From 5e3349ce455e81db8b9982c2d71cca402f8a693f Mon Sep 17 00:00:00 2001
From: liuxueli <liuxueli@geedgenetworks.com>
Date: Wed, 13 Dec 2023 18:44:26 +0800
Subject: [PATCH] Update firewall-3.0.12.7fb8f4d stellar-c-1.0.6.37117f9

---
 .../install_config/group_vars/rpm_version.yml |  4 +--
 .../roles/firewall/templates/maat.conf.j2.j2  | 29 +++++++++++++++----
 .../traffic-engine/files/helm/conf/maat.conf  | 21 +++++++-------
 3 files changed, 36 insertions(+), 18 deletions(-)

diff --git a/ansible/install_config/group_vars/rpm_version.yml b/ansible/install_config/group_vars/rpm_version.yml
index ab63a97a..46e68020 100644
--- a/ansible/install_config/group_vars/rpm_version.yml
+++ b/ansible/install_config/group_vars/rpm_version.yml
@@ -3,7 +3,7 @@ certstore_rpm_version:
 
 firewall_rpm_version:
   conn_telemetry: conn_telemetry-1.0.3.4ef6df6
-  firewall: firewall-3.0.11.f3473f5
+  firewall: firewall-3.0.12.7fb8f4d
   #gtp_signaling_plug: gtp_signaling_plug-2.0.0.3f233d7
   #radius_collect_plug: radius_collect_plug-2.0.11.47a51f3
   glimpse_detector: glimpse_detector-3.0.0.7240884
@@ -28,7 +28,7 @@ firewall_rpm_version:
   session_flags: session_flags-2.2.5.fb0ff23
   stat_policy_enforcer: stat_policy_enforcer-3.1.4.95250e9
   sf_classifier: sf_classifier-1.0.8.7da11bd
-  stellar-c: stellar-c-1.0.4.44f2c7f
+  stellar-c: stellar-c-1.0.6.37117f9
 
 framework_rpm_version:
   00_libcjson: libcjson-1.7.12.6c09dcf
diff --git a/ansible/roles/firewall/templates/maat.conf.j2.j2 b/ansible/roles/firewall/templates/maat.conf.j2.j2
index d4298ed7..92886bd9 100644
--- a/ansible/roles/firewall/templates/maat.conf.j2.j2
+++ b/ansible/roles/firewall/templates/maat.conf.j2.j2
@@ -1,11 +1,11 @@
-[STATIC]
+[CM_STATIC_MAAT]
 ###file, json, redis
 MAAT_MODE=redis
 STAT_SWITCH=1
 PERF_SWITCH=0
 HIT_GROUP_SWITCH=1
-TABLE_INFO=tsgconf/firewall_maat_tableinfo.json
-STAT_FILE=log/firewall.maat.status
+TABLE_INFO=tsgconf/firewall_cm_maat_tableinfo.json
+STAT_FILE=log/firewall.cm.maat.status
 EFFECT_INTERVAL_MS=1000
 GARBAGE_COLLECT_MS=60000
 RULE_UPDATE_CHECK_INTERVAL_MS=1000
@@ -15,11 +15,30 @@ REDIS_PORT={% raw %}{{ cm_policy_server_port }}
 {% endraw %}
 {% raw %}REDIS_INDEX={{ vsys_id }}
 {% endraw %}
-JSON_CFG_FILE=tsgconf/firewall_maat_rule.json
+JSON_CFG_FILE=tsgconf/firewall_cm_maat_rule.json
 INC_CFG_DIR=tsgrule/inc/index/
 FULL_CFG_DIR=tsgrule/full/index/
 EFFECTIVE_RANGE_FILE=/opt/tsg/etc/tsg_device_tag.json
-LOG_PATH="log/firewall.maat"
+LOG_PATH="log/firewall.cm.maat"
+
+[SD_DYNAMIC_MAAT]
+MAAT_MODE=redis
+STAT_SWITCH=1
+PERF_SWITCH=1
+TABLE_INFO=tsgconf/firewall_sd_maat_tableinfo.json
+STAT_FILE=log/firewall.sd.maat.status
+EFFECT_INTERVAL_MS=100
+GARBAGE_COLLECT_MS=30000
+RULE_UPDATE_CHECK_INTERVAL_MS=100
+REDIS_IP=127.0.0.1
+REDIS_PORT_NUM=1
+REDIS_PORT=7002
+REDIS_INDEX=1
+JSON_CFG_FILE=tsgconf/firewall_sd_maat_rule.json
+INC_CFG_DIR=tsgrule/inc/index/
+FULL_CFG_DIR=tsgrule/full/index/
+EFFECTIVE_RANGE_FILE=/opt/tsg/etc/tsg_device_tag.json
+LOG_PATH="log/firewall.sd.maat"
 
 [MAAT]
 {% raw %}{% set tags_list = [] %}
diff --git a/ansible/roles/traffic-engine/files/helm/conf/maat.conf b/ansible/roles/traffic-engine/files/helm/conf/maat.conf
index 6c362283..42f6151d 100644
--- a/ansible/roles/traffic-engine/files/helm/conf/maat.conf
+++ b/ansible/roles/traffic-engine/files/helm/conf/maat.conf
@@ -1,29 +1,29 @@
-[STATIC]
+[CM_STATIC_MAAT]
 ###file, json, redis
 MAAT_MODE=redis
 STAT_SWITCH=1
 PERF_SWITCH=0
 HIT_GROUP_SWITCH=1
-TABLE_INFO=tsgconf/firewall_maat_tableinfo.json
-STAT_FILE=log/master.maat.status
+TABLE_INFO=tsgconf/firewall_cm_maat_tableinfo.json
+STAT_FILE=log/firewall.cm.maat.status
 EFFECT_INTERVAL_MS=1000
 GARBAGE_COLLECT_MS=60000
 RULE_UPDATE_CHECK_INTERVAL_MS=1000
 REDIS_IP={{- include "traffic-engine.global.cm.server-ip" . }}
 REDIS_PORT={{- include "traffic-engine.global.cm.server-port" . }}
 REDIS_INDEX={{ .Values.vsys_id }}
-JSON_CFG_FILE=tsgconf/firewall_maat_rule.json
+JSON_CFG_FILE=tsgconf/firewall_cm_maat_rule.json
 INC_CFG_DIR=tsgrule/inc/index/
 FULL_CFG_DIR=tsgrule/full/index/
 EFFECTIVE_RANGE_FILE=/opt/tsg/etc/tsg_device_tag.json
-LOG_PATH="log/master.maat"
+LOG_PATH="log/firewall.cm.maat"
 
-[DYNAMIC_MAPPING_MAAT]
+[SD_DYNAMIC_MAAT]
 MAAT_MODE=redis
 STAT_SWITCH=1
 PERF_SWITCH=1
-TABLE_INFO=tsgconf/tsg_dynamic_mapping_tableinfo.json
-STAT_FILE=log/dynamic.mapping.maat.status
+TABLE_INFO=tsgconf/firewall_sd_maat_tableinfo.json
+STAT_FILE=log/firewall.sd.maat.status
 EFFECT_INTERVAL_MS={{ .Values.external_resources.sd.policy_effect_interval_ms }}
 GARBAGE_COLLECT_MS={{ .Values.external_resources.sd.policy_garbage_collection_interval_ms }}
 RULE_UPDATE_CHECK_INTERVAL_MS={{ .Values.external_resources.sd.policy_update_check_interval_ms }}
@@ -31,12 +31,11 @@ REDIS_IP={{- include "traffic-engine.global.sd.server-ip" . }}
 REDIS_PORT_NUM=1
 REDIS_PORT={{- include "traffic-engine.global.sd.server-port" . }}
 REDIS_INDEX={{ .Values.external_resources.sd.db_index }}
-JSON_CFG_FILE=tsgconf/tsg_dynamic_mapping_maat.json
+JSON_CFG_FILE=tsgconf/firewall_sd_maat_rule.json
 INC_CFG_DIR=tsgrule/inc/index/
 FULL_CFG_DIR=tsgrule/full/index/
 EFFECTIVE_RANGE_FILE=/opt/tsg/etc/tsg_device_tag.json
-LOG_LEVEL=0
-LOG_PATH="log/dynamic.mapping.maat"
+LOG_PATH="log/firewall.sd.maat"
 
 [MAAT]
 ACCEPT_TAGS={"tags":[{{- include "traffic-engine.device-tag-list" . }}]}