-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathtest.cfg
40 lines (40 loc) · 2.64 KB
/
test.cfg
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
set address "LB_transit" "intlb-secure-user-proxy" 10.13.8.93 255.255.255.255
set address "LB_transit" "intlb-secure-server-proxy" 10.13.8.94 255.255.255.255
set address "Trust" "icztr-server0001" 10.10.138.62 255.255.255.255
set address "Trust" "icztr-server0002" 10.10.138.63 255.255.255.255
set address "Trust" "icztr-server0003" 10.10.138.64 255.255.255.255
set address "Trust" "icztr-server0004" 10.20.32.4 255.255.255.255
set address "Trust" "icztr-server0005" 10.20.32.58 255.255.255.255
set address "Trust" "icztr-server0006" 10.20.32.65 255.255.255.255
set address "Trust" "icztr-dbserver0001" 10.10.137.247 255.255.255.255
set group address "Trust" "gr-icztr-bes-servers" add "icztr-server0001"
set group address "Trust" "gr-icztr-bes-servers" add "icztr-server0002"
set group address "Trust" "gr-icztr-bes-servers" add "icztr-server0003"
set group address "Trust" "gr-icztr-bes-servers" add "icztr-server0004"
set group address "Trust" "gr-icztr-bes-servers" add "icztr-server0005"
set group address "Trust" "gr-icztr-bes-servers" add "icztr-server0006"
set group address "Trust" "gr-icztr-bes-servers" add "icztr-dbserver0001"
set address "Business_servers" "bsvr-server0101" 10.13.10.33 255.255.255.255
set address "Business_servers" "bsvr-server0102" 10.13.10.34 255.255.255.255
set group address "Business_servers" "gr-bsvr-blackberry-routers" add "bsvr-server0101"
set group address "Business_servers" "gr-bsvr-blackberry-routers" add "bsvr-server0102"
set service "tcp-3101" protocol tcp dst-port 3101-3101
set service "tcp-8080" protocol tcp dst-port 8080-8080
set policy name "rule 1" from Trust to Business_servers gr-icztr-bes-servers gr-bsvr-blackberry-routers tcp-3101 permit log
set service "tcp-8080"
exit
set policy name "rule2" from Business_servers to LB_transit gr-bsvr-blackberry-routers intlb-secure-server-proxy tcp-1080 permit log
exit
set policy name from Business_servers to Trust gr-bsvr-blackberry-routers any tcp-8888 permit log
set service "tcp-8080"
exit
set service "tcp-3101" protocol tcp dst-port 3101-3101
set address "Untrust" "unctl-216.9.240.6" 216.9.240.6 255.255.255.255
set address "Untrust" "unctl-68.171.240.33" 68.171.240.33 255.255.255.255
set address "Untrust" "unctl-216.9.242.6" 216.9.242.6 255.255.255.255
set address "Untrust" "unctl-68.171.242.6" 68.171.242.6 255.255.255.255
set group address "Untrust" "gr-unctl-blackberry-noc"
set group address "Untrust" "gr-unctl-blackberry-noc" add "unctl-216.9.240.6"
set group address "Untrust" "gr-unctl-blackberry-noc" add "unctl-68.171.240.33"
set group address "Untrust" "gr-unctl-blackberry-noc" add "unctl-216.9.242.6"
set group address "Untrust" "gr-unctl-blackberry-noc" add "unctl-68.171.242.6"