127
+ address 77.68.76.187
+ address 77.68.76.252
+ address 77.68.76.55
+ address 77.68.76.80
+ address 77.68.77.21
+ address 77.68.77.63
+ address 77.68.77.81
+ address 77.68.77.85
+ address 77.68.77.92
+ address 77.68.76.241
+ address 109.228.56.185
+ address 77.68.28.145
+ address 77.68.76.114
+ address 77.68.17.26
+ address 77.68.120.241
+ address 77.68.6.32
+ address 77.68.91.128
+ address 109.228.37.114
+ address 77.68.76.169
+ address 77.68.76.77
+ address 77.68.113.117
+ address 77.68.86.148
+ address 77.68.76.234
+ address 77.68.76.59
+ address 77.68.77.202
+ address 77.68.28.147
+ address 109.228.52.186
+ address 77.68.117.222
+ address 213.171.213.42
+ address 77.68.75.253
+ address 77.68.77.215
+ address 77.68.79.89
+ address 77.68.118.15
+ address 109.228.36.79
+ address 77.68.33.216
+ address 77.68.33.37
+ address 77.68.50.90
+ address 77.68.76.48
+ address 77.68.77.222
+ address 77.68.112.83
+ address 77.68.77.44
+ address 88.208.212.94
+ }
+ address-group G-3389-TCP {
+ address 172.16.255.254
+ address 77.68.76.116
+ address 77.68.76.150
+ address 77.68.76.203
+ address 77.68.76.220
+ address 77.68.76.23
+ address 77.68.76.241
+ address 77.68.76.35
+ address 77.68.76.39
+ address 77.68.76.47
+ address 77.68.76.49
+ address 77.68.76.50
+ address 77.68.76.58
+ address 77.68.76.75
+ address 77.68.76.91
+ address 77.68.76.93
+ address 77.68.76.94
+ address 77.68.76.99
+ address 77.68.77.115
+ address 77.68.77.156
+ address 77.68.77.178
+ address 77.68.77.199
+ address 77.68.77.236
+ address 77.68.77.63
+ address 77.68.77.71
+ address 77.68.77.97
+ address 77.68.77.99
+ address 77.68.76.107
+ address 77.68.76.26
+ address 77.68.76.92
+ address 77.68.77.38
+ address 77.68.21.78
+ address 77.68.94.181
+ address 77.68.30.164
+ address 77.68.23.158
+ address 77.68.27.54
+ address 77.68.76.142
+ address 77.68.117.202
+ address 77.68.116.220
+ address 77.68.84.155
+ address 77.68.120.146
+ address 77.68.119.92
+ address 77.68.10.142
+ address 77.68.6.105
+ address 77.68.4.252
+ address 77.68.127.151
+ address 77.68.77.228
+ address 109.228.40.207
+ address 77.68.77.24
+ address 109.228.35.110
+ address 77.68.76.152
+ address 77.68.76.77
+ address 77.68.113.117
+ address 77.68.6.110
+ address 77.68.76.96
+ address 77.68.127.172
+ address 185.132.37.83
+ address 77.68.25.124
+ address 77.68.3.52
+ address 77.68.114.234
+ address 77.68.85.73
+ address 109.228.38.201
+ address 77.68.26.221
+ address 77.68.10.152
+ address 77.68.73.73
+ address 77.68.76.198
+ address 77.68.9.75
+ address 77.68.79.89
+ address 77.68.77.95
+ address 77.68.77.65
+ address 77.68.100.150
+ address 77.68.101.125
+ address 77.68.101.124
+ address 213.171.208.40
+ address 77.68.12.45
+ address 77.68.118.86
+ address 77.68.77.59
+ address 77.68.126.101
+ address 213.171.214.102
+ address 88.208.197.160
+ address 88.208.215.157
+ address 77.68.4.180
+ address 185.132.43.71
+ address 77.68.31.96
+ address 109.228.36.37
+ address 77.68.77.76
+ address 77.68.82.157
+ address 109.228.37.10
+ address 77.68.77.75
+ address 77.68.117.173
+ address 88.208.215.121
+ address 77.68.115.142
+ address 77.68.33.216
+ address 77.68.33.37
+ address 77.68.50.90
+ address 88.208.198.64
+ address 77.68.118.88
+ address 77.68.114.237
+ address 77.68.50.142
+ address 77.68.15.95
+ address 77.68.75.64
+ address 77.68.77.238
+ }
+ address-group G-8080-TCP {
+ address 172.16.255.254
+ address 77.68.76.57
+ address 77.68.76.243
+ address 77.68.28.145
+ address 77.68.76.114
+ address 77.68.76.157
+ address 77.68.77.248
+ address 77.68.77.202
+ address 77.68.24.59
+ address 77.68.81.218
+ address 77.68.77.105
+ address 185.132.40.152
+ address 109.228.36.119
+ address 77.68.121.127
+ address 77.68.116.183
+ address 77.68.34.139
+ address 77.68.88.100
+ address 77.68.77.222
+ address 77.68.112.83
+ address 77.68.77.163
+ address 88.208.212.94
+ address 77.68.78.113
+ address 77.68.15.95
+ address 213.171.212.71
+ }
+ address-group G-8443-TCP {
+ address 172.16.255.254
+ address 77.68.76.104
+ address 77.68.76.105
+ address 77.68.76.127
+ address 77.68.76.136
+ address 77.68.76.141
+ address 77.68.76.148
+ address 77.68.76.150
+ address 77.68.76.158
+ address 77.68.76.187
+ address 77.68.76.195
+ address 77.68.76.197
+ address 77.68.76.20
+ address 77.68.76.200
+ address 77.68.76.209
+ address 77.68.76.217
+ address 77.68.76.22
+ address 77.68.76.231
+ address 77.68.76.235
+ address 77.68.76.239
+ address 77.68.76.245
+ address 77.68.76.247
+ address 77.68.76.249
+ address 77.68.76.25
+ address 77.68.76.251
+ address 77.68.76.252
+ address 77.68.76.33
+ address 77.68.76.37
+ address 77.68.76.57
+ address 77.68.76.61
+ address 77.68.76.74
+ address 77.68.76.80
+ address 77.68.76.93
+ address 77.68.77.100
+ address 77.68.77.103
+ address 77.68.77.107
+ address 77.68.77.108
+ address 77.68.77.115
+ address 77.68.77.117
+ address 77.68.77.128
+ address 77.68.77.130
+ address 77.68.77.137
+ address 77.68.77.139
+ address 77.68.77.140
+ address 77.68.77.141
+ address 77.68.77.151
+ address 77.68.77.159
+ address 77.68.77.176
+ address 77.68.77.190
+ address 77.68.77.200
+ address 77.68.77.201
+ address 77.68.77.207
+ address 77.68.77.211
+ address 77.68.77.22
+ address 77.68.77.227
+ address 77.68.77.240
+ address 77.68.77.247
+ address 77.68.77.253
+ address 77.68.77.32
+ address 77.68.77.37
+ address 77.68.77.49
+ address 77.68.77.50
+ address 77.68.77.56
+ address 77.68.77.68
+ address 77.68.77.81
+ address 77.68.77.85
+ address 77.68.77.88
+ address 77.68.77.92
+ address 77.68.77.99
+ address 77.68.76.211
+ address 77.68.76.19
+ address 77.68.77.192
+ address 77.68.77.254
+ address 77.68.77.157
+ address 77.68.76.138
+ address 77.68.76.139
+ address 77.68.76.243
+ address 77.68.77.38
+ address 77.68.77.62
+ address 77.68.91.195
+ address 77.68.17.26
+ address 77.68.84.147
+ address 109.228.56.185
+ address 77.68.5.187
+ address 77.68.4.24
+ address 77.68.4.74
+ address 77.68.6.202
+ address 77.68.5.241
+ address 77.68.77.74
+ address 77.68.76.115
+ address 77.68.81.44
+ address 77.68.90.106
+ address 77.68.94.181
+ address 77.68.30.133
+ address 77.68.4.136
+ address 77.68.28.145
+ address 77.68.24.112
+ address 77.68.92.186
+ address 77.68.26.216
+ address 77.68.20.231
+ address 77.68.118.17
+ address 77.68.116.119
+ address 77.68.76.142
+ address 77.68.7.172
+ address 77.68.116.221
+ address 77.68.89.183
+ address 77.68.83.41
+ address 77.68.86.40
+ address 77.68.88.164
+ address 109.228.56.26
+ address 77.68.7.123
+ address 77.68.116.220
+ address 109.228.60.215
+ address 77.68.7.186
+ address 77.68.93.246
+ address 77.68.120.241
+ address 77.68.122.195
+ address 77.68.122.89
+ address 77.68.81.141
+ address 77.68.116.52
+ address 77.68.6.105
+ address 77.68.76.229
+ address 77.68.4.252
+ address 77.68.17.186
+ address 77.68.91.128
+ address 77.68.22.146
+ address 77.68.125.32
+ address 109.228.36.229
+ address 77.68.31.144
+ address 77.68.117.142
+ address 109.228.37.174
+ address 109.228.37.114
+ address 77.68.76.169
+ address 77.68.112.75
+ address 77.68.77.160
+ address 109.228.39.249
+ address 77.68.7.67
+ address 77.68.113.117
+ address 77.68.126.51
+ address 77.68.86.148
+ address 77.68.114.183
+ address 109.228.40.194
+ address 77.68.90.132
+ address 77.68.77.26
+ address 77.68.76.96
+ address 77.68.77.30
+ address 77.68.76.95
+ address 77.68.10.170
+ address 77.68.120.26
+ address 109.228.61.31
+ address 77.68.76.59
+ address 77.68.120.249
+ address 213.171.213.41
+ address 77.68.119.14
+ address 213.171.215.184
+ address 77.68.77.202
+ address 77.68.25.146
+ address 213.171.213.31
+ address 77.68.77.102
+ address 213.171.210.19
+ address 213.171.213.97
+ address 109.228.48.249
+ address 109.228.40.195
+ address 77.68.127.172
+ address 77.68.79.206
+ address 109.228.56.242
+ address 109.228.46.81
+ address 185.132.38.95
+ address 77.68.116.36
+ address 77.68.120.45
+ address 185.132.37.102
+ address 77.68.13.137
+ address 109.228.36.194
+ address 185.132.36.7
+ address 185.132.36.24
+ address 77.68.77.69
+ address 185.132.39.129
+ address 77.68.87.212
+ address 77.68.76.29
+ address 77.68.76.88
+ address 77.68.76.181
+ address 77.68.76.161
+ address 77.68.85.73
+ address 77.68.76.219
+ address 109.228.38.201
+ address 185.132.39.219
+ address 77.68.28.139
+ address 77.68.81.218
+ address 77.68.4.111
+ address 77.68.77.174
+ address 77.68.117.222
+ address 77.68.76.45
+ address 185.132.40.56
+ address 77.68.75.253
+ address 77.68.10.152
+ address 77.68.73.73
+ address 77.68.77.214
+ address 185.132.38.114
+ address 185.132.40.90
+ address 77.68.79.89
+ address 77.68.76.21
+ address 77.68.75.45
+ address 77.68.24.134
+ address 77.68.32.43
+ address 77.68.80.26
+ address 77.68.17.200
+ address 77.68.80.97
+ address 77.68.74.209
+ address 77.68.77.65
+ address 77.68.33.197
+ address 77.68.5.95
+ address 77.68.23.64
+ address 77.68.5.125
+ address 77.68.100.167
+ address 77.68.4.80
+ address 77.68.49.152
+ address 77.68.48.105
+ address 77.68.48.81
+ address 77.68.49.12
+ address 213.171.212.89
+ address 77.68.76.44
+ address 77.68.77.239
+ address 77.68.77.59
+ address 77.68.126.101
+ address 77.68.76.40
+ address 77.68.114.93
+ address 77.68.50.193
+ address 88.208.197.160
+ address 109.228.36.79
+ address 185.132.38.182
+ address 88.208.196.123
+ address 88.208.215.157
+ address 77.68.76.118
+ address 77.68.103.227
+ address 88.208.196.92
+ address 185.132.39.44
+ address 88.208.198.92
+ address 77.68.126.14
+ address 88.208.196.91
+ address 77.68.100.77
+ address 185.132.37.101
+ address 77.68.76.120
+ address 213.171.212.114
+ address 77.68.34.139
+ address 88.208.215.61
+ address 88.208.212.31
+ address 109.228.53.243
+ address 77.68.103.56
+ address 213.171.214.96
+ address 88.208.198.66
+ address 77.68.77.219
+ address 77.68.4.25
+ address 77.68.7.114
+ address 77.68.77.222
+ address 77.68.112.83
+ address 77.68.77.44
+ address 77.68.72.254
+ address 77.68.78.113
+ address 213.171.212.71
+ address 185.132.40.124
+ address 88.208.197.208
+ address 77.68.77.238
+ address 77.68.79.82
+ }
+ address-group G-8447-TCP {
+ address 172.16.255.254
+ address 77.68.76.104
+ address 77.68.76.105
+ address 77.68.76.127
+ address 77.68.76.136
+ address 77.68.76.141
+ address 77.68.76.148
+ address 77.68.76.150
+ address 77.68.76.158
+ address 77.68.76.187
+ address 77.68.76.195
+ address 77.68.76.197
+ address 77.68.76.20
+ address 77.68.76.209
+ address 77.68.76.22
+ address 77.68.76.231
+ address 77.68.76.235
+ address 77.68.76.239
+ address 77.68.76.245
+ address 77.68.76.25
+ address 77.68.76.252
+ address 77.68.76.33
+ address 77.68.76.37
+ address 77.68.76.57
+ address 77.68.76.61
+ address 77.68.76.74
+ address 77.68.76.93
+ address 77.68.77.100
+ address 77.68.77.103
+ address 77.68.77.107
+ address 77.68.77.108
+ address 77.68.77.117
+ address 77.68.77.128
+ address 77.68.77.130
+ address 77.68.77.137
+ address 77.68.77.139
+ address 77.68.77.141
+ address 77.68.77.151
+ address 77.68.77.159
+ address 77.68.77.176
+ address 77.68.77.190
+ address 77.68.77.200
+ address 77.68.77.201
+ address 77.68.77.207
+ address 77.68.77.211
+ address 77.68.77.22
+ address 77.68.77.227
+ address 77.68.77.240
+ address 77.68.77.247
+ address 77.68.77.253
+ address 77.68.77.32
+ address 77.68.77.37
+ address 77.68.77.49
+ address 77.68.77.50
+ address 77.68.77.56
+ address 77.68.77.68
+ address 77.68.77.81
+ address 77.68.77.85
+ address 77.68.77.88
+ address 77.68.77.92
+ address 77.68.77.99
+ address 77.68.76.211
+ address 77.68.76.19
+ address 77.68.77.192
+ address 77.68.77.254
+ address 77.68.77.157
+ address 77.68.76.138
+ address 77.68.76.139
+ address 77.68.91.195
+ address 77.68.17.26
+ address 109.228.56.185
+ address 77.68.84.147
+ address 77.68.5.187
+ address 77.68.4.24
+ address 77.68.4.74
+ address 77.68.6.202
+ address 77.68.5.241
+ address 77.68.77.74
+ address 77.68.81.44
+ address 77.68.90.106
+ address 77.68.94.181
+ address 77.68.4.136
+ address 77.68.28.145
+ address 77.68.24.112
+ address 77.68.92.186
+ address 77.68.26.216
+ address 77.68.20.231
+ address 77.68.118.17
+ address 77.68.116.119
+ address 77.68.76.142
+ address 77.68.7.172
+ address 77.68.83.41
+ address 77.68.116.221
+ address 77.68.86.40
+ address 77.68.88.164
+ address 109.228.56.26
+ address 77.68.7.123
+ address 77.68.116.220
+ address 109.228.60.215
+ address 77.68.7.186
+ address 77.68.93.246
+ address 77.68.120.241
+ address 77.68.122.195
+ address 77.68.122.89
+ address 77.68.81.141
+ address 77.68.116.52
+ address 77.68.6.105
+ address 77.68.76.229
+ address 77.68.4.252
+ address 77.68.17.186
+ address 77.68.91.128
+ address 77.68.22.146
+ address 77.68.125.32
+ address 109.228.36.229
+ address 77.68.31.144
+ address 77.68.117.142
+ address 109.228.37.174
+ address 109.228.37.114
+ address 77.68.112.75
+ address 77.68.77.160
+ address 109.228.39.249
+ address 77.68.7.67
+ address 77.68.113.117
+ address 77.68.126.51
+ address 77.68.86.148
+ address 77.68.114.183
+ address 109.228.40.194
+ address 77.68.90.132
+ address 77.68.76.96
+ address 77.68.77.30
+ address 77.68.76.95
+ address 77.68.10.170
+ address 109.228.61.31
+ address 77.68.76.59
+ address 77.68.120.249
+ address 213.171.213.41
+ address 213.171.215.184
+ address 77.68.25.146
+ address 213.171.213.31
+ address 77.68.77.102
+ address 213.171.210.19
+ address 213.171.213.97
+ address 109.228.48.249
+ address 77.68.127.172
+ address 77.68.79.206
+ address 109.228.56.242
+ address 109.228.46.81
+ address 185.132.38.95
+ address 77.68.116.36
+ address 109.228.36.194
+ address 185.132.36.7
+ address 185.132.36.24
+ address 77.68.77.69
+ address 185.132.39.129
+ address 77.68.87.212
+ address 77.68.76.88
+ address 77.68.76.181
+ address 77.68.76.219
+ address 185.132.39.219
+ address 77.68.28.139
+ address 77.68.4.111
+ address 77.68.77.174
+ address 77.68.117.222
+ address 77.68.77.231
+ address 77.68.76.45
+ address 185.132.40.56
+ address 77.68.10.152
+ address 77.68.73.73
+ address 77.68.77.214
+ address 185.132.38.114
+ address 185.132.40.90
+ address 77.68.79.89
+ address 77.68.76.21
+ address 77.68.75.45
+ address 77.68.24.134
+ address 77.68.32.43
+ address 77.68.80.26
+ address 77.68.17.200
+ address 77.68.80.97
+ address 77.68.74.209
+ address 77.68.33.197
+ address 77.68.5.95
+ address 77.68.5.125
+ address 77.68.100.167
+ address 77.68.4.80
+ address 77.68.49.152
+ address 77.68.48.105
+ address 77.68.48.81
+ address 77.68.49.12
+ address 213.171.212.89
+ address 77.68.76.44
+ address 77.68.77.239
+ address 77.68.77.59
+ address 77.68.126.101
+ address 77.68.114.93
+ address 77.68.50.193
+ address 88.208.197.160
+ address 109.228.36.79
+ address 185.132.38.182
+ address 88.208.196.123
+ address 88.208.215.157
+ address 77.68.76.118
+ address 77.68.103.227
+ address 88.208.196.92
+ address 185.132.39.44
+ address 88.208.198.92
+ address 77.68.126.14
+ address 88.208.196.91
+ address 77.68.100.77
+ address 185.132.37.101
+ address 77.68.76.120
+ address 213.171.212.114
+ address 77.68.34.139
+ address 88.208.215.61
+ address 88.208.212.31
+ address 109.228.53.243
+ address 77.68.103.56
+ address 213.171.214.96
+ address 88.208.198.66
+ address 77.68.77.219
+ address 77.68.77.204
+ address 77.68.76.48
+ address 77.68.4.25
+ address 77.68.7.114
+ address 77.68.77.222
+ address 77.68.112.83
+ address 77.68.72.254
+ address 77.68.78.113
+ address 213.171.212.71
+ address 185.132.40.124
+ address 88.208.197.208
+ address 77.68.79.82
+ }
+ address-group G-10000-TCP {
+ address 172.16.255.254
+ address 77.68.76.177
+ address 77.68.76.54
+ address 77.68.30.133
+ address 77.68.76.114
+ address 77.68.11.140
+ address 77.68.76.112
+ address 77.68.78.113
+ }
+ address-group LAN_ADDRESSES {
+ address 10.255.255.2
+ address 10.255.255.3
+ }
+ address-group MANAGEMENT_ADDRESSES {
+ address 82.223.200.175
+ address 82.223.200.177
+ }
+ address-group NAGIOS_PROBES {
+ address 77.68.76.16
+ address 77.68.77.16
+ }
+ address-group NAS_ARRAYS {
+ address 10.7.197.251
+ address 10.7.197.252
+ address 10.7.197.253
+ address 10.7.197.254
+ }
+ address-group NAS_DOMAIN_CONTROLLERS {
+ address 10.7.197.16
+ address 10.7.197.17
+ }
+ address-group NLB_ADDRESSES {
+ address 109.228.63.15
+ address 109.228.63.16
+ address 109.228.63.132
+ address 109.228.63.133
+ }
+ network-group NAS_NETWORKS {
+ network 10.7.197.0/24
+ }
+ network-group RFC1918 {
+ network 10.0.0.0/8
+ network 172.16.0.0/12
+ network 192.168.0.0/16
+ }
+ network-group TRANSFER_NETS {
+ network 109.228.63.128/25
+ }
+ }
+ ipv6-receive-redirects disable
+ ipv6-src-route disable
+ ip-src-route disable
+ log-martians enable
+ name LAN-INBOUND {
+ default-action drop
+ rule 10 {
+ action drop
+ description "Anti-spoofing non-cluster addresses"
+ source {
+ group {
+ address-group !CLUSTER_ADDRESSES
+ }
+ }
+ }
+ rule 20 {
+ action drop
+ description "Drop traffic to datacenter transfer net"
+ destination {
+ group {
+ network-group TRANSFER_NETS
+ }
+ }
+ source {
+ group {
+ address-group CLUSTER_ADDRESSES
+ }
+ }
+ }
+ rule 400 {
+ action drop
+ description Anti-spoofing_10.255.255.2
+ source {
+ address 10.255.255.2
+ mac-address !00:50:56:af:61:20
+ }
+ }
+ rule 401 {
+ action drop
+ description Anti-spoofing_77.68.126.51
+ source {
+ address 77.68.126.51
+ mac-address !00:50:56:03:df:06
+ }
+ }
+ rule 402 {
+ action drop
+ description Anti-spoofing_109.228.36.37
+ source {
+ address 109.228.36.37
+ mac-address !00:50:56:38:c4:2c
+ }
+ }
+ rule 403 {
+ action drop
+ description Anti-spoofing_77.68.117.214
+ source {
+ address 77.68.117.214
+ mac-address !00:50:56:00:28:c3
+ }
+ }
+ rule 404 {
+ action drop
+ description Anti-spoofing_77.68.127.172
+ source {
+ address 77.68.127.172
+ mac-address !00:50:56:08:ce:ec
+ }
+ }
+ rule 405 {
+ action drop
+ description Anti-spoofing_77.68.117.142
+ source {
+ address 77.68.117.142
+ mac-address !00:50:56:1a:02:40
+ }
+ }
+ rule 406 {
+ action drop
+ description Anti-spoofing_77.68.14.88
+ source {
+ address 77.68.14.88
+ mac-address !00:50:56:3c:79:85
+ }
+ }
+ rule 407 {
+ action drop
+ description Anti-spoofing_77.68.17.200
+ source {
+ address 77.68.17.200
+ mac-address !00:50:56:0c:1b:57
+ }
+ }
+ rule 408 {
+ action drop
+ description Anti-spoofing_77.68.120.229
+ source {
+ address 77.68.120.229
+ mac-address !00:50:56:18:af:65
+ }
+ }
+ rule 410 {
+ action drop
+ description Anti-spoofing_10.255.255.3
+ source {
+ address 10.255.255.3
+ mac-address !00:50:56:af:cd:42
+ }
+ }
+ rule 411 {
+ action drop
+ description Anti-spoofing_77.68.4.242
+ source {
+ address 77.68.4.242
+ mac-address !00:50:56:25:d9:34
+ }
+ }
+ rule 412 {
+ action drop
+ description Anti-spoofing_77.68.113.117
+ source {
+ address 77.68.113.117
+ mac-address !00:50:56:36:ea:1d
+ }
+ }
+ rule 413 {
+ action drop
+ description Anti-spoofing_213.171.213.242
+ source {
+ address 213.171.213.242
+ mac-address !00:50:56:29:dd:5c
+ }
+ }
+ rule 414 {
+ action drop
+ description Anti-spoofing_77.68.86.148
+ source {
+ address 77.68.86.148
+ mac-address !00:50:56:01:91:19
+ }
+ }
+ rule 418 {
+ action drop
+ description Anti-spoofing_213.171.212.203
+ source {
+ address 213.171.212.203
+ mac-address !00:50:56:01:c3:39
+ }
+ }
+ rule 419 {
+ action drop
+ description Anti-spoofing_77.68.114.234
+ source {
+ address 77.68.114.234
+ mac-address !00:50:56:1b:72:cd
+ }
+ }
+ rule 420 {
+ action drop
+ description Anti-spoofing_10.255.255.4
+ source {
+ address 10.255.255.4
+ mac-address !00:50:56:af:09:7d
+ }
+ }
+ rule 421 {
+ action drop
+ description Anti-spoofing_213.171.212.171
+ source {
+ address 213.171.212.171
+ mac-address !00:50:56:12:54:58
+ }
+ }
+ rule 422 {
+ action drop
+ description Anti-spoofing_77.68.114.183
+ source {
+ address 77.68.114.183
+ mac-address !00:50:56:3d:9b:eb
+ }
+ }
+ rule 423 {
+ action drop
+ description Anti-spoofing_213.171.213.41
+ source {
+ address 213.171.213.41
+ mac-address !00:50:56:2a:ef:a2
+ }
+ }
+ rule 424 {
+ action drop
+ description Anti-spoofing_77.68.90.132
+ source {
+ address 77.68.90.132
+ mac-address !00:50:56:28:04:1e
+ }
+ }
+ rule 425 {
+ action drop
+ description Anti-spoofing_10.255.255.5
+ source {
+ address 10.255.255.5
+ mac-address !00:50:56:af:3b:bb
+ }
+ }
+ rule 426 {
+ action drop
+ description Anti-spoofing_213.171.213.175
+ source {
+ address 213.171.213.175
+ mac-address !00:50:56:0d:d4:b1
+ }
+ }
+ rule 427 {
+ action drop
+ description Anti-spoofing_109.228.39.151
+ source {
+ address 109.228.39.151
+ mac-address !00:50:56:39:67:8d
+ }
+ }
+ rule 428 {
+ action drop
+ description Anti-spoofing_77.68.112.167
+ source {
+ address 77.68.112.167
+ mac-address !00:50:56:32:24:c9
+ }
+ }
+ rule 429 {
+ action drop
+ description Anti-spoofing_109.228.40.194
+ source {
+ address 109.228.40.194
+ mac-address !00:50:56:19:49:71
+ }
+ }
+ rule 430 {
+ action drop
+ description Anti-spoofing_77.68.76.12
+ source {
+ address 77.68.76.12
+ mac-address !00:50:56:af:09:7d
+ }
+ }
+ rule 431 {
+ action drop
+ description Anti-spoofing_213.171.213.97
+ source {
+ address 213.171.213.97
+ mac-address !00:50:56:15:d9:89
+ }
+ }
+ rule 432 {
+ action drop
+ description Anti-spoofing_77.68.16.247
+ source {
+ address 77.68.16.247
+ mac-address !00:50:56:01:49:07
+ }
+ }
+ rule 433 {
+ action drop
+ description Anti-spoofing_77.68.33.48
+ source {
+ address 77.68.33.48
+ mac-address !00:50:56:11:0e:07
+ }
+ }
+ rule 434 {
+ action drop
+ description Anti-spoofing_77.68.6.110
+ source {
+ address 77.68.6.110
+ mac-address !00:50:56:31:76:8a
+ }
+ }
+ rule 435 {
+ action drop
+ description Anti-spoofing_77.68.77.12
+ source {
+ address 77.68.77.12
+ mac-address !00:50:56:af:3b:bb
+ }
+ }
+ rule 436 {
+ action drop
+ description Anti-spoofing_213.171.215.252
+ source {
+ address 213.171.215.252
+ mac-address !00:50:56:11:88:0a
+ }
+ }
+ rule 437 {
+ action drop
+ description Anti-spoofing_88.208.197.208
+ source {
+ address 88.208.197.208
+ mac-address !00:50:56:1d:97:93
+ }
+ }
+ rule 438 {
+ action drop
+ description Anti-spoofing_213.171.212.89
+ source {
+ address 213.171.212.89
+ mac-address !00:50:56:36:8d:bf
+ }
+ }
+ rule 439 {
+ action drop
+ description Anti-spoofing_77.68.93.125
+ source {
+ address 77.68.93.125
+ mac-address !00:50:56:19:f1:6f
+ }
+ }
+ rule 440 {
+ action drop
+ description Anti-spoofing_probe_77.68.76.16
+ source {
+ address 77.68.76.16
+ mac-address !00:50:56:aa:48:d4
+ }
+ }
+ rule 441 {
+ action drop
+ description Anti-spoofing_213.171.214.96
+ source {
+ address 213.171.214.96
+ mac-address !00:50:56:0c:45:b5
+ }
+ }
+ rule 442 {
+ action drop
+ description Anti-spoofing_77.68.76.176
+ source {
+ address 77.68.76.176
+ mac-address !00:50:56:2b:e6:f7
+ }
+ }
+ rule 444 {
+ action drop
+ description Anti-spoofing_213.171.212.172
+ source {
+ address 213.171.212.172
+ mac-address !00:50:56:35:ab:43
+ }
+ }
+ rule 446 {
+ action drop
+ description Anti-spoofing_185.132.38.95
+ source {
+ address 185.132.38.95
+ mac-address !00:50:56:07:a6:f7
+ }
+ }
+ rule 447 {
+ action drop
+ description Anti-spoofing_185.132.38.248
+ source {
+ address 185.132.38.248
+ mac-address !00:50:56:19:e5:16
+ }
+ }
+ rule 448 {
+ action drop
+ description Anti-spoofing_109.228.52.186
+ source {
+ address 109.228.52.186
+ mac-address !00:50:56:20:80:4f
+ }
+ }
+ rule 449 {
+ action drop
+ description Anti-spoofing_213.171.213.31
+ source {
+ address 213.171.213.31
+ mac-address !00:50:56:34:e3:61
+ }
+ }
+ rule 450 {
+ action drop
+ description Anti-spoofing_probe_77.68.77.16
+ source {
+ address 77.68.77.16
+ mac-address !00:50:56:aa:4a:32
+ }
+ }
+ rule 451 {
+ action drop
+ description Anti-spoofing_213.171.210.59
+ source {
+ address 213.171.210.59
+ mac-address !00:50:56:10:74:b6
+ }
+ }
+ rule 452 {
+ action drop
+ description Anti-spoofing_185.132.36.7
+ source {
+ address 185.132.36.7
+ mac-address !00:50:56:17:24:16
+ }
+ }
+ rule 453 {
+ action drop
+ description Anti-spoofing_213.171.212.71
+ source {
+ address 213.171.212.71
+ mac-address !00:50:56:1d:50:e0
+ }
+ }
+ rule 454 {
+ action drop
+ description Anti-spoofing_213.171.208.58
+ source {
+ address 213.171.208.58
+ mac-address !00:50:56:05:1c:70
+ }
+ }
+ rule 455 {
+ action drop
+ description Anti-spoofing_77.68.77.69
+ source {
+ address 77.68.77.69
+ mac-address !00:50:56:17:f9:d1
+ }
+ }
+ rule 456 {
+ action drop
+ description Anti-spoofing_77.68.25.130
+ source {
+ address 77.68.25.130
+ mac-address !00:50:56:3c:92:ff
+ }
+ }
+ rule 457 {
+ action drop
+ description Anti-spoofing_213.171.215.184
+ source {
+ address 213.171.215.184
+ mac-address !00:50:56:18:84:ff
+ }
+ }
+ rule 458 {
+ action drop
+ description Anti-spoofing_77.68.74.39
+ source {
+ address 77.68.74.39
+ mac-address !00:50:56:0a:41:ee
+ }
+ }
+ rule 459 {
+ action drop
+ description Anti-spoofing_109.228.56.242
+ source {
+ address 109.228.56.242
+ mac-address !00:50:56:28:8c:ff
+ }
+ }
+ rule 460 {
+ action drop
+ description Anti-spoofing_77.68.76.13
+ source {
+ address 77.68.76.13
+ mac-address !00:50:56:8f:62:1e
+ }
+ }
+ rule 461 {
+ action drop
+ description Anti-spoofing_77.68.13.76
+ source {
+ address 77.68.13.76
+ mac-address !00:50:56:2c:c7:38
+ }
+ }
+ rule 462 {
+ action drop
+ description Anti-spoofing_77.68.119.188
+ source {
+ address 77.68.119.188
+ mac-address !00:50:56:02:1c:16
+ }
+ }
+ rule 463 {
+ action drop
+ description Anti-spoofing_109.228.46.81
+ source {
+ address 109.228.46.81
+ mac-address !00:50:56:31:1f:8a
+ }
+ }
+ rule 464 {
+ action drop
+ description Anti-spoofing_77.68.25.146
+ source {
+ address 77.68.25.146
+ mac-address !00:50:56:07:cc:76
+ }
+ }
+ rule 465 {
+ action drop
+ description Anti-spoofing_77.68.76.14
+ source {
+ address 77.68.76.14
+ mac-address !00:50:56:8f:6a:24
+ }
+ }
+ rule 466 {
+ action drop
+ description Anti-spoofing_77.68.116.36
+ source {
+ address 77.68.116.36
+ mac-address !00:50:56:1c:c9:83
+ }
+ }
+ rule 467 {
+ action drop
+ description Anti-spoofing_185.132.43.113
+ source {
+ address 185.132.43.113
+ mac-address !00:50:56:22:79:ac
+ }
+ }
+ rule 468 {
+ action drop
+ description Anti-spoofing_213.171.210.19
+ source {
+ address 213.171.210.19
+ mac-address !00:50:56:32:6c:19
+ }
+ }
+ rule 469 {
+ action drop
+ description Anti-spoofing_77.68.113.164
+ source {
+ address 77.68.113.164
+ mac-address !00:50:56:07:28:41
+ }
+ }
+ rule 470 {
+ action drop
+ description Anti-spoofing_77.68.77.13
+ source {
+ address 77.68.77.13
+ mac-address !00:50:56:8f:62:1e
+ }
+ }
+ rule 471 {
+ action drop
+ description Anti-spoofing_213.171.211.128
+ source {
+ address 213.171.211.128
+ mac-address !00:50:56:37:b2:85
+ }
+ }
+ rule 472 {
+ action drop
+ description Anti-spoofing_77.68.120.45
+ source {
+ address 77.68.120.45
+ mac-address !00:50:56:13:5e:ca
+ }
+ }
+ rule 473 {
+ action drop
+ description Anti-spoofing_77.68.25.124
+ source {
+ address 77.68.25.124
+ mac-address !00:50:56:2f:27:08
+ }
+ }
+ rule 474 {
+ action drop
+ description Anti-spoofing_77.68.33.68
+ source {
+ address 77.68.33.68
+ mac-address !00:50:56:1c:96:48
+ }
+ }
+ rule 475 {
+ action drop
+ description Anti-spoofing_77.68.77.14
+ source {
+ address 77.68.77.14
+ mac-address !00:50:56:8f:6a:24
+ }
+ }
+ rule 476 {
+ action drop
+ description Anti-spoofing_109.228.48.249
+ source {
+ address 109.228.48.249
+ mac-address !00:50:56:06:32:ac
+ }
+ }
+ rule 477 {
+ action drop
+ description Anti-spoofing_109.228.40.195
+ source {
+ address 109.228.40.195
+ mac-address !00:50:56:21:46:3e
+ }
+ }
+ rule 478 {
+ action drop
+ description Anti-spoofing_213.171.215.43
+ source {
+ address 213.171.215.43
+ mac-address !00:50:56:24:c0:53
+ }
+ }
+ rule 479 {
+ action drop
+ description Anti-spoofing_185.132.37.101
+ source {
+ address 185.132.37.101
+ mac-address !00:50:56:2c:08:73
+ }
+ }
+ rule 480 {
+ action drop
+ description Anti-spoofing_109.228.53.243
+ source {
+ address 109.228.53.243
+ mac-address !00:50:56:31:d1:1a
+ }
+ }
+ rule 481 {
+ action drop
+ description Anti-spoofing_77.68.81.218
+ source {
+ address 77.68.81.218
+ mac-address !00:50:56:03:e1:62
+ }
+ }
+ rule 482 {
+ action drop
+ description Anti-spoofing_77.68.102.5
+ source {
+ address 77.68.102.5
+ mac-address !00:50:56:12:a3:05
+ }
+ }
+ rule 483 {
+ action drop
+ description Anti-spoofing_77.68.114.93
+ source {
+ address 77.68.114.93
+ mac-address !00:50:56:3c:d8:18
+ }
+ }
+ rule 485 {
+ action drop
+ description Anti-spoofing_77.68.76.137
+ source {
+ address 77.68.76.137
+ mac-address !00:50:56:25:38:78
+ }
+ }
+ rule 486 {
+ action drop
+ description Anti-spoofing_77.68.75.253
+ source {
+ address 77.68.75.253
+ mac-address !00:50:56:32:f9:d7
+ }
+ }
+ rule 487 {
+ action drop
+ description Anti-spoofing_77.68.6.119
+ source {
+ address 77.68.6.119
+ mac-address !00:50:56:2a:06:e0
+ }
+ }
+ rule 488 {
+ action drop
+ description Anti-spoofing_185.132.39.68
+ source {
+ address 185.132.39.68
+ mac-address !00:50:56:22:2e:b5
+ }
+ }
+ rule 489 {
+ action drop
+ description Anti-spoofing_77.68.5.95
+ source {
+ address 77.68.5.95
+ mac-address !00:50:56:34:d6:94
+ }
+ }
+ rule 490 {
+ action drop
+ description Anti-spoofing_109.228.36.194
+ source {
+ address 109.228.36.194
+ mac-address !00:50:56:02:d4:bb
+ }
+ }
+ rule 491 {
+ action drop
+ description Anti-spoofing_77.68.34.50
+ source {
+ address 77.68.34.50
+ mac-address !00:50:56:07:df:24
+ }
+ }
+ rule 492 {
+ action drop
+ description Anti-spoofing_77.68.27.18
+ source {
+ address 77.68.27.18
+ mac-address !00:50:56:1c:9d:9e
+ }
+ }
+ rule 493 {
+ action drop
+ description Anti-spoofing_77.68.28.147
+ source {
+ address 77.68.28.147
+ mac-address !00:50:56:29:e0:70
+ }
+ }
+ rule 494 {
+ action drop
+ description Anti-spoofing_77.68.123.250
+ source {
+ address 77.68.123.250
+ mac-address !00:50:56:0d:49:c0
+ }
+ }
+ rule 495 {
+ action drop
+ description Anti-spoofing_185.132.39.129
+ source {
+ address 185.132.39.129
+ mac-address !00:50:56:29:5a:4c
+ }
+ }
+ rule 496 {
+ action drop
+ description Anti-spoofing_185.132.36.24
+ source {
+ address 185.132.36.24
+ mac-address !00:50:56:12:df:2d
+ }
+ }
+ rule 497 {
+ action drop
+ description Anti-spoofing_185.132.38.114
+ source {
+ address 185.132.38.114
+ mac-address !00:50:56:1d:ce:df
+ }
+ }
+ rule 498 {
+ action drop
+ description Anti-spoofing_185.132.36.148
+ source {
+ address 185.132.36.148
+ mac-address !00:50:56:04:d1:7e
+ }
+ }
+ rule 499 {
+ action drop
+ description Anti-spoofing_185.132.36.142
+ source {
+ address 185.132.36.142
+ mac-address !00:50:56:13:22:d1
+ }
+ }
+ rule 500 {
+ action drop
+ description Anti-spoofing_77.68.77.67
+ source {
+ address 77.68.77.67
+ mac-address !00:50:56:26:3e:0a
+ }
+ }
+ rule 501 {
+ action drop
+ description Anti-spoofing_185.132.39.44
+ source {
+ address 185.132.39.44
+ mac-address !00:50:56:32:a0:22
+ }
+ }
+ rule 502 {
+ action drop
+ description Anti-spoofing_77.68.76.114
+ source {
+ address 77.68.76.114
+ mac-address !00:50:56:32:42:42
+ }
+ }
+ rule 503 {
+ action drop
+ description Anti-spoofing_77.68.77.103
+ source {
+ address 77.68.77.103
+ mac-address !00:50:56:1e:6d:9b
+ }
+ }
+ rule 504 {
+ action drop
+ description Anti-spoofing_77.68.77.130
+ source {
+ address 77.68.77.130
+ mac-address !00:50:56:24:79:76
+ }
+ }
+ rule 505 {
+ action drop
+ description Anti-spoofing_77.68.76.245
+ source {
+ address 77.68.76.245
+ mac-address !00:50:56:1d:0f:83
+ }
+ }
+ rule 506 {
+ action drop
+ description Anti-spoofing_77.68.118.17
+ source {
+ address 77.68.118.17
+ mac-address !00:50:56:18:d3:d1
+ }
+ }
+ rule 507 {
+ action drop
+ description Anti-spoofing_77.68.79.82
+ source {
+ address 77.68.79.82
+ mac-address !00:50:56:22:e9:9e
+ }
+ }
+ rule 509 {
+ action drop
+ description Anti-spoofing_77.68.77.85
+ source {
+ address 77.68.77.85
+ mac-address !00:50:56:1d:40:33
+ }
+ }
+ rule 510 {
+ action drop
+ description Anti-spoofing_77.68.76.45
+ source {
+ address 77.68.76.45
+ mac-address !00:50:56:18:dc:fe
+ }
+ }
+ rule 511 {
+ action drop
+ description Anti-spoofing_77.68.77.144
+ source {
+ address 77.68.77.144
+ mac-address !00:50:56:3c:9a:1a
+ }
+ }
+ rule 512 {
+ action drop
+ description Anti-spoofing_77.68.77.105
+ source {
+ address 77.68.77.105
+ mac-address !00:50:56:1f:f9:c9
+ }
+ }
+ rule 513 {
+ action drop
+ description Anti-spoofing_77.68.12.250
+ source {
+ address 77.68.12.250
+ mac-address !00:50:56:3e:06:ca
+ }
+ }
+ rule 514 {
+ action drop
+ description Anti-spoofing_77.68.76.76
+ source {
+ address 77.68.76.76
+ mac-address !00:50:56:03:1f:db
+ }
+ }
+ rule 515 {
+ action drop
+ description Anti-spoofing_185.132.36.17
+ source {
+ address 185.132.36.17
+ mac-address !00:50:56:36:7a:94
+ }
+ }
+ rule 516 {
+ action drop
+ description Anti-spoofing_77.68.76.122
+ source {
+ address 77.68.76.122
+ mac-address !00:50:56:20:3d:43
+ }
+ }
+ rule 517 {
+ action drop
+ description Anti-spoofing_77.68.76.104
+ source {
+ address 77.68.76.104
+ mac-address !00:50:56:3c:80:ff
+ }
+ }
+ rule 518 {
+ action drop
+ description Anti-spoofing_77.68.114.136
+ source {
+ address 77.68.114.136
+ mac-address !00:50:56:38:34:6e
+ }
+ }
+ rule 519 {
+ action drop
+ description Anti-spoofing_77.68.77.115
+ source {
+ address 77.68.77.115
+ mac-address !00:50:56:2c:ad:ee
+ }
+ }
+ rule 520 {
+ action drop
+ description Anti-spoofing_77.68.77.178
+ source {
+ address 77.68.77.178
+ mac-address !00:50:56:14:c1:42
+ }
+ }
+ rule 521 {
+ action drop
+ description Anti-spoofing_77.68.76.239
+ source {
+ address 77.68.76.239
+ mac-address !00:50:56:0d:5a:47
+ }
+ }
+ rule 522 {
+ action drop
+ description Anti-spoofing_77.68.87.164
+ source {
+ address 77.68.87.164
+ mac-address !00:50:56:11:19:46
+ }
+ }
+ rule 523 {
+ action drop
+ description Anti-spoofing_77.68.15.95
+ source {
+ address 77.68.15.95
+ mac-address !00:50:56:16:04:4e
+ }
+ }
+ rule 524 {
+ action drop
+ description Anti-spoofing_77.68.4.39
+ source {
+ address 77.68.4.39
+ mac-address !00:50:56:06:57:b6
+ }
+ }
+ rule 525 {
+ action drop
+ description Anti-spoofing_77.68.76.30
+ source {
+ address 77.68.76.30
+ mac-address !00:50:56:25:b8:e3
+ }
+ }
+ rule 526 {
+ action drop
+ description Anti-spoofing_77.68.77.249
+ source {
+ address 77.68.77.249
+ mac-address !00:50:56:36:5f:b3
+ }
+ }
+ rule 527 {
+ action drop
+ description Anti-spoofing_77.68.76.59
+ source {
+ address 77.68.76.59
+ mac-address !00:50:56:06:e8:bb
+ }
+ }
+ rule 528 {
+ action drop
+ description Anti-spoofing_77.68.8.144
+ source {
+ address 77.68.8.144
+ mac-address !00:50:56:28:58:e5
+ }
+ }
+ rule 529 {
+ action drop
+ description Anti-spoofing_77.68.77.44
+ source {
+ address 77.68.77.44
+ mac-address !00:50:56:31:c0:9d
+ }
+ }
+ rule 530 {
+ action drop
+ description Anti-spoofing_77.68.77.200
+ source {
+ address 77.68.77.200
+ mac-address !00:50:56:15:2e:a4
+ }
+ }
+ rule 531 {
+ action drop
+ description Anti-spoofing_77.68.77.228
+ source {
+ address 77.68.77.228
+ mac-address !00:50:56:23:e4:44
+ }
+ }
+ rule 532 {
+ action drop
+ description Anti-spoofing_77.68.4.25
+ source {
+ address 77.68.4.25
+ mac-address !00:50:56:33:0d:5e
+ }
+ }
+ rule 534 {
+ action drop
+ description Anti-spoofing_77.68.76.191
+ source {
+ address 77.68.76.191
+ mac-address !00:50:56:10:72:7c
+ }
+ }
+ rule 535 {
+ action drop
+ description Anti-spoofing_77.68.117.29
+ source {
+ address 77.68.117.29
+ mac-address !00:50:56:0c:e4:e3
+ }
+ }
+ rule 536 {
+ action drop
+ description Anti-spoofing_213.171.212.90
+ source {
+ address 213.171.212.90
+ mac-address !00:50:56:35:fc:da
+ }
+ }
+ rule 537 {
+ action drop
+ description Anti-spoofing_77.68.76.102
+ source {
+ address 77.68.76.102
+ mac-address !00:50:56:35:87:43
+ }
+ }
+ rule 538 {
+ action drop
+ description Anti-spoofing_185.132.39.37
+ source {
+ address 185.132.39.37
+ mac-address !00:50:56:21:72:64
+ }
+ }
+ rule 539 {
+ action drop
+ description Anti-spoofing_185.132.38.142
+ source {
+ address 185.132.38.142
+ mac-address !00:50:56:09:e8:30
+ }
+ }
+ rule 540 {
+ action drop
+ description Anti-spoofing_77.68.77.26
+ source {
+ address 77.68.77.26
+ mac-address !00:50:56:10:ec:c2
+ }
+ }
+ rule 541 {
+ action drop
+ description Anti-spoofing_77.68.76.152
+ source {
+ address 77.68.76.152
+ mac-address !00:50:56:2b:79:48
+ }
+ }
+ rule 542 {
+ action drop
+ description Anti-spoofing_185.132.37.83
+ source {
+ address 185.132.37.83
+ mac-address !00:50:56:09:b3:41
+ }
+ }
+ rule 543 {
+ action drop
+ description Anti-spoofing_77.68.77.212
+ source {
+ address 77.68.77.212
+ mac-address !00:50:56:07:ab:f2
+ }
+ }
+ rule 544 {
+ action drop
+ description Anti-spoofing_77.68.75.64
+ source {
+ address 77.68.75.64
+ mac-address !00:50:56:07:e2:85
+ }
+ }
+ rule 546 {
+ action drop
+ description Anti-spoofing_77.68.85.73
+ source {
+ address 77.68.85.73
+ mac-address !00:50:56:14:68:9c
+ }
+ }
+ rule 547 {
+ action drop
+ description Anti-spoofing_77.68.116.119
+ source {
+ address 77.68.116.119
+ mac-address !00:50:56:0f:68:91
+ }
+ }
+ rule 548 {
+ action drop
+ description Anti-spoofing_77.68.76.142
+ source {
+ address 77.68.76.142
+ mac-address !50:9a:4c:74:07:ea
+ }
+ }
+ rule 549 {
+ action drop
+ description Anti-spoofing_77.68.76.211
+ source {
+ address 77.68.76.211
+ mac-address !00:50:56:18:9d:15
+ }
+ }
+ rule 550 {
+ action drop
+ description Anti-spoofing_77.68.76.60
+ source {
+ address 77.68.76.60
+ mac-address !00:50:56:2b:07:02
+ }
+ }
+ rule 551 {
+ action drop
+ description Anti-spoofing_77.68.77.253
+ source {
+ address 77.68.77.253
+ mac-address !00:50:56:30:a5:77
+ }
+ }
+ rule 552 {
+ action drop
+ description Anti-spoofing_77.68.75.245
+ source {
+ address 77.68.75.245
+ mac-address !00:50:56:12:00:e9
+ }
+ }
+ rule 553 {
+ action drop
+ description Anti-spoofing_185.132.37.102
+ source {
+ address 185.132.37.102
+ mac-address !00:50:56:3d:ae:26
+ }
+ }
+ rule 554 {
+ action drop
+ description Anti-spoofing_77.68.120.31
+ source {
+ address 77.68.120.31
+ mac-address !00:50:56:1f:29:84
+ }
+ }
+ rule 555 {
+ action drop
+ description Anti-spoofing_77.68.76.54
+ source {
+ address 77.68.76.54
+ mac-address !00:50:56:30:b4:74
+ }
+ }
+ rule 556 {
+ action drop
+ description Anti-spoofing_88.208.196.154
+ source {
+ address 88.208.196.154
+ mac-address !00:50:56:14:6f:a8
+ }
+ }
+ rule 557 {
+ action drop
+ description Anti-spoofing_185.132.40.152
+ source {
+ address 185.132.40.152
+ mac-address !00:50:56:24:25:3c
+ }
+ }
+ rule 558 {
+ action drop
+ description Anti-spoofing_77.68.76.33
+ source {
+ address 77.68.76.33
+ mac-address !00:50:56:3c:9b:bc
+ }
+ }
+ rule 559 {
+ action drop
+ description Anti-spoofing_77.68.12.195
+ source {
+ address 77.68.12.195
+ mac-address !00:50:56:3d:52:1a
+ }
+ }
+ rule 560 {
+ action drop
+ description Anti-spoofing_77.68.77.114
+ source {
+ address 77.68.77.114
+ mac-address !00:50:56:06:80:89
+ }
+ }
+ rule 561 {
+ action drop
+ description Anti-spoofing_77.68.77.176
+ source {
+ address 77.68.77.176
+ mac-address !00:50:56:3e:2b:da
+ }
+ }
+ rule 562 {
+ action drop
+ description Anti-spoofing_109.228.40.222
+ source {
+ address 109.228.40.222
+ mac-address !00:50:56:0a:dc:63
+ }
+ }
+ rule 563 {
+ action drop
+ description Anti-spoofing_77.68.77.219
+ source {
+ address 77.68.77.219
+ mac-address !00:50:56:13:82:67
+ }
+ }
+ rule 564 {
+ action drop
+ description Anti-spoofing_77.68.77.19
+ source {
+ address 77.68.77.19
+ mac-address !00:50:56:36:e3:b1
+ }
+ }
+ rule 565 {
+ action drop
+ description Anti-spoofing_77.68.74.85
+ source {
+ address 77.68.74.85
+ mac-address !00:50:56:13:b7:2d
+ }
+ }
+ rule 566 {
+ action drop
+ description Anti-spoofing_77.68.116.221
+ source {
+ address 77.68.116.221
+ mac-address !00:50:56:24:67:bd
+ }
+ }
+ rule 567 {
+ action drop
+ description Anti-spoofing_77.68.77.22
+ source {
+ address 77.68.77.22
+ mac-address !00:50:56:07:09:ae
+ }
+ }
+ rule 568 {
+ action drop
+ description Anti-spoofing_77.68.112.184
+ source {
+ address 77.68.112.184
+ mac-address !00:50:56:2a:db:d3
+ }
+ }
+ rule 569 {
+ action drop
+ description Anti-spoofing_77.68.77.248
+ source {
+ address 77.68.77.248
+ mac-address !00:50:56:18:03:92
+ }
+ }
+ rule 570 {
+ action drop
+ description Anti-spoofing_77.68.76.161
+ source {
+ address 77.68.76.161
+ mac-address !00:50:56:34:57:75
+ }
+ }
+ rule 571 {
+ action drop
+ description Anti-spoofing_77.68.77.56
+ source {
+ address 77.68.77.56
+ mac-address !00:50:56:38:22:ae
+ }
+ }
+ rule 572 {
+ action drop
+ description Anti-spoofing_77.68.77.129
+ source {
+ address 77.68.77.129
+ mac-address !00:50:56:08:d9:20
+ }
+ }
+ rule 573 {
+ action drop
+ description Anti-spoofing_77.68.77.205
+ source {
+ address 77.68.77.205
+ mac-address !00:50:56:35:f1:c3
+ }
+ }
+ rule 574 {
+ action drop
+ description Anti-spoofing_77.68.77.140
+ source {
+ address 77.68.77.140
+ mac-address !00:50:56:1b:2d:c7
+ }
+ }
+ rule 575 {
+ action drop
+ description Anti-spoofing_77.68.120.146
+ source {
+ address 77.68.120.146
+ mac-address !00:50:56:0d:fb:7b
+ }
+ }
+ rule 576 {
+ action drop
+ description Anti-spoofing_77.68.78.73
+ source {
+ address 77.68.78.73
+ mac-address !00:50:56:14:4b:f4
+ }
+ }
+ rule 577 {
+ action drop
+ description Anti-spoofing_77.68.76.177
+ source {
+ address 77.68.76.177
+ mac-address !00:50:56:26:ac:11
+ }
+ }
+ rule 578 {
+ action drop
+ description Anti-spoofing_77.68.77.117
+ source {
+ address 77.68.77.117
+ mac-address !00:50:56:09:4d:ce
+ }
+ }
+ rule 579 {
+ action drop
+ description Anti-spoofing_77.68.77.108
+ source {
+ address 77.68.77.108
+ mac-address !00:50:56:3a:b7:59
+ }
+ }
+ rule 580 {
+ action drop
+ description Anti-spoofing_77.68.7.222
+ source {
+ address 77.68.7.222
+ mac-address !00:50:56:36:cc:37
+ }
+ }
+ rule 581 {
+ action drop
+ description Anti-spoofing_77.68.76.50
+ source {
+ address 77.68.76.50
+ mac-address !00:50:56:34:78:88
+ }
+ }
+ rule 582 {
+ action drop
+ description Anti-spoofing_77.68.77.192
+ source {
+ address 77.68.77.192
+ mac-address !00:50:56:0f:eb:a4
+ }
+ }
+ rule 583 {
+ action drop
+ description Anti-spoofing_77.68.76.217
+ source {
+ address 77.68.76.217
+ mac-address !00:50:56:29:6d:a9
+ }
+ }
+ rule 584 {
+ action drop
+ description Anti-spoofing_77.68.92.186
+ source {
+ address 77.68.92.186
+ mac-address !00:50:56:08:8b:d0
+ }
+ }
+ rule 585 {
+ action drop
+ description Anti-spoofing_77.68.76.165
+ source {
+ address 77.68.76.165
+ mac-address !00:50:56:19:74:17
+ }
+ }
+ rule 586 {
+ action drop
+ description Anti-spoofing_77.68.91.22
+ source {
+ address 77.68.91.22
+ mac-address !00:50:56:2e:2c:cb
+ }
+ }
+ rule 587 {
+ action drop
+ description Anti-spoofing_77.68.77.160
+ source {
+ address 77.68.77.160
+ mac-address !00:50:56:27:75:65
+ }
+ }
+ rule 588 {
+ action drop
+ description Anti-spoofing_77.68.77.30
+ source {
+ address 77.68.77.30
+ mac-address !00:50:56:3b:95:8f
+ }
+ }
+ rule 589 {
+ action drop
+ description Anti-spoofing_77.68.77.21
+ source {
+ address 77.68.77.21
+ mac-address !00:50:56:34:cd:82
+ }
+ }
+ rule 590 {
+ action drop
+ description Anti-spoofing_77.68.76.29
+ source {
+ address 77.68.76.29
+ mac-address !00:50:56:2f:a3:ef
+ }
+ }
+ rule 591 {
+ action drop
+ description Anti-spoofing_213.171.212.136
+ source {
+ address 213.171.212.136
+ mac-address !00:50:56:19:fb:be
+ }
+ }
+ rule 592 {
+ action drop
+ description Anti-spoofing_77.68.76.158
+ source {
+ address 77.68.76.158
+ mac-address !00:50:56:36:97:69
+ }
+ }
+ rule 593 {
+ action drop
+ description Anti-spoofing_77.68.76.203
+ source {
+ address 77.68.76.203
+ mac-address !00:50:56:2f:48:47
+ }
+ }
+ rule 594 {
+ action drop
+ description Anti-spoofing_77.68.77.243
+ source {
+ address 77.68.77.243
+ mac-address !00:50:56:20:1f:c4
+ }
+ }
+ rule 595 {
+ action drop
+ description Anti-spoofing_77.68.77.54
+ source {
+ address 77.68.77.54
+ mac-address !00:50:56:0e:da:e1
+ }
+ }
+ rule 596 {
+ action drop
+ description Anti-spoofing_77.68.76.22
+ source {
+ address 77.68.76.22
+ mac-address !00:50:56:1b:a3:e6
+ }
+ }
+ rule 597 {
+ action drop
+ description Anti-spoofing_77.68.103.120
+ source {
+ address 77.68.103.120
+ mac-address !00:50:56:1f:cb:8e
+ }
+ }
+ rule 598 {
+ action drop
+ description Anti-spoofing_109.228.37.174
+ source {
+ address 109.228.37.174
+ mac-address !00:50:56:1d:0f:a0
+ }
+ }
+ rule 599 {
+ action drop
+ description Anti-spoofing_77.68.17.26
+ source {
+ address 77.68.17.26
+ mac-address !00:50:56:13:4a:e1
+ }
+ }
+ rule 600 {
+ action drop
+ description Anti-spoofing_77.68.76.25
+ source {
+ address 77.68.76.25
+ mac-address !00:50:56:1f:54:d9
+ }
+ }
+ rule 601 {
+ action drop
+ description Anti-spoofing_77.68.76.21
+ source {
+ address 77.68.76.21
+ mac-address !00:50:56:15:a8:33
+ }
+ }
+ rule 602 {
+ action drop
+ description Anti-spoofing_77.68.77.221
+ source {
+ address 77.68.77.221
+ mac-address !00:50:56:06:2a:ae
+ }
+ }
+ rule 603 {
+ action drop
+ description Anti-spoofing_77.68.77.76
+ source {
+ address 77.68.77.76
+ mac-address !00:50:56:18:01:78
+ }
+ }
+ rule 604 {
+ action drop
+ description Anti-spoofing_77.68.76.127
+ source {
+ address 77.68.76.127
+ mac-address !00:50:56:24:a4:85
+ }
+ }
+ rule 605 {
+ action drop
+ description Anti-spoofing_77.68.77.139
+ source {
+ address 77.68.77.139
+ mac-address !00:50:56:3b:1e:be
+ }
+ }
+ rule 606 {
+ action drop
+ description Anti-spoofing_77.68.77.240
+ source {
+ address 77.68.77.240
+ mac-address !00:50:56:2b:d5:dd
+ }
+ }
+ rule 607 {
+ action drop
+ description Anti-spoofing_185.132.38.216
+ source {
+ address 185.132.38.216
+ mac-address !00:50:56:26:a7:47
+ }
+ }
+ rule 608 {
+ action drop
+ description Anti-spoofing_77.68.76.39
+ source {
+ address 77.68.76.39
+ mac-address !00:50:56:1e:0d:c1
+ }
+ }
+ rule 609 {
+ action drop
+ description Anti-spoofing_77.68.76.149
+ source {
+ address 77.68.76.149
+ mac-address !00:50:56:32:30:e7
+ }
+ }
+ rule 610 {
+ action drop
+ description Anti-spoofing_77.68.77.57
+ source {
+ address 77.68.77.57
+ mac-address !00:50:56:26:33:75
+ }
+ }
+ rule 611 {
+ action drop
+ description Anti-spoofing_77.68.77.185
+ source {
+ address 77.68.77.185
+ mac-address !00:50:56:22:72:c9
+ }
+ }
+ rule 612 {
+ action drop
+ description Anti-spoofing_77.68.76.116
+ source {
+ address 77.68.76.116
+ mac-address !00:50:56:09:f2:df
+ }
+ }
+ rule 613 {
+ action drop
+ description Anti-spoofing_77.68.95.212
+ source {
+ address 77.68.95.212
+ mac-address !00:50:56:21:4b:e6
+ }
+ }
+ rule 614 {
+ action drop
+ description Anti-spoofing_77.68.76.160
+ source {
+ address 77.68.76.160
+ mac-address !00:50:56:3a:fa:b3
+ }
+ }
+ rule 615 {
+ action drop
+ description Anti-spoofing_77.68.77.70
+ source {
+ address 77.68.77.70
+ mac-address !00:50:56:37:9d:47
+ }
+ }
+ rule 616 {
+ action drop
+ description Anti-spoofing_77.68.77.149
+ source {
+ address 77.68.77.149
+ mac-address !00:50:56:2c:f8:51
+ }
+ }
+ rule 617 {
+ action drop
+ description Anti-spoofing_77.68.76.57
+ source {
+ address 77.68.76.57
+ mac-address !00:50:56:32:d9:0f
+ }
+ }
+ rule 618 {
+ action drop
+ description Anti-spoofing_77.68.76.115
+ source {
+ address 77.68.76.115
+ mac-address !00:50:56:09:67:90
+ }
+ }
+ rule 619 {
+ action drop
+ description Anti-spoofing_185.132.41.72
+ source {
+ address 185.132.41.72
+ mac-address !00:50:56:2b:aa:79
+ }
+ }
+ rule 620 {
+ action drop
+ description Anti-spoofing_77.68.84.155
+ source {
+ address 77.68.84.155
+ mac-address !00:50:56:05:52:76
+ }
+ }
+ rule 621 {
+ action drop
+ description Anti-spoofing_77.68.76.200
+ source {
+ address 77.68.76.200
+ mac-address !00:50:56:00:5f:48
+ }
+ }
+ rule 622 {
+ action drop
+ description Anti-spoofing_77.68.76.23
+ source {
+ address 77.68.76.23
+ mac-address !00:50:56:27:eb:9b
+ }
+ }
+ rule 623 {
+ action drop
+ description Anti-spoofing_77.68.77.46
+ source {
+ address 77.68.77.46
+ mac-address !00:50:56:22:73:37
+ }
+ }
+ rule 624 {
+ action drop
+ description Anti-spoofing_77.68.91.195
+ source {
+ address 77.68.91.195
+ mac-address !00:50:56:09:f1:74
+ }
+ }
+ rule 625 {
+ action drop
+ description Anti-spoofing_77.68.76.198
+ source {
+ address 77.68.76.198
+ mac-address !00:50:56:05:4b:16
+ }
+ }
+ rule 626 {
+ action drop
+ description Anti-spoofing_77.68.77.141
+ source {
+ address 77.68.77.141
+ mac-address !00:50:56:0c:04:05
+ }
+ }
+ rule 627 {
+ action drop
+ description Anti-spoofing_77.68.77.50
+ source {
+ address 77.68.77.50
+ mac-address !00:50:56:2d:5b:c6
+ }
+ }
+ rule 628 {
+ action drop
+ description Anti-spoofing_77.68.77.128
+ source {
+ address 77.68.77.128
+ mac-address !00:50:56:27:0f:74
+ }
+ }
+ rule 629 {
+ action drop
+ description Anti-spoofing_77.68.115.142
+ source {
+ address 77.68.115.142
+ mac-address !00:50:56:1b:e1:25
+ }
+ }
+ rule 630 {
+ action drop
+ description Anti-spoofing_77.68.77.88
+ source {
+ address 77.68.77.88
+ mac-address !00:50:56:2b:db:7e
+ }
+ }
+ rule 631 {
+ action drop
+ description Anti-spoofing_77.68.4.74
+ source {
+ address 77.68.4.74
+ mac-address !00:50:56:0f:22:a5
+ }
+ }
+ rule 632 {
+ action drop
+ description Anti-spoofing_77.68.76.80
+ source {
+ address 77.68.76.80
+ mac-address !00:50:56:1f:17:01
+ }
+ }
+ rule 633 {
+ action drop
+ description Anti-spoofing_77.68.76.35
+ source {
+ address 77.68.76.35
+ mac-address !00:50:56:30:e3:a1
+ }
+ }
+ rule 634 {
+ action drop
+ description Anti-spoofing_77.68.77.204
+ source {
+ address 77.68.77.204
+ mac-address !00:50:56:23:70:3a
+ }
+ }
+ rule 635 {
+ action drop
+ description Anti-spoofing_77.68.77.201
+ source {
+ address 77.68.77.201
+ mac-address !50:9a:4c:74:06:06
+ }
+ }
+ rule 636 {
+ action drop
+ description Anti-spoofing_77.68.77.97
+ source {
+ address 77.68.77.97
+ mac-address !00:50:56:2f:48:47
+ }
+ }
+ rule 637 {
+ action drop
+ description Anti-spoofing_77.68.76.195
+ source {
+ address 77.68.76.195
+ mac-address !00:50:56:14:c5:49
+ }
+ }
+ rule 638 {
+ action drop
+ description Anti-spoofing_77.68.76.202
+ source {
+ address 77.68.76.202
+ mac-address !00:50:56:07:3c:3c
+ }
+ }
+ rule 640 {
+ action drop
+ description Anti-spoofing_77.68.76.157
+ source {
+ address 77.68.76.157
+ mac-address !00:50:56:35:c8:20
+ }
+ }
+ rule 641 {
+ action drop
+ description Anti-spoofing_213.171.212.114
+ source {
+ address 213.171.212.114
+ mac-address !00:50:56:11:7f:32
+ }
+ }
+ rule 642 {
+ action drop
+ description Anti-spoofing_77.68.77.159
+ source {
+ address 77.68.77.159
+ mac-address !00:50:56:14:d8:f0
+ }
+ }
+ rule 643 {
+ action drop
+ description Anti-spoofing_213.171.214.234
+ source {
+ address 213.171.214.234
+ mac-address !00:50:56:29:94:38
+ }
+ }
+ rule 644 {
+ action drop
+ description Anti-spoofing_77.68.76.48
+ source {
+ address 77.68.76.48
+ mac-address !00:50:56:33:38:d6
+ }
+ }
+ rule 645 {
+ action drop
+ description Anti-spoofing_77.68.76.118
+ source {
+ address 77.68.76.118
+ mac-address !00:50:56:1c:cd:d3
+ }
+ }
+ rule 646 {
+ action drop
+ description Anti-spoofing_77.68.76.38
+ source {
+ address 77.68.76.38
+ mac-address !00:50:56:01:59:2a
+ }
+ }
+ rule 647 {
+ action drop
+ description Anti-spoofing_77.68.31.144
+ source {
+ address 77.68.31.144
+ mac-address !00:50:56:01:89:fb
+ }
+ }
+ rule 648 {
+ action drop
+ description Anti-spoofing_77.68.23.35
+ source {
+ address 77.68.23.35
+ mac-address !00:50:56:3b:1f:ee
+ }
+ }
+ rule 649 {
+ action drop
+ description Anti-spoofing_77.68.4.80
+ source {
+ address 77.68.4.80
+ mac-address !00:50:56:1a:06:95
+ }
+ }
+ rule 650 {
+ action drop
+ description Anti-spoofing_77.68.127.151
+ source {
+ address 77.68.127.151
+ mac-address !00:50:56:32:48:a6
+ }
+ }
+ rule 651 {
+ action drop
+ description Anti-spoofing_77.68.77.203
+ source {
+ address 77.68.77.203
+ mac-address !00:50:56:11:05:40
+ }
+ }
+ rule 652 {
+ action drop
+ description Anti-spoofing_77.68.77.233
+ source {
+ address 77.68.77.233
+ mac-address !00:50:56:37:0e:b3
+ }
+ }
+ rule 653 {
+ action drop
+ description Anti-spoofing_77.68.77.163
+ source {
+ address 77.68.77.163
+ mac-address !00:50:56:08:a3:b4
+ }
+ }
+ rule 654 {
+ action drop
+ description Anti-spoofing_77.68.77.49
+ source {
+ address 77.68.77.49
+ mac-address !00:50:56:03:ba:26
+ }
+ }
+ rule 655 {
+ action drop
+ description Anti-spoofing_77.68.76.58
+ source {
+ address 77.68.76.58
+ mac-address !00:50:56:03:bd:d2
+ }
+ }
+ rule 656 {
+ action drop
+ description Anti-spoofing_77.68.77.171
+ source {
+ address 77.68.77.171
+ mac-address !00:50:56:22:3d:21
+ }
+ }
+ rule 657 {
+ action drop
+ description Anti-spoofing_77.68.116.220
+ source {
+ address 77.68.116.220
+ mac-address !00:50:56:2e:06:02
+ }
+ }
+ rule 658 {
+ action drop
+ description Anti-spoofing_77.68.77.150
+ source {
+ address 77.68.77.150
+ mac-address !00:50:56:23:ac:01
+ }
+ }
+ rule 659 {
+ action drop
+ description Anti-spoofing_77.68.121.106
+ source {
+ address 77.68.121.106
+ mac-address !00:50:56:38:2f:3f
+ }
+ }
+ rule 660 {
+ action drop
+ description Anti-spoofing_77.68.77.199
+ source {
+ address 77.68.77.199
+ mac-address !00:50:56:37:e8:23
+ }
+ }
+ rule 661 {
+ action drop
+ description Anti-spoofing_77.68.76.220
+ source {
+ address 77.68.76.220
+ mac-address !00:50:56:26:27:93
+ }
+ }
+ rule 662 {
+ action drop
+ description Anti-spoofing_77.68.85.172
+ source {
+ address 77.68.85.172
+ mac-address !00:50:56:24:a5:72
+ }
+ }
+ rule 663 {
+ action drop
+ description Anti-spoofing_109.228.42.232
+ source {
+ address 109.228.42.232
+ mac-address !00:50:56:2c:34:e5
+ }
+ }
+ rule 664 {
+ action drop
+ description Anti-spoofing_77.68.33.216
+ source {
+ address 77.68.33.216
+ mac-address !00:50:56:08:a3:d8
+ }
+ }
+ rule 665 {
+ action drop
+ description Anti-spoofing_109.228.35.110
+ source {
+ address 109.228.35.110
+ mac-address !00:50:56:20:bc:f6
+ }
+ }
+ rule 666 {
+ action drop
+ description Anti-spoofing_77.68.87.212
+ source {
+ address 77.68.87.212
+ mac-address !00:50:56:20:7a:5b
+ }
+ }
+ rule 667 {
+ action drop
+ description Anti-spoofing_109.228.36.174
+ source {
+ address 109.228.36.174
+ mac-address !00:50:56:05:73:0a
+ }
+ }
+ rule 668 {
+ action drop
+ description Anti-spoofing_77.68.122.241
+ source {
+ address 77.68.122.241
+ mac-address !00:50:56:3d:34:86
+ }
+ }
+ rule 669 {
+ action drop
+ description Anti-spoofing_77.68.10.170
+ source {
+ address 77.68.10.170
+ mac-address !00:50:56:2e:a7:d6
+ }
+ }
+ rule 670 {
+ action drop
+ description Anti-spoofing_109.228.59.247
+ source {
+ address 109.228.59.247
+ mac-address !00:50:56:11:77:61
+ }
+ }
+ rule 671 {
+ action drop
+ description Anti-spoofing_77.68.77.156
+ source {
+ address 77.68.77.156
+ mac-address !00:50:56:37:e8:23
+ }
+ }
+ rule 672 {
+ action drop
+ description Anti-spoofing_77.68.76.248
+ source {
+ address 77.68.76.248
+ mac-address !00:50:56:22:40:ae
+ }
+ }
+ rule 673 {
+ action drop
+ description Anti-spoofing_77.68.76.19
+ source {
+ address 77.68.76.19
+ mac-address !00:50:56:26:ce:06
+ }
+ }
+ rule 674 {
+ action drop
+ description Anti-spoofing_77.68.77.29
+ source {
+ address 77.68.77.29
+ mac-address !00:50:56:11:83:b8
+ }
+ }
+ rule 675 {
+ action drop
+ description Anti-spoofing_77.68.76.250
+ source {
+ address 77.68.76.250
+ mac-address !00:50:56:2d:ca:5b
+ }
+ }
+ rule 676 {
+ action drop
+ description Anti-spoofing_77.68.76.110
+ source {
+ address 77.68.76.110
+ mac-address !00:50:56:1e:db:08
+ }
+ }
+ rule 677 {
+ action drop
+ description Anti-spoofing_77.68.76.171
+ source {
+ address 77.68.76.171
+ mac-address !00:50:56:01:8b:92
+ }
+ }
+ rule 678 {
+ action drop
+ description Anti-spoofing_77.68.76.212
+ source {
+ address 77.68.76.212
+ mac-address !00:50:56:2b:28:99
+ }
+ }
+ rule 679 {
+ action drop
+ description Anti-spoofing_77.68.112.248
+ source {
+ address 77.68.112.248
+ mac-address !00:50:56:35:e3:48
+ }
+ }
+ rule 680 {
+ action drop
+ description Anti-spoofing_77.68.77.132
+ source {
+ address 77.68.77.132
+ mac-address !00:50:56:21:ab:ff
+ }
+ }
+ rule 681 {
+ action drop
+ description Anti-spoofing_77.68.120.218
+ source {
+ address 77.68.120.218
+ mac-address !00:50:56:10:a8:be
+ }
+ }
+ rule 682 {
+ action drop
+ description Anti-spoofing_77.68.120.249
+ source {
+ address 77.68.120.249
+ mac-address !00:50:56:2f:70:ed
+ }
+ }
+ rule 683 {
+ action drop
+ description Anti-spoofing_77.68.77.81
+ source {
+ address 77.68.77.81
+ mac-address !00:50:56:1e:9f:f8
+ }
+ }
+ rule 684 {
+ action drop
+ description Anti-spoofing_77.68.76.37
+ source {
+ address 77.68.76.37
+ mac-address !00:50:56:07:f8:48
+ }
+ }
+ rule 685 {
+ action drop
+ description Anti-spoofing_77.68.76.197
+ source {
+ address 77.68.76.197
+ mac-address !00:50:56:31:a0:ee
+ }
+ }
+ rule 686 {
+ action drop
+ description Anti-spoofing_77.68.76.20
+ source {
+ address 77.68.76.20
+ mac-address !00:50:56:18:a2:03
+ }
+ }
+ rule 687 {
+ action drop
+ description Anti-spoofing_77.68.76.108
+ source {
+ address 77.68.76.108
+ mac-address !00:50:56:0d:4d:25
+ }
+ }
+ rule 688 {
+ action drop
+ description Anti-spoofing_77.68.76.139
+ source {
+ address 77.68.76.139
+ mac-address !00:50:56:1c:52:a8
+ }
+ }
+ rule 689 {
+ action drop
+ description Anti-spoofing_77.68.76.99
+ source {
+ address 77.68.76.99
+ mac-address !00:50:56:2e:8d:48
+ }
+ }
+ rule 690 {
+ action drop
+ description Anti-spoofing_77.68.77.211
+ source {
+ address 77.68.77.211
+ mac-address !00:50:56:30:37:77
+ }
+ }
+ rule 691 {
+ action drop
+ description Anti-spoofing_77.68.77.236
+ source {
+ address 77.68.77.236
+ mac-address !00:50:56:18:13:8b
+ }
+ }
+ rule 692 {
+ action drop
+ description Anti-spoofing_77.68.76.252
+ source {
+ address 77.68.76.252
+ mac-address !00:50:56:16:03:6e
+ }
+ }
+ rule 693 {
+ action drop
+ description Anti-spoofing_77.68.122.89
+ source {
+ address 77.68.122.89
+ mac-address !00:50:56:25:66:5d
+ }
+ }
+ rule 694 {
+ action drop
+ description Anti-spoofing_77.68.76.120
+ source {
+ address 77.68.76.120
+ mac-address !00:50:56:39:de:31
+ }
+ }
+ rule 695 {
+ action drop
+ description Anti-spoofing_77.68.77.234
+ source {
+ address 77.68.77.234
+ mac-address !00:50:56:26:a1:9a
+ }
+ }
+ rule 696 {
+ action drop
+ description Anti-spoofing_77.68.77.32
+ source {
+ address 77.68.77.32
+ mac-address !00:50:56:38:e8:59
+ }
+ }
+ rule 697 {
+ action drop
+ description Anti-spoofing_77.68.77.247
+ source {
+ address 77.68.77.247
+ mac-address !00:50:56:27:8a:8b
+ }
+ }
+ rule 698 {
+ action drop
+ description Anti-spoofing_77.68.76.229
+ source {
+ address 77.68.76.229
+ mac-address !00:50:56:16:56:30
+ }
+ }
+ rule 699 {
+ action drop
+ description Anti-spoofing_77.68.76.209
+ source {
+ address 77.68.76.209
+ mac-address !00:50:56:19:24:73
+ }
+ }
+ rule 700 {
+ action drop
+ description Anti-spoofing_77.68.125.32
+ source {
+ address 77.68.125.32
+ mac-address !00:50:56:00:07:47
+ }
+ }
+ rule 701 {
+ action drop
+ description Anti-spoofing_77.68.76.219
+ source {
+ address 77.68.76.219
+ mac-address !00:50:56:2d:04:90
+ }
+ }
+ rule 702 {
+ action drop
+ description Anti-spoofing_77.68.76.253
+ source {
+ address 77.68.76.253
+ mac-address !00:50:56:12:7b:d8
+ }
+ }
+ rule 703 {
+ action drop
+ description Anti-spoofing_77.68.13.137
+ source {
+ address 77.68.13.137
+ mac-address !00:50:56:16:c6:86
+ }
+ }
+ rule 704 {
+ action drop
+ description Anti-spoofing_77.68.85.115
+ source {
+ address 77.68.85.115
+ mac-address !00:50:56:3c:51:df
+ }
+ }
+ rule 705 {
+ action drop
+ description Anti-spoofing_77.68.77.202
+ source {
+ address 77.68.77.202
+ mac-address !00:50:56:0c:94:82
+ }
+ }
+ rule 706 {
+ action drop
+ description Anti-spoofing_77.68.76.247
+ source {
+ address 77.68.76.247
+ mac-address !00:50:56:1b:f1:83
+ }
+ }
+ rule 707 {
+ action drop
+ description Anti-spoofing_77.68.9.75
+ source {
+ address 77.68.9.75
+ mac-address !00:50:56:21:9b:fe
+ }
+ }
+ rule 708 {
+ action drop
+ description Anti-spoofing_109.228.39.157
+ source {
+ address 109.228.39.157
+ mac-address !00:50:56:2b:55:32
+ }
+ }
+ rule 709 {
+ action drop
+ description Anti-spoofing_77.68.77.99
+ source {
+ address 77.68.77.99
+ mac-address !00:50:56:09:d5:e8
+ }
+ }
+ rule 710 {
+ action drop
+ description Anti-spoofing_77.68.23.158
+ source {
+ address 77.68.23.158
+ mac-address !00:50:56:15:8f:75
+ }
+ }
+ rule 711 {
+ action drop
+ description Anti-spoofing_77.68.76.169
+ source {
+ address 77.68.76.169
+ mac-address !00:50:56:0b:6d:e4
+ }
+ }
+ rule 712 {
+ action drop
+ description Anti-spoofing_77.68.76.95
+ source {
+ address 77.68.76.95
+ mac-address !00:50:56:17:08:c9
+ }
+ }
+ rule 713 {
+ action drop
+ description Anti-spoofing_77.68.76.187
+ source {
+ address 77.68.76.187
+ mac-address !00:50:56:14:79:08
+ }
+ }
+ rule 714 {
+ action drop
+ description Anti-spoofing_109.228.37.114
+ source {
+ address 109.228.37.114
+ mac-address !00:50:56:15:3d:4b
+ }
+ }
+ rule 715 {
+ action drop
+ description Anti-spoofing_77.68.5.187
+ source {
+ address 77.68.5.187
+ mac-address !00:50:56:07:60:de
+ }
+ }
+ rule 716 {
+ action drop
+ description Anti-spoofing_77.68.77.222
+ source {
+ address 77.68.77.222
+ mac-address !00:50:56:38:03:ce
+ }
+ }
+ rule 717 {
+ action drop
+ description Anti-spoofing_77.68.77.53
+ source {
+ address 77.68.77.53
+ mac-address !00:50:56:18:cc:5a
+ }
+ }
+ rule 718 {
+ action drop
+ description Anti-spoofing_77.68.77.124
+ source {
+ address 77.68.77.124
+ mac-address !00:50:56:21:67:74
+ }
+ }
+ rule 719 {
+ action drop
+ description Anti-spoofing_77.68.76.61
+ source {
+ address 77.68.76.61
+ mac-address !00:50:56:10:fa:46
+ }
+ }
+ rule 720 {
+ action drop
+ description Anti-spoofing_109.228.37.240
+ source {
+ address 109.228.37.240
+ mac-address !00:50:56:0a:d3:2d
+ }
+ }
+ rule 721 {
+ action drop
+ description Anti-spoofing_77.68.27.27
+ source {
+ address 77.68.27.27
+ mac-address !00:50:56:14:b0:2a
+ }
+ }
+ rule 722 {
+ action drop
+ description Anti-spoofing_77.68.77.43
+ source {
+ address 77.68.77.43
+ mac-address !00:50:56:30:92:94
+ }
+ }
+ rule 723 {
+ action drop
+ description Anti-spoofing_77.68.76.94
+ source {
+ address 77.68.76.94
+ mac-address !00:50:56:00:10:ce
+ }
+ }
+ rule 724 {
+ action drop
+ description Anti-spoofing_77.68.77.165
+ source {
+ address 77.68.77.165
+ mac-address !00:50:56:26:5f:42
+ }
+ }
+ rule 725 {
+ action drop
+ description Anti-spoofing_77.68.77.251
+ source {
+ address 77.68.77.251
+ mac-address !00:50:56:39:db:9e
+ }
+ }
+ rule 726 {
+ action drop
+ description Anti-spoofing_77.68.77.152
+ source {
+ address 77.68.77.152
+ mac-address !00:50:56:12:68:ca
+ }
+ }
+ rule 727 {
+ action drop
+ description Anti-spoofing_185.132.43.164
+ source {
+ address 185.132.43.164
+ mac-address !00:50:56:2f:98:9b
+ }
+ }
+ rule 728 {
+ action drop
+ description Anti-spoofing_77.68.9.186
+ source {
+ address 77.68.9.186
+ mac-address !00:50:56:06:07:22
+ }
+ }
+ rule 729 {
+ action drop
+ description Anti-spoofing_77.68.27.28
+ source {
+ address 77.68.27.28
+ mac-address !00:50:56:27:c6:2d
+ }
+ }
+ rule 730 {
+ action drop
+ description Anti-spoofing_77.68.84.147
+ source {
+ address 77.68.84.147
+ mac-address !00:50:56:28:d5:4d
+ }
+ }
+ rule 731 {
+ action drop
+ description Anti-spoofing_77.68.3.80
+ source {
+ address 77.68.3.80
+ mac-address !00:50:56:35:66:85
+ }
+ }
+ rule 732 {
+ action drop
+ description Anti-spoofing_77.68.76.44
+ source {
+ address 77.68.76.44
+ mac-address !00:50:56:2b:8f:62
+ }
+ }
+ rule 733 {
+ action drop
+ description Anti-spoofing_77.68.76.47
+ source {
+ address 77.68.76.47
+ mac-address !50:9a:4c:74:52:56
+ }
+ }
+ rule 734 {
+ action drop
+ description Anti-spoofing_77.68.76.74
+ source {
+ address 77.68.76.74
+ mac-address !00:50:56:30:a0:57
+ }
+ }
+ rule 735 {
+ action drop
+ description Anti-spoofing_77.68.5.166
+ source {
+ address 77.68.5.166
+ mac-address !00:50:56:17:e2:18
+ }
+ }
+ rule 736 {
+ action drop
+ description Anti-spoofing_77.68.76.55
+ source {
+ address 77.68.76.55
+ mac-address !00:50:56:0f:46:86
+ }
+ }
+ rule 737 {
+ action drop
+ description Anti-spoofing_77.68.10.142
+ source {
+ address 77.68.10.142
+ mac-address !00:50:56:19:04:d3
+ }
+ }
+ rule 738 {
+ action drop
+ description Anti-spoofing_77.68.77.75
+ source {
+ address 77.68.77.75
+ mac-address !00:50:56:0e:a6:a8
+ }
+ }
+ rule 739 {
+ action drop
+ description Anti-spoofing_77.68.77.239
+ source {
+ address 77.68.77.239
+ mac-address !00:50:56:26:f4:c8
+ }
+ }
+ rule 740 {
+ action drop
+ description Anti-spoofing_213.171.208.176
+ source {
+ address 213.171.208.176
+ mac-address !00:50:56:34:50:f7
+ }
+ }
+ rule 741 {
+ action drop
+ description Anti-spoofing_77.68.4.111
+ source {
+ address 77.68.4.111
+ mac-address !00:50:56:2a:61:0b
+ }
+ }
+ rule 742 {
+ action drop
+ description Anti-spoofing_77.68.118.120
+ source {
+ address 77.68.118.120
+ mac-address !00:50:56:3c:35:39
+ }
+ }
+ rule 743 {
+ action drop
+ description Anti-spoofing_77.68.76.75
+ source {
+ address 77.68.76.75
+ mac-address !00:50:56:2a:42:ca
+ }
+ }
+ rule 744 {
+ action drop
+ description Anti-spoofing_77.68.77.71
+ source {
+ address 77.68.77.71
+ mac-address !00:50:56:38:ae:bf
+ }
+ }
+ rule 745 {
+ action drop
+ description Anti-spoofing_77.68.76.138
+ source {
+ address 77.68.76.138
+ mac-address !00:50:56:14:c0:d8
+ }
+ }
+ rule 746 {
+ action drop
+ description Anti-spoofing_77.68.76.145
+ source {
+ address 77.68.76.145
+ mac-address !00:50:56:3b:e8:48
+ }
+ }
+ rule 747 {
+ action drop
+ description Anti-spoofing_77.68.77.145
+ source {
+ address 77.68.77.145
+ mac-address !00:50:56:12:b0:43
+ }
+ }
+ rule 748 {
+ action drop
+ description Anti-spoofing_77.68.3.121
+ source {
+ address 77.68.3.121
+ mac-address !00:50:56:03:7b:9d
+ }
+ }
+ rule 749 {
+ action drop
+ description Anti-spoofing_77.68.3.144
+ source {
+ address 77.68.3.144
+ mac-address !00:50:56:18:a0:ed
+ }
+ }
+ rule 750 {
+ action drop
+ description Anti-spoofing_77.68.77.68
+ source {
+ address 77.68.77.68
+ mac-address !00:50:56:3c:dc:4f
+ }
+ }
+ rule 751 {
+ action drop
+ description Anti-spoofing_77.68.76.126
+ source {
+ address 77.68.76.126
+ mac-address !00:50:56:0f:d0:ae
+ }
+ }
+ rule 752 {
+ action drop
+ description Anti-spoofing_77.68.76.88
+ source {
+ address 77.68.76.88
+ mac-address !00:50:56:15:d6:12
+ }
+ }
+ rule 753 {
+ action drop
+ description Anti-spoofing_77.68.77.254
+ source {
+ address 77.68.77.254
+ mac-address !00:50:56:0e:5e:74
+ }
+ }
+ rule 754 {
+ action drop
+ description Anti-spoofing_185.132.40.124
+ source {
+ address 185.132.40.124
+ mac-address !00:50:56:08:f8:6a
+ }
+ }
+ rule 755 {
+ action drop
+ description Anti-spoofing_77.68.20.231
+ source {
+ address 77.68.20.231
+ mac-address !00:50:56:05:35:ce
+ }
+ }
+ rule 756 {
+ action drop
+ description Anti-spoofing_77.68.77.181
+ source {
+ address 77.68.77.181
+ mac-address !00:50:56:20:03:6f
+ }
+ }
+ rule 757 {
+ action drop
+ description Anti-spoofing_77.68.22.146
+ source {
+ address 77.68.22.146
+ mac-address !00:50:56:0e:85:95
+ }
+ }
+ rule 758 {
+ action drop
+ description Anti-spoofing_77.68.112.75
+ source {
+ address 77.68.112.75
+ mac-address !00:50:56:09:33:e6
+ }
+ }
+ rule 759 {
+ action drop
+ description Anti-spoofing_77.68.4.22
+ source {
+ address 77.68.4.22
+ mac-address !00:50:56:14:be:3f
+ }
+ }
+ rule 760 {
+ action drop
+ description Anti-spoofing_77.68.76.96
+ source {
+ address 77.68.76.96
+ mac-address !00:50:56:32:91:fb
+ }
+ }
+ rule 761 {
+ action drop
+ description Anti-spoofing_77.68.3.161
+ source {
+ address 77.68.3.161
+ mac-address !00:50:56:12:82:40
+ }
+ }
+ rule 762 {
+ action drop
+ description Anti-spoofing_109.228.37.10
+ source {
+ address 109.228.37.10
+ mac-address !00:50:56:0a:ef:ab
+ }
+ }
+ rule 763 {
+ action drop
+ description Anti-spoofing_77.68.76.228
+ source {
+ address 77.68.76.228
+ mac-address !00:50:56:2b:39:b1
+ }
+ }
+ rule 764 {
+ action drop
+ description Anti-spoofing_77.68.121.94
+ source {
+ address 77.68.121.94
+ mac-address !00:50:56:0a:d7:68
+ }
+ }
+ rule 765 {
+ action drop
+ description Anti-spoofing_77.68.3.194
+ source {
+ address 77.68.3.194
+ mac-address !00:50:56:10:90:6a
+ }
+ }
+ rule 766 {
+ action drop
+ description Anti-spoofing_77.68.76.112
+ source {
+ address 77.68.76.112
+ mac-address !00:50:56:24:e2:52
+ }
+ }
+ rule 767 {
+ action drop
+ description Anti-spoofing_77.68.100.77
+ source {
+ address 77.68.100.77
+ mac-address !00:50:56:0e:f3:7a
+ }
+ }
+ rule 768 {
+ action drop
+ description Anti-spoofing_77.68.3.247
+ source {
+ address 77.68.3.247
+ mac-address !00:50:56:29:30:8a
+ }
+ }
+ rule 769 {
+ action drop
+ description Anti-spoofing_77.68.77.157
+ source {
+ address 77.68.77.157
+ mac-address !00:50:56:36:39:a5
+ }
+ }
+ rule 770 {
+ action drop
+ description Anti-spoofing_77.68.29.65
+ source {
+ address 77.68.29.65
+ mac-address !00:50:56:2e:1b:f9
+ }
+ }
+ rule 771 {
+ action drop
+ description Anti-spoofing_77.68.74.152
+ source {
+ address 77.68.74.152
+ mac-address !00:50:56:16:1d:31
+ }
+ }
+ rule 772 {
+ action drop
+ description Anti-spoofing_185.132.39.145
+ source {
+ address 185.132.39.145
+ mac-address !00:50:56:03:77:75
+ }
+ }
+ rule 773 {
+ action drop
+ description Anti-spoofing_77.68.28.139
+ source {
+ address 77.68.28.139
+ mac-address !00:50:56:25:a9:de
+ }
+ }
+ rule 774 {
+ action drop
+ description Anti-spoofing_77.68.77.33
+ source {
+ address 77.68.77.33
+ mac-address !00:50:56:09:16:76
+ }
+ }
+ rule 775 {
+ action drop
+ description Anti-spoofing_77.68.77.137
+ source {
+ address 77.68.77.137
+ mac-address !00:50:56:15:b6:84
+ }
+ }
+ rule 776 {
+ action drop
+ description Anti-spoofing_77.68.76.244
+ source {
+ address 77.68.76.244
+ mac-address !00:50:56:21:11:27
+ }
+ }
+ rule 777 {
+ action drop
+ description Anti-spoofing_77.68.77.92
+ source {
+ address 77.68.77.92
+ mac-address !00:50:56:11:58:f5
+ }
+ }
+ rule 778 {
+ action drop
+ description Anti-spoofing_77.68.7.227
+ source {
+ address 77.68.7.227
+ mac-address !00:50:56:34:a8:22
+ }
+ }
+ rule 779 {
+ action drop
+ description Anti-spoofing_77.68.76.111
+ source {
+ address 77.68.76.111
+ mac-address !00:50:56:3e:44:ea
+ }
+ }
+ rule 780 {
+ action drop
+ description Anti-spoofing_77.68.76.185
+ source {
+ address 77.68.76.185
+ mac-address !00:50:56:1b:75:e8
+ }
+ }
+ rule 781 {
+ action drop
+ description Anti-spoofing_77.68.76.208
+ source {
+ address 77.68.76.208
+ mac-address !50:9a:4c:98:c2:68
+ }
+ }
+ rule 782 {
+ action drop
+ description Anti-spoofing_77.68.76.150
+ source {
+ address 77.68.76.150
+ mac-address !50:9a:4c:98:5c:c0
+ }
+ }
+ rule 783 {
+ action drop
+ description Anti-spoofing_77.68.77.208
+ source {
+ address 77.68.77.208
+ mac-address !50:9a:4c:98:5c:c0
+ }
+ }
+ rule 784 {
+ action drop
+ description Anti-spoofing_77.68.103.56
+ source {
+ address 77.68.103.56
+ mac-address !00:50:56:05:2f:9e
+ }
+ }
+ rule 785 {
+ action drop
+ description Anti-spoofing_77.68.125.60
+ source {
+ address 77.68.125.60
+ mac-address !00:50:56:2a:4a:20
+ }
+ }
+ rule 786 {
+ action drop
+ description Anti-spoofing_77.68.76.42
+ source {
+ address 77.68.76.42
+ mac-address !00:50:56:3e:44:ea
+ }
+ }
+ rule 787 {
+ action drop
+ description Anti-spoofing_77.68.26.216
+ source {
+ address 77.68.26.216
+ mac-address !00:50:56:07:56:c4
+ }
+ }
+ rule 788 {
+ action drop
+ description Anti-spoofing_77.68.76.164
+ source {
+ address 77.68.76.164
+ mac-address !00:50:56:1c:df:57
+ }
+ }
+ rule 789 {
+ action drop
+ description Anti-spoofing_77.68.89.72
+ source {
+ address 77.68.89.72
+ mac-address !00:50:56:1b:84:5c
+ }
+ }
+ rule 790 {
+ action drop
+ description Anti-spoofing_77.68.76.181
+ source {
+ address 77.68.76.181
+ mac-address !00:50:56:36:5d:1e
+ }
+ }
+ rule 791 {
+ action drop
+ description Anti-spoofing_77.68.3.52
+ source {
+ address 77.68.3.52
+ mac-address !00:50:56:12:e2:00
+ }
+ }
+ rule 792 {
+ action drop
+ description Anti-spoofing_77.68.77.207
+ source {
+ address 77.68.77.207
+ mac-address !00:50:56:16:24:34
+ }
+ }
+ rule 793 {
+ action drop
+ description Anti-spoofing_77.68.81.44
+ source {
+ address 77.68.81.44
+ mac-address !00:50:56:1a:2f:81
+ }
+ }
+ rule 794 {
+ action drop
+ description Anti-spoofing_77.68.28.145
+ source {
+ address 77.68.28.145
+ mac-address !00:50:56:39:78:a6
+ }
+ }
+ rule 795 {
+ action drop
+ description Anti-spoofing_77.68.76.49
+ source {
+ address 77.68.76.49
+ mac-address !00:50:56:08:ae:5e
+ }
+ }
+ rule 796 {
+ action drop
+ description Anti-spoofing_77.68.77.227
+ source {
+ address 77.68.77.227
+ mac-address !ac:1f:6b:93:59:d4
+ }
+ }
+ rule 797 {
+ action drop
+ description Anti-spoofing_77.68.76.136
+ source {
+ address 77.68.76.136
+ mac-address !00:50:56:0b:b2:b0
+ }
+ }
+ rule 798 {
+ action drop
+ description Anti-spoofing_77.68.77.102
+ source {
+ address 77.68.77.102
+ mac-address !00:50:56:3d:91:75
+ }
+ }
+ rule 799 {
+ action drop
+ description Anti-spoofing_77.68.5.155
+ source {
+ address 77.68.5.155
+ mac-address !00:50:56:13:33:02
+ }
+ }
+ rule 801 {
+ action drop
+ description Anti-spoofing_77.68.88.100
+ source {
+ address 77.68.88.100
+ mac-address !00:50:56:08:dc:d0
+ }
+ }
+ rule 802 {
+ action drop
+ description Anti-spoofing_77.68.72.254
+ source {
+ address 77.68.72.254
+ mac-address !00:50:56:0c:c2:8d
+ }
+ }
+ rule 803 {
+ action drop
+ description Anti-spoofing_77.68.77.74
+ source {
+ address 77.68.77.74
+ mac-address !00:50:56:18:d8:12
+ }
+ }
+ rule 804 {
+ action drop
+ description Anti-spoofing_77.68.76.77
+ source {
+ address 77.68.76.77
+ mac-address !ac:1f:6b:4d:bd:60
+ }
+ }
+ rule 805 {
+ action drop
+ description Anti-spoofing_77.68.76.123
+ source {
+ address 77.68.76.123
+ mac-address !00:50:56:38:5b:9d
+ }
+ }
+ rule 806 {
+ action drop
+ description Anti-spoofing_77.68.4.24
+ source {
+ address 77.68.4.24
+ mac-address !00:50:56:16:54:a8
+ }
+ }
+ rule 807 {
+ action drop
+ description Anti-spoofing_213.171.214.167
+ source {
+ address 213.171.214.167
+ mac-address !00:50:56:13:7d:80
+ }
+ }
+ rule 808 {
+ action drop
+ description Anti-spoofing_77.68.112.213
+ source {
+ address 77.68.112.213
+ mac-address !00:50:56:0b:ec:f2
+ }
+ }
+ rule 809 {
+ action drop
+ description Anti-spoofing_185.132.40.166
+ source {
+ address 185.132.40.166
+ mac-address !00:50:56:22:c7:e0
+ }
+ }
+ rule 810 {
+ action drop
+ description Anti-spoofing_77.68.76.31
+ source {
+ address 77.68.76.31
+ mac-address !00:50:56:38:22:33
+ }
+ }
+ rule 811 {
+ action drop
+ description Anti-spoofing_77.68.76.148
+ source {
+ address 77.68.76.148
+ mac-address !00:50:56:16:6c:9c
+ }
+ }
+ rule 812 {
+ action drop
+ description Anti-spoofing_77.68.93.246
+ source {
+ address 77.68.93.246
+ mac-address !00:50:56:29:2c:65
+ }
+ }
+ rule 813 {
+ action drop
+ description Anti-spoofing_77.68.77.120
+ source {
+ address 77.68.77.120
+ mac-address !00:50:56:39:92:1c
+ }
+ }
+ rule 814 {
+ action drop
+ description Anti-spoofing_77.68.7.123
+ source {
+ address 77.68.7.123
+ mac-address !00:50:56:33:46:a6
+ }
+ }
+ rule 815 {
+ action drop
+ description Anti-spoofing_77.68.76.183
+ source {
+ address 77.68.76.183
+ mac-address !00:50:56:39:92:1c
+ }
+ }
+ rule 816 {
+ action drop
+ description Anti-spoofing_77.68.112.90
+ source {
+ address 77.68.112.90
+ mac-address !00:50:56:29:f8:91
+ }
+ }
+ rule 817 {
+ action drop
+ description Anti-spoofing_77.68.50.90
+ source {
+ address 77.68.50.90
+ mac-address !00:50:56:11:d5:cb
+ }
+ }
+ rule 818 {
+ action drop
+ description Anti-spoofing_77.68.3.61
+ source {
+ address 77.68.3.61
+ mac-address !00:50:56:03:0b:87
+ }
+ }
+ rule 819 {
+ action drop
+ description Anti-spoofing_213.171.213.42
+ source {
+ address 213.171.213.42
+ mac-address !00:50:56:37:90:bd
+ }
+ }
+ rule 820 {
+ action drop
+ description Anti-spoofing_77.68.77.107
+ source {
+ address 77.68.77.107
+ mac-address !00:50:56:1e:74:40
+ }
+ }
+ rule 821 {
+ action drop
+ description Anti-spoofing_77.68.89.183
+ source {
+ address 77.68.89.183
+ mac-address !00:50:56:04:b9:ce
+ }
+ }
+ rule 822 {
+ action drop
+ description Anti-spoofing_77.68.112.83
+ source {
+ address 77.68.112.83
+ mac-address !00:50:56:38:03:ce
+ }
+ }
+ rule 823 {
+ action drop
+ description Anti-spoofing_77.68.76.141
+ source {
+ address 77.68.76.141
+ mac-address !00:50:56:12:2e:7c
+ }
+ }
+ rule 825 {
+ action drop
+ description Anti-spoofing_77.68.76.105
+ source {
+ address 77.68.76.105
+ mac-address !00:50:56:00:0b:f6
+ }
+ }
+ rule 826 {
+ action drop
+ description Anti-spoofing_77.68.76.251
+ source {
+ address 77.68.76.251
+ mac-address !00:50:56:34:1e:f4
+ }
+ }
+ rule 827 {
+ action drop
+ description Anti-spoofing_77.68.6.202
+ source {
+ address 77.68.6.202
+ mac-address !00:50:56:17:65:5f
+ }
+ }
+ rule 828 {
+ action drop
+ description Anti-spoofing_88.208.198.92
+ source {
+ address 88.208.198.92
+ mac-address !00:50:56:0c:5d:98
+ }
+ }
+ rule 829 {
+ action drop
+ description Anti-spoofing_77.68.76.249
+ source {
+ address 77.68.76.249
+ mac-address !00:50:56:01:18:09
+ }
+ }
+ rule 830 {
+ action drop
+ description Anti-spoofing_77.68.30.164
+ source {
+ address 77.68.30.164
+ mac-address !00:50:56:3c:2a:3a
+ }
+ }
+ rule 831 {
+ action drop
+ description Anti-spoofing_77.68.77.59
+ source {
+ address 77.68.77.59
+ mac-address !00:50:56:18:09:81
+ }
+ }
+ rule 832 {
+ action drop
+ description Anti-spoofing_77.68.76.40
+ source {
+ address 77.68.76.40
+ mac-address !00:50:56:13:e6:96
+ }
+ }
+ rule 833 {
+ action drop
+ description Anti-spoofing_77.68.88.164
+ source {
+ address 77.68.88.164
+ mac-address !00:50:56:07:f9:c8
+ }
+ }
+ rule 834 {
+ action drop
+ description Anti-spoofing_77.68.77.37
+ source {
+ address 77.68.77.37
+ mac-address !00:50:56:2f:1e:7b
+ }
+ }
+ rule 835 {
+ action drop
+ description Anti-spoofing_185.132.39.99
+ source {
+ address 185.132.39.99
+ mac-address !00:50:56:1d:4e:dd
+ }
+ }
+ rule 836 {
+ action drop
+ description Anti-spoofing_77.68.121.127
+ source {
+ address 77.68.121.127
+ mac-address !00:50:56:29:fd:29
+ }
+ }
+ rule 837 {
+ action drop
+ description Anti-spoofing_77.68.77.65
+ source {
+ address 77.68.77.65
+ mac-address !00:50:56:30:1f:8b
+ }
+ }
+ rule 838 {
+ action drop
+ description Anti-spoofing_77.68.27.211
+ source {
+ address 77.68.27.211
+ mac-address !00:50:56:25:b4:d1
+ }
+ }
+ rule 839 {
+ action drop
+ description Anti-spoofing_77.68.24.112
+ source {
+ address 77.68.24.112
+ mac-address !00:50:56:06:50:e8
+ }
+ }
+ rule 840 {
+ action drop
+ description Anti-spoofing_109.228.38.201
+ source {
+ address 109.228.38.201
+ mac-address !00:50:56:36:33:0c
+ }
+ }
+ rule 841 {
+ action drop
+ description Anti-spoofing_77.68.115.17
+ source {
+ address 77.68.115.17
+ mac-address !00:50:56:16:da:60
+ }
+ }
+ rule 842 {
+ action drop
+ description Anti-spoofing_185.132.36.60
+ source {
+ address 185.132.36.60
+ mac-address !00:50:56:14:a7:b2
+ }
+ }
+ rule 843 {
+ action drop
+ description Anti-spoofing_77.68.76.231
+ source {
+ address 77.68.76.231
+ mac-address !00:50:56:03:c5:bc
+ }
+ }
+ rule 844 {
+ action drop
+ description Anti-spoofing_185.132.37.23
+ source {
+ address 185.132.37.23
+ mac-address !00:50:56:27:46:b8
+ }
+ }
+ rule 845 {
+ action drop
+ description Anti-spoofing_109.228.35.84
+ source {
+ address 109.228.35.84
+ mac-address !00:50:56:17:74:b7
+ }
+ }
+ rule 846 {
+ action drop
+ description Anti-spoofing_77.68.11.140
+ source {
+ address 77.68.11.140
+ mac-address !00:50:56:08:ce:61
+ }
+ }
+ rule 848 {
+ action drop
+ description Anti-spoofing_77.68.77.24
+ source {
+ address 77.68.77.24
+ mac-address !00:50:56:28:65:cb
+ }
+ }
+ rule 849 {
+ action drop
+ description Anti-spoofing_77.68.78.113
+ source {
+ address 77.68.78.113
+ mac-address !00:50:56:2c:5a:e3
+ }
+ }
+ rule 850 {
+ action drop
+ description Anti-spoofing_185.132.39.219
+ source {
+ address 185.132.39.219
+ mac-address !00:50:56:11:0d:fd
+ }
+ }
+ rule 851 {
+ action drop
+ description Anti-spoofing_185.132.40.11
+ source {
+ address 185.132.40.11
+ mac-address !00:50:56:27:50:a3
+ }
+ }
+ rule 852 {
+ action drop
+ description Anti-spoofing_77.68.23.64
+ source {
+ address 77.68.23.64
+ mac-address !00:50:56:0a:b2:3c
+ }
+ }
+ rule 853 {
+ action drop
+ description Anti-spoofing_185.132.37.133
+ source {
+ address 185.132.37.133
+ mac-address !00:50:56:0b:0a:21
+ }
+ }
+ rule 854 {
+ action drop
+ description Anti-spoofing_77.68.85.27
+ source {
+ address 77.68.85.27
+ mac-address !00:50:56:34:82:24
+ }
+ }
+ rule 855 {
+ action drop
+ description Anti-spoofing_77.68.26.221
+ source {
+ address 77.68.26.221
+ mac-address !00:50:56:30:56:a2
+ }
+ }
+ rule 856 {
+ action drop
+ description Anti-spoofing_77.68.76.243
+ source {
+ address 77.68.76.243
+ mac-address !00:50:56:1c:a0:2d
+ }
+ }
+ rule 857 {
+ action drop
+ description Anti-spoofing_77.68.116.52
+ source {
+ address 77.68.116.52
+ mac-address !00:50:56:2b:59:35
+ }
+ }
+ rule 858 {
+ action drop
+ description Anti-spoofing_77.68.120.26
+ source {
+ address 77.68.120.26
+ mac-address !00:50:56:07:3b:2b
+ }
+ }
+ rule 859 {
+ action drop
+ description Anti-spoofing_185.132.40.56
+ source {
+ address 185.132.40.56
+ mac-address !00:50:56:21:cb:e3
+ }
+ }
+ rule 860 {
+ action drop
+ description Anti-spoofing_213.171.210.155
+ source {
+ address 213.171.210.155
+ mac-address !00:50:56:2a:53:9f
+ }
+ }
+ rule 861 {
+ action drop
+ description Anti-spoofing_185.132.43.157
+ source {
+ address 185.132.43.157
+ mac-address !00:50:56:27:e6:d5
+ }
+ }
+ rule 862 {
+ action drop
+ description Anti-spoofing_77.68.4.252
+ source {
+ address 77.68.4.252
+ mac-address !00:50:56:08:ff:66
+ }
+ }
+ rule 863 {
+ action drop
+ description Anti-spoofing_77.68.77.63
+ source {
+ address 77.68.77.63
+ mac-address !00:50:56:10:9c:ca
+ }
+ }
+ rule 864 {
+ action drop
+ description Anti-spoofing_77.68.20.161
+ source {
+ address 77.68.20.161
+ mac-address !00:50:56:0d:06:6f
+ }
+ }
+ rule 865 {
+ action drop
+ description Anti-spoofing_77.68.117.45
+ source {
+ address 77.68.117.45
+ mac-address !00:50:56:05:e0:11
+ }
+ }
+ rule 866 {
+ action drop
+ description Anti-spoofing_77.68.76.234
+ source {
+ address 77.68.76.234
+ mac-address !00:50:56:3a:d3:9e
+ }
+ }
+ rule 867 {
+ action drop
+ description Anti-spoofing_185.132.40.90
+ source {
+ address 185.132.40.90
+ mac-address !00:50:56:2c:90:4f
+ }
+ }
+ rule 868 {
+ action drop
+ description Anti-spoofing_77.68.77.90
+ source {
+ address 77.68.77.90
+ mac-address !00:50:56:1d:ec:a2
+ }
+ }
+ rule 869 {
+ action drop
+ description Anti-spoofing_77.68.76.93
+ source {
+ address 77.68.76.93
+ mac-address !00:50:56:19:cb:e8
+ }
+ }
+ rule 870 {
+ action drop
+ description Anti-spoofing_77.68.26.166
+ source {
+ address 77.68.26.166
+ mac-address !00:50:56:1e:34:14
+ }
+ }
+ rule 871 {
+ action drop
+ description Anti-spoofing_185.132.40.244
+ source {
+ address 185.132.40.244
+ mac-address !00:50:56:14:a7:b2
+ }
+ }
+ rule 872 {
+ action drop
+ description Anti-spoofing_77.68.77.77
+ source {
+ address 77.68.77.77
+ mac-address !00:50:56:0c:9b:e1
+ }
+ }
+ rule 873 {
+ action drop
+ description Anti-spoofing_77.68.27.57
+ source {
+ address 77.68.27.57
+ mac-address !00:50:56:3e:06:ca
+ }
+ }
+ rule 874 {
+ action drop
+ description Anti-spoofing_77.68.7.114
+ source {
+ address 77.68.7.114
+ mac-address !00:50:56:33:0d:5e
+ }
+ }
+ rule 875 {
+ action drop
+ description Anti-spoofing_109.228.36.229
+ source {
+ address 109.228.36.229
+ mac-address !00:50:56:32:a6:83
+ }
+ }
+ rule 876 {
+ action drop
+ description Anti-spoofing_77.68.77.151
+ source {
+ address 77.68.77.151
+ mac-address !00:50:56:0a:e4:20
+ }
+ }
+ rule 877 {
+ action drop
+ description Anti-spoofing_77.68.76.92
+ source {
+ address 77.68.76.92
+ mac-address !00:50:56:2b:a5:38
+ }
+ }
+ rule 878 {
+ action drop
+ description Anti-spoofing_77.68.49.159
+ source {
+ address 77.68.49.159
+ mac-address !00:50:56:16:4f:24
+ }
+ }
+ rule 879 {
+ action drop
+ description Anti-spoofing_77.68.77.38
+ source {
+ address 77.68.77.38
+ mac-address !00:50:56:2c:fe:a1
+ }
+ }
+ rule 880 {
+ action drop
+ description Anti-spoofing_77.68.20.217
+ source {
+ address 77.68.20.217
+ mac-address !00:50:56:3a:61:47
+ }
+ }
+ rule 881 {
+ action drop
+ description Anti-spoofing_77.68.92.92
+ source {
+ address 77.68.92.92
+ mac-address !00:50:56:1b:64:85
+ }
+ }
+ rule 882 {
+ action drop
+ description Anti-spoofing_77.68.76.124
+ source {
+ address 77.68.76.124
+ mac-address !00:50:56:0e:c1:e4
+ }
+ }
+ rule 884 {
+ action drop
+ description Anti-spoofing_77.68.126.101
+ source {
+ address 77.68.126.101
+ mac-address !00:50:56:31:d1:a3
+ }
+ }
+ rule 885 {
+ action drop
+ description Anti-spoofing_77.68.76.235
+ source {
+ address 77.68.76.235
+ mac-address !00:50:56:15:d1:66
+ }
+ }
+ rule 886 {
+ action drop
+ description Anti-spoofing_77.68.77.95
+ source {
+ address 77.68.77.95
+ mac-address !00:50:56:39:c6:52
+ }
+ }
+ rule 887 {
+ action drop
+ description Anti-spoofing_77.68.26.228
+ source {
+ address 77.68.26.228
+ mac-address !00:50:56:03:ab:9e
+ }
+ }
+ rule 888 {
+ action drop
+ description Anti-spoofing_77.68.32.118
+ source {
+ address 77.68.32.118
+ mac-address !00:50:56:0e:db:9d
+ }
+ }
+ rule 889 {
+ action drop
+ description Anti-spoofing_77.68.24.172
+ source {
+ address 77.68.24.172
+ mac-address !00:50:56:0e:2a:9c
+ }
+ }
+ rule 891 {
+ action drop
+ description Anti-spoofing_77.68.77.190
+ source {
+ address 77.68.77.190
+ mac-address !00:50:56:31:e8:fb
+ }
+ }
+ rule 892 {
+ action drop
+ description Anti-spoofing_77.68.33.197
+ source {
+ address 77.68.33.197
+ mac-address !00:50:56:2b:27:c4
+ }
+ }
+ rule 893 {
+ action drop
+ description Anti-spoofing_213.171.210.177
+ source {
+ address 213.171.210.177
+ mac-address !00:50:56:04:96:31
+ }
+ }
+ rule 894 {
+ action drop
+ description Anti-spoofing_185.132.41.73
+ source {
+ address 185.132.41.73
+ mac-address !00:50:56:35:b4:a5
+ }
+ }
+ rule 895 {
+ action drop
+ description Anti-spoofing_77.68.21.78
+ source {
+ address 77.68.21.78
+ mac-address !00:50:56:23:87:f2
+ }
+ }
+ rule 896 {
+ action drop
+ description Anti-spoofing_77.68.77.209
+ source {
+ address 77.68.77.209
+ mac-address !00:50:56:3b:95:06
+ }
+ }
+ rule 897 {
+ action drop
+ description Anti-spoofing_88.208.215.19
+ source {
+ address 88.208.215.19
+ mac-address !00:50:56:1f:e1:4b
+ }
+ }
+ rule 898 {
+ action drop
+ description Anti-spoofing_77.68.77.214
+ source {
+ address 77.68.77.214
+ mac-address !00:50:56:2b:03:2b
+ }
+ }
+ rule 899 {
+ action drop
+ description Anti-spoofing_77.68.76.91
+ source {
+ address 77.68.76.91
+ mac-address !00:50:56:3b:3c:fb
+ }
+ }
+ rule 900 {
+ action drop
+ description Anti-spoofing_77.68.119.92
+ source {
+ address 77.68.119.92
+ mac-address !00:50:56:25:ba:8c
+ }
+ }
+ rule 901 {
+ action drop
+ description Anti-spoofing_77.68.77.79
+ source {
+ address 77.68.77.79
+ mac-address !00:50:56:28:f5:72
+ }
+ }
+ rule 902 {
+ action drop
+ description Anti-spoofing_77.68.75.45
+ source {
+ address 77.68.75.45
+ mac-address !00:50:56:04:51:74
+ }
+ }
+ rule 903 {
+ action drop
+ description Anti-spoofing_109.228.56.185
+ source {
+ address 109.228.56.185
+ mac-address !00:50:56:13:e5:07
+ }
+ }
+ rule 904 {
+ action drop
+ description Anti-spoofing_185.132.43.6
+ source {
+ address 185.132.43.6
+ mac-address !00:50:56:38:d1:d5
+ }
+ }
+ rule 905 {
+ action drop
+ description Anti-spoofing_77.68.117.202
+ source {
+ address 77.68.117.202
+ mac-address !00:50:56:01:b2:9f
+ }
+ }
+ rule 906 {
+ action drop
+ description Anti-spoofing_77.68.86.40
+ source {
+ address 77.68.86.40
+ mac-address !00:50:56:03:e2:49
+ }
+ }
+ rule 907 {
+ action drop
+ description Anti-spoofing_77.68.49.126
+ source {
+ address 77.68.49.126
+ mac-address !00:50:56:3b:47:f3
+ }
+ }
+ rule 909 {
+ action drop
+ description Anti-spoofing_77.68.77.100
+ source {
+ address 77.68.77.100
+ mac-address !00:50:56:34:d7:5b
+ }
+ }
+ rule 910 {
+ action drop
+ description Anti-spoofing_109.228.46.196
+ source {
+ address 109.228.46.196
+ mac-address !00:50:56:1a:a0:0e
+ }
+ }
+ rule 911 {
+ action drop
+ description Anti-spoofing_77.68.77.72
+ source {
+ address 77.68.77.72
+ mac-address !00:50:56:1e:67:f7
+ }
+ }
+ rule 912 {
+ action drop
+ description Anti-spoofing_185.132.43.28
+ source {
+ address 185.132.43.28
+ mac-address !00:50:56:35:a5:36
+ }
+ }
+ rule 913 {
+ action drop
+ description Anti-spoofing_77.68.103.19
+ source {
+ address 77.68.103.19
+ mac-address !00:50:56:27:34:a3
+ }
+ }
+ rule 914 {
+ action drop
+ description Anti-spoofing_77.68.118.104
+ source {
+ address 77.68.118.104
+ mac-address !00:50:56:2d:f8:d7
+ }
+ }
+ rule 915 {
+ action drop
+ description Anti-spoofing_77.68.116.183
+ source {
+ address 77.68.116.183
+ mac-address !00:50:56:17:23:d4
+ }
+ }
+ rule 916 {
+ action drop
+ description Anti-spoofing_77.68.76.107
+ source {
+ address 77.68.76.107
+ mac-address !00:50:56:36:c0:da
+ }
+ }
+ rule 917 {
+ action drop
+ description Anti-spoofing_77.68.93.164
+ source {
+ address 77.68.93.164
+ mac-address !00:50:56:36:cd:1a
+ }
+ }
+ rule 918 {
+ action drop
+ description Anti-spoofing_77.68.5.241
+ source {
+ address 77.68.5.241
+ mac-address !00:50:56:11:2d:22
+ }
+ }
+ rule 919 {
+ action drop
+ description Anti-spoofing_185.132.43.98
+ source {
+ address 185.132.43.98
+ mac-address !00:50:56:20:7b:87
+ }
+ }
+ rule 920 {
+ action drop
+ description Anti-spoofing_77.68.76.241
+ source {
+ address 77.68.76.241
+ mac-address !00:50:56:00:50:f6
+ }
+ }
+ rule 921 {
+ action drop
+ description Anti-spoofing_77.68.74.232
+ source {
+ address 77.68.74.232
+ mac-address !00:50:56:19:df:41
+ }
+ }
+ rule 922 {
+ action drop
+ description Anti-spoofing_77.68.76.26
+ source {
+ address 77.68.76.26
+ mac-address !00:50:56:36:c0:da
+ }
+ }
+ rule 923 {
+ action drop
+ description Anti-spoofing_77.68.28.207
+ source {
+ address 77.68.28.207
+ mac-address !00:50:56:36:41:da
+ }
+ }
+ rule 924 {
+ action drop
+ description Anti-spoofing_77.68.29.178
+ source {
+ address 77.68.29.178
+ mac-address !00:50:56:21:81:be
+ }
+ }
+ rule 925 {
+ action drop
+ description Anti-spoofing_77.68.121.119
+ source {
+ address 77.68.121.119
+ mac-address !00:50:56:0b:d8:e1
+ }
+ }
+ rule 926 {
+ action drop
+ description Anti-spoofing_77.68.126.22
+ source {
+ address 77.68.126.22
+ mac-address !00:50:56:32:62:56
+ }
+ }
+ rule 927 {
+ action drop
+ description Anti-spoofing_109.228.61.31
+ source {
+ address 109.228.61.31
+ mac-address !00:50:56:21:a0:04
+ }
+ }
+ rule 928 {
+ action drop
+ description Anti-spoofing_77.68.114.205
+ source {
+ address 77.68.114.205
+ mac-address !00:50:56:2a:f1:3f
+ }
+ }
+ rule 929 {
+ action drop
+ description Anti-spoofing_77.68.75.113
+ source {
+ address 77.68.75.113
+ mac-address !00:50:56:33:6c:b9
+ }
+ }
+ rule 930 {
+ action drop
+ description Anti-spoofing_77.68.79.206
+ source {
+ address 77.68.79.206
+ mac-address !00:50:56:36:86:66
+ }
+ }
+ rule 931 {
+ action drop
+ description Anti-spoofing_88.208.198.64
+ source {
+ address 88.208.198.64
+ mac-address !00:50:56:39:2c:fe
+ }
+ }
+ rule 932 {
+ action drop
+ description Anti-spoofing_77.68.77.161
+ source {
+ address 77.68.77.161
+ mac-address !00:50:56:0a:7e:6c
+ }
+ }
+ rule 933 {
+ action drop
+ description Anti-spoofing_77.68.114.237
+ source {
+ address 77.68.114.237
+ mac-address !00:50:56:16:f4:39
+ }
+ }
+ rule 934 {
+ action drop
+ description Anti-spoofing_109.228.36.119
+ source {
+ address 109.228.36.119
+ mac-address !00:50:56:28:63:37
+ }
+ }
+ rule 935 {
+ action drop
+ description Anti-spoofing_77.68.76.254
+ source {
+ address 77.68.76.254
+ mac-address !00:50:56:3b:49:08
+ }
+ }
+ rule 936 {
+ action drop
+ description Anti-spoofing_77.68.77.231
+ source {
+ address 77.68.77.231
+ mac-address !00:50:56:36:78:72
+ }
+ }
+ rule 937 {
+ action drop
+ description Anti-spoofing_77.68.7.172
+ source {
+ address 77.68.7.172
+ mac-address !00:50:56:19:39:45
+ }
+ }
+ rule 938 {
+ action drop
+ description Anti-spoofing_77.68.77.62
+ source {
+ address 77.68.77.62
+ mac-address !00:50:56:04:8c:b4
+ }
+ }
+ rule 939 {
+ action drop
+ description Anti-spoofing_77.68.77.215
+ source {
+ address 77.68.77.215
+ mac-address !00:50:56:35:f3:5a
+ }
+ }
+ rule 940 {
+ action drop
+ description Anti-spoofing_77.68.6.105
+ source {
+ address 77.68.6.105
+ mac-address !00:50:56:03:0e:07
+ }
+ }
+ rule 941 {
+ action drop
+ description Anti-spoofing_77.68.33.37
+ source {
+ address 77.68.33.37
+ mac-address !00:50:56:00:6b:a3
+ }
+ }
+ rule 942 {
+ action drop
+ description Anti-spoofing_77.68.4.180
+ source {
+ address 77.68.4.180
+ mac-address !00:50:56:11:6c:dc
+ }
+ }
+ rule 943 {
+ action drop
+ description Anti-spoofing_77.68.78.229
+ source {
+ address 77.68.78.229
+ mac-address !00:50:56:1e:58:2f
+ }
+ }
+ rule 944 {
+ action drop
+ description Anti-spoofing_77.68.73.73
+ source {
+ address 77.68.73.73
+ mac-address !00:50:56:38:d7:1a
+ }
+ }
+ rule 945 {
+ action drop
+ description Anti-spoofing_77.68.2.215
+ source {
+ address 77.68.2.215
+ mac-address !00:50:56:31:3c:87
+ }
+ }
+ rule 946 {
+ action drop
+ description Anti-spoofing_77.68.48.81
+ source {
+ address 77.68.48.81
+ mac-address !00:50:56:3a:13:df
+ }
+ }
+ rule 947 {
+ action drop
+ description Anti-spoofing_213.171.214.102
+ source {
+ address 213.171.214.102
+ mac-address !00:50:56:00:60:5a
+ }
+ }
+ rule 948 {
+ action drop
+ description Anti-spoofing_77.68.123.177
+ source {
+ address 77.68.123.177
+ mac-address !00:50:56:3c:07:ef
+ }
+ }
+ rule 949 {
+ action drop
+ description Anti-spoofing_77.68.7.160
+ source {
+ address 77.68.7.160
+ mac-address !00:50:56:09:6e:79
+ }
+ }
+ rule 950 {
+ action drop
+ description Anti-spoofing_77.68.24.59
+ source {
+ address 77.68.24.59
+ mac-address !00:50:56:3c:b7:c1
+ }
+ }
+ rule 951 {
+ action drop
+ description Anti-spoofing_77.68.80.97
+ source {
+ address 77.68.80.97
+ mac-address !00:50:56:15:cc:c6
+ }
+ }
+ rule 952 {
+ action drop
+ description Anti-spoofing_77.68.7.67
+ source {
+ address 77.68.7.67
+ mac-address !00:50:56:13:92:b7
+ }
+ }
+ rule 953 {
+ action drop
+ description Anti-spoofing_109.228.36.79
+ source {
+ address 109.228.36.79
+ mac-address !00:50:56:17:c9:65
+ }
+ }
+ rule 954 {
+ action drop
+ description Anti-spoofing_77.68.32.43
+ source {
+ address 77.68.32.43
+ mac-address !00:50:56:13:6d:02
+ }
+ }
+ rule 955 {
+ action drop
+ description Anti-spoofing_77.68.90.106
+ source {
+ address 77.68.90.106
+ mac-address !00:50:56:1b:6d:fb
+ }
+ }
+ rule 956 {
+ action drop
+ description Anti-spoofing_77.68.77.174
+ source {
+ address 77.68.77.174
+ mac-address !00:50:56:2a:61:0b
+ }
+ }
+ rule 957 {
+ action drop
+ description Anti-spoofing_77.68.94.181
+ source {
+ address 77.68.94.181
+ mac-address !00:50:56:0b:7c:cc
+ }
+ }
+ rule 958 {
+ action drop
+ description Anti-spoofing_77.68.4.136
+ source {
+ address 77.68.4.136
+ mac-address !00:50:56:10:4d:5c
+ }
+ }
+ rule 959 {
+ action drop
+ description Anti-spoofing_77.68.32.31
+ source {
+ address 77.68.32.31
+ mac-address !00:50:56:0a:f5:03
+ }
+ }
+ rule 960 {
+ action drop
+ description Anti-spoofing_77.68.30.133
+ source {
+ address 77.68.30.133
+ mac-address !00:50:56:3a:96:4e
+ }
+ }
+ rule 961 {
+ action drop
+ description Anti-spoofing_77.68.72.202
+ source {
+ address 77.68.72.202
+ mac-address !00:50:56:2e:ca:a2
+ }
+ }
+ rule 962 {
+ action drop
+ description Anti-spoofing_77.68.81.141
+ source {
+ address 77.68.81.141
+ mac-address !00:50:56:00:07:47
+ }
+ }
+ rule 963 {
+ action drop
+ description Anti-spoofing_77.68.27.54
+ source {
+ address 77.68.27.54
+ mac-address !00:50:56:37:ad:51
+ }
+ }
+ rule 964 {
+ action drop
+ description Anti-spoofing_77.68.32.254
+ source {
+ address 77.68.32.254
+ mac-address !00:50:56:2d:d0:36
+ }
+ }
+ rule 965 {
+ action drop
+ description Anti-spoofing_77.68.10.152
+ source {
+ address 77.68.10.152
+ mac-address !00:50:56:38:d7:1a
+ }
+ }
+ rule 967 {
+ action drop
+ description Anti-spoofing_109.228.47.223
+ source {
+ address 109.228.47.223
+ mac-address !00:50:56:02:f7:24
+ }
+ }
+ rule 968 {
+ action drop
+ description Anti-spoofing_77.68.5.125
+ source {
+ address 77.68.5.125
+ mac-address !00:50:56:16:21:98
+ }
+ }
+ rule 969 {
+ action drop
+ description Anti-spoofing_77.68.119.14
+ source {
+ address 77.68.119.14
+ mac-address !00:50:56:2e:87:33
+ }
+ }
+ rule 970 {
+ action drop
+ description Anti-spoofing_77.68.117.51
+ source {
+ address 77.68.117.51
+ mac-address !00:50:56:17:c0:6c
+ }
+ }
+ rule 971 {
+ action drop
+ description Anti-spoofing_77.68.118.102
+ source {
+ address 77.68.118.102
+ mac-address !00:50:56:3e:06:ca
+ }
+ }
+ rule 972 {
+ action drop
+ description Anti-spoofing_185.132.43.71
+ source {
+ address 185.132.43.71
+ mac-address !00:50:56:2d:6a:8d
+ }
+ }
+ rule 973 {
+ action drop
+ description Anti-spoofing_77.68.112.91
+ source {
+ address 77.68.112.91
+ mac-address !00:50:56:2b:c3:9f
+ }
+ }
+ rule 974 {
+ action drop
+ description Anti-spoofing_77.68.116.232
+ source {
+ address 77.68.116.232
+ mac-address !00:50:56:2a:f9:fd
+ }
+ }
+ rule 976 {
+ action drop
+ description Anti-spoofing_77.68.82.157
+ source {
+ address 77.68.82.157
+ mac-address !00:50:56:3d:81:41
+ }
+ }
+ rule 977 {
+ action drop
+ description Anti-spoofing_77.68.117.222
+ source {
+ address 77.68.117.222
+ mac-address !00:50:56:16:92:58
+ }
+ }
+ rule 978 {
+ action drop
+ description Anti-spoofing_77.68.118.15
+ source {
+ address 77.68.118.15
+ mac-address !00:50:56:28:28:de
+ }
+ }
+ rule 979 {
+ action drop
+ description Anti-spoofing_77.68.117.173
+ source {
+ address 77.68.117.173
+ mac-address !00:50:56:12:7a:57
+ }
+ }
+ rule 980 {
+ action drop
+ description Anti-spoofing_77.68.83.41
+ source {
+ address 77.68.83.41
+ mac-address !00:50:56:13:ef:0e
+ }
+ }
+ rule 981 {
+ action drop
+ description Anti-spoofing_77.68.4.57
+ source {
+ address 77.68.4.57
+ mac-address !00:50:56:23:f0:c3
+ }
+ }
+ rule 983 {
+ action drop
+ description Anti-spoofing_77.68.118.86
+ source {
+ address 77.68.118.86
+ mac-address !00:50:56:03:73:3d
+ }
+ }
+ rule 984 {
+ action drop
+ description Anti-spoofing_109.228.56.26
+ source {
+ address 109.228.56.26
+ mac-address !00:50:56:36:47:8c
+ }
+ }
+ rule 985 {
+ action drop
+ description Anti-spoofing_109.228.38.171
+ source {
+ address 109.228.38.171
+ mac-address !00:50:56:18:da:1c
+ }
+ }
+ rule 986 {
+ action drop
+ description Anti-spoofing_77.68.91.128
+ source {
+ address 77.68.91.128
+ mac-address !00:50:56:34:d0:41
+ }
+ }
+ rule 987 {
+ action drop
+ description Anti-spoofing_77.68.79.89
+ source {
+ address 77.68.79.89
+ mac-address !00:50:56:14:67:52
+ }
+ }
+ rule 988 {
+ action drop
+ description Anti-spoofing_88.208.198.66
+ source {
+ address 88.208.198.66
+ mac-address !00:50:56:3c:e0:8d
+ }
+ }
+ rule 989 {
+ action drop
+ description Anti-spoofing_77.68.118.88
+ source {
+ address 77.68.118.88
+ mac-address !00:50:56:2f:ac:5f
+ }
+ }
+ rule 990 {
+ action drop
+ description Anti-spoofing_109.228.60.215
+ source {
+ address 109.228.60.215
+ mac-address !00:50:56:2b:59:35
+ }
+ }
+ rule 991 {
+ action drop
+ description Anti-spoofing_109.228.55.82
+ source {
+ address 109.228.55.82
+ mac-address !00:50:56:32:15:bc
+ }
+ }
+ rule 992 {
+ action drop
+ description Anti-spoofing_77.68.48.14
+ source {
+ address 77.68.48.14
+ mac-address !00:50:56:2e:2e:5a
+ }
+ }
+ rule 993 {
+ action drop
+ description Anti-spoofing_77.68.7.186
+ source {
+ address 77.68.7.186
+ mac-address !00:50:56:06:63:ae
+ }
+ }
+ rule 994 {
+ action drop
+ description Anti-spoofing_77.68.74.209
+ source {
+ address 77.68.74.209
+ mac-address !00:50:56:01:c5:88
+ }
+ }
+ rule 995 {
+ action drop
+ description Anti-spoofing_77.68.6.32
+ source {
+ address 77.68.6.32
+ mac-address !00:50:56:19:b2:9e
+ }
+ }
+ rule 996 {
+ action drop
+ description Anti-spoofing_77.68.6.210
+ source {
+ address 77.68.6.210
+ mac-address !00:50:56:03:16:58
+ }
+ }
+ rule 997 {
+ action drop
+ description Anti-spoofing_77.68.34.26
+ source {
+ address 77.68.34.26
+ mac-address !00:50:56:16:f0:f3
+ }
+ }
+ rule 998 {
+ action drop
+ description Anti-spoofing_77.68.77.238
+ source {
+ address 77.68.77.238
+ mac-address !00:50:56:25:b8:e7
+ }
+ }
+ rule 999 {
+ action drop
+ description Anti-spoofing_77.68.35.116
+ source {
+ address 77.68.35.116
+ mac-address !00:50:56:22:c6:b9
+ }
+ }
+ rule 1000 {
+ action drop
+ description Anti-spoofing_77.68.23.112
+ source {
+ address 77.68.23.112
+ mac-address !00:50:56:1f:06:9f
+ }
+ }
+ rule 1001 {
+ action drop
+ description Anti-spoofing_77.68.120.241
+ source {
+ address 77.68.120.241
+ mac-address !00:50:56:18:1e:aa
+ }
+ }
+ rule 1002 {
+ action drop
+ description Anti-spoofing_77.68.34.28
+ source {
+ address 77.68.34.28
+ mac-address !00:50:56:24:5e:9a
+ }
+ }
+ rule 1003 {
+ action drop
+ description Anti-spoofing_77.68.122.195
+ source {
+ address 77.68.122.195
+ mac-address !00:50:56:0d:fd:66
+ }
+ }
+ rule 1004 {
+ action drop
+ description Anti-spoofing_77.68.126.14
+ source {
+ address 77.68.126.14
+ mac-address !00:50:56:02:46:82
+ }
+ }
+ rule 1005 {
+ action drop
+ description Anti-spoofing_109.228.38.117
+ source {
+ address 109.228.38.117
+ mac-address !00:50:56:05:55:f0
+ }
+ }
+ rule 1006 {
+ action drop
+ description Anti-spoofing_77.68.33.171
+ source {
+ address 77.68.33.171
+ mac-address !00:50:56:07:69:46
+ }
+ }
+ rule 1007 {
+ action drop
+ description Anti-spoofing_77.68.24.220
+ source {
+ address 77.68.24.220
+ mac-address !00:50:56:1f:53:df
+ }
+ }
+ rule 1008 {
+ action drop
+ description Anti-spoofing_88.208.197.23
+ source {
+ address 88.208.197.23
+ mac-address !00:50:56:23:fa:2f
+ }
+ }
+ rule 1009 {
+ action drop
+ description Anti-spoofing_77.68.80.26
+ source {
+ address 77.68.80.26
+ mac-address !00:50:56:21:23:8e
+ }
+ }
+ rule 1010 {
+ action drop
+ description Anti-spoofing_77.68.32.83
+ source {
+ address 77.68.32.83
+ mac-address !00:50:56:26:5d:1a
+ }
+ }
+ rule 1011 {
+ action drop
+ description Anti-spoofing_77.68.95.42
+ source {
+ address 77.68.95.42
+ mac-address !00:50:56:00:77:9a
+ }
+ }
+ rule 1012 {
+ action drop
+ description Anti-spoofing_213.171.209.217
+ source {
+ address 213.171.209.217
+ mac-address !00:50:56:18:7b:c2
+ }
+ }
+ rule 1014 {
+ action drop
+ description Anti-spoofing_109.228.39.249
+ source {
+ address 109.228.39.249
+ mac-address !00:50:56:0e:4b:f9
+ }
+ }
+ rule 1015 {
+ action drop
+ description Anti-spoofing_77.68.32.86
+ source {
+ address 77.68.32.86
+ mac-address !00:50:56:29:ff:6f
+ }
+ }
+ rule 1016 {
+ action drop
+ description Anti-spoofing_77.68.125.218
+ source {
+ address 77.68.125.218
+ mac-address !00:50:56:2f:4d:38
+ }
+ }
+ rule 1017 {
+ action drop
+ description Anti-spoofing_77.68.17.186
+ source {
+ address 77.68.17.186
+ mac-address !00:50:56:2e:6b:f3
+ }
+ }
+ rule 1018 {
+ action drop
+ description Anti-spoofing_77.68.12.45
+ source {
+ address 77.68.12.45
+ mac-address !00:50:56:15:e4:38
+ }
+ }
+ rule 1019 {
+ action drop
+ description Anti-spoofing_109.228.40.247
+ source {
+ address 109.228.40.247
+ mac-address !00:50:56:20:62:b7
+ }
+ }
+ rule 1020 {
+ action drop
+ description Anti-spoofing_77.68.32.89
+ source {
+ address 77.68.32.89
+ mac-address !00:50:56:2e:21:46
+ }
+ }
+ rule 1022 {
+ action drop
+ description Anti-spoofing_77.68.34.138
+ source {
+ address 77.68.34.138
+ mac-address !00:50:56:10:0a:08
+ }
+ }
+ rule 1023 {
+ action drop
+ description Anti-spoofing_77.68.34.139
+ source {
+ address 77.68.34.139
+ mac-address !00:50:56:0d:24:2f
+ }
+ }
+ rule 1024 {
+ action drop
+ description Anti-spoofing_213.171.208.40
+ source {
+ address 213.171.208.40
+ mac-address !00:50:56:07:df:6e
+ }
+ }
+ rule 1026 {
+ action drop
+ description Anti-spoofing_109.228.40.226
+ source {
+ address 109.228.40.226
+ mac-address !00:50:56:2d:c8:2a
+ }
+ }
+ rule 1028 {
+ action drop
+ description Anti-spoofing_185.132.39.109
+ source {
+ address 185.132.39.109
+ mac-address !00:50:56:2c:3e:98
+ }
+ }
+ rule 1029 {
+ action drop
+ description Anti-spoofing_109.228.40.207
+ source {
+ address 109.228.40.207
+ mac-address !00:50:56:04:ba:9c
+ }
+ }
+ rule 1030 {
+ action drop
+ description Anti-spoofing_77.68.48.89
+ source {
+ address 77.68.48.89
+ mac-address !00:50:56:33:b3:05
+ }
+ }
+ rule 1031 {
+ action drop
+ description Anti-spoofing_77.68.48.105
+ source {
+ address 77.68.48.105
+ mac-address !00:50:56:13:8d:55
+ }
+ }
+ rule 1032 {
+ action drop
+ description Anti-spoofing_77.68.50.142
+ source {
+ address 77.68.50.142
+ mac-address !00:50:56:2e:58:85
+ }
+ }
+ rule 1033 {
+ action drop
+ description Anti-spoofing_77.68.49.12
+ source {
+ address 77.68.49.12
+ mac-address !00:50:56:0f:ed:da
+ }
+ }
+ rule 1034 {
+ action drop
+ description Anti-spoofing_77.68.85.18
+ source {
+ address 77.68.85.18
+ mac-address !00:50:56:3b:0a:8b
+ }
+ }
+ rule 1035 {
+ action drop
+ description Anti-spoofing_77.68.49.4
+ source {
+ address 77.68.49.4
+ mac-address !00:50:56:05:e5:05
+ }
+ }
+ rule 1036 {
+ action drop
+ description Anti-spoofing_109.228.37.187
+ source {
+ address 109.228.37.187
+ mac-address !00:50:56:37:21:f0
+ }
+ }
+ rule 1037 {
+ action drop
+ description Anti-spoofing_77.68.49.178
+ source {
+ address 77.68.49.178
+ mac-address !00:50:56:26:00:f7
+ }
+ }
+ rule 1038 {
+ action drop
+ description Anti-spoofing_77.68.82.147
+ source {
+ address 77.68.82.147
+ mac-address !00:50:56:13:75:25
+ }
+ }
+ rule 1040 {
+ action drop
+ description Anti-spoofing_77.68.24.134
+ source {
+ address 77.68.24.134
+ mac-address !00:50:56:29:0b:02
+ }
+ }
+ rule 1041 {
+ action drop
+ description Anti-spoofing_77.68.24.63
+ source {
+ address 77.68.24.63
+ mac-address !00:50:56:08:7e:4a
+ }
+ }
+ rule 1042 {
+ action drop
+ description Anti-spoofing_77.68.50.91
+ source {
+ address 77.68.50.91
+ mac-address !00:50:56:35:b6:4f
+ }
+ }
+ rule 1043 {
+ action drop
+ description Anti-spoofing_77.68.49.160
+ source {
+ address 77.68.49.160
+ mac-address !00:50:56:0e:29:ce
+ }
+ }
+ rule 1044 {
+ action drop
+ description Anti-spoofing_77.68.116.84
+ source {
+ address 77.68.116.84
+ mac-address !00:50:56:2d:e7:75
+ }
+ }
+ rule 1045 {
+ action drop
+ description Anti-spoofing_77.68.126.160
+ source {
+ address 77.68.126.160
+ mac-address !00:50:56:19:a1:cf
+ }
+ }
+ rule 1046 {
+ action drop
+ description Anti-spoofing_185.132.41.240
+ source {
+ address 185.132.41.240
+ mac-address !00:50:56:08:f6:7c
+ }
+ }
+ rule 1047 {
+ action drop
+ description Anti-spoofing_77.68.50.193
+ source {
+ address 77.68.50.193
+ mac-address !00:50:56:0f:44:05
+ }
+ }
+ rule 1048 {
+ action drop
+ description Anti-spoofing_77.68.49.161
+ source {
+ address 77.68.49.161
+ mac-address !00:50:56:09:4a:87
+ }
+ }
+ rule 1049 {
+ action drop
+ description Anti-spoofing_109.228.58.134
+ source {
+ address 109.228.58.134
+ mac-address !00:50:56:06:82:eb
+ }
+ }
+ rule 1050 {
+ action drop
+ description Anti-spoofing_185.132.36.56
+ source {
+ address 185.132.36.56
+ mac-address !00:50:56:11:89:a1
+ }
+ }
+ rule 1051 {
+ action drop
+ description Anti-spoofing_77.68.50.198
+ source {
+ address 77.68.50.198
+ mac-address !00:50:56:21:8f:66
+ }
+ }
+ rule 1052 {
+ action drop
+ description Anti-spoofing_77.68.100.150
+ source {
+ address 77.68.100.150
+ mac-address !00:50:56:3a:15:0a
+ }
+ }
+ rule 1053 {
+ action drop
+ description Anti-spoofing_88.208.196.91
+ source {
+ address 88.208.196.91
+ mac-address !00:50:56:0a:06:31
+ }
+ }
+ rule 1054 {
+ action drop
+ description Anti-spoofing_185.132.41.148
+ source {
+ address 185.132.41.148
+ mac-address !00:50:56:3b:d9:ec
+ }
+ }
+ rule 1055 {
+ action drop
+ description Anti-spoofing_213.171.210.25
+ source {
+ address 213.171.210.25
+ mac-address !00:50:56:0a:b8:6c
+ }
+ }
+ rule 1056 {
+ action drop
+ description Anti-spoofing_77.68.51.214
+ source {
+ address 77.68.51.214
+ mac-address !00:50:56:16:29:41
+ }
+ }
+ rule 1057 {
+ action drop
+ description Anti-spoofing_77.68.51.202
+ source {
+ address 77.68.51.202
+ mac-address !00:50:56:24:5a:0f
+ }
+ }
+ rule 1058 {
+ action drop
+ description Anti-spoofing_77.68.100.132
+ source {
+ address 77.68.100.132
+ mac-address !00:50:56:27:18:b7
+ }
+ }
+ rule 1059 {
+ action drop
+ description Anti-spoofing_77.68.77.42
+ source {
+ address 77.68.77.42
+ mac-address !00:50:56:34:d1:d5
+ }
+ }
+ rule 1060 {
+ action drop
+ description Anti-spoofing_109.228.39.41
+ source {
+ address 109.228.39.41
+ mac-address !00:50:56:2e:6a:41
+ }
+ }
+ rule 1061 {
+ action drop
+ description Anti-spoofing_77.68.100.134
+ source {
+ address 77.68.100.134
+ mac-address !00:50:56:19:a0:13
+ }
+ }
+ rule 1062 {
+ action drop
+ description Anti-spoofing_77.68.89.247
+ source {
+ address 77.68.89.247
+ mac-address !00:50:56:2b:ed:68
+ }
+ }
+ rule 1063 {
+ action drop
+ description Anti-spoofing_77.68.101.64
+ source {
+ address 77.68.101.64
+ mac-address !00:50:56:24:5a:0f
+ }
+ }
+ rule 1064 {
+ action drop
+ description Anti-spoofing_88.208.199.249
+ source {
+ address 88.208.199.249
+ mac-address !00:50:56:16:3e:ed
+ }
+ }
+ rule 1065 {
+ action drop
+ description Anti-spoofing_77.68.101.124
+ source {
+ address 77.68.101.124
+ mac-address !00:50:56:15:0e:e0
+ }
+ }
+ rule 1066 {
+ action drop
+ description Anti-spoofing_77.68.101.125
+ source {
+ address 77.68.101.125
+ mac-address !00:50:56:33:ce:ff
+ }
+ }
+ rule 1068 {
+ action drop
+ description Anti-spoofing_77.68.100.167
+ source {
+ address 77.68.100.167
+ mac-address !00:50:56:34:b3:5d
+ }
+ }
+ rule 1069 {
+ action drop
+ description Anti-spoofing_77.68.49.152
+ source {
+ address 77.68.49.152
+ mac-address !00:50:56:1a:06:95
+ }
+ }
+ rule 1070 {
+ action drop
+ description Anti-spoofing_77.68.103.147
+ source {
+ address 77.68.103.147
+ mac-address !00:50:56:2e:52:7f
+ }
+ }
+ rule 1071 {
+ action drop
+ description Anti-spoofing_77.68.48.202
+ source {
+ address 77.68.48.202
+ mac-address !00:50:56:0b:da:01
+ }
+ }
+ rule 1072 {
+ action drop
+ description Anti-spoofing_77.68.112.175
+ source {
+ address 77.68.112.175
+ mac-address !00:50:56:05:9e:e5
+ }
+ }
+ rule 1073 {
+ action drop
+ description Anti-spoofing_109.228.56.97
+ source {
+ address 109.228.56.97
+ mac-address !00:50:56:36:cd:04
+ }
+ }
+ rule 1074 {
+ action drop
+ description Anti-spoofing_185.132.37.47
+ source {
+ address 185.132.37.47
+ mac-address !00:50:56:3a:de:38
+ }
+ }
+ rule 1075 {
+ action drop
+ description Anti-spoofing_77.68.31.96
+ source {
+ address 77.68.31.96
+ mac-address !00:50:56:07:d0:cf
+ }
+ }
+ rule 1076 {
+ action drop
+ description Anti-spoofing_109.228.61.37
+ source {
+ address 109.228.61.37
+ mac-address !00:50:56:1a:93:80
+ }
+ }
+ rule 1077 {
+ action drop
+ description Anti-spoofing_77.68.33.24
+ source {
+ address 77.68.33.24
+ mac-address !00:50:56:0d:ae:e8
+ }
+ }
+ rule 1078 {
+ action drop
+ description Anti-spoofing_88.208.197.135
+ source {
+ address 88.208.197.135
+ mac-address !00:50:56:3b:39:6b
+ }
+ }
+ rule 1079 {
+ action drop
+ description Anti-spoofing_77.68.103.227
+ source {
+ address 77.68.103.227
+ mac-address !00:50:56:28:cd:95
+ }
+ }
+ rule 1080 {
+ action drop
+ description Anti-spoofing_185.132.38.182
+ source {
+ address 185.132.38.182
+ mac-address !00:50:56:39:4b:e3
+ }
+ }
+ rule 1081 {
+ action drop
+ description Anti-spoofing_88.208.197.118
+ source {
+ address 88.208.197.118
+ mac-address !00:50:56:2c:cd:e3
+ }
+ }
+ rule 1082 {
+ action drop
+ description Anti-spoofing_88.208.196.92
+ source {
+ address 88.208.196.92
+ mac-address !00:50:56:05:77:19
+ }
+ }
+ rule 1083 {
+ action drop
+ description Anti-spoofing_88.208.197.150
+ source {
+ address 88.208.197.150
+ mac-address !00:50:56:0c:ae:6c
+ }
+ }
+ rule 1084 {
+ action drop
+ description Anti-spoofing_88.208.215.121
+ source {
+ address 88.208.215.121
+ mac-address !00:50:56:16:0b:60
+ }
+ }
+ rule 1085 {
+ action drop
+ description Anti-spoofing_88.208.197.10
+ source {
+ address 88.208.197.10
+ mac-address !00:50:56:1c:8b:fb
+ }
+ }
+ rule 1086 {
+ action drop
+ description Anti-spoofing_88.208.198.69
+ source {
+ address 88.208.198.69
+ mac-address !00:50:56:06:e7:eb
+ }
+ }
+ rule 1087 {
+ action drop
+ description Anti-spoofing_88.208.197.155
+ source {
+ address 88.208.197.155
+ mac-address !00:50:56:39:39:8e
+ }
+ }
+ rule 1088 {
+ action drop
+ description Anti-spoofing_88.208.198.39
+ source {
+ address 88.208.198.39
+ mac-address !00:50:56:22:2d:07
+ }
+ }
+ rule 1089 {
+ action drop
+ description Anti-spoofing_88.208.197.160
+ source {
+ address 88.208.197.160
+ mac-address !00:50:56:2e:03:9a
+ }
+ }
+ rule 1090 {
+ action drop
+ description Anti-spoofing_88.208.197.60
+ source {
+ address 88.208.197.60
+ mac-address !00:50:56:3e:59:7c
+ }
+ }
+ rule 1091 {
+ action drop
+ description Anti-spoofing_77.68.102.129
+ source {
+ address 77.68.102.129
+ mac-address !00:50:56:2c:9d:a5
+ }
+ }
+ rule 1092 {
+ action drop
+ description Anti-spoofing_88.208.196.123
+ source {
+ address 88.208.196.123
+ mac-address !00:50:56:21:ac:31
+ }
+ }
+ rule 1093 {
+ action drop
+ description Anti-spoofing_88.208.215.61
+ source {
+ address 88.208.215.61
+ mac-address !00:50:56:05:91:dd
+ }
+ }
+ rule 1094 {
+ action drop
+ description Anti-spoofing_88.208.215.62
+ source {
+ address 88.208.215.62
+ mac-address !00:50:56:2d:ff:f4
+ }
+ }
+ rule 1095 {
+ action drop
+ description Anti-spoofing_88.208.199.141
+ source {
+ address 88.208.199.141
+ mac-address !00:50:56:10:8f:10
+ }
+ }
+ rule 1096 {
+ action drop
+ description Anti-spoofing_88.208.215.157
+ source {
+ address 88.208.215.157
+ mac-address !00:50:56:38:d7:1a
+ }
+ }
+ rule 1097 {
+ action drop
+ description Anti-spoofing_77.68.21.171
+ source {
+ address 77.68.21.171
+ mac-address !00:50:56:29:e0:5f
+ }
+ }
+ rule 1098 {
+ action drop
+ description Anti-spoofing_88.208.198.251
+ source {
+ address 88.208.198.251
+ mac-address !00:50:56:2b:2a:6a
+ }
+ }
+ rule 1099 {
+ action drop
+ description Anti-spoofing_88.208.199.233
+ source {
+ address 88.208.199.233
+ mac-address !00:50:56:1e:bf:95
+ }
+ }
+ rule 1100 {
+ action drop
+ description Anti-spoofing_88.208.212.31
+ source {
+ address 88.208.212.31
+ mac-address !00:50:56:28:f4:aa
+ }
+ }
+ rule 1101 {
+ action drop
+ description Anti-spoofing_88.208.197.129
+ source {
+ address 88.208.197.129
+ mac-address !00:50:56:1f:71:bf
+ }
+ }
+ rule 1102 {
+ action drop
+ description Anti-spoofing_88.208.199.46
+ source {
+ address 88.208.199.46
+ mac-address !00:50:56:34:dc:e5
+ }
+ }
+ rule 1103 {
+ action drop
+ description Anti-spoofing_88.208.212.94
+ source {
+ address 88.208.212.94
+ mac-address !00:50:56:3d:f5:16
+ }
+ }
+ rule 1105 {
+ action drop
+ description Anti-spoofing_88.208.212.182
+ source {
+ address 88.208.212.182
+ mac-address !00:50:56:12:e4:1b
+ }
+ }
+ rule 1108 {
+ action drop
+ description Anti-spoofing_88.208.212.188
+ source {
+ address 88.208.212.188
+ mac-address !00:50:56:36:a8:9e
+ }
+ }
+ rule 1500 {
+ action drop
+ description "Block port 11211-udp"
+ protocol udp
+ source {
+ group {
+ address-group CLUSTER_ADDRESSES
+ }
+ port 11211
+ }
+ }
+ rule 1510 {
+ action drop
+ description "Test Drive - Outgoing traffic blocked"
+ destination {
+ group {
+ network-group !NAS_NETWORKS
+ }
+ }
+ source {
+ group {
+ address-group DT_BLOCKED
+ }
+ }
+ }
+ rule 1520 {
+ action drop
+ description "Deny outgoing SMTP to new contracts"
+ destination {
+ port smtp
+ }
+ protocol tcp
+ source {
+ group {
+ address-group DT_SMTP_BLOCKED
+ }
+ }
+ }
+ rule 1600 {
+ action accept
+ description "Allow unicast requests to DHCP servers"
+ destination {
+ group {
+ address-group DHCP_SERVERS
+ }
+ port bootps
+ }
+ protocol tcp_udp
+ source {
+ group {
+ address-group CLUSTER_ADDRESSES
+ }
+ }
+ }
+ rule 1610 {
+ action accept
+ description "Allow DNS queries to dnscache servers"
+ destination {
+ group {
+ address-group DNSCACHE_SERVERS
+ }
+ port 53
+ }
+ protocol tcp_udp
+ source {
+ group {
+ address-group CLUSTER_ADDRESSES
+ }
+ }
+ }
+ rule 1620 {
+ action accept
+ destination {
+ group {
+ address-group NAS_ARRAYS
+ }
+ }
+ source {
+ group {
+ address-group CLUSTER_ADDRESSES
+ }
+ }
+ }
+ rule 1630 {
+ action accept
+ description "Kerberos authentication to Domain Controllers"
+ destination {
+ group {
+ address-group NAS_DOMAIN_CONTROLLERS
+ }
+ port 88
+ }
+ protocol tcp_udp
+ source {
+ group {
+ address-group CLUSTER_ADDRESSES
+ }
+ }
+ }
+ rule 1640 {
+ action drop
+ description "Deny rest of the traffic to NAS"
+ destination {
+ group {
+ network-group NAS_NETWORKS
+ }
+ }
+ }
+ rule 2000 {
+ action accept
+ description "TOP port - SSH"
+ destination {
+ group {
+ address-group G-22-TCP
+ }
+ port ssh
+ }
+ protocol tcp
+ }
+ rule 2001 {
+ action accept
+ description "TOP port - RDESKTOP"
+ destination {
+ group {
+ address-group G-3389-TCP
+ }
+ port 3389
+ }
+ protocol tcp
+ }
+ rule 2002 {
+ action accept
+ description "TOP port - HTTP"
+ destination {
+ group {
+ address-group G-80-TCP
+ }
+ port http
+ }
+ protocol tcp
+ }
+ rule 2003 {
+ action accept
+ description "TOP port - HTTPS"
+ destination {
+ group {
+ address-group G-443-TCP
+ }
+ port https
+ }
+ protocol tcp
+ }
+ rule 2004 {
+ action accept
+ description "TOP port - DOMAIN TCP"
+ destination {
+ group {
+ address-group G-53-TCP
+ }
+ port domain
+ }
+ protocol tcp
+ }
+ rule 2005 {
+ action accept
+ description "TOP port - DOMAIN UDP"
+ destination {
+ group {
+ address-group G-53-UDP
+ }
+ port domain
+ }
+ protocol udp
+ }
+ rule 2006 {
+ action accept
+ description "TOP port - SMTP"
+ destination {
+ group {
+ address-group G-25-TCP
+ }
+ port smtp
+ }
+ protocol tcp
+ }
+ rule 2007 {
+ action accept
+ description "TOP port - IMAP"
+ destination {
+ group {
+ address-group G-143-TCP
+ }
+ port imap2
+ }
+ protocol tcp
+ }
+ rule 2008 {
+ action accept
+ description "TOP port - POP3"
+ destination {
+ group {
+ address-group G-110-TCP
+ }
+ port pop3
+ }
+ protocol tcp
+ }
+ rule 2009 {
+ action accept
+ description "TOP port - MSSQL TCP"
+ destination {
+ group {
+ address-group G-1433-TCP
+ }
+ port ms-sql-s
+ }
+ protocol tcp
+ }
+ rule 2010 {
+ action accept
+ description "TOP port - MYSQL TCP"
+ destination {
+ group {
+ address-group G-3306-TCP
+ }
+ port mysql
+ }
+ protocol tcp
+ }
+ rule 2011 {
+ action accept
+ description "TOP port - FTPDATA"
+ destination {
+ group {
+ address-group G-20-TCP
+ }
+ port ftp-data
+ }
+ protocol tcp
+ }
+ rule 2012 {
+ action accept
+ description "TOP port - FTP"
+ destination {
+ group {
+ address-group G-21-TCP
+ }
+ port ftp
+ }
+ protocol tcp
+ }
+ rule 2013 {
+ action accept
+ description "TOP port - SSMTP"
+ destination {
+ group {
+ address-group G-465-TCP
+ }
+ port ssmtp
+ }
+ protocol tcp
+ }
+ rule 2014 {
+ action accept
+ description "TOP port - SMTPS"
+ destination {
+ group {
+ address-group G-587-TCP
+ }
+ port 587
+ }
+ protocol tcp
+ }
+ rule 2015 {
+ action accept
+ description "TOP port - IMAPS"
+ destination {
+ group {
+ address-group G-993-TCP
+ }
+ port imaps
+ }
+ protocol tcp
+ }
+ rule 2016 {
+ action accept
+ description "TOP port - POP3S"
+ destination {
+ group {
+ address-group G-995-TCP
+ }
+ port pop3s
+ }
+ protocol tcp
+ }
+ rule 2017 {
+ action accept
+ description "TOP port - TOMCAT"
+ destination {
+ group {
+ address-group G-8080-TCP
+ }
+ port 8080
+ }
+ protocol tcp
+ }
+ rule 2018 {
+ action accept
+ description "TOP port - Alternative HTTPS"
+ destination {
+ group {
+ address-group G-8443-TCP
+ }
+ port 8443
+ }
+ protocol tcp
+ }
+ rule 2019 {
+ action accept
+ description "TOP port - 10000/TCP"
+ destination {
+ group {
+ address-group G-10000-TCP
+ }
+ port 10000
+ }
+ protocol tcp
+ }
+ rule 2020 {
+ action accept
+ description "TOP port - 8447/TCP"
+ destination {
+ group {
+ address-group G-8447-TCP
+ }
+ port 8447
+ }
+ protocol tcp
+ }
+ rule 2040 {
+ action accept
+ description "TOP port - All ports open"
+ destination {
+ group {
+ address-group G-ALL_OPEN
+ }
+ }
+ }
+ rule 2050 {
+ action accept
+ description "ICMP group"
+ destination {
+ group {
+ address-group G-ICMP
+ }
+ }
+ protocol icmp
+ }
+ rule 2100 {
+ action accept
+ description FW2BB8D_1-TCP-ALLOW-104.192.143.2
+ destination {
+ group {
+ address-group DT_FW2BB8D_1
+ }
+ port 7999,22
+ }
+ protocol tcp
+ source {
+ address 104.192.143.2
+ }
+ }
+ rule 2101 {
+ action accept
+ description FW19987_4-TCP-ALLOW-77.68.74.54
+ destination {
+ group {
+ address-group DT_FW19987_4
+ }
+ port 443
+ }
+ protocol tcp
+ source {
+ address 77.68.74.54
+ }
+ }
+ rule 2102 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-109.72.210.46
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 109.72.210.46
+ }
+ }
+ rule 2103 {
+ action accept
+ description FW5A77C_16-TCP-ALLOW-213.171.217.107
+ destination {
+ group {
+ address-group DT_FW5A77C_16
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 213.171.217.107
+ }
+ }
+ rule 2104 {
+ action accept
+ description FW826BA_3-TCP-ALLOW-164.177.156.192
+ destination {
+ group {
+ address-group DT_FW826BA_3
+ }
+ port 3389,1433,21
+ }
+ protocol tcp
+ source {
+ address 164.177.156.192
+ }
+ }
+ rule 2105 {
+ action accept
+ description FWDAA4F_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWDAA4F_1
+ }
+ port 22335
+ }
+ protocol tcp
+ }
+ rule 2106 {
+ action accept
+ description FW6D0CD_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW6D0CD_1
+ }
+ port 6900,7000
+ }
+ protocol tcp
+ }
+ rule 2107 {
+ action accept
+ description FW6D0CD_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW6D0CD_1
+ }
+ port 9001
+ }
+ protocol tcp_udp
+ }
+ rule 2108 {
+ action accept
+ description FW06176_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW06176_1
+ }
+ port 5900
+ }
+ protocol tcp
+ }
+ rule 2109 {
+ action accept
+ description FW19987_4-TCP-ALLOW-77.68.77.70
+ destination {
+ group {
+ address-group DT_FW19987_4
+ }
+ port 443
+ }
+ protocol tcp
+ source {
+ address 77.68.77.70
+ }
+ }
+ rule 2110 {
+ action accept
+ description FWF7B68_1-TCP-ALLOW-54.221.251.224
+ destination {
+ group {
+ address-group DT_FWF7B68_1
+ }
+ port 8443,3306,22,21,20
+ }
+ protocol tcp
+ source {
+ address 54.221.251.224
+ }
+ }
+ rule 2111 {
+ action accept
+ description FW05AD0_2-TCP-ALLOW-178.251.181.41
+ destination {
+ group {
+ address-group DT_FW05AD0_2
+ }
+ port 3389,1433,21
+ }
+ protocol tcp
+ source {
+ address 178.251.181.41
+ }
+ }
+ rule 2112 {
+ action accept
+ description FW05AD0_2-TCP-ALLOW-178.251.181.6
+ destination {
+ group {
+ address-group DT_FW05AD0_2
+ }
+ port 3389,1433,21
+ }
+ protocol tcp
+ source {
+ address 178.251.181.6
+ }
+ }
+ rule 2113 {
+ action accept
+ description VPN-7030-ANY-ALLOW-10.4.58.119
+ destination {
+ group {
+ address-group DT_VPN-7030
+ }
+ }
+ source {
+ address 10.4.58.119
+ }
+ }
+ rule 2114 {
+ action accept
+ description FW58C69_4-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW58C69_4
+ }
+ port 5666
+ }
+ protocol tcp
+ }
+ rule 2115 {
+ action accept
+ description FW2BB8D_1-TCP-ALLOW-185.201.180.35
+ destination {
+ group {
+ address-group DT_FW2BB8D_1
+ }
+ port 27017,5000,22
+ }
+ protocol tcp
+ source {
+ address 185.201.180.35
+ }
+ }
+ rule 2116 {
+ action accept
+ description FW19987_4-TCP-ALLOW-77.68.8.74
+ destination {
+ group {
+ address-group DT_FW19987_4
+ }
+ port 3389,445,443
+ }
+ protocol tcp
+ source {
+ address 77.68.8.74
+ }
+ }
+ rule 2117 {
+ action accept
+ description FW19987_4-TCP-ALLOW-87.224.33.215
+ destination {
+ group {
+ address-group DT_FW19987_4
+ }
+ port 3389,445,443
+ }
+ protocol tcp
+ source {
+ address 87.224.33.215
+ }
+ }
+ rule 2118 {
+ action accept
+ description FW5658C_1-TCP-ALLOW-212.159.160.65
+ destination {
+ group {
+ address-group DT_FW5658C_1
+ }
+ port 8443,3389,3306,22,21
+ }
+ protocol tcp
+ source {
+ address 212.159.160.65
+ }
+ }
+ rule 2119 {
+ action accept
+ description FW5658C_1-TCP-ALLOW-79.78.20.149
+ destination {
+ group {
+ address-group DT_FW5658C_1
+ }
+ port 8447,8443,3389,3306,993,143,22,21
+ }
+ protocol tcp
+ source {
+ address 79.78.20.149
+ }
+ }
+ rule 2120 {
+ action accept
+ description FW5658C_1-TCP-ALLOW-77.68.77.185
+ destination {
+ group {
+ address-group DT_FW5658C_1
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 77.68.77.185
+ }
+ }
+ rule 2121 {
+ action accept
+ description FW5658C_1-TCP-ALLOW-82.165.232.19
+ destination {
+ group {
+ address-group DT_FW5658C_1
+ }
+ port 8443,3389
+ }
+ protocol tcp
+ source {
+ address 82.165.232.19
+ }
+ }
+ rule 2122 {
+ action accept
+ description FW2C5AE_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW2C5AE_1
+ }
+ port 30303,5717
+ }
+ protocol tcp_udp
+ }
+ rule 2123 {
+ action accept
+ description VPN-12899-ANY-ALLOW-10.4.58.207
+ destination {
+ group {
+ address-group DT_VPN-12899
+ }
+ }
+ source {
+ address 10.4.58.207
+ }
+ }
+ rule 2124 {
+ action accept
+ description FW7648D_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW7648D_1
+ }
+ port 8501,8050,7801,4444,1443
+ }
+ protocol tcp
+ }
+ rule 2125 {
+ action accept
+ description FW0C2E6_4-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW0C2E6_4
+ }
+ port 1194
+ }
+ protocol udp
+ }
+ rule 2126 {
+ action accept
+ description FW5658C_1-TCP-ALLOW-39.37.175.132
+ destination {
+ group {
+ address-group DT_FW5658C_1
+ }
+ port 8443
+ }
+ protocol tcp
+ source {
+ address 39.37.175.132
+ }
+ }
+ rule 2127 {
+ action accept
+ description FW826BA_3-TCP-ALLOW-165.255.242.223
+ destination {
+ group {
+ address-group DT_FW826BA_3
+ }
+ port 3389,1433,21
+ }
+ protocol tcp
+ source {
+ address 165.255.242.223
+ }
+ }
+ rule 2128 {
+ action accept
+ description VPN-10131-ANY-ALLOW-10.4.56.51
+ destination {
+ group {
+ address-group DT_VPN-10131
+ }
+ }
+ source {
+ address 10.4.56.51
+ }
+ }
+ rule 2129 {
+ action accept
+ description FW2BB8D_1-TCP-ALLOW-212.227.84.142
+ destination {
+ group {
+ address-group DT_FW2BB8D_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 212.227.84.142
+ }
+ }
+ rule 2130 {
+ action accept
+ description FW2BB8D_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW2BB8D_1
+ }
+ port 53
+ }
+ protocol tcp_udp
+ }
+ rule 2131 {
+ action accept
+ description FWFDD94_15-TCP-ALLOW-90.29.180.234
+ destination {
+ group {
+ address-group DT_FWFDD94_15
+ }
+ port 5683,1883
+ }
+ protocol tcp
+ source {
+ address 90.29.180.234
+ }
+ }
+ rule 2132 {
+ action accept
+ description VPN-10131-ANY-ALLOW-10.4.57.51
+ destination {
+ group {
+ address-group DT_VPN-10131
+ }
+ }
+ source {
+ address 10.4.57.51
+ }
+ }
+ rule 2133 {
+ action accept
+ description FW2BB8D_1-TCP-ALLOW-109.228.49.193
+ destination {
+ group {
+ address-group DT_FW2BB8D_1
+ }
+ port 5000
+ }
+ protocol tcp
+ source {
+ address 109.228.49.193
+ }
+ }
+ rule 2134 {
+ action accept
+ description FW81138_1-ICMP-ALLOW-3.10.221.168
+ destination {
+ group {
+ address-group DT_FW81138_1
+ }
+ }
+ protocol icmp
+ source {
+ address 3.10.221.168
+ }
+ }
+ rule 2135 {
+ action accept
+ description FWB28B6_5-AH-ALLOW-77.68.36.46
+ destination {
+ group {
+ address-group DT_FWB28B6_5
+ }
+ }
+ protocol ah
+ source {
+ address 77.68.36.46
+ }
+ }
+ rule 2136 {
+ action accept
+ description FWB28B6_5-ESP-ALLOW-77.68.36.46
+ destination {
+ group {
+ address-group DT_FWB28B6_5
+ }
+ }
+ protocol esp
+ source {
+ address 77.68.36.46
+ }
+ }
+ rule 2137 {
+ action accept
+ description FW825C8_24-TCP-ALLOW-77.68.87.201
+ destination {
+ group {
+ address-group DT_FW825C8_24
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 77.68.87.201
+ }
+ }
+ rule 2138 {
+ action accept
+ description FWB28B6_5-AH-ALLOW-213.171.196.146
+ destination {
+ group {
+ address-group DT_FWB28B6_5
+ }
+ }
+ protocol ah
+ source {
+ address 213.171.196.146
+ }
+ }
+ rule 2139 {
+ action accept
+ description FWB28B6_5-ESP-ALLOW-213.171.196.146
+ destination {
+ group {
+ address-group DT_FWB28B6_5
+ }
+ }
+ protocol esp
+ source {
+ address 213.171.196.146
+ }
+ }
+ rule 2140 {
+ action accept
+ description FWB28B6_5-UDP-ALLOW-213.171.196.146
+ destination {
+ group {
+ address-group DT_FWB28B6_5
+ }
+ port 500,4500
+ }
+ protocol udp
+ source {
+ address 213.171.196.146
+ }
+ }
+ rule 2141 {
+ action accept
+ description FWB28B6_5-TCP_UDP-ALLOW-213.171.196.146
+ destination {
+ group {
+ address-group DT_FWB28B6_5
+ }
+ port 1701
+ }
+ protocol tcp_udp
+ source {
+ address 213.171.196.146
+ }
+ }
+ rule 2142 {
+ action accept
+ description FWB28B6_5-TCP_UDP-ALLOW-77.68.36.46
+ destination {
+ group {
+ address-group DT_FWB28B6_5
+ }
+ port 1701
+ }
+ protocol tcp_udp
+ source {
+ address 77.68.36.46
+ }
+ }
+ rule 2143 {
+ action accept
+ description FWB28B6_5-UDP-ALLOW-77.68.36.46
+ destination {
+ group {
+ address-group DT_FWB28B6_5
+ }
+ port 500,4500
+ }
+ protocol udp
+ source {
+ address 77.68.36.46
+ }
+ }
+ rule 2144 {
+ action accept
+ description VPN-12899-ANY-ALLOW-10.4.59.207
+ destination {
+ group {
+ address-group DT_VPN-12899
+ }
+ }
+ source {
+ address 10.4.59.207
+ }
+ }
+ rule 2145 {
+ action accept
+ description FWB28B6_5-TCP-ALLOW-81.130.141.175
+ destination {
+ group {
+ address-group DT_FWB28B6_5
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 81.130.141.175
+ }
+ }
+ rule 2146 {
+ action accept
+ description FWB28B6_5-UDP-ALLOW-77.68.38.195
+ destination {
+ group {
+ address-group DT_FWB28B6_5
+ }
+ port 4500,500
+ }
+ protocol udp
+ source {
+ address 77.68.38.195
+ }
+ }
+ rule 2147 {
+ action accept
+ description FWB28B6_5-AH-ALLOW-77.68.38.195
+ destination {
+ group {
+ address-group DT_FWB28B6_5
+ }
+ }
+ protocol ah
+ source {
+ address 77.68.38.195
+ }
+ }
+ rule 2148 {
+ action accept
+ description FWB28B6_5-ESP-ALLOW-77.68.38.195
+ destination {
+ group {
+ address-group DT_FWB28B6_5
+ }
+ }
+ protocol esp
+ source {
+ address 77.68.38.195
+ }
+ }
+ rule 2149 {
+ action accept
+ description FWB28B6_5-TCP_UDP-ALLOW-77.68.38.195
+ destination {
+ group {
+ address-group DT_FWB28B6_5
+ }
+ port 1701
+ }
+ protocol tcp_udp
+ source {
+ address 77.68.38.195
+ }
+ }
+ rule 2150 {
+ action accept
+ description FW5658C_1-TCP-ALLOW-39.37.178.77
+ destination {
+ group {
+ address-group DT_FW5658C_1
+ }
+ port 8443
+ }
+ protocol tcp
+ source {
+ address 39.37.178.77
+ }
+ }
+ rule 2151 {
+ action accept
+ description FW5A77C_16-TCP-ALLOW-51.241.139.56
+ destination {
+ group {
+ address-group DT_FW5A77C_16
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 51.241.139.56
+ }
+ }
+ rule 2152 {
+ action accept
+ description FWA86ED_101-TCP-ALLOW-150.143.57.138
+ destination {
+ group {
+ address-group DT_FWA86ED_101
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 150.143.57.138
+ }
+ }
+ rule 2153 {
+ action accept
+ description FW6ECA4_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW6ECA4_1
+ }
+ port 3939,3335,3334,3333,3000,999,444
+ }
+ protocol tcp_udp
+ }
+ rule 2154 {
+ action accept
+ description FW5658C_1-TCP-ALLOW-39.45.13.20
+ destination {
+ group {
+ address-group DT_FW5658C_1
+ }
+ port 8443
+ }
+ protocol tcp
+ source {
+ address 39.45.13.20
+ }
+ }
+ rule 2155 {
+ action accept
+ description FW481D7_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW481D7_1
+ }
+ port 3478
+ }
+ protocol tcp_udp
+ }
+ rule 2156 {
+ action accept
+ description FW5A5D7_3-GRE-ALLOW-51.219.222.28
+ destination {
+ group {
+ address-group DT_FW5A5D7_3
+ }
+ }
+ protocol gre
+ source {
+ address 51.219.222.28
+ }
+ }
+ rule 2157 {
+ action accept
+ description FWA86ED_101-TCP-ALLOW-94.195.127.217
+ destination {
+ group {
+ address-group DT_FWA86ED_101
+ }
+ port 3389,443
+ }
+ protocol tcp
+ source {
+ address 94.195.127.217
+ }
+ }
+ rule 2158 {
+ action accept
+ description FW2E060_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW2E060_1
+ }
+ port 49152-65535,8443-8447
+ }
+ protocol tcp
+ }
+ rule 2159 {
+ action accept
+ description FWFDD94_15-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWFDD94_15
+ }
+ port 9090,5080,1935
+ }
+ protocol tcp
+ }
+ rule 2160 {
+ action accept
+ description FW5658C_1-TCP-ALLOW-39.45.190.224
+ destination {
+ group {
+ address-group DT_FW5658C_1
+ }
+ port 8443
+ }
+ protocol tcp
+ source {
+ address 39.45.190.224
+ }
+ }
+ rule 2161 {
+ action accept
+ description FW9E550_1-TCP-ALLOW-109.249.187.56
+ destination {
+ group {
+ address-group DT_FW9E550_1
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 109.249.187.56
+ }
+ }
+ rule 2162 {
+ action accept
+ description FW89619_1-TCP-ALLOW-81.133.80.114
+ destination {
+ group {
+ address-group DT_FW89619_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 81.133.80.114
+ }
+ }
+ rule 2163 {
+ action accept
+ description FW8A3FC_3-TCP-ALLOW-212.227.72.218
+ destination {
+ group {
+ address-group DT_FW8A3FC_3
+ }
+ port 465
+ }
+ protocol tcp
+ source {
+ address 212.227.72.218
+ }
+ }
+ rule 2164 {
+ action accept
+ description FW0E383_9-TCP-ALLOW-151.229.59.51
+ destination {
+ group {
+ address-group DT_FW0E383_9
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 151.229.59.51
+ }
+ }
+ rule 2165 {
+ action accept
+ description FW8AFF1_7-TCP-ALLOW-178.251.181.41
+ destination {
+ group {
+ address-group DT_FW8AFF1_7
+ }
+ port 1433,21
+ }
+ protocol tcp
+ source {
+ address 178.251.181.41
+ }
+ }
+ rule 2166 {
+ action accept
+ description FW3CAAB_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW3CAAB_1
+ }
+ port 49152-65535,30000-30400,8443-8447,5432,80-110,21-25
+ }
+ protocol tcp
+ }
+ rule 2167 {
+ action accept
+ description FW91B7A_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW91B7A_1
+ }
+ port 3389,80
+ }
+ protocol tcp_udp
+ }
+ rule 2168 {
+ action accept
+ description FW40416_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW40416_1
+ }
+ port 1-65535
+ }
+ protocol tcp
+ }
+ rule 2169 {
+ action accept
+ description FW5A77C_16-TCP-ALLOW-81.151.24.216
+ destination {
+ group {
+ address-group DT_FW5A77C_16
+ }
+ port 10000,22
+ }
+ protocol tcp
+ source {
+ address 81.151.24.216
+ }
+ }
+ rule 2170 {
+ action accept
+ description VPN-7030-ANY-ALLOW-10.4.59.119
+ destination {
+ group {
+ address-group DT_VPN-7030
+ }
+ }
+ source {
+ address 10.4.59.119
+ }
+ }
+ rule 2171 {
+ action accept
+ description FW0E383_9-TCP-ALLOW-62.252.94.138
+ destination {
+ group {
+ address-group DT_FW0E383_9
+ }
+ port 3389,1433
+ }
+ protocol tcp
+ source {
+ address 62.252.94.138
+ }
+ }
+ rule 2172 {
+ action accept
+ description FW89619_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW89619_1
+ }
+ port 5015,5001,5000
+ }
+ protocol tcp
+ }
+ rule 2173 {
+ action accept
+ description FW89619_1-TCP_UDP-ALLOW-167.98.162.142
+ destination {
+ group {
+ address-group DT_FW89619_1
+ }
+ port 5060
+ }
+ protocol tcp_udp
+ source {
+ address 167.98.162.142
+ }
+ }
+ rule 2174 {
+ action accept
+ description FW013EF_2-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW013EF_2
+ }
+ port 44445,7770-7800,5090,5060-5070,5015,5001,2000-2500
+ }
+ protocol tcp
+ }
+ rule 2175 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.214.12
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.214.12
+ }
+ }
+ rule 2176 {
+ action accept
+ description VPN-15625-ANY-ALLOW-10.4.88.79
+ destination {
+ group {
+ address-group DT_VPN-15625
+ }
+ }
+ source {
+ address 10.4.88.79
+ }
+ }
+ rule 2177 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-109.228.53.128
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306,22
+ }
+ protocol tcp
+ source {
+ address 109.228.53.128
+ }
+ }
+ rule 2178 {
+ action accept
+ description FW8AFF1_7-TCP-ALLOW-178.251.181.6
+ destination {
+ group {
+ address-group DT_FW8AFF1_7
+ }
+ port 3389,1433,21
+ }
+ protocol tcp
+ source {
+ address 178.251.181.6
+ }
+ }
+ rule 2179 {
+ action accept
+ description FW578BE_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW578BE_1
+ }
+ port 23,1521,1522
+ }
+ protocol tcp
+ }
+ rule 2180 {
+ action accept
+ description FWE012D_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWE012D_1
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 2181 {
+ action accept
+ description FW8AFF1_7-TCP-ALLOW-213.171.209.161
+ destination {
+ group {
+ address-group DT_FW8AFF1_7
+ }
+ port 3389,1433,21
+ }
+ protocol tcp
+ source {
+ address 213.171.209.161
+ }
+ }
+ rule 2182 {
+ action accept
+ description VPN-8203-ANY-ALLOW-10.4.58.109
+ destination {
+ group {
+ address-group DT_VPN-8203
+ }
+ }
+ source {
+ address 10.4.58.109
+ }
+ }
+ rule 2183 {
+ action accept
+ description VPN-9415-ANY-ALLOW-10.4.58.168
+ destination {
+ group {
+ address-group DT_VPN-9415
+ }
+ }
+ source {
+ address 10.4.58.168
+ }
+ }
+ rule 2184 {
+ action accept
+ description VPN-9415-ANY-ALLOW-10.4.59.168
+ destination {
+ group {
+ address-group DT_VPN-9415
+ }
+ }
+ source {
+ address 10.4.59.168
+ }
+ }
+ rule 2185 {
+ action accept
+ description FW27A8F_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW27A8F_1
+ }
+ port 9990,8458,8090,6543,5432
+ }
+ protocol tcp
+ }
+ rule 2186 {
+ action accept
+ description FW2BB8D_1-TCP-ALLOW-77.68.11.224
+ destination {
+ group {
+ address-group DT_FW2BB8D_1
+ }
+ port 5000
+ }
+ protocol tcp
+ source {
+ address 77.68.11.224
+ }
+ }
+ rule 2187 {
+ action accept
+ description VPN-15625-ANY-ALLOW-10.4.89.79
+ destination {
+ group {
+ address-group DT_VPN-15625
+ }
+ }
+ source {
+ address 10.4.89.79
+ }
+ }
+ rule 2188 {
+ action accept
+ description VPN-14649-ANY-ALLOW-10.4.86.35
+ destination {
+ group {
+ address-group DT_VPN-14649
+ }
+ }
+ source {
+ address 10.4.86.35
+ }
+ }
+ rule 2189 {
+ action accept
+ description VPN-14649-ANY-ALLOW-10.4.87.35
+ destination {
+ group {
+ address-group DT_VPN-14649
+ }
+ }
+ source {
+ address 10.4.87.35
+ }
+ }
+ rule 2190 {
+ action accept
+ description VPN-14657-ANY-ALLOW-10.4.86.38
+ destination {
+ group {
+ address-group DT_VPN-14657
+ }
+ }
+ source {
+ address 10.4.86.38
+ }
+ }
+ rule 2191 {
+ action accept
+ description VPN-14657-ANY-ALLOW-10.4.87.38
+ destination {
+ group {
+ address-group DT_VPN-14657
+ }
+ }
+ source {
+ address 10.4.87.38
+ }
+ }
+ rule 2192 {
+ action accept
+ description VPN-14658-ANY-ALLOW-10.4.88.38
+ destination {
+ group {
+ address-group DT_VPN-14658
+ }
+ }
+ source {
+ address 10.4.88.38
+ }
+ }
+ rule 2193 {
+ action accept
+ description VPN-14658-ANY-ALLOW-10.4.89.38
+ destination {
+ group {
+ address-group DT_VPN-14658
+ }
+ }
+ source {
+ address 10.4.89.38
+ }
+ }
+ rule 2194 {
+ action accept
+ description FW0BB22_1-GRE-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW0BB22_1
+ }
+ }
+ protocol gre
+ }
+ rule 2195 {
+ action accept
+ description FW0BB22_1-ESP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW0BB22_1
+ }
+ }
+ protocol esp
+ }
+ rule 2196 {
+ action accept
+ description FW1CC15_2-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW1CC15_2
+ }
+ port 8089,8085,990,81
+ }
+ protocol tcp
+ }
+ rule 2197 {
+ action accept
+ description FW8AFF1_7-TCP-ALLOW-109.228.0.124
+ destination {
+ group {
+ address-group DT_FW8AFF1_7
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 109.228.0.124
+ }
+ }
+ rule 2198 {
+ action accept
+ description FW5A5D7_3-TCP-ALLOW-51.219.222.28
+ destination {
+ group {
+ address-group DT_FW5A5D7_3
+ }
+ port 8172,3389,1723,1701,47
+ }
+ protocol tcp
+ source {
+ address 51.219.222.28
+ }
+ }
+ rule 2199 {
+ action accept
+ description FW1CB16_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW1CB16_1
+ }
+ port 3306,27017,53
+ }
+ protocol tcp_udp
+ }
+ rule 2200 {
+ action accept
+ description FWE47DA_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWE47DA_1
+ }
+ port 7770-7800,44445
+ }
+ protocol tcp
+ }
+ rule 2201 {
+ action accept
+ description FW37E59_5-TCP-ALLOW-77.68.20.244
+ destination {
+ group {
+ address-group DT_FW37E59_5
+ }
+ port 30303
+ }
+ protocol tcp
+ source {
+ address 77.68.20.244
+ }
+ }
+ rule 2202 {
+ action accept
+ description FW274FD_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW274FD_1
+ }
+ port 49152-65534
+ }
+ protocol tcp
+ }
+ rule 2203 {
+ action accept
+ description FW6CD7E_2-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW6CD7E_2
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 2204 {
+ action accept
+ description FW826BA_3-TCP-ALLOW-178.17.252.59
+ destination {
+ group {
+ address-group DT_FW826BA_3
+ }
+ port 21
+ }
+ protocol tcp
+ source {
+ address 178.17.252.59
+ }
+ }
+ rule 2205 {
+ action accept
+ description FW89619_1-TCP_UDP-ALLOW-185.83.64.108
+ destination {
+ group {
+ address-group DT_FW89619_1
+ }
+ port 5060
+ }
+ protocol tcp_udp
+ source {
+ address 185.83.64.108
+ }
+ }
+ rule 2206 {
+ action accept
+ description FW0937A_1-TCP-ALLOW-83.135.134.13
+ destination {
+ group {
+ address-group DT_FW0937A_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 83.135.134.13
+ }
+ }
+ rule 2207 {
+ action accept
+ description FW2BB8D_1-TCP-ALLOW-77.68.112.64
+ destination {
+ group {
+ address-group DT_FW2BB8D_1
+ }
+ port 27017,5000
+ }
+ protocol tcp
+ source {
+ address 77.68.112.64
+ }
+ }
+ rule 2208 {
+ action accept
+ description FW6CD7E_2-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW6CD7E_2
+ }
+ port 53
+ }
+ protocol tcp_udp
+ }
+ rule 2209 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-194.73.17.47
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306,22
+ }
+ protocol tcp
+ source {
+ address 194.73.17.47
+ }
+ }
+ rule 2210 {
+ action accept
+ description FW0E383_9-TCP-ALLOW-77.68.115.33
+ destination {
+ group {
+ address-group DT_FW0E383_9
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 77.68.115.33
+ }
+ }
+ rule 2211 {
+ action accept
+ description FWA3EA3_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWA3EA3_1
+ }
+ port 943
+ }
+ protocol tcp
+ }
+ rule 2212 {
+ action accept
+ description FW6863A_4-TCP-ALLOW-82.165.100.25
+ destination {
+ group {
+ address-group DT_FW6863A_4
+ }
+ port 21-10000
+ }
+ protocol tcp
+ source {
+ address 82.165.100.25
+ }
+ }
+ rule 2213 {
+ action accept
+ description FWECBFB_14-TCP-ALLOW-109.228.59.50
+ destination {
+ group {
+ address-group DT_FWECBFB_14
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 109.228.59.50
+ }
+ }
+ rule 2214 {
+ action accept
+ description FW2F868_6-TCP-ALLOW-213.171.217.100
+ destination {
+ group {
+ address-group DT_FW2F868_6
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 213.171.217.100
+ }
+ }
+ rule 2215 {
+ action accept
+ description FWD7EAB_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWD7EAB_1
+ }
+ port 60000-60100
+ }
+ protocol tcp
+ }
+ rule 2216 {
+ action accept
+ description FWEB321_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWEB321_1
+ }
+ port 113,4190
+ }
+ protocol tcp
+ }
+ rule 2217 {
+ action accept
+ description FW9C682_3-TCP-ALLOW-195.206.180.132
+ destination {
+ group {
+ address-group DT_FW9C682_3
+ }
+ port 8443,22
+ }
+ protocol tcp
+ source {
+ address 195.206.180.132
+ }
+ }
+ rule 2218 {
+ action accept
+ description VPN-8159-ANY-ALLOW-10.4.58.91
+ destination {
+ group {
+ address-group DT_VPN-8159
+ }
+ }
+ source {
+ address 10.4.58.91
+ }
+ }
+ rule 2219 {
+ action accept
+ description VPN-21673-ANY-ALLOW-10.4.88.187
+ destination {
+ group {
+ address-group DT_VPN-21673
+ }
+ }
+ source {
+ address 10.4.88.187
+ }
+ }
+ rule 2220 {
+ action accept
+ description VPN-21673-ANY-ALLOW-10.4.89.187
+ destination {
+ group {
+ address-group DT_VPN-21673
+ }
+ }
+ source {
+ address 10.4.89.187
+ }
+ }
+ rule 2221 {
+ action accept
+ description VPN-21821-ANY-ALLOW-10.4.88.49
+ destination {
+ group {
+ address-group DT_VPN-21821
+ }
+ }
+ source {
+ address 10.4.88.49
+ }
+ }
+ rule 2222 {
+ action accept
+ description VPN-21821-ANY-ALLOW-10.4.89.49
+ destination {
+ group {
+ address-group DT_VPN-21821
+ }
+ }
+ source {
+ address 10.4.89.49
+ }
+ }
+ rule 2223 {
+ action accept
+ description FWECBFB_14-TCP-ALLOW-81.133.80.58
+ destination {
+ group {
+ address-group DT_FWECBFB_14
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 81.133.80.58
+ }
+ }
+ rule 2224 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.211.238
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.211.238
+ }
+ }
+ rule 2225 {
+ action accept
+ description FW826BA_3-TCP-ALLOW-185.212.168.51
+ destination {
+ group {
+ address-group DT_FW826BA_3
+ }
+ port 3389,1433,21
+ }
+ protocol tcp
+ source {
+ address 185.212.168.51
+ }
+ }
+ rule 2226 {
+ action accept
+ description FW8B21D_1-ANY-ALLOW-212.187.250.2
+ destination {
+ group {
+ address-group DT_FW8B21D_1
+ }
+ }
+ source {
+ address 212.187.250.2
+ }
+ }
+ rule 2227 {
+ action accept
+ description FW35F7B_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW35F7B_1
+ }
+ port 1434
+ }
+ protocol tcp_udp
+ }
+ rule 2228 {
+ action accept
+ description FWD338A_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWD338A_1
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 2229 {
+ action accept
+ description FW35F7B_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW35F7B_1
+ }
+ port 56791
+ }
+ protocol tcp
+ }
+ rule 2230 {
+ action accept
+ description FW0E383_9-TCP-ALLOW-77.68.77.114
+ destination {
+ group {
+ address-group DT_FW0E383_9
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 77.68.77.114
+ }
+ }
+ rule 2231 {
+ action accept
+ description FW90AE3_1-TCP-ALLOW-194.74.137.17
+ destination {
+ group {
+ address-group DT_FW90AE3_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 194.74.137.17
+ }
+ }
+ rule 2232 {
+ action accept
+ description FW52F6F_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW52F6F_1
+ }
+ port 53
+ }
+ protocol tcp_udp
+ }
+ rule 2233 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-77.68.23.109
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306,22
+ }
+ protocol tcp
+ source {
+ address 77.68.23.109
+ }
+ }
+ rule 2234 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.210.247
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.210.247
+ }
+ }
+ rule 2235 {
+ action accept
+ description FW4E314_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW4E314_1
+ }
+ port 53
+ }
+ protocol tcp_udp
+ }
+ rule 2236 {
+ action accept
+ description FW73573_2-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW73573_2
+ }
+ port 25
+ }
+ protocol tcp_udp
+ }
+ rule 2237 {
+ action accept
+ description FW0E383_9-TCP-ALLOW-77.68.93.89
+ destination {
+ group {
+ address-group DT_FW0E383_9
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 77.68.93.89
+ }
+ }
+ rule 2238 {
+ action accept
+ description FW856FA_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW856FA_1
+ }
+ port 6003
+ }
+ protocol tcp
+ }
+ rule 2239 {
+ action accept
+ description FWECBFB_14-TCP-ALLOW-81.19.214.155
+ destination {
+ group {
+ address-group DT_FWECBFB_14
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 81.19.214.155
+ }
+ }
+ rule 2240 {
+ action accept
+ description FW826BA_3-TCP-ALLOW-51.219.168.170
+ destination {
+ group {
+ address-group DT_FW826BA_3
+ }
+ port 3389,1433,21
+ }
+ protocol tcp
+ source {
+ address 51.219.168.170
+ }
+ }
+ rule 2241 {
+ action accept
+ description FW30D21_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW30D21_1
+ }
+ port 2083-2087,53,2812,2096,25,993,587
+ }
+ protocol tcp_udp
+ }
+ rule 2242 {
+ action accept
+ description FWA076E_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWA076E_1
+ }
+ port 2199,2197
+ }
+ protocol tcp
+ }
+ rule 2243 {
+ action accept
+ description FWA076E_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWA076E_1
+ }
+ port 8000-8010
+ }
+ protocol tcp_udp
+ }
+ rule 2244 {
+ action accept
+ description FW8A3FC_3-TCP-ALLOW-82.165.166.41
+ destination {
+ group {
+ address-group DT_FW8A3FC_3
+ }
+ port 8447,8443,443,80,22
+ }
+ protocol tcp
+ source {
+ address 82.165.166.41
+ }
+ }
+ rule 2245 {
+ action accept
+ description FW2F868_6-TCP-ALLOW-213.171.217.180
+ destination {
+ group {
+ address-group DT_FW2F868_6
+ }
+ port 22,80
+ }
+ protocol tcp
+ source {
+ address 213.171.217.180
+ }
+ }
+ rule 2246 {
+ action accept
+ description FW2F868_6-TCP-ALLOW-213.171.217.184
+ destination {
+ group {
+ address-group DT_FW2F868_6
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 213.171.217.184
+ }
+ }
+ rule 2247 {
+ action accept
+ description FW2F868_6-TCP-ALLOW-213.171.217.185
+ destination {
+ group {
+ address-group DT_FW2F868_6
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 213.171.217.185
+ }
+ }
+ rule 2248 {
+ action accept
+ description FW2F868_6-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW2F868_6
+ }
+ port 161
+ }
+ protocol udp
+ }
+ rule 2249 {
+ action accept
+ description FW2F868_6-TCP-ALLOW-213.171.217.102
+ destination {
+ group {
+ address-group DT_FW2F868_6
+ }
+ port 22,24
+ }
+ protocol tcp
+ source {
+ address 213.171.217.102
+ }
+ }
+ rule 2250 {
+ action accept
+ description FW9C682_3-TCP-ALLOW-80.194.78.162
+ destination {
+ group {
+ address-group DT_FW9C682_3
+ }
+ port 8443,22
+ }
+ protocol tcp
+ source {
+ address 80.194.78.162
+ }
+ }
+ rule 2251 {
+ action accept
+ description VPN-21822-ANY-ALLOW-10.4.54.47
+ destination {
+ group {
+ address-group DT_VPN-21822
+ }
+ }
+ source {
+ address 10.4.54.47
+ }
+ }
+ rule 2252 {
+ action accept
+ description FW825C8_19-TCP-ALLOW-77.68.75.244
+ destination {
+ group {
+ address-group DT_FW825C8_19
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 77.68.75.244
+ }
+ }
+ rule 2253 {
+ action accept
+ description FW2B279_4-TCP-ALLOW-195.147.173.92
+ destination {
+ group {
+ address-group DT_FW2B279_4
+ }
+ port 8443,22
+ }
+ protocol tcp
+ source {
+ address 195.147.173.92
+ }
+ }
+ rule 2254 {
+ action accept
+ description FW1D511_2-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW1D511_2
+ }
+ port 8090
+ }
+ protocol tcp
+ }
+ rule 2255 {
+ action accept
+ description FW8A3FC_3-TCP-ALLOW-85.17.25.47
+ destination {
+ group {
+ address-group DT_FW8A3FC_3
+ }
+ port 465
+ }
+ protocol tcp
+ source {
+ address 85.17.25.47
+ }
+ }
+ rule 2256 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-77.68.89.209
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306,22
+ }
+ protocol tcp
+ source {
+ address 77.68.89.209
+ }
+ }
+ rule 2257 {
+ action accept
+ description FWE2AB5_8-TCP-ALLOW-213.171.217.184
+ destination {
+ group {
+ address-group DT_FWE2AB5_8
+ }
+ port 7000
+ }
+ protocol tcp
+ source {
+ address 213.171.217.184
+ }
+ }
+ rule 2258 {
+ action accept
+ description FW0E383_9-TCP-ALLOW-77.68.94.177
+ destination {
+ group {
+ address-group DT_FW0E383_9
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 77.68.94.177
+ }
+ }
+ rule 2259 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-77.68.95.129
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306,22
+ }
+ protocol tcp
+ source {
+ address 77.68.95.129
+ }
+ }
+ rule 2260 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-109.104.118.136
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 109.104.118.136
+ }
+ }
+ rule 2261 {
+ action accept
+ description FW1FA9E_1-TCP-ALLOW-78.88.254.99
+ destination {
+ group {
+ address-group DT_FW1FA9E_1
+ }
+ port 9000,8200,5601,4444
+ }
+ protocol tcp
+ source {
+ address 78.88.254.99
+ }
+ }
+ rule 2262 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-175.157.46.27
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 175.157.46.27
+ }
+ }
+ rule 2263 {
+ action accept
+ description FWA7A50_1-TCP-ALLOW-81.110.192.198
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 81.110.192.198
+ }
+ }
+ rule 2264 {
+ action accept
+ description VPN-21822-ANY-ALLOW-10.4.55.47
+ destination {
+ group {
+ address-group DT_VPN-21822
+ }
+ }
+ source {
+ address 10.4.55.47
+ }
+ }
+ rule 2265 {
+ action accept
+ description FW2BB8D_1-TCP-ALLOW-77.68.31.195
+ destination {
+ group {
+ address-group DT_FW2BB8D_1
+ }
+ port 27017,5000
+ }
+ protocol tcp
+ source {
+ address 77.68.31.195
+ }
+ }
+ rule 2266 {
+ action accept
+ description FW45BEB_1-TCP-ALLOW-62.3.71.238
+ destination {
+ group {
+ address-group DT_FW45BEB_1
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 62.3.71.238
+ }
+ }
+ rule 2267 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.209.113
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.209.113
+ }
+ }
+ rule 2268 {
+ action accept
+ description VPN-23946-ANY-ALLOW-10.4.58.13
+ destination {
+ group {
+ address-group DT_VPN-23946
+ }
+ }
+ source {
+ address 10.4.58.13
+ }
+ }
+ rule 2269 {
+ action accept
+ description FW98818_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW98818_1
+ }
+ port 27015
+ }
+ protocol tcp
+ }
+ rule 2270 {
+ action accept
+ description VPN-23946-ANY-ALLOW-10.4.59.13
+ destination {
+ group {
+ address-group DT_VPN-23946
+ }
+ }
+ source {
+ address 10.4.59.13
+ }
+ }
+ rule 2271 {
+ action accept
+ description VPN-28031-ANY-ALLOW-10.4.88.197
+ destination {
+ group {
+ address-group DT_VPN-28031
+ }
+ }
+ source {
+ address 10.4.88.197
+ }
+ }
+ rule 2272 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-109.104.118.231
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 109.104.118.231
+ }
+ }
+ rule 2273 {
+ action accept
+ description FW5A5D7_3-TCP_UDP-ALLOW-51.219.222.28
+ destination {
+ group {
+ address-group DT_FW5A5D7_3
+ }
+ port 500
+ }
+ protocol tcp_udp
+ source {
+ address 51.219.222.28
+ }
+ }
+ rule 2274 {
+ action accept
+ description FW32EFF_25-TCP-ALLOW-185.106.220.231
+ destination {
+ group {
+ address-group DT_FW32EFF_25
+ }
+ port 443
+ }
+ protocol tcp
+ source {
+ address 185.106.220.231
+ }
+ }
+ rule 2275 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-109.104.118.66
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 109.104.118.66
+ }
+ }
+ rule 2276 {
+ action accept
+ description FW934AE_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW934AE_1
+ }
+ port 1194
+ }
+ protocol udp
+ }
+ rule 2277 {
+ action accept
+ description VPN-28031-ANY-ALLOW-10.4.89.197
+ destination {
+ group {
+ address-group DT_VPN-28031
+ }
+ }
+ source {
+ address 10.4.89.197
+ }
+ }
+ rule 2278 {
+ action accept
+ description FW6863A_4-TCP_UDP-ALLOW-82.165.166.41
+ destination {
+ group {
+ address-group DT_FW6863A_4
+ }
+ port 21-10000
+ }
+ protocol tcp_udp
+ source {
+ address 82.165.166.41
+ }
+ }
+ rule 2279 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-109.104.119.162
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 109.104.119.162
+ }
+ }
+ rule 2280 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-109.74.199.143
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 109.74.199.143
+ }
+ }
+ rule 2281 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-185.92.25.48
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 185.92.25.48
+ }
+ }
+ rule 2282 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-207.148.2.40
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 207.148.2.40
+ }
+ }
+ rule 2283 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-45.76.235.62
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 45.76.235.62
+ }
+ }
+ rule 2284 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-45.76.236.93
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 45.76.236.93
+ }
+ }
+ rule 2285 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-45.76.59.5
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 45.76.59.5
+ }
+ }
+ rule 2286 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-77.68.15.134
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 4444,3306
+ }
+ protocol tcp
+ source {
+ address 77.68.15.134
+ }
+ }
+ rule 2287 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-77.68.22.208
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 4444,3306
+ }
+ protocol tcp
+ source {
+ address 77.68.22.208
+ }
+ }
+ rule 2288 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-77.68.23.108
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 77.68.23.108
+ }
+ }
+ rule 2289 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-77.68.23.54
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 77.68.23.54
+ }
+ }
+ rule 2290 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-77.68.30.45
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 77.68.30.45
+ }
+ }
+ rule 2291 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-77.68.7.198
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 77.68.7.198
+ }
+ }
+ rule 2292 {
+ action accept
+ description VPN-29631-ANY-ALLOW-10.4.54.76
+ destination {
+ group {
+ address-group DT_VPN-29631
+ }
+ }
+ source {
+ address 10.4.54.76
+ }
+ }
+ rule 2293 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-77.68.89.200
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 4444,3306
+ }
+ protocol tcp
+ source {
+ address 77.68.89.200
+ }
+ }
+ rule 2294 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-77.68.91.50
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 77.68.91.50
+ }
+ }
+ rule 2295 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-82.165.206.230
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 82.165.206.230
+ }
+ }
+ rule 2296 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-82.165.207.109
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 4444,3306
+ }
+ protocol tcp
+ source {
+ address 82.165.207.109
+ }
+ }
+ rule 2297 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-94.196.156.5
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 94.196.156.5
+ }
+ }
+ rule 2298 {
+ action accept
+ description FW1F3D0_6-TCP_UDP-ALLOW-77.68.15.134
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 4567-4568
+ }
+ protocol tcp_udp
+ source {
+ address 77.68.15.134
+ }
+ }
+ rule 2299 {
+ action accept
+ description FW1F3D0_6-TCP_UDP-ALLOW-77.68.22.208
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 4567-4568
+ }
+ protocol tcp_udp
+ source {
+ address 77.68.22.208
+ }
+ }
+ rule 2300 {
+ action accept
+ description FW1F3D0_6-TCP_UDP-ALLOW-77.68.23.109
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 4567-4568
+ }
+ protocol tcp_udp
+ source {
+ address 77.68.23.109
+ }
+ }
+ rule 2301 {
+ action accept
+ description FW1F3D0_6-TCP_UDP-ALLOW-77.68.89.200
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 4567-4568
+ }
+ protocol tcp_udp
+ source {
+ address 77.68.89.200
+ }
+ }
+ rule 2302 {
+ action accept
+ description FW05339_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW05339_1
+ }
+ port 8085,5055,5013,5005,444
+ }
+ protocol tcp
+ }
+ rule 2303 {
+ action accept
+ description FW32EFF_25-TCP-ALLOW-217.169.61.164
+ destination {
+ group {
+ address-group DT_FW32EFF_25
+ }
+ port 443
+ }
+ protocol tcp
+ source {
+ address 217.169.61.164
+ }
+ }
+ rule 2304 {
+ action accept
+ description FW89619_1-TCP_UDP-ALLOW-185.83.65.45
+ destination {
+ group {
+ address-group DT_FW89619_1
+ }
+ port 5060
+ }
+ protocol tcp_udp
+ source {
+ address 185.83.65.45
+ }
+ }
+ rule 2305 {
+ action accept
+ description VPN-13983-ANY-ALLOW-10.4.58.176
+ destination {
+ group {
+ address-group DT_VPN-13983
+ }
+ }
+ source {
+ address 10.4.58.176
+ }
+ }
+ rule 2306 {
+ action accept
+ description FWDAF47_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWDAF47_1
+ }
+ port 8090,7080,443,53
+ }
+ protocol tcp_udp
+ }
+ rule 2307 {
+ action accept
+ description VPN-29631-ANY-ALLOW-10.4.55.77
+ destination {
+ group {
+ address-group DT_VPN-29631
+ }
+ }
+ source {
+ address 10.4.55.77
+ }
+ }
+ rule 2308 {
+ action accept
+ description VPN-34309-ANY-ALLOW-10.4.58.142
+ destination {
+ group {
+ address-group DT_VPN-34309
+ }
+ }
+ source {
+ address 10.4.58.142
+ }
+ }
+ rule 2309 {
+ action accept
+ description FW27949_2-TCP-ALLOW-138.124.142.180
+ destination {
+ group {
+ address-group DT_FW27949_2
+ }
+ port 443,80
+ }
+ protocol tcp
+ source {
+ address 138.124.142.180
+ }
+ }
+ rule 2310 {
+ action accept
+ description FWF8F85_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWF8F85_1
+ }
+ port 3306
+ }
+ protocol tcp_udp
+ }
+ rule 2311 {
+ action accept
+ description FWDAF47_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWDAF47_1
+ }
+ port 40110-40210
+ }
+ protocol tcp
+ }
+ rule 2312 {
+ action accept
+ description VPN-34309-ANY-ALLOW-10.4.59.142
+ destination {
+ group {
+ address-group DT_VPN-34309
+ }
+ }
+ source {
+ address 10.4.59.142
+ }
+ }
+ rule 2313 {
+ action accept
+ description FWA0531_1-TCP-ALLOW-87.224.39.220
+ destination {
+ group {
+ address-group DT_FWA0531_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 87.224.39.220
+ }
+ }
+ rule 2314 {
+ action accept
+ description FW5A5D7_3-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW5A5D7_3
+ }
+ port 1334
+ }
+ protocol tcp
+ }
+ rule 2315 {
+ action accept
+ description FW8C927_1-TCP_UDP-ALLOW-84.92.125.78
+ destination {
+ group {
+ address-group DT_FW8C927_1
+ }
+ port 3306,22
+ }
+ protocol tcp_udp
+ source {
+ address 84.92.125.78
+ }
+ }
+ rule 2316 {
+ action accept
+ description FW8C927_1-TCP_UDP-ALLOW-88.208.238.152
+ destination {
+ group {
+ address-group DT_FW8C927_1
+ }
+ port 3306,22
+ }
+ protocol tcp_udp
+ source {
+ address 88.208.238.152
+ }
+ }
+ rule 2317 {
+ action accept
+ description FW81138_1-ICMP-ALLOW-82.165.232.19
+ destination {
+ group {
+ address-group DT_FW81138_1
+ }
+ }
+ protocol icmp
+ source {
+ address 82.165.232.19
+ }
+ }
+ rule 2318 {
+ action accept
+ description FW28892_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW28892_1
+ }
+ port 7000
+ }
+ protocol tcp
+ }
+ rule 2319 {
+ action accept
+ description FWC96A1_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWC96A1_1
+ }
+ port 222
+ }
+ protocol tcp
+ }
+ rule 2320 {
+ action accept
+ description VPN-13983-ANY-ALLOW-10.4.59.176
+ destination {
+ group {
+ address-group DT_VPN-13983
+ }
+ }
+ source {
+ address 10.4.59.176
+ }
+ }
+ rule 2321 {
+ action accept
+ description FW2FB61_1-TCP-ALLOW-5.183.104.15
+ destination {
+ group {
+ address-group DT_FW2FB61_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 5.183.104.15
+ }
+ }
+ rule 2322 {
+ action accept
+ description FW81138_1-ICMP-ALLOW-82.20.69.137
+ destination {
+ group {
+ address-group DT_FW81138_1
+ }
+ }
+ protocol icmp
+ source {
+ address 82.20.69.137
+ }
+ }
+ rule 2323 {
+ action accept
+ description FW72F37_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW72F37_1
+ }
+ port 7770-7800,44445
+ }
+ protocol tcp
+ }
+ rule 2324 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-81.111.155.34
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000,3389
+ }
+ protocol tcp_udp
+ source {
+ address 81.111.155.34
+ }
+ }
+ rule 2325 {
+ action accept
+ description VPN-20306-ANY-ALLOW-10.4.88.173
+ destination {
+ group {
+ address-group DT_VPN-20306
+ }
+ }
+ source {
+ address 10.4.88.173
+ }
+ }
+ rule 2326 {
+ action accept
+ description FW6C992_1-TCP-ALLOW-89.33.185.0_24
+ destination {
+ group {
+ address-group DT_FW6C992_1
+ }
+ port 8447,8443,22
+ }
+ protocol tcp
+ source {
+ address 89.33.185.0/24
+ }
+ }
+ rule 2327 {
+ action accept
+ description FW2FB61_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW2FB61_1
+ }
+ port 45000
+ }
+ protocol tcp
+ }
+ rule 2328 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-175.157.46.202
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 175.157.46.202
+ }
+ }
+ rule 2329 {
+ action accept
+ description FWF9C28_2-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWF9C28_2
+ }
+ port 7770-7800,44445
+ }
+ protocol tcp
+ }
+ rule 2330 {
+ action accept
+ description FW3DBF8_9-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW3DBF8_9
+ }
+ port 8088,8080,5090,5060,3478,1935
+ }
+ protocol tcp_udp
+ }
+ rule 2331 {
+ action accept
+ description FW3DBF8_9-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW3DBF8_9
+ }
+ port 5062,5061,5015,5001
+ }
+ protocol tcp
+ }
+ rule 2332 {
+ action accept
+ description VPN-16402-ANY-ALLOW-10.4.88.60
+ destination {
+ group {
+ address-group DT_VPN-16402
+ }
+ }
+ source {
+ address 10.4.88.60
+ }
+ }
+ rule 2333 {
+ action accept
+ description FWC1315_1-TCP-ALLOW-62.3.71.238
+ destination {
+ group {
+ address-group DT_FWC1315_1
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 62.3.71.238
+ }
+ }
+ rule 2334 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 8001,80
+ }
+ protocol tcp_udp
+ }
+ rule 2335 {
+ action accept
+ description FWAFF0A_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWAFF0A_1
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 2336 {
+ action accept
+ description FW2B279_4-TCP-ALLOW-195.20.253.19
+ destination {
+ group {
+ address-group DT_FW2B279_4
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 195.20.253.19
+ }
+ }
+ rule 2337 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.215.73
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.215.73
+ }
+ }
+ rule 2338 {
+ action accept
+ description VPN-16402-ANY-ALLOW-10.4.89.60
+ destination {
+ group {
+ address-group DT_VPN-16402
+ }
+ }
+ source {
+ address 10.4.89.60
+ }
+ }
+ rule 2339 {
+ action accept
+ description VPN-15951-ANY-ALLOW-10.4.86.90
+ destination {
+ group {
+ address-group DT_VPN-15951
+ }
+ }
+ source {
+ address 10.4.86.90
+ }
+ }
+ rule 2340 {
+ action accept
+ description FW2BB8D_1-TCP-ALLOW-77.68.77.181
+ destination {
+ group {
+ address-group DT_FW2BB8D_1
+ }
+ port 27017,5000
+ }
+ protocol tcp
+ source {
+ address 77.68.77.181
+ }
+ }
+ rule 2341 {
+ action accept
+ description FWE9F7D_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWE9F7D_1
+ }
+ port 4035
+ }
+ protocol tcp
+ }
+ rule 2342 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.208.131
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.208.131
+ }
+ }
+ rule 2343 {
+ action accept
+ description VPN-15951-ANY-ALLOW-10.4.87.90
+ destination {
+ group {
+ address-group DT_VPN-15951
+ }
+ }
+ source {
+ address 10.4.87.90
+ }
+ }
+ rule 2344 {
+ action accept
+ description FW2BB8D_1-TCP-ALLOW-77.68.93.190
+ destination {
+ group {
+ address-group DT_FW2BB8D_1
+ }
+ port 27017,5000
+ }
+ protocol tcp
+ source {
+ address 77.68.93.190
+ }
+ }
+ rule 2345 {
+ action accept
+ description VPN-8159-ANY-ALLOW-10.4.59.91
+ destination {
+ group {
+ address-group DT_VPN-8159
+ }
+ }
+ source {
+ address 10.4.59.91
+ }
+ }
+ rule 2346 {
+ action accept
+ description VPN-12870-ANY-ALLOW-10.4.54.67
+ destination {
+ group {
+ address-group DT_VPN-12870
+ }
+ }
+ source {
+ address 10.4.54.67
+ }
+ }
+ rule 2347 {
+ action accept
+ description FW930F3_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW930F3_1
+ }
+ port 53
+ }
+ protocol tcp_udp
+ }
+ rule 2348 {
+ action accept
+ description FW12C32_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW12C32_1
+ }
+ port 465,53,25
+ }
+ protocol tcp_udp
+ }
+ rule 2349 {
+ action accept
+ description FW28EC8_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW28EC8_1
+ }
+ port 20443
+ }
+ protocol tcp
+ }
+ rule 2350 {
+ action accept
+ description VPN-12870-ANY-ALLOW-10.4.55.68
+ destination {
+ group {
+ address-group DT_VPN-12870
+ }
+ }
+ source {
+ address 10.4.55.68
+ }
+ }
+ rule 2351 {
+ action accept
+ description FW934AE_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW934AE_1
+ }
+ port 32401,32400,8081
+ }
+ protocol tcp_udp
+ }
+ rule 2352 {
+ action accept
+ description FW6863A_4-TCP-ALLOW-185.173.161.154
+ destination {
+ group {
+ address-group DT_FW6863A_4
+ }
+ port 465
+ }
+ protocol tcp
+ source {
+ address 185.173.161.154
+ }
+ }
+ rule 2353 {
+ action accept
+ description FW013EF_2-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW013EF_2
+ }
+ port 10600-10998,9000-9398,5090,5060-5070
+ }
+ protocol udp
+ }
+ rule 2354 {
+ action accept
+ description FW85040_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW85040_1
+ }
+ port 3210
+ }
+ protocol tcp_udp
+ }
+ rule 2355 {
+ action accept
+ description FW8B21D_1-TCP_UDP-ALLOW-131.153.100.98
+ destination {
+ group {
+ address-group DT_FW8B21D_1
+ }
+ port 22
+ }
+ protocol tcp_udp
+ source {
+ address 131.153.100.98
+ }
+ }
+ rule 2356 {
+ action accept
+ description FW8B21D_1-TCP_UDP-ALLOW-213.133.99.176
+ destination {
+ group {
+ address-group DT_FW8B21D_1
+ }
+ port 22
+ }
+ protocol tcp_udp
+ source {
+ address 213.133.99.176
+ }
+ }
+ rule 2357 {
+ action accept
+ description FW6EFD7_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW6EFD7_1
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 2358 {
+ action accept
+ description FW8B21D_1-TCP_UDP-ALLOW-62.253.153.163
+ destination {
+ group {
+ address-group DT_FW8B21D_1
+ }
+ port 8443,22
+ }
+ protocol tcp_udp
+ source {
+ address 62.253.153.163
+ }
+ }
+ rule 2359 {
+ action accept
+ description FWCB0CF_7-TCP-ALLOW-212.159.153.201
+ destination {
+ group {
+ address-group DT_FWCB0CF_7
+ }
+ port 6443,5432-5434,5000-5100,3306-3308,990,989,22,21
+ }
+ protocol tcp
+ source {
+ address 212.159.153.201
+ }
+ }
+ rule 2360 {
+ action accept
+ description FW75CA4_6-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW75CA4_6
+ }
+ port 51472,3747,3420
+ }
+ protocol tcp
+ }
+ rule 2361 {
+ action accept
+ description FWF9C28_4-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWF9C28_4
+ }
+ port 23,7770-7800,44445,6109
+ }
+ protocol tcp
+ }
+ rule 2362 {
+ action accept
+ description FW6B39D_1-TCP-ALLOW-120.72.95.88_29
+ destination {
+ group {
+ address-group DT_FW6B39D_1
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 120.72.95.88/29
+ }
+ }
+ rule 2363 {
+ action accept
+ description FW934AE_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW934AE_1
+ }
+ port 20000
+ }
+ protocol tcp
+ }
+ rule 2364 {
+ action accept
+ description FW12C32_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW12C32_1
+ }
+ port 2323,953
+ }
+ protocol tcp
+ }
+ rule 2365 {
+ action accept
+ description FW49897_1-TCP-ALLOW-2.121.90.207
+ destination {
+ group {
+ address-group DT_FW49897_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 2.121.90.207
+ }
+ }
+ rule 2366 {
+ action accept
+ description FW6B39D_1-TCP-ALLOW-120.72.91.104_29
+ destination {
+ group {
+ address-group DT_FW6B39D_1
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 120.72.91.104/29
+ }
+ }
+ rule 2367 {
+ action accept
+ description FW4F5EE_10-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW4F5EE_10
+ }
+ port 83,86,82
+ }
+ protocol tcp
+ }
+ rule 2368 {
+ action accept
+ description FWF791C_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWF791C_1
+ }
+ port 6001
+ }
+ protocol tcp
+ }
+ rule 2369 {
+ action accept
+ description FWEF92E_5-ESP-ALLOW-109.228.37.19
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ }
+ protocol esp
+ source {
+ address 109.228.37.19
+ }
+ }
+ rule 2370 {
+ action accept
+ description FWE57AD_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWE57AD_1
+ }
+ port 57000-58000
+ }
+ protocol tcp
+ }
+ rule 2371 {
+ action accept
+ description FWC0CE0_1-TCP-ALLOW-62.232.209.221
+ destination {
+ group {
+ address-group DT_FWC0CE0_1
+ }
+ port 49152-65535,8447,8443,22,21
+ }
+ protocol tcp
+ source {
+ address 62.232.209.221
+ }
+ }
+ rule 2372 {
+ action accept
+ description FW0192C_1-TCP-ALLOW-41.140.242.86
+ destination {
+ group {
+ address-group DT_FW0192C_1
+ }
+ port 3306,22
+ }
+ protocol tcp
+ source {
+ address 41.140.242.86
+ }
+ }
+ rule 2373 {
+ action accept
+ description FWEEC75_1-TCP-ALLOW-54.171.71.110
+ destination {
+ group {
+ address-group DT_FWEEC75_1
+ }
+ port 21
+ }
+ protocol tcp
+ source {
+ address 54.171.71.110
+ }
+ }
+ rule 2374 {
+ action accept
+ description FW8B21D_1-TCP_UDP-ALLOW-95.149.182.69
+ destination {
+ group {
+ address-group DT_FW8B21D_1
+ }
+ port 22
+ }
+ protocol tcp_udp
+ source {
+ address 95.149.182.69
+ }
+ }
+ rule 2375 {
+ action accept
+ description FW8B21D_1-TCP-ALLOW-185.201.16.0_22
+ destination {
+ group {
+ address-group DT_FW8B21D_1
+ }
+ port 25
+ }
+ protocol tcp
+ source {
+ address 185.201.16.0/22
+ }
+ }
+ rule 2376 {
+ action accept
+ description FW8B21D_1-TCP-ALLOW-213.133.99.176
+ destination {
+ group {
+ address-group DT_FW8B21D_1
+ }
+ port 25
+ }
+ protocol tcp
+ source {
+ address 213.133.99.176
+ }
+ }
+ rule 2377 {
+ action accept
+ description FW8B21D_1-TCP-ALLOW-95.211.160.147
+ destination {
+ group {
+ address-group DT_FW8B21D_1
+ }
+ port 25
+ }
+ protocol tcp
+ source {
+ address 95.211.160.147
+ }
+ }
+ rule 2378 {
+ action accept
+ description FW6863A_4-TCP-ALLOW-212.227.9.72
+ destination {
+ group {
+ address-group DT_FW6863A_4
+ }
+ port 465
+ }
+ protocol tcp
+ source {
+ address 212.227.9.72
+ }
+ }
+ rule 2379 {
+ action accept
+ description FW8B21D_1-ESP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW8B21D_1
+ }
+ }
+ protocol esp
+ }
+ rule 2380 {
+ action accept
+ description FW8B21D_1-AH-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW8B21D_1
+ }
+ }
+ protocol ah
+ }
+ rule 2381 {
+ action accept
+ description FW8B21D_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW8B21D_1
+ }
+ port 8181,4500,1194,993,941,500,53
+ }
+ protocol tcp_udp
+ }
+ rule 2382 {
+ action accept
+ description FW6863A_4-TCP-ALLOW-85.17.25.47
+ destination {
+ group {
+ address-group DT_FW6863A_4
+ }
+ port 465
+ }
+ protocol tcp
+ source {
+ address 85.17.25.47
+ }
+ }
+ rule 2383 {
+ action accept
+ description FW6863A_4-TCP-ALLOW-91.232.105.39
+ destination {
+ group {
+ address-group DT_FW6863A_4
+ }
+ port 465
+ }
+ protocol tcp
+ source {
+ address 91.232.105.39
+ }
+ }
+ rule 2384 {
+ action accept
+ description FW6863A_4-TCP-ALLOW-93.190.142.120
+ destination {
+ group {
+ address-group DT_FW6863A_4
+ }
+ port 465
+ }
+ protocol tcp
+ source {
+ address 93.190.142.120
+ }
+ }
+ rule 2385 {
+ action accept
+ description FW6863A_4-TCP-ALLOW-95.168.171.130
+ destination {
+ group {
+ address-group DT_FW6863A_4
+ }
+ port 465
+ }
+ protocol tcp
+ source {
+ address 95.168.171.130
+ }
+ }
+ rule 2386 {
+ action accept
+ description FW6863A_4-TCP-ALLOW-95.168.171.157
+ destination {
+ group {
+ address-group DT_FW6863A_4
+ }
+ port 465
+ }
+ protocol tcp
+ source {
+ address 95.168.171.157
+ }
+ }
+ rule 2387 {
+ action accept
+ description FWD4A27_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWD4A27_1
+ }
+ port 32400
+ }
+ protocol tcp
+ }
+ rule 2388 {
+ action accept
+ description FW2ACFF_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW2ACFF_1
+ }
+ port 10299,60050-60055
+ }
+ protocol tcp_udp
+ }
+ rule 2389 {
+ action accept
+ description FWCB0CF_7-TCP-ALLOW-193.248.62.45
+ destination {
+ group {
+ address-group DT_FWCB0CF_7
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 193.248.62.45
+ }
+ }
+ rule 2390 {
+ action accept
+ description FWCB0CF_7-TCP-ALLOW-78.249.208.17
+ destination {
+ group {
+ address-group DT_FWCB0CF_7
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 78.249.208.17
+ }
+ }
+ rule 2391 {
+ action accept
+ description FWC8E8E_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWC8E8E_1
+ }
+ port 6000
+ }
+ protocol tcp_udp
+ }
+ rule 2392 {
+ action accept
+ description FW30D21_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW30D21_1
+ }
+ port 2476
+ }
+ protocol tcp
+ }
+ rule 2393 {
+ action accept
+ description FW0192C_1-TCP-ALLOW-41.140.242.94
+ destination {
+ group {
+ address-group DT_FW0192C_1
+ }
+ port 3306,22
+ }
+ protocol tcp
+ source {
+ address 41.140.242.94
+ }
+ }
+ rule 2394 {
+ action accept
+ description FW59F39_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW59F39_1
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 2395 {
+ action accept
+ description FWEF92E_7-ESP-ALLOW-77.68.77.57
+ destination {
+ group {
+ address-group DT_FWEF92E_7
+ }
+ }
+ protocol esp
+ source {
+ address 77.68.77.57
+ }
+ }
+ rule 2396 {
+ action accept
+ description FW826BA_3-TCP-ALLOW-51.219.47.177
+ destination {
+ group {
+ address-group DT_FW826BA_3
+ }
+ port 3389,21
+ }
+ protocol tcp
+ source {
+ address 51.219.47.177
+ }
+ }
+ rule 2397 {
+ action accept
+ description FW826BA_3-TCP-ALLOW-86.172.128.50
+ destination {
+ group {
+ address-group DT_FW826BA_3
+ }
+ port 1433,21
+ }
+ protocol tcp
+ source {
+ address 86.172.128.50
+ }
+ }
+ rule 2398 {
+ action accept
+ description FW826BA_3-TCP-ALLOW-88.105.1.20
+ destination {
+ group {
+ address-group DT_FW826BA_3
+ }
+ port 21
+ }
+ protocol tcp
+ source {
+ address 88.105.1.20
+ }
+ }
+ rule 2399 {
+ action accept
+ description FW6863A_4-TCP-ALLOW-95.211.243.198
+ destination {
+ group {
+ address-group DT_FW6863A_4
+ }
+ port 465
+ }
+ protocol tcp
+ source {
+ address 95.211.243.198
+ }
+ }
+ rule 2400 {
+ action accept
+ description FW25843_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW25843_1
+ }
+ port 9001,7070,5500,5488,5000,4500,4000,3500,3000,1883,1880
+ }
+ protocol tcp
+ }
+ rule 2401 {
+ action accept
+ description FW89619_1-TCP_UDP-ALLOW-185.83.65.46
+ destination {
+ group {
+ address-group DT_FW89619_1
+ }
+ port 5060
+ }
+ protocol tcp_udp
+ source {
+ address 185.83.65.46
+ }
+ }
+ rule 2402 {
+ action accept
+ description FW5858F_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW5858F_1
+ }
+ port 1883
+ }
+ protocol tcp
+ }
+ rule 2403 {
+ action accept
+ description FW826BA_3-TCP-ALLOW-95.147.108.173
+ destination {
+ group {
+ address-group DT_FW826BA_3
+ }
+ port 21
+ }
+ protocol tcp
+ source {
+ address 95.147.108.173
+ }
+ }
+ rule 2404 {
+ action accept
+ description FW9C682_3-TCP-ALLOW-52.56.193.88
+ destination {
+ group {
+ address-group DT_FW9C682_3
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 52.56.193.88
+ }
+ }
+ rule 2405 {
+ action accept
+ description FW0745F_5-TCP-ALLOW-109.228.63.82
+ destination {
+ group {
+ address-group DT_FW0745F_5
+ }
+ port 5666
+ }
+ protocol tcp
+ source {
+ address 109.228.63.82
+ }
+ }
+ rule 2406 {
+ action accept
+ description FWC0CE0_1-TCP-ALLOW-90.255.228.213
+ destination {
+ group {
+ address-group DT_FWC0CE0_1
+ }
+ port 49152-65535,8443,21
+ }
+ protocol tcp
+ source {
+ address 90.255.228.213
+ }
+ }
+ rule 2407 {
+ action accept
+ description FW210E2_8-AH-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW210E2_8
+ }
+ }
+ protocol ah
+ }
+ rule 2408 {
+ action accept
+ description FW210E2_8-ESP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW210E2_8
+ }
+ }
+ protocol esp
+ }
+ rule 2409 {
+ action accept
+ description FW210E2_8-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW210E2_8
+ }
+ port 41,62000,23,4500,50,9876,3391,88,135
+ }
+ protocol tcp
+ }
+ rule 2410 {
+ action accept
+ description FW210E2_8-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW210E2_8
+ }
+ port 500
+ }
+ protocol udp
+ }
+ rule 2411 {
+ action accept
+ description VPN-8625-ANY-ALLOW-10.4.54.103
+ destination {
+ group {
+ address-group DT_VPN-8625
+ }
+ }
+ source {
+ address 10.4.54.103
+ }
+ }
+ rule 2412 {
+ action accept
+ description VPN-8625-ANY-ALLOW-10.4.55.104
+ destination {
+ group {
+ address-group DT_VPN-8625
+ }
+ }
+ source {
+ address 10.4.55.104
+ }
+ }
+ rule 2413 {
+ action accept
+ description FW73A64_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW73A64_1
+ }
+ port 61616,8181,8161,8082,4244,4243,4242,4241
+ }
+ protocol tcp
+ }
+ rule 2414 {
+ action accept
+ description VPN-19135-ANY-ALLOW-10.4.86.165
+ destination {
+ group {
+ address-group DT_VPN-19135
+ }
+ }
+ source {
+ address 10.4.86.165
+ }
+ }
+ rule 2415 {
+ action accept
+ description FWCB0CF_7-TCP-ALLOW-82.65.107.3
+ destination {
+ group {
+ address-group DT_FWCB0CF_7
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 82.65.107.3
+ }
+ }
+ rule 2416 {
+ action accept
+ description FWCB0CF_7-TCP-ALLOW-195.2.139.221
+ destination {
+ group {
+ address-group DT_FWCB0CF_7
+ }
+ port 5432-5434,3306-3308
+ }
+ protocol tcp
+ source {
+ address 195.2.139.221
+ }
+ }
+ rule 2417 {
+ action accept
+ description VPN-19135-ANY-ALLOW-10.4.87.165
+ destination {
+ group {
+ address-group DT_VPN-19135
+ }
+ }
+ source {
+ address 10.4.87.165
+ }
+ }
+ rule 2418 {
+ action accept
+ description FW2BB8D_1-TCP-ALLOW-87.75.109.83
+ destination {
+ group {
+ address-group DT_FW2BB8D_1
+ }
+ port 27017,5000
+ }
+ protocol tcp
+ source {
+ address 87.75.109.83
+ }
+ }
+ rule 2419 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.211.83
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.211.83
+ }
+ }
+ rule 2420 {
+ action accept
+ description FW2ED4D_2-TCP-ALLOW-84.92.65.192
+ destination {
+ group {
+ address-group DT_FW2ED4D_2
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 84.92.65.192
+ }
+ }
+ rule 2421 {
+ action accept
+ description FW73A64_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW73A64_1
+ }
+ port 9200,5601,4247,4246,4245
+ }
+ protocol tcp_udp
+ }
+ rule 2422 {
+ action accept
+ description FW4735F_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW4735F_1
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 2423 {
+ action accept
+ description FW2ED4D_2-TCP-ALLOW-109.176.154.238
+ destination {
+ group {
+ address-group DT_FW2ED4D_2
+ }
+ port 7990,3389
+ }
+ protocol tcp
+ source {
+ address 109.176.154.238
+ }
+ }
+ rule 2424 {
+ action accept
+ description FW6863A_4-TCP-ALLOW-95.211.243.206
+ destination {
+ group {
+ address-group DT_FW6863A_4
+ }
+ port 465
+ }
+ protocol tcp
+ source {
+ address 95.211.243.206
+ }
+ }
+ rule 2425 {
+ action accept
+ description FW89619_1-TCP_UDP-ALLOW-81.133.80.114
+ destination {
+ group {
+ address-group DT_FW89619_1
+ }
+ port 5060
+ }
+ protocol tcp_udp
+ source {
+ address 81.133.80.114
+ }
+ }
+ rule 2426 {
+ action accept
+ description FW89619_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW89619_1
+ }
+ port 5090
+ }
+ protocol tcp_udp
+ }
+ rule 2427 {
+ action accept
+ description FW8A57A_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW8A57A_1
+ }
+ port 49155,49154,7700,53,43
+ }
+ protocol tcp_udp
+ }
+ rule 2428 {
+ action accept
+ description FW8C72E_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW8C72E_1
+ }
+ port 500,4500
+ }
+ protocol udp
+ }
+ rule 2429 {
+ action accept
+ description FW2ED4D_2-TCP-ALLOW-18.135.66.162
+ destination {
+ group {
+ address-group DT_FW2ED4D_2
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 18.135.66.162
+ }
+ }
+ rule 2430 {
+ action accept
+ description FW2C5AE_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW2C5AE_1
+ }
+ port 58080,58008,8545,7175
+ }
+ protocol tcp
+ }
+ rule 2431 {
+ action accept
+ description FW2ED4D_2-TCP-ALLOW-80.209.144.52
+ destination {
+ group {
+ address-group DT_FW2ED4D_2
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 80.209.144.52
+ }
+ }
+ rule 2432 {
+ action accept
+ description FW2ED4D_2-TCP-ALLOW-82.153.21.103
+ destination {
+ group {
+ address-group DT_FW2ED4D_2
+ }
+ port 7990,3389
+ }
+ protocol tcp
+ source {
+ address 82.153.21.103
+ }
+ }
+ rule 2433 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.215.41
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.215.41
+ }
+ }
+ rule 2434 {
+ action accept
+ description FW0745F_5-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW0745F_5
+ }
+ port 32770,8001,7801
+ }
+ protocol tcp
+ }
+ rule 2435 {
+ action accept
+ description FW85E02_11-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW85E02_11
+ }
+ port 5090,5060
+ }
+ protocol tcp_udp
+ }
+ rule 2436 {
+ action accept
+ description VPN-21982-ANY-ALLOW-10.4.58.43
+ destination {
+ group {
+ address-group DT_VPN-21982
+ }
+ }
+ source {
+ address 10.4.58.43
+ }
+ }
+ rule 2437 {
+ action accept
+ description FW2ED4D_2-TCP-ALLOW-82.17.52.191
+ destination {
+ group {
+ address-group DT_FW2ED4D_2
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 82.17.52.191
+ }
+ }
+ rule 2438 {
+ action accept
+ description FW66347_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW66347_1
+ }
+ port 53
+ }
+ protocol tcp_udp
+ }
+ rule 2439 {
+ action accept
+ description FW11082_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW11082_1
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 2440 {
+ action accept
+ description VPN-21982-ANY-ALLOW-10.4.59.43
+ destination {
+ group {
+ address-group DT_VPN-21982
+ }
+ }
+ source {
+ address 10.4.59.43
+ }
+ }
+ rule 2441 {
+ action accept
+ description FW2BB8D_1-TCP-ALLOW-92.207.193.203
+ destination {
+ group {
+ address-group DT_FW2BB8D_1
+ }
+ port 5000
+ }
+ protocol tcp
+ source {
+ address 92.207.193.203
+ }
+ }
+ rule 2442 {
+ action accept
+ description FWC2D30_1-TCP-ALLOW-77.99.253.161
+ destination {
+ group {
+ address-group DT_FWC2D30_1
+ }
+ port 8443,22,21
+ }
+ protocol tcp
+ source {
+ address 77.99.253.161
+ }
+ }
+ rule 2443 {
+ action accept
+ description FW0E383_9-TCP-ALLOW-77.99.245.103
+ destination {
+ group {
+ address-group DT_FW0E383_9
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 77.99.245.103
+ }
+ }
+ rule 2444 {
+ action accept
+ description FW2ED4D_2-TCP-ALLOW-82.19.19.52
+ destination {
+ group {
+ address-group DT_FW2ED4D_2
+ }
+ port 7990,3389
+ }
+ protocol tcp
+ source {
+ address 82.19.19.52
+ }
+ }
+ rule 2445 {
+ action accept
+ description FWEF92E_7-AH-ALLOW-77.68.77.57
+ destination {
+ group {
+ address-group DT_FWEF92E_7
+ }
+ }
+ protocol ah
+ source {
+ address 77.68.77.57
+ }
+ }
+ rule 2446 {
+ action accept
+ description VPN-16450-ANY-ALLOW-10.4.88.99
+ destination {
+ group {
+ address-group DT_VPN-16450
+ }
+ }
+ source {
+ address 10.4.88.99
+ }
+ }
+ rule 2447 {
+ action accept
+ description FW2ED4D_2-TCP-ALLOW-82.2.186.129
+ destination {
+ group {
+ address-group DT_FW2ED4D_2
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 82.2.186.129
+ }
+ }
+ rule 2448 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.215.157
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000,3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.215.157
+ }
+ }
+ rule 2449 {
+ action accept
+ description FW8EA04_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW8EA04_1
+ }
+ port 1194
+ }
+ protocol udp
+ }
+ rule 2450 {
+ action accept
+ description FW2ED4D_2-TCP-ALLOW-82.21.59.207
+ destination {
+ group {
+ address-group DT_FW2ED4D_2
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 82.21.59.207
+ }
+ }
+ rule 2451 {
+ action accept
+ description FWC2D30_1-TCP-ALLOW-82.9.22.158
+ destination {
+ group {
+ address-group DT_FWC2D30_1
+ }
+ port 8443,21
+ }
+ protocol tcp
+ source {
+ address 82.9.22.158
+ }
+ }
+ rule 2452 {
+ action accept
+ description FWF3A1B_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWF3A1B_1
+ }
+ port 1981,53
+ }
+ protocol tcp_udp
+ }
+ rule 2453 {
+ action accept
+ description FWEF92E_5-ESP-ALLOW-77.68.11.54
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ }
+ protocol esp
+ source {
+ address 77.68.11.54
+ }
+ }
+ rule 2454 {
+ action accept
+ description FW2ED4D_2-TCP-ALLOW-82.40.177.186
+ destination {
+ group {
+ address-group DT_FW2ED4D_2
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 82.40.177.186
+ }
+ }
+ rule 2455 {
+ action accept
+ description FW0C25B_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW0C25B_1
+ }
+ port 49152-65535,5224
+ }
+ protocol tcp
+ }
+ rule 2456 {
+ action accept
+ description FW85A7C_1-TCP-ALLOW-82.24.242.137
+ destination {
+ group {
+ address-group DT_FW85A7C_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 82.24.242.137
+ }
+ }
+ rule 2457 {
+ action accept
+ description FW2ED4D_2-TCP-ALLOW-82.68.25.66
+ destination {
+ group {
+ address-group DT_FW2ED4D_2
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 82.68.25.66
+ }
+ }
+ rule 2458 {
+ action accept
+ description FW826BA_3-TCP-ALLOW-51.89.148.173
+ destination {
+ group {
+ address-group DT_FW826BA_3
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 51.89.148.173
+ }
+ }
+ rule 2459 {
+ action accept
+ description FWA69A0_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWA69A0_1
+ }
+ port 48402
+ }
+ protocol udp
+ }
+ rule 2460 {
+ action accept
+ description FW2ED4D_2-TCP-ALLOW-82.69.79.85
+ destination {
+ group {
+ address-group DT_FW2ED4D_2
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 82.69.79.85
+ }
+ }
+ rule 2461 {
+ action accept
+ description FWEF92E_5-ESP-ALLOW-77.68.77.149
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ }
+ protocol esp
+ source {
+ address 77.68.77.149
+ }
+ }
+ rule 2462 {
+ action accept
+ description FWEF92E_6-ESP-ALLOW-77.68.77.57
+ destination {
+ group {
+ address-group DT_FWEF92E_6
+ }
+ }
+ protocol esp
+ source {
+ address 77.68.77.57
+ }
+ }
+ rule 2463 {
+ action accept
+ description FWEF92E_7-TCP-ALLOW-77.68.8.74
+ destination {
+ group {
+ address-group DT_FWEF92E_7
+ }
+ port 3389,445
+ }
+ protocol tcp
+ source {
+ address 77.68.8.74
+ }
+ }
+ rule 2464 {
+ action accept
+ description FW49C3D_4-TCP-ALLOW-77.68.8.74
+ destination {
+ group {
+ address-group DT_FW49C3D_4
+ }
+ port 3389,445,443,80
+ }
+ protocol tcp
+ source {
+ address 77.68.8.74
+ }
+ }
+ rule 2465 {
+ action accept
+ description FW49C3D_6-TCP-ALLOW-77.68.8.74
+ destination {
+ group {
+ address-group DT_FW49C3D_6
+ }
+ port 3389,445
+ }
+ protocol tcp
+ source {
+ address 77.68.8.74
+ }
+ }
+ rule 2466 {
+ action accept
+ description FW34C91_3-TCP-ALLOW-77.68.121.4
+ destination {
+ group {
+ address-group DT_FW34C91_3
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 77.68.121.4
+ }
+ }
+ rule 2467 {
+ action accept
+ description VPN-16450-ANY-ALLOW-10.4.89.99
+ destination {
+ group {
+ address-group DT_VPN-16450
+ }
+ }
+ source {
+ address 10.4.89.99
+ }
+ }
+ rule 2468 {
+ action accept
+ description FW0BB22_1-AH-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW0BB22_1
+ }
+ }
+ protocol ah
+ }
+ rule 2469 {
+ action accept
+ description FW2ED4D_2-TCP-ALLOW-86.139.57.116
+ destination {
+ group {
+ address-group DT_FW2ED4D_2
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 86.139.57.116
+ }
+ }
+ rule 2470 {
+ action accept
+ description FW9E550_1-TCP-ALLOW-86.142.67.13
+ destination {
+ group {
+ address-group DT_FW9E550_1
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 86.142.67.13
+ }
+ }
+ rule 2471 {
+ action accept
+ description FW8B21D_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW8B21D_1
+ }
+ port 2096,2095,2087,2086,2083,2082
+ }
+ protocol tcp
+ }
+ rule 2472 {
+ action accept
+ description FW050AC_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW050AC_1
+ }
+ port 2087
+ }
+ protocol tcp
+ }
+ rule 2473 {
+ action accept
+ description FW1FA9E_1-TCP-ALLOW-109.228.50.206
+ destination {
+ group {
+ address-group DT_FW1FA9E_1
+ }
+ port 5432
+ }
+ protocol tcp
+ source {
+ address 109.228.50.206
+ }
+ }
+ rule 2474 {
+ action accept
+ description FW8A3FC_3-TCP-ALLOW-217.23.11.155
+ destination {
+ group {
+ address-group DT_FW8A3FC_3
+ }
+ port 465
+ }
+ protocol tcp
+ source {
+ address 217.23.11.155
+ }
+ }
+ rule 2475 {
+ action accept
+ description FW2ED4D_2-TCP-ALLOW-88.96.110.198
+ destination {
+ group {
+ address-group DT_FW2ED4D_2
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 88.96.110.198
+ }
+ }
+ rule 2476 {
+ action accept
+ description FWEAE53_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWEAE53_1
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 2477 {
+ action accept
+ description VPN-19474-ANY-ALLOW-10.4.88.161
+ destination {
+ group {
+ address-group DT_VPN-19474
+ }
+ }
+ source {
+ address 10.4.88.161
+ }
+ }
+ rule 2478 {
+ action accept
+ description VPN-19474-ANY-ALLOW-10.4.89.161
+ destination {
+ group {
+ address-group DT_VPN-19474
+ }
+ }
+ source {
+ address 10.4.89.161
+ }
+ }
+ rule 2479 {
+ action accept
+ description FW90AE3_1-TCP-ALLOW-68.33.220.233
+ destination {
+ group {
+ address-group DT_FW90AE3_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 68.33.220.233
+ }
+ }
+ rule 2480 {
+ action accept
+ description FWC2D30_1-TCP-ALLOW-86.10.163.127
+ destination {
+ group {
+ address-group DT_FWC2D30_1
+ }
+ port 8443,21
+ }
+ protocol tcp
+ source {
+ address 86.10.163.127
+ }
+ }
+ rule 2481 {
+ action accept
+ description FW2FB61_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW2FB61_1
+ }
+ port 60182
+ }
+ protocol udp
+ }
+ rule 2482 {
+ action accept
+ description FW85A7C_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW85A7C_1
+ }
+ port 2457,2456
+ }
+ protocol tcp_udp
+ }
+ rule 2483 {
+ action accept
+ description FWBED52_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWBED52_1
+ }
+ port 1221,9000
+ }
+ protocol tcp
+ }
+ rule 2484 {
+ action accept
+ description FWA86ED_101-TCP-ALLOW-90.250.2.109
+ destination {
+ group {
+ address-group DT_FWA86ED_101
+ }
+ port 3389,443
+ }
+ protocol tcp
+ source {
+ address 90.250.2.109
+ }
+ }
+ rule 2485 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.213.49
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000,3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.213.49
+ }
+ }
+ rule 2486 {
+ action accept
+ description FWEF92E_5-ESP-ALLOW-77.68.77.70
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ }
+ protocol esp
+ source {
+ address 77.68.77.70
+ }
+ }
+ rule 2487 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.211.250
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.211.250
+ }
+ }
+ rule 2488 {
+ action accept
+ description FW8A3FC_3-TCP-ALLOW-95.168.171.131
+ destination {
+ group {
+ address-group DT_FW8A3FC_3
+ }
+ port 465
+ }
+ protocol tcp
+ source {
+ address 95.168.171.131
+ }
+ }
+ rule 2489 {
+ action accept
+ description FW2379F_14-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW2379F_14
+ }
+ port 48030,10997,10993,10992,10991,10902,1723,1701
+ }
+ protocol tcp
+ }
+ rule 2490 {
+ action accept
+ description FW8C927_1-TCP-ALLOW-84.92.125.78
+ destination {
+ group {
+ address-group DT_FW8C927_1
+ }
+ port 80
+ }
+ protocol tcp
+ source {
+ address 84.92.125.78
+ }
+ }
+ rule 2491 {
+ action accept
+ description FWC2D30_1-TCP-ALLOW-86.146.220.229
+ destination {
+ group {
+ address-group DT_FWC2D30_1
+ }
+ port 8443,21
+ }
+ protocol tcp
+ source {
+ address 86.146.220.229
+ }
+ }
+ rule 2492 {
+ action accept
+ description FW2B279_4-TCP-ALLOW-2.218.5.59
+ destination {
+ group {
+ address-group DT_FW2B279_4
+ }
+ port 8443,22
+ }
+ protocol tcp
+ source {
+ address 2.218.5.59
+ }
+ }
+ rule 2493 {
+ action accept
+ description VPN-18830-ANY-ALLOW-10.4.86.156
+ destination {
+ group {
+ address-group DT_VPN-18830
+ }
+ }
+ source {
+ address 10.4.86.156
+ }
+ }
+ rule 2494 {
+ action accept
+ description VPN-18830-ANY-ALLOW-10.4.87.156
+ destination {
+ group {
+ address-group DT_VPN-18830
+ }
+ }
+ source {
+ address 10.4.87.156
+ }
+ }
+ rule 2495 {
+ action accept
+ description FWEF92E_5-ESP-ALLOW-77.68.92.33
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ }
+ protocol esp
+ source {
+ address 77.68.92.33
+ }
+ }
+ rule 2496 {
+ action accept
+ description FWA86ED_101-TCP-ALLOW-146.198.100.105
+ destination {
+ group {
+ address-group DT_FWA86ED_101
+ }
+ port 3389,443
+ }
+ protocol tcp
+ source {
+ address 146.198.100.105
+ }
+ }
+ rule 2497 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.211.55
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000,3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.211.55
+ }
+ }
+ rule 2498 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-123.231.84.113
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 123.231.84.113
+ }
+ }
+ rule 2499 {
+ action accept
+ description FW8C72E_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW8C72E_1
+ }
+ port 60134,60135
+ }
+ protocol tcp
+ }
+ rule 2500 {
+ action accept
+ description FWAB44B_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWAB44B_1
+ }
+ port 3306
+ }
+ protocol tcp_udp
+ }
+ rule 2501 {
+ action accept
+ description FW2379F_14-TCP-ALLOW-51.148.87.29
+ destination {
+ group {
+ address-group DT_FW2379F_14
+ }
+ port 3389,21
+ }
+ protocol tcp
+ source {
+ address 51.148.87.29
+ }
+ }
+ rule 2502 {
+ action accept
+ description VPN-23738-ANY-ALLOW-10.4.56.13
+ destination {
+ group {
+ address-group DT_VPN-23738
+ }
+ }
+ source {
+ address 10.4.56.13
+ }
+ }
+ rule 2503 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.210.100
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.210.100
+ }
+ }
+ rule 2504 {
+ action accept
+ description FW996B4_2-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW996B4_2
+ }
+ port 43595,30160
+ }
+ protocol tcp
+ }
+ rule 2505 {
+ action accept
+ description FW8871B_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW8871B_1
+ }
+ port 15672,8083,8082,8081,5672
+ }
+ protocol tcp
+ }
+ rule 2506 {
+ action accept
+ description FWAB44B_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWAB44B_1
+ }
+ port 9090,8069,5432
+ }
+ protocol tcp
+ }
+ rule 2507 {
+ action accept
+ description FW6187E_1-ICMP-ALLOW-85.214.201.250
+ destination {
+ group {
+ address-group DT_FW6187E_1
+ }
+ }
+ protocol icmp
+ source {
+ address 85.214.201.250
+ }
+ }
+ rule 2508 {
+ action accept
+ description FW8A3FC_3-TCP-ALLOW-217.23.11.126
+ destination {
+ group {
+ address-group DT_FW8A3FC_3
+ }
+ port 465
+ }
+ protocol tcp
+ source {
+ address 217.23.11.126
+ }
+ }
+ rule 2509 {
+ action accept
+ description FW78137_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW78137_1
+ }
+ port 1-65535
+ }
+ protocol tcp
+ }
+ rule 2510 {
+ action accept
+ description FW32EFF_25-TCP-ALLOW-46.252.65.10
+ destination {
+ group {
+ address-group DT_FW32EFF_25
+ }
+ port 443
+ }
+ protocol tcp
+ source {
+ address 46.252.65.10
+ }
+ }
+ rule 2511 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.214.50
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.214.50
+ }
+ }
+ rule 2512 {
+ action accept
+ description FW6A684_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW6A684_1
+ }
+ port 53
+ }
+ protocol tcp_udp
+ }
+ rule 2513 {
+ action accept
+ description FWF48EB_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWF48EB_1
+ }
+ port 9204,9202,3395
+ }
+ protocol tcp
+ }
+ rule 2514 {
+ action accept
+ description FW44217_2-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW44217_2
+ }
+ port 443,80
+ }
+ protocol tcp_udp
+ }
+ rule 2515 {
+ action accept
+ description FW6187E_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW6187E_1
+ }
+ port 2282
+ }
+ protocol tcp
+ }
+ rule 2516 {
+ action accept
+ description FW8AFF1_7-TCP-ALLOW-109.228.0.58
+ destination {
+ group {
+ address-group DT_FW8AFF1_7
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 109.228.0.58
+ }
+ }
+ rule 2517 {
+ action accept
+ description VPN-34501-ANY-ALLOW-10.4.86.235
+ destination {
+ group {
+ address-group DT_VPN-34501
+ }
+ }
+ source {
+ address 10.4.86.235
+ }
+ }
+ rule 2518 {
+ action accept
+ description FW1271A_2-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW1271A_2
+ }
+ port 5090,5061,5060,5015,5001
+ }
+ protocol tcp
+ }
+ rule 2519 {
+ action accept
+ description FW1271A_2-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW1271A_2
+ }
+ port 9000-10999,5090,5060
+ }
+ protocol udp
+ }
+ rule 2520 {
+ action accept
+ description FW1226C_3-TCP-ALLOW-216.113.160.71
+ destination {
+ group {
+ address-group DT_FW1226C_3
+ }
+ port 80,22
+ }
+ protocol tcp
+ source {
+ address 216.113.160.71
+ }
+ }
+ rule 2521 {
+ action accept
+ description FW32EFF_16-TCP-ALLOW-84.19.45.82
+ destination {
+ group {
+ address-group DT_FW32EFF_16
+ }
+ port 33888
+ }
+ protocol tcp
+ source {
+ address 84.19.45.82
+ }
+ }
+ rule 2522 {
+ action accept
+ description FW03F2E_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW03F2E_1
+ }
+ port 1194
+ }
+ protocol udp
+ }
+ rule 2523 {
+ action accept
+ description FW03F2E_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW03F2E_1
+ }
+ port 4432,4431,4430
+ }
+ protocol tcp
+ }
+ rule 2524 {
+ action accept
+ description FW1226C_3-TCP-ALLOW-216.113.162.65
+ destination {
+ group {
+ address-group DT_FW1226C_3
+ }
+ port 80,22
+ }
+ protocol tcp
+ source {
+ address 216.113.162.65
+ }
+ }
+ rule 2525 {
+ action accept
+ description VPN-20306-ANY-ALLOW-10.4.89.173
+ destination {
+ group {
+ address-group DT_VPN-20306
+ }
+ }
+ source {
+ address 10.4.89.173
+ }
+ }
+ rule 2526 {
+ action accept
+ description FW8A49A_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW8A49A_1
+ }
+ port 2525,8448-65535
+ }
+ protocol tcp
+ }
+ rule 2527 {
+ action accept
+ description FWD3431_2-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWD3431_2
+ }
+ port 43595,30377,30289
+ }
+ protocol tcp
+ }
+ rule 2528 {
+ action accept
+ description FW1226C_3-TCP-ALLOW-66.135.200.200
+ destination {
+ group {
+ address-group DT_FW1226C_3
+ }
+ port 80,22
+ }
+ protocol tcp
+ source {
+ address 66.135.200.200
+ }
+ }
+ rule 2529 {
+ action accept
+ description FW1226C_3-TCP-ALLOW-193.28.178.38
+ destination {
+ group {
+ address-group DT_FW1226C_3
+ }
+ port 80
+ }
+ protocol tcp
+ source {
+ address 193.28.178.38
+ }
+ }
+ rule 2530 {
+ action accept
+ description FWAE88B_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWAE88B_1
+ }
+ port 65432,8080,7300,1195,1194,993,587,465,443,442,143,110,80,53,22
+ }
+ protocol tcp_udp
+ }
+ rule 2531 {
+ action accept
+ description FW1226C_3-TCP-ALLOW-195.234.136.80
+ destination {
+ group {
+ address-group DT_FW1226C_3
+ }
+ port 80
+ }
+ protocol tcp
+ source {
+ address 195.234.136.80
+ }
+ }
+ rule 2532 {
+ action accept
+ description FW1226C_3-TCP-ALLOW-93.94.41.83
+ destination {
+ group {
+ address-group DT_FW1226C_3
+ }
+ port 80
+ }
+ protocol tcp
+ source {
+ address 93.94.41.83
+ }
+ }
+ rule 2533 {
+ action accept
+ description VPN-6103-ANY-ALLOW-10.4.56.102
+ destination {
+ group {
+ address-group DT_VPN-6103
+ }
+ }
+ source {
+ address 10.4.56.102
+ }
+ }
+ rule 2534 {
+ action accept
+ description VPN-6103-ANY-ALLOW-10.4.57.102
+ destination {
+ group {
+ address-group DT_VPN-6103
+ }
+ }
+ source {
+ address 10.4.57.102
+ }
+ }
+ rule 2535 {
+ action accept
+ description FW9E550_1-TCP-ALLOW-86.198.190.104
+ destination {
+ group {
+ address-group DT_FW9E550_1
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 86.198.190.104
+ }
+ }
+ rule 2536 {
+ action accept
+ description FW34C91_3-TCP-ALLOW-81.149.71.244
+ destination {
+ group {
+ address-group DT_FW34C91_3
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 81.149.71.244
+ }
+ }
+ rule 2537 {
+ action accept
+ description FW0BB22_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW0BB22_1
+ }
+ port 27917,27017,9592,9092,1080,587
+ }
+ protocol tcp_udp
+ }
+ rule 2538 {
+ action accept
+ description FWC2D30_1-TCP-ALLOW-89.213.26.156
+ destination {
+ group {
+ address-group DT_FWC2D30_1
+ }
+ port 8443,21
+ }
+ protocol tcp
+ source {
+ address 89.213.26.156
+ }
+ }
+ rule 2539 {
+ action accept
+ description FW34C91_3-UDP-ALLOW-81.149.71.244
+ destination {
+ group {
+ address-group DT_FW34C91_3
+ }
+ port 1434
+ }
+ protocol udp
+ source {
+ address 81.149.71.244
+ }
+ }
+ rule 2540 {
+ action accept
+ description VPN-17207-ANY-ALLOW-10.4.86.121
+ destination {
+ group {
+ address-group DT_VPN-17207
+ }
+ }
+ source {
+ address 10.4.86.121
+ }
+ }
+ rule 2541 {
+ action accept
+ description FW0B352_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW0B352_1
+ }
+ port 4500,500
+ }
+ protocol udp
+ }
+ rule 2542 {
+ action accept
+ description FW85E02_11-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW85E02_11
+ }
+ port 5854,5853,5061
+ }
+ protocol tcp
+ }
+ rule 2543 {
+ action accept
+ description FW0BB22_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW0BB22_1
+ }
+ port 9200,8082
+ }
+ protocol tcp
+ }
+ rule 2544 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.213.140
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.213.140
+ }
+ }
+ rule 2545 {
+ action accept
+ description FWC2D30_1-TCP-ALLOW-91.125.244.28
+ destination {
+ group {
+ address-group DT_FWC2D30_1
+ }
+ port 21
+ }
+ protocol tcp
+ source {
+ address 91.125.244.28
+ }
+ }
+ rule 2546 {
+ action accept
+ description FWA86ED_101-TCP-ALLOW-86.172.252.221
+ destination {
+ group {
+ address-group DT_FWA86ED_101
+ }
+ port 80-3389
+ }
+ protocol tcp
+ source {
+ address 86.172.252.221
+ }
+ }
+ rule 2547 {
+ action accept
+ description FWC2D30_1-TCP-ALLOW-92.207.184.106
+ destination {
+ group {
+ address-group DT_FWC2D30_1
+ }
+ port 8443,21
+ }
+ protocol tcp
+ source {
+ address 92.207.184.106
+ }
+ }
+ rule 2548 {
+ action accept
+ description FW45F3D_1-ANY-ALLOW-146.255.0.198
+ destination {
+ group {
+ address-group DT_FW45F3D_1
+ }
+ }
+ source {
+ address 146.255.0.198
+ }
+ }
+ rule 2549 {
+ action accept
+ description FWBFDED_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWBFDED_1
+ }
+ port 1723,445
+ }
+ protocol tcp
+ }
+ rule 2550 {
+ action accept
+ description FW8A3FC_3-TCP-ALLOW-212.227.9.72
+ destination {
+ group {
+ address-group DT_FW8A3FC_3
+ }
+ port 465
+ }
+ protocol tcp
+ source {
+ address 212.227.9.72
+ }
+ }
+ rule 2551 {
+ action accept
+ description FWE928F_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWE928F_1
+ }
+ port 2082,2083,2086,2087,2096
+ }
+ protocol tcp
+ }
+ rule 2552 {
+ action accept
+ description FW5CBB2_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW5CBB2_1
+ }
+ port 2082,2083,2086,2087
+ }
+ protocol tcp
+ }
+ rule 2553 {
+ action accept
+ description FW63230_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW63230_1
+ }
+ port 445,139
+ }
+ protocol tcp_udp
+ }
+ rule 2554 {
+ action accept
+ description FW90AE3_1-TCP-ALLOW-71.244.176.5
+ destination {
+ group {
+ address-group DT_FW90AE3_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 71.244.176.5
+ }
+ }
+ rule 2555 {
+ action accept
+ description FWA4BC8_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWA4BC8_1
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 2556 {
+ action accept
+ description VPN-17207-ANY-ALLOW-10.4.87.121
+ destination {
+ group {
+ address-group DT_VPN-17207
+ }
+ }
+ source {
+ address 10.4.87.121
+ }
+ }
+ rule 2557 {
+ action accept
+ description VPN-17558-ANY-ALLOW-10.4.86.143
+ destination {
+ group {
+ address-group DT_VPN-17558
+ }
+ }
+ source {
+ address 10.4.86.143
+ }
+ }
+ rule 2558 {
+ action accept
+ description FWB2CD2_1-TCP-ALLOW-86.167.68.241
+ destination {
+ group {
+ address-group DT_FWB2CD2_1
+ }
+ port 21
+ }
+ protocol tcp
+ source {
+ address 86.167.68.241
+ }
+ }
+ rule 2559 {
+ action accept
+ description FW32EFF_25-TCP-ALLOW-84.19.45.82
+ destination {
+ group {
+ address-group DT_FW32EFF_25
+ }
+ port 33888,443
+ }
+ protocol tcp
+ source {
+ address 84.19.45.82
+ }
+ }
+ rule 2560 {
+ action accept
+ description FW44217_2-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW44217_2
+ }
+ port 9001,7946,2376
+ }
+ protocol tcp
+ }
+ rule 2561 {
+ action accept
+ description FW7DAE2_3-TCP-ALLOW-212.227.253.11
+ destination {
+ group {
+ address-group DT_FW7DAE2_3
+ }
+ port 25,22
+ }
+ protocol tcp
+ source {
+ address 212.227.253.11
+ }
+ }
+ rule 2562 {
+ action accept
+ description FW7DAE2_3-TCP-ALLOW-217.160.126.118
+ destination {
+ group {
+ address-group DT_FW7DAE2_3
+ }
+ port 25,22
+ }
+ protocol tcp
+ source {
+ address 217.160.126.118
+ }
+ }
+ rule 2563 {
+ action accept
+ description FWAF6E8_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWAF6E8_1
+ }
+ port 2082,2083,2086,2087,2096
+ }
+ protocol tcp
+ }
+ rule 2564 {
+ action accept
+ description FWCD7CE_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWCD7CE_1
+ }
+ port 49152-65534
+ }
+ protocol tcp
+ }
+ rule 2565 {
+ action accept
+ description FW32EFF_16-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW32EFF_16
+ }
+ port 47779,47778,47777,47776
+ }
+ protocol tcp
+ }
+ rule 2566 {
+ action accept
+ description FW0745F_5-TCP-ALLOW-77.68.117.222
+ destination {
+ group {
+ address-group DT_FW0745F_5
+ }
+ port 49170
+ }
+ protocol tcp
+ source {
+ address 77.68.117.222
+ }
+ }
+ rule 2567 {
+ action accept
+ description FWC2D30_1-TCP-ALLOW-92.207.199.107
+ destination {
+ group {
+ address-group DT_FWC2D30_1
+ }
+ port 8443,22,21
+ }
+ protocol tcp
+ source {
+ address 92.207.199.107
+ }
+ }
+ rule 2568 {
+ action accept
+ description FW8AFF1_7-TCP-ALLOW-109.228.0.89
+ destination {
+ group {
+ address-group DT_FW8AFF1_7
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 109.228.0.89
+ }
+ }
+ rule 2569 {
+ action accept
+ description FW8A3FC_3-TCP-ALLOW-190.2.130.41
+ destination {
+ group {
+ address-group DT_FW8A3FC_3
+ }
+ port 465
+ }
+ protocol tcp
+ source {
+ address 190.2.130.41
+ }
+ }
+ rule 2570 {
+ action accept
+ description FWFDCC7_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWFDCC7_1
+ }
+ port 10000
+ }
+ protocol tcp_udp
+ }
+ rule 2571 {
+ action accept
+ description FWF19FB_2-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWF19FB_2
+ }
+ port 43595,40001,30616-30631,30531,30204-30435
+ }
+ protocol tcp
+ }
+ rule 2572 {
+ action accept
+ description FW2B279_4-TCP-ALLOW-213.171.217.107
+ destination {
+ group {
+ address-group DT_FW2B279_4
+ }
+ port 8443,22
+ }
+ protocol tcp
+ source {
+ address 213.171.217.107
+ }
+ }
+ rule 2573 {
+ action accept
+ description FW4E314_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW4E314_1
+ }
+ port 21543,888
+ }
+ protocol tcp
+ }
+ rule 2574 {
+ action accept
+ description FW73215_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW73215_1
+ }
+ port 4380
+ }
+ protocol udp
+ }
+ rule 2575 {
+ action accept
+ description VPN-31301-ANY-ALLOW-10.4.86.223
+ destination {
+ group {
+ address-group DT_VPN-31301
+ }
+ }
+ source {
+ address 10.4.86.223
+ }
+ }
+ rule 2576 {
+ action accept
+ description FW8428B_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW8428B_1
+ }
+ port 48402
+ }
+ protocol udp
+ }
+ rule 2577 {
+ action accept
+ description FWF3A1B_1-TCP_UDP-ALLOW-185.195.124.169
+ destination {
+ group {
+ address-group DT_FWF3A1B_1
+ }
+ port 2222
+ }
+ protocol tcp_udp
+ source {
+ address 185.195.124.169
+ }
+ }
+ rule 2578 {
+ action accept
+ description FW34C91_3-UDP-ALLOW-77.68.121.4
+ destination {
+ group {
+ address-group DT_FW34C91_3
+ }
+ port 1434
+ }
+ protocol udp
+ source {
+ address 77.68.121.4
+ }
+ }
+ rule 2579 {
+ action accept
+ description FW73215_1-TCP-ALLOW-82.38.58.135
+ destination {
+ group {
+ address-group DT_FW73215_1
+ }
+ port 10685
+ }
+ protocol tcp
+ source {
+ address 82.38.58.135
+ }
+ }
+ rule 2580 {
+ action accept
+ description FW52F6F_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW52F6F_1
+ }
+ port 8888
+ }
+ protocol tcp
+ }
+ rule 2581 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.213.86
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.213.86
+ }
+ }
+ rule 2582 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-123.231.125.13
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 123.231.125.13
+ }
+ }
+ rule 2583 {
+ action accept
+ description FWEE03C_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWEE03C_1
+ }
+ port 2087,2083
+ }
+ protocol tcp
+ }
+ rule 2584 {
+ action accept
+ description FW748B7_1-TCP-ALLOW-157.231.123.154
+ destination {
+ group {
+ address-group DT_FW748B7_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 157.231.123.154
+ }
+ }
+ rule 2585 {
+ action accept
+ description VPN-34501-ANY-ALLOW-10.4.87.235
+ destination {
+ group {
+ address-group DT_VPN-34501
+ }
+ }
+ source {
+ address 10.4.87.235
+ }
+ }
+ rule 2586 {
+ action accept
+ description FWE47DA_1-TCP-ALLOW-81.134.85.245
+ destination {
+ group {
+ address-group DT_FWE47DA_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 81.134.85.245
+ }
+ }
+ rule 2587 {
+ action accept
+ description FWD61BF_1-ANY-ALLOW-193.237.81.213_32
+ destination {
+ group {
+ address-group DT_FWD61BF_1
+ }
+ }
+ source {
+ address 193.237.81.213/32
+ }
+ }
+ rule 2588 {
+ action accept
+ description FW2B279_4-TCP-ALLOW-23.106.238.241
+ destination {
+ group {
+ address-group DT_FW2B279_4
+ }
+ port 8443,3306,22
+ }
+ protocol tcp
+ source {
+ address 23.106.238.241
+ }
+ }
+ rule 2589 {
+ action accept
+ description FW2B279_4-TCP-ALLOW-35.204.202.196
+ destination {
+ group {
+ address-group DT_FW2B279_4
+ }
+ port 8443,3306,22
+ }
+ protocol tcp
+ source {
+ address 35.204.202.196
+ }
+ }
+ rule 2590 {
+ action accept
+ description FW2B279_4-TCP-ALLOW-35.242.141.128
+ destination {
+ group {
+ address-group DT_FW2B279_4
+ }
+ port 8443,3306,22
+ }
+ protocol tcp
+ source {
+ address 35.242.141.128
+ }
+ }
+ rule 2591 {
+ action accept
+ description FWC2EF2_2-TCP-ALLOW-90.251.221.19
+ destination {
+ group {
+ address-group DT_FWC2EF2_2
+ }
+ port 995,993,587,465,143,110,25,22
+ }
+ protocol tcp
+ source {
+ address 90.251.221.19
+ }
+ }
+ rule 2592 {
+ action accept
+ description VPN-14673-ANY-ALLOW-10.4.88.44
+ destination {
+ group {
+ address-group DT_VPN-14673
+ }
+ }
+ source {
+ address 10.4.88.44
+ }
+ }
+ rule 2593 {
+ action accept
+ description FWA83DF_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWA83DF_1
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 2594 {
+ action accept
+ description FW31525_6-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW31525_6
+ }
+ port 35467
+ }
+ protocol tcp
+ }
+ rule 2595 {
+ action accept
+ description FW4293B_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW4293B_1
+ }
+ port 9080,8888,8881,7815,8419
+ }
+ protocol tcp
+ }
+ rule 2596 {
+ action accept
+ description FW4AE7D_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW4AE7D_1
+ }
+ port 8083,81
+ }
+ protocol tcp
+ }
+ rule 2597 {
+ action accept
+ description FWC2D30_1-TCP-ALLOW-143.52.53.22
+ destination {
+ group {
+ address-group DT_FWC2D30_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 143.52.53.22
+ }
+ }
+ rule 2598 {
+ action accept
+ description FW44217_2-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW44217_2
+ }
+ port 7946,4789
+ }
+ protocol udp
+ }
+ rule 2599 {
+ action accept
+ description FW2B279_4-TCP-ALLOW-46.249.82.162
+ destination {
+ group {
+ address-group DT_FW2B279_4
+ }
+ port 8443,22
+ }
+ protocol tcp
+ source {
+ address 46.249.82.162
+ }
+ }
+ rule 2600 {
+ action accept
+ description FW27949_2-TCP-ALLOW-80.95.202.106
+ destination {
+ group {
+ address-group DT_FW27949_2
+ }
+ port 443,80
+ }
+ protocol tcp
+ source {
+ address 80.95.202.106
+ }
+ }
+ rule 2601 {
+ action accept
+ description FWEF92E_5-ESP-ALLOW-77.68.93.82
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ }
+ protocol esp
+ source {
+ address 77.68.93.82
+ }
+ }
+ rule 2602 {
+ action accept
+ description FW2ACFF_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW2ACFF_1
+ }
+ port 8082,5093
+ }
+ protocol tcp
+ }
+ rule 2603 {
+ action accept
+ description FWC2EF2_2-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWC2EF2_2
+ }
+ port 10000,953,53
+ }
+ protocol tcp_udp
+ }
+ rule 2604 {
+ action accept
+ description FW0C8E1_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW0C8E1_1
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 2605 {
+ action accept
+ description FWA86ED_101-TCP_UDP-ALLOW-82.5.189.5
+ destination {
+ group {
+ address-group DT_FWA86ED_101
+ }
+ port 1-65535
+ }
+ protocol tcp_udp
+ source {
+ address 82.5.189.5
+ }
+ }
+ rule 2606 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.208.179
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.208.179
+ }
+ }
+ rule 2607 {
+ action accept
+ description FWEF92E_5-ESP-ALLOW-88.208.198.93
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ }
+ protocol esp
+ source {
+ address 88.208.198.93
+ }
+ }
+ rule 2608 {
+ action accept
+ description FW5658C_1-TCP-ALLOW-39.45.43.109
+ destination {
+ group {
+ address-group DT_FW5658C_1
+ }
+ port 8443
+ }
+ protocol tcp
+ source {
+ address 39.45.43.109
+ }
+ }
+ rule 2609 {
+ action accept
+ description FW5658C_1-TCP-ALLOW-5.67.3.195
+ destination {
+ group {
+ address-group DT_FW5658C_1
+ }
+ port 8443
+ }
+ protocol tcp
+ source {
+ address 5.67.3.195
+ }
+ }
+ rule 2610 {
+ action accept
+ description FWDCA36_3-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWDCA36_3
+ }
+ port 49152-65534,5901
+ }
+ protocol tcp
+ }
+ rule 2611 {
+ action accept
+ description FWE928F_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWE928F_1
+ }
+ port 53
+ }
+ protocol tcp_udp
+ }
+ rule 2612 {
+ action accept
+ description FW69D6D_2-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW69D6D_2
+ }
+ port 5001,5090,5060,5015
+ }
+ protocol tcp
+ }
+ rule 2613 {
+ action accept
+ description FW69D6D_2-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW69D6D_2
+ }
+ port 5090,5060,9000-9500
+ }
+ protocol udp
+ }
+ rule 2614 {
+ action accept
+ description VPN-9765-ANY-ALLOW-10.4.56.45
+ destination {
+ group {
+ address-group DT_VPN-9765
+ }
+ }
+ source {
+ address 10.4.56.45
+ }
+ }
+ rule 2615 {
+ action accept
+ description VPN-9765-ANY-ALLOW-10.4.57.45
+ destination {
+ group {
+ address-group DT_VPN-9765
+ }
+ }
+ source {
+ address 10.4.57.45
+ }
+ }
+ rule 2616 {
+ action accept
+ description FW4C136_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW4C136_1
+ }
+ port 1194
+ }
+ protocol tcp_udp
+ }
+ rule 2617 {
+ action accept
+ description FW6F539_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW6F539_1
+ }
+ port 49152-65534
+ }
+ protocol tcp
+ }
+ rule 2618 {
+ action accept
+ description FWDD089_5-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWDD089_5
+ }
+ port 5666-5667,12489
+ }
+ protocol tcp_udp
+ }
+ rule 2619 {
+ action accept
+ description FWDD089_5-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWDD089_5
+ }
+ port 161-162
+ }
+ protocol tcp
+ }
+ rule 2620 {
+ action accept
+ description FWEF92E_5-AH-ALLOW-109.228.37.19
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ }
+ protocol ah
+ source {
+ address 109.228.37.19
+ }
+ }
+ rule 2621 {
+ action accept
+ description FW0A5C4_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW0A5C4_1
+ }
+ port 9000,6697,6667,5000
+ }
+ protocol tcp
+ }
+ rule 2622 {
+ action accept
+ description FWEF92E_5-AH-ALLOW-77.68.11.54
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ }
+ protocol ah
+ source {
+ address 77.68.11.54
+ }
+ }
+ rule 2623 {
+ action accept
+ description FW2BB8D_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW2BB8D_1
+ }
+ port 7990
+ }
+ protocol tcp
+ }
+ rule 2624 {
+ action accept
+ description FWAF6E8_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWAF6E8_1
+ }
+ port 7770-7800,44445,53
+ }
+ protocol tcp_udp
+ }
+ rule 2625 {
+ action accept
+ description FW81286_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW81286_1
+ }
+ port 2082,2083,2086,2087,2096
+ }
+ protocol tcp
+ }
+ rule 2626 {
+ action accept
+ description FW05064_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW05064_1
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 2627 {
+ action accept
+ description FWD7382_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWD7382_1
+ }
+ port 4500,1701,500
+ }
+ protocol udp
+ }
+ rule 2628 {
+ action accept
+ description FWD7382_1-TCP-ALLOW-174.91.7.198
+ destination {
+ group {
+ address-group DT_FWD7382_1
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 174.91.7.198
+ }
+ }
+ rule 2629 {
+ action accept
+ description VPN-9484-ANY-ALLOW-10.4.56.164
+ destination {
+ group {
+ address-group DT_VPN-9484
+ }
+ }
+ source {
+ address 10.4.56.164
+ }
+ }
+ rule 2630 {
+ action accept
+ description VPN-9484-ANY-ALLOW-10.4.57.164
+ destination {
+ group {
+ address-group DT_VPN-9484
+ }
+ }
+ source {
+ address 10.4.57.164
+ }
+ }
+ rule 2631 {
+ action accept
+ description VPN-9749-ANY-ALLOW-10.4.58.144
+ destination {
+ group {
+ address-group DT_VPN-9749
+ }
+ }
+ source {
+ address 10.4.58.144
+ }
+ }
+ rule 2632 {
+ action accept
+ description FWEF92E_5-AH-ALLOW-77.68.77.149
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ }
+ protocol ah
+ source {
+ address 77.68.77.149
+ }
+ }
+ rule 2633 {
+ action accept
+ description FW10FEE_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW10FEE_1
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 2634 {
+ action accept
+ description FW5658C_1-TCP-ALLOW-5.71.30.141
+ destination {
+ group {
+ address-group DT_FW5658C_1
+ }
+ port 8443
+ }
+ protocol tcp
+ source {
+ address 5.71.30.141
+ }
+ }
+ rule 2635 {
+ action accept
+ description VPN-9749-ANY-ALLOW-10.4.59.144
+ destination {
+ group {
+ address-group DT_VPN-9749
+ }
+ }
+ source {
+ address 10.4.59.144
+ }
+ }
+ rule 2636 {
+ action accept
+ description FWEF92E_5-AH-ALLOW-77.68.77.70
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ }
+ protocol ah
+ source {
+ address 77.68.77.70
+ }
+ }
+ rule 2637 {
+ action accept
+ description FWEF92E_5-AH-ALLOW-77.68.92.33
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ }
+ protocol ah
+ source {
+ address 77.68.92.33
+ }
+ }
+ rule 2638 {
+ action accept
+ description FWEF92E_5-AH-ALLOW-77.68.93.82
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ }
+ protocol ah
+ source {
+ address 77.68.93.82
+ }
+ }
+ rule 2639 {
+ action accept
+ description FWEF92E_6-AH-ALLOW-77.68.77.57
+ destination {
+ group {
+ address-group DT_FWEF92E_6
+ }
+ }
+ protocol ah
+ source {
+ address 77.68.77.57
+ }
+ }
+ rule 2640 {
+ action accept
+ description FWEF92E_6-TCP-ALLOW-77.68.8.74
+ destination {
+ group {
+ address-group DT_FWEF92E_6
+ }
+ port 3389,445
+ }
+ protocol tcp
+ source {
+ address 77.68.8.74
+ }
+ }
+ rule 2641 {
+ action accept
+ description FWEF92E_5-AH-ALLOW-88.208.198.93
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ }
+ protocol ah
+ source {
+ address 88.208.198.93
+ }
+ }
+ rule 2642 {
+ action accept
+ description FWEF92E_7-TCP-ALLOW-87.224.33.215
+ destination {
+ group {
+ address-group DT_FWEF92E_7
+ }
+ port 3389,445
+ }
+ protocol tcp
+ source {
+ address 87.224.33.215
+ }
+ }
+ rule 2643 {
+ action accept
+ description FWEF92E_7-TCP-ALLOW-87.224.6.174
+ destination {
+ group {
+ address-group DT_FWEF92E_7
+ }
+ port 3389,445
+ }
+ protocol tcp
+ source {
+ address 87.224.6.174
+ }
+ }
+ rule 2644 {
+ action accept
+ description FWEF92E_5-TCP-ALLOW-109.228.37.19
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ port 443
+ }
+ protocol tcp
+ source {
+ address 109.228.37.19
+ }
+ }
+ rule 2645 {
+ action accept
+ description FW49C3D_4-TCP-ALLOW-87.224.33.215
+ destination {
+ group {
+ address-group DT_FW49C3D_4
+ }
+ port 3389,445,80
+ }
+ protocol tcp
+ source {
+ address 87.224.33.215
+ }
+ }
+ rule 2646 {
+ action accept
+ description FW49C3D_4-TCP-ALLOW-82.0.198.226
+ destination {
+ group {
+ address-group DT_FW49C3D_4
+ }
+ port 3389,445
+ }
+ protocol tcp
+ source {
+ address 82.0.198.226
+ }
+ }
+ rule 2647 {
+ action accept
+ description FW49C3D_6-TCP-ALLOW-82.0.198.226
+ destination {
+ group {
+ address-group DT_FW49C3D_6
+ }
+ port 3389,445
+ }
+ protocol tcp
+ source {
+ address 82.0.198.226
+ }
+ }
+ rule 2648 {
+ action accept
+ description FW49C3D_6-TCP-ALLOW-83.100.136.74
+ destination {
+ group {
+ address-group DT_FW49C3D_6
+ }
+ port 3389,445
+ }
+ protocol tcp
+ source {
+ address 83.100.136.74
+ }
+ }
+ rule 2649 {
+ action accept
+ description FWEF92E_6-TCP-ALLOW-87.224.33.215
+ destination {
+ group {
+ address-group DT_FWEF92E_6
+ }
+ port 3389,445
+ }
+ protocol tcp
+ source {
+ address 87.224.33.215
+ }
+ }
+ rule 2650 {
+ action accept
+ description FWEF92E_5-TCP-ALLOW-194.145.189.162
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ port 443
+ }
+ protocol tcp
+ source {
+ address 194.145.189.162
+ }
+ }
+ rule 2651 {
+ action accept
+ description FW3DBF8_9-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW3DBF8_9
+ }
+ port 9000-10999
+ }
+ protocol udp
+ }
+ rule 2652 {
+ action accept
+ description VPN-19807-ANY-ALLOW-10.4.86.172
+ destination {
+ group {
+ address-group DT_VPN-19807
+ }
+ }
+ source {
+ address 10.4.86.172
+ }
+ }
+ rule 2653 {
+ action accept
+ description FWEEC75_1-TCP-ALLOW-82.8.245.40
+ destination {
+ group {
+ address-group DT_FWEEC75_1
+ }
+ port 21
+ }
+ protocol tcp
+ source {
+ address 82.8.245.40
+ }
+ }
+ rule 2654 {
+ action accept
+ description FW3AD6F_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW3AD6F_1
+ }
+ port 53,465
+ }
+ protocol tcp_udp
+ }
+ rule 2655 {
+ action accept
+ description FWCDBC7_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWCDBC7_1
+ }
+ port 53
+ }
+ protocol tcp_udp
+ }
+ rule 2656 {
+ action accept
+ description FWA373F_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWA373F_1
+ }
+ port 2087,2086,2083,2082
+ }
+ protocol tcp
+ }
+ rule 2657 {
+ action accept
+ description FW2B279_4-TCP-ALLOW-94.155.221.50
+ destination {
+ group {
+ address-group DT_FW2B279_4
+ }
+ port 8443,22
+ }
+ protocol tcp
+ source {
+ address 94.155.221.50
+ }
+ }
+ rule 2658 {
+ action accept
+ description FWC2D30_1-TCP-ALLOW-213.171.217.107
+ destination {
+ group {
+ address-group DT_FWC2D30_1
+ }
+ port 8443,22
+ }
+ protocol tcp
+ source {
+ address 213.171.217.107
+ }
+ }
+ rule 2659 {
+ action accept
+ description VPN-30791-ANY-ALLOW-10.4.88.215
+ destination {
+ group {
+ address-group DT_VPN-30791
+ }
+ }
+ source {
+ address 10.4.88.215
+ }
+ }
+ rule 2660 {
+ action accept
+ description VPN-30791-ANY-ALLOW-10.4.89.215
+ destination {
+ group {
+ address-group DT_VPN-30791
+ }
+ }
+ source {
+ address 10.4.89.215
+ }
+ }
+ rule 2661 {
+ action accept
+ description FW2EF2C_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW2EF2C_1
+ }
+ port 10000,3478
+ }
+ protocol udp
+ }
+ rule 2662 {
+ action accept
+ description FW32EFF_49-TCP-ALLOW-195.217.232.0_26
+ destination {
+ group {
+ address-group DT_FW32EFF_49
+ }
+ port 5589
+ }
+ protocol tcp
+ source {
+ address 195.217.232.0/26
+ }
+ }
+ rule 2663 {
+ action accept
+ description FW4AE7D_1-TCP-ALLOW-81.136.8.24
+ destination {
+ group {
+ address-group DT_FW4AE7D_1
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 81.136.8.24
+ }
+ }
+ rule 2664 {
+ action accept
+ description FW2EF2C_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW2EF2C_1
+ }
+ port 5222
+ }
+ protocol tcp_udp
+ }
+ rule 2665 {
+ action accept
+ description FW48A55_2-TCP-ALLOW-86.29.225.60
+ destination {
+ group {
+ address-group DT_FW48A55_2
+ }
+ port 443,80,22
+ }
+ protocol tcp
+ source {
+ address 86.29.225.60
+ }
+ }
+ rule 2666 {
+ action accept
+ description FW48A55_2-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW48A55_2
+ }
+ port 1337
+ }
+ protocol udp
+ }
+ rule 2667 {
+ action accept
+ description VPN-11913-ANY-ALLOW-10.4.56.191
+ destination {
+ group {
+ address-group DT_VPN-11913
+ }
+ }
+ source {
+ address 10.4.56.191
+ }
+ }
+ rule 2668 {
+ action accept
+ description FWEF92E_5-TCP-ALLOW-194.145.189.163
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ port 443
+ }
+ protocol tcp
+ source {
+ address 194.145.189.163
+ }
+ }
+ rule 2669 {
+ action accept
+ description FW8AFF1_7-TCP-ALLOW-109.228.0.90
+ destination {
+ group {
+ address-group DT_FW8AFF1_7
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 109.228.0.90
+ }
+ }
+ rule 2670 {
+ action accept
+ description FW8AFF1_7-TCP-ALLOW-109.228.24.66
+ destination {
+ group {
+ address-group DT_FW8AFF1_7
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 109.228.24.66
+ }
+ }
+ rule 2671 {
+ action accept
+ description VPN-11913-ANY-ALLOW-10.4.57.191
+ destination {
+ group {
+ address-group DT_VPN-11913
+ }
+ }
+ source {
+ address 10.4.57.191
+ }
+ }
+ rule 2672 {
+ action accept
+ description FW73573_2-TCP-ALLOW-86.9.185.195
+ destination {
+ group {
+ address-group DT_FW73573_2
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 86.9.185.195
+ }
+ }
+ rule 2673 {
+ action accept
+ description VPN-17558-ANY-ALLOW-10.4.87.143
+ destination {
+ group {
+ address-group DT_VPN-17558
+ }
+ }
+ source {
+ address 10.4.87.143
+ }
+ }
+ rule 2674 {
+ action accept
+ description FW748B7_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW748B7_1
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 2675 {
+ action accept
+ description FW16375_5-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW16375_5
+ }
+ port 2082,2083,2086,2087
+ }
+ protocol tcp
+ }
+ rule 2676 {
+ action accept
+ description FW5A77C_16-TCP-ALLOW-88.98.204.68
+ destination {
+ group {
+ address-group DT_FW5A77C_16
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 88.98.204.68
+ }
+ }
+ rule 2677 {
+ action accept
+ description FW73573_1-TCP-ALLOW-86.9.185.195
+ destination {
+ group {
+ address-group DT_FW73573_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 86.9.185.195
+ }
+ }
+ rule 2678 {
+ action accept
+ description FWEF92E_5-TCP-ALLOW-194.145.190.4
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ port 443
+ }
+ protocol tcp
+ source {
+ address 194.145.190.4
+ }
+ }
+ rule 2679 {
+ action accept
+ description FWC2D30_1-TCP-ALLOW-140.82.112.0_20
+ destination {
+ group {
+ address-group DT_FWC2D30_1
+ }
+ port 8443
+ }
+ protocol tcp
+ source {
+ address 140.82.112.0/20
+ }
+ }
+ rule 2680 {
+ action accept
+ description FW62858_12-ICMP-ALLOW-77.68.122.41
+ destination {
+ group {
+ address-group DT_FW62858_12
+ }
+ }
+ protocol icmp
+ source {
+ address 77.68.122.41
+ }
+ }
+ rule 2681 {
+ action accept
+ description FWB118A_1-TCP-ALLOW-147.148.96.136
+ destination {
+ group {
+ address-group DT_FWB118A_1
+ }
+ port 49152-65534,8447,8443,22,21,20
+ }
+ protocol tcp
+ source {
+ address 147.148.96.136
+ }
+ }
+ rule 2682 {
+ action accept
+ description FW5A77C_16-TCP-ALLOW-92.207.237.42
+ destination {
+ group {
+ address-group DT_FW5A77C_16
+ }
+ port 10000,22
+ }
+ protocol tcp
+ source {
+ address 92.207.237.42
+ }
+ }
+ rule 2683 {
+ action accept
+ description FW364CF_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW364CF_1
+ }
+ port 4022,8099
+ }
+ protocol tcp
+ }
+ rule 2684 {
+ action accept
+ description VPN-25822-ANY-ALLOW-10.4.54.42
+ destination {
+ group {
+ address-group DT_VPN-25822
+ }
+ }
+ source {
+ address 10.4.54.42
+ }
+ }
+ rule 2685 {
+ action accept
+ description FW7F28A_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW7F28A_1
+ }
+ port 10051,10050
+ }
+ protocol tcp
+ }
+ rule 2686 {
+ action accept
+ description FW8AFF1_7-TCP-ALLOW-109.228.53.159
+ destination {
+ group {
+ address-group DT_FW8AFF1_7
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 109.228.53.159
+ }
+ }
+ rule 2687 {
+ action accept
+ description FWE47DA_1-TCP-ALLOW-185.22.211.0_24
+ destination {
+ group {
+ address-group DT_FWE47DA_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 185.22.211.0/24
+ }
+ }
+ rule 2688 {
+ action accept
+ description FWC6301_1-TCP-ALLOW-95.34.208.4
+ destination {
+ group {
+ address-group DT_FWC6301_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 95.34.208.4
+ }
+ }
+ rule 2689 {
+ action accept
+ description FW45000_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW45000_1
+ }
+ port 990
+ }
+ protocol tcp
+ }
+ rule 2690 {
+ action accept
+ description FW481D7_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW481D7_1
+ }
+ port 6789
+ }
+ protocol tcp
+ }
+ rule 2691 {
+ action accept
+ description VPN-8203-ANY-ALLOW-10.4.59.109
+ destination {
+ group {
+ address-group DT_VPN-8203
+ }
+ }
+ source {
+ address 10.4.59.109
+ }
+ }
+ rule 2692 {
+ action accept
+ description VPN-3575-ANY-ALLOW-10.4.54.124
+ destination {
+ group {
+ address-group DT_VPN-3575
+ }
+ }
+ source {
+ address 10.4.54.124
+ }
+ }
+ rule 2693 {
+ action accept
+ description VPN-3575-ANY-ALLOW-10.4.55.125
+ destination {
+ group {
+ address-group DT_VPN-3575
+ }
+ }
+ source {
+ address 10.4.55.125
+ }
+ }
+ rule 2694 {
+ action accept
+ description FW42661_3-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW42661_3
+ }
+ port 44445,25672,15672,9876,7770-7800
+ }
+ protocol tcp
+ }
+ rule 2695 {
+ action accept
+ description FWBF494_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWBF494_1
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 2696 {
+ action accept
+ description FWD0E22_4-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWD0E22_4
+ }
+ port 8000,19005
+ }
+ protocol tcp
+ }
+ rule 2697 {
+ action accept
+ description FW98818_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW98818_1
+ }
+ port 27015
+ }
+ protocol udp
+ }
+ rule 2698 {
+ action accept
+ description FW62858_12-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW62858_12
+ }
+ port 5001,5000
+ }
+ protocol tcp
+ }
+ rule 2699 {
+ action accept
+ description VPN-34006-ANY-ALLOW-10.4.86.242
+ destination {
+ group {
+ address-group DT_VPN-34006
+ }
+ }
+ source {
+ address 10.4.86.242
+ }
+ }
+ rule 2700 {
+ action accept
+ description VPN-34006-ANY-ALLOW-10.4.87.242
+ destination {
+ group {
+ address-group DT_VPN-34006
+ }
+ }
+ source {
+ address 10.4.87.242
+ }
+ }
+ rule 2701 {
+ action accept
+ description FWF879C_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWF879C_1
+ }
+ port 8888
+ }
+ protocol tcp
+ }
+ rule 2702 {
+ action accept
+ description FWEF92E_5-TCP-ALLOW-77.68.11.54
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ port 443
+ }
+ protocol tcp
+ source {
+ address 77.68.11.54
+ }
+ }
+ rule 2703 {
+ action accept
+ description FWEF92E_5-TCP-ALLOW-77.68.74.89
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ port 443
+ }
+ protocol tcp
+ source {
+ address 77.68.74.89
+ }
+ }
+ rule 2704 {
+ action accept
+ description FWEF92E_5-TCP-ALLOW-77.68.77.149
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ port 443
+ }
+ protocol tcp
+ source {
+ address 77.68.77.149
+ }
+ }
+ rule 2705 {
+ action accept
+ description FW8A57A_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW8A57A_1
+ }
+ port 49153,5666
+ }
+ protocol tcp
+ }
+ rule 2706 {
+ action accept
+ description FW62858_12-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW62858_12
+ }
+ port 5090,5061,5060
+ }
+ protocol tcp_udp
+ }
+ rule 2707 {
+ action accept
+ description FW62858_12-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW62858_12
+ }
+ port 9000-10999
+ }
+ protocol udp
+ }
+ rule 2708 {
+ action accept
+ description FW0E2EE_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW0E2EE_1
+ }
+ port 1024-65535
+ }
+ protocol tcp_udp
+ }
+ rule 2709 {
+ action accept
+ description FWEEC75_1-TCP-ALLOW-82.5.80.210
+ destination {
+ group {
+ address-group DT_FWEEC75_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 82.5.80.210
+ }
+ }
+ rule 2710 {
+ action accept
+ description FW4F81F_4-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW4F81F_4
+ }
+ port 26900,27005,27015,51000,51005,51030
+ }
+ protocol tcp_udp
+ }
+ rule 2711 {
+ action accept
+ description VPN-7902-ANY-ALLOW-10.4.56.78
+ destination {
+ group {
+ address-group DT_VPN-7902
+ }
+ }
+ source {
+ address 10.4.56.78
+ }
+ }
+ rule 2712 {
+ action accept
+ description VPN-7902-ANY-ALLOW-10.4.57.78
+ destination {
+ group {
+ address-group DT_VPN-7902
+ }
+ }
+ source {
+ address 10.4.57.78
+ }
+ }
+ rule 2713 {
+ action accept
+ description FWB36A0_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWB36A0_1
+ }
+ port 20-21,990
+ }
+ protocol tcp_udp
+ }
+ rule 2714 {
+ action accept
+ description FWD2082_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWD2082_1
+ }
+ port 8001,8002
+ }
+ protocol tcp
+ }
+ rule 2715 {
+ action accept
+ description FW8A3FC_3-TCP-ALLOW-212.8.242.171
+ destination {
+ group {
+ address-group DT_FW8A3FC_3
+ }
+ port 465
+ }
+ protocol tcp
+ source {
+ address 212.8.242.171
+ }
+ }
+ rule 2716 {
+ action accept
+ description FWB9699_11-TCP-ALLOW-213.171.217.184
+ destination {
+ group {
+ address-group DT_FWB9699_11
+ }
+ port 443,80,8800,22
+ }
+ protocol tcp
+ source {
+ address 213.171.217.184
+ }
+ }
+ rule 2717 {
+ action accept
+ description VPN-11083-ANY-ALLOW-10.4.54.186
+ destination {
+ group {
+ address-group DT_VPN-11083
+ }
+ }
+ source {
+ address 10.4.54.186
+ }
+ }
+ rule 2718 {
+ action accept
+ description VPN-11083-ANY-ALLOW-10.4.55.187
+ destination {
+ group {
+ address-group DT_VPN-11083
+ }
+ }
+ source {
+ address 10.4.55.187
+ }
+ }
+ rule 2719 {
+ action accept
+ description VPN-34583-ANY-ALLOW-10.4.86.243
+ destination {
+ group {
+ address-group DT_VPN-34583
+ }
+ }
+ source {
+ address 10.4.86.243
+ }
+ }
+ rule 2720 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-123.231.84.155
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 123.231.84.155
+ }
+ }
+ rule 2721 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.215.117
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.215.117
+ }
+ }
+ rule 2722 {
+ action accept
+ description FW7A9B0_9-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW7A9B0_9
+ }
+ port 11112
+ }
+ protocol tcp
+ }
+ rule 2723 {
+ action accept
+ description FW3F465_1-TCP-ALLOW-77.68.127.177
+ destination {
+ group {
+ address-group DT_FW3F465_1
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 77.68.127.177
+ }
+ }
+ rule 2724 {
+ action accept
+ description VPN-34583-ANY-ALLOW-10.4.87.243
+ destination {
+ group {
+ address-group DT_VPN-34583
+ }
+ }
+ source {
+ address 10.4.87.243
+ }
+ }
+ rule 2725 {
+ action accept
+ description FW930F3_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW930F3_1
+ }
+ port 9089,5900,5666,5272
+ }
+ protocol tcp
+ }
+ rule 2726 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.209.165
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.209.165
+ }
+ }
+ rule 2727 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.211.140
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.211.140
+ }
+ }
+ rule 2728 {
+ action accept
+ description FW90AE3_1-TCP-ALLOW-82.11.114.136
+ destination {
+ group {
+ address-group DT_FW90AE3_1
+ }
+ port 3306,22
+ }
+ protocol tcp
+ source {
+ address 82.11.114.136
+ }
+ }
+ rule 2729 {
+ action accept
+ description FW73215_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW73215_1
+ }
+ port 27015
+ }
+ protocol tcp_udp
+ }
+ rule 2730 {
+ action accept
+ description FWC2EF2_1-TCP-ALLOW-18.130.156.250
+ destination {
+ group {
+ address-group DT_FWC2EF2_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 18.130.156.250
+ }
+ }
+ rule 2731 {
+ action accept
+ description FWC2EF2_1-TCP-ALLOW-90.251.221.19
+ destination {
+ group {
+ address-group DT_FWC2EF2_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 90.251.221.19
+ }
+ }
+ rule 2732 {
+ action accept
+ description FW90AE3_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW90AE3_1
+ }
+ port 8765,8001,8000
+ }
+ protocol tcp
+ }
+ rule 2733 {
+ action accept
+ description FWC2EF2_1-TCP-ALLOW-87.74.110.191
+ destination {
+ group {
+ address-group DT_FWC2EF2_1
+ }
+ port 8443
+ }
+ protocol tcp
+ source {
+ address 87.74.110.191
+ }
+ }
+ rule 2734 {
+ action accept
+ description FWEF92E_5-TCP-ALLOW-77.68.77.70
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ port 443
+ }
+ protocol tcp
+ source {
+ address 77.68.77.70
+ }
+ }
+ rule 2735 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.211.93
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.211.93
+ }
+ }
+ rule 2736 {
+ action accept
+ description FW81138_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW81138_1
+ }
+ port 123
+ }
+ protocol udp
+ }
+ rule 2737 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.208.64
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.208.64
+ }
+ }
+ rule 2738 {
+ action accept
+ description FW03B35_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW03B35_1
+ }
+ port 1-65535
+ }
+ protocol tcp_udp
+ }
+ rule 2739 {
+ action accept
+ description VPN-19807-ANY-ALLOW-10.4.87.172
+ destination {
+ group {
+ address-group DT_VPN-19807
+ }
+ }
+ source {
+ address 10.4.87.172
+ }
+ }
+ rule 2740 {
+ action accept
+ description FW5658C_1-TCP-ALLOW-94.12.73.154
+ destination {
+ group {
+ address-group DT_FW5658C_1
+ }
+ port 8447
+ }
+ protocol tcp
+ source {
+ address 94.12.73.154
+ }
+ }
+ rule 2741 {
+ action accept
+ description FW5658C_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW5658C_1
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 2742 {
+ action accept
+ description FW0B352_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW0B352_1
+ }
+ port 3443
+ }
+ protocol tcp_udp
+ }
+ rule 2743 {
+ action accept
+ description FWEF92E_5-TCP-ALLOW-77.68.8.74
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ port 3389,445,443
+ }
+ protocol tcp
+ source {
+ address 77.68.8.74
+ }
+ }
+ rule 2744 {
+ action accept
+ description FWEF92E_5-TCP-ALLOW-77.68.92.33
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ port 443
+ }
+ protocol tcp
+ source {
+ address 77.68.92.33
+ }
+ }
+ rule 2745 {
+ action accept
+ description FWEF92E_5-TCP-ALLOW-77.68.93.82
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ port 443
+ }
+ protocol tcp
+ source {
+ address 77.68.93.82
+ }
+ }
+ rule 2746 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.214.44
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.214.44
+ }
+ }
+ rule 2747 {
+ action accept
+ description FW34C91_3-TCP-ALLOW-188.220.176.104
+ destination {
+ group {
+ address-group DT_FW34C91_3
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 188.220.176.104
+ }
+ }
+ rule 2748 {
+ action accept
+ description FW3F465_1-TCP-ALLOW-77.68.16.101
+ destination {
+ group {
+ address-group DT_FW3F465_1
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 77.68.16.101
+ }
+ }
+ rule 2749 {
+ action accept
+ description FWEF92E_5-TCP-ALLOW-87.224.33.215
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ port 3389,445,443
+ }
+ protocol tcp
+ source {
+ address 87.224.33.215
+ }
+ }
+ rule 2750 {
+ action accept
+ description FW34C91_3-UDP-ALLOW-188.220.176.104
+ destination {
+ group {
+ address-group DT_FW34C91_3
+ }
+ port 1434
+ }
+ protocol udp
+ source {
+ address 188.220.176.104
+ }
+ }
+ rule 2751 {
+ action accept
+ description FWE47DA_1-TCP-ALLOW-185.22.208.0_25
+ destination {
+ group {
+ address-group DT_FWE47DA_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 185.22.208.0/25
+ }
+ }
+ rule 2752 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.214.187
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.214.187
+ }
+ }
+ rule 2753 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.209.84
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.209.84
+ }
+ }
+ rule 2754 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-116.206.246.52
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000,3389
+ }
+ protocol tcp_udp
+ source {
+ address 116.206.246.52
+ }
+ }
+ rule 2755 {
+ action accept
+ description FW8AFF1_7-TCP-ALLOW-77.68.92.154
+ destination {
+ group {
+ address-group DT_FW8AFF1_7
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 77.68.92.154
+ }
+ }
+ rule 2756 {
+ action accept
+ description FW8AFF1_7-TCP-ALLOW-77.68.93.156
+ destination {
+ group {
+ address-group DT_FW8AFF1_7
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 77.68.93.156
+ }
+ }
+ rule 2757 {
+ action accept
+ description VPN-24398-ANY-ALLOW-10.4.88.151
+ destination {
+ group {
+ address-group DT_VPN-24398
+ }
+ }
+ source {
+ address 10.4.88.151
+ }
+ }
+ rule 2758 {
+ action accept
+ description VPN-24398-ANY-ALLOW-10.4.89.151
+ destination {
+ group {
+ address-group DT_VPN-24398
+ }
+ }
+ source {
+ address 10.4.89.151
+ }
+ }
+ rule 2759 {
+ action accept
+ description VPN-24589-ANY-ALLOW-10.4.56.9
+ destination {
+ group {
+ address-group DT_VPN-24589
+ }
+ }
+ source {
+ address 10.4.56.9
+ }
+ }
+ rule 2760 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.212.29
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.212.29
+ }
+ }
+ rule 2761 {
+ action accept
+ description FWC7D36_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWC7D36_1
+ }
+ port 27017,11080
+ }
+ protocol tcp
+ }
+ rule 2762 {
+ action accept
+ description FWBB718_1-TCP_UDP-ALLOW-77.68.73.116
+ destination {
+ group {
+ address-group DT_FWBB718_1
+ }
+ port 1433
+ }
+ protocol tcp_udp
+ source {
+ address 77.68.73.116
+ }
+ }
+ rule 2763 {
+ action accept
+ description FWBB718_1-UDP-ALLOW-77.68.73.116
+ destination {
+ group {
+ address-group DT_FWBB718_1
+ }
+ port 1434
+ }
+ protocol udp
+ source {
+ address 77.68.73.116
+ }
+ }
+ rule 2764 {
+ action accept
+ description FWB9699_11-TCP-ALLOW-213.171.217.102
+ destination {
+ group {
+ address-group DT_FWB9699_11
+ }
+ port 22,80,443,8800
+ }
+ protocol tcp
+ source {
+ address 213.171.217.102
+ }
+ }
+ rule 2765 {
+ action accept
+ description FW18E6E_3-TCP-ALLOW-103.8.164.5
+ destination {
+ group {
+ address-group DT_FW18E6E_3
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 103.8.164.5
+ }
+ }
+ rule 2766 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.213.193
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.213.193
+ }
+ }
+ rule 2768 {
+ action accept
+ description FW26F0A_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW26F0A_1
+ }
+ port 53
+ }
+ protocol tcp_udp
+ }
+ rule 2769 {
+ action accept
+ description FWCC18F_2-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWCC18F_2
+ }
+ port 8883,1883
+ }
+ protocol tcp
+ }
+ rule 2771 {
+ action accept
+ description FW633DD_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW633DD_1
+ }
+ port 28967,14002,9984,9983,9982,9981,8888,8884
+ }
+ protocol tcp
+ }
+ rule 2772 {
+ action accept
+ description FWDEDB9_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWDEDB9_1
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 2773 {
+ action accept
+ description VPN-18646-ANY-ALLOW-10.4.88.109
+ destination {
+ group {
+ address-group DT_VPN-18646
+ }
+ }
+ source {
+ address 10.4.88.109
+ }
+ }
+ rule 2774 {
+ action accept
+ description VPN-18646-ANY-ALLOW-10.4.89.109
+ destination {
+ group {
+ address-group DT_VPN-18646
+ }
+ }
+ source {
+ address 10.4.89.109
+ }
+ }
+ rule 2775 {
+ action accept
+ description FWA0531_1-TCP-ALLOW-87.224.39.221
+ destination {
+ group {
+ address-group DT_FWA0531_1
+ }
+ port 8082,3003,22
+ }
+ protocol tcp
+ source {
+ address 87.224.39.221
+ }
+ }
+ rule 2776 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.211.94
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.211.94
+ }
+ }
+ rule 2777 {
+ action accept
+ description FWA0531_1-TCP-ALLOW-92.237.97.92
+ destination {
+ group {
+ address-group DT_FWA0531_1
+ }
+ port 8082,3003,22
+ }
+ protocol tcp
+ source {
+ address 92.237.97.92
+ }
+ }
+ rule 2778 {
+ action accept
+ description VPN-25822-ANY-ALLOW-10.4.55.42
+ destination {
+ group {
+ address-group DT_VPN-25822
+ }
+ }
+ source {
+ address 10.4.55.42
+ }
+ }
+ rule 2779 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.211.88
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.211.88
+ }
+ }
+ rule 2780 {
+ action accept
+ description FWC2D30_1-TCP-ALLOW-143.55.64.0_20
+ destination {
+ group {
+ address-group DT_FWC2D30_1
+ }
+ port 8443
+ }
+ protocol tcp
+ source {
+ address 143.55.64.0/20
+ }
+ }
+ rule 2781 {
+ action accept
+ description FW18E6E_3-TCP-ALLOW-194.176.78.206
+ destination {
+ group {
+ address-group DT_FW18E6E_3
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 194.176.78.206
+ }
+ }
+ rule 2782 {
+ action accept
+ description FW18E6E_3-TCP-ALLOW-195.243.221.50
+ destination {
+ group {
+ address-group DT_FW18E6E_3
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 195.243.221.50
+ }
+ }
+ rule 2783 {
+ action accept
+ description FW18E6E_3-TCP-ALLOW-213.171.217.107
+ destination {
+ group {
+ address-group DT_FW18E6E_3
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 213.171.217.107
+ }
+ }
+ rule 2784 {
+ action accept
+ description FW18E6E_3-TCP-ALLOW-81.150.168.54
+ destination {
+ group {
+ address-group DT_FW18E6E_3
+ }
+ port 3306,22
+ }
+ protocol tcp
+ source {
+ address 81.150.168.54
+ }
+ }
+ rule 2785 {
+ action accept
+ description FW18E6E_3-TCP-ALLOW-89.197.133.235
+ destination {
+ group {
+ address-group DT_FW18E6E_3
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 89.197.133.235
+ }
+ }
+ rule 2786 {
+ action accept
+ description FW18E6E_3-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW18E6E_3
+ }
+ port 60000-60100,873
+ }
+ protocol tcp
+ }
+ rule 2787 {
+ action accept
+ description FW2BF20_3-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW2BF20_3
+ }
+ port 49152-65534,990
+ }
+ protocol tcp
+ }
+ rule 2788 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.209.98
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.209.98
+ }
+ }
+ rule 2789 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.213.65
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.213.65
+ }
+ }
+ rule 2791 {
+ action accept
+ description FW197DB_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW197DB_1
+ }
+ port 49152-65534
+ }
+ protocol tcp
+ }
+ rule 2792 {
+ action accept
+ description FW1208C_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW1208C_1
+ }
+ port 2087,2083,2096
+ }
+ protocol tcp
+ }
+ rule 2793 {
+ action accept
+ description FW00D98_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW00D98_1
+ }
+ port 4430
+ }
+ protocol tcp
+ }
+ rule 2794 {
+ action accept
+ description FW03B35_1-ESP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW03B35_1
+ }
+ }
+ protocol esp
+ }
+ rule 2795 {
+ action accept
+ description FW03B35_1-AH-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW03B35_1
+ }
+ }
+ protocol ah
+ }
+ rule 2796 {
+ action accept
+ description FWEF92E_5-TCP-ALLOW-87.224.6.174
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ port 3389,445,443
+ }
+ protocol tcp
+ source {
+ address 87.224.6.174
+ }
+ }
+ rule 2797 {
+ action accept
+ description FW825C8_19-TCP-ALLOW-159.253.51.74
+ destination {
+ group {
+ address-group DT_FW825C8_19
+ }
+ port 3389,1433,995
+ }
+ protocol tcp
+ source {
+ address 159.253.51.74
+ }
+ }
+ rule 2798 {
+ action accept
+ description FW825C8_19-TCP-ALLOW-77.68.76.111
+ destination {
+ group {
+ address-group DT_FW825C8_19
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 77.68.76.111
+ }
+ }
+ rule 2799 {
+ action accept
+ description FW825C8_19-TCP-ALLOW-77.68.28.63
+ destination {
+ group {
+ address-group DT_FW825C8_19
+ }
+ port 995
+ }
+ protocol tcp
+ source {
+ address 77.68.28.63
+ }
+ }
+ rule 2801 {
+ action accept
+ description FW2EF2C_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW2EF2C_1
+ }
+ port 5349
+ }
+ protocol tcp
+ }
+ rule 2802 {
+ action accept
+ description FWEF92E_5-TCP-ALLOW-88.208.198.93
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ port 443
+ }
+ protocol tcp
+ source {
+ address 88.208.198.93
+ }
+ }
+ rule 2803 {
+ action accept
+ description FWC3921_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWC3921_1
+ }
+ port 25000,25001-25005,26000-26006
+ }
+ protocol tcp
+ }
+ rule 2804 {
+ action accept
+ description FWEF92E_5-UDP-ALLOW-109.228.37.19
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ port 500
+ }
+ protocol udp
+ source {
+ address 109.228.37.19
+ }
+ }
+ rule 2805 {
+ action accept
+ description FWEF92E_5-UDP-ALLOW-77.68.11.54
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ port 500
+ }
+ protocol udp
+ source {
+ address 77.68.11.54
+ }
+ }
+ rule 2806 {
+ action accept
+ description FW5AE10_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW5AE10_1
+ }
+ port 53
+ }
+ protocol tcp_udp
+ }
+ rule 2810 {
+ action accept
+ description FW45F87_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW45F87_1
+ }
+ port 60000-60100
+ }
+ protocol tcp
+ }
+ rule 2811 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-123.231.108.158
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 123.231.108.158
+ }
+ }
+ rule 2813 {
+ action accept
+ description FW825C8_19-TCP-ALLOW-109.228.1.233
+ destination {
+ group {
+ address-group DT_FW825C8_19
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 109.228.1.233
+ }
+ }
+ rule 2814 {
+ action accept
+ description FW20449_2-ICMP-ALLOW-3.10.221.168
+ destination {
+ group {
+ address-group DT_FW20449_2
+ }
+ }
+ protocol icmp
+ source {
+ address 3.10.221.168
+ }
+ }
+ rule 2815 {
+ action accept
+ description FWB9699_7-TCP-ALLOW-213.171.217.100
+ destination {
+ group {
+ address-group DT_FWB9699_7
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 213.171.217.100
+ }
+ }
+ rule 2816 {
+ action accept
+ description FWB9699_7-TCP-ALLOW-213.171.217.180
+ destination {
+ group {
+ address-group DT_FWB9699_7
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 213.171.217.180
+ }
+ }
+ rule 2817 {
+ action accept
+ description FWB9699_7-TCP-ALLOW-213.171.217.184
+ destination {
+ group {
+ address-group DT_FWB9699_7
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 213.171.217.184
+ }
+ }
+ rule 2818 {
+ action accept
+ description FWB9699_7-TCP-ALLOW-213.171.217.185
+ destination {
+ group {
+ address-group DT_FWB9699_7
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 213.171.217.185
+ }
+ }
+ rule 2819 {
+ action accept
+ description FWB9699_7-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWB9699_7
+ }
+ port 161
+ }
+ protocol udp
+ }
+ rule 2820 {
+ action accept
+ description FWB9699_7-TCP-ALLOW-213.171.217.102
+ destination {
+ group {
+ address-group DT_FWB9699_7
+ }
+ port 22,8443
+ }
+ protocol tcp
+ source {
+ address 213.171.217.102
+ }
+ }
+ rule 2821 {
+ action accept
+ description FWB9699_7-TCP-ALLOW-213.171.217.103
+ destination {
+ group {
+ address-group DT_FWB9699_7
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 213.171.217.103
+ }
+ }
+ rule 2824 {
+ action accept
+ description FWE3E77_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWE3E77_1
+ }
+ port 10010,10009
+ }
+ protocol tcp
+ }
+ rule 2825 {
+ action accept
+ description FW8A3FC_3-TCP-ALLOW-93.190.142.120
+ destination {
+ group {
+ address-group DT_FW8A3FC_3
+ }
+ port 465
+ }
+ protocol tcp
+ source {
+ address 93.190.142.120
+ }
+ }
+ rule 2826 {
+ action accept
+ description FW20449_2-ICMP-ALLOW-82.20.69.137
+ destination {
+ group {
+ address-group DT_FW20449_2
+ }
+ }
+ protocol icmp
+ source {
+ address 82.20.69.137
+ }
+ }
+ rule 2827 {
+ action accept
+ description FW8A3FC_3-TCP-ALLOW-46.101.232.93
+ destination {
+ group {
+ address-group DT_FW8A3FC_3
+ }
+ port 21-10000
+ }
+ protocol tcp
+ source {
+ address 46.101.232.93
+ }
+ }
+ rule 2828 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.213.5
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.213.5
+ }
+ }
+ rule 2829 {
+ action accept
+ description FWD2440_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWD2440_1
+ }
+ port 1-65535
+ }
+ protocol tcp
+ }
+ rule 2831 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.214.105
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.214.105
+ }
+ }
+ rule 2833 {
+ action accept
+ description FW825C8_24-TCP-ALLOW-159.253.51.74
+ destination {
+ group {
+ address-group DT_FW825C8_24
+ }
+ port 3389,1433,995
+ }
+ protocol tcp
+ source {
+ address 159.253.51.74
+ }
+ }
+ rule 2834 {
+ action accept
+ description FW825C8_24-TCP-ALLOW-77.68.77.120
+ destination {
+ group {
+ address-group DT_FW825C8_24
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 77.68.77.120
+ }
+ }
+ rule 2839 {
+ action accept
+ description FWD2440_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWD2440_1
+ }
+ port 1-65535
+ }
+ protocol udp
+ }
+ rule 2840 {
+ action accept
+ description FW1C8F2_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW1C8F2_1
+ }
+ port 7000-10000,5554,5443,5080,1935,1111
+ }
+ protocol tcp
+ }
+ rule 2843 {
+ action accept
+ description FWE7180_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWE7180_1
+ }
+ port 443,53
+ }
+ protocol tcp_udp
+ }
+ rule 2844 {
+ action accept
+ description FWC6301_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWC6301_1
+ }
+ port 2456
+ }
+ protocol tcp_udp
+ }
+ rule 2845 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.215.113
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.215.113
+ }
+ }
+ rule 2846 {
+ action accept
+ description VPN-24589-ANY-ALLOW-10.4.57.9
+ destination {
+ group {
+ address-group DT_VPN-24589
+ }
+ }
+ source {
+ address 10.4.57.9
+ }
+ }
+ rule 2847 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.212.237
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.212.237
+ }
+ }
+ rule 2849 {
+ action accept
+ description FWFD9AF_9-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWFD9AF_9
+ }
+ port 445
+ }
+ protocol tcp_udp
+ }
+ rule 2850 {
+ action accept
+ description VPN-23209-ANY-ALLOW-10.4.58.8
+ destination {
+ group {
+ address-group DT_VPN-23209
+ }
+ }
+ source {
+ address 10.4.58.8
+ }
+ }
+ rule 2851 {
+ action accept
+ description VPN-23209-ANY-ALLOW-10.4.59.8
+ destination {
+ group {
+ address-group DT_VPN-23209
+ }
+ }
+ source {
+ address 10.4.59.8
+ }
+ }
+ rule 2853 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.215.29
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.215.29
+ }
+ }
+ rule 2854 {
+ action accept
+ description FW16375_5-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW16375_5
+ }
+ port 2096
+ }
+ protocol tcp_udp
+ }
+ rule 2856 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.212.173
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.212.173
+ }
+ }
+ rule 2858 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.208.35
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.208.35
+ }
+ }
+ rule 2859 {
+ action accept
+ description FW73573_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW73573_1
+ }
+ port 25
+ }
+ protocol tcp_udp
+ }
+ rule 2860 {
+ action accept
+ description FW18E6E_3-TCP-ALLOW-148.253.173.242
+ destination {
+ group {
+ address-group DT_FW18E6E_3
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 148.253.173.242
+ }
+ }
+ rule 2861 {
+ action accept
+ description FW8ECF4_1-TCP-ALLOW-77.68.2.215
+ destination {
+ group {
+ address-group DT_FW8ECF4_1
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 77.68.2.215
+ }
+ }
+ rule 2862 {
+ action accept
+ description FW8A3FC_3-TCP_UDP-ALLOW-82.165.100.25
+ destination {
+ group {
+ address-group DT_FW8A3FC_3
+ }
+ port 21-10000
+ }
+ protocol tcp_udp
+ source {
+ address 82.165.100.25
+ }
+ }
+ rule 2863 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.213.235
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.213.235
+ }
+ }
+ rule 2864 {
+ action accept
+ description VPN-18647-ANY-ALLOW-10.4.86.114
+ destination {
+ group {
+ address-group DT_VPN-18647
+ }
+ }
+ source {
+ address 10.4.86.114
+ }
+ }
+ rule 2865 {
+ action accept
+ description VPN-18647-ANY-ALLOW-10.4.87.114
+ destination {
+ group {
+ address-group DT_VPN-18647
+ }
+ }
+ source {
+ address 10.4.87.114
+ }
+ }
+ rule 2867 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.215.107
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.215.107
+ }
+ }
+ rule 2868 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.208.239
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.208.239
+ }
+ }
+ rule 2869 {
+ action accept
+ description FWF699D_4-TCP-ALLOW-164.39.151.3
+ destination {
+ group {
+ address-group DT_FWF699D_4
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 164.39.151.3
+ }
+ }
+ rule 2870 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.211.245
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.211.245
+ }
+ }
+ rule 2873 {
+ action accept
+ description FWEF92E_6-TCP-ALLOW-87.224.6.174
+ destination {
+ group {
+ address-group DT_FWEF92E_6
+ }
+ port 3389,445
+ }
+ protocol tcp
+ source {
+ address 87.224.6.174
+ }
+ }
+ rule 2874 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.215.130
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.215.130
+ }
+ }
+ rule 2875 {
+ action accept
+ description FW44BF9_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW44BF9_1
+ }
+ port 49160-49200
+ }
+ protocol tcp
+ }
+ rule 2876 {
+ action accept
+ description VPN-24591-ANY-ALLOW-10.4.86.4
+ destination {
+ group {
+ address-group DT_VPN-24591
+ }
+ }
+ source {
+ address 10.4.86.4
+ }
+ }
+ rule 2877 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.214.60
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.214.60
+ }
+ }
+ rule 2879 {
+ action accept
+ description FWEF92E_6-UDP-ALLOW-77.68.77.57
+ destination {
+ group {
+ address-group DT_FWEF92E_6
+ }
+ port 500
+ }
+ protocol udp
+ source {
+ address 77.68.77.57
+ }
+ }
+ rule 2880 {
+ action accept
+ description FWF699D_4-TCP-ALLOW-185.132.38.110
+ destination {
+ group {
+ address-group DT_FWF699D_4
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 185.132.38.110
+ }
+ }
+ rule 2881 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.208.216
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.208.216
+ }
+ }
+ rule 2882 {
+ action accept
+ description FWEF92E_5-UDP-ALLOW-77.68.77.149
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ port 500
+ }
+ protocol udp
+ source {
+ address 77.68.77.149
+ }
+ }
+ rule 2883 {
+ action accept
+ description FWA2FF8_4-TCP-ALLOW-80.229.18.102
+ destination {
+ group {
+ address-group DT_FWA2FF8_4
+ }
+ port 3306,21,22
+ }
+ protocol tcp
+ source {
+ address 80.229.18.102
+ }
+ }
+ rule 2884 {
+ action accept
+ description FWA2FF8_4-TCP-ALLOW-109.169.33.69
+ destination {
+ group {
+ address-group DT_FWA2FF8_4
+ }
+ port 3306,21,22
+ }
+ protocol tcp
+ source {
+ address 109.169.33.69
+ }
+ }
+ rule 2885 {
+ action accept
+ description FWA2FF8_4-TCP-ALLOW-46.102.209.35
+ destination {
+ group {
+ address-group DT_FWA2FF8_4
+ }
+ port 3306,21
+ }
+ protocol tcp
+ source {
+ address 46.102.209.35
+ }
+ }
+ rule 2886 {
+ action accept
+ description FWA2FF8_4-TCP-ALLOW-90.213.48.16
+ destination {
+ group {
+ address-group DT_FWA2FF8_4
+ }
+ port 3306,21
+ }
+ protocol tcp
+ source {
+ address 90.213.48.16
+ }
+ }
+ rule 2887 {
+ action accept
+ description FWA2FF8_4-TCP-ALLOW-77.68.76.129
+ destination {
+ group {
+ address-group DT_FWA2FF8_4
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 77.68.76.129
+ }
+ }
+ rule 2888 {
+ action accept
+ description FWA2FF8_4-TCP-ALLOW-109.228.50.145
+ destination {
+ group {
+ address-group DT_FWA2FF8_4
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 109.228.50.145
+ }
+ }
+ rule 2889 {
+ action accept
+ description FWA2FF8_4-TCP-ALLOW-77.68.76.231
+ destination {
+ group {
+ address-group DT_FWA2FF8_4
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 77.68.76.231
+ }
+ }
+ rule 2890 {
+ action accept
+ description FW4513E_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW4513E_1
+ }
+ port 50000-50020,990
+ }
+ protocol tcp
+ }
+ rule 2893 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-175.157.40.7
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 175.157.40.7
+ }
+ }
+ rule 2894 {
+ action accept
+ description VPN-21876-ANY-ALLOW-10.4.88.96
+ destination {
+ group {
+ address-group DT_VPN-21876
+ }
+ }
+ source {
+ address 10.4.88.96
+ }
+ }
+ rule 2895 {
+ action accept
+ description VPN-21876-ANY-ALLOW-10.4.89.96
+ destination {
+ group {
+ address-group DT_VPN-21876
+ }
+ }
+ source {
+ address 10.4.89.96
+ }
+ }
+ rule 2896 {
+ action accept
+ description VPN-26124-ANY-ALLOW-10.4.54.75
+ destination {
+ group {
+ address-group DT_VPN-26124
+ }
+ }
+ source {
+ address 10.4.54.75
+ }
+ }
+ rule 2897 {
+ action accept
+ description VPN-26124-ANY-ALLOW-10.4.55.76
+ destination {
+ group {
+ address-group DT_VPN-26124
+ }
+ }
+ source {
+ address 10.4.55.76
+ }
+ }
+ rule 2898 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.210.21
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.210.21
+ }
+ }
+ rule 2899 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.211.213
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.211.213
+ }
+ }
+ rule 2901 {
+ action accept
+ description FWC6301_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWC6301_1
+ }
+ port 5555
+ }
+ protocol udp
+ }
+ rule 2902 {
+ action accept
+ description VPN-13261-ANY-ALLOW-10.4.56.173
+ destination {
+ group {
+ address-group DT_VPN-13261
+ }
+ }
+ source {
+ address 10.4.56.173
+ }
+ }
+ rule 2903 {
+ action accept
+ description VPN-13261-ANY-ALLOW-10.4.57.173
+ destination {
+ group {
+ address-group DT_VPN-13261
+ }
+ }
+ source {
+ address 10.4.57.173
+ }
+ }
+ rule 2909 {
+ action accept
+ description VPN-24591-ANY-ALLOW-10.4.87.4
+ destination {
+ group {
+ address-group DT_VPN-24591
+ }
+ }
+ source {
+ address 10.4.87.4
+ }
+ }
+ rule 2911 {
+ action accept
+ description FWE7180_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWE7180_1
+ }
+ port 40110-40210,8090
+ }
+ protocol tcp
+ }
+ rule 2914 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.211.247
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.211.247
+ }
+ }
+ rule 2915 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.214.129
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.214.129
+ }
+ }
+ rule 2916 {
+ action accept
+ description FWCB29D_1-TCP-ALLOW-51.146.16.162
+ destination {
+ group {
+ address-group DT_FWCB29D_1
+ }
+ port 8447,8443,22
+ }
+ protocol tcp
+ source {
+ address 51.146.16.162
+ }
+ }
+ rule 2917 {
+ action accept
+ description FW4E399_1-TCP-ALLOW-51.155.19.77
+ destination {
+ group {
+ address-group DT_FW4E399_1
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 51.155.19.77
+ }
+ }
+ rule 2919 {
+ action accept
+ description FWC72E5_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWC72E5_1
+ }
+ port 9000-9100,6667
+ }
+ protocol tcp
+ }
+ rule 2922 {
+ action accept
+ description FW21A75_2-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW21A75_2
+ }
+ port 3000
+ }
+ protocol tcp
+ }
+ rule 2923 {
+ action accept
+ description FW3B068_2-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW3B068_2
+ }
+ port 990,60000-65000
+ }
+ protocol tcp
+ }
+ rule 2924 {
+ action accept
+ description FW48814_3-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW48814_3
+ }
+ port 3306
+ }
+ protocol tcp_udp
+ }
+ rule 2925 {
+ action accept
+ description FW48814_3-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW48814_3
+ }
+ port 49152-65534
+ }
+ protocol tcp
+ }
+ rule 2926 {
+ action accept
+ description FW2B279_4-TCP-ALLOW-178.128.39.210
+ destination {
+ group {
+ address-group DT_FW2B279_4
+ }
+ port 8443
+ }
+ protocol tcp
+ source {
+ address 178.128.39.210
+ }
+ }
+ rule 2927 {
+ action accept
+ description FW2B279_4-TCP-ALLOW-82.165.232.19
+ destination {
+ group {
+ address-group DT_FW2B279_4
+ }
+ port 8443
+ }
+ protocol tcp
+ source {
+ address 82.165.232.19
+ }
+ }
+ rule 2928 {
+ action accept
+ description FW2B279_4-TCP-ALLOW-84.64.186.31
+ destination {
+ group {
+ address-group DT_FW2B279_4
+ }
+ port 8443
+ }
+ protocol tcp
+ source {
+ address 84.64.186.31
+ }
+ }
+ rule 2929 {
+ action accept
+ description FW1C8F2_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW1C8F2_1
+ }
+ port 5000-65000
+ }
+ protocol udp
+ }
+ rule 2930 {
+ action accept
+ description FW2B279_4-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW2B279_4
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 2931 {
+ action accept
+ description FW608FA_1-TCP-ALLOW-195.10.106.114
+ destination {
+ group {
+ address-group DT_FW608FA_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 195.10.106.114
+ }
+ }
+ rule 2932 {
+ action accept
+ description FW608FA_1-TCP-ALLOW-213.137.25.134
+ destination {
+ group {
+ address-group DT_FW608FA_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 213.137.25.134
+ }
+ }
+ rule 2933 {
+ action accept
+ description FW608FA_1-TCP-ALLOW-92.39.202.189
+ destination {
+ group {
+ address-group DT_FW608FA_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 92.39.202.189
+ }
+ }
+ rule 2935 {
+ action accept
+ description FWC37B9_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWC37B9_1
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 2936 {
+ action accept
+ description FW15C99_6-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW15C99_6
+ }
+ port 32410-32414,1900
+ }
+ protocol udp
+ }
+ rule 2937 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-116.206.244.146
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 116.206.244.146
+ }
+ }
+ rule 2938 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.211.158
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000,3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.211.158
+ }
+ }
+ rule 2939 {
+ action accept
+ description FW15C99_6-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW15C99_6
+ }
+ port 32469,32400
+ }
+ protocol tcp
+ }
+ rule 2940 {
+ action accept
+ description FW0192C_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW0192C_1
+ }
+ port 2053
+ }
+ protocol tcp
+ }
+ rule 2941 {
+ action accept
+ description FW27949_2-TCP-ALLOW-86.179.23.119
+ destination {
+ group {
+ address-group DT_FW27949_2
+ }
+ port 443,80
+ }
+ protocol tcp
+ source {
+ address 86.179.23.119
+ }
+ }
+ rule 2942 {
+ action accept
+ description FW27949_2-TCP-ALLOW-92.15.208.193
+ destination {
+ group {
+ address-group DT_FW27949_2
+ }
+ port 443,80
+ }
+ protocol tcp
+ source {
+ address 92.15.208.193
+ }
+ }
+ rule 2943 {
+ action accept
+ description VPN-34122-ANY-ALLOW-10.4.56.122
+ destination {
+ group {
+ address-group DT_VPN-34122
+ }
+ }
+ source {
+ address 10.4.56.122
+ }
+ }
+ rule 2944 {
+ action accept
+ description VPN-34122-ANY-ALLOW-10.4.57.122
+ destination {
+ group {
+ address-group DT_VPN-34122
+ }
+ }
+ source {
+ address 10.4.57.122
+ }
+ }
+ rule 2945 {
+ action accept
+ description FWF323F_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWF323F_1
+ }
+ port 25565,9999,8080,5001,3306
+ }
+ protocol tcp_udp
+ }
+ rule 2946 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.213.132
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.213.132
+ }
+ }
+ rule 2948 {
+ action accept
+ description VPN-30261-ANY-ALLOW-10.4.86.110
+ destination {
+ group {
+ address-group DT_VPN-30261
+ }
+ }
+ source {
+ address 10.4.86.110
+ }
+ }
+ rule 2949 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.209.246
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.209.246
+ }
+ }
+ rule 2951 {
+ action accept
+ description FWC2D30_1-TCP-ALLOW-157.231.100.222
+ destination {
+ group {
+ address-group DT_FWC2D30_1
+ }
+ port 8443
+ }
+ protocol tcp
+ source {
+ address 157.231.100.222
+ }
+ }
+ rule 2952 {
+ action accept
+ description FWC2D30_1-TCP-ALLOW-164.39.131.31
+ destination {
+ group {
+ address-group DT_FWC2D30_1
+ }
+ port 8443
+ }
+ protocol tcp
+ source {
+ address 164.39.131.31
+ }
+ }
+ rule 2953 {
+ action accept
+ description FWC2D30_1-TCP-ALLOW-185.199.108.0_22
+ destination {
+ group {
+ address-group DT_FWC2D30_1
+ }
+ port 8443
+ }
+ protocol tcp
+ source {
+ address 185.199.108.0/22
+ }
+ }
+ rule 2954 {
+ action accept
+ description FWC2D30_1-TCP-ALLOW-192.30.252.0_22
+ destination {
+ group {
+ address-group DT_FWC2D30_1
+ }
+ port 8443
+ }
+ protocol tcp
+ source {
+ address 192.30.252.0/22
+ }
+ }
+ rule 2955 {
+ action accept
+ description FWC2D30_1-TCP-ALLOW-80.252.78.202
+ destination {
+ group {
+ address-group DT_FWC2D30_1
+ }
+ port 8443
+ }
+ protocol tcp
+ source {
+ address 80.252.78.202
+ }
+ }
+ rule 2956 {
+ action accept
+ description FWC2D30_1-TCP-ALLOW-86.15.158.234
+ destination {
+ group {
+ address-group DT_FWC2D30_1
+ }
+ port 8443
+ }
+ protocol tcp
+ source {
+ address 86.15.158.234
+ }
+ }
+ rule 2957 {
+ action accept
+ description VPN-30261-ANY-ALLOW-10.4.87.110
+ destination {
+ group {
+ address-group DT_VPN-30261
+ }
+ }
+ source {
+ address 10.4.87.110
+ }
+ }
+ rule 2958 {
+ action accept
+ description VPN-30262-ANY-ALLOW-10.4.88.36
+ destination {
+ group {
+ address-group DT_VPN-30262
+ }
+ }
+ source {
+ address 10.4.88.36
+ }
+ }
+ rule 2961 {
+ action accept
+ description VPN-15950-ANY-ALLOW-10.4.88.89
+ destination {
+ group {
+ address-group DT_VPN-15950
+ }
+ }
+ source {
+ address 10.4.88.89
+ }
+ }
+ rule 2962 {
+ action accept
+ description FWBFDED_1-TCP-ALLOW-78.141.24.164
+ destination {
+ group {
+ address-group DT_FWBFDED_1
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 78.141.24.164
+ }
+ }
+ rule 2963 {
+ action accept
+ description VPN-30262-ANY-ALLOW-10.4.89.36
+ destination {
+ group {
+ address-group DT_VPN-30262
+ }
+ }
+ source {
+ address 10.4.89.36
+ }
+ }
+ rule 2964 {
+ action accept
+ description FW1F126_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW1F126_1
+ }
+ port 2087,2083
+ }
+ protocol tcp
+ }
+ rule 2965 {
+ action accept
+ description FWA7A50_1-ANY-ALLOW-40.120.53.80
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ }
+ source {
+ address 40.120.53.80
+ }
+ }
+ rule 2967 {
+ action accept
+ description VPN-23729-ANY-ALLOW-10.4.54.10
+ destination {
+ group {
+ address-group DT_VPN-23729
+ }
+ }
+ source {
+ address 10.4.54.10
+ }
+ }
+ rule 2968 {
+ action accept
+ description VPN-23729-ANY-ALLOW-10.4.55.10
+ destination {
+ group {
+ address-group DT_VPN-23729
+ }
+ }
+ source {
+ address 10.4.55.10
+ }
+ }
+ rule 2969 {
+ action accept
+ description VPN-23733-ANY-ALLOW-10.4.58.12
+ destination {
+ group {
+ address-group DT_VPN-23733
+ }
+ }
+ source {
+ address 10.4.58.12
+ }
+ }
+ rule 2970 {
+ action accept
+ description VPN-23733-ANY-ALLOW-10.4.59.12
+ destination {
+ group {
+ address-group DT_VPN-23733
+ }
+ }
+ source {
+ address 10.4.59.12
+ }
+ }
+ rule 2971 {
+ action accept
+ description VPN-23734-ANY-ALLOW-10.4.56.29
+ destination {
+ group {
+ address-group DT_VPN-23734
+ }
+ }
+ source {
+ address 10.4.56.29
+ }
+ }
+ rule 2972 {
+ action accept
+ description VPN-23734-ANY-ALLOW-10.4.57.29
+ destination {
+ group {
+ address-group DT_VPN-23734
+ }
+ }
+ source {
+ address 10.4.57.29
+ }
+ }
+ rule 2975 {
+ action accept
+ description VPN-23738-ANY-ALLOW-10.4.57.13
+ destination {
+ group {
+ address-group DT_VPN-23738
+ }
+ }
+ source {
+ address 10.4.57.13
+ }
+ }
+ rule 2976 {
+ action accept
+ description FWD8DD1_2-TCP-ALLOW-77.153.164.226
+ destination {
+ group {
+ address-group DT_FWD8DD1_2
+ }
+ port 3306,22
+ }
+ protocol tcp
+ source {
+ address 77.153.164.226
+ }
+ }
+ rule 2977 {
+ action accept
+ description FWE012D_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWE012D_1
+ }
+ port 143,25
+ }
+ protocol tcp_udp
+ }
+ rule 2978 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-123.231.120.196
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 123.231.120.196
+ }
+ }
+ rule 2981 {
+ action accept
+ description FW24AB7_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW24AB7_1
+ }
+ port 40110-40210
+ }
+ protocol tcp_udp
+ }
+ rule 2985 {
+ action accept
+ description FW2379F_14-TCP-ALLOW-194.72.140.178
+ destination {
+ group {
+ address-group DT_FW2379F_14
+ }
+ port 3389,21
+ }
+ protocol tcp
+ source {
+ address 194.72.140.178
+ }
+ }
+ rule 2986 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.212.97
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.212.97
+ }
+ }
+ rule 2988 {
+ action accept
+ description FW883EB_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW883EB_1
+ }
+ port 5005,5004,5003,5002,5001
+ }
+ protocol tcp
+ }
+ rule 2992 {
+ action accept
+ description FW310C6_3-ANY-ALLOW-62.30.207.232
+ destination {
+ group {
+ address-group DT_FW310C6_3
+ }
+ }
+ source {
+ address 62.30.207.232
+ }
+ }
+ rule 2993 {
+ action accept
+ description VPN-15950-ANY-ALLOW-10.4.89.89
+ destination {
+ group {
+ address-group DT_VPN-15950
+ }
+ }
+ source {
+ address 10.4.89.89
+ }
+ }
+ rule 2994 {
+ action accept
+ description VPN-15960-ANY-ALLOW-10.4.88.90
+ destination {
+ group {
+ address-group DT_VPN-15960
+ }
+ }
+ source {
+ address 10.4.88.90
+ }
+ }
+ rule 2995 {
+ action accept
+ description FWEF92E_7-UDP-ALLOW-77.68.77.57
+ destination {
+ group {
+ address-group DT_FWEF92E_7
+ }
+ port 500
+ }
+ protocol udp
+ source {
+ address 77.68.77.57
+ }
+ }
+ rule 2996 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.214.135
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.214.135
+ }
+ }
+ rule 2998 {
+ action accept
+ description VPN-31002-ANY-ALLOW-10.4.88.126
+ destination {
+ group {
+ address-group DT_VPN-31002
+ }
+ }
+ source {
+ address 10.4.88.126
+ }
+ }
+ rule 2999 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-116.206.246.110
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 116.206.246.110
+ }
+ }
+ rule 3000 {
+ action accept
+ description FW08061_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW08061_1
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 3001 {
+ action accept
+ description VPN-15960-ANY-ALLOW-10.4.89.90
+ destination {
+ group {
+ address-group DT_VPN-15960
+ }
+ }
+ source {
+ address 10.4.89.90
+ }
+ }
+ rule 3003 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.210.56
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.210.56
+ }
+ }
+ rule 3004 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-175.157.47.47
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 175.157.47.47
+ }
+ }
+ rule 3005 {
+ action accept
+ description FW10C3D_19-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW10C3D_19
+ }
+ port 49152-65535,14147
+ }
+ protocol tcp
+ }
+ rule 3006 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.210.136
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.210.136
+ }
+ }
+ rule 3009 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-175.157.44.109
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 175.157.44.109
+ }
+ }
+ rule 3010 {
+ action accept
+ description VPN-24592-ANY-ALLOW-10.4.88.9
+ destination {
+ group {
+ address-group DT_VPN-24592
+ }
+ }
+ source {
+ address 10.4.88.9
+ }
+ }
+ rule 3011 {
+ action accept
+ description FW05AD0_2-TCP-ALLOW-213.171.209.161
+ destination {
+ group {
+ address-group DT_FW05AD0_2
+ }
+ port 3389,1433,21
+ }
+ protocol tcp
+ source {
+ address 213.171.209.161
+ }
+ }
+ rule 3012 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-123.231.86.254
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 123.231.86.254
+ }
+ }
+ rule 3014 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.210.16
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.210.16
+ }
+ }
+ rule 3018 {
+ action accept
+ description VPN-24592-ANY-ALLOW-10.4.89.9
+ destination {
+ group {
+ address-group DT_VPN-24592
+ }
+ }
+ source {
+ address 10.4.89.9
+ }
+ }
+ rule 3019 {
+ action accept
+ description VPN-24593-ANY-ALLOW-10.4.54.6
+ destination {
+ group {
+ address-group DT_VPN-24593
+ }
+ }
+ source {
+ address 10.4.54.6
+ }
+ }
+ rule 3020 {
+ action accept
+ description VPN-24593-ANY-ALLOW-10.4.55.6
+ destination {
+ group {
+ address-group DT_VPN-24593
+ }
+ }
+ source {
+ address 10.4.55.6
+ }
+ }
+ rule 3021 {
+ action accept
+ description VPN-24594-ANY-ALLOW-10.4.58.6
+ destination {
+ group {
+ address-group DT_VPN-24594
+ }
+ }
+ source {
+ address 10.4.58.6
+ }
+ }
+ rule 3022 {
+ action accept
+ description VPN-24594-ANY-ALLOW-10.4.59.6
+ destination {
+ group {
+ address-group DT_VPN-24594
+ }
+ }
+ source {
+ address 10.4.59.6
+ }
+ }
+ rule 3023 {
+ action accept
+ description VPN-24595-ANY-ALLOW-10.4.56.14
+ destination {
+ group {
+ address-group DT_VPN-24595
+ }
+ }
+ source {
+ address 10.4.56.14
+ }
+ }
+ rule 3024 {
+ action accept
+ description VPN-24595-ANY-ALLOW-10.4.57.14
+ destination {
+ group {
+ address-group DT_VPN-24595
+ }
+ }
+ source {
+ address 10.4.57.14
+ }
+ }
+ rule 3025 {
+ action accept
+ description VPN-32528-ANY-ALLOW-10.4.58.67
+ destination {
+ group {
+ address-group DT_VPN-32528
+ }
+ }
+ source {
+ address 10.4.58.67
+ }
+ }
+ rule 3026 {
+ action accept
+ description VPN-32528-ANY-ALLOW-10.4.59.67
+ destination {
+ group {
+ address-group DT_VPN-32528
+ }
+ }
+ source {
+ address 10.4.59.67
+ }
+ }
+ rule 3027 {
+ action accept
+ description FW6187E_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW6187E_1
+ }
+ port 51195
+ }
+ protocol udp
+ }
+ rule 3028 {
+ action accept
+ description FW406AB_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW406AB_1
+ }
+ port 37013,25461,8881,8080,2095,2082,1992
+ }
+ protocol tcp_udp
+ }
+ rule 3029 {
+ action accept
+ description FWA86A4_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWA86A4_1
+ }
+ port 30333,5666
+ }
+ protocol tcp
+ }
+ rule 3032 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.209.52
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.209.52
+ }
+ }
+ rule 3033 {
+ action accept
+ description FWC055A_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWC055A_1
+ }
+ port 2195
+ }
+ protocol tcp
+ }
+ rule 3035 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.213.81
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.213.81
+ }
+ }
+ rule 3039 {
+ action accept
+ description FW42BC7_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW42BC7_1
+ }
+ port 53
+ }
+ protocol tcp_udp
+ }
+ rule 3040 {
+ action accept
+ description FW42BC7_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW42BC7_1
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 3041 {
+ action accept
+ description FW310C6_3-ANY-ALLOW-88.208.198.39
+ destination {
+ group {
+ address-group DT_FW310C6_3
+ }
+ }
+ source {
+ address 88.208.198.39
+ }
+ }
+ rule 3042 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.209.235
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.209.235
+ }
+ }
+ rule 3043 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.212.205
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.212.205
+ }
+ }
+ rule 3044 {
+ action accept
+ description FWBE878_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWBE878_1
+ }
+ port 8989,5003,3000
+ }
+ protocol tcp_udp
+ }
+ rule 3045 {
+ action accept
+ description VPN-30679-ANY-ALLOW-10.4.58.195
+ destination {
+ group {
+ address-group DT_VPN-30679
+ }
+ }
+ source {
+ address 10.4.58.195
+ }
+ }
+ rule 3046 {
+ action accept
+ description FW6B9B9_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW6B9B9_1
+ }
+ port 30006-65000,27017,7101,4200,2990-3009
+ }
+ protocol tcp
+ }
+ rule 3047 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.211.212
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.211.212
+ }
+ }
+ rule 3049 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-123.231.125.4
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 123.231.125.4
+ }
+ }
+ rule 3050 {
+ action accept
+ description FW49C3D_4-TCP-ALLOW-83.100.136.74
+ destination {
+ group {
+ address-group DT_FW49C3D_4
+ }
+ port 3389,445
+ }
+ protocol tcp
+ source {
+ address 83.100.136.74
+ }
+ }
+ rule 3051 {
+ action accept
+ description FW49C3D_6-TCP-ALLOW-87.224.33.215
+ destination {
+ group {
+ address-group DT_FW49C3D_6
+ }
+ port 3389,445
+ }
+ protocol tcp
+ source {
+ address 87.224.33.215
+ }
+ }
+ rule 3053 {
+ action accept
+ description FW89619_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW89619_1
+ }
+ port 9000-10999
+ }
+ protocol udp
+ }
+ rule 3054 {
+ action accept
+ description FWBD9D0_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWBD9D0_1
+ }
+ port 9090
+ }
+ protocol tcp
+ }
+ rule 3055 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-175.157.47.236
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 175.157.47.236
+ }
+ }
+ rule 3056 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-175.157.46.226
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 175.157.46.226
+ }
+ }
+ rule 3058 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.211.205
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.211.205
+ }
+ }
+ rule 3060 {
+ action accept
+ description FWF7B68_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWF7B68_1
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 3061 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.210.253
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.210.253
+ }
+ }
+ rule 3063 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.210.0
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000,3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.210.0
+ }
+ }
+ rule 3065 {
+ action accept
+ description FW85619_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW85619_1
+ }
+ port 6433
+ }
+ protocol tcp
+ }
+ rule 3066 {
+ action accept
+ description FW5A5D7_3-TCP-ALLOW-188.66.79.94
+ destination {
+ group {
+ address-group DT_FW5A5D7_3
+ }
+ port 8172,3389
+ }
+ protocol tcp
+ source {
+ address 188.66.79.94
+ }
+ }
+ rule 3067 {
+ action accept
+ description FWF30BD_1-TCP-ALLOW-81.133.80.114
+ destination {
+ group {
+ address-group DT_FWF30BD_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 81.133.80.114
+ }
+ }
+ rule 3068 {
+ action accept
+ description FWF30BD_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWF30BD_1
+ }
+ port 5061,5015,5001
+ }
+ protocol tcp
+ }
+ rule 3069 {
+ action accept
+ description FWBD9D0_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWBD9D0_1
+ }
+ port 51820
+ }
+ protocol udp
+ }
+ rule 3070 {
+ action accept
+ description FW7C4D9_14-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW7C4D9_14
+ }
+ port 25565,2456-2458
+ }
+ protocol tcp_udp
+ }
+ rule 3071 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.209.23
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.209.23
+ }
+ }
+ rule 3072 {
+ action accept
+ description FWEEC75_1-TCP-ALLOW-81.96.100.32
+ destination {
+ group {
+ address-group DT_FWEEC75_1
+ }
+ port 8447
+ }
+ protocol tcp
+ source {
+ address 81.96.100.32
+ }
+ }
+ rule 3073 {
+ action accept
+ description FW8A3FC_3-TCP-ALLOW-95.168.164.208
+ destination {
+ group {
+ address-group DT_FW8A3FC_3
+ }
+ port 465
+ }
+ protocol tcp
+ source {
+ address 95.168.164.208
+ }
+ }
+ rule 3074 {
+ action accept
+ description VPN-19992-ANY-ALLOW-10.4.86.158
+ destination {
+ group {
+ address-group DT_VPN-19992
+ }
+ }
+ source {
+ address 10.4.86.158
+ }
+ }
+ rule 3075 {
+ action accept
+ description FWF30BD_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWF30BD_1
+ }
+ port 5090,5060
+ }
+ protocol tcp_udp
+ }
+ rule 3076 {
+ action accept
+ description VPN-30679-ANY-ALLOW-10.4.59.195
+ destination {
+ group {
+ address-group DT_VPN-30679
+ }
+ }
+ source {
+ address 10.4.59.195
+ }
+ }
+ rule 3077 {
+ action accept
+ description FW930F3_3-ANY-ALLOW-77.68.112.254
+ destination {
+ group {
+ address-group DT_FW930F3_3
+ }
+ }
+ source {
+ address 77.68.112.254
+ }
+ }
+ rule 3078 {
+ action accept
+ description FW672AB_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW672AB_1
+ }
+ port 5432
+ }
+ protocol tcp
+ }
+ rule 3079 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.211.252
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.211.252
+ }
+ }
+ rule 3080 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-123.231.86.192
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 123.231.86.192
+ }
+ }
+ rule 3081 {
+ action accept
+ description VPN-33204-ANY-ALLOW-10.4.56.176
+ destination {
+ group {
+ address-group DT_VPN-33204
+ }
+ }
+ source {
+ address 10.4.56.176
+ }
+ }
+ rule 3083 {
+ action accept
+ description FW1FA8E_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW1FA8E_1
+ }
+ port 33434
+ }
+ protocol udp
+ }
+ rule 3084 {
+ action accept
+ description FWD2440_1-ESP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWD2440_1
+ }
+ }
+ protocol esp
+ }
+ rule 3085 {
+ action accept
+ description FWA0531_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWA0531_1
+ }
+ port 53
+ }
+ protocol tcp_udp
+ }
+ rule 3090 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.212.70
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.212.70
+ }
+ }
+ rule 3091 {
+ action accept
+ description FWF7BFA_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWF7BFA_1
+ }
+ port 8000,5901,5479,5478
+ }
+ protocol tcp
+ }
+ rule 3092 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.214.212
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.214.212
+ }
+ }
+ rule 3094 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.212.125
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.212.125
+ }
+ }
+ rule 3096 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.211.89
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.211.89
+ }
+ }
+ rule 3097 {
+ action accept
+ description FWD56A2_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWD56A2_1
+ }
+ port 8001,8000
+ }
+ protocol tcp
+ }
+ rule 3098 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.209.109
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.209.109
+ }
+ }
+ rule 3099 {
+ action accept
+ description FW36425_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW36425_1
+ }
+ port 44445,7770-7800
+ }
+ protocol tcp
+ }
+ rule 3100 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.214.238
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.214.238
+ }
+ }
+ rule 3102 {
+ action accept
+ description FW6B39D_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW6B39D_1
+ }
+ port 49216,49215
+ }
+ protocol tcp_udp
+ }
+ rule 3103 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.213.121
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.213.121
+ }
+ }
+ rule 3105 {
+ action accept
+ description FW2379F_14-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW2379F_14
+ }
+ port 443
+ }
+ protocol tcp_udp
+ }
+ rule 3107 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.211.38
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.211.38
+ }
+ }
+ rule 3109 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.213.191
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.213.191
+ }
+ }
+ rule 3111 {
+ action accept
+ description FW27947_1-TCP-ALLOW-213.229.100.148
+ destination {
+ group {
+ address-group DT_FW27947_1
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 213.229.100.148
+ }
+ }
+ rule 3112 {
+ action accept
+ description FWD42CF_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWD42CF_1
+ }
+ port 5432,5001,5000
+ }
+ protocol tcp
+ }
+ rule 3114 {
+ action accept
+ description FW3A12F_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW3A12F_1
+ }
+ port 53
+ }
+ protocol tcp_udp
+ }
+ rule 3116 {
+ action accept
+ description FW5A5D7_3-TCP-ALLOW-194.62.184.87
+ destination {
+ group {
+ address-group DT_FW5A5D7_3
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 194.62.184.87
+ }
+ }
+ rule 3117 {
+ action accept
+ description FW5A5D7_3-TCP-ALLOW-51.219.31.78
+ destination {
+ group {
+ address-group DT_FW5A5D7_3
+ }
+ port 8172,3389
+ }
+ protocol tcp
+ source {
+ address 51.219.31.78
+ }
+ }
+ rule 3118 {
+ action accept
+ description VPN-26157-ANY-ALLOW-10.4.86.57
+ destination {
+ group {
+ address-group DT_VPN-26157
+ }
+ }
+ source {
+ address 10.4.86.57
+ }
+ }
+ rule 3119 {
+ action accept
+ description VPN-26157-ANY-ALLOW-10.4.87.57
+ destination {
+ group {
+ address-group DT_VPN-26157
+ }
+ }
+ source {
+ address 10.4.87.57
+ }
+ }
+ rule 3120 {
+ action accept
+ description FWA7625_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWA7625_1
+ }
+ port 943
+ }
+ protocol tcp
+ }
+ rule 3121 {
+ action accept
+ description FWC96A1_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWC96A1_1
+ }
+ port 1194
+ }
+ protocol udp
+ }
+ rule 3122 {
+ action accept
+ description FWA7625_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWA7625_1
+ }
+ port 1194
+ }
+ protocol udp
+ }
+ rule 3123 {
+ action accept
+ description FWA7625_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWA7625_1
+ }
+ port 32400,10108
+ }
+ protocol tcp_udp
+ }
+ rule 3125 {
+ action accept
+ description FW8A3FC_3-TCP-ALLOW-185.173.161.154
+ destination {
+ group {
+ address-group DT_FW8A3FC_3
+ }
+ port 465
+ }
+ protocol tcp
+ source {
+ address 185.173.161.154
+ }
+ }
+ rule 3127 {
+ action accept
+ description FW05339_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW05339_1
+ }
+ port 46961
+ }
+ protocol udp
+ }
+ rule 3130 {
+ action accept
+ description FWA0AA0_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWA0AA0_1
+ }
+ port 1194
+ }
+ protocol udp
+ }
+ rule 3132 {
+ action accept
+ description FWD8DD1_2-TCP_UDP-ALLOW-77.153.164.226
+ destination {
+ group {
+ address-group DT_FWD8DD1_2
+ }
+ port 443,80
+ }
+ protocol tcp_udp
+ source {
+ address 77.153.164.226
+ }
+ }
+ rule 3134 {
+ action accept
+ description FW19987_4-TCP-ALLOW-87.224.6.174
+ destination {
+ group {
+ address-group DT_FW19987_4
+ }
+ port 3389,445,443
+ }
+ protocol tcp
+ source {
+ address 87.224.6.174
+ }
+ }
+ rule 3135 {
+ action accept
+ description FW40AE4_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW40AE4_1
+ }
+ port 53
+ }
+ protocol tcp_udp
+ }
+ rule 3136 {
+ action accept
+ description VPN-33204-ANY-ALLOW-10.4.57.176
+ destination {
+ group {
+ address-group DT_VPN-33204
+ }
+ }
+ source {
+ address 10.4.57.176
+ }
+ }
+ rule 3137 {
+ action accept
+ description FWF3A1B_1-TCP_UDP-ALLOW-86.132.125.4
+ destination {
+ group {
+ address-group DT_FWF3A1B_1
+ }
+ port 2222
+ }
+ protocol tcp_udp
+ source {
+ address 86.132.125.4
+ }
+ }
+ rule 3138 {
+ action accept
+ description FWF3A1B_1-TCP_UDP-ALLOW-91.205.173.51
+ destination {
+ group {
+ address-group DT_FWF3A1B_1
+ }
+ port 2222
+ }
+ protocol tcp_udp
+ source {
+ address 91.205.173.51
+ }
+ }
+ rule 3143 {
+ action accept
+ description FWA86ED_101-TCP-ALLOW-109.149.121.73
+ destination {
+ group {
+ address-group DT_FWA86ED_101
+ }
+ port 3389,443
+ }
+ protocol tcp
+ source {
+ address 109.149.121.73
+ }
+ }
+ rule 3144 {
+ action accept
+ description FWA0AA0_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWA0AA0_1
+ }
+ port 28083,28015-28016,1935
+ }
+ protocol tcp_udp
+ }
+ rule 3146 {
+ action accept
+ description FWF3A1B_1-TCP_UDP-ALLOW-92.233.27.144
+ destination {
+ group {
+ address-group DT_FWF3A1B_1
+ }
+ port 2222
+ }
+ protocol tcp_udp
+ source {
+ address 92.233.27.144
+ }
+ }
+ rule 3148 {
+ action accept
+ description FWA86ED_101-TCP-ALLOW-151.228.194.190
+ destination {
+ group {
+ address-group DT_FWA86ED_101
+ }
+ port 3389,443
+ }
+ protocol tcp
+ source {
+ address 151.228.194.190
+ }
+ }
+ rule 3149 {
+ action accept
+ description FW9B6FB_1-ICMP-ALLOW-77.68.89.115_32
+ destination {
+ group {
+ address-group DT_FW9B6FB_1
+ }
+ }
+ protocol icmp
+ source {
+ address 77.68.89.115/32
+ }
+ }
+ rule 3153 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.214.199
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.214.199
+ }
+ }
+ rule 3155 {
+ action accept
+ description FW45F3D_1-ANY-ALLOW-195.224.110.168
+ destination {
+ group {
+ address-group DT_FW45F3D_1
+ }
+ }
+ source {
+ address 195.224.110.168
+ }
+ }
+ rule 3156 {
+ action accept
+ description FWF8E67_1-TCP-ALLOW-82.14.188.35
+ destination {
+ group {
+ address-group DT_FWF8E67_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 82.14.188.35
+ }
+ }
+ rule 3157 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.215.58
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.215.58
+ }
+ }
+ rule 3158 {
+ action accept
+ description VPN-19992-ANY-ALLOW-10.4.87.158
+ destination {
+ group {
+ address-group DT_VPN-19992
+ }
+ }
+ source {
+ address 10.4.87.158
+ }
+ }
+ rule 3159 {
+ action accept
+ description FWA86ED_101-TCP-ALLOW-5.66.24.185
+ destination {
+ group {
+ address-group DT_FWA86ED_101
+ }
+ port 3389,443
+ }
+ protocol tcp
+ source {
+ address 5.66.24.185
+ }
+ }
+ rule 3160 {
+ action accept
+ description FWF8E67_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWF8E67_1
+ }
+ port 3001
+ }
+ protocol tcp
+ }
+ rule 3161 {
+ action accept
+ description FWD2440_1-AH-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWD2440_1
+ }
+ }
+ protocol ah
+ }
+ rule 3166 {
+ action accept
+ description FW3EBC8_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW3EBC8_1
+ }
+ port 9001-9900,9000
+ }
+ protocol tcp
+ }
+ rule 3167 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.212.244
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.212.244
+ }
+ }
+ rule 3168 {
+ action accept
+ description FWA0531_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWA0531_1
+ }
+ port 3000
+ }
+ protocol tcp
+ }
+ rule 3170 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.215.137
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.215.137
+ }
+ }
+ rule 3173 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.209.104
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.209.104
+ }
+ }
+ rule 3176 {
+ action accept
+ description FW6906B_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW6906B_1
+ }
+ port 4190
+ }
+ protocol tcp
+ }
+ rule 3177 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-116.206.246.230
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 116.206.246.230
+ }
+ }
+ rule 3178 {
+ action accept
+ description FW444AF_1-TCP-ALLOW-91.135.10.140
+ destination {
+ group {
+ address-group DT_FW444AF_1
+ }
+ port 27017
+ }
+ protocol tcp
+ source {
+ address 91.135.10.140
+ }
+ }
+ rule 3180 {
+ action accept
+ description FWA86ED_101-TCP-ALLOW-81.150.13.34
+ destination {
+ group {
+ address-group DT_FWA86ED_101
+ }
+ port 3389,443
+ }
+ protocol tcp
+ source {
+ address 81.150.13.34
+ }
+ }
+ rule 3181 {
+ action accept
+ description FWA86ED_101-TCP-ALLOW-82.10.14.73
+ destination {
+ group {
+ address-group DT_FWA86ED_101
+ }
+ port 3389,443
+ }
+ protocol tcp
+ source {
+ address 82.10.14.73
+ }
+ }
+ rule 3183 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.209.25
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.209.25
+ }
+ }
+ rule 3184 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.215.224
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.215.224
+ }
+ }
+ rule 3185 {
+ action accept
+ description FW9B6FB_1-TCP-ALLOW-77.68.89.115_32
+ destination {
+ group {
+ address-group DT_FW9B6FB_1
+ }
+ port 10050
+ }
+ protocol tcp
+ source {
+ address 77.68.89.115/32
+ }
+ }
+ rule 3186 {
+ action accept
+ description VPN-14673-ANY-ALLOW-10.4.89.44
+ destination {
+ group {
+ address-group DT_VPN-14673
+ }
+ }
+ source {
+ address 10.4.89.44
+ }
+ }
+ rule 3187 {
+ action accept
+ description FWCA628_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWCA628_1
+ }
+ port 2096,2095,2087,2086,2083,2082
+ }
+ protocol tcp
+ }
+ rule 3189 {
+ action accept
+ description VPN-28484-ANY-ALLOW-10.4.58.159
+ destination {
+ group {
+ address-group DT_VPN-28484
+ }
+ }
+ source {
+ address 10.4.58.159
+ }
+ }
+ rule 3190 {
+ action accept
+ description FW028C0_2-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW028C0_2
+ }
+ port 44491-44498,44474
+ }
+ protocol tcp
+ }
+ rule 3191 {
+ action accept
+ description VPN-28484-ANY-ALLOW-10.4.59.159
+ destination {
+ group {
+ address-group DT_VPN-28484
+ }
+ }
+ source {
+ address 10.4.59.159
+ }
+ }
+ rule 3192 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.213.119
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.213.119
+ }
+ }
+ rule 3194 {
+ action accept
+ description FWF699D_4-TCP-ALLOW-195.74.108.130
+ destination {
+ group {
+ address-group DT_FWF699D_4
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 195.74.108.130
+ }
+ }
+ rule 3195 {
+ action accept
+ description FWF699D_4-TCP-ALLOW-31.54.149.143
+ destination {
+ group {
+ address-group DT_FWF699D_4
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 31.54.149.143
+ }
+ }
+ rule 3196 {
+ action accept
+ description FWF699D_4-TCP-ALLOW-35.204.243.120
+ destination {
+ group {
+ address-group DT_FWF699D_4
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 35.204.243.120
+ }
+ }
+ rule 3197 {
+ action accept
+ description FWF699D_4-TCP-ALLOW-81.150.55.65
+ destination {
+ group {
+ address-group DT_FWF699D_4
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 81.150.55.65
+ }
+ }
+ rule 3198 {
+ action accept
+ description FWF699D_4-TCP-ALLOW-81.150.55.70
+ destination {
+ group {
+ address-group DT_FWF699D_4
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 81.150.55.70
+ }
+ }
+ rule 3199 {
+ action accept
+ description FWF699D_4-TCP-ALLOW-86.142.112.4
+ destination {
+ group {
+ address-group DT_FWF699D_4
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 86.142.112.4
+ }
+ }
+ rule 3200 {
+ action accept
+ description FWF699D_4-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWF699D_4
+ }
+ port 8983
+ }
+ protocol tcp_udp
+ }
+ rule 3201 {
+ action accept
+ description FWF699D_4-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWF699D_4
+ }
+ port 11009,10009
+ }
+ protocol tcp
+ }
+ rule 3202 {
+ action accept
+ description VPN-2661-ANY-ALLOW-10.4.54.24
+ destination {
+ group {
+ address-group DT_VPN-2661
+ }
+ }
+ source {
+ address 10.4.54.24
+ }
+ }
+ rule 3203 {
+ action accept
+ description VPN-2661-ANY-ALLOW-10.4.55.24
+ destination {
+ group {
+ address-group DT_VPN-2661
+ }
+ }
+ source {
+ address 10.4.55.24
+ }
+ }
+ rule 3204 {
+ action accept
+ description VPN-9727-ANY-ALLOW-10.4.54.118
+ destination {
+ group {
+ address-group DT_VPN-9727
+ }
+ }
+ source {
+ address 10.4.54.118
+ }
+ }
+ rule 3205 {
+ action accept
+ description VPN-9727-ANY-ALLOW-10.4.55.119
+ destination {
+ group {
+ address-group DT_VPN-9727
+ }
+ }
+ source {
+ address 10.4.55.119
+ }
+ }
+ rule 3207 {
+ action accept
+ description FWF0221_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWF0221_1
+ }
+ port 65000,8099,8080
+ }
+ protocol tcp_udp
+ }
+ rule 3208 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.211.180
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.211.180
+ }
+ }
+ rule 3209 {
+ action accept
+ description FWA86ED_101-TCP-ALLOW-82.5.189.5
+ destination {
+ group {
+ address-group DT_FWA86ED_101
+ }
+ port 443
+ }
+ protocol tcp
+ source {
+ address 82.5.189.5
+ }
+ }
+ rule 3210 {
+ action accept
+ description FW60FD6_5-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW60FD6_5
+ }
+ port 1194
+ }
+ protocol udp
+ }
+ rule 3211 {
+ action accept
+ description FW60FD6_5-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW60FD6_5
+ }
+ port 9500,9191,9090,8090,2222
+ }
+ protocol tcp
+ }
+ rule 3212 {
+ action accept
+ description FWA86ED_101-TCP-ALLOW-84.65.217.114
+ destination {
+ group {
+ address-group DT_FWA86ED_101
+ }
+ port 3389,443
+ }
+ protocol tcp
+ source {
+ address 84.65.217.114
+ }
+ }
+ rule 3213 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-175.157.43.21
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 175.157.43.21
+ }
+ }
+ rule 3214 {
+ action accept
+ description FW45F3D_1-ANY-ALLOW-77.68.126.251
+ destination {
+ group {
+ address-group DT_FW45F3D_1
+ }
+ }
+ source {
+ address 77.68.126.251
+ }
+ }
+ rule 3215 {
+ action accept
+ description FWA86ED_101-TCP-ALLOW-86.14.23.23
+ destination {
+ group {
+ address-group DT_FWA86ED_101
+ }
+ port 3389,443
+ }
+ protocol tcp
+ source {
+ address 86.14.23.23
+ }
+ }
+ rule 3217 {
+ action accept
+ description FW85E02_11-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW85E02_11
+ }
+ port 9000-10999
+ }
+ protocol udp
+ }
+ rule 3218 {
+ action accept
+ description FW5D0FA_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW5D0FA_1
+ }
+ port 53
+ }
+ protocol tcp_udp
+ }
+ rule 3222 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.212.141
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.212.141
+ }
+ }
+ rule 3223 {
+ action accept
+ description FWCDD8B_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWCDD8B_1
+ }
+ port 2222
+ }
+ protocol tcp
+ }
+ rule 3224 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.214.185
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.214.185
+ }
+ }
+ rule 3225 {
+ action accept
+ description FW06940_3-TCP_UDP-ALLOW-213.171.210.153
+ destination {
+ group {
+ address-group DT_FW06940_3
+ }
+ port 1-65535
+ }
+ protocol tcp_udp
+ source {
+ address 213.171.210.153
+ }
+ }
+ rule 3226 {
+ action accept
+ description FW06940_3-TCP_UDP-ALLOW-70.29.113.102
+ destination {
+ group {
+ address-group DT_FW06940_3
+ }
+ port 1-65535
+ }
+ protocol tcp_udp
+ source {
+ address 70.29.113.102
+ }
+ }
+ rule 3227 {
+ action accept
+ description FWC32BE_1-ANY-ALLOW-3.127.0.177
+ destination {
+ group {
+ address-group DT_FWC32BE_1
+ }
+ }
+ source {
+ address 3.127.0.177
+ }
+ }
+ rule 3228 {
+ action accept
+ description FWA86ED_101-TCP-ALLOW-93.115.195.58
+ destination {
+ group {
+ address-group DT_FWA86ED_101
+ }
+ port 3389,443
+ }
+ protocol tcp
+ source {
+ address 93.115.195.58
+ }
+ }
+ rule 3229 {
+ action accept
+ description FWE32F2_8-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWE32F2_8
+ }
+ port 40120,30120,30110
+ }
+ protocol tcp
+ }
+ rule 3230 {
+ action accept
+ description VPN-28515-ANY-ALLOW-10.4.56.162
+ destination {
+ group {
+ address-group DT_VPN-28515
+ }
+ }
+ source {
+ address 10.4.56.162
+ }
+ }
+ rule 3231 {
+ action accept
+ description FW06940_3-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW06940_3
+ }
+ port 30000-30400,8443-8447,445,80-110,21-25
+ }
+ protocol tcp
+ }
+ rule 3232 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.211.134
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.211.134
+ }
+ }
+ rule 3236 {
+ action accept
+ description VPN-28515-ANY-ALLOW-10.4.57.162
+ destination {
+ group {
+ address-group DT_VPN-28515
+ }
+ }
+ source {
+ address 10.4.57.162
+ }
+ }
+ rule 3237 {
+ action accept
+ description FWF4063_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWF4063_1
+ }
+ port 3000
+ }
+ protocol tcp
+ }
+ rule 3240 {
+ action accept
+ description FW06940_3-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW06940_3
+ }
+ port 49152-65535,6379,5666,5432-5454
+ }
+ protocol tcp_udp
+ }
+ rule 3242 {
+ action accept
+ description FW2E8D4_1-TCP-ALLOW-63.35.92.185
+ destination {
+ group {
+ address-group DT_FW2E8D4_1
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 63.35.92.185
+ }
+ }
+ rule 3244 {
+ action accept
+ description FWF30BD_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWF30BD_1
+ }
+ port 9000-10999
+ }
+ protocol udp
+ }
+ rule 3245 {
+ action accept
+ description FWE30A1_4-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWE30A1_4
+ }
+ port 65057
+ }
+ protocol tcp_udp
+ }
+ rule 3246 {
+ action accept
+ description VPN-26772-ANY-ALLOW-10.4.54.123
+ destination {
+ group {
+ address-group DT_VPN-26772
+ }
+ }
+ source {
+ address 10.4.54.123
+ }
+ }
+ rule 3249 {
+ action accept
+ description FW56496_1-ANY-ALLOW-77.68.82.49
+ destination {
+ group {
+ address-group DT_FW56496_1
+ }
+ }
+ source {
+ address 77.68.82.49
+ }
+ }
+ rule 3251 {
+ action accept
+ description FWDA443_6-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWDA443_6
+ }
+ port 30175,12050
+ }
+ protocol tcp
+ }
+ rule 3253 {
+ action accept
+ description FW5A521_3-TCP-ALLOW-88.98.75.17
+ destination {
+ group {
+ address-group DT_FW5A521_3
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 88.98.75.17
+ }
+ }
+ rule 3254 {
+ action accept
+ description FW5A521_3-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW5A521_3
+ }
+ port 161-162
+ }
+ protocol udp
+ }
+ rule 3255 {
+ action accept
+ description FW5A521_3-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW5A521_3
+ }
+ port 5900
+ }
+ protocol tcp
+ }
+ rule 3259 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.214.178
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000,3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.214.178
+ }
+ }
+ rule 3260 {
+ action accept
+ description VPN-26772-ANY-ALLOW-10.4.55.124
+ destination {
+ group {
+ address-group DT_VPN-26772
+ }
+ }
+ source {
+ address 10.4.55.124
+ }
+ }
+ rule 3262 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.209.114
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.209.114
+ }
+ }
+ rule 3272 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-116.206.246.30
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 116.206.246.30
+ }
+ }
+ rule 3273 {
+ action accept
+ description FW2B4BA_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW2B4BA_1
+ }
+ port 30000-31000
+ }
+ protocol tcp
+ }
+ rule 3284 {
+ action accept
+ description FW06940_3-TCP-ALLOW-213.171.217.107
+ destination {
+ group {
+ address-group DT_FW06940_3
+ }
+ port 8443
+ }
+ protocol tcp
+ source {
+ address 213.171.217.107
+ }
+ }
+ rule 3285 {
+ action accept
+ description FW0952B_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW0952B_1
+ }
+ port 9030,9001
+ }
+ protocol tcp
+ }
+ rule 3286 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-123.231.85.35
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 123.231.85.35
+ }
+ }
+ rule 3290 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.208.232
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.208.232
+ }
+ }
+ rule 3294 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.212.21
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.212.21
+ }
+ }
+ rule 3295 {
+ action accept
+ description FW0EA3F_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW0EA3F_1
+ }
+ port 1-65535
+ }
+ protocol tcp_udp
+ }
+ rule 3296 {
+ action accept
+ description FW9D5C7_1-TCP-ALLOW-209.97.176.108
+ destination {
+ group {
+ address-group DT_FW9D5C7_1
+ }
+ port 8447,8443,22
+ }
+ protocol tcp
+ source {
+ address 209.97.176.108
+ }
+ }
+ rule 3297 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.210.188
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.210.188
+ }
+ }
+ rule 3298 {
+ action accept
+ description FW9D5C7_1-TCP-ALLOW-165.227.231.227
+ destination {
+ group {
+ address-group DT_FW9D5C7_1
+ }
+ port 9117,9113,9104,9100
+ }
+ protocol tcp
+ source {
+ address 165.227.231.227
+ }
+ }
+ rule 3299 {
+ action accept
+ description FW4DB0A_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW4DB0A_1
+ }
+ port 953
+ }
+ protocol tcp
+ }
+ rule 3300 {
+ action accept
+ description FW4DB0A_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW4DB0A_1
+ }
+ port 953
+ }
+ protocol udp
+ }
+ rule 3301 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.209.91
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.209.91
+ }
+ }
+ rule 3303 {
+ action accept
+ description FW56496_1-TCP-ALLOW-176.255.93.149
+ destination {
+ group {
+ address-group DT_FW56496_1
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 176.255.93.149
+ }
+ }
+ rule 3304 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.210.79
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.210.79
+ }
+ }
+ rule 3305 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.215.43
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.215.43
+ }
+ }
+ rule 3306 {
+ action accept
+ description FW310C6_3-ANY-ALLOW-88.208.198.40
+ destination {
+ group {
+ address-group DT_FW310C6_3
+ }
+ }
+ source {
+ address 88.208.198.40
+ }
+ }
+ rule 3307 {
+ action accept
+ description FW597A6_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW597A6_1
+ }
+ port 49152-65535,990
+ }
+ protocol tcp
+ }
+ rule 3308 {
+ action accept
+ description FW597A6_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW597A6_1
+ }
+ port 3306
+ }
+ protocol tcp_udp
+ }
+ rule 3309 {
+ action accept
+ description FWBC280_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWBC280_1
+ }
+ port 49152-65535,20-21
+ }
+ protocol tcp
+ }
+ rule 3310 {
+ action accept
+ description VPN-31301-ANY-ALLOW-10.4.87.223
+ destination {
+ group {
+ address-group DT_VPN-31301
+ }
+ }
+ source {
+ address 10.4.87.223
+ }
+ }
+ rule 3311 {
+ action accept
+ description FW18E6E_3-TCP-ALLOW-148.253.173.243
+ destination {
+ group {
+ address-group DT_FW18E6E_3
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 148.253.173.243
+ }
+ }
+ rule 3312 {
+ action accept
+ description FW9EEDD_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW9EEDD_1
+ }
+ port 990,197,20-23
+ }
+ protocol tcp
+ }
+ rule 3313 {
+ action accept
+ description FW9EEDD_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW9EEDD_1
+ }
+ port 49152-65535
+ }
+ protocol tcp_udp
+ }
+ rule 3314 {
+ action accept
+ description VPN-31002-ANY-ALLOW-10.4.89.126
+ destination {
+ group {
+ address-group DT_VPN-31002
+ }
+ }
+ source {
+ address 10.4.89.126
+ }
+ }
+ rule 3316 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.209.11
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.209.11
+ }
+ }
+ rule 3317 {
+ action accept
+ description FW32EFF_49-TCP-ALLOW-195.59.191.128_25
+ destination {
+ group {
+ address-group DT_FW32EFF_49
+ }
+ port 5589
+ }
+ protocol tcp
+ source {
+ address 195.59.191.128/25
+ }
+ }
+ rule 3318 {
+ action accept
+ description FW32EFF_49-TCP-ALLOW-213.71.130.0_26
+ destination {
+ group {
+ address-group DT_FW32EFF_49
+ }
+ port 5589
+ }
+ protocol tcp
+ source {
+ address 213.71.130.0/26
+ }
+ }
+ rule 3319 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.215.88
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.215.88
+ }
+ }
+ rule 3320 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.215.173
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.215.173
+ }
+ }
+ rule 3321 {
+ action accept
+ description FW32EFF_49-TCP-ALLOW-84.19.45.82
+ destination {
+ group {
+ address-group DT_FW32EFF_49
+ }
+ port 5589
+ }
+ protocol tcp
+ source {
+ address 84.19.45.82
+ }
+ }
+ rule 3322 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-175.157.43.122
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 175.157.43.122
+ }
+ }
+ rule 3323 {
+ action accept
+ description FWC1ACD_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWC1ACD_1
+ }
+ port 28061,28060,8080
+ }
+ protocol tcp_udp
+ }
+ rule 3324 {
+ action accept
+ description FWA5D67_1-TCP_UDP-ALLOW-84.74.32.74
+ destination {
+ group {
+ address-group DT_FWA5D67_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 84.74.32.74
+ }
+ }
+ rule 3325 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.213.169
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.213.169
+ }
+ }
+ rule 3326 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.213.89
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.213.89
+ }
+ }
+ rule 3329 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.212.35
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.212.35
+ }
+ }
+ rule 3330 {
+ action accept
+ description FWCE020_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWCE020_1
+ }
+ port 48402
+ }
+ protocol udp
+ }
+ rule 3333 {
+ action accept
+ description FWF3574_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWF3574_1
+ }
+ port 8060,445,139
+ }
+ protocol tcp
+ }
+ rule 3334 {
+ action accept
+ description FWE6AB2_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWE6AB2_1
+ }
+ port 44158,945,943
+ }
+ protocol tcp
+ }
+ rule 3335 {
+ action accept
+ description FWBFC02_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWBFC02_1
+ }
+ port 44158,945,943
+ }
+ protocol tcp
+ }
+ rule 3336 {
+ action accept
+ description FWBFC02_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWBFC02_1
+ }
+ port 1194
+ }
+ protocol udp
+ }
+ rule 3337 {
+ action accept
+ description FWE6AB2_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWE6AB2_1
+ }
+ port 1194
+ }
+ protocol udp
+ }
+ rule 3338 {
+ action accept
+ description FWBC8A6_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWBC8A6_1
+ }
+ port 44158,945,943
+ }
+ protocol tcp
+ }
+ rule 3339 {
+ action accept
+ description FWBC8A6_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWBC8A6_1
+ }
+ port 1194
+ }
+ protocol udp
+ }
+ rule 3340 {
+ action accept
+ description FWA0AA0_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWA0AA0_1
+ }
+ port 2302
+ }
+ protocol tcp
+ }
+ rule 3342 {
+ action accept
+ description FW56496_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW56496_1
+ }
+ port 22
+ }
+ protocol tcp_udp
+ }
+ rule 3343 {
+ action accept
+ description FW56496_1-TCP-ALLOW-157.231.178.162
+ destination {
+ group {
+ address-group DT_FW56496_1
+ }
+ port 21
+ }
+ protocol tcp
+ source {
+ address 157.231.178.162
+ }
+ }
+ rule 3344 {
+ action accept
+ description FW56496_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW56496_1
+ }
+ port 2443,1022
+ }
+ protocol tcp
+ }
+ rule 3345 {
+ action accept
+ description FW56496_1-TCP_UDP-ALLOW-46.16.211.142
+ destination {
+ group {
+ address-group DT_FW56496_1
+ }
+ port 3389,21
+ }
+ protocol tcp_udp
+ source {
+ address 46.16.211.142
+ }
+ }
+ rule 3347 {
+ action accept
+ description FW2379F_14-GRE-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW2379F_14
+ }
+ }
+ protocol gre
+ }
+ rule 3348 {
+ action accept
+ description FW0E383_9-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW0E383_9
+ }
+ port 52000
+ }
+ protocol tcp
+ }
+ rule 3350 {
+ action accept
+ description FWB4438_2-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWB4438_2
+ }
+ port 993-995,7
+ }
+ protocol tcp
+ }
+ rule 3351 {
+ action accept
+ description FW1F3D0_6-TCP_UDP-ALLOW-82.165.207.109
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 4567-4568
+ }
+ protocol tcp_udp
+ source {
+ address 82.165.207.109
+ }
+ }
+ rule 3352 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.210.77
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.210.77
+ }
+ }
+ rule 3358 {
+ action accept
+ description FW46F4A_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW46F4A_1
+ }
+ port 51820
+ }
+ protocol udp
+ }
+ rule 3359 {
+ action accept
+ description FW53C72_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW53C72_1
+ }
+ port 48402
+ }
+ protocol udp
+ }
+ rule 3360 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.210.251
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.210.251
+ }
+ }
+ rule 3362 {
+ action accept
+ description FWAA38E_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWAA38E_1
+ }
+ port 1001-65535
+ }
+ protocol tcp_udp
+ }
+ rule 3363 {
+ action accept
+ description FW138F8_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW138F8_1
+ }
+ port 21,20
+ }
+ protocol tcp_udp
+ }
+ rule 3364 {
+ action accept
+ description FW0BD92_3-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW0BD92_3
+ }
+ port 18081,18080
+ }
+ protocol tcp
+ }
+ rule 3365 {
+ action accept
+ description FWFEF05_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWFEF05_1
+ }
+ port 1935
+ }
+ protocol tcp_udp
+ }
+ rule 3367 {
+ action accept
+ description FW26846_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW26846_1
+ }
+ port 8000
+ }
+ protocol tcp
+ }
+ rule 3368 {
+ action accept
+ description FWB4438_2-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWB4438_2
+ }
+ port 53
+ }
+ protocol tcp_udp
+ }
+ rule 3369 {
+ action accept
+ description FWA884B_5-TCP-ALLOW-51.146.16.162
+ destination {
+ group {
+ address-group DT_FWA884B_5
+ }
+ port 8447,8443,22
+ }
+ protocol tcp
+ source {
+ address 51.146.16.162
+ }
+ }
+ rule 3370 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.209.22
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.209.22
+ }
+ }
+ rule 3371 {
+ action accept
+ description FWFDE34_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWFDE34_1
+ }
+ port 18081,18080
+ }
+ protocol tcp
+ }
+ rule 3373 {
+ action accept
+ description FWB6101_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWB6101_1
+ }
+ port 2280
+ }
+ protocol tcp
+ }
+ rule 3377 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-123.231.84.203
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 123.231.84.203
+ }
+ }
+ rule 3378 {
+ action accept
+ description FW1D511_2-TCP-ALLOW-92.29.46.47
+ destination {
+ group {
+ address-group DT_FW1D511_2
+ }
+ port 9090
+ }
+ protocol tcp
+ source {
+ address 92.29.46.47
+ }
+ }
+ rule 3386 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.208.175
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.208.175
+ }
+ }
+ rule 3387 {
+ action accept
+ description FW1ACD9_2-TCP-ALLOW-89.197.148.38
+ destination {
+ group {
+ address-group DT_FW1ACD9_2
+ }
+ port 5015,22
+ }
+ protocol tcp
+ source {
+ address 89.197.148.38
+ }
+ }
+ rule 3388 {
+ action accept
+ description FW1ACD9_2-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW1ACD9_2
+ }
+ port 9000-10999,5090,5060
+ }
+ protocol udp
+ }
+ rule 3389 {
+ action accept
+ description FW1ACD9_2-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW1ACD9_2
+ }
+ port 5090,5060-5062
+ }
+ protocol tcp
+ }
+ rule 3391 {
+ action accept
+ description FWA0B7F_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWA0B7F_1
+ }
+ port 53
+ }
+ protocol tcp_udp
+ }
+ rule 3392 {
+ action accept
+ description FW56335_2-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW56335_2
+ }
+ port 18081,18080
+ }
+ protocol tcp
+ }
+ rule 3395 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.212.90
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000,3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.212.90
+ }
+ }
+ rule 3396 {
+ action accept
+ description FW4D3E6_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW4D3E6_1
+ }
+ port 18081,18080
+ }
+ protocol tcp
+ }
+ rule 3397 {
+ action accept
+ description FWB118A_1-TCP-ALLOW-188.65.177.58
+ destination {
+ group {
+ address-group DT_FWB118A_1
+ }
+ port 49152-65534,8447,8443,22,21,20
+ }
+ protocol tcp
+ source {
+ address 188.65.177.58
+ }
+ }
+ rule 3398 {
+ action accept
+ description FWB118A_1-TCP-ALLOW-77.68.103.13
+ destination {
+ group {
+ address-group DT_FWB118A_1
+ }
+ port 49152-65534,8447,8443,22,21,20
+ }
+ protocol tcp
+ source {
+ address 77.68.103.13
+ }
+ }
+ rule 3399 {
+ action accept
+ description FWB118A_1-TCP-ALLOW-80.5.71.130
+ destination {
+ group {
+ address-group DT_FWB118A_1
+ }
+ port 49152-65534,8447,8443,22,21,20
+ }
+ protocol tcp
+ source {
+ address 80.5.71.130
+ }
+ }
+ rule 3402 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.213.205
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.213.205
+ }
+ }
+ rule 3408 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.211.31
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.211.31
+ }
+ }
+ rule 3409 {
+ action accept
+ description FW539FB_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW539FB_1
+ }
+ port 389
+ }
+ protocol tcp
+ }
+ rule 3411 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.213.185
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.213.185
+ }
+ }
+ rule 3415 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-116.206.245.124
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000,3389
+ }
+ protocol tcp_udp
+ source {
+ address 116.206.245.124
+ }
+ }
+ rule 3416 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.213.75
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.213.75
+ }
+ }
+ rule 3417 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.214.34
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000,3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.214.34
+ }
+ }
+ rule 3418 {
+ action accept
+ description FWEF92E_5-UDP-ALLOW-77.68.77.70
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ port 500
+ }
+ protocol udp
+ source {
+ address 77.68.77.70
+ }
+ }
+ rule 3419 {
+ action accept
+ description FWEF92E_5-UDP-ALLOW-77.68.92.33
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ port 500
+ }
+ protocol udp
+ source {
+ address 77.68.92.33
+ }
+ }
+ rule 3420 {
+ action accept
+ description FWEF92E_5-UDP-ALLOW-77.68.93.82
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ port 500
+ }
+ protocol udp
+ source {
+ address 77.68.93.82
+ }
+ }
+ rule 3421 {
+ action accept
+ description FWEF92E_5-UDP-ALLOW-88.208.198.93
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ port 500
+ }
+ protocol udp
+ source {
+ address 88.208.198.93
+ }
+ }
+ rule 3422 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.214.94
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.214.94
+ }
+ }
+ rule 3424 {
+ action accept
+ description FW18E6E_3-TCP-ALLOW-148.253.173.244
+ destination {
+ group {
+ address-group DT_FW18E6E_3
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 148.253.173.244
+ }
+ }
+ rule 3425 {
+ action accept
+ description FW18E6E_3-TCP-ALLOW-148.253.173.246
+ destination {
+ group {
+ address-group DT_FW18E6E_3
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 148.253.173.246
+ }
+ }
+ rule 3426 {
+ action accept
+ description FW18E6E_3-TCP-ALLOW-195.97.222.122
+ destination {
+ group {
+ address-group DT_FW18E6E_3
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 195.97.222.122
+ }
+ }
+ rule 3431 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.209.111
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.209.111
+ }
+ }
+ rule 3432 {
+ action accept
+ description FW06940_3-TCP_UDP-ALLOW-74.208.41.119
+ destination {
+ group {
+ address-group DT_FW06940_3
+ }
+ port 1-65535
+ }
+ protocol tcp_udp
+ source {
+ address 74.208.41.119
+ }
+ }
+ rule 3438 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.209.252
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.209.252
+ }
+ }
+ rule 3440 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.214.118
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.214.118
+ }
+ }
+ rule 3442 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.209.15
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.209.15
+ }
+ }
+ rule 3446 {
+ action accept
+ description FWC32BE_1-ANY-ALLOW-3.65.3.75
+ destination {
+ group {
+ address-group DT_FWC32BE_1
+ }
+ }
+ source {
+ address 3.65.3.75
+ }
+ }
+ rule 3447 {
+ action accept
+ description FWC32BE_1-TCP-ALLOW-217.155.2.52
+ destination {
+ group {
+ address-group DT_FWC32BE_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 217.155.2.52
+ }
+ }
+ rule 3448 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.214.243
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.214.243
+ }
+ }
+ rule 3449 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.214.117
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000,3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.214.117
+ }
+ }
+ rule 3450 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.210.4
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.210.4
+ }
+ }
+ rule 3452 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.210.177
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.210.177
+ }
+ }
+ rule 3454 {
+ action accept
+ description FWD498E_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWD498E_1
+ }
+ port 44158
+ }
+ protocol tcp
+ }
+ rule 3455 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.212.147
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.212.147
+ }
+ }
+ rule 8500 {
+ action drop
+ description "Deny traffic to any private address"
+ destination {
+ group {
+ network-group RFC1918
+ }
+ }
+ source {
+ group {
+ address-group CLUSTER_ADDRESSES
+ }
+ }
+ }
+ rule 8510 {
+ action accept
+ description "Default allow rule"
+ destination {
+ group {
+ address-group !CLUSTER_ADDRESSES
+ }
+ }
+ source {
+ group {
+ address-group CLUSTER_ADDRESSES
+ }
+ }
+ }
+ }
+ name LOCAL-LAN {
+ default-action drop
+ rule 2 {
+ action accept
+ destination {
+ address 10.255.255.1
+ }
+ protocol icmp
+ source {
+ group {
+ address-group CLUSTER_ADDRESSES
+ }
+ }
+ }
+ rule 4 {
+ action accept
+ destination {
+ group {
+ address-group LAN_ADDRESSES
+ }
+ }
+ source {
+ group {
+ address-group LAN_ADDRESSES
+ }
+ }
+ }
+ rule 10 {
+ action accept
+ description "Multicast para VRRP"
+ destination {
+ address 224.0.0.18
+ }
+ source {
+ group {
+ address-group LAN_ADDRESSES
+ }
+ }
+ }
+ }
+ name LOCAL-SYNC {
+ default-action drop
+ rule 5 {
+ action accept
+ description "Permitir trafico sync entre nodos"
+ destination {
+ address 10.4.51.132/30
+ }
+ source {
+ address 10.4.51.132/30
+ }
+ }
+ }
+ name LOCAL-WAN {
+ default-action drop
+ description "External connections from VLAN2701 to this system"
+ rule 10 {
+ action accept
+ description "Allow intra-vlan connections"
+ destination {
+ address 109.228.63.128/25
+ }
+ source {
+ address 109.228.63.128/25
+ }
+ }
+ rule 20 {
+ action accept
+ description "Allow Arsys desktops to contact this system"
+ source {
+ group {
+ address-group MANAGEMENT_ADDRESSES
+ }
+ }
+ }
+ }
+ name WAN-INBOUND {
+ default-action drop
+ rule 10 {
+ action accept
+ description "Management from HN-ES"
+ source {
+ group {
+ address-group MANAGEMENT_ADDRESSES
+ }
+ }
+ }
+ rule 20 {
+ action accept
+ description "Connections from Load Balancer to Frontends - TCP Proxy"
+ destination {
+ group {
+ address-group CLUSTER_ADDRESSES
+ }
+ }
+ source {
+ group {
+ address-group NLB_ADDRESSES
+ }
+ }
+ }
+ rule 30 {
+ action accept
+ description "Allow external probes"
+ destination {
+ group {
+ address-group NAGIOS_PROBES
+ }
+ }
+ protocol icmp
+ }
+ rule 40 {
+ action accept
+ description "Allow Centreon servers traffic to VMs"
+ destination {
+ group {
+ address-group CLUSTER_ADDRESSES
+ }
+ }
+ source {
+ group {
+ address-group CENTREON_SERVERS
+ }
+ }
+ }
+ rule 50 {
+ action accept
+ description "Allow CMK to check dnscache servers - TCP"
+ destination {
+ group {
+ address-group DNSCACHE_SERVERS
+ }
+ port 22,53,6556
+ }
+ protocol tcp
+ source {
+ group {
+ address-group CMK_SATELLITES
+ }
+ }
+ }
+ rule 65 {
+ action accept
+ description "Allow CMK to check dnscache servers - UDP"
+ destination {
+ group {
+ address-group DNSCACHE_SERVERS
+ }
+ port 53
+ }
+ protocol udp
+ source {
+ group {
+ address-group CMK_SATELLITES
+ }
+ }
+ }
+ rule 70 {
+ action accept
+ description "Allow CMK to check dnscache servers - ICMP"
+ destination {
+ group {
+ address-group DNSCACHE_SERVERS
+ }
+ }
+ protocol icmp
+ source {
+ group {
+ address-group CMK_SATELLITES
+ }
+ }
+ }
+ rule 80 {
+ action accept
+ description "Allow CMK to check monitoring sensors - TCP"
+ destination {
+ group {
+ address-group NAGIOS_PROBES
+ }
+ port 6556
+ }
+ protocol tcp
+ source {
+ group {
+ address-group CMK_SATELLITES
+ }
+ }
+ }
+ rule 90 {
+ action accept
+ description "Allow CMK to check monitoring sensors - ICMP"
+ destination {
+ group {
+ address-group NAGIOS_PROBES
+ }
+ }
+ protocol icmp
+ source {
+ group {
+ address-group CMK_SATELLITES
+ }
+ }
+ }
+ rule 2000 {
+ action accept
+ description "TOP port - SSH"
+ destination {
+ group {
+ address-group G-22-TCP
+ }
+ port ssh
+ }
+ protocol tcp
+ }
+ rule 2001 {
+ action accept
+ description "TOP port - RDESKTOP"
+ destination {
+ group {
+ address-group G-3389-TCP
+ }
+ port 3389
+ }
+ protocol tcp
+ }
+ rule 2002 {
+ action accept
+ description "TOP port - HTTP"
+ destination {
+ group {
+ address-group G-80-TCP
+ }
+ port http
+ }
+ protocol tcp
+ }
+ rule 2003 {
+ action accept
+ description "TOP port - HTTPS"
+ destination {
+ group {
+ address-group G-443-TCP
+ }
+ port https
+ }
+ protocol tcp
+ }
+ rule 2004 {
+ action accept
+ description "TOP port - DOMAIN TCP"
+ destination {
+ group {
+ address-group G-53-TCP
+ }
+ port domain
+ }
+ protocol tcp
+ }
+ rule 2005 {
+ action accept
+ description "TOP port - DOMAIN UDP"
+ destination {
+ group {
+ address-group G-53-UDP
+ }
+ port domain
+ }
+ protocol udp
+ }
+ rule 2006 {
+ action accept
+ description "TOP port - SMTP"
+ destination {
+ group {
+ address-group G-25-TCP
+ }
+ port smtp
+ }
+ protocol tcp
+ }
+ rule 2007 {
+ action accept
+ description "TOP port - IMAP"
+ destination {
+ group {
+ address-group G-143-TCP
+ }
+ port imap2
+ }
+ protocol tcp
+ }
+ rule 2008 {
+ action accept
+ description "TOP port - POP3"
+ destination {
+ group {
+ address-group G-110-TCP
+ }
+ port pop3
+ }
+ protocol tcp
+ }
+ rule 2009 {
+ action accept
+ description "TOP port - MSSQL TCP"
+ destination {
+ group {
+ address-group G-1433-TCP
+ }
+ port ms-sql-s
+ }
+ protocol tcp
+ }
+ rule 2010 {
+ action accept
+ description "TOP port - MYSQL TCP"
+ destination {
+ group {
+ address-group G-3306-TCP
+ }
+ port mysql
+ }
+ protocol tcp
+ }
+ rule 2011 {
+ action accept
+ description "TOP port - FTPDATA"
+ destination {
+ group {
+ address-group G-20-TCP
+ }
+ port ftp-data
+ }
+ protocol tcp
+ }
+ rule 2012 {
+ action accept
+ description "TOP port - FTP"
+ destination {
+ group {
+ address-group G-21-TCP
+ }
+ port ftp
+ }
+ protocol tcp
+ }
+ rule 2013 {
+ action accept
+ description "TOP port - SSMTP"
+ destination {
+ group {
+ address-group G-465-TCP
+ }
+ port ssmtp
+ }
+ protocol tcp
+ }
+ rule 2014 {
+ action accept
+ description "TOP port - SMTPS"
+ destination {
+ group {
+ address-group G-587-TCP
+ }
+ port 587
+ }
+ protocol tcp
+ }
+ rule 2015 {
+ action accept
+ description "TOP port - IMAPS"
+ destination {
+ group {
+ address-group G-993-TCP
+ }
+ port imaps
+ }
+ protocol tcp
+ }
+ rule 2016 {
+ action accept
+ description "TOP port - POP3S"
+ destination {
+ group {
+ address-group G-995-TCP
+ }
+ port pop3s
+ }
+ protocol tcp
+ }
+ rule 2017 {
+ action accept
+ description "TOP port - TOMCAT"
+ destination {
+ group {
+ address-group G-8080-TCP
+ }
+ port 8080
+ }
+ protocol tcp
+ }
+ rule 2018 {
+ action accept
+ description "TOP port - Alternative HTTPS"
+ destination {
+ group {
+ address-group G-8443-TCP
+ }
+ port 8443
+ }
+ protocol tcp
+ }
+ rule 2019 {
+ action accept
+ description "TOP port - 10000/TCP"
+ destination {
+ group {
+ address-group G-10000-TCP
+ }
+ port 10000
+ }
+ protocol tcp
+ }
+ rule 2020 {
+ action accept
+ description "TOP port - 8447/TCP"
+ destination {
+ group {
+ address-group G-8447-TCP
+ }
+ port 8447
+ }
+ protocol tcp
+ }
+ rule 2040 {
+ action accept
+ description "TOP port - All ports open"
+ destination {
+ group {
+ address-group G-ALL_OPEN
+ }
+ }
+ }
+ rule 2050 {
+ action accept
+ description "ICMP group"
+ destination {
+ group {
+ address-group G-ICMP
+ }
+ }
+ protocol icmp
+ }
+ rule 2100 {
+ action accept
+ description FW2BB8D_1-TCP-ALLOW-104.192.143.2
+ destination {
+ group {
+ address-group DT_FW2BB8D_1
+ }
+ port 7999,22
+ }
+ protocol tcp
+ source {
+ address 104.192.143.2
+ }
+ }
+ rule 2101 {
+ action accept
+ description FW19987_4-TCP-ALLOW-77.68.74.54
+ destination {
+ group {
+ address-group DT_FW19987_4
+ }
+ port 443
+ }
+ protocol tcp
+ source {
+ address 77.68.74.54
+ }
+ }
+ rule 2102 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-109.72.210.46
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 109.72.210.46
+ }
+ }
+ rule 2103 {
+ action accept
+ description FW5A77C_16-TCP-ALLOW-213.171.217.107
+ destination {
+ group {
+ address-group DT_FW5A77C_16
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 213.171.217.107
+ }
+ }
+ rule 2104 {
+ action accept
+ description FW826BA_3-TCP-ALLOW-164.177.156.192
+ destination {
+ group {
+ address-group DT_FW826BA_3
+ }
+ port 3389,1433,21
+ }
+ protocol tcp
+ source {
+ address 164.177.156.192
+ }
+ }
+ rule 2105 {
+ action accept
+ description FWDAA4F_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWDAA4F_1
+ }
+ port 22335
+ }
+ protocol tcp
+ }
+ rule 2106 {
+ action accept
+ description FW6D0CD_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW6D0CD_1
+ }
+ port 6900,7000
+ }
+ protocol tcp
+ }
+ rule 2107 {
+ action accept
+ description FW6D0CD_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW6D0CD_1
+ }
+ port 9001
+ }
+ protocol tcp_udp
+ }
+ rule 2108 {
+ action accept
+ description FW06176_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW06176_1
+ }
+ port 5900
+ }
+ protocol tcp
+ }
+ rule 2109 {
+ action accept
+ description FW19987_4-TCP-ALLOW-77.68.77.70
+ destination {
+ group {
+ address-group DT_FW19987_4
+ }
+ port 443
+ }
+ protocol tcp
+ source {
+ address 77.68.77.70
+ }
+ }
+ rule 2110 {
+ action accept
+ description FWF7B68_1-TCP-ALLOW-54.221.251.224
+ destination {
+ group {
+ address-group DT_FWF7B68_1
+ }
+ port 8443,3306,22,21,20
+ }
+ protocol tcp
+ source {
+ address 54.221.251.224
+ }
+ }
+ rule 2111 {
+ action accept
+ description FW05AD0_2-TCP-ALLOW-178.251.181.41
+ destination {
+ group {
+ address-group DT_FW05AD0_2
+ }
+ port 3389,1433,21
+ }
+ protocol tcp
+ source {
+ address 178.251.181.41
+ }
+ }
+ rule 2112 {
+ action accept
+ description FW05AD0_2-TCP-ALLOW-178.251.181.6
+ destination {
+ group {
+ address-group DT_FW05AD0_2
+ }
+ port 3389,1433,21
+ }
+ protocol tcp
+ source {
+ address 178.251.181.6
+ }
+ }
+ rule 2113 {
+ action accept
+ description VPN-7030-ANY-ALLOW-10.4.58.119
+ destination {
+ group {
+ address-group DT_VPN-7030
+ }
+ }
+ source {
+ address 10.4.58.119
+ }
+ }
+ rule 2114 {
+ action accept
+ description FW58C69_4-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW58C69_4
+ }
+ port 5666
+ }
+ protocol tcp
+ }
+ rule 2115 {
+ action accept
+ description FW2BB8D_1-TCP-ALLOW-185.201.180.35
+ destination {
+ group {
+ address-group DT_FW2BB8D_1
+ }
+ port 27017,5000,22
+ }
+ protocol tcp
+ source {
+ address 185.201.180.35
+ }
+ }
+ rule 2116 {
+ action accept
+ description FW19987_4-TCP-ALLOW-77.68.8.74
+ destination {
+ group {
+ address-group DT_FW19987_4
+ }
+ port 3389,445,443
+ }
+ protocol tcp
+ source {
+ address 77.68.8.74
+ }
+ }
+ rule 2117 {
+ action accept
+ description FW19987_4-TCP-ALLOW-87.224.33.215
+ destination {
+ group {
+ address-group DT_FW19987_4
+ }
+ port 3389,445,443
+ }
+ protocol tcp
+ source {
+ address 87.224.33.215
+ }
+ }
+ rule 2118 {
+ action accept
+ description FW5658C_1-TCP-ALLOW-212.159.160.65
+ destination {
+ group {
+ address-group DT_FW5658C_1
+ }
+ port 8443,3389,3306,22,21
+ }
+ protocol tcp
+ source {
+ address 212.159.160.65
+ }
+ }
+ rule 2119 {
+ action accept
+ description FW5658C_1-TCP-ALLOW-79.78.20.149
+ destination {
+ group {
+ address-group DT_FW5658C_1
+ }
+ port 8447,8443,3389,3306,993,143,22,21
+ }
+ protocol tcp
+ source {
+ address 79.78.20.149
+ }
+ }
+ rule 2120 {
+ action accept
+ description FW5658C_1-TCP-ALLOW-77.68.77.185
+ destination {
+ group {
+ address-group DT_FW5658C_1
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 77.68.77.185
+ }
+ }
+ rule 2121 {
+ action accept
+ description FW5658C_1-TCP-ALLOW-82.165.232.19
+ destination {
+ group {
+ address-group DT_FW5658C_1
+ }
+ port 8443,3389
+ }
+ protocol tcp
+ source {
+ address 82.165.232.19
+ }
+ }
+ rule 2122 {
+ action accept
+ description FW2C5AE_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW2C5AE_1
+ }
+ port 30303,5717
+ }
+ protocol tcp_udp
+ }
+ rule 2123 {
+ action accept
+ description VPN-12899-ANY-ALLOW-10.4.58.207
+ destination {
+ group {
+ address-group DT_VPN-12899
+ }
+ }
+ source {
+ address 10.4.58.207
+ }
+ }
+ rule 2124 {
+ action accept
+ description FW7648D_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW7648D_1
+ }
+ port 8501,8050,7801,4444,1443
+ }
+ protocol tcp
+ }
+ rule 2125 {
+ action accept
+ description FW0C2E6_4-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW0C2E6_4
+ }
+ port 1194
+ }
+ protocol udp
+ }
+ rule 2126 {
+ action accept
+ description FW5658C_1-TCP-ALLOW-39.37.175.132
+ destination {
+ group {
+ address-group DT_FW5658C_1
+ }
+ port 8443
+ }
+ protocol tcp
+ source {
+ address 39.37.175.132
+ }
+ }
+ rule 2127 {
+ action accept
+ description FW826BA_3-TCP-ALLOW-165.255.242.223
+ destination {
+ group {
+ address-group DT_FW826BA_3
+ }
+ port 3389,1433,21
+ }
+ protocol tcp
+ source {
+ address 165.255.242.223
+ }
+ }
+ rule 2128 {
+ action accept
+ description VPN-10131-ANY-ALLOW-10.4.56.51
+ destination {
+ group {
+ address-group DT_VPN-10131
+ }
+ }
+ source {
+ address 10.4.56.51
+ }
+ }
+ rule 2129 {
+ action accept
+ description FW2BB8D_1-TCP-ALLOW-212.227.84.142
+ destination {
+ group {
+ address-group DT_FW2BB8D_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 212.227.84.142
+ }
+ }
+ rule 2130 {
+ action accept
+ description FW2BB8D_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW2BB8D_1
+ }
+ port 53
+ }
+ protocol tcp_udp
+ }
+ rule 2131 {
+ action accept
+ description FWFDD94_15-TCP-ALLOW-90.29.180.234
+ destination {
+ group {
+ address-group DT_FWFDD94_15
+ }
+ port 5683,1883
+ }
+ protocol tcp
+ source {
+ address 90.29.180.234
+ }
+ }
+ rule 2132 {
+ action accept
+ description VPN-10131-ANY-ALLOW-10.4.57.51
+ destination {
+ group {
+ address-group DT_VPN-10131
+ }
+ }
+ source {
+ address 10.4.57.51
+ }
+ }
+ rule 2133 {
+ action accept
+ description FW2BB8D_1-TCP-ALLOW-109.228.49.193
+ destination {
+ group {
+ address-group DT_FW2BB8D_1
+ }
+ port 5000
+ }
+ protocol tcp
+ source {
+ address 109.228.49.193
+ }
+ }
+ rule 2134 {
+ action accept
+ description FW81138_1-ICMP-ALLOW-3.10.221.168
+ destination {
+ group {
+ address-group DT_FW81138_1
+ }
+ }
+ protocol icmp
+ source {
+ address 3.10.221.168
+ }
+ }
+ rule 2135 {
+ action accept
+ description FWB28B6_5-AH-ALLOW-77.68.36.46
+ destination {
+ group {
+ address-group DT_FWB28B6_5
+ }
+ }
+ protocol ah
+ source {
+ address 77.68.36.46
+ }
+ }
+ rule 2136 {
+ action accept
+ description FWB28B6_5-ESP-ALLOW-77.68.36.46
+ destination {
+ group {
+ address-group DT_FWB28B6_5
+ }
+ }
+ protocol esp
+ source {
+ address 77.68.36.46
+ }
+ }
+ rule 2137 {
+ action accept
+ description FW825C8_24-TCP-ALLOW-77.68.87.201
+ destination {
+ group {
+ address-group DT_FW825C8_24
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 77.68.87.201
+ }
+ }
+ rule 2138 {
+ action accept
+ description FWB28B6_5-AH-ALLOW-213.171.196.146
+ destination {
+ group {
+ address-group DT_FWB28B6_5
+ }
+ }
+ protocol ah
+ source {
+ address 213.171.196.146
+ }
+ }
+ rule 2139 {
+ action accept
+ description FWB28B6_5-ESP-ALLOW-213.171.196.146
+ destination {
+ group {
+ address-group DT_FWB28B6_5
+ }
+ }
+ protocol esp
+ source {
+ address 213.171.196.146
+ }
+ }
+ rule 2140 {
+ action accept
+ description FWB28B6_5-UDP-ALLOW-213.171.196.146
+ destination {
+ group {
+ address-group DT_FWB28B6_5
+ }
+ port 500,4500
+ }
+ protocol udp
+ source {
+ address 213.171.196.146
+ }
+ }
+ rule 2141 {
+ action accept
+ description FWB28B6_5-TCP_UDP-ALLOW-213.171.196.146
+ destination {
+ group {
+ address-group DT_FWB28B6_5
+ }
+ port 1701
+ }
+ protocol tcp_udp
+ source {
+ address 213.171.196.146
+ }
+ }
+ rule 2142 {
+ action accept
+ description FWB28B6_5-TCP_UDP-ALLOW-77.68.36.46
+ destination {
+ group {
+ address-group DT_FWB28B6_5
+ }
+ port 1701
+ }
+ protocol tcp_udp
+ source {
+ address 77.68.36.46
+ }
+ }
+ rule 2143 {
+ action accept
+ description FWB28B6_5-UDP-ALLOW-77.68.36.46
+ destination {
+ group {
+ address-group DT_FWB28B6_5
+ }
+ port 500,4500
+ }
+ protocol udp
+ source {
+ address 77.68.36.46
+ }
+ }
+ rule 2144 {
+ action accept
+ description VPN-12899-ANY-ALLOW-10.4.59.207
+ destination {
+ group {
+ address-group DT_VPN-12899
+ }
+ }
+ source {
+ address 10.4.59.207
+ }
+ }
+ rule 2145 {
+ action accept
+ description FWB28B6_5-TCP-ALLOW-81.130.141.175
+ destination {
+ group {
+ address-group DT_FWB28B6_5
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 81.130.141.175
+ }
+ }
+ rule 2146 {
+ action accept
+ description FWB28B6_5-UDP-ALLOW-77.68.38.195
+ destination {
+ group {
+ address-group DT_FWB28B6_5
+ }
+ port 4500,500
+ }
+ protocol udp
+ source {
+ address 77.68.38.195
+ }
+ }
+ rule 2147 {
+ action accept
+ description FWB28B6_5-AH-ALLOW-77.68.38.195
+ destination {
+ group {
+ address-group DT_FWB28B6_5
+ }
+ }
+ protocol ah
+ source {
+ address 77.68.38.195
+ }
+ }
+ rule 2148 {
+ action accept
+ description FWB28B6_5-ESP-ALLOW-77.68.38.195
+ destination {
+ group {
+ address-group DT_FWB28B6_5
+ }
+ }
+ protocol esp
+ source {
+ address 77.68.38.195
+ }
+ }
+ rule 2149 {
+ action accept
+ description FWB28B6_5-TCP_UDP-ALLOW-77.68.38.195
+ destination {
+ group {
+ address-group DT_FWB28B6_5
+ }
+ port 1701
+ }
+ protocol tcp_udp
+ source {
+ address 77.68.38.195
+ }
+ }
+ rule 2150 {
+ action accept
+ description FW5658C_1-TCP-ALLOW-39.37.178.77
+ destination {
+ group {
+ address-group DT_FW5658C_1
+ }
+ port 8443
+ }
+ protocol tcp
+ source {
+ address 39.37.178.77
+ }
+ }
+ rule 2151 {
+ action accept
+ description FW5A77C_16-TCP-ALLOW-51.241.139.56
+ destination {
+ group {
+ address-group DT_FW5A77C_16
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 51.241.139.56
+ }
+ }
+ rule 2152 {
+ action accept
+ description FWA86ED_101-TCP-ALLOW-150.143.57.138
+ destination {
+ group {
+ address-group DT_FWA86ED_101
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 150.143.57.138
+ }
+ }
+ rule 2153 {
+ action accept
+ description FW6ECA4_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW6ECA4_1
+ }
+ port 3939,3335,3334,3333,3000,999,444
+ }
+ protocol tcp_udp
+ }
+ rule 2154 {
+ action accept
+ description FW5658C_1-TCP-ALLOW-39.45.13.20
+ destination {
+ group {
+ address-group DT_FW5658C_1
+ }
+ port 8443
+ }
+ protocol tcp
+ source {
+ address 39.45.13.20
+ }
+ }
+ rule 2155 {
+ action accept
+ description FW481D7_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW481D7_1
+ }
+ port 3478
+ }
+ protocol tcp_udp
+ }
+ rule 2156 {
+ action accept
+ description FW5A5D7_3-GRE-ALLOW-51.219.222.28
+ destination {
+ group {
+ address-group DT_FW5A5D7_3
+ }
+ }
+ protocol gre
+ source {
+ address 51.219.222.28
+ }
+ }
+ rule 2157 {
+ action accept
+ description FWA86ED_101-TCP-ALLOW-94.195.127.217
+ destination {
+ group {
+ address-group DT_FWA86ED_101
+ }
+ port 3389,443
+ }
+ protocol tcp
+ source {
+ address 94.195.127.217
+ }
+ }
+ rule 2158 {
+ action accept
+ description FW2E060_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW2E060_1
+ }
+ port 49152-65535,8443-8447
+ }
+ protocol tcp
+ }
+ rule 2159 {
+ action accept
+ description FWFDD94_15-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWFDD94_15
+ }
+ port 9090,5080,1935
+ }
+ protocol tcp
+ }
+ rule 2160 {
+ action accept
+ description FW5658C_1-TCP-ALLOW-39.45.190.224
+ destination {
+ group {
+ address-group DT_FW5658C_1
+ }
+ port 8443
+ }
+ protocol tcp
+ source {
+ address 39.45.190.224
+ }
+ }
+ rule 2161 {
+ action accept
+ description FW9E550_1-TCP-ALLOW-109.249.187.56
+ destination {
+ group {
+ address-group DT_FW9E550_1
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 109.249.187.56
+ }
+ }
+ rule 2162 {
+ action accept
+ description FW89619_1-TCP-ALLOW-81.133.80.114
+ destination {
+ group {
+ address-group DT_FW89619_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 81.133.80.114
+ }
+ }
+ rule 2163 {
+ action accept
+ description FW8A3FC_3-TCP-ALLOW-212.227.72.218
+ destination {
+ group {
+ address-group DT_FW8A3FC_3
+ }
+ port 465
+ }
+ protocol tcp
+ source {
+ address 212.227.72.218
+ }
+ }
+ rule 2164 {
+ action accept
+ description FW0E383_9-TCP-ALLOW-151.229.59.51
+ destination {
+ group {
+ address-group DT_FW0E383_9
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 151.229.59.51
+ }
+ }
+ rule 2165 {
+ action accept
+ description FW8AFF1_7-TCP-ALLOW-178.251.181.41
+ destination {
+ group {
+ address-group DT_FW8AFF1_7
+ }
+ port 1433,21
+ }
+ protocol tcp
+ source {
+ address 178.251.181.41
+ }
+ }
+ rule 2166 {
+ action accept
+ description FW3CAAB_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW3CAAB_1
+ }
+ port 49152-65535,30000-30400,8443-8447,5432,80-110,21-25
+ }
+ protocol tcp
+ }
+ rule 2167 {
+ action accept
+ description FW91B7A_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW91B7A_1
+ }
+ port 3389,80
+ }
+ protocol tcp_udp
+ }
+ rule 2168 {
+ action accept
+ description FW40416_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW40416_1
+ }
+ port 1-65535
+ }
+ protocol tcp
+ }
+ rule 2169 {
+ action accept
+ description FW5A77C_16-TCP-ALLOW-81.151.24.216
+ destination {
+ group {
+ address-group DT_FW5A77C_16
+ }
+ port 10000,22
+ }
+ protocol tcp
+ source {
+ address 81.151.24.216
+ }
+ }
+ rule 2170 {
+ action accept
+ description VPN-7030-ANY-ALLOW-10.4.59.119
+ destination {
+ group {
+ address-group DT_VPN-7030
+ }
+ }
+ source {
+ address 10.4.59.119
+ }
+ }
+ rule 2171 {
+ action accept
+ description FW0E383_9-TCP-ALLOW-62.252.94.138
+ destination {
+ group {
+ address-group DT_FW0E383_9
+ }
+ port 3389,1433
+ }
+ protocol tcp
+ source {
+ address 62.252.94.138
+ }
+ }
+ rule 2172 {
+ action accept
+ description FW89619_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW89619_1
+ }
+ port 5015,5001,5000
+ }
+ protocol tcp
+ }
+ rule 2173 {
+ action accept
+ description FW89619_1-TCP_UDP-ALLOW-167.98.162.142
+ destination {
+ group {
+ address-group DT_FW89619_1
+ }
+ port 5060
+ }
+ protocol tcp_udp
+ source {
+ address 167.98.162.142
+ }
+ }
+ rule 2174 {
+ action accept
+ description FW013EF_2-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW013EF_2
+ }
+ port 44445,7770-7800,5090,5060-5070,5015,5001,2000-2500
+ }
+ protocol tcp
+ }
+ rule 2175 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.214.12
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.214.12
+ }
+ }
+ rule 2176 {
+ action accept
+ description VPN-15625-ANY-ALLOW-10.4.88.79
+ destination {
+ group {
+ address-group DT_VPN-15625
+ }
+ }
+ source {
+ address 10.4.88.79
+ }
+ }
+ rule 2177 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-109.228.53.128
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306,22
+ }
+ protocol tcp
+ source {
+ address 109.228.53.128
+ }
+ }
+ rule 2178 {
+ action accept
+ description FW8AFF1_7-TCP-ALLOW-178.251.181.6
+ destination {
+ group {
+ address-group DT_FW8AFF1_7
+ }
+ port 3389,1433,21
+ }
+ protocol tcp
+ source {
+ address 178.251.181.6
+ }
+ }
+ rule 2179 {
+ action accept
+ description FW578BE_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW578BE_1
+ }
+ port 23,1521,1522
+ }
+ protocol tcp
+ }
+ rule 2180 {
+ action accept
+ description FWE012D_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWE012D_1
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 2181 {
+ action accept
+ description FW8AFF1_7-TCP-ALLOW-213.171.209.161
+ destination {
+ group {
+ address-group DT_FW8AFF1_7
+ }
+ port 3389,1433,21
+ }
+ protocol tcp
+ source {
+ address 213.171.209.161
+ }
+ }
+ rule 2182 {
+ action accept
+ description VPN-8203-ANY-ALLOW-10.4.58.109
+ destination {
+ group {
+ address-group DT_VPN-8203
+ }
+ }
+ source {
+ address 10.4.58.109
+ }
+ }
+ rule 2183 {
+ action accept
+ description VPN-9415-ANY-ALLOW-10.4.58.168
+ destination {
+ group {
+ address-group DT_VPN-9415
+ }
+ }
+ source {
+ address 10.4.58.168
+ }
+ }
+ rule 2184 {
+ action accept
+ description VPN-9415-ANY-ALLOW-10.4.59.168
+ destination {
+ group {
+ address-group DT_VPN-9415
+ }
+ }
+ source {
+ address 10.4.59.168
+ }
+ }
+ rule 2185 {
+ action accept
+ description FW27A8F_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW27A8F_1
+ }
+ port 9990,8458,8090,6543,5432
+ }
+ protocol tcp
+ }
+ rule 2186 {
+ action accept
+ description FW2BB8D_1-TCP-ALLOW-77.68.11.224
+ destination {
+ group {
+ address-group DT_FW2BB8D_1
+ }
+ port 5000
+ }
+ protocol tcp
+ source {
+ address 77.68.11.224
+ }
+ }
+ rule 2187 {
+ action accept
+ description VPN-15625-ANY-ALLOW-10.4.89.79
+ destination {
+ group {
+ address-group DT_VPN-15625
+ }
+ }
+ source {
+ address 10.4.89.79
+ }
+ }
+ rule 2188 {
+ action accept
+ description VPN-14649-ANY-ALLOW-10.4.86.35
+ destination {
+ group {
+ address-group DT_VPN-14649
+ }
+ }
+ source {
+ address 10.4.86.35
+ }
+ }
+ rule 2189 {
+ action accept
+ description VPN-14649-ANY-ALLOW-10.4.87.35
+ destination {
+ group {
+ address-group DT_VPN-14649
+ }
+ }
+ source {
+ address 10.4.87.35
+ }
+ }
+ rule 2190 {
+ action accept
+ description VPN-14657-ANY-ALLOW-10.4.86.38
+ destination {
+ group {
+ address-group DT_VPN-14657
+ }
+ }
+ source {
+ address 10.4.86.38
+ }
+ }
+ rule 2191 {
+ action accept
+ description VPN-14657-ANY-ALLOW-10.4.87.38
+ destination {
+ group {
+ address-group DT_VPN-14657
+ }
+ }
+ source {
+ address 10.4.87.38
+ }
+ }
+ rule 2192 {
+ action accept
+ description VPN-14658-ANY-ALLOW-10.4.88.38
+ destination {
+ group {
+ address-group DT_VPN-14658
+ }
+ }
+ source {
+ address 10.4.88.38
+ }
+ }
+ rule 2193 {
+ action accept
+ description VPN-14658-ANY-ALLOW-10.4.89.38
+ destination {
+ group {
+ address-group DT_VPN-14658
+ }
+ }
+ source {
+ address 10.4.89.38
+ }
+ }
+ rule 2194 {
+ action accept
+ description FW0BB22_1-GRE-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW0BB22_1
+ }
+ }
+ protocol gre
+ }
+ rule 2195 {
+ action accept
+ description FW0BB22_1-ESP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW0BB22_1
+ }
+ }
+ protocol esp
+ }
+ rule 2196 {
+ action accept
+ description FW1CC15_2-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW1CC15_2
+ }
+ port 8089,8085,990,81
+ }
+ protocol tcp
+ }
+ rule 2197 {
+ action accept
+ description FW8AFF1_7-TCP-ALLOW-109.228.0.124
+ destination {
+ group {
+ address-group DT_FW8AFF1_7
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 109.228.0.124
+ }
+ }
+ rule 2198 {
+ action accept
+ description FW5A5D7_3-TCP-ALLOW-51.219.222.28
+ destination {
+ group {
+ address-group DT_FW5A5D7_3
+ }
+ port 8172,3389,1723,1701,47
+ }
+ protocol tcp
+ source {
+ address 51.219.222.28
+ }
+ }
+ rule 2199 {
+ action accept
+ description FW1CB16_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW1CB16_1
+ }
+ port 3306,27017,53
+ }
+ protocol tcp_udp
+ }
+ rule 2200 {
+ action accept
+ description FWE47DA_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWE47DA_1
+ }
+ port 7770-7800,44445
+ }
+ protocol tcp
+ }
+ rule 2201 {
+ action accept
+ description FW37E59_5-TCP-ALLOW-77.68.20.244
+ destination {
+ group {
+ address-group DT_FW37E59_5
+ }
+ port 30303
+ }
+ protocol tcp
+ source {
+ address 77.68.20.244
+ }
+ }
+ rule 2202 {
+ action accept
+ description FW274FD_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW274FD_1
+ }
+ port 49152-65534
+ }
+ protocol tcp
+ }
+ rule 2203 {
+ action accept
+ description FW6CD7E_2-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW6CD7E_2
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 2204 {
+ action accept
+ description FW826BA_3-TCP-ALLOW-178.17.252.59
+ destination {
+ group {
+ address-group DT_FW826BA_3
+ }
+ port 21
+ }
+ protocol tcp
+ source {
+ address 178.17.252.59
+ }
+ }
+ rule 2205 {
+ action accept
+ description FW89619_1-TCP_UDP-ALLOW-185.83.64.108
+ destination {
+ group {
+ address-group DT_FW89619_1
+ }
+ port 5060
+ }
+ protocol tcp_udp
+ source {
+ address 185.83.64.108
+ }
+ }
+ rule 2206 {
+ action accept
+ description FW0937A_1-TCP-ALLOW-83.135.134.13
+ destination {
+ group {
+ address-group DT_FW0937A_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 83.135.134.13
+ }
+ }
+ rule 2207 {
+ action accept
+ description FW2BB8D_1-TCP-ALLOW-77.68.112.64
+ destination {
+ group {
+ address-group DT_FW2BB8D_1
+ }
+ port 27017,5000
+ }
+ protocol tcp
+ source {
+ address 77.68.112.64
+ }
+ }
+ rule 2208 {
+ action accept
+ description FW6CD7E_2-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW6CD7E_2
+ }
+ port 53
+ }
+ protocol tcp_udp
+ }
+ rule 2209 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-194.73.17.47
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306,22
+ }
+ protocol tcp
+ source {
+ address 194.73.17.47
+ }
+ }
+ rule 2210 {
+ action accept
+ description FW0E383_9-TCP-ALLOW-77.68.115.33
+ destination {
+ group {
+ address-group DT_FW0E383_9
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 77.68.115.33
+ }
+ }
+ rule 2211 {
+ action accept
+ description FWA3EA3_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWA3EA3_1
+ }
+ port 943
+ }
+ protocol tcp
+ }
+ rule 2212 {
+ action accept
+ description FW6863A_4-TCP-ALLOW-82.165.100.25
+ destination {
+ group {
+ address-group DT_FW6863A_4
+ }
+ port 21-10000
+ }
+ protocol tcp
+ source {
+ address 82.165.100.25
+ }
+ }
+ rule 2213 {
+ action accept
+ description FWECBFB_14-TCP-ALLOW-109.228.59.50
+ destination {
+ group {
+ address-group DT_FWECBFB_14
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 109.228.59.50
+ }
+ }
+ rule 2214 {
+ action accept
+ description FW2F868_6-TCP-ALLOW-213.171.217.100
+ destination {
+ group {
+ address-group DT_FW2F868_6
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 213.171.217.100
+ }
+ }
+ rule 2215 {
+ action accept
+ description FWD7EAB_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWD7EAB_1
+ }
+ port 60000-60100
+ }
+ protocol tcp
+ }
+ rule 2216 {
+ action accept
+ description FWEB321_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWEB321_1
+ }
+ port 113,4190
+ }
+ protocol tcp
+ }
+ rule 2217 {
+ action accept
+ description FW9C682_3-TCP-ALLOW-195.206.180.132
+ destination {
+ group {
+ address-group DT_FW9C682_3
+ }
+ port 8443,22
+ }
+ protocol tcp
+ source {
+ address 195.206.180.132
+ }
+ }
+ rule 2218 {
+ action accept
+ description VPN-8159-ANY-ALLOW-10.4.58.91
+ destination {
+ group {
+ address-group DT_VPN-8159
+ }
+ }
+ source {
+ address 10.4.58.91
+ }
+ }
+ rule 2219 {
+ action accept
+ description VPN-21673-ANY-ALLOW-10.4.88.187
+ destination {
+ group {
+ address-group DT_VPN-21673
+ }
+ }
+ source {
+ address 10.4.88.187
+ }
+ }
+ rule 2220 {
+ action accept
+ description VPN-21673-ANY-ALLOW-10.4.89.187
+ destination {
+ group {
+ address-group DT_VPN-21673
+ }
+ }
+ source {
+ address 10.4.89.187
+ }
+ }
+ rule 2221 {
+ action accept
+ description VPN-21821-ANY-ALLOW-10.4.88.49
+ destination {
+ group {
+ address-group DT_VPN-21821
+ }
+ }
+ source {
+ address 10.4.88.49
+ }
+ }
+ rule 2222 {
+ action accept
+ description VPN-21821-ANY-ALLOW-10.4.89.49
+ destination {
+ group {
+ address-group DT_VPN-21821
+ }
+ }
+ source {
+ address 10.4.89.49
+ }
+ }
+ rule 2223 {
+ action accept
+ description FWECBFB_14-TCP-ALLOW-81.133.80.58
+ destination {
+ group {
+ address-group DT_FWECBFB_14
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 81.133.80.58
+ }
+ }
+ rule 2224 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.211.238
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.211.238
+ }
+ }
+ rule 2225 {
+ action accept
+ description FW826BA_3-TCP-ALLOW-185.212.168.51
+ destination {
+ group {
+ address-group DT_FW826BA_3
+ }
+ port 3389,1433,21
+ }
+ protocol tcp
+ source {
+ address 185.212.168.51
+ }
+ }
+ rule 2226 {
+ action accept
+ description FW8B21D_1-ANY-ALLOW-212.187.250.2
+ destination {
+ group {
+ address-group DT_FW8B21D_1
+ }
+ }
+ source {
+ address 212.187.250.2
+ }
+ }
+ rule 2227 {
+ action accept
+ description FW35F7B_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW35F7B_1
+ }
+ port 1434
+ }
+ protocol tcp_udp
+ }
+ rule 2228 {
+ action accept
+ description FWD338A_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWD338A_1
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 2229 {
+ action accept
+ description FW35F7B_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW35F7B_1
+ }
+ port 56791
+ }
+ protocol tcp
+ }
+ rule 2230 {
+ action accept
+ description FW0E383_9-TCP-ALLOW-77.68.77.114
+ destination {
+ group {
+ address-group DT_FW0E383_9
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 77.68.77.114
+ }
+ }
+ rule 2231 {
+ action accept
+ description FW90AE3_1-TCP-ALLOW-194.74.137.17
+ destination {
+ group {
+ address-group DT_FW90AE3_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 194.74.137.17
+ }
+ }
+ rule 2232 {
+ action accept
+ description FW52F6F_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW52F6F_1
+ }
+ port 53
+ }
+ protocol tcp_udp
+ }
+ rule 2233 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-77.68.23.109
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306,22
+ }
+ protocol tcp
+ source {
+ address 77.68.23.109
+ }
+ }
+ rule 2234 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.210.247
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.210.247
+ }
+ }
+ rule 2235 {
+ action accept
+ description FW4E314_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW4E314_1
+ }
+ port 53
+ }
+ protocol tcp_udp
+ }
+ rule 2236 {
+ action accept
+ description FW73573_2-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW73573_2
+ }
+ port 25
+ }
+ protocol tcp_udp
+ }
+ rule 2237 {
+ action accept
+ description FW0E383_9-TCP-ALLOW-77.68.93.89
+ destination {
+ group {
+ address-group DT_FW0E383_9
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 77.68.93.89
+ }
+ }
+ rule 2238 {
+ action accept
+ description FW856FA_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW856FA_1
+ }
+ port 6003
+ }
+ protocol tcp
+ }
+ rule 2239 {
+ action accept
+ description FWECBFB_14-TCP-ALLOW-81.19.214.155
+ destination {
+ group {
+ address-group DT_FWECBFB_14
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 81.19.214.155
+ }
+ }
+ rule 2240 {
+ action accept
+ description FW826BA_3-TCP-ALLOW-51.219.168.170
+ destination {
+ group {
+ address-group DT_FW826BA_3
+ }
+ port 3389,1433,21
+ }
+ protocol tcp
+ source {
+ address 51.219.168.170
+ }
+ }
+ rule 2241 {
+ action accept
+ description FW30D21_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW30D21_1
+ }
+ port 2083-2087,53,2812,2096,25,993,587
+ }
+ protocol tcp_udp
+ }
+ rule 2242 {
+ action accept
+ description FWA076E_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWA076E_1
+ }
+ port 2199,2197
+ }
+ protocol tcp
+ }
+ rule 2243 {
+ action accept
+ description FWA076E_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWA076E_1
+ }
+ port 8000-8010
+ }
+ protocol tcp_udp
+ }
+ rule 2244 {
+ action accept
+ description FW8A3FC_3-TCP-ALLOW-82.165.166.41
+ destination {
+ group {
+ address-group DT_FW8A3FC_3
+ }
+ port 8447,8443,443,80,22
+ }
+ protocol tcp
+ source {
+ address 82.165.166.41
+ }
+ }
+ rule 2245 {
+ action accept
+ description FW2F868_6-TCP-ALLOW-213.171.217.180
+ destination {
+ group {
+ address-group DT_FW2F868_6
+ }
+ port 22,80
+ }
+ protocol tcp
+ source {
+ address 213.171.217.180
+ }
+ }
+ rule 2246 {
+ action accept
+ description FW2F868_6-TCP-ALLOW-213.171.217.184
+ destination {
+ group {
+ address-group DT_FW2F868_6
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 213.171.217.184
+ }
+ }
+ rule 2247 {
+ action accept
+ description FW2F868_6-TCP-ALLOW-213.171.217.185
+ destination {
+ group {
+ address-group DT_FW2F868_6
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 213.171.217.185
+ }
+ }
+ rule 2248 {
+ action accept
+ description FW2F868_6-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW2F868_6
+ }
+ port 161
+ }
+ protocol udp
+ }
+ rule 2249 {
+ action accept
+ description FW2F868_6-TCP-ALLOW-213.171.217.102
+ destination {
+ group {
+ address-group DT_FW2F868_6
+ }
+ port 22,24
+ }
+ protocol tcp
+ source {
+ address 213.171.217.102
+ }
+ }
+ rule 2250 {
+ action accept
+ description FW9C682_3-TCP-ALLOW-80.194.78.162
+ destination {
+ group {
+ address-group DT_FW9C682_3
+ }
+ port 8443,22
+ }
+ protocol tcp
+ source {
+ address 80.194.78.162
+ }
+ }
+ rule 2251 {
+ action accept
+ description VPN-21822-ANY-ALLOW-10.4.54.47
+ destination {
+ group {
+ address-group DT_VPN-21822
+ }
+ }
+ source {
+ address 10.4.54.47
+ }
+ }
+ rule 2252 {
+ action accept
+ description FW825C8_19-TCP-ALLOW-77.68.75.244
+ destination {
+ group {
+ address-group DT_FW825C8_19
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 77.68.75.244
+ }
+ }
+ rule 2253 {
+ action accept
+ description FW2B279_4-TCP-ALLOW-195.147.173.92
+ destination {
+ group {
+ address-group DT_FW2B279_4
+ }
+ port 8443,22
+ }
+ protocol tcp
+ source {
+ address 195.147.173.92
+ }
+ }
+ rule 2254 {
+ action accept
+ description FW1D511_2-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW1D511_2
+ }
+ port 8090
+ }
+ protocol tcp
+ }
+ rule 2255 {
+ action accept
+ description FW8A3FC_3-TCP-ALLOW-85.17.25.47
+ destination {
+ group {
+ address-group DT_FW8A3FC_3
+ }
+ port 465
+ }
+ protocol tcp
+ source {
+ address 85.17.25.47
+ }
+ }
+ rule 2256 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-77.68.89.209
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306,22
+ }
+ protocol tcp
+ source {
+ address 77.68.89.209
+ }
+ }
+ rule 2257 {
+ action accept
+ description FWE2AB5_8-TCP-ALLOW-213.171.217.184
+ destination {
+ group {
+ address-group DT_FWE2AB5_8
+ }
+ port 7000
+ }
+ protocol tcp
+ source {
+ address 213.171.217.184
+ }
+ }
+ rule 2258 {
+ action accept
+ description FW0E383_9-TCP-ALLOW-77.68.94.177
+ destination {
+ group {
+ address-group DT_FW0E383_9
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 77.68.94.177
+ }
+ }
+ rule 2259 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-77.68.95.129
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306,22
+ }
+ protocol tcp
+ source {
+ address 77.68.95.129
+ }
+ }
+ rule 2260 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-109.104.118.136
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 109.104.118.136
+ }
+ }
+ rule 2261 {
+ action accept
+ description FW1FA9E_1-TCP-ALLOW-78.88.254.99
+ destination {
+ group {
+ address-group DT_FW1FA9E_1
+ }
+ port 9000,8200,5601,4444
+ }
+ protocol tcp
+ source {
+ address 78.88.254.99
+ }
+ }
+ rule 2262 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-175.157.46.27
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 175.157.46.27
+ }
+ }
+ rule 2263 {
+ action accept
+ description FWA7A50_1-TCP-ALLOW-81.110.192.198
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 81.110.192.198
+ }
+ }
+ rule 2264 {
+ action accept
+ description VPN-21822-ANY-ALLOW-10.4.55.47
+ destination {
+ group {
+ address-group DT_VPN-21822
+ }
+ }
+ source {
+ address 10.4.55.47
+ }
+ }
+ rule 2265 {
+ action accept
+ description FW2BB8D_1-TCP-ALLOW-77.68.31.195
+ destination {
+ group {
+ address-group DT_FW2BB8D_1
+ }
+ port 27017,5000
+ }
+ protocol tcp
+ source {
+ address 77.68.31.195
+ }
+ }
+ rule 2266 {
+ action accept
+ description FW45BEB_1-TCP-ALLOW-62.3.71.238
+ destination {
+ group {
+ address-group DT_FW45BEB_1
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 62.3.71.238
+ }
+ }
+ rule 2267 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.209.113
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.209.113
+ }
+ }
+ rule 2268 {
+ action accept
+ description VPN-23946-ANY-ALLOW-10.4.58.13
+ destination {
+ group {
+ address-group DT_VPN-23946
+ }
+ }
+ source {
+ address 10.4.58.13
+ }
+ }
+ rule 2269 {
+ action accept
+ description FW98818_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW98818_1
+ }
+ port 27015
+ }
+ protocol tcp
+ }
+ rule 2270 {
+ action accept
+ description VPN-23946-ANY-ALLOW-10.4.59.13
+ destination {
+ group {
+ address-group DT_VPN-23946
+ }
+ }
+ source {
+ address 10.4.59.13
+ }
+ }
+ rule 2271 {
+ action accept
+ description VPN-28031-ANY-ALLOW-10.4.88.197
+ destination {
+ group {
+ address-group DT_VPN-28031
+ }
+ }
+ source {
+ address 10.4.88.197
+ }
+ }
+ rule 2272 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-109.104.118.231
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 109.104.118.231
+ }
+ }
+ rule 2273 {
+ action accept
+ description FW5A5D7_3-TCP_UDP-ALLOW-51.219.222.28
+ destination {
+ group {
+ address-group DT_FW5A5D7_3
+ }
+ port 500
+ }
+ protocol tcp_udp
+ source {
+ address 51.219.222.28
+ }
+ }
+ rule 2274 {
+ action accept
+ description FW32EFF_25-TCP-ALLOW-185.106.220.231
+ destination {
+ group {
+ address-group DT_FW32EFF_25
+ }
+ port 443
+ }
+ protocol tcp
+ source {
+ address 185.106.220.231
+ }
+ }
+ rule 2275 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-109.104.118.66
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 109.104.118.66
+ }
+ }
+ rule 2276 {
+ action accept
+ description FW934AE_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW934AE_1
+ }
+ port 1194
+ }
+ protocol udp
+ }
+ rule 2277 {
+ action accept
+ description VPN-28031-ANY-ALLOW-10.4.89.197
+ destination {
+ group {
+ address-group DT_VPN-28031
+ }
+ }
+ source {
+ address 10.4.89.197
+ }
+ }
+ rule 2278 {
+ action accept
+ description FW6863A_4-TCP_UDP-ALLOW-82.165.166.41
+ destination {
+ group {
+ address-group DT_FW6863A_4
+ }
+ port 21-10000
+ }
+ protocol tcp_udp
+ source {
+ address 82.165.166.41
+ }
+ }
+ rule 2279 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-109.104.119.162
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 109.104.119.162
+ }
+ }
+ rule 2280 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-109.74.199.143
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 109.74.199.143
+ }
+ }
+ rule 2281 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-185.92.25.48
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 185.92.25.48
+ }
+ }
+ rule 2282 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-207.148.2.40
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 207.148.2.40
+ }
+ }
+ rule 2283 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-45.76.235.62
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 45.76.235.62
+ }
+ }
+ rule 2284 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-45.76.236.93
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 45.76.236.93
+ }
+ }
+ rule 2285 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-45.76.59.5
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 45.76.59.5
+ }
+ }
+ rule 2286 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-77.68.15.134
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 4444,3306
+ }
+ protocol tcp
+ source {
+ address 77.68.15.134
+ }
+ }
+ rule 2287 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-77.68.22.208
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 4444,3306
+ }
+ protocol tcp
+ source {
+ address 77.68.22.208
+ }
+ }
+ rule 2288 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-77.68.23.108
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 77.68.23.108
+ }
+ }
+ rule 2289 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-77.68.23.54
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 77.68.23.54
+ }
+ }
+ rule 2290 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-77.68.30.45
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 77.68.30.45
+ }
+ }
+ rule 2291 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-77.68.7.198
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 77.68.7.198
+ }
+ }
+ rule 2292 {
+ action accept
+ description VPN-29631-ANY-ALLOW-10.4.54.76
+ destination {
+ group {
+ address-group DT_VPN-29631
+ }
+ }
+ source {
+ address 10.4.54.76
+ }
+ }
+ rule 2293 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-77.68.89.200
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 4444,3306
+ }
+ protocol tcp
+ source {
+ address 77.68.89.200
+ }
+ }
+ rule 2294 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-77.68.91.50
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 77.68.91.50
+ }
+ }
+ rule 2295 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-82.165.206.230
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 82.165.206.230
+ }
+ }
+ rule 2296 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-82.165.207.109
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 4444,3306
+ }
+ protocol tcp
+ source {
+ address 82.165.207.109
+ }
+ }
+ rule 2297 {
+ action accept
+ description FW1F3D0_6-TCP-ALLOW-94.196.156.5
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 94.196.156.5
+ }
+ }
+ rule 2298 {
+ action accept
+ description FW1F3D0_6-TCP_UDP-ALLOW-77.68.15.134
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 4567-4568
+ }
+ protocol tcp_udp
+ source {
+ address 77.68.15.134
+ }
+ }
+ rule 2299 {
+ action accept
+ description FW1F3D0_6-TCP_UDP-ALLOW-77.68.22.208
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 4567-4568
+ }
+ protocol tcp_udp
+ source {
+ address 77.68.22.208
+ }
+ }
+ rule 2300 {
+ action accept
+ description FW1F3D0_6-TCP_UDP-ALLOW-77.68.23.109
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 4567-4568
+ }
+ protocol tcp_udp
+ source {
+ address 77.68.23.109
+ }
+ }
+ rule 2301 {
+ action accept
+ description FW1F3D0_6-TCP_UDP-ALLOW-77.68.89.200
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 4567-4568
+ }
+ protocol tcp_udp
+ source {
+ address 77.68.89.200
+ }
+ }
+ rule 2302 {
+ action accept
+ description FW05339_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW05339_1
+ }
+ port 8085,5055,5013,5005,444
+ }
+ protocol tcp
+ }
+ rule 2303 {
+ action accept
+ description FW32EFF_25-TCP-ALLOW-217.169.61.164
+ destination {
+ group {
+ address-group DT_FW32EFF_25
+ }
+ port 443
+ }
+ protocol tcp
+ source {
+ address 217.169.61.164
+ }
+ }
+ rule 2304 {
+ action accept
+ description FW89619_1-TCP_UDP-ALLOW-185.83.65.45
+ destination {
+ group {
+ address-group DT_FW89619_1
+ }
+ port 5060
+ }
+ protocol tcp_udp
+ source {
+ address 185.83.65.45
+ }
+ }
+ rule 2305 {
+ action accept
+ description VPN-13983-ANY-ALLOW-10.4.58.176
+ destination {
+ group {
+ address-group DT_VPN-13983
+ }
+ }
+ source {
+ address 10.4.58.176
+ }
+ }
+ rule 2306 {
+ action accept
+ description FWDAF47_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWDAF47_1
+ }
+ port 8090,7080,443,53
+ }
+ protocol tcp_udp
+ }
+ rule 2307 {
+ action accept
+ description VPN-29631-ANY-ALLOW-10.4.55.77
+ destination {
+ group {
+ address-group DT_VPN-29631
+ }
+ }
+ source {
+ address 10.4.55.77
+ }
+ }
+ rule 2308 {
+ action accept
+ description VPN-34309-ANY-ALLOW-10.4.58.142
+ destination {
+ group {
+ address-group DT_VPN-34309
+ }
+ }
+ source {
+ address 10.4.58.142
+ }
+ }
+ rule 2309 {
+ action accept
+ description FW27949_2-TCP-ALLOW-138.124.142.180
+ destination {
+ group {
+ address-group DT_FW27949_2
+ }
+ port 443,80
+ }
+ protocol tcp
+ source {
+ address 138.124.142.180
+ }
+ }
+ rule 2310 {
+ action accept
+ description FWF8F85_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWF8F85_1
+ }
+ port 3306
+ }
+ protocol tcp_udp
+ }
+ rule 2311 {
+ action accept
+ description FWDAF47_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWDAF47_1
+ }
+ port 40110-40210
+ }
+ protocol tcp
+ }
+ rule 2312 {
+ action accept
+ description VPN-34309-ANY-ALLOW-10.4.59.142
+ destination {
+ group {
+ address-group DT_VPN-34309
+ }
+ }
+ source {
+ address 10.4.59.142
+ }
+ }
+ rule 2313 {
+ action accept
+ description FWA0531_1-TCP-ALLOW-87.224.39.220
+ destination {
+ group {
+ address-group DT_FWA0531_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 87.224.39.220
+ }
+ }
+ rule 2314 {
+ action accept
+ description FW5A5D7_3-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW5A5D7_3
+ }
+ port 1334
+ }
+ protocol tcp
+ }
+ rule 2315 {
+ action accept
+ description FW8C927_1-TCP_UDP-ALLOW-84.92.125.78
+ destination {
+ group {
+ address-group DT_FW8C927_1
+ }
+ port 3306,22
+ }
+ protocol tcp_udp
+ source {
+ address 84.92.125.78
+ }
+ }
+ rule 2316 {
+ action accept
+ description FW8C927_1-TCP_UDP-ALLOW-88.208.238.152
+ destination {
+ group {
+ address-group DT_FW8C927_1
+ }
+ port 3306,22
+ }
+ protocol tcp_udp
+ source {
+ address 88.208.238.152
+ }
+ }
+ rule 2317 {
+ action accept
+ description FW81138_1-ICMP-ALLOW-82.165.232.19
+ destination {
+ group {
+ address-group DT_FW81138_1
+ }
+ }
+ protocol icmp
+ source {
+ address 82.165.232.19
+ }
+ }
+ rule 2318 {
+ action accept
+ description FW28892_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW28892_1
+ }
+ port 7000
+ }
+ protocol tcp
+ }
+ rule 2319 {
+ action accept
+ description FWC96A1_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWC96A1_1
+ }
+ port 222
+ }
+ protocol tcp
+ }
+ rule 2320 {
+ action accept
+ description VPN-13983-ANY-ALLOW-10.4.59.176
+ destination {
+ group {
+ address-group DT_VPN-13983
+ }
+ }
+ source {
+ address 10.4.59.176
+ }
+ }
+ rule 2321 {
+ action accept
+ description FW2FB61_1-TCP-ALLOW-5.183.104.15
+ destination {
+ group {
+ address-group DT_FW2FB61_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 5.183.104.15
+ }
+ }
+ rule 2322 {
+ action accept
+ description FW81138_1-ICMP-ALLOW-82.20.69.137
+ destination {
+ group {
+ address-group DT_FW81138_1
+ }
+ }
+ protocol icmp
+ source {
+ address 82.20.69.137
+ }
+ }
+ rule 2323 {
+ action accept
+ description FW72F37_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW72F37_1
+ }
+ port 7770-7800,44445
+ }
+ protocol tcp
+ }
+ rule 2324 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-81.111.155.34
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000,3389
+ }
+ protocol tcp_udp
+ source {
+ address 81.111.155.34
+ }
+ }
+ rule 2325 {
+ action accept
+ description VPN-20306-ANY-ALLOW-10.4.88.173
+ destination {
+ group {
+ address-group DT_VPN-20306
+ }
+ }
+ source {
+ address 10.4.88.173
+ }
+ }
+ rule 2326 {
+ action accept
+ description FW6C992_1-TCP-ALLOW-89.33.185.0_24
+ destination {
+ group {
+ address-group DT_FW6C992_1
+ }
+ port 8447,8443,22
+ }
+ protocol tcp
+ source {
+ address 89.33.185.0/24
+ }
+ }
+ rule 2327 {
+ action accept
+ description FW2FB61_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW2FB61_1
+ }
+ port 45000
+ }
+ protocol tcp
+ }
+ rule 2328 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-175.157.46.202
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 175.157.46.202
+ }
+ }
+ rule 2329 {
+ action accept
+ description FWF9C28_2-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWF9C28_2
+ }
+ port 7770-7800,44445
+ }
+ protocol tcp
+ }
+ rule 2330 {
+ action accept
+ description FW3DBF8_9-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW3DBF8_9
+ }
+ port 8088,8080,5090,5060,3478,1935
+ }
+ protocol tcp_udp
+ }
+ rule 2331 {
+ action accept
+ description FW3DBF8_9-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW3DBF8_9
+ }
+ port 5062,5061,5015,5001
+ }
+ protocol tcp
+ }
+ rule 2332 {
+ action accept
+ description VPN-16402-ANY-ALLOW-10.4.88.60
+ destination {
+ group {
+ address-group DT_VPN-16402
+ }
+ }
+ source {
+ address 10.4.88.60
+ }
+ }
+ rule 2333 {
+ action accept
+ description FWC1315_1-TCP-ALLOW-62.3.71.238
+ destination {
+ group {
+ address-group DT_FWC1315_1
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 62.3.71.238
+ }
+ }
+ rule 2334 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 8001,80
+ }
+ protocol tcp_udp
+ }
+ rule 2335 {
+ action accept
+ description FWAFF0A_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWAFF0A_1
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 2336 {
+ action accept
+ description FW2B279_4-TCP-ALLOW-195.20.253.19
+ destination {
+ group {
+ address-group DT_FW2B279_4
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 195.20.253.19
+ }
+ }
+ rule 2337 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.215.73
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.215.73
+ }
+ }
+ rule 2338 {
+ action accept
+ description VPN-16402-ANY-ALLOW-10.4.89.60
+ destination {
+ group {
+ address-group DT_VPN-16402
+ }
+ }
+ source {
+ address 10.4.89.60
+ }
+ }
+ rule 2339 {
+ action accept
+ description VPN-15951-ANY-ALLOW-10.4.86.90
+ destination {
+ group {
+ address-group DT_VPN-15951
+ }
+ }
+ source {
+ address 10.4.86.90
+ }
+ }
+ rule 2340 {
+ action accept
+ description FW2BB8D_1-TCP-ALLOW-77.68.77.181
+ destination {
+ group {
+ address-group DT_FW2BB8D_1
+ }
+ port 27017,5000
+ }
+ protocol tcp
+ source {
+ address 77.68.77.181
+ }
+ }
+ rule 2341 {
+ action accept
+ description FWE9F7D_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWE9F7D_1
+ }
+ port 4035
+ }
+ protocol tcp
+ }
+ rule 2342 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.208.131
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.208.131
+ }
+ }
+ rule 2343 {
+ action accept
+ description VPN-15951-ANY-ALLOW-10.4.87.90
+ destination {
+ group {
+ address-group DT_VPN-15951
+ }
+ }
+ source {
+ address 10.4.87.90
+ }
+ }
+ rule 2344 {
+ action accept
+ description FW2BB8D_1-TCP-ALLOW-77.68.93.190
+ destination {
+ group {
+ address-group DT_FW2BB8D_1
+ }
+ port 27017,5000
+ }
+ protocol tcp
+ source {
+ address 77.68.93.190
+ }
+ }
+ rule 2345 {
+ action accept
+ description VPN-8159-ANY-ALLOW-10.4.59.91
+ destination {
+ group {
+ address-group DT_VPN-8159
+ }
+ }
+ source {
+ address 10.4.59.91
+ }
+ }
+ rule 2346 {
+ action accept
+ description VPN-12870-ANY-ALLOW-10.4.54.67
+ destination {
+ group {
+ address-group DT_VPN-12870
+ }
+ }
+ source {
+ address 10.4.54.67
+ }
+ }
+ rule 2347 {
+ action accept
+ description FW930F3_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW930F3_1
+ }
+ port 53
+ }
+ protocol tcp_udp
+ }
+ rule 2348 {
+ action accept
+ description FW12C32_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW12C32_1
+ }
+ port 465,53,25
+ }
+ protocol tcp_udp
+ }
+ rule 2349 {
+ action accept
+ description FW28EC8_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW28EC8_1
+ }
+ port 20443
+ }
+ protocol tcp
+ }
+ rule 2350 {
+ action accept
+ description VPN-12870-ANY-ALLOW-10.4.55.68
+ destination {
+ group {
+ address-group DT_VPN-12870
+ }
+ }
+ source {
+ address 10.4.55.68
+ }
+ }
+ rule 2351 {
+ action accept
+ description FW934AE_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW934AE_1
+ }
+ port 32401,32400,8081
+ }
+ protocol tcp_udp
+ }
+ rule 2352 {
+ action accept
+ description FW6863A_4-TCP-ALLOW-185.173.161.154
+ destination {
+ group {
+ address-group DT_FW6863A_4
+ }
+ port 465
+ }
+ protocol tcp
+ source {
+ address 185.173.161.154
+ }
+ }
+ rule 2353 {
+ action accept
+ description FW013EF_2-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW013EF_2
+ }
+ port 10600-10998,9000-9398,5090,5060-5070
+ }
+ protocol udp
+ }
+ rule 2354 {
+ action accept
+ description FW85040_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW85040_1
+ }
+ port 3210
+ }
+ protocol tcp_udp
+ }
+ rule 2355 {
+ action accept
+ description FW8B21D_1-TCP_UDP-ALLOW-131.153.100.98
+ destination {
+ group {
+ address-group DT_FW8B21D_1
+ }
+ port 22
+ }
+ protocol tcp_udp
+ source {
+ address 131.153.100.98
+ }
+ }
+ rule 2356 {
+ action accept
+ description FW8B21D_1-TCP_UDP-ALLOW-213.133.99.176
+ destination {
+ group {
+ address-group DT_FW8B21D_1
+ }
+ port 22
+ }
+ protocol tcp_udp
+ source {
+ address 213.133.99.176
+ }
+ }
+ rule 2357 {
+ action accept
+ description FW6EFD7_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW6EFD7_1
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 2358 {
+ action accept
+ description FW8B21D_1-TCP_UDP-ALLOW-62.253.153.163
+ destination {
+ group {
+ address-group DT_FW8B21D_1
+ }
+ port 8443,22
+ }
+ protocol tcp_udp
+ source {
+ address 62.253.153.163
+ }
+ }
+ rule 2359 {
+ action accept
+ description FWCB0CF_7-TCP-ALLOW-212.159.153.201
+ destination {
+ group {
+ address-group DT_FWCB0CF_7
+ }
+ port 6443,5432-5434,5000-5100,3306-3308,990,989,22,21
+ }
+ protocol tcp
+ source {
+ address 212.159.153.201
+ }
+ }
+ rule 2360 {
+ action accept
+ description FW75CA4_6-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW75CA4_6
+ }
+ port 51472,3747,3420
+ }
+ protocol tcp
+ }
+ rule 2361 {
+ action accept
+ description FWF9C28_4-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWF9C28_4
+ }
+ port 23,7770-7800,44445,6109
+ }
+ protocol tcp
+ }
+ rule 2362 {
+ action accept
+ description FW6B39D_1-TCP-ALLOW-120.72.95.88_29
+ destination {
+ group {
+ address-group DT_FW6B39D_1
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 120.72.95.88/29
+ }
+ }
+ rule 2363 {
+ action accept
+ description FW934AE_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW934AE_1
+ }
+ port 20000
+ }
+ protocol tcp
+ }
+ rule 2364 {
+ action accept
+ description FW12C32_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW12C32_1
+ }
+ port 2323,953
+ }
+ protocol tcp
+ }
+ rule 2365 {
+ action accept
+ description FW49897_1-TCP-ALLOW-2.121.90.207
+ destination {
+ group {
+ address-group DT_FW49897_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 2.121.90.207
+ }
+ }
+ rule 2366 {
+ action accept
+ description FW6B39D_1-TCP-ALLOW-120.72.91.104_29
+ destination {
+ group {
+ address-group DT_FW6B39D_1
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 120.72.91.104/29
+ }
+ }
+ rule 2367 {
+ action accept
+ description FW4F5EE_10-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW4F5EE_10
+ }
+ port 83,86,82
+ }
+ protocol tcp
+ }
+ rule 2368 {
+ action accept
+ description FWF791C_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWF791C_1
+ }
+ port 6001
+ }
+ protocol tcp
+ }
+ rule 2369 {
+ action accept
+ description FWEF92E_5-ESP-ALLOW-109.228.37.19
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ }
+ protocol esp
+ source {
+ address 109.228.37.19
+ }
+ }
+ rule 2370 {
+ action accept
+ description FWE57AD_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWE57AD_1
+ }
+ port 57000-58000
+ }
+ protocol tcp
+ }
+ rule 2371 {
+ action accept
+ description FWC0CE0_1-TCP-ALLOW-62.232.209.221
+ destination {
+ group {
+ address-group DT_FWC0CE0_1
+ }
+ port 49152-65535,8447,8443,22,21
+ }
+ protocol tcp
+ source {
+ address 62.232.209.221
+ }
+ }
+ rule 2372 {
+ action accept
+ description FW0192C_1-TCP-ALLOW-41.140.242.86
+ destination {
+ group {
+ address-group DT_FW0192C_1
+ }
+ port 3306,22
+ }
+ protocol tcp
+ source {
+ address 41.140.242.86
+ }
+ }
+ rule 2373 {
+ action accept
+ description FWEEC75_1-TCP-ALLOW-54.171.71.110
+ destination {
+ group {
+ address-group DT_FWEEC75_1
+ }
+ port 21
+ }
+ protocol tcp
+ source {
+ address 54.171.71.110
+ }
+ }
+ rule 2374 {
+ action accept
+ description FW8B21D_1-TCP_UDP-ALLOW-95.149.182.69
+ destination {
+ group {
+ address-group DT_FW8B21D_1
+ }
+ port 22
+ }
+ protocol tcp_udp
+ source {
+ address 95.149.182.69
+ }
+ }
+ rule 2375 {
+ action accept
+ description FW8B21D_1-TCP-ALLOW-185.201.16.0_22
+ destination {
+ group {
+ address-group DT_FW8B21D_1
+ }
+ port 25
+ }
+ protocol tcp
+ source {
+ address 185.201.16.0/22
+ }
+ }
+ rule 2376 {
+ action accept
+ description FW8B21D_1-TCP-ALLOW-213.133.99.176
+ destination {
+ group {
+ address-group DT_FW8B21D_1
+ }
+ port 25
+ }
+ protocol tcp
+ source {
+ address 213.133.99.176
+ }
+ }
+ rule 2377 {
+ action accept
+ description FW8B21D_1-TCP-ALLOW-95.211.160.147
+ destination {
+ group {
+ address-group DT_FW8B21D_1
+ }
+ port 25
+ }
+ protocol tcp
+ source {
+ address 95.211.160.147
+ }
+ }
+ rule 2378 {
+ action accept
+ description FW6863A_4-TCP-ALLOW-212.227.9.72
+ destination {
+ group {
+ address-group DT_FW6863A_4
+ }
+ port 465
+ }
+ protocol tcp
+ source {
+ address 212.227.9.72
+ }
+ }
+ rule 2379 {
+ action accept
+ description FW8B21D_1-ESP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW8B21D_1
+ }
+ }
+ protocol esp
+ }
+ rule 2380 {
+ action accept
+ description FW8B21D_1-AH-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW8B21D_1
+ }
+ }
+ protocol ah
+ }
+ rule 2381 {
+ action accept
+ description FW8B21D_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW8B21D_1
+ }
+ port 8181,4500,1194,993,941,500,53
+ }
+ protocol tcp_udp
+ }
+ rule 2382 {
+ action accept
+ description FW6863A_4-TCP-ALLOW-85.17.25.47
+ destination {
+ group {
+ address-group DT_FW6863A_4
+ }
+ port 465
+ }
+ protocol tcp
+ source {
+ address 85.17.25.47
+ }
+ }
+ rule 2383 {
+ action accept
+ description FW6863A_4-TCP-ALLOW-91.232.105.39
+ destination {
+ group {
+ address-group DT_FW6863A_4
+ }
+ port 465
+ }
+ protocol tcp
+ source {
+ address 91.232.105.39
+ }
+ }
+ rule 2384 {
+ action accept
+ description FW6863A_4-TCP-ALLOW-93.190.142.120
+ destination {
+ group {
+ address-group DT_FW6863A_4
+ }
+ port 465
+ }
+ protocol tcp
+ source {
+ address 93.190.142.120
+ }
+ }
+ rule 2385 {
+ action accept
+ description FW6863A_4-TCP-ALLOW-95.168.171.130
+ destination {
+ group {
+ address-group DT_FW6863A_4
+ }
+ port 465
+ }
+ protocol tcp
+ source {
+ address 95.168.171.130
+ }
+ }
+ rule 2386 {
+ action accept
+ description FW6863A_4-TCP-ALLOW-95.168.171.157
+ destination {
+ group {
+ address-group DT_FW6863A_4
+ }
+ port 465
+ }
+ protocol tcp
+ source {
+ address 95.168.171.157
+ }
+ }
+ rule 2387 {
+ action accept
+ description FWD4A27_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWD4A27_1
+ }
+ port 32400
+ }
+ protocol tcp
+ }
+ rule 2388 {
+ action accept
+ description FW2ACFF_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW2ACFF_1
+ }
+ port 10299,60050-60055
+ }
+ protocol tcp_udp
+ }
+ rule 2389 {
+ action accept
+ description FWCB0CF_7-TCP-ALLOW-193.248.62.45
+ destination {
+ group {
+ address-group DT_FWCB0CF_7
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 193.248.62.45
+ }
+ }
+ rule 2390 {
+ action accept
+ description FWCB0CF_7-TCP-ALLOW-78.249.208.17
+ destination {
+ group {
+ address-group DT_FWCB0CF_7
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 78.249.208.17
+ }
+ }
+ rule 2391 {
+ action accept
+ description FWC8E8E_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWC8E8E_1
+ }
+ port 6000
+ }
+ protocol tcp_udp
+ }
+ rule 2392 {
+ action accept
+ description FW30D21_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW30D21_1
+ }
+ port 2476
+ }
+ protocol tcp
+ }
+ rule 2393 {
+ action accept
+ description FW0192C_1-TCP-ALLOW-41.140.242.94
+ destination {
+ group {
+ address-group DT_FW0192C_1
+ }
+ port 3306,22
+ }
+ protocol tcp
+ source {
+ address 41.140.242.94
+ }
+ }
+ rule 2394 {
+ action accept
+ description FW59F39_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW59F39_1
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 2395 {
+ action accept
+ description FWEF92E_7-ESP-ALLOW-77.68.77.57
+ destination {
+ group {
+ address-group DT_FWEF92E_7
+ }
+ }
+ protocol esp
+ source {
+ address 77.68.77.57
+ }
+ }
+ rule 2396 {
+ action accept
+ description FW826BA_3-TCP-ALLOW-51.219.47.177
+ destination {
+ group {
+ address-group DT_FW826BA_3
+ }
+ port 3389,21
+ }
+ protocol tcp
+ source {
+ address 51.219.47.177
+ }
+ }
+ rule 2397 {
+ action accept
+ description FW826BA_3-TCP-ALLOW-86.172.128.50
+ destination {
+ group {
+ address-group DT_FW826BA_3
+ }
+ port 1433,21
+ }
+ protocol tcp
+ source {
+ address 86.172.128.50
+ }
+ }
+ rule 2398 {
+ action accept
+ description FW826BA_3-TCP-ALLOW-88.105.1.20
+ destination {
+ group {
+ address-group DT_FW826BA_3
+ }
+ port 21
+ }
+ protocol tcp
+ source {
+ address 88.105.1.20
+ }
+ }
+ rule 2399 {
+ action accept
+ description FW6863A_4-TCP-ALLOW-95.211.243.198
+ destination {
+ group {
+ address-group DT_FW6863A_4
+ }
+ port 465
+ }
+ protocol tcp
+ source {
+ address 95.211.243.198
+ }
+ }
+ rule 2400 {
+ action accept
+ description FW25843_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW25843_1
+ }
+ port 9001,7070,5500,5488,5000,4500,4000,3500,3000,1883,1880
+ }
+ protocol tcp
+ }
+ rule 2401 {
+ action accept
+ description FW89619_1-TCP_UDP-ALLOW-185.83.65.46
+ destination {
+ group {
+ address-group DT_FW89619_1
+ }
+ port 5060
+ }
+ protocol tcp_udp
+ source {
+ address 185.83.65.46
+ }
+ }
+ rule 2402 {
+ action accept
+ description FW5858F_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW5858F_1
+ }
+ port 1883
+ }
+ protocol tcp
+ }
+ rule 2403 {
+ action accept
+ description FW826BA_3-TCP-ALLOW-95.147.108.173
+ destination {
+ group {
+ address-group DT_FW826BA_3
+ }
+ port 21
+ }
+ protocol tcp
+ source {
+ address 95.147.108.173
+ }
+ }
+ rule 2404 {
+ action accept
+ description FW9C682_3-TCP-ALLOW-52.56.193.88
+ destination {
+ group {
+ address-group DT_FW9C682_3
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 52.56.193.88
+ }
+ }
+ rule 2405 {
+ action accept
+ description FW0745F_5-TCP-ALLOW-109.228.63.82
+ destination {
+ group {
+ address-group DT_FW0745F_5
+ }
+ port 5666
+ }
+ protocol tcp
+ source {
+ address 109.228.63.82
+ }
+ }
+ rule 2406 {
+ action accept
+ description FWC0CE0_1-TCP-ALLOW-90.255.228.213
+ destination {
+ group {
+ address-group DT_FWC0CE0_1
+ }
+ port 49152-65535,8443,21
+ }
+ protocol tcp
+ source {
+ address 90.255.228.213
+ }
+ }
+ rule 2407 {
+ action accept
+ description FW210E2_8-AH-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW210E2_8
+ }
+ }
+ protocol ah
+ }
+ rule 2408 {
+ action accept
+ description FW210E2_8-ESP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW210E2_8
+ }
+ }
+ protocol esp
+ }
+ rule 2409 {
+ action accept
+ description FW210E2_8-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW210E2_8
+ }
+ port 41,62000,23,4500,50,9876,3391,88,135
+ }
+ protocol tcp
+ }
+ rule 2410 {
+ action accept
+ description FW210E2_8-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW210E2_8
+ }
+ port 500
+ }
+ protocol udp
+ }
+ rule 2411 {
+ action accept
+ description VPN-8625-ANY-ALLOW-10.4.54.103
+ destination {
+ group {
+ address-group DT_VPN-8625
+ }
+ }
+ source {
+ address 10.4.54.103
+ }
+ }
+ rule 2412 {
+ action accept
+ description VPN-8625-ANY-ALLOW-10.4.55.104
+ destination {
+ group {
+ address-group DT_VPN-8625
+ }
+ }
+ source {
+ address 10.4.55.104
+ }
+ }
+ rule 2413 {
+ action accept
+ description FW73A64_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW73A64_1
+ }
+ port 61616,8181,8161,8082,4244,4243,4242,4241
+ }
+ protocol tcp
+ }
+ rule 2414 {
+ action accept
+ description VPN-19135-ANY-ALLOW-10.4.86.165
+ destination {
+ group {
+ address-group DT_VPN-19135
+ }
+ }
+ source {
+ address 10.4.86.165
+ }
+ }
+ rule 2415 {
+ action accept
+ description FWCB0CF_7-TCP-ALLOW-82.65.107.3
+ destination {
+ group {
+ address-group DT_FWCB0CF_7
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 82.65.107.3
+ }
+ }
+ rule 2416 {
+ action accept
+ description FWCB0CF_7-TCP-ALLOW-195.2.139.221
+ destination {
+ group {
+ address-group DT_FWCB0CF_7
+ }
+ port 5432-5434,3306-3308
+ }
+ protocol tcp
+ source {
+ address 195.2.139.221
+ }
+ }
+ rule 2417 {
+ action accept
+ description VPN-19135-ANY-ALLOW-10.4.87.165
+ destination {
+ group {
+ address-group DT_VPN-19135
+ }
+ }
+ source {
+ address 10.4.87.165
+ }
+ }
+ rule 2418 {
+ action accept
+ description FW2BB8D_1-TCP-ALLOW-87.75.109.83
+ destination {
+ group {
+ address-group DT_FW2BB8D_1
+ }
+ port 27017,5000
+ }
+ protocol tcp
+ source {
+ address 87.75.109.83
+ }
+ }
+ rule 2419 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.211.83
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.211.83
+ }
+ }
+ rule 2420 {
+ action accept
+ description FW2ED4D_2-TCP-ALLOW-84.92.65.192
+ destination {
+ group {
+ address-group DT_FW2ED4D_2
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 84.92.65.192
+ }
+ }
+ rule 2421 {
+ action accept
+ description FW73A64_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW73A64_1
+ }
+ port 9200,5601,4247,4246,4245
+ }
+ protocol tcp_udp
+ }
+ rule 2422 {
+ action accept
+ description FW4735F_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW4735F_1
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 2423 {
+ action accept
+ description FW2ED4D_2-TCP-ALLOW-109.176.154.238
+ destination {
+ group {
+ address-group DT_FW2ED4D_2
+ }
+ port 7990,3389
+ }
+ protocol tcp
+ source {
+ address 109.176.154.238
+ }
+ }
+ rule 2424 {
+ action accept
+ description FW6863A_4-TCP-ALLOW-95.211.243.206
+ destination {
+ group {
+ address-group DT_FW6863A_4
+ }
+ port 465
+ }
+ protocol tcp
+ source {
+ address 95.211.243.206
+ }
+ }
+ rule 2425 {
+ action accept
+ description FW89619_1-TCP_UDP-ALLOW-81.133.80.114
+ destination {
+ group {
+ address-group DT_FW89619_1
+ }
+ port 5060
+ }
+ protocol tcp_udp
+ source {
+ address 81.133.80.114
+ }
+ }
+ rule 2426 {
+ action accept
+ description FW89619_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW89619_1
+ }
+ port 5090
+ }
+ protocol tcp_udp
+ }
+ rule 2427 {
+ action accept
+ description FW8A57A_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW8A57A_1
+ }
+ port 49155,49154,7700,53,43
+ }
+ protocol tcp_udp
+ }
+ rule 2428 {
+ action accept
+ description FW8C72E_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW8C72E_1
+ }
+ port 500,4500
+ }
+ protocol udp
+ }
+ rule 2429 {
+ action accept
+ description FW2ED4D_2-TCP-ALLOW-18.135.66.162
+ destination {
+ group {
+ address-group DT_FW2ED4D_2
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 18.135.66.162
+ }
+ }
+ rule 2430 {
+ action accept
+ description FW2C5AE_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW2C5AE_1
+ }
+ port 58080,58008,8545,7175
+ }
+ protocol tcp
+ }
+ rule 2431 {
+ action accept
+ description FW2ED4D_2-TCP-ALLOW-80.209.144.52
+ destination {
+ group {
+ address-group DT_FW2ED4D_2
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 80.209.144.52
+ }
+ }
+ rule 2432 {
+ action accept
+ description FW2ED4D_2-TCP-ALLOW-82.153.21.103
+ destination {
+ group {
+ address-group DT_FW2ED4D_2
+ }
+ port 7990,3389
+ }
+ protocol tcp
+ source {
+ address 82.153.21.103
+ }
+ }
+ rule 2433 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.215.41
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.215.41
+ }
+ }
+ rule 2434 {
+ action accept
+ description FW0745F_5-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW0745F_5
+ }
+ port 32770,8001,7801
+ }
+ protocol tcp
+ }
+ rule 2435 {
+ action accept
+ description FW85E02_11-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW85E02_11
+ }
+ port 5090,5060
+ }
+ protocol tcp_udp
+ }
+ rule 2436 {
+ action accept
+ description VPN-21982-ANY-ALLOW-10.4.58.43
+ destination {
+ group {
+ address-group DT_VPN-21982
+ }
+ }
+ source {
+ address 10.4.58.43
+ }
+ }
+ rule 2437 {
+ action accept
+ description FW2ED4D_2-TCP-ALLOW-82.17.52.191
+ destination {
+ group {
+ address-group DT_FW2ED4D_2
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 82.17.52.191
+ }
+ }
+ rule 2438 {
+ action accept
+ description FW66347_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW66347_1
+ }
+ port 53
+ }
+ protocol tcp_udp
+ }
+ rule 2439 {
+ action accept
+ description FW11082_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW11082_1
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 2440 {
+ action accept
+ description VPN-21982-ANY-ALLOW-10.4.59.43
+ destination {
+ group {
+ address-group DT_VPN-21982
+ }
+ }
+ source {
+ address 10.4.59.43
+ }
+ }
+ rule 2441 {
+ action accept
+ description FW2BB8D_1-TCP-ALLOW-92.207.193.203
+ destination {
+ group {
+ address-group DT_FW2BB8D_1
+ }
+ port 5000
+ }
+ protocol tcp
+ source {
+ address 92.207.193.203
+ }
+ }
+ rule 2442 {
+ action accept
+ description FWC2D30_1-TCP-ALLOW-77.99.253.161
+ destination {
+ group {
+ address-group DT_FWC2D30_1
+ }
+ port 8443,22,21
+ }
+ protocol tcp
+ source {
+ address 77.99.253.161
+ }
+ }
+ rule 2443 {
+ action accept
+ description FW0E383_9-TCP-ALLOW-77.99.245.103
+ destination {
+ group {
+ address-group DT_FW0E383_9
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 77.99.245.103
+ }
+ }
+ rule 2444 {
+ action accept
+ description FW2ED4D_2-TCP-ALLOW-82.19.19.52
+ destination {
+ group {
+ address-group DT_FW2ED4D_2
+ }
+ port 7990,3389
+ }
+ protocol tcp
+ source {
+ address 82.19.19.52
+ }
+ }
+ rule 2445 {
+ action accept
+ description FWEF92E_7-AH-ALLOW-77.68.77.57
+ destination {
+ group {
+ address-group DT_FWEF92E_7
+ }
+ }
+ protocol ah
+ source {
+ address 77.68.77.57
+ }
+ }
+ rule 2446 {
+ action accept
+ description VPN-16450-ANY-ALLOW-10.4.88.99
+ destination {
+ group {
+ address-group DT_VPN-16450
+ }
+ }
+ source {
+ address 10.4.88.99
+ }
+ }
+ rule 2447 {
+ action accept
+ description FW2ED4D_2-TCP-ALLOW-82.2.186.129
+ destination {
+ group {
+ address-group DT_FW2ED4D_2
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 82.2.186.129
+ }
+ }
+ rule 2448 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.215.157
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000,3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.215.157
+ }
+ }
+ rule 2449 {
+ action accept
+ description FW8EA04_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW8EA04_1
+ }
+ port 1194
+ }
+ protocol udp
+ }
+ rule 2450 {
+ action accept
+ description FW2ED4D_2-TCP-ALLOW-82.21.59.207
+ destination {
+ group {
+ address-group DT_FW2ED4D_2
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 82.21.59.207
+ }
+ }
+ rule 2451 {
+ action accept
+ description FWC2D30_1-TCP-ALLOW-82.9.22.158
+ destination {
+ group {
+ address-group DT_FWC2D30_1
+ }
+ port 8443,21
+ }
+ protocol tcp
+ source {
+ address 82.9.22.158
+ }
+ }
+ rule 2452 {
+ action accept
+ description FWF3A1B_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWF3A1B_1
+ }
+ port 1981,53
+ }
+ protocol tcp_udp
+ }
+ rule 2453 {
+ action accept
+ description FWEF92E_5-ESP-ALLOW-77.68.11.54
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ }
+ protocol esp
+ source {
+ address 77.68.11.54
+ }
+ }
+ rule 2454 {
+ action accept
+ description FW2ED4D_2-TCP-ALLOW-82.40.177.186
+ destination {
+ group {
+ address-group DT_FW2ED4D_2
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 82.40.177.186
+ }
+ }
+ rule 2455 {
+ action accept
+ description FW0C25B_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW0C25B_1
+ }
+ port 49152-65535,5224
+ }
+ protocol tcp
+ }
+ rule 2456 {
+ action accept
+ description FW85A7C_1-TCP-ALLOW-82.24.242.137
+ destination {
+ group {
+ address-group DT_FW85A7C_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 82.24.242.137
+ }
+ }
+ rule 2457 {
+ action accept
+ description FW2ED4D_2-TCP-ALLOW-82.68.25.66
+ destination {
+ group {
+ address-group DT_FW2ED4D_2
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 82.68.25.66
+ }
+ }
+ rule 2458 {
+ action accept
+ description FW826BA_3-TCP-ALLOW-51.89.148.173
+ destination {
+ group {
+ address-group DT_FW826BA_3
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 51.89.148.173
+ }
+ }
+ rule 2459 {
+ action accept
+ description FWA69A0_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWA69A0_1
+ }
+ port 48402
+ }
+ protocol udp
+ }
+ rule 2460 {
+ action accept
+ description FW2ED4D_2-TCP-ALLOW-82.69.79.85
+ destination {
+ group {
+ address-group DT_FW2ED4D_2
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 82.69.79.85
+ }
+ }
+ rule 2461 {
+ action accept
+ description FWEF92E_5-ESP-ALLOW-77.68.77.149
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ }
+ protocol esp
+ source {
+ address 77.68.77.149
+ }
+ }
+ rule 2462 {
+ action accept
+ description FWEF92E_6-ESP-ALLOW-77.68.77.57
+ destination {
+ group {
+ address-group DT_FWEF92E_6
+ }
+ }
+ protocol esp
+ source {
+ address 77.68.77.57
+ }
+ }
+ rule 2463 {
+ action accept
+ description FWEF92E_7-TCP-ALLOW-77.68.8.74
+ destination {
+ group {
+ address-group DT_FWEF92E_7
+ }
+ port 3389,445
+ }
+ protocol tcp
+ source {
+ address 77.68.8.74
+ }
+ }
+ rule 2464 {
+ action accept
+ description FW49C3D_4-TCP-ALLOW-77.68.8.74
+ destination {
+ group {
+ address-group DT_FW49C3D_4
+ }
+ port 3389,445,443,80
+ }
+ protocol tcp
+ source {
+ address 77.68.8.74
+ }
+ }
+ rule 2465 {
+ action accept
+ description FW49C3D_6-TCP-ALLOW-77.68.8.74
+ destination {
+ group {
+ address-group DT_FW49C3D_6
+ }
+ port 3389,445
+ }
+ protocol tcp
+ source {
+ address 77.68.8.74
+ }
+ }
+ rule 2466 {
+ action accept
+ description FW34C91_3-TCP-ALLOW-77.68.121.4
+ destination {
+ group {
+ address-group DT_FW34C91_3
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 77.68.121.4
+ }
+ }
+ rule 2467 {
+ action accept
+ description VPN-16450-ANY-ALLOW-10.4.89.99
+ destination {
+ group {
+ address-group DT_VPN-16450
+ }
+ }
+ source {
+ address 10.4.89.99
+ }
+ }
+ rule 2468 {
+ action accept
+ description FW0BB22_1-AH-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW0BB22_1
+ }
+ }
+ protocol ah
+ }
+ rule 2469 {
+ action accept
+ description FW2ED4D_2-TCP-ALLOW-86.139.57.116
+ destination {
+ group {
+ address-group DT_FW2ED4D_2
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 86.139.57.116
+ }
+ }
+ rule 2470 {
+ action accept
+ description FW9E550_1-TCP-ALLOW-86.142.67.13
+ destination {
+ group {
+ address-group DT_FW9E550_1
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 86.142.67.13
+ }
+ }
+ rule 2471 {
+ action accept
+ description FW8B21D_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW8B21D_1
+ }
+ port 2096,2095,2087,2086,2083,2082
+ }
+ protocol tcp
+ }
+ rule 2472 {
+ action accept
+ description FW050AC_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW050AC_1
+ }
+ port 2087
+ }
+ protocol tcp
+ }
+ rule 2473 {
+ action accept
+ description FW1FA9E_1-TCP-ALLOW-109.228.50.206
+ destination {
+ group {
+ address-group DT_FW1FA9E_1
+ }
+ port 5432
+ }
+ protocol tcp
+ source {
+ address 109.228.50.206
+ }
+ }
+ rule 2474 {
+ action accept
+ description FW8A3FC_3-TCP-ALLOW-217.23.11.155
+ destination {
+ group {
+ address-group DT_FW8A3FC_3
+ }
+ port 465
+ }
+ protocol tcp
+ source {
+ address 217.23.11.155
+ }
+ }
+ rule 2475 {
+ action accept
+ description FW2ED4D_2-TCP-ALLOW-88.96.110.198
+ destination {
+ group {
+ address-group DT_FW2ED4D_2
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 88.96.110.198
+ }
+ }
+ rule 2476 {
+ action accept
+ description FWEAE53_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWEAE53_1
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 2477 {
+ action accept
+ description VPN-19474-ANY-ALLOW-10.4.88.161
+ destination {
+ group {
+ address-group DT_VPN-19474
+ }
+ }
+ source {
+ address 10.4.88.161
+ }
+ }
+ rule 2478 {
+ action accept
+ description VPN-19474-ANY-ALLOW-10.4.89.161
+ destination {
+ group {
+ address-group DT_VPN-19474
+ }
+ }
+ source {
+ address 10.4.89.161
+ }
+ }
+ rule 2479 {
+ action accept
+ description FW90AE3_1-TCP-ALLOW-68.33.220.233
+ destination {
+ group {
+ address-group DT_FW90AE3_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 68.33.220.233
+ }
+ }
+ rule 2480 {
+ action accept
+ description FWC2D30_1-TCP-ALLOW-86.10.163.127
+ destination {
+ group {
+ address-group DT_FWC2D30_1
+ }
+ port 8443,21
+ }
+ protocol tcp
+ source {
+ address 86.10.163.127
+ }
+ }
+ rule 2481 {
+ action accept
+ description FW2FB61_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW2FB61_1
+ }
+ port 60182
+ }
+ protocol udp
+ }
+ rule 2482 {
+ action accept
+ description FW85A7C_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW85A7C_1
+ }
+ port 2457,2456
+ }
+ protocol tcp_udp
+ }
+ rule 2483 {
+ action accept
+ description FWBED52_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWBED52_1
+ }
+ port 1221,9000
+ }
+ protocol tcp
+ }
+ rule 2484 {
+ action accept
+ description FWA86ED_101-TCP-ALLOW-90.250.2.109
+ destination {
+ group {
+ address-group DT_FWA86ED_101
+ }
+ port 3389,443
+ }
+ protocol tcp
+ source {
+ address 90.250.2.109
+ }
+ }
+ rule 2485 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.213.49
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000,3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.213.49
+ }
+ }
+ rule 2486 {
+ action accept
+ description FWEF92E_5-ESP-ALLOW-77.68.77.70
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ }
+ protocol esp
+ source {
+ address 77.68.77.70
+ }
+ }
+ rule 2487 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.211.250
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.211.250
+ }
+ }
+ rule 2488 {
+ action accept
+ description FW8A3FC_3-TCP-ALLOW-95.168.171.131
+ destination {
+ group {
+ address-group DT_FW8A3FC_3
+ }
+ port 465
+ }
+ protocol tcp
+ source {
+ address 95.168.171.131
+ }
+ }
+ rule 2489 {
+ action accept
+ description FW2379F_14-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW2379F_14
+ }
+ port 48030,10997,10993,10992,10991,10902,1723,1701
+ }
+ protocol tcp
+ }
+ rule 2490 {
+ action accept
+ description FW8C927_1-TCP-ALLOW-84.92.125.78
+ destination {
+ group {
+ address-group DT_FW8C927_1
+ }
+ port 80
+ }
+ protocol tcp
+ source {
+ address 84.92.125.78
+ }
+ }
+ rule 2491 {
+ action accept
+ description FWC2D30_1-TCP-ALLOW-86.146.220.229
+ destination {
+ group {
+ address-group DT_FWC2D30_1
+ }
+ port 8443,21
+ }
+ protocol tcp
+ source {
+ address 86.146.220.229
+ }
+ }
+ rule 2492 {
+ action accept
+ description FW2B279_4-TCP-ALLOW-2.218.5.59
+ destination {
+ group {
+ address-group DT_FW2B279_4
+ }
+ port 8443,22
+ }
+ protocol tcp
+ source {
+ address 2.218.5.59
+ }
+ }
+ rule 2493 {
+ action accept
+ description VPN-18830-ANY-ALLOW-10.4.86.156
+ destination {
+ group {
+ address-group DT_VPN-18830
+ }
+ }
+ source {
+ address 10.4.86.156
+ }
+ }
+ rule 2494 {
+ action accept
+ description VPN-18830-ANY-ALLOW-10.4.87.156
+ destination {
+ group {
+ address-group DT_VPN-18830
+ }
+ }
+ source {
+ address 10.4.87.156
+ }
+ }
+ rule 2495 {
+ action accept
+ description FWEF92E_5-ESP-ALLOW-77.68.92.33
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ }
+ protocol esp
+ source {
+ address 77.68.92.33
+ }
+ }
+ rule 2496 {
+ action accept
+ description FWA86ED_101-TCP-ALLOW-146.198.100.105
+ destination {
+ group {
+ address-group DT_FWA86ED_101
+ }
+ port 3389,443
+ }
+ protocol tcp
+ source {
+ address 146.198.100.105
+ }
+ }
+ rule 2497 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.211.55
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000,3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.211.55
+ }
+ }
+ rule 2498 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-123.231.84.113
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 123.231.84.113
+ }
+ }
+ rule 2499 {
+ action accept
+ description FW8C72E_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW8C72E_1
+ }
+ port 60134,60135
+ }
+ protocol tcp
+ }
+ rule 2500 {
+ action accept
+ description FWAB44B_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWAB44B_1
+ }
+ port 3306
+ }
+ protocol tcp_udp
+ }
+ rule 2501 {
+ action accept
+ description FW2379F_14-TCP-ALLOW-51.148.87.29
+ destination {
+ group {
+ address-group DT_FW2379F_14
+ }
+ port 3389,21
+ }
+ protocol tcp
+ source {
+ address 51.148.87.29
+ }
+ }
+ rule 2502 {
+ action accept
+ description VPN-23738-ANY-ALLOW-10.4.56.13
+ destination {
+ group {
+ address-group DT_VPN-23738
+ }
+ }
+ source {
+ address 10.4.56.13
+ }
+ }
+ rule 2503 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.210.100
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.210.100
+ }
+ }
+ rule 2504 {
+ action accept
+ description FW996B4_2-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW996B4_2
+ }
+ port 43595,30160
+ }
+ protocol tcp
+ }
+ rule 2505 {
+ action accept
+ description FW8871B_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW8871B_1
+ }
+ port 15672,8083,8082,8081,5672
+ }
+ protocol tcp
+ }
+ rule 2506 {
+ action accept
+ description FWAB44B_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWAB44B_1
+ }
+ port 9090,8069,5432
+ }
+ protocol tcp
+ }
+ rule 2507 {
+ action accept
+ description FW6187E_1-ICMP-ALLOW-85.214.201.250
+ destination {
+ group {
+ address-group DT_FW6187E_1
+ }
+ }
+ protocol icmp
+ source {
+ address 85.214.201.250
+ }
+ }
+ rule 2508 {
+ action accept
+ description FW8A3FC_3-TCP-ALLOW-217.23.11.126
+ destination {
+ group {
+ address-group DT_FW8A3FC_3
+ }
+ port 465
+ }
+ protocol tcp
+ source {
+ address 217.23.11.126
+ }
+ }
+ rule 2509 {
+ action accept
+ description FW78137_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW78137_1
+ }
+ port 1-65535
+ }
+ protocol tcp
+ }
+ rule 2510 {
+ action accept
+ description FW32EFF_25-TCP-ALLOW-46.252.65.10
+ destination {
+ group {
+ address-group DT_FW32EFF_25
+ }
+ port 443
+ }
+ protocol tcp
+ source {
+ address 46.252.65.10
+ }
+ }
+ rule 2511 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.214.50
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.214.50
+ }
+ }
+ rule 2512 {
+ action accept
+ description FW6A684_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW6A684_1
+ }
+ port 53
+ }
+ protocol tcp_udp
+ }
+ rule 2513 {
+ action accept
+ description FWF48EB_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWF48EB_1
+ }
+ port 9204,9202,3395
+ }
+ protocol tcp
+ }
+ rule 2514 {
+ action accept
+ description FW44217_2-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW44217_2
+ }
+ port 443,80
+ }
+ protocol tcp_udp
+ }
+ rule 2515 {
+ action accept
+ description FW6187E_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW6187E_1
+ }
+ port 2282
+ }
+ protocol tcp
+ }
+ rule 2516 {
+ action accept
+ description FW8AFF1_7-TCP-ALLOW-109.228.0.58
+ destination {
+ group {
+ address-group DT_FW8AFF1_7
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 109.228.0.58
+ }
+ }
+ rule 2517 {
+ action accept
+ description VPN-34501-ANY-ALLOW-10.4.86.235
+ destination {
+ group {
+ address-group DT_VPN-34501
+ }
+ }
+ source {
+ address 10.4.86.235
+ }
+ }
+ rule 2518 {
+ action accept
+ description FW1271A_2-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW1271A_2
+ }
+ port 5090,5061,5060,5015,5001
+ }
+ protocol tcp
+ }
+ rule 2519 {
+ action accept
+ description FW1271A_2-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW1271A_2
+ }
+ port 9000-10999,5090,5060
+ }
+ protocol udp
+ }
+ rule 2520 {
+ action accept
+ description FW1226C_3-TCP-ALLOW-216.113.160.71
+ destination {
+ group {
+ address-group DT_FW1226C_3
+ }
+ port 80,22
+ }
+ protocol tcp
+ source {
+ address 216.113.160.71
+ }
+ }
+ rule 2521 {
+ action accept
+ description FW32EFF_16-TCP-ALLOW-84.19.45.82
+ destination {
+ group {
+ address-group DT_FW32EFF_16
+ }
+ port 33888
+ }
+ protocol tcp
+ source {
+ address 84.19.45.82
+ }
+ }
+ rule 2522 {
+ action accept
+ description FW03F2E_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW03F2E_1
+ }
+ port 1194
+ }
+ protocol udp
+ }
+ rule 2523 {
+ action accept
+ description FW03F2E_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW03F2E_1
+ }
+ port 4432,4431,4430
+ }
+ protocol tcp
+ }
+ rule 2524 {
+ action accept
+ description FW1226C_3-TCP-ALLOW-216.113.162.65
+ destination {
+ group {
+ address-group DT_FW1226C_3
+ }
+ port 80,22
+ }
+ protocol tcp
+ source {
+ address 216.113.162.65
+ }
+ }
+ rule 2525 {
+ action accept
+ description VPN-20306-ANY-ALLOW-10.4.89.173
+ destination {
+ group {
+ address-group DT_VPN-20306
+ }
+ }
+ source {
+ address 10.4.89.173
+ }
+ }
+ rule 2526 {
+ action accept
+ description FW8A49A_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW8A49A_1
+ }
+ port 2525,8448-65535
+ }
+ protocol tcp
+ }
+ rule 2527 {
+ action accept
+ description FWD3431_2-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWD3431_2
+ }
+ port 43595,30377,30289
+ }
+ protocol tcp
+ }
+ rule 2528 {
+ action accept
+ description FW1226C_3-TCP-ALLOW-66.135.200.200
+ destination {
+ group {
+ address-group DT_FW1226C_3
+ }
+ port 80,22
+ }
+ protocol tcp
+ source {
+ address 66.135.200.200
+ }
+ }
+ rule 2529 {
+ action accept
+ description FW1226C_3-TCP-ALLOW-193.28.178.38
+ destination {
+ group {
+ address-group DT_FW1226C_3
+ }
+ port 80
+ }
+ protocol tcp
+ source {
+ address 193.28.178.38
+ }
+ }
+ rule 2530 {
+ action accept
+ description FWAE88B_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWAE88B_1
+ }
+ port 65432,8080,7300,1195,1194,993,587,465,443,442,143,110,80,53,22
+ }
+ protocol tcp_udp
+ }
+ rule 2531 {
+ action accept
+ description FW1226C_3-TCP-ALLOW-195.234.136.80
+ destination {
+ group {
+ address-group DT_FW1226C_3
+ }
+ port 80
+ }
+ protocol tcp
+ source {
+ address 195.234.136.80
+ }
+ }
+ rule 2532 {
+ action accept
+ description FW1226C_3-TCP-ALLOW-93.94.41.83
+ destination {
+ group {
+ address-group DT_FW1226C_3
+ }
+ port 80
+ }
+ protocol tcp
+ source {
+ address 93.94.41.83
+ }
+ }
+ rule 2533 {
+ action accept
+ description VPN-6103-ANY-ALLOW-10.4.56.102
+ destination {
+ group {
+ address-group DT_VPN-6103
+ }
+ }
+ source {
+ address 10.4.56.102
+ }
+ }
+ rule 2534 {
+ action accept
+ description VPN-6103-ANY-ALLOW-10.4.57.102
+ destination {
+ group {
+ address-group DT_VPN-6103
+ }
+ }
+ source {
+ address 10.4.57.102
+ }
+ }
+ rule 2535 {
+ action accept
+ description FW9E550_1-TCP-ALLOW-86.198.190.104
+ destination {
+ group {
+ address-group DT_FW9E550_1
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 86.198.190.104
+ }
+ }
+ rule 2536 {
+ action accept
+ description FW34C91_3-TCP-ALLOW-81.149.71.244
+ destination {
+ group {
+ address-group DT_FW34C91_3
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 81.149.71.244
+ }
+ }
+ rule 2537 {
+ action accept
+ description FW0BB22_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW0BB22_1
+ }
+ port 27917,27017,9592,9092,1080,587
+ }
+ protocol tcp_udp
+ }
+ rule 2538 {
+ action accept
+ description FWC2D30_1-TCP-ALLOW-89.213.26.156
+ destination {
+ group {
+ address-group DT_FWC2D30_1
+ }
+ port 8443,21
+ }
+ protocol tcp
+ source {
+ address 89.213.26.156
+ }
+ }
+ rule 2539 {
+ action accept
+ description FW34C91_3-UDP-ALLOW-81.149.71.244
+ destination {
+ group {
+ address-group DT_FW34C91_3
+ }
+ port 1434
+ }
+ protocol udp
+ source {
+ address 81.149.71.244
+ }
+ }
+ rule 2540 {
+ action accept
+ description VPN-17207-ANY-ALLOW-10.4.86.121
+ destination {
+ group {
+ address-group DT_VPN-17207
+ }
+ }
+ source {
+ address 10.4.86.121
+ }
+ }
+ rule 2541 {
+ action accept
+ description FW0B352_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW0B352_1
+ }
+ port 4500,500
+ }
+ protocol udp
+ }
+ rule 2542 {
+ action accept
+ description FW85E02_11-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW85E02_11
+ }
+ port 5854,5853,5061
+ }
+ protocol tcp
+ }
+ rule 2543 {
+ action accept
+ description FW0BB22_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW0BB22_1
+ }
+ port 9200,8082
+ }
+ protocol tcp
+ }
+ rule 2544 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.213.140
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.213.140
+ }
+ }
+ rule 2545 {
+ action accept
+ description FWC2D30_1-TCP-ALLOW-91.125.244.28
+ destination {
+ group {
+ address-group DT_FWC2D30_1
+ }
+ port 21
+ }
+ protocol tcp
+ source {
+ address 91.125.244.28
+ }
+ }
+ rule 2546 {
+ action accept
+ description FWA86ED_101-TCP-ALLOW-86.172.252.221
+ destination {
+ group {
+ address-group DT_FWA86ED_101
+ }
+ port 80-3389
+ }
+ protocol tcp
+ source {
+ address 86.172.252.221
+ }
+ }
+ rule 2547 {
+ action accept
+ description FWC2D30_1-TCP-ALLOW-92.207.184.106
+ destination {
+ group {
+ address-group DT_FWC2D30_1
+ }
+ port 8443,21
+ }
+ protocol tcp
+ source {
+ address 92.207.184.106
+ }
+ }
+ rule 2548 {
+ action accept
+ description FW45F3D_1-ANY-ALLOW-146.255.0.198
+ destination {
+ group {
+ address-group DT_FW45F3D_1
+ }
+ }
+ source {
+ address 146.255.0.198
+ }
+ }
+ rule 2549 {
+ action accept
+ description FWBFDED_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWBFDED_1
+ }
+ port 1723,445
+ }
+ protocol tcp
+ }
+ rule 2550 {
+ action accept
+ description FW8A3FC_3-TCP-ALLOW-212.227.9.72
+ destination {
+ group {
+ address-group DT_FW8A3FC_3
+ }
+ port 465
+ }
+ protocol tcp
+ source {
+ address 212.227.9.72
+ }
+ }
+ rule 2551 {
+ action accept
+ description FWE928F_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWE928F_1
+ }
+ port 2082,2083,2086,2087,2096
+ }
+ protocol tcp
+ }
+ rule 2552 {
+ action accept
+ description FW5CBB2_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW5CBB2_1
+ }
+ port 2082,2083,2086,2087
+ }
+ protocol tcp
+ }
+ rule 2553 {
+ action accept
+ description FW63230_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW63230_1
+ }
+ port 445,139
+ }
+ protocol tcp_udp
+ }
+ rule 2554 {
+ action accept
+ description FW90AE3_1-TCP-ALLOW-71.244.176.5
+ destination {
+ group {
+ address-group DT_FW90AE3_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 71.244.176.5
+ }
+ }
+ rule 2555 {
+ action accept
+ description FWA4BC8_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWA4BC8_1
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 2556 {
+ action accept
+ description VPN-17207-ANY-ALLOW-10.4.87.121
+ destination {
+ group {
+ address-group DT_VPN-17207
+ }
+ }
+ source {
+ address 10.4.87.121
+ }
+ }
+ rule 2557 {
+ action accept
+ description VPN-17558-ANY-ALLOW-10.4.86.143
+ destination {
+ group {
+ address-group DT_VPN-17558
+ }
+ }
+ source {
+ address 10.4.86.143
+ }
+ }
+ rule 2558 {
+ action accept
+ description FWB2CD2_1-TCP-ALLOW-86.167.68.241
+ destination {
+ group {
+ address-group DT_FWB2CD2_1
+ }
+ port 21
+ }
+ protocol tcp
+ source {
+ address 86.167.68.241
+ }
+ }
+ rule 2559 {
+ action accept
+ description FW32EFF_25-TCP-ALLOW-84.19.45.82
+ destination {
+ group {
+ address-group DT_FW32EFF_25
+ }
+ port 33888,443
+ }
+ protocol tcp
+ source {
+ address 84.19.45.82
+ }
+ }
+ rule 2560 {
+ action accept
+ description FW44217_2-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW44217_2
+ }
+ port 9001,7946,2376
+ }
+ protocol tcp
+ }
+ rule 2561 {
+ action accept
+ description FW7DAE2_3-TCP-ALLOW-212.227.253.11
+ destination {
+ group {
+ address-group DT_FW7DAE2_3
+ }
+ port 25,22
+ }
+ protocol tcp
+ source {
+ address 212.227.253.11
+ }
+ }
+ rule 2562 {
+ action accept
+ description FW7DAE2_3-TCP-ALLOW-217.160.126.118
+ destination {
+ group {
+ address-group DT_FW7DAE2_3
+ }
+ port 25,22
+ }
+ protocol tcp
+ source {
+ address 217.160.126.118
+ }
+ }
+ rule 2563 {
+ action accept
+ description FWAF6E8_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWAF6E8_1
+ }
+ port 2082,2083,2086,2087,2096
+ }
+ protocol tcp
+ }
+ rule 2564 {
+ action accept
+ description FWCD7CE_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWCD7CE_1
+ }
+ port 49152-65534
+ }
+ protocol tcp
+ }
+ rule 2565 {
+ action accept
+ description FW32EFF_16-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW32EFF_16
+ }
+ port 47779,47778,47777,47776
+ }
+ protocol tcp
+ }
+ rule 2566 {
+ action accept
+ description FW0745F_5-TCP-ALLOW-77.68.117.222
+ destination {
+ group {
+ address-group DT_FW0745F_5
+ }
+ port 49170
+ }
+ protocol tcp
+ source {
+ address 77.68.117.222
+ }
+ }
+ rule 2567 {
+ action accept
+ description FWC2D30_1-TCP-ALLOW-92.207.199.107
+ destination {
+ group {
+ address-group DT_FWC2D30_1
+ }
+ port 8443,22,21
+ }
+ protocol tcp
+ source {
+ address 92.207.199.107
+ }
+ }
+ rule 2568 {
+ action accept
+ description FW8AFF1_7-TCP-ALLOW-109.228.0.89
+ destination {
+ group {
+ address-group DT_FW8AFF1_7
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 109.228.0.89
+ }
+ }
+ rule 2569 {
+ action accept
+ description FW8A3FC_3-TCP-ALLOW-190.2.130.41
+ destination {
+ group {
+ address-group DT_FW8A3FC_3
+ }
+ port 465
+ }
+ protocol tcp
+ source {
+ address 190.2.130.41
+ }
+ }
+ rule 2570 {
+ action accept
+ description FWFDCC7_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWFDCC7_1
+ }
+ port 10000
+ }
+ protocol tcp_udp
+ }
+ rule 2571 {
+ action accept
+ description FWF19FB_2-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWF19FB_2
+ }
+ port 43595,40001,30616-30631,30531,30204-30435
+ }
+ protocol tcp
+ }
+ rule 2572 {
+ action accept
+ description FW2B279_4-TCP-ALLOW-213.171.217.107
+ destination {
+ group {
+ address-group DT_FW2B279_4
+ }
+ port 8443,22
+ }
+ protocol tcp
+ source {
+ address 213.171.217.107
+ }
+ }
+ rule 2573 {
+ action accept
+ description FW4E314_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW4E314_1
+ }
+ port 21543,888
+ }
+ protocol tcp
+ }
+ rule 2574 {
+ action accept
+ description FW73215_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW73215_1
+ }
+ port 4380
+ }
+ protocol udp
+ }
+ rule 2575 {
+ action accept
+ description VPN-31301-ANY-ALLOW-10.4.86.223
+ destination {
+ group {
+ address-group DT_VPN-31301
+ }
+ }
+ source {
+ address 10.4.86.223
+ }
+ }
+ rule 2576 {
+ action accept
+ description FW8428B_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW8428B_1
+ }
+ port 48402
+ }
+ protocol udp
+ }
+ rule 2577 {
+ action accept
+ description FWF3A1B_1-TCP_UDP-ALLOW-185.195.124.169
+ destination {
+ group {
+ address-group DT_FWF3A1B_1
+ }
+ port 2222
+ }
+ protocol tcp_udp
+ source {
+ address 185.195.124.169
+ }
+ }
+ rule 2578 {
+ action accept
+ description FW34C91_3-UDP-ALLOW-77.68.121.4
+ destination {
+ group {
+ address-group DT_FW34C91_3
+ }
+ port 1434
+ }
+ protocol udp
+ source {
+ address 77.68.121.4
+ }
+ }
+ rule 2579 {
+ action accept
+ description FW73215_1-TCP-ALLOW-82.38.58.135
+ destination {
+ group {
+ address-group DT_FW73215_1
+ }
+ port 10685
+ }
+ protocol tcp
+ source {
+ address 82.38.58.135
+ }
+ }
+ rule 2580 {
+ action accept
+ description FW52F6F_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW52F6F_1
+ }
+ port 8888
+ }
+ protocol tcp
+ }
+ rule 2581 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.213.86
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.213.86
+ }
+ }
+ rule 2582 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-123.231.125.13
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 123.231.125.13
+ }
+ }
+ rule 2583 {
+ action accept
+ description FWEE03C_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWEE03C_1
+ }
+ port 2087,2083
+ }
+ protocol tcp
+ }
+ rule 2584 {
+ action accept
+ description FW748B7_1-TCP-ALLOW-157.231.123.154
+ destination {
+ group {
+ address-group DT_FW748B7_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 157.231.123.154
+ }
+ }
+ rule 2585 {
+ action accept
+ description VPN-34501-ANY-ALLOW-10.4.87.235
+ destination {
+ group {
+ address-group DT_VPN-34501
+ }
+ }
+ source {
+ address 10.4.87.235
+ }
+ }
+ rule 2586 {
+ action accept
+ description FWE47DA_1-TCP-ALLOW-81.134.85.245
+ destination {
+ group {
+ address-group DT_FWE47DA_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 81.134.85.245
+ }
+ }
+ rule 2587 {
+ action accept
+ description FWD61BF_1-ANY-ALLOW-193.237.81.213_32
+ destination {
+ group {
+ address-group DT_FWD61BF_1
+ }
+ }
+ source {
+ address 193.237.81.213/32
+ }
+ }
+ rule 2588 {
+ action accept
+ description FW2B279_4-TCP-ALLOW-23.106.238.241
+ destination {
+ group {
+ address-group DT_FW2B279_4
+ }
+ port 8443,3306,22
+ }
+ protocol tcp
+ source {
+ address 23.106.238.241
+ }
+ }
+ rule 2589 {
+ action accept
+ description FW2B279_4-TCP-ALLOW-35.204.202.196
+ destination {
+ group {
+ address-group DT_FW2B279_4
+ }
+ port 8443,3306,22
+ }
+ protocol tcp
+ source {
+ address 35.204.202.196
+ }
+ }
+ rule 2590 {
+ action accept
+ description FW2B279_4-TCP-ALLOW-35.242.141.128
+ destination {
+ group {
+ address-group DT_FW2B279_4
+ }
+ port 8443,3306,22
+ }
+ protocol tcp
+ source {
+ address 35.242.141.128
+ }
+ }
+ rule 2591 {
+ action accept
+ description FWC2EF2_2-TCP-ALLOW-90.251.221.19
+ destination {
+ group {
+ address-group DT_FWC2EF2_2
+ }
+ port 995,993,587,465,143,110,25,22
+ }
+ protocol tcp
+ source {
+ address 90.251.221.19
+ }
+ }
+ rule 2592 {
+ action accept
+ description VPN-14673-ANY-ALLOW-10.4.88.44
+ destination {
+ group {
+ address-group DT_VPN-14673
+ }
+ }
+ source {
+ address 10.4.88.44
+ }
+ }
+ rule 2593 {
+ action accept
+ description FWA83DF_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWA83DF_1
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 2594 {
+ action accept
+ description FW31525_6-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW31525_6
+ }
+ port 35467
+ }
+ protocol tcp
+ }
+ rule 2595 {
+ action accept
+ description FW4293B_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW4293B_1
+ }
+ port 9080,8888,8881,7815,8419
+ }
+ protocol tcp
+ }
+ rule 2596 {
+ action accept
+ description FW4AE7D_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW4AE7D_1
+ }
+ port 8083,81
+ }
+ protocol tcp
+ }
+ rule 2597 {
+ action accept
+ description FWC2D30_1-TCP-ALLOW-143.52.53.22
+ destination {
+ group {
+ address-group DT_FWC2D30_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 143.52.53.22
+ }
+ }
+ rule 2598 {
+ action accept
+ description FW44217_2-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW44217_2
+ }
+ port 7946,4789
+ }
+ protocol udp
+ }
+ rule 2599 {
+ action accept
+ description FW2B279_4-TCP-ALLOW-46.249.82.162
+ destination {
+ group {
+ address-group DT_FW2B279_4
+ }
+ port 8443,22
+ }
+ protocol tcp
+ source {
+ address 46.249.82.162
+ }
+ }
+ rule 2600 {
+ action accept
+ description FW27949_2-TCP-ALLOW-80.95.202.106
+ destination {
+ group {
+ address-group DT_FW27949_2
+ }
+ port 443,80
+ }
+ protocol tcp
+ source {
+ address 80.95.202.106
+ }
+ }
+ rule 2601 {
+ action accept
+ description FWEF92E_5-ESP-ALLOW-77.68.93.82
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ }
+ protocol esp
+ source {
+ address 77.68.93.82
+ }
+ }
+ rule 2602 {
+ action accept
+ description FW2ACFF_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW2ACFF_1
+ }
+ port 8082,5093
+ }
+ protocol tcp
+ }
+ rule 2603 {
+ action accept
+ description FWC2EF2_2-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWC2EF2_2
+ }
+ port 10000,953,53
+ }
+ protocol tcp_udp
+ }
+ rule 2604 {
+ action accept
+ description FW0C8E1_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW0C8E1_1
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 2605 {
+ action accept
+ description FWA86ED_101-TCP_UDP-ALLOW-82.5.189.5
+ destination {
+ group {
+ address-group DT_FWA86ED_101
+ }
+ port 1-65535
+ }
+ protocol tcp_udp
+ source {
+ address 82.5.189.5
+ }
+ }
+ rule 2606 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.208.179
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.208.179
+ }
+ }
+ rule 2607 {
+ action accept
+ description FWEF92E_5-ESP-ALLOW-88.208.198.93
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ }
+ protocol esp
+ source {
+ address 88.208.198.93
+ }
+ }
+ rule 2608 {
+ action accept
+ description FW5658C_1-TCP-ALLOW-39.45.43.109
+ destination {
+ group {
+ address-group DT_FW5658C_1
+ }
+ port 8443
+ }
+ protocol tcp
+ source {
+ address 39.45.43.109
+ }
+ }
+ rule 2609 {
+ action accept
+ description FW5658C_1-TCP-ALLOW-5.67.3.195
+ destination {
+ group {
+ address-group DT_FW5658C_1
+ }
+ port 8443
+ }
+ protocol tcp
+ source {
+ address 5.67.3.195
+ }
+ }
+ rule 2610 {
+ action accept
+ description FWDCA36_3-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWDCA36_3
+ }
+ port 49152-65534,5901
+ }
+ protocol tcp
+ }
+ rule 2611 {
+ action accept
+ description FWE928F_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWE928F_1
+ }
+ port 53
+ }
+ protocol tcp_udp
+ }
+ rule 2612 {
+ action accept
+ description FW69D6D_2-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW69D6D_2
+ }
+ port 5001,5090,5060,5015
+ }
+ protocol tcp
+ }
+ rule 2613 {
+ action accept
+ description FW69D6D_2-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW69D6D_2
+ }
+ port 5090,5060,9000-9500
+ }
+ protocol udp
+ }
+ rule 2614 {
+ action accept
+ description VPN-9765-ANY-ALLOW-10.4.56.45
+ destination {
+ group {
+ address-group DT_VPN-9765
+ }
+ }
+ source {
+ address 10.4.56.45
+ }
+ }
+ rule 2615 {
+ action accept
+ description VPN-9765-ANY-ALLOW-10.4.57.45
+ destination {
+ group {
+ address-group DT_VPN-9765
+ }
+ }
+ source {
+ address 10.4.57.45
+ }
+ }
+ rule 2616 {
+ action accept
+ description FW4C136_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW4C136_1
+ }
+ port 1194
+ }
+ protocol tcp_udp
+ }
+ rule 2617 {
+ action accept
+ description FW6F539_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW6F539_1
+ }
+ port 49152-65534
+ }
+ protocol tcp
+ }
+ rule 2618 {
+ action accept
+ description FWDD089_5-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWDD089_5
+ }
+ port 5666-5667,12489
+ }
+ protocol tcp_udp
+ }
+ rule 2619 {
+ action accept
+ description FWDD089_5-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWDD089_5
+ }
+ port 161-162
+ }
+ protocol tcp
+ }
+ rule 2620 {
+ action accept
+ description FWEF92E_5-AH-ALLOW-109.228.37.19
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ }
+ protocol ah
+ source {
+ address 109.228.37.19
+ }
+ }
+ rule 2621 {
+ action accept
+ description FW0A5C4_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW0A5C4_1
+ }
+ port 9000,6697,6667,5000
+ }
+ protocol tcp
+ }
+ rule 2622 {
+ action accept
+ description FWEF92E_5-AH-ALLOW-77.68.11.54
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ }
+ protocol ah
+ source {
+ address 77.68.11.54
+ }
+ }
+ rule 2623 {
+ action accept
+ description FW2BB8D_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW2BB8D_1
+ }
+ port 7990
+ }
+ protocol tcp
+ }
+ rule 2624 {
+ action accept
+ description FWAF6E8_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWAF6E8_1
+ }
+ port 7770-7800,44445,53
+ }
+ protocol tcp_udp
+ }
+ rule 2625 {
+ action accept
+ description FW81286_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW81286_1
+ }
+ port 2082,2083,2086,2087,2096
+ }
+ protocol tcp
+ }
+ rule 2626 {
+ action accept
+ description FW05064_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW05064_1
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 2627 {
+ action accept
+ description FWD7382_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWD7382_1
+ }
+ port 4500,1701,500
+ }
+ protocol udp
+ }
+ rule 2628 {
+ action accept
+ description FWD7382_1-TCP-ALLOW-174.91.7.198
+ destination {
+ group {
+ address-group DT_FWD7382_1
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 174.91.7.198
+ }
+ }
+ rule 2629 {
+ action accept
+ description VPN-9484-ANY-ALLOW-10.4.56.164
+ destination {
+ group {
+ address-group DT_VPN-9484
+ }
+ }
+ source {
+ address 10.4.56.164
+ }
+ }
+ rule 2630 {
+ action accept
+ description VPN-9484-ANY-ALLOW-10.4.57.164
+ destination {
+ group {
+ address-group DT_VPN-9484
+ }
+ }
+ source {
+ address 10.4.57.164
+ }
+ }
+ rule 2631 {
+ action accept
+ description VPN-9749-ANY-ALLOW-10.4.58.144
+ destination {
+ group {
+ address-group DT_VPN-9749
+ }
+ }
+ source {
+ address 10.4.58.144
+ }
+ }
+ rule 2632 {
+ action accept
+ description FWEF92E_5-AH-ALLOW-77.68.77.149
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ }
+ protocol ah
+ source {
+ address 77.68.77.149
+ }
+ }
+ rule 2633 {
+ action accept
+ description FW10FEE_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW10FEE_1
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 2634 {
+ action accept
+ description FW5658C_1-TCP-ALLOW-5.71.30.141
+ destination {
+ group {
+ address-group DT_FW5658C_1
+ }
+ port 8443
+ }
+ protocol tcp
+ source {
+ address 5.71.30.141
+ }
+ }
+ rule 2635 {
+ action accept
+ description VPN-9749-ANY-ALLOW-10.4.59.144
+ destination {
+ group {
+ address-group DT_VPN-9749
+ }
+ }
+ source {
+ address 10.4.59.144
+ }
+ }
+ rule 2636 {
+ action accept
+ description FWEF92E_5-AH-ALLOW-77.68.77.70
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ }
+ protocol ah
+ source {
+ address 77.68.77.70
+ }
+ }
+ rule 2637 {
+ action accept
+ description FWEF92E_5-AH-ALLOW-77.68.92.33
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ }
+ protocol ah
+ source {
+ address 77.68.92.33
+ }
+ }
+ rule 2638 {
+ action accept
+ description FWEF92E_5-AH-ALLOW-77.68.93.82
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ }
+ protocol ah
+ source {
+ address 77.68.93.82
+ }
+ }
+ rule 2639 {
+ action accept
+ description FWEF92E_6-AH-ALLOW-77.68.77.57
+ destination {
+ group {
+ address-group DT_FWEF92E_6
+ }
+ }
+ protocol ah
+ source {
+ address 77.68.77.57
+ }
+ }
+ rule 2640 {
+ action accept
+ description FWEF92E_6-TCP-ALLOW-77.68.8.74
+ destination {
+ group {
+ address-group DT_FWEF92E_6
+ }
+ port 3389,445
+ }
+ protocol tcp
+ source {
+ address 77.68.8.74
+ }
+ }
+ rule 2641 {
+ action accept
+ description FWEF92E_5-AH-ALLOW-88.208.198.93
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ }
+ protocol ah
+ source {
+ address 88.208.198.93
+ }
+ }
+ rule 2642 {
+ action accept
+ description FWEF92E_7-TCP-ALLOW-87.224.33.215
+ destination {
+ group {
+ address-group DT_FWEF92E_7
+ }
+ port 3389,445
+ }
+ protocol tcp
+ source {
+ address 87.224.33.215
+ }
+ }
+ rule 2643 {
+ action accept
+ description FWEF92E_7-TCP-ALLOW-87.224.6.174
+ destination {
+ group {
+ address-group DT_FWEF92E_7
+ }
+ port 3389,445
+ }
+ protocol tcp
+ source {
+ address 87.224.6.174
+ }
+ }
+ rule 2644 {
+ action accept
+ description FWEF92E_5-TCP-ALLOW-109.228.37.19
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ port 443
+ }
+ protocol tcp
+ source {
+ address 109.228.37.19
+ }
+ }
+ rule 2645 {
+ action accept
+ description FW49C3D_4-TCP-ALLOW-87.224.33.215
+ destination {
+ group {
+ address-group DT_FW49C3D_4
+ }
+ port 3389,445,80
+ }
+ protocol tcp
+ source {
+ address 87.224.33.215
+ }
+ }
+ rule 2646 {
+ action accept
+ description FW49C3D_4-TCP-ALLOW-82.0.198.226
+ destination {
+ group {
+ address-group DT_FW49C3D_4
+ }
+ port 3389,445
+ }
+ protocol tcp
+ source {
+ address 82.0.198.226
+ }
+ }
+ rule 2647 {
+ action accept
+ description FW49C3D_6-TCP-ALLOW-82.0.198.226
+ destination {
+ group {
+ address-group DT_FW49C3D_6
+ }
+ port 3389,445
+ }
+ protocol tcp
+ source {
+ address 82.0.198.226
+ }
+ }
+ rule 2648 {
+ action accept
+ description FW49C3D_6-TCP-ALLOW-83.100.136.74
+ destination {
+ group {
+ address-group DT_FW49C3D_6
+ }
+ port 3389,445
+ }
+ protocol tcp
+ source {
+ address 83.100.136.74
+ }
+ }
+ rule 2649 {
+ action accept
+ description FWEF92E_6-TCP-ALLOW-87.224.33.215
+ destination {
+ group {
+ address-group DT_FWEF92E_6
+ }
+ port 3389,445
+ }
+ protocol tcp
+ source {
+ address 87.224.33.215
+ }
+ }
+ rule 2650 {
+ action accept
+ description FWEF92E_5-TCP-ALLOW-194.145.189.162
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ port 443
+ }
+ protocol tcp
+ source {
+ address 194.145.189.162
+ }
+ }
+ rule 2651 {
+ action accept
+ description FW3DBF8_9-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW3DBF8_9
+ }
+ port 9000-10999
+ }
+ protocol udp
+ }
+ rule 2652 {
+ action accept
+ description VPN-19807-ANY-ALLOW-10.4.86.172
+ destination {
+ group {
+ address-group DT_VPN-19807
+ }
+ }
+ source {
+ address 10.4.86.172
+ }
+ }
+ rule 2653 {
+ action accept
+ description FWEEC75_1-TCP-ALLOW-82.8.245.40
+ destination {
+ group {
+ address-group DT_FWEEC75_1
+ }
+ port 21
+ }
+ protocol tcp
+ source {
+ address 82.8.245.40
+ }
+ }
+ rule 2654 {
+ action accept
+ description FW3AD6F_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW3AD6F_1
+ }
+ port 53,465
+ }
+ protocol tcp_udp
+ }
+ rule 2655 {
+ action accept
+ description FWCDBC7_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWCDBC7_1
+ }
+ port 53
+ }
+ protocol tcp_udp
+ }
+ rule 2656 {
+ action accept
+ description FWA373F_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWA373F_1
+ }
+ port 2087,2086,2083,2082
+ }
+ protocol tcp
+ }
+ rule 2657 {
+ action accept
+ description FW2B279_4-TCP-ALLOW-94.155.221.50
+ destination {
+ group {
+ address-group DT_FW2B279_4
+ }
+ port 8443,22
+ }
+ protocol tcp
+ source {
+ address 94.155.221.50
+ }
+ }
+ rule 2658 {
+ action accept
+ description FWC2D30_1-TCP-ALLOW-213.171.217.107
+ destination {
+ group {
+ address-group DT_FWC2D30_1
+ }
+ port 8443,22
+ }
+ protocol tcp
+ source {
+ address 213.171.217.107
+ }
+ }
+ rule 2659 {
+ action accept
+ description VPN-30791-ANY-ALLOW-10.4.88.215
+ destination {
+ group {
+ address-group DT_VPN-30791
+ }
+ }
+ source {
+ address 10.4.88.215
+ }
+ }
+ rule 2660 {
+ action accept
+ description VPN-30791-ANY-ALLOW-10.4.89.215
+ destination {
+ group {
+ address-group DT_VPN-30791
+ }
+ }
+ source {
+ address 10.4.89.215
+ }
+ }
+ rule 2661 {
+ action accept
+ description FW2EF2C_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW2EF2C_1
+ }
+ port 10000,3478
+ }
+ protocol udp
+ }
+ rule 2662 {
+ action accept
+ description FW32EFF_49-TCP-ALLOW-195.217.232.0_26
+ destination {
+ group {
+ address-group DT_FW32EFF_49
+ }
+ port 5589
+ }
+ protocol tcp
+ source {
+ address 195.217.232.0/26
+ }
+ }
+ rule 2663 {
+ action accept
+ description FW4AE7D_1-TCP-ALLOW-81.136.8.24
+ destination {
+ group {
+ address-group DT_FW4AE7D_1
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 81.136.8.24
+ }
+ }
+ rule 2664 {
+ action accept
+ description FW2EF2C_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW2EF2C_1
+ }
+ port 5222
+ }
+ protocol tcp_udp
+ }
+ rule 2665 {
+ action accept
+ description FW48A55_2-TCP-ALLOW-86.29.225.60
+ destination {
+ group {
+ address-group DT_FW48A55_2
+ }
+ port 443,80,22
+ }
+ protocol tcp
+ source {
+ address 86.29.225.60
+ }
+ }
+ rule 2666 {
+ action accept
+ description FW48A55_2-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW48A55_2
+ }
+ port 1337
+ }
+ protocol udp
+ }
+ rule 2667 {
+ action accept
+ description VPN-11913-ANY-ALLOW-10.4.56.191
+ destination {
+ group {
+ address-group DT_VPN-11913
+ }
+ }
+ source {
+ address 10.4.56.191
+ }
+ }
+ rule 2668 {
+ action accept
+ description FWEF92E_5-TCP-ALLOW-194.145.189.163
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ port 443
+ }
+ protocol tcp
+ source {
+ address 194.145.189.163
+ }
+ }
+ rule 2669 {
+ action accept
+ description FW8AFF1_7-TCP-ALLOW-109.228.0.90
+ destination {
+ group {
+ address-group DT_FW8AFF1_7
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 109.228.0.90
+ }
+ }
+ rule 2670 {
+ action accept
+ description FW8AFF1_7-TCP-ALLOW-109.228.24.66
+ destination {
+ group {
+ address-group DT_FW8AFF1_7
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 109.228.24.66
+ }
+ }
+ rule 2671 {
+ action accept
+ description VPN-11913-ANY-ALLOW-10.4.57.191
+ destination {
+ group {
+ address-group DT_VPN-11913
+ }
+ }
+ source {
+ address 10.4.57.191
+ }
+ }
+ rule 2672 {
+ action accept
+ description FW73573_2-TCP-ALLOW-86.9.185.195
+ destination {
+ group {
+ address-group DT_FW73573_2
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 86.9.185.195
+ }
+ }
+ rule 2673 {
+ action accept
+ description VPN-17558-ANY-ALLOW-10.4.87.143
+ destination {
+ group {
+ address-group DT_VPN-17558
+ }
+ }
+ source {
+ address 10.4.87.143
+ }
+ }
+ rule 2674 {
+ action accept
+ description FW748B7_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW748B7_1
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 2675 {
+ action accept
+ description FW16375_5-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW16375_5
+ }
+ port 2082,2083,2086,2087
+ }
+ protocol tcp
+ }
+ rule 2676 {
+ action accept
+ description FW5A77C_16-TCP-ALLOW-88.98.204.68
+ destination {
+ group {
+ address-group DT_FW5A77C_16
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 88.98.204.68
+ }
+ }
+ rule 2677 {
+ action accept
+ description FW73573_1-TCP-ALLOW-86.9.185.195
+ destination {
+ group {
+ address-group DT_FW73573_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 86.9.185.195
+ }
+ }
+ rule 2678 {
+ action accept
+ description FWEF92E_5-TCP-ALLOW-194.145.190.4
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ port 443
+ }
+ protocol tcp
+ source {
+ address 194.145.190.4
+ }
+ }
+ rule 2679 {
+ action accept
+ description FWC2D30_1-TCP-ALLOW-140.82.112.0_20
+ destination {
+ group {
+ address-group DT_FWC2D30_1
+ }
+ port 8443
+ }
+ protocol tcp
+ source {
+ address 140.82.112.0/20
+ }
+ }
+ rule 2680 {
+ action accept
+ description FW62858_12-ICMP-ALLOW-77.68.122.41
+ destination {
+ group {
+ address-group DT_FW62858_12
+ }
+ }
+ protocol icmp
+ source {
+ address 77.68.122.41
+ }
+ }
+ rule 2681 {
+ action accept
+ description FWB118A_1-TCP-ALLOW-147.148.96.136
+ destination {
+ group {
+ address-group DT_FWB118A_1
+ }
+ port 49152-65534,8447,8443,22,21,20
+ }
+ protocol tcp
+ source {
+ address 147.148.96.136
+ }
+ }
+ rule 2682 {
+ action accept
+ description FW5A77C_16-TCP-ALLOW-92.207.237.42
+ destination {
+ group {
+ address-group DT_FW5A77C_16
+ }
+ port 10000,22
+ }
+ protocol tcp
+ source {
+ address 92.207.237.42
+ }
+ }
+ rule 2683 {
+ action accept
+ description FW364CF_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW364CF_1
+ }
+ port 4022,8099
+ }
+ protocol tcp
+ }
+ rule 2684 {
+ action accept
+ description VPN-25822-ANY-ALLOW-10.4.54.42
+ destination {
+ group {
+ address-group DT_VPN-25822
+ }
+ }
+ source {
+ address 10.4.54.42
+ }
+ }
+ rule 2685 {
+ action accept
+ description FW7F28A_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW7F28A_1
+ }
+ port 10051,10050
+ }
+ protocol tcp
+ }
+ rule 2686 {
+ action accept
+ description FW8AFF1_7-TCP-ALLOW-109.228.53.159
+ destination {
+ group {
+ address-group DT_FW8AFF1_7
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 109.228.53.159
+ }
+ }
+ rule 2687 {
+ action accept
+ description FWE47DA_1-TCP-ALLOW-185.22.211.0_24
+ destination {
+ group {
+ address-group DT_FWE47DA_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 185.22.211.0/24
+ }
+ }
+ rule 2688 {
+ action accept
+ description FWC6301_1-TCP-ALLOW-95.34.208.4
+ destination {
+ group {
+ address-group DT_FWC6301_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 95.34.208.4
+ }
+ }
+ rule 2689 {
+ action accept
+ description FW45000_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW45000_1
+ }
+ port 990
+ }
+ protocol tcp
+ }
+ rule 2690 {
+ action accept
+ description FW481D7_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW481D7_1
+ }
+ port 6789
+ }
+ protocol tcp
+ }
+ rule 2691 {
+ action accept
+ description VPN-8203-ANY-ALLOW-10.4.59.109
+ destination {
+ group {
+ address-group DT_VPN-8203
+ }
+ }
+ source {
+ address 10.4.59.109
+ }
+ }
+ rule 2692 {
+ action accept
+ description VPN-3575-ANY-ALLOW-10.4.54.124
+ destination {
+ group {
+ address-group DT_VPN-3575
+ }
+ }
+ source {
+ address 10.4.54.124
+ }
+ }
+ rule 2693 {
+ action accept
+ description VPN-3575-ANY-ALLOW-10.4.55.125
+ destination {
+ group {
+ address-group DT_VPN-3575
+ }
+ }
+ source {
+ address 10.4.55.125
+ }
+ }
+ rule 2694 {
+ action accept
+ description FW42661_3-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW42661_3
+ }
+ port 44445,25672,15672,9876,7770-7800
+ }
+ protocol tcp
+ }
+ rule 2695 {
+ action accept
+ description FWBF494_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWBF494_1
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 2696 {
+ action accept
+ description FWD0E22_4-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWD0E22_4
+ }
+ port 8000,19005
+ }
+ protocol tcp
+ }
+ rule 2697 {
+ action accept
+ description FW98818_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW98818_1
+ }
+ port 27015
+ }
+ protocol udp
+ }
+ rule 2698 {
+ action accept
+ description FW62858_12-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW62858_12
+ }
+ port 5001,5000
+ }
+ protocol tcp
+ }
+ rule 2699 {
+ action accept
+ description VPN-34006-ANY-ALLOW-10.4.86.242
+ destination {
+ group {
+ address-group DT_VPN-34006
+ }
+ }
+ source {
+ address 10.4.86.242
+ }
+ }
+ rule 2700 {
+ action accept
+ description VPN-34006-ANY-ALLOW-10.4.87.242
+ destination {
+ group {
+ address-group DT_VPN-34006
+ }
+ }
+ source {
+ address 10.4.87.242
+ }
+ }
+ rule 2701 {
+ action accept
+ description FWF879C_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWF879C_1
+ }
+ port 8888
+ }
+ protocol tcp
+ }
+ rule 2702 {
+ action accept
+ description FWEF92E_5-TCP-ALLOW-77.68.11.54
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ port 443
+ }
+ protocol tcp
+ source {
+ address 77.68.11.54
+ }
+ }
+ rule 2703 {
+ action accept
+ description FWEF92E_5-TCP-ALLOW-77.68.74.89
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ port 443
+ }
+ protocol tcp
+ source {
+ address 77.68.74.89
+ }
+ }
+ rule 2704 {
+ action accept
+ description FWEF92E_5-TCP-ALLOW-77.68.77.149
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ port 443
+ }
+ protocol tcp
+ source {
+ address 77.68.77.149
+ }
+ }
+ rule 2705 {
+ action accept
+ description FW8A57A_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW8A57A_1
+ }
+ port 49153,5666
+ }
+ protocol tcp
+ }
+ rule 2706 {
+ action accept
+ description FW62858_12-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW62858_12
+ }
+ port 5090,5061,5060
+ }
+ protocol tcp_udp
+ }
+ rule 2707 {
+ action accept
+ description FW62858_12-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW62858_12
+ }
+ port 9000-10999
+ }
+ protocol udp
+ }
+ rule 2708 {
+ action accept
+ description FW0E2EE_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW0E2EE_1
+ }
+ port 1024-65535
+ }
+ protocol tcp_udp
+ }
+ rule 2709 {
+ action accept
+ description FWEEC75_1-TCP-ALLOW-82.5.80.210
+ destination {
+ group {
+ address-group DT_FWEEC75_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 82.5.80.210
+ }
+ }
+ rule 2710 {
+ action accept
+ description FW4F81F_4-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW4F81F_4
+ }
+ port 26900,27005,27015,51000,51005,51030
+ }
+ protocol tcp_udp
+ }
+ rule 2711 {
+ action accept
+ description VPN-7902-ANY-ALLOW-10.4.56.78
+ destination {
+ group {
+ address-group DT_VPN-7902
+ }
+ }
+ source {
+ address 10.4.56.78
+ }
+ }
+ rule 2712 {
+ action accept
+ description VPN-7902-ANY-ALLOW-10.4.57.78
+ destination {
+ group {
+ address-group DT_VPN-7902
+ }
+ }
+ source {
+ address 10.4.57.78
+ }
+ }
+ rule 2713 {
+ action accept
+ description FWB36A0_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWB36A0_1
+ }
+ port 20-21,990
+ }
+ protocol tcp_udp
+ }
+ rule 2714 {
+ action accept
+ description FWD2082_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWD2082_1
+ }
+ port 8001,8002
+ }
+ protocol tcp
+ }
+ rule 2715 {
+ action accept
+ description FW8A3FC_3-TCP-ALLOW-212.8.242.171
+ destination {
+ group {
+ address-group DT_FW8A3FC_3
+ }
+ port 465
+ }
+ protocol tcp
+ source {
+ address 212.8.242.171
+ }
+ }
+ rule 2716 {
+ action accept
+ description FWB9699_11-TCP-ALLOW-213.171.217.184
+ destination {
+ group {
+ address-group DT_FWB9699_11
+ }
+ port 443,80,8800,22
+ }
+ protocol tcp
+ source {
+ address 213.171.217.184
+ }
+ }
+ rule 2717 {
+ action accept
+ description VPN-11083-ANY-ALLOW-10.4.54.186
+ destination {
+ group {
+ address-group DT_VPN-11083
+ }
+ }
+ source {
+ address 10.4.54.186
+ }
+ }
+ rule 2718 {
+ action accept
+ description VPN-11083-ANY-ALLOW-10.4.55.187
+ destination {
+ group {
+ address-group DT_VPN-11083
+ }
+ }
+ source {
+ address 10.4.55.187
+ }
+ }
+ rule 2719 {
+ action accept
+ description VPN-34583-ANY-ALLOW-10.4.86.243
+ destination {
+ group {
+ address-group DT_VPN-34583
+ }
+ }
+ source {
+ address 10.4.86.243
+ }
+ }
+ rule 2720 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-123.231.84.155
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 123.231.84.155
+ }
+ }
+ rule 2721 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.215.117
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.215.117
+ }
+ }
+ rule 2722 {
+ action accept
+ description FW7A9B0_9-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW7A9B0_9
+ }
+ port 11112
+ }
+ protocol tcp
+ }
+ rule 2723 {
+ action accept
+ description FW3F465_1-TCP-ALLOW-77.68.127.177
+ destination {
+ group {
+ address-group DT_FW3F465_1
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 77.68.127.177
+ }
+ }
+ rule 2724 {
+ action accept
+ description VPN-34583-ANY-ALLOW-10.4.87.243
+ destination {
+ group {
+ address-group DT_VPN-34583
+ }
+ }
+ source {
+ address 10.4.87.243
+ }
+ }
+ rule 2725 {
+ action accept
+ description FW930F3_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW930F3_1
+ }
+ port 9089,5900,5666,5272
+ }
+ protocol tcp
+ }
+ rule 2726 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.209.165
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.209.165
+ }
+ }
+ rule 2727 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.211.140
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.211.140
+ }
+ }
+ rule 2728 {
+ action accept
+ description FW90AE3_1-TCP-ALLOW-82.11.114.136
+ destination {
+ group {
+ address-group DT_FW90AE3_1
+ }
+ port 3306,22
+ }
+ protocol tcp
+ source {
+ address 82.11.114.136
+ }
+ }
+ rule 2729 {
+ action accept
+ description FW73215_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW73215_1
+ }
+ port 27015
+ }
+ protocol tcp_udp
+ }
+ rule 2730 {
+ action accept
+ description FWC2EF2_1-TCP-ALLOW-18.130.156.250
+ destination {
+ group {
+ address-group DT_FWC2EF2_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 18.130.156.250
+ }
+ }
+ rule 2731 {
+ action accept
+ description FWC2EF2_1-TCP-ALLOW-90.251.221.19
+ destination {
+ group {
+ address-group DT_FWC2EF2_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 90.251.221.19
+ }
+ }
+ rule 2732 {
+ action accept
+ description FW90AE3_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW90AE3_1
+ }
+ port 8765,8001,8000
+ }
+ protocol tcp
+ }
+ rule 2733 {
+ action accept
+ description FWC2EF2_1-TCP-ALLOW-87.74.110.191
+ destination {
+ group {
+ address-group DT_FWC2EF2_1
+ }
+ port 8443
+ }
+ protocol tcp
+ source {
+ address 87.74.110.191
+ }
+ }
+ rule 2734 {
+ action accept
+ description FWEF92E_5-TCP-ALLOW-77.68.77.70
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ port 443
+ }
+ protocol tcp
+ source {
+ address 77.68.77.70
+ }
+ }
+ rule 2735 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.211.93
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.211.93
+ }
+ }
+ rule 2736 {
+ action accept
+ description FW81138_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW81138_1
+ }
+ port 123
+ }
+ protocol udp
+ }
+ rule 2737 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.208.64
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.208.64
+ }
+ }
+ rule 2738 {
+ action accept
+ description FW03B35_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW03B35_1
+ }
+ port 1-65535
+ }
+ protocol tcp_udp
+ }
+ rule 2739 {
+ action accept
+ description VPN-19807-ANY-ALLOW-10.4.87.172
+ destination {
+ group {
+ address-group DT_VPN-19807
+ }
+ }
+ source {
+ address 10.4.87.172
+ }
+ }
+ rule 2740 {
+ action accept
+ description FW5658C_1-TCP-ALLOW-94.12.73.154
+ destination {
+ group {
+ address-group DT_FW5658C_1
+ }
+ port 8447
+ }
+ protocol tcp
+ source {
+ address 94.12.73.154
+ }
+ }
+ rule 2741 {
+ action accept
+ description FW5658C_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW5658C_1
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 2742 {
+ action accept
+ description FW0B352_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW0B352_1
+ }
+ port 3443
+ }
+ protocol tcp_udp
+ }
+ rule 2743 {
+ action accept
+ description FWEF92E_5-TCP-ALLOW-77.68.8.74
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ port 3389,445,443
+ }
+ protocol tcp
+ source {
+ address 77.68.8.74
+ }
+ }
+ rule 2744 {
+ action accept
+ description FWEF92E_5-TCP-ALLOW-77.68.92.33
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ port 443
+ }
+ protocol tcp
+ source {
+ address 77.68.92.33
+ }
+ }
+ rule 2745 {
+ action accept
+ description FWEF92E_5-TCP-ALLOW-77.68.93.82
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ port 443
+ }
+ protocol tcp
+ source {
+ address 77.68.93.82
+ }
+ }
+ rule 2746 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.214.44
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.214.44
+ }
+ }
+ rule 2747 {
+ action accept
+ description FW34C91_3-TCP-ALLOW-188.220.176.104
+ destination {
+ group {
+ address-group DT_FW34C91_3
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 188.220.176.104
+ }
+ }
+ rule 2748 {
+ action accept
+ description FW3F465_1-TCP-ALLOW-77.68.16.101
+ destination {
+ group {
+ address-group DT_FW3F465_1
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 77.68.16.101
+ }
+ }
+ rule 2749 {
+ action accept
+ description FWEF92E_5-TCP-ALLOW-87.224.33.215
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ port 3389,445,443
+ }
+ protocol tcp
+ source {
+ address 87.224.33.215
+ }
+ }
+ rule 2750 {
+ action accept
+ description FW34C91_3-UDP-ALLOW-188.220.176.104
+ destination {
+ group {
+ address-group DT_FW34C91_3
+ }
+ port 1434
+ }
+ protocol udp
+ source {
+ address 188.220.176.104
+ }
+ }
+ rule 2751 {
+ action accept
+ description FWE47DA_1-TCP-ALLOW-185.22.208.0_25
+ destination {
+ group {
+ address-group DT_FWE47DA_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 185.22.208.0/25
+ }
+ }
+ rule 2752 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.214.187
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.214.187
+ }
+ }
+ rule 2753 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.209.84
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.209.84
+ }
+ }
+ rule 2754 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-116.206.246.52
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000,3389
+ }
+ protocol tcp_udp
+ source {
+ address 116.206.246.52
+ }
+ }
+ rule 2755 {
+ action accept
+ description FW8AFF1_7-TCP-ALLOW-77.68.92.154
+ destination {
+ group {
+ address-group DT_FW8AFF1_7
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 77.68.92.154
+ }
+ }
+ rule 2756 {
+ action accept
+ description FW8AFF1_7-TCP-ALLOW-77.68.93.156
+ destination {
+ group {
+ address-group DT_FW8AFF1_7
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 77.68.93.156
+ }
+ }
+ rule 2757 {
+ action accept
+ description VPN-24398-ANY-ALLOW-10.4.88.151
+ destination {
+ group {
+ address-group DT_VPN-24398
+ }
+ }
+ source {
+ address 10.4.88.151
+ }
+ }
+ rule 2758 {
+ action accept
+ description VPN-24398-ANY-ALLOW-10.4.89.151
+ destination {
+ group {
+ address-group DT_VPN-24398
+ }
+ }
+ source {
+ address 10.4.89.151
+ }
+ }
+ rule 2759 {
+ action accept
+ description VPN-24589-ANY-ALLOW-10.4.56.9
+ destination {
+ group {
+ address-group DT_VPN-24589
+ }
+ }
+ source {
+ address 10.4.56.9
+ }
+ }
+ rule 2760 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.212.29
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.212.29
+ }
+ }
+ rule 2761 {
+ action accept
+ description FWC7D36_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWC7D36_1
+ }
+ port 27017,11080
+ }
+ protocol tcp
+ }
+ rule 2762 {
+ action accept
+ description FWBB718_1-TCP_UDP-ALLOW-77.68.73.116
+ destination {
+ group {
+ address-group DT_FWBB718_1
+ }
+ port 1433
+ }
+ protocol tcp_udp
+ source {
+ address 77.68.73.116
+ }
+ }
+ rule 2763 {
+ action accept
+ description FWBB718_1-UDP-ALLOW-77.68.73.116
+ destination {
+ group {
+ address-group DT_FWBB718_1
+ }
+ port 1434
+ }
+ protocol udp
+ source {
+ address 77.68.73.116
+ }
+ }
+ rule 2764 {
+ action accept
+ description FWB9699_11-TCP-ALLOW-213.171.217.102
+ destination {
+ group {
+ address-group DT_FWB9699_11
+ }
+ port 22,80,443,8800
+ }
+ protocol tcp
+ source {
+ address 213.171.217.102
+ }
+ }
+ rule 2765 {
+ action accept
+ description FW18E6E_3-TCP-ALLOW-103.8.164.5
+ destination {
+ group {
+ address-group DT_FW18E6E_3
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 103.8.164.5
+ }
+ }
+ rule 2766 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.213.193
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.213.193
+ }
+ }
+ rule 2768 {
+ action accept
+ description FW26F0A_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW26F0A_1
+ }
+ port 53
+ }
+ protocol tcp_udp
+ }
+ rule 2769 {
+ action accept
+ description FWCC18F_2-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWCC18F_2
+ }
+ port 8883,1883
+ }
+ protocol tcp
+ }
+ rule 2771 {
+ action accept
+ description FW633DD_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW633DD_1
+ }
+ port 28967,14002,9984,9983,9982,9981,8888,8884
+ }
+ protocol tcp
+ }
+ rule 2772 {
+ action accept
+ description FWDEDB9_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWDEDB9_1
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 2773 {
+ action accept
+ description VPN-18646-ANY-ALLOW-10.4.88.109
+ destination {
+ group {
+ address-group DT_VPN-18646
+ }
+ }
+ source {
+ address 10.4.88.109
+ }
+ }
+ rule 2774 {
+ action accept
+ description VPN-18646-ANY-ALLOW-10.4.89.109
+ destination {
+ group {
+ address-group DT_VPN-18646
+ }
+ }
+ source {
+ address 10.4.89.109
+ }
+ }
+ rule 2775 {
+ action accept
+ description FWA0531_1-TCP-ALLOW-87.224.39.221
+ destination {
+ group {
+ address-group DT_FWA0531_1
+ }
+ port 8082,3003,22
+ }
+ protocol tcp
+ source {
+ address 87.224.39.221
+ }
+ }
+ rule 2776 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.211.94
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.211.94
+ }
+ }
+ rule 2777 {
+ action accept
+ description FWA0531_1-TCP-ALLOW-92.237.97.92
+ destination {
+ group {
+ address-group DT_FWA0531_1
+ }
+ port 8082,3003,22
+ }
+ protocol tcp
+ source {
+ address 92.237.97.92
+ }
+ }
+ rule 2778 {
+ action accept
+ description VPN-25822-ANY-ALLOW-10.4.55.42
+ destination {
+ group {
+ address-group DT_VPN-25822
+ }
+ }
+ source {
+ address 10.4.55.42
+ }
+ }
+ rule 2779 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.211.88
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.211.88
+ }
+ }
+ rule 2780 {
+ action accept
+ description FWC2D30_1-TCP-ALLOW-143.55.64.0_20
+ destination {
+ group {
+ address-group DT_FWC2D30_1
+ }
+ port 8443
+ }
+ protocol tcp
+ source {
+ address 143.55.64.0/20
+ }
+ }
+ rule 2781 {
+ action accept
+ description FW18E6E_3-TCP-ALLOW-194.176.78.206
+ destination {
+ group {
+ address-group DT_FW18E6E_3
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 194.176.78.206
+ }
+ }
+ rule 2782 {
+ action accept
+ description FW18E6E_3-TCP-ALLOW-195.243.221.50
+ destination {
+ group {
+ address-group DT_FW18E6E_3
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 195.243.221.50
+ }
+ }
+ rule 2783 {
+ action accept
+ description FW18E6E_3-TCP-ALLOW-213.171.217.107
+ destination {
+ group {
+ address-group DT_FW18E6E_3
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 213.171.217.107
+ }
+ }
+ rule 2784 {
+ action accept
+ description FW18E6E_3-TCP-ALLOW-81.150.168.54
+ destination {
+ group {
+ address-group DT_FW18E6E_3
+ }
+ port 3306,22
+ }
+ protocol tcp
+ source {
+ address 81.150.168.54
+ }
+ }
+ rule 2785 {
+ action accept
+ description FW18E6E_3-TCP-ALLOW-89.197.133.235
+ destination {
+ group {
+ address-group DT_FW18E6E_3
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 89.197.133.235
+ }
+ }
+ rule 2786 {
+ action accept
+ description FW18E6E_3-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW18E6E_3
+ }
+ port 60000-60100,873
+ }
+ protocol tcp
+ }
+ rule 2787 {
+ action accept
+ description FW2BF20_3-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW2BF20_3
+ }
+ port 49152-65534,990
+ }
+ protocol tcp
+ }
+ rule 2788 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.209.98
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.209.98
+ }
+ }
+ rule 2789 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.213.65
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.213.65
+ }
+ }
+ rule 2791 {
+ action accept
+ description FW197DB_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW197DB_1
+ }
+ port 49152-65534
+ }
+ protocol tcp
+ }
+ rule 2792 {
+ action accept
+ description FW1208C_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW1208C_1
+ }
+ port 2087,2083,2096
+ }
+ protocol tcp
+ }
+ rule 2793 {
+ action accept
+ description FW00D98_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW00D98_1
+ }
+ port 4430
+ }
+ protocol tcp
+ }
+ rule 2794 {
+ action accept
+ description FW03B35_1-ESP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW03B35_1
+ }
+ }
+ protocol esp
+ }
+ rule 2795 {
+ action accept
+ description FW03B35_1-AH-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW03B35_1
+ }
+ }
+ protocol ah
+ }
+ rule 2796 {
+ action accept
+ description FWEF92E_5-TCP-ALLOW-87.224.6.174
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ port 3389,445,443
+ }
+ protocol tcp
+ source {
+ address 87.224.6.174
+ }
+ }
+ rule 2797 {
+ action accept
+ description FW825C8_19-TCP-ALLOW-159.253.51.74
+ destination {
+ group {
+ address-group DT_FW825C8_19
+ }
+ port 3389,1433,995
+ }
+ protocol tcp
+ source {
+ address 159.253.51.74
+ }
+ }
+ rule 2798 {
+ action accept
+ description FW825C8_19-TCP-ALLOW-77.68.76.111
+ destination {
+ group {
+ address-group DT_FW825C8_19
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 77.68.76.111
+ }
+ }
+ rule 2799 {
+ action accept
+ description FW825C8_19-TCP-ALLOW-77.68.28.63
+ destination {
+ group {
+ address-group DT_FW825C8_19
+ }
+ port 995
+ }
+ protocol tcp
+ source {
+ address 77.68.28.63
+ }
+ }
+ rule 2801 {
+ action accept
+ description FW2EF2C_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW2EF2C_1
+ }
+ port 5349
+ }
+ protocol tcp
+ }
+ rule 2802 {
+ action accept
+ description FWEF92E_5-TCP-ALLOW-88.208.198.93
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ port 443
+ }
+ protocol tcp
+ source {
+ address 88.208.198.93
+ }
+ }
+ rule 2803 {
+ action accept
+ description FWC3921_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWC3921_1
+ }
+ port 25000,25001-25005,26000-26006
+ }
+ protocol tcp
+ }
+ rule 2804 {
+ action accept
+ description FWEF92E_5-UDP-ALLOW-109.228.37.19
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ port 500
+ }
+ protocol udp
+ source {
+ address 109.228.37.19
+ }
+ }
+ rule 2805 {
+ action accept
+ description FWEF92E_5-UDP-ALLOW-77.68.11.54
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ port 500
+ }
+ protocol udp
+ source {
+ address 77.68.11.54
+ }
+ }
+ rule 2806 {
+ action accept
+ description FW5AE10_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW5AE10_1
+ }
+ port 53
+ }
+ protocol tcp_udp
+ }
+ rule 2810 {
+ action accept
+ description FW45F87_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW45F87_1
+ }
+ port 60000-60100
+ }
+ protocol tcp
+ }
+ rule 2811 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-123.231.108.158
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 123.231.108.158
+ }
+ }
+ rule 2813 {
+ action accept
+ description FW825C8_19-TCP-ALLOW-109.228.1.233
+ destination {
+ group {
+ address-group DT_FW825C8_19
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 109.228.1.233
+ }
+ }
+ rule 2814 {
+ action accept
+ description FW20449_2-ICMP-ALLOW-3.10.221.168
+ destination {
+ group {
+ address-group DT_FW20449_2
+ }
+ }
+ protocol icmp
+ source {
+ address 3.10.221.168
+ }
+ }
+ rule 2815 {
+ action accept
+ description FWB9699_7-TCP-ALLOW-213.171.217.100
+ destination {
+ group {
+ address-group DT_FWB9699_7
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 213.171.217.100
+ }
+ }
+ rule 2816 {
+ action accept
+ description FWB9699_7-TCP-ALLOW-213.171.217.180
+ destination {
+ group {
+ address-group DT_FWB9699_7
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 213.171.217.180
+ }
+ }
+ rule 2817 {
+ action accept
+ description FWB9699_7-TCP-ALLOW-213.171.217.184
+ destination {
+ group {
+ address-group DT_FWB9699_7
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 213.171.217.184
+ }
+ }
+ rule 2818 {
+ action accept
+ description FWB9699_7-TCP-ALLOW-213.171.217.185
+ destination {
+ group {
+ address-group DT_FWB9699_7
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 213.171.217.185
+ }
+ }
+ rule 2819 {
+ action accept
+ description FWB9699_7-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWB9699_7
+ }
+ port 161
+ }
+ protocol udp
+ }
+ rule 2820 {
+ action accept
+ description FWB9699_7-TCP-ALLOW-213.171.217.102
+ destination {
+ group {
+ address-group DT_FWB9699_7
+ }
+ port 22,8443
+ }
+ protocol tcp
+ source {
+ address 213.171.217.102
+ }
+ }
+ rule 2821 {
+ action accept
+ description FWB9699_7-TCP-ALLOW-213.171.217.103
+ destination {
+ group {
+ address-group DT_FWB9699_7
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 213.171.217.103
+ }
+ }
+ rule 2824 {
+ action accept
+ description FWE3E77_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWE3E77_1
+ }
+ port 10010,10009
+ }
+ protocol tcp
+ }
+ rule 2825 {
+ action accept
+ description FW8A3FC_3-TCP-ALLOW-93.190.142.120
+ destination {
+ group {
+ address-group DT_FW8A3FC_3
+ }
+ port 465
+ }
+ protocol tcp
+ source {
+ address 93.190.142.120
+ }
+ }
+ rule 2826 {
+ action accept
+ description FW20449_2-ICMP-ALLOW-82.20.69.137
+ destination {
+ group {
+ address-group DT_FW20449_2
+ }
+ }
+ protocol icmp
+ source {
+ address 82.20.69.137
+ }
+ }
+ rule 2827 {
+ action accept
+ description FW8A3FC_3-TCP-ALLOW-46.101.232.93
+ destination {
+ group {
+ address-group DT_FW8A3FC_3
+ }
+ port 21-10000
+ }
+ protocol tcp
+ source {
+ address 46.101.232.93
+ }
+ }
+ rule 2828 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.213.5
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.213.5
+ }
+ }
+ rule 2829 {
+ action accept
+ description FWD2440_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWD2440_1
+ }
+ port 1-65535
+ }
+ protocol tcp
+ }
+ rule 2831 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.214.105
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.214.105
+ }
+ }
+ rule 2833 {
+ action accept
+ description FW825C8_24-TCP-ALLOW-159.253.51.74
+ destination {
+ group {
+ address-group DT_FW825C8_24
+ }
+ port 3389,1433,995
+ }
+ protocol tcp
+ source {
+ address 159.253.51.74
+ }
+ }
+ rule 2834 {
+ action accept
+ description FW825C8_24-TCP-ALLOW-77.68.77.120
+ destination {
+ group {
+ address-group DT_FW825C8_24
+ }
+ port 1433
+ }
+ protocol tcp
+ source {
+ address 77.68.77.120
+ }
+ }
+ rule 2839 {
+ action accept
+ description FWD2440_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWD2440_1
+ }
+ port 1-65535
+ }
+ protocol udp
+ }
+ rule 2840 {
+ action accept
+ description FW1C8F2_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW1C8F2_1
+ }
+ port 7000-10000,5554,5443,5080,1935,1111
+ }
+ protocol tcp
+ }
+ rule 2843 {
+ action accept
+ description FWE7180_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWE7180_1
+ }
+ port 443,53
+ }
+ protocol tcp_udp
+ }
+ rule 2844 {
+ action accept
+ description FWC6301_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWC6301_1
+ }
+ port 2456
+ }
+ protocol tcp_udp
+ }
+ rule 2845 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.215.113
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.215.113
+ }
+ }
+ rule 2846 {
+ action accept
+ description VPN-24589-ANY-ALLOW-10.4.57.9
+ destination {
+ group {
+ address-group DT_VPN-24589
+ }
+ }
+ source {
+ address 10.4.57.9
+ }
+ }
+ rule 2847 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.212.237
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.212.237
+ }
+ }
+ rule 2849 {
+ action accept
+ description FWFD9AF_9-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWFD9AF_9
+ }
+ port 445
+ }
+ protocol tcp_udp
+ }
+ rule 2850 {
+ action accept
+ description VPN-23209-ANY-ALLOW-10.4.58.8
+ destination {
+ group {
+ address-group DT_VPN-23209
+ }
+ }
+ source {
+ address 10.4.58.8
+ }
+ }
+ rule 2851 {
+ action accept
+ description VPN-23209-ANY-ALLOW-10.4.59.8
+ destination {
+ group {
+ address-group DT_VPN-23209
+ }
+ }
+ source {
+ address 10.4.59.8
+ }
+ }
+ rule 2853 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.215.29
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.215.29
+ }
+ }
+ rule 2854 {
+ action accept
+ description FW16375_5-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW16375_5
+ }
+ port 2096
+ }
+ protocol tcp_udp
+ }
+ rule 2856 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.212.173
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.212.173
+ }
+ }
+ rule 2858 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.208.35
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.208.35
+ }
+ }
+ rule 2859 {
+ action accept
+ description FW73573_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW73573_1
+ }
+ port 25
+ }
+ protocol tcp_udp
+ }
+ rule 2860 {
+ action accept
+ description FW18E6E_3-TCP-ALLOW-148.253.173.242
+ destination {
+ group {
+ address-group DT_FW18E6E_3
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 148.253.173.242
+ }
+ }
+ rule 2861 {
+ action accept
+ description FW8ECF4_1-TCP-ALLOW-77.68.2.215
+ destination {
+ group {
+ address-group DT_FW8ECF4_1
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 77.68.2.215
+ }
+ }
+ rule 2862 {
+ action accept
+ description FW8A3FC_3-TCP_UDP-ALLOW-82.165.100.25
+ destination {
+ group {
+ address-group DT_FW8A3FC_3
+ }
+ port 21-10000
+ }
+ protocol tcp_udp
+ source {
+ address 82.165.100.25
+ }
+ }
+ rule 2863 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.213.235
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.213.235
+ }
+ }
+ rule 2864 {
+ action accept
+ description VPN-18647-ANY-ALLOW-10.4.86.114
+ destination {
+ group {
+ address-group DT_VPN-18647
+ }
+ }
+ source {
+ address 10.4.86.114
+ }
+ }
+ rule 2865 {
+ action accept
+ description VPN-18647-ANY-ALLOW-10.4.87.114
+ destination {
+ group {
+ address-group DT_VPN-18647
+ }
+ }
+ source {
+ address 10.4.87.114
+ }
+ }
+ rule 2867 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.215.107
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.215.107
+ }
+ }
+ rule 2868 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.208.239
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.208.239
+ }
+ }
+ rule 2869 {
+ action accept
+ description FWF699D_4-TCP-ALLOW-164.39.151.3
+ destination {
+ group {
+ address-group DT_FWF699D_4
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 164.39.151.3
+ }
+ }
+ rule 2870 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.211.245
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.211.245
+ }
+ }
+ rule 2873 {
+ action accept
+ description FWEF92E_6-TCP-ALLOW-87.224.6.174
+ destination {
+ group {
+ address-group DT_FWEF92E_6
+ }
+ port 3389,445
+ }
+ protocol tcp
+ source {
+ address 87.224.6.174
+ }
+ }
+ rule 2874 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.215.130
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.215.130
+ }
+ }
+ rule 2875 {
+ action accept
+ description FW44BF9_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW44BF9_1
+ }
+ port 49160-49200
+ }
+ protocol tcp
+ }
+ rule 2876 {
+ action accept
+ description VPN-24591-ANY-ALLOW-10.4.86.4
+ destination {
+ group {
+ address-group DT_VPN-24591
+ }
+ }
+ source {
+ address 10.4.86.4
+ }
+ }
+ rule 2877 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.214.60
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.214.60
+ }
+ }
+ rule 2879 {
+ action accept
+ description FWEF92E_6-UDP-ALLOW-77.68.77.57
+ destination {
+ group {
+ address-group DT_FWEF92E_6
+ }
+ port 500
+ }
+ protocol udp
+ source {
+ address 77.68.77.57
+ }
+ }
+ rule 2880 {
+ action accept
+ description FWF699D_4-TCP-ALLOW-185.132.38.110
+ destination {
+ group {
+ address-group DT_FWF699D_4
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 185.132.38.110
+ }
+ }
+ rule 2881 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.208.216
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.208.216
+ }
+ }
+ rule 2882 {
+ action accept
+ description FWEF92E_5-UDP-ALLOW-77.68.77.149
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ port 500
+ }
+ protocol udp
+ source {
+ address 77.68.77.149
+ }
+ }
+ rule 2883 {
+ action accept
+ description FWA2FF8_4-TCP-ALLOW-80.229.18.102
+ destination {
+ group {
+ address-group DT_FWA2FF8_4
+ }
+ port 3306,21,22
+ }
+ protocol tcp
+ source {
+ address 80.229.18.102
+ }
+ }
+ rule 2884 {
+ action accept
+ description FWA2FF8_4-TCP-ALLOW-109.169.33.69
+ destination {
+ group {
+ address-group DT_FWA2FF8_4
+ }
+ port 3306,21,22
+ }
+ protocol tcp
+ source {
+ address 109.169.33.69
+ }
+ }
+ rule 2885 {
+ action accept
+ description FWA2FF8_4-TCP-ALLOW-46.102.209.35
+ destination {
+ group {
+ address-group DT_FWA2FF8_4
+ }
+ port 3306,21
+ }
+ protocol tcp
+ source {
+ address 46.102.209.35
+ }
+ }
+ rule 2886 {
+ action accept
+ description FWA2FF8_4-TCP-ALLOW-90.213.48.16
+ destination {
+ group {
+ address-group DT_FWA2FF8_4
+ }
+ port 3306,21
+ }
+ protocol tcp
+ source {
+ address 90.213.48.16
+ }
+ }
+ rule 2887 {
+ action accept
+ description FWA2FF8_4-TCP-ALLOW-77.68.76.129
+ destination {
+ group {
+ address-group DT_FWA2FF8_4
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 77.68.76.129
+ }
+ }
+ rule 2888 {
+ action accept
+ description FWA2FF8_4-TCP-ALLOW-109.228.50.145
+ destination {
+ group {
+ address-group DT_FWA2FF8_4
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 109.228.50.145
+ }
+ }
+ rule 2889 {
+ action accept
+ description FWA2FF8_4-TCP-ALLOW-77.68.76.231
+ destination {
+ group {
+ address-group DT_FWA2FF8_4
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 77.68.76.231
+ }
+ }
+ rule 2890 {
+ action accept
+ description FW4513E_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW4513E_1
+ }
+ port 50000-50020,990
+ }
+ protocol tcp
+ }
+ rule 2893 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-175.157.40.7
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 175.157.40.7
+ }
+ }
+ rule 2894 {
+ action accept
+ description VPN-21876-ANY-ALLOW-10.4.88.96
+ destination {
+ group {
+ address-group DT_VPN-21876
+ }
+ }
+ source {
+ address 10.4.88.96
+ }
+ }
+ rule 2895 {
+ action accept
+ description VPN-21876-ANY-ALLOW-10.4.89.96
+ destination {
+ group {
+ address-group DT_VPN-21876
+ }
+ }
+ source {
+ address 10.4.89.96
+ }
+ }
+ rule 2896 {
+ action accept
+ description VPN-26124-ANY-ALLOW-10.4.54.75
+ destination {
+ group {
+ address-group DT_VPN-26124
+ }
+ }
+ source {
+ address 10.4.54.75
+ }
+ }
+ rule 2897 {
+ action accept
+ description VPN-26124-ANY-ALLOW-10.4.55.76
+ destination {
+ group {
+ address-group DT_VPN-26124
+ }
+ }
+ source {
+ address 10.4.55.76
+ }
+ }
+ rule 2898 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.210.21
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.210.21
+ }
+ }
+ rule 2899 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.211.213
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.211.213
+ }
+ }
+ rule 2901 {
+ action accept
+ description FWC6301_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWC6301_1
+ }
+ port 5555
+ }
+ protocol udp
+ }
+ rule 2902 {
+ action accept
+ description VPN-13261-ANY-ALLOW-10.4.56.173
+ destination {
+ group {
+ address-group DT_VPN-13261
+ }
+ }
+ source {
+ address 10.4.56.173
+ }
+ }
+ rule 2903 {
+ action accept
+ description VPN-13261-ANY-ALLOW-10.4.57.173
+ destination {
+ group {
+ address-group DT_VPN-13261
+ }
+ }
+ source {
+ address 10.4.57.173
+ }
+ }
+ rule 2909 {
+ action accept
+ description VPN-24591-ANY-ALLOW-10.4.87.4
+ destination {
+ group {
+ address-group DT_VPN-24591
+ }
+ }
+ source {
+ address 10.4.87.4
+ }
+ }
+ rule 2911 {
+ action accept
+ description FWE7180_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWE7180_1
+ }
+ port 40110-40210,8090
+ }
+ protocol tcp
+ }
+ rule 2914 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.211.247
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.211.247
+ }
+ }
+ rule 2915 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.214.129
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.214.129
+ }
+ }
+ rule 2916 {
+ action accept
+ description FWCB29D_1-TCP-ALLOW-51.146.16.162
+ destination {
+ group {
+ address-group DT_FWCB29D_1
+ }
+ port 8447,8443,22
+ }
+ protocol tcp
+ source {
+ address 51.146.16.162
+ }
+ }
+ rule 2917 {
+ action accept
+ description FW4E399_1-TCP-ALLOW-51.155.19.77
+ destination {
+ group {
+ address-group DT_FW4E399_1
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 51.155.19.77
+ }
+ }
+ rule 2919 {
+ action accept
+ description FWC72E5_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWC72E5_1
+ }
+ port 9000-9100,6667
+ }
+ protocol tcp
+ }
+ rule 2922 {
+ action accept
+ description FW21A75_2-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW21A75_2
+ }
+ port 3000
+ }
+ protocol tcp
+ }
+ rule 2923 {
+ action accept
+ description FW3B068_2-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW3B068_2
+ }
+ port 990,60000-65000
+ }
+ protocol tcp
+ }
+ rule 2924 {
+ action accept
+ description FW48814_3-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW48814_3
+ }
+ port 3306
+ }
+ protocol tcp_udp
+ }
+ rule 2925 {
+ action accept
+ description FW48814_3-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW48814_3
+ }
+ port 49152-65534
+ }
+ protocol tcp
+ }
+ rule 2926 {
+ action accept
+ description FW2B279_4-TCP-ALLOW-178.128.39.210
+ destination {
+ group {
+ address-group DT_FW2B279_4
+ }
+ port 8443
+ }
+ protocol tcp
+ source {
+ address 178.128.39.210
+ }
+ }
+ rule 2927 {
+ action accept
+ description FW2B279_4-TCP-ALLOW-82.165.232.19
+ destination {
+ group {
+ address-group DT_FW2B279_4
+ }
+ port 8443
+ }
+ protocol tcp
+ source {
+ address 82.165.232.19
+ }
+ }
+ rule 2928 {
+ action accept
+ description FW2B279_4-TCP-ALLOW-84.64.186.31
+ destination {
+ group {
+ address-group DT_FW2B279_4
+ }
+ port 8443
+ }
+ protocol tcp
+ source {
+ address 84.64.186.31
+ }
+ }
+ rule 2929 {
+ action accept
+ description FW1C8F2_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW1C8F2_1
+ }
+ port 5000-65000
+ }
+ protocol udp
+ }
+ rule 2930 {
+ action accept
+ description FW2B279_4-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW2B279_4
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 2931 {
+ action accept
+ description FW608FA_1-TCP-ALLOW-195.10.106.114
+ destination {
+ group {
+ address-group DT_FW608FA_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 195.10.106.114
+ }
+ }
+ rule 2932 {
+ action accept
+ description FW608FA_1-TCP-ALLOW-213.137.25.134
+ destination {
+ group {
+ address-group DT_FW608FA_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 213.137.25.134
+ }
+ }
+ rule 2933 {
+ action accept
+ description FW608FA_1-TCP-ALLOW-92.39.202.189
+ destination {
+ group {
+ address-group DT_FW608FA_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 92.39.202.189
+ }
+ }
+ rule 2935 {
+ action accept
+ description FWC37B9_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWC37B9_1
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 2936 {
+ action accept
+ description FW15C99_6-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW15C99_6
+ }
+ port 32410-32414,1900
+ }
+ protocol udp
+ }
+ rule 2937 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-116.206.244.146
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 116.206.244.146
+ }
+ }
+ rule 2938 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.211.158
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000,3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.211.158
+ }
+ }
+ rule 2939 {
+ action accept
+ description FW15C99_6-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW15C99_6
+ }
+ port 32469,32400
+ }
+ protocol tcp
+ }
+ rule 2940 {
+ action accept
+ description FW0192C_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW0192C_1
+ }
+ port 2053
+ }
+ protocol tcp
+ }
+ rule 2941 {
+ action accept
+ description FW27949_2-TCP-ALLOW-86.179.23.119
+ destination {
+ group {
+ address-group DT_FW27949_2
+ }
+ port 443,80
+ }
+ protocol tcp
+ source {
+ address 86.179.23.119
+ }
+ }
+ rule 2942 {
+ action accept
+ description FW27949_2-TCP-ALLOW-92.15.208.193
+ destination {
+ group {
+ address-group DT_FW27949_2
+ }
+ port 443,80
+ }
+ protocol tcp
+ source {
+ address 92.15.208.193
+ }
+ }
+ rule 2943 {
+ action accept
+ description VPN-34122-ANY-ALLOW-10.4.56.122
+ destination {
+ group {
+ address-group DT_VPN-34122
+ }
+ }
+ source {
+ address 10.4.56.122
+ }
+ }
+ rule 2944 {
+ action accept
+ description VPN-34122-ANY-ALLOW-10.4.57.122
+ destination {
+ group {
+ address-group DT_VPN-34122
+ }
+ }
+ source {
+ address 10.4.57.122
+ }
+ }
+ rule 2945 {
+ action accept
+ description FWF323F_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWF323F_1
+ }
+ port 25565,9999,8080,5001,3306
+ }
+ protocol tcp_udp
+ }
+ rule 2946 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.213.132
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.213.132
+ }
+ }
+ rule 2948 {
+ action accept
+ description VPN-30261-ANY-ALLOW-10.4.86.110
+ destination {
+ group {
+ address-group DT_VPN-30261
+ }
+ }
+ source {
+ address 10.4.86.110
+ }
+ }
+ rule 2949 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.209.246
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.209.246
+ }
+ }
+ rule 2951 {
+ action accept
+ description FWC2D30_1-TCP-ALLOW-157.231.100.222
+ destination {
+ group {
+ address-group DT_FWC2D30_1
+ }
+ port 8443
+ }
+ protocol tcp
+ source {
+ address 157.231.100.222
+ }
+ }
+ rule 2952 {
+ action accept
+ description FWC2D30_1-TCP-ALLOW-164.39.131.31
+ destination {
+ group {
+ address-group DT_FWC2D30_1
+ }
+ port 8443
+ }
+ protocol tcp
+ source {
+ address 164.39.131.31
+ }
+ }
+ rule 2953 {
+ action accept
+ description FWC2D30_1-TCP-ALLOW-185.199.108.0_22
+ destination {
+ group {
+ address-group DT_FWC2D30_1
+ }
+ port 8443
+ }
+ protocol tcp
+ source {
+ address 185.199.108.0/22
+ }
+ }
+ rule 2954 {
+ action accept
+ description FWC2D30_1-TCP-ALLOW-192.30.252.0_22
+ destination {
+ group {
+ address-group DT_FWC2D30_1
+ }
+ port 8443
+ }
+ protocol tcp
+ source {
+ address 192.30.252.0/22
+ }
+ }
+ rule 2955 {
+ action accept
+ description FWC2D30_1-TCP-ALLOW-80.252.78.202
+ destination {
+ group {
+ address-group DT_FWC2D30_1
+ }
+ port 8443
+ }
+ protocol tcp
+ source {
+ address 80.252.78.202
+ }
+ }
+ rule 2956 {
+ action accept
+ description FWC2D30_1-TCP-ALLOW-86.15.158.234
+ destination {
+ group {
+ address-group DT_FWC2D30_1
+ }
+ port 8443
+ }
+ protocol tcp
+ source {
+ address 86.15.158.234
+ }
+ }
+ rule 2957 {
+ action accept
+ description VPN-30261-ANY-ALLOW-10.4.87.110
+ destination {
+ group {
+ address-group DT_VPN-30261
+ }
+ }
+ source {
+ address 10.4.87.110
+ }
+ }
+ rule 2958 {
+ action accept
+ description VPN-30262-ANY-ALLOW-10.4.88.36
+ destination {
+ group {
+ address-group DT_VPN-30262
+ }
+ }
+ source {
+ address 10.4.88.36
+ }
+ }
+ rule 2961 {
+ action accept
+ description VPN-15950-ANY-ALLOW-10.4.88.89
+ destination {
+ group {
+ address-group DT_VPN-15950
+ }
+ }
+ source {
+ address 10.4.88.89
+ }
+ }
+ rule 2962 {
+ action accept
+ description FWBFDED_1-TCP-ALLOW-78.141.24.164
+ destination {
+ group {
+ address-group DT_FWBFDED_1
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 78.141.24.164
+ }
+ }
+ rule 2963 {
+ action accept
+ description VPN-30262-ANY-ALLOW-10.4.89.36
+ destination {
+ group {
+ address-group DT_VPN-30262
+ }
+ }
+ source {
+ address 10.4.89.36
+ }
+ }
+ rule 2964 {
+ action accept
+ description FW1F126_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW1F126_1
+ }
+ port 2087,2083
+ }
+ protocol tcp
+ }
+ rule 2965 {
+ action accept
+ description FWA7A50_1-ANY-ALLOW-40.120.53.80
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ }
+ source {
+ address 40.120.53.80
+ }
+ }
+ rule 2967 {
+ action accept
+ description VPN-23729-ANY-ALLOW-10.4.54.10
+ destination {
+ group {
+ address-group DT_VPN-23729
+ }
+ }
+ source {
+ address 10.4.54.10
+ }
+ }
+ rule 2968 {
+ action accept
+ description VPN-23729-ANY-ALLOW-10.4.55.10
+ destination {
+ group {
+ address-group DT_VPN-23729
+ }
+ }
+ source {
+ address 10.4.55.10
+ }
+ }
+ rule 2969 {
+ action accept
+ description VPN-23733-ANY-ALLOW-10.4.58.12
+ destination {
+ group {
+ address-group DT_VPN-23733
+ }
+ }
+ source {
+ address 10.4.58.12
+ }
+ }
+ rule 2970 {
+ action accept
+ description VPN-23733-ANY-ALLOW-10.4.59.12
+ destination {
+ group {
+ address-group DT_VPN-23733
+ }
+ }
+ source {
+ address 10.4.59.12
+ }
+ }
+ rule 2971 {
+ action accept
+ description VPN-23734-ANY-ALLOW-10.4.56.29
+ destination {
+ group {
+ address-group DT_VPN-23734
+ }
+ }
+ source {
+ address 10.4.56.29
+ }
+ }
+ rule 2972 {
+ action accept
+ description VPN-23734-ANY-ALLOW-10.4.57.29
+ destination {
+ group {
+ address-group DT_VPN-23734
+ }
+ }
+ source {
+ address 10.4.57.29
+ }
+ }
+ rule 2975 {
+ action accept
+ description VPN-23738-ANY-ALLOW-10.4.57.13
+ destination {
+ group {
+ address-group DT_VPN-23738
+ }
+ }
+ source {
+ address 10.4.57.13
+ }
+ }
+ rule 2976 {
+ action accept
+ description FWD8DD1_2-TCP-ALLOW-77.153.164.226
+ destination {
+ group {
+ address-group DT_FWD8DD1_2
+ }
+ port 3306,22
+ }
+ protocol tcp
+ source {
+ address 77.153.164.226
+ }
+ }
+ rule 2977 {
+ action accept
+ description FWE012D_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWE012D_1
+ }
+ port 143,25
+ }
+ protocol tcp_udp
+ }
+ rule 2978 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-123.231.120.196
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 123.231.120.196
+ }
+ }
+ rule 2981 {
+ action accept
+ description FW24AB7_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW24AB7_1
+ }
+ port 40110-40210
+ }
+ protocol tcp_udp
+ }
+ rule 2985 {
+ action accept
+ description FW2379F_14-TCP-ALLOW-194.72.140.178
+ destination {
+ group {
+ address-group DT_FW2379F_14
+ }
+ port 3389,21
+ }
+ protocol tcp
+ source {
+ address 194.72.140.178
+ }
+ }
+ rule 2986 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.212.97
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.212.97
+ }
+ }
+ rule 2988 {
+ action accept
+ description FW883EB_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW883EB_1
+ }
+ port 5005,5004,5003,5002,5001
+ }
+ protocol tcp
+ }
+ rule 2992 {
+ action accept
+ description FW310C6_3-ANY-ALLOW-62.30.207.232
+ destination {
+ group {
+ address-group DT_FW310C6_3
+ }
+ }
+ source {
+ address 62.30.207.232
+ }
+ }
+ rule 2993 {
+ action accept
+ description VPN-15950-ANY-ALLOW-10.4.89.89
+ destination {
+ group {
+ address-group DT_VPN-15950
+ }
+ }
+ source {
+ address 10.4.89.89
+ }
+ }
+ rule 2994 {
+ action accept
+ description VPN-15960-ANY-ALLOW-10.4.88.90
+ destination {
+ group {
+ address-group DT_VPN-15960
+ }
+ }
+ source {
+ address 10.4.88.90
+ }
+ }
+ rule 2995 {
+ action accept
+ description FWEF92E_7-UDP-ALLOW-77.68.77.57
+ destination {
+ group {
+ address-group DT_FWEF92E_7
+ }
+ port 500
+ }
+ protocol udp
+ source {
+ address 77.68.77.57
+ }
+ }
+ rule 2996 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.214.135
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.214.135
+ }
+ }
+ rule 2998 {
+ action accept
+ description VPN-31002-ANY-ALLOW-10.4.88.126
+ destination {
+ group {
+ address-group DT_VPN-31002
+ }
+ }
+ source {
+ address 10.4.88.126
+ }
+ }
+ rule 2999 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-116.206.246.110
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 116.206.246.110
+ }
+ }
+ rule 3000 {
+ action accept
+ description FW08061_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW08061_1
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 3001 {
+ action accept
+ description VPN-15960-ANY-ALLOW-10.4.89.90
+ destination {
+ group {
+ address-group DT_VPN-15960
+ }
+ }
+ source {
+ address 10.4.89.90
+ }
+ }
+ rule 3003 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.210.56
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.210.56
+ }
+ }
+ rule 3004 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-175.157.47.47
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 175.157.47.47
+ }
+ }
+ rule 3005 {
+ action accept
+ description FW10C3D_19-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW10C3D_19
+ }
+ port 49152-65535,14147
+ }
+ protocol tcp
+ }
+ rule 3006 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.210.136
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.210.136
+ }
+ }
+ rule 3009 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-175.157.44.109
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 175.157.44.109
+ }
+ }
+ rule 3010 {
+ action accept
+ description VPN-24592-ANY-ALLOW-10.4.88.9
+ destination {
+ group {
+ address-group DT_VPN-24592
+ }
+ }
+ source {
+ address 10.4.88.9
+ }
+ }
+ rule 3011 {
+ action accept
+ description FW05AD0_2-TCP-ALLOW-213.171.209.161
+ destination {
+ group {
+ address-group DT_FW05AD0_2
+ }
+ port 3389,1433,21
+ }
+ protocol tcp
+ source {
+ address 213.171.209.161
+ }
+ }
+ rule 3012 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-123.231.86.254
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 123.231.86.254
+ }
+ }
+ rule 3014 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.210.16
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.210.16
+ }
+ }
+ rule 3018 {
+ action accept
+ description VPN-24592-ANY-ALLOW-10.4.89.9
+ destination {
+ group {
+ address-group DT_VPN-24592
+ }
+ }
+ source {
+ address 10.4.89.9
+ }
+ }
+ rule 3019 {
+ action accept
+ description VPN-24593-ANY-ALLOW-10.4.54.6
+ destination {
+ group {
+ address-group DT_VPN-24593
+ }
+ }
+ source {
+ address 10.4.54.6
+ }
+ }
+ rule 3020 {
+ action accept
+ description VPN-24593-ANY-ALLOW-10.4.55.6
+ destination {
+ group {
+ address-group DT_VPN-24593
+ }
+ }
+ source {
+ address 10.4.55.6
+ }
+ }
+ rule 3021 {
+ action accept
+ description VPN-24594-ANY-ALLOW-10.4.58.6
+ destination {
+ group {
+ address-group DT_VPN-24594
+ }
+ }
+ source {
+ address 10.4.58.6
+ }
+ }
+ rule 3022 {
+ action accept
+ description VPN-24594-ANY-ALLOW-10.4.59.6
+ destination {
+ group {
+ address-group DT_VPN-24594
+ }
+ }
+ source {
+ address 10.4.59.6
+ }
+ }
+ rule 3023 {
+ action accept
+ description VPN-24595-ANY-ALLOW-10.4.56.14
+ destination {
+ group {
+ address-group DT_VPN-24595
+ }
+ }
+ source {
+ address 10.4.56.14
+ }
+ }
+ rule 3024 {
+ action accept
+ description VPN-24595-ANY-ALLOW-10.4.57.14
+ destination {
+ group {
+ address-group DT_VPN-24595
+ }
+ }
+ source {
+ address 10.4.57.14
+ }
+ }
+ rule 3025 {
+ action accept
+ description VPN-32528-ANY-ALLOW-10.4.58.67
+ destination {
+ group {
+ address-group DT_VPN-32528
+ }
+ }
+ source {
+ address 10.4.58.67
+ }
+ }
+ rule 3026 {
+ action accept
+ description VPN-32528-ANY-ALLOW-10.4.59.67
+ destination {
+ group {
+ address-group DT_VPN-32528
+ }
+ }
+ source {
+ address 10.4.59.67
+ }
+ }
+ rule 3027 {
+ action accept
+ description FW6187E_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW6187E_1
+ }
+ port 51195
+ }
+ protocol udp
+ }
+ rule 3028 {
+ action accept
+ description FW406AB_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW406AB_1
+ }
+ port 37013,25461,8881,8080,2095,2082,1992
+ }
+ protocol tcp_udp
+ }
+ rule 3029 {
+ action accept
+ description FWA86A4_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWA86A4_1
+ }
+ port 30333,5666
+ }
+ protocol tcp
+ }
+ rule 3032 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.209.52
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.209.52
+ }
+ }
+ rule 3033 {
+ action accept
+ description FWC055A_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWC055A_1
+ }
+ port 2195
+ }
+ protocol tcp
+ }
+ rule 3035 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.213.81
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.213.81
+ }
+ }
+ rule 3039 {
+ action accept
+ description FW42BC7_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW42BC7_1
+ }
+ port 53
+ }
+ protocol tcp_udp
+ }
+ rule 3040 {
+ action accept
+ description FW42BC7_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW42BC7_1
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 3041 {
+ action accept
+ description FW310C6_3-ANY-ALLOW-88.208.198.39
+ destination {
+ group {
+ address-group DT_FW310C6_3
+ }
+ }
+ source {
+ address 88.208.198.39
+ }
+ }
+ rule 3042 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.209.235
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.209.235
+ }
+ }
+ rule 3043 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.212.205
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.212.205
+ }
+ }
+ rule 3044 {
+ action accept
+ description FWBE878_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWBE878_1
+ }
+ port 8989,5003,3000
+ }
+ protocol tcp_udp
+ }
+ rule 3045 {
+ action accept
+ description VPN-30679-ANY-ALLOW-10.4.58.195
+ destination {
+ group {
+ address-group DT_VPN-30679
+ }
+ }
+ source {
+ address 10.4.58.195
+ }
+ }
+ rule 3046 {
+ action accept
+ description FW6B9B9_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW6B9B9_1
+ }
+ port 30006-65000,27017,7101,4200,2990-3009
+ }
+ protocol tcp
+ }
+ rule 3047 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.211.212
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.211.212
+ }
+ }
+ rule 3049 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-123.231.125.4
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 123.231.125.4
+ }
+ }
+ rule 3050 {
+ action accept
+ description FW49C3D_4-TCP-ALLOW-83.100.136.74
+ destination {
+ group {
+ address-group DT_FW49C3D_4
+ }
+ port 3389,445
+ }
+ protocol tcp
+ source {
+ address 83.100.136.74
+ }
+ }
+ rule 3051 {
+ action accept
+ description FW49C3D_6-TCP-ALLOW-87.224.33.215
+ destination {
+ group {
+ address-group DT_FW49C3D_6
+ }
+ port 3389,445
+ }
+ protocol tcp
+ source {
+ address 87.224.33.215
+ }
+ }
+ rule 3053 {
+ action accept
+ description FW89619_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW89619_1
+ }
+ port 9000-10999
+ }
+ protocol udp
+ }
+ rule 3054 {
+ action accept
+ description FWBD9D0_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWBD9D0_1
+ }
+ port 9090
+ }
+ protocol tcp
+ }
+ rule 3055 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-175.157.47.236
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 175.157.47.236
+ }
+ }
+ rule 3056 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-175.157.46.226
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 175.157.46.226
+ }
+ }
+ rule 3058 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.211.205
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.211.205
+ }
+ }
+ rule 3060 {
+ action accept
+ description FWF7B68_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWF7B68_1
+ }
+ port 49152-65535
+ }
+ protocol tcp
+ }
+ rule 3061 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.210.253
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.210.253
+ }
+ }
+ rule 3063 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.210.0
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000,3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.210.0
+ }
+ }
+ rule 3065 {
+ action accept
+ description FW85619_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW85619_1
+ }
+ port 6433
+ }
+ protocol tcp
+ }
+ rule 3066 {
+ action accept
+ description FW5A5D7_3-TCP-ALLOW-188.66.79.94
+ destination {
+ group {
+ address-group DT_FW5A5D7_3
+ }
+ port 8172,3389
+ }
+ protocol tcp
+ source {
+ address 188.66.79.94
+ }
+ }
+ rule 3067 {
+ action accept
+ description FWF30BD_1-TCP-ALLOW-81.133.80.114
+ destination {
+ group {
+ address-group DT_FWF30BD_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 81.133.80.114
+ }
+ }
+ rule 3068 {
+ action accept
+ description FWF30BD_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWF30BD_1
+ }
+ port 5061,5015,5001
+ }
+ protocol tcp
+ }
+ rule 3069 {
+ action accept
+ description FWBD9D0_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWBD9D0_1
+ }
+ port 51820
+ }
+ protocol udp
+ }
+ rule 3070 {
+ action accept
+ description FW7C4D9_14-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW7C4D9_14
+ }
+ port 25565,2456-2458
+ }
+ protocol tcp_udp
+ }
+ rule 3071 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.209.23
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.209.23
+ }
+ }
+ rule 3072 {
+ action accept
+ description FWEEC75_1-TCP-ALLOW-81.96.100.32
+ destination {
+ group {
+ address-group DT_FWEEC75_1
+ }
+ port 8447
+ }
+ protocol tcp
+ source {
+ address 81.96.100.32
+ }
+ }
+ rule 3073 {
+ action accept
+ description FW8A3FC_3-TCP-ALLOW-95.168.164.208
+ destination {
+ group {
+ address-group DT_FW8A3FC_3
+ }
+ port 465
+ }
+ protocol tcp
+ source {
+ address 95.168.164.208
+ }
+ }
+ rule 3074 {
+ action accept
+ description VPN-19992-ANY-ALLOW-10.4.86.158
+ destination {
+ group {
+ address-group DT_VPN-19992
+ }
+ }
+ source {
+ address 10.4.86.158
+ }
+ }
+ rule 3075 {
+ action accept
+ description FWF30BD_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWF30BD_1
+ }
+ port 5090,5060
+ }
+ protocol tcp_udp
+ }
+ rule 3076 {
+ action accept
+ description VPN-30679-ANY-ALLOW-10.4.59.195
+ destination {
+ group {
+ address-group DT_VPN-30679
+ }
+ }
+ source {
+ address 10.4.59.195
+ }
+ }
+ rule 3077 {
+ action accept
+ description FW930F3_3-ANY-ALLOW-77.68.112.254
+ destination {
+ group {
+ address-group DT_FW930F3_3
+ }
+ }
+ source {
+ address 77.68.112.254
+ }
+ }
+ rule 3078 {
+ action accept
+ description FW672AB_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW672AB_1
+ }
+ port 5432
+ }
+ protocol tcp
+ }
+ rule 3079 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.211.252
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.211.252
+ }
+ }
+ rule 3080 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-123.231.86.192
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 123.231.86.192
+ }
+ }
+ rule 3081 {
+ action accept
+ description VPN-33204-ANY-ALLOW-10.4.56.176
+ destination {
+ group {
+ address-group DT_VPN-33204
+ }
+ }
+ source {
+ address 10.4.56.176
+ }
+ }
+ rule 3083 {
+ action accept
+ description FW1FA8E_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW1FA8E_1
+ }
+ port 33434
+ }
+ protocol udp
+ }
+ rule 3084 {
+ action accept
+ description FWD2440_1-ESP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWD2440_1
+ }
+ }
+ protocol esp
+ }
+ rule 3085 {
+ action accept
+ description FWA0531_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWA0531_1
+ }
+ port 53
+ }
+ protocol tcp_udp
+ }
+ rule 3090 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.212.70
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.212.70
+ }
+ }
+ rule 3091 {
+ action accept
+ description FWF7BFA_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWF7BFA_1
+ }
+ port 8000,5901,5479,5478
+ }
+ protocol tcp
+ }
+ rule 3092 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.214.212
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.214.212
+ }
+ }
+ rule 3094 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.212.125
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.212.125
+ }
+ }
+ rule 3096 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.211.89
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.211.89
+ }
+ }
+ rule 3097 {
+ action accept
+ description FWD56A2_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWD56A2_1
+ }
+ port 8001,8000
+ }
+ protocol tcp
+ }
+ rule 3098 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.209.109
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.209.109
+ }
+ }
+ rule 3099 {
+ action accept
+ description FW36425_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW36425_1
+ }
+ port 44445,7770-7800
+ }
+ protocol tcp
+ }
+ rule 3100 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.214.238
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.214.238
+ }
+ }
+ rule 3102 {
+ action accept
+ description FW6B39D_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW6B39D_1
+ }
+ port 49216,49215
+ }
+ protocol tcp_udp
+ }
+ rule 3103 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.213.121
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.213.121
+ }
+ }
+ rule 3105 {
+ action accept
+ description FW2379F_14-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW2379F_14
+ }
+ port 443
+ }
+ protocol tcp_udp
+ }
+ rule 3107 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.211.38
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.211.38
+ }
+ }
+ rule 3109 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.213.191
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.213.191
+ }
+ }
+ rule 3111 {
+ action accept
+ description FW27947_1-TCP-ALLOW-213.229.100.148
+ destination {
+ group {
+ address-group DT_FW27947_1
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 213.229.100.148
+ }
+ }
+ rule 3112 {
+ action accept
+ description FWD42CF_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWD42CF_1
+ }
+ port 5432,5001,5000
+ }
+ protocol tcp
+ }
+ rule 3114 {
+ action accept
+ description FW3A12F_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW3A12F_1
+ }
+ port 53
+ }
+ protocol tcp_udp
+ }
+ rule 3116 {
+ action accept
+ description FW5A5D7_3-TCP-ALLOW-194.62.184.87
+ destination {
+ group {
+ address-group DT_FW5A5D7_3
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 194.62.184.87
+ }
+ }
+ rule 3117 {
+ action accept
+ description FW5A5D7_3-TCP-ALLOW-51.219.31.78
+ destination {
+ group {
+ address-group DT_FW5A5D7_3
+ }
+ port 8172,3389
+ }
+ protocol tcp
+ source {
+ address 51.219.31.78
+ }
+ }
+ rule 3118 {
+ action accept
+ description VPN-26157-ANY-ALLOW-10.4.86.57
+ destination {
+ group {
+ address-group DT_VPN-26157
+ }
+ }
+ source {
+ address 10.4.86.57
+ }
+ }
+ rule 3119 {
+ action accept
+ description VPN-26157-ANY-ALLOW-10.4.87.57
+ destination {
+ group {
+ address-group DT_VPN-26157
+ }
+ }
+ source {
+ address 10.4.87.57
+ }
+ }
+ rule 3120 {
+ action accept
+ description FWA7625_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWA7625_1
+ }
+ port 943
+ }
+ protocol tcp
+ }
+ rule 3121 {
+ action accept
+ description FWC96A1_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWC96A1_1
+ }
+ port 1194
+ }
+ protocol udp
+ }
+ rule 3122 {
+ action accept
+ description FWA7625_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWA7625_1
+ }
+ port 1194
+ }
+ protocol udp
+ }
+ rule 3123 {
+ action accept
+ description FWA7625_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWA7625_1
+ }
+ port 32400,10108
+ }
+ protocol tcp_udp
+ }
+ rule 3125 {
+ action accept
+ description FW8A3FC_3-TCP-ALLOW-185.173.161.154
+ destination {
+ group {
+ address-group DT_FW8A3FC_3
+ }
+ port 465
+ }
+ protocol tcp
+ source {
+ address 185.173.161.154
+ }
+ }
+ rule 3127 {
+ action accept
+ description FW05339_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW05339_1
+ }
+ port 46961
+ }
+ protocol udp
+ }
+ rule 3130 {
+ action accept
+ description FWA0AA0_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWA0AA0_1
+ }
+ port 1194
+ }
+ protocol udp
+ }
+ rule 3132 {
+ action accept
+ description FWD8DD1_2-TCP_UDP-ALLOW-77.153.164.226
+ destination {
+ group {
+ address-group DT_FWD8DD1_2
+ }
+ port 443,80
+ }
+ protocol tcp_udp
+ source {
+ address 77.153.164.226
+ }
+ }
+ rule 3134 {
+ action accept
+ description FW19987_4-TCP-ALLOW-87.224.6.174
+ destination {
+ group {
+ address-group DT_FW19987_4
+ }
+ port 3389,445,443
+ }
+ protocol tcp
+ source {
+ address 87.224.6.174
+ }
+ }
+ rule 3135 {
+ action accept
+ description FW40AE4_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW40AE4_1
+ }
+ port 53
+ }
+ protocol tcp_udp
+ }
+ rule 3136 {
+ action accept
+ description VPN-33204-ANY-ALLOW-10.4.57.176
+ destination {
+ group {
+ address-group DT_VPN-33204
+ }
+ }
+ source {
+ address 10.4.57.176
+ }
+ }
+ rule 3137 {
+ action accept
+ description FWF3A1B_1-TCP_UDP-ALLOW-86.132.125.4
+ destination {
+ group {
+ address-group DT_FWF3A1B_1
+ }
+ port 2222
+ }
+ protocol tcp_udp
+ source {
+ address 86.132.125.4
+ }
+ }
+ rule 3138 {
+ action accept
+ description FWF3A1B_1-TCP_UDP-ALLOW-91.205.173.51
+ destination {
+ group {
+ address-group DT_FWF3A1B_1
+ }
+ port 2222
+ }
+ protocol tcp_udp
+ source {
+ address 91.205.173.51
+ }
+ }
+ rule 3143 {
+ action accept
+ description FWA86ED_101-TCP-ALLOW-109.149.121.73
+ destination {
+ group {
+ address-group DT_FWA86ED_101
+ }
+ port 3389,443
+ }
+ protocol tcp
+ source {
+ address 109.149.121.73
+ }
+ }
+ rule 3144 {
+ action accept
+ description FWA0AA0_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWA0AA0_1
+ }
+ port 28083,28015-28016,1935
+ }
+ protocol tcp_udp
+ }
+ rule 3146 {
+ action accept
+ description FWF3A1B_1-TCP_UDP-ALLOW-92.233.27.144
+ destination {
+ group {
+ address-group DT_FWF3A1B_1
+ }
+ port 2222
+ }
+ protocol tcp_udp
+ source {
+ address 92.233.27.144
+ }
+ }
+ rule 3148 {
+ action accept
+ description FWA86ED_101-TCP-ALLOW-151.228.194.190
+ destination {
+ group {
+ address-group DT_FWA86ED_101
+ }
+ port 3389,443
+ }
+ protocol tcp
+ source {
+ address 151.228.194.190
+ }
+ }
+ rule 3149 {
+ action accept
+ description FW9B6FB_1-ICMP-ALLOW-77.68.89.115_32
+ destination {
+ group {
+ address-group DT_FW9B6FB_1
+ }
+ }
+ protocol icmp
+ source {
+ address 77.68.89.115/32
+ }
+ }
+ rule 3153 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.214.199
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.214.199
+ }
+ }
+ rule 3155 {
+ action accept
+ description FW45F3D_1-ANY-ALLOW-195.224.110.168
+ destination {
+ group {
+ address-group DT_FW45F3D_1
+ }
+ }
+ source {
+ address 195.224.110.168
+ }
+ }
+ rule 3156 {
+ action accept
+ description FWF8E67_1-TCP-ALLOW-82.14.188.35
+ destination {
+ group {
+ address-group DT_FWF8E67_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 82.14.188.35
+ }
+ }
+ rule 3157 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.215.58
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.215.58
+ }
+ }
+ rule 3158 {
+ action accept
+ description VPN-19992-ANY-ALLOW-10.4.87.158
+ destination {
+ group {
+ address-group DT_VPN-19992
+ }
+ }
+ source {
+ address 10.4.87.158
+ }
+ }
+ rule 3159 {
+ action accept
+ description FWA86ED_101-TCP-ALLOW-5.66.24.185
+ destination {
+ group {
+ address-group DT_FWA86ED_101
+ }
+ port 3389,443
+ }
+ protocol tcp
+ source {
+ address 5.66.24.185
+ }
+ }
+ rule 3160 {
+ action accept
+ description FWF8E67_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWF8E67_1
+ }
+ port 3001
+ }
+ protocol tcp
+ }
+ rule 3161 {
+ action accept
+ description FWD2440_1-AH-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWD2440_1
+ }
+ }
+ protocol ah
+ }
+ rule 3166 {
+ action accept
+ description FW3EBC8_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW3EBC8_1
+ }
+ port 9001-9900,9000
+ }
+ protocol tcp
+ }
+ rule 3167 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.212.244
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.212.244
+ }
+ }
+ rule 3168 {
+ action accept
+ description FWA0531_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWA0531_1
+ }
+ port 3000
+ }
+ protocol tcp
+ }
+ rule 3170 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.215.137
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.215.137
+ }
+ }
+ rule 3173 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.209.104
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.209.104
+ }
+ }
+ rule 3176 {
+ action accept
+ description FW6906B_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW6906B_1
+ }
+ port 4190
+ }
+ protocol tcp
+ }
+ rule 3177 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-116.206.246.230
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 116.206.246.230
+ }
+ }
+ rule 3178 {
+ action accept
+ description FW444AF_1-TCP-ALLOW-91.135.10.140
+ destination {
+ group {
+ address-group DT_FW444AF_1
+ }
+ port 27017
+ }
+ protocol tcp
+ source {
+ address 91.135.10.140
+ }
+ }
+ rule 3180 {
+ action accept
+ description FWA86ED_101-TCP-ALLOW-81.150.13.34
+ destination {
+ group {
+ address-group DT_FWA86ED_101
+ }
+ port 3389,443
+ }
+ protocol tcp
+ source {
+ address 81.150.13.34
+ }
+ }
+ rule 3181 {
+ action accept
+ description FWA86ED_101-TCP-ALLOW-82.10.14.73
+ destination {
+ group {
+ address-group DT_FWA86ED_101
+ }
+ port 3389,443
+ }
+ protocol tcp
+ source {
+ address 82.10.14.73
+ }
+ }
+ rule 3183 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.209.25
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.209.25
+ }
+ }
+ rule 3184 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.215.224
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.215.224
+ }
+ }
+ rule 3185 {
+ action accept
+ description FW9B6FB_1-TCP-ALLOW-77.68.89.115_32
+ destination {
+ group {
+ address-group DT_FW9B6FB_1
+ }
+ port 10050
+ }
+ protocol tcp
+ source {
+ address 77.68.89.115/32
+ }
+ }
+ rule 3186 {
+ action accept
+ description VPN-14673-ANY-ALLOW-10.4.89.44
+ destination {
+ group {
+ address-group DT_VPN-14673
+ }
+ }
+ source {
+ address 10.4.89.44
+ }
+ }
+ rule 3187 {
+ action accept
+ description FWCA628_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWCA628_1
+ }
+ port 2096,2095,2087,2086,2083,2082
+ }
+ protocol tcp
+ }
+ rule 3189 {
+ action accept
+ description VPN-28484-ANY-ALLOW-10.4.58.159
+ destination {
+ group {
+ address-group DT_VPN-28484
+ }
+ }
+ source {
+ address 10.4.58.159
+ }
+ }
+ rule 3190 {
+ action accept
+ description FW028C0_2-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW028C0_2
+ }
+ port 44491-44498,44474
+ }
+ protocol tcp
+ }
+ rule 3191 {
+ action accept
+ description VPN-28484-ANY-ALLOW-10.4.59.159
+ destination {
+ group {
+ address-group DT_VPN-28484
+ }
+ }
+ source {
+ address 10.4.59.159
+ }
+ }
+ rule 3192 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.213.119
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.213.119
+ }
+ }
+ rule 3194 {
+ action accept
+ description FWF699D_4-TCP-ALLOW-195.74.108.130
+ destination {
+ group {
+ address-group DT_FWF699D_4
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 195.74.108.130
+ }
+ }
+ rule 3195 {
+ action accept
+ description FWF699D_4-TCP-ALLOW-31.54.149.143
+ destination {
+ group {
+ address-group DT_FWF699D_4
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 31.54.149.143
+ }
+ }
+ rule 3196 {
+ action accept
+ description FWF699D_4-TCP-ALLOW-35.204.243.120
+ destination {
+ group {
+ address-group DT_FWF699D_4
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 35.204.243.120
+ }
+ }
+ rule 3197 {
+ action accept
+ description FWF699D_4-TCP-ALLOW-81.150.55.65
+ destination {
+ group {
+ address-group DT_FWF699D_4
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 81.150.55.65
+ }
+ }
+ rule 3198 {
+ action accept
+ description FWF699D_4-TCP-ALLOW-81.150.55.70
+ destination {
+ group {
+ address-group DT_FWF699D_4
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 81.150.55.70
+ }
+ }
+ rule 3199 {
+ action accept
+ description FWF699D_4-TCP-ALLOW-86.142.112.4
+ destination {
+ group {
+ address-group DT_FWF699D_4
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 86.142.112.4
+ }
+ }
+ rule 3200 {
+ action accept
+ description FWF699D_4-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWF699D_4
+ }
+ port 8983
+ }
+ protocol tcp_udp
+ }
+ rule 3201 {
+ action accept
+ description FWF699D_4-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWF699D_4
+ }
+ port 11009,10009
+ }
+ protocol tcp
+ }
+ rule 3202 {
+ action accept
+ description VPN-2661-ANY-ALLOW-10.4.54.24
+ destination {
+ group {
+ address-group DT_VPN-2661
+ }
+ }
+ source {
+ address 10.4.54.24
+ }
+ }
+ rule 3203 {
+ action accept
+ description VPN-2661-ANY-ALLOW-10.4.55.24
+ destination {
+ group {
+ address-group DT_VPN-2661
+ }
+ }
+ source {
+ address 10.4.55.24
+ }
+ }
+ rule 3204 {
+ action accept
+ description VPN-9727-ANY-ALLOW-10.4.54.118
+ destination {
+ group {
+ address-group DT_VPN-9727
+ }
+ }
+ source {
+ address 10.4.54.118
+ }
+ }
+ rule 3205 {
+ action accept
+ description VPN-9727-ANY-ALLOW-10.4.55.119
+ destination {
+ group {
+ address-group DT_VPN-9727
+ }
+ }
+ source {
+ address 10.4.55.119
+ }
+ }
+ rule 3207 {
+ action accept
+ description FWF0221_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWF0221_1
+ }
+ port 65000,8099,8080
+ }
+ protocol tcp_udp
+ }
+ rule 3208 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.211.180
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.211.180
+ }
+ }
+ rule 3209 {
+ action accept
+ description FWA86ED_101-TCP-ALLOW-82.5.189.5
+ destination {
+ group {
+ address-group DT_FWA86ED_101
+ }
+ port 443
+ }
+ protocol tcp
+ source {
+ address 82.5.189.5
+ }
+ }
+ rule 3210 {
+ action accept
+ description FW60FD6_5-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW60FD6_5
+ }
+ port 1194
+ }
+ protocol udp
+ }
+ rule 3211 {
+ action accept
+ description FW60FD6_5-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW60FD6_5
+ }
+ port 9500,9191,9090,8090,2222
+ }
+ protocol tcp
+ }
+ rule 3212 {
+ action accept
+ description FWA86ED_101-TCP-ALLOW-84.65.217.114
+ destination {
+ group {
+ address-group DT_FWA86ED_101
+ }
+ port 3389,443
+ }
+ protocol tcp
+ source {
+ address 84.65.217.114
+ }
+ }
+ rule 3213 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-175.157.43.21
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 175.157.43.21
+ }
+ }
+ rule 3214 {
+ action accept
+ description FW45F3D_1-ANY-ALLOW-77.68.126.251
+ destination {
+ group {
+ address-group DT_FW45F3D_1
+ }
+ }
+ source {
+ address 77.68.126.251
+ }
+ }
+ rule 3215 {
+ action accept
+ description FWA86ED_101-TCP-ALLOW-86.14.23.23
+ destination {
+ group {
+ address-group DT_FWA86ED_101
+ }
+ port 3389,443
+ }
+ protocol tcp
+ source {
+ address 86.14.23.23
+ }
+ }
+ rule 3217 {
+ action accept
+ description FW85E02_11-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW85E02_11
+ }
+ port 9000-10999
+ }
+ protocol udp
+ }
+ rule 3218 {
+ action accept
+ description FW5D0FA_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW5D0FA_1
+ }
+ port 53
+ }
+ protocol tcp_udp
+ }
+ rule 3222 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.212.141
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.212.141
+ }
+ }
+ rule 3223 {
+ action accept
+ description FWCDD8B_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWCDD8B_1
+ }
+ port 2222
+ }
+ protocol tcp
+ }
+ rule 3224 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.214.185
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.214.185
+ }
+ }
+ rule 3225 {
+ action accept
+ description FW06940_3-TCP_UDP-ALLOW-213.171.210.153
+ destination {
+ group {
+ address-group DT_FW06940_3
+ }
+ port 1-65535
+ }
+ protocol tcp_udp
+ source {
+ address 213.171.210.153
+ }
+ }
+ rule 3226 {
+ action accept
+ description FW06940_3-TCP_UDP-ALLOW-70.29.113.102
+ destination {
+ group {
+ address-group DT_FW06940_3
+ }
+ port 1-65535
+ }
+ protocol tcp_udp
+ source {
+ address 70.29.113.102
+ }
+ }
+ rule 3227 {
+ action accept
+ description FWC32BE_1-ANY-ALLOW-3.127.0.177
+ destination {
+ group {
+ address-group DT_FWC32BE_1
+ }
+ }
+ source {
+ address 3.127.0.177
+ }
+ }
+ rule 3228 {
+ action accept
+ description FWA86ED_101-TCP-ALLOW-93.115.195.58
+ destination {
+ group {
+ address-group DT_FWA86ED_101
+ }
+ port 3389,443
+ }
+ protocol tcp
+ source {
+ address 93.115.195.58
+ }
+ }
+ rule 3229 {
+ action accept
+ description FWE32F2_8-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWE32F2_8
+ }
+ port 40120,30120,30110
+ }
+ protocol tcp
+ }
+ rule 3230 {
+ action accept
+ description VPN-28515-ANY-ALLOW-10.4.56.162
+ destination {
+ group {
+ address-group DT_VPN-28515
+ }
+ }
+ source {
+ address 10.4.56.162
+ }
+ }
+ rule 3231 {
+ action accept
+ description FW06940_3-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW06940_3
+ }
+ port 30000-30400,8443-8447,445,80-110,21-25
+ }
+ protocol tcp
+ }
+ rule 3232 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.211.134
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.211.134
+ }
+ }
+ rule 3236 {
+ action accept
+ description VPN-28515-ANY-ALLOW-10.4.57.162
+ destination {
+ group {
+ address-group DT_VPN-28515
+ }
+ }
+ source {
+ address 10.4.57.162
+ }
+ }
+ rule 3237 {
+ action accept
+ description FWF4063_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWF4063_1
+ }
+ port 3000
+ }
+ protocol tcp
+ }
+ rule 3240 {
+ action accept
+ description FW06940_3-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW06940_3
+ }
+ port 49152-65535,6379,5666,5432-5454
+ }
+ protocol tcp_udp
+ }
+ rule 3242 {
+ action accept
+ description FW2E8D4_1-TCP-ALLOW-63.35.92.185
+ destination {
+ group {
+ address-group DT_FW2E8D4_1
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 63.35.92.185
+ }
+ }
+ rule 3244 {
+ action accept
+ description FWF30BD_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWF30BD_1
+ }
+ port 9000-10999
+ }
+ protocol udp
+ }
+ rule 3245 {
+ action accept
+ description FWE30A1_4-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWE30A1_4
+ }
+ port 65057
+ }
+ protocol tcp_udp
+ }
+ rule 3246 {
+ action accept
+ description VPN-26772-ANY-ALLOW-10.4.54.123
+ destination {
+ group {
+ address-group DT_VPN-26772
+ }
+ }
+ source {
+ address 10.4.54.123
+ }
+ }
+ rule 3249 {
+ action accept
+ description FW56496_1-ANY-ALLOW-77.68.82.49
+ destination {
+ group {
+ address-group DT_FW56496_1
+ }
+ }
+ source {
+ address 77.68.82.49
+ }
+ }
+ rule 3251 {
+ action accept
+ description FWDA443_6-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWDA443_6
+ }
+ port 30175,12050
+ }
+ protocol tcp
+ }
+ rule 3253 {
+ action accept
+ description FW5A521_3-TCP-ALLOW-88.98.75.17
+ destination {
+ group {
+ address-group DT_FW5A521_3
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 88.98.75.17
+ }
+ }
+ rule 3254 {
+ action accept
+ description FW5A521_3-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW5A521_3
+ }
+ port 161-162
+ }
+ protocol udp
+ }
+ rule 3255 {
+ action accept
+ description FW5A521_3-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW5A521_3
+ }
+ port 5900
+ }
+ protocol tcp
+ }
+ rule 3259 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.214.178
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000,3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.214.178
+ }
+ }
+ rule 3260 {
+ action accept
+ description VPN-26772-ANY-ALLOW-10.4.55.124
+ destination {
+ group {
+ address-group DT_VPN-26772
+ }
+ }
+ source {
+ address 10.4.55.124
+ }
+ }
+ rule 3262 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.209.114
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.209.114
+ }
+ }
+ rule 3272 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-116.206.246.30
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 116.206.246.30
+ }
+ }
+ rule 3273 {
+ action accept
+ description FW2B4BA_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW2B4BA_1
+ }
+ port 30000-31000
+ }
+ protocol tcp
+ }
+ rule 3284 {
+ action accept
+ description FW06940_3-TCP-ALLOW-213.171.217.107
+ destination {
+ group {
+ address-group DT_FW06940_3
+ }
+ port 8443
+ }
+ protocol tcp
+ source {
+ address 213.171.217.107
+ }
+ }
+ rule 3285 {
+ action accept
+ description FW0952B_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW0952B_1
+ }
+ port 9030,9001
+ }
+ protocol tcp
+ }
+ rule 3286 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-123.231.85.35
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 123.231.85.35
+ }
+ }
+ rule 3290 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.208.232
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.208.232
+ }
+ }
+ rule 3294 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.212.21
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.212.21
+ }
+ }
+ rule 3295 {
+ action accept
+ description FW0EA3F_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW0EA3F_1
+ }
+ port 1-65535
+ }
+ protocol tcp_udp
+ }
+ rule 3296 {
+ action accept
+ description FW9D5C7_1-TCP-ALLOW-209.97.176.108
+ destination {
+ group {
+ address-group DT_FW9D5C7_1
+ }
+ port 8447,8443,22
+ }
+ protocol tcp
+ source {
+ address 209.97.176.108
+ }
+ }
+ rule 3297 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.210.188
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.210.188
+ }
+ }
+ rule 3298 {
+ action accept
+ description FW9D5C7_1-TCP-ALLOW-165.227.231.227
+ destination {
+ group {
+ address-group DT_FW9D5C7_1
+ }
+ port 9117,9113,9104,9100
+ }
+ protocol tcp
+ source {
+ address 165.227.231.227
+ }
+ }
+ rule 3299 {
+ action accept
+ description FW4DB0A_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW4DB0A_1
+ }
+ port 953
+ }
+ protocol tcp
+ }
+ rule 3300 {
+ action accept
+ description FW4DB0A_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW4DB0A_1
+ }
+ port 953
+ }
+ protocol udp
+ }
+ rule 3301 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.209.91
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.209.91
+ }
+ }
+ rule 3303 {
+ action accept
+ description FW56496_1-TCP-ALLOW-176.255.93.149
+ destination {
+ group {
+ address-group DT_FW56496_1
+ }
+ port 3389
+ }
+ protocol tcp
+ source {
+ address 176.255.93.149
+ }
+ }
+ rule 3304 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.210.79
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.210.79
+ }
+ }
+ rule 3305 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.215.43
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.215.43
+ }
+ }
+ rule 3306 {
+ action accept
+ description FW310C6_3-ANY-ALLOW-88.208.198.40
+ destination {
+ group {
+ address-group DT_FW310C6_3
+ }
+ }
+ source {
+ address 88.208.198.40
+ }
+ }
+ rule 3307 {
+ action accept
+ description FW597A6_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW597A6_1
+ }
+ port 49152-65535,990
+ }
+ protocol tcp
+ }
+ rule 3308 {
+ action accept
+ description FW597A6_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW597A6_1
+ }
+ port 3306
+ }
+ protocol tcp_udp
+ }
+ rule 3309 {
+ action accept
+ description FWBC280_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWBC280_1
+ }
+ port 49152-65535,20-21
+ }
+ protocol tcp
+ }
+ rule 3310 {
+ action accept
+ description VPN-31301-ANY-ALLOW-10.4.87.223
+ destination {
+ group {
+ address-group DT_VPN-31301
+ }
+ }
+ source {
+ address 10.4.87.223
+ }
+ }
+ rule 3311 {
+ action accept
+ description FW18E6E_3-TCP-ALLOW-148.253.173.243
+ destination {
+ group {
+ address-group DT_FW18E6E_3
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 148.253.173.243
+ }
+ }
+ rule 3312 {
+ action accept
+ description FW9EEDD_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW9EEDD_1
+ }
+ port 990,197,20-23
+ }
+ protocol tcp
+ }
+ rule 3313 {
+ action accept
+ description FW9EEDD_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW9EEDD_1
+ }
+ port 49152-65535
+ }
+ protocol tcp_udp
+ }
+ rule 3314 {
+ action accept
+ description VPN-31002-ANY-ALLOW-10.4.89.126
+ destination {
+ group {
+ address-group DT_VPN-31002
+ }
+ }
+ source {
+ address 10.4.89.126
+ }
+ }
+ rule 3316 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.209.11
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.209.11
+ }
+ }
+ rule 3317 {
+ action accept
+ description FW32EFF_49-TCP-ALLOW-195.59.191.128_25
+ destination {
+ group {
+ address-group DT_FW32EFF_49
+ }
+ port 5589
+ }
+ protocol tcp
+ source {
+ address 195.59.191.128/25
+ }
+ }
+ rule 3318 {
+ action accept
+ description FW32EFF_49-TCP-ALLOW-213.71.130.0_26
+ destination {
+ group {
+ address-group DT_FW32EFF_49
+ }
+ port 5589
+ }
+ protocol tcp
+ source {
+ address 213.71.130.0/26
+ }
+ }
+ rule 3319 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.215.88
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.215.88
+ }
+ }
+ rule 3320 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.215.173
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.215.173
+ }
+ }
+ rule 3321 {
+ action accept
+ description FW32EFF_49-TCP-ALLOW-84.19.45.82
+ destination {
+ group {
+ address-group DT_FW32EFF_49
+ }
+ port 5589
+ }
+ protocol tcp
+ source {
+ address 84.19.45.82
+ }
+ }
+ rule 3322 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-175.157.43.122
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 175.157.43.122
+ }
+ }
+ rule 3323 {
+ action accept
+ description FWC1ACD_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWC1ACD_1
+ }
+ port 28061,28060,8080
+ }
+ protocol tcp_udp
+ }
+ rule 3324 {
+ action accept
+ description FWA5D67_1-TCP_UDP-ALLOW-84.74.32.74
+ destination {
+ group {
+ address-group DT_FWA5D67_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 84.74.32.74
+ }
+ }
+ rule 3325 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.213.169
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.213.169
+ }
+ }
+ rule 3326 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.213.89
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.213.89
+ }
+ }
+ rule 3329 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.212.35
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.212.35
+ }
+ }
+ rule 3330 {
+ action accept
+ description FWCE020_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWCE020_1
+ }
+ port 48402
+ }
+ protocol udp
+ }
+ rule 3333 {
+ action accept
+ description FWF3574_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWF3574_1
+ }
+ port 8060,445,139
+ }
+ protocol tcp
+ }
+ rule 3334 {
+ action accept
+ description FWE6AB2_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWE6AB2_1
+ }
+ port 44158,945,943
+ }
+ protocol tcp
+ }
+ rule 3335 {
+ action accept
+ description FWBFC02_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWBFC02_1
+ }
+ port 44158,945,943
+ }
+ protocol tcp
+ }
+ rule 3336 {
+ action accept
+ description FWBFC02_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWBFC02_1
+ }
+ port 1194
+ }
+ protocol udp
+ }
+ rule 3337 {
+ action accept
+ description FWE6AB2_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWE6AB2_1
+ }
+ port 1194
+ }
+ protocol udp
+ }
+ rule 3338 {
+ action accept
+ description FWBC8A6_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWBC8A6_1
+ }
+ port 44158,945,943
+ }
+ protocol tcp
+ }
+ rule 3339 {
+ action accept
+ description FWBC8A6_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWBC8A6_1
+ }
+ port 1194
+ }
+ protocol udp
+ }
+ rule 3340 {
+ action accept
+ description FWA0AA0_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWA0AA0_1
+ }
+ port 2302
+ }
+ protocol tcp
+ }
+ rule 3342 {
+ action accept
+ description FW56496_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW56496_1
+ }
+ port 22
+ }
+ protocol tcp_udp
+ }
+ rule 3343 {
+ action accept
+ description FW56496_1-TCP-ALLOW-157.231.178.162
+ destination {
+ group {
+ address-group DT_FW56496_1
+ }
+ port 21
+ }
+ protocol tcp
+ source {
+ address 157.231.178.162
+ }
+ }
+ rule 3344 {
+ action accept
+ description FW56496_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW56496_1
+ }
+ port 2443,1022
+ }
+ protocol tcp
+ }
+ rule 3345 {
+ action accept
+ description FW56496_1-TCP_UDP-ALLOW-46.16.211.142
+ destination {
+ group {
+ address-group DT_FW56496_1
+ }
+ port 3389,21
+ }
+ protocol tcp_udp
+ source {
+ address 46.16.211.142
+ }
+ }
+ rule 3347 {
+ action accept
+ description FW2379F_14-GRE-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW2379F_14
+ }
+ }
+ protocol gre
+ }
+ rule 3348 {
+ action accept
+ description FW0E383_9-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW0E383_9
+ }
+ port 52000
+ }
+ protocol tcp
+ }
+ rule 3350 {
+ action accept
+ description FWB4438_2-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWB4438_2
+ }
+ port 993-995,7
+ }
+ protocol tcp
+ }
+ rule 3351 {
+ action accept
+ description FW1F3D0_6-TCP_UDP-ALLOW-82.165.207.109
+ destination {
+ group {
+ address-group DT_FW1F3D0_6
+ }
+ port 4567-4568
+ }
+ protocol tcp_udp
+ source {
+ address 82.165.207.109
+ }
+ }
+ rule 3352 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.210.77
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.210.77
+ }
+ }
+ rule 3358 {
+ action accept
+ description FW46F4A_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW46F4A_1
+ }
+ port 51820
+ }
+ protocol udp
+ }
+ rule 3359 {
+ action accept
+ description FW53C72_1-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW53C72_1
+ }
+ port 48402
+ }
+ protocol udp
+ }
+ rule 3360 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.210.251
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.210.251
+ }
+ }
+ rule 3362 {
+ action accept
+ description FWAA38E_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWAA38E_1
+ }
+ port 1001-65535
+ }
+ protocol tcp_udp
+ }
+ rule 3363 {
+ action accept
+ description FW138F8_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW138F8_1
+ }
+ port 21,20
+ }
+ protocol tcp_udp
+ }
+ rule 3364 {
+ action accept
+ description FW0BD92_3-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW0BD92_3
+ }
+ port 18081,18080
+ }
+ protocol tcp
+ }
+ rule 3365 {
+ action accept
+ description FWFEF05_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWFEF05_1
+ }
+ port 1935
+ }
+ protocol tcp_udp
+ }
+ rule 3367 {
+ action accept
+ description FW26846_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW26846_1
+ }
+ port 8000
+ }
+ protocol tcp
+ }
+ rule 3368 {
+ action accept
+ description FWB4438_2-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWB4438_2
+ }
+ port 53
+ }
+ protocol tcp_udp
+ }
+ rule 3369 {
+ action accept
+ description FWA884B_5-TCP-ALLOW-51.146.16.162
+ destination {
+ group {
+ address-group DT_FWA884B_5
+ }
+ port 8447,8443,22
+ }
+ protocol tcp
+ source {
+ address 51.146.16.162
+ }
+ }
+ rule 3370 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.209.22
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.209.22
+ }
+ }
+ rule 3371 {
+ action accept
+ description FWFDE34_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWFDE34_1
+ }
+ port 18081,18080
+ }
+ protocol tcp
+ }
+ rule 3373 {
+ action accept
+ description FWB6101_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWB6101_1
+ }
+ port 2280
+ }
+ protocol tcp
+ }
+ rule 3377 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-123.231.84.203
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 123.231.84.203
+ }
+ }
+ rule 3378 {
+ action accept
+ description FW1D511_2-TCP-ALLOW-92.29.46.47
+ destination {
+ group {
+ address-group DT_FW1D511_2
+ }
+ port 9090
+ }
+ protocol tcp
+ source {
+ address 92.29.46.47
+ }
+ }
+ rule 3386 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.208.175
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.208.175
+ }
+ }
+ rule 3387 {
+ action accept
+ description FW1ACD9_2-TCP-ALLOW-89.197.148.38
+ destination {
+ group {
+ address-group DT_FW1ACD9_2
+ }
+ port 5015,22
+ }
+ protocol tcp
+ source {
+ address 89.197.148.38
+ }
+ }
+ rule 3388 {
+ action accept
+ description FW1ACD9_2-UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW1ACD9_2
+ }
+ port 9000-10999,5090,5060
+ }
+ protocol udp
+ }
+ rule 3389 {
+ action accept
+ description FW1ACD9_2-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW1ACD9_2
+ }
+ port 5090,5060-5062
+ }
+ protocol tcp
+ }
+ rule 3391 {
+ action accept
+ description FWA0B7F_1-TCP_UDP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWA0B7F_1
+ }
+ port 53
+ }
+ protocol tcp_udp
+ }
+ rule 3392 {
+ action accept
+ description FW56335_2-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW56335_2
+ }
+ port 18081,18080
+ }
+ protocol tcp
+ }
+ rule 3395 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.212.90
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000,3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.212.90
+ }
+ }
+ rule 3396 {
+ action accept
+ description FW4D3E6_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW4D3E6_1
+ }
+ port 18081,18080
+ }
+ protocol tcp
+ }
+ rule 3397 {
+ action accept
+ description FWB118A_1-TCP-ALLOW-188.65.177.58
+ destination {
+ group {
+ address-group DT_FWB118A_1
+ }
+ port 49152-65534,8447,8443,22,21,20
+ }
+ protocol tcp
+ source {
+ address 188.65.177.58
+ }
+ }
+ rule 3398 {
+ action accept
+ description FWB118A_1-TCP-ALLOW-77.68.103.13
+ destination {
+ group {
+ address-group DT_FWB118A_1
+ }
+ port 49152-65534,8447,8443,22,21,20
+ }
+ protocol tcp
+ source {
+ address 77.68.103.13
+ }
+ }
+ rule 3399 {
+ action accept
+ description FWB118A_1-TCP-ALLOW-80.5.71.130
+ destination {
+ group {
+ address-group DT_FWB118A_1
+ }
+ port 49152-65534,8447,8443,22,21,20
+ }
+ protocol tcp
+ source {
+ address 80.5.71.130
+ }
+ }
+ rule 3402 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.213.205
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.213.205
+ }
+ }
+ rule 3408 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.211.31
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.211.31
+ }
+ }
+ rule 3409 {
+ action accept
+ description FW539FB_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FW539FB_1
+ }
+ port 389
+ }
+ protocol tcp
+ }
+ rule 3411 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.213.185
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.213.185
+ }
+ }
+ rule 3415 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-116.206.245.124
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000,3389
+ }
+ protocol tcp_udp
+ source {
+ address 116.206.245.124
+ }
+ }
+ rule 3416 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.213.75
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.213.75
+ }
+ }
+ rule 3417 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.214.34
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000,3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.214.34
+ }
+ }
+ rule 3418 {
+ action accept
+ description FWEF92E_5-UDP-ALLOW-77.68.77.70
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ port 500
+ }
+ protocol udp
+ source {
+ address 77.68.77.70
+ }
+ }
+ rule 3419 {
+ action accept
+ description FWEF92E_5-UDP-ALLOW-77.68.92.33
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ port 500
+ }
+ protocol udp
+ source {
+ address 77.68.92.33
+ }
+ }
+ rule 3420 {
+ action accept
+ description FWEF92E_5-UDP-ALLOW-77.68.93.82
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ port 500
+ }
+ protocol udp
+ source {
+ address 77.68.93.82
+ }
+ }
+ rule 3421 {
+ action accept
+ description FWEF92E_5-UDP-ALLOW-88.208.198.93
+ destination {
+ group {
+ address-group DT_FWEF92E_5
+ }
+ port 500
+ }
+ protocol udp
+ source {
+ address 88.208.198.93
+ }
+ }
+ rule 3422 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.214.94
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.214.94
+ }
+ }
+ rule 3424 {
+ action accept
+ description FW18E6E_3-TCP-ALLOW-148.253.173.244
+ destination {
+ group {
+ address-group DT_FW18E6E_3
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 148.253.173.244
+ }
+ }
+ rule 3425 {
+ action accept
+ description FW18E6E_3-TCP-ALLOW-148.253.173.246
+ destination {
+ group {
+ address-group DT_FW18E6E_3
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 148.253.173.246
+ }
+ }
+ rule 3426 {
+ action accept
+ description FW18E6E_3-TCP-ALLOW-195.97.222.122
+ destination {
+ group {
+ address-group DT_FW18E6E_3
+ }
+ port 3306
+ }
+ protocol tcp
+ source {
+ address 195.97.222.122
+ }
+ }
+ rule 3431 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.209.111
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.209.111
+ }
+ }
+ rule 3432 {
+ action accept
+ description FW06940_3-TCP_UDP-ALLOW-74.208.41.119
+ destination {
+ group {
+ address-group DT_FW06940_3
+ }
+ port 1-65535
+ }
+ protocol tcp_udp
+ source {
+ address 74.208.41.119
+ }
+ }
+ rule 3438 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.209.252
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.209.252
+ }
+ }
+ rule 3440 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.214.118
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.214.118
+ }
+ }
+ rule 3442 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.209.15
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.209.15
+ }
+ }
+ rule 3446 {
+ action accept
+ description FWC32BE_1-ANY-ALLOW-3.65.3.75
+ destination {
+ group {
+ address-group DT_FWC32BE_1
+ }
+ }
+ source {
+ address 3.65.3.75
+ }
+ }
+ rule 3447 {
+ action accept
+ description FWC32BE_1-TCP-ALLOW-217.155.2.52
+ destination {
+ group {
+ address-group DT_FWC32BE_1
+ }
+ port 22
+ }
+ protocol tcp
+ source {
+ address 217.155.2.52
+ }
+ }
+ rule 3448 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.214.243
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.214.243
+ }
+ }
+ rule 3449 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.214.117
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000,3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.214.117
+ }
+ }
+ rule 3450 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.210.4
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.210.4
+ }
+ }
+ rule 3452 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.210.177
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 9000
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.210.177
+ }
+ }
+ rule 3454 {
+ action accept
+ description FWD498E_1-TCP-ALLOW-ANY
+ destination {
+ group {
+ address-group DT_FWD498E_1
+ }
+ port 44158
+ }
+ protocol tcp
+ }
+ rule 3455 {
+ action accept
+ description FWA7A50_1-TCP_UDP-ALLOW-112.134.212.147
+ destination {
+ group {
+ address-group DT_FWA7A50_1
+ }
+ port 3389
+ }
+ protocol tcp_udp
+ source {
+ address 112.134.212.147
+ }
+ }
+ }
+ receive-redirects disable
+ send-redirects disable
+ source-validation disable
+ state-policy {
+ established {
+ action accept
+ }
+ invalid {
+ action drop
+ }
+ related {
+ action accept
+ }
+ }
+ syn-cookies enable
+ twa-hazards-protection disable
+}
+high-availability {
+ vrrp {
+ group eth3-90 {
+ advertise-interval 3
+ authentication {
+ password Ng-1p90
+ type plaintext-password
+ }
+ interface eth3
+ preempt-delay 30
+ priority 10
+ virtual-address 10.255.255.1/32
+ virtual-address 169.254.169.254/32
+ vrid 90
+ }
+ sync-group VRRP-GROUP {
+ member eth3-90
+ }
+ }
+}
+interfaces {
+ ethernet eth0 {
+ address 10.4.35.105/24
+ description Management
+ duplex auto
+ smp-affinity auto
+ speed auto
+ }
+ ethernet eth1 {
+ description MicroVLANs
+ duplex auto
+ smp-affinity auto
+ speed auto
+ vif 3201 {
+ address 109.228.63.251/25
+ description "MicroVLAN publica"
+ firewall {
+ in {
+ name WAN-INBOUND
+ }
+ local {
+ name LOCAL-WAN
+ }
+ }
+ }
+ }
+ ethernet eth2 {
+ address 10.4.51.133/30
+ description Sync
+ duplex auto
+ firewall {
+ local {
+ name LOCAL-SYNC
+ }
+ }
+ smp-affinity auto
+ speed auto
+ }
+ ethernet eth3 {
+ address 10.255.255.2/20
+ description "Customers LAN"
+ duplex auto
+ firewall {
+ in {
+ name LAN-INBOUND
+ }
+ local {
+ name LOCAL-LAN
+ }
+ }
+ smp-affinity auto
+ speed auto
+ }
+ loopback lo {
+ address 10.4.35.105/32
+ }
+}
+nat {
+ destination {
+ rule 5 {
+ description cloud-init
+ destination {
+ address 169.254.169.254
+ port http
+ }
+ inbound-interface eth3
+ protocol tcp
+ translation {
+ address 82.223.45.35
+ }
+ }
+ rule 20 {
+ description "TEMPORARY NAT for dnscache removal in favor of anycns"
+ destination {
+ address 77.68.76.12
+ port domain
+ }
+ inbound-interface eth3
+ protocol tcp_udp
+ translation {
+ address 212.227.123.16
+ }
+ }
+ rule 25 {
+ description "TEMPORARY NAT for dnscache removal in favor of anycns"
+ destination {
+ address 77.68.77.12
+ port domain
+ }
+ inbound-interface eth3
+ protocol tcp_udp
+ translation {
+ address 212.227.123.17
+ }
+ }
+ }
+}
+policy {
+ community-list 100 {
+ rule 10 {
+ action permit
+ regex 65500:1001
+ }
+ }
+ community-list 200 {
+ rule 10 {
+ action permit
+ regex "65500:10**"
+ }
+ }
+ prefix-list Service-NETs {
+ rule 1 {
+ action permit
+ ge 32
+ prefix 0.0.0.0/0
+ }
+ }
+ route-map Any-Site-1 {
+ rule 10 {
+ action permit
+ match {
+ community {
+ community-list 200
+ }
+ }
+ }
+ rule 20 {
+ action deny
+ }
+ }
+ route-map CLOUD-Service-NETs {
+ rule 10 {
+ action permit
+ match {
+ ip {
+ address {
+ prefix-list Service-NETs
+ }
+ }
+ }
+ set {
+ community 65500:1027
+ }
+ }
+ rule 20 {
+ action deny
+ }
+ }
+ route-map None {
+ rule 10 {
+ action deny
+ }
+ }
+}
+protocols {
+ bgp 8560 {
+ address-family {
+ ipv4-unicast {
+ redistribute {
+ static {
+ }
+ }
+ }
+ }
+ neighbor 109.228.63.134 {
+ address-family {
+ ipv4-unicast {
+ route-map {
+ export CLOUD-Service-NETs
+ import Any-Site-1
+ }
+ weight 150
+ }
+ }
+ description RouteServer1-vyos
+ password VyOS123
+ remote-as 8560
+ timers {
+ holdtime 5
+ keepalive 1
+ }
+ }
+ neighbor 109.228.63.135 {
+ address-family {
+ ipv4-unicast {
+ route-map {
+ export CLOUD-Service-NETs
+ import Any-Site-1
+ }
+ weight 125
+ }
+ }
+ description RouteServer2-quagga
+ password VyOS123
+ remote-as 8560
+ }
+ neighbor 109.228.63.136 {
+ address-family {
+ ipv4-unicast {
+ route-map {
+ export CLOUD-Service-NETs
+ import Any-Site-1
+ }
+ weight 100
+ }
+ }
+ description RouteServer3-bird
+ password VyOS123
+ remote-as 8560
+ }
+ parameters {
+ log-neighbor-changes
+ router-id 10.4.35.105
+ }
+ }
+ static {
+ interface-route 77.68.2.215/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.3.52/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.3.61/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.3.80/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.3.121/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.3.144/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.3.161/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.3.194/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.3.247/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.4.22/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.4.24/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.4.25/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.4.39/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.4.57/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.4.74/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.4.80/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.4.111/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.4.136/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.4.180/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.4.242/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.4.252/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.5.95/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.5.125/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.5.155/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.5.166/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.5.187/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.5.241/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.6.32/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.6.105/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.6.110/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.6.119/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.6.202/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.6.210/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.7.67/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.7.114/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.7.123/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.7.160/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.7.172/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.7.186/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.7.222/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.7.227/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.8.144/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.9.75/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.9.186/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.10.142/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.10.152/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.10.170/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.11.140/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.12.45/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.12.195/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.12.250/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.13.76/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.13.137/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.14.88/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.15.95/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.16.247/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.17.26/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.17.186/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.17.200/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.20.161/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.20.217/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.20.231/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.21.78/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.21.171/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.22.146/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.23.35/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.23.64/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.23.112/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.23.158/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.24.59/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.24.63/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.24.112/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.24.134/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.24.172/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.24.220/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.25.124/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.25.130/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.25.146/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.26.166/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.26.216/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.26.221/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.26.228/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.27.18/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.27.27/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.27.28/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.27.54/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.27.57/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.27.211/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.28.139/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.28.145/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.28.147/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.28.207/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.29.65/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.29.178/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.30.133/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.30.164/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.31.96/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.31.144/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.32.31/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.32.43/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.32.83/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.32.86/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.32.89/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.32.118/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.32.254/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.33.24/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.33.37/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.33.48/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.33.68/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.33.171/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.33.197/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.33.216/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.34.26/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.34.28/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.34.50/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.34.138/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.34.139/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.35.116/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.48.14/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.48.81/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.48.89/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.48.105/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.48.202/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.49.4/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.49.12/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.49.126/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.49.152/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.49.159/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.49.160/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.49.161/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.49.178/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.50.90/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.50.91/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.50.142/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.50.193/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.50.198/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.51.202/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.51.214/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.72.202/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.72.254/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.73.73/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.74.39/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.74.85/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.74.152/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.74.209/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.74.232/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.75.45/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.75.64/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.75.113/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.75.245/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.75.253/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.12/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.13/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.14/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.16/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.19/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.20/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.21/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.22/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.23/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.25/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.26/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.29/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.30/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.31/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.33/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.35/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.37/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.38/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.39/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.40/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.42/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.44/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.45/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.47/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.48/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.49/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.50/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.54/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.55/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.57/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.58/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.59/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.60/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.61/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.74/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.75/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.76/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.77/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.80/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.88/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.91/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.92/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.93/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.94/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.95/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.96/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.99/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.102/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.104/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.105/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.107/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.108/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.110/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.111/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.112/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.114/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.115/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.116/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.118/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.120/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.122/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.123/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.124/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.126/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.127/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.136/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.137/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.138/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.139/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.141/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.142/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.145/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.148/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.149/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.150/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.152/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.157/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.158/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.160/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.161/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.164/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.165/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.169/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.171/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.176/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.177/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.181/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.183/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.185/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.187/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.191/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.195/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.197/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.198/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.200/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.202/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.203/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.208/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.209/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.211/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.212/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.217/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.219/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.220/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.228/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.229/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.231/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.234/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.235/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.239/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.241/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.243/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.244/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.245/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.247/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.248/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.249/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.250/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.251/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.252/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.253/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.76.254/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.12/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.13/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.14/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.16/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.19/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.21/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.22/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.24/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.26/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.29/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.30/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.32/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.33/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.37/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.38/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.42/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.43/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.44/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.46/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.49/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.50/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.53/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.54/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.56/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.57/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.59/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.62/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.63/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.65/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.67/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.68/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.69/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.70/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.71/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.72/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.74/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.75/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.76/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.77/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.79/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.81/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.85/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.88/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.90/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.92/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.95/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.97/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.99/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.100/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.102/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.103/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.105/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.107/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.108/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.114/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.115/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.117/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.120/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.124/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.128/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.129/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.130/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.132/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.137/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.139/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.140/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.141/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.144/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.145/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.149/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.150/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.151/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.152/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.156/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.157/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.159/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.160/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.161/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.163/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.165/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.171/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.174/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.176/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.178/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.181/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.185/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.190/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.192/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.199/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.200/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.201/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.202/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.203/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.204/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.205/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.207/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.208/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.209/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.211/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.212/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.214/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.215/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.219/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.221/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.222/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.227/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.228/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.231/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.233/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.234/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.236/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.238/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.239/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.240/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.243/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.247/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.248/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.249/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.251/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.253/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.77.254/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.78.73/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.78.113/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.78.229/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.79.82/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.79.89/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.79.206/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.80.26/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.80.97/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.81.44/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.81.141/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.81.218/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.82.147/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.82.157/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.83.41/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.84.147/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.84.155/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.85.18/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.85.27/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.85.73/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.85.115/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.85.172/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.86.40/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.86.148/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.87.164/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.87.212/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.88.100/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.88.164/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.89.72/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.89.183/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.89.247/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.90.106/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.90.132/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.91.22/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.91.128/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.91.195/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.92.92/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.92.186/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.93.125/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.93.164/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.93.246/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.94.181/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.95.42/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.95.212/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.100.77/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.100.132/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.100.134/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.100.150/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.100.167/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.101.64/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.101.124/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.101.125/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.102.5/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.102.129/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.103.19/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.103.56/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.103.120/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.103.147/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.103.227/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.112.75/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.112.83/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.112.90/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.112.91/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.112.167/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.112.175/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.112.184/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.112.213/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.112.248/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.113.117/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.113.164/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.114.93/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.114.136/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.114.183/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.114.205/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.114.234/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.114.237/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.115.17/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.115.142/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.116.36/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.116.52/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.116.84/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.116.119/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.116.183/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.116.220/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.116.221/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.116.232/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.117.29/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.117.45/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.117.51/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.117.142/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.117.173/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.117.202/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.117.214/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.117.222/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.118.15/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.118.17/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.118.86/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.118.88/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.118.102/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.118.104/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.118.120/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.119.14/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.119.92/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.119.188/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.120.26/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.120.31/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.120.45/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.120.146/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.120.218/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.120.229/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.120.241/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.120.249/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.121.94/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.121.106/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.121.119/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.121.127/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.122.89/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.122.195/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.122.241/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.123.177/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.123.250/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.125.32/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.125.60/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.125.218/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.126.14/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.126.22/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.126.51/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.126.101/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.126.160/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.127.151/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 77.68.127.172/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 88.208.196.91/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 88.208.196.92/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 88.208.196.123/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 88.208.196.154/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 88.208.197.10/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 88.208.197.23/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 88.208.197.60/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 88.208.197.118/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 88.208.197.129/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 88.208.197.135/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 88.208.197.150/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 88.208.197.155/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 88.208.197.160/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 88.208.197.208/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 88.208.198.39/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 88.208.198.64/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 88.208.198.66/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 88.208.198.69/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 88.208.198.92/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 88.208.198.251/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 88.208.199.46/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 88.208.199.141/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 88.208.199.233/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 88.208.199.249/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 88.208.212.31/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 88.208.212.94/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 88.208.212.182/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 88.208.212.188/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 88.208.215.19/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 88.208.215.61/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 88.208.215.62/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 88.208.215.121/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 88.208.215.157/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 109.228.35.84/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 109.228.35.110/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 109.228.36.37/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 109.228.36.79/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 109.228.36.119/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 109.228.36.174/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 109.228.36.194/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 109.228.36.229/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 109.228.37.10/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 109.228.37.114/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 109.228.37.174/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 109.228.37.187/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 109.228.37.240/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 109.228.38.117/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 109.228.38.171/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 109.228.38.201/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 109.228.39.41/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 109.228.39.151/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 109.228.39.157/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 109.228.39.249/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 109.228.40.194/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 109.228.40.195/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 109.228.40.207/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 109.228.40.222/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 109.228.40.226/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 109.228.40.247/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 109.228.42.232/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 109.228.46.81/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 109.228.46.196/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 109.228.47.223/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 109.228.48.249/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 109.228.52.186/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 109.228.53.243/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 109.228.55.82/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 109.228.56.26/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 109.228.56.97/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 109.228.56.185/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 109.228.56.242/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 109.228.58.134/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 109.228.59.247/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 109.228.60.215/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 109.228.61.31/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 109.228.61.37/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.36.7/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.36.17/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.36.24/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.36.56/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.36.60/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.36.142/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.36.148/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.37.23/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.37.47/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.37.83/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.37.101/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.37.102/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.37.133/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.38.95/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.38.114/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.38.142/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.38.182/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.38.216/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.38.248/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.39.37/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.39.44/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.39.68/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.39.99/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.39.109/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.39.129/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.39.145/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.39.219/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.40.11/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.40.56/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.40.90/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.40.124/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.40.152/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.40.166/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.40.244/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.41.72/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.41.73/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.41.148/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.41.240/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.43.6/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.43.28/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.43.71/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.43.98/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.43.113/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.43.157/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 185.132.43.164/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 213.171.208.40/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 213.171.208.58/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 213.171.208.176/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 213.171.209.217/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 213.171.210.19/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 213.171.210.25/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 213.171.210.59/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 213.171.210.155/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 213.171.210.177/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 213.171.211.128/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 213.171.212.71/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 213.171.212.89/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 213.171.212.90/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 213.171.212.114/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 213.171.212.136/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 213.171.212.171/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 213.171.212.172/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 213.171.212.203/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 213.171.213.31/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 213.171.213.41/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 213.171.213.42/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 213.171.213.97/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 213.171.213.175/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 213.171.213.242/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 213.171.214.96/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 213.171.214.102/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 213.171.214.167/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 213.171.214.234/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 213.171.215.43/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 213.171.215.184/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ interface-route 213.171.215.252/32 {
+ next-hop-interface eth3 {
+ }
+ }
+ route 0.0.0.0/0 {
+ next-hop 109.228.63.129 {
+ }
+ }
+ route 10.0.0.0/8 {
+ next-hop 10.4.35.1 {
+ }
+ }
+ route 10.7.197.0/24 {
+ next-hop 109.228.63.240 {
+ }
+ }
+ route 172.16.0.0/12 {
+ next-hop 10.4.35.1 {
+ }
+ }
+ route 192.168.0.0/16 {
+ next-hop 10.4.35.1 {
+ }
+ }
+ }
+}
+service {
+ lldp {
+ legacy-protocols {
+ cdp
+ }
+ snmp {
+ enable
+ }
+ }
+ snmp {
+ community 1Trpq25 {
+ authorization ro
+ }
+ contact network@arsys.es
+ description gb-glo-sg4ng1fw27-01
+ listen-address 10.4.35.105 {
+ port 161
+ }
+ location NGCS
+ trap-target 10.4.36.64 {
+ community 1Trpq25
+ port 162
+ }
+ trap-target 172.21.15.200 {
+ community 1Trpq25
+ port 162
+ }
+ }
+ ssh {
+ listen-address 10.4.35.105
+ listen-address 10.4.51.133
+ port 22
+ }
+}
+system {
+ config-management {
+ commit-revisions 20
+ }
+ conntrack {
+ expect-table-size 8192
+ hash-size 262144
+ modules {
+ sip {
+ disable
+ }
+ }
+ table-size 2097152
+ timeout {
+ icmp 30
+ other 120
+ tcp {
+ close 10
+ close-wait 60
+ established 3600
+ fin-wait 30
+ last-ack 30
+ syn-recv 5
+ syn-sent 5
+ time-wait 5
+ }
+ udp {
+ other 10
+ stream 10
+ }
+ }
+ }
+ console {
+ device ttyS0 {
+ speed 115200
+ }
+ }
+ host-name gb-glo-sg4ng1fw27-01
+ ip {
+ arp {
+ table-size 2048
+ }
+ }
+ ipv6 {
+ disable
+ }
+ login {
+ user vyos {
+ authentication {
+ encrypted-password $6$2Ta6TWHd/U$NmrX0x9kexCimeOcYK1MfhMpITF9ELxHcaBU/znBq.X2ukQOj61fVI2UYP/xBzP4QtiTcdkgs7WOQMHWsRymO/
+ plaintext-password ""
+ }
+ }
+ }
+ name-server 10.4.36.16
+ name-server 10.4.37.16
+ ntp {
+ server glo-ntp1.por-ngcs.lan {
+ }
+ server glo-ntp2.por-ngcs.lan {
+ }
+ }
+ syslog {
+ global {
+ facility all {
+ level notice
+ }
+ facility protocols {
+ level info
+ }
+ }
+ host 10.4.36.23 {
+ facility all {
+ level all
+ }
+ facility protocols {
+ level info
+ }
+ facility user {
+ level err
+ }
+ }
+ user all {
+ facility all {
+ level emerg
+ }
+ }
+ }
+ time-zone Europe/Madrid
+}
+
+
+/* Warning: Do not remove the following line. */
+/* === vyatta-config-version: "broadcast-relay@1:cluster@1:config-management@1:conntrack-sync@1:conntrack@1:dhcp-relay@2:dhcp-server@5:dns-forwarding@1:firewall@5:ipsec@5:l2tp@1:mdns@1:nat@4:ntp@1:pptp@1:qos@1:quagga@6:snmp@1:ssh@1:system@10:vrrp@2:wanloadbalance@3:webgui@1:webproxy@1:webproxy@2:zone-policy@1" === */
+/* Release version: 1.2.6-S1 */
+
diff --git a/smoketest/configs/basic-vyos b/smoketest/configs/basic-vyos
new file mode 100644
index 000000000..e6f89954f
--- /dev/null
+++ b/smoketest/configs/basic-vyos
@@ -0,0 +1,140 @@
+interfaces {
+ ethernet eth0 {
+ address 192.168.0.1/24
+ duplex auto
+ smp-affinity auto
+ speed auto
+ }
+ ethernet eth1 {
+ duplex auto
+ smp-affinity auto
+ speed auto
+ }
+ ethernet eth2 {
+ duplex auto
+ smp-affinity auto
+ speed auto
+ vif 100 {
+ address 100.100.0.1/24
+ }
+ vif-s 200 {
+ address 100.64.200.254/24
+ vif-c 201 {
+ address 100.64.201.254/24
+ }
+ vif-c 202 {
+ address 100.64.202.254/24
+ }
+ }
+ }
+ loopback lo {
+ }
+}
+protocols {
+ static {
+ arp 192.168.0.20 {
+ hwaddr 00:50:00:00:00:20
+ }
+ arp 192.168.0.30 {
+ hwaddr 00:50:00:00:00:30
+ }
+ arp 192.168.0.40 {
+ hwaddr 00:50:00:00:00:40
+ }
+ arp 100.100.0.2 {
+ hwaddr 00:50:00:00:02:02
+ }
+ arp 100.100.0.3 {
+ hwaddr 00:50:00:00:02:03
+ }
+ arp 100.100.0.4 {
+ hwaddr 00:50:00:00:02:04
+ }
+ arp 100.64.200.1 {
+ hwaddr 00:50:00:00:00:01
+ }
+ arp 100.64.200.2 {
+ hwaddr 00:50:00:00:00:02
+ }
+ arp 100.64.201.10 {
+ hwaddr 00:50:00:00:00:10
+ }
+ arp 100.64.201.20 {
+ hwaddr 00:50:00:00:00:20
+ }
+ arp 100.64.202.30 {
+ hwaddr 00:50:00:00:00:30
+ }
+ arp 100.64.202.40 {
+ hwaddr 00:50:00:00:00:40
+ }
+ route 0.0.0.0/0 {
+ next-hop 100.64.0.1 {
+ }
+ }
+ }
+}
+service {
+ dhcp-server {
+ shared-network-name LAN {
+ authoritative
+ subnet 192.168.0.0/24 {
+ default-router 192.168.0.1
+ dns-server 192.168.0.1
+ domain-name vyos.net
+ domain-search vyos.net
+ range LANDynamic {
+ start 192.168.0.20
+ stop 192.168.0.240
+ }
+ }
+ }
+ }
+ dns {
+ forwarding {
+ allow-from 192.168.0.0/16
+ cache-size 10000
+ dnssec off
+ listen-address 192.168.0.1
+ }
+ }
+ ssh {
+ ciphers aes128-ctr,aes192-ctr,aes256-ctr
+ ciphers chacha20-poly1305@openssh.com,rijndael-cbc@lysator.liu.se
+ listen-address 192.168.0.1
+ key-exchange curve25519-sha256@libssh.org
+ key-exchange diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256
+ port 22
+ }
+}
+system {
+ config-management {
+ commit-revisions 100
+ }
+ console {
+ device ttyS0 {
+ speed 115200
+ }
+ }
+ host-name vyos
+ login {
+ user vyos {
+ authentication {
+ encrypted-password $6$O5gJRlDYQpj$MtrCV9lxMnZPMbcxlU7.FI793MImNHznxGoMFgm3Q6QP3vfKJyOSRCt3Ka/GzFQyW1yZS4NS616NLHaIPPFHc0
+ plaintext-password ""
+ }
+ }
+ }
+ name-server 192.168.0.1
+ syslog {
+ global {
+ facility all {
+ level info
+ }
+ }
+ }
+ time-zone Europe/Berlin
+}
+/* Warning: Do not remove the following line. */
+/* === vyatta-config-version: "broadcast-relay@1:cluster@1:config-management@1:conntrack-sync@1:conntrack@1:dhcp-relay@2:dhcp-server@5:dns-forwarding@1:firewall@5:ipsec@5:l2tp@1:mdns@1:nat@4:ntp@1:pptp@1:qos@1:quagga@6:snmp@1:ssh@1:system@9:vrrp@2:wanloadbalance@3:webgui@1:webproxy@1:webproxy@2:zone-policy@1" === */
+/* Release version: 1.2.6 */
diff --git a/smoketest/configs/bgp-big-as-cloud b/smoketest/configs/bgp-big-as-cloud
index 694243d1e..65819256e 100644
--- a/smoketest/configs/bgp-big-as-cloud
+++ b/smoketest/configs/bgp-big-as-cloud
@@ -982,6 +982,10 @@ policy {
}
}
}
+ set {
+ as-path-exclude "100 200 300"
+ as-path-prepend "64512 64512 64512"
+ }
}
rule 100 {
action deny
@@ -1819,6 +1823,12 @@ system {
}
version 9
}
+ sflow {
+ agent-address auto
+ server 1.2.3.4 {
+ port 1234
+ }
+ }
syslog-facility daemon
}
host-name vyos
diff --git a/smoketest/configs/dialup-router-complex b/smoketest/configs/dialup-router-complex
index fef79ea56..ac5ff5e99 100644
--- a/smoketest/configs/dialup-router-complex
+++ b/smoketest/configs/dialup-router-complex
@@ -267,6 +267,22 @@ firewall {
}
protocol udp
}
+ rule 800 {
+ action drop
+ description "SSH anti brute force"
+ destination {
+ port ssh
+ }
+ log enable
+ protocol tcp
+ recent {
+ count 4
+ time 60
+ }
+ state {
+ new enable
+ }
+ }
}
name DMZ-WAN {
default-action accept
@@ -482,6 +498,9 @@ firewall {
destination {
port 110,995
}
+ limit {
+ rate "10/minute"
+ }
protocol tcp
}
rule 123 {
diff --git a/smoketest/configs/dialup-router-medium-vpn b/smoketest/configs/dialup-router-medium-vpn
index af7c075e4..63d955738 100644
--- a/smoketest/configs/dialup-router-medium-vpn
+++ b/smoketest/configs/dialup-router-medium-vpn
@@ -6,6 +6,15 @@ firewall {
ipv6-src-route disable
ip-src-route disable
log-martians enable
+ name test_tcp_flags {
+ rule 1 {
+ action drop
+ protocol tcp
+ tcp {
+ flags SYN,ACK,!RST,!FIN
+ }
+ }
+ }
options {
interface vtun0 {
adjust-mss 1380
@@ -83,6 +92,7 @@ interfaces {
}
policy {
route LAN-POLICY-BASED-ROUTING
+ ipv6-route LAN6-POLICY-BASED-ROUTING
}
smp-affinity auto
speed auto
@@ -383,6 +393,29 @@ nat {
}
}
policy {
+ ipv6-route LAN6-POLICY-BASED-ROUTING {
+ rule 10 {
+ destination {
+ }
+ disable
+ set {
+ table 10
+ }
+ source {
+ address 2002::1
+ }
+ }
+ rule 20 {
+ destination {
+ }
+ set {
+ table 100
+ }
+ source {
+ address 2008::f
+ }
+ }
+ }
prefix-list user2-routes {
rule 1 {
action permit
diff --git a/smoketest/configs/ipv6-disable b/smoketest/configs/ipv6-disable
new file mode 100644
index 000000000..da41e9020
--- /dev/null
+++ b/smoketest/configs/ipv6-disable
@@ -0,0 +1,83 @@
+interfaces {
+ ethernet eth0 {
+ duplex auto
+ smp-affinity auto
+ speed auto
+ vif 201 {
+ address 172.18.201.10/24
+ }
+ vif 202 {
+ address 172.18.202.10/24
+ }
+ vif 203 {
+ address 172.18.203.10/24
+ }
+ vif 204 {
+ address 172.18.204.10/24
+ }
+ }
+}
+protocols {
+ static {
+ route 0.0.0.0/0 {
+ next-hop 172.18.201.254 {
+ distance 10
+ }
+ next-hop 172.18.202.254 {
+ distance 20
+ }
+ next-hop 172.18.203.254 {
+ distance 30
+ }
+ next-hop 172.18.204.254 {
+ distance 40
+ }
+ }
+ }
+}
+system {
+ config-management {
+ commit-revisions 200
+ }
+ console {
+ device ttyS0 {
+ speed 115200
+ }
+ }
+ domain-name vyos.net
+ host-name vyos
+ ipv6 {
+ disable
+ }
+ login {
+ user vyos {
+ authentication {
+ encrypted-password $6$2Ta6TWHd/U$NmrX0x9kexCimeOcYK1MfhMpITF9ELxHcaBU/znBq.X2ukQOj61fVI2UYP/xBzP4QtiTcdkgs7WOQMHWsRymO/
+ plaintext-password ""
+ }
+ level admin
+ }
+ }
+ name-server 172.16.254.20
+ name-server 172.16.254.30
+ ntp {
+ server 172.16.254.20 {
+ }
+ server 172.16.254.30 {
+ }
+ }
+ syslog {
+ global {
+ facility all {
+ level info
+ }
+ facility protocols {
+ level debug
+ }
+ }
+ }
+}
+
+/* Warning: Do not remove the following line. */
+/* === vyatta-config-version: "broadcast-relay@1:cluster@1:config-management@1:conntrack-sync@1:conntrack@1:dhcp-relay@2:dhcp-server@5:dns-forwarding@1:firewall@5:ipsec@5:l2tp@1:mdns@1:nat@4:ntp@1:pptp@1:qos@1:quagga@6:snmp@1:ssh@1:system@9:vrrp@2:wanloadbalance@3:webgui@1:webproxy@1:webproxy@2:zone-policy@1" === */
+/* Release version: 1.2.6 */
diff --git a/smoketest/configs/qos-basic b/smoketest/configs/qos-basic
new file mode 100644
index 000000000..f94a5650d
--- /dev/null
+++ b/smoketest/configs/qos-basic
@@ -0,0 +1,205 @@
+interfaces {
+ ethernet eth0 {
+ address 10.1.1.100/24
+ traffic-policy {
+ out FS
+ }
+ }
+ ethernet eth1 {
+ address 10.2.1.1/24
+ traffic-policy {
+ out M2
+ }
+ }
+ ethernet eth2 {
+ address 10.9.9.1/24
+ traffic-policy {
+ out MY-HTB
+ }
+ }
+ loopback lo {
+ }
+}
+protocols {
+ static {
+ route 0.0.0.0/0 {
+ next-hop 10.9.9.2 {
+ }
+ next-hop 10.1.1.1 {
+ }
+ }
+ }
+}
+system {
+ config-management {
+ commit-revisions 10
+ }
+ conntrack {
+ modules {
+ ftp
+ h323
+ nfs
+ pptp
+ sip
+ sqlnet
+ tftp
+ }
+ }
+ console {
+ device ttyS0 {
+ speed 115200
+ }
+ }
+ host-name vyos
+ login {
+ user vyos {
+ authentication {
+ encrypted-password $6$r/Yw/07NXNY$/ZB.Rjf9jxEV.BYoDyLdH.kH14rU52pOBtrX.4S34qlPt77chflCHvpTCq9a6huLzwaMR50rEICzA5GoIRZlM0
+ plaintext-password ""
+ }
+ }
+ }
+ ntp {
+ server time1.vyos.net {
+ }
+ server time2.vyos.net {
+ }
+ server time3.vyos.net {
+ }
+ }
+ syslog {
+ global {
+ facility all {
+ level info
+ }
+ facility protocols {
+ level debug
+ }
+ }
+ }
+}
+traffic-policy {
+ shaper M2 {
+ bandwidth auto
+ class 10 {
+ bandwidth 100%
+ burst 15k
+ match ADDRESS10 {
+ ip {
+ dscp CS4
+ }
+ }
+ queue-type fair-queue
+ set-dscp CS5
+ }
+ default {
+ bandwidth 10mbit
+ burst 15k
+ queue-type fair-queue
+ }
+ }
+ shaper MY-HTB {
+ bandwidth 10mbit
+ class 30 {
+ bandwidth 10%
+ burst 15k
+ ceiling 50%
+ match ADDRESS30 {
+ ip {
+ source {
+ address 10.1.1.0/24
+ }
+ }
+ }
+ priority 5
+ queue-type fair-queue
+ }
+ class 40 {
+ bandwidth 90%
+ burst 15k
+ ceiling 100%
+ match ADDRESS40 {
+ ip {
+ dscp CS4
+ source {
+ address 10.2.1.0/24
+ }
+ }
+ }
+ priority 5
+ queue-type fair-queue
+ }
+ class 50 {
+ bandwidth 100%
+ burst 15k
+ match ADDRESS50 {
+ ip {
+ dscp CS5
+ }
+ }
+ queue-type fair-queue
+ set-dscp CS7
+ }
+ default {
+ bandwidth 10%
+ burst 15k
+ ceiling 100%
+ priority 7
+ queue-type fair-queue
+ set-dscp CS1
+ }
+ }
+ shaper FS {
+ bandwidth auto
+ class 10 {
+ bandwidth 100%
+ burst 15k
+ match ADDRESS10 {
+ ip {
+ source {
+ address 172.17.1.2/32
+ }
+ }
+ }
+ queue-type fair-queue
+ set-dscp CS4
+ }
+ class 20 {
+ bandwidth 100%
+ burst 15k
+ match ADDRESS20 {
+ ip {
+ source {
+ address 172.17.1.3/32
+ }
+ }
+ }
+ queue-type fair-queue
+ set-dscp CS5
+ }
+ class 30 {
+ bandwidth 100%
+ burst 15k
+ match ADDRESS30 {
+ ip {
+ source {
+ address 172.17.1.4/32
+ }
+ }
+ }
+ queue-type fair-queue
+ set-dscp CS6
+ }
+ default {
+ bandwidth 10%
+ burst 15k
+ ceiling 100%
+ priority 7
+ queue-type fair-queue
+ }
+ }
+}
+// Warning: Do not remove the following line.
+// vyos-config-version: "broadcast-relay@1:cluster@1:config-management@1:conntrack@3:conntrack-sync@2:dhcp-relay@2:dhcp-server@6:dhcpv6-server@1:dns-forwarding@3:firewall@5:https@2:interfaces@22:ipoe-server@1:ipsec@5:isis@1:l2tp@3:lldp@1:mdns@1:nat@5:ntp@1:pppoe-server@5:pptp@2:qos@1:quagga@8:rpki@1:salt@1:snmp@2:ssh@2:sstp@3:system@21:vrrp@2:vyos-accel-ppp@2:wanloadbalance@3:webproxy@2:zone-policy@1"
+// Release version: 1.3.1
+
diff --git a/smoketest/scripts/cli/base_interfaces_test.py b/smoketest/scripts/cli/base_interfaces_test.py
index 340ec4edd..816ba6dcd 100644
--- a/smoketest/scripts/cli/base_interfaces_test.py
+++ b/smoketest/scripts/cli/base_interfaces_test.py
@@ -1,4 +1,4 @@
-# Copyright (C) 2019-2021 VyOS maintainers and contributors
+# Copyright (C) 2019-2022 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
@@ -56,6 +56,7 @@ def is_mirrored_to(interface, mirror_if, qdisc):
class BasicInterfaceTest:
class TestCase(VyOSUnitTestSHIM.TestCase):
+ _test_dhcp = False
_test_ip = False
_test_mtu = False
_test_vlan = False
@@ -77,18 +78,25 @@ class BasicInterfaceTest:
# choose IPv6 minimum MTU value for tests - this must always work
_mtu = '1280'
- def setUp(self):
+ @classmethod
+ def setUpClass(cls):
+ super(BasicInterfaceTest.TestCase, cls).setUpClass()
+
# Setup mirror interfaces for SPAN (Switch Port Analyzer)
- for span in self._mirror_interfaces:
+ for span in cls._mirror_interfaces:
section = Section.section(span)
- self.cli_set(['interfaces', section, span])
+ cls.cli_set(cls, ['interfaces', section, span])
- def tearDown(self):
+ @classmethod
+ def tearDownClass(cls):
# Tear down mirror interfaces for SPAN (Switch Port Analyzer)
- for span in self._mirror_interfaces:
+ for span in cls._mirror_interfaces:
section = Section.section(span)
- self.cli_delete(['interfaces', section, span])
+ cls.cli_delete(cls, ['interfaces', section, span])
+
+ super(BasicInterfaceTest.TestCase, cls).tearDownClass()
+ def tearDown(self):
self.cli_delete(self._base_path)
self.cli_commit()
@@ -96,6 +104,35 @@ class BasicInterfaceTest:
for intf in self._interfaces:
self.assertNotIn(intf, interfaces())
+ # No daemon that was started during a test should remain running
+ for daemon in ['dhcp6c', 'dhclient']:
+ self.assertFalse(process_named_running(daemon))
+
+ def test_dhcp_disable_interface(self):
+ if not self._test_dhcp:
+ self.skipTest('not supported')
+
+ # When interface is configured as admin down, it must be admin down
+ # even when dhcpc starts on the given interface
+ for interface in self._interfaces:
+ self.cli_set(self._base_path + [interface, 'disable'])
+ for option in self._options.get(interface, []):
+ self.cli_set(self._base_path + [interface] + option.split())
+
+ self.cli_set(self._base_path + [interface, 'disable'])
+
+ # Also enable DHCP (ISC DHCP always places interface in admin up
+ # state so we check that we do not start DHCP client.
+ # https://phabricator.vyos.net/T2767
+ self.cli_set(self._base_path + [interface, 'address', 'dhcp'])
+
+ self.cli_commit()
+
+ # Validate interface state
+ for interface in self._interfaces:
+ flags = read_file(f'/sys/class/net/{interface}/flags')
+ self.assertEqual(int(flags, 16) & 1, 0)
+
def test_span_mirror(self):
if not self._mirror_interfaces:
self.skipTest('not supported')
@@ -171,10 +208,10 @@ class BasicInterfaceTest:
def test_add_multiple_ip_addresses(self):
# Add address
for intf in self._interfaces:
+ for option in self._options.get(intf, []):
+ self.cli_set(self._base_path + [intf] + option.split())
for addr in self._test_addr:
self.cli_set(self._base_path + [intf, 'address', addr])
- for option in self._options.get(intf, []):
- self.cli_set(self._base_path + [intf] + option.split())
self.cli_commit()
@@ -202,6 +239,7 @@ class BasicInterfaceTest:
self.cli_commit()
for interface in self._interfaces:
+ self.assertIn(AF_INET6, ifaddresses(interface))
for addr in ifaddresses(interface)[AF_INET6]:
self.assertTrue(is_ipv6_link_local(addr['addr']))
@@ -297,6 +335,23 @@ class BasicInterfaceTest:
self.assertEqual(Interface(vif).get_admin_state(), 'up')
+ # T4064: Delete interface addresses, keep VLAN interface
+ for interface in self._interfaces:
+ base = self._base_path + [interface]
+ for vlan in self._vlan_range:
+ base = self._base_path + [interface, 'vif', vlan]
+ self.cli_delete(base + ['address'])
+
+ self.cli_commit()
+
+ # Verify no IP address is assigned
+ for interface in self._interfaces:
+ for vlan in self._vlan_range:
+ vif = f'{intf}.{vlan}'
+ for address in self._test_addr:
+ self.assertFalse(is_intf_addr_assigned(vif, address))
+
+
def test_vif_8021q_mtu_limits(self):
# XXX: This testcase is not allowed to run as first testcase, reason
# is the Wireless test will first load the wifi kernel hwsim module
@@ -493,6 +548,24 @@ class BasicInterfaceTest:
tmp = get_interface_config(vif)
self.assertEqual(tmp['mtu'], int(self._mtu))
+
+ # T4064: Delete interface addresses, keep VLAN interface
+ for interface in self._interfaces:
+ base = self._base_path + [interface]
+ for vif_s in self._qinq_range:
+ for vif_c in self._vlan_range:
+ self.cli_delete(self._base_path + [interface, 'vif-s', vif_s, 'vif-c', vif_c, 'address'])
+
+ self.cli_commit()
+ # Verify no IP address is assigned
+ for interface in self._interfaces:
+ base = self._base_path + [interface]
+ for vif_s in self._qinq_range:
+ for vif_c in self._vlan_range:
+ vif = f'{interface}.{vif_s}.{vif_c}'
+ for address in self._test_addr:
+ self.assertFalse(is_intf_addr_assigned(vif, address))
+
# T3972: remove vif-c interfaces from vif-s
for interface in self._interfaces:
base = self._base_path + [interface]
@@ -572,11 +645,11 @@ class BasicInterfaceTest:
self.cli_commit()
for interface in self._interfaces:
- base_options = f'-A FORWARD -o {interface} -p tcp -m tcp --tcp-flags SYN,RST SYN'
- out = cmd('sudo iptables-save -t mangle')
+ base_options = f'oifname "{interface}"'
+ out = cmd('sudo nft list chain raw VYOS_TCP_MSS')
for line in out.splitlines():
if line.startswith(base_options):
- self.assertIn(f'--set-mss {mss}', line)
+ self.assertIn(f'tcp option maxseg size set {mss}', line)
tmp = read_file(f'/proc/sys/net/ipv4/neigh/{interface}/base_reachable_time_ms')
self.assertEqual(tmp, str((int(arp_tmo) * 1000))) # tmo value is in milli seconds
@@ -627,11 +700,11 @@ class BasicInterfaceTest:
self.cli_commit()
for interface in self._interfaces:
- base_options = f'-A FORWARD -o {interface} -p tcp -m tcp --tcp-flags SYN,RST SYN'
- out = cmd('sudo ip6tables-save -t mangle')
+ base_options = f'oifname "{interface}"'
+ out = cmd('sudo nft list chain ip6 raw VYOS_TCP_MSS')
for line in out.splitlines():
if line.startswith(base_options):
- self.assertIn(f'--set-mss {mss}', line)
+ self.assertIn(f'tcp option maxseg size set {mss}', line)
proc_base = f'/proc/sys/net/ipv6/conf/{interface}'
diff --git a/smoketest/scripts/cli/base_vyostest_shim.py b/smoketest/scripts/cli/base_vyostest_shim.py
index 50f80e7d1..7cfb53045 100644
--- a/smoketest/scripts/cli/base_vyostest_shim.py
+++ b/smoketest/scripts/cli/base_vyostest_shim.py
@@ -16,6 +16,7 @@ import os
import unittest
from time import sleep
+from typing import Type
from vyos.configsession import ConfigSession
from vyos.configsession import ConfigSessionError
@@ -73,7 +74,7 @@ class VyOSUnitTestSHIM:
def cli_commit(self):
self._session.commit()
# during a commit there is a process opening commit_lock, and run() returns 0
- while run(f'sudo lsof | grep -q {commit_lock}') == 0:
+ while run(f'sudo lsof -nP {commit_lock}') == 0:
sleep(0.250)
def getFRRconfig(self, string, end='$', endsection='^!', daemon=''):
@@ -85,3 +86,17 @@ class VyOSUnitTestSHIM:
print(f'\n\ncommand "{command}" returned:\n')
pprint.pprint(out)
return out
+
+# standard construction; typing suggestion: https://stackoverflow.com/a/70292317
+def ignore_warning(warning: Type[Warning]):
+ import warnings
+ from functools import wraps
+
+ def inner(f):
+ @wraps(f)
+ def wrapped(*args, **kwargs):
+ with warnings.catch_warnings():
+ warnings.simplefilter("ignore", category=warning)
+ return f(*args, **kwargs)
+ return wrapped
+ return inner
diff --git a/smoketest/scripts/cli/test_component_version.py b/smoketest/scripts/cli/test_component_version.py
new file mode 100755
index 000000000..777379bdd
--- /dev/null
+++ b/smoketest/scripts/cli/test_component_version.py
@@ -0,0 +1,36 @@
+#!/usr/bin/env python3
+#
+# Copyright (C) 2022 VyOS maintainers and contributors
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 or later as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+import unittest
+
+from vyos.systemversions import get_system_versions, get_system_component_version
+
+# After T3474, component versions should be updated in the files in
+# vyos-1x/interface-definitions/include/version/
+# This test verifies that the legacy version in curver_DATA does not exceed
+# that in the xml cache.
+class TestComponentVersion(unittest.TestCase):
+ def setUp(self):
+ self.legacy_d = get_system_versions()
+ self.xml_d = get_system_component_version()
+
+ def test_component_version(self):
+ self.assertTrue(set(self.legacy_d).issubset(set(self.xml_d)))
+ for k, v in self.legacy_d.items():
+ self.assertTrue(v <= self.xml_d[k])
+
+if __name__ == '__main__':
+ unittest.main(verbosity=2)
diff --git a/smoketest/scripts/cli/test_configd_init.py b/smoketest/scripts/cli/test_configd_init.py
new file mode 100755
index 000000000..5dec89963
--- /dev/null
+++ b/smoketest/scripts/cli/test_configd_init.py
@@ -0,0 +1,38 @@
+#!/usr/bin/env python3
+#
+# Copyright (C) 2021 VyOS maintainers and contributors
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 or later as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+import unittest
+from time import sleep
+
+from vyos.util import cmd, is_systemd_service_running
+
+class TestConfigdInit(unittest.TestCase):
+ def setUp(self):
+ self.running_state = is_systemd_service_running('vyos-configd.service')
+
+ def test_configd_init(self):
+ if not self.running_state:
+ cmd('sudo systemctl start vyos-configd.service')
+ # allow time for init to succeed/fail
+ sleep(2)
+ self.assertTrue(is_systemd_service_running('vyos-configd.service'))
+
+ def tearDown(self):
+ if not self.running_state:
+ cmd('sudo systemctl stop vyos-configd.service')
+
+if __name__ == '__main__':
+ unittest.main(verbosity=2)
diff --git a/smoketest/scripts/cli/test_firewall.py b/smoketest/scripts/cli/test_firewall.py
new file mode 100755
index 000000000..b8f944575
--- /dev/null
+++ b/smoketest/scripts/cli/test_firewall.py
@@ -0,0 +1,233 @@
+#!/usr/bin/env python3
+#
+# Copyright (C) 2021-2022 VyOS maintainers and contributors
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 or later as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+import unittest
+
+from glob import glob
+
+from base_vyostest_shim import VyOSUnitTestSHIM
+
+from vyos.util import cmd
+
+sysfs_config = {
+ 'all_ping': {'sysfs': '/proc/sys/net/ipv4/icmp_echo_ignore_all', 'default': '0', 'test_value': 'disable'},
+ 'broadcast_ping': {'sysfs': '/proc/sys/net/ipv4/icmp_echo_ignore_broadcasts', 'default': '1', 'test_value': 'enable'},
+ 'ip_src_route': {'sysfs': '/proc/sys/net/ipv4/conf/*/accept_source_route', 'default': '0', 'test_value': 'enable'},
+ 'ipv6_receive_redirects': {'sysfs': '/proc/sys/net/ipv6/conf/*/accept_redirects', 'default': '0', 'test_value': 'enable'},
+ 'ipv6_src_route': {'sysfs': '/proc/sys/net/ipv6/conf/*/accept_source_route', 'default': '-1', 'test_value': 'enable'},
+ 'log_martians': {'sysfs': '/proc/sys/net/ipv4/conf/all/log_martians', 'default': '1', 'test_value': 'disable'},
+ 'receive_redirects': {'sysfs': '/proc/sys/net/ipv4/conf/*/accept_redirects', 'default': '0', 'test_value': 'enable'},
+ 'send_redirects': {'sysfs': '/proc/sys/net/ipv4/conf/*/send_redirects', 'default': '1', 'test_value': 'disable'},
+ 'syn_cookies': {'sysfs': '/proc/sys/net/ipv4/tcp_syncookies', 'default': '1', 'test_value': 'disable'},
+ 'twa_hazards_protection': {'sysfs': '/proc/sys/net/ipv4/tcp_rfc1337', 'default': '0', 'test_value': 'enable'}
+}
+
+class TestFirewall(VyOSUnitTestSHIM.TestCase):
+ @classmethod
+ def setUpClass(cls):
+ super(TestFirewall, cls).setUpClass()
+
+ # ensure we can also run this test on a live system - so lets clean
+ # out the current configuration :)
+ cls.cli_delete(cls, ['firewall'])
+
+ cls.cli_set(cls, ['interfaces', 'ethernet', 'eth0', 'address', '172.16.10.1/24'])
+
+ @classmethod
+ def tearDownClass(cls):
+ cls.cli_delete(cls, ['interfaces', 'ethernet', 'eth0', 'address', '172.16.10.1/24'])
+ super(TestFirewall, cls).tearDownClass()
+
+ def tearDown(self):
+ self.cli_delete(['interfaces', 'ethernet', 'eth0', 'firewall'])
+ self.cli_delete(['firewall'])
+ self.cli_commit()
+
+ def test_groups(self):
+ self.cli_set(['firewall', 'group', 'mac-group', 'smoketest_mac', 'mac-address', '00:01:02:03:04:05'])
+ self.cli_set(['firewall', 'group', 'network-group', 'smoketest_network', 'network', '172.16.99.0/24'])
+ self.cli_set(['firewall', 'group', 'port-group', 'smoketest_port', 'port', '53'])
+ self.cli_set(['firewall', 'group', 'port-group', 'smoketest_port', 'port', '123'])
+ self.cli_set(['firewall', 'name', 'smoketest', 'rule', '1', 'action', 'accept'])
+ self.cli_set(['firewall', 'name', 'smoketest', 'rule', '1', 'source', 'group', 'network-group', 'smoketest_network'])
+ self.cli_set(['firewall', 'name', 'smoketest', 'rule', '1', 'destination', 'address', '172.16.10.10'])
+ self.cli_set(['firewall', 'name', 'smoketest', 'rule', '1', 'destination', 'group', 'port-group', 'smoketest_port'])
+ self.cli_set(['firewall', 'name', 'smoketest', 'rule', '1', 'protocol', 'tcp_udp'])
+ self.cli_set(['firewall', 'name', 'smoketest', 'rule', '2', 'action', 'accept'])
+ self.cli_set(['firewall', 'name', 'smoketest', 'rule', '2', 'source', 'group', 'mac-group', 'smoketest_mac'])
+
+ self.cli_set(['interfaces', 'ethernet', 'eth0', 'firewall', 'in', 'name', 'smoketest'])
+
+ self.cli_commit()
+
+ nftables_search = [
+ ['iifname "eth0"', 'jump NAME_smoketest'],
+ ['ip saddr { 172.16.99.0/24 }', 'ip daddr 172.16.10.10', 'th dport { 53, 123 }', 'return'],
+ ['ether saddr { 00:01:02:03:04:05 }', 'return']
+ ]
+
+ nftables_output = cmd('sudo nft list table ip filter')
+
+ for search in nftables_search:
+ matched = False
+ for line in nftables_output.split("\n"):
+ if all(item in line for item in search):
+ matched = True
+ break
+ self.assertTrue(matched, msg=search)
+
+ def test_basic_rules(self):
+ self.cli_set(['firewall', 'name', 'smoketest', 'default-action', 'drop'])
+ self.cli_set(['firewall', 'name', 'smoketest', 'rule', '1', 'action', 'accept'])
+ self.cli_set(['firewall', 'name', 'smoketest', 'rule', '1', 'source', 'address', '172.16.20.10'])
+ self.cli_set(['firewall', 'name', 'smoketest', 'rule', '1', 'destination', 'address', '172.16.10.10'])
+ self.cli_set(['firewall', 'name', 'smoketest', 'rule', '2', 'action', 'reject'])
+ self.cli_set(['firewall', 'name', 'smoketest', 'rule', '2', 'protocol', 'tcp'])
+ self.cli_set(['firewall', 'name', 'smoketest', 'rule', '2', 'destination', 'port', '8888'])
+ self.cli_set(['firewall', 'name', 'smoketest', 'rule', '2', 'tcp', 'flags', 'syn'])
+ self.cli_set(['firewall', 'name', 'smoketest', 'rule', '2', 'tcp', 'flags', 'not', 'ack'])
+ self.cli_set(['firewall', 'name', 'smoketest', 'rule', '3', 'action', 'accept'])
+ self.cli_set(['firewall', 'name', 'smoketest', 'rule', '3', 'protocol', 'tcp'])
+ self.cli_set(['firewall', 'name', 'smoketest', 'rule', '3', 'destination', 'port', '22'])
+ self.cli_set(['firewall', 'name', 'smoketest', 'rule', '3', 'limit', 'rate', '5/minute'])
+
+ self.cli_set(['interfaces', 'ethernet', 'eth0', 'firewall', 'in', 'name', 'smoketest'])
+
+ self.cli_commit()
+
+ nftables_search = [
+ ['iifname "eth0"', 'jump NAME_smoketest'],
+ ['saddr 172.16.20.10', 'daddr 172.16.10.10', 'return'],
+ ['tcp flags & (syn | ack) == syn', 'tcp dport { 8888 }', 'reject'],
+ ['tcp dport { 22 }', 'limit rate 5/minute', 'return'],
+ ['smoketest default-action', 'drop']
+ ]
+
+ nftables_output = cmd('sudo nft list table ip filter')
+
+ for search in nftables_search:
+ matched = False
+ for line in nftables_output.split("\n"):
+ if all(item in line for item in search):
+ matched = True
+ break
+ self.assertTrue(matched, msg=search)
+
+ def test_basic_rules_ipv6(self):
+ self.cli_set(['firewall', 'ipv6-name', 'v6-smoketest', 'default-action', 'drop'])
+ self.cli_set(['firewall', 'ipv6-name', 'v6-smoketest', 'rule', '1', 'action', 'accept'])
+ self.cli_set(['firewall', 'ipv6-name', 'v6-smoketest', 'rule', '1', 'source', 'address', '2002::1'])
+ self.cli_set(['firewall', 'ipv6-name', 'v6-smoketest', 'rule', '1', 'destination', 'address', '2002::1:1'])
+ self.cli_set(['firewall', 'ipv6-name', 'v6-smoketest', 'rule', '2', 'action', 'reject'])
+ self.cli_set(['firewall', 'ipv6-name', 'v6-smoketest', 'rule', '2', 'protocol', 'tcp_udp'])
+ self.cli_set(['firewall', 'ipv6-name', 'v6-smoketest', 'rule', '2', 'destination', 'port', '8888'])
+
+ self.cli_set(['interfaces', 'ethernet', 'eth0', 'firewall', 'in', 'ipv6-name', 'v6-smoketest'])
+
+ self.cli_commit()
+
+ nftables_search = [
+ ['iifname "eth0"', 'jump NAME6_v6-smoketest'],
+ ['saddr 2002::1', 'daddr 2002::1:1', 'return'],
+ ['meta l4proto { tcp, udp }', 'th dport { 8888 }', 'reject'],
+ ['smoketest default-action', 'drop']
+ ]
+
+ nftables_output = cmd('sudo nft list table ip6 filter')
+
+ for search in nftables_search:
+ matched = False
+ for line in nftables_output.split("\n"):
+ if all(item in line for item in search):
+ matched = True
+ break
+ self.assertTrue(matched, msg=search)
+
+ def test_state_policy(self):
+ self.cli_set(['firewall', 'state-policy', 'established', 'action', 'accept'])
+ self.cli_set(['firewall', 'state-policy', 'related', 'action', 'accept'])
+ self.cli_set(['firewall', 'state-policy', 'invalid', 'action', 'drop'])
+
+ self.cli_commit()
+
+ chains = {
+ 'ip filter': ['VYOS_FW_FORWARD', 'VYOS_FW_OUTPUT', 'VYOS_FW_LOCAL'],
+ 'ip6 filter': ['VYOS_FW6_FORWARD', 'VYOS_FW6_OUTPUT', 'VYOS_FW6_LOCAL']
+ }
+
+ for table in ['ip filter', 'ip6 filter']:
+ for chain in chains[table]:
+ nftables_output = cmd(f'sudo nft list chain {table} {chain}')
+ self.assertTrue('jump VYOS_STATE_POLICY' in nftables_output)
+
+ def test_state_and_status_rules(self):
+ self.cli_set(['firewall', 'name', 'smoketest', 'default-action', 'drop'])
+ self.cli_set(['firewall', 'name', 'smoketest', 'rule', '1', 'action', 'accept'])
+ self.cli_set(['firewall', 'name', 'smoketest', 'rule', '1', 'state', 'established', 'enable'])
+ self.cli_set(['firewall', 'name', 'smoketest', 'rule', '1', 'state', 'related', 'enable'])
+ self.cli_set(['firewall', 'name', 'smoketest', 'rule', '2', 'action', 'reject'])
+ self.cli_set(['firewall', 'name', 'smoketest', 'rule', '2', 'state', 'invalid', 'enable'])
+ self.cli_set(['firewall', 'name', 'smoketest', 'rule', '3', 'action', 'accept'])
+ self.cli_set(['firewall', 'name', 'smoketest', 'rule', '3', 'state', 'new', 'enable'])
+
+ self.cli_set(['firewall', 'name', 'smoketest', 'rule', '3', 'connection-status', 'nat', 'destination'])
+ self.cli_set(['firewall', 'name', 'smoketest', 'rule', '4', 'action', 'accept'])
+ self.cli_set(['firewall', 'name', 'smoketest', 'rule', '4', 'state', 'new', 'enable'])
+ self.cli_set(['firewall', 'name', 'smoketest', 'rule', '4', 'state', 'established', 'enable'])
+ self.cli_set(['firewall', 'name', 'smoketest', 'rule', '4', 'connection-status', 'nat', 'source'])
+
+ self.cli_set(['interfaces', 'ethernet', 'eth0', 'firewall', 'in', 'name', 'smoketest'])
+
+ self.cli_commit()
+
+ nftables_search = [
+ ['iifname "eth0"', 'jump NAME_smoketest'],
+ ['ct state { established, related }', 'return'],
+ ['ct state { invalid }', 'reject'],
+ ['ct state { new }', 'ct status { dnat }', 'return'],
+ ['ct state { established, new }', 'ct status { snat }', 'return'],
+ ['smoketest default-action', 'drop']
+ ]
+
+ nftables_output = cmd('sudo nft list table ip filter')
+
+ for search in nftables_search:
+ matched = False
+ for line in nftables_output.split("\n"):
+ if all(item in line for item in search):
+ matched = True
+ break
+ self.assertTrue(matched, msg=search)
+
+ def test_sysfs(self):
+ for name, conf in sysfs_config.items():
+ paths = glob(conf['sysfs'])
+ for path in paths:
+ with open(path, 'r') as f:
+ self.assertEqual(f.read().strip(), conf['default'], msg=path)
+
+ self.cli_set(['firewall', name.replace("_", "-"), conf['test_value']])
+
+ self.cli_commit()
+
+ for name, conf in sysfs_config.items():
+ paths = glob(conf['sysfs'])
+ for path in paths:
+ with open(path, 'r') as f:
+ self.assertNotEqual(f.read().strip(), conf['default'], msg=path)
+
+if __name__ == '__main__':
+ unittest.main(verbosity=2)
diff --git a/smoketest/scripts/cli/test_ha_virtual_server.py b/smoketest/scripts/cli/test_ha_virtual_server.py
new file mode 100755
index 000000000..e3a91283e
--- /dev/null
+++ b/smoketest/scripts/cli/test_ha_virtual_server.py
@@ -0,0 +1,146 @@
+#!/usr/bin/env python3
+#
+# Copyright (C) 2021-2022 VyOS maintainers and contributors
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 or later as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+import unittest
+
+from base_vyostest_shim import VyOSUnitTestSHIM
+
+from vyos.configsession import ConfigSessionError
+from vyos.ifconfig.vrrp import VRRP
+from vyos.util import cmd
+from vyos.util import process_named_running
+from vyos.util import read_file
+from vyos.template import inc_ip
+
+PROCESS_NAME = 'keepalived'
+KEEPALIVED_CONF = VRRP.location['config']
+base_path = ['high-availability']
+vrrp_interface = 'eth1'
+
+class TestHAVirtualServer(VyOSUnitTestSHIM.TestCase):
+ def tearDown(self):
+ # Check for running process
+ self.assertTrue(process_named_running(PROCESS_NAME))
+
+ self.cli_delete(['interfaces', 'ethernet', vrrp_interface, 'address'])
+ self.cli_delete(base_path)
+ self.cli_commit()
+
+ # Process must be terminated after deleting the config
+ self.assertFalse(process_named_running(PROCESS_NAME))
+
+ def test_01_ha_virtual_server(self):
+ algo = 'least-connection'
+ delay = '10'
+ method = 'nat'
+ persistence_timeout = '600'
+ vip = '203.0.113.111'
+ vport = '2222'
+ rservers = ['192.0.2.21', '192.0.2.22', '192.0.2.23']
+ rport = '22'
+ proto = 'tcp'
+ connection_timeout = '30'
+
+ vserver_base = base_path + ['virtual-server']
+
+ self.cli_set(vserver_base + [vip, 'algorithm', algo])
+ self.cli_set(vserver_base + [vip, 'delay-loop', delay])
+ self.cli_set(vserver_base + [vip, 'forward-method', method])
+ self.cli_set(vserver_base + [vip, 'persistence-timeout', persistence_timeout])
+ self.cli_set(vserver_base + [vip, 'port', vport])
+ self.cli_set(vserver_base + [vip, 'protocol', proto])
+ for rs in rservers:
+ self.cli_set(vserver_base + [vip, 'real-server', rs, 'connection-timeout', connection_timeout])
+ self.cli_set(vserver_base + [vip, 'real-server', rs, 'port', rport])
+
+ # commit changes
+ self.cli_commit()
+
+ config = read_file(KEEPALIVED_CONF)
+
+ self.assertIn(f'delay_loop {delay}', config)
+ self.assertIn(f'lb_algo lc', config)
+ self.assertIn(f'lb_kind {method.upper()}', config)
+ self.assertIn(f'persistence_timeout {persistence_timeout}', config)
+ self.assertIn(f'protocol {proto.upper()}', config)
+ for rs in rservers:
+ self.assertIn(f'real_server {rs} {rport}', config)
+ self.assertIn(f'{proto.upper()}_CHECK', config)
+ self.assertIn(f'connect_timeout {connection_timeout}', config)
+
+ def test_02_ha_virtual_server_and_vrrp(self):
+ algo = 'least-connection'
+ delay = '15'
+ method = 'nat'
+ persistence_timeout = '300'
+ vip = '203.0.113.222'
+ vport = '22322'
+ rservers = ['192.0.2.11', '192.0.2.12']
+ rport = '222'
+ proto = 'tcp'
+ connection_timeout = '23'
+ group = 'VyOS'
+ vrid = '99'
+
+ vrrp_base = base_path + ['vrrp', 'group']
+ vserver_base = base_path + ['virtual-server']
+
+ self.cli_set(['interfaces', 'ethernet', vrrp_interface, 'address', '203.0.113.10/24'])
+
+ # VRRP config
+ self.cli_set(vrrp_base + [group, 'description', group])
+ self.cli_set(vrrp_base + [group, 'interface', vrrp_interface])
+ self.cli_set(vrrp_base + [group, 'address', vip + '/24'])
+ self.cli_set(vrrp_base + [group, 'vrid', vrid])
+
+ # Virtual-server config
+ self.cli_set(vserver_base + [vip, 'algorithm', algo])
+ self.cli_set(vserver_base + [vip, 'delay-loop', delay])
+ self.cli_set(vserver_base + [vip, 'forward-method', method])
+ self.cli_set(vserver_base + [vip, 'persistence-timeout', persistence_timeout])
+ self.cli_set(vserver_base + [vip, 'port', vport])
+ self.cli_set(vserver_base + [vip, 'protocol', proto])
+ for rs in rservers:
+ self.cli_set(vserver_base + [vip, 'real-server', rs, 'connection-timeout', connection_timeout])
+ self.cli_set(vserver_base + [vip, 'real-server', rs, 'port', rport])
+
+ # commit changes
+ self.cli_commit()
+
+ config = read_file(KEEPALIVED_CONF)
+
+ # Keepalived vrrp
+ self.assertIn(f'# {group}', config)
+ self.assertIn(f'interface {vrrp_interface}', config)
+ self.assertIn(f'virtual_router_id {vrid}', config)
+ self.assertIn(f'priority 100', config) # default value
+ self.assertIn(f'advert_int 1', config) # default value
+ self.assertIn(f'preempt_delay 0', config) # default value
+
+ # Keepalived virtual-server
+ self.assertIn(f'delay_loop {delay}', config)
+ self.assertIn(f'lb_algo lc', config)
+ self.assertIn(f'lb_kind {method.upper()}', config)
+ self.assertIn(f'persistence_timeout {persistence_timeout}', config)
+ self.assertIn(f'protocol {proto.upper()}', config)
+ for rs in rservers:
+ self.assertIn(f'real_server {rs} {rport}', config)
+ self.assertIn(f'{proto.upper()}_CHECK', config)
+ self.assertIn(f'connect_timeout {connection_timeout}', config)
+
+
+if __name__ == '__main__':
+ unittest.main(verbosity=2)
diff --git a/smoketest/scripts/cli/test_ha_vrrp.py b/smoketest/scripts/cli/test_ha_vrrp.py
index 2524bf2b1..68905e447 100755
--- a/smoketest/scripts/cli/test_ha_vrrp.py
+++ b/smoketest/scripts/cli/test_ha_vrrp.py
@@ -27,7 +27,7 @@ from vyos.template import inc_ip
PROCESS_NAME = 'keepalived'
KEEPALIVED_CONF = VRRP.location['config']
-base_path = ['high-availability', 'vrrp']
+base_path = ['high-availability']
vrrp_interface = 'eth1'
groups = ['VLAN77', 'VLAN78', 'VLAN201']
@@ -44,7 +44,7 @@ class TestVRRP(VyOSUnitTestSHIM.TestCase):
for group in groups:
vlan_id = group.lstrip('VLAN')
- self.cli_set(['interfaces', 'ethernet', vrrp_interface, 'vif', vlan_id])
+ self.cli_delete(['interfaces', 'ethernet', vrrp_interface, 'vif', vlan_id])
self.cli_delete(base_path)
self.cli_commit()
@@ -56,7 +56,7 @@ class TestVRRP(VyOSUnitTestSHIM.TestCase):
for group in groups:
vlan_id = group.lstrip('VLAN')
vip = f'100.64.{vlan_id}.1/24'
- group_base = base_path + ['group', group]
+ group_base = base_path + ['vrrp', 'group', group]
self.cli_set(['interfaces', 'ethernet', vrrp_interface, 'vif', vlan_id, 'address', inc_ip(vip, 1) + '/' + vip.split('/')[-1]])
@@ -91,7 +91,7 @@ class TestVRRP(VyOSUnitTestSHIM.TestCase):
for group in groups:
vlan_id = group.lstrip('VLAN')
vip = f'100.64.{vlan_id}.1/24'
- group_base = base_path + ['group', group]
+ group_base = base_path + ['vrrp', 'group', group]
self.cli_set(['interfaces', 'ethernet', vrrp_interface, 'vif', vlan_id, 'address', inc_ip(vip, 1) + '/' + vip.split('/')[-1]])
@@ -108,7 +108,7 @@ class TestVRRP(VyOSUnitTestSHIM.TestCase):
# Authentication
self.cli_set(group_base + ['authentication', 'type', 'plaintext-password'])
- self.cli_set(group_base + ['authentication', 'password', f'vyos-{group}'])
+ self.cli_set(group_base + ['authentication', 'password', f'{group}'])
# commit changes
self.cli_commit()
@@ -129,7 +129,7 @@ class TestVRRP(VyOSUnitTestSHIM.TestCase):
self.assertIn(f' {vip}', config)
# Authentication
- self.assertIn(f'auth_pass "vyos-{group}"', config)
+ self.assertIn(f'auth_pass "{group}"', config)
self.assertIn(f'auth_type PASS', config)
def test_03_sync_group(self):
@@ -138,7 +138,7 @@ class TestVRRP(VyOSUnitTestSHIM.TestCase):
for group in groups:
vlan_id = group.lstrip('VLAN')
vip = f'100.64.{vlan_id}.1/24'
- group_base = base_path + ['group', group]
+ group_base = base_path + ['vrrp', 'group', group]
self.cli_set(['interfaces', 'ethernet', vrrp_interface, 'vif', vlan_id, 'address', inc_ip(vip, 1) + '/' + vip.split('/')[-1]])
@@ -146,7 +146,7 @@ class TestVRRP(VyOSUnitTestSHIM.TestCase):
self.cli_set(group_base + ['address', vip])
self.cli_set(group_base + ['vrid', vlan_id])
- self.cli_set(base_path + ['sync-group', sync_group, 'member', group])
+ self.cli_set(base_path + ['vrrp', 'sync-group', sync_group, 'member', group])
# commit changes
self.cli_commit()
@@ -166,5 +166,35 @@ class TestVRRP(VyOSUnitTestSHIM.TestCase):
for group in groups:
self.assertIn(f'{group}', config)
+ def test_04_exclude_vrrp_interface(self):
+ group = 'VyOS-WAN'
+ none_vrrp_interface = 'eth2'
+ vlan_id = '24'
+ vip = '100.64.24.1/24'
+ vip_dev = '192.0.2.2/24'
+ vrid = '150'
+ group_base = base_path + ['vrrp', 'group', group]
+
+ self.cli_set(['interfaces', 'ethernet', vrrp_interface, 'vif', vlan_id, 'address', '100.64.24.11/24'])
+ self.cli_set(group_base + ['interface', f'{vrrp_interface}.{vlan_id}'])
+ self.cli_set(group_base + ['address', vip])
+ self.cli_set(group_base + ['address', vip_dev, 'interface', none_vrrp_interface])
+ self.cli_set(group_base + ['track', 'exclude-vrrp-interface'])
+ self.cli_set(group_base + ['track', 'interface', none_vrrp_interface])
+ self.cli_set(group_base + ['vrid', vrid])
+
+ # commit changes
+ self.cli_commit()
+
+ config = getConfig(f'vrrp_instance {group}')
+
+ self.assertIn(f'interface {vrrp_interface}.{vlan_id}', config)
+ self.assertIn(f'virtual_router_id {vrid}', config)
+ self.assertIn(f'dont_track_primary', config)
+ self.assertIn(f' {vip}', config)
+ self.assertIn(f' {vip_dev} dev {none_vrrp_interface}', config)
+ self.assertIn(f'track_interface', config)
+ self.assertIn(f' {none_vrrp_interface}', config)
+
if __name__ == '__main__':
unittest.main(verbosity=2)
diff --git a/smoketest/scripts/cli/test_interfaces_bonding.py b/smoketest/scripts/cli/test_interfaces_bonding.py
index 86000553e..237abb487 100755
--- a/smoketest/scripts/cli/test_interfaces_bonding.py
+++ b/smoketest/scripts/cli/test_interfaces_bonding.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python3
#
-# Copyright (C) 2020 VyOS maintainers and contributors
+# Copyright (C) 2020-2022 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
@@ -28,6 +28,7 @@ from vyos.util import read_file
class BondingInterfaceTest(BasicInterfaceTest.TestCase):
@classmethod
def setUpClass(cls):
+ cls._test_dhcp = True
cls._test_ip = True
cls._test_ipv6 = True
cls._test_ipv6_pd = True
@@ -36,7 +37,6 @@ class BondingInterfaceTest(BasicInterfaceTest.TestCase):
cls._test_vlan = True
cls._test_qinq = True
cls._base_path = ['interfaces', 'bonding']
- cls._interfaces = ['bond0']
cls._mirror_interfaces = ['dum21354']
cls._members = []
@@ -52,9 +52,10 @@ class BondingInterfaceTest(BasicInterfaceTest.TestCase):
cls._options['bond0'] = []
for member in cls._members:
cls._options['bond0'].append(f'member interface {member}')
+ cls._interfaces = list(cls._options)
# call base-classes classmethod
- super(cls, cls).setUpClass()
+ super(BondingInterfaceTest, cls).setUpClass()
def test_add_single_ip_address(self):
super().test_add_single_ip_address()
@@ -150,5 +151,41 @@ class BondingInterfaceTest(BasicInterfaceTest.TestCase):
defined_policy = read_file(f'/sys/class/net/{interface}/bonding/xmit_hash_policy').split()
self.assertEqual(defined_policy[0], hash_policy)
+ def test_bonding_multi_use_member(self):
+ # Define available bonding hash policies
+ for interface in ['bond10', 'bond20']:
+ for member in self._members:
+ self.cli_set(self._base_path + [interface, 'member', 'interface', member])
+
+ # check validate() - can not use the same member interfaces multiple times
+ with self.assertRaises(ConfigSessionError):
+ self.cli_commit()
+
+ self.cli_delete(self._base_path + ['bond20'])
+
+ self.cli_commit()
+
+ def test_bonding_uniq_member_description(self):
+ ethernet_path = ['interfaces', 'ethernet']
+ for interface in self._interfaces:
+ for option in self._options.get(interface, []):
+ self.cli_set(self._base_path + [interface] + option.split())
+
+ self.cli_commit()
+
+ # Add any changes on bonding members
+ # For example add description on separate ethX interfaces
+ for interface in self._interfaces:
+ for member in self._members:
+ self.cli_set(ethernet_path + [member, 'description', member + '_interface'])
+
+ self.cli_commit()
+
+ # verify config
+ for interface in self._interfaces:
+ slaves = read_file(f'/sys/class/net/{interface}/bonding/slaves').split()
+ for member in self._members:
+ self.assertIn(member, slaves)
+
if __name__ == '__main__':
unittest.main(verbosity=2)
diff --git a/smoketest/scripts/cli/test_interfaces_bridge.py b/smoketest/scripts/cli/test_interfaces_bridge.py
index 4f7e03298..ca0ead9e8 100755
--- a/smoketest/scripts/cli/test_interfaces_bridge.py
+++ b/smoketest/scripts/cli/test_interfaces_bridge.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python3
#
-# Copyright (C) 2020-2021 VyOS maintainers and contributors
+# Copyright (C) 2020-2022 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
@@ -31,6 +31,7 @@ from vyos.validate import is_intf_addr_assigned
class BridgeInterfaceTest(BasicInterfaceTest.TestCase):
@classmethod
def setUpClass(cls):
+ cls._test_dhcp = True
cls._test_ip = True
cls._test_ipv6 = True
cls._test_ipv6_pd = True
@@ -55,7 +56,7 @@ class BridgeInterfaceTest(BasicInterfaceTest.TestCase):
cls._interfaces = list(cls._options)
# call base-classes classmethod
- super(cls, cls).setUpClass()
+ super(BridgeInterfaceTest, cls).setUpClass()
def tearDown(self):
for intf in self._interfaces:
diff --git a/smoketest/scripts/cli/test_interfaces_dummy.py b/smoketest/scripts/cli/test_interfaces_dummy.py
index dedc6fe05..d96ec2c5d 100755
--- a/smoketest/scripts/cli/test_interfaces_dummy.py
+++ b/smoketest/scripts/cli/test_interfaces_dummy.py
@@ -24,7 +24,7 @@ class DummyInterfaceTest(BasicInterfaceTest.TestCase):
cls._base_path = ['interfaces', 'dummy']
cls._interfaces = ['dum435', 'dum8677', 'dum0931', 'dum089']
# call base-classes classmethod
- super(cls, cls).setUpClass()
+ super(DummyInterfaceTest, cls).setUpClass()
if __name__ == '__main__':
unittest.main(verbosity=2)
diff --git a/smoketest/scripts/cli/test_interfaces_ethernet.py b/smoketest/scripts/cli/test_interfaces_ethernet.py
index 6d80e4c96..05d2ae5f5 100755
--- a/smoketest/scripts/cli/test_interfaces_ethernet.py
+++ b/smoketest/scripts/cli/test_interfaces_ethernet.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python3
#
-# Copyright (C) 2020-2021 VyOS maintainers and contributors
+# Copyright (C) 2020-2022 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
@@ -18,32 +18,82 @@ import os
import re
import unittest
+from netifaces import AF_INET
+from netifaces import AF_INET6
+from netifaces import ifaddresses
+
from base_interfaces_test import BasicInterfaceTest
from vyos.configsession import ConfigSessionError
from vyos.ifconfig import Section
+from vyos.pki import CERT_BEGIN
+from vyos.template import is_ipv6
from vyos.util import cmd
from vyos.util import process_named_running
from vyos.util import read_file
+from vyos.validate import is_ipv6_link_local
+
+server_ca_root_cert_data = """
+MIIBcTCCARagAwIBAgIUDcAf1oIQV+6WRaW7NPcSnECQ/lUwCgYIKoZIzj0EAwIw
+HjEcMBoGA1UEAwwTVnlPUyBzZXJ2ZXIgcm9vdCBDQTAeFw0yMjAyMTcxOTQxMjBa
+Fw0zMjAyMTUxOTQxMjBaMB4xHDAaBgNVBAMME1Z5T1Mgc2VydmVyIHJvb3QgQ0Ew
+WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQ0y24GzKQf4aM2Ir12tI9yITOIzAUj
+ZXyJeCmYI6uAnyAMqc4Q4NKyfq3nBi4XP87cs1jlC1P2BZ8MsjL5MdGWozIwMDAP
+BgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRwC/YaieMEnjhYa7K3Flw/o0SFuzAK
+BggqhkjOPQQDAgNJADBGAiEAh3qEj8vScsjAdBy5shXzXDVVOKWCPTdGrPKnu8UW
+a2cCIQDlDgkzWmn5ujc5ATKz1fj+Se/aeqwh4QyoWCVTFLIxhQ==
+"""
-cert_data = """
-MIICFDCCAbugAwIBAgIUfMbIsB/ozMXijYgUYG80T1ry+mcwCgYIKoZIzj0EAwIw
-WTELMAkGA1UEBhMCR0IxEzARBgNVBAgMClNvbWUtU3RhdGUxEjAQBgNVBAcMCVNv
-bWUtQ2l0eTENMAsGA1UECgwEVnlPUzESMBAGA1UEAwwJVnlPUyBUZXN0MB4XDTIx
-MDcyMDEyNDUxMloXDTI2MDcxOTEyNDUxMlowWTELMAkGA1UEBhMCR0IxEzARBgNV
-BAgMClNvbWUtU3RhdGUxEjAQBgNVBAcMCVNvbWUtQ2l0eTENMAsGA1UECgwEVnlP
-UzESMBAGA1UEAwwJVnlPUyBUZXN0MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE
-01HrLcNttqq4/PtoMua8rMWEkOdBu7vP94xzDO7A8C92ls1v86eePy4QllKCzIw3
-QxBIoCuH2peGRfWgPRdFsKNhMF8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8E
-BAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMB0GA1UdDgQWBBSu
-+JnU5ZC4mkuEpqg2+Mk4K79oeDAKBggqhkjOPQQDAgNHADBEAiBEFdzQ/Bc3Lftz
-ngrY605UhA6UprHhAogKgROv7iR4QgIgEFUxTtW3xXJcnUPWhhUFhyZoqfn8dE93
-+dm/LDnp7C0=
+server_ca_intermediate_cert_data = """
+MIIBmTCCAT+gAwIBAgIUNzrtHzLmi3QpPK57tUgCnJZhXXQwCgYIKoZIzj0EAwIw
+HjEcMBoGA1UEAwwTVnlPUyBzZXJ2ZXIgcm9vdCBDQTAeFw0yMjAyMTcxOTQxMjFa
+Fw0zMjAyMTUxOTQxMjFaMCYxJDAiBgNVBAMMG1Z5T1Mgc2VydmVyIGludGVybWVk
+aWF0ZSBDQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABEl2nJ1CzoqPV6hWII2m
+eGN/uieU6wDMECTk/LgG8CCCSYb488dibUiFN/1UFsmoLIdIhkx/6MUCYh62m8U2
+WNujUzBRMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFMV3YwH88I5gFsFUibbQ
+kMR0ECPsMB8GA1UdIwQYMBaAFHAL9hqJ4wSeOFhrsrcWXD+jRIW7MAoGCCqGSM49
+BAMCA0gAMEUCIQC/ahujD9dp5pMMCd3SZddqGC9cXtOwMN0JR3e5CxP13AIgIMQm
+jMYrinFoInxmX64HfshYqnUY8608nK9D2BNPOHo=
"""
-key_data = """
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgPLpD0Ohhoq0g4nhx
-2KMIuze7ucKUt/lBEB2wc03IxXyhRANCAATTUestw222qrj8+2gy5rysxYSQ50G7
-u8/3jHMM7sDwL3aWzW/zp54/LhCWUoLMjDdDEEigK4fal4ZF9aA9F0Ww
+client_ca_root_cert_data = """
+MIIBcDCCARagAwIBAgIUZmoW2xVdwkZSvglnkCq0AHKa6zIwCgYIKoZIzj0EAwIw
+HjEcMBoGA1UEAwwTVnlPUyBjbGllbnQgcm9vdCBDQTAeFw0yMjAyMTcxOTQxMjFa
+Fw0zMjAyMTUxOTQxMjFaMB4xHDAaBgNVBAMME1Z5T1MgY2xpZW50IHJvb3QgQ0Ew
+WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATUpKXzQk2NOVKDN4VULk2yw4mOKPvn
+mg947+VY7lbpfOfAUD0QRg95qZWCw899eKnXp/U4TkAVrmEKhUb6OJTFozIwMDAP
+BgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTXu6xGWUl25X3sBtrhm3BJSICIATAK
+BggqhkjOPQQDAgNIADBFAiEAnTzEwuTI9bz2Oae3LZbjP6f/f50KFJtjLZFDbQz7
+DpYCIDNRHV8zBUibC+zg5PqMpQBKd/oPfNU76nEv6xkp/ijO
+"""
+
+client_ca_intermediate_cert_data = """
+MIIBmDCCAT+gAwIBAgIUJEMdotgqA7wU4XXJvEzDulUAGqgwCgYIKoZIzj0EAwIw
+HjEcMBoGA1UEAwwTVnlPUyBjbGllbnQgcm9vdCBDQTAeFw0yMjAyMTcxOTQxMjJa
+Fw0zMjAyMTUxOTQxMjJaMCYxJDAiBgNVBAMMG1Z5T1MgY2xpZW50IGludGVybWVk
+aWF0ZSBDQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGyIVIi217s9j3O+WQ2b
+6R65/Z0ZjQpELxPjBRc0CA0GFCo+pI5EvwI+jNFArvTAJ5+ZdEWUJ1DQhBKDDQdI
+avCjUzBRMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFOUS8oNJjChB1Rb9Blcl
+ETvziHJ9MB8GA1UdIwQYMBaAFNe7rEZZSXblfewG2uGbcElIgIgBMAoGCCqGSM49
+BAMCA0cAMEQCIArhaxWgRsAUbEeNHD/ULtstLHxw/P97qPUSROLQld53AiBjgiiz
+9pDfISmpekZYz6bIDWRIR0cXUToZEMFNzNMrQg==
+"""
+
+client_cert_data = """
+MIIBmTCCAUCgAwIBAgIUV5T77XdE/tV82Tk4Vzhp5BIFFm0wCgYIKoZIzj0EAwIw
+JjEkMCIGA1UEAwwbVnlPUyBjbGllbnQgaW50ZXJtZWRpYXRlIENBMB4XDTIyMDIx
+NzE5NDEyMloXDTMyMDIxNTE5NDEyMlowIjEgMB4GA1UEAwwXVnlPUyBjbGllbnQg
+Y2VydGlmaWNhdGUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARuyynqfc/qJj5e
+KJ03oOH8X4Z8spDeAPO9WYckMM0ldPj+9kU607szFzPwjaPWzPdgyIWz3hcN8yAh
+CIhytmJao1AwTjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBTIFKrxZ+PqOhYSUqnl
+TGCUmM7wTjAfBgNVHSMEGDAWgBTlEvKDSYwoQdUW/QZXJRE784hyfTAKBggqhkjO
+PQQDAgNHADBEAiAvO8/jvz05xqmP3OXD53XhfxDLMIxzN4KPoCkFqvjlhQIgIHq2
+/geVx3rAOtSps56q/jiDouN/aw01TdpmGKVAa9U=
+"""
+
+client_key_data = """
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgxaxAQsJwjoOCByQE
++qSYKtKtJzbdbOnTsKNSrfgkFH6hRANCAARuyynqfc/qJj5eKJ03oOH8X4Z8spDe
+APO9WYckMM0ldPj+9kU607szFzPwjaPWzPdgyIWz3hcN8yAhCIhytmJa
"""
def get_wpa_supplicant_value(interface, key):
@@ -51,9 +101,14 @@ def get_wpa_supplicant_value(interface, key):
tmp = re.findall(r'\n?{}=(.*)'.format(key), tmp)
return tmp[0]
+def get_certificate_count(interface, cert_type):
+ tmp = read_file(f'/run/wpa_supplicant/{interface}_{cert_type}.pem')
+ return tmp.count(CERT_BEGIN)
+
class EthernetInterfaceTest(BasicInterfaceTest.TestCase):
@classmethod
def setUpClass(cls):
+ cls._test_dhcp = True
cls._test_ip = True
cls._test_ipv6 = True
cls._test_ipv6_pd = True
@@ -79,7 +134,7 @@ class EthernetInterfaceTest(BasicInterfaceTest.TestCase):
cls._macs[interface] = read_file(f'/sys/class/net/{interface}/address')
# call base-classes classmethod
- super(cls, cls).setUpClass()
+ super(EthernetInterfaceTest, cls).setUpClass()
def tearDown(self):
for interface in self._interfaces:
@@ -91,30 +146,19 @@ class EthernetInterfaceTest(BasicInterfaceTest.TestCase):
self.cli_set(self._base_path + [interface, 'speed', 'auto'])
self.cli_set(self._base_path + [interface, 'hw-id', self._macs[interface]])
- # Tear down mirror interfaces for SPAN (Switch Port Analyzer)
- for span in self._mirror_interfaces:
- section = Section.section(span)
- self.cli_delete(['interfaces', section, span])
-
self.cli_commit()
- def test_dhcp_disable_interface(self):
- # When interface is configured as admin down, it must be admin down
- # even when dhcpc starts on the given interface
- for interface in self._interfaces:
- self.cli_set(self._base_path + [interface, 'disable'])
-
- # Also enable DHCP (ISC DHCP always places interface in admin up
- # state so we check that we do not start DHCP client.
- # https://phabricator.vyos.net/T2767
- self.cli_set(self._base_path + [interface, 'address', 'dhcp'])
-
- self.cli_commit()
-
- # Validate interface state
- for interface in self._interfaces:
- flags = read_file(f'/sys/class/net/{interface}/flags')
- self.assertEqual(int(flags, 16) & 1, 0)
+ # Verify that no address remains on the system as this is an eternal
+ # interface.
+ for intf in self._interfaces:
+ self.assertNotIn(AF_INET, ifaddresses(intf))
+ # required for IPv6 link-local address
+ self.assertIn(AF_INET6, ifaddresses(intf))
+ for addr in ifaddresses(intf)[AF_INET6]:
+ # checking link local addresses makes no sense
+ if is_ipv6_link_local(addr['addr']):
+ continue
+ self.assertFalse(is_intf_addr_assigned(intf, addr['addr']))
def test_offloading_rps(self):
# enable RPS on all available CPUs, RPS works woth a CPU bitmask,
@@ -165,16 +209,23 @@ class EthernetInterfaceTest(BasicInterfaceTest.TestCase):
self.cli_commit()
def test_eapol_support(self):
- ca_name = 'eapol'
- cert_name = 'eapol'
+ ca_certs = {
+ 'eapol-server-ca-root': server_ca_root_cert_data,
+ 'eapol-server-ca-intermediate': server_ca_intermediate_cert_data,
+ 'eapol-client-ca-root': client_ca_root_cert_data,
+ 'eapol-client-ca-intermediate': client_ca_intermediate_cert_data,
+ }
+ cert_name = 'eapol-client'
- self.cli_set(['pki', 'ca', ca_name, 'certificate', cert_data.replace('\n','')])
- self.cli_set(['pki', 'certificate', cert_name, 'certificate', cert_data.replace('\n','')])
- self.cli_set(['pki', 'certificate', cert_name, 'private', 'key', key_data.replace('\n','')])
+ for name, data in ca_certs.items():
+ self.cli_set(['pki', 'ca', name, 'certificate', data.replace('\n','')])
+
+ self.cli_set(['pki', 'certificate', cert_name, 'certificate', client_cert_data.replace('\n','')])
+ self.cli_set(['pki', 'certificate', cert_name, 'private', 'key', client_key_data.replace('\n','')])
for interface in self._interfaces:
# Enable EAPoL
- self.cli_set(self._base_path + [interface, 'eapol', 'ca-certificate', ca_name])
+ self.cli_set(self._base_path + [interface, 'eapol', 'ca-certificate', 'eapol-server-ca-intermediate'])
self.cli_set(self._base_path + [interface, 'eapol', 'certificate', cert_name])
self.cli_commit()
@@ -206,7 +257,12 @@ class EthernetInterfaceTest(BasicInterfaceTest.TestCase):
tmp = get_wpa_supplicant_value(interface, 'identity')
self.assertEqual(f'"{mac}"', tmp)
- self.cli_delete(['pki', 'ca', ca_name])
+ # Check certificate files have the full chain
+ self.assertEqual(get_certificate_count(interface, 'ca'), 2)
+ self.assertEqual(get_certificate_count(interface, 'cert'), 3)
+
+ for name in ca_certs:
+ self.cli_delete(['pki', 'ca', name])
self.cli_delete(['pki', 'certificate', cert_name])
if __name__ == '__main__':
diff --git a/smoketest/scripts/cli/test_interfaces_geneve.py b/smoketest/scripts/cli/test_interfaces_geneve.py
index 6233ade6e..0e5098aa7 100755
--- a/smoketest/scripts/cli/test_interfaces_geneve.py
+++ b/smoketest/scripts/cli/test_interfaces_geneve.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python3
#
-# Copyright (C) 2020-2021 VyOS maintainers and contributors
+# Copyright (C) 2020-2022 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
@@ -34,7 +34,7 @@ class GeneveInterfaceTest(BasicInterfaceTest.TestCase):
}
cls._interfaces = list(cls._options)
# call base-classes classmethod
- super(cls, cls).setUpClass()
+ super(GeneveInterfaceTest, cls).setUpClass()
def test_geneve_parameters(self):
tos = '40'
@@ -43,7 +43,7 @@ class GeneveInterfaceTest(BasicInterfaceTest.TestCase):
for option in self._options.get(intf, []):
self.cli_set(self._base_path + [intf] + option.split())
- self.cli_set(self._base_path + [intf, 'parameters', 'ip', 'dont-fragment'])
+ self.cli_set(self._base_path + [intf, 'parameters', 'ip', 'df', 'set'])
self.cli_set(self._base_path + [intf, 'parameters', 'ip', 'tos', tos])
self.cli_set(self._base_path + [intf, 'parameters', 'ip', 'ttl', str(ttl)])
ttl += 10
diff --git a/smoketest/scripts/cli/test_interfaces_l2tpv3.py b/smoketest/scripts/cli/test_interfaces_l2tpv3.py
index 06ced5c40..aed8e6f15 100755
--- a/smoketest/scripts/cli/test_interfaces_l2tpv3.py
+++ b/smoketest/scripts/cli/test_interfaces_l2tpv3.py
@@ -39,7 +39,7 @@ class L2TPv3InterfaceTest(BasicInterfaceTest.TestCase):
}
cls._interfaces = list(cls._options)
# call base-classes classmethod
- super(cls, cls).setUpClass()
+ super(L2TPv3InterfaceTest, cls).setUpClass()
def test_add_single_ip_address(self):
super().test_add_single_ip_address()
diff --git a/smoketest/scripts/cli/test_interfaces_loopback.py b/smoketest/scripts/cli/test_interfaces_loopback.py
index 85b5ca6d6..5ff9c250e 100755
--- a/smoketest/scripts/cli/test_interfaces_loopback.py
+++ b/smoketest/scripts/cli/test_interfaces_loopback.py
@@ -29,7 +29,7 @@ class LoopbackInterfaceTest(BasicInterfaceTest.TestCase):
cls._base_path = ['interfaces', 'loopback']
cls._interfaces = ['lo']
# call base-classes classmethod
- super(cls, cls).setUpClass()
+ super(LoopbackInterfaceTest, cls).setUpClass()
def tearDown(self):
self.cli_delete(self._base_path)
diff --git a/smoketest/scripts/cli/test_interfaces_macsec.py b/smoketest/scripts/cli/test_interfaces_macsec.py
index e4280a5b7..e5e5a558e 100755
--- a/smoketest/scripts/cli/test_interfaces_macsec.py
+++ b/smoketest/scripts/cli/test_interfaces_macsec.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python3
#
-# Copyright (C) 2020-2021 VyOS maintainers and contributors
+# Copyright (C) 2020-2022 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
@@ -40,6 +40,7 @@ def get_cipher(interface):
class MACsecInterfaceTest(BasicInterfaceTest.TestCase):
@classmethod
def setUpClass(cls):
+ cls._test_dhcp = True
cls._test_ip = True
cls._test_ipv6 = True
cls._base_path = ['interfaces', 'macsec']
@@ -52,7 +53,7 @@ class MACsecInterfaceTest(BasicInterfaceTest.TestCase):
cls._interfaces = list(cls._options)
# call base-classes classmethod
- super(cls, cls).setUpClass()
+ super(MACsecInterfaceTest, cls).setUpClass()
def test_macsec_encryption(self):
# MACsec can be operating in authentication and encryption mode - both
diff --git a/smoketest/scripts/cli/test_interfaces_netns.py b/smoketest/scripts/cli/test_interfaces_netns.py
new file mode 100755
index 000000000..9975a6b09
--- /dev/null
+++ b/smoketest/scripts/cli/test_interfaces_netns.py
@@ -0,0 +1,83 @@
+#!/usr/bin/env python3
+#
+# Copyright (C) 2021 VyOS maintainers and contributors
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 or later as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+import re
+import os
+import json
+import unittest
+
+from netifaces import interfaces
+from base_vyostest_shim import VyOSUnitTestSHIM
+
+from vyos.configsession import ConfigSession
+from vyos.configsession import ConfigSessionError
+from vyos.ifconfig import Interface
+from vyos.ifconfig import Section
+from vyos.util import cmd
+
+base_path = ['netns']
+namespaces = ['mgmt', 'front', 'back', 'ams-ix']
+
+class NETNSTest(VyOSUnitTestSHIM.TestCase):
+
+ def setUp(self):
+ self._interfaces = ['dum10', 'dum12', 'dum50']
+
+ def test_create_netns(self):
+ for netns in namespaces:
+ base = base_path + ['name', netns]
+ self.cli_set(base)
+
+ # commit changes
+ self.cli_commit()
+
+ netns_list = cmd('ip netns ls')
+
+ # Verify NETNS configuration
+ for netns in namespaces:
+ self.assertTrue(netns in netns_list)
+
+
+ def test_netns_assign_interface(self):
+ netns = 'foo'
+ self.cli_set(['netns', 'name', netns])
+
+ # Set
+ for iface in self._interfaces:
+ self.cli_set(['interfaces', 'dummy', iface, 'netns', netns])
+
+ # commit changes
+ self.cli_commit()
+
+ netns_iface_list = cmd(f'sudo ip netns exec {netns} ip link show')
+
+ for iface in self._interfaces:
+ self.assertTrue(iface in netns_iface_list)
+
+ # Delete
+ for iface in self._interfaces:
+ self.cli_delete(['interfaces', 'dummy', iface, 'netns', netns])
+
+ # commit changes
+ self.cli_commit()
+
+ netns_iface_list = cmd(f'sudo ip netns exec {netns} ip link show')
+
+ for iface in self._interfaces:
+ self.assertNotIn(iface, netns_iface_list)
+
+if __name__ == '__main__':
+ unittest.main(verbosity=2)
diff --git a/smoketest/scripts/cli/test_interfaces_openvpn.py b/smoketest/scripts/cli/test_interfaces_openvpn.py
index f8a6ae986..b2143d16e 100755
--- a/smoketest/scripts/cli/test_interfaces_openvpn.py
+++ b/smoketest/scripts/cli/test_interfaces_openvpn.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python3
#
-# Copyright (C) 2020 VyOS maintainers and contributors
+# Copyright (C) 2020-2022 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
@@ -37,10 +37,46 @@ PROCESS_NAME = 'openvpn'
base_path = ['interfaces', 'openvpn']
-cert_data = 'MIICFDCCAbugAwIBAgIUfMbIsB/ozMXijYgUYG80T1ry+mcwCgYIKoZIzj0EAwIwWTELMAkGA1UEBhMCR0IxEzARBgNVBAgMClNvbWUtU3RhdGUxEjAQBgNVBAcMCVNvbWUtQ2l0eTENMAsGA1UECgwEVnlPUzESMBAGA1UEAwwJVnlPUyBUZXN0MB4XDTIxMDcyMDEyNDUxMloXDTI2MDcxOTEyNDUxMlowWTELMAkGA1UEBhMCR0IxEzARBgNVBAgMClNvbWUtU3RhdGUxEjAQBgNVBAcMCVNvbWUtQ2l0eTENMAsGA1UECgwEVnlPUzESMBAGA1UEAwwJVnlPUyBUZXN0MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE01HrLcNttqq4/PtoMua8rMWEkOdBu7vP94xzDO7A8C92ls1v86eePy4QllKCzIw3QxBIoCuH2peGRfWgPRdFsKNhMF8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMB0GA1UdDgQWBBSu+JnU5ZC4mkuEpqg2+Mk4K79oeDAKBggqhkjOPQQDAgNHADBEAiBEFdzQ/Bc3LftzngrY605UhA6UprHhAogKgROv7iR4QgIgEFUxTtW3xXJcnUPWhhUFhyZoqfn8dE93+dm/LDnp7C0='
-key_data = 'MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgPLpD0Ohhoq0g4nhx2KMIuze7ucKUt/lBEB2wc03IxXyhRANCAATTUestw222qrj8+2gy5rysxYSQ50G7u8/3jHMM7sDwL3aWzW/zp54/LhCWUoLMjDdDEEigK4fal4ZF9aA9F0Ww'
-dh_data = 'MIIBCAKCAQEApzGAPcQlLJiOyfGZgl1qxNgufXkdpjG7lMaOrO4TGr1giFe3jIFOFxJNC/G9Dn+KSukaWssVVR+Jwr/JesZFPawihS03wC7cZsccykNRIjiteqJDwYJZUHieOxyCuCeY4pqOUCl1uswRGjLvIFtwynpnXKKuz2YtjNifma90PEgv/vVWKix+Q0TAbdbzJzO5xp8UVn9DuYfSr10k3LbDqDM7w5ezHZxFk24S5pN/yoOpdbxB8TS67q3IYXxR3F+RseKu4J3AvkxXSP1j7COXddPpLnvbJT/SW8NrjuC/n0eKGvmeyqNv108Y89jnT79MxMMRQk66iwlsd1m4pa/OYwIBAg=='
-ovpn_key_data = '443f2a710ac411c36894b2531e62c4550b079b8f3f08997f4be57c64abfdaaa431d2396b01ecec3a2c0618959e8186d99f489742d25673ffb3268841ebb2e7042a2daabe584e79d51d2b1d7409bf8840f7e42efa3e660a521719b04ee88b9043e6315ae12da7c9abd55f67eeed71a9ee8c6e163b5d2661fc332cf90cb45658b4adf892f79537d37d3a3d90da283ce885adf325ffd2b5be92067cdf0345c7712c9d36b642c170351b6d9ce9f6230c7a2617b0c181121bce7d5373404fb68e65210b36e6d40ef2769cf8990503859f6f2db3c85ba74420430a6250d6a74ca51ece4b85124bfdfec0c8a530cefa7350378d81a4539f74bed832a902ae4798142e4a'
+cert_data = """
+MIICFDCCAbugAwIBAgIUfMbIsB/ozMXijYgUYG80T1ry+mcwCgYIKoZIzj0EAwIw
+WTELMAkGA1UEBhMCR0IxEzARBgNVBAgMClNvbWUtU3RhdGUxEjAQBgNVBAcMCVNv
+bWUtQ2l0eTENMAsGA1UECgwEVnlPUzESMBAGA1UEAwwJVnlPUyBUZXN0MB4XDTIx
+MDcyMDEyNDUxMloXDTI2MDcxOTEyNDUxMlowWTELMAkGA1UEBhMCR0IxEzARBgNV
+BAgMClNvbWUtU3RhdGUxEjAQBgNVBAcMCVNvbWUtQ2l0eTENMAsGA1UECgwEVnlP
+UzESMBAGA1UEAwwJVnlPUyBUZXN0MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE
+01HrLcNttqq4/PtoMua8rMWEkOdBu7vP94xzDO7A8C92ls1v86eePy4QllKCzIw3
+QxBIoCuH2peGRfWgPRdFsKNhMF8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8E
+BAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMB0GA1UdDgQWBBSu
++JnU5ZC4mkuEpqg2+Mk4K79oeDAKBggqhkjOPQQDAgNHADBEAiBEFdzQ/Bc3Lftz
+ngrY605UhA6UprHhAogKgROv7iR4QgIgEFUxTtW3xXJcnUPWhhUFhyZoqfn8dE93
++dm/LDnp7C0=
+"""
+
+key_data = """
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgPLpD0Ohhoq0g4nhx
+2KMIuze7ucKUt/lBEB2wc03IxXyhRANCAATTUestw222qrj8+2gy5rysxYSQ50G7
+u8/3jHMM7sDwL3aWzW/zp54/LhCWUoLMjDdDEEigK4fal4ZF9aA9F0Ww
+"""
+
+dh_data = """
+MIIBCAKCAQEApzGAPcQlLJiOyfGZgl1qxNgufXkdpjG7lMaOrO4TGr1giFe3jIFO
+FxJNC/G9Dn+KSukaWssVVR+Jwr/JesZFPawihS03wC7cZsccykNRIjiteqJDwYJZ
+UHieOxyCuCeY4pqOUCl1uswRGjLvIFtwynpnXKKuz2YtjNifma90PEgv/vVWKix+
+Q0TAbdbzJzO5xp8UVn9DuYfSr10k3LbDqDM7w5ezHZxFk24S5pN/yoOpdbxB8TS6
+7q3IYXxR3F+RseKu4J3AvkxXSP1j7COXddPpLnvbJT/SW8NrjuC/n0eKGvmeyqNv
+108Y89jnT79MxMMRQk66iwlsd1m4pa/OYwIBAg==
+"""
+
+ovpn_key_data = """
+443f2a710ac411c36894b2531e62c4550b079b8f3f08997f4be57c64abfdaaa4
+31d2396b01ecec3a2c0618959e8186d99f489742d25673ffb3268841ebb2e704
+2a2daabe584e79d51d2b1d7409bf8840f7e42efa3e660a521719b04ee88b9043
+e6315ae12da7c9abd55f67eeed71a9ee8c6e163b5d2661fc332cf90cb45658b4
+adf892f79537d37d3a3d90da283ce885adf325ffd2b5be92067cdf0345c7712c
+9d36b642c170351b6d9ce9f6230c7a2617b0c181121bce7d5373404fb68e6521
+0b36e6d40ef2769cf8990503859f6f2db3c85ba74420430a6250d6a74ca51ece
+4b85124bfdfec0c8a530cefa7350378d81a4539f74bed832a902ae4798142e4a
+"""
remote_port = '1194'
protocol = 'udp'
@@ -59,20 +95,28 @@ def get_vrf(interface):
return tmp
class TestInterfacesOpenVPN(VyOSUnitTestSHIM.TestCase):
- def setUp(self):
- self.cli_set(['interfaces', 'dummy', dummy_if, 'address', '192.0.2.1/32'])
- self.cli_set(['vrf', 'name', vrf_name, 'table', '12345'])
+ @classmethod
+ def setUpClass(cls):
+ super(TestInterfacesOpenVPN, cls).setUpClass()
- self.cli_set(['pki', 'ca', 'ovpn_test', 'certificate', cert_data])
- self.cli_set(['pki', 'certificate', 'ovpn_test', 'certificate', cert_data])
- self.cli_set(['pki', 'certificate', 'ovpn_test', 'private', 'key', key_data])
- self.cli_set(['pki', 'dh', 'ovpn_test', 'parameters', dh_data])
- self.cli_set(['pki', 'openvpn', 'shared-secret', 'ovpn_test', 'key', ovpn_key_data])
+ cls.cli_set(cls, ['interfaces', 'dummy', dummy_if, 'address', '192.0.2.1/32'])
+ cls.cli_set(cls, ['vrf', 'name', vrf_name, 'table', '12345'])
+
+ cls.cli_set(cls, ['pki', 'ca', 'ovpn_test', 'certificate', cert_data.replace('\n','')])
+ cls.cli_set(cls, ['pki', 'certificate', 'ovpn_test', 'certificate', cert_data.replace('\n','')])
+ cls.cli_set(cls, ['pki', 'certificate', 'ovpn_test', 'private', 'key', key_data.replace('\n','')])
+ cls.cli_set(cls, ['pki', 'dh', 'ovpn_test', 'parameters', dh_data.replace('\n','')])
+ cls.cli_set(cls, ['pki', 'openvpn', 'shared-secret', 'ovpn_test', 'key', ovpn_key_data.replace('\n','')])
+
+ @classmethod
+ def tearDownClass(cls):
+ cls.cli_delete(cls, ['interfaces', 'dummy', dummy_if])
+ cls.cli_delete(cls, ['vrf'])
+
+ super(TestInterfacesOpenVPN, cls).tearDownClass()
def tearDown(self):
self.cli_delete(base_path)
- self.cli_delete(['interfaces', 'dummy', dummy_if])
- self.cli_delete(['vrf'])
self.cli_commit()
def test_openvpn_client_verify(self):
@@ -532,6 +576,46 @@ class TestInterfacesOpenVPN(VyOSUnitTestSHIM.TestCase):
self.cli_commit()
+ def test_openvpn_options(self):
+ # Ensure OpenVPN process restart on openvpn-option CLI node change
+
+ interface = 'vtun5001'
+ path = base_path + [interface]
+
+ self.cli_set(path + ['mode', 'site-to-site'])
+ self.cli_set(path + ['local-address', '10.0.0.2'])
+ self.cli_set(path + ['remote-address', '192.168.0.3'])
+ self.cli_set(path + ['shared-secret-key', 'ovpn_test'])
+
+ self.cli_commit()
+
+ # Now verify the OpenVPN "raw" option passing. Once an openvpn-option is
+ # added, modified or deleted from the CLI, OpenVPN daemon must be restarted
+ cur_pid = process_named_running('openvpn')
+ self.cli_set(path + ['openvpn-option', '--persist-tun'])
+ self.cli_commit()
+
+ # PID must be different as OpenVPN Must be restarted
+ new_pid = process_named_running('openvpn')
+ self.assertNotEqual(cur_pid, new_pid)
+ cur_pid = new_pid
+
+ self.cli_set(path + ['openvpn-option', '--persist-key'])
+ self.cli_commit()
+
+ # PID must be different as OpenVPN Must be restarted
+ new_pid = process_named_running('openvpn')
+ self.assertNotEqual(cur_pid, new_pid)
+ cur_pid = new_pid
+
+ self.cli_delete(path + ['openvpn-option'])
+ self.cli_commit()
+
+ # PID must be different as OpenVPN Must be restarted
+ new_pid = process_named_running('openvpn')
+ self.assertNotEqual(cur_pid, new_pid)
+ cur_pid = new_pid
+
def test_openvpn_site2site_interfaces_tun(self):
# Create two OpenVPN site-to-site interfaces
diff --git a/smoketest/scripts/cli/test_interfaces_pppoe.py b/smoketest/scripts/cli/test_interfaces_pppoe.py
index 4f1e1ee99..8927121a8 100755
--- a/smoketest/scripts/cli/test_interfaces_pppoe.py
+++ b/smoketest/scripts/cli/test_interfaces_pppoe.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python3
#
-# Copyright (C) 2019-2021 VyOS maintainers and contributors
+# Copyright (C) 2019-2022 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
@@ -34,9 +34,12 @@ def get_config_value(interface, key):
# add a classmethod to setup a temporaray PPPoE server for "proper" validation
class PPPoEInterfaceTest(VyOSUnitTestSHIM.TestCase):
- def setUp(self):
- self._interfaces = ['pppoe10', 'pppoe20', 'pppoe30']
- self._source_interface = 'eth0'
+ @classmethod
+ def setUpClass(cls):
+ super(PPPoEInterfaceTest, cls).setUpClass()
+
+ cls._interfaces = ['pppoe10', 'pppoe20', 'pppoe30']
+ cls._source_interface = 'eth0'
def tearDown(self):
# Validate PPPoE client process
@@ -60,7 +63,6 @@ class PPPoEInterfaceTest(VyOSUnitTestSHIM.TestCase):
self.cli_set(base_path + [interface, 'authentication', 'user', user])
self.cli_set(base_path + [interface, 'authentication', 'password', passwd])
- self.cli_set(base_path + [interface, 'default-route', 'auto'])
self.cli_set(base_path + [interface, 'mtu', mtu])
self.cli_set(base_path + [interface, 'no-peer-dns'])
@@ -136,7 +138,7 @@ class PPPoEInterfaceTest(VyOSUnitTestSHIM.TestCase):
for interface in self._interfaces:
self.cli_set(base_path + [interface, 'authentication', 'user', 'vyos'])
self.cli_set(base_path + [interface, 'authentication', 'password', 'vyos'])
- self.cli_set(base_path + [interface, 'default-route', 'none'])
+ self.cli_set(base_path + [interface, 'no-default-route'])
self.cli_set(base_path + [interface, 'no-peer-dns'])
self.cli_set(base_path + [interface, 'source-interface', self._source_interface])
self.cli_set(base_path + [interface, 'ipv6', 'address', 'autoconf'])
diff --git a/smoketest/scripts/cli/test_interfaces_pseudo_ethernet.py b/smoketest/scripts/cli/test_interfaces_pseudo_ethernet.py
index ae899cddd..a51b8d52c 100755
--- a/smoketest/scripts/cli/test_interfaces_pseudo_ethernet.py
+++ b/smoketest/scripts/cli/test_interfaces_pseudo_ethernet.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python3
#
-# Copyright (C) 2020-2021 VyOS maintainers and contributors
+# Copyright (C) 2020-2022 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
@@ -23,6 +23,7 @@ from base_interfaces_test import BasicInterfaceTest
class PEthInterfaceTest(BasicInterfaceTest.TestCase):
@classmethod
def setUpClass(cls):
+ cls._test_dhcp = True
cls._test_ip = True
cls._test_ipv6 = True
cls._test_ipv6_pd = True
@@ -47,7 +48,7 @@ class PEthInterfaceTest(BasicInterfaceTest.TestCase):
cls._interfaces = list(cls._options)
# call base-classes classmethod
- super(cls, cls).setUpClass()
+ super(PEthInterfaceTest, cls).setUpClass()
if __name__ == '__main__':
unittest.main(verbosity=2)
diff --git a/smoketest/scripts/cli/test_interfaces_tunnel.py b/smoketest/scripts/cli/test_interfaces_tunnel.py
index fc2e254d6..44bfbb5f0 100755
--- a/smoketest/scripts/cli/test_interfaces_tunnel.py
+++ b/smoketest/scripts/cli/test_interfaces_tunnel.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python3
#
-# Copyright (C) 2020-2021 VyOS maintainers and contributors
+# Copyright (C) 2020-2022 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
@@ -42,16 +42,16 @@ class TunnelInterfaceTest(BasicInterfaceTest.TestCase):
}
cls._interfaces = list(cls._options)
# call base-classes classmethod
- super(cls, cls).setUpClass()
+ super(TunnelInterfaceTest, cls).setUpClass()
- def setUp(self):
- super().setUp()
- self.cli_set(['interfaces', 'dummy', source_if, 'address', self.local_v4 + '/32'])
- self.cli_set(['interfaces', 'dummy', source_if, 'address', self.local_v6 + '/128'])
+ # create some test interfaces
+ cls.cli_set(cls, ['interfaces', 'dummy', source_if, 'address', cls.local_v4 + '/32'])
+ cls.cli_set(cls, ['interfaces', 'dummy', source_if, 'address', cls.local_v6 + '/128'])
- def tearDown(self):
- self.cli_delete(['interfaces', 'dummy', source_if])
- super().tearDown()
+ @classmethod
+ def tearDownClass(cls):
+ cls.cli_delete(cls, ['interfaces', 'dummy', source_if])
+ super().tearDownClass()
def test_ipv4_encapsulations(self):
# When running tests ensure that for certain encapsulation types the
@@ -202,7 +202,7 @@ class TunnelInterfaceTest(BasicInterfaceTest.TestCase):
self.assertEqual(encapsulation, conf['linkinfo']['info_kind'])
self.assertEqual(self.local_v4, conf['linkinfo']['info_data']['local'])
self.assertEqual(remote_ip4, conf['linkinfo']['info_data']['remote'])
- self.assertEqual(64, conf['linkinfo']['info_data']['ttl'])
+ self.assertEqual(64, conf['linkinfo']['info_data']['ttl'])
# Change remote ip address (inc host by 2
new_remote = inc_ip(remote_ip4, 2)
@@ -239,7 +239,7 @@ class TunnelInterfaceTest(BasicInterfaceTest.TestCase):
self.assertEqual(encapsulation, conf['linkinfo']['info_kind'])
self.assertEqual(self.local_v4, conf['linkinfo']['info_data']['local'])
self.assertEqual(remote_ip4, conf['linkinfo']['info_data']['remote'])
- self.assertEqual(64, conf['linkinfo']['info_data']['ttl'])
+ self.assertEqual(64, conf['linkinfo']['info_data']['ttl'])
self.assertEqual(f'0.0.0.{ip_key}', conf['linkinfo']['info_data']['ikey'])
self.assertEqual(f'0.0.0.{ip_key}', conf['linkinfo']['info_data']['okey'])
self.assertEqual(int(idx), conf['linkinfo']['info_data']['erspan_index'])
@@ -295,7 +295,7 @@ class TunnelInterfaceTest(BasicInterfaceTest.TestCase):
self.assertEqual(encapsulation, conf['linkinfo']['info_kind'])
self.assertEqual(self.local_v6, conf['linkinfo']['info_data']['local'])
self.assertEqual(remote_ip6, conf['linkinfo']['info_data']['remote'])
- self.assertEqual(64, conf['linkinfo']['info_data']['ttl'])
+ self.assertEqual(64, conf['linkinfo']['info_data']['ttl'])
self.assertEqual(f'0.0.0.{ip_key}', conf['linkinfo']['info_data']['ikey'])
self.assertEqual(f'0.0.0.{ip_key}', conf['linkinfo']['info_data']['okey'])
self.assertEqual(erspan_ver, conf['linkinfo']['info_data']['erspan_ver'])
@@ -312,5 +312,89 @@ class TunnelInterfaceTest(BasicInterfaceTest.TestCase):
conf = get_interface_config(interface)
self.assertEqual(new_remote, conf['linkinfo']['info_data']['remote'])
+ def test_tunnel_src_any_gre_key(self):
+ interface = f'tun1280'
+ encapsulation = 'gre'
+ src_addr = '0.0.0.0'
+ key = '127'
+
+ self.cli_set(self._base_path + [interface, 'encapsulation', encapsulation])
+ self.cli_set(self._base_path + [interface, 'source-address', src_addr])
+ # GRE key must be supplied with a 0.0.0.0 source address
+ with self.assertRaises(ConfigSessionError):
+ self.cli_commit()
+ self.cli_set(self._base_path + [interface, 'parameters', 'ip', 'key', key])
+
+ self.cli_commit()
+
+ def test_multiple_gre_tunnel_same_remote(self):
+ tunnels = {
+ 'tun10' : {
+ 'encapsulation' : 'gre',
+ 'source_interface' : source_if,
+ 'remote' : '1.2.3.4',
+ },
+ 'tun20' : {
+ 'encapsulation' : 'gre',
+ 'source_interface' : source_if,
+ 'remote' : '1.2.3.4',
+ },
+ }
+
+ for tunnel, tunnel_config in tunnels.items():
+ self.cli_set(self._base_path + [tunnel, 'encapsulation', tunnel_config['encapsulation']])
+ if 'source_interface' in tunnel_config:
+ self.cli_set(self._base_path + [tunnel, 'source-interface', tunnel_config['source_interface']])
+ if 'remote' in tunnel_config:
+ self.cli_set(self._base_path + [tunnel, 'remote', tunnel_config['remote']])
+
+ # GRE key must be supplied when two or more tunnels are formed to the same desitnation
+ with self.assertRaises(ConfigSessionError):
+ self.cli_commit()
+ for tunnel, tunnel_config in tunnels.items():
+ self.cli_set(self._base_path + [tunnel, 'parameters', 'ip', 'key', tunnel.lstrip('tun')])
+
+ self.cli_commit()
+
+ for tunnel, tunnel_config in tunnels.items():
+ conf = get_interface_config(tunnel)
+ ip_key = tunnel.lstrip('tun')
+
+ self.assertEqual(tunnel_config['source_interface'], conf['link'])
+ self.assertEqual(tunnel_config['encapsulation'], conf['linkinfo']['info_kind'])
+ self.assertEqual(tunnel_config['remote'], conf['linkinfo']['info_data']['remote'])
+ self.assertEqual(f'0.0.0.{ip_key}', conf['linkinfo']['info_data']['ikey'])
+ self.assertEqual(f'0.0.0.{ip_key}', conf['linkinfo']['info_data']['okey'])
+
+ def test_multiple_gre_tunnel_different_remote(self):
+ tunnels = {
+ 'tun10' : {
+ 'encapsulation' : 'gre',
+ 'source_interface' : source_if,
+ 'remote' : '1.2.3.4',
+ },
+ 'tun20' : {
+ 'encapsulation' : 'gre',
+ 'source_interface' : source_if,
+ 'remote' : '1.2.3.5',
+ },
+ }
+
+ for tunnel, tunnel_config in tunnels.items():
+ self.cli_set(self._base_path + [tunnel, 'encapsulation', tunnel_config['encapsulation']])
+ if 'source_interface' in tunnel_config:
+ self.cli_set(self._base_path + [tunnel, 'source-interface', tunnel_config['source_interface']])
+ if 'remote' in tunnel_config:
+ self.cli_set(self._base_path + [tunnel, 'remote', tunnel_config['remote']])
+
+ self.cli_commit()
+
+ for tunnel, tunnel_config in tunnels.items():
+ conf = get_interface_config(tunnel)
+
+ self.assertEqual(tunnel_config['source_interface'], conf['link'])
+ self.assertEqual(tunnel_config['encapsulation'], conf['linkinfo']['info_kind'])
+ self.assertEqual(tunnel_config['remote'], conf['linkinfo']['info_data']['remote'])
+
if __name__ == '__main__':
unittest.main(verbosity=2)
diff --git a/smoketest/scripts/cli/test_interfaces_vxlan.py b/smoketest/scripts/cli/test_interfaces_vxlan.py
index f63c850d8..058f13721 100755
--- a/smoketest/scripts/cli/test_interfaces_vxlan.py
+++ b/smoketest/scripts/cli/test_interfaces_vxlan.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python3
#
-# Copyright (C) 2020-2021 VyOS maintainers and contributors
+# Copyright (C) 2020-2022 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
@@ -16,9 +16,11 @@
import unittest
+from vyos.configsession import ConfigSessionError
from vyos.ifconfig import Interface
+from vyos.util import get_bridge_fdb
from vyos.util import get_interface_config
-
+from vyos.template import is_ipv6
from base_interfaces_test import BasicInterfaceTest
class VXLANInterfaceTest(BasicInterfaceTest.TestCase):
@@ -32,10 +34,12 @@ class VXLANInterfaceTest(BasicInterfaceTest.TestCase):
'vxlan10': ['vni 10', 'remote 127.0.0.2'],
'vxlan20': ['vni 20', 'group 239.1.1.1', 'source-interface eth0'],
'vxlan30': ['vni 30', 'remote 2001:db8:2000::1', 'source-address 2001:db8:1000::1', 'parameters ipv6 flowlabel 0x1000'],
+ 'vxlan40': ['vni 40', 'remote 127.0.0.2', 'remote 127.0.0.3'],
+ 'vxlan50': ['vni 50', 'remote 2001:db8:2000::1', 'remote 2001:db8:2000::2', 'parameters ipv6 flowlabel 0x1000'],
}
cls._interfaces = list(cls._options)
# call base-classes classmethod
- super(cls, cls).setUpClass()
+ super(VXLANInterfaceTest, cls).setUpClass()
def test_vxlan_parameters(self):
tos = '40'
@@ -44,7 +48,7 @@ class VXLANInterfaceTest(BasicInterfaceTest.TestCase):
for option in self._options.get(intf, []):
self.cli_set(self._base_path + [intf] + option.split())
- self.cli_set(self._base_path + [intf, 'parameters', 'ip', 'dont-fragment'])
+ self.cli_set(self._base_path + [intf, 'parameters', 'ip', 'df', 'set'])
self.cli_set(self._base_path + [intf, 'parameters', 'ip', 'tos', tos])
self.cli_set(self._base_path + [intf, 'parameters', 'ip', 'ttl', str(ttl)])
ttl += 10
@@ -54,21 +58,34 @@ class VXLANInterfaceTest(BasicInterfaceTest.TestCase):
ttl = 20
for interface in self._interfaces:
options = get_interface_config(interface)
+ bridge = get_bridge_fdb(interface)
vni = options['linkinfo']['info_data']['id']
self.assertIn(f'vni {vni}', self._options[interface])
- if any('link' in s for s in self._options[interface]):
+ if any('source-interface' in s for s in self._options[interface]):
link = options['linkinfo']['info_data']['link']
self.assertIn(f'source-interface {link}', self._options[interface])
- if any('local6' in s for s in self._options[interface]):
- remote = options['linkinfo']['info_data']['local6']
- self.assertIn(f'source-address {local6}', self._options[interface])
-
- if any('remote6' in s for s in self._options[interface]):
- remote = options['linkinfo']['info_data']['remote6']
- self.assertIn(f'remote {remote}', self._options[interface])
+ # Verify source-address setting was properly configured on the Kernel
+ if any('source-address' in s for s in self._options[interface]):
+ for s in self._options[interface]:
+ if 'source-address' in s:
+ address = s.split()[-1]
+ if is_ipv6(address):
+ tmp = options['linkinfo']['info_data']['local6']
+ else:
+ tmp = options['linkinfo']['info_data']['local']
+ self.assertIn(f'source-address {tmp}', self._options[interface])
+
+ # Verify remote setting was properly configured on the Kernel
+ if any('remote' in s for s in self._options[interface]):
+ for s in self._options[interface]:
+ if 'remote' in s:
+ for fdb in bridge:
+ if 'mac' in fdb and fdb['mac'] == '00:00:00:00:00:00':
+ remote = fdb['dst']
+ self.assertIn(f'remote {remote}', self._options[interface])
if any('group' in s for s in self._options[interface]):
group = options['linkinfo']['info_data']['group']
@@ -78,6 +95,9 @@ class VXLANInterfaceTest(BasicInterfaceTest.TestCase):
label = options['linkinfo']['info_data']['label']
self.assertIn(f'parameters ipv6 flowlabel {label}', self._options[interface])
+ if any('external' in s for s in self._options[interface]):
+ self.assertTrue(options['linkinfo']['info_data']['external'])
+
self.assertEqual('vxlan', options['linkinfo']['info_kind'])
self.assertEqual('set', options['linkinfo']['info_data']['df'])
self.assertEqual(f'0x{tos}', options['linkinfo']['info_data']['tos'])
@@ -85,5 +105,36 @@ class VXLANInterfaceTest(BasicInterfaceTest.TestCase):
self.assertEqual(Interface(interface).get_admin_state(), 'up')
ttl += 10
+ def test_vxlan_external(self):
+ interface = 'vxlan0'
+ source_address = '192.0.2.1'
+ self.cli_set(self._base_path + [interface, 'external'])
+ self.cli_set(self._base_path + [interface, 'source-address', source_address])
+
+ # Both 'VNI' and 'external' can not be specified at the same time.
+ self.cli_set(self._base_path + [interface, 'vni', '111'])
+ with self.assertRaises(ConfigSessionError):
+ self.cli_commit()
+ self.cli_delete(self._base_path + [interface, 'vni'])
+
+ # Now add some more interfaces - this must fail and a CLI error needs
+ # to be generated as Linux can only handle one VXLAN tunnel when using
+ # external mode.
+ for intf in self._interfaces:
+ for option in self._options.get(intf, []):
+ self.cli_set(self._base_path + [intf] + option.split())
+ with self.assertRaises(ConfigSessionError):
+ self.cli_commit()
+
+ # Remove those test interfaces again
+ for intf in self._interfaces:
+ self.cli_delete(self._base_path + [intf])
+
+ self.cli_commit()
+
+ options = get_interface_config(interface)
+ self.assertTrue(options['linkinfo']['info_data']['external'])
+ self.assertEqual('vxlan', options['linkinfo']['info_kind'])
+
if __name__ == '__main__':
unittest.main(verbosity=2)
diff --git a/smoketest/scripts/cli/test_interfaces_wireguard.py b/smoketest/scripts/cli/test_interfaces_wireguard.py
index aaf27a2c4..f3e9670f7 100755
--- a/smoketest/scripts/cli/test_interfaces_wireguard.py
+++ b/smoketest/scripts/cli/test_interfaces_wireguard.py
@@ -23,10 +23,13 @@ from vyos.configsession import ConfigSessionError
base_path = ['interfaces', 'wireguard']
class WireGuardInterfaceTest(VyOSUnitTestSHIM.TestCase):
- def setUp(self):
- self._test_addr = ['192.0.2.1/26', '192.0.2.255/31', '192.0.2.64/32',
+ @classmethod
+ def setUpClass(cls):
+ super(WireGuardInterfaceTest, cls).setUpClass()
+
+ cls._test_addr = ['192.0.2.1/26', '192.0.2.255/31', '192.0.2.64/32',
'2001:db8:1::ffff/64', '2001:db8:101::1/112']
- self._interfaces = ['wg0', 'wg1']
+ cls._interfaces = ['wg0', 'wg1']
def tearDown(self):
self.cli_delete(base_path)
diff --git a/smoketest/scripts/cli/test_interfaces_wireless.py b/smoketest/scripts/cli/test_interfaces_wireless.py
index 4f539a23c..a24f37d8d 100755
--- a/smoketest/scripts/cli/test_interfaces_wireless.py
+++ b/smoketest/scripts/cli/test_interfaces_wireless.py
@@ -48,7 +48,7 @@ class WirelessInterfaceTest(BasicInterfaceTest.TestCase):
}
cls._interfaces = list(cls._options)
# call base-classes classmethod
- super(cls, cls).setUpClass()
+ super(WirelessInterfaceTest, cls).setUpClass()
def test_wireless_add_single_ip_address(self):
# derived method to check if member interfaces are enslaved properly
diff --git a/smoketest/scripts/cli/test_nat.py b/smoketest/scripts/cli/test_nat.py
index 75c628244..408facfb3 100755
--- a/smoketest/scripts/cli/test_nat.py
+++ b/smoketest/scripts/cli/test_nat.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python3
#
-# Copyright (C) 2020 VyOS maintainers and contributors
+# Copyright (C) 2020-2022 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
@@ -14,7 +14,6 @@
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
-import os
import jmespath
import json
import unittest
@@ -29,10 +28,13 @@ src_path = base_path + ['source']
dst_path = base_path + ['destination']
class TestNAT(VyOSUnitTestSHIM.TestCase):
- def setUp(self):
+ @classmethod
+ def setUpClass(cls):
+ super(TestNAT, cls).setUpClass()
+
# ensure we can also run this test on a live system - so lets clean
# out the current configuration :)
- self.cli_delete(base_path)
+ cls.cli_delete(cls, base_path)
def tearDown(self):
self.cli_delete(base_path)
@@ -57,36 +59,44 @@ class TestNAT(VyOSUnitTestSHIM.TestCase):
self.cli_commit()
- tmp = cmd('sudo nft -j list table nat')
+ tmp = cmd('sudo nft -j list chain ip nat POSTROUTING')
data_json = jmespath.search('nftables[?rule].rule[?chain]', json.loads(tmp))
for idx in range(0, len(data_json)):
- rule = str(rules[idx])
data = data_json[idx]
- network = f'192.168.{rule}.0/24'
-
- self.assertEqual(data['chain'], 'POSTROUTING')
- self.assertEqual(data['comment'], f'SRC-NAT-{rule}')
- self.assertEqual(data['family'], 'ip')
- self.assertEqual(data['table'], 'nat')
-
- iface = dict_search('match.right', data['expr'][0])
- direction = dict_search('match.left.payload.field', data['expr'][1])
- address = dict_search('match.right.prefix.addr', data['expr'][1])
- mask = dict_search('match.right.prefix.len', data['expr'][1])
+ if idx == 0:
+ self.assertEqual(data['chain'], 'POSTROUTING')
+ self.assertEqual(data['family'], 'ip')
+ self.assertEqual(data['table'], 'nat')
- if int(rule) < 200:
- self.assertEqual(direction, 'saddr')
- self.assertEqual(iface, outbound_iface_100)
- # check for masquerade keyword
- self.assertIn('masquerade', data['expr'][3])
+ jump_target = dict_search('jump.target', data['expr'][1])
+ self.assertEqual(jump_target,'VYOS_PRE_SNAT_HOOK')
else:
- self.assertEqual(direction, 'daddr')
- self.assertEqual(iface, outbound_iface_200)
- # check for return keyword due to 'exclude'
- self.assertIn('return', data['expr'][3])
-
- self.assertEqual(f'{address}/{mask}', network)
+ rule = str(rules[idx - 1])
+ network = f'192.168.{rule}.0/24'
+
+ self.assertEqual(data['chain'], 'POSTROUTING')
+ self.assertEqual(data['comment'], f'SRC-NAT-{rule}')
+ self.assertEqual(data['family'], 'ip')
+ self.assertEqual(data['table'], 'nat')
+
+ iface = dict_search('match.right', data['expr'][0])
+ direction = dict_search('match.left.payload.field', data['expr'][1])
+ address = dict_search('match.right.prefix.addr', data['expr'][1])
+ mask = dict_search('match.right.prefix.len', data['expr'][1])
+
+ if int(rule) < 200:
+ self.assertEqual(direction, 'saddr')
+ self.assertEqual(iface, outbound_iface_100)
+ # check for masquerade keyword
+ self.assertIn('masquerade', data['expr'][3])
+ else:
+ self.assertEqual(direction, 'daddr')
+ self.assertEqual(iface, outbound_iface_200)
+ # check for return keyword due to 'exclude'
+ self.assertIn('return', data['expr'][3])
+
+ self.assertEqual(f'{address}/{mask}', network)
def test_dnat(self):
rules = ['100', '110', '120', '130', '200', '210', '220', '230']
@@ -109,33 +119,42 @@ class TestNAT(VyOSUnitTestSHIM.TestCase):
self.cli_commit()
- tmp = cmd('sudo nft -j list table nat')
+ tmp = cmd('sudo nft -j list chain ip nat PREROUTING')
data_json = jmespath.search('nftables[?rule].rule[?chain]', json.loads(tmp))
for idx in range(0, len(data_json)):
- rule = str(rules[idx])
data = data_json[idx]
- port = int(f'10{rule}')
-
- self.assertEqual(data['chain'], 'PREROUTING')
- self.assertEqual(data['comment'].split()[0], f'DST-NAT-{rule}')
- self.assertEqual(data['family'], 'ip')
- self.assertEqual(data['table'], 'nat')
-
- iface = dict_search('match.right', data['expr'][0])
- direction = dict_search('match.left.payload.field', data['expr'][1])
- protocol = dict_search('match.left.payload.protocol', data['expr'][1])
- dnat_addr = dict_search('dnat.addr', data['expr'][3])
- dnat_port = dict_search('dnat.port', data['expr'][3])
-
- self.assertEqual(direction, 'sport')
- self.assertEqual(dnat_addr, '192.0.2.1')
- self.assertEqual(dnat_port, port)
- if int(rule) < 200:
- self.assertEqual(iface, inbound_iface_100)
- self.assertEqual(protocol, inbound_proto_100)
+ if idx == 0:
+ self.assertEqual(data['chain'], 'PREROUTING')
+ self.assertEqual(data['family'], 'ip')
+ self.assertEqual(data['table'], 'nat')
+
+ jump_target = dict_search('jump.target', data['expr'][1])
+ self.assertEqual(jump_target,'VYOS_PRE_DNAT_HOOK')
else:
- self.assertEqual(iface, inbound_iface_200)
+
+ rule = str(rules[idx - 1])
+ port = int(f'10{rule}')
+
+ self.assertEqual(data['chain'], 'PREROUTING')
+ self.assertEqual(data['comment'].split()[0], f'DST-NAT-{rule}')
+ self.assertEqual(data['family'], 'ip')
+ self.assertEqual(data['table'], 'nat')
+
+ iface = dict_search('match.right', data['expr'][0])
+ direction = dict_search('match.left.payload.field', data['expr'][1])
+ protocol = dict_search('match.left.payload.protocol', data['expr'][1])
+ dnat_addr = dict_search('dnat.addr', data['expr'][3])
+ dnat_port = dict_search('dnat.port', data['expr'][3])
+
+ self.assertEqual(direction, 'sport')
+ self.assertEqual(dnat_addr, '192.0.2.1')
+ self.assertEqual(dnat_port, port)
+ if int(rule) < 200:
+ self.assertEqual(iface, inbound_iface_100)
+ self.assertEqual(protocol, inbound_proto_100)
+ else:
+ self.assertEqual(iface, inbound_iface_200)
def test_snat_required_translation_address(self):
# T2813: Ensure translation address is specified
diff --git a/smoketest/scripts/cli/test_nat66.py b/smoketest/scripts/cli/test_nat66.py
index 8afe0da26..aac6a30f9 100755
--- a/smoketest/scripts/cli/test_nat66.py
+++ b/smoketest/scripts/cli/test_nat66.py
@@ -32,7 +32,7 @@ dst_path = base_path + ['destination']
class TestNAT66(VyOSUnitTestSHIM.TestCase):
@classmethod
def setUpClass(cls):
- super(cls, cls).setUpClass()
+ super(TestNAT66, cls).setUpClass()
# ensure we can also run this test on a live system - so lets clean
# out the current configuration :)
@@ -185,4 +185,4 @@ class TestNAT66(VyOSUnitTestSHIM.TestCase):
self.cli_commit()
if __name__ == '__main__':
- unittest.main(verbosity=2, failfast=True)
+ unittest.main(verbosity=2)
diff --git a/smoketest/scripts/cli/test_pki.py b/smoketest/scripts/cli/test_pki.py
index 45a4bd61e..e92123dbc 100755
--- a/smoketest/scripts/cli/test_pki.py
+++ b/smoketest/scripts/cli/test_pki.py
@@ -129,8 +129,13 @@ xGsJxVHfSKeooUQn6q76sg==
"""
class TestPKI(VyOSUnitTestSHIM.TestCase):
- def setUp(self):
- self.cli_delete(base_path)
+ @classmethod
+ def setUpClass(cls):
+ super(TestPKI, cls).setUpClass()
+
+ # ensure we can also run this test on a live system - so lets clean
+ # out the current configuration :)
+ cls.cli_delete(cls, base_path)
def tearDown(self):
self.cli_delete(base_path)
diff --git a/smoketest/scripts/cli/test_policy.py b/smoketest/scripts/cli/test_policy.py
index 1286a768d..e8c6ff19b 100755
--- a/smoketest/scripts/cli/test_policy.py
+++ b/smoketest/scripts/cli/test_policy.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python3
#
-# Copyright (C) 2021 VyOS maintainers and contributors
+# Copyright (C) 2021-2022 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
@@ -307,7 +307,7 @@ class TestPolicy(VyOSUnitTestSHIM.TestCase):
continue
for rule, rule_config in as_path_config['rule'].items():
- tmp = f'bgp as-path access-list {as_path}'
+ tmp = f'bgp as-path access-list {as_path} seq {rule}'
if rule_config['action'] == 'permit':
tmp += ' permit'
else:
@@ -665,6 +665,40 @@ class TestPolicy(VyOSUnitTestSHIM.TestCase):
self.assertIn(tmp, config)
+ def test_prefix_list_duplicates(self):
+ # FRR does not allow to specify the same profix list rule multiple times
+ #
+ # vyos(config)# ip prefix-list foo seq 10 permit 192.0.2.0/24
+ # vyos(config)# ip prefix-list foo seq 20 permit 192.0.2.0/24
+ # % Configuration failed.
+ # Error type: validation
+ # Error description: duplicated prefix list value: 192.0.2.0/24
+
+ # There is also a VyOS verify() function to test this
+
+ prefix = '100.64.0.0/10'
+ prefix_list = 'duplicates'
+ test_range = range(20, 25)
+ path = base_path + ['prefix-list', prefix_list]
+
+ for rule in test_range:
+ self.cli_set(path + ['rule', str(rule), 'action', 'permit'])
+ self.cli_set(path + ['rule', str(rule), 'prefix', prefix])
+
+ # Duplicate prefixes
+ with self.assertRaises(ConfigSessionError):
+ self.cli_commit()
+
+ for rule in test_range:
+ self.cli_set(path + ['rule', str(rule), 'le', str(rule)])
+
+ self.cli_commit()
+
+ config = self.getFRRconfig('ip prefix-list', end='')
+ for rule in test_range:
+ tmp = f'ip prefix-list {prefix_list} seq {rule} permit {prefix} le {rule}'
+ self.assertIn(tmp, config)
+
def test_route_map(self):
access_list = '50'
as_path_list = '100'
@@ -766,27 +800,28 @@ class TestPolicy(VyOSUnitTestSHIM.TestCase):
'10' : {
'action' : 'deny',
'set' : {
- 'aggregator-as' : '1234567890',
- 'aggregator-ip' : '10.255.255.0',
- 'as-path-exclude' : '1234',
- 'as-path-prepend' : '1234567890 987654321',
- 'atomic-aggregate' : '',
- 'distance' : '110',
- 'extcommunity-bw' : '20000',
- 'extcommunity-rt' : '123:456',
- 'extcommunity-soo' : '456:789',
- 'ipv6-next-hop-global': '2001::1',
- 'ipv6-next-hop-local' : 'fe80::1',
- 'ip-next-hop' : '192.168.1.1',
- 'large-community' : '100:200:300',
- 'local-preference' : '500',
- 'metric' : '150',
- 'metric-type' : 'type-1',
- 'origin' : 'incomplete',
- 'originator-id' : '172.16.10.1',
- 'src' : '100.0.0.1',
- 'tag' : '65530',
- 'weight' : '2',
+ 'aggregator-as' : '1234567890',
+ 'aggregator-ip' : '10.255.255.0',
+ 'as-path-exclude' : '1234',
+ 'as-path-prepend' : '1234567890 987654321',
+ 'as-path-prepend-last-as' : '5',
+ 'atomic-aggregate' : '',
+ 'distance' : '110',
+ 'extcommunity-bw' : '20000',
+ 'extcommunity-rt' : '123:456',
+ 'extcommunity-soo' : '456:789',
+ 'ipv6-next-hop-global' : '2001::1',
+ 'ipv6-next-hop-local' : 'fe80::1',
+ 'ip-next-hop' : '192.168.1.1',
+ 'large-community' : '100:200:300',
+ 'local-preference' : '500',
+ 'metric' : '150',
+ 'metric-type' : 'type-1',
+ 'origin' : 'incomplete',
+ 'originator-id' : '172.16.10.1',
+ 'src' : '100.0.0.1',
+ 'tag' : '65530',
+ 'weight' : '2',
},
},
},
@@ -814,6 +849,13 @@ class TestPolicy(VyOSUnitTestSHIM.TestCase):
'evpn-vni' : '1234',
},
},
+ '20' : {
+ 'action' : 'permit',
+ 'set' : {
+ 'evpn-gateway-ipv4' : '192.0.2.99',
+ 'evpn-gateway-ipv6' : '2001:db8:f00::1',
+ },
+ },
},
},
}
@@ -924,9 +966,9 @@ class TestPolicy(VyOSUnitTestSHIM.TestCase):
if 'aggregator-ip' in rule_config['set']:
self.cli_set(path + ['rule', rule, 'set', 'aggregator', 'ip', rule_config['set']['aggregator-ip']])
if 'as-path-exclude' in rule_config['set']:
- self.cli_set(path + ['rule', rule, 'set', 'as-path-exclude', rule_config['set']['as-path-exclude']])
+ self.cli_set(path + ['rule', rule, 'set', 'as-path', 'exclude', rule_config['set']['as-path-exclude']])
if 'as-path-prepend' in rule_config['set']:
- self.cli_set(path + ['rule', rule, 'set', 'as-path-prepend', rule_config['set']['as-path-prepend']])
+ self.cli_set(path + ['rule', rule, 'set', 'as-path', 'prepend', rule_config['set']['as-path-prepend']])
if 'atomic-aggregate' in rule_config['set']:
self.cli_set(path + ['rule', rule, 'set', 'atomic-aggregate'])
if 'distance' in rule_config['set']:
@@ -961,6 +1003,10 @@ class TestPolicy(VyOSUnitTestSHIM.TestCase):
self.cli_set(path + ['rule', rule, 'set', 'tag', rule_config['set']['tag']])
if 'weight' in rule_config['set']:
self.cli_set(path + ['rule', rule, 'set', 'weight', rule_config['set']['weight']])
+ if 'evpn-gateway-ipv4' in rule_config['set']:
+ self.cli_set(path + ['rule', rule, 'set', 'evpn', 'gateway', 'ipv4', rule_config['set']['evpn-gateway-ipv4']])
+ if 'evpn-gateway-ipv6' in rule_config['set']:
+ self.cli_set(path + ['rule', rule, 'set', 'evpn', 'gateway', 'ipv6', rule_config['set']['evpn-gateway-ipv6']])
self.cli_commit()
@@ -1030,7 +1076,7 @@ class TestPolicy(VyOSUnitTestSHIM.TestCase):
tmp = f'match ipv6 address prefix-list {rule_config["match"]["ipv6-address-pfx"]}'
self.assertIn(tmp, config)
if 'ipv6-nexthop' in rule_config['match']:
- tmp = f'match ipv6 next-hop {rule_config["match"]["ipv6-nexthop"]}'
+ tmp = f'match ipv6 next-hop address {rule_config["match"]["ipv6-nexthop"]}'
self.assertIn(tmp, config)
if 'large-community' in rule_config['match']:
tmp = f'match large-community {rule_config["match"]["large-community"]}'
@@ -1084,6 +1130,8 @@ class TestPolicy(VyOSUnitTestSHIM.TestCase):
tmp += 'as-path exclude ' + rule_config['set']['as-path-exclude']
elif 'as-path-prepend' in rule_config['set']:
tmp += 'as-path prepend ' + rule_config['set']['as-path-prepend']
+ elif 'as-path-prepend-last-as' in rule_config['set']:
+ tmp += 'as-path prepend last-as' + rule_config['set']['as-path-prepend-last-as']
elif 'atomic-aggregate' in rule_config['set']:
tmp += 'atomic-aggregate'
elif 'distance' in rule_config['set']:
@@ -1118,6 +1166,10 @@ class TestPolicy(VyOSUnitTestSHIM.TestCase):
tmp += 'tag ' + rule_config['set']['tag']
elif 'weight' in rule_config['set']:
tmp += 'weight ' + rule_config['set']['weight']
+ elif 'vpn-gateway-ipv4' in rule_config['set']:
+ tmp += 'evpn gateway ipv4 ' + rule_config['set']['vpn-gateway-ipv4']
+ elif 'vpn-gateway-ipv6' in rule_config['set']:
+ tmp += 'evpn gateway ipv6 ' + rule_config['set']['vpn-gateway-ipv6']
self.assertIn(tmp, config)
@@ -1135,18 +1187,13 @@ class TestPolicy(VyOSUnitTestSHIM.TestCase):
self.cli_commit()
- # Check generated configuration
-
- # Expected values
original = """
50: from 203.0.113.1 lookup 23
50: from 203.0.113.2 lookup 23
"""
tmp = cmd('ip rule show prio 50')
- original = original.split()
- tmp = tmp.split()
- self.assertEqual(tmp, original)
+ self.assertEqual(sort_ip(tmp), sort_ip(original))
# Test set table for fwmark
def test_fwmark_table_id(self):
@@ -1161,17 +1208,32 @@ class TestPolicy(VyOSUnitTestSHIM.TestCase):
self.cli_commit()
- # Check generated configuration
-
- # Expected values
original = """
101: from all fwmark 0x18 lookup 154
"""
tmp = cmd('ip rule show prio 101')
- original = original.split()
- tmp = tmp.split()
- self.assertEqual(tmp, original)
+ self.assertEqual(sort_ip(tmp), sort_ip(original))
+
+ # Test set table for destination
+ def test_destination_table_id(self):
+ path = base_path + ['local-route']
+
+ dst = '203.0.113.1'
+ rule = '102'
+ table = '154'
+
+ self.cli_set(path + ['rule', rule, 'set', 'table', table])
+ self.cli_set(path + ['rule', rule, 'destination', dst])
+
+ self.cli_commit()
+
+ original = """
+ 102: from all to 203.0.113.1 lookup 154
+ """
+ tmp = cmd('ip rule show prio 102')
+
+ self.assertEqual(sort_ip(tmp), sort_ip(original))
# Test set table for sources with fwmark
def test_fwmark_sources_table_id(self):
@@ -1188,18 +1250,301 @@ class TestPolicy(VyOSUnitTestSHIM.TestCase):
self.cli_commit()
- # Check generated configuration
-
- # Expected values
original = """
100: from 203.0.113.11 fwmark 0x17 lookup 150
100: from 203.0.113.12 fwmark 0x17 lookup 150
"""
tmp = cmd('ip rule show prio 100')
- original = original.split()
- tmp = tmp.split()
- self.assertEqual(tmp, original)
+ self.assertEqual(sort_ip(tmp), sort_ip(original))
+
+ # Test set table for sources with iif
+ def test_iif_sources_table_id(self):
+ path = base_path + ['local-route']
+
+ sources = ['203.0.113.11', '203.0.113.12']
+ iif = 'lo'
+ rule = '100'
+ table = '150'
+
+ self.cli_set(path + ['rule', rule, 'set', 'table', table])
+ self.cli_set(path + ['rule', rule, 'inbound-interface', iif])
+ for src in sources:
+ self.cli_set(path + ['rule', rule, 'source', src])
+
+ self.cli_commit()
+
+ # Check generated configuration
+ # Expected values
+ original = """
+ 100: from 203.0.113.11 iif lo lookup 150
+ 100: from 203.0.113.12 iif lo lookup 150
+ """
+ tmp = cmd('ip rule show prio 100')
+
+ self.assertEqual(sort_ip(tmp), sort_ip(original))
+
+ # Test set table for sources and destinations with fwmark
+ def test_fwmark_sources_destination_table_id(self):
+ path = base_path + ['local-route']
+
+ sources = ['203.0.113.11', '203.0.113.12']
+ destinations = ['203.0.113.13', '203.0.113.15']
+ fwmk = '23'
+ rule = '103'
+ table = '150'
+ for src in sources:
+ for dst in destinations:
+ self.cli_set(path + ['rule', rule, 'set', 'table', table])
+ self.cli_set(path + ['rule', rule, 'source', src])
+ self.cli_set(path + ['rule', rule, 'destination', dst])
+ self.cli_set(path + ['rule', rule, 'fwmark', fwmk])
+
+ self.cli_commit()
+
+ original = """
+ 103: from 203.0.113.11 to 203.0.113.13 fwmark 0x17 lookup 150
+ 103: from 203.0.113.11 to 203.0.113.15 fwmark 0x17 lookup 150
+ 103: from 203.0.113.12 to 203.0.113.13 fwmark 0x17 lookup 150
+ 103: from 203.0.113.12 to 203.0.113.15 fwmark 0x17 lookup 150
+ """
+ tmp = cmd('ip rule show prio 103')
+
+ self.assertEqual(sort_ip(tmp), sort_ip(original))
+
+ # Test set table ipv6 for some sources ipv6
+ def test_ipv6_table_id(self):
+ path = base_path + ['local-route6']
+
+ sources = ['2001:db8:123::/48', '2001:db8:126::/48']
+ rule = '50'
+ table = '23'
+ for src in sources:
+ self.cli_set(path + ['rule', rule, 'set', 'table', table])
+ self.cli_set(path + ['rule', rule, 'source', src])
+
+ self.cli_commit()
+
+ original = """
+ 50: from 2001:db8:123::/48 lookup 23
+ 50: from 2001:db8:126::/48 lookup 23
+ """
+ tmp = cmd('ip -6 rule show prio 50')
+
+ self.assertEqual(sort_ip(tmp), sort_ip(original))
+
+ # Test set table for fwmark ipv6
+ def test_fwmark_ipv6_table_id(self):
+ path = base_path + ['local-route6']
+
+ fwmk = '24'
+ rule = '100'
+ table = '154'
+
+ self.cli_set(path + ['rule', rule, 'set', 'table', table])
+ self.cli_set(path + ['rule', rule, 'fwmark', fwmk])
+
+ self.cli_commit()
+
+ original = """
+ 100: from all fwmark 0x18 lookup 154
+ """
+ tmp = cmd('ip -6 rule show prio 100')
+
+ self.assertEqual(sort_ip(tmp), sort_ip(original))
+
+ # Test set table for destination ipv6
+ def test_destination_ipv6_table_id(self):
+ path = base_path + ['local-route6']
+
+ dst = '2001:db8:1337::/126'
+ rule = '101'
+ table = '154'
+
+ self.cli_set(path + ['rule', rule, 'set', 'table', table])
+ self.cli_set(path + ['rule', rule, 'destination', dst])
+
+ self.cli_commit()
+
+ original = """
+ 101: from all to 2001:db8:1337::/126 lookup 154
+ """
+ tmp = cmd('ip -6 rule show prio 101')
+
+ self.assertEqual(sort_ip(tmp), sort_ip(original))
+
+ # Test set table for sources with fwmark ipv6
+ def test_fwmark_sources_ipv6_table_id(self):
+ path = base_path + ['local-route6']
+
+ sources = ['2001:db8:1338::/126', '2001:db8:1339::/126']
+ fwmk = '23'
+ rule = '102'
+ table = '150'
+ for src in sources:
+ self.cli_set(path + ['rule', rule, 'set', 'table', table])
+ self.cli_set(path + ['rule', rule, 'source', src])
+ self.cli_set(path + ['rule', rule, 'fwmark', fwmk])
+
+ self.cli_commit()
+
+ original = """
+ 102: from 2001:db8:1338::/126 fwmark 0x17 lookup 150
+ 102: from 2001:db8:1339::/126 fwmark 0x17 lookup 150
+ """
+ tmp = cmd('ip -6 rule show prio 102')
+
+ self.assertEqual(sort_ip(tmp), sort_ip(original))
+
+ # Test set table for sources with iif ipv6
+ def test_iif_sources_ipv6_table_id(self):
+ path = base_path + ['local-route6']
+
+ sources = ['2001:db8:1338::/126', '2001:db8:1339::/126']
+ iif = 'lo'
+ rule = '102'
+ table = '150'
+ for src in sources:
+ self.cli_set(path + ['rule', rule, 'set', 'table', table])
+ self.cli_set(path + ['rule', rule, 'source', src])
+ self.cli_set(path + ['rule', rule, 'inbound-interface', iif])
+
+ self.cli_commit()
+
+ # Check generated configuration
+ # Expected values
+ original = """
+ 102: from 2001:db8:1338::/126 iif lo lookup 150
+ 102: from 2001:db8:1339::/126 iif lo lookup 150
+ """
+ tmp = cmd('ip -6 rule show prio 102')
+
+ self.assertEqual(sort_ip(tmp), sort_ip(original))
+
+ # Test set table for sources and destinations with fwmark ipv6
+ def test_fwmark_sources_destination_ipv6_table_id(self):
+ path = base_path + ['local-route6']
+
+ sources = ['2001:db8:1338::/126', '2001:db8:1339::/56']
+ destinations = ['2001:db8:13::/48', '2001:db8:16::/48']
+ fwmk = '23'
+ rule = '103'
+ table = '150'
+ for src in sources:
+ for dst in destinations:
+ self.cli_set(path + ['rule', rule, 'set', 'table', table])
+ self.cli_set(path + ['rule', rule, 'source', src])
+ self.cli_set(path + ['rule', rule, 'destination', dst])
+ self.cli_set(path + ['rule', rule, 'fwmark', fwmk])
+
+ self.cli_commit()
+
+ original = """
+ 103: from 2001:db8:1338::/126 to 2001:db8:13::/48 fwmark 0x17 lookup 150
+ 103: from 2001:db8:1338::/126 to 2001:db8:16::/48 fwmark 0x17 lookup 150
+ 103: from 2001:db8:1339::/56 to 2001:db8:13::/48 fwmark 0x17 lookup 150
+ 103: from 2001:db8:1339::/56 to 2001:db8:16::/48 fwmark 0x17 lookup 150
+ """
+ tmp = cmd('ip -6 rule show prio 103')
+
+ self.assertEqual(sort_ip(tmp), sort_ip(original))
+
+ # Test delete table for sources and destination with fwmark ipv4/ipv6
+ def test_delete_ipv4_ipv6_table_id(self):
+ path = base_path + ['local-route']
+ path_v6 = base_path + ['local-route6']
+
+ sources = ['203.0.113.0/24', '203.0.114.5']
+ destinations = ['203.0.112.0/24', '203.0.116.5']
+ sources_v6 = ['2001:db8:1338::/126', '2001:db8:1339::/56']
+ destinations_v6 = ['2001:db8:13::/48', '2001:db8:16::/48']
+ fwmk = '23'
+ rule = '103'
+ table = '150'
+ for src in sources:
+ for dst in destinations:
+ self.cli_set(path + ['rule', rule, 'set', 'table', table])
+ self.cli_set(path + ['rule', rule, 'source', src])
+ self.cli_set(path + ['rule', rule, 'destination', dst])
+ self.cli_set(path + ['rule', rule, 'fwmark', fwmk])
+
+ for src in sources_v6:
+ for dst in destinations_v6:
+ self.cli_set(path_v6 + ['rule', rule, 'set', 'table', table])
+ self.cli_set(path_v6 + ['rule', rule, 'source', src])
+ self.cli_set(path_v6 + ['rule', rule, 'destination', dst])
+ self.cli_set(path_v6 + ['rule', rule, 'fwmark', fwmk])
+
+ self.cli_commit()
+
+ original = """
+ 103: from 203.0.113.0/24 to 203.0.116.5 fwmark 0x17 lookup 150
+ 103: from 203.0.114.5 to 203.0.112.0/24 fwmark 0x17 lookup 150
+ 103: from 203.0.114.5 to 203.0.116.5 fwmark 0x17 lookup 150
+ 103: from 203.0.113.0/24 to 203.0.112.0/24 fwmark 0x17 lookup 150
+ """
+ original_v6 = """
+ 103: from 2001:db8:1338::/126 to 2001:db8:16::/48 fwmark 0x17 lookup 150
+ 103: from 2001:db8:1339::/56 to 2001:db8:13::/48 fwmark 0x17 lookup 150
+ 103: from 2001:db8:1339::/56 to 2001:db8:16::/48 fwmark 0x17 lookup 150
+ 103: from 2001:db8:1338::/126 to 2001:db8:13::/48 fwmark 0x17 lookup 150
+ """
+ tmp = cmd('ip rule show prio 103')
+ tmp_v6 = cmd('ip -6 rule show prio 103')
+
+ self.assertEqual(sort_ip(tmp), sort_ip(original))
+ self.assertEqual(sort_ip(tmp_v6), sort_ip(original_v6))
+
+ self.cli_delete(path)
+ self.cli_delete(path_v6)
+ self.cli_commit()
+
+ tmp = cmd('ip rule show prio 103')
+ tmp_v6 = cmd('ip -6 rule show prio 103')
+
+ self.assertEqual(sort_ip(tmp), [])
+ self.assertEqual(sort_ip(tmp_v6), [])
+
+ # Test multiple commits ipv4
+ def test_multiple_commit_ipv4_table_id(self):
+ path = base_path + ['local-route']
+
+ sources = ['192.0.2.1', '192.0.2.2']
+ destination = '203.0.113.25'
+ rule = '105'
+ table = '151'
+ self.cli_set(path + ['rule', rule, 'set', 'table', table])
+ for src in sources:
+ self.cli_set(path + ['rule', rule, 'source', src])
+
+ self.cli_commit()
+
+ original_first = """
+ 105: from 192.0.2.1 lookup 151
+ 105: from 192.0.2.2 lookup 151
+ """
+ tmp = cmd('ip rule show prio 105')
+
+ self.assertEqual(sort_ip(tmp), sort_ip(original_first))
+
+ # Create second commit with added destination
+ self.cli_set(path + ['rule', rule, 'destination', destination])
+ self.cli_commit()
+
+ original_second = """
+ 105: from 192.0.2.1 to 203.0.113.25 lookup 151
+ 105: from 192.0.2.2 to 203.0.113.25 lookup 151
+ """
+ tmp = cmd('ip rule show prio 105')
+
+ self.assertEqual(sort_ip(tmp), sort_ip(original_second))
+
+
+def sort_ip(output):
+ o = '\n'.join([' '.join(line.strip().split()) for line in output.strip().splitlines()])
+ o = o.splitlines()
+ o.sort()
+ return o
if __name__ == '__main__':
unittest.main(verbosity=2)
diff --git a/smoketest/scripts/cli/test_policy_route.py b/smoketest/scripts/cli/test_policy_route.py
new file mode 100755
index 000000000..e2d70f289
--- /dev/null
+++ b/smoketest/scripts/cli/test_policy_route.py
@@ -0,0 +1,145 @@
+#!/usr/bin/env python3
+#
+# Copyright (C) 2021-2022 VyOS maintainers and contributors
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 or later as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+import unittest
+
+from base_vyostest_shim import VyOSUnitTestSHIM
+
+from vyos.util import cmd
+
+mark = '100'
+table_mark_offset = 0x7fffffff
+table_id = '101'
+interface = 'eth0'
+interface_ip = '172.16.10.1/24'
+
+class TestPolicyRoute(VyOSUnitTestSHIM.TestCase):
+ @classmethod
+ def setUpClass(cls):
+ super(TestPolicyRoute, cls).setUpClass()
+
+ cls.cli_set(cls, ['interfaces', 'ethernet', interface, 'address', interface_ip])
+ cls.cli_set(cls, ['protocols', 'static', 'table', table_id, 'route', '0.0.0.0/0', 'interface', interface])
+
+ @classmethod
+ def tearDownClass(cls):
+ cls.cli_delete(cls, ['interfaces', 'ethernet', interface, 'address', interface_ip])
+ cls.cli_delete(cls, ['protocols', 'static', 'table', table_id])
+
+ super(TestPolicyRoute, cls).tearDownClass()
+
+ def tearDown(self):
+ self.cli_delete(['interfaces', 'ethernet', interface, 'policy'])
+ self.cli_delete(['policy', 'route'])
+ self.cli_delete(['policy', 'route6'])
+ self.cli_commit()
+
+ def test_pbr_mark(self):
+ self.cli_set(['policy', 'route', 'smoketest', 'rule', '1', 'source', 'address', '172.16.20.10'])
+ self.cli_set(['policy', 'route', 'smoketest', 'rule', '1', 'destination', 'address', '172.16.10.10'])
+ self.cli_set(['policy', 'route', 'smoketest', 'rule', '1', 'set', 'mark', mark])
+
+ self.cli_set(['interfaces', 'ethernet', interface, 'policy', 'route', 'smoketest'])
+
+ self.cli_commit()
+
+ mark_hex = "{0:#010x}".format(int(mark))
+
+ nftables_search = [
+ [f'iifname "{interface}"','jump VYOS_PBR_smoketest'],
+ ['ip daddr 172.16.10.10', 'ip saddr 172.16.20.10', 'meta mark set ' + mark_hex],
+ ]
+
+ nftables_output = cmd('sudo nft list table ip mangle')
+
+ for search in nftables_search:
+ matched = False
+ for line in nftables_output.split("\n"):
+ if all(item in line for item in search):
+ matched = True
+ break
+ self.assertTrue(matched)
+
+ def test_pbr_table(self):
+ self.cli_set(['policy', 'route', 'smoketest', 'rule', '1', 'protocol', 'tcp'])
+ self.cli_set(['policy', 'route', 'smoketest', 'rule', '1', 'destination', 'port', '8888'])
+ self.cli_set(['policy', 'route', 'smoketest', 'rule', '1', 'tcp', 'flags', 'syn'])
+ self.cli_set(['policy', 'route', 'smoketest', 'rule', '1', 'tcp', 'flags', 'not', 'ack'])
+ self.cli_set(['policy', 'route', 'smoketest', 'rule', '1', 'set', 'table', table_id])
+ self.cli_set(['policy', 'route6', 'smoketest6', 'rule', '1', 'protocol', 'tcp_udp'])
+ self.cli_set(['policy', 'route6', 'smoketest6', 'rule', '1', 'destination', 'port', '8888'])
+ self.cli_set(['policy', 'route6', 'smoketest6', 'rule', '1', 'set', 'table', table_id])
+
+ self.cli_set(['interfaces', 'ethernet', interface, 'policy', 'route', 'smoketest'])
+ self.cli_set(['interfaces', 'ethernet', interface, 'policy', 'route6', 'smoketest6'])
+
+ self.cli_commit()
+
+ mark_hex = "{0:#010x}".format(table_mark_offset - int(table_id))
+
+ # IPv4
+
+ nftables_search = [
+ [f'iifname "{interface}"', 'jump VYOS_PBR_smoketest'],
+ ['tcp flags & (syn | ack) == syn', 'tcp dport { 8888 }', 'meta mark set ' + mark_hex]
+ ]
+
+ nftables_output = cmd('sudo nft list table ip mangle')
+
+ for search in nftables_search:
+ matched = False
+ for line in nftables_output.split("\n"):
+ if all(item in line for item in search):
+ matched = True
+ break
+ self.assertTrue(matched)
+
+ # IPv6
+
+ nftables6_search = [
+ [f'iifname "{interface}"', 'jump VYOS_PBR6_smoketest'],
+ ['meta l4proto { tcp, udp }', 'th dport { 8888 }', 'meta mark set ' + mark_hex]
+ ]
+
+ nftables6_output = cmd('sudo nft list table ip6 mangle')
+
+ for search in nftables6_search:
+ matched = False
+ for line in nftables6_output.split("\n"):
+ if all(item in line for item in search):
+ matched = True
+ break
+ self.assertTrue(matched)
+
+ # IP rule fwmark -> table
+
+ ip_rule_search = [
+ ['fwmark ' + hex(table_mark_offset - int(table_id)), 'lookup ' + table_id]
+ ]
+
+ ip_rule_output = cmd('ip rule show')
+
+ for search in ip_rule_search:
+ matched = False
+ for line in ip_rule_output.split("\n"):
+ if all(item in line for item in search):
+ matched = True
+ break
+ self.assertTrue(matched)
+
+
+if __name__ == '__main__':
+ unittest.main(verbosity=2)
diff --git a/smoketest/scripts/cli/test_protocols_bfd.py b/smoketest/scripts/cli/test_protocols_bfd.py
index 297398d3c..fdc254a05 100755
--- a/smoketest/scripts/cli/test_protocols_bfd.py
+++ b/smoketest/scripts/cli/test_protocols_bfd.py
@@ -24,30 +24,35 @@ PROCESS_NAME = 'bfdd'
base_path = ['protocols', 'bfd']
dum_if = 'dum1001'
+vrf_name = 'red'
peers = {
'192.0.2.10' : {
'intv_rx' : '500',
'intv_tx' : '600',
'multihop' : '',
'source_addr': '192.0.2.254',
- },
+ 'profile' : 'foo-bar-baz',
+ },
'192.0.2.20' : {
'echo_mode' : '',
'intv_echo' : '100',
'intv_mult' : '100',
'intv_rx' : '222',
'intv_tx' : '333',
+ 'passive' : '',
'shutdown' : '',
+ 'profile' : 'foo',
'source_intf': dum_if,
- },
- '2001:db8::a' : {
+ },
+ '2001:db8::1000:1' : {
'source_addr': '2001:db8::1',
- 'source_intf': dum_if,
- },
- '2001:db8::b' : {
+ 'vrf' : vrf_name,
+ },
+ '2001:db8::2000:1' : {
'source_addr': '2001:db8::1',
'multihop' : '',
- },
+ 'profile' : 'baz_foo',
+ },
}
profiles = {
@@ -59,9 +64,15 @@ profiles = {
'intv_tx' : '333',
'shutdown' : '',
},
- 'bar' : {
+ 'foo-bar-baz' : {
+ 'intv_mult' : '4',
+ 'intv_rx' : '400',
+ 'intv_tx' : '400',
+ },
+ 'baz_foo' : {
'intv_mult' : '102',
'intv_rx' : '444',
+ 'passive' : '',
},
}
@@ -73,6 +84,8 @@ class TestProtocolsBFD(VyOSUnitTestSHIM.TestCase):
self.assertTrue(process_named_running(PROCESS_NAME))
def test_bfd_peer(self):
+ self.cli_set(['vrf', 'name', vrf_name, 'table', '1000'])
+
for peer, peer_config in peers.items():
if 'echo_mode' in peer_config:
self.cli_set(base_path + ['peer', peer, 'echo-mode'])
@@ -86,18 +99,22 @@ class TestProtocolsBFD(VyOSUnitTestSHIM.TestCase):
self.cli_set(base_path + ['peer', peer, 'interval', 'transmit', peer_config["intv_tx"]])
if 'multihop' in peer_config:
self.cli_set(base_path + ['peer', peer, 'multihop'])
+ if 'passive' in peer_config:
+ self.cli_set(base_path + ['peer', peer, 'passive'])
if 'shutdown' in peer_config:
self.cli_set(base_path + ['peer', peer, 'shutdown'])
if 'source_addr' in peer_config:
self.cli_set(base_path + ['peer', peer, 'source', 'address', peer_config["source_addr"]])
if 'source_intf' in peer_config:
self.cli_set(base_path + ['peer', peer, 'source', 'interface', peer_config["source_intf"]])
+ if 'vrf' in peer_config:
+ self.cli_set(base_path + ['peer', peer, 'vrf', peer_config["vrf"]])
# commit changes
self.cli_commit()
# Verify FRR bgpd configuration
- frrconfig = self.getFRRconfig('bfd')
+ frrconfig = self.getFRRconfig('bfd', daemon=PROCESS_NAME)
for peer, peer_config in peers.items():
tmp = f'peer {peer}'
if 'multihop' in peer_config:
@@ -106,28 +123,33 @@ class TestProtocolsBFD(VyOSUnitTestSHIM.TestCase):
tmp += f' local-address {peer_config["source_addr"]}'
if 'source_intf' in peer_config:
tmp += f' interface {peer_config["source_intf"]}'
+ if 'vrf' in peer_config:
+ tmp += f' vrf {peer_config["vrf"]}'
self.assertIn(tmp, frrconfig)
- peerconfig = self.getFRRconfig(f' peer {peer}', end='')
+ peerconfig = self.getFRRconfig(f' peer {peer}', end='', daemon=PROCESS_NAME)
if 'echo_mode' in peer_config:
self.assertIn(f'echo-mode', peerconfig)
if 'intv_echo' in peer_config:
- self.assertIn(f'echo-interval {peer_config["intv_echo"]}', peerconfig)
+ self.assertIn(f'echo receive-interval {peer_config["intv_echo"]}', peerconfig)
+ self.assertIn(f'echo transmit-interval {peer_config["intv_echo"]}', peerconfig)
if 'intv_mult' in peer_config:
self.assertIn(f'detect-multiplier {peer_config["intv_mult"]}', peerconfig)
if 'intv_rx' in peer_config:
self.assertIn(f'receive-interval {peer_config["intv_rx"]}', peerconfig)
if 'intv_tx' in peer_config:
self.assertIn(f'transmit-interval {peer_config["intv_tx"]}', peerconfig)
+ if 'passive' in peer_config:
+ self.assertIn(f'passive-mode', peerconfig)
if 'shutdown' in peer_config:
self.assertIn(f'shutdown', peerconfig)
else:
self.assertNotIn(f'shutdown', peerconfig)
- def test_bfd_profile(self):
- peer = '192.0.2.10'
+ self.cli_delete(['vrf', 'name', vrf_name])
+ def test_bfd_profile(self):
for profile, profile_config in profiles.items():
if 'echo_mode' in profile_config:
self.cli_set(base_path + ['profile', profile, 'echo-mode'])
@@ -139,10 +161,25 @@ class TestProtocolsBFD(VyOSUnitTestSHIM.TestCase):
self.cli_set(base_path + ['profile', profile, 'interval', 'receive', profile_config["intv_rx"]])
if 'intv_tx' in profile_config:
self.cli_set(base_path + ['profile', profile, 'interval', 'transmit', profile_config["intv_tx"]])
+ if 'passive' in profile_config:
+ self.cli_set(base_path + ['profile', profile, 'passive'])
if 'shutdown' in profile_config:
self.cli_set(base_path + ['profile', profile, 'shutdown'])
- self.cli_set(base_path + ['peer', peer, 'profile', list(profiles)[0]])
+ for peer, peer_config in peers.items():
+ if 'profile' in peer_config:
+ self.cli_set(base_path + ['peer', peer, 'profile', peer_config["profile"] + 'wrong'])
+ if 'source_addr' in peer_config:
+ self.cli_set(base_path + ['peer', peer, 'source', 'address', peer_config["source_addr"]])
+ if 'source_intf' in peer_config:
+ self.cli_set(base_path + ['peer', peer, 'source', 'interface', peer_config["source_intf"]])
+
+ # BFD profile does not exist!
+ with self.assertRaises(ConfigSessionError):
+ self.cli_commit()
+ for peer, peer_config in peers.items():
+ if 'profile' in peer_config:
+ self.cli_set(base_path + ['peer', peer, 'profile', peer_config["profile"]])
# commit changes
self.cli_commit()
@@ -151,19 +188,27 @@ class TestProtocolsBFD(VyOSUnitTestSHIM.TestCase):
for profile, profile_config in profiles.items():
config = self.getFRRconfig(f' profile {profile}', endsection='^ !')
if 'echo_mode' in profile_config:
- self.assertIn(f'echo-mode', config)
+ self.assertIn(f' echo-mode', config)
if 'intv_echo' in profile_config:
- self.assertIn(f'echo-interval {profile_config["intv_echo"]}', config)
+ self.assertIn(f' echo receive-interval {profile_config["intv_echo"]}', config)
+ self.assertIn(f' echo transmit-interval {profile_config["intv_echo"]}', config)
if 'intv_mult' in profile_config:
- self.assertIn(f'detect-multiplier {profile_config["intv_mult"]}', config)
+ self.assertIn(f' detect-multiplier {profile_config["intv_mult"]}', config)
if 'intv_rx' in profile_config:
- self.assertIn(f'receive-interval {profile_config["intv_rx"]}', config)
+ self.assertIn(f' receive-interval {profile_config["intv_rx"]}', config)
if 'intv_tx' in profile_config:
- self.assertIn(f'transmit-interval {profile_config["intv_tx"]}', config)
+ self.assertIn(f' transmit-interval {profile_config["intv_tx"]}', config)
+ if 'passive' in profile_config:
+ self.assertIn(f' passive-mode', config)
if 'shutdown' in profile_config:
- self.assertIn(f'shutdown', config)
+ self.assertIn(f' shutdown', config)
else:
self.assertNotIn(f'shutdown', config)
+ for peer, peer_config in peers.items():
+ peerconfig = self.getFRRconfig(f' peer {peer}', end='', daemon=PROCESS_NAME)
+ if 'profile' in peer_config:
+ self.assertIn(f' profile {peer_config["profile"]}', peerconfig)
+
if __name__ == '__main__':
unittest.main(verbosity=2)
diff --git a/smoketest/scripts/cli/test_protocols_bgp.py b/smoketest/scripts/cli/test_protocols_bgp.py
index 16284ed01..9c0c93779 100755
--- a/smoketest/scripts/cli/test_protocols_bgp.py
+++ b/smoketest/scripts/cli/test_protocols_bgp.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python3
#
-# Copyright (C) 2021 VyOS maintainers and contributors
+# Copyright (C) 2021-2022 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
@@ -32,119 +32,154 @@ prefix_list_in = 'pfx-foo-in'
prefix_list_out = 'pfx-foo-out'
prefix_list_in6 = 'pfx-foo-in6'
prefix_list_out6 = 'pfx-foo-out6'
+bfd_profile = 'foo-bar-baz'
neighbor_config = {
'192.0.2.1' : {
- 'cap_dynamic' : '',
- 'cap_ext_next' : '',
- 'remote_as' : '100',
- 'adv_interv' : '400',
- 'passive' : '',
- 'password' : 'VyOS-Secure123',
- 'shutdown' : '',
- 'cap_over' : '',
- 'ttl_security' : '5',
- 'local_as' : '300',
- 'route_map_in' : route_map_in,
- 'route_map_out': route_map_out,
+ 'bfd' : '',
+ 'cap_dynamic' : '',
+ 'cap_ext_next' : '',
+ 'remote_as' : '100',
+ 'adv_interv' : '400',
+ 'passive' : '',
+ 'password' : 'VyOS-Secure123',
+ 'shutdown' : '',
+ 'cap_over' : '',
+ 'ttl_security' : '5',
+ 'local_as' : '300',
+ 'route_map_in' : route_map_in,
+ 'route_map_out' : route_map_out,
'no_send_comm_ext' : '',
- 'addpath_all' : '',
+ 'addpath_all' : '',
},
'192.0.2.2' : {
- 'remote_as' : '200',
- 'shutdown' : '',
- 'no_cap_nego' : '',
- 'port' : '667',
- 'cap_strict' : '',
- 'pfx_list_in' : prefix_list_in,
- 'pfx_list_out' : prefix_list_out,
+ 'bfd_profile' : bfd_profile,
+ 'remote_as' : '200',
+ 'shutdown' : '',
+ 'no_cap_nego' : '',
+ 'port' : '667',
+ 'cap_strict' : '',
+ 'advertise_map' : route_map_in,
+ 'non_exist_map' : route_map_out,
+ 'pfx_list_in' : prefix_list_in,
+ 'pfx_list_out' : prefix_list_out,
'no_send_comm_std' : '',
},
'192.0.2.3' : {
- 'description' : 'foo bar baz',
- 'remote_as' : '200',
- 'passive' : '',
- 'multi_hop' : '5',
- 'update_src' : 'lo',
+ 'advertise_map' : route_map_in,
+ 'description' : 'foo bar baz',
+ 'remote_as' : '200',
+ 'passive' : '',
+ 'multi_hop' : '5',
+ 'update_src' : 'lo',
+ 'peer_group' : 'foo',
+ 'graceful_rst' : '',
},
'2001:db8::1' : {
- 'cap_dynamic' : '',
- 'cap_ext_next' : '',
- 'remote_as' : '123',
- 'adv_interv' : '400',
- 'passive' : '',
- 'password' : 'VyOS-Secure123',
- 'shutdown' : '',
- 'cap_over' : '',
- 'ttl_security' : '5',
- 'local_as' : '300',
- 'solo' : '',
- 'route_map_in' : route_map_in,
- 'route_map_out': route_map_out,
+ 'advertise_map' : route_map_in,
+ 'exist_map' : route_map_out,
+ 'cap_dynamic' : '',
+ 'cap_ext_next' : '',
+ 'remote_as' : '123',
+ 'adv_interv' : '400',
+ 'passive' : '',
+ 'password' : 'VyOS-Secure123',
+ 'shutdown' : '',
+ 'cap_over' : '',
+ 'ttl_security' : '5',
+ 'local_as' : '300',
+ 'solo' : '',
+ 'route_map_in' : route_map_in,
+ 'route_map_out' : route_map_out,
'no_send_comm_std' : '',
'addpath_per_as' : '',
+ 'peer_group' : 'foo-bar',
},
'2001:db8::2' : {
- 'remote_as' : '456',
- 'shutdown' : '',
- 'no_cap_nego' : '',
- 'port' : '667',
- 'cap_strict' : '',
- 'pfx_list_in' : prefix_list_in6,
- 'pfx_list_out' : prefix_list_out6,
+ 'remote_as' : '456',
+ 'shutdown' : '',
+ 'no_cap_nego' : '',
+ 'port' : '667',
+ 'cap_strict' : '',
+ 'pfx_list_in' : prefix_list_in6,
+ 'pfx_list_out' : prefix_list_out6,
'no_send_comm_ext' : '',
+ 'peer_group' : 'foo-bar_baz',
+ 'graceful_rst_hlp' : ''
},
}
peer_group_config = {
'foo' : {
- 'remote_as' : '100',
- 'passive' : '',
- 'password' : 'VyOS-Secure123',
- 'shutdown' : '',
- 'cap_over' : '',
- 'ttl_security': '5',
+ 'advertise_map' : route_map_in,
+ 'exist_map' : route_map_out,
+ 'bfd' : '',
+ 'remote_as' : '100',
+ 'passive' : '',
+ 'password' : 'VyOS-Secure123',
+ 'shutdown' : '',
+ 'cap_over' : '',
+ 'ttl_security' : '5',
},
'bar' : {
- 'description' : 'foo peer bar group',
- 'remote_as' : '200',
- 'shutdown' : '',
- 'no_cap_nego' : '',
- 'local_as' : '300',
- 'pfx_list_in' : prefix_list_in,
- 'pfx_list_out' : prefix_list_out,
+ 'remote_as' : '111',
+ 'graceful_rst_no' : ''
+ },
+ 'foo-bar' : {
+ 'advertise_map' : route_map_in,
+ 'description' : 'foo peer bar group',
+ 'remote_as' : '200',
+ 'shutdown' : '',
+ 'no_cap_nego' : '',
+ 'local_as' : '300',
+ 'pfx_list_in' : prefix_list_in,
+ 'pfx_list_out' : prefix_list_out,
'no_send_comm_ext' : '',
},
- 'baz' : {
- 'cap_dynamic' : '',
- 'cap_ext_next' : '',
- 'remote_as' : '200',
- 'passive' : '',
- 'multi_hop' : '5',
- 'update_src' : 'lo',
- 'route_map_in' : route_map_in,
- 'route_map_out': route_map_out,
+ 'foo-bar_baz' : {
+ 'advertise_map' : route_map_in,
+ 'non_exist_map' : route_map_out,
+ 'bfd_profile' : bfd_profile,
+ 'cap_dynamic' : '',
+ 'cap_ext_next' : '',
+ 'remote_as' : '200',
+ 'passive' : '',
+ 'multi_hop' : '5',
+ 'update_src' : 'lo',
+ 'route_map_in' : route_map_in,
+ 'route_map_out' : route_map_out,
},
}
class TestProtocolsBGP(VyOSUnitTestSHIM.TestCase):
- def setUp(self):
- self.cli_set(['policy', 'route-map', route_map_in, 'rule', '10', 'action', 'permit'])
- self.cli_set(['policy', 'route-map', route_map_out, 'rule', '10', 'action', 'permit'])
- self.cli_set(['policy', 'prefix-list', prefix_list_in, 'rule', '10', 'action', 'permit'])
- self.cli_set(['policy', 'prefix-list', prefix_list_in, 'rule', '10', 'prefix', '192.0.2.0/25'])
- self.cli_set(['policy', 'prefix-list', prefix_list_out, 'rule', '10', 'action', 'permit'])
- self.cli_set(['policy', 'prefix-list', prefix_list_out, 'rule', '10', 'prefix', '192.0.2.128/25'])
-
- self.cli_set(['policy', 'prefix-list6', prefix_list_in6, 'rule', '10', 'action', 'permit'])
- self.cli_set(['policy', 'prefix-list6', prefix_list_in6, 'rule', '10', 'prefix', '2001:db8:1000::/64'])
- self.cli_set(['policy', 'prefix-list6', prefix_list_out6, 'rule', '10', 'action', 'deny'])
- self.cli_set(['policy', 'prefix-list6', prefix_list_out6, 'rule', '10', 'prefix', '2001:db8:2000::/64'])
+ @classmethod
+ def setUpClass(cls):
+ super(TestProtocolsBGP, cls).setUpClass()
+
+ # ensure we can also run this test on a live system - so lets clean
+ # out the current configuration :)
+ cls.cli_delete(cls, base_path)
+
+ cls.cli_set(cls, ['policy', 'route-map', route_map_in, 'rule', '10', 'action', 'permit'])
+ cls.cli_set(cls, ['policy', 'route-map', route_map_out, 'rule', '10', 'action', 'permit'])
+ cls.cli_set(cls, ['policy', 'prefix-list', prefix_list_in, 'rule', '10', 'action', 'permit'])
+ cls.cli_set(cls, ['policy', 'prefix-list', prefix_list_in, 'rule', '10', 'prefix', '192.0.2.0/25'])
+ cls.cli_set(cls, ['policy', 'prefix-list', prefix_list_out, 'rule', '10', 'action', 'permit'])
+ cls.cli_set(cls, ['policy', 'prefix-list', prefix_list_out, 'rule', '10', 'prefix', '192.0.2.128/25'])
+
+ cls.cli_set(cls, ['policy', 'prefix-list6', prefix_list_in6, 'rule', '10', 'action', 'permit'])
+ cls.cli_set(cls, ['policy', 'prefix-list6', prefix_list_in6, 'rule', '10', 'prefix', '2001:db8:1000::/64'])
+ cls.cli_set(cls, ['policy', 'prefix-list6', prefix_list_out6, 'rule', '10', 'action', 'deny'])
+ cls.cli_set(cls, ['policy', 'prefix-list6', prefix_list_out6, 'rule', '10', 'prefix', '2001:db8:2000::/64'])
+
+ @classmethod
+ def tearDownClass(cls):
+ cls.cli_delete(cls, ['policy'])
+ def setUp(self):
self.cli_set(base_path + ['local-as', ASN])
def tearDown(self):
- self.cli_delete(['policy'])
self.cli_delete(['vrf'])
self.cli_delete(base_path)
self.cli_commit()
@@ -154,6 +189,11 @@ class TestProtocolsBGP(VyOSUnitTestSHIM.TestCase):
def verify_frr_config(self, peer, peer_config, frrconfig):
# recurring patterns to verify for both a simple neighbor and a peer-group
+ if 'bfd' in peer_config:
+ self.assertIn(f' neighbor {peer} bfd', frrconfig)
+ if 'bfd_profile' in peer_config:
+ self.assertIn(f' neighbor {peer} bfd profile {peer_config["bfd_profile"]}', frrconfig)
+ self.assertIn(f' neighbor {peer} bfd check-control-plane-failure', frrconfig)
if 'cap_dynamic' in peer_config:
self.assertIn(f' neighbor {peer} capability dynamic', frrconfig)
if 'cap_ext_next' in peer_config:
@@ -198,7 +238,19 @@ class TestProtocolsBGP(VyOSUnitTestSHIM.TestCase):
self.assertIn(f' neighbor {peer} addpath-tx-all-paths', frrconfig)
if 'addpath_per_as' in peer_config:
self.assertIn(f' neighbor {peer} addpath-tx-bestpath-per-AS', frrconfig)
-
+ if 'advertise_map' in peer_config:
+ base = f' neighbor {peer} advertise-map {peer_config["advertise_map"]}'
+ if 'exist_map' in peer_config:
+ base = f'{base} exist-map {peer_config["exist_map"]}'
+ if 'non_exist_map' in peer_config:
+ base = f'{base} non-exist-map {peer_config["non_exist_map"]}'
+ self.assertIn(base, frrconfig)
+ if 'graceful_rst' in peer_config:
+ self.assertIn(f' neighbor {peer} graceful-restart', frrconfig)
+ if 'graceful_rst_no' in peer_config:
+ self.assertIn(f' neighbor {peer} graceful-restart-disable', frrconfig)
+ if 'graceful_rst_hlp' in peer_config:
+ self.assertIn(f' neighbor {peer} graceful-restart-helper', frrconfig)
def test_bgp_01_simple(self):
router_id = '127.0.0.1'
@@ -208,6 +260,8 @@ class TestProtocolsBGP(VyOSUnitTestSHIM.TestCase):
max_path_v4ibgp = '4'
max_path_v6 = '8'
max_path_v6ibgp = '16'
+ cond_adv_timer = '30'
+ min_hold_time = '2'
self.cli_set(base_path + ['parameters', 'router-id', router_id])
self.cli_set(base_path + ['parameters', 'log-neighbor-changes'])
@@ -229,6 +283,14 @@ class TestProtocolsBGP(VyOSUnitTestSHIM.TestCase):
self.cli_set(base_path + ['parameters', 'bestpath', 'bandwidth', 'default-weight-for-missing'])
self.cli_set(base_path + ['parameters', 'bestpath', 'compare-routerid'])
+ self.cli_set(base_path + ['parameters', 'conditional-advertisement', 'timer', cond_adv_timer])
+ self.cli_set(base_path + ['parameters', 'fast-convergence'])
+ self.cli_set(base_path + ['parameters', 'minimum-holdtime', min_hold_time])
+ self.cli_set(base_path + ['parameters', 'no-suppress-duplicates'])
+ self.cli_set(base_path + ['parameters', 'reject-as-sets'])
+ self.cli_set(base_path + ['parameters', 'shutdown'])
+ self.cli_set(base_path + ['parameters', 'suppress-fib-pending'])
+
# AFI maximum path support
self.cli_set(base_path + ['address-family', 'ipv4-unicast', 'maximum-paths', 'ebgp', max_path_v4])
self.cli_set(base_path + ['address-family', 'ipv4-unicast', 'maximum-paths', 'ibgp', max_path_v4ibgp])
@@ -244,12 +306,19 @@ class TestProtocolsBGP(VyOSUnitTestSHIM.TestCase):
self.assertIn(f' bgp router-id {router_id}', frrconfig)
self.assertIn(f' bgp log-neighbor-changes', frrconfig)
self.assertIn(f' bgp default local-preference {local_pref}', frrconfig)
+ self.assertIn(f' bgp conditional-advertisement timer {cond_adv_timer}', frrconfig)
+ self.assertIn(f' bgp fast-convergence', frrconfig)
self.assertIn(f' bgp graceful-restart stalepath-time {stalepath_time}', frrconfig)
self.assertIn(f' bgp graceful-shutdown', frrconfig)
self.assertIn(f' bgp bestpath as-path multipath-relax', frrconfig)
self.assertIn(f' bgp bestpath bandwidth default-weight-for-missing', frrconfig)
self.assertIn(f' bgp bestpath compare-routerid', frrconfig)
+ self.assertIn(f' bgp minimum-holdtime {min_hold_time}', frrconfig)
+ self.assertIn(f' bgp reject-as-sets', frrconfig)
+ self.assertIn(f' bgp shutdown', frrconfig)
+ self.assertIn(f' bgp suppress-fib-pending', frrconfig)
self.assertNotIn(f'bgp ebgp-requires-policy', frrconfig)
+ self.assertIn(f' no bgp suppress-duplicates', frrconfig)
afiv4_config = self.getFRRconfig(' address-family ipv4 unicast')
self.assertIn(f' maximum-paths {max_path_v4}', afiv4_config)
@@ -263,6 +332,8 @@ class TestProtocolsBGP(VyOSUnitTestSHIM.TestCase):
def test_bgp_02_neighbors(self):
# Test out individual neighbor configuration items, not all of them are
# also available to a peer-group!
+ self.cli_set(base_path + ['parameters', 'deterministic-med'])
+
for peer, peer_config in neighbor_config.items():
afi = 'ipv4-unicast'
if is_ipv6(peer):
@@ -270,6 +341,11 @@ class TestProtocolsBGP(VyOSUnitTestSHIM.TestCase):
if 'adv_interv' in peer_config:
self.cli_set(base_path + ['neighbor', peer, 'advertisement-interval', peer_config["adv_interv"]])
+ if 'bfd' in peer_config:
+ self.cli_set(base_path + ['neighbor', peer, 'bfd'])
+ if 'bfd_profile' in peer_config:
+ self.cli_set(base_path + ['neighbor', peer, 'bfd', 'profile', peer_config["bfd_profile"]])
+ self.cli_set(base_path + ['neighbor', peer, 'bfd', 'check-control-plane-failure'])
if 'cap_dynamic' in peer_config:
self.cli_set(base_path + ['neighbor', peer, 'capability', 'dynamic'])
if 'cap_ext_next' in peer_config:
@@ -318,6 +394,26 @@ class TestProtocolsBGP(VyOSUnitTestSHIM.TestCase):
self.cli_set(base_path + ['neighbor', peer, 'address-family', afi, 'addpath-tx-all'])
if 'addpath_per_as' in peer_config:
self.cli_set(base_path + ['neighbor', peer, 'address-family', afi, 'addpath-tx-per-as'])
+ if 'graceful_rst' in peer_config:
+ self.cli_set(base_path + ['neighbor', peer, 'graceful-restart', 'enable'])
+ if 'graceful_rst_no' in peer_config:
+ self.cli_set(base_path + ['neighbor', peer, 'graceful-restart', 'disable'])
+ if 'graceful_rst_hlp' in peer_config:
+ self.cli_set(base_path + ['neighbor', peer, 'graceful-restart', 'restart-helper'])
+
+ # Conditional advertisement
+ if 'advertise_map' in peer_config:
+ self.cli_set(base_path + ['neighbor', peer, 'address-family', afi, 'conditionally-advertise', 'advertise-map', peer_config["advertise_map"]])
+ # Either exist-map or non-exist-map needs to be specified
+ if 'exist_map' not in peer_config and 'non_exist_map' not in peer_config:
+ with self.assertRaises(ConfigSessionError):
+ self.cli_commit()
+ self.cli_set(base_path + ['neighbor', peer, 'address-family', afi, 'conditionally-advertise', 'exist-map', route_map_in])
+
+ if 'exist_map' in peer_config:
+ self.cli_set(base_path + ['neighbor', peer, 'address-family', afi, 'conditionally-advertise', 'exist-map', peer_config["exist_map"]])
+ if 'non_exist_map' in peer_config:
+ self.cli_set(base_path + ['neighbor', peer, 'address-family', afi, 'conditionally-advertise', 'non-exist-map', peer_config["non_exist_map"]])
# commit changes
self.cli_commit()
@@ -339,6 +435,11 @@ class TestProtocolsBGP(VyOSUnitTestSHIM.TestCase):
def test_bgp_03_peer_groups(self):
# Test out individual peer-group configuration items
for peer_group, config in peer_group_config.items():
+ if 'bfd' in config:
+ self.cli_set(base_path + ['peer-group', peer_group, 'bfd'])
+ if 'bfd_profile' in config:
+ self.cli_set(base_path + ['peer-group', peer_group, 'bfd', 'profile', config["bfd_profile"]])
+ self.cli_set(base_path + ['peer-group', peer_group, 'bfd', 'check-control-plane-failure'])
if 'cap_dynamic' in config:
self.cli_set(base_path + ['peer-group', peer_group, 'capability', 'dynamic'])
if 'cap_ext_next' in config:
@@ -381,6 +482,31 @@ class TestProtocolsBGP(VyOSUnitTestSHIM.TestCase):
self.cli_set(base_path + ['peer-group', peer_group, 'address-family', 'ipv4-unicast', 'addpath-tx-all'])
if 'addpath_per_as' in config:
self.cli_set(base_path + ['peer-group', peer_group, 'address-family', 'ipv4-unicast', 'addpath-tx-per-as'])
+ if 'graceful_rst' in config:
+ self.cli_set(base_path + ['peer-group', peer_group, 'graceful-restart', 'enable'])
+ if 'graceful_rst_no' in config:
+ self.cli_set(base_path + ['peer-group', peer_group, 'graceful-restart', 'disable'])
+ if 'graceful_rst_hlp' in config:
+ self.cli_set(base_path + ['peer-group', peer_group, 'graceful-restart', 'restart-helper'])
+
+ # Conditional advertisement
+ if 'advertise_map' in config:
+ self.cli_set(base_path + ['peer-group', peer_group, 'address-family', 'ipv4-unicast', 'conditionally-advertise', 'advertise-map', config["advertise_map"]])
+ # Either exist-map or non-exist-map needs to be specified
+ if 'exist_map' not in config and 'non_exist_map' not in config:
+ with self.assertRaises(ConfigSessionError):
+ self.cli_commit()
+ self.cli_set(base_path + ['peer-group', peer_group, 'address-family', 'ipv4-unicast', 'conditionally-advertise', 'exist-map', route_map_in])
+
+ if 'exist_map' in config:
+ self.cli_set(base_path + ['peer-group', peer_group, 'address-family', 'ipv4-unicast', 'conditionally-advertise', 'exist-map', config["exist_map"]])
+ if 'non_exist_map' in config:
+ self.cli_set(base_path + ['peer-group', peer_group, 'address-family', 'ipv4-unicast', 'conditionally-advertise', 'non-exist-map', config["non_exist_map"]])
+
+ for peer, peer_config in neighbor_config.items():
+ if 'peer_group' in peer_config:
+ self.cli_set(base_path + ['neighbor', peer, 'peer-group', peer_config['peer_group']])
+
# commit changes
self.cli_commit()
@@ -393,6 +519,10 @@ class TestProtocolsBGP(VyOSUnitTestSHIM.TestCase):
self.assertIn(f' neighbor {peer_group} peer-group', frrconfig)
self.verify_frr_config(peer, peer_config, frrconfig)
+ for peer, peer_config in neighbor_config.items():
+ if 'peer_group' in peer_config:
+ self.assertIn(f' neighbor {peer} peer-group {peer_config["peer_group"]}', frrconfig)
+
def test_bgp_04_afi_ipv4(self):
networks = {
@@ -752,5 +882,44 @@ class TestProtocolsBGP(VyOSUnitTestSHIM.TestCase):
self.assertIn(f' rt vpn import {rt_import}', afi_config)
self.assertIn(f' exit-address-family', afi_config)
+ def test_bgp_14_remote_as_peer_group_override(self):
+ # Peer-group member cannot override remote-as of peer-group
+ remote_asn = str(int(ASN) + 150)
+ neighbor = '192.0.2.1'
+ peer_group = 'bar'
+ interface = 'eth0'
+
+ self.cli_set(base_path + ['local-as', ASN])
+ self.cli_set(base_path + ['neighbor', neighbor, 'remote-as', remote_asn])
+ self.cli_set(base_path + ['neighbor', neighbor, 'peer-group', peer_group])
+ self.cli_set(base_path + ['peer-group', peer_group, 'remote-as', remote_asn])
+
+ # Peer-group member cannot override remote-as of peer-group
+ with self.assertRaises(ConfigSessionError):
+ self.cli_commit()
+ self.cli_delete(base_path + ['neighbor', neighbor, 'remote-as'])
+
+ # re-test with interface based peer-group
+ self.cli_set(base_path + ['neighbor', interface, 'interface', 'peer-group', peer_group])
+ self.cli_set(base_path + ['neighbor', interface, 'interface', 'remote-as', 'external'])
+ with self.assertRaises(ConfigSessionError):
+ self.cli_commit()
+ self.cli_delete(base_path + ['neighbor', interface, 'interface', 'remote-as'])
+
+ # re-test with interface based v6only peer-group
+ self.cli_set(base_path + ['neighbor', interface, 'interface', 'v6only', 'peer-group', peer_group])
+ self.cli_set(base_path + ['neighbor', interface, 'interface', 'v6only', 'remote-as', 'external'])
+ with self.assertRaises(ConfigSessionError):
+ self.cli_commit()
+ self.cli_delete(base_path + ['neighbor', interface, 'interface', 'v6only', 'remote-as'])
+
+ self.cli_commit()
+
+ frrconfig = self.getFRRconfig(f'router bgp {ASN}')
+ self.assertIn(f'router bgp {ASN}', frrconfig)
+ self.assertIn(f' neighbor {neighbor} peer-group {peer_group}', frrconfig)
+ self.assertIn(f' neighbor {peer_group} peer-group', frrconfig)
+ self.assertIn(f' neighbor {peer_group} remote-as {remote_asn}', frrconfig)
+
if __name__ == '__main__':
- unittest.main(verbosity=2) \ No newline at end of file
+ unittest.main(verbosity=2)
diff --git a/smoketest/scripts/cli/test_protocols_isis.py b/smoketest/scripts/cli/test_protocols_isis.py
index f4b0a690d..ee4be0b37 100755
--- a/smoketest/scripts/cli/test_protocols_isis.py
+++ b/smoketest/scripts/cli/test_protocols_isis.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python3
#
-# Copyright (C) 2021 VyOS maintainers and contributors
+# Copyright (C) 2021-2022 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
@@ -33,7 +33,11 @@ class TestProtocolsISIS(VyOSUnitTestSHIM.TestCase):
cls._interfaces = Section.interfaces('ethernet')
# call base-classes classmethod
- super(cls, cls).setUpClass()
+ super(TestProtocolsISIS, cls).setUpClass()
+
+ # ensure we can also run this test on a live system - so lets clean
+ # out the current configuration :)
+ cls.cli_delete(cls, base_path)
def tearDown(self):
self.cli_delete(base_path)
@@ -71,13 +75,13 @@ class TestProtocolsISIS(VyOSUnitTestSHIM.TestCase):
self.cli_commit()
# Verify all changes
- tmp = self.getFRRconfig(f'router isis {domain}')
+ tmp = self.getFRRconfig(f'router isis {domain}', daemon='isisd')
self.assertIn(f' net {net}', tmp)
self.assertIn(f' log-adjacency-changes', tmp)
self.assertIn(f' redistribute ipv4 connected level-2 route-map {route_map}', tmp)
for interface in self._interfaces:
- tmp = self.getFRRconfig(f'interface {interface}')
+ tmp = self.getFRRconfig(f'interface {interface}', daemon='isisd')
self.assertIn(f' ip router isis {domain}', tmp)
self.assertIn(f' ipv6 router isis {domain}', tmp)
@@ -104,11 +108,11 @@ class TestProtocolsISIS(VyOSUnitTestSHIM.TestCase):
self.cli_commit()
# Verify FRR isisd configuration
- tmp = self.getFRRconfig(f'router isis {domain}')
+ tmp = self.getFRRconfig(f'router isis {domain}', daemon='isisd')
self.assertIn(f'router isis {domain}', tmp)
self.assertIn(f' net {net}', tmp)
- tmp = self.getFRRconfig(f'router isis {domain} vrf {vrf}')
+ tmp = self.getFRRconfig(f'router isis {domain} vrf {vrf}', daemon='isisd')
self.assertIn(f'router isis {domain} vrf {vrf}', tmp)
self.assertIn(f' net {net}', tmp)
@@ -124,22 +128,26 @@ class TestProtocolsISIS(VyOSUnitTestSHIM.TestCase):
self.isis_base_config()
self.cli_set(base_path + ['redistribute', 'ipv4', 'connected', 'level-2', 'route-map', route_map])
self.cli_set(base_path + ['route-map', route_map])
+ self.cli_set(base_path + ['level', 'level-2'])
# commit changes
self.cli_commit()
# Verify FRR configuration
zebra_route_map = f'ip protocol isis route-map {route_map}'
- frrconfig = self.getFRRconfig(zebra_route_map)
+ frrconfig = self.getFRRconfig(zebra_route_map, daemon='zebra')
self.assertIn(zebra_route_map, frrconfig)
+ tmp = self.getFRRconfig(f'router isis {domain}', daemon='isisd')
+ self.assertIn(' is-type level-2-only', tmp)
+
# Remove the route-map again
self.cli_delete(base_path + ['route-map'])
# commit changes
self.cli_commit()
# Verify FRR configuration
- frrconfig = self.getFRRconfig(zebra_route_map)
+ frrconfig = self.getFRRconfig(zebra_route_map, daemon='zebra')
self.assertNotIn(zebra_route_map, frrconfig)
self.cli_delete(['policy', 'route-map', route_map])
@@ -159,7 +167,7 @@ class TestProtocolsISIS(VyOSUnitTestSHIM.TestCase):
self.cli_commit()
# Verify all changes
- tmp = self.getFRRconfig(f'router isis {domain}')
+ tmp = self.getFRRconfig(f'router isis {domain}', daemon='isisd')
self.assertIn(f' net {net}', tmp)
for afi in ['ipv4', 'ipv6']:
@@ -172,6 +180,8 @@ class TestProtocolsISIS(VyOSUnitTestSHIM.TestCase):
password = 'foo'
self.isis_base_config()
+ for interface in self._interfaces:
+ self.cli_set(base_path + ['interface', interface, 'password', 'plaintext-password', f'{password}-{interface}'])
self.cli_set(base_path + ['area-password', 'plaintext-password', password])
self.cli_set(base_path + ['area-password', 'md5', password])
@@ -192,24 +202,28 @@ class TestProtocolsISIS(VyOSUnitTestSHIM.TestCase):
self.cli_commit()
# Verify all changes
- tmp = self.getFRRconfig(f'router isis {domain}')
+ tmp = self.getFRRconfig(f'router isis {domain}', daemon='isisd')
self.assertIn(f' net {net}', tmp)
self.assertIn(f' domain-password clear {password}', tmp)
self.assertIn(f' area-password clear {password}', tmp)
+ for interface in self._interfaces:
+ tmp = self.getFRRconfig(f'interface {interface}', daemon='isisd')
+ self.assertIn(f' isis password clear {password}-{interface}', tmp)
- def test_isis_06_spf_delay(self):
- self.isis_base_config()
-
+ def test_isis_06_spf_delay_bfd(self):
network = 'point-to-point'
holddown = '10'
init_delay = '50'
long_delay = '200'
short_delay = '100'
time_to_learn = '75'
+ bfd_profile = 'isis-bfd'
+ self.cli_set(base_path + ['net', net])
for interface in self._interfaces:
self.cli_set(base_path + ['interface', interface, 'network', network])
+ self.cli_set(base_path + ['interface', interface, 'bfd', 'profile', bfd_profile])
self.cli_set(base_path + ['spf-delay-ietf', 'holddown', holddown])
# verify() - All types of spf-delay must be configured
@@ -226,11 +240,6 @@ class TestProtocolsISIS(VyOSUnitTestSHIM.TestCase):
with self.assertRaises(ConfigSessionError):
self.cli_commit()
- self.cli_set(base_path + ['spf-delay-ietf', 'long-delay', long_delay])
- # verify() - All types of spf-delay must be configured
- with self.assertRaises(ConfigSessionError):
- self.cli_commit()
-
self.cli_set(base_path + ['spf-delay-ietf', 'short-delay', short_delay])
# verify() - All types of spf-delay must be configured
with self.assertRaises(ConfigSessionError):
@@ -241,15 +250,17 @@ class TestProtocolsISIS(VyOSUnitTestSHIM.TestCase):
self.cli_commit()
# Verify all changes
- tmp = self.getFRRconfig(f'router isis {domain}')
+ tmp = self.getFRRconfig(f'router isis {domain}', daemon='isisd')
self.assertIn(f' net {net}', tmp)
self.assertIn(f' spf-delay-ietf init-delay {init_delay} short-delay {short_delay} long-delay {long_delay} holddown {holddown} time-to-learn {time_to_learn}', tmp)
for interface in self._interfaces:
- tmp = self.getFRRconfig(f'interface {interface}')
+ tmp = self.getFRRconfig(f'interface {interface}', daemon='isisd')
self.assertIn(f' ip router isis {domain}', tmp)
self.assertIn(f' ipv6 router isis {domain}', tmp)
self.assertIn(f' isis network {network}', tmp)
+ self.assertIn(f' isis bfd', tmp)
+ self.assertIn(f' isis bfd profile {bfd_profile}', tmp)
if __name__ == '__main__':
unittest.main(verbosity=2)
diff --git a/smoketest/scripts/cli/test_protocols_mpls.py b/smoketest/scripts/cli/test_protocols_mpls.py
new file mode 100755
index 000000000..76e6ca35a
--- /dev/null
+++ b/smoketest/scripts/cli/test_protocols_mpls.py
@@ -0,0 +1,116 @@
+#!/usr/bin/env python3
+#
+# Copyright (C) 2021 VyOS maintainers and contributors
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 or later as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+import unittest
+
+from base_vyostest_shim import VyOSUnitTestSHIM
+from vyos.configsession import ConfigSessionError
+from vyos.ifconfig import Section
+from vyos.util import process_named_running
+
+PROCESS_NAME = 'ldpd'
+base_path = ['protocols', 'mpls', 'ldp']
+
+peers = {
+ '192.0.2.10' : {
+ 'intv_rx' : '500',
+ 'intv_tx' : '600',
+ 'multihop' : '',
+ 'source_addr': '192.0.2.254',
+ },
+ '192.0.2.20' : {
+ 'echo_mode' : '',
+ 'intv_echo' : '100',
+ 'intv_mult' : '100',
+ 'intv_rx' : '222',
+ 'intv_tx' : '333',
+ 'passive' : '',
+ 'shutdown' : '',
+ },
+ '2001:db8::a' : {
+ 'source_addr': '2001:db8::1',
+ },
+ '2001:db8::b' : {
+ 'source_addr': '2001:db8::1',
+ 'multihop' : '',
+ },
+}
+
+profiles = {
+ 'foo' : {
+ 'echo_mode' : '',
+ 'intv_echo' : '100',
+ 'intv_mult' : '101',
+ 'intv_rx' : '222',
+ 'intv_tx' : '333',
+ 'shutdown' : '',
+ },
+ 'bar' : {
+ 'intv_mult' : '102',
+ 'intv_rx' : '444',
+ 'passive' : '',
+ },
+}
+
+class TestProtocolsMPLS(VyOSUnitTestSHIM.TestCase):
+ @classmethod
+ def setUpClass(cls):
+ super(TestProtocolsMPLS, cls).setUpClass()
+
+ # ensure we can also run this test on a live system - so lets clean
+ # out the current configuration :)
+ cls.cli_delete(cls, base_path)
+
+ def tearDown(self):
+ self.cli_delete(base_path)
+ self.cli_commit()
+ # Check for running process
+ self.assertTrue(process_named_running(PROCESS_NAME))
+
+ def test_mpls_basic(self):
+ router_id = '1.2.3.4'
+ transport_ipv4_addr = '5.6.7.8'
+ interfaces = Section.interfaces('ethernet')
+
+ self.cli_set(base_path + ['router-id', router_id])
+
+ # At least one LDP interface must be configured
+ with self.assertRaises(ConfigSessionError):
+ self.cli_commit()
+ for interface in interfaces:
+ self.cli_set(base_path + ['interface', interface])
+
+ # LDP transport address missing
+ with self.assertRaises(ConfigSessionError):
+ self.cli_commit()
+ self.cli_set(base_path + ['discovery', 'transport-ipv4-address', transport_ipv4_addr])
+
+ # Commit changes
+ self.cli_commit()
+
+ # Validate configuration
+ frrconfig = self.getFRRconfig('mpls ldp', daemon=PROCESS_NAME)
+ self.assertIn(f'mpls ldp', frrconfig)
+ self.assertIn(f' router-id {router_id}', frrconfig)
+
+ # Validate AFI IPv4
+ afiv4_config = self.getFRRconfig(' address-family ipv4', daemon=PROCESS_NAME)
+ self.assertIn(f' discovery transport-address {transport_ipv4_addr}', afiv4_config)
+ for interface in interfaces:
+ self.assertIn(f' interface {interface}', afiv4_config)
+
+if __name__ == '__main__':
+ unittest.main(verbosity=2)
diff --git a/smoketest/scripts/cli/test_protocols_nhrp.py b/smoketest/scripts/cli/test_protocols_nhrp.py
index aa0ac268d..40b19fec7 100755
--- a/smoketest/scripts/cli/test_protocols_nhrp.py
+++ b/smoketest/scripts/cli/test_protocols_nhrp.py
@@ -18,6 +18,7 @@ import unittest
from base_vyostest_shim import VyOSUnitTestSHIM
+from vyos.firewall import find_nftables_rule
from vyos.util import call, process_named_running, read_file
tunnel_path = ['interfaces', 'tunnel']
@@ -91,6 +92,14 @@ class TestProtocolsNHRP(VyOSUnitTestSHIM.TestCase):
for line in opennhrp_lines:
self.assertIn(line, tmp_opennhrp_conf)
+ firewall_matches = [
+ 'ip protocol gre',
+ 'ip saddr 192.0.2.1',
+ 'ip daddr 224.0.0.0/4',
+ 'comment "VYOS_NHRP_tun100"'
+ ]
+
+ self.assertTrue(find_nftables_rule('ip filter', 'VYOS_FW_OUTPUT', firewall_matches) is not None)
self.assertTrue(process_named_running('opennhrp'))
if __name__ == '__main__':
diff --git a/smoketest/scripts/cli/test_protocols_ospf.py b/smoketest/scripts/cli/test_protocols_ospf.py
index 0529eefbd..e15ea478b 100755
--- a/smoketest/scripts/cli/test_protocols_ospf.py
+++ b/smoketest/scripts/cli/test_protocols_ospf.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python3
#
-# Copyright (C) 2021 VyOS maintainers and contributors
+# Copyright (C) 2021-2022 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
@@ -33,14 +33,25 @@ route_map = 'foo-bar-baz10'
log = logging.getLogger('TestProtocolsOSPF')
class TestProtocolsOSPF(VyOSUnitTestSHIM.TestCase):
- def setUp(self):
- self.cli_set(['policy', 'route-map', route_map, 'rule', '10', 'action', 'permit'])
- self.cli_set(['policy', 'route-map', route_map, 'rule', '20', 'action', 'permit'])
+ @classmethod
+ def setUpClass(cls):
+ super(TestProtocolsOSPF, cls).setUpClass()
+
+ cls.cli_set(cls, ['policy', 'route-map', route_map, 'rule', '10', 'action', 'permit'])
+ cls.cli_set(cls, ['policy', 'route-map', route_map, 'rule', '20', 'action', 'permit'])
+
+ # ensure we can also run this test on a live system - so lets clean
+ # out the current configuration :)
+ cls.cli_delete(cls, base_path)
+
+ @classmethod
+ def tearDownClass(cls):
+ cls.cli_delete(cls, ['policy', 'route-map', route_map])
+ super(TestProtocolsOSPF, cls).tearDownClass()
def tearDown(self):
# Check for running process
self.assertTrue(process_named_running(PROCESS_NAME))
- self.cli_delete(['policy', 'route-map', route_map])
self.cli_delete(base_path)
self.cli_commit()
@@ -189,31 +200,7 @@ class TestProtocolsOSPF(VyOSUnitTestSHIM.TestCase):
for neighbor in neighbors:
self.assertIn(f' neighbor {neighbor} priority {priority} poll-interval {poll_interval}', frrconfig) # default
-
- def test_ospf_07_passive_interface(self):
- self.cli_set(base_path + ['passive-interface', 'default'])
- interfaces = Section.interfaces('ethernet')
- for interface in interfaces:
- self.cli_set(base_path + ['passive-interface-exclude', interface])
-
- # commit changes
- self.cli_commit()
-
- # Verify FRR ospfd configuration
- frrconfig = self.getFRRconfig('router ospf')
- try:
- self.assertIn(f'router ospf', frrconfig)
- self.assertIn(f' passive-interface default', frrconfig) # default
- for interface in interfaces:
- self.assertIn(f' no passive-interface {interface}', frrconfig) # default
- except:
- log.debug(frrconfig)
- log.debug(cmd('sudo dmesg'))
- log.debug(cmd('sudo cat /var/log/messages'))
- log.debug(cmd('vtysh -c "show run"'))
- self.fail('Now we can hopefully see why OSPF fails!')
-
- def test_ospf_08_redistribute(self):
+ def test_ospf_07_redistribute(self):
metric = '15'
metric_type = '1'
redistribute = ['bgp', 'connected', 'isis', 'kernel', 'rip', 'static']
@@ -223,9 +210,15 @@ class TestProtocolsOSPF(VyOSUnitTestSHIM.TestCase):
self.cli_set(base_path + ['redistribute', protocol, 'route-map', route_map])
self.cli_set(base_path + ['redistribute', protocol, 'metric-type', metric_type])
+ # enable FRR debugging to find the root cause of failing testcases
+ cmd('touch /tmp/vyos.frr.debug')
+
# commit changes
self.cli_commit()
+ # disable FRR debugging
+ cmd('rm -f /tmp/vyos.frr.debug')
+
# Verify FRR ospfd configuration
frrconfig = self.getFRRconfig('router ospf')
try:
@@ -234,11 +227,10 @@ class TestProtocolsOSPF(VyOSUnitTestSHIM.TestCase):
self.assertIn(f' redistribute {protocol} metric {metric} metric-type {metric_type} route-map {route_map}', frrconfig)
except:
log.debug(frrconfig)
- log.debug(cmd('sudo cat /var/log/messages'))
- log.debug(cmd('vtysh -c "show run"'))
+ log.debug(cmd('sudo cat /tmp/vyos-configd-script-stdout'))
self.fail('Now we can hopefully see why OSPF fails!')
- def test_ospf_09_virtual_link(self):
+ def test_ospf_08_virtual_link(self):
networks = ['10.0.0.0/8', '172.16.0.0/12', '192.168.0.0/16']
area = '10'
shortcut = 'enable'
@@ -268,22 +260,26 @@ class TestProtocolsOSPF(VyOSUnitTestSHIM.TestCase):
self.assertIn(f' network {network} area {area}', frrconfig)
- def test_ospf_10_interface_configuration(self):
+ def test_ospf_09_interface_configuration(self):
interfaces = Section.interfaces('ethernet')
password = 'vyos1234'
bandwidth = '10000'
cost = '150'
network = 'point-to-point'
priority = '200'
+ bfd_profile = 'vyos-test'
+ self.cli_set(base_path + ['passive-interface', 'default'])
for interface in interfaces:
- self.cli_set(base_path + ['interface', interface, 'authentication', 'plaintext-password', password])
- self.cli_set(base_path + ['interface', interface, 'bandwidth', bandwidth])
- self.cli_set(base_path + ['interface', interface, 'bfd'])
- self.cli_set(base_path + ['interface', interface, 'cost', cost])
- self.cli_set(base_path + ['interface', interface, 'mtu-ignore'])
- self.cli_set(base_path + ['interface', interface, 'network', network])
- self.cli_set(base_path + ['interface', interface, 'priority', priority])
+ base_interface = base_path + ['interface', interface]
+ self.cli_set(base_interface + ['authentication', 'plaintext-password', password])
+ self.cli_set(base_interface + ['bandwidth', bandwidth])
+ self.cli_set(base_interface + ['bfd', 'profile', bfd_profile])
+ self.cli_set(base_interface + ['cost', cost])
+ self.cli_set(base_interface + ['mtu-ignore'])
+ self.cli_set(base_interface + ['network', network])
+ self.cli_set(base_interface + ['priority', priority])
+ self.cli_set(base_interface + ['passive', 'disable'])
# commit changes
self.cli_commit()
@@ -293,45 +289,15 @@ class TestProtocolsOSPF(VyOSUnitTestSHIM.TestCase):
self.assertIn(f'interface {interface}', config)
self.assertIn(f' ip ospf authentication-key {password}', config)
self.assertIn(f' ip ospf bfd', config)
+ self.assertIn(f' ip ospf bfd profile {bfd_profile}', config)
self.assertIn(f' ip ospf cost {cost}', config)
self.assertIn(f' ip ospf mtu-ignore', config)
self.assertIn(f' ip ospf network {network}', config)
self.assertIn(f' ip ospf priority {priority}', config)
+ self.assertIn(f' no ip ospf passive', config)
self.assertIn(f' bandwidth {bandwidth}', config)
-
- def test_ospf_11_vrfs(self):
- # It is safe to assume that when the basic VRF test works, all
- # other OSPF related features work, as we entirely inherit the CLI
- # templates and Jinja2 FRR template.
- table = '1000'
- vrf = 'blue'
- vrf_base = ['vrf', 'name', vrf]
- vrf_iface = 'eth1'
- self.cli_set(vrf_base + ['table', table])
- self.cli_set(vrf_base + ['protocols', 'ospf', 'interface', vrf_iface])
- self.cli_set(['interfaces', 'ethernet', vrf_iface, 'vrf', vrf])
-
- # Also set a default VRF OSPF config
- self.cli_set(base_path)
- self.cli_commit()
-
- # Verify FRR ospfd configuration
- frrconfig = self.getFRRconfig('router ospf')
- self.assertIn(f'router ospf', frrconfig)
- self.assertIn(f' auto-cost reference-bandwidth 100', frrconfig)
- self.assertIn(f' timers throttle spf 200 1000 10000', frrconfig) # defaults
-
- frrconfig = self.getFRRconfig(f'router ospf vrf {vrf}')
- self.assertIn(f'router ospf vrf {vrf}', frrconfig)
- self.assertIn(f' auto-cost reference-bandwidth 100', frrconfig)
- self.assertIn(f' timers throttle spf 200 1000 10000', frrconfig) # defaults
-
- self.cli_delete(['vrf', 'name', vrf])
- self.cli_delete(['interfaces', 'ethernet', vrf_iface, 'vrf'])
-
-
- def test_ospf_12_zebra_route_map(self):
+ def test_ospf_10_zebra_route_map(self):
# Implemented because of T3328
self.cli_set(base_path + ['route-map', route_map])
# commit changes
@@ -351,7 +317,7 @@ class TestProtocolsOSPF(VyOSUnitTestSHIM.TestCase):
frrconfig = self.getFRRconfig(zebra_route_map)
self.assertNotIn(zebra_route_map, frrconfig)
- def test_ospf_13_interface_area(self):
+ def test_ospf_11_interface_area(self):
area = '0'
interfaces = Section.interfaces('ethernet')
@@ -375,6 +341,61 @@ class TestProtocolsOSPF(VyOSUnitTestSHIM.TestCase):
self.assertIn(f'interface {interface}', config)
self.assertIn(f' ip ospf area {area}', config)
+ def test_ospf_12_vrfs(self):
+ # It is safe to assume that when the basic VRF test works, all
+ # other OSPF related features work, as we entirely inherit the CLI
+ # templates and Jinja2 FRR template.
+ table = '1000'
+ vrf = 'blue'
+ vrf_base = ['vrf', 'name', vrf]
+ vrf_iface = 'eth1'
+ self.cli_set(vrf_base + ['table', table])
+ self.cli_set(vrf_base + ['protocols', 'ospf', 'interface', vrf_iface])
+ self.cli_set(['interfaces', 'ethernet', vrf_iface, 'vrf', vrf])
+
+ # Also set a default VRF OSPF config
+ self.cli_set(base_path)
+ self.cli_commit()
+
+ # Verify FRR ospfd configuration
+ frrconfig = self.getFRRconfig('router ospf')
+ self.assertIn(f'router ospf', frrconfig)
+ self.assertIn(f' auto-cost reference-bandwidth 100', frrconfig)
+ self.assertIn(f' timers throttle spf 200 1000 10000', frrconfig) # defaults
+
+ frrconfig = self.getFRRconfig(f'router ospf vrf {vrf}')
+ self.assertIn(f'router ospf vrf {vrf}', frrconfig)
+ self.assertIn(f' auto-cost reference-bandwidth 100', frrconfig)
+ self.assertIn(f' timers throttle spf 200 1000 10000', frrconfig) # defaults
+
+ # cleanup
+ self.cli_delete(['vrf', 'name', vrf])
+ self.cli_delete(['interfaces', 'ethernet', vrf_iface, 'vrf'])
+
+ def test_ospf_13_export_list(self):
+ # Verify explort-list works on ospf-area
+ acl = '100'
+ seq = '10'
+ area = '0.0.0.10'
+ network = '10.0.0.0/8'
+
+
+ self.cli_set(['policy', 'access-list', acl, 'rule', seq, 'action', 'permit'])
+ self.cli_set(['policy', 'access-list', acl, 'rule', seq, 'source', 'any'])
+ self.cli_set(['policy', 'access-list', acl, 'rule', seq, 'destination', 'any'])
+ self.cli_set(base_path + ['area', area, 'network', network])
+ self.cli_set(base_path + ['area', area, 'export-list', acl])
+
+ # commit changes
+ self.cli_commit()
+
+ # Verify FRR ospfd configuration
+ frrconfig = self.getFRRconfig('router ospf')
+ self.assertIn(f'router ospf', frrconfig)
+ self.assertIn(f' timers throttle spf 200 1000 10000', frrconfig) # default
+ self.assertIn(f' network {network} area {area}', frrconfig)
+ self.assertIn(f' area {area} export-list {acl}', frrconfig)
+
if __name__ == '__main__':
logging.basicConfig(stream=sys.stderr, level=logging.DEBUG)
unittest.main(verbosity=2)
diff --git a/smoketest/scripts/cli/test_protocols_ospfv3.py b/smoketest/scripts/cli/test_protocols_ospfv3.py
index c0673629e..fa80ad555 100755
--- a/smoketest/scripts/cli/test_protocols_ospfv3.py
+++ b/smoketest/scripts/cli/test_protocols_ospfv3.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python3
#
-# Copyright (C) 2021 VyOS maintainers and contributors
+# Copyright (C) 2021-2022 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
@@ -18,16 +18,35 @@ import unittest
from base_vyostest_shim import VyOSUnitTestSHIM
+from vyos.configsession import ConfigSessionError
from vyos.ifconfig import Section
from vyos.util import process_named_running
PROCESS_NAME = 'ospf6d'
base_path = ['protocols', 'ospfv3']
+route_map = 'foo-bar-baz-0815'
+
router_id = '192.0.2.1'
default_area = '0'
class TestProtocolsOSPFv3(VyOSUnitTestSHIM.TestCase):
+ @classmethod
+ def setUpClass(cls):
+ super(TestProtocolsOSPFv3, cls).setUpClass()
+
+ cls.cli_set(cls, ['policy', 'route-map', route_map, 'rule', '10', 'action', 'permit'])
+ cls.cli_set(cls, ['policy', 'route-map', route_map, 'rule', '20', 'action', 'permit'])
+
+ # ensure we can also run this test on a live system - so lets clean
+ # out the current configuration :)
+ cls.cli_delete(cls, base_path)
+
+ @classmethod
+ def tearDownClass(cls):
+ cls.cli_delete(cls, ['policy', 'route-map', route_map])
+ super(TestProtocolsOSPFv3, cls).tearDownClass()
+
def tearDown(self):
# Check for running process
self.assertTrue(process_named_running(PROCESS_NAME))
@@ -49,13 +68,13 @@ class TestProtocolsOSPFv3(VyOSUnitTestSHIM.TestCase):
interfaces = Section.interfaces('ethernet')
for interface in interfaces:
- self.cli_set(base_path + ['area', default_area, 'interface', interface])
+ self.cli_set(base_path + ['interface', interface, 'area', default_area])
# commit changes
self.cli_commit()
# Verify FRR ospfd configuration
- frrconfig = self.getFRRconfig('router ospf6')
+ frrconfig = self.getFRRconfig('router ospf6', daemon='ospf6d')
self.assertIn(f'router ospf6', frrconfig)
self.assertIn(f' area {default_area} range {prefix}', frrconfig)
self.assertIn(f' ospf6 router-id {router_id}', frrconfig)
@@ -63,7 +82,8 @@ class TestProtocolsOSPFv3(VyOSUnitTestSHIM.TestCase):
self.assertIn(f' area {default_area} export-list {acl_name}', frrconfig)
for interface in interfaces:
- self.assertIn(f' interface {interface} area {default_area}', frrconfig)
+ if_config = self.getFRRconfig(f'interface {interface}', daemon='ospf6d')
+ self.assertIn(f'ipv6 ospf6 area {default_area}', if_config)
self.cli_delete(['policy', 'access-list6', acl_name])
@@ -83,7 +103,7 @@ class TestProtocolsOSPFv3(VyOSUnitTestSHIM.TestCase):
self.cli_commit()
# Verify FRR ospfd configuration
- frrconfig = self.getFRRconfig('router ospf6')
+ frrconfig = self.getFRRconfig('router ospf6', daemon='ospf6d')
self.assertIn(f'router ospf6', frrconfig)
self.assertIn(f' distance {dist_global}', frrconfig)
self.assertIn(f' distance ospf6 intra-area {dist_intra_area} inter-area {dist_inter_area} external {dist_external}', frrconfig)
@@ -103,12 +123,14 @@ class TestProtocolsOSPFv3(VyOSUnitTestSHIM.TestCase):
self.cli_commit()
# Verify FRR ospfd configuration
- frrconfig = self.getFRRconfig('router ospf6')
+ frrconfig = self.getFRRconfig('router ospf6', daemon='ospf6d')
self.assertIn(f'router ospf6', frrconfig)
for protocol in redistribute:
self.assertIn(f' redistribute {protocol} route-map {route_map}', frrconfig)
+
def test_ospfv3_04_interfaces(self):
+ bfd_profile = 'vyos-ipv6'
self.cli_set(base_path + ['parameters', 'router-id', router_id])
self.cli_set(base_path + ['area', default_area])
@@ -118,7 +140,7 @@ class TestProtocolsOSPFv3(VyOSUnitTestSHIM.TestCase):
interfaces = Section.interfaces('ethernet')
for interface in interfaces:
if_base = base_path + ['interface', interface]
- self.cli_set(if_base + ['bfd'])
+ self.cli_set(if_base + ['bfd', 'profile', bfd_profile])
self.cli_set(if_base + ['cost', cost])
self.cli_set(if_base + ['instance-id', '0'])
self.cli_set(if_base + ['mtu-ignore'])
@@ -132,15 +154,16 @@ class TestProtocolsOSPFv3(VyOSUnitTestSHIM.TestCase):
self.cli_commit()
# Verify FRR ospfd configuration
- frrconfig = self.getFRRconfig('router ospf6')
+ frrconfig = self.getFRRconfig('router ospf6', daemon='ospf6d')
self.assertIn(f'router ospf6', frrconfig)
cost = '100'
priority = '10'
for interface in interfaces:
- if_config = self.getFRRconfig(f'interface {interface}')
+ if_config = self.getFRRconfig(f'interface {interface}', daemon='ospf6d')
self.assertIn(f'interface {interface}', if_config)
self.assertIn(f' ipv6 ospf6 bfd', if_config)
+ self.assertIn(f' ipv6 ospf6 bfd profile {bfd_profile}', if_config)
self.assertIn(f' ipv6 ospf6 cost {cost}', if_config)
self.assertIn(f' ipv6 ospf6 mtu-ignore', if_config)
self.assertIn(f' ipv6 ospf6 network point-to-point', if_config)
@@ -161,10 +184,102 @@ class TestProtocolsOSPFv3(VyOSUnitTestSHIM.TestCase):
self.cli_commit()
# Verify FRR ospfd configuration
- frrconfig = self.getFRRconfig('router ospf6')
+ frrconfig = self.getFRRconfig('router ospf6', daemon='ospf6d')
self.assertIn(f'router ospf6', frrconfig)
self.assertIn(f' area {area_stub} stub', frrconfig)
self.assertIn(f' area {area_stub_nosum} stub no-summary', frrconfig)
+
+ def test_ospfv3_06_area_nssa(self):
+ area_nssa = '1.1.1.1'
+ area_nssa_nosum = '2.2.2.2'
+ area_nssa_default = '3.3.3.3'
+
+ self.cli_set(base_path + ['area', area_nssa, 'area-type', 'nssa'])
+ self.cli_set(base_path + ['area', area_nssa, 'area-type', 'stub'])
+ # can only set one area-type per OSPFv3 area
+ with self.assertRaises(ConfigSessionError):
+ self.cli_commit()
+ self.cli_delete(base_path + ['area', area_nssa, 'area-type', 'stub'])
+
+ self.cli_set(base_path + ['area', area_nssa_nosum, 'area-type', 'nssa', 'no-summary'])
+ self.cli_set(base_path + ['area', area_nssa_nosum, 'area-type', 'nssa', 'default-information-originate'])
+ self.cli_set(base_path + ['area', area_nssa_default, 'area-type', 'nssa', 'default-information-originate'])
+
+ # commit changes
+ self.cli_commit()
+
+ # Verify FRR ospfd configuration
+ frrconfig = self.getFRRconfig('router ospf6', daemon='ospf6d')
+ self.assertIn(f'router ospf6', frrconfig)
+ self.assertIn(f' area {area_nssa} nssa', frrconfig)
+ self.assertIn(f' area {area_nssa_nosum} nssa default-information-originate no-summary', frrconfig)
+ self.assertIn(f' area {area_nssa_default} nssa default-information-originate', frrconfig)
+
+
+ def test_ospfv3_07_default_originate(self):
+ seq = '100'
+ metric = '50'
+ metric_type = '1'
+
+ self.cli_set(base_path + ['default-information', 'originate', 'metric', metric])
+ self.cli_set(base_path + ['default-information', 'originate', 'metric-type', metric_type])
+ self.cli_set(base_path + ['default-information', 'originate', 'route-map', route_map])
+
+ # commit changes
+ self.cli_commit()
+
+ # Verify FRR ospfd configuration
+ frrconfig = self.getFRRconfig('router ospf6', daemon='ospf6d')
+ self.assertIn(f'router ospf6', frrconfig)
+ self.assertIn(f' default-information originate metric {metric} metric-type {metric_type} route-map {route_map}', frrconfig)
+
+ # Now set 'always'
+ self.cli_set(base_path + ['default-information', 'originate', 'always'])
+ self.cli_commit()
+
+ # Verify FRR ospfd configuration
+ frrconfig = self.getFRRconfig('router ospf6', daemon='ospf6d')
+ self.assertIn(f' default-information originate always metric {metric} metric-type {metric_type} route-map {route_map}', frrconfig)
+
+
+ def test_ospfv3_08_vrfs(self):
+ # It is safe to assume that when the basic VRF test works, all
+ # other OSPF related features work, as we entirely inherit the CLI
+ # templates and Jinja2 FRR template.
+ table = '1000'
+ vrf = 'blue'
+ vrf_base = ['vrf', 'name', vrf]
+ vrf_iface = 'eth1'
+ router_id = '1.2.3.4'
+ router_id_vrf = '1.2.3.5'
+
+ self.cli_set(vrf_base + ['table', table])
+ self.cli_set(vrf_base + ['protocols', 'ospfv3', 'interface', vrf_iface, 'bfd'])
+ self.cli_set(vrf_base + ['protocols', 'ospfv3', 'parameters', 'router-id', router_id_vrf])
+
+ self.cli_set(['interfaces', 'ethernet', vrf_iface, 'vrf', vrf])
+
+ # Also set a default VRF OSPF config
+ self.cli_set(base_path + ['parameters', 'router-id', router_id])
+ self.cli_commit()
+
+ # Verify FRR ospfd configuration
+ frrconfig = self.getFRRconfig('router ospf6', daemon='ospf6d')
+ self.assertIn(f'router ospf6', frrconfig)
+ self.assertIn(f' ospf6 router-id {router_id}', frrconfig)
+
+ frrconfig = self.getFRRconfig(f'interface {vrf_iface}', daemon='ospf6d')
+ self.assertIn(f'interface {vrf_iface}', frrconfig)
+ self.assertIn(f' ipv6 ospf6 bfd', frrconfig)
+
+ frrconfig = self.getFRRconfig(f'router ospf6 vrf {vrf}', daemon='ospf6d')
+ self.assertIn(f'router ospf6 vrf {vrf}', frrconfig)
+ self.assertIn(f' ospf6 router-id {router_id_vrf}', frrconfig)
+
+ # cleanup
+ self.cli_delete(['vrf', 'name', vrf])
+ self.cli_delete(['interfaces', 'ethernet', vrf_iface, 'vrf'])
+
if __name__ == '__main__':
unittest.main(verbosity=2)
diff --git a/smoketest/scripts/cli/test_protocols_ripng.py b/smoketest/scripts/cli/test_protocols_ripng.py
index 40585e778..53336a533 100755
--- a/smoketest/scripts/cli/test_protocols_ripng.py
+++ b/smoketest/scripts/cli/test_protocols_ripng.py
@@ -54,7 +54,7 @@ class TestProtocolsRIPng(VyOSUnitTestSHIM.TestCase):
# Check for running process
self.assertTrue(process_named_running(PROCESS_NAME))
- def test_ripng(self):
+ def test_ripng_01_parameters(self):
metric = '8'
interfaces = Section.interfaces('ethernet')
aggregates = ['2001:db8:1000::/48', '2001:db8:2000::/48', '2001:db8:3000::/48']
@@ -121,5 +121,25 @@ class TestProtocolsRIPng(VyOSUnitTestSHIM.TestCase):
proto = 'ospf6'
self.assertIn(f' redistribute {proto} metric {metric} route-map {route_map}', frrconfig)
+ def test_ripng_02_zebra_route_map(self):
+ # Implemented because of T3328
+ self.cli_set(base_path + ['route-map', route_map])
+ # commit changes
+ self.cli_commit()
+
+ # Verify FRR configuration
+ zebra_route_map = f'ipv6 protocol ripng route-map {route_map}'
+ frrconfig = self.getFRRconfig(zebra_route_map)
+ self.assertIn(zebra_route_map, frrconfig)
+
+ # Remove the route-map again
+ self.cli_delete(base_path + ['route-map'])
+ # commit changes
+ self.cli_commit()
+
+ # Verify FRR configuration
+ frrconfig = self.getFRRconfig(zebra_route_map)
+ self.assertNotIn(zebra_route_map, frrconfig)
+
if __name__ == '__main__':
unittest.main(verbosity=2)
diff --git a/smoketest/scripts/cli/test_protocols_rpki.py b/smoketest/scripts/cli/test_protocols_rpki.py
index d9792ce8d..e5e45565b 100755
--- a/smoketest/scripts/cli/test_protocols_rpki.py
+++ b/smoketest/scripts/cli/test_protocols_rpki.py
@@ -36,8 +36,6 @@ class TestProtocolsRPKI(VyOSUnitTestSHIM.TestCase):
self.cli_commit()
# Nothing RPKI specific should be left over in the config
- #
- # Disabled until T3266 is resolved
# frrconfig = self.getFRRconfig('rpki')
# self.assertNotIn('rpki', frrconfig)
diff --git a/smoketest/scripts/cli/test_protocols_static.py b/smoketest/scripts/cli/test_protocols_static.py
index 4c4eb5a7c..19efe7786 100755
--- a/smoketest/scripts/cli/test_protocols_static.py
+++ b/smoketest/scripts/cli/test_protocols_static.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python3
#
-# Copyright (C) 2021 VyOS maintainers and contributors
+# Copyright (C) 2021-2022 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
@@ -52,9 +52,16 @@ routes = {
},
'blackhole' : { 'distance' : '90' },
},
- '100.64.0.0/10' : {
+ '100.64.0.0/16' : {
'blackhole' : { },
},
+ '100.65.0.0/16' : {
+ 'reject' : { 'distance' : '10', 'tag' : '200' },
+ },
+ '100.66.0.0/16' : {
+ 'blackhole' : { },
+ 'reject' : { 'distance' : '10', 'tag' : '200' },
+ },
'2001:db8:100::/40' : {
'next_hop' : {
'2001:db8::1' : { 'distance' : '10' },
@@ -74,6 +81,9 @@ routes = {
},
'blackhole' : { 'distance' : '250', 'tag' : '500' },
},
+ '2001:db8:300::/40' : {
+ 'reject' : { 'distance' : '250', 'tag' : '500' },
+ },
'2001:db8::/32' : {
'blackhole' : { 'distance' : '200', 'tag' : '600' },
},
@@ -82,9 +92,15 @@ routes = {
tables = ['80', '81', '82']
class TestProtocolsStatic(VyOSUnitTestSHIM.TestCase):
- def setUp(self):
- # This is our "target" VRF when leaking routes:
- self.cli_set(['vrf', 'name', 'black', 'table', '43210'])
+ @classmethod
+ def setUpClass(cls):
+ super(TestProtocolsStatic, cls).setUpClass()
+ cls.cli_set(cls, ['vrf', 'name', 'black', 'table', '43210'])
+
+ @classmethod
+ def tearDownClass(cls):
+ cls.cli_delete(cls, ['vrf'])
+ super(TestProtocolsStatic, cls).tearDownClass()
def tearDown(self):
for route, route_config in routes.items():
@@ -135,6 +151,20 @@ class TestProtocolsStatic(VyOSUnitTestSHIM.TestCase):
if 'tag' in route_config['blackhole']:
self.cli_set(base + ['blackhole', 'tag', route_config['blackhole']['tag']])
+ if 'reject' in route_config:
+ self.cli_set(base + ['reject'])
+ if 'distance' in route_config['reject']:
+ self.cli_set(base + ['reject', 'distance', route_config['reject']['distance']])
+ if 'tag' in route_config['reject']:
+ self.cli_set(base + ['reject', 'tag', route_config['reject']['tag']])
+
+ if {'blackhole', 'reject'} <= set(route_config):
+ # Can not use blackhole and reject at the same time
+ with self.assertRaises(ConfigSessionError):
+ self.cli_commit()
+ self.cli_delete(base + ['blackhole'])
+ self.cli_delete(base + ['reject'])
+
# commit changes
self.cli_commit()
@@ -177,6 +207,11 @@ class TestProtocolsStatic(VyOSUnitTestSHIM.TestCase):
else:
self.assertIn(tmp, frrconfig)
+ if {'blackhole', 'reject'} <= set(route_config):
+ # Can not use blackhole and reject at the same time
+ # Config error validated above - skip this route
+ continue
+
if 'blackhole' in route_config:
tmp = f'{ip_ipv6} route {route} blackhole'
if 'tag' in route_config['blackhole']:
@@ -186,6 +221,15 @@ class TestProtocolsStatic(VyOSUnitTestSHIM.TestCase):
self.assertIn(tmp, frrconfig)
+ if 'reject' in route_config:
+ tmp = f'{ip_ipv6} route {route} reject'
+ if 'tag' in route_config['reject']:
+ tmp += ' tag ' + route_config['reject']['tag']
+ if 'distance' in route_config['reject']:
+ tmp += ' ' + route_config['reject']['distance']
+
+ self.assertIn(tmp, frrconfig)
+
def test_02_static_table(self):
for table in tables:
for route, route_config in routes.items():
@@ -389,11 +433,8 @@ class TestProtocolsStatic(VyOSUnitTestSHIM.TestCase):
self.assertIn(tmp, frrconfig)
- self.cli_delete(['vrf'])
-
def test_04_static_zebra_route_map(self):
# Implemented because of T3328
- self.debug = True
route_map = 'foo-static-in'
self.cli_set(['policy', 'route-map', route_map, 'rule', '10', 'action', 'permit'])
diff --git a/smoketest/scripts/cli/test_protocols_static_arp.py b/smoketest/scripts/cli/test_protocols_static_arp.py
new file mode 100755
index 000000000..b61d8f854
--- /dev/null
+++ b/smoketest/scripts/cli/test_protocols_static_arp.py
@@ -0,0 +1,88 @@
+#!/usr/bin/env python3
+#
+# Copyright (C) 2022 VyOS maintainers and contributors
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 or later as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+import json
+import unittest
+
+from base_vyostest_shim import VyOSUnitTestSHIM
+
+from vyos.util import cmd
+
+base_path = ['protocols', 'static', 'arp']
+interface = 'eth0'
+address = '192.0.2.1/24'
+
+class TestARP(VyOSUnitTestSHIM.TestCase):
+ @classmethod
+ def setUpClass(cls):
+ super(TestARP, cls).setUpClass()
+
+ # ensure we can also run this test on a live system - so lets clean
+ # out the current configuration :)
+ cls.cli_delete(cls, base_path)
+
+ # we need a L2 interface with a L3 address to properly configure ARP entries
+ cls.cli_set(cls, ['interfaces', 'ethernet', interface, 'address', address])
+
+ @classmethod
+ def tearDownClass(cls):
+ # cleanuop L2 interface
+ cls.cli_delete(cls, ['interfaces', 'ethernet', interface, 'address', address])
+ cls.cli_commit(cls)
+
+ super(TestARP, cls).tearDownClass()
+
+ def tearDown(self):
+ # delete test config
+ self.cli_delete(base_path)
+ self.cli_commit()
+
+ def test_static_arp(self):
+ test_data = {
+ '192.0.2.10' : { 'mac' : '00:01:02:03:04:0a' },
+ '192.0.2.11' : { 'mac' : '00:01:02:03:04:0b' },
+ '192.0.2.12' : { 'mac' : '00:01:02:03:04:0c' },
+ '192.0.2.13' : { 'mac' : '00:01:02:03:04:0d' },
+ '192.0.2.14' : { 'mac' : '00:01:02:03:04:0e' },
+ '192.0.2.15' : { 'mac' : '00:01:02:03:04:0f' },
+ }
+
+ for host, host_config in test_data.items():
+ self.cli_set(base_path + ['interface', interface, 'address', host, 'mac', host_config['mac']])
+
+ self.cli_commit()
+
+ arp_table = json.loads(cmd('ip -j -4 neigh show'))
+ for host, host_config in test_data.items():
+ # As we search within a list of hosts we need to mark if it was
+ # found or not. This ensures all hosts from test_data are processed
+ found = False
+ for entry in arp_table:
+ # Other ARP entry - not related to this testcase
+ if entry['dst'] not in list(test_data):
+ continue
+
+ if entry['dst'] == host:
+ self.assertEqual(entry['lladdr'], host_config['mac'])
+ self.assertEqual(entry['dev'], interface)
+ found = True
+
+ if found == False:
+ print(entry)
+ self.assertTrue(found)
+
+if __name__ == '__main__':
+ unittest.main(verbosity=2)
diff --git a/smoketest/scripts/cli/test_service_dhcp-server.py b/smoketest/scripts/cli/test_service_dhcp-server.py
index 14666db15..9c9d6d9f1 100755
--- a/smoketest/scripts/cli/test_service_dhcp-server.py
+++ b/smoketest/scripts/cli/test_service_dhcp-server.py
@@ -38,7 +38,7 @@ domain_name = 'vyos.net'
class TestServiceDHCPServer(VyOSUnitTestSHIM.TestCase):
@classmethod
def setUpClass(cls):
- super(cls, cls).setUpClass()
+ super(TestServiceDHCPServer, cls).setUpClass()
cidr_mask = subnet.split('/')[-1]
cls.cli_set(cls, ['interfaces', 'dummy', 'dum8765', 'address', f'{router}/{cidr_mask}'])
@@ -46,7 +46,7 @@ class TestServiceDHCPServer(VyOSUnitTestSHIM.TestCase):
@classmethod
def tearDownClass(cls):
cls.cli_delete(cls, ['interfaces', 'dummy', 'dum8765'])
- super(cls, cls).tearDownClass()
+ super(TestServiceDHCPServer, cls).tearDownClass()
def tearDown(self):
self.cli_delete(base_path)
@@ -461,12 +461,11 @@ class TestServiceDHCPServer(VyOSUnitTestSHIM.TestCase):
self.assertIn(f'mclt 1800;', config)
self.assertIn(f'mclt 1800;', config)
self.assertIn(f'split 128;', config)
- self.assertIn(f'port 520;', config)
- self.assertIn(f'peer port 520;', config)
+ self.assertIn(f'port 647;', config)
+ self.assertIn(f'peer port 647;', config)
self.assertIn(f'max-response-delay 30;', config)
self.assertIn(f'max-unacked-updates 10;', config)
self.assertIn(f'load balance max seconds 3;', config)
- self.assertIn(f'peer port 520;', config)
self.assertIn(f'address {failover_local};', config)
self.assertIn(f'peer address {failover_remote};', config)
diff --git a/smoketest/scripts/cli/test_service_dhcpv6-server.py b/smoketest/scripts/cli/test_service_dhcpv6-server.py
index 7177f1505..f83453323 100755
--- a/smoketest/scripts/cli/test_service_dhcpv6-server.py
+++ b/smoketest/scripts/cli/test_service_dhcpv6-server.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python3
#
-# Copyright (C) 2020 VyOS maintainers and contributors
+# Copyright (C) 2020-2022 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
@@ -32,16 +32,24 @@ dns_1 = '2001:db8::1'
dns_2 = '2001:db8::2'
domain = 'vyos.net'
nis_servers = ['2001:db8:ffff::1', '2001:db8:ffff::2']
-interface = 'eth1'
+interface = 'eth0'
interface_addr = inc_ip(subnet, 1) + '/64'
-class TestServiceDHCPServer(VyOSUnitTestSHIM.TestCase):
- def setUp(self):
- self.cli_set(['interfaces', 'ethernet', interface, 'address', interface_addr])
+class TestServiceDHCPv6Server(VyOSUnitTestSHIM.TestCase):
+ @classmethod
+ def setUpClass(cls):
+ super(TestServiceDHCPv6Server, cls).setUpClass()
+ cls.cli_set(cls, ['interfaces', 'ethernet', interface, 'address', interface_addr])
+
+ @classmethod
+ def tearDownClass(cls):
+ cls.cli_delete(cls, ['interfaces', 'ethernet', interface, 'address', interface_addr])
+ cls.cli_commit(cls)
+
+ super(TestServiceDHCPv6Server, cls).tearDownClass()
def tearDown(self):
self.cli_delete(base_path)
- self.cli_delete(['interfaces', 'ethernet', interface, 'address', interface_addr])
self.cli_commit()
def test_single_pool(self):
diff --git a/smoketest/scripts/cli/test_service_https.py b/smoketest/scripts/cli/test_service_https.py
index 8e69efd9c..71fb3e177 100755
--- a/smoketest/scripts/cli/test_service_https.py
+++ b/smoketest/scripts/cli/test_service_https.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python3
#
-# Copyright (C) 2019-2020 VyOS maintainers and contributors
+# Copyright (C) 2019-2022 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
@@ -16,14 +16,37 @@
import unittest
+from requests import request
+from urllib3.exceptions import InsecureRequestWarning
+
from base_vyostest_shim import VyOSUnitTestSHIM
+from base_vyostest_shim import ignore_warning
+from vyos.util import read_file
from vyos.util import run
base_path = ['service', 'https']
-
pki_base = ['pki']
-cert_data = 'MIICFDCCAbugAwIBAgIUfMbIsB/ozMXijYgUYG80T1ry+mcwCgYIKoZIzj0EAwIwWTELMAkGA1UEBhMCR0IxEzARBgNVBAgMClNvbWUtU3RhdGUxEjAQBgNVBAcMCVNvbWUtQ2l0eTENMAsGA1UECgwEVnlPUzESMBAGA1UEAwwJVnlPUyBUZXN0MB4XDTIxMDcyMDEyNDUxMloXDTI2MDcxOTEyNDUxMlowWTELMAkGA1UEBhMCR0IxEzARBgNVBAgMClNvbWUtU3RhdGUxEjAQBgNVBAcMCVNvbWUtQ2l0eTENMAsGA1UECgwEVnlPUzESMBAGA1UEAwwJVnlPUyBUZXN0MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE01HrLcNttqq4/PtoMua8rMWEkOdBu7vP94xzDO7A8C92ls1v86eePy4QllKCzIw3QxBIoCuH2peGRfWgPRdFsKNhMF8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMB0GA1UdDgQWBBSu+JnU5ZC4mkuEpqg2+Mk4K79oeDAKBggqhkjOPQQDAgNHADBEAiBEFdzQ/Bc3LftzngrY605UhA6UprHhAogKgROv7iR4QgIgEFUxTtW3xXJcnUPWhhUFhyZoqfn8dE93+dm/LDnp7C0='
-key_data = 'MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgPLpD0Ohhoq0g4nhx2KMIuze7ucKUt/lBEB2wc03IxXyhRANCAATTUestw222qrj8+2gy5rysxYSQ50G7u8/3jHMM7sDwL3aWzW/zp54/LhCWUoLMjDdDEEigK4fal4ZF9aA9F0Ww'
+
+cert_data = """
+MIICFDCCAbugAwIBAgIUfMbIsB/ozMXijYgUYG80T1ry+mcwCgYIKoZIzj0EAwIw
+WTELMAkGA1UEBhMCR0IxEzARBgNVBAgMClNvbWUtU3RhdGUxEjAQBgNVBAcMCVNv
+bWUtQ2l0eTENMAsGA1UECgwEVnlPUzESMBAGA1UEAwwJVnlPUyBUZXN0MB4XDTIx
+MDcyMDEyNDUxMloXDTI2MDcxOTEyNDUxMlowWTELMAkGA1UEBhMCR0IxEzARBgNV
+BAgMClNvbWUtU3RhdGUxEjAQBgNVBAcMCVNvbWUtQ2l0eTENMAsGA1UECgwEVnlP
+UzESMBAGA1UEAwwJVnlPUyBUZXN0MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE
+01HrLcNttqq4/PtoMua8rMWEkOdBu7vP94xzDO7A8C92ls1v86eePy4QllKCzIw3
+QxBIoCuH2peGRfWgPRdFsKNhMF8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8E
+BAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMB0GA1UdDgQWBBSu
++JnU5ZC4mkuEpqg2+Mk4K79oeDAKBggqhkjOPQQDAgNHADBEAiBEFdzQ/Bc3Lftz
+ngrY605UhA6UprHhAogKgROv7iR4QgIgEFUxTtW3xXJcnUPWhhUFhyZoqfn8dE93
++dm/LDnp7C0=
+"""
+
+key_data = """
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgPLpD0Ohhoq0g4nhx
+2KMIuze7ucKUt/lBEB2wc03IxXyhRANCAATTUestw222qrj8+2gy5rysxYSQ50G7
+u8/3jHMM7sDwL3aWzW/zp54/LhCWUoLMjDdDEEigK4fal4ZF9aA9F0Ww
+"""
class TestHTTPSService(VyOSUnitTestSHIM.TestCase):
def setUp(self):
@@ -61,9 +84,13 @@ class TestHTTPSService(VyOSUnitTestSHIM.TestCase):
ret = run('sudo /usr/sbin/nginx -t')
self.assertEqual(ret, 0)
+ nginx_config = read_file('/etc/nginx/sites-enabled/default')
+ self.assertIn(f'listen {address}:{port} ssl;', nginx_config)
+ self.assertIn(f'ssl_protocols TLSv1.2 TLSv1.3;', nginx_config)
+
def test_certificate(self):
- self.cli_set(pki_base + ['certificate', 'test_https', 'certificate', cert_data])
- self.cli_set(pki_base + ['certificate', 'test_https', 'private', 'key', key_data])
+ self.cli_set(pki_base + ['certificate', 'test_https', 'certificate', cert_data.replace('\n','')])
+ self.cli_set(pki_base + ['certificate', 'test_https', 'private', 'key', key_data.replace('\n','')])
self.cli_set(base_path + ['certificates', 'certificate', 'test_https'])
@@ -72,5 +99,44 @@ class TestHTTPSService(VyOSUnitTestSHIM.TestCase):
ret = run('sudo /usr/sbin/nginx -t')
self.assertEqual(ret, 0)
+ @ignore_warning(InsecureRequestWarning)
+ def test_api_auth(self):
+ vhost_id = 'example'
+ address = '127.0.0.1'
+ port = '443'
+ name = 'localhost'
+
+ self.cli_set(base_path + ['api', 'socket'])
+ key = 'MySuperSecretVyOS'
+ self.cli_set(base_path + ['api', 'keys', 'id', 'key-01', 'key', key])
+
+ test_path = base_path + ['virtual-host', vhost_id]
+ self.cli_set(test_path + ['listen-address', address])
+ self.cli_set(test_path + ['listen-port', port])
+ self.cli_set(test_path + ['server-name', name])
+
+ self.cli_commit()
+
+ nginx_config = read_file('/etc/nginx/sites-enabled/default')
+ self.assertIn(f'listen {address}:{port} ssl;', nginx_config)
+ self.assertIn(f'ssl_protocols TLSv1.2 TLSv1.3;', nginx_config)
+
+ url = f'https://{address}/retrieve'
+ payload = {'data': '{"op": "showConfig", "path": []}', 'key': f'{key}'}
+ headers = {}
+ r = request('POST', url, verify=False, headers=headers, data=payload)
+ # Must get HTTP code 200 on success
+ self.assertEqual(r.status_code, 200)
+
+ payload_invalid = {'data': '{"op": "showConfig", "path": []}', 'key': 'invalid'}
+ r = request('POST', url, verify=False, headers=headers, data=payload_invalid)
+ # Must get HTTP code 401 on invalid key (Unauthorized)
+ self.assertEqual(r.status_code, 401)
+
+ payload_no_key = {'data': '{"op": "showConfig", "path": []}'}
+ r = request('POST', url, verify=False, headers=headers, data=payload_no_key)
+ # Must get HTTP code 401 on missing key (Unauthorized)
+ self.assertEqual(r.status_code, 401)
+
if __name__ == '__main__':
unittest.main(verbosity=2)
diff --git a/smoketest/scripts/cli/test_service_ids.py b/smoketest/scripts/cli/test_service_ids.py
new file mode 100755
index 000000000..18f1b8ec5
--- /dev/null
+++ b/smoketest/scripts/cli/test_service_ids.py
@@ -0,0 +1,94 @@
+#!/usr/bin/env python3
+#
+# Copyright (C) 2022 VyOS maintainers and contributors
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 or later as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+import os
+import unittest
+
+from base_vyostest_shim import VyOSUnitTestSHIM
+
+from vyos.configsession import ConfigSessionError
+from vyos.util import process_named_running
+from vyos.util import read_file
+
+PROCESS_NAME = 'fastnetmon'
+FASTNETMON_CONF = '/etc/fastnetmon.conf'
+base_path = ['service', 'ids', 'ddos-protection']
+
+class TestServiceIDS(VyOSUnitTestSHIM.TestCase):
+ @classmethod
+ def setUpClass(cls):
+ super(TestServiceIDS, cls).setUpClass()
+
+ # ensure we can also run this test on a live system - so lets clean
+ # out the current configuration :)
+ cls.cli_delete(cls, base_path)
+
+ def tearDown(self):
+ # Check for running process
+ self.assertTrue(process_named_running(PROCESS_NAME))
+
+ # delete test config
+ self.cli_delete(base_path)
+ self.cli_commit()
+
+ self.assertFalse(os.path.exists(FASTNETMON_CONF))
+ self.assertFalse(process_named_running(PROCESS_NAME))
+
+ def test_fastnetmon(self):
+ networks = ['10.0.0.0/24', '10.5.5.0/24']
+ interfaces = ['eth0', 'eth1']
+ fps = '3500'
+ mbps = '300'
+ pps = '60000'
+
+ self.cli_set(base_path + ['mode', 'mirror'])
+ # Required network!
+ with self.assertRaises(ConfigSessionError):
+ self.cli_commit()
+ for tmp in networks:
+ self.cli_set(base_path + ['network', tmp])
+
+ # Required interface(s)!
+ with self.assertRaises(ConfigSessionError):
+ self.cli_commit()
+ for tmp in interfaces:
+ self.cli_set(base_path + ['listen-interface', tmp])
+
+ self.cli_set(base_path + ['direction', 'in'])
+ self.cli_set(base_path + ['threshold', 'fps', fps])
+ self.cli_set(base_path + ['threshold', 'pps', pps])
+ self.cli_set(base_path + ['threshold', 'mbps', mbps])
+
+ # commit changes
+ self.cli_commit()
+
+ # Check configured port
+ config = read_file(FASTNETMON_CONF)
+ self.assertIn(f'mirror_afpacket = on', config)
+ self.assertIn(f'process_incoming_traffic = on', config)
+ self.assertIn(f'process_outgoing_traffic = off', config)
+ self.assertIn(f'ban_for_flows = on', config)
+ self.assertIn(f'threshold_flows = {fps}', config)
+ self.assertIn(f'ban_for_bandwidth = on', config)
+ self.assertIn(f'threshold_mbps = {mbps}', config)
+ self.assertIn(f'ban_for_pps = on', config)
+ self.assertIn(f'threshold_pps = {pps}', config)
+
+ tmp = ','.join(interfaces)
+ self.assertIn(f'interfaces = {tmp}', config)
+
+if __name__ == '__main__':
+ unittest.main(verbosity=2)
diff --git a/smoketest/scripts/cli/test_service_lldp.py b/smoketest/scripts/cli/test_service_lldp.py
new file mode 100755
index 000000000..439c96c33
--- /dev/null
+++ b/smoketest/scripts/cli/test_service_lldp.py
@@ -0,0 +1,127 @@
+#!/usr/bin/env python3
+#
+# Copyright (C) 2022 VyOS maintainers and contributors
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 or later as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+import re
+import os
+import unittest
+
+from base_vyostest_shim import VyOSUnitTestSHIM
+
+from vyos.configsession import ConfigSessionError
+from vyos.ifconfig import Section
+from vyos.util import cmd
+from vyos.util import process_named_running
+from vyos.util import read_file
+from vyos.version import get_version_data
+
+PROCESS_NAME = 'lldpd'
+LLDPD_CONF = '/etc/lldpd.d/01-vyos.conf'
+base_path = ['service', 'lldp']
+mgmt_if = 'dum83513'
+mgmt_addr = ['1.2.3.4', '1.2.3.5']
+
+class TestServiceLLDP(VyOSUnitTestSHIM.TestCase):
+ @classmethod
+ def setUpClass(cls):
+ # call base-classes classmethod
+ super(TestServiceLLDP, cls).setUpClass()
+
+ # create a test interfaces
+ for addr in mgmt_addr:
+ cls.cli_set(cls, ['interfaces', 'dummy', mgmt_if, 'address', addr + '/32'])
+
+ # ensure we can also run this test on a live system - so lets clean
+ # out the current configuration :)
+ cls.cli_delete(cls, base_path)
+
+ @classmethod
+ def tearDownClass(cls):
+ cls.cli_delete(cls, ['interfaces', 'dummy', mgmt_if])
+ super(TestServiceLLDP, cls).tearDownClass()
+
+ def tearDown(self):
+ # service must be running after it was configured
+ self.assertTrue(process_named_running(PROCESS_NAME))
+
+ # delete/stop LLDP service
+ self.cli_delete(base_path)
+ self.cli_commit()
+
+ # service is no longer allowed to run after it was removed
+ self.assertFalse(process_named_running(PROCESS_NAME))
+
+ def test_01_lldp_basic(self):
+ self.cli_set(base_path)
+ self.cli_commit()
+
+ config = read_file(LLDPD_CONF)
+ version_data = get_version_data()
+ version = version_data['version']
+ self.assertIn(f'configure system platform VyOS', config)
+ self.assertIn(f'configure system description "VyOS {version}"', config)
+
+ def test_02_lldp_mgmt_address(self):
+ for addr in mgmt_addr:
+ self.cli_set(base_path + ['management-address', addr])
+ self.cli_commit()
+
+ config = read_file(LLDPD_CONF)
+ self.assertIn(f'configure system ip management pattern {",".join(mgmt_addr)}', config)
+
+ def test_03_lldp_interfaces(self):
+ for interface in Section.interfaces('ethernet'):
+ if not '.' in interface:
+ self.cli_set(base_path + ['interface', interface])
+
+ # commit changes
+ self.cli_commit()
+
+ # verify configuration
+ config = read_file(LLDPD_CONF)
+
+ interface_list = []
+ for interface in Section.interfaces('ethernet'):
+ if not '.' in interface:
+ interface_list.append(interface)
+ tmp = ','.join(interface_list)
+ self.assertIn(f'configure system interface pattern "{tmp}"', config)
+
+ def test_04_lldp_all_interfaces(self):
+ self.cli_set(base_path + ['interface', 'all'])
+ # commit changes
+ self.cli_commit()
+
+ # verify configuration
+ config = read_file(LLDPD_CONF)
+ self.assertIn(f'configure system interface pattern "*"', config)
+
+ def test_05_lldp_location(self):
+ interface = 'eth0'
+ elin = '1234567890'
+ self.cli_set(base_path + ['interface', interface, 'location', 'elin', elin])
+
+ # commit changes
+ self.cli_commit()
+
+ # verify configuration
+ config = read_file(LLDPD_CONF)
+
+ self.assertIn(f'configure ports {interface} med location elin "{elin}"', config)
+ self.assertIn(f'configure system interface pattern "{interface}"', config)
+
+
+if __name__ == '__main__':
+ unittest.main(verbosity=2)
diff --git a/smoketest/scripts/cli/test_service_monitoring_telegraf.py b/smoketest/scripts/cli/test_service_monitoring_telegraf.py
new file mode 100755
index 000000000..09937513e
--- /dev/null
+++ b/smoketest/scripts/cli/test_service_monitoring_telegraf.py
@@ -0,0 +1,65 @@
+#!/usr/bin/env python3
+#
+# Copyright (C) 2021 VyOS maintainers and contributors
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 or later as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+import unittest
+
+from base_vyostest_shim import VyOSUnitTestSHIM
+
+from vyos.configsession import ConfigSession
+from vyos.configsession import ConfigSessionError
+from vyos.util import process_named_running
+from vyos.util import read_file
+
+PROCESS_NAME = 'telegraf'
+TELEGRAF_CONF = '/run/telegraf/vyos-telegraf.conf'
+base_path = ['service', 'monitoring', 'telegraf']
+org = 'log@in.local'
+token = 'GuRJc12tIzfjnYdKRAIYbxdWd2aTpOT9PVYNddzDnFV4HkAcD7u7-kndTFXjGuXzJN6TTxmrvPODB4mnFcseDV=='
+port = '8888'
+url = 'https://foo.local'
+bucket = 'main'
+inputs = ['cpu', 'disk', 'mem', 'net', 'system', 'kernel', 'interrupts', 'syslog']
+
+class TestMonitoringTelegraf(VyOSUnitTestSHIM.TestCase):
+ def tearDown(self):
+ self.cli_delete(base_path)
+ self.cli_commit()
+
+ def test_01_basic_config(self):
+ self.cli_set(base_path + ['authentication', 'organization', org])
+ self.cli_set(base_path + ['authentication', 'token', token])
+ self.cli_set(base_path + ['port', port])
+ self.cli_set(base_path + ['url', url])
+
+ # commit changes
+ self.cli_commit()
+
+ # Check for running process
+ self.assertTrue(process_named_running(PROCESS_NAME))
+
+ config = read_file(TELEGRAF_CONF)
+
+ # Check telegraf config
+ self.assertIn(f'organization = "{org}"', config)
+ self.assertIn(f' token = "$INFLUX_TOKEN"', config)
+ self.assertIn(f'urls = ["{url}:{port}"]', config)
+ self.assertIn(f'bucket = "{bucket}"', config)
+
+ for input in inputs:
+ self.assertIn(input, config)
+
+if __name__ == '__main__':
+ unittest.main(verbosity=2)
diff --git a/smoketest/scripts/cli/test_service_salt.py b/smoketest/scripts/cli/test_service_salt.py
new file mode 100755
index 000000000..00a4f2020
--- /dev/null
+++ b/smoketest/scripts/cli/test_service_salt.py
@@ -0,0 +1,105 @@
+#!/usr/bin/env python3
+#
+# Copyright (C) 2022 VyOS maintainers and contributors
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 or later as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+import unittest
+
+from socket import gethostname
+from base_vyostest_shim import VyOSUnitTestSHIM
+
+from vyos.util import process_named_running
+from vyos.util import read_file
+from vyos.util import cmd
+
+PROCESS_NAME = 'salt-minion'
+SALT_CONF = '/etc/salt/minion'
+base_path = ['service', 'salt-minion']
+
+interface = 'dum4456'
+
+class TestServiceSALT(VyOSUnitTestSHIM.TestCase):
+ @classmethod
+ def setUpClass(cls):
+ super(TestServiceSALT, cls).setUpClass()
+
+ # ensure we can also run this test on a live system - so lets clean
+ # out the current configuration :)
+ cls.cli_delete(cls, base_path)
+
+ cls.cli_set(cls, ['interfaces', 'dummy', interface, 'address', '100.64.0.1/16'])
+
+ @classmethod
+ def tearDownClass(cls):
+ cls.cli_delete(cls, ['interfaces', 'dummy', interface])
+ super(TestServiceSALT, cls).tearDownClass()
+
+ def tearDown(self):
+ # Check for running process
+ self.assertTrue(process_named_running(PROCESS_NAME))
+
+ # delete testing SALT config
+ self.cli_delete(base_path)
+ self.cli_commit()
+
+ # For an unknown reason on QEMU systems (e.g. where smoketests are executed
+ # from the CI) salt-minion process is not killed by systemd. Apparently
+ # no issue on VMWare.
+ if cmd('systemd-detect-virt') != 'kvm':
+ self.assertFalse(process_named_running(PROCESS_NAME))
+
+ def test_default(self):
+ servers = ['192.0.2.1', '192.0.2.2']
+
+ for server in servers:
+ self.cli_set(base_path + ['master', server])
+
+ self.cli_commit()
+
+ # commiconf = read_file() Check configured port
+ conf = read_file(SALT_CONF)
+ self.assertIn(f' - {server}', conf)
+
+ # defaults
+ hostname = gethostname()
+ self.assertIn(f'hash_type: sha256', conf)
+ self.assertIn(f'id: {hostname}', conf)
+ self.assertIn(f'mine_interval: 60', conf)
+
+ def test_options(self):
+ server = '192.0.2.3'
+ hash = 'sha1'
+ id = 'foo'
+ interval = '120'
+
+ self.cli_set(base_path + ['master', server])
+ self.cli_set(base_path + ['hash', hash])
+ self.cli_set(base_path + ['id', id])
+ self.cli_set(base_path + ['interval', interval])
+ self.cli_set(base_path + ['source-interface', interface])
+
+ self.cli_commit()
+
+ # commiconf = read_file() Check configured port
+ conf = read_file(SALT_CONF)
+ self.assertIn(f'- {server}', conf)
+
+ # defaults
+ self.assertIn(f'hash_type: {hash}', conf)
+ self.assertIn(f'id: {id}', conf)
+ self.assertIn(f'mine_interval: {interval}', conf)
+ self.assertIn(f'source_interface_name: {interface}', conf)
+
+if __name__ == '__main__':
+ unittest.main(verbosity=2)
diff --git a/smoketest/scripts/cli/test_service_snmp.py b/smoketest/scripts/cli/test_service_snmp.py
index 058835c72..e80c689cc 100755
--- a/smoketest/scripts/cli/test_service_snmp.py
+++ b/smoketest/scripts/cli/test_service_snmp.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python3
#
-# Copyright (C) 2019-2020 VyOS maintainers and contributors
+# Copyright (C) 2019-2021 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
@@ -22,14 +22,25 @@ from base_vyostest_shim import VyOSUnitTestSHIM
from vyos.configsession import ConfigSessionError
from vyos.template import is_ipv4
from vyos.template import address_from_cidr
+from vyos.util import call
+from vyos.util import DEVNULL
from vyos.util import read_file
from vyos.util import process_named_running
+from vyos.version import get_version_data
PROCESS_NAME = 'snmpd'
SNMPD_CONF = '/etc/snmp/snmpd.conf'
base_path = ['service', 'snmp']
+snmpv3_group = 'default_group'
+snmpv3_view = 'default_view'
+snmpv3_view_oid = '1'
+snmpv3_user = 'vyos'
+snmpv3_auth_pw = 'vyos12345678'
+snmpv3_priv_pw = 'vyos87654321'
+snmpv3_engine_id = '000000000000000000000002'
+
def get_config_value(key):
tmp = read_file(SNMPD_CONF)
tmp = re.findall(r'\n?{}\s+(.*)'.format(key), tmp)
@@ -38,20 +49,29 @@ def get_config_value(key):
class TestSNMPService(VyOSUnitTestSHIM.TestCase):
@classmethod
def setUpClass(cls):
- super(cls, cls).setUpClass()
+ super(TestSNMPService, cls).setUpClass()
# ensure we can also run this test on a live system - so lets clean
# out the current configuration :)
cls.cli_delete(cls, base_path)
def tearDown(self):
+ # Check for running process
+ self.assertTrue(process_named_running(PROCESS_NAME))
+
# delete testing SNMP config
self.cli_delete(base_path)
self.cli_commit()
+ # Check for running process
+ self.assertFalse(process_named_running(PROCESS_NAME))
+
def test_snmp_basic(self):
dummy_if = 'dum7312'
dummy_addr = '100.64.0.1/32'
+ contact = 'maintainers@vyos.io'
+ location = 'QEMU'
+
self.cli_set(['interfaces', 'dummy', dummy_if, 'address', dummy_addr])
# Check if SNMP can be configured and service runs
@@ -71,8 +91,8 @@ class TestSNMPService(VyOSUnitTestSHIM.TestCase):
for addr in listen:
self.cli_set(base_path + ['listen-address', addr, 'port', port])
- self.cli_set(base_path + ['contact', 'maintainers@vyos.io'])
- self.cli_set(base_path + ['location', 'qemu'])
+ self.cli_set(base_path + ['contact', contact])
+ self.cli_set(base_path + ['location', location])
self.cli_commit()
@@ -82,7 +102,6 @@ class TestSNMPService(VyOSUnitTestSHIM.TestCase):
config = get_config_value('agentaddress')
expected = 'unix:/run/snmpd.socket'
self.assertIn(expected, config)
-
for addr in listen:
if is_ipv4(addr):
expected = f'udp:{addr}:{port}'
@@ -90,6 +109,16 @@ class TestSNMPService(VyOSUnitTestSHIM.TestCase):
expected = f'udp6:[{addr}]:{port}'
self.assertIn(expected, config)
+ config = get_config_value('sysDescr')
+ version_data = get_version_data()
+ self.assertEqual('VyOS ' + version_data['version'], config)
+
+ config = get_config_value('SysContact')
+ self.assertEqual(contact, config)
+
+ config = get_config_value('SysLocation')
+ self.assertEqual(location, config)
+
# Check for running process
self.assertTrue(process_named_running(PROCESS_NAME))
self.cli_delete(['interfaces', 'dummy', dummy_if])
@@ -98,8 +127,7 @@ class TestSNMPService(VyOSUnitTestSHIM.TestCase):
def test_snmpv3_sha(self):
# Check if SNMPv3 can be configured with SHA authentication
# and service runs
-
- self.cli_set(base_path + ['v3', 'engineid', '000000000000000000000002'])
+ self.cli_set(base_path + ['v3', 'engineid', snmpv3_engine_id])
self.cli_set(base_path + ['v3', 'group', 'default', 'mode', 'ro'])
# check validate() - a view must be created before this can be committed
with self.assertRaises(ConfigSessionError):
@@ -109,46 +137,52 @@ class TestSNMPService(VyOSUnitTestSHIM.TestCase):
self.cli_set(base_path + ['v3', 'group', 'default', 'view', 'default'])
# create user
- self.cli_set(base_path + ['v3', 'user', 'vyos', 'auth', 'plaintext-password', 'vyos12345678'])
- self.cli_set(base_path + ['v3', 'user', 'vyos', 'auth', 'type', 'sha'])
- self.cli_set(base_path + ['v3', 'user', 'vyos', 'privacy', 'plaintext-password', 'vyos12345678'])
- self.cli_set(base_path + ['v3', 'user', 'vyos', 'privacy', 'type', 'aes'])
- self.cli_set(base_path + ['v3', 'user', 'vyos', 'group', 'default'])
+ self.cli_set(base_path + ['v3', 'user', snmpv3_user, 'auth', 'plaintext-password', snmpv3_auth_pw])
+ self.cli_set(base_path + ['v3', 'user', snmpv3_user, 'auth', 'type', 'sha'])
+ self.cli_set(base_path + ['v3', 'user', snmpv3_user, 'privacy', 'plaintext-password', snmpv3_priv_pw])
+ self.cli_set(base_path + ['v3', 'user', snmpv3_user, 'privacy', 'type', 'aes'])
+ self.cli_set(base_path + ['v3', 'user', snmpv3_user, 'group', 'default'])
self.cli_commit()
# commit will alter the CLI values - check if they have been updated:
hashed_password = '4e52fe55fd011c9c51ae2c65f4b78ca93dcafdfe'
- tmp = self._session.show_config(base_path + ['v3', 'user', 'vyos', 'auth', 'encrypted-password']).split()[1]
+ tmp = self._session.show_config(base_path + ['v3', 'user', snmpv3_user, 'auth', 'encrypted-password']).split()[1]
self.assertEqual(tmp, hashed_password)
- tmp = self._session.show_config(base_path + ['v3', 'user', 'vyos', 'privacy', 'encrypted-password']).split()[1]
+ hashed_password = '54705c8de9e81fdf61ad7ac044fa8fe611ddff6b'
+ tmp = self._session.show_config(base_path + ['v3', 'user', snmpv3_user, 'privacy', 'encrypted-password']).split()[1]
self.assertEqual(tmp, hashed_password)
# TODO: read in config file and check values
- # Check for running process
- self.assertTrue(process_named_running(PROCESS_NAME))
+ # Try SNMPv3 connection
+ tmp = call(f'snmpwalk -v 3 -u {snmpv3_user} -a SHA -A {snmpv3_auth_pw} -x AES -X {snmpv3_priv_pw} -l authPriv 127.0.0.1', stdout=DEVNULL)
+ self.assertEqual(tmp, 0)
def test_snmpv3_md5(self):
# Check if SNMPv3 can be configured with MD5 authentication
# and service runs
+ self.cli_set(base_path + ['v3', 'engineid', snmpv3_engine_id])
- self.cli_set(base_path + ['v3', 'engineid', '000000000000000000000002'])
- self.cli_set(base_path + ['v3', 'group', 'default', 'mode', 'ro'])
- # check validate() - a view must be created before this can be comitted
+ # create user
+ self.cli_set(base_path + ['v3', 'user', snmpv3_user, 'auth', 'plaintext-password', snmpv3_auth_pw])
+ self.cli_set(base_path + ['v3', 'user', snmpv3_user, 'auth', 'type', 'md5'])
+ self.cli_set(base_path + ['v3', 'user', snmpv3_user, 'privacy', 'plaintext-password', snmpv3_priv_pw])
+ self.cli_set(base_path + ['v3', 'user', snmpv3_user, 'privacy', 'type', 'des'])
+
+ # check validate() - user requires a group to be created
with self.assertRaises(ConfigSessionError):
self.cli_commit()
+ self.cli_set(base_path + ['v3', 'user', 'vyos', 'group', snmpv3_group])
- self.cli_set(base_path + ['v3', 'view', 'default', 'oid', '1'])
- self.cli_set(base_path + ['v3', 'group', 'default', 'view', 'default'])
+ self.cli_set(base_path + ['v3', 'group', snmpv3_group, 'mode', 'ro'])
+ # check validate() - a view must be created before this can be comitted
+ with self.assertRaises(ConfigSessionError):
+ self.cli_commit()
- # create user
- self.cli_set(base_path + ['v3', 'user', 'vyos', 'auth', 'plaintext-password', 'vyos12345678'])
- self.cli_set(base_path + ['v3', 'user', 'vyos', 'auth', 'type', 'md5'])
- self.cli_set(base_path + ['v3', 'user', 'vyos', 'privacy', 'plaintext-password', 'vyos12345678'])
- self.cli_set(base_path + ['v3', 'user', 'vyos', 'privacy', 'type', 'des'])
- self.cli_set(base_path + ['v3', 'user', 'vyos', 'group', 'default'])
+ self.cli_set(base_path + ['v3', 'view', snmpv3_view, 'oid', snmpv3_view_oid])
+ self.cli_set(base_path + ['v3', 'group', snmpv3_group, 'view', snmpv3_view])
self.cli_commit()
@@ -157,13 +191,21 @@ class TestSNMPService(VyOSUnitTestSHIM.TestCase):
tmp = self._session.show_config(base_path + ['v3', 'user', 'vyos', 'auth', 'encrypted-password']).split()[1]
self.assertEqual(tmp, hashed_password)
+ hashed_password = 'e11c83f2c510540a3c4de84ee66de440'
tmp = self._session.show_config(base_path + ['v3', 'user', 'vyos', 'privacy', 'encrypted-password']).split()[1]
self.assertEqual(tmp, hashed_password)
- # TODO: read in config file and check values
-
- # Check for running process
- self.assertTrue(process_named_running(PROCESS_NAME))
+ tmp = read_file(SNMPD_CONF)
+ # views
+ self.assertIn(f'view {snmpv3_view} included .{snmpv3_view_oid}', tmp)
+ # group
+ self.assertIn(f'group {snmpv3_group} usm {snmpv3_user}', tmp)
+ # access
+ self.assertIn(f'access {snmpv3_group} "" usm auth exact {snmpv3_view} none none', tmp)
+
+ # Try SNMPv3 connection
+ tmp = call(f'snmpwalk -v 3 -u {snmpv3_user} -a MD5 -A {snmpv3_auth_pw} -x DES -X {snmpv3_priv_pw} -l authPriv 127.0.0.1', stdout=DEVNULL)
+ self.assertEqual(tmp, 0)
if __name__ == '__main__':
unittest.main(verbosity=2)
diff --git a/smoketest/scripts/cli/test_service_ssh.py b/smoketest/scripts/cli/test_service_ssh.py
index a54c03919..0b029dd00 100755
--- a/smoketest/scripts/cli/test_service_ssh.py
+++ b/smoketest/scripts/cli/test_service_ssh.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python3
#
-# Copyright (C) 2019-2020 VyOS maintainers and contributors
+# Copyright (C) 2019-2022 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
@@ -15,13 +15,17 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>.
import os
+import paramiko
import re
import unittest
+from pwd import getpwall
+
from base_vyostest_shim import VyOSUnitTestSHIM
from vyos.configsession import ConfigSessionError
from vyos.util import cmd
+from vyos.util import is_systemd_service_running
from vyos.util import process_named_running
from vyos.util import read_file
@@ -42,13 +46,16 @@ def get_config_value(key):
class TestServiceSSH(VyOSUnitTestSHIM.TestCase):
@classmethod
def setUpClass(cls):
- super(cls, cls).setUpClass()
+ super(TestServiceSSH, cls).setUpClass()
# ensure we can also run this test on a live system - so lets clean
# out the current configuration :)
cls.cli_delete(cls, base_path)
def tearDown(self):
+ # Check for running process
+ self.assertTrue(process_named_running(PROCESS_NAME))
+
# delete testing SSH config
self.cli_delete(base_path)
self.cli_commit()
@@ -57,6 +64,11 @@ class TestServiceSSH(VyOSUnitTestSHIM.TestCase):
self.assertTrue(os.path.isfile(key_dsa))
self.assertTrue(os.path.isfile(key_ed25519))
+ # Established SSH connections remains running after service is stopped.
+ # We can not use process_named_running here - we rather need to check
+ # that the systemd service is no longer running
+ self.assertFalse(is_systemd_service_running(PROCESS_NAME))
+
def test_ssh_default(self):
# Check if SSH service runs with default settings - used for checking
# behavior of <defaultValue> in XML definition
@@ -69,9 +81,6 @@ class TestServiceSSH(VyOSUnitTestSHIM.TestCase):
port = get_config_value('Port')[0]
self.assertEqual('22', port)
- # Check for running process
- self.assertTrue(process_named_running(PROCESS_NAME))
-
def test_ssh_single_listen_address(self):
# Check if SSH service can be configured and runs
self.cli_set(base_path + ['port', '1234'])
@@ -108,9 +117,6 @@ class TestServiceSSH(VyOSUnitTestSHIM.TestCase):
keepalive = get_config_value('ClientAliveInterval')[0]
self.assertTrue("100" in keepalive)
- # Check for running process
- self.assertTrue(process_named_running(PROCESS_NAME))
-
def test_ssh_multiple_listen_addresses(self):
# Check if SSH service can be configured and runs with multiple
# listen ports and listen-addresses
@@ -135,9 +141,6 @@ class TestServiceSSH(VyOSUnitTestSHIM.TestCase):
for address in addresses:
self.assertIn(address, tmp)
- # Check for running process
- self.assertTrue(process_named_running(PROCESS_NAME))
-
def test_ssh_vrf(self):
# Check if SSH service can be bound to given VRF
port = '22'
@@ -157,9 +160,6 @@ class TestServiceSSH(VyOSUnitTestSHIM.TestCase):
tmp = get_config_value('Port')
self.assertIn(port, tmp)
- # Check for running process
- self.assertTrue(process_named_running(PROCESS_NAME))
-
# Check for process in VRF
tmp = cmd(f'ip vrf pids {vrf}')
self.assertIn(PROCESS_NAME, tmp)
@@ -167,5 +167,100 @@ class TestServiceSSH(VyOSUnitTestSHIM.TestCase):
# delete VRF
self.cli_delete(['vrf', 'name', vrf])
+ def test_ssh_login(self):
+ # Perform SSH login and command execution with a predefined user. The
+ # result (output of uname -a) must match the output if the command is
+ # run natively.
+ #
+ # We also try to login as an invalid user - this is not allowed to work.
+
+ def ssh_send_cmd(command, username, password, host='localhost'):
+ """ SSH command execution helper """
+ # Try to login via SSH
+ ssh_client = paramiko.SSHClient()
+ ssh_client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
+ ssh_client.connect(hostname='localhost', username=username, password=password)
+ _, stdout, stderr = ssh_client.exec_command(command)
+ output = stdout.read().decode().strip()
+ error = stderr.read().decode().strip()
+ ssh_client.close()
+ return output, error
+
+ test_user = 'ssh_test'
+ test_pass = 'v2i57DZs8idUwMN3VC92'
+ test_command = 'uname -a'
+
+ self.cli_set(base_path)
+ self.cli_set(['system', 'login', 'user', test_user, 'authentication', 'plaintext-password', test_pass])
+
+ # commit changes
+ self.cli_commit()
+
+ # Login with proper credentials
+ output, error = ssh_send_cmd(test_command, test_user, test_pass)
+ # verify login
+ self.assertFalse(error)
+ self.assertEqual(output, cmd(test_command))
+
+ # Login with invalid credentials
+ with self.assertRaises(paramiko.ssh_exception.AuthenticationException):
+ output, error = ssh_send_cmd(test_command, 'invalid_user', 'invalid_password')
+
+ self.cli_delete(['system', 'login', 'user', test_user])
+ self.cli_commit()
+
+ # After deletion the test user is not allowed to remain in /etc/passwd
+ usernames = [x[0] for x in getpwall()]
+ self.assertNotIn(test_user, usernames)
+
+ def test_ssh_dynamic_protection(self):
+ # check sshguard service
+
+ SSHGUARD_CONFIG = '/etc/sshguard/sshguard.conf'
+ SSHGUARD_WHITELIST = '/etc/sshguard/whitelist'
+ SSHGUARD_PROCESS = 'sshguard'
+ block_time = '123'
+ detect_time = '1804'
+ port = '22'
+ threshold = '10'
+ allow_list = ['192.0.2.0/24', '2001:db8::/48']
+
+ self.cli_set(base_path + ['dynamic-protection', 'block-time', block_time])
+ self.cli_set(base_path + ['dynamic-protection', 'detect-time', detect_time])
+ self.cli_set(base_path + ['dynamic-protection', 'threshold', threshold])
+ for allow in allow_list:
+ self.cli_set(base_path + ['dynamic-protection', 'allow-from', allow])
+
+ # commit changes
+ self.cli_commit()
+
+ # Check configured port
+ tmp = get_config_value('Port')
+ self.assertIn(port, tmp)
+
+ # Check sshgurad service
+ self.assertTrue(process_named_running(SSHGUARD_PROCESS))
+
+ sshguard_lines = [
+ f'THRESHOLD={threshold}',
+ f'BLOCK_TIME={block_time}',
+ f'DETECTION_TIME={detect_time}'
+ ]
+
+ tmp_sshguard_conf = read_file(SSHGUARD_CONFIG)
+ for line in sshguard_lines:
+ self.assertIn(line, tmp_sshguard_conf)
+
+ tmp_whitelist_conf = read_file(SSHGUARD_WHITELIST)
+ for allow in allow_list:
+ self.assertIn(allow, tmp_whitelist_conf)
+
+ # Delete service ssh dynamic-protection
+ # but not service ssh itself
+ self.cli_delete(base_path + ['dynamic-protection'])
+ self.cli_commit()
+
+ self.assertFalse(process_named_running(SSHGUARD_PROCESS))
+
if __name__ == '__main__':
unittest.main(verbosity=2)
diff --git a/smoketest/scripts/cli/test_service_tftp-server.py b/smoketest/scripts/cli/test_service_tftp-server.py
index 1a1bf0cdf..b57c33f26 100755
--- a/smoketest/scripts/cli/test_service_tftp-server.py
+++ b/smoketest/scripts/cli/test_service_tftp-server.py
@@ -20,6 +20,7 @@ from psutil import process_iter
from base_vyostest_shim import VyOSUnitTestSHIM
from vyos.configsession import ConfigSessionError
+from vyos.util import cmd
from vyos.util import read_file
from vyos.util import process_named_running
from vyos.template import is_ipv6
@@ -29,6 +30,7 @@ base_path = ['service', 'tftp-server']
dummy_if_path = ['interfaces', 'dummy', 'dum69']
address_ipv4 = '192.0.2.1'
address_ipv6 = '2001:db8::1'
+vrf = 'mgmt'
class TestServiceTFTPD(VyOSUnitTestSHIM.TestCase):
def setUp(self):
@@ -97,5 +99,42 @@ class TestServiceTFTPD(VyOSUnitTestSHIM.TestCase):
count += 1
self.assertEqual(count, len(address))
+ def test_03_tftpd_vrf(self):
+ directory = '/tmp'
+ port = '69' # default port
+
+ self.cli_set(base_path + ['allow-upload'])
+ self.cli_set(base_path + ['directory', directory])
+ self.cli_set(base_path + ['listen-address', address_ipv4, 'vrf', vrf])
+
+ # VRF does yet not exist - an error must be thrown
+ with self.assertRaises(ConfigSessionError):
+ self.cli_commit()
+
+ self.cli_set(['vrf', 'name', vrf, 'table', '1338'])
+ self.cli_set(dummy_if_path + ['vrf', vrf])
+
+ # commit changes
+ self.cli_commit()
+
+ config = read_file('/etc/default/tftpd0')
+ # verify listen IP address
+ self.assertIn(f'{address_ipv4}:{port} -4', config)
+ # verify directory
+ self.assertIn(directory, config)
+ # verify upload
+ self.assertIn('--create --umask 000', config)
+
+ # Check for running process
+ self.assertTrue(process_named_running(PROCESS_NAME))
+
+ # Check for process in VRF
+ tmp = cmd(f'ip vrf pids {vrf}')
+ self.assertIn(PROCESS_NAME, tmp)
+
+ # delete VRF
+ self.cli_delete(dummy_if_path + ['vrf'])
+ self.cli_delete(['vrf', 'name', vrf])
+
if __name__ == '__main__':
unittest.main(verbosity=2)
diff --git a/smoketest/scripts/cli/test_service_upnp.py b/smoketest/scripts/cli/test_service_upnp.py
new file mode 100755
index 000000000..e4df88c1e
--- /dev/null
+++ b/smoketest/scripts/cli/test_service_upnp.py
@@ -0,0 +1,105 @@
+#!/usr/bin/env python3
+#
+# Copyright (C) 2021-2022 VyOS maintainers and contributors
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 or later as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+import re
+import unittest
+
+from base_vyostest_shim import VyOSUnitTestSHIM
+
+from vyos.configsession import ConfigSession
+from vyos.configsession import ConfigSessionError
+from vyos.template import ip_from_cidr
+from vyos.util import read_file
+from vyos.util import process_named_running
+
+UPNP_CONF = '/run/upnp/miniupnp.conf'
+DAEMON = 'miniupnpd'
+interface = 'eth0'
+base_path = ['service', 'upnp']
+address_base = ['interfaces', 'ethernet', interface, 'address']
+
+ipv4_addr = '100.64.0.1/24'
+ipv6_addr = '2001:db8::1/64'
+
+class TestServiceUPnP(VyOSUnitTestSHIM.TestCase):
+ @classmethod
+ def setUpClass(cls):
+ super(TestServiceUPnP, cls).setUpClass()
+
+ # ensure we can also run this test on a live system - so lets clean
+ # out the current configuration :)
+ cls.cli_delete(cls, base_path)
+
+ cls.cli_set(cls, address_base + [ipv4_addr])
+ cls.cli_set(cls, address_base + [ipv6_addr])
+
+ @classmethod
+ def tearDownClass(cls):
+ cls.cli_delete(cls, address_base)
+ cls._session.commit()
+
+ super(TestServiceUPnP, cls).tearDownClass()
+
+ def tearDown(self):
+ # Check for running process
+ self.assertTrue(process_named_running(DAEMON))
+
+ self.cli_delete(base_path)
+ self.cli_commit()
+
+ # Check for running process
+ self.assertFalse(process_named_running(DAEMON))
+
+ def test_ipv4_base(self):
+ self.cli_set(base_path + ['nat-pmp'])
+ self.cli_set(base_path + ['listen', interface])
+
+ # check validate() - WAN interface is mandatory
+ with self.assertRaises(ConfigSessionError):
+ self.cli_commit()
+ self.cli_set(base_path + ['wan-interface', interface])
+
+ self.cli_commit()
+
+ config = read_file(UPNP_CONF)
+ self.assertIn(f'ext_ifname={interface}', config)
+ self.assertIn(f'listening_ip={interface}', config)
+ self.assertIn(f'enable_natpmp=yes', config)
+ self.assertIn(f'enable_upnp=yes', config)
+
+ def test_ipv6_base(self):
+ v6_addr = ip_from_cidr(ipv6_addr)
+
+ self.cli_set(base_path + ['nat-pmp'])
+ self.cli_set(base_path + ['listen', interface])
+ self.cli_set(base_path + ['listen', v6_addr])
+
+ # check validate() - WAN interface is mandatory
+ with self.assertRaises(ConfigSessionError):
+ self.cli_commit()
+ self.cli_set(base_path + ['wan-interface', interface])
+
+ self.cli_commit()
+
+ config = read_file(UPNP_CONF)
+ self.assertIn(f'ext_ifname={interface}', config)
+ self.assertIn(f'listening_ip={interface}', config)
+ self.assertIn(f'ipv6_listening_ip={v6_addr}', config)
+ self.assertIn(f'enable_natpmp=yes', config)
+ self.assertIn(f'enable_upnp=yes', config)
+
+if __name__ == '__main__':
+ unittest.main(verbosity=2)
diff --git a/smoketest/scripts/cli/test_service_webproxy.py b/smoketest/scripts/cli/test_service_webproxy.py
index 8a1a03ce7..772d6ab16 100755
--- a/smoketest/scripts/cli/test_service_webproxy.py
+++ b/smoketest/scripts/cli/test_service_webproxy.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python3
#
-# Copyright (C) 2020 VyOS maintainers and contributors
+# Copyright (C) 2020-2022 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
@@ -30,11 +30,19 @@ listen_if = 'dum3632'
listen_ip = '192.0.2.1'
class TestServiceWebProxy(VyOSUnitTestSHIM.TestCase):
- def setUp(self):
- self.cli_set(['interfaces', 'dummy', listen_if, 'address', listen_ip + '/32'])
+ @classmethod
+ def setUpClass(cls):
+ # call base-classes classmethod
+ super(TestServiceWebProxy, cls).setUpClass()
+ # create a test interfaces
+ cls.cli_set(cls, ['interfaces', 'dummy', listen_if, 'address', listen_ip + '/32'])
+
+ @classmethod
+ def tearDownClass(cls):
+ cls.cli_delete(cls, ['interfaces', 'dummy', listen_if])
+ super(TestServiceWebProxy, cls).tearDownClass()
def tearDown(self):
- self.cli_delete(['interfaces', 'dummy', listen_if])
self.cli_delete(base_path)
self.cli_commit()
diff --git a/smoketest/scripts/cli/test_system_conntrack.py b/smoketest/scripts/cli/test_system_conntrack.py
index b2934cf04..95c2a6c55 100755
--- a/smoketest/scripts/cli/test_system_conntrack.py
+++ b/smoketest/scripts/cli/test_system_conntrack.py
@@ -15,10 +15,12 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>.
import os
+import re
import unittest
from base_vyostest_shim import VyOSUnitTestSHIM
+from vyos.firewall import find_nftables_rule
from vyos.util import cmd
from vyos.util import read_file
@@ -156,8 +158,8 @@ class TestSystemConntrack(VyOSUnitTestSHIM.TestCase):
'driver' : ['nf_nat_h323', 'nf_conntrack_h323'],
},
'nfs' : {
- 'iptables' : ['-A VYATTA_CT_HELPER -p udp -m udp --dport 111 -j CT --helper rpc',
- '-A VYATTA_CT_HELPER -p tcp -m tcp --dport 111 -j CT --helper rpc'],
+ 'nftables' : ['ct helper set "rpc_tcp"',
+ 'ct helper set "rpc_udp"']
},
'pptp' : {
'driver' : ['nf_nat_pptp', 'nf_conntrack_pptp'],
@@ -166,9 +168,7 @@ class TestSystemConntrack(VyOSUnitTestSHIM.TestCase):
'driver' : ['nf_nat_sip', 'nf_conntrack_sip'],
},
'sqlnet' : {
- 'iptables' : ['-A VYATTA_CT_HELPER -p tcp -m tcp --dport 1536 -j CT --helper tns',
- '-A VYATTA_CT_HELPER -p tcp -m tcp --dport 1525 -j CT --helper tns',
- '-A VYATTA_CT_HELPER -p tcp -m tcp --dport 1521 -j CT --helper tns'],
+ 'nftables' : ['ct helper set "tns_tcp"']
},
'tftp' : {
'driver' : ['nf_nat_tftp', 'nf_conntrack_tftp'],
@@ -187,10 +187,9 @@ class TestSystemConntrack(VyOSUnitTestSHIM.TestCase):
if 'driver' in module_options:
for driver in module_options['driver']:
self.assertTrue(os.path.isdir(f'/sys/module/{driver}'))
- if 'iptables' in module_options:
- rules = cmd('sudo iptables-save -t raw')
- for ruleset in module_options['iptables']:
- self.assertIn(ruleset, rules)
+ if 'nftables' in module_options:
+ for rule in module_options['nftables']:
+ self.assertTrue(find_nftables_rule('raw', 'VYOS_CT_HELPER', [rule]) != None)
# unload modules
for module in modules:
@@ -204,10 +203,9 @@ class TestSystemConntrack(VyOSUnitTestSHIM.TestCase):
if 'driver' in module_options:
for driver in module_options['driver']:
self.assertFalse(os.path.isdir(f'/sys/module/{driver}'))
- if 'iptables' in module_options:
- rules = cmd('sudo iptables-save -t raw')
- for ruleset in module_options['iptables']:
- self.assertNotIn(ruleset, rules)
+ if 'nftables' in module_options:
+ for rule in module_options['nftables']:
+ self.assertTrue(find_nftables_rule('raw', 'VYOS_CT_HELPER', [rule]) == None)
def test_conntrack_hash_size(self):
hash_size = '65536'
diff --git a/smoketest/scripts/cli/test_system_flow-accounting.py b/smoketest/scripts/cli/test_system_flow-accounting.py
index a2b5b1481..a6eef3fb6 100755
--- a/smoketest/scripts/cli/test_system_flow-accounting.py
+++ b/smoketest/scripts/cli/test_system_flow-accounting.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python3
#
-# Copyright (C) 2021 VyOS maintainers and contributors
+# Copyright (C) 2021-2022 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
@@ -20,6 +20,8 @@ from base_vyostest_shim import VyOSUnitTestSHIM
from vyos.configsession import ConfigSessionError
from vyos.ifconfig import Section
+from vyos.template import bracketize_ipv6
+from vyos.template import is_ipv6
from vyos.util import cmd
from vyos.util import process_named_running
from vyos.util import read_file
@@ -27,18 +29,21 @@ from vyos.util import read_file
PROCESS_NAME = 'uacctd'
base_path = ['system', 'flow-accounting']
-uacctd_conf = '/etc/pmacct/uacctd.conf'
+uacctd_conf = '/run/pmacct/uacctd.conf'
class TestSystemFlowAccounting(VyOSUnitTestSHIM.TestCase):
@classmethod
def setUpClass(cls):
- super(cls, cls).setUpClass()
+ super(TestSystemFlowAccounting, cls).setUpClass()
# ensure we can also run this test on a live system - so lets clean
# out the current configuration :)
cls.cli_delete(cls, base_path)
def tearDown(self):
+ # after service removal process must no longer run
+ self.assertTrue(process_named_running(PROCESS_NAME))
+
self.cli_delete(base_path)
self.cli_commit()
@@ -47,7 +52,10 @@ class TestSystemFlowAccounting(VyOSUnitTestSHIM.TestCase):
def test_basic(self):
buffer_size = '5' # MiB
+ syslog = 'all'
+
self.cli_set(base_path + ['buffer-size', buffer_size])
+ self.cli_set(base_path + ['syslog-facility', syslog])
# You need to configure at least one interface for flow-accounting
with self.assertRaises(ConfigSessionError):
@@ -59,9 +67,20 @@ class TestSystemFlowAccounting(VyOSUnitTestSHIM.TestCase):
self.cli_commit()
# verify configuration
- tmp = cmd('sudo iptables-save -t raw')
+ nftables_output = cmd('sudo nft list chain raw VYOS_CT_PREROUTING_HOOK').splitlines()
for interface in Section.interfaces('ethernet'):
- self.assertIn(f'-A VYATTA_CT_PREROUTING_HOOK -i {interface} -m comment --comment FLOW_ACCOUNTING_RULE -j NFLOG --nflog-group 2 --nflog-size 128 --nflog-threshold 100', tmp)
+ rule_found = False
+ ifname_search = f'iifname "{interface}"'
+
+ for nftables_line in nftables_output:
+ if 'FLOW_ACCOUNTING_RULE' in nftables_line and ifname_search in nftables_line:
+ self.assertIn('group 2', nftables_line)
+ self.assertIn('snaplen 128', nftables_line)
+ self.assertIn('queue-threshold 100', nftables_line)
+ rule_found = True
+ break
+
+ self.assertTrue(rule_found)
uacctd = read_file(uacctd_conf)
# circular queue size - buffer_size
@@ -73,8 +92,205 @@ class TestSystemFlowAccounting(VyOSUnitTestSHIM.TestCase):
tmp //= 1000
self.assertIn(f'plugin_buffer_size: {tmp}', uacctd)
- # Check for running process
- self.assertTrue(process_named_running(PROCESS_NAME))
+ # when 'disable-imt' is not configured on the CLI it must be present
+ self.assertIn(f'imt_path: /tmp/uacctd.pipe', uacctd)
+ self.assertIn(f'imt_mem_pools_number: 169', uacctd)
+ self.assertIn(f'syslog: {syslog}', uacctd)
+ self.assertIn(f'plugins: memory', uacctd)
+
+ def test_sflow(self):
+ sampling_rate = '4000'
+ source_address = '192.0.2.1'
+ dummy_if = 'dum3841'
+ agent_address = '192.0.2.2'
+
+ sflow_server = {
+ '1.2.3.4' : { },
+ '5.6.7.8' : { 'port' : '6000' },
+ }
+
+ self.cli_set(['interfaces', 'dummy', dummy_if, 'address', agent_address + '/32'])
+ self.cli_set(['interfaces', 'dummy', dummy_if, 'address', source_address + '/32'])
+ self.cli_set(base_path + ['disable-imt'])
+
+ # You need to configure at least one interface for flow-accounting
+ with self.assertRaises(ConfigSessionError):
+ self.cli_commit()
+ for interface in Section.interfaces('ethernet'):
+ self.cli_set(base_path + ['interface', interface])
+
+
+ # You need to configure at least one sFlow or NetFlow protocol, or not
+ # set "disable-imt" for flow-accounting
+ with self.assertRaises(ConfigSessionError):
+ self.cli_commit()
+
+ self.cli_set(base_path + ['sflow', 'agent-address', agent_address])
+ self.cli_set(base_path + ['sflow', 'sampling-rate', sampling_rate])
+ self.cli_set(base_path + ['sflow', 'source-address', source_address])
+ for server, server_config in sflow_server.items():
+ self.cli_set(base_path + ['sflow', 'server', server])
+ if 'port' in server_config:
+ self.cli_set(base_path + ['sflow', 'server', server, 'port', server_config['port']])
+
+ # commit changes
+ self.cli_commit()
+
+ uacctd = read_file(uacctd_conf)
+
+ # when 'disable-imt' is not configured on the CLI it must be present
+ self.assertNotIn(f'imt_path: /tmp/uacctd.pipe', uacctd)
+ self.assertNotIn(f'imt_mem_pools_number: 169', uacctd)
+ self.assertNotIn(f'plugins: memory', uacctd)
+
+ for server, server_config in sflow_server.items():
+ if 'port' in server_config:
+ self.assertIn(f'sfprobe_receiver[sf_{server}]: {server}', uacctd)
+ else:
+ self.assertIn(f'sfprobe_receiver[sf_{server}]: {server}:6343', uacctd)
+
+ self.assertIn(f'sfprobe_agentip[sf_{server}]: {agent_address}', uacctd)
+ self.assertIn(f'sampling_rate[sf_{server}]: {sampling_rate}', uacctd)
+ self.assertIn(f'sfprobe_source_ip[sf_{server}]: {source_address}', uacctd)
+
+ self.cli_delete(['interfaces', 'dummy', dummy_if])
+
+ def test_sflow_ipv6(self):
+ sampling_rate = '100'
+ sflow_server = {
+ '2001:db8::1' : { },
+ '2001:db8::2' : { 'port' : '6000' },
+ }
+
+ self.cli_set(base_path + ['disable-imt'])
+
+ # You need to configure at least one interface for flow-accounting
+ with self.assertRaises(ConfigSessionError):
+ self.cli_commit()
+ for interface in Section.interfaces('ethernet'):
+ self.cli_set(base_path + ['interface', interface])
+
+
+ # You need to configure at least one sFlow or NetFlow protocol, or not
+ # set "disable-imt" for flow-accounting
+ with self.assertRaises(ConfigSessionError):
+ self.cli_commit()
+
+ self.cli_set(base_path + ['sflow', 'sampling-rate', sampling_rate])
+ for server, server_config in sflow_server.items():
+ self.cli_set(base_path + ['sflow', 'server', server])
+ if 'port' in server_config:
+ self.cli_set(base_path + ['sflow', 'server', server, 'port', server_config['port']])
+
+ # commit changes
+ self.cli_commit()
+
+ uacctd = read_file(uacctd_conf)
+
+ # when 'disable-imt' is not configured on the CLI it must be present
+ self.assertNotIn(f'imt_path: /tmp/uacctd.pipe', uacctd)
+ self.assertNotIn(f'imt_mem_pools_number: 169', uacctd)
+ self.assertNotIn(f'plugins: memory', uacctd)
+
+ for server, server_config in sflow_server.items():
+ tmp_srv = server
+ if is_ipv6(tmp_srv):
+ tmp_srv = tmp_srv.replace(':', '.')
+
+ if 'port' in server_config:
+ self.assertIn(f'sfprobe_receiver[sf_{tmp_srv}]: {bracketize_ipv6(server)}', uacctd)
+ else:
+ self.assertIn(f'sfprobe_receiver[sf_{tmp_srv}]: {bracketize_ipv6(server)}:6343', uacctd)
+ self.assertIn(f'sampling_rate[sf_{tmp_srv}]: {sampling_rate}', uacctd)
+
+ def test_netflow(self):
+ engine_id = '33'
+ max_flows = '667'
+ sampling_rate = '100'
+ source_address = '192.0.2.1'
+ dummy_if = 'dum3842'
+ agent_address = '192.0.2.10'
+ version = '10'
+ tmo_expiry = '120'
+ tmo_flow = '1200'
+ tmo_icmp = '60'
+ tmo_max = '50000'
+ tmo_tcp_fin = '100'
+ tmo_tcp_generic = '120'
+ tmo_tcp_rst = '99'
+ tmo_udp = '10'
+
+ netflow_server = {
+ '11.22.33.44' : { },
+ '55.66.77.88' : { 'port' : '6000' },
+ '2001:db8::1' : { },
+ }
+
+ self.cli_set(['interfaces', 'dummy', dummy_if, 'address', agent_address + '/32'])
+ self.cli_set(['interfaces', 'dummy', dummy_if, 'address', source_address + '/32'])
+
+ for interface in Section.interfaces('ethernet'):
+ self.cli_set(base_path + ['interface', interface])
+
+ self.cli_set(base_path + ['netflow', 'engine-id', engine_id])
+ self.cli_set(base_path + ['netflow', 'max-flows', max_flows])
+ self.cli_set(base_path + ['netflow', 'sampling-rate', sampling_rate])
+ self.cli_set(base_path + ['netflow', 'source-address', source_address])
+ self.cli_set(base_path + ['netflow', 'version', version])
+
+ # timeouts
+ self.cli_set(base_path + ['netflow', 'timeout', 'expiry-interval', tmo_expiry])
+ self.cli_set(base_path + ['netflow', 'timeout', 'flow-generic', tmo_flow])
+ self.cli_set(base_path + ['netflow', 'timeout', 'icmp', tmo_icmp])
+ self.cli_set(base_path + ['netflow', 'timeout', 'max-active-life', tmo_max])
+ self.cli_set(base_path + ['netflow', 'timeout', 'tcp-fin', tmo_tcp_fin])
+ self.cli_set(base_path + ['netflow', 'timeout', 'tcp-generic', tmo_tcp_generic])
+ self.cli_set(base_path + ['netflow', 'timeout', 'tcp-rst', tmo_tcp_rst])
+ self.cli_set(base_path + ['netflow', 'timeout', 'udp', tmo_udp])
+
+ # You need to configure at least one netflow server
+ with self.assertRaises(ConfigSessionError):
+ self.cli_commit()
+
+ for server, server_config in netflow_server.items():
+ self.cli_set(base_path + ['netflow', 'server', server])
+ if 'port' in server_config:
+ self.cli_set(base_path + ['netflow', 'server', server, 'port', server_config['port']])
+
+ # commit changes
+ self.cli_commit()
+
+ uacctd = read_file(uacctd_conf)
+
+ tmp = []
+ for server, server_config in netflow_server.items():
+ tmp_srv = server
+ if is_ipv6(tmp_srv):
+ tmp_srv = tmp_srv.replace(':', '.')
+ tmp.append(f'nfprobe[nf_{tmp_srv}]')
+ tmp.append('memory')
+ self.assertIn('plugins: ' + ','.join(tmp), uacctd)
+
+ for server, server_config in netflow_server.items():
+ tmp_srv = server
+ if is_ipv6(tmp_srv):
+ tmp_srv = tmp_srv.replace(':', '.')
+
+ self.assertIn(f'nfprobe_engine[nf_{tmp_srv}]: {engine_id}', uacctd)
+ self.assertIn(f'nfprobe_maxflows[nf_{tmp_srv}]: {max_flows}', uacctd)
+ self.assertIn(f'sampling_rate[nf_{tmp_srv}]: {sampling_rate}', uacctd)
+ self.assertIn(f'nfprobe_source_ip[nf_{tmp_srv}]: {source_address}', uacctd)
+ self.assertIn(f'nfprobe_version[nf_{tmp_srv}]: {version}', uacctd)
+
+ if 'port' in server_config:
+ self.assertIn(f'nfprobe_receiver[nf_{tmp_srv}]: {bracketize_ipv6(server)}', uacctd)
+ else:
+ self.assertIn(f'nfprobe_receiver[nf_{tmp_srv}]: {bracketize_ipv6(server)}:2055', uacctd)
+
+ self.assertIn(f'nfprobe_timeouts[nf_{tmp_srv}]: expint={tmo_expiry}:general={tmo_flow}:icmp={tmo_icmp}:maxlife={tmo_max}:tcp.fin={tmo_tcp_fin}:tcp={tmo_tcp_generic}:tcp.rst={tmo_tcp_rst}:udp={tmo_udp}', uacctd)
+
+
+ self.cli_delete(['interfaces', 'dummy', dummy_if])
if __name__ == '__main__':
unittest.main(verbosity=2)
diff --git a/smoketest/scripts/cli/test_system_ipv6.py b/smoketest/scripts/cli/test_system_ipv6.py
index 1325d4b39..c8aea9100 100755
--- a/smoketest/scripts/cli/test_system_ipv6.py
+++ b/smoketest/scripts/cli/test_system_ipv6.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python3
#
-# Copyright (C) 2021 VyOS maintainers and contributors
+# Copyright (C) 2021-2022 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
@@ -17,12 +17,16 @@
import unittest
from base_vyostest_shim import VyOSUnitTestSHIM
+
+from vyos.template import is_ipv4
from vyos.util import read_file
+from vyos.util import get_interface_config
+from vyos.validate import is_intf_addr_assigned
base_path = ['system', 'ipv6']
file_forwarding = '/proc/sys/net/ipv6/conf/all/forwarding'
-file_disable = '/etc/modprobe.d/vyos_disable_ipv6.conf'
+file_disable = '/proc/sys/net/ipv6/conf/all/disable_ipv6'
file_dad = '/proc/sys/net/ipv6/conf/all/accept_dad'
file_multipath = '/proc/sys/net/ipv6/fib_multipath_hash_policy'
@@ -41,15 +45,6 @@ class TestSystemIPv6(VyOSUnitTestSHIM.TestCase):
self.assertEqual(read_file(file_forwarding), '0')
- def test_system_ipv6_disable(self):
- # Do not assign any IPv6 address on interfaces, this requires a reboot
- # which can not be tested, but we can read the config file :)
- self.cli_set(base_path + ['disable'])
- self.cli_commit()
-
- # Verify configuration file
- self.assertEqual(read_file(file_disable), 'options ipv6 disable_ipv6=1')
-
def test_system_ipv6_strict_dad(self):
# This defaults to 1
self.assertEqual(read_file(file_dad), '1')
diff --git a/smoketest/scripts/cli/test_system_login.py b/smoketest/scripts/cli/test_system_login.py
index 69a06eeac..1131b6f93 100755
--- a/smoketest/scripts/cli/test_system_login.py
+++ b/smoketest/scripts/cli/test_system_login.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python3
#
-# Copyright (C) 2019-2020 VyOS maintainers and contributors
+# Copyright (C) 2019-2022 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
@@ -23,6 +23,7 @@ from base_vyostest_shim import VyOSUnitTestSHIM
from distutils.version import LooseVersion
from platform import release as kernel_version
from subprocess import Popen, PIPE
+from pwd import getpwall
from vyos.configsession import ConfigSessionError
from vyos.util import cmd
@@ -52,6 +53,11 @@ class TestSystemLogin(VyOSUnitTestSHIM.TestCase):
self.cli_commit()
+ # After deletion, a user is not allowed to remain in /etc/passwd
+ usernames = [x[0] for x in getpwall()]
+ for user in users:
+ self.assertNotIn(user, usernames)
+
def test_add_linux_system_user(self):
# We are not allowed to re-use a username already taken by the Linux
# base system
@@ -235,4 +241,4 @@ class TestSystemLogin(VyOSUnitTestSHIM.TestCase):
self.assertTrue(tmp)
if __name__ == '__main__':
- unittest.main(verbosity=2, failfast=True)
+ unittest.main(verbosity=2)
diff --git a/smoketest/scripts/cli/test_system_logs.py b/smoketest/scripts/cli/test_system_logs.py
new file mode 100755
index 000000000..92fa9c3d9
--- /dev/null
+++ b/smoketest/scripts/cli/test_system_logs.py
@@ -0,0 +1,117 @@
+#!/usr/bin/env python3
+#
+# Copyright (C) 2021 VyOS maintainers and contributors
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 or later as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+import re
+import unittest
+from base_vyostest_shim import VyOSUnitTestSHIM
+from vyos.util import read_file
+
+# path to logrotate configs
+logrotate_atop_file = '/etc/logrotate.d/vyos-atop'
+logrotate_rsyslog_file = '/etc/logrotate.d/vyos-rsyslog'
+# default values
+default_atop_maxsize = '10M'
+default_atop_rotate = '10'
+default_rsyslog_size = '1M'
+default_rsyslog_rotate = '10'
+
+base_path = ['system', 'logs']
+
+
+def logrotate_config_parse(file_path):
+ # read the file
+ logrotate_config = read_file(file_path)
+ # create regex for parsing options
+ regex_options = re.compile(
+ r'(^\s+(?P<option_name_script>postrotate|prerotate|firstaction|lastaction|preremove)\n(?P<option_value_script>((?!endscript).)*)\n\s+endscript\n)|(^\s+(?P<option_name>[\S]+)([ \t]+(?P<option_value>\S+))*$)',
+ re.M | re.S)
+ # create empty dict for config
+ logrotate_config_dict = {}
+ # fill dictionary with actual config
+ for option in regex_options.finditer(logrotate_config):
+ option_name = option.group('option_name')
+ option_value = option.group('option_value')
+ option_name_script = option.group('option_name_script')
+ option_value_script = option.group('option_value_script')
+ if option_name:
+ logrotate_config_dict[option_name] = option_value
+ if option_name_script:
+ logrotate_config_dict[option_name_script] = option_value_script
+
+ # return config dictionary
+ return (logrotate_config_dict)
+
+
+class TestSystemLogs(VyOSUnitTestSHIM.TestCase):
+
+ def tearDown(self):
+ self.cli_delete(base_path)
+ self.cli_commit()
+
+ def test_logs_defaults(self):
+ # test with empty section for default values
+ self.cli_set(base_path)
+ self.cli_commit()
+
+ # read the config file and check content
+ logrotate_config_atop = logrotate_config_parse(logrotate_atop_file)
+ logrotate_config_rsyslog = logrotate_config_parse(
+ logrotate_rsyslog_file)
+ self.assertEqual(logrotate_config_atop['maxsize'], default_atop_maxsize)
+ self.assertEqual(logrotate_config_atop['rotate'], default_atop_rotate)
+ self.assertEqual(logrotate_config_rsyslog['size'], default_rsyslog_size)
+ self.assertEqual(logrotate_config_rsyslog['rotate'],
+ default_rsyslog_rotate)
+
+ def test_logs_atop_maxsize(self):
+ # test for maxsize option
+ self.cli_set(base_path + ['logrotate', 'atop', 'max-size', '50'])
+ self.cli_commit()
+
+ # read the config file and check content
+ logrotate_config = logrotate_config_parse(logrotate_atop_file)
+ self.assertEqual(logrotate_config['maxsize'], '50M')
+
+ def test_logs_atop_rotate(self):
+ # test for rotate option
+ self.cli_set(base_path + ['logrotate', 'atop', 'rotate', '50'])
+ self.cli_commit()
+
+ # read the config file and check content
+ logrotate_config = logrotate_config_parse(logrotate_atop_file)
+ self.assertEqual(logrotate_config['rotate'], '50')
+
+ def test_logs_rsyslog_size(self):
+ # test for size option
+ self.cli_set(base_path + ['logrotate', 'messages', 'max-size', '50'])
+ self.cli_commit()
+
+ # read the config file and check content
+ logrotate_config = logrotate_config_parse(logrotate_rsyslog_file)
+ self.assertEqual(logrotate_config['size'], '50M')
+
+ def test_logs_rsyslog_rotate(self):
+ # test for rotate option
+ self.cli_set(base_path + ['logrotate', 'messages', 'rotate', '50'])
+ self.cli_commit()
+
+ # read the config file and check content
+ logrotate_config = logrotate_config_parse(logrotate_rsyslog_file)
+ self.assertEqual(logrotate_config['rotate'], '50')
+
+
+if __name__ == '__main__':
+ unittest.main(verbosity=2)
diff --git a/smoketest/scripts/cli/test_system_ntp.py b/smoketest/scripts/cli/test_system_ntp.py
index e8cc64463..e2821687c 100755
--- a/smoketest/scripts/cli/test_system_ntp.py
+++ b/smoketest/scripts/cli/test_system_ntp.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python3
#
-# Copyright (C) 2019-2020 VyOS maintainers and contributors
+# Copyright (C) 2019-2022 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
@@ -14,7 +14,6 @@
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
-import re
import unittest
from base_vyostest_shim import VyOSUnitTestSHIM
@@ -29,17 +28,14 @@ PROCESS_NAME = 'ntpd'
NTP_CONF = '/run/ntpd/ntpd.conf'
base_path = ['system', 'ntp']
-def get_config_value(key):
- tmp = read_file(NTP_CONF)
- tmp = re.findall(r'\n?{}\s+(.*)'.format(key), tmp)
- # remove possible trailing whitespaces
- return [item.strip() for item in tmp]
-
class TestSystemNTP(VyOSUnitTestSHIM.TestCase):
- def setUp(self):
+ @classmethod
+ def setUpClass(cls):
+ super(TestSystemNTP, cls).setUpClass()
+
# ensure we can also run this test on a live system - so lets clean
# out the current configuration :)
- self.cli_delete(base_path)
+ cls.cli_delete(cls, base_path)
def tearDown(self):
self.cli_delete(base_path)
@@ -47,35 +43,38 @@ class TestSystemNTP(VyOSUnitTestSHIM.TestCase):
self.assertFalse(process_named_running(PROCESS_NAME))
- def test_ntp_options(self):
+ def test_01_ntp_options(self):
# Test basic NTP support with multiple servers and their options
servers = ['192.0.2.1', '192.0.2.2']
options = ['noselect', 'preempt', 'prefer']
- ntp_pool = 'pool.vyos.io'
+ pools = ['pool.vyos.io']
for server in servers:
for option in options:
self.cli_set(base_path + ['server', server, option])
# Test NTP pool
- self.cli_set(base_path + ['server', ntp_pool, 'pool'])
+ for pool in pools:
+ self.cli_set(base_path + ['server', pool, 'pool'])
# commit changes
self.cli_commit()
# Check generated configuration
- tmp = get_config_value('server')
- for server in servers:
- test = f'{server} iburst ' + ' '.join(options)
- self.assertTrue(test in tmp)
+ config = read_file(NTP_CONF)
+ self.assertIn('driftfile /var/lib/ntp/ntp.drift', config)
+ self.assertIn('restrict default noquery nopeer notrap nomodify', config)
+ self.assertIn('restrict source nomodify notrap noquery', config)
+ self.assertIn('restrict 127.0.0.1', config)
+ self.assertIn('restrict -6 ::1', config)
- tmp = get_config_value('pool')
- self.assertTrue(f'{ntp_pool} iburst' in tmp)
+ for server in servers:
+ self.assertIn(f'server {server} iburst ' + ' '.join(options), config)
- # Check for running process
- self.assertTrue(process_named_running(PROCESS_NAME))
+ for pool in pools:
+ self.assertIn(f'pool {pool} iburst', config)
- def test_ntp_clients(self):
+ def test_02_ntp_clients(self):
# Test the allowed-networks statement
listen_address = ['127.0.0.1', '::1']
for listen in listen_address:
@@ -96,23 +95,18 @@ class TestSystemNTP(VyOSUnitTestSHIM.TestCase):
self.cli_commit()
# Check generated client address configuration
+ config = read_file(NTP_CONF)
+ self.assertIn('restrict default ignore', config)
+
for network in networks:
network_address = address_from_cidr(network)
network_netmask = netmask_from_cidr(network)
-
- tmp = get_config_value(f'restrict {network_address}')[0]
- test = f'mask {network_netmask} nomodify notrap nopeer'
- self.assertTrue(tmp in test)
+ self.assertIn(f'restrict {network_address} mask {network_netmask} nomodify notrap nopeer', config)
# Check listen address
- tmp = get_config_value('interface')
- test = ['ignore wildcard']
+ self.assertIn('interface ignore wildcard', config)
for listen in listen_address:
- test.append(f'listen {listen}')
- self.assertEqual(tmp, test)
-
- # Check for running process
- self.assertTrue(process_named_running(PROCESS_NAME))
+ self.assertIn(f'interface listen {listen}', config)
if __name__ == '__main__':
unittest.main(verbosity=2)
diff --git a/smoketest/scripts/cli/test_vpn_ipsec.py b/smoketest/scripts/cli/test_vpn_ipsec.py
index c710aec6e..8a6514d57 100755
--- a/smoketest/scripts/cli/test_vpn_ipsec.py
+++ b/smoketest/scripts/cli/test_vpn_ipsec.py
@@ -28,6 +28,7 @@ vti_path = ['interfaces', 'vti']
nhrp_path = ['protocols', 'nhrp']
base_path = ['vpn', 'ipsec']
+charon_file = '/etc/strongswan.d/charon.conf'
dhcp_waiting_file = '/tmp/ipsec_dhcp_waiting'
swanctl_file = '/etc/swanctl/swanctl.conf'
@@ -111,9 +112,21 @@ rgiyCHemtMepq57Pl1Nmj49eEA==
"""
class TestVPNIPsec(VyOSUnitTestSHIM.TestCase):
- def setUp(self):
- self.cli_set(base_path + ['interface', f'{interface}.{vif}'])
+ @classmethod
+ def setUpClass(cls):
+ super(TestVPNIPsec, cls).setUpClass()
+ # ensure we can also run this test on a live system - so lets clean
+ # out the current configuration :)
+ cls.cli_delete(cls, base_path)
+
+ cls.cli_set(cls, base_path + ['interface', f'{interface}.{vif}'])
+ @classmethod
+ def tearDownClass(cls):
+ super(TestVPNIPsec, cls).tearDownClass()
+ cls.cli_delete(cls, base_path + ['interface', f'{interface}.{vif}'])
+
+ def setUp(self):
# Set IKE/ESP Groups
self.cli_set(base_path + ['esp-group', esp_group, 'proposal', '1', 'encryption', 'aes128'])
self.cli_set(base_path + ['esp-group', esp_group, 'proposal', '1', 'hash', 'sha1'])
@@ -127,7 +140,6 @@ class TestVPNIPsec(VyOSUnitTestSHIM.TestCase):
self.cli_delete(base_path)
self.cli_delete(tunnel_path)
- self.cli_delete(ethernet_path)
self.cli_commit()
# Check for no longer running process
@@ -158,8 +170,14 @@ class TestVPNIPsec(VyOSUnitTestSHIM.TestCase):
# Site to site
local_address = '192.0.2.10'
+ priority = '20'
+ life_bytes = '100000'
+ life_packets = '2000000'
peer_base_path = base_path + ['site-to-site', 'peer', peer_ip]
+ self.cli_set(base_path + ['esp-group', esp_group, 'life-bytes', life_bytes])
+ self.cli_set(base_path + ['esp-group', esp_group, 'life-packets', life_packets])
+
self.cli_set(peer_base_path + ['authentication', 'mode', 'pre-shared-secret'])
self.cli_set(peer_base_path + ['authentication', 'pre-shared-secret', secret])
self.cli_set(peer_base_path + ['ike-group', ike_group])
@@ -173,6 +191,10 @@ class TestVPNIPsec(VyOSUnitTestSHIM.TestCase):
self.cli_set(peer_base_path + ['tunnel', '1', 'remote', 'prefix', '172.17.11.0/24'])
self.cli_set(peer_base_path + ['tunnel', '1', 'remote', 'port', '443'])
+ self.cli_set(peer_base_path + ['tunnel', '2', 'local', 'prefix', '10.1.0.0/16'])
+ self.cli_set(peer_base_path + ['tunnel', '2', 'remote', 'prefix', '10.2.0.0/16'])
+ self.cli_set(peer_base_path + ['tunnel', '2', 'priority', priority])
+
self.cli_commit()
# Verify strongSwan configuration
@@ -180,6 +202,8 @@ class TestVPNIPsec(VyOSUnitTestSHIM.TestCase):
swanctl_conf_lines = [
f'version = 2',
f'auth = psk',
+ f'life_bytes = {life_bytes}',
+ f'life_packets = {life_packets}',
f'rekey_time = 28800s', # default value
f'proposals = aes128-sha1-modp1024',
f'esp_proposals = aes128-sha1-modp1024',
@@ -187,8 +211,15 @@ class TestVPNIPsec(VyOSUnitTestSHIM.TestCase):
f'local_addrs = {local_address} # dhcp:no',
f'remote_addrs = {peer_ip}',
f'mode = tunnel',
+ f'peer_{peer_ip.replace(".","-")}_tunnel_1',
f'local_ts = 172.16.10.0/24[tcp/443],172.16.11.0/24[tcp/443]',
- f'remote_ts = 172.17.10.0/24[tcp/443],172.17.11.0/24[tcp/443]'
+ f'remote_ts = 172.17.10.0/24[tcp/443],172.17.11.0/24[tcp/443]',
+ f'mode = tunnel',
+ f'peer_{peer_ip.replace(".","-")}_tunnel_2',
+ f'local_ts = 10.1.0.0/16',
+ f'remote_ts = 10.2.0.0/16',
+ f'priority = {priority}',
+ f'mode = tunnel',
]
for line in swanctl_conf_lines:
self.assertIn(line, swanctl_conf)
@@ -213,6 +244,7 @@ class TestVPNIPsec(VyOSUnitTestSHIM.TestCase):
peer_base_path = base_path + ['site-to-site', 'peer', peer_ip]
self.cli_set(peer_base_path + ['authentication', 'mode', 'pre-shared-secret'])
self.cli_set(peer_base_path + ['authentication', 'pre-shared-secret', secret])
+ self.cli_set(peer_base_path + ['connection-type', 'none'])
self.cli_set(peer_base_path + ['ike-group', ike_group])
self.cli_set(peer_base_path + ['default-esp-group', esp_group])
self.cli_set(peer_base_path + ['local-address', local_address])
@@ -241,6 +273,7 @@ class TestVPNIPsec(VyOSUnitTestSHIM.TestCase):
f'mode = tunnel',
f'local_ts = 172.16.10.0/24,172.16.11.0/24',
f'remote_ts = 172.17.10.0/24,172.17.11.0/24',
+ f'start_action = none',
f'if_id_in = {if_id}', # will be 11 for vti10 - shifted by one
f'if_id_out = {if_id}',
f'updown = "/etc/ipsec.d/vti-up-down {vti}"'
@@ -392,5 +425,75 @@ class TestVPNIPsec(VyOSUnitTestSHIM.TestCase):
# There is only one VTI test so no need to delete this globally in tearDown()
self.cli_delete(vti_path)
+
+ def test_06_flex_vpn_vips(self):
+ local_address = '192.0.2.5'
+ local_id = 'vyos-r1'
+ remote_id = 'vyos-r2'
+ peer_base_path = base_path + ['site-to-site', 'peer', peer_ip]
+
+ self.cli_set(tunnel_path + ['tun1', 'encapsulation', 'gre'])
+ self.cli_set(tunnel_path + ['tun1', 'source-address', local_address])
+
+ self.cli_set(base_path + ['interface', interface])
+ self.cli_set(base_path + ['options', 'flexvpn'])
+ self.cli_set(base_path + ['options', 'interface', 'tun1'])
+ self.cli_set(base_path + ['ike-group', ike_group, 'ikev2-reauth', 'no'])
+ self.cli_set(base_path + ['ike-group', ike_group, 'key-exchange', 'ikev2'])
+
+ self.cli_set(peer_base_path + ['authentication', 'id', local_id])
+ self.cli_set(peer_base_path + ['authentication', 'mode', 'pre-shared-secret'])
+ self.cli_set(peer_base_path + ['authentication', 'pre-shared-secret', secret])
+ self.cli_set(peer_base_path + ['authentication', 'remote-id', remote_id])
+ self.cli_set(peer_base_path + ['connection-type', 'initiate'])
+ self.cli_set(peer_base_path + ['ike-group', ike_group])
+ self.cli_set(peer_base_path + ['default-esp-group', esp_group])
+ self.cli_set(peer_base_path + ['local-address', local_address])
+ self.cli_set(peer_base_path + ['tunnel', '1', 'protocol', 'gre'])
+
+ self.cli_set(peer_base_path + ['virtual-address', '203.0.113.55'])
+ self.cli_set(peer_base_path + ['virtual-address', '203.0.113.56'])
+
+ self.cli_commit()
+
+ # Verify strongSwan configuration
+ swanctl_conf = read_file(swanctl_file)
+ swanctl_conf_lines = [
+ f'version = 2',
+ f'vips = 203.0.113.55, 203.0.113.56',
+ f'life_time = 3600s', # default value
+ f'local_addrs = {local_address} # dhcp:no',
+ f'remote_addrs = {peer_ip}',
+ f'peer_{peer_ip.replace(".","-")}_tunnel_1',
+ f'mode = tunnel',
+ ]
+
+ for line in swanctl_conf_lines:
+ self.assertIn(line, swanctl_conf)
+
+ swanctl_secrets_lines = [
+ f'id-local = {local_address} # dhcp:no',
+ f'id-remote = {peer_ip}',
+ f'id-localid = {local_id}',
+ f'id-remoteid = {remote_id}',
+ f'secret = "{secret}"',
+ ]
+
+ for line in swanctl_secrets_lines:
+ self.assertIn(line, swanctl_conf)
+
+ # Verify charon configuration
+ charon_conf = read_file(charon_file)
+ charon_conf_lines = [
+ f'# Cisco FlexVPN',
+ f'cisco_flexvpn = yes',
+ f'install_virtual_ip = yes',
+ f'install_virtual_ip_on = tun1',
+ ]
+
+ for line in charon_conf_lines:
+ self.assertIn(line, charon_conf)
+
+
if __name__ == '__main__':
unittest.main(verbosity=2)
diff --git a/smoketest/scripts/cli/test_vpn_openconnect.py b/smoketest/scripts/cli/test_vpn_openconnect.py
index b0e859b5c..bda279342 100755
--- a/smoketest/scripts/cli/test_vpn_openconnect.py
+++ b/smoketest/scripts/cli/test_vpn_openconnect.py
@@ -24,8 +24,27 @@ OCSERV_CONF = '/run/ocserv/ocserv.conf'
base_path = ['vpn', 'openconnect']
pki_path = ['pki']
-cert_data = 'MIICFDCCAbugAwIBAgIUfMbIsB/ozMXijYgUYG80T1ry+mcwCgYIKoZIzj0EAwIwWTELMAkGA1UEBhMCR0IxEzARBgNVBAgMClNvbWUtU3RhdGUxEjAQBgNVBAcMCVNvbWUtQ2l0eTENMAsGA1UECgwEVnlPUzESMBAGA1UEAwwJVnlPUyBUZXN0MB4XDTIxMDcyMDEyNDUxMloXDTI2MDcxOTEyNDUxMlowWTELMAkGA1UEBhMCR0IxEzARBgNVBAgMClNvbWUtU3RhdGUxEjAQBgNVBAcMCVNvbWUtQ2l0eTENMAsGA1UECgwEVnlPUzESMBAGA1UEAwwJVnlPUyBUZXN0MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE01HrLcNttqq4/PtoMua8rMWEkOdBu7vP94xzDO7A8C92ls1v86eePy4QllKCzIw3QxBIoCuH2peGRfWgPRdFsKNhMF8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMB0GA1UdDgQWBBSu+JnU5ZC4mkuEpqg2+Mk4K79oeDAKBggqhkjOPQQDAgNHADBEAiBEFdzQ/Bc3LftzngrY605UhA6UprHhAogKgROv7iR4QgIgEFUxTtW3xXJcnUPWhhUFhyZoqfn8dE93+dm/LDnp7C0='
-key_data = 'MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgPLpD0Ohhoq0g4nhx2KMIuze7ucKUt/lBEB2wc03IxXyhRANCAATTUestw222qrj8+2gy5rysxYSQ50G7u8/3jHMM7sDwL3aWzW/zp54/LhCWUoLMjDdDEEigK4fal4ZF9aA9F0Ww'
+
+cert_data = """
+MIICFDCCAbugAwIBAgIUfMbIsB/ozMXijYgUYG80T1ry+mcwCgYIKoZIzj0EAwIw
+WTELMAkGA1UEBhMCR0IxEzARBgNVBAgMClNvbWUtU3RhdGUxEjAQBgNVBAcMCVNv
+bWUtQ2l0eTENMAsGA1UECgwEVnlPUzESMBAGA1UEAwwJVnlPUyBUZXN0MB4XDTIx
+MDcyMDEyNDUxMloXDTI2MDcxOTEyNDUxMlowWTELMAkGA1UEBhMCR0IxEzARBgNV
+BAgMClNvbWUtU3RhdGUxEjAQBgNVBAcMCVNvbWUtQ2l0eTENMAsGA1UECgwEVnlP
+UzESMBAGA1UEAwwJVnlPUyBUZXN0MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE
+01HrLcNttqq4/PtoMua8rMWEkOdBu7vP94xzDO7A8C92ls1v86eePy4QllKCzIw3
+QxBIoCuH2peGRfWgPRdFsKNhMF8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8E
+BAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMB0GA1UdDgQWBBSu
++JnU5ZC4mkuEpqg2+Mk4K79oeDAKBggqhkjOPQQDAgNHADBEAiBEFdzQ/Bc3Lftz
+ngrY605UhA6UprHhAogKgROv7iR4QgIgEFUxTtW3xXJcnUPWhhUFhyZoqfn8dE93
++dm/LDnp7C0=
+"""
+
+key_data = """
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgPLpD0Ohhoq0g4nhx
+2KMIuze7ucKUt/lBEB2wc03IxXyhRANCAATTUestw222qrj8+2gy5rysxYSQ50G7
+u8/3jHMM7sDwL3aWzW/zp54/LhCWUoLMjDdDEEigK4fal4ZF9aA9F0Ww
+"""
class TestVpnOpenconnect(VyOSUnitTestSHIM.TestCase):
def tearDown(self):
@@ -37,18 +56,21 @@ class TestVpnOpenconnect(VyOSUnitTestSHIM.TestCase):
def test_vpn(self):
user = 'vyos_user'
password = 'vyos_pass'
+ otp = '37500000026900000000200000000000'
+
self.cli_delete(pki_path)
self.cli_delete(base_path)
- self.cli_set(pki_path + ['ca', 'openconnect', 'certificate', cert_data])
- self.cli_set(pki_path + ['certificate', 'openconnect', 'certificate', cert_data])
- self.cli_set(pki_path + ['certificate', 'openconnect', 'private', 'key', key_data])
+ self.cli_set(pki_path + ['ca', 'openconnect', 'certificate', cert_data.replace('\n','')])
+ self.cli_set(pki_path + ['certificate', 'openconnect', 'certificate', cert_data.replace('\n','')])
+ self.cli_set(pki_path + ['certificate', 'openconnect', 'private', 'key', key_data.replace('\n','')])
- self.cli_set(base_path + ["authentication", "local-users", "username", user, "password", password])
- self.cli_set(base_path + ["authentication", "mode", "local"])
- self.cli_set(base_path + ["network-settings", "client-ip-settings", "subnet", "192.0.2.0/24"])
- self.cli_set(base_path + ["ssl", "ca-certificate", 'openconnect'])
- self.cli_set(base_path + ["ssl", "certificate", 'openconnect'])
+ self.cli_set(base_path + ['authentication', 'local-users', 'username', user, 'password', password])
+ self.cli_set(base_path + ['authentication', 'local-users', 'username', user, 'otp', 'key', otp])
+ self.cli_set(base_path + ['authentication', 'mode', 'local', 'password-otp'])
+ self.cli_set(base_path + ['network-settings', 'client-ip-settings', 'subnet', '192.0.2.0/24'])
+ self.cli_set(base_path + ['ssl', 'ca-certificate', 'openconnect'])
+ self.cli_set(base_path + ['ssl', 'certificate', 'openconnect'])
self.cli_commit()
diff --git a/smoketest/scripts/cli/test_vrf.py b/smoketest/scripts/cli/test_vrf.py
index 5ffa9c086..176c095fb 100755
--- a/smoketest/scripts/cli/test_vrf.py
+++ b/smoketest/scripts/cli/test_vrf.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python3
#
-# Copyright (C) 2020-2021 VyOS maintainers and contributors
+# Copyright (C) 2020-2022 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
@@ -25,9 +25,10 @@ from base_vyostest_shim import VyOSUnitTestSHIM
from vyos.configsession import ConfigSessionError
from vyos.ifconfig import Interface
from vyos.ifconfig import Section
-from vyos.template import is_ipv6
+from vyos.template import is_ipv4
from vyos.util import cmd
from vyos.util import read_file
+from vyos.util import get_interface_config
from vyos.validate import is_intf_addr_assigned
base_path = ['vrf']
@@ -48,7 +49,7 @@ class VRFTest(VyOSUnitTestSHIM.TestCase):
if not '.' in tmp:
cls._interfaces.append(tmp)
# call base-classes classmethod
- super(cls, cls).setUpClass()
+ super(VRFTest, cls).setUpClass()
def tearDown(self):
# delete all VRFs
@@ -105,10 +106,13 @@ class VRFTest(VyOSUnitTestSHIM.TestCase):
frrconfig = self.getFRRconfig(f'vrf {vrf}')
self.assertIn(f' vni {table}', frrconfig)
+ tmp = get_interface_config(vrf)
+ self.assertEqual(int(table), tmp['linkinfo']['info_data']['table'])
+
# Increment table ID for the next run
table = str(int(table) + 1)
- def test_vrf_loopback_ips(self):
+ def test_vrf_loopbacks_ips(self):
table = '2000'
for vrf in vrfs:
base = base_path + ['name', vrf]
@@ -119,10 +123,16 @@ class VRFTest(VyOSUnitTestSHIM.TestCase):
self.cli_commit()
# Verify VRF configuration
+ loopbacks = ['127.0.0.1', '::1']
for vrf in vrfs:
- self.assertTrue(vrf in interfaces())
- self.assertTrue(is_intf_addr_assigned(vrf, '127.0.0.1'))
- self.assertTrue(is_intf_addr_assigned(vrf, '::1'))
+ # Ensure VRF was created
+ self.assertIn(vrf, interfaces())
+ # Verify IP forwarding is 1 (enabled)
+ self.assertEqual(read_file(f'/proc/sys/net/ipv4/conf/{vrf}/forwarding'), '1')
+ self.assertEqual(read_file(f'/proc/sys/net/ipv6/conf/{vrf}/forwarding'), '1')
+ # Test for proper loopback IP assignment
+ for addr in loopbacks:
+ self.assertTrue(is_intf_addr_assigned(vrf, addr))
def test_vrf_bind_all(self):
table = '2000'
@@ -174,11 +184,11 @@ class VRFTest(VyOSUnitTestSHIM.TestCase):
# commit changes
self.cli_commit()
- # Verify & cleanup
+ # Verify VRF assignmant
for interface in self._interfaces:
- # os.readlink resolves to: '../../../../../virtual/net/foovrf'
- tmp = os.readlink(f'/sys/class/net/{interface}/master').split('/')[-1]
- self.assertEqual(tmp, vrf)
+ tmp = get_interface_config(interface)
+ self.assertEqual(vrf, tmp['master'])
+
# cleanup
section = Section.section(interface)
self.cli_delete(['interfaces', section, interface, 'vrf'])
@@ -220,5 +230,66 @@ class VRFTest(VyOSUnitTestSHIM.TestCase):
# Increment table ID for the next run
table = str(int(table) + 1)
+ def test_vrf_link_local_ip_addresses(self):
+ # Testcase for issue T4331
+ table = '100'
+ vrf = 'orange'
+ interface = 'dum9998'
+ addresses = ['192.0.2.1/26', '2001:db8:9998::1/64', 'fe80::1/64']
+
+ for address in addresses:
+ self.cli_set(['interfaces', 'dummy', interface, 'address', address])
+
+ # Create dummy interfaces
+ self.cli_commit()
+
+ # ... and verify IP addresses got assigned
+ for address in addresses:
+ self.assertTrue(is_intf_addr_assigned(interface, address))
+
+ # Move interface to VRF
+ self.cli_set(base_path + ['name', vrf, 'table', table])
+ self.cli_set(['interfaces', 'dummy', interface, 'vrf', vrf])
+
+ # Apply VRF config
+ self.cli_commit()
+ # Ensure VRF got created
+ self.assertIn(vrf, interfaces())
+ # ... and IP addresses are still assigned
+ for address in addresses:
+ self.assertTrue(is_intf_addr_assigned(interface, address))
+ # Verify VRF table ID
+ tmp = get_interface_config(vrf)
+ self.assertEqual(int(table), tmp['linkinfo']['info_data']['table'])
+
+ # Verify interface is assigned to VRF
+ tmp = get_interface_config(interface)
+ self.assertEqual(vrf, tmp['master'])
+
+ # Delete Interface
+ self.cli_delete(['interfaces', 'dummy', interface])
+ self.cli_commit()
+
+ def test_vrf_disable_forwarding(self):
+ table = '2000'
+ for vrf in vrfs:
+ base = base_path + ['name', vrf]
+ self.cli_set(base + ['table', table])
+ self.cli_set(base + ['ip', 'disable-forwarding'])
+ self.cli_set(base + ['ipv6', 'disable-forwarding'])
+ table = str(int(table) + 1)
+
+ # commit changes
+ self.cli_commit()
+
+ # Verify VRF configuration
+ loopbacks = ['127.0.0.1', '::1']
+ for vrf in vrfs:
+ # Ensure VRF was created
+ self.assertIn(vrf, interfaces())
+ # Verify IP forwarding is 0 (disabled)
+ self.assertEqual(read_file(f'/proc/sys/net/ipv4/conf/{vrf}/forwarding'), '0')
+ self.assertEqual(read_file(f'/proc/sys/net/ipv6/conf/{vrf}/forwarding'), '0')
+
if __name__ == '__main__':
unittest.main(verbosity=2)
diff --git a/smoketest/scripts/cli/test_zone_policy.py b/smoketest/scripts/cli/test_zone_policy.py
new file mode 100755
index 000000000..2c580e2f1
--- /dev/null
+++ b/smoketest/scripts/cli/test_zone_policy.py
@@ -0,0 +1,69 @@
+#!/usr/bin/env python3
+#
+# Copyright (C) 2021-2022 VyOS maintainers and contributors
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 or later as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+import unittest
+
+from base_vyostest_shim import VyOSUnitTestSHIM
+
+from vyos.util import cmd
+
+class TestZonePolicy(VyOSUnitTestSHIM.TestCase):
+ @classmethod
+ def setUpClass(cls):
+ super(TestZonePolicy, cls).setUpClass()
+ cls.cli_set(cls, ['firewall', 'name', 'smoketest', 'default-action', 'drop'])
+
+ @classmethod
+ def tearDownClass(cls):
+ cls.cli_delete(cls, ['firewall'])
+ super(TestZonePolicy, cls).tearDownClass()
+
+ def tearDown(self):
+ self.cli_delete(['zone-policy'])
+ self.cli_commit()
+
+ def test_basic_zone(self):
+ self.cli_set(['zone-policy', 'zone', 'smoketest-eth0', 'interface', 'eth0'])
+ self.cli_set(['zone-policy', 'zone', 'smoketest-eth0', 'from', 'smoketest-local', 'firewall', 'name', 'smoketest'])
+ self.cli_set(['zone-policy', 'zone', 'smoketest-local', 'local-zone'])
+ self.cli_set(['zone-policy', 'zone', 'smoketest-local', 'from', 'smoketest-eth0', 'firewall', 'name', 'smoketest'])
+
+ self.cli_commit()
+
+ nftables_search = [
+ ['chain VZONE_smoketest-eth0'],
+ ['chain VZONE_smoketest-local_IN'],
+ ['chain VZONE_smoketest-local_OUT'],
+ ['oifname { "eth0" }', 'jump VZONE_smoketest-eth0'],
+ ['jump VZONE_smoketest-local_IN'],
+ ['jump VZONE_smoketest-local_OUT'],
+ ['iifname { "eth0" }', 'jump NAME_smoketest'],
+ ['oifname { "eth0" }', 'jump NAME_smoketest']
+ ]
+
+ nftables_output = cmd('sudo nft list table ip filter')
+
+ for search in nftables_search:
+ matched = False
+ for line in nftables_output.split("\n"):
+ if all(item in line for item in search):
+ matched = True
+ break
+ self.assertTrue(matched)
+
+
+if __name__ == '__main__':
+ unittest.main(verbosity=2)
generated by cgit v1.2.3 (git 2.39.1) at 2024-10-22 09:26:05 +0000