151 lines
4.6 KiB
Plaintext
151 lines
4.6 KiB
Plaintext
[MAAT]
|
|
PROFILE="./tsgconf/maat.conf"
|
|
{{- if eq .Values.external_resources.sd.enable .Values.define_enable_val_yes }}
|
|
DYNAMIC_MAPPING_MAAT_SWITCH=1
|
|
{{- else }}
|
|
DYNAMIC_MAPPING_MAAT_SWITCH=0
|
|
{{- end }}
|
|
|
|
DEVICE_TAG_FILE=/opt/tsg/etc/tsg_device_tag.json
|
|
ACCEPT_TAGS={"tags":[{{- include "traffic-engine.device-tag-list" . }}]}
|
|
|
|
[TSG_LOG]
|
|
IPFIX_SCHEMA_PROFILE=./tsgconf/firewall_logger_ipfix_schema.json
|
|
LOGGER_SCHEMA_PROFILE=./tsgconf/firewall_logger_transmitter_schema.json
|
|
|
|
TRAFFIC_VSYSTEM_ID={{ .Values.vsys_id }}
|
|
|
|
{{- if eq .Values.firewall.logs.contains_app_id.enable .Values.define_enable_val_yes }}
|
|
SEND_APP_ID_SWITCH=1
|
|
{{- else }}
|
|
SEND_APP_ID_SWITCH=0
|
|
{{- end }}
|
|
{{- if eq .Values.firewall.logs.contains_dns_resource_record.enable .Values.define_enable_val_yes }}
|
|
SEND_DNS_RR_SWITCH=1
|
|
{{- else }}
|
|
SEND_DNS_RR_SWITCH=0
|
|
{{- end }}
|
|
SEND_INTERCEPT_LOG=1
|
|
TCP_MIN_PKTS=3
|
|
TCP_MIN_BYTES=5
|
|
UDP_MIN_PKTS=3
|
|
UDP_MIN_BYTES=5
|
|
{{- if eq .Values.define_enable_val_yes .Values.transaction_record.enable_http }}
|
|
SEND_HTTP_TRANSACTION_RECORD=1
|
|
{{- else }}
|
|
SEND_HTTP_TRANSACTION_RECORD=0
|
|
{{- end }}
|
|
{{- if eq .Values.define_enable_val_yes .Values.transaction_record.enable_dns }}
|
|
SEND_DNS_TRANSACTION_RECORD=1
|
|
{{- else }}
|
|
SEND_DNS_TRANSACTION_RECORD=0
|
|
{{- end }}
|
|
{{- if eq .Values.define_enable_val_yes .Values.transaction_record.enable_mail }}
|
|
SEND_MAIL_TRANSACTION_RECORD=1
|
|
{{- else }}
|
|
SEND_MAIL_TRANSACTION_RECORD=0
|
|
{{- end }}
|
|
{{- if eq .Values.define_enable_val_yes .Values.voip_record.enable_sip }}
|
|
SEND_SIP_RECORD=1
|
|
{{- else }}
|
|
SEND_SIP_RECORD=0
|
|
{{- end }}
|
|
{{- if eq .Values.define_enable_val_yes .Values.voip_record.enable_rtp }}
|
|
SEND_RTP_RECORD=1
|
|
{{- else }}
|
|
SEND_RTP_RECORD=0
|
|
{{- end }}
|
|
{{- if eq .Values.define_enable_val_yes .Values.packet_capture.enable }}
|
|
ENFORCE_TROUBLESHOOTING_SWITCH=1
|
|
{{- else }}
|
|
ENFORCE_TROUBLESHOOTING_SWITCH=0
|
|
{{- end }}
|
|
|
|
[SYSTEM]
|
|
DATACENTER_ID={{ .Values.session_id_generator.snowflake_worker_id_base }}
|
|
LOG_LEVEL=30
|
|
LOG_PATH="firewall.log"
|
|
DEVICE_SEQ_IN_DATA_CENTER={{ .Values.session_id_generator.snowflake_worker_id_offset }}
|
|
SERVICE_CHAINING_SID={{ .Values.sid.sce }}
|
|
SHAPING_SID={{ .Values.sid.shaping }}
|
|
PROXY_SID={{ .Values.sid.proxy }}
|
|
{{- if eq .Values.decoders.SSL_JA3 .Values.define_enable_val_yes }}
|
|
GENERATE_JA3_FINGERPRINT=1
|
|
{{- else }}
|
|
GENERATE_JA3_FINGERPRINT=0
|
|
{{- end }}
|
|
MAX_SCAN_TCP_PKT_COUNT=8
|
|
MAX_SCAN_UDP_PKT_COUNT=8
|
|
PERIODIC_SCAN_INTERVAL_MS=120000
|
|
OSFP_DB_JSON_PATH=tsgconf/firewall_osfp_db.json
|
|
L7_PROTOCOL_FILE=./tsgconf/firewall_l7_protocol.conf
|
|
|
|
[FIREWALL]
|
|
# hijack, replace
|
|
DNS_RESPONSE_MODE=replace
|
|
HTTP_PAGE200=./tsgconf/HTTP200.html
|
|
HTTP_PAGE204=./tsgconf/HTTP204.html
|
|
HTTP_PAGE403=./tsgconf/HTTP403.html
|
|
HTTP_PAGE404=./tsgconf/HTTP404.html
|
|
|
|
[FIREWALL_LOCAL_STAT]
|
|
STAT_NAME="firewall"
|
|
STAT_INTERVAL_TIME_S=5
|
|
STAT_OUTPATH="metrics/firewall_local_file_stat.json"
|
|
|
|
[context_based_detector]
|
|
LOG_LEVEL=30
|
|
LOG_PATH="log/context_based_detector.log"
|
|
SENDBACK_SWITCH=0
|
|
|
|
[APP_SKETCH_FEEDBACK]
|
|
QOS=0
|
|
PUBLISH_TOPIC="APP_SIGNATURE_ID"
|
|
#CLIENT_ID=
|
|
#BROKER_IP=
|
|
#BROKER_PORT=
|
|
|
|
[qdpi_detector]
|
|
debug_swtich=30
|
|
intput_max_packet=20
|
|
qmdpi_engine_config=injection_mode=stream;nb_workers={{- include "traffic-engine.sapp.workerthread" . }};nb_flows=8000;basic_dpi_enable=1;classification_cache_enable=0;fm_flow_table_alloc_mode=0
|
|
|
|
[TRAFFIC_MIRROR]
|
|
{{- if eq .Values.traffic_mirror.enable_raw_traffic .Values.define_enable_val_yes }}
|
|
TRAFFIC_MIRROR_ENABLE=1
|
|
{{- else }}
|
|
TRAFFIC_MIRROR_ENABLE=0
|
|
{{- end }}
|
|
{{- if .Values.nic_mirror_name.firewall }}
|
|
NIC_NAME="{{ .Values.nic_mirror_name.firewall }}"
|
|
{{- end }}
|
|
APP_NAME="sapp-mirror-{{ .Values.app_symbol_index }}"
|
|
DEFAULT_VLAN_ID=0
|
|
|
|
[PROTO_IDENTIFY]
|
|
MAX_IDENTIFY_PACKETS=10
|
|
|
|
[SESSION_FLAGS]
|
|
#RANDOM_LOOKING_JUDGE_LIST={"random_looking_judge_list":[ "frequency", "block_frequency", "cumulative_sums", "runs", "longest_run", "rank", "non_overlapping_template_matching", "overlapping_template_matching", "universal", "random_excursions", "random_excursions_variant", "poker_detect", "runs_distribution", "self_correlation", "binary_derivative" ]}
|
|
RANDOM_LOOKING_JUDGE_LIST={"random_looking_judge_list":[]}
|
|
|
|
[SF_CLASSIFIER]
|
|
SYNC_MODE=1
|
|
|
|
[STAT_POLICY_ENFORCER]
|
|
POLICY_CYCLE_INTERVAL_S=1
|
|
POLICY_CYCLE_NUM_SUBMIT=4
|
|
|
|
{{ if eq .Values.dos_protector.enable .Values.define_enable_val_yes -}}
|
|
[DOS_PROTECTOR]
|
|
SWARMKV_CLUSTER_NAME="tsg-ddos-vsys{{ .Values.vsys_id }}"
|
|
SWARMKV_NODE_IP="0.0.0.0"
|
|
SWARMKV_NODE_PORT=8551
|
|
SWARMKV_CONSUL_IP="NODE_IP_LOCATION"
|
|
SWARMKV_CONSUL_PORT=8500
|
|
SWARMKV_CLUSTER_ANNOUNCE_IP="NODE_IP_LOCATION"
|
|
SWARMKV_CLUSTER_ANNOUNCE_PORT=CLUSTER_ANNOUNCE_PORT_LOCATION
|
|
SWARMKV_HEALTH_CHECK_PORT=8552
|
|
SWARMKV_HEALTH_CHECK_ANNOUNCE_PORT=HEALTH_CHECK_ANNOUNCE_PORT_LOCATION
|
|
{{- end }}
|