From 390d56601a31afa2e87b2d11d5ad4aa47a4a90ba Mon Sep 17 00:00:00 2001
From: Vadim Kurland <vadim@slot.vk.crocodile.org>
Date: Thu, 7 Apr 2011 20:55:53 -0700
Subject: [PATCH] * PIXImporterNat.cpp (buildDNATRule): resolved several
 problems with import of "static" commands that use access list that matches
 source or destination tcp/udp ports. See #2326, #2327

---
 doc/ChangeLog                                 |   4 +
 src/import/PIXImporter.cpp                    |  40 +-
 src/import/PIXImporterNat.cpp                 |  22 +-
 src/import/serviceObjectMaker.cpp             |  47 ++
 src/import/serviceObjectMaker.h               |   3 +-
 src/parsers/PIXCfgParser.cpp                  |  53 +-
 src/parsers/PIXCfgParser.hpp                  |   2 -
 src/parsers/pix.g                             |  18 +-
 .../PIXImporterTest/test_data/pix6.fwb        | 706 +++++++++---------
 .../PIXImporterTest/test_data/pix7-nat.fwb    | 234 +++---
 10 files changed, 573 insertions(+), 556 deletions(-)

diff --git a/doc/ChangeLog b/doc/ChangeLog
index 25c1b5b9c..866c5591d 100644
--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@@ -1,5 +1,9 @@
 2011-04-07  vadim  <vadim@netcitadel.com>
 
+	* PIXImporterNat.cpp (buildDNATRule): resolved several problems
+	with import of "static" commands that use access list that matches
+	source or destination tcp/udp ports. See #2326, #2327
+
 	* pix.g (network_top_level_command): see #2295 fixes in the grammar
 	to support import of FWSM configs
 
diff --git a/src/import/PIXImporter.cpp b/src/import/PIXImporter.cpp
index 1cd1909fc..b97d49d08 100644
--- a/src/import/PIXImporter.cpp
+++ b/src/import/PIXImporter.cpp
@@ -46,12 +46,9 @@
 #include "fwbuilder/Policy.h"
 #include "fwbuilder/RuleElement.h"
 #include "fwbuilder/Library.h"
-#include "fwbuilder/ObjectMirror.h"
 #include "fwbuilder/TCPUDPService.h"
 
 #include "../libgui/platforms.h"
-// TODO: FWBTree needs to be refactored into an independent module
-#include "../libgui/FWBTree.h"
 
 #include <QString>
 #include <QtDebug>
@@ -347,9 +344,9 @@ FWObject* PIXImporter::mirrorServiceObjectRecursively(FWObject *obj)
 
     if (Service::cast(obj) != NULL)
     {
-        FWObject *new_obj = getMirroredServiceObject(obj);
-
-        named_objects_registry[QString::fromUtf8(new_name.c_str())] = new_obj;
+        FWObject *new_obj = service_maker->getMirroredServiceObject(obj);
+        if (new_obj)
+            named_objects_registry[QString::fromUtf8(new_name.c_str())] = new_obj;
         res = new_obj;
     } else
     {
@@ -378,37 +375,6 @@ FWObject* PIXImporter::mirrorServiceObjectRecursively(FWObject *obj)
     return res;
 }
 
-FWObject* PIXImporter::getMirroredServiceObject(FWObject *obj)
-{
-    string new_name = obj->getName() + "-mirror";
-    QString qs_new_name = QString::fromUtf8(new_name.c_str());
-    if (named_objects_registry.count(qs_new_name) > 0)
-        return named_objects_registry[qs_new_name];
-
-    Service *new_obj = NULL;
-    if (TCPService::isA(obj) || UDPService::isA(obj))
-    {
-        ObjectMirror mirror;
-        new_obj = mirror.getMirroredService(Service::cast(obj));
-        if (new_obj!=NULL)
-        {
-            new_obj->setName(new_name);
-
-            // obj may belong to the standard objects library if it was
-            // deduplicated before
-            FWObject *parent = obj->getParent();
-            if (parent->isReadOnly())
-            {
-                FWBTree tree ;
-                FWObject *slot = tree.getStandardSlotForObject(
-                    library, new_obj->getTypeName().c_str());
-                slot->add(new_obj);
-            } else parent->add(new_obj);
-        }
-    }
-    return new_obj;
-}
-
 void PIXImporter::setInterfaceAndDirectionForRuleSet(
     const string &ruleset_name, const string &interface_label, const string &dir)
 {
diff --git a/src/import/PIXImporterNat.cpp b/src/import/PIXImporterNat.cpp
index 0b69d7669..28502130e 100644
--- a/src/import/PIXImporterNat.cpp
+++ b/src/import/PIXImporterNat.cpp
@@ -216,13 +216,19 @@ void PIXImporter::buildDNATRule()
                     RuleElement* osrc = nat_rule->getOSrc();
                     RuleElement* osrv = nat_rule->getOSrv();
                     RuleElement* tdst = nat_rule->getTDst();
+                    RuleElement* tsrv = nat_rule->getTSrv();
 
                     /* copy objects from a policy rule into
                      * rule elements of a nat rule
                      *
                      * Src --> TDst
                      * Dst --> OSrc
-                     * Srv --> OSrv
+                     *
+                     * If Srv matches destination ports, it should be mirrored and
+                     * placed in OSrv
+                     *
+                     * If it matches source ports, it goes to TSrv, mirrored
+                     *
                      */
                     RuleElement *re = policy_rule->getSrc();
                     FWObject::iterator it;
@@ -235,7 +241,19 @@ void PIXImporter::buildDNATRule()
 
                     re = policy_rule->getSrv();
                     for (it=re->begin(); it!=re->end(); ++it)
-                        osrv->addRef(FWReference::getObject(*it));
+                    {
+                        FWObject *old_obj = FWReference::getObject(*it);
+                        TCPUDPService *tcpudp = TCPUDPService::cast(
+                            mirrorServiceObjectRecursively(old_obj));
+                        if (tcpudp == NULL) tsrv->addRef(old_obj);
+                        else
+                        {
+                            if (tcpudp->getSrcRangeEnd() > 0)
+                                osrv->addRef(tcpudp);
+                            if (tcpudp->getDstRangeEnd() > 0)
+                                tsrv->addRef(tcpudp);
+                        }
+                    }
 
                     current_ruleset->ruleset->add(nat_rule);
                     addStandardImportComment(
diff --git a/src/import/serviceObjectMaker.cpp b/src/import/serviceObjectMaker.cpp
index 5b474fbc1..cf778131a 100644
--- a/src/import/serviceObjectMaker.cpp
+++ b/src/import/serviceObjectMaker.cpp
@@ -28,10 +28,15 @@
 #include "fwbuilder/FWObjectDatabase.h"
 #include "fwbuilder/ICMPService.h"
 #include "fwbuilder/IPService.h"
+#include "fwbuilder/Library.h"
+#include "fwbuilder/ObjectMirror.h"
 #include "fwbuilder/TCPService.h"
 #include "fwbuilder/TagService.h"
 #include "fwbuilder/UDPService.h"
 
+// TODO: FWBTree needs to be refactored into an independent module
+#include "../libgui/FWBTree.h"
+
 #include "QStringListOperators.h"
 
 #include <QStringList>
@@ -257,3 +262,45 @@ FWObject* ServiceObjectMaker::getTagService(const QString &tagcode)
     return s;
 }
 
+FWObject* ServiceObjectMaker::getMirroredServiceObject(FWObject *obj)
+{
+    string new_name = obj->getName() + "-mirror";
+    QString qs_new_name = QString::fromUtf8(new_name.c_str());
+    FWObject *new_obj = NULL;
+    if (TCPService::isA(obj) || UDPService::isA(obj))
+    {
+        ObjectMirror mirror;
+        new_obj = mirror.getMirroredService(Service::cast(obj));
+        if (new_obj!=NULL)
+        {
+            if (TCPService::isA(new_obj))
+                TCPService::cast(new_obj)->setEstablished(false);
+
+            ObjectSignature sig(error_tracker);
+            new_obj->dispatch(&sig, (void*)(NULL));
+            sig.object_name = "";
+
+            FWObject *matching_obj = findMatchingObject(sig);
+            if (matching_obj)
+            {
+                delete new_obj;
+                return matching_obj;
+            }
+
+            new_obj->setName(new_name);
+
+            // obj may belong to the standard objects library if it was
+            // deduplicated before
+            FWObject *parent = obj->getParent();
+            if (parent->isReadOnly())
+            {
+                FWBTree tree ;
+                FWObject *slot = tree.getStandardSlotForObject(
+                    library, new_obj->getTypeName().c_str());
+                slot->add(new_obj);
+            } else parent->add(new_obj);
+        }
+    }
+    return new_obj;
+}
+
diff --git a/src/import/serviceObjectMaker.h b/src/import/serviceObjectMaker.h
index d23afba4a..de07a0286 100644
--- a/src/import/serviceObjectMaker.h
+++ b/src/import/serviceObjectMaker.h
@@ -43,6 +43,8 @@ public:
 
     virtual libfwbuilder::FWObject* createObject(ObjectSignature &sig);
         
+    libfwbuilder::FWObject* getMirroredServiceObject(libfwbuilder::FWObject *obj);
+
 protected:
     virtual libfwbuilder::FWObject* getCustomService(const QString &platform,
                                                      const QString &code,
@@ -60,7 +62,6 @@ protected:
     virtual libfwbuilder::FWObject* getTagService(const QString &tagcode);
 
 
-
 };
 
 #endif
diff --git a/src/parsers/PIXCfgParser.cpp b/src/parsers/PIXCfgParser.cpp
index f9421cdea..1b9e42db1 100644
--- a/src/parsers/PIXCfgParser.cpp
+++ b/src/parsers/PIXCfgParser.cpp
@@ -7116,15 +7116,6 @@ void PIXCfgParser::static_starts_with_tcp_udp() {
 #line 7117 "PIXCfgParser.cpp"
 		}
 		static_real_addr_match();
-		tcp_udp_port_spec();
-		if ( inputState->guessing==0 ) {
-#line 2196 "pix.g"
-			
-			importer->real_port_spec = importer->tmp_port_spec_2;
-			*dbg << "real port " << importer->real_port_spec << " ";
-			
-#line 7127 "PIXCfgParser.cpp"
-		}
 		{ // ( ... )*
 		for (;;) {
 			if ((_tokenSet_40.member(LA(1)))) {
@@ -7165,7 +7156,7 @@ void PIXCfgParser::static_mapped_addr_match() {
 				importer->mapped_nm = importer->tmp_nm;
 				*dbg << "mapped: " << importer->mapped_a;
 				
-#line 7169 "PIXCfgParser.cpp"
+#line 7160 "PIXCfgParser.cpp"
 			}
 			break;
 		}
@@ -7179,7 +7170,7 @@ void PIXCfgParser::static_mapped_addr_match() {
 				importer->mapped_nm = "";
 				*dbg << "mapped: " << importer->mapped_a;
 				
-#line 7183 "PIXCfgParser.cpp"
+#line 7174 "PIXCfgParser.cpp"
 			}
 			break;
 		}
@@ -7218,7 +7209,7 @@ void PIXCfgParser::static_real_addr_match() {
 				importer->real_nm = importer->tmp_nm;
 				*dbg << "real: " << importer->real_a;
 				
-#line 7222 "PIXCfgParser.cpp"
+#line 7213 "PIXCfgParser.cpp"
 			}
 			break;
 		}
@@ -7233,7 +7224,7 @@ void PIXCfgParser::static_real_addr_match() {
 				importer->real_addr_acl = acl_name->getText();
 				*dbg << "real: " << importer->real_addr_acl;
 				
-#line 7237 "PIXCfgParser.cpp"
+#line 7228 "PIXCfgParser.cpp"
 			}
 			break;
 		}
@@ -7271,7 +7262,7 @@ void PIXCfgParser::static_command_common_last_parameters() {
 				importer->addMessageToLog(
 				QString("Warning: 'static' command option 'dns' is not supported"));
 				
-#line 7275 "PIXCfgParser.cpp"
+#line 7266 "PIXCfgParser.cpp"
 			}
 			break;
 		}
@@ -7284,7 +7275,7 @@ void PIXCfgParser::static_command_common_last_parameters() {
 				importer->addMessageToLog(
 				QString("Warning: 'static' command option 'norandomseq' is not supported"));
 				
-#line 7288 "PIXCfgParser.cpp"
+#line 7279 "PIXCfgParser.cpp"
 			}
 			break;
 		}
@@ -7299,7 +7290,7 @@ void PIXCfgParser::static_command_common_last_parameters() {
 				importer->real_nm = nm->getText();
 				*dbg << "real netmask: " << importer->real_nm;
 				
-#line 7303 "PIXCfgParser.cpp"
+#line 7294 "PIXCfgParser.cpp"
 			}
 			break;
 		}
@@ -7332,11 +7323,11 @@ void PIXCfgParser::static_command_common_last_parameters() {
 			max_conn = LT(1);
 			match(INT_CONST);
 			{
-			if ((LA(1) == INT_CONST) && (_tokenSet_43.member(LA(2)))) {
+			if ((LA(1) == INT_CONST) && (_tokenSet_42.member(LA(2)))) {
 				max_emb_conn = LT(1);
 				match(INT_CONST);
 			}
-			else if ((_tokenSet_43.member(LA(1))) && (_tokenSet_44.member(LA(2)))) {
+			else if ((_tokenSet_42.member(LA(1))) && (_tokenSet_43.member(LA(2)))) {
 			}
 			else {
 				throw ANTLR_USE_NAMESPACE(antlr)NoViableAltException(LT(1), getFilename());
@@ -7350,7 +7341,7 @@ void PIXCfgParser::static_command_common_last_parameters() {
 				if (max_emb_conn)
 				importer->static_max_emb_conn = max_emb_conn->getText();
 				
-#line 7354 "PIXCfgParser.cpp"
+#line 7345 "PIXCfgParser.cpp"
 			}
 			break;
 		}
@@ -7363,7 +7354,7 @@ void PIXCfgParser::static_command_common_last_parameters() {
 	catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
 		if( inputState->guessing == 0 ) {
 			reportError(ex);
-			recover(ex,_tokenSet_43);
+			recover(ex,_tokenSet_42);
 		} else {
 			throw;
 		}
@@ -7731,12 +7722,12 @@ const unsigned long PIXCfgParser::_tokenSet_31_data_[] = { 671113232UL, 8369UL,
 // "hostname" "eq" "gt" "lt" "neq" "echo" "rip" "established" "log" "log-input" 
 // "fragments" "time-range" "outside" 
 const ANTLR_USE_NAMESPACE(antlr)BitSet PIXCfgParser::_tokenSet_31(_tokenSet_31_data_,8);
-const unsigned long PIXCfgParser::_tokenSet_32_data_[] = { 2818629648UL, 16791217UL, 1040704UL, 6292416UL, 0UL, 10UL, 0UL, 0UL, 0UL, 0UL, 0UL, 0UL };
+const unsigned long PIXCfgParser::_tokenSet_32_data_[] = { 2818629648UL, 12465UL, 1040704UL, 6292416UL, 0UL, 0UL, 0UL, 0UL };
 // NEWLINE IPV4 WORD IPV6 "pptp" "object" "host" "range" "ssh" "telnet" 
-// INT_CONST "tcp" "udp" "destination" "object-group" "dns" "hostname" 
-// "access-list" "eq" "gt" "lt" "neq" "echo" "rip" "established" "interface" 
-// "any" "log" "log-input" "fragments" "time-range" "netmask" "norandomseq" 
-const ANTLR_USE_NAMESPACE(antlr)BitSet PIXCfgParser::_tokenSet_32(_tokenSet_32_data_,12);
+// INT_CONST "destination" "object-group" "hostname" "access-list" "eq" 
+// "gt" "lt" "neq" "echo" "rip" "established" "interface" "any" "log" "log-input" 
+// "fragments" "time-range" 
+const ANTLR_USE_NAMESPACE(antlr)BitSet PIXCfgParser::_tokenSet_32(_tokenSet_32_data_,8);
 const unsigned long PIXCfgParser::_tokenSet_33_data_[] = { 2684387186UL, 2172657917UL, 4294697295UL, 132121599UL, 3993042946UL, 4UL, 0UL, 0UL, 0UL, 0UL, 0UL, 0UL };
 // EOF NEWLINE "quit" "ip" "timeout" "pim" "network" "names" "name" IPV4 
 // WORD "object" "host" "range" "service" "http" "ssh" "telnet" "icmp" 
@@ -7784,20 +7775,16 @@ const unsigned long PIXCfgParser::_tokenSet_41_data_[] = { 134275072UL, 176UL, 3
 // IPV4 WORD IPV6 "pptp" "ssh" "telnet" INT_CONST "hostname" "access-list" 
 // "echo" "rip" 
 const ANTLR_USE_NAMESPACE(antlr)BitSet PIXCfgParser::_tokenSet_41(_tokenSet_41_data_,8);
-const unsigned long PIXCfgParser::_tokenSet_42_data_[] = { 134234128UL, 16778928UL, 393280UL, 0UL, 0UL, 10UL, 0UL, 0UL, 0UL, 0UL, 0UL, 0UL };
-// NEWLINE WORD "pptp" "ssh" "telnet" INT_CONST "tcp" "udp" "dns" "hostname" 
-// "echo" "rip" "netmask" "norandomseq" 
-const ANTLR_USE_NAMESPACE(antlr)BitSet PIXCfgParser::_tokenSet_42(_tokenSet_42_data_,12);
-const unsigned long PIXCfgParser::_tokenSet_43_data_[] = { 16UL, 16778880UL, 0UL, 0UL, 0UL, 10UL, 0UL, 0UL, 0UL, 0UL, 0UL, 0UL };
+const unsigned long PIXCfgParser::_tokenSet_42_data_[] = { 16UL, 16778880UL, 0UL, 0UL, 0UL, 10UL, 0UL, 0UL, 0UL, 0UL, 0UL, 0UL };
 // NEWLINE INT_CONST "tcp" "udp" "dns" "netmask" "norandomseq" 
-const ANTLR_USE_NAMESPACE(antlr)BitSet PIXCfgParser::_tokenSet_43(_tokenSet_43_data_,12);
-const unsigned long PIXCfgParser::_tokenSet_44_data_[] = { 536903538UL, 2172659452UL, 335UL, 109051968UL, 2382364674UL, 14UL, 0UL, 0UL, 0UL, 0UL, 0UL, 0UL };
+const ANTLR_USE_NAMESPACE(antlr)BitSet PIXCfgParser::_tokenSet_42(_tokenSet_42_data_,12);
+const unsigned long PIXCfgParser::_tokenSet_43_data_[] = { 536903538UL, 2172659452UL, 335UL, 109051968UL, 2382364674UL, 14UL, 0UL, 0UL, 0UL, 0UL, 0UL, 0UL };
 // EOF NEWLINE "quit" "ip" "timeout" "pim" "network" "names" "name" IPV4 
 // WORD "object" "service" "http" "ssh" "telnet" "icmp" INT_CONST "tcp" 
 // "udp" "object-group" "crypto" "dns" "no" "certificate" "PIX" "ASA" "FWSM" 
 // "hostname" "access-list" "interface" "controller" LINE_COMMENT "exit" 
 // "nameif" "access-group" COLON_COMMENT "nat" "global" "netmask" "static" 
 // "norandomseq" 
-const ANTLR_USE_NAMESPACE(antlr)BitSet PIXCfgParser::_tokenSet_44(_tokenSet_44_data_,12);
+const ANTLR_USE_NAMESPACE(antlr)BitSet PIXCfgParser::_tokenSet_43(_tokenSet_43_data_,12);
 
 
diff --git a/src/parsers/PIXCfgParser.hpp b/src/parsers/PIXCfgParser.hpp
index 03e8df10e..03a63ec06 100644
--- a/src/parsers/PIXCfgParser.hpp
+++ b/src/parsers/PIXCfgParser.hpp
@@ -319,8 +319,6 @@ private:
 	static const ANTLR_USE_NAMESPACE(antlr)BitSet _tokenSet_42;
 	static const unsigned long _tokenSet_43_data_[];
 	static const ANTLR_USE_NAMESPACE(antlr)BitSet _tokenSet_43;
-	static const unsigned long _tokenSet_44_data_[];
-	static const ANTLR_USE_NAMESPACE(antlr)BitSet _tokenSet_44;
 };
 
 #endif /*INC_PIXCfgParser_hpp_*/
diff --git a/src/parsers/pix.g b/src/parsers/pix.g
index aa61e5832..c1662a9d9 100644
--- a/src/parsers/pix.g
+++ b/src/parsers/pix.g
@@ -2188,15 +2188,15 @@ static_starts_with_tcp_udp : ( TCP | UDP )
 
         static_real_addr_match
 
-        // <0-65535>        Enter port number (0 - 65535)
-        // aol              
-        // bgp              
-        // chargen          
-        tcp_udp_port_spec
-        {
-            importer->real_port_spec = importer->tmp_port_spec_2;
-            *dbg << "real port " << importer->real_port_spec << " ";
-        }
+        // <0-65535>    The maximum number of simultaneous tcp connections the local IP
+        //               hosts are to allow, default is 0 which means unlimited
+        //               connections. Idle connections are closed after the time
+        //               specified by the timeout conn command
+        //  dns          Use the created xlate to rewrite DNS address record
+        //  netmask      Configure Netmask to apply to IP addresses
+        //  norandomseq  Disable TCP sequence number randomization
+        //  tcp          Configure TCP specific parameters
+        //  udp          Configure UDP specific parameters
 
         ( static_command_common_last_parameters )*
     ;
diff --git a/src/unit_tests/PIXImporterTest/test_data/pix6.fwb b/src/unit_tests/PIXImporterTest/test_data/pix6.fwb
index 3bc3b66ad..26a141b1e 100644
--- a/src/unit_tests/PIXImporterTest/test_data/pix6.fwb
+++ b/src/unit_tests/PIXImporterTest/test_data/pix6.fwb
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE FWObjectDatabase SYSTEM "fwbuilder.dtd">
-<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="18" lastModified="1302229488" id="root">
+<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="18" lastModified="1302232115" id="root">
   <Library id="syslib000" color="#d4f8ff" name="Standard" comment="Standard objects" ro="True">
     <AnyNetwork id="sysid0" name="Any" comment="Any Network" ro="False" address="0.0.0.0" netmask="0.0.0.0"/>
     <AnyIPService id="sysid1" protocol_num="0" name="Any" comment="Any IP Service" ro="False"/>
@@ -466,8 +466,8 @@
           <ServiceRef ref="id43"/>
         </ServiceGroup>
         <ServiceGroup id="id31" name="outside.id12376X2458.srv.udp.0" comment="Created during import of  line 43" ro="False">
-          <ServiceRef ref="id71"/>
-          <ServiceRef ref="id72"/>
+          <ServiceRef ref="id78"/>
+          <ServiceRef ref="id79"/>
         </ServiceGroup>
         <ServiceGroup id="id34" name="outside.id12438X2458.srv.tcp.0" comment="Created during import of  line 46" ro="False">
           <ServiceRef ref="id50"/>
@@ -505,25 +505,32 @@
         <TCPService id="id62" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 5900:5900 / 0:0" comment="Created during import of  line 123" ro="False" src_range_start="5900" src_range_end="5900" dst_range_start="0" dst_range_end="0"/>
         <TCPService id="id63" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 5901:5901 / 0:0" comment="Created during import of  line 124" ro="False" src_range_start="5901" src_range_end="5901" dst_range_start="0" dst_range_end="0"/>
         <TCPService id="id64" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 23:23" comment="Created during import of  line 156" ro="False" src_range_start="0" src_range_end="0" dst_range_start="23" dst_range_end="23"/>
-        <TCPService id="id65" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 0:0" comment="Created during import of  line 172" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="0"/>
-        <TCPService id="id66" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 993:993" comment="Created during import of  line 175" ro="False" src_range_start="0" src_range_end="0" dst_range_start="993" dst_range_end="993"/>
-        <TCPService id="id67" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 587:587" comment="Created during import of  line 176" ro="False" src_range_start="0" src_range_end="0" dst_range_start="587" dst_range_end="587"/>
-        <TCPService id="id68" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 5900:5900" comment="Created during import of  line 179" ro="False" src_range_start="0" src_range_end="0" dst_range_start="5900" dst_range_end="5900"/>
-        <TCPService id="id69" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 5901:5901" comment="Created during import of  line 180" ro="False" src_range_start="0" src_range_end="0" dst_range_start="5901" dst_range_end="5901"/>
+        <TCPService id="id65" ack_flag="False" ack_flag_mask="False" established="True" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 80:80 / 0:0-mirror" comment="Created during import of  line 114" ro="False" src_range_start="0" src_range_end="0" dst_range_start="80" dst_range_end="80"/>
+        <TCPService id="id66" ack_flag="False" ack_flag_mask="False" established="True" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 22:22 / 0:0-mirror" comment="Created during import of  line 116" ro="False" src_range_start="0" src_range_end="0" dst_range_start="22" dst_range_end="22"/>
+        <TCPService id="id67" ack_flag="False" ack_flag_mask="False" established="True" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 25:25 / 0:0-mirror" comment="Created during import of  line 118" ro="False" src_range_start="0" src_range_end="0" dst_range_start="25" dst_range_end="25"/>
+        <TCPService id="id68" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 993:993" comment="Created during import of  line 175" ro="False" src_range_start="0" src_range_end="0" dst_range_start="993" dst_range_end="993"/>
+        <TCPService id="id69" ack_flag="False" ack_flag_mask="False" established="True" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 993:993 / 0:0-mirror" comment="Created during import of  line 119" ro="False" src_range_start="0" src_range_end="0" dst_range_start="993" dst_range_end="993"/>
+        <TCPService id="id70" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 587:587" comment="Created during import of  line 176" ro="False" src_range_start="0" src_range_end="0" dst_range_start="587" dst_range_end="587"/>
+        <TCPService id="id71" ack_flag="False" ack_flag_mask="False" established="True" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 587:587 / 0:0-mirror" comment="Created during import of  line 120" ro="False" src_range_start="0" src_range_end="0" dst_range_start="587" dst_range_end="587"/>
+        <TCPService id="id72" ack_flag="False" ack_flag_mask="False" established="True" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 8765:8765 / 0:0-mirror" comment="Created during import of  line 122" ro="False" src_range_start="0" src_range_end="0" dst_range_start="8765" dst_range_end="8765"/>
+        <TCPService id="id73" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 5900:5900" comment="Created during import of  line 179" ro="False" src_range_start="0" src_range_end="0" dst_range_start="5900" dst_range_end="5900"/>
+        <TCPService id="id74" ack_flag="False" ack_flag_mask="False" established="True" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 5900:5900 / 0:0-mirror" comment="Created during import of  line 123" ro="False" src_range_start="0" src_range_end="0" dst_range_start="5900" dst_range_end="5900"/>
+        <TCPService id="id75" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 5901:5901" comment="Created during import of  line 180" ro="False" src_range_start="0" src_range_end="0" dst_range_start="5901" dst_range_end="5901"/>
+        <TCPService id="id76" ack_flag="False" ack_flag_mask="False" established="True" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 5901:5901 / 0:0-mirror" comment="Created during import of  line 124" ro="False" src_range_start="0" src_range_end="0" dst_range_start="5901" dst_range_end="5901"/>
       </ServiceGroup>
-      <ServiceGroup id="id70" name="UDP" comment="" ro="False">
-        <UDPService id="id71" name="udp 0:0 / 68:68" comment="Created during import of  line 44" ro="False" src_range_start="0" src_range_end="0" dst_range_start="68" dst_range_end="68"/>
-        <UDPService id="id72" name="udp 0:0 / 67:67" comment="Created during import of  line 45" ro="False" src_range_start="0" src_range_end="0" dst_range_start="67" dst_range_end="67"/>
-        <UDPService id="id73" name="udp 0:0 / 161:161" comment="Created during import of  line 87" ro="False" src_range_start="0" src_range_end="0" dst_range_start="161" dst_range_end="161"/>
+      <ServiceGroup id="id77" name="UDP" comment="" ro="False">
+        <UDPService id="id78" name="udp 0:0 / 68:68" comment="Created during import of  line 44" ro="False" src_range_start="0" src_range_end="0" dst_range_start="68" dst_range_end="68"/>
+        <UDPService id="id79" name="udp 0:0 / 67:67" comment="Created during import of  line 45" ro="False" src_range_start="0" src_range_end="0" dst_range_start="67" dst_range_end="67"/>
+        <UDPService id="id80" name="udp 0:0 / 161:161" comment="Created during import of  line 87" ro="False" src_range_start="0" src_range_end="0" dst_range_start="161" dst_range_end="161"/>
       </ServiceGroup>
-      <ServiceGroup id="id74" name="Users" comment="" ro="False"/>
-      <ServiceGroup id="id75" name="Custom" comment="" ro="False"/>
-      <ServiceGroup id="id76" name="TagServices" comment="" ro="False"/>
+      <ServiceGroup id="id81" name="Users" comment="" ro="False"/>
+      <ServiceGroup id="id82" name="Custom" comment="" ro="False"/>
+      <ServiceGroup id="id83" name="TagServices" comment="" ro="False"/>
     </ServiceGroup>
-    <ObjectGroup id="id77" name="Firewalls" comment="" ro="False">
-      <Firewall id="id78" host_OS="pix_os" lastCompiled="0" lastInstalled="0" lastModified="0" platform="pix" version="6.3" name="guardian" comment="Created during import of  line 4" ro="False">
-        <NAT id="id574" name="NAT" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
-          <NATRule id="id577" disabled="False" group="" position="0" action="Translate" comment="Created during import of  line 171">
+    <ObjectGroup id="id84" name="Firewalls" comment="" ro="False">
+      <Firewall id="id85" host_OS="pix_os" lastCompiled="0" lastInstalled="0" lastModified="0" platform="pix" version="6.3" name="guardian" comment="Created during import of  line 4" ro="False">
+        <NAT id="id581" name="NAT" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
+          <NATRule id="id584" disabled="False" group="" position="0" action="Translate" comment="Created during import of  line 171">
             <OSrc neg="False">
               <ObjectRef ref="id18"/>
             </OSrc>
@@ -534,7 +541,7 @@
               <ServiceRef ref="id48"/>
             </OSrv>
             <TSrc neg="False">
-              <ObjectRef ref="id768"/>
+              <ObjectRef ref="id766"/>
             </TSrc>
             <TDst neg="False">
               <ObjectRef ref="sysid0"/>
@@ -543,23 +550,22 @@
               <ServiceRef ref="sysid1"/>
             </TSrv>
             <ItfInb neg="False">
-              <ObjectRef ref="id770"/>
+              <ObjectRef ref="id768"/>
             </ItfInb>
             <ItfOutb neg="False">
-              <ObjectRef ref="id768"/>
+              <ObjectRef ref="id766"/>
             </ItfOutb>
             <NATRuleOptions/>
           </NATRule>
-          <NATRule id="id595" disabled="False" group="" position="1" action="Translate" comment="Created during import of  line 172">
+          <NATRule id="id602" disabled="False" group="" position="1" action="Translate" comment="Created during import of  line 172">
             <OSrc neg="False">
               <ObjectRef ref="sysid0"/>
             </OSrc>
             <ODst neg="False">
-              <ObjectRef ref="id768"/>
+              <ObjectRef ref="id766"/>
             </ODst>
             <OSrv neg="False">
               <ServiceRef ref="id51"/>
-              <ServiceRef ref="id56"/>
             </OSrv>
             <TSrc neg="False">
               <ObjectRef ref="sysid0"/>
@@ -571,23 +577,22 @@
               <ServiceRef ref="id65"/>
             </TSrv>
             <ItfInb neg="False">
-              <ObjectRef ref="id768"/>
+              <ObjectRef ref="id766"/>
             </ItfInb>
             <ItfOutb neg="False">
-              <ObjectRef ref="id770"/>
+              <ObjectRef ref="id768"/>
             </ItfOutb>
             <NATRuleOptions/>
           </NATRule>
-          <NATRule id="id614" disabled="False" group="" position="2" action="Translate" comment="Created during import of  line 173">
+          <NATRule id="id620" disabled="False" group="" position="2" action="Translate" comment="Created during import of  line 173">
             <OSrc neg="False">
               <ObjectRef ref="sysid0"/>
             </OSrc>
             <ODst neg="False">
-              <ObjectRef ref="id768"/>
+              <ObjectRef ref="id766"/>
             </ODst>
             <OSrv neg="False">
               <ServiceRef ref="id50"/>
-              <ServiceRef ref="id57"/>
             </OSrv>
             <TSrc neg="False">
               <ObjectRef ref="sysid0"/>
@@ -596,26 +601,25 @@
               <ObjectRef ref="id5"/>
             </TDst>
             <TSrv neg="False">
-              <ServiceRef ref="id65"/>
+              <ServiceRef ref="id66"/>
             </TSrv>
             <ItfInb neg="False">
-              <ObjectRef ref="id768"/>
+              <ObjectRef ref="id766"/>
             </ItfInb>
             <ItfOutb neg="False">
-              <ObjectRef ref="id770"/>
+              <ObjectRef ref="id768"/>
             </ItfOutb>
             <NATRuleOptions/>
           </NATRule>
-          <NATRule id="id633" disabled="False" group="" position="3" action="Translate" comment="Created during import of  line 174">
+          <NATRule id="id638" disabled="False" group="" position="3" action="Translate" comment="Created during import of  line 174">
             <OSrc neg="False">
               <ObjectRef ref="sysid0"/>
             </OSrc>
             <ODst neg="False">
-              <ObjectRef ref="id768"/>
+              <ObjectRef ref="id766"/>
             </ODst>
             <OSrv neg="False">
               <ServiceRef ref="id54"/>
-              <ServiceRef ref="id58"/>
             </OSrv>
             <TSrc neg="False">
               <ObjectRef ref="sysid0"/>
@@ -624,54 +628,25 @@
               <ObjectRef ref="id7"/>
             </TDst>
             <TSrv neg="False">
-              <ServiceRef ref="id65"/>
-            </TSrv>
-            <ItfInb neg="False">
-              <ObjectRef ref="id768"/>
-            </ItfInb>
-            <ItfOutb neg="False">
-              <ObjectRef ref="id770"/>
-            </ItfOutb>
-            <NATRuleOptions/>
-          </NATRule>
-          <NATRule id="id652" disabled="False" group="" position="4" action="Translate" comment="Created during import of  line 175">
-            <OSrc neg="False">
-              <ObjectRef ref="sysid0"/>
-            </OSrc>
-            <ODst neg="False">
-              <ObjectRef ref="id768"/>
-            </ODst>
-            <OSrv neg="False">
-              <ServiceRef ref="id66"/>
-              <ServiceRef ref="id59"/>
-            </OSrv>
-            <TSrc neg="False">
-              <ObjectRef ref="sysid0"/>
-            </TSrc>
-            <TDst neg="False">
-              <ObjectRef ref="id7"/>
-            </TDst>
-            <TSrv neg="False">
-              <ServiceRef ref="id65"/>
-            </TSrv>
-            <ItfInb neg="False">
-              <ObjectRef ref="id768"/>
-            </ItfInb>
-            <ItfOutb neg="False">
-              <ObjectRef ref="id770"/>
-            </ItfOutb>
-            <NATRuleOptions/>
-          </NATRule>
-          <NATRule id="id671" disabled="False" group="" position="5" action="Translate" comment="Created during import of  line 176">
-            <OSrc neg="False">
-              <ObjectRef ref="sysid0"/>
-            </OSrc>
-            <ODst neg="False">
-              <ObjectRef ref="id768"/>
-            </ODst>
-            <OSrv neg="False">
               <ServiceRef ref="id67"/>
-              <ServiceRef ref="id60"/>
+            </TSrv>
+            <ItfInb neg="False">
+              <ObjectRef ref="id766"/>
+            </ItfInb>
+            <ItfOutb neg="False">
+              <ObjectRef ref="id768"/>
+            </ItfOutb>
+            <NATRuleOptions/>
+          </NATRule>
+          <NATRule id="id656" disabled="False" group="" position="4" action="Translate" comment="Created during import of  line 175">
+            <OSrc neg="False">
+              <ObjectRef ref="sysid0"/>
+            </OSrc>
+            <ODst neg="False">
+              <ObjectRef ref="id766"/>
+            </ODst>
+            <OSrv neg="False">
+              <ServiceRef ref="id68"/>
             </OSrv>
             <TSrc neg="False">
               <ObjectRef ref="sysid0"/>
@@ -680,26 +655,52 @@
               <ObjectRef ref="id7"/>
             </TDst>
             <TSrv neg="False">
-              <ServiceRef ref="id65"/>
+              <ServiceRef ref="id69"/>
             </TSrv>
             <ItfInb neg="False">
-              <ObjectRef ref="id768"/>
+              <ObjectRef ref="id766"/>
             </ItfInb>
             <ItfOutb neg="False">
-              <ObjectRef ref="id770"/>
+              <ObjectRef ref="id768"/>
             </ItfOutb>
             <NATRuleOptions/>
           </NATRule>
-          <NATRule id="id690" disabled="False" group="" position="6" action="Translate" comment="Created during import of  line 177">
+          <NATRule id="id674" disabled="False" group="" position="5" action="Translate" comment="Created during import of  line 176">
             <OSrc neg="False">
               <ObjectRef ref="sysid0"/>
             </OSrc>
             <ODst neg="False">
+              <ObjectRef ref="id766"/>
+            </ODst>
+            <OSrv neg="False">
+              <ServiceRef ref="id70"/>
+            </OSrv>
+            <TSrc neg="False">
+              <ObjectRef ref="sysid0"/>
+            </TSrc>
+            <TDst neg="False">
+              <ObjectRef ref="id7"/>
+            </TDst>
+            <TSrv neg="False">
+              <ServiceRef ref="id71"/>
+            </TSrv>
+            <ItfInb neg="False">
+              <ObjectRef ref="id766"/>
+            </ItfInb>
+            <ItfOutb neg="False">
               <ObjectRef ref="id768"/>
+            </ItfOutb>
+            <NATRuleOptions/>
+          </NATRule>
+          <NATRule id="id692" disabled="False" group="" position="6" action="Translate" comment="Created during import of  line 177">
+            <OSrc neg="False">
+              <ObjectRef ref="sysid0"/>
+            </OSrc>
+            <ODst neg="False">
+              <ObjectRef ref="id766"/>
             </ODst>
             <OSrv neg="False">
               <ServiceRef ref="id55"/>
-              <ServiceRef ref="id57"/>
             </OSrv>
             <TSrc neg="False">
               <ObjectRef ref="sysid0"/>
@@ -708,26 +709,25 @@
               <ObjectRef ref="id8"/>
             </TDst>
             <TSrv neg="False">
-              <ServiceRef ref="id65"/>
+              <ServiceRef ref="id66"/>
             </TSrv>
             <ItfInb neg="False">
-              <ObjectRef ref="id768"/>
+              <ObjectRef ref="id766"/>
             </ItfInb>
             <ItfOutb neg="False">
-              <ObjectRef ref="id770"/>
+              <ObjectRef ref="id768"/>
             </ItfOutb>
             <NATRuleOptions/>
           </NATRule>
-          <NATRule id="id709" disabled="False" group="" position="7" action="Translate" comment="Created during import of  line 178">
+          <NATRule id="id710" disabled="False" group="" position="7" action="Translate" comment="Created during import of  line 178">
             <OSrc neg="False">
               <ObjectRef ref="sysid0"/>
             </OSrc>
             <ODst neg="False">
-              <ObjectRef ref="id768"/>
+              <ObjectRef ref="id766"/>
             </ODst>
             <OSrv neg="False">
               <ServiceRef ref="id52"/>
-              <ServiceRef ref="id61"/>
             </OSrv>
             <TSrc neg="False">
               <ObjectRef ref="sysid0"/>
@@ -736,13 +736,13 @@
               <ObjectRef ref="id8"/>
             </TDst>
             <TSrv neg="False">
-              <ServiceRef ref="id65"/>
+              <ServiceRef ref="id72"/>
             </TSrv>
             <ItfInb neg="False">
-              <ObjectRef ref="id768"/>
+              <ObjectRef ref="id766"/>
             </ItfInb>
             <ItfOutb neg="False">
-              <ObjectRef ref="id770"/>
+              <ObjectRef ref="id768"/>
             </ItfOutb>
             <NATRuleOptions/>
           </NATRule>
@@ -751,11 +751,10 @@
               <ObjectRef ref="sysid0"/>
             </OSrc>
             <ODst neg="False">
-              <ObjectRef ref="id768"/>
+              <ObjectRef ref="id766"/>
             </ODst>
             <OSrv neg="False">
-              <ServiceRef ref="id68"/>
-              <ServiceRef ref="id62"/>
+              <ServiceRef ref="id73"/>
             </OSrv>
             <TSrc neg="False">
               <ObjectRef ref="sysid0"/>
@@ -764,26 +763,25 @@
               <ObjectRef ref="id9"/>
             </TDst>
             <TSrv neg="False">
-              <ServiceRef ref="id65"/>
+              <ServiceRef ref="id74"/>
             </TSrv>
             <ItfInb neg="False">
-              <ObjectRef ref="id768"/>
+              <ObjectRef ref="id766"/>
             </ItfInb>
             <ItfOutb neg="False">
-              <ObjectRef ref="id770"/>
+              <ObjectRef ref="id768"/>
             </ItfOutb>
             <NATRuleOptions/>
           </NATRule>
-          <NATRule id="id747" disabled="False" group="" position="9" action="Translate" comment="Created during import of  line 180">
+          <NATRule id="id746" disabled="False" group="" position="9" action="Translate" comment="Created during import of  line 180">
             <OSrc neg="False">
               <ObjectRef ref="sysid0"/>
             </OSrc>
             <ODst neg="False">
-              <ObjectRef ref="id768"/>
+              <ObjectRef ref="id766"/>
             </ODst>
             <OSrv neg="False">
-              <ServiceRef ref="id69"/>
-              <ServiceRef ref="id63"/>
+              <ServiceRef ref="id75"/>
             </OSrv>
             <TSrc neg="False">
               <ObjectRef ref="sysid0"/>
@@ -792,31 +790,31 @@
               <ObjectRef ref="id10"/>
             </TDst>
             <TSrv neg="False">
-              <ServiceRef ref="id65"/>
+              <ServiceRef ref="id76"/>
             </TSrv>
             <ItfInb neg="False">
-              <ObjectRef ref="id768"/>
+              <ObjectRef ref="id766"/>
             </ItfInb>
             <ItfOutb neg="False">
-              <ObjectRef ref="id770"/>
+              <ObjectRef ref="id768"/>
             </ItfOutb>
             <NATRuleOptions/>
           </NATRule>
           <RuleSetOptions/>
         </NAT>
-        <Policy id="id80" name="Policy" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
-          <PolicyRule id="id82" disabled="False" group="" log="False" position="0" action="Accept" direction="Inbound" comment="Imported from telnet_commands_inside&#10;Created during import of  line 156">
+        <Policy id="id87" name="Policy" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
+          <PolicyRule id="id89" disabled="False" group="" log="False" position="0" action="Accept" direction="Inbound" comment="Imported from telnet_commands_inside&#10;Created during import of  line 156">
             <Src neg="False">
               <ObjectRef ref="id18"/>
             </Src>
             <Dst neg="False">
-              <ObjectRef ref="id78"/>
+              <ObjectRef ref="id85"/>
             </Dst>
             <Srv neg="False">
               <ServiceRef ref="id64"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id770"/>
+              <ObjectRef ref="id768"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -825,56 +823,16 @@
               <Option name="stateless">False</Option>
             </PolicyRuleOptions>
           </PolicyRule>
-          <PolicyRule id="id94" disabled="False" group="" log="False" position="1" action="Accept" direction="Inbound" comment="Imported from ssh_commands_inside&#10;Created during import of  line 158">
+          <PolicyRule id="id101" disabled="False" group="" log="False" position="1" action="Accept" direction="Inbound" comment="Imported from ssh_commands_inside&#10;Created during import of  line 158">
             <Src neg="False">
               <ObjectRef ref="id11"/>
             </Src>
             <Dst neg="False">
-              <ObjectRef ref="id78"/>
+              <ObjectRef ref="id85"/>
             </Dst>
             <Srv neg="False">
               <ServiceRef ref="id50"/>
             </Srv>
-            <Itf neg="False">
-              <ObjectRef ref="id770"/>
-            </Itf>
-            <When neg="False">
-              <IntervalRef ref="sysid2"/>
-            </When>
-            <PolicyRuleOptions>
-              <Option name="stateless">False</Option>
-            </PolicyRuleOptions>
-          </PolicyRule>
-          <PolicyRule id="id106" disabled="False" group="" log="False" position="2" action="Accept" direction="Inbound" comment="Imported from ssh_commands_inside&#10;Created during import of  line 159">
-            <Src neg="False">
-              <ObjectRef ref="id18"/>
-            </Src>
-            <Dst neg="False">
-              <ObjectRef ref="id78"/>
-            </Dst>
-            <Srv neg="False">
-              <ServiceRef ref="id50"/>
-            </Srv>
-            <Itf neg="False">
-              <ObjectRef ref="id770"/>
-            </Itf>
-            <When neg="False">
-              <IntervalRef ref="sysid2"/>
-            </When>
-            <PolicyRuleOptions>
-              <Option name="stateless">False</Option>
-            </PolicyRuleOptions>
-          </PolicyRule>
-          <PolicyRule id="id118" disabled="False" group="" log="False" position="3" action="Accept" direction="Inbound" comment="Imported from icmp_commands_outside&#10;Created during import of  line 140">
-            <Src neg="False">
-              <ObjectRef ref="sysid0"/>
-            </Src>
-            <Dst neg="False">
-              <ObjectRef ref="id78"/>
-            </Dst>
-            <Srv neg="False">
-              <ServiceRef ref="id44"/>
-            </Srv>
             <Itf neg="False">
               <ObjectRef ref="id768"/>
             </Itf>
@@ -885,18 +843,58 @@
               <Option name="stateless">False</Option>
             </PolicyRuleOptions>
           </PolicyRule>
-          <PolicyRule id="id130" disabled="False" group="" log="False" position="4" action="Accept" direction="Inbound" comment="Imported from icmp_commands_outside&#10;Created during import of  line 141">
+          <PolicyRule id="id113" disabled="False" group="" log="False" position="2" action="Accept" direction="Inbound" comment="Imported from ssh_commands_inside&#10;Created during import of  line 159">
+            <Src neg="False">
+              <ObjectRef ref="id18"/>
+            </Src>
+            <Dst neg="False">
+              <ObjectRef ref="id85"/>
+            </Dst>
+            <Srv neg="False">
+              <ServiceRef ref="id50"/>
+            </Srv>
+            <Itf neg="False">
+              <ObjectRef ref="id768"/>
+            </Itf>
+            <When neg="False">
+              <IntervalRef ref="sysid2"/>
+            </When>
+            <PolicyRuleOptions>
+              <Option name="stateless">False</Option>
+            </PolicyRuleOptions>
+          </PolicyRule>
+          <PolicyRule id="id125" disabled="False" group="" log="False" position="3" action="Accept" direction="Inbound" comment="Imported from icmp_commands_outside&#10;Created during import of  line 140">
             <Src neg="False">
               <ObjectRef ref="sysid0"/>
             </Src>
             <Dst neg="False">
-              <ObjectRef ref="id78"/>
+              <ObjectRef ref="id85"/>
+            </Dst>
+            <Srv neg="False">
+              <ServiceRef ref="id44"/>
+            </Srv>
+            <Itf neg="False">
+              <ObjectRef ref="id766"/>
+            </Itf>
+            <When neg="False">
+              <IntervalRef ref="sysid2"/>
+            </When>
+            <PolicyRuleOptions>
+              <Option name="stateless">False</Option>
+            </PolicyRuleOptions>
+          </PolicyRule>
+          <PolicyRule id="id137" disabled="False" group="" log="False" position="4" action="Accept" direction="Inbound" comment="Imported from icmp_commands_outside&#10;Created during import of  line 141">
+            <Src neg="False">
+              <ObjectRef ref="sysid0"/>
+            </Src>
+            <Dst neg="False">
+              <ObjectRef ref="id85"/>
             </Dst>
             <Srv neg="False">
               <ServiceRef ref="id46"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id768"/>
+              <ObjectRef ref="id766"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -905,18 +903,18 @@
               <Option name="stateless">False</Option>
             </PolicyRuleOptions>
           </PolicyRule>
-          <PolicyRule id="id142" disabled="False" group="" log="False" position="5" action="Accept" direction="Inbound" comment="Imported from icmp_commands_outside&#10;Created during import of  line 142">
+          <PolicyRule id="id149" disabled="False" group="" log="False" position="5" action="Accept" direction="Inbound" comment="Imported from icmp_commands_outside&#10;Created during import of  line 142">
             <Src neg="False">
               <ObjectRef ref="sysid0"/>
             </Src>
             <Dst neg="False">
-              <ObjectRef ref="id78"/>
+              <ObjectRef ref="id85"/>
             </Dst>
             <Srv neg="False">
               <ServiceRef ref="id41"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id768"/>
+              <ObjectRef ref="id766"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -925,18 +923,18 @@
               <Option name="stateless">False</Option>
             </PolicyRuleOptions>
           </PolicyRule>
-          <PolicyRule id="id154" disabled="False" group="" log="False" position="6" action="Accept" direction="Inbound" comment="Imported from icmp_commands_outside&#10;Created during import of  line 143">
+          <PolicyRule id="id161" disabled="False" group="" log="False" position="6" action="Accept" direction="Inbound" comment="Imported from icmp_commands_outside&#10;Created during import of  line 143">
             <Src neg="False">
               <ObjectRef ref="sysid0"/>
             </Src>
             <Dst neg="False">
-              <ObjectRef ref="id78"/>
+              <ObjectRef ref="id85"/>
             </Dst>
             <Srv neg="False">
               <ServiceRef ref="id42"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id768"/>
+              <ObjectRef ref="id766"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -945,18 +943,18 @@
               <Option name="stateless">False</Option>
             </PolicyRuleOptions>
           </PolicyRule>
-          <PolicyRule id="id166" disabled="False" group="" log="False" position="7" action="Accept" direction="Inbound" comment="Imported from icmp_commands_outside&#10;Created during import of  line 144">
+          <PolicyRule id="id173" disabled="False" group="" log="False" position="7" action="Accept" direction="Inbound" comment="Imported from icmp_commands_outside&#10;Created during import of  line 144">
             <Src neg="False">
               <ObjectRef ref="sysid0"/>
             </Src>
             <Dst neg="False">
-              <ObjectRef ref="id78"/>
+              <ObjectRef ref="id85"/>
             </Dst>
             <Srv neg="False">
               <ServiceRef ref="id43"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id768"/>
+              <ObjectRef ref="id766"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -965,16 +963,36 @@
               <Option name="stateless">False</Option>
             </PolicyRuleOptions>
           </PolicyRule>
-          <PolicyRule id="id178" disabled="False" group="" log="False" position="8" action="Accept" direction="Inbound" comment="Imported from icmp_commands_outside&#10;Created during import of  line 145">
+          <PolicyRule id="id185" disabled="False" group="" log="False" position="8" action="Accept" direction="Inbound" comment="Imported from icmp_commands_outside&#10;Created during import of  line 145">
             <Src neg="False">
               <ObjectRef ref="sysid0"/>
             </Src>
             <Dst neg="False">
-              <ObjectRef ref="id78"/>
+              <ObjectRef ref="id85"/>
             </Dst>
             <Srv neg="False">
               <ServiceRef ref="id45"/>
             </Srv>
+            <Itf neg="False">
+              <ObjectRef ref="id766"/>
+            </Itf>
+            <When neg="False">
+              <IntervalRef ref="sysid2"/>
+            </When>
+            <PolicyRuleOptions>
+              <Option name="stateless">False</Option>
+            </PolicyRuleOptions>
+          </PolicyRule>
+          <PolicyRule id="id197" disabled="False" group="" log="False" position="9" action="Accept" direction="Inbound" comment="Imported from icmp_commands_inside&#10;Created during import of  line 146">
+            <Src neg="False">
+              <ObjectRef ref="id3"/>
+            </Src>
+            <Dst neg="False">
+              <ObjectRef ref="id85"/>
+            </Dst>
+            <Srv neg="False">
+              <ServiceRef ref="id41"/>
+            </Srv>
             <Itf neg="False">
               <ObjectRef ref="id768"/>
             </Itf>
@@ -985,38 +1003,18 @@
               <Option name="stateless">False</Option>
             </PolicyRuleOptions>
           </PolicyRule>
-          <PolicyRule id="id190" disabled="False" group="" log="False" position="9" action="Accept" direction="Inbound" comment="Imported from icmp_commands_inside&#10;Created during import of  line 146">
+          <PolicyRule id="id209" disabled="False" group="" log="False" position="10" action="Accept" direction="Inbound" comment="Imported from icmp_commands_inside&#10;Created during import of  line 147">
             <Src neg="False">
               <ObjectRef ref="id3"/>
             </Src>
             <Dst neg="False">
-              <ObjectRef ref="id78"/>
-            </Dst>
-            <Srv neg="False">
-              <ServiceRef ref="id41"/>
-            </Srv>
-            <Itf neg="False">
-              <ObjectRef ref="id770"/>
-            </Itf>
-            <When neg="False">
-              <IntervalRef ref="sysid2"/>
-            </When>
-            <PolicyRuleOptions>
-              <Option name="stateless">False</Option>
-            </PolicyRuleOptions>
-          </PolicyRule>
-          <PolicyRule id="id202" disabled="False" group="" log="False" position="10" action="Accept" direction="Inbound" comment="Imported from icmp_commands_inside&#10;Created during import of  line 147">
-            <Src neg="False">
-              <ObjectRef ref="id3"/>
-            </Src>
-            <Dst neg="False">
-              <ObjectRef ref="id78"/>
+              <ObjectRef ref="id85"/>
             </Dst>
             <Srv neg="False">
               <ServiceRef ref="id42"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id770"/>
+              <ObjectRef ref="id768"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -1025,18 +1023,18 @@
               <Option name="stateless">False</Option>
             </PolicyRuleOptions>
           </PolicyRule>
-          <PolicyRule id="id214" disabled="False" group="" log="False" position="11" action="Accept" direction="Inbound" comment="Imported from icmp_commands_inside&#10;Created during import of  line 148">
+          <PolicyRule id="id221" disabled="False" group="" log="False" position="11" action="Accept" direction="Inbound" comment="Imported from icmp_commands_inside&#10;Created during import of  line 148">
             <Src neg="False">
               <ObjectRef ref="id3"/>
             </Src>
             <Dst neg="False">
-              <ObjectRef ref="id78"/>
+              <ObjectRef ref="id85"/>
             </Dst>
             <Srv neg="False">
               <ServiceRef ref="id43"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id770"/>
+              <ObjectRef ref="id768"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -1045,18 +1043,18 @@
               <Option name="stateless">False</Option>
             </PolicyRuleOptions>
           </PolicyRule>
-          <PolicyRule id="id226" disabled="False" group="" log="False" position="12" action="Accept" direction="Inbound" comment="Imported from icmp_commands_inside&#10;Created during import of  line 149">
+          <PolicyRule id="id233" disabled="False" group="" log="False" position="12" action="Accept" direction="Inbound" comment="Imported from icmp_commands_inside&#10;Created during import of  line 149">
             <Src neg="False">
               <ObjectRef ref="sysid0"/>
             </Src>
             <Dst neg="False">
-              <ObjectRef ref="id78"/>
+              <ObjectRef ref="id85"/>
             </Dst>
             <Srv neg="False">
               <ServiceRef ref="id44"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id770"/>
+              <ObjectRef ref="id768"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -1065,18 +1063,18 @@
               <Option name="stateless">False</Option>
             </PolicyRuleOptions>
           </PolicyRule>
-          <PolicyRule id="id238" disabled="False" group="" log="False" position="13" action="Accept" direction="Inbound" comment="Imported from icmp_commands_inside&#10;Created during import of  line 150">
+          <PolicyRule id="id245" disabled="False" group="" log="False" position="13" action="Accept" direction="Inbound" comment="Imported from icmp_commands_inside&#10;Created during import of  line 150">
             <Src neg="False">
               <ObjectRef ref="sysid0"/>
             </Src>
             <Dst neg="False">
-              <ObjectRef ref="id78"/>
+              <ObjectRef ref="id85"/>
             </Dst>
             <Srv neg="False">
               <ServiceRef ref="id41"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id770"/>
+              <ObjectRef ref="id768"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -1085,18 +1083,18 @@
               <Option name="stateless">False</Option>
             </PolicyRuleOptions>
           </PolicyRule>
-          <PolicyRule id="id250" disabled="False" group="" log="False" position="14" action="Accept" direction="Inbound" comment="Imported from icmp_commands_inside&#10;Created during import of  line 151">
+          <PolicyRule id="id257" disabled="False" group="" log="False" position="14" action="Accept" direction="Inbound" comment="Imported from icmp_commands_inside&#10;Created during import of  line 151">
             <Src neg="False">
               <ObjectRef ref="sysid0"/>
             </Src>
             <Dst neg="False">
-              <ObjectRef ref="id78"/>
+              <ObjectRef ref="id85"/>
             </Dst>
             <Srv neg="False">
               <ServiceRef ref="id42"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id770"/>
+              <ObjectRef ref="id768"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -1105,18 +1103,18 @@
               <Option name="stateless">False</Option>
             </PolicyRuleOptions>
           </PolicyRule>
-          <PolicyRule id="id262" disabled="False" group="" log="False" position="15" action="Accept" direction="Inbound" comment="Imported from icmp_commands_inside&#10;Created during import of  line 152">
+          <PolicyRule id="id269" disabled="False" group="" log="False" position="15" action="Accept" direction="Inbound" comment="Imported from icmp_commands_inside&#10;Created during import of  line 152">
             <Src neg="False">
               <ObjectRef ref="sysid0"/>
             </Src>
             <Dst neg="False">
-              <ObjectRef ref="id78"/>
+              <ObjectRef ref="id85"/>
             </Dst>
             <Srv neg="False">
               <ServiceRef ref="id43"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id770"/>
+              <ObjectRef ref="id768"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -1125,18 +1123,18 @@
               <Option name="stateless">False</Option>
             </PolicyRuleOptions>
           </PolicyRule>
-          <PolicyRule id="id274" disabled="False" group="" log="False" position="16" action="Accept" direction="Inbound" comment="Imported from icmp_commands_inside&#10;Created during import of  line 153">
+          <PolicyRule id="id281" disabled="False" group="" log="False" position="16" action="Accept" direction="Inbound" comment="Imported from icmp_commands_inside&#10;Created during import of  line 153">
             <Src neg="False">
               <ObjectRef ref="sysid0"/>
             </Src>
             <Dst neg="False">
-              <ObjectRef ref="id78"/>
+              <ObjectRef ref="id85"/>
             </Dst>
             <Srv neg="False">
               <ServiceRef ref="id45"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id770"/>
+              <ObjectRef ref="id768"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -1145,18 +1143,18 @@
               <Option name="stateless">False</Option>
             </PolicyRuleOptions>
           </PolicyRule>
-          <PolicyRule id="id286" disabled="False" group="" log="False" position="17" action="Accept" direction="Inbound" comment="Imported from icmp_commands_inside&#10;Created during import of  line 154">
+          <PolicyRule id="id293" disabled="False" group="" log="False" position="17" action="Accept" direction="Inbound" comment="Imported from icmp_commands_inside&#10;Created during import of  line 154">
             <Src neg="False">
               <ObjectRef ref="id18"/>
             </Src>
             <Dst neg="False">
-              <ObjectRef ref="id78"/>
+              <ObjectRef ref="id85"/>
             </Dst>
             <Srv neg="False">
               <ServiceRef ref="id45"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id770"/>
+              <ObjectRef ref="id768"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -1165,18 +1163,18 @@
               <Option name="stateless">False</Option>
             </PolicyRuleOptions>
           </PolicyRule>
-          <PolicyRule id="id298" disabled="False" group="" log="False" position="18" action="Accept" direction="Inbound" comment="Imported from http_commands_inside&#10;Created during import of  line 202">
+          <PolicyRule id="id305" disabled="False" group="" log="False" position="18" action="Accept" direction="Inbound" comment="Imported from http_commands_inside&#10;Created during import of  line 202">
             <Src neg="False">
               <ObjectRef ref="id12"/>
             </Src>
             <Dst neg="False">
-              <ObjectRef ref="id78"/>
+              <ObjectRef ref="id85"/>
             </Dst>
             <Srv neg="False">
               <ServiceRef ref="id51"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id770"/>
+              <ObjectRef ref="id768"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -1185,18 +1183,18 @@
               <Option name="stateless">False</Option>
             </PolicyRuleOptions>
           </PolicyRule>
-          <PolicyRule id="id310" disabled="False" group="" log="False" position="19" action="Accept" direction="Inbound" comment="Imported from http_commands_inside&#10;Created during import of  line 203">
+          <PolicyRule id="id317" disabled="False" group="" log="False" position="19" action="Accept" direction="Inbound" comment="Imported from http_commands_inside&#10;Created during import of  line 203">
             <Src neg="False">
               <ObjectRef ref="id18"/>
             </Src>
             <Dst neg="False">
-              <ObjectRef ref="id78"/>
+              <ObjectRef ref="id85"/>
             </Dst>
             <Srv neg="False">
               <ServiceRef ref="id51"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id770"/>
+              <ObjectRef ref="id768"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -1205,7 +1203,7 @@
               <Option name="stateless">False</Option>
             </PolicyRuleOptions>
           </PolicyRule>
-          <PolicyRule id="id322" disabled="False" group="" log="False" position="20" action="Accept" direction="Inbound" comment="Imported from inside_acl_in&#10;1 ( global ) &#10;Created during import of  line 86">
+          <PolicyRule id="id329" disabled="False" group="" log="False" position="20" action="Accept" direction="Inbound" comment="Imported from inside_acl_in&#10;1 ( global ) &#10;Created during import of  line 86">
             <Src neg="False">
               <ObjectRef ref="id18"/>
             </Src>
@@ -1216,7 +1214,7 @@
               <ServiceRef ref="id51"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id770"/>
+              <ObjectRef ref="id768"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -1225,7 +1223,7 @@
               <Option name="stateless">False</Option>
             </PolicyRuleOptions>
           </PolicyRule>
-          <PolicyRule id="id334" disabled="False" group="" log="False" position="21" action="Accept" direction="Inbound" comment="Imported from inside_acl_in&#10;Created during import of  line 87">
+          <PolicyRule id="id341" disabled="False" group="" log="False" position="21" action="Accept" direction="Inbound" comment="Imported from inside_acl_in&#10;Created during import of  line 87">
             <Src neg="False">
               <ObjectRef ref="id18"/>
             </Src>
@@ -1233,10 +1231,10 @@
               <ObjectRef ref="id3"/>
             </Dst>
             <Srv neg="False">
-              <ServiceRef ref="id73"/>
+              <ServiceRef ref="id80"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id770"/>
+              <ObjectRef ref="id768"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -1245,7 +1243,7 @@
               <Option name="stateless">False</Option>
             </PolicyRuleOptions>
           </PolicyRule>
-          <PolicyRule id="id346" disabled="False" group="" log="False" position="22" action="Accept" direction="Inbound" comment="Imported from inside_acl_in&#10;5 ( global ) &#10;Created during import of  line 94">
+          <PolicyRule id="id353" disabled="False" group="" log="False" position="22" action="Accept" direction="Inbound" comment="Imported from inside_acl_in&#10;5 ( global ) &#10;Created during import of  line 94">
             <Src neg="False">
               <ObjectRef ref="id3"/>
             </Src>
@@ -1256,7 +1254,7 @@
               <ServiceRef ref="id48"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id770"/>
+              <ObjectRef ref="id768"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -1265,7 +1263,7 @@
               <Option name="stateless">False</Option>
             </PolicyRuleOptions>
           </PolicyRule>
-          <PolicyRule id="id358" disabled="False" group="" log="False" position="23" action="Deny" direction="Inbound" comment="Imported from inside_acl_in&#10;6 ( global ) &#10;Created during import of  line 96">
+          <PolicyRule id="id365" disabled="False" group="" log="False" position="23" action="Deny" direction="Inbound" comment="Imported from inside_acl_in&#10;6 ( global ) &#10;Created during import of  line 96">
             <Src neg="False">
               <ObjectRef ref="sysid0"/>
             </Src>
@@ -1276,7 +1274,7 @@
               <ServiceRef ref="id53"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id770"/>
+              <ObjectRef ref="id768"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -1285,7 +1283,7 @@
               <Option name="stateless">True</Option>
             </PolicyRuleOptions>
           </PolicyRule>
-          <PolicyRule id="id370" disabled="False" group="" log="False" position="24" action="Accept" direction="Inbound" comment="Imported from inside_acl_in&#10;7 ( global ) &#10;Created during import of  line 98">
+          <PolicyRule id="id377" disabled="False" group="" log="False" position="24" action="Accept" direction="Inbound" comment="Imported from inside_acl_in&#10;7 ( global ) &#10;Created during import of  line 98">
             <Src neg="False">
               <ObjectRef ref="sysid0"/>
             </Src>
@@ -1296,7 +1294,7 @@
               <ServiceRef ref="id54"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id770"/>
+              <ObjectRef ref="id768"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -1305,7 +1303,7 @@
               <Option name="stateless">False</Option>
             </PolicyRuleOptions>
           </PolicyRule>
-          <PolicyRule id="id382" disabled="False" group="" log="False" position="25" action="Accept" direction="Inbound" comment="Imported from inside_acl_in&#10;17 ( global ) &#10;Created during import of  line 107">
+          <PolicyRule id="id389" disabled="False" group="" log="False" position="25" action="Accept" direction="Inbound" comment="Imported from inside_acl_in&#10;17 ( global ) &#10;Created during import of  line 107">
             <Src neg="False">
               <ObjectRef ref="sysid0"/>
             </Src>
@@ -1315,87 +1313,6 @@
             <Srv neg="False">
               <ServiceRef ref="id45"/>
             </Srv>
-            <Itf neg="False">
-              <ObjectRef ref="id770"/>
-            </Itf>
-            <When neg="False">
-              <IntervalRef ref="sysid2"/>
-            </When>
-            <PolicyRuleOptions>
-              <Option name="stateless">False</Option>
-            </PolicyRuleOptions>
-          </PolicyRule>
-          <PolicyRule id="id394" disabled="False" group="" log="False" position="26" action="Accept" direction="Inbound" comment="Imported from inside_acl_in&#10;Created during import of  line 108">
-            <Src neg="False">
-              <ObjectRef ref="sysid0"/>
-            </Src>
-            <Dst neg="False">
-              <ObjectRef ref="sysid0"/>
-            </Dst>
-            <Srv neg="False">
-              <ServiceRef ref="id45"/>
-            </Srv>
-            <Itf neg="False">
-              <ObjectRef ref="id770"/>
-            </Itf>
-            <When neg="False">
-              <IntervalRef ref="sysid2"/>
-            </When>
-            <PolicyRuleOptions>
-              <Option name="stateless">False</Option>
-            </PolicyRuleOptions>
-          </PolicyRule>
-          <PolicyRule id="id406" disabled="False" group="" log="False" position="27" action="Accept" direction="Inbound" comment="Imported from inside_acl_in&#10;18 ( global ) &#10;Created during import of  line 110">
-            <Src neg="False">
-              <ObjectRef ref="id18"/>
-            </Src>
-            <Dst neg="False">
-              <ObjectRef ref="sysid0"/>
-            </Dst>
-            <Srv neg="False">
-              <ServiceRef ref="id48"/>
-            </Srv>
-            <Itf neg="False">
-              <ObjectRef ref="id770"/>
-            </Itf>
-            <When neg="False">
-              <IntervalRef ref="sysid2"/>
-            </When>
-            <PolicyRuleOptions>
-              <Option name="stateless">False</Option>
-            </PolicyRuleOptions>
-          </PolicyRule>
-          <PolicyRule id="id418" disabled="False" group="" log="True" position="28" action="Deny" direction="Inbound" comment="Imported from inside_acl_in&#10;19 ( global ) ' catch all' rule &#10;Created during import of  line 113">
-            <Src neg="False">
-              <ObjectRef ref="sysid0"/>
-            </Src>
-            <Dst neg="False">
-              <ObjectRef ref="sysid0"/>
-            </Dst>
-            <Srv neg="False">
-              <ServiceRef ref="id48"/>
-            </Srv>
-            <Itf neg="False">
-              <ObjectRef ref="id770"/>
-            </Itf>
-            <When neg="False">
-              <IntervalRef ref="sysid2"/>
-            </When>
-            <PolicyRuleOptions>
-              <Option name="log_level">notice</Option>
-              <Option name="stateless">True</Option>
-            </PolicyRuleOptions>
-          </PolicyRule>
-          <PolicyRule id="id430" disabled="False" group="" log="True" position="29" action="Deny" direction="Inbound" comment="Imported from outside_acl_in&#10;0 ( ethernet0 ) &#10;Created during import of  line 53">
-            <Src neg="False">
-              <ObjectRef ref="id3"/>
-            </Src>
-            <Dst neg="False">
-              <ObjectRef ref="sysid0"/>
-            </Dst>
-            <Srv neg="False">
-              <ServiceRef ref="id48"/>
-            </Srv>
             <Itf neg="False">
               <ObjectRef ref="id768"/>
             </Itf>
@@ -1403,11 +1320,30 @@
               <IntervalRef ref="sysid2"/>
             </When>
             <PolicyRuleOptions>
-              <Option name="log_level">notice</Option>
-              <Option name="stateless">True</Option>
+              <Option name="stateless">False</Option>
             </PolicyRuleOptions>
           </PolicyRule>
-          <PolicyRule id="id442" disabled="False" group="" log="True" position="30" action="Deny" direction="Inbound" comment="Imported from outside_acl_in&#10;Created during import of  line 54">
+          <PolicyRule id="id401" disabled="False" group="" log="False" position="26" action="Accept" direction="Inbound" comment="Imported from inside_acl_in&#10;Created during import of  line 108">
+            <Src neg="False">
+              <ObjectRef ref="sysid0"/>
+            </Src>
+            <Dst neg="False">
+              <ObjectRef ref="sysid0"/>
+            </Dst>
+            <Srv neg="False">
+              <ServiceRef ref="id45"/>
+            </Srv>
+            <Itf neg="False">
+              <ObjectRef ref="id768"/>
+            </Itf>
+            <When neg="False">
+              <IntervalRef ref="sysid2"/>
+            </When>
+            <PolicyRuleOptions>
+              <Option name="stateless">False</Option>
+            </PolicyRuleOptions>
+          </PolicyRule>
+          <PolicyRule id="id413" disabled="False" group="" log="False" position="27" action="Accept" direction="Inbound" comment="Imported from inside_acl_in&#10;18 ( global ) &#10;Created during import of  line 110">
             <Src neg="False">
               <ObjectRef ref="id18"/>
             </Src>
@@ -1424,22 +1360,84 @@
               <IntervalRef ref="sysid2"/>
             </When>
             <PolicyRuleOptions>
-              <Option name="log_level">notice</Option>
-              <Option name="stateless">True</Option>
+              <Option name="stateless">False</Option>
             </PolicyRuleOptions>
           </PolicyRule>
-          <PolicyRule id="id454" disabled="False" group="" log="False" position="31" action="Accept" direction="Inbound" comment="Imported from outside_acl_in&#10;3 ( global ) &#10;Created during import of  line 56">
+          <PolicyRule id="id425" disabled="False" group="" log="True" position="28" action="Deny" direction="Inbound" comment="Imported from inside_acl_in&#10;19 ( global ) ' catch all' rule &#10;Created during import of  line 113">
             <Src neg="False">
               <ObjectRef ref="sysid0"/>
             </Src>
             <Dst neg="False">
+              <ObjectRef ref="sysid0"/>
+            </Dst>
+            <Srv neg="False">
+              <ServiceRef ref="id48"/>
+            </Srv>
+            <Itf neg="False">
               <ObjectRef ref="id768"/>
+            </Itf>
+            <When neg="False">
+              <IntervalRef ref="sysid2"/>
+            </When>
+            <PolicyRuleOptions>
+              <Option name="log_level">notice</Option>
+              <Option name="stateless">True</Option>
+            </PolicyRuleOptions>
+          </PolicyRule>
+          <PolicyRule id="id437" disabled="False" group="" log="True" position="29" action="Deny" direction="Inbound" comment="Imported from outside_acl_in&#10;0 ( ethernet0 ) &#10;Created during import of  line 53">
+            <Src neg="False">
+              <ObjectRef ref="id3"/>
+            </Src>
+            <Dst neg="False">
+              <ObjectRef ref="sysid0"/>
+            </Dst>
+            <Srv neg="False">
+              <ServiceRef ref="id48"/>
+            </Srv>
+            <Itf neg="False">
+              <ObjectRef ref="id766"/>
+            </Itf>
+            <When neg="False">
+              <IntervalRef ref="sysid2"/>
+            </When>
+            <PolicyRuleOptions>
+              <Option name="log_level">notice</Option>
+              <Option name="stateless">True</Option>
+            </PolicyRuleOptions>
+          </PolicyRule>
+          <PolicyRule id="id449" disabled="False" group="" log="True" position="30" action="Deny" direction="Inbound" comment="Imported from outside_acl_in&#10;Created during import of  line 54">
+            <Src neg="False">
+              <ObjectRef ref="id18"/>
+            </Src>
+            <Dst neg="False">
+              <ObjectRef ref="sysid0"/>
+            </Dst>
+            <Srv neg="False">
+              <ServiceRef ref="id48"/>
+            </Srv>
+            <Itf neg="False">
+              <ObjectRef ref="id766"/>
+            </Itf>
+            <When neg="False">
+              <IntervalRef ref="sysid2"/>
+            </When>
+            <PolicyRuleOptions>
+              <Option name="log_level">notice</Option>
+              <Option name="stateless">True</Option>
+            </PolicyRuleOptions>
+          </PolicyRule>
+          <PolicyRule id="id461" disabled="False" group="" log="False" position="31" action="Accept" direction="Inbound" comment="Imported from outside_acl_in&#10;3 ( global ) &#10;Created during import of  line 56">
+            <Src neg="False">
+              <ObjectRef ref="sysid0"/>
+            </Src>
+            <Dst neg="False">
+              <ObjectRef ref="id766"/>
             </Dst>
             <Srv neg="False">
               <ServiceRef ref="id44"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id768"/>
+              <ObjectRef ref="id766"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -1448,18 +1446,18 @@
               <Option name="stateless">False</Option>
             </PolicyRuleOptions>
           </PolicyRule>
-          <PolicyRule id="id466" disabled="False" group="" log="False" position="32" action="Deny" direction="Inbound" comment="Imported from outside_acl_in&#10;4 ( global ) fw uses DHCP plus many DHCP requests from cable modem 6 ( global ) &#10;Created during import of  line 65">
+          <PolicyRule id="id473" disabled="False" group="" log="False" position="32" action="Deny" direction="Inbound" comment="Imported from outside_acl_in&#10;4 ( global ) fw uses DHCP plus many DHCP requests from cable modem 6 ( global ) &#10;Created during import of  line 65">
             <Src neg="False">
               <ObjectRef ref="sysid0"/>
             </Src>
             <Dst neg="False">
-              <ObjectRef ref="id768"/>
+              <ObjectRef ref="id766"/>
             </Dst>
             <Srv neg="False">
               <ServiceRef ref="id53"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id768"/>
+              <ObjectRef ref="id766"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -1468,7 +1466,7 @@
               <Option name="stateless">True</Option>
             </PolicyRuleOptions>
           </PolicyRule>
-          <PolicyRule id="id478" disabled="False" group="" log="False" position="33" action="Accept" direction="Inbound" comment="Imported from outside_acl_in&#10;7 ( global ) &#10;Created during import of  line 67">
+          <PolicyRule id="id485" disabled="False" group="" log="False" position="33" action="Accept" direction="Inbound" comment="Imported from outside_acl_in&#10;7 ( global ) &#10;Created during import of  line 67">
             <Src neg="False">
               <ObjectRef ref="sysid0"/>
             </Src>
@@ -1479,7 +1477,7 @@
               <ServiceRef ref="id54"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id768"/>
+              <ObjectRef ref="id766"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -1488,18 +1486,18 @@
               <Option name="stateless">False</Option>
             </PolicyRuleOptions>
           </PolicyRule>
-          <PolicyRule id="id490" disabled="False" group="" log="False" position="34" action="Accept" direction="Inbound" comment="Imported from outside_acl_in&#10;10 ( global ) using swatch to automatically block probing ssh connections , so no need to limit &#10;Created during import of  line 72">
+          <PolicyRule id="id497" disabled="False" group="" log="False" position="34" action="Accept" direction="Inbound" comment="Imported from outside_acl_in&#10;10 ( global ) using swatch to automatically block probing ssh connections , so no need to limit &#10;Created during import of  line 72">
             <Src neg="False">
               <ObjectRef ref="sysid0"/>
             </Src>
             <Dst neg="False">
-              <ObjectRef ref="id768"/>
+              <ObjectRef ref="id766"/>
             </Dst>
             <Srv neg="False">
               <ServiceRef ref="id50"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id768"/>
+              <ObjectRef ref="id766"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -1508,18 +1506,18 @@
               <Option name="stateless">False</Option>
             </PolicyRuleOptions>
           </PolicyRule>
-          <PolicyRule id="id502" disabled="False" group="" log="False" position="35" action="Accept" direction="Inbound" comment="Imported from outside_acl_in&#10;Created during import of  line 73">
+          <PolicyRule id="id509" disabled="False" group="" log="False" position="35" action="Accept" direction="Inbound" comment="Imported from outside_acl_in&#10;Created during import of  line 73">
             <Src neg="False">
               <ObjectRef ref="sysid0"/>
             </Src>
             <Dst neg="False">
-              <ObjectRef ref="id768"/>
+              <ObjectRef ref="id766"/>
             </Dst>
             <Srv neg="False">
               <ServiceRef ref="id51"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id768"/>
+              <ObjectRef ref="id766"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -1528,18 +1526,18 @@
               <Option name="stateless">False</Option>
             </PolicyRuleOptions>
           </PolicyRule>
-          <PolicyRule id="id514" disabled="False" group="" log="False" position="36" action="Accept" direction="Inbound" comment="Imported from outside_acl_in&#10;11 ( global ) &#10;Created during import of  line 76">
+          <PolicyRule id="id521" disabled="False" group="" log="False" position="36" action="Accept" direction="Inbound" comment="Imported from outside_acl_in&#10;11 ( global ) &#10;Created during import of  line 76">
             <Src neg="False">
               <ObjectRef ref="sysid0"/>
             </Src>
             <Dst neg="False">
-              <ObjectRef ref="id768"/>
+              <ObjectRef ref="id766"/>
             </Dst>
             <Srv neg="False">
               <ServiceRef ref="id52"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id768"/>
+              <ObjectRef ref="id766"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -1548,18 +1546,18 @@
               <Option name="stateless">False</Option>
             </PolicyRuleOptions>
           </PolicyRule>
-          <PolicyRule id="id526" disabled="False" group="" log="False" position="37" action="Accept" direction="Inbound" comment="Imported from outside_acl_in&#10;Created during import of  line 77">
+          <PolicyRule id="id533" disabled="False" group="" log="False" position="37" action="Accept" direction="Inbound" comment="Imported from outside_acl_in&#10;Created during import of  line 77">
             <Src neg="False">
               <ObjectRef ref="sysid0"/>
             </Src>
             <Dst neg="False">
-              <ObjectRef ref="id768"/>
+              <ObjectRef ref="id766"/>
             </Dst>
             <Srv neg="False">
               <ServiceRef ref="id55"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id768"/>
+              <ObjectRef ref="id766"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -1568,18 +1566,18 @@
               <Option name="stateless">False</Option>
             </PolicyRuleOptions>
           </PolicyRule>
-          <PolicyRule id="id538" disabled="False" group="" log="False" position="38" action="Accept" direction="Inbound" comment="Imported from outside_acl_in&#10;17 ( global ) &#10;Created during import of  line 80">
+          <PolicyRule id="id545" disabled="False" group="" log="False" position="38" action="Accept" direction="Inbound" comment="Imported from outside_acl_in&#10;17 ( global ) &#10;Created during import of  line 80">
             <Src neg="False">
               <ObjectRef ref="sysid0"/>
             </Src>
             <Dst neg="False">
-              <ObjectRef ref="id768"/>
+              <ObjectRef ref="id766"/>
             </Dst>
             <Srv neg="False">
               <ServiceRef ref="id45"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id768"/>
+              <ObjectRef ref="id766"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -1588,7 +1586,7 @@
               <Option name="stateless">False</Option>
             </PolicyRuleOptions>
           </PolicyRule>
-          <PolicyRule id="id550" disabled="False" group="" log="False" position="39" action="Accept" direction="Inbound" comment="Imported from outside_acl_in&#10;Created during import of  line 81">
+          <PolicyRule id="id557" disabled="False" group="" log="False" position="39" action="Accept" direction="Inbound" comment="Imported from outside_acl_in&#10;Created during import of  line 81">
             <Src neg="False">
               <ObjectRef ref="sysid0"/>
             </Src>
@@ -1599,7 +1597,7 @@
               <ServiceRef ref="id45"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id768"/>
+              <ObjectRef ref="id766"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -1608,7 +1606,7 @@
               <Option name="stateless">False</Option>
             </PolicyRuleOptions>
           </PolicyRule>
-          <PolicyRule id="id562" disabled="False" group="" log="True" position="40" action="Deny" direction="Inbound" comment="Imported from outside_acl_in&#10;19 ( global ) ' catch all' rule &#10;Created during import of  line 84">
+          <PolicyRule id="id569" disabled="False" group="" log="True" position="40" action="Deny" direction="Inbound" comment="Imported from outside_acl_in&#10;19 ( global ) ' catch all' rule &#10;Created during import of  line 84">
             <Src neg="False">
               <ObjectRef ref="sysid0"/>
             </Src>
@@ -1619,7 +1617,7 @@
               <ServiceRef ref="id48"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id768"/>
+              <ObjectRef ref="id766"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -1631,8 +1629,8 @@
           </PolicyRule>
           <RuleSetOptions/>
         </Policy>
-        <Policy id="id773" name="id12594X2458.1" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="False">
-          <PolicyRule id="id775" disabled="False" group="" log="False" position="0" action="Accept" direction="Both" comment="Created during import of  line 115">
+        <Policy id="id771" name="id12594X2458.1" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="False">
+          <PolicyRule id="id773" disabled="False" group="" log="False" position="0" action="Accept" direction="Both" comment="Created during import of  line 115">
             <Src neg="False">
               <ObjectRef ref="id6"/>
             </Src>
@@ -1654,8 +1652,8 @@
           </PolicyRule>
           <RuleSetOptions/>
         </Policy>
-        <Policy id="id787" name="id12594X2458.3" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="False">
-          <PolicyRule id="id789" disabled="False" group="" log="False" position="0" action="Accept" direction="Both" comment="Created during import of  line 117">
+        <Policy id="id785" name="id12594X2458.3" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="False">
+          <PolicyRule id="id787" disabled="False" group="" log="False" position="0" action="Accept" direction="Both" comment="Created during import of  line 117">
             <Src neg="False">
               <ObjectRef ref="id6"/>
             </Src>
@@ -1677,14 +1675,14 @@
           </PolicyRule>
           <RuleSetOptions/>
         </Policy>
-        <Routing id="id766" name="Routing" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
+        <Routing id="id764" name="Routing" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
           <RuleSetOptions/>
         </Routing>
-        <Interface id="id768" dedicated_failover="False" dyn="True" label="outside" security_level="0" unnum="False" unprotected="False" name="ethernet0" comment="Created during import of  line 4" ro="False">
+        <Interface id="id766" dedicated_failover="False" dyn="True" label="outside" security_level="0" unnum="False" unprotected="False" name="ethernet0" comment="Created during import of  line 4" ro="False">
           <InterfaceOptions/>
         </Interface>
-        <Interface id="id770" dedicated_failover="False" dyn="False" label="inside" security_level="100" unnum="False" unprotected="False" name="ethernet1" comment="Created during import of  line 5" ro="False">
-          <IPv4 id="id771" name="guardian:ethernet1:ip" comment="Created during import of  line 159" ro="False" address="10.1.1.202" netmask="255.255.255.0"/>
+        <Interface id="id768" dedicated_failover="False" dyn="False" label="inside" security_level="100" unnum="False" unprotected="False" name="ethernet1" comment="Created during import of  line 5" ro="False">
+          <IPv4 id="id769" name="guardian:ethernet1:ip" comment="Created during import of  line 159" ro="False" address="10.1.1.202" netmask="255.255.255.0"/>
           <InterfaceOptions/>
         </Interface>
         <FirewallOptions>
@@ -1705,7 +1703,7 @@
         </FirewallOptions>
       </Firewall>
     </ObjectGroup>
-    <ObjectGroup id="id801" name="Clusters" comment="" ro="False"/>
-    <IntervalGroup id="id802" name="Time" comment="" ro="False"/>
+    <ObjectGroup id="id799" name="Clusters" comment="" ro="False"/>
+    <IntervalGroup id="id800" name="Time" comment="" ro="False"/>
   </Library>
 </FWObjectDatabase>
diff --git a/src/unit_tests/PIXImporterTest/test_data/pix7-nat.fwb b/src/unit_tests/PIXImporterTest/test_data/pix7-nat.fwb
index afe6999ea..e8d45f8cc 100644
--- a/src/unit_tests/PIXImporterTest/test_data/pix7-nat.fwb
+++ b/src/unit_tests/PIXImporterTest/test_data/pix7-nat.fwb
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE FWObjectDatabase SYSTEM "fwbuilder.dtd">
-<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="18" lastModified="1302209377" id="root">
+<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="18" lastModified="1302232115" id="root">
   <Library id="syslib000" color="#d4f8ff" name="Standard" comment="Standard objects" ro="True">
     <AnyNetwork id="sysid0" name="Any" comment="Any Network" ro="False" address="0.0.0.0" netmask="0.0.0.0"/>
     <AnyIPService id="sysid1" protocol_num="0" name="Any" comment="Any IP Service" ro="False"/>
@@ -506,8 +506,8 @@
       <ServiceGroup id="id63" name="TCP" comment="" ro="False">
         <TCPService id="id64" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 80:80 / 0:0" comment="Created during import of  line 106" ro="False" src_range_start="80" src_range_end="80" dst_range_start="0" dst_range_end="0"/>
         <TCPService id="id65" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 80:80" comment="Created during import of  line 109" ro="False" src_range_start="0" src_range_end="0" dst_range_start="80" dst_range_end="80"/>
-        <TCPService id="id66" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 8080:8080" comment="Created during import of  line 164" ro="False" src_range_start="0" src_range_end="0" dst_range_start="8080" dst_range_end="8080"/>
-        <TCPService id="id67" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 0:0" comment="Created during import of  line 167" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="0"/>
+        <TCPService id="id66" ack_flag="False" ack_flag_mask="False" established="True" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 80:80 / 0:0-mirror" comment="Created during import of  line 106" ro="False" src_range_start="0" src_range_end="0" dst_range_start="80" dst_range_end="80"/>
+        <TCPService id="id67" ack_flag="False" ack_flag_mask="False" established="True" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 80:80-mirror" comment="Created during import of  line 109" ro="False" src_range_start="80" src_range_end="80" dst_range_start="0" dst_range_end="0"/>
         <TCPService id="id68" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 22:22" comment="Created during import of  line 220" ro="False" src_range_start="0" src_range_end="0" dst_range_start="22" dst_range_end="22"/>
       </ServiceGroup>
       <ServiceGroup id="id69" name="UDP" comment="" ro="False">
@@ -531,7 +531,7 @@
               <ServiceRef ref="id62"/>
             </OSrv>
             <TSrc neg="False">
-              <ObjectRef ref="id778"/>
+              <ObjectRef ref="id776"/>
             </TSrc>
             <TDst neg="False">
               <ObjectRef ref="sysid0"/>
@@ -540,10 +540,10 @@
               <ServiceRef ref="sysid1"/>
             </TSrv>
             <ItfInb neg="False">
-              <ObjectRef ref="id784"/>
+              <ObjectRef ref="id782"/>
             </ItfInb>
             <ItfOutb neg="False">
-              <ObjectRef ref="id778"/>
+              <ObjectRef ref="id776"/>
             </ItfOutb>
             <NATRuleOptions/>
           </NATRule>
@@ -567,10 +567,10 @@
               <ServiceRef ref="sysid1"/>
             </TSrv>
             <ItfInb neg="False">
-              <ObjectRef ref="id784"/>
+              <ObjectRef ref="id782"/>
             </ItfInb>
             <ItfOutb neg="False">
-              <ObjectRef ref="id778"/>
+              <ObjectRef ref="id776"/>
             </ItfOutb>
             <NATRuleOptions/>
           </NATRule>
@@ -594,10 +594,10 @@
               <ServiceRef ref="sysid1"/>
             </TSrv>
             <ItfInb neg="False">
-              <ObjectRef ref="id784"/>
+              <ObjectRef ref="id782"/>
             </ItfInb>
             <ItfOutb neg="False">
-              <ObjectRef ref="id778"/>
+              <ObjectRef ref="id776"/>
             </ItfOutb>
             <NATRuleOptions/>
           </NATRule>
@@ -621,10 +621,10 @@
               <ServiceRef ref="sysid1"/>
             </TSrv>
             <ItfInb neg="False">
-              <ObjectRef ref="id784"/>
+              <ObjectRef ref="id782"/>
             </ItfInb>
             <ItfOutb neg="False">
-              <ObjectRef ref="id778"/>
+              <ObjectRef ref="id776"/>
             </ItfOutb>
             <NATRuleOptions/>
           </NATRule>
@@ -648,10 +648,10 @@
               <ServiceRef ref="sysid1"/>
             </TSrv>
             <ItfInb neg="False">
-              <ObjectRef ref="id784"/>
+              <ObjectRef ref="id782"/>
             </ItfInb>
             <ItfOutb neg="False">
-              <ObjectRef ref="id781"/>
+              <ObjectRef ref="id779"/>
             </ItfOutb>
             <NATRuleOptions/>
           </NATRule>
@@ -675,10 +675,10 @@
               <ServiceRef ref="sysid1"/>
             </TSrv>
             <ItfInb neg="False">
-              <ObjectRef ref="id784"/>
+              <ObjectRef ref="id782"/>
             </ItfInb>
             <ItfOutb neg="False">
-              <ObjectRef ref="id778"/>
+              <ObjectRef ref="id776"/>
             </ItfOutb>
             <NATRuleOptions/>
           </NATRule>
@@ -702,10 +702,10 @@
               <ServiceRef ref="sysid1"/>
             </TSrv>
             <ItfInb neg="False">
-              <ObjectRef ref="id784"/>
+              <ObjectRef ref="id782"/>
             </ItfInb>
             <ItfOutb neg="False">
-              <ObjectRef ref="id778"/>
+              <ObjectRef ref="id776"/>
             </ItfOutb>
             <NATRuleOptions/>
           </NATRule>
@@ -729,10 +729,10 @@
               <ServiceRef ref="sysid1"/>
             </TSrv>
             <ItfInb neg="False">
-              <ObjectRef ref="id784"/>
+              <ObjectRef ref="id782"/>
             </ItfInb>
             <ItfOutb neg="False">
-              <ObjectRef ref="id778"/>
+              <ObjectRef ref="id776"/>
             </ItfOutb>
             <NATRuleOptions/>
           </NATRule>
@@ -756,10 +756,10 @@
               <ServiceRef ref="sysid1"/>
             </TSrv>
             <ItfInb neg="False">
-              <ObjectRef ref="id784"/>
+              <ObjectRef ref="id782"/>
             </ItfInb>
             <ItfOutb neg="False">
-              <ObjectRef ref="id781"/>
+              <ObjectRef ref="id779"/>
             </ItfOutb>
             <NATRuleOptions/>
           </NATRule>
@@ -774,7 +774,7 @@
               <ServiceRef ref="id65"/>
             </OSrv>
             <TSrc neg="False">
-              <ObjectRef ref="id778"/>
+              <ObjectRef ref="id776"/>
             </TSrc>
             <TDst neg="False">
               <ObjectRef ref="sysid0"/>
@@ -783,10 +783,10 @@
               <ServiceRef ref="sysid1"/>
             </TSrv>
             <ItfInb neg="False">
-              <ObjectRef ref="id784"/>
+              <ObjectRef ref="id782"/>
             </ItfInb>
             <ItfOutb neg="False">
-              <ObjectRef ref="id778"/>
+              <ObjectRef ref="id776"/>
             </ItfOutb>
             <NATRuleOptions/>
           </NATRule>
@@ -801,7 +801,7 @@
               <ServiceRef ref="id65"/>
             </OSrv>
             <TSrc neg="False">
-              <ObjectRef ref="id778"/>
+              <ObjectRef ref="id776"/>
             </TSrc>
             <TDst neg="False">
               <ObjectRef ref="sysid0"/>
@@ -810,10 +810,10 @@
               <ServiceRef ref="sysid1"/>
             </TSrv>
             <ItfInb neg="False">
-              <ObjectRef ref="id784"/>
+              <ObjectRef ref="id782"/>
             </ItfInb>
             <ItfOutb neg="False">
-              <ObjectRef ref="id778"/>
+              <ObjectRef ref="id776"/>
             </ItfOutb>
             <NATRuleOptions/>
           </NATRule>
@@ -828,7 +828,7 @@
               <ServiceRef ref="id65"/>
             </OSrv>
             <TSrc neg="False">
-              <ObjectRef ref="id778"/>
+              <ObjectRef ref="id776"/>
             </TSrc>
             <TDst neg="False">
               <ObjectRef ref="sysid0"/>
@@ -837,10 +837,10 @@
               <ServiceRef ref="sysid1"/>
             </TSrv>
             <ItfInb neg="False">
-              <ObjectRef ref="id784"/>
+              <ObjectRef ref="id782"/>
             </ItfInb>
             <ItfOutb neg="False">
-              <ObjectRef ref="id778"/>
+              <ObjectRef ref="id776"/>
             </ItfOutb>
             <NATRuleOptions/>
           </NATRule>
@@ -864,10 +864,10 @@
               <ServiceRef ref="sysid1"/>
             </TSrv>
             <ItfInb neg="False">
-              <ObjectRef ref="id784"/>
+              <ObjectRef ref="id782"/>
             </ItfInb>
             <ItfOutb neg="False">
-              <ObjectRef ref="id778"/>
+              <ObjectRef ref="id776"/>
             </ItfOutb>
             <NATRuleOptions/>
           </NATRule>
@@ -891,10 +891,10 @@
               <ServiceRef ref="sysid1"/>
             </TSrv>
             <ItfInb neg="False">
-              <ObjectRef ref="id784"/>
+              <ObjectRef ref="id782"/>
             </ItfInb>
             <ItfOutb neg="False">
-              <ObjectRef ref="id778"/>
+              <ObjectRef ref="id776"/>
             </ItfOutb>
             <NATRuleOptions/>
           </NATRule>
@@ -918,10 +918,10 @@
               <ServiceRef ref="sysid1"/>
             </TSrv>
             <ItfInb neg="False">
-              <ObjectRef ref="id784"/>
+              <ObjectRef ref="id782"/>
             </ItfInb>
             <ItfOutb neg="False">
-              <ObjectRef ref="id778"/>
+              <ObjectRef ref="id776"/>
             </ItfOutb>
             <NATRuleOptions/>
           </NATRule>
@@ -945,10 +945,10 @@
               <ServiceRef ref="sysid1"/>
             </TSrv>
             <ItfInb neg="False">
-              <ObjectRef ref="id784"/>
+              <ObjectRef ref="id782"/>
             </ItfInb>
             <ItfOutb neg="False">
-              <ObjectRef ref="id778"/>
+              <ObjectRef ref="id776"/>
             </ItfOutb>
             <NATRuleOptions/>
           </NATRule>
@@ -972,10 +972,10 @@
               <ServiceRef ref="sysid1"/>
             </TSrv>
             <ItfInb neg="False">
-              <ObjectRef ref="id781"/>
+              <ObjectRef ref="id779"/>
             </ItfInb>
             <ItfOutb neg="False">
-              <ObjectRef ref="id784"/>
+              <ObjectRef ref="id782"/>
             </ItfOutb>
             <NATRuleOptions/>
           </NATRule>
@@ -999,10 +999,10 @@
               <ServiceRef ref="sysid1"/>
             </TSrv>
             <ItfInb neg="False">
-              <ObjectRef ref="id781"/>
+              <ObjectRef ref="id779"/>
             </ItfInb>
             <ItfOutb neg="False">
-              <ObjectRef ref="id784"/>
+              <ObjectRef ref="id782"/>
             </ItfOutb>
             <NATRuleOptions/>
           </NATRule>
@@ -1011,7 +1011,7 @@
               <ObjectRef ref="sysid0"/>
             </OSrc>
             <ODst neg="False">
-              <ObjectRef ref="id781"/>
+              <ObjectRef ref="id779"/>
             </ODst>
             <OSrv neg="False">
               <ServiceRef ref="sysid1"/>
@@ -1026,10 +1026,10 @@
               <ServiceRef ref="sysid1"/>
             </TSrv>
             <ItfInb neg="False">
-              <ObjectRef ref="id781"/>
+              <ObjectRef ref="id779"/>
             </ItfInb>
             <ItfOutb neg="False">
-              <ObjectRef ref="id784"/>
+              <ObjectRef ref="id782"/>
             </ItfOutb>
             <NATRuleOptions/>
           </NATRule>
@@ -1050,13 +1050,13 @@
               <ObjectRef ref="id53"/>
             </TDst>
             <TSrv neg="False">
-              <ServiceRef ref="id66"/>
+              <ServiceRef ref="sysid1"/>
             </TSrv>
             <ItfInb neg="False">
-              <ObjectRef ref="id778"/>
+              <ObjectRef ref="id776"/>
             </ItfInb>
             <ItfOutb neg="False">
-              <ObjectRef ref="id784"/>
+              <ObjectRef ref="id782"/>
             </ItfOutb>
             <NATRuleOptions/>
           </NATRule>
@@ -1077,13 +1077,13 @@
               <ObjectRef ref="id23"/>
             </TDst>
             <TSrv neg="False">
-              <ServiceRef ref="id66"/>
+              <ServiceRef ref="sysid1"/>
             </TSrv>
             <ItfInb neg="False">
-              <ObjectRef ref="id778"/>
+              <ObjectRef ref="id776"/>
             </ItfInb>
             <ItfOutb neg="False">
-              <ObjectRef ref="id784"/>
+              <ObjectRef ref="id782"/>
             </ItfOutb>
             <NATRuleOptions/>
           </NATRule>
@@ -1092,11 +1092,10 @@
               <ObjectRef ref="sysid0"/>
             </OSrc>
             <ODst neg="False">
-              <ObjectRef ref="id778"/>
+              <ObjectRef ref="id776"/>
             </ODst>
             <OSrv neg="False">
               <ServiceRef ref="id65"/>
-              <ServiceRef ref="id64"/>
             </OSrv>
             <TSrc neg="False">
               <ObjectRef ref="sysid0"/>
@@ -1105,26 +1104,25 @@
               <ObjectRef ref="id11"/>
             </TDst>
             <TSrv neg="False">
-              <ServiceRef ref="id67"/>
+              <ServiceRef ref="id66"/>
             </TSrv>
             <ItfInb neg="False">
-              <ObjectRef ref="id778"/>
+              <ObjectRef ref="id776"/>
             </ItfInb>
             <ItfOutb neg="False">
-              <ObjectRef ref="id784"/>
+              <ObjectRef ref="id782"/>
             </ItfOutb>
             <NATRuleOptions/>
           </NATRule>
-          <NATRule id="id683" disabled="False" group="" position="22" action="Translate" comment="Created during import of  line 168">
+          <NATRule id="id682" disabled="False" group="" position="22" action="Translate" comment="Created during import of  line 168">
             <OSrc neg="False">
               <ObjectRef ref="sysid0"/>
             </OSrc>
             <ODst neg="False">
-              <ObjectRef ref="id778"/>
+              <ObjectRef ref="id776"/>
             </ODst>
             <OSrv neg="False">
               <ServiceRef ref="id65"/>
-              <ServiceRef ref="id64"/>
             </OSrv>
             <TSrc neg="False">
               <ObjectRef ref="sysid0"/>
@@ -1133,44 +1131,44 @@
               <ObjectRef ref="id11"/>
             </TDst>
             <TSrv neg="False">
-              <ServiceRef ref="id67"/>
+              <ServiceRef ref="id66"/>
             </TSrv>
             <ItfInb neg="False">
-              <ObjectRef ref="id778"/>
+              <ObjectRef ref="id776"/>
             </ItfInb>
             <ItfOutb neg="False">
-              <ObjectRef ref="id784"/>
+              <ObjectRef ref="id782"/>
             </ItfOutb>
             <NATRuleOptions/>
           </NATRule>
-          <NATRule id="id702" disabled="False" group="" position="23" action="Translate" comment="Created during import of  line 169">
+          <NATRule id="id700" disabled="False" group="" position="23" action="Translate" comment="Created during import of  line 169">
             <OSrc neg="False">
               <ObjectRef ref="sysid0"/>
             </OSrc>
             <ODst neg="False">
-              <ObjectRef ref="id778"/>
+              <ObjectRef ref="id776"/>
             </ODst>
             <OSrv neg="False">
-              <ServiceRef ref="id64"/>
-            </OSrv>
-            <TSrc neg="False">
-              <ObjectRef ref="sysid0"/>
-            </TSrc>
-            <TDst neg="False">
-              <ObjectRef ref="id11"/>
-            </TDst>
-            <TSrv neg="False">
               <ServiceRef ref="sysid1"/>
+            </OSrv>
+            <TSrc neg="False">
+              <ObjectRef ref="sysid0"/>
+            </TSrc>
+            <TDst neg="False">
+              <ObjectRef ref="id11"/>
+            </TDst>
+            <TSrv neg="False">
+              <ServiceRef ref="id66"/>
             </TSrv>
             <ItfInb neg="False">
-              <ObjectRef ref="id778"/>
+              <ObjectRef ref="id776"/>
             </ItfInb>
             <ItfOutb neg="False">
-              <ObjectRef ref="id784"/>
+              <ObjectRef ref="id782"/>
             </ItfOutb>
             <NATRuleOptions/>
           </NATRule>
-          <NATRule id="id720" disabled="False" group="" position="24" action="Translate" comment="Created during import of  line 171">
+          <NATRule id="id718" disabled="False" group="" position="24" action="Translate" comment="Created during import of  line 171">
             <OSrc neg="False">
               <ObjectRef ref="id12"/>
             </OSrc>
@@ -1178,7 +1176,7 @@
               <ObjectRef ref="id24"/>
             </ODst>
             <OSrv neg="False">
-              <ServiceRef ref="id62"/>
+              <ServiceRef ref="sysid1"/>
             </OSrv>
             <TSrc neg="False">
               <ObjectRef ref="sysid0"/>
@@ -1187,17 +1185,17 @@
               <ObjectRef ref="id13"/>
             </TDst>
             <TSrv neg="False">
-              <ServiceRef ref="sysid1"/>
+              <ServiceRef ref="id62"/>
             </TSrv>
             <ItfInb neg="False">
-              <ObjectRef ref="id778"/>
+              <ObjectRef ref="id776"/>
             </ItfInb>
             <ItfOutb neg="False">
-              <ObjectRef ref="id784"/>
+              <ObjectRef ref="id782"/>
             </ItfOutb>
             <NATRuleOptions/>
           </NATRule>
-          <NATRule id="id738" disabled="False" group="" position="25" action="Translate" comment="Created during import of  line 174">
+          <NATRule id="id736" disabled="False" group="" position="25" action="Translate" comment="Created during import of  line 174">
             <OSrc neg="False">
               <ObjectRef ref="id12"/>
             </OSrc>
@@ -1205,7 +1203,7 @@
               <ObjectRef ref="id24"/>
             </ODst>
             <OSrv neg="False">
-              <ServiceRef ref="id65"/>
+              <ServiceRef ref="sysid1"/>
             </OSrv>
             <TSrc neg="False">
               <ObjectRef ref="sysid0"/>
@@ -1214,17 +1212,17 @@
               <ObjectRef ref="id48"/>
             </TDst>
             <TSrv neg="False">
-              <ServiceRef ref="sysid1"/>
+              <ServiceRef ref="id67"/>
             </TSrv>
             <ItfInb neg="False">
-              <ObjectRef ref="id778"/>
+              <ObjectRef ref="id776"/>
             </ItfInb>
             <ItfOutb neg="False">
-              <ObjectRef ref="id784"/>
+              <ObjectRef ref="id782"/>
             </ItfOutb>
             <NATRuleOptions/>
           </NATRule>
-          <NATRule id="id756" disabled="False" group="" position="26" action="Translate" comment="Created during import of  line 174">
+          <NATRule id="id754" disabled="False" group="" position="26" action="Translate" comment="Created during import of  line 174">
             <OSrc neg="False">
               <ObjectRef ref="id12"/>
             </OSrc>
@@ -1232,7 +1230,7 @@
               <ObjectRef ref="id24"/>
             </ODst>
             <OSrv neg="False">
-              <ServiceRef ref="id65"/>
+              <ServiceRef ref="sysid1"/>
             </OSrv>
             <TSrc neg="False">
               <ObjectRef ref="sysid0"/>
@@ -1241,13 +1239,13 @@
               <ObjectRef ref="id49"/>
             </TDst>
             <TSrv neg="False">
-              <ServiceRef ref="sysid1"/>
+              <ServiceRef ref="id67"/>
             </TSrv>
             <ItfInb neg="False">
-              <ObjectRef ref="id778"/>
+              <ObjectRef ref="id776"/>
             </ItfInb>
             <ItfOutb neg="False">
-              <ObjectRef ref="id784"/>
+              <ObjectRef ref="id782"/>
             </ItfOutb>
             <NATRuleOptions/>
           </NATRule>
@@ -1265,7 +1263,7 @@
               <ServiceRef ref="id68"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id778"/>
+              <ObjectRef ref="id776"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -1285,7 +1283,7 @@
               <ServiceRef ref="id68"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id784"/>
+              <ObjectRef ref="id782"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -1305,7 +1303,7 @@
               <ServiceRef ref="id68"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id784"/>
+              <ObjectRef ref="id782"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -1325,7 +1323,7 @@
               <ServiceRef ref="id62"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id784"/>
+              <ObjectRef ref="id782"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -1346,7 +1344,7 @@
               <ServiceRef ref="id62"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id784"/>
+              <ObjectRef ref="id782"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -1367,7 +1365,7 @@
               <ServiceRef ref="id62"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id784"/>
+              <ObjectRef ref="id782"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -1388,7 +1386,7 @@
               <ServiceRef ref="id62"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id784"/>
+              <ObjectRef ref="id782"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -1408,7 +1406,7 @@
               <ServiceRef ref="id62"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id784"/>
+              <ObjectRef ref="id782"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -1429,7 +1427,7 @@
               <ServiceRef ref="id70"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id784"/>
+              <ObjectRef ref="id782"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -1450,7 +1448,7 @@
               <ServiceRef ref="id70"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id784"/>
+              <ObjectRef ref="id782"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -1471,7 +1469,7 @@
               <ServiceRef ref="id70"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id784"/>
+              <ObjectRef ref="id782"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -1492,7 +1490,7 @@
               <ServiceRef ref="id62"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id784"/>
+              <ObjectRef ref="id782"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -1512,7 +1510,7 @@
               <ServiceRef ref="id62"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id784"/>
+              <ObjectRef ref="id782"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -1533,7 +1531,7 @@
               <ServiceRef ref="id62"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id778"/>
+              <ObjectRef ref="id776"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -1554,7 +1552,7 @@
               <ServiceRef ref="id62"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id778"/>
+              <ObjectRef ref="id776"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -1575,7 +1573,7 @@
               <ServiceRef ref="id62"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id778"/>
+              <ObjectRef ref="id776"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -1596,7 +1594,7 @@
               <ServiceRef ref="id62"/>
             </Srv>
             <Itf neg="False">
-              <ObjectRef ref="id778"/>
+              <ObjectRef ref="id776"/>
             </Itf>
             <When neg="False">
               <IntervalRef ref="sysid2"/>
@@ -1608,28 +1606,28 @@
           </PolicyRule>
           <RuleSetOptions/>
         </Policy>
-        <Routing id="id774" name="Routing" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
+        <Routing id="id772" name="Routing" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
           <RuleSetOptions/>
         </Routing>
-        <Interface id="id776" dedicated_failover="False" dyn="False" security_level="0" unnum="True" unprotected="False" name="Ethernet0" comment="Created during import of  line 16" ro="False">
+        <Interface id="id774" dedicated_failover="False" dyn="False" security_level="0" unnum="True" unprotected="False" name="Ethernet0" comment="Created during import of  line 16" ro="False">
           <InterfaceOptions/>
-          <Interface id="id778" dedicated_failover="False" dyn="False" label="outside" security_level="0" unnum="False" unprotected="False" name="Ethernet0.101" comment="Created during import of  line 21" ro="False">
-            <IPv4 id="id780" name="pix1:Ethernet0.101:ip" comment="Created during import of  line 24" ro="False" address="192.0.2.253" netmask="255.255.255.0"/>
+          <Interface id="id776" dedicated_failover="False" dyn="False" label="outside" security_level="0" unnum="False" unprotected="False" name="Ethernet0.101" comment="Created during import of  line 21" ro="False">
+            <IPv4 id="id778" name="pix1:Ethernet0.101:ip" comment="Created during import of  line 24" ro="False" address="192.0.2.253" netmask="255.255.255.0"/>
             <InterfaceOptions>
               <Option name="type">8021q</Option>
               <Option name="vlan_id">101</Option>
             </InterfaceOptions>
           </Interface>
-          <Interface id="id781" dedicated_failover="False" dyn="False" label="dmz20" security_level="20" unnum="False" unprotected="False" name="Ethernet0.102" comment="Created during import of  line 27" ro="False">
-            <IPv4 id="id783" name="pix1:Ethernet0.102:ip" comment="Created during import of  line 30" ro="False" address="10.0.0.253" netmask="255.255.255.0"/>
+          <Interface id="id779" dedicated_failover="False" dyn="False" label="dmz20" security_level="20" unnum="False" unprotected="False" name="Ethernet0.102" comment="Created during import of  line 27" ro="False">
+            <IPv4 id="id781" name="pix1:Ethernet0.102:ip" comment="Created during import of  line 30" ro="False" address="10.0.0.253" netmask="255.255.255.0"/>
             <InterfaceOptions>
               <Option name="type">8021q</Option>
               <Option name="vlan_id">102</Option>
             </InterfaceOptions>
           </Interface>
         </Interface>
-        <Interface id="id784" dedicated_failover="False" dyn="False" label="inside" security_level="100" unnum="False" unprotected="False" name="Ethernet1" comment="Created during import of  line 33" ro="False">
-          <IPv4 id="id785" name="pix1:Ethernet1:ip" comment="Created during import of  line 37" ro="False" address="10.1.1.206" netmask="255.255.255.0"/>
+        <Interface id="id782" dedicated_failover="False" dyn="False" label="inside" security_level="100" unnum="False" unprotected="False" name="Ethernet1" comment="Created during import of  line 33" ro="False">
+          <IPv4 id="id783" name="pix1:Ethernet1:ip" comment="Created during import of  line 37" ro="False" address="10.1.1.206" netmask="255.255.255.0"/>
           <InterfaceOptions/>
         </Interface>
         <FirewallOptions>
@@ -1650,7 +1648,7 @@
         </FirewallOptions>
       </Firewall>
     </ObjectGroup>
-    <ObjectGroup id="id787" name="Clusters" comment="" ro="False"/>
-    <IntervalGroup id="id788" name="Time" comment="" ro="False"/>
+    <ObjectGroup id="id785" name="Clusters" comment="" ro="False"/>
+    <IntervalGroup id="id786" name="Time" comment="" ro="False"/>
   </Library>
 </FWObjectDatabase>