├── .gitignore ├── AnomalyDetection ├── AnomalyError.py ├── DistributedDetection.py ├── InternalDetection.py └── __init__.py ├── CHANGELOG.md ├── Gtk ├── Gtk_DialogBox.py ├── Gtk_Export.py ├── Gtk_FwSelect.py ├── Gtk_HelpMessage.py ├── Gtk_IPSec_Tunnels.py ├── Gtk_LateralPane.py ├── Gtk_ListView.py ├── Gtk_Main.py ├── Gtk_Matrix_Table.py ├── Gtk_MenuBar.py ├── Gtk_Nat_Rule.py ├── Gtk_NetworkCanvas.py ├── Gtk_NetworkPopupMenu.py ├── Gtk_NoteBook.py ├── Gtk_ProgressBar.py ├── Gtk_QueryPath.py ├── Gtk_SearchBar.py ├── Gtk_StatusBar.py ├── Gtk_TabInterface.py ├── Gtk_TreeView.py ├── Gtk_VPNs.py └── __init__.py ├── Makefile ├── NetworkGraph ├── Edge.py ├── NetworkGraph.py ├── Node.py └── __init__.py ├── Parser ├── CheckPoint │ ├── CheckPointLex.py │ ├── CheckPointPort.py │ ├── CheckPointYacc.py │ ├── __init__.py │ ├── lexTest.py │ ├── objTest │ ├── objects.C │ ├── objects.C2 │ ├── ply │ │ ├── __init__.py │ │ ├── __init__.pyc │ │ ├── cpp.py │ │ ├── ctokens.py │ │ ├── lex.py │ │ ├── lex.pyc │ │ ├── yacc.py │ │ └── yacc.pyc │ ├── rules.C │ ├── yaccTest.py │ └── yaccTest2.py ├── CheckPoint_R_77 │ ├── CheckPointLex.py │ ├── CheckPointPort.py │ ├── CheckPointYacc.py │ ├── __init__.py │ ├── lexTest.py │ ├── objTest │ ├── objects.C │ ├── objects.C2 │ ├── ply │ │ ├── __init__.py │ │ ├── cpp.py │ │ ├── ctokens.py │ │ ├── lex.py │ │ └── yacc.py │ ├── rules.C │ ├── yaccTest.py │ └── yaccTest2.py ├── CiscoAsa │ ├── CiscoAsaLex.py │ ├── CiscoAsaPort.py │ ├── CiscoAsaYacc.py │ └── __init__.py ├── FortiGate.o │ ├── FortiGateLex.py │ ├── FortiGateLex.pyc │ ├── FortiGateYacc.py │ ├── FortiGateYacc.pyc │ ├── __init__.py │ └── __init__.pyc ├── FortiGate │ ├── FortiGateLex.py │ ├── FortiGateYacc.py │ └── __init__.py ├── IpTables │ ├── IpTablesLex.py │ ├── IpTablesParser.py │ ├── IpTablesYacc.py │ └── __init__.py ├── JuniperNetscreen │ ├── JuniperNetscreenLex.py │ ├── JuniperNetscreenPort.py │ ├── JuniperNetscreenYacc.py │ └── __init__.py ├── Juniper_JunOS_11 │ ├── JuniperNetscreenLex.py │ ├── JuniperNetscreenPort.py │ ├── JuniperNetscreenYacc.py │ └── __init__.py ├── MatrixFlowParser │ ├── MatrixFlowLex.py │ ├── MatrixFlowParser.py │ ├── MatrixFlowYacc.py │ └── __init__.py ├── Parser.py ├── QueryPathParser │ ├── QueryPathLex.py │ ├── QueryPathParser.py │ ├── QueryPathYacc.py │ └── __init__.py ├── Routing │ ├── RoutingParser.py │ └── __init__.py ├── __init__.py └── ply │ ├── __init__.py │ ├── cpp.py │ ├── ctokens.py │ ├── lex.py │ └── yacc.py ├── README.md ├── ROBDD ├── __init__.py ├── ite.py ├── operators.py ├── robdd.py ├── robdd_debug.py └── synthesis.py ├── SpringBase ├── ACL.py ├── Action.py ├── Firewall.py ├── IPSec_Tunnel.py ├── Interface.py ├── Ip.py ├── Nat_Rule.py ├── Nat_Rule_2.py ├── Operator.py ├── Port.py ├── Protocol.py ├── Route.py ├── Route_info.py ├── Rule.py └── __init__.py ├── Tools ├── ExcelToolKit.py ├── ReduceRule.py ├── __init__.py └── iptable_helper.py ├── __init__.py ├── documentation ├── HowTo_add_equipements.pdf ├── long_doc └── short_doc ├── input ├── template_matrix_table.xlsx └── template_rule_to_excel.xlsx ├── parser.out ├── parsetab.py ├── ressources ├── firewall.png ├── firewallred.png ├── gateway.png ├── gatewayblue.png ├── gatewaycyan.png ├── gatewaygreen.png ├── gatewayorange.png ├── gatewayred.png ├── icon.png ├── network.png ├── networkblue.png ├── networkcyan.png ├── networkgreen.png ├── networkorange.png ├── networkred.png ├── pointA.png └── pointB.png ├── springbok.py ├── springbox_cli.py └── test ├── __init__.py ├── checkpoint_parse ├── __init__.py ├── newObj.C ├── objects.C ├── parser.out ├── parsetab.py ├── save.py ├── testLex.py ├── testLex.pyc └── testYacc.py ├── cisco_parse ├── __init__.py ├── ref_rule1.txt ├── ref_rule10.txt ├── ref_rule11.txt ├── ref_rule12.txt ├── ref_rule13.txt ├── ref_rule14.txt ├── ref_rule15.txt ├── ref_rule16.txt ├── ref_rule17.txt ├── ref_rule18.txt ├── ref_rule19.txt ├── ref_rule2.txt ├── ref_rule20.txt ├── ref_rule21.txt ├── ref_rule22.txt ├── ref_rule23.txt ├── ref_rule24.txt ├── ref_rule25.txt ├── ref_rule26.txt ├── ref_rule27.txt ├── ref_rule28.txt ├── ref_rule29.txt ├── ref_rule3.txt ├── ref_rule30.txt ├── ref_rule31.txt ├── ref_rule32.txt ├── ref_rule33.txt ├── ref_rule34.txt ├── ref_rule35.txt ├── ref_rule36.txt ├── ref_rule37.txt ├── ref_rule38.txt ├── ref_rule39.txt ├── ref_rule4.txt ├── ref_rule40.txt ├── ref_rule41.txt ├── ref_rule42.txt ├── ref_rule43.txt ├── ref_rule44.txt ├── ref_rule45.txt ├── ref_rule46.txt ├── ref_rule47.txt ├── ref_rule48.txt ├── ref_rule49.txt ├── ref_rule5.txt ├── ref_rule50.txt ├── ref_rule51.txt ├── ref_rule52.txt ├── ref_rule53.txt ├── ref_rule54.txt ├── ref_rule55.txt ├── ref_rule56.txt ├── ref_rule57.txt ├── ref_rule6.txt ├── ref_rule7.txt ├── ref_rule8.txt ├── ref_rule9.txt ├── test.py ├── test_rule1.txt ├── test_rule10.txt ├── test_rule11.txt ├── test_rule12.txt ├── test_rule13.txt ├── test_rule14.txt ├── test_rule15.txt ├── test_rule16.txt ├── test_rule17.txt ├── test_rule18.txt ├── test_rule19.txt ├── test_rule2.txt ├── test_rule20.txt ├── test_rule21.txt ├── test_rule22.txt ├── test_rule23.txt ├── test_rule24.txt ├── test_rule25.txt ├── test_rule26.txt ├── test_rule27.txt ├── test_rule28.txt ├── test_rule29.txt ├── test_rule3.txt ├── test_rule30.txt ├── test_rule31.txt ├── test_rule32.txt ├── test_rule33.txt ├── test_rule34.txt ├── test_rule35.txt ├── test_rule36.txt ├── test_rule37.txt ├── test_rule38.txt ├── test_rule39.txt ├── test_rule4.txt ├── test_rule40.txt ├── test_rule41.txt ├── test_rule42.txt ├── test_rule43.txt ├── test_rule44.txt ├── test_rule45.txt ├── test_rule46.txt ├── test_rule47.txt ├── test_rule48.txt ├── test_rule49.txt ├── test_rule5.txt ├── test_rule50.txt ├── test_rule51.txt ├── test_rule52.txt ├── test_rule53.txt ├── test_rule54.txt ├── test_rule55.txt ├── test_rule56.txt ├── test_rule57.txt ├── test_rule6.txt ├── test_rule7.txt ├── test_rule8.txt └── test_rule9.txt ├── distributed_detection ├── __init__.py ├── __init__.pyc ├── ref_correlate1.txt ├── ref_correlate10.txt ├── ref_correlate101.txt ├── ref_correlate102.txt ├── ref_correlate103.txt ├── ref_correlate104.txt ├── ref_correlate105.txt ├── ref_correlate106.txt ├── ref_correlate107.txt ├── ref_correlate108.txt ├── ref_correlate109.txt ├── ref_correlate11.txt ├── ref_correlate110.txt ├── ref_correlate111.txt ├── ref_correlate112.txt ├── ref_correlate12.txt ├── ref_correlate2.txt ├── ref_correlate201.txt ├── ref_correlate202.txt ├── ref_correlate203.txt ├── ref_correlate204.txt ├── ref_correlate205.txt ├── ref_correlate206.txt ├── ref_correlate207.txt ├── ref_correlate208.txt ├── ref_correlate209.txt ├── ref_correlate210.txt ├── ref_correlate211.txt ├── ref_correlate3.txt ├── ref_correlate4.txt ├── ref_correlate5.txt ├── ref_correlate6.txt ├── ref_correlate7.txt ├── ref_correlate8.txt ├── ref_correlate9.txt ├── ref_raised1.txt ├── ref_raised101.txt ├── ref_raised102.txt ├── ref_raised103.txt ├── ref_raised104.txt ├── ref_raised105.txt ├── ref_raised2.txt ├── ref_raised201.txt ├── ref_raised202.txt ├── ref_raised3.txt ├── ref_raised4.txt ├── ref_raised5.txt ├── ref_redudant1.txt ├── ref_redudant101.txt ├── ref_redudant102.txt ├── ref_redudant103.txt ├── ref_redudant104.txt ├── ref_redudant105.txt ├── ref_redudant106.txt ├── ref_redudant107.txt ├── ref_redudant108.txt ├── ref_redudant109.txt ├── ref_redudant2.txt ├── ref_redudant3.txt ├── ref_redudant4.txt ├── ref_redudant5.txt ├── ref_redudant6.txt ├── ref_redudant7.txt ├── ref_redudant8.txt ├── ref_redudant9.txt ├── ref_shadow1.txt ├── ref_shadow101.txt ├── ref_shadow102.txt ├── ref_shadow103.txt ├── ref_shadow104.txt ├── ref_shadow105.txt ├── ref_shadow106.txt ├── ref_shadow107.txt ├── ref_shadow108.txt ├── ref_shadow109.txt ├── ref_shadow2.txt ├── ref_shadow201.txt ├── ref_shadow202.txt ├── ref_shadow203.txt ├── ref_shadow3.txt ├── ref_shadow4.txt ├── ref_shadow5.txt ├── ref_shadow6.txt ├── ref_shadow7.txt ├── ref_shadow8.txt ├── ref_shadow9.txt ├── test.py ├── test.pyc ├── test_correlate1.txt ├── test_correlate10.txt ├── test_correlate101.txt ├── test_correlate102.txt ├── test_correlate103.txt ├── test_correlate104.txt ├── test_correlate105.txt ├── test_correlate106.txt ├── test_correlate107.txt ├── test_correlate108.txt ├── test_correlate109.txt ├── test_correlate11.txt ├── test_correlate110.txt ├── test_correlate111.txt ├── test_correlate112.txt ├── test_correlate12.txt ├── test_correlate2.txt ├── test_correlate201.txt ├── test_correlate202.txt ├── test_correlate203.txt ├── test_correlate204.txt ├── test_correlate205.txt ├── test_correlate206.txt ├── test_correlate207.txt ├── test_correlate208.txt ├── test_correlate209.txt ├── test_correlate210.txt ├── test_correlate211.txt ├── test_correlate3.txt ├── test_correlate4.txt ├── test_correlate5.txt ├── test_correlate6.txt ├── test_correlate7.txt ├── test_correlate8.txt ├── test_correlate9.txt ├── test_raised1.txt ├── test_raised101.txt ├── test_raised102.txt ├── test_raised103.txt ├── test_raised104.txt ├── test_raised105.txt ├── test_raised2.txt ├── test_raised201.txt ├── test_raised202.txt ├── test_raised3.txt ├── test_raised4.txt ├── test_raised5.txt ├── test_redudant1.txt ├── test_redudant101.txt ├── test_redudant102.txt ├── test_redudant103.txt ├── test_redudant104.txt ├── test_redudant105.txt ├── test_redudant106.txt ├── test_redudant107.txt ├── test_redudant108.txt ├── test_redudant109.txt ├── test_redudant2.txt ├── test_redudant3.txt ├── test_redudant4.txt ├── test_redudant5.txt ├── test_redudant6.txt ├── test_redudant7.txt ├── test_redudant8.txt ├── test_redudant9.txt ├── test_shadow1.txt ├── test_shadow101.txt ├── test_shadow102.txt ├── test_shadow103.txt ├── test_shadow104.txt ├── test_shadow105.txt ├── test_shadow106.txt ├── test_shadow107.txt ├── test_shadow108.txt ├── test_shadow109.txt ├── test_shadow2.txt ├── test_shadow201.txt ├── test_shadow202.txt ├── test_shadow203.txt ├── test_shadow3.txt ├── test_shadow4.txt ├── test_shadow5.txt ├── test_shadow6.txt ├── test_shadow7.txt ├── test_shadow8.txt └── test_shadow9.txt ├── fortinet_parse ├── __init__.py ├── ref_rule1.txt ├── ref_rule10.txt ├── ref_rule100.txt ├── ref_rule101.txt ├── ref_rule102.txt ├── ref_rule103.txt ├── ref_rule104.txt ├── ref_rule105.txt ├── ref_rule106.txt ├── ref_rule107.txt ├── ref_rule108.txt ├── ref_rule109.txt ├── ref_rule11.txt ├── ref_rule110.txt ├── ref_rule111.txt ├── ref_rule112.txt ├── ref_rule113.txt ├── ref_rule114.txt ├── ref_rule115.txt ├── ref_rule116.txt ├── ref_rule117.txt ├── ref_rule118.txt ├── ref_rule119.txt ├── ref_rule12.txt ├── ref_rule120.txt ├── ref_rule121.txt ├── ref_rule122.txt ├── ref_rule123.txt ├── ref_rule124.txt ├── ref_rule125.txt ├── ref_rule126.txt ├── ref_rule127.txt ├── ref_rule128.txt ├── ref_rule129.txt ├── ref_rule13.txt ├── ref_rule130.txt ├── ref_rule131.txt ├── ref_rule132.txt ├── ref_rule133.txt ├── ref_rule134.txt ├── ref_rule135.txt ├── ref_rule136.txt ├── ref_rule137.txt ├── ref_rule138.txt ├── ref_rule139.txt ├── ref_rule14.txt ├── ref_rule140.txt ├── ref_rule141.txt ├── ref_rule142.txt ├── ref_rule143.txt ├── ref_rule144.txt ├── ref_rule145.txt ├── ref_rule146.txt ├── ref_rule147.txt ├── ref_rule148.txt ├── ref_rule149.txt ├── ref_rule15.txt ├── ref_rule150.txt ├── ref_rule151.txt ├── ref_rule152.txt ├── ref_rule153.txt ├── ref_rule154.txt ├── ref_rule155.txt ├── ref_rule156.txt ├── ref_rule157.txt ├── ref_rule158.txt ├── ref_rule159.txt ├── ref_rule16.txt ├── ref_rule160.txt ├── ref_rule161.txt ├── ref_rule162.txt ├── ref_rule163.txt ├── ref_rule164.txt ├── ref_rule165.txt ├── ref_rule166.txt ├── ref_rule167.txt ├── ref_rule168.txt ├── ref_rule169.txt ├── ref_rule17.txt ├── ref_rule170.txt ├── ref_rule171.txt ├── ref_rule172.txt ├── ref_rule173.txt ├── ref_rule174.txt ├── ref_rule175.txt ├── ref_rule176.txt ├── ref_rule177.txt ├── ref_rule178.txt ├── ref_rule179.txt ├── ref_rule18.txt ├── ref_rule180.txt ├── ref_rule181.txt ├── ref_rule182.txt ├── ref_rule183.txt ├── ref_rule184.txt ├── ref_rule185.txt ├── ref_rule19.txt ├── ref_rule2.txt ├── ref_rule20.txt ├── ref_rule21.txt ├── ref_rule22.txt ├── ref_rule23.txt ├── ref_rule24.txt ├── ref_rule25.txt ├── ref_rule26.txt ├── ref_rule27.txt ├── ref_rule28.txt ├── ref_rule29.txt ├── ref_rule3.txt ├── ref_rule30.txt ├── ref_rule31.txt ├── ref_rule32.txt ├── ref_rule33.txt ├── ref_rule34.txt ├── ref_rule35.txt ├── ref_rule36.txt ├── ref_rule37.txt ├── ref_rule38.txt ├── ref_rule39.txt ├── ref_rule4.txt ├── ref_rule40.txt ├── ref_rule41.txt ├── ref_rule42.txt ├── ref_rule43.txt ├── ref_rule44.txt ├── ref_rule45.txt ├── ref_rule46.txt ├── ref_rule47.txt ├── ref_rule48.txt ├── ref_rule49.txt ├── ref_rule5.txt ├── ref_rule50.txt ├── ref_rule51.txt ├── ref_rule52.txt ├── ref_rule53.txt ├── ref_rule54.txt ├── ref_rule55.txt ├── ref_rule56.txt ├── ref_rule57.txt ├── ref_rule58.txt ├── ref_rule59.txt ├── ref_rule6.txt ├── ref_rule60.txt ├── ref_rule61.txt ├── ref_rule62.txt ├── ref_rule63.txt ├── ref_rule64.txt ├── ref_rule65.txt ├── ref_rule66.txt ├── ref_rule67.txt ├── ref_rule68.txt ├── ref_rule69.txt ├── ref_rule7.txt ├── ref_rule70.txt ├── ref_rule71.txt ├── ref_rule72.txt ├── ref_rule73.txt ├── ref_rule74.txt ├── ref_rule75.txt ├── ref_rule76.txt ├── ref_rule77.txt ├── ref_rule78.txt ├── ref_rule79.txt ├── ref_rule8.txt ├── ref_rule80.txt ├── ref_rule81.txt ├── ref_rule82.txt ├── ref_rule83.txt ├── ref_rule84.txt ├── ref_rule85.txt ├── ref_rule86.txt ├── ref_rule87.txt ├── ref_rule88.txt ├── ref_rule89.txt ├── ref_rule9.txt ├── ref_rule90.txt ├── ref_rule91.txt ├── ref_rule92.txt ├── ref_rule93.txt ├── ref_rule94.txt ├── ref_rule95.txt ├── ref_rule96.txt ├── ref_rule97.txt ├── ref_rule98.txt ├── ref_rule99.txt ├── test.py ├── test_rule1.txt ├── test_rule10.txt ├── test_rule100.txt ├── test_rule101.txt ├── test_rule102.txt ├── test_rule103.txt ├── test_rule104.txt ├── test_rule105.txt ├── test_rule106.txt ├── test_rule107.txt ├── test_rule108.txt ├── test_rule109.txt ├── test_rule11.txt ├── test_rule110.txt ├── test_rule111.txt ├── test_rule112.txt ├── test_rule113.txt ├── test_rule114.txt ├── test_rule115.txt ├── test_rule116.txt ├── test_rule117.txt ├── test_rule118.txt ├── test_rule119.txt ├── test_rule12.txt ├── test_rule120.txt ├── test_rule121.txt ├── test_rule122.txt ├── test_rule123.txt ├── test_rule124.txt ├── test_rule125.txt ├── test_rule126.txt ├── test_rule127.txt ├── test_rule128.txt ├── test_rule129.txt ├── test_rule13.txt ├── test_rule130.txt ├── test_rule131.txt ├── test_rule132.txt ├── test_rule133.txt ├── test_rule134.txt ├── test_rule135.txt ├── test_rule136.txt ├── test_rule137.txt ├── test_rule138.txt ├── test_rule139.txt ├── test_rule14.txt ├── test_rule140.txt ├── test_rule141.txt ├── test_rule142.txt ├── test_rule143.txt ├── test_rule144.txt ├── test_rule145.txt ├── test_rule146.txt ├── test_rule147.txt ├── test_rule148.txt ├── test_rule149.txt ├── test_rule15.txt ├── test_rule150.txt ├── test_rule151.txt ├── test_rule152.txt ├── test_rule153.txt ├── test_rule154.txt ├── test_rule155.txt ├── test_rule156.txt ├── test_rule157.txt ├── test_rule158.txt ├── test_rule159.txt ├── test_rule16.txt ├── test_rule160.txt ├── test_rule161.txt ├── test_rule162.txt ├── test_rule163.txt ├── test_rule164.txt ├── test_rule165.txt ├── test_rule166.txt ├── test_rule167.txt ├── test_rule168.txt ├── test_rule169.txt ├── test_rule17.txt ├── test_rule170.txt ├── test_rule171.txt ├── test_rule172.txt ├── test_rule173.txt ├── test_rule174.txt ├── test_rule175.txt ├── test_rule176.txt ├── test_rule177.txt ├── test_rule178.txt ├── test_rule179.txt ├── test_rule18.txt ├── test_rule180.txt ├── test_rule181.txt ├── test_rule182.txt ├── test_rule183.txt ├── test_rule184.txt ├── test_rule185.txt ├── test_rule19.txt ├── test_rule2.txt ├── test_rule20.txt ├── test_rule21.txt ├── test_rule22.txt ├── test_rule23.txt ├── test_rule24.txt ├── test_rule25.txt ├── test_rule26.txt ├── test_rule27.txt ├── test_rule28.txt ├── test_rule29.txt ├── test_rule3.txt ├── test_rule30.txt ├── test_rule31.txt ├── test_rule32.txt ├── test_rule33.txt ├── test_rule34.txt ├── test_rule35.txt ├── test_rule36.txt ├── test_rule37.txt ├── test_rule38.txt ├── test_rule39.txt ├── test_rule4.txt ├── test_rule40.txt ├── test_rule41.txt ├── test_rule42.txt ├── test_rule43.txt ├── test_rule44.txt ├── test_rule45.txt ├── test_rule46.txt ├── test_rule47.txt ├── test_rule48.txt ├── test_rule49.txt ├── test_rule5.txt ├── test_rule50.txt ├── test_rule51.txt ├── test_rule52.txt ├── test_rule53.txt ├── test_rule54.txt ├── test_rule55.txt ├── test_rule56.txt ├── test_rule57.txt ├── test_rule58.txt ├── test_rule59.txt ├── test_rule6.txt ├── test_rule60.txt ├── test_rule61.txt ├── test_rule62.txt ├── test_rule63.txt ├── test_rule64.txt ├── test_rule65.txt ├── test_rule66.txt ├── test_rule67.txt ├── test_rule68.txt ├── test_rule69.txt ├── test_rule7.txt ├── test_rule70.txt ├── test_rule71.txt ├── test_rule72.txt ├── test_rule73.txt ├── test_rule74.txt ├── test_rule75.txt ├── test_rule76.txt ├── test_rule77.txt ├── test_rule78.txt ├── test_rule79.txt ├── test_rule8.txt ├── test_rule80.txt ├── test_rule81.txt ├── test_rule82.txt ├── test_rule83.txt ├── test_rule84.txt ├── test_rule85.txt ├── test_rule86.txt ├── test_rule87.txt ├── test_rule88.txt ├── test_rule89.txt ├── test_rule9.txt ├── test_rule90.txt ├── test_rule91.txt ├── test_rule92.txt ├── test_rule93.txt ├── test_rule94.txt ├── test_rule95.txt ├── test_rule96.txt ├── test_rule97.txt ├── test_rule98.txt └── test_rule99.txt ├── internal_detection ├── __init__.py ├── ref_correlate1.txt ├── ref_correlate10.txt ├── ref_correlate101.txt ├── ref_correlate102.txt ├── ref_correlate103.txt ├── ref_correlate104.txt ├── ref_correlate105.txt ├── ref_correlate106.txt ├── ref_correlate107.txt ├── ref_correlate108.txt ├── ref_correlate109.txt ├── ref_correlate11.txt ├── ref_correlate110.txt ├── ref_correlate111.txt ├── ref_correlate112.txt ├── ref_correlate113.txt ├── ref_correlate114.txt ├── ref_correlate115.txt ├── ref_correlate116.txt ├── ref_correlate117.txt ├── ref_correlate118.txt ├── ref_correlate119.txt ├── ref_correlate12.txt ├── ref_correlate120.txt ├── ref_correlate13.txt ├── ref_correlate14.txt ├── ref_correlate15.txt ├── ref_correlate16.txt ├── ref_correlate17.txt ├── ref_correlate18.txt ├── ref_correlate19.txt ├── ref_correlate2.txt ├── ref_correlate20.txt ├── ref_correlate3.txt ├── ref_correlate301.txt ├── ref_correlate302.txt ├── ref_correlate303.txt ├── ref_correlate4.txt ├── ref_correlate5.txt ├── ref_correlate6.txt ├── ref_correlate7.txt ├── ref_correlate8.txt ├── ref_correlate9.txt ├── ref_redudant1.txt ├── ref_redudant10.txt ├── ref_redudant101.txt ├── ref_redudant102.txt ├── ref_redudant103.txt ├── ref_redudant104.txt ├── ref_redudant105.txt ├── ref_redudant106.txt ├── ref_redudant107.txt ├── ref_redudant108.txt ├── ref_redudant109.txt ├── ref_redudant11.txt ├── ref_redudant110.txt ├── ref_redudant111.txt ├── ref_redudant112.txt ├── ref_redudant113.txt ├── ref_redudant114.txt ├── ref_redudant115.txt ├── ref_redudant116.txt ├── ref_redudant117.txt ├── ref_redudant118.txt ├── ref_redudant119.txt ├── ref_redudant12.txt ├── ref_redudant120.txt ├── ref_redudant13.txt ├── ref_redudant14.txt ├── ref_redudant15.txt ├── ref_redudant16.txt ├── ref_redudant17.txt ├── ref_redudant18.txt ├── ref_redudant19.txt ├── ref_redudant2.txt ├── ref_redudant20.txt ├── ref_redudant3.txt ├── ref_redudant301.txt ├── ref_redudant302.txt ├── ref_redudant303.txt ├── ref_redudant4.txt ├── ref_redudant5.txt ├── ref_redudant6.txt ├── ref_redudant7.txt ├── ref_redudant8.txt ├── ref_redudant9.txt ├── ref_shadow1.txt ├── ref_shadow10.txt ├── ref_shadow101.txt ├── ref_shadow102.txt ├── ref_shadow103.txt ├── ref_shadow104.txt ├── ref_shadow105.txt ├── ref_shadow106.txt ├── ref_shadow107.txt ├── ref_shadow108.txt ├── ref_shadow109.txt ├── ref_shadow11.txt ├── ref_shadow110.txt ├── ref_shadow111.txt ├── ref_shadow112.txt ├── ref_shadow113.txt ├── ref_shadow114.txt ├── ref_shadow115.txt ├── ref_shadow116.txt ├── ref_shadow117.txt ├── ref_shadow118.txt ├── ref_shadow119.txt ├── ref_shadow12.txt ├── ref_shadow120.txt ├── ref_shadow13.txt ├── ref_shadow14.txt ├── ref_shadow15.txt ├── ref_shadow16.txt ├── ref_shadow17.txt ├── ref_shadow18.txt ├── ref_shadow19.txt ├── ref_shadow2.txt ├── ref_shadow20.txt ├── ref_shadow3.txt ├── ref_shadow301.txt ├── ref_shadow302.txt ├── ref_shadow303.txt ├── ref_shadow4.txt ├── ref_shadow5.txt ├── ref_shadow6.txt ├── ref_shadow7.txt ├── ref_shadow8.txt ├── ref_shadow9.txt ├── test.py ├── test_correlate1.txt ├── test_correlate10.txt ├── test_correlate101.txt ├── test_correlate102.txt ├── test_correlate103.txt ├── test_correlate104.txt ├── test_correlate105.txt ├── test_correlate106.txt ├── test_correlate107.txt ├── test_correlate108.txt ├── test_correlate109.txt ├── test_correlate11.txt ├── test_correlate110.txt ├── test_correlate111.txt ├── test_correlate112.txt ├── test_correlate113.txt ├── test_correlate114.txt ├── test_correlate115.txt ├── test_correlate116.txt ├── test_correlate117.txt ├── test_correlate118.txt ├── test_correlate119.txt ├── test_correlate12.txt ├── test_correlate120.txt ├── test_correlate13.txt ├── test_correlate14.txt ├── test_correlate15.txt ├── test_correlate16.txt ├── test_correlate17.txt ├── test_correlate18.txt ├── test_correlate19.txt ├── test_correlate2.txt ├── test_correlate20.txt ├── test_correlate3.txt ├── test_correlate301.txt ├── test_correlate302.txt ├── test_correlate303.txt ├── test_correlate4.txt ├── test_correlate5.txt ├── test_correlate6.txt ├── test_correlate7.txt ├── test_correlate8.txt ├── test_correlate9.txt ├── test_redudant1.txt ├── test_redudant10.txt ├── test_redudant101.txt ├── test_redudant102.txt ├── test_redudant103.txt ├── test_redudant104.txt ├── test_redudant105.txt ├── test_redudant106.txt ├── test_redudant107.txt ├── test_redudant108.txt ├── test_redudant109.txt ├── test_redudant11.txt ├── test_redudant110.txt ├── test_redudant111.txt ├── test_redudant112.txt ├── test_redudant113.txt ├── test_redudant114.txt ├── test_redudant115.txt ├── test_redudant116.txt ├── test_redudant117.txt ├── test_redudant118.txt ├── test_redudant119.txt ├── test_redudant12.txt ├── test_redudant120.txt ├── test_redudant13.txt ├── test_redudant14.txt ├── test_redudant15.txt ├── test_redudant16.txt ├── test_redudant17.txt ├── test_redudant18.txt ├── test_redudant19.txt ├── test_redudant2.txt ├── test_redudant20.txt ├── test_redudant3.txt ├── test_redudant301.txt ├── test_redudant303.txt ├── test_redudant4.txt ├── test_redudant5.txt ├── test_redudant6.txt ├── test_redudant7.txt ├── test_redudant8.txt ├── test_redudant9.txt ├── test_shadow1.txt ├── test_shadow10.txt ├── test_shadow101.txt ├── test_shadow102.txt ├── test_shadow103.txt ├── test_shadow104.txt ├── test_shadow105.txt ├── test_shadow106.txt ├── test_shadow107.txt ├── test_shadow108.txt ├── test_shadow109.txt ├── test_shadow11.txt ├── test_shadow110.txt ├── test_shadow111.txt ├── test_shadow112.txt ├── test_shadow113.txt ├── test_shadow114.txt ├── test_shadow115.txt ├── test_shadow116.txt ├── test_shadow117.txt ├── test_shadow118.txt ├── test_shadow119.txt ├── test_shadow12.txt ├── test_shadow120.txt ├── test_shadow13.txt ├── test_shadow14.txt ├── test_shadow15.txt ├── test_shadow16.txt ├── test_shadow17.txt ├── test_shadow18.txt ├── test_shadow19.txt ├── test_shadow2.txt ├── test_shadow20.txt ├── test_shadow3.txt ├── test_shadow301.txt ├── test_shadow302.txt ├── test_shadow303.txt ├── test_shadow4.txt ├── test_shadow5.txt ├── test_shadow6.txt ├── test_shadow7.txt ├── test_shadow8.txt └── test_shadow9.txt ├── iptables_parse ├── __init__.py ├── ref_rule1.txt ├── ref_rule10.txt ├── ref_rule11.txt ├── ref_rule12.txt ├── ref_rule13.txt ├── ref_rule14.txt ├── ref_rule15.txt ├── ref_rule16.txt ├── ref_rule17.txt ├── ref_rule18.txt ├── ref_rule19.txt ├── ref_rule2.txt ├── ref_rule20.txt ├── ref_rule21.txt ├── ref_rule22.txt ├── ref_rule23.txt ├── ref_rule24.txt ├── ref_rule25.txt ├── ref_rule26.txt ├── ref_rule27.txt ├── ref_rule3.txt ├── ref_rule4.txt ├── ref_rule5.txt ├── ref_rule6.txt ├── ref_rule7.txt ├── ref_rule8.txt ├── ref_rule9.txt ├── test.py ├── test_rule1.txt ├── test_rule10.txt ├── test_rule11.txt ├── test_rule12.txt ├── test_rule13.txt ├── test_rule14.txt ├── test_rule15.txt ├── test_rule16.txt ├── test_rule17.txt ├── test_rule18.txt ├── test_rule19.txt ├── test_rule2.txt ├── test_rule20.txt ├── test_rule21.txt ├── test_rule22.txt ├── test_rule23.txt ├── test_rule24.txt ├── test_rule25.txt ├── test_rule26.txt ├── test_rule27.txt ├── test_rule3.txt ├── test_rule4.txt ├── test_rule5.txt ├── test_rule6.txt ├── test_rule7.txt ├── test_rule8.txt └── test_rule9.txt ├── juniper_parse ├── __init__.py ├── ref_rule1.txt ├── ref_rule10.txt ├── ref_rule100.txt ├── ref_rule101.txt ├── ref_rule102.txt ├── ref_rule103.txt ├── ref_rule104.txt ├── ref_rule105.txt ├── ref_rule106.txt ├── ref_rule107.txt ├── ref_rule108.txt ├── ref_rule109.txt ├── ref_rule11.txt ├── ref_rule110.txt ├── ref_rule111.txt ├── ref_rule112.txt ├── ref_rule113.txt ├── ref_rule114.txt ├── ref_rule115.txt ├── ref_rule116.txt ├── ref_rule117.txt ├── ref_rule118.txt ├── ref_rule119.txt ├── ref_rule12.txt ├── ref_rule120.txt ├── ref_rule121.txt ├── ref_rule122.txt ├── ref_rule123.txt ├── ref_rule124.txt ├── ref_rule125.txt ├── ref_rule126.txt ├── ref_rule127.txt ├── ref_rule128.txt ├── ref_rule129.txt ├── ref_rule13.txt ├── ref_rule14.txt ├── ref_rule15.txt ├── ref_rule16.txt ├── ref_rule17.txt ├── ref_rule18.txt ├── ref_rule19.txt ├── ref_rule2.txt ├── ref_rule20.txt ├── ref_rule21.txt ├── ref_rule22.txt ├── ref_rule23.txt ├── ref_rule24.txt ├── ref_rule25.txt ├── ref_rule26.txt ├── ref_rule27.txt ├── ref_rule28.txt ├── ref_rule29.txt ├── ref_rule3.txt ├── ref_rule30.txt ├── ref_rule31.txt ├── ref_rule32.txt ├── ref_rule33.txt ├── ref_rule34.txt ├── ref_rule35.txt ├── ref_rule36.txt ├── ref_rule37.txt ├── ref_rule38.txt ├── ref_rule39.txt ├── ref_rule4.txt ├── ref_rule40.txt ├── ref_rule41.txt ├── ref_rule42.txt ├── ref_rule43.txt ├── ref_rule44.txt ├── ref_rule45.txt ├── ref_rule46.txt ├── ref_rule47.txt ├── ref_rule48.txt ├── ref_rule49.txt ├── ref_rule5.txt ├── ref_rule50.txt ├── ref_rule51.txt ├── ref_rule52.txt ├── ref_rule53.txt ├── ref_rule54.txt ├── ref_rule55.txt ├── ref_rule56.txt ├── ref_rule57.txt ├── ref_rule58.txt ├── ref_rule59.txt ├── ref_rule6.txt ├── ref_rule60.txt ├── ref_rule61.txt ├── ref_rule62.txt ├── ref_rule63.txt ├── ref_rule64.txt ├── ref_rule65.txt ├── ref_rule66.txt ├── ref_rule67.txt ├── ref_rule68.txt ├── ref_rule69.txt ├── ref_rule7.txt ├── ref_rule70.txt ├── ref_rule71.txt ├── ref_rule72.txt ├── ref_rule73.txt ├── ref_rule74.txt ├── ref_rule75.txt ├── ref_rule76.txt ├── ref_rule77.txt ├── ref_rule78.txt ├── ref_rule79.txt ├── ref_rule8.txt ├── ref_rule80.txt ├── ref_rule81.txt ├── ref_rule82.txt ├── ref_rule83.txt ├── ref_rule84.txt ├── ref_rule85.txt ├── ref_rule86.txt ├── ref_rule87.txt ├── ref_rule88.txt ├── ref_rule89.txt ├── ref_rule9.txt ├── ref_rule90.txt ├── ref_rule91.txt ├── ref_rule92.txt ├── ref_rule93.txt ├── ref_rule94.txt ├── ref_rule95.txt ├── ref_rule96.txt ├── ref_rule97.txt ├── ref_rule98.txt ├── ref_rule99.txt ├── test.py ├── test_rule1.txt ├── test_rule10.txt ├── test_rule100.txt ├── test_rule101.txt ├── test_rule102.txt ├── test_rule103.txt ├── test_rule104.txt ├── test_rule105.txt ├── test_rule106.txt ├── test_rule107.txt ├── test_rule108.txt ├── test_rule109.txt ├── test_rule11.txt ├── test_rule110.txt ├── test_rule111.txt ├── test_rule112.txt ├── test_rule113.txt ├── test_rule114.txt ├── test_rule115.txt ├── test_rule116.txt ├── test_rule117.txt ├── test_rule118.txt ├── test_rule119.txt ├── test_rule12.txt ├── test_rule120.txt ├── test_rule121.txt ├── test_rule122.txt ├── test_rule123.txt ├── test_rule124.txt ├── test_rule125.txt ├── test_rule126.txt ├── test_rule127.txt ├── test_rule128.txt ├── test_rule129.txt ├── test_rule13.txt ├── test_rule14.txt ├── test_rule15.txt ├── test_rule16.txt ├── test_rule17.txt ├── test_rule18.txt ├── test_rule19.txt ├── test_rule2.txt ├── test_rule20.txt ├── test_rule21.txt ├── test_rule22.txt ├── test_rule23.txt ├── test_rule24.txt ├── test_rule25.txt ├── test_rule26.txt ├── test_rule27.txt ├── test_rule28.txt ├── test_rule29.txt ├── test_rule3.txt ├── test_rule30.txt ├── test_rule31.txt ├── test_rule32.txt ├── test_rule33.txt ├── test_rule34.txt ├── test_rule35.txt ├── test_rule36.txt ├── test_rule37.txt ├── test_rule38.txt ├── test_rule39.txt ├── test_rule4.txt ├── test_rule40.txt ├── test_rule41.txt ├── test_rule42.txt ├── test_rule43.txt ├── test_rule44.txt ├── test_rule45.txt ├── test_rule46.txt ├── test_rule47.txt ├── test_rule48.txt ├── test_rule49.txt ├── test_rule5.txt ├── test_rule50.txt ├── test_rule51.txt ├── test_rule52.txt ├── test_rule53.txt ├── test_rule54.txt ├── test_rule55.txt ├── test_rule56.txt ├── test_rule57.txt ├── test_rule58.txt ├── test_rule59.txt ├── test_rule6.txt ├── test_rule60.txt ├── test_rule61.txt ├── test_rule62.txt ├── test_rule63.txt ├── test_rule64.txt ├── test_rule65.txt ├── test_rule66.txt ├── test_rule67.txt ├── test_rule68.txt ├── test_rule69.txt ├── test_rule7.txt ├── test_rule70.txt ├── test_rule71.txt ├── test_rule72.txt ├── test_rule73.txt ├── test_rule74.txt ├── test_rule75.txt ├── test_rule76.txt ├── test_rule77.txt ├── test_rule78.txt ├── test_rule79.txt ├── test_rule8.txt ├── test_rule80.txt ├── test_rule81.txt ├── test_rule82.txt ├── test_rule83.txt ├── test_rule84.txt ├── test_rule85.txt ├── test_rule86.txt ├── test_rule87.txt ├── test_rule88.txt ├── test_rule89.txt ├── test_rule9.txt ├── test_rule90.txt ├── test_rule91.txt ├── test_rule92.txt ├── test_rule93.txt ├── test_rule94.txt ├── test_rule95.txt ├── test_rule96.txt ├── test_rule97.txt ├── test_rule98.txt └── test_rule99.txt ├── parser.out ├── parsetab.py └── test.py /.gitignore: -------------------------------------------------------------------------------- 1 | *.pyc 2 | output/* 3 | 4 | -------------------------------------------------------------------------------- /AnomalyDetection/__init__.py: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /CHANGELOG.md: -------------------------------------------------------------------------------- 1 | # CHANGELOG 2 | 3 | v0.6: 4 | 5 | - Add Iptables 6 | - Implement VDOM for Fortigate 7 | - Add generation of anonymous configuration file 8 | -------------------------------------------------------------------------------- /Gtk/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/conix-security/audit-springbok/8d5cf7256f4bd7a04e78712c8ff33a37ee217027/Gtk/__init__.py -------------------------------------------------------------------------------- /NetworkGraph/__init__.py: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /Parser/CheckPoint/CheckPointPort.py: -------------------------------------------------------------------------------- 1 | __author__ = 'maurice' 2 | -------------------------------------------------------------------------------- /Parser/CheckPoint/__init__.py: -------------------------------------------------------------------------------- 1 | __author__ = 'maurice' 2 | 3 | __all__ = ['CheckPointLex', 'CheckPointYacc'] 4 | -------------------------------------------------------------------------------- /Parser/CheckPoint/objTest: -------------------------------------------------------------------------------- 1 | : (mailomg1 2 | :ipaddr (192.168.20.8) 3 | :type (host) 4 | -------------------------------------------------------------------------------- /Parser/CheckPoint/ply/__init__.py: -------------------------------------------------------------------------------- 1 | # PLY package 2 | # Author: David Beazley (dave@dabeaz.com) 3 | 4 | __all__ = ['lex','yacc'] 5 | -------------------------------------------------------------------------------- /Parser/CheckPoint/ply/__init__.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/conix-security/audit-springbok/8d5cf7256f4bd7a04e78712c8ff33a37ee217027/Parser/CheckPoint/ply/__init__.pyc -------------------------------------------------------------------------------- /Parser/CheckPoint/ply/lex.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/conix-security/audit-springbok/8d5cf7256f4bd7a04e78712c8ff33a37ee217027/Parser/CheckPoint/ply/lex.pyc -------------------------------------------------------------------------------- /Parser/CheckPoint/ply/yacc.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/conix-security/audit-springbok/8d5cf7256f4bd7a04e78712c8ff33a37ee217027/Parser/CheckPoint/ply/yacc.pyc -------------------------------------------------------------------------------- /Parser/CheckPoint_R_77/CheckPointPort.py: -------------------------------------------------------------------------------- 1 | __author__ = 'maurice' 2 | -------------------------------------------------------------------------------- /Parser/CheckPoint_R_77/__init__.py: -------------------------------------------------------------------------------- 1 | __author__ = 'maurice' 2 | 3 | __all__ = ['CheckPointLex', 'CheckPointYacc'] 4 | -------------------------------------------------------------------------------- /Parser/CheckPoint_R_77/objTest: -------------------------------------------------------------------------------- 1 | : (mailomg1 2 | :ipaddr (192.168.20.8) 3 | :type (host) 4 | -------------------------------------------------------------------------------- /Parser/CheckPoint_R_77/ply/__init__.py: -------------------------------------------------------------------------------- 1 | # PLY package 2 | # Author: David Beazley (dave@dabeaz.com) 3 | 4 | __all__ = ['lex','yacc'] 5 | -------------------------------------------------------------------------------- /Parser/CiscoAsa/__init__.py: -------------------------------------------------------------------------------- 1 | __all__ = ['CiscoAsaLex', 'CiscoAsaYacc'] -------------------------------------------------------------------------------- /Parser/FortiGate.o/FortiGateLex.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/conix-security/audit-springbok/8d5cf7256f4bd7a04e78712c8ff33a37ee217027/Parser/FortiGate.o/FortiGateLex.pyc -------------------------------------------------------------------------------- /Parser/FortiGate.o/FortiGateYacc.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/conix-security/audit-springbok/8d5cf7256f4bd7a04e78712c8ff33a37ee217027/Parser/FortiGate.o/FortiGateYacc.pyc -------------------------------------------------------------------------------- /Parser/FortiGate.o/__init__.py: -------------------------------------------------------------------------------- 1 | __all__ = ['FortiGateLex', 'FortiGateYacc'] -------------------------------------------------------------------------------- /Parser/FortiGate.o/__init__.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/conix-security/audit-springbok/8d5cf7256f4bd7a04e78712c8ff33a37ee217027/Parser/FortiGate.o/__init__.pyc -------------------------------------------------------------------------------- /Parser/FortiGate/__init__.py: -------------------------------------------------------------------------------- 1 | __all__ = ['FortiGateLex', 'FortiGateYacc'] -------------------------------------------------------------------------------- /Parser/IpTables/__init__.py: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /Parser/JuniperNetscreen/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/conix-security/audit-springbok/8d5cf7256f4bd7a04e78712c8ff33a37ee217027/Parser/JuniperNetscreen/__init__.py -------------------------------------------------------------------------------- /Parser/Juniper_JunOS_11/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/conix-security/audit-springbok/8d5cf7256f4bd7a04e78712c8ff33a37ee217027/Parser/Juniper_JunOS_11/__init__.py -------------------------------------------------------------------------------- /Parser/MatrixFlowParser/__init__.py: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /Parser/QueryPathParser/__init__.py: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /Parser/Routing/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/conix-security/audit-springbok/8d5cf7256f4bd7a04e78712c8ff33a37ee217027/Parser/Routing/__init__.py -------------------------------------------------------------------------------- /Parser/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/conix-security/audit-springbok/8d5cf7256f4bd7a04e78712c8ff33a37ee217027/Parser/__init__.py -------------------------------------------------------------------------------- /Parser/ply/__init__.py: -------------------------------------------------------------------------------- 1 | # PLY package 2 | # Author: David Beazley (dave@dabeaz.com) 3 | 4 | __all__ = ['lex','yacc'] 5 | -------------------------------------------------------------------------------- /ROBDD/__init__.py: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /ROBDD/operators.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | # -*- coding: utf-8 -*- 3 | 4 | class Bdd(object): 5 | AND = 0 6 | OR = 1 7 | IMPL = 2 8 | BIIMPL = 3 -------------------------------------------------------------------------------- /SpringBase/__init__.py: -------------------------------------------------------------------------------- 1 | __all__ = ['Firewall','Interface', 'Ip', 'Operator', 'Port', 'Protocol', 'Rule', 'Action'] -------------------------------------------------------------------------------- /Tools/__init__.py: -------------------------------------------------------------------------------- 1 | __all__ = ['ExcelToolKit', 'ReduceRule'] 2 | -------------------------------------------------------------------------------- /__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/conix-security/audit-springbok/8d5cf7256f4bd7a04e78712c8ff33a37ee217027/__init__.py -------------------------------------------------------------------------------- /documentation/HowTo_add_equipements.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/conix-security/audit-springbok/8d5cf7256f4bd7a04e78712c8ff33a37ee217027/documentation/HowTo_add_equipements.pdf -------------------------------------------------------------------------------- /input/template_matrix_table.xlsx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/conix-security/audit-springbok/8d5cf7256f4bd7a04e78712c8ff33a37ee217027/input/template_matrix_table.xlsx -------------------------------------------------------------------------------- /input/template_rule_to_excel.xlsx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/conix-security/audit-springbok/8d5cf7256f4bd7a04e78712c8ff33a37ee217027/input/template_rule_to_excel.xlsx -------------------------------------------------------------------------------- /ressources/firewall.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/conix-security/audit-springbok/8d5cf7256f4bd7a04e78712c8ff33a37ee217027/ressources/firewall.png -------------------------------------------------------------------------------- /ressources/firewallred.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/conix-security/audit-springbok/8d5cf7256f4bd7a04e78712c8ff33a37ee217027/ressources/firewallred.png -------------------------------------------------------------------------------- /ressources/gateway.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/conix-security/audit-springbok/8d5cf7256f4bd7a04e78712c8ff33a37ee217027/ressources/gateway.png -------------------------------------------------------------------------------- /ressources/gatewayblue.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/conix-security/audit-springbok/8d5cf7256f4bd7a04e78712c8ff33a37ee217027/ressources/gatewayblue.png -------------------------------------------------------------------------------- /ressources/gatewaycyan.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/conix-security/audit-springbok/8d5cf7256f4bd7a04e78712c8ff33a37ee217027/ressources/gatewaycyan.png -------------------------------------------------------------------------------- /ressources/gatewaygreen.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/conix-security/audit-springbok/8d5cf7256f4bd7a04e78712c8ff33a37ee217027/ressources/gatewaygreen.png -------------------------------------------------------------------------------- /ressources/gatewayorange.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/conix-security/audit-springbok/8d5cf7256f4bd7a04e78712c8ff33a37ee217027/ressources/gatewayorange.png -------------------------------------------------------------------------------- /ressources/gatewayred.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/conix-security/audit-springbok/8d5cf7256f4bd7a04e78712c8ff33a37ee217027/ressources/gatewayred.png -------------------------------------------------------------------------------- /ressources/icon.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/conix-security/audit-springbok/8d5cf7256f4bd7a04e78712c8ff33a37ee217027/ressources/icon.png -------------------------------------------------------------------------------- /ressources/network.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/conix-security/audit-springbok/8d5cf7256f4bd7a04e78712c8ff33a37ee217027/ressources/network.png -------------------------------------------------------------------------------- /ressources/networkblue.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/conix-security/audit-springbok/8d5cf7256f4bd7a04e78712c8ff33a37ee217027/ressources/networkblue.png -------------------------------------------------------------------------------- /ressources/networkcyan.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/conix-security/audit-springbok/8d5cf7256f4bd7a04e78712c8ff33a37ee217027/ressources/networkcyan.png -------------------------------------------------------------------------------- /ressources/networkgreen.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/conix-security/audit-springbok/8d5cf7256f4bd7a04e78712c8ff33a37ee217027/ressources/networkgreen.png -------------------------------------------------------------------------------- /ressources/networkorange.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/conix-security/audit-springbok/8d5cf7256f4bd7a04e78712c8ff33a37ee217027/ressources/networkorange.png -------------------------------------------------------------------------------- /ressources/networkred.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/conix-security/audit-springbok/8d5cf7256f4bd7a04e78712c8ff33a37ee217027/ressources/networkred.png -------------------------------------------------------------------------------- /ressources/pointA.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/conix-security/audit-springbok/8d5cf7256f4bd7a04e78712c8ff33a37ee217027/ressources/pointA.png -------------------------------------------------------------------------------- /ressources/pointB.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/conix-security/audit-springbok/8d5cf7256f4bd7a04e78712c8ff33a37ee217027/ressources/pointB.png -------------------------------------------------------------------------------- /springbok.py: -------------------------------------------------------------------------------- 1 | #! /usr/bin/env python 2 | # -*- coding: utf-8 -*- 3 | 4 | """ Entry point of the program. Call Gtk_Main() for initializing the interface 5 | """ 6 | 7 | from Gtk import Gtk_Main 8 | 9 | if __name__ == '__main__': 10 | Gtk_Main.Gtk_Main() -------------------------------------------------------------------------------- /test/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/conix-security/audit-springbok/8d5cf7256f4bd7a04e78712c8ff33a37ee217027/test/__init__.py -------------------------------------------------------------------------------- /test/checkpoint_parse/__init__.py: -------------------------------------------------------------------------------- 1 | __author__ = 'maurice' 2 | -------------------------------------------------------------------------------- /test/checkpoint_parse/testLex.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/conix-security/audit-springbok/8d5cf7256f4bd7a04e78712c8ff33a37ee217027/test/checkpoint_parse/testLex.pyc -------------------------------------------------------------------------------- /test/cisco_parse/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/conix-security/audit-springbok/8d5cf7256f4bd7a04e78712c8ff33a37ee217027/test/cisco_parse/__init__.py -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule1.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule10.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule11.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule12.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule13.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule14.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule15.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule16.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule17.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule18.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[\] ip_source: \[.*1\.1\.1\.1.*\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule19.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[\] ip_source: \[.*1\.1\.1\.1.*/.*8.*\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule2.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: ASDSADW35a4d35841gf57sesg864we41f1w protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule20.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule21.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule22.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[\] ip_source: \[.*192\.168\.0\.0.*/.*24.*\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule23.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[\] ip_source: \[.*1\.1\.1\.1,1\.1\.1\.2 / 8,1\.1\.1\.3-1\.1\.1\.4,127\.0\.0\.1,127\.0\.0\.1.*\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule24.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[\] ip_source: \[.*1\.1\.1\.1,1\.1\.1\.2 / 8,1\.1\.1\.3-1\.1\.1\.4,127\.0\.0\.1,127\.0\.0\.1,1\.1\.1\.10,1\.1\.1\.20 / 8.*\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule25.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule26.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule27.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule28.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[.*1\.1\.1\.1.*\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule29.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[.*1\.1\.1\.1.*/.*8.*\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule3.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule30.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule31.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule32.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[192\.168\.0\.0 / 24.*\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule33.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[.*1\.1\.1\.1,1\.1\.1\.2 / 8,1\.1\.1\.3-1\.1\.1\.4,127\.0\.0\.1,127\.0\.0\.1.*\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule34.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[.*1\.1\.1\.1,1\.1\.1\.2 / 8,1\.1\.1\.3-1\.1\.1\.4,127\.0\.0\.1,127\.0\.0\.1,1\.1\.1\.10,1\.1\.1\.20 / 8.*\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule35.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule36.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule37.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule38.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule39.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule4.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: permit 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule40.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule41.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule42.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule43.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[.*tcp.*\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule44.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[.*udp.*\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule45.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[.*tcp.*\] ip_source: \[\] port_source: \[.*<.*1200.*\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule46.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[.*tcp.*\] ip_source: \[\] port_source: \[.*>.*1200.*\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule47.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[.*tcp.*\] ip_source: \[\] port_source: \[.*1200.*\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule48.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[.*tcp.*\] ip_source: \[\] port_source: \[.*!=.*1200.*\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule49.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[.*tcp.*\] ip_source: \[\] port_source: \[.*1200.*-.*1300.*\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule5.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[.*icmp.*\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule50.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[.*tcp.*tcp.*tcp.*egp.*udp.*icmp.*\] ip_source: \[\] port_source: \[.*80.*20.*30.*91.*\] ip_dest: \[\] port_dest: \[.*92.*\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule51.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[.*icmp.*\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule52.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[.*icmp.*\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule53.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[.*icmp.*\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule54.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[.*icmp.*\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule55.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule56.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[.*1\.1\.1\.1.*\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule57.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[.*1\.1\.1\.1 / 8.*\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule6.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[.*icmp.*\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule7.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[.*tcp.*udp.*\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule8.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[.*egp.*tcp.*udp.*icmp.*icmp.*\] ip_source: \[\] port_source: \[.*80.*\] ip_dest: \[\] port_dest: \[.*23.*\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/ref_rule9.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[.*tcp.*egp.*udp.*icmp.*\] ip_source: \[\] port_source: \[.*91.*\] ip_dest: \[\] port_dest: \[.*80.*20.*30.*92.*\] action: deny 2 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule1.txt: -------------------------------------------------------------------------------- 1 | # test simple rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test extended deny ip any any 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule10.txt: -------------------------------------------------------------------------------- 1 | # test user argument object group rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test extended deny ip object-group-user user_obj_grp_id any any 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule11.txt: -------------------------------------------------------------------------------- 1 | # test user argument user rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test extended deny ip user domain_nicname\name any any 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule12.txt: -------------------------------------------------------------------------------- 1 | # test user argument user any rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test extended deny ip user any any any 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule13.txt: -------------------------------------------------------------------------------- 1 | # test user argument user none rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test extended deny ip user none any any 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule14.txt: -------------------------------------------------------------------------------- 1 | # test user argument user-group rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test extended deny ip user-group domain_nickname\\user_group_name any any 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule15.txt: -------------------------------------------------------------------------------- 1 | # test security group object rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test extended deny ip object-group-security security_obj_grp_id any any 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule16.txt: -------------------------------------------------------------------------------- 1 | # test security group group name rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test extended deny ip security-group name 10 any any 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule17.txt: -------------------------------------------------------------------------------- 1 | # test security group group tag rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test extended deny ip security-group tag test any any 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule18.txt: -------------------------------------------------------------------------------- 1 | # test src host ip rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test extended deny ip host 1.1.1.1 any 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule19.txt: -------------------------------------------------------------------------------- 1 | # test src ip mask rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test extended deny ip 1.1.1.1 255.0.0.0 any 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule2.txt: -------------------------------------------------------------------------------- 1 | # test rule name 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list ASDSADW35a4d35841gf57sesg864we41f1w extended deny ip any any 9 | 10 | access-group ASDSADW35a4d35841gf57sesg864we41f1w in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule20.txt: -------------------------------------------------------------------------------- 1 | # test src ip any4 rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test extended deny ip any4 any 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule21.txt: -------------------------------------------------------------------------------- 1 | # test src ip any6 rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test extended deny ip any6 any 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule22.txt: -------------------------------------------------------------------------------- 1 | # test src ip interface rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test extended deny ip interface any 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule25.txt: -------------------------------------------------------------------------------- 1 | # test security group object rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test extended deny ip any object-group-security security_obj_grp_id any 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule26.txt: -------------------------------------------------------------------------------- 1 | # test security group group name rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test extended deny ip any security-group name 10 any 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule27.txt: -------------------------------------------------------------------------------- 1 | # test security group group tag rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test extended deny ip any security-group tag test any 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule28.txt: -------------------------------------------------------------------------------- 1 | # test dst host ip rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test extended deny ip any host 1.1.1.1 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule29.txt: -------------------------------------------------------------------------------- 1 | # test dst ip mask rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test extended deny ip any 1.1.1.1 255.0.0.0 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule3.txt: -------------------------------------------------------------------------------- 1 | # test rule line number 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test line 888 extended deny ip any any 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule30.txt: -------------------------------------------------------------------------------- 1 | # test dst ip any4 rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test extended deny ip any any4 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule31.txt: -------------------------------------------------------------------------------- 1 | # test dst ip any6 rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test extended deny ip any any 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule32.txt: -------------------------------------------------------------------------------- 1 | # test dst ip interface rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test extended deny ip any interface 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule35.txt: -------------------------------------------------------------------------------- 1 | # test log rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test extended deny ip any any log 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule36.txt: -------------------------------------------------------------------------------- 1 | # test log level rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test extended deny ip any any log level 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule37.txt: -------------------------------------------------------------------------------- 1 | # test log interval rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test extended deny ip any any log interval 30 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule38.txt: -------------------------------------------------------------------------------- 1 | # test log level interval rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test extended deny ip any any log level interval 30 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule39.txt: -------------------------------------------------------------------------------- 1 | # test log disable rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test extended deny ip any any log disable 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule4.txt: -------------------------------------------------------------------------------- 1 | # test permit rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test extended permit ip any any 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule40.txt: -------------------------------------------------------------------------------- 1 | # test log default rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test extended deny ip any any log default 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule41.txt: -------------------------------------------------------------------------------- 1 | # test inactive rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test extended deny ip any any 9 | access-list test extended deny ip any any inactive 10 | 11 | access-group test in interface outside 12 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule42.txt: -------------------------------------------------------------------------------- 1 | # test time-range rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test extended deny ip any any time-range test 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule43.txt: -------------------------------------------------------------------------------- 1 | # test tcp rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test extended deny tcp any any 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule44.txt: -------------------------------------------------------------------------------- 1 | # test udp rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test extended deny udp any any 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule45.txt: -------------------------------------------------------------------------------- 1 | # test port lt rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test extended deny tcp any lt 1200 any 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule46.txt: -------------------------------------------------------------------------------- 1 | # test port gt rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test extended deny tcp any gt 1200 any 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule47.txt: -------------------------------------------------------------------------------- 1 | # test port eq rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test extended deny tcp any eq 1200 any 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule48.txt: -------------------------------------------------------------------------------- 1 | # test neq 1200 rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test extended deny tcp any neq 1200 any 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule49.txt: -------------------------------------------------------------------------------- 1 | # test port range rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test extended deny tcp any range 1200 1300 any 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule5.txt: -------------------------------------------------------------------------------- 1 | # test protocol name rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test extended deny icmp any any 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule51.txt: -------------------------------------------------------------------------------- 1 | # test icmp rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test extended deny icmp any any 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule52.txt: -------------------------------------------------------------------------------- 1 | # test icmp type rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test extended deny icmp any any echo 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule53.txt: -------------------------------------------------------------------------------- 1 | # test icmp code rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test extended deny icmp any any echo 13 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule55.txt: -------------------------------------------------------------------------------- 1 | # test simple rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test standard line 2 deny any4 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule56.txt: -------------------------------------------------------------------------------- 1 | # test simple rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test standard deny host 1.1.1.1 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule57.txt: -------------------------------------------------------------------------------- 1 | # test simple rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test standard deny 1.1.1.1 255.0.0.0 9 | 10 | access-group test in interface outside 11 | 12 | -------------------------------------------------------------------------------- /test/cisco_parse/test_rule6.txt: -------------------------------------------------------------------------------- 1 | # test protocol number rule 2 | 3 | interface GigabitEthernet0/0 4 | nameif outside 5 | ip address 192.168.0.0 255.255.255.0 6 | ! 7 | 8 | access-list test extended deny 1 any any 9 | 10 | access-group test in interface outside 11 | -------------------------------------------------------------------------------- /test/distributed_detection/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/conix-security/audit-springbok/8d5cf7256f4bd7a04e78712c8ff33a37ee217027/test/distributed_detection/__init__.py -------------------------------------------------------------------------------- /test/distributed_detection/__init__.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/conix-security/audit-springbok/8d5cf7256f4bd7a04e78712c8ff33a37ee217027/test/distributed_detection/__init__.pyc -------------------------------------------------------------------------------- /test/distributed_detection/ref_correlate1.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*overlap.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_correlate10.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*overlap.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_correlate101.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*overlap.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_correlate102.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*overlap.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_correlate103.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*overlap.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_correlate104.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*overlap.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_correlate105.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*overlap.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_correlate106.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*overlap.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_correlate107.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*overlap.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_correlate108.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*overlap.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_correlate109.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*overlap.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_correlate11.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*overlap.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_correlate110.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*overlap.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_correlate111.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*overlap.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_correlate112.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*overlap.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_correlate12.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*overlap.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_correlate2.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*overlap.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_correlate201.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*overlap.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_correlate202.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*overlap.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_correlate203.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*overlap.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_correlate204.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*overlap.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_correlate205.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*overlap.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_correlate206.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*overlap.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_correlate207.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*overlap.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_correlate208.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*overlap.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_correlate209.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*overlap.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_correlate210.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*overlap.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_correlate211.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*overlap.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_correlate3.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*overlap.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_correlate4.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*overlap.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_correlate5.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*overlap.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_correlate6.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*overlap.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_correlate7.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*overlap.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_correlate8.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*overlap.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_correlate9.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*overlap.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_raised1.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*raised.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_raised101.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*raised.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_raised102.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*raised.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_raised103.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*raised.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_raised104.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*raised.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_raised105.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*raised.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_raised2.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*raised.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_raised201.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*raised.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_raised202.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*raised.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_raised3.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*raised.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_raised4.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*raised.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_raised5.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*raised.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_redudant1.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*redundant.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_redudant101.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*redundant.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_redudant102.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*redundant.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_redudant103.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*redundant.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_redudant104.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*redundant.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_redudant105.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*redundant.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_redudant106.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*redundant.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_redudant107.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*redundant.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_redudant108.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*redundant.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_redudant109.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*redundant.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_redudant2.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*redundant.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_redudant3.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*redundant.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_redudant4.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*redundant.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_redudant5.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*redundant.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_redudant6.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*redundant.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_redudant7.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*redundant.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_redudant8.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*redundant.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_redudant9.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*redundant.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_shadow1.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_shadow101.txt: -------------------------------------------------------------------------------- 1 | .*WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_shadow102.txt: -------------------------------------------------------------------------------- 1 | .*WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_shadow103.txt: -------------------------------------------------------------------------------- 1 | .*WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_shadow104.txt: -------------------------------------------------------------------------------- 1 | .*WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_shadow105.txt: -------------------------------------------------------------------------------- 1 | .*WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_shadow106.txt: -------------------------------------------------------------------------------- 1 | .*WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_shadow107.txt: -------------------------------------------------------------------------------- 1 | .*WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_shadow108.txt: -------------------------------------------------------------------------------- 1 | .*WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_shadow109.txt: -------------------------------------------------------------------------------- 1 | .*WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_shadow2.txt: -------------------------------------------------------------------------------- 1 | .*WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_shadow201.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_shadow202.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_shadow203.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_shadow3.txt: -------------------------------------------------------------------------------- 1 | .*WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_shadow4.txt: -------------------------------------------------------------------------------- 1 | .*WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_shadow5.txt: -------------------------------------------------------------------------------- 1 | .*WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_shadow6.txt: -------------------------------------------------------------------------------- 1 | .*WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_shadow7.txt: -------------------------------------------------------------------------------- 1 | .*WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_shadow8.txt: -------------------------------------------------------------------------------- 1 | .*WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/ref_shadow9.txt: -------------------------------------------------------------------------------- 1 | .*WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/distributed_detection/test.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/conix-security/audit-springbok/8d5cf7256f4bd7a04e78712c8ff33a37ee217027/test/distributed_detection/test.pyc -------------------------------------------------------------------------------- /test/fortinet_parse/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/conix-security/audit-springbok/8d5cf7256f4bd7a04e78712c8ff33a37ee217027/test/fortinet_parse/__init__.py -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule1.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule10.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule100.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule101.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule102.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule103.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule104.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule105.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule106.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule107.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule108.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule109.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule11.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule110.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule111.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule112.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule113.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule114.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule115.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule116.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule117.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule118.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule119.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule12.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule120.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule121.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule122.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule123.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule124.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule125.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule126.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule127.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule128.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule129.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule13.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule130.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule131.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule132.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule133.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[.*192\.168\.0\.0.*-.*192\.168\.10\.0.*\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule134.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[.*127\.0\.0\.1.*\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule135.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[.*1\.1\.1\.1 / 8.*\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule136.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[.*1\.1\.1\.1 / 8.*\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule137.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule138.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule139.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[.*tcp.*\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[.*8.*-.*23.*\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule14.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule140.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[.*1\.1\.1\.1 / 8.*\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule141.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule142.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule143.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[.*2\.2\.2\.2 / 8.*1\.1\.1\.1 / 8.*\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule144.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule145.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule146.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule147.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule148.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[!.*1\.1\.1\.1 / 8.*\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule149.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | .*id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 3 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule15.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule150.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | .*id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 3 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule151.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[1\.1\.1\.1 / 8.*\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule152.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[!=.*1\.1\.1\.1 / 8.*\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule153.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[2\.2\.2\.2 / 8.*1\.1\.1\.1 / 8.*\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule154.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule155.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule156.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule157.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule158.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule159.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[127\.0\.0\.1.*\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule16.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule160.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule161.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule162.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[1\.1\.1\.1.*\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule163.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[1\.1\.1\.1.*2\.2\.2\.2.*\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule164.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[.*icmp.*\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule165.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule166.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule167.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[.*tcp.*udp.*132.*\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule168.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule169.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule17.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule170.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[.*21.*\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule171.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[.*80.*\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule172.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule173.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[.*egp.*\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule174.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[.*132.*\] ip_source: \[\] port_source: \[.*3.*-.*4.*\] ip_dest: \[\] port_dest: \[.*1.*-.*2.*\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule175.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule176.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule177.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule178.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[.*tcp.*\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[.*23.*\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule179.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[.*tcp.*\] ip_source: \[\] port_source: \[.*42.*-.*45.*\] ip_dest: \[\] port_dest: \[.*23.*-.*80.*\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule18.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule180.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule181.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule182.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule183.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[.*udp.*\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[.*23.*\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule184.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[.*udp.*\] ip_source: \[\] port_source: \[.*3.*-.*4.*\] ip_dest: \[\] port_dest: \[.*1.*-.*2.*\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule185.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule19.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule2.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule20.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule21.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule22.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule23.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule24.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule25.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule26.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule27.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule28.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule29.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule3.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: permit 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule30.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule31.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule32.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule33.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule34.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule35.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule36.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule37.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule38.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule39.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule4.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule40.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule41.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule42.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule43.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule44.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule45.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule46.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule47.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule48.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule49.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule5.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule50.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule51.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule52.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule53.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule54.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule55.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule56.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule57.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule58.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule59.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule6.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule60.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule61.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule62.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule63.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule64.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule65.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule66.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule67.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule68.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule69.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule7.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule70.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule71.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule72.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule73.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule74.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule75.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule76.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule77.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule78.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule79.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule8.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule80.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule81.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule82.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[.*udp.*\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule83.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule84.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule85.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule86.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule87.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule88.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule89.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule9.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule90.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule91.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule92.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule93.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule94.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule95.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule96.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule97.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule98.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/fortinet_parse/ref_rule99.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/internal_detection/__init__.py: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_correlate1.txt: -------------------------------------------------------------------------------- 1 | WARNING.*overlap.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_correlate10.txt: -------------------------------------------------------------------------------- 1 | NOTIFICATION.*overlap.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_correlate101.txt: -------------------------------------------------------------------------------- 1 | WARNING.*overlap.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_correlate102.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*generalized.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_correlate103.txt: -------------------------------------------------------------------------------- 1 | WARNING.*generalized.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_correlate104.txt: -------------------------------------------------------------------------------- 1 | WARNING.*overlap.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_correlate105.txt: -------------------------------------------------------------------------------- 1 | WARNING.*overlap.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_correlate106.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*generalized.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_correlate107.txt: -------------------------------------------------------------------------------- 1 | NOTIFICATION.*generalized.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_correlate108.txt: -------------------------------------------------------------------------------- 1 | NOTIFICATION.*generalized.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_correlate109.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*generalized.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_correlate11.txt: -------------------------------------------------------------------------------- 1 | WARNING.*overlap.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_correlate110.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*overlap.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_correlate111.txt: -------------------------------------------------------------------------------- 1 | WARNING.*overlap.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_correlate112.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*generalized.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_correlate113.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*generalized.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_correlate114.txt: -------------------------------------------------------------------------------- 1 | WARNING.*overlap.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_correlate115.txt: -------------------------------------------------------------------------------- 1 | WARNING.*overlap.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_correlate116.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*generalized.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_correlate117.txt: -------------------------------------------------------------------------------- 1 | NOTIFICATION.*generalized.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_correlate118.txt: -------------------------------------------------------------------------------- 1 | NOTIFICATION.*generalized.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_correlate119.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*generalized.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_correlate12.txt: -------------------------------------------------------------------------------- 1 | WARNING.*overlap.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_correlate120.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*overlap.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_correlate13.txt: -------------------------------------------------------------------------------- 1 | WARNING.*overlap.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_correlate14.txt: -------------------------------------------------------------------------------- 1 | WARNING.*overlap.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_correlate15.txt: -------------------------------------------------------------------------------- 1 | WARNING.*overlap.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_correlate16.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*generalized.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_correlate17.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*generalized.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_correlate18.txt: -------------------------------------------------------------------------------- 1 | NOTIFICATION.*generalized.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_correlate19.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*generalized.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_correlate2.txt: -------------------------------------------------------------------------------- 1 | WARNING.*overlap.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_correlate20.txt: -------------------------------------------------------------------------------- 1 | NOTIFICATION.*overlap.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_correlate3.txt: -------------------------------------------------------------------------------- 1 | WARNING.*overlap.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_correlate301.txt: -------------------------------------------------------------------------------- 1 | WARNING.*overlap.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_correlate302.txt: -------------------------------------------------------------------------------- 1 | WARNING.*overlap.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_correlate303.txt: -------------------------------------------------------------------------------- 1 | WARNING.*overlap.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_correlate4.txt: -------------------------------------------------------------------------------- 1 | WARNING.*overlap.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_correlate5.txt: -------------------------------------------------------------------------------- 1 | WARNING.*overlap.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_correlate6.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*generalized.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_correlate7.txt: -------------------------------------------------------------------------------- 1 | .*NOTIFICATION.*generalized.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_correlate8.txt: -------------------------------------------------------------------------------- 1 | NOTIFICATION.*generalized.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_correlate9.txt: -------------------------------------------------------------------------------- 1 | NOTIFICATION.*generalized.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_redudant1.txt: -------------------------------------------------------------------------------- 1 | WARNING.*redundant.* -------------------------------------------------------------------------------- /test/internal_detection/ref_redudant10.txt: -------------------------------------------------------------------------------- 1 | WARNING.*redundant.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_redudant101.txt: -------------------------------------------------------------------------------- 1 | WARNING.*redundant.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_redudant102.txt: -------------------------------------------------------------------------------- 1 | WARNING.*redundant.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_redudant103.txt: -------------------------------------------------------------------------------- 1 | WARNING.*redundant.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_redudant104.txt: -------------------------------------------------------------------------------- 1 | WARNING.*redundant.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_redudant105.txt: -------------------------------------------------------------------------------- 1 | WARNING.*redundant.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_redudant106.txt: -------------------------------------------------------------------------------- 1 | WARNING.*redundant.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_redudant107.txt: -------------------------------------------------------------------------------- 1 | WARNING.*redundant.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_redudant108.txt: -------------------------------------------------------------------------------- 1 | WARNING.*redundant.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_redudant109.txt: -------------------------------------------------------------------------------- 1 | WARNING.*redundant.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_redudant11.txt: -------------------------------------------------------------------------------- 1 | WARNING.*redundant.* -------------------------------------------------------------------------------- /test/internal_detection/ref_redudant110.txt: -------------------------------------------------------------------------------- 1 | WARNING.*redundant.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_redudant111.txt: -------------------------------------------------------------------------------- 1 | WARNING.*redundant.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_redudant112.txt: -------------------------------------------------------------------------------- 1 | WARNING.*redundant.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_redudant113.txt: -------------------------------------------------------------------------------- 1 | WARNING.*redundant.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_redudant114.txt: -------------------------------------------------------------------------------- 1 | WARNING.*redundant.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_redudant115.txt: -------------------------------------------------------------------------------- 1 | WARNING.*redundant.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_redudant116.txt: -------------------------------------------------------------------------------- 1 | WARNING.*redundant.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_redudant117.txt: -------------------------------------------------------------------------------- 1 | WARNING.*redundant.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_redudant118.txt: -------------------------------------------------------------------------------- 1 | WARNING.*redundant.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_redudant119.txt: -------------------------------------------------------------------------------- 1 | WARNING.*redundant.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_redudant12.txt: -------------------------------------------------------------------------------- 1 | WARNING.*redundant.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_redudant120.txt: -------------------------------------------------------------------------------- 1 | WARNING.*redundant.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_redudant13.txt: -------------------------------------------------------------------------------- 1 | WARNING.*redundant.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_redudant14.txt: -------------------------------------------------------------------------------- 1 | WARNING.*redundant.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_redudant15.txt: -------------------------------------------------------------------------------- 1 | WARNING.*redundant.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_redudant16.txt: -------------------------------------------------------------------------------- 1 | WARNING.*redundant.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_redudant17.txt: -------------------------------------------------------------------------------- 1 | WARNING.*redundant.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_redudant18.txt: -------------------------------------------------------------------------------- 1 | WARNING.*redundant.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_redudant19.txt: -------------------------------------------------------------------------------- 1 | WARNING.*redundant.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_redudant2.txt: -------------------------------------------------------------------------------- 1 | WARNING.*redundant.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_redudant20.txt: -------------------------------------------------------------------------------- 1 | WARNING.*redundant.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_redudant3.txt: -------------------------------------------------------------------------------- 1 | WARNING.*redundant.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_redudant301.txt: -------------------------------------------------------------------------------- 1 | WARNING.*redundant.* -------------------------------------------------------------------------------- /test/internal_detection/ref_redudant302.txt: -------------------------------------------------------------------------------- 1 | WARNING.*redundant.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_redudant303.txt: -------------------------------------------------------------------------------- 1 | WARNING.*redundant.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_redudant4.txt: -------------------------------------------------------------------------------- 1 | WARNING.*redundant.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_redudant5.txt: -------------------------------------------------------------------------------- 1 | WARNING.*redundant.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_redudant6.txt: -------------------------------------------------------------------------------- 1 | WARNING.*redundant.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_redudant7.txt: -------------------------------------------------------------------------------- 1 | WARNING.*redundant.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_redudant8.txt: -------------------------------------------------------------------------------- 1 | WARNING.*redundant.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_redudant9.txt: -------------------------------------------------------------------------------- 1 | WARNING.*redundant.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_shadow1.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadowed.* -------------------------------------------------------------------------------- /test/internal_detection/ref_shadow10.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_shadow101.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_shadow102.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_shadow103.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_shadow104.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_shadow105.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_shadow106.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_shadow107.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_shadow108.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_shadow109.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_shadow11.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_shadow110.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_shadow111.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadowed.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_shadow112.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadowed.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_shadow113.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadowed.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_shadow114.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadowed.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_shadow115.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadowed.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_shadow116.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadowed.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_shadow117.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadowed.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_shadow118.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadowed.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_shadow119.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadowed.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_shadow12.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadowed.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_shadow120.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadowed.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_shadow13.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_shadow14.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_shadow15.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_shadow16.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_shadow17.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_shadow18.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_shadow19.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_shadow2.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadowed.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_shadow20.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_shadow3.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_shadow301.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadowed.* -------------------------------------------------------------------------------- /test/internal_detection/ref_shadow302.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadowed.* -------------------------------------------------------------------------------- /test/internal_detection/ref_shadow303.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_shadow4.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_shadow5.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_shadow6.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_shadow7.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_shadow8.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/ref_shadow9.txt: -------------------------------------------------------------------------------- 1 | WARNING.*shadow.* 2 | -------------------------------------------------------------------------------- /test/internal_detection/test_redudant301.txt: -------------------------------------------------------------------------------- 1 | # test redudant rule 2 | 3 | eth0 Link encap:Ethernet HWaddr d4:be:d9:c6:15:71 4 | inet addr:192.168.0.0 Mask:255.255.255.0 5 | 6 | iptables -A INPUT -i eth0 -p TCP -s 192.168.42.42/32 -d 74.125.195.94/32 --dport 3700 -j ACCEPT 7 | iptables -A INPUT -i eth0 -j ACCEPT 8 | -------------------------------------------------------------------------------- /test/iptables_parse/__init__.py: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /test/iptables_parse/test_rule1.txt: -------------------------------------------------------------------------------- 1 | # test simple rule 2 | 3 | eth0 Link encap:Ethernet HWaddr d4:be:d9:c6:15:71 4 | inet addr:192.168.0.0 Mask:255.255.255.0 5 | 6 | iptables -A INPUT -j ACCEPT 7 | -------------------------------------------------------------------------------- /test/iptables_parse/test_rule12.txt: -------------------------------------------------------------------------------- 1 | # test simple rule 2 | 3 | eth0 Link encap:Ethernet HWaddr d4:be:d9:c6:15:71 4 | inet addr:192.168.0.0 Mask:255.255.255.0 5 | 6 | iptables -L INPUT 7 | iptables -L 8 | -------------------------------------------------------------------------------- /test/iptables_parse/test_rule13.txt: -------------------------------------------------------------------------------- 1 | # test simple rule 2 | 3 | eth0 Link encap:Ethernet HWaddr d4:be:d9:c6:15:71 4 | inet addr:192.168.0.0 Mask:255.255.255.0 5 | 6 | iptables -Z INPUT 7 | -------------------------------------------------------------------------------- /test/iptables_parse/test_rule14.txt: -------------------------------------------------------------------------------- 1 | # test simple rule 2 | 3 | eth0 Link encap:Ethernet HWaddr d4:be:d9:c6:15:71 4 | inet addr:192.168.0.0 Mask:255.255.255.0 5 | 6 | iptables -N chainA 7 | iptables -A INPUT -j chainA 8 | -------------------------------------------------------------------------------- /test/iptables_parse/test_rule15.txt: -------------------------------------------------------------------------------- 1 | # test simple rule 2 | 3 | eth0 Link encap:Ethernet HWaddr d4:be:d9:c6:15:71 4 | inet addr:192.168.0.0 Mask:255.255.255.0 5 | 6 | iptables -N chainA 7 | iptables -X chainA 8 | -------------------------------------------------------------------------------- /test/iptables_parse/test_rule16.txt: -------------------------------------------------------------------------------- 1 | # test simple rule 2 | 3 | eth0 Link encap:Ethernet HWaddr d4:be:d9:c6:15:71 4 | inet addr:192.168.0.0 Mask:255.255.255.0 5 | 6 | iptables -P INPUT DROP 7 | -------------------------------------------------------------------------------- /test/iptables_parse/test_rule17.txt: -------------------------------------------------------------------------------- 1 | # test simple rule 2 | 3 | eth0 Link encap:Ethernet HWaddr d4:be:d9:c6:15:71 4 | inet addr:192.168.0.0 Mask:255.255.255.0 5 | 6 | iptables -N chainA 7 | iptables -A INPUT -j chainA 8 | iptables -E chainA chainB 9 | -------------------------------------------------------------------------------- /test/iptables_parse/test_rule18.txt: -------------------------------------------------------------------------------- 1 | # test simple rule 2 | 3 | eth0 Link encap:Ethernet HWaddr d4:be:d9:c6:15:71 4 | inet addr:192.168.0.0 Mask:255.255.255.0 5 | 6 | iptables -A INPUT -j DROP 7 | iptables -h 8 | -------------------------------------------------------------------------------- /test/iptables_parse/test_rule19.txt: -------------------------------------------------------------------------------- 1 | # test simple rule 2 | 3 | eth0 Link encap:Ethernet HWaddr d4:be:d9:c6:15:71 4 | inet addr:192.168.0.0 Mask:255.255.255.0 5 | 6 | iptables -A INPUT -p tcp -j ACCEPT 7 | -------------------------------------------------------------------------------- /test/iptables_parse/test_rule2.txt: -------------------------------------------------------------------------------- 1 | # test table filter rule 2 | 3 | eth0 Link encap:Ethernet HWaddr d4:be:d9:c6:15:71 4 | inet addr:192.168.0.0 Mask:255.255.255.0 5 | 6 | iptables -t filter -A INPUT -j ACCEPT 7 | -------------------------------------------------------------------------------- /test/iptables_parse/test_rule20.txt: -------------------------------------------------------------------------------- 1 | # test simple rule 2 | 3 | eth0 Link encap:Ethernet HWaddr d4:be:d9:c6:15:71 4 | inet addr:192.168.0.0 Mask:255.255.255.0 5 | 6 | iptables -A INPUT -s 1.1.1.1 -j ACCEPT 7 | -------------------------------------------------------------------------------- /test/iptables_parse/test_rule21.txt: -------------------------------------------------------------------------------- 1 | # test simple rule 2 | 3 | eth0 Link encap:Ethernet HWaddr d4:be:d9:c6:15:71 4 | inet addr:192.168.0.0 Mask:255.255.255.0 5 | 6 | iptables -A INPUT -s 1.1.1.1/8 -j ACCEPT 7 | -------------------------------------------------------------------------------- /test/iptables_parse/test_rule22.txt: -------------------------------------------------------------------------------- 1 | # test simple rule 2 | 3 | eth0 Link encap:Ethernet HWaddr d4:be:d9:c6:15:71 4 | inet addr:192.168.0.0 Mask:255.255.255.0 5 | 6 | iptables -A INPUT -s 1.1.1.1/255.0.0.0 -j ACCEPT 7 | -------------------------------------------------------------------------------- /test/iptables_parse/test_rule23.txt: -------------------------------------------------------------------------------- 1 | # test simple rule 2 | 3 | eth0 Link encap:Ethernet HWaddr d4:be:d9:c6:15:71 4 | inet addr:192.168.0.0 Mask:255.255.255.0 5 | 6 | iptables -A INPUT -d 1.1.1.1/32 -j ACCEPT 7 | -------------------------------------------------------------------------------- /test/iptables_parse/test_rule24.txt: -------------------------------------------------------------------------------- 1 | # test simple rule 2 | 3 | eth0 Link encap:Ethernet HWaddr d4:be:d9:c6:15:71 4 | inet addr:192.168.0.0 Mask:255.255.255.0 5 | eth1 Link encap:Ethernet HWaddr d4:be:d9:c6:15:71 6 | inet addr:192.168.1.0 Mask:255.255.255.0 7 | 8 | iptables -A INPUT -i eth0 -j ACCEPT 9 | -------------------------------------------------------------------------------- /test/iptables_parse/test_rule25.txt: -------------------------------------------------------------------------------- 1 | # test simple rule 2 | 3 | eth0 Link encap:Ethernet HWaddr d4:be:d9:c6:15:71 4 | inet addr:192.168.0.0 Mask:255.255.255.0 5 | eth1 Link encap:Ethernet HWaddr d4:be:d9:c6:15:71 6 | inet addr:192.168.1.0 Mask:255.255.255.0 7 | 8 | iptables -A INPUT -o eth1 -j ACCEPT 9 | -------------------------------------------------------------------------------- /test/iptables_parse/test_rule26.txt: -------------------------------------------------------------------------------- 1 | # test simple rule 2 | 3 | eth0 Link encap:Ethernet HWaddr d4:be:d9:c6:15:71 4 | inet addr:192.168.0.0 Mask:255.255.255.0 5 | 6 | iptables -A INPUT -j ACCEPT 7 | iptables -A INPUT -f -j ACCEPT 8 | -------------------------------------------------------------------------------- /test/iptables_parse/test_rule27.txt: -------------------------------------------------------------------------------- 1 | # test simple rule 2 | 3 | eth0 Link encap:Ethernet HWaddr d4:be:d9:c6:15:71 4 | inet addr:192.168.0.0 Mask:255.255.255.0 5 | 6 | iptables -A INPUT -j ACCEPT 7 | iptables -A INPUT -c 8 23 -j ACCEPT 8 | -------------------------------------------------------------------------------- /test/iptables_parse/test_rule3.txt: -------------------------------------------------------------------------------- 1 | # test table nat rule 2 | 3 | eth0 Link encap:Ethernet HWaddr d4:be:d9:c6:15:71 4 | inet addr:192.168.0.0 Mask:255.255.255.0 5 | 6 | iptables -A INPUT -j ACCEPT 7 | iptables -t nat -A OUTPUT -j ACCEPT 8 | -------------------------------------------------------------------------------- /test/iptables_parse/test_rule4.txt: -------------------------------------------------------------------------------- 1 | # test table mangle rule 2 | 3 | eth0 Link encap:Ethernet HWaddr d4:be:d9:c6:15:71 4 | inet addr:192.168.0.0 Mask:255.255.255.0 5 | 6 | iptables -A INPUT -j ACCEPT 7 | iptables -t mangle -A OUPUT -j ACCEPT 8 | -------------------------------------------------------------------------------- /test/iptables_parse/test_rule5.txt: -------------------------------------------------------------------------------- 1 | # test rule 2 | 3 | eth0 Link encap:Ethernet HWaddr d4:be:d9:c6:15:71 4 | inet addr:192.168.0.0 Mask:255.255.255.0 5 | 6 | iptables -A INPUT -j ACCEPT 7 | iptables -A INPUT -j DROP 8 | iptables -D INPUT -j ACCEPT 9 | -------------------------------------------------------------------------------- /test/iptables_parse/test_rule6.txt: -------------------------------------------------------------------------------- 1 | # test simple rule 2 | 3 | eth0 Link encap:Ethernet HWaddr d4:be:d9:c6:15:71 4 | inet addr:192.168.0.0 Mask:255.255.255.0 5 | 6 | iptables -A INPUT -j ACCEPT 7 | iptables -A INPUT -j DROP 8 | iptables -D INPUT 1 9 | -------------------------------------------------------------------------------- /test/iptables_parse/test_rule7.txt: -------------------------------------------------------------------------------- 1 | # test simple rule 2 | 3 | eth0 Link encap:Ethernet HWaddr d4:be:d9:c6:15:71 4 | inet addr:192.168.0.0 Mask:255.255.255.0 5 | 6 | iptables -A INPUT -j ACCEPT 7 | iptables -I INPUT 1 -j DROP 8 | -------------------------------------------------------------------------------- /test/iptables_parse/test_rule8.txt: -------------------------------------------------------------------------------- 1 | # test simple rule 2 | 3 | eth0 Link encap:Ethernet HWaddr d4:be:d9:c6:15:71 4 | inet addr:192.168.0.0 Mask:255.255.255.0 5 | 6 | iptables -A INPUT -j ACCEPT 7 | iptables -I INPUT -j DROP 8 | -------------------------------------------------------------------------------- /test/iptables_parse/test_rule9.txt: -------------------------------------------------------------------------------- 1 | # test simple rule 2 | 3 | eth0 Link encap:Ethernet HWaddr d4:be:d9:c6:15:71 4 | inet addr:192.168.0.0 Mask:255.255.255.0 5 | 6 | iptables -A INPUT -j ACCEPT 7 | iptables -R INPUT 1 -j DROP 8 | -------------------------------------------------------------------------------- /test/juniper_parse/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/conix-security/audit-springbok/8d5cf7256f4bd7a04e78712c8ff33a37ee217027/test/juniper_parse/__init__.py -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule1.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule10.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule100.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule101.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule102.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule103.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule104.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[.*tcp.*\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule105.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule106.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule107.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule108.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule109.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule11.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule110.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule111.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule112.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule113.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule114.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule115.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule116.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule117.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule118.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule119.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[.*1\.1\.1\.1.*\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule12.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule120.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[!.*1\.1\.1\.1.*\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule121.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[1\.1\.1\.1.*\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule122.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[!.*1\.1\.1\.1.*\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule123.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule124.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule125.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule126.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule127.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[.*tcp.*\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule128.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule129.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule13.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: permit 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule14.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule15.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule16.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule17.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule18.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule19.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule2.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule20.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule21.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule22.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule23.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule24.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule25.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule26.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule27.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule28.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule29.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule3.txt: -------------------------------------------------------------------------------- 1 | id: 2 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule30.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule31.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule32.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule33.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule34.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule35.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule36.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule37.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule38.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule39.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule4.txt: -------------------------------------------------------------------------------- 1 | id: 1 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | .*id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 3 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule40.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule41.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule42.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule43.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule44.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule45.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule46.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule47.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule48.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule49.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule50.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule51.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule52.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule53.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule54.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule55.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule56.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule57.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule58.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule59.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule6.txt: -------------------------------------------------------------------------------- 1 | id: 0 name: test protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule60.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule61.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule62.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule63.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule64.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule65.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule66.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule67.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule68.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule69.txt: -------------------------------------------------------------------------------- 1 | id: 1 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | .*id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 3 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule7.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule70.txt: -------------------------------------------------------------------------------- 1 | id: 1 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | .*id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 3 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule71.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | .*id: .* protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: permit 3 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule72.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[.*1\.1\.1\.1.*\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule73.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[.*127\.0\.0\.1.*\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule74.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[.*1\.1\.1\.1 / 8.*\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule75.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[1\.1\.1\.1 / 8.*\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule76.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[1\.1\.1\.1 / 8.*\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule77.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule78.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[1\.1\.1\.1.*\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule79.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[1\.1\.1\.1.*\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule8.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule80.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[1\.1\.1\.1.*\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule81.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule82.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[.*egp.*\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule83.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[.*tcp.*\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule84.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[.*udp.*\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule85.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[.*tcp.*\] ip_source: \[\] port_source: \[.*80.*-.*80.*\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule86.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[.*tcp.*\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[.*80.*-.*80.*\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule87.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[.*tcp.*\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[.*80.*-.*80.*\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule88.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[.*tcp.*\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[.*80.*-.*80.*\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule89.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[.*icmp.*\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule9.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule90.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule91.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule92.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule93.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[.*tcp.*icmp.*\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule94.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[.*tcp.*egp.*\] ip_source: \[\] port_source: \[.*80.*-.*80.*\] ip_dest: \[\] port_dest: \[.*80.*-.*80.*\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule95.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[.*tcp.*tcp.*\] ip_source: \[\] port_source: \[.*80.*-.*80.*\] ip_dest: \[\] port_dest: \[.*80.*-.*80.*\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule96.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[.*tcp.*udp.*\] ip_source: \[\] port_source: \[.*80.*80.*\] ip_dest: \[\] port_dest: \[.*80.*80.*\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule97.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[.*tcp.*\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule98.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[.*tcp.*\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/ref_rule99.txt: -------------------------------------------------------------------------------- 1 | id: 0 protocol: \[\] ip_source: \[\] port_source: \[\] ip_dest: \[\] port_dest: \[\] action: deny 2 | -------------------------------------------------------------------------------- /test/juniper_parse/test_rule1.txt: -------------------------------------------------------------------------------- 1 | # test simple rule 2 | 3 | set interface "ethernet0/0" zone "Trust" 4 | set interface "ethernet0/0" ip 192.168.0.0/24 5 | set interface "ethernet0/1" zone "Untrust" 6 | set interface "ethernet0/1" ip 192.168.1.0/24 7 | 8 | set policy id 0 from "Untrust" to "Trust" any any any deny 9 | -------------------------------------------------------------------------------- /test/juniper_parse/test_rule10.txt: -------------------------------------------------------------------------------- 1 | # test nat dst ip rule 2 | 3 | set interface "ethernet0/0" zone "Trust" 4 | set interface "ethernet0/0" ip 192.168.0.0/24 5 | set interface "ethernet0/1" zone "Untrust" 6 | set interface "ethernet0/1" ip 192.168.1.0/24 7 | 8 | set policy id 0 from "Untrust" to "Trust" any any any nat dst ip 192.168.0.1 deny 9 | -------------------------------------------------------------------------------- /test/juniper_parse/test_rule112.txt: -------------------------------------------------------------------------------- 1 | # test simple rule 2 | 3 | set interface "ethernet0/0" zone "Trust" 4 | set interface "ethernet0/0" ip 192.168.0.0/24 5 | set interface "ethernet0/1" zone "Untrust" 6 | set interface "ethernet0/1" ip 192.168.1.0/24 7 | 8 | set policy id 0 from "Untrust" to "Trust" any any any deny 9 | set policy id 0 gtp test 10 | -------------------------------------------------------------------------------- /test/juniper_parse/test_rule113.txt: -------------------------------------------------------------------------------- 1 | # test simple rule 2 | 3 | set interface "ethernet0/0" zone "Trust" 4 | set interface "ethernet0/0" ip 192.168.0.0/24 5 | set interface "ethernet0/1" zone "Untrust" 6 | set interface "ethernet0/1" ip 192.168.1.0/24 7 | 8 | set policy id 0 from "Untrust" to "Trust" any any any deny 9 | set policy id 0 idp 10 | -------------------------------------------------------------------------------- /test/juniper_parse/test_rule12.txt: -------------------------------------------------------------------------------- 1 | # test nat dst ip port rule 2 | 3 | set interface "ethernet0/0" zone "Trust" 4 | set interface "ethernet0/0" ip 192.168.0.0/24 5 | set interface "ethernet0/1" zone "Untrust" 6 | set interface "ethernet0/1" ip 192.168.1.0/24 7 | 8 | set policy id 0 from "Untrust" to "Trust" any any any nat dst ip 192.168.0.1 port 23 deny 9 | -------------------------------------------------------------------------------- /test/juniper_parse/test_rule13.txt: -------------------------------------------------------------------------------- 1 | # test permit rule 2 | 3 | set interface "ethernet0/0" zone "Trust" 4 | set interface "ethernet0/0" ip 192.168.0.0/24 5 | set interface "ethernet0/1" zone "Untrust" 6 | set interface "ethernet0/1" ip 192.168.1.0/24 7 | 8 | set policy id 0 from "Untrust" to "Trust" any any any permit 9 | -------------------------------------------------------------------------------- /test/juniper_parse/test_rule14.txt: -------------------------------------------------------------------------------- 1 | # test reject rule 2 | 3 | set interface "ethernet0/0" zone "Trust" 4 | set interface "ethernet0/0" ip 192.168.0.0/24 5 | set interface "ethernet0/1" zone "Untrust" 6 | set interface "ethernet0/1" ip 192.168.1.0/24 7 | 8 | set policy id 0 from "Untrust" to "Trust" any any any reject 9 | -------------------------------------------------------------------------------- /test/juniper_parse/test_rule2.txt: -------------------------------------------------------------------------------- 1 | # test global rule 2 | 3 | set interface "ethernet0/0" zone "Trust" 4 | set interface "ethernet0/0" ip 192.168.0.0/24 5 | set interface "ethernet0/1" zone "Untrust" 6 | set interface "ethernet0/1" ip 192.168.1.0/24 7 | 8 | set policy global id 0 from "Untrust" to "Trust" any any any deny 9 | -------------------------------------------------------------------------------- /test/juniper_parse/test_rule20.txt: -------------------------------------------------------------------------------- 1 | # test no-hw-sess rule 2 | 3 | set interface "ethernet0/0" zone "Trust" 4 | set interface "ethernet0/0" ip 192.168.0.0/24 5 | set interface "ethernet0/1" zone "Untrust" 6 | set interface "ethernet0/1" ip 192.168.1.0/24 7 | 8 | set policy id 0 from "Untrust" to "Trust" any any any deny no-hw-sess 9 | -------------------------------------------------------------------------------- /test/juniper_parse/test_rule21.txt: -------------------------------------------------------------------------------- 1 | # test auth rule 2 | 3 | set interface "ethernet0/0" zone "Trust" 4 | set interface "ethernet0/0" ip 192.168.0.0/24 5 | set interface "ethernet0/1" zone "Untrust" 6 | set interface "ethernet0/1" ip 192.168.1.0/24 7 | 8 | set policy id 0 from "Untrust" to "Trust" any any any deny auth 9 | -------------------------------------------------------------------------------- /test/juniper_parse/test_rule22.txt: -------------------------------------------------------------------------------- 1 | # test auth server rule 2 | 3 | set interface "ethernet0/0" zone "Trust" 4 | set interface "ethernet0/0" ip 192.168.0.0/24 5 | set interface "ethernet0/1" zone "Untrust" 6 | set interface "ethernet0/1" ip 192.168.1.0/24 7 | 8 | set policy id 0 from "Untrust" to "Trust" any any any deny auth server test 9 | -------------------------------------------------------------------------------- /test/juniper_parse/test_rule23.txt: -------------------------------------------------------------------------------- 1 | # test auth server webauth rule 2 | 3 | set interface "ethernet0/0" zone "Trust" 4 | set interface "ethernet0/0" ip 192.168.0.0/24 5 | set interface "ethernet0/1" zone "Untrust" 6 | set interface "ethernet0/1" ip 192.168.1.0/24 7 | 8 | set policy id 0 from "Untrust" to "Trust" any any any deny auth server webauth 9 | -------------------------------------------------------------------------------- /test/juniper_parse/test_rule27.txt: -------------------------------------------------------------------------------- 1 | # test group-expression rule 2 | 3 | set interface "ethernet0/0" zone "Trust" 4 | set interface "ethernet0/0" ip 192.168.0.0/24 5 | set interface "ethernet0/1" zone "Untrust" 6 | set interface "ethernet0/1" ip 192.168.1.0/24 7 | 8 | set policy id 0 from "Untrust" to "Trust" any any any deny group-expression test 9 | -------------------------------------------------------------------------------- /test/juniper_parse/test_rule28.txt: -------------------------------------------------------------------------------- 1 | # test user rule 2 | 3 | set interface "ethernet0/0" zone "Trust" 4 | set interface "ethernet0/0" ip 192.168.0.0/24 5 | set interface "ethernet0/1" zone "Untrust" 6 | set interface "ethernet0/1" ip 192.168.1.0/24 7 | 8 | set policy id 0 from "Untrust" to "Trust" any any any deny user test 9 | -------------------------------------------------------------------------------- /test/juniper_parse/test_rule29.txt: -------------------------------------------------------------------------------- 1 | # test user-group rule 2 | 3 | set interface "ethernet0/0" zone "Trust" 4 | set interface "ethernet0/0" ip 192.168.0.0/24 5 | set interface "ethernet0/1" zone "Untrust" 6 | set interface "ethernet0/1" ip 192.168.1.0/24 7 | 8 | set policy id 0 from "Untrust" to "Trust" any any any deny user-group test 9 | -------------------------------------------------------------------------------- /test/juniper_parse/test_rule3.txt: -------------------------------------------------------------------------------- 1 | # test id rule 2 | 3 | set interface "ethernet0/0" zone "Trust" 4 | set interface "ethernet0/0" ip 192.168.0.0/24 5 | set interface "ethernet0/1" zone "Untrust" 6 | set interface "ethernet0/1" ip 192.168.1.0/24 7 | 8 | set policy id 2 from "Untrust" to "Trust" any any any deny 9 | -------------------------------------------------------------------------------- /test/juniper_parse/test_rule30.txt: -------------------------------------------------------------------------------- 1 | # test schedule rule 2 | 3 | set interface "ethernet0/0" zone "Trust" 4 | set interface "ethernet0/0" ip 192.168.0.0/24 5 | set interface "ethernet0/1" zone "Untrust" 6 | set interface "ethernet0/1" ip 192.168.1.0/24 7 | 8 | set policy id 0 from "Untrust" to "Trust" any any any deny schedule test 9 | -------------------------------------------------------------------------------- /test/juniper_parse/test_rule31.txt: -------------------------------------------------------------------------------- 1 | # test log rule 2 | 3 | set interface "ethernet0/0" zone "Trust" 4 | set interface "ethernet0/0" ip 192.168.0.0/24 5 | set interface "ethernet0/1" zone "Untrust" 6 | set interface "ethernet0/1" ip 192.168.1.0/24 7 | 8 | set policy id 0 from "Untrust" to "Trust" any any any deny log 9 | -------------------------------------------------------------------------------- /test/juniper_parse/test_rule32.txt: -------------------------------------------------------------------------------- 1 | # test log alert rule 2 | 3 | set interface "ethernet0/0" zone "Trust" 4 | set interface "ethernet0/0" ip 192.168.0.0/24 5 | set interface "ethernet0/1" zone "Untrust" 6 | set interface "ethernet0/1" ip 192.168.1.0/24 7 | 8 | set policy id 0 from "Untrust" to "Trust" any any any deny log alert 9 | -------------------------------------------------------------------------------- /test/juniper_parse/test_rule33.txt: -------------------------------------------------------------------------------- 1 | # test count rule 2 | 3 | set interface "ethernet0/0" zone "Trust" 4 | set interface "ethernet0/0" ip 192.168.0.0/24 5 | set interface "ethernet0/1" zone "Untrust" 6 | set interface "ethernet0/1" ip 192.168.1.0/24 7 | 8 | set policy id 0 from "Untrust" to "Trust" any any any deny count 9 | -------------------------------------------------------------------------------- /test/juniper_parse/test_rule34.txt: -------------------------------------------------------------------------------- 1 | # test count alarm rule 2 | 3 | set interface "ethernet0/0" zone "Trust" 4 | set interface "ethernet0/0" ip 192.168.0.0/24 5 | set interface "ethernet0/1" zone "Untrust" 6 | set interface "ethernet0/1" ip 192.168.1.0/24 7 | 8 | set policy id 0 from "Untrust" to "Trust" any any any deny count alarm 8 9 9 | -------------------------------------------------------------------------------- /test/juniper_parse/test_rule35.txt: -------------------------------------------------------------------------------- 1 | # test no-session-backup rule 2 | 3 | set interface "ethernet0/0" zone "Trust" 4 | set interface "ethernet0/0" ip 192.168.0.0/24 5 | set interface "ethernet0/1" zone "Untrust" 6 | set interface "ethernet0/1" ip 192.168.1.0/24 7 | 8 | set policy id 0 from "Untrust" to "Trust" any any any deny no-session-backup 9 | -------------------------------------------------------------------------------- /test/juniper_parse/test_rule36.txt: -------------------------------------------------------------------------------- 1 | # test url-filter rule 2 | 3 | set interface "ethernet0/0" zone "Trust" 4 | set interface "ethernet0/0" ip 192.168.0.0/24 5 | set interface "ethernet0/1" zone "Untrust" 6 | set interface "ethernet0/1" ip 192.168.1.0/24 7 | 8 | set policy id 0 from "Untrust" to "Trust" any any any deny url-filter 9 | -------------------------------------------------------------------------------- /test/juniper_parse/test_rule37.txt: -------------------------------------------------------------------------------- 1 | # test traffic rule 2 | 3 | set interface "ethernet0/0" zone "Trust" 4 | set interface "ethernet0/0" ip 192.168.0.0/24 5 | set interface "ethernet0/1" zone "Untrust" 6 | set interface "ethernet0/1" ip 192.168.1.0/24 7 | 8 | set policy id 0 from "Untrust" to "Trust" any any any deny traffic 9 | -------------------------------------------------------------------------------- /test/juniper_parse/test_rule38.txt: -------------------------------------------------------------------------------- 1 | # test gbw rule 2 | 3 | set interface "ethernet0/0" zone "Trust" 4 | set interface "ethernet0/0" ip 192.168.0.0/24 5 | set interface "ethernet0/1" zone "Untrust" 6 | set interface "ethernet0/1" ip 192.168.1.0/24 7 | 8 | set policy id 0 from "Untrust" to "Trust" any any any deny gbw 8 9 | -------------------------------------------------------------------------------- /test/juniper_parse/test_rule39.txt: -------------------------------------------------------------------------------- 1 | # test priority rule 2 | 3 | set interface "ethernet0/0" zone "Trust" 4 | set interface "ethernet0/0" ip 192.168.0.0/24 5 | set interface "ethernet0/1" zone "Untrust" 6 | set interface "ethernet0/1" ip 192.168.1.0/24 7 | 8 | set policy id 0 from "Untrust" to "Trust" any any any deny priority 8 9 | -------------------------------------------------------------------------------- /test/juniper_parse/test_rule40.txt: -------------------------------------------------------------------------------- 1 | # test mbw rule 2 | 3 | set interface "ethernet0/0" zone "Trust" 4 | set interface "ethernet0/0" ip 192.168.0.0/24 5 | set interface "ethernet0/1" zone "Untrust" 6 | set interface "ethernet0/1" ip 192.168.1.0/24 7 | 8 | set policy id 0 from "Untrust" to "Trust" any any any deny mbw 8 9 | -------------------------------------------------------------------------------- /test/juniper_parse/test_rule41.txt: -------------------------------------------------------------------------------- 1 | # test pbw rule 2 | 3 | set interface "ethernet0/0" zone "Trust" 4 | set interface "ethernet0/0" ip 192.168.0.0/24 5 | set interface "ethernet0/1" zone "Untrust" 6 | set interface "ethernet0/1" ip 192.168.1.0/24 7 | 8 | set policy id 0 from "Untrust" to "Trust" any any any deny pbw 8 9 | -------------------------------------------------------------------------------- /test/juniper_parse/test_rule42.txt: -------------------------------------------------------------------------------- 1 | # test qos-profile rule 2 | 3 | set interface "ethernet0/0" zone "Trust" 4 | set interface "ethernet0/0" ip 192.168.0.0/24 5 | set interface "ethernet0/1" zone "Untrust" 6 | set interface "ethernet0/1" ip 192.168.1.0/24 7 | 8 | set policy id 0 from "Untrust" to "Trust" any any any deny qos-profile test 9 | -------------------------------------------------------------------------------- /test/juniper_parse/test_rule43.txt: -------------------------------------------------------------------------------- 1 | # test dscp disable rule 2 | 3 | set interface "ethernet0/0" zone "Trust" 4 | set interface "ethernet0/0" ip 192.168.0.0/24 5 | set interface "ethernet0/1" zone "Untrust" 6 | set interface "ethernet0/1" ip 192.168.1.0/24 7 | 8 | set policy id 0 from "Untrust" to "Trust" any any any deny dscp disable 9 | -------------------------------------------------------------------------------- /test/juniper_parse/test_rule44.txt: -------------------------------------------------------------------------------- 1 | # test dscp enable rule 2 | 3 | set interface "ethernet0/0" zone "Trust" 4 | set interface "ethernet0/0" ip 192.168.0.0/24 5 | set interface "ethernet0/1" zone "Untrust" 6 | set interface "ethernet0/1" ip 192.168.1.0/24 7 | 8 | set policy id 0 from "Untrust" to "Trust" any any any deny dscp enable 9 | -------------------------------------------------------------------------------- /test/juniper_parse/test_rule45.txt: -------------------------------------------------------------------------------- 1 | # test dscp enable value rule 2 | 3 | set interface "ethernet0/0" zone "Trust" 4 | set interface "ethernet0/0" ip 192.168.0.0/24 5 | set interface "ethernet0/1" zone "Untrust" 6 | set interface "ethernet0/1" ip 192.168.1.0/24 7 | 8 | set policy id 0 from "Untrust" to "Trust" any any any deny dscp enable value 8 9 | -------------------------------------------------------------------------------- /test/juniper_parse/test_rule46.txt: -------------------------------------------------------------------------------- 1 | # test infranet-auth rule 2 | 3 | set interface "ethernet0/0" zone "Trust" 4 | set interface "ethernet0/0" ip 192.168.0.0/24 5 | set interface "ethernet0/1" zone "Untrust" 6 | set interface "ethernet0/1" ip 192.168.1.0/24 7 | 8 | set policy id 0 from "Untrust" to "Trust" any any any deny infranet-auth 9 | -------------------------------------------------------------------------------- /test/juniper_parse/test_rule47.txt: -------------------------------------------------------------------------------- 1 | # test simple rule 2 | 3 | set interface "ethernet0/0" zone "Trust" 4 | set interface "ethernet0/0" ip 192.168.0.0/24 5 | set interface "ethernet0/1" zone "Untrust" 6 | set interface "ethernet0/1" ip 192.168.1.0/24 7 | 8 | set policy id 0 from "Untrust" to "Trust" any any any deny 9 | -------------------------------------------------------------------------------- /test/juniper_parse/test_rule48.txt: -------------------------------------------------------------------------------- 1 | # test simple rule 2 | 3 | set interface "ethernet0/0" zone "Trust" 4 | set interface "ethernet0/0" ip 192.168.0.0/24 5 | set interface "ethernet0/1" zone "Untrust" 6 | set interface "ethernet0/1" ip 192.168.1.0/24 7 | 8 | set policy id 0 from "Untrust" to "Trust" any any any deny 9 | -------------------------------------------------------------------------------- /test/juniper_parse/test_rule54.txt: -------------------------------------------------------------------------------- 1 | # test attack action drop rule 2 | 3 | set interface "ethernet0/0" zone "Trust" 4 | set interface "ethernet0/0" ip 192.168.0.0/24 5 | set interface "ethernet0/1" zone "Untrust" 6 | set interface "ethernet0/1" ip 192.168.1.0/24 7 | 8 | set policy id 0 from "Untrust" to "Trust" any any any deny attack test action drop 9 | -------------------------------------------------------------------------------- /test/juniper_parse/test_rule57.txt: -------------------------------------------------------------------------------- 1 | # test attack action none rule 2 | 3 | set interface "ethernet0/0" zone "Trust" 4 | set interface "ethernet0/0" ip 192.168.0.0/24 5 | set interface "ethernet0/1" zone "Untrust" 6 | set interface "ethernet0/1" ip 192.168.1.0/24 7 | 8 | set policy id 0 from "Untrust" to "Trust" any any any deny attack test action none 9 | -------------------------------------------------------------------------------- /test/juniper_parse/test_rule58.txt: -------------------------------------------------------------------------------- 1 | # test attack logging rule 2 | 3 | set interface "ethernet0/0" zone "Trust" 4 | set interface "ethernet0/0" ip 192.168.0.0/24 5 | set interface "ethernet0/1" zone "Untrust" 6 | set interface "ethernet0/1" ip 192.168.1.0/24 7 | 8 | set policy id 0 from "Untrust" to "Trust" any any any deny attack test logging 9 | -------------------------------------------------------------------------------- /test/juniper_parse/test_rule6.txt: -------------------------------------------------------------------------------- 1 | # test simple rule 2 | 3 | set interface "ethernet0/0" zone "Trust" 4 | set interface "ethernet0/0" ip 192.168.0.0/24 5 | set interface "ethernet0/1" zone "Untrust" 6 | set interface "ethernet0/1" ip 192.168.1.0/24 7 | 8 | set policy id 0 name test from "Untrust" to "Trust" any any any deny 9 | -------------------------------------------------------------------------------- /test/juniper_parse/test_rule68.txt: -------------------------------------------------------------------------------- 1 | # test av rule 2 | 3 | set interface "ethernet0/0" zone "Trust" 4 | set interface "ethernet0/0" ip 192.168.0.0/24 5 | set interface "ethernet0/1" zone "Untrust" 6 | set interface "ethernet0/1" ip 192.168.1.0/24 7 | 8 | set policy id 0 from "Untrust" to "Trust" any any any deny av test 9 | -------------------------------------------------------------------------------- /test/juniper_parse/test_rule7.txt: -------------------------------------------------------------------------------- 1 | # test nat rule 2 | 3 | set interface "ethernet0/0" zone "Trust" 4 | set interface "ethernet0/0" ip 192.168.0.0/24 5 | set interface "ethernet0/1" zone "Untrust" 6 | set interface "ethernet0/1" ip 192.168.1.0/24 7 | 8 | set policy id 0 from "Untrust" to "Trust" any any any nat deny 9 | -------------------------------------------------------------------------------- /test/juniper_parse/test_rule8.txt: -------------------------------------------------------------------------------- 1 | # test nat src rule 2 | 3 | set interface "ethernet0/0" zone "Trust" 4 | set interface "ethernet0/0" ip 192.168.0.0/24 5 | set interface "ethernet0/1" zone "Untrust" 6 | set interface "ethernet0/1" ip 192.168.1.0/24 7 | 8 | set policy id 0 from "Untrust" to "Trust" any any any nat src deny 9 | -------------------------------------------------------------------------------- /test/juniper_parse/test_rule9.txt: -------------------------------------------------------------------------------- 1 | # test nat src dip-id rule 2 | 3 | set interface "ethernet0/0" zone "Trust" 4 | set interface "ethernet0/0" ip 192.168.0.0/24 5 | set interface "ethernet0/1" zone "Untrust" 6 | set interface "ethernet0/1" ip 192.168.1.0/24 7 | 8 | set policy id 0 from "Untrust" to "Trust" any any any nat src dip-id 8 deny 9 | --------------------------------------------------------------------------------