diff --git a/ansible/install_config/group_vars/rpm_version.yml b/ansible/install_config/group_vars/rpm_version.yml index 80fcc993..f905eec2 100644 --- a/ansible/install_config/group_vars/rpm_version.yml +++ b/ansible/install_config/group_vars/rpm_version.yml @@ -65,7 +65,7 @@ tsg_master_rpm_version: tsg_master: tsg_master-5.3.5.4578ad3 tsg_diagnose_rpm_version: - tsg_diagnose: tsg-diagnose-21.03.01.39beba7 + tsg_diagnose: tsg-diagnose-21.09.2.516ff30 http_healthcheck_rpm_version: http_healthcheck: http_healthcheck-21.06.01.d0685bb diff --git a/ansible/roles/tfe/files/tsg_diagnose_ca.pem b/ansible/roles/tfe/files/tsg_diagnose_ca.pem index 0d1f8389..cac12d46 100644 --- a/ansible/roles/tfe/files/tsg_diagnose_ca.pem +++ b/ansible/roles/tfe/files/tsg_diagnose_ca.pem @@ -1,49 +1,36 @@ -----BEGIN CERTIFICATE----- -MIIGWzCCBEOgAwIBAgIJAMimxpHS+4hRMA0GCSqGSIb3DQEBCwUAMHcxCzAJBgNV -BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1TYW4gRnJhbmNp -c2NvMQ8wDQYDVQQKDAZCYWRTU0wxKjAoBgNVBAMMIUJhZFNTTCBSb290IENlcnRp -ZmljYXRlIEF1dGhvcml0eTAeFw0yMDEwMjYwODQ3NDZaFw00MDEwMjEwODQ3NDZa -MHcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1T -YW4gRnJhbmNpc2NvMQ8wDQYDVQQKDAZCYWRTU0wxKjAoBgNVBAMMIUJhZFNTTCBS +MIIGWzCCBEOgAwIBAgIJAIDKRXpQo3kEMA0GCSqGSIb3DQEBCwUAMHcxCzAJBgNV +BAYTAkNOMRAwDgYDVQQIDAdCZWlqaW5nMRAwDgYDVQQHDAdCZWlqaW5nMRgwFgYD +VQQKDA9EaWFnbm9zZSBCYWRTU0wxKjAoBgNVBAMMIUJhZFNTTCBSb290IENlcnRp +ZmljYXRlIEF1dGhvcml0eTAeFw0yMTA5MDgwOTA5NDhaFw0zMTA5MDYwOTA5NDha +MHcxCzAJBgNVBAYTAkNOMRAwDgYDVQQIDAdCZWlqaW5nMRAwDgYDVQQHDAdCZWlq +aW5nMRgwFgYDVQQKDA9EaWFnbm9zZSBCYWRTU0wxKjAoBgNVBAMMIUJhZFNTTCBS b290IENlcnRpZmljYXRlIEF1dGhvcml0eTCCAiIwDQYJKoZIhvcNAQEBBQADggIP -ADCCAgoCggIBAKnefEvaekYAdlfFtpnaPaKYgl+X3FOXUEiYLHuX9YZjuhjVAf/I -19iW7+k6mln3jSxD05YZQk/jUVTTVjYgQftHzlZiJG086AGhG86QwDIPb9nQIGy8 -3DscFFQGGOoYPdV9E+s1cFDTIFGqqqlJ5T5jpjnAL/3WR2LxrgzPVkBjcOTJnkU6 -Gv2jqwQYGSz8+A6FYsGLqO6Pv7uKY1OPELNcTGnSwD1uctsMHn/Xqx4nMaBoMuSc -TZQEneSagGDgF1dVqEFhVEPo4VXiVthhS82xA3xK69UKfKLFkjjy+icH8LllKUFo -Psu+w/9V3OZ4xfzjEdpoRwRUmOesS5wlEkd3rLKEWXG/A8Uul5iCZ2Dez9nE6wi7 -w7JD7R1InPoD+7KXtT2JWS+9sj+Vre7XIjSEQuBRGiTOXnDcuYjFOkvCqS7OToUc -fOJAlKHCndqBnzLoLJHU2ozrqgz8SU0Iv1CPW6YXLtRFFX3K9WUvX7XNTonh+oWS -6IGifWnVcYh2N5peUuNVT4heD4QfIDpCvjwUAp2IWr1GnEjvjhPaHialRotHhfCi -t3T0F58IhFQ6+CLQwE57Yd+7zGbc7osqTe1hbiK2wcciTuajmGZyfev8atFey+Y5 -N/7jD3U0a6u4Z+DyGcc08Pj94cM5AJ7SA45LKwt6xhmGLzhemmdGLJLNAgMBAAGj -gekwgeYwHQYDVR0OBBYEFMGs0F0ycvMIQgM6oTyOBrxzjCPKMIGpBgNVHSMEgaEw -gZ6AFMGs0F0ycvMIQgM6oTyOBrxzjCPKoXukeTB3MQswCQYDVQQGEwJVUzETMBEG -A1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzEPMA0GA1UE -CgwGQmFkU1NMMSowKAYDVQQDDCFCYWRTU0wgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRo -b3JpdHmCCQDIpsaR0vuIUTAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIBBjANBgkq -hkiG9w0BAQsFAAOCAgEAeZzR9GKvTRiKfRqCzjhylk+7IbymWjxNTc2LQ3+O6lww -kw6Z2ybzvR3i/IZ7Hw+DBo1MXku9qHW/1uKR2BssoLHU1p1iHCBrZ1nw9MXxqXa3 -PhgxUZZu39NdXFc12fY/SYP8XQkNVzQCNouOvb75hj087ZDHvGztHIaB3VNUs1p+ -qMvGm8RVUGfDDqynUBZ814N32eCu+13N+dGL7yxASzD6Y3/myhVjixUuoUG3zFTW -NnIWspbC8MxhP/3QUMYi4KJM4KDiJQxPhGkMBwlhgAz/QPEJApKq0Cl0Reez7Gyd -KdnrqvCKhf8K53Su8L1GeRvzzKb7Hi+kMWIZVJPGz2DHgOymP5RCsIuWG6cDgx5E -3LfZYEPG63ezj+qMZmkdEMnD9SVBi85dOTOJ+OJgxxX2OahUKPUdDP89ZmHdOjR9 -CqUxnA+eqRNz1TajnjRFXir3/20SoBtrHBck3bxpmZwsF7A6Sg5RdlvQjK2Oy6g0 -9LrkPUgu9O/sBfz8uyG/HlQD7EuUNo0NQHqznnde3T+w5wY2vL3XUAl39qcpNPF6 -auCS8+aygYYmCUooZVzKlXGU3VUPGwcfmLE4gnPLT0+pnHtBS8tKLOzXAJjYQ3s+ -QpP3aO4lJvoZ6Oes/JRxNPW8dmaLxTKPqsaPEWWuoSYr0higPTBXQNg+++PYRY4= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB8jCCAVugAwIBAgIJAP3GpXchIMWHMA0GCSqGSIb3DQEBCwUAMBExDzANBgNV -BAsMBkdFRURHRTAgFw0yMDAzMDkxNjEyNTlaGA8yMDUwMDMwMjE2MTI1OVowETEP -MA0GA1UECwwGR0VFREdFMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCraZpH -Fca2Iu+9E9HzKbEi2Akdk4RrUJxkQjB2Tr7fGxwPDXqdGvSoXDdgnSA0I0bbNqMs -drgiCWimjnGiWfY0sssKg7plNTQ4i7Zz7P9Isyf6TuxvB09CzdhH2FQ3lLRTb8pv -BA0E28CCYiZhtX1/3RlDSvxaRKOM3yEt0q+FRQIDAQABo1AwTjAdBgNVHQ4EFgQU -NqrpSlpCuMBJlCLZEE/D5ZpBy8swHwYDVR0jBBgwFoAUNqrpSlpCuMBJlCLZEE/D -5ZpBy8swDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOBgQBsybFxUAjzhJ5H -VbSLhyillxtAJ3vEKtLrMVnAgRUEwamyu1JQGndF9kh8RapSmHhmuZM9iTc+NsNb -DKGKmEOY0vQMw83xE7EGYj4Nhww9UMyGglmTLbd3yB+uJA97beNVduU2mifDHGmN -4buMiPl3AozGRl9p5UCzZM5XxMMw1A== +ADCCAgoCggIBALA08tim/C/2U3gSvh+3chYhMi4nZg+kZY6rqRRVnqBZ+SbKldE0 +6C8scpaCQH5Ejz8N/My1qLDJMHWKZPVZmVvPaT/0do21xGbzyymkora6mU5fCkVo +0/TCu+yyQl63qsJYq8WMKawiLF5Lp6UPgv5wRQzmq/nm/SYY1y7XOpLN/5A3tZ/Q +EM+1Xpod+7HX5MxmUVn43lvK/u3J27cMaFw+u1Br4oHMYvPvKFtJ9fsxxgF3vQ0V +KVLBFeA62LHaX0b8onEb8OtG1hu1u0lwTRZf/OByR5n9Wg0++mzwVKwLvGwhOzci +UTN9Gcv6WsOxOxDsLHIKYrU+vEddL0Ut9MPVk51n9HhsjfDH2LIyY+ZzXa9XokPC +RPRQeHBmuS+ffnKq50aXpWyerAbvxRp/HaKeuEUnkiHFONeK7K9vdvDnpD7Cp5O/ +gJh6UAescwgm9CDQGh1TBgFjIqevwDNWbTtN4YBNzrE3tSHVYBL4CVz+1c48Jt5I +d9DvR4EnYRkv0j9/8vNwFXbcBiiudNSRNrGLVWYLRQDeOL+5ltCIM/yXqH7n00Zi +5iVzYlmeD7sI4legIXEXUG/lAV/4Fgnqgp71mlODym71SLn9gAEi2p1YkgoMi8Kk +O9bI3euH9pK+xcJIR1wWzEOs/jAuCtjrf8rxqUJ9oNDeEF+4vdevrPPfAgMBAAGj +gekwgeYwHQYDVR0OBBYEFMfbsgQGTgk5mSgdnQVRrFWAmFHtMIGpBgNVHSMEgaEw +gZ6AFMfbsgQGTgk5mSgdnQVRrFWAmFHtoXukeTB3MQswCQYDVQQGEwJDTjEQMA4G +A1UECAwHQmVpamluZzEQMA4GA1UEBwwHQmVpamluZzEYMBYGA1UECgwPRGlhZ25v +c2UgQmFkU1NMMSowKAYDVQQDDCFCYWRTU0wgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRo +b3JpdHmCCQCAykV6UKN5BDAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIBBjANBgkq +hkiG9w0BAQsFAAOCAgEAQp0vnG2Ay6SOMOJfQS5/rEHQtgFTjqLhJCNwJh8SxATu +n7N/6OSRFjGWs+GdPORcG/pwlZaufB4My+vUbBKIPumi4hpjZoQ/Mxxtpo1pGUKh +XQ4gnXGX4z2oDTWtU2TA0f3/O6JGw61nDI+3JB1Faj6GYX9eWmijwyUhJTu9GGn0 +WOOaJPEHe5Zgr+ICrq10SJ40Slnuz2O2/hzjCwSVYY65Tmq2drrmpQys0h7lOGIT +8AQK1DU7hx2/aN30Br5Oxq5NdBocl9QVbxnQbpnq/GB1uClJDR8iGV/3feW+QLTR +zfit5+GV77kbqvEfvjQTylTQvEXJu4CrBCHM1yfGXScmZ2Oy+SW4ap05vNbLLYIA +X5MIEazL6iTFYJoXUDJxvr1EI0bHwMgH7NKD6ztftP3IdWymKnfbSicRkdI+/biD +LL6xTUHnfa9qmbkJToNezapk3h8lkdaVbwPDEzRiIP72uodme6NG4Z0DodV7ENaN +8aLKHzENUji6PxHy5FH10Q+bwV3ICnrzhOeUqDDxD8ZjnVi0VRElB6314Q8N4mGM ++HDse1tBYeURV2sEOXQS6BsnJr57QlOItEO3TLNA5EjJqrJvuMjhktC6bGmkXipp +b6+PlgweQzyHcpvbLWviCyZHVuLOQVEn7TziPQ2BCSnlyeLetoPm+yffYOYOcCw= -----END CERTIFICATE----- diff --git a/ansible/roles/tsg-diagnose/files/tsg-diagnose-certs.tgz b/ansible/roles/tsg-diagnose/files/tsg-diagnose-certs.tgz deleted file mode 100644 index 5e61e279..00000000 Binary files a/ansible/roles/tsg-diagnose/files/tsg-diagnose-certs.tgz and /dev/null differ diff --git a/ansible/roles/tsg-diagnose/tasks/main.yml b/ansible/roles/tsg-diagnose/tasks/main.yml index be062558..82a2aa31 100644 --- a/ansible/roles/tsg-diagnose/tasks/main.yml +++ b/ansible/roles/tsg-diagnose/tasks/main.yml @@ -1,8 +1,3 @@ -- name: "Tsg-diagnose:copy file to device" - copy: - src: '{{ role_path }}/files/' - dest: /tmp/ansible_deploy/ - - name: "Install tsg-diagnose rpm package" yum: name: @@ -10,29 +5,12 @@ conf_file: "{{ rpm_repo_config_path }}" state: present -- name: "Templates tsg-diagnose.config" - template: - src: "{{role_path}}/templates/tsg-diagnose.config.j2" - dest: /opt/tsg/tsg-diagnose/etc/tsg-diagnose.config - tags: template - - name: "Templates docker-compose.yml" template: src: "{{role_path}}/templates/docker-compose.yml.j2" dest: /opt/tsg/tsg-diagnose/compose/docker-compose.yml tags: template -- name: "tsg-diagnose:mkdir -p .badssl_cert_dict" - file: - path: /opt/tsg/tsg-diagnose/.badssl_cert_dict - state: directory - -- name: "tsg-diagnose: unarchive certs" - unarchive: - src: /tmp/ansible_deploy/tsg-diagnose-certs.tgz - dest: /opt/tsg/tsg-diagnose/.badssl_cert_dict - remote_src: yes - - name: "copy tsg-diagnose.service file to dest" copy: src: "{{ role_path }}/files/tsg-diagnose.service" diff --git a/ansible/roles/tsg-diagnose/templates/docker-compose.yml.j2 b/ansible/roles/tsg-diagnose/templates/docker-compose.yml.j2 index 6f76a0da..afdc89f1 100644 --- a/ansible/roles/tsg-diagnose/templates/docker-compose.yml.j2 +++ b/ansible/roles/tsg-diagnose/templates/docker-compose.yml.j2 @@ -1,125 +1,125 @@ -#for tsg-diagnose -version: '2.2' -services: - - badssl_server: - image: "badssl-tsg-diagnose:latest" - container_name: "badssl_tsg-diagnose" - tty: true - privileged: true - networks: - vlan_ssl_net: - ipv4_address: 192.0.2.130 - ipv6_address: fd00:a1bf:2c3d:ef5a:1e2f:3d4c:56ab:1010 - bridge_net: - ipv4_address: 192.51.100.2 - volumes: - - /opt/tsg/tsg-diagnose/.badssl_cert_dict:/badssl.com/unittest_certs - - /etc/localtime:/etc/localtime:ro - command: > - bash -c "ifconfig eth0 hw ether 02:42:c0:a8:fd:82 - && arp -i eth0 -s 192.0.2.3 02:42:C0:A8:FD:03 - && cp -r /badssl.com/unittest_certs/certs /badssl.com/unittest_certs/common /badssl.com - && make inside-docker - && nginx - && tail -f /dev/null" - - wpr_server: - image: "wpr-tsg-diagnose:latest" - container_name: "wpr_tsg-diagnose" - tty: true - privileged: true - networks: - vlan_ssl_net: - ipv4_address: 192.0.2.131 - ipv6_address: fd00:a1bf:2c3d:ef5a:1e2f:3d4c:56ab:1011 - bridge_net: - ipv4_address: 192.51.100.3 - volumes: - - /etc/localtime:/etc/localtime:ro - command: - - /bin/sh - - -c - - | - ifconfig eth0 hw ether 02:42:C0:A8:FD:83 - arp -i eth0 -s 192.0.2.3 02:42:C0:A8:FD:03 - /root/wpr/wpr replay --http_port=80 --https_port=443 --host=0.0.0.0 --quiet_mode /root/wpr/archive.wprgo & - tail -f /dev/null - - unittest_client: - image: "unittest-tsg-diagnose:latest" - container_name: "unittest_tsg-diagnose" - depends_on: - - badssl_server - - wpr_server - tty: true - privileged: true - networks: - vlan_unittest_net: - ipv4_address: 192.0.2.3 - ipv6_address: fd00:a1bf:2c3d:ef5b:6e7f:8d9c:abfe:1012 - bridge_net: - ipv4_address: 192.51.100.4 - volumes: - - /opt/tsg/tsg-diagnose/.badssl_cert_dict:/root/cafile_dict - - /opt/tsg/tsg-diagnose/result:/root/result_tsg_diagnose - - /opt/tsg/tsg-diagnose/etc:/root/etc_tsg_diagnose - - /etc/localtime:/etc/localtime:ro - command: - - /bin/sh - - -c - - | - /root/unittest/wait-for 192.51.100.2:443 -t 60 -- echo "badssl is up" - /root/unittest/wait-for 192.51.100.3:443 -t 60 -- echo "wpr is up" - ifconfig eth0 hw ether 02:42:C0:A8:FD:03 - arp -i eth0 -s 192.0.2.130 02:42:c0:a8:fd:82 - arp -i eth0 -s 192.0.2.131 02:42:C0:A8:FD:83 - mkdir -p /root/result_tsg_diagnose/unittest - mkdir -p /root/result_tsg_diagnose/conn_traffic_status - cp -rf /root/cafile_dict/certs/sets/current/gen/crt/ca-root.crt /usr/local/share/ca-certificates - update-ca-certificates - cat /root/unittest/badssl.test.hosts >> /etc/hosts - echo '0 2 * * * /usr/local/bin/python /root/unittest/clear_file_timeout.py' > /etc/crontabs/root - echo '0 2 * * * /usr/local/bin/python /root/unittest/clear_file_timeout.py -d /root/result_tsg_diagnose/conn_traffic_status' > /etc/crontabs/root - crond - tail -f /dev/null - - -networks: - bridge_net: - name: bridge_tsg-diagnose_net - driver: bridge - ipam: - config: - - subnet: 192.51.100.0/24 - gateway: 192.51.100.1 - - vlan_ssl_net: - name: vlan_tsg-diagnose_net - driver: macvlan - enable_ipv6: true - driver_opts: - parent: {{ tsg_diagnose.docker_compose_yml.virtual_server_nic }} - ipam: - config: - - subnet: 192.0.2.0/24 - ip_range: 192.0.2.128/25 - gateway: 192.0.2.129 - - subnet: fd00:a1bf:2c3d:ef5a::/63 - ip_range: fd00:a1bf:2c3d:ef5a::/64 - gateway: fd00:a1bf:2c3d:ef5a::1010 - - vlan_unittest_net: - name: vlan_unittest_tsg-diagnose_net - driver: macvlan - enable_ipv6: true - driver_opts: - parent: {{ tsg_diagnose.docker_compose_yml.virtual_client_nic }} - ipam: - config: - - subnet: 192.0.2.0/24 - ip_range: 192.0.2.0/25 - gateway: 192.0.2.1 - - subnet: fd00:a1bf:2c3d:ef5a::/63 - ip_range: fd00:a1bf:2c3d:ef5b::/64 - gateway: fd00:a1bf:2c3d:ef5a::1011 +#for tsg-diagnose +version: '2.2' +services: + + server_web: + image: "dign-server-web:latest" + container_name: "dign-server-web" + tty: true + privileged: true + networks: + server_macvlan_net: + ipv4_address: 192.0.2.130 + ipv6_address: fd00:a1bf:2c3d:ef5a:1e2f:3d4c:56ab:1010 + bridge_direct_net: + ipv4_address: 192.51.100.2 + volumes: + - /opt/tsg/tsg-diagnose/etc/.certs_import:/badssl.com/certs_import + - /etc/localtime:/etc/localtime:ro + command: > + bash -c "ifconfig eth0 hw ether 02:42:c0:a8:fd:82 + && arp -i eth0 -s 192.0.2.3 02:42:C0:A8:FD:03 + && cp -r /badssl.com/certs_import/certs /badssl.com/certs_import/common /badssl.com + && make inside-docker + && nginx + && tail -f /dev/null" + + + server_dns: + image: "dign-server-dns:latest" + container_name: "dign-server-dns" + tty: true + privileged: true + networks: + server_macvlan_net: + ipv4_address: 192.0.2.135 + ipv6_address: fd00:a1bf:2c3d:ef5a:1e2f:3d4c:56ab:1015 + bridge_direct_net: + ipv4_address: 192.51.100.5 + volumes: + - /opt/tsg/tsg-diagnose/etc/dnsmasq.conf:/etc/dnsmasq.conf + - /etc/localtime:/etc/localtime:ro + entrypoint: /bin/sh + command: + - -c + - | + ifconfig eth0 hw ether 02:42:C0:A8:FD:85 + arp -i eth0 -s 192.0.2.3 02:42:C0:A8:FD:03 + echo 66.66.66.66 www.1testanswer-cname.com >> /etc/hosts + webproc --config /etc/dnsmasq.conf -- dnsmasq --no-daemon & + tail -f /dev/null + + client: + image: "dign-client:latest" + container_name: "dign-client" + depends_on: + - server_web + - server_dns + tty: true + privileged: true + networks: + client_macvlan_net: + ipv4_address: 192.0.2.3 + ipv6_address: fd00:a1bf:2c3d:ef5b:6e7f:8d9c:abfe:1012 + bridge_direct_net: + ipv4_address: 192.51.100.4 + volumes: + - /opt/tsg/tsg-diagnose/etc/.certs_import:/opt/dign_client/etc/certs_import + - /opt/tsg/tsg-diagnose/log:/opt/dign_client/log + - /opt/tsg/tsg-diagnose/etc/client.conf:/opt/dign_client/etc/client.conf + - /etc/localtime:/etc/localtime:ro + command: + - /bin/sh + - -c + - | + /opt/dign_client/bin/wait-for 192.51.100.2:443 -t 60 -- echo "server web is up" + /opt/dign_client/bin/wait-for 192.51.100.5:8080 -t 60 -- echo "server dns is up" + ifconfig eth0 hw ether 02:42:C0:A8:FD:03 + arp -i eth0 -s 192.0.2.130 02:42:c0:a8:fd:82 + arp -i eth0 -s 192.0.2.131 02:42:C0:A8:FD:83 + arp -i eth0 -s 192.0.2.135 02:42:C0:A8:FD:85 + mkdir -p /opt/dign_client/log + cp -rf /opt/dign_client/etc/certs_import/certs/sets/current/gen/crt/ca-root.crt /usr/local/share/ca-certificates + update-ca-certificates + cat /opt/dign_client/etc/hosts >> /etc/hosts + tail -f /dev/null + + +networks: + bridge_direct_net: + name: dign-direct-bridge + driver: bridge + ipam: + config: + - subnet: 192.51.100.0/24 + gateway: 192.51.100.1 + + server_macvlan_net: + name: dign-server-macvlan + driver: macvlan + enable_ipv6: true + driver_opts: + parent: {{ tsg_diagnose.docker_compose_yml.virtual_server_nic }} + ipam: + config: + - subnet: 192.0.2.0/24 + ip_range: 192.0.2.128/25 + gateway: 192.0.2.129 + - subnet: fd00:a1bf:2c3d:ef5a::/63 + ip_range: fd00:a1bf:2c3d:ef5a::/64 + gateway: fd00:a1bf:2c3d:ef5a::1010 + + client_macvlan_net: + name: dign-client-macvlan + driver: macvlan + enable_ipv6: true + driver_opts: + parent: {{ tsg_diagnose.docker_compose_yml.virtual_client_nic }} + ipam: + config: + - subnet: 192.0.2.0/24 + ip_range: 192.0.2.0/25 + gateway: 192.0.2.1 + - subnet: fd00:a1bf:2c3d:ef5a::/63 + ip_range: fd00:a1bf:2c3d:ef5b::/64 + gateway: fd00:a1bf:2c3d:ef5a::1011 diff --git a/ansible/roles/tsg-diagnose/templates/tsg-diagnose.config.j2 b/ansible/roles/tsg-diagnose/templates/tsg-diagnose.config.j2 deleted file mode 100644 index 9114902e..00000000 --- a/ansible/roles/tsg-diagnose/templates/tsg-diagnose.config.j2 +++ /dev/null @@ -1,135 +0,0 @@ -[test_securityPolicy_bypass] -# enabled = 1 run this case -enabled = 1 -#Connection TIMEOUT, in seconds -conn_timeout = 1 -#max_recv_speed_large byte/s -max_recv_speed_large = 6553600 - -[test_securityPolicy_intercept] -enabled = 1 -conn_timeout = 1 -max_recv_speed_large = 6553600 - -[test_securityPolicy_intercept_certerrExpired] -enabled = 1 -conn_timeout = 1 -max_recv_speed_large = 6553600 - -[test_securityPolicy_intercept_certerrSelf_signed] -enabled = 1 -conn_timeout = 1 -max_recv_speed_large = 6553600 - -[test_securityPolicy_intercept_certerrUntrusted_root] -enabled = 1 -conn_timeout = 1 -max_recv_speed_large = 6553600 - -[test_proxyPolicy_ssl_redirect] -enabled = 1 -conn_timeout = 1 -max_recv_speed_large = 6553600 - -[test_proxyPolicy_ssl_block] -enabled = 1 -conn_timeout = 1 -max_recv_speed_large = 6553600 - -[test_proxyPolicy_ssl_replace] -enabled = 1 -conn_timeout = 1 -max_recv_speed_large = 6553600 - -[test_proxyPolicy_ssl_hijack] -enabled = 1 -conn_timeout = 1 -max_recv_speed_large = 6553600 - -[test_proxyPolicy_ssl_insert] -enabled = 1 -conn_timeout = 1 -max_recv_speed_large = 6553600 - -[test_proxyPolicy_http_redirect] -enabled = 1 -conn_timeout = 1 -max_recv_speed_large = 6553600 - -[test_proxyPolicy_http_block] -enabled = 1 -conn_timeout = 1 -max_recv_speed_large = 6553600 - -[test_proxyPolicy_http_replace] -enabled = 1 -conn_timeout = 1 -max_recv_speed_large = 6553600 - -[test_proxyPolicy_http_hijack] -enabled = 1 -conn_timeout = 1 -max_recv_speed_large = 6553600 - -[test_proxyPolicy_http_insert] -enabled = 1 -conn_timeout = 1 -max_recv_speed_large = 6553600 - -[test_https_con_traffic_1k] -enabled = 1 -conn_timeout = 1 -max_recv_speed_large = 6553600 - -[test_https_con_traffic_4k] -enabled = 1 -conn_timeout = 1 -max_recv_speed_large = 6553600 - -[test_https_con_traffic_16k] -enabled = 1 -conn_timeout = 1 -max_recv_speed_large = 6553600 - -[test_https_con_traffic_64k] -enabled = 1 -conn_timeout = 1 -max_recv_speed_large = 6553600 - -[test_https_con_traffic_256k] -enabled = 1 -conn_timeout = 1 -max_recv_speed_large = 6553600 - -[test_https_con_traffic_1M] -enabled = 1 -conn_timeout = 1 -max_recv_speed_large = 6553600 - -[test_https_con_traffic_4M] -enabled = 1 -conn_timeout = 1 -max_recv_speed_large = 6553600 - -[test_https_con_traffic_16M] -enabled = 1 -conn_timeout = 4 -max_recv_speed_large = 6553600 - -[test_https_con_traffic_64M] -enabled = 1 -conn_timeout = 12 -max_recv_speed_large = 6553600 - -[start_time_random_delay_range] -enabled = 1 -#Left_edge is the left edge of the randomly generated time in seconds -left_edge = 0 -#Left_edge is the right edge of the randomly generated time in seconds -right_edge = 30 - -[telegraf] -host = 192.51.100.1 -port = 58100 -tags_key = app_name -tags_value = tsg-diagnose \ No newline at end of file