-
Notifications
You must be signed in to change notification settings - Fork 2
/
customdata.tpl
141 lines (136 loc) · 3.36 KB
/
customdata.tpl
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
Content-Type: multipart/mixed; boundary="===============0086047718136476635=="
MIME-Version: 1.0
--===============0086047718136476635==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="config"
config system admin
edit "${fgt_username}"
set ssh-public-key1 "${trimspace(ssh_public_key)}"
next
end
config system api-user
edit autouser
set comments "API user for automatic setup"
set api-key "${auto_password}"
set accprofile "super_admin_readonly"
end
config system sdn-connector
edit "AzureSDN"
set type azure
set update-interval 30
end
end
config system global
set admintimeout 480
set admin-port 8080
set timezone 26
end
config router static
edit 1
set gateway 172.27.40.1
set device "port1"
next
edit 2
set dst 172.27.40.0 255.255.252.0
set gateway 172.27.40.65
set device "port2"
next
end
config firewall address
edit "dynVoteApp"
set type dynamic
set sdn "AzureSDN"
set color 19
set filter "K8S_ServiceName=azure-vote-front"
set sdn-addr-type public
next
edit "K8SNetwork"
set subnet "172.27.41.0/24"
next
edit "JumpNetwork"
set subnet "172.27.42.0/24"
next
end
config firewall ldb-monitor
edit "votemon"
set type tcp
next
end
config firewall vip
edit "JumpVip"
set extip "0.0.0.0"
set mappedip "172.27.42.4"
set extintf "port1"
set portforward enable
set extport 8022
set mappedport 22
next
edit "VoteAPP"
set type server-load-balance
set extip "172.27.40.4"
set extintf "port1"
set monitor "votemon"
set server-type http
set http-ip-header enable
set extport 8080
config realservers
edit 1
set type address
set address "dynVoteApp"
set port 80
set max-connections 999
next
end
next
end
config firewall policy
edit 40
set name "Outbound"
set srcintf "port2"
set dstintf "port1"
set srcaddr "all"
set dstaddr "all"
set action accept
set schedule "always"
set service "ALL"
set logtraffic all
set logtraffic-start enable
set nat enable
next
edit 41
set name "InboundJump"
set srcintf "port1"
set dstintf "port2"
set srcaddr "all"
set dstaddr "JumpVip"
set action accept
set schedule "always"
set service "SSH"
set logtraffic all
set logtraffic-start enable
next
edit 50
set name "VoteAPP-IN"
set srcintf "port1"
set dstintf "port2"
set action accept
set srcaddr "all"
set dstaddr "VoteAPP"
set schedule "always"
set service "HTTP"
set inspection-mode proxy
set logtraffic all
set nat enable
next
end
%{ if fgt_license_file != "" }
--===============0086047718136476635==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="${fgt_license_file}"
${file(fgt_license_file)}
%{ endif }
--===============0086047718136476635==--