diff --git a/env-prod-astana/group_vars/all.yml b/env-prod-astana/group_vars/all.yml
index b16150a..cf790d0 100644
--- a/env-prod-astana/group_vars/all.yml
+++ b/env-prod-astana/group_vars/all.yml
@@ -36,8 +36,6 @@ kni:
         tfe_node_count: 3
     watch_dog:
         switch: 1
-    maat:
-        readconf_mode: 2
     send_logger:
         switch: 1
     tfe_nodes:
diff --git a/env-stage-hy/group_vars/all.yml b/env-stage-hy/group_vars/all.yml
index 87d0c65..226f13f 100644
--- a/env-stage-hy/group_vars/all.yml
+++ b/env-stage-hy/group_vars/all.yml
@@ -30,10 +30,6 @@ kni:
         tfe_node_count: 3
     watch_dog:
         switch: 1
-    maat:
-        readconf_mode: 2
-    send_logger:
-        switch: 1
     tfe_nodes:
         - tfe0:
               enabled: 1
diff --git a/env-stage-pc/group_vars/all.yml b/env-stage-pc/group_vars/all.yml
index 7e97e2b..0bedd4f 100644
--- a/env-stage-pc/group_vars/all.yml
+++ b/env-stage-pc/group_vars/all.yml
@@ -30,10 +30,6 @@ kni:
     tfe_node_count: 3
   watch_dog:
     switch: 1
-  maat:
-    readconf_mode: 2
-  send_logger:
-    switch: 1
   tfe_nodes:
     - tfe0:
         enabled: 1
diff --git a/env-stage-xxg/group_vars/all.yml b/env-stage-xxg/group_vars/all.yml
index b29f208..45bad5d 100644
--- a/env-stage-xxg/group_vars/all.yml
+++ b/env-stage-xxg/group_vars/all.yml
@@ -24,16 +24,15 @@ fs_remote:
     address: "192.168.100.1"
     port: 8125
 
+nic_transparent_mode:
+    enable: 0
+
 kni:
     global:
         log_level: 30
         tfe_node_count: 3
     watch_dog:
         switch: 1
-    maat:
-        readconf_mode: 2
-    send_logger:
-        switch: 1
     tfe_nodes:
         - tfe0:
               enabled: 1
@@ -52,3 +51,5 @@ mrzcpd:
 
 mrtunnat:
     lcore_id: 46
+
+run_as_tun_mode: 1
diff --git a/roles/framework/files/kernel/kernel-ml-5.1.8-1.el7.elrepo.x86_64.rpm b/roles/framework/files/kernel/kernel-ml-5.1.8-1.el7.elrepo.x86_64.rpm
deleted file mode 100644
index 6fefdec..0000000
Binary files a/roles/framework/files/kernel/kernel-ml-5.1.8-1.el7.elrepo.x86_64.rpm and /dev/null differ
diff --git a/roles/framework/files/kernel/kernel-ml-devel-5.1.8-1.el7.elrepo.x86_64.rpm b/roles/framework/files/kernel/kernel-ml-devel-5.1.8-1.el7.elrepo.x86_64.rpm
deleted file mode 100644
index 1dd97ca..0000000
Binary files a/roles/framework/files/kernel/kernel-ml-devel-5.1.8-1.el7.elrepo.x86_64.rpm and /dev/null differ
diff --git a/roles/kernel-ml/files/kernel/kernel-ml-5.1.8-1.el7.elrepo.x86_64.rpm b/roles/kernel-ml/files/kernel/kernel-ml-5.1.8-1.el7.elrepo.x86_64.rpm
deleted file mode 100644
index 6fefdec..0000000
Binary files a/roles/kernel-ml/files/kernel/kernel-ml-5.1.8-1.el7.elrepo.x86_64.rpm and /dev/null differ
diff --git a/roles/kernel-ml/files/kernel/kernel-ml-devel-5.1.8-1.el7.elrepo.x86_64.rpm b/roles/kernel-ml/files/kernel/kernel-ml-devel-5.1.8-1.el7.elrepo.x86_64.rpm
deleted file mode 100644
index 1dd97ca..0000000
Binary files a/roles/kernel-ml/files/kernel/kernel-ml-devel-5.1.8-1.el7.elrepo.x86_64.rpm and /dev/null differ
diff --git a/roles/kni/files/kni-2.1.5.9e42ae3-1.el7.centos.x86_64.rpm b/roles/kni/files/kni-2.1.5.9e42ae3-1.el7.centos.x86_64.rpm
deleted file mode 100644
index a9bec57..0000000
Binary files a/roles/kni/files/kni-2.1.5.9e42ae3-1.el7.centos.x86_64.rpm and /dev/null differ
diff --git a/roles/kni/files/kni-3.0.0.4484554-1.el7.x86_64.rpm b/roles/kni/files/kni-3.0.0.4484554-1.el7.x86_64.rpm
new file mode 100644
index 0000000..e7a226a
Binary files /dev/null and b/roles/kni/files/kni-3.0.0.4484554-1.el7.x86_64.rpm differ
diff --git a/roles/kni/files/kni-debuginfo-3.0.0.4484554-1.el7.x86_64.rpm b/roles/kni/files/kni-debuginfo-3.0.0.4484554-1.el7.x86_64.rpm
new file mode 100644
index 0000000..c5c4159
Binary files /dev/null and b/roles/kni/files/kni-debuginfo-3.0.0.4484554-1.el7.x86_64.rpm differ
diff --git a/roles/kni/files/sapp-4.0.4.d31932a-1.el7.x86_64.rpm b/roles/kni/files/sapp-4.0.4.d31932a-1.el7.x86_64.rpm
deleted file mode 100644
index 265b32d..0000000
Binary files a/roles/kni/files/sapp-4.0.4.d31932a-1.el7.x86_64.rpm and /dev/null differ
diff --git a/roles/kni/tasks/main.yml b/roles/kni/tasks/main.yml
index 694fb23..7e366fb 100644
--- a/roles/kni/tasks/main.yml
+++ b/roles/kni/tasks/main.yml
@@ -1,53 +1,17 @@
 ---
-- name: "copy sapp and kni to destination server"
+- name: "copy kni to destination server"
   copy:
     src: "{{ role_path }}/files/"
     dest: /tmp/ansible_deploy/
 
-- name: "install sapp rpms from localhost"
-  yum:
-    name:
-      - /tmp/ansible_deploy/sapp-4.0.4.d31932a-1.el7.x86_64.rpm
-    state: present
-
 - name: "install kni rpms from localhost"
   yum:
     name:
-      - /tmp/ansible_deploy/kni-2.1.5.9e42ae3-1.el7.centos.x86_64.rpm
+      - /tmp/ansible_deploy/kni-3.0.0.4484554-1.el7.x86_64.rpm
     state: present
 
-- name: Template the sapp.toml
-  template:
-    src: "{{ role_path }}/templates/sapp.toml.j2"
-    dest: /home/mesasoft/sapp_run/etc/sapp.toml
-  tags: template
-
-- name: Template the project_list.conf
-  template:
-    src: "{{ role_path }}/templates/project_list.conf.j2"
-    dest: /home/mesasoft/sapp_run/etc/project_list.conf
-  tags: template
-
-- name: Template the conflist.inf
-  template:
-    src: "{{ role_path }}/templates/conflist.inf.j2"
-    dest: /home/mesasoft/sapp_run/plug/conflist.inf
-  tags: template
-
-- name: Template the gdev.conf
-  template:
-    src: "{{ role_path }}/templates/gdev.conf.j2"
-    dest: /home/mesasoft/sapp_run/etc/gdev.conf
-  tags: template
-
 - name: Template the kni.conf
   template:
     src: "{{ role_path }}/templates/kni.conf.j2"
     dest: /home/mesasoft/sapp_run/etc/kni/kni.conf
   tags: template
-
-- name: "enable sapp"
-  systemd:
-    name: sapp
-    enabled: yes
-    daemon_reload: yes
diff --git a/roles/kni/templates/conflist.inf.j2 b/roles/kni/templates/conflist.inf.j2
deleted file mode 100644
index 098ab6e..0000000
--- a/roles/kni/templates/conflist.inf.j2
+++ /dev/null
@@ -1,8 +0,0 @@
-[platform]
-./plug/platform/g_device_plug/g_device_plug.inf
-
-[protocol]
-./plug/protocol/http/http.inf
-
-[business]
-./plug/business/kni/kni.inf
\ No newline at end of file
diff --git a/roles/kni/templates/kni.conf.j2 b/roles/kni/templates/kni.conf.j2
index fbf7a20..af5ee96 100644
--- a/roles/kni/templates/kni.conf.j2
+++ b/roles/kni/templates/kni.conf.j2
@@ -39,35 +39,9 @@ keepalive_idle = 2
 keepalive_intvl = 1
 keepalive_cnt = 3
 
-[static_maat]
-readconf_mode = {{ kni.maat.readconf_mode }}
-tableinfo_path = ./etc/kni/static_maat_tableinfo.conf
-maatjson_path = ./etc/kni/maat_test.json
-redis_ip = {{ maat_redis_server.address }}
-redis_port = {{ maat_redis_server.port }}
-redis_index = {{ maat_redis_server.db }}
-
-[dynamic_maat]
-readconf_mode = {{ kni.maat.readconf_mode }}
-tableinfo_path = ./etc/kni/dynamic_maat_tableinfo.conf
-maatjson_path = ./etc/kni/maat_test.json
-redis_ip = {{ dynamic_maat_redis_server.address }}
-redis_port = {{ dynamic_maat_redis_server.port }}
-redis_index = {{ dynamic_maat_redis_server.db }}
-
-[send_logger]
-switch = {{ kni.send_logger.switch }}
-kafka_topic = SESSION-RECORD-LOG
-kafka_brokerlist = {{ log_kafkabrokers.address }}
-
 [marsio]
 appsym = knifw
 
-[kafka]
-queue.buffering.max.messages = 1000000
-topic.metadata.refresh.interval.ms = 600000
-security.protocol = MG
-
 [dup_traffic]
 switch = 1
 action = 2
@@ -99,4 +73,5 @@ remote_switch = {{ fs_remote.switch }}
 remote_ip = {{ fs_remote.address }}
 remote_port = {{ fs_remote.port }}
 local_path = ./fs2_kni.status
-stat_cycle = 2
+stat_cycle = 1
+print_mode = 1
diff --git a/roles/sapp/files/sapp-4.0.5.3385992-1.el7.x86_64.rpm b/roles/sapp/files/sapp-4.0.5.3385992-1.el7.x86_64.rpm
new file mode 100644
index 0000000..1c10718
Binary files /dev/null and b/roles/sapp/files/sapp-4.0.5.3385992-1.el7.x86_64.rpm differ
diff --git a/roles/sapp/tasks/main.yml b/roles/sapp/tasks/main.yml
new file mode 100644
index 0000000..4e4224c
--- /dev/null
+++ b/roles/sapp/tasks/main.yml
@@ -0,0 +1,41 @@
+---
+- name: "copy sapp to destination server"
+  copy:
+    src: "{{ role_path }}/files/"
+    dest: /tmp/ansible_deploy/
+
+- name: "install sapp rpms from localhost"
+  yum:
+    name:
+      - /tmp/ansible_deploy/sapp-4.0.5.3385992-1.el7.x86_64.rpm
+    state: present
+
+- name: Template the sapp.toml
+  template:
+    src: "{{ role_path }}/templates/sapp.toml.j2"
+    dest: /home/mesasoft/sapp_run/etc/sapp.toml
+  tags: template
+
+- name: Template the project_list.conf
+  template:
+    src: "{{ role_path }}/templates/project_list.conf.j2"
+    dest: /home/mesasoft/sapp_run/etc/project_list.conf
+  tags: template
+
+- name: Template the conflist.inf
+  template:
+    src: "{{ role_path }}/templates/conflist.inf.j2"
+    dest: /home/mesasoft/sapp_run/plug/conflist.inf
+  tags: template
+
+- name: Template the gdev.conf
+  template:
+    src: "{{ role_path }}/templates/gdev.conf.j2"
+    dest: /home/mesasoft/sapp_run/etc/gdev.conf
+  tags: template
+  
+- name: "enable sapp"
+  systemd:
+    name: sapp
+    enabled: yes
+    daemon_reload: yes
diff --git a/roles/sapp/templates/conflist.inf.j2 b/roles/sapp/templates/conflist.inf.j2
new file mode 100644
index 0000000..34f8339
--- /dev/null
+++ b/roles/sapp/templates/conflist.inf.j2
@@ -0,0 +1,19 @@
+[platform]
+./plug/platform/g_device_plug/g_device_plug.inf
+./plug/platform/tsg_master/tsg_master.inf
+
+[protocol]
+./plug/protocol/ssl/ssl.inf
+./plug/protocol/http/http.inf
+./plug/protocol/dns/dns.inf
+./plug/protocol/mail/mail.inf
+./plug/protocol/ftp/ftp.inf
+
+[business]
+./plug/business/kni/kni.inf
+./plug/business/fw_ssl/fw_ssl.inf
+./plug/business/fw_http_plug/fw_http_plug.inf
+./plug/business/fw_dns_plug/fw_dns_plug.inf
+./plug/business/fw_mail_plug/fw_mail_plug.inf
+./plug/business/fw_ftp_plug/fw_ftp_plug.inf
+./plug/business/tsg_conn_record/tsg_conn_record.inf
\ No newline at end of file
diff --git a/roles/kni/templates/gdev.conf.j2 b/roles/sapp/templates/gdev.conf.j2
similarity index 100%
rename from roles/kni/templates/gdev.conf.j2
rename to roles/sapp/templates/gdev.conf.j2
diff --git a/roles/kni/templates/project_list.conf.j2 b/roles/sapp/templates/project_list.conf.j2
similarity index 75%
rename from roles/kni/templates/project_list.conf.j2
rename to roles/sapp/templates/project_list.conf.j2
index c123d0b..c712a15 100644
--- a/roles/kni/templates/project_list.conf.j2
+++ b/roles/sapp/templates/project_list.conf.j2
@@ -1,4 +1,4 @@
 tcp_flow_stat           struct
 udp_flow_stat           struct
 tcp_deduce_flow_stat    struct
-kni_http_tag            struct
\ No newline at end of file
+POLICY_PRIORITY	struct
\ No newline at end of file
diff --git a/roles/kni/templates/sapp.toml.j2 b/roles/sapp/templates/sapp.toml.j2
similarity index 100%
rename from roles/kni/templates/sapp.toml.j2
rename to roles/sapp/templates/sapp.toml.j2
diff --git a/roles/tfe/files/tfe-kmod-v1.0.4.20190923-1dkms.noarch.rpm b/roles/tfe/files/tfe-kmod-v1.0.4.20190923-1dkms.noarch.rpm
deleted file mode 100644
index da6096a..0000000
Binary files a/roles/tfe/files/tfe-kmod-v1.0.4.20190923-1dkms.noarch.rpm and /dev/null differ