onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2026-03-18 09:18:23 +01:00
Code Issues Releases Wiki Activity

see #2164 added import of http commands, import should not abort on "service" commands

Browse Source
This commit is contained in:
Vadim Kurland 2011-03-31 17:58:59 -07:00
parent c126d30fca
commit f04dc03fc6
19 changed files with 2006 additions and 1561 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
VERSION
View File

@ -7,7 +7,7 @@ FWB_MICRO_VERSION=0
# build number is like "nano" version number. I am incrementing build
# number during development cycle
#
BUILD_NUM="3514"
BUILD_NUM="3515"
VERSION="$FWB_MAJOR_VERSION.$FWB_MINOR_VERSION.$FWB_MICRO_VERSION.$BUILD_NUM"

2
VERSION.h
View File

@ -1,2 +1,2 @@
#define VERSION "4.2.0.3514"
#define VERSION "4.2.0.3515"
#define GENERATION "4.2"

3
doc/ChangeLog
View File

@ -1,5 +1,8 @@
2011-03-31 vadim <vadim@netcitadel.com>
* parsers/pix.g (http_command): see #2164 fixed import of "ssh"
commands and added import of "http" commands
* objectMaker.h (ObjectMakerErrorTracker): see #2302 Importer
should log and continue when it encounters an error. This matches
its behavior in older versions and makes it more resilient to

2
packaging/fwbuilder-static-qt.spec
View File

@ -3,7 +3,7 @@
%define name fwbuilder
%define version 4.2.0.3514
%define version 4.2.0.3515
%define release 1
%if "%_vendor" == "MandrakeSoft"

2
packaging/fwbuilder.control
View File

@ -4,6 +4,6 @@ Replaces: fwbuilder (<=4.1.1-1), fwbuilder-common, fwbuilder-bsd, fwbuilder-linu
Priority: extra
Section: checkinstall
Maintainer: vadim@fwbuilder.org
Version: 4.2.0.3514-1
Version: 4.2.0.3515-1
Depends: libqt4-gui (>= 4.3.0), libxml2, libxslt1.1, libsnmp | libsnmp15
Description: Firewall Builder GUI and policy compilers

2
packaging/fwbuilder.spec
View File

@ -1,6 +1,6 @@
%define name fwbuilder
%define version 4.2.0.3514
%define version 4.2.0.3515
%define release 1
%if "%_vendor" == "MandrakeSoft"

1
src/import/PIXImporter.cpp
View File

@ -352,6 +352,7 @@ bool compare_ruleset_names(string a, string b)
if (a.find("ssh_commands") == 0) return true;
if (a.find("telnet_commands") == 0) return true;
if (a.find("icmp_commands") == 0) return true;
if (a.find("http_commands") == 0) return true;
return a < b;
}

472
src/parsers/PIXCfgLexer.cpp
View File

@ -44,142 +44,151 @@ PIXCfgLexer::PIXCfgLexer(const ANTLR_USE_NAMESPACE(antlr)LexerSharedInputState&
void PIXCfgLexer::initLiterals()
{
literals["full"] = 118;
literals["parameter-problem"] = 84;
literals["port-object"] = 51;
literals["notifications"] = 104;
literals["duplex"] = 124;
literals["dns"] = 53;
literals["no"] = 54;
literals["static"] = 152;
literals["full"] = 125;
literals["parameter-problem"] = 91;
literals["port-object"] = 54;
literals["notifications"] = 111;
literals["duplex"] = 131;
literals["dns"] = 56;
literals["no"] = 63;
literals["static"] = 161;
literals["esp"] = 16;
literals["time-range"] = 110;
literals["time-range"] = 117;
literals["gre"] = 17;
literals["timestamp-request"] = 91;
literals["echo"] = 71;
literals["speed"] = 123;
literals["warnings"] = 105;
literals["timestamp-request"] = 98;
literals["echo"] = 80;
literals["speed"] = 130;
literals["warnings"] = 112;
literals["resetoutbound"] = 61;
literals["timeout"] = 8;
literals["eigrp"] = 15;
literals["icmp-type"] = 48;
literals["permit"] = 64;
literals["remark"] = 142;
literals["icmp-type"] = 51;
literals["permit"] = 73;
literals["remark"] = 151;
literals["network"] = 29;
literals["igmp"] = 18;
literals["range"] = 32;
literals["destination"] = 41;
literals["setroute"] = 155;
literals["vlan"] = 122;
literals["debugging"] = 100;
literals["controller"] = 111;
literals["interface"] = 94;
literals["dhcp"] = 136;
literals["aui"] = 115;
literals["Version"] = 58;
literals["auto"] = 116;
literals["destination"] = 44;
literals["setroute"] = 164;
literals["vlan"] = 129;
literals["debugging"] = 107;
literals["controller"] = 118;
literals["interface"] = 101;
literals["dhcp"] = 143;
literals["aui"] = 122;
literals["Version"] = 67;
literals["auto"] = 123;
literals["subnet"] = 33;
literals["time-exceeded"] = 89;
literals["outside"] = 112;
literals["shutdown"] = 134;
literals["group-object"] = 43;
literals["eq"] = 67;
literals["fragments"] = 109;
literals["norandomseq"] = 153;
literals["unreachable"] = 93;
literals["delay"] = 127;
literals["time-exceeded"] = 96;
literals["outside"] = 119;
literals["shutdown"] = 141;
literals["group-object"] = 46;
literals["eq"] = 76;
literals["fragments"] = 116;
literals["norandomseq"] = 162;
literals["unreachable"] = 100;
literals["delay"] = 134;
literals["ip"] = 6;
literals["security-level"] = 133;
literals["mobile-redirect"] = 83;
literals["security-level"] = 140;
literals["mobile-redirect"] = 90;
literals["ospf"] = 23;
literals["name"] = 10;
literals["errors"] = 102;
literals["mask-request"] = 82;
literals["PIX"] = 56;
literals["any"] = 95;
literals["ASA"] = 57;
literals["errors"] = 109;
literals["mask-request"] = 89;
literals["PIX"] = 65;
literals["any"] = 102;
literals["ASA"] = 66;
literals["pptp"] = 26;
literals["redirect"] = 85;
literals["forward"] = 126;
literals["redirect"] = 92;
literals["forward"] = 133;
literals["timestamp-reply"] = 97;
literals["description"] = 30;
literals["timestamp-reply"] = 90;
literals["alerts"] = 98;
literals["netmask"] = 151;
literals["lt"] = 69;
literals["bnc"] = 117;
literals["global"] = 149;
literals["alerts"] = 105;
literals["netmask"] = 160;
literals["lt"] = 78;
literals["internal"] = 58;
literals["bnc"] = 124;
literals["global"] = 158;
literals["nos"] = 22;
literals["extended"] = 63;
literals["certificate"] = 55;
literals["extended"] = 72;
literals["certificate"] = 64;
literals["service"] = 34;
literals["telnet"] = 74;
literals["udp"] = 39;
literals["hold-time"] = 128;
literals["baseT"] = 119;
literals["telnet"] = 37;
literals["udp"] = 42;
literals["hold-time"] = 135;
literals["baseT"] = 126;
literals["ipinip"] = 20;
literals["standby"] = 137;
literals["crypto"] = 52;
literals["standby"] = 144;
literals["crypto"] = 55;
literals["pim"] = 25;
literals["secondary"] = 154;
literals["emergencies"] = 101;
literals["disable"] = 106;
literals["mask-reply"] = 81;
literals["tcp"] = 38;
literals["tcp-udp"] = 49;
literals["source"] = 40;
literals["secondary"] = 163;
literals["emergencies"] = 108;
literals["disable"] = 113;
literals["mask-reply"] = 88;
literals["tcp"] = 41;
literals["tcp-udp"] = 52;
literals["source"] = 43;
literals["names"] = 9;
literals["icmp"] = 35;
literals["log"] = 96;
literals["icmp"] = 38;
literals["http"] = 35;
literals["call-home"] = 57;
literals["log"] = 103;
literals["snp"] = 27;
literals["mac-address"] = 130;
literals["established"] = 75;
literals["deny"] = 65;
literals["information-request"] = 80;
literals["ssh"] = 73;
literals["protocol-object"] = 46;
literals["gt"] = 68;
literals["mac-address"] = 137;
literals["established"] = 82;
literals["deny"] = 74;
literals["information-request"] = 87;
literals["ssh"] = 36;
literals["protocol-object"] = 49;
literals["gt"] = 77;
literals["ah"] = 14;
literals["interval"] = 108;
literals["ddns"] = 125;
literals["ipv6"] = 129;
literals["rip"] = 72;
literals["baseTX"] = 120;
literals["access-group"] = 143;
literals["critical"] = 99;
literals["standard"] = 66;
literals["interval"] = 115;
literals["resetoutside"] = 62;
literals["ddns"] = 132;
literals["ipv6"] = 136;
literals["rip"] = 81;
literals["baseTX"] = 127;
literals["access-group"] = 152;
literals["critical"] = 106;
literals["standard"] = 75;
literals["quit"] = 5;
literals["community-list"] = 7;
literals["network-object"] = 44;
literals["hostname"] = 60;
literals["information-reply"] = 79;
literals["icmp6"] = 37;
literals["switchport"] = 138;
literals["network-object"] = 47;
literals["hostname"] = 69;
literals["server"] = 150;
literals["information-reply"] = 86;
literals["icmp6"] = 40;
literals["authentication-certificate"] = 149;
literals["switchport"] = 145;
literals["ipsec"] = 21;
literals["conversion-error"] = 77;
literals["conversion-error"] = 84;
literals["host"] = 31;
literals["echo-reply"] = 78;
literals["nameif"] = 121;
literals["echo-reply"] = 85;
literals["nameif"] = 128;
literals["pcp"] = 24;
literals["service-object"] = 50;
literals["nat"] = 145;
literals["access-list"] = 62;
literals["informational"] = 103;
literals["service-object"] = 53;
literals["nat"] = 154;
literals["access-list"] = 71;
literals["informational"] = 110;
literals["igrp"] = 19;
literals["traceroute"] = 92;
literals["address"] = 135;
literals["log-input"] = 97;
literals["router-advertisement"] = 86;
literals["router-solicitation"] = 87;
literals["access"] = 139;
literals["icmp-object"] = 47;
literals["source-quench"] = 88;
literals["scopy"] = 140;
literals["protocol"] = 45;
literals["inactive"] = 107;
literals["multicast"] = 131;
literals["exit"] = 114;
literals["version"] = 141;
literals["neq"] = 70;
literals["alternate-address"] = 76;
literals["traceroute"] = 99;
literals["address"] = 142;
literals["log-input"] = 104;
literals["router-advertisement"] = 93;
literals["resetinbound"] = 60;
literals["router-solicitation"] = 94;
literals["access"] = 146;
literals["icmp-object"] = 50;
literals["source-quench"] = 95;
literals["scopy"] = 147;
literals["protocol"] = 48;
literals["inactive"] = 114;
literals["multicast"] = 138;
literals["exit"] = 121;
literals["version"] = 148;
literals["neq"] = 79;
literals["alternate-address"] = 83;
literals["password-recovery"] = 59;
}
ANTLR_USE_NAMESPACE(antlr)RefToken PIXCfgLexer::nextToken()
@ -493,11 +502,11 @@ void PIXCfgLexer::mLINE_COMMENT(bool _createToken) {
}
}
else {
goto _loop275;
goto _loop282;
}
}
_loop275:;
_loop282:;
} // ( ... )*
mNEWLINE(false);
if ( _createToken && _token==ANTLR_USE_NAMESPACE(antlr)nullToken && _ttype!=ANTLR_USE_NAMESPACE(antlr)Token::SKIP ) {
@ -529,9 +538,9 @@ void PIXCfgLexer::mNEWLINE(bool _createToken) {
}
if ( inputState->guessing==0 ) {
#line 2335 "pix.g"
#line 2417 "pix.g"
newline();
#line 535 "PIXCfgLexer.cpp"
#line 544 "PIXCfgLexer.cpp"
}
if ( _createToken && _token==ANTLR_USE_NAMESPACE(antlr)nullToken && _ttype!=ANTLR_USE_NAMESPACE(antlr)Token::SKIP ) {
_token = makeToken(_ttype);
@ -555,11 +564,11 @@ void PIXCfgLexer::mCOLON_COMMENT(bool _createToken) {
}
}
else {
goto _loop279;
goto _loop286;
}
}
_loop279:;
_loop286:;
} // ( ... )*
mNEWLINE(false);
if ( _createToken && _token==ANTLR_USE_NAMESPACE(antlr)nullToken && _ttype!=ANTLR_USE_NAMESPACE(antlr)Token::SKIP ) {
@ -653,9 +662,9 @@ void PIXCfgLexer::mWhitespace(bool _createToken) {
}
}
if ( inputState->guessing==0 ) {
#line 2330 "pix.g"
#line 2412 "pix.g"
_ttype = ANTLR_USE_NAMESPACE(antlr)Token::SKIP;
#line 659 "PIXCfgLexer.cpp"
#line 668 "PIXCfgLexer.cpp"
}
if ( _createToken && _token==ANTLR_USE_NAMESPACE(antlr)nullToken && _ttype!=ANTLR_USE_NAMESPACE(antlr)Token::SKIP ) {
_token = makeToken(_ttype);
@ -777,10 +786,10 @@ void PIXCfgLexer::mNUMBER_ADDRESS_OR_WORD(bool _createToken) {
ANTLR_USE_NAMESPACE(std)string::size_type _saveIndex;
{
bool synPredMatched340 = false;
bool synPredMatched347 = false;
if (((LA(1) == 0x6f /* 'o' */ ) && (LA(2) == 0x62 /* 'b' */ ) && (LA(3) == 0x6a /* 'j' */ ))) {
int _m340 = mark();
synPredMatched340 = true;
int _m347 = mark();
synPredMatched347 = true;
inputState->guessing++;
try {
{
@ -789,12 +798,12 @@ void PIXCfgLexer::mNUMBER_ADDRESS_OR_WORD(bool _createToken) {
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& pe) {
synPredMatched340 = false;
synPredMatched347 = false;
}
rewind(_m340);
rewind(_m347);
inputState->guessing--;
}
if ( synPredMatched340 ) {
if ( synPredMatched347 ) {
{
match("object");
{
@ -804,17 +813,17 @@ void PIXCfgLexer::mNUMBER_ADDRESS_OR_WORD(bool _createToken) {
match("oup");
}
if ( inputState->guessing==0 ) {
#line 2387 "pix.g"
#line 2469 "pix.g"
_ttype = OBJECT_GROUP;
#line 810 "PIXCfgLexer.cpp"
#line 819 "PIXCfgLexer.cpp"
}
}
else {
match("");
if ( inputState->guessing==0 ) {
#line 2389 "pix.g"
#line 2471 "pix.g"
_ttype = OBJECT;
#line 818 "PIXCfgLexer.cpp"
#line 827 "PIXCfgLexer.cpp"
}
}
@ -822,15 +831,15 @@ void PIXCfgLexer::mNUMBER_ADDRESS_OR_WORD(bool _createToken) {
}
}
else {
bool synPredMatched330 = false;
bool synPredMatched337 = false;
if (((_tokenSet_2.member(LA(1))) && (_tokenSet_3.member(LA(2))) && (true))) {
int _m330 = mark();
synPredMatched330 = true;
int _m337 = mark();
synPredMatched337 = true;
inputState->guessing++;
try {
{
{ // ( ... )+
int _cnt329=0;
int _cnt336=0;
for (;;) {
switch ( LA(1)) {
case 0x61 /* 'a' */ :
@ -859,27 +868,27 @@ void PIXCfgLexer::mNUMBER_ADDRESS_OR_WORD(bool _createToken) {
}
default:
{
if ( _cnt329>=1 ) { goto _loop329; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());}
if ( _cnt336>=1 ) { goto _loop336; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());}
}
}
_cnt329++;
_cnt336++;
}
_loop329:;
_loop336:;
} // ( ... )+
mCOLON(false);
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& pe) {
synPredMatched330 = false;
synPredMatched337 = false;
}
rewind(_m330);
rewind(_m337);
inputState->guessing--;
}
if ( synPredMatched330 ) {
if ( synPredMatched337 ) {
{
{
{ // ( ... )+
int _cnt334=0;
int _cnt341=0;
for (;;) {
switch ( LA(1)) {
case 0x61 /* 'a' */ :
@ -908,15 +917,15 @@ void PIXCfgLexer::mNUMBER_ADDRESS_OR_WORD(bool _createToken) {
}
default:
{
if ( _cnt334>=1 ) { goto _loop334; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());}
if ( _cnt341>=1 ) { goto _loop341; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());}
}
}
_cnt334++;
_cnt341++;
}
_loop334:;
_loop341:;
} // ( ... )+
{ // ( ... )+
int _cnt338=0;
int _cnt345=0;
for (;;) {
if ((LA(1) == 0x3a /* ':' */ )) {
mCOLON(false);
@ -949,34 +958,34 @@ void PIXCfgLexer::mNUMBER_ADDRESS_OR_WORD(bool _createToken) {
}
default:
{
goto _loop337;
goto _loop344;
}
}
}
_loop337:;
_loop344:;
} // ( ... )*
}
else {
if ( _cnt338>=1 ) { goto _loop338; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());}
if ( _cnt345>=1 ) { goto _loop345; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());}
}
_cnt338++;
_cnt345++;
}
_loop338:;
_loop345:;
} // ( ... )+
}
if ( inputState->guessing==0 ) {
#line 2380 "pix.g"
#line 2462 "pix.g"
_ttype = IPV6;
#line 972 "PIXCfgLexer.cpp"
#line 981 "PIXCfgLexer.cpp"
}
}
}
else {
bool synPredMatched295 = false;
bool synPredMatched302 = false;
if ((((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ )) && (true) && (true))) {
int _m295 = mark();
synPredMatched295 = true;
int _m302 = mark();
synPredMatched302 = true;
inputState->guessing++;
try {
{
@ -984,242 +993,242 @@ void PIXCfgLexer::mNUMBER_ADDRESS_OR_WORD(bool _createToken) {
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& pe) {
synPredMatched295 = false;
synPredMatched302 = false;
}
rewind(_m295);
rewind(_m302);
inputState->guessing--;
}
if ( synPredMatched295 ) {
if ( synPredMatched302 ) {
{
bool synPredMatched304 = false;
bool synPredMatched311 = false;
if ((((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ )) && (_tokenSet_4.member(LA(2))) && (_tokenSet_4.member(LA(3))))) {
int _m304 = mark();
synPredMatched304 = true;
int _m311 = mark();
synPredMatched311 = true;
inputState->guessing++;
try {
{
{ // ( ... )+
int _cnt299=0;
int _cnt306=0;
for (;;) {
if (((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ ))) {
mDIGIT(false);
}
else {
if ( _cnt299>=1 ) { goto _loop299; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());}
if ( _cnt306>=1 ) { goto _loop306; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());}
}
_cnt299++;
_cnt306++;
}
_loop299:;
_loop306:;
} // ( ... )+
mDOT(false);
{ // ( ... )+
int _cnt301=0;
int _cnt308=0;
for (;;) {
if (((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ ))) {
mDIGIT(false);
}
else {
if ( _cnt301>=1 ) { goto _loop301; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());}
if ( _cnt308>=1 ) { goto _loop308; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());}
}
_cnt301++;
_cnt308++;
}
_loop301:;
_loop308:;
} // ( ... )+
mDOT(false);
{ // ( ... )+
int _cnt303=0;
int _cnt310=0;
for (;;) {
if (((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ ))) {
mDIGIT(false);
}
else {
if ( _cnt303>=1 ) { goto _loop303; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());}
if ( _cnt310>=1 ) { goto _loop310; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());}
}
_cnt303++;
_cnt310++;
}
_loop303:;
_loop310:;
} // ( ... )+
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& pe) {
synPredMatched304 = false;
synPredMatched311 = false;
}
rewind(_m304);
rewind(_m311);
inputState->guessing--;
}
if ( synPredMatched304 ) {
if ( synPredMatched311 ) {
{
{ // ( ... )+
int _cnt307=0;
int _cnt314=0;
for (;;) {
if (((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ ))) {
mDIGIT(false);
}
else {
if ( _cnt307>=1 ) { goto _loop307; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());}
if ( _cnt314>=1 ) { goto _loop314; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());}
}
_cnt307++;
_cnt314++;
}
_loop307:;
_loop314:;
} // ( ... )+
mDOT(false);
{ // ( ... )+
int _cnt309=0;
int _cnt316=0;
for (;;) {
if (((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ ))) {
mDIGIT(false);
}
else {
if ( _cnt309>=1 ) { goto _loop309; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());}
if ( _cnt316>=1 ) { goto _loop316; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());}
}
_cnt309++;
_cnt316++;
}
_loop309:;
_loop316:;
} // ( ... )+
mDOT(false);
{ // ( ... )+
int _cnt311=0;
int _cnt318=0;
for (;;) {
if (((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ ))) {
mDIGIT(false);
}
else {
if ( _cnt311>=1 ) { goto _loop311; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());}
if ( _cnt318>=1 ) { goto _loop318; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());}
}
_cnt311++;
_cnt318++;
}
_loop311:;
_loop318:;
} // ( ... )+
mDOT(false);
{ // ( ... )+
int _cnt313=0;
int _cnt320=0;
for (;;) {
if (((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ ))) {
mDIGIT(false);
}
else {
if ( _cnt313>=1 ) { goto _loop313; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());}
if ( _cnt320>=1 ) { goto _loop320; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());}
}
_cnt313++;
_cnt320++;
}
_loop313:;
_loop320:;
} // ( ... )+
}
if ( inputState->guessing==0 ) {
#line 2368 "pix.g"
#line 2450 "pix.g"
_ttype = IPV4;
#line 1119 "PIXCfgLexer.cpp"
#line 1128 "PIXCfgLexer.cpp"
}
}
else {
bool synPredMatched319 = false;
bool synPredMatched326 = false;
if ((((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ )) && (_tokenSet_4.member(LA(2))) && (_tokenSet_4.member(LA(3))))) {
int _m319 = mark();
synPredMatched319 = true;
int _m326 = mark();
synPredMatched326 = true;
inputState->guessing++;
try {
{
{ // ( ... )+
int _cnt316=0;
int _cnt323=0;
for (;;) {
if (((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ ))) {
mDIGIT(false);
}
else {
if ( _cnt316>=1 ) { goto _loop316; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());}
if ( _cnt323>=1 ) { goto _loop323; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());}
}
_cnt316++;
_cnt323++;
}
_loop316:;
_loop323:;
} // ( ... )+
mDOT(false);
{ // ( ... )+
int _cnt318=0;
int _cnt325=0;
for (;;) {
if (((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ ))) {
mDIGIT(false);
}
else {
if ( _cnt318>=1 ) { goto _loop318; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());}
if ( _cnt325>=1 ) { goto _loop325; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());}
}
_cnt318++;
_cnt325++;
}
_loop318:;
_loop325:;
} // ( ... )+
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& pe) {
synPredMatched319 = false;
synPredMatched326 = false;
}
rewind(_m319);
rewind(_m326);
inputState->guessing--;
}
if ( synPredMatched319 ) {
if ( synPredMatched326 ) {
{
{ // ( ... )+
int _cnt322=0;
int _cnt329=0;
for (;;) {
if (((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ ))) {
mDIGIT(false);
}
else {
if ( _cnt322>=1 ) { goto _loop322; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());}
if ( _cnt329>=1 ) { goto _loop329; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());}
}
_cnt322++;
_cnt329++;
}
_loop322:;
_loop329:;
} // ( ... )+
mDOT(false);
{ // ( ... )+
int _cnt324=0;
int _cnt331=0;
for (;;) {
if (((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ ))) {
mDIGIT(false);
}
else {
if ( _cnt324>=1 ) { goto _loop324; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());}
if ( _cnt331>=1 ) { goto _loop331; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());}
}
_cnt324++;
_cnt331++;
}
_loop324:;
_loop331:;
} // ( ... )+
}
if ( inputState->guessing==0 ) {
#line 2371 "pix.g"
#line 2453 "pix.g"
_ttype = NUMBER;
#line 1202 "PIXCfgLexer.cpp"
#line 1211 "PIXCfgLexer.cpp"
}
}
else if (((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ )) && (true) && (true)) {
{ // ( ... )+
int _cnt326=0;
int _cnt333=0;
for (;;) {
if (((LA(1) >= 0x30 /* '0' */ && LA(1) <= 0x39 /* '9' */ ))) {
mDIGIT(false);
}
else {
if ( _cnt326>=1 ) { goto _loop326; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());}
if ( _cnt333>=1 ) { goto _loop333; } else {throw ANTLR_USE_NAMESPACE(antlr)NoViableAltForCharException(LA(1), getFilename(), getLine(), getColumn());}
}
_cnt326++;
_cnt333++;
}
_loop326:;
_loop333:;
} // ( ... )+
if ( inputState->guessing==0 ) {
#line 2373 "pix.g"
#line 2455 "pix.g"
_ttype = INT_CONST;
#line 1223 "PIXCfgLexer.cpp"
#line 1232 "PIXCfgLexer.cpp"
}
}
else {
@ -1472,16 +1481,16 @@ void PIXCfgLexer::mNUMBER_ADDRESS_OR_WORD(bool _createToken) {
}
default:
{
goto _loop346;
goto _loop353;
}
}
}
_loop346:;
_loop353:;
} // ( ... )*
if ( inputState->guessing==0 ) {
#line 2398 "pix.g"
#line 2480 "pix.g"
_ttype = WORD;
#line 1485 "PIXCfgLexer.cpp"
#line 1494 "PIXCfgLexer.cpp"
}
}
else {
@ -1523,11 +1532,11 @@ void PIXCfgLexer::mSTRING(bool _createToken) {
matchNot('\"' /* charlit */ );
}
else {
goto _loop349;
goto _loop356;
}
}
_loop349:;
_loop356:;
} // ( ... )*
match('\"' /* charlit */ );
if ( _createToken && _token==ANTLR_USE_NAMESPACE(antlr)nullToken && _ttype!=ANTLR_USE_NAMESPACE(antlr)Token::SKIP ) {
@ -1910,6 +1919,7 @@ const unsigned long PIXCfgLexer::_tokenSet_0_data_[] = { 4294958072UL, 1UL, 0UL,
// 0x90 0x91 0x92 0x93 0x94 0x95 0x96 0x97 0x98 0x99 0x9a 0x9b 0x9c 0x9d
// 0x9e 0x9f 0xa0 0xa1 0xa2 0xa3 0xa4 0xa5 0xa6 0xa7 0xa8 0xa9 0xaa 0xab
// 0xac 0xad 0xae 0xaf 0xb0 0xb1 0xb2 0xb3 0xb4 0xb5 0xb6 0xb7 0xb8 0xb9
// 0xba 0xbb 0xbc 0xbd 0xbe 0xbf 0xc0 0xc1 0xc2
const ANTLR_USE_NAMESPACE(antlr)BitSet PIXCfgLexer::_tokenSet_0(_tokenSet_0_data_,16);
const unsigned long PIXCfgLexer::_tokenSet_1_data_[] = { 4294958072UL, 4294967295UL, 4294967295UL, 4294967295UL, 4294967295UL, 4294967295UL, 4294967295UL, 4294967295UL, 0UL, 0UL, 0UL, 0UL, 0UL, 0UL, 0UL, 0UL };
// 0x3 0x4 0x5 0x6 0x7 0x8 0x9 0xb 0xc 0xe 0xf 0x10 0x11 0x12 0x13 0x14
@ -1920,7 +1930,8 @@ const unsigned long PIXCfgLexer::_tokenSet_1_data_[] = { 4294958072UL, 429496729
// 0x84 0x85 0x86 0x87 0x88 0x89 0x8a 0x8b 0x8c 0x8d 0x8e 0x8f 0x90 0x91
// 0x92 0x93 0x94 0x95 0x96 0x97 0x98 0x99 0x9a 0x9b 0x9c 0x9d 0x9e 0x9f
// 0xa0 0xa1 0xa2 0xa3 0xa4 0xa5 0xa6 0xa7 0xa8 0xa9 0xaa 0xab 0xac 0xad
// 0xae 0xaf 0xb0 0xb1 0xb2 0xb3 0xb4 0xb5 0xb6 0xb7 0xb8 0xb9
// 0xae 0xaf 0xb0 0xb1 0xb2 0xb3 0xb4 0xb5 0xb6 0xb7 0xb8 0xb9 0xba 0xbb
// 0xbc 0xbd 0xbe 0xbf 0xc0 0xc1 0xc2
const ANTLR_USE_NAMESPACE(antlr)BitSet PIXCfgLexer::_tokenSet_1(_tokenSet_1_data_,16);
const unsigned long PIXCfgLexer::_tokenSet_2_data_[] = { 0UL, 67043328UL, 0UL, 126UL, 0UL, 0UL, 0UL, 0UL, 0UL, 0UL };
// 0 1 2 3 4 5 6 7 8 9 a b c d e f
@ -1944,6 +1955,7 @@ const unsigned long PIXCfgLexer::_tokenSet_6_data_[] = { 4294967288UL, 429496729
// 0x84 0x85 0x86 0x87 0x88 0x89 0x8a 0x8b 0x8c 0x8d 0x8e 0x8f 0x90 0x91
// 0x92 0x93 0x94 0x95 0x96 0x97 0x98 0x99 0x9a 0x9b 0x9c 0x9d 0x9e 0x9f
// 0xa0 0xa1 0xa2 0xa3 0xa4 0xa5 0xa6 0xa7 0xa8 0xa9 0xaa 0xab 0xac 0xad
// 0xae 0xaf 0xb0 0xb1 0xb2 0xb3 0xb4 0xb5 0xb6 0xb7 0xb8 0xb9
// 0xae 0xaf 0xb0 0xb1 0xb2 0xb3 0xb4 0xb5 0xb6 0xb7 0xb8 0xb9 0xba 0xbb
// 0xbc 0xbd 0xbe 0xbf 0xc0 0xc1 0xc2
const ANTLR_USE_NAMESPACE(antlr)BitSet PIXCfgLexer::_tokenSet_6(_tokenSet_6_data_,16);

1601
src/parsers/PIXCfgParser.cpp
View File

File diff suppressed because it is too large Load Diff

8
src/parsers/PIXCfgParser.hpp
View File

@ -100,6 +100,7 @@ public:
public: void access_list_commands();
public: void ssh_command();
public: void telnet_command();
public: void http_command();
public: void icmp_top_level_command();
public: void nat_top_level_command();
public: void global_top_level_command();
@ -121,6 +122,7 @@ public:
public: void no_commands();
public: void timeout_command();
public: void dns_command();
public: void service_top_level_command();
public: void unknown_command();
public: void ip_protocol_names();
public: void named_object_nat();
@ -218,10 +220,10 @@ protected:
private:
static const char* tokenNames[];
#ifndef NO_STATIC_CONSTS
static const int NUM_TOKENS = 186;
static const int NUM_TOKENS = 195;
#else
enum {
NUM_TOKENS = 186
NUM_TOKENS = 195
};
#endif
@ -313,6 +315,8 @@ private:
static const ANTLR_USE_NAMESPACE(antlr)BitSet _tokenSet_42;
static const unsigned long _tokenSet_43_data_[];
static const ANTLR_USE_NAMESPACE(antlr)BitSet _tokenSet_43;
static const unsigned long _tokenSet_44_data_[];
static const ANTLR_USE_NAMESPACE(antlr)BitSet _tokenSet_44;
};
#endif /*INC_PIXCfgParser_hpp_*/

311
src/parsers/PIXCfgParserTokenTypes.hpp
View File

@ -43,157 +43,166 @@ struct CUSTOM_API PIXCfgParserTokenTypes {
RANGE = 32,
SUBNET = 33,
SERVICE = 34,
ICMP = 35,
INT_CONST = 36,
ICMP6 = 37,
TCP = 38,
UDP = 39,
SOURCE = 40,
DESTINATION = 41,
OBJECT_GROUP = 42,
GROUP_OBJECT = 43,
NETWORK_OBJECT = 44,
PROTOCOL = 45,
PROTOCOL_OBJECT = 46,
ICMP_OBJECT = 47,
ICMP_TYPE = 48,
TCP_UDP = 49,
SERVICE_OBJECT = 50,
PORT_OBJECT = 51,
CRYPTO = 52,
DNS = 53,
NO = 54,
CERTIFICATE = 55,
PIX_WORD = 56,
ASA_WORD = 57,
VERSION_WORD_CAP = 58,
NUMBER = 59,
HOSTNAME = 60,
STRING = 61,
ACCESS_LIST = 62,
EXTENDED = 63,
PERMIT = 64,
DENY = 65,
STANDARD = 66,
P_EQ = 67,
P_GT = 68,
P_LT = 69,
P_NEQ = 70,
ECHO = 71,
RIP = 72,
SSH = 73,
TELNET = 74,
ESTABLISHED = 75,
ALTERNATE_ADDRESS = 76,
CONVERSION_ERROR = 77,
ECHO_REPLY = 78,
INFORMATION_REPLY = 79,
INFORMATION_REQUEST = 80,
MASK_REPLY = 81,
MASK_REQUEST = 82,
MOBILE_REDIRECT = 83,
PARAMETER_PROBLEM = 84,
REDIRECT = 85,
ROUTER_ADVERTISEMENT = 86,
ROUTER_SOLICITATION = 87,
SOURCE_QUENCH = 88,
TIME_EXCEEDED = 89,
TIMESTAMP_REPLY = 90,
TIMESTAMP_REQUEST = 91,
TRACEROUTE = 92,
UNREACHABLE = 93,
INTRFACE = 94,
ANY = 95,
LOG = 96,
LOG_INPUT = 97,
LOG_LEVEL_ALERTS = 98,
LOG_LEVEL_CRITICAL = 99,
LOG_LEVEL_DEBUGGING = 100,
LOG_LEVEL_EMERGENCIES = 101,
LOG_LEVEL_ERRORS = 102,
LOG_LEVEL_INFORMATIONAL = 103,
LOG_LEVEL_NOTIFICATIONS = 104,
LOG_LEVEL_WARNINGS = 105,
LOG_LEVEL_DISABLE = 106,
LOG_LEVEL_INACTIVE = 107,
INTERVAL = 108,
FRAGMENTS = 109,
TIME_RANGE = 110,
CONTROLLER = 111,
OUTSIDE = 112,
LINE_COMMENT = 113,
EXIT = 114,
AUI = 115,
AUTO = 116,
BNC = 117,
FULL = 118,
BASET = 119,
BASETX = 120,
NAMEIF = 121,
VLAN = 122,
SPEED = 123,
DUPLEX = 124,
DDNS = 125,
FORWARD = 126,
DELAY = 127,
HOLD_TIME = 128,
IPV6_C = 129,
MAC_ADDRESS = 130,
MULTICAST = 131,
PPPOE = 132,
SEC_LEVEL = 133,
SHUTDOWN = 134,
ADDRESS = 135,
DHCP = 136,
STANDBY = 137,
SWITCHPORT = 138,
ACCESS = 139,
SCOPY = 140,
VERSION_WORD_LOW = 141,
REMARK = 142,
ACCESS_GROUP = 143,
COLON_COMMENT = 144,
NAT = 145,
OPENING_PAREN = 146,
CLOSING_PAREN = 147,
COMMA = 148,
GLOBAL = 149,
MINUS = 150,
NETMASK = 151,
STATIC = 152,
NORANDOMSEQ = 153,
SECONDARY = 154,
SETROUTE = 155,
Whitespace = 156,
HEX_CONST = 157,
NEG_INT_CONST = 158,
DIGIT = 159,
HEXDIGIT = 160,
NUMBER_ADDRESS_OR_WORD = 161,
PIPE_CHAR = 162,
NUMBER_SIGN = 163,
PERCENT = 164,
AMPERSAND = 165,
APOSTROPHE = 166,
STAR = 167,
PLUS = 168,
DOT = 169,
SLASH = 170,
COLON = 171,
SEMICOLON = 172,
LESS_THAN = 173,
EQUALS = 174,
GREATER_THAN = 175,
QUESTION = 176,
COMMERCIAL_AT = 177,
OPENING_SQUARE = 178,
CLOSING_SQUARE = 179,
CARET = 180,
UNDERLINE = 181,
OPENING_BRACE = 182,
CLOSING_BRACE = 183,
TILDE = 184,
EXLAMATION = 185,
HTTP = 35,
SSH = 36,
TELNET = 37,
ICMP = 38,
INT_CONST = 39,
ICMP6 = 40,
TCP = 41,
UDP = 42,
SOURCE = 43,
DESTINATION = 44,
OBJECT_GROUP = 45,
GROUP_OBJECT = 46,
NETWORK_OBJECT = 47,
PROTOCOL = 48,
PROTOCOL_OBJECT = 49,
ICMP_OBJECT = 50,
ICMP_TYPE = 51,
TCP_UDP = 52,
SERVICE_OBJECT = 53,
PORT_OBJECT = 54,
CRYPTO = 55,
DNS = 56,
CALL_HOME = 57,
INTERNAL = 58,
PASSWORD_RECOVERY = 59,
RESETINBOUND = 60,
RESETOUTBOUND = 61,
RESETOUTSIDE = 62,
NO = 63,
CERTIFICATE = 64,
PIX_WORD = 65,
ASA_WORD = 66,
VERSION_WORD_CAP = 67,
NUMBER = 68,
HOSTNAME = 69,
STRING = 70,
ACCESS_LIST = 71,
EXTENDED = 72,
PERMIT = 73,
DENY = 74,
STANDARD = 75,
P_EQ = 76,
P_GT = 77,
P_LT = 78,
P_NEQ = 79,
ECHO = 80,
RIP = 81,
ESTABLISHED = 82,
ALTERNATE_ADDRESS = 83,
CONVERSION_ERROR = 84,
ECHO_REPLY = 85,
INFORMATION_REPLY = 86,
INFORMATION_REQUEST = 87,
MASK_REPLY = 88,
MASK_REQUEST = 89,
MOBILE_REDIRECT = 90,
PARAMETER_PROBLEM = 91,
REDIRECT = 92,
ROUTER_ADVERTISEMENT = 93,
ROUTER_SOLICITATION = 94,
SOURCE_QUENCH = 95,
TIME_EXCEEDED = 96,
TIMESTAMP_REPLY = 97,
TIMESTAMP_REQUEST = 98,
TRACEROUTE = 99,
UNREACHABLE = 100,
INTRFACE = 101,
ANY = 102,
LOG = 103,
LOG_INPUT = 104,
LOG_LEVEL_ALERTS = 105,
LOG_LEVEL_CRITICAL = 106,
LOG_LEVEL_DEBUGGING = 107,
LOG_LEVEL_EMERGENCIES = 108,
LOG_LEVEL_ERRORS = 109,
LOG_LEVEL_INFORMATIONAL = 110,
LOG_LEVEL_NOTIFICATIONS = 111,
LOG_LEVEL_WARNINGS = 112,
LOG_LEVEL_DISABLE = 113,
LOG_LEVEL_INACTIVE = 114,
INTERVAL = 115,
FRAGMENTS = 116,
TIME_RANGE = 117,
CONTROLLER = 118,
OUTSIDE = 119,
LINE_COMMENT = 120,
EXIT = 121,
AUI = 122,
AUTO = 123,
BNC = 124,
FULL = 125,
BASET = 126,
BASETX = 127,
NAMEIF = 128,
VLAN = 129,
SPEED = 130,
DUPLEX = 131,
DDNS = 132,
FORWARD = 133,
DELAY = 134,
HOLD_TIME = 135,
IPV6_C = 136,
MAC_ADDRESS = 137,
MULTICAST = 138,
PPPOE = 139,
SEC_LEVEL = 140,
SHUTDOWN = 141,
ADDRESS = 142,
DHCP = 143,
STANDBY = 144,
SWITCHPORT = 145,
ACCESS = 146,
SCOPY = 147,
VERSION_WORD_LOW = 148,
AUTHENTICATION_CERTIFICATE = 149,
SERVER = 150,
REMARK = 151,
ACCESS_GROUP = 152,
COLON_COMMENT = 153,
NAT = 154,
OPENING_PAREN = 155,
CLOSING_PAREN = 156,
COMMA = 157,
GLOBAL = 158,
MINUS = 159,
NETMASK = 160,
STATIC = 161,
NORANDOMSEQ = 162,
SECONDARY = 163,
SETROUTE = 164,
Whitespace = 165,
HEX_CONST = 166,
NEG_INT_CONST = 167,
DIGIT = 168,
HEXDIGIT = 169,
NUMBER_ADDRESS_OR_WORD = 170,
PIPE_CHAR = 171,
NUMBER_SIGN = 172,
PERCENT = 173,
AMPERSAND = 174,
APOSTROPHE = 175,
STAR = 176,
PLUS = 177,
DOT = 178,
SLASH = 179,
COLON = 180,
SEMICOLON = 181,
LESS_THAN = 182,
EQUALS = 183,
GREATER_THAN = 184,
QUESTION = 185,
COMMERCIAL_AT = 186,
OPENING_SQUARE = 187,
CLOSING_SQUARE = 188,
CARET = 189,
UNDERLINE = 190,
OPENING_BRACE = 191,
CLOSING_BRACE = 192,
TILDE = 193,
EXLAMATION = 194,
NULL_TREE_LOOKAHEAD = 3
};
#ifdef __cplusplus

311
src/parsers/PIXCfgParserTokenTypes.txt
View File

@ -31,154 +31,163 @@ HOST="host"=31
RANGE="range"=32
SUBNET="subnet"=33
SERVICE="service"=34
ICMP="icmp"=35
INT_CONST=36
ICMP6="icmp6"=37
TCP="tcp"=38
UDP="udp"=39
SOURCE="source"=40
DESTINATION="destination"=41
OBJECT_GROUP=42
GROUP_OBJECT="group-object"=43
NETWORK_OBJECT="network-object"=44
PROTOCOL="protocol"=45
PROTOCOL_OBJECT="protocol-object"=46
ICMP_OBJECT="icmp-object"=47
ICMP_TYPE="icmp-type"=48
TCP_UDP="tcp-udp"=49
SERVICE_OBJECT="service-object"=50
PORT_OBJECT="port-object"=51
CRYPTO="crypto"=52
DNS="dns"=53
NO="no"=54
CERTIFICATE="certificate"=55
PIX_WORD="PIX"=56
ASA_WORD="ASA"=57
VERSION_WORD_CAP="Version"=58
NUMBER=59
HOSTNAME="hostname"=60
STRING=61
ACCESS_LIST="access-list"=62
EXTENDED="extended"=63
PERMIT="permit"=64
DENY="deny"=65
STANDARD="standard"=66
P_EQ="eq"=67
P_GT="gt"=68
P_LT="lt"=69
P_NEQ="neq"=70
ECHO="echo"=71
RIP="rip"=72
SSH="ssh"=73
TELNET="telnet"=74
ESTABLISHED="established"=75
ALTERNATE_ADDRESS="alternate-address"=76
CONVERSION_ERROR="conversion-error"=77
ECHO_REPLY="echo-reply"=78
INFORMATION_REPLY="information-reply"=79
INFORMATION_REQUEST="information-request"=80
MASK_REPLY="mask-reply"=81
MASK_REQUEST="mask-request"=82
MOBILE_REDIRECT="mobile-redirect"=83
PARAMETER_PROBLEM="parameter-problem"=84
REDIRECT="redirect"=85
ROUTER_ADVERTISEMENT="router-advertisement"=86
ROUTER_SOLICITATION="router-solicitation"=87
SOURCE_QUENCH="source-quench"=88
TIME_EXCEEDED="time-exceeded"=89
TIMESTAMP_REPLY="timestamp-reply"=90
TIMESTAMP_REQUEST="timestamp-request"=91
TRACEROUTE="traceroute"=92
UNREACHABLE="unreachable"=93
INTRFACE="interface"=94
ANY="any"=95
LOG="log"=96
LOG_INPUT="log-input"=97
LOG_LEVEL_ALERTS="alerts"=98
LOG_LEVEL_CRITICAL="critical"=99
LOG_LEVEL_DEBUGGING="debugging"=100
LOG_LEVEL_EMERGENCIES="emergencies"=101
LOG_LEVEL_ERRORS="errors"=102
LOG_LEVEL_INFORMATIONAL="informational"=103
LOG_LEVEL_NOTIFICATIONS="notifications"=104
LOG_LEVEL_WARNINGS="warnings"=105
LOG_LEVEL_DISABLE="disable"=106
LOG_LEVEL_INACTIVE="inactive"=107
INTERVAL="interval"=108
FRAGMENTS="fragments"=109
TIME_RANGE="time-range"=110
CONTROLLER="controller"=111
OUTSIDE="outside"=112
LINE_COMMENT=113
EXIT="exit"=114
AUI="aui"=115
AUTO="auto"=116
BNC="bnc"=117
FULL="full"=118
BASET="baseT"=119
BASETX="baseTX"=120
NAMEIF="nameif"=121
VLAN="vlan"=122
SPEED="speed"=123
DUPLEX="duplex"=124
DDNS="ddns"=125
FORWARD="forward"=126
DELAY="delay"=127
HOLD_TIME="hold-time"=128
IPV6_C="ipv6"=129
MAC_ADDRESS="mac-address"=130
MULTICAST="multicast"=131
PPPOE=132
SEC_LEVEL="security-level"=133
SHUTDOWN="shutdown"=134
ADDRESS="address"=135
DHCP="dhcp"=136
STANDBY="standby"=137
SWITCHPORT="switchport"=138
ACCESS="access"=139
SCOPY="scopy"=140
VERSION_WORD_LOW="version"=141
REMARK="remark"=142
ACCESS_GROUP="access-group"=143
COLON_COMMENT=144
NAT="nat"=145
OPENING_PAREN=146
CLOSING_PAREN=147
COMMA=148
GLOBAL="global"=149
MINUS=150
NETMASK="netmask"=151
STATIC="static"=152
NORANDOMSEQ="norandomseq"=153
SECONDARY="secondary"=154
SETROUTE="setroute"=155
Whitespace=156
HEX_CONST=157
NEG_INT_CONST=158
DIGIT=159
HEXDIGIT=160
NUMBER_ADDRESS_OR_WORD=161
PIPE_CHAR=162
NUMBER_SIGN=163
PERCENT=164
AMPERSAND=165
APOSTROPHE=166
STAR=167
PLUS=168
DOT=169
SLASH=170
COLON=171
SEMICOLON=172
LESS_THAN=173
EQUALS=174
GREATER_THAN=175
QUESTION=176
COMMERCIAL_AT=177
OPENING_SQUARE=178
CLOSING_SQUARE=179
CARET=180
UNDERLINE=181
OPENING_BRACE=182
CLOSING_BRACE=183
TILDE=184
EXLAMATION=185
HTTP="http"=35
SSH="ssh"=36
TELNET="telnet"=37
ICMP="icmp"=38
INT_CONST=39
ICMP6="icmp6"=40
TCP="tcp"=41
UDP="udp"=42
SOURCE="source"=43
DESTINATION="destination"=44
OBJECT_GROUP=45
GROUP_OBJECT="group-object"=46
NETWORK_OBJECT="network-object"=47
PROTOCOL="protocol"=48
PROTOCOL_OBJECT="protocol-object"=49
ICMP_OBJECT="icmp-object"=50
ICMP_TYPE="icmp-type"=51
TCP_UDP="tcp-udp"=52
SERVICE_OBJECT="service-object"=53
PORT_OBJECT="port-object"=54
CRYPTO="crypto"=55
DNS="dns"=56
CALL_HOME="call-home"=57
INTERNAL="internal"=58
PASSWORD_RECOVERY="password-recovery"=59
RESETINBOUND="resetinbound"=60
RESETOUTBOUND="resetoutbound"=61
RESETOUTSIDE="resetoutside"=62
NO="no"=63
CERTIFICATE="certificate"=64
PIX_WORD="PIX"=65
ASA_WORD="ASA"=66
VERSION_WORD_CAP="Version"=67
NUMBER=68
HOSTNAME="hostname"=69
STRING=70
ACCESS_LIST="access-list"=71
EXTENDED="extended"=72
PERMIT="permit"=73
DENY="deny"=74
STANDARD="standard"=75
P_EQ="eq"=76
P_GT="gt"=77
P_LT="lt"=78
P_NEQ="neq"=79
ECHO="echo"=80
RIP="rip"=81
ESTABLISHED="established"=82
ALTERNATE_ADDRESS="alternate-address"=83
CONVERSION_ERROR="conversion-error"=84
ECHO_REPLY="echo-reply"=85
INFORMATION_REPLY="information-reply"=86
INFORMATION_REQUEST="information-request"=87
MASK_REPLY="mask-reply"=88
MASK_REQUEST="mask-request"=89
MOBILE_REDIRECT="mobile-redirect"=90
PARAMETER_PROBLEM="parameter-problem"=91
REDIRECT="redirect"=92
ROUTER_ADVERTISEMENT="router-advertisement"=93
ROUTER_SOLICITATION="router-solicitation"=94
SOURCE_QUENCH="source-quench"=95
TIME_EXCEEDED="time-exceeded"=96
TIMESTAMP_REPLY="timestamp-reply"=97
TIMESTAMP_REQUEST="timestamp-request"=98
TRACEROUTE="traceroute"=99
UNREACHABLE="unreachable"=100
INTRFACE="interface"=101
ANY="any"=102
LOG="log"=103
LOG_INPUT="log-input"=104
LOG_LEVEL_ALERTS="alerts"=105
LOG_LEVEL_CRITICAL="critical"=106
LOG_LEVEL_DEBUGGING="debugging"=107
LOG_LEVEL_EMERGENCIES="emergencies"=108
LOG_LEVEL_ERRORS="errors"=109
LOG_LEVEL_INFORMATIONAL="informational"=110
LOG_LEVEL_NOTIFICATIONS="notifications"=111
LOG_LEVEL_WARNINGS="warnings"=112
LOG_LEVEL_DISABLE="disable"=113
LOG_LEVEL_INACTIVE="inactive"=114
INTERVAL="interval"=115
FRAGMENTS="fragments"=116
TIME_RANGE="time-range"=117
CONTROLLER="controller"=118
OUTSIDE="outside"=119
LINE_COMMENT=120
EXIT="exit"=121
AUI="aui"=122
AUTO="auto"=123
BNC="bnc"=124
FULL="full"=125
BASET="baseT"=126
BASETX="baseTX"=127
NAMEIF="nameif"=128
VLAN="vlan"=129
SPEED="speed"=130
DUPLEX="duplex"=131
DDNS="ddns"=132
FORWARD="forward"=133
DELAY="delay"=134
HOLD_TIME="hold-time"=135
IPV6_C="ipv6"=136
MAC_ADDRESS="mac-address"=137
MULTICAST="multicast"=138
PPPOE=139
SEC_LEVEL="security-level"=140
SHUTDOWN="shutdown"=141
ADDRESS="address"=142
DHCP="dhcp"=143
STANDBY="standby"=144
SWITCHPORT="switchport"=145
ACCESS="access"=146
SCOPY="scopy"=147
VERSION_WORD_LOW="version"=148
AUTHENTICATION_CERTIFICATE="authentication-certificate"=149
SERVER="server"=150
REMARK="remark"=151
ACCESS_GROUP="access-group"=152
COLON_COMMENT=153
NAT="nat"=154
OPENING_PAREN=155
CLOSING_PAREN=156
COMMA=157
GLOBAL="global"=158
MINUS=159
NETMASK="netmask"=160
STATIC="static"=161
NORANDOMSEQ="norandomseq"=162
SECONDARY="secondary"=163
SETROUTE="setroute"=164
Whitespace=165
HEX_CONST=166
NEG_INT_CONST=167
DIGIT=168
HEXDIGIT=169
NUMBER_ADDRESS_OR_WORD=170
PIPE_CHAR=171
NUMBER_SIGN=172
PERCENT=173
AMPERSAND=174
APOSTROPHE=175
STAR=176
PLUS=177
DOT=178
SLASH=179
COLON=180
SEMICOLON=181
LESS_THAN=182
EQUALS=183
GREATER_THAN=184
QUESTION=185
COMMERCIAL_AT=186
OPENING_SQUARE=187
CLOSING_SQUARE=188
CARET=189
UNDERLINE=190
OPENING_BRACE=191
CLOSING_BRACE=192
TILDE=193
EXLAMATION=194

92
src/parsers/pix.g
View File

@ -132,6 +132,8 @@ cfgfile :
ssh_command
|
telnet_command
|
http_command
|
icmp_top_level_command
|
@ -174,6 +176,8 @@ cfgfile :
timeout_command
|
dns_command
|
service_top_level_command
|
unknown_command
|
@ -355,14 +359,19 @@ subnet_addr : (SUBNET ((a:IPV4 nm:IPV4) | v6:IPV6))
//****************************************************************
named_object_service : OBJECT SERVICE name:WORD NEWLINE
// Unfortunately any keyword can be used as named object name
//
named_object_service : OBJECT SERVICE
{
importer->clear();
importer->setCurrentLineNumber(LT(0)->getLine());
importer->newNamedObjectService(name->getText());
*dbg << name->getLine() << ":"
<< " Named Object " << name->getText() << std::endl;
}
(WORD | HTTP | SSH | TELNET)
{
importer->newNamedObjectService(LT(0)->getText());
*dbg << " NAMED OBJECT " << LT(0)->getText() << std::endl;
}
NEWLINE
(
named_object_service_parameters
)*
@ -815,6 +824,29 @@ dns_command : DNS
}
;
//****************************************************************
//
//asa5505(config)# service ?
//
// call-home Enable or disable Smart Call-Home
// internal Advanced settings (use only under Cisco supervision)
// password-recovery Password recovery configuration
// resetinbound Send reset to a denied inbound TCP packet
// resetoutbound Send reset to a denied outbound TCP packet
// resetoutside Send reset to a denied TCP packet to outside interface
service_top_level_command : SERVICE
( CALL_HOME |
INTERNAL |
PASSWORD_RECOVERY |
RESETINBOUND |
RESETOUTBOUND |
RESETOUTSIDE )
{
consumeUntil(NEWLINE);
}
;
//****************************************************************
no_commands : NO
{
@ -1662,7 +1694,7 @@ ssh_command : SSH
|
SCOPY
|
VERSION_WORD_LOW
VERSION_WORD_LOW INT_CONST
|
(
hostaddr_expr
@ -1722,6 +1754,45 @@ telnet_command : TELNET
)
;
// pretend ssh commands are rules in access lists with names
// "htto_commands_" + interface_label
http_command : HTTP
{
importer->clear();
}
(
( AUTHENTICATION_CERTIFICATE | REDIRECT | SERVER )
{
consumeUntil(NEWLINE);
}
|
(
hostaddr_expr
{
importer->SaveTmpAddrToSrc();
}
interface_label
)
{
std::string intf_label = LT(0)->getText();
std::string acl_name = "http_commands_" + intf_label;
importer->setCurrentLineNumber(LT(0)->getLine());
importer->newUnidirRuleSet(acl_name,
libfwbuilder::Policy::TYPENAME );
importer->newPolicyRule();
importer->action = "permit";
importer->setDstSelf();
importer->protocol = "tcp";
importer->dst_port_op = "eq";
importer->dst_port_spec = "www";
importer->setInterfaceAndDirectionForRuleSet(
acl_name, intf_label, "in" );
importer->pushRule();
*dbg << std::endl;
}
)
;
// icmp command is non-determenistic syntactically because WORD can be
// used as a name of icmp type or as interface label. I am going to
@ -2316,6 +2387,17 @@ tokens
NORANDOMSEQ = "norandomseq";
SCOPY = "scopy";
CALL_HOME = "call-home";
INTERNAL = "internal";
PASSWORD_RECOVERY = "password-recovery";
RESETINBOUND = "resetinbound";
RESETOUTBOUND = "resetoutbound";
RESETOUTSIDE = "resetoutside";
HTTP = "http";
AUTHENTICATION_CERTIFICATE = "authentication-certificate";
SERVER = "server";
}
LINE_COMMENT : "!" (~('\r' | '\n'))* NEWLINE ;

437
src/unit_tests/PIXImporterTest/test_data/asa8.3-objects-and-groups.fwb
View File

@ -1,6 +1,6 @@
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE FWObjectDatabase SYSTEM "fwbuilder.dtd">
<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="18" lastModified="1301604907" id="root">
<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="18" lastModified="1301619502" id="root">
<Library id="syslib000" color="#d4f8ff" name="Standard" comment="Standard objects" ro="True">
<AnyNetwork id="sysid0" name="Any" comment="Any Network" ro="False" address="0.0.0.0" netmask="0.0.0.0"/>
<AnyIPService id="sysid1" protocol_num="0" name="Any" comment="Any IP Service" ro="False"/>
@ -442,36 +442,36 @@
<ObjectGroup id="id9" name="DNS Names" comment="" ro="False"/>
<ObjectGroup id="id10" name="Address Tables" comment="" ro="False"/>
<ObjectGroup id="id11" name="Groups" comment="" ro="False">
<ObjectGroup id="id12" name="outside.id178211X29963.osrc.net.0" comment="Created during import of line 190" ro="False">
<ObjectGroup id="id12" name="outside.id178211X29963.osrc.net.0" comment="Created during import of line 192" ro="False">
<ObjectRef ref="id39"/>
<ObjectRef ref="id40"/>
</ObjectGroup>
<ObjectGroup id="id15" name="outside.id21353X4994.osrc.net.0" comment="Created during import of line 193" ro="False">
<ObjectGroup id="id15" name="outside.id21353X4994.osrc.net.0" comment="Created during import of line 195" ro="False">
<ObjectRef ref="id39"/>
<ObjectRef ref="id43"/>
<ObjectRef ref="id40"/>
</ObjectGroup>
<ObjectGroup id="id19" name="outside.id77971X5929.osrc.net.1" comment="Created during import of line 197" ro="False">
<ObjectGroup id="id19" name="outside.id77971X5929.osrc.net.1" comment="Created during import of line 199" ro="False">
<ObjectRef ref="id39"/>
<ObjectRef ref="id40"/>
</ObjectGroup>
<ObjectGroup id="id22" name="outside.id77971X5929.odst.net.1" comment="Created during import of line 200" ro="False">
<ObjectGroup id="id22" name="outside.id77971X5929.odst.net.1" comment="Created during import of line 202" ro="False">
<ObjectRef ref="id5"/>
<ObjectRef ref="id6"/>
</ObjectGroup>
<ObjectGroup id="id25" name="outside.id77971X5929.tsrc.net.1" comment="Created during import of line 203" ro="False">
<ObjectGroup id="id25" name="outside.id77971X5929.tsrc.net.1" comment="Created during import of line 205" ro="False">
<ObjectRef ref="id48"/>
<ObjectRef ref="id7"/>
</ObjectGroup>
<ObjectGroup id="id28" name="outside.id77971X5929.osrc.net.0" comment="Created during import of line 206" ro="False">
<ObjectGroup id="id28" name="outside.id77971X5929.osrc.net.0" comment="Created during import of line 208" ro="False">
<ObjectRef ref="id39"/>
<ObjectRef ref="id40"/>
</ObjectGroup>
<ObjectGroup id="id31" name="outside.id77971X5929.odst.net.0" comment="Created during import of line 209" ro="False">
<ObjectGroup id="id31" name="outside.id77971X5929.odst.net.0" comment="Created during import of line 211" ro="False">
<ObjectRef ref="id5"/>
<ObjectRef ref="id6"/>
</ObjectGroup>
<ObjectGroup id="id34" name="outside.id77971X5929.tsrc.net.0" comment="Created during import of line 212" ro="False">
<ObjectGroup id="id34" name="outside.id77971X5929.tsrc.net.0" comment="Created during import of line 214" ro="False">
<ObjectRef ref="id48"/>
<ObjectRef ref="id7"/>
</ObjectGroup>
@ -495,90 +495,90 @@
</ObjectGroup>
<ServiceGroup id="id51" name="Services" comment="" ro="False">
<ServiceGroup id="id52" name="Groups" comment="" ro="False">
<ServiceGroup id="id53" name="tcp src neq 88" comment="Created during import of line 123" ro="False">
<ServiceRef ref="id247"/>
<ServiceGroup id="id53" name="tcp src neq 88" comment="Created during import of line 125" ro="False">
<ServiceRef ref="id248"/>
<ServiceRef ref="id249"/>
</ServiceGroup>
<ServiceGroup id="id56" name="tcp dst neq 88" comment="Created during import of line 134" ro="False">
<ServiceRef ref="id253"/>
<ServiceGroup id="id56" name="tcp dst neq 88" comment="Created during import of line 136" ro="False">
<ServiceRef ref="id254"/>
<ServiceRef ref="id255"/>
</ServiceGroup>
<ServiceGroup id="id59" name="tcp src neq 88 / dst 1024" comment="Created during import of line 146" ro="False">
<ServiceRef ref="id259"/>
<ServiceGroup id="id59" name="tcp src neq 88 / dst 1024" comment="Created during import of line 148" ro="False">
<ServiceRef ref="id260"/>
<ServiceRef ref="id261"/>
</ServiceGroup>
<ServiceGroup id="id62" name="udp src neq 88" comment="Created during import of line 158" ro="False">
<ServiceRef ref="id295"/>
<ServiceGroup id="id62" name="udp src neq 88" comment="Created during import of line 160" ro="False">
<ServiceRef ref="id296"/>
<ServiceRef ref="id297"/>
</ServiceGroup>
<ServiceGroup id="id65" name="udp dst neq 88" comment="Created during import of line 169" ro="False">
<ServiceRef ref="id301"/>
<ServiceGroup id="id65" name="udp dst neq 88" comment="Created during import of line 171" ro="False">
<ServiceRef ref="id302"/>
<ServiceRef ref="id303"/>
</ServiceGroup>
<ServiceGroup id="id68" name="outside.id77971X5929.osrv.1" comment="Created during import of line 216" ro="False">
<ServiceGroup id="id68" name="outside.id77971X5929.osrv.1" comment="Created during import of line 218" ro="False">
<ServiceRef ref="id240"/>
<ServiceRef ref="id243"/>
<ServiceRef ref="id244"/>
</ServiceGroup>
<ServiceGroup id="id71" name="sg1" comment="Created during import of line 220" ro="False">
<ServiceGroup id="id71" name="sg1" comment="Created during import of line 222" ro="False">
<ServiceRef ref="id233"/>
<ServiceRef ref="id234"/>
<ServiceRef ref="id235"/>
<ServiceRef ref="id236"/>
</ServiceGroup>
<ServiceGroup id="id76" name="sg2" comment="Created during import of line 225" ro="False">
<ServiceGroup id="id76" name="sg2" comment="Created during import of line 227" ro="False">
<ServiceRef ref="id223"/>
<ServiceRef ref="id224"/>
<ServiceRef ref="id225"/>
</ServiceGroup>
<ServiceGroup id="id80" name="sg3" comment="Created during import of line 229" ro="False">
<ServiceRef ref="id262"/>
<ServiceGroup id="id80" name="sg3" comment="Created during import of line 231" ro="False">
<ServiceRef ref="id263"/>
<ServiceRef ref="id86"/>
<ServiceRef ref="id266"/>
<ServiceRef ref="id267"/>
</ServiceGroup>
<ServiceGroup id="id86" name="tcp src 1024 / dst neq www" comment="Created during import of line 232" ro="False">
<ServiceRef ref="id264"/>
<ServiceRef ref="id265"/>
</ServiceGroup>
<ServiceGroup id="id89" name="sg4" comment="Created during import of line 235" ro="False">
<ServiceRef ref="id86"/>
<ServiceRef ref="id267"/>
<ServiceRef ref="id268"/>
</ServiceGroup>
<ServiceGroup id="id86" name="tcp src 1024 / dst neq www" comment="Created during import of line 234" ro="False">
<ServiceRef ref="id265"/>
<ServiceRef ref="id266"/>
</ServiceGroup>
<ServiceGroup id="id89" name="sg4" comment="Created during import of line 237" ro="False">
<ServiceRef ref="id269"/>
<ServiceRef ref="id270"/>
<ServiceRef ref="id271"/>
<ServiceRef ref="id94"/>
</ServiceGroup>
<ServiceGroup id="id94" name="tcp src neq www" comment="Created during import of line 239" ro="False">
<ServiceRef ref="id271"/>
<ServiceGroup id="id94" name="tcp src neq www" comment="Created during import of line 241" ro="False">
<ServiceRef ref="id272"/>
<ServiceRef ref="id273"/>
</ServiceGroup>
<ServiceGroup id="id97" name="sg5" comment="Created during import of line 240" ro="False">
<ServiceRef ref="id304"/>
<ServiceGroup id="id97" name="sg5" comment="Created during import of line 242" ro="False">
<ServiceRef ref="id305"/>
<ServiceRef ref="id306"/>
<ServiceRef ref="id307"/>
<ServiceRef ref="id298"/>
<ServiceRef ref="id308"/>
<ServiceRef ref="id299"/>
<ServiceRef ref="id300"/>
<ServiceRef ref="id71"/>
<ServiceRef ref="id76"/>
</ServiceGroup>
<ServiceGroup id="id106" name="combo-group-1" comment="Created during import of line 251" ro="False">
<ServiceGroup id="id106" name="combo-group-1" comment="Created during import of line 253" ro="False">
<ServiceRef ref="id110"/>
<ServiceRef ref="id113"/>
<ServiceRef ref="id116"/>
</ServiceGroup>
<ServiceGroup id="id110" name="tcp-udp 0:0 / 10000:10000" comment="Created during import of line 252" ro="False">
<ServiceRef ref="id273"/>
<ServiceRef ref="id308"/>
</ServiceGroup>
<ServiceGroup id="id113" name="tcp-udp 0:0 / 0:1023" comment="Created during import of line 253" ro="False">
<ServiceGroup id="id110" name="tcp-udp 0:0 / 10000:10000" comment="Created during import of line 254" ro="False">
<ServiceRef ref="id274"/>
<ServiceRef ref="id309"/>
</ServiceGroup>
<ServiceGroup id="id116" name="tcp-udp 0:0 / 1025:65535" comment="Created during import of line 254" ro="False">
<ServiceGroup id="id113" name="tcp-udp 0:0 / 0:1023" comment="Created during import of line 255" ro="False">
<ServiceRef ref="id275"/>
<ServiceRef ref="id310"/>
</ServiceGroup>
<ServiceGroup id="id119" name="neq-group-2" comment="Created during import of line 255" ro="False">
<ServiceGroup id="id116" name="tcp-udp 0:0 / 1025:65535" comment="Created during import of line 256" ro="False">
<ServiceRef ref="id276"/>
<ServiceRef ref="id311"/>
</ServiceGroup>
<ServiceGroup id="id119" name="neq-group-2" comment="Created during import of line 257" ro="False">
<ServiceRef ref="id134"/>
<ServiceRef ref="id137"/>
<ServiceRef ref="id140"/>
@ -594,248 +594,249 @@
<ServiceRef ref="id188"/>
<ServiceRef ref="id191"/>
</ServiceGroup>
<ServiceGroup id="id134" name="tcp dst neq www" comment="Created during import of line 256" ro="False">
<ServiceRef ref="id276"/>
<ServiceGroup id="id134" name="tcp dst neq www" comment="Created during import of line 258" ro="False">
<ServiceRef ref="id277"/>
</ServiceGroup>
<ServiceGroup id="id137" name="tcp dst neq 81" comment="Created during import of line 257" ro="False">
<ServiceRef ref="id278"/>
</ServiceGroup>
<ServiceGroup id="id137" name="tcp dst neq 81" comment="Created during import of line 259" ro="False">
<ServiceRef ref="id279"/>
</ServiceGroup>
<ServiceGroup id="id140" name="tcp dst neq 82" comment="Created during import of line 258" ro="False">
<ServiceRef ref="id280"/>
<ServiceRef ref="id281"/>
</ServiceGroup>
<ServiceGroup id="id143" name="tcp dst neq 82" comment="Created during import of line 259" ro="False">
<ServiceRef ref="id280"/>
<ServiceGroup id="id140" name="tcp dst neq 82" comment="Created during import of line 260" ro="False">
<ServiceRef ref="id281"/>
<ServiceRef ref="id282"/>
</ServiceGroup>
<ServiceGroup id="id146" name="udp dst neq 82" comment="Created during import of line 259" ro="False">
<ServiceRef ref="id311"/>
<ServiceGroup id="id143" name="tcp dst neq 82" comment="Created during import of line 261" ro="False">
<ServiceRef ref="id281"/>
<ServiceRef ref="id282"/>
</ServiceGroup>
<ServiceGroup id="id146" name="udp dst neq 82" comment="Created during import of line 261" ro="False">
<ServiceRef ref="id312"/>
<ServiceRef ref="id313"/>
</ServiceGroup>
<ServiceGroup id="id149" name="tcp-udp dst neq 82" comment="Created during import of line 259" ro="False">
<ServiceGroup id="id149" name="tcp-udp dst neq 82" comment="Created during import of line 261" ro="False">
<ServiceRef ref="id143"/>
<ServiceRef ref="id146"/>
</ServiceGroup>
<ServiceGroup id="id152" name="tcp dst neq 83" comment="Created during import of line 260" ro="False">
<ServiceRef ref="id282"/>
<ServiceGroup id="id152" name="tcp dst neq 83" comment="Created during import of line 262" ro="False">
<ServiceRef ref="id283"/>
<ServiceRef ref="id284"/>
</ServiceGroup>
<ServiceGroup id="id155" name="udp dst neq 83" comment="Created during import of line 260" ro="False">
<ServiceRef ref="id313"/>
<ServiceGroup id="id155" name="udp dst neq 83" comment="Created during import of line 262" ro="False">
<ServiceRef ref="id314"/>
<ServiceRef ref="id315"/>
</ServiceGroup>
<ServiceGroup id="id158" name="tcp-udp dst neq 83" comment="Created during import of line 260" ro="False">
<ServiceGroup id="id158" name="tcp-udp dst neq 83" comment="Created during import of line 262" ro="False">
<ServiceRef ref="id152"/>
<ServiceRef ref="id155"/>
</ServiceGroup>
<ServiceGroup id="id161" name="tcp dst neq 84" comment="Created during import of line 261" ro="False">
<ServiceRef ref="id284"/>
<ServiceGroup id="id161" name="tcp dst neq 84" comment="Created during import of line 263" ro="False">
<ServiceRef ref="id285"/>
<ServiceRef ref="id286"/>
</ServiceGroup>
<ServiceGroup id="id164" name="udp dst neq 84" comment="Created during import of line 261" ro="False">
<ServiceRef ref="id315"/>
<ServiceGroup id="id164" name="udp dst neq 84" comment="Created during import of line 263" ro="False">
<ServiceRef ref="id316"/>
<ServiceRef ref="id317"/>
</ServiceGroup>
<ServiceGroup id="id167" name="tcp-udp dst neq 84" comment="Created during import of line 261" ro="False">
<ServiceGroup id="id167" name="tcp-udp dst neq 84" comment="Created during import of line 263" ro="False">
<ServiceRef ref="id161"/>
<ServiceRef ref="id164"/>
</ServiceGroup>
<ServiceGroup id="id170" name="udp dst neq 85" comment="Created during import of line 262" ro="False">
<ServiceRef ref="id317"/>
<ServiceGroup id="id170" name="udp dst neq 85" comment="Created during import of line 264" ro="False">
<ServiceRef ref="id318"/>
</ServiceGroup>
<ServiceGroup id="id173" name="udp dst neq 86" comment="Created during import of line 263" ro="False">
<ServiceRef ref="id319"/>
</ServiceGroup>
<ServiceGroup id="id173" name="udp dst neq 86" comment="Created during import of line 265" ro="False">
<ServiceRef ref="id320"/>
</ServiceGroup>
<ServiceGroup id="id176" name="udp dst neq 87" comment="Created during import of line 264" ro="False">
<ServiceRef ref="id321"/>
</ServiceGroup>
<ServiceGroup id="id176" name="udp dst neq 87" comment="Created during import of line 266" ro="False">
<ServiceRef ref="id322"/>
</ServiceGroup>
<ServiceGroup id="id179" name="udp dst neq www" comment="Created during import of line 265" ro="False">
<ServiceRef ref="id323"/>
</ServiceGroup>
<ServiceGroup id="id179" name="udp dst neq www" comment="Created during import of line 267" ro="False">
<ServiceRef ref="id324"/>
</ServiceGroup>
<ServiceGroup id="id182" name="udp dst neq nfs" comment="Created during import of line 266" ro="False">
<ServiceRef ref="id325"/>
</ServiceGroup>
<ServiceGroup id="id182" name="udp dst neq nfs" comment="Created during import of line 268" ro="False">
<ServiceRef ref="id326"/>
</ServiceGroup>
<ServiceGroup id="id185" name="udp dst neq radius" comment="Created during import of line 267" ro="False">
<ServiceRef ref="id327"/>
</ServiceGroup>
<ServiceGroup id="id185" name="udp dst neq radius" comment="Created during import of line 269" ro="False">
<ServiceRef ref="id328"/>
</ServiceGroup>
<ServiceGroup id="id188" name="udp dst neq radius-acct" comment="Created during import of line 268" ro="False">
<ServiceRef ref="id329"/>
</ServiceGroup>
<ServiceGroup id="id188" name="udp dst neq radius-acct" comment="Created during import of line 270" ro="False">
<ServiceRef ref="id330"/>
<ServiceRef ref="id331"/>
</ServiceGroup>
<ServiceGroup id="id191" name="tcp dst neq ident" comment="Created during import of line 269" ro="False">
<ServiceRef ref="id286"/>
<ServiceGroup id="id191" name="tcp dst neq ident" comment="Created during import of line 271" ro="False">
<ServiceRef ref="id287"/>
<ServiceRef ref="id288"/>
</ServiceGroup>
<ServiceGroup id="id194" name="pg1" comment="Created during import of line 271" ro="False">
<ServiceGroup id="id194" name="pg1" comment="Created during import of line 273" ro="False">
<ServiceRef ref="id236"/>
<ServiceRef ref="id237"/>
<ServiceRef ref="id233"/>
<ServiceRef ref="id234"/>
</ServiceGroup>
<ServiceGroup id="id199" name="pg2" comment="Created during import of line 276" ro="False">
<ServiceGroup id="id199" name="pg2" comment="Created during import of line 278" ro="False">
<ServiceRef ref="id238"/>
<ServiceRef ref="id229"/>
<ServiceRef ref="id194"/>
</ServiceGroup>
<ServiceGroup id="id203" name="ig1" comment="Created during import of line 281" ro="False">
<ServiceGroup id="id203" name="ig1" comment="Created during import of line 283" ro="False">
<ServiceRef ref="id223"/>
<ServiceRef ref="id225"/>
</ServiceGroup>
<ServiceGroup id="id206" name="ig2" comment="Created during import of line 284" ro="False">
<ServiceGroup id="id206" name="ig2" comment="Created during import of line 286" ro="False">
<ServiceRef ref="id224"/>
<ServiceRef ref="id226"/>
</ServiceGroup>
<ServiceGroup id="id209" name="ig3" comment="Created during import of line 287" ro="False">
<ServiceGroup id="id209" name="ig3" comment="Created during import of line 289" ro="False">
<ServiceRef ref="id227"/>
<ServiceRef ref="id203"/>
</ServiceGroup>
<ServiceGroup id="id212" name="id5102X14531.srv.tcp.0" comment="Created during import of line 293" ro="False">
<ServiceRef ref="id288"/>
<ServiceGroup id="id212" name="id5102X14531.srv.tcp.0" comment="Created during import of line 295" ro="False">
<ServiceRef ref="id289"/>
<ServiceRef ref="id290"/>
</ServiceGroup>
<ServiceGroup id="id215" name="tcp-udp-1" comment="Created during import of line 298" ro="False">
<ServiceGroup id="id215" name="tcp-udp-1" comment="Created during import of line 300" ro="False">
<ServiceRef ref="id217"/>
</ServiceGroup>
<ServiceGroup id="id217" name="tcp-udp 0:0 / 10001:10001" comment="Created during import of line 299" ro="False">
<ServiceRef ref="id290"/>
<ServiceRef ref="id331"/>
<ServiceGroup id="id217" name="tcp-udp 0:0 / 10001:10001" comment="Created during import of line 301" ro="False">
<ServiceRef ref="id291"/>
<ServiceRef ref="id332"/>
</ServiceGroup>
</ServiceGroup>
<ServiceGroup id="id220" name="ICMP" comment="" ro="False">
<ICMPService id="id221" code="-1" type="8" name="icmp1" comment="Created during import of line 109" ro="False"/>
<ICMPService id="id222" code="-1" type="3" name="icmp2" comment="Created during import of line 111" ro="False"/>
<ICMPService id="id223" code="-1" type="8" name="icmp 8/-1" comment="Created during import of line 226" ro="False"/>
<ICMPService id="id224" code="0" type="0" name="icmp 0/0" comment="Created during import of line 227" ro="False"/>
<ICMPService id="id225" code="-1" type="111" name="icmp 111/-1" comment="Created during import of line 228" ro="False"/>
<ICMPService id="id226" code="-1" type="112" name="icmp 112/-1" comment="Created during import of line 286" ro="False"/>
<ICMPService id="id227" code="-1" type="18" name="icmp 18/-1" comment="Created during import of line 288" ro="False"/>
<ICMPService id="id221" code="-1" type="8" name="icmp1" comment="Created during import of line 111" ro="False"/>
<ICMPService id="id222" code="-1" type="3" name="icmp2" comment="Created during import of line 113" ro="False"/>
<ICMPService id="id223" code="-1" type="8" name="icmp 8/-1" comment="Created during import of line 228" ro="False"/>
<ICMPService id="id224" code="0" type="0" name="icmp 0/0" comment="Created during import of line 229" ro="False"/>
<ICMPService id="id225" code="-1" type="111" name="icmp 111/-1" comment="Created during import of line 230" ro="False"/>
<ICMPService id="id226" code="-1" type="112" name="icmp 112/-1" comment="Created during import of line 288" ro="False"/>
<ICMPService id="id227" code="-1" type="18" name="icmp 18/-1" comment="Created during import of line 290" ro="False"/>
</ServiceGroup>
<ServiceGroup id="id228" name="IP" comment="" ro="False">
<IPService id="id229" any_opt="False" dscp="" fragm="False" lsrr="False" protocol_num="111" rr="False" rtralt="False" rtralt_value="False" short_fragm="False" ssrr="False" tos="" ts="False" name="ip5" comment="Created during import of line 113" ro="False"/>
<IPService id="id230" any_opt="False" dscp="" fragm="False" lsrr="False" protocol_num="0" rr="False" rtralt="False" rtralt_value="False" short_fragm="False" ssrr="False" tos="" ts="False" name="ip1" comment="Created during import of line 175" ro="False"/>
<IPService id="id231" any_opt="False" dscp="" fragm="False" lsrr="False" protocol_num="88" rr="False" rtralt="False" rtralt_value="False" short_fragm="False" ssrr="False" tos="" ts="False" name="ip2" comment="Created during import of line 177" ro="False"/>
<IPService id="id232" any_opt="False" dscp="" fragm="False" lsrr="False" protocol_num="0" rr="False" rtralt="False" rtralt_value="False" short_fragm="False" ssrr="False" tos="" ts="False" name="ip3" comment="Parser warning: Unknown service name some_weird_protocol&#10;Created during import of line 183" ro="False"/>
<IPService id="id233" any_opt="False" dscp="" fragm="False" lsrr="False" protocol_num="0" rr="False" rtralt="False" rtralt_value="False" short_fragm="False" ssrr="False" tos="" ts="False" name="ip" comment="Created during import of line 221" ro="False"/>
<IPService id="id234" any_opt="False" dscp="" fragm="False" lsrr="False" protocol_num="88" rr="False" rtralt="False" rtralt_value="False" short_fragm="False" ssrr="False" tos="" ts="False" name="ip-88" comment="Created during import of line 222" ro="False"/>
<IPService id="id235" any_opt="False" dscp="" fragm="False" lsrr="False" protocol_num="47" rr="False" rtralt="False" rtralt_value="False" short_fragm="False" ssrr="False" tos="" ts="False" name="ip-47" comment="Created during import of line 223" ro="False"/>
<IPService id="id236" any_opt="False" dscp="" fragm="False" lsrr="False" protocol_num="111" rr="False" rtralt="False" rtralt_value="False" short_fragm="False" ssrr="False" tos="" ts="False" name="ip-111" comment="Created during import of line 224" ro="False"/>
<IPService id="id237" any_opt="False" dscp="" fragm="False" lsrr="False" protocol_num="51" rr="False" rtralt="False" rtralt_value="False" short_fragm="False" ssrr="False" tos="" ts="False" name="ip-51" comment="Created during import of line 273" ro="False"/>
<IPService id="id238" any_opt="False" dscp="" fragm="False" lsrr="False" protocol_num="112" rr="False" rtralt="False" rtralt_value="False" short_fragm="False" ssrr="False" tos="" ts="False" name="ip-112" comment="Created during import of line 277" ro="False"/>
<IPService id="id229" any_opt="False" dscp="" fragm="False" lsrr="False" protocol_num="111" rr="False" rtralt="False" rtralt_value="False" short_fragm="False" ssrr="False" tos="" ts="False" name="ip5" comment="Created during import of line 115" ro="False"/>
<IPService id="id230" any_opt="False" dscp="" fragm="False" lsrr="False" protocol_num="0" rr="False" rtralt="False" rtralt_value="False" short_fragm="False" ssrr="False" tos="" ts="False" name="ip1" comment="Created during import of line 177" ro="False"/>
<IPService id="id231" any_opt="False" dscp="" fragm="False" lsrr="False" protocol_num="88" rr="False" rtralt="False" rtralt_value="False" short_fragm="False" ssrr="False" tos="" ts="False" name="ip2" comment="Created during import of line 179" ro="False"/>
<IPService id="id232" any_opt="False" dscp="" fragm="False" lsrr="False" protocol_num="0" rr="False" rtralt="False" rtralt_value="False" short_fragm="False" ssrr="False" tos="" ts="False" name="ip3" comment="Parser warning: Unknown service name some_weird_protocol&#10;Created during import of line 185" ro="False"/>
<IPService id="id233" any_opt="False" dscp="" fragm="False" lsrr="False" protocol_num="0" rr="False" rtralt="False" rtralt_value="False" short_fragm="False" ssrr="False" tos="" ts="False" name="ip" comment="Created during import of line 223" ro="False"/>
<IPService id="id234" any_opt="False" dscp="" fragm="False" lsrr="False" protocol_num="88" rr="False" rtralt="False" rtralt_value="False" short_fragm="False" ssrr="False" tos="" ts="False" name="ip-88" comment="Created during import of line 224" ro="False"/>
<IPService id="id235" any_opt="False" dscp="" fragm="False" lsrr="False" protocol_num="47" rr="False" rtralt="False" rtralt_value="False" short_fragm="False" ssrr="False" tos="" ts="False" name="ip-47" comment="Created during import of line 225" ro="False"/>
<IPService id="id236" any_opt="False" dscp="" fragm="False" lsrr="False" protocol_num="111" rr="False" rtralt="False" rtralt_value="False" short_fragm="False" ssrr="False" tos="" ts="False" name="ip-111" comment="Created during import of line 226" ro="False"/>
<IPService id="id237" any_opt="False" dscp="" fragm="False" lsrr="False" protocol_num="51" rr="False" rtralt="False" rtralt_value="False" short_fragm="False" ssrr="False" tos="" ts="False" name="ip-51" comment="Created during import of line 275" ro="False"/>
<IPService id="id238" any_opt="False" dscp="" fragm="False" lsrr="False" protocol_num="112" rr="False" rtralt="False" rtralt_value="False" short_fragm="False" ssrr="False" tos="" ts="False" name="ip-112" comment="Created during import of line 279" ro="False"/>
</ServiceGroup>
<ServiceGroup id="id239" name="TCP" comment="" ro="False">
<TCPService id="id240" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="smtp" comment="Created during import of line 100" ro="False" src_range_start="0" src_range_end="0" dst_range_start="25" dst_range_end="25"/>
<TCPService id="id241" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="http" comment="Created during import of line 102" ro="False" src_range_start="0" src_range_end="0" dst_range_start="80" dst_range_end="80"/>
<TCPService id="id242" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="squid" comment="Created during import of line 104" ro="False" src_range_start="0" src_range_end="0" dst_range_start="3128" dst_range_end="3128"/>
<TCPService id="id243" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="smtps" comment="Created during import of line 106" ro="False" src_range_start="0" src_range_end="0" dst_range_start="465" dst_range_end="465"/>
<TCPService id="id244" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp-src-1" comment="Created during import of line 117" ro="False" src_range_start="0" src_range_end="1023" dst_range_start="0" dst_range_end="0"/>
<TCPService id="id245" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp-src-2" comment="Created during import of line 119" ro="False" src_range_start="1025" src_range_end="65535" dst_range_start="0" dst_range_end="0"/>
<TCPService id="id246" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp-src-3" comment="Created during import of line 121" ro="False" src_range_start="80" src_range_end="80" dst_range_start="0" dst_range_end="0"/>
<TCPService id="id247" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp-src-4" comment="Created during import of line 123" ro="False" src_range_start="0" src_range_end="87" dst_range_start="0" dst_range_end="0"/>
<TCPService id="id248" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp-src-4" comment="Created during import of line 123" ro="False" src_range_start="89" src_range_end="65535" dst_range_start="0" dst_range_end="0"/>
<TCPService id="id249" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp-src-5" comment="Created during import of line 125" ro="False" src_range_start="1000" src_range_end="1010" dst_range_start="0" dst_range_end="0"/>
<TCPService id="id250" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp-dst-1" comment="Created during import of line 128" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="1023"/>
<TCPService id="id251" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp-dst-2" comment="Created during import of line 130" ro="False" src_range_start="0" src_range_end="0" dst_range_start="1025" dst_range_end="65535"/>
<TCPService id="id252" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp-dst-3" comment="Created during import of line 132" ro="False" src_range_start="0" src_range_end="0" dst_range_start="80" dst_range_end="80"/>
<TCPService id="id253" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp-dst-4" comment="Created during import of line 134" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="87"/>
<TCPService id="id254" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp-dst-4" comment="Created during import of line 134" ro="False" src_range_start="0" src_range_end="0" dst_range_start="89" dst_range_end="65535"/>
<TCPService id="id255" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp-dst-5" comment="Created during import of line 136" ro="False" src_range_start="0" src_range_end="0" dst_range_start="1001" dst_range_end="1011"/>
<TCPService id="id256" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp-src-dst-1" comment="Created during import of line 140" ro="False" src_range_start="0" src_range_end="1023" dst_range_start="80" dst_range_end="80"/>
<TCPService id="id257" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp-src-dst-2" comment="Created during import of line 142" ro="False" src_range_start="1025" src_range_end="65535" dst_range_start="2222" dst_range_end="2222"/>
<TCPService id="id258" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp-src-dst-3" comment="Created during import of line 144" ro="False" src_range_start="80" src_range_end="80" dst_range_start="1025" dst_range_end="65535"/>
<TCPService id="id259" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp-src-dst-4" comment="Created during import of line 146" ro="False" src_range_start="0" src_range_end="87" dst_range_start="1025" dst_range_end="65535"/>
<TCPService id="id260" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp-src-dst-4" comment="Created during import of line 146" ro="False" src_range_start="89" src_range_end="65535" dst_range_start="1025" dst_range_end="65535"/>
<TCPService id="id261" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp-src-dst-5" comment="Created during import of line 148" ro="False" src_range_start="1002" src_range_end="1012" dst_range_start="1025" dst_range_end="65535"/>
<TCPService id="id262" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 1025:65535 / 80:80" comment="Created during import of line 230" ro="False" src_range_start="1025" src_range_end="65535" dst_range_start="80" dst_range_end="80"/>
<TCPService id="id263" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 1025:65535 / 10000:10010" comment="Created during import of line 231" ro="False" src_range_start="1025" src_range_end="65535" dst_range_start="10000" dst_range_end="10010"/>
<TCPService id="id264" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 1025:65535 / 0:79" comment="Created during import of line 232" ro="False" src_range_start="1025" src_range_end="65535" dst_range_start="0" dst_range_end="79"/>
<TCPService id="id265" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 1025:65535 / 81:65535" comment="Created during import of line 232" ro="False" src_range_start="1025" src_range_end="65535" dst_range_start="81" dst_range_end="65535"/>
<TCPService id="id266" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 1025:65535 / 0:1023" comment="Created during import of line 233" ro="False" src_range_start="1025" src_range_end="65535" dst_range_start="0" dst_range_end="1023"/>
<TCPService id="id267" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 22:22" comment="Created during import of line 234" ro="False" src_range_start="0" src_range_end="0" dst_range_start="22" dst_range_end="22"/>
<TCPService id="id268" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 1025:65535 / 0:0" comment="Created during import of line 236" ro="False" src_range_start="1025" src_range_end="65535" dst_range_start="0" dst_range_end="0"/>
<TCPService id="id269" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:1023 / 0:0" comment="Created during import of line 237" ro="False" src_range_start="0" src_range_end="1023" dst_range_start="0" dst_range_end="0"/>
<TCPService id="id270" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 80:80 / 0:0" comment="Created during import of line 238" ro="False" src_range_start="80" src_range_end="80" dst_range_start="0" dst_range_end="0"/>
<TCPService id="id271" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:79 / 0:0" comment="Created during import of line 239" ro="False" src_range_start="0" src_range_end="79" dst_range_start="0" dst_range_end="0"/>
<TCPService id="id272" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 81:65535 / 0:0" comment="Created during import of line 239" ro="False" src_range_start="81" src_range_end="65535" dst_range_start="0" dst_range_end="0"/>
<TCPService id="id273" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 10000:10000" comment="Created during import of line 252" ro="False" src_range_start="0" src_range_end="0" dst_range_start="10000" dst_range_end="10000"/>
<TCPService id="id274" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 0:1023" comment="Created during import of line 253" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="1023"/>
<TCPService id="id275" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 1025:65535" comment="Created during import of line 254" ro="False" src_range_start="0" src_range_end="0" dst_range_start="1025" dst_range_end="65535"/>
<TCPService id="id276" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 0:79" comment="Created during import of line 256" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="79"/>
<TCPService id="id277" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 81:65535" comment="Created during import of line 256" ro="False" src_range_start="0" src_range_end="0" dst_range_start="81" dst_range_end="65535"/>
<TCPService id="id278" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 0:80" comment="Created during import of line 257" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="80"/>
<TCPService id="id279" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 82:65535" comment="Created during import of line 257" ro="False" src_range_start="0" src_range_end="0" dst_range_start="82" dst_range_end="65535"/>
<TCPService id="id280" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 0:81" comment="Created during import of line 258" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="81"/>
<TCPService id="id281" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 83:65535" comment="Created during import of line 258" ro="False" src_range_start="0" src_range_end="0" dst_range_start="83" dst_range_end="65535"/>
<TCPService id="id282" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 0:82" comment="Created during import of line 260" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="82"/>
<TCPService id="id283" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 84:65535" comment="Created during import of line 260" ro="False" src_range_start="0" src_range_end="0" dst_range_start="84" dst_range_end="65535"/>
<TCPService id="id284" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 0:83" comment="Created during import of line 261" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="83"/>
<TCPService id="id285" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 85:65535" comment="Created during import of line 261" ro="False" src_range_start="0" src_range_end="0" dst_range_start="85" dst_range_end="65535"/>
<TCPService id="id286" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 0:112" comment="Created during import of line 269" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="112"/>
<TCPService id="id287" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 114:65535" comment="Created during import of line 269" ro="False" src_range_start="0" src_range_end="0" dst_range_start="114" dst_range_end="65535"/>
<TCPService id="id288" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 80:80" comment="Created during import of line 294" ro="False" src_range_start="0" src_range_end="0" dst_range_start="80" dst_range_end="80"/>
<TCPService id="id289" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 443:443" comment="Created during import of line 295" ro="False" src_range_start="0" src_range_end="0" dst_range_start="443" dst_range_end="443"/>
<TCPService id="id290" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 10001:10001" comment="Created during import of line 299" ro="False" src_range_start="0" src_range_end="0" dst_range_start="10001" dst_range_end="10001"/>
<TCPService id="id242" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="ssh" comment="Created during import of line 104" ro="False" src_range_start="0" src_range_end="0" dst_range_start="22" dst_range_end="22"/>
<TCPService id="id243" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="squid" comment="Created during import of line 106" ro="False" src_range_start="0" src_range_end="0" dst_range_start="3128" dst_range_end="3128"/>
<TCPService id="id244" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="smtps" comment="Created during import of line 108" ro="False" src_range_start="0" src_range_end="0" dst_range_start="465" dst_range_end="465"/>
<TCPService id="id245" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp-src-1" comment="Created during import of line 119" ro="False" src_range_start="0" src_range_end="1023" dst_range_start="0" dst_range_end="0"/>
<TCPService id="id246" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp-src-2" comment="Created during import of line 121" ro="False" src_range_start="1025" src_range_end="65535" dst_range_start="0" dst_range_end="0"/>
<TCPService id="id247" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp-src-3" comment="Created during import of line 123" ro="False" src_range_start="80" src_range_end="80" dst_range_start="0" dst_range_end="0"/>
<TCPService id="id248" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp-src-4" comment="Created during import of line 125" ro="False" src_range_start="0" src_range_end="87" dst_range_start="0" dst_range_end="0"/>
<TCPService id="id249" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp-src-4" comment="Created during import of line 125" ro="False" src_range_start="89" src_range_end="65535" dst_range_start="0" dst_range_end="0"/>
<TCPService id="id250" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp-src-5" comment="Created during import of line 127" ro="False" src_range_start="1000" src_range_end="1010" dst_range_start="0" dst_range_end="0"/>
<TCPService id="id251" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp-dst-1" comment="Created during import of line 130" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="1023"/>
<TCPService id="id252" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp-dst-2" comment="Created during import of line 132" ro="False" src_range_start="0" src_range_end="0" dst_range_start="1025" dst_range_end="65535"/>
<TCPService id="id253" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp-dst-3" comment="Created during import of line 134" ro="False" src_range_start="0" src_range_end="0" dst_range_start="80" dst_range_end="80"/>
<TCPService id="id254" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp-dst-4" comment="Created during import of line 136" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="87"/>
<TCPService id="id255" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp-dst-4" comment="Created during import of line 136" ro="False" src_range_start="0" src_range_end="0" dst_range_start="89" dst_range_end="65535"/>
<TCPService id="id256" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp-dst-5" comment="Created during import of line 138" ro="False" src_range_start="0" src_range_end="0" dst_range_start="1001" dst_range_end="1011"/>
<TCPService id="id257" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp-src-dst-1" comment="Created during import of line 142" ro="False" src_range_start="0" src_range_end="1023" dst_range_start="80" dst_range_end="80"/>
<TCPService id="id258" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp-src-dst-2" comment="Created during import of line 144" ro="False" src_range_start="1025" src_range_end="65535" dst_range_start="2222" dst_range_end="2222"/>
<TCPService id="id259" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp-src-dst-3" comment="Created during import of line 146" ro="False" src_range_start="80" src_range_end="80" dst_range_start="1025" dst_range_end="65535"/>
<TCPService id="id260" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp-src-dst-4" comment="Created during import of line 148" ro="False" src_range_start="0" src_range_end="87" dst_range_start="1025" dst_range_end="65535"/>
<TCPService id="id261" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp-src-dst-4" comment="Created during import of line 148" ro="False" src_range_start="89" src_range_end="65535" dst_range_start="1025" dst_range_end="65535"/>
<TCPService id="id262" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp-src-dst-5" comment="Created during import of line 150" ro="False" src_range_start="1002" src_range_end="1012" dst_range_start="1025" dst_range_end="65535"/>
<TCPService id="id263" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 1025:65535 / 80:80" comment="Created during import of line 232" ro="False" src_range_start="1025" src_range_end="65535" dst_range_start="80" dst_range_end="80"/>
<TCPService id="id264" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 1025:65535 / 10000:10010" comment="Created during import of line 233" ro="False" src_range_start="1025" src_range_end="65535" dst_range_start="10000" dst_range_end="10010"/>
<TCPService id="id265" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 1025:65535 / 0:79" comment="Created during import of line 234" ro="False" src_range_start="1025" src_range_end="65535" dst_range_start="0" dst_range_end="79"/>
<TCPService id="id266" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 1025:65535 / 81:65535" comment="Created during import of line 234" ro="False" src_range_start="1025" src_range_end="65535" dst_range_start="81" dst_range_end="65535"/>
<TCPService id="id267" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 1025:65535 / 0:1023" comment="Created during import of line 235" ro="False" src_range_start="1025" src_range_end="65535" dst_range_start="0" dst_range_end="1023"/>
<TCPService id="id268" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 22:22" comment="Created during import of line 236" ro="False" src_range_start="0" src_range_end="0" dst_range_start="22" dst_range_end="22"/>
<TCPService id="id269" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 1025:65535 / 0:0" comment="Created during import of line 238" ro="False" src_range_start="1025" src_range_end="65535" dst_range_start="0" dst_range_end="0"/>
<TCPService id="id270" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:1023 / 0:0" comment="Created during import of line 239" ro="False" src_range_start="0" src_range_end="1023" dst_range_start="0" dst_range_end="0"/>
<TCPService id="id271" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 80:80 / 0:0" comment="Created during import of line 240" ro="False" src_range_start="80" src_range_end="80" dst_range_start="0" dst_range_end="0"/>
<TCPService id="id272" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:79 / 0:0" comment="Created during import of line 241" ro="False" src_range_start="0" src_range_end="79" dst_range_start="0" dst_range_end="0"/>
<TCPService id="id273" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 81:65535 / 0:0" comment="Created during import of line 241" ro="False" src_range_start="81" src_range_end="65535" dst_range_start="0" dst_range_end="0"/>
<TCPService id="id274" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 10000:10000" comment="Created during import of line 254" ro="False" src_range_start="0" src_range_end="0" dst_range_start="10000" dst_range_end="10000"/>
<TCPService id="id275" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 0:1023" comment="Created during import of line 255" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="1023"/>
<TCPService id="id276" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 1025:65535" comment="Created during import of line 256" ro="False" src_range_start="0" src_range_end="0" dst_range_start="1025" dst_range_end="65535"/>
<TCPService id="id277" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 0:79" comment="Created during import of line 258" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="79"/>
<TCPService id="id278" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 81:65535" comment="Created during import of line 258" ro="False" src_range_start="0" src_range_end="0" dst_range_start="81" dst_range_end="65535"/>
<TCPService id="id279" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 0:80" comment="Created during import of line 259" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="80"/>
<TCPService id="id280" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 82:65535" comment="Created during import of line 259" ro="False" src_range_start="0" src_range_end="0" dst_range_start="82" dst_range_end="65535"/>
<TCPService id="id281" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 0:81" comment="Created during import of line 260" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="81"/>
<TCPService id="id282" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 83:65535" comment="Created during import of line 260" ro="False" src_range_start="0" src_range_end="0" dst_range_start="83" dst_range_end="65535"/>
<TCPService id="id283" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 0:82" comment="Created during import of line 262" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="82"/>
<TCPService id="id284" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 84:65535" comment="Created during import of line 262" ro="False" src_range_start="0" src_range_end="0" dst_range_start="84" dst_range_end="65535"/>
<TCPService id="id285" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 0:83" comment="Created during import of line 263" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="83"/>
<TCPService id="id286" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 85:65535" comment="Created during import of line 263" ro="False" src_range_start="0" src_range_end="0" dst_range_start="85" dst_range_end="65535"/>
<TCPService id="id287" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 0:112" comment="Created during import of line 271" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="112"/>
<TCPService id="id288" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 114:65535" comment="Created during import of line 271" ro="False" src_range_start="0" src_range_end="0" dst_range_start="114" dst_range_end="65535"/>
<TCPService id="id289" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 80:80" comment="Created during import of line 296" ro="False" src_range_start="0" src_range_end="0" dst_range_start="80" dst_range_end="80"/>
<TCPService id="id290" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 443:443" comment="Created during import of line 297" ro="False" src_range_start="0" src_range_end="0" dst_range_start="443" dst_range_end="443"/>
<TCPService id="id291" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 10001:10001" comment="Created during import of line 301" ro="False" src_range_start="0" src_range_end="0" dst_range_start="10001" dst_range_end="10001"/>
</ServiceGroup>
<ServiceGroup id="id291" name="UDP" comment="" ro="False">
<UDPService id="id292" name="udp-src-1" comment="Created during import of line 152" ro="False" src_range_start="0" src_range_end="1023" dst_range_start="0" dst_range_end="0"/>
<UDPService id="id293" name="udp-src-2" comment="Created during import of line 154" ro="False" src_range_start="1025" src_range_end="65535" dst_range_start="0" dst_range_end="0"/>
<UDPService id="id294" name="udp-src-3" comment="Created during import of line 156" ro="False" src_range_start="80" src_range_end="80" dst_range_start="0" dst_range_end="0"/>
<UDPService id="id295" name="udp-src-4" comment="Created during import of line 158" ro="False" src_range_start="0" src_range_end="87" dst_range_start="0" dst_range_end="0"/>
<UDPService id="id296" name="udp-src-4" comment="Created during import of line 158" ro="False" src_range_start="89" src_range_end="65535" dst_range_start="0" dst_range_end="0"/>
<UDPService id="id297" name="udp-src-5" comment="Created during import of line 160" ro="False" src_range_start="1000" src_range_end="1010" dst_range_start="0" dst_range_end="0"/>
<UDPService id="id298" name="udp-dst-1" comment="Created during import of line 163" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="1023"/>
<UDPService id="id299" name="udp-dst-2" comment="Created during import of line 165" ro="False" src_range_start="0" src_range_end="0" dst_range_start="1025" dst_range_end="65535"/>
<UDPService id="id300" name="udp-dst-3" comment="Created during import of line 167" ro="False" src_range_start="0" src_range_end="0" dst_range_start="80" dst_range_end="80"/>
<UDPService id="id301" name="udp-dst-4" comment="Created during import of line 169" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="87"/>
<UDPService id="id302" name="udp-dst-4" comment="Created during import of line 169" ro="False" src_range_start="0" src_range_end="0" dst_range_start="89" dst_range_end="65535"/>
<UDPService id="id303" name="udp-dst-5" comment="Created during import of line 171" ro="False" src_range_start="0" src_range_end="0" dst_range_start="1001" dst_range_end="1011"/>
<UDPService id="id304" name="udp 1025:65535 / 0:0" comment="Created during import of line 241" ro="False" src_range_start="1025" src_range_end="65535" dst_range_start="0" dst_range_end="0"/>
<UDPService id="id305" name="udp 1025:65535 / 80:80" comment="Created during import of line 242" ro="False" src_range_start="1025" src_range_end="65535" dst_range_start="80" dst_range_end="80"/>
<UDPService id="id306" name="udp 0:0 / 53:53" comment="Created during import of line 243" ro="False" src_range_start="0" src_range_end="0" dst_range_start="53" dst_range_end="53"/>
<UDPService id="id307" name="udp 0:0 / 5353:5353" comment="Created during import of line 244" ro="False" src_range_start="0" src_range_end="0" dst_range_start="5353" dst_range_end="5353"/>
<UDPService id="id308" name="udp 0:0 / 10000:10000" comment="Created during import of line 252" ro="False" src_range_start="0" src_range_end="0" dst_range_start="10000" dst_range_end="10000"/>
<UDPService id="id309" name="udp 0:0 / 0:1023" comment="Created during import of line 253" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="1023"/>
<UDPService id="id310" name="udp 0:0 / 1025:65535" comment="Created during import of line 254" ro="False" src_range_start="0" src_range_end="0" dst_range_start="1025" dst_range_end="65535"/>
<UDPService id="id311" name="udp 0:0 / 0:81" comment="Created during import of line 259" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="81"/>
<UDPService id="id312" name="udp 0:0 / 83:65535" comment="Created during import of line 259" ro="False" src_range_start="0" src_range_end="0" dst_range_start="83" dst_range_end="65535"/>
<UDPService id="id313" name="udp 0:0 / 0:82" comment="Created during import of line 260" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="82"/>
<UDPService id="id314" name="udp 0:0 / 84:65535" comment="Created during import of line 260" ro="False" src_range_start="0" src_range_end="0" dst_range_start="84" dst_range_end="65535"/>
<UDPService id="id315" name="udp 0:0 / 0:83" comment="Created during import of line 261" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="83"/>
<UDPService id="id316" name="udp 0:0 / 85:65535" comment="Created during import of line 261" ro="False" src_range_start="0" src_range_end="0" dst_range_start="85" dst_range_end="65535"/>
<UDPService id="id317" name="udp 0:0 / 0:84" comment="Created during import of line 262" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="84"/>
<UDPService id="id318" name="udp 0:0 / 86:65535" comment="Created during import of line 262" ro="False" src_range_start="0" src_range_end="0" dst_range_start="86" dst_range_end="65535"/>
<UDPService id="id319" name="udp 0:0 / 0:85" comment="Created during import of line 263" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="85"/>
<UDPService id="id320" name="udp 0:0 / 87:65535" comment="Created during import of line 263" ro="False" src_range_start="0" src_range_end="0" dst_range_start="87" dst_range_end="65535"/>
<UDPService id="id321" name="udp 0:0 / 0:86" comment="Created during import of line 264" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="86"/>
<UDPService id="id322" name="udp 0:0 / 88:65535" comment="Created during import of line 264" ro="False" src_range_start="0" src_range_end="0" dst_range_start="88" dst_range_end="65535"/>
<UDPService id="id323" name="udp 0:0 / 0:79" comment="Created during import of line 265" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="79"/>
<UDPService id="id324" name="udp 0:0 / 81:65535" comment="Created during import of line 265" ro="False" src_range_start="0" src_range_end="0" dst_range_start="81" dst_range_end="65535"/>
<UDPService id="id325" name="udp 0:0 / 0:2048" comment="Created during import of line 266" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="2048"/>
<UDPService id="id326" name="udp 0:0 / 2050:65535" comment="Created during import of line 266" ro="False" src_range_start="0" src_range_end="0" dst_range_start="2050" dst_range_end="65535"/>
<UDPService id="id327" name="udp 0:0 / 0:1644" comment="Created during import of line 267" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="1644"/>
<UDPService id="id328" name="udp 0:0 / 1646:65535" comment="Created during import of line 267" ro="False" src_range_start="0" src_range_end="0" dst_range_start="1646" dst_range_end="65535"/>
<UDPService id="id329" name="udp 0:0 / 0:1645" comment="Created during import of line 268" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="1645"/>
<UDPService id="id330" name="udp 0:0 / 1647:65535" comment="Created during import of line 268" ro="False" src_range_start="0" src_range_end="0" dst_range_start="1647" dst_range_end="65535"/>
<UDPService id="id331" name="udp 0:0 / 10001:10001" comment="Created during import of line 299" ro="False" src_range_start="0" src_range_end="0" dst_range_start="10001" dst_range_end="10001"/>
<ServiceGroup id="id292" name="UDP" comment="" ro="False">
<UDPService id="id293" name="udp-src-1" comment="Created during import of line 154" ro="False" src_range_start="0" src_range_end="1023" dst_range_start="0" dst_range_end="0"/>
<UDPService id="id294" name="udp-src-2" comment="Created during import of line 156" ro="False" src_range_start="1025" src_range_end="65535" dst_range_start="0" dst_range_end="0"/>
<UDPService id="id295" name="udp-src-3" comment="Created during import of line 158" ro="False" src_range_start="80" src_range_end="80" dst_range_start="0" dst_range_end="0"/>
<UDPService id="id296" name="udp-src-4" comment="Created during import of line 160" ro="False" src_range_start="0" src_range_end="87" dst_range_start="0" dst_range_end="0"/>
<UDPService id="id297" name="udp-src-4" comment="Created during import of line 160" ro="False" src_range_start="89" src_range_end="65535" dst_range_start="0" dst_range_end="0"/>
<UDPService id="id298" name="udp-src-5" comment="Created during import of line 162" ro="False" src_range_start="1000" src_range_end="1010" dst_range_start="0" dst_range_end="0"/>
<UDPService id="id299" name="udp-dst-1" comment="Created during import of line 165" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="1023"/>
<UDPService id="id300" name="udp-dst-2" comment="Created during import of line 167" ro="False" src_range_start="0" src_range_end="0" dst_range_start="1025" dst_range_end="65535"/>
<UDPService id="id301" name="udp-dst-3" comment="Created during import of line 169" ro="False" src_range_start="0" src_range_end="0" dst_range_start="80" dst_range_end="80"/>
<UDPService id="id302" name="udp-dst-4" comment="Created during import of line 171" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="87"/>
<UDPService id="id303" name="udp-dst-4" comment="Created during import of line 171" ro="False" src_range_start="0" src_range_end="0" dst_range_start="89" dst_range_end="65535"/>
<UDPService id="id304" name="udp-dst-5" comment="Created during import of line 173" ro="False" src_range_start="0" src_range_end="0" dst_range_start="1001" dst_range_end="1011"/>
<UDPService id="id305" name="udp 1025:65535 / 0:0" comment="Created during import of line 243" ro="False" src_range_start="1025" src_range_end="65535" dst_range_start="0" dst_range_end="0"/>
<UDPService id="id306" name="udp 1025:65535 / 80:80" comment="Created during import of line 244" ro="False" src_range_start="1025" src_range_end="65535" dst_range_start="80" dst_range_end="80"/>
<UDPService id="id307" name="udp 0:0 / 53:53" comment="Created during import of line 245" ro="False" src_range_start="0" src_range_end="0" dst_range_start="53" dst_range_end="53"/>
<UDPService id="id308" name="udp 0:0 / 5353:5353" comment="Created during import of line 246" ro="False" src_range_start="0" src_range_end="0" dst_range_start="5353" dst_range_end="5353"/>
<UDPService id="id309" name="udp 0:0 / 10000:10000" comment="Created during import of line 254" ro="False" src_range_start="0" src_range_end="0" dst_range_start="10000" dst_range_end="10000"/>
<UDPService id="id310" name="udp 0:0 / 0:1023" comment="Created during import of line 255" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="1023"/>
<UDPService id="id311" name="udp 0:0 / 1025:65535" comment="Created during import of line 256" ro="False" src_range_start="0" src_range_end="0" dst_range_start="1025" dst_range_end="65535"/>
<UDPService id="id312" name="udp 0:0 / 0:81" comment="Created during import of line 261" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="81"/>
<UDPService id="id313" name="udp 0:0 / 83:65535" comment="Created during import of line 261" ro="False" src_range_start="0" src_range_end="0" dst_range_start="83" dst_range_end="65535"/>
<UDPService id="id314" name="udp 0:0 / 0:82" comment="Created during import of line 262" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="82"/>
<UDPService id="id315" name="udp 0:0 / 84:65535" comment="Created during import of line 262" ro="False" src_range_start="0" src_range_end="0" dst_range_start="84" dst_range_end="65535"/>
<UDPService id="id316" name="udp 0:0 / 0:83" comment="Created during import of line 263" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="83"/>
<UDPService id="id317" name="udp 0:0 / 85:65535" comment="Created during import of line 263" ro="False" src_range_start="0" src_range_end="0" dst_range_start="85" dst_range_end="65535"/>
<UDPService id="id318" name="udp 0:0 / 0:84" comment="Created during import of line 264" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="84"/>
<UDPService id="id319" name="udp 0:0 / 86:65535" comment="Created during import of line 264" ro="False" src_range_start="0" src_range_end="0" dst_range_start="86" dst_range_end="65535"/>
<UDPService id="id320" name="udp 0:0 / 0:85" comment="Created during import of line 265" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="85"/>
<UDPService id="id321" name="udp 0:0 / 87:65535" comment="Created during import of line 265" ro="False" src_range_start="0" src_range_end="0" dst_range_start="87" dst_range_end="65535"/>
<UDPService id="id322" name="udp 0:0 / 0:86" comment="Created during import of line 266" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="86"/>
<UDPService id="id323" name="udp 0:0 / 88:65535" comment="Created during import of line 266" ro="False" src_range_start="0" src_range_end="0" dst_range_start="88" dst_range_end="65535"/>
<UDPService id="id324" name="udp 0:0 / 0:79" comment="Created during import of line 267" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="79"/>
<UDPService id="id325" name="udp 0:0 / 81:65535" comment="Created during import of line 267" ro="False" src_range_start="0" src_range_end="0" dst_range_start="81" dst_range_end="65535"/>
<UDPService id="id326" name="udp 0:0 / 0:2048" comment="Created during import of line 268" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="2048"/>
<UDPService id="id327" name="udp 0:0 / 2050:65535" comment="Created during import of line 268" ro="False" src_range_start="0" src_range_end="0" dst_range_start="2050" dst_range_end="65535"/>
<UDPService id="id328" name="udp 0:0 / 0:1644" comment="Created during import of line 269" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="1644"/>
<UDPService id="id329" name="udp 0:0 / 1646:65535" comment="Created during import of line 269" ro="False" src_range_start="0" src_range_end="0" dst_range_start="1646" dst_range_end="65535"/>
<UDPService id="id330" name="udp 0:0 / 0:1645" comment="Created during import of line 270" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="1645"/>
<UDPService id="id331" name="udp 0:0 / 1647:65535" comment="Created during import of line 270" ro="False" src_range_start="0" src_range_end="0" dst_range_start="1647" dst_range_end="65535"/>
<UDPService id="id332" name="udp 0:0 / 10001:10001" comment="Created during import of line 301" ro="False" src_range_start="0" src_range_end="0" dst_range_start="10001" dst_range_end="10001"/>
</ServiceGroup>
<ServiceGroup id="id332" name="Users" comment="" ro="False"/>
<ServiceGroup id="id333" name="Custom" comment="" ro="False"/>
<ServiceGroup id="id334" name="TagServices" comment="" ro="False"/>
<ServiceGroup id="id333" name="Users" comment="" ro="False"/>
<ServiceGroup id="id334" name="Custom" comment="" ro="False"/>
<ServiceGroup id="id335" name="TagServices" comment="" ro="False"/>
</ServiceGroup>
<ObjectGroup id="id335" name="Firewalls" comment="" ro="False">
<Firewall id="id336" host_OS="pix_os" lastCompiled="0" lastInstalled="0" lastModified="0" platform="pix" version="8.3" name="asa5505" comment="Created during import of line 5" ro="False">
<NAT id="id352" name="NAT" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
<ObjectGroup id="id336" name="Firewalls" comment="" ro="False">
<Firewall id="id337" host_OS="pix_os" lastCompiled="0" lastInstalled="0" lastModified="0" platform="pix" version="8.3" name="asa5505" comment="Created during import of line 5" ro="False">
<NAT id="id353" name="NAT" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
<RuleSetOptions/>
</NAT>
<Policy id="id338" name="Policy" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
<PolicyRule id="id340" disabled="False" group="" log="False" position="0" action="Accept" direction="Inbound" comment="Imported from inside_in&#10;Created during import of line 301">
<Policy id="id339" name="Policy" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
<PolicyRule id="id341" disabled="False" group="" log="False" position="0" action="Accept" direction="Inbound" comment="Imported from inside_in&#10;Created during import of line 303">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
@ -846,7 +847,7 @@
<ServiceRef ref="id233"/>
</Srv>
<Itf neg="False">
<ObjectRef ref="id356"/>
<ObjectRef ref="id357"/>
</Itf>
<When neg="False">
<IntervalRef ref="sysid2"/>
@ -857,17 +858,17 @@
</PolicyRule>
<RuleSetOptions/>
</Policy>
<Routing id="id354" name="Routing" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
<Routing id="id355" name="Routing" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
<RuleSetOptions/>
</Routing>
<Interface id="id356" dedicated_failover="False" dyn="True" label="inside" security_level="100" unnum="False" unprotected="False" name="Vlan1" comment="inside interface " ro="False">
<Interface id="id357" dedicated_failover="False" dyn="True" label="inside" security_level="100" unnum="False" unprotected="False" name="Vlan1" comment="inside interface " ro="False">
<InterfaceOptions/>
</Interface>
<Interface id="id358" dedicated_failover="False" dyn="False" label="outside" security_level="0" unnum="False" unprotected="False" name="Vlan2" comment="outside interface " ro="False">
<IPv4 id="id359" name="asa5505:Vlan2:ip" comment="Created during import of line 16" ro="False" address="192.168.2.1" netmask="255.255.255.0"/>
<Interface id="id359" dedicated_failover="False" dyn="False" label="outside" security_level="0" unnum="False" unprotected="False" name="Vlan2" comment="outside interface " ro="False">
<IPv4 id="id360" name="asa5505:Vlan2:ip" comment="Created during import of line 16" ro="False" address="192.168.2.1" netmask="255.255.255.0"/>
<InterfaceOptions/>
</Interface>
<Interface id="id361" dedicated_failover="False" dyn="False" security_level="0" unnum="True" unprotected="False" name="Ethernet0/0" comment="Switch port 0 / 0 " ro="False">
<Interface id="id362" dedicated_failover="False" dyn="False" security_level="0" unnum="True" unprotected="False" name="Ethernet0/0" comment="Switch port 0 / 0 " ro="False">
<InterfaceOptions/>
</Interface>
<FirewallOptions>
@ -888,7 +889,7 @@
</FirewallOptions>
</Firewall>
</ObjectGroup>
<ObjectGroup id="id363" name="Clusters" comment="" ro="False"/>
<IntervalGroup id="id364" name="Time" comment="" ro="False"/>
<ObjectGroup id="id364" name="Clusters" comment="" ro="False"/>
<IntervalGroup id="id365" name="Time" comment="" ro="False"/>
</Library>
</FWObjectDatabase>

123
src/unit_tests/PIXImporterTest/test_data/asa8.3-objects-and-groups.output
View File

@ -45,64 +45,65 @@
95: Named object (address) host-1
99: Named object (service) smtp
101: Named object (service) http
103: Named object (service) squid
105: Named object (service) smtps
108: Named object (service) icmp1
110: Named object (service) icmp2
112: Named object (service) ip5
116: Named object (service) tcp-src-1
118: Named object (service) tcp-src-2
120: Named object (service) tcp-src-3
122: Named object (service) tcp-src-4
124: Named object (service) tcp-src-5
127: Named object (service) tcp-dst-1
129: Named object (service) tcp-dst-2
131: Named object (service) tcp-dst-3
133: Named object (service) tcp-dst-4
135: Named object (service) tcp-dst-5
139: Named object (service) tcp-src-dst-1
141: Named object (service) tcp-src-dst-2
143: Named object (service) tcp-src-dst-3
145: Named object (service) tcp-src-dst-4
147: Named object (service) tcp-src-dst-5
151: Named object (service) udp-src-1
153: Named object (service) udp-src-2
155: Named object (service) udp-src-3
157: Named object (service) udp-src-4
159: Named object (service) udp-src-5
162: Named object (service) udp-dst-1
164: Named object (service) udp-dst-2
166: Named object (service) udp-dst-3
168: Named object (service) udp-dst-4
170: Named object (service) udp-dst-5
174: Named object (service) ip1
176: Named object (service) ip2
178: Named object (service) icmp6-1
179: Parser warning: Import of IPv6 addresses and servcies is not supported at this time
182: Named object (service) ip3
183: Parser warning: Unknown service name some_weird_protocol
187: Named object (service) ip4
190: Object Group (network) outside.id178211X29963.osrc.net.0
193: Object Group (network) outside.id21353X4994.osrc.net.0
197: Object Group (network) outside.id77971X5929.osrc.net.1
200: Object Group (network) outside.id77971X5929.odst.net.1
203: Object Group (network) outside.id77971X5929.tsrc.net.1
206: Object Group (network) outside.id77971X5929.osrc.net.0
209: Object Group (network) outside.id77971X5929.odst.net.0
212: Object Group (network) outside.id77971X5929.tsrc.net.0
216: Object Group (service) outside.id77971X5929.osrv.1
220: Object Group (service) sg1
225: Object Group (service) sg2
229: Object Group (service) sg3
235: Object Group (service) sg4
240: Object Group (service) sg5
251: Object Group (service) combo-group-1
255: Object Group (service) neq-group-2
271: Object Group (protocol) pg1
276: Object Group (protocol) pg2
281: Object Group (icmp) ig1
284: Object Group (icmp) ig2
287: Object Group (icmp) ig3
293: Object Group (service) id5102X14531.srv.tcp.0
298: Object Group (service) tcp-udp-1
302: Interface Vlan1 ruleset inside_in direction 'in'
103: Named object (service) ssh
105: Named object (service) squid
107: Named object (service) smtps
110: Named object (service) icmp1
112: Named object (service) icmp2
114: Named object (service) ip5
118: Named object (service) tcp-src-1
120: Named object (service) tcp-src-2
122: Named object (service) tcp-src-3
124: Named object (service) tcp-src-4
126: Named object (service) tcp-src-5
129: Named object (service) tcp-dst-1
131: Named object (service) tcp-dst-2
133: Named object (service) tcp-dst-3
135: Named object (service) tcp-dst-4
137: Named object (service) tcp-dst-5
141: Named object (service) tcp-src-dst-1
143: Named object (service) tcp-src-dst-2
145: Named object (service) tcp-src-dst-3
147: Named object (service) tcp-src-dst-4
149: Named object (service) tcp-src-dst-5
153: Named object (service) udp-src-1
155: Named object (service) udp-src-2
157: Named object (service) udp-src-3
159: Named object (service) udp-src-4
161: Named object (service) udp-src-5
164: Named object (service) udp-dst-1
166: Named object (service) udp-dst-2
168: Named object (service) udp-dst-3
170: Named object (service) udp-dst-4
172: Named object (service) udp-dst-5
176: Named object (service) ip1
178: Named object (service) ip2
180: Named object (service) icmp6-1
181: Parser warning: Import of IPv6 addresses and servcies is not supported at this time
184: Named object (service) ip3
185: Parser warning: Unknown service name some_weird_protocol
189: Named object (service) ip4
192: Object Group (network) outside.id178211X29963.osrc.net.0
195: Object Group (network) outside.id21353X4994.osrc.net.0
199: Object Group (network) outside.id77971X5929.osrc.net.1
202: Object Group (network) outside.id77971X5929.odst.net.1
205: Object Group (network) outside.id77971X5929.tsrc.net.1
208: Object Group (network) outside.id77971X5929.osrc.net.0
211: Object Group (network) outside.id77971X5929.odst.net.0
214: Object Group (network) outside.id77971X5929.tsrc.net.0
218: Object Group (service) outside.id77971X5929.osrv.1
222: Object Group (service) sg1
227: Object Group (service) sg2
231: Object Group (service) sg3
237: Object Group (service) sg4
242: Object Group (service) sg5
253: Object Group (service) combo-group-1
257: Object Group (service) neq-group-2
273: Object Group (protocol) pg1
278: Object Group (protocol) pg2
283: Object Group (icmp) ig1
286: Object Group (icmp) ig2
289: Object Group (icmp) ig3
295: Object Group (service) id5102X14531.srv.tcp.0
300: Object Group (service) tcp-udp-1
304: Interface Vlan1 ruleset inside_in direction 'in'

2
src/unit_tests/PIXImporterTest/test_data/asa8.3-objects-and-groups.test
View File

@ -100,6 +100,8 @@ object service smtp
service tcp destination eq smtp
object service http
service tcp destination eq www
object service ssh
service tcp destination eq 22
object service squid
service tcp destination eq 3128
object service smtps

158
src/unit_tests/PIXImporterTest/test_data/asa8.3.fwb
View File

@ -1,6 +1,6 @@
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE FWObjectDatabase SYSTEM "fwbuilder.dtd">
<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="18" lastModified="1301464491" id="root">
<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="18" lastModified="1301619473" id="root">
<Library id="syslib000" color="#d4f8ff" name="Standard" comment="Standard objects" ro="True">
<AnyNetwork id="sysid0" name="Any" comment="Any Network" ro="False" address="0.0.0.0" netmask="0.0.0.0"/>
<AnyIPService id="sysid1" protocol_num="0" name="Any" comment="Any IP Service" ro="False"/>
@ -433,52 +433,56 @@
<ObjectGroup id="id1" name="Objects" comment="" ro="False">
<ObjectGroup id="id2" name="Addresses" comment="" ro="False">
<IPv4 id="id3" name="hostA:eth0" comment="Created during import of line 62" ro="False" address="192.168.1.10" netmask="255.255.255.255"/>
<IPv4 id="id4" name="h-10.1.1.1" comment="Created during import of line 86" ro="False" address="10.1.1.1" netmask="255.255.255.255"/>
</ObjectGroup>
<ObjectGroup id="id4" name="DNS Names" comment="" ro="False"/>
<ObjectGroup id="id5" name="Address Tables" comment="" ro="False"/>
<ObjectGroup id="id6" name="Groups" comment="" ro="False"/>
<ObjectGroup id="id7" name="Hosts" comment="" ro="False"/>
<ObjectGroup id="id8" name="Networks" comment="" ro="False">
<Network id="id9" name="internal_subnet_1" comment="Internal Subnet 1 &#10;Created during import of line 55" ro="False" address="192.168.1.0" netmask="255.255.255.192"/>
<Network id="id10" name="internal_subnet_2" comment="Internal Subnet 2 &#10;Created during import of line 58" ro="False" address="192.168.1.64" netmask="255.255.255.192"/>
<Network id="id11" name="Internal_net" comment="Created during import of line 60" ro="False" address="192.168.1.0" netmask="255.255.255.0"/>
<Network id="id12" name="net-10.10.10.0/255.255.255.0" comment="Created during import of line 92" ro="False" address="10.10.10.0" netmask="255.255.255.0"/>
<Network id="id13" name="net-10.1.1.0/255.255.255.0" comment="Created during import of line 93" ro="False" address="10.1.1.0" netmask="255.255.255.0"/>
<ObjectGroup id="id5" name="DNS Names" comment="" ro="False"/>
<ObjectGroup id="id6" name="Address Tables" comment="" ro="False"/>
<ObjectGroup id="id7" name="Groups" comment="" ro="False"/>
<ObjectGroup id="id8" name="Hosts" comment="" ro="False"/>
<ObjectGroup id="id9" name="Networks" comment="" ro="False">
<Network id="id10" name="internal_subnet_1" comment="Internal Subnet 1 &#10;Created during import of line 55" ro="False" address="192.168.1.0" netmask="255.255.255.192"/>
<Network id="id11" name="internal_subnet_2" comment="Internal Subnet 2 &#10;Created during import of line 58" ro="False" address="192.168.1.64" netmask="255.255.255.192"/>
<Network id="id12" name="Internal_net" comment="Created during import of line 60" ro="False" address="192.168.1.0" netmask="255.255.255.0"/>
<Network id="id13" name="net-192.168.1.0/255.255.255.0" comment="Created during import of line 84" ro="False" address="192.168.1.0" netmask="255.255.255.0"/>
<Network id="id14" name="net-10.0.0.0/255.255.255.0" comment="Created during import of line 85" ro="False" address="10.0.0.0" netmask="255.255.255.0"/>
<Network id="id15" name="net-10.10.10.0/255.255.255.0" comment="Created during import of line 95" ro="False" address="10.10.10.0" netmask="255.255.255.0"/>
<Network id="id16" name="net-10.1.1.0/255.255.255.0" comment="Created during import of line 96" ro="False" address="10.1.1.0" netmask="255.255.255.0"/>
</ObjectGroup>
<ObjectGroup id="id14" name="Address Ranges" comment="" ro="False"/>
<ObjectGroup id="id17" name="Address Ranges" comment="" ro="False"/>
</ObjectGroup>
<ServiceGroup id="id15" name="Services" comment="" ro="False">
<ServiceGroup id="id16" name="Groups" comment="" ro="False"/>
<ServiceGroup id="id17" name="ICMP" comment="" ro="False"/>
<ServiceGroup id="id18" name="IP" comment="" ro="False">
<IPService id="id19" any_opt="False" dscp="" fragm="False" lsrr="False" protocol_num="0" rr="False" rtralt="False" rtralt_value="False" short_fragm="False" ssrr="False" tos="" ts="False" name="ip" comment="Created during import of line 65" ro="False"/>
<ServiceGroup id="id18" name="Services" comment="" ro="False">
<ServiceGroup id="id19" name="Groups" comment="" ro="False"/>
<ServiceGroup id="id20" name="ICMP" comment="" ro="False"/>
<ServiceGroup id="id21" name="IP" comment="" ro="False">
<IPService id="id22" any_opt="False" dscp="" fragm="False" lsrr="False" protocol_num="0" rr="False" rtralt="False" rtralt_value="False" short_fragm="False" ssrr="False" tos="" ts="False" name="ip" comment="Created during import of line 65" ro="False"/>
</ServiceGroup>
<ServiceGroup id="id20" name="TCP" comment="" ro="False">
<TCPService id="id21" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 22:22" comment="Created during import of line 92" ro="False" src_range_start="0" src_range_end="0" dst_range_start="22" dst_range_end="22"/>
<ServiceGroup id="id23" name="TCP" comment="" ro="False">
<TCPService id="id24" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 80:80" comment="Created during import of line 84" ro="False" src_range_start="0" src_range_end="0" dst_range_start="80" dst_range_end="80"/>
<TCPService id="id25" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 22:22" comment="Created during import of line 95" ro="False" src_range_start="0" src_range_end="0" dst_range_start="22" dst_range_end="22"/>
</ServiceGroup>
<ServiceGroup id="id22" name="UDP" comment="" ro="False"/>
<ServiceGroup id="id23" name="Users" comment="" ro="False"/>
<ServiceGroup id="id24" name="Custom" comment="" ro="False"/>
<ServiceGroup id="id25" name="TagServices" comment="" ro="False"/>
<ServiceGroup id="id26" name="UDP" comment="" ro="False"/>
<ServiceGroup id="id27" name="Users" comment="" ro="False"/>
<ServiceGroup id="id28" name="Custom" comment="" ro="False"/>
<ServiceGroup id="id29" name="TagServices" comment="" ro="False"/>
</ServiceGroup>
<ObjectGroup id="id26" name="Firewalls" comment="" ro="False">
<Firewall id="id27" host_OS="pix_os" lastCompiled="0" lastInstalled="0" lastModified="0" platform="pix" version="8.3" name="asa5505" comment="Created during import of line 5" ro="False">
<NAT id="id55" name="NAT" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
<ObjectGroup id="id30" name="Firewalls" comment="" ro="False">
<Firewall id="id31" host_OS="pix_os" lastCompiled="0" lastInstalled="0" lastModified="0" platform="pix" version="8.3" name="asa5505" comment="Created during import of line 5" ro="False">
<NAT id="id95" name="NAT" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
<RuleSetOptions/>
</NAT>
<Policy id="id29" name="Policy" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
<PolicyRule id="id31" disabled="False" group="" log="False" position="0" action="Accept" direction="Inbound" comment="Imported from ssh_commands_inside&#10;Created during import of line 92">
<Policy id="id33" name="Policy" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
<PolicyRule id="id35" disabled="False" group="" log="False" position="0" action="Accept" direction="Inbound" comment="Imported from ssh_commands_inside&#10;Created during import of line 95">
<Src neg="False">
<ObjectRef ref="id12"/>
<ObjectRef ref="id15"/>
</Src>
<Dst neg="False">
<ObjectRef ref="id27"/>
<ObjectRef ref="id31"/>
</Dst>
<Srv neg="False">
<ServiceRef ref="id21"/>
<ServiceRef ref="id25"/>
</Srv>
<Itf neg="False">
<ObjectRef ref="id59"/>
<ObjectRef ref="id99"/>
</Itf>
<When neg="False">
<IntervalRef ref="sysid2"/>
@ -487,18 +491,78 @@
<Option name="stateless">False</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id43" disabled="False" group="" log="False" position="1" action="Accept" direction="Inbound" comment="Imported from ssh_commands_inside&#10;Created during import of line 93">
<PolicyRule id="id47" disabled="False" group="" log="False" position="1" action="Accept" direction="Inbound" comment="Imported from ssh_commands_inside&#10;Created during import of line 96">
<Src neg="False">
<ObjectRef ref="id16"/>
</Src>
<Dst neg="False">
<ObjectRef ref="id31"/>
</Dst>
<Srv neg="False">
<ServiceRef ref="id25"/>
</Srv>
<Itf neg="False">
<ObjectRef ref="id99"/>
</Itf>
<When neg="False">
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="stateless">False</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id59" disabled="False" group="" log="False" position="2" action="Accept" direction="Inbound" comment="Imported from http_commands_inside&#10;Created during import of line 84">
<Src neg="False">
<ObjectRef ref="id13"/>
</Src>
<Dst neg="False">
<ObjectRef ref="id27"/>
<ObjectRef ref="id31"/>
</Dst>
<Srv neg="False">
<ServiceRef ref="id21"/>
<ServiceRef ref="id24"/>
</Srv>
<Itf neg="False">
<ObjectRef ref="id59"/>
<ObjectRef ref="id99"/>
</Itf>
<When neg="False">
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="stateless">False</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id71" disabled="False" group="" log="False" position="3" action="Accept" direction="Inbound" comment="Imported from http_commands_inside&#10;Created during import of line 85">
<Src neg="False">
<ObjectRef ref="id14"/>
</Src>
<Dst neg="False">
<ObjectRef ref="id31"/>
</Dst>
<Srv neg="False">
<ServiceRef ref="id24"/>
</Srv>
<Itf neg="False">
<ObjectRef ref="id99"/>
</Itf>
<When neg="False">
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="stateless">False</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id83" disabled="False" group="" log="False" position="4" action="Accept" direction="Inbound" comment="Imported from http_commands_inside&#10;Created during import of line 86">
<Src neg="False">
<ObjectRef ref="id4"/>
</Src>
<Dst neg="False">
<ObjectRef ref="id31"/>
</Dst>
<Srv neg="False">
<ServiceRef ref="id24"/>
</Srv>
<Itf neg="False">
<ObjectRef ref="id99"/>
</Itf>
<When neg="False">
<IntervalRef ref="sysid2"/>
@ -509,8 +573,8 @@
</PolicyRule>
<RuleSetOptions/>
</Policy>
<Policy id="id68" name="outside_acl_in" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="False">
<PolicyRule id="id70" disabled="False" group="" log="True" position="0" action="Deny" direction="Both" comment="Created during import of line 65">
<Policy id="id108" name="outside_acl_in" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="False">
<PolicyRule id="id110" disabled="False" group="" log="True" position="0" action="Deny" direction="Both" comment="Created during import of line 65">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
@ -518,7 +582,7 @@
<ObjectRef ref="sysid0"/>
</Dst>
<Srv neg="False">
<ServiceRef ref="id19"/>
<ServiceRef ref="id22"/>
</Srv>
<Itf neg="False">
<ObjectRef ref="sysid0"/>
@ -532,20 +596,20 @@
</PolicyRule>
<RuleSetOptions/>
</Policy>
<Routing id="id57" name="Routing" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
<Routing id="id97" name="Routing" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
<RuleSetOptions/>
</Routing>
<Interface id="id59" dedicated_failover="False" dyn="True" label="inside" security_level="100" unnum="False" unprotected="False" name="Vlan1" comment="inside interface " ro="False">
<Interface id="id99" dedicated_failover="False" dyn="True" label="inside" security_level="100" unnum="False" unprotected="False" name="Vlan1" comment="inside interface " ro="False">
<InterfaceOptions/>
</Interface>
<Interface id="id61" dedicated_failover="False" dyn="False" label="outside" security_level="0" unnum="False" unprotected="False" name="Vlan2" comment="outside interface " ro="False">
<IPv4 id="id62" name="asa5505:Vlan2:ip" comment="Created during import of line 23" ro="False" address="192.168.2.1" netmask="255.255.255.0"/>
<Interface id="id101" dedicated_failover="False" dyn="False" label="outside" security_level="0" unnum="False" unprotected="False" name="Vlan2" comment="outside interface " ro="False">
<IPv4 id="id102" name="asa5505:Vlan2:ip" comment="Created during import of line 23" ro="False" address="192.168.2.1" netmask="255.255.255.0"/>
<InterfaceOptions/>
</Interface>
<Interface id="id64" dedicated_failover="False" dyn="False" security_level="0" unnum="True" unprotected="False" name="Ethernet0/0" comment="Switch port 0 / 0 " ro="False">
<Interface id="id104" dedicated_failover="False" dyn="False" security_level="0" unnum="True" unprotected="False" name="Ethernet0/0" comment="Switch port 0 / 0 " ro="False">
<InterfaceOptions/>
</Interface>
<Interface id="id66" dedicated_failover="False" dyn="False" security_level="0" unnum="True" unprotected="False" name="Vlan2020" comment="Created during import of line 30" ro="False">
<Interface id="id106" dedicated_failover="False" dyn="False" security_level="0" unnum="True" unprotected="False" name="Vlan2020" comment="Created during import of line 30" ro="False">
<InterfaceOptions/>
</Interface>
<FirewallOptions>
@ -566,7 +630,7 @@
</FirewallOptions>
</Firewall>
</ObjectGroup>
<ObjectGroup id="id82" name="Clusters" comment="" ro="False"/>
<IntervalGroup id="id83" name="Time" comment="" ro="False"/>
<ObjectGroup id="id122" name="Clusters" comment="" ro="False"/>
<IntervalGroup id="id123" name="Time" comment="" ro="False"/>
</Library>
</FWObjectDatabase>

7
src/unit_tests/PIXImporterTest/test_data/asa8.3.output
View File

@ -37,5 +37,8 @@ Warning: interface Ethernet0/7 was not imported because it is in "shutdown" mode
56: Named object (address) internal_subnet_2
59: Named object (address) Internal_net
61: Named object (address) hostA:eth0
92: Interface Vlan1 ruleset ssh_commands_inside direction 'in'
93: Interface Vlan1 ruleset ssh_commands_inside direction 'in'
84: Interface Vlan1 ruleset http_commands_inside direction 'in'
85: Interface Vlan1 ruleset http_commands_inside direction 'in'
86: Interface Vlan1 ruleset http_commands_inside direction 'in'
95: Interface Vlan1 ruleset ssh_commands_inside direction 'in'
96: Interface Vlan1 ruleset ssh_commands_inside direction 'in'

31
src/unit_tests/PIXImporterTest/test_data/asa8.3.test
View File

@ -82,9 +82,12 @@ dynamic-access-policy-record DfltAccessPolicy
aaa authentication ssh console LOCAL
http server enable
http 192.168.1.0 255.255.255.0 inside
http 10.0.0.0 255.255.255.0 inside
http 10.1.1.1 255.255.255.255 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
service resetinbound interface outside
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
telnet timeout 5
@ -101,7 +104,35 @@ no threat-detection statistics tcp-intercept
webvpn
username foo password AAAAAAAAAAAAAAAA encrypted privilege 15
!
class-map inspection_default
match default-inspection-traffic
!
!
policy-map global_policy
class inspection_default
inspect ctiqbe
inspect dns
inspect ftp
inspect h323 h225
inspect h323 ras
inspect http
inspect icmp
inspect ils
inspect mgcp
inspect rsh
inspect rtsp
inspect sip
inspect skinny
inspect esmtp
inspect sqlnet
inspect tftp
policy-map type inspect ip-options ip-options-map
parameters
eool action allow
nop action allow
router-alert action allow
!
service-policy global_policy global
prompt hostname context
call-home
profile CiscoTAC-1