From f81b7ef95c6275d7e672cd0823e7d6987614c990 Mon Sep 17 00:00:00 2001
From: liuxueli <liuxueli@geedgenetworks.com>
Date: Mon, 25 Dec 2023 19:30:54 +0800
Subject: [PATCH] Update firewall-3.0.21.df0aedd, add STRATUM/RDP/SSH  business
 entry

---
 .../install_config/group_vars/rpm_version.yml   |  2 +-
 .../roles/firewall/templates/firewall.inf.j2.j2 | 16 ++++++++++++----
 .../traffic-engine/files/helm/conf/firewall.inf | 17 +++++++++++++++++
 3 files changed, 30 insertions(+), 5 deletions(-)

diff --git a/ansible/install_config/group_vars/rpm_version.yml b/ansible/install_config/group_vars/rpm_version.yml
index c7b3dd72..d3c807d1 100644
--- a/ansible/install_config/group_vars/rpm_version.yml
+++ b/ansible/install_config/group_vars/rpm_version.yml
@@ -3,7 +3,7 @@ certstore_rpm_version:
 
 firewall_rpm_version:
   conn_telemetry: conn_telemetry-1.0.3.4ef6df6
-  firewall: firewall-3.0.20.0d988e4
+  firewall: firewall-3.0.21.df0aedd
   #gtp_signaling_plug: gtp_signaling_plug-2.0.0.3f233d7
   #radius_collect_plug: radius_collect_plug-2.0.11.47a51f3
   glimpse_detector: glimpse_detector-3.0.0.7240884
diff --git a/ansible/roles/firewall/templates/firewall.inf.j2.j2 b/ansible/roles/firewall/templates/firewall.inf.j2.j2
index 196cfabe..4e5fa105 100644
--- a/ansible/roles/firewall/templates/firewall.inf.j2.j2
+++ b/ansible/roles/firewall/templates/firewall.inf.j2.j2
@@ -20,9 +20,9 @@ FUNC_NAME=firewall_http_plug_entry
 FUNC_FLAG=QUIC_CLIENT_HELLO,QUIC_SERVER_HELLO,QUIC_CACHED_CERT,QUIC_COMM_CERT,QUIC_CERT_CHAIN,QUIC_VERSION,QUIC_APPLICATION_DATA
 FUNC_NAME=firewall_quic_plug_entry
 
-#[FTP]
-#FUNC_FLAG=ALL
-#FUNC_NAME=firewall_ftp_plug_entry
+[FTP]
+FUNC_FLAG=ALL
+FUNC_NAME=firewall_ftp_plug_entry
 
 [RTP]
 FUNC_FLAG=ALL
@@ -42,4 +42,12 @@ FUNC_NAME=firewall_stratum_plug_entry
 
 [RDP]
 FUNC_FLAG=ALL
-FUNC_NAME=firewall_rdp_plug_entry
\ No newline at end of file
+FUNC_NAME=firewall_rdp_plug_entry
+
+[DNS]
+FUNC_FLAG=ALL
+FUNC_NAME=firewall_dns_plug_entry
+
+[DTLS]
+FUNC_FLAG=ALL
+FUNC_NAME=firewall_dtls_plug_entry
\ No newline at end of file
diff --git a/ansible/roles/traffic-engine/files/helm/conf/firewall.inf b/ansible/roles/traffic-engine/files/helm/conf/firewall.inf
index f7dca462..450e5bda 100644
--- a/ansible/roles/traffic-engine/files/helm/conf/firewall.inf
+++ b/ansible/roles/traffic-engine/files/helm/conf/firewall.inf
@@ -58,3 +58,20 @@ FUNC_FLAG=DTLS_CLIENT_HELLO,DTLS_SERVER_HELLO,DTLS_HELLO_VERIFY_REQUEST,DTLS_CLI
 FUNC_NAME=firewall_dtls_plug_entry
 {{- end }}
 
+{{- if eq .Values.decoders.STRATUM .Values.define_enable_val_yes }}
+[STRATUM]
+FUNC_FLAG=ALL
+FUNC_NAME=firewall_stratum_plug_entry
+{{- end }}
+
+{{- if eq .Values.decoders.RDP .Values.define_enable_val_yes }}
+[RDP]
+FUNC_FLAG=ALL
+FUNC_NAME=firewall_rdp_plug_entry
+{{- end }}
+
+{{- if eq .Values.decoders.SSH .Values.define_enable_val_yes }}
+[SSH]
+FUNC_FLAG=ALL
+FUNC_NAME=firewall_ssh_plug_entry
+{{- end }}