# DDoS Secure configuration file created on 192.168.1.71 Mon Jul 21 16:31:40 2014
[configuration]
version e2
configuration -General-
remove user all
remove protected all
remove decryptkeys all
remove fagg all
remove filter all
remove portal all
remove gateway internet all
remove gateway protected all
remove share all
remove inspect all
remove tuneable all
remove geoip all
remove wrapper all
remove chassis all
remove route all
remove bgp all
remove pseudol3 all
context -General-
set usage hwid 00:18:D1:73:EF:73 bandwidth 1G protected 8K portals 64 filters 1K ratelimiters 32K macs 2K tracked 16M tcps 4M udps 512K icmps 64K others 64K frags 16K ftps 8K httpparsers 8K ssldecoders 8K sslsessions 8K sslhsbuffers 1K sslbbuffers 2K sslkx 8K
set interface management hwid 00:18:D1:73:EF:73 ip 192.168.1.71 netmask 255.255.255.0 gateway 192.168.1.1 linkmode auto fcmode auto
set interface protected hwid 00:18:D1:73:EF:73 linkmode auto fcmode auto
set interface internet hwid 00:18:D1:73:EF:73 linkmode auto fcmode auto
set interface datashare hwid 00:18:D1:73:EF:73 ip none netmask 255.255.255.0 linkmode auto fcmode auto
set interface global mtu 1500 cdp yes lfpt no trackvlans no portpair1 yes portpair2 yes portpair3 yes portpair4 yes portpair5 yes portpair6 yes
set portal -General- ip all validpkts U burstpkts U validspeed U burstspeed U filters 15 rerouteminpkts 1K reroutemaxpkts 50K rerouteminspeed 20M reroutemaxspeed 1G protected 128
set operation mode defending countries all aslist all
set user user password $1$luagHKBJ$08OPUeJPwD8.16nVxAqyE/ perms administrator
set user guest password $1$nwagH1BJ$MjQfg/XCqQExeypJy8zSw/ perms guest
set user velanin password $1$L7JhHvgE$Xcrvvuhl83S/de0F.oNzh/ perms administrator
set auth radius server none backup none port 1812 secret SAMPLE-SECRET enabled no
set filter inb-tcp src_tcp all tcp all http 80 src_udp none udp none icmp none icmp6 none otherip none countries all networks all aslist all validpkts U burstpkts U validspeed U burstspeed U ratelimit-by filter
set filter inb-udp src_tcp none tcp none http none src_udp all udp 1-79,81-442,444-65535 icmp none icmp6 none otherip none countries all networks all aslist all validpkts 30K burstpkts 30K validspeed U burstspeed U ratelimit-by filter
set filter inb-icmp src_tcp none tcp none http none src_udp none udp none icmp 0-18 icmp6 1-4,128-154 otherip none countries all networks all aslist all validpkts 1K burstpkts 1K validspeed U burstspeed U ratelimit-by filter
set filter inb-other src_tcp none tcp none http none src_udp none udp none icmp none icmp6 none otherip all countries all networks all aslist all validpkts 30K burstpkts 30K validspeed U burstspeed U ratelimit-by filter
set filter out-tcp src_tcp all tcp all http 80 src_udp none udp none icmp none icmp6 none otherip none countries all networks all aslist all validpkts U burstpkts U validspeed U burstspeed U ratelimit-by filter
set filter out-udp src_tcp none tcp none http none src_udp all udp all icmp none icmp6 none otherip none countries all networks all aslist all validpkts U burstpkts U validspeed U burstspeed U ratelimit-by filter
set filter out-icmp src_tcp none tcp none http none src_udp none udp none icmp 0-18 icmp6 1-4,128-154 otherip none countries all networks all aslist all validpkts U burstpkts U validspeed U burstspeed U ratelimit-by filter
set filter out-other src_tcp none tcp none http none src_udp none udp none icmp none icmp6 none otherip all countries all networks all aslist all validpkts U burstpkts U validspeed U burstspeed U ratelimit-by filter
set filter multicast src_tcp none tcp none http none src_udp all udp all icmp 0-18 icmp6 1-4,128-154 otherip all countries all networks all aslist all validpkts U burstpkts U validspeed U burstspeed U ratelimit-by filter
set filter broadcast src_tcp none tcp none http none src_udp all udp 1-6,8-65535 icmp none icmp6 none otherip all countries all networks all aslist all validpkts U burstpkts U validspeed U burstspeed U ratelimit-by filter
set filter intercept src_tcp all tcp all http 80 src_udp none udp none icmp none icmp6 none otherip none countries all networks all aslist all validpkts U burstpkts U validspeed U burstspeed U ratelimit-by filter
set fagg inbound filtera inb-tcp filterb inb-udp filterc inb-icmp filterd inb-other filtere -undefined- filterf -undefined- filterg -undefined-
set fagg outbound filtera out-tcp filterb out-udp filterc out-icmp filterd out-other filtere -undefined- filterf -undefined- filterg -undefined-
set appliance hostname 192.168.1.71 mode defending hamode standalone autoblockenable yes autoblockratet1 200 autoblockratet2 100 autoblocksynrst 300 autoblockfragrate 10 autoblockgetrate 300 autonoblock none serverautodetect yes trackindeterminate yes testenvironment no allportalsdefending no fips_enable no ssl_inspection lowlatency asymrouting no priority 0 groupingid 15
set portaldefense backlog U connections U connrate U gets U
set protected intercept backlog auto-1000 connections auto-1000 connrate auto-1000 gets auto-1000 infilter intercept outfilter intercept sendtcprejects no soap no fragsdisabled no patgw no mode defending
set protected default backlog auto-1000 connections auto-1000 connrate auto-1000 gets auto-1000 infilter inbound outfilter outbound sendtcprejects no soap no fragsdisabled no patgw no mode defending
set protected multicast backlog auto-1000 connections auto-1000 connrate auto-1000 gets auto-1000 infilter multicast outfilter multicast sendtcprejects no soap no fragsdisabled no patgw no mode defending
set protected broadcast backlog auto-1000 connections auto-1000 connrate auto-1000 gets auto-1000 infilter broadcast outfilter broadcast sendtcprejects no soap no fragsdisabled no patgw no mode defending
set protected indeterminate backlog auto-1000 connections auto-1000 connrate auto-1000 gets auto-1000 infilter default outfilter default sendtcprejects no soap no fragsdisabled no patgw no mode defending
set preferred clients none
set preferred whitenolog none
set preferred whitelisted none
set preferred default none
set preferred countries none
set block country none
set block cignoreip none
set block ip none
set block as none
set dns forwarder 8.8.8.8
set mail server none dailystats yes weeklystats yes monthlystats yes alerts no nullsender yes cluster no alertinterval 5
set clock ntp 91.236.251.24
set clock timezone Europe/Kiev
set access https all
set access https_juniper yes
set access ssh 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
set access ssh_juniper yes
set access snmp 192.168.1.32
set syslog ip 192.168.5.109 facility local0 priority info
set structured ip 192.168.5.109 format welf facility local0 priority info
set snmp trap 192.168.1.32 rocommunity public trapcommunity public syslocation Unknown syscontact youremail@email.com
set netflow ip none port 9996 templatep 100 templatem 60 flowflush 60
set proxy proxyip none proxyport 8080
set threshold create autoadjust yes
set threshold create bandwidthenable yes bandwidthrate 2
set threshold create packetrateenable yes packetraterate 2
set threshold create blockedprotocolenable yes blockedprotocolrate 2
set threshold create blockedstateenable yes blockedstaterate 5
set threshold create attackipenable yes attackiprate 2
set threshold create attacktcpenable yes attacktcprate 5
set threshold create attackudpenable yes attackudprate 2
set threshold create attackicmpenable yes attackicmprate 2
set threshold create attackotheripenable yes attackotheriprate 2
set threshold create attackfragmentenable yes attackfragmentrate 2
set threshold create badippacketenable yes badippacketrate 2
set threshold create badtcppacketenable yes badtcppacketrate 2
set threshold create badudppacketenable yes badudppacketrate 2
set threshold create badicmppacketenable yes badicmppacketrate 2
set threshold create badotherippacketenable yes badotherippacketrate 2
set threshold create overloadedipenable yes overloadediprate 2
set threshold alert bandwidthenable yes bandwidthrate 100
set threshold alert packetrateenable yes packetraterate 100
set threshold alert blockedprotocolenable yes blockedprotocolrate 100
set threshold alert blockedstateenable yes blockedstaterate 100
set threshold alert attackipenable yes attackiprate 100
set threshold alert attacktcpenable yes attacktcprate 100
set threshold alert attackudpenable yes attackudprate 100
set threshold alert attackicmpenable yes attackicmprate 100
set threshold alert attackotheripenable yes attackotheriprate 100
set threshold alert attackfragmentenable yes attackfragmentrate 100
set threshold alert badippacketenable yes badippacketrate 100
set threshold alert badtcppacketenable yes badtcppacketrate 100
set threshold alert badudppacketenable yes badudppacketrate 100
set threshold alert badicmppacketenable yes badicmppacketrate 100
set threshold alert badotherippacketenable yes badotherippacketrate 100
set threshold alert overloadedipenable yes overloadediprate 100
set threshold view bandwidthenable yes bandwidthrate 0
set threshold view packetrateenable yes packetraterate 0
set threshold view blockedprotocolenable yes blockedprotocolrate 0
set threshold view blockedstateenable yes blockedstaterate 0
set threshold view attackipenable yes attackiprate 0
set threshold view attacktcpenable yes attacktcprate 0
set threshold view attackudpenable yes attackudprate 0
set threshold view attackicmpenable yes attackicmprate 0
set threshold view attackotheripenable yes attackotheriprate 0
set threshold view attackfragmentenable yes attackfragmentrate 0
set threshold view badippacketenable yes badippacketrate 0
set threshold view badtcppacketenable yes badtcppacketrate 0
set threshold view badudppacketenable yes badudppacketrate 0
set threshold view badicmppacketenable yes badicmppacketrate 0
set threshold view badotherippacketenable yes badotherippacketrate 0
set threshold view overloadedipenable yes overloadediprate 0
set threshold offenders bandwidthenable yes bandwidthrate 10
set threshold offenders packetrateenable yes packetraterate 10
set threshold offenders blockedprotocolenable yes blockedprotocolrate 10
set threshold offenders blockedstateenable yes blockedstaterate 10
set threshold offenders attackipenable yes attackiprate 10
set threshold offenders attacktcpenable yes attacktcprate 10
set threshold offenders attackudpenable yes attackudprate 10
set threshold offenders attackicmpenable yes attackicmprate 10
set threshold offenders attackotheripenable yes attackotheriprate 10
set threshold offenders attackfragmentenable yes attackfragmentrate 10
set threshold offenders badippacketenable yes badippacketrate 10
set threshold offenders badtcppacketenable yes badtcppacketrate 10
set threshold offenders badudppacketenable yes badudppacketrate 10
set threshold offenders badicmppacketenable yes badicmppacketrate 10
set threshold offenders badotherippacketenable yes badotherippacketrate 10
set threshold offenders overloadedipenable yes overloadediprate 10
set debugging bandwidth no packetrate no blockedprotocol no blockedstate no attackip no attacktcp no attackudp no attackicmp no attackotherip no attackfragment no badippacket no badtcppacket no badudppacket no badicmppacket no badotherippacket no overloadedip no worstoffenders yes autoblacklist yes incidentdetail no
set incidents timeout 5 lifetime 60 threshold 60 logrefresh 60
set wrapper unwrap gtp no gre yes ip6in4 yes
set bgp peer ddos_secure 192.168.1.1 our_as 65500 neigh_ip 192.168.1.1 neigh_as 65500 lowertimer 300 autoinject no ratelimit 100K
set bgp peer ddos_secure 192.168.1.71 our_as 65500 neigh_ip 192.168.1.1 neigh_as 65500 lowertimer 60 autoinject yes ratelimit 96
[configuration]
version e2
configuration -General-
remove user all
remove protected all
remove decryptkeys all
remove fagg all
remove filter all
remove portal all
remove gateway internet all
remove gateway protected all
remove share all
remove inspect all
remove tuneable all
remove geoip all
remove wrapper all
remove chassis all
remove route all
remove bgp all
remove pseudol3 all
context -General-
set usage hwid 00:18:D1:73:EF:73 bandwidth 1G protected 8K portals 64 filters 1K ratelimiters 32K macs 2K tracked 16M tcps 4M udps 512K icmps 64K others 64K frags 16K ftps 8K httpparsers 8K ssldecoders 8K sslsessions 8K sslhsbuffers 1K sslbbuffers 2K sslkx 8K
set interface management hwid 00:18:D1:73:EF:73 ip 192.168.1.71 netmask 255.255.255.0 gateway 192.168.1.1 linkmode auto fcmode auto
set interface protected hwid 00:18:D1:73:EF:73 linkmode auto fcmode auto
set interface internet hwid 00:18:D1:73:EF:73 linkmode auto fcmode auto
set interface datashare hwid 00:18:D1:73:EF:73 ip none netmask 255.255.255.0 linkmode auto fcmode auto
set interface global mtu 1500 cdp yes lfpt no trackvlans no portpair1 yes portpair2 yes portpair3 yes portpair4 yes portpair5 yes portpair6 yes
set portal -General- ip all validpkts U burstpkts U validspeed U burstspeed U filters 15 rerouteminpkts 1K reroutemaxpkts 50K rerouteminspeed 20M reroutemaxspeed 1G protected 128
set operation mode defending countries all aslist all
set user user password $1$luagHKBJ$08OPUeJPwD8.16nVxAqyE/ perms administrator
set user guest password $1$nwagH1BJ$MjQfg/XCqQExeypJy8zSw/ perms guest
set user velanin password $1$L7JhHvgE$Xcrvvuhl83S/de0F.oNzh/ perms administrator
set auth radius server none backup none port 1812 secret SAMPLE-SECRET enabled no
set filter inb-tcp src_tcp all tcp all http 80 src_udp none udp none icmp none icmp6 none otherip none countries all networks all aslist all validpkts U burstpkts U validspeed U burstspeed U ratelimit-by filter
set filter inb-udp src_tcp none tcp none http none src_udp all udp 1-79,81-442,444-65535 icmp none icmp6 none otherip none countries all networks all aslist all validpkts 30K burstpkts 30K validspeed U burstspeed U ratelimit-by filter
set filter inb-icmp src_tcp none tcp none http none src_udp none udp none icmp 0-18 icmp6 1-4,128-154 otherip none countries all networks all aslist all validpkts 1K burstpkts 1K validspeed U burstspeed U ratelimit-by filter
set filter inb-other src_tcp none tcp none http none src_udp none udp none icmp none icmp6 none otherip all countries all networks all aslist all validpkts 30K burstpkts 30K validspeed U burstspeed U ratelimit-by filter
set filter out-tcp src_tcp all tcp all http 80 src_udp none udp none icmp none icmp6 none otherip none countries all networks all aslist all validpkts U burstpkts U validspeed U burstspeed U ratelimit-by filter
set filter out-udp src_tcp none tcp none http none src_udp all udp all icmp none icmp6 none otherip none countries all networks all aslist all validpkts U burstpkts U validspeed U burstspeed U ratelimit-by filter
set filter out-icmp src_tcp none tcp none http none src_udp none udp none icmp 0-18 icmp6 1-4,128-154 otherip none countries all networks all aslist all validpkts U burstpkts U validspeed U burstspeed U ratelimit-by filter
set filter out-other src_tcp none tcp none http none src_udp none udp none icmp none icmp6 none otherip all countries all networks all aslist all validpkts U burstpkts U validspeed U burstspeed U ratelimit-by filter
set filter multicast src_tcp none tcp none http none src_udp all udp all icmp 0-18 icmp6 1-4,128-154 otherip all countries all networks all aslist all validpkts U burstpkts U validspeed U burstspeed U ratelimit-by filter
set filter broadcast src_tcp none tcp none http none src_udp all udp 1-6,8-65535 icmp none icmp6 none otherip all countries all networks all aslist all validpkts U burstpkts U validspeed U burstspeed U ratelimit-by filter
set filter intercept src_tcp all tcp all http 80 src_udp none udp none icmp none icmp6 none otherip none countries all networks all aslist all validpkts U burstpkts U validspeed U burstspeed U ratelimit-by filter
set fagg inbound filtera inb-tcp filterb inb-udp filterc inb-icmp filterd inb-other filtere -undefined- filterf -undefined- filterg -undefined-
set fagg outbound filtera out-tcp filterb out-udp filterc out-icmp filterd out-other filtere -undefined- filterf -undefined- filterg -undefined-
set appliance hostname 192.168.1.71 mode defending hamode standalone autoblockenable yes autoblockratet1 200 autoblockratet2 100 autoblocksynrst 300 autoblockfragrate 10 autoblockgetrate 300 autonoblock none serverautodetect yes trackindeterminate yes testenvironment no allportalsdefending no fips_enable no ssl_inspection lowlatency asymrouting no priority 0 groupingid 15
set portaldefense backlog U connections U connrate U gets U
set protected intercept backlog auto-1000 connections auto-1000 connrate auto-1000 gets auto-1000 infilter intercept outfilter intercept sendtcprejects no soap no fragsdisabled no patgw no mode defending
set protected default backlog auto-1000 connections auto-1000 connrate auto-1000 gets auto-1000 infilter inbound outfilter outbound sendtcprejects no soap no fragsdisabled no patgw no mode defending
set protected multicast backlog auto-1000 connections auto-1000 connrate auto-1000 gets auto-1000 infilter multicast outfilter multicast sendtcprejects no soap no fragsdisabled no patgw no mode defending
set protected broadcast backlog auto-1000 connections auto-1000 connrate auto-1000 gets auto-1000 infilter broadcast outfilter broadcast sendtcprejects no soap no fragsdisabled no patgw no mode defending
set protected indeterminate backlog auto-1000 connections auto-1000 connrate auto-1000 gets auto-1000 infilter default outfilter default sendtcprejects no soap no fragsdisabled no patgw no mode defending
set preferred clients none
set preferred whitenolog none
set preferred whitelisted none
set preferred default none
set preferred countries none
set block country none
set block cignoreip none
set block ip none
set block as none
set dns forwarder 8.8.8.8
set mail server none dailystats yes weeklystats yes monthlystats yes alerts no nullsender yes cluster no alertinterval 5
set clock ntp 91.236.251.24
set clock timezone Europe/Kiev
set access https all
set access https_juniper yes
set access ssh 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
set access ssh_juniper yes
set access snmp 192.168.1.32
set syslog ip 192.168.5.109 facility local0 priority info
set structured ip 192.168.5.109 format welf facility local0 priority info
set snmp trap 192.168.1.32 rocommunity public trapcommunity public syslocation Unknown syscontact youremail@email.com
set netflow ip none port 9996 templatep 100 templatem 60 flowflush 60
set proxy proxyip none proxyport 8080
set threshold create autoadjust yes
set threshold create bandwidthenable yes bandwidthrate 2
set threshold create packetrateenable yes packetraterate 2
set threshold create blockedprotocolenable yes blockedprotocolrate 2
set threshold create blockedstateenable yes blockedstaterate 5
set threshold create attackipenable yes attackiprate 2
set threshold create attacktcpenable yes attacktcprate 5
set threshold create attackudpenable yes attackudprate 2
set threshold create attackicmpenable yes attackicmprate 2
set threshold create attackotheripenable yes attackotheriprate 2
set threshold create attackfragmentenable yes attackfragmentrate 2
set threshold create badippacketenable yes badippacketrate 2
set threshold create badtcppacketenable yes badtcppacketrate 2
set threshold create badudppacketenable yes badudppacketrate 2
set threshold create badicmppacketenable yes badicmppacketrate 2
set threshold create badotherippacketenable yes badotherippacketrate 2
set threshold create overloadedipenable yes overloadediprate 2
set threshold alert bandwidthenable yes bandwidthrate 100
set threshold alert packetrateenable yes packetraterate 100
set threshold alert blockedprotocolenable yes blockedprotocolrate 100
set threshold alert blockedstateenable yes blockedstaterate 100
set threshold alert attackipenable yes attackiprate 100
set threshold alert attacktcpenable yes attacktcprate 100
set threshold alert attackudpenable yes attackudprate 100
set threshold alert attackicmpenable yes attackicmprate 100
set threshold alert attackotheripenable yes attackotheriprate 100
set threshold alert attackfragmentenable yes attackfragmentrate 100
set threshold alert badippacketenable yes badippacketrate 100
set threshold alert badtcppacketenable yes badtcppacketrate 100
set threshold alert badudppacketenable yes badudppacketrate 100
set threshold alert badicmppacketenable yes badicmppacketrate 100
set threshold alert badotherippacketenable yes badotherippacketrate 100
set threshold alert overloadedipenable yes overloadediprate 100
set threshold view bandwidthenable yes bandwidthrate 0
set threshold view packetrateenable yes packetraterate 0
set threshold view blockedprotocolenable yes blockedprotocolrate 0
set threshold view blockedstateenable yes blockedstaterate 0
set threshold view attackipenable yes attackiprate 0
set threshold view attacktcpenable yes attacktcprate 0
set threshold view attackudpenable yes attackudprate 0
set threshold view attackicmpenable yes attackicmprate 0
set threshold view attackotheripenable yes attackotheriprate 0
set threshold view attackfragmentenable yes attackfragmentrate 0
set threshold view badippacketenable yes badippacketrate 0
set threshold view badtcppacketenable yes badtcppacketrate 0
set threshold view badudppacketenable yes badudppacketrate 0
set threshold view badicmppacketenable yes badicmppacketrate 0
set threshold view badotherippacketenable yes badotherippacketrate 0
set threshold view overloadedipenable yes overloadediprate 0
set threshold offenders bandwidthenable yes bandwidthrate 10
set threshold offenders packetrateenable yes packetraterate 10
set threshold offenders blockedprotocolenable yes blockedprotocolrate 10
set threshold offenders blockedstateenable yes blockedstaterate 10
set threshold offenders attackipenable yes attackiprate 10
set threshold offenders attacktcpenable yes attacktcprate 10
set threshold offenders attackudpenable yes attackudprate 10
set threshold offenders attackicmpenable yes attackicmprate 10
set threshold offenders attackotheripenable yes attackotheriprate 10
set threshold offenders attackfragmentenable yes attackfragmentrate 10
set threshold offenders badippacketenable yes badippacketrate 10
set threshold offenders badtcppacketenable yes badtcppacketrate 10
set threshold offenders badudppacketenable yes badudppacketrate 10
set threshold offenders badicmppacketenable yes badicmppacketrate 10
set threshold offenders badotherippacketenable yes badotherippacketrate 10
set threshold offenders overloadedipenable yes overloadediprate 10
set debugging bandwidth no packetrate no blockedprotocol no blockedstate no attackip no attacktcp no attackudp no attackicmp no attackotherip no attackfragment no badippacket no badtcppacket no badudppacket no badicmppacket no badotherippacket no overloadedip no worstoffenders yes autoblacklist yes incidentdetail no
set incidents timeout 5 lifetime 60 threshold 60 logrefresh 60
set wrapper unwrap gtp no gre yes ip6in4 yes
set bgp peer ddos_secure 192.168.1.1 our_as 65500 neigh_ip 192.168.1.1 neigh_as 65500 lowertimer 300 autoinject no ratelimit 100K
set bgp peer ddos_secure 192.168.1.71 our_as 65500 neigh_ip 192.168.1.1 neigh_as 65500 lowertimer 60 autoinject yes ratelimit 96
