Seitenhistorie

Seiteneigenschaften

Deutsch

Beschreibung:

Das Add-In nimmt IPSec Konfigurationen auf der LANCOM R&S Unified Firewall vor und schaltet den VPN- Zugriff auf die CLI und das Webinterface über VPN frei.

Liste der verwendeten Variablen:

Variable	Beschreibung
localNetworkName	Name des lokalen IP-Netzwerks auf der Unified Firewall
localIPNetwork	Adressbereich des lokalen IP-Netzwerks auf der Unified Firewall
localVPNIdentity	VPN Identity der Unified Firewall
remoteGatewayAddress	WAN IP-Adresse des entfernten VPN Gateways
remoteIPNetwork	Adressbereich des entfernten IP-Netzwerks auf der Unified Firewall
remoteVPNIdentity	VPN Identity des entfernten VPN Gateways
vpnConnectionName	Name der VPN Verbindung
vpnPassword	Password der VPN Verbindung

Add-in Code:

/**
* @param {Config} config
* @param {Context} context
*
* Do not edit this comment or parameter types. Required for code suggestions.
*/
exports.main = function (config, context) {
const fwVersion = context.device.firmwareVersionObject;
const ufApi = config.getUfApi();
// VPN Configvariables
const localNetworkName = ""; //Name of the IP Network on the Firewall
const localIPNetwork = ""; //LAN IP Address Range of the Network on the Firewall
const localVPNIdentity = ""; // VPN Identity on the Unified Firewall
const remoteGatewayAddress = ""; // WAN Address of the Remote VPN Gateway
const remoteIPNetwork = ""; // LAN IP Address Range of the Remote VPN Gateway
const remoteVPNIdentity = ""; // VPN Identity of the Remote VPN Gateway
const vpnConnectionName = ""; // Name of the VPN Connection on the Unified Firewall
const vpnPassword = ""; // VPN Password on the Unified Firewall and the Remote VPN Gateway

if (fwVersion.major !== 10 || fwVersion.minor !== 13 || fwVersion.build !== 7038) {
config.warnLog(
"Add-In was originally created for an LCOS FX 10.13.7038RU6 API, but " +
"it is being applied to an LCOS FX " + context.device.firmwareVersionString +
" device. It might not work as expected."
);
}
// Activate IPSec Settings
ufApi.modifySettings(
'ipsec-settings',
{
"active": true,
}
);
// Create IPSecConnection
ufApi.createObject(
'ipsec-connections',
{
"name": vpnConnectionName,
"localAddresses": [],
"remoteAddresses": [remoteGatewayAddress],
"profile": ufApi.lookupField("ipsec-security-profiles", "uniqueId", { "name": "LANCOM LCOS Default IKEv2" }),
"localAuth": {
"method": "psk",
"dataPsk": vpnPassword,
"dataCert": "",
"dataCa": "",
"id": localVPNIdentity
},
"remoteAuth": {
"method": "psk",
"dataPsk": vpnPassword,
"dataCert": "",
"dataCa": "",
"id": remoteVPNIdentity,
"authMethodRound2": "none"
},
"localNetworkNames": [
localIPNetwork
],
"remoteNetworks": [
remoteIPNetwork
],
"pool": "",
"initiate": true,
"ike2CompatTunnels": true,
"forceUdpEncap": false,
"xfrmInterface": true,
"xfrmInterfaceMtu": 1400,
"trafficGroup": "",
"outgoingDscp": null,
"active": true,
"keyPassword": "********",
"networkConnection": ufApi.lookupField("connections", "uniqueId", { "name": "WAN" })
}
);
// Create a VPN Network
ufApi.createObject(
'vpnnetworks',
{
"name": vpnConnectionName,
"ipv4": "0.0.0.0",
"interface": "vpn",
"color": 7891540,
"layer": 0,
"top": 111,
"left": 222,
"icon": "vpn-network",
"type": "vpnnetwork",
"vpnconnection": {
"type": "ipsec",
"connectionid": ufApi.lookupField("ipsec-connections", "uniqueId", { "name": vpnConnectionName }),
"networkType": "all",
"networks": []
},
"description": "",
"tags": []
}
);
// Create Routing Rule
ufApi.createObject(
'routing-rules',
{
"priority": 514,
"selectorSourceIpv4address": "",
"selectorDestinationIpv4address": remoteIPNetwork,
"selectorInputInterface": null,
"selectorOutputInterface": null,
"selectorTos": 0,
"actionGoto": null,
"actionTable": 514,
"systemRule": false
}
);
// Create Routing Table
ufApi.createObject(
'routing-tables',
{
"table": 514,
"ipv4Routes": [
{
"ipv4DestAddress": remoteIPNetwork,
"ipv4Nexthops": [
{
"ipv4GatewayAddress": "",
"interface": "xfrm1",
"weight": 0
}
],
"active": true,
"ipv4PrefsrcAddress": "",
"metric": 0,
"systemRoute": false,
"type": "unicast"
}
]
}
);
// Lookup of Objects for the new Desktop Connection
var objectA = ufApi.lookup('networks', { name: localNetworkName });
var objectB = ufApi.lookup('vpnnetworks', { name: vpnConnectionName });
// Create new Desktop Connection
ufApi.createObject("desktop-connections", desktopConnection(
objectA,
objectB,
[
predefinedService("internet.http", "none", "both"),
predefinedService("internet.https", "none", "both"),
predefinedService("standard.ssh", "none", "both"),
predefinedService("standard.icmp", "none", "both"),
predefinedService("standard.ping", "none", "both")
]
));
// Enable SSH Access via VPN
ufApi.modifySettings(
'ssh-settings',
{
"active": true,
"port": 22,
"passwordAuth": true,
"sshKeys": [],
"accessList": [
{
"source": "LAN",
"active": true,
"readOnly": true,
"comment": "LAN_LABEL",
"uniqueId": "\u0002/model/ssh-settings\u0005accessList[?(@.source==\"LAN\")].uniqueId\u0003"
},
{
"source": "WAN",
"active": false,
"readOnly": true,
"comment": "WAN_LABEL",
"uniqueId": "\u0002/model/ssh-settings\u0005accessList[?(@.source==\"WAN\")].uniqueId\u0003"
},
{
"source": "VPN",
"active": true,
"readOnly": true,
"comment": "VPN_LABEL",
"uniqueId": "\u0002/model/ssh-settings\u0005accessList[?(@.source==\"VPN\")].uniqueId\u0003"
},
{
"source": "212.117.89.9/32",
"active": false,
"readOnly": false,
"comment": "LANCOM Customer Support 1",
"uniqueId": "8a9a8cb1-b554-460c-9049-5fefc29563f1"
},
{
"source": "217.6.21.90/32",
"active": false,
"readOnly": false,
"comment": "LANCOM Customer Support 2",
"uniqueId": "f8936fcb-d074-4e91-bb75-86308156d46c"
},
{
"source": "213.238.47.128/29",
"active": false,
"readOnly": false,
"comment": "LANCOM Customer Support 3",
"uniqueId": "dd32c120-d326-404a-91c0-15aa8407f841"
},
{
"source": "80.246.32.0/24",
"active": false,
"readOnly": false,
"comment": "Rohde & Schwarz Internet Gateway",
"uniqueId": "93615715-27f9-4013-af17-b228efe7158d"
},
{
"comment": "Private Networks Class C",
"active": true,
"source": "192.168.0.0/16",
"readOnly": false,
"uniqueId": "7697e59d-544d-49ec-8012-7cb94e037fde"
},
{
"comment": "Private Networks Class B",
"active": true,
"source": "172.16.0.0/12",
"readOnly": false,
"uniqueId": "427030a5-61a8-46e4-beed-751c9c032538"
},
{
"comment": "Private Network Class A",
"active": true,
"source": "10.0.0.0/8",
"readOnly": false,
"uniqueId": "7d6e12be-0c17-449d-a501-81d36e53eb47"
}
]
}
);
// Enable Webinterface Access via VPN
ufApi.modifySettings(
'webclient-settings',
{
"port": 3438,
"serverCertUid": ufApi.lookupField("certificates", "uniqueId", { "commonName": "LCOS FX Default Webserver Certificate" }),
"accessList": [
{
"source": "LAN",
"active": true,
"readOnly": true,
"comment": "LAN_LABEL",
"uniqueId": "\u0002/model/webclient-settings\u0005accessList[?(@.source==\"LAN\")].uniqueId\u0003"
},
{
"source": "WAN",
"active": false,
"readOnly": true,
"comment": "WAN_LABEL",
"uniqueId": "\u0002/model/webclient-settings\u0005accessList[?(@.source==\"WAN\")].uniqueId\u0003"
},
{
"source": "VPN",
"active": true,
"readOnly": true,
"comment": "VPN_LABEL",
"uniqueId": "\u0002/model/webclient-settings\u0005accessList[?(@.source==\"VPN\")].uniqueId\u0003"
},
{
"source": "212.117.89.9/32",
"active": false,
"readOnly": false,
"comment": "LANCOM Customer Support 1",
"uniqueId": "3b4eebb3-7b59-4ce4-9f6c-5ef0575de167"
},
{
"source": "217.6.21.90/32",
"active": false,
"readOnly": false,
"comment": "LANCOM Customer Support 2",
"uniqueId": "309031d8-bc4d-448f-94c7-cd62a6beb1a7"
},
{
"source": "213.238.47.128/29",
"active": false,
"readOnly": false,
"comment": "LANCOM Customer Support 3",
"uniqueId": "082b2264-d0d9-496a-9baa-6673d52cc195"
},
{
"source": "80.246.32.0/24",
"active": false,
"readOnly": false,
"comment": "Rohde & Schwarz Internet Gateway",
"uniqueId": "a158e8b6-02a2-4ec1-959c-8c6c7cfe6436"
},
{
"comment": "Private Networks Class C",
"active": true,
"source": "192.168.0.0/16",
"readOnly": false,
"uniqueId": "7725546c-5fca-43f2-8a05-37ee5b0d8aaa"
},
{
"comment": "Private Networks Class B",
"active": true,
"source": "172.16.0.0/12",
"readOnly": false,
"uniqueId": "0b226af3-bd03-478a-bd2b-70becd8faba3"
},
{
"comment": "Private Network Class A",
"active": true,
"source": "10.0.0.0/8",
"readOnly": false,
"uniqueId": "8edf833b-ded7-4618-8493-2d70c97b90fb"
}
]
}
);
// Functions
function desktopConnection(obja, objb, rules) {
const connectionDefinition = {
"objb": objb,
"appfilterRoutingProfiles": [],
"description": "",
"color": 1562591,
"rules": rules,
"obja": obja,
"natactive": "left",
"snatip": localIPNetwork,
"dmz": true,
"dmzip": localIPNetwork,
"points": [{ "x": 1350, "type": "linepoint", "y": 222 }, {
"x": 1350,
"type": "rulepoint",
"y": 282
}, { "x": 1320, "type": "linepoint", "y": 338 }],
"blockall": false,
"trafficshaping": [],
"webfiltersettings": [],
"applicationfilter": { "mode": "off", "activeprofiles": [] }
};
if (fwVersion.major === 10 && fwVersion.minor >= 8) {
delete connectionDefinition.trafficshaping;
connectionDefinition.trafficShaping = {
"trafficGroup": "",
"outgoingDscp": null
};
}
return connectionDefinition;
}
function userdefinedService(serviceName, natactive, action, externalIP) {
return service(
ufApi.lookup("userdefined-services", { name: serviceName }),
natactive,
action,
true,
externalIP
);
}
function predefinedService(serviceName, natactive, action, externalIP) {
return service(
ufApi.lookup("predefined-services", { name: serviceName }),
natactive,
action,
false,
externalIP
);
}
function service(lookup, natactive, action, editable, externalIP) {
const serviceDefinition = {
"uniqueId": lookup,
"dmz": false,
//"dmz": true,
//"dmzport": mapPort,
"dmzip": externalIP,
"natactive": natactive,
"editable": editable,
"timeranges": [{
"endweekday": 0,
"repeattype": "weekly",
"endtime": "23:59:59",
"starttime": "00:00:00",
"startweekday": 0
}, {
"endweekday": 1,
"repeattype": "weekly",
"endtime": "23:59:59",
"starttime": "00:00:00",
"startweekday": 1
}, {
"endweekday": 2,
"repeattype": "weekly",
"endtime": "23:59:59",
"starttime": "00:00:00",
"startweekday": 2
}, {
"endweekday": 3,
"repeattype": "weekly",
"endtime": "23:59:59",
"starttime": "00:00:00",
"startweekday": 3
}, {
"endweekday": 4,
"repeattype": "weekly",
"endtime": "23:59:59",
"starttime": "00:00:00",
"startweekday": 4
}, {
"endweekday": 5,
"repeattype": "weekly",
"endtime": "23:59:59",
"starttime": "00:00:00",
"startweekday": 5
}, {
"endweekday": 6,
"repeattype": "weekly",
"endtime": "23:59:59",
"starttime": "00:00:00",
"startweekday": 6
}],
"action": action,
"trafficshaping": [],
"log": false,
"applicationfilter": { "useconnection": true, "activeprofiles": [] }
};
if (fwVersion.major === 10 && fwVersion.minor >= 7) {
serviceDefinition.useConnection = true;
}
if (fwVersion.major === 10 && fwVersion.minor >= 8) {
delete serviceDefinition.trafficshaping;
serviceDefinition.useConnectionTrafficShaping = false;
serviceDefinition.trafficShaping = {
"trafficGroup": "",
"outgoingDscp": null
};
}
return serviceDefinition;
}
};

Add-in als JSON-Datei:

View file

name	LCOSFX-LCOS-IPsec.json
height	150

Englisch

Description:

The add-in performs IPSec configurations on the LANCOM R&S Unified Firewall and enables access to the CLI and the web interface via VPN.

List of used variables:

Variable	Description
localNetworkName	Name des lokalen IP-Netzwerks auf der of the local IP Network on the Unified Firewall
localIPNetwork	Adressbereich des lokalen IP-Netzwerks auf der Address Range of the local IP Network on the Unified Firewall
localVPNIdentity	VPN Identity of the Unified Firewall
remoteGatewayAddress	WAN IP-Address of the remote VPN Gateway
remoteIPNetwork	Address Range of the IP Network on the remote VPN Gateway
remoteVPNIdentity	VPN Identity of the remote VPN Gateway
vpnConnectionName	Name of the VPN Connection
vpnPassword	VPN Password

Add-in code:

/**
* @param {Config} config
* @param {Context} context
*
* Do not edit this comment or parameter types. Required for code suggestions.
*/
exports.main = function (config, context) {
const fwVersion = context.device.firmwareVersionObject;
const ufApi = config.getUfApi();
// VPN Configvariables
const localNetworkName = ""; //Name of the IP Network on the Firewall
const localIPNetwork = ""; //LAN IP Address Range of the Network on the Firewall
const localVPNIdentity = ""; // VPN Identity on the Unified Firewall
const remoteGatewayAddress = ""; // WAN Address of the Remote VPN Gateway
const remoteIPNetwork = ""; // LAN IP Address Range of the Remote VPN Gateway
const remoteVPNIdentity = ""; // VPN Identity of the Remote VPN Gateway
const vpnConnectionName = ""; // Name of the VPN Connection on the Unified Firewall
const vpnPassword = ""; // VPN Password on the Unified Firewall and the Remote VPN Gateway

if (fwVersion.major !== 10 || fwVersion.minor !== 13 || fwVersion.build !== 7038) {
config.warnLog(
"Add-In was originally created for an LCOS FX 10.13.7038RU6 API, but " +
"it is being applied to an LCOS FX " + context.device.firmwareVersionString +
" device. It might not work as expected."
);
}
// Activate IPSec Settings
ufApi.modifySettings(
'ipsec-settings',
{
"active": true,
}
);
// Create IPSecConnection
ufApi.createObject(
'ipsec-connections',
{
"name": vpnConnectionName,
"localAddresses": [],
"remoteAddresses": [remoteGatewayAddress],
"profile": ufApi.lookupField("ipsec-security-profiles", "uniqueId", { "name": "LANCOM LCOS Default IKEv2" }),
"localAuth": {
"method": "psk",
"dataPsk": vpnPassword,
"dataCert": "",
"dataCa": "",
"id": localVPNIdentity
},
"remoteAuth": {
"method": "psk",
"dataPsk": vpnPassword,
"dataCert": "",
"dataCa": "",
"id": remoteVPNIdentity,
"authMethodRound2": "none"
},
"localNetworkNames": [
localIPNetwork
],
"remoteNetworks": [
remoteIPNetwork
],
"pool": "",
"initiate": true,
"ike2CompatTunnels": true,
"forceUdpEncap": false,
"xfrmInterface": true,
"xfrmInterfaceMtu": 1400,
"trafficGroup": "",
"outgoingDscp": null,
"active": true,
"keyPassword": "********",
"networkConnection": ufApi.lookupField("connections", "uniqueId", { "name": "WAN" })
}
);
// Create a VPN Network
ufApi.createObject(
'vpnnetworks',
{
"name": vpnConnectionName,
"ipv4": "0.0.0.0",
"interface": "vpn",
"color": 7891540,
"layer": 0,
"top": 111,
"left": 222,
"icon": "vpn-network",
"type": "vpnnetwork",
"vpnconnection": {
"type": "ipsec",
"connectionid": ufApi.lookupField("ipsec-connections", "uniqueId", { "name": vpnConnectionName }),
"networkType": "all",
"networks": []
},
"description": "",
"tags": []
}
);
// Create Routing Rule
ufApi.createObject(
'routing-rules',
{
"priority": 514,
"selectorSourceIpv4address": "",
"selectorDestinationIpv4address": remoteIPNetwork,
"selectorInputInterface": null,
"selectorOutputInterface": null,
"selectorTos": 0,
"actionGoto": null,
"actionTable": 514,
"systemRule": false
}
);
// Create Routing Table
ufApi.createObject(
'routing-tables',
{
"table": 514,
"ipv4Routes": [
{
"ipv4DestAddress": remoteIPNetwork,
"ipv4Nexthops": [
{
"ipv4GatewayAddress": "",
"interface": "xfrm1",
"weight": 0
}
],
"active": true,
"ipv4PrefsrcAddress": "",
"metric": 0,
"systemRoute": false,
"type": "unicast"
}
]
}
);
// Lookup of Objects for the new Desktop Connection
var objectA = ufApi.lookup('networks', { name: localNetworkName });
var objectB = ufApi.lookup('vpnnetworks', { name: vpnConnectionName });
// Create new Desktop Connection
ufApi.createObject("desktop-connections", desktopConnection(
objectA,
objectB,
[
predefinedService("internet.http", "none", "both"),
predefinedService("internet.https", "none", "both"),
predefinedService("standard.ssh", "none", "both"),
predefinedService("standard.icmp", "none", "both"),
predefinedService("standard.ping", "none", "both")
]
));
// Enable SSH Access via VPN
ufApi.modifySettings(
'ssh-settings',
{
"active": true,
"port": 22,
"passwordAuth": true,
"sshKeys": [],
"accessList": [
{
"source": "LAN",
"active": true,
"readOnly": true,
"comment": "LAN_LABEL",
"uniqueId": "\u0002/model/ssh-settings\u0005accessList[?(@.source==\"LAN\")].uniqueId\u0003"
},
{
"source": "WAN",
"active": false,
"readOnly": true,
"comment": "WAN_LABEL",
"uniqueId": "\u0002/model/ssh-settings\u0005accessList[?(@.source==\"WAN\")].uniqueId\u0003"
},
{
"source": "VPN",
"active": true,
"readOnly": true,
"comment": "VPN_LABEL",
"uniqueId": "\u0002/model/ssh-settings\u0005accessList[?(@.source==\"VPN\")].uniqueId\u0003"
},
{
"source": "212.117.89.9/32",
"active": false,
"readOnly": false,
"comment": "LANCOM Customer Support 1",
"uniqueId": "8a9a8cb1-b554-460c-9049-5fefc29563f1"
},
{
"source": "217.6.21.90/32",
"active": false,
"readOnly": false,
"comment": "LANCOM Customer Support 2",
"uniqueId": "f8936fcb-d074-4e91-bb75-86308156d46c"
},
{
"source": "213.238.47.128/29",
"active": false,
"readOnly": false,
"comment": "LANCOM Customer Support 3",
"uniqueId": "dd32c120-d326-404a-91c0-15aa8407f841"
},
{
"source": "80.246.32.0/24",
"active": false,
"readOnly": false,
"comment": "Rohde & Schwarz Internet Gateway",
"uniqueId": "93615715-27f9-4013-af17-b228efe7158d"
},
{
"comment": "Private Networks Class C",
"active": true,
"source": "192.168.0.0/16",
"readOnly": false,
"uniqueId": "7697e59d-544d-49ec-8012-7cb94e037fde"
},
{
"comment": "Private Networks Class B",
"active": true,
"source": "172.16.0.0/12",
"readOnly": false,
"uniqueId": "427030a5-61a8-46e4-beed-751c9c032538"
},
{
"comment": "Private Network Class A",
"active": true,
"source": "10.0.0.0/8",
"readOnly": false,
"uniqueId": "7d6e12be-0c17-449d-a501-81d36e53eb47"
}
]
}
);
// Enable Webinterface Access via VPN
ufApi.modifySettings(
'webclient-settings',
{
"port": 3438,
"serverCertUid": ufApi.lookupField("certificates", "uniqueId", { "commonName": "LCOS FX Default Webserver Certificate" }),
"accessList": [
{
"source": "LAN",
"active": true,
"readOnly": true,
"comment": "LAN_LABEL",
"uniqueId": "\u0002/model/webclient-settings\u0005accessList[?(@.source==\"LAN\")].uniqueId\u0003"
},
{
"source": "WAN",
"active": false,
"readOnly": true,
"comment": "WAN_LABEL",
"uniqueId": "\u0002/model/webclient-settings\u0005accessList[?(@.source==\"WAN\")].uniqueId\u0003"
},
{
"source": "VPN",
"active": true,
"readOnly": true,
"comment": "VPN_LABEL",
"uniqueId": "\u0002/model/webclient-settings\u0005accessList[?(@.source==\"VPN\")].uniqueId\u0003"
},
{
"source": "212.117.89.9/32",
"active": false,
"readOnly": false,
"comment": "LANCOM Customer Support 1",
"uniqueId": "3b4eebb3-7b59-4ce4-9f6c-5ef0575de167"
},
{
"source": "217.6.21.90/32",
"active": false,
"readOnly": false,
"comment": "LANCOM Customer Support 2",
"uniqueId": "309031d8-bc4d-448f-94c7-cd62a6beb1a7"
},
{
"source": "213.238.47.128/29",
"active": false,
"readOnly": false,
"comment": "LANCOM Customer Support 3",
"uniqueId": "082b2264-d0d9-496a-9baa-6673d52cc195"
},
{
"source": "80.246.32.0/24",
"active": false,
"readOnly": false,
"comment": "Rohde & Schwarz Internet Gateway",
"uniqueId": "a158e8b6-02a2-4ec1-959c-8c6c7cfe6436"
},
{
"comment": "Private Networks Class C",
"active": true,
"source": "192.168.0.0/16",
"readOnly": false,
"uniqueId": "7725546c-5fca-43f2-8a05-37ee5b0d8aaa"
},
{
"comment": "Private Networks Class B",
"active": true,
"source": "172.16.0.0/12",
"readOnly": false,
"uniqueId": "0b226af3-bd03-478a-bd2b-70becd8faba3"
},
{
"comment": "Private Network Class A",
"active": true,
"source": "10.0.0.0/8",
"readOnly": false,
"uniqueId": "8edf833b-ded7-4618-8493-2d70c97b90fb"
}
]
}
);
// Functions
function desktopConnection(obja, objb, rules) {
const connectionDefinition = {
"objb": objb,
"appfilterRoutingProfiles": [],
"description": "",
"color": 1562591,
"rules": rules,
"obja": obja,
"natactive": "left",
"snatip": localIPNetwork,
"dmz": true,
"dmzip": localIPNetwork,
"points": [{ "x": 1350, "type": "linepoint", "y": 222 }, {
"x": 1350,
"type": "rulepoint",
"y": 282
}, { "x": 1320, "type": "linepoint", "y": 338 }],
"blockall": false,
"trafficshaping": [],
"webfiltersettings": [],
"applicationfilter": { "mode": "off", "activeprofiles": [] }
};
if (fwVersion.major === 10 && fwVersion.minor >= 8) {
delete connectionDefinition.trafficshaping;
connectionDefinition.trafficShaping = {
"trafficGroup": "",
"outgoingDscp": null
};
}
return connectionDefinition;
}
function userdefinedService(serviceName, natactive, action, externalIP) {
return service(
ufApi.lookup("userdefined-services", { name: serviceName }),
natactive,
action,
true,
externalIP
);
}
function predefinedService(serviceName, natactive, action, externalIP) {
return service(
ufApi.lookup("predefined-services", { name: serviceName }),
natactive,
action,
false,
externalIP
);
}
function service(lookup, natactive, action, editable, externalIP) {
const serviceDefinition = {
"uniqueId": lookup,
"dmz": false,
//"dmz": true,
//"dmzport": mapPort,
"dmzip": externalIP,
"natactive": natactive,
"editable": editable,
"timeranges": [{
"endweekday": 0,
"repeattype": "weekly",
"endtime": "23:59:59",
"starttime": "00:00:00",
"startweekday": 0
}, {
"endweekday": 1,
"repeattype": "weekly",
"endtime": "23:59:59",
"starttime": "00:00:00",
"startweekday": 1
}, {
"endweekday": 2,
"repeattype": "weekly",
"endtime": "23:59:59",
"starttime": "00:00:00",
"startweekday": 2
}, {
"endweekday": 3,
"repeattype": "weekly",
"endtime": "23:59:59",
"starttime": "00:00:00",
"startweekday": 3
}, {
"endweekday": 4,
"repeattype": "weekly",
"endtime": "23:59:59",
"starttime": "00:00:00",
"startweekday": 4
}, {
"endweekday": 5,
"repeattype": "weekly",
"endtime": "23:59:59",
"starttime": "00:00:00",
"startweekday": 5
}, {
"endweekday": 6,
"repeattype": "weekly",
"endtime": "23:59:59",
"starttime": "00:00:00",
"startweekday": 6
}],
"action": action,
"trafficshaping": [],
"log": false,
"applicationfilter": { "useconnection": true, "activeprofiles": [] }
};
if (fwVersion.major === 10 && fwVersion.minor >= 7) {
serviceDefinition.useConnection = true;
}
if (fwVersion.major === 10 && fwVersion.minor >= 8) {
delete serviceDefinition.trafficshaping;
serviceDefinition.useConnectionTrafficShaping = false;
serviceDefinition.trafficShaping = {
"trafficGroup": "",
"outgoingDscp": null
};
}
return serviceDefinition;
}
};

Add-in as JSON file:

View file

name	LCOSFX-LCOS-IPsec.json
height	150

...

Seitenhierarchie

Versionen im Vergleich

Alte Version 1

Neue Version Aktuell

Schlüssel