summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorfumingwei <[email protected]>2023-03-25 21:09:11 +0800
committerfumingwei <[email protected]>2023-03-25 21:09:11 +0800
commit7a8fff78043da26d17819802c236e8f7de8046eb (patch)
tree749b011670f53437e3533b6600f17efab93fe851
parentd5714a21b65ab393361630ca8af8340ba6dd774d (diff)
feature:新增firwall.enable_sip和firewall.enable_bgpv22.11.4
Diffstat
-rw-r--r--ansible/roles/firewall/templates/main.conf.j2.j24
-rw-r--r--ansible/roles/firewall/templates/tsg_conn_sketch.inf.j2.j26
-rw-r--r--ansible/roles/sapp/templates/conflist.inf.j2.j28
-rw-r--r--ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.7400MCN0P01R012
-rw-r--r--ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.9000NPBP01R012
-rw-r--r--ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.TSGXNXR620G40R01P08042
-rw-r--r--ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.TSGXNXR620G40R01P14032
7 files changed, 23 insertions, 3 deletions
diff --git a/ansible/roles/firewall/templates/main.conf.j2.j2 b/ansible/roles/firewall/templates/main.conf.j2.j2
index f635973f..c4d87a0f 100644
--- a/ansible/roles/firewall/templates/main.conf.j2.j2
+++ b/ansible/roles/firewall/templates/main.conf.j2.j2
@@ -95,9 +95,9 @@ DEVICE_SEQ_IN_DATA_CENTER={{ session_id_generator.snowflake_worker_id_offset }}
{% endraw %}
FEATURE_TAMPER=1
{% raw %}{% if firewall.enable_dtls == 1 %}
-IDENTIFY_PROTO_NAME="DNS;QUIC;HTTP;MAIL;FTP;SSL;RTP;SIP;SSH;RADIUS;SOCKS;STRATUM;RDP;BGP;DTLS;GTPC;"
+IDENTIFY_PROTO_NAME="DNS;QUIC;HTTP;MAIL;FTP;SSL;RTP;SSH;RADIUS;SOCKS;STRATUM;RDP;DTLS;GTPC;"
{% else %}
-IDENTIFY_PROTO_NAME="DNS;QUIC;HTTP;MAIL;FTP;SSL;RTP;SIP;SSH;RADIUS;SOCKS;STRATUM;RDP;BGP;GTPC;"
+IDENTIFY_PROTO_NAME="DNS;QUIC;HTTP;MAIL;FTP;SSL;RTP;SSH;RADIUS;SOCKS;STRATUM;RDP;GTPC;"
{% endif %}
{% endraw %}
diff --git a/ansible/roles/firewall/templates/tsg_conn_sketch.inf.j2.j2 b/ansible/roles/firewall/templates/tsg_conn_sketch.inf.j2.j2
index 408a4a8f..14762c81 100644
--- a/ansible/roles/firewall/templates/tsg_conn_sketch.inf.j2.j2
+++ b/ansible/roles/firewall/templates/tsg_conn_sketch.inf.j2.j2
@@ -43,9 +43,12 @@ FUNC_NAME=tsg_record_rtp_entry
{% endif %}
{% endraw %}
+{% raw %}{% if firewall.enable_sip == 1 %}
[SIP]
FUNC_FLAG=ALL
FUNC_NAME=tsg_record_sip_entry
+{% endif %}
+{% endraw %}
[FTP]
FUNC_FLAG=ALL
@@ -67,9 +70,12 @@ FUNC_NAME=tsg_record_stratum_entry
FUNC_FLAG=ALL
FUNC_NAME=tsg_record_rdp_entry
+{% raw %}{% if firewall.enable_bgp == 1 %}
[BGP]
FUNC_FLAG=ALL
FUNC_NAME=tsg_record_bgp_entry
+{% endif %}
+{% endraw %}
{% raw %}{% if firewall.enable_dtls == 1 %}
[DTLS]
diff --git a/ansible/roles/sapp/templates/conflist.inf.j2.j2 b/ansible/roles/sapp/templates/conflist.inf.j2.j2
index 00739b38..174a26bb 100644
--- a/ansible/roles/sapp/templates/conflist.inf.j2.j2
+++ b/ansible/roles/sapp/templates/conflist.inf.j2.j2
@@ -22,8 +22,11 @@
{% endraw %}
[protocol]
-./plug/protocol/deal_socks/deal_socks.inf
+./plug/protocol/deal_socks/deal_socks.inf
+{% raw %}{% if firewall.enable_sip == 1 %}
./plug/protocol/sip/sip.inf
+{% endif %}
+{% endraw %}
./plug/protocol/rtp/rtp.inf
./plug/protocol/ssl/ssl.inf
./plug/protocol/http/http.inf
@@ -37,7 +40,10 @@
./plug/protocol/ssh/ssh.inf
./plug/protocol/stratum/stratum.inf
./plug/protocol/rdp/rdp.inf
+{% raw %}{% if firewall.enable_bgp == 1 %}
./plug/protocol/bgp/bgp.inf
+{% endif %}
+{% endraw %}
{% raw %}{% if firewall.enable_dtls == 1 %}
./plug/protocol/dtls/dtls.inf
{% endif %}
diff --git a/ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.7400MCN0P01R01 b/ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.7400MCN0P01R01
index 1469d37d..5743bb92 100644
--- a/ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.7400MCN0P01R01
+++ b/ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.7400MCN0P01R01
@@ -6,6 +6,8 @@ firewall:
enable: 1
enable_hos: 1
enable_dtls: 0
+ enable_sip: 0
+ enable_bgp: 0
proxy:
enable: 1
diff --git a/ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.9000NPBP01R01 b/ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.9000NPBP01R01
index aea3814c..e05dc2dd 100644
--- a/ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.9000NPBP01R01
+++ b/ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.9000NPBP01R01
@@ -5,6 +5,8 @@ firewall:
enable: 1
enable_hos: 1
enable_dtls: 0
+ enable_sip: 0
+ enable_bgp: 0
proxy:
enable: 1
diff --git a/ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.TSGXNXR620G40R01P0804 b/ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.TSGXNXR620G40R01P0804
index 1ed226b4..bc3991e0 100644
--- a/ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.TSGXNXR620G40R01P0804
+++ b/ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.TSGXNXR620G40R01P0804
@@ -6,6 +6,8 @@ firewall:
enable: 1
enable_hos: 1
enable_dtls: 0
+ enable_sip: 0
+ enable_bgp: 0
proxy:
enable: 1
diff --git a/ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.TSGXNXR620G40R01P1403 b/ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.TSGXNXR620G40R01P1403
index 540f65ac..9b05144e 100644
--- a/ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.TSGXNXR620G40R01P1403
+++ b/ansible/roles/tsg-os-provision/files/config_sample/provision.default.yml.TSGXNXR620G40R01P1403
@@ -6,6 +6,8 @@ firewall:
enable: 1
enable_hos: 1
enable_dtls: 0
+ enable_sip: 0
+ enable_bgp: 0
proxy:
enable: 0
generated by cgit v1.2.3 (git 2.39.1) at 2025-12-30 14:18:35 +0000