login as: itconsult itconsult@ha-r02a.itconsult.net's password: Last login: Thu Feb 29 07:53:06 2024 from m57.itconsult.net itconsult@ha-r02a:~$ itconsult@ha-r02a:~$ sh system image The system currently has the following image(s) installed: 1: 1.4.0-epa1 2: 1.3.3 (default boot) itconsult@ha-r02a:~$ del system image 1.3.3 Cannot delete current running image. Reboot into a different image to delete this image. Exiting... itconsult@ha-r02a:~$ del system image 1.4.0-epa1 Are you sure you want to delete the "1.4.0-epa1" image? (Yes/No) [No]: y Deleting the "1.4.0-epa1" image... Done itconsult@ha-r02a:~$ itconsult@ha-r02a:~$ itconsult@ha-r02a:~$ itconsult@ha-r02a:~$ itconsult@ha-r02a:~$ conf [edit] itconsult@ha-r02a# set firewall name TO-ROUTER rule 30 source address '213.133.203.24/29' [edit] itconsult@ha-r02a# commit [edit] itconsult@ha-r02a# set interfaces ethernet eth0 vif 10 disable set interfaces ethernet eth0 vif 12 disable set interfaces ethernet eth0 vif 130 disable set interfaces ethernet eth0 vif 131 disable set interfaces ethernet eth0 vif 140 disable set interfaces ethernet eth0 vif 141 disable set interfaces ethernet eth0 vif 262 disable [edit] itconsult@ha-r02a# set interfaces ethernet eth0 vif 12 disable [edit] itconsult@ha-r02a# set interfaces ethernet eth0 vif 130 disable [edit] itconsult@ha-r02a# set interfaces ethernet eth0 vif 131 disable [edit] itconsult@ha-r02a# set interfaces ethernet eth0 vif 140 disable [edit] itconsult@ha-r02a# set interfaces ethernet eth0 vif 141 disable [edit] itconsult@ha-r02a# set interfaces ethernet eth0 vif 262 disable [edit] itconsult@ha-r02a# commit [edit] itconsult@ha-r02a# [edit] itconsult@ha-r02a# save Saving configuration to '/config/config.boot'... Done [edit] itconsult@ha-r02a# exit exit itconsult@ha-r02a:~$ sh conf c | strip-private set firewall all-ping 'enable' set firewall broadcast-ping 'disable' set firewall config-trap 'disable' set firewall group network-group internaladdresses network 'xxx.xxx.42.0/24' set firewall group network-group internaladdresses network 'xxx.xxx.23.0/29' set firewall group network-group internaladdresses network 'xxx.xxx.203.24/29' set firewall group network-group internaladdresses network 'xxx.xxx.69.64/29' set firewall group network-group internaladdresses network 'xxx.xxx.72.64/29' set firewall group network-group internaladdresses network 'xxx.xxx.4.208/29' set firewall group network-group itconsult network 'xxx.xxx.42.0/24' set firewall group network-group itconsult network 'xxx.xxx.134.0/24' set firewall group network-group outviajt network 'xxx.xxx.23.0/29' set firewall group network-group smbtom86 network 'xxx.xxx.144.150/32' set firewall group network-group smbtom86 network 'xxx.xxx.29.81/32' set firewall ipv6-receive-redirects 'disable' set firewall ipv6-src-route 'disable' set firewall ip-src-route 'disable' set firewall log-martians 'enable' set firewall name FROM-HAEMAIL default-action 'drop' set firewall name FROM-HAEMAIL rule 10 action 'accept' set firewall name FROM-HAEMAIL rule 10 description 'TCP to itconsult' set firewall name FROM-HAEMAIL rule 10 destination address 'xxx.xxx.42.0/24' set firewall name FROM-HAEMAIL rule 10 destination port 'domain,www,https,smtp,ldap,ldaps' set firewall name FROM-HAEMAIL rule 10 protocol 'tcp' set firewall name FROM-HAEMAIL rule 10 source address 'xxx.xxx.42.72/29' set firewall name FROM-HAEMAIL rule 11 action 'accept' set firewall name FROM-HAEMAIL rule 11 description 'UDP to itconsult' set firewall name FROM-HAEMAIL rule 11 destination address 'xxx.xxx.42.0/24' set firewall name FROM-HAEMAIL rule 11 destination port 'domain,ntp,syslog,ldap,ldaps' set firewall name FROM-HAEMAIL rule 11 protocol 'udp' set firewall name FROM-HAEMAIL rule 11 source address 'xxx.xxx.42.72/29' set firewall name FROM-HAEMAIL rule 110 action 'accept' set firewall name FROM-HAEMAIL rule 110 description 'Outgoing SMTP' set firewall name FROM-HAEMAIL rule 110 destination port 'smtp' set firewall name FROM-HAEMAIL rule 110 protocol 'tcp' set firewall name FROM-HAEMAIL rule 110 source address 'xxx.xxx.42.72/29' set firewall name FROM-HAEMAIL rule 120 action 'accept' set firewall name FROM-HAEMAIL rule 120 description 'Internet Browsing (normally disabled)' set firewall name FROM-HAEMAIL rule 120 destination port 'www,https' set firewall name FROM-HAEMAIL rule 120 disable set firewall name FROM-HAEMAIL rule 120 protocol 'tcp' set firewall name FROM-HAEMAIL rule 120 source address 'xxx.xxx.42.72/29' set firewall name FROM-HAEMAIL rule 996 action 'accept' set firewall name FROM-HAEMAIL rule 996 description 'ICMP throughout' set firewall name FROM-HAEMAIL rule 996 protocol 'icmp' set firewall name FROM-HAEMAIL rule 997 action 'accept' set firewall name FROM-HAEMAIL rule 997 description 'Firewall return traffic' set firewall name FROM-HAEMAIL rule 997 state established 'enable' set firewall name FROM-HAEMAIL rule 997 state related 'enable' set firewall name FROM-HAEMAIL rule 999 action 'reject' set firewall name FROM-HAEMAIL rule 999 description 'Block' set firewall name FROM-HAEMAIL rule 999 log 'disable' set firewall name FROM-HAEMAIL rule 999 protocol 'all' set firewall name FROM-HAHOSTING default-action 'drop' set firewall name FROM-HAHOSTING rule 10 action 'accept' set firewall name FROM-HAHOSTING rule 10 description 'TCP to itconsult' set firewall name FROM-HAHOSTING rule 10 destination address 'xxx.xxx.42.0/24' set firewall name FROM-HAHOSTING rule 10 destination port 'domain,smtp,5667' set firewall name FROM-HAHOSTING rule 10 protocol 'tcp' set firewall name FROM-HAHOSTING rule 10 source address 'xxx.xxx.42.0/28' set firewall name FROM-HAHOSTING rule 11 action 'accept' set firewall name FROM-HAHOSTING rule 11 description 'UDP to itconsult' set firewall name FROM-HAHOSTING rule 11 destination address 'xxx.xxx.42.0/24' set firewall name FROM-HAHOSTING rule 11 destination port 'domain,ntp,syslog' set firewall name FROM-HAHOSTING rule 11 protocol 'udp' set firewall name FROM-HAHOSTING rule 11 source address 'xxx.xxx.42.0/28' set firewall name FROM-HAHOSTING rule 110 action 'accept' set firewall name FROM-HAHOSTING rule 110 description 'Outgoing SMTP' set firewall name FROM-HAHOSTING rule 110 destination port 'smtp' set firewall name FROM-HAHOSTING rule 110 protocol 'tcp' set firewall name FROM-HAHOSTING rule 110 source address 'xxx.xxx.42.0/28' set firewall name FROM-HAHOSTING rule 120 action 'accept' set firewall name FROM-HAHOSTING rule 120 description 'Outgoing DNS' set firewall name FROM-HAHOSTING rule 120 destination port 'domain' set firewall name FROM-HAHOSTING rule 120 protocol 'udp' set firewall name FROM-HAHOSTING rule 120 source address 'xxx.xxx.42.0/28' set firewall name FROM-HAHOSTING rule 121 action 'accept' set firewall name FROM-HAHOSTING rule 121 description 'Outgoing DNS' set firewall name FROM-HAHOSTING rule 121 destination port 'domain' set firewall name FROM-HAHOSTING rule 121 protocol 'tcp' set firewall name FROM-HAHOSTING rule 121 source address 'xxx.xxx.42.0/28' set firewall name FROM-HAHOSTING rule 130 action 'accept' set firewall name FROM-HAHOSTING rule 130 description 'Internet Browsing (normally disabled)' set firewall name FROM-HAHOSTING rule 130 destination port 'www,https' set firewall name FROM-HAHOSTING rule 130 protocol 'tcp' set firewall name FROM-HAHOSTING rule 130 source address 'xxx.xxx.42.0/28' set firewall name FROM-HAHOSTING rule 140 action 'accept' set firewall name FROM-HAHOSTING rule 140 description 'm64 outgoing re Cattools' set firewall name FROM-HAHOSTING rule 140 destination port 'telnet,ssh,445' set firewall name FROM-HAHOSTING rule 140 protocol 'tcp' set firewall name FROM-HAHOSTING rule 140 source address 'xxx.xxx.42.10/32' set firewall name FROM-HAHOSTING rule 141 action 'accept' set firewall name FROM-HAHOSTING rule 141 description 'm71 ssh' set firewall name FROM-HAHOSTING rule 141 destination port 'ssh' set firewall name FROM-HAHOSTING rule 141 protocol 'tcp' set firewall name FROM-HAHOSTING rule 141 source address 'xxx.xxx.42.7/32' set firewall name FROM-HAHOSTING rule 996 action 'accept' set firewall name FROM-HAHOSTING rule 996 description 'ICMP throughout' set firewall name FROM-HAHOSTING rule 996 protocol 'icmp' set firewall name FROM-HAHOSTING rule 997 action 'accept' set firewall name FROM-HAHOSTING rule 997 description 'Firewall return traffic' set firewall name FROM-HAHOSTING rule 997 state established 'enable' set firewall name FROM-HAHOSTING rule 997 state related 'enable' set firewall name FROM-HAHOSTING rule 999 action 'reject' set firewall name FROM-HAHOSTING rule 999 description 'Block' set firewall name FROM-HAHOSTING rule 999 log 'disable' set firewall name FROM-HAHOSTING rule 999 protocol 'all' set firewall name FROM-HAJTHOSTING default-action 'drop' set firewall name FROM-HAJTHOSTING rule 10 action 'accept' set firewall name FROM-HAJTHOSTING rule 10 description 'TCP to itconsult' set firewall name FROM-HAJTHOSTING rule 10 destination address 'xxx.xxx.42.0/24' set firewall name FROM-HAJTHOSTING rule 10 destination port 'domain,www,https,smtp' set firewall name FROM-HAJTHOSTING rule 10 protocol 'tcp' set firewall name FROM-HAJTHOSTING rule 10 source address 'xxx.xxx.23.0/29' set firewall name FROM-HAJTHOSTING rule 11 action 'accept' set firewall name FROM-HAJTHOSTING rule 11 description 'UDP to itconsult' set firewall name FROM-HAJTHOSTING rule 11 destination address 'xxx.xxx.42.0/24' set firewall name FROM-HAJTHOSTING rule 11 destination port 'domain,ntp,syslog,ldap,ldaps' set firewall name FROM-HAJTHOSTING rule 11 protocol 'udp' set firewall name FROM-HAJTHOSTING rule 11 source address 'xxx.xxx.23.0/29' set firewall name FROM-HAJTHOSTING rule 110 action 'accept' set firewall name FROM-HAJTHOSTING rule 110 description 'Outgoing SMTP from m81' set firewall name FROM-HAJTHOSTING rule 110 destination port 'smtp' set firewall name FROM-HAJTHOSTING rule 110 protocol 'tcp' set firewall name FROM-HAJTHOSTING rule 110 source address 'xxx.xxx.23.2/32' set firewall name FROM-HAJTHOSTING rule 120 action 'accept' set firewall name FROM-HAJTHOSTING rule 120 description 'Internet Browsing (normally disabled)' set firewall name FROM-HAJTHOSTING rule 120 destination port 'www,https' set firewall name FROM-HAJTHOSTING rule 120 disable set firewall name FROM-HAJTHOSTING rule 120 protocol 'tcp' set firewall name FROM-HAJTHOSTING rule 120 source address 'xxx.xxx.23.0/29' set firewall name FROM-HAJTHOSTING rule 130 action 'accept' set firewall name FROM-HAJTHOSTING rule 130 description 'TEMP Outgoing Kali (normally disabled)' set firewall name FROM-HAJTHOSTING rule 130 disable set firewall name FROM-HAJTHOSTING rule 130 source address 'xxx.xxx.23.3/32' set firewall name FROM-HAJTHOSTING rule 996 action 'accept' set firewall name FROM-HAJTHOSTING rule 996 description 'ICMP throughout' set firewall name FROM-HAJTHOSTING rule 996 protocol 'icmp' set firewall name FROM-HAJTHOSTING rule 997 action 'accept' set firewall name FROM-HAJTHOSTING rule 997 description 'Firewall return traffic' set firewall name FROM-HAJTHOSTING rule 997 state established 'enable' set firewall name FROM-HAJTHOSTING rule 997 state related 'enable' set firewall name FROM-HAJTHOSTING rule 999 action 'reject' set firewall name FROM-HAJTHOSTING rule 999 description 'Block' set firewall name FROM-HAJTHOSTING rule 999 log 'disable' set firewall name FROM-HAJTHOSTING rule 999 protocol 'all' set firewall name FROM-HAUNIFI default-action 'drop' set firewall name FROM-HAUNIFI rule 10 action 'accept' set firewall name FROM-HAUNIFI rule 10 description 'TCP to itconsult' set firewall name FROM-HAUNIFI rule 10 destination address 'xxx.xxx.42.0/24' set firewall name FROM-HAUNIFI rule 10 destination port 'domain,smtp' set firewall name FROM-HAUNIFI rule 10 protocol 'tcp' set firewall name FROM-HAUNIFI rule 10 source address 'xxx.xxx.132.0/24' set firewall name FROM-HAUNIFI rule 11 action 'accept' set firewall name FROM-HAUNIFI rule 11 description 'UDP to itconsult' set firewall name FROM-HAUNIFI rule 11 destination address 'xxx.xxx.42.0/24' set firewall name FROM-HAUNIFI rule 11 destination port 'domain,ntp,syslog' set firewall name FROM-HAUNIFI rule 11 protocol 'udp' set firewall name FROM-HAUNIFI rule 11 source address 'xxx.xxx.132.0/24' set firewall name FROM-HAUNIFI rule 120 action 'accept' set firewall name FROM-HAUNIFI rule 120 description 'Internet Browsing (normally disabled)' set firewall name FROM-HAUNIFI rule 120 destination port 'www,https' set firewall name FROM-HAUNIFI rule 120 disable set firewall name FROM-HAUNIFI rule 120 protocol 'tcp' set firewall name FROM-HAUNIFI rule 120 source address 'xxx.xxx.132.0/24' set firewall name FROM-HAUNIFI rule 996 action 'accept' set firewall name FROM-HAUNIFI rule 996 description 'ICMP throughout' set firewall name FROM-HAUNIFI rule 996 protocol 'icmp' set firewall name FROM-HAUNIFI rule 997 action 'accept' set firewall name FROM-HAUNIFI rule 997 description 'Firewall return traffic' set firewall name FROM-HAUNIFI rule 997 state established 'enable' set firewall name FROM-HAUNIFI rule 997 state related 'enable' set firewall name FROM-HAUNIFI rule 999 action 'reject' set firewall name FROM-HAUNIFI rule 999 description 'Block' set firewall name FROM-HAUNIFI rule 999 log 'disable' set firewall name FROM-HAUNIFI rule 999 protocol 'all' set firewall name FROM-HAVIRT default-action 'drop' set firewall name FROM-HAVIRT rule 10 action 'accept' set firewall name FROM-HAVIRT rule 10 description 'All traffic to itconsult' set firewall name FROM-HAVIRT rule 10 destination address 'xxx.xxx.42.0/24' set firewall name FROM-HAVIRT rule 10 protocol 'all' set firewall name FROM-HAVIRT rule 10 source address 'xxx.xxx.42.80/28' set firewall name FROM-HAVIRT rule 11 action 'accept' set firewall name FROM-HAVIRT rule 11 description 'All traffic to itconsult - vlan 121' set firewall name FROM-HAVIRT rule 11 destination address 'xxx.xxx.4.208/29' set firewall name FROM-HAVIRT rule 11 protocol 'all' set firewall name FROM-HAVIRT rule 11 source address 'xxx.xxx.42.80/28' set firewall name FROM-HAVIRT rule 20 action 'accept' set firewall name FROM-HAVIRT rule 20 description 'NTP' set firewall name FROM-HAVIRT rule 20 destination port 'ntp' set firewall name FROM-HAVIRT rule 20 protocol 'udp' set firewall name FROM-HAVIRT rule 20 source address 'xxx.xxx.42.80/28' set firewall name FROM-HAVIRT rule 30 action 'accept' set firewall name FROM-HAVIRT rule 30 description 'Browsing' set firewall name FROM-HAVIRT rule 30 destination port 'www,https' set firewall name FROM-HAVIRT rule 30 protocol 'tcp' set firewall name FROM-HAVIRT rule 30 source address 'xxx.xxx.42.80/28' set firewall name FROM-HAVIRT rule 996 action 'accept' set firewall name FROM-HAVIRT rule 996 description 'ICMP throughout' set firewall name FROM-HAVIRT rule 996 protocol 'icmp' set firewall name FROM-HAVIRT rule 997 action 'accept' set firewall name FROM-HAVIRT rule 997 description 'Firewall return traffic' set firewall name FROM-HAVIRT rule 997 state established 'enable' set firewall name FROM-HAVIRT rule 997 state related 'enable' set firewall name FROM-HAVIRT rule 999 action 'reject' set firewall name FROM-HAVIRT rule 999 description 'Block' set firewall name FROM-HAVIRT rule 999 log 'disable' set firewall name FROM-HAVIRT rule 999 protocol 'all' set firewall name FROM-INSIDEH default-action 'drop' set firewall name FROM-INSIDEH rule 11 action 'accept' set firewall name FROM-INSIDEH rule 11 description 'Allow printer l01 only to local' set firewall name FROM-INSIDEH rule 11 destination group network-group 'itconsult' set firewall name FROM-INSIDEH rule 11 protocol 'all' set firewall name FROM-INSIDEH rule 11 source address 'xxx.xxx.42.37/32' set firewall name FROM-INSIDEH rule 12 action 'reject' set firewall name FROM-INSIDEH rule 12 description 'Deny printer l01 to Internet' set firewall name FROM-INSIDEH rule 12 protocol 'all' set firewall name FROM-INSIDEH rule 12 source address 'xxx.xxx.42.37/32' set firewall name FROM-INSIDEH rule 101 action 'accept' set firewall name FROM-INSIDEH rule 101 description 'All outgoing' set firewall name FROM-INSIDEH rule 101 protocol 'all' set firewall name FROM-INSIDEH rule 101 source address 'xxx.xxx.42.0/26' set firewall name FROM-INSIDEH rule 102 action 'accept' set firewall name FROM-INSIDEH rule 102 description 'All outgoing from JT subnet' set firewall name FROM-INSIDEH rule 102 protocol 'all' set firewall name FROM-INSIDEH rule 102 source address 'xxx.xxx.23.0/29' set firewall name FROM-INSIDEH rule 991 action 'reject' set firewall name FROM-INSIDEH rule 991 description 'Reject broadcast without logging' set firewall name FROM-INSIDEH rule 991 destination address 'xxx.xxx.16.7' set firewall name FROM-INSIDEH rule 991 protocol 'all' set firewall name FROM-INSIDEH rule 998 action 'reject' set firewall name FROM-INSIDEH rule 998 description 'Reject broadcast without logging' set firewall name FROM-INSIDEH rule 998 destination address 'xxx.xxx.42.127' set firewall name FROM-INSIDEH rule 998 protocol 'all' set firewall name FROM-INSIDEH rule 999 action 'reject' set firewall name FROM-INSIDEH rule 999 description 'Block' set firewall name FROM-INSIDEH rule 999 log 'disable' set firewall name FROM-INSIDEH rule 999 protocol 'all' set firewall name FROM-MR default-action 'drop' set firewall name FROM-MR rule 10 action 'accept' set firewall name FROM-MR rule 10 description 'All Outgoing' set firewall name FROM-MR rule 10 protocol 'all' set firewall name FROM-MR rule 10 source address 'xxx.xxx.134.0/24' set firewall name FROM-MR rule 996 action 'accept' set firewall name FROM-MR rule 996 description 'ICMP throughout' set firewall name FROM-MR rule 996 protocol 'icmp' set firewall name FROM-MR rule 997 action 'accept' set firewall name FROM-MR rule 997 description 'Firewall return traffic' set firewall name FROM-MR rule 997 state established 'enable' set firewall name FROM-MR rule 997 state related 'enable' set firewall name FROM-MR rule 999 action 'reject' set firewall name FROM-MR rule 999 description 'Block' set firewall name FROM-MR rule 999 log 'disable' set firewall name FROM-MR rule 999 protocol 'all' set firewall name TO-HAEMAIL default-action 'drop' set firewall name TO-HAEMAIL rule 10 action 'accept' set firewall name TO-HAEMAIL rule 10 description 'TCP from itconsult' set firewall name TO-HAEMAIL rule 10 destination address 'xxx.xxx.42.72/29' set firewall name TO-HAEMAIL rule 10 destination port 'ssh,smtp,pop3,imap,imaps,submission' set firewall name TO-HAEMAIL rule 10 protocol 'tcp' set firewall name TO-HAEMAIL rule 10 source address 'xxx.xxx.42.0/24' set firewall name TO-HAEMAIL rule 11 action 'accept' set firewall name TO-HAEMAIL rule 11 description 'UDP from itconsult' set firewall name TO-HAEMAIL rule 11 destination address 'xxx.xxx.42.72/29' set firewall name TO-HAEMAIL rule 11 destination port 'snmp' set firewall name TO-HAEMAIL rule 11 protocol 'udp' set firewall name TO-HAEMAIL rule 11 source address 'xxx.xxx.42.0/24' set firewall name TO-HAEMAIL rule 110 action 'accept' set firewall name TO-HAEMAIL rule 110 description 'SMTP throughout' set firewall name TO-HAEMAIL rule 110 destination address 'xxx.xxx.42.72/29' set firewall name TO-HAEMAIL rule 110 destination port 'smtp' set firewall name TO-HAEMAIL rule 110 protocol 'tcp' set firewall name TO-HAEMAIL rule 996 action 'accept' set firewall name TO-HAEMAIL rule 996 description 'ICMP throughout' set firewall name TO-HAEMAIL rule 996 protocol 'icmp' set firewall name TO-HAEMAIL rule 997 action 'accept' set firewall name TO-HAEMAIL rule 997 description 'Firewall return traffic' set firewall name TO-HAEMAIL rule 997 state established 'enable' set firewall name TO-HAEMAIL rule 997 state related 'enable' set firewall name TO-HAEMAIL rule 999 action 'reject' set firewall name TO-HAEMAIL rule 999 description 'Block' set firewall name TO-HAEMAIL rule 999 log 'disable' set firewall name TO-HAEMAIL rule 999 protocol 'all' set firewall name TO-HAHOSTING default-action 'drop' set firewall name TO-HAHOSTING rule 10 action 'accept' set firewall name TO-HAHOSTING rule 10 description 'TCP from itconsult' set firewall name TO-HAHOSTING rule 10 destination address 'xxx.xxx.42.0/28' set firewall name TO-HAHOSTING rule 10 destination port 'ssh,3389,5666,pop3,445,8001,8000' set firewall name TO-HAHOSTING rule 10 protocol 'tcp' set firewall name TO-HAHOSTING rule 10 source address 'xxx.xxx.42.0/24' set firewall name TO-HAHOSTING rule 11 action 'accept' set firewall name TO-HAHOSTING rule 11 description 'UDP from itconsult' set firewall name TO-HAHOSTING rule 11 destination address 'xxx.xxx.42.0/28' set firewall name TO-HAHOSTING rule 11 destination port 'snmp' set firewall name TO-HAHOSTING rule 11 protocol 'udp' set firewall name TO-HAHOSTING rule 11 source address 'xxx.xxx.42.0/24' set firewall name TO-HAHOSTING rule 110 action 'accept' set firewall name TO-HAHOSTING rule 110 description 'SMTP/DNS' set firewall name TO-HAHOSTING rule 110 destination address 'xxx.xxx.42.0/28' set firewall name TO-HAHOSTING rule 110 destination port 'smtp,domain' set firewall name TO-HAHOSTING rule 110 protocol 'tcp' set firewall name TO-HAHOSTING rule 120 action 'accept' set firewall name TO-HAHOSTING rule 120 description 'DNS' set firewall name TO-HAHOSTING rule 120 destination address 'xxx.xxx.42.0/28' set firewall name TO-HAHOSTING rule 120 destination port 'domain' set firewall name TO-HAHOSTING rule 120 protocol 'udp' set firewall name TO-HAHOSTING rule 130 action 'accept' set firewall name TO-HAHOSTING rule 130 description 'SYSLOG & SMNP Trap to m63' set firewall name TO-HAHOSTING rule 130 destination address 'xxx.xxx.42.2/32' set firewall name TO-HAHOSTING rule 130 destination port 'syslog,162' set firewall name TO-HAHOSTING rule 130 protocol 'udp' set firewall name TO-HAHOSTING rule 140 action 'accept' set firewall name TO-HAHOSTING rule 140 description 'ssh from m70' set firewall name TO-HAHOSTING rule 140 destination address 'xxx.xxx.42.0/28' set firewall name TO-HAHOSTING rule 140 destination port 'ssh' set firewall name TO-HAHOSTING rule 140 protocol 'tcp' set firewall name TO-HAHOSTING rule 140 source address 'xxx.xxx.144.150/32' set firewall name TO-HAHOSTING rule 141 action 'accept' set firewall name TO-HAHOSTING rule 141 description 'ssh from m72' set firewall name TO-HAHOSTING rule 141 destination address 'xxx.xxx.42.0/28' set firewall name TO-HAHOSTING rule 141 destination port 'ssh' set firewall name TO-HAHOSTING rule 141 protocol 'tcp' set firewall name TO-HAHOSTING rule 141 source address 'xxx.xxx.34.123/32' set firewall name TO-HAHOSTING rule 142 action 'accept' set firewall name TO-HAHOSTING rule 142 description 'ssh to m71' set firewall name TO-HAHOSTING rule 142 destination address 'xxx.xxx.42.7/32' set firewall name TO-HAHOSTING rule 142 destination port 'ssh' set firewall name TO-HAHOSTING rule 142 protocol 'tcp' set firewall name TO-HAHOSTING rule 996 action 'accept' set firewall name TO-HAHOSTING rule 996 description 'ICMP throughout' set firewall name TO-HAHOSTING rule 996 protocol 'icmp' set firewall name TO-HAHOSTING rule 997 action 'accept' set firewall name TO-HAHOSTING rule 997 description 'Firewall return traffic' set firewall name TO-HAHOSTING rule 997 state established 'enable' set firewall name TO-HAHOSTING rule 997 state related 'enable' set firewall name TO-HAHOSTING rule 999 action 'reject' set firewall name TO-HAHOSTING rule 999 description 'Block' set firewall name TO-HAHOSTING rule 999 log 'disable' set firewall name TO-HAHOSTING rule 999 protocol 'all' set firewall name TO-HAJTHOSTING default-action 'drop' set firewall name TO-HAJTHOSTING rule 10 action 'accept' set firewall name TO-HAJTHOSTING rule 10 description 'TCP from itconsult' set firewall name TO-HAJTHOSTING rule 10 destination address 'xxx.xxx.23.0/29' set firewall name TO-HAJTHOSTING rule 10 destination port 'ssh,smtp,9392,https' set firewall name TO-HAJTHOSTING rule 10 protocol 'tcp' set firewall name TO-HAJTHOSTING rule 10 source address 'xxx.xxx.42.0/24' set firewall name TO-HAJTHOSTING rule 11 action 'accept' set firewall name TO-HAJTHOSTING rule 11 description 'UDP from itconsult' set firewall name TO-HAJTHOSTING rule 11 destination address 'xxx.xxx.23.0/29' set firewall name TO-HAJTHOSTING rule 11 destination port 'snmp' set firewall name TO-HAJTHOSTING rule 11 protocol 'udp' set firewall name TO-HAJTHOSTING rule 11 source address 'xxx.xxx.42.0/24' set firewall name TO-HAJTHOSTING rule 110 action 'accept' set firewall name TO-HAJTHOSTING rule 110 description 'SMTP to m81' set firewall name TO-HAJTHOSTING rule 110 destination address 'xxx.xxx.23.2/32' set firewall name TO-HAJTHOSTING rule 110 destination port 'smtp' set firewall name TO-HAJTHOSTING rule 110 protocol 'tcp' set firewall name TO-HAJTHOSTING rule 996 action 'accept' set firewall name TO-HAJTHOSTING rule 996 description 'ICMP throughout' set firewall name TO-HAJTHOSTING rule 996 protocol 'icmp' set firewall name TO-HAJTHOSTING rule 997 action 'accept' set firewall name TO-HAJTHOSTING rule 997 description 'Firewall return traffic' set firewall name TO-HAJTHOSTING rule 997 state established 'enable' set firewall name TO-HAJTHOSTING rule 997 state related 'enable' set firewall name TO-HAJTHOSTING rule 999 action 'reject' set firewall name TO-HAJTHOSTING rule 999 description 'Block' set firewall name TO-HAJTHOSTING rule 999 log 'disable' set firewall name TO-HAJTHOSTING rule 999 protocol 'all' set firewall name TO-HAUNIFI default-action 'drop' set firewall name TO-HAUNIFI rule 10 action 'accept' set firewall name TO-HAUNIFI rule 10 description 'TCP from itconsult' set firewall name TO-HAUNIFI rule 10 destination address 'xxx.xxx.132.0/24' set firewall name TO-HAUNIFI rule 10 destination port 'ssh,8443' set firewall name TO-HAUNIFI rule 10 protocol 'tcp' set firewall name TO-HAUNIFI rule 10 source address 'xxx.xxx.42.0/24' set firewall name TO-HAUNIFI rule 11 action 'accept' set firewall name TO-HAUNIFI rule 11 description 'UDP from itconsult' set firewall name TO-HAUNIFI rule 11 destination address 'xxx.xxx.132.0/24' set firewall name TO-HAUNIFI rule 11 destination port 'snmp' set firewall name TO-HAUNIFI rule 11 protocol 'udp' set firewall name TO-HAUNIFI rule 11 source address 'xxx.xxx.42.0/24' set firewall name TO-HAUNIFI rule 996 action 'accept' set firewall name TO-HAUNIFI rule 996 description 'ICMP throughout' set firewall name TO-HAUNIFI rule 996 protocol 'icmp' set firewall name TO-HAUNIFI rule 997 action 'accept' set firewall name TO-HAUNIFI rule 997 description 'Firewall return traffic' set firewall name TO-HAUNIFI rule 997 state established 'enable' set firewall name TO-HAUNIFI rule 997 state related 'enable' set firewall name TO-HAUNIFI rule 999 action 'reject' set firewall name TO-HAUNIFI rule 999 description 'Block' set firewall name TO-HAUNIFI rule 999 log 'disable' set firewall name TO-HAUNIFI rule 999 protocol 'all' set firewall name TO-HAVIRT default-action 'drop' set firewall name TO-HAVIRT rule 3 action 'accept' set firewall name TO-HAVIRT rule 3 description 'Allow local ha-h02' set firewall name TO-HAVIRT rule 3 destination address 'xxx.xxx.42.85/32' set firewall name TO-HAVIRT rule 3 source address 'xxx.xxx.42.0/24' set firewall name TO-HAVIRT rule 5 action 'accept' set firewall name TO-HAVIRT rule 5 description 'Allow local NTP' set firewall name TO-HAVIRT rule 5 destination address 'xxx.xxx.42.80/28' set firewall name TO-HAVIRT rule 5 destination port 'ntp' set firewall name TO-HAVIRT rule 5 protocol 'udp' set firewall name TO-HAVIRT rule 5 source address 'xxx.xxx.42.0/24' set firewall name TO-HAVIRT rule 6 action 'accept' set firewall name TO-HAVIRT rule 6 description 'Allow local NTP - vlan 131' set firewall name TO-HAVIRT rule 6 destination address 'xxx.xxx.42.80/28' set firewall name TO-HAVIRT rule 6 destination port 'ntp' set firewall name TO-HAVIRT rule 6 protocol 'udp' set firewall name TO-HAVIRT rule 6 source address 'xxx.xxx.23.0/29' set firewall name TO-HAVIRT rule 7 action 'accept' set firewall name TO-HAVIRT rule 7 description 'Allow local NTP - vlan 141' set firewall name TO-HAVIRT rule 7 destination address 'xxx.xxx.42.80/28' set firewall name TO-HAVIRT rule 7 destination port 'ntp' set firewall name TO-HAVIRT rule 7 protocol 'udp' set firewall name TO-HAVIRT rule 7 source address 'xxx.xxx.132.0/24' set firewall name TO-HAVIRT rule 10 action 'reject' set firewall name TO-HAVIRT rule 10 description 'Disallow Bassspeaker' set firewall name TO-HAVIRT rule 10 destination address 'xxx.xxx.42.80/28' set firewall name TO-HAVIRT rule 10 source address 'xxx.xxx.42.216/29' set firewall name TO-HAVIRT rule 20 action 'reject' set firewall name TO-HAVIRT rule 20 description 'Disallow Guides' set firewall name TO-HAVIRT rule 20 destination address 'xxx.xxx.42.80/28' set firewall name TO-HAVIRT rule 20 source address 'xxx.xxx.42.120/29' set firewall name TO-HAVIRT rule 30 action 'reject' set firewall name TO-HAVIRT rule 30 description 'Disallow Merula' set firewall name TO-HAVIRT rule 30 destination address 'xxx.xxx.42.80/28' set firewall name TO-HAVIRT rule 30 source address 'xxx.xxx.42.192/29' set firewall name TO-HAVIRT rule 40 action 'reject' set firewall name TO-HAVIRT rule 40 description 'Disallow Island Networks' set firewall name TO-HAVIRT rule 40 destination address 'xxx.xxx.42.80/28' set firewall name TO-HAVIRT rule 40 source address 'xxx.xxx.42.176/28' set firewall name TO-HAVIRT rule 100 action 'accept' set firewall name TO-HAVIRT rule 100 description 'Allow all local traffic' set firewall name TO-HAVIRT rule 100 destination address 'xxx.xxx.42.80/28' set firewall name TO-HAVIRT rule 100 source address 'xxx.xxx.42.0/24' set firewall name TO-HAVIRT rule 110 action 'accept' set firewall name TO-HAVIRT rule 110 description 'Allow all m70' set firewall name TO-HAVIRT rule 110 destination address 'xxx.xxx.42.80/28' set firewall name TO-HAVIRT rule 110 source address 'xxx.xxx.144.150/32' set firewall name TO-HAVIRT rule 996 action 'accept' set firewall name TO-HAVIRT rule 996 description 'ICMP throughout' set firewall name TO-HAVIRT rule 996 protocol 'icmp' set firewall name TO-HAVIRT rule 997 action 'accept' set firewall name TO-HAVIRT rule 997 description 'Firewall return traffic' set firewall name TO-HAVIRT rule 997 state established 'enable' set firewall name TO-HAVIRT rule 997 state related 'enable' set firewall name TO-HAVIRT rule 999 action 'reject' set firewall name TO-HAVIRT rule 999 description 'Block' set firewall name TO-HAVIRT rule 999 log 'disable' set firewall name TO-HAVIRT rule 999 protocol 'all' set firewall name TO-INSIDEH default-action 'drop' set firewall name TO-INSIDEH rule 1 action 'drop' set firewall name TO-INSIDEH rule 1 description 'Drop attack traffic' set firewall name TO-INSIDEH rule 1 source address 'xxx.xxx.102.94/32' set firewall name TO-INSIDEH rule 10 action 'accept' set firewall name TO-INSIDEH rule 10 description 'Allow all local traffic' set firewall name TO-INSIDEH rule 10 destination address 'xxx.xxx.42.0/26' set firewall name TO-INSIDEH rule 10 source group network-group 'itconsult' set firewall name TO-INSIDEH rule 20 action 'accept' set firewall name TO-INSIDEH rule 20 description 'Allow all local traffic to JT subnet' set firewall name TO-INSIDEH rule 20 destination address 'xxx.xxx.42.0/26' set firewall name TO-INSIDEH rule 20 source address 'xxx.xxx.23.0/29' set firewall name TO-INSIDEH rule 30 action 'accept' set firewall name TO-INSIDEH rule 30 description 'Permitted TCP traffic' set firewall name TO-INSIDEH rule 30 destination address 'xxx.xxx.42.0/26' set firewall name TO-INSIDEH rule 30 destination port 'domain,smtp,pop3,submission,www,https,imap2,8000' set firewall name TO-INSIDEH rule 30 protocol 'tcp' set firewall name TO-INSIDEH rule 40 action 'accept' set firewall name TO-INSIDEH rule 40 description 'Permitted UDP traffic' set firewall name TO-INSIDEH rule 40 destination address 'xxx.xxx.42.0/26' set firewall name TO-INSIDEH rule 40 destination port 'domain' set firewall name TO-INSIDEH rule 40 protocol 'udp' set firewall name TO-INSIDEH rule 50 action 'accept' set firewall name TO-INSIDEH rule 50 description 'Permitted TCP traffic to JT subnet' set firewall name TO-INSIDEH rule 50 destination address 'xxx.xxx.23.0/29' set firewall name TO-INSIDEH rule 50 destination port 'domain,smtp' set firewall name TO-INSIDEH rule 50 protocol 'tcp' set firewall name TO-INSIDEH rule 60 action 'accept' set firewall name TO-INSIDEH rule 60 description 'Permitted UDP traffic to JT subnet' set firewall name TO-INSIDEH rule 60 destination address 'xxx.xxx.23.0/29' set firewall name TO-INSIDEH rule 60 destination port 'domain' set firewall name TO-INSIDEH rule 60 protocol 'udp' set firewall name TO-INSIDEH rule 70 action 'accept' set firewall name TO-INSIDEH rule 70 description 'Syslog & SNMP Trap' set firewall name TO-INSIDEH rule 70 destination address 'xxx.xxx.42.2/32' set firewall name TO-INSIDEH rule 70 destination port 'syslog,162' set firewall name TO-INSIDEH rule 70 protocol 'udp' set firewall name TO-INSIDEH rule 90 action 'accept' set firewall name TO-INSIDEH rule 90 description 'FTP to ftp' set firewall name TO-INSIDEH rule 90 destination address 'xxx.xxx.42.20/32' set firewall name TO-INSIDEH rule 90 destination port 'ftp' set firewall name TO-INSIDEH rule 90 protocol 'tcp' set firewall name TO-INSIDEH rule 100 action 'accept' set firewall name TO-INSIDEH rule 100 description 'HTTPS to m73' set firewall name TO-INSIDEH rule 100 destination address 'xxx.xxx.42.34/32' set firewall name TO-INSIDEH rule 100 destination port 'https' set firewall name TO-INSIDEH rule 100 protocol 'tcp' set firewall name TO-INSIDEH rule 120 action 'accept' set firewall name TO-INSIDEH rule 120 description 'NSCA to m40' set firewall name TO-INSIDEH rule 120 destination address 'xxx.xxx.42.46/32' set firewall name TO-INSIDEH rule 120 destination port '5667' set firewall name TO-INSIDEH rule 120 protocol 'tcp' set firewall name TO-INSIDEH rule 210 action 'accept' set firewall name TO-INSIDEH rule 210 description 'IPSEC' set firewall name TO-INSIDEH rule 210 destination address 'xxx.xxx.42.0/26' set firewall name TO-INSIDEH rule 210 destination port '500,4500' set firewall name TO-INSIDEH rule 210 protocol 'udp' set firewall name TO-INSIDEH rule 220 action 'accept' set firewall name TO-INSIDEH rule 220 description 'IPSEC' set firewall name TO-INSIDEH rule 220 destination address 'xxx.xxx.42.0/26' set firewall name TO-INSIDEH rule 220 protocol 'esp' set firewall name TO-INSIDEH rule 230 action 'accept' set firewall name TO-INSIDEH rule 230 description 'm70 ssh' set firewall name TO-INSIDEH rule 230 destination address 'xxx.xxx.42.0/26' set firewall name TO-INSIDEH rule 230 destination port 'ssh' set firewall name TO-INSIDEH rule 230 protocol 'tcp' set firewall name TO-INSIDEH rule 230 source address 'xxx.xxx.144.150/32' set firewall name TO-INSIDEH rule 231 action 'accept' set firewall name TO-INSIDEH rule 231 description 'm72 ssh' set firewall name TO-INSIDEH rule 231 destination address 'xxx.xxx.42.0/26' set firewall name TO-INSIDEH rule 231 destination port 'ssh' set firewall name TO-INSIDEH rule 231 protocol 'tcp' set firewall name TO-INSIDEH rule 231 source address 'xxx.xxx.34.123/32' set firewall name TO-INSIDEH rule 240 action 'accept' set firewall name TO-INSIDEH rule 240 description 'external smb to m86' set firewall name TO-INSIDEH rule 240 destination address 'xxx.xxx.42.48/32' set firewall name TO-INSIDEH rule 240 destination port '445' set firewall name TO-INSIDEH rule 240 protocol 'tcp' set firewall name TO-INSIDEH rule 240 source group network-group 'smbtom86' set firewall name TO-INSIDEH rule 302 action 'accept' set firewall name TO-INSIDEH rule 302 description 'm56 ssh (temporary)' set firewall name TO-INSIDEH rule 302 destination address 'xxx.xxx.42.36/32' set firewall name TO-INSIDEH rule 302 destination port 'ssh' set firewall name TO-INSIDEH rule 302 protocol 'tcp' set firewall name TO-INSIDEH rule 303 action 'accept' set firewall name TO-INSIDEH rule 303 description 'imaps to et11 (temporary)' set firewall name TO-INSIDEH rule 303 destination address 'xxx.xxx.42.35/32' set firewall name TO-INSIDEH rule 303 destination port '993' set firewall name TO-INSIDEH rule 303 protocol 'tcp' set firewall name TO-INSIDEH rule 304 action 'accept' set firewall name TO-INSIDEH rule 304 description 'vlan99 to lt01 (temporary)' set firewall name TO-INSIDEH rule 304 destination address 'xxx.xxx.42.34/32' set firewall name TO-INSIDEH rule 304 source address 'xxx.xxx.99.0/24' set firewall name TO-INSIDEH rule 981 action 'reject' set firewall name TO-INSIDEH rule 981 description 'Block IDENT without logging' set firewall name TO-INSIDEH rule 981 destination port 'auth' set firewall name TO-INSIDEH rule 981 protocol 'tcp' set firewall name TO-INSIDEH rule 996 action 'accept' set firewall name TO-INSIDEH rule 996 description 'ICMP throughout' set firewall name TO-INSIDEH rule 996 protocol 'icmp' set firewall name TO-INSIDEH rule 997 action 'accept' set firewall name TO-INSIDEH rule 997 description 'Firewall return traffic' set firewall name TO-INSIDEH rule 997 state established 'enable' set firewall name TO-INSIDEH rule 997 state related 'enable' set firewall name TO-INSIDEH rule 999 action 'reject' set firewall name TO-INSIDEH rule 999 description 'Block' set firewall name TO-INSIDEH rule 999 log 'disable' set firewall name TO-INSIDEH rule 999 protocol 'all' set firewall name TO-MR default-action 'drop' set firewall name TO-MR rule 996 action 'accept' set firewall name TO-MR rule 996 description 'ICMP throughout' set firewall name TO-MR rule 996 protocol 'icmp' set firewall name TO-MR rule 997 action 'accept' set firewall name TO-MR rule 997 description 'Firewall return traffic' set firewall name TO-MR rule 997 state established 'enable' set firewall name TO-MR rule 997 state related 'enable' set firewall name TO-MR rule 999 action 'reject' set firewall name TO-MR rule 999 description 'Block' set firewall name TO-MR rule 999 log 'disable' set firewall name TO-MR rule 999 protocol 'all' set firewall name TO-ROUTER default-action 'drop' set firewall name TO-ROUTER rule 10 action 'accept' set firewall name TO-ROUTER rule 10 description 'All Local Traffic' set firewall name TO-ROUTER rule 10 protocol 'all' set firewall name TO-ROUTER rule 10 source address 'xxx.xxx.42.0/24' set firewall name TO-ROUTER rule 20 action 'accept' set firewall name TO-ROUTER rule 20 description 'All Local Foreshore Traffic' set firewall name TO-ROUTER rule 20 protocol 'all' set firewall name TO-ROUTER rule 20 source address 'xxx.xxx.95.24/29' set firewall name TO-ROUTER rule 30 action 'accept' set firewall name TO-ROUTER rule 30 description 'All Local Newtel Traffic' set firewall name TO-ROUTER rule 30 protocol 'all' set firewall name TO-ROUTER rule 30 source address 'xxx.xxx.203.24/29' set firewall name TO-ROUTER rule 40 action 'accept' set firewall name TO-ROUTER rule 40 description 'All Local JT Traffic' set firewall name TO-ROUTER rule 40 protocol 'all' set firewall name TO-ROUTER rule 40 source address 'xxx.xxx.23.0/29' set firewall name TO-ROUTER rule 50 action 'accept' set firewall name TO-ROUTER rule 50 description 'All Local JT Traffic' set firewall name TO-ROUTER rule 50 protocol 'all' set firewall name TO-ROUTER rule 50 source address 'xxx.xxx.4.208/29' set firewall name TO-ROUTER rule 60 action 'accept' set firewall name TO-ROUTER rule 60 description 'VRRP' set firewall name TO-ROUTER rule 60 destination address 'xxx.xxx.0.18' set firewall name TO-ROUTER rule 60 protocol '112' set firewall name TO-ROUTER rule 70 action 'accept' set firewall name TO-ROUTER rule 70 description 'IPSEC UDP' set firewall name TO-ROUTER rule 70 destination port '500,4500,1701' set firewall name TO-ROUTER rule 70 protocol 'udp' set firewall name TO-ROUTER rule 80 action 'accept' set firewall name TO-ROUTER rule 80 description 'IPSEC ESP' set firewall name TO-ROUTER rule 80 protocol 'esp' set firewall name TO-ROUTER rule 90 action 'accept' set firewall name TO-ROUTER rule 90 description 'BGP' set firewall name TO-ROUTER rule 90 destination port '179' set firewall name TO-ROUTER rule 90 protocol 'tcp' set firewall name TO-ROUTER rule 100 action 'accept' set firewall name TO-ROUTER rule 100 description 'DHCP' set firewall name TO-ROUTER rule 100 destination port 'bootps' set firewall name TO-ROUTER rule 100 protocol 'udp' set firewall name TO-ROUTER rule 996 action 'accept' set firewall name TO-ROUTER rule 996 description 'ICMP Throughout' set firewall name TO-ROUTER rule 996 protocol 'icmp' set firewall name TO-ROUTER rule 997 action 'accept' set firewall name TO-ROUTER rule 997 description 'Return Traffic' set firewall name TO-ROUTER rule 997 state established 'enable' set firewall name TO-ROUTER rule 997 state related 'enable' set firewall name TO-ROUTER rule 999 action 'reject' set firewall name TO-ROUTER rule 999 description 'Block & Log' set firewall name TO-ROUTER rule 999 log 'disable' set firewall name TO-ROUTER rule 999 protocol 'all' set firewall receive-redirects 'disable' set firewall send-redirects 'enable' set firewall source-validation 'disable' set firewall syn-cookies 'enable' set firewall twa-hazards-protection 'disable' set high-availability vrrp group eth0.10-10 advertise-interval '1' set high-availability vrrp group eth0.10-10 interface 'eth0.10' set high-availability vrrp group eth0.10-10 priority '150' set high-availability vrrp group eth0.10-10 virtual-address xxx.xxx.42.62/27 set high-availability vrrp group eth0.10-10 vrid '10' set high-availability vrrp group eth0.12-12 advertise-interval '1' set high-availability vrrp group eth0.12-12 interface 'eth0.12' set high-availability vrrp group eth0.12-12 priority '150' set high-availability vrrp group eth0.12-12 virtual-address xxx.xxx.134.14/28 set high-availability vrrp group eth0.12-12 vrid '12' set high-availability vrrp group eth0.130-130 advertise-interval '1' set high-availability vrrp group eth0.130-130 interface 'eth0.130' set high-availability vrrp group eth0.130-130 priority '150' set high-availability vrrp group eth0.130-130 virtual-address xxx.xxx.42.14/28 set high-availability vrrp group eth0.130-130 vrid '130' set high-availability vrrp group eth0.131-131 advertise-interval '1' set high-availability vrrp group eth0.131-131 interface 'eth0.131' set high-availability vrrp group eth0.131-131 priority '150' set high-availability vrrp group eth0.131-131 virtual-address xxx.xxx.23.6/29 set high-availability vrrp group eth0.131-131 vrid '131' set high-availability vrrp group eth0.140-140 advertise-interval '1' set high-availability vrrp group eth0.140-140 interface 'eth0.140' set high-availability vrrp group eth0.140-140 priority '150' set high-availability vrrp group eth0.140-140 virtual-address xxx.xxx.42.94/28 set high-availability vrrp group eth0.140-140 vrid '140' set high-availability vrrp group eth0.141-141 advertise-interval '1' set high-availability vrrp group eth0.141-141 interface 'eth0.141' set high-availability vrrp group eth0.141-141 priority '150' set high-availability vrrp group eth0.141-141 virtual-address xxx.xxx.132.254/24 set high-availability vrrp group eth0.141-141 vrid '141' set high-availability vrrp group eth0.262-262 advertise-interval '1' set high-availability vrrp group eth0.262-262 interface 'eth0.262' set high-availability vrrp group eth0.262-262 priority '150' set high-availability vrrp group eth0.262-262 virtual-address xxx.xxx.42.78/29 set high-availability vrrp group eth0.262-262 vrid '62' set interfaces dummy dum1 address 'xxx.xxx.42.188/32' set interfaces dummy dum1 description 'outbound from vlan 12' set interfaces dummy dum1 firewall local name 'TO-ROUTER' set interfaces ethernet eth0 duplex 'auto' set interfaces ethernet eth0 hw-id 'xx:xx:xx:xx:xx:c5' set interfaces ethernet eth0 offload gro set interfaces ethernet eth0 offload gso set interfaces ethernet eth0 offload sg set interfaces ethernet eth0 offload tso set interfaces ethernet eth0 speed 'auto' set interfaces ethernet eth0 vif 10 address 'xxx.xxx.42.61/27' set interfaces ethernet eth0 vif 10 description 'Inside HA' set interfaces ethernet eth0 vif 10 disable set interfaces ethernet eth0 vif 10 firewall in name 'FROM-INSIDEH' set interfaces ethernet eth0 vif 10 firewall local name 'TO-ROUTER' set interfaces ethernet eth0 vif 10 firewall out name 'TO-INSIDEH' set interfaces ethernet eth0 vif 10 ip ospf cost '20' set interfaces ethernet eth0 vif 10 ip ospf dead-interval '40' set interfaces ethernet eth0 vif 10 ip ospf hello-interval '10' set interfaces ethernet eth0 vif 10 ip ospf priority '1' set interfaces ethernet eth0 vif 10 ip ospf retransmit-interval '5' set interfaces ethernet eth0 vif 10 ip ospf transmit-delay '1' set interfaces ethernet eth0 vif 12 address 'xxx.xxx.134.12/28' set interfaces ethernet eth0 vif 12 description 'MR - laptop etc' set interfaces ethernet eth0 vif 12 disable set interfaces ethernet eth0 vif 12 firewall in name 'FROM-MR' set interfaces ethernet eth0 vif 12 firewall local name 'TO-ROUTER' set interfaces ethernet eth0 vif 12 firewall out name 'TO-MR' set interfaces ethernet eth0 vif 20 address 'xxx.xxx.42.171/28' set interfaces ethernet eth0 vif 20 description 'Backbone HA' set interfaces ethernet eth0 vif 20 firewall local name 'TO-ROUTER' set interfaces ethernet eth0 vif 20 ip ospf cost '20' set interfaces ethernet eth0 vif 20 ip ospf dead-interval '4' set interfaces ethernet eth0 vif 20 ip ospf hello-interval '1' set interfaces ethernet eth0 vif 20 ip ospf priority '110' set interfaces ethernet eth0 vif 20 ip ospf retransmit-interval '5' set interfaces ethernet eth0 vif 20 ip ospf transmit-delay '1' set interfaces ethernet eth0 vif 130 address 'xxx.xxx.42.13/28' set interfaces ethernet eth0 vif 130 description 'HA Hosting' set interfaces ethernet eth0 vif 130 disable set interfaces ethernet eth0 vif 130 firewall in name 'FROM-HAHOSTING' set interfaces ethernet eth0 vif 130 firewall local name 'TO-ROUTER' set interfaces ethernet eth0 vif 130 firewall out name 'TO-HAHOSTING' set interfaces ethernet eth0 vif 130 ip ospf cost '20' set interfaces ethernet eth0 vif 130 ip ospf dead-interval '40' set interfaces ethernet eth0 vif 130 ip ospf hello-interval '10' set interfaces ethernet eth0 vif 130 ip ospf priority '1' set interfaces ethernet eth0 vif 130 ip ospf retransmit-interval '5' set interfaces ethernet eth0 vif 130 ip ospf transmit-delay '1' set interfaces ethernet eth0 vif 131 address 'xxx.xxx.23.5/29' set interfaces ethernet eth0 vif 131 description 'HA JT Hosting' set interfaces ethernet eth0 vif 131 disable set interfaces ethernet eth0 vif 131 firewall in name 'FROM-HAJTHOSTING' set interfaces ethernet eth0 vif 131 firewall local name 'TO-ROUTER' set interfaces ethernet eth0 vif 131 firewall out name 'TO-HAJTHOSTING' set interfaces ethernet eth0 vif 131 ip ospf cost '20' set interfaces ethernet eth0 vif 131 ip ospf dead-interval '40' set interfaces ethernet eth0 vif 131 ip ospf hello-interval '10' set interfaces ethernet eth0 vif 131 ip ospf priority '1' set interfaces ethernet eth0 vif 131 ip ospf retransmit-interval '5' set interfaces ethernet eth0 vif 131 ip ospf transmit-delay '1' set interfaces ethernet eth0 vif 131 policy route 'outviajt' set interfaces ethernet eth0 vif 140 address 'xxx.xxx.42.93/28' set interfaces ethernet eth0 vif 140 description 'Virtualisation/Storage' set interfaces ethernet eth0 vif 140 disable set interfaces ethernet eth0 vif 140 firewall in name 'FROM-HAVIRT' set interfaces ethernet eth0 vif 140 firewall local name 'TO-ROUTER' set interfaces ethernet eth0 vif 140 firewall out name 'TO-HAVIRT' set interfaces ethernet eth0 vif 140 ip ospf cost '20' set interfaces ethernet eth0 vif 140 ip ospf dead-interval '40' set interfaces ethernet eth0 vif 140 ip ospf hello-interval '10' set interfaces ethernet eth0 vif 140 ip ospf priority '1' set interfaces ethernet eth0 vif 140 ip ospf retransmit-interval '5' set interfaces ethernet eth0 vif 140 ip ospf transmit-delay '1' set interfaces ethernet eth0 vif 141 address 'xxx.xxx.132.251/24' set interfaces ethernet eth0 vif 141 description 'Unifi Management' set interfaces ethernet eth0 vif 141 disable set interfaces ethernet eth0 vif 141 firewall in name 'FROM-HAUNIFI' set interfaces ethernet eth0 vif 141 firewall local name 'TO-ROUTER' set interfaces ethernet eth0 vif 141 firewall out name 'TO-HAUNIFI' set interfaces ethernet eth0 vif 141 ip ospf cost '20' set interfaces ethernet eth0 vif 141 ip ospf dead-interval '40' set interfaces ethernet eth0 vif 141 ip ospf hello-interval '10' set interfaces ethernet eth0 vif 141 ip ospf priority '1' set interfaces ethernet eth0 vif 141 ip ospf retransmit-interval '5' set interfaces ethernet eth0 vif 141 ip ospf transmit-delay '1' set interfaces ethernet eth0 vif 262 address 'xxx.xxx.42.77/29' set interfaces ethernet eth0 vif 262 description 'HA Email' set interfaces ethernet eth0 vif 262 disable set interfaces ethernet eth0 vif 262 firewall in name 'FROM-HAEMAIL' set interfaces ethernet eth0 vif 262 firewall local name 'TO-ROUTER' set interfaces ethernet eth0 vif 262 firewall out name 'TO-HAEMAIL' set interfaces ethernet eth0 vif 262 ip ospf cost '20' set interfaces ethernet eth0 vif 262 ip ospf dead-interval '40' set interfaces ethernet eth0 vif 262 ip ospf hello-interval '10' set interfaces ethernet eth0 vif 262 ip ospf priority '1' set interfaces ethernet eth0 vif 262 ip ospf retransmit-interval '5' set interfaces ethernet eth0 vif 262 ip ospf transmit-delay '1' set interfaces loopback lo address 'xxx.xxx.42.210/32' set interfaces loopback lo ip set nat source rule 12 description 'vlan 12 - translate all' set nat source rule 12 outbound-interface 'any' set nat source rule 12 source address 'xxx.xxx.134.0/28' set nat source rule 12 translation address 'xxx.xxx.42.188/32' set nat source rule 141 description 'm84 outbound to internet' set nat source rule 141 destination address '!xxx.xxx.42.0/24' set nat source rule 141 outbound-interface 'eth0.20' set nat source rule 141 source address 'xxx.xxx.132.1/32' set nat source rule 141 translation address 'masquerade' set policy route outviajt rule 10 description 'Internal Traffic' set policy route outviajt rule 10 destination group network-group 'internaladdresses' set policy route outviajt rule 10 set table 'main' set policy route outviajt rule 10 source group network-group 'outviajt' set policy route outviajt rule 20 description 'Out via JT' set policy route outviajt rule 20 set table '1' set policy route outviajt rule 20 source group network-group 'outviajt' set policy route outviajt rule 30 description 'Normal Traffic' set policy route outviajt rule 30 set table 'main' set protocols ospf area 0 area-type normal set protocols ospf area 0 network 'xxx.xxx.42.160/28' set protocols ospf area 0 network 'xxx.xxx.42.210/32' set protocols ospf area 0 network 'xxx.xxx.42.80/28' set protocols ospf area 0 network 'xxx.xxx.42.32/27' set protocols ospf area 0 network 'xxx.xxx.42.0/28' set protocols ospf area 0 network 'xxx.xxx.42.72/29' set protocols ospf area 0 network 'xxx.xxx.23.0/29' set protocols ospf area 0 network 'xxx.xxx.132.0/24' set protocols ospf area 0 network 'xxx.xxx.42.188/32' set protocols ospf log-adjacency-changes detail set protocols ospf passive-interface 'eth0.10' set protocols ospf passive-interface 'eth0.150' set protocols ospf passive-interface 'eth0.160' set protocols ospf passive-interface 'eth0.170' set protocols ospf passive-interface 'eth0.140' set protocols ospf passive-interface 'eth0.262' set protocols ospf passive-interface 'eth0.131' set protocols ospf passive-interface 'eth0.141' set protocols ospf passive-interface 'eth0.12' set protocols ospf passive-interface 'dum1' set protocols ospf redistribute static metric-type '2' set protocols static route xxx.xxx.0.0/0 next-hop xxx.xxx.42.170 distance '130' set protocols static route xxx.xxx.98.1/32 next-hop xxx.xxx.42.165 set protocols static route xxx.xxx.151.0/24 next-hop xxx.xxx.42.166 set protocols static route xxx.xxx.151.1/32 next-hop xxx.xxx.42.166 set protocols static table 1 route xxx.xxx.0.0/0 next-hop xxx.xxx.42.168 set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.42.32/27 default-router 'xxx.xxx.42.62' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.42.32/27 lease '10800' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.42.32/27 name-server 'xxx.xxx.42.9' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.42.32/27 name-server 'xxx.xxx.42.130' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.42.32/27 range 0 start 'xxx.xxx.42.38' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.42.32/27 range 0 stop 'xxx.xxx.42.39' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.42.32/27 static-mapping xxxxxx ip-address 'xxx.xxx.42.43' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.42.32/27 static-mapping xxxxxx mac-address 'xx:xx:xx:xx:xx:79' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.42.32/27 static-mapping xxxxxx ip-address 'xxx.xxx.42.44' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.42.32/27 static-mapping xxxxxx mac-address 'xx:xx:xx:xx:xx:83' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.134.0/28 default-router 'xxx.xxx.134.14' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.134.0/28 lease '10800' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.134.0/28 name-server 'xxx.xxx.42.9' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.134.0/28 name-server 'xxx.xxx.42.130' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.134.0/28 range 0 start 'xxx.xxx.134.2' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.134.0/28 range 0 stop 'xxx.xxx.134.7' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.134.0/28 static-mapping xxxxxx ip-address 'xxx.xxx.134.1' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.134.0/28 static-mapping xxxxxx mac-address 'xx:xx:xx:xx:xx:ac' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.132.0/24 default-router 'xxx.xxx.132.254' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.132.0/24 lease '10800' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.132.0/24 name-server 'xxx.xxx.42.9' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.132.0/24 name-server 'xxx.xxx.42.130' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.132.0/24 range 0 start 'xxx.xxx.132.111' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.132.0/24 range 0 stop 'xxx.xxx.132.119' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.132.0/24 static-mapping xxxxxx ip-address 'xxx.xxx.132.11' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.132.0/24 static-mapping xxxxxx mac-address 'xx:xx:xx:xx:xx:d9' set service snmp community [redacted] authorization 'ro' set service snmp community [redacted] network 'xxx.xxx.42.0/24' set service ssh port '22' set system config-management commit-revisions '20' set system domain-name xxxxxx set system host-name xxxxxx set system login banner post-login '' set system login banner pre-login '' set system login user xxxxxx authentication encrypted-password xxxxxx set system login user xxxxxx authentication plaintext-password xxxxxx set system name-server 'xxx.xxx.42.9' set system name-server 'xxx.xxx.42.130' set system ntp listen-address 'xxx.xxx.42.171' set system ntp listen-address 'xxx.xxx.42.210' set system ntp server xxxxx.tld set system ntp server xxxxx.tld set system ntp server xxxxx.tld set system ntp server xxxxx.tld set system syslog global facility all level 'debug' set system syslog global facility protocols level 'debug' set system syslog host xxx.xxx.42.2 facility all level 'debug' set system time-zone 'GB' itconsult@ha-r02a:~$ itconsult@ha-r02a:~$ itconsult@ha-r02a:~$ itconsult@ha-r02a:~$ itconsult@ha-r02a:~$ itconsult@ha-r02a:~$ sh ver Version: VyOS 1.3.3 Release train: equuleus Built by: Sentrium S.L. Built on: Mon 29 May 2023 12:55 UTC Build UUID: a302f99b-4d44-4a40-82ba-1a4275902d5e Build commit ID: bc64a3a72244b9 Architecture: x86_64 Boot via: installed image System type: KVM guest Hardware vendor: Red Hat Hardware model: KVM Hardware S/N: Hardware UUID: 6e70bbb2-6767-4eb6-af05-62b466abdae3 Copyright: VyOS maintainers and contributors itconsult@ha-r02a:~$ itconsult@ha-r02a:~$ itconsult@ha-r02a:~$ itconsult@ha-r02a:~$ ls vyos-1.4.0-epa1-amd64.iso itconsult@ha-r02a:~$ itconsult@ha-r02a:~$ sh int Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down Interface IP Address S/L Description --------- ---------- --- ----------- dum1 193.201.42.188/32 u/u outbound from vlan 12 eth0 - u/u eth0.10 193.201.42.61/27 A/D Inside HA eth0.12 10.193.134.12/28 A/D MR - laptop etc eth0.20 193.201.42.171/28 u/u Backbone HA eth0.130 193.201.42.13/28 A/D HA Hosting eth0.131 212.9.23.5/29 A/D HA JT Hosting eth0.140 193.201.42.93/28 A/D Virtualisation/Storage eth0.141 10.193.132.251/24 A/D Unifi Management eth0.262 193.201.42.77/29 A/D HA Email lo 127.0.0.1/8 u/u 193.201.42.210/32 ::1/128 itconsult@ha-r02a:~$ itconsult@ha-r02a:~$ itconsult@ha-r02a:~$ itconsult@ha-r02a:~$ itconsult@ha-r02a:~$ itconsult@ha-r02a:~$ add system image vyos-1.4.0-epa1-amd64.iso Checking SHA256 checksums of files on the ISO image... OK. Done! What would you like to name this image? [1.4.0-epa1]: OK. This image will be named: 1.4.0-epa1 Installing "1.4.0-epa1" image. Copying new release files... Would you like to save the current configuration directory and config file? (Yes/No) [Yes]: Copying current configuration... Would you like to save the SSH host keys from your current configuration? (Yes/No) [Yes]: Copying SSH keys... Running post-install script... Setting up grub configuration... Done. itconsult@ha-r02a:~$ itconsult@ha-r02a:~$ itconsult@ha-r02a:~$ sh system image The system currently has the following image(s) installed: 1: 1.4.0-epa1 (default boot) 2: 1.3.3 itconsult@ha-r02a:~$ itconsult@ha-r02a:~$ itconsult@ha-r02a:~$ reboot Are you sure you want to reboot this system? [y/N] y login as: itconsult itconsult@eth0-20.ha-r02a.itconsult.net's password: itconsult@ha-r02a:~$ itconsult@ha-r02a:~$ itconsult@ha-r02a:~$ sh ver Version: VyOS 1.4.0-epa1 Release train: sagitta Built by: Sentrium S.L. Built on: Thu 22 Feb 2024 19:17 UTC Build UUID: 97f0c92c-b99d-4bde-a67f-079ca030f2a1 Build commit ID: bcac2eb1f9b49c Architecture: x86_64 Boot via: installed image System type: KVM guest Hardware vendor: Red Hat Hardware model: KVM Hardware S/N: Hardware UUID: 6e70bbb2-6767-4eb6-af05-62b466abdae3 Copyright: VyOS maintainers and contributors itconsult@ha-r02a:~$ itconsult@ha-r02a:~$ ls -l /tmp total 120 -rw-rw-r-- 1 root vyattacfg 113683 Feb 29 09:04 boot-config-trace drwx------ 3 root root 60 Feb 29 09:04 systemd-private-412258ca877248b2916e334e69a1bd3c-chrony.service-lTIxwy drwx------ 3 root root 60 Feb 29 09:02 systemd-private-412258ca877248b2916e334e69a1bd3c-haveged.service-X6ZuNN drwx------ 3 root root 60 Feb 29 09:03 systemd-private-412258ca877248b2916e334e69a1bd3c-systemd-logind.service-jpMrCL -rw-r--r-- 1 root vyattacfg 183 Feb 29 09:04 vyos-configd-script-stdout -rw-rw-r-- 1 root vyattacfg 2 Feb 29 09:04 vyos-config-status itconsult@ha-r02a:~$ itconsult@ha-r02a:~$ itconsult@ha-r02a:~$ cat /tmp/boot-config-trace Traceback (most recent call last): File "/usr/libexec/vyos/vyos-boot-config-loader.py", line 144, in commit_out = session.commit() ^^^^^^^^^^^^^^^^ File "/usr/lib/python3/dist-packages/vyos/configsession.py", line 187, in commit out = self.__run_command([COMMIT]) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/lib/python3/dist-packages/vyos/configsession.py", line 143, in __run_command raise ConfigSessionError(output) vyos.configsession.ConfigSessionError: Processing the Priority Queue Entering the _commit_check_cfg_node Executing the "system domain-name itconsult.net" ... Elapsed 0.021 sec: Executing the "system host-name ha-r02a" ... Elapsed 0.012 sec: Elapsed 0.033 sec: _commit_check_cfg_node Entering the _commit_exec_cfg_node Executing the "system domain-name itconsult.net" ... [ system domain-name itconsult.net ] sudo: unable to resolve host ha-r02a: System error Elapsed 3.043 sec: Executing the "system host-name ha-r02a" ... Elapsed 0.141 sec: Elapsed 3.185 sec: _commit_exec_cfg_node Entering the _commit_check_cfg_node Executing the "system time-zone GB" ... Elapsed 0.525 sec: Elapsed 0.526 sec: _commit_check_cfg_node Entering the _commit_exec_cfg_node Executing the "system time-zone GB" ... Elapsed 0.089 sec: Elapsed 0.089 sec: _commit_exec_cfg_node Entering the _commit_check_cfg_node Elapsed 0.000 sec: _commit_check_cfg_node Entering the _commit_exec_cfg_node Executing the "policy" ... Elapsed 1.743 sec: Elapsed 1.743 sec: _commit_exec_cfg_node Entering the _commit_check_cfg_node Executing the "policy route outviajt" ... Elapsed 0.006 sec: Executing the "policy route outviajt interface eth0.131" ... Elapsed 0.010 sec: Executing the "policy route outviajt rule 10" ... Elapsed 0.010 sec: Executing the "policy route outviajt rule 10 description Internal Traffic" ... Elapsed 0.005 sec: Executing the "policy route outviajt rule 10 set table main" ... Elapsed 0.010 sec: Executing the "policy route outviajt rule 20" ... Elapsed 0.010 sec: Executing the "policy route outviajt rule 20 description Out via JT" ... Elapsed 0.005 sec: Executing the "policy route outviajt rule 20 set table 1" ... Elapsed 0.010 sec: Executing the "policy route outviajt rule 30" ... Elapsed 0.010 sec: Executing the "policy route outviajt rule 30 description Normal Traffic" ... Elapsed 0.005 sec: Executing the "policy route outviajt rule 30 set table main" ... Elapsed 0.010 sec: Elapsed 0.096 sec: _commit_check_cfg_node Entering the _commit_exec_cfg_node Executing the "policy route outviajt" ... Elapsed 0.149 sec: Elapsed 0.149 sec: _commit_exec_cfg_node Entering the _commit_check_cfg_node Executing the "nat source rule 12" ... Elapsed 0.011 sec: Executing the "nat source rule 12 description vlan 12 - translate all" ... Elapsed 0.005 sec: Executing the "nat source rule 12 source address 10.193.134.0/28" ... Elapsed 0.038 sec: Executing the "nat source rule 12 translation address 193.201.42.188/32" ... Elapsed 0.024 sec: Executing the "nat source rule 141" ... Elapsed 0.010 sec: Executing the "nat source rule 141 description m84 outbound to internet" ... Elapsed 0.005 sec: Executing the "nat source rule 141 destination address !193.201.42.0/24" ... Elapsed 0.027 sec: Executing the "nat source rule 141 outbound-interface name eth0.20" ... Elapsed 0.057 sec: Executing the "nat source rule 141 source address 10.193.132.1/32" ... Elapsed 0.034 sec: Executing the "nat source rule 141 translation address masquerade" ... Elapsed 0.024 sec: Elapsed 0.241 sec: _commit_check_cfg_node Entering the _commit_exec_cfg_node Executing the "nat" ... Elapsed 0.426 sec: Elapsed 0.426 sec: _commit_exec_cfg_node Entering the _commit_check_cfg_node Executing the "interfaces loopback lo" ... Elapsed 0.005 sec: Executing the "interfaces loopback lo address 193.201.42.210/32" ... Elapsed 0.017 sec: Elapsed 0.023 sec: _commit_check_cfg_node Entering the _commit_exec_cfg_node Executing the "interfaces loopback lo" ... Elapsed 0.235 sec: Elapsed 0.235 sec: _commit_exec_cfg_node Entering the _commit_check_cfg_node Executing the "interfaces dummy dum1" ... Elapsed 0.005 sec: Executing the "interfaces dummy dum1 address 193.201.42.188/32" ... Elapsed 0.013 sec: Executing the "interfaces dummy dum1 description outbound from vlan 12" ... Elapsed 0.005 sec: Elapsed 0.024 sec: _commit_check_cfg_node Entering the _commit_exec_cfg_node Executing the "interfaces dummy dum1" ... Elapsed 0.209 sec: Elapsed 0.209 sec: _commit_exec_cfg_node Entering the _commit_check_cfg_node Executing the "interfaces ethernet eth0" ... Elapsed 0.006 sec: Executing the "interfaces ethernet eth0 duplex auto" ... Elapsed 0.005 sec: Executing the "interfaces ethernet eth0 hw-id 00:16:3e:40:5c:c5" ... Elapsed 0.020 sec: Executing the "interfaces ethernet eth0 speed auto" ... Elapsed 0.005 sec: Executing the "interfaces ethernet eth0 vif 10" ... Elapsed 0.010 sec: Executing the "interfaces ethernet eth0 vif 10 address 193.201.42.61/27" ... Elapsed 0.012 sec: Executing the "interfaces ethernet eth0 vif 10 description Inside HA" ... Elapsed 0.005 sec: Executing the "interfaces ethernet eth0 vif 12" ... Elapsed 0.011 sec: Executing the "interfaces ethernet eth0 vif 12 address 10.193.134.12/28" ... Elapsed 0.014 sec: Executing the "interfaces ethernet eth0 vif 12 description MR - laptop etc" ... Elapsed 0.005 sec: Executing the "interfaces ethernet eth0 vif 20" ... Elapsed 0.010 sec: Executing the "interfaces ethernet eth0 vif 20 address 193.201.42.171/28" ... Elapsed 0.012 sec: Executing the "interfaces ethernet eth0 vif 20 description Backbone HA" ... Elapsed 0.005 sec: Executing the "interfaces ethernet eth0 vif 130" ... Elapsed 0.010 sec: Executing the "interfaces ethernet eth0 vif 130 address 193.201.42.13/28" ... Elapsed 0.012 sec: Executing the "interfaces ethernet eth0 vif 130 description HA Hosting" ... Elapsed 0.005 sec: Executing the "interfaces ethernet eth0 vif 131" ... Elapsed 0.012 sec: Executing the "interfaces ethernet eth0 vif 131 address 212.9.23.5/29" ... Elapsed 0.012 sec: Executing the "interfaces ethernet eth0 vif 131 description HA JT Hosting" ... Elapsed 0.005 sec: Executing the "interfaces ethernet eth0 vif 140" ... Elapsed 0.010 sec: Executing the "interfaces ethernet eth0 vif 140 address 193.201.42.93/28" ... Elapsed 0.012 sec: Executing the "interfaces ethernet eth0 vif 140 description Virtualisation/Storage" ... Elapsed 0.005 sec: Executing the "interfaces ethernet eth0 vif 141" ... Elapsed 0.010 sec: Executing the "interfaces ethernet eth0 vif 141 address 10.193.132.251/24" ... Elapsed 0.012 sec: Executing the "interfaces ethernet eth0 vif 141 description Unifi Management" ... Elapsed 0.005 sec: Executing the "interfaces ethernet eth0 vif 262" ... Elapsed 0.010 sec: Executing the "interfaces ethernet eth0 vif 262 address 193.201.42.77/29" ... Elapsed 0.012 sec: Executing the "interfaces ethernet eth0 vif 262 description HA Email" ... Elapsed 0.005 sec: Elapsed 0.270 sec: _commit_check_cfg_node Entering the _commit_exec_cfg_node Executing the "interfaces ethernet eth0" ... Elapsed 1.770 sec: Elapsed 1.771 sec: _commit_exec_cfg_node Entering the _commit_check_cfg_node Executing the "firewall global-options all-ping enable" ... Elapsed 0.006 sec: Executing the "firewall global-options broadcast-ping disable" ... Elapsed 0.005 sec: Executing the "firewall global-options ipv6-receive-redirects disable" ... Elapsed 0.006 sec: Executing the "firewall global-options ipv6-src-route disable" ... Elapsed 0.005 sec: Executing the "firewall global-options ip-src-route disable" ... Elapsed 0.006 sec: Executing the "firewall global-options log-martians enable" ... Elapsed 0.005 sec: Executing the "firewall global-options receive-redirects disable" ... Elapsed 0.005 sec: Executing the "firewall global-options send-redirects enable" ... Elapsed 0.005 sec: Executing the "firewall global-options source-validation disable" ... Elapsed 0.005 sec: Executing the "firewall global-options syn-cookies enable" ... Elapsed 0.005 sec: Executing the "firewall global-options twa-hazards-protection disable" ... Elapsed 0.006 sec: Executing the "firewall group network-group internaladdresses" ... Elapsed 0.005 sec: Executing the "firewall group network-group internaladdresses network 193.201.42.0/24" ... Elapsed 0.012 sec: Executing the "firewall group network-group internaladdresses network 212.9.23.0/29" ... Elapsed 0.012 sec: Executing the "firewall group network-group internaladdresses network 213.133.203.24/29" ... Elapsed 0.012 sec: Executing the "firewall group network-group internaladdresses network 213.167.69.64/29" ... Elapsed 0.011 sec: Executing the "firewall group network-group internaladdresses network 213.167.72.64/29" ... Elapsed 0.011 sec: Executing the "firewall group network-group internaladdresses network 212.9.4.208/29" ... Elapsed 0.011 sec: Executing the "firewall group network-group itconsult" ... Elapsed 0.005 sec: Executing the "firewall group network-group itconsult network 193.201.42.0/24" ... Elapsed 0.011 sec: Executing the "firewall group network-group itconsult network 10.193.134.0/24" ... Elapsed 0.011 sec: Executing the "firewall group network-group outviajt" ... Elapsed 0.005 sec: Executing the "firewall group network-group outviajt network 212.9.23.0/29" ... Elapsed 0.011 sec: Executing the "firewall group network-group smbtom86" ... Elapsed 0.004 sec: Executing the "firewall group network-group smbtom86 network 139.162.144.150/32" ... Elapsed 0.011 sec: Executing the "firewall group network-group smbtom86 network 212.9.29.81/32" ... Elapsed 0.011 sec: Executing the "firewall ipv4 forward filter default-action accept" ... Elapsed 0.005 sec: Executing the "firewall ipv4 forward filter rule 5" ... Elapsed 0.009 sec: Executing the "firewall ipv4 forward filter rule 5 action jump" ... Elapsed 0.005 sec: Executing the "firewall ipv4 forward filter rule 5 inbound-interface name eth0.10" ... Elapsed 0.057 sec: Executing the "firewall ipv4 forward filter rule 10" ... Elapsed 0.012 sec: Executing the "firewall ipv4 forward filter rule 10 action jump" ... Elapsed 0.006 sec: Executing the "firewall ipv4 forward filter rule 10 inbound-interface name eth0.12" ... Elapsed 0.055 sec: Executing the "firewall ipv4 forward filter rule 15" ... Elapsed 0.011 sec: Executing the "firewall ipv4 forward filter rule 15 action jump" ... Elapsed 0.005 sec: Executing the "firewall ipv4 forward filter rule 15 inbound-interface name eth0.130" ... Elapsed 0.054 sec: Executing the "firewall ipv4 forward filter rule 20" ... Elapsed 0.011 sec: Executing the "firewall ipv4 forward filter rule 20 action jump" ... Elapsed 0.005 sec: Executing the "firewall ipv4 forward filter rule 20 inbound-interface name eth0.131" ... Elapsed 0.054 sec: Executing the "firewall ipv4 forward filter rule 25" ... Elapsed 0.011 sec: Executing the "firewall ipv4 forward filter rule 25 action jump" ... Elapsed 0.005 sec: Executing the "firewall ipv4 forward filter rule 25 inbound-interface name eth0.140" ... Elapsed 0.055 sec: Executing the "firewall ipv4 forward filter rule 30" ... Elapsed 0.011 sec: Executing the "firewall ipv4 forward filter rule 30 action jump" ... Elapsed 0.005 sec: Executing the "firewall ipv4 forward filter rule 30 inbound-interface name eth0.141" ... Elapsed 0.057 sec: Executing the "firewall ipv4 forward filter rule 35" ... Elapsed 0.011 sec: Executing the "firewall ipv4 forward filter rule 35 action jump" ... Elapsed 0.005 sec: Executing the "firewall ipv4 forward filter rule 35 inbound-interface name eth0.262" ... Elapsed 0.054 sec: Executing the "firewall ipv4 forward filter rule 40" ... Elapsed 0.011 sec: Executing the "firewall ipv4 forward filter rule 40 action jump" ... Elapsed 0.005 sec: Executing the "firewall ipv4 forward filter rule 40 outbound-interface name eth0.10" ... Elapsed 0.054 sec: Executing the "firewall ipv4 forward filter rule 45" ... Elapsed 0.010 sec: Executing the "firewall ipv4 forward filter rule 45 action jump" ... Elapsed 0.006 sec: Executing the "firewall ipv4 forward filter rule 45 outbound-interface name eth0.12" ... Elapsed 0.054 sec: Executing the "firewall ipv4 forward filter rule 50" ... Elapsed 0.011 sec: Executing the "firewall ipv4 forward filter rule 50 action jump" ... Elapsed 0.005 sec: Executing the "firewall ipv4 forward filter rule 50 outbound-interface name eth0.130" ... Elapsed 0.054 sec: Executing the "firewall ipv4 forward filter rule 55" ... Elapsed 0.011 sec: Executing the "firewall ipv4 forward filter rule 55 action jump" ... Elapsed 0.005 sec: Executing the "firewall ipv4 forward filter rule 55 outbound-interface name eth0.131" ... Elapsed 0.054 sec: Executing the "firewall ipv4 forward filter rule 60" ... Elapsed 0.011 sec: Executing the "firewall ipv4 forward filter rule 60 action jump" ... Elapsed 0.005 sec: Executing the "firewall ipv4 forward filter rule 60 outbound-interface name eth0.140" ... Elapsed 0.054 sec: Executing the "firewall ipv4 forward filter rule 65" ... Elapsed 0.011 sec: Executing the "firewall ipv4 forward filter rule 65 action jump" ... Elapsed 0.005 sec: Executing the "firewall ipv4 forward filter rule 65 outbound-interface name eth0.141" ... Elapsed 0.055 sec: Executing the "firewall ipv4 forward filter rule 70" ... Elapsed 0.011 sec: Executing the "firewall ipv4 forward filter rule 70 action jump" ... Elapsed 0.005 sec: Executing the "firewall ipv4 forward filter rule 70 outbound-interface name eth0.262" ... Elapsed 0.054 sec: Executing the "firewall ipv4 input filter default-action accept" ... Elapsed 0.006 sec: Executing the "firewall ipv4 input filter rule 5" ... Elapsed 0.010 sec: Executing the "firewall ipv4 input filter rule 5 action jump" ... Elapsed 0.005 sec: Executing the "firewall ipv4 input filter rule 5 inbound-interface name dum1" ... Elapsed 0.056 sec: Executing the "firewall ipv4 input filter rule 10" ... Elapsed 0.012 sec: Executing the "firewall ipv4 input filter rule 10 action jump" ... Elapsed 0.006 sec: Executing the "firewall ipv4 input filter rule 10 inbound-interface name eth0.10" ... Elapsed 0.055 sec: Executing the "firewall ipv4 input filter rule 15" ... Elapsed 0.011 sec: Executing the "firewall ipv4 input filter rule 15 action jump" ... Elapsed 0.006 sec: Executing the "firewall ipv4 input filter rule 15 inbound-interface name eth0.12" ... Elapsed 0.056 sec: Executing the "firewall ipv4 input filter rule 20" ... Elapsed 0.011 sec: Executing the "firewall ipv4 input filter rule 20 action jump" ... Elapsed 0.006 sec: Executing the "firewall ipv4 input filter rule 20 inbound-interface name eth0.20" ... Elapsed 0.054 sec: Executing the "firewall ipv4 input filter rule 25" ... Elapsed 0.010 sec: Executing the "firewall ipv4 input filter rule 25 action jump" ... Elapsed 0.006 sec: Executing the "firewall ipv4 input filter rule 25 inbound-interface name eth0.130" ... Elapsed 0.055 sec: Executing the "firewall ipv4 input filter rule 30" ... Elapsed 0.011 sec: Executing the "firewall ipv4 input filter rule 30 action jump" ... Elapsed 0.006 sec: Executing the "firewall ipv4 input filter rule 30 inbound-interface name eth0.131" ... Elapsed 0.057 sec: Executing the "firewall ipv4 input filter rule 35" ... Elapsed 0.012 sec: Executing the "firewall ipv4 input filter rule 35 action jump" ... Elapsed 0.006 sec: Executing the "firewall ipv4 input filter rule 35 inbound-interface name eth0.140" ... Elapsed 0.056 sec: Executing the "firewall ipv4 input filter rule 40" ... Elapsed 0.011 sec: Executing the "firewall ipv4 input filter rule 40 action jump" ... Elapsed 0.006 sec: Executing the "firewall ipv4 input filter rule 40 inbound-interface name eth0.141" ... Elapsed 0.054 sec: Executing the "firewall ipv4 input filter rule 45" ... Elapsed 0.011 sec: Executing the "firewall ipv4 input filter rule 45 action jump" ... Elapsed 0.005 sec: Executing the "firewall ipv4 input filter rule 45 inbound-interface name eth0.262" ... Elapsed 0.054 sec: Executing the "firewall ipv4 name FROM-HAEMAIL" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAEMAIL default-action drop" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name FROM-HAEMAIL rule 10" ... Elapsed 0.009 sec: Executing the "firewall ipv4 name FROM-HAEMAIL rule 10 action return" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name FROM-HAEMAIL rule 10 description TCP to itconsult" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAEMAIL rule 10 destination address 193.201.42.0/24" ... Elapsed 0.032 sec: Executing the "firewall ipv4 name FROM-HAEMAIL rule 10 destination port domain,www,https,smtp,ldap,ldaps" ... Elapsed 0.098 sec: Executing the "firewall ipv4 name FROM-HAEMAIL rule 10 protocol tcp" ... Elapsed 0.057 sec: Executing the "firewall ipv4 name FROM-HAEMAIL rule 10 source address 193.201.42.72/29" ... Elapsed 0.034 sec: Executing the "firewall ipv4 name FROM-HAEMAIL rule 11" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name FROM-HAEMAIL rule 11 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAEMAIL rule 11 description UDP to itconsult" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAEMAIL rule 11 destination address 193.201.42.0/24" ... Elapsed 0.032 sec: Executing the "firewall ipv4 name FROM-HAEMAIL rule 11 destination port domain,ntp,syslog,ldap,ldaps" ... Elapsed 0.086 sec: Executing the "firewall ipv4 name FROM-HAEMAIL rule 11 protocol udp" ... Elapsed 0.056 sec: Executing the "firewall ipv4 name FROM-HAEMAIL rule 11 source address 193.201.42.72/29" ... Elapsed 0.031 sec: Executing the "firewall ipv4 name FROM-HAEMAIL rule 110" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name FROM-HAEMAIL rule 110 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAEMAIL rule 110 description Outgoing SMTP" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAEMAIL rule 110 destination port smtp" ... Elapsed 0.083 sec: Executing the "firewall ipv4 name FROM-HAEMAIL rule 110 protocol tcp" ... Elapsed 0.058 sec: Executing the "firewall ipv4 name FROM-HAEMAIL rule 110 source address 193.201.42.72/29" ... Elapsed 0.033 sec: Executing the "firewall ipv4 name FROM-HAEMAIL rule 120" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name FROM-HAEMAIL rule 120 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAEMAIL rule 120 description Internet Browsing (normally disabled)" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAEMAIL rule 120 destination port www,https" ... Elapsed 0.084 sec: Executing the "firewall ipv4 name FROM-HAEMAIL rule 120 protocol tcp" ... Elapsed 0.060 sec: Executing the "firewall ipv4 name FROM-HAEMAIL rule 120 source address 193.201.42.72/29" ... Elapsed 0.034 sec: Executing the "firewall ipv4 name FROM-HAEMAIL rule 996" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name FROM-HAEMAIL rule 996 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAEMAIL rule 996 description ICMP throughout" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAEMAIL rule 996 protocol icmp" ... Elapsed 0.055 sec: Executing the "firewall ipv4 name FROM-HAEMAIL rule 997" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name FROM-HAEMAIL rule 997 action return" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name FROM-HAEMAIL rule 997 description Firewall return traffic" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAEMAIL rule 997 state established" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAEMAIL rule 997 state related" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAEMAIL rule 999" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name FROM-HAEMAIL rule 999 action reject" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAEMAIL rule 999 description Block" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAEMAIL rule 999 protocol all" ... Elapsed 0.055 sec: Executing the "firewall ipv4 name FROM-HAHOSTING" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAHOSTING default-action drop" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 10" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 10 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 10 description TCP to itconsult" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 10 destination address 193.201.42.0/24" ... Elapsed 0.032 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 10 destination port domain,smtp,5667" ... Elapsed 0.083 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 10 protocol tcp" ... Elapsed 0.056 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 10 source address 193.201.42.0/28" ... Elapsed 0.034 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 11" ... Elapsed 0.012 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 11 action return" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 11 description UDP to itconsult" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 11 destination address 193.201.42.0/24" ... Elapsed 0.033 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 11 destination port domain,ntp,syslog" ... Elapsed 0.083 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 11 protocol udp" ... Elapsed 0.057 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 11 source address 193.201.42.0/28" ... Elapsed 0.033 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 110" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 110 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 110 description Outgoing SMTP" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 110 destination port smtp" ... Elapsed 0.080 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 110 protocol tcp" ... Elapsed 0.055 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 110 source address 193.201.42.0/28" ... Elapsed 0.033 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 120" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 120 action return" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 120 description Outgoing DNS" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 120 destination port domain" ... Elapsed 0.081 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 120 protocol udp" ... Elapsed 0.056 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 120 source address 193.201.42.0/28" ... Elapsed 0.037 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 121" ... Elapsed 0.009 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 121 action return" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 121 description Outgoing DNS" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 121 destination port domain" ... Elapsed 0.086 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 121 protocol tcp" ... Elapsed 0.055 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 121 source address 193.201.42.0/28" ... Elapsed 0.031 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 130" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 130 action return" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 130 description Internet Browsing (normally disabled)" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 130 destination port www,https" ... Elapsed 0.081 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 130 protocol tcp" ... Elapsed 0.055 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 130 source address 193.201.42.0/28" ... Elapsed 0.033 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 140" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 140 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 140 description m64 outgoing re Cattools" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 140 destination port telnet,ssh,445" ... Elapsed 0.082 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 140 protocol tcp" ... Elapsed 0.059 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 140 source address 193.201.42.10/32" ... Elapsed 0.033 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 141" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 141 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 141 description m71 ssh" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 141 destination port ssh" ... Elapsed 0.081 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 141 protocol tcp" ... Elapsed 0.060 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 141 source address 193.201.42.7/32" ... Elapsed 0.033 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 996" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 996 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 996 description ICMP throughout" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 996 protocol icmp" ... Elapsed 0.055 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 997" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 997 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 997 description Firewall return traffic" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 997 state established" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 997 state related" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 999" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 999 action reject" ... Elapsed 0.008 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 999 description Block" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name FROM-HAHOSTING rule 999 protocol all" ... Elapsed 0.055 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING default-action drop" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING rule 10" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING rule 10 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING rule 10 description TCP to itconsult" ... Elapsed 0.008 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING rule 10 destination address 193.201.42.0/24" ... Elapsed 0.033 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING rule 10 destination port domain,www,https,smtp" ... Elapsed 0.085 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING rule 10 protocol tcp" ... Elapsed 0.056 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING rule 10 source address 212.9.23.0/29" ... Elapsed 0.034 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING rule 11" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING rule 11 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING rule 11 description UDP to itconsult" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING rule 11 destination address 193.201.42.0/24" ... Elapsed 0.034 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING rule 11 destination port domain,ntp,syslog,ldap,ldaps" ... Elapsed 0.080 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING rule 11 protocol udp" ... Elapsed 0.055 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING rule 11 source address 212.9.23.0/29" ... Elapsed 0.032 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING rule 110" ... Elapsed 0.012 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING rule 110 action return" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING rule 110 description Outgoing SMTP from m81" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING rule 110 destination port smtp" ... Elapsed 0.080 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING rule 110 protocol tcp" ... Elapsed 0.055 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING rule 110 source address 212.9.23.2/32" ... Elapsed 0.035 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING rule 120" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING rule 120 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING rule 120 description Internet Browsing (normally disabled)" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING rule 120 destination port www,https" ... Elapsed 0.080 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING rule 120 protocol tcp" ... Elapsed 0.056 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING rule 120 source address 212.9.23.0/29" ... Elapsed 0.036 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING rule 130" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING rule 130 action return" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING rule 130 description TEMP Outgoing Kali (normally disabled)" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING rule 130 source address 212.9.23.3/32" ... Elapsed 0.031 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING rule 996" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING rule 996 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING rule 996 description ICMP throughout" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING rule 996 protocol icmp" ... Elapsed 0.054 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING rule 997" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING rule 997 action return" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING rule 997 description Firewall return traffic" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING rule 997 state established" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING rule 997 state related" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING rule 999" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING rule 999 action reject" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING rule 999 description Block" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAJTHOSTING rule 999 protocol all" ... Elapsed 0.054 sec: Executing the "firewall ipv4 name FROM-HAUNIFI" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAUNIFI default-action drop" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAUNIFI rule 10" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name FROM-HAUNIFI rule 10 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAUNIFI rule 10 description TCP to itconsult" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAUNIFI rule 10 destination address 193.201.42.0/24" ... Elapsed 0.031 sec: Executing the "firewall ipv4 name FROM-HAUNIFI rule 10 destination port domain,smtp" ... Elapsed 0.085 sec: Executing the "firewall ipv4 name FROM-HAUNIFI rule 10 protocol tcp" ... Elapsed 0.056 sec: Executing the "firewall ipv4 name FROM-HAUNIFI rule 10 source address 10.193.132.0/24" ... Elapsed 0.033 sec: Executing the "firewall ipv4 name FROM-HAUNIFI rule 11" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name FROM-HAUNIFI rule 11 action return" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name FROM-HAUNIFI rule 11 description UDP to itconsult" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name FROM-HAUNIFI rule 11 destination address 193.201.42.0/24" ... Elapsed 0.032 sec: Executing the "firewall ipv4 name FROM-HAUNIFI rule 11 destination port domain,ntp,syslog" ... Elapsed 0.083 sec: Executing the "firewall ipv4 name FROM-HAUNIFI rule 11 protocol udp" ... Elapsed 0.056 sec: Executing the "firewall ipv4 name FROM-HAUNIFI rule 11 source address 10.193.132.0/24" ... Elapsed 0.033 sec: Executing the "firewall ipv4 name FROM-HAUNIFI rule 120" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name FROM-HAUNIFI rule 120 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAUNIFI rule 120 description Internet Browsing (normally disabled)" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAUNIFI rule 120 destination port www,https" ... Elapsed 0.082 sec: Executing the "firewall ipv4 name FROM-HAUNIFI rule 120 protocol tcp" ... Elapsed 0.056 sec: Executing the "firewall ipv4 name FROM-HAUNIFI rule 120 source address 10.193.132.0/24" ... Elapsed 0.033 sec: Executing the "firewall ipv4 name FROM-HAUNIFI rule 996" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name FROM-HAUNIFI rule 996 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAUNIFI rule 996 description ICMP throughout" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name FROM-HAUNIFI rule 996 protocol icmp" ... Elapsed 0.056 sec: Executing the "firewall ipv4 name FROM-HAUNIFI rule 997" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name FROM-HAUNIFI rule 997 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAUNIFI rule 997 description Firewall return traffic" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAUNIFI rule 997 state established" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAUNIFI rule 997 state related" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAUNIFI rule 999" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name FROM-HAUNIFI rule 999 action reject" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name FROM-HAUNIFI rule 999 description Block" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAUNIFI rule 999 protocol all" ... Elapsed 0.055 sec: Executing the "firewall ipv4 name FROM-HAVIRT" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name FROM-HAVIRT default-action drop" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name FROM-HAVIRT rule 10" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name FROM-HAVIRT rule 10 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAVIRT rule 10 description All traffic to itconsult" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAVIRT rule 10 destination address 193.201.42.0/24" ... Elapsed 0.032 sec: Executing the "firewall ipv4 name FROM-HAVIRT rule 10 protocol all" ... Elapsed 0.056 sec: Executing the "firewall ipv4 name FROM-HAVIRT rule 10 source address 193.201.42.80/28" ... Elapsed 0.033 sec: Executing the "firewall ipv4 name FROM-HAVIRT rule 11" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name FROM-HAVIRT rule 11 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAVIRT rule 11 description All traffic to itconsult - vlan 121" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAVIRT rule 11 destination address 212.9.4.208/29" ... Elapsed 0.032 sec: Executing the "firewall ipv4 name FROM-HAVIRT rule 11 protocol all" ... Elapsed 0.055 sec: Executing the "firewall ipv4 name FROM-HAVIRT rule 11 source address 193.201.42.80/28" ... Elapsed 0.034 sec: Executing the "firewall ipv4 name FROM-HAVIRT rule 20" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name FROM-HAVIRT rule 20 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAVIRT rule 20 description NTP" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAVIRT rule 20 destination port ntp" ... Elapsed 0.082 sec: Executing the "firewall ipv4 name FROM-HAVIRT rule 20 protocol udp" ... Elapsed 0.056 sec: Executing the "firewall ipv4 name FROM-HAVIRT rule 20 source address 193.201.42.80/28" ... Elapsed 0.033 sec: Executing the "firewall ipv4 name FROM-HAVIRT rule 30" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name FROM-HAVIRT rule 30 action return" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name FROM-HAVIRT rule 30 description Browsing" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name FROM-HAVIRT rule 30 destination port www,https" ... Elapsed 0.084 sec: Executing the "firewall ipv4 name FROM-HAVIRT rule 30 protocol tcp" ... Elapsed 0.058 sec: Executing the "firewall ipv4 name FROM-HAVIRT rule 30 source address 193.201.42.80/28" ... Elapsed 0.034 sec: Executing the "firewall ipv4 name FROM-HAVIRT rule 996" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name FROM-HAVIRT rule 996 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAVIRT rule 996 description ICMP throughout" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAVIRT rule 996 protocol icmp" ... Elapsed 0.056 sec: Executing the "firewall ipv4 name FROM-HAVIRT rule 997" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name FROM-HAVIRT rule 997 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAVIRT rule 997 description Firewall return traffic" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name FROM-HAVIRT rule 997 state established" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAVIRT rule 997 state related" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAVIRT rule 999" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name FROM-HAVIRT rule 999 action reject" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name FROM-HAVIRT rule 999 description Block" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-HAVIRT rule 999 protocol all" ... Elapsed 0.057 sec: Executing the "firewall ipv4 name FROM-INSIDEH" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name FROM-INSIDEH default-action drop" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-INSIDEH rule 11" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name FROM-INSIDEH rule 11 action return" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name FROM-INSIDEH rule 11 description Allow printer l01 only to local" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-INSIDEH rule 11 protocol all" ... Elapsed 0.055 sec: Executing the "firewall ipv4 name FROM-INSIDEH rule 11 source address 193.201.42.37/32" ... Elapsed 0.032 sec: Executing the "firewall ipv4 name FROM-INSIDEH rule 12" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name FROM-INSIDEH rule 12 action reject" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name FROM-INSIDEH rule 12 description Deny printer l01 to Internet" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-INSIDEH rule 12 protocol all" ... Elapsed 0.055 sec: Executing the "firewall ipv4 name FROM-INSIDEH rule 12 source address 193.201.42.37/32" ... Elapsed 0.033 sec: Executing the "firewall ipv4 name FROM-INSIDEH rule 101" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name FROM-INSIDEH rule 101 action return" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name FROM-INSIDEH rule 101 description All outgoing" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-INSIDEH rule 101 protocol all" ... Elapsed 0.054 sec: Executing the "firewall ipv4 name FROM-INSIDEH rule 101 source address 193.201.42.0/26" ... Elapsed 0.033 sec: Executing the "firewall ipv4 name FROM-INSIDEH rule 102" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name FROM-INSIDEH rule 102 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-INSIDEH rule 102 description All outgoing from JT subnet" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-INSIDEH rule 102 protocol all" ... Elapsed 0.055 sec: Executing the "firewall ipv4 name FROM-INSIDEH rule 102 source address 212.9.23.0/29" ... Elapsed 0.032 sec: Executing the "firewall ipv4 name FROM-INSIDEH rule 991" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name FROM-INSIDEH rule 991 action reject" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-INSIDEH rule 991 description Reject broadcast without logging" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-INSIDEH rule 991 destination address 212.9.16.7" ... Elapsed 0.039 sec: Executing the "firewall ipv4 name FROM-INSIDEH rule 991 protocol all" ... Elapsed 0.055 sec: Executing the "firewall ipv4 name FROM-INSIDEH rule 998" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name FROM-INSIDEH rule 998 action reject" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-INSIDEH rule 998 description Reject broadcast without logging" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-INSIDEH rule 998 destination address 193.201.42.127" ... Elapsed 0.039 sec: Executing the "firewall ipv4 name FROM-INSIDEH rule 998 protocol all" ... Elapsed 0.055 sec: Executing the "firewall ipv4 name FROM-INSIDEH rule 999" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name FROM-INSIDEH rule 999 action reject" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-INSIDEH rule 999 description Block" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-INSIDEH rule 999 protocol all" ... Elapsed 0.054 sec: Executing the "firewall ipv4 name FROM-MR" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-MR default-action drop" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-MR rule 10" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name FROM-MR rule 10 action return" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name FROM-MR rule 10 description All Outgoing" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-MR rule 10 protocol all" ... Elapsed 0.054 sec: Executing the "firewall ipv4 name FROM-MR rule 10 source address 10.193.134.0/24" ... Elapsed 0.031 sec: Executing the "firewall ipv4 name FROM-MR rule 996" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name FROM-MR rule 996 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-MR rule 996 description ICMP throughout" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-MR rule 996 protocol icmp" ... Elapsed 0.053 sec: Executing the "firewall ipv4 name FROM-MR rule 997" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name FROM-MR rule 997 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-MR rule 997 description Firewall return traffic" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-MR rule 997 state established" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-MR rule 997 state related" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-MR rule 999" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name FROM-MR rule 999 action reject" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-MR rule 999 description Block" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name FROM-MR rule 999 protocol all" ... Elapsed 0.056 sec: Executing the "firewall ipv4 name TO-HAEMAIL" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAEMAIL default-action drop" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAEMAIL rule 10" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name TO-HAEMAIL rule 10 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAEMAIL rule 10 description TCP from itconsult" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAEMAIL rule 10 destination address 193.201.42.72/29" ... Elapsed 0.029 sec: Executing the "firewall ipv4 name TO-HAEMAIL rule 10 destination port ssh,smtp,pop3,imap,imaps,submission" ... Elapsed 0.082 sec: Executing the "firewall ipv4 name TO-HAEMAIL rule 10 protocol tcp" ... Elapsed 0.054 sec: Executing the "firewall ipv4 name TO-HAEMAIL rule 10 source address 193.201.42.0/24" ... Elapsed 0.030 sec: Executing the "firewall ipv4 name TO-HAEMAIL rule 11" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name TO-HAEMAIL rule 11 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAEMAIL rule 11 description UDP from itconsult" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAEMAIL rule 11 destination address 193.201.42.72/29" ... Elapsed 0.031 sec: Executing the "firewall ipv4 name TO-HAEMAIL rule 11 destination port snmp" ... Elapsed 0.080 sec: Executing the "firewall ipv4 name TO-HAEMAIL rule 11 protocol udp" ... Elapsed 0.054 sec: Executing the "firewall ipv4 name TO-HAEMAIL rule 11 source address 193.201.42.0/24" ... Elapsed 0.032 sec: Executing the "firewall ipv4 name TO-HAEMAIL rule 110" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name TO-HAEMAIL rule 110 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAEMAIL rule 110 description SMTP throughout" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAEMAIL rule 110 destination address 193.201.42.72/29" ... Elapsed 0.031 sec: Executing the "firewall ipv4 name TO-HAEMAIL rule 110 destination port smtp" ... Elapsed 0.139 sec: Executing the "firewall ipv4 name TO-HAEMAIL rule 110 protocol tcp" ... Elapsed 0.058 sec: Executing the "firewall ipv4 name TO-HAEMAIL rule 996" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name TO-HAEMAIL rule 996 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAEMAIL rule 996 description ICMP throughout" ... Elapsed 0.007 sec: Executing the "firewall ipv4 name TO-HAEMAIL rule 996 protocol icmp" ... Elapsed 0.055 sec: Executing the "firewall ipv4 name TO-HAEMAIL rule 997" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name TO-HAEMAIL rule 997 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAEMAIL rule 997 description Firewall return traffic" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAEMAIL rule 997 state established" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAEMAIL rule 997 state related" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAEMAIL rule 999" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name TO-HAEMAIL rule 999 action reject" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAEMAIL rule 999 description Block" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAEMAIL rule 999 protocol all" ... Elapsed 0.056 sec: Executing the "firewall ipv4 name TO-HAHOSTING" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-HAHOSTING default-action drop" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 10" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 10 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 10 description TCP from itconsult" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 10 destination address 193.201.42.0/28" ... Elapsed 0.030 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 10 destination port ssh,3389,5666,pop3,445,8001,8000" ... Elapsed 0.082 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 10 protocol tcp" ... Elapsed 0.056 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 10 source address 193.201.42.0/24" ... Elapsed 0.031 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 11" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 11 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 11 description UDP from itconsult" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 11 destination address 193.201.42.0/28" ... Elapsed 0.030 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 11 destination port snmp" ... Elapsed 0.082 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 11 protocol udp" ... Elapsed 0.056 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 11 source address 193.201.42.0/24" ... Elapsed 0.031 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 110" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 110 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 110 description SMTP/DNS" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 110 destination address 193.201.42.0/28" ... Elapsed 0.030 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 110 destination port smtp,domain" ... Elapsed 0.081 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 110 protocol tcp" ... Elapsed 0.055 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 120" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 120 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 120 description DNS" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 120 destination address 193.201.42.0/28" ... Elapsed 0.030 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 120 destination port domain" ... Elapsed 0.081 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 120 protocol udp" ... Elapsed 0.056 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 130" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 130 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 130 description SYSLOG & SMNP Trap to m63" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 130 destination address 193.201.42.2/32" ... Elapsed 0.032 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 130 destination port syslog,162" ... Elapsed 0.082 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 130 protocol udp" ... Elapsed 0.057 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 140" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 140 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 140 description ssh from m70" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 140 destination address 193.201.42.0/28" ... Elapsed 0.030 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 140 destination port ssh" ... Elapsed 0.081 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 140 protocol tcp" ... Elapsed 0.056 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 140 source address 139.162.144.150/32" ... Elapsed 0.032 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 141" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 141 action return" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 141 description ssh from m72" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 141 destination address 193.201.42.0/28" ... Elapsed 0.030 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 141 destination port ssh" ... Elapsed 0.082 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 141 protocol tcp" ... Elapsed 0.056 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 141 source address 45.63.34.123/32" ... Elapsed 0.032 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 142" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 142 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 142 description ssh to m71" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 142 destination address 193.201.42.7/32" ... Elapsed 0.030 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 142 destination port ssh" ... Elapsed 0.081 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 142 protocol tcp" ... Elapsed 0.058 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 996" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 996 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 996 description ICMP throughout" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 996 protocol icmp" ... Elapsed 0.054 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 997" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 997 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 997 description Firewall return traffic" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 997 state established" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 997 state related" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 999" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 999 action reject" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 999 description Block" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAHOSTING rule 999 protocol all" ... Elapsed 0.054 sec: Executing the "firewall ipv4 name TO-HAJTHOSTING" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-HAJTHOSTING default-action drop" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAJTHOSTING rule 10" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name TO-HAJTHOSTING rule 10 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAJTHOSTING rule 10 description TCP from itconsult" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAJTHOSTING rule 10 destination address 212.9.23.0/29" ... Elapsed 0.030 sec: Executing the "firewall ipv4 name TO-HAJTHOSTING rule 10 destination port ssh,smtp,9392,https" ... Elapsed 0.082 sec: Executing the "firewall ipv4 name TO-HAJTHOSTING rule 10 protocol tcp" ... Elapsed 0.056 sec: Executing the "firewall ipv4 name TO-HAJTHOSTING rule 10 source address 193.201.42.0/24" ... Elapsed 0.031 sec: Executing the "firewall ipv4 name TO-HAJTHOSTING rule 11" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name TO-HAJTHOSTING rule 11 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAJTHOSTING rule 11 description UDP from itconsult" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAJTHOSTING rule 11 destination address 212.9.23.0/29" ... Elapsed 0.030 sec: Executing the "firewall ipv4 name TO-HAJTHOSTING rule 11 destination port snmp" ... Elapsed 0.097 sec: Executing the "firewall ipv4 name TO-HAJTHOSTING rule 11 protocol udp" ... Elapsed 0.058 sec: Executing the "firewall ipv4 name TO-HAJTHOSTING rule 11 source address 193.201.42.0/24" ... Elapsed 0.031 sec: Executing the "firewall ipv4 name TO-HAJTHOSTING rule 110" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name TO-HAJTHOSTING rule 110 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAJTHOSTING rule 110 description SMTP to m81" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAJTHOSTING rule 110 destination address 212.9.23.2/32" ... Elapsed 0.030 sec: Executing the "firewall ipv4 name TO-HAJTHOSTING rule 110 destination port smtp" ... Elapsed 0.084 sec: Executing the "firewall ipv4 name TO-HAJTHOSTING rule 110 protocol tcp" ... Elapsed 0.056 sec: Executing the "firewall ipv4 name TO-HAJTHOSTING rule 996" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name TO-HAJTHOSTING rule 996 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAJTHOSTING rule 996 description ICMP throughout" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAJTHOSTING rule 996 protocol icmp" ... Elapsed 0.055 sec: Executing the "firewall ipv4 name TO-HAJTHOSTING rule 997" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name TO-HAJTHOSTING rule 997 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAJTHOSTING rule 997 description Firewall return traffic" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAJTHOSTING rule 997 state established" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAJTHOSTING rule 997 state related" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAJTHOSTING rule 999" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name TO-HAJTHOSTING rule 999 action reject" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAJTHOSTING rule 999 description Block" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAJTHOSTING rule 999 protocol all" ... Elapsed 0.055 sec: Executing the "firewall ipv4 name TO-HAUNIFI" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-HAUNIFI default-action drop" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAUNIFI rule 10" ... Elapsed 0.034 sec: Executing the "firewall ipv4 name TO-HAUNIFI rule 10 action return" ... Elapsed 0.009 sec: Executing the "firewall ipv4 name TO-HAUNIFI rule 10 description TCP from itconsult" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAUNIFI rule 10 destination address 10.193.132.0/24" ... Elapsed 0.030 sec: Executing the "firewall ipv4 name TO-HAUNIFI rule 10 destination port ssh,8443" ... Elapsed 0.081 sec: Executing the "firewall ipv4 name TO-HAUNIFI rule 10 protocol tcp" ... Elapsed 0.056 sec: Executing the "firewall ipv4 name TO-HAUNIFI rule 10 source address 193.201.42.0/24" ... Elapsed 0.031 sec: Executing the "firewall ipv4 name TO-HAUNIFI rule 11" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name TO-HAUNIFI rule 11 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAUNIFI rule 11 description UDP from itconsult" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAUNIFI rule 11 destination address 10.193.132.0/24" ... Elapsed 0.033 sec: Executing the "firewall ipv4 name TO-HAUNIFI rule 11 destination port snmp" ... Elapsed 0.079 sec: Executing the "firewall ipv4 name TO-HAUNIFI rule 11 protocol udp" ... Elapsed 0.055 sec: Executing the "firewall ipv4 name TO-HAUNIFI rule 11 source address 193.201.42.0/24" ... Elapsed 0.033 sec: Executing the "firewall ipv4 name TO-HAUNIFI rule 996" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name TO-HAUNIFI rule 996 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAUNIFI rule 996 description ICMP throughout" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAUNIFI rule 996 protocol icmp" ... Elapsed 0.058 sec: Executing the "firewall ipv4 name TO-HAUNIFI rule 997" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name TO-HAUNIFI rule 997 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAUNIFI rule 997 description Firewall return traffic" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAUNIFI rule 997 state established" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAUNIFI rule 997 state related" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAUNIFI rule 999" ... Elapsed 0.009 sec: Executing the "firewall ipv4 name TO-HAUNIFI rule 999 action reject" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAUNIFI rule 999 description Block" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAUNIFI rule 999 protocol all" ... Elapsed 0.053 sec: Executing the "firewall ipv4 name TO-HAVIRT" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAVIRT default-action drop" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 3" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 3 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 3 description Allow local ha-h02" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 3 destination address 193.201.42.85/32" ... Elapsed 0.030 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 3 source address 193.201.42.0/24" ... Elapsed 0.032 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 5" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 5 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 5 description Allow local NTP" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 5 destination address 193.201.42.80/28" ... Elapsed 0.030 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 5 destination port ntp" ... Elapsed 0.168 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 5 protocol udp" ... Elapsed 0.077 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 5 source address 193.201.42.0/24" ... Elapsed 0.031 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 6" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 6 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 6 description Allow local NTP - vlan 131" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 6 destination address 193.201.42.80/28" ... Elapsed 0.030 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 6 destination port ntp" ... Elapsed 0.087 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 6 protocol udp" ... Elapsed 0.057 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 6 source address 212.9.23.0/29" ... Elapsed 0.031 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 7" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 7 action return" ... Elapsed 0.065 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 7 description Allow local NTP - vlan 141" ... Elapsed 0.014 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 7 destination address 193.201.42.80/28" ... Elapsed 0.035 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 7 destination port ntp" ... Elapsed 0.114 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 7 protocol udp" ... Elapsed 0.055 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 7 source address 10.193.132.0/24" ... Elapsed 0.031 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 10" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 10 action reject" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 10 description Disallow Bassspeaker" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 10 destination address 193.201.42.80/28" ... Elapsed 0.030 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 10 source address 193.201.42.216/29" ... Elapsed 0.030 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 20" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 20 action reject" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 20 description Disallow Guides" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 20 destination address 193.201.42.80/28" ... Elapsed 0.030 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 20 source address 193.201.42.120/29" ... Elapsed 0.030 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 30" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 30 action reject" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 30 description Disallow Merula" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 30 destination address 193.201.42.80/28" ... Elapsed 0.030 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 30 source address 193.201.42.192/29" ... Elapsed 0.030 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 40" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 40 action reject" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 40 description Disallow Island Networks" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 40 destination address 193.201.42.80/28" ... Elapsed 0.033 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 40 source address 193.201.42.176/28" ... Elapsed 0.035 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 100" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 100 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 100 description Allow all local traffic" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 100 destination address 193.201.42.80/28" ... Elapsed 0.032 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 100 source address 193.201.42.0/24" ... Elapsed 0.033 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 110" ... Elapsed 0.012 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 110 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 110 description Allow all m70" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 110 destination address 193.201.42.80/28" ... Elapsed 0.032 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 110 source address 139.162.144.150/32" ... Elapsed 0.031 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 996" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 996 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 996 description ICMP throughout" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 996 protocol icmp" ... Elapsed 0.060 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 997" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 997 action return" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 997 description Firewall return traffic" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 997 state established" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 997 state related" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 999" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 999 action reject" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 999 description Block" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-HAVIRT rule 999 protocol all" ... Elapsed 0.055 sec: Executing the "firewall ipv4 name TO-INSIDEH" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-INSIDEH default-action drop" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 1" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 1 action drop" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 1 description Drop attack traffic" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 1 source address 202.104.102.94/32" ... Elapsed 0.033 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 10" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 10 action return" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 10 description Allow all local traffic" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 10 destination address 193.201.42.0/26" ... Elapsed 0.032 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 20" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 20 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 20 description Allow all local traffic to JT subnet" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 20 destination address 193.201.42.0/26" ... Elapsed 0.031 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 20 source address 212.9.23.0/29" ... Elapsed 0.032 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 30" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 30 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 30 description Permitted TCP traffic" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 30 destination address 193.201.42.0/26" ... Elapsed 0.031 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 30 destination port domain,smtp,pop3,submission,www,https,imap2,8000" ... Elapsed 0.082 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 30 protocol tcp" ... Elapsed 0.055 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 40" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 40 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 40 description Permitted UDP traffic" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 40 destination address 193.201.42.0/26" ... Elapsed 0.032 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 40 destination port domain" ... Elapsed 0.080 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 40 protocol udp" ... Elapsed 0.055 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 50" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 50 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 50 description Permitted TCP traffic to JT subnet" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 50 destination address 212.9.23.0/29" ... Elapsed 0.030 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 50 destination port domain,smtp" ... Elapsed 0.085 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 50 protocol tcp" ... Elapsed 0.055 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 60" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 60 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 60 description Permitted UDP traffic to JT subnet" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 60 destination address 212.9.23.0/29" ... Elapsed 0.029 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 60 destination port domain" ... Elapsed 0.079 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 60 protocol udp" ... Elapsed 0.055 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 70" ... Elapsed 0.012 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 70 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 70 description Syslog & SNMP Trap" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 70 destination address 193.201.42.2/32" ... Elapsed 0.030 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 70 destination port syslog,162" ... Elapsed 0.080 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 70 protocol udp" ... Elapsed 0.055 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 90" ... Elapsed 0.012 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 90 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 90 description FTP to ftp" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 90 destination address 193.201.42.20/32" ... Elapsed 0.030 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 90 destination port ftp" ... Elapsed 0.080 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 90 protocol tcp" ... Elapsed 0.055 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 100" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 100 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 100 description HTTPS to m73" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 100 destination address 193.201.42.34/32" ... Elapsed 0.029 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 100 destination port https" ... Elapsed 0.082 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 100 protocol tcp" ... Elapsed 0.056 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 120" ... Elapsed 0.012 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 120 action return" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 120 description NSCA to m40" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 120 destination address 193.201.42.46/32" ... Elapsed 0.033 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 120 destination port 5667" ... Elapsed 0.086 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 120 protocol tcp" ... Elapsed 0.055 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 210" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 210 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 210 description IPSEC" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 210 destination address 193.201.42.0/26" ... Elapsed 0.050 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 210 destination port 500,4500" ... Elapsed 0.086 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 210 protocol udp" ... Elapsed 0.056 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 220" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 220 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 220 description IPSEC" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 220 destination address 193.201.42.0/26" ... Elapsed 0.032 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 220 protocol esp" ... Elapsed 0.055 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 230" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 230 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 230 description m70 ssh" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 230 destination address 193.201.42.0/26" ... Elapsed 0.032 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 230 destination port ssh" ... Elapsed 0.080 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 230 protocol tcp" ... Elapsed 0.056 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 230 source address 139.162.144.150/32" ... Elapsed 0.032 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 231" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 231 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 231 description m72 ssh" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 231 destination address 193.201.42.0/26" ... Elapsed 0.030 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 231 destination port ssh" ... Elapsed 0.083 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 231 protocol tcp" ... Elapsed 0.057 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 231 source address 45.63.34.123/32" ... Elapsed 0.031 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 240" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 240 action return" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 240 description external smb to m86" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 240 destination address 193.201.42.48/32" ... Elapsed 0.034 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 240 destination port 445" ... Elapsed 0.083 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 240 protocol tcp" ... Elapsed 0.056 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 302" ... Elapsed 0.012 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 302 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 302 description m56 ssh (temporary)" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 302 destination address 193.201.42.36/32" ... Elapsed 0.032 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 302 destination port ssh" ... Elapsed 0.082 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 302 protocol tcp" ... Elapsed 0.060 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 303" ... Elapsed 0.012 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 303 action return" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 303 description imaps to et11 (temporary)" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 303 destination address 193.201.42.35/32" ... Elapsed 0.033 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 303 destination port 993" ... Elapsed 0.083 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 303 protocol tcp" ... Elapsed 0.058 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 304" ... Elapsed 0.012 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 304 action return" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 304 description vlan99 to lt01 (temporary)" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 304 destination address 193.201.42.34/32" ... Elapsed 0.033 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 304 source address 192.168.99.0/24" ... Elapsed 0.034 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 981" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 981 action reject" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 981 description Block IDENT without logging" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 981 destination port auth" ... Elapsed 0.083 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 981 protocol tcp" ... Elapsed 0.058 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 996" ... Elapsed 0.012 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 996 action return" ... Elapsed 0.007 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 996 description ICMP throughout" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 996 protocol icmp" ... Elapsed 0.056 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 997" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 997 action return" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 997 description Firewall return traffic" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 997 state established" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 997 state related" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 999" ... Elapsed 0.012 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 999 action reject" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 999 description Block" ... Elapsed 0.007 sec: Executing the "firewall ipv4 name TO-INSIDEH rule 999 protocol all" ... Elapsed 0.056 sec: Executing the "firewall ipv4 name TO-MR" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-MR default-action drop" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-MR rule 996" ... Elapsed 0.012 sec: Executing the "firewall ipv4 name TO-MR rule 996 action return" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-MR rule 996 description ICMP throughout" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-MR rule 996 protocol icmp" ... Elapsed 0.056 sec: Executing the "firewall ipv4 name TO-MR rule 997" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name TO-MR rule 997 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-MR rule 997 description Firewall return traffic" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-MR rule 997 state established" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-MR rule 997 state related" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-MR rule 999" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name TO-MR rule 999 action reject" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-MR rule 999 description Block" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-MR rule 999 protocol all" ... Elapsed 0.058 sec: Executing the "firewall ipv4 name TO-ROUTER" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-ROUTER default-action drop" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-ROUTER rule 10" ... Elapsed 0.010 sec: Executing the "firewall ipv4 name TO-ROUTER rule 10 action return" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-ROUTER rule 10 description All Local Traffic" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-ROUTER rule 10 protocol all" ... Elapsed 0.057 sec: Executing the "firewall ipv4 name TO-ROUTER rule 10 source address 193.201.42.0/24" ... Elapsed 0.033 sec: Executing the "firewall ipv4 name TO-ROUTER rule 20" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name TO-ROUTER rule 20 action return" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-ROUTER rule 20 description All Local Foreshore Traffic" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-ROUTER rule 20 protocol all" ... Elapsed 0.057 sec: Executing the "firewall ipv4 name TO-ROUTER rule 20 source address 213.167.95.24/29" ... Elapsed 0.035 sec: Executing the "firewall ipv4 name TO-ROUTER rule 30" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name TO-ROUTER rule 30 action return" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-ROUTER rule 30 description All Local Newtel Traffic" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-ROUTER rule 30 protocol all" ... Elapsed 0.057 sec: Executing the "firewall ipv4 name TO-ROUTER rule 30 source address 213.133.203.24/29" ... Elapsed 0.033 sec: Executing the "firewall ipv4 name TO-ROUTER rule 40" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name TO-ROUTER rule 40 action return" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-ROUTER rule 40 description All Local JT Traffic" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-ROUTER rule 40 protocol all" ... Elapsed 0.055 sec: Executing the "firewall ipv4 name TO-ROUTER rule 40 source address 212.9.23.0/29" ... Elapsed 0.034 sec: Executing the "firewall ipv4 name TO-ROUTER rule 50" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name TO-ROUTER rule 50 action return" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-ROUTER rule 50 description All Local JT Traffic" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-ROUTER rule 50 protocol all" ... Elapsed 0.055 sec: Executing the "firewall ipv4 name TO-ROUTER rule 50 source address 212.9.4.208/29" ... Elapsed 0.041 sec: Executing the "firewall ipv4 name TO-ROUTER rule 60" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name TO-ROUTER rule 60 action return" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-ROUTER rule 60 description VRRP" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-ROUTER rule 60 destination address 224.0.0.18" ... Elapsed 0.039 sec: Executing the "firewall ipv4 name TO-ROUTER rule 60 protocol 112" ... Elapsed 0.056 sec: Executing the "firewall ipv4 name TO-ROUTER rule 70" ... Elapsed 0.012 sec: Executing the "firewall ipv4 name TO-ROUTER rule 70 action return" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-ROUTER rule 70 description IPSEC UDP" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-ROUTER rule 70 destination port 500,4500,1701" ... Elapsed 0.087 sec: Executing the "firewall ipv4 name TO-ROUTER rule 70 protocol udp" ... Elapsed 0.059 sec: Executing the "firewall ipv4 name TO-ROUTER rule 80" ... Elapsed 0.012 sec: Executing the "firewall ipv4 name TO-ROUTER rule 80 action return" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-ROUTER rule 80 description IPSEC ESP" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-ROUTER rule 80 protocol esp" ... Elapsed 0.056 sec: Executing the "firewall ipv4 name TO-ROUTER rule 90" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name TO-ROUTER rule 90 action return" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-ROUTER rule 90 description BGP" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-ROUTER rule 90 destination port 179" ... Elapsed 0.083 sec: Executing the "firewall ipv4 name TO-ROUTER rule 90 protocol tcp" ... Elapsed 0.058 sec: Executing the "firewall ipv4 name TO-ROUTER rule 100" ... Elapsed 0.012 sec: Executing the "firewall ipv4 name TO-ROUTER rule 100 action return" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-ROUTER rule 100 description DHCP" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-ROUTER rule 100 destination port bootps" ... Elapsed 0.083 sec: Executing the "firewall ipv4 name TO-ROUTER rule 100 protocol udp" ... Elapsed 0.057 sec: Executing the "firewall ipv4 name TO-ROUTER rule 996" ... Elapsed 0.012 sec: Executing the "firewall ipv4 name TO-ROUTER rule 996 action return" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-ROUTER rule 996 description ICMP Throughout" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-ROUTER rule 996 protocol icmp" ... Elapsed 0.055 sec: Executing the "firewall ipv4 name TO-ROUTER rule 997" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name TO-ROUTER rule 997 action return" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-ROUTER rule 997 description Return Traffic" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-ROUTER rule 997 state established" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-ROUTER rule 997 state related" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-ROUTER rule 999" ... Elapsed 0.011 sec: Executing the "firewall ipv4 name TO-ROUTER rule 999 action reject" ... Elapsed 0.006 sec: Executing the "firewall ipv4 name TO-ROUTER rule 999 description Block & Log" ... Elapsed 0.005 sec: Executing the "firewall ipv4 name TO-ROUTER rule 999 protocol all" ... Elapsed 0.057 sec: Elapsed 20.029 sec: _commit_check_cfg_node Entering the _commit_exec_cfg_node Executing the "firewall" ... Elapsed 0.917 sec: Elapsed 0.918 sec: _commit_exec_cfg_node Entering the _commit_check_cfg_node Executing the "system syslog global facility all" ... Elapsed 0.006 sec: Executing the "system syslog global facility all level debug" ... Elapsed 0.006 sec: Executing the "system syslog global facility local7" ... Elapsed 0.005 sec: Executing the "system syslog global facility local7 level debug" ... Elapsed 0.005 sec: Executing the "system syslog host 193.201.42.2" ... Elapsed 0.015 sec: Executing the "system syslog host 193.201.42.2 facility all" ... Elapsed 0.005 sec: Executing the "system syslog host 193.201.42.2 facility all level debug" ... Elapsed 0.005 sec: Elapsed 0.051 sec: _commit_check_cfg_node Entering the _commit_exec_cfg_node Executing the "system syslog" ... Elapsed 0.999 sec: Elapsed 1.000 sec: _commit_exec_cfg_node Entering the _commit_check_cfg_node Executing the "system config-management commit-revisions 20" ... Elapsed 0.010 sec: Elapsed 0.010 sec: _commit_check_cfg_node Entering the _commit_exec_cfg_node Executing the "system config-management" ... Elapsed 0.031 sec: Elapsed 0.031 sec: _commit_exec_cfg_node Entering the _commit_check_cfg_node Executing the "system name-server 193.201.42.9" ... Elapsed 0.017 sec: Executing the "system name-server 193.201.42.130" ... Elapsed 0.017 sec: Elapsed 0.035 sec: _commit_check_cfg_node Entering the _commit_exec_cfg_node Executing the "system name-server 193.201.42.9" ... Elapsed 0.123 sec: Executing the "system name-server 193.201.42.130" ... Elapsed 0.122 sec: Executing the "system name-server 193.201.42.9" ... Elapsed 0.122 sec: Executing the "system name-server 193.201.42.130" ... Elapsed 0.123 sec: Elapsed 0.492 sec: _commit_exec_cfg_node Entering the _commit_check_cfg_node Executing the "system login user itconsult" ... Elapsed 0.005 sec: Executing the "system login user itconsult authentication encrypted-password [redacted]" ... Elapsed 0.005 sec: Elapsed 0.011 sec: _commit_check_cfg_node Entering the _commit_exec_cfg_node Executing the "system login banner" ... Elapsed 0.022 sec: Executing the "system login" ... Elapsed 4.347 sec: Elapsed 4.370 sec: _commit_exec_cfg_node Entering the _commit_check_cfg_node Executing the "protocols static route 0.0.0.0/0" ... Elapsed 0.014 sec: Executing the "protocols static route 0.0.0.0/0 next-hop 193.201.42.170" ... Elapsed 0.013 sec: Executing the "protocols static route 0.0.0.0/0 next-hop 193.201.42.170 distance 130" ... Elapsed 0.010 sec: Executing the "protocols static route 10.99.98.1/32" ... Elapsed 0.012 sec: Executing the "protocols static route 10.99.98.1/32 next-hop 193.201.42.165" ... Elapsed 0.012 sec: Executing the "protocols static route 192.168.151.0/24" ... Elapsed 0.012 sec: Executing the "protocols static route 192.168.151.0/24 next-hop 193.201.42.166" ... Elapsed 0.014 sec: Executing the "protocols static route 192.168.151.1/32" ... Elapsed 0.013 sec: Executing the "protocols static route 192.168.151.1/32 next-hop 193.201.42.166" ... Elapsed 0.013 sec: Executing the "protocols static table 1" ... Elapsed 0.010 sec: Executing the "protocols static table 1 route 0.0.0.0/0" ... Elapsed 0.012 sec: Executing the "protocols static table 1 route 0.0.0.0/0 next-hop 193.201.42.168" ... Elapsed 0.012 sec: Elapsed 0.154 sec: _commit_check_cfg_node Entering the _commit_exec_cfg_node Executing the "protocols static" ... Elapsed 1.106 sec: Elapsed 1.106 sec: _commit_exec_cfg_node Entering the _commit_check_cfg_node Executing the "protocols ospf area 0" ... Elapsed 0.012 sec: Executing the "protocols ospf area 0 network 193.201.42.160/28" ... Elapsed 0.012 sec: Executing the "protocols ospf area 0 network 193.201.42.210/32" ... Elapsed 0.011 sec: Executing the "protocols ospf area 0 network 193.201.42.80/28" ... Elapsed 0.011 sec: Executing the "protocols ospf area 0 network 193.201.42.32/27" ... Elapsed 0.012 sec: Executing the "protocols ospf area 0 network 193.201.42.0/28" ... Elapsed 0.012 sec: Executing the "protocols ospf area 0 network 193.201.42.72/29" ... Elapsed 0.012 sec: Executing the "protocols ospf area 0 network 212.9.23.0/29" ... Elapsed 0.011 sec: Executing the "protocols ospf area 0 network 10.193.132.0/24" ... Elapsed 0.012 sec: Executing the "protocols ospf area 0 network 193.201.42.188/32" ... Elapsed 0.011 sec: Executing the "protocols ospf interface dum1" ... Elapsed 0.010 sec: Executing the "protocols ospf interface eth0.10" ... Elapsed 0.010 sec: Executing the "protocols ospf interface eth0.10 cost 20" ... Elapsed 0.010 sec: Executing the "protocols ospf interface eth0.10 dead-interval 40" ... Elapsed 0.010 sec: Executing the "protocols ospf interface eth0.10 hello-interval 10" ... Elapsed 0.009 sec: Executing the "protocols ospf interface eth0.10 priority 1" ... Elapsed 0.010 sec: Executing the "protocols ospf interface eth0.10 retransmit-interval 5" ... Elapsed 0.009 sec: Executing the "protocols ospf interface eth0.10 transmit-delay 1" ... Elapsed 0.010 sec: Executing the "protocols ospf interface eth0.12" ... Elapsed 0.010 sec: Executing the "protocols ospf interface eth0.20" ... Elapsed 0.010 sec: Executing the "protocols ospf interface eth0.20 cost 20" ... Elapsed 0.010 sec: Executing the "protocols ospf interface eth0.20 dead-interval 4" ... Elapsed 0.009 sec: Executing the "protocols ospf interface eth0.20 hello-interval 1" ... Elapsed 0.009 sec: Executing the "protocols ospf interface eth0.20 priority 110" ... Elapsed 0.010 sec: Executing the "protocols ospf interface eth0.20 retransmit-interval 5" ... Elapsed 0.009 sec: Executing the "protocols ospf interface eth0.20 transmit-delay 1" ... Elapsed 0.009 sec: Executing the "protocols ospf interface eth0.130" ... Elapsed 0.010 sec: Executing the "protocols ospf interface eth0.130 cost 20" ... Elapsed 0.010 sec: Executing the "protocols ospf interface eth0.130 dead-interval 40" ... Elapsed 0.009 sec: Executing the "protocols ospf interface eth0.130 hello-interval 10" ... Elapsed 0.010 sec: Executing the "protocols ospf interface eth0.130 priority 1" ... Elapsed 0.009 sec: Executing the "protocols ospf interface eth0.130 retransmit-interval 5" ... Elapsed 0.010 sec: Executing the "protocols ospf interface eth0.130 transmit-delay 1" ... Elapsed 0.010 sec: Executing the "protocols ospf interface eth0.131" ... Elapsed 0.010 sec: Executing the "protocols ospf interface eth0.131 cost 20" ... Elapsed 0.010 sec: Executing the "protocols ospf interface eth0.131 dead-interval 40" ... Elapsed 0.010 sec: Executing the "protocols ospf interface eth0.131 hello-interval 10" ... Elapsed 0.010 sec: Executing the "protocols ospf interface eth0.131 priority 1" ... Elapsed 0.011 sec: Executing the "protocols ospf interface eth0.131 retransmit-interval 5" ... Elapsed 0.010 sec: Executing the "protocols ospf interface eth0.131 transmit-delay 1" ... Elapsed 0.011 sec: Executing the "protocols ospf interface eth0.140" ... Elapsed 0.011 sec: Executing the "protocols ospf interface eth0.140 cost 20" ... Elapsed 0.011 sec: Executing the "protocols ospf interface eth0.140 dead-interval 40" ... Elapsed 0.011 sec: Executing the "protocols ospf interface eth0.140 hello-interval 10" ... Elapsed 0.011 sec: Executing the "protocols ospf interface eth0.140 priority 1" ... Elapsed 0.011 sec: Executing the "protocols ospf interface eth0.140 retransmit-interval 5" ... Elapsed 0.011 sec: Executing the "protocols ospf interface eth0.140 transmit-delay 1" ... Elapsed 0.010 sec: Executing the "protocols ospf interface eth0.141" ... Elapsed 0.010 sec: Executing the "protocols ospf interface eth0.141 cost 20" ... Elapsed 0.011 sec: Executing the "protocols ospf interface eth0.141 dead-interval 40" ... Elapsed 0.010 sec: Executing the "protocols ospf interface eth0.141 hello-interval 10" ... Elapsed 0.011 sec: Executing the "protocols ospf interface eth0.141 priority 1" ... Elapsed 0.010 sec: Executing the "protocols ospf interface eth0.141 retransmit-interval 5" ... Elapsed 0.010 sec: Executing the "protocols ospf interface eth0.141 transmit-delay 1" ... Elapsed 0.010 sec: Executing the "protocols ospf interface eth0.150" ... Elapsed 0.011 sec: Executing the "protocols ospf interface eth0.160" ... Elapsed 0.011 sec: Executing the "protocols ospf interface eth0.170" ... Elapsed 0.011 sec: Executing the "protocols ospf interface eth0.262" ... Elapsed 0.011 sec: Executing the "protocols ospf interface eth0.262 cost 20" ... Elapsed 0.010 sec: Executing the "protocols ospf interface eth0.262 dead-interval 40" ... Elapsed 0.010 sec: Executing the "protocols ospf interface eth0.262 hello-interval 10" ... Elapsed 0.010 sec: Executing the "protocols ospf interface eth0.262 priority 1" ... Elapsed 0.010 sec: Executing the "protocols ospf interface eth0.262 retransmit-interval 5" ... Elapsed 0.011 sec: Executing the "protocols ospf interface eth0.262 transmit-delay 1" ... Elapsed 0.010 sec: Executing the "protocols ospf passive-interface default" ... Elapsed 0.005 sec: Executing the "protocols ospf redistribute static metric-type 2" ... Elapsed 0.010 sec: Elapsed 0.712 sec: _commit_check_cfg_node Entering the _commit_exec_cfg_node Executing the "protocols ospf" ... Elapsed 0.029 sec: Elapsed 0.029 sec: _commit_exec_cfg_node [[protocols ospf]] failed Entering the _commit_check_cfg_node Executing the "high-availability vrrp group eth0.10-10 address 193.201.42.62/27" ... Elapsed 0.020 sec: Executing the "high-availability vrrp group eth0.10-10 advertise-interval 1" ... Elapsed 0.010 sec: Executing the "high-availability vrrp group eth0.10-10 interface eth0.10" ... Elapsed 0.011 sec: Executing the "high-availability vrrp group eth0.10-10 priority 150" ... Elapsed 0.010 sec: Executing the "high-availability vrrp group eth0.10-10 vrid 10" ... Elapsed 0.010 sec: Executing the "high-availability vrrp group eth0.12-12 address 10.193.134.14/28" ... Elapsed 0.019 sec: Executing the "high-availability vrrp group eth0.12-12 advertise-interval 1" ... Elapsed 0.010 sec: Executing the "high-availability vrrp group eth0.12-12 interface eth0.12" ... Elapsed 0.011 sec: Executing the "high-availability vrrp group eth0.12-12 priority 150" ... Elapsed 0.011 sec: Executing the "high-availability vrrp group eth0.12-12 vrid 12" ... Elapsed 0.010 sec: Executing the "high-availability vrrp group eth0.130-130 address 193.201.42.14/28" ... Elapsed 0.019 sec: Executing the "high-availability vrrp group eth0.130-130 advertise-interval 1" ... Elapsed 0.010 sec: Executing the "high-availability vrrp group eth0.130-130 interface eth0.130" ... Elapsed 0.011 sec: Executing the "high-availability vrrp group eth0.130-130 priority 150" ... Elapsed 0.010 sec: Executing the "high-availability vrrp group eth0.130-130 vrid 130" ... Elapsed 0.010 sec: Executing the "high-availability vrrp group eth0.131-131 address 212.9.23.6/29" ... Elapsed 0.019 sec: Executing the "high-availability vrrp group eth0.131-131 advertise-interval 1" ... Elapsed 0.010 sec: Executing the "high-availability vrrp group eth0.131-131 interface eth0.131" ... Elapsed 0.011 sec: Executing the "high-availability vrrp group eth0.131-131 priority 150" ... Elapsed 0.011 sec: Executing the "high-availability vrrp group eth0.131-131 vrid 131" ... Elapsed 0.011 sec: Executing the "high-availability vrrp group eth0.140-140 address 193.201.42.94/28" ... Elapsed 0.019 sec: Executing the "high-availability vrrp group eth0.140-140 advertise-interval 1" ... Elapsed 0.018 sec: Executing the "high-availability vrrp group eth0.140-140 interface eth0.140" ... Elapsed 0.010 sec: Executing the "high-availability vrrp group eth0.140-140 priority 150" ... Elapsed 0.010 sec: Executing the "high-availability vrrp group eth0.140-140 vrid 140" ... Elapsed 0.010 sec: Executing the "high-availability vrrp group eth0.141-141 address 10.193.132.254/24" ... Elapsed 0.018 sec: Executing the "high-availability vrrp group eth0.141-141 advertise-interval 1" ... Elapsed 0.010 sec: Executing the "high-availability vrrp group eth0.141-141 interface eth0.141" ... Elapsed 0.010 sec: Executing the "high-availability vrrp group eth0.141-141 priority 150" ... Elapsed 0.010 sec: Executing the "high-availability vrrp group eth0.141-141 vrid 141" ... Elapsed 0.010 sec: Executing the "high-availability vrrp group eth0.262-262 address 193.201.42.78/29" ... Elapsed 0.018 sec: Executing the "high-availability vrrp group eth0.262-262 advertise-interval 1" ... Elapsed 0.010 sec: Executing the "high-availability vrrp group eth0.262-262 interface eth0.262" ... Elapsed 0.010 sec: Executing the "high-availability vrrp group eth0.262-262 priority 150" ... Elapsed 0.010 sec: Executing the "high-availability vrrp group eth0.262-262 vrid 62" ... Elapsed 0.010 sec: Elapsed 0.445 sec: _commit_check_cfg_node Entering the _commit_exec_cfg_node Executing the "high-availability" ... Elapsed 1.031 sec: Elapsed 1.031 sec: _commit_exec_cfg_node Entering the _commit_check_cfg_node Executing the "service snmp community [redacted]" ... Elapsed 0.005 sec: Executing the "service snmp community [redacted] authorization ro" ... Elapsed 0.005 sec: Executing the "service snmp community [redacted] network 193.201.42.0/24" ... Elapsed 0.025 sec: Elapsed 0.036 sec: _commit_check_cfg_node Entering the _commit_exec_cfg_node Executing the "service snmp" ... Elapsed 4.957 sec: Elapsed 4.957 sec: _commit_exec_cfg_node Entering the _commit_check_cfg_node Executing the "service ntp allow-client address 0.0.0.0/0" ... Elapsed 0.012 sec: Executing the "service ntp allow-client address ::/0" ... Elapsed 0.011 sec: Executing the "service ntp server 193.201.42.81" ... Elapsed 0.013 sec: Executing the "service ntp server 193.201.42.87" ... Elapsed 0.013 sec: Executing the "service ntp server 193.201.42.97" ... Elapsed 0.013 sec: Executing the "service ntp server 193.201.42.103" ... Elapsed 0.013 sec: Elapsed 0.078 sec: _commit_check_cfg_node Entering the _commit_exec_cfg_node Executing the "service ntp" ... Elapsed 1.299 sec: Elapsed 1.299 sec: _commit_exec_cfg_node Entering the _commit_check_cfg_node Executing the "service dhcp-server shared-network-name vlan10" ... Elapsed 0.006 sec: Executing the "service dhcp-server shared-network-name vlan10 subnet 193.201.42.32/27" ... Elapsed 0.012 sec: Executing the "service dhcp-server shared-network-name vlan10 subnet 193.201.42.32/27 default-router 193.201.42.62" ... Elapsed 0.011 sec: Executing the "service dhcp-server shared-network-name vlan10 subnet 193.201.42.32/27 lease 10800" ... Elapsed 0.010 sec: Executing the "service dhcp-server shared-network-name vlan10 subnet 193.201.42.32/27 name-server 193.201.42.9" ... Elapsed 0.011 sec: Executing the "service dhcp-server shared-network-name vlan10 subnet 193.201.42.32/27 name-server 193.201.42.130" ... Elapsed 0.011 sec: Executing the "service dhcp-server shared-network-name vlan10 subnet 193.201.42.32/27 range 0" ... Elapsed 0.005 sec: Executing the "service dhcp-server shared-network-name vlan10 subnet 193.201.42.32/27 range 0 start 193.201.42.38" ... Elapsed 0.011 sec: Executing the "service dhcp-server shared-network-name vlan10 subnet 193.201.42.32/27 range 0 stop 193.201.42.39" ... Elapsed 0.011 sec: Executing the "service dhcp-server shared-network-name vlan10 subnet 193.201.42.32/27 static-mapping m53" ... Elapsed 0.005 sec: Executing the "service dhcp-server shared-network-name vlan10 subnet 193.201.42.32/27 static-mapping m53 ip-address 193.201.42.43" ... Elapsed 0.011 sec: Executing the "service dhcp-server shared-network-name vlan10 subnet 193.201.42.32/27 static-mapping m53 mac-address B8:6B:23:D9:91:79" ... Elapsed 0.013 sec: Executing the "service dhcp-server shared-network-name vlan10 subnet 193.201.42.32/27 static-mapping m57" ... Elapsed 0.005 sec: Executing the "service dhcp-server shared-network-name vlan10 subnet 193.201.42.32/27 static-mapping m57 ip-address 193.201.42.44" ... Elapsed 0.011 sec: Executing the "service dhcp-server shared-network-name vlan10 subnet 193.201.42.32/27 static-mapping m57 mac-address B8:6B:23:3A:1A:83" ... Elapsed 0.013 sec: Executing the "service dhcp-server shared-network-name vlan12" ... Elapsed 0.005 sec: Executing the "service dhcp-server shared-network-name vlan12 subnet 10.193.134.0/28" ... Elapsed 0.011 sec: Executing the "service dhcp-server shared-network-name vlan12 subnet 10.193.134.0/28 default-router 10.193.134.14" ... Elapsed 0.011 sec: Executing the "service dhcp-server shared-network-name vlan12 subnet 10.193.134.0/28 lease 10800" ... Elapsed 0.009 sec: Executing the "service dhcp-server shared-network-name vlan12 subnet 10.193.134.0/28 name-server 193.201.42.9" ... Elapsed 0.011 sec: Executing the "service dhcp-server shared-network-name vlan12 subnet 10.193.134.0/28 name-server 193.201.42.130" ... Elapsed 0.011 sec: Executing the "service dhcp-server shared-network-name vlan12 subnet 10.193.134.0/28 range 0" ... Elapsed 0.005 sec: Executing the "service dhcp-server shared-network-name vlan12 subnet 10.193.134.0/28 range 0 start 10.193.134.2" ... Elapsed 0.011 sec: Executing the "service dhcp-server shared-network-name vlan12 subnet 10.193.134.0/28 range 0 stop 10.193.134.7" ... Elapsed 0.011 sec: Executing the "service dhcp-server shared-network-name vlan12 subnet 10.193.134.0/28 static-mapping m88" ... Elapsed 0.005 sec: Executing the "service dhcp-server shared-network-name vlan12 subnet 10.193.134.0/28 static-mapping m88 ip-address 10.193.134.1" ... Elapsed 0.011 sec: Executing the "service dhcp-server shared-network-name vlan12 subnet 10.193.134.0/28 static-mapping m88 mac-address 88:d8:2e:69:35:ac" ... Elapsed 0.013 sec: Executing the "service dhcp-server shared-network-name vlan141" ... Elapsed 0.005 sec: Executing the "service dhcp-server shared-network-name vlan141 subnet 10.193.132.0/24" ... Elapsed 0.011 sec: Executing the "service dhcp-server shared-network-name vlan141 subnet 10.193.132.0/24 default-router 10.193.132.254" ... Elapsed 0.011 sec: Executing the "service dhcp-server shared-network-name vlan141 subnet 10.193.132.0/24 lease 10800" ... Elapsed 0.009 sec: Executing the "service dhcp-server shared-network-name vlan141 subnet 10.193.132.0/24 name-server 193.201.42.9" ... Elapsed 0.012 sec: Executing the "service dhcp-server shared-network-name vlan141 subnet 10.193.132.0/24 name-server 193.201.42.130" ... Elapsed 0.011 sec: Executing the "service dhcp-server shared-network-name vlan141 subnet 10.193.132.0/24 range 0" ... Elapsed 0.005 sec: Executing the "service dhcp-server shared-network-name vlan141 subnet 10.193.132.0/24 range 0 start 10.193.132.111" ... Elapsed 0.011 sec: Executing the "service dhcp-server shared-network-name vlan141 subnet 10.193.132.0/24 range 0 stop 10.193.132.119" ... Elapsed 0.011 sec: Executing the "service dhcp-server shared-network-name vlan141 subnet 10.193.132.0/24 static-mapping ha-w01" ... Elapsed 0.005 sec: Executing the "service dhcp-server shared-network-name vlan141 subnet 10.193.132.0/24 static-mapping ha-w01 ip-address 10.193.132.11" ... Elapsed 0.013 sec: Executing the "service dhcp-server shared-network-name vlan141 subnet 10.193.132.0/24 static-mapping ha-w01 mac-address 74:ac:b9:18:c4:d9" ... Elapsed 0.015 sec: Elapsed 0.402 sec: _commit_check_cfg_node Entering the _commit_exec_cfg_node Executing the "service dhcp-server" ... Elapsed 1.237 sec: Elapsed 1.238 sec: _commit_exec_cfg_node Entering the _commit_check_cfg_node Executing the "service ssh port 22" ... Elapsed 0.011 sec: Elapsed 0.011 sec: _commit_check_cfg_node Entering the _commit_exec_cfg_node Executing the "service ssh" ... Elapsed 1.096 sec: Elapsed 1.096 sec: _commit_exec_cfg_node Elapsed 48.616 sec: Commit execute priority tree Commit failed itconsult@ha-r02a:~$ itconsult@ha-r02a:~$ itconsult@ha-r02a:~$ itconsult@ha-r02a:~$ itconsult@ha-r02a:~$ sh conf c | strip-private set firewall global-options all-ping 'enable' set firewall global-options broadcast-ping 'disable' set firewall global-options ip-src-route 'disable' set firewall global-options ipv6-receive-redirects 'disable' set firewall global-options ipv6-src-route 'disable' set firewall global-options log-martians 'enable' set firewall global-options receive-redirects 'disable' set firewall global-options send-redirects 'enable' set firewall global-options source-validation 'disable' set firewall global-options syn-cookies 'enable' set firewall global-options twa-hazards-protection 'disable' set firewall group network-group internaladdresses network 'xxx.xxx.42.0/24' set firewall group network-group internaladdresses network 'xxx.xxx.23.0/29' set firewall group network-group internaladdresses network 'xxx.xxx.203.24/29' set firewall group network-group internaladdresses network 'xxx.xxx.69.64/29' set firewall group network-group internaladdresses network 'xxx.xxx.72.64/29' set firewall group network-group internaladdresses network 'xxx.xxx.4.208/29' set firewall group network-group itconsult network 'xxx.xxx.42.0/24' set firewall group network-group itconsult network 'xxx.xxx.134.0/24' set firewall group network-group outviajt network 'xxx.xxx.23.0/29' set firewall group network-group smbtom86 network 'xxx.xxx.144.150/32' set firewall group network-group smbtom86 network 'xxx.xxx.29.81/32' set firewall ipv4 forward filter default-action 'accept' set firewall ipv4 forward filter rule 5 action 'jump' set firewall ipv4 forward filter rule 5 inbound-interface name 'eth0.10' set firewall ipv4 forward filter rule 5 jump-target 'FROM-INSIDEH' set firewall ipv4 forward filter rule 10 action 'jump' set firewall ipv4 forward filter rule 10 inbound-interface name 'eth0.12' set firewall ipv4 forward filter rule 10 jump-target 'FROM-MR' set firewall ipv4 forward filter rule 15 action 'jump' set firewall ipv4 forward filter rule 15 inbound-interface name 'eth0.130' set firewall ipv4 forward filter rule 15 jump-target 'FROM-HAHOSTING' set firewall ipv4 forward filter rule 20 action 'jump' set firewall ipv4 forward filter rule 20 inbound-interface name 'eth0.131' set firewall ipv4 forward filter rule 20 jump-target 'FROM-HAJTHOSTING' set firewall ipv4 forward filter rule 25 action 'jump' set firewall ipv4 forward filter rule 25 inbound-interface name 'eth0.140' set firewall ipv4 forward filter rule 25 jump-target 'FROM-HAVIRT' set firewall ipv4 forward filter rule 30 action 'jump' set firewall ipv4 forward filter rule 30 inbound-interface name 'eth0.141' set firewall ipv4 forward filter rule 30 jump-target 'FROM-HAUNIFI' set firewall ipv4 forward filter rule 35 action 'jump' set firewall ipv4 forward filter rule 35 inbound-interface name 'eth0.262' set firewall ipv4 forward filter rule 35 jump-target 'FROM-HAEMAIL' set firewall ipv4 forward filter rule 40 action 'jump' set firewall ipv4 forward filter rule 40 jump-target 'TO-INSIDEH' set firewall ipv4 forward filter rule 40 outbound-interface name 'eth0.10' set firewall ipv4 forward filter rule 45 action 'jump' set firewall ipv4 forward filter rule 45 jump-target 'TO-MR' set firewall ipv4 forward filter rule 45 outbound-interface name 'eth0.12' set firewall ipv4 forward filter rule 50 action 'jump' set firewall ipv4 forward filter rule 50 jump-target 'TO-HAHOSTING' set firewall ipv4 forward filter rule 50 outbound-interface name 'eth0.130' set firewall ipv4 forward filter rule 55 action 'jump' set firewall ipv4 forward filter rule 55 jump-target 'TO-HAJTHOSTING' set firewall ipv4 forward filter rule 55 outbound-interface name 'eth0.131' set firewall ipv4 forward filter rule 60 action 'jump' set firewall ipv4 forward filter rule 60 jump-target 'TO-HAVIRT' set firewall ipv4 forward filter rule 60 outbound-interface name 'eth0.140' set firewall ipv4 forward filter rule 65 action 'jump' set firewall ipv4 forward filter rule 65 jump-target 'TO-HAUNIFI' set firewall ipv4 forward filter rule 65 outbound-interface name 'eth0.141' set firewall ipv4 forward filter rule 70 action 'jump' set firewall ipv4 forward filter rule 70 jump-target 'TO-HAEMAIL' set firewall ipv4 forward filter rule 70 outbound-interface name 'eth0.262' set firewall ipv4 input filter default-action 'accept' set firewall ipv4 input filter rule 5 action 'jump' set firewall ipv4 input filter rule 5 inbound-interface name 'dum1' set firewall ipv4 input filter rule 5 jump-target 'TO-ROUTER' set firewall ipv4 input filter rule 10 action 'jump' set firewall ipv4 input filter rule 10 inbound-interface name 'eth0.10' set firewall ipv4 input filter rule 10 jump-target 'TO-ROUTER' set firewall ipv4 input filter rule 15 action 'jump' set firewall ipv4 input filter rule 15 inbound-interface name 'eth0.12' set firewall ipv4 input filter rule 15 jump-target 'TO-ROUTER' set firewall ipv4 input filter rule 20 action 'jump' set firewall ipv4 input filter rule 20 inbound-interface name 'eth0.20' set firewall ipv4 input filter rule 20 jump-target 'TO-ROUTER' set firewall ipv4 input filter rule 25 action 'jump' set firewall ipv4 input filter rule 25 inbound-interface name 'eth0.130' set firewall ipv4 input filter rule 25 jump-target 'TO-ROUTER' set firewall ipv4 input filter rule 30 action 'jump' set firewall ipv4 input filter rule 30 inbound-interface name 'eth0.131' set firewall ipv4 input filter rule 30 jump-target 'TO-ROUTER' set firewall ipv4 input filter rule 35 action 'jump' set firewall ipv4 input filter rule 35 inbound-interface name 'eth0.140' set firewall ipv4 input filter rule 35 jump-target 'TO-ROUTER' set firewall ipv4 input filter rule 40 action 'jump' set firewall ipv4 input filter rule 40 inbound-interface name 'eth0.141' set firewall ipv4 input filter rule 40 jump-target 'TO-ROUTER' set firewall ipv4 input filter rule 45 action 'jump' set firewall ipv4 input filter rule 45 inbound-interface name 'eth0.262' set firewall ipv4 input filter rule 45 jump-target 'TO-ROUTER' set firewall ipv4 name FROM-HAEMAIL default-action 'drop' set firewall ipv4 name FROM-HAEMAIL rule 10 action 'return' set firewall ipv4 name FROM-HAEMAIL rule 10 description 'TCP to itconsult' set firewall ipv4 name FROM-HAEMAIL rule 10 destination address 'xxx.xxx.42.0/24' set firewall ipv4 name FROM-HAEMAIL rule 10 destination port 'domain,www,https,smtp,ldap,ldaps' set firewall ipv4 name FROM-HAEMAIL rule 10 protocol 'tcp' set firewall ipv4 name FROM-HAEMAIL rule 10 source address 'xxx.xxx.42.72/29' set firewall ipv4 name FROM-HAEMAIL rule 11 action 'return' set firewall ipv4 name FROM-HAEMAIL rule 11 description 'UDP to itconsult' set firewall ipv4 name FROM-HAEMAIL rule 11 destination address 'xxx.xxx.42.0/24' set firewall ipv4 name FROM-HAEMAIL rule 11 destination port 'domain,ntp,syslog,ldap,ldaps' set firewall ipv4 name FROM-HAEMAIL rule 11 protocol 'udp' set firewall ipv4 name FROM-HAEMAIL rule 11 source address 'xxx.xxx.42.72/29' set firewall ipv4 name FROM-HAEMAIL rule 110 action 'return' set firewall ipv4 name FROM-HAEMAIL rule 110 description 'Outgoing SMTP' set firewall ipv4 name FROM-HAEMAIL rule 110 destination port 'smtp' set firewall ipv4 name FROM-HAEMAIL rule 110 protocol 'tcp' set firewall ipv4 name FROM-HAEMAIL rule 110 source address 'xxx.xxx.42.72/29' set firewall ipv4 name FROM-HAEMAIL rule 120 action 'return' set firewall ipv4 name FROM-HAEMAIL rule 120 description 'Internet Browsing (normally disabled)' set firewall ipv4 name FROM-HAEMAIL rule 120 destination port 'www,https' set firewall ipv4 name FROM-HAEMAIL rule 120 disable set firewall ipv4 name FROM-HAEMAIL rule 120 protocol 'tcp' set firewall ipv4 name FROM-HAEMAIL rule 120 source address 'xxx.xxx.42.72/29' set firewall ipv4 name FROM-HAEMAIL rule 996 action 'return' set firewall ipv4 name FROM-HAEMAIL rule 996 description 'ICMP throughout' set firewall ipv4 name FROM-HAEMAIL rule 996 protocol 'icmp' set firewall ipv4 name FROM-HAEMAIL rule 997 action 'return' set firewall ipv4 name FROM-HAEMAIL rule 997 description 'Firewall return traffic' set firewall ipv4 name FROM-HAEMAIL rule 997 state 'established' set firewall ipv4 name FROM-HAEMAIL rule 997 state 'related' set firewall ipv4 name FROM-HAEMAIL rule 999 action 'reject' set firewall ipv4 name FROM-HAEMAIL rule 999 description 'Block' set firewall ipv4 name FROM-HAEMAIL rule 999 protocol 'all' set firewall ipv4 name FROM-HAHOSTING default-action 'drop' set firewall ipv4 name FROM-HAHOSTING rule 10 action 'return' set firewall ipv4 name FROM-HAHOSTING rule 10 description 'TCP to itconsult' set firewall ipv4 name FROM-HAHOSTING rule 10 destination address 'xxx.xxx.42.0/24' set firewall ipv4 name FROM-HAHOSTING rule 10 destination port 'domain,smtp,5667' set firewall ipv4 name FROM-HAHOSTING rule 10 protocol 'tcp' set firewall ipv4 name FROM-HAHOSTING rule 10 source address 'xxx.xxx.42.0/28' set firewall ipv4 name FROM-HAHOSTING rule 11 action 'return' set firewall ipv4 name FROM-HAHOSTING rule 11 description 'UDP to itconsult' set firewall ipv4 name FROM-HAHOSTING rule 11 destination address 'xxx.xxx.42.0/24' set firewall ipv4 name FROM-HAHOSTING rule 11 destination port 'domain,ntp,syslog' set firewall ipv4 name FROM-HAHOSTING rule 11 protocol 'udp' set firewall ipv4 name FROM-HAHOSTING rule 11 source address 'xxx.xxx.42.0/28' set firewall ipv4 name FROM-HAHOSTING rule 110 action 'return' set firewall ipv4 name FROM-HAHOSTING rule 110 description 'Outgoing SMTP' set firewall ipv4 name FROM-HAHOSTING rule 110 destination port 'smtp' set firewall ipv4 name FROM-HAHOSTING rule 110 protocol 'tcp' set firewall ipv4 name FROM-HAHOSTING rule 110 source address 'xxx.xxx.42.0/28' set firewall ipv4 name FROM-HAHOSTING rule 120 action 'return' set firewall ipv4 name FROM-HAHOSTING rule 120 description 'Outgoing DNS' set firewall ipv4 name FROM-HAHOSTING rule 120 destination port 'domain' set firewall ipv4 name FROM-HAHOSTING rule 120 protocol 'udp' set firewall ipv4 name FROM-HAHOSTING rule 120 source address 'xxx.xxx.42.0/28' set firewall ipv4 name FROM-HAHOSTING rule 121 action 'return' set firewall ipv4 name FROM-HAHOSTING rule 121 description 'Outgoing DNS' set firewall ipv4 name FROM-HAHOSTING rule 121 destination port 'domain' set firewall ipv4 name FROM-HAHOSTING rule 121 protocol 'tcp' set firewall ipv4 name FROM-HAHOSTING rule 121 source address 'xxx.xxx.42.0/28' set firewall ipv4 name FROM-HAHOSTING rule 130 action 'return' set firewall ipv4 name FROM-HAHOSTING rule 130 description 'Internet Browsing (normally disabled)' set firewall ipv4 name FROM-HAHOSTING rule 130 destination port 'www,https' set firewall ipv4 name FROM-HAHOSTING rule 130 protocol 'tcp' set firewall ipv4 name FROM-HAHOSTING rule 130 source address 'xxx.xxx.42.0/28' set firewall ipv4 name FROM-HAHOSTING rule 140 action 'return' set firewall ipv4 name FROM-HAHOSTING rule 140 description 'm64 outgoing re Cattools' set firewall ipv4 name FROM-HAHOSTING rule 140 destination port 'telnet,ssh,445' set firewall ipv4 name FROM-HAHOSTING rule 140 protocol 'tcp' set firewall ipv4 name FROM-HAHOSTING rule 140 source address 'xxx.xxx.42.10/32' set firewall ipv4 name FROM-HAHOSTING rule 141 action 'return' set firewall ipv4 name FROM-HAHOSTING rule 141 description 'm71 ssh' set firewall ipv4 name FROM-HAHOSTING rule 141 destination port 'ssh' set firewall ipv4 name FROM-HAHOSTING rule 141 protocol 'tcp' set firewall ipv4 name FROM-HAHOSTING rule 141 source address 'xxx.xxx.42.7/32' set firewall ipv4 name FROM-HAHOSTING rule 996 action 'return' set firewall ipv4 name FROM-HAHOSTING rule 996 description 'ICMP throughout' set firewall ipv4 name FROM-HAHOSTING rule 996 protocol 'icmp' set firewall ipv4 name FROM-HAHOSTING rule 997 action 'return' set firewall ipv4 name FROM-HAHOSTING rule 997 description 'Firewall return traffic' set firewall ipv4 name FROM-HAHOSTING rule 997 state 'established' set firewall ipv4 name FROM-HAHOSTING rule 997 state 'related' set firewall ipv4 name FROM-HAHOSTING rule 999 action 'reject' set firewall ipv4 name FROM-HAHOSTING rule 999 description 'Block' set firewall ipv4 name FROM-HAHOSTING rule 999 protocol 'all' set firewall ipv4 name FROM-HAJTHOSTING default-action 'drop' set firewall ipv4 name FROM-HAJTHOSTING rule 10 action 'return' set firewall ipv4 name FROM-HAJTHOSTING rule 10 description 'TCP to itconsult' set firewall ipv4 name FROM-HAJTHOSTING rule 10 destination address 'xxx.xxx.42.0/24' set firewall ipv4 name FROM-HAJTHOSTING rule 10 destination port 'domain,www,https,smtp' set firewall ipv4 name FROM-HAJTHOSTING rule 10 protocol 'tcp' set firewall ipv4 name FROM-HAJTHOSTING rule 10 source address 'xxx.xxx.23.0/29' set firewall ipv4 name FROM-HAJTHOSTING rule 11 action 'return' set firewall ipv4 name FROM-HAJTHOSTING rule 11 description 'UDP to itconsult' set firewall ipv4 name FROM-HAJTHOSTING rule 11 destination address 'xxx.xxx.42.0/24' set firewall ipv4 name FROM-HAJTHOSTING rule 11 destination port 'domain,ntp,syslog,ldap,ldaps' set firewall ipv4 name FROM-HAJTHOSTING rule 11 protocol 'udp' set firewall ipv4 name FROM-HAJTHOSTING rule 11 source address 'xxx.xxx.23.0/29' set firewall ipv4 name FROM-HAJTHOSTING rule 110 action 'return' set firewall ipv4 name FROM-HAJTHOSTING rule 110 description 'Outgoing SMTP from m81' set firewall ipv4 name FROM-HAJTHOSTING rule 110 destination port 'smtp' set firewall ipv4 name FROM-HAJTHOSTING rule 110 protocol 'tcp' set firewall ipv4 name FROM-HAJTHOSTING rule 110 source address 'xxx.xxx.23.2/32' set firewall ipv4 name FROM-HAJTHOSTING rule 120 action 'return' set firewall ipv4 name FROM-HAJTHOSTING rule 120 description 'Internet Browsing (normally disabled)' set firewall ipv4 name FROM-HAJTHOSTING rule 120 destination port 'www,https' set firewall ipv4 name FROM-HAJTHOSTING rule 120 disable set firewall ipv4 name FROM-HAJTHOSTING rule 120 protocol 'tcp' set firewall ipv4 name FROM-HAJTHOSTING rule 120 source address 'xxx.xxx.23.0/29' set firewall ipv4 name FROM-HAJTHOSTING rule 130 action 'return' set firewall ipv4 name FROM-HAJTHOSTING rule 130 description 'TEMP Outgoing Kali (normally disabled)' set firewall ipv4 name FROM-HAJTHOSTING rule 130 disable set firewall ipv4 name FROM-HAJTHOSTING rule 130 source address 'xxx.xxx.23.3/32' set firewall ipv4 name FROM-HAJTHOSTING rule 996 action 'return' set firewall ipv4 name FROM-HAJTHOSTING rule 996 description 'ICMP throughout' set firewall ipv4 name FROM-HAJTHOSTING rule 996 protocol 'icmp' set firewall ipv4 name FROM-HAJTHOSTING rule 997 action 'return' set firewall ipv4 name FROM-HAJTHOSTING rule 997 description 'Firewall return traffic' set firewall ipv4 name FROM-HAJTHOSTING rule 997 state 'established' set firewall ipv4 name FROM-HAJTHOSTING rule 997 state 'related' set firewall ipv4 name FROM-HAJTHOSTING rule 999 action 'reject' set firewall ipv4 name FROM-HAJTHOSTING rule 999 description 'Block' set firewall ipv4 name FROM-HAJTHOSTING rule 999 protocol 'all' set firewall ipv4 name FROM-HAUNIFI default-action 'drop' set firewall ipv4 name FROM-HAUNIFI rule 10 action 'return' set firewall ipv4 name FROM-HAUNIFI rule 10 description 'TCP to itconsult' set firewall ipv4 name FROM-HAUNIFI rule 10 destination address 'xxx.xxx.42.0/24' set firewall ipv4 name FROM-HAUNIFI rule 10 destination port 'domain,smtp' set firewall ipv4 name FROM-HAUNIFI rule 10 protocol 'tcp' set firewall ipv4 name FROM-HAUNIFI rule 10 source address 'xxx.xxx.132.0/24' set firewall ipv4 name FROM-HAUNIFI rule 11 action 'return' set firewall ipv4 name FROM-HAUNIFI rule 11 description 'UDP to itconsult' set firewall ipv4 name FROM-HAUNIFI rule 11 destination address 'xxx.xxx.42.0/24' set firewall ipv4 name FROM-HAUNIFI rule 11 destination port 'domain,ntp,syslog' set firewall ipv4 name FROM-HAUNIFI rule 11 protocol 'udp' set firewall ipv4 name FROM-HAUNIFI rule 11 source address 'xxx.xxx.132.0/24' set firewall ipv4 name FROM-HAUNIFI rule 120 action 'return' set firewall ipv4 name FROM-HAUNIFI rule 120 description 'Internet Browsing (normally disabled)' set firewall ipv4 name FROM-HAUNIFI rule 120 destination port 'www,https' set firewall ipv4 name FROM-HAUNIFI rule 120 disable set firewall ipv4 name FROM-HAUNIFI rule 120 protocol 'tcp' set firewall ipv4 name FROM-HAUNIFI rule 120 source address 'xxx.xxx.132.0/24' set firewall ipv4 name FROM-HAUNIFI rule 996 action 'return' set firewall ipv4 name FROM-HAUNIFI rule 996 description 'ICMP throughout' set firewall ipv4 name FROM-HAUNIFI rule 996 protocol 'icmp' set firewall ipv4 name FROM-HAUNIFI rule 997 action 'return' set firewall ipv4 name FROM-HAUNIFI rule 997 description 'Firewall return traffic' set firewall ipv4 name FROM-HAUNIFI rule 997 state 'established' set firewall ipv4 name FROM-HAUNIFI rule 997 state 'related' set firewall ipv4 name FROM-HAUNIFI rule 999 action 'reject' set firewall ipv4 name FROM-HAUNIFI rule 999 description 'Block' set firewall ipv4 name FROM-HAUNIFI rule 999 protocol 'all' set firewall ipv4 name FROM-HAVIRT default-action 'drop' set firewall ipv4 name FROM-HAVIRT rule 10 action 'return' set firewall ipv4 name FROM-HAVIRT rule 10 description 'All traffic to itconsult' set firewall ipv4 name FROM-HAVIRT rule 10 destination address 'xxx.xxx.42.0/24' set firewall ipv4 name FROM-HAVIRT rule 10 protocol 'all' set firewall ipv4 name FROM-HAVIRT rule 10 source address 'xxx.xxx.42.80/28' set firewall ipv4 name FROM-HAVIRT rule 11 action 'return' set firewall ipv4 name FROM-HAVIRT rule 11 description 'All traffic to itconsult - vlan 121' set firewall ipv4 name FROM-HAVIRT rule 11 destination address 'xxx.xxx.4.208/29' set firewall ipv4 name FROM-HAVIRT rule 11 protocol 'all' set firewall ipv4 name FROM-HAVIRT rule 11 source address 'xxx.xxx.42.80/28' set firewall ipv4 name FROM-HAVIRT rule 20 action 'return' set firewall ipv4 name FROM-HAVIRT rule 20 description 'NTP' set firewall ipv4 name FROM-HAVIRT rule 20 destination port 'ntp' set firewall ipv4 name FROM-HAVIRT rule 20 protocol 'udp' set firewall ipv4 name FROM-HAVIRT rule 20 source address 'xxx.xxx.42.80/28' set firewall ipv4 name FROM-HAVIRT rule 30 action 'return' set firewall ipv4 name FROM-HAVIRT rule 30 description 'Browsing' set firewall ipv4 name FROM-HAVIRT rule 30 destination port 'www,https' set firewall ipv4 name FROM-HAVIRT rule 30 protocol 'tcp' set firewall ipv4 name FROM-HAVIRT rule 30 source address 'xxx.xxx.42.80/28' set firewall ipv4 name FROM-HAVIRT rule 996 action 'return' set firewall ipv4 name FROM-HAVIRT rule 996 description 'ICMP throughout' set firewall ipv4 name FROM-HAVIRT rule 996 protocol 'icmp' set firewall ipv4 name FROM-HAVIRT rule 997 action 'return' set firewall ipv4 name FROM-HAVIRT rule 997 description 'Firewall return traffic' set firewall ipv4 name FROM-HAVIRT rule 997 state 'established' set firewall ipv4 name FROM-HAVIRT rule 997 state 'related' set firewall ipv4 name FROM-HAVIRT rule 999 action 'reject' set firewall ipv4 name FROM-HAVIRT rule 999 description 'Block' set firewall ipv4 name FROM-HAVIRT rule 999 protocol 'all' set firewall ipv4 name FROM-INSIDEH default-action 'drop' set firewall ipv4 name FROM-INSIDEH rule 11 action 'return' set firewall ipv4 name FROM-INSIDEH rule 11 description 'Allow printer l01 only to local' set firewall ipv4 name FROM-INSIDEH rule 11 destination group network-group 'itconsult' set firewall ipv4 name FROM-INSIDEH rule 11 protocol 'all' set firewall ipv4 name FROM-INSIDEH rule 11 source address 'xxx.xxx.42.37/32' set firewall ipv4 name FROM-INSIDEH rule 12 action 'reject' set firewall ipv4 name FROM-INSIDEH rule 12 description 'Deny printer l01 to Internet' set firewall ipv4 name FROM-INSIDEH rule 12 protocol 'all' set firewall ipv4 name FROM-INSIDEH rule 12 source address 'xxx.xxx.42.37/32' set firewall ipv4 name FROM-INSIDEH rule 101 action 'return' set firewall ipv4 name FROM-INSIDEH rule 101 description 'All outgoing' set firewall ipv4 name FROM-INSIDEH rule 101 protocol 'all' set firewall ipv4 name FROM-INSIDEH rule 101 source address 'xxx.xxx.42.0/26' set firewall ipv4 name FROM-INSIDEH rule 102 action 'return' set firewall ipv4 name FROM-INSIDEH rule 102 description 'All outgoing from JT subnet' set firewall ipv4 name FROM-INSIDEH rule 102 protocol 'all' set firewall ipv4 name FROM-INSIDEH rule 102 source address 'xxx.xxx.23.0/29' set firewall ipv4 name FROM-INSIDEH rule 991 action 'reject' set firewall ipv4 name FROM-INSIDEH rule 991 description 'Reject broadcast without logging' set firewall ipv4 name FROM-INSIDEH rule 991 destination address 'xxx.xxx.16.7' set firewall ipv4 name FROM-INSIDEH rule 991 protocol 'all' set firewall ipv4 name FROM-INSIDEH rule 998 action 'reject' set firewall ipv4 name FROM-INSIDEH rule 998 description 'Reject broadcast without logging' set firewall ipv4 name FROM-INSIDEH rule 998 destination address 'xxx.xxx.42.127' set firewall ipv4 name FROM-INSIDEH rule 998 protocol 'all' set firewall ipv4 name FROM-INSIDEH rule 999 action 'reject' set firewall ipv4 name FROM-INSIDEH rule 999 description 'Block' set firewall ipv4 name FROM-INSIDEH rule 999 protocol 'all' set firewall ipv4 name FROM-MR default-action 'drop' set firewall ipv4 name FROM-MR rule 10 action 'return' set firewall ipv4 name FROM-MR rule 10 description 'All Outgoing' set firewall ipv4 name FROM-MR rule 10 protocol 'all' set firewall ipv4 name FROM-MR rule 10 source address 'xxx.xxx.134.0/24' set firewall ipv4 name FROM-MR rule 996 action 'return' set firewall ipv4 name FROM-MR rule 996 description 'ICMP throughout' set firewall ipv4 name FROM-MR rule 996 protocol 'icmp' set firewall ipv4 name FROM-MR rule 997 action 'return' set firewall ipv4 name FROM-MR rule 997 description 'Firewall return traffic' set firewall ipv4 name FROM-MR rule 997 state 'established' set firewall ipv4 name FROM-MR rule 997 state 'related' set firewall ipv4 name FROM-MR rule 999 action 'reject' set firewall ipv4 name FROM-MR rule 999 description 'Block' set firewall ipv4 name FROM-MR rule 999 protocol 'all' set firewall ipv4 name TO-HAEMAIL default-action 'drop' set firewall ipv4 name TO-HAEMAIL rule 10 action 'return' set firewall ipv4 name TO-HAEMAIL rule 10 description 'TCP from itconsult' set firewall ipv4 name TO-HAEMAIL rule 10 destination address 'xxx.xxx.42.72/29' set firewall ipv4 name TO-HAEMAIL rule 10 destination port 'ssh,smtp,pop3,imap,imaps,submission' set firewall ipv4 name TO-HAEMAIL rule 10 protocol 'tcp' set firewall ipv4 name TO-HAEMAIL rule 10 source address 'xxx.xxx.42.0/24' set firewall ipv4 name TO-HAEMAIL rule 11 action 'return' set firewall ipv4 name TO-HAEMAIL rule 11 description 'UDP from itconsult' set firewall ipv4 name TO-HAEMAIL rule 11 destination address 'xxx.xxx.42.72/29' set firewall ipv4 name TO-HAEMAIL rule 11 destination port 'snmp' set firewall ipv4 name TO-HAEMAIL rule 11 protocol 'udp' set firewall ipv4 name TO-HAEMAIL rule 11 source address 'xxx.xxx.42.0/24' set firewall ipv4 name TO-HAEMAIL rule 110 action 'return' set firewall ipv4 name TO-HAEMAIL rule 110 description 'SMTP throughout' set firewall ipv4 name TO-HAEMAIL rule 110 destination address 'xxx.xxx.42.72/29' set firewall ipv4 name TO-HAEMAIL rule 110 destination port 'smtp' set firewall ipv4 name TO-HAEMAIL rule 110 protocol 'tcp' set firewall ipv4 name TO-HAEMAIL rule 996 action 'return' set firewall ipv4 name TO-HAEMAIL rule 996 description 'ICMP throughout' set firewall ipv4 name TO-HAEMAIL rule 996 protocol 'icmp' set firewall ipv4 name TO-HAEMAIL rule 997 action 'return' set firewall ipv4 name TO-HAEMAIL rule 997 description 'Firewall return traffic' set firewall ipv4 name TO-HAEMAIL rule 997 state 'established' set firewall ipv4 name TO-HAEMAIL rule 997 state 'related' set firewall ipv4 name TO-HAEMAIL rule 999 action 'reject' set firewall ipv4 name TO-HAEMAIL rule 999 description 'Block' set firewall ipv4 name TO-HAEMAIL rule 999 protocol 'all' set firewall ipv4 name TO-HAHOSTING default-action 'drop' set firewall ipv4 name TO-HAHOSTING rule 10 action 'return' set firewall ipv4 name TO-HAHOSTING rule 10 description 'TCP from itconsult' set firewall ipv4 name TO-HAHOSTING rule 10 destination address 'xxx.xxx.42.0/28' set firewall ipv4 name TO-HAHOSTING rule 10 destination port 'ssh,3389,5666,pop3,445,8001,8000' set firewall ipv4 name TO-HAHOSTING rule 10 protocol 'tcp' set firewall ipv4 name TO-HAHOSTING rule 10 source address 'xxx.xxx.42.0/24' set firewall ipv4 name TO-HAHOSTING rule 11 action 'return' set firewall ipv4 name TO-HAHOSTING rule 11 description 'UDP from itconsult' set firewall ipv4 name TO-HAHOSTING rule 11 destination address 'xxx.xxx.42.0/28' set firewall ipv4 name TO-HAHOSTING rule 11 destination port 'snmp' set firewall ipv4 name TO-HAHOSTING rule 11 protocol 'udp' set firewall ipv4 name TO-HAHOSTING rule 11 source address 'xxx.xxx.42.0/24' set firewall ipv4 name TO-HAHOSTING rule 110 action 'return' set firewall ipv4 name TO-HAHOSTING rule 110 description 'SMTP/DNS' set firewall ipv4 name TO-HAHOSTING rule 110 destination address 'xxx.xxx.42.0/28' set firewall ipv4 name TO-HAHOSTING rule 110 destination port 'smtp,domain' set firewall ipv4 name TO-HAHOSTING rule 110 protocol 'tcp' set firewall ipv4 name TO-HAHOSTING rule 120 action 'return' set firewall ipv4 name TO-HAHOSTING rule 120 description 'DNS' set firewall ipv4 name TO-HAHOSTING rule 120 destination address 'xxx.xxx.42.0/28' set firewall ipv4 name TO-HAHOSTING rule 120 destination port 'domain' set firewall ipv4 name TO-HAHOSTING rule 120 protocol 'udp' set firewall ipv4 name TO-HAHOSTING rule 130 action 'return' set firewall ipv4 name TO-HAHOSTING rule 130 description 'SYSLOG & SMNP Trap to m63' set firewall ipv4 name TO-HAHOSTING rule 130 destination address 'xxx.xxx.42.2/32' set firewall ipv4 name TO-HAHOSTING rule 130 destination port 'syslog,162' set firewall ipv4 name TO-HAHOSTING rule 130 protocol 'udp' set firewall ipv4 name TO-HAHOSTING rule 140 action 'return' set firewall ipv4 name TO-HAHOSTING rule 140 description 'ssh from m70' set firewall ipv4 name TO-HAHOSTING rule 140 destination address 'xxx.xxx.42.0/28' set firewall ipv4 name TO-HAHOSTING rule 140 destination port 'ssh' set firewall ipv4 name TO-HAHOSTING rule 140 protocol 'tcp' set firewall ipv4 name TO-HAHOSTING rule 140 source address 'xxx.xxx.144.150/32' set firewall ipv4 name TO-HAHOSTING rule 141 action 'return' set firewall ipv4 name TO-HAHOSTING rule 141 description 'ssh from m72' set firewall ipv4 name TO-HAHOSTING rule 141 destination address 'xxx.xxx.42.0/28' set firewall ipv4 name TO-HAHOSTING rule 141 destination port 'ssh' set firewall ipv4 name TO-HAHOSTING rule 141 protocol 'tcp' set firewall ipv4 name TO-HAHOSTING rule 141 source address 'xxx.xxx.34.123/32' set firewall ipv4 name TO-HAHOSTING rule 142 action 'return' set firewall ipv4 name TO-HAHOSTING rule 142 description 'ssh to m71' set firewall ipv4 name TO-HAHOSTING rule 142 destination address 'xxx.xxx.42.7/32' set firewall ipv4 name TO-HAHOSTING rule 142 destination port 'ssh' set firewall ipv4 name TO-HAHOSTING rule 142 protocol 'tcp' set firewall ipv4 name TO-HAHOSTING rule 996 action 'return' set firewall ipv4 name TO-HAHOSTING rule 996 description 'ICMP throughout' set firewall ipv4 name TO-HAHOSTING rule 996 protocol 'icmp' set firewall ipv4 name TO-HAHOSTING rule 997 action 'return' set firewall ipv4 name TO-HAHOSTING rule 997 description 'Firewall return traffic' set firewall ipv4 name TO-HAHOSTING rule 997 state 'established' set firewall ipv4 name TO-HAHOSTING rule 997 state 'related' set firewall ipv4 name TO-HAHOSTING rule 999 action 'reject' set firewall ipv4 name TO-HAHOSTING rule 999 description 'Block' set firewall ipv4 name TO-HAHOSTING rule 999 protocol 'all' set firewall ipv4 name TO-HAJTHOSTING default-action 'drop' set firewall ipv4 name TO-HAJTHOSTING rule 10 action 'return' set firewall ipv4 name TO-HAJTHOSTING rule 10 description 'TCP from itconsult' set firewall ipv4 name TO-HAJTHOSTING rule 10 destination address 'xxx.xxx.23.0/29' set firewall ipv4 name TO-HAJTHOSTING rule 10 destination port 'ssh,smtp,9392,https' set firewall ipv4 name TO-HAJTHOSTING rule 10 protocol 'tcp' set firewall ipv4 name TO-HAJTHOSTING rule 10 source address 'xxx.xxx.42.0/24' set firewall ipv4 name TO-HAJTHOSTING rule 11 action 'return' set firewall ipv4 name TO-HAJTHOSTING rule 11 description 'UDP from itconsult' set firewall ipv4 name TO-HAJTHOSTING rule 11 destination address 'xxx.xxx.23.0/29' set firewall ipv4 name TO-HAJTHOSTING rule 11 destination port 'snmp' set firewall ipv4 name TO-HAJTHOSTING rule 11 protocol 'udp' set firewall ipv4 name TO-HAJTHOSTING rule 11 source address 'xxx.xxx.42.0/24' set firewall ipv4 name TO-HAJTHOSTING rule 110 action 'return' set firewall ipv4 name TO-HAJTHOSTING rule 110 description 'SMTP to m81' set firewall ipv4 name TO-HAJTHOSTING rule 110 destination address 'xxx.xxx.23.2/32' set firewall ipv4 name TO-HAJTHOSTING rule 110 destination port 'smtp' set firewall ipv4 name TO-HAJTHOSTING rule 110 protocol 'tcp' set firewall ipv4 name TO-HAJTHOSTING rule 996 action 'return' set firewall ipv4 name TO-HAJTHOSTING rule 996 description 'ICMP throughout' set firewall ipv4 name TO-HAJTHOSTING rule 996 protocol 'icmp' set firewall ipv4 name TO-HAJTHOSTING rule 997 action 'return' set firewall ipv4 name TO-HAJTHOSTING rule 997 description 'Firewall return traffic' set firewall ipv4 name TO-HAJTHOSTING rule 997 state 'established' set firewall ipv4 name TO-HAJTHOSTING rule 997 state 'related' set firewall ipv4 name TO-HAJTHOSTING rule 999 action 'reject' set firewall ipv4 name TO-HAJTHOSTING rule 999 description 'Block' set firewall ipv4 name TO-HAJTHOSTING rule 999 protocol 'all' set firewall ipv4 name TO-HAUNIFI default-action 'drop' set firewall ipv4 name TO-HAUNIFI rule 10 action 'return' set firewall ipv4 name TO-HAUNIFI rule 10 description 'TCP from itconsult' set firewall ipv4 name TO-HAUNIFI rule 10 destination address 'xxx.xxx.132.0/24' set firewall ipv4 name TO-HAUNIFI rule 10 destination port 'ssh,8443' set firewall ipv4 name TO-HAUNIFI rule 10 protocol 'tcp' set firewall ipv4 name TO-HAUNIFI rule 10 source address 'xxx.xxx.42.0/24' set firewall ipv4 name TO-HAUNIFI rule 11 action 'return' set firewall ipv4 name TO-HAUNIFI rule 11 description 'UDP from itconsult' set firewall ipv4 name TO-HAUNIFI rule 11 destination address 'xxx.xxx.132.0/24' set firewall ipv4 name TO-HAUNIFI rule 11 destination port 'snmp' set firewall ipv4 name TO-HAUNIFI rule 11 protocol 'udp' set firewall ipv4 name TO-HAUNIFI rule 11 source address 'xxx.xxx.42.0/24' set firewall ipv4 name TO-HAUNIFI rule 996 action 'return' set firewall ipv4 name TO-HAUNIFI rule 996 description 'ICMP throughout' set firewall ipv4 name TO-HAUNIFI rule 996 protocol 'icmp' set firewall ipv4 name TO-HAUNIFI rule 997 action 'return' set firewall ipv4 name TO-HAUNIFI rule 997 description 'Firewall return traffic' set firewall ipv4 name TO-HAUNIFI rule 997 state 'established' set firewall ipv4 name TO-HAUNIFI rule 997 state 'related' set firewall ipv4 name TO-HAUNIFI rule 999 action 'reject' set firewall ipv4 name TO-HAUNIFI rule 999 description 'Block' set firewall ipv4 name TO-HAUNIFI rule 999 protocol 'all' set firewall ipv4 name TO-HAVIRT default-action 'drop' set firewall ipv4 name TO-HAVIRT rule 3 action 'return' set firewall ipv4 name TO-HAVIRT rule 3 description 'Allow local ha-h02' set firewall ipv4 name TO-HAVIRT rule 3 destination address 'xxx.xxx.42.85/32' set firewall ipv4 name TO-HAVIRT rule 3 source address 'xxx.xxx.42.0/24' set firewall ipv4 name TO-HAVIRT rule 5 action 'return' set firewall ipv4 name TO-HAVIRT rule 5 description 'Allow local NTP' set firewall ipv4 name TO-HAVIRT rule 5 destination address 'xxx.xxx.42.80/28' set firewall ipv4 name TO-HAVIRT rule 5 destination port 'ntp' set firewall ipv4 name TO-HAVIRT rule 5 protocol 'udp' set firewall ipv4 name TO-HAVIRT rule 5 source address 'xxx.xxx.42.0/24' set firewall ipv4 name TO-HAVIRT rule 6 action 'return' set firewall ipv4 name TO-HAVIRT rule 6 description 'Allow local NTP - vlan 131' set firewall ipv4 name TO-HAVIRT rule 6 destination address 'xxx.xxx.42.80/28' set firewall ipv4 name TO-HAVIRT rule 6 destination port 'ntp' set firewall ipv4 name TO-HAVIRT rule 6 protocol 'udp' set firewall ipv4 name TO-HAVIRT rule 6 source address 'xxx.xxx.23.0/29' set firewall ipv4 name TO-HAVIRT rule 7 action 'return' set firewall ipv4 name TO-HAVIRT rule 7 description 'Allow local NTP - vlan 141' set firewall ipv4 name TO-HAVIRT rule 7 destination address 'xxx.xxx.42.80/28' set firewall ipv4 name TO-HAVIRT rule 7 destination port 'ntp' set firewall ipv4 name TO-HAVIRT rule 7 protocol 'udp' set firewall ipv4 name TO-HAVIRT rule 7 source address 'xxx.xxx.132.0/24' set firewall ipv4 name TO-HAVIRT rule 10 action 'reject' set firewall ipv4 name TO-HAVIRT rule 10 description 'Disallow Bassspeaker' set firewall ipv4 name TO-HAVIRT rule 10 destination address 'xxx.xxx.42.80/28' set firewall ipv4 name TO-HAVIRT rule 10 source address 'xxx.xxx.42.216/29' set firewall ipv4 name TO-HAVIRT rule 20 action 'reject' set firewall ipv4 name TO-HAVIRT rule 20 description 'Disallow Guides' set firewall ipv4 name TO-HAVIRT rule 20 destination address 'xxx.xxx.42.80/28' set firewall ipv4 name TO-HAVIRT rule 20 source address 'xxx.xxx.42.120/29' set firewall ipv4 name TO-HAVIRT rule 30 action 'reject' set firewall ipv4 name TO-HAVIRT rule 30 description 'Disallow Merula' set firewall ipv4 name TO-HAVIRT rule 30 destination address 'xxx.xxx.42.80/28' set firewall ipv4 name TO-HAVIRT rule 30 source address 'xxx.xxx.42.192/29' set firewall ipv4 name TO-HAVIRT rule 40 action 'reject' set firewall ipv4 name TO-HAVIRT rule 40 description 'Disallow Island Networks' set firewall ipv4 name TO-HAVIRT rule 40 destination address 'xxx.xxx.42.80/28' set firewall ipv4 name TO-HAVIRT rule 40 source address 'xxx.xxx.42.176/28' set firewall ipv4 name TO-HAVIRT rule 100 action 'return' set firewall ipv4 name TO-HAVIRT rule 100 description 'Allow all local traffic' set firewall ipv4 name TO-HAVIRT rule 100 destination address 'xxx.xxx.42.80/28' set firewall ipv4 name TO-HAVIRT rule 100 source address 'xxx.xxx.42.0/24' set firewall ipv4 name TO-HAVIRT rule 110 action 'return' set firewall ipv4 name TO-HAVIRT rule 110 description 'Allow all m70' set firewall ipv4 name TO-HAVIRT rule 110 destination address 'xxx.xxx.42.80/28' set firewall ipv4 name TO-HAVIRT rule 110 source address 'xxx.xxx.144.150/32' set firewall ipv4 name TO-HAVIRT rule 996 action 'return' set firewall ipv4 name TO-HAVIRT rule 996 description 'ICMP throughout' set firewall ipv4 name TO-HAVIRT rule 996 protocol 'icmp' set firewall ipv4 name TO-HAVIRT rule 997 action 'return' set firewall ipv4 name TO-HAVIRT rule 997 description 'Firewall return traffic' set firewall ipv4 name TO-HAVIRT rule 997 state 'established' set firewall ipv4 name TO-HAVIRT rule 997 state 'related' set firewall ipv4 name TO-HAVIRT rule 999 action 'reject' set firewall ipv4 name TO-HAVIRT rule 999 description 'Block' set firewall ipv4 name TO-HAVIRT rule 999 protocol 'all' set firewall ipv4 name TO-INSIDEH default-action 'drop' set firewall ipv4 name TO-INSIDEH rule 1 action 'drop' set firewall ipv4 name TO-INSIDEH rule 1 description 'Drop attack traffic' set firewall ipv4 name TO-INSIDEH rule 1 source address 'xxx.xxx.102.94/32' set firewall ipv4 name TO-INSIDEH rule 10 action 'return' set firewall ipv4 name TO-INSIDEH rule 10 description 'Allow all local traffic' set firewall ipv4 name TO-INSIDEH rule 10 destination address 'xxx.xxx.42.0/26' set firewall ipv4 name TO-INSIDEH rule 10 source group network-group 'itconsult' set firewall ipv4 name TO-INSIDEH rule 20 action 'return' set firewall ipv4 name TO-INSIDEH rule 20 description 'Allow all local traffic to JT subnet' set firewall ipv4 name TO-INSIDEH rule 20 destination address 'xxx.xxx.42.0/26' set firewall ipv4 name TO-INSIDEH rule 20 source address 'xxx.xxx.23.0/29' set firewall ipv4 name TO-INSIDEH rule 30 action 'return' set firewall ipv4 name TO-INSIDEH rule 30 description 'Permitted TCP traffic' set firewall ipv4 name TO-INSIDEH rule 30 destination address 'xxx.xxx.42.0/26' set firewall ipv4 name TO-INSIDEH rule 30 destination port 'domain,smtp,pop3,submission,www,https,imap2,8000' set firewall ipv4 name TO-INSIDEH rule 30 protocol 'tcp' set firewall ipv4 name TO-INSIDEH rule 40 action 'return' set firewall ipv4 name TO-INSIDEH rule 40 description 'Permitted UDP traffic' set firewall ipv4 name TO-INSIDEH rule 40 destination address 'xxx.xxx.42.0/26' set firewall ipv4 name TO-INSIDEH rule 40 destination port 'domain' set firewall ipv4 name TO-INSIDEH rule 40 protocol 'udp' set firewall ipv4 name TO-INSIDEH rule 50 action 'return' set firewall ipv4 name TO-INSIDEH rule 50 description 'Permitted TCP traffic to JT subnet' set firewall ipv4 name TO-INSIDEH rule 50 destination address 'xxx.xxx.23.0/29' set firewall ipv4 name TO-INSIDEH rule 50 destination port 'domain,smtp' set firewall ipv4 name TO-INSIDEH rule 50 protocol 'tcp' set firewall ipv4 name TO-INSIDEH rule 60 action 'return' set firewall ipv4 name TO-INSIDEH rule 60 description 'Permitted UDP traffic to JT subnet' set firewall ipv4 name TO-INSIDEH rule 60 destination address 'xxx.xxx.23.0/29' set firewall ipv4 name TO-INSIDEH rule 60 destination port 'domain' set firewall ipv4 name TO-INSIDEH rule 60 protocol 'udp' set firewall ipv4 name TO-INSIDEH rule 70 action 'return' set firewall ipv4 name TO-INSIDEH rule 70 description 'Syslog & SNMP Trap' set firewall ipv4 name TO-INSIDEH rule 70 destination address 'xxx.xxx.42.2/32' set firewall ipv4 name TO-INSIDEH rule 70 destination port 'syslog,162' set firewall ipv4 name TO-INSIDEH rule 70 protocol 'udp' set firewall ipv4 name TO-INSIDEH rule 90 action 'return' set firewall ipv4 name TO-INSIDEH rule 90 description 'FTP to ftp' set firewall ipv4 name TO-INSIDEH rule 90 destination address 'xxx.xxx.42.20/32' set firewall ipv4 name TO-INSIDEH rule 90 destination port 'ftp' set firewall ipv4 name TO-INSIDEH rule 90 protocol 'tcp' set firewall ipv4 name TO-INSIDEH rule 100 action 'return' set firewall ipv4 name TO-INSIDEH rule 100 description 'HTTPS to m73' set firewall ipv4 name TO-INSIDEH rule 100 destination address 'xxx.xxx.42.34/32' set firewall ipv4 name TO-INSIDEH rule 100 destination port 'https' set firewall ipv4 name TO-INSIDEH rule 100 protocol 'tcp' set firewall ipv4 name TO-INSIDEH rule 120 action 'return' set firewall ipv4 name TO-INSIDEH rule 120 description 'NSCA to m40' set firewall ipv4 name TO-INSIDEH rule 120 destination address 'xxx.xxx.42.46/32' set firewall ipv4 name TO-INSIDEH rule 120 destination port '5667' set firewall ipv4 name TO-INSIDEH rule 120 protocol 'tcp' set firewall ipv4 name TO-INSIDEH rule 210 action 'return' set firewall ipv4 name TO-INSIDEH rule 210 description 'IPSEC' set firewall ipv4 name TO-INSIDEH rule 210 destination address 'xxx.xxx.42.0/26' set firewall ipv4 name TO-INSIDEH rule 210 destination port '500,4500' set firewall ipv4 name TO-INSIDEH rule 210 protocol 'udp' set firewall ipv4 name TO-INSIDEH rule 220 action 'return' set firewall ipv4 name TO-INSIDEH rule 220 description 'IPSEC' set firewall ipv4 name TO-INSIDEH rule 220 destination address 'xxx.xxx.42.0/26' set firewall ipv4 name TO-INSIDEH rule 220 protocol 'esp' set firewall ipv4 name TO-INSIDEH rule 230 action 'return' set firewall ipv4 name TO-INSIDEH rule 230 description 'm70 ssh' set firewall ipv4 name TO-INSIDEH rule 230 destination address 'xxx.xxx.42.0/26' set firewall ipv4 name TO-INSIDEH rule 230 destination port 'ssh' set firewall ipv4 name TO-INSIDEH rule 230 protocol 'tcp' set firewall ipv4 name TO-INSIDEH rule 230 source address 'xxx.xxx.144.150/32' set firewall ipv4 name TO-INSIDEH rule 231 action 'return' set firewall ipv4 name TO-INSIDEH rule 231 description 'm72 ssh' set firewall ipv4 name TO-INSIDEH rule 231 destination address 'xxx.xxx.42.0/26' set firewall ipv4 name TO-INSIDEH rule 231 destination port 'ssh' set firewall ipv4 name TO-INSIDEH rule 231 protocol 'tcp' set firewall ipv4 name TO-INSIDEH rule 231 source address 'xxx.xxx.34.123/32' set firewall ipv4 name TO-INSIDEH rule 240 action 'return' set firewall ipv4 name TO-INSIDEH rule 240 description 'external smb to m86' set firewall ipv4 name TO-INSIDEH rule 240 destination address 'xxx.xxx.42.48/32' set firewall ipv4 name TO-INSIDEH rule 240 destination port '445' set firewall ipv4 name TO-INSIDEH rule 240 protocol 'tcp' set firewall ipv4 name TO-INSIDEH rule 240 source group network-group 'smbtom86' set firewall ipv4 name TO-INSIDEH rule 302 action 'return' set firewall ipv4 name TO-INSIDEH rule 302 description 'm56 ssh (temporary)' set firewall ipv4 name TO-INSIDEH rule 302 destination address 'xxx.xxx.42.36/32' set firewall ipv4 name TO-INSIDEH rule 302 destination port 'ssh' set firewall ipv4 name TO-INSIDEH rule 302 protocol 'tcp' set firewall ipv4 name TO-INSIDEH rule 303 action 'return' set firewall ipv4 name TO-INSIDEH rule 303 description 'imaps to et11 (temporary)' set firewall ipv4 name TO-INSIDEH rule 303 destination address 'xxx.xxx.42.35/32' set firewall ipv4 name TO-INSIDEH rule 303 destination port '993' set firewall ipv4 name TO-INSIDEH rule 303 protocol 'tcp' set firewall ipv4 name TO-INSIDEH rule 304 action 'return' set firewall ipv4 name TO-INSIDEH rule 304 description 'vlan99 to lt01 (temporary)' set firewall ipv4 name TO-INSIDEH rule 304 destination address 'xxx.xxx.42.34/32' set firewall ipv4 name TO-INSIDEH rule 304 source address 'xxx.xxx.99.0/24' set firewall ipv4 name TO-INSIDEH rule 981 action 'reject' set firewall ipv4 name TO-INSIDEH rule 981 description 'Block IDENT without logging' set firewall ipv4 name TO-INSIDEH rule 981 destination port 'auth' set firewall ipv4 name TO-INSIDEH rule 981 protocol 'tcp' set firewall ipv4 name TO-INSIDEH rule 996 action 'return' set firewall ipv4 name TO-INSIDEH rule 996 description 'ICMP throughout' set firewall ipv4 name TO-INSIDEH rule 996 protocol 'icmp' set firewall ipv4 name TO-INSIDEH rule 997 action 'return' set firewall ipv4 name TO-INSIDEH rule 997 description 'Firewall return traffic' set firewall ipv4 name TO-INSIDEH rule 997 state 'established' set firewall ipv4 name TO-INSIDEH rule 997 state 'related' set firewall ipv4 name TO-INSIDEH rule 999 action 'reject' set firewall ipv4 name TO-INSIDEH rule 999 description 'Block' set firewall ipv4 name TO-INSIDEH rule 999 protocol 'all' set firewall ipv4 name TO-MR default-action 'drop' set firewall ipv4 name TO-MR rule 996 action 'return' set firewall ipv4 name TO-MR rule 996 description 'ICMP throughout' set firewall ipv4 name TO-MR rule 996 protocol 'icmp' set firewall ipv4 name TO-MR rule 997 action 'return' set firewall ipv4 name TO-MR rule 997 description 'Firewall return traffic' set firewall ipv4 name TO-MR rule 997 state 'established' set firewall ipv4 name TO-MR rule 997 state 'related' set firewall ipv4 name TO-MR rule 999 action 'reject' set firewall ipv4 name TO-MR rule 999 description 'Block' set firewall ipv4 name TO-MR rule 999 protocol 'all' set firewall ipv4 name TO-ROUTER default-action 'drop' set firewall ipv4 name TO-ROUTER rule 10 action 'return' set firewall ipv4 name TO-ROUTER rule 10 description 'All Local Traffic' set firewall ipv4 name TO-ROUTER rule 10 protocol 'all' set firewall ipv4 name TO-ROUTER rule 10 source address 'xxx.xxx.42.0/24' set firewall ipv4 name TO-ROUTER rule 20 action 'return' set firewall ipv4 name TO-ROUTER rule 20 description 'All Local Foreshore Traffic' set firewall ipv4 name TO-ROUTER rule 20 protocol 'all' set firewall ipv4 name TO-ROUTER rule 20 source address 'xxx.xxx.95.24/29' set firewall ipv4 name TO-ROUTER rule 30 action 'return' set firewall ipv4 name TO-ROUTER rule 30 description 'All Local Newtel Traffic' set firewall ipv4 name TO-ROUTER rule 30 protocol 'all' set firewall ipv4 name TO-ROUTER rule 30 source address 'xxx.xxx.203.24/29' set firewall ipv4 name TO-ROUTER rule 40 action 'return' set firewall ipv4 name TO-ROUTER rule 40 description 'All Local JT Traffic' set firewall ipv4 name TO-ROUTER rule 40 protocol 'all' set firewall ipv4 name TO-ROUTER rule 40 source address 'xxx.xxx.23.0/29' set firewall ipv4 name TO-ROUTER rule 50 action 'return' set firewall ipv4 name TO-ROUTER rule 50 description 'All Local JT Traffic' set firewall ipv4 name TO-ROUTER rule 50 protocol 'all' set firewall ipv4 name TO-ROUTER rule 50 source address 'xxx.xxx.4.208/29' set firewall ipv4 name TO-ROUTER rule 60 action 'return' set firewall ipv4 name TO-ROUTER rule 60 description 'VRRP' set firewall ipv4 name TO-ROUTER rule 60 destination address 'xxx.xxx.0.18' set firewall ipv4 name TO-ROUTER rule 60 protocol '112' set firewall ipv4 name TO-ROUTER rule 70 action 'return' set firewall ipv4 name TO-ROUTER rule 70 description 'IPSEC UDP' set firewall ipv4 name TO-ROUTER rule 70 destination port '500,4500,1701' set firewall ipv4 name TO-ROUTER rule 70 protocol 'udp' set firewall ipv4 name TO-ROUTER rule 80 action 'return' set firewall ipv4 name TO-ROUTER rule 80 description 'IPSEC ESP' set firewall ipv4 name TO-ROUTER rule 80 protocol 'esp' set firewall ipv4 name TO-ROUTER rule 90 action 'return' set firewall ipv4 name TO-ROUTER rule 90 description 'BGP' set firewall ipv4 name TO-ROUTER rule 90 destination port '179' set firewall ipv4 name TO-ROUTER rule 90 protocol 'tcp' set firewall ipv4 name TO-ROUTER rule 100 action 'return' set firewall ipv4 name TO-ROUTER rule 100 description 'DHCP' set firewall ipv4 name TO-ROUTER rule 100 destination port 'bootps' set firewall ipv4 name TO-ROUTER rule 100 protocol 'udp' set firewall ipv4 name TO-ROUTER rule 996 action 'return' set firewall ipv4 name TO-ROUTER rule 996 description 'ICMP Throughout' set firewall ipv4 name TO-ROUTER rule 996 protocol 'icmp' set firewall ipv4 name TO-ROUTER rule 997 action 'return' set firewall ipv4 name TO-ROUTER rule 997 description 'Return Traffic' set firewall ipv4 name TO-ROUTER rule 997 state 'established' set firewall ipv4 name TO-ROUTER rule 997 state 'related' set firewall ipv4 name TO-ROUTER rule 999 action 'reject' set firewall ipv4 name TO-ROUTER rule 999 description 'Block & Log' set firewall ipv4 name TO-ROUTER rule 999 protocol 'all' set high-availability vrrp group eth0.10-10 address xxx.xxx.42.62/27 set high-availability vrrp group eth0.10-10 advertise-interval '1' set high-availability vrrp group eth0.10-10 interface 'eth0.10' set high-availability vrrp group eth0.10-10 priority '150' set high-availability vrrp group eth0.10-10 vrid '10' set high-availability vrrp group eth0.12-12 address xxx.xxx.134.14/28 set high-availability vrrp group eth0.12-12 advertise-interval '1' set high-availability vrrp group eth0.12-12 interface 'eth0.12' set high-availability vrrp group eth0.12-12 priority '150' set high-availability vrrp group eth0.12-12 vrid '12' set high-availability vrrp group eth0.130-130 address xxx.xxx.42.14/28 set high-availability vrrp group eth0.130-130 advertise-interval '1' set high-availability vrrp group eth0.130-130 interface 'eth0.130' set high-availability vrrp group eth0.130-130 priority '150' set high-availability vrrp group eth0.130-130 vrid '130' set high-availability vrrp group eth0.131-131 address xxx.xxx.23.6/29 set high-availability vrrp group eth0.131-131 advertise-interval '1' set high-availability vrrp group eth0.131-131 interface 'eth0.131' set high-availability vrrp group eth0.131-131 priority '150' set high-availability vrrp group eth0.131-131 vrid '131' set high-availability vrrp group eth0.140-140 address xxx.xxx.42.94/28 set high-availability vrrp group eth0.140-140 advertise-interval '1' set high-availability vrrp group eth0.140-140 interface 'eth0.140' set high-availability vrrp group eth0.140-140 priority '150' set high-availability vrrp group eth0.140-140 vrid '140' set high-availability vrrp group eth0.141-141 address xxx.xxx.132.254/24 set high-availability vrrp group eth0.141-141 advertise-interval '1' set high-availability vrrp group eth0.141-141 interface 'eth0.141' set high-availability vrrp group eth0.141-141 priority '150' set high-availability vrrp group eth0.141-141 vrid '141' set high-availability vrrp group eth0.262-262 address xxx.xxx.42.78/29 set high-availability vrrp group eth0.262-262 advertise-interval '1' set high-availability vrrp group eth0.262-262 interface 'eth0.262' set high-availability vrrp group eth0.262-262 priority '150' set high-availability vrrp group eth0.262-262 vrid '62' set interfaces dummy dum1 address 'xxx.xxx.42.188/32' set interfaces dummy dum1 description 'outbound from vlan 12' set interfaces ethernet eth0 duplex 'auto' set interfaces ethernet eth0 hw-id 'xx:xx:xx:xx:xx:c5' set interfaces ethernet eth0 offload gro set interfaces ethernet eth0 offload gso set interfaces ethernet eth0 offload sg set interfaces ethernet eth0 offload tso set interfaces ethernet eth0 speed 'auto' set interfaces ethernet eth0 vif 10 address 'xxx.xxx.42.61/27' set interfaces ethernet eth0 vif 10 description 'Inside HA' set interfaces ethernet eth0 vif 10 disable set interfaces ethernet eth0 vif 12 address 'xxx.xxx.134.12/28' set interfaces ethernet eth0 vif 12 description 'MR - laptop etc' set interfaces ethernet eth0 vif 12 disable set interfaces ethernet eth0 vif 20 address 'xxx.xxx.42.171/28' set interfaces ethernet eth0 vif 20 description 'Backbone HA' set interfaces ethernet eth0 vif 130 address 'xxx.xxx.42.13/28' set interfaces ethernet eth0 vif 130 description 'HA Hosting' set interfaces ethernet eth0 vif 130 disable set interfaces ethernet eth0 vif 131 address 'xxx.xxx.23.5/29' set interfaces ethernet eth0 vif 131 description 'HA JT Hosting' set interfaces ethernet eth0 vif 131 disable set interfaces ethernet eth0 vif 140 address 'xxx.xxx.42.93/28' set interfaces ethernet eth0 vif 140 description 'Virtualisation/Storage' set interfaces ethernet eth0 vif 140 disable set interfaces ethernet eth0 vif 141 address 'xxx.xxx.132.251/24' set interfaces ethernet eth0 vif 141 description 'Unifi Management' set interfaces ethernet eth0 vif 141 disable set interfaces ethernet eth0 vif 262 address 'xxx.xxx.42.77/29' set interfaces ethernet eth0 vif 262 description 'HA Email' set interfaces ethernet eth0 vif 262 disable set interfaces loopback lo address 'xxx.xxx.42.210/32' set interfaces loopback lo ip set nat source rule 12 description 'vlan 12 - translate all' set nat source rule 12 source address 'xxx.xxx.134.0/28' set nat source rule 12 translation address 'xxx.xxx.42.188/32' set nat source rule 141 description 'm84 outbound to internet' set nat source rule 141 destination address '!xxx.xxx.42.0/24' set nat source rule 141 outbound-interface name 'eth0.20' set nat source rule 141 source address 'xxx.xxx.132.1/32' set nat source rule 141 translation address 'masquerade' set policy route outviajt interface 'eth0.131' set policy route outviajt rule 10 description 'Internal Traffic' set policy route outviajt rule 10 destination group network-group 'internaladdresses' set policy route outviajt rule 10 set table 'main' set policy route outviajt rule 10 source group network-group 'outviajt' set policy route outviajt rule 20 description 'Out via JT' set policy route outviajt rule 20 set table '1' set policy route outviajt rule 20 source group network-group 'outviajt' set policy route outviajt rule 30 description 'Normal Traffic' set policy route outviajt rule 30 set table 'main' set protocols static route xxx.xxx.0.0/0 next-hop xxx.xxx.42.170 distance '130' set protocols static route xxx.xxx.98.1/32 next-hop xxx.xxx.42.165 set protocols static route xxx.xxx.151.0/24 next-hop xxx.xxx.42.166 set protocols static route xxx.xxx.151.1/32 next-hop xxx.xxx.42.166 set protocols static table 1 route xxx.xxx.0.0/0 next-hop xxx.xxx.42.168 set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.42.32/27 default-router 'xxx.xxx.42.62' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.42.32/27 lease '10800' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.42.32/27 name-server 'xxx.xxx.42.9' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.42.32/27 name-server 'xxx.xxx.42.130' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.42.32/27 range 0 start 'xxx.xxx.42.38' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.42.32/27 range 0 stop 'xxx.xxx.42.39' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.42.32/27 static-mapping xxxxxx ip-address 'xxx.xxx.42.43' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.42.32/27 static-mapping xxxxxx mac-address 'xx:xx:xx:xx:xx:79' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.42.32/27 static-mapping xxxxxx ip-address 'xxx.xxx.42.44' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.42.32/27 static-mapping xxxxxx mac-address 'xx:xx:xx:xx:xx:83' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.134.0/28 default-router 'xxx.xxx.134.14' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.134.0/28 lease '10800' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.134.0/28 name-server 'xxx.xxx.42.9' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.134.0/28 name-server 'xxx.xxx.42.130' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.134.0/28 range 0 start 'xxx.xxx.134.2' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.134.0/28 range 0 stop 'xxx.xxx.134.7' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.134.0/28 static-mapping xxxxxx ip-address 'xxx.xxx.134.1' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.134.0/28 static-mapping xxxxxx mac-address 'xx:xx:xx:xx:xx:ac' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.132.0/24 default-router 'xxx.xxx.132.254' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.132.0/24 lease '10800' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.132.0/24 name-server 'xxx.xxx.42.9' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.132.0/24 name-server 'xxx.xxx.42.130' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.132.0/24 range 0 start 'xxx.xxx.132.111' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.132.0/24 range 0 stop 'xxx.xxx.132.119' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.132.0/24 static-mapping xxxxxx ip-address 'xxx.xxx.132.11' set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.132.0/24 static-mapping xxxxxx mac-address 'xx:xx:xx:xx:xx:d9' set service ntp allow-client xxxxxx 'xxx.xxx.0.0/0' set service ntp allow-client xxxxxx '::/0' set service ntp server xxxxx.tld set service ntp server xxxxx.tld set service ntp server xxxxx.tld set service ntp server xxxxx.tld set service snmp community [redacted] authorization 'ro' set service snmp community [redacted] network 'xxx.xxx.42.0/24' set service ssh port '22' set system config-management commit-revisions '20' set system domain-name xxxxxx set system host-name xxxxxx set system login banner post-login '' set system login banner pre-login '' set system login user xxxxxx authentication encrypted-password xxxxxx set system login user xxxxxx authentication plaintext-password xxxxxx set system name-server 'xxx.xxx.42.9' set system name-server 'xxx.xxx.42.130' set system syslog global facility all level 'debug' set system syslog global facility local7 level 'debug' set system syslog host xxx.xxx.42.2 facility all level 'debug' set system time-zone 'GB' itconsult@ha-r02a:~$ itconsult@ha-r02a:~$